From 8d85952c766295619ff208c0b0ea6f20ee45c643 Mon Sep 17 00:00:00 2001 From: job Date: Tue, 2 Feb 2021 13:58:26 +0000 Subject: [PATCH] Add a bunch of RPKI OIDs RFC6482 - A Profile for Route Origin Authorizations (ROAs) RFC6484 - Certificate Policy (CP) for the RPKI RFC6493 - The RPKI Ghostbusters Record RFC8182 - The RPKI Repository Delta Protocol (RRDP) RFC8360 - RPKI Validation Reconsidered draft-ietf-sidrops-rpki-rta - A profile for RTAs Also in OpenSSL: https://github.com/openssl/openssl/commit/d3372c2f35495d0c61ab09daf7fba3ecbbb595aa OK sthen@ tb@ jsing@ --- lib/libcrypto/objects/obj_mac.num | 12 ++++++++++++ lib/libcrypto/objects/objects.txt | 15 ++++++++++++++- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/lib/libcrypto/objects/obj_mac.num b/lib/libcrypto/objects/obj_mac.num index ba75ec246eb..c02ac3e9f8c 100644 --- a/lib/libcrypto/objects/obj_mac.num +++ b/lib/libcrypto/objects/obj_mac.num @@ -998,3 +998,15 @@ id_tc26_gost_3410_12_512_paramSetTest 997 id_tc26_gost_3410_12_512_paramSetC 998 id_tc26_hmac_gost_3411_12_256 999 id_tc26_hmac_gost_3411_12_512 1000 +id_ct_routeOriginAuthz 1001 +id_ct_rpkiManifest 1002 +id_ct_rpkiGhostbusters 1003 +id_ct_resourceTaggedAttest 1004 +id_cp 1005 +sbgp_ipAddrBlockv2 1006 +sbgp_autonomousSysNumv2 1007 +ipAddr_asNumber 1008 +ipAddr_asNumberv2 1009 +rpkiManifest 1010 +signedObject 1011 +rpkiNotify 1012 diff --git a/lib/libcrypto/objects/objects.txt b/lib/libcrypto/objects/objects.txt index 8e533530f28..46d3dc75b24 100644 --- a/lib/libcrypto/objects/objects.txt +++ b/lib/libcrypto/objects/objects.txt @@ -257,7 +257,11 @@ id-smime-ct 6 : id-smime-ct-contentInfo id-smime-ct 7 : id-smime-ct-DVCSRequestData id-smime-ct 8 : id-smime-ct-DVCSResponseData id-smime-ct 9 : id-smime-ct-compressedData +id-smime-ct 24 : id-ct-routeOriginAuthz +id-smime-ct 26 : id-ct-rpkiManifest id-smime-ct 27 : id-ct-asciiTextWithCRLF +id-smime-ct 35 : id-ct-rpkiGhostbusters +id-smime-ct 36 : id-ct-resourceTaggedAttest # S/MIME Attributes id-smime-aa 1 : id-smime-aa-receiptRequest @@ -436,6 +440,7 @@ id-pkix 9 : id-pda id-pkix 10 : id-aca id-pkix 11 : id-qcs id-pkix 12 : id-cct +id-pkix 14 : id-cp id-pkix 21 : id-ppl id-pkix 48 : id-ad @@ -472,6 +477,8 @@ id-pe 10 : ac-proxying !Cname sinfo-access id-pe 11 : subjectInfoAccess : Subject Information Access id-pe 14 : proxyCertInfo : Proxy Certificate Information +id-pe 28 : sbgp-ipAddrBlockv2 +id-pe 29 : sbgp-autonomousSysNumv2 # PKIX policyQualifiers for Internet policy qualifiers id-qt 1 : id-qt-cps : Policy Qualifier CPS @@ -589,6 +596,10 @@ id-cct 1 : id-cct-crs id-cct 2 : id-cct-PKIData id-cct 3 : id-cct-PKIResponse +# PKIX Certificate Policies +id-cp 2 : ipAddr-asNumber +id-cp 3 : ipAddr-asNumberv2 + # Predefined Proxy Certificate policy languages id-ppl 0 : id-ppl-anyLanguage : Any language id-ppl 1 : id-ppl-inheritAll : Inherit all @@ -604,7 +615,9 @@ id-ad 3 : ad_timestamping : AD Time Stamping !Cname ad-dvcs id-ad 4 : AD_DVCS : ad dvcs id-ad 5 : caRepository : CA Repository - +id-ad 10 : rpkiManifest : RPKI Manifest +id-ad 11 : signedObject : Signed Object +id-ad 13 : rpkiNotify : RPKI Notify !Alias id-pkix-OCSP ad-OCSP !module id-pkix-OCSP -- 2.20.1