TrustCore SDK NanoCert API reference  version 7.0
parseasn1.h
1 /*
2  * parseasn1.h
3  *
4  * Definitions of functions that build and read various ASN.1 constructs.
5  *
6  * Copyright 2019-2024 DigiCert, Inc. All Rights Reserved.
7  * Proprietary and Confidential Material.
8  *
9  */
10 
11 #ifndef __PARSEASN1_H__
12 #define __PARSEASN1_H__
13 
14 
15 #ifdef __cplusplus
16 extern "C" {
17 #endif
18 
19 /* Tag classes */
20 
21 #define CLASS_MASK 0xC0 /* Bits 8 and 7 */
22 #define UNIVERSAL 0x00 /* 0 = Universal (defined by ITU X.680) */
23 #define APPLICATION 0x40 /* 1 = Application */
24 #define CONTEXT 0x80 /* 2 = Context-specific */
25 #define PRIVATE 0xC0 /* 3 = Private */
26 
27 /* Encoding type */
28 
29 #define FORM_MASK 0x20 /* Bit 6 */
30 #define PRIMITIVE 0x00 /* 0 = primitive */
31 #define CONSTRUCTED 0x20 /* 1 = constructed */
32 
33 /* Universal tags */
34 
35 #define TAG_MASK 0x1F /* Bits 5 - 1 */
36 #define EOC 0x00 /* 0: End-of-contents octets */
37 #define BOOLEAN 0x01 /* 1: Boolean */
38 #define INTEGER 0x02 /* 2: Integer */
39 #define BITSTRING 0x03 /* 3: Bit string */
40 #define OCTETSTRING 0x04 /* 4: Byte string */
41 #define NULLTAG 0x05 /* 5: NULL */
42 #define OID 0x06 /* 6: Object Identifier */
43 #define OBJDESCRIPTOR 0x07 /* 7: Object Descriptor */
44 #define EXTERNAL 0x08 /* 8: External */
45 #define REAL 0x09 /* 9: Real */
46 #define ENUMERATED 0x0A /* 10: Enumerated */
47 #define EMBEDDED_PDV 0x0B /* 11: Embedded Presentation Data Value */
48 #define UTF8STRING 0x0C /* 12: UTF8 string */
49 #define SEQUENCE 0x10 /* 16: Sequence/sequence of */
50 #undef SET
51 #define SET 0x11 /* 17: Set/set of */
52 #define NUMERICSTRING 0x12 /* 18: Numeric string */
53 #define PRINTABLESTRING 0x13 /* 19: Printable string (ASCII subset) */
54 #define T61STRING 0x14 /* 20: T61/Teletex string */
55 #define VIDEOTEXSTRING 0x15 /* 21: Videotex string */
56 #define IA5STRING 0x16 /* 22: IA5/ASCII string */
57 #define UTCTIME 0x17 /* 23: UTC time */
58 #define GENERALIZEDTIME 0x18 /* 24: Generalized time */
59 #define GRAPHICSTRING 0x19 /* 25: Graphic string */
60 #define VISIBLESTRING 0x1A /* 26: Visible string (ASCII subset) */
61 #define GENERALSTRING 0x1B /* 27: General string */
62 #define UNIVERSALSTRING 0x1C /* 28: Universal string */
63 #define BMPSTRING 0x1E /* 30: Basic Multilingual Plane/Unicode string */
64 
65 /* Length encoding */
66 
67 #define LEN_XTND 0x80 /* Indefinite or long form */
68 #define LEN_MASK 0x7F /* Bits 7 - 1 */
69 
70 /* Structure to hold info on an ASN.1 item */
71 
72 /* BIT STRING : dataOffset points to beginning of bits not unused bits
73  and length points to size of bitstring (without unused bits) */
74 #define ASN1_HEADER_MAX_SIZE (9)
75 
76 #define ASN1_ITEM MOC_ASN1_ITEM
77 
78 typedef struct ASN1_ITEM {
79  TreeItem treeItem; /* Infrastructure for tree */
80  ubyte4 id; /* Tag class + primitive/constructed */
81  ubyte4 tag; /* Tag */
82  ubyte4 length; /* Data length */
83  ubyte4 headerSize; /* Size of tag+length */
84  sbyte4 dataOffset; /* position of data in the stream */
85  union
86  {
87  byteBoolean m_boolVal; /* BOOLEAN */
88  ubyte4 m_intVal; /* INTEGER, ENUMERATED */
89  ubyte m_unusedBits; /* BIT STRING */
90  } data;
91 
92  byteBoolean indefinite; /* Item has indefinite length */
93  byteBoolean encapsulates; /* encapsulates something */
94 } ASN1_ITEM, *ASN1_ITEMPTR;
95 
96 /* useful macros */
97 #define ASN1_FIRST_CHILD(a) ((ASN1_ITEMPTR) ((a)->treeItem.m_pFirstChild))
98 #define ASN1_NEXT_SIBLING(a) ((ASN1_ITEMPTR) ((a)->treeItem.m_pNextSibling))
99 #define ASN1_PARENT(a) ((ASN1_ITEMPTR) ((a)->treeItem.m_pParent))
100 
101 #define ASN1_CONSTRUCTED(a) (CONSTRUCTED == ((a)->id & FORM_MASK))
102 #define ASN1_PRIMITIVE(a) (PRIMITIVE == ((a)->id & FORM_MASK))
103 
104 /* function to follow progress of the parsing -- called every time a new ASN.1 item
105 is added to the tree */
106 typedef void (*ProgressFun)(ASN1_ITEMPTR newAddedItem, CStream s, void* arg);
107 
108 /* exported routines */
109 MOC_EXTERN MSTATUS ASN1_GetNthChild(ASN1_ITEM* parent, ubyte4 n, ASN1_ITEM** ppChild);
110 MOC_EXTERN MSTATUS ASN1_GetChildWithOID(ASN1_ITEM* parent, CStream s, const ubyte* whichOID,
111  ASN1_ITEM** ppChild);
112 MOC_EXTERN MSTATUS ASN1_GetChildWithTag( ASN1_ITEM* parent, ubyte4 tag, ASN1_ITEM** ppChild);
113 MOC_EXTERN MSTATUS ASN1_GetTag( ASN1_ITEM* pItem, ubyte4 *pTag);
114 MOC_EXTERN MSTATUS ASN1_GoToTag(ASN1_ITEM* parent, ubyte4 tag, ASN1_ITEM** ppTag);
115 MOC_EXTERN MSTATUS ASN1_VerifyOID( ASN1_ITEM* pItem, CStream s, const ubyte* whichOID);
116 MOC_EXTERN MSTATUS ASN1_VerifyType(ASN1_ITEM* pCurrent, ubyte4 type);
117 MOC_EXTERN MSTATUS ASN1_VerifyTag(ASN1_ITEM* pCurrent, ubyte4 tag);
118 MOC_EXTERN MSTATUS ASN1_VerifyInteger(ASN1_ITEM* pCurrent, ubyte4 n);
119 MOC_EXTERN MSTATUS ASN1_VerifyOIDRoot( ASN1_ITEM* pItem, CStream s, const ubyte* whichOID,
120  ubyte* subType);
121 MOC_EXTERN MSTATUS ASN1_VerifyOIDStart( ASN1_ITEM* pItem, CStream s, const ubyte* whichOID);
122 MOC_EXTERN MSTATUS ASN1_CompareItems( ASN1_ITEM* pItem1, CStream s1, ASN1_ITEM* pItem2, CStream s2);
123 MOC_EXTERN MSTATUS ASN1_getBitStringBit( ASN1_ITEM* pBitString, CStream s, ubyte4 bitNum,
124  byteBoolean* bitVal);
125 
126 MOC_EXTERN MSTATUS ASN1_Parse(CStream s, ASN1_ITEM** rootItem);
127 MOC_EXTERN MSTATUS ASN1_ParseEx(CStream s, ASN1_ITEM** rootItem, ProgressFun progressFun,
128  void* cbArg);
129 
130 /* resumable ASN.1 parsing */
131 /* parser state */
132 typedef struct ASN1_ParseState
133 {
134  ASN1_ITEM* rootNode;
135  ASN1_ITEM* parentNode;
136  sbyte4 stackDepth;
137  sbyte4 filePos;
138 } ASN1_ParseState;
139 
140 MOC_EXTERN MSTATUS ASN1_InitParseState( ASN1_ParseState* pState);
141 
142 MOC_EXTERN MSTATUS ASN1_ParseASN1State(CStream as, ASN1_ParseState* pState,
143  ProgressFun progressFun, void* cbArg);
144 
145 /* undocumented */
146 MOC_EXTERN ASN1_ITEMPTR ASN1_GetNextSiblingFromPartialParse(
147  const ASN1_ParseState* pState,
148  ASN1_ITEMPTR pSibling, CStream cs);
149 
150 /* undocumented */
151 MOC_EXTERN ASN1_ITEMPTR ASN1_GetFirstChildFromPartialParse(
152  const ASN1_ParseState* pState,
153  ASN1_ITEMPTR pParent, CStream cs);
154 
155 /* undocumented */
156 MOC_EXTERN ubyte4 ASN1_GetData( const ASN1_ParseState* pState, CStream cs,
157  ubyte4 streamSize, ASN1_ITEMPTR pItem,
158  ubyte4* pOffset, const ubyte* src, ubyte* dest);
159 
160 
161 /* verify item ( constructed) is complete */
162 MOC_EXTERN MSTATUS ASN1_IsItemComplete( const ASN1_ParseState* pState,
163  const ASN1_ITEM *item,
164  CStream s, intBoolean* complete);
165 
166 /* API to search and retrieve based on OIDs. The whichOID parameter is a string
167 with the format "a.b.c.d". The last number can be set to * in which case the
168 remaining part of the OID will not be matched. The return value is a NULL terminated
169 array of the ASN1_ITEMs of type OID that match the OID parameter. The array must
170 be FREEed when no longer needed by the caller. An array consisting of a single
171 NULL value is returned if no match was found */
172 MOC_EXTERN MSTATUS ASN1_OIDSearch( ASN1_ITEMPTR pItem, CStream s, const sbyte* whichOID,
173  ASN1_ITEMPTR **ppResults);
174 
189 MOC_EXTERN MSTATUS ASN1_getTagLen(
190  ubyte expectedTag, ubyte *pDerEncoding, ubyte4 *pEncodingLen);
191 
266 MOC_EXTERN MSTATUS ASN1_readTagAndLen (
267  const ubyte *pDerEncoding,
268  ubyte4 derEncodingLen,
269  ubyte4 *pTheTag,
270  sbyte4 *pTheLen,
271  ubyte4 *pTagAndLenLen
272  );
273 
313 MOC_EXTERN MSTATUS ASN1_compareOID (
314  const ubyte *pTargetOID,
315  ubyte4 targetLen,
316  const ubyte *pCheckOID,
317  ubyte4 checkLen,
318  ubyte4 *pLastByte,
319  sbyte4 *pCmpResult
320  );
321 
322 #ifdef __ENABLE_MOCANA_QS__
323 
342 MOC_EXTERN MSTATUS ASN1_compareOIDAux (
343  const ubyte *pTargetOID,
344  ubyte4 targetLen,
345  const ubyte *pCheckOID,
346  ubyte4 checkLen,
347  ubyte4 *pNextToLastByte,
348  ubyte4 *pLastByte,
349  sbyte4 *pCmpResult
350  );
351 #endif
352 
370 MOC_EXTERN MSTATUS ASN1_getKeyFlagFromOid (
371  ubyte *pKeyOid,
372  ubyte4 oidLen,
373  ubyte4 *pKeyAlg
374  );
375 
394 MOC_EXTERN MSTATUS ASN1_getPublicKeyAlgFlagFromOid (
395  ubyte *pAlgOid,
396  ubyte4 oidLen,
397  ubyte4 *pAlg
398  );
399 
418 MOC_EXTERN MSTATUS ASN1_getDigestFlagFromOid (
419  const ubyte *pDigestOid,
420  ubyte4 oidLen,
421  ubyte4 *pDigestAlg
422  );
423 
458 MOC_EXTERN MSTATUS ASN1_getDigestFromSigAlgId (
459  ubyte *pSigAlgId,
460  ubyte4 sigAlgIdLen,
461  ubyte *pDigestAlgId,
462  ubyte4 bufferSize,
463  ubyte4 *pDigestAlgIdLen,
464  ubyte **ppDigestOid,
465  ubyte4 *pDigestOidLen,
466  ubyte4 *pDigestLen
467  );
468 
498 MOC_EXTERN MSTATUS ASN1_getDigestAlgIdFromFlag (
499  ubyte4 digestAlg,
500  ubyte *pDigestAlgId,
501  ubyte4 bufferSize,
502  ubyte4 *pDigestAlgIdLen,
503  ubyte **ppDigestOid,
504  ubyte4 *pDigestOidLen,
505  ubyte4 *pDigestLen
506  );
507 
534 MOC_EXTERN MSTATUS ASN1_buildDigestInfoAlloc (
535  const ubyte *pDigest,
536  ubyte4 digestLen,
537  ubyte4 digestAlg,
538  ubyte **ppDigestInfo,
539  ubyte4 *pDigestInfoLen
540  );
541 
599 MOC_EXTERN MSTATUS ASN1_parseDigestInfo (
600  ubyte *pDigestInfo,
601  ubyte4 digestInfoLen,
602  ubyte **ppOid,
603  ubyte4 *pOidLen,
604  ubyte **ppDigest,
605  ubyte4 *pDigestLen,
606  ubyte4 *pDigestAlg
607  );
608 
609 /* The DSA and ECDSA signature is
610  * <pre>
611  * <code>
612  * SEQ {
613  * r INTEGER,
614  * s INTEGER }
615  * </code>
616  * </pre>
617  * <p>This function will convert the input data to canonical integers and build
618  * the DER encoding.
619  * <p>The caller supplies the buffer into which the result will be placed.
620  * <p>The caller passes in the r and s values as arrays of integers. The caller
621  * also passes in the size of each integer. Only 4 and 8 are currently supported
622  * as the integer size. The array must be from lsWord to msWord. That is, the
623  * least significant word at index 0, and the most significant word at index
624  * arrayLen - 1.
625  * <p>The caller will pass in the arrays, the pointers cast to void *. The
626  * function will dereference the pointer to the correct type based on the intSize.
627  *
628  * @param pRVal The r of the signature.
629  * @param rLen The number of words in pRVal
630  * @param pSVal The s of the signature.
631  * @param sLen The number of words in pSVal
632  * @param intSize The size of each integer in the array (4 or 8, ubyte4 or
633  * ubyte8).
634  * @param pSignature The buffer into which the function will place the result.
635  * @param bufferSize The size, in bytes, of the output buffer.
636  * @param pSignatureLen The address where the function will deposit the length of
637  * the signature (if the buffer is too small, it is the length needed).
638  * @return \c OK (0) if successful; otherwise a negative number error code
639  * definition from merrors.h. To retrieve a string containing an
640  * English text error identifier corresponding to the function's
641  * returned error status, use the \c DISPLAY_ERROR macro.
642  */
643 MOC_EXTERN MSTATUS ASN1_buildDsaSignature (
644  void *pRVal,
645  ubyte4 rLen,
646  void *pSVal,
647  ubyte4 sLen,
648  ubyte4 intSize,
649  ubyte *pSignature,
650  ubyte4 bufferSize,
651  ubyte4 *pSignatureLen
652  );
653 
654 /* The DSA and ECDSA signature is
655  * <pre>
656  * <code>
657  * SEQ {
658  * r INTEGER,
659  * s INTEGER }
660  * </code>
661  * </pre>
662  * <p>This function will verify that the encoding is correct, then return the r
663  * and s values. The function will not allocate memory, it will return the address
664  * inside pSignature where the values begin.
665  *
666  * @param pSignature The data to parse.
667  * @param signatureLen The length, in bytes, of the signature.
668  * @param ppRVal The address where the function will deposit the address,
669  * inside pSignature, where the r value data begins.
670  * @param pRValLen The address where the function will deposit the length, in
671  * bytes, of the r value.
672  * @param ppSVal The address where the function will deposit the address,
673  * inside pSignature, where the s value data begins.
674  * @param pSValLen The address where the function will deposit the length, in
675  * bytes, of the s value.
676  * @return \c OK (0) if successful; otherwise a negative number error code
677  * definition from merrors.h. To retrieve a string containing an
678  * English text error identifier corresponding to the function's
679  * returned error status, use the \c DISPLAY_ERROR macro.
680  */
681 MOC_EXTERN MSTATUS ASN1_parseDsaSignature (
682  ubyte *pSignature,
683  ubyte4 signatureLen,
684  ubyte **ppRVal,
685  ubyte4 *pRValLen,
686  ubyte **ppSVal,
687  ubyte4 *pSValLen
688  );
689 
690 /* This function will parse the AlgId, returning the OID and params.
691  * <p>The function will not allocate memory, simply return the addresses inside
692  * the algId where the elements begin.
693  * <p>The OID will be the actual value of the OID, it does not include the tag
694  * and len.
695  * <p>The function does not parse the params, it just returns the entire
696  * encoding. So if the params are SEQ { something }, the return starts at the 30.
697  * The length is the full length, including the length of the tag and len. For
698  * example, if the params are 04 10 x x...x, then the length will be 18 (the tag
699  * is one byte, the length octet is another byte, that's 2, then the value is 16
700  * bytes, for a total of 18. If there are no params, ppParams will be NULL and
701  * pParamsLen will be 0. The params might be 05 00, or 30 00, in which case the
702  * length will be 2.
703  * <p>This function does not check the args. It is the responsibility of the
704  * caller not to make mistakes.
705  */
706 MOC_EXTERN MSTATUS ASN1_parseAlgId (
707  ubyte *pAlgId,
708  ubyte4 algIdLen,
709  ubyte **ppOid,
710  ubyte4 *pOidLen,
711  ubyte **ppParams,
712  ubyte4 *pParamsLen
713  );
714 
715 /* The following section contains a number of Algorithm Identifiers. This will
716  * make it easier to build arrays containing the OIDs.
717  */
718 
719 /* This is the OID for an unknown digest. The only use case for this is
720  * when interfacing with OpenSSL. OpenSSL does not provide the digest algorithm
721  * that was used to get the digest. Since we require that the user passes in a
722  * DER encoded digest to our signature operations, we have to DER encode the
723  * OpenSSL digest but we can't input an OID into there. Since we can't figure
724  * out the OID just by looking at the digest and digest length we make it
725  * unknown.
726  */
727 #define MOP_UNKNOWN_OID_LEN 2
728 #define MOP_UNKNOWN_OID \
729  0x06, 0x00
730 #define MOP_UNKNOWN_ALG_ID_LEN MOP_UNKNOWN_OID_LEN + 4
731 #define MOP_UNKNOWN_ALG_ID \
732  0x30, MOP_UNKNOWN_OID_LEN + 2, \
733  MOP_UNKNOWN_OID, \
734  0x05, 0x00
735 
736 /* This is the OID and AlgId for HMAC with SHA-1. The last byte of the OID
737  * changes to 8, 9, 10, or 11, for SHA-224, 256, 384, 512.
738  */
739 #define MOP_HMAC_OID_LEN 10
740 #define MOP_HMAC_OID \
741  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x07
742 #define MOP_HMAC_ALG_ID_LEN 14
743 #define MOP_HMAC_ALG_ID \
744  0x30, MOP_HMAC_OID_LEN + 2, \
745  MOP_HMAC_OID, \
746  0x05, 0x00
747 
748 #define MOP_HMAC_OID_OFFSET 2
749 #define MOP_HMAC_OID_LAST_BYTE_OFFSET 11
750 #define MOP_HMAC_SHA1_LAST_BYTE 7
751 #define MOP_HMAC_SHA224_LAST_BYTE 8
752 #define MOP_HMAC_SHA256_LAST_BYTE 9
753 #define MOP_HMAC_SHA384_LAST_BYTE 10
754 #define MOP_HMAC_SHA512_LAST_BYTE 11
755 
756 /* How many digest AlgIds do we currently support?
757  */
758 #define MOC_DIGEST_ALGID_COUNT 5
759 #define MOC_DIGEST_FLAG_LIST \
760  ht_sha1, ht_sha224, ht_sha256, ht_sha384, ht_sha512
761 #define MOC_DIGEST_LEN_LIST \
762  20, 28, 32, 48, 64
763 
764 #define MOP_SHA1_OID_LEN 7
765 #define MOP_SHA1_OID \
766  0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
767 #define MOP_SHA1_ALG_ID_LEN MOP_SHA1_OID_LEN + 4
768 #define MOP_SHA1_ALG_ID \
769  0x30, MOP_SHA1_OID_LEN + 2, \
770  MOP_SHA1_OID, \
771  0x05, 0x00
772 #define MOP_SHA1_OID_OFFSET 2
773 
774 #define MOP_SHA224_LAST_BYTE 4
775 #define MOP_SHA256_LAST_BYTE 1
776 #define MOP_SHA384_LAST_BYTE 2
777 #define MOP_SHA512_LAST_BYTE 3
778 
779 #define MOP_SHA224_OID_LEN 11
780 #define MOP_SHA224_OID \
781  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
782 #define MOP_SHA224_ALG_ID_LEN MOP_SHA224_OID_LEN + 4
783 #define MOP_SHA224_ALG_ID \
784  0x30, MOP_SHA224_OID_LEN + 2, \
785  MOP_SHA224_OID, \
786  0x05, 0x00
787 #define MOP_SHA224_OID_OFFSET 2
788 
789 #define MOP_SHA256_OID_LEN 11
790 #define MOP_SHA256_OID \
791  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
792 #define MOP_SHA256_ALG_ID_LEN MOP_SHA256_OID_LEN + 4
793 #define MOP_SHA256_ALG_ID \
794  0x30, MOP_SHA256_OID_LEN + 2, \
795  MOP_SHA256_OID, \
796  0x05, 0x00
797 #define MOP_SHA256_OID_OFFSET 2
798 
799 #define MOP_SHA384_OID_LEN 11
800 #define MOP_SHA384_OID \
801  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
802 #define MOP_SHA384_ALG_ID_LEN MOP_SHA384_OID_LEN + 4
803 #define MOP_SHA384_ALG_ID \
804  0x30, MOP_SHA384_OID_LEN + 2, \
805  MOP_SHA384_OID, \
806  0x05, 0x00
807 #define MOP_SHA384_OID_OFFSET 2
808 
809 #define MOP_SHA512_OID_LEN 11
810 #define MOP_SHA512_OID \
811  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
812 #define MOP_SHA512_ALG_ID_LEN MOP_SHA512_OID_LEN + 4
813 #define MOP_SHA512_ALG_ID \
814  0x30, MOP_SHA512_OID_LEN + 2, \
815  MOP_SHA512_OID, \
816  0x05, 0x00
817 #define MOP_SHA512_OID_OFFSET 2
818 
819 /* MD2 OID
820  * 1.2.840.113549.2.2
821  *
822  * Source
823  * http://www.alvestrand.no/objectid/1.2.840.113549.2.2.html
824  */
825 #define MOP_MD2_OID_LEN 10
826 #define MOP_MD2_OID \
827  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x02
828 #define MOP_MD2_ALG_ID_LEN MOP_MD2_OID_LEN + 4
829 #define MOP_MD2_ALG_ID \
830  0x30, MOP_MD2_OID_LEN + 2, \
831  MOP_MD2_OID, \
832  0x05, 0x00
833 #define MOP_MD2_OID_OFFSET 2
834 #define MOP_MD2_ALGID_LAST_BYTE_OFFSET MOP_MD2_OID_LEN + 1
835 #define MOP_MD2_LAST_BYTE 2
836 
837 /* MD4 OID
838  * 1.2.840.113549.2.4
839  *
840  * Source
841  * http://www.alvestrand.no/objectid/1.2.840.113549.2.4.html
842  */
843 #define MOP_MD4_OID_LEN 10
844 #define MOP_MD4_OID \
845  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x04
846 #define MOP_MD4_ALG_ID_LEN MOP_MD4_OID_LEN + 4
847 #define MOP_MD4_ALG_ID \
848  0x30, MOP_MD4_OID_LEN + 2, \
849  MOP_MD4_OID, \
850  0x05, 0x00
851 #define MOP_MD4_LAST_BYTE 4
852 
853 #define MOP_MD5_OID_LEN 10
854 #define MOP_MD5_OID \
855  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05
856 #define MOP_MD5_ALG_ID_LEN MOP_MD5_OID_LEN + 4
857 #define MOP_MD5_ALG_ID \
858  0x30, MOP_MD5_OID_LEN + 2, \
859  MOP_MD5_OID, \
860  0x05, 0x00
861 #define MOP_MD5_LAST_BYTE 5
862 
863 /* RIPEMD 160 OID
864  * 1.3.36.3.2.1
865  *
866  * Source
867  * http://oid-info.com/get/1.3.36.3.2.1
868  */
869 #define MOP_RIPEMD160_OID_LEN 7
870 #define MOP_RIPEMD160_OID \
871  0x06, 0x05, 0x2B, 0x24, 0x03, 0x02, 0x01
872 #define MOP_RIPEMD160_ALG_ID_LEN MOP_RIPEMD160_OID_LEN + 4
873 #define MOP_RIPEMD160_ALG_ID \
874  0x30, MOP_RIPEMD160_OID_LEN + 2, \
875  MOP_RIPEMD160_OID, \
876  0x05, 0x00
877 
878 /* If we add another digest algorithm, make sure this is updated if needed.
879  */
880 #define MOP_MAX_DIGEST_ALG_ID_LEN 15
881 
882 /* The RC5-CBC AlgId is
883  * 30 len
884  * OID,
885  * SEQ {
886  * INT version,
887  * INT rounds,
888  * INT blockSize,
889  * OCTET STRING OPTIONAL initVector }
890  * There are two RC5-CBC OIDs: no pad and with pad. The difference in OIDs is the
891  * last byte.
892  * The version is version 1 which is defined as 0x10 (decimal 16).
893  * The rounds count is 0x08 to 0x7f (decimal 8 to 127).
894  * The block size is 0x40 or 0x00 80 (decimal 64 or 128).
895  * If there is no init vector, then the implementation is to use a block of 00
896  * bytes as the IV.
897  * Because of the variability of the algId (one byte or 2 for the block size, IV
898  * or not), there is no "universal" byte array, it must be computed on the fly.
899  */
900 #define MOP_RC5_CBC_PAD_OID_LEN 10
901 #define MOP_RC5_CBC_PAD_OID \
902  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x09
903 #define MOP_RC5_CBC_NO_PAD_BYTE 8
904 #define MOP_RC5_CBC_PAD_BYTE 9
905 
906 #define MOP_ARC2_CBC_OID_LEN 10
907 #define MOP_ARC2_CBC_OID \
908  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02
909 
910 #define MOP_ARC4_OID_LEN 10
911 #define MOP_ARC4_OID \
912  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x04
913 
914 /* Oid for PKCS5 V1 PBE, we only support SHA1-RC2 */
915 #define MOP_PKCS5_PBE_V1_OID_LEN 11
916 #define MOP_PKCS5_PBE_V1_OID \
917  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0B
918 #define MOP_PKCS5_PBE_V1_LAST_BYTE 0x0B
919 
920 /* Oid for PKCS5 V2 PBE */
921 #define MOP_PKCS5_PBE_V2_OID_LEN 11
922 #define MOP_PKCS5_PBE_V2_OID \
923  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D
924 #define MOP_PKCS5_PBE_V2_LAST_BYTE 0x0D
925 
926 /* Oid for PKCS5 PBKDF2 */
927 #define MOP_PKCS5_PBKDF2_OID_LEN 11
928 #define MOP_PKCS5_PBKDF2_OID \
929  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C
930 
931 /* dhSinglePass-stdDH-sha1kdf-scheme
932  */
933 #define MOP_DH_SP_SHA1_KDF_OID_LEN 11
934 #define MOP_DH_SP_SHA1_KDF_OID \
935  0x06, 0x09, 0x2b, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3f, 0x00, 0x02
936 
937 /* dhSinglePass-stdDH-sha256kdf-scheme
938  */
939 #define MOP_DH_SP_SHA224_KDF_OID_LEN 8
940 #define MOP_DH_SP_SHA224_KDF_OID \
941  0x06, 0x06, 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x00
942 #define MOP_SH_SP_SHA256_LAST_BYTE 0x01
943 #define MOP_SH_SP_SHA384_LAST_BYTE 0x02
944 #define MOP_SH_SP_SHA512_LAST_BYTE 0x03
945 
946 /* The AES-CBC AlgId is
947  * 30 len
948  * OID,
949  * OCTET STRING
950  *
951  * where the OID is either AES-CBC 128, AES-CBC 192, or AES-CBC 256
952  * and the OCTET STRING is the init vector which is always 16 bytes.
953  * So this #define will build an algID with space for the IV, but the caller must
954  * fill in the actual IV.
955  */
956 #define MOP_AES_CBC_OID_LEN 11
957 #define MOP_AES_CBC_OID \
958  0x06, 0x09, \
959  0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2a
960 #define MOP_AES_CBC_ALG_ID_LEN 31
961 /* The IV in this construct MUST be 00 00 ... 00!
962  */
963 #define MOP_AES_CBC_ALG_ID \
964  0x30, MOP_AES_CBC_OID_LEN + 18, \
965  MOP_AES_CBC_OID, \
966  0x04, 0x10, \
967  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
968  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
969 #define MOP_AES_CBC_OID_LAST_BYTE_OFFSET 12
970 #define MOP_AES_CBC_INIT_VECTOR_OFFSET 15
971 #define MOP_AES_CBC_128_BYTE 0x02
972 #define MOP_AES_CBC_192_BYTE 0x16
973 #define MOP_AES_CBC_256_BYTE 0x2A
974 
975 #define MOP_AES_OFB_OID_LEN 11
976 #define MOP_AES_OFB_OID \
977  0x06, 0x09, \
978  0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2B
979 #define MOP_AES_OFB_ALG_ID_LEN 31
980 #define MOP_AES_OFB_ALG_ID \
981  0x30, MOP_AES_OFB_OID_LEN + 18, \
982  MOP_AES_OFB_OID, \
983  0x04, 0x10, \
984  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
985  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
986 #define MOP_AES_OFB_OID_LAST_BYTE_OFFSET 12
987 #define MOP_AES_OFB_INIT_VECTOR_OFFSET 15
988 #define MOP_AES_OFB_128_BYTE 0x03
989 #define MOP_AES_OFB_192_BYTE 0x17
990 #define MOP_AES_OFB_256_BYTE 0x2B
991 
992 #define MOP_AES_CFB_OID_LEN 11
993 #define MOP_AES_CFB_OID \
994  0x06, 0x09, \
995  0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2C
996 #define MOP_AES_CFB_ALG_ID_LEN 31
997 #define MOP_AES_CFB_ALG_ID \
998  0x30, MOP_AES_CFB_OID_LEN + 18, \
999  MOP_AES_CFB_OID, \
1000  0x04, 0x10, \
1001  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
1002  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1003 #define MOP_AES_CFB_OID_LAST_BYTE_OFFSET 12
1004 #define MOP_AES_CFB_INIT_VECTOR_OFFSET 15
1005 #define MOP_AES_CFB_128_BYTE 0x04
1006 #define MOP_AES_CFB_192_BYTE 0x18
1007 #define MOP_AES_CFB_256_BYTE 0x2C
1008 
1009 /* The AES-ECB AlgId is
1010  * 30 len
1011  * OID,
1012  * NULL
1013  *
1014  * where the OID is either AES-ECB 128, AES-ECB 192, or AES-ECB 256.
1015  */
1016 #define MOP_AES_ECB_OID_LEN 11
1017 #define MOP_AES_ECB_OID \
1018  0x06, 0x09, \
1019  0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x29
1020 #define MOP_AES_ECB_ALG_ID_LEN 15
1021 #define MOP_AES_ECB_ALG_ID \
1022  0x30, MOP_AES_ECB_OID_LEN + 2, \
1023  MOP_AES_ECB_OID, \
1024  0x05, 0x00
1025 #define MOP_AES_ECB_OID_LAST_BYTE_OFFSET 12
1026 #define MOP_AES_ECB_128_BYTE 0x01
1027 #define MOP_AES_ECB_192_BYTE 0x15
1028 #define MOP_AES_ECB_256_BYTE 0x29
1029 
1030 #define MOP_AES_GCM_DEFAULT_TAG_LEN 12
1031 #define MOP_AES_GCM_OID_LEN 11
1032 #define MOP_AES_GCM_OID \
1033  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2E
1034 #define MOP_AES_GCM_128_BYTE 0x06
1035 #define MOP_AES_GCM_192_BYTE 0x1A
1036 #define MOP_AES_GCM_256_BYTE 0x2E
1037 
1038 #define MOP_AES_CCM_OID_LEN 11
1039 #define MOP_AES_CCM_OID \
1040  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x07
1041 #define MOP_AES_CCM_128_BYTE 0x07
1042 #define MOP_AES_CCM_192_BYTE 0x1B
1043 #define MOP_AES_CCM_256_BYTE 0x2F
1044 
1045 #define MOP_AES_KEY_WRAP_OID_LEN 11
1046 #define MOP_AES_KEY_WRAP_OID \
1047  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x05
1048 #define MOP_AES_KEY_WRAP_128_BYTE 0x05
1049 #define MOP_AES_KEY_WRAP_192_BYTE 0x19
1050 #define MOP_AES_KEY_WRAP_256_BYTE 0x2D
1051 
1052 #define MOP_AES_KEY_WRAP_PAD_OID_LEN 11
1053 #define MOP_AES_KEY_WRAP_PAD_OID \
1054  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x08
1055 #define MOP_AES_KEY_WRAP_PAD_128_BYTE 0x08
1056 #define MOP_AES_KEY_WRAP_PAD_192_BYTE 0x1C
1057 #define MOP_AES_KEY_WRAP_PAD_256_BYTE 0x30
1058 
1059 #define MOP_TDES_CBC_PAD_OID_LEN 10
1060 #define MOP_TDES_CBC_PAD_OID \
1061  0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07
1062 
1063 #define MOP_DES_CBC_PAD_OID_LEN 7
1064 #define MOP_DES_CBC_PAD_OID \
1065  0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x07
1066 
1067 #define MOP_BLOWFISH_ECB_OID_LEN 11
1068 #define MOP_BLOWFISH_ECB_OID \
1069  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x01
1070 
1071 #define MOP_BLOWFISH_CBC_OID_LEN 11
1072 #define MOP_BLOWFISH_CBC_OID \
1073  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x02
1074 
1075 #define MOP_CAST128_CBC_OID_LEN 11
1076 #define MOP_CAST128_CBC_OID \
1077  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF6, 0x7D, 0x07, 0x42, 0x0A
1078 
1079 #define MOP_CHACHA_20_POLY_1305_AEAD_OID_LEN 13
1080 #define MOP_CHACHA_20_POLY_1305_AEAD_OID \
1081  0x06, 0x0B, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x03, 0x12
1082 
1083 /* RSA encryption: There are two OIDs, one for P1.5 and the other for OAEP. They
1084  * are actually the same thing except for the last byte.
1085  */
1086 #define MOP_RSA_P1_ENC_OID_LEN 11
1087 #define MOP_RSA_P1_ENC_OID \
1088  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01
1089 #define MOP_RSA_P1_ENC_ALG_ID_LEN MOP_RSA_P1_ENC_OID_LEN + 4
1090 #define MOP_RSA_P1_ENC_ALG_ID \
1091  0x30, MOP_RSA_P1_ENC_OID_LEN + 2, \
1092  MOP_RSA_P1_ENC_OID, \
1093  0x05, 0x00
1094 #define MOP_RSA_P1_OID_LAST_BYTE_OFFSET MOP_RSA_P1_ENC_OID_LEN + 1
1095 #define MOP_RSA_P1_PARAMS_TAG_OFFSET MOP_RSA_P1_ENC_OID_LEN + 2
1096 #define MOP_RSA_P1_5_BYTE 1
1097 #define MOP_RSA_OAEP_BYTE 7
1098 #define MOP_RSA_PARAMS_TAG_NULL 5
1099 #define MOP_RSA_PARAMS_TAG_NO_PARAMS 0x30
1100 
1101 #define MOP_RSA_TAP_OID_LEN 11
1102 #define MOP_RSA_TAP_OID \
1103  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x01
1104 #define MOP_RSA_TAP_ALG_ID_LEN MOP_RSA_TAP_OID_LEN + 4
1105 #define MOP_RSA_TAP_ALG_ID \
1106  0x30, MOP_RSA_TAP_OID_LEN + 2, \
1107  MOP_RSA_TAP_OID, \
1108  0x05, 0x00
1109 
1110 /* TAP password protected keys will have an OID with last byte
1111  * masked by the 3rd bit from the left, ie 0x20,
1112  * compared to that alg's oid. The index is the last byte withing
1113  * the alg, id, so 3rd to last byte or index 12.
1114  */
1115 #define MOP_TAP_PW_MASK 0x20
1116 #define MOP_TAP_PW_OID_INDEX 12
1117 
1118 /* RSA signing. There are two OIDs, SHA-x with RSA and RSA-PSS. They differ in
1119  * only the last byte.
1120  */
1121 #define MOP_RSA_SHA1_P1_OID_LEN 11
1122 #define MOP_RSA_SHA1_P1_OID \
1123  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05
1124 #define MOP_RSA_SHA1_P1_ALG_ID_LEN MOP_RSA_SHA1_P1_OID_LEN + 4
1125 #define MOP_RSA_SHA1_P1_ALG_ID \
1126  0x30, MOP_RSA_SHA1_P1_OID_LEN + 2, \
1127  MOP_RSA_SHA1_P1_OID, \
1128  0x05, 0x00
1129 #define MOP_RSA_SHA_P1_OID_LAST_BYTE_OFFSET 12
1130 #define MOP_RSA_SHA1_BYTE 5
1131 #define MOP_RSA_SHA224_BYTE 14
1132 #define MOP_RSA_SHA256_BYTE 11
1133 #define MOP_RSA_SHA384_BYTE 12
1134 #define MOP_RSA_SHA512_BYTE 13
1135 #define MOP_RSA_PSS_BYTE 10
1136 #define MOP_RSA_MD2_BYTE 2
1137 #define MOP_RSA_MD5_BYTE 4
1138 
1139 #define MOP_RSA_PSS_OID_LEN 11
1140 #define MOP_RSA_PSS_OID \
1141  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A
1142 
1143 #define MOP_RSA_PSS_ALG_ID_LEN MOP_RSA_PSS_OID_LEN + 2
1144 #define MOP_RSA_PSS_ALG_ID \
1145  0x30, MOP_RSA_PSS_OID_LEN, \
1146  MOP_RSA_PSS_OID
1147 
1148 #define MOP_PSOURCE_SPECIFIED_OID_LEN 11
1149 #define MOP_PSOURCE_SPECIFIED_OID \
1150  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x09
1151 
1152 #define MOP_MGF1_OID_LEN 11
1153 #define MOP_MGF1_OID \
1154  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08
1155 
1156 #define MOP_DH_OID_LEN 9
1157 #define MOP_DH_OID \
1158  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01
1159 
1160 #define MOP_DSA_OID_LEN 9
1161 #define MOP_DSA_OID \
1162  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01
1163 
1164 #define MOP_DSA_SHA1_ALG_ID_LEN 11
1165 #define MOP_DSA_SHA1_ALG_ID \
1166  0x30, 0x09, \
1167  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x03
1168 #define MOP_DSA_SHA1_BYTE 3
1169 
1170 #define MOP_DSA_SHA224_ALG_ID_LEN 13
1171 #define MOP_DSA_SHA224_ALG_ID \
1172  0x30, 0x0B, \
1173  0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x01
1174 #define MOP_DSA_SHA224_BYTE 1
1175 #define MOP_DSA_SHA256_BYTE 2
1176 
1177 #define MOP_ECDSA_SHA1_ALG_ID_LEN 11
1178 #define MOP_ECDSA_SHA1_ALG_ID \
1179  0x30, 0x09, \
1180  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x01
1181 #define MOP_ECDSA_SHA1_BYTE 1
1182 
1183 #define MOP_ECDSA_SHA224_ALG_ID_LEN 12
1184 #define MOP_ECDSA_SHA224_ALG_ID \
1185  0x30, 0x0A, \
1186  0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x01
1187 #define MOP_ECDSA_SHA224_BYTE 1
1188 #define MOP_ECDSA_SHA256_BYTE 2
1189 #define MOP_ECDSA_SHA384_BYTE 3
1190 #define MOP_ECDSA_SHA512_BYTE 4
1191 
1192 #define MOP_ECC_KEY_OID_LEN 9
1193 #define MOP_ECC_KEY_OID \
1194  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01
1195 
1196 /* This is the curve OID for P192.
1197  * Change the last byte and it is P256.
1198  */
1199 #define MOP_ECC_CURVE_P192_OID_LEN 10
1200 #define MOP_ECC_CURVE_P192_OID \
1201  0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01
1202 #define MOP_ECC_CURVE_P192_BYTE 1
1203 #define MOP_ECC_CURVE_P256_BYTE 7
1204 
1205 /* This is the curve OID for P224.
1206  * Change the last byte and it is P384 or P521.
1207  */
1208 #define MOP_ECC_CURVE_P224_OID_LEN 7
1209 #define MOP_ECC_CURVE_P224_OID \
1210  0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x21
1211 #define MOP_ECC_CURVE_P224_BYTE 0x21
1212 #define MOP_ECC_CURVE_P384_BYTE 0x22
1213 #define MOP_ECC_CURVE_P521_BYTE 0x23
1214 
1215 /* This is the curve OID for EDDH 25519.
1216  * Change the last byte and it is EDDH 448 or EDDSA 25519/448.
1217  */
1218 #define MOP_ECC_CURVE_EDDH_25519_OID_LEN 5
1219 #define MOP_ECC_CURVE_EDDH_25519_OID \
1220  0x06, 0x03, 0x2B, 0x65, 0x6E
1221 #define MOP_ECC_CURVE_EDDH_448_BYTE 0x6F
1222 #define MOP_ECC_CURVE_EDDSA_25519_BYTE 0x70
1223 #define MOP_ECC_CURVE_EDDSA_448_BYTE 0x71
1224 
1225 #define MOP_MAX_ECC_CURVE_OID_LEN MOP_ECC_CURVE_P192_OID_LEN
1226 
1227 /* This is the OID for ANSI X9.62 field type prime */
1228 #define MOP_ECC_FIELD_TYPE_PRIME_OID_LEN 9
1229 #define MOP_ECC_FIELD_TYPE_PRIME_OID \
1230  0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x01, 0x01
1231 
1232 #define MOP_TPM_12_RSA_KEY_OID_LEN 12
1233 #define MOP_TPM_12_RSA_KEY_OID \
1234  0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x12, 0x01, 0x01
1235 #define MOP_TPM_12_RSA_KEY_ALG_ID_LEN MOP_TPM_12_RSA_KEY_OID_LEN + 4
1236 #define MOP_TPM_12_RSA_KEY_ALG_ID \
1237  0x30, MOP_TPM_12_RSA_KEY_OID_LEN + 2, \
1238  MOP_TPM_12_RSA_KEY_OID, \
1239  0x05, 0x00
1240 
1241 #define MOP_RSA_TAP_KEY_OID_LEN 12
1242 #define MOP_RSA_TAP_KEY_OID \
1243  0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x12, 0x01, 0x01
1244 #define MOP_RSA_TAP_KEY_ALG_ID_LEN MOP_RSA_TAP_KEY_OID_LEN + 4
1245 #define MOP_RSA_TAP_KEY_ALG_ID \
1246  0x30, MOP_RSA_TAP_KEY_OID_LEN + 2, \
1247  MOP_RSA_TAP_KEY_OID, \
1248  0x05, 0x00
1249 
1250 #define MOP_ECC_TAP_KEY_OID_LEN 11
1251 #define MOP_ECC_TAP_KEY_OID \
1252  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x02
1253 #define MOP_ECC_TAP_KEY_ALG_ID_LEN MOP_ECC_TAP_KEY_OID_LEN + 4
1254 #define MOP_ECC_TAP_KEY_ALG_ID \
1255  0x30, MOP_ECC_TAP_KEY_OID_LEN + 2, \
1256  MOP_ECC_TAP_KEY_OID, \
1257  0x05, 0x00
1258 
1259 #define MOP_AES_TAP_KEY_OID_LEN 11
1260 #define MOP_AES_TAP_KEY_OID \
1261  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x04
1262 #define MOP_AES_TAP_KEY_ALG_ID_LEN MOP_AES_TAP_KEY_OID_LEN + 4
1263 #define MOP_AES_TAP_KEY_ALG_ID \
1264  0x30, MOP_AES_TAP_KEY_OID_LEN + 2, \
1265  MOP_AES_TAP_KEY_OID, \
1266  0x05, 0x00
1267 
1268 #define MOP_AES_ECB_TAP_KEY_OID_LEN 11
1269 #define MOP_AES_ECB_TAP_KEY_OID \
1270  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x05
1271 #define MOP_AES_ECB_TAP_KEY_ALG_ID_LEN MOP_AES_ECB_TAP_KEY_OID_LEN + 4
1272 #define MOP_AES_ECB_TAP_KEY_ALG_ID \
1273  0x30, MOP_AES_ECB_TAP_KEY_OID_LEN + 2, \
1274  MOP_AES_ECB_TAP_KEY_OID, \
1275  0x05, 0x00
1276 
1277 #define MOP_AES_CBC_TAP_KEY_OID_LEN 11
1278 #define MOP_AES_CBC_TAP_KEY_OID \
1279  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x06
1280 #define MOP_AES_CBC_TAP_KEY_ALG_ID_LEN MOP_AES_CBC_TAP_KEY_OID_LEN + 4
1281 #define MOP_AES_CBC_TAP_KEY_ALG_ID \
1282  0x30, MOP_AES_CBC_TAP_KEY_OID_LEN + 2, \
1283  MOP_AES_CBC_TAP_KEY_OID, \
1284  0x05, 0x00
1285 
1286 #define MOP_AES_CFB_TAP_KEY_OID_LEN 11
1287 #define MOP_AES_CFB_TAP_KEY_OID \
1288  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x07
1289 #define MOP_AES_CFB_TAP_KEY_ALG_ID_LEN MOP_AES_CFB_TAP_KEY_OID_LEN + 4
1290 #define MOP_AES_CFB_TAP_KEY_ALG_ID \
1291  0x30, MOP_AES_CFB_TAP_KEY_OID_LEN + 2, \
1292  MOP_AES_CFB_TAP_KEY_OID, \
1293  0x05, 0x00
1294 
1295 #define MOP_AES_OFB_TAP_KEY_OID_LEN 11
1296 #define MOP_AES_OFB_TAP_KEY_OID \
1297  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x08
1298 #define MOP_AES_OFB_TAP_KEY_ALG_ID_LEN MOP_AES_OFB_TAP_KEY_OID_LEN + 4
1299 #define MOP_AES_OFB_TAP_KEY_ALG_ID \
1300  0x30, MOP_AES_OFB_TAP_KEY_OID_LEN + 2, \
1301  MOP_AES_OFB_TAP_KEY_OID, \
1302  0x05, 0x00
1303 
1304 #define MOP_AES_CTR_TAP_KEY_OID_LEN 11
1305 #define MOP_AES_CTR_TAP_KEY_OID \
1306  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x09
1307 #define MOP_AES_CTR_TAP_KEY_ALG_ID_LEN MOP_AES_CTR_TAP_KEY_OID_LEN + 4
1308 #define MOP_AES_CTR_TAP_KEY_ALG_ID \
1309  0x30, MOP_AES_CTR_TAP_KEY_OID_LEN + 2, \
1310  MOP_AES_CTR_TAP_KEY_OID, \
1311  0x05, 0x00
1312 
1313 #define MOP_AES_GCM_TAP_KEY_OID_LEN 11
1314 #define MOP_AES_GCM_TAP_KEY_OID \
1315  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0a
1316 #define MOP_AES_GCM_TAP_KEY_ALG_ID_LEN MOP_AES_GCM_TAP_KEY_OID_LEN + 4
1317 #define MOP_AES_GCM_TAP_KEY_ALG_ID \
1318  0x30, MOP_AES_GCM_TAP_KEY_OID_LEN + 2, \
1319  MOP_AES_GCM_TAP_KEY_OID, \
1320  0x05, 0x00
1321 
1322 #define MOP_DES_TAP_KEY_OID_LEN 11
1323 #define MOP_DES_TAP_KEY_OID \
1324  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0b
1325 #define MOP_DES_TAP_KEY_ALG_ID_LEN MOP_DES_TAP_KEY_OID_LEN + 4
1326 #define MOP_DES_TAP_KEY_ALG_ID \
1327  0x30, MOP_DES_TAP_KEY_OID_LEN + 2, \
1328  MOP_DES_TAP_KEY_OID, \
1329  0x05, 0x00
1330 
1331 #define MOP_DES_ECB_TAP_KEY_OID_LEN 11
1332 #define MOP_DES_ECB_TAP_KEY_OID \
1333  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0c
1334 #define MOP_DES_ECB_TAP_KEY_ALG_ID_LEN MOP_DES_ECB_TAP_KEY_OID_LEN + 4
1335 #define MOP_DES_ECB_TAP_KEY_ALG_ID \
1336  0x30, MOP_DES_ECB_TAP_KEY_OID_LEN + 2, \
1337  MOP_DES_ECB_TAP_KEY_OID, \
1338  0x05, 0x00
1339 
1340 #define MOP_DES_CBC_TAP_KEY_OID_LEN 11
1341 #define MOP_DES_CBC_TAP_KEY_OID \
1342  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0d
1343 #define MOP_DES_CBC_TAP_KEY_ALG_ID_LEN MOP_DES_CBC_TAP_KEY_OID_LEN + 4
1344 #define MOP_DES_CBC_TAP_KEY_ALG_ID \
1345  0x30, MOP_DES_CBC_TAP_KEY_OID_LEN + 2, \
1346  MOP_DES_CBC_TAP_KEY_OID, \
1347  0x05, 0x00
1348 
1349 #define MOP_TDES_TAP_KEY_OID_LEN 11
1350 #define MOP_TDES_TAP_KEY_OID \
1351  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0e
1352 #define MOP_TDES_TAP_KEY_ALG_ID_LEN MOP_TDES_TAP_KEY_OID_LEN + 4
1353 #define MOP_TDES_TAP_KEY_ALG_ID \
1354  0x30, MOP_TDES_TAP_KEY_OID_LEN + 2, \
1355  MOP_TDES_TAP_KEY_OID, \
1356  0x05, 0x00
1357 
1358 #define MOP_TDES_ECB_TAP_KEY_OID_LEN 11
1359 #define MOP_TDES_ECB_TAP_KEY_OID \
1360  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x0f
1361 #define MOP_TDES_ECB_TAP_KEY_ALG_ID_LEN MOP_TDES_ECB_TAP_KEY_OID_LEN + 4
1362 #define MOP_TDES_ECB_TAP_KEY_ALG_ID \
1363  0x30, MOP_TDES_ECB_TAP_KEY_OID_LEN + 2, \
1364  MOP_TDES_ECB_TAP_KEY_OID, \
1365  0x05, 0x00
1366 
1367 #define MOP_TDES_CBC_TAP_KEY_OID_LEN 11
1368 #define MOP_TDES_CBC_TAP_KEY_OID \
1369  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x10
1370 #define MOP_TDES_CBC_TAP_KEY_ALG_ID_LEN MOP_TDES_CBC_TAP_KEY_OID_LEN + 4
1371 #define MOP_TDES_CBC_TAP_KEY_ALG_ID \
1372  0x30, MOP_TDES_CBC_TAP_KEY_OID_LEN + 2, \
1373  MOP_TDES_CBC_TAP_KEY_OID, \
1374  0x05, 0x00
1375 
1376 #define MOP_HMAC_TAP_KEY_OID_LEN 11
1377 #define MOP_HMAC_TAP_KEY_OID \
1378  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x11
1379 #define MOP_HMAC_TAP_KEY_ALG_ID_LEN MOP_HMAC_TAP_KEY_OID_LEN + 4
1380 #define MOP_HMAC_TAP_KEY_ALG_ID \
1381  0x30, MOP_HMAC_TAP_KEY_OID_LEN + 2, \
1382  MOP_HMAC_TAP_KEY_OID, \
1383  0x05, 0x00
1384 
1385 #define MOP_SECURE_STORAGE_KEY_OID_LEN 11
1386 #define MOP_SECURE_STORAGE_KEY_OID \
1387  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xF0, 0x55, 0x13, 0x1F
1388 #define MOP_SECURE_STORAGE_KEY_ALG_ID_LEN MOP_SECURE_STORAGE_KEY_OID_LEN + 4
1389 #define MOP_SECURE_STORAGE_KEY_ALG_ID \
1390  0x30, MOP_SECURE_STORAGE_KEY_OID_LEN + 2, \
1391  MOP_SECURE_STORAGE_KEY_OID, \
1392  0x05, 0x00
1393 
1394 #define MOP_COUNTRY_NAME_OID_LEN 5
1395 #define MOP_COUNTRY_NAME_OID \
1396  0x06, 0x03, 0x55, 0x04, 0x06
1397 
1398 #define MOP_STATE_PROVINCE_NAME_OID_LEN 5
1399 #define MOP_STATE_PROVINCE_NAME_OID \
1400  0x06, 0x03, 0x55, 0x04, 0x08
1401 
1402 #define MOP_LOCALITY_NAME_OID_LEN 5
1403 #define MOP_LOCALITY_NAME_OID \
1404  0x06, 0x03, 0x55, 0x04, 0x07
1405 
1406 #define MOP_COMMON_NAME_OID_LEN 5
1407 #define MOP_COMMON_NAME_OID \
1408  0x06, 0x03, 0x55, 0x04, 0x03
1409 
1410 #define MOP_ORGANIZATION_NAME_OID_LEN 5
1411 #define MOP_ORGANIZATION_NAME_OID \
1412  0x06, 0x03, 0x55, 0x04, 0x0A
1413 
1414 #define MOP_ORGANIZATIONAL_UNIT_NAME_OID_LEN 5
1415 #define MOP_ORGANIZATIONAL_UNIT_NAME_OID \
1416  0x06, 0x03, 0x55, 0x04, 0x0B
1417 
1418 #define MOP_STREET_ADDRESS_NAME_OID_LEN 5
1419 #define MOP_STREET_ADDRESS_NAME_OID \
1420  0x06, 0x03, 0x55, 0x04, 0x09
1421 
1422 #define MOP_BUSINESS_CATEGORY_NAME_OID_LEN 5
1423 #define MOP_BUSINESS_CATEGORY_NAME_OID \
1424  0x06, 0x03, 0x55, 0x04, 0x0F
1425 
1426 #define MOP_POSTAL_CODE_NAME_OID_LEN 5
1427 #define MOP_POSTAL_CODE_NAME_OID \
1428  0x06, 0x03, 0x55, 0x04, 0x11
1429 
1430 #define MOP_SERIAL_NUMBER_NAME_OID_LEN 5
1431 #define MOP_SERIAL_NUMBER_NAME_OID \
1432  0x06, 0x03, 0x55, 0x04, 0x05
1433 
1434 #define MOP_EMAIL_ADDRESS_NAME_OID_LEN 11
1435 #define MOP_EMAIL_ADDRESS_NAME_OID \
1436  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01
1437 
1438 #define MOP_PKCS9_UNSTRUCTURED_NAME_OID_LEN 11
1439 #define MOP_PKCS9_UNSTRUCTURED_NAME_OID \
1440  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x02
1441 
1442 #define MOP_USER_ID_NAME_OID_LEN 12
1443 #define MOP_USER_ID_NAME_OID \
1444  0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01
1445 
1446 #define MOP_DOMAIN_COMPNENT_NAME_OID_LEN 12
1447 #define MOP_DOMAIN_COMPNENT_NAME_OID \
1448  0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19
1449 
1450 #define MOP_JI_LOCALITY_NAME_OID_LEN 13
1451 #define MOP_JI_LOCALITY_NAME_OID \
1452  0x06, 0x0B, 0x2B, 0x06, 0x01, 0x04, \
1453  0x01, 0x82, 0x37, 0x3C, 0x02, 0x01, 0x01
1454 
1455 #define MOP_JI_STATE_PROVINCE_NAME_OID_LEN 13
1456 #define MOP_JI_STATE_PROVINCE_NAME_OID \
1457  0x06, 0x0B, 0x2B, 0x06, 0x01, 0x04, \
1458  0x01, 0x82, 0x37, 0x3C, 0x02, 0x01, 0x02
1459 
1460 #define MOP_JI_COUNTRY_NAME_OID_LEN 13
1461 #define MOP_JI_COUNTRY_NAME_OID \
1462  0x06, 0x0B, 0x2B, 0x06, 0x01, 0x04, \
1463  0x01, 0x82, 0x37, 0x3C, 0x02, 0x01, 0x03
1464 
1465 #define MOP_BASIC_CONSTRAINTS_OID_LEN 5
1466 #define MOP_BASIC_CONSTRAINTS_OID \
1467  0x06, 0x03, 0x55, 0x1D, 0x13
1468 
1469 #define MOP_KEY_USAGE_OID_LEN 5
1470 #define MOP_KEY_USAGE_OID \
1471  0x06, 0x03, 0x55, 0x1D, 0x0F
1472 
1473 #define MOP_AUTH_KEY_ID_OID_LEN 5
1474 #define MOP_AUTH_KEY_ID_OID \
1475  0x06, 0x03, 0x55, 0x1D, 0x23
1476 
1477 #define MOP_SUBJECT_KEY_ID_OID_LEN 5
1478 #define MOP_SUBJECT_KEY_ID_OID \
1479  0x06, 0x03, 0x55, 0x1D, 0x0E
1480 
1481 #define MOP_CERT_TEMPLATE_NAME_OID_LEN 11
1482 #define MOP_CERT_TEMPLATE_NAME_OID \
1483  0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02
1484 
1485 #define MOP_EXT_REQ_OID_LEN 11
1486 #define MOP_EXT_REQ_OID \
1487  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E
1488 
1489 #define MOP_CHALLENGE_PASS_OID_LEN 11
1490 #define MOP_CHALLENGE_PASS_OID \
1491  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07
1492 
1493 #define MOP_CONTENT_TYPE_ATTR_OID_LEN 11
1494 #define MOP_CONTENT_TYPE_ATTR_OID \
1495  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x03
1496 
1497 #define MOP_DIGEST_ATTR_OID_LEN 11
1498 #define MOP_DIGEST_ATTR_OID \
1499  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x04
1500 
1501 #define MOP_SIGN_TIME_ATTR_OID_LEN 11
1502 #define MOP_SIGN_TIME_ATTR_OID \
1503  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x05
1504 
1505 #define MOP_CMS_DATA_OID_LEN 11
1506 #define MOP_CMS_DATA_OID \
1507  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01
1508 #define MOP_CMS_DATA_OID_LAST_BYTE 0x01
1509 
1510 #define MOP_CMS_SIGNED_DATA_OID_LEN 11
1511 #define MOP_CMS_SIGNED_DATA_OID \
1512  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02
1513 #define MOP_CMS_SIGNED_DATA_OID_LAST_BYTE 0x02
1514 
1515 #define MOP_CMS_ENV_DATA_OID_LEN 11
1516 #define MOP_CMS_ENV_DATA_OID \
1517  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03
1518 #define MOP_CMS_ENV_DATA_OID_LAST_BYTE 0x03
1519 
1520 #define MOP_P7_SIG_ENV_DATA_OID_LEN 11
1521 #define MOP_P7_SIG_ENV_DATA_OID \
1522  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04
1523 #define MOP_CMS_SIG_ENV_DATA_OID_LAST_BYTE 0x04
1524 
1525 #define MOP_CMS_DIG_DATA_OID_LEN 11
1526 #define MOP_CMS_DIG_DATA_OID \
1527  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05
1528 #define MOP_CMS_DIG_DATA_OID_LASTBYTE 0x05
1529 
1530 #define MOP_CMS_ENC_DATA_OID_LEN 11
1531 #define MOP_CMS_ENC_DATA_OID \
1532  0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06
1533 #define MOP_CMS_ENC_DATA_OID_LAST_BYTE 0x06
1534 
1535 #define MOP_CMS_AUTH_DATA_OID_LEN 13
1536 #define MOP_CMS_AUTH_DATA_OID \
1537  0x06, 0x0B, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x02
1538 
1539 /* The max of all CMS/PKCS 7 message type OIDs is there so someone can just use a
1540  * ubyte[size] as opposed to allocateing memory.,
1541  */
1542 #define MOC_CMS_MAX_TYPE_OID_LEN MOP_CMS_AUTH_DATA_OID_LEN
1543 
1544 #ifdef __cplusplus
1545 }
1546 #endif
1547 
1548 #endif