asn1: Add Heimdal cert ext for ticket max_life

lib/asn1/pkinit.asn1

@@ -17,6 +17,9 @@ id-pkrkeydata  OBJECT IDENTIFIER  ::= { id-pkinit 3 }
 id-pkekuoid    OBJECT IDENTIFIER  ::= { id-pkinit 4 }
 id-pkkdcekuoid OBJECT IDENTIFIER  ::= { id-pkinit 5 }
 
+id-heim-eku-pkinit-certlife-is-max-life OBJECT IDENTIFIER ::=
+    { iso(1) member-body(2) se(752) su(43) heim-pkix(16) 3 }
+
 id-apple-system-id OBJECT IDENTIFIER ::= { 1 2 840 113635 100 4 4 }
 
 id-pkinit-kdf OBJECT IDENTIFIER           ::= { id-pkinit 6 }

lib/asn1/rfc2459.asn1

@@ -495,6 +495,11 @@ id-x509-ce-invalidityDate OBJECT IDENTIFIER ::= { id-x509-ce 24 }
 id-x509-ce-certificateIssuer   OBJECT IDENTIFIER ::= { id-x509-ce 29 }
 id-x509-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::=  { id-x509-ce 54 }
 
+-- Heimdal extension
+id-heim-ce-pkinit-princ-max-life OBJECT IDENTIFIER ::=
+    { iso(1) member-body(2) se(752) su(43) heim-pkix(16) 4 }
+
+
 DistributionPointReasonFlags ::= BIT STRING {
 	unused                  (0),
 	keyCompromise           (1),
@@ -1067,6 +1072,12 @@ ext-SubjectInfoAccessSyntax _EXTENSION ::= {
     &Critical FALSE,
     &ExtnType SubjectInfoAccessSyntax
 }
+HeimPkinitPrincMaxLifeSecs ::= INTEGER (0..4294967295)
+ext-HeimPkinitPrincMaxLife _EXTENSION ::= {
+    &id id-heim-ce-pkinit-princ-max-life,
+    &Critical FALSE,
+    &ExtnType HeimPkinitPrincMaxLifeSecs
+}
 CertExtensions _EXTENSION ::= {
     ext-AuthorityKeyIdentifier
   | ext-SubjectKeyIdentifier
@@ -1086,6 +1097,7 @@ CertExtensions _EXTENSION ::= {
   | ext-FreshestCRL
   | ext-AuthorityInfoAccess
   | ext-SubjectInfoAccessSyntax
+  | ext-HeimPkinitPrincMaxLife
 }
 
 Extension ::= Extension { CertExtensions }