Skip to content

Add brainpoolP320r1 elliptic curve#14906

Open
sfarestam-iproov wants to merge 1 commit into
pyca:mainfrom
sfarestam-iproov:brainpool-p224-p320-named-curves
Open

Add brainpoolP320r1 elliptic curve#14906
sfarestam-iproov wants to merge 1 commit into
pyca:mainfrom
sfarestam-iproov:brainpool-p224-p320-named-curves

Conversation

@sfarestam-iproov
Copy link
Copy Markdown

@sfarestam-iproov sfarestam-iproov commented May 26, 2026
edited
Loading

Summary

Add brainpoolP320r1 as a named elliptic curve. It is defined in RFC 5639 and fully supported by OpenSSL (NID 929).

Motivation

ICAO Doc 9303 (the international standard for machine-readable travel documents / ePassports), Part 12, Section 4.1.6.3 recommends BSI TR-03111 for elliptic curve selection. TR-03111 includes brainpoolP320r1 as an approved curve for ePassport use.

This curve is deployed in production:

  • Netherlands uses brainpoolP320r1 for DG15 Active Authentication keys in ePassport documents

Addressing #4767

I'm aware that a generic request to add Brainpool curves was declined in #4767 as lacking a concrete use case. This request is different: it is driven by a specific international standard (ICAO 9303), backed by real-world data from production ePassport PKI deployments.

Security

brainpoolP320r1 provides 160-bit security, between secp256r1 and secp384r1. ICAO considers it adequate for ePassport documents with 10-year validity.

What this PR does

  • Adds BrainpoolP320R1 curve class to the Python API (ec.py)
  • Adds OID constant to oid.rs (1.3.36.3.3.2.8.1.1.9)
  • Adds NID mappings in the Rust key-parsing and backend modules (ec.rs), gated behind #[cfg(not(any(CRYPTOGRAPHY_IS_BORINGSSL, CRYPTOGRAPHY_IS_AWSLC)))]
  • Registers curve in _CURVE_TYPES, _OID_TO_CURVE, and EllipticCurveOID

What this PR does NOT do

  • Does not add brainpoolP224r1 (deferred — requires NID addition to the openssl Rust crate first)
  • Does not add explicit-parameter-to-named-curve mapping (that is handled separately in Support explicit EC parameters for Brainpool curves #14905)
  • Does not change any behavior for BoringSSL or AWS-LC builds

References

  • RFC 5639 — Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation
  • ICAO Doc 9303 Part 12 — Public Key Infrastructure for MRTDs (Section 4.1.6.3)
  • BSI TR-03111 v2.10 — Elliptic Curve Cryptography (recommended by ICAO 9303)
  • Dutch CSCA Master List — from the country using brainpoolP320r1
  • #4767 — previous curve addition request (rejected for lack of concrete use case)
  • #14905 — companion PR adding explicit parameter mapping for existing Brainpool curves

@sfarestam-iproov
Add brainpoolP320r1 elliptic curve
6350b87 
Add brainpoolP320r1 (320-bit, OID 1.3.36.3.3.2.8.1.1.9) from RFC 5639.
This curve is fully supported by OpenSSL (NID 929) and used by the
Netherlands for DG15 Active Authentication keys in ePassport documents
per ICAO 9303.

brainpoolP224r1 is deferred as it requires a NID addition to the
openssl Rust crate first.
@sfarestam-iproov sfarestam-iproov force-pushed the brainpool-p224-p320-named-curves branch from 0b12d33 to 6350b87 Compare May 26, 2026 14:53
@sfarestam-iproov sfarestam-iproov changed the title Add brainpoolP224r1 and brainpoolP320r1 elliptic curves Add brainpoolP320r1 elliptic curve May 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sfarestam-iproov