xref: /titanic_44/usr/src/lib/libkmf/libkmf/common/kmfoids.c (revision 21bf64a78855d076f09716ea1c06175d954e934c)
1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 /*
6  * Copyright(c) 1995-2000 Intel Corporation. All rights reserved.
7  */
8 
9 #pragma ident	"%Z%%M%	%I%	%E% SMI"
10 
11 #include <kmfapi.h>
12 
13 /* From X.520 */
14 static uint8_t
15 OID_ObjectClass[] = { OID_ATTR_TYPE, 0 },
16 OID_AliasedEntryName[] = { OID_ATTR_TYPE, 1 },
17 OID_KnowledgeInformation[] = { OID_ATTR_TYPE, 2 },
18 OID_CommonName[] = { OID_ATTR_TYPE, 3 },
19 OID_Surname[] = { OID_ATTR_TYPE, 4 },
20 OID_SerialNumber[] = { OID_ATTR_TYPE, 5 },
21 OID_CountryName[] = { OID_ATTR_TYPE, 6 },
22 OID_LocalityName[] = { OID_ATTR_TYPE, 7 },
23 OID_StateProvinceName[] = { OID_ATTR_TYPE, 8 },
24 OID_CollectiveStateProvinceName[] = { OID_ATTR_TYPE, 8, 1 },
25 OID_StreetAddress[] = { OID_ATTR_TYPE, 9 },
26 OID_CollectiveStreetAddress[] = { OID_ATTR_TYPE, 9, 1 },
27 OID_OrganizationName[] = { OID_ATTR_TYPE, 10 },
28 OID_CollectiveOrganizationName[] = { OID_ATTR_TYPE, 10, 1 },
29 OID_OrganizationalUnitName[] = { OID_ATTR_TYPE, 11 },
30 OID_CollectiveOrganizationalUnitName[] = { OID_ATTR_TYPE, 11, 1 },
31 OID_Title[] = { OID_ATTR_TYPE, 12 },
32 OID_Description[] = { OID_ATTR_TYPE, 13 },
33 OID_SearchGuide[] = { OID_ATTR_TYPE, 14 },
34 OID_BusinessCategory[] = { OID_ATTR_TYPE, 15 },
35 OID_PostalAddress[] = { OID_ATTR_TYPE, 16 },
36 OID_CollectivePostalAddress[] = { OID_ATTR_TYPE, 16, 1 },
37 OID_PostalCode[] = { OID_ATTR_TYPE, 17 },
38 OID_CollectivePostalCode[] = { OID_ATTR_TYPE, 17, 1 },
39 OID_PostOfficeBox[] = { OID_ATTR_TYPE, 18 },
40 OID_CollectivePostOfficeBox[] = { OID_ATTR_TYPE, 18, 1 },
41 OID_PhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19 },
42 OID_CollectivePhysicalDeliveryOfficeName[] = { OID_ATTR_TYPE, 19, 1 },
43 OID_TelephoneNumber[] = { OID_ATTR_TYPE, 20 },
44 OID_CollectiveTelephoneNumber[] = { OID_ATTR_TYPE, 20, 1 },
45 OID_TelexNumber[] = { OID_ATTR_TYPE, 21 },
46 OID_CollectiveTelexNumber[] = { OID_ATTR_TYPE, 21, 1 },
47 OID_TelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22 },
48 OID_CollectiveTelexTerminalIdentifier[] = { OID_ATTR_TYPE, 22, 1 },
49 OID_FacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23 },
50 OID_CollectiveFacsimileTelephoneNumber[] = { OID_ATTR_TYPE, 23, 1 },
51 OID_X_121Address[] = { OID_ATTR_TYPE, 24 },
52 OID_InternationalISDNNumber[] = { OID_ATTR_TYPE, 25 },
53 OID_CollectiveInternationalISDNNumber[] = { OID_ATTR_TYPE, 25, 1 },
54 OID_RegisteredAddress[] = { OID_ATTR_TYPE, 26 },
55 OID_DestinationIndicator[] = { OID_ATTR_TYPE, 27 },
56 OID_PreferredDeliveryMethod[] = { OID_ATTR_TYPE, 28 },
57 OID_PresentationAddress[] = { OID_ATTR_TYPE, 29 },
58 OID_SupportedApplicationContext[] = { OID_ATTR_TYPE, 30 },
59 OID_Member[] = { OID_ATTR_TYPE, 31 },
60 OID_Owner[] = { OID_ATTR_TYPE, 32 },
61 OID_RoleOccupant[] = { OID_ATTR_TYPE, 33 },
62 OID_SeeAlso[] = { OID_ATTR_TYPE, 34 },
63 OID_UserPassword[] = { OID_ATTR_TYPE, 35 },
64 OID_UserCertificate[] = { OID_ATTR_TYPE, 36 },
65 OID_CACertificate[] = { OID_ATTR_TYPE, 37 },
66 OID_AuthorityRevocationList[] = { OID_ATTR_TYPE, 38 },
67 OID_CertificateRevocationList[] = { OID_ATTR_TYPE, 39 },
68 OID_CrossCertificatePair[] = { OID_ATTR_TYPE, 40 },
69 OID_Name[] = { OID_ATTR_TYPE, 41 },
70 OID_GivenName[] = { OID_ATTR_TYPE, 42 },
71 OID_Initials[] = { OID_ATTR_TYPE, 43 },
72 OID_GenerationQualifier[] = { OID_ATTR_TYPE, 44 },
73 OID_UniqueIdentifier[] = { OID_ATTR_TYPE, 45 },
74 OID_DNQualifier[] = { OID_ATTR_TYPE, 46 },
75 OID_EnhancedSearchGuide[] = { OID_ATTR_TYPE, 47 },
76 OID_ProtocolInformation[] = { OID_ATTR_TYPE, 48 },
77 OID_DistinguishedName[] = { OID_ATTR_TYPE, 49 },
78 OID_UniqueMember[] = { OID_ATTR_TYPE, 50 },
79 OID_HouseIdentifier[] = { OID_ATTR_TYPE, 51 }
80 /* OID_SupportedAlgorithms[] = { OID_ATTR_TYPE, 52 }, */
81 /* OID_DeltaRevocationList[] = { OID_ATTR_TYPE, 53 }, */
82 /* OID_AttributeCertificate[] = { OID_ATTR_TYPE, 58 } */
83 ;
84 
85 /* From PKCS 9 */
86 static uint8_t
87 OID_EmailAddress[] = { OID_PKCS_9, 1 },
88 OID_UnstructuredName[] = { OID_PKCS_9, 2 },
89 OID_ContentType[] = { OID_PKCS_9, 3 },
90 OID_MessageDigest[] = { OID_PKCS_9, 4 },
91 OID_SigningTime[] = { OID_PKCS_9, 5 },
92 OID_CounterSignature[] = { OID_PKCS_9, 6 },
93 OID_ChallengePassword[] = { OID_PKCS_9, 7 },
94 OID_UnstructuredAddress[] = { OID_PKCS_9, 8 },
95 OID_ExtendedCertificateAttributes[] = { OID_PKCS_9, 9 },
96 OID_ExtensionRequest[] = { OID_PKCS_9, 14 };
97 
98 /* From PKIX 1 */
99 /* Standard Extensions */
100 static uint8_t
101 OID_SubjectDirectoryAttributes[] = { OID_EXTENSION, 9 },
102 OID_SubjectKeyIdentifier[] = { OID_EXTENSION, 14 },
103 OID_KeyUsage[] = { OID_EXTENSION, 15 },
104 OID_PrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 },
105 OID_SubjectAltName[] = { OID_EXTENSION, 17 },
106 OID_IssuerAltName[] = { OID_EXTENSION, 18 },
107 OID_BasicConstraints[] = { OID_EXTENSION, 19 },
108 OID_CrlNumber[] = { OID_EXTENSION, 20 },
109 OID_CrlReason[] = { OID_EXTENSION, 21 },
110 OID_HoldInstructionCode[] = { OID_EXTENSION, 23 },
111 OID_InvalidityDate[] = { OID_EXTENSION, 24 },
112 OID_DeltaCrlIndicator[] = { OID_EXTENSION, 27 },
113 OID_IssuingDistributionPoints[] = { OID_EXTENSION, 28 },
114 
115 /* OID_CertificateIssuer[] = { OID_EXTENSION, 29 }, */
116 OID_NameConstraints[] = { OID_EXTENSION, 30 },
117 OID_CrlDistributionPoints[] = { OID_EXTENSION, 31 },
118 OID_CertificatePolicies[] = { OID_EXTENSION, 32 },
119 OID_PolicyMappings[] = { OID_EXTENSION, 33 },
120 /* 34 deprecated */
121 OID_AuthorityKeyIdentifier[] = { OID_EXTENSION, 35 },
122 OID_PolicyConstraints[] = { OID_EXTENSION, 36 },
123 OID_ExtKeyUsage[] = { OID_EXTENSION, 37 }
124 ;
125 
126 /* PKIX-defined extended key purpose OIDs */
127 static uint8_t
128 OID_QT_CPSuri[]		 = { OID_PKIX_QT_CPS },
129 OID_QT_Unotice[]	 = { OID_PKIX_QT_UNOTICE },
130 
131 OID_KP_ServerAuth[]	 = { OID_PKIX_KP, 1 },
132 OID_KP_ClientAuth[] = { OID_PKIX_KP, 2 },
133 OID_KP_CodeSigning[] = { OID_PKIX_KP, 3 },
134 OID_KP_EmailProtection[] = { OID_PKIX_KP, 4 },
135 OID_KP_IPSecEndSystem[] = { OID_PKIX_KP, 5 },
136 OID_KP_IPSecTunnel[] = { OID_PKIX_KP, 6 },
137 OID_KP_IPSecUser[] = { OID_PKIX_KP, 7 },
138 OID_KP_TimeStamping[] = { OID_PKIX_KP, 8 },
139 OID_KP_OCSPSigning[] = { OID_PKIX_KP, 9 }
140 ;
141 
142 /* From PKIX 1 */
143 static uint8_t
144 OID_AuthorityInfoAccess[] = { OID_PKIX_PE, 1};
145 
146 const KMF_OID
147 KMFOID_AuthorityInfoAccess = {OID_PKIX_LENGTH + 2, OID_AuthorityInfoAccess};
148 
149 static uint8_t
150 OID_PkixAdOcsp[] = {OID_PKIX_AD, 1};
151 
152 const KMF_OID
153 KMFOID_PkixAdOcsp = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdOcsp};
154 
155 static uint8_t
156 OID_PkixAdCaIssuers[] = {OID_PKIX_AD, 2};
157 
158 const KMF_OID
159 KMFOID_PkixAdCaIssuers = {OID_PKIX_AD_LENGTH + 1, OID_PkixAdCaIssuers};
160 
161 /*
162  * From RFC 1274
163  */
164 static uint8_t
165 OID_userid[] =		{OID_PILOT, 1},
166 OID_RFC822mailbox[] =	{OID_PILOT, 3},
167 OID_domainComponent[] =	{OID_PILOT, 25};
168 
169 const KMF_OID
170 KMFOID_userid		= {OID_PILOT_LENGTH + 1, OID_userid},
171 KMFOID_RFC822mailbox	= {OID_PILOT_LENGTH + 1, OID_RFC822mailbox},
172 KMFOID_domainComponent	= {OID_PILOT_LENGTH + 1, OID_domainComponent},
173 KMFOID_ObjectClass = {OID_ATTR_TYPE_LENGTH+1, OID_ObjectClass},
174 KMFOID_AliasedEntryName = {OID_ATTR_TYPE_LENGTH+1, OID_AliasedEntryName},
175 KMFOID_KnowledgeInformation = {OID_ATTR_TYPE_LENGTH+1,
176 	OID_KnowledgeInformation},
177 KMFOID_CommonName = {OID_ATTR_TYPE_LENGTH+1, OID_CommonName},
178 KMFOID_Surname = {OID_ATTR_TYPE_LENGTH+1, OID_Surname},
179 KMFOID_SerialNumber = {OID_ATTR_TYPE_LENGTH+1, OID_SerialNumber},
180 KMFOID_CountryName = {OID_ATTR_TYPE_LENGTH+1, OID_CountryName},
181 KMFOID_LocalityName = {OID_ATTR_TYPE_LENGTH+1, OID_LocalityName},
182 KMFOID_StateProvinceName = {OID_ATTR_TYPE_LENGTH+1, OID_StateProvinceName},
183 KMFOID_CollectiveStateProvinceName = {OID_ATTR_TYPE_LENGTH+2,
184 	OID_CollectiveStateProvinceName},
185 KMFOID_StreetAddress = {OID_ATTR_TYPE_LENGTH+1, OID_StreetAddress},
186 KMFOID_CollectiveStreetAddress = {OID_ATTR_TYPE_LENGTH+2,
187 	OID_CollectiveStreetAddress},
188 KMFOID_OrganizationName = {OID_ATTR_TYPE_LENGTH+1, OID_OrganizationName},
189 KMFOID_CollectiveOrganizationName = {OID_ATTR_TYPE_LENGTH+2,
190 	OID_CollectiveOrganizationName},
191 KMFOID_OrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+1,
192 	OID_OrganizationalUnitName},
193 KMFOID_CollectiveOrganizationalUnitName = {OID_ATTR_TYPE_LENGTH+2,
194 	OID_CollectiveOrganizationalUnitName},
195 KMFOID_Title = {OID_ATTR_TYPE_LENGTH+1, OID_Title},
196 KMFOID_Description = {OID_ATTR_TYPE_LENGTH+1, OID_Description},
197 KMFOID_SearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_SearchGuide},
198 KMFOID_BusinessCategory = {OID_ATTR_TYPE_LENGTH+1, OID_BusinessCategory},
199 KMFOID_PostalAddress = {OID_ATTR_TYPE_LENGTH+1, OID_PostalAddress},
200 KMFOID_CollectivePostalAddress = {OID_ATTR_TYPE_LENGTH+2,
201 	OID_CollectivePostalAddress},
202 KMFOID_PostalCode = {OID_ATTR_TYPE_LENGTH+1, OID_PostalCode},
203 KMFOID_CollectivePostalCode = {OID_ATTR_TYPE_LENGTH+2,
204 	OID_CollectivePostalCode},
205 KMFOID_PostOfficeBox = {OID_ATTR_TYPE_LENGTH+1, OID_PostOfficeBox},
206 KMFOID_CollectivePostOfficeBox = {OID_ATTR_TYPE_LENGTH+2,
207 	OID_CollectivePostOfficeBox},
208 KMFOID_PhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+1,
209 	OID_PhysicalDeliveryOfficeName},
210 KMFOID_CollectivePhysicalDeliveryOfficeName = {OID_ATTR_TYPE_LENGTH+2,
211 	OID_CollectivePhysicalDeliveryOfficeName},
212 KMFOID_TelephoneNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelephoneNumber},
213 KMFOID_CollectiveTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2,
214 	OID_CollectiveTelephoneNumber},
215 KMFOID_TelexNumber = {OID_ATTR_TYPE_LENGTH+1, OID_TelexNumber},
216 KMFOID_CollectiveTelexNumber = {OID_ATTR_TYPE_LENGTH+2,
217 	OID_CollectiveTelexNumber},
218 KMFOID_TelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+1,
219 	OID_TelexTerminalIdentifier},
220 KMFOID_CollectiveTelexTerminalIdentifier = {OID_ATTR_TYPE_LENGTH+2,
221 	OID_CollectiveTelexTerminalIdentifier},
222 KMFOID_FacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+1,
223 	OID_FacsimileTelephoneNumber},
224 KMFOID_CollectiveFacsimileTelephoneNumber = {OID_ATTR_TYPE_LENGTH+2,
225 	OID_CollectiveFacsimileTelephoneNumber},
226 KMFOID_X_121Address = {OID_ATTR_TYPE_LENGTH+1, OID_X_121Address},
227 KMFOID_InternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+1,
228 	OID_InternationalISDNNumber},
229 KMFOID_CollectiveInternationalISDNNumber = {OID_ATTR_TYPE_LENGTH+2,
230 	OID_CollectiveInternationalISDNNumber},
231 KMFOID_RegisteredAddress = {OID_ATTR_TYPE_LENGTH+1, OID_RegisteredAddress},
232 KMFOID_DestinationIndicator = {OID_ATTR_TYPE_LENGTH+1,
233 	OID_DestinationIndicator},
234 KMFOID_PreferredDeliveryMethod = {OID_ATTR_TYPE_LENGTH+1,
235 	OID_PreferredDeliveryMethod},
236 KMFOID_PresentationAddress = {OID_ATTR_TYPE_LENGTH+1,
237 	OID_PresentationAddress},
238 KMFOID_SupportedApplicationContext = {OID_ATTR_TYPE_LENGTH+1,
239 	OID_SupportedApplicationContext},
240 KMFOID_Member = {OID_ATTR_TYPE_LENGTH+1, OID_Member},
241 KMFOID_Owner = {OID_ATTR_TYPE_LENGTH+1, OID_Owner},
242 KMFOID_RoleOccupant = {OID_ATTR_TYPE_LENGTH+1, OID_RoleOccupant},
243 KMFOID_SeeAlso = {OID_ATTR_TYPE_LENGTH+1, OID_SeeAlso},
244 KMFOID_UserPassword = {OID_ATTR_TYPE_LENGTH+1, OID_UserPassword},
245 KMFOID_UserCertificate = {OID_ATTR_TYPE_LENGTH+1, OID_UserCertificate},
246 KMFOID_CACertificate = {OID_ATTR_TYPE_LENGTH+1, OID_CACertificate},
247 KMFOID_AuthorityRevocationList = {OID_ATTR_TYPE_LENGTH+1,
248 	OID_AuthorityRevocationList},
249 KMFOID_CertificateRevocationList = {OID_ATTR_TYPE_LENGTH+1,
250 	OID_CertificateRevocationList},
251 KMFOID_CrossCertificatePair = {OID_ATTR_TYPE_LENGTH+1,
252 	OID_CrossCertificatePair},
253 KMFOID_Name = {OID_ATTR_TYPE_LENGTH+1, OID_Name},
254 KMFOID_GivenName = {OID_ATTR_TYPE_LENGTH+1, OID_GivenName},
255 KMFOID_Initials = {OID_ATTR_TYPE_LENGTH+1, OID_Initials},
256 KMFOID_GenerationQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_GenerationQualifier},
257 KMFOID_UniqueIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueIdentifier},
258 KMFOID_DNQualifier = {OID_ATTR_TYPE_LENGTH+1, OID_DNQualifier},
259 KMFOID_EnhancedSearchGuide = {OID_ATTR_TYPE_LENGTH+1, OID_EnhancedSearchGuide},
260 KMFOID_ProtocolInformation = {OID_ATTR_TYPE_LENGTH+1, OID_ProtocolInformation},
261 KMFOID_DistinguishedName = {OID_ATTR_TYPE_LENGTH+1, OID_DistinguishedName},
262 KMFOID_UniqueMember = {OID_ATTR_TYPE_LENGTH+1, OID_UniqueMember},
263 KMFOID_HouseIdentifier = {OID_ATTR_TYPE_LENGTH+1, OID_HouseIdentifier},
264 KMFOID_EmailAddress = {OID_PKCS_9_LENGTH+1, OID_EmailAddress},
265 KMFOID_UnstructuredName = {OID_PKCS_9_LENGTH+1, OID_UnstructuredName},
266 KMFOID_ContentType = {OID_PKCS_9_LENGTH+1, OID_ContentType},
267 KMFOID_MessageDigest = {OID_PKCS_9_LENGTH+1, OID_MessageDigest},
268 KMFOID_SigningTime = {OID_PKCS_9_LENGTH+1, OID_SigningTime},
269 KMFOID_CounterSignature = {OID_PKCS_9_LENGTH+1, OID_CounterSignature},
270 KMFOID_ChallengePassword = {OID_PKCS_9_LENGTH+1, OID_ChallengePassword},
271 KMFOID_UnstructuredAddress = {OID_PKCS_9_LENGTH+1, OID_UnstructuredAddress},
272 KMFOID_ExtendedCertificateAttributes = {OID_PKCS_9_LENGTH+1,
273 	OID_ExtendedCertificateAttributes},
274 KMFOID_ExtensionRequest = {OID_PKCS_9_LENGTH + 1, OID_ExtensionRequest};
275 
276 static uint8_t
277 OID_AuthorityKeyID[] = { OID_EXTENSION, 1 },
278 OID_VerisignCertificatePolicy[] = { OID_EXTENSION, 3 },
279 OID_KeyUsageRestriction[] = { OID_EXTENSION, 4 };
280 
281 const KMF_OID
282 KMFOID_AuthorityKeyID		 = {OID_EXTENSION_LENGTH+1, OID_AuthorityKeyID},
283 
284 KMFOID_VerisignCertificatePolicy = {OID_EXTENSION_LENGTH+1,
285 	OID_VerisignCertificatePolicy},
286 
287 KMFOID_KeyUsageRestriction	 = {OID_EXTENSION_LENGTH+1,
288 	OID_KeyUsageRestriction},
289 
290 KMFOID_SubjectDirectoryAttributes = {OID_EXTENSION_LENGTH+1,
291 	OID_SubjectDirectoryAttributes},
292 
293 KMFOID_SubjectKeyIdentifier	 = {OID_EXTENSION_LENGTH+1,
294 	OID_SubjectKeyIdentifier },
295 KMFOID_KeyUsage		 = {OID_EXTENSION_LENGTH+1, OID_KeyUsage },
296 
297 KMFOID_PrivateKeyUsagePeriod	 = {OID_EXTENSION_LENGTH+1,
298 	OID_PrivateKeyUsagePeriod},
299 KMFOID_SubjectAltName	 = {OID_EXTENSION_LENGTH+1, OID_SubjectAltName },
300 KMFOID_IssuerAltName	 = {OID_EXTENSION_LENGTH+1, OID_IssuerAltName },
301 KMFOID_BasicConstraints	 = {OID_EXTENSION_LENGTH+1, OID_BasicConstraints },
302 
303 KMFOID_CrlNumber	 = {OID_EXTENSION_LENGTH+1, OID_CrlNumber},
304 
305 KMFOID_CrlReason	 = {OID_EXTENSION_LENGTH+1, OID_CrlReason},
306 
307 KMFOID_HoldInstructionCode = {OID_EXTENSION_LENGTH+1, OID_HoldInstructionCode},
308 
309 KMFOID_InvalidityDate	 = {OID_EXTENSION_LENGTH+1, OID_InvalidityDate},
310 
311 KMFOID_DeltaCrlIndicator = {OID_EXTENSION_LENGTH+1, OID_DeltaCrlIndicator},
312 
313 KMFOID_IssuingDistributionPoints = {OID_EXTENSION_LENGTH+1,
314 	OID_IssuingDistributionPoints},
315 
316 KMFOID_NameConstraints	 = {OID_EXTENSION_LENGTH+1,
317 	OID_NameConstraints},
318 
319 KMFOID_CrlDistributionPoints = {OID_EXTENSION_LENGTH+1,
320 	OID_CrlDistributionPoints},
321 
322 KMFOID_CertificatePolicies = {OID_EXTENSION_LENGTH+1,
323 	OID_CertificatePolicies},
324 
325 KMFOID_PolicyMappings	 = {OID_EXTENSION_LENGTH+1, OID_PolicyMappings},
326 
327 KMFOID_PolicyConstraints = {OID_EXTENSION_LENGTH+1, OID_PolicyConstraints},
328 
329 KMFOID_AuthorityKeyIdentifier = {OID_EXTENSION_LENGTH+1,
330 	OID_AuthorityKeyIdentifier},
331 
332 KMFOID_ExtendedKeyUsage	 = {OID_EXTENSION_LENGTH+1, OID_ExtKeyUsage},
333 
334 KMFOID_PKIX_PQ_CPSuri	 = {OID_PKIX_QT_CPS_LENGTH, 	OID_QT_CPSuri},
335 
336 KMFOID_PKIX_PQ_Unotice	 = {OID_PKIX_QT_UNOTICE_LENGTH,	OID_QT_Unotice},
337 
338 /* Extended Key Usage OIDs */
339 KMFOID_PKIX_KP_ServerAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ServerAuth},
340 
341 KMFOID_PKIX_KP_ClientAuth = {OID_PKIX_KP_LENGTH + 1, OID_KP_ClientAuth},
342 
343 KMFOID_PKIX_KP_CodeSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_CodeSigning},
344 
345 KMFOID_PKIX_KP_EmailProtection	 = {OID_PKIX_KP_LENGTH + 1,
346 	OID_KP_EmailProtection},
347 
348 KMFOID_PKIX_KP_IPSecEndSystem = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecEndSystem},
349 
350 KMFOID_PKIX_KP_IPSecTunnel = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecTunnel},
351 
352 KMFOID_PKIX_KP_IPSecUser = {OID_PKIX_KP_LENGTH + 1, OID_KP_IPSecUser},
353 
354 KMFOID_PKIX_KP_TimeStamping = {OID_PKIX_KP_LENGTH + 1, OID_KP_TimeStamping},
355 
356 KMFOID_PKIX_KP_OCSPSigning = {OID_PKIX_KP_LENGTH + 1, OID_KP_OCSPSigning};
357 
358 static uint8_t
359 OID_OIW_SHA1[] = { OID_OIW_ALGORITHM, 26},
360 OID_OIW_DSA[] = { OID_OIW_ALGORITHM, 12  },
361 OID_OIW_DSAWithSHA1[] = { OID_OIW_ALGORITHM, 27  },
362 OID_RSAEncryption[] = { OID_PKCS_1, 1 },
363 OID_MD2WithRSA[]   = { OID_PKCS_1, 2 },
364 OID_MD5WithRSA[]   = { OID_PKCS_1, 4 },
365 OID_SHA1WithRSA[]  = { OID_PKCS_1, 5 },
366 OID_X9CM_DSA[] = { OID_X9CM_X9ALGORITHM, 1 },
367 OID_X9CM_DSAWithSHA1[] = { OID_X9CM_X9ALGORITHM, 3};
368 
369 const KMF_OID
370 KMFOID_SHA1 = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_SHA1},
371 KMFOID_RSA = {OID_PKCS_1_LENGTH+1, OID_RSAEncryption},
372 KMFOID_DSA = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_DSA},
373 KMFOID_MD5WithRSA = {OID_PKCS_1_LENGTH+1, OID_MD5WithRSA},
374 KMFOID_MD2WithRSA = {OID_PKCS_1_LENGTH+1, OID_MD2WithRSA},
375 KMFOID_SHA1WithRSA = {OID_PKCS_1_LENGTH+1, OID_SHA1WithRSA},
376 KMFOID_SHA1WithDSA = {OID_OIW_ALGORITHM_LENGTH+1, OID_OIW_DSAWithSHA1},
377 KMFOID_OIW_DSAWithSHA1  = {OID_OIW_ALGORITHM_LENGTH+1,
378 	OID_OIW_DSAWithSHA1},
379 KMFOID_X9CM_DSA = {OID_X9CM_X9ALGORITHM_LENGTH+1, OID_X9CM_DSA},
380 KMFOID_X9CM_DSAWithSHA1 = {OID_X9CM_X9ALGORITHM_LENGTH+1,
381 		OID_X9CM_DSAWithSHA1};
382 
383 /*
384  * New for PKINIT support.
385  */
386 static uint8_t
387 OID_pkinit_san[] = { OID_KRB5_SAN },
388 OID_pkinit_san_upn[] = { OID_MS_KP_SC_LOGON_UPN },
389 OID_pkinit_kp_clientauth[] = { OID_KRB5_PKINIT_KPCLIENTAUTH },
390 OID_pkinit_kp_kdc[] = { OID_KRB5_PKINIT_KPKDC },
391 OID_pkinit_kp_sc_logon[] = { OID_MS_KP_SC_LOGON };
392 
393 const KMF_OID
394 KMFOID_PKINIT_san = {OID_KRB5_SAN_LENGTH, OID_pkinit_san },
395 KMFOID_PKINIT_ClientAuth = {OID_KRB5_PKINIT_KPCLIENTAUTH_LENGTH,
396     OID_pkinit_kp_clientauth},
397 KMFOID_PKINIT_Kdc = {OID_KRB5_PKINIT_KPKDC_LENGTH,
398     OID_pkinit_kp_kdc},
399 KMFOID_MS_KP_SCLogon = {OID_MS_KP_SC_LOGON_LENGTH,
400     OID_pkinit_kp_sc_logon},
401 KMFOID_MS_KP_SCLogon_UPN = {OID_MS_KP_SC_LOGON_UPN_LENGTH,
402     OID_pkinit_san_upn};
403