|
Packit |
40b132 |
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
Packit |
40b132 |
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
Packit |
40b132 |
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
#include "secoid.h"
|
|
Packit |
40b132 |
#include "secmodt.h" /* for CKM_INVALID_MECHANISM */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
|
|
Packit |
40b132 |
#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
|
|
Packit |
40b132 |
#define ODN(oid,desc) \
|
|
Packit |
40b132 |
{ OI(oid), 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION }
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
#define OIDT static const unsigned char
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* OIW Security Special Interest Group defined algorithms. */
|
|
Packit |
40b132 |
#define OIWSSIG 0x2B, 13, 3, 2
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT oiwMD5RSA[] = { OIWSSIG, 3 };
|
|
Packit |
40b132 |
OIDT oiwDESCBC[] = { OIWSSIG, 7 };
|
|
Packit |
40b132 |
OIDT oiwRSAsig[] = { OIWSSIG, 11 };
|
|
Packit |
40b132 |
OIDT oiwDSA [] = { OIWSSIG, 12 };
|
|
Packit |
40b132 |
OIDT oiwMD5RSAsig[] = { OIWSSIG, 25 };
|
|
Packit |
40b132 |
OIDT oiwSHA1 [] = { OIWSSIG, 26 };
|
|
Packit |
40b132 |
OIDT oiwDSASHA1[] = { OIWSSIG, 27 };
|
|
Packit |
40b132 |
OIDT oiwDSASHA1param[] = { OIWSSIG, 28 };
|
|
Packit |
40b132 |
OIDT oiwSHA1RSA[] = { OIWSSIG, 29 };
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* Microsoft OIDs. (1 3 6 1 4 1 311 ... ) */
|
|
Packit |
40b132 |
#define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT mCTL[] = { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */
|
|
Packit |
40b132 |
OIDT mTSS[] = { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */
|
|
Packit |
40b132 |
OIDT mSGC[] = { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */
|
|
Packit |
40b132 |
OIDT mEFS[] = { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */
|
|
Packit |
40b132 |
OIDT mSMIME[] = { MICROSOFT, 16, 4 }; /* SMIME encryption key prefs */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT mECRTT[] = { MICROSOFT, 20, 2 }; /* Enrollment cert type xtn */
|
|
Packit |
40b132 |
OIDT mEAGNT[] = { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent */
|
|
Packit |
40b132 |
OIDT mKPSCL[] = { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon */
|
|
Packit |
40b132 |
OIDT mNTPN [] = { MICROSOFT, 20, 2, 3 }; /* NT Principal Name */
|
|
Packit |
40b132 |
OIDT mCASRV[] = { MICROSOFT, 21, 1 }; /* CertServ CA version */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* AOL OIDs (1 3 6 1 4 1 1066 ... ) */
|
|
Packit |
40b132 |
#define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* PKIX IDs (1 3 6 1 5 5 7 ...) */
|
|
Packit |
40b132 |
#define ID_PKIX 0x2B, 6, 1, 5, 5, 7
|
|
Packit |
40b132 |
/* PKIX Access Descriptors (methods for Authority Info Access Extns) */
|
|
Packit |
40b132 |
#define ID_AD ID_PKIX, 48
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT padOCSP[] = { ID_AD, 1 }; /* OCSP method */
|
|
Packit |
40b132 |
OIDT padCAissuer[] = { ID_AD, 2 }; /* URI (for CRL ?) */
|
|
Packit |
40b132 |
OIDT padTimeStamp[] = { ID_AD, 3 }; /* time stamping */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* ISO Cert Extension type OIDs (id-ce) (2 5 29 ...) */
|
|
Packit |
40b132 |
#define X500 0x55
|
|
Packit |
40b132 |
#define X520_ATTRIBUTE_TYPE X500, 0x04
|
|
Packit |
40b132 |
#define X500_ALG X500, 0x08
|
|
Packit |
40b132 |
#define X500_ALG_ENCRYPTION X500_ALG, 0x01
|
|
Packit |
40b132 |
#define ID_CE X500, 29
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT cePlcyObs[] = { ID_CE, 3 }; /* Cert policies, obsolete. */
|
|
Packit |
40b132 |
OIDT cePlcyCns[] = { ID_CE, 36 }; /* Cert policy constraints. */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* US Company arc (2 16 840 1 ...) */
|
|
Packit |
40b132 |
#define USCOM 0x60, 0x86, 0x48, 0x01
|
|
Packit |
40b132 |
#define USGOV USCOM, 0x65
|
|
Packit |
40b132 |
#define USDOD USGOV, 2
|
|
Packit |
40b132 |
#define ID_INFOSEC USDOD, 1
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */
|
|
Packit |
40b132 |
#define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1
|
|
Packit |
40b132 |
#define VERISIGN_XTN VERISIGN_PKI, 6
|
|
Packit |
40b132 |
#define VERISIGN_POL VERISIGN_PKI, 7 /* Cert policies */
|
|
Packit |
40b132 |
#define VERISIGN_TNET VERISIGN_POL, 23 /* Verisign Trust Network */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
OIDT vcx7[] = { VERISIGN_XTN, 7 }; /* Cert Extension 7 (?) */
|
|
Packit |
40b132 |
OIDT vcp1[] = { VERISIGN_TNET, 1 }; /* class 1 cert policy */
|
|
Packit |
40b132 |
OIDT vcp2[] = { VERISIGN_TNET, 2 }; /* class 2 cert policy */
|
|
Packit |
40b132 |
OIDT vcp3[] = { VERISIGN_TNET, 3 }; /* class 3 cert policy */
|
|
Packit |
40b132 |
OIDT vcp4[] = { VERISIGN_TNET, 4 }; /* class 4 cert policy */
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* ------------------------------------------------------------------- */
|
|
Packit |
40b132 |
static const SECOidData oids[] = {
|
|
Packit |
40b132 |
/* OIW Security Special Interest Group OIDs */
|
|
Packit |
40b132 |
ODN( oiwMD5RSA, "OIWSecSIG MD5 with RSA"),
|
|
Packit |
40b132 |
ODN( oiwDESCBC, "OIWSecSIG DES CBC"),
|
|
Packit |
40b132 |
ODN( oiwRSAsig, "OIWSecSIG RSA signature"),
|
|
Packit |
40b132 |
ODN( oiwDSA , "OIWSecSIG DSA"),
|
|
Packit |
40b132 |
ODN( oiwMD5RSAsig, "OIWSecSIG MD5 with RSA signature"),
|
|
Packit |
40b132 |
ODN( oiwSHA1 , "OIWSecSIG SHA1"),
|
|
Packit |
40b132 |
ODN( oiwDSASHA1, "OIWSecSIG DSA with SHA1"),
|
|
Packit |
40b132 |
ODN( oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),
|
|
Packit |
40b132 |
ODN( oiwSHA1RSA, "OIWSecSIG MD5 with RSA"),
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* Microsoft OIDs */
|
|
Packit |
40b132 |
ODN( mCTL, "Microsoft Cert Trust List signing"),
|
|
Packit |
40b132 |
ODN( mTSS, "Microsoft Time Stamp signing"),
|
|
Packit |
40b132 |
ODN( mSGC, "Microsoft SGC SSL server"),
|
|
Packit |
40b132 |
ODN( mEFS, "Microsoft Encrypted File System"),
|
|
Packit |
40b132 |
ODN( mSMIME, "Microsoft SMIME preferences"),
|
|
Packit |
40b132 |
ODN( mECRTT, "Microsoft Enrollment Cert Type Extension"),
|
|
Packit |
40b132 |
ODN( mEAGNT, "Microsoft Enrollment Agent"),
|
|
Packit |
40b132 |
ODN( mKPSCL, "Microsoft KP SmartCard Logon"),
|
|
Packit |
40b132 |
ODN( mNTPN, "Microsoft NT Principal Name"),
|
|
Packit |
40b132 |
ODN( mCASRV, "Microsoft CertServ CA version"),
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* PKIX OIDs */
|
|
Packit |
40b132 |
ODN( padOCSP, "PKIX OCSP method"),
|
|
Packit |
40b132 |
ODN( padCAissuer, "PKIX CA Issuer method"),
|
|
Packit |
40b132 |
ODN( padTimeStamp, "PKIX Time Stamping method"),
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* ID_CE OIDs. */
|
|
Packit |
40b132 |
ODN( cePlcyObs, "Certificate Policies (Obsolete)"),
|
|
Packit |
40b132 |
ODN( cePlcyCns, "Certificate Policy Constraints"),
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* Verisign OIDs. */
|
|
Packit |
40b132 |
ODN( vcx7, "Verisign Cert Extension 7 (?)"),
|
|
Packit |
40b132 |
ODN( vcp1, "Verisign Class 1 Certificate Policy"),
|
|
Packit |
40b132 |
ODN( vcp2, "Verisign Class 2 Certificate Policy"),
|
|
Packit |
40b132 |
ODN( vcp3, "Verisign Class 3 Certificate Policy"),
|
|
Packit |
40b132 |
ODN( vcp4, "Verisign Class 4 Certificate Policy"),
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
};
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
/* Fetch and register an oid if it hasn't been done already */
|
|
Packit |
40b132 |
void
|
|
Packit |
40b132 |
SECU_cert_fetchOID(SECOidTag *data, const SECOidData *src)
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
if (*data == SEC_OID_UNKNOWN) {
|
|
Packit |
40b132 |
/* AddEntry does the right thing if someone else has already
|
|
Packit |
40b132 |
* added the oid. (that is return that oid tag) */
|
|
Packit |
40b132 |
*data = SECOID_AddEntry(src);
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
SECStatus
|
|
Packit |
40b132 |
SECU_RegisterDynamicOids(void)
|
|
Packit |
40b132 |
{
|
|
Packit |
40b132 |
unsigned int i;
|
|
Packit |
40b132 |
SECStatus rv = SECSuccess;
|
|
Packit |
40b132 |
|
|
Packit |
40b132 |
for (i = 0; i < numOids; ++i) {
|
|
Packit |
40b132 |
SECOidTag tag = SECOID_AddEntry(&oids[i]);
|
|
Packit |
40b132 |
if (tag == SEC_OID_UNKNOWN) {
|
|
Packit |
40b132 |
rv = SECFailure;
|
|
Packit |
40b132 |
#ifdef DEBUG_DYN_OIDS
|
|
Packit |
40b132 |
fprintf(stderr, "Add OID[%d] failed\n", i);
|
|
Packit |
40b132 |
} else {
|
|
Packit |
40b132 |
fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);
|
|
Packit |
40b132 |
#endif
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
}
|
|
Packit |
40b132 |
return rv;
|
|
Packit |
40b132 |
}
|