Skip to content

Commit

Permalink
feat: add missing pki / pmi object identifiers
Browse files Browse the repository at this point in the history 
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #21232)
  • Loading branch information
@JonathanWilbur @paulidale
JonathanWilbur authored and paulidale committed Jun 28, 2023
1 parent 0e1da9d commit bac2f6d
Show file tree
Hide file tree
Showing 4 changed files with 330 additions and 5 deletions.
135 changes: 130 additions & 5 deletions crypto/objects/obj_dat.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
*/

/* Serialized OID's */
static const unsigned char so[8401] = {
static const unsigned char so[8476] = {
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
Expand Down Expand Up @@ -1157,9 +1157,34 @@ static const unsigned char so[8401] = {
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x19,0x02, /* [ 8373] OBJ_ms_ntds_sec_ext */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x15,0x07, /* [ 8382] OBJ_ms_cert_templ */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x15,0x0A, /* [ 8391] OBJ_ms_app_policies */
0x55,0x1D,0x26, /* [ 8400] OBJ_authority_attribute_identifier */
0x55,0x1D,0x27, /* [ 8403] OBJ_role_spec_cert_identifier */
0x55,0x1D,0x29, /* [ 8406] OBJ_basic_att_constraints */
0x55,0x1D,0x2A, /* [ 8409] OBJ_delegated_name_constraints */
0x55,0x1D,0x2B, /* [ 8412] OBJ_time_specification */
0x55,0x1D,0x30, /* [ 8415] OBJ_attribute_descriptor */
0x55,0x1D,0x31, /* [ 8418] OBJ_user_notice */
0x55,0x1D,0x32, /* [ 8421] OBJ_soa_identifier */
0x55,0x1D,0x34, /* [ 8424] OBJ_acceptable_cert_policies */
0x55,0x1D,0x39, /* [ 8427] OBJ_acceptable_privilege_policies */
0x55,0x1D,0x3D, /* [ 8430] OBJ_indirect_issuer */
0x55,0x1D,0x3E, /* [ 8433] OBJ_no_assertion */
0x55,0x1D,0x3F, /* [ 8436] OBJ_id_aa_issuing_distribution_point */
0x55,0x1D,0x40, /* [ 8439] OBJ_issued_on_behalf_of */
0x55,0x1D,0x41, /* [ 8442] OBJ_single_use */
0x55,0x1D,0x42, /* [ 8445] OBJ_group_ac */
0x55,0x1D,0x43, /* [ 8448] OBJ_allowed_attribute_assignments */
0x55,0x1D,0x44, /* [ 8451] OBJ_attribute_mappings */
0x55,0x1D,0x45, /* [ 8454] OBJ_holder_name_constraints */
0x55,0x1D,0x46, /* [ 8457] OBJ_authorization_validation */
0x55,0x1D,0x47, /* [ 8460] OBJ_prot_restrict */
0x55,0x1D,0x48, /* [ 8463] OBJ_subject_alt_public_key_info */
0x55,0x1D,0x49, /* [ 8466] OBJ_alt_signature_algorithm */
0x55,0x1D,0x4A, /* [ 8469] OBJ_alt_signature_value */
0x55,0x1D,0x4B, /* [ 8472] OBJ_associated_information */
};

#define NUM_NID 1295
#define NUM_NID 1320
static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"UNDEF", "undefined", NID_undef},
{"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
Expand Down Expand Up @@ -2456,9 +2481,34 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"ms-ntds-sec-ext", "Microsoft NTDS CA Extension", NID_ms_ntds_sec_ext, 9, &so[8373]},
{"ms-cert-templ", "Microsoft certificate template", NID_ms_cert_templ, 9, &so[8382]},
{"ms-app-policies", "Microsoft Application Policies Extension", NID_ms_app_policies, 9, &so[8391]},
{"authorityAttributeIdentifier", "X509v3 Authority Attribute Identifier", NID_authority_attribute_identifier, 3, &so[8400]},
{"roleSpecCertIdentifier", "X509v3 Role Specification Certificate Identifier", NID_role_spec_cert_identifier, 3, &so[8403]},
{"basicAttConstraints", "X509v3 Basic Attribute Certificate Constraints", NID_basic_att_constraints, 3, &so[8406]},
{"delegatedNameConstraints", "X509v3 Delegated Name Constraints", NID_delegated_name_constraints, 3, &so[8409]},
{"timeSpecification", "X509v3 Time Specification", NID_time_specification, 3, &so[8412]},
{"attributeDescriptor", "X509v3 Attribute Descriptor", NID_attribute_descriptor, 3, &so[8415]},
{"userNotice", "X509v3 User Notice", NID_user_notice, 3, &so[8418]},
{"sOAIdentifier", "X509v3 Source of Authority Identifier", NID_soa_identifier, 3, &so[8421]},
{"acceptableCertPolicies", "X509v3 Acceptable Certification Policies", NID_acceptable_cert_policies, 3, &so[8424]},
{"acceptablePrivPolicies", "X509v3 Acceptable Privilege Policies", NID_acceptable_privilege_policies, 3, &so[8427]},
{"indirectIssuer", "X509v3 Indirect Issuer", NID_indirect_issuer, 3, &so[8430]},
{"noAssertion", "X509v3 No Assertion", NID_no_assertion, 3, &so[8433]},
{"aAissuingDistributionPoint", "X509v3 Attribute Authority Issuing Distribution Point", NID_id_aa_issuing_distribution_point, 3, &so[8436]},
{"issuedOnBehalfOf", "X509v3 Issued On Behalf Of", NID_issued_on_behalf_of, 3, &so[8439]},
{"singleUse", "X509v3 Single Use", NID_single_use, 3, &so[8442]},
{"groupAC", "X509v3 Group Attribute Certificate", NID_group_ac, 3, &so[8445]},
{"allowedAttributeAssignments", "X509v3 Allowed Attribute Assignments", NID_allowed_attribute_assignments, 3, &so[8448]},
{"attributeMappings", "X509v3 Attribute Mappings", NID_attribute_mappings, 3, &so[8451]},
{"holderNameConstraints", "X509v3 Holder Name Constraints", NID_holder_name_constraints, 3, &so[8454]},
{"authorizationValidation", "X509v3 Authorization Validation", NID_authorization_validation, 3, &so[8457]},
{"protRestrict", "X509v3 Protocol Restriction", NID_prot_restrict, 3, &so[8460]},
{"subjectAltPublicKeyInfo", "X509v3 Subject Alternative Public Key Info", NID_subject_alt_public_key_info, 3, &so[8463]},
{"altSignatureAlgorithm", "X509v3 Alternative Signature Algorithm", NID_alt_signature_algorithm, 3, &so[8466]},
{"altSignatureValue", "X509v3 Alternative Signature Value", NID_alt_signature_value, 3, &so[8469]},
{"associatedInformation", "X509v3 Associated Information", NID_associated_information, 3, &so[8472]},
};

#define NUM_SN 1286
#define NUM_SN 1311
static const unsigned int sn_objs[NUM_SN] = {
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
Expand Down Expand Up @@ -2768,25 +2818,37 @@ static const unsigned int sn_objs[NUM_SN] = {
1206, /* "X963KDF" */
185, /* "X9cm" */
125, /* "ZLIB" */
1307, /* "aAissuingDistributionPoint" */
478, /* "aRecord" */
289, /* "aaControls" */
287, /* "ac-auditEntity" */
397, /* "ac-proxying" */
288, /* "ac-targeting" */
1303, /* "acceptableCertPolicies" */
1304, /* "acceptablePrivPolicies" */
368, /* "acceptableResponses" */
446, /* "account" */
363, /* "ad_timestamping" */
376, /* "algorithm" */
1311, /* "allowedAttributeAssignments" */
1317, /* "altSignatureAlgorithm" */
1318, /* "altSignatureValue" */
405, /* "ansi-X9-62" */
910, /* "anyExtendedKeyUsage" */
746, /* "anyPolicy" */
370, /* "archiveCutoff" */
484, /* "associatedDomain" */
1319, /* "associatedInformation" */
485, /* "associatedName" */
1300, /* "attributeDescriptor" */
1312, /* "attributeMappings" */
501, /* "audio" */
1295, /* "authorityAttributeIdentifier" */
177, /* "authorityInfoAccess" */
90, /* "authorityKeyIdentifier" */
882, /* "authorityRevocationList" */
1314, /* "authorizationValidation" */
1297, /* "basicAttConstraints" */
87, /* "basicConstraints" */
365, /* "basicOCSPResponse" */
285, /* "biometricInfo" */
Expand Down Expand Up @@ -2878,6 +2940,7 @@ static const unsigned int sn_objs[NUM_SN] = {
495, /* "dSAQuality" */
434, /* "data" */
390, /* "dcobject" */
1298, /* "delegatedNameConstraints" */
140, /* "deltaCRL" */
891, /* "deltaRevocationList" */
107, /* "description" */
Expand Down Expand Up @@ -2965,6 +3028,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1010, /* "gost89-ecb" */
812, /* "gost94" */
850, /* "gost94cc" */
1310, /* "groupAC" */
1156, /* "hmacWithDstu34311" */
797, /* "hmacWithMD5" */
163, /* "hmacWithSHA1" */
Expand All @@ -2979,6 +3043,7 @@ static const unsigned int sn_objs[NUM_SN] = {
430, /* "holdInstructionCode" */
431, /* "holdInstructionNone" */
433, /* "holdInstructionReject" */
1313, /* "holderNameConstraints" */
486, /* "homePostalAddress" */
473, /* "homeTelephoneNumber" */
466, /* "host" */
Expand Down Expand Up @@ -3323,6 +3388,7 @@ static const unsigned int sn_objs[NUM_SN] = {
676, /* "identified-organization" */
1170, /* "ieee" */
1171, /* "ieee-siswg" */
1305, /* "indirectIssuer" */
461, /* "info" */
748, /* "inhibitAnyPolicy" */
101, /* "initials" */
Expand All @@ -3335,6 +3401,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1022, /* "ipsecIKE" */
295, /* "ipsecTunnel" */
296, /* "ipsecUser" */
1308, /* "issuedOnBehalfOf" */
86, /* "issuerAltName" */
1008, /* "issuerSignTool" */
770, /* "issuingDistributionPoint" */
Expand Down Expand Up @@ -3403,6 +3470,7 @@ static const unsigned int sn_objs[NUM_SN] = {
481, /* "nSRecord" */
173, /* "name" */
666, /* "nameConstraints" */
1306, /* "noAssertion" */
369, /* "noCheck" */
403, /* "noRevAvail" */
72, /* "nsBaseUrl" */
Expand Down Expand Up @@ -3476,6 +3544,7 @@ static const unsigned int sn_objs[NUM_SN] = {
415, /* "prime256v1" */
385, /* "private" */
84, /* "privateKeyUsagePeriod" */
1315, /* "protRestrict" */
886, /* "protocolInformation" */
663, /* "proxyCertInfo" */
510, /* "pseudonym" */
Expand All @@ -3486,6 +3555,7 @@ static const unsigned int sn_objs[NUM_SN] = {
870, /* "registeredAddress" */
400, /* "role" */
877, /* "roleOccupant" */
1296, /* "roleSpecCertIdentifier" */
448, /* "room" */
463, /* "roomNumber" */
1243, /* "rpkiManifest" */
Expand All @@ -3494,6 +3564,7 @@ static const unsigned int sn_objs[NUM_SN] = {
644, /* "rsaOAEPEncryptionSET" */
377, /* "rsaSignature" */
1, /* "rsadsi" */
1302, /* "sOAIdentifier" */
482, /* "sOARecord" */
155, /* "safeContentsBag" */
291, /* "sbgp-autonomousSysNum" */
Expand Down Expand Up @@ -3683,10 +3754,12 @@ static const unsigned int sn_objs[NUM_SN] = {
52, /* "signingTime" */
454, /* "simpleSecurityObject" */
496, /* "singleLevelQuality" */
1309, /* "singleUse" */
1142, /* "sm-scheme" */
387, /* "snmpv2" */
660, /* "street" */
85, /* "subjectAltName" */
1316, /* "subjectAltPublicKeyInfo" */
769, /* "subjectDirectoryAttributes" */
398, /* "subjectInfoAccess" */
82, /* "subjectKeyIdentifier" */
Expand All @@ -3701,6 +3774,7 @@ static const unsigned int sn_objs[NUM_SN] = {
865, /* "telexNumber" */
459, /* "textEncodedORAddress" */
293, /* "textNotice" */
1299, /* "timeSpecification" */
133, /* "timeStamping" */
106, /* "title" */
1020, /* "tlsfeature" */
Expand All @@ -3724,6 +3798,7 @@ static const unsigned int sn_objs[NUM_SN] = {
49, /* "unstructuredName" */
880, /* "userCertificate" */
465, /* "userClass" */
1301, /* "userNotice" */
879, /* "userPassword" */
373, /* "valid" */
678, /* "wap" */
Expand All @@ -3748,7 +3823,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1289, /* "zstd" */
};

#define NUM_LN 1286
#define NUM_LN 1311
static const unsigned int ln_objs[NUM_LN] = {
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
Expand Down Expand Up @@ -3955,29 +4030,54 @@ static const unsigned int ln_objs[NUM_LN] = {
1035, /* "X448" */
12, /* "X509" */
402, /* "X509v3 AC Targeting" */
1303, /* "X509v3 Acceptable Certification Policies" */
1304, /* "X509v3 Acceptable Privilege Policies" */
1311, /* "X509v3 Allowed Attribute Assignments" */
1317, /* "X509v3 Alternative Signature Algorithm" */
1318, /* "X509v3 Alternative Signature Value" */
746, /* "X509v3 Any Policy" */
1319, /* "X509v3 Associated Information" */
1307, /* "X509v3 Attribute Authority Issuing Distribution Point" */
1300, /* "X509v3 Attribute Descriptor" */
1312, /* "X509v3 Attribute Mappings" */
1295, /* "X509v3 Authority Attribute Identifier" */
90, /* "X509v3 Authority Key Identifier" */
1314, /* "X509v3 Authorization Validation" */
1297, /* "X509v3 Basic Attribute Certificate Constraints" */
87, /* "X509v3 Basic Constraints" */
103, /* "X509v3 CRL Distribution Points" */
88, /* "X509v3 CRL Number" */
141, /* "X509v3 CRL Reason Code" */
771, /* "X509v3 Certificate Issuer" */
89, /* "X509v3 Certificate Policies" */
1298, /* "X509v3 Delegated Name Constraints" */
140, /* "X509v3 Delta CRL Indicator" */
126, /* "X509v3 Extended Key Usage" */
857, /* "X509v3 Freshest CRL" */
1310, /* "X509v3 Group Attribute Certificate" */
1313, /* "X509v3 Holder Name Constraints" */
1305, /* "X509v3 Indirect Issuer" */
748, /* "X509v3 Inhibit Any Policy" */
1308, /* "X509v3 Issued On Behalf Of" */
86, /* "X509v3 Issuer Alternative Name" */
770, /* "X509v3 Issuing Distribution Point" */
83, /* "X509v3 Key Usage" */
666, /* "X509v3 Name Constraints" */
1306, /* "X509v3 No Assertion" */
403, /* "X509v3 No Revocation Available" */
401, /* "X509v3 Policy Constraints" */
747, /* "X509v3 Policy Mappings" */
84, /* "X509v3 Private Key Usage Period" */
1315, /* "X509v3 Protocol Restriction" */
1296, /* "X509v3 Role Specification Certificate Identifier" */
1309, /* "X509v3 Single Use" */
1302, /* "X509v3 Source of Authority Identifier" */
85, /* "X509v3 Subject Alternative Name" */
1316, /* "X509v3 Subject Alternative Public Key Info" */
769, /* "X509v3 Subject Directory Attributes" */
82, /* "X509v3 Subject Key Identifier" */
1299, /* "X509v3 Time Specification" */
1301, /* "X509v3 User Notice" */
920, /* "X9.42 DH" */
184, /* "X9.57" */
185, /* "X9.57 CM ?" */
Expand Down Expand Up @@ -5038,7 +5138,7 @@ static const unsigned int ln_objs[NUM_LN] = {
125, /* "zlib compression" */
};

#define NUM_OBJ 1152
#define NUM_OBJ 1177
static const unsigned int obj_objs[NUM_OBJ] = {
0, /* OBJ_undef 0 */
181, /* OBJ_iso 1 */
Expand Down Expand Up @@ -5151,10 +5251,35 @@ static const unsigned int obj_objs[NUM_OBJ] = {
90, /* OBJ_authority_key_identifier 2 5 29 35 */
401, /* OBJ_policy_constraints 2 5 29 36 */
126, /* OBJ_ext_key_usage 2 5 29 37 */
1295, /* OBJ_authority_attribute_identifier 2 5 29 38 */
1296, /* OBJ_role_spec_cert_identifier 2 5 29 39 */
1297, /* OBJ_basic_att_constraints 2 5 29 41 */
1298, /* OBJ_delegated_name_constraints 2 5 29 42 */
1299, /* OBJ_time_specification 2 5 29 43 */
857, /* OBJ_freshest_crl 2 5 29 46 */
1300, /* OBJ_attribute_descriptor 2 5 29 48 */
1301, /* OBJ_user_notice 2 5 29 49 */
1302, /* OBJ_soa_identifier 2 5 29 50 */
1303, /* OBJ_acceptable_cert_policies 2 5 29 52 */
748, /* OBJ_inhibit_any_policy 2 5 29 54 */
402, /* OBJ_target_information 2 5 29 55 */
403, /* OBJ_no_rev_avail 2 5 29 56 */
1304, /* OBJ_acceptable_privilege_policies 2 5 29 57 */
1305, /* OBJ_indirect_issuer 2 5 29 61 */
1306, /* OBJ_no_assertion 2 5 29 62 */
1307, /* OBJ_id_aa_issuing_distribution_point 2 5 29 63 */
1308, /* OBJ_issued_on_behalf_of 2 5 29 64 */
1309, /* OBJ_single_use 2 5 29 65 */
1310, /* OBJ_group_ac 2 5 29 66 */
1311, /* OBJ_allowed_attribute_assignments 2 5 29 67 */
1312, /* OBJ_attribute_mappings 2 5 29 68 */
1313, /* OBJ_holder_name_constraints 2 5 29 69 */
1314, /* OBJ_authorization_validation 2 5 29 70 */
1315, /* OBJ_prot_restrict 2 5 29 71 */
1316, /* OBJ_subject_alt_public_key_info 2 5 29 72 */
1317, /* OBJ_alt_signature_algorithm 2 5 29 73 */
1318, /* OBJ_alt_signature_value 2 5 29 74 */
1319, /* OBJ_associated_information 2 5 29 75 */
513, /* OBJ_set_ctype 2 23 42 0 */
514, /* OBJ_set_msgExt 2 23 42 1 */
515, /* OBJ_set_attr 2 23 42 3 */
Expand Down
25 changes: 25 additions & 0 deletions crypto/objects/obj_mac.num
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1292,3 +1292,28 @@ ms_ntds_obj_sid 1291
ms_ntds_sec_ext 1292
ms_cert_templ 1293
ms_app_policies 1294
authority_attribute_identifier 1295
role_spec_cert_identifier 1296
basic_att_constraints 1297
delegated_name_constraints 1298
time_specification 1299
attribute_descriptor 1300
user_notice 1301
soa_identifier 1302
acceptable_cert_policies 1303
acceptable_privilege_policies 1304
indirect_issuer 1305
no_assertion 1306
id_aa_issuing_distribution_point 1307
issued_on_behalf_of 1308
single_use 1309
group_ac 1310
allowed_attribute_assignments 1311
attribute_mappings 1312
holder_name_constraints 1313
authorization_validation 1314
prot_restrict 1315
subject_alt_public_key_info 1316
alt_signature_algorithm 1317
alt_signature_value 1318
associated_information 1319

0 comments on commit bac2f6d

Please sign in to comment.