28 #if !defined(POLARSSL_CONFIG_FILE)
31 #include POLARSSL_CONFIG_FILE
34 #if defined(POLARSSL_OID_C)
39 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
48 #define ADD_LEN(s) s, OID_SIZE(s)
54 #define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
55 static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
57 const TYPE_T *p = LIST; \
58 const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \
59 if( p == NULL || oid == NULL ) return( NULL ); \
60 while( cur->asn1 != NULL ) { \
61 if( cur->asn1_len == oid->len && \
62 memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
66 cur = (const oid_descriptor_t *) p; \
75 #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
76 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
78 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
79 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
80 *ATTR1 = data->descriptor.ATTR1; \
88 #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
89 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
91 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
92 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
93 *ATTR1 = data->ATTR1; \
101 #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
103 int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
105 const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
106 if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
107 *ATTR1 = data->ATTR1; \
108 *ATTR2 = data->ATTR2; \
116 #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
117 int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
119 const TYPE_T *cur = LIST; \
120 while( cur->descriptor.asn1 != NULL ) { \
121 if( cur->ATTR1 == ATTR1 ) { \
122 *oid = cur->descriptor.asn1; \
123 *olen = cur->descriptor.asn1_len; \
128 return( POLARSSL_ERR_OID_NOT_FOUND ); \
135 #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
137 int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
140 const TYPE_T *cur = LIST; \
141 while( cur->descriptor.asn1 != NULL ) { \
142 if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
143 *oid = cur->descriptor.asn1; \
144 *olen = cur->descriptor.asn1_len; \
149 return( POLARSSL_ERR_OID_NOT_FOUND ); \
157 const char *short_name;
160 static const oid_x520_attr_t oid_x520_attr_type[] =
163 { ADD_LEN(
OID_AT_CN ),
"id-at-commonName",
"Common Name" },
183 { ADD_LEN(
OID_AT_ORG_UNIT ),
"id-at-organizationalUnitName",
"Org Unit" },
216 "generationQualifier",
235 { NULL, 0, NULL, NULL },
240 FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type);
243 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
252 static const oid_x509_ext_t oid_x509_ext[] =
271 { ADD_LEN(
OID_NS_CERT_TYPE ),
"id-netscape-certtype",
"Netscape Certificate Type" },
275 { NULL, 0, NULL, NULL },
280 FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext);
285 { ADD_LEN(
OID_SERVER_AUTH ),
"id-kp-serverAuth",
"TLS Web Server Authentication" },
286 { ADD_LEN(
OID_CLIENT_AUTH ),
"id-kp-clientAuth",
"TLS Web Client Authentication" },
291 { NULL, 0, NULL, NULL },
298 #if defined(POLARSSL_MD_C)
308 static const oid_sig_alg_t oid_sig_alg[] =
311 { ADD_LEN(
OID_PKCS1_MD2 ),
"md2WithRSAEncryption",
"RSA with MD2" },
315 { ADD_LEN(
OID_PKCS1_MD4 ),
"md4WithRSAEncryption",
"RSA with MD4" },
319 { ADD_LEN(
OID_PKCS1_MD5 ),
"md5WithRSAEncryption",
"RSA with MD5" },
323 { ADD_LEN(
OID_PKCS1_SHA1 ),
"sha-1WithRSAEncryption",
"RSA with SHA1" },
327 { ADD_LEN(
OID_PKCS1_SHA224 ),
"sha224WithRSAEncryption",
"RSA with SHA-224" },
331 { ADD_LEN(
OID_PKCS1_SHA256 ),
"sha256WithRSAEncryption",
"RSA with SHA-256" },
335 { ADD_LEN(
OID_PKCS1_SHA384 ),
"sha384WithRSAEncryption",
"RSA with SHA-384" },
339 { ADD_LEN(
OID_PKCS1_SHA512 ),
"sha512WithRSAEncryption",
"RSA with SHA-512" },
343 { ADD_LEN(
OID_RSA_SHA_OBS ),
"sha-1WithRSAEncryption",
"RSA with SHA1" },
347 { ADD_LEN(
OID_ECDSA_SHA1 ),
"ecdsa-with-SHA1",
"ECDSA with SHA1" },
371 { NULL, 0, NULL, NULL },
376 FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg);
377 FN_OID_GET_DESCRIPTOR_ATTR1(
oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg,
const char *, description);
390 static const oid_pk_alg_t oid_pk_alg[] =
405 { NULL, 0, NULL, NULL },
410 FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg);
414 #if defined(POLARSSL_ECP_C)
423 static const oid_ecp_grp_t oid_ecp_grp[] =
470 { NULL, 0, NULL, NULL },
475 FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp);
480 #if defined(POLARSSL_CIPHER_C)
489 static const oid_cipher_alg_t oid_cipher_alg[] =
500 { NULL, 0, NULL, NULL },
505 FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg);
509 #if defined(POLARSSL_MD_C)
518 static const oid_md_alg_t oid_md_alg[] =
553 { NULL, 0, NULL, NULL },
558 FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg);
563 #if defined(POLARSSL_PKCS12_C)
571 } oid_pkcs12_pbe_alg_t;
573 static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
584 { NULL, 0, NULL, NULL },
589 FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg);
593 #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
597 #if !defined vsnprintf
598 #define vsnprintf _vsnprintf
608 static int compat_snprintf(
char *str,
size_t size,
const char *format, ... )
613 va_start( ap, format );
615 res = vsnprintf( str, size, format, ap );
621 return( (
int) size + 20 );
626 #define snprintf compat_snprintf
629 #define SAFE_SNPRINTF() \
632 return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
634 if( (unsigned int) ret >= n ) { \
636 return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
639 n -= (unsigned int) ret; \
640 p += (unsigned int) ret; \
658 ret = snprintf( p, n,
"%d.%d", oid->
p[0] / 40, oid->
p[0] % 40 );
663 for( i = 1; i < oid->
len; i++ )
666 if( ( ( value << 7 ) >> 7 ) != value )
670 value += oid->
p[i] & 0x7F;
672 if( !( oid->
p[i] & 0x80 ) )
675 ret = snprintf( p, n,
".%d", value );
681 return( (
int) ( size - n ) );
#define OID_EC_GRP_BP256R1
#define OID_EXTENDED_KEY_USAGE
id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 }
#define OID_EC_ALG_UNRESTRICTED
#define OID_DIGEST_ALG_SHA384
id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_PKCS1_SHA224
sha224WithRSAEncryption ::= { pkcs-1 14 }
#define OID_EC_GRP_SECP192R1
int oid_get_numeric_string(char *buf, size_t size, const asn1_buf *oid)
Translate an ASN.1 OID into its numeric representation (e.g.
int oid_get_oid_by_ec_grp(ecp_group_id grp_id, const char **oid, size_t *olen)
Translate EC group identifier into NamedCurve OID.
#define OID_EC_GRP_SECP521R1
#define EXT_BASIC_CONSTRAINTS
#define OID_PKCS1_MD2
md2WithRSAEncryption ::= { pkcs-1 2 }
int oid_get_oid_by_pk_alg(pk_type_t pk_alg, const char **oid, size_t *olen)
Translate pk_type into PublicKeyAlgorithm OID.
int oid_get_pk_alg(const asn1_buf *oid, pk_type_t *pk_alg)
Translate PublicKeyAlgorithm OID into pk_type.
#define OID_DIGEST_ALG_MD5
id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } ...
int oid_get_x509_ext_type(const asn1_buf *oid, int *ext_type)
Translate an X.509 extension OID into local values.
Configuration options (set of defines)
#define OID_EC_GRP_BP512R1
int oid_get_md_alg(const asn1_buf *oid, md_type_t *md_alg)
Translate hash algorithm OID into md_type.
#define OID_SUBJECT_ALT_NAME
id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
#define OID_PKCS1_MD4
md4WithRSAEncryption ::= { pkcs-1 3 }
#define OID_PKCS1_MD5
md5WithRSAEncryption ::= { pkcs-1 4 }
Base OID descriptor structure.
Object Identifier (OID) database.
#define OID_AT_INITIALS
id-at-initials AttributeType:= {id-at 43}
#define OID_AT_CN
id-at-commonName AttributeType:= {id-at 3}
#define OID_AT_TITLE
id-at-title AttributeType:= {id-at 12}
#define OID_DIGEST_ALG_MD2
id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } ...
#define OID_SERVER_AUTH
id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
#define OID_EC_GRP_SECP256R1
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
#define OID_AT_GENERATION_QUALIFIER
id-at-generationQualifier AttributeType:= {id-at 44}
#define OID_PKCS1_SHA512
sha512WithRSAEncryption ::= { pkcs-1 13 }
#define OID_DIGEST_ALG_SHA1
id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 ...
#define OID_DIGEST_ALG_SHA256
id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_EC_GRP_SECP256K1
int oid_get_cipher_alg(const asn1_buf *oid, cipher_type_t *cipher_alg)
Translate encryption algorithm OID into cipher_type.
#define OID_RSASSA_PSS
id-RSASSA-PSS ::= { pkcs-1 10 }
#define OID_AT_POSTAL_ADDRESS
id-at-postalAddress AttributeType:= {id-at 16}
#define OID_AT_ORGANIZATION
id-at-organizationName AttributeType:= {id-at 10}
unsigned char * p
ASN1 data, e.g.
int oid_get_sig_alg_desc(const asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
#define OID_EC_GRP_SECP224R1
#define OID_DES_EDE3_CBC
des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) – us(840) rsadsi(113549) encryptionAlgorit...
#define OID_PKCS1_SHA384
sha384WithRSAEncryption ::= { pkcs-1 12 }
#define OID_AT_GIVEN_NAME
id-at-givenName AttributeType:= {id-at 42}
#define OID_BASIC_CONSTRAINTS
id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
#define OID_PKCS1_SHA256
sha256WithRSAEncryption ::= { pkcs-1 11 }
#define OID_DIGEST_ALG_SHA512
id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_AT_ORG_UNIT
id-at-organizationalUnitName AttributeType:= {id-at 11}
#define OID_AT_POSTAL_CODE
id-at-postalCode AttributeType:= {id-at 17}
pk_type_t
Public key types.
#define OID_PKCS9_EMAIL
emailAddress AttributeType ::= { pkcs-9 1 }
#define OID_EC_GRP_SECP224K1
int oid_get_pkcs12_pbe_alg(const asn1_buf *oid, md_type_t *md_alg, cipher_type_t *cipher_alg)
Translate PKCS#12 PBE algorithm OID into md_type and cipher_type.
#define EXT_EXTENDED_KEY_USAGE
#define OID_AT_PSEUDONYM
id-at-pseudonym AttributeType:= {id-at 65}
X.509 generic defines and structures.
#define OID_DIGEST_ALG_MD4
id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } ...
#define OID_AT_LOCALITY
id-at-locality AttributeType:= {id-at 7}
#define OID_OCSP_SIGNING
id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
Type-length-value structure that allows for ASN1 using DER.
The RSA public-key cryptosystem.
#define OID_CODE_SIGNING
id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
#define OID_EC_GRP_BP384R1
int oid_get_ec_grp(const asn1_buf *oid, ecp_group_id *grp_id)
Translate NamedCurve OID into an EC group identifier.
size_t len
ASN1 length, e.g.
ecp_group_id
Domain parameters (curve, subgroup and generator) identifiers.
#define OID_PKCS1_SHA1
sha1WithRSAEncryption ::= { pkcs-1 5 }
#define OID_AT_SUR_NAME
id-at-surName AttributeType:= {id-at 4}
#define OID_AT_SERIAL_NUMBER
id-at-serialNumber AttributeType:= {id-at 5}
int oid_get_oid_by_md(md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type into hash algorithm OID.
#define OID_DIGEST_ALG_SHA224
id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) cso...
#define OID_DES_CBC
desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } ...
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
#define OID_CLIENT_AUTH
id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
#define OID_EC_GRP_SECP192K1
#define OID_TIME_STAMPING
id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
int oid_get_sig_alg(const asn1_buf *oid, md_type_t *md_alg, pk_type_t *pk_alg)
Translate SignatureAlgorithm OID into md_type and pk_type.
int oid_get_attr_short_name(const asn1_buf *oid, const char **short_name)
Translate an X.509 attribute type OID into the short name (e.g.
#define OID_AT_STATE
id-at-state AttributeType:= {id-at 8}
#define OID_AT_DN_QUALIFIER
id-at-dnQualifier AttributeType:= {id-at 46}
#define OID_PKCS1_RSA
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
int oid_get_extended_key_usage(const asn1_buf *oid, const char **desc)
Translate Extended Key Usage OID into description.
#define OID_EMAIL_PROTECTION
id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
#define OID_DOMAIN_COMPONENT
#define OID_AT_COUNTRY
id-at-countryName AttributeType:= {id-at 6}
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
#define OID_EC_GRP_SECP384R1
int oid_get_oid_by_sig_alg(pk_type_t pk_alg, md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type and pk_type into SignatureAlgorithm OID.
#define OID_KEY_USAGE
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
#define EXT_SUBJECT_ALT_NAME