From c26fd69fa00916a31a47f5f096fd7be924106df8 Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 24 Sep 2012 17:11:48 +0100 Subject: X.509: Add a crypto key parser for binary (DER) X.509 certificates Add a crypto key parser for binary (DER) encoded X.509 certificates. The certificate is parsed and, if possible, the signature is verified. An X.509 key can be added like this: # keyctl padd crypto bar @s Signed-off-by: Rusty Russell --- crypto/asymmetric_keys/Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'crypto/asymmetric_keys/Kconfig') diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig index 561759d6a65f..6d2c2ea12559 100644 --- a/crypto/asymmetric_keys/Kconfig +++ b/crypto/asymmetric_keys/Kconfig @@ -25,4 +25,14 @@ config PUBLIC_KEY_ALGO_RSA help This option enables support for the RSA algorithm (PKCS#1, RFC3447). +config X509_CERTIFICATE_PARSER + tristate "X.509 certificate parser" + depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE + select ASN1 + select OID_REGISTRY + help + This option procides support for parsing X.509 format blobs for key + data and provides the ability to instantiate a crypto key from a + public key packet found inside the certificate. + endif # ASYMMETRIC_KEY_TYPE -- cgit v1.2.3