+++ /dev/null
-/*
- * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
- *
- * The contents of this file constitute Original Code as defined in and are
- * subject to the Apple Public Source License Version 1.2 (the 'License').
- * You may not use this file except in compliance with the License. Please obtain
- * a copy of the License at http://www.apple.com/publicsource and read it before
- * using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
- * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
- * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
- * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
- * specific language governing rights and limitations under the License.
- */
-
-
-/*
-
- File: oidscert.cpp
-
- Contains: Object Identifiers for X509 Certificate Library
-
- Copyright: (c) 1999 Apple Computer, Inc., all rights reserved.
-
- */
-
-#include <Security/oidscert.h>
-
-/* required until PR-3347430 Security/cdsa/cdsa/oidscert.h is checked
- * into TOT - pending public API review */
-extern "C" {
- extern const CSSM_OID CSSMOID_X509V1IssuerNameStd,
- CSSMOID_X509V1SubjectNameStd;
-}
-
-static const uint8
-
- /* Certificate OID Fields */
- X509V3SignedCertificate[] = {INTEL_X509V3_CERT_R08, 0},
- X509V3SignedCertificateCStruct[] = {INTEL_X509V3_CERT_R08, 0, INTEL_X509_C_DATATYPE},
- X509V3Certificate[] = {INTEL_X509V3_CERT_R08, 1},
- X509V3CertificateCStruct[] = {INTEL_X509V3_CERT_R08, 1, INTEL_X509_C_DATATYPE},
- X509V1Version[] = {INTEL_X509V3_CERT_R08, 2},
- X509V1SerialNumber[] = {INTEL_X509V3_CERT_R08, 3},
- X509V1IssuerName[] = {INTEL_X509V3_CERT_R08, 5},
- X509V1IssuerNameCStruct[] = {INTEL_X509V3_CERT_R08, 5, INTEL_X509_C_DATATYPE},
- X509V1IssuerNameLDAP[] = {INTEL_X509V3_CERT_R08, 5, INTEL_X509_LDAPSTRING_DATATYPE},
- X509V1ValidityNotBefore[] = {INTEL_X509V3_CERT_R08, 6},
- X509V1ValidityNotAfter[] = {INTEL_X509V3_CERT_R08, 7},
- X509V1SubjectName[] = {INTEL_X509V3_CERT_R08, 8},
- X509V1SubjectNameCStruct[] = {INTEL_X509V3_CERT_R08, 8, INTEL_X509_C_DATATYPE},
- X509V1SubjectNameLDAP[] = {INTEL_X509V3_CERT_R08, 8, INTEL_X509_LDAPSTRING_DATATYPE},
- X509V1SubjectPublicKeyAlgorithm[] = {INTEL_X509V3_CERT_R08, 9},
- X509V1SubjectPublicKey[] = {INTEL_X509V3_CERT_R08, 10},
- X509V1CertificateIssuerUniqueId[] = {INTEL_X509V3_CERT_R08, 11},
- X509V1CertificateSubjectUniqueId[] = {INTEL_X509V3_CERT_R08, 12},
- X509V3CertificateExtensionStruct[] = {INTEL_X509V3_CERT_R08, 13},
- X509V3CertificateExtensionCStruct[] = {INTEL_X509V3_CERT_R08, 13, INTEL_X509_C_DATATYPE},
- X509V3CertificateNumberOfExtensions[] = {INTEL_X509V3_CERT_R08, 14},
- X509V3CertificateExtensionId[] = {INTEL_X509V3_CERT_R08, 15},
- X509V3CertificateExtensionCritical[] = {INTEL_X509V3_CERT_R08, 16},
- X509V3CertificateExtensionValue[] = {INTEL_X509V3_CERT_R08, 17},
- X509V1SubjectPublicKeyAlgorithmParameters[] = {INTEL_X509V3_CERT_R08, 18},
- X509V3CertificateExtensionType[] = {INTEL_X509V3_CERT_R08, 19},
- CSSMKeyStruct[] = {INTEL_X509V3_CERT_R08, 20},
- X509V1SubjectPublicKeyCStruct[] = {INTEL_X509V3_CERT_R08, 20, INTEL_X509_C_DATATYPE},
- X509V3CertificateExtensionsStruct[] = {INTEL_X509V3_CERT_R08, 21},
- X509V3CertificateExtensionsCStruct[] = {INTEL_X509V3_CERT_R08, 21, INTEL_X509_C_DATATYPE},
- X509V1SubjectNameStd[] = {INTEL_X509V3_CERT_R08, 22},
- X509V1IssuerNameStd[] = {INTEL_X509V3_CERT_R08, 23},
-
- /* Signature OID Fields */
- X509V1SignatureStruct[] = {INTEL_X509V3_SIGN_R08, 0},
- X509V1SignatureCStruct[] = {INTEL_X509V3_SIGN_R08, 0, INTEL_X509_C_DATATYPE},
- /* for the algorithm ID in the cert proper */
- X509V1SignatureAlgorithm[] = {INTEL_X509V3_SIGN_R08, 1},
- /* for the one in TBSCert */
- X509V1SignatureAlgorithmTBS[] = {INTEL_X509V3_SIGN_R08, 10},
- X509V1SignatureAlgorithmParameters[] = {INTEL_X509V3_SIGN_R08, 3},
- X509V1Signature[] = {INTEL_X509V3_SIGN_R08, 2},
-
- /* Extension OID Fields */
- SubjectSignatureBitmap[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 1},
- SubjectPicture[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 2},
- SubjectEmailAddress[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 3},
- UseExemptions[] = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS, 4};
-
-
-const CSSM_OID
-
- /* Certificate OIDS */
- CSSMOID_X509V3SignedCertificate = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V3SignedCertificate},
- CSSMOID_X509V3SignedCertificateCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
- (uint8 *)X509V3SignedCertificateCStruct},
- CSSMOID_X509V3Certificate = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V3Certificate},
- CSSMOID_X509V3CertificateCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V3CertificateCStruct},
- CSSMOID_X509V1Version = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1Version},
- CSSMOID_X509V1SerialNumber = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SerialNumber},
- CSSMOID_X509V1IssuerName = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1IssuerName},
- CSSMOID_X509V1IssuerNameStd = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1IssuerNameStd},
- CSSMOID_X509V1IssuerNameCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1IssuerNameCStruct},
- CSSMOID_X509V1IssuerNameLDAP = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1IssuerNameLDAP},
- CSSMOID_X509V1ValidityNotBefore = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1ValidityNotBefore},
- CSSMOID_X509V1ValidityNotAfter = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1ValidityNotAfter},
- CSSMOID_X509V1SubjectName = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectName},
- CSSMOID_X509V1SubjectNameStd = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectNameStd},
- CSSMOID_X509V1SubjectNameCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1SubjectNameCStruct},
- CSSMOID_X509V1SubjectNameLDAP = {INTEL_X509V3_CERT_R08_LENGTH+2, (uint8 *)X509V1SubjectNameLDAP},
- CSSMOID_CSSMKeyStruct = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)CSSMKeyStruct},
- CSSMOID_X509V1SubjectPublicKeyCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
- (uint8 *)X509V1SubjectPublicKeyCStruct},
- CSSMOID_X509V1SubjectPublicKeyAlgorithm = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V1SubjectPublicKeyAlgorithm},
- CSSMOID_X509V1SubjectPublicKeyAlgorithmParameters = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V1SubjectPublicKeyAlgorithmParameters},
- CSSMOID_X509V1SubjectPublicKey = {INTEL_X509V3_CERT_R08_LENGTH+1, (uint8 *)X509V1SubjectPublicKey},
- CSSMOID_X509V1CertificateIssuerUniqueId = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V1CertificateIssuerUniqueId},
- CSSMOID_X509V1CertificateSubjectUniqueId = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V1CertificateSubjectUniqueId},
- CSSMOID_X509V3CertificateExtensionsStruct = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionsStruct},
- CSSMOID_X509V3CertificateExtensionsCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
- (uint8 *)X509V3CertificateExtensionsCStruct},
- CSSMOID_X509V3CertificateNumberOfExtensions = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateNumberOfExtensions},
- CSSMOID_X509V3CertificateExtensionStruct = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionStruct},
- CSSMOID_X509V3CertificateExtensionCStruct = {INTEL_X509V3_CERT_R08_LENGTH+2,
- (uint8 *)X509V3CertificateExtensionCStruct},
- CSSMOID_X509V3CertificateExtensionId = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionId},
- CSSMOID_X509V3CertificateExtensionCritical = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionCritical},
- CSSMOID_X509V3CertificateExtensionType = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionType},
- CSSMOID_X509V3CertificateExtensionValue = {INTEL_X509V3_CERT_R08_LENGTH+1,
- (uint8 *)X509V3CertificateExtensionValue},
-
- /* Signature OID Fields */
- CSSMOID_X509V1SignatureStruct = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureStruct},
- CSSMOID_X509V1SignatureCStruct = {INTEL_X509V3_SIGN_R08_LENGTH+2, (uint8 *)X509V1SignatureCStruct},
- CSSMOID_X509V1SignatureAlgorithm = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureAlgorithm},
- CSSMOID_X509V1SignatureAlgorithmTBS = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1SignatureAlgorithmTBS},
- CSSMOID_X509V1SignatureAlgorithmParameters = {INTEL_X509V3_SIGN_R08_LENGTH+1,
- (uint8 *)X509V1SignatureAlgorithmParameters},
- CSSMOID_X509V1Signature = {INTEL_X509V3_SIGN_R08_LENGTH+1, (uint8 *)X509V1Signature},
-
- /* Extension OID Fields */
- CSSMOID_SubjectSignatureBitmap = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectSignatureBitmap},
- CSSMOID_SubjectPicture = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectPicture},
- CSSMOID_SubjectEmailAddress = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)SubjectEmailAddress},
- CSSMOID_UseExemptions = {INTEL_X509V3_CERT_PRIVATE_EXTENSIONS_LENGTH+1, (uint8 *)UseExemptions};
-
-/***
- *** Apple addenda.
- ***/
-
-/*
- * Standard Cert extensions.
- */
-static const uint8
- OID_SubjectDirectoryAttributes[] = { OID_EXTENSION, 9 },
- OID_SubjectKeyIdentifier[] = { OID_EXTENSION, 14 },
- OID_KeyUsage[] = { OID_EXTENSION, 15 },
- OID_PrivateKeyUsagePeriod[] = { OID_EXTENSION, 16 },
- OID_SubjectAltName[] = { OID_EXTENSION, 17 },
- OID_IssuerAltName[] = { OID_EXTENSION, 18 },
- OID_BasicConstraints[] = { OID_EXTENSION, 19 },
- OID_CrlNumber[] = { OID_EXTENSION, 20 },
- OID_CrlReason[] = { OID_EXTENSION, 21 },
- OID_HoldInstructionCode[] = { OID_EXTENSION, 23 },
- OID_InvalidityDate[] = { OID_EXTENSION, 24 },
- OID_DeltaCrlIndicator[] = { OID_EXTENSION, 27 },
- OID_IssuingDistributionPoint[] = { OID_EXTENSION, 28 },
- OID_CertIssuer[] = { OID_EXTENSION, 29 },
- OID_NameConstraints[] = { OID_EXTENSION, 30 },
- OID_CrlDistributionPoints[] = { OID_EXTENSION, 31 },
- OID_CertificatePolicies[] = { OID_EXTENSION, 32 },
- OID_PolicyMappings[] = { OID_EXTENSION, 33 },
- OID_AuthorityKeyIdentifier[] = { OID_EXTENSION, 35 },
- OID_PolicyConstraints[] = { OID_EXTENSION, 36 },
- OID_ExtendedKeyUsage[] = { OID_EXTENSION, 37 },
- /* Individual OIDS appearing in an ExtendedKeyUsage extension */
- OID_ExtendedKeyUsageAny[] = { OID_EXTENSION, 37, 0 },
- OID_KP_ServerAuth[] = { OID_KP, 1 },
- OID_KP_ClientAuth[] = { OID_KP, 2 },
- OID_KP_ExtendedUseCodeSigning[] = { OID_KP, 3 },
- OID_KP_EmailProtection[] = { OID_KP, 4 },
- OID_KP_TimeStamping[] = { OID_KP, 8 },
- OID_KP_OCSPSigning[] = { OID_KP, 9 }
-;
-
-#define OID_PKCS_CE_LENGTH OID_EXTENSION_LENGTH + 1
-
-const CSSM_OID
-CSSMOID_SubjectDirectoryAttributes = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectDirectoryAttributes},
-CSSMOID_SubjectKeyIdentifier = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectKeyIdentifier},
-CSSMOID_KeyUsage = { OID_PKCS_CE_LENGTH, (uint8 *)OID_KeyUsage},
-CSSMOID_PrivateKeyUsagePeriod = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PrivateKeyUsagePeriod},
-CSSMOID_SubjectAltName = { OID_PKCS_CE_LENGTH, (uint8 *)OID_SubjectAltName},
-CSSMOID_IssuerAltName = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuerAltName},
-CSSMOID_BasicConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_BasicConstraints},
-CSSMOID_CrlNumber = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlNumber},
-CSSMOID_CrlReason = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlReason},
-CSSMOID_HoldInstructionCode = { OID_PKCS_CE_LENGTH, (uint8 *)OID_HoldInstructionCode},
-CSSMOID_InvalidityDate = { OID_PKCS_CE_LENGTH, (uint8 *)OID_InvalidityDate},
-CSSMOID_DeltaCrlIndicator = { OID_PKCS_CE_LENGTH, (uint8 *)OID_DeltaCrlIndicator},
-CSSMOID_IssuingDistributionPoint = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuingDistributionPoint},
-/* for backwards compatibility... */
-CSSMOID_IssuingDistributionPoints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_IssuingDistributionPoint},
-CSSMOID_CertIssuer = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CertIssuer},
-CSSMOID_NameConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_NameConstraints},
-CSSMOID_CrlDistributionPoints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CrlDistributionPoints},
-CSSMOID_CertificatePolicies = { OID_PKCS_CE_LENGTH, (uint8 *)OID_CertificatePolicies},
-CSSMOID_PolicyMappings = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PolicyMappings},
-CSSMOID_PolicyConstraints = { OID_PKCS_CE_LENGTH, (uint8 *)OID_PolicyConstraints},
-CSSMOID_AuthorityKeyIdentifier = { OID_PKCS_CE_LENGTH, (uint8 *)OID_AuthorityKeyIdentifier},
-CSSMOID_ExtendedKeyUsage = { OID_PKCS_CE_LENGTH, (uint8 *)OID_ExtendedKeyUsage},
-CSSMOID_ExtendedKeyUsageAny = { OID_PKCS_CE_LENGTH+1, (uint8 *)OID_ExtendedKeyUsageAny},
-CSSMOID_ServerAuth = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ServerAuth},
-CSSMOID_ClientAuth = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ClientAuth},
-CSSMOID_ExtendedUseCodeSigning = { OID_KP_LENGTH+1, (uint8 *)OID_KP_ExtendedUseCodeSigning},
-CSSMOID_EmailProtection = { OID_KP_LENGTH+1, (uint8 *)OID_KP_EmailProtection},
-CSSMOID_TimeStamping = { OID_KP_LENGTH+1, (uint8 *)OID_KP_TimeStamping},
-CSSMOID_OCSPSigning = { OID_KP_LENGTH+1, (uint8 *)OID_KP_OCSPSigning}
-
-;
-
-/*
- * Netscape extensions.
- *
- * netscape-cert-type OBJECT IDENTIFIER ::=
- * { 2 16 840 1 113730 1 1 }
- *
- * BER = 06 08 60 86 48 01 86 F8 42 01 01
- */
-static const uint8 OID_NetscapeCertType[] = {NETSCAPE_CERT_EXTEN, 1};
-const CSSM_OID CSSMOID_NetscapeCertType =
- {NETSCAPE_CERT_EXTEN_LENGTH + 1, (uint8 *)OID_NetscapeCertType};
-
projects / apple / security.git / blobdiff