RT2353: Add ipsec IKE OID
authorRich Salz <rsalz@akamai.com>
Tue, 2 Feb 2016 19:14:33 +0000 (14:14 -0500)
committerRich Salz <rsalz@openssl.org>
Tue, 2 Feb 2016 19:41:06 +0000 (14:41 -0500)
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
crypto/objects/obj_dat.h
crypto/objects/obj_mac.num
crypto/objects/objects.txt
doc/apps/x509v3_config.pod
include/openssl/obj_mac.h

index 6907bc3..d91fb18 100644 (file)
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 1022
-#define NUM_SN 1015
-#define NUM_LN 1015
-#define NUM_OBJ 937
+#define NUM_NID 1023
+#define NUM_SN 1016
+#define NUM_LN 1016
+#define NUM_OBJ 938
 
-static const unsigned char lvalues[6612]={
+static const unsigned char lvalues[6620]={
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
@@ -997,6 +997,7 @@ static const unsigned char lvalues[6612]={
 0x2A,0x85,0x03,0x64,0x6F,                    /* [6593] OBJ_subjectSignTool */
 0x2A,0x85,0x03,0x64,0x70,                    /* [6598] OBJ_issuerSignTool */
 0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x18,     /* [6603] OBJ_tlsfeature */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x11,     /* [6611] OBJ_ipsec_IKE */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2670,6 +2671,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"ChaCha20","chacha20",NID_chacha20,0,NULL,0},
 {"tlsfeature","TLS Feature",NID_tlsfeature,8,&(lvalues[6603]),0},
 {"TLS1-PRF","tls1-prf",NID_tls1_prf,0,NULL,0},
+{"ipsecIKE","ipsec Internet Key Exchange",NID_ipsec_IKE,8,
+       &(lvalues[6611]),0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -3337,6 +3340,7 @@ static const unsigned int sn_objs[NUM_SN]={
 869,   /* "internationaliSDNNumber" */
 142,   /* "invalidityDate" */
 294,   /* "ipsecEndSystem" */
+1022,  /* "ipsecIKE" */
 295,   /* "ipsecTunnel" */
 296,   /* "ipsecUser" */
 86,    /* "issuerAltName" */
@@ -4344,6 +4348,7 @@ static const unsigned int ln_objs[NUM_LN]={
 461,   /* "info" */
 101,   /* "initials" */
 869,   /* "internationaliSDNNumber" */
+1022,  /* "ipsec Internet Key Exchange" */
 749,   /* "ipsec3" */
 750,   /* "ipsec4" */
 181,   /* "iso" */
@@ -5263,6 +5268,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
 133,   /* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
 180,   /* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
 297,   /* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
+1022,  /* OBJ_ipsec_IKE                    1 3 6 1 5 5 7 3 17 */
 298,   /* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
 299,   /* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
 300,   /* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
index 663e86c..2e54d3d 100644 (file)
@@ -1019,3 +1019,4 @@ chacha20_poly1305         1018
 chacha20               1019
 tlsfeature             1020
 tls1_prf               1021
+ipsec_IKE              1022
index 1de8e79..42175d9 100644 (file)
@@ -497,6 +497,8 @@ id-kp 8                     : timeStamping          : Time Stamping
 !Cname OCSP-sign
 id-kp 9                        : OCSPSigning           : OCSP Signing
 id-kp 10               : DVCS                  : dvcs
+!Cname ipsec-IKE
+id-kp 17                : ipsecIKE              : ipsec Internet Key Exchange
 
 # CMP information types
 id-it 1                        : id-it-caProtEncCert
index c2c710b..72eec51 100644 (file)
@@ -115,6 +115,8 @@ following PKIX, NS and MS values are meaningful:
  codeSigning           Code signing.
  emailProtection       E-mail Protection (S/MIME).
  timeStamping          Trusted Timestamping
+ OCSPSigning           OCSP Signing
+ ipsecIKE              ipsec Internet Key Exchnage
  msCodeInd             Microsoft Individual Code Signing (authenticode)
  msCodeCom             Microsoft Commercial Code Signing (authenticode)
  msCTLSign             Microsoft Trust List Signing
index ad27e0e..a577e51 100644 (file)
 #define NID_dvcs                297
 #define OBJ_dvcs                OBJ_id_kp,10L
 
+#define SN_ipsec_IKE            "ipsecIKE"
+#define LN_ipsec_IKE            "ipsec Internet Key Exchange"
+#define NID_ipsec_IKE           1022
+#define OBJ_ipsec_IKE           OBJ_id_kp,17L
+
 #define SN_id_it_caProtEncCert          "id-it-caProtEncCert"
 #define NID_id_it_caProtEncCert         298
 #define OBJ_id_it_caProtEncCert         OBJ_id_it,1L