diff options
author | Fabian Weissberg <[email protected]> | 2017-11-29 12:29:56 +0100 |
---|---|---|
committer | Fabian Weissberg <[email protected]> | 2017-12-20 13:32:51 +0100 |
commit | 02e756dba4c1001b790c3496049f40ebfe89539b (patch) | |
tree | 30f36cd1faa600dd61f7ffbf6d699d4fefafe127 /src/build-data/oids.txt | |
parent | 2918801d97ccdad5327320ee29bdc2cf666fb08a (diff) |
Fix various x509 path validation bugs + path building with ambiguous DNs
Signed-off-by: Fabian Weissberg <[email protected]>
Diffstat (limited to 'src/build-data/oids.txt')
-rw-r--r-- | src/build-data/oids.txt | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/src/build-data/oids.txt b/src/build-data/oids.txt index e07800279..6584f7e6d 100644 --- a/src/build-data/oids.txt +++ b/src/build-data/oids.txt @@ -1,4 +1,4 @@ -# Regenerate with ./src/scripts/oids.py > src/lib/asn1/oids.cpp +# Regenerate with ./src/scripts/oids.py oids > src/lib/asn1/oids.cpp AND ./src/scripts/oids.py dn_ub > src/lib/x509/x509_dn_ub.cpp # Public key types [pubkey] @@ -166,22 +166,23 @@ [encryption] 1.2.840.113549.1.1.7 = RSA/OAEP -# DN +# DN with upper bounds from RFC 5280, Appendix A [dn] -2.5.4.3 = X520.CommonName -2.5.4.4 = X520.Surname -2.5.4.5 = X520.SerialNumber -2.5.4.6 = X520.Country -2.5.4.7 = X520.Locality -2.5.4.8 = X520.State -2.5.4.10 = X520.Organization -2.5.4.11 = X520.OrganizationalUnit -2.5.4.12 = X520.Title -2.5.4.42 = X520.GivenName -2.5.4.43 = X520.Initials -2.5.4.44 = X520.GenerationalQualifier -2.5.4.46 = X520.DNQualifier -2.5.4.65 = X520.Pseudonym +2.5.4.3 = X520.CommonName = 64 +2.5.4.4 = X520.Surname = 40 +2.5.4.5 = X520.SerialNumber = 64 +2.5.4.6 = X520.Country = 3 +2.5.4.7 = X520.Locality = 128 +2.5.4.8 = X520.State = 128 +2.5.4.10 = X520.Organization = 64 +2.5.4.11 = X520.OrganizationalUnit = 64 +2.5.4.12 = X520.Title = 64 +# the following three types are naming attributes of type "X520name" and inherit its bound +2.5.4.42 = X520.GivenName = 32768 +2.5.4.43 = X520.Initials = 32768 +2.5.4.44 = X520.GenerationalQualifier = 32768 +2.5.4.46 = X520.DNQualifier = 64 +2.5.4.65 = X520.Pseudonym = 128 [pbe] 1.2.840.113549.1.5.12 = PKCS5.PBKDF2 @@ -205,6 +206,7 @@ 2.5.29.21 = X509v3.ReasonCode 2.5.29.23 = X509v3.HoldInstructionCode 2.5.29.24 = X509v3.InvalidityDate +2.5.29.28 = X509v3.CRLIssuingDistributionPoint 2.5.29.30 = X509v3.NameConstraints 2.5.29.31 = X509v3.CRLDistributionPoints 2.5.29.32 = X509v3.CertificatePolicies |