Skip to content
  1. Aug 09, 2017
  2. Aug 08, 2017
  3. Aug 07, 2017
  4. Aug 06, 2017
  5. Aug 05, 2017
  6. Aug 04, 2017
  7. Aug 03, 2017
  8. Aug 02, 2017
  9. Aug 01, 2017
    • Martin Peylo's avatar
      Adding NID_hmac_sha1 and _md5 to builtin_pbe[] · 418d49c2
      Martin Peylo authored
      
      
      The OID for {1 3 6 1 5 5 8 1 2} HMAC-SHA1 (NID_hmac_sha1) is explicitly
      referenced by RFC 2510, RFC 3370, and RFC 4210. This is essential for the
      common implementations of CMP (Certificate Managing Protocol, RFC4210).
      
      HMAC-MD5's OID {1 3 6 1 5 5 8 1 1} (NID_hmac_md5) is in the same branch and
      it seems to generally exist (-> Internet search), but it is unclear where it is
      actually defined as it appears not to be referenced by RFCs and practically
      rather unused.
      
      Those OIDs are both duplicates to OIDs from an RSA OID branch, which are already
      included in builtin_pbe[]:
      
      HMAC-SHA1 also has another OID defined in PKCS#5/RFC2898 (NID_hmacWithSHA1).
      
      It is also unclear where the other OID for HMAC-MD5 (NID_hmacWithMD5) from the
      RSA branch is officially specified, as only HMAC-SHA1 from PKCS#5 was found to be
      defined. Anyway, HMAC-MD5 likely only plays a neglectable role in the future.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/3811)
      418d49c2