diff options
| author | Rob Austein <sra@hactrn.net> | 2007-11-12 17:17:59 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-11-12 17:17:59 +0000 |
| commit | a3c7976d7874577dc1847040cac283ac5a42a688 (patch) | |
| tree | 530fb2efa9ca0cf9d3a2493013cc2b20558f328e /scripts/rpki/x509.py | |
| parent | c68b32b9a92f575a654f70c1c75ed92fffb0ad74 (diff) | |
OIDs
svn path=/scripts/rpki/up_down.py; revision=1276
Diffstat (limited to 'scripts/rpki/x509.py')
| -rw-r--r-- | scripts/rpki/x509.py | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py index 668e4dda..069c84d6 100644 --- a/scripts/rpki/x509.py +++ b/scripts/rpki/x509.py @@ -27,10 +27,11 @@ oid2name = { (1, 3, 6, 1, 5, 5, 7, 1, 7) : "sbgp-ipAddrBlock", (1, 3, 6, 1, 5, 5, 7, 1, 8) : "sbgp-autonomousSysNum", (1, 3, 6, 1, 5, 5, 7, 14, 2) : "id-cp-ipAddr-asNumber", - (1, 3, 6, 1, 5, 5, 7, 48, 10) : "rpkiManifest", - (1, 3, 6, 1, 5, 5, 7, 48, 2) : "caIssuers", - (1, 3, 6, 1, 5, 5, 7, 48, 5) : "caRepository", - (1, 3, 6, 1, 5, 5, 7, 48, 9) : "signedObjectRepository", + (1, 3, 6, 1, 5, 5, 7, 48, 2) : "id-ad-caIssuers", + (1, 3, 6, 1, 5, 5, 7, 48, 5) : "id-ad-caRepository", + (1, 3, 6, 1, 5, 5, 7, 48, 9) : "id-ad-signedObjectRepository", + (1, 3, 6, 1, 5, 5, 7, 48, 10) : "id-ad-rpkiManifest", + (1, 3, 6, 1, 5, 5, 7, 48, 11) : "id-ad-signedObject", (2, 5, 29, 14) : "subjectKeyIdentifier", (2, 5, 29, 15) : "keyUsage", (2, 5, 29, 19) : "basicConstraints", @@ -307,7 +308,7 @@ class X509(DER_object): exts = [ ["subjectKeyIdentifier", False, ski], ["authorityKeyIdentifier", False, (aki, (), None)], ["cRLDistributionPoints", False, ((("fullName", (("uri", crldp),)), None, ()),)], - ["authorityInfoAccess", False, ((name2oid["caIssuers"], ("uri", aia)),)], + ["authorityInfoAccess", False, ((name2oid["id-ad-caIssuers"], ("uri", aia)),)], ["certificatePolicies", True, ((name2oid["id-cp-ipAddr-asNumber"], ()),)] ] if is_ca: @@ -467,7 +468,7 @@ class PKCS10(DER_object): raise rpki.exceptions.BadPKCS10, "keyUsage doesn't match basicConstraints" for method, location in req_exts.get("subjectInfoAccess", ()): - if oid2name.get(method) == "caRepository" and \ + if oid2name.get(method) == "id-ad-caRepository" and \ (location[0] != "uri" or (location[1].startswith("rsync://") and not location[1].endswith("/"))): raise rpki.exceptions.BadPKCS10, "Certificate request includes bad SIA component: %s" % repr(location) |