P-521 with aws-lc-rs #1666
Description
Checklist
- I've searched the issue tracker for similar requests
#933 was closed with reference to the pluggable crypto providers. But aws-lc-rs is now supported but without P-521 support.
Is your feature request related to a problem? Please describe.
rustls should support certificates signed with P-521 when using the aws-lc-rs backend.
Describe the solution you'd like
When using rustls with default options and the aws-lc-rs provider, P-521 signatures should get verified correctly.
Describe alternatives you've considered
I'm not aware of any alternatives. Support for P-521 could be opt in, but currently there is no way to do this either.
Additional context
AIUI aws-lc-rs has support for P-521 but the necessary constants are not defined in the webpki crate and the scheme is not part of the SUPPORTED_SIG_ALGS constant in the aws-lc-rs backend.