add anyExtendedKeyUsage OID

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 274ea46b1d72b109787d3ff5a6c71f8f8dbc064c..1baa03ec969c696c3722095288c8fcad4d7a2cea 100644 (file)
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 910
-#define NUM_SN 903
-#define NUM_LN 903
-#define NUM_OBJ 853
+#define NUM_NID 911
+#define NUM_SN 904
+#define NUM_LN 904
+#define NUM_OBJ 854
 
-static const unsigned char lvalues[5949]={
+static const unsigned char lvalues[5953]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -921,6 +921,7 @@ static const unsigned char lvalues[5949]={
 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5915] OBJ_id_camellia128_wrap */
 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */
 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */
+0x55,0x1D,0x25,0x00,                         /* [5948] OBJ_anyExtendedKeyUsage */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2388,6 +2389,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
        11,&(lvalues[5926]),0},
 {"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
        11,&(lvalues[5937]),0},
+{"anyExtendedKeyUsage","Any Extended Key Usage",
+       NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -2581,6 +2584,7 @@ static const unsigned int sn_objs[NUM_SN]={
 363,   /* "ad_timestamping" */
 376,   /* "algorithm" */
 405,   /* "ansi-X9-62" */
+910,   /* "anyExtendedKeyUsage" */
 746,   /* "anyPolicy" */
 370,   /* "archiveCutoff" */
 484,   /* "associatedDomain" */
@@ -3300,6 +3304,7 @@ static const unsigned int ln_objs[NUM_LN]={
 363,   /* "AD Time Stamping" */
 405,   /* "ANSI X9.62" */
 368,   /* "Acceptable OCSP Responses" */
+910,   /* "Any Extended Key Usage" */
 664,   /* "Any language" */
 177,   /* "Authority Information Access" */
 365,   /* "Basic OCSP Response" */
@@ -4325,6 +4330,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
 96,    /* OBJ_mdc2WithRSA                  2 5 8 3 100 */
 95,    /* OBJ_mdc2                         2 5 8 3 101 */
 746,   /* OBJ_any_policy                   2 5 29 32 0 */
+910,   /* OBJ_anyExtendedKeyUsage          2 5 29 37 0 */
 519,   /* OBJ_setct_PANData                2 23 42 0 0 */
 520,   /* OBJ_setct_PANToken               2 23 42 0 1 */
 521,   /* OBJ_setct_PANOnly                2 23 42 0 2 */

diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index ffbe29ad9c82261bd44a7f5636cf49e4f3f61ddd..7776abe72d28d82b2ba13751ea4c473ad0758a83 100644 (file)
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -2403,6 +2403,11 @@
 #define NID_no_rev_avail               403
 #define OBJ_no_rev_avail               OBJ_id_ce,56L
 
+#define SN_anyExtendedKeyUsage         "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage         "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage                910
+#define OBJ_anyExtendedKeyUsage                OBJ_ext_key_usage,0L
+
 #define SN_netscape            "Netscape"
 #define LN_netscape            "Netscape Communications Corp."
 #define NID_netscape           57

diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 5a9efea04d832ed2fae3ef610dd695b4f7e336be..bc8bc89a9c3dc7d542e25244a7fcc5eba1bcb249 100644 (file)
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -907,3 +907,4 @@ aes_256_ctr         906
 id_camellia128_wrap            907
 id_camellia192_wrap            908
 id_camellia256_wrap            909
+anyExtendedKeyUsage            910

diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index d24b9ce7e1039caff4ee12e630c1ee7c3456ec8c..87c97c6105f23858702840cb6cf2a71eef591ff6 100644 (file)
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -771,6 +771,10 @@ id-ce 55           : targetInformation     : X509v3 AC Targeting
 !Cname no-rev-avail
 id-ce 56               : noRevAvail            : X509v3 No Revocation Available
 
+# From RFC5280
+ext-key-usage 0                : anyExtendedKeyUsage   : Any Extended Key Usage
+
+
 !Cname netscape
 2 16 840 1 113730      : Netscape              : Netscape Communications Corp.
 !Cname netscape-cert-extension

diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 181bd34979bc5ed1709fb62849e3c78155411214..7c4aa323aedd9846f9f914b6cb3ad2c28f964d7f 100644 (file)
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -447,6 +447,10 @@ static void x509v3_cache_extensions(X509 *x)
                                case NID_dvcs:
                                x->ex_xkusage |= XKU_DVCS;
                                break;
+
+                               case NID_anyExtendedKeyUsage:
+                               x->ex_xkusage |= XKU_ANYEKU;
+                               break;
                        }
                }
                sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);

diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index b308abe7cd471988b33cb04b3ecfd505b5ab86ef..34909475ae6e9677a203066e50d08e9b3fc5af23 100644 (file)
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -451,6 +451,7 @@ struct ISSUING_DIST_POINT_st
 #define XKU_OCSP_SIGN          0x20
 #define XKU_TIMESTAMP          0x40
 #define XKU_DVCS               0x80
+#define XKU_ANYEKU             0x100
 
 #define X509_PURPOSE_DYNAMIC   0x1
 #define X509_PURPOSE_DYNAMIC_NAME      0x2