tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

moreoids.c (6215B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #include "secoid.h"
      6 #include "secmodt.h" /* for CKM_INVALID_MECHANISM */
      7 
      8 #define OI(x)                                  \
      9    {                                          \
     10        siDEROID, (unsigned char *)x, sizeof x \
     11    }
     12 #define OD(oid, tag, desc, mech, ext) \
     13    {                                 \
     14        OI(oid)                       \
     15        , tag, desc, mech, ext        \
     16    }
     17 #define ODN(oid, desc)                                           \
     18    {                                                            \
     19        OI(oid)                                                  \
     20        , 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION \
     21    }
     22 
     23 #define OIDT static const unsigned char
     24 
     25 /* OIW Security Special Interest Group defined algorithms. */
     26 #define OIWSSIG 0x2B, 13, 3, 2
     27 
     28 OIDT oiwMD5RSA[] = { OIWSSIG, 3 };
     29 OIDT oiwDESCBC[] = { OIWSSIG, 7 };
     30 OIDT oiwRSAsig[] = { OIWSSIG, 11 };
     31 OIDT oiwDSA[] = { OIWSSIG, 12 };
     32 OIDT oiwMD5RSAsig[] = { OIWSSIG, 25 };
     33 OIDT oiwSHA1[] = { OIWSSIG, 26 };
     34 OIDT oiwDSASHA1[] = { OIWSSIG, 27 };
     35 OIDT oiwDSASHA1param[] = { OIWSSIG, 28 };
     36 OIDT oiwSHA1RSA[] = { OIWSSIG, 29 };
     37 
     38 /* Microsoft OIDs.  (1 3 6 1 4 1 311 ... )   */
     39 #define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37
     40 
     41 OIDT mCTL[] = { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */
     42 OIDT mTSS[] = { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */
     43 OIDT mSGC[] = { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */
     44 OIDT mEFS[] = { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */
     45 OIDT mSMIME[] = { MICROSOFT, 16, 4 };  /* SMIME encryption key prefs */
     46 
     47 OIDT mECRTT[] = { MICROSOFT, 20, 2 };    /* Enrollment cert type xtn */
     48 OIDT mEAGNT[] = { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent         */
     49 OIDT mKPSCL[] = { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon       */
     50 OIDT mNTPN[] = { MICROSOFT, 20, 2, 3 };  /* NT Principal Name        */
     51 OIDT mCASRV[] = { MICROSOFT, 21, 1 };    /* CertServ CA version      */
     52 
     53 /* AOL OIDs     (1 3 6 1 4 1 1066 ... )   */
     54 #define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A
     55 
     56 /* PKIX IDs     (1 3 6 1 5 5 7 ...)  */
     57 #define ID_PKIX 0x2B, 6, 1, 5, 5, 7
     58 /* PKIX Access Descriptors (methods for Authority Info Access Extns) */
     59 #define ID_AD ID_PKIX, 48
     60 
     61 OIDT padOCSP[] = { ID_AD, 1 };      /* OCSP method */
     62 OIDT padCAissuer[] = { ID_AD, 2 };  /* URI (for CRL ?) */
     63 OIDT padTimeStamp[] = { ID_AD, 3 }; /* time stamping */
     64 
     65 /* ISO Cert Extension type OIDs (id-ce)  (2 5 29 ...) */
     66 #define X500 0x55
     67 #define X520_ATTRIBUTE_TYPE X500, 0x04
     68 #define X500_ALG X500, 0x08
     69 #define X500_ALG_ENCRYPTION X500_ALG, 0x01
     70 #define ID_CE X500, 29
     71 
     72 OIDT cePlcyObs[] = { ID_CE, 3 };  /* Cert policies, obsolete. */
     73 OIDT cePlcyCns[] = { ID_CE, 36 }; /* Cert policy constraints. */
     74 
     75 /* US Company arc (2 16 840 1 ...) */
     76 #define USCOM 0x60, 0x86, 0x48, 0x01
     77 #define USGOV USCOM, 0x65
     78 #define USDOD USGOV, 2
     79 #define ID_INFOSEC USDOD, 1
     80 
     81 /* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */
     82 #define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1
     83 #define VERISIGN_XTN VERISIGN_PKI, 6
     84 #define VERISIGN_POL VERISIGN_PKI, 7   /* Cert policies */
     85 #define VERISIGN_TNET VERISIGN_POL, 23 /* Verisign Trust Network */
     86 
     87 OIDT vcx7[] = { VERISIGN_XTN, 7 };  /* Cert Extension 7 (?) */
     88 OIDT vcp1[] = { VERISIGN_TNET, 1 }; /* class 1 cert policy */
     89 OIDT vcp2[] = { VERISIGN_TNET, 2 }; /* class 2 cert policy */
     90 OIDT vcp3[] = { VERISIGN_TNET, 3 }; /* class 3 cert policy */
     91 OIDT vcp4[] = { VERISIGN_TNET, 4 }; /* class 4 cert policy */
     92 
     93 /* ------------------------------------------------------------------- */
     94 static const SECOidData oids[] = {
     95    /* OIW Security Special Interest Group OIDs */
     96    ODN(oiwMD5RSA, "OIWSecSIG MD5 with RSA"),
     97    ODN(oiwDESCBC, "OIWSecSIG DES CBC"),
     98    ODN(oiwRSAsig, "OIWSecSIG RSA signature"),
     99    ODN(oiwDSA, "OIWSecSIG DSA"),
    100    ODN(oiwMD5RSAsig, "OIWSecSIG MD5 with RSA signature"),
    101    ODN(oiwSHA1, "OIWSecSIG SHA1"),
    102    ODN(oiwDSASHA1, "OIWSecSIG DSA with SHA1"),
    103    ODN(oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),
    104    ODN(oiwSHA1RSA, "OIWSecSIG MD5 with RSA"),
    105 
    106    /* Microsoft OIDs */
    107    ODN(mCTL, "Microsoft Cert Trust List signing"),
    108    ODN(mTSS, "Microsoft Time Stamp signing"),
    109    ODN(mSGC, "Microsoft SGC SSL server"),
    110    ODN(mEFS, "Microsoft Encrypted File System"),
    111    ODN(mSMIME, "Microsoft SMIME preferences"),
    112    ODN(mECRTT, "Microsoft Enrollment Cert Type Extension"),
    113    ODN(mEAGNT, "Microsoft Enrollment Agent"),
    114    ODN(mKPSCL, "Microsoft KP SmartCard Logon"),
    115    ODN(mNTPN, "Microsoft NT Principal Name"),
    116    ODN(mCASRV, "Microsoft CertServ CA version"),
    117 
    118    /* PKIX OIDs */
    119    ODN(padOCSP, "PKIX OCSP method"),
    120    ODN(padCAissuer, "PKIX CA Issuer method"),
    121    ODN(padTimeStamp, "PKIX Time Stamping method"),
    122 
    123    /* ID_CE OIDs. */
    124    ODN(cePlcyObs, "Certificate Policies (Obsolete)"),
    125    ODN(cePlcyCns, "Certificate Policy Constraints"),
    126 
    127    /* Verisign OIDs. */
    128    ODN(vcx7, "Verisign Cert Extension 7 (?)"),
    129    ODN(vcp1, "Verisign Class 1 Certificate Policy"),
    130    ODN(vcp2, "Verisign Class 2 Certificate Policy"),
    131    ODN(vcp3, "Verisign Class 3 Certificate Policy"),
    132    ODN(vcp4, "Verisign Class 4 Certificate Policy"),
    133 
    134 };
    135 
    136 static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);
    137 
    138 /* Fetch and register an oid if it hasn't been done already */
    139 void
    140 SECU_cert_fetchOID(SECOidTag *data, const SECOidData *src)
    141 {
    142    if (*data == SEC_OID_UNKNOWN) {
    143        /* AddEntry does the right thing if someone else has already
    144         * added the oid. (that is return that oid tag) */
    145        *data = SECOID_AddEntry(src);
    146    }
    147 }
    148 
    149 SECStatus
    150 SECU_RegisterDynamicOids(void)
    151 {
    152    unsigned int i;
    153    SECStatus rv = SECSuccess;
    154 
    155    for (i = 0; i < numOids; ++i) {
    156        SECOidTag tag = SECOID_AddEntry(&oids[i]);
    157        if (tag == SEC_OID_UNKNOWN) {
    158            rv = SECFailure;
    159 #ifdef DEBUG_DYN_OIDS
    160            fprintf(stderr, "Add OID[%d] failed\n", i);
    161        } else {
    162            fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);
    163 #endif
    164        }
    165    }
    166    return rv;
    167 }