oid.c 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710
  1. /**
  2. * \file oid.c
  3. *
  4. * \brief Object Identifier (OID) database
  5. *
  6. * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  7. * SPDX-License-Identifier: Apache-2.0
  8. *
  9. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  10. * not use this file except in compliance with the License.
  11. * You may obtain a copy of the License at
  12. *
  13. * http://www.apache.org/licenses/LICENSE-2.0
  14. *
  15. * Unless required by applicable law or agreed to in writing, software
  16. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  17. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18. * See the License for the specific language governing permissions and
  19. * limitations under the License.
  20. *
  21. * This file is part of mbed TLS (https://tls.mbed.org)
  22. */
  23. #if !defined(MBEDTLS_CONFIG_FILE)
  24. #include "mbedtls/config.h"
  25. #else
  26. #include MBEDTLS_CONFIG_FILE
  27. #endif
  28. #if defined(MBEDTLS_OID_C)
  29. #include "mbedtls/oid.h"
  30. #include "mbedtls/rsa.h"
  31. #include <stdio.h>
  32. #include <string.h>
  33. #if defined(MBEDTLS_PLATFORM_C)
  34. #include "mbedtls/platform.h"
  35. #else
  36. #define mbedtls_snprintf snprintf
  37. #endif
  38. #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
  39. #include "mbedtls/x509.h"
  40. #endif
  41. /*
  42. * Macro to automatically add the size of #define'd OIDs
  43. */
  44. #define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s)
  45. /*
  46. * Macro to generate an internal function for oid_XXX_from_asn1() (used by
  47. * the other functions)
  48. */
  49. #define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
  50. static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid ) \
  51. { \
  52. const TYPE_T *p = LIST; \
  53. const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p; \
  54. if( p == NULL || oid == NULL ) return( NULL ); \
  55. while( cur->asn1 != NULL ) { \
  56. if( cur->asn1_len == oid->len && \
  57. memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
  58. return( p ); \
  59. } \
  60. p++; \
  61. cur = (const mbedtls_oid_descriptor_t *) p; \
  62. } \
  63. return( NULL ); \
  64. }
  65. /*
  66. * Macro to generate a function for retrieving a single attribute from the
  67. * descriptor of an mbedtls_oid_descriptor_t wrapper.
  68. */
  69. #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
  70. int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
  71. { \
  72. const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
  73. if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
  74. *ATTR1 = data->descriptor.ATTR1; \
  75. return( 0 ); \
  76. }
  77. /*
  78. * Macro to generate a function for retrieving a single attribute from an
  79. * mbedtls_oid_descriptor_t wrapper.
  80. */
  81. #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
  82. int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
  83. { \
  84. const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
  85. if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
  86. *ATTR1 = data->ATTR1; \
  87. return( 0 ); \
  88. }
  89. /*
  90. * Macro to generate a function for retrieving two attributes from an
  91. * mbedtls_oid_descriptor_t wrapper.
  92. */
  93. #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
  94. ATTR2_TYPE, ATTR2) \
  95. int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
  96. { \
  97. const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
  98. if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
  99. *ATTR1 = data->ATTR1; \
  100. *ATTR2 = data->ATTR2; \
  101. return( 0 ); \
  102. }
  103. /*
  104. * Macro to generate a function for retrieving the OID based on a single
  105. * attribute from a mbedtls_oid_descriptor_t wrapper.
  106. */
  107. #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
  108. int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
  109. { \
  110. const TYPE_T *cur = LIST; \
  111. while( cur->descriptor.asn1 != NULL ) { \
  112. if( cur->ATTR1 == ATTR1 ) { \
  113. *oid = cur->descriptor.asn1; \
  114. *olen = cur->descriptor.asn1_len; \
  115. return( 0 ); \
  116. } \
  117. cur++; \
  118. } \
  119. return( MBEDTLS_ERR_OID_NOT_FOUND ); \
  120. }
  121. /*
  122. * Macro to generate a function for retrieving the OID based on two
  123. * attributes from a mbedtls_oid_descriptor_t wrapper.
  124. */
  125. #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
  126. ATTR2_TYPE, ATTR2) \
  127. int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
  128. size_t *olen ) \
  129. { \
  130. const TYPE_T *cur = LIST; \
  131. while( cur->descriptor.asn1 != NULL ) { \
  132. if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
  133. *oid = cur->descriptor.asn1; \
  134. *olen = cur->descriptor.asn1_len; \
  135. return( 0 ); \
  136. } \
  137. cur++; \
  138. } \
  139. return( MBEDTLS_ERR_OID_NOT_FOUND ); \
  140. }
  141. #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
  142. /*
  143. * For X520 attribute types
  144. */
  145. typedef struct {
  146. mbedtls_oid_descriptor_t descriptor;
  147. const char *short_name;
  148. } oid_x520_attr_t;
  149. static const oid_x520_attr_t oid_x520_attr_type[] =
  150. {
  151. {
  152. { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" },
  153. "CN",
  154. },
  155. {
  156. { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" },
  157. "C",
  158. },
  159. {
  160. { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" },
  161. "L",
  162. },
  163. {
  164. { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" },
  165. "ST",
  166. },
  167. {
  168. { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" },
  169. "O",
  170. },
  171. {
  172. { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" },
  173. "OU",
  174. },
  175. {
  176. { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" },
  177. "emailAddress",
  178. },
  179. {
  180. { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" },
  181. "serialNumber",
  182. },
  183. {
  184. { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" },
  185. "postalAddress",
  186. },
  187. {
  188. { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
  189. "postalCode",
  190. },
  191. {
  192. { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
  193. "SN",
  194. },
  195. {
  196. { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
  197. "GN",
  198. },
  199. {
  200. { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" },
  201. "initials",
  202. },
  203. {
  204. { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
  205. "generationQualifier",
  206. },
  207. {
  208. { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" },
  209. "title",
  210. },
  211. {
  212. { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
  213. "dnQualifier",
  214. },
  215. {
  216. { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
  217. "pseudonym",
  218. },
  219. {
  220. { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
  221. "DC",
  222. },
  223. {
  224. { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" },
  225. "uniqueIdentifier",
  226. },
  227. {
  228. { NULL, 0, NULL, NULL },
  229. NULL,
  230. }
  231. };
  232. FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type)
  233. FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name)
  234. /*
  235. * For X509 extensions
  236. */
  237. typedef struct {
  238. mbedtls_oid_descriptor_t descriptor;
  239. int ext_type;
  240. } oid_x509_ext_t;
  241. static const oid_x509_ext_t oid_x509_ext[] =
  242. {
  243. {
  244. { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
  245. MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
  246. },
  247. {
  248. { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
  249. MBEDTLS_X509_EXT_KEY_USAGE,
  250. },
  251. {
  252. { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" },
  253. MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
  254. },
  255. {
  256. { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
  257. MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
  258. },
  259. {
  260. { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
  261. MBEDTLS_X509_EXT_NS_CERT_TYPE,
  262. },
  263. {
  264. { NULL, 0, NULL, NULL },
  265. 0,
  266. },
  267. };
  268. FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
  269. FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type)
  270. static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
  271. {
  272. { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
  273. { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
  274. { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
  275. { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
  276. { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
  277. { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
  278. { NULL, 0, NULL, NULL },
  279. };
  280. FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
  281. FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description)
  282. #endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
  283. #if defined(MBEDTLS_MD_C)
  284. /*
  285. * For SignatureAlgorithmIdentifier
  286. */
  287. typedef struct {
  288. mbedtls_oid_descriptor_t descriptor;
  289. mbedtls_md_type_t md_alg;
  290. mbedtls_pk_type_t pk_alg;
  291. } oid_sig_alg_t;
  292. static const oid_sig_alg_t oid_sig_alg[] =
  293. {
  294. #if defined(MBEDTLS_RSA_C)
  295. #if defined(MBEDTLS_MD2_C)
  296. {
  297. { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" },
  298. MBEDTLS_MD_MD2, MBEDTLS_PK_RSA,
  299. },
  300. #endif /* MBEDTLS_MD2_C */
  301. #if defined(MBEDTLS_MD4_C)
  302. {
  303. { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" },
  304. MBEDTLS_MD_MD4, MBEDTLS_PK_RSA,
  305. },
  306. #endif /* MBEDTLS_MD4_C */
  307. #if defined(MBEDTLS_MD5_C)
  308. {
  309. { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" },
  310. MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
  311. },
  312. #endif /* MBEDTLS_MD5_C */
  313. #if defined(MBEDTLS_SHA1_C)
  314. {
  315. { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" },
  316. MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
  317. },
  318. #endif /* MBEDTLS_SHA1_C */
  319. #if defined(MBEDTLS_SHA256_C)
  320. {
  321. { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" },
  322. MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
  323. },
  324. {
  325. { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" },
  326. MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
  327. },
  328. #endif /* MBEDTLS_SHA256_C */
  329. #if defined(MBEDTLS_SHA512_C)
  330. {
  331. { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" },
  332. MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
  333. },
  334. {
  335. { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" },
  336. MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
  337. },
  338. #endif /* MBEDTLS_SHA512_C */
  339. #if defined(MBEDTLS_SHA1_C)
  340. {
  341. { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" },
  342. MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
  343. },
  344. #endif /* MBEDTLS_SHA1_C */
  345. #endif /* MBEDTLS_RSA_C */
  346. #if defined(MBEDTLS_ECDSA_C)
  347. #if defined(MBEDTLS_SHA1_C)
  348. {
  349. { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" },
  350. MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
  351. },
  352. #endif /* MBEDTLS_SHA1_C */
  353. #if defined(MBEDTLS_SHA256_C)
  354. {
  355. { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" },
  356. MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
  357. },
  358. {
  359. { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" },
  360. MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
  361. },
  362. #endif /* MBEDTLS_SHA256_C */
  363. #if defined(MBEDTLS_SHA512_C)
  364. {
  365. { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" },
  366. MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
  367. },
  368. {
  369. { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" },
  370. MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
  371. },
  372. #endif /* MBEDTLS_SHA512_C */
  373. #endif /* MBEDTLS_ECDSA_C */
  374. #if defined(MBEDTLS_RSA_C)
  375. {
  376. { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" },
  377. MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS,
  378. },
  379. #endif /* MBEDTLS_RSA_C */
  380. {
  381. { NULL, 0, NULL, NULL },
  382. MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
  383. },
  384. };
  385. FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg)
  386. FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description)
  387. FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
  388. FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
  389. #endif /* MBEDTLS_MD_C */
  390. /*
  391. * For PublicKeyInfo (PKCS1, RFC 5480)
  392. */
  393. typedef struct {
  394. mbedtls_oid_descriptor_t descriptor;
  395. mbedtls_pk_type_t pk_alg;
  396. } oid_pk_alg_t;
  397. static const oid_pk_alg_t oid_pk_alg[] =
  398. {
  399. {
  400. { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" },
  401. MBEDTLS_PK_RSA,
  402. },
  403. {
  404. { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" },
  405. MBEDTLS_PK_ECKEY,
  406. },
  407. {
  408. { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" },
  409. MBEDTLS_PK_ECKEY_DH,
  410. },
  411. {
  412. { NULL, 0, NULL, NULL },
  413. MBEDTLS_PK_NONE,
  414. },
  415. };
  416. FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg)
  417. FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg)
  418. FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg)
  419. #if defined(MBEDTLS_ECP_C)
  420. /*
  421. * For namedCurve (RFC 5480)
  422. */
  423. typedef struct {
  424. mbedtls_oid_descriptor_t descriptor;
  425. mbedtls_ecp_group_id grp_id;
  426. } oid_ecp_grp_t;
  427. static const oid_ecp_grp_t oid_ecp_grp[] =
  428. {
  429. #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
  430. {
  431. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" },
  432. MBEDTLS_ECP_DP_SECP192R1,
  433. },
  434. #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
  435. #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
  436. {
  437. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" },
  438. MBEDTLS_ECP_DP_SECP224R1,
  439. },
  440. #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
  441. #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
  442. {
  443. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" },
  444. MBEDTLS_ECP_DP_SECP256R1,
  445. },
  446. #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
  447. #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
  448. {
  449. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" },
  450. MBEDTLS_ECP_DP_SECP384R1,
  451. },
  452. #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
  453. #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
  454. {
  455. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" },
  456. MBEDTLS_ECP_DP_SECP521R1,
  457. },
  458. #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
  459. #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
  460. {
  461. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" },
  462. MBEDTLS_ECP_DP_SECP192K1,
  463. },
  464. #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
  465. #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
  466. {
  467. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" },
  468. MBEDTLS_ECP_DP_SECP224K1,
  469. },
  470. #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
  471. #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
  472. {
  473. { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" },
  474. MBEDTLS_ECP_DP_SECP256K1,
  475. },
  476. #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
  477. #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
  478. {
  479. { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
  480. MBEDTLS_ECP_DP_BP256R1,
  481. },
  482. #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
  483. #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
  484. {
  485. { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
  486. MBEDTLS_ECP_DP_BP384R1,
  487. },
  488. #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
  489. #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
  490. {
  491. { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
  492. MBEDTLS_ECP_DP_BP512R1,
  493. },
  494. #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
  495. {
  496. { NULL, 0, NULL, NULL },
  497. MBEDTLS_ECP_DP_NONE,
  498. },
  499. };
  500. FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp)
  501. FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id)
  502. FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id)
  503. #endif /* MBEDTLS_ECP_C */
  504. #if defined(MBEDTLS_CIPHER_C)
  505. /*
  506. * For PKCS#5 PBES2 encryption algorithm
  507. */
  508. typedef struct {
  509. mbedtls_oid_descriptor_t descriptor;
  510. mbedtls_cipher_type_t cipher_alg;
  511. } oid_cipher_alg_t;
  512. static const oid_cipher_alg_t oid_cipher_alg[] =
  513. {
  514. {
  515. { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" },
  516. MBEDTLS_CIPHER_DES_CBC,
  517. },
  518. {
  519. { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" },
  520. MBEDTLS_CIPHER_DES_EDE3_CBC,
  521. },
  522. {
  523. { NULL, 0, NULL, NULL },
  524. MBEDTLS_CIPHER_NONE,
  525. },
  526. };
  527. FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg)
  528. FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg)
  529. #endif /* MBEDTLS_CIPHER_C */
  530. #if defined(MBEDTLS_MD_C)
  531. /*
  532. * For digestAlgorithm
  533. */
  534. typedef struct {
  535. mbedtls_oid_descriptor_t descriptor;
  536. mbedtls_md_type_t md_alg;
  537. } oid_md_alg_t;
  538. static const oid_md_alg_t oid_md_alg[] =
  539. {
  540. #if defined(MBEDTLS_MD2_C)
  541. {
  542. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" },
  543. MBEDTLS_MD_MD2,
  544. },
  545. #endif /* MBEDTLS_MD2_C */
  546. #if defined(MBEDTLS_MD4_C)
  547. {
  548. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" },
  549. MBEDTLS_MD_MD4,
  550. },
  551. #endif /* MBEDTLS_MD4_C */
  552. #if defined(MBEDTLS_MD5_C)
  553. {
  554. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" },
  555. MBEDTLS_MD_MD5,
  556. },
  557. #endif /* MBEDTLS_MD5_C */
  558. #if defined(MBEDTLS_SHA1_C)
  559. {
  560. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" },
  561. MBEDTLS_MD_SHA1,
  562. },
  563. #endif /* MBEDTLS_SHA1_C */
  564. #if defined(MBEDTLS_SHA256_C)
  565. {
  566. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" },
  567. MBEDTLS_MD_SHA224,
  568. },
  569. {
  570. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" },
  571. MBEDTLS_MD_SHA256,
  572. },
  573. #endif /* MBEDTLS_SHA256_C */
  574. #if defined(MBEDTLS_SHA512_C)
  575. {
  576. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" },
  577. MBEDTLS_MD_SHA384,
  578. },
  579. {
  580. { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" },
  581. MBEDTLS_MD_SHA512,
  582. },
  583. #endif /* MBEDTLS_SHA512_C */
  584. {
  585. { NULL, 0, NULL, NULL },
  586. MBEDTLS_MD_NONE,
  587. },
  588. };
  589. FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
  590. FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
  591. FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
  592. #endif /* MBEDTLS_MD_C */
  593. #if defined(MBEDTLS_PKCS12_C)
  594. /*
  595. * For PKCS#12 PBEs
  596. */
  597. typedef struct {
  598. mbedtls_oid_descriptor_t descriptor;
  599. mbedtls_md_type_t md_alg;
  600. mbedtls_cipher_type_t cipher_alg;
  601. } oid_pkcs12_pbe_alg_t;
  602. static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
  603. {
  604. {
  605. { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
  606. MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC,
  607. },
  608. {
  609. { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
  610. MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC,
  611. },
  612. {
  613. { NULL, 0, NULL, NULL },
  614. MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE,
  615. },
  616. };
  617. FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg)
  618. FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg)
  619. #endif /* MBEDTLS_PKCS12_C */
  620. #define OID_SAFE_SNPRINTF \
  621. do { \
  622. if( ret < 0 || (size_t) ret >= n ) \
  623. return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \
  624. \
  625. n -= (size_t) ret; \
  626. p += (size_t) ret; \
  627. } while( 0 )
  628. /* Return the x.y.z.... style numeric string for the given OID */
  629. int mbedtls_oid_get_numeric_string( char *buf, size_t size,
  630. const mbedtls_asn1_buf *oid )
  631. {
  632. int ret;
  633. size_t i, n;
  634. unsigned int value;
  635. char *p;
  636. p = buf;
  637. n = size;
  638. /* First byte contains first two dots */
  639. if( oid->len > 0 )
  640. {
  641. ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
  642. OID_SAFE_SNPRINTF;
  643. }
  644. value = 0;
  645. for( i = 1; i < oid->len; i++ )
  646. {
  647. /* Prevent overflow in value. */
  648. if( ( ( value << 7 ) >> 7 ) != value )
  649. return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );
  650. value <<= 7;
  651. value += oid->p[i] & 0x7F;
  652. if( !( oid->p[i] & 0x80 ) )
  653. {
  654. /* Last byte */
  655. ret = mbedtls_snprintf( p, n, ".%d", value );
  656. OID_SAFE_SNPRINTF;
  657. value = 0;
  658. }
  659. }
  660. return( (int) ( size - n ) );
  661. }
  662. #endif /* MBEDTLS_OID_C */