The extended key Usage values for IP Sec are not supported

kjur / jsrsasign

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.

https://kjur.github.io/jsrsasign

Other

3.25k stars 646 forks source link

The extended key Usage values for IP Sec are not supported #617

Closed robcordes closed 5 months ago

robcordes commented 5 months ago

1.3.6.1.5.5.7.3.5 ipsecEndSystem 0 0 IPSEC End System Certificate 1.3.6.1.5.5.7.3.6 ipsecTunnel 0 0 IPSEC Tunnel Certificate 1.3.6.1.5.5.7.3.7 ipsecUser 0 0 IPSEC User Certificate

All three (ipsecEndSystem, ipsecTunnel and ipsecUser) generate an error : DERObjectIdentifier oidName undefined: (like ipsecEndSystem).

Using jsrsasign version 11.1.0.

robcordes commented 5 months ago

if somebody could add these 3 to this list: >>> this.name2oidList in asn1x509-1.0.js then this is fixed.

KJUR.asn1.x509.OID = new function() { var _DERObjectIdentifier = KJUR.asn1.DERObjectIdentifier;

this.name2oidList = {

kjur commented 5 months ago

I'm sorry but there is no plan to add such minor OIDs. You can register OIDs before using:

KJUR.asn1.x509.OID.registerOIDs({
  "ipsecEndSystem": "1.3.6.1.5.5.7.3.5",
  "ipsecTunnel": "1.3.6.1.5.5.7.3.6",
  "ipsecUser": "1.3.6.1.5.5.7.3.7"
});