Commit f0ef20bf authored by Marek Klein's avatar Marek Klein Committed by Richard Levitte
Browse files

Added support for ESSCertIDv2 



Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771)
parent 0e534337

apps/openssl-vms.cnf

+2 −0
Original line number Diff line number Diff line
@@ -344,3 +344,5 @@ tsa_name = yes # Must the TSA name be included in the reply? 
				# (optional, default: no)

ess_cert_id_chain	= no	# Must the ESS cert id chain be included?

				# (optional, default: no)

ess_cert_id_alg		= sha1	# algorithm to compute certificate

				# identifier (optional, default: sha1)

apps/openssl.cnf

+2 −0
Original line number Diff line number Diff line
@@ -344,3 +344,5 @@ tsa_name = yes # Must the TSA name be included in the reply? 
				# (optional, default: no)

ess_cert_id_chain	= no	# Must the ESS cert id chain be included?

				# (optional, default: no)

ess_cert_id_alg		= sha1	# algorithm to compute certificate

				# identifier (optional, default: sha1)

apps/ts.c

+2 −0
Original line number Diff line number Diff line
@@ -709,6 +709,8 @@ static TS_RESP *create_response(CONF *conf, const char *section, const char *eng 
            goto end;

    }



    if (!TS_CONF_set_ess_cert_id_digest(conf, section, resp_ctx))

        goto end;

    if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx))

        goto end;

    if (!TS_CONF_set_policies(conf, section, resp_ctx))

crypto/objects/obj_dat.h

+10 −5
Original line number Diff line number Diff line
@@ -10,7 +10,7 @@ 
 */



/* Serialized OID's */

static const unsigned char so[6900] = {

static const unsigned char so[6911] = {

    0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */

    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */

    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -976,9 +976,10 @@ static const unsigned char so[6900] = { 
    0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0D,  /* [ 6872] OBJ_aria_256_cfb128 */

    0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0E,  /* [ 6881] OBJ_aria_256_ofb128 */

    0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0F,  /* [ 6890] OBJ_aria_256_ctr */

    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1E,  /* [ 6899] OBJ_id_smime_aa_signingCertificateV2 */

};



#define NUM_NID 1086

#define NUM_NID 1087

static const ASN1_OBJECT nid_objs[NUM_NID] = {

    {"UNDEF", "undefined", NID_undef},

    {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2066,9 +2067,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { 
    {"ARIA-128-CFB8", "aria-128-cfb8", NID_aria_128_cfb8},

    {"ARIA-192-CFB8", "aria-192-cfb8", NID_aria_192_cfb8},

    {"ARIA-256-CFB8", "aria-256-cfb8", NID_aria_256_cfb8},

    {"id-smime-aa-signingCertificateV2", "id-smime-aa-signingCertificateV2", NID_id_smime_aa_signingCertificateV2, 11, &so[6899]},

};



#define NUM_SN 1077

#define NUM_SN 1078

static const unsigned int sn_objs[NUM_SN] = {

     364,    /* "AD_DVCS" */

     419,    /* "AES-128-CBC" */
@@ -2712,6 +2714,7 @@ static const unsigned int sn_objs[NUM_SN] = { 
     213,    /* "id-smime-aa-securityLabel" */

     239,    /* "id-smime-aa-signatureType" */

     223,    /* "id-smime-aa-signingCertificate" */

    1086,    /* "id-smime-aa-signingCertificateV2" */

     224,    /* "id-smime-aa-smimeEncryptCerts" */

     225,    /* "id-smime-aa-timeStampToken" */

     192,    /* "id-smime-alg" */
@@ -3149,7 +3152,7 @@ static const unsigned int sn_objs[NUM_SN] = { 
     160,    /* "x509Crl" */

};



#define NUM_LN 1077

#define NUM_LN 1078

static const unsigned int ln_objs[NUM_LN] = {

     363,    /* "AD Time Stamping" */

     405,    /* "ANSI X9.62" */
@@ -3786,6 +3789,7 @@ static const unsigned int ln_objs[NUM_LN] = { 
     213,    /* "id-smime-aa-securityLabel" */

     239,    /* "id-smime-aa-signatureType" */

     223,    /* "id-smime-aa-signingCertificate" */

    1086,    /* "id-smime-aa-signingCertificateV2" */

     224,    /* "id-smime-aa-smimeEncryptCerts" */

     225,    /* "id-smime-aa-timeStampToken" */

     192,    /* "id-smime-alg" */
@@ -4230,7 +4234,7 @@ static const unsigned int ln_objs[NUM_LN] = { 
     125,    /* "zlib compression" */

};



#define NUM_OBJ 971

#define NUM_OBJ 972

static const unsigned int obj_objs[NUM_OBJ] = {

       0,    /* OBJ_undef                        0 */

     181,    /* OBJ_iso                          1 */
@@ -5173,6 +5177,7 @@ static const unsigned int obj_objs[NUM_OBJ] = { 
     238,    /* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */

     239,    /* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */

     240,    /* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */

    1086,    /* OBJ_id_smime_aa_signingCertificateV2 1 2 840 113549 1 9 16 2 30 */

     241,    /* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */

     242,    /* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */

     243,    /* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */

crypto/objects/obj_mac.num

+1 −0
Original line number Diff line number Diff line
@@ -1083,3 +1083,4 @@ aria_256_cfb1 1082 
aria_128_cfb8		1083

aria_192_cfb8		1084

aria_256_cfb8		1085

id_smime_aa_signingCertificateV2		1086