Commit d9f77726 authored by Rich Salz's avatar Rich Salz Committed by Rich Salz
Browse files

RT2752: Add some EKU OID's 



And some others found in the Internet.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent 4c35c936

crypto/objects/obj_dat.h

+65 −5
Original line number Diff line number Diff line
@@ -60,12 +60,12 @@ 
 * [including the GNU Public Licence.]

 */



#define NUM_NID 1023

#define NUM_SN 1016

#define NUM_LN 1016

#define NUM_OBJ 938

#define NUM_NID 1034

#define NUM_SN 1027

#define NUM_LN 1027

#define NUM_OBJ 949



static const unsigned char lvalues[6620]={

static const unsigned char lvalues[6704]={

0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */

0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */

0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
@@ -998,6 +998,17 @@ static const unsigned char lvalues[6620]={ 
0x2A,0x85,0x03,0x64,0x70,                    /* [6598] OBJ_issuerSignTool */

0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x18,     /* [6603] OBJ_tlsfeature */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x11,     /* [6611] OBJ_ipsec_IKE */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x12,     /* [6619] OBJ_capwapAC */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x13,     /* [6627] OBJ_capwapWTP */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x15,     /* [6635] OBJ_sshClient */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x16,     /* [6643] OBJ_sshServer */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x17,     /* [6651] OBJ_sendRouter */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x18,     /* [6659] OBJ_sendProxiedRouter */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x19,     /* [6667] OBJ_sendOwner */

0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x1A,     /* [6675] OBJ_sendProxiedOwner */

0x2B,0x06,0x01,0x05,0x02,0x03,               /* [6683] OBJ_id_pkinit */

0x2B,0x06,0x01,0x05,0x02,0x03,0x04,          /* [6689] OBJ_pkInitClientAuth */

0x2B,0x06,0x01,0x05,0x02,0x03,0x05,          /* [6696] OBJ_pkInitKDC */

};



static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2673,6 +2684,22 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ 
{"TLS1-PRF","tls1-prf",NID_tls1_prf,0,NULL,0},

{"ipsecIKE","ipsec Internet Key Exchange",NID_ipsec_IKE,8,

	&(lvalues[6611]),0},

{"capwapAC","Ctrl/provision WAP Access",NID_capwapAC,8,

	&(lvalues[6619]),0},

{"capwapWTP","Ctrl/Provision WAP Termination",NID_capwapWTP,8,

	&(lvalues[6627]),0},

{"secureShellClient","SSH Client",NID_sshClient,8,&(lvalues[6635]),0},

{"secureShellServer","SSH Server",NID_sshServer,8,&(lvalues[6643]),0},

{"sendRouter","Send Router",NID_sendRouter,8,&(lvalues[6651]),0},

{"sendProxiedRouter","Send Proxied Router",NID_sendProxiedRouter,8,

	&(lvalues[6659]),0},

{"sendOwner","Send Owner",NID_sendOwner,8,&(lvalues[6667]),0},

{"sendProxiedOwner","Send Proxied Owner",NID_sendProxiedOwner,8,

	&(lvalues[6675]),0},

{"id-pkinit","id-pkinit",NID_id_pkinit,6,&(lvalues[6683]),0},

{"pkInitClientAuth","PKINIT Client Auth",NID_pkInitClientAuth,7,

	&(lvalues[6689]),0},

{"pkInitKDC","Signing KDC Response",NID_pkInitKDC,7,&(lvalues[6696]),0},

};



static const unsigned int sn_objs[NUM_SN]={
@@ -2951,6 +2978,8 @@ static const unsigned int sn_objs[NUM_SN]={ 
483,	/* "cNAMERecord" */

179,	/* "caIssuers" */

785,	/* "caRepository" */

1023,	/* "capwapAC" */

1024,	/* "capwapWTP" */

443,	/* "caseIgnoreIA5StringSyntax" */

152,	/* "certBag" */

677,	/* "certicom-arc" */
@@ -3212,6 +3241,7 @@ static const unsigned int sn_objs[NUM_SN]={ 
351,	/* "id-pda-gender" */

349,	/* "id-pda-placeOfBirth" */

175,	/* "id-pe" */

1031,	/* "id-pkinit" */

261,	/* "id-pkip" */

258,	/* "id-pkix-mod" */

269,	/* "id-pkix1-explicit-88" */
@@ -3416,6 +3446,8 @@ static const unsigned int sn_objs[NUM_SN]={ 
440,	/* "pilotObjectClass" */

455,	/* "pilotOrganization" */

445,	/* "pilotPerson" */

1032,	/* "pkInitClientAuth" */

1033,	/* "pkInitKDC" */

 2,	/* "pkcs" */

186,	/* "pkcs1" */

27,	/* "pkcs3" */
@@ -3504,9 +3536,15 @@ static const unsigned int sn_objs[NUM_SN]={ 
732,	/* "sect409r1" */

733,	/* "sect571k1" */

734,	/* "sect571r1" */

1025,	/* "secureShellClient" */

1026,	/* "secureShellServer" */

386,	/* "security" */

878,	/* "seeAlso" */

394,	/* "selected-attribute-types" */

1029,	/* "sendOwner" */

1030,	/* "sendProxiedOwner" */

1028,	/* "sendProxiedRouter" */

1027,	/* "sendRouter" */

105,	/* "serialNumber" */

129,	/* "serverAuth" */

371,	/* "serviceLocator" */
@@ -3710,6 +3748,8 @@ static const unsigned int ln_objs[NUM_LN]={ 
951,	/* "CT Precertificate SCTs" */

953,	/* "CT Precertificate Signer" */

131,	/* "Code Signing" */

1024,	/* "Ctrl/Provision WAP Termination" */

1023,	/* "Ctrl/provision WAP Access" */

783,	/* "Diffie-Hellman based MAC" */

382,	/* "Directory" */

392,	/* "Domain" */
@@ -3801,6 +3841,7 @@ static const unsigned int ln_objs[NUM_LN]={ 
161,	/* "PBES2" */

69,	/* "PBKDF2" */

162,	/* "PBMAC1" */

1032,	/* "PKINIT Client Auth" */

127,	/* "PKIX" */

858,	/* "Permanent Identifier" */

164,	/* "Policy Qualifier CPS" */
@@ -3813,9 +3854,16 @@ static const unsigned int ln_objs[NUM_LN]={ 
167,	/* "S/MIME Capabilities" */

1006,	/* "SNILS" */

387,	/* "SNMPv2" */

1025,	/* "SSH Client" */

1026,	/* "SSH Server" */

512,	/* "Secure Electronic Transactions" */

386,	/* "Security" */

394,	/* "Selected Attribute Types" */

1029,	/* "Send Owner" */

1030,	/* "Send Proxied Owner" */

1028,	/* "Send Proxied Router" */

1027,	/* "Send Router" */

1033,	/* "Signing KDC Response" */

1008,	/* "Signing Tool of Issuer" */

1007,	/* "Signing Tool of Subject" */

143,	/* "Strong Extranet ID" */
@@ -4234,6 +4282,7 @@ static const unsigned int ln_objs[NUM_LN]={ 
351,	/* "id-pda-gender" */

349,	/* "id-pda-placeOfBirth" */

175,	/* "id-pe" */

1031,	/* "id-pkinit" */

261,	/* "id-pkip" */

258,	/* "id-pkix-mod" */

269,	/* "id-pkix1-explicit-88" */
@@ -5042,6 +5091,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 
994,	/* OBJ_id_tc26_constants            1 2 643 7 1 2 */

 1,	/* OBJ_rsadsi                       1 2 840 113549 */

185,	/* OBJ_X9cm                         1 2 840 10040 4 */

1031,	/* OBJ_id_pkinit                    1 3 6 1 5 2 3 */

127,	/* OBJ_id_pkix                      1 3 6 1 5 5 7 */

505,	/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */

506,	/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
@@ -5112,6 +5162,8 @@ static const unsigned int obj_objs[NUM_OBJ]={ 
791,	/* OBJ_ecdsa_with_Recommended       1 2 840 10045 4 2 */

792,	/* OBJ_ecdsa_with_Specified         1 2 840 10045 4 3 */

920,	/* OBJ_dhpublicnumber               1 2 840 10046 2 1 */

1032,	/* OBJ_pkInitClientAuth             1 3 6 1 5 2 3 4 */

1033,	/* OBJ_pkInitKDC                    1 3 6 1 5 2 3 5 */

258,	/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */

175,	/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */

259,	/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
@@ -5269,6 +5321,14 @@ static const unsigned int obj_objs[NUM_OBJ]={ 
180,	/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */

297,	/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */

1022,	/* OBJ_ipsec_IKE                    1 3 6 1 5 5 7 3 17 */

1023,	/* OBJ_capwapAC                     1 3 6 1 5 5 7 3 18 */

1024,	/* OBJ_capwapWTP                    1 3 6 1 5 5 7 3 19 */

1025,	/* OBJ_sshClient                    1 3 6 1 5 5 7 3 21 */

1026,	/* OBJ_sshServer                    1 3 6 1 5 5 7 3 22 */

1027,	/* OBJ_sendRouter                   1 3 6 1 5 5 7 3 23 */

1028,	/* OBJ_sendProxiedRouter            1 3 6 1 5 5 7 3 24 */

1029,	/* OBJ_sendOwner                    1 3 6 1 5 5 7 3 25 */

1030,	/* OBJ_sendProxiedOwner             1 3 6 1 5 5 7 3 26 */

298,	/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */

299,	/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */

300,	/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */

crypto/objects/obj_mac.num

+11 −0
Original line number Diff line number Diff line
@@ -1020,3 +1020,14 @@ chacha20 1019 
tlsfeature		1020

tls1_prf		1021

ipsec_IKE		1022

capwapAC		1023

capwapWTP		1024

sshClient		1025

sshServer		1026

sendRouter		1027

sendProxiedRouter		1028

sendOwner		1029

sendProxiedOwner		1030

id_pkinit		1031

pkInitClientAuth		1032

pkInitKDC		1033

crypto/objects/objects.txt

+15 −0
Original line number Diff line number Diff line
@@ -499,6 +499,16 @@ id-kp 9 : OCSPSigning : OCSP Signing 
id-kp 10		: DVCS			: dvcs

!Cname ipsec-IKE

id-kp 17                : ipsecIKE              : ipsec Internet Key Exchange

id-kp 18                : capwapAC              : Ctrl/provision WAP Access

id-kp 19                : capwapWTP             : Ctrl/Provision WAP Termination

!Cname sshClient

id-kp 21                : secureShellClient     : SSH Client

!Cname sshServer

id-kp 22                : secureShellServer     : SSH Server

id-kp 23                : sendRouter            : Send Router

id-kp 24                : sendProxiedRouter     : Send Proxied Router

id-kp 25                : sendOwner             : Send Owner

id-kp 26                : sendProxiedOwner      : Send Proxied Owner



# CMP information types

id-it 1			: id-it-caProtEncCert
@@ -1433,3 +1443,8 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme 


# NID for TLS1 PRF

                            : TLS1-PRF          : tls1-prf



# RFC 4556

1 3 6 1 5 2 3 : id-pkinit

id-pkinit 4                     : pkInitClientAuth      : PKINIT Client Auth

id-pkinit 5                     : pkInitKDC             : Signing KDC Response

include/openssl/obj_mac.h

+54 −0
Original line number Diff line number Diff line
@@ -1562,6 +1562,46 @@ 
#define NID_ipsec_IKE           1022

#define OBJ_ipsec_IKE           OBJ_id_kp,17L



#define SN_capwapAC             "capwapAC"

#define LN_capwapAC             "Ctrl/provision WAP Access"

#define NID_capwapAC            1023

#define OBJ_capwapAC            OBJ_id_kp,18L



#define SN_capwapWTP            "capwapWTP"

#define LN_capwapWTP            "Ctrl/Provision WAP Termination"

#define NID_capwapWTP           1024

#define OBJ_capwapWTP           OBJ_id_kp,19L



#define SN_sshClient            "secureShellClient"

#define LN_sshClient            "SSH Client"

#define NID_sshClient           1025

#define OBJ_sshClient           OBJ_id_kp,21L



#define SN_sshServer            "secureShellServer"

#define LN_sshServer            "SSH Server"

#define NID_sshServer           1026

#define OBJ_sshServer           OBJ_id_kp,22L



#define SN_sendRouter           "sendRouter"

#define LN_sendRouter           "Send Router"

#define NID_sendRouter          1027

#define OBJ_sendRouter          OBJ_id_kp,23L



#define SN_sendProxiedRouter            "sendProxiedRouter"

#define LN_sendProxiedRouter            "Send Proxied Router"

#define NID_sendProxiedRouter           1028

#define OBJ_sendProxiedRouter           OBJ_id_kp,24L



#define SN_sendOwner            "sendOwner"

#define LN_sendOwner            "Send Owner"

#define NID_sendOwner           1029

#define OBJ_sendOwner           OBJ_id_kp,25L



#define SN_sendProxiedOwner             "sendProxiedOwner"

#define LN_sendProxiedOwner             "Send Proxied Owner"

#define NID_sendProxiedOwner            1030

#define OBJ_sendProxiedOwner            OBJ_id_kp,26L



#define SN_id_it_caProtEncCert          "id-it-caProtEncCert"

#define NID_id_it_caProtEncCert         298

#define OBJ_id_it_caProtEncCert         OBJ_id_it,1L
@@ -4470,3 +4510,17 @@ 
#define SN_tls1_prf             "TLS1-PRF"

#define LN_tls1_prf             "tls1-prf"

#define NID_tls1_prf            1021



#define SN_id_pkinit            "id-pkinit"

#define NID_id_pkinit           1031

#define OBJ_id_pkinit           1L,3L,6L,1L,5L,2L,3L



#define SN_pkInitClientAuth             "pkInitClientAuth"

#define LN_pkInitClientAuth             "PKINIT Client Auth"

#define NID_pkInitClientAuth            1032

#define OBJ_pkInitClientAuth            OBJ_id_pkinit,4L



#define SN_pkInitKDC            "pkInitKDC"

#define LN_pkInitKDC            "Signing KDC Response"

#define NID_pkInitKDC           1033

#define OBJ_pkInitKDC           OBJ_id_pkinit,5L