1 /* 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 /* 6 * Copyright(c) 1995-2000 Intel Corporation. All rights reserved. 7 */ 8 9 #pragma ident "%Z%%M% %I% %E% SMI" 10 11 #include <kmfapi.h> 12 13 /* From X.520 */ 14 static uint8_t 15 OID_ObjectClass[] = { OID_ATTR_TYPE, 0 }, 16 OID_AliasedEntryName[] = { OID_ATTR_TYPE, 1 }, 17 OID_KnowledgeInformation[] = { OID_ATTR_TYPE, 2 }, 18 OID_CommonName[] = { OID_ATTR_TYPE, 3 }, 19 OID_Surname[] = { OID_ATTR_TYPE, 4 }, 20 OID_SerialNumber[] = { OID_ATTR_TYPE, 5 }, 21 OID_CountryName[] = { OID_ATTR_TYPE, 6 }, 22 OID_LocalityName[] = { OID_ATTR_TYPE, 7 }, 23 OID_StateProvinceName[] = { OID_ATTR_TYPE, 8 }, 24 OID_CollectiveStateProvinceName[] = { OID_ATTR_TYPE, 8, 1 }, 25 OID_StreetAddress[] = { OID_ATTR_TYPE, 9 }, 26 OID_CollectiveStreetAddress[] = { OID_ATTR_TYPE, 9, 1 }, 27 OID_OrganizationName[] = { OID_ATTR_TYPE, 10 }, 28 OID_CollectiveOrganizationName[] = { OID_ATTR_TYPE, 10, 1 }, 29 OID_OrganizationalUnitName[] = { OID_ATTR_TYPE, 11 }, 30 OID_CollectiveOrganizationalUnitName[] = { OID_ATTR_TYPE, 11, 1 }, 31 OID_Title[] = { OID_ATTR_TYPE, 12 }, 32 OID_Description[] = { OID_ATTR_TYPE, 13 }, 33 OID_SearchGuide[] = { OID_ATTR_TYPE, 14 }, 34 OID_BusinessCategory[] = { OID_ATTR_TYPE, 15 }, 35 OID_PostalAddress[] = { OID_ATTR_TYPE, 16 }, 36 OID_CollectivePostalAddress[] = { OID_ATTR_TYPE, 16, 1 }, 37 OID_PostalCode[] = { OID_ATTR_TYPE, 17 }, 38 OID_CollectivePostalCode[] = { OID_ATTR_TYPE, 17, 1 }, 39 OID_PostOfficeBox[] = { OID_ATTR_TYPE, 18 }, 40 OID_CollectivePostOfficeBox[] = { OID_ATTR_TYPE, 18, 1 }, 41 OID_PhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19 }, 42 OID_CollectivePhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19, 1 }, 43 OID_TelephoneNumber[] = { OID_ATTR_TYPE, 20 }, 44 OID_CollectiveTelephoneNumber[] = { OID_ATTR_TYPE, 20, 1 }, 45 OID_TelexNumber[] = { OID_ATTR_TYPE, 21 }, 46 OID_CollectiveTelexNumber[] = { OID_ATTR_TYPE, 21, 1 }, 47 OID_TelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22 }, 48 OID_CollectiveTelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22, 1 }, 49 OID_FacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23 }, 50 OID_CollectiveFacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23, 1 }, 51 OID_X_121Address[] = { OID_ATTR_TYPE, 24 }, 52 OID_InternationalISDNNumber[] = { OID_ATTR_TYPE, 25 }, 53 OID_CollectiveInternationalISDNNumber[] = { OID_ATTR_TYPE, 25, 1 }, 54 OID_RegisteredAddress[] = { OID_ATTR_TYPE, 26 }, 55 OID_DestinationIndicator[] = { OID_ATTR_TYPE, 27 }, 56 OID_PreferredDeliveryMethod[] = { OID_ATTR_TYPE, 28 }, 57 OID_PresentationAddress[] = { OID_ATTR_TYPE, 29 }, 58 OID_SupportedApplicationContext[] = { OID_ATTR_TYPE, 30 }, 59 OID_Member[] = { OID_ATTR_TYPE, 31 }, 60 OID_Owner[] = { OID_ATTR_TYPE, 32 }, 61 OID_RoleOccupant[] = { OID_ATTR_TYPE, 33 }, 62 OID_SeeAlso[] = { OID_ATTR_TYPE, 34 }, 63 OID_UserPassword[] = { OID_ATTR_TYPE, 35 }, 64 OID_UserCertificate[] = { OID_ATTR_TYPE, 36 }, 65 OID_CACertificate[] = { OID_ATTR_TYPE, 37 }, 66 OID_AuthorityRevocationList[] = { OID_ATTR_TYPE, 38 }, 67 OID_CertificateRevocationList[] = { OID_ATTR_TYPE, 39 }, 68 OID_CrossCertificatePair[] = { OID_ATTR_TYPE, 40 }, 69 OID_Name[] = { OID_ATTR_TYPE, 41 }, 70 OID_GivenName[] = { OID_ATTR_TYPE, 42 }, 71 OID_Initials[] = { OID_ATTR_TYPE, 43 }, 72 OID_GenerationQualifier[] = { OID_ATTR_TYPE, 44 }, 73 OID_UniqueIdentifier[] = { OID_ATTR_TYPE, 45 }, 74 OID_DNQualifier[] = { OID_ATTR_TYPE, 46 }, 75 OID_EnhancedSearchGuide[] = { OID_ATTR_TYPE, 47 }, 76 OID_ProtocolInformation[] = { OID_ATTR_TYPE, 48 }, 77 OID_DistinguishedName[] = { OID_ATTR_TYPE, 49 }, 78 OID_UniqueMember[] = { OID_ATTR_TYPE, 50 }, 79 OID_HouseIdentifier[] = { OID_ATTR_TYPE, 51 } 80 /* OID_SupportedAlgorithms[] = { OID_ATTR_TYPE, 52 }, */ 81 /* OID_DeltaRevocationList[] = { OID_ATTR_TYPE, 53 }, */ 82 /* OID_AttributeCertificate[] = { OID_ATTR_TYPE, 58 } */ 83 ; 84 85 /* From PKCS 9 */ 86 static uint8_t 87 OID_EmailAddress[] = { OID_PKCS_9, 1 }, 88 OID_UnstructuredName[] = { OID_PKCS_9, 2 }, 89 OID_ContentType[] = { OID_PKCS_9, 3 }, 90 OID_MessageDigest[] = { OID_PKCS_9, 4 }, 91 OID_SigningTime[] = { OID_PKCS_9, 5 }, 92 OID_CounterSignature[] = { OID_PKCS_9, 6 }, 93 OID_ChallengePassword[] = { OID_PKCS_9, 7 }, 94 OID_UnstructuredAddress[] = { OID_PKCS_9, 8 }, 95 OID_ExtendedCertificateAttributes[] = { OID_PKCS_9, 9 }, 96 OID_ExtensionRequest[] = { OID_PKCS_9, 14 }; 97 98 /* From PKIX 1 */ 99 /* Standard Extensions */ 100 static uint8_t 101 OID_SubjectDirectoryAttributes[] = { OID_EXTENSION, 9 }, 102 OID_SubjectKeyIdentifier[] = { OID_EXTENSION, 14 }, 103 OID_KeyUsage[] = { OID_EXTENSION, 15 }, 104 OID_PrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 }, 105 OID_SubjectAltName[] = { OID_EXTENSION, 17 }, 106 OID_IssuerAltName[] = { OID_EXTENSION, 18 }, 107 OID_BasicConstraints[] = { OID_EXTENSION, 19 }, 108 OID_CrlNumber[] = { OID_EXTENSION, 20 }, 109 OID_CrlReason[] = { OID_EXTENSION, 21 }, 110 OID_HoldInstructionCode[] = { OID_EXTENSION, 23 }, 111 OID_InvalidityDate[] = { OID_EXTENSION, 24 }, 112 OID_DeltaCrlIndicator[] = { OID_EXTENSION, 27 }, 113 OID_IssuingDistributionPoints[] = { OID_EXTENSION, 28 }, 114 115 /* OID_CertificateIssuer[] = { OID_EXTENSION, 29 }, */ 116 OID_NameConstraints[] = { OID_EXTENSION, 30 }, 117 OID_CrlDistributionPoints[] = { OID_EXTENSION, 31 }, 118 OID_CertificatePolicies[] = { OID_EXTENSION, 32 }, 119 OID_PolicyMappings[] = { OID_EXTENSION, 33 }, 120 /* 34 deprecated */ 121 OID_AuthorityKeyIdentifier[] = { OID_EXTENSION, 35 }, 122 OID_PolicyConstraints[] = { OID_EXTENSION, 36 }, 123 OID_ExtKeyUsage[] = { OID_EXTENSION, 37 } 124 ; 125 126 /* PKIX-defined extended key purpose OIDs */ 127 static uint8_t 128 OID_QT_CPSuri[] = { OID_PKIX_QT_CPS }, 129 OID_QT_Unotice[] = { OID_PKIX_QT_UNOTICE }, 130 131 OID_KP_ServerAuth[] = { OID_PKIX_KP, 1 }, 132 OID_KP_ClientAuth[] = { OID_PKIX_KP, 2 }, 133 OID_KP_CodeSigning[] = { OID_PKIX_KP, 3 }, 134 OID_KP_EmailProtection[] = { OID_PKIX_KP, 4 }, 135 OID_KP_IPSecEndSystem[] = { OID_PKIX_KP, 5 }, 136 OID_KP_IPSecTunnel[] = { OID_PKIX_KP, 6 }, 137 OID_KP_IPSecUser[] = { OID_PKIX_KP, 7 }, 138 OID_KP_TimeStamping[] = { OID_PKIX_KP, 8 }, 139 OID_KP_OCSPSigning[] = { OID_PKIX_KP, 9 } 140 ; 141 142 /* From PKIX 1 */ 143 static uint8_t 144 OID_AuthorityInfoAccess[] = { OID_PKIX_PE, 1}; 145 146 const KMF_OID 147 KMFOID_AuthorityInfoAccess = {OID_PKIX_LENGTH + 2, OID_AuthorityInfoAccess}; 148 149 static uint8_t 150 OID_PkixAdOcsp[] = {OID_PKIX_AD, 1}; 151 152 const KMF_OID 153 KMFOID_PkixAdOcsp = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdOcsp}; 154 155 static uint8_t 156 OID_PkixAdCaIssuers[] = {OID_PKIX_AD, 2}; 157 158 const KMF_OID 159 KMFOID_PkixAdCaIssuers = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdCaIssuers}; 160 161 /* 162 * From RFC 1274 163 */ 164 static uint8_t 165 OID_userid[] = {OID_PILOT, 1}, 166 OID_RFC822mailbox[] = {OID_PILOT, 3}, 167 OID_domainComponent[] = {OID_PILOT, 25}; 168 169 const KMF_OID 170 KMFOID_userid = {OID_PILOT_LENGTH + 1, OID_userid}, 171 KMFOID_RFC822mailbox = {OID_PILOT_LENGTH + 1, OID_RFC822mailbox}, 172 KMFOID_domainComponent = {OID_PILOT_LENGTH + 1, OID_domainComponent}, 173 KMFOID_ObjectClass = {OID_ATTR_TYPE_LENGTH+1, OID_ObjectClass}, 174 KMFOID_AliasedEntryName = {OID_ATTR_TYPE_LENGTH+1, OID_AliasedEntryName}, 175 KMFOID_KnowledgeInformation = {OID_ATTR_TYPE_LENGTH+1, 176 OID_KnowledgeInformation}, 177 KMFOID_CommonName = {OID_ATTR_TYPE_LENGTH+1, OID_CommonName}, 178 KMFOID_Surname = {OID_ATTR_TYPE_LENGTH+1, OID_Surname}, 179 KMFOID_SerialNumber = {OID_ATTR_TYPE_LENGTH+1, OID_SerialNumber}, 180 KMFOID_CountryName = {OID_ATTR_TYPE_LENGTH+1, OID_CountryName}, 181 KMFOID_LocalityName = {OID_ATTR_TYPE_LENGTH+1, OID_LocalityName}, 182 KMFOID_StateProvinceName = {OID_ATTR_TYPE_LENGTH+1, OID_StateProvinceName}, 183 KMFOID_CollectiveStateProvinceName = {OID_ATTR_TYPE_LENGTH+2, 184 OID_CollectiveStateProvinceName}, 185 KMFOID_StreetAddress = {OID_ATTR_TYPE_LENGTH+1, OID_StreetAddress}, 186 KMFOID_CollectiveStreetAddress = {OID_ATTR_TYPE_LENGTH+2, 187 OID_CollectiveStreetAddress}, 188 KMFOID_OrganizationName = {OID_ATTR_TYPE_LENGTH+1, OID_OrganizationName}, 189 KMFOID_CollectiveOrganizationName = {OID_ATTR_TYPE_LENGTH+2, 190 OID_CollectiveOrganizationName}, 191 KMFOID_OrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+1, 192 OID_OrganizationalUnitName}, 193 KMFOID_CollectiveOrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+2, 194 OID_CollectiveOrganizationalUnitName}, 195 KMFOID_Title = {OID_ATTR_TYPE_LENGTH+1, OID_Title}, 196 KMFOID_Description = {OID_ATTR_TYPE_LENGTH+1, OID_Description}, 197 KMFOID_SearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_SearchGuide}, 198 KMFOID_BusinessCategory = {OID_ATTR_TYPE_LENGTH+1, OID_BusinessCategory}, 199 KMFOID_PostalAddress = {OID_ATTR_TYPE_LENGTH+1, OID_PostalAddress}, 200 KMFOID_CollectivePostalAddress = {OID_ATTR_TYPE_LENGTH+2, 201 OID_CollectivePostalAddress}, 202 KMFOID_PostalCode = {OID_ATTR_TYPE_LENGTH+1, OID_PostalCode}, 203 KMFOID_CollectivePostalCode = {OID_ATTR_TYPE_LENGTH+2, 204 OID_CollectivePostalCode}, 205 KMFOID_PostOfficeBox = {OID_ATTR_TYPE_LENGTH+1, OID_PostOfficeBox}, 206 KMFOID_CollectivePostOfficeBox = {OID_ATTR_TYPE_LENGTH+2, 207 OID_CollectivePostOfficeBox}, 208 KMFOID_PhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+1, 209 OID_PhysicalDeliveryOfficeName}, 210 KMFOID_CollectivePhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+2, 211 OID_CollectivePhysicalDeliveryOfficeName}, 212 KMFOID_TelephoneNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelephoneNumber}, 213 KMFOID_CollectiveTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2, 214 OID_CollectiveTelephoneNumber}, 215 KMFOID_TelexNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelexNumber}, 216 KMFOID_CollectiveTelexNumber = {OID_ATTR_TYPE_LENGTH+2, 217 OID_CollectiveTelexNumber}, 218 KMFOID_TelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+1, 219 OID_TelexTerminalIdentifier}, 220 KMFOID_CollectiveTelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+2, 221 OID_CollectiveTelexTerminalIdentifier}, 222 KMFOID_FacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+1, 223 OID_FacsimileTelephoneNumber}, 224 KMFOID_CollectiveFacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2, 225 OID_CollectiveFacsimileTelephoneNumber}, 226 KMFOID_X_121Address = {OID_ATTR_TYPE_LENGTH+1, OID_X_121Address}, 227 KMFOID_InternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+1, 228 OID_InternationalISDNNumber}, 229 KMFOID_CollectiveInternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+2, 230 OID_CollectiveInternationalISDNNumber}, 231 KMFOID_RegisteredAddress = {OID_ATTR_TYPE_LENGTH+1, OID_RegisteredAddress}, 232 KMFOID_DestinationIndicator = {OID_ATTR_TYPE_LENGTH+1, 233 OID_DestinationIndicator}, 234 KMFOID_PreferredDeliveryMethod = {OID_ATTR_TYPE_LENGTH+1, 235 OID_PreferredDeliveryMethod}, 236 KMFOID_PresentationAddress = {OID_ATTR_TYPE_LENGTH+1, 237 OID_PresentationAddress}, 238 KMFOID_SupportedApplicationContext = {OID_ATTR_TYPE_LENGTH+1, 239 OID_SupportedApplicationContext}, 240 KMFOID_Member = {OID_ATTR_TYPE_LENGTH+1, OID_Member}, 241 KMFOID_Owner = {OID_ATTR_TYPE_LENGTH+1, OID_Owner}, 242 KMFOID_RoleOccupant = {OID_ATTR_TYPE_LENGTH+1, OID_RoleOccupant}, 243 KMFOID_SeeAlso = {OID_ATTR_TYPE_LENGTH+1, OID_SeeAlso}, 244 KMFOID_UserPassword = {OID_ATTR_TYPE_LENGTH+1, OID_UserPassword}, 245 KMFOID_UserCertificate = {OID_ATTR_TYPE_LENGTH+1, OID_UserCertificate}, 246 KMFOID_CACertificate = {OID_ATTR_TYPE_LENGTH+1, OID_CACertificate}, 247 KMFOID_AuthorityRevocationList = {OID_ATTR_TYPE_LENGTH+1, 248 OID_AuthorityRevocationList}, 249 KMFOID_CertificateRevocationList = {OID_ATTR_TYPE_LENGTH+1, 250 OID_CertificateRevocationList}, 251 KMFOID_CrossCertificatePair = {OID_ATTR_TYPE_LENGTH+1, 252 OID_CrossCertificatePair}, 253 KMFOID_Name = {OID_ATTR_TYPE_LENGTH+1, OID_Name}, 254 KMFOID_GivenName = {OID_ATTR_TYPE_LENGTH+1, OID_GivenName}, 255 KMFOID_Initials = {OID_ATTR_TYPE_LENGTH+1, OID_Initials}, 256 KMFOID_GenerationQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_GenerationQualifier}, 257 KMFOID_UniqueIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueIdentifier}, 258 KMFOID_DNQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_DNQualifier}, 259 KMFOID_EnhancedSearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_EnhancedSearchGuide}, 260 KMFOID_ProtocolInformation = {OID_ATTR_TYPE_LENGTH+1, OID_ProtocolInformation}, 261 KMFOID_DistinguishedName = {OID_ATTR_TYPE_LENGTH+1, OID_DistinguishedName}, 262 KMFOID_UniqueMember = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueMember}, 263 KMFOID_HouseIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_HouseIdentifier}, 264 KMFOID_EmailAddress = {OID_PKCS_9_LENGTH+1, OID_EmailAddress}, 265 KMFOID_UnstructuredName = {OID_PKCS_9_LENGTH+1, OID_UnstructuredName}, 266 KMFOID_ContentType = {OID_PKCS_9_LENGTH+1, OID_ContentType}, 267 KMFOID_MessageDigest = {OID_PKCS_9_LENGTH+1, OID_MessageDigest}, 268 KMFOID_SigningTime = {OID_PKCS_9_LENGTH+1, OID_SigningTime}, 269 KMFOID_CounterSignature = {OID_PKCS_9_LENGTH+1, OID_CounterSignature}, 270 KMFOID_ChallengePassword = {OID_PKCS_9_LENGTH+1, OID_ChallengePassword}, 271 KMFOID_UnstructuredAddress = {OID_PKCS_9_LENGTH+1, OID_UnstructuredAddress}, 272 KMFOID_ExtendedCertificateAttributes = {OID_PKCS_9_LENGTH+1, 273 OID_ExtendedCertificateAttributes}, 274 KMFOID_ExtensionRequest = {OID_PKCS_9_LENGTH + 1, OID_ExtensionRequest}; 275 276 static uint8_t 277 OID_AuthorityKeyID[] = { OID_EXTENSION, 1 }, 278 OID_VerisignCertificatePolicy[] = { OID_EXTENSION, 3 }, 279 OID_KeyUsageRestriction[] = { OID_EXTENSION, 4 }; 280 281 const KMF_OID 282 KMFOID_AuthorityKeyID = {OID_EXTENSION_LENGTH+1, OID_AuthorityKeyID}, 283 284 KMFOID_VerisignCertificatePolicy = {OID_EXTENSION_LENGTH+1, 285 OID_VerisignCertificatePolicy}, 286 287 KMFOID_KeyUsageRestriction = {OID_EXTENSION_LENGTH+1, 288 OID_KeyUsageRestriction}, 289 290 KMFOID_SubjectDirectoryAttributes = {OID_EXTENSION_LENGTH+1, 291 OID_SubjectDirectoryAttributes}, 292 293 KMFOID_SubjectKeyIdentifier = {OID_EXTENSION_LENGTH+1, 294 OID_SubjectKeyIdentifier }, 295 KMFOID_KeyUsage = {OID_EXTENSION_LENGTH+1, OID_KeyUsage }, 296 297 KMFOID_PrivateKeyUsagePeriod = {OID_EXTENSION_LENGTH+1, 298 OID_PrivateKeyUsagePeriod}, 299 KMFOID_SubjectAltName = {OID_EXTENSION_LENGTH+1, OID_SubjectAltName }, 300 KMFOID_IssuerAltName = {OID_EXTENSION_LENGTH+1, OID_IssuerAltName }, 301 KMFOID_BasicConstraints = {OID_EXTENSION_LENGTH+1, OID_BasicConstraints }, 302 303 KMFOID_CrlNumber = {OID_EXTENSION_LENGTH+1, OID_CrlNumber}, 304 305 KMFOID_CrlReason = {OID_EXTENSION_LENGTH+1, OID_CrlReason}, 306 307 KMFOID_HoldInstructionCode = {OID_EXTENSION_LENGTH+1, OID_HoldInstructionCode}, 308 309 KMFOID_InvalidityDate = {OID_EXTENSION_LENGTH+1, OID_InvalidityDate}, 310 311 KMFOID_DeltaCrlIndicator = {OID_EXTENSION_LENGTH+1, OID_DeltaCrlIndicator}, 312 313 KMFOID_IssuingDistributionPoints = {OID_EXTENSION_LENGTH+1, 314 OID_IssuingDistributionPoints}, 315 316 KMFOID_NameConstraints = {OID_EXTENSION_LENGTH+1, 317 OID_NameConstraints}, 318 319 KMFOID_CrlDistributionPoints = {OID_EXTENSION_LENGTH+1, 320 OID_CrlDistributionPoints}, 321 322 KMFOID_CertificatePolicies = {OID_EXTENSION_LENGTH+1, 323 OID_CertificatePolicies}, 324 325 KMFOID_PolicyMappings = {OID_EXTENSION_LENGTH+1, OID_PolicyMappings}, 326 327 KMFOID_PolicyConstraints = {OID_EXTENSION_LENGTH+1, OID_PolicyConstraints}, 328 329 KMFOID_AuthorityKeyIdentifier = {OID_EXTENSION_LENGTH+1, 330 OID_AuthorityKeyIdentifier}, 331 332 KMFOID_ExtendedKeyUsage = {OID_EXTENSION_LENGTH+1, OID_ExtKeyUsage}, 333 334 KMFOID_PKIX_PQ_CPSuri = {OID_PKIX_QT_CPS_LENGTH, OID_QT_CPSuri}, 335 336 KMFOID_PKIX_PQ_Unotice = {OID_PKIX_QT_UNOTICE_LENGTH, OID_QT_Unotice}, 337 338 /* Extended Key Usage OIDs */ 339 KMFOID_PKIX_KP_ServerAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ServerAuth}, 340 341 KMFOID_PKIX_KP_ClientAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ClientAuth}, 342 343 KMFOID_PKIX_KP_CodeSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_CodeSigning}, 344 345 KMFOID_PKIX_KP_EmailProtection = {OID_PKIX_KP_LENGTH + 1, 346 OID_KP_EmailProtection}, 347 348 KMFOID_PKIX_KP_IPSecEndSystem = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecEndSystem}, 349 350 KMFOID_PKIX_KP_IPSecTunnel = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecTunnel}, 351 352 KMFOID_PKIX_KP_IPSecUser = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecUser}, 353 354 KMFOID_PKIX_KP_TimeStamping = {OID_PKIX_KP_LENGTH + 1, OID_KP_TimeStamping}, 355 356 KMFOID_PKIX_KP_OCSPSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_OCSPSigning}; 357 358 static uint8_t 359 OID_OIW_SHA1[] = { OID_OIW_ALGORITHM, 26}, 360 OID_OIW_DSA[] = { OID_OIW_ALGORITHM, 12 }, 361 OID_OIW_DSAWithSHA1[] = { OID_OIW_ALGORITHM, 27 }, 362 OID_RSAEncryption[] = { OID_PKCS_1, 1 }, 363 OID_MD2WithRSA[] = { OID_PKCS_1, 2 }, 364 OID_MD5WithRSA[] = { OID_PKCS_1, 4 }, 365 OID_SHA1WithRSA[] = { OID_PKCS_1, 5 }, 366 OID_X9CM_DSA[] = { OID_X9CM_X9ALGORITHM, 1 }, 367 OID_X9CM_DSAWithSHA1[] = { OID_X9CM_X9ALGORITHM, 3}; 368 369 const KMF_OID 370 KMFOID_SHA1 = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_SHA1}, 371 KMFOID_RSA = {OID_PKCS_1_LENGTH+1, OID_RSAEncryption}, 372 KMFOID_DSA = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_DSA}, 373 KMFOID_MD5WithRSA = {OID_PKCS_1_LENGTH+1, OID_MD5WithRSA}, 374 KMFOID_MD2WithRSA = {OID_PKCS_1_LENGTH+1, OID_MD2WithRSA}, 375 KMFOID_SHA1WithRSA = {OID_PKCS_1_LENGTH+1, OID_SHA1WithRSA}, 376 KMFOID_SHA1WithDSA = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_DSAWithSHA1}, 377 KMFOID_OIW_DSAWithSHA1 = {OID_OIW_ALGORITHM_LENGTH+1, 378 OID_OIW_DSAWithSHA1}, 379 KMFOID_X9CM_DSA = {OID_X9CM_X9ALGORITHM_LENGTH+1, OID_X9CM_DSA}, 380 KMFOID_X9CM_DSAWithSHA1 = {OID_X9CM_X9ALGORITHM_LENGTH+1, 381 OID_X9CM_DSAWithSHA1}; 382 383 /* 384 * New for PKINIT support. 385 */ 386 static uint8_t 387 OID_pkinit_san[] = { OID_KRB5_SAN }, 388 OID_pkinit_san_upn[] = { OID_MS_KP_SC_LOGON_UPN }, 389 OID_pkinit_kp_clientauth[] = { OID_KRB5_PKINIT_KPCLIENTAUTH }, 390 OID_pkinit_kp_kdc[] = { OID_KRB5_PKINIT_KPKDC }, 391 OID_pkinit_kp_sc_logon[] = { OID_MS_KP_SC_LOGON }; 392 393 const KMF_OID 394 KMFOID_PKINIT_san = {OID_KRB5_SAN_LENGTH, OID_pkinit_san }, 395 KMFOID_PKINIT_ClientAuth = {OID_KRB5_PKINIT_KPCLIENTAUTH_LENGTH, 396 OID_pkinit_kp_clientauth}, 397 KMFOID_PKINIT_Kdc = {OID_KRB5_PKINIT_KPKDC_LENGTH, 398 OID_pkinit_kp_kdc}, 399 KMFOID_MS_KP_SCLogon = {OID_MS_KP_SC_LOGON_LENGTH, 400 OID_pkinit_kp_sc_logon}, 401 KMFOID_MS_KP_SCLogon_UPN = {OID_MS_KP_SC_LOGON_UPN_LENGTH, 402 OID_pkinit_san_upn}; 403