mirror of https://github.com/wolfSSL/wolfssl.git
ASN.1 OIDs and sum: Change algorithm for sum
New sum algorithm has no clashes at this time. Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM. New oid_sum.h file generated with scripts/asn1_oid_sum.pl. Added bunch of OID names into asn1 example.pull/8655/head
Sean Parkinson
parent
4450167ab0
commit
112351667a
|
|
@ -23,8 +23,8 @@ jobs:
|
|||
check_filenames: true
|
||||
check_hidden: true
|
||||
# Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
|
||||
ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te
|
||||
ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,
|
||||
# The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
|
||||
exclude_file: '.codespellexcludelines'
|
||||
# To skip files entirely from being processed, add it to the following list:
|
||||
skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg,*.revoked'
|
||||
skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg,*.revoked,dumpasn1.cfg,oid_names.h'
|
||||
|
|
|
|||
|
|
@ -23,6 +23,8 @@ jobs:
|
|||
'',
|
||||
'--enable-all --enable-asn=template',
|
||||
'--enable-all --enable-asn=original',
|
||||
'--enable-all --enable-asn=template CPPFLAGS=-DWOLFSSL_OLD_OID_SUM',
|
||||
'--enable-all --enable-asn=original CPPFLAGS=-DWOLFSSL_OLD_OID_SUM',
|
||||
'--enable-harden-tls',
|
||||
'--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13
|
||||
--enable-opensslextra --enable-sessioncerts
|
||||
|
|
|
|||
|
|
@ -34,6 +34,8 @@
|
|||
|
||||
#if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
|
||||
|
||||
#include "oid_names.h"
|
||||
|
||||
/* Increment allocated data by this much. */
|
||||
#define DATA_INC_LEN 256
|
||||
|
||||
|
|
@ -50,6 +52,20 @@ static Asn1PrintOptions opts;
|
|||
/* ASN.1 parsing state. */
|
||||
static Asn1 asn1;
|
||||
|
||||
static const char* asn1App_OidToName(unsigned char* oid, word32 len)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < asn1App_oid_names_len; i++) {
|
||||
if ((len == asn1App_oid_name[i].len) &&
|
||||
(XMEMCMP(oid, asn1App_oid_name[i].oid, len) == 0)) {
|
||||
return asn1App_oid_name[i].name;
|
||||
}
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Read the contents of a file into a dynamically allocated buffer.
|
||||
*
|
||||
* Uses realloc as input may be stdin.
|
||||
|
|
@ -65,9 +81,10 @@ static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
|
|||
int ret = 0;
|
||||
word32 len = 0;
|
||||
size_t read_len;
|
||||
/* Allocate a minimum amount. */
|
||||
unsigned char* data = (unsigned char*)XMALLOC(DATA_INC_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
unsigned char* data;
|
||||
|
||||
/* Allocate a minimum amount. */
|
||||
data = (unsigned char*)XMALLOC(DATA_INC_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (data != NULL) {
|
||||
/* Read more data. */
|
||||
while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
|
||||
|
|
@ -87,7 +104,8 @@ static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
|
|||
}
|
||||
|
||||
/* Make space for more data to be added to buffer. */
|
||||
p = (unsigned char*)XREALLOC(data, len + DATA_INC_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
p = (unsigned char*)XREALLOC(data, len + DATA_INC_LEN, NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (p == NULL) {
|
||||
/* Reallocation failed - free current buffer. */
|
||||
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
|
@ -299,6 +317,7 @@ const char* usage[] = {
|
|||
" -B, --base64 file contents are Base64 encoded",
|
||||
#endif
|
||||
" -d, --dump show all ASN.1 item data as a hex dump",
|
||||
" -D, --der file format is DER",
|
||||
" -h, --headers show all ASN.1 item headers as a hex dump",
|
||||
" -i, --indent indent tag name with depth",
|
||||
" -l, --length LEN display length bytes of data",
|
||||
|
|
@ -340,6 +359,7 @@ int main(int argc, char* argv[])
|
|||
int file_format = FORMAT_DER;
|
||||
word32 indent = 0;
|
||||
int pem_skip = 0;
|
||||
int format_set = 0;
|
||||
|
||||
/* Reset options. */
|
||||
(void)wc_Asn1PrintOptions_Init(&opts);
|
||||
|
|
@ -365,6 +385,11 @@ int main(int argc, char* argv[])
|
|||
(strcmp(argv[0], "--dump") == 0)) {
|
||||
wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_SHOW_DATA, 1);
|
||||
}
|
||||
else if ((strcmp(argv[0], "-D") == 0) ||
|
||||
(strcmp(argv[0], "--der") == 0)) {
|
||||
file_format = FORMAT_DER;
|
||||
format_set = 1;
|
||||
}
|
||||
/* Dump ASN.1 item headers. */
|
||||
else if ((strcmp(argv[0], "-h") == 0) ||
|
||||
(strcmp(argv[0], "--headers") == 0)) {
|
||||
|
|
@ -421,6 +446,7 @@ int main(int argc, char* argv[])
|
|||
else if ((strcmp(argv[0], "-p") == 0) ||
|
||||
(strcmp(argv[0], "--pem") == 0)) {
|
||||
file_format = FORMAT_PEM;
|
||||
format_set = 1;
|
||||
}
|
||||
#endif
|
||||
/* Skip a number of PEM blocks. */
|
||||
|
|
@ -451,10 +477,25 @@ int main(int argc, char* argv[])
|
|||
return 1;
|
||||
}
|
||||
else {
|
||||
int nameLen;
|
||||
|
||||
if (fp != stdin) {
|
||||
fprintf(stderr, "At most one input file can be supplied.\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!format_set) {
|
||||
nameLen = (int)XSTRLEN(argv[0]);
|
||||
if (nameLen > 3) {
|
||||
if (XMEMCMP(argv[0] + nameLen - 4, ".pem", 4) == 0) {
|
||||
file_format = FORMAT_PEM;
|
||||
}
|
||||
else if (XMEMCMP(argv[0] + nameLen - 4, ".der", 4) == 0) {
|
||||
file_format = FORMAT_DER;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Name of file to read. */
|
||||
fp = fopen(argv[0], "r");
|
||||
if (fp == NULL) {
|
||||
|
|
@ -472,6 +513,7 @@ int main(int argc, char* argv[])
|
|||
|
||||
(void)wc_Asn1_Init(&asn1);
|
||||
(void)wc_Asn1_SetFile(&asn1, stdout);
|
||||
(void)wc_Asn1_SetOidToNameCb(&asn1, asn1App_OidToName);
|
||||
|
||||
/* Process file based on type. */
|
||||
if (file_format == FORMAT_DER) {
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,137 @@
|
|||
#!/usr/bin/ruby
|
||||
|
||||
class OidName
|
||||
def initialize(oid, name)
|
||||
@oid = oid
|
||||
@name = name
|
||||
end
|
||||
|
||||
def der_to_str(d)
|
||||
s = "(byte*)\""
|
||||
d.each do |b|
|
||||
s += sprintf("\\x%02x", b)
|
||||
end
|
||||
s + "\""
|
||||
end
|
||||
|
||||
def write()
|
||||
puts <<EOF
|
||||
{ #{der_to_str(@oid)}, #{@oid.length},
|
||||
"#{@name.gsub(/\"/, '\\"')}" },
|
||||
EOF
|
||||
end
|
||||
end
|
||||
|
||||
class OidNames
|
||||
def initialize()
|
||||
@oid_name = []
|
||||
end
|
||||
|
||||
def decode_dotted(oid)
|
||||
i = 0
|
||||
n = 0
|
||||
der = []
|
||||
oid.split(/ /).each do |s|
|
||||
t = s.to_i
|
||||
|
||||
i += 1
|
||||
if i == 1
|
||||
n = t * 40
|
||||
next
|
||||
elsif i == 2
|
||||
n += t
|
||||
else
|
||||
n = t
|
||||
end
|
||||
|
||||
if n == 0
|
||||
der << 0
|
||||
end
|
||||
|
||||
tmp = []
|
||||
bit = 0;
|
||||
while n > 0
|
||||
tmp << ((n & 0x7f) | bit)
|
||||
n >>= 7
|
||||
bit = 0x80
|
||||
end
|
||||
der += tmp.reverse
|
||||
end
|
||||
|
||||
der
|
||||
end
|
||||
|
||||
def add(oid, name)
|
||||
@oid_name << OidName.new(decode_dotted(oid), name)
|
||||
end
|
||||
|
||||
def write_struct()
|
||||
puts <<EOF
|
||||
typedef struct asn1App_OidName {
|
||||
byte* oid;
|
||||
word32 len;
|
||||
const char* name;
|
||||
} asn1App_OidName;
|
||||
|
||||
EOF
|
||||
end
|
||||
|
||||
def write()
|
||||
puts <<EOF
|
||||
/* oid_names.h
|
||||
*
|
||||
* Copyright (C) 2006-2025 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
/* Generated using (from wolfssl):
|
||||
* cd examples/asn1
|
||||
* ruby ./gen_oid_names.rb dumpasn1.cfg > oid_names.h
|
||||
*/
|
||||
EOF
|
||||
puts
|
||||
write_struct()
|
||||
puts
|
||||
puts "static asn1App_OidName asn1App_oid_name[#{@oid_name.length}] = {"
|
||||
@oid_name.each do |o|
|
||||
o.write()
|
||||
end
|
||||
puts "};"
|
||||
puts
|
||||
puts "int asn1App_oid_names_len = #{@oid_name.length};"
|
||||
puts
|
||||
end
|
||||
end
|
||||
|
||||
oid = ""
|
||||
oidNames = OidNames.new()
|
||||
File.readlines(ARGV[0]).each do |l|
|
||||
next if l.length == 0
|
||||
next if l[0] == '#'
|
||||
|
||||
var, value = l.split(/ = /)
|
||||
|
||||
case var
|
||||
when /OID/
|
||||
oid = value
|
||||
when /Description/
|
||||
oidNames.add(oid, value.strip)
|
||||
end
|
||||
end
|
||||
oidNames.write()
|
||||
|
||||
|
|
@ -8,5 +8,9 @@ noinst_PROGRAMS += examples/asn1/asn1
|
|||
examples_asn1_asn1_SOURCES = examples/asn1/asn1.c
|
||||
examples_asn1_asn1_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
|
||||
examples_asn1_asn1_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
|
||||
|
||||
EXTRA_DIST += examples/asn1/oid_names.h \
|
||||
examples/asn1/dumpasn1.cfg \
|
||||
examples/asn1/gen_oid_names.rb
|
||||
endif
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
|
@ -110,7 +110,8 @@ EXTRA_DIST += scripts/sniffer-static-rsa.pcap \
|
|||
scripts/memtest.sh \
|
||||
scripts/makedistsmall.sh \
|
||||
scripts/openssl_srtp.test \
|
||||
scripts/aria-cmake-build-test.sh
|
||||
scripts/aria-cmake-build-test.sh \
|
||||
scripts/asn1_oid_sum.pl
|
||||
|
||||
|
||||
# leave openssl.test as extra until non bash works
|
||||
|
|
|
|||
139
src/ssl.c
139
src/ssl.c
|
|
@ -18446,8 +18446,8 @@ int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname)
|
|||
const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
||||
#ifndef NO_CERTS
|
||||
/* oidCertExtType */
|
||||
{ WC_NID_basic_constraints, BASIC_CA_OID, oidCertExtType, "basicConstraints",
|
||||
"X509v3 Basic Constraints"},
|
||||
{ WC_NID_basic_constraints, BASIC_CA_OID, oidCertExtType,
|
||||
"basicConstraints", "X509v3 Basic Constraints"},
|
||||
{ WC_NID_subject_alt_name, ALT_NAMES_OID, oidCertExtType, "subjectAltName",
|
||||
"X509v3 Subject Alternative Name"},
|
||||
{ WC_NID_crl_distribution_points, CRL_DIST_OID, oidCertExtType,
|
||||
|
|
@ -18493,40 +18493,48 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
"OCSPSigning", "OCSP Signing"},
|
||||
|
||||
/* oidCertNameType */
|
||||
{ WC_NID_commonName, WC_NID_commonName, oidCertNameType, "CN", "commonName"},
|
||||
{ WC_NID_commonName, WC_NAME_COMMON_NAME_OID, oidCertNameType,
|
||||
"CN", "commonName"},
|
||||
#if !defined(WOLFSSL_CERT_REQ)
|
||||
{ WC_NID_surname, WC_NID_surname, oidCertNameType, "SN", "surname"},
|
||||
{ WC_NID_surname, WC_NAME_SURNAME_OID, oidCertNameType, "SN", "surname"},
|
||||
#endif
|
||||
{ WC_NID_serialNumber, WC_NID_serialNumber, oidCertNameType, "serialNumber",
|
||||
"serialNumber"},
|
||||
{ WC_NID_serialNumber, WC_NAME_SERIAL_NUMBER_OID, oidCertNameType,
|
||||
"serialNumber", "serialNumber"},
|
||||
{ WC_NID_userId, WC_NID_userId, oidCertNameType, "UID", "userid"},
|
||||
{ WC_NID_countryName, WC_NID_countryName, oidCertNameType, "C", "countryName"},
|
||||
{ WC_NID_localityName, WC_NID_localityName, oidCertNameType, "L", "localityName"},
|
||||
{ WC_NID_stateOrProvinceName, WC_NID_stateOrProvinceName, oidCertNameType, "ST",
|
||||
"stateOrProvinceName"},
|
||||
{ WC_NID_streetAddress, WC_NID_streetAddress, oidCertNameType, "street",
|
||||
"streetAddress"},
|
||||
{ WC_NID_organizationName, WC_NID_organizationName, oidCertNameType, "O",
|
||||
"organizationName"},
|
||||
{ WC_NID_organizationalUnitName, WC_NID_organizationalUnitName, oidCertNameType,
|
||||
"OU", "organizationalUnitName"},
|
||||
{ WC_NID_emailAddress, WC_NID_emailAddress, oidCertNameType, "emailAddress",
|
||||
"emailAddress"},
|
||||
{ WC_NID_domainComponent, WC_NID_domainComponent, oidCertNameType, "DC",
|
||||
"domainComponent"},
|
||||
{ WC_NID_rfc822Mailbox, WC_NID_rfc822Mailbox, oidCertNameType, "rfc822Mailbox",
|
||||
"rfc822Mailbox"},
|
||||
{ WC_NID_favouriteDrink, WC_NID_favouriteDrink, oidCertNameType, "favouriteDrink",
|
||||
"favouriteDrink"},
|
||||
{ WC_NID_businessCategory, WC_NID_businessCategory, oidCertNameType,
|
||||
{ WC_NID_countryName, WC_NAME_COUNTRY_NAME_OID, oidCertNameType,
|
||||
"C", "countryName"},
|
||||
{ WC_NID_localityName, WC_NAME_LOCALITY_NAME_OID, oidCertNameType,
|
||||
"L", "localityName"},
|
||||
{ WC_NID_stateOrProvinceName, WC_NAME_STATE_NAME_OID, oidCertNameType,
|
||||
"ST", "stateOrProvinceName"},
|
||||
{ WC_NID_streetAddress, WC_NAME_STREET_ADDRESS_OID, oidCertNameType,
|
||||
"street", "streetAddress"},
|
||||
{ WC_NID_organizationName, WC_NAME_ORGANIZATION_NAME_OID, oidCertNameType,
|
||||
"O", "organizationName"},
|
||||
{ WC_NID_organizationalUnitName, WC_NAME_ORGANIZATION_UNIT_NAME_OID,
|
||||
oidCertNameType, "OU", "organizationalUnitName"},
|
||||
{ WC_NID_title, WC_NAME_TITLE_OID, oidCertNameType, "title", "title"},
|
||||
{ WC_NID_description, WC_NAME_DESCRIPTION_OID, oidCertNameType,
|
||||
"description", "description"},
|
||||
{ WC_NID_emailAddress, WC_NAME_EMAIL_ADDRESS_OID, oidCertNameType,
|
||||
"emailAddress", "emailAddress"},
|
||||
{ WC_NID_domainComponent, WC_NAME_DOMAIN_COMPONENT_OID, oidCertNameType,
|
||||
"DC", "domainComponent"},
|
||||
{ WC_NID_rfc822Mailbox, WC_NAME_RFC822_MAILBOX_OID, oidCertNameType,
|
||||
"rfc822Mailbox", "rfc822Mailbox"},
|
||||
{ WC_NID_favouriteDrink, WC_NAME_FAVOURITE_DRINK_OID, oidCertNameType,
|
||||
"favouriteDrink", "favouriteDrink"},
|
||||
{ WC_NID_businessCategory, WC_NAME_BUSINESS_CATEGORY_OID, oidCertNameType,
|
||||
"businessCategory", "businessCategory"},
|
||||
{ WC_NID_jurisdictionCountryName, WC_NID_jurisdictionCountryName, oidCertNameType,
|
||||
"jurisdictionC", "jurisdictionCountryName"},
|
||||
{ WC_NID_jurisdictionStateOrProvinceName, WC_NID_jurisdictionStateOrProvinceName,
|
||||
{ WC_NID_jurisdictionCountryName, WC_NAME_JURIS_COUNTRY_OID,
|
||||
oidCertNameType, "jurisdictionC", "jurisdictionCountryName"},
|
||||
{ WC_NID_jurisdictionStateOrProvinceName, WC_NAME_JURIS_STATE_PROV_OID,
|
||||
oidCertNameType, "jurisdictionST", "jurisdictionStateOrProvinceName"},
|
||||
{ WC_NID_postalCode, WC_NID_postalCode, oidCertNameType, "postalCode",
|
||||
{ WC_NID_postalCode, WC_NAME_POSTAL_CODE_OID, oidCertNameType, "postalCode",
|
||||
"postalCode"},
|
||||
{ WC_NID_userId, WC_NID_userId, oidCertNameType, "UID", "userId"},
|
||||
{ WC_NID_userId, WC_NAME_USER_ID_OID, oidCertNameType, "UID", "userId"},
|
||||
{ WC_NID_netscape_cert_type, NETSCAPE_CT_OID, oidCertNameType,
|
||||
"nsCertType", "Netscape Cert Type"},
|
||||
|
||||
#if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_NAME_ALL)
|
||||
{ WC_NID_pkcs9_challengePassword, CHALLENGE_PASSWORD_OID,
|
||||
|
|
@ -18535,12 +18543,12 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
oidCsrAttrType, "contentType", "contentType" },
|
||||
{ WC_NID_pkcs9_unstructuredName, UNSTRUCTURED_NAME_OID,
|
||||
oidCsrAttrType, "unstructuredName", "unstructuredName" },
|
||||
{ WC_NID_name, NAME_OID, oidCsrAttrType, "name", "name" },
|
||||
{ WC_NID_name, WC_NAME_NAME_OID, oidCsrAttrType, "name", "name" },
|
||||
{ WC_NID_surname, SURNAME_OID,
|
||||
oidCsrAttrType, "surname", "surname" },
|
||||
{ WC_NID_givenName, GIVEN_NAME_OID,
|
||||
{ WC_NID_givenName, WC_NAME_GIVEN_NAME_OID,
|
||||
oidCsrAttrType, "givenName", "givenName" },
|
||||
{ WC_NID_initials, INITIALS_OID,
|
||||
{ WC_NID_initials, WC_NAME_INITIALIS_OID,
|
||||
oidCsrAttrType, "initials", "initials" },
|
||||
{ WC_NID_dnQualifier, DNQUALIFIER_OID,
|
||||
oidCsrAttrType, "dnQualifer", "dnQualifier" },
|
||||
|
|
@ -18592,7 +18600,8 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
/* oidSigType */
|
||||
#ifndef NO_DSA
|
||||
#ifndef NO_SHA
|
||||
{ WC_NID_dsaWithSHA1, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"},
|
||||
{ WC_NID_dsaWithSHA1, CTC_SHAwDSA, oidSigType,
|
||||
"DSA-SHA1", "dsaWithSHA1"},
|
||||
{ WC_NID_dsa_with_SHA256, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256",
|
||||
"dsa_with_SHA256"},
|
||||
#endif
|
||||
|
|
@ -18611,20 +18620,20 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
"sha1WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
{ WC_NID_sha224WithRSAEncryption, CTC_SHA224wRSA, oidSigType, "RSA-SHA224",
|
||||
"sha224WithRSAEncryption"},
|
||||
{ WC_NID_sha224WithRSAEncryption, CTC_SHA224wRSA, oidSigType,
|
||||
"RSA-SHA224", "sha224WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
{ WC_NID_sha256WithRSAEncryption, CTC_SHA256wRSA, oidSigType, "RSA-SHA256",
|
||||
"sha256WithRSAEncryption"},
|
||||
{ WC_NID_sha256WithRSAEncryption, CTC_SHA256wRSA, oidSigType,
|
||||
"RSA-SHA256", "sha256WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
{ WC_NID_sha384WithRSAEncryption, CTC_SHA384wRSA, oidSigType, "RSA-SHA384",
|
||||
"sha384WithRSAEncryption"},
|
||||
{ WC_NID_sha384WithRSAEncryption, CTC_SHA384wRSA, oidSigType,
|
||||
"RSA-SHA384", "sha384WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
{ WC_NID_sha512WithRSAEncryption, CTC_SHA512wRSA, oidSigType, "RSA-SHA512",
|
||||
"sha512WithRSAEncryption"},
|
||||
{ WC_NID_sha512WithRSAEncryption, CTC_SHA512wRSA, oidSigType,
|
||||
"RSA-SHA512", "sha512WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA3
|
||||
#ifndef WOLFSSL_NOSHA3_224
|
||||
|
|
@ -18645,7 +18654,8 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
#endif
|
||||
#endif
|
||||
#ifdef WC_RSA_PSS
|
||||
{ WC_NID_rsassaPss, CTC_RSASSAPSS, oidSigType, "RSASSA-PSS", "rsassaPss" },
|
||||
{ WC_NID_rsassaPss, CTC_RSASSAPSS, oidSigType,
|
||||
"RSASSA-PSS", "rsassaPss" },
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
|
|
@ -18739,22 +18749,22 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
|
||||
/* oidCurveType */
|
||||
#ifdef HAVE_ECC
|
||||
{ WC_NID_X9_62_prime192v1, ECC_SECP192R1_OID, oidCurveType, "prime192v1",
|
||||
"prime192v1"},
|
||||
{ WC_NID_X9_62_prime192v2, ECC_PRIME192V2_OID, oidCurveType, "prime192v2",
|
||||
"prime192v2"},
|
||||
{ WC_NID_X9_62_prime192v3, ECC_PRIME192V3_OID, oidCurveType, "prime192v3",
|
||||
"prime192v3"},
|
||||
{ WC_NID_X9_62_prime192v1, ECC_SECP192R1_OID, oidCurveType,
|
||||
"prime192v1", "prime192v1"},
|
||||
{ WC_NID_X9_62_prime192v2, ECC_PRIME192V2_OID, oidCurveType,
|
||||
"prime192v2", "prime192v2"},
|
||||
{ WC_NID_X9_62_prime192v3, ECC_PRIME192V3_OID, oidCurveType,
|
||||
"prime192v3", "prime192v3"},
|
||||
|
||||
{ WC_NID_X9_62_prime239v1, ECC_PRIME239V1_OID, oidCurveType, "prime239v1",
|
||||
"prime239v1"},
|
||||
{ WC_NID_X9_62_prime239v2, ECC_PRIME239V2_OID, oidCurveType, "prime239v2",
|
||||
"prime239v2"},
|
||||
{ WC_NID_X9_62_prime239v3, ECC_PRIME239V3_OID, oidCurveType, "prime239v3",
|
||||
"prime239v3"},
|
||||
{ WC_NID_X9_62_prime239v1, ECC_PRIME239V1_OID, oidCurveType,
|
||||
"prime239v1", "prime239v1"},
|
||||
{ WC_NID_X9_62_prime239v2, ECC_PRIME239V2_OID, oidCurveType,
|
||||
"prime239v2", "prime239v2"},
|
||||
{ WC_NID_X9_62_prime239v3, ECC_PRIME239V3_OID, oidCurveType,
|
||||
"prime239v3", "prime239v3"},
|
||||
|
||||
{ WC_NID_X9_62_prime256v1, ECC_SECP256R1_OID, oidCurveType, "prime256v1",
|
||||
"prime256v1"},
|
||||
{ WC_NID_X9_62_prime256v1, ECC_SECP256R1_OID, oidCurveType,
|
||||
"prime256v1", "prime256v1"},
|
||||
|
||||
{ WC_NID_secp112r1, ECC_SECP112R1_OID, oidCurveType, "secp112r1",
|
||||
"secp112r1"},
|
||||
|
|
@ -18896,7 +18906,7 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
|||
#endif
|
||||
#if defined(WOLFSSL_APACHE_HTTPD)
|
||||
/* "1.3.6.1.5.5.7.8.7" */
|
||||
{ WC_NID_id_on_dnsSRV, WC_NID_id_on_dnsSRV, oidCertNameType,
|
||||
{ WC_NID_id_on_dnsSRV, WOLFSSL_DNS_SRV_SUM, oidCertNameType,
|
||||
WOLFSSL_SN_DNS_SRV, WOLFSSL_LN_DNS_SRV },
|
||||
|
||||
/* "1.3.6.1.4.1.311.20.2.3" */
|
||||
|
|
@ -20550,9 +20560,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
|
|||
ret = EncodePolicyOID(out, &outSz, s, NULL);
|
||||
if (ret == 0) {
|
||||
/* sum OID */
|
||||
for (i = 0; i < outSz; i++) {
|
||||
sum += out[i];
|
||||
}
|
||||
sum = wc_oid_sum(out, outSz);
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_EXT */
|
||||
|
||||
|
|
@ -23149,9 +23157,12 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
|
|||
{CURVE_NAME("K-192"), WC_NID_secp192k1, WOLFSSL_ECC_SECP192K1},
|
||||
{CURVE_NAME("K-224"), WC_NID_secp224k1, WOLFSSL_ECC_SECP224R1},
|
||||
{CURVE_NAME("K-256"), WC_NID_secp256k1, WOLFSSL_ECC_SECP256K1},
|
||||
{CURVE_NAME("B-256"), WC_NID_brainpoolP256r1, WOLFSSL_ECC_BRAINPOOLP256R1},
|
||||
{CURVE_NAME("B-384"), WC_NID_brainpoolP384r1, WOLFSSL_ECC_BRAINPOOLP384R1},
|
||||
{CURVE_NAME("B-512"), WC_NID_brainpoolP512r1, WOLFSSL_ECC_BRAINPOOLP512R1},
|
||||
{CURVE_NAME("B-256"), WC_NID_brainpoolP256r1,
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1},
|
||||
{CURVE_NAME("B-384"), WC_NID_brainpoolP384r1,
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1},
|
||||
{CURVE_NAME("B-512"), WC_NID_brainpoolP512r1,
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1},
|
||||
#endif
|
||||
#ifdef HAVE_CURVE25519
|
||||
{CURVE_NAME("X25519"), WC_NID_X25519, WOLFSSL_ECC_X25519},
|
||||
|
|
|
|||
|
|
@ -43819,7 +43819,7 @@ static int test_wolfSSL_X509_EXTENSION_get_object(void)
|
|||
ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
|
||||
ExpectNull(wolfSSL_X509_EXTENSION_get_object(NULL));
|
||||
ExpectNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
|
||||
ExpectIntEQ(o->nid, 128);
|
||||
ExpectIntEQ(o->nid, SUBJ_KEY_OID);
|
||||
ExpectNotNull(dup = wolfSSL_X509_EXTENSION_dup(ext));
|
||||
wolfSSL_X509_EXTENSION_free(dup);
|
||||
|
||||
|
|
|
|||
|
|
@ -6670,6 +6670,7 @@ static int DumpOID(const byte* oidData, word32 oidSz, word32 oid,
|
|||
}
|
||||
#endif /* ASN_DUMP_OID */
|
||||
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
#ifdef WOLFSSL_FPKI
|
||||
/* Handles the large number of collisions from FPKI certificate policy
|
||||
* OID sums. Returns a special value (100000 + actual sum) if a
|
||||
|
|
@ -6832,6 +6833,31 @@ static word32 fpkiCertPolOid(const byte* oid, word32 oidSz, word32 oidSum) {
|
|||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_OLD_OID_SUM */
|
||||
|
||||
word32 wc_oid_sum(const byte* input, int length)
|
||||
{
|
||||
int i;
|
||||
word32 oid = 0;
|
||||
#ifndef WOLFSSL_OLD_OID_SUM
|
||||
int shift = 0;
|
||||
#endif
|
||||
|
||||
/* Sum it up for now. */
|
||||
for (i = 0; i < length; i++) {
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
oid += (word32)input[i];
|
||||
#else
|
||||
oid ^= ((word32)(~input[i])) << shift;
|
||||
shift = (shift + 8) & 0x1f;
|
||||
#endif
|
||||
}
|
||||
#ifndef WOLFSSL_OLD_OID_SUM
|
||||
oid &= 0x7fffffff;
|
||||
#endif
|
||||
|
||||
return oid;
|
||||
}
|
||||
|
||||
/* Get the OID data and verify it is of the type specified when compiled in.
|
||||
*
|
||||
|
|
@ -6858,8 +6884,10 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
const byte* checkOid = NULL;
|
||||
word32 checkOidSz;
|
||||
#endif /* NO_VERIFY_OID */
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
#if defined(HAVE_SPHINCS) || defined(WOLFSSL_FPKI)
|
||||
word32 found_collision = 0;
|
||||
#endif
|
||||
#endif
|
||||
(void)oidType;
|
||||
*oid = 0;
|
||||
|
|
@ -6870,6 +6898,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
actualOidSz = (word32)length;
|
||||
#endif /* NO_VERIFY_OID */
|
||||
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
#if defined(HAVE_SPHINCS)
|
||||
/* Since we are summing it up, there could be collisions...and indeed there
|
||||
* are: SPHINCS_FAST_LEVEL1 and SPHINCS_FAST_LEVEL3.
|
||||
|
|
@ -6885,14 +6914,12 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
found_collision = SPHINCS_FAST_LEVEL3k;
|
||||
}
|
||||
#endif /* HAVE_SPHINCS */
|
||||
#endif
|
||||
|
||||
/* Sum it up for now. */
|
||||
while (length--) {
|
||||
/* odd HC08 compiler behavior here when input[idx++] */
|
||||
*oid += (word32)input[idx];
|
||||
idx++;
|
||||
}
|
||||
*oid = wc_oid_sum(actualOid, (int)actualOidSz);
|
||||
idx += actualOidSz;
|
||||
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
#ifdef WOLFSSL_FPKI
|
||||
/* Due to the large number of OIDs for FPKI certificate policy, there
|
||||
are multiple collsisions. Handle them in a dedicated function,
|
||||
|
|
@ -6907,6 +6934,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
*oid = found_collision;
|
||||
}
|
||||
#endif /* HAVE_SPHINCS */
|
||||
#endif
|
||||
|
||||
/* Return the index after the OID data. */
|
||||
*inOutIdx = idx;
|
||||
|
|
@ -6917,6 +6945,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
/* Get the OID data for the id-type. */
|
||||
checkOid = OidFromId(*oid, oidType, &checkOidSz);
|
||||
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
#if defined(WOLFSSL_FPKI)
|
||||
/* Handle OID sum collision of
|
||||
AES256CBCb (454) 2.16.840.1.101.3.4.1.42
|
||||
|
|
@ -6932,6 +6961,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
|
|||
}
|
||||
#endif /* HAVE_AES_CBC */
|
||||
#endif /* WOLFSSL_FPKI */
|
||||
#endif
|
||||
|
||||
#ifdef ASN_DUMP_OID
|
||||
/* Dump out the data for debug. */
|
||||
|
|
@ -41195,6 +41225,75 @@ int wc_Asn1_SetFile(Asn1* asn1, XFILE file)
|
|||
return ret;
|
||||
}
|
||||
|
||||
/* Set the OID name callback to use when printing.
|
||||
*
|
||||
* @param [in, out] asn1 ASN.1 parse object.
|
||||
* @param [in] nameCb OID name callback.
|
||||
* @return 0 on success.
|
||||
* @return BAD_FUNC_ARG when asn1 is NULL.
|
||||
* @return BAD_FUNC_ARG when nameCb is NULL.
|
||||
*/
|
||||
int wc_Asn1_SetOidToNameCb(Asn1* asn1, Asn1OidToNameCb nameCb)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if ((asn1 == NULL) || (nameCb == NULL)) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
else {
|
||||
asn1->nameCb = nameCb;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Encode dotted form of OID into byte array version.
|
||||
*
|
||||
* @param [in] in Byte array containing OID.
|
||||
* @param [in] inSz Size of OID in bytes.
|
||||
* @param [in] out Array to hold dotted form of OID.
|
||||
* @param [in, out] outSz On in, number of elements in array.
|
||||
* On out, count of numbers in dotted form.
|
||||
* @return 0 on success
|
||||
* @return BAD_FUNC_ARG when in or outSz is NULL.
|
||||
* @return BUFFER_E when dotted form buffer too small.
|
||||
*/
|
||||
static int EncodedDottedForm(const byte* in, word32 inSz, word32* out,
|
||||
word32* outSz)
|
||||
{
|
||||
int x = 0, y = 0;
|
||||
word32 t = 0;
|
||||
|
||||
/* check args */
|
||||
if (in == NULL || outSz == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* decode bytes */
|
||||
while (inSz--) {
|
||||
t = (t << 7) | (in[x] & 0x7F);
|
||||
if (!(in[x] & 0x80)) {
|
||||
if (y >= (int)*outSz) {
|
||||
return BUFFER_E;
|
||||
}
|
||||
if (y == 0) {
|
||||
out[0] = (word16)(t / 40);
|
||||
out[1] = (word16)(t % 40);
|
||||
y = 2;
|
||||
}
|
||||
else {
|
||||
out[y++] = t;
|
||||
}
|
||||
t = 0; /* reset tmp */
|
||||
}
|
||||
x++;
|
||||
}
|
||||
|
||||
/* return length */
|
||||
*outSz = (word32)y;
|
||||
|
||||
return 0;
|
||||
}
|
||||
/* Print OID in dotted form or as hex bytes.
|
||||
*
|
||||
* @param [in] file File pointer to write to.
|
||||
|
|
@ -41203,12 +41302,12 @@ int wc_Asn1_SetFile(Asn1* asn1, XFILE file)
|
|||
*/
|
||||
static void PrintObjectIdNum(XFILE file, unsigned char* oid, word32 len)
|
||||
{
|
||||
word16 dotted_nums[ASN1_OID_DOTTED_MAX_SZ];
|
||||
word32 dotted_nums[ASN1_OID_DOTTED_MAX_SZ];
|
||||
word32 num = ASN1_OID_DOTTED_MAX_SZ;
|
||||
word32 i;
|
||||
|
||||
/* Decode OBJECT_ID into dotted form array. */
|
||||
if (DecodeObjectId(oid, len, dotted_nums, &num) == 0) {
|
||||
if (EncodedDottedForm(oid, len, dotted_nums, &num) == 0) {
|
||||
/* Print out each number of dotted form. */
|
||||
for (i = 0; i < num; i++) {
|
||||
XFPRINTF(file, "%d", dotted_nums[i]);
|
||||
|
|
@ -41313,12 +41412,17 @@ static void PrintObjectIdText(Asn1* asn1, Asn1PrintOptions* opts)
|
|||
else
|
||||
#endif
|
||||
/* Lookup long name for extra known OID values. */
|
||||
if (!Oid2LongName(oid, &ln)) {
|
||||
if (Oid2LongName(oid, &ln) != 0) {
|
||||
}
|
||||
else if ((asn1->nameCb != NULL) &&
|
||||
((ln = asn1->nameCb(asn1->data + asn1->offset + 2,
|
||||
i - 2))) != NULL) {
|
||||
}
|
||||
else {
|
||||
/* Unknown OID value. */
|
||||
ln = NULL;
|
||||
known = 0;
|
||||
}
|
||||
|
||||
XFPRINTF(asn1->file, ":");
|
||||
/* Show OID value if not known or asked to. */
|
||||
if ((!known) || opts->show_oid) {
|
||||
|
|
|
|||
|
|
@ -37,27 +37,6 @@
|
|||
#endif
|
||||
|
||||
|
||||
#ifdef NO_ASN
|
||||
enum Hash_Sum {
|
||||
MD2h = 646,
|
||||
MD5h = 649,
|
||||
SHAh = 88,
|
||||
SHA224h = 417,
|
||||
SHA256h = 414,
|
||||
SHA384h = 415,
|
||||
SHA512h = 416,
|
||||
SHA512_224h = 418,
|
||||
SHA512_256h = 419,
|
||||
SHA3_224h = 420,
|
||||
SHA3_256h = 421,
|
||||
SHA3_384h = 422,
|
||||
SHA3_512h = 423,
|
||||
SHAKE128h = 424,
|
||||
SHAKE256h = 425,
|
||||
SM3h = 640 /* 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x11 */
|
||||
};
|
||||
#endif /* !NO_ASN */
|
||||
|
||||
#if !defined(NO_PWDBASED) || !defined(NO_ASN)
|
||||
/* function converts int hash type to enum */
|
||||
enum wc_HashType wc_HashTypeConvert(int hashType)
|
||||
|
|
|
|||
|
|
@ -44,16 +44,6 @@
|
|||
#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
|
||||
|
||||
enum {
|
||||
WC_PKCS12_KeyBag = 667,
|
||||
WC_PKCS12_ShroudedKeyBag = 668,
|
||||
WC_PKCS12_CertBag = 669,
|
||||
WC_PKCS12_CertBag_Type1 = 675,
|
||||
WC_PKCS12_CrlBag = 670,
|
||||
WC_PKCS12_SecretBag = 671,
|
||||
WC_PKCS12_SafeContentsBag = 672,
|
||||
WC_PKCS12_DATA = 651,
|
||||
WC_PKCS12_ENCRYPTED_DATA = 656,
|
||||
|
||||
WC_PKCS12_DATA_OBJ_SZ = 11,
|
||||
WC_PKCS12_MAC_SALT_SZ = 8
|
||||
};
|
||||
|
|
|
|||
|
|
@ -6441,7 +6441,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void)
|
|||
if (ret != WC_NO_ERR_TRACE(HASH_TYPE_E))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
#ifdef WOLFSSL_OLD_OID_SUM
|
||||
hashType = wc_OidGetHash(646); /* Md2h */
|
||||
#else
|
||||
hashType = wc_OidGetHash(0x044a8bdd); /* Md2h */
|
||||
#endif
|
||||
#ifdef WOLFSSL_MD2
|
||||
if (hashType != WC_HASH_TYPE_MD2)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
|
|
|||
|
|
@ -789,13 +789,14 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
|
|||
/* otherName strings */
|
||||
#define WOLFSSL_SN_MS_UPN "msUPN"
|
||||
#define WOLFSSL_LN_MS_UPN "Microsoft User Principal Name"
|
||||
#define WOLFSSL_MS_UPN_SUM 265
|
||||
#define WOLFSSL_MS_UPN_SUM UPN_OID
|
||||
#define WOLFSSL_SN_DNS_SRV "id-on-dnsSRV"
|
||||
#define WOLFSSL_LN_DNS_SRV "SRVName"
|
||||
#define WOLFSSL_DNS_SRV_SUM DNS_SRV_OID
|
||||
/* TLS features extension strings */
|
||||
#define WOLFSSL_SN_TLS_FEATURE "tlsfeature"
|
||||
#define WOLFSSL_LN_TLS_FEATURE "TLS Feature"
|
||||
#define WOLFSSL_TLS_FEATURE_SUM 92
|
||||
#define WOLFSSL_TLS_FEATURE_SUM TLS_FEATURE_OID
|
||||
#endif
|
||||
|
||||
/* Maximum number of allowed subject alternative names in a certificate.
|
||||
|
|
@ -898,23 +899,23 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
|
|||
#define WC_NID_initials 101 /* 2.5.4.43 */
|
||||
#define WC_NID_title 106
|
||||
#define WC_NID_description 107
|
||||
#define WC_NID_basic_constraints 133
|
||||
#define WC_NID_key_usage 129 /* 2.5.29.15 */
|
||||
#define WC_NID_ext_key_usage 151 /* 2.5.29.37 */
|
||||
#define WC_NID_subject_key_identifier 128
|
||||
#define WC_NID_authority_key_identifier 149
|
||||
#define WC_NID_private_key_usage_period 130 /* 2.5.29.16 */
|
||||
#define WC_NID_subject_alt_name 131
|
||||
#define WC_NID_issuer_alt_name 132
|
||||
#define WC_NID_info_access 69
|
||||
#define WC_NID_sinfo_access 79 /* id-pe 11 */
|
||||
#define WC_NID_name_constraints 144 /* 2.5.29.30 */
|
||||
#define WC_NID_crl_distribution_points 145 /* 2.5.29.31 */
|
||||
#define WC_NID_certificate_policies 146
|
||||
#define WC_NID_policy_mappings 147
|
||||
#define WC_NID_policy_constraints 150
|
||||
#define WC_NID_inhibit_any_policy 168 /* 2.5.29.54 */
|
||||
#define WC_NID_tlsfeature 1020 /* id-pe 24 */
|
||||
#define WC_NID_basic_constraints BASIC_CA_OID
|
||||
#define WC_NID_key_usage KEY_USAGE_OID /* 2.5.29.15 */
|
||||
#define WC_NID_ext_key_usage EXT_KEY_USAGE_OID /* 2.5.29.37 */
|
||||
#define WC_NID_subject_key_identifier SUBJ_KEY_OID
|
||||
#define WC_NID_authority_key_identifier AUTH_KEY_OID
|
||||
#define WC_NID_private_key_usage_period PRIV_KEY_USAGE_PERIOD_OID
|
||||
#define WC_NID_subject_alt_name ALT_NAMES_OID
|
||||
#define WC_NID_issuer_alt_name ISSUE_ALT_NAMES_OID
|
||||
#define WC_NID_info_access AUTH_INFO_OID
|
||||
#define WC_NID_sinfo_access SUBJ_INFO_ACC_OID /* id-pe 11 */
|
||||
#define WC_NID_name_constraints NAME_CONS_OID /* 2.5.29.30 */
|
||||
#define WC_NID_crl_distribution_points CRL_DIST_OID /* 2.5.29.31 */
|
||||
#define WC_NID_certificate_policies CERT_POLICY_OID
|
||||
#define WC_NID_policy_mappings POLICY_MAP_OID
|
||||
#define WC_NID_policy_constraints POLICY_CONST_OID
|
||||
#define WC_NID_inhibit_any_policy INHIBIT_ANY_OID /* 2.5.29.54 */
|
||||
#define WC_NID_tlsfeature TLS_FEATURE_OID /* id-pe 24 */
|
||||
#define WC_NID_buildingName 1494
|
||||
|
||||
#define WC_NID_dnQualifier 174 /* 2.5.4.46 */
|
||||
|
|
@ -940,7 +941,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
|
|||
#define WC_NID_registeredAddress 870
|
||||
#define WC_NID_emailAddress 0x30 /* emailAddress */
|
||||
#define WC_NID_id_on_dnsSRV 82 /* 1.3.6.1.5.5.7.8.7 */
|
||||
#define WC_NID_ms_upn 265 /* 1.3.6.1.4.1.311.20.2.3 */
|
||||
#define WC_NID_ms_upn UPN_OID /* 1.3.6.1.4.1.311.20.2.3 */
|
||||
|
||||
#define WC_NID_X9_62_prime_field 406 /* 1.2.840.10045.1.1 */
|
||||
|
||||
|
|
@ -1267,375 +1268,6 @@ enum Oid_Types {
|
|||
};
|
||||
|
||||
|
||||
enum Hash_Sum {
|
||||
MD2h = 646,
|
||||
MD4h = 648,
|
||||
MD5h = 649,
|
||||
SHAh = 88,
|
||||
SHA224h = 417,
|
||||
SHA256h = 414,
|
||||
SHA384h = 415,
|
||||
SHA512h = 416,
|
||||
SHA512_224h = 418,
|
||||
SHA512_256h = 419,
|
||||
SHA3_224h = 420,
|
||||
SHA3_256h = 421,
|
||||
SHA3_384h = 422,
|
||||
SHA3_512h = 423,
|
||||
SHAKE128h = 424,
|
||||
SHAKE256h = 425,
|
||||
SM3h = 640
|
||||
};
|
||||
|
||||
#if !defined(NO_DES3) || !defined(NO_AES)
|
||||
enum Block_Sum {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
AES128CBCb = 414,
|
||||
AES128GCMb = 418,
|
||||
AES128CCMb = 419,
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
AES192CBCb = 434,
|
||||
AES192GCMb = 438,
|
||||
AES192CCMb = 439,
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
AES256CBCb = 454,
|
||||
AES256GCMb = 458,
|
||||
AES256CCMb = 459,
|
||||
#endif
|
||||
#ifndef NO_DES3
|
||||
DESb = 69,
|
||||
DES3b = 652
|
||||
#endif
|
||||
};
|
||||
#endif /* !NO_DES3 || !NO_AES */
|
||||
|
||||
|
||||
enum Key_Sum {
|
||||
ANONk = 0,
|
||||
DSAk = 515,
|
||||
RSAk = 645,
|
||||
RSAPSSk = 654,
|
||||
RSAESOAEPk = 651, /* 1.2.840.113549.1.1.7 */
|
||||
ECDSAk = 518,
|
||||
SM2k = 667,
|
||||
ED25519k = 256, /* 1.3.101.112 */
|
||||
X25519k = 254, /* 1.3.101.110 */
|
||||
ED448k = 257, /* 1.3.101.113 */
|
||||
X448k = 255, /* 1.3.101.111 */
|
||||
DHk = 647, /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
|
||||
FALCON_LEVEL1k = 273, /* 1.3.9999.3.6 */
|
||||
FALCON_LEVEL5k = 276, /* 1.3.9999.3.9 */
|
||||
DILITHIUM_LEVEL2k = 218, /* 1.3.6.1.4.1.2.267.12.4.4 */
|
||||
DILITHIUM_LEVEL3k = 221, /* 1.3.6.1.4.1.2.267.12.6.5 */
|
||||
DILITHIUM_LEVEL5k = 225, /* 1.3.6.1.4.1.2.267.12.8.7 */
|
||||
ML_DSA_LEVEL2k = 431, /* 2.16.840.1.101.3.4.3.17 */
|
||||
ML_DSA_LEVEL3k = 432, /* 2.16.840.1.101.3.4.3.18 */
|
||||
ML_DSA_LEVEL5k = 433, /* 2.16.840.1.101.3.4.3.19 */
|
||||
SPHINCS_FAST_LEVEL1k = 281, /* 1 3 9999 6 7 4 */
|
||||
SPHINCS_FAST_LEVEL3k = 283, /* 1 3 9999 6 8 3 + 2 (See GetOID() in asn.c) */
|
||||
SPHINCS_FAST_LEVEL5k = 282, /* 1 3 9999 6 9 3 */
|
||||
SPHINCS_SMALL_LEVEL1k = 287, /* 1 3 9999 6 7 10 */
|
||||
SPHINCS_SMALL_LEVEL3k = 285, /* 1 3 9999 6 8 7 */
|
||||
SPHINCS_SMALL_LEVEL5k = 286 /* 1 3 9999 6 9 7 */
|
||||
};
|
||||
|
||||
#if !defined(NO_AES) || defined(HAVE_PKCS7)
|
||||
enum KeyWrap_Sum {
|
||||
#ifdef WOLFSSL_AES_128
|
||||
AES128_WRAP = 417,
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_192
|
||||
AES192_WRAP = 437,
|
||||
#endif
|
||||
#ifdef WOLFSSL_AES_256
|
||||
AES256_WRAP = 457,
|
||||
#endif
|
||||
#ifdef HAVE_PKCS7
|
||||
PWRI_KEK_WRAP = 680 /*id-alg-PWRI-KEK, 1.2.840.113549.1.9.16.3.9 */
|
||||
#endif
|
||||
};
|
||||
#endif /* !NO_AES || PKCS7 */
|
||||
|
||||
enum Key_Agree {
|
||||
dhSinglePass_stdDH_sha1kdf_scheme = 464,
|
||||
dhSinglePass_stdDH_sha224kdf_scheme = 188,
|
||||
dhSinglePass_stdDH_sha256kdf_scheme = 189,
|
||||
dhSinglePass_stdDH_sha384kdf_scheme = 190,
|
||||
dhSinglePass_stdDH_sha512kdf_scheme = 191
|
||||
};
|
||||
|
||||
|
||||
|
||||
enum KDF_Sum {
|
||||
PBKDF2_OID = 660,
|
||||
MGF1_OID = 652
|
||||
};
|
||||
|
||||
|
||||
enum HMAC_Sum {
|
||||
HMAC_SHA224_OID = 652,
|
||||
HMAC_SHA256_OID = 653,
|
||||
HMAC_SHA384_OID = 654,
|
||||
HMAC_SHA512_OID = 655,
|
||||
HMAC_SHA3_224_OID = 426,
|
||||
HMAC_SHA3_256_OID = 427,
|
||||
HMAC_SHA3_384_OID = 428,
|
||||
HMAC_SHA3_512_OID = 429
|
||||
};
|
||||
|
||||
|
||||
enum Extensions_Sum {
|
||||
BASIC_CA_OID = 133, /* 2.5.29.19 */
|
||||
ALT_NAMES_OID = 131, /* 2.5.29.17 */
|
||||
CRL_DIST_OID = 145, /* 2.5.29.31 */
|
||||
AUTH_INFO_OID = 69, /* 1.3.6.1.5.5.7.1.1 */
|
||||
AUTH_KEY_OID = 149, /* 2.5.29.35 */
|
||||
SUBJ_KEY_OID = 128, /* 2.5.29.14 */
|
||||
CERT_POLICY_OID = 146, /* 2.5.29.32 */
|
||||
CRL_NUMBER_OID = 134, /* 2.5.29.20 */
|
||||
KEY_USAGE_OID = 129, /* 2.5.29.15 */
|
||||
INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
|
||||
EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
|
||||
NAME_CONS_OID = 144, /* 2.5.29.30 */
|
||||
PRIV_KEY_USAGE_PERIOD_OID = 130, /* 2.5.29.16 */
|
||||
SUBJ_INFO_ACC_OID = 79, /* 1.3.6.1.5.5.7.1.11 */
|
||||
POLICY_MAP_OID = 147, /* 2.5.29.33 */
|
||||
POLICY_CONST_OID = 150, /* 2.5.29.36 */
|
||||
ISSUE_ALT_NAMES_OID = 132, /* 2.5.29.18 */
|
||||
TLS_FEATURE_OID = 92, /* 1.3.6.1.5.5.7.1.24 */
|
||||
NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */
|
||||
OCSP_NOCHECK_OID = 121, /* 1.3.6.1.5.5.7.48.1.5
|
||||
id-pkix-ocsp-nocheck */
|
||||
SUBJ_DIR_ATTR_OID = 123, /* 2.5.29.9 */
|
||||
|
||||
AKEY_PACKAGE_OID = 1048, /* 2.16.840.1.101.2.1.2.78.5
|
||||
RFC 5958 - Asymmetric Key Packages */
|
||||
FASCN_OID = 419, /* 2.16.840.1.101.3.6.6 Federal PKI Policy FASC-N */
|
||||
UPN_OID = 265, /* 1.3.6.1.4.1.311.20.2.3 UPN */
|
||||
#ifdef WOLFSSL_DUAL_ALG_CERTS
|
||||
SUBJ_ALT_PUB_KEY_INFO_OID = 186, /* 2.5.29.72 subject alt public key info */
|
||||
ALT_SIG_ALG_OID = 187, /* 2.5.29.73 alt sig alg */
|
||||
ALT_SIG_VAL_OID = 188, /* 2.5.29.74 alt sig val */
|
||||
#endif
|
||||
WOLF_ENUM_DUMMY_LAST_ELEMENT(Extensions_Sum)
|
||||
};
|
||||
|
||||
enum CertificatePolicy_Sum {
|
||||
CP_ANY_OID = 146, /* id-ce 32 0 */
|
||||
CP_ISRG_DOMAIN_VALID = 430, /* 1.3.6.1.4.1.44947.1.1.1 */
|
||||
#ifdef WOLFSSL_FPKI
|
||||
/* Federal PKI OIDs */
|
||||
CP_FPKI_HIGH_ASSURANCE_OID = 417, /* 2.16.840.1.101.3.2.1.3.4 */
|
||||
CP_FPKI_COMMON_HARDWARE_OID = 420, /* 2.16.840.1.101.3.2.1.3.7 */
|
||||
CP_FPKI_MEDIUM_HARDWARE_OID = 425, /* 2.16.840.1.101.3.2.1.3.12 */
|
||||
CP_FPKI_COMMON_AUTH_OID = 426, /* 2.16.840.1.101.3.2.1.3.13 */
|
||||
CP_FPKI_COMMON_HIGH_OID = 429, /* 2.16.840.1.101.3.2.1.3.16 */
|
||||
CP_FPKI_PIVI_HARDWARE_OID = 431, /* 2.16.840.1.101.3.2.1.3.18 */
|
||||
CP_FPKI_PIVI_CONTENT_SIGNING_OID = 433, /* 2.16.840.1.101.3.2.1.3.20 */
|
||||
CP_FPKI_COMMON_DEVICES_HARDWARE_OID = 449, /* 2.16.840.1.101.3.2.1.3.36 */
|
||||
CP_FPKI_MEDIUM_DEVICE_HARDWARE_OID = 451, /* 2.16.840.1.101.3.2.1.3.38 */
|
||||
CP_FPKI_COMMON_PIV_CONTENT_SIGNING_OID = 452, /* 2.16.840.1.101.3.2.1.3.39 */
|
||||
CP_FPKI_PIV_AUTH_OID = 453, /* 2.16.840.1.101.3.2.1.3.40 */
|
||||
CP_FPKI_PIV_AUTH_HW_OID = 454, /* 2.16.840.1.101.3.2.1.3.41 */
|
||||
CP_FPKI_PIVI_AUTH_OID = 458, /* 2.16.840.1.101.3.2.1.3.45 */
|
||||
CP_FPKI_COMMON_PIVI_CONTENT_SIGNING_OID = 460, /* 2.16.840.1.101.3.2.1.3.47 */
|
||||
|
||||
/* Federal PKI Test OIDs */
|
||||
CP_FPKI_AUTH_TEST_OID = 469, /* 2.16.840.1.101.3.2.1.48.11 */
|
||||
CP_FPKI_CARDAUTH_TEST_OID = 471, /* 2.16.840.1.101.3.2.1.48.13 */
|
||||
CP_FPKI_PIV_CONTENT_TEST_OID = 544, /* 2.16.840.1.101.3.2.1.48.86 */
|
||||
CP_FPKI_PIV_AUTH_DERIVED_TEST_OID = 567, /* 2.16.840.1.101.3.2.1.48.109 */
|
||||
CP_FPKI_PIV_AUTH_DERIVED_HW_TEST_OID = 568, /* 2.16.840.1.101.3.2.1.48.110 */
|
||||
|
||||
/* DoD PKI OIDs */
|
||||
CP_DOD_MEDIUM_OID = 423, /* 2.16.840.1.101.2.1.11.5 */
|
||||
CP_DOD_MEDIUM_HARDWARE_OID = 427, /* 2.16.840.1.101.2.1.11.9 */
|
||||
CP_DOD_PIV_AUTH_OID = 428, /* 2.16.840.1.101.2.1.11.10 */
|
||||
CP_DOD_MEDIUM_NPE_OID = 435, /* 2.16.840.1.101.2.1.11.17 */
|
||||
CP_DOD_MEDIUM_2048_OID = 436, /* 2.16.840.1.101.2.1.11.18 */
|
||||
CP_DOD_MEDIUM_HARDWARE_2048_OID = 437, /* 2.16.840.1.101.2.1.11.19 */
|
||||
CP_DOD_PIV_AUTH_2048_OID = 438, /* 2.16.840.1.101.2.1.11.20 */
|
||||
CP_DOD_PEER_INTEROP_OID = 100449, /* 2.16.840.1.101.2.1.11.31 */
|
||||
CP_DOD_MEDIUM_NPE_112_OID = 100454, /* 2.16.840.1.101.2.1.11.36 */
|
||||
CP_DOD_MEDIUM_NPE_128_OID = 455, /* 2.16.840.1.101.2.1.11.37 */
|
||||
CP_DOD_MEDIUM_NPE_192_OID = 456, /* 2.16.840.1.101.2.1.11.38 */
|
||||
CP_DOD_MEDIUM_112_OID = 457, /* 2.16.840.1.101.2.1.11.39 */
|
||||
CP_DOD_MEDIUM_128_OID = 100458, /* 2.16.840.1.101.2.1.11.40 */
|
||||
CP_DOD_MEDIUM_192_OID = 459, /* 2.16.840.1.101.2.1.11.41 */
|
||||
CP_DOD_MEDIUM_HARDWARE_112_OID = 100460, /* 2.16.840.1.101.2.1.11.42 */
|
||||
CP_DOD_MEDIUM_HARDWARE_128_OID = 461, /* 2.16.840.1.101.2.1.11.43 */
|
||||
CP_DOD_MEDIUM_HARDWARE_192_OID = 462, /* 2.16.840.1.101.2.1.11.44 */
|
||||
CP_DOD_ADMIN_OID = 477, /* 2.16.840.1.101.2.1.11.59 */
|
||||
CP_DOD_INTERNAL_NPE_112_OID = 478, /* 2.16.840.1.101.2.1.11.60 */
|
||||
CP_DOD_INTERNAL_NPE_128_OID = 479, /* 2.16.840.1.101.2.1.11.61 */
|
||||
CP_DOD_INTERNAL_NPE_192_OID = 480, /* 2.16.840.1.101.2.1.11.62 */
|
||||
|
||||
/* ECA PKI OIDs */
|
||||
CP_ECA_MEDIUM_OID = 100423, /* 2.16.840.1.101.3.2.1.12.1 */
|
||||
CP_ECA_MEDIUM_HARDWARE_OID = 424, /* 2.16.840.1.101.3.2.1.12.2 */
|
||||
CP_ECA_MEDIUM_TOKEN_OID = 100425, /* 2.16.840.1.101.3.2.1.12.3 */
|
||||
CP_ECA_MEDIUM_SHA256_OID = 100426, /* 2.16.840.1.101.3.2.1.12.4 */
|
||||
CP_ECA_MEDIUM_TOKEN_SHA256_OID = 100427, /* 2.16.840.1.101.3.2.1.12.5 */
|
||||
CP_ECA_MEDIUM_HARDWARE_PIVI_OID = 100428, /* 2.16.840.1.101.3.2.1.12.6 */
|
||||
CP_ECA_CONTENT_SIGNING_PIVI_OID = 100430, /* 2.16.840.1.101.3.2.1.12.8 */
|
||||
CP_ECA_MEDIUM_DEVICE_SHA256_OID = 431, /* 2.16.840.1.101.3.2.1.12.9 */
|
||||
CP_ECA_MEDIUM_HARDWARE_SHA256_OID = 432, /* 2.16.840.1.101.3.2.1.12.10 */
|
||||
|
||||
/* Department of State PKI OIDs */
|
||||
CP_STATE_BASIC_OID = 100417, /* 2.16.840.1.101.3.2.1.6.1 */
|
||||
CP_STATE_LOW_OID = 418, /* 2.16.840.1.101.3.2.1.6.2 */
|
||||
CP_STATE_MODERATE_OID = 100419, /* 2.16.840.1.101.3.2.1.6.3 */
|
||||
CP_STATE_HIGH_OID = 100420, /* 2.16.840.1.101.3.2.1.6.4 */
|
||||
CP_STATE_MEDHW_OID = 101428, /* 2.16.840.1.101.3.2.1.6.12 */
|
||||
CP_STATE_MEDDEVHW_OID = 101454, /* 2.16.840.1.101.3.2.1.6.38 */
|
||||
|
||||
/* U.S. Treasury SSP PKI OIDs */
|
||||
CP_TREAS_MEDIUMHW_OID = 419, /* 2.16.840.1.101.3.2.1.5.4 */
|
||||
CP_TREAS_HIGH_OID = 101420, /* 2.16.840.1.101.3.2.1.5.5 */
|
||||
CP_TREAS_PIVI_HW_OID = 101425, /* 2.16.840.1.101.3.2.1.5.10 */
|
||||
CP_TREAS_PIVI_CONTENT_OID = 101427, /* 2.16.840.1.101.3.2.1.5.12 */
|
||||
|
||||
/* Boeing PKI OIDs */
|
||||
CP_BOEING_MEDIUMHW_SHA256_OID = 159, /* 1.3.6.1.4.1.73.15.3.1.12 */
|
||||
CP_BOEING_MEDIUMHW_CONTENT_SHA256_OID = 164, /* 1.3.6.1.4.1.73.15.3.1.17 */
|
||||
|
||||
/* Carillon Federal Services OIDs */
|
||||
CP_CARILLON_MEDIUMHW_256_OID = 467, /* 1.3.6.1.4.1.45606.3.1.12 */
|
||||
CP_CARILLON_AIVHW_OID = 475, /* 1.3.6.1.4.1.45606.3.1.20 */
|
||||
CP_CARILLON_AIVCONTENT_OID = 100477, /* 1.3.6.1.4.1.45606.3.1.22 */
|
||||
|
||||
/* Carillon Information Security OIDs */
|
||||
CP_CIS_MEDIUMHW_256_OID = 489, /* 1.3.6.1.4.1.25054.3.1.12 */
|
||||
CP_CIS_MEDDEVHW_256_OID = 491, /* 1.3.6.1.4.1.25054.3.1.14 */
|
||||
CP_CIS_ICECAP_HW_OID = 497, /* 1.3.6.1.4.1.25054.3.1.20 */
|
||||
CP_CIS_ICECAP_CONTENT_OID = 499, /* 1.3.6.1.4.1.25054.3.1.22 */
|
||||
|
||||
/* CertiPath Bridge OIDs */
|
||||
CP_CERTIPATH_MEDIUMHW_OID = 100459, /* 1.3.6.1.4.1.24019.1.1.1.2 */
|
||||
CP_CERTIPATH_HIGHHW_OID = 101460, /* 1.3.6.1.4.1.24019.1.1.1.3 */
|
||||
CP_CERTIPATH_ICECAP_HW_OID = 464, /* 1.3.6.1.4.1.24019.1.1.1.7 */
|
||||
CP_CERTIPATH_ICECAP_CONTENT_OID = 466, /* 1.3.6.1.4.1.24019.1.1.1.9 */
|
||||
CP_CERTIPATH_VAR_MEDIUMHW_OID = 100475, /* 1.3.6.1.4.1.24019.1.1.1.18 */
|
||||
CP_CERTIPATH_VAR_HIGHHW_OID = 476, /* 1.3.6.1.4.1.24019.1.1.1.19 */
|
||||
|
||||
/* TSCP Bridge OIDs */
|
||||
CP_TSCP_MEDIUMHW_OID = 442, /* 1.3.6.1.4.1.38099.1.1.1.2 */
|
||||
CP_TSCP_PIVI_OID = 445, /* 1.3.6.1.4.1.38099.1.1.1.5 */
|
||||
CP_TSCP_PIVI_CONTENT_OID = 447, /* 1.3.6.1.4.1.38099.1.1.1.7 */
|
||||
|
||||
/* DigiCert NFI PKI OIDs */
|
||||
CP_DIGICERT_NFSSP_MEDIUMHW_OID = 796, /* 2.16.840.1.113733.1.7.23.3.1.7 */
|
||||
CP_DIGICERT_NFSSP_AUTH_OID = 802, /* 2.16.840.1.113733.1.7.23.3.1.13 */
|
||||
CP_DIGICERT_NFSSP_PIVI_HW_OID = 807, /* 2.16.840.1.113733.1.7.23.3.1.18 */
|
||||
CP_DIGICERT_NFSSP_PIVI_CONTENT_OID = 809, /* 2.16.840.1.113733.1.7.23.3.1.20 */
|
||||
CP_DIGICERT_NFSSP_MEDDEVHW_OID = 825, /* 2.16.840.1.113733.1.7.23.3.1.36 */
|
||||
|
||||
/* Entrust Managed Services NFI PKI OIDs */
|
||||
CP_ENTRUST_NFSSP_MEDIUMHW_OID = 1017, /* 2.16.840.1.114027.200.3.10.7.2 */
|
||||
CP_ENTRUST_NFSSP_MEDAUTH_OID = 1019, /* 2.16.840.1.114027.200.3.10.7.4 */
|
||||
CP_ENTRUST_NFSSP_PIVI_HW_OID = 1021, /* 2.16.840.1.114027.200.3.10.7.6 */
|
||||
CP_ENTRUST_NFSSP_PIVI_CONTENT_OID = 1024, /* 2.16.840.1.114027.200.3.10.7.9 */
|
||||
CP_ENTRUST_NFSSP_MEDDEVHW_OID = 1031, /* 2.16.840.1.114027.200.3.10.7.16 */
|
||||
|
||||
/* Exostar LLC PKI OIDs */
|
||||
CP_EXOSTAR_MEDIUMHW_SHA2_OID = 100424, /* 1.3.6.1.4.1.13948.1.1.1.6 */
|
||||
|
||||
/* IdenTrust NFI OIDs */
|
||||
CP_IDENTRUST_MEDIUMHW_SIGN_OID = 846, /* 2.16.840.1.113839.0.100.12.1 */
|
||||
CP_IDENTRUST_MEDIUMHW_ENC_OID = 847, /* 2.16.840.1.113839.0.100.12.2 */
|
||||
CP_IDENTRUST_PIVI_HW_ID_OID = 851, /* 2.16.840.1.113839.0.100.18.0 */
|
||||
CP_IDENTRUST_PIVI_HW_SIGN_OID = 852, /* 2.16.840.1.113839.0.100.18.1 */
|
||||
CP_IDENTRUST_PIVI_HW_ENC_OID = 853, /* 2.16.840.1.113839.0.100.18.2 */
|
||||
CP_IDENTRUST_PIVI_CONTENT_OID = 854, /* 2.16.840.1.113839.0.100.20.1 */
|
||||
|
||||
/* Lockheed Martin PKI OIDs */
|
||||
CP_LOCKHEED_MEDIUMHW_OID = 266, /* 1.3.6.1.4.1.103.100.1.1.3.3 */
|
||||
|
||||
/* Northrop Grumman PKI OIDs */
|
||||
CP_NORTHROP_MEDIUM_256_HW_OID = 654, /* 1.3.6.1.4.1.16334.509.2.8 */
|
||||
CP_NORTHROP_PIVI_256_HW_OID = 655, /* 1.3.6.1.4.1.16334.509.2.9 */
|
||||
CP_NORTHROP_PIVI_256_CONTENT_OID = 657, /* 1.3.6.1.4.1.16334.509.2.11 */
|
||||
CP_NORTHROP_MEDIUM_384_HW_OID = 660, /* 1.3.6.1.4.1.16334.509.2.14 */
|
||||
|
||||
/* Raytheon PKI OIDs */
|
||||
CP_RAYTHEON_MEDIUMHW_OID = 251, /* 1.3.6.1.4.1.1569.10.1.12 */
|
||||
CP_RAYTHEON_MEDDEVHW_OID = 257, /* 1.3.6.1.4.1.1569.10.1.18 */
|
||||
CP_RAYTHEON_SHA2_MEDIUMHW_OID = 433, /* 1.3.6.1.4.1.26769.10.1.12 */
|
||||
CP_RAYTHEON_SHA2_MEDDEVHW_OID = 439, /* 1.3.6.1.4.1.26769.10.1.18 */
|
||||
|
||||
/* WidePoint NFI PKI OIDs */
|
||||
CP_WIDEPOINT_MEDIUMHW_OID = 310, /* 1.3.6.1.4.1.3922.1.1.1.12 */
|
||||
CP_WIDEPOINT_PIVI_HW_OID = 316, /* 1.3.6.1.4.1.3922.1.1.1.18 */
|
||||
CP_WIDEPOINT_PIVI_CONTENT_OID = 318, /* 1.3.6.1.4.1.3922.1.1.1.20 */
|
||||
CP_WIDEPOINT_MEDDEVHW_OID = 336, /* 1.3.6.1.4.1.3922.1.1.1.38 */
|
||||
|
||||
/* Australian Defence Organisation PKI OIDs */
|
||||
CP_ADO_MEDIUM_OID = 293, /* 1.2.36.1.334.1.2.1.2 */
|
||||
CP_ADO_HIGH_OID = 294, /* 1.2.36.1.334.1.2.1.3 */
|
||||
CP_ADO_RESOURCE_MEDIUM_OID = 100294, /* 1.2.36.1.334.1.2.2.2 */
|
||||
|
||||
/* Comodo Ltd PKI OID */
|
||||
CP_COMODO_OID = 100293, /* 1.3.6.1.4.1.6449.1.2.1.3.4 */
|
||||
|
||||
/* Netherlands Ministry of Defence PKI OIDs */
|
||||
CP_NL_MOD_AUTH_OID = 496, /* 2.16.528.1.1003.1.2.5.1 */
|
||||
CP_NL_MOD_IRREFUT_OID = 100497, /* 2.16.528.1.1003.1.2.5.2 */
|
||||
CP_NL_MOD_CONFID_OID = 498, /* 2.16.528.1.1003.1.2.5.3 */
|
||||
#endif /* WOLFSSL_FPKI */
|
||||
WOLF_ENUM_DUMMY_LAST_ELEMENT(CertificatePolicy_Sum)
|
||||
};
|
||||
|
||||
enum SepHardwareName_Sum {
|
||||
HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
|
||||
};
|
||||
|
||||
enum AuthInfo_Sum {
|
||||
AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1, id-ad-ocsp */
|
||||
AIA_CA_ISSUER_OID = 117, /* 1.3.6.1.5.5.7.48.2, id-ad-caIssuers */
|
||||
#ifdef WOLFSSL_SUBJ_INFO_ACC
|
||||
AIA_CA_REPO_OID = 120, /* 1.3.6.1.5.5.7.48.5, id-ad-caRepository */
|
||||
#endif /* WOLFSSL_SUBJ_INFO_ACC */
|
||||
WOLF_ENUM_DUMMY_LAST_ELEMENT(AuthInfo_Sum)
|
||||
};
|
||||
|
||||
#define ID_PKIX(num) (67+(num)) /* 1.3.6.1.5.5.7.num, id-pkix num */
|
||||
#define ID_KP(num) (ID_PKIX(3)+(num)) /* 1.3.6.1.5.5.7.3.num, id-kp num */
|
||||
enum ExtKeyUsage_Sum { /* From RFC 5280 */
|
||||
EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */
|
||||
EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */
|
||||
EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */
|
||||
EKU_CODESIGNING_OID = 73, /* 1.3.6.1.5.5.7.3.3, id-kp-codeSigning */
|
||||
EKU_EMAILPROTECT_OID = 74, /* 1.3.6.1.5.5.7.3.4, id-kp-emailProtection */
|
||||
EKU_TIMESTAMP_OID = 78, /* 1.3.6.1.5.5.7.3.8, id-kp-timeStamping */
|
||||
EKU_OCSP_SIGN_OID = 79, /* 1.3.6.1.5.5.7.3.9, id-kp-OCSPSigning */
|
||||
|
||||
/* From RFC 6187: X.509v3 Certificates for Secure Shell Authentication */
|
||||
EKU_SSH_CLIENT_AUTH_OID = ID_KP(21), /* id-kp-secureShellClient */
|
||||
EKU_SSH_MSCL_OID = 264,
|
||||
/* 1.3.6.1.4.1.311.20.2.2, MS Smart Card Logon */
|
||||
EKU_SSH_KP_CLIENT_AUTH_OID = 64
|
||||
/* 1.3.6.1.5.2.3.4, id-pkinit-KPClientAuth*/
|
||||
};
|
||||
|
||||
#ifdef WOLFSSL_SUBJ_DIR_ATTR
|
||||
#define ID_PDA(num) (ID_PKIX(9)+(num)) /* 1.3.6.1.5.5.7.9.num, id-pda num */
|
||||
enum SubjDirAttr_Sum { /* From RFC 3739, section 3.3.2 */
|
||||
SDA_DOB_OID = ID_PDA(1), /* id-pda-dateOfBirth */
|
||||
SDA_POB_OID = ID_PDA(2), /* id-pda-placeOfBirth */
|
||||
SDA_GENDER_OID = ID_PDA(3), /* id-pda-gender */
|
||||
SDA_COC_OID = ID_PDA(4), /* id-pda-countryOfCitizenship */
|
||||
SDA_COR_OID = ID_PDA(5) /* id-pda-countryOfResidence */
|
||||
};
|
||||
#endif /* WOLFSSL_SUBJ_DIR_ATTR */
|
||||
|
||||
#ifdef HAVE_LIBZ
|
||||
enum CompressAlg_Sum {
|
||||
ZLIBc = 679 /* 1.2.840.113549.1.9.16.3.8, id-alg-zlibCompress */
|
||||
};
|
||||
#endif
|
||||
|
||||
enum VerifyType {
|
||||
NO_VERIFY = 0,
|
||||
VERIFY = 1,
|
||||
|
|
@ -1653,22 +1285,6 @@ enum KeyIdType {
|
|||
};
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_NAME_ALL)
|
||||
enum CsrAttrType {
|
||||
UNSTRUCTURED_NAME_OID = 654,
|
||||
PKCS9_CONTENT_TYPE_OID = 655,
|
||||
CHALLENGE_PASSWORD_OID = 659,
|
||||
SERIAL_NUMBER_OID = 94,
|
||||
EXTENSION_REQUEST_OID = 666,
|
||||
USER_ID_OID = 865,
|
||||
DNQUALIFIER_OID = 135,
|
||||
INITIALS_OID = 132,
|
||||
SURNAME_OID = 93,
|
||||
NAME_OID = 130,
|
||||
GIVEN_NAME_OID = 131
|
||||
};
|
||||
#endif
|
||||
|
||||
/* Key usage extension bits (based on RFC 5280) */
|
||||
#define KEYUSE_DIGITAL_SIG 0x0080
|
||||
#define KEYUSE_CONTENT_COMMIT 0x0040
|
||||
|
|
@ -2622,6 +2238,8 @@ WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
|
|||
WOLFSSL_ASN_API int GetASNInt(const byte* input, word32* inOutIdx, int* len,
|
||||
word32 maxIdx);
|
||||
|
||||
WOLFSSL_LOCAL word32 wc_oid_sum(const byte* input, int length);
|
||||
|
||||
#ifdef HAVE_OID_ENCODING
|
||||
WOLFSSL_API int wc_EncodeObjectId(const word16* in, word32 inSz,
|
||||
byte* out, word32* outSz);
|
||||
|
|
@ -2818,11 +2436,6 @@ enum Ocsp_Cert_Status {
|
|||
};
|
||||
|
||||
|
||||
enum Ocsp_Sums {
|
||||
OCSP_BASIC_OID = 117,
|
||||
OCSP_NONCE_OID = 118
|
||||
};
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
enum Ocsp_Verify_Error {
|
||||
OCSP_VERIFY_ERROR_NONE = 0,
|
||||
|
|
|
|||
|
|
@ -81,42 +81,6 @@ This library defines the interface APIs for X509 certificates.
|
|||
#define WC_SPHINCSKEY_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
enum Ecc_Sum {
|
||||
ECC_SECP112R1_OID = 182,
|
||||
ECC_SECP112R2_OID = 183,
|
||||
ECC_SECP128R1_OID = 204,
|
||||
ECC_SECP128R2_OID = 205,
|
||||
ECC_SECP160R1_OID = 184,
|
||||
ECC_SECP160R2_OID = 206,
|
||||
ECC_SECP160K1_OID = 185,
|
||||
ECC_BRAINPOOLP160R1_OID = 98,
|
||||
ECC_SECP192R1_OID = 520,
|
||||
ECC_PRIME192V2_OID = 521,
|
||||
ECC_PRIME192V3_OID = 522,
|
||||
ECC_SECP192K1_OID = 207,
|
||||
ECC_BRAINPOOLP192R1_OID = 100,
|
||||
ECC_SECP224R1_OID = 209,
|
||||
ECC_SECP224K1_OID = 208,
|
||||
ECC_BRAINPOOLP224R1_OID = 102,
|
||||
ECC_PRIME239V1_OID = 523,
|
||||
ECC_PRIME239V2_OID = 524,
|
||||
ECC_PRIME239V3_OID = 525,
|
||||
ECC_SECP256R1_OID = 526,
|
||||
ECC_SECP256K1_OID = 186,
|
||||
ECC_BRAINPOOLP256R1_OID = 104,
|
||||
ECC_SM2P256V1_OID = 667,
|
||||
ECC_X25519_OID = 365,
|
||||
ECC_ED25519_OID = 256,
|
||||
ECC_BRAINPOOLP320R1_OID = 106,
|
||||
ECC_X448_OID = 362,
|
||||
ECC_ED448_OID = 257,
|
||||
ECC_SECP384R1_OID = 210,
|
||||
ECC_BRAINPOOLP384R1_OID = 108,
|
||||
ECC_BRAINPOOLP512R1_OID = 110,
|
||||
ECC_SECP521R1_OID = 211
|
||||
};
|
||||
|
||||
|
||||
enum EncPkcs8Types {
|
||||
ENC_PKCS8_VER_PKCS12 = 1,
|
||||
ENC_PKCS8_VER_PKCS5 = 5,
|
||||
|
|
@ -187,58 +151,6 @@ enum CertType {
|
|||
};
|
||||
|
||||
|
||||
/* Signature type, by OID sum */
|
||||
enum Ctc_SigType {
|
||||
CTC_SHAwDSA = 517,
|
||||
CTC_SHA256wDSA = 416,
|
||||
CTC_MD2wRSA = 646,
|
||||
CTC_MD5wRSA = 648,
|
||||
CTC_SHAwRSA = 649,
|
||||
CTC_SHAwECDSA = 520,
|
||||
CTC_SHA224wRSA = 658,
|
||||
CTC_SHA224wECDSA = 523,
|
||||
CTC_SHA256wRSA = 655,
|
||||
CTC_SHA256wECDSA = 524,
|
||||
CTC_SHA384wRSA = 656,
|
||||
CTC_SHA384wECDSA = 525,
|
||||
CTC_SHA512wRSA = 657,
|
||||
CTC_SHA512wECDSA = 526,
|
||||
|
||||
/* https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration */
|
||||
CTC_SHA3_224wECDSA = 423,
|
||||
CTC_SHA3_256wECDSA = 424,
|
||||
CTC_SHA3_384wECDSA = 425,
|
||||
CTC_SHA3_512wECDSA = 426,
|
||||
CTC_SHA3_224wRSA = 427,
|
||||
CTC_SHA3_256wRSA = 428,
|
||||
CTC_SHA3_384wRSA = 429,
|
||||
CTC_SHA3_512wRSA = 430,
|
||||
|
||||
CTC_RSASSAPSS = 654,
|
||||
|
||||
CTC_SM3wSM2 = 740, /* 1.2.156.10197.1.501 */
|
||||
|
||||
CTC_ED25519 = 256,
|
||||
CTC_ED448 = 257,
|
||||
|
||||
CTC_FALCON_LEVEL1 = 273,
|
||||
CTC_FALCON_LEVEL5 = 276,
|
||||
|
||||
CTC_DILITHIUM_LEVEL2 = 218,
|
||||
CTC_DILITHIUM_LEVEL3 = 221,
|
||||
CTC_DILITHIUM_LEVEL5 = 225,
|
||||
CTC_ML_DSA_LEVEL2 = 431,
|
||||
CTC_ML_DSA_LEVEL3 = 432,
|
||||
CTC_ML_DSA_LEVEL5 = 433,
|
||||
|
||||
CTC_SPHINCS_FAST_LEVEL1 = 281,
|
||||
CTC_SPHINCS_FAST_LEVEL3 = 283,
|
||||
CTC_SPHINCS_FAST_LEVEL5 = 282,
|
||||
CTC_SPHINCS_SMALL_LEVEL1 = 287,
|
||||
CTC_SPHINCS_SMALL_LEVEL3 = 285,
|
||||
CTC_SPHINCS_SMALL_LEVEL5 = 286
|
||||
};
|
||||
|
||||
enum Ctc_Encoding {
|
||||
CTC_UTF8 = 0x0c, /* utf8 */
|
||||
CTC_PRINTABLE = 0x13 /* printable */
|
||||
|
|
@ -1058,6 +970,8 @@ typedef struct Asn1Item {
|
|||
/* Maximum supported depth of ASN.1 items. */
|
||||
#define ASN_MAX_DEPTH 16
|
||||
|
||||
typedef const char* (*Asn1OidToNameCb)(unsigned char* oid, word32 len);
|
||||
|
||||
/* ASN.1 parsing state. */
|
||||
typedef struct Asn1 {
|
||||
/* ASN.1 item data. */
|
||||
|
|
@ -1080,6 +994,9 @@ typedef struct Asn1 {
|
|||
|
||||
/* File pointer to print to. */
|
||||
XFILE file;
|
||||
|
||||
/* Callback to get a name for an hex OID. */
|
||||
Asn1OidToNameCb nameCb;
|
||||
} Asn1;
|
||||
|
||||
WOLFSSL_API int wc_Asn1PrintOptions_Init(Asn1PrintOptions* opts);
|
||||
|
|
@ -1088,6 +1005,7 @@ WOLFSSL_API int wc_Asn1PrintOptions_Set(Asn1PrintOptions* opts,
|
|||
|
||||
WOLFSSL_API int wc_Asn1_Init(Asn1* asn1);
|
||||
WOLFSSL_API int wc_Asn1_SetFile(Asn1* asn1, XFILE file);
|
||||
WOLFSSL_API int wc_Asn1_SetOidToNameCb(Asn1* asn1, Asn1OidToNameCb nameCb);
|
||||
WOLFSSL_API int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts,
|
||||
unsigned char* data, word32 len);
|
||||
|
||||
|
|
|
|||
|
|
@ -85,7 +85,8 @@ nobase_include_HEADERS+= \
|
|||
wolfssl/wolfcrypt/ext_lms.h \
|
||||
wolfssl/wolfcrypt/xmss.h \
|
||||
wolfssl/wolfcrypt/wc_xmss.h \
|
||||
wolfssl/wolfcrypt/ext_xmss.h
|
||||
wolfssl/wolfcrypt/ext_xmss.h \
|
||||
wolfssl/wolfcrypt/oid_sum.h
|
||||
|
||||
noinst_HEADERS+= \
|
||||
wolfssl/wolfcrypt/port/aria/aria-crypt.h \
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -81,22 +81,6 @@
|
|||
#define WOLFSSL_SIGNING_TIME_ATTRIBUTE 0x4
|
||||
#define WOLFSSL_MESSAGE_DIGEST_ATTRIBUTE 0x8
|
||||
|
||||
/* PKCS#7 content types, ref RFC 2315 (Section 14) */
|
||||
enum PKCS7_TYPES {
|
||||
PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
|
||||
DATA = 651, /* 1.2.840.113549.1.7.1 */
|
||||
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
|
||||
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
|
||||
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
|
||||
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
|
||||
ENCRYPTED_DATA = 656, /* 1.2.840.113549.1.7.6 */
|
||||
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
|
||||
COMPRESSED_DATA = 678, /* 1.2.840.113549.1.9.16.1.9, RFC 3274 */
|
||||
#endif
|
||||
FIRMWARE_PKG_DATA = 685, /* 1.2.840.113549.1.9.16.1.16, RFC 4108 */
|
||||
AUTH_ENVELOPED_DATA = 692 /* 1.2.840.113549.1.9.16.1.23, RFC 5083 */
|
||||
};
|
||||
|
||||
enum PKCS7_STATE {
|
||||
WC_PKCS7_START = 0,
|
||||
|
||||
|
|
|
|||
|
|
@ -3583,6 +3583,13 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_PYTHON
|
||||
/* Need to use old OID sum algorithm until OSP patches, in particular to
|
||||
* tests, for all versions reflect the new OID sum value. */
|
||||
#undef WOLFSSL_OLD_OID_SUM
|
||||
#define WOLFSSL_OLD_OID_SUM
|
||||
#endif
|
||||
|
||||
|
||||
/* Linux Kernel Module */
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ decouple library dependencies with standard string, memory and so on.
|
|||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
#include <wolfssl/wolfcrypt/oid_sum.h>
|
||||
|
||||
#if defined(EXTERNAL_OPTS_OPENVPN) && defined(BUILDING_WOLFSSL)
|
||||
#error EXTERNAL_OPTS_OPENVPN should not be defined in compiled wolfssl library files.
|
||||
|
|
|
|||
Loading…
Reference in New Issue