crypto: x509 - Add OID for NIST P521 and extend parser for it

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Enable the x509 parser to accept NIST P521 certificates and add the
OID for ansip521r1, which is the identifier for NIST P521.

Cc: David Howells <dhowells@redhat.com>
Tested-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Stefan Berger and committed by

Herbert Xu 2 years ago 3ba2ae36 4dc50330

2 changed files

expand all

crypto

asymmetric_keys

x509_cert_parser.c

include

linux

oid_registry.h

crypto/asymmetric_keys/x509_cert_parser.c

··· 546 546 case OID_id_ansip384r1: 547 547 ctx->cert->pub->pkey_algo = "ecdsa-nist-p384"; 548 548 break; 549 + case OID_id_ansip521r1: 550 + ctx->cert->pub->pkey_algo = "ecdsa-nist-p521"; 551 + break; 549 552 default: 550 553 return -ENOPKG; 551 554 }

include/linux/oid_registry.h

··· 69 69 OID_certAuthInfoAccess, /* 1.3.6.1.5.5.7.1.1 */ 70 70 OID_sha1, /* 1.3.14.3.2.26 */ 71 71 OID_id_ansip384r1, /* 1.3.132.0.34 */ 72 + OID_id_ansip521r1, /* 1.3.132.0.35 */ 72 73 OID_sha256, /* 2.16.840.1.101.3.4.2.1 */ 73 74 OID_sha384, /* 2.16.840.1.101.3.4.2.2 */ 74 75 OID_sha512, /* 2.16.840.1.101.3.4.2.3 */