aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDenis Kenzior <denkenz@gmail.com>2022-07-06 14:57:15 -0500
committerDenis Kenzior <denkenz@gmail.com>2022-07-26 20:44:00 -0500
commit16718a115de7655e8d16f56533a682f9a8927d7b (patch)
treec4dac859b5c9264afd1b172aafc22f6283b458b5
parenteffd7dc86a52efe9f1c713fc6a76415f39877bce (diff)
cert/key: Add support for EC based certificates
Mostly for use with Elliptic Curve (EC) Digital Signature Algorithm (DSA) based certificates. Other combinations of EC + signature algorithms are also possible. This requires your kernel to be built with CRYPTO_ECDSA support.
Diffstat
-rw-r--r--ell/cert.c18
-rw-r--r--ell/cert.h1
-rw-r--r--ell/key.c1
-rw-r--r--ell/key.h1
4 files changed, 19 insertions, 2 deletions
diff --git a/ell/cert.c b/ell/cert.c
index 141ea1ce..a1581424 100644
--- a/ell/cert.c
+++ b/ell/cert.c
@@ -77,7 +77,15 @@ static const struct pkcs1_encryption_oid {
} pkcs1_encryption_oids[] = {
{ /* rsaEncryption */
L_CERT_KEY_RSA,
- { 9, { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 } },
+ { .asn1_len = 9, .asn1 = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 }
+ },
+ },
+ { /* ecPublicKey */
+ L_CERT_KEY_ECC,
+ { .asn1_len = 7, .asn1 = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01 }
+ },
},
};
@@ -261,8 +269,14 @@ LIB_EXPORT struct l_key *l_cert_get_pubkey(struct l_cert *cert)
return NULL;
/* Use kernel's ASN.1 certificate parser to find the key data for us */
- if (cert->pubkey_type == L_CERT_KEY_RSA)
+ switch (cert->pubkey_type) {
+ case L_CERT_KEY_RSA:
return l_key_new(L_KEY_RSA, cert->asn1, cert->asn1_len);
+ case L_CERT_KEY_ECC:
+ return l_key_new(L_KEY_ECC, cert->asn1, cert->asn1_len);
+ case L_CERT_KEY_UNKNOWN:
+ break;
+ }
return NULL;
}
diff --git a/ell/cert.h b/ell/cert.h
index 605e427c..f637588e 100644
--- a/ell/cert.h
+++ b/ell/cert.h
@@ -36,6 +36,7 @@ struct l_certchain;
enum l_cert_key_type {
L_CERT_KEY_RSA,
+ L_CERT_KEY_ECC,
L_CERT_KEY_UNKNOWN,
};
diff --git a/ell/key.c b/ell/key.c
index b28bf4db..73f38581 100644
--- a/ell/key.c
+++ b/ell/key.c
@@ -108,6 +108,7 @@ struct l_keyring {
static const char * const key_type_names[] = {
[L_KEY_RAW] = "user",
[L_KEY_RSA] = "asymmetric",
+ [L_KEY_ECC] = "asymmetric",
};
static long kernel_add_key(const char *type, const char *description,
diff --git a/ell/key.h b/ell/key.h
index d25d0938..f26f7ecb 100644
--- a/ell/key.h
+++ b/ell/key.h
@@ -45,6 +45,7 @@ enum l_key_feature {
enum l_key_type {
L_KEY_RAW = 0,
L_KEY_RSA,
+ L_KEY_ECC,
};
enum l_keyring_restriction {
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-22 09:49:10 +0000