support explicit curves mapping to named curves

We now support loading EC keys with explicit encodings of named
curves.  This requires that the explicit curve encoding match
exactly (but allows the omission of the seed parameter to maintain
compatibility with the -no_seed OpenSSL flag). This is only supported
for secp256r1, secp384r1, secp521r1, and secp256k1 at this time.

This is not arbitrary explicit curve support; we still have no plans to
implement that.

This PR also updates MSRV to 1.83 as we need that version for
Option::unwrap() in const contexts.

Author: reaperhulk

.github/workflows/ci.yml

@@ -51,8 +51,7 @@ jobs:
           # - 1.77: offset_of! in std (for pyo3), c"str" literals (replace cstr_from_literal)
           # - 1.80: LazyLock in std
           # - 1.83: const context Option<T>::unwrap()
-          - {VERSION: "3.13", NOXSESSION: "rust,tests", RUST: "1.74.0"}
-          - {VERSION: "3.13", NOXSESSION: "rust,tests", RUST: "1.80.0"}
+          - {VERSION: "3.13", NOXSESSION: "rust,tests", RUST: "1.83.0"}
           - {VERSION: "3.13", NOXSESSION: "rust,tests", RUST: "beta"}
           - {VERSION: "3.13", NOXSESSION: "rust,tests", RUST: "nightly"}
           - {VERSION: "3.13", NOXSESSION: "tests-rust-debug"}

CHANGELOG.rst

@@ -9,6 +9,9 @@ Changelog
 .. note:: This version is not yet released and is under active development.
 
 * **BACKWARDS INCOMPATIBLE:** Support for Python 3.7 has been removed.
+* Updated the minimum supported Rust version (MSRV) to 1.83.0, from 1.74.0.
+* Added support for loading elliptic curve keys that contain explicit encodings
+  of the curves ``secp256r1``, ``secp384r1``, ``secp521r1``, and ``secp256k1``.
 * Removed the deprecated ``get_attribute_for_oid`` method on
   :class:`~cryptography.x509.CertificateSigningRequest`. Users should use
   :meth:`~cryptography.x509.Attributes.get_attribute_for_oid` instead.

Cargo.toml

@@ -17,7 +17,7 @@ authors = ["The cryptography developers <cryptography-dev@python.org>"]
 edition = "2021"
 publish = false
 # This specifies the MSRV
-rust-version = "1.74.0"
+rust-version = "1.83.0"
 license = "Apache-2.0 OR BSD-3-Clause"
 
 [workspace.dependencies]

docs/installation.rst

@@ -140,8 +140,8 @@ available<installation:Rust>`.
 
     .. warning::
 
-        For RHEL and CentOS you must be on version 8.10 or newer for the command
-        below to install a sufficiently new Rust. If your Rust is less than 1.74.0
+        For RHEL and CentOS you must be on version 9.6 or newer for the command
+        below to install a sufficiently new Rust. If your Rust is less than 1.83.0
         please see the :ref:`Rust installation instructions <installation:Rust>`
         for information about installing a newer Rust.
 
@@ -319,7 +319,7 @@ Rust
     a Rust toolchain.
 
 Building ``cryptography`` requires having a working Rust toolchain. The current
-minimum supported Rust version is 1.74.0. **This is newer than the Rust some
+minimum supported Rust version is 1.83.0. **This is newer than the Rust some
 package managers ship**, so users may need to install with the
 instructions below.
 

src/rust/cryptography-key-parsing/src/ec.rs

@@ -3,6 +3,7 @@
 // for complete details.
 
 use cryptography_x509::common::EcParameters;
+use cryptography_x509::ec_constants;
 
 use crate::{KeyParsingError, KeyParsingResult};
 
@@ -57,9 +58,37 @@ pub(crate) fn ec_params_to_group(
             Ok(openssl::ec::EcGroup::from_curve_name(curve_nid)
                 .map_err(|_| KeyParsingError::UnsupportedEllipticCurve(curve_oid.clone()))?)
         }
-        EcParameters::ImplicitCurve(_) | EcParameters::SpecifiedCurve(_) => {
-            Err(KeyParsingError::ExplicitCurveUnsupported)
+        EcParameters::SpecifiedCurve(params) => {
+            // We do not support arbitrary explicit curves. Instead we map values
+            // to named curves. This currently supports only P256, P384,
+            // P521, and SECP256K1. No binary curves are supported. Everything must
+            // match, except the seed may be omitted on NIST curves since OpenSSL
+            // has supported a -no_seed option for over 20 years and I don't want to
+            // figure out whether anyone uses that or not. No one should be using
+            // explicit curve encoding anyway. Curves were meant to be named!
+            let (curve_nid, oid) = match params {
+                &ec_constants::P256_DOMAIN | &ec_constants::P256_DOMAIN_NO_SEED => (
+                    openssl::nid::Nid::X9_62_PRIME256V1,
+                    cryptography_x509::oid::EC_SECP256R1,
+                ),
+                &ec_constants::P384_DOMAIN | &ec_constants::P384_DOMAIN_NO_SEED => (
+                    openssl::nid::Nid::SECP384R1,
+                    cryptography_x509::oid::EC_SECP384R1,
+                ),
+                &ec_constants::P521_DOMAIN | &ec_constants::P521_DOMAIN_NO_SEED => (
+                    openssl::nid::Nid::SECP521R1,
+                    cryptography_x509::oid::EC_SECP521R1,
+                ),
+                &ec_constants::SECP256K1_DOMAIN => (
+                    openssl::nid::Nid::SECP256K1,
+                    cryptography_x509::oid::EC_SECP256K1,
+                ),
+                _ => return Err(KeyParsingError::ExplicitCurveUnsupported),
+            };
+            Ok(openssl::ec::EcGroup::from_curve_name(curve_nid)
+                .map_err(|_| KeyParsingError::UnsupportedEllipticCurve(oid))?)
         }
+        EcParameters::ImplicitCurve(_) => Err(KeyParsingError::ExplicitCurveUnsupported),
     }
 }
 

src/rust/cryptography-x509-verification/src/policy/extension.rs

@@ -607,11 +607,11 @@ mod ca {
             let permitted_subtrees_empty = name_constraints
                 .permitted_subtrees
                 .as_ref()
-                .map_or(true, |pst| pst.is_empty());
+                .is_none_or(|pst| pst.is_empty());
             let excluded_subtrees_empty = name_constraints
                 .excluded_subtrees
                 .as_ref()
-                .map_or(true, |est| est.is_empty());
+                .is_none_or(|est| est.is_empty());
 
             if permitted_subtrees_empty && excluded_subtrees_empty {
                 return Err(ValidationError::new(ValidationErrorKind::Other(

src/rust/cryptography-x509/src/common.rs

@@ -449,7 +449,59 @@ pub const PSS_SHA512_MASK_GEN_ALG: MaskGenAlgorithm<'_> = MaskGenAlgorithm {
 pub enum EcParameters<'a> {
     NamedCurve(asn1::ObjectIdentifier),
     ImplicitCurve(asn1::Null),
-    SpecifiedCurve(asn1::Sequence<'a>),
+    SpecifiedCurve(SpecifiedECDomain<'a>),
+}
+
+// From RFC 3279 Section 2.3.5 and RFC 5480 Appendix A
+// SpecifiedECDomain ::= SEQUENCE {
+//   version           ECPVer,
+//   fieldID           FieldID,
+//   curve             Curve,
+//   base              ECPoint,
+//   order             INTEGER,
+//   cofactor          INTEGER OPTIONAL
+// }
+#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, Clone, Eq, PartialEq, Debug)]
+pub struct SpecifiedECDomain<'a> {
+    pub version: u8,
+    pub field_id: FieldID<'a>,
+    pub curve: Curve<'a>,
+    pub base: &'a [u8], // ECPoint can be compressed or uncompressed
+    pub order: asn1::BigUint<'a>,
+    pub cofactor: Option<u8>,
+}
+
+// From RFC 3279 Section 2.3.5
+// FieldID ::= SEQUENCE {
+//   fieldType   FIELD-TYPE.&id({SupportedFieldTypes}),
+//   parameters  FIELD-TYPE.&Type({SupportedFieldTypes}{@fieldType})
+// }
+#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, Clone, PartialEq, Eq, Debug)]
+pub struct FieldID<'a> {
+    pub field_type: asn1::DefinedByMarker<asn1::ObjectIdentifier>,
+    #[defined_by(field_type)]
+    pub parameters: FieldParameters<'a>,
+}
+
+#[derive(asn1::Asn1DefinedByRead, asn1::Asn1DefinedByWrite, Hash, Clone, PartialEq, Eq, Debug)]
+pub enum FieldParameters<'a> {
+    #[defined_by(oid::PRIME_FIELD_OID)]
+    PrimeField(asn1::BigUint<'a>),
+    #[defined_by(oid::CHARACTERISTIC_TWO_FIELD_OID)]
+    CharacteristicTwo(asn1::Tlv<'a>),
+}
+
+// From RFC 3279 Section 2.3.5
+// Curve ::= SEQUENCE {
+//   a         FieldElement,
+//   b         FieldElement,
+//   seed      BIT STRING OPTIONAL
+// }
+#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, Clone, PartialEq, Eq, Debug)]
+pub struct Curve<'a> {
+    pub a: &'a [u8], // FieldElement
+    pub b: &'a [u8], // FieldElement
+    pub seed: Option<asn1::BitString<'a>>,
 }
 
 // From RFC 4055 section 3.1:

src/rust/cryptography-x509/src/ec_constants.rs

@@ -0,0 +1,142 @@
+// This file is dual licensed under the terms of the Apache License, Version
+// 2.0, and the BSD License. See the LICENSE file in the root of this repository
+// for complete details.
+
+use crate::common::{Curve, FieldID, FieldParameters, SpecifiedECDomain};
+
+const P256_FIELD: FieldID<'static> = FieldID {
+    field_type: asn1::DefinedByMarker::marker(),
+    parameters: FieldParameters::PrimeField(asn1::BigUint::new(b"\x00\xff\xff\xff\xff\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff").unwrap()),
+};
+const P256_CURVE_A: &[u8; 32] = b"\xff\xff\xff\xff\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfc";
+const P256_CURVE_B: &[u8; 32] = b"\x5a\xc6\x35\xd8\xaa\x3a\x93\xe7\xb3\xeb\xbd\x55\x76\x98\x86\xbc\x65\x1d\x06\xb0\xcc\x53\xb0\xf6\x3b\xce\x3c\x3e\x27\xd2\x60\x4b";
+const P256_SEED: asn1::BitString<'static> = asn1::BitString::new(
+    b"\xc4\x9d\x36\x08\x86\xe7\x04\x93\x6a\x66\x78\xe1\x13\x9d\x26\xb7\x81\x9f\x7e\x90",
+    0,
+)
+.unwrap();
+const P256_UNCOMPRESSED_BASE: &[u8; 65] = b"\x04\x6b\x17\xd1\xf2\xe1\x2c\x42\x47\xf8\xbc\xe6\xe5\x63\xa4\x40\xf2\x77\x03\x7d\x81\x2d\xeb\x33\xa0\xf4\xa1\x39\x45\xd8\x98\xc2\x96\x4f\xe3\x42\xe2\xfe\x1a\x7f\x9b\x8e\xe7\xeb\x4a\x7c\x0f\x9e\x16\x2b\xce\x33\x57\x6b\x31\x5e\xce\xcb\xb6\x40\x68\x37\xbf\x51\xf5";
+const P256_ORDER: asn1::BigUint<'static> = asn1::BigUint::new(b"\x00\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xbc\xe6\xfa\xad\xa7\x17\x9e\x84\xf3\xb9\xca\xc2\xfc\x63\x25\x51").unwrap();
+
+pub const P256_DOMAIN: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P256_FIELD,
+    curve: Curve {
+        a: P256_CURVE_A,
+        b: P256_CURVE_B,
+        seed: Some(P256_SEED),
+    },
+    base: P256_UNCOMPRESSED_BASE,
+    order: P256_ORDER,
+    cofactor: Some(1),
+};
+
+pub const P256_DOMAIN_NO_SEED: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P256_FIELD,
+    curve: Curve {
+        a: P256_CURVE_A,
+        b: P256_CURVE_B,
+        seed: None,
+    },
+    base: P256_UNCOMPRESSED_BASE,
+    order: P256_ORDER,
+    cofactor: Some(1),
+};
+
+const P384_FIELD: FieldID<'static> = FieldID {
+    field_type: asn1::DefinedByMarker::marker(),
+    parameters: FieldParameters::PrimeField(asn1::BigUint::new(b"\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff").unwrap()),
+};
+const P384_CURVE_A: &[u8; 48] = b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfc";
+const P384_CURVE_B: &[u8; 48] = b"\xb3\x31\x2f\xa7\xe2\x3e\xe7\xe4\x98\x8e\x05\x6b\xe3\xf8\x2d\x19\x18\x1d\x9c\x6e\xfe\x81\x41\x12\x03\x14\x08\x8f\x50\x13\x87\x5a\xc6\x56\x39\x8d\x8a\x2e\xd1\x9d\x2a\x85\xc8\xed\xd3\xec\x2a\xef";
+const P384_SEED: asn1::BitString<'static> = asn1::BitString::new(
+    b"\xa3\x35\x92\x6a\xa3\x19\xa2\x7a\x1d\x00\x89\x6a\x67\x73\xa4\x82\x7a\xcd\xac\x73",
+    0,
+)
+.unwrap();
+const P384_UNCOMPRESSED_BASE: &[u8; 97] = b"\x04\xaa\x87\xca\x22\xbe\x8b\x05\x37\x8e\xb1\xc7\x1e\xf3\x20\xad\x74\x6e\x1d\x3b\x62\x8b\xa7\x9b\x98\x59\xf7\x41\xe0\x82\x54\x2a\x38\x55\x02\xf2\x5d\xbf\x55\x29\x6c\x3a\x54\x5e\x38\x72\x76\x0a\xb7\x36\x17\xde\x4a\x96\x26\x2c\x6f\x5d\x9e\x98\xbf\x92\x92\xdc\x29\xf8\xf4\x1d\xbd\x28\x9a\x14\x7c\xe9\xda\x31\x13\xb5\xf0\xb8\xc0\x0a\x60\xb1\xce\x1d\x7e\x81\x9d\x7a\x43\x1d\x7c\x90\xea\x0e\x5f";
+const P384_ORDER: asn1::BigUint<'static> = asn1::BigUint::new(b"\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xc7\x63\x4d\x81\xf4\x37\x2d\xdf\x58\x1a\x0d\xb2\x48\xb0\xa7\x7a\xec\xec\x19\x6a\xcc\xc5\x29\x73").unwrap();
+
+pub const P384_DOMAIN: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P384_FIELD,
+    curve: Curve {
+        a: P384_CURVE_A,
+        b: P384_CURVE_B,
+        seed: Some(P384_SEED),
+    },
+    base: P384_UNCOMPRESSED_BASE,
+    order: P384_ORDER,
+    cofactor: Some(1),
+};
+
+pub const P384_DOMAIN_NO_SEED: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P384_FIELD,
+    curve: Curve {
+        a: P384_CURVE_A,
+        b: P384_CURVE_B,
+        seed: None,
+    },
+    base: P384_UNCOMPRESSED_BASE,
+    order: P384_ORDER,
+    cofactor: Some(1),
+};
+
+const P521_FIELD: FieldID<'static> = FieldID {
+    field_type: asn1::DefinedByMarker::marker(),
+    parameters: FieldParameters::PrimeField(asn1::BigUint::new(b"\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff").unwrap()),
+};
+const P521_CURVE_A: &[u8; 66] = b"\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfc";
+const P521_CURVE_B: &[u8; 66] = b"\x00\x51\x95\x3e\xb9\x61\x8e\x1c\x9a\x1f\x92\x9a\x21\xa0\xb6\x85\x40\xee\xa2\xda\x72\x5b\x99\xb3\x15\xf3\xb8\xb4\x89\x91\x8e\xf1\x09\xe1\x56\x19\x39\x51\xec\x7e\x93\x7b\x16\x52\xc0\xbd\x3b\xb1\xbf\x07\x35\x73\xdf\x88\x3d\x2c\x34\xf1\xef\x45\x1f\xd4\x6b\x50\x3f\x00";
+const P521_SEED: asn1::BitString<'static> = asn1::BitString::new(
+    b"\xd0\x9e\x88\x00\x29\x1c\xb8\x53\x96\xcc\x67\x17\x39\x32\x84\xaa\xa0\xda\x64\xba",
+    0,
+)
+.unwrap();
+const P521_UNCOMPRESSED_BASE: &[u8; 133] = b"\x04\x00\xc6\x85\x8e\x06\xb7\x04\x04\xe9\xcd\x9e\x3e\xcb\x66\x23\x95\xb4\x42\x9c\x64\x81\x39\x05\x3f\xb5\x21\xf8\x28\xaf\x60\x6b\x4d\x3d\xba\xa1\x4b\x5e\x77\xef\xe7\x59\x28\xfe\x1d\xc1\x27\xa2\xff\xa8\xde\x33\x48\xb3\xc1\x85\x6a\x42\x9b\xf9\x7e\x7e\x31\xc2\xe5\xbd\x66\x01\x18\x39\x29\x6a\x78\x9a\x3b\xc0\x04\x5c\x8a\x5f\xb4\x2c\x7d\x1b\xd9\x98\xf5\x44\x49\x57\x9b\x44\x68\x17\xaf\xbd\x17\x27\x3e\x66\x2c\x97\xee\x72\x99\x5e\xf4\x26\x40\xc5\x50\xb9\x01\x3f\xad\x07\x61\x35\x3c\x70\x86\xa2\x72\xc2\x40\x88\xbe\x94\x76\x9f\xd1\x66\x50";
+const P521_ORDER: asn1::BigUint<'static> = asn1::BigUint::new(b"\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfa\x51\x86\x87\x83\xbf\x2f\x96\x6b\x7f\xcc\x01\x48\xf7\x09\xa5\xd0\x3b\xb5\xc9\xb8\x89\x9c\x47\xae\xbb\x6f\xb7\x1e\x91\x38\x64\x09").unwrap();
+
+pub const P521_DOMAIN: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P521_FIELD,
+    curve: Curve {
+        a: P521_CURVE_A,
+        b: P521_CURVE_B,
+        seed: Some(P521_SEED),
+    },
+    base: P521_UNCOMPRESSED_BASE,
+    order: P521_ORDER,
+    cofactor: Some(1),
+};
+
+pub const P521_DOMAIN_NO_SEED: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: P521_FIELD,
+    curve: Curve {
+        a: P521_CURVE_A,
+        b: P521_CURVE_B,
+        seed: None,
+    },
+    base: P521_UNCOMPRESSED_BASE,
+    order: P521_ORDER,
+    cofactor: Some(1),
+};
+
+// There is no seed for this curve so we don't need to create two domains like the previous curves
+pub const SECP256K1_DOMAIN: SpecifiedECDomain<'static> = SpecifiedECDomain {
+    version: 1,
+    field_id: FieldID {
+        field_type: asn1::DefinedByMarker::marker(),
+        parameters: FieldParameters::PrimeField(asn1::BigUint::new(b"\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xfc\x2f").unwrap()),
+    },
+    curve: Curve {
+        a: b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        b: b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07",
+        seed: None,
+    },
+    base: b"\x04\x79\xbe\x66\x7e\xf9\xdc\xbb\xac\x55\xa0\x62\x95\xce\x87\x0b\x07\x02\x9b\xfc\xdb\x2d\xce\x28\xd9\x59\xf2\x81\x5b\x16\xf8\x17\x98\x48\x3a\xda\x77\x26\xa3\xc4\x65\x5d\xa4\xfb\xfc\x0e\x11\x08\xa8\xfd\x17\xb4\x48\xa6\x85\x54\x19\x9c\x47\xd0\x8f\xfb\x10\xd4\xb8",
+    order: asn1::BigUint::new(b"\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xba\xae\xdc\xe6\xaf\x48\xa0\x3b\xbf\xd2\x5e\x8c\xd0\x36\x41\x41").unwrap(),
+    cofactor: Some(1),
+};

src/rust/cryptography-x509/src/lib.rs

@@ -10,6 +10,7 @@ pub mod certificate;
 pub mod common;
 pub mod crl;
 pub mod csr;
+pub mod ec_constants;
 pub mod extensions;
 pub mod name;
 pub mod ocsp_req;

src/rust/cryptography-x509/src/oid.rs

@@ -173,3 +173,6 @@ pub const HMAC_WITH_SHA224_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 1
 pub const HMAC_WITH_SHA256_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 113549, 2, 9);
 pub const HMAC_WITH_SHA384_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 113549, 2, 10);
 pub const HMAC_WITH_SHA512_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 113549, 2, 11);
+
+pub const PRIME_FIELD_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 10045, 1, 1);
+pub const CHARACTERISTIC_TWO_FIELD_OID: asn1::ObjectIdentifier = asn1::oid!(1, 2, 840, 10045, 1, 2);