From a3cc2ad5d49ed61187527281da351e80d8f76a89 Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 22 Aug 2016 13:31:38 -0400 Subject: [PATCH 15/29] oid: add SHIM_EKU_MODULE_SIGNING_ONLY and fix our array indices. That was all kinds of wrong. Signed-off-by: Peter Jones --- src/oid.c | 10 +++++++--- src/oid.h | 1 + 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/oid.c b/src/oid.c index 9d8154f..7037e1e 100644 --- a/src/oid.c +++ b/src/oid.c @@ -33,6 +33,7 @@ static uint8_t oiddata[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0f, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x15, 0x01, + 0x2b, 0x06, 0x01, 0x04, 0x01, 0x92, 0x08, 0x10, 0x01, 0x02, }; #define OID(num, desc_s, oidtype, length, value) \ @@ -53,11 +54,14 @@ static struct { OID(SPC_STATEMENT_TYPE_OBJID, "Statement Type", siDEROID, 10, &oiddata[10]), OID(SPC_PE_IMAGE_DATA_OBJID, "PE Image Data", siDEROID, 10, - &oiddata[30]), + &oiddata[20]), OID(SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID, "Individual Key", siDEROID, - 10, &oiddata[40]), + 10, &oiddata[30]), OID(szOID_CERTSRV_CA_VERSION, "Certification server CA version", - siAsciiString, 9, &oiddata[50]), + siAsciiString, 9, &oiddata[40]), + OID(SHIM_EKU_MODULE_SIGNING_ONLY, + "Certificate is used for kernel modules only", siDEROID, 10, + &oiddata[49]), { .oid = END_OID_LIST } }; diff --git a/src/oid.h b/src/oid.h index 599f49d..0e00781 100644 --- a/src/oid.h +++ b/src/oid.h @@ -25,6 +25,7 @@ typedef enum { SPC_PE_IMAGE_DATA_OBJID, /* 1.3.6.1.4.1.311.2.1.15 */ SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID, /* 1.3.6.1.4.1.311.2.1.21 */ szOID_CERTSRV_CA_VERSION, /* 1.3.6.1.4.1.311.21.1 */ + SHIM_EKU_MODULE_SIGNING_ONLY, /* 1.3.6.1.4.1.2312.16.1.2 */ END_OID_LIST } ms_oid_t; -- 2.13.4