[PATCH 3/4] crypto: pkcs8 parser support ECDSA private keys
From: Ignat Korchagin
Date: Thu Sep 08 2022 - 16:01:49 EST
From: lei he <helei.sig11@xxxxxxxxxxxxx>
Make pkcs8_private_key_parser can identify ECDSA private keys.
Signed-off-by: lei he <helei.sig11@xxxxxxxxxxxxx>
Signed-off-by: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
---
crypto/asymmetric_keys/pkcs8.asn1 | 2 +-
crypto/asymmetric_keys/pkcs8_parser.c | 45 +++++++++++++++++++++++++--
2 files changed, 43 insertions(+), 4 deletions(-)
diff --git a/crypto/asymmetric_keys/pkcs8.asn1 b/crypto/asymmetric_keys/pkcs8.asn1
index 702c41a3c713..1791ddf4168a 100644
--- a/crypto/asymmetric_keys/pkcs8.asn1
+++ b/crypto/asymmetric_keys/pkcs8.asn1
@@ -20,5 +20,5 @@ Attribute ::= ANY
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER ({ pkcs8_note_OID }),
- parameters ANY OPTIONAL
+ parameters ANY OPTIONAL ({ pkcs8_note_algo_parameter })
}
diff --git a/crypto/asymmetric_keys/pkcs8_parser.c b/crypto/asymmetric_keys/pkcs8_parser.c
index 105dcce27f71..e507c635ead5 100644
--- a/crypto/asymmetric_keys/pkcs8_parser.c
+++ b/crypto/asymmetric_keys/pkcs8_parser.c
@@ -24,6 +24,8 @@ struct pkcs8_parse_context {
enum OID algo_oid; /* Algorithm OID */
u32 key_size;
const void *key;
+ const void *algo_param;
+ u32 algo_param_len;
};
/*
@@ -47,6 +49,17 @@ int pkcs8_note_OID(void *context, size_t hdrlen,
return 0;
}
+int pkcs8_note_algo_parameter(void *context, size_t hdrlen,
+ unsigned char tag,
+ const void *value, size_t vlen)
+{
+ struct pkcs8_parse_context *ctx = context;
+
+ ctx->algo_param = value;
+ ctx->algo_param_len = vlen;
+ return 0;
+}
+
/*
* Note the version number of the ASN.1 blob.
*/
@@ -69,11 +82,37 @@ int pkcs8_note_algo(void *context, size_t hdrlen,
const void *value, size_t vlen)
{
struct pkcs8_parse_context *ctx = context;
-
- if (ctx->last_oid != OID_rsaEncryption)
+ enum OID curve_id;
+
+ switch (ctx->last_oid) {
+ case OID_id_ecPublicKey:
+ if (!ctx->algo_param || ctx->algo_param_len == 0)
+ return -EBADMSG;
+ curve_id = look_up_OID(ctx->algo_param, ctx->algo_param_len);
+
+ switch (curve_id) {
+ case OID_id_prime192v1:
+ ctx->pub->pkey_algo = "ecdsa-nist-p192";
+ break;
+ case OID_id_prime256v1:
+ ctx->pub->pkey_algo = "ecdsa-nist-p256";
+ break;
+ case OID_id_ansip384r1:
+ ctx->pub->pkey_algo = "ecdsa-nist-p384";
+ break;
+ default:
+ return -ENOPKG;
+ }
+ break;
+
+ case OID_rsaEncryption:
+ ctx->pub->pkey_algo = "rsa";
+ break;
+
+ default:
return -ENOPKG;
+ }
- ctx->pub->pkey_algo = "rsa";
return 0;
}
--
2.36.1