PolarSSL v1.3.9
oid.c
Go to the documentation of this file.
1
28#if !defined(POLARSSL_CONFIG_FILE)
29#include "polarssl/config.h"
30#else
31#include POLARSSL_CONFIG_FILE
32#endif
33
34#if defined(POLARSSL_OID_C)
35
36#include "polarssl/oid.h"
37#include "polarssl/rsa.h"
38
39#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
40#include "polarssl/x509.h"
41#endif
42
43#include <stdio.h>
44
45/*
46 * Macro to automatically add the size of #define'd OIDs
47 */
48#define ADD_LEN(s) s, OID_SIZE(s)
49
50/*
51 * Macro to generate an internal function for oid_XXX_from_asn1() (used by
52 * the other functions)
53 */
54#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
55static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
56{ \
57 const TYPE_T *p = LIST; \
58 const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \
59 if( p == NULL || oid == NULL ) return( NULL ); \
60 while( cur->asn1 != NULL ) { \
61 if( cur->asn1_len == oid->len && \
62 memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
63 return( p ); \
64 } \
65 p++; \
66 cur = (const oid_descriptor_t *) p; \
67 } \
68 return( NULL ); \
69}
70
71/*
72 * Macro to generate a function for retrieving a single attribute from the
73 * descriptor of an oid_descriptor_t wrapper.
74 */
75#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
76int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
77{ \
78 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
79 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
80 *ATTR1 = data->descriptor.ATTR1; \
81 return( 0 ); \
82}
83
84/*
85 * Macro to generate a function for retrieving a single attribute from an
86 * oid_descriptor_t wrapper.
87 */
88#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
89int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
90{ \
91 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
92 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
93 *ATTR1 = data->ATTR1; \
94 return( 0 ); \
95}
96
97/*
98 * Macro to generate a function for retrieving two attributes from an
99 * oid_descriptor_t wrapper.
100 */
101#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
102 ATTR2_TYPE, ATTR2) \
103int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
104{ \
105 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
106 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
107 *ATTR1 = data->ATTR1; \
108 *ATTR2 = data->ATTR2; \
109 return( 0 ); \
110}
111
112/*
113 * Macro to generate a function for retrieving the OID based on a single
114 * attribute from a oid_descriptor_t wrapper.
115 */
116#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
117int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
118{ \
119 const TYPE_T *cur = LIST; \
120 while( cur->descriptor.asn1 != NULL ) { \
121 if( cur->ATTR1 == ATTR1 ) { \
122 *oid = cur->descriptor.asn1; \
123 *olen = cur->descriptor.asn1_len; \
124 return( 0 ); \
125 } \
126 cur++; \
127 } \
128 return( POLARSSL_ERR_OID_NOT_FOUND ); \
129}
130
131/*
132 * Macro to generate a function for retrieving the OID based on two
133 * attributes from a oid_descriptor_t wrapper.
134 */
135#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
136 ATTR2_TYPE, ATTR2) \
137int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
138 size_t *olen ) \
139{ \
140 const TYPE_T *cur = LIST; \
141 while( cur->descriptor.asn1 != NULL ) { \
142 if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
143 *oid = cur->descriptor.asn1; \
144 *olen = cur->descriptor.asn1_len; \
145 return( 0 ); \
146 } \
147 cur++; \
148 } \
149 return( POLARSSL_ERR_OID_NOT_FOUND ); \
150}
151
152/*
153 * For X520 attribute types
154 */
155typedef struct {
156 oid_descriptor_t descriptor;
157 const char *short_name;
158} oid_x520_attr_t;
159
160static const oid_x520_attr_t oid_x520_attr_type[] =
161{
162 {
163 { ADD_LEN( OID_AT_CN ), "id-at-commonName", "Common Name" },
164 "CN",
165 },
166 {
167 { ADD_LEN( OID_AT_COUNTRY ), "id-at-countryName", "Country" },
168 "C",
169 },
170 {
171 { ADD_LEN( OID_AT_LOCALITY ), "id-at-locality", "Locality" },
172 "L",
173 },
174 {
175 { ADD_LEN( OID_AT_STATE ), "id-at-state", "State" },
176 "ST",
177 },
178 {
179 { ADD_LEN( OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" },
180 "O",
181 },
182 {
183 { ADD_LEN( OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" },
184 "OU",
185 },
186 {
187 { ADD_LEN( OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" },
188 "emailAddress",
189 },
190 {
191 { ADD_LEN( OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" },
192 "serialNumber",
193 },
194 {
195 { ADD_LEN( OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" },
196 "postalAddress",
197 },
198 {
199 { ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
200 "postalCode",
201 },
202 {
203 { ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
204 "SN",
205 },
206 {
207 { ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
208 "GN",
209 },
210 {
211 { ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" },
212 "initials",
213 },
214 {
215 { ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
216 "generationQualifier",
217 },
218 {
219 { ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" },
220 "title",
221 },
222 {
223 { ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
224 "dnQualifier",
225 },
226 {
227 { ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
228 "pseudonym",
229 },
230 {
231 { ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
232 "DC",
233 },
234 {
235 { NULL, 0, NULL, NULL },
236 NULL,
237 }
238};
239
240FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type);
241FN_OID_GET_ATTR1(oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name);
242
243#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
244/*
245 * For X509 extensions
246 */
247typedef struct {
248 oid_descriptor_t descriptor;
249 int ext_type;
250} oid_x509_ext_t;
251
252static const oid_x509_ext_t oid_x509_ext[] =
253{
254 {
255 { ADD_LEN( OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
256 EXT_BASIC_CONSTRAINTS,
257 },
258 {
259 { ADD_LEN( OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
260 EXT_KEY_USAGE,
261 },
262 {
263 { ADD_LEN( OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" },
264 EXT_EXTENDED_KEY_USAGE,
265 },
266 {
267 { ADD_LEN( OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
268 EXT_SUBJECT_ALT_NAME,
269 },
270 {
271 { ADD_LEN( OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
272 EXT_NS_CERT_TYPE,
273 },
274 {
275 { NULL, 0, NULL, NULL },
276 0,
277 },
278};
279
280FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext);
281FN_OID_GET_ATTR1(oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type);
282
283static const oid_descriptor_t oid_ext_key_usage[] =
284{
285 { ADD_LEN( OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
286 { ADD_LEN( OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
287 { ADD_LEN( OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
288 { ADD_LEN( OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
289 { ADD_LEN( OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
290 { ADD_LEN( OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
291 { NULL, 0, NULL, NULL },
292};
293
294FN_OID_TYPED_FROM_ASN1(oid_descriptor_t, ext_key_usage, oid_ext_key_usage);
295FN_OID_GET_ATTR1(oid_get_extended_key_usage, oid_descriptor_t, ext_key_usage, const char *, description);
296#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
297
298#if defined(POLARSSL_MD_C)
299/*
300 * For SignatureAlgorithmIdentifier
301 */
302typedef struct {
303 oid_descriptor_t descriptor;
304 md_type_t md_alg;
305 pk_type_t pk_alg;
306} oid_sig_alg_t;
307
308static const oid_sig_alg_t oid_sig_alg[] =
309{
310 {
311 { ADD_LEN( OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" },
312 POLARSSL_MD_MD2, POLARSSL_PK_RSA,
313 },
314 {
315 { ADD_LEN( OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" },
316 POLARSSL_MD_MD4, POLARSSL_PK_RSA,
317 },
318 {
319 { ADD_LEN( OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" },
320 POLARSSL_MD_MD5, POLARSSL_PK_RSA,
321 },
322 {
323 { ADD_LEN( OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" },
324 POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
325 },
326 {
327 { ADD_LEN( OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" },
328 POLARSSL_MD_SHA224, POLARSSL_PK_RSA,
329 },
330 {
331 { ADD_LEN( OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" },
332 POLARSSL_MD_SHA256, POLARSSL_PK_RSA,
333 },
334 {
335 { ADD_LEN( OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" },
336 POLARSSL_MD_SHA384, POLARSSL_PK_RSA,
337 },
338 {
339 { ADD_LEN( OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" },
340 POLARSSL_MD_SHA512, POLARSSL_PK_RSA,
341 },
342 {
343 { ADD_LEN( OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" },
344 POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
345 },
346 {
347 { ADD_LEN( OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" },
348 POLARSSL_MD_SHA1, POLARSSL_PK_ECDSA,
349 },
350 {
351 { ADD_LEN( OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" },
352 POLARSSL_MD_SHA224, POLARSSL_PK_ECDSA,
353 },
354 {
355 { ADD_LEN( OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" },
356 POLARSSL_MD_SHA256, POLARSSL_PK_ECDSA,
357 },
358 {
359 { ADD_LEN( OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" },
360 POLARSSL_MD_SHA384, POLARSSL_PK_ECDSA,
361 },
362 {
363 { ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" },
364 POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA,
365 },
366 {
367 { ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" },
368 POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS,
369 },
370 {
371 { NULL, 0, NULL, NULL },
372 0, 0,
373 },
374};
375
376FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg);
377FN_OID_GET_DESCRIPTOR_ATTR1(oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description);
378FN_OID_GET_ATTR2(oid_get_sig_alg, oid_sig_alg_t, sig_alg, md_type_t, md_alg, pk_type_t, pk_alg);
379FN_OID_GET_OID_BY_ATTR2(oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, pk_type_t, pk_alg, md_type_t, md_alg);
380#endif /* POLARSSL_MD_C */
381
382/*
383 * For PublicKeyInfo (PKCS1, RFC 5480)
384 */
385typedef struct {
386 oid_descriptor_t descriptor;
387 pk_type_t pk_alg;
388} oid_pk_alg_t;
389
390static const oid_pk_alg_t oid_pk_alg[] =
391{
392 {
393 { ADD_LEN( OID_PKCS1_RSA ), "rsaEncryption", "RSA" },
394 POLARSSL_PK_RSA,
395 },
396 {
397 { ADD_LEN( OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" },
398 POLARSSL_PK_ECKEY,
399 },
400 {
401 { ADD_LEN( OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" },
402 POLARSSL_PK_ECKEY_DH,
403 },
404 {
405 { NULL, 0, NULL, NULL },
406 0,
407 },
408};
409
410FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg);
411FN_OID_GET_ATTR1(oid_get_pk_alg, oid_pk_alg_t, pk_alg, pk_type_t, pk_alg);
412FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, pk_type_t, pk_alg);
413
414#if defined(POLARSSL_ECP_C)
415/*
416 * For namedCurve (RFC 5480)
417 */
418typedef struct {
419 oid_descriptor_t descriptor;
420 ecp_group_id grp_id;
421} oid_ecp_grp_t;
422
423static const oid_ecp_grp_t oid_ecp_grp[] =
424{
425 {
426 { ADD_LEN( OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" },
427 POLARSSL_ECP_DP_SECP192R1,
428 },
429 {
430 { ADD_LEN( OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" },
431 POLARSSL_ECP_DP_SECP224R1,
432 },
433 {
434 { ADD_LEN( OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" },
435 POLARSSL_ECP_DP_SECP256R1,
436 },
437 {
438 { ADD_LEN( OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" },
439 POLARSSL_ECP_DP_SECP384R1,
440 },
441 {
442 { ADD_LEN( OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" },
443 POLARSSL_ECP_DP_SECP521R1,
444 },
445 {
446 { ADD_LEN( OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" },
447 POLARSSL_ECP_DP_SECP192K1,
448 },
449 {
450 { ADD_LEN( OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" },
451 POLARSSL_ECP_DP_SECP224K1,
452 },
453 {
454 { ADD_LEN( OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" },
455 POLARSSL_ECP_DP_SECP256K1,
456 },
457 {
458 { ADD_LEN( OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
459 POLARSSL_ECP_DP_BP256R1,
460 },
461 {
462 { ADD_LEN( OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
463 POLARSSL_ECP_DP_BP384R1,
464 },
465 {
466 { ADD_LEN( OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
467 POLARSSL_ECP_DP_BP512R1,
468 },
469 {
470 { NULL, 0, NULL, NULL },
471 0,
472 },
473};
474
475FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp);
476FN_OID_GET_ATTR1(oid_get_ec_grp, oid_ecp_grp_t, grp_id, ecp_group_id, grp_id);
477FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, ecp_group_id, grp_id);
478#endif /* POLARSSL_ECP_C */
479
480#if defined(POLARSSL_CIPHER_C)
481/*
482 * For PKCS#5 PBES2 encryption algorithm
483 */
484typedef struct {
485 oid_descriptor_t descriptor;
486 cipher_type_t cipher_alg;
487} oid_cipher_alg_t;
488
489static const oid_cipher_alg_t oid_cipher_alg[] =
490{
491 {
492 { ADD_LEN( OID_DES_CBC ), "desCBC", "DES-CBC" },
493 POLARSSL_CIPHER_DES_CBC,
494 },
495 {
496 { ADD_LEN( OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" },
497 POLARSSL_CIPHER_DES_EDE3_CBC,
498 },
499 {
500 { NULL, 0, NULL, NULL },
501 0,
502 },
503};
504
505FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg);
506FN_OID_GET_ATTR1(oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, cipher_type_t, cipher_alg);
507#endif /* POLARSSL_CIPHER_C */
508
509#if defined(POLARSSL_MD_C)
510/*
511 * For digestAlgorithm
512 */
513typedef struct {
514 oid_descriptor_t descriptor;
515 md_type_t md_alg;
516} oid_md_alg_t;
517
518static const oid_md_alg_t oid_md_alg[] =
519{
520 {
521 { ADD_LEN( OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" },
522 POLARSSL_MD_MD2,
523 },
524 {
525 { ADD_LEN( OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" },
526 POLARSSL_MD_MD4,
527 },
528 {
529 { ADD_LEN( OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" },
530 POLARSSL_MD_MD5,
531 },
532 {
533 { ADD_LEN( OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" },
534 POLARSSL_MD_SHA1,
535 },
536 {
537 { ADD_LEN( OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" },
538 POLARSSL_MD_SHA224,
539 },
540 {
541 { ADD_LEN( OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" },
542 POLARSSL_MD_SHA256,
543 },
544 {
545 { ADD_LEN( OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" },
546 POLARSSL_MD_SHA384,
547 },
548 {
549 { ADD_LEN( OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" },
550 POLARSSL_MD_SHA512,
551 },
552 {
553 { NULL, 0, NULL, NULL },
554 0,
555 },
556};
557
558FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg);
559FN_OID_GET_ATTR1(oid_get_md_alg, oid_md_alg_t, md_alg, md_type_t, md_alg);
560FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, md_type_t, md_alg);
561#endif /* POLARSSL_MD_C */
562
563#if defined(POLARSSL_PKCS12_C)
564/*
565 * For PKCS#12 PBEs
566 */
567typedef struct {
568 oid_descriptor_t descriptor;
569 md_type_t md_alg;
570 cipher_type_t cipher_alg;
571} oid_pkcs12_pbe_alg_t;
572
573static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
574{
575 {
576 { ADD_LEN( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
577 POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE3_CBC,
578 },
579 {
580 { ADD_LEN( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
581 POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE_CBC,
582 },
583 {
584 { NULL, 0, NULL, NULL },
585 0, 0,
586 },
587};
588
589FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg);
590FN_OID_GET_ATTR2(oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, md_type_t, md_alg, cipher_type_t, cipher_alg);
591#endif /* POLARSSL_PKCS12_C */
592
593#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
594 !defined(EFI32)
595#include <stdarg.h>
596
597#if !defined vsnprintf
598#define vsnprintf _vsnprintf
599#endif // vsnprintf
600
601/*
602 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
603 * Result value is not size of buffer needed, but -1 if no fit is possible.
604 *
605 * This fuction tries to 'fix' this by at least suggesting enlarging the
606 * size by 20.
607 */
608static int compat_snprintf( char *str, size_t size, const char *format, ... )
609{
610 va_list ap;
611 int res = -1;
612
613 va_start( ap, format );
614
615 res = vsnprintf( str, size, format, ap );
616
617 va_end( ap );
618
619 // No quick fix possible
620 if( res < 0 )
621 return( (int) size + 20 );
622
623 return( res );
624}
625
626#define snprintf compat_snprintf
627#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
628
629#define SAFE_SNPRINTF() \
630{ \
631 if( ret == -1 ) \
632 return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
633 \
634 if( (unsigned int) ret >= n ) { \
635 p[n - 1] = '\0'; \
636 return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
637 } \
638 \
639 n -= (unsigned int) ret; \
640 p += (unsigned int) ret; \
641}
642
643/* Return the x.y.z.... style numeric string for the given OID */
644int oid_get_numeric_string( char *buf, size_t size,
645 const asn1_buf *oid )
646{
647 int ret;
648 size_t i, n;
649 unsigned int value;
650 char *p;
651
652 p = buf;
653 n = size;
654
655 /* First byte contains first two dots */
656 if( oid->len > 0 )
657 {
658 ret = snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
659 SAFE_SNPRINTF();
660 }
661
662 value = 0;
663 for( i = 1; i < oid->len; i++ )
664 {
665 /* Prevent overflow in value. */
666 if( ( ( value << 7 ) >> 7 ) != value )
667 return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
668
669 value <<= 7;
670 value += oid->p[i] & 0x7F;
671
672 if( !( oid->p[i] & 0x80 ) )
673 {
674 /* Last byte */
675 ret = snprintf( p, n, ".%d", value );
676 SAFE_SNPRINTF();
677 value = 0;
678 }
679 }
680
681 return( (int) ( size - n ) );
682}
683
684#endif /* POLARSSL_OID_C */
cipher_type_t
cipher_type_t
Definition cipher.h:82
POLARSSL_CIPHER_DES_EDE_CBC
@ POLARSSL_CIPHER_DES_EDE_CBC
Definition cipher.h:118
POLARSSL_CIPHER_DES_EDE3_CBC
@ POLARSSL_CIPHER_DES_EDE3_CBC
Definition cipher.h:120
POLARSSL_CIPHER_DES_CBC
@ POLARSSL_CIPHER_DES_CBC
Definition cipher.h:116
config.h
Configuration options (set of defines)
ecp_group_id
ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
Definition ecp.h:58
POLARSSL_ECP_DP_SECP192K1
@ POLARSSL_ECP_DP_SECP192K1
Definition ecp.h:72
POLARSSL_ECP_DP_SECP521R1
@ POLARSSL_ECP_DP_SECP521R1
Definition ecp.h:64
POLARSSL_ECP_DP_SECP256R1
@ POLARSSL_ECP_DP_SECP256R1
Definition ecp.h:62
POLARSSL_ECP_DP_BP384R1
@ POLARSSL_ECP_DP_BP384R1
Definition ecp.h:66
POLARSSL_ECP_DP_SECP224K1
@ POLARSSL_ECP_DP_SECP224K1
Definition ecp.h:73
POLARSSL_ECP_DP_SECP384R1
@ POLARSSL_ECP_DP_SECP384R1
Definition ecp.h:63
POLARSSL_ECP_DP_SECP256K1
@ POLARSSL_ECP_DP_SECP256K1
Definition ecp.h:74
POLARSSL_ECP_DP_SECP224R1
@ POLARSSL_ECP_DP_SECP224R1
Definition ecp.h:61
POLARSSL_ECP_DP_SECP192R1
@ POLARSSL_ECP_DP_SECP192R1
Definition ecp.h:60
POLARSSL_ECP_DP_BP256R1
@ POLARSSL_ECP_DP_BP256R1
Definition ecp.h:65
POLARSSL_ECP_DP_BP512R1
@ POLARSSL_ECP_DP_BP512R1
Definition ecp.h:67
_asn1_buf::len
size_t len
ASN1 length, e.g.
Definition asn1.h:127
_asn1_buf::p
unsigned char * p
ASN1 data, e.g.
Definition asn1.h:128
EXT_BASIC_CONSTRAINTS
#define EXT_BASIC_CONSTRAINTS
Definition x509.h:129
EXT_EXTENDED_KEY_USAGE
#define EXT_EXTENDED_KEY_USAGE
Definition x509.h:132
EXT_SUBJECT_ALT_NAME
#define EXT_SUBJECT_ALT_NAME
Definition x509.h:126
EXT_NS_CERT_TYPE
#define EXT_NS_CERT_TYPE
Definition x509.h:137
EXT_KEY_USAGE
#define EXT_KEY_USAGE
Definition x509.h:123
md_type_t
md_type_t
Definition md.h:51
POLARSSL_MD_MD5
@ POLARSSL_MD_MD5
Definition md.h:55
POLARSSL_MD_NONE
@ POLARSSL_MD_NONE
Definition md.h:52
POLARSSL_MD_SHA224
@ POLARSSL_MD_SHA224
Definition md.h:57
POLARSSL_MD_SHA1
@ POLARSSL_MD_SHA1
Definition md.h:56
POLARSSL_MD_SHA384
@ POLARSSL_MD_SHA384
Definition md.h:59
POLARSSL_MD_MD2
@ POLARSSL_MD_MD2
Definition md.h:53
POLARSSL_MD_MD4
@ POLARSSL_MD_MD4
Definition md.h:54
POLARSSL_MD_SHA512
@ POLARSSL_MD_SHA512
Definition md.h:60
POLARSSL_MD_SHA256
@ POLARSSL_MD_SHA256
Definition md.h:58
oid.h
Object Identifier (OID) database.
OID_AT_SERIAL_NUMBER
#define OID_AT_SERIAL_NUMBER
id-at-serialNumber AttributeType:= {id-at 5}
Definition oid.h:113
OID_DIGEST_ALG_MD2
#define OID_DIGEST_ALG_MD2
id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 }
Definition oid.h:217
OID_AT_SUR_NAME
#define OID_AT_SUR_NAME
id-at-surName AttributeType:= {id-at 4}
Definition oid.h:112
oid_get_numeric_string
int oid_get_numeric_string(char *buf, size_t size, const asn1_buf *oid)
Translate an ASN.1 OID into its numeric representation (e.g.
oid_get_oid_by_md
int oid_get_oid_by_md(md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type into hash algorithm OID.
OID_ECDSA_SHA1
#define OID_ECDSA_SHA1
Definition oid.h:353
OID_EC_GRP_SECP192R1
#define OID_EC_GRP_SECP192R1
Definition oid.h:289
OID_EC_GRP_SECP521R1
#define OID_EC_GRP_SECP521R1
Definition oid.h:305
OID_DES_EDE3_CBC
#define OID_DES_EDE3_CBC
des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) – us(840) rsadsi(113549) encryptionAlgorit...
Definition oid.h:234
OID_AT_GENERATION_QUALIFIER
#define OID_AT_GENERATION_QUALIFIER
id-at-generationQualifier AttributeType:= {id-at 44}
Definition oid.h:124
oid_get_ec_grp
int oid_get_ec_grp(const asn1_buf *oid, ecp_group_id *grp_id)
Translate NamedCurve OID into an EC group identifier.
OID_DIGEST_ALG_SHA224
#define OID_DIGEST_ALG_SHA224
id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
Definition oid.h:221
OID_DIGEST_ALG_SHA512
#define OID_DIGEST_ALG_SHA512
id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
Definition oid.h:226
OID_PKCS1_MD5
#define OID_PKCS1_MD5
md5WithRSAEncryption ::= { pkcs-1 4 }
Definition oid.h:199
OID_AT_PSEUDONYM
#define OID_AT_PSEUDONYM
id-at-pseudonym AttributeType:= {id-at 65}
Definition oid.h:126
OID_EC_GRP_SECP256K1
#define OID_EC_GRP_SECP256K1
Definition oid.h:317
OID_DES_CBC
#define OID_DES_CBC
desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 }
Definition oid.h:233
OID_EC_ALG_ECDH
#define OID_EC_ALG_ECDH
Definition oid.h:281
OID_PKCS1_MD4
#define OID_PKCS1_MD4
md4WithRSAEncryption ::= { pkcs-1 3 }
Definition oid.h:198
OID_TIME_STAMPING
#define OID_TIME_STAMPING
id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
Definition oid.h:180
OID_AT_TITLE
#define OID_AT_TITLE
id-at-title AttributeType:= {id-at 12}
Definition oid.h:119
OID_DIGEST_ALG_SHA384
#define OID_DIGEST_ALG_SHA384
id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
Definition oid.h:224
OID_ECDSA_SHA256
#define OID_ECDSA_SHA256
Definition oid.h:363
OID_AT_COUNTRY
#define OID_AT_COUNTRY
id-at-countryName AttributeType:= {id-at 6}
Definition oid.h:114
oid_get_sig_alg_desc
int oid_get_sig_alg_desc(const asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
oid_get_oid_by_ec_grp
int oid_get_oid_by_ec_grp(ecp_group_id grp_id, const char **oid, size_t *olen)
Translate EC group identifier into NamedCurve OID.
oid_get_pk_alg
int oid_get_pk_alg(const asn1_buf *oid, pk_type_t *pk_alg)
Translate PublicKeyAlgorithm OID into pk_type.
OID_RSASSA_PSS
#define OID_RSASSA_PSS
id-RSASSA-PSS ::= { pkcs-1 10 }
Definition oid.h:211
OID_PKCS1_SHA256
#define OID_PKCS1_SHA256
sha256WithRSAEncryption ::= { pkcs-1 11 }
Definition oid.h:202
OID_AT_CN
#define OID_AT_CN
id-at-commonName AttributeType:= {id-at 3}
Definition oid.h:111
OID_ECDSA_SHA512
#define OID_ECDSA_SHA512
Definition oid.h:373
OID_PKCS1_SHA224
#define OID_PKCS1_SHA224
sha224WithRSAEncryption ::= { pkcs-1 14 }
Definition oid.h:201
OID_EC_ALG_UNRESTRICTED
#define OID_EC_ALG_UNRESTRICTED
Definition oid.h:276
oid_get_sig_alg
int oid_get_sig_alg(const asn1_buf *oid, md_type_t *md_alg, pk_type_t *pk_alg)
Translate SignatureAlgorithm OID into md_type and pk_type.
OID_AT_ORG_UNIT
#define OID_AT_ORG_UNIT
id-at-organizationalUnitName AttributeType:= {id-at 11}
Definition oid.h:118
OID_DIGEST_ALG_MD4
#define OID_DIGEST_ALG_MD4
id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 }
Definition oid.h:218
OID_EC_GRP_BP256R1
#define OID_EC_GRP_BP256R1
Definition oid.h:328
OID_AT_POSTAL_CODE
#define OID_AT_POSTAL_CODE
id-at-postalCode AttributeType:= {id-at 17}
Definition oid.h:121
OID_AT_STATE
#define OID_AT_STATE
id-at-state AttributeType:= {id-at 8}
Definition oid.h:116
OID_AT_GIVEN_NAME
#define OID_AT_GIVEN_NAME
id-at-givenName AttributeType:= {id-at 42}
Definition oid.h:122
OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
Definition oid.h:266
OID_DOMAIN_COMPONENT
#define OID_DOMAIN_COMPONENT
Definition oid.h:128
OID_RSA_SHA_OBS
#define OID_RSA_SHA_OBS
Definition oid.h:206
oid_get_oid_by_pk_alg
int oid_get_oid_by_pk_alg(pk_type_t pk_alg, const char **oid, size_t *olen)
Translate pk_type into PublicKeyAlgorithm OID.
OID_EMAIL_PROTECTION
#define OID_EMAIL_PROTECTION
id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
Definition oid.h:179
OID_DIGEST_ALG_MD5
#define OID_DIGEST_ALG_MD5
id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 }
Definition oid.h:219
OID_ECDSA_SHA224
#define OID_ECDSA_SHA224
Definition oid.h:358
OID_EC_GRP_SECP256R1
#define OID_EC_GRP_SECP256R1
Definition oid.h:297
OID_PKCS1_MD2
#define OID_PKCS1_MD2
md2WithRSAEncryption ::= { pkcs-1 2 }
Definition oid.h:197
OID_PKCS1_RSA
#define OID_PKCS1_RSA
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
Definition oid.h:196
OID_AT_LOCALITY
#define OID_AT_LOCALITY
id-at-locality AttributeType:= {id-at 7}
Definition oid.h:115
oid_get_cipher_alg
int oid_get_cipher_alg(const asn1_buf *oid, cipher_type_t *cipher_alg)
Translate encryption algorithm OID into cipher_type.
OID_NS_CERT_TYPE
#define OID_NS_CERT_TYPE
Definition oid.h:153
oid_get_oid_by_sig_alg
int oid_get_oid_by_sig_alg(pk_type_t pk_alg, md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type and pk_type into SignatureAlgorithm OID.
oid_get_pkcs12_pbe_alg
int oid_get_pkcs12_pbe_alg(const asn1_buf *oid, md_type_t *md_alg, cipher_type_t *cipher_alg)
Translate PKCS#12 PBE algorithm OID into md_type and cipher_type.
OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
Definition oid.h:265
OID_EC_GRP_SECP224K1
#define OID_EC_GRP_SECP224K1
Definition oid.h:313
oid_get_attr_short_name
int oid_get_attr_short_name(const asn1_buf *oid, const char **short_name)
Translate an X.509 attribute type OID into the short name (e.g.
OID_PKCS1_SHA512
#define OID_PKCS1_SHA512
sha512WithRSAEncryption ::= { pkcs-1 13 }
Definition oid.h:204
OID_DIGEST_ALG_SHA1
#define OID_DIGEST_ALG_SHA1
id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 ...
Definition oid.h:220
OID_EC_GRP_SECP192K1
#define OID_EC_GRP_SECP192K1
Definition oid.h:309
OID_AT_INITIALS
#define OID_AT_INITIALS
id-at-initials AttributeType:= {id-at 43}
Definition oid.h:123
OID_AT_DN_QUALIFIER
#define OID_AT_DN_QUALIFIER
id-at-dnQualifier AttributeType:= {id-at 46}
Definition oid.h:125
OID_KEY_USAGE
#define OID_KEY_USAGE
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
Definition oid.h:135
OID_PKCS1_SHA1
#define OID_PKCS1_SHA1
sha1WithRSAEncryption ::= { pkcs-1 5 }
Definition oid.h:200
OID_PKCS1_SHA384
#define OID_PKCS1_SHA384
sha384WithRSAEncryption ::= { pkcs-1 12 }
Definition oid.h:203
OID_AT_ORGANIZATION
#define OID_AT_ORGANIZATION
id-at-organizationName AttributeType:= {id-at 10}
Definition oid.h:117
OID_CLIENT_AUTH
#define OID_CLIENT_AUTH
id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
Definition oid.h:177
OID_AT_POSTAL_ADDRESS
#define OID_AT_POSTAL_ADDRESS
id-at-postalAddress AttributeType:= {id-at 16}
Definition oid.h:120
oid_get_md_alg
int oid_get_md_alg(const asn1_buf *oid, md_type_t *md_alg)
Translate hash algorithm OID into md_type.
oid_get_extended_key_usage
int oid_get_extended_key_usage(const asn1_buf *oid, const char **desc)
Translate Extended Key Usage OID into description.
OID_EC_GRP_BP512R1
#define OID_EC_GRP_BP512R1
Definition oid.h:334
OID_EC_GRP_BP384R1
#define OID_EC_GRP_BP384R1
Definition oid.h:331
OID_ECDSA_SHA384
#define OID_ECDSA_SHA384
Definition oid.h:368
POLARSSL_ERR_OID_BUF_TOO_SMALL
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
Definition oid.h:51
OID_EXTENDED_KEY_USAGE
#define OID_EXTENDED_KEY_USAGE
id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 }
Definition oid.h:144
OID_DIGEST_ALG_SHA256
#define OID_DIGEST_ALG_SHA256
id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
Definition oid.h:222
OID_EC_GRP_SECP384R1
#define OID_EC_GRP_SECP384R1
Definition oid.h:301
OID_CODE_SIGNING
#define OID_CODE_SIGNING
id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
Definition oid.h:178
OID_OCSP_SIGNING
#define OID_OCSP_SIGNING
id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
Definition oid.h:181
OID_EC_GRP_SECP224R1
#define OID_EC_GRP_SECP224R1
Definition oid.h:293
OID_PKCS9_EMAIL
#define OID_PKCS9_EMAIL
emailAddress AttributeType ::= { pkcs-9 1 }
Definition oid.h:208
oid_get_x509_ext_type
int oid_get_x509_ext_type(const asn1_buf *oid, int *ext_type)
Translate an X.509 extension OID into local values.
OID_BASIC_CONSTRAINTS
#define OID_BASIC_CONSTRAINTS
id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
Definition oid.h:141
OID_SUBJECT_ALT_NAME
#define OID_SUBJECT_ALT_NAME
id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
Definition oid.h:138
OID_SERVER_AUTH
#define OID_SERVER_AUTH
id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
Definition oid.h:176
pk_type_t
pk_type_t
Public key types.
Definition pk.h:95
POLARSSL_PK_ECDSA
@ POLARSSL_PK_ECDSA
Definition pk.h:100
POLARSSL_PK_ECKEY
@ POLARSSL_PK_ECKEY
Definition pk.h:98
POLARSSL_PK_ECKEY_DH
@ POLARSSL_PK_ECKEY_DH
Definition pk.h:99
POLARSSL_PK_RSASSA_PSS
@ POLARSSL_PK_RSASSA_PSS
Definition pk.h:102
POLARSSL_PK_RSA
@ POLARSSL_PK_RSA
Definition pk.h:97
rsa.h
The RSA public-key cryptosystem.
_asn1_buf
Type-length-value structure that allows for ASN1 using DER.
Definition asn1.h:125
oid_descriptor_t
Base OID descriptor structure.
Definition oid.h:382
x509.h
X.509 generic defines and structures.
Generated on Tue Feb 20 2024 18:30:51 for PolarSSL v1.3.9 by doxygen 1.9.8