diff mbox series

X.509: Support parsing certificate using SM2 algorithm

Message ID 20210712081352.23692-1-tianjia.zhang@linux.alibaba.com (mailing list archive)
State New
Headers show
Series X.509: Support parsing certificate using SM2 algorithm | expand

Commit Message

tianjia.zhang July 12, 2021, 8:13 a.m. UTC
The SM2-with-SM3 certificate generated by latest openssl no longer
reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
supports this type of x509 certificate parsing.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

tianjia.zhang Sept. 18, 2021, 2:25 a.m. UTC | #1
ping.

On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> The SM2-with-SM3 certificate generated by latest openssl no longer
> reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> supports this type of x509 certificate parsing.
> 
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> ---
>   crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> index 6d003096b5bc..6a945a6ce787 100644
> --- a/crypto/asymmetric_keys/x509_cert_parser.c
> +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
>   	case OID_gost2012PKey512:
>   		ctx->cert->pub->pkey_algo = "ecrdsa";
>   		break;
> +	case OID_sm2:
> +		ctx->cert->pub->pkey_algo = "sm2";
> +		break;
>   	case OID_id_ecPublicKey:
>   		if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
>   			return -EBADMSG;
>
Jarkko Sakkinen Sept. 21, 2021, 9:05 p.m. UTC | #2
On Sat, 2021-09-18 at 10:25 +0800, Tianjia Zhang wrote:
> ping.
> 
> On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> > The SM2-with-SM3 certificate generated by latest openssl no longer
> > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> > supports this type of x509 certificate parsing.
> > 
> > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> > ---
> >   crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
> >   1 file changed, 3 insertions(+)
> > 
> > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> > index 6d003096b5bc..6a945a6ce787 100644
> > --- a/crypto/asymmetric_keys/x509_cert_parser.c
> > +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
> >   	case OID_gost2012PKey512:
> >   		ctx->cert->pub->pkey_algo = "ecrdsa";
> >   		break;
> > +	case OID_sm2:
> > +		ctx->cert->pub->pkey_algo = "sm2";
> > +		break;
> >   	case OID_id_ecPublicKey:
> >   		if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
> >   			return -EBADMSG;
> > 

Acked-by: Jarkko Sakkinen <jarkko@kernel.org>

/Jarkko
tianjia.zhang June 17, 2022, 9:36 a.m. UTC | #3
Hi Jarkko,

> On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> > The SM2-with-SM3 certificate generated by latest openssl no longer
> > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> > supports this type of x509 certificate parsing.
> > 
> > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> > ---
> >   crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
> >   1 file changed, 3 insertions(+)
> > 
> > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> > index 6d003096b5bc..6a945a6ce787 100644
> > --- a/crypto/asymmetric_keys/x509_cert_parser.c
> > +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
> >    case OID_gost2012PKey512:
> >     ctx->cert->pub->pkey_algo = "ecrdsa";
> >     break;
> > + case OID_sm2:
> > +  ctx->cert->pub->pkey_algo = "sm2";
> > +  break;
> >    case OID_id_ecPublicKey:
> >     if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
> >      return -EBADMSG;
> > 
>
> Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> /Jarkko

Likewise, No response from David, can you pick this? thanks.

Best regards,
Tianjia
diff mbox series

Patch

diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index 6d003096b5bc..6a945a6ce787 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -496,6 +496,9 @@  int x509_extract_key_data(void *context, size_t hdrlen,
 	case OID_gost2012PKey512:
 		ctx->cert->pub->pkey_algo = "ecrdsa";
 		break;
+	case OID_sm2:
+		ctx->cert->pub->pkey_algo = "sm2";
+		break;
 	case OID_id_ecPublicKey:
 		if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
 			return -EBADMSG;