From c5e097dec5e93828837f4208c6968a0b7f38291e Mon Sep 17 00:00:00 2001 From: Job Snijders Date: Mon, 29 Jan 2024 20:40:32 +0000 Subject: [PATCH] Add Content Type OID for id-ct-rpkiSignedPrefixList References: draft-ietf-sidrops-rpki-prefixlist Title: "A profile for Signed Prefix Lists for Use in the Resource Public Key Infrastructure (RPKI)" OID assigned under 'SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9.16.1)' https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/23426) --- crypto/objects/obj_dat.h | 17 +++++++++++------ crypto/objects/obj_mac.num | 1 + crypto/objects/obj_xref.h | 2 +- crypto/objects/objects.txt | 1 + fuzz/oids.txt | 3 ++- include/openssl/obj_mac.h | 6 +++++- 6 files changed, 21 insertions(+), 9 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 5292db3f07..eaf0981599 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[8476] = { +static const unsigned char so[8487] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1182,9 +1182,10 @@ static const unsigned char so[8476] = { 0x55,0x1D,0x49, /* [ 8466] OBJ_alt_signature_algorithm */ 0x55,0x1D,0x4A, /* [ 8469] OBJ_alt_signature_value */ 0x55,0x1D,0x4B, /* [ 8472] OBJ_associated_information */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x33, /* [ 8475] OBJ_id_ct_rpkiSignedPrefixList */ }; -#define NUM_NID 1320 +#define NUM_NID 1321 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2506,9 +2507,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"altSignatureAlgorithm", "X509v3 Alternative Signature Algorithm", NID_alt_signature_algorithm, 3, &so[8466]}, {"altSignatureValue", "X509v3 Alternative Signature Value", NID_alt_signature_value, 3, &so[8469]}, {"associatedInformation", "X509v3 Associated Information", NID_associated_information, 3, &so[8472]}, + {"id-ct-rpkiSignedPrefixList", "id-ct-rpkiSignedPrefixList", NID_id_ct_rpkiSignedPrefixList, 11, &so[8475]}, }; -#define NUM_SN 1311 +#define NUM_SN 1312 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -3167,6 +3169,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1234, /* "id-ct-routeOriginAuthz" */ 1236, /* "id-ct-rpkiGhostbusters" */ 1235, /* "id-ct-rpkiManifest" */ + 1320, /* "id-ct-rpkiSignedPrefixList" */ 1247, /* "id-ct-signedChecklist" */ 1284, /* "id-ct-signedTAL" */ 1060, /* "id-ct-xml" */ @@ -3823,7 +3826,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1289, /* "zstd" */ }; -#define NUM_LN 1311 +#define NUM_LN 1312 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -4514,6 +4517,7 @@ static const unsigned int ln_objs[NUM_LN] = { 1234, /* "id-ct-routeOriginAuthz" */ 1236, /* "id-ct-rpkiGhostbusters" */ 1235, /* "id-ct-rpkiManifest" */ + 1320, /* "id-ct-rpkiSignedPrefixList" */ 1247, /* "id-ct-signedChecklist" */ 1284, /* "id-ct-signedTAL" */ 1060, /* "id-ct-xml" */ @@ -5138,7 +5142,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1177 +#define NUM_OBJ 1178 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -6242,6 +6246,7 @@ static const unsigned int obj_objs[NUM_OBJ] = { 1247, /* OBJ_id_ct_signedChecklist 1 2 840 113549 1 9 16 1 48 */ 1250, /* OBJ_id_ct_ASPA 1 2 840 113549 1 9 16 1 49 */ 1284, /* OBJ_id_ct_signedTAL 1 2 840 113549 1 9 16 1 50 */ + 1320, /* OBJ_id_ct_rpkiSignedPrefixList 1 2 840 113549 1 9 16 1 51 */ 212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */ 213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */ 214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 9deaf2a5a9..7a3e0d3cc7 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1317,3 +1317,4 @@ subject_alt_public_key_info 1316 alt_signature_algorithm 1317 alt_signature_value 1318 associated_information 1319 +id_ct_rpkiSignedPrefixList 1320 diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index 913606f175..01339d9da0 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by objxref.pl * - * Copyright 1998-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 305b89c016..86c3960375 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -284,6 +284,7 @@ id-smime-ct 47 : id-ct-geofeedCSVwithCRLF id-smime-ct 48 : id-ct-signedChecklist id-smime-ct 49 : id-ct-ASPA id-smime-ct 50 : id-ct-signedTAL +id-smime-ct 51 : id-ct-rpkiSignedPrefixList # S/MIME Attributes id-smime-aa 1 : id-smime-aa-receiptRequest diff --git a/fuzz/oids.txt b/fuzz/oids.txt index bae6272f09..1b61a0d625 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1,7 +1,7 @@ # WARNING: do not edit! # Generated by fuzz/mkfuzzoids.pl # -# Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -1178,3 +1178,4 @@ OBJ_subject_alt_public_key_info="\x55\x1D\x48" OBJ_alt_signature_algorithm="\x55\x1D\x49" OBJ_alt_signature_value="\x55\x1D\x4A" OBJ_associated_information="\x55\x1D\x4B" +OBJ_id_ct_rpkiSignedPrefixList="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x33" diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index e1b441b313..1b7d9240a9 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -894,6 +894,10 @@ #define NID_id_ct_signedTAL 1284 #define OBJ_id_ct_signedTAL OBJ_id_smime_ct,50L +#define SN_id_ct_rpkiSignedPrefixList "id-ct-rpkiSignedPrefixList" +#define NID_id_ct_rpkiSignedPrefixList 1320 +#define OBJ_id_ct_rpkiSignedPrefixList OBJ_id_smime_ct,51L + #define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" #define NID_id_smime_aa_receiptRequest 212 #define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L