The Tor Browser / file revision

security/nss/cmd/lib/moreoids.c@141e0f1194b1

security/nss/cmd/lib/moreoids.c

Wed, 31 Dec 2014 07:16:47 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 07:16:47 +0100
branch
TOR_BUG_9701
changeset 3
141e0f1194b1
permissions
-rw-r--r--

Revert simplistic fix pending revisit of Mozilla integration attempt.

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 

     5 #include "secoid.h"

     6 #include "secmodt.h" /* for CKM_INVALID_MECHANISM */

     7 

     8 #define OI(x) { siDEROID, (unsigned char *)x, sizeof x }

     9 #define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }

    10 #define ODN(oid,desc) \

    11   { OI(oid), 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION }

    12 

    13 #define OIDT static const unsigned char

    14 

    15 /* OIW Security Special Interest Group defined algorithms. */

    16 #define OIWSSIG   0x2B, 13, 3, 2

    17 

    18 OIDT  oiwMD5RSA[] 	= { OIWSSIG,  3 };

    19 OIDT  oiwDESCBC[] 	= { OIWSSIG,  7 };

    20 OIDT  oiwRSAsig[] 	= { OIWSSIG, 11 };

    21 OIDT  oiwDSA   [] 	= { OIWSSIG, 12 };

    22 OIDT  oiwMD5RSAsig[] 	= { OIWSSIG, 25 };

    23 OIDT  oiwSHA1  [] 	= { OIWSSIG, 26 };

    24 OIDT  oiwDSASHA1[] 	= { OIWSSIG, 27 };

    25 OIDT  oiwDSASHA1param[] = { OIWSSIG, 28 };

    26 OIDT  oiwSHA1RSA[] 	= { OIWSSIG, 29 };

    27 

    28 

    29 /* Microsoft OIDs.  (1 3 6 1 4 1 311 ... )   */

    30 #define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37

    31 

    32 OIDT  mCTL[] 	= { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */

    33 OIDT  mTSS[] 	= { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */

    34 OIDT  mSGC[] 	= { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */

    35 OIDT  mEFS[]	= { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */

    36 OIDT  mSMIME[]	= { MICROSOFT, 16, 4    }; /* SMIME encryption key prefs */

    37 

    38 OIDT  mECRTT[]	= { MICROSOFT, 20, 2    }; /* Enrollment cert type xtn */

    39 OIDT  mEAGNT[]	= { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent         */

    40 OIDT  mKPSCL[]	= { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon       */

    41 OIDT  mNTPN []	= { MICROSOFT, 20, 2, 3 }; /* NT Principal Name        */

    42 OIDT  mCASRV[]	= { MICROSOFT, 21, 1    }; /* CertServ CA version      */

    43 

    44 /* AOL OIDs     (1 3 6 1 4 1 1066 ... )   */

    45 #define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A

    46 

    47 /* PKIX IDs     (1 3 6 1 5 5 7 ...)  */

    48 #define ID_PKIX 0x2B, 6, 1, 5, 5, 7

    49 /* PKIX Access Descriptors (methods for Authority Info Access Extns) */

    50 #define ID_AD   ID_PKIX, 48

    51 

    52 OIDT  padOCSP[]      = { ID_AD, 1 };  /* OCSP method */

    53 OIDT  padCAissuer[]  = { ID_AD, 2 };  /* URI (for CRL ?) */

    54 OIDT  padTimeStamp[] = { ID_AD, 3 };  /* time stamping */

    55 

    56 /* ISO Cert Extension type OIDs (id-ce)  (2 5 29 ...) */

    57 #define X500                    0x55

    58 #define X520_ATTRIBUTE_TYPE     X500, 0x04

    59 #define X500_ALG                X500, 0x08

    60 #define X500_ALG_ENCRYPTION     X500_ALG, 0x01

    61 #define ID_CE			X500, 29

    62 

    63 OIDT cePlcyObs[] = { ID_CE,  3 };  /* Cert policies, obsolete. */

    64 OIDT cePlcyCns[] = { ID_CE, 36 };  /* Cert policy constraints. */

    65 

    66 /* US Company arc (2 16 840 1 ...) */

    67 #define USCOM        0x60, 0x86, 0x48, 0x01

    68 #define USGOV        USCOM, 0x65

    69 #define USDOD        USGOV, 2

    70 #define ID_INFOSEC   USDOD, 1

    71 

    72 /* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */

    73 #define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1

    74 #define VERISIGN_XTN VERISIGN_PKI, 6

    75 #define VERISIGN_POL VERISIGN_PKI, 7	/* Cert policies */

    76 #define VERISIGN_TNET VERISIGN_POL, 23	/* Verisign Trust Network */

    77 

    78 OIDT  vcx7[]	= { VERISIGN_XTN, 7 };	/* Cert Extension 7 (?) */

    79 OIDT  vcp1[]	= { VERISIGN_TNET, 1 };	/* class 1 cert policy */

    80 OIDT  vcp2[]	= { VERISIGN_TNET, 2 };	/* class 2 cert policy */

    81 OIDT  vcp3[]	= { VERISIGN_TNET, 3 };	/* class 3 cert policy */

    82 OIDT  vcp4[]	= { VERISIGN_TNET, 4 };	/* class 4 cert policy */

    83 

    84 

    85 /* ------------------------------------------------------------------- */

    86 static const SECOidData oids[] = {

    87 /* OIW Security Special Interest Group OIDs */

    88     ODN( oiwMD5RSA,	  "OIWSecSIG MD5 with RSA"),

    89     ODN( oiwDESCBC,	  "OIWSecSIG DES CBC"),

    90     ODN( oiwRSAsig,	  "OIWSecSIG RSA signature"),

    91     ODN( oiwDSA   ,	  "OIWSecSIG DSA"),

    92     ODN( oiwMD5RSAsig,	  "OIWSecSIG MD5 with RSA signature"),

    93     ODN( oiwSHA1  ,	  "OIWSecSIG SHA1"),

    94     ODN( oiwDSASHA1,	  "OIWSecSIG DSA with SHA1"),

    95     ODN( oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),

    96     ODN( oiwSHA1RSA,	  "OIWSecSIG MD5 with RSA"),

    97 

    98 /* Microsoft OIDs */

    99     ODN( mCTL,   "Microsoft Cert Trust List signing"), 

   100     ODN( mTSS,   "Microsoft Time Stamp signing"),

   101     ODN( mSGC,   "Microsoft SGC SSL server"),

   102     ODN( mEFS,   "Microsoft Encrypted File System"),

   103     ODN( mSMIME, "Microsoft SMIME preferences"),

   104     ODN( mECRTT, "Microsoft Enrollment Cert Type Extension"),

   105     ODN( mEAGNT, "Microsoft Enrollment Agent"),

   106     ODN( mKPSCL, "Microsoft KP SmartCard Logon"),

   107     ODN( mNTPN,  "Microsoft NT Principal Name"),

   108     ODN( mCASRV, "Microsoft CertServ CA version"),

   109 

   110 /* PKIX OIDs */

   111     ODN( padOCSP,	"PKIX OCSP method"),

   112     ODN( padCAissuer,	"PKIX CA Issuer method"),

   113     ODN( padTimeStamp,	"PKIX Time Stamping method"),

   114 

   115 /* ID_CE OIDs. */

   116     ODN( cePlcyObs,	"Certificate Policies (Obsolete)"),

   117     ODN( cePlcyCns,	"Certificate Policy Constraints"),

   118 

   119 /* Verisign OIDs. */

   120     ODN( vcx7,		"Verisign Cert Extension 7 (?)"),

   121     ODN( vcp1,		"Verisign Class 1 Certificate Policy"),

   122     ODN( vcp2,		"Verisign Class 2 Certificate Policy"),

   123     ODN( vcp3,		"Verisign Class 3 Certificate Policy"),

   124     ODN( vcp4,		"Verisign Class 4 Certificate Policy"),

   125 

   126 };

   127 

   128 static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);

   129 

   130 /* Fetch and register an oid if it hasn't been done already */

   131 void

   132 SECU_cert_fetchOID(SECOidTag *data, const SECOidData *src)

   133 {

   134     if (*data == SEC_OID_UNKNOWN) {

   135         /* AddEntry does the right thing if someone else has already

   136          * added the oid. (that is return that oid tag) */

   137         *data = SECOID_AddEntry(src);

   138     }

   139 }

   140 

   141 SECStatus

   142 SECU_RegisterDynamicOids(void)

   143 {

   144     unsigned int i;

   145     SECStatus rv = SECSuccess;

   146 

   147     for (i = 0; i < numOids; ++i) {

   148 	SECOidTag tag = SECOID_AddEntry(&oids[i]);

   149 	if (tag == SEC_OID_UNKNOWN) {

   150 	    rv = SECFailure;

   151 #ifdef DEBUG_DYN_OIDS

   152 	    fprintf(stderr, "Add OID[%d] failed\n", i);

   153 	} else {

   154 	    fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);

   155 #endif

   156 	}

   157     }

   158     return rv;

   159 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial