1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 * 25 * Copyright(c) 1995-2000 Intel Corporation. All rights reserved. 26 */ 27 28 #pragma ident "%Z%%M% %I% %E% SMI" 29 30 #include <kmfapi.h> 31 32 /* From X.520 */ 33 static uint8_t 34 OID_ObjectClass[] = { OID_ATTR_TYPE, 0 }, 35 OID_AliasedEntryName[] = { OID_ATTR_TYPE, 1 }, 36 OID_KnowledgeInformation[] = { OID_ATTR_TYPE, 2 }, 37 OID_CommonName[] = { OID_ATTR_TYPE, 3 }, 38 OID_Surname[] = { OID_ATTR_TYPE, 4 }, 39 OID_SerialNumber[] = { OID_ATTR_TYPE, 5 }, 40 OID_CountryName[] = { OID_ATTR_TYPE, 6 }, 41 OID_LocalityName[] = { OID_ATTR_TYPE, 7 }, 42 OID_StateProvinceName[] = { OID_ATTR_TYPE, 8 }, 43 OID_CollectiveStateProvinceName[] = { OID_ATTR_TYPE, 8, 1 }, 44 OID_StreetAddress[] = { OID_ATTR_TYPE, 9 }, 45 OID_CollectiveStreetAddress[] = { OID_ATTR_TYPE, 9, 1 }, 46 OID_OrganizationName[] = { OID_ATTR_TYPE, 10 }, 47 OID_CollectiveOrganizationName[] = { OID_ATTR_TYPE, 10, 1 }, 48 OID_OrganizationalUnitName[] = { OID_ATTR_TYPE, 11 }, 49 OID_CollectiveOrganizationalUnitName[] = { OID_ATTR_TYPE, 11, 1 }, 50 OID_Title[] = { OID_ATTR_TYPE, 12 }, 51 OID_Description[] = { OID_ATTR_TYPE, 13 }, 52 OID_SearchGuide[] = { OID_ATTR_TYPE, 14 }, 53 OID_BusinessCategory[] = { OID_ATTR_TYPE, 15 }, 54 OID_PostalAddress[] = { OID_ATTR_TYPE, 16 }, 55 OID_CollectivePostalAddress[] = { OID_ATTR_TYPE, 16, 1 }, 56 OID_PostalCode[] = { OID_ATTR_TYPE, 17 }, 57 OID_CollectivePostalCode[] = { OID_ATTR_TYPE, 17, 1 }, 58 OID_PostOfficeBox[] = { OID_ATTR_TYPE, 18 }, 59 OID_CollectivePostOfficeBox[] = { OID_ATTR_TYPE, 18, 1 }, 60 OID_PhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19 }, 61 OID_CollectivePhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19, 1 }, 62 OID_TelephoneNumber[] = { OID_ATTR_TYPE, 20 }, 63 OID_CollectiveTelephoneNumber[] = { OID_ATTR_TYPE, 20, 1 }, 64 OID_TelexNumber[] = { OID_ATTR_TYPE, 21 }, 65 OID_CollectiveTelexNumber[] = { OID_ATTR_TYPE, 21, 1 }, 66 OID_TelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22 }, 67 OID_CollectiveTelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22, 1 }, 68 OID_FacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23 }, 69 OID_CollectiveFacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23, 1 }, 70 OID_X_121Address[] = { OID_ATTR_TYPE, 24 }, 71 OID_InternationalISDNNumber[] = { OID_ATTR_TYPE, 25 }, 72 OID_CollectiveInternationalISDNNumber[] = { OID_ATTR_TYPE, 25, 1 }, 73 OID_RegisteredAddress[] = { OID_ATTR_TYPE, 26 }, 74 OID_DestinationIndicator[] = { OID_ATTR_TYPE, 27 }, 75 OID_PreferredDeliveryMethod[] = { OID_ATTR_TYPE, 28 }, 76 OID_PresentationAddress[] = { OID_ATTR_TYPE, 29 }, 77 OID_SupportedApplicationContext[] = { OID_ATTR_TYPE, 30 }, 78 OID_Member[] = { OID_ATTR_TYPE, 31 }, 79 OID_Owner[] = { OID_ATTR_TYPE, 32 }, 80 OID_RoleOccupant[] = { OID_ATTR_TYPE, 33 }, 81 OID_SeeAlso[] = { OID_ATTR_TYPE, 34 }, 82 OID_UserPassword[] = { OID_ATTR_TYPE, 35 }, 83 OID_UserCertificate[] = { OID_ATTR_TYPE, 36 }, 84 OID_CACertificate[] = { OID_ATTR_TYPE, 37 }, 85 OID_AuthorityRevocationList[] = { OID_ATTR_TYPE, 38 }, 86 OID_CertificateRevocationList[] = { OID_ATTR_TYPE, 39 }, 87 OID_CrossCertificatePair[] = { OID_ATTR_TYPE, 40 }, 88 OID_Name[] = { OID_ATTR_TYPE, 41 }, 89 OID_GivenName[] = { OID_ATTR_TYPE, 42 }, 90 OID_Initials[] = { OID_ATTR_TYPE, 43 }, 91 OID_GenerationQualifier[] = { OID_ATTR_TYPE, 44 }, 92 OID_UniqueIdentifier[] = { OID_ATTR_TYPE, 45 }, 93 OID_DNQualifier[] = { OID_ATTR_TYPE, 46 }, 94 OID_EnhancedSearchGuide[] = { OID_ATTR_TYPE, 47 }, 95 OID_ProtocolInformation[] = { OID_ATTR_TYPE, 48 }, 96 OID_DistinguishedName[] = { OID_ATTR_TYPE, 49 }, 97 OID_UniqueMember[] = { OID_ATTR_TYPE, 50 }, 98 OID_HouseIdentifier[] = { OID_ATTR_TYPE, 51 } 99 /* OID_SupportedAlgorithms[] = { OID_ATTR_TYPE, 52 }, */ 100 /* OID_DeltaRevocationList[] = { OID_ATTR_TYPE, 53 }, */ 101 /* OID_AttributeCertificate[] = { OID_ATTR_TYPE, 58 } */ 102 ; 103 104 /* From PKCS 9 */ 105 static uint8_t 106 OID_EmailAddress[] = { OID_PKCS_9, 1 }, 107 OID_UnstructuredName[] = { OID_PKCS_9, 2 }, 108 OID_ContentType[] = { OID_PKCS_9, 3 }, 109 OID_MessageDigest[] = { OID_PKCS_9, 4 }, 110 OID_SigningTime[] = { OID_PKCS_9, 5 }, 111 OID_CounterSignature[] = { OID_PKCS_9, 6 }, 112 OID_ChallengePassword[] = { OID_PKCS_9, 7 }, 113 OID_UnstructuredAddress[] = { OID_PKCS_9, 8 }, 114 OID_ExtendedCertificateAttributes[] = { OID_PKCS_9, 9 }, 115 OID_ExtensionRequest[] = { OID_PKCS_9, 14 }; 116 117 /* From PKIX 1 */ 118 /* Standard Extensions */ 119 static uint8_t 120 OID_SubjectDirectoryAttributes[] = { OID_EXTENSION, 9 }, 121 OID_SubjectKeyIdentifier[] = { OID_EXTENSION, 14 }, 122 OID_KeyUsage[] = { OID_EXTENSION, 15 }, 123 OID_PrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 }, 124 OID_SubjectAltName[] = { OID_EXTENSION, 17 }, 125 OID_IssuerAltName[] = { OID_EXTENSION, 18 }, 126 OID_BasicConstraints[] = { OID_EXTENSION, 19 }, 127 OID_CrlNumber[] = { OID_EXTENSION, 20 }, 128 OID_CrlReason[] = { OID_EXTENSION, 21 }, 129 OID_HoldInstructionCode[] = { OID_EXTENSION, 23 }, 130 OID_InvalidityDate[] = { OID_EXTENSION, 24 }, 131 OID_DeltaCrlIndicator[] = { OID_EXTENSION, 27 }, 132 OID_IssuingDistributionPoints[] = { OID_EXTENSION, 28 }, 133 134 /* OID_CertificateIssuer[] = { OID_EXTENSION, 29 }, */ 135 OID_NameConstraints[] = { OID_EXTENSION, 30 }, 136 OID_CrlDistributionPoints[] = { OID_EXTENSION, 31 }, 137 OID_CertificatePolicies[] = { OID_EXTENSION, 32 }, 138 OID_PolicyMappings[] = { OID_EXTENSION, 33 }, 139 /* 34 deprecated */ 140 OID_AuthorityKeyIdentifier[] = { OID_EXTENSION, 35 }, 141 OID_PolicyConstraints[] = { OID_EXTENSION, 36 }, 142 OID_ExtKeyUsage[] = { OID_EXTENSION, 37 } 143 ; 144 145 /* PKIX-defined extended key purpose OIDs */ 146 static uint8_t 147 OID_QT_CPSuri[] = { OID_PKIX_QT_CPS }, 148 OID_QT_Unotice[] = { OID_PKIX_QT_UNOTICE }, 149 150 OID_KP_ServerAuth[] = { OID_PKIX_KP, 1 }, 151 OID_KP_ClientAuth[] = { OID_PKIX_KP, 2 }, 152 OID_KP_CodeSigning[] = { OID_PKIX_KP, 3 }, 153 OID_KP_EmailProtection[] = { OID_PKIX_KP, 4 }, 154 OID_KP_IPSecEndSystem[] = { OID_PKIX_KP, 5 }, 155 OID_KP_IPSecTunnel[] = { OID_PKIX_KP, 6 }, 156 OID_KP_IPSecUser[] = { OID_PKIX_KP, 7 }, 157 OID_KP_TimeStamping[] = { OID_PKIX_KP, 8 }, 158 OID_KP_OCSPSigning[] = { OID_PKIX_KP, 9 } 159 ; 160 161 /* From PKIX 1 */ 162 static uint8_t 163 OID_AuthorityInfoAccess[] = { OID_PKIX_PE, 1}; 164 165 const KMF_OID 166 KMFOID_AuthorityInfoAccess = {OID_PKIX_LENGTH + 2, OID_AuthorityInfoAccess}; 167 168 static uint8_t 169 OID_PkixAdOcsp[] = {OID_PKIX_AD, 1}; 170 171 const KMF_OID 172 KMFOID_PkixAdOcsp = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdOcsp}; 173 174 static uint8_t 175 OID_PkixAdCaIssuers[] = {OID_PKIX_AD, 2}; 176 177 const KMF_OID 178 KMFOID_PkixAdCaIssuers = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdCaIssuers}; 179 180 /* 181 * From RFC 1274 182 */ 183 static uint8_t 184 OID_userid[] = {OID_PILOT, 1}, 185 OID_RFC822mailbox[] = {OID_PILOT, 3}, 186 OID_domainComponent[] = {OID_PILOT, 25}; 187 188 const KMF_OID 189 KMFOID_userid = {OID_PILOT_LENGTH + 1, OID_userid}, 190 KMFOID_RFC822mailbox = {OID_PILOT_LENGTH + 1, OID_RFC822mailbox}, 191 KMFOID_domainComponent = {OID_PILOT_LENGTH + 1, OID_domainComponent}, 192 KMFOID_ObjectClass = {OID_ATTR_TYPE_LENGTH+1, OID_ObjectClass}, 193 KMFOID_AliasedEntryName = {OID_ATTR_TYPE_LENGTH+1, OID_AliasedEntryName}, 194 KMFOID_KnowledgeInformation = {OID_ATTR_TYPE_LENGTH+1, 195 OID_KnowledgeInformation}, 196 KMFOID_CommonName = {OID_ATTR_TYPE_LENGTH+1, OID_CommonName}, 197 KMFOID_Surname = {OID_ATTR_TYPE_LENGTH+1, OID_Surname}, 198 KMFOID_SerialNumber = {OID_ATTR_TYPE_LENGTH+1, OID_SerialNumber}, 199 KMFOID_CountryName = {OID_ATTR_TYPE_LENGTH+1, OID_CountryName}, 200 KMFOID_LocalityName = {OID_ATTR_TYPE_LENGTH+1, OID_LocalityName}, 201 KMFOID_StateProvinceName = {OID_ATTR_TYPE_LENGTH+1, OID_StateProvinceName}, 202 KMFOID_CollectiveStateProvinceName = {OID_ATTR_TYPE_LENGTH+2, 203 OID_CollectiveStateProvinceName}, 204 KMFOID_StreetAddress = {OID_ATTR_TYPE_LENGTH+1, OID_StreetAddress}, 205 KMFOID_CollectiveStreetAddress = {OID_ATTR_TYPE_LENGTH+2, 206 OID_CollectiveStreetAddress}, 207 KMFOID_OrganizationName = {OID_ATTR_TYPE_LENGTH+1, OID_OrganizationName}, 208 KMFOID_CollectiveOrganizationName = {OID_ATTR_TYPE_LENGTH+2, 209 OID_CollectiveOrganizationName}, 210 KMFOID_OrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+1, 211 OID_OrganizationalUnitName}, 212 KMFOID_CollectiveOrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+2, 213 OID_CollectiveOrganizationalUnitName}, 214 KMFOID_Title = {OID_ATTR_TYPE_LENGTH+1, OID_Title}, 215 KMFOID_Description = {OID_ATTR_TYPE_LENGTH+1, OID_Description}, 216 KMFOID_SearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_SearchGuide}, 217 KMFOID_BusinessCategory = {OID_ATTR_TYPE_LENGTH+1, OID_BusinessCategory}, 218 KMFOID_PostalAddress = {OID_ATTR_TYPE_LENGTH+1, OID_PostalAddress}, 219 KMFOID_CollectivePostalAddress = {OID_ATTR_TYPE_LENGTH+2, 220 OID_CollectivePostalAddress}, 221 KMFOID_PostalCode = {OID_ATTR_TYPE_LENGTH+1, OID_PostalCode}, 222 KMFOID_CollectivePostalCode = {OID_ATTR_TYPE_LENGTH+2, 223 OID_CollectivePostalCode}, 224 KMFOID_PostOfficeBox = {OID_ATTR_TYPE_LENGTH+1, OID_PostOfficeBox}, 225 KMFOID_CollectivePostOfficeBox = {OID_ATTR_TYPE_LENGTH+2, 226 OID_CollectivePostOfficeBox}, 227 KMFOID_PhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+1, 228 OID_PhysicalDeliveryOfficeName}, 229 KMFOID_CollectivePhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+2, 230 OID_CollectivePhysicalDeliveryOfficeName}, 231 KMFOID_TelephoneNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelephoneNumber}, 232 KMFOID_CollectiveTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2, 233 OID_CollectiveTelephoneNumber}, 234 KMFOID_TelexNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelexNumber}, 235 KMFOID_CollectiveTelexNumber = {OID_ATTR_TYPE_LENGTH+2, 236 OID_CollectiveTelexNumber}, 237 KMFOID_TelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+1, 238 OID_TelexTerminalIdentifier}, 239 KMFOID_CollectiveTelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+2, 240 OID_CollectiveTelexTerminalIdentifier}, 241 KMFOID_FacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+1, 242 OID_FacsimileTelephoneNumber}, 243 KMFOID_CollectiveFacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2, 244 OID_CollectiveFacsimileTelephoneNumber}, 245 KMFOID_X_121Address = {OID_ATTR_TYPE_LENGTH+1, OID_X_121Address}, 246 KMFOID_InternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+1, 247 OID_InternationalISDNNumber}, 248 KMFOID_CollectiveInternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+2, 249 OID_CollectiveInternationalISDNNumber}, 250 KMFOID_RegisteredAddress = {OID_ATTR_TYPE_LENGTH+1, OID_RegisteredAddress}, 251 KMFOID_DestinationIndicator = {OID_ATTR_TYPE_LENGTH+1, 252 OID_DestinationIndicator}, 253 KMFOID_PreferredDeliveryMethod = {OID_ATTR_TYPE_LENGTH+1, 254 OID_PreferredDeliveryMethod}, 255 KMFOID_PresentationAddress = {OID_ATTR_TYPE_LENGTH+1, 256 OID_PresentationAddress}, 257 KMFOID_SupportedApplicationContext = {OID_ATTR_TYPE_LENGTH+1, 258 OID_SupportedApplicationContext}, 259 KMFOID_Member = {OID_ATTR_TYPE_LENGTH+1, OID_Member}, 260 KMFOID_Owner = {OID_ATTR_TYPE_LENGTH+1, OID_Owner}, 261 KMFOID_RoleOccupant = {OID_ATTR_TYPE_LENGTH+1, OID_RoleOccupant}, 262 KMFOID_SeeAlso = {OID_ATTR_TYPE_LENGTH+1, OID_SeeAlso}, 263 KMFOID_UserPassword = {OID_ATTR_TYPE_LENGTH+1, OID_UserPassword}, 264 KMFOID_UserCertificate = {OID_ATTR_TYPE_LENGTH+1, OID_UserCertificate}, 265 KMFOID_CACertificate = {OID_ATTR_TYPE_LENGTH+1, OID_CACertificate}, 266 KMFOID_AuthorityRevocationList = {OID_ATTR_TYPE_LENGTH+1, 267 OID_AuthorityRevocationList}, 268 KMFOID_CertificateRevocationList = {OID_ATTR_TYPE_LENGTH+1, 269 OID_CertificateRevocationList}, 270 KMFOID_CrossCertificatePair = {OID_ATTR_TYPE_LENGTH+1, 271 OID_CrossCertificatePair}, 272 KMFOID_Name = {OID_ATTR_TYPE_LENGTH+1, OID_Name}, 273 KMFOID_GivenName = {OID_ATTR_TYPE_LENGTH+1, OID_GivenName}, 274 KMFOID_Initials = {OID_ATTR_TYPE_LENGTH+1, OID_Initials}, 275 KMFOID_GenerationQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_GenerationQualifier}, 276 KMFOID_UniqueIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueIdentifier}, 277 KMFOID_DNQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_DNQualifier}, 278 KMFOID_EnhancedSearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_EnhancedSearchGuide}, 279 KMFOID_ProtocolInformation = {OID_ATTR_TYPE_LENGTH+1, OID_ProtocolInformation}, 280 KMFOID_DistinguishedName = {OID_ATTR_TYPE_LENGTH+1, OID_DistinguishedName}, 281 KMFOID_UniqueMember = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueMember}, 282 KMFOID_HouseIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_HouseIdentifier}, 283 KMFOID_EmailAddress = {OID_PKCS_9_LENGTH+1, OID_EmailAddress}, 284 KMFOID_UnstructuredName = {OID_PKCS_9_LENGTH+1, OID_UnstructuredName}, 285 KMFOID_ContentType = {OID_PKCS_9_LENGTH+1, OID_ContentType}, 286 KMFOID_MessageDigest = {OID_PKCS_9_LENGTH+1, OID_MessageDigest}, 287 KMFOID_SigningTime = {OID_PKCS_9_LENGTH+1, OID_SigningTime}, 288 KMFOID_CounterSignature = {OID_PKCS_9_LENGTH+1, OID_CounterSignature}, 289 KMFOID_ChallengePassword = {OID_PKCS_9_LENGTH+1, OID_ChallengePassword}, 290 KMFOID_UnstructuredAddress = {OID_PKCS_9_LENGTH+1, OID_UnstructuredAddress}, 291 KMFOID_ExtendedCertificateAttributes = {OID_PKCS_9_LENGTH+1, 292 OID_ExtendedCertificateAttributes}, 293 KMFOID_ExtensionRequest = {OID_PKCS_9_LENGTH + 1, OID_ExtensionRequest}; 294 295 static uint8_t 296 OID_AuthorityKeyID[] = { OID_EXTENSION, 1 }, 297 OID_VerisignCertificatePolicy[] = { OID_EXTENSION, 3 }, 298 OID_KeyUsageRestriction[] = { OID_EXTENSION, 4 }; 299 300 const KMF_OID 301 KMFOID_AuthorityKeyID = {OID_EXTENSION_LENGTH+1, OID_AuthorityKeyID}, 302 303 KMFOID_VerisignCertificatePolicy = {OID_EXTENSION_LENGTH+1, 304 OID_VerisignCertificatePolicy}, 305 306 KMFOID_KeyUsageRestriction = {OID_EXTENSION_LENGTH+1, 307 OID_KeyUsageRestriction}, 308 309 KMFOID_SubjectDirectoryAttributes = {OID_EXTENSION_LENGTH+1, 310 OID_SubjectDirectoryAttributes}, 311 312 KMFOID_SubjectKeyIdentifier = {OID_EXTENSION_LENGTH+1, 313 OID_SubjectKeyIdentifier }, 314 KMFOID_KeyUsage = {OID_EXTENSION_LENGTH+1, OID_KeyUsage }, 315 316 KMFOID_PrivateKeyUsagePeriod = {OID_EXTENSION_LENGTH+1, 317 OID_PrivateKeyUsagePeriod}, 318 KMFOID_SubjectAltName = {OID_EXTENSION_LENGTH+1, OID_SubjectAltName }, 319 KMFOID_IssuerAltName = {OID_EXTENSION_LENGTH+1, OID_IssuerAltName }, 320 KMFOID_BasicConstraints = {OID_EXTENSION_LENGTH+1, OID_BasicConstraints }, 321 322 KMFOID_CrlNumber = {OID_EXTENSION_LENGTH+1, OID_CrlNumber}, 323 324 KMFOID_CrlReason = {OID_EXTENSION_LENGTH+1, OID_CrlReason}, 325 326 KMFOID_HoldInstructionCode = {OID_EXTENSION_LENGTH+1, OID_HoldInstructionCode}, 327 328 KMFOID_InvalidityDate = {OID_EXTENSION_LENGTH+1, OID_InvalidityDate}, 329 330 KMFOID_DeltaCrlIndicator = {OID_EXTENSION_LENGTH+1, OID_DeltaCrlIndicator}, 331 332 KMFOID_IssuingDistributionPoints = {OID_EXTENSION_LENGTH+1, 333 OID_IssuingDistributionPoints}, 334 335 KMFOID_NameConstraints = {OID_EXTENSION_LENGTH+1, 336 OID_NameConstraints}, 337 338 KMFOID_CrlDistributionPoints = {OID_EXTENSION_LENGTH+1, 339 OID_CrlDistributionPoints}, 340 341 KMFOID_CertificatePolicies = {OID_EXTENSION_LENGTH+1, 342 OID_CertificatePolicies}, 343 344 KMFOID_PolicyMappings = {OID_EXTENSION_LENGTH+1, OID_PolicyMappings}, 345 346 KMFOID_PolicyConstraints = {OID_EXTENSION_LENGTH+1, OID_PolicyConstraints}, 347 348 KMFOID_AuthorityKeyIdentifier = {OID_EXTENSION_LENGTH+1, 349 OID_AuthorityKeyIdentifier}, 350 351 KMFOID_ExtendedKeyUsage = {OID_EXTENSION_LENGTH+1, OID_ExtKeyUsage}, 352 353 KMFOID_PKIX_PQ_CPSuri = {OID_PKIX_QT_CPS_LENGTH, OID_QT_CPSuri}, 354 355 KMFOID_PKIX_PQ_Unotice = {OID_PKIX_QT_UNOTICE_LENGTH, OID_QT_Unotice}, 356 357 /* Extended Key Usage OIDs */ 358 KMFOID_PKIX_KP_ServerAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ServerAuth}, 359 360 KMFOID_PKIX_KP_ClientAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ClientAuth}, 361 362 KMFOID_PKIX_KP_CodeSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_CodeSigning}, 363 364 KMFOID_PKIX_KP_EmailProtection = {OID_PKIX_KP_LENGTH + 1, 365 OID_KP_EmailProtection}, 366 367 KMFOID_PKIX_KP_IPSecEndSystem = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecEndSystem}, 368 369 KMFOID_PKIX_KP_IPSecTunnel = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecTunnel}, 370 371 KMFOID_PKIX_KP_IPSecUser = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecUser}, 372 373 KMFOID_PKIX_KP_TimeStamping = {OID_PKIX_KP_LENGTH + 1, OID_KP_TimeStamping}, 374 375 KMFOID_PKIX_KP_OCSPSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_OCSPSigning}; 376