pesign/0015-oid-add-SHIM_EKU_MODULE_SIGNING_ONLY-and-fix-our-arr.patch

From a3cc2ad5d49ed61187527281da351e80d8f76a89 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 22 Aug 2016 13:31:38 -0400
Subject: [PATCH 15/29] oid: add SHIM_EKU_MODULE_SIGNING_ONLY and fix our array
 indices.

That was all kinds of wrong.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/oid.c | 10 +++++++---
 src/oid.h |  1 +
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/oid.c b/src/oid.c
index 9d8154f..7037e1e 100644
--- a/src/oid.c
+++ b/src/oid.c
@@ -33,6 +33,7 @@ static uint8_t oiddata[] = {
 	0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f,
 	0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15,
 	0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x01,
+	0x2b, 0x06, 0x01, 0x04, 0x01, 0x92, 0x08, 0x10, 0x01, 0x02,
 };
 
 #define OID(num, desc_s, oidtype, length, value)		\
@@ -53,11 +54,14 @@ static struct {
 	OID(SPC_STATEMENT_TYPE_OBJID, "Statement Type", siDEROID, 10,
 		&oiddata[10]),
 	OID(SPC_PE_IMAGE_DATA_OBJID, "PE Image Data", siDEROID, 10,
-		&oiddata[30]),
+		&oiddata[20]),
 	OID(SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID, "Individual Key", siDEROID,
-		10, &oiddata[40]),
+		10, &oiddata[30]),
 	OID(szOID_CERTSRV_CA_VERSION, "Certification server CA version",
-		siAsciiString, 9, &oiddata[50]),
+		siAsciiString, 9, &oiddata[40]),
+	OID(SHIM_EKU_MODULE_SIGNING_ONLY,
+		"Certificate is used for kernel modules only", siDEROID, 10,
+		&oiddata[49]),
 	{ .oid = END_OID_LIST }
 };
 
diff --git a/src/oid.h b/src/oid.h
index 599f49d..0e00781 100644
--- a/src/oid.h
+++ b/src/oid.h
@@ -25,6 +25,7 @@ typedef enum {
 	SPC_PE_IMAGE_DATA_OBJID,		/* 1.3.6.1.4.1.311.2.1.15 */
 	SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID,	/* 1.3.6.1.4.1.311.2.1.21 */
 	szOID_CERTSRV_CA_VERSION,		/* 1.3.6.1.4.1.311.21.1 */
+	SHIM_EKU_MODULE_SIGNING_ONLY,		/* 1.3.6.1.4.1.2312.16.1.2 */
 	END_OID_LIST
 } ms_oid_t;
 
-- 
2.13.4
Auto sync2gitlab import of pesign-0.112-26.el8.src.rpm 2022-05-26 17:19:54 +00:00			`From a3cc2ad5d49ed61187527281da351e80d8f76a89 Mon Sep 17 00:00:00 2001`
			`From: Peter Jones <pjones@redhat.com>`
			`Date: Mon, 22 Aug 2016 13:31:38 -0400`
			`Subject: [PATCH 15/29] oid: add SHIM_EKU_MODULE_SIGNING_ONLY and fix our array`
			`indices.`

			`That was all kinds of wrong.`

			`Signed-off-by: Peter Jones <pjones@redhat.com>`
			`---`
			`src/oid.c \| 10 +++++++---`
			`src/oid.h \| 1 +`
			`2 files changed, 8 insertions(+), 3 deletions(-)`

			`diff --git a/src/oid.c b/src/oid.c`
			`index 9d8154f..7037e1e 100644`
			`--- a/src/oid.c`
			`+++ b/src/oid.c`
			`@@ -33,6 +33,7 @@ static uint8_t oiddata[] = {`
			`0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f,`
			`0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15,`
			`0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x01,`
			`+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x92, 0x08, 0x10, 0x01, 0x02,`
			`};`

			`#define OID(num, desc_s, oidtype, length, value) \`
			`@@ -53,11 +54,14 @@ static struct {`
			`OID(SPC_STATEMENT_TYPE_OBJID, "Statement Type", siDEROID, 10,`
			`&oiddata[10]),`
			`OID(SPC_PE_IMAGE_DATA_OBJID, "PE Image Data", siDEROID, 10,`
			`- &oiddata[30]),`
			`+ &oiddata[20]),`
			`OID(SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID, "Individual Key", siDEROID,`
			`- 10, &oiddata[40]),`
			`+ 10, &oiddata[30]),`
			`OID(szOID_CERTSRV_CA_VERSION, "Certification server CA version",`
			`- siAsciiString, 9, &oiddata[50]),`
			`+ siAsciiString, 9, &oiddata[40]),`
			`+ OID(SHIM_EKU_MODULE_SIGNING_ONLY,`
			`+ "Certificate is used for kernel modules only", siDEROID, 10,`
			`+ &oiddata[49]),`
			`{ .oid = END_OID_LIST }`
			`};`

			`diff --git a/src/oid.h b/src/oid.h`
			`index 599f49d..0e00781 100644`
			`--- a/src/oid.h`
			`+++ b/src/oid.h`
			`@@ -25,6 +25,7 @@ typedef enum {`
			`SPC_PE_IMAGE_DATA_OBJID, /* 1.3.6.1.4.1.311.2.1.15 */`
			`SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID, /* 1.3.6.1.4.1.311.2.1.21 */`
			`szOID_CERTSRV_CA_VERSION, /* 1.3.6.1.4.1.311.21.1 */`
			`+ SHIM_EKU_MODULE_SIGNING_ONLY, /* 1.3.6.1.4.1.2312.16.1.2 */`
			`END_OID_LIST`
			`} ms_oid_t;`

			`--`
			`2.13.4`