diff options
author | Jack Lloyd <[email protected]> | 2016-10-22 00:51:13 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-11-03 11:56:50 -0400 |
commit | 62e55f484a7a03e2532875696eb2479a577878e9 (patch) | |
tree | 71c86436d9c3dd2059f7d0024f204e66e535b2b2 /src | |
parent | b1021ca76bb3c47b1b520421ccece38d772e5907 (diff) |
Remove ability to add OIDS at runtime. Remove global OID lock.
OID map is now generated from an input file on an as needed basis.
Just uses a sequence of ifs - simple, fast, and small code size.
Merges oid_lookup sub-module which was already required by asn1 anyway,
so completely non-optional.
Removes @neusdan's nice OID tests since without any runtime adds the
tests are moot.
Diffstat (limited to 'src')
-rw-r--r-- | src/build-data/oids.txt | 211 | ||||
-rw-r--r-- | src/lib/asn1/info.txt | 5 | ||||
-rw-r--r-- | src/lib/asn1/oid_lookup/default.cpp | 233 | ||||
-rw-r--r-- | src/lib/asn1/oid_lookup/info.txt | 5 | ||||
-rw-r--r-- | src/lib/asn1/oid_lookup/oids.cpp | 177 | ||||
-rw-r--r-- | src/lib/asn1/oids.cpp | 338 | ||||
-rw-r--r-- | src/lib/asn1/oids.h (renamed from src/lib/asn1/oid_lookup/oids.h) | 33 | ||||
-rw-r--r-- | src/lib/kdf/prf_x942/info.txt | 1 | ||||
-rw-r--r-- | src/lib/pubkey/ec_group/info.txt | 1 | ||||
-rw-r--r-- | src/lib/pubkey/info.txt | 1 | ||||
-rw-r--r-- | src/lib/pubkey/pbes2/info.txt | 1 | ||||
-rw-r--r-- | src/lib/x509/x509_ext.cpp | 3 | ||||
-rwxr-xr-x | src/scripts/oids.py | 162 | ||||
-rw-r--r-- | src/tests/test_oid.cpp | 115 | ||||
-rw-r--r-- | src/tests/unit_ecdsa.cpp | 3 |
15 files changed, 722 insertions, 567 deletions
diff --git a/src/build-data/oids.txt b/src/build-data/oids.txt new file mode 100644 index 000000000..edd264639 --- /dev/null +++ b/src/build-data/oids.txt @@ -0,0 +1,211 @@ +# Public key types +[pubkey] +1.2.840.113549.1.1.1 = RSA +2.5.8.1.1 = RSA +1.2.840.10040.4.1 = DSA +1.2.840.10046.2.1 = DH +1.3.6.1.4.1.3029.1.2.1 = ElGamal +1.3.6.1.4.1.25258.1.3 = McEliece +1.3.6.1.4.1.25258.1.4 = Curve25519 + +# X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5) +1.2.840.10045.2.1 = ECDSA +1.3.132.1.12 = ECDH + +# ecgPublicKey (see https://www.teletrust.de/projekte/oid/) +1.3.36.3.3.2.5.2.1 = ECGDSA + +# EC-KCDSA mechanism (Elliptic Curve KCDSA) +1.0.14888.3.0.5 = ECKCDSA + +1.2.643.2.2.19 = GOST-34.10 + +[cipher] +# Cipher modes +1.3.14.3.2.7 = DES/CBC +1.2.840.113549.3.7 = TripleDES/CBC +1.2.840.113549.3.2 = RC2/CBC +1.2.840.113533.7.66.10 = CAST-128/CBC +2.16.840.1.101.3.4.1.2 = AES-128/CBC +2.16.840.1.101.3.4.1.22 = AES-192/CBC +2.16.840.1.101.3.4.1.42 = AES-256/CBC +1.2.410.200004.1.4 = SEED/CBC +1.3.6.1.4.1.25258.3.1 = Serpent/CBC +1.3.6.1.4.1.25258.3.2 = Threefish-512/CBC +1.3.6.1.4.1.25258.3.3 = Twofish/CBC + +2.16.840.1.101.3.4.1.6 = AES-128/GCM +2.16.840.1.101.3.4.1.26 = AES-192/GCM +2.16.840.1.101.3.4.1.46 = AES-256/GCM + +1.3.6.1.4.1.25258.3.101 = Serpent/GCM +1.3.6.1.4.1.25258.3.102 = Twofish/GCM + +1.3.6.1.4.1.25258.3.2.1 = AES-128/OCB +1.3.6.1.4.1.25258.3.2.2 = AES-192/OCB +1.3.6.1.4.1.25258.3.2.3 = AES-256/OCB +1.3.6.1.4.1.25258.3.2.4 = Serpent/OCB +1.3.6.1.4.1.25258.3.2.5 = Twofish/OCB + +[hash] +# Hash functions +1.2.840.113549.2.5 = MD5 +1.3.6.1.4.1.11591.12.2 = Tiger(24,3) + +1.3.14.3.2.26 = SHA-160 +2.16.840.1.101.3.4.2.4 = SHA-224 +2.16.840.1.101.3.4.2.1 = SHA-256 +2.16.840.1.101.3.4.2.2 = SHA-384 +2.16.840.1.101.3.4.2.3 = SHA-512 +2.16.840.1.101.3.4.2.6 = SHA-512-256 + +[mac] +# MACs +1.2.840.113549.2.7 = HMAC(SHA-160) +1.2.840.113549.2.8 = HMAC(SHA-224) +1.2.840.113549.2.9 = HMAC(SHA-256) +1.2.840.113549.2.10 = HMAC(SHA-384) +1.2.840.113549.2.11 = HMAC(SHA-512) + +[keywrap] +# Keywrap algorithms +1.2.840.113549.1.9.16.3.6 = KeyWrap.TripleDES +1.2.840.113549.1.9.16.3.7 = KeyWrap.RC2 +1.2.840.113533.7.66.15 = KeyWrap.CAST-128 +2.16.840.1.101.3.4.1.5 = KeyWrap.AES-128 +2.16.840.1.101.3.4.1.25 = KeyWrap.AES-192 +2.16.840.1.101.3.4.1.45 = KeyWrap.AES-256 + +[compression] +1.2.840.113549.1.9.16.3.8 = Compression.Zlib + +# Signature algos +[signature] +1.2.840.113549.1.1.4 = RSA/EMSA3(MD5) +1.2.840.113549.1.1.5 = RSA/EMSA3(SHA-160) +1.2.840.113549.1.1.11 = RSA/EMSA3(SHA-256) +1.2.840.113549.1.1.12 = RSA/EMSA3(SHA-384) +1.2.840.113549.1.1.13 = RSA/EMSA3(SHA-512) +1.3.36.3.3.1.2 = RSA/EMSA3(RIPEMD-160) + +1.2.840.10040.4.3 = DSA/EMSA1(SHA-160) +2.16.840.1.101.3.4.3.1 = DSA/EMSA1(SHA-224) +2.16.840.1.101.3.4.3.2 = DSA/EMSA1(SHA-256) + +1.2.840.10045.4.1 = ECDSA/EMSA1(SHA-160) +1.2.840.10045.4.3.1 = ECDSA/EMSA1(SHA-224) +1.2.840.10045.4.3.2 = ECDSA/EMSA1(SHA-256) +1.2.840.10045.4.3.3 = ECDSA/EMSA1(SHA-384) +1.2.840.10045.4.3.4 = ECDSA/EMSA1(SHA-512) + +1.3.36.3.3.2.5.4.1 = ECGDSA/EMSA1(RIPEMD-160) +1.3.36.3.3.2.5.4.2 = ECGDSA/EMSA1(SHA-160) +1.3.36.3.3.2.5.4.3 = ECGDSA/EMSA1(SHA-224) +1.3.36.3.3.2.5.4.4 = ECGDSA/EMSA1(SHA-256) +1.3.36.3.3.2.5.4.5 = ECGDSA/EMSA1(SHA-384) +1.3.36.3.3.2.5.4.6 = ECGDSA/EMSA1(SHA-512) + +1.2.410.200004.1.100.4.3 = ECKCDSA/EMSA1(SHA-1) +1.2.410.200004.1.100.4.4 = ECKCDSA/EMSA1(SHA-224) +1.2.410.200004.1.100.4.5 = ECKCDSA/EMSA1(SHA-256) + +1.2.643.2.2.3 = GOST-34.10/EMSA1(GOST-R-34.11-94) + +# DN +[dn] +2.5.4.3 = X520.CommonName +2.5.4.4 = X520.Surname +2.5.4.5 = X520.SerialNumber +2.5.4.6 = X520.Country +2.5.4.7 = X520.Locality +2.5.4.8 = X520.State +2.5.4.10 = X520.Organization +2.5.4.11 = X520.OrganizationalUnit +2.5.4.12 = X520.Title +2.5.4.42 = X520.GivenName +2.5.4.43 = X520.Initials +2.5.4.44 = X520.GenerationalQualifier +2.5.4.46 = X520.DNQualifier +2.5.4.65 = X520.Pseudonym + +[pbe] +1.2.840.113549.1.5.12 = PKCS5.PBKDF2 +1.2.840.113549.1.5.13 = PBE-PKCS5v20 + +[pkcs9] +1.2.840.113549.1.9.1 = PKCS9.EmailAddress +1.2.840.113549.1.9.2 = PKCS9.UnstructuredName +1.2.840.113549.1.9.3 = PKCS9.ContentType +1.2.840.113549.1.9.4 = PKCS9.MessageDigest +1.2.840.113549.1.9.7 = PKCS9.ChallengePassword +1.2.840.113549.1.9.14 = PKCS9.ExtensionRequest + +[pkix] +2.5.29.14 = X509v3.SubjectKeyIdentifier +2.5.29.15 = X509v3.KeyUsage +2.5.29.17 = X509v3.SubjectAlternativeName +2.5.29.18 = X509v3.IssuerAlternativeName +2.5.29.19 = X509v3.BasicConstraints +2.5.29.20 = X509v3.CRLNumber +2.5.29.21 = X509v3.ReasonCode +2.5.29.23 = X509v3.HoldInstructionCode +2.5.29.24 = X509v3.InvalidityDate +2.5.29.30 = X509v3.NameConstraints +2.5.29.31 = X509v3.CRLDistributionPoints +2.5.29.32 = X509v3.CertificatePolicies +2.5.29.35 = X509v3.AuthorityKeyIdentifier +2.5.29.36 = X509v3.PolicyConstraints +2.5.29.37 = X509v3.ExtendedKeyUsage +1.3.6.1.5.5.7.1.1 = PKIX.AuthorityInformationAccess + +2.5.29.32.0 = X509v3.AnyPolicy + +1.3.6.1.5.5.7.3.1 = PKIX.ServerAuth +1.3.6.1.5.5.7.3.2 = PKIX.ClientAuth +1.3.6.1.5.5.7.3.3 = PKIX.CodeSigning +1.3.6.1.5.5.7.3.4 = PKIX.EmailProtection +1.3.6.1.5.5.7.3.5 = PKIX.IPsecEndSystem +1.3.6.1.5.5.7.3.6 = PKIX.IPsecTunnel +1.3.6.1.5.5.7.3.7 = PKIX.IPsecUser +1.3.6.1.5.5.7.3.8 = PKIX.TimeStamping +1.3.6.1.5.5.7.3.9 = PKIX.OCSPSigning + +1.3.6.1.5.5.7.8.5 = PKIX.XMPPAddr + +1.3.6.1.5.5.7.48.1 = PKIX.OCSP +1.3.6.1.5.5.7.48.1.1 = PKIX.OCSP.BasicResponse + +1.3.6.1.4.1.311.20.2.2 = Microsoft SmartcardLogon + +# ECC param sets +[ecc_param] +1.3.132.0.8 = secp160r1 +1.3.132.0.9 = secp160k1 +1.3.132.0.10 = secp256k1 +1.3.132.0.30 = secp160r2 +1.3.132.0.31 = secp192k1 +1.3.132.0.32 = secp224k1 +1.3.132.0.33 = secp224r1 +1.3.132.0.34 = secp384r1 +1.3.132.0.35 = secp521r1 +1.3.6.1.4.1.8301.3.1.2.9.0.38 = secp521r1 + +1.2.840.10045.3.1.1 = secp192r1 +1.2.840.10045.3.1.2 = x962_p192v2 +1.2.840.10045.3.1.3 = x962_p192v3 +1.2.840.10045.3.1.4 = x962_p239v1 +1.2.840.10045.3.1.5 = x962_p239v2 +1.2.840.10045.3.1.6 = x962_p239v3 +1.2.840.10045.3.1.7 = secp256r1 + +1.3.36.3.3.2.8.1.1.1 = brainpool160r1 +1.3.36.3.3.2.8.1.1.3 = brainpool192r1 +1.3.36.3.3.2.8.1.1.5 = brainpool224r1 +1.3.36.3.3.2.8.1.1.7 = brainpool256r1 +1.3.36.3.3.2.8.1.1.9 = brainpool320r1 +1.3.36.3.3.2.8.1.1.11 = brainpool384r1 +1.3.36.3.3.2.8.1.1.13 = brainpool512r1 + +1.2.643.2.2.35.1 = gost_256A +1.2.643.2.2.36.0 = gost_256A +1.2.250.1.223.101.256.1 = frp256v1 diff --git a/src/lib/asn1/info.txt b/src/lib/asn1/info.txt index a067168e4..c2782282d 100644 --- a/src/lib/asn1/info.txt +++ b/src/lib/asn1/info.txt @@ -1,8 +1,5 @@ -define ASN1 20131128 - -load_on auto +define ASN1 20161102 <requires> bigint -oid_lookup </requires> diff --git a/src/lib/asn1/oid_lookup/default.cpp b/src/lib/asn1/oid_lookup/default.cpp deleted file mode 100644 index 6527b3b25..000000000 --- a/src/lib/asn1/oid_lookup/default.cpp +++ /dev/null @@ -1,233 +0,0 @@ -/* -* OID Registry -* (C) 1999-2010,2013,2014 Jack Lloyd -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#include <botan/oids.h> - -namespace Botan { - -namespace OIDS { - -const char* default_oid_list() - { - return - - // Public key types - "1.2.840.113549.1.1.1 = RSA" "\n" - "2.5.8.1.1 = RSA" "\n" - "1.2.840.10040.4.1 = DSA" "\n" - "1.2.840.10046.2.1 = DH" "\n" - "1.3.6.1.4.1.3029.1.2.1 = ElGamal" "\n" - "1.3.6.1.4.1.25258.1.3 = McEliece" "\n" - "1.3.6.1.4.1.25258.1.4 = Curve25519" "\n" - - // X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5) - "1.2.840.10045.2.1 = ECDSA" "\n" - "1.3.132.1.12 = ECDH" "\n" - - // ecgPublicKey (see https://www.teletrust.de/projekte/oid/) - "1.3.36.3.3.2.5.2.1 = ECGDSA" "\n" - - // EC-KCDSA mechanism (Elliptic Curve KCDSA) - "1.0.14888.3.0.5 = ECKCDSA" "\n" - - "1.2.643.2.2.19 = GOST-34.10" "\n" - - // Block ciphers - "1.3.14.3.2.7 = DES/CBC" "\n" - "1.2.840.113549.3.7 = TripleDES/CBC" "\n" - "1.2.840.113549.3.2 = RC2/CBC" "\n" - "1.2.840.113533.7.66.10 = CAST-128/CBC" "\n" - "2.16.840.1.101.3.4.1.2 = AES-128/CBC" "\n" - "2.16.840.1.101.3.4.1.22 = AES-192/CBC" "\n" - "2.16.840.1.101.3.4.1.42 = AES-256/CBC" "\n" - "1.2.410.200004.1.4 = SEED/CBC" "\n" - "1.3.6.1.4.1.25258.3.1 = Serpent/CBC" "\n" - "1.3.6.1.4.1.25258.3.2 = Threefish-512/CBC" "\n" - "1.3.6.1.4.1.25258.3.3 = Twofish/CBC" "\n" - - "2.16.840.1.101.3.4.1.6 = AES-128/GCM" "\n" - "2.16.840.1.101.3.4.1.26 = AES-192/GCM" "\n" - "2.16.840.1.101.3.4.1.46 = AES-256/GCM" "\n" - - "1.3.6.1.4.1.25258.3.101 = Serpent/GCM" "\n" - "1.3.6.1.4.1.25258.3.102 = Twofish/GCM" "\n" - - "1.3.6.1.4.1.25258.3.2.1 = AES-128/OCB" "\n" - "1.3.6.1.4.1.25258.3.2.2 = AES-192/OCB" "\n" - "1.3.6.1.4.1.25258.3.2.3 = AES-256/OCB" "\n" - "1.3.6.1.4.1.25258.3.2.4 = Serpent/OCB" "\n" - "1.3.6.1.4.1.25258.3.2.5 = Twofish/OCB" "\n" - - // Hashes - "1.2.840.113549.2.5 = MD5" "\n" - "1.3.6.1.4.1.11591.12.2 = Tiger(24,3)" "\n" - - "1.3.14.3.2.26 = SHA-160" "\n" - "2.16.840.1.101.3.4.2.4 = SHA-224" "\n" - "2.16.840.1.101.3.4.2.1 = SHA-256" "\n" - "2.16.840.1.101.3.4.2.2 = SHA-384" "\n" - "2.16.840.1.101.3.4.2.3 = SHA-512" "\n" - "2.16.840.1.101.3.4.2.6 = SHA-512-256" "\n" - - // MACs - "1.2.840.113549.2.7 = HMAC(SHA-160)" "\n" - "1.2.840.113549.2.8 = HMAC(SHA-224)" "\n" - "1.2.840.113549.2.9 = HMAC(SHA-256)" "\n" - "1.2.840.113549.2.10 = HMAC(SHA-384)" "\n" - "1.2.840.113549.2.11 = HMAC(SHA-512)" "\n" - - // Keywrap - "1.2.840.113549.1.9.16.3.6 = KeyWrap.TripleDES" "\n" - "1.2.840.113549.1.9.16.3.7 = KeyWrap.RC2" "\n" - "1.2.840.113533.7.66.15 = KeyWrap.CAST-128" "\n" - "2.16.840.1.101.3.4.1.5 = KeyWrap.AES-128" "\n" - "2.16.840.1.101.3.4.1.25 = KeyWrap.AES-192" "\n" - "2.16.840.1.101.3.4.1.45 = KeyWrap.AES-256" "\n" - - "1.2.840.113549.1.9.16.3.8 = Compression.Zlib" "\n" - - "1.2.840.113549.1.1.1 = RSA/EME-PKCS1-v1_5" "\n" - "1.2.840.113549.1.1.4 = RSA/EMSA3(MD5)" "\n" - "1.2.840.113549.1.1.5 = RSA/EMSA3(SHA-160)" "\n" - "1.2.840.113549.1.1.11 = RSA/EMSA3(SHA-256)" "\n" - "1.2.840.113549.1.1.12 = RSA/EMSA3(SHA-384)" "\n" - "1.2.840.113549.1.1.13 = RSA/EMSA3(SHA-512)" "\n" - "1.3.36.3.3.1.2 = RSA/EMSA3(RIPEMD-160)" "\n" - - "1.2.840.10040.4.3 = DSA/EMSA1(SHA-160)" "\n" - "2.16.840.1.101.3.4.3.1 = DSA/EMSA1(SHA-224)" "\n" - "2.16.840.1.101.3.4.3.2 = DSA/EMSA1(SHA-256)" "\n" - - "1.2.840.10045.4.1 = ECDSA/EMSA1(SHA-160)" "\n" - "1.2.840.10045.4.3.1 = ECDSA/EMSA1(SHA-224)" "\n" - "1.2.840.10045.4.3.2 = ECDSA/EMSA1(SHA-256)" "\n" - "1.2.840.10045.4.3.3 = ECDSA/EMSA1(SHA-384)" "\n" - "1.2.840.10045.4.3.4 = ECDSA/EMSA1(SHA-512)" "\n" - - "1.3.36.3.3.2.5.4.1 = ECGDSA/EMSA1(RIPEMD-160)" "\n" - "1.3.36.3.3.2.5.4.2 = ECGDSA/EMSA1(SHA-160)" "\n" - "1.3.36.3.3.2.5.4.3 = ECGDSA/EMSA1(SHA-224)" "\n" - "1.3.36.3.3.2.5.4.4 = ECGDSA/EMSA1(SHA-256)" "\n" - "1.3.36.3.3.2.5.4.5 = ECGDSA/EMSA1(SHA-384)" "\n" - "1.3.36.3.3.2.5.4.6 = ECGDSA/EMSA1(SHA-512)" "\n" - - "1.2.410.200004.1.100.4.3 = ECKCDSA/EMSA1(SHA-1)" "\n" - "1.2.410.200004.1.100.4.4 = ECKCDSA/EMSA1(SHA-224)" "\n" - "1.2.410.200004.1.100.4.5 = ECKCDSA/EMSA1(SHA-256)" "\n" - - "1.2.643.2.2.3 = GOST-34.10/EMSA1(GOST-R-34.11-94)" "\n" - - "2.5.4.3 = X520.CommonName" "\n" - "2.5.4.4 = X520.Surname" "\n" - "2.5.4.5 = X520.SerialNumber" "\n" - "2.5.4.6 = X520.Country" "\n" - "2.5.4.7 = X520.Locality" "\n" - "2.5.4.8 = X520.State" "\n" - "2.5.4.10 = X520.Organization" "\n" - "2.5.4.11 = X520.OrganizationalUnit" "\n" - "2.5.4.12 = X520.Title" "\n" - "2.5.4.42 = X520.GivenName" "\n" - "2.5.4.43 = X520.Initials" "\n" - "2.5.4.44 = X520.GenerationalQualifier" "\n" - "2.5.4.46 = X520.DNQualifier" "\n" - "2.5.4.65 = X520.Pseudonym" "\n" - - "1.2.840.113549.1.5.12 = PKCS5.PBKDF2" "\n" - "1.2.840.113549.1.5.13 = PBE-PKCS5v20" "\n" - - "1.2.840.113549.1.9.1 = PKCS9.EmailAddress" "\n" - "1.2.840.113549.1.9.2 = PKCS9.UnstructuredName" "\n" - "1.2.840.113549.1.9.3 = PKCS9.ContentType" "\n" - "1.2.840.113549.1.9.4 = PKCS9.MessageDigest" "\n" - "1.2.840.113549.1.9.7 = PKCS9.ChallengePassword" "\n" - "1.2.840.113549.1.9.14 = PKCS9.ExtensionRequest" "\n" - - "1.2.840.113549.1.7.1 = CMS.DataContent" "\n" - "1.2.840.113549.1.7.2 = CMS.SignedData" "\n" - "1.2.840.113549.1.7.3 = CMS.EnvelopedData" "\n" - "1.2.840.113549.1.7.5 = CMS.DigestedData" "\n" - "1.2.840.113549.1.7.6 = CMS.EncryptedData" "\n" - "1.2.840.113549.1.9.16.1.2 = CMS.AuthenticatedData" "\n" - "1.2.840.113549.1.9.16.1.9 = CMS.CompressedData" "\n" - - "2.5.29.14 = X509v3.SubjectKeyIdentifier" "\n" - "2.5.29.15 = X509v3.KeyUsage" "\n" - "2.5.29.17 = X509v3.SubjectAlternativeName" "\n" - "2.5.29.18 = X509v3.IssuerAlternativeName" "\n" - "2.5.29.19 = X509v3.BasicConstraints" "\n" - "2.5.29.20 = X509v3.CRLNumber" "\n" - "2.5.29.21 = X509v3.ReasonCode" "\n" - "2.5.29.23 = X509v3.HoldInstructionCode" "\n" - "2.5.29.24 = X509v3.InvalidityDate" "\n" - "2.5.29.30 = X509v3.NameConstraints" "\n" - "2.5.29.31 = X509v3.CRLDistributionPoints" "\n" - "2.5.29.32 = X509v3.CertificatePolicies" "\n" - "2.5.29.35 = X509v3.AuthorityKeyIdentifier" "\n" - "2.5.29.36 = X509v3.PolicyConstraints" "\n" - "2.5.29.37 = X509v3.ExtendedKeyUsage" "\n" - "1.3.6.1.5.5.7.1.1 = PKIX.AuthorityInformationAccess" "\n" - - "2.5.29.32.0 = X509v3.AnyPolicy" "\n" - - "1.3.6.1.5.5.7.3.1 = PKIX.ServerAuth" "\n" - "1.3.6.1.5.5.7.3.2 = PKIX.ClientAuth" "\n" - "1.3.6.1.5.5.7.3.3 = PKIX.CodeSigning" "\n" - "1.3.6.1.5.5.7.3.4 = PKIX.EmailProtection" "\n" - "1.3.6.1.5.5.7.3.5 = PKIX.IPsecEndSystem" "\n" - "1.3.6.1.5.5.7.3.6 = PKIX.IPsecTunnel" "\n" - "1.3.6.1.5.5.7.3.7 = PKIX.IPsecUser" "\n" - "1.3.6.1.5.5.7.3.8 = PKIX.TimeStamping" "\n" - "1.3.6.1.5.5.7.3.9 = PKIX.OCSPSigning" "\n" - - "1.3.6.1.5.5.7.8.5 = PKIX.XMPPAddr" "\n" - - "1.3.6.1.5.5.7.48.1 = PKIX.OCSP" "\n" - "1.3.6.1.5.5.7.48.1.1 = PKIX.OCSP.BasicResponse" "\n" - - "1.3.6.1.4.1.311.20.2.2 = Microsoft SmartcardLogon" "\n" - - // ECC param sets - "1.3.132.0.8 = secp160r1" "\n" - "1.3.132.0.9 = secp160k1" "\n" - "1.3.132.0.10 = secp256k1" "\n" - "1.3.132.0.30 = secp160r2" "\n" - "1.3.132.0.31 = secp192k1" "\n" - "1.3.132.0.32 = secp224k1" "\n" - "1.3.132.0.33 = secp224r1" "\n" - "1.3.132.0.34 = secp384r1" "\n" - "1.3.132.0.35 = secp521r1" "\n" - - "1.2.840.10045.3.1.1 = secp192r1" "\n" - "1.2.840.10045.3.1.2 = x962_p192v2" "\n" - "1.2.840.10045.3.1.3 = x962_p192v3" "\n" - "1.2.840.10045.3.1.4 = x962_p239v1" "\n" - "1.2.840.10045.3.1.5 = x962_p239v2" "\n" - "1.2.840.10045.3.1.6 = x962_p239v3" "\n" - "1.2.840.10045.3.1.7 = secp256r1" "\n" - - "1.3.36.3.3.2.8.1.1.1 = brainpool160r1" "\n" - "1.3.36.3.3.2.8.1.1.3 = brainpool192r1" "\n" - "1.3.36.3.3.2.8.1.1.5 = brainpool224r1" "\n" - "1.3.36.3.3.2.8.1.1.7 = brainpool256r1" "\n" - "1.3.36.3.3.2.8.1.1.9 = brainpool320r1" "\n" - "1.3.36.3.3.2.8.1.1.11 = brainpool384r1" "\n" - "1.3.36.3.3.2.8.1.1.13 = brainpool512r1" "\n" - - "1.3.6.1.4.1.8301.3.1.2.9.0.38 = secp521r1" "\n" - - "1.2.643.2.2.35.1 = gost_256A" "\n" - "1.2.643.2.2.36.0 = gost_256A" "\n" - - "0.4.0.127.0.7.3.1.2.1 = CertificateHolderAuthorizationTemplate" "\n" - - "1.2.250.1.223.101.256.1 = frp256v1" "\n" - ; - } - -} - -} diff --git a/src/lib/asn1/oid_lookup/info.txt b/src/lib/asn1/oid_lookup/info.txt deleted file mode 100644 index 57b51e7d8..000000000 --- a/src/lib/asn1/oid_lookup/info.txt +++ /dev/null @@ -1,5 +0,0 @@ -define OID_LOOKUP 20131128 - -<requires> -asn1 -</requires> diff --git a/src/lib/asn1/oid_lookup/oids.cpp b/src/lib/asn1/oid_lookup/oids.cpp deleted file mode 100644 index 8ee10b75a..000000000 --- a/src/lib/asn1/oid_lookup/oids.cpp +++ /dev/null @@ -1,177 +0,0 @@ -/* -* OID Registry -* (C) 1999-2008,2013 Jack Lloyd -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#include <botan/oids.h> -#include <botan/parsing.h> -#include <botan/mutex.h> -#include <sstream> - -namespace Botan { - -namespace OIDS { - -namespace { - -class OID_Map - { - public: - void add_oid(const OID& oid, const std::string& str) - { - add_str2oid(oid, str); - add_oid2str(oid, str); - } - - void add_str2oid(const OID& oid, const std::string& str) - { - lock_guard_type<mutex_type> lock(m_mutex); - auto i = m_str2oid.find(str); - if(i == m_str2oid.end()) - m_str2oid.insert(std::make_pair(str, oid)); - } - - void add_oid2str(const OID& oid, const std::string& str) - { - lock_guard_type<mutex_type> lock(m_mutex); - auto i = m_oid2str.find(oid); - if(i == m_oid2str.end()) - m_oid2str.insert(std::make_pair(oid, str)); - } - - std::string lookup(const OID& oid) - { - lock_guard_type<mutex_type> lock(m_mutex); - - auto i = m_oid2str.find(oid); - if(i != m_oid2str.end()) - return i->second; - - return ""; - } - - OID lookup(const std::string& str) - { - lock_guard_type<mutex_type> lock(m_mutex); - - auto i = m_str2oid.find(str); - if(i != m_str2oid.end()) - return i->second; - - // Try to parse as plain OID - try - { - return OID(str); - } - catch(...) {} - - throw Lookup_Error("No object identifier found for " + str); - } - - bool have_oid(const std::string& str) - { - lock_guard_type<mutex_type> lock(m_mutex); - return m_str2oid.find(str) != m_str2oid.end(); - } - - static OID_Map& global_registry() - { - static OID_Map g_map; - return g_map; - } - - void read_cfg(std::istream& cfg, const std::string& source); - - private: - - OID_Map() - { - std::istringstream cfg(default_oid_list()); - read_cfg(cfg, "builtin"); - } - - mutex_type m_mutex; - std::map<std::string, OID> m_str2oid; - std::map<OID, std::string> m_oid2str; - }; - -void OID_Map::read_cfg(std::istream& cfg, const std::string& source) - { - lock_guard_type<mutex_type> lock(m_mutex); - - size_t line = 0; - - while(cfg.good()) - { - std::string s; - std::getline(cfg, s); - ++line; - - if(s.empty() || s[0] == '#') - continue; - - s = clean_ws(s.substr(0, s.find('#'))); - - if(s.empty()) - continue; - - auto eq = s.find("="); - - if(eq == std::string::npos || eq == 0 || eq == s.size() - 1) - throw Exception("Bad config line '" + s + "' in " + source + " line " + std::to_string(line)); - - const std::string oid = clean_ws(s.substr(0, eq)); - const std::string name = clean_ws(s.substr(eq + 1, std::string::npos)); - - m_str2oid.insert(std::make_pair(name, OID(oid))); - m_oid2str.insert(std::make_pair(OID(oid), name)); - } - } - -} - -void add_oid(const OID& oid, const std::string& name) - { - OID_Map::global_registry().add_oid(oid, name); - } - -void add_oidstr(const char* oidstr, const char* name) - { - add_oid(OID(oidstr), name); - } - -void add_oid2str(const OID& oid, const std::string& name) - { - OID_Map::global_registry().add_oid2str(oid, name); - } - -void add_str2oid(const OID& oid, const std::string& name) - { - OID_Map::global_registry().add_str2oid(oid, name); - } - -std::string lookup(const OID& oid) - { - return OID_Map::global_registry().lookup(oid); - } - -OID lookup(const std::string& name) - { - return OID_Map::global_registry().lookup(name); - } - -bool have_oid(const std::string& name) - { - return OID_Map::global_registry().have_oid(name); - } - -bool name_of(const OID& oid, const std::string& name) - { - return (oid == lookup(name)); - } - -} - -} diff --git a/src/lib/asn1/oids.cpp b/src/lib/asn1/oids.cpp new file mode 100644 index 000000000..a9651187c --- /dev/null +++ b/src/lib/asn1/oids.cpp @@ -0,0 +1,338 @@ +/* +* OID maps +* +* This file was automatically generated by ./src/scripts/oids.py on 2016-11-02 +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/oids.h> + +namespace Botan { + +namespace OIDS { + +std::string lookup(const OID& oid) + { + const std::string oid_str = oid.as_string(); + if(oid_str == "1.0.14888.3.0.5") return "ECKCDSA"; + if(oid_str == "1.2.250.1.223.101.256.1") return "frp256v1"; + if(oid_str == "1.2.410.200004.1.100.4.3") return "ECKCDSA/EMSA1(SHA-1)"; + if(oid_str == "1.2.410.200004.1.100.4.4") return "ECKCDSA/EMSA1(SHA-224)"; + if(oid_str == "1.2.410.200004.1.100.4.5") return "ECKCDSA/EMSA1(SHA-256)"; + if(oid_str == "1.2.410.200004.1.4") return "SEED/CBC"; + if(oid_str == "1.2.643.2.2.19") return "GOST-34.10"; + if(oid_str == "1.2.643.2.2.3") return "GOST-34.10/EMSA1(GOST-R-34.11-94)"; + if(oid_str == "1.2.643.2.2.35.1") return "gost_256A"; + if(oid_str == "1.2.643.2.2.36.0") return "gost_256A"; + if(oid_str == "1.2.840.10040.4.1") return "DSA"; + if(oid_str == "1.2.840.10040.4.3") return "DSA/EMSA1(SHA-160)"; + if(oid_str == "1.2.840.10045.2.1") return "ECDSA"; + if(oid_str == "1.2.840.10045.3.1.1") return "secp192r1"; + if(oid_str == "1.2.840.10045.3.1.2") return "x962_p192v2"; + if(oid_str == "1.2.840.10045.3.1.3") return "x962_p192v3"; + if(oid_str == "1.2.840.10045.3.1.4") return "x962_p239v1"; + if(oid_str == "1.2.840.10045.3.1.5") return "x962_p239v2"; + if(oid_str == "1.2.840.10045.3.1.6") return "x962_p239v3"; + if(oid_str == "1.2.840.10045.3.1.7") return "secp256r1"; + if(oid_str == "1.2.840.10045.4.1") return "ECDSA/EMSA1(SHA-160)"; + if(oid_str == "1.2.840.10045.4.3.1") return "ECDSA/EMSA1(SHA-224)"; + if(oid_str == "1.2.840.10045.4.3.2") return "ECDSA/EMSA1(SHA-256)"; + if(oid_str == "1.2.840.10045.4.3.3") return "ECDSA/EMSA1(SHA-384)"; + if(oid_str == "1.2.840.10045.4.3.4") return "ECDSA/EMSA1(SHA-512)"; + if(oid_str == "1.2.840.10046.2.1") return "DH"; + if(oid_str == "1.2.840.113533.7.66.10") return "CAST-128/CBC"; + if(oid_str == "1.2.840.113533.7.66.15") return "KeyWrap.CAST-128"; + if(oid_str == "1.2.840.113549.1.1.1") return "RSA"; + if(oid_str == "1.2.840.113549.1.1.11") return "RSA/EMSA3(SHA-256)"; + if(oid_str == "1.2.840.113549.1.1.12") return "RSA/EMSA3(SHA-384)"; + if(oid_str == "1.2.840.113549.1.1.13") return "RSA/EMSA3(SHA-512)"; + if(oid_str == "1.2.840.113549.1.1.4") return "RSA/EMSA3(MD5)"; + if(oid_str == "1.2.840.113549.1.1.5") return "RSA/EMSA3(SHA-160)"; + if(oid_str == "1.2.840.113549.1.5.12") return "PKCS5.PBKDF2"; + if(oid_str == "1.2.840.113549.1.5.13") return "PBE-PKCS5v20"; + if(oid_str == "1.2.840.113549.1.9.1") return "PKCS9.EmailAddress"; + if(oid_str == "1.2.840.113549.1.9.14") return "PKCS9.ExtensionRequest"; + if(oid_str == "1.2.840.113549.1.9.16.3.6") return "KeyWrap.TripleDES"; + if(oid_str == "1.2.840.113549.1.9.16.3.7") return "KeyWrap.RC2"; + if(oid_str == "1.2.840.113549.1.9.16.3.8") return "Compression.Zlib"; + if(oid_str == "1.2.840.113549.1.9.2") return "PKCS9.UnstructuredName"; + if(oid_str == "1.2.840.113549.1.9.3") return "PKCS9.ContentType"; + if(oid_str == "1.2.840.113549.1.9.4") return "PKCS9.MessageDigest"; + if(oid_str == "1.2.840.113549.1.9.7") return "PKCS9.ChallengePassword"; + if(oid_str == "1.2.840.113549.2.10") return "HMAC(SHA-384)"; + if(oid_str == "1.2.840.113549.2.11") return "HMAC(SHA-512)"; + if(oid_str == "1.2.840.113549.2.5") return "MD5"; + if(oid_str == "1.2.840.113549.2.7") return "HMAC(SHA-160)"; + if(oid_str == "1.2.840.113549.2.8") return "HMAC(SHA-224)"; + if(oid_str == "1.2.840.113549.2.9") return "HMAC(SHA-256)"; + if(oid_str == "1.2.840.113549.3.2") return "RC2/CBC"; + if(oid_str == "1.2.840.113549.3.7") return "TripleDES/CBC"; + if(oid_str == "1.3.132.0.10") return "secp256k1"; + if(oid_str == "1.3.132.0.30") return "secp160r2"; + if(oid_str == "1.3.132.0.31") return "secp192k1"; + if(oid_str == "1.3.132.0.32") return "secp224k1"; + if(oid_str == "1.3.132.0.33") return "secp224r1"; + if(oid_str == "1.3.132.0.34") return "secp384r1"; + if(oid_str == "1.3.132.0.35") return "secp521r1"; + if(oid_str == "1.3.132.0.8") return "secp160r1"; + if(oid_str == "1.3.132.0.9") return "secp160k1"; + if(oid_str == "1.3.132.1.12") return "ECDH"; + if(oid_str == "1.3.14.3.2.26") return "SHA-160"; + if(oid_str == "1.3.14.3.2.7") return "DES/CBC"; + if(oid_str == "1.3.36.3.3.1.2") return "RSA/EMSA3(RIPEMD-160)"; + if(oid_str == "1.3.36.3.3.2.5.2.1") return "ECGDSA"; + if(oid_str == "1.3.36.3.3.2.5.4.1") return "ECGDSA/EMSA1(RIPEMD-160)"; + if(oid_str == "1.3.36.3.3.2.5.4.2") return "ECGDSA/EMSA1(SHA-160)"; + if(oid_str == "1.3.36.3.3.2.5.4.3") return "ECGDSA/EMSA1(SHA-224)"; + if(oid_str == "1.3.36.3.3.2.5.4.4") return "ECGDSA/EMSA1(SHA-256)"; + if(oid_str == "1.3.36.3.3.2.5.4.5") return "ECGDSA/EMSA1(SHA-384)"; + if(oid_str == "1.3.36.3.3.2.5.4.6") return "ECGDSA/EMSA1(SHA-512)"; + if(oid_str == "1.3.36.3.3.2.8.1.1.1") return "brainpool160r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.11") return "brainpool384r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.13") return "brainpool512r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.3") return "brainpool192r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.5") return "brainpool224r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.7") return "brainpool256r1"; + if(oid_str == "1.3.36.3.3.2.8.1.1.9") return "brainpool320r1"; + if(oid_str == "1.3.6.1.4.1.11591.12.2") return "Tiger(24,3)"; + if(oid_str == "1.3.6.1.4.1.25258.1.3") return "McEliece"; + if(oid_str == "1.3.6.1.4.1.25258.1.4") return "Curve25519"; + if(oid_str == "1.3.6.1.4.1.25258.3.1") return "Serpent/CBC"; + if(oid_str == "1.3.6.1.4.1.25258.3.101") return "Serpent/GCM"; + if(oid_str == "1.3.6.1.4.1.25258.3.102") return "Twofish/GCM"; + if(oid_str == "1.3.6.1.4.1.25258.3.2") return "Threefish-512/CBC"; + if(oid_str == "1.3.6.1.4.1.25258.3.2.1") return "AES-128/OCB"; + if(oid_str == "1.3.6.1.4.1.25258.3.2.2") return "AES-192/OCB"; + if(oid_str == "1.3.6.1.4.1.25258.3.2.3") return "AES-256/OCB"; + if(oid_str == "1.3.6.1.4.1.25258.3.2.4") return "Serpent/OCB"; + if(oid_str == "1.3.6.1.4.1.25258.3.2.5") return "Twofish/OCB"; + if(oid_str == "1.3.6.1.4.1.25258.3.3") return "Twofish/CBC"; + if(oid_str == "1.3.6.1.4.1.3029.1.2.1") return "ElGamal"; + if(oid_str == "1.3.6.1.4.1.311.20.2.2") return "Microsoft SmartcardLogon"; + if(oid_str == "1.3.6.1.4.1.8301.3.1.2.9.0.38") return "secp521r1"; + if(oid_str == "1.3.6.1.5.5.7.1.1") return "PKIX.AuthorityInformationAccess"; + if(oid_str == "1.3.6.1.5.5.7.3.1") return "PKIX.ServerAuth"; + if(oid_str == "1.3.6.1.5.5.7.3.2") return "PKIX.ClientAuth"; + if(oid_str == "1.3.6.1.5.5.7.3.3") return "PKIX.CodeSigning"; + if(oid_str == "1.3.6.1.5.5.7.3.4") return "PKIX.EmailProtection"; + if(oid_str == "1.3.6.1.5.5.7.3.5") return "PKIX.IPsecEndSystem"; + if(oid_str == "1.3.6.1.5.5.7.3.6") return "PKIX.IPsecTunnel"; + if(oid_str == "1.3.6.1.5.5.7.3.7") return "PKIX.IPsecUser"; + if(oid_str == "1.3.6.1.5.5.7.3.8") return "PKIX.TimeStamping"; + if(oid_str == "1.3.6.1.5.5.7.3.9") return "PKIX.OCSPSigning"; + if(oid_str == "1.3.6.1.5.5.7.48.1") return "PKIX.OCSP"; + if(oid_str == "1.3.6.1.5.5.7.48.1.1") return "PKIX.OCSP.BasicResponse"; + if(oid_str == "1.3.6.1.5.5.7.8.5") return "PKIX.XMPPAddr"; + if(oid_str == "2.16.840.1.101.3.4.1.2") return "AES-128/CBC"; + if(oid_str == "2.16.840.1.101.3.4.1.22") return "AES-192/CBC"; + if(oid_str == "2.16.840.1.101.3.4.1.25") return "KeyWrap.AES-192"; + if(oid_str == "2.16.840.1.101.3.4.1.26") return "AES-192/GCM"; + if(oid_str == "2.16.840.1.101.3.4.1.42") return "AES-256/CBC"; + if(oid_str == "2.16.840.1.101.3.4.1.45") return "KeyWrap.AES-256"; + if(oid_str == "2.16.840.1.101.3.4.1.46") return "AES-256/GCM"; + if(oid_str == "2.16.840.1.101.3.4.1.5") return "KeyWrap.AES-128"; + if(oid_str == "2.16.840.1.101.3.4.1.6") return "AES-128/GCM"; + if(oid_str == "2.16.840.1.101.3.4.2.1") return "SHA-256"; + if(oid_str == "2.16.840.1.101.3.4.2.2") return "SHA-384"; + if(oid_str == "2.16.840.1.101.3.4.2.3") return "SHA-512"; + if(oid_str == "2.16.840.1.101.3.4.2.4") return "SHA-224"; + if(oid_str == "2.16.840.1.101.3.4.2.6") return "SHA-512-256"; + if(oid_str == "2.16.840.1.101.3.4.3.1") return "DSA/EMSA1(SHA-224)"; + if(oid_str == "2.16.840.1.101.3.4.3.2") return "DSA/EMSA1(SHA-256)"; + if(oid_str == "2.5.29.14") return "X509v3.SubjectKeyIdentifier"; + if(oid_str == "2.5.29.15") return "X509v3.KeyUsage"; + if(oid_str == "2.5.29.17") return "X509v3.SubjectAlternativeName"; + if(oid_str == "2.5.29.18") return "X509v3.IssuerAlternativeName"; + if(oid_str == "2.5.29.19") return "X509v3.BasicConstraints"; + if(oid_str == "2.5.29.20") return "X509v3.CRLNumber"; + if(oid_str == "2.5.29.21") return "X509v3.ReasonCode"; + if(oid_str == "2.5.29.23") return "X509v3.HoldInstructionCode"; + if(oid_str == "2.5.29.24") return "X509v3.InvalidityDate"; + if(oid_str == "2.5.29.30") return "X509v3.NameConstraints"; + if(oid_str == "2.5.29.31") return "X509v3.CRLDistributionPoints"; + if(oid_str == "2.5.29.32") return "X509v3.CertificatePolicies"; + if(oid_str == "2.5.29.32.0") return "X509v3.AnyPolicy"; + if(oid_str == "2.5.29.35") return "X509v3.AuthorityKeyIdentifier"; + if(oid_str == "2.5.29.36") return "X509v3.PolicyConstraints"; + if(oid_str == "2.5.29.37") return "X509v3.ExtendedKeyUsage"; + if(oid_str == "2.5.4.10") return "X520.Organization"; + if(oid_str == "2.5.4.11") return "X520.OrganizationalUnit"; + if(oid_str == "2.5.4.12") return "X520.Title"; + if(oid_str == "2.5.4.3") return "X520.CommonName"; + if(oid_str == "2.5.4.4") return "X520.Surname"; + if(oid_str == "2.5.4.42") return "X520.GivenName"; + if(oid_str == "2.5.4.43") return "X520.Initials"; + if(oid_str == "2.5.4.44") return "X520.GenerationalQualifier"; + if(oid_str == "2.5.4.46") return "X520.DNQualifier"; + if(oid_str == "2.5.4.5") return "X520.SerialNumber"; + if(oid_str == "2.5.4.6") return "X520.Country"; + if(oid_str == "2.5.4.65") return "X520.Pseudonym"; + if(oid_str == "2.5.4.7") return "X520.Locality"; + if(oid_str == "2.5.4.8") return "X520.State"; + if(oid_str == "2.5.8.1.1") return "RSA"; + return std::string(); + } + +OID lookup(const std::string& name) + { + if(name == "AES-128/CBC") return OID("2.16.840.1.101.3.4.1.2"); + if(name == "AES-128/GCM") return OID("2.16.840.1.101.3.4.1.6"); + if(name == "AES-128/OCB") return OID("1.3.6.1.4.1.25258.3.2.1"); + if(name == "AES-192/CBC") return OID("2.16.840.1.101.3.4.1.22"); + if(name == "AES-192/GCM") return OID("2.16.840.1.101.3.4.1.26"); + if(name == "AES-192/OCB") return OID("1.3.6.1.4.1.25258.3.2.2"); + if(name == "AES-256/CBC") return OID("2.16.840.1.101.3.4.1.42"); + if(name == "AES-256/GCM") return OID("2.16.840.1.101.3.4.1.46"); + if(name == "AES-256/OCB") return OID("1.3.6.1.4.1.25258.3.2.3"); + if(name == "CAST-128/CBC") return OID("1.2.840.113533.7.66.10"); + if(name == "Compression.Zlib") return OID("1.2.840.113549.1.9.16.3.8"); + if(name == "Curve25519") return OID("1.3.6.1.4.1.25258.1.4"); + if(name == "DES/CBC") return OID("1.3.14.3.2.7"); + if(name == "DH") return OID("1.2.840.10046.2.1"); + if(name == "DSA") return OID("1.2.840.10040.4.1"); + if(name == "DSA/EMSA1(SHA-160)") return OID("1.2.840.10040.4.3"); + if(name == "DSA/EMSA1(SHA-224)") return OID("2.16.840.1.101.3.4.3.1"); + if(name == "DSA/EMSA1(SHA-256)") return OID("2.16.840.1.101.3.4.3.2"); + if(name == "ECDH") return OID("1.3.132.1.12"); + if(name == "ECDSA") return OID("1.2.840.10045.2.1"); + if(name == "ECDSA/EMSA1(SHA-160)") return OID("1.2.840.10045.4.1"); + if(name == "ECDSA/EMSA1(SHA-224)") return OID("1.2.840.10045.4.3.1"); + if(name == "ECDSA/EMSA1(SHA-256)") return OID("1.2.840.10045.4.3.2"); + if(name == "ECDSA/EMSA1(SHA-384)") return OID("1.2.840.10045.4.3.3"); + if(name == "ECDSA/EMSA1(SHA-512)") return OID("1.2.840.10045.4.3.4"); + if(name == "ECGDSA") return OID("1.3.36.3.3.2.5.2.1"); + if(name == "ECGDSA/EMSA1(RIPEMD-160)") return OID("1.3.36.3.3.2.5.4.1"); + if(name == "ECGDSA/EMSA1(SHA-160)") return OID("1.3.36.3.3.2.5.4.2"); + if(name == "ECGDSA/EMSA1(SHA-224)") return OID("1.3.36.3.3.2.5.4.3"); + if(name == "ECGDSA/EMSA1(SHA-256)") return OID("1.3.36.3.3.2.5.4.4"); + if(name == "ECGDSA/EMSA1(SHA-384)") return OID("1.3.36.3.3.2.5.4.5"); + if(name == "ECGDSA/EMSA1(SHA-512)") return OID("1.3.36.3.3.2.5.4.6"); + if(name == "ECKCDSA") return OID("1.0.14888.3.0.5"); + if(name == "ECKCDSA/EMSA1(SHA-1)") return OID("1.2.410.200004.1.100.4.3"); + if(name == "ECKCDSA/EMSA1(SHA-224)") return OID("1.2.410.200004.1.100.4.4"); + if(name == "ECKCDSA/EMSA1(SHA-256)") return OID("1.2.410.200004.1.100.4.5"); + if(name == "ElGamal") return OID("1.3.6.1.4.1.3029.1.2.1"); + if(name == "GOST-34.10") return OID("1.2.643.2.2.19"); + if(name == "GOST-34.10/EMSA1(GOST-R-34.11-94)") return OID("1.2.643.2.2.3"); + if(name == "HMAC(SHA-160)") return OID("1.2.840.113549.2.7"); + if(name == "HMAC(SHA-224)") return OID("1.2.840.113549.2.8"); + if(name == "HMAC(SHA-256)") return OID("1.2.840.113549.2.9"); + if(name == "HMAC(SHA-384)") return OID("1.2.840.113549.2.10"); + if(name == "HMAC(SHA-512)") return OID("1.2.840.113549.2.11"); + if(name == "KeyWrap.AES-128") return OID("2.16.840.1.101.3.4.1.5"); + if(name == "KeyWrap.AES-192") return OID("2.16.840.1.101.3.4.1.25"); + if(name == "KeyWrap.AES-256") return OID("2.16.840.1.101.3.4.1.45"); + if(name == "KeyWrap.CAST-128") return OID("1.2.840.113533.7.66.15"); + if(name == "KeyWrap.RC2") return OID("1.2.840.113549.1.9.16.3.7"); + if(name == "KeyWrap.TripleDES") return OID("1.2.840.113549.1.9.16.3.6"); + if(name == "MD5") return OID("1.2.840.113549.2.5"); + if(name == "McEliece") return OID("1.3.6.1.4.1.25258.1.3"); + if(name == "Microsoft SmartcardLogon") return OID("1.3.6.1.4.1.311.20.2.2"); + if(name == "PBE-PKCS5v20") return OID("1.2.840.113549.1.5.13"); + if(name == "PKCS5.PBKDF2") return OID("1.2.840.113549.1.5.12"); + if(name == "PKCS9.ChallengePassword") return OID("1.2.840.113549.1.9.7"); + if(name == "PKCS9.ContentType") return OID("1.2.840.113549.1.9.3"); + if(name == "PKCS9.EmailAddress") return OID("1.2.840.113549.1.9.1"); + if(name == "PKCS9.ExtensionRequest") return OID("1.2.840.113549.1.9.14"); + if(name == "PKCS9.MessageDigest") return OID("1.2.840.113549.1.9.4"); + if(name == "PKCS9.UnstructuredName") return OID("1.2.840.113549.1.9.2"); + if(name == "PKIX.AuthorityInformationAccess") return OID("1.3.6.1.5.5.7.1.1"); + if(name == "PKIX.ClientAuth") return OID("1.3.6.1.5.5.7.3.2"); + if(name == "PKIX.CodeSigning") return OID("1.3.6.1.5.5.7.3.3"); + if(name == "PKIX.EmailProtection") return OID("1.3.6.1.5.5.7.3.4"); + if(name == "PKIX.IPsecEndSystem") return OID("1.3.6.1.5.5.7.3.5"); + if(name == "PKIX.IPsecTunnel") return OID("1.3.6.1.5.5.7.3.6"); + if(name == "PKIX.IPsecUser") return OID("1.3.6.1.5.5.7.3.7"); + if(name == "PKIX.OCSP") return OID("1.3.6.1.5.5.7.48.1"); + if(name == "PKIX.OCSP.BasicResponse") return OID("1.3.6.1.5.5.7.48.1.1"); + if(name == "PKIX.OCSPSigning") return OID("1.3.6.1.5.5.7.3.9"); + if(name == "PKIX.ServerAuth") return OID("1.3.6.1.5.5.7.3.1"); + if(name == "PKIX.TimeStamping") return OID("1.3.6.1.5.5.7.3.8"); + if(name == "PKIX.XMPPAddr") return OID("1.3.6.1.5.5.7.8.5"); + if(name == "RC2/CBC") return OID("1.2.840.113549.3.2"); + if(name == "RSA") return OID("1.2.840.113549.1.1.1"); + if(name == "RSA/EMSA3(MD5)") return OID("1.2.840.113549.1.1.4"); + if(name == "RSA/EMSA3(RIPEMD-160)") return OID("1.3.36.3.3.1.2"); + if(name == "RSA/EMSA3(SHA-160)") return OID("1.2.840.113549.1.1.5"); + if(name == "RSA/EMSA3(SHA-256)") return OID("1.2.840.113549.1.1.11"); + if(name == "RSA/EMSA3(SHA-384)") return OID("1.2.840.113549.1.1.12"); + if(name == "RSA/EMSA3(SHA-512)") return OID("1.2.840.113549.1.1.13"); + if(name == "SEED/CBC") return OID("1.2.410.200004.1.4"); + if(name == "SHA-160") return OID("1.3.14.3.2.26"); + if(name == "SHA-224") return OID("2.16.840.1.101.3.4.2.4"); + if(name == "SHA-256") return OID("2.16.840.1.101.3.4.2.1"); + if(name == "SHA-384") return OID("2.16.840.1.101.3.4.2.2"); + if(name == "SHA-512") return OID("2.16.840.1.101.3.4.2.3"); + if(name == "SHA-512-256") return OID("2.16.840.1.101.3.4.2.6"); + if(name == "Serpent/CBC") return OID("1.3.6.1.4.1.25258.3.1"); + if(name == "Serpent/GCM") return OID("1.3.6.1.4.1.25258.3.101"); + if(name == "Serpent/OCB") return OID("1.3.6.1.4.1.25258.3.2.4"); + if(name == "Threefish-512/CBC") return OID("1.3.6.1.4.1.25258.3.2"); + if(name == "Tiger(24,3)") return OID("1.3.6.1.4.1.11591.12.2"); + if(name == "TripleDES/CBC") return OID("1.2.840.113549.3.7"); + if(name == "Twofish/CBC") return OID("1.3.6.1.4.1.25258.3.3"); + if(name == "Twofish/GCM") return OID("1.3.6.1.4.1.25258.3.102"); + if(name == "Twofish/OCB") return OID("1.3.6.1.4.1.25258.3.2.5"); + if(name == "X509v3.AnyPolicy") return OID("2.5.29.32.0"); + if(name == "X509v3.AuthorityKeyIdentifier") return OID("2.5.29.35"); + if(name == "X509v3.BasicConstraints") return OID("2.5.29.19"); + if(name == "X509v3.CRLDistributionPoints") return OID("2.5.29.31"); + if(name == "X509v3.CRLNumber") return OID("2.5.29.20"); + if(name == "X509v3.CertificatePolicies") return OID("2.5.29.32"); + if(name == "X509v3.ExtendedKeyUsage") return OID("2.5.29.37"); + if(name == "X509v3.HoldInstructionCode") return OID("2.5.29.23"); + if(name == "X509v3.InvalidityDate") return OID("2.5.29.24"); + if(name == "X509v3.IssuerAlternativeName") return OID("2.5.29.18"); + if(name == "X509v3.KeyUsage") return OID("2.5.29.15"); + if(name == "X509v3.NameConstraints") return OID("2.5.29.30"); + if(name == "X509v3.PolicyConstraints") return OID("2.5.29.36"); + if(name == "X509v3.ReasonCode") return OID("2.5.29.21"); + if(name == "X509v3.SubjectAlternativeName") return OID("2.5.29.17"); + if(name == "X509v3.SubjectKeyIdentifier") return OID("2.5.29.14"); + if(name == "X520.CommonName") return OID("2.5.4.3"); + if(name == "X520.Country") return OID("2.5.4.6"); + if(name == "X520.DNQualifier") return OID("2.5.4.46"); + if(name == "X520.GenerationalQualifier") return OID("2.5.4.44"); + if(name == "X520.GivenName") return OID("2.5.4.42"); + if(name == "X520.Initials") return OID("2.5.4.43"); + if(name == "X520.Locality") return OID("2.5.4.7"); + if(name == "X520.Organization") return OID("2.5.4.10"); + if(name == "X520.OrganizationalUnit") return OID("2.5.4.11"); + if(name == "X520.Pseudonym") return OID("2.5.4.65"); + if(name == "X520.SerialNumber") return OID("2.5.4.5"); + if(name == "X520.State") return OID("2.5.4.8"); + if(name == "X520.Surname") return OID("2.5.4.4"); + if(name == "X520.Title") return OID("2.5.4.12"); + if(name == "brainpool160r1") return OID("1.3.36.3.3.2.8.1.1.1"); + if(name == "brainpool192r1") return OID("1.3.36.3.3.2.8.1.1.3"); + if(name == "brainpool224r1") return OID("1.3.36.3.3.2.8.1.1.5"); + if(name == "brainpool256r1") return OID("1.3.36.3.3.2.8.1.1.7"); + if(name == "brainpool320r1") return OID("1.3.36.3.3.2.8.1.1.9"); + if(name == "brainpool384r1") return OID("1.3.36.3.3.2.8.1.1.11"); + if(name == "brainpool512r1") return OID("1.3.36.3.3.2.8.1.1.13"); + if(name == "frp256v1") return OID("1.2.250.1.223.101.256.1"); + if(name == "gost_256A") return OID("1.2.643.2.2.35.1"); + if(name == "secp160k1") return OID("1.3.132.0.9"); + if(name == "secp160r1") return OID("1.3.132.0.8"); + if(name == "secp160r2") return OID("1.3.132.0.30"); + if(name == "secp192k1") return OID("1.3.132.0.31"); + if(name == "secp192r1") return OID("1.2.840.10045.3.1.1"); + if(name == "secp224k1") return OID("1.3.132.0.32"); + if(name == "secp224r1") return OID("1.3.132.0.33"); + if(name == "secp256k1") return OID("1.3.132.0.10"); + if(name == "secp256r1") return OID("1.2.840.10045.3.1.7"); + if(name == "secp384r1") return OID("1.3.132.0.34"); + if(name == "secp521r1") return OID("1.3.132.0.35"); + if(name == "x962_p192v2") return OID("1.2.840.10045.3.1.2"); + if(name == "x962_p192v3") return OID("1.2.840.10045.3.1.3"); + if(name == "x962_p239v1") return OID("1.2.840.10045.3.1.4"); + if(name == "x962_p239v2") return OID("1.2.840.10045.3.1.5"); + if(name == "x962_p239v3") return OID("1.2.840.10045.3.1.6"); + return OID(); + } + +} + +} + diff --git a/src/lib/asn1/oid_lookup/oids.h b/src/lib/asn1/oids.h index e3caff50e..16b87dfc3 100644 --- a/src/lib/asn1/oid_lookup/oids.h +++ b/src/lib/asn1/oids.h @@ -15,25 +15,6 @@ namespace Botan { namespace OIDS { /** -* Register an OID to string mapping. -* @param oid the oid to register -* @param name the name to be associated with the oid -*/ -BOTAN_DLL void add_oid(const OID& oid, const std::string& name); - -BOTAN_DLL void add_oid2str(const OID& oid, const std::string& name); -BOTAN_DLL void add_str2oid(const OID& oid, const std::string& name); - -BOTAN_DLL void add_oidstr(const char* oidstr, const char* name); - -/** -* See if an OID exists in the internal table. -* @param oid the oid to check for -* @return true if the oid is registered -*/ -BOTAN_DLL bool have_oid(const std::string& oid); - -/** * Resolve an OID * @param oid the OID to look up * @return name associated with this OID @@ -49,14 +30,14 @@ BOTAN_DLL std::string lookup(const OID& oid); BOTAN_DLL OID lookup(const std::string& name); /** -* Tests whether the specified OID stands for the specified name. -* @param oid the OID to check -* @param name the name to check -* @return true if the specified OID stands for the specified name +* See if an OID exists in the internal table. +* @param oid the oid to check for +* @return true if the oid is registered */ -BOTAN_DLL bool name_of(const OID& oid, const std::string& name); - -BOTAN_DLL const char* default_oid_list(); +inline bool have_oid(const std::string& oid) + { + return (lookup(oid).empty() == false); + } } diff --git a/src/lib/kdf/prf_x942/info.txt b/src/lib/kdf/prf_x942/info.txt index ff4a6f160..c016f0b66 100644 --- a/src/lib/kdf/prf_x942/info.txt +++ b/src/lib/kdf/prf_x942/info.txt @@ -2,6 +2,5 @@ define X942_PRF 20131128 <requires> asn1 -oid_lookup sha1 </requires> diff --git a/src/lib/pubkey/ec_group/info.txt b/src/lib/pubkey/ec_group/info.txt index c1cab112e..3f9b76769 100644 --- a/src/lib/pubkey/ec_group/info.txt +++ b/src/lib/pubkey/ec_group/info.txt @@ -4,6 +4,5 @@ define ECC_GROUP 20131128 asn1 ec_gfp numbertheory -oid_lookup pem </requires> diff --git a/src/lib/pubkey/info.txt b/src/lib/pubkey/info.txt index 7692b0614..d74adddf1 100644 --- a/src/lib/pubkey/info.txt +++ b/src/lib/pubkey/info.txt @@ -31,7 +31,6 @@ pk_ops_impl.h asn1 bigint kdf -oid_lookup pbes2 pem pk_pad diff --git a/src/lib/pubkey/pbes2/info.txt b/src/lib/pubkey/pbes2/info.txt index ed88ac3eb..8a42e4133 100644 --- a/src/lib/pubkey/pbes2/info.txt +++ b/src/lib/pubkey/pbes2/info.txt @@ -4,6 +4,5 @@ define PKCS5_PBES2 20141119 asn1 cbc hmac -oid_lookup pbkdf2 </requires> diff --git a/src/lib/x509/x509_ext.cpp b/src/lib/x509/x509_ext.cpp index 23340f784..c22e9ebcb 100644 --- a/src/lib/x509/x509_ext.cpp +++ b/src/lib/x509/x509_ext.cpp @@ -25,8 +25,7 @@ namespace Botan { Certificate_Extension* Extensions::get_extension(const OID& oid, bool critical) { #define X509_EXTENSION(NAME, TYPE) \ - if(OIDS::name_of(oid, NAME)) \ - return new Cert_Extension::TYPE(); + if(oid == OIDS::lookup(NAME)) { return new Cert_Extension::TYPE(); } X509_EXTENSION("X509v3.KeyUsage", Key_Usage); X509_EXTENSION("X509v3.BasicConstraints", Basic_Constraints); diff --git a/src/scripts/oids.py b/src/scripts/oids.py new file mode 100755 index 000000000..e3c232211 --- /dev/null +++ b/src/scripts/oids.py @@ -0,0 +1,162 @@ +#!/usr/bin/python2 + +""" +(C) 2016 Jack Lloyd + +Botan is released under the Simplified BSD License (see license.txt) +""" + +import sys +import datetime +import re + +def format_map(m, for_oid = False): + s = '' + for k in sorted(m.keys()): + v = m[k] + + if len(s) > 0: + s += ' ' + + if for_oid: + s += '{ "%s", OID("%s") },\n' % (k,v) + else: + s += '{ "%s", "%s" },\n' % (k,v) + + s = s[:-2] # chomp last two chars + + return s + + +def format_as_map(oid2str, str2oid): + return """/* +* OID maps +* +* This file was automatically generated by %s on %s +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/oids.h> +#include <unordered_map> + +namespace Botan { + +std::unordered_map<std::string, std::string> OIDS::load_oid2str_map() + { + return std::unordered_map<std::string,std::string>{ + %s + }; + } + +std::unordered_map<std::string, OID> OIDS::load_str2oid_map() + { + return std::unordered_map<std::string,OID>{ + %s + }; + } + +} +""" % (sys.argv[0], datetime.date.today().strftime("%Y-%m-%d"), + format_map(oid2str), format_map(str2oid, True)) + + +def format_if(m, nm,t=False): + s = '' + for k in sorted(m.keys()): + v = m[k] + + if t: + s += ' if(%s == "%s") return OID("%s");\n' % (nm,k, v) + else: + s += ' if(%s == "%s") return "%s";\n' % (nm,k, v) + + s = s[:-1] + + return s + +def format_as_ifs(oid2str, str2oid): + return """/* +* OID maps +* +* This file was automatically generated by %s on %s +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include <botan/oids.h> + +namespace Botan { + +namespace OIDS { + +std::string lookup(const OID& oid) + { + const std::string oid_str = oid.as_string(); +%s + return std::string(); + } + +OID lookup(const std::string& name) + { +%s + return OID(); + } + +} + +} +""" % (sys.argv[0], datetime.date.today().strftime("%Y-%m-%d"), + format_if(oid2str,"oid_str"), format_if(str2oid, "name", True)) + +def main(args = None): + if args is None: + args = sys.argv + + oid_lines = open('src/build-data/oids.txt').readlines() + + oid_re = re.compile("^([1-9][0-9.]+) = ([A-Za-z0-9_\./\(\), -]+)$") + hdr_re = re.compile("^\[([a-z0-9_]+)\]$") + + oid2str = {} + str2oid = {} + cur_hdr = None + + for line in oid_lines: + line = line.strip() + if len(line) == 0: + continue + + if line[0] == '#': + continue + + match = hdr_re.match(line) + if match is not None: + cur_hdr = match.group(1) + continue + + match = oid_re.match(line) + if match is None: + raise Exception(line) + + oid = match.group(1) + nam = match.group(2) + + if oid in str2oid: + print "Duplicated OID", oid, name, oid2str[oid] + sys.exit() # hard error + else: + oid2str[oid] = nam + + if nam in str2oid: + #print "Duplicated name", nam, oid, str2oid[nam] + #str2oid[nam] = oid + pass + else: + str2oid[nam] = oid + + print format_as_ifs(oid2str, str2oid) + + +if __name__ == '__main__': + sys.exit(main()) diff --git a/src/tests/test_oid.cpp b/src/tests/test_oid.cpp deleted file mode 100644 index 087fdc64f..000000000 --- a/src/tests/test_oid.cpp +++ /dev/null @@ -1,115 +0,0 @@ -/* -* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity -* -* Botan is released under the Simplified BSD License (see license.txt) -*/ - -#include "tests.h" - -#if defined(BOTAN_HAS_OID_LOOKUP) - #include <botan/oids.h> -#endif - -namespace Botan_Tests { - -namespace { - -#if defined(BOTAN_HAS_OID_LOOKUP) - -Test::Result test_add_have_OID() - { - Test::Result result("OID add"); - - result.test_eq("there is no OID 'botan-test-oid1'", Botan::OIDS::have_oid("botan-test-oid1"), false); - - Botan::OIDS::add_oid(Botan::OID("1.2.345.6.666"), "botan-test-oid1"); - - result.test_eq("OID 'botan-test-oid1' added successfully", Botan::OIDS::have_oid("botan-test-oid1"), true); - - result.test_eq("name of OID '1.2.345.6.666' is 'botan-test-oid1'", Botan::OIDS::name_of(Botan::OID("1.2.345.6.666"), - "botan-test-oid1"), true); - - return result; - } - -Test::Result test_add_have_OID_str() - { - Test::Result result("OID add string"); - - result.test_eq("there is no OID 'botan-test-oid2'", Botan::OIDS::have_oid("botan-test-oid2"), false); - - Botan::OIDS::add_oidstr("1.2.345.6.777", "botan-test-oid2"); - - result.test_eq("OID 'botan-test-oid2' added successfully", Botan::OIDS::have_oid("botan-test-oid2"), true); - - result.test_eq("name of OID '1.2.345.6.777' is 'botan-test-oid2'", Botan::OIDS::name_of(Botan::OID("1.2.345.6.777"), - "botan-test-oid2"), true); - return result; - } - -Test::Result test_add_and_lookup() - { - Test::Result result("OID add and lookup"); - - result.test_eq("OIDS::lookup returns empty string for non-existent OID object", - Botan::OIDS::lookup(Botan::OID("1.2.345.6.888")), std::string()); - - result.test_throws("OIDS::lookup thows for non-existent OID name", []() - { - Botan::OIDS::lookup("botan-test-oid3"); - }); - - // add oid -> string mapping - Botan::OIDS::add_oid2str(Botan::OID("1.2.345.6.888"), "botan-test-oid3"); - result.test_eq("", Botan::OIDS::lookup(Botan::OID("1.2.345.6.888")), "botan-test-oid3"); - - // still throws - result.test_throws("OIDS::lookup still throws without adding name mapping", []() - { - Botan::OIDS::lookup("botan-test-oid3"); - }); - - // add string -> oid mapping - Botan::OIDS::add_str2oid(Botan::OID("1.2.345.6.888"), "botan-test-oid3"); - Botan::OIDS::lookup("botan-test-oid3"); - - return result; - } - -class OID_Tests : public Test - { - public: - std::vector<Test::Result> run() override - { - std::vector<Test::Result> results; - - std::vector<std::function<Test::Result()>> fns = - { - test_add_have_OID, - test_add_have_OID_str, - test_add_and_lookup, - }; - - for(size_t i = 0; i != fns.size(); ++i) - { - try - { - results.push_back(fns[ i ]()); - } - catch(std::exception& e) - { - results.push_back(Test::Result::Failure("OID tests " + std::to_string(i), e.what())); - } - } - - return results; - } - }; - -BOTAN_REGISTER_TEST("oid", OID_Tests); - -#endif - -} - -} diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp index 392b666f5..d11e019e0 100644 --- a/src/tests/unit_ecdsa.cpp +++ b/src/tests/unit_ecdsa.cpp @@ -40,7 +40,8 @@ Test::Result test_hash_larger_than_n() { Test::Result result("ECDSA Unit"); - Botan::EC_Group dom_pars(Botan::OIDS::lookup("1.3.132.0.8")); // secp160r1 + Botan::EC_Group dom_pars("secp160r1"); + // n = 0x0100000000000000000001f4c8f927aed3ca752257 (21 bytes) Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars); |