From fdc83a7c50a0681c309e2249a43d7a21080c4265 Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Fri, 15 Sep 2017 12:21:21 -0400 Subject: [PATCH] added cmcCA and cmcRA as per rfc6402, capitalized per RFC7030 author Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/4378) --- crypto/objects/obj_dat.h | 20 +++++++++++++++----- crypto/objects/obj_mac.num | 2 ++ crypto/objects/objects.txt | 4 +++- include/openssl/obj_mac.h | 10 ++++++++++ 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index dfb979e45a..471202f0b6 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7222] = { +static const unsigned char so[7238] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1016,9 +1016,11 @@ static const unsigned char so[7222] = { 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x22, /* [ 7194] OBJ_aria_128_gcm */ 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x23, /* [ 7203] OBJ_aria_192_gcm */ 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x24, /* [ 7212] OBJ_aria_256_gcm */ + 0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x1B, /* [ 7221] OBJ_cmcCA */ + 0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x1C, /* [ 7229] OBJ_cmcRA */ }; -#define NUM_NID 1131 +#define NUM_NID 1133 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2151,9 +2153,11 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"ffdhe4096", "ffdhe4096", NID_ffdhe4096}, {"ffdhe6144", "ffdhe6144", NID_ffdhe6144}, {"ffdhe8192", "ffdhe8192", NID_ffdhe8192}, + {"cmcCA", "CMC Certificate Authority", NID_cmcCA, 8, &so[7221]}, + {"cmcRA", "CMC Registration Authority", NID_cmcRA, 8, &so[7229]}, }; -#define NUM_SN 1122 +#define NUM_SN 1124 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2506,6 +2510,8 @@ static const unsigned int sn_objs[NUM_SN] = { 407, /* "characteristic-two-field" */ 395, /* "clearance" */ 130, /* "clientAuth" */ + 1131, /* "cmcCA" */ + 1132, /* "cmcRA" */ 131, /* "codeSigning" */ 50, /* "contentType" */ 53, /* "countersignature" */ @@ -3279,7 +3285,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1122 +#define NUM_LN 1124 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3291,6 +3297,8 @@ static const unsigned int ln_objs[NUM_LN] = { 285, /* "Biometric Info" */ 179, /* "CA Issuers" */ 785, /* "CA Repository" */ + 1131, /* "CMC Certificate Authority" */ + 1132, /* "CMC Registration Authority" */ 954, /* "CT Certificate SCTs" */ 952, /* "CT Precertificate Poison" */ 951, /* "CT Precertificate SCTs" */ @@ -4405,7 +4413,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1011 +#define NUM_OBJ 1013 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -4982,6 +4990,8 @@ static const unsigned int obj_objs[NUM_OBJ] = { 1028, /* OBJ_sendProxiedRouter 1 3 6 1 5 5 7 3 24 */ 1029, /* OBJ_sendOwner 1 3 6 1 5 5 7 3 25 */ 1030, /* OBJ_sendProxiedOwner 1 3 6 1 5 5 7 3 26 */ + 1131, /* OBJ_cmcCA 1 3 6 1 5 5 7 3 27 */ + 1132, /* OBJ_cmcRA 1 3 6 1 5 5 7 3 28 */ 298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */ 299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */ 300, /* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index fc6df4baf4..26495f2a05 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1128,3 +1128,5 @@ ffdhe3072 1127 ffdhe4096 1128 ffdhe6144 1129 ffdhe8192 1130 +cmcCA 1131 +cmcRA 1132 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 24cbeeb8af..9aecacf625 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -516,6 +516,8 @@ id-kp 23 : sendRouter : Send Router id-kp 24 : sendProxiedRouter : Send Proxied Router id-kp 25 : sendOwner : Send Owner id-kp 26 : sendProxiedOwner : Send Proxied Owner +id-kp 27 : cmcCA : CMC Certificate Authority +id-kp 28 : cmcRA : CMC Registration Authority # CMP information types id-it 1 : id-it-caProtEncCert @@ -579,7 +581,7 @@ id-cmc 19 : id-cmc-responseInfo id-cmc 21 : id-cmc-queryPending id-cmc 22 : id-cmc-popLinkRandom id-cmc 23 : id-cmc-popLinkWitness -id-cmc 24 : id-cmc-confirmCertAcceptance +id-cmc 24 : id-cmc-confirmCertAcceptance # other names id-on 1 : id-on-personalData diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 7d8637464e..58c44f02f5 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -1572,6 +1572,16 @@ #define NID_sendProxiedOwner 1030 #define OBJ_sendProxiedOwner OBJ_id_kp,26L +#define SN_cmcCA "cmcCA" +#define LN_cmcCA "CMC Certificate Authority" +#define NID_cmcCA 1131 +#define OBJ_cmcCA OBJ_id_kp,27L + +#define SN_cmcRA "cmcRA" +#define LN_cmcRA "CMC Registration Authority" +#define NID_cmcRA 1132 +#define OBJ_cmcRA OBJ_id_kp,28L + #define SN_id_it_caProtEncCert "id-it-caProtEncCert" #define NID_id_it_caProtEncCert 298 #define OBJ_id_it_caProtEncCert OBJ_id_it,1L