1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/cmd/lib/moreoids.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,159 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#include "secoid.h"
1.9 +#include "secmodt.h" /* for CKM_INVALID_MECHANISM */
1.10 +
1.11 +#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
1.12 +#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
1.13 +#define ODN(oid,desc) \
1.14 + { OI(oid), 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION }
1.15 +
1.16 +#define OIDT static const unsigned char
1.17 +
1.18 +/* OIW Security Special Interest Group defined algorithms. */
1.19 +#define OIWSSIG 0x2B, 13, 3, 2
1.20 +
1.21 +OIDT oiwMD5RSA[] = { OIWSSIG, 3 };
1.22 +OIDT oiwDESCBC[] = { OIWSSIG, 7 };
1.23 +OIDT oiwRSAsig[] = { OIWSSIG, 11 };
1.24 +OIDT oiwDSA [] = { OIWSSIG, 12 };
1.25 +OIDT oiwMD5RSAsig[] = { OIWSSIG, 25 };
1.26 +OIDT oiwSHA1 [] = { OIWSSIG, 26 };
1.27 +OIDT oiwDSASHA1[] = { OIWSSIG, 27 };
1.28 +OIDT oiwDSASHA1param[] = { OIWSSIG, 28 };
1.29 +OIDT oiwSHA1RSA[] = { OIWSSIG, 29 };
1.30 +
1.31 +
1.32 +/* Microsoft OIDs. (1 3 6 1 4 1 311 ... ) */
1.33 +#define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37
1.34 +
1.35 +OIDT mCTL[] = { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */
1.36 +OIDT mTSS[] = { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */
1.37 +OIDT mSGC[] = { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */
1.38 +OIDT mEFS[] = { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */
1.39 +OIDT mSMIME[] = { MICROSOFT, 16, 4 }; /* SMIME encryption key prefs */
1.40 +
1.41 +OIDT mECRTT[] = { MICROSOFT, 20, 2 }; /* Enrollment cert type xtn */
1.42 +OIDT mEAGNT[] = { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent */
1.43 +OIDT mKPSCL[] = { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon */
1.44 +OIDT mNTPN [] = { MICROSOFT, 20, 2, 3 }; /* NT Principal Name */
1.45 +OIDT mCASRV[] = { MICROSOFT, 21, 1 }; /* CertServ CA version */
1.46 +
1.47 +/* AOL OIDs (1 3 6 1 4 1 1066 ... ) */
1.48 +#define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A
1.49 +
1.50 +/* PKIX IDs (1 3 6 1 5 5 7 ...) */
1.51 +#define ID_PKIX 0x2B, 6, 1, 5, 5, 7
1.52 +/* PKIX Access Descriptors (methods for Authority Info Access Extns) */
1.53 +#define ID_AD ID_PKIX, 48
1.54 +
1.55 +OIDT padOCSP[] = { ID_AD, 1 }; /* OCSP method */
1.56 +OIDT padCAissuer[] = { ID_AD, 2 }; /* URI (for CRL ?) */
1.57 +OIDT padTimeStamp[] = { ID_AD, 3 }; /* time stamping */
1.58 +
1.59 +/* ISO Cert Extension type OIDs (id-ce) (2 5 29 ...) */
1.60 +#define X500 0x55
1.61 +#define X520_ATTRIBUTE_TYPE X500, 0x04
1.62 +#define X500_ALG X500, 0x08
1.63 +#define X500_ALG_ENCRYPTION X500_ALG, 0x01
1.64 +#define ID_CE X500, 29
1.65 +
1.66 +OIDT cePlcyObs[] = { ID_CE, 3 }; /* Cert policies, obsolete. */
1.67 +OIDT cePlcyCns[] = { ID_CE, 36 }; /* Cert policy constraints. */
1.68 +
1.69 +/* US Company arc (2 16 840 1 ...) */
1.70 +#define USCOM 0x60, 0x86, 0x48, 0x01
1.71 +#define USGOV USCOM, 0x65
1.72 +#define USDOD USGOV, 2
1.73 +#define ID_INFOSEC USDOD, 1
1.74 +
1.75 +/* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */
1.76 +#define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1
1.77 +#define VERISIGN_XTN VERISIGN_PKI, 6
1.78 +#define VERISIGN_POL VERISIGN_PKI, 7 /* Cert policies */
1.79 +#define VERISIGN_TNET VERISIGN_POL, 23 /* Verisign Trust Network */
1.80 +
1.81 +OIDT vcx7[] = { VERISIGN_XTN, 7 }; /* Cert Extension 7 (?) */
1.82 +OIDT vcp1[] = { VERISIGN_TNET, 1 }; /* class 1 cert policy */
1.83 +OIDT vcp2[] = { VERISIGN_TNET, 2 }; /* class 2 cert policy */
1.84 +OIDT vcp3[] = { VERISIGN_TNET, 3 }; /* class 3 cert policy */
1.85 +OIDT vcp4[] = { VERISIGN_TNET, 4 }; /* class 4 cert policy */
1.86 +
1.87 +
1.88 +/* ------------------------------------------------------------------- */
1.89 +static const SECOidData oids[] = {
1.90 +/* OIW Security Special Interest Group OIDs */
1.91 + ODN( oiwMD5RSA, "OIWSecSIG MD5 with RSA"),
1.92 + ODN( oiwDESCBC, "OIWSecSIG DES CBC"),
1.93 + ODN( oiwRSAsig, "OIWSecSIG RSA signature"),
1.94 + ODN( oiwDSA , "OIWSecSIG DSA"),
1.95 + ODN( oiwMD5RSAsig, "OIWSecSIG MD5 with RSA signature"),
1.96 + ODN( oiwSHA1 , "OIWSecSIG SHA1"),
1.97 + ODN( oiwDSASHA1, "OIWSecSIG DSA with SHA1"),
1.98 + ODN( oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),
1.99 + ODN( oiwSHA1RSA, "OIWSecSIG MD5 with RSA"),
1.100 +
1.101 +/* Microsoft OIDs */
1.102 + ODN( mCTL, "Microsoft Cert Trust List signing"),
1.103 + ODN( mTSS, "Microsoft Time Stamp signing"),
1.104 + ODN( mSGC, "Microsoft SGC SSL server"),
1.105 + ODN( mEFS, "Microsoft Encrypted File System"),
1.106 + ODN( mSMIME, "Microsoft SMIME preferences"),
1.107 + ODN( mECRTT, "Microsoft Enrollment Cert Type Extension"),
1.108 + ODN( mEAGNT, "Microsoft Enrollment Agent"),
1.109 + ODN( mKPSCL, "Microsoft KP SmartCard Logon"),
1.110 + ODN( mNTPN, "Microsoft NT Principal Name"),
1.111 + ODN( mCASRV, "Microsoft CertServ CA version"),
1.112 +
1.113 +/* PKIX OIDs */
1.114 + ODN( padOCSP, "PKIX OCSP method"),
1.115 + ODN( padCAissuer, "PKIX CA Issuer method"),
1.116 + ODN( padTimeStamp, "PKIX Time Stamping method"),
1.117 +
1.118 +/* ID_CE OIDs. */
1.119 + ODN( cePlcyObs, "Certificate Policies (Obsolete)"),
1.120 + ODN( cePlcyCns, "Certificate Policy Constraints"),
1.121 +
1.122 +/* Verisign OIDs. */
1.123 + ODN( vcx7, "Verisign Cert Extension 7 (?)"),
1.124 + ODN( vcp1, "Verisign Class 1 Certificate Policy"),
1.125 + ODN( vcp2, "Verisign Class 2 Certificate Policy"),
1.126 + ODN( vcp3, "Verisign Class 3 Certificate Policy"),
1.127 + ODN( vcp4, "Verisign Class 4 Certificate Policy"),
1.128 +
1.129 +};
1.130 +
1.131 +static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);
1.132 +
1.133 +/* Fetch and register an oid if it hasn't been done already */
1.134 +void
1.135 +SECU_cert_fetchOID(SECOidTag *data, const SECOidData *src)
1.136 +{
1.137 + if (*data == SEC_OID_UNKNOWN) {
1.138 + /* AddEntry does the right thing if someone else has already
1.139 + * added the oid. (that is return that oid tag) */
1.140 + *data = SECOID_AddEntry(src);
1.141 + }
1.142 +}
1.143 +
1.144 +SECStatus
1.145 +SECU_RegisterDynamicOids(void)
1.146 +{
1.147 + unsigned int i;
1.148 + SECStatus rv = SECSuccess;
1.149 +
1.150 + for (i = 0; i < numOids; ++i) {
1.151 + SECOidTag tag = SECOID_AddEntry(&oids[i]);
1.152 + if (tag == SEC_OID_UNKNOWN) {
1.153 + rv = SECFailure;
1.154 +#ifdef DEBUG_DYN_OIDS
1.155 + fprintf(stderr, "Add OID[%d] failed\n", i);
1.156 + } else {
1.157 + fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);
1.158 +#endif
1.159 + }
1.160 + }
1.161 + return rv;
1.162 +}
