Message ID | 20210305005203.3547587-9-stefanb@linux.vnet.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Add support for x509 certs with NIST P384/256/192 keys | expand |
On Thu, Mar 04, 2021 at 07:52:02PM -0500, Stefan Berger wrote: > From: Saulo Alessandre <saulo.alessandre@tse.jus.br> > > * crypto/asymmetric_keys/x509_cert_parser.c > - prepare x509 parser to load nist_secp384r1 > > * include/linux/oid_registry.h > - add OID_id_secp384r1 > > Signed-off-by: Saulo Alessandre <saulo.alessandre@tse.jus.br> > Tested-by: Stefan Berger <stefanb@linux.ibm.com> Yet another "diffstat". /Jarkko > --- > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ > include/linux/oid_registry.h | 1 + > 2 files changed, 4 insertions(+) > > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c > index f5d547c6dfb5..526c6a407e07 100644 > --- a/crypto/asymmetric_keys/x509_cert_parser.c > +++ b/crypto/asymmetric_keys/x509_cert_parser.c > @@ -510,6 +510,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, > case OID_id_prime256v1: > ctx->cert->pub->pkey_algo = "ecdsa-nist-p256"; > break; > + case OID_id_secp384r1: > + ctx->cert->pub->pkey_algo = "ecdsa-nist-p384"; > + break; > default: > return -ENOPKG; > } > diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h > index 3583908cf1ca..d656450dfc66 100644 > --- a/include/linux/oid_registry.h > +++ b/include/linux/oid_registry.h > @@ -64,6 +64,7 @@ enum OID { > > OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ > OID_sha1, /* 1.3.14.3.2.26 */ > + OID_id_secp384r1, /* 1.3.132.0.34 */ > OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ > OID_sha384, /* 2.16.840.1.101.3.4.2.2 */ > OID_sha512, /* 2.16.840.1.101.3.4.2.3 */ > -- > 2.29.2 > >
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index f5d547c6dfb5..526c6a407e07 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -510,6 +510,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, case OID_id_prime256v1: ctx->cert->pub->pkey_algo = "ecdsa-nist-p256"; break; + case OID_id_secp384r1: + ctx->cert->pub->pkey_algo = "ecdsa-nist-p384"; + break; default: return -ENOPKG; } diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h index 3583908cf1ca..d656450dfc66 100644 --- a/include/linux/oid_registry.h +++ b/include/linux/oid_registry.h @@ -64,6 +64,7 @@ enum OID { OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ OID_sha1, /* 1.3.14.3.2.26 */ + OID_id_secp384r1, /* 1.3.132.0.34 */ OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ OID_sha384, /* 2.16.840.1.101.3.4.2.2 */ OID_sha512, /* 2.16.840.1.101.3.4.2.3 */