summaryrefslogtreecommitdiff
path: root/src/libstrongswan/asn1
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2008-03-30 08:38:54 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2008-03-30 08:38:54 +0000
commit113868f64840631a2b10a2e8987268f2c6566552 (patch)
tree087c05184fd083ca653d1b85bd10c3c51361bb4a /src/libstrongswan/asn1
parentc9e3aaf0657e98bc047486ba87edf1489a39ba94 (diff)
downloadvyos-strongswan-113868f64840631a2b10a2e8987268f2c6566552.tar.gz
vyos-strongswan-113868f64840631a2b10a2e8987268f2c6566552.zip
- New upstream release.
Diffstat (limited to 'src/libstrongswan/asn1')
-rw-r--r--src/libstrongswan/asn1/asn1.c133
-rw-r--r--src/libstrongswan/asn1/asn1.h32
-rw-r--r--src/libstrongswan/asn1/oid.c221
-rw-r--r--src/libstrongswan/asn1/oid.h74
-rw-r--r--src/libstrongswan/asn1/oid.pl8
-rw-r--r--src/libstrongswan/asn1/oid.txt111
6 files changed, 331 insertions, 248 deletions
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 3191c89bd..3f0b829a9 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -1,6 +1,15 @@
-/* Simple ASN.1 parser
- * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
- * Copyright (C) 2006 Martin Will, Hochschule fuer Technik Rapperswil
+/**
+ * @file asn1.c
+ *
+ * @brief Simple ASN.1 parser
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Will
+ * Copyright (C) 2000-2008 Andreas Steffen
+ *
+ * Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -12,7 +21,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: asn1.c 3299 2007-10-12 19:29:00Z andreas $
+ * RCSID $Id: asn1.c 3451 2008-02-05 19:27:05Z andreas $
*/
#include <stdio.h>
@@ -77,6 +86,13 @@ static u_char ASN1_sha512_id_str[] = {
0x05,0x00
};
+static u_char ASN1_md2WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02,
+ 0x05, 0x00
+};
+
static u_char ASN1_md5WithRSA_id_str[] = {
0x30, 0x0D,
0x06, 0x09,
@@ -91,6 +107,27 @@ static u_char ASN1_sha1WithRSA_id_str[] = {
0x05, 0x00
};
+static u_char ASN1_sha256WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
+ 0x05, 0x00
+};
+
+static u_char ASN1_sha384WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C,
+ 0x05, 0x00
+};
+
+static u_char ASN1_sha512WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0D,
+ 0x05, 0x00
+};
+
static u_char ASN1_rsaEncryption_id_str[] = {
0x30, 0x0D,
0x06, 0x09,
@@ -98,15 +135,19 @@ static u_char ASN1_rsaEncryption_id_str[] = {
0x05, 0x00
};
-const chunk_t ASN1_md2_id = chunk_from_buf(ASN1_md2_id_str);
-const chunk_t ASN1_md5_id = chunk_from_buf(ASN1_md5_id_str);
-const chunk_t ASN1_sha1_id = chunk_from_buf(ASN1_sha1_id_str);
-const chunk_t ASN1_sha256_id = chunk_from_buf(ASN1_sha256_id_str);
-const chunk_t ASN1_sha384_id = chunk_from_buf(ASN1_sha384_id_str);
-const chunk_t ASN1_sha512_id = chunk_from_buf(ASN1_sha512_id_str);
-const chunk_t ASN1_rsaEncryption_id = chunk_from_buf(ASN1_rsaEncryption_id_str);
-const chunk_t ASN1_md5WithRSA_id = chunk_from_buf(ASN1_md5WithRSA_id_str);
-const chunk_t ASN1_sha1WithRSA_id = chunk_from_buf(ASN1_sha1WithRSA_id_str);
+static const chunk_t ASN1_md2_id = chunk_from_buf(ASN1_md2_id_str);
+static const chunk_t ASN1_md5_id = chunk_from_buf(ASN1_md5_id_str);
+static const chunk_t ASN1_sha1_id = chunk_from_buf(ASN1_sha1_id_str);
+static const chunk_t ASN1_sha256_id = chunk_from_buf(ASN1_sha256_id_str);
+static const chunk_t ASN1_sha384_id = chunk_from_buf(ASN1_sha384_id_str);
+static const chunk_t ASN1_sha512_id = chunk_from_buf(ASN1_sha512_id_str);
+static const chunk_t ASN1_rsaEncryption_id = chunk_from_buf(ASN1_rsaEncryption_id_str);
+static const chunk_t ASN1_md2WithRSA_id = chunk_from_buf(ASN1_md2WithRSA_id_str);
+static const chunk_t ASN1_md5WithRSA_id = chunk_from_buf(ASN1_md5WithRSA_id_str);
+static const chunk_t ASN1_sha1WithRSA_id = chunk_from_buf(ASN1_sha1WithRSA_id_str);
+static const chunk_t ASN1_sha256WithRSA_id = chunk_from_buf(ASN1_sha256WithRSA_id_str);
+static const chunk_t ASN1_sha384WithRSA_id = chunk_from_buf(ASN1_sha384WithRSA_id_str);
+static const chunk_t ASN1_sha512WithRSA_id = chunk_from_buf(ASN1_sha512WithRSA_id_str);
/* ASN.1 definiton of an algorithmIdentifier */
static const asn1Object_t algorithmIdentifierObjects[] = {
@@ -128,14 +169,30 @@ chunk_t asn1_algorithmIdentifier(int oid)
{
case OID_RSA_ENCRYPTION:
return ASN1_rsaEncryption_id;
+ case OID_MD2_WITH_RSA:
+ return ASN1_md2WithRSA_id;
case OID_MD5_WITH_RSA:
return ASN1_md5WithRSA_id;
case OID_SHA1_WITH_RSA:
return ASN1_sha1WithRSA_id;
+ case OID_SHA256_WITH_RSA:
+ return ASN1_sha256WithRSA_id;
+ case OID_SHA384_WITH_RSA:
+ return ASN1_sha384WithRSA_id;
+ case OID_SHA512_WITH_RSA:
+ return ASN1_sha512WithRSA_id;
+ case OID_MD2:
+ return ASN1_md2_id;
case OID_MD5:
return ASN1_md5_id;
case OID_SHA1:
return ASN1_sha1_id;
+ case OID_SHA256:
+ return ASN1_sha256_id;
+ case OID_SHA384:
+ return ASN1_sha384_id;
+ case OID_SHA512:
+ return ASN1_sha512_id;
default:
return chunk_empty;
}
@@ -620,13 +677,23 @@ bool is_asn1(chunk_t blob)
DBG2(" file content is not binary ASN.1");
return FALSE;
}
+
len = asn1_length(&blob);
- if (len != blob.len)
+
+ /* exact match */
+ if (len == blob.len)
{
- DBG2(" file size does not match ASN.1 coded length");
- return FALSE;
+ return TRUE;
}
- return TRUE;
+
+ /* some websites append a surplus newline character to the blob */
+ if (len + 1 == blob.len && *(blob.ptr + len) == '\n')
+ {
+ return TRUE;
+ }
+
+ DBG2(" file size does not match ASN.1 coded length");
+ return FALSE;
}
/**
@@ -706,6 +773,23 @@ chunk_t asn1_simple_object(asn1_t tag, chunk_t content)
}
/**
+ * Build an ASN.1 BITSTRING object
+ */
+chunk_t asn1_bitstring(const char *mode, chunk_t content)
+{
+ chunk_t object;
+ u_char *pos = build_asn1_object(&object, ASN1_BIT_STRING, 1 + content.len);
+
+ *pos++ = 0x00;
+ memcpy(pos, content.ptr, content.len);
+ if (*mode == 'm')
+ {
+ free(content.ptr);
+ }
+ return object;
+}
+
+/**
* Build an ASN.1 object from a variable number of individual chunks.
* Depending on the mode, chunks either are moved ('m') or copied ('c').
*/
@@ -736,17 +820,12 @@ chunk_t asn1_wrap(asn1_t type, const char *mode, ...)
{
chunk_t ch = va_arg(chunks, chunk_t);
- switch (*mode++)
+ memcpy(pos, ch.ptr, ch.len);
+ pos += ch.len;
+
+ if (*mode++ == 'm')
{
- case 'm':
- memcpy(pos, ch.ptr, ch.len);
- pos += ch.len;
- free(ch.ptr);
- break;
- case 'c':
- default:
- memcpy(pos, ch.ptr, ch.len);
- pos += ch.len;
+ free(ch.ptr);
}
}
va_end(chunks);
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index 18742d18d..d9d85ba44 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -1,6 +1,15 @@
-/* Simple ASN.1 parser
- * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
- * Copyright (C) 2006 Martin Will, Hochschule fuer Technik Rapperswil
+/**
+ * @file asn1.h
+ *
+ * @brief Simple ASN.1 parser
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Will
+ * Copyright (C) 2000-2008 Andreas Steffen
+ *
+ * Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -12,7 +21,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * RCSID $Id: asn1.h 3299 2007-10-12 19:29:00Z andreas $
+ * RCSID $Id: asn1.h 3423 2008-01-22 10:32:37Z andreas $
*/
#ifndef _ASN1_H
@@ -114,19 +123,9 @@ extern const chunk_t ASN1_INTEGER_0;
extern const chunk_t ASN1_INTEGER_1;
extern const chunk_t ASN1_INTEGER_2;
-/* some popular algorithmIdentifiers */
-extern const chunk_t ASN1_md2_id;
-extern const chunk_t ASN1_md5_id;
-extern const chunk_t ASN1_sha1_id;
-extern const chunk_t ASN1_sha256_id;
-extern const chunk_t ASN1_sha384_id;
-extern const chunk_t ASN1_sha512_id;
-
-extern const chunk_t ASN1_rsaEncryption_id;
-extern const chunk_t ASN1_md5WithRSA_id;
-extern const chunk_t ASN1_sha1WithRSA_id;
-
+/* returns some popular algorithmIdentifiers */
extern chunk_t asn1_algorithmIdentifier(int oid);
+
extern int known_oid(chunk_t object);
extern u_int asn1_length(chunk_t *blob);
extern bool is_printablestring(chunk_t str);
@@ -144,6 +143,7 @@ extern void code_asn1_length(size_t length, chunk_t *code);
extern u_char* build_asn1_object(chunk_t *object, asn1_t type, size_t datalen);
extern chunk_t asn1_integer_from_mpz(const mpz_t value);
extern chunk_t asn1_simple_object(asn1_t tag, chunk_t content);
+extern chunk_t asn1_bitstring(const char *mode, chunk_t content);
extern chunk_t asn1_wrap(asn1_t type, const char *mode, ...);
#endif /* _ASN1_H */
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index 28a915433..63896be6b 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -1,5 +1,5 @@
/* List of some useful object identifiers (OIDs)
- * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ * Copyright (C) 2003-2008 Andreas Steffen, Hochschule fuer Technik Rapperswil
*
* This file has been automatically generated by the script oid.pl
* Do not edit manually!
@@ -62,7 +62,7 @@ const oid_t oid_names[] = {
{ 0x25, 50, 0, "extendedKeyUsage" }, /* 49 */
{ 0x37, 51, 0, "targetInformation" }, /* 50 */
{ 0x38, 0, 0, "noRevAvail" }, /* 51 */
- {0x2A, 94, 1, "" }, /* 52 */
+ {0x2A, 95, 1, "" }, /* 52 */
{ 0x86, 0, 1, "" }, /* 53 */
{ 0x48, 0, 1, "" }, /* 54 */
{ 0x86, 0, 1, "" }, /* 55 */
@@ -73,7 +73,7 @@ const oid_t oid_names[] = {
{ 0x00, 0, 0, "entrustVersInfo" }, /* 60 */
{ 0xF7, 0, 1, "" }, /* 61 */
{ 0x0D, 0, 1, "RSADSI" }, /* 62 */
- { 0x01, 89, 1, "PKCS" }, /* 63 */
+ { 0x01, 90, 1, "PKCS" }, /* 63 */
{ 0x01, 72, 1, "PKCS-1" }, /* 64 */
{ 0x01, 66, 0, "rsaEncryption" }, /* 65 */
{ 0x02, 67, 0, "md2WithRSAEncryption" }, /* 66 */
@@ -98,111 +98,112 @@ const oid_t oid_names[] = {
{ 0x06, 86, 0, "counterSignature" }, /* 85 */
{ 0x07, 87, 0, "challengePassword" }, /* 86 */
{ 0x08, 88, 0, "unstructuredAddress" }, /* 87 */
- { 0x0E, 0, 0, "extensionRequest" }, /* 88 */
- { 0x02, 92, 1, "digestAlgorithm" }, /* 89 */
- { 0x02, 91, 0, "md2" }, /* 90 */
- { 0x05, 0, 0, "md5" }, /* 91 */
- { 0x03, 0, 1, "encryptionAlgorithm" }, /* 92 */
- { 0x07, 0, 0, "3des-ede-cbc" }, /* 93 */
- {0x2B, 160, 1, "" }, /* 94 */
- { 0x06, 147, 1, "dod" }, /* 95 */
- { 0x01, 0, 1, "internet" }, /* 96 */
- { 0x04, 115, 1, "private" }, /* 97 */
- { 0x01, 0, 1, "enterprise" }, /* 98 */
- { 0x82, 108, 1, "" }, /* 99 */
- { 0x37, 0, 1, "Microsoft" }, /* 100 */
- { 0x0A, 105, 1, "" }, /* 101 */
- { 0x03, 0, 1, "" }, /* 102 */
- { 0x03, 104, 0, "msSGC" }, /* 103 */
- { 0x04, 0, 0, "msEncryptingFileSystem" }, /* 104 */
- { 0x14, 0, 1, "msEnrollmentInfrastructure"}, /* 105 */
- { 0x02, 0, 1, "msCertificateTypeExtension"}, /* 106 */
- { 0x02, 0, 0, "msSmartcardLogon" }, /* 107 */
- { 0x89, 0, 1, "" }, /* 108 */
- { 0x31, 0, 1, "" }, /* 109 */
- { 0x01, 0, 1, "" }, /* 110 */
- { 0x01, 0, 1, "" }, /* 111 */
- { 0x02, 0, 1, "" }, /* 112 */
- { 0x02, 114, 0, "" }, /* 113 */
- { 0x4B, 0, 0, "TCGID" }, /* 114 */
- { 0x05, 0, 1, "security" }, /* 115 */
- { 0x05, 0, 1, "mechanisms" }, /* 116 */
- { 0x07, 0, 1, "id-pkix" }, /* 117 */
- { 0x01, 120, 1, "id-pe" }, /* 118 */
- { 0x01, 0, 0, "authorityInfoAccess" }, /* 119 */
- { 0x03, 130, 1, "id-kp" }, /* 120 */
- { 0x01, 122, 0, "serverAuth" }, /* 121 */
- { 0x02, 123, 0, "clientAuth" }, /* 122 */
- { 0x03, 124, 0, "codeSigning" }, /* 123 */
- { 0x04, 125, 0, "emailProtection" }, /* 124 */
- { 0x05, 126, 0, "ipsecEndSystem" }, /* 125 */
- { 0x06, 127, 0, "ipsecTunnel" }, /* 126 */
- { 0x07, 128, 0, "ipsecUser" }, /* 127 */
- { 0x08, 129, 0, "timeStamping" }, /* 128 */
- { 0x09, 0, 0, "ocspSigning" }, /* 129 */
- { 0x08, 132, 1, "id-otherNames" }, /* 130 */
- { 0x05, 0, 0, "xmppAddr" }, /* 131 */
- { 0x0A, 137, 1, "id-aca" }, /* 132 */
- { 0x01, 134, 0, "authenticationInfo" }, /* 133 */
- { 0x02, 135, 0, "accessIdentity" }, /* 134 */
- { 0x03, 136, 0, "chargingIdentity" }, /* 135 */
- { 0x04, 0, 0, "group" }, /* 136 */
- { 0x30, 0, 1, "id-ad" }, /* 137 */
- { 0x01, 146, 1, "ocsp" }, /* 138 */
- { 0x01, 140, 0, "basic" }, /* 139 */
- { 0x02, 141, 0, "nonce" }, /* 140 */
- { 0x03, 142, 0, "crl" }, /* 141 */
- { 0x04, 143, 0, "response" }, /* 142 */
- { 0x05, 144, 0, "noCheck" }, /* 143 */
- { 0x06, 145, 0, "archiveCutoff" }, /* 144 */
- { 0x07, 0, 0, "serviceLocator" }, /* 145 */
- { 0x02, 0, 0, "caIssuers" }, /* 146 */
- { 0x0E, 153, 1, "oiw" }, /* 147 */
- { 0x03, 0, 1, "secsig" }, /* 148 */
- { 0x02, 0, 1, "algorithms" }, /* 149 */
- { 0x07, 151, 0, "des-cbc" }, /* 150 */
- { 0x1A, 152, 0, "sha-1" }, /* 151 */
- { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 152 */
- { 0x24, 0, 1, "TeleTrusT" }, /* 153 */
- { 0x03, 0, 1, "algorithm" }, /* 154 */
- { 0x03, 0, 1, "signatureAlgorithm" }, /* 155 */
- { 0x01, 0, 1, "rsaSignature" }, /* 156 */
- { 0x02, 158, 0, "rsaSigWithripemd160" }, /* 157 */
- { 0x03, 159, 0, "rsaSigWithripemd128" }, /* 158 */
- { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 159 */
- {0x60, 0, 1, "" }, /* 160 */
- { 0x86, 0, 1, "" }, /* 161 */
- { 0x48, 0, 1, "" }, /* 162 */
- { 0x01, 0, 1, "organization" }, /* 163 */
- { 0x65, 171, 1, "gov" }, /* 164 */
- { 0x03, 0, 1, "csor" }, /* 165 */
- { 0x04, 0, 1, "nistalgorithm" }, /* 166 */
- { 0x02, 0, 1, "hashalgs" }, /* 167 */
- { 0x01, 169, 0, "id-SHA-256" }, /* 168 */
- { 0x02, 170, 0, "id-SHA-384" }, /* 169 */
- { 0x03, 0, 0, "id-SHA-512" }, /* 170 */
- { 0x86, 0, 1, "" }, /* 171 */
- { 0xf8, 0, 1, "" }, /* 172 */
- { 0x42, 185, 1, "netscape" }, /* 173 */
- { 0x01, 180, 1, "" }, /* 174 */
- { 0x01, 176, 0, "nsCertType" }, /* 175 */
- { 0x03, 177, 0, "nsRevocationUrl" }, /* 176 */
- { 0x04, 178, 0, "nsCaRevocationUrl" }, /* 177 */
- { 0x08, 179, 0, "nsCaPolicyUrl" }, /* 178 */
- { 0x0d, 0, 0, "nsComment" }, /* 179 */
- { 0x03, 183, 1, "directory" }, /* 180 */
- { 0x01, 0, 1, "" }, /* 181 */
- { 0x03, 0, 0, "employeeNumber" }, /* 182 */
- { 0x04, 0, 1, "policy" }, /* 183 */
- { 0x01, 0, 0, "nsSGC" }, /* 184 */
- { 0x45, 0, 1, "verisign" }, /* 185 */
- { 0x01, 0, 1, "pki" }, /* 186 */
- { 0x09, 0, 1, "attributes" }, /* 187 */
- { 0x02, 189, 0, "messageType" }, /* 188 */
- { 0x03, 190, 0, "pkiStatus" }, /* 189 */
- { 0x04, 191, 0, "failInfo" }, /* 190 */
- { 0x05, 192, 0, "senderNonce" }, /* 191 */
- { 0x06, 193, 0, "recipientNonce" }, /* 192 */
- { 0x07, 194, 0, "transID" }, /* 193 */
- { 0x08, 0, 0, "extensionReq" } /* 194 */
+ { 0x0E, 89, 0, "extensionRequest" }, /* 88 */
+ { 0x0F, 0, 0, "S/MIME Capabilities" }, /* 89 */
+ { 0x02, 93, 1, "digestAlgorithm" }, /* 90 */
+ { 0x02, 92, 0, "md2" }, /* 91 */
+ { 0x05, 0, 0, "md5" }, /* 92 */
+ { 0x03, 0, 1, "encryptionAlgorithm" }, /* 93 */
+ { 0x07, 0, 0, "3des-ede-cbc" }, /* 94 */
+ {0x2B, 161, 1, "" }, /* 95 */
+ { 0x06, 148, 1, "dod" }, /* 96 */
+ { 0x01, 0, 1, "internet" }, /* 97 */
+ { 0x04, 116, 1, "private" }, /* 98 */
+ { 0x01, 0, 1, "enterprise" }, /* 99 */
+ { 0x82, 109, 1, "" }, /* 100 */
+ { 0x37, 0, 1, "Microsoft" }, /* 101 */
+ { 0x0A, 106, 1, "" }, /* 102 */
+ { 0x03, 0, 1, "" }, /* 103 */
+ { 0x03, 105, 0, "msSGC" }, /* 104 */
+ { 0x04, 0, 0, "msEncryptingFileSystem" }, /* 105 */
+ { 0x14, 0, 1, "msEnrollmentInfrastructure"}, /* 106 */
+ { 0x02, 0, 1, "msCertificateTypeExtension"}, /* 107 */
+ { 0x02, 0, 0, "msSmartcardLogon" }, /* 108 */
+ { 0x89, 0, 1, "" }, /* 109 */
+ { 0x31, 0, 1, "" }, /* 110 */
+ { 0x01, 0, 1, "" }, /* 111 */
+ { 0x01, 0, 1, "" }, /* 112 */
+ { 0x02, 0, 1, "" }, /* 113 */
+ { 0x02, 115, 0, "" }, /* 114 */
+ { 0x4B, 0, 0, "TCGID" }, /* 115 */
+ { 0x05, 0, 1, "security" }, /* 116 */
+ { 0x05, 0, 1, "mechanisms" }, /* 117 */
+ { 0x07, 0, 1, "id-pkix" }, /* 118 */
+ { 0x01, 121, 1, "id-pe" }, /* 119 */
+ { 0x01, 0, 0, "authorityInfoAccess" }, /* 120 */
+ { 0x03, 131, 1, "id-kp" }, /* 121 */
+ { 0x01, 123, 0, "serverAuth" }, /* 122 */
+ { 0x02, 124, 0, "clientAuth" }, /* 123 */
+ { 0x03, 125, 0, "codeSigning" }, /* 124 */
+ { 0x04, 126, 0, "emailProtection" }, /* 125 */
+ { 0x05, 127, 0, "ipsecEndSystem" }, /* 126 */
+ { 0x06, 128, 0, "ipsecTunnel" }, /* 127 */
+ { 0x07, 129, 0, "ipsecUser" }, /* 128 */
+ { 0x08, 130, 0, "timeStamping" }, /* 129 */
+ { 0x09, 0, 0, "ocspSigning" }, /* 130 */
+ { 0x08, 133, 1, "id-otherNames" }, /* 131 */
+ { 0x05, 0, 0, "xmppAddr" }, /* 132 */
+ { 0x0A, 138, 1, "id-aca" }, /* 133 */
+ { 0x01, 135, 0, "authenticationInfo" }, /* 134 */
+ { 0x02, 136, 0, "accessIdentity" }, /* 135 */
+ { 0x03, 137, 0, "chargingIdentity" }, /* 136 */
+ { 0x04, 0, 0, "group" }, /* 137 */
+ { 0x30, 0, 1, "id-ad" }, /* 138 */
+ { 0x01, 147, 1, "ocsp" }, /* 139 */
+ { 0x01, 141, 0, "basic" }, /* 140 */
+ { 0x02, 142, 0, "nonce" }, /* 141 */
+ { 0x03, 143, 0, "crl" }, /* 142 */
+ { 0x04, 144, 0, "response" }, /* 143 */
+ { 0x05, 145, 0, "noCheck" }, /* 144 */
+ { 0x06, 146, 0, "archiveCutoff" }, /* 145 */
+ { 0x07, 0, 0, "serviceLocator" }, /* 146 */
+ { 0x02, 0, 0, "caIssuers" }, /* 147 */
+ { 0x0E, 154, 1, "oiw" }, /* 148 */
+ { 0x03, 0, 1, "secsig" }, /* 149 */
+ { 0x02, 0, 1, "algorithms" }, /* 150 */
+ { 0x07, 152, 0, "des-cbc" }, /* 151 */
+ { 0x1A, 153, 0, "sha-1" }, /* 152 */
+ { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 153 */
+ { 0x24, 0, 1, "TeleTrusT" }, /* 154 */
+ { 0x03, 0, 1, "algorithm" }, /* 155 */
+ { 0x03, 0, 1, "signatureAlgorithm" }, /* 156 */
+ { 0x01, 0, 1, "rsaSignature" }, /* 157 */
+ { 0x02, 159, 0, "rsaSigWithripemd160" }, /* 158 */
+ { 0x03, 160, 0, "rsaSigWithripemd128" }, /* 159 */
+ { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 160 */
+ {0x60, 0, 1, "" }, /* 161 */
+ { 0x86, 0, 1, "" }, /* 162 */
+ { 0x48, 0, 1, "" }, /* 163 */
+ { 0x01, 0, 1, "organization" }, /* 164 */
+ { 0x65, 172, 1, "gov" }, /* 165 */
+ { 0x03, 0, 1, "csor" }, /* 166 */
+ { 0x04, 0, 1, "nistalgorithm" }, /* 167 */
+ { 0x02, 0, 1, "hashalgs" }, /* 168 */
+ { 0x01, 170, 0, "id-SHA-256" }, /* 169 */
+ { 0x02, 171, 0, "id-SHA-384" }, /* 170 */
+ { 0x03, 0, 0, "id-SHA-512" }, /* 171 */
+ { 0x86, 0, 1, "" }, /* 172 */
+ { 0xf8, 0, 1, "" }, /* 173 */
+ { 0x42, 186, 1, "netscape" }, /* 174 */
+ { 0x01, 181, 1, "" }, /* 175 */
+ { 0x01, 177, 0, "nsCertType" }, /* 176 */
+ { 0x03, 178, 0, "nsRevocationUrl" }, /* 177 */
+ { 0x04, 179, 0, "nsCaRevocationUrl" }, /* 178 */
+ { 0x08, 180, 0, "nsCaPolicyUrl" }, /* 179 */
+ { 0x0d, 0, 0, "nsComment" }, /* 180 */
+ { 0x03, 184, 1, "directory" }, /* 181 */
+ { 0x01, 0, 1, "" }, /* 182 */
+ { 0x03, 0, 0, "employeeNumber" }, /* 183 */
+ { 0x04, 0, 1, "policy" }, /* 184 */
+ { 0x01, 0, 0, "nsSGC" }, /* 185 */
+ { 0x45, 0, 1, "verisign" }, /* 186 */
+ { 0x01, 0, 1, "pki" }, /* 187 */
+ { 0x09, 0, 1, "attributes" }, /* 188 */
+ { 0x02, 190, 0, "messageType" }, /* 189 */
+ { 0x03, 191, 0, "pkiStatus" }, /* 190 */
+ { 0x04, 192, 0, "failInfo" }, /* 191 */
+ { 0x05, 193, 0, "senderNonce" }, /* 192 */
+ { 0x06, 194, 0, "recipientNonce" }, /* 193 */
+ { 0x07, 195, 0, "transID" }, /* 194 */
+ { 0x08, 0, 0, "extensionReq" } /* 195 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 5814a3ba0..9980221ab 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -1,5 +1,5 @@
/* Object identifiers (OIDs) used by FreeS/WAN
- * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ * Copyright (C) 2003-2008 Andreas Steffen, Hochschule fuer Technik Rapperswil
*
* This file has been automatically generated by the script oid.pl
* Do not edit manually!
@@ -17,7 +17,7 @@ typedef struct {
extern const oid_t oid_names[];
-#define OID_UNKNOWN -1
+#define OID_UNKNOWN -1
#define OID_ROLE 35
#define OID_SUBJECT_KEY_ID 38
#define OID_SUBJECT_ALT_NAME 41
@@ -46,40 +46,40 @@ extern const oid_t oid_names[];
#define OID_PKCS9_CONTENT_TYPE 82
#define OID_PKCS9_MESSAGE_DIGEST 83
#define OID_PKCS9_SIGNING_TIME 84
-#define OID_MD2 90
-#define OID_MD5 91
-#define OID_3DES_EDE_CBC 93
-#define OID_AUTHORITY_INFO_ACCESS 119
-#define OID_OCSP_SIGNING 129
-#define OID_XMPP_ADDR 131
-#define OID_AUTHENTICATION_INFO 133
-#define OID_ACCESS_IDENTITY 134
-#define OID_CHARGING_IDENTITY 135
-#define OID_GROUP 136
-#define OID_OCSP 138
-#define OID_BASIC 139
-#define OID_NONCE 140
-#define OID_CRL 141
-#define OID_RESPONSE 142
-#define OID_NO_CHECK 143
-#define OID_ARCHIVE_CUTOFF 144
-#define OID_SERVICE_LOCATOR 145
-#define OID_CA_ISSUERS 146
-#define OID_DES_CBC 150
-#define OID_SHA1 151
-#define OID_SHA1_WITH_RSA_OIW 152
-#define OID_SHA256 168
-#define OID_SHA384 169
-#define OID_SHA512 170
-#define OID_NS_REVOCATION_URL 176
-#define OID_NS_CA_REVOCATION_URL 177
-#define OID_NS_CA_POLICY_URL 178
-#define OID_NS_COMMENT 179
-#define OID_PKI_MESSAGE_TYPE 188
-#define OID_PKI_STATUS 189
-#define OID_PKI_FAIL_INFO 190
-#define OID_PKI_SENDER_NONCE 191
-#define OID_PKI_RECIPIENT_NONCE 192
-#define OID_PKI_TRANS_ID 193
+#define OID_MD2 91
+#define OID_MD5 92
+#define OID_3DES_EDE_CBC 94
+#define OID_AUTHORITY_INFO_ACCESS 120
+#define OID_OCSP_SIGNING 130
+#define OID_XMPP_ADDR 132
+#define OID_AUTHENTICATION_INFO 134
+#define OID_ACCESS_IDENTITY 135
+#define OID_CHARGING_IDENTITY 136
+#define OID_GROUP 137
+#define OID_OCSP 139
+#define OID_BASIC 140
+#define OID_NONCE 141
+#define OID_CRL 142
+#define OID_RESPONSE 143
+#define OID_NO_CHECK 144
+#define OID_ARCHIVE_CUTOFF 145
+#define OID_SERVICE_LOCATOR 146
+#define OID_CA_ISSUERS 147
+#define OID_DES_CBC 151
+#define OID_SHA1 152
+#define OID_SHA1_WITH_RSA_OIW 153
+#define OID_SHA256 169
+#define OID_SHA384 170
+#define OID_SHA512 171
+#define OID_NS_REVOCATION_URL 177
+#define OID_NS_CA_REVOCATION_URL 178
+#define OID_NS_CA_POLICY_URL 179
+#define OID_NS_COMMENT 180
+#define OID_PKI_MESSAGE_TYPE 189
+#define OID_PKI_STATUS 190
+#define OID_PKI_FAIL_INFO 191
+#define OID_PKI_SENDER_NONCE 192
+#define OID_PKI_RECIPIENT_NONCE 193
+#define OID_PKI_TRANS_ID 194
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.pl b/src/libstrongswan/asn1/oid.pl
index 5db619755..04030d3ee 100644
--- a/src/libstrongswan/asn1/oid.pl
+++ b/src/libstrongswan/asn1/oid.pl
@@ -1,6 +1,8 @@
#!/usr/bin/perl
# Generates oid.h and oid.c out of oid.txt
-# Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+#
+# Copyright (C) 2003-2008 Andreas Steffen
+# Hochschule fuer Technik Rapperswil
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
@@ -13,7 +15,7 @@
# for more details.
#
-$copyright="Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur";
+$copyright="Copyright (C) 2003-2008 Andreas Steffen, Hochschule fuer Technik Rapperswil";
$automatic="This file has been automatically generated by the script oid.pl";
$warning="Do not edit manually!";
@@ -41,7 +43,7 @@ print OID_H "/* Object identifiers (OIDs) used by FreeS/WAN\n",
"\n",
"extern const oid_t oid_names[];\n",
"\n",
- "#define OID_UNKNOWN -1\n";
+ "#define OID_UNKNOWN -1\n";
# parse oid.txt
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index 6ae2dc29a..e6dede287 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -33,23 +33,23 @@
0x2A "G"
0x2B "I"
0x2D "ID"
- 0x48 "role" OID_ROLE
+ 0x48 "role" OID_ROLE
0x1D "id-ce"
0x09 "subjectDirectoryAttrs"
- 0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID
+ 0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID
0x0F "keyUsage"
0x10 "privateKeyUsagePeriod"
- 0x11 "subjectAltName" OID_SUBJECT_ALT_NAME
+ 0x11 "subjectAltName" OID_SUBJECT_ALT_NAME
0x12 "issuerAltName"
- 0x13 "basicConstraints" OID_BASIC_CONSTRAINTS
- 0x14 "crlNumber" OID_CRL_NUMBER
- 0x15 "reasonCode" OID_CRL_REASON_CODE
+ 0x13 "basicConstraints" OID_BASIC_CONSTRAINTS
+ 0x14 "crlNumber" OID_CRL_NUMBER
+ 0x15 "reasonCode" OID_CRL_REASON_CODE
0x1F "crlDistributionPoints" OID_CRL_DISTRIBUTION_POINTS
0x20 "certificatePolicies"
0x23 "authorityKeyIdentifier" OID_AUTHORITY_KEY_ID
- 0x25 "extendedKeyUsage" OID_EXTENDED_KEY_USAGE
- 0x37 "targetInformation" OID_TARGET_INFORMATION
- 0x38 "noRevAvail" OID_NO_REV_AVAIL
+ 0x25 "extendedKeyUsage" OID_EXTENDED_KEY_USAGE
+ 0x37 "targetInformation" OID_TARGET_INFORMATION
+ 0x38 "noRevAvail" OID_NO_REV_AVAIL
0x2A ""
0x86 ""
0x48 ""
@@ -63,35 +63,36 @@
0x0D "RSADSI"
0x01 "PKCS"
0x01 "PKCS-1"
- 0x01 "rsaEncryption" OID_RSA_ENCRYPTION
- 0x02 "md2WithRSAEncryption" OID_MD2_WITH_RSA
- 0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA
+ 0x01 "rsaEncryption" OID_RSA_ENCRYPTION
+ 0x02 "md2WithRSAEncryption" OID_MD2_WITH_RSA
+ 0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA
0x05 "sha-1WithRSAEncryption" OID_SHA1_WITH_RSA
0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA
0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA
0x0D "sha512WithRSAEncryption" OID_SHA512_WITH_RSA
0x07 "PKCS-7"
- 0x01 "data" OID_PKCS7_DATA
- 0x02 "signedData" OID_PKCS7_SIGNED_DATA
- 0x03 "envelopedData" OID_PKCS7_ENVELOPED_DATA
+ 0x01 "data" OID_PKCS7_DATA
+ 0x02 "signedData" OID_PKCS7_SIGNED_DATA
+ 0x03 "envelopedData" OID_PKCS7_ENVELOPED_DATA
0x04 "signedAndEnvelopedData" OID_PKCS7_SIGNED_ENVELOPED_DATA
- 0x05 "digestedData" OID_PKCS7_DIGESTED_DATA
- 0x06 "encryptedData" OID_PKCS7_ENCRYPTED_DATA
+ 0x05 "digestedData" OID_PKCS7_DIGESTED_DATA
+ 0x06 "encryptedData" OID_PKCS7_ENCRYPTED_DATA
0x09 "PKCS-9"
- 0x01 "E" OID_PKCS9_EMAIL
+ 0x01 "E" OID_PKCS9_EMAIL
0x02 "unstructuredName"
- 0x03 "contentType" OID_PKCS9_CONTENT_TYPE
- 0x04 "messageDigest" OID_PKCS9_MESSAGE_DIGEST
- 0x05 "signingTime" OID_PKCS9_SIGNING_TIME
+ 0x03 "contentType" OID_PKCS9_CONTENT_TYPE
+ 0x04 "messageDigest" OID_PKCS9_MESSAGE_DIGEST
+ 0x05 "signingTime" OID_PKCS9_SIGNING_TIME
0x06 "counterSignature"
0x07 "challengePassword"
0x08 "unstructuredAddress"
0x0E "extensionRequest"
+ 0x0F "S/MIME Capabilities"
0x02 "digestAlgorithm"
- 0x02 "md2" OID_MD2
- 0x05 "md5" OID_MD5
+ 0x02 "md2" OID_MD2
+ 0x05 "md5" OID_MD5
0x03 "encryptionAlgorithm"
- 0x07 "3des-ede-cbc" OID_3DES_EDE_CBC
+ 0x07 "3des-ede-cbc" OID_3DES_EDE_CBC
0x2B ""
0x06 "dod"
0x01 "internet"
@@ -117,7 +118,7 @@
0x05 "mechanisms"
0x07 "id-pkix"
0x01 "id-pe"
- 0x01 "authorityInfoAccess" OID_AUTHORITY_INFO_ACCESS
+ 0x01 "authorityInfoAccess" OID_AUTHORITY_INFO_ACCESS
0x03 "id-kp"
0x01 "serverAuth"
0x02 "clientAuth"
@@ -127,29 +128,29 @@
0x06 "ipsecTunnel"
0x07 "ipsecUser"
0x08 "timeStamping"
- 0x09 "ocspSigning" OID_OCSP_SIGNING
+ 0x09 "ocspSigning" OID_OCSP_SIGNING
0x08 "id-otherNames"
- 0x05 "xmppAddr" OID_XMPP_ADDR
+ 0x05 "xmppAddr" OID_XMPP_ADDR
0x0A "id-aca"
- 0x01 "authenticationInfo" OID_AUTHENTICATION_INFO
- 0x02 "accessIdentity" OID_ACCESS_IDENTITY
- 0x03 "chargingIdentity" OID_CHARGING_IDENTITY
- 0x04 "group" OID_GROUP
+ 0x01 "authenticationInfo" OID_AUTHENTICATION_INFO
+ 0x02 "accessIdentity" OID_ACCESS_IDENTITY
+ 0x03 "chargingIdentity" OID_CHARGING_IDENTITY
+ 0x04 "group" OID_GROUP
0x30 "id-ad"
- 0x01 "ocsp" OID_OCSP
- 0x01 "basic" OID_BASIC
- 0x02 "nonce" OID_NONCE
- 0x03 "crl" OID_CRL
- 0x04 "response" OID_RESPONSE
- 0x05 "noCheck" OID_NO_CHECK
- 0x06 "archiveCutoff" OID_ARCHIVE_CUTOFF
- 0x07 "serviceLocator" OID_SERVICE_LOCATOR
- 0x02 "caIssuers" OID_CA_ISSUERS
+ 0x01 "ocsp" OID_OCSP
+ 0x01 "basic" OID_BASIC
+ 0x02 "nonce" OID_NONCE
+ 0x03 "crl" OID_CRL
+ 0x04 "response" OID_RESPONSE
+ 0x05 "noCheck" OID_NO_CHECK
+ 0x06 "archiveCutoff" OID_ARCHIVE_CUTOFF
+ 0x07 "serviceLocator" OID_SERVICE_LOCATOR
+ 0x02 "caIssuers" OID_CA_ISSUERS
0x0E "oiw"
0x03 "secsig"
0x02 "algorithms"
- 0x07 "des-cbc" OID_DES_CBC
- 0x1A "sha-1" OID_SHA1
+ 0x07 "des-cbc" OID_DES_CBC
+ 0x1A "sha-1" OID_SHA1
0x1D "sha-1WithRSASignature" OID_SHA1_WITH_RSA_OIW
0x24 "TeleTrusT"
0x03 "algorithm"
@@ -166,18 +167,18 @@
0x03 "csor"
0x04 "nistalgorithm"
0x02 "hashalgs"
- 0x01 "id-SHA-256" OID_SHA256
- 0x02 "id-SHA-384" OID_SHA384
- 0x03 "id-SHA-512" OID_SHA512
+ 0x01 "id-SHA-256" OID_SHA256
+ 0x02 "id-SHA-384" OID_SHA384
+ 0x03 "id-SHA-512" OID_SHA512
0x86 ""
0xf8 ""
0x42 "netscape"
0x01 ""
0x01 "nsCertType"
- 0x03 "nsRevocationUrl" OID_NS_REVOCATION_URL
- 0x04 "nsCaRevocationUrl" OID_NS_CA_REVOCATION_URL
- 0x08 "nsCaPolicyUrl" OID_NS_CA_POLICY_URL
- 0x0d "nsComment" OID_NS_COMMENT
+ 0x03 "nsRevocationUrl" OID_NS_REVOCATION_URL
+ 0x04 "nsCaRevocationUrl" OID_NS_CA_REVOCATION_URL
+ 0x08 "nsCaPolicyUrl" OID_NS_CA_POLICY_URL
+ 0x0d "nsComment" OID_NS_COMMENT
0x03 "directory"
0x01 ""
0x03 "employeeNumber"
@@ -186,10 +187,10 @@
0x45 "verisign"
0x01 "pki"
0x09 "attributes"
- 0x02 "messageType" OID_PKI_MESSAGE_TYPE
- 0x03 "pkiStatus" OID_PKI_STATUS
- 0x04 "failInfo" OID_PKI_FAIL_INFO
- 0x05 "senderNonce" OID_PKI_SENDER_NONCE
- 0x06 "recipientNonce" OID_PKI_RECIPIENT_NONCE
- 0x07 "transID" OID_PKI_TRANS_ID
+ 0x02 "messageType" OID_PKI_MESSAGE_TYPE
+ 0x03 "pkiStatus" OID_PKI_STATUS
+ 0x04 "failInfo" OID_PKI_FAIL_INFO
+ 0x05 "senderNonce" OID_PKI_SENDER_NONCE
+ 0x06 "recipientNonce" OID_PKI_RECIPIENT_NONCE
+ 0x07 "transID" OID_PKI_TRANS_ID
0x08 "extensionReq"
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 17:07:18 +0000