30 #if defined(POLARSSL_OID_C)
35 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
44 #define ADD_LEN(s) s, OID_SIZE(s)
50 #define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
51 static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
53 const TYPE_T *p = LIST; \
54 const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \
55 if( p == NULL || oid == NULL ) return( NULL ); \
56 while( cur->asn1 != NULL ) { \
57 if( cur->asn1_len == oid->len && \
58 memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
62 cur = (const oid_descriptor_t *) p; \
71 #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
72 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
74 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
75 if( data == NULL ) return ( POLARSSL_ERR_OID_NOT_FOUND ); \
76 *ATTR1 = data->descriptor.ATTR1; \
84 #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
85 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
87 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
88 if( data == NULL ) return ( POLARSSL_ERR_OID_NOT_FOUND ); \
89 *ATTR1 = data->ATTR1; \
97 #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
99 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
101 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
102 if( data == NULL ) return ( POLARSSL_ERR_OID_NOT_FOUND ); \
103 *ATTR1 = data->ATTR1; \
104 *ATTR2 = data->ATTR2; \
112 #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
113 int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
115 const TYPE_T *cur = LIST; \
116 while( cur->descriptor.asn1 != NULL ) { \
117 if( cur->ATTR1 == ATTR1 ) { \
118 *oid = cur->descriptor.asn1; \
119 *olen = cur->descriptor.asn1_len; \
124 return( POLARSSL_ERR_OID_NOT_FOUND ); \
131 #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
133 int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
136 const TYPE_T *cur = LIST; \
137 while( cur->descriptor.asn1 != NULL ) { \
138 if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
139 *oid = cur->descriptor.asn1; \
140 *olen = cur->descriptor.asn1_len; \
145 return( POLARSSL_ERR_OID_NOT_FOUND ); \
153 const char *short_name;
156 static const oid_x520_attr_t oid_x520_attr_type[] =
159 { ADD_LEN(
OID_AT_CN ),
"id-at-commonName",
"Common Name" },
179 { ADD_LEN(
OID_AT_ORG_UNIT ),
"id-at-organizationalUnitName",
"Org Unit" },
199 { NULL, 0, NULL, NULL },
204 FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type);
207 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
216 static const oid_x509_ext_t oid_x509_ext[] =
235 { ADD_LEN(
OID_NS_CERT_TYPE ),
"id-netscape-certtype",
"Netscape Certificate Type" },
239 { NULL, 0, NULL, NULL },
244 FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext);
249 { ADD_LEN(
OID_SERVER_AUTH ),
"id-kp-serverAuth",
"TLS Web Server Authentication" },
250 { ADD_LEN(
OID_CLIENT_AUTH ),
"id-kp-clientAuth",
"TLS Web Client Authentication" },
255 { NULL, 0, NULL, NULL },
262 #if defined(POLARSSL_MD_C)
272 static const oid_sig_alg_t oid_sig_alg[] =
275 { ADD_LEN(
OID_PKCS1_MD2 ),
"md2WithRSAEncryption",
"RSA with MD2" },
279 { ADD_LEN(
OID_PKCS1_MD4 ),
"md4WithRSAEncryption",
"RSA with MD4" },
283 { ADD_LEN(
OID_PKCS1_MD5 ),
"md5WithRSAEncryption",
"RSA with MD5" },
287 { ADD_LEN(
OID_PKCS1_SHA1 ),
"sha-1WithRSAEncryption",
"RSA with SHA1" },
291 { ADD_LEN(
OID_PKCS1_SHA224 ),
"sha224WithRSAEncryption",
"RSA with SHA-224" },
295 { ADD_LEN(
OID_PKCS1_SHA256 ),
"sha256WithRSAEncryption",
"RSA with SHA-256" },
299 { ADD_LEN(
OID_PKCS1_SHA384 ),
"sha384WithRSAEncryption",
"RSA with SHA-384" },
303 { ADD_LEN(
OID_PKCS1_SHA512 ),
"sha512WithRSAEncryption",
"RSA with SHA-512" },
307 { ADD_LEN(
OID_RSA_SHA_OBS ),
"sha-1WithRSAEncryption",
"RSA with SHA1" },
311 { ADD_LEN(
OID_ECDSA_SHA1 ),
"ecdsa-with-SHA1",
"ECDSA with SHA1" },
331 { NULL, 0, NULL, NULL },
336 FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg);
337 FN_OID_GET_DESCRIPTOR_ATTR1(
oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg,
const char *, description);
350 static const oid_pk_alg_t oid_pk_alg[] =
365 { NULL, 0, NULL, NULL },
370 FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg);
374 #if defined(POLARSSL_ECP_C)
383 static const oid_ecp_grp_t oid_ecp_grp[] =
418 { NULL, 0, NULL, NULL },
423 FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp);
428 #if defined(POLARSSL_CIPHER_C)
437 static const oid_cipher_alg_t oid_cipher_alg[] =
448 { NULL, 0, NULL, NULL },
453 FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg);
457 #if defined(POLARSSL_MD_C)
466 static const oid_md_alg_t oid_md_alg[] =
505 { NULL, 0, NULL, NULL },
510 FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg);
515 #if defined(POLARSSL_PKCS12_C)
523 } oid_pkcs12_pbe_alg_t;
525 static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
536 { NULL, 0, NULL, NULL },
541 FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg);
545 #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
549 #if !defined vsnprintf
550 #define vsnprintf _vsnprintf
560 static int compat_snprintf(
char *str,
size_t size,
const char *format, ...)
565 va_start( ap, format );
567 res = vsnprintf( str, size, format, ap );
573 return( (
int) size + 20 );
578 #define snprintf compat_snprintf
581 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
583 #define SAFE_SNPRINTF() \
588 if ( (unsigned int) ret > n ) { \
590 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
593 n -= (unsigned int) ret; \
594 p += (unsigned int) ret; \
612 ret = snprintf( p, n,
"%d.%d", oid->
p[0] / 40, oid->
p[0] % 40 );
617 for( i = 1; i < oid->
len; i++ )
620 if ( ( ( value << 7 ) >> 7 ) != value )
621 return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );
624 value += oid->
p[i] & 0x7F;
626 if( !( oid->
p[i] & 0x80 ) )
629 ret = snprintf( p, n,
".%d", value );
635 return( (
int) ( size - n ) );
#define OID_EC_GRP_BP256R1
#define OID_EXTENDED_KEY_USAGE
id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 }
#define OID_EC_ALG_UNRESTRICTED
#define OID_DIGEST_ALG_SHA384
id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_PKCS1_SHA224
sha224WithRSAEncryption ::= { pkcs-1 14 }
#define OID_EC_GRP_SECP192R1
int oid_get_numeric_string(char *buf, size_t size, const asn1_buf *oid)
Translate an ASN.1 OID into its numeric representation (e.g.
int oid_get_oid_by_ec_grp(ecp_group_id grp_id, const char **oid, size_t *olen)
Translate EC group identifier into NamedCurve OID.
#define OID_EC_GRP_SECP521R1
#define EXT_BASIC_CONSTRAINTS
#define OID_PKCS1_MD2
md2WithRSAEncryption ::= { pkcs-1 2 }
int oid_get_oid_by_pk_alg(pk_type_t pk_alg, const char **oid, size_t *olen)
Translate pk_type into PublicKeyAlgorithm OID.
int oid_get_pk_alg(const asn1_buf *oid, pk_type_t *pk_alg)
Translate PublicKeyAlgorithm OID into pk_type.
#define OID_DIGEST_ALG_MD5
id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } ...
int oid_get_x509_ext_type(const asn1_buf *oid, int *ext_type)
Translate an X.509 extension OID into local values.
Configuration options (set of defines)
#define OID_EC_GRP_BP512R1
int oid_get_md_alg(const asn1_buf *oid, md_type_t *md_alg)
Translate hash algorithm OID into md_type.
#define OID_SUBJECT_ALT_NAME
id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
#define OID_PKCS1_MD4
md4WithRSAEncryption ::= { pkcs-1 3 }
#define OID_PKCS1_MD5
md5WithRSAEncryption ::= { pkcs-1 4 }
Base OID descriptor structure.
Object Identifier (OID) database.
#define OID_AT_CN
id-at-commonName AttributeType:= {id-at 3}
#define OID_DIGEST_ALG_MD2
id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } ...
#define OID_SERVER_AUTH
id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
#define OID_EC_GRP_SECP256R1
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
#define OID_PKCS1_SHA512
sha512WithRSAEncryption ::= { pkcs-1 13 }
#define OID_DIGEST_ALG_SHA1
id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 ...
#define OID_DIGEST_ALG_SHA256
id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
int oid_get_cipher_alg(const asn1_buf *oid, cipher_type_t *cipher_alg)
Translate encryption algorithm OID into cipher_type.
#define OID_AT_POSTAL_ADDRESS
id-at-postalAddress AttributeType:= {id-at 16}
#define OID_AT_ORGANIZATION
id-at-organizationName AttributeType:= {id-at 10}
unsigned char * p
ASN1 data, e.g.
int oid_get_sig_alg_desc(const asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
#define OID_EC_GRP_SECP224R1
#define OID_DES_EDE3_CBC
des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) – us(840) rsadsi(113549) encryptionAlgorit...
#define OID_PKCS1_SHA384
sha384WithRSAEncryption ::= { pkcs-1 12 }
#define OID_BASIC_CONSTRAINTS
id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
#define OID_PKCS1_SHA256
sha256WithRSAEncryption ::= { pkcs-1 11 }
#define OID_DIGEST_ALG_SHA512
id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_AT_ORG_UNIT
id-at-organizationalUnitName AttributeType:= {id-at 11}
#define OID_AT_POSTAL_CODE
id-at-postalCode AttributeType:= {id-at 17}
pk_type_t
Public key types.
#define OID_PKCS9_EMAIL
emailAddress AttributeType ::= { pkcs-9 1 }
int oid_get_pkcs12_pbe_alg(const asn1_buf *oid, md_type_t *md_alg, cipher_type_t *cipher_alg)
Translate PKCS#12 PBE algorithm OID into md_type and cipher_type.
#define EXT_EXTENDED_KEY_USAGE
X.509 generic defines and structures.
#define OID_DIGEST_ALG_MD4
id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } ...
#define OID_AT_LOCALITY
id-at-locality AttributeType:= {id-at 7}
#define OID_OCSP_SIGNING
id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
Type-length-value structure that allows for ASN1 using DER.
The RSA public-key cryptosystem.
#define OID_CODE_SIGNING
id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
#define OID_EC_GRP_BP384R1
int oid_get_ec_grp(const asn1_buf *oid, ecp_group_id *grp_id)
Translate NamedCurve OID into an EC group identifier.
size_t len
ASN1 length, e.g.
ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
#define OID_PKCS1_SHA1
sha1WithRSAEncryption ::= { pkcs-1 5 }
#define OID_AT_SERIAL_NUMBER
id-at-serialNumber AttributeType:= {id-at 5}
int oid_get_oid_by_md(md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type into hash algorithm OID.
#define OID_DIGEST_ALG_SHA224
id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_DES_CBC
desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } ...
#define OID_CLIENT_AUTH
id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
#define OID_TIME_STAMPING
id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
int oid_get_sig_alg(const asn1_buf *oid, md_type_t *md_alg, pk_type_t *pk_alg)
Translate SignatureAlgorithm OID into md_type and pk_type.
int oid_get_attr_short_name(const asn1_buf *oid, const char **short_name)
Translate an X.509 attribute type OID into the short name (e.g.
#define OID_AT_STATE
id-at-state AttributeType:= {id-at 8}
#define OID_PKCS1_RSA
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
int oid_get_extended_key_usage(const asn1_buf *oid, const char **desc)
Translate Extended Key Usage OID into description.
#define OID_EMAIL_PROTECTION
id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
#define OID_AT_COUNTRY
id-at-countryName AttributeType:= {id-at 6}
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
#define OID_EC_GRP_SECP384R1
int oid_get_oid_by_sig_alg(pk_type_t pk_alg, md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type and pk_type into SignatureAlgorithm OID.
#define OID_KEY_USAGE
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
#define EXT_SUBJECT_ALT_NAME