Make oid_get_pk_alg handle EC algorithms
diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h
index e63c169..d9a1f8f 100644
--- a/include/polarssl/oid.h
+++ b/include/polarssl/oid.h
@@ -61,6 +61,9 @@
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
+#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
+ OID_ORG_ANSI_X9_62
/*
* ISO Identified organization OID parts
@@ -70,6 +73,8 @@
#define OID_OIW_SECSIG OID_ORG_OIW "\x03"
#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02"
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a"
+#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
+#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM
/*
* ISO ITU OID parts
@@ -235,6 +240,19 @@
#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
+/*
+ * EC key algorithms from RFC 5420
+ */
+
+/* id-ecPublicKey OBJECT IDENTIFIER ::= {
+ * iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */
+#define OID_EC_ALG_UNRESTRICTED OID_ANSI_X9_62 "\x02\01"
+
+/* id-ecDH OBJECT IDENTIFIER ::= {
+ * iso(1) identified-organization(3) certicom(132)
+ * schemes(1) ecdh(12) } */
+#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c"
+
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index d9639ee..169753d 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@@ -38,6 +38,8 @@
POLARSSL_PK_NONE=0,
POLARSSL_PK_RSA,
POLARSSL_PK_ECDSA,
+ POLARSSL_PK_ECKEY,
+ POLARSSL_PK_ECKEY_DH,
} pk_type_t;
#ifdef __cplusplus
diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h
index 9f4fc9f..62c8a93 100644
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@@ -59,7 +59,7 @@
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
-#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */
+#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA and EC are supported). */
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */