This patchset changes akcipher api to support ECDSA style signature verification. Augments x509 parser to make it work with EC-RDSA certificates. And finally implements EC-RDSA (GOST 34.10) signature verification. It is intended to use in IMA for appraisal. Tested on x86_64 with openssl+gost-engine generated certificates. Vitaly Chikunov (4): X.509: Parse public key parameters from x509 for akcipher akcipher: Introduce verify2 for public key algorithms KEYS: set correct flags for keyctl if encrypt is not supported crypto: Add EC-RDSA algorithm crypto/Kconfig | 63 ++-- crypto/Makefile | 5 +- crypto/asymmetric_keys/public_key.c | 74 +++-- crypto/asymmetric_keys/x509.asn1 | 2 +- crypto/asymmetric_keys/x509_cert_parser.c | 51 ++- crypto/ecc.c | 421 +++++++++++++++++++++++-- crypto/ecc.h | 162 +++++++++- crypto/ecc_curve_defs.h | 15 - crypto/ecrdsa.c | 494 ++++++++++++++++++++++++++++++ crypto/testmgr.c | 5 + crypto/testmgr.h | 3 + include/crypto/akcipher.h | 87 +++++- include/crypto/public_key.h | 4 + include/linux/oid_registry.h | 18 ++ 14 files changed, 1319 insertions(+), 85 deletions(-) create mode 100644 crypto/ecrdsa.c -- 2.11.0
