From bac2f6db06e1e606a3f26c8667aebe4d1a0dc583 Mon Sep 17 00:00:00 2001 From: "Jonathan M. Wilbur" Date: Sun, 18 Jun 2023 17:56:57 +0000 Subject: feat: add missing pki / pmi object identifiers Signed-off-by: Jonathan M. Wilbur Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/21232) --- crypto/objects/obj_dat.h | 135 +++++++++++++++++++++++++++++++++++++++++++-- crypto/objects/obj_mac.num | 25 +++++++++ crypto/objects/objects.txt | 50 +++++++++++++++++ 3 files changed, 205 insertions(+), 5 deletions(-) (limited to 'crypto/objects') diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index ea09cc94c0..5292db3f07 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[8401] = { +static const unsigned char so[8476] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1157,9 +1157,34 @@ static const unsigned char so[8401] = { 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x19,0x02, /* [ 8373] OBJ_ms_ntds_sec_ext */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x15,0x07, /* [ 8382] OBJ_ms_cert_templ */ 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x15,0x0A, /* [ 8391] OBJ_ms_app_policies */ + 0x55,0x1D,0x26, /* [ 8400] OBJ_authority_attribute_identifier */ + 0x55,0x1D,0x27, /* [ 8403] OBJ_role_spec_cert_identifier */ + 0x55,0x1D,0x29, /* [ 8406] OBJ_basic_att_constraints */ + 0x55,0x1D,0x2A, /* [ 8409] OBJ_delegated_name_constraints */ + 0x55,0x1D,0x2B, /* [ 8412] OBJ_time_specification */ + 0x55,0x1D,0x30, /* [ 8415] OBJ_attribute_descriptor */ + 0x55,0x1D,0x31, /* [ 8418] OBJ_user_notice */ + 0x55,0x1D,0x32, /* [ 8421] OBJ_soa_identifier */ + 0x55,0x1D,0x34, /* [ 8424] OBJ_acceptable_cert_policies */ + 0x55,0x1D,0x39, /* [ 8427] OBJ_acceptable_privilege_policies */ + 0x55,0x1D,0x3D, /* [ 8430] OBJ_indirect_issuer */ + 0x55,0x1D,0x3E, /* [ 8433] OBJ_no_assertion */ + 0x55,0x1D,0x3F, /* [ 8436] OBJ_id_aa_issuing_distribution_point */ + 0x55,0x1D,0x40, /* [ 8439] OBJ_issued_on_behalf_of */ + 0x55,0x1D,0x41, /* [ 8442] OBJ_single_use */ + 0x55,0x1D,0x42, /* [ 8445] OBJ_group_ac */ + 0x55,0x1D,0x43, /* [ 8448] OBJ_allowed_attribute_assignments */ + 0x55,0x1D,0x44, /* [ 8451] OBJ_attribute_mappings */ + 0x55,0x1D,0x45, /* [ 8454] OBJ_holder_name_constraints */ + 0x55,0x1D,0x46, /* [ 8457] OBJ_authorization_validation */ + 0x55,0x1D,0x47, /* [ 8460] OBJ_prot_restrict */ + 0x55,0x1D,0x48, /* [ 8463] OBJ_subject_alt_public_key_info */ + 0x55,0x1D,0x49, /* [ 8466] OBJ_alt_signature_algorithm */ + 0x55,0x1D,0x4A, /* [ 8469] OBJ_alt_signature_value */ + 0x55,0x1D,0x4B, /* [ 8472] OBJ_associated_information */ }; -#define NUM_NID 1295 +#define NUM_NID 1320 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2456,9 +2481,34 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"ms-ntds-sec-ext", "Microsoft NTDS CA Extension", NID_ms_ntds_sec_ext, 9, &so[8373]}, {"ms-cert-templ", "Microsoft certificate template", NID_ms_cert_templ, 9, &so[8382]}, {"ms-app-policies", "Microsoft Application Policies Extension", NID_ms_app_policies, 9, &so[8391]}, + {"authorityAttributeIdentifier", "X509v3 Authority Attribute Identifier", NID_authority_attribute_identifier, 3, &so[8400]}, + {"roleSpecCertIdentifier", "X509v3 Role Specification Certificate Identifier", NID_role_spec_cert_identifier, 3, &so[8403]}, + {"basicAttConstraints", "X509v3 Basic Attribute Certificate Constraints", NID_basic_att_constraints, 3, &so[8406]}, + {"delegatedNameConstraints", "X509v3 Delegated Name Constraints", NID_delegated_name_constraints, 3, &so[8409]}, + {"timeSpecification", "X509v3 Time Specification", NID_time_specification, 3, &so[8412]}, + {"attributeDescriptor", "X509v3 Attribute Descriptor", NID_attribute_descriptor, 3, &so[8415]}, + {"userNotice", "X509v3 User Notice", NID_user_notice, 3, &so[8418]}, + {"sOAIdentifier", "X509v3 Source of Authority Identifier", NID_soa_identifier, 3, &so[8421]}, + {"acceptableCertPolicies", "X509v3 Acceptable Certification Policies", NID_acceptable_cert_policies, 3, &so[8424]}, + {"acceptablePrivPolicies", "X509v3 Acceptable Privilege Policies", NID_acceptable_privilege_policies, 3, &so[8427]}, + {"indirectIssuer", "X509v3 Indirect Issuer", NID_indirect_issuer, 3, &so[8430]}, + {"noAssertion", "X509v3 No Assertion", NID_no_assertion, 3, &so[8433]}, + {"aAissuingDistributionPoint", "X509v3 Attribute Authority Issuing Distribution Point", NID_id_aa_issuing_distribution_point, 3, &so[8436]}, + {"issuedOnBehalfOf", "X509v3 Issued On Behalf Of", NID_issued_on_behalf_of, 3, &so[8439]}, + {"singleUse", "X509v3 Single Use", NID_single_use, 3, &so[8442]}, + {"groupAC", "X509v3 Group Attribute Certificate", NID_group_ac, 3, &so[8445]}, + {"allowedAttributeAssignments", "X509v3 Allowed Attribute Assignments", NID_allowed_attribute_assignments, 3, &so[8448]}, + {"attributeMappings", "X509v3 Attribute Mappings", NID_attribute_mappings, 3, &so[8451]}, + {"holderNameConstraints", "X509v3 Holder Name Constraints", NID_holder_name_constraints, 3, &so[8454]}, + {"authorizationValidation", "X509v3 Authorization Validation", NID_authorization_validation, 3, &so[8457]}, + {"protRestrict", "X509v3 Protocol Restriction", NID_prot_restrict, 3, &so[8460]}, + {"subjectAltPublicKeyInfo", "X509v3 Subject Alternative Public Key Info", NID_subject_alt_public_key_info, 3, &so[8463]}, + {"altSignatureAlgorithm", "X509v3 Alternative Signature Algorithm", NID_alt_signature_algorithm, 3, &so[8466]}, + {"altSignatureValue", "X509v3 Alternative Signature Value", NID_alt_signature_value, 3, &so[8469]}, + {"associatedInformation", "X509v3 Associated Information", NID_associated_information, 3, &so[8472]}, }; -#define NUM_SN 1286 +#define NUM_SN 1311 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2768,25 +2818,37 @@ static const unsigned int sn_objs[NUM_SN] = { 1206, /* "X963KDF" */ 185, /* "X9cm" */ 125, /* "ZLIB" */ + 1307, /* "aAissuingDistributionPoint" */ 478, /* "aRecord" */ 289, /* "aaControls" */ 287, /* "ac-auditEntity" */ 397, /* "ac-proxying" */ 288, /* "ac-targeting" */ + 1303, /* "acceptableCertPolicies" */ + 1304, /* "acceptablePrivPolicies" */ 368, /* "acceptableResponses" */ 446, /* "account" */ 363, /* "ad_timestamping" */ 376, /* "algorithm" */ + 1311, /* "allowedAttributeAssignments" */ + 1317, /* "altSignatureAlgorithm" */ + 1318, /* "altSignatureValue" */ 405, /* "ansi-X9-62" */ 910, /* "anyExtendedKeyUsage" */ 746, /* "anyPolicy" */ 370, /* "archiveCutoff" */ 484, /* "associatedDomain" */ + 1319, /* "associatedInformation" */ 485, /* "associatedName" */ + 1300, /* "attributeDescriptor" */ + 1312, /* "attributeMappings" */ 501, /* "audio" */ + 1295, /* "authorityAttributeIdentifier" */ 177, /* "authorityInfoAccess" */ 90, /* "authorityKeyIdentifier" */ 882, /* "authorityRevocationList" */ + 1314, /* "authorizationValidation" */ + 1297, /* "basicAttConstraints" */ 87, /* "basicConstraints" */ 365, /* "basicOCSPResponse" */ 285, /* "biometricInfo" */ @@ -2878,6 +2940,7 @@ static const unsigned int sn_objs[NUM_SN] = { 495, /* "dSAQuality" */ 434, /* "data" */ 390, /* "dcobject" */ + 1298, /* "delegatedNameConstraints" */ 140, /* "deltaCRL" */ 891, /* "deltaRevocationList" */ 107, /* "description" */ @@ -2965,6 +3028,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1010, /* "gost89-ecb" */ 812, /* "gost94" */ 850, /* "gost94cc" */ + 1310, /* "groupAC" */ 1156, /* "hmacWithDstu34311" */ 797, /* "hmacWithMD5" */ 163, /* "hmacWithSHA1" */ @@ -2979,6 +3043,7 @@ static const unsigned int sn_objs[NUM_SN] = { 430, /* "holdInstructionCode" */ 431, /* "holdInstructionNone" */ 433, /* "holdInstructionReject" */ + 1313, /* "holderNameConstraints" */ 486, /* "homePostalAddress" */ 473, /* "homeTelephoneNumber" */ 466, /* "host" */ @@ -3323,6 +3388,7 @@ static const unsigned int sn_objs[NUM_SN] = { 676, /* "identified-organization" */ 1170, /* "ieee" */ 1171, /* "ieee-siswg" */ + 1305, /* "indirectIssuer" */ 461, /* "info" */ 748, /* "inhibitAnyPolicy" */ 101, /* "initials" */ @@ -3335,6 +3401,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1022, /* "ipsecIKE" */ 295, /* "ipsecTunnel" */ 296, /* "ipsecUser" */ + 1308, /* "issuedOnBehalfOf" */ 86, /* "issuerAltName" */ 1008, /* "issuerSignTool" */ 770, /* "issuingDistributionPoint" */ @@ -3403,6 +3470,7 @@ static const unsigned int sn_objs[NUM_SN] = { 481, /* "nSRecord" */ 173, /* "name" */ 666, /* "nameConstraints" */ + 1306, /* "noAssertion" */ 369, /* "noCheck" */ 403, /* "noRevAvail" */ 72, /* "nsBaseUrl" */ @@ -3476,6 +3544,7 @@ static const unsigned int sn_objs[NUM_SN] = { 415, /* "prime256v1" */ 385, /* "private" */ 84, /* "privateKeyUsagePeriod" */ + 1315, /* "protRestrict" */ 886, /* "protocolInformation" */ 663, /* "proxyCertInfo" */ 510, /* "pseudonym" */ @@ -3486,6 +3555,7 @@ static const unsigned int sn_objs[NUM_SN] = { 870, /* "registeredAddress" */ 400, /* "role" */ 877, /* "roleOccupant" */ + 1296, /* "roleSpecCertIdentifier" */ 448, /* "room" */ 463, /* "roomNumber" */ 1243, /* "rpkiManifest" */ @@ -3494,6 +3564,7 @@ static const unsigned int sn_objs[NUM_SN] = { 644, /* "rsaOAEPEncryptionSET" */ 377, /* "rsaSignature" */ 1, /* "rsadsi" */ + 1302, /* "sOAIdentifier" */ 482, /* "sOARecord" */ 155, /* "safeContentsBag" */ 291, /* "sbgp-autonomousSysNum" */ @@ -3683,10 +3754,12 @@ static const unsigned int sn_objs[NUM_SN] = { 52, /* "signingTime" */ 454, /* "simpleSecurityObject" */ 496, /* "singleLevelQuality" */ + 1309, /* "singleUse" */ 1142, /* "sm-scheme" */ 387, /* "snmpv2" */ 660, /* "street" */ 85, /* "subjectAltName" */ + 1316, /* "subjectAltPublicKeyInfo" */ 769, /* "subjectDirectoryAttributes" */ 398, /* "subjectInfoAccess" */ 82, /* "subjectKeyIdentifier" */ @@ -3701,6 +3774,7 @@ static const unsigned int sn_objs[NUM_SN] = { 865, /* "telexNumber" */ 459, /* "textEncodedORAddress" */ 293, /* "textNotice" */ + 1299, /* "timeSpecification" */ 133, /* "timeStamping" */ 106, /* "title" */ 1020, /* "tlsfeature" */ @@ -3724,6 +3798,7 @@ static const unsigned int sn_objs[NUM_SN] = { 49, /* "unstructuredName" */ 880, /* "userCertificate" */ 465, /* "userClass" */ + 1301, /* "userNotice" */ 879, /* "userPassword" */ 373, /* "valid" */ 678, /* "wap" */ @@ -3748,7 +3823,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1289, /* "zstd" */ }; -#define NUM_LN 1286 +#define NUM_LN 1311 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3955,29 +4030,54 @@ static const unsigned int ln_objs[NUM_LN] = { 1035, /* "X448" */ 12, /* "X509" */ 402, /* "X509v3 AC Targeting" */ + 1303, /* "X509v3 Acceptable Certification Policies" */ + 1304, /* "X509v3 Acceptable Privilege Policies" */ + 1311, /* "X509v3 Allowed Attribute Assignments" */ + 1317, /* "X509v3 Alternative Signature Algorithm" */ + 1318, /* "X509v3 Alternative Signature Value" */ 746, /* "X509v3 Any Policy" */ + 1319, /* "X509v3 Associated Information" */ + 1307, /* "X509v3 Attribute Authority Issuing Distribution Point" */ + 1300, /* "X509v3 Attribute Descriptor" */ + 1312, /* "X509v3 Attribute Mappings" */ + 1295, /* "X509v3 Authority Attribute Identifier" */ 90, /* "X509v3 Authority Key Identifier" */ + 1314, /* "X509v3 Authorization Validation" */ + 1297, /* "X509v3 Basic Attribute Certificate Constraints" */ 87, /* "X509v3 Basic Constraints" */ 103, /* "X509v3 CRL Distribution Points" */ 88, /* "X509v3 CRL Number" */ 141, /* "X509v3 CRL Reason Code" */ 771, /* "X509v3 Certificate Issuer" */ 89, /* "X509v3 Certificate Policies" */ + 1298, /* "X509v3 Delegated Name Constraints" */ 140, /* "X509v3 Delta CRL Indicator" */ 126, /* "X509v3 Extended Key Usage" */ 857, /* "X509v3 Freshest CRL" */ + 1310, /* "X509v3 Group Attribute Certificate" */ + 1313, /* "X509v3 Holder Name Constraints" */ + 1305, /* "X509v3 Indirect Issuer" */ 748, /* "X509v3 Inhibit Any Policy" */ + 1308, /* "X509v3 Issued On Behalf Of" */ 86, /* "X509v3 Issuer Alternative Name" */ 770, /* "X509v3 Issuing Distribution Point" */ 83, /* "X509v3 Key Usage" */ 666, /* "X509v3 Name Constraints" */ + 1306, /* "X509v3 No Assertion" */ 403, /* "X509v3 No Revocation Available" */ 401, /* "X509v3 Policy Constraints" */ 747, /* "X509v3 Policy Mappings" */ 84, /* "X509v3 Private Key Usage Period" */ + 1315, /* "X509v3 Protocol Restriction" */ + 1296, /* "X509v3 Role Specification Certificate Identifier" */ + 1309, /* "X509v3 Single Use" */ + 1302, /* "X509v3 Source of Authority Identifier" */ 85, /* "X509v3 Subject Alternative Name" */ + 1316, /* "X509v3 Subject Alternative Public Key Info" */ 769, /* "X509v3 Subject Directory Attributes" */ 82, /* "X509v3 Subject Key Identifier" */ + 1299, /* "X509v3 Time Specification" */ + 1301, /* "X509v3 User Notice" */ 920, /* "X9.42 DH" */ 184, /* "X9.57" */ 185, /* "X9.57 CM ?" */ @@ -5038,7 +5138,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1152 +#define NUM_OBJ 1177 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5151,10 +5251,35 @@ static const unsigned int obj_objs[NUM_OBJ] = { 90, /* OBJ_authority_key_identifier 2 5 29 35 */ 401, /* OBJ_policy_constraints 2 5 29 36 */ 126, /* OBJ_ext_key_usage 2 5 29 37 */ + 1295, /* OBJ_authority_attribute_identifier 2 5 29 38 */ + 1296, /* OBJ_role_spec_cert_identifier 2 5 29 39 */ + 1297, /* OBJ_basic_att_constraints 2 5 29 41 */ + 1298, /* OBJ_delegated_name_constraints 2 5 29 42 */ + 1299, /* OBJ_time_specification 2 5 29 43 */ 857, /* OBJ_freshest_crl 2 5 29 46 */ + 1300, /* OBJ_attribute_descriptor 2 5 29 48 */ + 1301, /* OBJ_user_notice 2 5 29 49 */ + 1302, /* OBJ_soa_identifier 2 5 29 50 */ + 1303, /* OBJ_acceptable_cert_policies 2 5 29 52 */ 748, /* OBJ_inhibit_any_policy 2 5 29 54 */ 402, /* OBJ_target_information 2 5 29 55 */ 403, /* OBJ_no_rev_avail 2 5 29 56 */ + 1304, /* OBJ_acceptable_privilege_policies 2 5 29 57 */ + 1305, /* OBJ_indirect_issuer 2 5 29 61 */ + 1306, /* OBJ_no_assertion 2 5 29 62 */ + 1307, /* OBJ_id_aa_issuing_distribution_point 2 5 29 63 */ + 1308, /* OBJ_issued_on_behalf_of 2 5 29 64 */ + 1309, /* OBJ_single_use 2 5 29 65 */ + 1310, /* OBJ_group_ac 2 5 29 66 */ + 1311, /* OBJ_allowed_attribute_assignments 2 5 29 67 */ + 1312, /* OBJ_attribute_mappings 2 5 29 68 */ + 1313, /* OBJ_holder_name_constraints 2 5 29 69 */ + 1314, /* OBJ_authorization_validation 2 5 29 70 */ + 1315, /* OBJ_prot_restrict 2 5 29 71 */ + 1316, /* OBJ_subject_alt_public_key_info 2 5 29 72 */ + 1317, /* OBJ_alt_signature_algorithm 2 5 29 73 */ + 1318, /* OBJ_alt_signature_value 2 5 29 74 */ + 1319, /* OBJ_associated_information 2 5 29 75 */ 513, /* OBJ_set_ctype 2 23 42 0 */ 514, /* OBJ_set_msgExt 2 23 42 1 */ 515, /* OBJ_set_attr 2 23 42 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index ba3d57a5f3..9deaf2a5a9 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1292,3 +1292,28 @@ ms_ntds_obj_sid 1291 ms_ntds_sec_ext 1292 ms_cert_templ 1293 ms_app_policies 1294 +authority_attribute_identifier 1295 +role_spec_cert_identifier 1296 +basic_att_constraints 1297 +delegated_name_constraints 1298 +time_specification 1299 +attribute_descriptor 1300 +user_notice 1301 +soa_identifier 1302 +acceptable_cert_policies 1303 +acceptable_privilege_policies 1304 +indirect_issuer 1305 +no_assertion 1306 +id_aa_issuing_distribution_point 1307 +issued_on_behalf_of 1308 +single_use 1309 +group_ac 1310 +allowed_attribute_assignments 1311 +attribute_mappings 1312 +holder_name_constraints 1313 +authorization_validation 1314 +prot_restrict 1315 +subject_alt_public_key_info 1316 +alt_signature_algorithm 1317 +alt_signature_value 1318 +associated_information 1319 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index c6155fe508..305b89c016 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -879,14 +879,64 @@ id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier id-ce 36 : policyConstraints : X509v3 Policy Constraints !Cname ext-key-usage id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage +!Cname authority-attribute-identifier +id-ce 38 : authorityAttributeIdentifier : X509v3 Authority Attribute Identifier +!Cname role-spec-cert-identifier +id-ce 39 : roleSpecCertIdentifier : X509v3 Role Specification Certificate Identifier +!Cname basic-att-constraints +id-ce 41 : basicAttConstraints : X509v3 Basic Attribute Certificate Constraints +!Cname delegated-name-constraints +id-ce 42 : delegatedNameConstraints : X509v3 Delegated Name Constraints +!Cname time-specification +id-ce 43 : timeSpecification : X509v3 Time Specification !Cname freshest-crl id-ce 46 : freshestCRL : X509v3 Freshest CRL +!Cname attribute-descriptor +id-ce 48 : attributeDescriptor : X509v3 Attribute Descriptor +!Cname user-notice +id-ce 49 : userNotice : X509v3 User Notice +!Cname soa-identifier +id-ce 50 : sOAIdentifier : X509v3 Source of Authority Identifier +!Cname acceptable-cert-policies +id-ce 52 : acceptableCertPolicies : X509v3 Acceptable Certification Policies !Cname inhibit-any-policy id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy !Cname target-information id-ce 55 : targetInformation : X509v3 AC Targeting !Cname no-rev-avail id-ce 56 : noRevAvail : X509v3 No Revocation Available +!Cname acceptable-privilege-policies +id-ce 57 : acceptablePrivPolicies : X509v3 Acceptable Privilege Policies +!Cname indirect-issuer +id-ce 61 : indirectIssuer : X509v3 Indirect Issuer +!Cname no-assertion +id-ce 62 : noAssertion : X509v3 No Assertion +!Cname id-aa-issuing-distribution-point +id-ce 63 : aAissuingDistributionPoint : X509v3 Attribute Authority Issuing Distribution Point +!Cname issued-on-behalf-of +id-ce 64 : issuedOnBehalfOf : X509v3 Issued On Behalf Of +!Cname single-use +id-ce 65 : singleUse : X509v3 Single Use +!Cname group-ac +id-ce 66 : groupAC : X509v3 Group Attribute Certificate +!Cname allowed-attribute-assignments +id-ce 67 : allowedAttributeAssignments : X509v3 Allowed Attribute Assignments +!Cname attribute-mappings +id-ce 68 : attributeMappings : X509v3 Attribute Mappings +!Cname holder-name-constraints +id-ce 69 : holderNameConstraints : X509v3 Holder Name Constraints +!Cname authorization-validation +id-ce 70 : authorizationValidation : X509v3 Authorization Validation +!Cname prot-restrict +id-ce 71 : protRestrict : X509v3 Protocol Restriction +!Cname subject-alt-public-key-info +id-ce 72 : subjectAltPublicKeyInfo : X509v3 Subject Alternative Public Key Info +!Cname alt-signature-algorithm +id-ce 73 : altSignatureAlgorithm : X509v3 Alternative Signature Algorithm +!Cname alt-signature-value +id-ce 74 : altSignatureValue : X509v3 Alternative Signature Value +!Cname associated-information +id-ce 75 : associatedInformation : X509v3 Associated Information # From RFC5280 ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage -- cgit v1.2.3