f1774cb895
Some public key algorithms (like EC-DSA) keep in parameters field
important data such as digest and curve OIDs (possibly more for
different EC-DSA variants). Thus, just setting a public key (as
for RSA) is not enough.
Append parameters into the key stream for akcipher_set_{pub,priv}_key.
Appended data is: (u32) algo OID, (u32) parameters length, parameters
data.
This does not affect current akcipher API nor RSA ciphers (they could
ignore it). Idea of appending parameters to the key stream is by Herbert
Xu.
Cc: David Howells <dhowells@redhat.com>
Cc: Denis Kenzior <denkenz@gmail.com>
Cc: keyrings@vger.kernel.org
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Denis Kenzior <denkenz@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
61 lines
1.7 KiB
Groff
61 lines
1.7 KiB
Groff
Certificate ::= SEQUENCE {
|
|
tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }),
|
|
signatureAlgorithm AlgorithmIdentifier,
|
|
signature BIT STRING ({ x509_note_signature })
|
|
}
|
|
|
|
TBSCertificate ::= SEQUENCE {
|
|
version [ 0 ] Version DEFAULT,
|
|
serialNumber CertificateSerialNumber ({ x509_note_serial }),
|
|
signature AlgorithmIdentifier ({ x509_note_pkey_algo }),
|
|
issuer Name ({ x509_note_issuer }),
|
|
validity Validity,
|
|
subject Name ({ x509_note_subject }),
|
|
subjectPublicKeyInfo SubjectPublicKeyInfo,
|
|
issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
|
|
subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
|
|
extensions [ 3 ] Extensions OPTIONAL
|
|
}
|
|
|
|
Version ::= INTEGER
|
|
CertificateSerialNumber ::= INTEGER
|
|
|
|
AlgorithmIdentifier ::= SEQUENCE {
|
|
algorithm OBJECT IDENTIFIER ({ x509_note_OID }),
|
|
parameters ANY OPTIONAL ({ x509_note_params })
|
|
}
|
|
|
|
Name ::= SEQUENCE OF RelativeDistinguishedName
|
|
|
|
RelativeDistinguishedName ::= SET OF AttributeValueAssertion
|
|
|
|
AttributeValueAssertion ::= SEQUENCE {
|
|
attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
|
|
attributeValue ANY ({ x509_extract_name_segment })
|
|
}
|
|
|
|
Validity ::= SEQUENCE {
|
|
notBefore Time ({ x509_note_not_before }),
|
|
notAfter Time ({ x509_note_not_after })
|
|
}
|
|
|
|
Time ::= CHOICE {
|
|
utcTime UTCTime,
|
|
generalTime GeneralizedTime
|
|
}
|
|
|
|
SubjectPublicKeyInfo ::= SEQUENCE {
|
|
algorithm AlgorithmIdentifier,
|
|
subjectPublicKey BIT STRING ({ x509_extract_key_data })
|
|
}
|
|
|
|
UniqueIdentifier ::= BIT STRING
|
|
|
|
Extensions ::= SEQUENCE OF Extension
|
|
|
|
Extension ::= SEQUENCE {
|
|
extnid OBJECT IDENTIFIER ({ x509_note_OID }),
|
|
critical BOOLEAN DEFAULT,
|
|
extnValue OCTET STRING ({ x509_process_extension })
|
|
}
|