1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 5 #ifndef _SECOIDT_H_ 6 #define _SECOIDT_H_ 7 8 #include "utilrename.h" 9 10 /* 11 * secoidt.h - public data structures for ASN.1 OID functions 12 */ 13 14 #include "secitem.h" 15 16 typedef struct SECOidDataStr SECOidData; 17 typedef struct SECAlgorithmIDStr SECAlgorithmID; 18 19 /* 20 ** An X.500 algorithm identifier 21 */ 22 struct SECAlgorithmIDStr { 23 SECItem algorithm; 24 SECItem parameters; 25 }; 26 27 /* 28 * Misc object IDs - these numbers are for convenient handling. 29 * They are mapped into real object IDs 30 * 31 * NOTE: the order of these entries must mach the array "oids" of SECOidData 32 * in util/secoid.c. 33 */ 34 typedef enum { 35 SEC_OID_UNKNOWN = 0, 36 SEC_OID_MD2 = 1, 37 SEC_OID_MD4 = 2, 38 SEC_OID_MD5 = 3, 39 SEC_OID_SHA1 = 4, 40 SEC_OID_RC2_CBC = 5, 41 SEC_OID_RC4 = 6, 42 SEC_OID_DES_EDE3_CBC = 7, 43 SEC_OID_RC5_CBC_PAD = 8, 44 SEC_OID_DES_ECB = 9, 45 SEC_OID_DES_CBC = 10, 46 SEC_OID_DES_OFB = 11, 47 SEC_OID_DES_CFB = 12, 48 SEC_OID_DES_MAC = 13, 49 SEC_OID_DES_EDE = 14, 50 SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15, 51 SEC_OID_PKCS1_RSA_ENCRYPTION = 16, 52 SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17, 53 SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18, 54 SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19, 55 SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20, 56 SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21, 57 SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22, 58 SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23, 59 SEC_OID_PKCS7 = 24, 60 SEC_OID_PKCS7_DATA = 25, 61 SEC_OID_PKCS7_SIGNED_DATA = 26, 62 SEC_OID_PKCS7_ENVELOPED_DATA = 27, 63 SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28, 64 SEC_OID_PKCS7_DIGESTED_DATA = 29, 65 SEC_OID_PKCS7_ENCRYPTED_DATA = 30, 66 SEC_OID_PKCS9_EMAIL_ADDRESS = 31, 67 SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32, 68 SEC_OID_PKCS9_CONTENT_TYPE = 33, 69 SEC_OID_PKCS9_MESSAGE_DIGEST = 34, 70 SEC_OID_PKCS9_SIGNING_TIME = 35, 71 SEC_OID_PKCS9_COUNTER_SIGNATURE = 36, 72 SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37, 73 SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38, 74 SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39, 75 SEC_OID_PKCS9_SMIME_CAPABILITIES = 40, 76 SEC_OID_AVA_COMMON_NAME = 41, 77 SEC_OID_AVA_COUNTRY_NAME = 42, 78 SEC_OID_AVA_LOCALITY = 43, 79 SEC_OID_AVA_STATE_OR_PROVINCE = 44, 80 SEC_OID_AVA_ORGANIZATION_NAME = 45, 81 SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46, 82 SEC_OID_AVA_DN_QUALIFIER = 47, 83 SEC_OID_AVA_DC = 48, 84 85 SEC_OID_NS_TYPE_GIF = 49, 86 SEC_OID_NS_TYPE_JPEG = 50, 87 SEC_OID_NS_TYPE_URL = 51, 88 SEC_OID_NS_TYPE_HTML = 52, 89 SEC_OID_NS_TYPE_CERT_SEQUENCE = 53, 90 SEC_OID_MISSI_KEA_DSS_OLD = 54, 91 SEC_OID_MISSI_DSS_OLD = 55, 92 SEC_OID_MISSI_KEA_DSS = 56, 93 SEC_OID_MISSI_DSS = 57, 94 SEC_OID_MISSI_KEA = 58, 95 SEC_OID_MISSI_ALT_KEA = 59, 96 97 /* Netscape private certificate extensions */ 98 SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60, 99 SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61, 100 SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62, 101 SEC_OID_NS_CERT_EXT_CERT_TYPE = 63, 102 SEC_OID_NS_CERT_EXT_BASE_URL = 64, 103 SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65, 104 SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66, 105 SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67, 106 SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68, 107 SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69, 108 SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70, 109 SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71, 110 SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72, 111 SEC_OID_NS_CERT_EXT_USER_PICTURE = 73, 112 SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74, 113 SEC_OID_NS_CERT_EXT_COMMENT = 75, 114 SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76, 115 SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77, 116 SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78, 117 118 /* x.509 v3 Extensions */ 119 SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79, 120 SEC_OID_X509_SUBJECT_KEY_ID = 80, 121 SEC_OID_X509_KEY_USAGE = 81, 122 SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82, 123 SEC_OID_X509_SUBJECT_ALT_NAME = 83, 124 SEC_OID_X509_ISSUER_ALT_NAME = 84, 125 SEC_OID_X509_BASIC_CONSTRAINTS = 85, 126 SEC_OID_X509_NAME_CONSTRAINTS = 86, 127 SEC_OID_X509_CRL_DIST_POINTS = 87, 128 SEC_OID_X509_CERTIFICATE_POLICIES = 88, 129 SEC_OID_X509_POLICY_MAPPINGS = 89, 130 SEC_OID_X509_POLICY_CONSTRAINTS = 90, 131 SEC_OID_X509_AUTH_KEY_ID = 91, 132 SEC_OID_X509_EXT_KEY_USAGE = 92, 133 SEC_OID_X509_AUTH_INFO_ACCESS = 93, 134 135 SEC_OID_X509_CRL_NUMBER = 94, 136 SEC_OID_X509_REASON_CODE = 95, 137 SEC_OID_X509_INVALID_DATE = 96, 138 /* End of x.509 v3 Extensions */ 139 140 SEC_OID_X500_RSA_ENCRYPTION = 97, 141 142 /* alg 1485 additions */ 143 SEC_OID_RFC1274_UID = 98, 144 SEC_OID_RFC1274_MAIL = 99, 145 146 /* PKCS 12 additions */ 147 SEC_OID_PKCS12 = 100, 148 SEC_OID_PKCS12_MODE_IDS = 101, 149 SEC_OID_PKCS12_ESPVK_IDS = 102, 150 SEC_OID_PKCS12_BAG_IDS = 103, 151 SEC_OID_PKCS12_CERT_BAG_IDS = 104, 152 SEC_OID_PKCS12_OIDS = 105, 153 SEC_OID_PKCS12_PBE_IDS = 106, 154 SEC_OID_PKCS12_SIGNATURE_IDS = 107, 155 SEC_OID_PKCS12_ENVELOPING_IDS = 108, 156 /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE, 157 SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */ 158 SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109, 159 SEC_OID_PKCS12_KEY_BAG_ID = 110, 160 SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111, 161 SEC_OID_PKCS12_SECRET_BAG_ID = 112, 162 SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113, 163 SEC_OID_PKCS12_SDSI_CERT_BAG = 114, 164 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115, 165 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116, 166 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117, 167 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118, 168 SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119, 169 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120, 170 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121, 171 SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122, 172 SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123, 173 /* end of PKCS 12 additions */ 174 175 /* DSA signatures */ 176 SEC_OID_ANSIX9_DSA_SIGNATURE = 124, 177 SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125, 178 SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126, 179 180 /* Verisign OIDs */ 181 SEC_OID_VERISIGN_USER_NOTICES = 127, 182 183 /* PKIX OIDs */ 184 SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128, 185 SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129, 186 SEC_OID_PKIX_OCSP = 130, 187 SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131, 188 SEC_OID_PKIX_OCSP_NONCE = 132, 189 SEC_OID_PKIX_OCSP_CRL = 133, 190 SEC_OID_PKIX_OCSP_RESPONSE = 134, 191 SEC_OID_PKIX_OCSP_NO_CHECK = 135, 192 SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136, 193 SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137, 194 SEC_OID_PKIX_REGCTRL_REGTOKEN = 138, 195 SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139, 196 SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140, 197 SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141, 198 SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142, 199 SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143, 200 SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144, 201 SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145, 202 SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146, 203 SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147, 204 SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148, 205 SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149, 206 SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150, 207 SEC_OID_OCSP_RESPONDER = 151, 208 209 /* Netscape Algorithm OIDs */ 210 SEC_OID_NETSCAPE_SMIME_KEA = 152, 211 212 /* Skipjack OID -- ### mwelch temporary */ 213 SEC_OID_FORTEZZA_SKIPJACK = 153, 214 215 /* PKCS 12 V2 oids */ 216 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154, 217 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155, 218 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156, 219 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157, 220 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158, 221 SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159, 222 SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160, 223 SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161, 224 225 SEC_OID_PKCS12_V1_KEY_BAG_ID = 162, 226 SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163, 227 SEC_OID_PKCS12_V1_CERT_BAG_ID = 164, 228 SEC_OID_PKCS12_V1_CRL_BAG_ID = 165, 229 SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166, 230 SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167, 231 SEC_OID_PKCS9_X509_CERT = 168, 232 SEC_OID_PKCS9_SDSI_CERT = 169, 233 SEC_OID_PKCS9_X509_CRL = 170, 234 SEC_OID_PKCS9_FRIENDLY_NAME = 171, 235 SEC_OID_PKCS9_LOCAL_KEY_ID = 172, 236 SEC_OID_BOGUS_KEY_USAGE = 173, 237 238 /*Diffe Helman OIDS */ 239 SEC_OID_X942_DIFFIE_HELMAN_KEY = 174, 240 241 /* Netscape other name types */ 242 /* SEC_OID_NETSCAPE_NICKNAME is an otherName field of type IA5String 243 * in the subjectAltName certificate extension. NSS dropped support 244 * for SEC_OID_NETSCAPE_NICKNAME in NSS 3.13. */ 245 SEC_OID_NETSCAPE_NICKNAME = 175, 246 247 /* Cert Server OIDS */ 248 SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176, 249 250 /* New PSM certificate management OIDs */ 251 SEC_OID_CERT_RENEWAL_LOCATOR = 177, 252 SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178, 253 254 /* CMS (RFC2630) OIDs */ 255 SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179, 256 SEC_OID_CMS_3DES_KEY_WRAP = 180, 257 SEC_OID_CMS_RC2_KEY_WRAP = 181, 258 259 /* SMIME attributes */ 260 SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182, 261 262 /* AES OIDs */ 263 SEC_OID_AES_128_ECB = 183, 264 SEC_OID_AES_128_CBC = 184, 265 SEC_OID_AES_192_ECB = 185, 266 SEC_OID_AES_192_CBC = 186, 267 SEC_OID_AES_256_ECB = 187, 268 SEC_OID_AES_256_CBC = 188, 269 270 SEC_OID_SDN702_DSA_SIGNATURE = 189, 271 272 SEC_OID_MS_SMIME_ENCRYPTION_KEY_PREFERENCE = 190, 273 274 SEC_OID_SHA256 = 191, 275 SEC_OID_SHA384 = 192, 276 SEC_OID_SHA512 = 193, 277 278 SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION = 194, 279 SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION = 195, 280 SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION = 196, 281 282 SEC_OID_AES_128_KEY_WRAP = 197, 283 SEC_OID_AES_192_KEY_WRAP = 198, 284 SEC_OID_AES_256_KEY_WRAP = 199, 285 286 /* Elliptic Curve Cryptography (ECC) OIDs */ 287 SEC_OID_ANSIX962_EC_PUBLIC_KEY = 200, 288 SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE = 201, 289 290 #define SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST \ 291 SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE 292 293 /* ANSI X9.62 named elliptic curves (prime field) */ 294 SEC_OID_ANSIX962_EC_PRIME192V1 = 202, 295 SEC_OID_ANSIX962_EC_PRIME192V2 = 203, 296 SEC_OID_ANSIX962_EC_PRIME192V3 = 204, 297 SEC_OID_ANSIX962_EC_PRIME239V1 = 205, 298 SEC_OID_ANSIX962_EC_PRIME239V2 = 206, 299 SEC_OID_ANSIX962_EC_PRIME239V3 = 207, 300 SEC_OID_ANSIX962_EC_PRIME256V1 = 208, 301 302 /* SECG named elliptic curves (prime field) */ 303 SEC_OID_SECG_EC_SECP112R1 = 209, 304 SEC_OID_SECG_EC_SECP112R2 = 210, 305 SEC_OID_SECG_EC_SECP128R1 = 211, 306 SEC_OID_SECG_EC_SECP128R2 = 212, 307 SEC_OID_SECG_EC_SECP160K1 = 213, 308 SEC_OID_SECG_EC_SECP160R1 = 214, 309 SEC_OID_SECG_EC_SECP160R2 = 215, 310 SEC_OID_SECG_EC_SECP192K1 = 216, 311 /* SEC_OID_SECG_EC_SECP192R1 is SEC_OID_ANSIX962_EC_PRIME192V1 */ 312 SEC_OID_SECG_EC_SECP224K1 = 217, 313 SEC_OID_SECG_EC_SECP224R1 = 218, 314 SEC_OID_SECG_EC_SECP256K1 = 219, 315 /* SEC_OID_SECG_EC_SECP256R1 is SEC_OID_ANSIX962_EC_PRIME256V1 */ 316 SEC_OID_SECG_EC_SECP384R1 = 220, 317 SEC_OID_SECG_EC_SECP521R1 = 221, 318 319 /* ANSI X9.62 named elliptic curves (characteristic two field) */ 320 SEC_OID_ANSIX962_EC_C2PNB163V1 = 222, 321 SEC_OID_ANSIX962_EC_C2PNB163V2 = 223, 322 SEC_OID_ANSIX962_EC_C2PNB163V3 = 224, 323 SEC_OID_ANSIX962_EC_C2PNB176V1 = 225, 324 SEC_OID_ANSIX962_EC_C2TNB191V1 = 226, 325 SEC_OID_ANSIX962_EC_C2TNB191V2 = 227, 326 SEC_OID_ANSIX962_EC_C2TNB191V3 = 228, 327 SEC_OID_ANSIX962_EC_C2ONB191V4 = 229, 328 SEC_OID_ANSIX962_EC_C2ONB191V5 = 230, 329 SEC_OID_ANSIX962_EC_C2PNB208W1 = 231, 330 SEC_OID_ANSIX962_EC_C2TNB239V1 = 232, 331 SEC_OID_ANSIX962_EC_C2TNB239V2 = 233, 332 SEC_OID_ANSIX962_EC_C2TNB239V3 = 234, 333 SEC_OID_ANSIX962_EC_C2ONB239V4 = 235, 334 SEC_OID_ANSIX962_EC_C2ONB239V5 = 236, 335 SEC_OID_ANSIX962_EC_C2PNB272W1 = 237, 336 SEC_OID_ANSIX962_EC_C2PNB304W1 = 238, 337 SEC_OID_ANSIX962_EC_C2TNB359V1 = 239, 338 SEC_OID_ANSIX962_EC_C2PNB368W1 = 240, 339 SEC_OID_ANSIX962_EC_C2TNB431R1 = 241, 340 341 /* SECG named elliptic curves (characteristic two field) */ 342 SEC_OID_SECG_EC_SECT113R1 = 242, 343 SEC_OID_SECG_EC_SECT113R2 = 243, 344 SEC_OID_SECG_EC_SECT131R1 = 244, 345 SEC_OID_SECG_EC_SECT131R2 = 245, 346 SEC_OID_SECG_EC_SECT163K1 = 246, 347 SEC_OID_SECG_EC_SECT163R1 = 247, 348 SEC_OID_SECG_EC_SECT163R2 = 248, 349 SEC_OID_SECG_EC_SECT193R1 = 249, 350 SEC_OID_SECG_EC_SECT193R2 = 250, 351 SEC_OID_SECG_EC_SECT233K1 = 251, 352 SEC_OID_SECG_EC_SECT233R1 = 252, 353 SEC_OID_SECG_EC_SECT239K1 = 253, 354 SEC_OID_SECG_EC_SECT283K1 = 254, 355 SEC_OID_SECG_EC_SECT283R1 = 255, 356 SEC_OID_SECG_EC_SECT409K1 = 256, 357 SEC_OID_SECG_EC_SECT409R1 = 257, 358 SEC_OID_SECG_EC_SECT571K1 = 258, 359 SEC_OID_SECG_EC_SECT571R1 = 259, 360 361 SEC_OID_NETSCAPE_AOLSCREENNAME = 260, 362 363 SEC_OID_AVA_SURNAME = 261, 364 SEC_OID_AVA_SERIAL_NUMBER = 262, 365 SEC_OID_AVA_STREET_ADDRESS = 263, 366 SEC_OID_AVA_TITLE = 264, 367 SEC_OID_AVA_POSTAL_ADDRESS = 265, 368 SEC_OID_AVA_POSTAL_CODE = 266, 369 SEC_OID_AVA_POST_OFFICE_BOX = 267, 370 SEC_OID_AVA_GIVEN_NAME = 268, 371 SEC_OID_AVA_INITIALS = 269, 372 SEC_OID_AVA_GENERATION_QUALIFIER = 270, 373 SEC_OID_AVA_HOUSE_IDENTIFIER = 271, 374 SEC_OID_AVA_PSEUDONYM = 272, 375 376 /* More OIDs */ 377 SEC_OID_PKIX_CA_ISSUERS = 273, 378 SEC_OID_PKCS9_EXTENSION_REQUEST = 274, 379 380 /* new EC Signature oids */ 381 SEC_OID_ANSIX962_ECDSA_SIGNATURE_RECOMMENDED_DIGEST = 275, 382 SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST = 276, 383 SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE = 277, 384 SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE = 278, 385 SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE = 279, 386 SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE = 280, 387 388 /* More id-ce and id-pe OIDs from RFC 3280 */ 389 SEC_OID_X509_HOLD_INSTRUCTION_CODE = 281, 390 SEC_OID_X509_DELTA_CRL_INDICATOR = 282, 391 SEC_OID_X509_ISSUING_DISTRIBUTION_POINT = 283, 392 SEC_OID_X509_CERT_ISSUER = 284, 393 SEC_OID_X509_FRESHEST_CRL = 285, 394 SEC_OID_X509_INHIBIT_ANY_POLICY = 286, 395 SEC_OID_X509_SUBJECT_INFO_ACCESS = 287, 396 397 /* Camellia OIDs (RFC3657)*/ 398 SEC_OID_CAMELLIA_128_CBC = 288, 399 SEC_OID_CAMELLIA_192_CBC = 289, 400 SEC_OID_CAMELLIA_256_CBC = 290, 401 402 /* PKCS 5 V2 OIDS */ 403 SEC_OID_PKCS5_PBKDF2 = 291, 404 SEC_OID_PKCS5_PBES2 = 292, 405 SEC_OID_PKCS5_PBMAC1 = 293, 406 SEC_OID_HMAC_SHA1 = 294, 407 SEC_OID_HMAC_SHA224 = 295, 408 SEC_OID_HMAC_SHA256 = 296, 409 SEC_OID_HMAC_SHA384 = 297, 410 SEC_OID_HMAC_SHA512 = 298, 411 412 SEC_OID_PKIX_TIMESTAMPING = 299, 413 SEC_OID_PKIX_CA_REPOSITORY = 300, 414 415 SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE = 301, 416 417 SEC_OID_SEED_CBC = 302, 418 419 SEC_OID_X509_ANY_POLICY = 303, 420 421 SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION = 304, 422 SEC_OID_PKCS1_MGF1 = 305, 423 SEC_OID_PKCS1_PSPECIFIED = 306, 424 SEC_OID_PKCS1_RSA_PSS_SIGNATURE = 307, 425 SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION = 308, 426 427 SEC_OID_SHA224 = 309, 428 429 SEC_OID_EV_INCORPORATION_LOCALITY = 310, 430 SEC_OID_EV_INCORPORATION_STATE = 311, 431 SEC_OID_EV_INCORPORATION_COUNTRY = 312, 432 SEC_OID_BUSINESS_CATEGORY = 313, 433 434 SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST = 314, 435 SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST = 315, 436 437 /* Microsoft Trust List Signing 438 * szOID_KP_CTL_USAGE_SIGNING 439 * where KP stands for Key Purpose 440 */ 441 SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING = 316, 442 443 /* The 'name' attribute type in X.520 */ 444 SEC_OID_AVA_NAME = 317, 445 446 SEC_OID_AES_128_GCM = 318, 447 SEC_OID_AES_192_GCM = 319, 448 SEC_OID_AES_256_GCM = 320, 449 SEC_OID_IDEA_CBC = 321, 450 451 /* pseudo - OIDs */ 452 453 SEC_OID_RC2_40_CBC = 322, 454 SEC_OID_DES_40_CBC = 323, 455 SEC_OID_RC4_40 = 324, 456 SEC_OID_RC4_56 = 325, 457 SEC_OID_NULL_CIPHER = 326, 458 459 SEC_OID_HMAC_MD5 = 327, 460 461 SEC_OID_TLS_RSA = 328, 462 SEC_OID_TLS_DHE_RSA = 329, 463 SEC_OID_TLS_DHE_DSS = 330, 464 SEC_OID_TLS_DH_RSA = 331, 465 SEC_OID_TLS_DH_DSS = 332, 466 SEC_OID_TLS_DH_ANON = 333, 467 SEC_OID_TLS_ECDHE_ECDSA = 334, 468 SEC_OID_TLS_ECDHE_RSA = 335, 469 SEC_OID_TLS_ECDH_ECDSA = 336, 470 SEC_OID_TLS_ECDH_RSA = 337, 471 SEC_OID_TLS_ECDH_ANON = 338, 472 SEC_OID_TLS_RSA_EXPORT = 339, 473 474 SEC_OID_TLS_DHE_RSA_EXPORT = 340, 475 SEC_OID_TLS_DHE_DSS_EXPORT = 341, 476 SEC_OID_TLS_DH_RSA_EXPORT = 342, 477 SEC_OID_TLS_DH_DSS_EXPORT = 343, 478 SEC_OID_TLS_DH_ANON_EXPORT = 344, 479 SEC_OID_APPLY_SSL_POLICY = 345, 480 481 SEC_OID_CHACHA20_POLY1305 = 346, 482 483 SEC_OID_TLS_ECDHE_PSK = 347, 484 SEC_OID_TLS_DHE_PSK = 348, 485 486 SEC_OID_TLS_FFDHE_2048 = 349, 487 SEC_OID_TLS_FFDHE_3072 = 350, 488 SEC_OID_TLS_FFDHE_4096 = 351, 489 SEC_OID_TLS_FFDHE_6144 = 352, 490 SEC_OID_TLS_FFDHE_8192 = 353, 491 SEC_OID_TLS_DHE_CUSTOM = 354, 492 493 SEC_OID_CURVE25519 = 355, 494 495 SEC_OID_TLS13_KEA_ANY = 356, 496 497 SEC_OID_X509_ANY_EXT_KEY_USAGE = 357, 498 SEC_OID_EXT_KEY_USAGE_IPSEC_IKE = 358, 499 SEC_OID_IPSEC_IKE_END = 359, 500 SEC_OID_IPSEC_IKE_INTERMEDIATE = 360, 501 SEC_OID_EXT_KEY_USAGE_IPSEC_END = 361, 502 SEC_OID_EXT_KEY_USAGE_IPSEC_TUNNEL = 362, 503 SEC_OID_EXT_KEY_USAGE_IPSEC_USER = 363, 504 505 SEC_OID_TOTAL 506 } SECOidTag; 507 508 #define SEC_OID_SECG_EC_SECP192R1 SEC_OID_ANSIX962_EC_PRIME192V1 509 #define SEC_OID_SECG_EC_SECP256R1 SEC_OID_ANSIX962_EC_PRIME256V1 510 #define SEC_OID_PKCS12_KEY_USAGE SEC_OID_X509_KEY_USAGE 511 512 /* fake OID for DSS sign/verify */ 513 #define SEC_OID_SHA SEC_OID_MISS_DSS 514 515 typedef enum { 516 INVALID_CERT_EXTENSION = 0, 517 UNSUPPORTED_CERT_EXTENSION = 1, 518 SUPPORTED_CERT_EXTENSION = 2 519 } SECSupportExtenTag; 520 521 struct SECOidDataStr { 522 SECItem oid; 523 SECOidTag offset; 524 const char* desc; 525 unsigned long mechanism; 526 SECSupportExtenTag supportedExtension; 527 /* only used for x.509 v3 extensions, so 528 that we can print the names of those 529 extensions that we don't even support */ 530 }; 531 532 /* New Opaque extended OID table API. 533 * These are algorithm policy Flags, used with functions 534 * NSS_SetAlgorithmPolicy & NSS_GetAlgorithmPolicy. 535 */ 536 #define NSS_USE_ALG_IN_CERT_SIGNATURE 0x00000001 /* CRLs and OCSP, too */ 537 #define NSS_USE_ALG_IN_CMS_SIGNATURE 0x00000002 /* used in S/MIME */ 538 #define NSS_USE_ALG_IN_SSL_KX 0x00000004 /* used in SSL key exchange */ 539 #define NSS_USE_ALG_IN_SSL 0x00000008 /* used in SSL record protocol */ 540 #define NSS_USE_POLICY_IN_SSL 0x00000010 /* enable policy in SSL protocol */ 541 #define NSS_USE_ALG_IN_ANY_SIGNATURE 0x00000020 /* used in any signature */ 542 #define NSS_USE_ALG_IN_PKCS12 0x00000040 /* used in pkcs12 */ 543 #define NSS_USE_DEFAULT_NOT_VALID 0x80000000 /* clear to make the default flag valid */ 544 #define NSS_USE_DEFAULT_SSL_ENABLE 0x40000000 /* default cipher suite setting 1=enable */ 545 546 /* Combo policy bites */ 547 #define NSS_USE_ALG_RESERVED 0x3fffffc0 /* may be used in future */ 548 /* Alias of all the signature values. */ 549 #define NSS_USE_ALG_IN_SIGNATURE (NSS_USE_ALG_IN_CERT_SIGNATURE | \ 550 NSS_USE_ALG_IN_CMS_SIGNATURE | \ 551 NSS_USE_ALG_IN_ANY_SIGNATURE) 552 /* all the bits needed for a certificate signature 553 * and only the bits needed for a certificate signature */ 554 #define NSS_USE_CERT_SIGNATURE_OK (NSS_USE_ALG_IN_CERT_SIGNATURE | \ 555 NSS_USE_ALG_IN_ANY_SIGNATURE) 556 /* all the bits needed for an SMIME signature 557 * and only the bits needed for an SMIME signature */ 558 #define NSS_USE_CMS_SIGNATURE_OK (NSS_USE_ALG_IN_CMS_SIGNATURE | \ 559 NSS_USE_ALG_IN_ANY_SIGNATURE) 560 561 /* Code MUST NOT SET or CLEAR reserved bits, and must NOT depend on them 562 * being all zeros or having any other known value. The reserved bits 563 * must be ignored. 564 */ 565 566 #endif /* _SECOIDT_H_ */ 567