secoid.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 1,534 行 · 第 1/5 页

	sizeof(verisignUserNotices) },
        SEC_OID_VERISIGN_USER_NOTICES,
	"Verisign User Notices", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },

    /* pkix oids */
    { { siDEROID, pkixCPSPointerQualifier,
	sizeof(pkixCPSPointerQualifier) },
        SEC_OID_PKIX_CPS_POINTER_QUALIFIER,
	"PKIX CPS Pointer Qualifier", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixUserNoticeQualifier,
	sizeof(pkixUserNoticeQualifier) },
        SEC_OID_PKIX_USER_NOTICE_QUALIFIER,
	"PKIX User Notice Qualifier", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },

    { { siDEROID, pkixOCSP, sizeof(pkixOCSP), },
	SEC_OID_PKIX_OCSP,
	"PKIX Online Certificate Status Protocol", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPBasicResponse, sizeof(pkixOCSPBasicResponse), },
	SEC_OID_PKIX_OCSP_BASIC_RESPONSE,
	"OCSP Basic Response", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPNonce, sizeof(pkixOCSPNonce), },
	SEC_OID_PKIX_OCSP_NONCE,
	"OCSP Nonce Extension", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPCRL, sizeof(pkixOCSPCRL), },
	SEC_OID_PKIX_OCSP_CRL,
	"OCSP CRL Reference Extension", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPResponse, sizeof(pkixOCSPResponse), },
	SEC_OID_PKIX_OCSP_RESPONSE,
	"OCSP Response Types Extension", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPNoCheck, sizeof(pkixOCSPNoCheck) },
	SEC_OID_PKIX_OCSP_NO_CHECK,
	"OCSP No Check Extension", CKM_INVALID_MECHANISM, 
	SUPPORTED_CERT_EXTENSION },
    { { siDEROID, pkixOCSPArchiveCutoff, sizeof(pkixOCSPArchiveCutoff) },
	SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF,
	"OCSP Archive Cutoff Extension", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkixOCSPServiceLocator, sizeof(pkixOCSPServiceLocator) },
	SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
	"OCSP Service Locator Extension", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },

    { { siDEROID, pkixRegCtrlRegToken,
	sizeof (pkixRegCtrlRegToken) },
        SEC_OID_PKIX_REGCTRL_REGTOKEN,
        "PKIX CRMF Registration Control, Registration Token", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
    { { siDEROID, pkixRegCtrlAuthenticator,
	sizeof (pkixRegCtrlAuthenticator) },
        SEC_OID_PKIX_REGCTRL_AUTHENTICATOR,
        "PKIX CRMF Registration Control, Registration Authenticator", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
    { { siDEROID, pkixRegCtrlPKIPubInfo,
	sizeof (pkixRegCtrlPKIPubInfo) },
        SEC_OID_PKIX_REGCTRL_PKIPUBINFO,
        "PKIX CRMF Registration Control, PKI Publication Info", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixRegCtrlPKIArchOptions,
	sizeof (pkixRegCtrlPKIArchOptions) },
        SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
        "PKIX CRMF Registration Control, PKI Archive Options", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixRegCtrlOldCertID,
	sizeof (pkixRegCtrlOldCertID) },
        SEC_OID_PKIX_REGCTRL_OLD_CERT_ID,
        "PKIX CRMF Registration Control, Old Certificate ID", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixRegCtrlProtEncKey,
	sizeof (pkixRegCtrlProtEncKey) },
        SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY,
        "PKIX CRMF Registration Control, Protocol Encryption Key", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixRegInfoUTF8Pairs,
	sizeof (pkixRegInfoUTF8Pairs) },
        SEC_OID_PKIX_REGINFO_UTF8_PAIRS,
        "PKIX CRMF Registration Info, UTF8 Pairs", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixRegInfoCertReq,
	sizeof (pkixRegInfoCertReq) },
        SEC_OID_PKIX_REGINFO_CERT_REQUEST,
        "PKIX CRMF Registration Info, Certificate Request", 
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixExtendedKeyUsageServerAuth,
	sizeof (pkixExtendedKeyUsageServerAuth) },
        SEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
        "TLS Web Server Authentication Certificate",
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixExtendedKeyUsageClientAuth,
	sizeof (pkixExtendedKeyUsageClientAuth) },
        SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
        "TLS Web Client Authentication Certificate",
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixExtendedKeyUsageCodeSign,
	sizeof (pkixExtendedKeyUsageCodeSign) },
        SEC_OID_EXT_KEY_USAGE_CODE_SIGN,
        "Code Signing Certificate",
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixExtendedKeyUsageEMailProtect,
	sizeof (pkixExtendedKeyUsageEMailProtect) },
        SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
        "E-Mail Protection Certificate",
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixExtendedKeyUsageTimeStamp,
	sizeof (pkixExtendedKeyUsageTimeStamp) },
        SEC_OID_EXT_KEY_USAGE_TIME_STAMP,
        "Time Stamping Certifcate",
        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},
    { { siDEROID, pkixOCSPResponderExtendedKeyUsage,
	  sizeof (pkixOCSPResponderExtendedKeyUsage) },
          SEC_OID_OCSP_RESPONDER,
          "OCSP Responder Certificate",
          CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION},

    /* Netscape Algorithm OIDs */

    { { siDEROID, netscapeSMimeKEA,
	sizeof(netscapeSMimeKEA) },
        SEC_OID_NETSCAPE_SMIME_KEA,
	"Netscape S/MIME KEA", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },

      /* Skipjack OID -- ### mwelch temporary */
    { { siDEROID, skipjackCBC,
	sizeof(skipjackCBC) },
        SEC_OID_FORTEZZA_SKIPJACK,
	"Skipjack CBC64", CKM_SKIPJACK_CBC64,
	INVALID_CERT_EXTENSION },

    /* pkcs12 v2 oids */
    { { siDEROID, pkcs12V2PBEWithSha1And128BitRC4,
	sizeof(pkcs12V2PBEWithSha1And128BitRC4) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
	"PKCS12 V2 PBE With SHA1 And 128 Bit RC4", 
	CKM_PBE_SHA1_RC4_128,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V2PBEWithSha1And40BitRC4,
	sizeof(pkcs12V2PBEWithSha1And40BitRC4) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
	"PKCS12 V2 PBE With SHA1 And 40 Bit RC4", 
	CKM_PBE_SHA1_RC4_40,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V2PBEWithSha1And3KeyTripleDEScbc,
	sizeof(pkcs12V2PBEWithSha1And3KeyTripleDEScbc) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
	"PKCS12 V2 PBE With SHA1 And 3KEY Triple DES-cbc", 
	CKM_PBE_SHA1_DES3_EDE_CBC,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V2PBEWithSha1And2KeyTripleDEScbc,
	sizeof(pkcs12V2PBEWithSha1And2KeyTripleDEScbc) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC,
	"PKCS12 V2 PBE With SHA1 And 2KEY Triple DES-cbc", 
	CKM_PBE_SHA1_DES2_EDE_CBC,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V2PBEWithSha1And128BitRC2cbc,
	sizeof(pkcs12V2PBEWithSha1And128BitRC2cbc) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
	"PKCS12 V2 PBE With SHA1 And 128 Bit RC2 CBC", 
	CKM_PBE_SHA1_RC2_128_CBC,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V2PBEWithSha1And40BitRC2cbc,
	sizeof(pkcs12V2PBEWithSha1And40BitRC2cbc) },
        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
	"PKCS12 V2 PBE With SHA1 And 40 Bit RC2 CBC", 
	CKM_PBE_SHA1_RC2_40_CBC,
	INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12SafeContentsID, 
    	sizeof(pkcs12SafeContentsID) },
	  SEC_OID_PKCS12_SAFE_CONTENTS_ID,
	  "PKCS #12 Safe Contents ID", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12PKCS8ShroudedKeyBagID, 
    	sizeof(pkcs12PKCS8ShroudedKeyBagID) },
	  SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID,
	  "PKCS #12 Safe Contents ID", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1KeyBag, 
    	sizeof(pkcs12V1KeyBag) },
	  SEC_OID_PKCS12_V1_KEY_BAG_ID,
	  "PKCS #12 V1 Key Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1PKCS8ShroudedKeyBag, 
    	sizeof(pkcs12V1PKCS8ShroudedKeyBag) },
	  SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID,
	  "PKCS #12 V1 PKCS8 Shrouded Key Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1CertBag, 
    	sizeof(pkcs12V1CertBag) },
	  SEC_OID_PKCS12_V1_CERT_BAG_ID,
	  "PKCS #12 V1 Cert Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1CRLBag, 
    	sizeof(pkcs12V1CRLBag) },
	  SEC_OID_PKCS12_V1_CRL_BAG_ID,
	  "PKCS #12 V1 CRL Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1SecretBag, 
    	sizeof(pkcs12V1SecretBag) },
	  SEC_OID_PKCS12_V1_SECRET_BAG_ID,
	  "PKCS #12 V1 Secret Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs12V1SafeContentsBag, 
    	sizeof(pkcs12V1SafeContentsBag) },
	  SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
	  "PKCS #12 V1 Safe Contents Bag", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },

    { { siDEROID, pkcs9X509Certificate, 
    	sizeof(pkcs9X509Certificate) },
	  SEC_OID_PKCS9_X509_CERT,
	  "PKCS #9 X509 Certificate", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs9SDSICertificate, 
    	sizeof(pkcs9SDSICertificate) },
	  SEC_OID_PKCS9_SDSI_CERT,
	  "PKCS #9 SDSI Certificate", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs9X509CRL, 
    	sizeof(pkcs9X509CRL) },
	  SEC_OID_PKCS9_X509_CRL,
	  "PKCS #9 X509 CRL", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs9FriendlyName, 
    	sizeof(pkcs9FriendlyName) },
	  SEC_OID_PKCS9_FRIENDLY_NAME,
	  "PKCS #9 Friendly Name", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, pkcs9LocalKeyID, 
    	sizeof(pkcs9LocalKeyID) },
	  SEC_OID_PKCS9_LOCAL_KEY_ID,
	  "PKCS #9 Local Key ID", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION }, 
    { { siDEROID, pkcs12KeyUsageAttr,
	sizeof(pkcs12KeyUsageAttr) },
	  SEC_OID_PKCS12_KEY_USAGE,
	  "PKCS 12 Key Usage", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, dhPublicKey,
	sizeof(dhPublicKey) },
	  SEC_OID_X942_DIFFIE_HELMAN_KEY,
	  "Diffie-Helman Public Key", CKM_DH_PKCS_DERIVE,
	  INVALID_CERT_EXTENSION },
    { { siDEROID, netscapeNickname,
	sizeof(netscapeNickname) },
	  SEC_OID_NETSCAPE_NICKNAME,
	  "Netscape Nickname", CKM_INVALID_MECHANISM,
	  INVALID_CERT_EXTENSION },

    /* Cert Server specific OIDs */
    { { siDEROID, netscapeRecoveryRequest,
        sizeof(netscapeRecoveryRequest) },
        SEC_OID_NETSCAPE_RECOVERY_REQUEST,
        "Recovery Request OID", CKM_INVALID_MECHANISM,
        INVALID_CERT_EXTENSION }, 

    { { siDEROID, nsExtAIACertRenewal,
        sizeof(nsExtAIACertRenewal) },
        SEC_OID_CERT_RENEWAL_LOCATOR,
        "Certificate Renewal Locator OID", CKM_INVALID_MECHANISM,
        INVALID_CERT_EXTENSION }, 

    { { siDEROID, nsExtCertScopeOfUse,
        sizeof(nsExtCertScopeOfUse) },
        SEC_OID_NS_CERT_EXT_SCOPE_OF_USE,
        "Certificate Scope-of-Use Extension", CKM_INVALID_MECHANISM,
        SUPPORTED_CERT_EXTENSION },

    /* CMS stuff */
    { { siDEROID, cmsESDH,
        sizeof(cmsESDH) },
        SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN,
        "Ephemeral-Static Diffie-Hellman", CKM_INVALID_MECHANISM /* XXX */,
        INVALID_CERT_EXTENSION },
    { { siDEROID, cms3DESwrap,
        sizeof(cms3DESwrap) },
        SEC_OID_CMS_3DES_KEY_WRAP,
        "CMS 3DES Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
        INVALID_CERT_EXTENSION },
    { { siDEROID, cmsRC2wrap,
        sizeof(cmsRC2wrap) },
        SEC_OID_CMS_RC2_KEY_WRAP,
        "CMS RC2 Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
        INVALID_CERT_EXTENSION },
    { { siDEROID, smimeEncryptionKeyPreference,
	sizeof(smimeEncryptionKeyPreference) },
	SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE,
	"S/MIME Encryption Key Preference", CKM_INVALID_MECHANISM,
	INVALID_CERT_EXTENSION },

};

/*
 * now the dynamic table. The dynamic table gets build at init time.
 *  and gets modified if the user loads new crypto modules.
 */

static DB *oid_d_hash = 0;
static SECOidData **secoidDynamicTable = NULL;
static int secoidDynamicTableSize = 0;
static int secoidLastDynamicEntry = 0;