From 0c5d711083968dab6ee0b848563f884f882b610e Mon Sep 17 00:00:00 2001
From: Daniel Arai <daniel@fortanix.com>
Date: Mon, 24 Apr 2023 12:49:29 -0700
Subject: [PATCH] Add an OID for attestation transparency. HRST-32

Attestation transparency information will be added to the
certificate used for joining the cluster, so we need an
OID for that purpose.

This is being added on the 1.x branch because roche
currently must be built with a 1.x version of sgx_pkix
due to dependencies on dcap-ql version 3.3. dcap-ql
can't be updated without updating mbedtls.
---
 Cargo.lock          | 2 +-
 sgx-pkix/Cargo.toml | 4 ++--
 sgx-pkix/src/lib.rs | 2 ++
 sgx-pkix/src/oid.rs | 3 +++
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 0e0f1caf..c848d493 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2325,7 +2325,7 @@ dependencies = [
 
 [[package]]
 name = "sgx_pkix"
-version = "0.1.3"
+version = "0.1.4"
 dependencies = [
  "byteorder",
  "lazy_static",
diff --git a/sgx-pkix/Cargo.toml b/sgx-pkix/Cargo.toml
index ee15b471..b7b1e03a 100644
--- a/sgx-pkix/Cargo.toml
+++ b/sgx-pkix/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "sgx_pkix"
-version = "0.1.3"
+version = "0.1.4"
 authors = ["Fortanix, Inc."]
 edition = "2018"
 license = "MPL-2.0"
@@ -12,6 +12,6 @@ categories = ["cryptography"]
 [dependencies]
 byteorder = "1.0"
 pkix = ">=0.1.1, <0.3.0"
-sgx-isa = { version = "0.3", path = "../sgx-isa" }
+sgx-isa = "0.3"
 quick-error = "1.1.0"
 lazy_static = "1"
diff --git a/sgx-pkix/src/lib.rs b/sgx-pkix/src/lib.rs
index 62e95032..3e7f5494 100644
--- a/sgx-pkix/src/lib.rs
+++ b/sgx-pkix/src/lib.rs
@@ -3,6 +3,8 @@
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#![recursion_limit = "256"]
+
 #[macro_use]
 extern crate quick_error;
 #[macro_use]
diff --git a/sgx-pkix/src/oid.rs b/sgx-pkix/src/oid.rs
index ac85c5aa..3e01c12a 100644
--- a/sgx-pkix/src/oid.rs
+++ b/sgx-pkix/src/oid.rs
@@ -35,6 +35,9 @@ lazy_static!{
     pub static ref round5_5pke_0d: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 4, 2].into();
     pub static ref lms_15_10_sha256: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 4, 3].into();
 
+    // Fortanix attestation transparency identifiers
+    pub static ref transparencyProofSgx: ObjectIdentifier = vec![1, 3, 6, 1, 4, 1, 49690, 5, 1].into();
+
     // Intel SGX OID namespaces:
     // https://download.01.org/intel-sgx/sgx-dcap/1.10/linux/docs/Intel_SGX_PCK_Certificate_CRL_Spec-1.4.pdf
     // https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteVerification/QVL/Src/AttestationParsers/src/ParserUtils.h#L57