crypto: x509 - Add OID for NIST P521 and extend parser for it

Enable the x509 parser to accept NIST P521 certificates and add the
OID for ansip521r1, which is the identifier for NIST P521.

Cc: David Howells <dhowells@redhat.com>
Tested-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index bb0bffa271b53c69410b80d04364f0a6cdc86368..964208d1a35fb9d0772b51e3399425f32223f573 100644 (file)
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -546,6 +546,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
                case OID_id_ansip384r1:
                        ctx->cert->pub->pkey_algo = "ecdsa-nist-p384";
                        break;
+               case OID_id_ansip521r1:
+                       ctx->cert->pub->pkey_algo = "ecdsa-nist-p521";
+                       break;
                default:
                        return -ENOPKG;
                }

diff --git a/include/linux/oid_registry.h b/include/linux/oid_registry.h
index 51421fdbb0bad449e28d27d6b6238aac4b03690e..6f9242259edc48d9f5a541fb34c6b41a66e3cb10 100644 (file)
--- a/include/linux/oid_registry.h
+++ b/include/linux/oid_registry.h
@@ -69,6 +69,7 @@ enum OID {
        OID_certAuthInfoAccess,         /* 1.3.6.1.5.5.7.1.1 */
        OID_sha1,                       /* 1.3.14.3.2.26 */
        OID_id_ansip384r1,              /* 1.3.132.0.34 */
+       OID_id_ansip521r1,              /* 1.3.132.0.35 */
        OID_sha256,                     /* 2.16.840.1.101.3.4.2.1 */
        OID_sha384,                     /* 2.16.840.1.101.3.4.2.2 */
        OID_sha512,                     /* 2.16.840.1.101.3.4.2.3 */