]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_keychain/libDER/libDER/oids.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.51.3.tar.gz
[apple/security.git] / OSX / libsecurity_keychain / libDER / libDER / oids.c
1 /*
2 * Copyright (c) 2005-2009,2011-2016 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 /*
26 * oids.c - OID consts
27 *
28 */
29
30 #include <libDER/libDER.h>
31 #include <libDER/oidsPriv.h>
32
33 #define OID_ISO_CCITT_DIR_SERVICE 85
34 #define OID_DS OID_ISO_CCITT_DIR_SERVICE
35 #define OID_ATTR_TYPE OID_DS, 4
36 #define OID_EXTENSION OID_DS, 29
37 #define OID_ISO_STANDARD 40
38 #define OID_ISO_MEMBER 42
39 #define OID_US OID_ISO_MEMBER, 134, 72
40
41 #define OID_ISO_IDENTIFIED_ORG 43
42 #define OID_OSINET OID_ISO_IDENTIFIED_ORG, 4
43 #define OID_GOSIP OID_ISO_IDENTIFIED_ORG, 5
44 #define OID_DOD OID_ISO_IDENTIFIED_ORG, 6
45 #define OID_OIW OID_ISO_IDENTIFIED_ORG, 14
46
47 /* From the PKCS Standards */
48 #define OID_RSA OID_US, 134, 247, 13
49 #define OID_RSA_HASH OID_RSA, 2
50 #define OID_RSA_ENCRYPT OID_RSA, 3
51 #define OID_PKCS OID_RSA, 1
52 #define OID_PKCS_1 OID_PKCS, 1
53 #define OID_PKCS_2 OID_PKCS, 2
54 #define OID_PKCS_3 OID_PKCS, 3
55 #define OID_PKCS_4 OID_PKCS, 4
56 #define OID_PKCS_5 OID_PKCS, 5
57 #define OID_PKCS_6 OID_PKCS, 6
58 #define OID_PKCS_7 OID_PKCS, 7
59 #define OID_PKCS_8 OID_PKCS, 8
60 #define OID_PKCS_9 OID_PKCS, 9
61 #define OID_PKCS_10 OID_PKCS, 10
62 #define OID_PKCS_11 OID_PKCS, 11
63 #define OID_PKCS_12 OID_PKCS, 12
64
65 /* ANSI X9.62 */
66 #define OID_ANSI_X9_62 OID_US, 206, 61
67 #define OID_PUBLIC_KEY_TYPE OID_ANSI_X9_62, 2
68 #define OID_EC_CURVE OID_ANSI_X9_62, 3, 1
69 #define OID_EC_SIG_TYPE OID_ANSI_X9_62, 4
70 #define OID_ECDSA_WITH_SHA2 OID_EC_SIG_TYPE, 3
71
72 /* Certicom */
73 #define OID_CERTICOM OID_ISO_IDENTIFIED_ORG, 132
74 #define OID_CERTICOM_EC_CURVE OID_CERTICOM, 0
75
76 /* ANSI X9.42 */
77 #define OID_ANSI_X9_42 OID_US, 206, 62, 2
78 #define OID_ANSI_X9_42_SCHEME OID_ANSI_X9_42, 3
79 #define OID_ANSI_X9_42_NAMED_SCHEME OID_ANSI_X9_42, 4
80
81 /* ANSI X9.57 */
82 #define OID_ANSI_X9_57 OID_US, 206, 56
83 #define OID_ANSI_X9_57_ALGORITHM OID_ANSI_X9_57, 4
84
85 /* DOD IANA Security related objects. */
86 #define OID_IANA OID_DOD, 1, 5
87
88 /* Kerberos PKINIT */
89 #define OID_KERBv5 OID_IANA, 2
90 #define OID_KERBv5_PKINIT OID_KERBv5, 3
91
92 /* DOD IANA Mechanisms. */
93 #define OID_MECHANISMS OID_IANA, 5
94
95 /* PKIX */
96 #define OID_PKIX OID_MECHANISMS, 7
97 #define OID_PE OID_PKIX, 1
98 #define OID_QT OID_PKIX, 2
99 #define OID_KP OID_PKIX, 3
100 #define OID_OTHER_NAME OID_PKIX, 8
101 #define OID_PDA OID_PKIX, 9
102 #define OID_QCS OID_PKIX, 11
103 #define OID_AD OID_PKIX, 48
104 #define OID_AD_OCSP OID_AD, 1
105 #define OID_AD_CAISSUERS OID_AD, 2
106
107 /* ISAKMP */
108 #define OID_ISAKMP OID_MECHANISMS, 8
109
110 /* ETSI */
111 #define OID_ETSI 0x04, 0x00
112 #define OID_ETSI_QCS 0x04, 0x00, 0x8E, 0x46, 0x01
113
114 #define OID_OIW_SECSIG OID_OIW, 3
115
116 #define OID_OIW_ALGORITHM OID_OIW_SECSIG, 2
117
118 /* NIST defined digest algorithm arc (2, 16, 840, 1, 101, 3, 4, 2) */
119 #define OID_NIST_HASHALG 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02
120
121 /*
122 * Apple-specific OID bases
123 */
124
125 /*
126 * apple OBJECT IDENTIFIER ::=
127 * { iso(1) member-body(2) US(840) 113635 }
128 *
129 * BER = 06 06 2A 86 48 86 F7 63
130 */
131 #define APPLE_OID OID_US, 0x86, 0xf7, 0x63
132
133 /* appleDataSecurity OBJECT IDENTIFIER ::=
134 * { apple 100 }
135 * { 1 2 840 113635 100 }
136 *
137 * BER = 06 07 2A 86 48 86 F7 63 64
138 */
139 #define APPLE_ADS_OID APPLE_OID, 0x64
140
141 /*
142 * appleTrustPolicy OBJECT IDENTIFIER ::=
143 * { appleDataSecurity 1 }
144 * { 1 2 840 113635 100 1 }
145 *
146 * BER = 06 08 2A 86 48 86 F7 63 64 01
147 */
148 #define APPLE_TP_OID APPLE_ADS_OID, 1
149
150 /*
151 * appleSecurityAlgorithm OBJECT IDENTIFIER ::=
152 * { appleDataSecurity 2 }
153 * { 1 2 840 113635 100 2 }
154 *
155 * BER = 06 08 2A 86 48 86 F7 63 64 02
156 */
157 #define APPLE_ALG_OID APPLE_ADS_OID, 2
158
159 /*
160 * appleDotMacCertificate OBJECT IDENTIFIER ::=
161 * { appleDataSecurity 3 }
162 * { 1 2 840 113635 100 3 }
163 */
164 #define APPLE_DOTMAC_CERT_OID APPLE_ADS_OID, 3
165
166 /*
167 * Basis of Policy OIDs for .mac TP requests
168 *
169 * dotMacCertificateRequest OBJECT IDENTIFIER ::=
170 * { appleDotMacCertificate 1 }
171 * { 1 2 840 113635 100 3 1 }
172 */
173 #define APPLE_DOTMAC_CERT_REQ_OID APPLE_DOTMAC_CERT_OID, 1
174
175 /*
176 * Basis of .mac Certificate Extensions
177 *
178 * dotMacCertificateExtension OBJECT IDENTIFIER ::=
179 * { appleDotMacCertificate 2 }
180 * { 1 2 840 113635 100 3 2 }
181 */
182 #define APPLE_DOTMAC_CERT_EXTEN_OID APPLE_DOTMAC_CERT_OID, 2
183
184 /*
185 * Basis of .mac Certificate request OID/value identitifiers
186 *
187 * dotMacCertificateRequestValues OBJECT IDENTIFIER ::=
188 * { appleDotMacCertificate 3 }
189 * { 1 2 840 113635 100 3 3 }
190 */
191 #define APPLE_DOTMAC_CERT_REQ_VALUE_OID APPLE_DOTMAC_CERT_OID, 3
192
193 /*
194 * Basis of Apple-specific extended key usages
195 *
196 * appleExtendedKeyUsage OBJECT IDENTIFIER ::=
197 * { appleDataSecurity 4 }
198 * { 1 2 840 113635 100 4 }
199 */
200 #define APPLE_EKU_OID APPLE_ADS_OID, 4
201
202 /*
203 * Basis of Apple Code Signing extended key usages
204 * appleCodeSigning OBJECT IDENTIFIER ::=
205 * { appleExtendedKeyUsage 1 }
206 * { 1 2 840 113635 100 4 1}
207 */
208 #define APPLE_EKU_CODE_SIGNING APPLE_EKU_OID, 1
209 #define APPLE_EKU_APPLE_ID APPLE_EKU_OID, 7
210 #define APPLE_EKU_PASSBOOK APPLE_EKU_OID, 14
211 #define APPLE_EKU_PROFILE_SIGNING APPLE_EKU_OID, 16
212 #define APPLE_EKU_QA_PROFILE_SIGNING APPLE_EKU_OID, 17
213
214
215 /*
216 * Basis of Apple-specific Certificate Policy IDs.
217 * appleCertificatePolicies OBJECT IDENTIFIER ::=
218 * { appleDataSecurity 5 }
219 * { 1 2 840 113635 100 5 }
220 */
221 #define APPLE_CERT_POLICIES APPLE_ADS_OID, 5
222
223 #define APPLE_CERT_POLICY_MOBILE_STORE APPLE_CERT_POLICIES, 12
224
225 #define APPLE_CERT_POLICY_MOBILE_STORE_PRODQA APPLE_CERT_POLICY_MOBILE_STORE, 1
226
227 /*
228 * Basis of Apple-specific Signing extensions
229 * { appleDataSecurity 6 }
230 */
231 #define APPLE_CERT_EXT APPLE_ADS_OID, 6
232
233 /* Apple Intermediate Marker OIDs */
234 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER APPLE_CERT_EXT, 2
235
236 /* Apple Worldwide Developer Relations Certification Authority */
237 /* 1.2.840.113635.100.6.2.1 */
238 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_WWDR APPLE_CERT_EXT_INTERMEDIATE_MARKER, 1
239
240 /* Apple Apple ID Intermediate Marker */
241 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID APPLE_CERT_EXT_INTERMEDIATE_MARKER, 3
242
243 /*
244 * Apple Apple ID Intermediate Marker (New subCA, no longer shared with push notification server cert issuer
245 *
246 * appleCertificateExtensionAppleIDIntermediate ::=
247 * { appleCertificateExtensionIntermediateMarker 7 }
248 * { 1 2 840 113635 100 6 2 7 }
249 */
250 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_2 APPLE_CERT_EXT_INTERMEDIATE_MARKER, 7
251
252 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_SYSTEM_INTEGRATION_2 APPLE_CERT_EXT_INTERMEDIATE_MARKER, 10
253
254 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_SYSTEM_INTEGRATION_G3 APPLE_CERT_EXT_INTERMEDIATE_MARKER, 13
255
256 #define APPLE_CERT_EXT_APPLE_PUSH_MARKER APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID, 2
257
258
259 #define APPLE_CERT_EXTENSION_CODESIGNING APPLE_CERT_EXT, 1
260
261 /* Secure Boot Embedded Image3 value,
262 co-opted by desktop for "Apple Released Code Signature", without value */
263 #define APPLE_SBOOT_CERT_EXTEN_SBOOT_SPEC_OID APPLE_CERT_EXTENSION_CODESIGNING, 1
264 #define APPLE_SBOOT_CERT_EXTEN_SBOOT_TICKET_SPEC_OID APPLE_CERT_EXTENSION_CODESIGNING, 11
265 #define APPLE_SBOOT_CERT_EXTEN_IMG4_MANIFEST_SPEC_OID APPLE_CERT_EXTENSION_CODESIGNING, 15
266
267 /* iPhone Provisioning Profile Signing leaf - on the intermediate marker arc? */
268 #define APPLE_PROVISIONING_PROFILE_OID APPLE_CERT_EXT_INTERMEDIATE_MARKER, 1
269 /* iPhone Application Signing leaf */
270 #define APPLE_APP_SIGNING_OID APPLE_CERT_EXTENSION_CODESIGNING, 3
271
272 #define APPLE_INSTALLER_PACKAGE_SIGNING_EXTERNAL_OID APPLE_CERT_EXTENSION_CODESIGNING, 16
273
274 /* Apple TVOS Application Signing leaf, production */
275 /* 1.2.840.113635.100.6.1.24 */
276 #define APPLE_TVOS_APP_SIGNING_PROD_OID APPLE_CERT_EXTENSION_CODESIGNING, 24
277
278 /* Apple TVOS Application Signing leaf, QA */
279 /* 1.2.840.113635.100.6.1.24.1 */
280
281 #define APPLE_TVOS_APP_SIGNING_PRODQA_OID APPLE_CERT_EXTENSION_CODESIGNING, 24, 1
282
283 #define APPLE_ESCROW_ARC APPLE_CERT_EXT, 23
284
285 #define APPLE_ESCROW_POLICY_OID APPLE_ESCROW_ARC, 1
286
287 #define APPLE_CERT_EXT_APPLE_ID_VALIDATION_RECORD_SIGNING APPLE_CERT_EXT, 25
288
289 #define APPLE_SERVER_AUTHENTICATION APPLE_CERT_EXT, 27
290 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION APPLE_SERVER_AUTHENTICATION, 1
291 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_PPQ_PRODQA APPLE_SERVER_AUTHENTICATION, 3, 1
292 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_PPQ_PROD APPLE_SERVER_AUTHENTICATION, 3, 2
293 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_IDS_PRODQA APPLE_SERVER_AUTHENTICATION, 4, 1
294 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_IDS_PROD APPLE_SERVER_AUTHENTICATION, 4, 2
295 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_APN_PRODQA APPLE_SERVER_AUTHENTICATION, 5, 1
296 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_APN_PROD APPLE_SERVER_AUTHENTICATION, 5, 2
297
298 #define APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_GS APPLE_SERVER_AUTHENTICATION, 2
299
300
301 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLE_SERVER_AUTHENTICATION APPLE_CERT_EXT_INTERMEDIATE_MARKER, 12
302
303 #define APPLE_CERT_EXT_APPLE_SMP_ENCRYPTION APPLE_CERT_EXT, 30
304
305 /* UPP fraud detection (Provisioning Profile Query) CMS signing */
306
307 #define APPLE_CERT_EXT_APPLE_PPQ_SIGNING_PRODQA APPLE_CERT_EXT, 38, 1
308 #define APPLE_CERT_EXT_APPLE_PPQ_SIGNING_PROD APPLE_CERT_EXT, 38, 2
309
310 /* AppleTVOS Application Signing */
311 #define APPLE_ATV_APP_SIGNING_OID APPLE_CERT_EXTENSION_CODESIGNING, 24
312 #define APPLE_ATV_APP_SIGNING_OID_PRODQA APPLE_ATV_APP_SIGNING_OID, 1
313
314 /* Apple Pay Issuer Encryption */
315 #define APPLE_CERT_EXT_CRYPTO_SERVICES_EXT_ENCRYPTION APPLE_CERT_EXT, 39
316
317 /* Apple OS X Provisioning Profile Signing */
318 /* (note this OID is unfortunately used as a cert extension even though it's under the EKU arc) */
319 #define APPLE_CERT_EXT_OSX_PROVISIONING_PROFILE_SIGNING APPLE_EKU_OID, 11
320
321 /* AppleTV VPN Profile Signing 1.2.840.113635.100.6.43 */
322 #define APPLE_CERT_EXT_APPLE_ATV_VPN_PROFILE_SIGNING APPLE_CERT_EXT, 43
323
324 /* AST2 Diagnostics Server Authentication
325 * QA Marker OID 1.2.840.113635.100.6.27.8.1
326 * Prod Marker OID 1.2.840.113635.100.6.27.8.2
327 */
328 #define APPLE_CERT_EXT_AST2_DIAGNOSTICS_SERVER_AUTH_PRODQA APPLE_SERVER_AUTHENTICATION, 8, 1
329 #define APPLE_CERT_EXT_AST2_DIAGNOSTICS_SERVER_AUTH_PROD APPLE_SERVER_AUTHENTICATION, 8, 2
330
331 /* Escrow Proxy Server Authentication
332 * QA Marker OID 1.2.840.113635.100.6.27.7.1
333 * Prod Marker OID 1.2.840.113635.100.6.27.7.2
334 */
335 #define APPLE_CERT_EXT_ESCROW_PROXY_SERVER_AUTH_PRODQA APPLE_SERVER_AUTHENTICATION, 7, 1
336 #define APPLE_CERT_EXT_ESCROW_PROXY_SERVER_AUTH_PROD APPLE_SERVER_AUTHENTICATION, 7, 2
337
338 /* FMiP Server Authentication
339 * QA Marker OID 1.2.840.113635.100.6.27.6.1
340 * Prod Marker OID 1.2.840.113635.100.6.27.6.2
341 */
342 #define APPLE_CERT_EXT_FMIP_SERVER_AUTH_PRODQA APPLE_SERVER_AUTHENTICATION, 6, 1
343 #define APPLE_CERT_EXT_FMIP_SERVER_AUTH_PROD APPLE_SERVER_AUTHENTICATION, 6, 2
344
345 /* HomeKit Server Authentication
346 * Intermediate Marker OID: 1.2.840.113635.100.6.2.16
347 * Leaf Marker OID: 1.2.840.113635.100.6.27.9
348 */
349 #define APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLE_HOME_KIT_SERVER_AUTH APPLE_CERT_EXT_INTERMEDIATE_MARKER, 16
350 #define APPLE_CERT_EXT_HOME_KIT_SERVER_AUTH APPLE_SERVER_AUTHENTICATION, 9
351
352 /* MMCS Server Authentication
353 * QA Marker OID 1.2.840.113635.100.6.27.11.1
354 * Prod Marker OID 1.2.840.113635.100.6.27.11.2
355 */
356 #define APPLE_CERT_EXT_MMCS_SERVER_AUTH_PRODQA APPLE_SERVER_AUTHENTICATION, 11, 1
357 #define APPLE_CERT_EXT_MMCS_SERVER_AUTH_PROD APPLE_SERVER_AUTHENTICATION, 11, 2
358
359 /* iCloud Setup Authentication
360 * QA Marker OID 1.2.840.113635.100.6.27.15.1
361 * Prod Marker OID 1.2.840.113635.100.6.27.15.2
362 */
363 #define APPLE_CERT_EXT_ICLOUD_SETUP_SERVER_AUTH_PRODQA APPLE_SERVER_AUTHENTICATION, 15, 1
364 #define APPLE_CERT_EXT_ICLOUD_SETUP_SERVER_AUTH_PROD APPLE_SERVER_AUTHENTICATION, 15, 2
365
366 /*
367 * Netscape OIDs.
368 */
369 #define NETSCAPE_BASE_OID 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42
370
371 /*
372 * Netscape cert extension.
373 *
374 * netscape-cert-extension OBJECT IDENTIFIER ::=
375 * { 2 16 840 1 113730 1 }
376 *
377 * BER = 06 08 60 86 48 01 86 F8 42 01
378 */
379 #define NETSCAPE_CERT_EXTEN NETSCAPE_BASE_OID, 0x01
380
381 #define NETSCAPE_CERT_POLICY NETSCAPE_BASE_OID, 0x04
382
383 /* Entrust OIDs. */
384 #define ENTRUST_BASE_OID OID_US, 0x86, 0xf6, 0x7d
385
386 /*
387 * Entrust cert extension.
388 *
389 * entrust-cert-extension OBJECT IDENTIFIER ::=
390 * { 1 2 840 113533 7 65 }
391 *
392 * BER = 06 08 2A 86 48 86 F6 7D 07 41
393 */
394 #define ENTRUST_CERT_EXTEN ENTRUST_BASE_OID, 0x07, 0x41
395
396 /* Microsoft OIDs. */
397 #define MICROSOFT_BASE_OID OID_DOD, 0x01, 0x04, 0x01, 0x82, 0x37
398 #define MICROSOFT_ENROLLMENT_OID MICROSOFT_BASE_OID, 0x14
399
400 /* Google OIDs: 1.3.6.1.4.1.11129.
401 */
402 #define GOOGLE_BASE_OID OID_DOD, 0x01, 0x04, 0x01, 0xD6, 0x79
403 #define GOOGLE_EMBEDDED_SCT_OID GOOGLE_BASE_OID, 0x02, 0x04, 0x02
404 #define GOOGLE_OCSP_SCT_OID GOOGLE_BASE_OID, 0x02, 0x04, 0x05
405
406
407 /* Algorithm OIDs. */
408 static const DERByte
409 _oidRsa[] = { OID_PKCS_1, 1 },
410 _oidMd2Rsa[] = { OID_PKCS_1, 2 },
411 _oidMd4Rsa[] = { OID_PKCS_1, 3 },
412 _oidMd5Rsa[] = { OID_PKCS_1, 4 },
413 _oidSha1Rsa[] = { OID_PKCS_1, 5 },
414 _oidSha256Rsa[] = { OID_PKCS_1, 11 }, /* rfc5754 */
415 _oidSha384Rsa[] = { OID_PKCS_1, 12 }, /* rfc5754 */
416 _oidSha512Rsa[] = { OID_PKCS_1, 13 }, /* rfc5754 */
417 _oidSha224Rsa[] = { OID_PKCS_1, 14 }, /* rfc5754 */
418 _oidEcPubKey[] = { OID_PUBLIC_KEY_TYPE, 1 },
419 _oidSha1Ecdsa[] = { OID_EC_SIG_TYPE, 1 }, /* rfc3279 */
420 _oidSha224Ecdsa[] = { OID_ECDSA_WITH_SHA2, 1 }, /* rfc5758 */
421 _oidSha256Ecdsa[] = { OID_ECDSA_WITH_SHA2, 2 }, /* rfc5758 */
422 _oidSha384Ecdsa[] = { OID_ECDSA_WITH_SHA2, 3 }, /* rfc5758 */
423 _oidSha512Ecdsa[] = { OID_ECDSA_WITH_SHA2, 4 }, /* rfc5758 */
424 _oidSha1Dsa[] = { OID_ANSI_X9_57_ALGORITHM, 3 },
425 _oidMd2[] = { OID_RSA_HASH, 2 },
426 _oidMd4[] = { OID_RSA_HASH, 4 },
427 _oidMd5[] = { OID_RSA_HASH, 5 },
428 _oidSha1[] = { OID_OIW_ALGORITHM, 26 },
429 _oidSha1DsaOIW[] = { OID_OIW_ALGORITHM, 27 },
430 _oidSha1DsaCommonOIW[] = { OID_OIW_ALGORITHM, 28 },
431 _oidSha1RsaOIW[] = { OID_OIW_ALGORITHM, 29 },
432 _oidSha256[] = { OID_NIST_HASHALG, 1 },
433 _oidSha384[] = { OID_NIST_HASHALG, 2 },
434 _oidSha512[] = { OID_NIST_HASHALG, 3 },
435 _oidSha224[] = { OID_NIST_HASHALG, 4 },
436 _oidFee[] = { APPLE_ALG_OID, 1 },
437 _oidMd5Fee[] = { APPLE_ALG_OID, 3 },
438 _oidSha1Fee[] = { APPLE_ALG_OID, 4 },
439 _oidEcPrime192v1[] = { OID_EC_CURVE, 1 },
440 _oidEcPrime256v1[] = { OID_EC_CURVE, 7 },
441 _oidAnsip384r1[] = { OID_CERTICOM_EC_CURVE, 34 },
442 _oidAnsip521r1[] = { OID_CERTICOM_EC_CURVE, 35 };
443
444 const DERItem
445 oidRsa = { (DERByte *)_oidRsa,
446 sizeof(_oidRsa) },
447 oidMd2Rsa = { (DERByte *)_oidMd2Rsa,
448 sizeof(_oidMd2Rsa) },
449 oidMd4Rsa = { (DERByte *)_oidMd4Rsa,
450 sizeof(_oidMd4Rsa) },
451 oidMd5Rsa = { (DERByte *)_oidMd5Rsa,
452 sizeof(_oidMd5Rsa) },
453 oidSha1Rsa = { (DERByte *)_oidSha1Rsa,
454 sizeof(_oidSha1Rsa) },
455 oidSha256Rsa = { (DERByte *)_oidSha256Rsa,
456 sizeof(_oidSha256Rsa) },
457 oidSha384Rsa = { (DERByte *)_oidSha384Rsa,
458 sizeof(_oidSha384Rsa) },
459 oidSha512Rsa = { (DERByte *)_oidSha512Rsa,
460 sizeof(_oidSha512Rsa) },
461 oidSha224Rsa = { (DERByte *)_oidSha224Rsa,
462 sizeof(_oidSha224Rsa) },
463 oidEcPubKey = { (DERByte *)_oidEcPubKey,
464 sizeof(_oidEcPubKey) },
465 oidSha1Ecdsa = { (DERByte *)_oidSha1Ecdsa,
466 sizeof(_oidSha1Ecdsa) },
467 oidSha224Ecdsa = { (DERByte *)_oidSha224Ecdsa,
468 sizeof(_oidSha224Ecdsa) },
469 oidSha256Ecdsa = { (DERByte *)_oidSha256Ecdsa,
470 sizeof(_oidSha256Ecdsa) },
471 oidSha384Ecdsa = { (DERByte *)_oidSha384Ecdsa,
472 sizeof(_oidSha384Ecdsa) },
473 oidSha512Ecdsa = { (DERByte *)_oidSha512Ecdsa,
474 sizeof(_oidSha512Ecdsa) },
475 oidSha1Dsa = { (DERByte *)_oidSha1Dsa,
476 sizeof(_oidSha1Dsa) },
477 oidMd2 = { (DERByte *)_oidMd2,
478 sizeof(_oidMd2) },
479 oidMd4 = { (DERByte *)_oidMd4,
480 sizeof(_oidMd4) },
481 oidMd5 = { (DERByte *)_oidMd5,
482 sizeof(_oidMd5) },
483 oidSha1 = { (DERByte *)_oidSha1,
484 sizeof(_oidSha1) },
485 oidSha1RsaOIW = { (DERByte *)_oidSha1RsaOIW,
486 sizeof(_oidSha1RsaOIW) },
487 oidSha1DsaOIW = { (DERByte *)_oidSha1DsaOIW,
488 sizeof(_oidSha1DsaOIW) },
489 oidSha1DsaCommonOIW = { (DERByte *)_oidSha1DsaCommonOIW,
490 sizeof(_oidSha1DsaCommonOIW) },
491 oidSha256 = { (DERByte *)_oidSha256,
492 sizeof(_oidSha256) },
493 oidSha384 = { (DERByte *)_oidSha384,
494 sizeof(_oidSha384) },
495 oidSha512 = { (DERByte *)_oidSha512,
496 sizeof(_oidSha512) },
497 oidSha224 = { (DERByte *)_oidSha224,
498 sizeof(_oidSha224) },
499 oidFee = { (DERByte *)_oidFee,
500 sizeof(_oidFee) },
501 oidMd5Fee = { (DERByte *)_oidMd5Fee,
502 sizeof(_oidMd5Fee) },
503 oidSha1Fee = { (DERByte *)_oidSha1Fee,
504 sizeof(_oidSha1Fee) },
505 oidEcPrime192v1 = { (DERByte *)_oidEcPrime192v1,
506 sizeof(_oidEcPrime192v1) },
507 oidEcPrime256v1 = { (DERByte *)_oidEcPrime256v1,
508 sizeof(_oidEcPrime256v1) },
509 oidAnsip384r1 = { (DERByte *)_oidAnsip384r1,
510 sizeof(_oidAnsip384r1) },
511 oidAnsip521r1 = { (DERByte *)_oidAnsip521r1,
512 sizeof(_oidAnsip521r1) };
513
514
515 /* Extension OIDs. */
516 __unused static const DERByte
517 _oidSubjectKeyIdentifier[] = { OID_EXTENSION, 14 },
518 _oidKeyUsage[] = { OID_EXTENSION, 15 },
519 _oidPrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 },
520 _oidSubjectAltName[] = { OID_EXTENSION, 17 },
521 _oidIssuerAltName[] = { OID_EXTENSION, 18 },
522 _oidBasicConstraints[] = { OID_EXTENSION, 19 },
523 _oidNameConstraints[] = { OID_EXTENSION, 30 },
524 _oidCrlDistributionPoints[] = { OID_EXTENSION, 31 },
525 _oidCertificatePolicies[] = { OID_EXTENSION, 32 },
526 _oidAnyPolicy[] = { OID_EXTENSION, 32, 0 },
527 _oidPolicyMappings[] = { OID_EXTENSION, 33 },
528 _oidAuthorityKeyIdentifier[] = { OID_EXTENSION, 35 },
529 _oidPolicyConstraints[] = { OID_EXTENSION, 36 },
530 _oidExtendedKeyUsage[] = { OID_EXTENSION, 37 },
531 _oidAnyExtendedKeyUsage[] = { OID_EXTENSION, 37, 0 },
532 _oidInhibitAnyPolicy[] = { OID_EXTENSION, 54 },
533 _oidAuthorityInfoAccess[] = { OID_PE, 1 },
534 _oidSubjectInfoAccess[] = { OID_PE, 11 },
535 _oidAdOCSP[] = { OID_AD_OCSP },
536 _oidAdCAIssuer[] = { OID_AD_CAISSUERS },
537 _oidNetscapeCertType[] = { NETSCAPE_CERT_EXTEN, 1 },
538 _oidEntrustVersInfo[] = { ENTRUST_CERT_EXTEN, 0 },
539 _oidMSNTPrincipalName[] = { MICROSOFT_ENROLLMENT_OID, 2, 3 },
540 /* Policy Qualifier IDs for Internet policy qualifiers. */
541 _oidQtCps[] = { OID_QT, 1 },
542 _oidQtUNotice[] = { OID_QT, 2 },
543 /* X.501 Name IDs. */
544 _oidCommonName[] = { OID_ATTR_TYPE, 3 },
545 _oidCountryName[] = { OID_ATTR_TYPE, 6 },
546 _oidLocalityName[] = { OID_ATTR_TYPE, 7 },
547 _oidStateOrProvinceName[] = { OID_ATTR_TYPE, 8 },
548 _oidOrganizationName[] = { OID_ATTR_TYPE, 10 },
549 _oidOrganizationalUnitName[] = { OID_ATTR_TYPE, 11 },
550 _oidDescription[] = { OID_ATTR_TYPE, 13 },
551 _oidEmailAddress[] = { OID_PKCS_9, 1 },
552 _oidFriendlyName[] = { OID_PKCS_9, 20 },
553 _oidLocalKeyId[] = { OID_PKCS_9, 21 },
554 _oidExtendedKeyUsageServerAuth[] = { OID_KP, 1 },
555 _oidExtendedKeyUsageClientAuth[] = { OID_KP, 2 },
556 _oidExtendedKeyUsageCodeSigning[] = { OID_KP, 3 },
557 _oidExtendedKeyUsageEmailProtection[] = { OID_KP, 4 },
558 _oidExtendedKeyUsageTimeStamping[] = { OID_KP, 8 },
559 _oidExtendedKeyUsageOCSPSigning[] = { OID_KP, 9 },
560 _oidExtendedKeyUsageIPSec[] = { OID_ISAKMP, 2, 2 },
561 _oidExtendedKeyUsageMicrosoftSGC[] = { MICROSOFT_BASE_OID, 10, 3, 3 },
562 _oidExtendedKeyUsageNetscapeSGC[] = { NETSCAPE_CERT_POLICY, 1 },
563 _oidAppleSecureBootCertSpec[] = { APPLE_SBOOT_CERT_EXTEN_SBOOT_SPEC_OID },
564 _oidAppleSecureBootTicketCertSpec[] = { APPLE_SBOOT_CERT_EXTEN_SBOOT_TICKET_SPEC_OID },
565 _oidAppleImg4ManifestCertSpec[] = { APPLE_SBOOT_CERT_EXTEN_IMG4_MANIFEST_SPEC_OID },
566 _oidAppleProvisioningProfile[] = {APPLE_PROVISIONING_PROFILE_OID },
567 _oidAppleApplicationSigning[] = { APPLE_APP_SIGNING_OID },
568 _oidAppleInstallerPackagingSigningExternal[] = { APPLE_INSTALLER_PACKAGE_SIGNING_EXTERNAL_OID },
569 _oidAppleTVOSApplicationSigningProd[] = { APPLE_TVOS_APP_SIGNING_PROD_OID },
570 _oidAppleTVOSApplicationSigningProdQA[] = { APPLE_TVOS_APP_SIGNING_PRODQA_OID },
571 _oidAppleExtendedKeyUsageCodeSigning[] = { APPLE_EKU_CODE_SIGNING },
572 _oidAppleExtendedKeyUsageCodeSigningDev[] = { APPLE_EKU_CODE_SIGNING, 1 },
573 _oidAppleExtendedKeyUsageAppleID[] = { APPLE_EKU_APPLE_ID },
574 _oidAppleExtendedKeyUsagePassbook[] = { APPLE_EKU_PASSBOOK },
575 _oidAppleExtendedKeyUsageProfileSigning[] = { APPLE_EKU_PROFILE_SIGNING },
576 _oidAppleExtendedKeyUsageQAProfileSigning[] = { APPLE_EKU_QA_PROFILE_SIGNING },
577 _oidAppleIntmMarkerAppleWWDR[] = { APPLE_CERT_EXT_INTERMEDIATE_MARKER_WWDR },
578 _oidAppleIntmMarkerAppleID[] = { APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID },
579 _oidAppleIntmMarkerAppleID2[] = {APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_2 },
580 _oidApplePushServiceClient[] = { APPLE_CERT_EXT_APPLE_PUSH_MARKER, 2 },
581 _oidApplePolicyMobileStore[] = { APPLE_CERT_POLICY_MOBILE_STORE },
582 _oidApplePolicyMobileStoreProdQA[] = { APPLE_CERT_POLICY_MOBILE_STORE_PRODQA },
583 _oidApplePolicyEscrowService[] = { APPLE_ESCROW_POLICY_OID },
584 _oidAppleCertExtensionAppleIDRecordValidationSigning[] = { APPLE_CERT_EXT_APPLE_ID_VALIDATION_RECORD_SIGNING },
585 _oidAppleCertExtOSXProvisioningProfileSigning[] = { APPLE_CERT_EXT_OSX_PROVISIONING_PROFILE_SIGNING },
586 _oidAppleIntmMarkerAppleSystemIntg2[] = {APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_SYSTEM_INTEGRATION_2},
587 _oidAppleIntmMarkerAppleSystemIntgG3[] = {APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLEID_SYSTEM_INTEGRATION_G3},
588 _oidAppleCertExtAppleSMPEncryption[] = {APPLE_CERT_EXT_APPLE_SMP_ENCRYPTION},
589 _oidAppleCertExtAppleServerAuthentication[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION},
590 _oidAppleCertExtAppleServerAuthenticationPPQProdQA[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_PPQ_PRODQA},
591 _oidAppleCertExtAppleServerAuthenticationPPQProd[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_PPQ_PROD},
592 _oidAppleCertExtAppleServerAuthenticationIDSProdQA[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_IDS_PRODQA},
593 _oidAppleCertExtAppleServerAuthenticationIDSProd[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_IDS_PROD},
594 _oidAppleCertExtAppleServerAuthenticationAPNProdQA[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_APN_PRODQA},
595 _oidAppleCertExtAppleServerAuthenticationAPNProd[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_APN_PROD},
596 _oidAppleCertExtAppleServerAuthenticationGS[] = {APPLE_CERT_EXT_APPLE_SERVER_AUTHENTICATION_GS},
597 _oidAppleIntmMarkerAppleServerAuthentication[] = {APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLE_SERVER_AUTHENTICATION},
598 _oidAppleCertExtApplePPQSigningProdQA[] = {APPLE_CERT_EXT_APPLE_PPQ_SIGNING_PRODQA},
599 _oidAppleCertExtApplePPQSigningProd[] = {APPLE_CERT_EXT_APPLE_PPQ_SIGNING_PROD},
600 _oidGoogleEmbeddedSignedCertificateTimestamp[] = {GOOGLE_EMBEDDED_SCT_OID},
601 _oidGoogleOCSPSignedCertificateTimestamp[] = {GOOGLE_OCSP_SCT_OID},
602 _oidAppleCertExtATVAppSigningProdQA[] = {APPLE_ATV_APP_SIGNING_OID_PRODQA},
603 _oidAppleCertExtATVAppSigningProd[] = {APPLE_ATV_APP_SIGNING_OID},
604 _oidAppleCertExtATVVPNProfileSigning[] = {APPLE_CERT_EXT_APPLE_ATV_VPN_PROFILE_SIGNING},
605 _oidAppleCertExtCryptoServicesExtEncryption[] = {APPLE_CERT_EXT_CRYPTO_SERVICES_EXT_ENCRYPTION},
606 _oidAppleCertExtAST2DiagnosticsServerAuthProdQA[] = {APPLE_CERT_EXT_AST2_DIAGNOSTICS_SERVER_AUTH_PRODQA},
607 _oidAppleCertExtAST2DiagnosticsServerAuthProd[] = {APPLE_CERT_EXT_AST2_DIAGNOSTICS_SERVER_AUTH_PROD},
608 _oidAppleCertExtEscrowProxyServerAuthProdQA[] = {APPLE_CERT_EXT_ESCROW_PROXY_SERVER_AUTH_PRODQA},
609 _oidAppleCertExtEscrowProxyServerAuthProd[] = {APPLE_CERT_EXT_ESCROW_PROXY_SERVER_AUTH_PROD},
610 _oidAppleCertExtFMiPServerAuthProdQA[] = {APPLE_CERT_EXT_FMIP_SERVER_AUTH_PRODQA},
611 _oidAppleCertExtFMiPServerAuthProd[] = {APPLE_CERT_EXT_FMIP_SERVER_AUTH_PROD},
612 _oidAppleCertExtHomeKitServerAuth[] = {APPLE_CERT_EXT_HOME_KIT_SERVER_AUTH},
613 _oidAppleIntmMarkerAppleHomeKitServerCA[] = {APPLE_CERT_EXT_INTERMEDIATE_MARKER_APPLE_HOME_KIT_SERVER_AUTH},
614 _oidAppleCertExtMMCSServerAuthProdQA[] = {APPLE_CERT_EXT_MMCS_SERVER_AUTH_PRODQA},
615 _oidAppleCertExtMMCSServerAuthProd[] = {APPLE_CERT_EXT_MMCS_SERVER_AUTH_PROD},
616 _oidAppleCertExtiCloudSetupServerAuthProdQA[] = {APPLE_CERT_EXT_ICLOUD_SETUP_SERVER_AUTH_PRODQA},
617 _oidAppleCertExtiCloudSetupServerAuthProd[] = {APPLE_CERT_EXT_ICLOUD_SETUP_SERVER_AUTH_PROD};
618
619 __unused const DERItem
620 oidSubjectKeyIdentifier = { (DERByte *)_oidSubjectKeyIdentifier,
621 sizeof(_oidSubjectKeyIdentifier) },
622 oidKeyUsage = { (DERByte *)_oidKeyUsage,
623 sizeof(_oidKeyUsage) },
624 oidPrivateKeyUsagePeriod = { (DERByte *)_oidPrivateKeyUsagePeriod,
625 sizeof(_oidPrivateKeyUsagePeriod) },
626 oidSubjectAltName = { (DERByte *)_oidSubjectAltName,
627 sizeof(_oidSubjectAltName) },
628 oidIssuerAltName = { (DERByte *)_oidIssuerAltName,
629 sizeof(_oidIssuerAltName) },
630 oidBasicConstraints = { (DERByte *)_oidBasicConstraints,
631 sizeof(_oidBasicConstraints) },
632 oidNameConstraints = { (DERByte *)_oidNameConstraints,
633 sizeof(_oidNameConstraints) },
634 oidCrlDistributionPoints = { (DERByte *)_oidCrlDistributionPoints,
635 sizeof(_oidCrlDistributionPoints) },
636 oidCertificatePolicies = { (DERByte *)_oidCertificatePolicies,
637 sizeof(_oidCertificatePolicies) },
638 oidAnyPolicy = { (DERByte *)_oidAnyPolicy,
639 sizeof(_oidAnyPolicy) },
640 oidPolicyMappings = { (DERByte *)_oidPolicyMappings,
641 sizeof(_oidPolicyMappings) },
642 oidAuthorityKeyIdentifier = { (DERByte *)_oidAuthorityKeyIdentifier,
643 sizeof(_oidAuthorityKeyIdentifier) },
644 oidPolicyConstraints = { (DERByte *)_oidPolicyConstraints,
645 sizeof(_oidPolicyConstraints) },
646 oidExtendedKeyUsage = { (DERByte *)_oidExtendedKeyUsage,
647 sizeof(_oidExtendedKeyUsage) },
648 oidAnyExtendedKeyUsage = { (DERByte *)_oidAnyExtendedKeyUsage,
649 sizeof(_oidAnyExtendedKeyUsage) },
650 oidInhibitAnyPolicy = { (DERByte *)_oidInhibitAnyPolicy,
651 sizeof(_oidInhibitAnyPolicy) },
652 oidAuthorityInfoAccess = { (DERByte *)_oidAuthorityInfoAccess,
653 sizeof(_oidAuthorityInfoAccess) },
654 oidSubjectInfoAccess = { (DERByte *)_oidSubjectInfoAccess,
655 sizeof(_oidSubjectInfoAccess) },
656 oidAdOCSP = { (DERByte *)_oidAdOCSP,
657 sizeof(_oidAdOCSP) },
658 oidAdCAIssuer = { (DERByte *)_oidAdCAIssuer,
659 sizeof(_oidAdCAIssuer) },
660 oidNetscapeCertType = { (DERByte *)_oidNetscapeCertType,
661 sizeof(_oidNetscapeCertType) },
662 oidEntrustVersInfo = { (DERByte *)_oidEntrustVersInfo,
663 sizeof(_oidEntrustVersInfo) },
664 oidMSNTPrincipalName = { (DERByte *)_oidMSNTPrincipalName,
665 sizeof(_oidMSNTPrincipalName) },
666 /* Policy Qualifier IDs for Internet policy qualifiers. */
667 oidQtCps = { (DERByte *)_oidQtCps,
668 sizeof(_oidQtCps) },
669 oidQtUNotice = { (DERByte *)_oidQtUNotice,
670 sizeof(_oidQtUNotice) },
671 /* X.501 Name IDs. */
672 oidCommonName = { (DERByte *)_oidCommonName,
673 sizeof(_oidCommonName) },
674 oidCountryName = { (DERByte *)_oidCountryName,
675 sizeof(_oidCountryName) },
676 oidLocalityName = { (DERByte *)_oidLocalityName,
677 sizeof(_oidLocalityName) },
678 oidStateOrProvinceName = { (DERByte *)_oidStateOrProvinceName,
679 sizeof(_oidStateOrProvinceName) },
680 oidOrganizationName = { (DERByte *)_oidOrganizationName,
681 sizeof(_oidOrganizationName) },
682 oidOrganizationalUnitName = { (DERByte *)_oidOrganizationalUnitName,
683 sizeof(_oidOrganizationalUnitName) },
684 oidDescription = { (DERByte *)_oidDescription,
685 sizeof(_oidDescription) },
686 oidEmailAddress = { (DERByte *)_oidEmailAddress,
687 sizeof(_oidEmailAddress) },
688 oidFriendlyName = { (DERByte *)_oidFriendlyName,
689 sizeof(_oidFriendlyName) },
690 oidLocalKeyId = { (DERByte *)_oidLocalKeyId,
691 sizeof(_oidLocalKeyId) },
692 oidExtendedKeyUsageServerAuth = { (DERByte *)_oidExtendedKeyUsageServerAuth,
693 sizeof(_oidExtendedKeyUsageServerAuth) },
694 oidExtendedKeyUsageClientAuth = { (DERByte *)_oidExtendedKeyUsageClientAuth,
695 sizeof(_oidExtendedKeyUsageClientAuth) },
696 oidExtendedKeyUsageCodeSigning = { (DERByte *)_oidExtendedKeyUsageCodeSigning,
697 sizeof(_oidExtendedKeyUsageCodeSigning) },
698 oidExtendedKeyUsageEmailProtection = { (DERByte *)_oidExtendedKeyUsageEmailProtection,
699 sizeof(_oidExtendedKeyUsageEmailProtection) },
700 oidExtendedKeyUsageTimeStamping = { (DERByte *)_oidExtendedKeyUsageTimeStamping,
701 sizeof(_oidExtendedKeyUsageTimeStamping) },
702 oidExtendedKeyUsageOCSPSigning = { (DERByte *)_oidExtendedKeyUsageOCSPSigning,
703 sizeof(_oidExtendedKeyUsageOCSPSigning) },
704 oidExtendedKeyUsageIPSec = { (DERByte *)_oidExtendedKeyUsageIPSec,
705 sizeof(_oidExtendedKeyUsageIPSec) },
706 oidExtendedKeyUsageMicrosoftSGC = { (DERByte *)_oidExtendedKeyUsageMicrosoftSGC,
707 sizeof(_oidExtendedKeyUsageMicrosoftSGC) },
708 oidExtendedKeyUsageNetscapeSGC = { (DERByte *)_oidExtendedKeyUsageNetscapeSGC,
709 sizeof(_oidExtendedKeyUsageNetscapeSGC) },
710 oidAppleSecureBootCertSpec = { (DERByte *)_oidAppleSecureBootCertSpec,
711 sizeof(_oidAppleSecureBootCertSpec) },
712 oidAppleSecureBootTicketCertSpec = { (DERByte *)_oidAppleSecureBootTicketCertSpec,
713 sizeof(_oidAppleSecureBootTicketCertSpec) },
714 oidAppleImg4ManifestCertSpec = { (DERByte *)_oidAppleImg4ManifestCertSpec,
715 sizeof(_oidAppleImg4ManifestCertSpec) },
716 oidAppleProvisioningProfile = { (DERByte *)_oidAppleProvisioningProfile,
717 sizeof(_oidAppleProvisioningProfile) },
718 oidAppleApplicationSigning = { (DERByte *)_oidAppleApplicationSigning,
719 sizeof(_oidAppleApplicationSigning) },
720 oidAppleInstallerPackagingSigningExternal = { (DERByte *)_oidAppleInstallerPackagingSigningExternal,
721 sizeof(_oidAppleInstallerPackagingSigningExternal) },
722 oidAppleTVOSApplicationSigningProd = { (DERByte *)_oidAppleTVOSApplicationSigningProd,
723 sizeof(_oidAppleTVOSApplicationSigningProd) },
724 oidAppleTVOSApplicationSigningProdQA = { (DERByte *)_oidAppleTVOSApplicationSigningProdQA,
725 sizeof(_oidAppleTVOSApplicationSigningProdQA) },
726 oidAppleExtendedKeyUsageCodeSigning = { (DERByte *)_oidAppleExtendedKeyUsageCodeSigning,
727 sizeof(_oidAppleExtendedKeyUsageCodeSigning) },
728 oidAppleExtendedKeyUsageCodeSigningDev = { (DERByte *)_oidAppleExtendedKeyUsageCodeSigningDev,
729 sizeof(_oidAppleExtendedKeyUsageCodeSigningDev) },
730 oidAppleExtendedKeyUsageAppleID = { (DERByte *)_oidAppleExtendedKeyUsageAppleID,
731 sizeof(_oidAppleExtendedKeyUsageAppleID) },
732 oidAppleExtendedKeyUsagePassbook = { (DERByte *)_oidAppleExtendedKeyUsagePassbook,
733 sizeof(_oidAppleExtendedKeyUsagePassbook) },
734 oidAppleExtendedKeyUsageProfileSigning
735 = { (DERByte *)_oidAppleExtendedKeyUsageProfileSigning,
736 sizeof(_oidAppleExtendedKeyUsageProfileSigning) },
737 oidAppleExtendedKeyUsageQAProfileSigning
738 = { (DERByte *)_oidAppleExtendedKeyUsageQAProfileSigning,
739 sizeof(_oidAppleExtendedKeyUsageQAProfileSigning) },
740 oidAppleIntmMarkerAppleWWDR = { (DERByte *)_oidAppleIntmMarkerAppleWWDR,
741 sizeof(_oidAppleIntmMarkerAppleWWDR) },
742 oidAppleIntmMarkerAppleID = { (DERByte *)_oidAppleIntmMarkerAppleID,
743 sizeof(_oidAppleIntmMarkerAppleID) },
744 oidAppleIntmMarkerAppleID2 = { (DERByte *)_oidAppleIntmMarkerAppleID2,
745 sizeof(_oidAppleIntmMarkerAppleID2) },
746 oidApplePushServiceClient = { (DERByte *)_oidAppleIntmMarkerAppleID2,
747 sizeof(_oidAppleIntmMarkerAppleID2) },
748 oidApplePolicyMobileStore = { (DERByte *)_oidApplePolicyMobileStore,
749 sizeof(_oidApplePolicyMobileStore)},
750 oidApplePolicyMobileStoreProdQA = { (DERByte *)_oidApplePolicyMobileStoreProdQA,
751 sizeof(_oidApplePolicyMobileStoreProdQA)},
752 oidApplePolicyEscrowService = { (DERByte *)_oidApplePolicyEscrowService,
753 sizeof(_oidApplePolicyEscrowService)},
754 oidAppleCertExtensionAppleIDRecordValidationSigning = { (DERByte *)_oidAppleCertExtensionAppleIDRecordValidationSigning,
755 sizeof(_oidAppleCertExtensionAppleIDRecordValidationSigning)},
756 oidAppleCertExtOSXProvisioningProfileSigning = { (DERByte *)_oidAppleCertExtOSXProvisioningProfileSigning,
757 sizeof(_oidAppleCertExtOSXProvisioningProfileSigning) },
758 oidAppleIntmMarkerAppleSystemIntg2 = { (DERByte *) _oidAppleIntmMarkerAppleSystemIntg2,
759 sizeof(_oidAppleIntmMarkerAppleSystemIntg2)},
760 oidAppleIntmMarkerAppleSystemIntgG3 = { (DERByte *) _oidAppleIntmMarkerAppleSystemIntgG3,
761 sizeof(_oidAppleIntmMarkerAppleSystemIntgG3)},
762 oidAppleCertExtAppleSMPEncryption = { (DERByte *)_oidAppleCertExtAppleSMPEncryption,
763 sizeof(_oidAppleCertExtAppleSMPEncryption)},
764 oidAppleCertExtAppleServerAuthentication
765 = { (DERByte *)_oidAppleCertExtAppleServerAuthentication,
766 sizeof(_oidAppleCertExtAppleServerAuthentication) },
767 oidAppleCertExtAppleServerAuthenticationIDSProdQA
768 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationIDSProdQA,
769 sizeof(_oidAppleCertExtAppleServerAuthenticationIDSProdQA) },
770 oidAppleCertExtAppleServerAuthenticationIDSProd
771 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationIDSProd,
772 sizeof(_oidAppleCertExtAppleServerAuthenticationIDSProd) },
773 oidAppleCertExtAppleServerAuthenticationAPNProdQA
774 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationAPNProdQA,
775 sizeof(_oidAppleCertExtAppleServerAuthenticationAPNProdQA) },
776 oidAppleCertExtAppleServerAuthenticationAPNProd
777 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationAPNProd,
778 sizeof(_oidAppleCertExtAppleServerAuthenticationAPNProd) },
779 oidAppleCertExtAppleServerAuthenticationGS
780 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationGS,
781 sizeof(_oidAppleCertExtAppleServerAuthenticationGS) },
782 oidAppleCertExtAppleServerAuthenticationPPQProdQA
783 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationPPQProdQA,
784 sizeof(_oidAppleCertExtAppleServerAuthenticationPPQProdQA) },
785 oidAppleCertExtAppleServerAuthenticationPPQProd
786 = { (DERByte *)_oidAppleCertExtAppleServerAuthenticationPPQProd,
787 sizeof(_oidAppleCertExtAppleServerAuthenticationPPQProd) },
788 oidAppleIntmMarkerAppleServerAuthentication
789 = { (DERByte *)_oidAppleIntmMarkerAppleServerAuthentication,
790 sizeof(_oidAppleIntmMarkerAppleServerAuthentication) },
791 oidAppleCertExtApplePPQSigningProd = { (DERByte *)_oidAppleCertExtApplePPQSigningProd,
792 sizeof(_oidAppleCertExtApplePPQSigningProd)},
793 oidAppleCertExtApplePPQSigningProdQA = { (DERByte *)_oidAppleCertExtApplePPQSigningProdQA,
794 sizeof(_oidAppleCertExtApplePPQSigningProdQA)},
795 oidGoogleEmbeddedSignedCertificateTimestamp
796 = { (DERByte *)_oidGoogleEmbeddedSignedCertificateTimestamp,
797 sizeof(_oidGoogleEmbeddedSignedCertificateTimestamp) },
798 oidGoogleOCSPSignedCertificateTimestamp
799 = { (DERByte *)_oidGoogleOCSPSignedCertificateTimestamp,
800 sizeof(_oidGoogleOCSPSignedCertificateTimestamp) },
801 oidAppleCertExtATVAppSigningProd = { (DERByte *)_oidAppleCertExtATVAppSigningProd,
802 sizeof(_oidAppleCertExtATVAppSigningProd)},
803 oidAppleCertExtATVAppSigningProdQA = { (DERByte *)_oidAppleCertExtATVAppSigningProdQA,
804 sizeof(_oidAppleCertExtATVAppSigningProdQA)},
805 oidAppleCertExtATVVPNProfileSigning = { (DERByte *) _oidAppleCertExtATVVPNProfileSigning,
806 sizeof(_oidAppleCertExtATVVPNProfileSigning)},
807 oidAppleCertExtCryptoServicesExtEncryption = { (DERByte *)_oidAppleCertExtCryptoServicesExtEncryption,
808 sizeof(_oidAppleCertExtCryptoServicesExtEncryption)},
809 oidAppleCertExtAST2DiagnosticsServerAuthProdQA = { (DERByte *)_oidAppleCertExtAST2DiagnosticsServerAuthProdQA,
810 sizeof(_oidAppleCertExtAST2DiagnosticsServerAuthProdQA)},
811 oidAppleCertExtAST2DiagnosticsServerAuthProd = { (DERByte *)_oidAppleCertExtAST2DiagnosticsServerAuthProd,
812 sizeof(_oidAppleCertExtAST2DiagnosticsServerAuthProd)},
813 oidAppleCertExtEscrowProxyServerAuthProdQA = { (DERByte *)_oidAppleCertExtEscrowProxyServerAuthProdQA,
814 sizeof(_oidAppleCertExtEscrowProxyServerAuthProdQA)},
815 oidAppleCertExtEscrowProxyServerAuthProd = { (DERByte *)_oidAppleCertExtEscrowProxyServerAuthProd,
816 sizeof(_oidAppleCertExtEscrowProxyServerAuthProd)},
817 oidAppleCertExtFMiPServerAuthProdQA = { (DERByte *)_oidAppleCertExtFMiPServerAuthProdQA,
818 sizeof(_oidAppleCertExtFMiPServerAuthProdQA)},
819 oidAppleCertExtFMiPServerAuthProd = { (DERByte *)_oidAppleCertExtFMiPServerAuthProd,
820 sizeof(_oidAppleCertExtFMiPServerAuthProd)},
821 oidAppleCertExtHomeKitServerAuth = { (DERByte *)_oidAppleCertExtHomeKitServerAuth,
822 sizeof(_oidAppleCertExtHomeKitServerAuth)},
823 oidAppleIntmMarkerAppleHomeKitServerCA = { (DERByte *)_oidAppleIntmMarkerAppleHomeKitServerCA,
824 sizeof(_oidAppleIntmMarkerAppleHomeKitServerCA) },
825 oidAppleCertExtAppleServerAuthenticationMMCSProdQA
826 = { (DERByte *)_oidAppleCertExtMMCSServerAuthProdQA,
827 sizeof(_oidAppleCertExtMMCSServerAuthProdQA) },
828 oidAppleCertExtAppleServerAuthenticationMMCSProd
829 = { (DERByte *)_oidAppleCertExtMMCSServerAuthProd,
830 sizeof(_oidAppleCertExtMMCSServerAuthProd) },
831 oidAppleCertExtAppleServerAuthenticationiCloudSetupProdQA
832 = { (DERByte *)_oidAppleCertExtiCloudSetupServerAuthProdQA,
833 sizeof(_oidAppleCertExtiCloudSetupServerAuthProdQA) },
834 oidAppleCertExtAppleServerAuthenticationiCloudSetupProd
835 = { (DERByte *)_oidAppleCertExtiCloudSetupServerAuthProd,
836 sizeof(_oidAppleCertExtiCloudSetupServerAuthProd) };
837
838
839
840
841 bool DEROidCompare(const DERItem *oid1, const DERItem *oid2) {
842 if ((oid1 == NULL) || (oid2 == NULL)) {
843 return false;
844 }
845 if (oid1->length != oid2->length) {
846 return false;
847 }
848 if (!DERMemcmp(oid1->data, oid2->data, oid1->length)) {
849 return true;
850 } else {
851 return false;
852 }
853 }
mirror of Security