1/*
2 * Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20   File:      MDSAttrStrings.cpp
21
22   Contains:  Static tables to map attribute names to numeric values.
23
24   Copyright (c) 2001,2011-2012,2014 Apple Inc. All Rights Reserved.
25*/
26
27#include "MDSAttrStrings.h"
28#include "MDSAttrUtils.h"
29#include <Security/cssmapple.h>
30#include <Security/mds_schema.h>
31#include <Security/cssmkrapi.h> 	// CSSM_KR_POLICY_TYPE
32#include <ctype.h>			// isDigit
33#include <strings.h>		// strcmp
34#include <stdlib.h>			// atoi
35
36namespace Security
37{
38
39/* declare one entry in a table of MDSNameValuePairs */
40#define MNVP(attr)		{attr, #attr}
41
42/* the NULL entry which terminates all MDSNameValuePair tables */
43#define MNVP_END		{0, NULL}
44
45/***
46 *** common attributes
47 ***/
48
49/* CSSM_SERVICE_MASK */
50const MDSNameValuePair MDSServiceNames[] =
51{
52	MNVP(CSSM_SERVICE_CSSM),
53	MNVP(CSSM_SERVICE_CSP),
54	MNVP(CSSM_SERVICE_DL),
55	MNVP(CSSM_SERVICE_CL),
56	MNVP(CSSM_SERVICE_TP),
57	MNVP(CSSM_SERVICE_AC),
58	MNVP(CSSM_SERVICE_KR),
59	MNVP_END
60};
61
62/* CSSM_ACL_SUBJECT_TYPE */
63const MDSNameValuePair MDSAclSubjectTypeNames[] =
64{
65	MNVP(CSSM_ACL_SUBJECT_TYPE_ANY),
66	MNVP(CSSM_ACL_SUBJECT_TYPE_THRESHOLD),
67	MNVP(CSSM_ACL_SUBJECT_TYPE_PASSWORD),
68	MNVP(CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD),
69	MNVP(CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD),
70	MNVP(CSSM_ACL_SUBJECT_TYPE_PUBLIC_KEY),
71	MNVP(CSSM_ACL_SUBJECT_TYPE_HASHED_SUBJECT),
72	MNVP(CSSM_ACL_SUBJECT_TYPE_BIOMETRIC),
73	MNVP(CSSM_ACL_SUBJECT_TYPE_PROTECTED_BIOMETRIC),
74	MNVP(CSSM_ACL_SUBJECT_TYPE_PROMPTED_BIOMETRIC),
75	MNVP(CSSM_ACL_SUBJECT_TYPE_LOGIN_NAME),
76	MNVP(CSSM_ACL_SUBJECT_TYPE_EXT_PAM_NAME),
77	/* from cssmapple.h */
78	MNVP(CSSM_ACL_SUBJECT_TYPE_KEYCHAIN_PROMPT),
79	MNVP(CSSM_ACL_SUBJECT_TYPE_PROCESS),
80	MNVP(CSSM_ACL_SUBJECT_TYPE_CODE_SIGNATURE),
81	MNVP(CSSM_ACL_SUBJECT_TYPE_COMMENT),
82	MNVP_END
83};
84
85/* CSSM_ACL_AUTHORIZATION_TAG */
86const MDSNameValuePair MDSAclAuthTagNames[] =
87{
88	MNVP(CSSM_ACL_AUTHORIZATION_ANY),
89	MNVP(CSSM_ACL_AUTHORIZATION_LOGIN),
90	MNVP(CSSM_ACL_AUTHORIZATION_GENKEY),
91	MNVP(CSSM_ACL_AUTHORIZATION_DELETE),
92	MNVP(CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED),
93	MNVP(CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR),
94	MNVP(CSSM_ACL_AUTHORIZATION_IMPORT_WRAPPED),
95	MNVP(CSSM_ACL_AUTHORIZATION_IMPORT_CLEAR),
96	MNVP(CSSM_ACL_AUTHORIZATION_SIGN),
97	MNVP(CSSM_ACL_AUTHORIZATION_ENCRYPT),
98	MNVP(CSSM_ACL_AUTHORIZATION_DECRYPT),
99	MNVP(CSSM_ACL_AUTHORIZATION_MAC),
100	MNVP(CSSM_ACL_AUTHORIZATION_DERIVE),
101	MNVP(CSSM_ACL_AUTHORIZATION_DBS_CREATE),
102	MNVP(CSSM_ACL_AUTHORIZATION_DBS_DELETE),
103	MNVP(CSSM_ACL_AUTHORIZATION_DB_READ),
104	MNVP(CSSM_ACL_AUTHORIZATION_DB_INSERT),
105	MNVP(CSSM_ACL_AUTHORIZATION_DB_MODIFY),
106	MNVP(CSSM_ACL_AUTHORIZATION_DB_DELETE),
107	/* from cssmapple.h */
108	MNVP(CSSM_ACL_AUTHORIZATION_CHANGE_ACL),
109	MNVP(CSSM_ACL_AUTHORIZATION_CHANGE_OWNER),
110	MNVP_END
111};
112
113/***
114 *** CSP attributes
115 ***/
116
117/* CSSM_CONTEXT_TYPE */
118const MDSNameValuePair MDSContextTypeNames[] =
119{
120	MNVP(CSSM_ALGCLASS_NONE),
121	MNVP(CSSM_ALGCLASS_CUSTOM),
122	MNVP(CSSM_ALGCLASS_SIGNATURE),
123	MNVP(CSSM_ALGCLASS_SYMMETRIC),
124	MNVP(CSSM_ALGCLASS_DIGEST),
125	MNVP(CSSM_ALGCLASS_RANDOMGEN),
126	MNVP(CSSM_ALGCLASS_UNIQUEGEN),
127	MNVP(CSSM_ALGCLASS_MAC),
128	MNVP(CSSM_ALGCLASS_ASYMMETRIC),
129	MNVP(CSSM_ALGCLASS_KEYGEN),
130	MNVP(CSSM_ALGCLASS_DERIVEKEY),
131	MNVP(CSSM_ALGCLASS_NONE),
132	MNVP_END
133};
134
135/* CSSM_ATTRIBUTE_TYPE */
136const MDSNameValuePair MDSAttributeTypeNames[] =
137{
138	MNVP(CSSM_ATTRIBUTE_NONE),
139	MNVP(CSSM_ATTRIBUTE_CUSTOM),
140	MNVP(CSSM_ATTRIBUTE_DESCRIPTION),
141	MNVP(CSSM_ATTRIBUTE_KEY),
142	MNVP(CSSM_ATTRIBUTE_INIT_VECTOR),
143	MNVP(CSSM_ATTRIBUTE_SALT),
144	MNVP(CSSM_ATTRIBUTE_PADDING),
145	MNVP(CSSM_ATTRIBUTE_RANDOM),
146	MNVP(CSSM_ATTRIBUTE_SEED),
147	MNVP(CSSM_ATTRIBUTE_PASSPHRASE),
148	MNVP(CSSM_ATTRIBUTE_KEY_LENGTH),
149	MNVP(CSSM_ATTRIBUTE_KEY_LENGTH_RANGE),
150	MNVP(CSSM_ATTRIBUTE_BLOCK_SIZE),
151	MNVP(CSSM_ATTRIBUTE_OUTPUT_SIZE),
152	MNVP(CSSM_ATTRIBUTE_ROUNDS),
153	MNVP(CSSM_ATTRIBUTE_IV_SIZE),
154	MNVP(CSSM_ATTRIBUTE_ALG_PARAMS),
155	MNVP(CSSM_ATTRIBUTE_LABEL),
156	MNVP(CSSM_ATTRIBUTE_KEY_TYPE),
157	MNVP(CSSM_ATTRIBUTE_MODE),
158	MNVP(CSSM_ATTRIBUTE_EFFECTIVE_BITS),
159	MNVP(CSSM_ATTRIBUTE_START_DATE),
160	MNVP(CSSM_ATTRIBUTE_END_DATE),
161	MNVP(CSSM_ATTRIBUTE_KEYUSAGE),
162	MNVP(CSSM_ATTRIBUTE_KEYATTR),
163	MNVP(CSSM_ATTRIBUTE_VERSION),
164	MNVP(CSSM_ATTRIBUTE_PRIME),
165	MNVP(CSSM_ATTRIBUTE_SUBPRIME),
166	MNVP(CSSM_ATTRIBUTE_ALG_ID),
167	MNVP(CSSM_ATTRIBUTE_ITERATION_COUNT),
168	MNVP(CSSM_ATTRIBUTE_ROUNDS_RANGE),
169	MNVP(CSSM_ATTRIBUTE_KRPROFILE_LOCAL),
170	MNVP(CSSM_ATTRIBUTE_KRPROFILE_REMOTE),
171	MNVP(CSSM_ATTRIBUTE_CSP_HANDLE),
172	MNVP(CSSM_ATTRIBUTE_DL_DB_HANDLE),
173	MNVP(CSSM_ATTRIBUTE_ACCESS_CREDENTIALS),
174	MNVP(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT),
175	MNVP(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT),
176	MNVP(CSSM_ATTRIBUTE_SYMMETRIC_KEY_FORMAT),
177	MNVP(CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT),
178	MNVP_END
179};
180
181/* CSSM_PADDING */
182const MDSNameValuePair MDSPaddingNames[] =
183{
184	MNVP(CSSM_PADDING_NONE),
185	MNVP(CSSM_PADDING_CUSTOM),
186	MNVP(CSSM_PADDING_ZERO),
187	MNVP(CSSM_PADDING_ONE),
188	MNVP(CSSM_PADDING_ALTERNATE),
189	MNVP(CSSM_PADDING_FF),
190	MNVP(CSSM_PADDING_PKCS5),
191	MNVP(CSSM_PADDING_PKCS7),
192	MNVP(CSSM_PADDING_CIPHERSTEALING),
193	MNVP(CSSM_PADDING_RANDOM),
194	MNVP(CSSM_PADDING_PKCS1),
195	MNVP_END
196};
197
198/* CSSM_CSP_FLAGS */
199const MDSNameValuePair MDSCspFlagsNames[] =
200{
201	MNVP(CSSM_CSP_TOK_WRITE_PROTECTED),
202	MNVP(CSSM_CSP_TOK_LOGIN_REQUIRED),
203	MNVP(CSSM_CSP_TOK_USER_PIN_INITIALIZED),
204	MNVP(CSSM_CSP_TOK_PROT_AUTHENTICATION),
205	MNVP(CSSM_CSP_TOK_USER_PIN_EXPIRED),
206	MNVP(CSSM_CSP_TOK_SESSION_KEY_PASSWORD),
207	MNVP(CSSM_CSP_TOK_PRIVATE_KEY_PASSWORD),
208	MNVP(CSSM_CSP_STORES_PRIVATE_KEYS),
209	MNVP(CSSM_CSP_STORES_PUBLIC_KEYS),
210	MNVP(CSSM_CSP_STORES_SESSION_KEYS),
211	MNVP(CSSM_CSP_STORES_CERTIFICATES),
212	MNVP(CSSM_CSP_STORES_GENERIC),
213	MNVP_END
214};
215
216/* CSSM_ALGORITHMS */
217const MDSNameValuePair MDSAlgorithmNames[] =
218{
219	MNVP(CSSM_ALGID_NONE),
220	MNVP(CSSM_ALGID_CUSTOM),
221	MNVP(CSSM_ALGID_DH),
222	MNVP(CSSM_ALGID_PH),
223	MNVP(CSSM_ALGID_KEA),
224	MNVP(CSSM_ALGID_MD2),
225	MNVP(CSSM_ALGID_MD4),
226	MNVP(CSSM_ALGID_MD5),
227	MNVP(CSSM_ALGID_SHA1),
228	MNVP(CSSM_ALGID_NHASH),
229	MNVP(CSSM_ALGID_HAVAL),
230	MNVP(CSSM_ALGID_RIPEMD),
231	MNVP(CSSM_ALGID_IBCHASH),
232	MNVP(CSSM_ALGID_RIPEMAC),
233	MNVP(CSSM_ALGID_DES),
234	MNVP(CSSM_ALGID_DESX),
235	MNVP(CSSM_ALGID_RDES),
236	MNVP(CSSM_ALGID_3DES_3KEY_EDE),
237	MNVP(CSSM_ALGID_3DES_2KEY_EDE),
238	MNVP(CSSM_ALGID_3DES_1KEY_EEE),
239	MNVP(CSSM_ALGID_3DES_3KEY),
240	MNVP(CSSM_ALGID_3DES_3KEY_EEE),
241	MNVP(CSSM_ALGID_3DES_2KEY),
242	MNVP(CSSM_ALGID_3DES_2KEY_EEE),
243	MNVP(CSSM_ALGID_3DES_1KEY),
244	MNVP(CSSM_ALGID_IDEA),
245	MNVP(CSSM_ALGID_RC2),
246	MNVP(CSSM_ALGID_RC5),
247	MNVP(CSSM_ALGID_RC4),
248	MNVP(CSSM_ALGID_SEAL),
249	MNVP(CSSM_ALGID_CAST),
250	MNVP(CSSM_ALGID_BLOWFISH),
251	MNVP(CSSM_ALGID_SKIPJACK),
252	MNVP(CSSM_ALGID_LUCIFER),
253	MNVP(CSSM_ALGID_MADRYGA),
254	MNVP(CSSM_ALGID_FEAL),
255	MNVP(CSSM_ALGID_REDOC),
256	MNVP(CSSM_ALGID_REDOC3),
257	MNVP(CSSM_ALGID_LOKI),
258	MNVP(CSSM_ALGID_KHUFU),
259	MNVP(CSSM_ALGID_KHAFRE),
260	MNVP(CSSM_ALGID_MMB),
261	MNVP(CSSM_ALGID_GOST),
262	MNVP(CSSM_ALGID_SAFER),
263	MNVP(CSSM_ALGID_CRAB),
264	MNVP(CSSM_ALGID_RSA),
265	MNVP(CSSM_ALGID_DSA),
266	MNVP(CSSM_ALGID_MD5WithRSA),
267	MNVP(CSSM_ALGID_MD2WithRSA),
268	MNVP(CSSM_ALGID_ElGamal),
269	MNVP(CSSM_ALGID_MD2Random),
270	MNVP(CSSM_ALGID_MD5Random),
271	MNVP(CSSM_ALGID_SHARandom),
272	MNVP(CSSM_ALGID_DESRandom),
273	MNVP(CSSM_ALGID_SHA1WithRSA),
274	MNVP(CSSM_ALGID_CDMF),
275	MNVP(CSSM_ALGID_CAST3),
276	MNVP(CSSM_ALGID_CAST5),
277	MNVP(CSSM_ALGID_GenericSecret),
278	MNVP(CSSM_ALGID_ConcatBaseAndKey),
279	MNVP(CSSM_ALGID_ConcatKeyAndBase),
280	MNVP(CSSM_ALGID_ConcatBaseAndData),
281	MNVP(CSSM_ALGID_ConcatDataAndBase),
282	MNVP(CSSM_ALGID_XORBaseAndData),
283	MNVP(CSSM_ALGID_ExtractFromKey),
284	MNVP(CSSM_ALGID_SSL3PreMasterGen),
285	MNVP(CSSM_ALGID_SSL3MasterDerive),
286	MNVP(CSSM_ALGID_SSL3KeyAndMacDerive),
287	MNVP(CSSM_ALGID_SSL3MD5_MAC),
288	MNVP(CSSM_ALGID_SSL3SHA1_MAC),
289	MNVP(CSSM_ALGID_PKCS5_PBKDF1_MD5),
290	MNVP(CSSM_ALGID_PKCS5_PBKDF1_MD2),
291	MNVP(CSSM_ALGID_PKCS5_PBKDF1_SHA1),
292	MNVP(CSSM_ALGID_WrapLynks),
293	MNVP(CSSM_ALGID_WrapSET_OAEP),
294	MNVP(CSSM_ALGID_BATON),
295	MNVP(CSSM_ALGID_ECDSA),
296	MNVP(CSSM_ALGID_MAYFLY),
297	MNVP(CSSM_ALGID_JUNIPER),
298	MNVP(CSSM_ALGID_FASTHASH),
299	MNVP(CSSM_ALGID_3DES),
300	MNVP(CSSM_ALGID_SSL3MD5),
301	MNVP(CSSM_ALGID_SSL3SHA1),
302	MNVP(CSSM_ALGID_FortezzaTimestamp),
303	MNVP(CSSM_ALGID_SHA1WithDSA),
304	MNVP(CSSM_ALGID_SHA1WithECDSA),
305	MNVP(CSSM_ALGID_DSA_BSAFE),
306	MNVP(CSSM_ALGID_ECDH),
307	MNVP(CSSM_ALGID_ECMQV),
308	MNVP(CSSM_ALGID_PKCS12_SHA1_PBE),
309	MNVP(CSSM_ALGID_ECNRA),
310	MNVP(CSSM_ALGID_SHA1WithECNRA),
311	MNVP(CSSM_ALGID_ECES),
312	MNVP(CSSM_ALGID_ECAES),
313	MNVP(CSSM_ALGID_SHA1HMAC),
314	MNVP(CSSM_ALGID_FIPS186Random),
315	MNVP(CSSM_ALGID_ECC),
316	MNVP(CSSM_ALGID_MQV),
317	MNVP(CSSM_ALGID_NRA),
318	MNVP(CSSM_ALGID_IntelPlatformRandom),
319	MNVP(CSSM_ALGID_UTC),
320	MNVP(CSSM_ALGID_HAVAL3),
321	MNVP(CSSM_ALGID_HAVAL4),
322	MNVP(CSSM_ALGID_HAVAL5),
323	MNVP(CSSM_ALGID_TIGER),
324	MNVP(CSSM_ALGID_MD5HMAC),
325	MNVP(CSSM_ALGID_PKCS5_PBKDF2),
326	MNVP(CSSM_ALGID_RUNNING_COUNTER),
327
328	/* from cssmapple.h */
329	MNVP(CSSM_ALGID_APPLE_YARROW),
330	MNVP(CSSM_ALGID_AES),
331	MNVP(CSSM_ALGID_FEE),
332	MNVP(CSSM_ALGID_FEE_MD5),
333	MNVP(CSSM_ALGID_FEE_SHA1),
334	MNVP(CSSM_ALGID_FEED),
335	MNVP(CSSM_ALGID_FEEDEXP),
336	MNVP(CSSM_ALGID_ASC),
337	MNVP(CSSM_ALGID_SHA1HMAC_LEGACY),
338	MNVP_END
339};
340
341/* CSSM_ENCRYPT_MODE */
342const MDSNameValuePair MDSEncryptModeNames[] =
343{
344	MNVP(CSSM_ALGMODE_NONE),
345	MNVP(CSSM_ALGMODE_CUSTOM),
346	MNVP(CSSM_ALGMODE_ECB),
347	MNVP(CSSM_ALGMODE_ECBPad),
348	MNVP(CSSM_ALGMODE_CBC),
349	MNVP(CSSM_ALGMODE_CBC_IV8),
350	MNVP(CSSM_ALGMODE_CBCPadIV8),
351	MNVP(CSSM_ALGMODE_CFB),
352	MNVP(CSSM_ALGMODE_CFB_IV8),
353	MNVP(CSSM_ALGMODE_CFBPadIV8),
354	MNVP(CSSM_ALGMODE_OFB),
355	MNVP(CSSM_ALGMODE_OFB_IV8),
356	MNVP(CSSM_ALGMODE_OFBPadIV8),
357	MNVP(CSSM_ALGMODE_COUNTER),
358	MNVP(CSSM_ALGMODE_BC),
359	MNVP(CSSM_ALGMODE_PCBC),
360	MNVP(CSSM_ALGMODE_CBCC),
361	MNVP(CSSM_ALGMODE_OFBNLF),
362	MNVP(CSSM_ALGMODE_PBC),
363	MNVP(CSSM_ALGMODE_PFB),
364	MNVP(CSSM_ALGMODE_CBCPD),
365	MNVP(CSSM_ALGMODE_PUBLIC_KEY),
366	MNVP(CSSM_ALGMODE_PRIVATE_KEY),
367	MNVP(CSSM_ALGMODE_SHUFFLE),
368	MNVP(CSSM_ALGMODE_ECB64),
369	MNVP(CSSM_ALGMODE_CBC64),
370	MNVP(CSSM_ALGMODE_OFB64),
371	MNVP(CSSM_ALGMODE_CFB32),
372	MNVP(CSSM_ALGMODE_CFB16),
373	MNVP(CSSM_ALGMODE_CFB8),
374	MNVP(CSSM_ALGMODE_WRAP),
375	MNVP(CSSM_ALGMODE_PRIVATE_WRAP),
376	MNVP(CSSM_ALGMODE_RELAYX),
377	MNVP(CSSM_ALGMODE_ECB128),
378	MNVP(CSSM_ALGMODE_ECB96),
379	MNVP(CSSM_ALGMODE_CBC128),
380	MNVP(CSSM_ALGMODE_OAEP_HASH),
381	MNVP(CSSM_ALGMODE_PKCS1_EME_V15),
382	MNVP(CSSM_ALGMODE_PKCS1_EME_OAEP),
383	MNVP(CSSM_ALGMODE_PKCS1_EMSA_V15),
384	MNVP(CSSM_ALGMODE_ISO_9796),
385	MNVP(CSSM_ALGMODE_X9_31),
386	MNVP_END
387};
388
389/* CSSM_CSPTYPE */
390const MDSNameValuePair MDSCspTypeNames[] =
391{
392	MNVP(CSSM_CSP_SOFTWARE),
393	MNVP(CSSM_CSP_HARDWARE),
394	MNVP(CSSM_CSP_HYBRID),
395	MNVP_END
396};
397
398/* CSSM_USEE_TAG */
399const MDSNameValuePair MDSUseeTagsNames[] =
400{
401	MNVP(CSSM_USEE_NONE),
402	MNVP(CSSM_USEE_DOMESTIC),
403	MNVP(CSSM_USEE_FINANCIAL),
404	MNVP(CSSM_USEE_KRLE),
405	MNVP(CSSM_USEE_KRENT),
406	MNVP(CSSM_USEE_SSL),
407	MNVP(CSSM_USEE_AUTHENTICATION),
408	MNVP(CSSM_USEE_KEYEXCH),
409	MNVP(CSSM_USEE_MEDICAL),
410	MNVP(CSSM_USEE_INSURANCE),
411	MNVP(CSSM_USEE_WEAK),
412	MNVP_END
413};
414
415/* CSSM_CSP_READER_FLAGS */
416const MDSNameValuePair MDSCspReaderFlagsNames[] =
417{
418	MNVP(CSSM_CSP_RDR_TOKENPRESENT),
419	MNVP(CSSM_CSP_RDR_EXISTS),
420	MNVP(CSSM_CSP_RDR_HW),
421	MNVP_END
422};
423
424/* CSSM_SC_FLAGS */
425const MDSNameValuePair MDSCspScFlagsNames[] =
426{
427	MNVP(CSSM_CSP_TOK_RNG),
428	MNVP(CSSM_CSP_TOK_CLOCK_EXISTS),
429	MNVP_END
430};
431
432/* CSSM_SAMPLE_TYPE */
433const MDSNameValuePair MDSSampleTypeNames[] =
434{
435	MNVP(CSSM_SAMPLE_TYPE_PASSWORD),
436	MNVP(CSSM_SAMPLE_TYPE_HASHED_PASSWORD),
437	MNVP(CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD),
438	MNVP(CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD),
439	MNVP(CSSM_SAMPLE_TYPE_SIGNED_NONCE),
440	MNVP(CSSM_SAMPLE_TYPE_SIGNED_SECRET),
441	MNVP(CSSM_SAMPLE_TYPE_BIOMETRIC),
442	MNVP(CSSM_SAMPLE_TYPE_PROTECTED_BIOMETRIC),
443	MNVP(CSSM_SAMPLE_TYPE_PROMPTED_BIOMETRIC),
444	MNVP(CSSM_SAMPLE_TYPE_THRESHOLD),
445	/* from cssmapple.h */
446	MNVP(CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT),
447	MNVP(CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK),
448	MNVP(CSSM_SAMPLE_TYPE_KEYCHAIN_CHANGE_LOCK),
449	MNVP(CSSM_SAMPLE_TYPE_PROCESS),
450	MNVP(CSSM_SAMPLE_TYPE_COMMENT),
451	MNVP(CSSM_SAMPLE_TYPE_RETRY_ID),
452	MNVP_END
453};
454
455/* CSSM_CERT_TYPE, CSSM_CERT_ENCODING (cert type in high 16 bits) */
456const MDSNameValuePair MDSCertTypeNames[] =
457{
458	/* CSSM_CERT_TYPE */
459	MNVP(CSSM_CERT_UNKNOWN),
460	MNVP(CSSM_CERT_X_509v1),
461	MNVP(CSSM_CERT_X_509v2),
462	MNVP(CSSM_CERT_X_509v3),
463	MNVP(CSSM_CERT_PGP),
464	MNVP(CSSM_CERT_PGP),
465	MNVP(CSSM_CERT_SDSIv1),
466	MNVP(CSSM_CERT_Intel),
467	MNVP(CSSM_CERT_X_509_ATTRIBUTE),
468	MNVP(CSSM_CERT_X9_ATTRIBUTE),
469	MNVP(CSSM_CERT_TUPLE),
470	MNVP(CSSM_CERT_ACL_ENTRY),
471	MNVP(CSSM_CERT_MULTIPLE),
472	/* CSSM_CERT_ENCODING */
473	MNVP(CSSM_CERT_ENCODING_UNKNOWN),
474	MNVP(CSSM_CERT_ENCODING_CUSTOM),
475	MNVP(CSSM_CERT_ENCODING_BER),
476	MNVP(CSSM_CERT_ENCODING_DER),
477	MNVP(CSSM_CERT_ENCODING_NDR),
478	MNVP(CSSM_CERT_ENCODING_SEXPR),
479	MNVP(CSSM_CERT_ENCODING_PGP),
480	MNVP(CSSM_CERT_ENCODING_MULTIPLE),
481	MNVP_END
482};
483
484/* CSSM_CRL_TYPE, CSSM_CRL_ENCODING (CRL type in high 16 bits) */
485const MDSNameValuePair MDSCrlTypeNames[] =
486{
487	/* CSSM_CRL_TYPE */
488	MNVP(CSSM_CRL_TYPE_UNKNOWN),
489	MNVP(CSSM_CRL_TYPE_X_509v1),
490	MNVP(CSSM_CRL_TYPE_X_509v2),
491	MNVP(CSSM_CRL_TYPE_SPKI),
492	MNVP(CSSM_CRL_TYPE_MULTIPLE),
493	/* CSSM_CRL_ENCODING */
494	MNVP(CSSM_CRL_ENCODING_UNKNOWN),
495	MNVP(CSSM_CRL_ENCODING_CUSTOM),
496	MNVP(CSSM_CRL_ENCODING_BER),
497	MNVP(CSSM_CRL_ENCODING_DER),
498	MNVP(CSSM_CRL_ENCODING_BLOOM),
499	MNVP(CSSM_CRL_ENCODING_SEXPR),
500	MNVP(CSSM_CRL_ENCODING_MULTIPLE),
501	MNVP_END
502};
503
504/* CSSM_CERT_BUNDLE_TYPE, CSSM_CERT_BUNDLE_ENCODING (bundle type in high 16 bits) */
505const MDSNameValuePair MDSCertBundleTypeNames[] =
506{
507	/* CSSM_CERT_BUNDLE_TYPE */
508	MNVP(CSSM_CERT_BUNDLE_UNKNOWN),
509	MNVP(CSSM_CERT_BUNDLE_CUSTOM),
510	MNVP(CSSM_CERT_BUNDLE_PKCS7_SIGNED_DATA),
511	MNVP(CSSM_CERT_BUNDLE_PKCS7_SIGNED_ENVELOPED_DATA),
512	MNVP(CSSM_CERT_BUNDLE_PKCS12),
513	MNVP(CSSM_CERT_BUNDLE_PFX),
514	MNVP(CSSM_CERT_BUNDLE_SPKI_SEQUENCE),
515	MNVP(CSSM_CERT_BUNDLE_PGP_KEYRING),
516	/* CSSM_CERT_BUNDLE_ENCODING */
517	MNVP(CSSM_CERT_BUNDLE_ENCODING_UNKNOWN),
518	MNVP(CSSM_CERT_BUNDLE_ENCODING_CUSTOM),
519	MNVP(CSSM_CERT_BUNDLE_ENCODING_BER),
520	MNVP(CSSM_CERT_BUNDLE_ENCODING_DER),
521	MNVP(CSSM_CERT_BUNDLE_ENCODING_SEXPR),
522	MNVP(CSSM_CERT_BUNDLE_PFX),
523	MNVP(CSSM_CERT_BUNDLE_ENCODING_PGP),
524	MNVP_END
525};
526
527/* CSSM_CL_TEMPLATE_TYPE */
528const MDSNameValuePair MDSCertTemplateTypeNames[] =
529{
530	MNVP(CSSM_CL_TEMPLATE_INTERMEDIATE_CERT),
531	MNVP(CSSM_CL_TEMPLATE_PKIX_CERTTEMPLATE),
532	MNVP_END
533};
534
535/* CSSM_TP_AUTHORITY_REQUEST_CERTISSUE */
536const MDSNameValuePair MDSTpAuthRequestNames[] =
537{
538	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTISSUE),
539	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTREVOKE),
540	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTSUSPEND),
541	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTRESUME),
542	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTVERIFY),
543	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTNOTARIZE),
544	MNVP(CSSM_TP_AUTHORITY_REQUEST_CERTUSERECOVER),
545	MNVP(CSSM_TP_AUTHORITY_REQUEST_CRLISSUE),
546	MNVP_END
547};
548
549/* CSSM_DLTYPE */
550const MDSNameValuePair MDSDlTypeNames[] =
551{
552	MNVP(CSSM_DL_UNKNOWN),
553	MNVP(CSSM_DL_CUSTOM),
554	MNVP(CSSM_DL_LDAP),
555	MNVP(CSSM_DL_ODBC),
556	MNVP(CSSM_DL_PKCS11),
557	MNVP(CSSM_DL_FFS),
558	MNVP(CSSM_DL_MEMORY),
559	MNVP(CSSM_DL_REMOTEDIR),
560	MNVP_END
561};
562
563/* CSSM_DB_CONJUNCTIVE */
564const MDSNameValuePair MDSDbConjunctiveNames[] =
565{
566	MNVP(CSSM_DB_NONE),
567	MNVP(CSSM_DB_AND),
568	MNVP(CSSM_DB_OR),
569	MNVP_END
570};
571
572/* CSSM_DB_OPERATOR */
573const MDSNameValuePair MDSDbOperatorNames[] =
574{
575	MNVP(CSSM_DB_EQUAL),
576	MNVP(CSSM_DB_NOT_EQUAL),
577	MNVP(CSSM_DB_LESS_THAN),
578	MNVP(CSSM_DB_GREATER_THAN),
579	MNVP(CSSM_DB_CONTAINS),
580	MNVP(CSSM_DB_CONTAINS_INITIAL_SUBSTRING),
581	MNVP(CSSM_DB_CONTAINS_FINAL_SUBSTRING),
582	MNVP_END
583};
584
585/* CSSM_NET_PROTOCOL */
586const MDSNameValuePair MDSNetProtocolNames[] =
587{
588	MNVP(CSSM_NET_PROTO_NONE),
589	MNVP(CSSM_NET_PROTO_CUSTOM),
590	MNVP(CSSM_NET_PROTO_UNSPECIFIED),
591	MNVP(CSSM_NET_PROTO_LDAP),
592	MNVP(CSSM_NET_PROTO_LDAPS),
593	MNVP(CSSM_NET_PROTO_LDAPNS),
594	MNVP(CSSM_NET_PROTO_X500DAP),
595	MNVP(CSSM_NET_PROTO_FTP),
596	MNVP(CSSM_NET_PROTO_FTPS),
597	MNVP(CSSM_NET_PROTO_OCSP),
598	MNVP(CSSM_NET_PROTO_CMP),
599	MNVP(CSSM_NET_PROTO_CMPS),
600	MNVP_END
601};
602
603/* CSSM_DB_RETRIEVAL_MODES */
604const MDSNameValuePair MDSDbRetrievalModeNames[] =
605{
606	MNVP(CSSM_DB_TRANSACTIONAL_MODE),
607	MNVP(CSSM_DB_FILESYSTEMSCAN_MODE),
608	MNVP_END
609};
610
611/* CSSM_KR_POLICY_TYPE */
612/* FIXME the spec is kind of ambiguous - do we want
613 * CSSM_KR_POLICY_TYPE or CSSM_KR_POLICY_FLAGS? */
614const MDSNameValuePair MDSKrPolicyTypeNames[] =
615{
616	MNVP(CSSM_KR_INDIV_POLICY),
617	MNVP(CSSM_KR_ENT_POLICY),
618	MNVP(CSSM_KR_LE_MAN_POLICY),
619	MNVP(CSSM_KR_LE_USE_POLICY),
620	MNVP_END
621};
622
623
624static bool isNumericStr(
625	const char *str,
626	bool hexOK)
627{
628	while(*str) {
629		char c = *str++;
630		if(isdigit(c)) {
631			continue;
632		}
633		if(hexOK) {
634			if((c >= 'a') && (c <= 'f')) {
635				continue;
636			}
637			if((c >= 'A') && (c <= 'F')) {
638				continue;
639			}
640		}
641		return false;
642	}
643	return true;
644}
645
646/* convert ASCII hex digit - assumed validated already */
647static unsigned char hexDigit(
648	unsigned char d)
649{
650	if((d >= '0') && (d <= '9')) {
651		return d - '0';
652	}
653	else if((d >= 'a') && (d <= 'f')) {
654		return d - 'a' + 10;
655	}
656	else {
657		return d - 'A' + 10;
658	}
659}
660
661static unsigned strToHex(
662	const char *str)
663{
664	unsigned rtn = 0;
665	while(*str) {
666		rtn <<= 4;
667		rtn |= hexDigit(*str++);
668	}
669	return rtn;
670}
671
672/*
673 * Core routine to convert a single string token to a uint32. Incoming token can
674 * be in the form of a string from the specified MDSNameValuePair table or a literal
675 * number, either in hex (prefix "0x") or decimal. Tokens in any form may be
676 * prefixed by "<<" indicating the value is to be shifted left by 16 bits.
677 */
678CSSM_RETURN MDSAttrNameToValue(
679	const char *name,
680	const MDSNameValuePair *table,	// optional, string must be decimal or hex if NULL
681	uint32 &value)					// RETURNED
682{
683	if(name == NULL) {
684		return CSSMERR_CSSM_MDS_ERROR;
685	}
686	if(*name == '\0') {
687		/* empty string, legal */
688		value = 0;
689		return CSSM_OK;
690	}
691
692	/* prefixed by "<<"? */
693	bool shiftBy16 = false;
694	if((name != NULL) && (name[0] == '<') && (name[1] == '<')) {
695		shiftBy16 = true;
696		name += 2;
697	}
698
699	/* attempt to find the string in lookup table */
700	if(table != NULL) {
701		while(table->name != NULL) {
702			if(!strcmp(table->name, name)) {
703				value = table->value;
704				if(shiftBy16) {
705					value <<= 16;
706				}
707				return CSSM_OK;
708			}
709			table++;
710		}
711	}
712
713	/* not found - is the string a number? */
714	if(isdigit(name[0])) {
715		bool isNum;
716		bool isHex = false;
717		if((name[0] == '0') && (name[1] == 'x')) {
718			/* hex - skip first two chars */
719			isHex = true;
720			name += 2;
721			isNum = isNumericStr(name, true);
722		}
723		else {
724			isNum = isNumericStr(name, false);
725		}
726		if(!isNum) {
727			return CSSMERR_CSSM_MDS_ERROR;
728		}
729		if(isHex) {
730			value = strToHex(name);
731		}
732		else {
733			value = atoi(name);
734		}
735		if(shiftBy16) {
736			value <<= 16;
737		}
738		return CSSM_OK;
739	}
740	else {
741		/* not a number */
742		return CSSMERR_CSSM_MDS_ERROR;
743	}
744}
745
746
747} // end namespace Security
748