Commit 3ba2ae36 authored by Stefan Berger's avatar Stefan Berger Committed by Herbert Xu
Browse files

crypto: x509 - Add OID for NIST P521 and extend parser for it 



Enable the x509 parser to accept NIST P521 certificates and add the
OID for ansip521r1, which is the identifier for NIST P521.

Cc: David Howells <dhowells@redhat.com>
Tested-by: default avatarLukas Wunner <lukas@wunner.de>
Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: default avatarStefan Berger <stefanb@linux.ibm.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 4dc50330

crypto/asymmetric_keys/x509_cert_parser.c

+3 −0
Original line number Diff line number Diff line
@@ -546,6 +546,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, 
		case OID_id_ansip384r1:

			ctx->cert->pub->pkey_algo = "ecdsa-nist-p384";

			break;

		case OID_id_ansip521r1:

			ctx->cert->pub->pkey_algo = "ecdsa-nist-p521";

			break;

		default:

			return -ENOPKG;

		}

include/linux/oid_registry.h

+1 −0
Original line number Diff line number Diff line
@@ -69,6 +69,7 @@ enum OID { 
	OID_certAuthInfoAccess,		/* 1.3.6.1.5.5.7.1.1 */

	OID_sha1,			/* 1.3.14.3.2.26 */

	OID_id_ansip384r1,		/* 1.3.132.0.34 */

	OID_id_ansip521r1,		/* 1.3.132.0.35 */

	OID_sha256,			/* 2.16.840.1.101.3.4.2.1 */

	OID_sha384,			/* 2.16.840.1.101.3.4.2.2 */

	OID_sha512,			/* 2.16.840.1.101.3.4.2.3 */