]> git.saurik.com Git - apple/security.git/blob - cdsa/cssm/oidscert.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-164.1.tar.gz
[apple/security.git] / cdsa / cssm / oidscert.cpp
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20
21 File: oidscert.cpp
22
23 Contains: Object Identifiers for X509 Certificate Library
24
25 Copyright: (c) 1999 Apple Computer, Inc., all rights reserved.
26
27 */
28
29 #include <Security/oidscert.h>
30
31 /* required until PR-3347430 Security/cdsa/cdsa/oidscert.h is checked
32 * into TOT - pending public API review */
33 extern "C" {
34 extern const CSSM_OID CSSMOID_X509V1IssuerNameStd,
35 CSSMOID_X509V1SubjectNameStd;
36 }
37
38 static const uint8
39
40 /* Certificate OID Fields */
41 X509V3SignedCertificate[] = {INTEL_X509V3_CERT_R08, 0},
42 X509V3SignedCertificateCStruct[] = {INTEL_X509V3_CERT_R08, 0, INTEL_X509_C_DATATYPE},
43 X509V3Certificate[] = {INTEL_X509V3_CERT_R08, 1},
44 X509V3CertificateCStruct[] = {INTEL_X509V3_CERT_R08, 1, INTEL_X509_C_DATATYPE},
45 X509V1Version[] = {INTEL_X509V3_CERT_R08, 2},
46 X509V1SerialNumber[] = {INTEL_X509V3_CERT_R08, 3},
47 X509V1IssuerName[] = {INTEL_X509V3_CERT_R08, 5},
48 X509V1IssuerNameCStruct[] = {INTEL_X509V3_CERT_R08, 5, INTEL_X509_C_DATATYPE},
49 X509V1IssuerNameLDAP[] = {INTEL_X509V3_CERT_R08, 5, INTEL_X509_LDAPSTRING_DATATYPE},
50 X509V1ValidityNotBefore[] = {INTEL_X509V3_CERT_R08, 6},
51 X509V1ValidityNotAfter[] = {INTEL_X509V3_CERT_R08, 7},
52 X509V1SubjectName[] = {INTEL_X509V3_CERT_R08, 8},
53 X509V1SubjectNameCStruct[] = {INTEL_X509V3_CERT_R08, 8, INTEL_X509_C_DATATYPE},
54 X509V1SubjectNameLDAP[] = {INTEL_X509V3_CERT_R08, 8, INTEL_X509_LDAPSTRING_DATATYPE},
55 X509V1SubjectPublicKeyAlgorithm[] = {INTEL_X509V3_CERT_R08, 9},
56 X509V1SubjectPublicKey[] = {INTEL_X509V3_CERT_R08, 10},
57 X509V1CertificateIssuerUniqueId[] = {INTEL_X509V3_CERT_R08, 11},
58 X509V1CertificateSubjectUniqueId[] = {INTEL_X509V3_CERT_R08, 12},
59 X509V3CertificateExtensionStruct[] = {INTEL_X509V3_CERT_R08, 13},
60 X509V3CertificateExtensionCStruct[] = {INTEL_X509V3_CERT_R08, 13, INTEL_X509_C_DATATYPE},
61 X509V3CertificateNumberOfExtensions[] = {INTEL_X509V3_CERT_R08, 14},
62 X509V3CertificateExtensionId[] = {INTEL_X509V3_CERT_R08, 15},
63 X509V3CertificateExtensionCritical[] = {INTEL_X509V3_CERT_R08, 16},
64 X509V3CertificateExtensionValue[] = {INTEL_X509V3_CERT_R08, 17},
65 X509V1SubjectPublicKeyAlgorithmParameters[] = {INTEL_X509V3_CERT_R08, 18},
66 X509V3CertificateExtensionType[] = {INTEL_X509V3_CERT_R08, 19},
67 CSSMKeyStruct[] = {INTEL_X509V3_CERT_R08, 20},
68 X509V1SubjectPublicKeyCStruct[] = {INTEL_X509V3_CERT_R08, 20, INTEL_X509_C_DATATYPE},
69 X509V3CertificateExtensionsStruct[] = {INTEL_X509V3_CERT_R08, 21},
70 X509V3CertificateExtensionsCStruct[] = {INTEL_X509V3_CERT_R08, 21, INTEL_X509_C_DATATYPE},
71 X509V1SubjectNameStd[] = {INTEL_X509V3_CERT_R08, 22},
72 X509V1IssuerNameStd[] = {INTEL_X509V3_CERT_R08, 23},
73
74 /* Signature OID Fields */
75 X509V1SignatureStruct[] = {INTEL_X509V3_SIGN_R08, 0},
76 X509V1SignatureCStruct[] = {INTEL_X509V3_SIGN_R08, 0, INTEL_X509_C_DATATYPE},
77 /* for the algorithm ID in the cert proper */
78 X509V1SignatureAlgorithm[] = {INTEL_X509V3_SIGN_R08, 1},
79 /* for the one in TBSCert */
80 X509V1SignatureAlgorithmTBS[] = {INTEL_X509V3_SIGN_R08, 10},
81 X509V1SignatureAlgorithmParameters[] = {INTEL_X509V3_SIGN_R08, 3},
82 X509V1Signature[] = {INTEL_X509V3_SIGN_R08, 2},
83
84 /* Extension OID Fields */
85 SubjectSignatureBitmap[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 1},
86 SubjectPicture[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 2},
87 SubjectEmailAddress[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 3},
88 UseExemptions[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 4};
89
90
91 const CSSM_OID
92
93 /* Certificate OIDS */
94 CSSMOID_X509V3SignedCertificate = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V3SignedCertificate},
95 CSSMOID_X509V3SignedCertificateCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
96 (uint8 *)X509V3SignedCertificateCStruct},
97 CSSMOID_X509V3Certificate = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V3Certificate},
98 CSSMOID_X509V3CertificateCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V3CertificateCStruct},
99 CSSMOID_X509V1Version = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1Version},
100 CSSMOID_X509V1SerialNumber = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SerialNumber},
101 CSSMOID_X509V1IssuerName = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1IssuerName},
102 CSSMOID_X509V1IssuerNameStd = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1IssuerNameStd},
103 CSSMOID_X509V1IssuerNameCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1IssuerNameCStruct},
104 CSSMOID_X509V1IssuerNameLDAP = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1IssuerNameLDAP},
105 CSSMOID_X509V1ValidityNotBefore = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1ValidityNotBefore},
106 CSSMOID_X509V1ValidityNotAfter = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1ValidityNotAfter},
107 CSSMOID_X509V1SubjectName = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectName},
108 CSSMOID_X509V1SubjectNameStd = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectNameStd},
109 CSSMOID_X509V1SubjectNameCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1SubjectNameCStruct},
110 CSSMOID_X509V1SubjectNameLDAP = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1SubjectNameLDAP},
111 CSSMOID_CSSMKeyStruct = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)CSSMKeyStruct},
112 CSSMOID_X509V1SubjectPublicKeyCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
113 (uint8 *)X509V1SubjectPublicKeyCStruct},
114 CSSMOID_X509V1SubjectPublicKeyAlgorithm = {INTEL_X509V3_CERT_R08_LENGTH+1,
115 (uint8 *)X509V1SubjectPublicKeyAlgorithm},
116 CSSMOID_X509V1SubjectPublicKeyAlgorithmParameters = {INTEL_X509V3_CERT_R08_LENGTH+1,
117 (uint8 *)X509V1SubjectPublicKeyAlgorithmParameters},
118 CSSMOID_X509V1SubjectPublicKey = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectPublicKey},
119 CSSMOID_X509V1CertificateIssuerUniqueId = {INTEL_X509V3_CERT_R08_LENGTH+1,
120 (uint8 *)X509V1CertificateIssuerUniqueId},
121 CSSMOID_X509V1CertificateSubjectUniqueId = {INTEL_X509V3_CERT_R08_LENGTH+1,
122 (uint8 *)X509V1CertificateSubjectUniqueId},
123 CSSMOID_X509V3CertificateExtensionsStruct = {INTEL_X509V3_CERT_R08_LENGTH+1,
124 (uint8 *)X509V3CertificateExtensionsStruct},
125 CSSMOID_X509V3CertificateExtensionsCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
126 (uint8 *)X509V3CertificateExtensionsCStruct},
127 CSSMOID_X509V3CertificateNumberOfExtensions = {INTEL_X509V3_CERT_R08_LENGTH+1,
128 (uint8 *)X509V3CertificateNumberOfExtensions},
129 CSSMOID_X509V3CertificateExtensionStruct = {INTEL_X509V3_CERT_R08_LENGTH+1,
130 (uint8 *)X509V3CertificateExtensionStruct},
131 CSSMOID_X509V3CertificateExtensionCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
132 (uint8 *)X509V3CertificateExtensionCStruct},
133 CSSMOID_X509V3CertificateExtensionId = {INTEL_X509V3_CERT_R08_LENGTH+1,
134 (uint8 *)X509V3CertificateExtensionId},
135 CSSMOID_X509V3CertificateExtensionCritical = {INTEL_X509V3_CERT_R08_LENGTH+1,
136 (uint8 *)X509V3CertificateExtensionCritical},
137 CSSMOID_X509V3CertificateExtensionType = {INTEL_X509V3_CERT_R08_LENGTH+1,
138 (uint8 *)X509V3CertificateExtensionType},
139 CSSMOID_X509V3CertificateExtensionValue = {INTEL_X509V3_CERT_R08_LENGTH+1,
140 (uint8 *)X509V3CertificateExtensionValue},
141
142 /* Signature OID Fields */
143 CSSMOID_X509V1SignatureStruct = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureStruct},
144 CSSMOID_X509V1SignatureCStruct = {INTEL_X509V3_SIGN_R08_LENGTH+2, (uint8 *)X509V1SignatureCStruct},
145 CSSMOID_X509V1SignatureAlgorithm = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureAlgorithm},
146 CSSMOID_X509V1SignatureAlgorithmTBS = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureAlgorithmTBS},
147 CSSMOID_X509V1SignatureAlgorithmParameters = {INTEL_X509V3_SIGN_R08_LENGTH+1,
148 (uint8 *)X509V1SignatureAlgorithmParameters},
149 CSSMOID_X509V1Signature = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1Signature},
150
151 /* Extension OID Fields */
152 CSSMOID_SubjectSignatureBitmap = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectSignatureBitmap},
153 CSSMOID_SubjectPicture = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectPicture},
154 CSSMOID_SubjectEmailAddress = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectEmailAddress},
155 CSSMOID_UseExemptions = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)UseExemptions};
156
157 /***
158 *** Apple addenda.
159 ***/
160
161 /*
162 * Standard Cert extensions.
163 */
164 static const uint8
165 OID_SubjectDirectoryAttributes[] = { OID_EXTENSION, 9 },
166 OID_SubjectKeyIdentifier[] = { OID_EXTENSION, 14 },
167 OID_KeyUsage[] = { OID_EXTENSION, 15 },
168 OID_PrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 },
169 OID_SubjectAltName[] = { OID_EXTENSION, 17 },
170 OID_IssuerAltName[] = { OID_EXTENSION, 18 },
171 OID_BasicConstraints[] = { OID_EXTENSION, 19 },
172 OID_CrlNumber[] = { OID_EXTENSION, 20 },
173 OID_CrlReason[] = { OID_EXTENSION, 21 },
174 OID_HoldInstructionCode[] = { OID_EXTENSION, 23 },
175 OID_InvalidityDate[] = { OID_EXTENSION, 24 },
176 OID_DeltaCrlIndicator[] = { OID_EXTENSION, 27 },
177 OID_IssuingDistributionPoint[] = { OID_EXTENSION, 28 },
178 OID_CertIssuer[] = { OID_EXTENSION, 29 },
179 OID_NameConstraints[] = { OID_EXTENSION, 30 },
180 OID_CrlDistributionPoints[] = { OID_EXTENSION, 31 },
181 OID_CertificatePolicies[] = { OID_EXTENSION, 32 },
182 OID_PolicyMappings[] = { OID_EXTENSION, 33 },
183 OID_AuthorityKeyIdentifier[] = { OID_EXTENSION, 35 },
184 OID_PolicyConstraints[] = { OID_EXTENSION, 36 },
185 OID_ExtendedKeyUsage[] = { OID_EXTENSION, 37 },
186 /* Individual OIDS appearing in an ExtendedKeyUsage extension */
187 OID_ExtendedKeyUsageAny[] = { OID_EXTENSION, 37, 0 },
188 OID_KP_ServerAuth[] = { OID_KP, 1 },
189 OID_KP_ClientAuth[] = { OID_KP, 2 },
190 OID_KP_ExtendedUseCodeSigning[] = { OID_KP, 3 },
191 OID_KP_EmailProtection[] = { OID_KP, 4 },
192 OID_KP_TimeStamping[] = { OID_KP, 8 },
193 OID_KP_OCSPSigning[] = { OID_KP, 9 }
194 ;
195
196 #define OID_PKCS_CE_LENGTH OID_EXTENSION_LENGTH + 1
197
198 const CSSM_OID
199 CSSMOID_SubjectDirectoryAttributes = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectDirectoryAttributes},
200 CSSMOID_SubjectKeyIdentifier = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectKeyIdentifier},
201 CSSMOID_KeyUsage = { OID_PKCS_CE_LENGTH, (uint8 *)OID_KeyUsage},
202 CSSMOID_PrivateKeyUsagePeriod = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PrivateKeyUsagePeriod},
203 CSSMOID_SubjectAltName = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectAltName},
204 CSSMOID_IssuerAltName = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuerAltName},
205 CSSMOID_BasicConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_BasicConstraints},
206 CSSMOID_CrlNumber = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlNumber},
207 CSSMOID_CrlReason = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlReason},
208 CSSMOID_HoldInstructionCode = { OID_PKCS_CE_LENGTH, (uint8 *)OID_HoldInstructionCode},
209 CSSMOID_InvalidityDate = { OID_PKCS_CE_LENGTH, (uint8 *)OID_InvalidityDate},
210 CSSMOID_DeltaCrlIndicator = { OID_PKCS_CE_LENGTH, (uint8 *)OID_DeltaCrlIndicator},
211 CSSMOID_IssuingDistributionPoint = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuingDistributionPoint},
212 /* for backwards compatibility... */
213 CSSMOID_IssuingDistributionPoints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuingDistributionPoint},
214 CSSMOID_CertIssuer = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CertIssuer},
215 CSSMOID_NameConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_NameConstraints},
216 CSSMOID_CrlDistributionPoints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlDistributionPoints},
217 CSSMOID_CertificatePolicies = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CertificatePolicies},
218 CSSMOID_PolicyMappings = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PolicyMappings},
219 CSSMOID_PolicyConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PolicyConstraints},
220 CSSMOID_AuthorityKeyIdentifier = { OID_PKCS_CE_LENGTH, (uint8 *)OID_AuthorityKeyIdentifier},
221 CSSMOID_ExtendedKeyUsage = { OID_PKCS_CE_LENGTH, (uint8 *)OID_ExtendedKeyUsage},
222 CSSMOID_ExtendedKeyUsageAny = { OID_PKCS_CE_LENGTH+1, (uint8 *)OID_ExtendedKeyUsageAny},
223 CSSMOID_ServerAuth = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ServerAuth},
224 CSSMOID_ClientAuth = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ClientAuth},
225 CSSMOID_ExtendedUseCodeSigning = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ExtendedUseCodeSigning},
226 CSSMOID_EmailProtection = { OID_KP_LENGTH+1, (uint8 *)OID_KP_EmailProtection},
227 CSSMOID_TimeStamping = { OID_KP_LENGTH+1, (uint8 *)OID_KP_TimeStamping},
228 CSSMOID_OCSPSigning = { OID_KP_LENGTH+1, (uint8 *)OID_KP_OCSPSigning}
229
230 ;
231
232 /*
233 * Netscape extensions.
234 *
235 * netscape-cert-type OBJECT IDENTIFIER ::=
236 * { 2 16 840 1 113730 1 1 }
237 *
238 * BER = 06 08 60 86 48 01 86 F8 42 01 01
239 */
240 static const uint8 OID_NetscapeCertType[] = {NETSCAPE_CERT_EXTEN, 1};
241 const CSSM_OID CSSMOID_NetscapeCertType =
242 {NETSCAPE_CERT_EXTEN_LENGTH + 1, (uint8 *)OID_NetscapeCertType};
243
mirror of Security