Message ID | 20210712081352.23692-1-tianjia.zhang@linux.alibaba.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | X.509: Support parsing certificate using SM2 algorithm | expand |
ping. On 7/12/21 4:13 PM, Tianjia Zhang wrote: > The SM2-with-SM3 certificate generated by latest openssl no longer > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch > supports this type of x509 certificate parsing. > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > --- > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c > index 6d003096b5bc..6a945a6ce787 100644 > --- a/crypto/asymmetric_keys/x509_cert_parser.c > +++ b/crypto/asymmetric_keys/x509_cert_parser.c > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, > case OID_gost2012PKey512: > ctx->cert->pub->pkey_algo = "ecrdsa"; > break; > + case OID_sm2: > + ctx->cert->pub->pkey_algo = "sm2"; > + break; > case OID_id_ecPublicKey: > if (parse_OID(ctx->params, ctx->params_size, &oid) != 0) > return -EBADMSG; >
On Sat, 2021-09-18 at 10:25 +0800, Tianjia Zhang wrote: > ping. > > On 7/12/21 4:13 PM, Tianjia Zhang wrote: > > The SM2-with-SM3 certificate generated by latest openssl no longer > > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch > > supports this type of x509 certificate parsing. > > > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > > --- > > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c > > index 6d003096b5bc..6a945a6ce787 100644 > > --- a/crypto/asymmetric_keys/x509_cert_parser.c > > +++ b/crypto/asymmetric_keys/x509_cert_parser.c > > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, > > case OID_gost2012PKey512: > > ctx->cert->pub->pkey_algo = "ecrdsa"; > > break; > > + case OID_sm2: > > + ctx->cert->pub->pkey_algo = "sm2"; > > + break; > > case OID_id_ecPublicKey: > > if (parse_OID(ctx->params, ctx->params_size, &oid) != 0) > > return -EBADMSG; > > Acked-by: Jarkko Sakkinen <jarkko@kernel.org> /Jarkko
Hi Jarkko, > On 7/12/21 4:13 PM, Tianjia Zhang wrote: > > The SM2-with-SM3 certificate generated by latest openssl no longer > > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch > > supports this type of x509 certificate parsing. > > > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> > > --- > > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c > > index 6d003096b5bc..6a945a6ce787 100644 > > --- a/crypto/asymmetric_keys/x509_cert_parser.c > > +++ b/crypto/asymmetric_keys/x509_cert_parser.c > > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, > > case OID_gost2012PKey512: > > ctx->cert->pub->pkey_algo = "ecrdsa"; > > break; > > + case OID_sm2: > > + ctx->cert->pub->pkey_algo = "sm2"; > > + break; > > case OID_id_ecPublicKey: > > if (parse_OID(ctx->params, ctx->params_size, &oid) != 0) > > return -EBADMSG; > > > > Acked-by: Jarkko Sakkinen <jarkko@kernel.org> > > /Jarkko Likewise, No response from David, can you pick this? thanks. Best regards, Tianjia
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 6d003096b5bc..6a945a6ce787 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen, case OID_gost2012PKey512: ctx->cert->pub->pkey_algo = "ecrdsa"; break; + case OID_sm2: + ctx->cert->pub->pkey_algo = "sm2"; + break; case OID_id_ecPublicKey: if (parse_OID(ctx->params, ctx->params_size, &oid) != 0) return -EBADMSG;
The SM2-with-SM3 certificate generated by latest openssl no longer reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch supports this type of x509 certificate parsing. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> --- crypto/asymmetric_keys/x509_cert_parser.c | 3 +++ 1 file changed, 3 insertions(+)