• file
• revisions
• annotate
• diff
• comparison
• raw

security/nss/cmd/lib/moreoids.c@6474c204b198 (annotated)

security/nss/cmd/lib/moreoids.c

Wed, 31 Dec 2014 06:09:35 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 06:09:35 +0100

changeset 0

6474c204b198

permissions

-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0	1	/* This Source Code Form is subject to the terms of the Mozilla Public
michael@0	2	* License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0	3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0	4
michael@0	5	#include "secoid.h"
michael@0	6	#include "secmodt.h" /* for CKM_INVALID_MECHANISM */
michael@0	7
michael@0	8	#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
michael@0	9	#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
michael@0	10	#define ODN(oid,desc) \
michael@0	11	{ OI(oid), 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION }
michael@0	12
michael@0	13	#define OIDT static const unsigned char
michael@0	14
michael@0	15	/* OIW Security Special Interest Group defined algorithms. */
michael@0	16	#define OIWSSIG 0x2B, 13, 3, 2
michael@0	17
michael@0	18	OIDT oiwMD5RSA[] = { OIWSSIG, 3 };
michael@0	19	OIDT oiwDESCBC[] = { OIWSSIG, 7 };
michael@0	20	OIDT oiwRSAsig[] = { OIWSSIG, 11 };
michael@0	21	OIDT oiwDSA [] = { OIWSSIG, 12 };
michael@0	22	OIDT oiwMD5RSAsig[] = { OIWSSIG, 25 };
michael@0	23	OIDT oiwSHA1 [] = { OIWSSIG, 26 };
michael@0	24	OIDT oiwDSASHA1[] = { OIWSSIG, 27 };
michael@0	25	OIDT oiwDSASHA1param[] = { OIWSSIG, 28 };
michael@0	26	OIDT oiwSHA1RSA[] = { OIWSSIG, 29 };
michael@0	27
michael@0	28
michael@0	29	/* Microsoft OIDs. (1 3 6 1 4 1 311 ... ) */
michael@0	30	#define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37
michael@0	31
michael@0	32	OIDT mCTL[] = { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */
michael@0	33	OIDT mTSS[] = { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */
michael@0	34	OIDT mSGC[] = { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */
michael@0	35	OIDT mEFS[] = { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */
michael@0	36	OIDT mSMIME[] = { MICROSOFT, 16, 4 }; /* SMIME encryption key prefs */
michael@0	37
michael@0	38	OIDT mECRTT[] = { MICROSOFT, 20, 2 }; /* Enrollment cert type xtn */
michael@0	39	OIDT mEAGNT[] = { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent */
michael@0	40	OIDT mKPSCL[] = { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon */
michael@0	41	OIDT mNTPN [] = { MICROSOFT, 20, 2, 3 }; /* NT Principal Name */
michael@0	42	OIDT mCASRV[] = { MICROSOFT, 21, 1 }; /* CertServ CA version */
michael@0	43
michael@0	44	/* AOL OIDs (1 3 6 1 4 1 1066 ... ) */
michael@0	45	#define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A
michael@0	46
michael@0	47	/* PKIX IDs (1 3 6 1 5 5 7 ...) */
michael@0	48	#define ID_PKIX 0x2B, 6, 1, 5, 5, 7
michael@0	49	/* PKIX Access Descriptors (methods for Authority Info Access Extns) */
michael@0	50	#define ID_AD ID_PKIX, 48
michael@0	51
michael@0	52	OIDT padOCSP[] = { ID_AD, 1 }; /* OCSP method */
michael@0	53	OIDT padCAissuer[] = { ID_AD, 2 }; /* URI (for CRL ?) */
michael@0	54	OIDT padTimeStamp[] = { ID_AD, 3 }; /* time stamping */
michael@0	55
michael@0	56	/* ISO Cert Extension type OIDs (id-ce) (2 5 29 ...) */
michael@0	57	#define X500 0x55
michael@0	58	#define X520_ATTRIBUTE_TYPE X500, 0x04
michael@0	59	#define X500_ALG X500, 0x08
michael@0	60	#define X500_ALG_ENCRYPTION X500_ALG, 0x01
michael@0	61	#define ID_CE X500, 29
michael@0	62
michael@0	63	OIDT cePlcyObs[] = { ID_CE, 3 }; /* Cert policies, obsolete. */
michael@0	64	OIDT cePlcyCns[] = { ID_CE, 36 }; /* Cert policy constraints. */
michael@0	65
michael@0	66	/* US Company arc (2 16 840 1 ...) */
michael@0	67	#define USCOM 0x60, 0x86, 0x48, 0x01
michael@0	68	#define USGOV USCOM, 0x65
michael@0	69	#define USDOD USGOV, 2
michael@0	70	#define ID_INFOSEC USDOD, 1
michael@0	71
michael@0	72	/* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */
michael@0	73	#define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1
michael@0	74	#define VERISIGN_XTN VERISIGN_PKI, 6
michael@0	75	#define VERISIGN_POL VERISIGN_PKI, 7 /* Cert policies */
michael@0	76	#define VERISIGN_TNET VERISIGN_POL, 23 /* Verisign Trust Network */
michael@0	77
michael@0	78	OIDT vcx7[] = { VERISIGN_XTN, 7 }; /* Cert Extension 7 (?) */
michael@0	79	OIDT vcp1[] = { VERISIGN_TNET, 1 }; /* class 1 cert policy */
michael@0	80	OIDT vcp2[] = { VERISIGN_TNET, 2 }; /* class 2 cert policy */
michael@0	81	OIDT vcp3[] = { VERISIGN_TNET, 3 }; /* class 3 cert policy */
michael@0	82	OIDT vcp4[] = { VERISIGN_TNET, 4 }; /* class 4 cert policy */
michael@0	83
michael@0	84
michael@0	85	/* ------------------------------------------------------------------- */
michael@0	86	static const SECOidData oids[] = {
michael@0	87	/* OIW Security Special Interest Group OIDs */
michael@0	88	ODN( oiwMD5RSA, "OIWSecSIG MD5 with RSA"),
michael@0	89	ODN( oiwDESCBC, "OIWSecSIG DES CBC"),
michael@0	90	ODN( oiwRSAsig, "OIWSecSIG RSA signature"),
michael@0	91	ODN( oiwDSA , "OIWSecSIG DSA"),
michael@0	92	ODN( oiwMD5RSAsig, "OIWSecSIG MD5 with RSA signature"),
michael@0	93	ODN( oiwSHA1 , "OIWSecSIG SHA1"),
michael@0	94	ODN( oiwDSASHA1, "OIWSecSIG DSA with SHA1"),
michael@0	95	ODN( oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),
michael@0	96	ODN( oiwSHA1RSA, "OIWSecSIG MD5 with RSA"),
michael@0	97
michael@0	98	/* Microsoft OIDs */
michael@0	99	ODN( mCTL, "Microsoft Cert Trust List signing"),
michael@0	100	ODN( mTSS, "Microsoft Time Stamp signing"),
michael@0	101	ODN( mSGC, "Microsoft SGC SSL server"),
michael@0	102	ODN( mEFS, "Microsoft Encrypted File System"),
michael@0	103	ODN( mSMIME, "Microsoft SMIME preferences"),
michael@0	104	ODN( mECRTT, "Microsoft Enrollment Cert Type Extension"),
michael@0	105	ODN( mEAGNT, "Microsoft Enrollment Agent"),
michael@0	106	ODN( mKPSCL, "Microsoft KP SmartCard Logon"),
michael@0	107	ODN( mNTPN, "Microsoft NT Principal Name"),
michael@0	108	ODN( mCASRV, "Microsoft CertServ CA version"),
michael@0	109
michael@0	110	/* PKIX OIDs */
michael@0	111	ODN( padOCSP, "PKIX OCSP method"),
michael@0	112	ODN( padCAissuer, "PKIX CA Issuer method"),
michael@0	113	ODN( padTimeStamp, "PKIX Time Stamping method"),
michael@0	114
michael@0	115	/* ID_CE OIDs. */
michael@0	116	ODN( cePlcyObs, "Certificate Policies (Obsolete)"),
michael@0	117	ODN( cePlcyCns, "Certificate Policy Constraints"),
michael@0	118
michael@0	119	/* Verisign OIDs. */
michael@0	120	ODN( vcx7, "Verisign Cert Extension 7 (?)"),
michael@0	121	ODN( vcp1, "Verisign Class 1 Certificate Policy"),
michael@0	122	ODN( vcp2, "Verisign Class 2 Certificate Policy"),
michael@0	123	ODN( vcp3, "Verisign Class 3 Certificate Policy"),
michael@0	124	ODN( vcp4, "Verisign Class 4 Certificate Policy"),
michael@0	125
michael@0	126	};
michael@0	127
michael@0	128	static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);
michael@0	129
michael@0	130	/* Fetch and register an oid if it hasn't been done already */
michael@0	131	void
michael@0	132	SECU_cert_fetchOID(SECOidTag *data, const SECOidData *src)
michael@0	133	{
michael@0	134	if (*data == SEC_OID_UNKNOWN) {
michael@0	135	/* AddEntry does the right thing if someone else has already
michael@0	136	* added the oid. (that is return that oid tag) */
michael@0	137	*data = SECOID_AddEntry(src);
michael@0	138	}
michael@0	139	}
michael@0	140
michael@0	141	SECStatus
michael@0	142	SECU_RegisterDynamicOids(void)
michael@0	143	{
michael@0	144	unsigned int i;
michael@0	145	SECStatus rv = SECSuccess;
michael@0	146
michael@0	147	for (i = 0; i < numOids; ++i) {
michael@0	148	SECOidTag tag = SECOID_AddEntry(&oids[i]);
michael@0	149	if (tag == SEC_OID_UNKNOWN) {
michael@0	150	rv = SECFailure;
michael@0	151	#ifdef DEBUG_DYN_OIDS
michael@0	152	fprintf(stderr, "Add OID[%d] failed\n", i);
michael@0	153	} else {
michael@0	154	fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);
michael@0	155	#endif
michael@0	156	}
michael@0	157	}
michael@0	158	return rv;
michael@0	159	}