From b5c5a9714197186013a181e8bfb829a2d24f8b04 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Tue, 2 Feb 2016 14:14:33 -0500 Subject: [PATCH] RT2353: Add ipsec IKE OID Reviewed-by: Dr. Stephen Henson --- crypto/objects/obj_dat.h | 16 +++++++++++----- crypto/objects/obj_mac.num | 1 + crypto/objects/objects.txt | 2 ++ doc/apps/x509v3_config.pod | 2 ++ include/openssl/obj_mac.h | 5 +++++ 5 files changed, 21 insertions(+), 5 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 6907bc3683..d91fb1817d 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -60,12 +60,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1022 -#define NUM_SN 1015 -#define NUM_LN 1015 -#define NUM_OBJ 937 +#define NUM_NID 1023 +#define NUM_SN 1016 +#define NUM_LN 1016 +#define NUM_OBJ 938 -static const unsigned char lvalues[6612]={ +static const unsigned char lvalues[6620]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -997,6 +997,7 @@ static const unsigned char lvalues[6612]={ 0x2A,0x85,0x03,0x64,0x6F, /* [6593] OBJ_subjectSignTool */ 0x2A,0x85,0x03,0x64,0x70, /* [6598] OBJ_issuerSignTool */ 0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x18, /* [6603] OBJ_tlsfeature */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x11, /* [6611] OBJ_ipsec_IKE */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2670,6 +2671,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"ChaCha20","chacha20",NID_chacha20,0,NULL,0}, {"tlsfeature","TLS Feature",NID_tlsfeature,8,&(lvalues[6603]),0}, {"TLS1-PRF","tls1-prf",NID_tls1_prf,0,NULL,0}, +{"ipsecIKE","ipsec Internet Key Exchange",NID_ipsec_IKE,8, + &(lvalues[6611]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -3337,6 +3340,7 @@ static const unsigned int sn_objs[NUM_SN]={ 869, /* "internationaliSDNNumber" */ 142, /* "invalidityDate" */ 294, /* "ipsecEndSystem" */ +1022, /* "ipsecIKE" */ 295, /* "ipsecTunnel" */ 296, /* "ipsecUser" */ 86, /* "issuerAltName" */ @@ -4344,6 +4348,7 @@ static const unsigned int ln_objs[NUM_LN]={ 461, /* "info" */ 101, /* "initials" */ 869, /* "internationaliSDNNumber" */ +1022, /* "ipsec Internet Key Exchange" */ 749, /* "ipsec3" */ 750, /* "ipsec4" */ 181, /* "iso" */ @@ -5263,6 +5268,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 133, /* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */ 180, /* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */ 297, /* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */ +1022, /* OBJ_ipsec_IKE 1 3 6 1 5 5 7 3 17 */ 298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */ 299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */ 300, /* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 663e86c10c..2e54d3d261 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1019,3 +1019,4 @@ chacha20_poly1305 1018 chacha20 1019 tlsfeature 1020 tls1_prf 1021 +ipsec_IKE 1022 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 1de8e79e5b..42175d9daf 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -497,6 +497,8 @@ id-kp 8 : timeStamping : Time Stamping !Cname OCSP-sign id-kp 9 : OCSPSigning : OCSP Signing id-kp 10 : DVCS : dvcs +!Cname ipsec-IKE +id-kp 17 : ipsecIKE : ipsec Internet Key Exchange # CMP information types id-it 1 : id-it-caProtEncCert diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod index c2c710b6c7..72eec511a2 100644 --- a/doc/apps/x509v3_config.pod +++ b/doc/apps/x509v3_config.pod @@ -115,6 +115,8 @@ following PKIX, NS and MS values are meaningful: codeSigning Code signing. emailProtection E-mail Protection (S/MIME). timeStamping Trusted Timestamping + OCSPSigning OCSP Signing + ipsecIKE ipsec Internet Key Exchnage msCodeInd Microsoft Individual Code Signing (authenticode) msCodeCom Microsoft Commercial Code Signing (authenticode) msCTLSign Microsoft Trust List Signing diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index ad27e0e0c0..a577e51e90 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -1557,6 +1557,11 @@ #define NID_dvcs 297 #define OBJ_dvcs OBJ_id_kp,10L +#define SN_ipsec_IKE "ipsecIKE" +#define LN_ipsec_IKE "ipsec Internet Key Exchange" +#define NID_ipsec_IKE 1022 +#define OBJ_ipsec_IKE OBJ_id_kp,17L + #define SN_id_it_caProtEncCert "id-it-caProtEncCert" #define NID_id_it_caProtEncCert 298 #define OBJ_id_it_caProtEncCert OBJ_id_it,1L -- 2.34.1