From 43909f61fa97f26c6a18d3660edd136756136f12 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@netgate.com>
Date: Mon, 25 Nov 2019 10:53:34 -0500
Subject: [PATCH] Support ECDSA Certificate Authorities

---
 src/OID.php      | 12 ++++++++++++
 src/X509_CRL.php |  2 --
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/OID.php b/src/OID.php
index 0fc47f3..1ea4db6 100644
--- a/src/OID.php
+++ b/src/OID.php
@@ -39,6 +39,13 @@ public static function getAlgoOID($cipher, $digest) {
 					default:
 						return false;
 				}
+			case OPENSSL_KEYTYPE_EC:
+				switch($digest) {
+					case OPENSSL_ALGO_SHA1:
+						return self::getOIDFromName('ecdsa-with-SHA1');
+					default:
+						return false;
+				}
 			case OPENSSL_KEYTYPE_DSA:
 				switch($digest) {
 					case OPENSSL_ALGO_SHA1:
@@ -100,6 +107,11 @@ public static function getAlgoOID($cipher, $digest) {
 		"1.2.840.113549.1.1.3" => "md4withRSAEncryption",
 		"1.2.840.113549.1.1.4" => "md5withRSAEncryption",
 		"1.2.840.113549.1.1.5" => "sha1withRSAEncryption",
+		//ec
+		"1.2.840.10045.4.1" => "ecdsa-with-SHA1",
+		"1.2.840.10045.4.3.2" => "ecdsa-with-sha256",
+		"1.2.840.10045.4.3.3" => "ecdsa-with-sha384",
+		"1.2.840.10045.4.3.4" => "ecdsa-with-sha512",
 		//Diffie-Hellman
 		"1.2.840.10046.2.1" => "dhPublicNumber",
 		
diff --git a/src/X509_CRL.php b/src/X509_CRL.php
index 85a1e34..f5b3367 100644
--- a/src/X509_CRL.php
+++ b/src/X509_CRL.php
@@ -72,8 +72,6 @@ static function create($ci, $ca_pkey, $ca_cert) {
 		if($ca_pkey_details === false)
 			return false;
 		$ca_pkey_type = $ca_pkey_details['type'];
-		if($ca_pkey_type == OPENSSL_KEYTYPE_EC || $ca_pkey_type == -1)
-			return false;
 		if(!in_array($ca_pkey_type, $algs_cipher))
 			return false;