Add new OIDs from RFC5753
authorDr. Stephen Henson <steve@openssl.org>
Wed, 17 Jul 2013 13:54:00 +0000 (14:54 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 17 Jul 2013 20:45:00 +0000 (21:45 +0100)
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.

crypto/objects/obj_dat.h
crypto/objects/obj_mac.h
crypto/objects/obj_mac.num
crypto/objects/obj_xref.h
crypto/objects/obj_xref.txt
crypto/objects/objects.txt

index db44679..92a6deb 100644 (file)
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 939
-#define NUM_SN 932
-#define NUM_LN 932
-#define NUM_OBJ 873
+#define NUM_NID 951
+#define NUM_SN 944
+#define NUM_LN 944
+#define NUM_OBJ 883
 
-static const unsigned char lvalues[6122]={
+static const unsigned char lvalues[6188]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -941,6 +941,16 @@ static const unsigned char lvalues[6122]={
 0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6094] OBJ_brainpoolP512r1 */
 0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6103] OBJ_brainpoolP512t1 */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6112] OBJ_pSpecified */
+0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6121] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x00,               /* [6130] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x01,               /* [6136] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x02,               /* [6142] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x03,               /* [6148] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */
+0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6154] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x00,               /* [6163] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x01,               /* [6169] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x02,               /* [6175] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x03,               /* [6181] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2458,6 +2468,38 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"AES-256-CBC-HMAC-SHA256","aes-256-cbc-hmac-sha256",
        NID_aes_256_cbc_hmac_sha256,0,NULL,0},
 {"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6112]),0},
+{"dhSinglePass-stdDH-sha1kdf-scheme",
+       "dhSinglePass-stdDH-sha1kdf-scheme",
+       NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6121]),0},
+{"dhSinglePass-stdDH-sha224kdf-scheme",
+       "dhSinglePass-stdDH-sha224kdf-scheme",
+       NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6130]),0},
+{"dhSinglePass-stdDH-sha256kdf-scheme",
+       "dhSinglePass-stdDH-sha256kdf-scheme",
+       NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6136]),0},
+{"dhSinglePass-stdDH-sha384kdf-scheme",
+       "dhSinglePass-stdDH-sha384kdf-scheme",
+       NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6142]),0},
+{"dhSinglePass-stdDH-sha512kdf-scheme",
+       "dhSinglePass-stdDH-sha512kdf-scheme",
+       NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6148]),0},
+{"dhSinglePass-cofactorDH-sha1kdf-scheme",
+       "dhSinglePass-cofactorDH-sha1kdf-scheme",
+       NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6154]),0},
+{"dhSinglePass-cofactorDH-sha224kdf-scheme",
+       "dhSinglePass-cofactorDH-sha224kdf-scheme",
+       NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6163]),0},
+{"dhSinglePass-cofactorDH-sha256kdf-scheme",
+       "dhSinglePass-cofactorDH-sha256kdf-scheme",
+       NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6169]),0},
+{"dhSinglePass-cofactorDH-sha384kdf-scheme",
+       "dhSinglePass-cofactorDH-sha384kdf-scheme",
+       NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6175]),0},
+{"dhSinglePass-cofactorDH-sha512kdf-scheme",
+       "dhSinglePass-cofactorDH-sha512kdf-scheme",
+       NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6181]),0},
+{"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0},
+{"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -2744,7 +2786,19 @@ static const unsigned int sn_objs[NUM_SN]={
 891,   /* "deltaRevocationList" */
 107,   /* "description" */
 871,   /* "destinationIndicator" */
+950,   /* "dh-cofactor-kdf" */
+949,   /* "dh-std-kdf" */
 28,    /* "dhKeyAgreement" */
+944,   /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
+945,   /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
+946,   /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
+947,   /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
+948,   /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
+939,   /* "dhSinglePass-stdDH-sha1kdf-scheme" */
+940,   /* "dhSinglePass-stdDH-sha224kdf-scheme" */
+941,   /* "dhSinglePass-stdDH-sha256kdf-scheme" */
+942,   /* "dhSinglePass-stdDH-sha384kdf-scheme" */
+943,   /* "dhSinglePass-stdDH-sha512kdf-scheme" */
 920,   /* "dhpublicnumber" */
 382,   /* "directory" */
 887,   /* "distinguishedName" */
@@ -3689,7 +3743,19 @@ static const unsigned int ln_objs[NUM_LN]={
 107,   /* "description" */
 871,   /* "destinationIndicator" */
 80,    /* "desx-cbc" */
+950,   /* "dh-cofactor-kdf" */
+949,   /* "dh-std-kdf" */
 28,    /* "dhKeyAgreement" */
+944,   /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
+945,   /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
+946,   /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
+947,   /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
+948,   /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
+939,   /* "dhSinglePass-stdDH-sha1kdf-scheme" */
+940,   /* "dhSinglePass-stdDH-sha224kdf-scheme" */
+941,   /* "dhSinglePass-stdDH-sha256kdf-scheme" */
+942,   /* "dhSinglePass-stdDH-sha384kdf-scheme" */
+943,   /* "dhSinglePass-stdDH-sha512kdf-scheme" */
 11,    /* "directory services (X.500)" */
 378,   /* "directory services - algorithms" */
 887,   /* "distinguishedName" */
@@ -4657,6 +4723,14 @@ static const unsigned int obj_objs[NUM_OBJ]={
 505,   /* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
 506,   /* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
 119,   /* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
+940,   /* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
+941,   /* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
+942,   /* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
+943,   /* OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1 3 132 1 11 3 */
+945,   /* OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1 3 132 1 14 0 */
+946,   /* OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1 3 132 1 14 1 */
+947,   /* OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1 3 132 1 14 2 */
+948,   /* OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1 3 132 1 14 3 */
 631,   /* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
 632,   /* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
 633,   /* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
@@ -4999,6 +5073,8 @@ static const unsigned int obj_objs[NUM_OBJ]={
 932,   /* OBJ_brainpoolP384t1              1 3 36 3 3 2 8 1 1 12 */
 933,   /* OBJ_brainpoolP512r1              1 3 36 3 3 2 8 1 1 13 */
 934,   /* OBJ_brainpoolP512t1              1 3 36 3 3 2 8 1 1 14 */
+939,   /* OBJ_dhSinglePass_stdDH_sha1kdf_scheme 1 3 133 16 840 63 0 2 */
+944,   /* OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme 1 3 133 16 840 63 0 3 */
 418,   /* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
 419,   /* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
 420,   /* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
index e7c9c40..9c28af9 100644 (file)
 #define NID_brainpoolP512t1            934
 #define OBJ_brainpoolP512t1            1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
 
+#define OBJ_x9_63_scheme               1L,3L,133L,16L,840L,63L,0L
+
+#define OBJ_secg_scheme                OBJ_certicom_arc,1L
+
+#define SN_dhSinglePass_stdDH_sha1kdf_scheme           "dhSinglePass-stdDH-sha1kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha1kdf_scheme          939
+#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme          OBJ_x9_63_scheme,2L
+
+#define SN_dhSinglePass_stdDH_sha224kdf_scheme         "dhSinglePass-stdDH-sha224kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha224kdf_scheme                940
+#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme                OBJ_secg_scheme,11L,0L
+
+#define SN_dhSinglePass_stdDH_sha256kdf_scheme         "dhSinglePass-stdDH-sha256kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha256kdf_scheme                941
+#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme                OBJ_secg_scheme,11L,1L
+
+#define SN_dhSinglePass_stdDH_sha384kdf_scheme         "dhSinglePass-stdDH-sha384kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha384kdf_scheme                942
+#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme                OBJ_secg_scheme,11L,2L
+
+#define SN_dhSinglePass_stdDH_sha512kdf_scheme         "dhSinglePass-stdDH-sha512kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha512kdf_scheme                943
+#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme                OBJ_secg_scheme,11L,3L
+
+#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme              "dhSinglePass-cofactorDH-sha1kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme             944
+#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme             OBJ_x9_63_scheme,3L
+
+#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme            "dhSinglePass-cofactorDH-sha224kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme           945
+#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme           OBJ_secg_scheme,14L,0L
+
+#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme            "dhSinglePass-cofactorDH-sha256kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme           946
+#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme           OBJ_secg_scheme,14L,1L
+
+#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme            "dhSinglePass-cofactorDH-sha384kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme           947
+#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme           OBJ_secg_scheme,14L,2L
+
+#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme            "dhSinglePass-cofactorDH-sha512kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme           948
+#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme           OBJ_secg_scheme,14L,3L
+
+#define SN_dh_std_kdf          "dh-std-kdf"
+#define NID_dh_std_kdf         949
+
+#define SN_dh_cofactor_kdf             "dh-cofactor-kdf"
+#define NID_dh_cofactor_kdf            950
+
index dc1febe..f3892db 100644 (file)
@@ -936,3 +936,15 @@ aes_128_cbc_hmac_sha256            935
 aes_192_cbc_hmac_sha256                936
 aes_256_cbc_hmac_sha256                937
 pSpecified             938
+dhSinglePass_stdDH_sha1kdf_scheme              939
+dhSinglePass_stdDH_sha224kdf_scheme            940
+dhSinglePass_stdDH_sha256kdf_scheme            941
+dhSinglePass_stdDH_sha384kdf_scheme            942
+dhSinglePass_stdDH_sha512kdf_scheme            943
+dhSinglePass_cofactorDH_sha1kdf_scheme         944
+dhSinglePass_cofactorDH_sha224kdf_scheme               945
+dhSinglePass_cofactorDH_sha256kdf_scheme               946
+dhSinglePass_cofactorDH_sha384kdf_scheme               947
+dhSinglePass_cofactorDH_sha512kdf_scheme               948
+dh_std_kdf             949
+dh_cofactor_kdf                950
index e23938c..cfd628a 100644 (file)
@@ -39,6 +39,16 @@ static const nid_triple sigoid_srt[] =
        {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
        {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
        {NID_rsassaPss, NID_undef, NID_rsaEncryption},
+       {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
+       {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
        };
 
 static const nid_triple * const sigoid_srt_xref[] =
@@ -56,19 +66,29 @@ static const nid_triple * const sigoid_srt_xref[] =
        &sigoid_srt[5],
        &sigoid_srt[8],
        &sigoid_srt[12],
+       &sigoid_srt[30],
+       &sigoid_srt[35],
        &sigoid_srt[6],
        &sigoid_srt[10],
        &sigoid_srt[11],
        &sigoid_srt[13],
        &sigoid_srt[24],
        &sigoid_srt[20],
+       &sigoid_srt[32],
+       &sigoid_srt[37],
        &sigoid_srt[14],
        &sigoid_srt[21],
+       &sigoid_srt[33],
+       &sigoid_srt[38],
        &sigoid_srt[15],
        &sigoid_srt[22],
+       &sigoid_srt[34],
+       &sigoid_srt[39],
        &sigoid_srt[16],
        &sigoid_srt[23],
        &sigoid_srt[19],
+       &sigoid_srt[31],
+       &sigoid_srt[36],
        &sigoid_srt[25],
        &sigoid_srt[26],
        &sigoid_srt[27],
index cb91718..19c9422 100644 (file)
@@ -44,3 +44,15 @@ id_GostR3411_94_with_GostR3410_2001  id_GostR3411_94 id_GostR3410_2001
 id_GostR3411_94_with_GostR3410_94      id_GostR3411_94 id_GostR3410_94
 id_GostR3411_94_with_GostR3410_94_cc   id_GostR3411_94 id_GostR3410_94_cc
 id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
+# ECDH KDFs and their corresponding message digests and schemes
+dhSinglePass_stdDH_sha1kdf_scheme              sha1    dh_std_kdf
+dhSinglePass_stdDH_sha224kdf_scheme            sha224  dh_std_kdf
+dhSinglePass_stdDH_sha256kdf_scheme            sha256  dh_std_kdf
+dhSinglePass_stdDH_sha384kdf_scheme            sha384  dh_std_kdf
+dhSinglePass_stdDH_sha512kdf_scheme            sha512  dh_std_kdf
+
+dhSinglePass_cofactorDH_sha1kdf_scheme         sha1    dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha224kdf_scheme       sha224  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha256kdf_scheme       sha256  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha384kdf_scheme       sha384  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha512kdf_scheme       sha512  dh_cofactor_kdf
index 72ad297..58dc4b7 100644 (file)
@@ -1316,3 +1316,22 @@ ISO-US 10046 2 1 : dhpublicnumber                : X9.42 DH
 1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
 1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
 1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1            
+
+# ECDH schemes from RFC5753
+!Alias x9-63-scheme 1 3 133 16 840 63 0
+!Alias secg-scheme certicom-arc 1
+
+x9-63-scheme 2   : dhSinglePass-stdDH-sha1kdf-scheme
+secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
+secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
+secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
+secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
+
+x9-63-scheme 3   : dhSinglePass-cofactorDH-sha1kdf-scheme
+secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
+secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
+secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
+secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
+# NIDs for use with lookup tables.
+                 : dh-std-kdf
+                 : dh-cofactor-kdf