Make oid_get_pk_alg handle EC algorithms
This commit is contained in:
parent
dffba8f63e
commit
5a9b82e234
4 changed files with 30 additions and 2 deletions
|
@ -61,6 +61,9 @@
|
||||||
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
|
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
|
||||||
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
|
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
|
||||||
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
|
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
|
||||||
|
#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
|
||||||
|
#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
|
||||||
|
OID_ORG_ANSI_X9_62
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ISO Identified organization OID parts
|
* ISO Identified organization OID parts
|
||||||
|
@ -70,6 +73,8 @@
|
||||||
#define OID_OIW_SECSIG OID_ORG_OIW "\x03"
|
#define OID_OIW_SECSIG OID_ORG_OIW "\x03"
|
||||||
#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02"
|
#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02"
|
||||||
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a"
|
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a"
|
||||||
|
#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
|
||||||
|
#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ISO ITU OID parts
|
* ISO ITU OID parts
|
||||||
|
@ -235,6 +240,19 @@
|
||||||
#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
|
#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
|
||||||
#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
|
#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* EC key algorithms from RFC 5420
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* id-ecPublicKey OBJECT IDENTIFIER ::= {
|
||||||
|
* iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */
|
||||||
|
#define OID_EC_ALG_UNRESTRICTED OID_ANSI_X9_62 "\x02\01"
|
||||||
|
|
||||||
|
/* id-ecDH OBJECT IDENTIFIER ::= {
|
||||||
|
* iso(1) identified-organization(3) certicom(132)
|
||||||
|
* schemes(1) ecdh(12) } */
|
||||||
|
#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c"
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -38,6 +38,8 @@ typedef enum {
|
||||||
POLARSSL_PK_NONE=0,
|
POLARSSL_PK_NONE=0,
|
||||||
POLARSSL_PK_RSA,
|
POLARSSL_PK_RSA,
|
||||||
POLARSSL_PK_ECDSA,
|
POLARSSL_PK_ECDSA,
|
||||||
|
POLARSSL_PK_ECKEY,
|
||||||
|
POLARSSL_PK_ECKEY_DH,
|
||||||
} pk_type_t;
|
} pk_type_t;
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
|
|
|
@ -59,7 +59,7 @@
|
||||||
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
|
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
|
||||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
|
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
|
||||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
|
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
|
||||||
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */
|
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA and EC are supported). */
|
||||||
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
|
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
|
||||||
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
|
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
|
||||||
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */
|
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */
|
||||||
|
|
|
@ -313,7 +313,7 @@ FN_OID_GET_OID_BY_ATTR2(oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, pk_t
|
||||||
#endif /* POLARSSL_MD_C */
|
#endif /* POLARSSL_MD_C */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* For PublicKeyInfo
|
* For PublicKeyInfo (PKCS1, RFC 5480)
|
||||||
*/
|
*/
|
||||||
typedef struct {
|
typedef struct {
|
||||||
oid_descriptor_t descriptor;
|
oid_descriptor_t descriptor;
|
||||||
|
@ -326,6 +326,14 @@ static const oid_pk_alg_t oid_pk_alg[] =
|
||||||
{ OID_PKCS1_RSA, "rsaEncryption", "RSA" },
|
{ OID_PKCS1_RSA, "rsaEncryption", "RSA" },
|
||||||
POLARSSL_PK_RSA,
|
POLARSSL_PK_RSA,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
{ OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey", "Generic EC key" },
|
||||||
|
POLARSSL_PK_ECKEY,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ OID_EC_ALG_ECDH, "id-ecDH", "EC key for ECDH" },
|
||||||
|
POLARSSL_PK_ECKEY_DH,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
{ NULL, NULL, NULL },
|
{ NULL, NULL, NULL },
|
||||||
0,
|
0,
|
||||||
|
|
Loading…
Reference in a new issue