Allow the semi-standard but rarely used 1.3.132.1.12 OID for ECDH keys

on decoding by default, and add a comment showing how to enable it for encoding.
author: lloyd <[email protected]> 2012-02-21 22:55:27 +0000
committer: lloyd <[email protected]> 2012-02-21 22:55:27 +0000
commit: 51125f18bbea71640523eb628ae0e595cb826544 (patch)
tree: 53427a00441b1f363d0f05e07a35261525826faa /src/libstate
parent: e5a1b8c4392b5383af133591cb9238fb8c1b4516 (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp
index f91eed1d8..7abea7d4d 100644
--- a/src/libstate/policy.cpp
+++ b/src/libstate/policy.cpp
@@ -37,7 +37,19 @@ void set_default_oids(Library_State& config)
    add_oid(config, "1.3.6.1.4.1.3029.1.2.1", "ElGamal");
    add_oid(config, "1.3.6.1.4.1.25258.1.1", "RW");
    add_oid(config, "1.3.6.1.4.1.25258.1.2", "NR");
-   add_oid(config, "1.2.840.10045.2.1", "ECDSA"); // X9.62
+
+   // X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5)
+   add_oid(config, "1.2.840.10045.2.1", "ECDSA");
+
+   /*
+   * This is an OID defined for ECDH keys though rarely used for such.
+   * In this configuration it is accepted on decoding, but not used for
+   * encoding. You can enable it for encoding by calling
+   *    global_state().set("str2oid", "ECDH", "1.3.132.1.12")
+   * from your application code.
+   */
+   config.set("oid2str", "1.3.132.1.12", "ECDH");
+
    add_oid(config, "1.2.643.2.2.19", "GOST-34.10"); // RFC 4491
 
    /* Ciphers */
author	lloyd <[email protected]>	2012-02-21 22:55:27 +0000
committer	lloyd <[email protected]>	2012-02-21 22:55:27 +0000
commit	51125f18bbea71640523eb628ae0e595cb826544 (patch)
tree	53427a00441b1f363d0f05e07a35261525826faa /src/libstate
parent	e5a1b8c4392b5383af133591cb9238fb8c1b4516 (diff)