Add Wisun Fan device extended key usage

Add the Wisun extended key usage oid and tests.
This commit is contained in:
Ron Eldor 2019-04-01 18:12:23 +03:00
parent 57773d4ede
commit b6dc105456
5 changed files with 67 additions and 7 deletions

View File

@ -5,6 +5,7 @@ mbed TLS ChangeLog (Sorted per branch, date)
Features
* Add the Any Policy certificate policy oid, as defined in
rfc 5280 section 4.2.1.4.
* Add the Wi-SUN Field Area Network (FAN) device extended key usage.
Bugfix
* Fix private key DER output in the key_app_writer example. File contents

View File

@ -122,7 +122,8 @@
* { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) }
*/
#define MBEDTLS_OID_PKIX MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01\x05\x05\x07"
#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01"
#define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07"
/*
* Arc for standard naming attributes
@ -206,6 +207,13 @@
#define MBEDTLS_OID_TIME_STAMPING MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
#define MBEDTLS_OID_OCSP_SIGNING MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
/**
* Wi-SUN Alliance Field Area Network
* { iso(1) identified-organization(3) dod(6) internet(1)
* private(4) enterprise(1) WiSUN(45605) FieldAreaNetwork(1) }
*/
#define MBEDTLS_OID_WISUN_FAN MBEDTLS_OID_INTERNET "\x04\x01\x82\xe4\x25\x01"
/*
* PKCS definition OIDs
*/

View File

@ -284,12 +284,13 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, e
static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
{
{ ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
{ ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
{ ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
{ ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
{ ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
{ ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
{ ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
{ ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
{ ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
{ ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
{ ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
{ ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
{ ADD_LEN( MBEDTLS_OID_WISUN_FAN ), "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" },
{ NULL, 0, NULL, NULL },
};

View File

@ -6,3 +6,30 @@ oid_get_certificate_policies:"5533445566":""
OID get certificate policy wrong oid - id-ce-authorityKeyIdentifier
oid_get_certificate_policies:"551D23":""
OID get Ext Key Usage - id-kp-serverAuth
oid_get_extended_key_usage:"2B06010505070301":"TLS Web Server Authentication"
OID get Ext Key Usage - id-kp-clientAuth
oid_get_extended_key_usage:"2B06010505070302":"TLS Web Client Authentication"
OID get Ext Key Usage - id-kp-codeSigning
oid_get_extended_key_usage:"2B06010505070303":"Code Signing"
OID get Ext Key Usage - id-kp-emailProtection
oid_get_extended_key_usage:"2B06010505070304":"E-mail Protection"
OID get Ext Key Usage - id-kp-timeStamping
oid_get_extended_key_usage:"2B06010505070308":"Time Stamping"
OID get Ext Key Usage - id-kp-OCSPSigning
oid_get_extended_key_usage:"2B06010505070309":"OCSP Signing"
OID get Ext Key Usage - id-kp-wisun-fan-device
oid_get_extended_key_usage:"2B0601040182E42501":"Wi-SUN Alliance Field Area Network (FAN)"
OID get Ext Key Usage invalid oid
oid_get_extended_key_usage:"5533445566":""
OID get Ext Key Usage wrong oid - id-ce-authorityKeyIdentifier
oid_get_extended_key_usage:"551D23":""

View File

@ -32,3 +32,26 @@ void oid_get_certificate_policies( data_t * oid, char * result_str )
}
}
/* END_CASE */
/* BEGIN_CASE */
void oid_get_extended_key_usage( data_t *oid, char *result_str )
{
mbedtls_asn1_buf asn1_buf = { 0, 0, NULL };
int ret;
const char *desc;
asn1_buf.tag = MBEDTLS_ASN1_OID;
asn1_buf.p = oid->x;
asn1_buf.len = oid->len;
ret = mbedtls_oid_get_extended_key_usage( &asn1_buf, &desc );
if( strlen( result_str ) == 0 )
{
TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND );
}
else
{
TEST_ASSERT( strcmp( ( char * )desc, result_str ) == 0 );
}
}
/* END_CASE */