From 975df0051921999deb5f9ec410f0c48df8270c15 Mon Sep 17 00:00:00 2001 From: Job Snijders Date: Tue, 30 Aug 2022 18:56:50 +0000 Subject: Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10) ASPA objects are published in the RPKI and can be used to detect and mitigate BGP route leaks. Validated ASPA Payloads are visible through filemode (-f) and the JSON output format (-j). With feedback from tb@ OK claudio@ tb@ --- usr.sbin/rpki-client/x509.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'usr.sbin/rpki-client/x509.c') diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c index fd90a1e4000..d3e65d8c1ea 100644 --- a/usr.sbin/rpki-client/x509.c +++ b/usr.sbin/rpki-client/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.47 2022/07/28 16:03:19 tb Exp $ */ +/* $OpenBSD: x509.c,v 1.48 2022/08/30 18:56:49 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Claudio Jeker @@ -44,6 +44,7 @@ ASN1_OBJECT *msg_dgst_oid; /* pkcs-9 id-messageDigest */ ASN1_OBJECT *sign_time_oid; /* pkcs-9 id-signingTime */ ASN1_OBJECT *bin_sign_time_oid; /* pkcs-9 id-aa-binarySigningTime */ ASN1_OBJECT *rsc_oid; /* id-ct-signedChecklist */ +ASN1_OBJECT *aspa_oid; /* id-ct-ASPA */ void x509_init_oid(void) @@ -81,6 +82,9 @@ x509_init_oid(void) if ((rsc_oid = OBJ_txt2obj("1.2.840.113549.1.9.16.1.48", 1)) == NULL) errx(1, "OBJ_txt2obj for %s failed", "1.2.840.113549.1.9.16.1.48"); + if ((aspa_oid = OBJ_txt2obj("1.2.840.113549.1.9.16.1.49", 1)) == NULL) + errx(1, "OBJ_txt2obj for %s failed", + "1.2.840.113549.1.9.16.1.49"); } /* -- cgit v1.2.3