From 3ec13237f00d3b06a2fd1d228da16390803eb238 Mon Sep 17 00:00:00 2001 From: Todd Short Date: Sat, 5 Mar 2016 09:47:46 -0500 Subject: Add cipher query functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add functions to determine authentication, key-exchange, FIPS and AEAD. Reviewed-by: Emilia Käsper Reviewed-by: Rich Salz --- crypto/objects/obj_dat.h | 57 +++++++++++++++++++++++++++++++++++++++++++--- crypto/objects/obj_mac.num | 19 ++++++++++++++++ crypto/objects/objects.txt | 22 ++++++++++++++++++ 3 files changed, 95 insertions(+), 3 deletions(-) (limited to 'crypto/objects') diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 0528dfb9cb..8cd3b2071e 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -60,9 +60,9 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1037 -#define NUM_SN 1030 -#define NUM_LN 1030 +#define NUM_NID 1054 +#define NUM_SN 1047 +#define NUM_LN 1047 #define NUM_OBJ 951 static const unsigned char lvalues[6722]={ @@ -2705,6 +2705,23 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"X25519","X25519",NID_X25519,9,&(lvalues[6703]),0}, {"X448","X448",NID_X448,9,&(lvalues[6712]),0}, {"HKDF","hkdf",NID_hkdf,0,NULL,0}, +{"KxRSA","kx-rsa",NID_kx_rsa,0,NULL,0}, +{"KxECDHE","kx-ecdhe",NID_kx_ecdhe,0,NULL,0}, +{"KxDHE","kx-dhe",NID_kx_dhe,0,NULL,0}, +{"KxECDHE-PSK","kx-ecdhe-psk",NID_kx_ecdhe_psk,0,NULL,0}, +{"KxDHE-PSK","kx-dhe-psk",NID_kx_dhe_psk,0,NULL,0}, +{"KxRSA_PSK","kx-rsa-psk",NID_kx_rsa_psk,0,NULL,0}, +{"KxPSK","kx-psk",NID_kx_psk,0,NULL,0}, +{"KxSRP","kx-srp",NID_kx_srp,0,NULL,0}, +{"KxGOST","kx-gost",NID_kx_gost,0,NULL,0}, +{"AuthRSA","auth-rsa",NID_auth_rsa,0,NULL,0}, +{"AuthECDSA","auth-ecdsa",NID_auth_ecdsa,0,NULL,0}, +{"AuthPSK","auth-psk",NID_auth_psk,0,NULL,0}, +{"AuthDSS","auth-dss",NID_auth_dss,0,NULL,0}, +{"AuthGOST01","auth-gost01",NID_auth_gost01,0,NULL,0}, +{"AuthGOST12","auth-gost12",NID_auth_gost12,0,NULL,0}, +{"AuthSRP","auth-srp",NID_auth_srp,0,NULL,0}, +{"AuthNULL","auth-null",NID_auth_null,0,NULL,0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2741,6 +2758,14 @@ static const unsigned int sn_objs[NUM_SN]={ 960, /* "AES-256-OCB" */ 428, /* "AES-256-OFB" */ 914, /* "AES-256-XTS" */ +1049, /* "AuthDSS" */ +1047, /* "AuthECDSA" */ +1050, /* "AuthGOST01" */ +1051, /* "AuthGOST12" */ +1053, /* "AuthNULL" */ +1048, /* "AuthPSK" */ +1046, /* "AuthRSA" */ +1052, /* "AuthSRP" */ 91, /* "BF-CBC" */ 93, /* "BF-CFB" */ 92, /* "BF-ECB" */ @@ -2829,6 +2854,15 @@ static const unsigned int sn_objs[NUM_SN]={ 645, /* "ITU-T" */ 646, /* "JOINT-ISO-ITU-T" */ 773, /* "KISA" */ +1039, /* "KxDHE" */ +1041, /* "KxDHE-PSK" */ +1038, /* "KxECDHE" */ +1040, /* "KxECDHE-PSK" */ +1045, /* "KxGOST" */ +1043, /* "KxPSK" */ +1037, /* "KxRSA" */ +1042, /* "KxRSA_PSK" */ +1044, /* "KxSRP" */ 15, /* "L" */ 856, /* "LocalKeySet" */ 3, /* "MD2" */ @@ -3961,6 +3995,14 @@ static const unsigned int ln_objs[NUM_LN]={ 484, /* "associatedDomain" */ 485, /* "associatedName" */ 501, /* "audio" */ +1049, /* "auth-dss" */ +1047, /* "auth-ecdsa" */ +1050, /* "auth-gost01" */ +1051, /* "auth-gost12" */ +1053, /* "auth-null" */ +1048, /* "auth-psk" */ +1046, /* "auth-rsa" */ +1052, /* "auth-srp" */ 882, /* "authorityRevocationList" */ 91, /* "bf-cbc" */ 93, /* "bf-cfb" */ @@ -4421,6 +4463,15 @@ static const unsigned int ln_objs[NUM_LN]={ 956, /* "jurisdictionStateOrProvinceName" */ 150, /* "keyBag" */ 773, /* "kisa" */ +1039, /* "kx-dhe" */ +1041, /* "kx-dhe-psk" */ +1038, /* "kx-ecdhe" */ +1040, /* "kx-ecdhe-psk" */ +1045, /* "kx-gost" */ +1043, /* "kx-psk" */ +1037, /* "kx-rsa" */ +1042, /* "kx-rsa-psk" */ +1044, /* "kx-srp" */ 477, /* "lastModifiedBy" */ 476, /* "lastModifiedTime" */ 157, /* "localKeyID" */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index ce8e8ec28a..2a80d9d0c9 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1034,3 +1034,22 @@ pkInitKDC 1033 X25519 1034 X448 1035 hkdf 1036 +kx_rsa 1037 +kx_ecdhe 1038 +kx_dhe 1039 +kx_ecdhe_psk 1040 +kx_dhe_psk 1041 +kx_rsa_psk 1042 +kx_psk 1043 +kx_srp 1044 +kx_gost 1045 +auth_rsa 1046 +auth_ecdsa 1047 +auth_psk 1048 +auth_dss 1049 +auth_gost01 1050 +auth_gost12 1051 +auth_srp 1052 +auth_null 1053 +fips_none 1054 +fips_140_2 1055 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 9d04a63431..a79968b85a 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1456,3 +1456,25 @@ id-pkinit 5 : pkInitKDC : Signing KDC Response 1 3 6 1 4 1 11591 15 1 : X25519 1 3 6 1 4 1 11591 15 2 : X448 + +# NIDs for cipher key exchange + : KxRSA : kx-rsa + : KxECDHE : kx-ecdhe + : KxDHE : kx-dhe + : KxECDHE-PSK : kx-ecdhe-psk + : KxDHE-PSK : kx-dhe-psk + : KxRSA_PSK : kx-rsa-psk + : KxPSK : kx-psk + : KxSRP : kx-srp + : KxGOST : kx-gost + +# NIDs for cipher authentication + : AuthRSA : auth-rsa + : AuthECDSA : auth-ecdsa + : AuthPSK : auth-psk + : AuthDSS : auth-dss + : AuthGOST01 : auth-gost01 + : AuthGOST12 : auth-gost12 + : AuthSRP : auth-srp + : AuthNULL : auth-null + -- cgit v1.2.3