diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-26 15:20:38 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-17 17:08:01 +0200 |
| commit | 650dad4e18f458f60a2cdb43be32356753ed6518 (patch) | |
| tree | 308661634af506842f12c709f3ab669d6be1cd7c /lib/x509/common.c | |
| parent | f7bc8c6eea0f0fc9d02cfd22fe9fea364061ee37 (diff) | |
| download | gnutls-650dad4e18f458f60a2cdb43be32356753ed6518.tar.gz | |
Added support for EdDSA (Ed25519) curve keys
This adds support for draft-ietf-curdle-pkix-04.
Resolves #25
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/x509/common.c')
| -rw-r--r-- | lib/x509/common.c | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index a07b0ec5ed..b1be062c54 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1036,13 +1036,13 @@ _gnutls_x509_encode_and_copy_PKI_params(ASN1_TYPE dst, pk_algorithm, gnutls_pk_params_st * params) { - const char *pk; + const char *oid; gnutls_datum_t der = { NULL, 0 }; int result; char name[128]; - pk = gnutls_pk_get_oid(pk_algorithm); - if (pk == NULL) { + oid = gnutls_pk_get_oid(pk_algorithm); + if (oid == NULL) { gnutls_assert(); return GNUTLS_E_UNKNOWN_PK_ALGORITHM; } @@ -1052,7 +1052,7 @@ _gnutls_x509_encode_and_copy_PKI_params(ASN1_TYPE dst, _asnstr_append_name(name, sizeof(name), dst_name, ".algorithm.algorithm"); - result = asn1_write_value(dst, name, pk, 1); + result = asn1_write_value(dst, name, oid, 1); if (result != ASN1_SUCCESS) { gnutls_assert(); return _gnutls_asn2err(result); @@ -1141,17 +1141,16 @@ _gnutls_x509_encode_PKI_params(gnutls_datum_t * der, */ int _gnutls_x509_get_pk_algorithm(ASN1_TYPE src, const char *src_name, + gnutls_ecc_curve_t *curve, unsigned int *bits) { int result; int algo; char oid[64]; int len; - gnutls_pk_params_st params; + gnutls_ecc_curve_t lcurve = GNUTLS_ECC_CURVE_INVALID; char name[128]; - gnutls_pk_params_init(¶ms); - _asnstr_append_name(name, sizeof(name), src_name, ".algorithm.algorithm"); len = sizeof(oid); @@ -1162,26 +1161,36 @@ _gnutls_x509_get_pk_algorithm(ASN1_TYPE src, const char *src_name, return _gnutls_asn2err(result); } - algo = gnutls_oid_to_pk(oid); + algo = _gnutls_oid_to_pk_and_curve(oid, &lcurve); if (algo == GNUTLS_PK_UNKNOWN) { _gnutls_debug_log ("%s: unknown public key algorithm: %s\n", __func__, oid); } + if (curve) + *curve = lcurve; + if (bits == NULL) { return algo; } /* Now read the parameters' bits */ - result = _gnutls_get_asn_mpis(src, src_name, ¶ms); - if (result < 0) - return gnutls_assert_val(result); + if (lcurve != GNUTLS_ECC_CURVE_INVALID) { /* curve present */ + bits[0] = gnutls_ecc_curve_get_size(lcurve)*8; + } else { + gnutls_pk_params_st params; + gnutls_pk_params_init(¶ms); - bits[0] = pubkey_to_bits(algo, ¶ms); + result = _gnutls_get_asn_mpis(src, src_name, ¶ms); + if (result < 0) + return gnutls_assert_val(result); + + bits[0] = pubkey_to_bits(algo, ¶ms); + gnutls_pk_params_release(¶ms); + } - gnutls_pk_params_release(¶ms); return algo; } |