The SM2-with-SM3 certificate generated by latest openssl no longer
reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
supports this type of x509 certificate parsing.
Signed-off-by: Tianjia Zhang <[email protected]>
---
crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
index 6d003096b5bc..6a945a6ce787 100644
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
case OID_gost2012PKey512:
ctx->cert->pub->pkey_algo = "ecrdsa";
break;
+ case OID_sm2:
+ ctx->cert->pub->pkey_algo = "sm2";
+ break;
case OID_id_ecPublicKey:
if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
return -EBADMSG;
--
2.19.1.3.ge56e4f7
ping.
On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> The SM2-with-SM3 certificate generated by latest openssl no longer
> reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> supports this type of x509 certificate parsing.
>
> Signed-off-by: Tianjia Zhang <[email protected]>
> ---
> crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> index 6d003096b5bc..6a945a6ce787 100644
> --- a/crypto/asymmetric_keys/x509_cert_parser.c
> +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
> case OID_gost2012PKey512:
> ctx->cert->pub->pkey_algo = "ecrdsa";
> break;
> + case OID_sm2:
> + ctx->cert->pub->pkey_algo = "sm2";
> + break;
> case OID_id_ecPublicKey:
> if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
> return -EBADMSG;
>
On Sat, 2021-09-18 at 10:25 +0800, Tianjia Zhang wrote:
> ping.
>
> On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> > The SM2-with-SM3 certificate generated by latest openssl no longer
> > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> > supports this type of x509 certificate parsing.
> >
> > Signed-off-by: Tianjia Zhang <[email protected]>
> > ---
> > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> > index 6d003096b5bc..6a945a6ce787 100644
> > --- a/crypto/asymmetric_keys/x509_cert_parser.c
> > +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
> > case OID_gost2012PKey512:
> > ctx->cert->pub->pkey_algo = "ecrdsa";
> > break;
> > + case OID_sm2:
> > + ctx->cert->pub->pkey_algo = "sm2";
> > + break;
> > case OID_id_ecPublicKey:
> > if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
> > return -EBADMSG;
> >
Acked-by: Jarkko Sakkinen <[email protected]>
/Jarkko
Hi Jarkko,
> On 7/12/21 4:13 PM, Tianjia Zhang wrote:
> > The SM2-with-SM3 certificate generated by latest openssl no longer
> > reuses the OID_id_ecPublicKey, but directly uses OID_sm2. This patch
> > supports this type of x509 certificate parsing.
> >
> > Signed-off-by: Tianjia Zhang <[email protected]>
> > ---
> > crypto/asymmetric_keys/x509_cert_parser.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c
> > index 6d003096b5bc..6a945a6ce787 100644
> > --- a/crypto/asymmetric_keys/x509_cert_parser.c
> > +++ b/crypto/asymmetric_keys/x509_cert_parser.c
> > @@ -496,6 +496,9 @@ int x509_extract_key_data(void *context, size_t hdrlen,
> > case OID_gost2012PKey512:
> > ctx->cert->pub->pkey_algo = "ecrdsa";
> > break;
> > + case OID_sm2:
> > + ctx->cert->pub->pkey_algo = "sm2";
> > + break;
> > case OID_id_ecPublicKey:
> > if (parse_OID(ctx->params, ctx->params_size, &oid) != 0)
> > return -EBADMSG;
> >
>
> Acked-by: Jarkko Sakkinen <[email protected]>
>
> /Jarkko
Likewise, No response from David, can you pick this? thanks.
Best regards,
Tianjia