aboutsummaryrefslogtreecommitdiffstats
path: root/lib/public_key/asn1
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2013-02-26 15:52:18 +0100
committerIngela Anderton Andin <[email protected]>2013-03-13 14:40:59 +0100
commit006f45a738a6612958381b2fcbf48586c008d911 (patch)
tree600bc9e688ad286e1b4f6dad72a65a514cacc207 /lib/public_key/asn1
parent03bc63bed74af4c392d160005b77aca43d4cd4aa (diff)
downloadotp-006f45a738a6612958381b2fcbf48586c008d911.tar.gz
otp-006f45a738a6612958381b2fcbf48586c008d911.tar.bz2
otp-006f45a738a6612958381b2fcbf48586c008d911.zip
public_key & ssl: Add support for ISO oids 1.3.14.3.2.29 and 1.3.14.3.2.27
Some certificates may use these OIDs instead of the ones defined by PKIX/PKCS standard. Refactor code so that all handling of the "duplicate" oids is done by public_key. Update algorithm information in documentation.
Diffstat (limited to 'lib/public_key/asn1')
-rw-r--r--lib/public_key/asn1/OTP-PKIX.asn122
-rw-r--r--lib/public_key/asn1/PKCS-1.asn14
-rw-r--r--lib/public_key/asn1/PKIX1Algorithms88.asn13
3 files changed, 21 insertions, 8 deletions
diff --git a/lib/public_key/asn1/OTP-PKIX.asn1 b/lib/public_key/asn1/OTP-PKIX.asn1
index 4f20208bce..a90fe2840c 100644
--- a/lib/public_key/asn1/OTP-PKIX.asn1
+++ b/lib/public_key/asn1/OTP-PKIX.asn1
@@ -97,9 +97,9 @@ IMPORTS
id-pkix1-implicit(19) }
--Keys and Signatures
- id-dsa, Dss-Parms, DSAPublicKey,
- id-dsa-with-sha1,
- md2WithRSAEncryption,
+ id-dsa, Dss-Parms, DSAPublicKey,
+ id-dsa-with-sha1, id-dsaWithSHA1,
+ md2WithRSAEncryption,
md5WithRSAEncryption,
sha1WithRSAEncryption,
rsaEncryption, RSAPublicKey,
@@ -115,7 +115,6 @@ IMPORTS
FROM PKIX1Algorithms88 { iso(1) identified-organization(3) dod(6)
internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkix1-algorithms(17) }
-
md2WithRSAEncryption,
md5WithRSAEncryption,
sha1WithRSAEncryption,
@@ -316,8 +315,8 @@ PublicKeyAlgorithm ::= SEQUENCE {
OPTIONAL }
SupportedSignatureAlgorithms SIGNATURE-ALGORITHM-CLASS ::= {
- dsa-with-sha1 | md2-with-rsa-encryption |
- md5-with-rsa-encryption | sha1-with-rsa-encryption |
+ dsa-with-sha1 | dsaWithSHA1 | md2-with-rsa-encryption |
+ md5-with-rsa-encryption | sha1-with-rsa-encryption | sha-1with-rsa-encryption |
sha224-with-rsa-encryption |
sha256-with-rsa-encryption |
sha384-with-rsa-encryption |
@@ -325,7 +324,7 @@ SupportedSignatureAlgorithms SIGNATURE-ALGORITHM-CLASS ::= {
ecdsa-with-sha1 }
SupportedPublicKeyAlgorithms PUBLIC-KEY-ALGORITHM-CLASS ::= {
- dsa | rsa-encryption | dh | kea | ec-public-key }
+ dsa | rsa-encryption | dh | kea | ec-public-key }
-- DSA Keys and Signatures
@@ -349,6 +348,11 @@ SupportedPublicKeyAlgorithms PUBLIC-KEY-ALGORITHM-CLASS ::= {
ID id-dsa-with-sha1
TYPE DSAParams }
+
+ dsaWithSHA1 SIGNATURE-ALGORITHM-CLASS ::= {
+ ID id-dsaWithSHA1
+ TYPE DSAParams }
+
--
-- RSA Keys and Signatures
--
@@ -367,6 +371,10 @@ SupportedPublicKeyAlgorithms PUBLIC-KEY-ALGORITHM-CLASS ::= {
ID sha1WithRSAEncryption
TYPE NULL }
+ sha-1with-rsa-encryption SIGNATURE-ALGORITHM-CLASS ::= {
+ ID sha-1WithRSAEncryption
+ TYPE NULL }
+
sha224-with-rsa-encryption SIGNATURE-ALGORITHM-CLASS ::= {
ID sha224WithRSAEncryption
TYPE NULL }
diff --git a/lib/public_key/asn1/PKCS-1.asn1 b/lib/public_key/asn1/PKCS-1.asn1
index c83289e779..b5754790e7 100644
--- a/lib/public_key/asn1/PKCS-1.asn1
+++ b/lib/public_key/asn1/PKCS-1.asn1
@@ -35,7 +35,9 @@ sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 }
sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 }
sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 }
-
+-- ISO oid - equvivalent to sha1WithRSAEncryption
+sha-1WithRSAEncryption OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) sha-1WithRSAEncryption(29)}
id-sha1 OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) oiw(14) secsig(3)
diff --git a/lib/public_key/asn1/PKIX1Algorithms88.asn1 b/lib/public_key/asn1/PKIX1Algorithms88.asn1
index f895b6d0cd..74225747d3 100644
--- a/lib/public_key/asn1/PKIX1Algorithms88.asn1
+++ b/lib/public_key/asn1/PKIX1Algorithms88.asn1
@@ -35,6 +35,9 @@
id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
+ id-dsaWithSHA1 OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) dsaWithSHA1(27)
+ }
-- encoding for DSA signature generated with SHA-1 hash
Dss-Sig-Value ::= SEQUENCE {