summaryrefslogtreecommitdiff
path: root/src/libstrongswan/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/asn1')
-rw-r--r--src/libstrongswan/asn1/asn1.c72
-rw-r--r--src/libstrongswan/asn1/asn1.h13
-rw-r--r--src/libstrongswan/asn1/oid.c440
-rw-r--r--src/libstrongswan/asn1/oid.h245
-rw-r--r--src/libstrongswan/asn1/oid.txt6
5 files changed, 429 insertions, 347 deletions
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index d2078cbbc..ec46b165b 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -260,25 +260,32 @@ size_t asn1_length(chunk_t *blob)
u_char n;
size_t len;
- /* advance from tag field on to length field */
- blob->ptr++;
- blob->len--;
+ if (blob->len < 2)
+ {
+ DBG2("insufficient number of octets to parse ASN.1 length");
+ return ASN1_INVALID_LENGTH;
+ }
- /* read first octet of length field */
- n = *blob->ptr++;
- blob->len--;
+ /* read length field, skip tag and length */
+ n = blob->ptr[1];
+ *blob = chunk_skip(*blob, 2);
if ((n & 0x80) == 0)
- {/* single length octet */
+ { /* single length octet */
+ if (n > blob->len)
+ {
+ DBG2("length is larger than remaining blob size");
+ return ASN1_INVALID_LENGTH;
+ }
return n;
}
/* composite length, determine number of length octets */
n &= 0x7f;
- if (n > blob->len)
+ if (n == 0 || n > blob->len)
{
- DBG2("number of length octets is larger than ASN.1 object");
+ DBG2("number of length octets invalid");
return ASN1_INVALID_LENGTH;
}
@@ -304,6 +311,53 @@ size_t asn1_length(chunk_t *blob)
return len;
}
+/*
+ * See header.
+ */
+int asn1_unwrap(chunk_t *blob, chunk_t *inner)
+{
+ chunk_t res;
+ u_char len;
+ int type;
+
+ if (blob->len < 2)
+ {
+ return ASN1_INVALID;
+ }
+ type = blob->ptr[0];
+ len = blob->ptr[1];
+ *blob = chunk_skip(*blob, 2);
+
+ if ((len & 0x80) == 0)
+ { /* single length octet */
+ res.len = len;
+ }
+ else
+ { /* composite length, determine number of length octets */
+ len &= 0x7f;
+ if (len == 0 || len > sizeof(res.len))
+ {
+ return ASN1_INVALID;
+ }
+ res.len = 0;
+ while (len-- > 0)
+ {
+ res.len = 256 * res.len + blob->ptr[0];
+ *blob = chunk_skip(*blob, 1);
+ }
+ }
+ if (res.len > blob->len)
+ {
+ return ASN1_INVALID;
+ }
+ res.ptr = blob->ptr;
+ *blob = chunk_skip(*blob, res.len);
+ /* updating inner not before we are finished allows a caller to pass
+ * blob = inner */
+ *inner = res;
+ return type;
+}
+
#define TIME_MAX 0x7fffffff
static const int days[] = { 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 };
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index 6a2b594c0..8072d62d6 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -74,7 +74,9 @@ typedef enum {
ASN1_CONTEXT_C_2 = 0xA2,
ASN1_CONTEXT_C_3 = 0xA3,
ASN1_CONTEXT_C_4 = 0xA4,
- ASN1_CONTEXT_C_5 = 0xA5
+ ASN1_CONTEXT_C_5 = 0xA5,
+
+ ASN1_INVALID = 0x100,
} asn1_t;
#define ASN1_INVALID_LENGTH 0xffffffff
@@ -123,6 +125,15 @@ chunk_t asn1_build_known_oid(int n);
size_t asn1_length(chunk_t *blob);
/**
+ * Unwrap the inner content of an ASN.1 type/length wrapped object.
+ *
+ * @param blob blob to parse header from, moved behind parsed content
+ * @param content inner content
+ * @return parsed type, ASN1_INVALID if length parsing failed
+ */
+int asn1_unwrap(chunk_t *blob, chunk_t *content);
+
+/**
* Parses an ASN.1 algorithmIdentifier object
*
* @param blob ASN.1 coded blob
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index 53657b514..391d65e89 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -62,7 +62,7 @@ const oid_t oid_names[] = {
{ 0x25, 50, 0, 2, "extendedKeyUsage" }, /* 49 */
{ 0x37, 51, 0, 2, "targetInformation" }, /* 50 */
{ 0x38, 0, 0, 2, "noRevAvail" }, /* 51 */
- {0x2A, 143, 1, 0, "" }, /* 52 */
+ {0x2A, 149, 1, 0, "" }, /* 52 */
{ 0x83, 65, 1, 1, "" }, /* 53 */
{ 0x08, 0, 1, 2, "jp" }, /* 54 */
{ 0x8C, 0, 1, 3, "" }, /* 55 */
@@ -77,7 +77,7 @@ const oid_t oid_names[] = {
{ 0x04, 0, 0, 10, "camellia256-cbc" }, /* 64 */
{ 0x86, 0, 1, 1, "" }, /* 65 */
{ 0x48, 0, 1, 2, "us" }, /* 66 */
- { 0x86, 107, 1, 3, "" }, /* 67 */
+ { 0x86, 108, 1, 3, "" }, /* 67 */
{ 0xF6, 73, 1, 4, "" }, /* 68 */
{ 0x7D, 0, 1, 5, "NortelNetworks" }, /* 69 */
{ 0x07, 0, 1, 6, "Entrust" }, /* 70 */
@@ -85,225 +85,231 @@ const oid_t oid_names[] = {
{ 0x00, 0, 0, 8, "entrustVersInfo" }, /* 72 */
{ 0xF7, 0, 1, 4, "" }, /* 73 */
{ 0x0D, 0, 1, 5, "RSADSI" }, /* 74 */
- { 0x01, 102, 1, 6, "PKCS" }, /* 75 */
- { 0x01, 84, 1, 7, "PKCS-1" }, /* 76 */
+ { 0x01, 103, 1, 6, "PKCS" }, /* 75 */
+ { 0x01, 85, 1, 7, "PKCS-1" }, /* 76 */
{ 0x01, 78, 0, 8, "rsaEncryption" }, /* 77 */
{ 0x02, 79, 0, 8, "md2WithRSAEncryption" }, /* 78 */
{ 0x04, 80, 0, 8, "md5WithRSAEncryption" }, /* 79 */
{ 0x05, 81, 0, 8, "sha-1WithRSAEncryption" }, /* 80 */
{ 0x0B, 82, 0, 8, "sha256WithRSAEncryption" }, /* 81 */
{ 0x0C, 83, 0, 8, "sha384WithRSAEncryption" }, /* 82 */
- { 0x0D, 0, 0, 8, "sha512WithRSAEncryption" }, /* 83 */
- { 0x07, 91, 1, 7, "PKCS-7" }, /* 84 */
- { 0x01, 86, 0, 8, "data" }, /* 85 */
- { 0x02, 87, 0, 8, "signedData" }, /* 86 */
- { 0x03, 88, 0, 8, "envelopedData" }, /* 87 */
- { 0x04, 89, 0, 8, "signedAndEnvelopedData" }, /* 88 */
- { 0x05, 90, 0, 8, "digestedData" }, /* 89 */
- { 0x06, 0, 0, 8, "encryptedData" }, /* 90 */
- { 0x09, 0, 1, 7, "PKCS-9" }, /* 91 */
- { 0x01, 93, 0, 8, "E" }, /* 92 */
- { 0x02, 94, 0, 8, "unstructuredName" }, /* 93 */
- { 0x03, 95, 0, 8, "contentType" }, /* 94 */
- { 0x04, 96, 0, 8, "messageDigest" }, /* 95 */
- { 0x05, 97, 0, 8, "signingTime" }, /* 96 */
- { 0x06, 98, 0, 8, "counterSignature" }, /* 97 */
- { 0x07, 99, 0, 8, "challengePassword" }, /* 98 */
- { 0x08, 100, 0, 8, "unstructuredAddress" }, /* 99 */
- { 0x0E, 101, 0, 8, "extensionRequest" }, /* 100 */
- { 0x0F, 0, 0, 8, "S/MIME Capabilities" }, /* 101 */
- { 0x02, 105, 1, 6, "digestAlgorithm" }, /* 102 */
- { 0x02, 104, 0, 7, "md2" }, /* 103 */
- { 0x05, 0, 0, 7, "md5" }, /* 104 */
- { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 105 */
- { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 106 */
- { 0xCE, 0, 1, 3, "" }, /* 107 */
- { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 108 */
- { 0x02, 111, 1, 5, "id-publicKeyType" }, /* 109 */
- { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 110 */
- { 0x03, 141, 1, 5, "ellipticCurve" }, /* 111 */
- { 0x00, 133, 1, 6, "c-TwoCurve" }, /* 112 */
- { 0x01, 114, 0, 7, "c2pnb163v1" }, /* 113 */
- { 0x02, 115, 0, 7, "c2pnb163v2" }, /* 114 */
- { 0x03, 116, 0, 7, "c2pnb163v3" }, /* 115 */
- { 0x04, 117, 0, 7, "c2pnb176w1" }, /* 116 */
- { 0x05, 118, 0, 7, "c2tnb191v1" }, /* 117 */
- { 0x06, 119, 0, 7, "c2tnb191v2" }, /* 118 */
- { 0x07, 120, 0, 7, "c2tnb191v3" }, /* 119 */
- { 0x08, 121, 0, 7, "c2onb191v4" }, /* 120 */
- { 0x09, 122, 0, 7, "c2onb191v5" }, /* 121 */
- { 0x0A, 123, 0, 7, "c2pnb208w1" }, /* 122 */
- { 0x0B, 124, 0, 7, "c2tnb239v1" }, /* 123 */
- { 0x0C, 125, 0, 7, "c2tnb239v2" }, /* 124 */
- { 0x0D, 126, 0, 7, "c2tnb239v3" }, /* 125 */
- { 0x0E, 127, 0, 7, "c2onb239v4" }, /* 126 */
- { 0x0F, 128, 0, 7, "c2onb239v5" }, /* 127 */
- { 0x10, 129, 0, 7, "c2pnb272w1" }, /* 128 */
- { 0x11, 130, 0, 7, "c2pnb304w1" }, /* 129 */
- { 0x12, 131, 0, 7, "c2tnb359v1" }, /* 130 */
- { 0x13, 132, 0, 7, "c2pnb368w1" }, /* 131 */
- { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 132 */
- { 0x01, 0, 1, 6, "primeCurve" }, /* 133 */
- { 0x01, 135, 0, 7, "prime192v1" }, /* 134 */
- { 0x02, 136, 0, 7, "prime192v2" }, /* 135 */
- { 0x03, 137, 0, 7, "prime192v3" }, /* 136 */
- { 0x04, 138, 0, 7, "prime239v1" }, /* 137 */
- { 0x05, 139, 0, 7, "prime239v2" }, /* 138 */
- { 0x06, 140, 0, 7, "prime239v3" }, /* 139 */
- { 0x07, 0, 0, 7, "prime256v1" }, /* 140 */
- { 0x04, 0, 1, 5, "id-ecSigType" }, /* 141 */
- { 0x01, 0, 0, 6, "ecdsa-with-SHA1" }, /* 142 */
- {0x2B, 243, 1, 0, "" }, /* 143 */
- { 0x06, 196, 1, 1, "dod" }, /* 144 */
- { 0x01, 0, 1, 2, "internet" }, /* 145 */
- { 0x04, 164, 1, 3, "private" }, /* 146 */
- { 0x01, 0, 1, 4, "enterprise" }, /* 147 */
- { 0x82, 157, 1, 5, "" }, /* 148 */
- { 0x37, 0, 1, 6, "Microsoft" }, /* 149 */
- { 0x0A, 154, 1, 7, "" }, /* 150 */
- { 0x03, 0, 1, 8, "" }, /* 151 */
- { 0x03, 153, 0, 9, "msSGC" }, /* 152 */
- { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 153 */
- { 0x14, 0, 1, 7, "msEnrollmentInfrastructure"}, /* 154 */
- { 0x02, 0, 1, 8, "msCertificateTypeExtension"}, /* 155 */
- { 0x02, 0, 0, 9, "msSmartcardLogon" }, /* 156 */
- { 0x89, 0, 1, 5, "" }, /* 157 */
- { 0x31, 0, 1, 6, "" }, /* 158 */
- { 0x01, 0, 1, 7, "" }, /* 159 */
- { 0x01, 0, 1, 8, "" }, /* 160 */
- { 0x02, 0, 1, 9, "" }, /* 161 */
- { 0x02, 163, 0, 10, "" }, /* 162 */
- { 0x4B, 0, 0, 10, "TCGID" }, /* 163 */
- { 0x05, 0, 1, 3, "security" }, /* 164 */
- { 0x05, 0, 1, 4, "mechanisms" }, /* 165 */
- { 0x07, 0, 1, 5, "id-pkix" }, /* 166 */
- { 0x01, 169, 1, 6, "id-pe" }, /* 167 */
- { 0x01, 0, 0, 7, "authorityInfoAccess" }, /* 168 */
- { 0x03, 179, 1, 6, "id-kp" }, /* 169 */
- { 0x01, 171, 0, 7, "serverAuth" }, /* 170 */
- { 0x02, 172, 0, 7, "clientAuth" }, /* 171 */
- { 0x03, 173, 0, 7, "codeSigning" }, /* 172 */
- { 0x04, 174, 0, 7, "emailProtection" }, /* 173 */
- { 0x05, 175, 0, 7, "ipsecEndSystem" }, /* 174 */
- { 0x06, 176, 0, 7, "ipsecTunnel" }, /* 175 */
- { 0x07, 177, 0, 7, "ipsecUser" }, /* 176 */
- { 0x08, 178, 0, 7, "timeStamping" }, /* 177 */
- { 0x09, 0, 0, 7, "ocspSigning" }, /* 178 */
- { 0x08, 181, 1, 6, "id-otherNames" }, /* 179 */
- { 0x05, 0, 0, 7, "xmppAddr" }, /* 180 */
- { 0x0A, 186, 1, 6, "id-aca" }, /* 181 */
- { 0x01, 183, 0, 7, "authenticationInfo" }, /* 182 */
- { 0x02, 184, 0, 7, "accessIdentity" }, /* 183 */
- { 0x03, 185, 0, 7, "chargingIdentity" }, /* 184 */
- { 0x04, 0, 0, 7, "group" }, /* 185 */
- { 0x30, 0, 1, 6, "id-ad" }, /* 186 */
- { 0x01, 195, 1, 7, "ocsp" }, /* 187 */
- { 0x01, 189, 0, 8, "basic" }, /* 188 */
- { 0x02, 190, 0, 8, "nonce" }, /* 189 */
- { 0x03, 191, 0, 8, "crl" }, /* 190 */
- { 0x04, 192, 0, 8, "response" }, /* 191 */
- { 0x05, 193, 0, 8, "noCheck" }, /* 192 */
- { 0x06, 194, 0, 8, "archiveCutoff" }, /* 193 */
- { 0x07, 0, 0, 8, "serviceLocator" }, /* 194 */
- { 0x02, 0, 0, 7, "caIssuers" }, /* 195 */
- { 0x0E, 202, 1, 1, "oiw" }, /* 196 */
- { 0x03, 0, 1, 2, "secsig" }, /* 197 */
- { 0x02, 0, 1, 3, "algorithms" }, /* 198 */
- { 0x07, 200, 0, 4, "des-cbc" }, /* 199 */
- { 0x1A, 201, 0, 4, "sha-1" }, /* 200 */
- { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 201 */
- { 0x24, 209, 1, 1, "TeleTrusT" }, /* 202 */
- { 0x03, 0, 1, 2, "algorithm" }, /* 203 */
- { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 204 */
- { 0x01, 0, 1, 4, "rsaSignature" }, /* 205 */
- { 0x02, 207, 0, 5, "rsaSigWithripemd160" }, /* 206 */
- { 0x03, 208, 0, 5, "rsaSigWithripemd128" }, /* 207 */
- { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 208 */
- { 0x81, 0, 1, 1, "" }, /* 209 */
- { 0x04, 0, 1, 2, "Certicom" }, /* 210 */
- { 0x00, 0, 1, 3, "curve" }, /* 211 */
- { 0x01, 213, 0, 4, "sect163k1" }, /* 212 */
- { 0x02, 214, 0, 4, "sect163r1" }, /* 213 */
- { 0x03, 215, 0, 4, "sect239k1" }, /* 214 */
- { 0x04, 216, 0, 4, "sect113r1" }, /* 215 */
- { 0x05, 217, 0, 4, "sect113r2" }, /* 216 */
- { 0x06, 218, 0, 4, "secp112r1" }, /* 217 */
- { 0x07, 219, 0, 4, "secp112r2" }, /* 218 */
- { 0x08, 220, 0, 4, "secp160r1" }, /* 219 */
- { 0x09, 221, 0, 4, "secp160k1" }, /* 220 */
- { 0x0A, 222, 0, 4, "secp256k1" }, /* 221 */
- { 0x0F, 223, 0, 4, "sect163r2" }, /* 222 */
- { 0x10, 224, 0, 4, "sect283k1" }, /* 223 */
- { 0x11, 225, 0, 4, "sect283r1" }, /* 224 */
- { 0x16, 226, 0, 4, "sect131r1" }, /* 225 */
- { 0x17, 227, 0, 4, "sect131r2" }, /* 226 */
- { 0x18, 228, 0, 4, "sect193r1" }, /* 227 */
- { 0x19, 229, 0, 4, "sect193r2" }, /* 228 */
- { 0x1A, 230, 0, 4, "sect233k1" }, /* 229 */
- { 0x1B, 231, 0, 4, "sect233r1" }, /* 230 */
- { 0x1C, 232, 0, 4, "secp128r1" }, /* 231 */
- { 0x1D, 233, 0, 4, "secp128r2" }, /* 232 */
- { 0x1E, 234, 0, 4, "secp160r2" }, /* 233 */
- { 0x1F, 235, 0, 4, "secp192k1" }, /* 234 */
- { 0x20, 236, 0, 4, "secp224k1" }, /* 235 */
- { 0x21, 237, 0, 4, "secp224r1" }, /* 236 */
- { 0x22, 238, 0, 4, "secp384r1" }, /* 237 */
- { 0x23, 239, 0, 4, "secp521r1" }, /* 238 */
- { 0x24, 240, 0, 4, "sect409k1" }, /* 239 */
- { 0x25, 241, 0, 4, "sect409r1" }, /* 240 */
- { 0x26, 242, 0, 4, "sect571k1" }, /* 241 */
- { 0x27, 0, 0, 4, "sect571r1" }, /* 242 */
- {0x60, 0, 1, 0, "" }, /* 243 */
- { 0x86, 0, 1, 1, "" }, /* 244 */
- { 0x48, 0, 1, 2, "" }, /* 245 */
- { 0x01, 289, 1, 3, "organization" }, /* 246 */
- { 0x65, 265, 1, 4, "gov" }, /* 247 */
- { 0x03, 0, 1, 5, "csor" }, /* 248 */
- { 0x04, 0, 1, 6, "nistalgorithm" }, /* 249 */
- { 0x01, 260, 1, 7, "aes" }, /* 250 */
- { 0x02, 252, 0, 8, "id-aes128-CBC" }, /* 251 */
- { 0x06, 253, 0, 8, "id-aes128-GCM" }, /* 252 */
- { 0x07, 254, 0, 8, "id-aes128-CCM" }, /* 253 */
- { 0x16, 255, 0, 8, "id-aes192-CBC" }, /* 254 */
- { 0x1A, 256, 0, 8, "id-aes192-GCM" }, /* 255 */
- { 0x1B, 257, 0, 8, "id-aes192-CCM" }, /* 256 */
- { 0x2A, 258, 0, 8, "id-aes256-CBC" }, /* 257 */
- { 0x2E, 259, 0, 8, "id-aes256-GCM" }, /* 258 */
- { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 259 */
- { 0x02, 0, 1, 7, "hashalgs" }, /* 260 */
- { 0x01, 262, 0, 8, "id-SHA-256" }, /* 261 */
- { 0x02, 263, 0, 8, "id-SHA-384" }, /* 262 */
- { 0x03, 264, 0, 8, "id-SHA-512" }, /* 263 */
- { 0x04, 0, 0, 8, "id-SHA-224" }, /* 264 */
- { 0x86, 0, 1, 4, "" }, /* 265 */
- { 0xf8, 0, 1, 5, "" }, /* 266 */
- { 0x42, 279, 1, 6, "netscape" }, /* 267 */
- { 0x01, 274, 1, 7, "" }, /* 268 */
- { 0x01, 270, 0, 8, "nsCertType" }, /* 269 */
- { 0x03, 271, 0, 8, "nsRevocationUrl" }, /* 270 */
- { 0x04, 272, 0, 8, "nsCaRevocationUrl" }, /* 271 */
- { 0x08, 273, 0, 8, "nsCaPolicyUrl" }, /* 272 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 273 */
- { 0x03, 277, 1, 7, "directory" }, /* 274 */
- { 0x01, 0, 1, 8, "" }, /* 275 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 276 */
- { 0x04, 0, 1, 7, "policy" }, /* 277 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 278 */
- { 0x45, 0, 1, 6, "verisign" }, /* 279 */
- { 0x01, 0, 1, 7, "pki" }, /* 280 */
- { 0x09, 0, 1, 8, "attributes" }, /* 281 */
- { 0x02, 283, 0, 9, "messageType" }, /* 282 */
- { 0x03, 284, 0, 9, "pkiStatus" }, /* 283 */
- { 0x04, 285, 0, 9, "failInfo" }, /* 284 */
- { 0x05, 286, 0, 9, "senderNonce" }, /* 285 */
- { 0x06, 287, 0, 9, "recipientNonce" }, /* 286 */
- { 0x07, 288, 0, 9, "transID" }, /* 287 */
- { 0x08, 0, 0, 9, "extensionReq" }, /* 288 */
- { 0x86, 0, 1, 3, "old-netscape" }, /* 289 */
- { 0xF7, 0, 1, 4, "" }, /* 290 */
- { 0x0D, 0, 1, 5, "" }, /* 291 */
- { 0x01, 0, 1, 6, "" }, /* 292 */
- { 0x09, 0, 1, 7, "" }, /* 293 */
- { 0x01, 295, 0, 8, "emailAddress" }, /* 294 */
- { 0x02, 0, 0, 8, "unstructuredName" } /* 295 */
+ { 0x0D, 84, 0, 8, "sha512WithRSAEncryption" }, /* 83 */
+ { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 84 */
+ { 0x07, 92, 1, 7, "PKCS-7" }, /* 85 */
+ { 0x01, 87, 0, 8, "data" }, /* 86 */
+ { 0x02, 88, 0, 8, "signedData" }, /* 87 */
+ { 0x03, 89, 0, 8, "envelopedData" }, /* 88 */
+ { 0x04, 90, 0, 8, "signedAndEnvelopedData" }, /* 89 */
+ { 0x05, 91, 0, 8, "digestedData" }, /* 90 */
+ { 0x06, 0, 0, 8, "encryptedData" }, /* 91 */
+ { 0x09, 0, 1, 7, "PKCS-9" }, /* 92 */
+ { 0x01, 94, 0, 8, "E" }, /* 93 */
+ { 0x02, 95, 0, 8, "unstructuredName" }, /* 94 */
+ { 0x03, 96, 0, 8, "contentType" }, /* 95 */
+ { 0x04, 97, 0, 8, "messageDigest" }, /* 96 */
+ { 0x05, 98, 0, 8, "signingTime" }, /* 97 */
+ { 0x06, 99, 0, 8, "counterSignature" }, /* 98 */
+ { 0x07, 100, 0, 8, "challengePassword" }, /* 99 */
+ { 0x08, 101, 0, 8, "unstructuredAddress" }, /* 100 */
+ { 0x0E, 102, 0, 8, "extensionRequest" }, /* 101 */
+ { 0x0F, 0, 0, 8, "S/MIME Capabilities" }, /* 102 */
+ { 0x02, 106, 1, 6, "digestAlgorithm" }, /* 103 */
+ { 0x02, 105, 0, 7, "md2" }, /* 104 */
+ { 0x05, 0, 0, 7, "md5" }, /* 105 */
+ { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 106 */
+ { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 107 */
+ { 0xCE, 0, 1, 3, "" }, /* 108 */
+ { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 109 */
+ { 0x02, 112, 1, 5, "id-publicKeyType" }, /* 110 */
+ { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 111 */
+ { 0x03, 142, 1, 5, "ellipticCurve" }, /* 112 */
+ { 0x00, 134, 1, 6, "c-TwoCurve" }, /* 113 */
+ { 0x01, 115, 0, 7, "c2pnb163v1" }, /* 114 */
+ { 0x02, 116, 0, 7, "c2pnb163v2" }, /* 115 */
+ { 0x03, 117, 0, 7, "c2pnb163v3" }, /* 116 */
+ { 0x04, 118, 0, 7, "c2pnb176w1" }, /* 117 */
+ { 0x05, 119, 0, 7, "c2tnb191v1" }, /* 118 */
+ { 0x06, 120, 0, 7, "c2tnb191v2" }, /* 119 */
+ { 0x07, 121, 0, 7, "c2tnb191v3" }, /* 120 */
+ { 0x08, 122, 0, 7, "c2onb191v4" }, /* 121 */
+ { 0x09, 123, 0, 7, "c2onb191v5" }, /* 122 */
+ { 0x0A, 124, 0, 7, "c2pnb208w1" }, /* 123 */
+ { 0x0B, 125, 0, 7, "c2tnb239v1" }, /* 124 */
+ { 0x0C, 126, 0, 7, "c2tnb239v2" }, /* 125 */
+ { 0x0D, 127, 0, 7, "c2tnb239v3" }, /* 126 */
+ { 0x0E, 128, 0, 7, "c2onb239v4" }, /* 127 */
+ { 0x0F, 129, 0, 7, "c2onb239v5" }, /* 128 */
+ { 0x10, 130, 0, 7, "c2pnb272w1" }, /* 129 */
+ { 0x11, 131, 0, 7, "c2pnb304w1" }, /* 130 */
+ { 0x12, 132, 0, 7, "c2tnb359v1" }, /* 131 */
+ { 0x13, 133, 0, 7, "c2pnb368w1" }, /* 132 */
+ { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 133 */
+ { 0x01, 0, 1, 6, "primeCurve" }, /* 134 */
+ { 0x01, 136, 0, 7, "prime192v1" }, /* 135 */
+ { 0x02, 137, 0, 7, "prime192v2" }, /* 136 */
+ { 0x03, 138, 0, 7, "prime192v3" }, /* 137 */
+ { 0x04, 139, 0, 7, "prime239v1" }, /* 138 */
+ { 0x05, 140, 0, 7, "prime239v2" }, /* 139 */
+ { 0x06, 141, 0, 7, "prime239v3" }, /* 140 */
+ { 0x07, 0, 0, 7, "prime256v1" }, /* 141 */
+ { 0x04, 0, 1, 5, "id-ecSigType" }, /* 142 */
+ { 0x01, 144, 0, 6, "ecdsa-with-SHA1" }, /* 143 */
+ { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 144 */
+ { 0x01, 146, 0, 7, "ecdsa-with-SHA224" }, /* 145 */
+ { 0x02, 147, 0, 7, "ecdsa-with-SHA256" }, /* 146 */
+ { 0x03, 148, 0, 7, "ecdsa-with-SHA384" }, /* 147 */
+ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 148 */
+ {0x2B, 249, 1, 0, "" }, /* 149 */
+ { 0x06, 202, 1, 1, "dod" }, /* 150 */
+ { 0x01, 0, 1, 2, "internet" }, /* 151 */
+ { 0x04, 170, 1, 3, "private" }, /* 152 */
+ { 0x01, 0, 1, 4, "enterprise" }, /* 153 */
+ { 0x82, 163, 1, 5, "" }, /* 154 */
+ { 0x37, 0, 1, 6, "Microsoft" }, /* 155 */
+ { 0x0A, 160, 1, 7, "" }, /* 156 */
+ { 0x03, 0, 1, 8, "" }, /* 157 */
+ { 0x03, 159, 0, 9, "msSGC" }, /* 158 */
+ { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 159 */
+ { 0x14, 0, 1, 7, "msEnrollmentInfrastructure"}, /* 160 */
+ { 0x02, 0, 1, 8, "msCertificateTypeExtension"}, /* 161 */
+ { 0x02, 0, 0, 9, "msSmartcardLogon" }, /* 162 */
+ { 0x89, 0, 1, 5, "" }, /* 163 */
+ { 0x31, 0, 1, 6, "" }, /* 164 */
+ { 0x01, 0, 1, 7, "" }, /* 165 */
+ { 0x01, 0, 1, 8, "" }, /* 166 */
+ { 0x02, 0, 1, 9, "" }, /* 167 */
+ { 0x02, 169, 0, 10, "" }, /* 168 */
+ { 0x4B, 0, 0, 10, "TCGID" }, /* 169 */
+ { 0x05, 0, 1, 3, "security" }, /* 170 */
+ { 0x05, 0, 1, 4, "mechanisms" }, /* 171 */
+ { 0x07, 0, 1, 5, "id-pkix" }, /* 172 */
+ { 0x01, 175, 1, 6, "id-pe" }, /* 173 */
+ { 0x01, 0, 0, 7, "authorityInfoAccess" }, /* 174 */
+ { 0x03, 185, 1, 6, "id-kp" }, /* 175 */
+ { 0x01, 177, 0, 7, "serverAuth" }, /* 176 */
+ { 0x02, 178, 0, 7, "clientAuth" }, /* 177 */
+ { 0x03, 179, 0, 7, "codeSigning" }, /* 178 */
+ { 0x04, 180, 0, 7, "emailProtection" }, /* 179 */
+ { 0x05, 181, 0, 7, "ipsecEndSystem" }, /* 180 */
+ { 0x06, 182, 0, 7, "ipsecTunnel" }, /* 181 */
+ { 0x07, 183, 0, 7, "ipsecUser" }, /* 182 */
+ { 0x08, 184, 0, 7, "timeStamping" }, /* 183 */
+ { 0x09, 0, 0, 7, "ocspSigning" }, /* 184 */
+ { 0x08, 187, 1, 6, "id-otherNames" }, /* 185 */
+ { 0x05, 0, 0, 7, "xmppAddr" }, /* 186 */
+ { 0x0A, 192, 1, 6, "id-aca" }, /* 187 */
+ { 0x01, 189, 0, 7, "authenticationInfo" }, /* 188 */
+ { 0x02, 190, 0, 7, "accessIdentity" }, /* 189 */
+ { 0x03, 191, 0, 7, "chargingIdentity" }, /* 190 */
+ { 0x04, 0, 0, 7, "group" }, /* 191 */
+ { 0x30, 0, 1, 6, "id-ad" }, /* 192 */
+ { 0x01, 201, 1, 7, "ocsp" }, /* 193 */
+ { 0x01, 195, 0, 8, "basic" }, /* 194 */
+ { 0x02, 196, 0, 8, "nonce" }, /* 195 */
+ { 0x03, 197, 0, 8, "crl" }, /* 196 */
+ { 0x04, 198, 0, 8, "response" }, /* 197 */
+ { 0x05, 199, 0, 8, "noCheck" }, /* 198 */
+ { 0x06, 200, 0, 8, "archiveCutoff" }, /* 199 */
+ { 0x07, 0, 0, 8, "serviceLocator" }, /* 200 */
+ { 0x02, 0, 0, 7, "caIssuers" }, /* 201 */
+ { 0x0E, 208, 1, 1, "oiw" }, /* 202 */
+ { 0x03, 0, 1, 2, "secsig" }, /* 203 */
+ { 0x02, 0, 1, 3, "algorithms" }, /* 204 */
+ { 0x07, 206, 0, 4, "des-cbc" }, /* 205 */
+ { 0x1A, 207, 0, 4, "sha-1" }, /* 206 */
+ { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 207 */
+ { 0x24, 215, 1, 1, "TeleTrusT" }, /* 208 */
+ { 0x03, 0, 1, 2, "algorithm" }, /* 209 */
+ { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 210 */
+ { 0x01, 0, 1, 4, "rsaSignature" }, /* 211 */
+ { 0x02, 213, 0, 5, "rsaSigWithripemd160" }, /* 212 */
+ { 0x03, 214, 0, 5, "rsaSigWithripemd128" }, /* 213 */
+ { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 214 */
+ { 0x81, 0, 1, 1, "" }, /* 215 */
+ { 0x04, 0, 1, 2, "Certicom" }, /* 216 */
+ { 0x00, 0, 1, 3, "curve" }, /* 217 */
+ { 0x01, 219, 0, 4, "sect163k1" }, /* 218 */
+ { 0x02, 220, 0, 4, "sect163r1" }, /* 219 */
+ { 0x03, 221, 0, 4, "sect239k1" }, /* 220 */
+ { 0x04, 222, 0, 4, "sect113r1" }, /* 221 */
+ { 0x05, 223, 0, 4, "sect113r2" }, /* 222 */
+ { 0x06, 224, 0, 4, "secp112r1" }, /* 223 */
+ { 0x07, 225, 0, 4, "secp112r2" }, /* 224 */
+ { 0x08, 226, 0, 4, "secp160r1" }, /* 225 */
+ { 0x09, 227, 0, 4, "secp160k1" }, /* 226 */
+ { 0x0A, 228, 0, 4, "secp256k1" }, /* 227 */
+ { 0x0F, 229, 0, 4, "sect163r2" }, /* 228 */
+ { 0x10, 230, 0, 4, "sect283k1" }, /* 229 */
+ { 0x11, 231, 0, 4, "sect283r1" }, /* 230 */
+ { 0x16, 232, 0, 4, "sect131r1" }, /* 231 */
+ { 0x17, 233, 0, 4, "sect131r2" }, /* 232 */
+ { 0x18, 234, 0, 4, "sect193r1" }, /* 233 */
+ { 0x19, 235, 0, 4, "sect193r2" }, /* 234 */
+ { 0x1A, 236, 0, 4, "sect233k1" }, /* 235 */
+ { 0x1B, 237, 0, 4, "sect233r1" }, /* 236 */
+ { 0x1C, 238, 0, 4, "secp128r1" }, /* 237 */
+ { 0x1D, 239, 0, 4, "secp128r2" }, /* 238 */
+ { 0x1E, 240, 0, 4, "secp160r2" }, /* 239 */
+ { 0x1F, 241, 0, 4, "secp192k1" }, /* 240 */
+ { 0x20, 242, 0, 4, "secp224k1" }, /* 241 */
+ { 0x21, 243, 0, 4, "secp224r1" }, /* 242 */
+ { 0x22, 244, 0, 4, "secp384r1" }, /* 243 */
+ { 0x23, 245, 0, 4, "secp521r1" }, /* 244 */
+ { 0x24, 246, 0, 4, "sect409k1" }, /* 245 */
+ { 0x25, 247, 0, 4, "sect409r1" }, /* 246 */
+ { 0x26, 248, 0, 4, "sect571k1" }, /* 247 */
+ { 0x27, 0, 0, 4, "sect571r1" }, /* 248 */
+ {0x60, 0, 1, 0, "" }, /* 249 */
+ { 0x86, 0, 1, 1, "" }, /* 250 */
+ { 0x48, 0, 1, 2, "" }, /* 251 */
+ { 0x01, 295, 1, 3, "organization" }, /* 252 */
+ { 0x65, 271, 1, 4, "gov" }, /* 253 */
+ { 0x03, 0, 1, 5, "csor" }, /* 254 */
+ { 0x04, 0, 1, 6, "nistalgorithm" }, /* 255 */
+ { 0x01, 266, 1, 7, "aes" }, /* 256 */
+ { 0x02, 258, 0, 8, "id-aes128-CBC" }, /* 257 */
+ { 0x06, 259, 0, 8, "id-aes128-GCM" }, /* 258 */
+ { 0x07, 260, 0, 8, "id-aes128-CCM" }, /* 259 */
+ { 0x16, 261, 0, 8, "id-aes192-CBC" }, /* 260 */
+ { 0x1A, 262, 0, 8, "id-aes192-GCM" }, /* 261 */
+ { 0x1B, 263, 0, 8, "id-aes192-CCM" }, /* 262 */
+ { 0x2A, 264, 0, 8, "id-aes256-CBC" }, /* 263 */
+ { 0x2E, 265, 0, 8, "id-aes256-GCM" }, /* 264 */
+ { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 265 */
+ { 0x02, 0, 1, 7, "hashalgs" }, /* 266 */
+ { 0x01, 268, 0, 8, "id-SHA-256" }, /* 267 */
+ { 0x02, 269, 0, 8, "id-SHA-384" }, /* 268 */
+ { 0x03, 270, 0, 8, "id-SHA-512" }, /* 269 */
+ { 0x04, 0, 0, 8, "id-SHA-224" }, /* 270 */
+ { 0x86, 0, 1, 4, "" }, /* 271 */
+ { 0xf8, 0, 1, 5, "" }, /* 272 */
+ { 0x42, 285, 1, 6, "netscape" }, /* 273 */
+ { 0x01, 280, 1, 7, "" }, /* 274 */
+ { 0x01, 276, 0, 8, "nsCertType" }, /* 275 */
+ { 0x03, 277, 0, 8, "nsRevocationUrl" }, /* 276 */
+ { 0x04, 278, 0, 8, "nsCaRevocationUrl" }, /* 277 */
+ { 0x08, 279, 0, 8, "nsCaPolicyUrl" }, /* 278 */
+ { 0x0d, 0, 0, 8, "nsComment" }, /* 279 */
+ { 0x03, 283, 1, 7, "directory" }, /* 280 */
+ { 0x01, 0, 1, 8, "" }, /* 281 */
+ { 0x03, 0, 0, 9, "employeeNumber" }, /* 282 */
+ { 0x04, 0, 1, 7, "policy" }, /* 283 */
+ { 0x01, 0, 0, 8, "nsSGC" }, /* 284 */
+ { 0x45, 0, 1, 6, "verisign" }, /* 285 */
+ { 0x01, 0, 1, 7, "pki" }, /* 286 */
+ { 0x09, 0, 1, 8, "attributes" }, /* 287 */
+ { 0x02, 289, 0, 9, "messageType" }, /* 288 */
+ { 0x03, 290, 0, 9, "pkiStatus" }, /* 289 */
+ { 0x04, 291, 0, 9, "failInfo" }, /* 290 */
+ { 0x05, 292, 0, 9, "senderNonce" }, /* 291 */
+ { 0x06, 293, 0, 9, "recipientNonce" }, /* 292 */
+ { 0x07, 294, 0, 9, "transID" }, /* 293 */
+ { 0x08, 0, 0, 9, "extensionReq" }, /* 294 */
+ { 0x86, 0, 1, 3, "old-netscape" }, /* 295 */
+ { 0xF7, 0, 1, 4, "" }, /* 296 */
+ { 0x0D, 0, 1, 5, "" }, /* 297 */
+ { 0x01, 0, 1, 6, "" }, /* 298 */
+ { 0x09, 0, 1, 7, "" }, /* 299 */
+ { 0x01, 301, 0, 8, "emailAddress" }, /* 300 */
+ { 0x02, 0, 0, 8, "unstructuredName" } /* 301 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 477789b62..b7241af8d 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -60,126 +60,131 @@ extern const oid_t oid_names[];
#define OID_SHA256_WITH_RSA 81
#define OID_SHA384_WITH_RSA 82
#define OID_SHA512_WITH_RSA 83
-#define OID_PKCS7_DATA 85
-#define OID_PKCS7_SIGNED_DATA 86
-#define OID_PKCS7_ENVELOPED_DATA 87
-#define OID_PKCS7_SIGNED_ENVELOPED_DATA 88
-#define OID_PKCS7_DIGESTED_DATA 89
-#define OID_PKCS7_ENCRYPTED_DATA 90
-#define OID_PKCS9_EMAIL 92
-#define OID_PKCS9_CONTENT_TYPE 94
-#define OID_PKCS9_MESSAGE_DIGEST 95
-#define OID_PKCS9_SIGNING_TIME 96
-#define OID_MD2 103
-#define OID_MD5 104
-#define OID_3DES_EDE_CBC 106
-#define OID_EC_PUBLICKEY 110
-#define OID_C2PNB163V1 113
-#define OID_C2PNB163V2 114
-#define OID_C2PNB163V3 115
-#define OID_C2PNB176W1 116
-#define OID_C2PNB191V1 117
-#define OID_C2PNB191V2 118
-#define OID_C2PNB191V3 119
-#define OID_C2PNB191V4 120
-#define OID_C2PNB191V5 121
-#define OID_C2PNB208W1 122
-#define OID_C2PNB239V1 123
-#define OID_C2PNB239V2 124
-#define OID_C2PNB239V3 125
-#define OID_C2PNB239V4 126
-#define OID_C2PNB239V5 127
-#define OID_C2PNB272W1 128
-#define OID_C2PNB304W1 129
-#define OID_C2PNB359V1 130
-#define OID_C2PNB368W1 131
-#define OID_C2PNB431R1 132
-#define OID_PRIME192V1 134
-#define OID_PRIME192V2 135
-#define OID_PRIME192V3 136
-#define OID_PRIME239V1 137
-#define OID_PRIME239V2 138
-#define OID_PRIME239V3 139
-#define OID_PRIME256V1 140
-#define OID_ECDSA_WITH_SHA1 142
-#define OID_TCGID 163
-#define OID_AUTHORITY_INFO_ACCESS 168
-#define OID_OCSP_SIGNING 178
-#define OID_XMPP_ADDR 180
-#define OID_AUTHENTICATION_INFO 182
-#define OID_ACCESS_IDENTITY 183
-#define OID_CHARGING_IDENTITY 184
-#define OID_GROUP 185
-#define OID_OCSP 187
-#define OID_BASIC 188
-#define OID_NONCE 189
-#define OID_CRL 190
-#define OID_RESPONSE 191
-#define OID_NO_CHECK 192
-#define OID_ARCHIVE_CUTOFF 193
-#define OID_SERVICE_LOCATOR 194
-#define OID_CA_ISSUERS 195
-#define OID_DES_CBC 199
-#define OID_SHA1 200
-#define OID_SHA1_WITH_RSA_OIW 201
-#define OID_SECT163K1 212
-#define OID_SECT163R1 213
-#define OID_SECT239K1 214
-#define OID_SECT113R1 215
-#define OID_SECT113R2 216
-#define OID_SECT112R1 217
-#define OID_SECT112R2 218
-#define OID_SECT160R1 219
-#define OID_SECT160K1 220
-#define OID_SECT256K1 221
-#define OID_SECT163R2 222
-#define OID_SECT283K1 223
-#define OID_SECT283R1 224
-#define OID_SECT131R1 225
-#define OID_SECT131R2 226
-#define OID_SECT193R1 227
-#define OID_SECT193R2 228
-#define OID_SECT233K1 229
-#define OID_SECT233R1 230
-#define OID_SECT128R1 231
-#define OID_SECT128R2 232
-#define OID_SECT160R2 233
-#define OID_SECT192K1 234
-#define OID_SECT224K1 235
-#define OID_SECT224R1 236
-#define OID_SECT384R1 237
-#define OID_SECT521R1 238
-#define OID_SECT409K1 239
-#define OID_SECT409R1 240
-#define OID_SECT571K1 241
-#define OID_SECT571R1 242
-#define OID_AES128_CBC 251
-#define OID_AES128_GCM 252
-#define OID_AES128_CCM 253
-#define OID_AES192_CBC 254
-#define OID_AES192_GCM 255
-#define OID_AES192_CCM 256
-#define OID_AES256_CBC 257
-#define OID_AES256_GCM 258
-#define OID_AES256_CCM 259
-#define OID_SHA256 261
-#define OID_SHA384 262
-#define OID_SHA512 263
-#define OID_SHA224 264
-#define OID_NS_REVOCATION_URL 270
-#define OID_NS_CA_REVOCATION_URL 271
-#define OID_NS_CA_POLICY_URL 272
-#define OID_NS_COMMENT 273
-#define OID_EMPLOYEE_NUMBER 276
-#define OID_PKI_MESSAGE_TYPE 282
-#define OID_PKI_STATUS 283
-#define OID_PKI_FAIL_INFO 284
-#define OID_PKI_SENDER_NONCE 285
-#define OID_PKI_RECIPIENT_NONCE 286
-#define OID_PKI_TRANS_ID 287
-#define OID_EMAIL_ADDRESS 294
-#define OID_UNSTRUCTURED_NAME 295
+#define OID_SHA224_WITH_RSA 84
+#define OID_PKCS7_DATA 86
+#define OID_PKCS7_SIGNED_DATA 87
+#define OID_PKCS7_ENVELOPED_DATA 88
+#define OID_PKCS7_SIGNED_ENVELOPED_DATA 89
+#define OID_PKCS7_DIGESTED_DATA 90
+#define OID_PKCS7_ENCRYPTED_DATA 91
+#define OID_PKCS9_EMAIL 93
+#define OID_PKCS9_CONTENT_TYPE 95
+#define OID_PKCS9_MESSAGE_DIGEST 96
+#define OID_PKCS9_SIGNING_TIME 97
+#define OID_MD2 104
+#define OID_MD5 105
+#define OID_3DES_EDE_CBC 107
+#define OID_EC_PUBLICKEY 111
+#define OID_C2PNB163V1 114
+#define OID_C2PNB163V2 115
+#define OID_C2PNB163V3 116
+#define OID_C2PNB176W1 117
+#define OID_C2PNB191V1 118
+#define OID_C2PNB191V2 119
+#define OID_C2PNB191V3 120
+#define OID_C2PNB191V4 121
+#define OID_C2PNB191V5 122
+#define OID_C2PNB208W1 123
+#define OID_C2PNB239V1 124
+#define OID_C2PNB239V2 125
+#define OID_C2PNB239V3 126
+#define OID_C2PNB239V4 127
+#define OID_C2PNB239V5 128
+#define OID_C2PNB272W1 129
+#define OID_C2PNB304W1 130
+#define OID_C2PNB359V1 131
+#define OID_C2PNB368W1 132
+#define OID_C2PNB431R1 133
+#define OID_PRIME192V1 135
+#define OID_PRIME192V2 136
+#define OID_PRIME192V3 137
+#define OID_PRIME239V1 138
+#define OID_PRIME239V2 139
+#define OID_PRIME239V3 140
+#define OID_PRIME256V1 141
+#define OID_ECDSA_WITH_SHA1 143
+#define OID_ECDSA_WITH_SHA224 145
+#define OID_ECDSA_WITH_SHA256 146
+#define OID_ECDSA_WITH_SHA384 147
+#define OID_ECDSA_WITH_SHA512 148
+#define OID_TCGID 169
+#define OID_AUTHORITY_INFO_ACCESS 174
+#define OID_OCSP_SIGNING 184
+#define OID_XMPP_ADDR 186
+#define OID_AUTHENTICATION_INFO 188
+#define OID_ACCESS_IDENTITY 189
+#define OID_CHARGING_IDENTITY 190
+#define OID_GROUP 191
+#define OID_OCSP 193
+#define OID_BASIC 194
+#define OID_NONCE 195
+#define OID_CRL 196
+#define OID_RESPONSE 197
+#define OID_NO_CHECK 198
+#define OID_ARCHIVE_CUTOFF 199
+#define OID_SERVICE_LOCATOR 200
+#define OID_CA_ISSUERS 201
+#define OID_DES_CBC 205
+#define OID_SHA1 206
+#define OID_SHA1_WITH_RSA_OIW 207
+#define OID_SECT163K1 218
+#define OID_SECT163R1 219
+#define OID_SECT239K1 220
+#define OID_SECT113R1 221
+#define OID_SECT113R2 222
+#define OID_SECT112R1 223
+#define OID_SECT112R2 224
+#define OID_SECT160R1 225
+#define OID_SECT160K1 226
+#define OID_SECT256K1 227
+#define OID_SECT163R2 228
+#define OID_SECT283K1 229
+#define OID_SECT283R1 230
+#define OID_SECT131R1 231
+#define OID_SECT131R2 232
+#define OID_SECT193R1 233
+#define OID_SECT193R2 234
+#define OID_SECT233K1 235
+#define OID_SECT233R1 236
+#define OID_SECT128R1 237
+#define OID_SECT128R2 238
+#define OID_SECT160R2 239
+#define OID_SECT192K1 240
+#define OID_SECT224K1 241
+#define OID_SECT224R1 242
+#define OID_SECT384R1 243
+#define OID_SECT521R1 244
+#define OID_SECT409K1 245
+#define OID_SECT409R1 246
+#define OID_SECT571K1 247
+#define OID_SECT571R1 248
+#define OID_AES128_CBC 257
+#define OID_AES128_GCM 258
+#define OID_AES128_CCM 259
+#define OID_AES192_CBC 260
+#define OID_AES192_GCM 261
+#define OID_AES192_CCM 262
+#define OID_AES256_CBC 263
+#define OID_AES256_GCM 264
+#define OID_AES256_CCM 265
+#define OID_SHA256 267
+#define OID_SHA384 268
+#define OID_SHA512 269
+#define OID_SHA224 270
+#define OID_NS_REVOCATION_URL 276
+#define OID_NS_CA_REVOCATION_URL 277
+#define OID_NS_CA_POLICY_URL 278
+#define OID_NS_COMMENT 279
+#define OID_EMPLOYEE_NUMBER 282
+#define OID_PKI_MESSAGE_TYPE 288
+#define OID_PKI_STATUS 289
+#define OID_PKI_FAIL_INFO 290
+#define OID_PKI_SENDER_NONCE 291
+#define OID_PKI_RECIPIENT_NONCE 292
+#define OID_PKI_TRANS_ID 293
+#define OID_EMAIL_ADDRESS 300
+#define OID_UNSTRUCTURED_NAME 301
-#define OID_MAX 296
+#define OID_MAX 302
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index 1514f179f..5adca6289 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -82,6 +82,7 @@
0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA
0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA
0x0D "sha512WithRSAEncryption" OID_SHA512_WITH_RSA
+ 0x0E "sha224WithRSAEncryption" OID_SHA224_WITH_RSA
0x07 "PKCS-7"
0x01 "data" OID_PKCS7_DATA
0x02 "signedData" OID_PKCS7_SIGNED_DATA
@@ -141,6 +142,11 @@
0x07 "prime256v1" OID_PRIME256V1
0x04 "id-ecSigType"
0x01 "ecdsa-with-SHA1" OID_ECDSA_WITH_SHA1
+ 0x03 "ecdsa-with-Specified"
+ 0x01 "ecdsa-with-SHA224" OID_ECDSA_WITH_SHA224
+ 0x02 "ecdsa-with-SHA256" OID_ECDSA_WITH_SHA256
+ 0x03 "ecdsa-with-SHA384" OID_ECDSA_WITH_SHA384
+ 0x04 "ecdsa-with-SHA512" OID_ECDSA_WITH_SHA512
0x2B ""
0x06 "dod"
0x01 "internet"