WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Handle collisions in FPKI cert policy OID sums.

pull/8599/head
Kareem 2025-03-27 11:49:34 -07:00
parent ac2df1420b
commit eb3b4751ac
2 changed files with 173 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
wolfcrypt/src/asn.c
View File

@ -6603,6 +6603,145 @@ static int DumpOID(const byte* oidData, word32 oidSz, word32 oid,
} }
#endif /* ASN_DUMP_OID */ #endif /* ASN_DUMP_OID */
#ifdef WOLFSSL_FPKI
/* Handles the large number of collisions from FPKI certificate policy
* OID sums. Returns a special value (100000 + actual sum) if a
* collision is detected.
* @param [in] oid Buffer holding OID.
* @param [in] oidSz Length of OID data in buffer.
* @param [in] oidSum The sum of the OID being passed in.
*/
static word32 fpkiCertPolOid(const byte* oid, word32 oidSz, word32 oidSum) {
switch (oidSum) {
case CP_FPKI_COMMON_DEVICES_HARDWARE_OID:
if ((word32)sizeof(extCertPolicyDodPeerInteropOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyDodPeerInteropOid,
sizeof(extCertPolicyDodPeerInteropOid)) == 0)
return CP_DOD_PEER_INTEROP_OID;
break;
case CP_FPKI_PIV_AUTH_HW_OID:
if ((word32)sizeof(extCertPolicyDodMediumNpe112Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyDodMediumNpe112Oid,
sizeof(extCertPolicyDodMediumNpe112Oid)) == 0)
return CP_DOD_MEDIUM_NPE_112_OID;
else if ((word32)sizeof(extCertPolicyStateMediumDeviceHardwareOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyStateMediumDeviceHardwareOid,
sizeof(extCertPolicyStateMediumDeviceHardwareOid)) == 0)
return CP_STATE_MEDDEVHW_OID;
break;
case CP_FPKI_PIVI_AUTH_OID:
if ((word32)sizeof(extCertPolicyDodMedium128Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyDodMedium128Oid,
sizeof(extCertPolicyDodMedium128Oid)) == 0)
return CP_DOD_MEDIUM_128_OID;
break;
case CP_FPKI_COMMON_PIVI_CONTENT_SIGNING_OID:
if ((word32)sizeof(extCertPolicyDodMediumHardware112Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyDodMediumHardware112Oid,
sizeof(extCertPolicyDodMediumHardware112Oid)) == 0)
return CP_DOD_MEDIUM_HARDWARE_112_OID;
if ((word32)sizeof(extCertPolicyCertipathHighhwOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyCertipathHighhwOid,
sizeof(extCertPolicyCertipathHighhwOid)) == 0)
return CP_CERTIPATH_HIGHHW_OID;
break;
case CP_DOD_MEDIUM_OID:
if ((word32)sizeof(extCertPolicyEcaMediumOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyEcaMediumOid,
sizeof(extCertPolicyEcaMediumOid)) == 0)
return CP_ECA_MEDIUM_OID;
break;
case CP_FPKI_COMMON_AUTH_OID:
if ((word32)sizeof(extCertPolicyEcaMediumSha256Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyEcaMediumSha256Oid,
sizeof(extCertPolicyEcaMediumSha256Oid)) == 0)
return CP_ECA_MEDIUM_SHA256_OID;
break;
case CP_FPKI_MEDIUM_HARDWARE_OID:
if ((word32)sizeof(extCertPolicyEcaMediumTokenOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyEcaMediumTokenOid,
sizeof(extCertPolicyEcaMediumTokenOid)) == 0)
return CP_ECA_MEDIUM_TOKEN_OID;
else if ((word32)sizeof(extCertPolicyTreasuryPiviHardwareOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyTreasuryPiviHardwareOid,
sizeof(extCertPolicyTreasuryPiviHardwareOid)) == 0)
return CP_TREAS_PIVI_HW_OID;
break;
case CP_DOD_MEDIUM_HARDWARE_OID:
if ((word32)sizeof(extCertPolicyEcaMediumTokenSha256Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyEcaMediumTokenSha256Oid,
sizeof(extCertPolicyEcaMediumTokenSha256Oid)) == 0)
return CP_ECA_MEDIUM_TOKEN_SHA256_OID;
else if ((word32)sizeof(extCertPolicyTreasuryPiviContentSigningOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyTreasuryPiviContentSigningOid,
sizeof(extCertPolicyTreasuryPiviContentSigningOid)) == 0)
return CP_TREAS_PIVI_CONTENT_OID;
break;
case CP_DOD_PIV_AUTH_OID:
if ((word32)sizeof(extCertPolicyEcaMediumHardwarePiviOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyEcaMediumHardwarePiviOid,
sizeof(extCertPolicyEcaMediumHardwarePiviOid)) == 0)
return CP_ECA_MEDIUM_HARDWARE_PIVI_OID;
else if ((word32)sizeof(extCertPolicyStateMedHwOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyStateMedHwOid,
sizeof(extCertPolicyStateMedHwOid)) == 0)
return CP_STATE_MEDHW_OID;
break;
case CP_FPKI_COMMON_HARDWARE_OID:
if ((word32)sizeof(extCertPolicyStateHighOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyStateHighOid,
sizeof(extCertPolicyStateHighOid)) == 0)
return CP_STATE_HIGH_OID;
else if ((word32)sizeof(extCertPolicyTreasuryHighOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyTreasuryHighOid,
sizeof(extCertPolicyTreasuryHighOid)) == 0)
return CP_TREAS_HIGH_OID;
break;
case CP_ECA_MEDIUM_HARDWARE_OID:
if ((word32)sizeof(extCertPolicyExostarMediumHardwareSha2Oid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyExostarMediumHardwareSha2Oid,
sizeof(extCertPolicyExostarMediumHardwareSha2Oid)) == 0)
return CP_EXOSTAR_MEDIUMHW_SHA2_OID;
break;
case CP_ADO_HIGH_OID:
if ((word32)sizeof(extCertPolicyAdoResourceMediumAssuranceOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyAdoResourceMediumAssuranceOid,
sizeof(extCertPolicyAdoResourceMediumAssuranceOid)) == 0)
return CP_ADO_RESOURCE_MEDIUM_OID;
break;
case CP_DOD_ADMIN_OID:
if ((word32)sizeof(extCertPolicyCarillonAivcontentOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyCarillonAivcontentOid,
sizeof(extCertPolicyCarillonAivcontentOid)) == 0)
return CP_CARILLON_AIVCONTENT_OID;
break;
case CP_CIS_ICECAP_HW_OID:
if ((word32)sizeof(extCertPolicyNlModIrrefutabilityOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyNlModIrrefutabilityOid,
sizeof(extCertPolicyNlModIrrefutabilityOid)) == 0)
return CP_NL_MOD_IRREFUT_OID;
break;
case CP_DOD_MEDIUM_192_OID:
if ((word32)sizeof(extCertPolicyCertipathMediumhwOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyCertipathMediumhwOid,
sizeof(extCertPolicyCertipathMediumhwOid)) == 0)
return CP_CERTIPATH_MEDIUMHW_OID;
break;
case CP_CARILLON_AIVHW_OID:
if ((word32)sizeof(extCertPolicyCertipathVarMediumhwOid) == (word32)oidSz &&
XMEMCMP(oid, extCertPolicyCertipathVarMediumhwOid,
sizeof(extCertPolicyCertipathVarMediumhwOid)) == 0)
return CP_CERTIPATH_VAR_MEDIUMHW_OID;
break;
default:
break;
}
return 0;
}
#endif
/* Get the OID data and verify it is of the type specified when compiled in. /* Get the OID data and verify it is of the type specified when compiled in.
* *
* @param [in] input Buffer holding OID. * @param [in] input Buffer holding OID.
@ -6628,13 +6767,13 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
const byte* checkOid = NULL; const byte* checkOid = NULL;
word32 checkOidSz; word32 checkOidSz;
#endif /* NO_VERIFY_OID */ #endif /* NO_VERIFY_OID */
#if defined(HAVE_SPHINCS) #if defined(HAVE_SPHINCS) || defined(WOLFSSL_FPKI)
word32 found_collision = 0; word32 found_collision = 0;
#endif #endif
(void)oidType; (void)oidType;
*oid = 0; *oid = 0;
#ifndef NO_VERIFY_OID #if !defined(NO_VERIFY_OID) || defined(WOLFSSL_FPKI)
/* Keep references to OID data and length for check. */ /* Keep references to OID data and length for check. */
actualOid = &input[idx]; actualOid = &input[idx];
actualOidSz = (word32)length; actualOidSz = (word32)length;
@ -6663,7 +6802,16 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
idx++; idx++;
} }
#ifdef HAVE_SPHINCS #ifdef WOLFSSL_FPKI
/* Due to the large number of OIDs for FPKI certificate policy, there
are multiple collsisions. Handle them in a dedicated function,
if a collision is detected, the OID is adjusted. */
if (oidType == oidCertPolicyType) {
found_collision = fpkiCertPolOid(actualOid, actualOidSz, *oid);
}
#endif
#if defined(HAVE_SPHINCS) || defined(WOLFSSL_FPKI)
if (found_collision) { if (found_collision) {
*oid = found_collision; *oid = found_collision;
} }
@ -6691,9 +6839,6 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
checkOid = blkAes256CbcOid; checkOid = blkAes256CbcOid;
checkOidSz = sizeof(blkAes256CbcOid); checkOidSz = sizeof(blkAes256CbcOid);
} }
if (oidType == oidCertPolicyType) {
checkOid = fpkiCertPolOid(*oid, &checkOidSz, actualOid, actualOidSz);
}
#endif /* HAVE_AES_CBC */ #endif /* HAVE_AES_CBC */
#endif /* WOLFSSL_FPKI */ #endif /* WOLFSSL_FPKI */

44
wolfssl/wolfcrypt/asn.h
View File

@ -1449,14 +1449,14 @@ enum CertificatePolicy_Sum {
CP_DOD_MEDIUM_2048_OID = 436, /* 2.16.840.1.101.2.1.11.18 */ CP_DOD_MEDIUM_2048_OID = 436, /* 2.16.840.1.101.2.1.11.18 */
CP_DOD_MEDIUM_HARDWARE_2048_OID = 437, /* 2.16.840.1.101.2.1.11.19 */ CP_DOD_MEDIUM_HARDWARE_2048_OID = 437, /* 2.16.840.1.101.2.1.11.19 */
CP_DOD_PIV_AUTH_2048_OID = 438, /* 2.16.840.1.101.2.1.11.20 */ CP_DOD_PIV_AUTH_2048_OID = 438, /* 2.16.840.1.101.2.1.11.20 */
CP_DOD_PEER_INTEROP_OID = 449, /* 2.16.840.1.101.2.1.11.31 */ CP_DOD_PEER_INTEROP_OID = 100449, /* 2.16.840.1.101.2.1.11.31 */
CP_DOD_MEDIUM_NPE_112_OID = 454, /* 2.16.840.1.101.2.1.11.36 */ CP_DOD_MEDIUM_NPE_112_OID = 100454, /* 2.16.840.1.101.2.1.11.36 */
CP_DOD_MEDIUM_NPE_128_OID = 455, /* 2.16.840.1.101.2.1.11.37 */ CP_DOD_MEDIUM_NPE_128_OID = 455, /* 2.16.840.1.101.2.1.11.37 */
CP_DOD_MEDIUM_NPE_192_OID = 456, /* 2.16.840.1.101.2.1.11.38 */ CP_DOD_MEDIUM_NPE_192_OID = 456, /* 2.16.840.1.101.2.1.11.38 */
CP_DOD_MEDIUM_112_OID = 457, /* 2.16.840.1.101.2.1.11.39 */ CP_DOD_MEDIUM_112_OID = 457, /* 2.16.840.1.101.2.1.11.39 */
CP_DOD_MEDIUM_128_OID = 458, /* 2.16.840.1.101.2.1.11.40 */ CP_DOD_MEDIUM_128_OID = 100458, /* 2.16.840.1.101.2.1.11.40 */
CP_DOD_MEDIUM_192_OID = 459, /* 2.16.840.1.101.2.1.11.41 */ CP_DOD_MEDIUM_192_OID = 459, /* 2.16.840.1.101.2.1.11.41 */
CP_DOD_MEDIUM_HARDWARE_112_OID = 460, /* 2.16.840.1.101.2.1.11.42 */ CP_DOD_MEDIUM_HARDWARE_112_OID = 100460, /* 2.16.840.1.101.2.1.11.42 */
CP_DOD_MEDIUM_HARDWARE_128_OID = 461, /* 2.16.840.1.101.2.1.11.43 */ CP_DOD_MEDIUM_HARDWARE_128_OID = 461, /* 2.16.840.1.101.2.1.11.43 */
CP_DOD_MEDIUM_HARDWARE_192_OID = 462, /* 2.16.840.1.101.2.1.11.44 */ CP_DOD_MEDIUM_HARDWARE_192_OID = 462, /* 2.16.840.1.101.2.1.11.44 */
CP_DOD_ADMIN_OID = 477, /* 2.16.840.1.101.2.1.11.59 */ CP_DOD_ADMIN_OID = 477, /* 2.16.840.1.101.2.1.11.59 */
@ -1465,26 +1465,26 @@ enum CertificatePolicy_Sum {
CP_DOD_INTERNAL_NPE_192_OID = 480, /* 2.16.840.1.101.2.1.11.62 */ CP_DOD_INTERNAL_NPE_192_OID = 480, /* 2.16.840.1.101.2.1.11.62 */
/* ECA PKI OIDs */ /* ECA PKI OIDs */
CP_ECA_MEDIUM_OID = 423, /* 2.16.840.1.101.3.2.1.12.1 */ CP_ECA_MEDIUM_OID = 100423, /* 2.16.840.1.101.3.2.1.12.1 */
CP_ECA_MEDIUM_HARDWARE_OID = 424, /* 2.16.840.1.101.3.2.1.12.2 */ CP_ECA_MEDIUM_HARDWARE_OID = 424, /* 2.16.840.1.101.3.2.1.12.2 */
CP_ECA_MEDIUM_TOKEN_OID = 425, /* 2.16.840.1.101.3.2.1.12.3 */ CP_ECA_MEDIUM_TOKEN_OID = 100425, /* 2.16.840.1.101.3.2.1.12.3 */
CP_ECA_MEDIUM_SHA256_OID = 426, /* 2.16.840.1.101.3.2.1.12.4 */ CP_ECA_MEDIUM_SHA256_OID = 100426, /* 2.16.840.1.101.3.2.1.12.4 */
CP_ECA_MEDIUM_TOKEN_SHA256_OID = 427, /* 2.16.840.1.101.3.2.1.12.5 */ CP_ECA_MEDIUM_TOKEN_SHA256_OID = 100427, /* 2.16.840.1.101.3.2.1.12.5 */
CP_ECA_MEDIUM_HARDWARE_PIVI_OID = 428, /* 2.16.840.1.101.3.2.1.12.6 */ CP_ECA_MEDIUM_HARDWARE_PIVI_OID = 100428, /* 2.16.840.1.101.3.2.1.12.6 */
CP_ECA_CONTENT_SIGNING_PIVI_OID = 430, /* 2.16.840.1.101.3.2.1.12.8 */ CP_ECA_CONTENT_SIGNING_PIVI_OID = 430, /* 2.16.840.1.101.3.2.1.12.8 */
CP_ECA_MEDIUM_DEVICE_SHA256_OID = 431, /* 2.16.840.1.101.3.2.1.12.9 */ CP_ECA_MEDIUM_DEVICE_SHA256_OID = 431, /* 2.16.840.1.101.3.2.1.12.9 */
CP_ECA_MEDIUM_HARDWARE_SHA256_OID = 432, /* 2.16.840.1.101.3.2.1.12.10 */ CP_ECA_MEDIUM_HARDWARE_SHA256_OID = 432, /* 2.16.840.1.101.3.2.1.12.10 */
/* Department of State PKI OIDs */ /* Department of State PKI OIDs */
CP_STATE_HIGH_OID = 420, /* 2.16.840.1.101.3.2.1.6.4 */ CP_STATE_HIGH_OID = 100420, /* 2.16.840.1.101.3.2.1.6.4 */
CP_STATE_MEDHW_OID = 428, /* 2.16.840.1.101.3.2.1.6.12 */ CP_STATE_MEDHW_OID = 101428, /* 2.16.840.1.101.3.2.1.6.12 */
CP_STATE_MEDDEVHW_OID = 454, /* 2.16.840.1.101.3.2.1.6.38 */ CP_STATE_MEDDEVHW_OID = 101454, /* 2.16.840.1.101.3.2.1.6.38 */
/* U.S. Treasury SSP PKI OIDs */ /* U.S. Treasury SSP PKI OIDs */
CP_TREAS_MEDIUMHW_OID = 419, /* 2.16.840.1.101.3.2.1.5.4 */ CP_TREAS_MEDIUMHW_OID = 419, /* 2.16.840.1.101.3.2.1.5.4 */
CP_TREAS_HIGH_OID = 420, /* 2.16.840.1.101.3.2.1.5.5 */ CP_TREAS_HIGH_OID = 101420, /* 2.16.840.1.101.3.2.1.5.5 */
CP_TREAS_PIVI_HW_OID = 425, /* 2.16.840.1.101.3.2.1.5.10 */ CP_TREAS_PIVI_HW_OID = 101425, /* 2.16.840.1.101.3.2.1.5.10 */
CP_TREAS_PIVI_CONTENT_OID = 427, /* 2.16.840.1.101.3.2.1.5.12 */ CP_TREAS_PIVI_CONTENT_OID = 101427, /* 2.16.840.1.101.3.2.1.5.12 */
/* Boeing PKI OIDs */ /* Boeing PKI OIDs */
CP_BOEING_MEDIUMHW_SHA256_OID = 159, /* 1.3.6.1.4.1.73.15.3.1.12 */ CP_BOEING_MEDIUMHW_SHA256_OID = 159, /* 1.3.6.1.4.1.73.15.3.1.12 */
@ -1493,7 +1493,7 @@ enum CertificatePolicy_Sum {
/* Carillon Federal Services OIDs */ /* Carillon Federal Services OIDs */
CP_CARILLON_MEDIUMHW_256_OID = 467, /* 1.3.6.1.4.1.45606.3.1.12 */ CP_CARILLON_MEDIUMHW_256_OID = 467, /* 1.3.6.1.4.1.45606.3.1.12 */
CP_CARILLON_AIVHW_OID = 475, /* 1.3.6.1.4.1.45606.3.1.20 */ CP_CARILLON_AIVHW_OID = 475, /* 1.3.6.1.4.1.45606.3.1.20 */
CP_CARILLON_AIVCONTENT_OID = 477, /* 1.3.6.1.4.1.45606.3.1.22 */ CP_CARILLON_AIVCONTENT_OID = 100477, /* 1.3.6.1.4.1.45606.3.1.22 */
/* Carillon Information Security OIDs */ /* Carillon Information Security OIDs */
CP_CIS_MEDIUMHW_256_OID = 489, /* 1.3.6.1.4.1.25054.3.1.12 */ CP_CIS_MEDIUMHW_256_OID = 489, /* 1.3.6.1.4.1.25054.3.1.12 */
@ -1502,11 +1502,11 @@ enum CertificatePolicy_Sum {
CP_CIS_ICECAP_CONTENT_OID = 499, /* 1.3.6.1.4.1.25054.3.1.22 */ CP_CIS_ICECAP_CONTENT_OID = 499, /* 1.3.6.1.4.1.25054.3.1.22 */
/* CertiPath Bridge OIDs */ /* CertiPath Bridge OIDs */
CP_CERTIPATH_MEDIUMHW_OID = 459, /* 1.3.6.1.4.1.24019.1.1.1.2 */ CP_CERTIPATH_MEDIUMHW_OID = 100459, /* 1.3.6.1.4.1.24019.1.1.1.2 */
CP_CERTIPATH_HIGHHW_OID = 460, /* 1.3.6.1.4.1.24019.1.1.1.3 */ CP_CERTIPATH_HIGHHW_OID = 101460, /* 1.3.6.1.4.1.24019.1.1.1.3 */
CP_CERTIPATH_ICECAP_HW_OID = 464, /* 1.3.6.1.4.1.24019.1.1.1.7 */ CP_CERTIPATH_ICECAP_HW_OID = 464, /* 1.3.6.1.4.1.24019.1.1.1.7 */
CP_CERTIPATH_ICECAP_CONTENT_OID = 466, /* 1.3.6.1.4.1.24019.1.1.1.9 */ CP_CERTIPATH_ICECAP_CONTENT_OID = 466, /* 1.3.6.1.4.1.24019.1.1.1.9 */
CP_CERTIPATH_VAR_MEDIUMHW_OID = 475, /* 1.3.6.1.4.1.24019.1.1.1.18 */ CP_CERTIPATH_VAR_MEDIUMHW_OID = 100475, /* 1.3.6.1.4.1.24019.1.1.1.18 */
CP_CERTIPATH_VAR_HIGHHW_OID = 476, /* 1.3.6.1.4.1.24019.1.1.1.19 */ CP_CERTIPATH_VAR_HIGHHW_OID = 476, /* 1.3.6.1.4.1.24019.1.1.1.19 */
/* TSCP Bridge OIDs */ /* TSCP Bridge OIDs */
@ -1529,7 +1529,7 @@ enum CertificatePolicy_Sum {
CP_ENTRUST_NFSSP_MEDDEVHW_OID = 1031, /* 2.16.840.1.114027.200.3.10.7.16 */ CP_ENTRUST_NFSSP_MEDDEVHW_OID = 1031, /* 2.16.840.1.114027.200.3.10.7.16 */
/* Exostar LLC PKI OIDs */ /* Exostar LLC PKI OIDs */
CP_EXOSTAR_MEDIUMHW_SHA2_OID = 424, /* 1.3.6.1.4.1.13948.1.1.1.6 */ CP_EXOSTAR_MEDIUMHW_SHA2_OID = 100424, /* 1.3.6.1.4.1.13948.1.1.1.6 */
/* IdenTrust NFI OIDs */ /* IdenTrust NFI OIDs */
CP_IDENTRUST_MEDIUMHW_SIGN_OID = 846, /* 2.16.840.1.113839.0.100.12.1 */ CP_IDENTRUST_MEDIUMHW_SIGN_OID = 846, /* 2.16.840.1.113839.0.100.12.1 */
@ -1563,11 +1563,11 @@ enum CertificatePolicy_Sum {
/* Australian Defence Organisation PKI OIDs */ /* Australian Defence Organisation PKI OIDs */
CP_ADO_MEDIUM_OID = 293, /* 1.2.36.1.334.1.2.1.2 */ CP_ADO_MEDIUM_OID = 293, /* 1.2.36.1.334.1.2.1.2 */
CP_ADO_HIGH_OID = 294, /* 1.2.36.1.334.1.2.1.3 */ CP_ADO_HIGH_OID = 294, /* 1.2.36.1.334.1.2.1.3 */
CP_ADO_RESOURCE_MEDIUM_OID = 294, /* 1.2.36.1.334.1.2.2.2 */ CP_ADO_RESOURCE_MEDIUM_OID = 100294, /* 1.2.36.1.334.1.2.2.2 */
/* Netherlands Ministry of Defence PKI OIDs */ /* Netherlands Ministry of Defence PKI OIDs */
CP_NL_MOD_AUTH_OID = 496, /* 2.16.528.1.1003.1.2.5.1 */ CP_NL_MOD_AUTH_OID = 496, /* 2.16.528.1.1003.1.2.5.1 */
CP_NL_MOD_IRREFUT_OID = 497, /* 2.16.528.1.1003.1.2.5.2 */ CP_NL_MOD_IRREFUT_OID = 100497, /* 2.16.528.1.1003.1.2.5.2 */
CP_NL_MOD_CONFID_OID = 498, /* 2.16.528.1.1003.1.2.5.3 */ CP_NL_MOD_CONFID_OID = 498, /* 2.16.528.1.1003.1.2.5.3 */
#endif /* WOLFSSL_FPKI */ #endif /* WOLFSSL_FPKI */
WOLF_ENUM_DUMMY_LAST_ELEMENT(CertificatePolicy_Sum) WOLF_ENUM_DUMMY_LAST_ELEMENT(CertificatePolicy_Sum)