ECCurve friendly names are not cross platform

[eiriktsarpalis]

Consider the following reproduction on Linux:

using System.Security.Cryptography;

[Theory]
[InlineData("nistP256")]   // fails
[InlineData("secp256r1")]  // fails
[InlineData("ECDSA_P256")] // passes
public static void Repro(string curveFriendlyName)
{
    var ecParameters = new ECParameters()
    {
        Curve = ECCurve.CreateFromFriendlyName(curveFriendlyName),
        Q = new ECPoint()
        {
            X = "65eda5a12577c2bae829437fe338701a10aaa375e1bb5b5de108de439c08551d".HexToByteArray(),
            Y = "1e52ed75701163f7f9e40ddf9f341b3dc9ba860af7e0ca7ca7e9eecd0084d19c".HexToByteArray(),
        },
    };

    ECDsa ecDsa = ECDsa.Create(ecParameters);
}

The first two identifiers will fail with the following exception:

System.PlatformNotSupportedException : The specified curve 'secp256r1' or its parameters are not valid for this platform.
Stack Trace:
    /home/eirik/devel/dotnet/runtime/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EcDsa.ImportExport.cs(37,0): at Interop.Crypto.EcKeyCreateByKeyParameters(String oid, Byte[] qx, Int32 qxLength, Byte[] qy, Int32 qyLength, Byte[] d, Int32 dLength)
    /home/eirik/devel/dotnet/runtime/src/libraries/Common/src/System/Security/Cryptography/ECOpenSsl.ImportExport.cs(115,0): at System.Security.Cryptography.ECOpenSsl.ImportNamedCurveParameters(ECParameters parameters)
    /home/eirik/devel/dotnet/runtime/src/libraries/Common/src/System/Security/Cryptography/ECOpenSsl.ImportExport.cs(33,0): at System.Security.Cryptography.ECOpenSsl.ImportParameters(ECParameters parameters)
    /home/eirik/devel/dotnet/runtime/src/libraries/Common/src/System/Security/Cryptography/ECDsaOpenSsl.cs(317,0): at System.Security.Cryptography.ECDsaImplementation.ECDsaOpenSsl.ImportParameters(ECParameters parameters)
    /home/eirik/devel/dotnet/runtime/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/ECDsaOpenSsl.cs(37,0): at System.Security.Cryptography.ECDsa.Create(ECParameters parameters)
    /home/eirik/devel/dotnet/runtime/src/libraries/System.Security.Cryptography.Encoding/tests/Cbor.Tests/CborWriterTests.cs(303,0): at System.Formats.Cbor.Tests.CborWriterTests.Repro(String curveFriendlyName)

Note that all three identifiers are recognized on Windows, so we should probably attempt to do the same in the OpenSSL implementation for the sake of consistency?

[ghost]

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq
Notify danmosemsft if you want to be subscribed.

[eiriktsarpalis]

Realted to #36002

[vcsjones]

Some more common names could be added to the static lookup table in OidLookup.cs but there will always be platform differences for what are accepted as friendly names since this API defers to CAPI / OpenSSL. For example, "prime256v1" will work on Linux but fail on Windows in your test case.

[bartonjs]

I think that "prime256v1" is unique to OpenSSL, so I'm OK with leaving it out. (Or including it, whichever).

the secpXXXr1 and nistPXXX variants should be added to the static table, though. They're in a big, official-looking document of the Win10 supported curves by name and OID.

[vcsjones]

They're in a big, official-looking document of the Win10 supported curves by name and OID.

Is this document public? If so I can go through it and backfill the lookup table with whatever is missing unless one of y'all wanted to this.

[bartonjs]

https://docs.microsoft.com/en-us/windows/win32/seccng/cng-named-elliptic-curves

But I think we only need to do special work for the "original 3" curves; after those everything seems to have only ever gotten one name, so it'll either map (and work) or is unknown to the receiving OS (and won't).