From 15b5d84f9da2ce4bfae8580e56e34a859f74ad71 Mon Sep 17 00:00:00 2001 From: markus <> Date: Thu, 5 Sep 2002 12:51:50 +0000 Subject: import openssl-0.9.7-beta1 --- src/lib/libcrypto/objects/o_names.c | 229 +++++++--- src/lib/libcrypto/objects/obj_dat.c | 359 +++++++++------ src/lib/libcrypto/objects/obj_dat.pl | 112 +++-- src/lib/libcrypto/objects/obj_err.c | 123 +++--- src/lib/libcrypto/objects/obj_lib.c | 39 +- src/lib/libcrypto/objects/obj_mac.num | 121 ++++- src/lib/libcrypto/objects/objects.h | 444 ++++++++++++++++--- src/lib/libcrypto/objects/objects.pl | 17 +- src/lib/libcrypto/objects/objects.txt | 800 ++++++++++++++++++++++++++++++++-- 9 files changed, 1828 insertions(+), 416 deletions(-) (limited to 'src/lib/libcrypto/objects') diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c index 4da5e45b9c..b4453b4a98 100644 --- a/src/lib/libcrypto/objects/o_names.c +++ b/src/lib/libcrypto/objects/o_names.c @@ -4,78 +4,119 @@ #include #include +#include +#include + +/* Later versions of DEC C has started to add lnkage information to certain + * functions, which makes it tricky to use them as values to regular function + * pointers. One way is to define a macro that takes care of casting them + * correctly. + */ +#ifdef OPENSSL_SYS_VMS_DECC +# define OPENSSL_strcmp (int (*)(const char *,const char *))strcmp +#else +# define OPENSSL_strcmp strcmp +#endif /* I use the ex_data stuff to manage the identifiers for the obj_name_types * that applications may define. I only really use the free function field. */ static LHASH *names_lh=NULL; static int names_type_num=OBJ_NAME_TYPE_NUM; -static STACK *names_cmp=NULL; -static STACK *names_hash=NULL; -static STACK *names_free=NULL; -static unsigned long obj_name_hash(OBJ_NAME *a); -static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); +typedef struct name_funcs_st + { + unsigned long (*hash_func)(const char *name); + int (*cmp_func)(const char *a,const char *b); + void (*free_func)(const char *, int, const char *); + } NAME_FUNCS; + +DECLARE_STACK_OF(NAME_FUNCS) +IMPLEMENT_STACK_OF(NAME_FUNCS) + +static STACK_OF(NAME_FUNCS) *name_funcs_stack; + +/* The LHASH callbacks now use the raw "void *" prototypes and do per-variable + * casting in the functions. This prevents function pointer casting without the + * need for macro-generated wrapper functions. */ + +/* static unsigned long obj_name_hash(OBJ_NAME *a); */ +static unsigned long obj_name_hash(const void *a_void); +/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */ +static int obj_name_cmp(const void *a_void,const void *b_void); int OBJ_NAME_init(void) { if (names_lh != NULL) return(1); MemCheck_off(); - names_lh=lh_new(obj_name_hash,obj_name_cmp); + names_lh=lh_new(obj_name_hash, obj_name_cmp); MemCheck_on(); return(names_lh != NULL); } -int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(), - void (*free_func)()) +int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), + int (*cmp_func)(const char *, const char *), + void (*free_func)(const char *, int, const char *)) { int ret; int i; + NAME_FUNCS *name_funcs; - if (names_free == NULL) + if (name_funcs_stack == NULL) { MemCheck_off(); - names_hash=sk_new_null(); - names_cmp=sk_new_null(); - names_free=sk_new_null(); + name_funcs_stack=sk_NAME_FUNCS_new_null(); MemCheck_on(); } - if ((names_free == NULL) || (names_hash == NULL) || (names_cmp == NULL)) + if ((name_funcs_stack == NULL)) { /* ERROR */ return(0); } ret=names_type_num; names_type_num++; - for (i=sk_num(names_free); ihash_func = lh_strhash; + name_funcs->cmp_func = OPENSSL_strcmp; + name_funcs->free_func = 0; /* NULL is often declared to + * ((void *)0), which according + * to Compaq C is not really + * compatible with a function + * pointer. -- Richard Levitte*/ + MemCheck_off(); + sk_NAME_FUNCS_push(name_funcs_stack,name_funcs); MemCheck_on(); } + name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret); if (hash_func != NULL) - sk_set(names_hash,ret,(char *)hash_func); + name_funcs->hash_func = hash_func; if (cmp_func != NULL) - sk_set(names_cmp,ret,(char *)cmp_func); + name_funcs->cmp_func = cmp_func; if (free_func != NULL) - sk_set(names_free,ret,(char *)free_func); + name_funcs->free_func = free_func; return(ret); } -static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) +/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */ +static int obj_name_cmp(const void *a_void, const void *b_void) { int ret; - int (*cmp)(); + OBJ_NAME *a = (OBJ_NAME *)a_void; + OBJ_NAME *b = (OBJ_NAME *)b_void; ret=a->type-b->type; if (ret == 0) { - if ((names_cmp != NULL) && (sk_num(names_cmp) > a->type)) + if ((name_funcs_stack != NULL) + && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) { - cmp=(int (*)())sk_value(names_cmp,a->type); - ret=cmp(a->name,b->name); + ret=sk_NAME_FUNCS_value(name_funcs_stack, + a->type)->cmp_func(a->name,b->name); } else ret=strcmp(a->name,b->name); @@ -83,15 +124,16 @@ static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) return(ret); } -static unsigned long obj_name_hash(OBJ_NAME *a) +/* static unsigned long obj_name_hash(OBJ_NAME *a) */ +static unsigned long obj_name_hash(const void *a_void) { unsigned long ret; - unsigned long (*hash)(); + OBJ_NAME *a = (OBJ_NAME *)a_void; - if ((names_hash != NULL) && (sk_num(names_hash) > a->type)) + if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) { - hash=(unsigned long (*)())sk_value(names_hash,a->type); - ret=hash(a->name); + ret=sk_NAME_FUNCS_value(name_funcs_stack, + a->type)->hash_func(a->name); } else { @@ -116,8 +158,8 @@ const char *OBJ_NAME_get(const char *name, int type) on.type=type; for (;;) - { - ret=(OBJ_NAME *)lh_retrieve(names_lh,(char *)&on); + { + ret=(OBJ_NAME *)lh_retrieve(names_lh,&on); if (ret == NULL) return(NULL); if ((ret->alias) && !alias) { @@ -133,7 +175,6 @@ const char *OBJ_NAME_get(const char *name, int type) int OBJ_NAME_add(const char *name, int type, const char *data) { - void (*f)(); OBJ_NAME *onp,*ret; int alias; @@ -142,7 +183,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) alias=type&OBJ_NAME_ALIAS; type&= ~OBJ_NAME_ALIAS; - onp=(OBJ_NAME *)Malloc(sizeof(OBJ_NAME)); + onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME)); if (onp == NULL) { /* ERROR */ @@ -154,16 +195,20 @@ int OBJ_NAME_add(const char *name, int type, const char *data) onp->type=type; onp->data=data; - ret=(OBJ_NAME *)lh_insert(names_lh,(char *)onp); + ret=(OBJ_NAME *)lh_insert(names_lh,onp); if (ret != NULL) { /* free things */ - if ((names_free != NULL) && (sk_num(names_free) > ret->type)) + if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) { - f=(void (*)())sk_value(names_free,ret->type); - f(ret->name,ret->type,ret->data); + /* XXX: I'm not sure I understand why the free + * function should get three arguments... + * -- Richard Levitte + */ + sk_NAME_FUNCS_value(name_funcs_stack, + ret->type)->free_func(ret->name,ret->type,ret->data); } - Free((char *)ret); + OPENSSL_free(ret); } else { @@ -179,35 +224,108 @@ int OBJ_NAME_add(const char *name, int type, const char *data) int OBJ_NAME_remove(const char *name, int type) { OBJ_NAME on,*ret; - void (*f)(); if (names_lh == NULL) return(0); type&= ~OBJ_NAME_ALIAS; on.name=name; on.type=type; - ret=(OBJ_NAME *)lh_delete(names_lh,(char *)&on); + ret=(OBJ_NAME *)lh_delete(names_lh,&on); if (ret != NULL) { /* free things */ - if ((names_free != NULL) && (sk_num(names_free) > type)) + if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) { - f=(void (*)())sk_value(names_free,type); - f(ret->name,ret->type,ret->data); + /* XXX: I'm not sure I understand why the free + * function should get three arguments... + * -- Richard Levitte + */ + sk_NAME_FUNCS_value(name_funcs_stack, + ret->type)->free_func(ret->name,ret->type,ret->data); } - Free((char *)ret); + OPENSSL_free(ret); return(1); } else return(0); } +struct doall + { + int type; + void (*fn)(const OBJ_NAME *,void *arg); + void *arg; + }; + +static void do_all_fn(const OBJ_NAME *name,struct doall *d) + { + if(name->type == d->type) + d->fn(name,d->arg); + } + +static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME *, struct doall *) + +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg),void *arg) + { + struct doall d; + + d.type=type; + d.fn=fn; + d.arg=arg; + + lh_doall_arg(names_lh,LHASH_DOALL_ARG_FN(do_all_fn),&d); + } + +struct doall_sorted + { + int type; + int n; + const OBJ_NAME **names; + }; + +static void do_all_sorted_fn(const OBJ_NAME *name,void *d_) + { + struct doall_sorted *d=d_; + + if(name->type != d->type) + return; + + d->names[d->n++]=name; + } + +static int do_all_sorted_cmp(const void *n1_,const void *n2_) + { + const OBJ_NAME * const *n1=n1_; + const OBJ_NAME * const *n2=n2_; + + return strcmp((*n1)->name,(*n2)->name); + } + +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg) + { + struct doall_sorted d; + int n; + + d.type=type; + d.names=OPENSSL_malloc(lh_num_items(names_lh)*sizeof *d.names); + d.n=0; + OBJ_NAME_do_all(type,do_all_sorted_fn,&d); + + qsort((void *)d.names,d.n,sizeof *d.names,do_all_sorted_cmp); + + for(n=0 ; n < d.n ; ++n) + fn(d.names[n],arg); + + OPENSSL_free((void *)d.names); + } + static int free_type; -static void names_lh_free(OBJ_NAME *onp, int type) +static void names_lh_free(OBJ_NAME *onp) { if(onp == NULL) - return; + return; if ((free_type < 0) || (free_type == onp->type)) { @@ -215,6 +333,13 @@ static void names_lh_free(OBJ_NAME *onp, int type) } } +static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME *) + +static void name_funcs_free(NAME_FUNCS *ptr) + { + OPENSSL_free(ptr); + } + void OBJ_NAME_cleanup(int type) { unsigned long down_load; @@ -225,17 +350,13 @@ void OBJ_NAME_cleanup(int type) down_load=names_lh->down_load; names_lh->down_load=0; - lh_doall(names_lh,names_lh_free); + lh_doall(names_lh,LHASH_DOALL_FN(names_lh_free)); if (type < 0) { lh_free(names_lh); - sk_free(names_hash); - sk_free(names_cmp); - sk_free(names_free); + sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free); names_lh=NULL; - names_hash=NULL; - names_cmp=NULL; - names_free=NULL; + name_funcs_stack = NULL; } else names_lh->down_load=down_load; diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c index 34866ebbd2..3ff64bb8d1 100644 --- a/src/lib/libcrypto/objects/obj_dat.c +++ b/src/lib/libcrypto/objects/obj_dat.c @@ -59,23 +59,29 @@ #include #include #include "cryptlib.h" -#include "lhash.h" -#include "asn1.h" -#include "objects.h" +#include +#include +#include /* obj_dat.h is generated from objects.h by obj_dat.pl */ +#ifndef OPENSSL_NO_OBJECT #include "obj_dat.h" - -#ifndef NOPROTO -static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); -static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); -static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b); #else -static int sn_cmp(); -static int ln_cmp(); -static int obj_cmp(); +/* You will have to load all the objects needed manually in the application */ +#define NUM_NID 0 +#define NUM_SN 0 +#define NUM_LN 0 +#define NUM_OBJ 0 +static unsigned char lvalues[1]; +static ASN1_OBJECT nid_objs[1]; +static ASN1_OBJECT *sn_objs[1]; +static ASN1_OBJECT *ln_objs[1]; +static ASN1_OBJECT *obj_objs[1]; #endif +static int sn_cmp(const void *a, const void *b); +static int ln_cmp(const void *a, const void *b); +static int obj_cmp(const void *a, const void *b); #define ADDED_DATA 0 #define ADDED_SNAME 1 #define ADDED_LNAME 2 @@ -90,23 +96,26 @@ typedef struct added_obj_st static int new_nid=NUM_NID; static LHASH *added=NULL; -static int sn_cmp(ap,bp) -ASN1_OBJECT **ap; -ASN1_OBJECT **bp; - { return(strcmp((*ap)->sn,(*bp)->sn)); } +static int sn_cmp(const void *a, const void *b) + { + const ASN1_OBJECT * const *ap = a, * const *bp = b; + return(strcmp((*ap)->sn,(*bp)->sn)); + } -static int ln_cmp(ap,bp) -ASN1_OBJECT **ap; -ASN1_OBJECT **bp; - { return(strcmp((*ap)->ln,(*bp)->ln)); } +static int ln_cmp(const void *a, const void *b) + { + const ASN1_OBJECT * const *ap = a, * const *bp = b; + return(strcmp((*ap)->ln,(*bp)->ln)); + } -static unsigned long add_hash(ca) -ADDED_OBJ *ca; +/* static unsigned long add_hash(ADDED_OBJ *ca) */ +static unsigned long add_hash(const void *ca_void) { - ASN1_OBJECT *a; + const ASN1_OBJECT *a; int i; unsigned long ret=0; unsigned char *p; + ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; a=ca->obj; switch (ca->type) @@ -127,18 +136,21 @@ ADDED_OBJ *ca; ret=a->nid; break; default: - abort(); + /* abort(); */ + return 0; } ret&=0x3fffffffL; ret|=ca->type<<30L; return(ret); } -static int add_cmp(ca,cb) -ADDED_OBJ *ca,*cb; +/* static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) */ +static int add_cmp(const void *ca_void, const void *cb_void) { ASN1_OBJECT *a,*b; int i; + ADDED_OBJ *ca = (ADDED_OBJ *)ca_void; + ADDED_OBJ *cb = (ADDED_OBJ *)cb_void; i=ca->type-cb->type; if (i) return(i); @@ -161,50 +173,52 @@ ADDED_OBJ *ca,*cb; case ADDED_NID: return(a->nid-b->nid); default: - abort(); + /* abort(); */ + return 0; } } -static int init_added() +static int init_added(void) { if (added != NULL) return(1); added=lh_new(add_hash,add_cmp); return(added != NULL); } -static void cleanup1(a) -ADDED_OBJ *a; +static void cleanup1(ADDED_OBJ *a) { a->obj->nid=0; a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS; + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| + ASN1_OBJECT_FLAG_DYNAMIC_DATA; } -static void cleanup2(a) -ADDED_OBJ *a; +static void cleanup2(ADDED_OBJ *a) { a->obj->nid++; } -static void cleanup3(a) -ADDED_OBJ *a; +static void cleanup3(ADDED_OBJ *a) { if (--a->obj->nid == 0) ASN1_OBJECT_free(a->obj); - Free(a); + OPENSSL_free(a); } -void OBJ_cleanup() +static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ *) +static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ *) +static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ *) + +void OBJ_cleanup(void) { if (added == NULL) return; added->down_load=0; - lh_doall(added,cleanup1); /* zero counters */ - lh_doall(added,cleanup2); /* set counters */ - lh_doall(added,cleanup3); /* free objects */ + lh_doall(added,LHASH_DOALL_FN(cleanup1)); /* zero counters */ + lh_doall(added,LHASH_DOALL_FN(cleanup2)); /* set counters */ + lh_doall(added,LHASH_DOALL_FN(cleanup3)); /* free objects */ lh_free(added); added=NULL; } -int OBJ_new_nid(num) -int num; +int OBJ_new_nid(int num) { int i; @@ -213,27 +227,22 @@ int num; return(i); } -int OBJ_add_object(obj) -ASN1_OBJECT *obj; +int OBJ_add_object(const ASN1_OBJECT *obj) { ASN1_OBJECT *o; - ADDED_OBJ *ao[4],*aop; + ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop; int i; if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - ao[ADDED_DATA]=NULL; - ao[ADDED_SNAME]=NULL; - ao[ADDED_LNAME]=NULL; - ao[ADDED_NID]=NULL; - ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err; if ((o->length != 0) && (obj->data != NULL)) - ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->sn != NULL) - ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); if (o->ln != NULL) - ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ)); + ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); for (i=ADDED_DATA; i<=ADDED_NID; i++) { @@ -241,23 +250,24 @@ ASN1_OBJECT *obj; { ao[i]->type=i; ao[i]->obj=o; - aop=(ADDED_OBJ *)lh_insert(added,(char *)ao[i]); + aop=(ADDED_OBJ *)lh_insert(added,ao[i]); /* memory leak, buit should not normally matter */ if (aop != NULL) - Free(aop); + OPENSSL_free(aop); } } - o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| + ASN1_OBJECT_FLAG_DYNAMIC_DATA); + return(o->nid); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) - if (ao[i] != NULL) Free(ao[i]); - if (o != NULL) Free(o); + if (ao[i] != NULL) OPENSSL_free(ao[i]); + if (o != NULL) OPENSSL_free(o); return(NID_undef); } -ASN1_OBJECT *OBJ_nid2obj(n) -int n; +ASN1_OBJECT *OBJ_nid2obj(int n) { ADDED_OBJ ad,*adp; ASN1_OBJECT ob; @@ -278,7 +288,7 @@ int n; ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return(adp->obj); else @@ -289,8 +299,7 @@ int n; } } -char *OBJ_nid2sn(n) -int n; +const char *OBJ_nid2sn(int n) { ADDED_OBJ ad,*adp; ASN1_OBJECT ob; @@ -311,7 +320,7 @@ int n; ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return(adp->obj->sn); else @@ -322,8 +331,7 @@ int n; } } -char *OBJ_nid2ln(n) -int n; +const char *OBJ_nid2ln(int n) { ADDED_OBJ ad,*adp; ASN1_OBJECT ob; @@ -344,7 +352,7 @@ int n; ad.type=ADDED_NID; ad.obj= &ob; ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return(adp->obj->ln); else @@ -355,8 +363,7 @@ int n; } } -int OBJ_obj2nid(a) -ASN1_OBJECT *a; +int OBJ_obj2nid(const ASN1_OBJECT *a) { ASN1_OBJECT **op; ADDED_OBJ ad,*adp; @@ -369,56 +376,136 @@ ASN1_OBJECT *a; if (added != NULL) { ad.type=ADDED_DATA; - ad.obj=a; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */ + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ, - sizeof(ASN1_OBJECT *),(int (*)())obj_cmp); + sizeof(ASN1_OBJECT *),obj_cmp); if (op == NULL) return(NID_undef); return((*op)->nid); } -int OBJ_txt2nid(s) -char *s; +/* Convert an object name into an ASN1_OBJECT + * if "noname" is not set then search for short and long names first. + * This will convert the "dotted" form into an object: unlike OBJ_txt2nid + * it can be used with any objects, not just registered ones. + */ + +ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) { - int ret; + int nid = NID_undef; + ASN1_OBJECT *op=NULL; + unsigned char *buf,*p; + int i, j; - ret=OBJ_sn2nid(s); - if (ret == NID_undef) - { - ret=OBJ_ln2nid(s); - if (ret == NID_undef) - { - ASN1_OBJECT *op=NULL; - unsigned char *buf,*p; - int i; + if(!no_name) { + if( ((nid = OBJ_sn2nid(s)) != NID_undef) || + ((nid = OBJ_ln2nid(s)) != NID_undef) ) + return OBJ_nid2obj(nid); + } - i=a2d_ASN1_OBJECT(NULL,0,s,-1); - if (i <= 0) - { - /* clear the error */ - ERR_get_error(); - return(0); - } + /* Work out size of content octets */ + i=a2d_ASN1_OBJECT(NULL,0,s,-1); + if (i <= 0) { + /* Clear the error */ + ERR_get_error(); + return NULL; + } + /* Work out total size */ + j = ASN1_object_size(0,i,V_ASN1_OBJECT); + + if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL; + + p = buf; + /* Write out tag+length */ + ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); + /* Write out contents */ + a2d_ASN1_OBJECT(p,i,s,-1); + + p=buf; + op=d2i_ASN1_OBJECT(NULL,&p,i); + OPENSSL_free(buf); + return op; + } + +int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) +{ + int i,idx=0,n=0,len,nid; + unsigned long l; + unsigned char *p; + const char *s; + char tbuf[32]; + + if (buf_len <= 0) return(0); - if ((buf=(unsigned char *)Malloc(i)) == NULL) - return(NID_undef); - a2d_ASN1_OBJECT(buf,i,s,-1); - p=buf; - op=d2i_ASN1_OBJECT(NULL,&p,i); - if (op == NULL) return(NID_undef); - ret=OBJ_obj2nid(op); - ASN1_OBJECT_free(op); - Free(buf); + if ((a == NULL) || (a->data == NULL)) { + buf[0]='\0'; + return(0); + } + + if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) { + len=a->length; + p=a->data; + + idx=0; + l=0; + while (idx < a->length) { + l|=(p[idx]&0x7f); + if (!(p[idx] & 0x80)) break; + l<<=7L; + idx++; + } + idx++; + i=(int)(l/40); + if (i > 2) i=2; + l-=(long)(i*40); + + sprintf(tbuf,"%d.%lu",i,l); + i=strlen(tbuf); + strncpy(buf,tbuf,buf_len); + buf_len-=i; + buf+=i; + n+=i; + + l=0; + for (; idx 0) + strncpy(buf,tbuf,buf_len); + buf_len-=i; + buf+=i; + n+=i; + l=0; } + l<<=7L; } - return(ret); + } else { + s=OBJ_nid2ln(nid); + if (s == NULL) + s=OBJ_nid2sn(nid); + strncpy(buf,s,buf_len); + n=strlen(s); } + buf[buf_len-1]='\0'; + return(n); +} -int OBJ_ln2nid(s) -char *s; +int OBJ_txt2nid(const char *s) +{ + ASN1_OBJECT *obj; + int nid; + obj = OBJ_txt2obj(s, 0); + nid = OBJ_obj2nid(obj); + ASN1_OBJECT_free(obj); + return nid; +} + +int OBJ_ln2nid(const char *s) { ASN1_OBJECT o,*oo= &o,**op; ADDED_OBJ ad,*adp; @@ -428,17 +515,16 @@ char *s; { ad.type=ADDED_LNAME; ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN, - sizeof(ASN1_OBJECT *),(int (*)())ln_cmp); + sizeof(ASN1_OBJECT *),ln_cmp); if (op == NULL) return(NID_undef); return((*op)->nid); } -int OBJ_sn2nid(s) -char *s; +int OBJ_sn2nid(const char *s) { ASN1_OBJECT o,*oo= &o,**op; ADDED_OBJ ad,*adp; @@ -448,37 +534,31 @@ char *s; { ad.type=ADDED_SNAME; ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad); + adp=(ADDED_OBJ *)lh_retrieve(added,&ad); if (adp != NULL) return (adp->obj->nid); } op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN, - sizeof(ASN1_OBJECT *),(int (*)())sn_cmp); + sizeof(ASN1_OBJECT *),sn_cmp); if (op == NULL) return(NID_undef); return((*op)->nid); } -static int obj_cmp(ap, bp) -ASN1_OBJECT **ap; -ASN1_OBJECT **bp; +static int obj_cmp(const void *ap, const void *bp) { int j; - ASN1_OBJECT *a= *ap; - ASN1_OBJECT *b= *bp; + ASN1_OBJECT *a= *(ASN1_OBJECT **)ap; + ASN1_OBJECT *b= *(ASN1_OBJECT **)bp; j=(a->length - b->length); if (j) return(j); return(memcmp(a->data,b->data,a->length)); } -char *OBJ_bsearch(key,base,num,size,cmp) -char *key; -char *base; -int num; -int size; -int (*cmp)(); +const char *OBJ_bsearch(const char *key, const char *base, int num, int size, + int (*cmp)(const void *, const void *)) { int l,h,i,c; - char *p; + const char *p; if (num == 0) return(NULL); l=0; @@ -495,14 +575,24 @@ int (*cmp)(); else return(p); } +#ifdef CHARSET_EBCDIC +/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and + * I don't have perl (yet), we revert to a *LINEAR* search + * when the object wasn't found in the binary search. + */ + for (i=0; i) +open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]"; +open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]"; + +while () { next unless /^\#define\s+(\S+)\s+(.*)$/; $v=$1; $d=$2; + $d =~ s/^\"//; + $d =~ s/\"$//; if ($v =~ /^SN_(.*)$/) - { $sn{$1}=$d; } + { + if(defined $snames{$d}) + { + print "WARNING: Duplicate short name \"$d\"\n"; + } + else + { $snames{$d} = "X"; } + $sn{$1}=$d; + } elsif ($v =~ /^LN_(.*)$/) - { $ln{$1}=$d; } + { + if(defined $lnames{$d}) + { + print "WARNING: Duplicate long name \"$d\"\n"; + } + else + { $lnames{$d} = "X"; } + $ln{$1}=$d; + } elsif ($v =~ /^NID_(.*)$/) { $nid{$d}=$1; } elsif ($v =~ /^OBJ_(.*)$/) @@ -55,6 +76,7 @@ while (<>) $objd{$v}=$d; } } +close IN; %ob=&expand_obj(*objd); @@ -74,11 +96,20 @@ for ($i=0; $i<$n; $i++) { $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL"; $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL"; - $sn=$ln if ($sn eq "NULL"); - $ln=$sn if ($ln eq "NULL"); + + if ($sn eq "NULL") { + $sn=$ln; + $sn{$nid{$i}} = $ln; + } + + if ($ln eq "NULL") { + $ln=$sn; + $ln{$nid{$i}} = $sn; + } + $out ="{"; - $out.=$sn; - $out.=",".$ln; + $out.="\"$sn\""; + $out.=","."\"$ln\""; $out.=",NID_$nid{$i},"; if (defined($obj{$nid{$i}})) { @@ -113,13 +144,13 @@ for ($i=0; $i<$n; $i++) @a=grep(defined($sn{$nid{$_}}),0 .. $n); foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a) { - push(@sn,sprintf("&(nid_objs[%2d]),/* $sn{$nid{$_}} */\n",$_)); + push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_)); } @a=grep(defined($ln{$nid{$_}}),0 .. $n); foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a) { - push(@ln,sprintf("&(nid_objs[%2d]),/* $ln{$nid{$_}} */\n",$_)); + push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_)); } @a=grep(defined($obj{$nid{$_}}),0 .. $n); @@ -132,8 +163,14 @@ foreach (sort obj_cmp @a) push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v)); } -print <<'EOF'; -/* lib/obj/obj_dat.h */ +print OUT <<'EOF'; +/* crypto/objects/obj_dat.h */ + +/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the + * following command: + * perl obj_dat.pl obj_mac.h obj_dat.h + */ + /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -191,23 +228,18 @@ print <<'EOF'; * [including the GNU Public Licence.] */ -/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the - * following command: - * perl obj_dat.pl < objects.h > obj_dat.h - */ - EOF -printf "#define NUM_NID %d\n",$n; -printf "#define NUM_SN %d\n",$#sn+1; -printf "#define NUM_LN %d\n",$#ln+1; -printf "#define NUM_OBJ %d\n\n",$#ob+1; +printf OUT "#define NUM_NID %d\n",$n; +printf OUT "#define NUM_SN %d\n",$#sn+1; +printf OUT "#define NUM_LN %d\n",$#ln+1; +printf OUT "#define NUM_OBJ %d\n\n",$#ob+1; -printf "static unsigned char lvalues[%d]={\n",$lvalues+1; -print @lvalues; -print "};\n\n"; +printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1; +print OUT @lvalues; +print OUT "};\n\n"; -printf "static ASN1_OBJECT nid_objs[NUM_NID]={\n"; +printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n"; foreach (@out) { if (length($_) > 75) @@ -218,30 +250,32 @@ foreach (@out) $t=$out.$_.","; if (length($t) > 70) { - print "$out\n"; + print OUT "$out\n"; $t="\t$_,"; } $out=$t; } chop $out; - print "$out"; + print OUT "$out"; } else - { print $_; } + { print OUT $_; } } -print "};\n\n"; +print OUT "};\n\n"; + +printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n"; +print OUT @sn; +print OUT "};\n\n"; -printf "static ASN1_OBJECT *sn_objs[NUM_SN]={\n"; -print @sn; -print "};\n\n"; +printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n"; +print OUT @ln; +print OUT "};\n\n"; -printf "static ASN1_OBJECT *ln_objs[NUM_LN]={\n"; -print @ln; -print "};\n\n"; +printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n"; +print OUT @ob; +print OUT "};\n\n"; -printf "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n"; -print @ob; -print "};\n\n"; +close OUT; sub der_it { @@ -252,7 +286,7 @@ sub der_it $ret.=pack("C*",$a[0]*40+$a[1]); shift @a; shift @a; - while ($_=shift(@a)) + foreach (@a) { @r=(); $t=0; diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c index 45206c616c..80ab6855af 100644 --- a/src/lib/libcrypto/objects/obj_err.c +++ b/src/lib/libcrypto/objects/obj_err.c @@ -1,66 +1,69 @@ -/* lib/obj/obj_err.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* crypto/objects/obj_err.c */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file, + * only reason strings will be preserved. + */ + #include -#include "err.h" -#include "objects.h" +#include +#include /* BEGIN ERROR CODES */ -#ifndef NO_ERR +#ifndef OPENSSL_NO_ERR static ERR_STRING_DATA OBJ_str_functs[]= { {ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"}, @@ -68,26 +71,26 @@ static ERR_STRING_DATA OBJ_str_functs[]= {ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"}, {ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"}, {ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"}, -{0,NULL}, +{0,NULL} }; static ERR_STRING_DATA OBJ_str_reasons[]= { {OBJ_R_MALLOC_FAILURE ,"malloc failure"}, {OBJ_R_UNKNOWN_NID ,"unknown nid"}, -{0,NULL}, +{0,NULL} }; #endif -void ERR_load_OBJ_strings() +void ERR_load_OBJ_strings(void) { static int init=1; - if (init); - {; + if (init) + { init=0; -#ifndef NO_ERR +#ifndef OPENSSL_NO_ERR ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs); ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons); #endif diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c index 0a9c756197..b0b0f2ff24 100644 --- a/src/lib/libcrypto/objects/obj_lib.c +++ b/src/lib/libcrypto/objects/obj_lib.c @@ -58,27 +58,28 @@ #include #include "cryptlib.h" -#include "lhash.h" -#include "objects.h" -#include "buffer.h" +#include +#include +#include -ASN1_OBJECT *OBJ_dup(o) -ASN1_OBJECT *o; +ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { ASN1_OBJECT *r; int i; + char *ln=NULL; if (o == NULL) return(NULL); if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) - return(o); + return((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of + duplication is this??? */ - r=(ASN1_OBJECT *)ASN1_OBJECT_new(); + r=ASN1_OBJECT_new(); if (r == NULL) { OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); return(NULL); } - r->data=(unsigned char *)Malloc(o->length); + r->data=OPENSSL_malloc(o->length); if (r->data == NULL) goto err; memcpy(r->data,o->data,o->length); @@ -88,35 +89,35 @@ ASN1_OBJECT *o; if (o->ln != NULL) { i=strlen(o->ln)+1; - r->ln=(char *)Malloc(i); + r->ln=ln=OPENSSL_malloc(i); if (r->ln == NULL) goto err; - memcpy(r->ln,o->ln,i); + memcpy(ln,o->ln,i); } if (o->sn != NULL) { + char *s; + i=strlen(o->sn)+1; - r->sn=(char *)Malloc(i); + r->sn=s=OPENSSL_malloc(i); if (r->sn == NULL) goto err; - memcpy(r->sn,o->sn,i); + memcpy(s,o->sn,i); } r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS); + ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA); return(r); err: OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); if (r != NULL) { - if (r->ln != NULL) Free(r->ln); - if (r->data != NULL) Free(r->data); - Free(r); + if (ln != NULL) OPENSSL_free(ln); + if (r->data != NULL) OPENSSL_free(r->data); + OPENSSL_free(r); } return(NULL); } -int OBJ_cmp(a,b) -ASN1_OBJECT *a; -ASN1_OBJECT *b; +int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) { int ret; diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num index d73a51370f..02b39062fe 100644 --- a/src/lib/libcrypto/objects/obj_mac.num +++ b/src/lib/libcrypto/objects/obj_mac.num @@ -30,8 +30,8 @@ dhKeyAgreement 28 des_ecb 29 des_cfb64 30 des_cbc 31 -des_ede 32 -des_ede3 33 +des_ede_ecb 32 +des_ede3_ecb 33 idea_cbc 34 idea_cfb64 35 idea_ecb 36 @@ -390,3 +390,120 @@ Enterprises 389 dcObject 390 domainComponent 391 Domain 392 +joint_iso_ccitt 393 +selected_attribute_types 394 +clearance 395 +md4WithRSAEncryption 396 +ac_proxying 397 +sinfo_access 398 +id_aca_encAttrs 399 +role 400 +policy_constraints 401 +target_information 402 +no_rev_avail 403 +ccitt 404 +ansi_X9_62 405 +X9_62_prime_field 406 +X9_62_characteristic_two_field 407 +X9_62_id_ecPublicKey 408 +X9_62_prime192v1 409 +X9_62_prime192v2 410 +X9_62_prime192v3 411 +X9_62_prime239v1 412 +X9_62_prime239v2 413 +X9_62_prime239v3 414 +X9_62_prime256v1 415 +ecdsa_with_SHA1 416 +ms_csp_name 417 +aes_128_ecb 418 +aes_128_cbc 419 +aes_128_ofb128 420 +aes_128_cfb128 421 +aes_192_ecb 422 +aes_192_cbc 423 +aes_192_ofb128 424 +aes_192_cfb128 425 +aes_256_ecb 426 +aes_256_cbc 427 +aes_256_ofb128 428 +aes_256_cfb128 429 +hold_instruction_code 430 +hold_instruction_none 431 +hold_instruction_call_issuer 432 +hold_instruction_reject 433 +data 434 +pss 435 +ucl 436 +pilot 437 +pilotAttributeType 438 +pilotAttributeSyntax 439 +pilotObjectClass 440 +pilotGroups 441 +iA5StringSyntax 442 +caseIgnoreIA5StringSyntax 443 +pilotObject 444 +pilotPerson 445 +account 446 +document 447 +room 448 +documentSeries 449 +rFC822localPart 450 +dNSDomain 451 +domainRelatedObject 452 +friendlyCountry 453 +simpleSecurityObject 454 +pilotOrganization 455 +pilotDSA 456 +qualityLabelledData 457 +userId 458 +textEncodedORAddress 459 +rfc822Mailbox 460 +info 461 +favouriteDrink 462 +roomNumber 463 +photo 464 +userClass 465 +host 466 +manager 467 +documentIdentifier 468 +documentTitle 469 +documentVersion 470 +documentAuthor 471 +documentLocation 472 +homeTelephoneNumber 473 +secretary 474 +otherMailbox 475 +lastModifiedTime 476 +lastModifiedBy 477 +aRecord 478 +pilotAttributeType27 479 +mXRecord 480 +nSRecord 481 +sOARecord 482 +cNAMERecord 483 +associatedDomain 484 +associatedName 485 +homePostalAddress 486 +personalTitle 487 +mobileTelephoneNumber 488 +pagerTelephoneNumber 489 +friendlyCountryName 490 +organizationalStatus 491 +janetMailbox 492 +mailPreferenceOption 493 +buildingName 494 +dSAQuality 495 +singleLevelQuality 496 +subtreeMinimumQuality 497 +subtreeMaximumQuality 498 +personalSignature 499 +dITRedirect 500 +audio 501 +documentPublisher 502 +x500UniqueIdentifier 503 +mime_mhs 504 +mime_mhs_headings 505 +mime_mhs_bodies 506 +id_hex_partial_message 507 +id_hex_multipart_message 508 +generationQualifier 509 diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h index e1d555b47c..de10532813 100644 --- a/src/lib/libcrypto/objects/objects.h +++ b/src/lib/libcrypto/objects/objects.h @@ -59,13 +59,15 @@ #ifndef HEADER_OBJECTS_H #define HEADER_OBJECTS_H -#ifdef __cplusplus -extern "C" { -#endif +#define USE_OBJ_MAC +#ifdef USE_OBJ_MAC +#include +#else #define SN_undef "UNDEF" #define LN_undef "undefined" #define NID_undef 0 +#define OBJ_undef 0L #define SN_Algorithm "Algorithm" #define LN_algorithm "algorithm" @@ -109,10 +111,12 @@ extern "C" { #define NID_md5WithRSAEncryption 8 #define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L +#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES" #define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" #define NID_pbeWithMD2AndDES_CBC 9 #define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L +#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES" #define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" #define NID_pbeWithMD5AndDES_CBC 10 #define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L @@ -229,6 +233,7 @@ extern "C" { #define SN_idea_cbc "IDEA-CBC" #define LN_idea_cbc "idea-cbc" #define NID_idea_cbc 34 +#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L #define SN_idea_cfb64 "IDEA-CFB" #define LN_idea_cfb64 "idea-cfb" @@ -379,17 +384,21 @@ extern "C" { #define OBJ_dsa_2 OBJ_algorithm,12L /* proposed by microsoft to RSA */ +#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64" #define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" #define NID_pbeWithSHA1AndRC2_CBC 68 #define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L -/* proposed by microsoft to RSA */ -#define LN_pbeWithSHA1AndRC4 "pbeWithSHA1AndRC4" -#define NID_pbeWithSHA1AndRC4 69 -#define OBJ_pbeWithSHA1AndRC4 OBJ_pkcs,5L,12L +/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now + * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something + * completely different. + */ +#define LN_id_pbkdf2 "PBKDF2" +#define NID_id_pbkdf2 69 +#define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L #define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1" +#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" #define NID_dsaWithSHA1_2 70 /* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ #define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L @@ -443,58 +452,59 @@ extern "C" { #define LN_desx_cbc "desx-cbc" #define NID_desx_cbc 80 -#define SN_ld_ce "ld-ce" -#define NID_ld_ce 81 -#define OBJ_ld_ce 2L,5L,29L +#define SN_id_ce "id-ce" +#define NID_id_ce 81 +#define OBJ_id_ce 2L,5L,29L #define SN_subject_key_identifier "subjectKeyIdentifier" #define LN_subject_key_identifier "X509v3 Subject Key Identifier" #define NID_subject_key_identifier 82 -#define OBJ_subject_key_identifier OBJ_ld_ce,14L +#define OBJ_subject_key_identifier OBJ_id_ce,14L #define SN_key_usage "keyUsage" #define LN_key_usage "X509v3 Key Usage" #define NID_key_usage 83 -#define OBJ_key_usage OBJ_ld_ce,15L +#define OBJ_key_usage OBJ_id_ce,15L #define SN_private_key_usage_period "privateKeyUsagePeriod" #define LN_private_key_usage_period "X509v3 Private Key Usage Period" #define NID_private_key_usage_period 84 -#define OBJ_private_key_usage_period OBJ_ld_ce,16L +#define OBJ_private_key_usage_period OBJ_id_ce,16L #define SN_subject_alt_name "subjectAltName" #define LN_subject_alt_name "X509v3 Subject Alternative Name" #define NID_subject_alt_name 85 -#define OBJ_subject_alt_name OBJ_ld_ce,17L +#define OBJ_subject_alt_name OBJ_id_ce,17L #define SN_issuer_alt_name "issuerAltName" #define LN_issuer_alt_name "X509v3 Issuer Alternative Name" #define NID_issuer_alt_name 86 -#define OBJ_issuer_alt_name OBJ_ld_ce,18L +#define OBJ_issuer_alt_name OBJ_id_ce,18L #define SN_basic_constraints "basicConstraints" #define LN_basic_constraints "X509v3 Basic Constraints" #define NID_basic_constraints 87 -#define OBJ_basic_constraints OBJ_ld_ce,19L +#define OBJ_basic_constraints OBJ_id_ce,19L #define SN_crl_number "crlNumber" #define LN_crl_number "X509v3 CRL Number" #define NID_crl_number 88 -#define OBJ_crl_number OBJ_ld_ce,20L +#define OBJ_crl_number OBJ_id_ce,20L #define SN_certificate_policies "certificatePolicies" #define LN_certificate_policies "X509v3 Certificate Policies" #define NID_certificate_policies 89 -#define OBJ_certificate_policies OBJ_ld_ce,32L +#define OBJ_certificate_policies OBJ_id_ce,32L #define SN_authority_key_identifier "authorityKeyIdentifier" #define LN_authority_key_identifier "X509v3 Authority Key Identifier" #define NID_authority_key_identifier 90 -#define OBJ_authority_key_identifier OBJ_ld_ce,35L +#define OBJ_authority_key_identifier OBJ_id_ce,35L #define SN_bf_cbc "BF-CBC" #define LN_bf_cbc "bf-cbc" #define NID_bf_cbc 91 +#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L #define SN_bf_ecb "BF-ECB" #define LN_bf_ecb "bf-ecb" @@ -550,7 +560,7 @@ extern "C" { #define SN_crl_distribution_points "crlDistributionPoints" #define LN_crl_distribution_points "X509v3 CRL Distribution Points" #define NID_crl_distribution_points 103 -#define OBJ_crl_distribution_points OBJ_ld_ce,31L +#define OBJ_crl_distribution_points OBJ_id_ce,31L #define SN_md5WithRSA "RSA-NP-MD5" #define LN_md5WithRSA "md5WithRSA" @@ -623,7 +633,7 @@ extern "C" { #define OBJ_ripemd160 1L,3L,36L,3L,2L,1L /* The name should actually be rsaSignatureWithripemd160, but I'm going - * to contiune using the convention I'm using with the other ciphers */ + * to continue using the convention I'm using with the other ciphers */ #define SN_ripemd160WithRSA "RSA-RIPEMD160" #define LN_ripemd160WithRSA "ripemd160WithRSA" #define NID_ripemd160WithRSA 119 @@ -654,56 +664,365 @@ extern "C" { #define LN_rc5_ofb64 "rc5-ofb" #define NID_rc5_ofb64 123 -#include "bio.h" -#include "asn1.h" +#define SN_rle_compression "RLE" +#define LN_rle_compression "run length compression" +#define NID_rle_compression 124 +#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L + +#define SN_zlib_compression "ZLIB" +#define LN_zlib_compression "zlib compression" +#define NID_zlib_compression 125 +#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L + +#define SN_ext_key_usage "extendedKeyUsage" +#define LN_ext_key_usage "X509v3 Extended Key Usage" +#define NID_ext_key_usage 126 +#define OBJ_ext_key_usage OBJ_id_ce,37 + +#define SN_id_pkix "PKIX" +#define NID_id_pkix 127 +#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L + +#define SN_id_kp "id-kp" +#define NID_id_kp 128 +#define OBJ_id_kp OBJ_id_pkix,3L + +/* PKIX extended key usage OIDs */ + +#define SN_server_auth "serverAuth" +#define LN_server_auth "TLS Web Server Authentication" +#define NID_server_auth 129 +#define OBJ_server_auth OBJ_id_kp,1L + +#define SN_client_auth "clientAuth" +#define LN_client_auth "TLS Web Client Authentication" +#define NID_client_auth 130 +#define OBJ_client_auth OBJ_id_kp,2L + +#define SN_code_sign "codeSigning" +#define LN_code_sign "Code Signing" +#define NID_code_sign 131 +#define OBJ_code_sign OBJ_id_kp,3L + +#define SN_email_protect "emailProtection" +#define LN_email_protect "E-mail Protection" +#define NID_email_protect 132 +#define OBJ_email_protect OBJ_id_kp,4L + +#define SN_time_stamp "timeStamping" +#define LN_time_stamp "Time Stamping" +#define NID_time_stamp 133 +#define OBJ_time_stamp OBJ_id_kp,8L + +/* Additional extended key usage OIDs: Microsoft */ + +#define SN_ms_code_ind "msCodeInd" +#define LN_ms_code_ind "Microsoft Individual Code Signing" +#define NID_ms_code_ind 134 +#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L + +#define SN_ms_code_com "msCodeCom" +#define LN_ms_code_com "Microsoft Commercial Code Signing" +#define NID_ms_code_com 135 +#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L + +#define SN_ms_ctl_sign "msCTLSign" +#define LN_ms_ctl_sign "Microsoft Trust List Signing" +#define NID_ms_ctl_sign 136 +#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L + +#define SN_ms_sgc "msSGC" +#define LN_ms_sgc "Microsoft Server Gated Crypto" +#define NID_ms_sgc 137 +#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L + +#define SN_ms_efs "msEFS" +#define LN_ms_efs "Microsoft Encrypted File System" +#define NID_ms_efs 138 +#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L + +/* Additional usage: Netscape */ + +#define SN_ns_sgc "nsSGC" +#define LN_ns_sgc "Netscape Server Gated Crypto" +#define NID_ns_sgc 139 +#define OBJ_ns_sgc OBJ_netscape,4L,1L + +#define SN_delta_crl "deltaCRL" +#define LN_delta_crl "X509v3 Delta CRL Indicator" +#define NID_delta_crl 140 +#define OBJ_delta_crl OBJ_id_ce,27L + +#define SN_crl_reason "CRLReason" +#define LN_crl_reason "CRL Reason Code" +#define NID_crl_reason 141 +#define OBJ_crl_reason OBJ_id_ce,21L -#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) +#define SN_invalidity_date "invalidityDate" +#define LN_invalidity_date "Invalidity Date" +#define NID_invalidity_date 142 +#define OBJ_invalidity_date OBJ_id_ce,24L + +#define SN_sxnet "SXNetID" +#define LN_sxnet "Strong Extranet ID" +#define NID_sxnet 143 +#define OBJ_sxnet 1L,3L,101L,1L,4L,1L + +/* PKCS12 and related OBJECT IDENTIFIERS */ + +#define OBJ_pkcs12 OBJ_pkcs,12L +#define OBJ_pkcs12_pbeids OBJ_pkcs12, 1 -#ifndef NOPROTO +#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128" +#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4" +#define NID_pbe_WithSHA1And128BitRC4 144 +#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L -ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_nid2obj(int n); -char * OBJ_nid2ln(int n); -char * OBJ_nid2sn(int n); -int OBJ_obj2nid(ASN1_OBJECT *o); -int OBJ_txt2nid(char *s); -int OBJ_ln2nid(char *s); -int OBJ_sn2nid(char *s); -int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b); -char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)()); +#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40" +#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4" +#define NID_pbe_WithSHA1And40BitRC4 145 +#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L -void ERR_load_OBJ_strings(void ); +#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES" +#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC" +#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146 +#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L + +#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES" +#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC" +#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147 +#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L + +#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128" +#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC" +#define NID_pbe_WithSHA1And128BitRC2_CBC 148 +#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L + +#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40" +#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC" +#define NID_pbe_WithSHA1And40BitRC2_CBC 149 +#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L + +#define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L + +#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L -int OBJ_new_nid(int num); -int OBJ_add_object(ASN1_OBJECT *obj); -int OBJ_create(char *oid,char *sn,char *ln); -void OBJ_cleanup(void ); -int OBJ_create_objects(BIO *in); +#define LN_keyBag "keyBag" +#define NID_keyBag 150 +#define OBJ_keyBag OBJ_pkcs12_BagIds, 1L + +#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag" +#define NID_pkcs8ShroudedKeyBag 151 +#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L + +#define LN_certBag "certBag" +#define NID_certBag 152 +#define OBJ_certBag OBJ_pkcs12_BagIds, 3L + +#define LN_crlBag "crlBag" +#define NID_crlBag 153 +#define OBJ_crlBag OBJ_pkcs12_BagIds, 4L + +#define LN_secretBag "secretBag" +#define NID_secretBag 154 +#define OBJ_secretBag OBJ_pkcs12_BagIds, 5L + +#define LN_safeContentsBag "safeContentsBag" +#define NID_safeContentsBag 155 +#define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L -#else +#define LN_friendlyName "friendlyName" +#define NID_friendlyName 156 +#define OBJ_friendlyName OBJ_pkcs9, 20L + +#define LN_localKeyID "localKeyID" +#define NID_localKeyID 157 +#define OBJ_localKeyID OBJ_pkcs9, 21L + +#define OBJ_certTypes OBJ_pkcs9, 22L + +#define LN_x509Certificate "x509Certificate" +#define NID_x509Certificate 158 +#define OBJ_x509Certificate OBJ_certTypes, 1L + +#define LN_sdsiCertificate "sdsiCertificate" +#define NID_sdsiCertificate 159 +#define OBJ_sdsiCertificate OBJ_certTypes, 2L + +#define OBJ_crlTypes OBJ_pkcs9, 23L + +#define LN_x509Crl "x509Crl" +#define NID_x509Crl 160 +#define OBJ_x509Crl OBJ_crlTypes, 1L + +/* PKCS#5 v2 OIDs */ + +#define LN_pbes2 "PBES2" +#define NID_pbes2 161 +#define OBJ_pbes2 OBJ_pkcs,5L,13L + +#define LN_pbmac1 "PBMAC1" +#define NID_pbmac1 162 +#define OBJ_pbmac1 OBJ_pkcs,5L,14L + +#define LN_hmacWithSHA1 "hmacWithSHA1" +#define NID_hmacWithSHA1 163 +#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L + +/* Policy Qualifier Ids */ + +#define LN_id_qt_cps "Policy Qualifier CPS" +#define SN_id_qt_cps "id-qt-cps" +#define NID_id_qt_cps 164 +#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L + +#define LN_id_qt_unotice "Policy Qualifier User Notice" +#define SN_id_qt_unotice "id-qt-unotice" +#define NID_id_qt_unotice 165 +#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L + +#define SN_rc2_64_cbc "RC2-64-CBC" +#define LN_rc2_64_cbc "rc2-64-cbc" +#define NID_rc2_64_cbc 166 + +#define SN_SMIMECapabilities "SMIME-CAPS" +#define LN_SMIMECapabilities "S/MIME Capabilities" +#define NID_SMIMECapabilities 167 +#define OBJ_SMIMECapabilities OBJ_pkcs9,15L + +#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64" +#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" +#define NID_pbeWithMD2AndRC2_CBC 168 +#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L + +#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64" +#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" +#define NID_pbeWithMD5AndRC2_CBC 169 +#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L + +#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES" +#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" +#define NID_pbeWithSHA1AndDES_CBC 170 +#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L + +/* Extension request OIDs */ + +#define LN_ms_ext_req "Microsoft Extension Request" +#define SN_ms_ext_req "msExtReq" +#define NID_ms_ext_req 171 +#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L -ASN1_OBJECT * OBJ_dup(); -ASN1_OBJECT * OBJ_nid2obj(); -char * OBJ_nid2ln(); -char * OBJ_nid2sn(); -int OBJ_obj2nid(); -int OBJ_txt2nid(); -int OBJ_ln2nid(); -int OBJ_sn2nid(); -int OBJ_cmp(); -char * OBJ_bsearch(); - -void ERR_load_OBJ_strings(); - -int OBJ_new_nid(); -int OBJ_add_object(); -int OBJ_create(); -void OBJ_cleanup(); -int OBJ_create_objects(); +#define LN_ext_req "Extension Request" +#define SN_ext_req "extReq" +#define NID_ext_req 172 +#define OBJ_ext_req OBJ_pkcs9,14L +#define SN_name "name" +#define LN_name "name" +#define NID_name 173 +#define OBJ_name OBJ_X509,41L + +#define SN_dnQualifier "dnQualifier" +#define LN_dnQualifier "dnQualifier" +#define NID_dnQualifier 174 +#define OBJ_dnQualifier OBJ_X509,46L + +#define SN_id_pe "id-pe" +#define NID_id_pe 175 +#define OBJ_id_pe OBJ_id_pkix,1L + +#define SN_id_ad "id-ad" +#define NID_id_ad 176 +#define OBJ_id_ad OBJ_id_pkix,48L + +#define SN_info_access "authorityInfoAccess" +#define LN_info_access "Authority Information Access" +#define NID_info_access 177 +#define OBJ_info_access OBJ_id_pe,1L + +#define SN_ad_OCSP "OCSP" +#define LN_ad_OCSP "OCSP" +#define NID_ad_OCSP 178 +#define OBJ_ad_OCSP OBJ_id_ad,1L + +#define SN_ad_ca_issuers "caIssuers" +#define LN_ad_ca_issuers "CA Issuers" +#define NID_ad_ca_issuers 179 +#define OBJ_ad_ca_issuers OBJ_id_ad,2L + +#define SN_OCSP_sign "OCSPSigning" +#define LN_OCSP_sign "OCSP Signing" +#define NID_OCSP_sign 180 +#define OBJ_OCSP_sign OBJ_id_kp,9L +#endif /* USE_OBJ_MAC */ + +#include +#include + +#define OBJ_NAME_TYPE_UNDEF 0x00 +#define OBJ_NAME_TYPE_MD_METH 0x01 +#define OBJ_NAME_TYPE_CIPHER_METH 0x02 +#define OBJ_NAME_TYPE_PKEY_METH 0x03 +#define OBJ_NAME_TYPE_COMP_METH 0x04 +#define OBJ_NAME_TYPE_NUM 0x05 + +#define OBJ_NAME_ALIAS 0x8000 + + +#ifdef __cplusplus +extern "C" { #endif +typedef struct obj_name_st + { + int type; + int alias; + const char *name; + const char *data; + } OBJ_NAME; + +#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) + + +int OBJ_NAME_init(void); +int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), + int (*cmp_func)(const char *, const char *), + void (*free_func)(const char *, int, const char *)); +const char *OBJ_NAME_get(const char *name,int type); +int OBJ_NAME_add(const char *name,int type,const char *data); +int OBJ_NAME_remove(const char *name,int type); +void OBJ_NAME_cleanup(int type); /* -1 for everything */ +void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); +void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), + void *arg); + +ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o); +ASN1_OBJECT * OBJ_nid2obj(int n); +const char * OBJ_nid2ln(int n); +const char * OBJ_nid2sn(int n); +int OBJ_obj2nid(const ASN1_OBJECT *o); +ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name); +int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name); +int OBJ_txt2nid(const char *s); +int OBJ_ln2nid(const char *s); +int OBJ_sn2nid(const char *s); +int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b); +const char * OBJ_bsearch(const char *key,const char *base,int num,int size, + int (*cmp)(const void *, const void *)); + +int OBJ_new_nid(int num); +int OBJ_add_object(const ASN1_OBJECT *obj); +int OBJ_create(const char *oid,const char *sn,const char *ln); +void OBJ_cleanup(void ); +int OBJ_create_objects(BIO *in); + /* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_OBJ_strings(void); + /* Error codes for the OBJ functions. */ /* Function codes. */ @@ -716,9 +1035,8 @@ int OBJ_create_objects(); /* Reason codes. */ #define OBJ_R_MALLOC_FAILURE 100 #define OBJ_R_UNKNOWN_NID 101 - + #ifdef __cplusplus } #endif #endif - diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl index c956bbb841..76c06cc8f9 100644 --- a/src/lib/libcrypto/objects/objects.pl +++ b/src/lib/libcrypto/objects/objects.pl @@ -9,7 +9,9 @@ while() $o++; s/#.*$//; next if /^\s*$/; + $_ = 'X'.$_; ($Cname,$mynum) = split; + $Cname =~ s/^X//; if (defined($nidn{$mynum})) { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; } $nid{$Cname} = $mynum; @@ -114,7 +116,13 @@ close NUMOUT; open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]"; print OUT <<'EOF'; -/* lib/obj/obj_mac.h */ +/* crypto/objects/obj_mac.h */ + +/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the + * following command: + * perl objects.pl objects.txt obj_mac.num obj_mac.h + */ + /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -172,11 +180,6 @@ print OUT <<'EOF'; * [including the GNU Public Licence.] */ -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num obj_mac.h - */ - #define SN_undef "UNDEF" #define LN_undef "undefined" #define NID_undef 0 @@ -207,6 +210,8 @@ sub process_oid if (!($a[0] =~ /^[0-9]+$/)) { $a[0] =~ s/-/_/g; + if (!defined($obj{$a[0]})) + { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; } $pref_oid = "OBJ_" . $a[0]; $pref_sep = ","; shift @a; diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index cb276e90e9..65d0b15629 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt @@ -1,40 +1,764 @@ -1 2 : ISO member bodies -1 2 840 : US (ANSI) -1 2 840 113549 : rsadsi : RSA Data Security, Inc. -1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS -1 2 840 113549 1 1 1 : rsaEncryption -1 2 840 113549 1 1 2 : md2withRSAEncryption -1 2 840 113549 1 1 4 : md5withRSAEncryption -1 2 840 113549 1 7 : pkcs-7 -1 2 840 113549 1 7 1 : pkcs-7-data -1 2 840 113549 1 7 2 : pkcs-7-signedData -1 2 840 113549 1 7 3 : pkcs-7-envelopedData -1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData -1 2 840 113549 1 7 5 : pkcs-7-digestData -1 2 840 113549 1 7 6 : pkcs-7-encryptedData -1 2 840 113549 2 2 : md2 -1 2 840 113549 2 4 : md4 -1 2 840 113549 2 5 : md5 -1 2 840 113549 3 4 : rc4 -1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC -1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC -2 5 : X500 : directory services (X.500) -2 5 4 : X509 -2 5 4 3 : commonName -2 5 4 6 : countryName -2 5 4 7 : localityName -2 5 4 8 : stateOrProvinceName -2 5 4 10 : organizationName -2 5 4 11 : organizationalUnitName -2 5 8 : directory services - algorithms -2 5 8 1 1 : rsa - -algorithm 18 : sha -encryptionAlgorithm 1 : rsa +0 : CCITT : ccitt + +1 : ISO : iso + +2 : JOINT-ISO-CCITT : joint-iso-ccitt + +iso 2 : member-body : ISO Member Body + +joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types + +selected-attribute-types 55 : clearance + +member-body 840 : ISO-US : ISO US Member Body +ISO-US 10040 : X9-57 : X9.57 +X9-57 4 : X9cm : X9.57 CM ? + +!Cname dsa +X9cm 1 : DSA : dsaEncryption +X9cm 3 : DSA-SHA1 : dsaWithSHA1 + + +ISO-US 10045 : ansi-X9-62 : ANSI X9.62 +!module X9-62 +!Alias id-fieldType ansi-X9-62 1 +X9-62_id-fieldType 1 : prime-field +X9-62_id-fieldType 2 : characteristic-two-field +# ... characteristic-two-field OID subtree +!Alias id-publicKeyType ansi-X9-62 2 +X9-62_id-publicKeyType 1 : id-ecPublicKey +!Alias ellipticCurve ansi-X9-62 3 +!Alias c-TwoCurve X9-62_ellipticCurve 0 +# ... characteristic 2 curve OIDs +!Alias primeCurve X9-62_ellipticCurve 1 +X9-62_primeCurve 1 : prime192v1 +X9-62_primeCurve 2 : prime192v2 +X9-62_primeCurve 3 : prime192v3 +X9-62_primeCurve 4 : prime239v1 +X9-62_primeCurve 5 : prime239v2 +X9-62_primeCurve 6 : prime239v3 +X9-62_primeCurve 7 : prime256v1 +!Alias id-ecSigType ansi-X9-62 4 +!global +X9-62_id-ecSigType 1 : ecdsa-with-SHA1 + + + +ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc + : CAST5-ECB : cast5-ecb +!Cname cast5-cfb64 + : CAST5-CFB : cast5-cfb +!Cname cast5-ofb64 + : CAST5-OFB : cast5-ofb +!Cname pbeWithMD5AndCast5-CBC +ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC + +ISO-US 113549 : rsadsi : RSA Data Security, Inc. + +rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS + +pkcs 1 : pkcs1 +pkcs1 1 : : rsaEncryption +pkcs1 2 : RSA-MD2 : md2WithRSAEncryption +pkcs1 3 : RSA-MD4 : md4WithRSAEncryption +pkcs1 4 : RSA-MD5 : md5WithRSAEncryption +pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption + +pkcs 3 : pkcs3 +pkcs3 1 : : dhKeyAgreement + +pkcs 5 : pkcs5 +pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC +pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC +pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC +pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC +pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC +pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC +!Cname id_pbkdf2 +pkcs5 12 : : PBKDF2 +!Cname pbes2 +pkcs5 13 : : PBES2 +!Cname pbmac1 +pkcs5 14 : : PBMAC1 + +pkcs 7 : pkcs7 +pkcs7 1 : : pkcs7-data +!Cname pkcs7-signed +pkcs7 2 : : pkcs7-signedData +!Cname pkcs7-enveloped +pkcs7 3 : : pkcs7-envelopedData +!Cname pkcs7-signedAndEnveloped +pkcs7 4 : : pkcs7-signedAndEnvelopedData +!Cname pkcs7-digest +pkcs7 5 : : pkcs7-digestData +!Cname pkcs7-encrypted +pkcs7 6 : : pkcs7-encryptedData + +pkcs 9 : pkcs9 +!module pkcs9 +pkcs9 1 : : emailAddress +pkcs9 2 : : unstructuredName +pkcs9 3 : : contentType +pkcs9 4 : : messageDigest +pkcs9 5 : : signingTime +pkcs9 6 : : countersignature +pkcs9 7 : : challengePassword +pkcs9 8 : : unstructuredAddress +!Cname extCertAttributes +pkcs9 9 : : extendedCertificateAttributes +!global + +!Cname ext-req +pkcs9 14 : extReq : Extension Request + +!Cname SMIMECapabilities +pkcs9 15 : SMIME-CAPS : S/MIME Capabilities + +# S/MIME +!Cname SMIME +pkcs9 16 : SMIME : S/MIME +SMIME 0 : id-smime-mod +SMIME 1 : id-smime-ct +SMIME 2 : id-smime-aa +SMIME 3 : id-smime-alg +SMIME 4 : id-smime-cd +SMIME 5 : id-smime-spq +SMIME 6 : id-smime-cti + +# S/MIME Modules +id-smime-mod 1 : id-smime-mod-cms +id-smime-mod 2 : id-smime-mod-ess +id-smime-mod 3 : id-smime-mod-oid +id-smime-mod 4 : id-smime-mod-msg-v3 +id-smime-mod 5 : id-smime-mod-ets-eSignature-88 +id-smime-mod 6 : id-smime-mod-ets-eSignature-97 +id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 +id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 + +# S/MIME Content Types +id-smime-ct 1 : id-smime-ct-receipt +id-smime-ct 2 : id-smime-ct-authData +id-smime-ct 3 : id-smime-ct-publishCert +id-smime-ct 4 : id-smime-ct-TSTInfo +id-smime-ct 5 : id-smime-ct-TDTInfo +id-smime-ct 6 : id-smime-ct-contentInfo +id-smime-ct 7 : id-smime-ct-DVCSRequestData +id-smime-ct 8 : id-smime-ct-DVCSResponseData + +# S/MIME Attributes +id-smime-aa 1 : id-smime-aa-receiptRequest +id-smime-aa 2 : id-smime-aa-securityLabel +id-smime-aa 3 : id-smime-aa-mlExpandHistory +id-smime-aa 4 : id-smime-aa-contentHint +id-smime-aa 5 : id-smime-aa-msgSigDigest +# obsolete +id-smime-aa 6 : id-smime-aa-encapContentType +id-smime-aa 7 : id-smime-aa-contentIdentifier +# obsolete +id-smime-aa 8 : id-smime-aa-macValue +id-smime-aa 9 : id-smime-aa-equivalentLabels +id-smime-aa 10 : id-smime-aa-contentReference +id-smime-aa 11 : id-smime-aa-encrypKeyPref +id-smime-aa 12 : id-smime-aa-signingCertificate +id-smime-aa 13 : id-smime-aa-smimeEncryptCerts +id-smime-aa 14 : id-smime-aa-timeStampToken +id-smime-aa 15 : id-smime-aa-ets-sigPolicyId +id-smime-aa 16 : id-smime-aa-ets-commitmentType +id-smime-aa 17 : id-smime-aa-ets-signerLocation +id-smime-aa 18 : id-smime-aa-ets-signerAttr +id-smime-aa 19 : id-smime-aa-ets-otherSigCert +id-smime-aa 20 : id-smime-aa-ets-contentTimestamp +id-smime-aa 21 : id-smime-aa-ets-CertificateRefs +id-smime-aa 22 : id-smime-aa-ets-RevocationRefs +id-smime-aa 23 : id-smime-aa-ets-certValues +id-smime-aa 24 : id-smime-aa-ets-revocationValues +id-smime-aa 25 : id-smime-aa-ets-escTimeStamp +id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp +id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp +id-smime-aa 28 : id-smime-aa-signatureType +id-smime-aa 29 : id-smime-aa-dvcs-dvc + +# S/MIME Algorithm Identifiers +# obsolete +id-smime-alg 1 : id-smime-alg-ESDHwith3DES +# obsolete +id-smime-alg 2 : id-smime-alg-ESDHwithRC2 +# obsolete +id-smime-alg 3 : id-smime-alg-3DESwrap +# obsolete +id-smime-alg 4 : id-smime-alg-RC2wrap +id-smime-alg 5 : id-smime-alg-ESDH +id-smime-alg 6 : id-smime-alg-CMS3DESwrap +id-smime-alg 7 : id-smime-alg-CMSRC2wrap + +# S/MIME Certificate Distribution +id-smime-cd 1 : id-smime-cd-ldap + +# S/MIME Signature Policy Qualifier +id-smime-spq 1 : id-smime-spq-ets-sqt-uri +id-smime-spq 2 : id-smime-spq-ets-sqt-unotice + +# S/MIME Commitment Type Identifier +id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin +id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt +id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery +id-smime-cti 4 : id-smime-cti-ets-proofOfSender +id-smime-cti 5 : id-smime-cti-ets-proofOfApproval +id-smime-cti 6 : id-smime-cti-ets-proofOfCreation + +pkcs9 20 : : friendlyName +pkcs9 21 : : localKeyID +!Cname ms-csp-name +1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name +!Alias certTypes pkcs9 22 +certTypes 1 : : x509Certificate +certTypes 2 : : sdsiCertificate +!Alias crlTypes pkcs9 23 +crlTypes 1 : : x509Crl + +!Alias pkcs12 pkcs 12 +!Alias pkcs12-pbeids pkcs12 1 + +!Cname pbe-WithSHA1And128BitRC4 +pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 +!Cname pbe-WithSHA1And40BitRC4 +pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 +!Cname pbe-WithSHA1And3_Key_TripleDES-CBC +pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC +!Cname pbe-WithSHA1And2_Key_TripleDES-CBC +pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC +!Cname pbe-WithSHA1And128BitRC2-CBC +pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC +!Cname pbe-WithSHA1And40BitRC2-CBC +pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC + +!Alias pkcs12-Version1 pkcs12 10 +!Alias pkcs12-BagIds pkcs12-Version1 1 +pkcs12-BagIds 1 : : keyBag +pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag +pkcs12-BagIds 3 : : certBag +pkcs12-BagIds 4 : : crlBag +pkcs12-BagIds 5 : : secretBag +pkcs12-BagIds 6 : : safeContentsBag + +rsadsi 2 2 : MD2 : md2 +rsadsi 2 4 : MD4 : md4 +rsadsi 2 5 : MD5 : md5 + : MD5-SHA1 : md5-sha1 +rsadsi 2 7 : : hmacWithSHA1 +rsadsi 3 2 : RC2-CBC : rc2-cbc + : RC2-ECB : rc2-ecb +!Cname rc2-cfb64 + : RC2-CFB : rc2-cfb +!Cname rc2-ofb64 + : RC2-OFB : rc2-ofb + : RC2-40-CBC : rc2-40-cbc + : RC2-64-CBC : rc2-64-cbc +rsadsi 3 4 : RC4 : rc4 + : RC4-40 : rc4-40 +rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc +rsadsi 3 8 : RC5-CBC : rc5-cbc + : RC5-ECB : rc5-ecb +!Cname rc5-cfb64 + : RC5-CFB : rc5-cfb +!Cname rc5-ofb64 + : RC5-OFB : rc5-ofb + +!Cname ms-ext-req +1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request +!Cname ms-code-ind +1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing +!Cname ms-code-com +1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing +!Cname ms-ctl-sign +1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing +!Cname ms-sgc +1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto +!Cname ms-efs +1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System + +1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc + : IDEA-ECB : idea-ecb +!Cname idea-cfb64 + : IDEA-CFB : idea-cfb +!Cname idea-ofb64 + : IDEA-OFB : idea-ofb + +1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc + : BF-ECB : bf-ecb +!Cname bf-cfb64 + : BF-CFB : bf-cfb +!Cname bf-ofb64 + : BF-OFB : bf-ofb + +!Cname id-pkix +1 3 6 1 5 5 7 : PKIX + +# PKIX Arcs +id-pkix 0 : id-pkix-mod +id-pkix 1 : id-pe +id-pkix 2 : id-qt +id-pkix 3 : id-kp +id-pkix 4 : id-it +id-pkix 5 : id-pkip +id-pkix 6 : id-alg +id-pkix 7 : id-cmc +id-pkix 8 : id-on +id-pkix 9 : id-pda +id-pkix 10 : id-aca +id-pkix 11 : id-qcs +id-pkix 12 : id-cct +id-pkix 48 : id-ad + +# PKIX Modules +id-pkix-mod 1 : id-pkix1-explicit-88 +id-pkix-mod 2 : id-pkix1-implicit-88 +id-pkix-mod 3 : id-pkix1-explicit-93 +id-pkix-mod 4 : id-pkix1-implicit-93 +id-pkix-mod 5 : id-mod-crmf +id-pkix-mod 6 : id-mod-cmc +id-pkix-mod 7 : id-mod-kea-profile-88 +id-pkix-mod 8 : id-mod-kea-profile-93 +id-pkix-mod 9 : id-mod-cmp +id-pkix-mod 10 : id-mod-qualified-cert-88 +id-pkix-mod 11 : id-mod-qualified-cert-93 +id-pkix-mod 12 : id-mod-attribute-cert +id-pkix-mod 13 : id-mod-timestamp-protocol +id-pkix-mod 14 : id-mod-ocsp +id-pkix-mod 15 : id-mod-dvcs +id-pkix-mod 16 : id-mod-cmp2000 + +# PKIX Private Extensions +!Cname info-access +id-pe 1 : authorityInfoAccess : Authority Information Access +id-pe 2 : biometricInfo : Biometric Info +id-pe 3 : qcStatements +id-pe 4 : ac-auditEntity +id-pe 5 : ac-targeting +id-pe 6 : aaControls +id-pe 7 : sbqp-ipAddrBlock +id-pe 8 : sbqp-autonomousSysNum +id-pe 9 : sbqp-routerIdentifier +id-pe 10 : ac-proxying +!Cname sinfo-access +id-pe 11 : subjectInfoAccess : Subject Information Access + +# PKIX policyQualifiers for Internet policy qualifiers +id-qt 1 : id-qt-cps : Policy Qualifier CPS +id-qt 2 : id-qt-unotice : Policy Qualifier User Notice +id-qt 3 : textNotice + +# PKIX key purpose identifiers +!Cname server-auth +id-kp 1 : serverAuth : TLS Web Server Authentication +!Cname client-auth +id-kp 2 : clientAuth : TLS Web Client Authentication +!Cname code-sign +id-kp 3 : codeSigning : Code Signing +!Cname email-protect +id-kp 4 : emailProtection : E-mail Protection +id-kp 5 : ipsecEndSystem : IPSec End System +id-kp 6 : ipsecTunnel : IPSec Tunnel +id-kp 7 : ipsecUser : IPSec User +!Cname time-stamp +id-kp 8 : timeStamping : Time Stamping +# From OCSP spec RFC2560 +!Cname OCSP-sign +id-kp 9 : OCSPSigning : OCSP Signing +id-kp 10 : DVCS : dvcs + +# CMP information types +id-it 1 : id-it-caProtEncCert +id-it 2 : id-it-signKeyPairTypes +id-it 3 : id-it-encKeyPairTypes +id-it 4 : id-it-preferredSymmAlg +id-it 5 : id-it-caKeyUpdateInfo +id-it 6 : id-it-currentCRL +id-it 7 : id-it-unsupportedOIDs +# obsolete +id-it 8 : id-it-subscriptionRequest +# obsolete +id-it 9 : id-it-subscriptionResponse +id-it 10 : id-it-keyPairParamReq +id-it 11 : id-it-keyPairParamRep +id-it 12 : id-it-revPassphrase +id-it 13 : id-it-implicitConfirm +id-it 14 : id-it-confirmWaitTime +id-it 15 : id-it-origPKIMessage + +# CRMF registration +id-pkip 1 : id-regCtrl +id-pkip 2 : id-regInfo + +# CRMF registration controls +id-regCtrl 1 : id-regCtrl-regToken +id-regCtrl 2 : id-regCtrl-authenticator +id-regCtrl 3 : id-regCtrl-pkiPublicationInfo +id-regCtrl 4 : id-regCtrl-pkiArchiveOptions +id-regCtrl 5 : id-regCtrl-oldCertID +id-regCtrl 6 : id-regCtrl-protocolEncrKey + +# CRMF registration information +id-regInfo 1 : id-regInfo-utf8Pairs +id-regInfo 2 : id-regInfo-certReq + +# algorithms +id-alg 1 : id-alg-des40 +id-alg 2 : id-alg-noSignature +id-alg 3 : id-alg-dh-sig-hmac-sha1 +id-alg 4 : id-alg-dh-pop + +# CMC controls +id-cmc 1 : id-cmc-statusInfo +id-cmc 2 : id-cmc-identification +id-cmc 3 : id-cmc-identityProof +id-cmc 4 : id-cmc-dataReturn +id-cmc 5 : id-cmc-transactionId +id-cmc 6 : id-cmc-senderNonce +id-cmc 7 : id-cmc-recipientNonce +id-cmc 8 : id-cmc-addExtensions +id-cmc 9 : id-cmc-encryptedPOP +id-cmc 10 : id-cmc-decryptedPOP +id-cmc 11 : id-cmc-lraPOPWitness +id-cmc 15 : id-cmc-getCert +id-cmc 16 : id-cmc-getCRL +id-cmc 17 : id-cmc-revokeRequest +id-cmc 18 : id-cmc-regInfo +id-cmc 19 : id-cmc-responseInfo +id-cmc 21 : id-cmc-queryPending +id-cmc 22 : id-cmc-popLinkRandom +id-cmc 23 : id-cmc-popLinkWitness +id-cmc 24 : id-cmc-confirmCertAcceptance + +# other names +id-on 1 : id-on-personalData + +# personal data attributes +id-pda 1 : id-pda-dateOfBirth +id-pda 2 : id-pda-placeOfBirth +id-pda 3 : id-pda-gender +id-pda 4 : id-pda-countryOfCitizenship +id-pda 5 : id-pda-countryOfResidence + +# attribute certificate attributes +id-aca 1 : id-aca-authenticationInfo +id-aca 2 : id-aca-accessIdentity +id-aca 3 : id-aca-chargingIdentity +id-aca 4 : id-aca-group +# attention : the following seems to be obsolete, replace by 'role' +id-aca 5 : id-aca-role +id-aca 6 : id-aca-encAttrs + +# qualified certificate statements +id-qcs 1 : id-qcs-pkixQCSyntax-v1 + +# CMC content types +id-cct 1 : id-cct-crs +id-cct 2 : id-cct-PKIData +id-cct 3 : id-cct-PKIResponse + +# access descriptors for authority info access extension +!Cname ad-OCSP +id-ad 1 : OCSP : OCSP +!Cname ad-ca-issuers +id-ad 2 : caIssuers : CA Issuers +!Cname ad-timeStamping +id-ad 3 : ad_timestamping : AD Time Stamping +!Cname ad-dvcs +id-ad 4 : AD_DVCS : ad dvcs + + +!Alias id-pkix-OCSP ad-OCSP +!module id-pkix-OCSP +!Cname basic +id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response +id-pkix-OCSP 2 : Nonce : OCSP Nonce +id-pkix-OCSP 3 : CrlID : OCSP CRL ID +id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses +id-pkix-OCSP 5 : noCheck : OCSP No Check +id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff +id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator +id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status +id-pkix-OCSP 9 : valid +id-pkix-OCSP 10 : path +id-pkix-OCSP 11 : trustRoot : Trust Root +!global + +1 3 14 3 2 : algorithm : algorithm +algorithm 3 : RSA-NP-MD5 : md5WithRSA +algorithm 6 : DES-ECB : des-ecb +algorithm 7 : DES-CBC : des-cbc +!Cname des-ofb64 +algorithm 8 : DES-OFB : des-ofb +!Cname des-cfb64 +algorithm 9 : DES-CFB : des-cfb algorithm 11 : rsaSignature +!Cname dsa-2 +algorithm 12 : DSA-old : dsaEncryption-old +algorithm 13 : DSA-SHA : dsaWithSHA +algorithm 15 : RSA-SHA : shaWithRSAEncryption +!Cname des-ede-ecb +algorithm 17 : DES-EDE : des-ede +!Cname des-ede3-ecb + : DES-EDE3 : des-ede3 + : DES-EDE-CBC : des-ede-cbc +!Cname des-ede-cfb64 + : DES-EDE-CFB : des-ede-cfb +!Cname des-ede3-cfb64 + : DES-EDE3-CFB : des-ede3-cfb +!Cname des-ede-ofb64 + : DES-EDE-OFB : des-ede-ofb +!Cname des-ede3-ofb64 + : DES-EDE3-OFB : des-ede3-ofb + : DESX-CBC : desx-cbc +algorithm 18 : SHA : sha +algorithm 26 : SHA1 : sha1 +!Cname dsaWithSHA1-2 +algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old +algorithm 29 : RSA-SHA1-2 : sha1WithRSA + +1 3 36 3 2 1 : RIPEMD160 : ripemd160 +1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA + +!Cname sxnet +1 3 101 1 4 1 : SXNetID : Strong Extranet ID + +2 5 : X500 : directory services (X.500) + +X500 4 : X509 +X509 3 : CN : commonName +X509 4 : SN : surname +X509 5 : : serialNumber +X509 6 : C : countryName +X509 7 : L : localityName +X509 8 : ST : stateOrProvinceName +X509 10 : O : organizationName +X509 11 : OU : organizationalUnitName +X509 12 : : title +X509 13 : : description +X509 41 : name : name +X509 42 : gn : givenName +X509 43 : : initials +X509 44 : : generationQualifier +X509 45 : : x500UniqueIdentifier +X509 46 : dnQualifier : dnQualifier +X509 72 : role : role + +X500 8 : X500algorithms : directory services - algorithms +X500algorithms 1 1 : RSA : rsa +X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA +X500algorithms 3 101 : MDC2 : mdc2 + +X500 29 : id-ce +!Cname subject-key-identifier +id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier +!Cname key-usage +id-ce 15 : keyUsage : X509v3 Key Usage +!Cname private-key-usage-period +id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period +!Cname subject-alt-name +id-ce 17 : subjectAltName : X509v3 Subject Alternative Name +!Cname issuer-alt-name +id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name +!Cname basic-constraints +id-ce 19 : basicConstraints : X509v3 Basic Constraints +!Cname crl-number +id-ce 20 : crlNumber : X509v3 CRL Number +!Cname crl-reason +id-ce 21 : CRLReason : X509v3 CRL Reason Code +!Cname invalidity-date +id-ce 24 : invalidityDate : Invalidity Date +!Cname delta-crl +id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator +!Cname crl-distribution-points +id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points +!Cname certificate-policies +id-ce 32 : certificatePolicies : X509v3 Certificate Policies +!Cname authority-key-identifier +id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier +!Cname policy-constraints +id-ce 36 : policyConstraints : X509v3 Policy Constraints +!Cname ext-key-usage +id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage +!Cname target-information +id-ce 55 : targetInformation : X509v3 AC Targeting +!Cname no-rev-avail +id-ce 56 : noRevAvail : X509v3 No Revocation Available + +!Cname netscape +2 16 840 1 113730 : Netscape : Netscape Communications Corp. +!Cname netscape-cert-extension +netscape 1 : nsCertExt : Netscape Certificate Extension +!Cname netscape-data-type +netscape 2 : nsDataType : Netscape Data Type +!Cname netscape-cert-type +netscape-cert-extension 1 : nsCertType : Netscape Cert Type +!Cname netscape-base-url +netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url +!Cname netscape-revocation-url +netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url +!Cname netscape-ca-revocation-url +netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url +!Cname netscape-renewal-url +netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url +!Cname netscape-ca-policy-url +netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url +!Cname netscape-ssl-server-name +netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name +!Cname netscape-comment +netscape-cert-extension 13 : nsComment : Netscape Comment +!Cname netscape-cert-sequence +netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence +!Cname ns-sgc +netscape 4 1 : nsSGC : Netscape Server Gated Crypto + +# iso(1) +iso 3 : ORG : org +org 6 : DOD : dod +dod 1 : IANA : iana +!Alias internet iana + +internet 1 : directory : Directory +internet 2 : mgmt : Management +internet 3 : experimental : Experimental +internet 4 : private : Private +internet 5 : security : Security +internet 6 : snmpv2 : SNMPv2 +# Documents refer to "internet 7" as "mail". This however leads to ambiguities +# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for +# rfc822Mailbox. The short name is therefore here left out for a reason. +# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as +# references are realized via long name "Mail" (with capital M). +internet 7 : : Mail + +Private 1 : enterprises : Enterprises + +# RFC 2247 +Enterprises 1466 344 : dcobject : dcObject + +# RFC 1495 +Mail 1 : mime-mhs : MIME MHS +mime-mhs 1 : mime-mhs-headings : mime-mhs-headings +mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies +mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message +mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message + +# What the hell are these OIDs, really? +!Cname rle-compression +1 1 1 1 666 1 : RLE : run length compression +!Cname zlib-compression +1 1 1 1 666 2 : ZLIB : zlib compression + +# AES aka Rijndael + +!Alias csor 2 16 840 1 101 3 +!Alias nistAlgorithms csor 4 +!Alias aes nistAlgorithms 1 + +aes 1 : AES-128-ECB : aes-128-ecb +aes 2 : AES-128-CBC : aes-128-cbc +!Cname aes-128-ofb128 +aes 3 : AES-128-OFB : aes-128-ofb +!Cname aes-128-cfb128 +aes 4 : AES-128-CFB : aes-128-cfb + +aes 21 : AES-192-ECB : aes-192-ecb +aes 22 : AES-192-CBC : aes-192-cbc +!Cname aes-192-ofb128 +aes 23 : AES-192-OFB : aes-192-ofb +!Cname aes-192-cfb128 +aes 24 : AES-192-CFB : aes-192-cfb + +aes 41 : AES-256-ECB : aes-256-ecb +aes 42 : AES-256-CBC : aes-256-cbc +!Cname aes-256-ofb128 +aes 43 : AES-256-OFB : aes-256-ofb +!Cname aes-256-cfb128 +aes 44 : AES-256-CFB : aes-256-cfb + +# Hold instruction CRL entry extension +!Cname hold-instruction-code +id-ce 23 : holdInstructionCode : Hold Instruction Code +!Alias holdInstruction X9-57 2 +!Cname hold-instruction-none +holdInstruction 1 : holdInstructionNone : Hold Instruction None +!Cname hold-instruction-call-issuer +holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer +!Cname hold-instruction-reject +holdInstruction 3 : holdInstructionReject : Hold Instruction Reject -algorithm 6 : desECB -algorithm 7 : desCBC -algorithm 8 : desOFB -algorithm 9 : desCFB -algorithm 17 : desEDE2 +# OID's from CCITT. Most of this is defined in RFC 1274. A couple of +# them are also mentioned in RFC 2247 +ccitt 9 : data +data 2342 : pss +pss 19200300 : ucl +ucl 100 : pilot +pilot 1 : : pilotAttributeType +pilot 3 : : pilotAttributeSyntax +pilot 4 : : pilotObjectClass +pilot 10 : : pilotGroups +pilotAttributeSyntax 4 : : iA5StringSyntax +pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax +pilotObjectClass 3 : : pilotObject +pilotObjectClass 4 : : pilotPerson +pilotObjectClass 5 : account +pilotObjectClass 6 : document +pilotObjectClass 7 : room +pilotObjectClass 9 : : documentSeries +pilotObjectClass 13 : domain : Domain +pilotObjectClass 14 : : rFC822localPart +pilotObjectClass 15 : : dNSDomain +pilotObjectClass 17 : : domainRelatedObject +pilotObjectClass 18 : : friendlyCountry +pilotObjectClass 19 : : simpleSecurityObject +pilotObjectClass 20 : : pilotOrganization +pilotObjectClass 21 : : pilotDSA +pilotObjectClass 22 : : qualityLabelledData +pilotAttributeType 1 : UID : userId +pilotAttributeType 2 : : textEncodedORAddress +pilotAttributeType 3 : mail : rfc822Mailbox +pilotAttributeType 4 : info +pilotAttributeType 5 : : favouriteDrink +pilotAttributeType 6 : : roomNumber +pilotAttributeType 7 : photo +pilotAttributeType 8 : : userClass +pilotAttributeType 9 : host +pilotAttributeType 10 : manager +pilotAttributeType 11 : : documentIdentifier +pilotAttributeType 12 : : documentTitle +pilotAttributeType 13 : : documentVersion +pilotAttributeType 14 : : documentAuthor +pilotAttributeType 15 : : documentLocation +pilotAttributeType 20 : : homeTelephoneNumber +pilotAttributeType 21 : secretary +pilotAttributeType 22 : : otherMailbox +pilotAttributeType 23 : : lastModifiedTime +pilotAttributeType 24 : : lastModifiedBy +pilotAttributeType 25 : DC : domainComponent +pilotAttributeType 26 : : aRecord +pilotAttributeType 27 : : pilotAttributeType27 +pilotAttributeType 28 : : mXRecord +pilotAttributeType 29 : : nSRecord +pilotAttributeType 30 : : sOARecord +pilotAttributeType 31 : : cNAMERecord +pilotAttributeType 37 : : associatedDomain +pilotAttributeType 38 : : associatedName +pilotAttributeType 39 : : homePostalAddress +pilotAttributeType 40 : : personalTitle +pilotAttributeType 41 : : mobileTelephoneNumber +pilotAttributeType 42 : : pagerTelephoneNumber +pilotAttributeType 43 : : friendlyCountryName +# The following clashes with 2.5.4.45, so commented away +#pilotAttributeType 44 : uid : uniqueIdentifier +pilotAttributeType 45 : : organizationalStatus +pilotAttributeType 46 : : janetMailbox +pilotAttributeType 47 : : mailPreferenceOption +pilotAttributeType 48 : : buildingName +pilotAttributeType 49 : : dSAQuality +pilotAttributeType 50 : : singleLevelQuality +pilotAttributeType 51 : : subtreeMinimumQuality +pilotAttributeType 52 : : subtreeMaximumQuality +pilotAttributeType 53 : : personalSignature +pilotAttributeType 54 : : dITRedirect +pilotAttributeType 55 : audio +pilotAttributeType 56 : : documentPublisher -- cgit v1.2.3-55-g6feb