diff options
Diffstat (limited to 'lib/public_key/asn1/OTP-PKIX.asn1')
| -rw-r--r-- | lib/public_key/asn1/OTP-PKIX.asn1 | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/lib/public_key/asn1/OTP-PKIX.asn1 b/lib/public_key/asn1/OTP-PKIX.asn1 index fbf531df40..4f20208bce 100644 --- a/lib/public_key/asn1/OTP-PKIX.asn1 +++ b/lib/public_key/asn1/OTP-PKIX.asn1 @@ -119,6 +119,7 @@ IMPORTS md2WithRSAEncryption, md5WithRSAEncryption, sha1WithRSAEncryption, + sha224WithRSAEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption, sha512WithRSAEncryption @@ -225,7 +226,17 @@ dnQualifier ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { countryName ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { ID id-at-countryName - TYPE X520countryName } + TYPE X520countryName } -- this is currently not used when decoding + -- The decoding and mapping between ID and Type is done in the code + -- in module publickey_cert_records via the function attribute_type + -- To be more forgiving and compatible with other SSL implementations + -- regarding how to handle and sometimes accept incorrect certificates + -- we define and use the type below instead of X520countryName + + OTP-X520countryname ::= CHOICE { + printableString PrintableString (SIZE (2)), + utf8String UTF8String (SIZE (2)) +} serialNumber ATTRIBUTE-TYPE-AND-VALUE-CLASS ::= { ID id-at-serialNumber @@ -307,6 +318,7 @@ PublicKeyAlgorithm ::= SEQUENCE { SupportedSignatureAlgorithms SIGNATURE-ALGORITHM-CLASS ::= { dsa-with-sha1 | md2-with-rsa-encryption | md5-with-rsa-encryption | sha1-with-rsa-encryption | + sha224-with-rsa-encryption | sha256-with-rsa-encryption | sha384-with-rsa-encryption | sha512-with-rsa-encryption | @@ -355,6 +367,10 @@ SupportedPublicKeyAlgorithms PUBLIC-KEY-ALGORITHM-CLASS ::= { ID sha1WithRSAEncryption TYPE NULL } + sha224-with-rsa-encryption SIGNATURE-ALGORITHM-CLASS ::= { + ID sha224WithRSAEncryption + TYPE NULL } + sha256-with-rsa-encryption SIGNATURE-ALGORITHM-CLASS ::= { ID sha256WithRSAEncryption TYPE NULL } |