📄 ext_def.c
字号:
{ MKOID( "\x06\x03\x55\x1D\x20" ), CRYPT_CERTINFO_CERTIFICATEPOLICIES,
MKDESC( "certPolicies" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_LEVEL_STANDARD | FL_VALID_CERT | FL_SETOF, RANGE_NONE },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo" )
ENCODING( BER_SEQUENCE ),
FL_MORE, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_CERTPOLICYID,
MKDESC( "certPolicies.policyInfo.policyIdentifier" )
ENCODING( BER_OBJECT_IDENTIFIER ),
FL_MORE | FL_MULTIVALUED, RANGE_OID },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQualifiers" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_NONEMPTY | FL_SETOF | FL_OPTIONAL, RANGE_NONE },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQual" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_IDENTIFIER, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x02\x01" ), 0,
MKDESC( "certPolicies.policyInfo.policyQual.cps (1 3 6 1 5 5 7 2 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_CERTPOLICY_CPSURI,
MKDESC( "certPolicies.policyInfo.policyQuals.qualifier.cPSuri" )
ENCODING( BER_STRING_IA5 ),
FL_MORE | FL_MULTIVALUED | FL_SEQEND /*FL_SEQEND_2*/, CHECK_URL },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQual" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_IDENTIFIER, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x02\x02" ), 0,
MKDESC( "certPolicies.policyInfo.policyQual.unotice (1 3 6 1 5 5 7 2 2)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE, RANGE_NONE },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice.noticeRef" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_MULTIVALUED | FL_OPTIONAL, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_CERTPOLICY_ORGANIZATION,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice.noticeRef.organization" )
ENCODING( FIELDTYPE_DISPLAYSTRING ),
FL_MORE | FL_MULTIVALUED, RANGE( 1, 200 ) },
{ NULL, 0,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice.noticeRef.noticeNumbers" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_CERTPOLICY_NOTICENUMBERS,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice.noticeRef.noticeNumbers" )
ENCODING( BER_INTEGER ),
FL_MORE | FL_MULTIVALUED | FL_SEQEND_2, RANGE( 1, 1000 ) },
{ NULL, CRYPT_CERTINFO_CERTPOLICY_EXPLICITTEXT,
MKDESC( "certPolicies.policyInfo.policyQual.userNotice.explicitText" )
ENCODING( FIELDTYPE_DISPLAYSTRING ),
FL_OPTIONAL | FL_MULTIVALUED | FL_SEQEND_3 /*FL_SEQEND, or _4 (CPS) or _5 or _7 (uNotice), */, RANGE( 1, 200 ) },
/* policyMappings:
OID = 2 5 29 33
SEQUENCE SIZE (1..MAX) OF {
SEQUENCE {
issuerDomainPolicy OBJECT IDENTIFIER,
subjectDomainPolicy OBJECT IDENTIFIER
}
} */
{ MKOID( "\x06\x03\x55\x1D\x21" ), CRYPT_CERTINFO_POLICYMAPPINGS,
MKDESC( "policyMappings" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_LEVEL_PKIX_FULL | FL_VALID_CERT | FL_SETOF, RANGE_NONE },
{ NULL, 0,
MKDESC( "policyMappings.sequenceOf" )
ENCODING( BER_SEQUENCE ),
FL_MORE, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_ISSUERDOMAINPOLICY,
MKDESC( "policyMappings.sequenceOf.issuerDomainPolicy" )
ENCODING( BER_OBJECT_IDENTIFIER ),
FL_MORE | FL_MULTIVALUED, RANGE_OID },
{ NULL, CRYPT_CERTINFO_SUBJECTDOMAINPOLICY,
MKDESC( "policyMappings.sequenceOf.subjectDomainPolicy" )
ENCODING( BER_OBJECT_IDENTIFIER ),
FL_MULTIVALUED | FL_SEQEND_2 /*FL_SEQEND_3*/, RANGE_OID },
/* authorityKeyIdentifier:
OID = 2 5 29 35
SEQUENCE {
keyIdentifier [ 0 ] OCTET STRING OPTIONAL,
authorityCertIssuer -- Neither or both
[ 1 ] SEQUENCE OF GeneralName OPTIONAL
authorityCertSerialNumber -- of these must
[ 2 ] INTEGER OPTIONAL -- be present
}
Although the serialNumber should be an integer it's really an integer
equivalent of an octet string hole so we call it an octet string to
make sure that it gets handled appropriately */
{ MKOID( "\x06\x03\x55\x1D\x23" ), CRYPT_CERTINFO_AUTHORITYKEYIDENTIFIER,
MKDESC( "authorityKeyIdentifier" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_NONEMPTY | FL_LEVEL_PKIX_PARTIAL | FL_VALID_CERT | FL_VALID_CRL, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_AUTHORITY_KEYIDENTIFIER,
MKDESC( "authorityKeyIdentifier.keyIdentifier" )
ENCODING_TAGGED( BER_OCTETSTRING, 0 ),
FL_MORE | FL_OPTIONAL, RANGE( 1, 64 ) },
{ NULL, 0,
MKDESC( "authorityKeyIdentifier.authorityCertIssuer" )
ENCODING_TAGGED( BER_SEQUENCE, 1 ),
FL_MORE | FL_SETOF | FL_OPTIONAL, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_AUTHORITY_CERTISSUER,
MKDESC( "authorityKeyIdentifier.authorityCertIssuer.generalName" )
ENCODING( FIELDTYPE_SUBTYPED ),
FL_MORE | FL_NONEMPTY | FL_OPTIONAL | FL_MULTIVALUED | FL_SEQEND, ENCODED_OBJECT( generalNameInfo ) },
{ NULL, CRYPT_CERTINFO_AUTHORITY_CERTSERIALNUMBER,
MKDESC( "authorityKeyIdentifier.authorityCertSerialNumber" )
ENCODING_TAGGED( BER_OCTETSTRING, 2 ), /* Actually an INTEGER hole */
FL_OPTIONAL | FL_SEQEND /*NONE*/, RANGE( 1, 64 ) },
/* policyConstraints:
OID = 2 5 29 36
SEQUENCE {
requireExplicitPolicy [ 0 ] INTEGER OPTIONAL,
inhibitPolicyMapping [ 1 ] INTEGER OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x24" ), CRYPT_CERTINFO_POLICYCONSTRAINTS,
MKDESC( "policyConstraints" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_NONEMPTY | FL_LEVEL_PKIX_FULL | FL_VALID_CERT, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_REQUIREEXPLICITPOLICY,
MKDESC( "policyConstraints.requireExplicitPolicy" )
ENCODING_TAGGED( BER_INTEGER, 0 ),
FL_MORE | FL_OPTIONAL, RANGE( 0, 64 ) },
{ NULL, CRYPT_CERTINFO_INHIBITPOLICYMAPPING,
MKDESC( "policyConstraints.inhibitPolicyMapping" )
ENCODING_TAGGED( BER_INTEGER, 1 ),
FL_OPTIONAL | FL_SEQEND /*NONE*/, RANGE( 0, 64 ) },
/* extKeyUsage:
OID = 2 5 29 37
SEQUENCE {
oidInstance1 OPTIONAL,
oidInstance2 OPTIONAL,
...
oidInstanceN OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x25" ), CRYPT_CERTINFO_EXTKEYUSAGE,
MKDESC( "extKeyUsage" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_NONEMPTY | FL_LEVEL_STANDARD | FL_VALID_CERTREQ | FL_VALID_CERT, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x02\x01\x15" ), CRYPT_CERTINFO_EXTKEY_MS_INDIVIDUALCODESIGNING,
MKDESC( "extKeyUsage.individualCodeSigning (1 3 6 1 4 1 311 2 1 21)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x02\x01\x16" ), CRYPT_CERTINFO_EXTKEY_MS_COMMERCIALCODESIGNING,
MKDESC( "extKeyUsage.commercialCodeSigning (1 3 6 1 4 1 311 2 1 22)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x01" ), CRYPT_CERTINFO_EXTKEY_MS_CERTTRUSTLISTSIGNING,
MKDESC( "extKeyUsage.certTrustListSigning (1 3 6 1 4 1 311 10 3 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x02" ), CRYPT_CERTINFO_EXTKEY_MS_TIMESTAMPSIGNING,
MKDESC( "extKeyUsage.timeStampSigning (1 3 6 1 4 1 311 10 3 2)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x03" ), CRYPT_CERTINFO_EXTKEY_MS_SERVERGATEDCRYPTO,
MKDESC( "extKeyUsage.serverGatedCrypto (1 3 6 1 4 1 311 10 3 3)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x2B\x06\x01\x04\x01\x82\x37\x0A\x03\x04" ), CRYPT_CERTINFO_EXTKEY_MS_ENCRYPTEDFILESYSTEM,
MKDESC( "extKeyUsage.encrypedFileSystem (1 3 6 1 4 1 311 10 3 4)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01" ), CRYPT_CERTINFO_EXTKEY_SERVERAUTH,
MKDESC( "extKeyUsage.serverAuth (1 3 6 1 5 5 7 3 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02" ), CRYPT_CERTINFO_EXTKEY_CLIENTAUTH,
MKDESC( "extKeyUsage.clientAuth (1 3 6 1 5 5 7 3 2)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x03" ), CRYPT_CERTINFO_EXTKEY_CODESIGNING,
MKDESC( "extKeyUsage.codeSigning (1 3 6 1 5 5 7 3 3)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x04" ), CRYPT_CERTINFO_EXTKEY_EMAILPROTECTION,
MKDESC( "extKeyUsage.emailProtection (1 3 6 1 5 5 7 3 4)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x05" ), CRYPT_CERTINFO_EXTKEY_IPSECENDSYSTEM,
MKDESC( "extKeyUsage.ipsecEndSystem (1 3 6 1 5 5 7 3 5)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x06" ), CRYPT_CERTINFO_EXTKEY_IPSECTUNNEL,
MKDESC( "extKeyUsage.ipsecTunnel (1 3 6 1 5 5 7 3 6)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x07" ), CRYPT_CERTINFO_EXTKEY_IPSECUSER,
MKDESC( "extKeyUsage.ipsecUser (1 3 6 1 5 5 7 3 7)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x08" ), CRYPT_CERTINFO_EXTKEY_TIMESTAMPING,
MKDESC( "extKeyUsage.timeStamping (1 3 6 1 5 5 7 3 8)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09" ), CRYPT_CERTINFO_EXTKEY_OCSPSIGNING,
MKDESC( "extKeyUsage.ocspSigning (1 3 6 1 5 5 7 3 9)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x05\x2B\x24\x08\x02\x01" ), CRYPT_CERTINFO_EXTKEY_DIRECTORYSERVICE,
MKDESC( "extKeyUsage.directoryService (1 3 36 8 2 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x04\x55\x1D\x25\x00" ), CRYPT_CERTINFO_EXTKEY_ANYKEYUSAGE,
MKDESC( "extKeyUsage.anyExtendedKeyUsage(2 5 29 37 0)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x09\x60\x86\x48\x01\x86\xF8\x42\x04\x01" ), CRYPT_CERTINFO_EXTKEY_NS_SERVERGATEDCRYPTO,
MKDESC( "extKeyUsage.serverGatedCrypto (2 16 840 1 113730 4 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ MKOID( "\x06\x0A\x60\x86\x48\x01\x86\xF8\x45\x01\x08\x01" ), CRYPT_CERTINFO_EXTKEY_VS_SERVERGATEDCRYPTO_CA,
MKDESC( "extKeyUsage.serverGatedCryptoCA (2 16 840 1 113733 1 8 1)" )
ENCODING( FIELDTYPE_IDENTIFIER ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ NULL, 0,
MKDESC( "extKeyUsage.catchAll" )
ENCODING( FIELDTYPE_BLOB ), /* Match anything and ignore it */
FL_OPTIONAL | FL_NONENCODING | FL_SEQEND /*NONE*/, RANGE_NONE },
/* freshestCRL:
OID = 2 5 29 46
SEQUENCE OF {
SEQUENCE {
distributionPoint
[ 0 ] { -- CHOICE { ... }
fullName [ 0 ] SEQUENCE OF GeneralName
} OPTIONAL,
reasons [ 1 ] BIT STRING OPTIONAL,
cRLIssuer [ 2 ] SEQUENCE OF GeneralName OPTIONAL
}
} */
{ MKOID( "\x06\x03\x55\x1D\x2E" ), CRYPT_CERTINFO_FRESHESTCRL,
MKDESC( "freshestCRL" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_LEVEL_PKIX_FULL | FL_VALID_CERT | FL_VALID_ATTRCERT | FL_SETOF, RANGE_NONE },
{ NULL, 0,
MKDESC( "freshestCRL.distributionPoint" )
ENCODING( BER_SEQUENCE ),
FL_MORE | FL_NONEMPTY, RANGE_NONE },
{ NULL, 0,
MKDESC( "freshestCRL.distributionPoint.distributionPoint" )
ENCODING_TAGGED( BER_SEQUENCE, 0 ),
FL_MORE | FL_OPTIONAL, RANGE_NONE },
{ NULL, 0,
MKDESC( "freshestCRL.distributionPoint.distributionPoint.fullName" )
ENCODING_TAGGED( BER_SEQUENCE, 0 ),
FL_MORE | FL_NONEMPTY | FL_SETOF, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_FRESHESTCRL_FULLNAME,
MKDESC( "freshestCRL.distributionPoint.distributionPoint.fullName.generalName" )
ENCODING( FIELDTYPE_SUBTYPED ),
FL_MORE | FL_NONEMPTY | FL_OPTIONAL | FL_MULTIVALUED | FL_SEQEND_2, ENCODED_OBJECT( generalNameInfo ) },
{ NULL, CRYPT_CERTINFO_FRESHESTCRL_REASONS,
MKDESC( "freshestCRL.distributionPoint.reasons" )
ENCODING_TAGGED( BER_BITSTRING, 1 ),
FL_MORE | FL_OPTIONAL | FL_MULTIVALUED, RANGE( 0, CRYPT_CRLREASONFLAG_LAST ) },
{ NULL, 0,
MKDESC( "freshestCRL.distributionPoint.cRLIssuer" )
ENCODING_TAGGED( BER_SEQUENCE, 2 ),
FL_MORE | FL_SETOF | FL_OPTIONAL, RANGE_NONE },
{ NULL, CRYPT_CERTINFO_FRESHESTCRL_CRLISSUER,
MKDESC( "freshestCRL.distributionPoint.cRLIssuer.generalName" )
ENCODING( FIELDTYPE_SUBTYPED ),
FL_OPTIONAL | FL_NONEMPTY | FL_MULTIVALUED | FL_SEQEND_2 /*or _3*/, ENCODED_OBJECT( generalNameInfo ) },
/* inhibitAnyPolicy:
OID = 2 5 29 54
INTEGER */
{ MKOID( "\x06\x03\x55\x1D\x36" ), CRYPT_CERTINFO_INHIBITANYPOLICY,
MKDESC( "inhibitAnyPolicy" )
ENCODING( BER_INTEGER ),
FL_LEVEL_PKIX_FULL | FL_VALID_CERTREQ | FL_VALID_CERT, RANGE( 0, 64 ) },
/* netscape-cert-type:
OID = 2 16 840 1 113730 1 1
BITSTRING */
{ MKOID( "\x06\x09\x60\x86\x48\x01\x86\xF8\x42\x01\x01" ), CRYPT_CERTINFO_NS_CERTTYPE,
MKDESC( "netscape-cert-type" )
ENCODING( BER_BITSTRING ),
FL_LEVEL_REDUCED | FL_VALID_CERTREQ | FL_VALID_CERT, RANGE( 0, CRYPT_NS_CERTTYPE_LAST ) },
/* netscape-base-url:
OID = 2 16 840 1 113730 1 2
IA5String */
{ MKOID( "\x06\x09\x60\x86\x48\x01\x86\xF8\x42\x01\x02" ), CRYPT_CERTINFO_NS_BASEURL,
MKDESC( "netscape-base-url" )
ENCODING( BER_STRING_IA5 ),
FL_LEVEL_STANDARD | FL_VALID_CERT, CHECK_HTTP },
/* netscape-revocation-url:
OID = 2 16 840 1 113730 1 3
IA5String */
{ MKOID( "\x06\x09\x60\x86\x48\x01\x86\xF8\x42\x01\x03" ), CRYPT_CERTINFO_NS_REVOCATIONURL,
MKDESC( "netscape-revocation-url" )
ENCODING( BER_STRING_IA5 ),
FL_LEVEL_STANDARD | FL_VALID_CERT, CHECK_HTTP },
/* netscape-ca-revocation-url:
OID = 2 16 840 1 113730 1 3
IA5String */
{ MKOID( "\x06\x09\x60\x86\x48\x01\x86\xF8\x42\x01\x04" ), CRYPT_CERTINFO_NS_CAREVOCATIONURL,
MKDESC( "netscape-ca-revocation-url" )
ENCODING( BER_STRING_IA5 ),
FL_LEVEL_STANDARD | FL_VALID_CERT, CHECK_HTTP },
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -