]> git.saurik.com Git - apple/security.git/blame - OSX/libsecurity_asn1/lib/oidsalg.c
projects / apple / security.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / libsecurity_asn1 / lib / oidsalg.c
CommitLineData
b1ab9ed8 1/*
e0e0d90e 2 * Copyright (c) 2000-2004,2008,2010,2012-2015 Apple Inc. All Rights Reserved.
b1ab9ed8
A		 3 *
4 * @APPLE_LICENSE_HEADER_START@
e0e0d90e 5 *
b1ab9ed8
A		 6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
e0e0d90e 12 *
b1ab9ed8
A		 13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
e0e0d90e 20 *
b1ab9ed8
A		 21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24/*
25 * oidsalg.c - OIDs defining crypto algorithms
26 */
27
28#include <stdint.h>
29#include "SecAsn1Types.h"
6b200bc3 30#include <Security/oidsbase.h>
b1ab9ed8
A		 31
32static const uint8_t
33 OID_MD2[] = { OID_RSA_HASH, 2 },
34 OID_MD4[] = { OID_RSA_HASH, 4 },
35 OID_MD5[] = { OID_RSA_HASH, 5 },
36 OID_RSAEncryption[] = { OID_PKCS_1, 1 },
37 OID_MD2WithRSA[] = { OID_PKCS_1, 2 },
38 OID_MD4WithRSA[] = { OID_PKCS_1, 3 },
39 OID_MD5WithRSA[] = { OID_PKCS_1, 4 },
40 OID_SHA1WithRSA[] = { OID_PKCS_1, 5 },
41 OID_RSAWithOAEP[] = { OID_PKCS_1, 7 },
42 OID_OAEP_MGF1[] = { OID_PKCS_1, 8 },
43 OID_OAEP_ID_PSPECIFIED[]= { OID_PKCS_1, 9 },
44 OID_SHA224WithRSA[] = { OID_PKCS_1, 14 },
45 OID_SHA256WithRSA[] = { OID_PKCS_1, 11 },
46 OID_SHA384WithRSA[] = { OID_PKCS_1, 12 },
47 OID_SHA512WithRSA[] = { OID_PKCS_1, 13 },
48 OID_PKCS_3_ARC[] = { OID_PKCS_3 },
49 OID_DHKeyAgreement[] = { OID_PKCS_3, 1 },
50 /* BSAFE-specific DSA */
51 OID_OIW_DSA[] = { OID_OIW_ALGORITHM, 12 },
52 OID_OIW_DSAWithSHA1[] = { OID_OIW_ALGORITHM, 27 },
53 /* DSA from CMS */
54 OID_CMS_DSA[] = { 0x2A, 0x86, 0x48, 0xCE, 0x38, 4, 1 },
55 OID_CMS_DSAWithSHA1[] = { 0x2A, 0x86, 0x48, 0xCE, 0x38, 4, 3 },
56 /* DSA from JDK 1.1 */
57 OID_JDK_DSA[] = { 0x2B, 0x0E, 0x03, 0x02, 0x0c },
58 OID_JDK_DSAWithSHA1[] = { 0x2B, 0x0E, 0x03, 0x02, 0x0D },
59
60 OID_OIW_SHA1[] = { OID_OIW_ALGORITHM, 26 },
61 OID_OIW_RSAWithSHA1[] = { OID_OIW_ALGORITHM, 29 },
62 OID_OIW_DES_CBC[] = { OID_OIW_ALGORITHM, 7 },
63
64 OID_SHA224[] = { OID_NIST_HASHALG, 4},
65 OID_SHA256[] = { OID_NIST_HASHALG, 1},
66 OID_SHA384[] = { OID_NIST_HASHALG, 2},
67 OID_SHA512[] = { OID_NIST_HASHALG, 3},
68
69 /* ANSI X9.42 */
70 OID_ANSI_DH_PUB_NUMBER[]= { OID_ANSI_X9_42, 1 },
71 OID_ANSI_DH_STATIC[] = { OID_ANSI_X9_42_SCHEME, 1 },
72 OID_ANSI_DH_EPHEM[] = { OID_ANSI_X9_42_SCHEME, 2 },
73 OID_ANSI_DH_ONE_FLOW[] = { OID_ANSI_X9_42_SCHEME, 3 },
74 OID_ANSI_DH_HYBRID1[] = { OID_ANSI_X9_42_SCHEME, 4 },
75 OID_ANSI_DH_HYBRID2[] = { OID_ANSI_X9_42_SCHEME, 5 },
76 OID_ANSI_DH_HYBRID_ONEFLOW[] = { OID_ANSI_X9_42_SCHEME, 6 },
77 /* sic - enumerated in reverse order in the spec */
78 OID_ANSI_MQV1[] = { OID_ANSI_X9_42_SCHEME, 8 },
79 OID_ANSI_MQV2[] = { OID_ANSI_X9_42_SCHEME, 7 },
80
81 OID_ANSI_DH_STATIC_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 1 },
82 OID_ANSI_DH_EPHEM_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 2 },
83 OID_ANSI_DH_ONE_FLOW_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 3 },
84 OID_ANSI_DH_HYBRID1_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 4 },
85 OID_ANSI_DH_HYBRID2_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 5 },
86 OID_ANSI_DH_HYBRID_ONEFLOW_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 6 },
87 /* sic - enumerated in reverse order in the spec */
88 OID_ANSI_MQV1_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 8 },
89 OID_ANSI_MQV2_SHA1[] = { OID_ANSI_X9_42_NAMED_SCHEME, 7 };
90
91const SecAsn1Oid
92 CSSMOID_MD2 = {OID_RSA_HASH_LENGTH+1, (uint8_t *)OID_MD2},
93 CSSMOID_MD4 = {OID_RSA_HASH_LENGTH+1, (uint8_t *)OID_MD4},
94 CSSMOID_MD5 = {OID_RSA_HASH_LENGTH+1, (uint8_t *)OID_MD5},
95 CSSMOID_RSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_RSAEncryption},
96 CSSMOID_MD2WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_MD2WithRSA},
97 CSSMOID_MD4WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_MD4WithRSA},
98 CSSMOID_MD5WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_MD5WithRSA},
99 CSSMOID_SHA1WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_SHA1WithRSA},
100 CSSMOID_RSAWithOAEP = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_RSAWithOAEP},
101 CSSMOID_OAEP_MGF1 = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_OAEP_MGF1},
102 CSSMOID_OAEP_ID_PSPECIFIED = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_OAEP_ID_PSPECIFIED},
103 CSSMOID_SHA224WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_SHA224WithRSA},
104 CSSMOID_SHA256WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_SHA256WithRSA},
105 CSSMOID_SHA384WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_SHA384WithRSA},
106 CSSMOID_SHA512WithRSA = {OID_PKCS_1_LENGTH+1, (uint8_t *)OID_SHA512WithRSA},
107 CSSMOID_PKCS3 = {OID_PKCS_3_LENGTH, (uint8_t *)OID_PKCS_3_ARC},
108 CSSMOID_DH = {OID_PKCS_3_LENGTH+1, (uint8_t *)OID_DHKeyAgreement},
109 CSSMOID_DSA = {OID_OIW_ALGORITHM_LENGTH+1, (uint8_t *)OID_OIW_DSA},
110 CSSMOID_DSA_CMS = { 7, (uint8_t *)OID_CMS_DSA},
111 CSSMOID_DSA_JDK = { 5, (uint8_t *)OID_JDK_DSA},
112 CSSMOID_SHA1WithDSA = {OID_OIW_ALGORITHM_LENGTH+1, (uint8_t *)OID_OIW_DSAWithSHA1},
113 CSSMOID_SHA1WithDSA_CMS = { 7, (uint8_t *)OID_CMS_DSAWithSHA1},
114 CSSMOID_SHA1WithDSA_JDK = { 5, (uint8_t *)OID_JDK_DSAWithSHA1},
115 CSSMOID_SHA1 = {OID_OIW_ALGORITHM_LENGTH+1, (uint8_t *)OID_OIW_SHA1},
116 CSSMOID_SHA224 = {OID_NIST_HASHALG_LENGTH+1, (uint8_t *)OID_SHA224},
117 CSSMOID_SHA256 = {OID_NIST_HASHALG_LENGTH+1, (uint8_t *)OID_SHA256},
118 CSSMOID_SHA384 = {OID_NIST_HASHALG_LENGTH+1, (uint8_t *)OID_SHA384},
119 CSSMOID_SHA512 = {OID_NIST_HASHALG_LENGTH+1, (uint8_t *)OID_SHA512},
120 CSSMOID_SHA1WithRSA_OIW = {OID_OIW_ALGORITHM_LENGTH+1, (uint8_t *)OID_OIW_RSAWithSHA1},
121 CSSMOID_DES_CBC = {OID_OIW_ALGORITHM_LENGTH+1, (uint8_t *)OID_OIW_DES_CBC},
122 CSSMOID_ANSI_DH_PUB_NUMBER = {OID_ANSI_X9_42_LEN + 1, (uint8_t *)OID_ANSI_DH_PUB_NUMBER},
123 CSSMOID_ANSI_DH_STATIC = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_DH_STATIC},
124 CSSMOID_ANSI_DH_ONE_FLOW = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_DH_ONE_FLOW},
125 CSSMOID_ANSI_DH_EPHEM = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_DH_EPHEM},
126 CSSMOID_ANSI_DH_HYBRID1 = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_DH_HYBRID1},
127 CSSMOID_ANSI_DH_HYBRID2 = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_DH_HYBRID2},
128 CSSMOID_ANSI_DH_HYBRID_ONEFLOW = {OID_ANSI_X9_42_SCHEME_LEN + 1,
129 (uint8_t *)OID_ANSI_DH_HYBRID_ONEFLOW},
130 CSSMOID_ANSI_MQV1 = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_MQV1},
131 CSSMOID_ANSI_MQV2 = {OID_ANSI_X9_42_SCHEME_LEN + 1, (uint8_t *)OID_ANSI_MQV2},
132 CSSMOID_ANSI_DH_STATIC_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
133 (uint8_t *)OID_ANSI_DH_STATIC_SHA1},
134 CSSMOID_ANSI_DH_ONE_FLOW_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
135 (uint8_t *)OID_ANSI_DH_ONE_FLOW_SHA1},
136 CSSMOID_ANSI_DH_EPHEM_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
137 (uint8_t *)OID_ANSI_DH_EPHEM_SHA1},
138 CSSMOID_ANSI_DH_HYBRID1_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
139 (uint8_t *)OID_ANSI_DH_HYBRID1_SHA1},
140 CSSMOID_ANSI_DH_HYBRID2_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
141 (uint8_t *)OID_ANSI_DH_HYBRID2_SHA1},
142 CSSMOID_ANSI_DH_HYBRID_ONEFLOW_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
143 (uint8_t *)OID_ANSI_DH_HYBRID_ONEFLOW_SHA1},
144 CSSMOID_ANSI_MQV1_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
145 (uint8_t *)OID_ANSI_MQV1_SHA1},
146 CSSMOID_ANSI_MQV2_SHA1 = {OID_ANSI_X9_42_NAMED_SCHEME_LEN + 1,
147 (uint8_t *)OID_ANSI_MQV2_SHA1};
148
149
150/* iSignTP OBJECT IDENTIFIER ::=
151 * { appleTrustPolicy 1 }
152 * { 1 2 840 113635 100 1 1 }
153 *
154 * BER = 06 09 2A 86 48 86 F7 63 64 01 01
155 */
156static const uint8_t
157APPLE_TP_ISIGN[] = {APPLE_TP_OID, 1},
158
159/* AppleX509Basic OBJECT IDENTIFIER ::=
160 * { appleTrustPolicy 2 }
161 * { 1 2 840 113635 100 1 2 }
162 *
163 * BER = 06 09 2A 86 48 86 F7 63 64 01 01
164 */
165APPLE_TP_X509_BASIC[] = {APPLE_TP_OID, 2},
166
167/* AppleSSLPolicy := {appleTrustPolicy 3 } */
168APPLE_TP_SSL[] = {APPLE_TP_OID, 3},
169
170/* AppleLocalCertGenPolicy := {appleTrustPolicy 4 } */
171APPLE_TP_LOCAL_CERT_GEN[] = {APPLE_TP_OID, 4},
172
173/* AppleCSRGenPolicy := {appleTrustPolicy 5 } */
174APPLE_TP_CSR_GEN[] = {APPLE_TP_OID, 5},
175
176/* Apple CRL-based revocation policy := {appleTrustPolicy 6 } */
177APPLE_TP_REVOCATION_CRL[] = {APPLE_TP_OID, 6},
178
179/* Apple OCSP-based revocation policy := {appleTrustPolicy 7 } */
180APPLE_TP_REVOCATION_OCSP[] = {APPLE_TP_OID, 7},
181
182/* Apple S/MIME trust policy := {appleTrustPolicy 8 } */
183APPLE_TP_SMIME[] = {APPLE_TP_OID, 8},
184
185/* Apple EAP trust policy := {appleTrustPolicy 9 } */
186APPLE_TP_EAP[] = {APPLE_TP_OID, 9},
187
188/*
189 * NOTE: "Apple Code Signing Policy", CSSMOID_APPLE_TP_CODE_SIGN, was renamed
190 * to "Apple Software Update Signing Policy", CSSMOID_APPLE_TP_SW_UPDATE_SIGNING,
191 * on 8/16/06. For compatibility, we keep the TP_CODE_SIGN OID here until
192 * SoftwareUpdate converts to the new symbol.
193 *
194 * Apple Code Signing Policy := { appleTrustPolicy 10 }
195 * Apple Software Update Signing Policy := { appleTrustPolicy 10 }
196 */
197APPLE_SW_UPDATE_SIGNING[] = {APPLE_TP_OID, 10},
198#define APPLE_TP_CODE_SIGN APPLE_SW_UPDATE_SIGNING
199
200/* Apple IPSec Policy := { appleTrustPolicy 11 } */
201APPLE_TP_IP_SEC[] = {APPLE_TP_OID, 11},
202
203/* Apple iChat Policy := { appleTrustPolicy 12 } */
204APPLE_TP_ICHAT[] = {APPLE_TP_OID, 12},
205
206/* Apple Resource Signing Policy := { appleTrustPolicy 13 } */
207APPLE_TP_RESOURCE_SIGN[] = {APPLE_TP_OID, 13},
208
209/* Apple PKINIT Client Cert Policy := { appleTrustPolicy 14 } */
210APPLE_TP_PKINIT_CLIENT[] = {APPLE_TP_OID, 14},
211
212/* Apple PKINIT Server Cert Policy := { appleTrustPolicy 15 } */
213APPLE_TP_PKINIT_SERVER[] = {APPLE_TP_OID, 15},
214
215/* Apple Code Signing Cert Policy := { appleTrustPolicy 16 } */
216APPLE_TP_CODE_SIGNING[] = {APPLE_TP_OID, 16},
217
218/* Apple Package Signing Cert Policy := { appleTrustPolicy 17 } */
219APPLE_TP_PACKAGE_SIGNING[] = {APPLE_TP_OID, 17},
220
221/* AppleID Sharing Cert Policy := { appleTrustPolicy 18 } */
222APPLE_TP_APPLEID_SHARING[] = {APPLE_TP_OID, 18},
223/* appleIDValidationPolicy */
224
225/* Apple MacAppStore receipt verification policy := { appleTrustPolicy 19 } */
226APPLE_TP_MACAPPSTORE_RECEIPT[] = {APPLE_TP_OID, 19},
227
228/* Apple Time Stamping Server Cert Policy := { appleTrustPolicy 20 } */
229APPLE_TP_TIMESTAMPING[] = {APPLE_TP_OID, 20},
230
427c49bc
A		 231/* Apple Revocation Policy := { appleTrustPolicy 21 } */
232APPLE_TP_REVOCATION[] = {APPLE_TP_OID, 21},
233
234/* Apple Passbook Signing Policy := { appleTrustPolicy 22 } */
235APPLE_TP_PASSBOOK_SIGNING[] = {APPLE_TP_OID, 22},
236
237/* Apple Mobile Store Policy := { appleTrustPolicy 23 } */
238APPLE_TP_MOBILE_STORE[] = {APPLE_TP_OID, 23},
239
240/* Apple Escrow Service Policy := { appleTrustPolicy 24 } */
241APPLE_TP_ESCROW_SERVICE[] = {APPLE_TP_OID, 24},
242
243/* Apple Configuration Profile Signing Policy := { appleTrustPolicy 25 } */
244APPLE_TP_PROFILE_SIGNING[] = {APPLE_TP_OID, 25},
245
246/* Apple QA Configuration Profile Signing Policy := { appleTrustPolicy 26 } */
247APPLE_TP_QA_PROFILE_SIGNING[] = {APPLE_TP_OID, 26},
248
249/* Apple Test Mobile Store Policy := { appleTrustPolicy 27 } */
250APPLE_TP_TEST_MOBILE_STORE[] = {APPLE_TP_OID, 27},
251
d8f41ccd
A		 252/* Apple PCS Escrow Service Policy := { appleTrustPolicy 34 } */
253APPLE_TP_PCS_ESCROW_SERVICE[] = {APPLE_TP_OID, 34},
254
e0e0d90e
A		 255/* Apple OS X Provisioning Profile Signing := { appleTrustPolicy, 40 } */
256APPLE_TP_PROVISIONING_PROFILE_SIGNING[] = {APPLE_TP_OID, 40},
257
b1ab9ed8
A		 258/*
259 * fee OBJECT IDENTIFIER ::=
260 * { appleSecurityAlgorithm 1 }
261 * { 1 2 840 113635 100 2 1 }
262 *
263 * BER = 06 09 2A 86 48 86 F7 63 64 02 01
264 */
265APPLE_FEE[] = {APPLE_ALG_OID, 1},
266
267/*
268 * asc OBJECT IDENTIFIER ::=
269 * { appleSecurityAlgorithm 2 }
270 * { 1 2 840 113635 100 2 2 }
271 *
272 * BER = 06 09 2A 86 48 86 F7 63 64 02 02
273 */
274APPLE_ASC[] = {APPLE_ALG_OID, 2},
275
276/*
277 * fee_MD5 OBJECT IDENTIFIER ::=
278 * { appleSecurityAlgorithm 3 }
279 * { 1 2 840 113635 100 2 3 }
280 *
281 * BER = 06 09 2A 86 48 86 F7 63 64 02 03
282 */
283APPLE_FEE_MD5[] = {APPLE_ALG_OID, 3},
284
285/*
286 * fee_SHA1 OBJECT IDENTIFIER ::=
287 * { appleSecurityAlgorithm 4 }
288 * { 1 2 840 113635 100 2 4 }
289 *
290 * BER = 06 09 2A 86 48 86 F7 63 64 02 04
291 */
292APPLE_FEE_SHA1[] = {APPLE_ALG_OID, 4},
293
294/*
295 * feed OBJECT IDENTIFIER ::=
296 * { appleSecurityAlgorithm 5 }
297 * { 1 2 840 113635 100 2 5 }
298 *
299 * BER = 06 09 2A 86 48 86 F7 63 64 02 05
300 */
301APPLE_FEED[] = {APPLE_ALG_OID, 5},
302
303/*
304 * feedExp OBJECT IDENTIFIER ::=
305 * { appleSecurityAlgorithm 6 }
306 * { 1 2 840 113635 100 2 6 }
307 *
308 * BER = 06 09 2A 86 48 86 F7 63 64 02 06
309 */
310APPLE_FEEDEXP[] = {APPLE_ALG_OID, 6},
311
312/*
313 * AppleECDSA OBJECT IDENTIFIER ::=
314 * { appleSecurityAlgorithm 7 }
315 * { 1 2 840 113635 100 2 7 }
316 *
317 * BER = 06 09 2A 86 48 86 F7 63 64 02 07
318 */
319APPLE_ECDSA[] = {APPLE_ALG_OID, 7},
320
321/* .mac cert OIDs */
322OID_DOTMAC_CERT[] = { APPLE_DOTMAC_CERT_OID },
323OID_DOTMAC_CERT_REQ[] = { APPLE_DOTMAC_CERT_REQ_OID },
324OID_DOTMAC_CERT_REQ_IDENTITY[] = { APPLE_DOTMAC_CERT_REQ_OID, 1 }, /* deprecated */
325OID_DOTMAC_CERT_REQ_EMAIL_SIGN[] = { APPLE_DOTMAC_CERT_REQ_OID, 2 }, /* deprecated */
326OID_DOTMAC_CERT_REQ_EMAIL_ENCRYPT[] = { APPLE_DOTMAC_CERT_REQ_OID, 3 }, /* deprecated */
327OID_DOTMAC_CERT_REQ_ARCHIVE_LIST[] = { APPLE_DOTMAC_CERT_REQ_OID, 4 },
328OID_DOTMAC_CERT_REQ_ARCHIVE_STORE[] = { APPLE_DOTMAC_CERT_REQ_OID, 5 },
329OID_DOTMAC_CERT_REQ_ARCHIVE_FETCH[] = { APPLE_DOTMAC_CERT_REQ_OID, 6 },
330OID_DOTMAC_CERT_REQ_ARCHIVE_REMOVE[] = { APPLE_DOTMAC_CERT_REQ_OID, 7 },
331OID_DOTMAC_CERT_REQ_SHARED_SERVICES[] = { APPLE_DOTMAC_CERT_REQ_OID, 8 }, /* treadstone - Shared Services */
332
333/* OIDs for specifying OID/values pairs in a cert request */
334OID_DOTMAC_CERT_REQ_VALUE_USERNAME[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 1 },
335OID_DOTMAC_CERT_REQ_VALUE_PASSWORD[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 2 },
336OID_DOTMAC_CERT_REQ_VALUE_HOSTNAME[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 3 },
337OID_DOTMAC_CERT_REQ_VALUE_RENEW[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 4 },
338OID_DOTMAC_CERT_REQ_VALUE_ASYNC[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 5 },
339OID_DOTMAC_CERT_REQ_VALUE_IS_PENDING[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 6 },
d8f41ccd
A		 340__unused OID_DOTMAC_CERT_REQ_VALUE_TYPE_ICHAT[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 7 },
341__unused OID_DOTMAC_CERT_REQ_VALUE_TYPE_SHARED_SERVICE[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 8 },
342__unused OID_DOTMAC_CERT_REQ_VALUE_TYPE_EMAIL_ENCRYPT[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 9 },
343__unused OID_DOTMAC_CERT_REQ_VALUE_TYPE_EMAIL_SIGN[] = { APPLE_DOTMAC_CERT_REQ_VALUE_OID, 10 }
b1ab9ed8
A		 344;
345
346const SecAsn1Oid
347
348CSSMOID_APPLE_ISIGN = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_ISIGN},
349CSSMOID_APPLE_X509_BASIC = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_X509_BASIC},
350CSSMOID_APPLE_TP_SSL = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_SSL},
351CSSMOID_APPLE_TP_LOCAL_CERT_GEN =
352 {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_LOCAL_CERT_GEN},
353CSSMOID_APPLE_TP_CSR_GEN = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_CSR_GEN},
354CSSMOID_APPLE_TP_REVOCATION_CRL =
355 {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_REVOCATION_CRL},
356CSSMOID_APPLE_TP_REVOCATION_OCSP =
357 {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_REVOCATION_OCSP},
358CSSMOID_APPLE_TP_SMIME = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_SMIME},
359CSSMOID_APPLE_TP_EAP = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_EAP},
360/* CSSMOID_APPLE_TP_CODE_SIGN here for temporary compatibility */
361CSSMOID_APPLE_TP_CODE_SIGN = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_CODE_SIGN},
362CSSMOID_APPLE_TP_SW_UPDATE_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_SW_UPDATE_SIGNING},
363CSSMOID_APPLE_TP_IP_SEC = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_IP_SEC},
364CSSMOID_APPLE_TP_ICHAT = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_ICHAT},
365CSSMOID_APPLE_TP_RESOURCE_SIGN = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_RESOURCE_SIGN},
366CSSMOID_APPLE_TP_PKINIT_CLIENT = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PKINIT_CLIENT},
367CSSMOID_APPLE_TP_PKINIT_SERVER = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PKINIT_SERVER},
368CSSMOID_APPLE_TP_CODE_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_CODE_SIGNING},
369CSSMOID_APPLE_TP_PACKAGE_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PACKAGE_SIGNING},
370CSSMOID_APPLE_TP_MACAPPSTORE_RECEIPT = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_MACAPPSTORE_RECEIPT},
371CSSMOID_APPLE_TP_APPLEID_SHARING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_APPLEID_SHARING},
372CSSMOID_APPLE_TP_TIMESTAMPING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_TIMESTAMPING},
427c49bc
A		 373CSSMOID_APPLE_TP_REVOCATION = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_REVOCATION},
374CSSMOID_APPLE_TP_PASSBOOK_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PASSBOOK_SIGNING},
375CSSMOID_APPLE_TP_MOBILE_STORE = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_MOBILE_STORE},
376CSSMOID_APPLE_TP_ESCROW_SERVICE = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_ESCROW_SERVICE},
377CSSMOID_APPLE_TP_PROFILE_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PROFILE_SIGNING},
378CSSMOID_APPLE_TP_QA_PROFILE_SIGNING = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_QA_PROFILE_SIGNING},
379CSSMOID_APPLE_TP_TEST_MOBILE_STORE = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_TEST_MOBILE_STORE},
d8f41ccd 380CSSMOID_APPLE_TP_PCS_ESCROW_SERVICE = {APPLE_TP_OID_LENGTH+1, (uint8_t *)APPLE_TP_PCS_ESCROW_SERVICE},
e0e0d90e
A		 381CSSMOID_APPLE_TP_PROVISIONING_PROFILE_SIGNING = {APPLE_TP_OID_LENGTH+1,
382 (uint8_t *)APPLE_TP_PROVISIONING_PROFILE_SIGNING},
b1ab9ed8
A		 383CSSMOID_APPLE_FEE = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_FEE},
384CSSMOID_APPLE_ASC = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_ASC},
385CSSMOID_APPLE_FEE_MD5 = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_FEE_MD5},
386CSSMOID_APPLE_FEE_SHA1 = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_FEE_SHA1},
387CSSMOID_APPLE_FEED = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_FEED},
388CSSMOID_APPLE_FEEDEXP = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_FEEDEXP},
389CSSMOID_APPLE_ECDSA = {APPLE_ALG_OID_LENGTH+1, (uint8_t *)APPLE_ECDSA},
390/* .mac cert OIDs */
391CSSMOID_DOTMAC_CERT = { APPLE_DOTMAC_CERT_OID_LENGTH,
392 (uint8_t *)OID_DOTMAC_CERT },
393CSSMOID_DOTMAC_CERT_REQ = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH,
394 (uint8_t *)OID_DOTMAC_CERT_REQ },
395/* This actually used to be for requesting an encrypted iChat cert; deprecated in Leopard */
396CSSMOID_DOTMAC_CERT_REQ_IDENTITY = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
397 (uint8_t *)OID_DOTMAC_CERT_REQ_IDENTITY},
398CSSMOID_DOTMAC_CERT_REQ_EMAIL_SIGN = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
399 (uint8_t *)OID_DOTMAC_CERT_REQ_EMAIL_SIGN},
400CSSMOID_DOTMAC_CERT_REQ_EMAIL_ENCRYPT = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
401 (uint8_t *)OID_DOTMAC_CERT_REQ_EMAIL_ENCRYPT},
402CSSMOID_DOTMAC_CERT_REQ_ARCHIVE_LIST = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
403 (uint8_t *)OID_DOTMAC_CERT_REQ_ARCHIVE_LIST},
404CSSMOID_DOTMAC_CERT_REQ_ARCHIVE_STORE = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
405 (uint8_t *)OID_DOTMAC_CERT_REQ_ARCHIVE_STORE},
406CSSMOID_DOTMAC_CERT_REQ_ARCHIVE_FETCH = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
407 (uint8_t *)OID_DOTMAC_CERT_REQ_ARCHIVE_FETCH},
408CSSMOID_DOTMAC_CERT_REQ_ARCHIVE_REMOVE = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
409 (uint8_t *)OID_DOTMAC_CERT_REQ_ARCHIVE_REMOVE},
410CSSMOID_DOTMAC_CERT_REQ_SHARED_SERVICES = { APPLE_DOTMAC_CERT_REQ_OID_LENGTH + 1,
411 (uint8_t *)OID_DOTMAC_CERT_REQ_SHARED_SERVICES},
412CSSMOID_DOTMAC_CERT_REQ_VALUE_USERNAME = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
413 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_USERNAME},
414CSSMOID_DOTMAC_CERT_REQ_VALUE_PASSWORD = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
415 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_PASSWORD},
416CSSMOID_DOTMAC_CERT_REQ_VALUE_HOSTNAME = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
417 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_HOSTNAME},
418CSSMOID_DOTMAC_CERT_REQ_VALUE_RENEW = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
419 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_RENEW},
420CSSMOID_DOTMAC_CERT_REQ_VALUE_ASYNC = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
421 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_ASYNC},
422CSSMOID_DOTMAC_CERT_REQ_VALUE_IS_PENDING = { APPLE_DOTMAC_CERT_REQ_VALUE_OID_LENGTH + 1,
423 (uint8_t *)OID_DOTMAC_CERT_REQ_VALUE_IS_PENDING}
424;
425
426/* PKCS5 algorithms */
427
428static const uint8_t
429 OID_PKCS5_DIGEST_ALG[] = { OID_RSA_HASH },
430 OID_PKCS5_ENCRYPT_ALG[] = { OID_RSA_ENCRYPT },
431 OID_PKCS5_HMAC_SHA1[] = { OID_RSA_HASH, 7 },
432 OID_PKCS5_pbeWithMD2AndDES[] = { OID_PKCS_5, 1 },
433 OID_PKCS5_pbeWithMD5AndDES[] = { OID_PKCS_5, 3 },
434 OID_PKCS5_pbeWithMD2AndRC2[] = { OID_PKCS_5, 4 },
435 OID_PKCS5_pbeWithMD5AndRC2[] = { OID_PKCS_5, 6 },
436 OID_PKCS5_pbeWithSHA1AndDES[] = { OID_PKCS_5, 10 },
437 OID_PKCS5_pbeWithSHA1AndRC2[] = { OID_PKCS_5, 11 },
438 OID_PKCS5_PBKDF2[] = { OID_PKCS_5, 12 },
439 OID_PKCS5_PBES2[] = { OID_PKCS_5, 13 },
440 OID_PKCS5_PBMAC1[] = { OID_PKCS_5, 14 },
441 OID_PKCS5_RC2_CBC[] = { OID_RSA_ENCRYPT, 2 },
442 OID_PKCS5_DES_EDE3_CBC[] = { OID_RSA_ENCRYPT, 7 },
443 OID_PKCS5_RC5_CBC[] = { OID_RSA_ENCRYPT, 9 };
444
445const SecAsn1Oid
446 CSSMOID_PKCS5_DIGEST_ALG = { OID_RSA_HASH_LENGTH, (uint8_t *)OID_PKCS5_DIGEST_ALG },
447 CSSMOID_PKCS5_ENCRYPT_ALG = { OID_RSA_ENCRYPT_LENGTH, (uint8_t *)OID_PKCS5_ENCRYPT_ALG },
448 CSSMOID_PKCS5_HMAC_SHA1 = { OID_RSA_HASH_LENGTH+1, (uint8_t *)OID_PKCS5_HMAC_SHA1 },
449 CSSMOID_PKCS5_pbeWithMD2AndDES = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithMD2AndDES },
450 CSSMOID_PKCS5_pbeWithMD5AndDES = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithMD5AndDES },
451 CSSMOID_PKCS5_pbeWithMD2AndRC2 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithMD2AndRC2 },
452 CSSMOID_PKCS5_pbeWithMD5AndRC2 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithMD5AndRC2 },
453 CSSMOID_PKCS5_pbeWithSHA1AndDES = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithSHA1AndDES },
454 CSSMOID_PKCS5_pbeWithSHA1AndRC2 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_pbeWithSHA1AndRC2 },
455 CSSMOID_PKCS5_PBKDF2 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_PBKDF2 },
456 CSSMOID_PKCS5_PBES2 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_PBES2 },
457 CSSMOID_PKCS5_PBMAC1 = { OID_PKCS_5_LENGTH+1, (uint8_t *)OID_PKCS5_PBMAC1 },
458 CSSMOID_PKCS5_RC2_CBC = { OID_RSA_ENCRYPT_LENGTH+1, (uint8_t *)OID_PKCS5_RC2_CBC },
459 CSSMOID_PKCS5_DES_EDE3_CBC = { OID_RSA_ENCRYPT_LENGTH+1, (uint8_t *)OID_PKCS5_DES_EDE3_CBC },
460 CSSMOID_PKCS5_RC5_CBC = { OID_RSA_ENCRYPT_LENGTH+1, (uint8_t *)OID_PKCS5_RC5_CBC };
461
462/* PKCS12 algorithms */
463#define OID_PKCS12_PbeIds OID_PKCS_12,1
464#define OID_PKCS12_PbeIds_Length OID_PKCS_12_LENGTH+1
465
466static const uint8_t
467 OID_PKCS12_pbeWithSHAAnd128BitRC4[] = { OID_PKCS12_PbeIds, 1 },
468 OID_PKCS12_pbeWithSHAAnd40BitRC4[] = { OID_PKCS12_PbeIds, 2 },
469 OID_PKCS12_pbeWithSHAAnd3Key3DESCBC[] = { OID_PKCS12_PbeIds, 3 },
470 OID_PKCS12_pbeWithSHAAnd2Key3DESCBC[] = { OID_PKCS12_PbeIds, 4 },
471 OID_PKCS12_pbeWithSHAAnd128BitRC2CBC[] ={ OID_PKCS12_PbeIds, 5 },
472 OID_PKCS12_pbewithSHAAnd40BitRC2CBC[] = { OID_PKCS12_PbeIds, 6 };
473
474
475const SecAsn1Oid
476CSSMOID_PKCS12_pbeWithSHAAnd128BitRC4 = {OID_PKCS12_PbeIds_Length + 1,
477 (uint8_t *)OID_PKCS12_pbeWithSHAAnd128BitRC4 },
478CSSMOID_PKCS12_pbeWithSHAAnd40BitRC4 = {OID_PKCS12_PbeIds_Length + 1,
479 (uint8_t *)OID_PKCS12_pbeWithSHAAnd40BitRC4 },
480CSSMOID_PKCS12_pbeWithSHAAnd3Key3DESCBC = {OID_PKCS12_PbeIds_Length + 1,
481 (uint8_t *)OID_PKCS12_pbeWithSHAAnd3Key3DESCBC },
482CSSMOID_PKCS12_pbeWithSHAAnd2Key3DESCBC = {OID_PKCS12_PbeIds_Length + 1,
483 (uint8_t *)OID_PKCS12_pbeWithSHAAnd2Key3DESCBC },
484CSSMOID_PKCS12_pbeWithSHAAnd128BitRC2CBC = {OID_PKCS12_PbeIds_Length + 1,
485 (uint8_t *)OID_PKCS12_pbeWithSHAAnd128BitRC2CBC },
486CSSMOID_PKCS12_pbewithSHAAnd40BitRC2CBC = {OID_PKCS12_PbeIds_Length + 1,
487 (uint8_t *)OID_PKCS12_pbewithSHAAnd40BitRC2CBC };
488
489/* ANSI X9.62 and Certicom elliptic curve algorithms */
490static const uint8_t
491 OID_ecPublicKey[] = { OID_ANSI_X9_62_PUBKEY_TYPE, 1 },
492 OID_ECDSA_WithSHA1[] = { OID_ANSI_X9_62_SIG_TYPE, 1 },
493 OID_ECDSA_WithSHA224[] = { OID_ANSI_X9_62_SIG_TYPE, 3, 1 },
494 OID_ECDSA_WithSHA256[] = { OID_ANSI_X9_62_SIG_TYPE, 3, 2 },
495 OID_ECDSA_WithSHA384[] = { OID_ANSI_X9_62_SIG_TYPE, 3, 3 },
496 OID_ECDSA_WithSHA512[] = { OID_ANSI_X9_62_SIG_TYPE, 3, 4 },
497 OID_ECDSA_WithSpecified[] = { OID_ANSI_X9_62_SIG_TYPE, 3 };
498
499const SecAsn1Oid
500CSSMOID_ecPublicKey = {OID_ANSI_X9_62_LEN+2, (uint8_t *)OID_ecPublicKey},
501CSSMOID_ECDSA_WithSHA1 = {OID_ANSI_X9_62_SIG_TYPE_LEN+1, (uint8_t *)OID_ECDSA_WithSHA1 },
502CSSMOID_ECDSA_WithSHA224 = {OID_ANSI_X9_62_SIG_TYPE_LEN+2, (uint8_t *)OID_ECDSA_WithSHA224 },
503CSSMOID_ECDSA_WithSHA256 = {OID_ANSI_X9_62_SIG_TYPE_LEN+2, (uint8_t *)OID_ECDSA_WithSHA256 },
504CSSMOID_ECDSA_WithSHA384 = {OID_ANSI_X9_62_SIG_TYPE_LEN+2, (uint8_t *)OID_ECDSA_WithSHA384 },
505CSSMOID_ECDSA_WithSHA512 = {OID_ANSI_X9_62_SIG_TYPE_LEN+2, (uint8_t *)OID_ECDSA_WithSHA512 },
506CSSMOID_ECDSA_WithSpecified = {OID_ANSI_X9_62_SIG_TYPE_LEN+1, (uint8_t *)OID_ECDSA_WithSpecified };
mirror of Security