]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/objects/objects.txt
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SM4: Add SM4 block cipher to EVP
[thirdparty/openssl.git] / crypto / objects / objects.txt
1 # CCITT was renamed to ITU-T quite some time ago
2 0 : ITU-T : itu-t
3 !Alias ccitt itu-t
4
5 1 : ISO : iso
6
7 2 : JOINT-ISO-ITU-T : joint-iso-itu-t
8 !Alias joint-iso-ccitt joint-iso-itu-t
9
10 iso 2 : member-body : ISO Member Body
11
12 iso 3 : identified-organization
13
14 # HMAC OIDs
15 identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5
16 identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1
17
18 # "1.3.36.8.3.3"
19 identified-organization 36 8 3 3 : x509ExtAdmission : Professional Information or basis for Admission
20
21 identified-organization 132 : certicom-arc
22
23 joint-iso-itu-t 23 : international-organizations : International Organizations
24
25 international-organizations 43 : wap
26 wap 1 : wap-wsg
27
28 joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types
29
30 selected-attribute-types 55 : clearance
31
32 member-body 840 : ISO-US : ISO US Member Body
33 ISO-US 10040 : X9-57 : X9.57
34 X9-57 4 : X9cm : X9.57 CM ?
35
36 !Cname dsa
37 X9cm 1 : DSA : dsaEncryption
38 X9cm 3 : DSA-SHA1 : dsaWithSHA1
39
40
41 ISO-US 10045 : ansi-X9-62 : ANSI X9.62
42 !module X9-62
43 !Alias id-fieldType ansi-X9-62 1
44 X9-62_id-fieldType 1 : prime-field
45 X9-62_id-fieldType 2 : characteristic-two-field
46 X9-62_characteristic-two-field 3 : id-characteristic-two-basis
47 X9-62_id-characteristic-two-basis 1 : onBasis
48 X9-62_id-characteristic-two-basis 2 : tpBasis
49 X9-62_id-characteristic-two-basis 3 : ppBasis
50 !Alias id-publicKeyType ansi-X9-62 2
51 X9-62_id-publicKeyType 1 : id-ecPublicKey
52 !Alias ellipticCurve ansi-X9-62 3
53 !Alias c-TwoCurve X9-62_ellipticCurve 0
54 X9-62_c-TwoCurve 1 : c2pnb163v1
55 X9-62_c-TwoCurve 2 : c2pnb163v2
56 X9-62_c-TwoCurve 3 : c2pnb163v3
57 X9-62_c-TwoCurve 4 : c2pnb176v1
58 X9-62_c-TwoCurve 5 : c2tnb191v1
59 X9-62_c-TwoCurve 6 : c2tnb191v2
60 X9-62_c-TwoCurve 7 : c2tnb191v3
61 X9-62_c-TwoCurve 8 : c2onb191v4
62 X9-62_c-TwoCurve 9 : c2onb191v5
63 X9-62_c-TwoCurve 10 : c2pnb208w1
64 X9-62_c-TwoCurve 11 : c2tnb239v1
65 X9-62_c-TwoCurve 12 : c2tnb239v2
66 X9-62_c-TwoCurve 13 : c2tnb239v3
67 X9-62_c-TwoCurve 14 : c2onb239v4
68 X9-62_c-TwoCurve 15 : c2onb239v5
69 X9-62_c-TwoCurve 16 : c2pnb272w1
70 X9-62_c-TwoCurve 17 : c2pnb304w1
71 X9-62_c-TwoCurve 18 : c2tnb359v1
72 X9-62_c-TwoCurve 19 : c2pnb368w1
73 X9-62_c-TwoCurve 20 : c2tnb431r1
74 !Alias primeCurve X9-62_ellipticCurve 1
75 X9-62_primeCurve 1 : prime192v1
76 X9-62_primeCurve 2 : prime192v2
77 X9-62_primeCurve 3 : prime192v3
78 X9-62_primeCurve 4 : prime239v1
79 X9-62_primeCurve 5 : prime239v2
80 X9-62_primeCurve 6 : prime239v3
81 X9-62_primeCurve 7 : prime256v1
82 !Alias id-ecSigType ansi-X9-62 4
83 !global
84 X9-62_id-ecSigType 1 : ecdsa-with-SHA1
85 X9-62_id-ecSigType 2 : ecdsa-with-Recommended
86 X9-62_id-ecSigType 3 : ecdsa-with-Specified
87 ecdsa-with-Specified 1 : ecdsa-with-SHA224
88 ecdsa-with-Specified 2 : ecdsa-with-SHA256
89 ecdsa-with-Specified 3 : ecdsa-with-SHA384
90 ecdsa-with-Specified 4 : ecdsa-with-SHA512
91
92 # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
93 # (http://www.secg.org/)
94 !Alias secg_ellipticCurve certicom-arc 0
95 # SECG prime curves OIDs
96 secg-ellipticCurve 6 : secp112r1
97 secg-ellipticCurve 7 : secp112r2
98 secg-ellipticCurve 28 : secp128r1
99 secg-ellipticCurve 29 : secp128r2
100 secg-ellipticCurve 9 : secp160k1
101 secg-ellipticCurve 8 : secp160r1
102 secg-ellipticCurve 30 : secp160r2
103 secg-ellipticCurve 31 : secp192k1
104 # NOTE: the curve secp192r1 is the same as prime192v1 defined above
105 # and is therefore omitted
106 secg-ellipticCurve 32 : secp224k1
107 secg-ellipticCurve 33 : secp224r1
108 secg-ellipticCurve 10 : secp256k1
109 # NOTE: the curve secp256r1 is the same as prime256v1 defined above
110 # and is therefore omitted
111 secg-ellipticCurve 34 : secp384r1
112 secg-ellipticCurve 35 : secp521r1
113 # SECG characteristic two curves OIDs
114 secg-ellipticCurve 4 : sect113r1
115 secg-ellipticCurve 5 : sect113r2
116 secg-ellipticCurve 22 : sect131r1
117 secg-ellipticCurve 23 : sect131r2
118 secg-ellipticCurve 1 : sect163k1
119 secg-ellipticCurve 2 : sect163r1
120 secg-ellipticCurve 15 : sect163r2
121 secg-ellipticCurve 24 : sect193r1
122 secg-ellipticCurve 25 : sect193r2
123 secg-ellipticCurve 26 : sect233k1
124 secg-ellipticCurve 27 : sect233r1
125 secg-ellipticCurve 3 : sect239k1
126 secg-ellipticCurve 16 : sect283k1
127 secg-ellipticCurve 17 : sect283r1
128 secg-ellipticCurve 36 : sect409k1
129 secg-ellipticCurve 37 : sect409r1
130 secg-ellipticCurve 38 : sect571k1
131 secg-ellipticCurve 39 : sect571r1
132
133 # WAP/TLS curve OIDs (http://www.wapforum.org/)
134 !Alias wap-wsg-idm-ecid wap-wsg 4
135 wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1
136 wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3
137 wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4
138 wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5
139 wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6
140 wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7
141 wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8
142 wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9
143 wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10
144 wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11
145 wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12
146
147
148 ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
149 : CAST5-ECB : cast5-ecb
150 !Cname cast5-cfb64
151 : CAST5-CFB : cast5-cfb
152 !Cname cast5-ofb64
153 : CAST5-OFB : cast5-ofb
154 !Cname pbeWithMD5AndCast5-CBC
155 ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
156
157 # Macs for CMP and CRMF
158 ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC
159 ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC
160
161 ISO-US 113549 : rsadsi : RSA Data Security, Inc.
162
163 rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
164
165 pkcs 1 : pkcs1
166 pkcs1 1 : : rsaEncryption
167 pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
168 pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
169 pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
170 pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
171 # According to PKCS #1 version 2.1
172 pkcs1 7 : RSAES-OAEP : rsaesOaep
173 pkcs1 8 : MGF1 : mgf1
174 pkcs1 9 : PSPECIFIED : pSpecified
175 pkcs1 10 : RSASSA-PSS : rsassaPss
176
177 pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
178 pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
179 pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
180 pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
181
182 pkcs 3 : pkcs3
183 pkcs3 1 : : dhKeyAgreement
184
185 pkcs 5 : pkcs5
186 pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
187 pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
188 pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
189 pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
190 pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
191 pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
192 !Cname id_pbkdf2
193 pkcs5 12 : : PBKDF2
194 !Cname pbes2
195 pkcs5 13 : : PBES2
196 !Cname pbmac1
197 pkcs5 14 : : PBMAC1
198
199 pkcs 7 : pkcs7
200 pkcs7 1 : : pkcs7-data
201 !Cname pkcs7-signed
202 pkcs7 2 : : pkcs7-signedData
203 !Cname pkcs7-enveloped
204 pkcs7 3 : : pkcs7-envelopedData
205 !Cname pkcs7-signedAndEnveloped
206 pkcs7 4 : : pkcs7-signedAndEnvelopedData
207 !Cname pkcs7-digest
208 pkcs7 5 : : pkcs7-digestData
209 !Cname pkcs7-encrypted
210 pkcs7 6 : : pkcs7-encryptedData
211
212 pkcs 9 : pkcs9
213 !module pkcs9
214 pkcs9 1 : : emailAddress
215 pkcs9 2 : : unstructuredName
216 pkcs9 3 : : contentType
217 pkcs9 4 : : messageDigest
218 pkcs9 5 : : signingTime
219 pkcs9 6 : : countersignature
220 pkcs9 7 : : challengePassword
221 pkcs9 8 : : unstructuredAddress
222 !Cname extCertAttributes
223 pkcs9 9 : : extendedCertificateAttributes
224 !global
225
226 !Cname ext-req
227 pkcs9 14 : extReq : Extension Request
228
229 !Cname SMIMECapabilities
230 pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
231
232 # S/MIME
233 !Cname SMIME
234 pkcs9 16 : SMIME : S/MIME
235 SMIME 0 : id-smime-mod
236 SMIME 1 : id-smime-ct
237 SMIME 2 : id-smime-aa
238 SMIME 3 : id-smime-alg
239 SMIME 4 : id-smime-cd
240 SMIME 5 : id-smime-spq
241 SMIME 6 : id-smime-cti
242
243 # S/MIME Modules
244 id-smime-mod 1 : id-smime-mod-cms
245 id-smime-mod 2 : id-smime-mod-ess
246 id-smime-mod 3 : id-smime-mod-oid
247 id-smime-mod 4 : id-smime-mod-msg-v3
248 id-smime-mod 5 : id-smime-mod-ets-eSignature-88
249 id-smime-mod 6 : id-smime-mod-ets-eSignature-97
250 id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
251 id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
252
253 # S/MIME Content Types
254 id-smime-ct 1 : id-smime-ct-receipt
255 id-smime-ct 2 : id-smime-ct-authData
256 id-smime-ct 3 : id-smime-ct-publishCert
257 id-smime-ct 4 : id-smime-ct-TSTInfo
258 id-smime-ct 5 : id-smime-ct-TDTInfo
259 id-smime-ct 6 : id-smime-ct-contentInfo
260 id-smime-ct 7 : id-smime-ct-DVCSRequestData
261 id-smime-ct 8 : id-smime-ct-DVCSResponseData
262 id-smime-ct 9 : id-smime-ct-compressedData
263 id-smime-ct 19 : id-smime-ct-contentCollection
264 id-smime-ct 23 : id-smime-ct-authEnvelopedData
265 id-smime-ct 27 : id-ct-asciiTextWithCRLF
266 id-smime-ct 28 : id-ct-xml
267
268 # S/MIME Attributes
269 id-smime-aa 1 : id-smime-aa-receiptRequest
270 id-smime-aa 2 : id-smime-aa-securityLabel
271 id-smime-aa 3 : id-smime-aa-mlExpandHistory
272 id-smime-aa 4 : id-smime-aa-contentHint
273 id-smime-aa 5 : id-smime-aa-msgSigDigest
274 # obsolete
275 id-smime-aa 6 : id-smime-aa-encapContentType
276 id-smime-aa 7 : id-smime-aa-contentIdentifier
277 # obsolete
278 id-smime-aa 8 : id-smime-aa-macValue
279 id-smime-aa 9 : id-smime-aa-equivalentLabels
280 id-smime-aa 10 : id-smime-aa-contentReference
281 id-smime-aa 11 : id-smime-aa-encrypKeyPref
282 id-smime-aa 12 : id-smime-aa-signingCertificate
283 id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
284 id-smime-aa 14 : id-smime-aa-timeStampToken
285 id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
286 id-smime-aa 16 : id-smime-aa-ets-commitmentType
287 id-smime-aa 17 : id-smime-aa-ets-signerLocation
288 id-smime-aa 18 : id-smime-aa-ets-signerAttr
289 id-smime-aa 19 : id-smime-aa-ets-otherSigCert
290 id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
291 id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
292 id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
293 id-smime-aa 23 : id-smime-aa-ets-certValues
294 id-smime-aa 24 : id-smime-aa-ets-revocationValues
295 id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
296 id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
297 id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
298 id-smime-aa 28 : id-smime-aa-signatureType
299 id-smime-aa 29 : id-smime-aa-dvcs-dvc
300 id-smime-aa 47 : id-smime-aa-signingCertificateV2
301
302 # S/MIME Algorithm Identifiers
303 # obsolete
304 id-smime-alg 1 : id-smime-alg-ESDHwith3DES
305 # obsolete
306 id-smime-alg 2 : id-smime-alg-ESDHwithRC2
307 # obsolete
308 id-smime-alg 3 : id-smime-alg-3DESwrap
309 # obsolete
310 id-smime-alg 4 : id-smime-alg-RC2wrap
311 id-smime-alg 5 : id-smime-alg-ESDH
312 id-smime-alg 6 : id-smime-alg-CMS3DESwrap
313 id-smime-alg 7 : id-smime-alg-CMSRC2wrap
314 id-smime-alg 9 : id-alg-PWRI-KEK
315
316 # S/MIME Certificate Distribution
317 id-smime-cd 1 : id-smime-cd-ldap
318
319 # S/MIME Signature Policy Qualifier
320 id-smime-spq 1 : id-smime-spq-ets-sqt-uri
321 id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
322
323 # S/MIME Commitment Type Identifier
324 id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
325 id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
326 id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
327 id-smime-cti 4 : id-smime-cti-ets-proofOfSender
328 id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
329 id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
330
331 pkcs9 20 : : friendlyName
332 pkcs9 21 : : localKeyID
333 !Cname ms-csp-name
334 1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name
335 1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set
336 !Alias certTypes pkcs9 22
337 certTypes 1 : : x509Certificate
338 certTypes 2 : : sdsiCertificate
339 !Alias crlTypes pkcs9 23
340 crlTypes 1 : : x509Crl
341
342 !Alias pkcs12 pkcs 12
343 !Alias pkcs12-pbeids pkcs12 1
344
345 !Cname pbe-WithSHA1And128BitRC4
346 pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
347 !Cname pbe-WithSHA1And40BitRC4
348 pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
349 !Cname pbe-WithSHA1And3_Key_TripleDES-CBC
350 pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
351 !Cname pbe-WithSHA1And2_Key_TripleDES-CBC
352 pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
353 !Cname pbe-WithSHA1And128BitRC2-CBC
354 pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
355 !Cname pbe-WithSHA1And40BitRC2-CBC
356 pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
357
358 !Alias pkcs12-Version1 pkcs12 10
359 !Alias pkcs12-BagIds pkcs12-Version1 1
360 pkcs12-BagIds 1 : : keyBag
361 pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
362 pkcs12-BagIds 3 : : certBag
363 pkcs12-BagIds 4 : : crlBag
364 pkcs12-BagIds 5 : : secretBag
365 pkcs12-BagIds 6 : : safeContentsBag
366
367 rsadsi 2 2 : MD2 : md2
368 rsadsi 2 4 : MD4 : md4
369 rsadsi 2 5 : MD5 : md5
370 : MD5-SHA1 : md5-sha1
371 rsadsi 2 6 : : hmacWithMD5
372 rsadsi 2 7 : : hmacWithSHA1
373
374 # From RFC4231
375 rsadsi 2 8 : : hmacWithSHA224
376 rsadsi 2 9 : : hmacWithSHA256
377 rsadsi 2 10 : : hmacWithSHA384
378 rsadsi 2 11 : : hmacWithSHA512
379
380 rsadsi 3 2 : RC2-CBC : rc2-cbc
381 : RC2-ECB : rc2-ecb
382 !Cname rc2-cfb64
383 : RC2-CFB : rc2-cfb
384 !Cname rc2-ofb64
385 : RC2-OFB : rc2-ofb
386 : RC2-40-CBC : rc2-40-cbc
387 : RC2-64-CBC : rc2-64-cbc
388 rsadsi 3 4 : RC4 : rc4
389 : RC4-40 : rc4-40
390 rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
391 rsadsi 3 8 : RC5-CBC : rc5-cbc
392 : RC5-ECB : rc5-ecb
393 !Cname rc5-cfb64
394 : RC5-CFB : rc5-cfb
395 !Cname rc5-ofb64
396 : RC5-OFB : rc5-ofb
397
398 !Cname ms-ext-req
399 1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
400 !Cname ms-code-ind
401 1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
402 !Cname ms-code-com
403 1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
404 !Cname ms-ctl-sign
405 1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
406 !Cname ms-sgc
407 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
408 !Cname ms-efs
409 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
410 !Cname ms-smartcard-login
411 1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin
412 !Cname ms-upn
413 1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name
414
415 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
416 : IDEA-ECB : idea-ecb
417 !Cname idea-cfb64
418 : IDEA-CFB : idea-cfb
419 !Cname idea-ofb64
420 : IDEA-OFB : idea-ofb
421
422 1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
423 : BF-ECB : bf-ecb
424 !Cname bf-cfb64
425 : BF-CFB : bf-cfb
426 !Cname bf-ofb64
427 : BF-OFB : bf-ofb
428
429 !Cname id-pkix
430 1 3 6 1 5 5 7 : PKIX
431
432 # PKIX Arcs
433 id-pkix 0 : id-pkix-mod
434 id-pkix 1 : id-pe
435 id-pkix 2 : id-qt
436 id-pkix 3 : id-kp
437 id-pkix 4 : id-it
438 id-pkix 5 : id-pkip
439 id-pkix 6 : id-alg
440 id-pkix 7 : id-cmc
441 id-pkix 8 : id-on
442 id-pkix 9 : id-pda
443 id-pkix 10 : id-aca
444 id-pkix 11 : id-qcs
445 id-pkix 12 : id-cct
446 id-pkix 21 : id-ppl
447 id-pkix 48 : id-ad
448
449 # PKIX Modules
450 id-pkix-mod 1 : id-pkix1-explicit-88
451 id-pkix-mod 2 : id-pkix1-implicit-88
452 id-pkix-mod 3 : id-pkix1-explicit-93
453 id-pkix-mod 4 : id-pkix1-implicit-93
454 id-pkix-mod 5 : id-mod-crmf
455 id-pkix-mod 6 : id-mod-cmc
456 id-pkix-mod 7 : id-mod-kea-profile-88
457 id-pkix-mod 8 : id-mod-kea-profile-93
458 id-pkix-mod 9 : id-mod-cmp
459 id-pkix-mod 10 : id-mod-qualified-cert-88
460 id-pkix-mod 11 : id-mod-qualified-cert-93
461 id-pkix-mod 12 : id-mod-attribute-cert
462 id-pkix-mod 13 : id-mod-timestamp-protocol
463 id-pkix-mod 14 : id-mod-ocsp
464 id-pkix-mod 15 : id-mod-dvcs
465 id-pkix-mod 16 : id-mod-cmp2000
466
467 # PKIX Private Extensions
468 !Cname info-access
469 id-pe 1 : authorityInfoAccess : Authority Information Access
470 id-pe 2 : biometricInfo : Biometric Info
471 id-pe 3 : qcStatements
472 id-pe 4 : ac-auditEntity
473 id-pe 5 : ac-targeting
474 id-pe 6 : aaControls
475 id-pe 7 : sbgp-ipAddrBlock
476 id-pe 8 : sbgp-autonomousSysNum
477 id-pe 9 : sbgp-routerIdentifier
478 id-pe 10 : ac-proxying
479 !Cname sinfo-access
480 id-pe 11 : subjectInfoAccess : Subject Information Access
481 id-pe 14 : proxyCertInfo : Proxy Certificate Information
482 id-pe 24 : tlsfeature : TLS Feature
483
484 # PKIX policyQualifiers for Internet policy qualifiers
485 id-qt 1 : id-qt-cps : Policy Qualifier CPS
486 id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
487 id-qt 3 : textNotice
488
489 # PKIX key purpose identifiers
490 !Cname server-auth
491 id-kp 1 : serverAuth : TLS Web Server Authentication
492 !Cname client-auth
493 id-kp 2 : clientAuth : TLS Web Client Authentication
494 !Cname code-sign
495 id-kp 3 : codeSigning : Code Signing
496 !Cname email-protect
497 id-kp 4 : emailProtection : E-mail Protection
498 id-kp 5 : ipsecEndSystem : IPSec End System
499 id-kp 6 : ipsecTunnel : IPSec Tunnel
500 id-kp 7 : ipsecUser : IPSec User
501 !Cname time-stamp
502 id-kp 8 : timeStamping : Time Stamping
503 # From OCSP spec RFC2560
504 !Cname OCSP-sign
505 id-kp 9 : OCSPSigning : OCSP Signing
506 id-kp 10 : DVCS : dvcs
507 !Cname ipsec-IKE
508 id-kp 17 : ipsecIKE : ipsec Internet Key Exchange
509 id-kp 18 : capwapAC : Ctrl/provision WAP Access
510 id-kp 19 : capwapWTP : Ctrl/Provision WAP Termination
511 !Cname sshClient
512 id-kp 21 : secureShellClient : SSH Client
513 !Cname sshServer
514 id-kp 22 : secureShellServer : SSH Server
515 id-kp 23 : sendRouter : Send Router
516 id-kp 24 : sendProxiedRouter : Send Proxied Router
517 id-kp 25 : sendOwner : Send Owner
518 id-kp 26 : sendProxiedOwner : Send Proxied Owner
519 id-kp 27 : cmcCA : CMC Certificate Authority
520 id-kp 28 : cmcRA : CMC Registration Authority
521
522 # CMP information types
523 id-it 1 : id-it-caProtEncCert
524 id-it 2 : id-it-signKeyPairTypes
525 id-it 3 : id-it-encKeyPairTypes
526 id-it 4 : id-it-preferredSymmAlg
527 id-it 5 : id-it-caKeyUpdateInfo
528 id-it 6 : id-it-currentCRL
529 id-it 7 : id-it-unsupportedOIDs
530 # obsolete
531 id-it 8 : id-it-subscriptionRequest
532 # obsolete
533 id-it 9 : id-it-subscriptionResponse
534 id-it 10 : id-it-keyPairParamReq
535 id-it 11 : id-it-keyPairParamRep
536 id-it 12 : id-it-revPassphrase
537 id-it 13 : id-it-implicitConfirm
538 id-it 14 : id-it-confirmWaitTime
539 id-it 15 : id-it-origPKIMessage
540 id-it 16 : id-it-suppLangTags
541
542 # CRMF registration
543 id-pkip 1 : id-regCtrl
544 id-pkip 2 : id-regInfo
545
546 # CRMF registration controls
547 id-regCtrl 1 : id-regCtrl-regToken
548 id-regCtrl 2 : id-regCtrl-authenticator
549 id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
550 id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
551 id-regCtrl 5 : id-regCtrl-oldCertID
552 id-regCtrl 6 : id-regCtrl-protocolEncrKey
553
554 # CRMF registration information
555 id-regInfo 1 : id-regInfo-utf8Pairs
556 id-regInfo 2 : id-regInfo-certReq
557
558 # algorithms
559 id-alg 1 : id-alg-des40
560 id-alg 2 : id-alg-noSignature
561 id-alg 3 : id-alg-dh-sig-hmac-sha1
562 id-alg 4 : id-alg-dh-pop
563
564 # CMC controls
565 id-cmc 1 : id-cmc-statusInfo
566 id-cmc 2 : id-cmc-identification
567 id-cmc 3 : id-cmc-identityProof
568 id-cmc 4 : id-cmc-dataReturn
569 id-cmc 5 : id-cmc-transactionId
570 id-cmc 6 : id-cmc-senderNonce
571 id-cmc 7 : id-cmc-recipientNonce
572 id-cmc 8 : id-cmc-addExtensions
573 id-cmc 9 : id-cmc-encryptedPOP
574 id-cmc 10 : id-cmc-decryptedPOP
575 id-cmc 11 : id-cmc-lraPOPWitness
576 id-cmc 15 : id-cmc-getCert
577 id-cmc 16 : id-cmc-getCRL
578 id-cmc 17 : id-cmc-revokeRequest
579 id-cmc 18 : id-cmc-regInfo
580 id-cmc 19 : id-cmc-responseInfo
581 id-cmc 21 : id-cmc-queryPending
582 id-cmc 22 : id-cmc-popLinkRandom
583 id-cmc 23 : id-cmc-popLinkWitness
584 id-cmc 24 : id-cmc-confirmCertAcceptance
585
586 # other names
587 id-on 1 : id-on-personalData
588 id-on 3 : id-on-permanentIdentifier : Permanent Identifier
589
590 # personal data attributes
591 id-pda 1 : id-pda-dateOfBirth
592 id-pda 2 : id-pda-placeOfBirth
593 id-pda 3 : id-pda-gender
594 id-pda 4 : id-pda-countryOfCitizenship
595 id-pda 5 : id-pda-countryOfResidence
596
597 # attribute certificate attributes
598 id-aca 1 : id-aca-authenticationInfo
599 id-aca 2 : id-aca-accessIdentity
600 id-aca 3 : id-aca-chargingIdentity
601 id-aca 4 : id-aca-group
602 # attention : the following seems to be obsolete, replace by 'role'
603 id-aca 5 : id-aca-role
604 id-aca 6 : id-aca-encAttrs
605
606 # qualified certificate statements
607 id-qcs 1 : id-qcs-pkixQCSyntax-v1
608
609 # CMC content types
610 id-cct 1 : id-cct-crs
611 id-cct 2 : id-cct-PKIData
612 id-cct 3 : id-cct-PKIResponse
613
614 # Predefined Proxy Certificate policy languages
615 id-ppl 0 : id-ppl-anyLanguage : Any language
616 id-ppl 1 : id-ppl-inheritAll : Inherit all
617 id-ppl 2 : id-ppl-independent : Independent
618
619 # access descriptors for authority info access extension
620 !Cname ad-OCSP
621 id-ad 1 : OCSP : OCSP
622 !Cname ad-ca-issuers
623 id-ad 2 : caIssuers : CA Issuers
624 !Cname ad-timeStamping
625 id-ad 3 : ad_timestamping : AD Time Stamping
626 !Cname ad-dvcs
627 id-ad 4 : AD_DVCS : ad dvcs
628 id-ad 5 : caRepository : CA Repository
629
630
631 !Alias id-pkix-OCSP ad-OCSP
632 !module id-pkix-OCSP
633 !Cname basic
634 id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
635 id-pkix-OCSP 2 : Nonce : OCSP Nonce
636 id-pkix-OCSP 3 : CrlID : OCSP CRL ID
637 id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
638 id-pkix-OCSP 5 : noCheck : OCSP No Check
639 id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
640 id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
641 id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
642 id-pkix-OCSP 9 : valid
643 id-pkix-OCSP 10 : path
644 id-pkix-OCSP 11 : trustRoot : Trust Root
645 !global
646
647 1 3 14 3 2 : algorithm : algorithm
648 algorithm 3 : RSA-NP-MD5 : md5WithRSA
649 algorithm 6 : DES-ECB : des-ecb
650 algorithm 7 : DES-CBC : des-cbc
651 !Cname des-ofb64
652 algorithm 8 : DES-OFB : des-ofb
653 !Cname des-cfb64
654 algorithm 9 : DES-CFB : des-cfb
655 algorithm 11 : rsaSignature
656 !Cname dsa-2
657 algorithm 12 : DSA-old : dsaEncryption-old
658 algorithm 13 : DSA-SHA : dsaWithSHA
659 algorithm 15 : RSA-SHA : shaWithRSAEncryption
660 !Cname des-ede-ecb
661 algorithm 17 : DES-EDE : des-ede
662 !Cname des-ede3-ecb
663 : DES-EDE3 : des-ede3
664 : DES-EDE-CBC : des-ede-cbc
665 !Cname des-ede-cfb64
666 : DES-EDE-CFB : des-ede-cfb
667 !Cname des-ede3-cfb64
668 : DES-EDE3-CFB : des-ede3-cfb
669 !Cname des-ede-ofb64
670 : DES-EDE-OFB : des-ede-ofb
671 !Cname des-ede3-ofb64
672 : DES-EDE3-OFB : des-ede3-ofb
673 : DESX-CBC : desx-cbc
674 algorithm 18 : SHA : sha
675 algorithm 26 : SHA1 : sha1
676 !Cname dsaWithSHA1-2
677 algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
678 algorithm 29 : RSA-SHA1-2 : sha1WithRSA
679
680 1 3 36 3 2 1 : RIPEMD160 : ripemd160
681 1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
682
683 1 3 6 1 4 1 1722 12 2 1 16 : BLAKE2b512 : blake2b512
684 1 3 6 1 4 1 1722 12 2 2 8 : BLAKE2s256 : blake2s256
685
686 !Cname sxnet
687 1 3 101 1 4 1 : SXNetID : Strong Extranet ID
688
689 2 5 : X500 : directory services (X.500)
690
691 X500 4 : X509
692 X509 3 : CN : commonName
693 X509 4 : SN : surname
694 X509 5 : : serialNumber
695 X509 6 : C : countryName
696 X509 7 : L : localityName
697 X509 8 : ST : stateOrProvinceName
698 X509 9 : street : streetAddress
699 X509 10 : O : organizationName
700 X509 11 : OU : organizationalUnitName
701 X509 12 : title : title
702 X509 13 : : description
703 X509 14 : : searchGuide
704 X509 15 : : businessCategory
705 X509 16 : : postalAddress
706 X509 17 : : postalCode
707 X509 18 : : postOfficeBox
708 X509 19 : : physicalDeliveryOfficeName
709 X509 20 : : telephoneNumber
710 X509 21 : : telexNumber
711 X509 22 : : teletexTerminalIdentifier
712 X509 23 : : facsimileTelephoneNumber
713 X509 24 : : x121Address
714 X509 25 : : internationaliSDNNumber
715 X509 26 : : registeredAddress
716 X509 27 : : destinationIndicator
717 X509 28 : : preferredDeliveryMethod
718 X509 29 : : presentationAddress
719 X509 30 : : supportedApplicationContext
720 X509 31 : member :
721 X509 32 : owner :
722 X509 33 : : roleOccupant
723 X509 34 : seeAlso :
724 X509 35 : : userPassword
725 X509 36 : : userCertificate
726 X509 37 : : cACertificate
727 X509 38 : : authorityRevocationList
728 X509 39 : : certificateRevocationList
729 X509 40 : : crossCertificatePair
730 X509 41 : name : name
731 X509 42 : GN : givenName
732 X509 43 : initials : initials
733 X509 44 : : generationQualifier
734 X509 45 : : x500UniqueIdentifier
735 X509 46 : dnQualifier : dnQualifier
736 X509 47 : : enhancedSearchGuide
737 X509 48 : : protocolInformation
738 X509 49 : : distinguishedName
739 X509 50 : : uniqueMember
740 X509 51 : : houseIdentifier
741 X509 52 : : supportedAlgorithms
742 X509 53 : : deltaRevocationList
743 X509 54 : dmdName :
744 X509 65 : : pseudonym
745 X509 72 : role : role
746 X509 97 : : organizationIdentifier
747 X509 98 : c3 : countryCode3c
748 X509 99 : n3 : countryCode3n
749 X509 100 : : dnsName
750
751
752 X500 8 : X500algorithms : directory services - algorithms
753 X500algorithms 1 1 : RSA : rsa
754 X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
755 X500algorithms 3 101 : MDC2 : mdc2
756
757 X500 29 : id-ce
758 !Cname subject-directory-attributes
759 id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes
760 !Cname subject-key-identifier
761 id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
762 !Cname key-usage
763 id-ce 15 : keyUsage : X509v3 Key Usage
764 !Cname private-key-usage-period
765 id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
766 !Cname subject-alt-name
767 id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
768 !Cname issuer-alt-name
769 id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
770 !Cname basic-constraints
771 id-ce 19 : basicConstraints : X509v3 Basic Constraints
772 !Cname crl-number
773 id-ce 20 : crlNumber : X509v3 CRL Number
774 !Cname crl-reason
775 id-ce 21 : CRLReason : X509v3 CRL Reason Code
776 !Cname invalidity-date
777 id-ce 24 : invalidityDate : Invalidity Date
778 !Cname delta-crl
779 id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
780 !Cname issuing-distribution-point
781 id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distribution Point
782 !Cname certificate-issuer
783 id-ce 29 : certificateIssuer : X509v3 Certificate Issuer
784 !Cname name-constraints
785 id-ce 30 : nameConstraints : X509v3 Name Constraints
786 !Cname crl-distribution-points
787 id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
788 !Cname certificate-policies
789 id-ce 32 : certificatePolicies : X509v3 Certificate Policies
790 !Cname any-policy
791 certificate-policies 0 : anyPolicy : X509v3 Any Policy
792 !Cname policy-mappings
793 id-ce 33 : policyMappings : X509v3 Policy Mappings
794 !Cname authority-key-identifier
795 id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
796 !Cname policy-constraints
797 id-ce 36 : policyConstraints : X509v3 Policy Constraints
798 !Cname ext-key-usage
799 id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
800 !Cname freshest-crl
801 id-ce 46 : freshestCRL : X509v3 Freshest CRL
802 !Cname inhibit-any-policy
803 id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy
804 !Cname target-information
805 id-ce 55 : targetInformation : X509v3 AC Targeting
806 !Cname no-rev-avail
807 id-ce 56 : noRevAvail : X509v3 No Revocation Available
808
809 # From RFC5280
810 ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage
811
812
813 !Cname netscape
814 2 16 840 1 113730 : Netscape : Netscape Communications Corp.
815 !Cname netscape-cert-extension
816 netscape 1 : nsCertExt : Netscape Certificate Extension
817 !Cname netscape-data-type
818 netscape 2 : nsDataType : Netscape Data Type
819 !Cname netscape-cert-type
820 netscape-cert-extension 1 : nsCertType : Netscape Cert Type
821 !Cname netscape-base-url
822 netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
823 !Cname netscape-revocation-url
824 netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
825 !Cname netscape-ca-revocation-url
826 netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
827 !Cname netscape-renewal-url
828 netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
829 !Cname netscape-ca-policy-url
830 netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
831 !Cname netscape-ssl-server-name
832 netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
833 !Cname netscape-comment
834 netscape-cert-extension 13 : nsComment : Netscape Comment
835 !Cname netscape-cert-sequence
836 netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
837 !Cname ns-sgc
838 netscape 4 1 : nsSGC : Netscape Server Gated Crypto
839
840 # iso(1)
841 iso 3 : ORG : org
842 org 6 : DOD : dod
843 dod 1 : IANA : iana
844 !Alias internet iana
845
846 internet 1 : directory : Directory
847 internet 2 : mgmt : Management
848 internet 3 : experimental : Experimental
849 internet 4 : private : Private
850 internet 5 : security : Security
851 internet 6 : snmpv2 : SNMPv2
852 # Documents refer to "internet 7" as "mail". This however leads to ambiguities
853 # with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
854 # rfc822Mailbox. The short name is therefore here left out for a reason.
855 # Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
856 # references are realized via long name "Mail" (with capital M).
857 internet 7 : : Mail
858
859 Private 1 : enterprises : Enterprises
860
861 # RFC 2247
862 Enterprises 1466 344 : dcobject : dcObject
863
864 # RFC 1495
865 Mail 1 : mime-mhs : MIME MHS
866 mime-mhs 1 : mime-mhs-headings : mime-mhs-headings
867 mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies
868 mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message
869 mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message
870
871 # RFC 3274
872 !Cname zlib-compression
873 id-smime-alg 8 : ZLIB : zlib compression
874
875 # AES aka Rijndael
876
877 !Alias csor 2 16 840 1 101 3
878 !Alias nistAlgorithms csor 4
879 !Alias aes nistAlgorithms 1
880
881 aes 1 : AES-128-ECB : aes-128-ecb
882 aes 2 : AES-128-CBC : aes-128-cbc
883 !Cname aes-128-ofb128
884 aes 3 : AES-128-OFB : aes-128-ofb
885 !Cname aes-128-cfb128
886 aes 4 : AES-128-CFB : aes-128-cfb
887 aes 5 : id-aes128-wrap
888 aes 6 : id-aes128-GCM : aes-128-gcm
889 aes 7 : id-aes128-CCM : aes-128-ccm
890 aes 8 : id-aes128-wrap-pad
891
892 aes 21 : AES-192-ECB : aes-192-ecb
893 aes 22 : AES-192-CBC : aes-192-cbc
894 !Cname aes-192-ofb128
895 aes 23 : AES-192-OFB : aes-192-ofb
896 !Cname aes-192-cfb128
897 aes 24 : AES-192-CFB : aes-192-cfb
898 aes 25 : id-aes192-wrap
899 aes 26 : id-aes192-GCM : aes-192-gcm
900 aes 27 : id-aes192-CCM : aes-192-ccm
901 aes 28 : id-aes192-wrap-pad
902
903 aes 41 : AES-256-ECB : aes-256-ecb
904 aes 42 : AES-256-CBC : aes-256-cbc
905 !Cname aes-256-ofb128
906 aes 43 : AES-256-OFB : aes-256-ofb
907 !Cname aes-256-cfb128
908 aes 44 : AES-256-CFB : aes-256-cfb
909 aes 45 : id-aes256-wrap
910 aes 46 : id-aes256-GCM : aes-256-gcm
911 aes 47 : id-aes256-CCM : aes-256-ccm
912 aes 48 : id-aes256-wrap-pad
913
914 # There are no OIDs for these modes...
915
916 : AES-128-CFB1 : aes-128-cfb1
917 : AES-192-CFB1 : aes-192-cfb1
918 : AES-256-CFB1 : aes-256-cfb1
919 : AES-128-CFB8 : aes-128-cfb8
920 : AES-192-CFB8 : aes-192-cfb8
921 : AES-256-CFB8 : aes-256-cfb8
922 : AES-128-CTR : aes-128-ctr
923 : AES-192-CTR : aes-192-ctr
924 : AES-256-CTR : aes-256-ctr
925 : AES-128-OCB : aes-128-ocb
926 : AES-192-OCB : aes-192-ocb
927 : AES-256-OCB : aes-256-ocb
928 : AES-128-XTS : aes-128-xts
929 : AES-256-XTS : aes-256-xts
930 : DES-CFB1 : des-cfb1
931 : DES-CFB8 : des-cfb8
932 : DES-EDE3-CFB1 : des-ede3-cfb1
933 : DES-EDE3-CFB8 : des-ede3-cfb8
934
935 # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84 and
936 # http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
937 # "Middle" names are specified to be id-sha256, id-sha384, etc., but
938 # we adhere to unprefixed capitals for backward compatibility...
939 !Alias nist_hashalgs nistAlgorithms 2
940 nist_hashalgs 1 : SHA256 : sha256
941 nist_hashalgs 2 : SHA384 : sha384
942 nist_hashalgs 3 : SHA512 : sha512
943 nist_hashalgs 4 : SHA224 : sha224
944 nist_hashalgs 5 : SHA512-224 : sha512-224
945 nist_hashalgs 6 : SHA512-256 : sha512-256
946 nist_hashalgs 7 : SHA3-224 : sha3-224
947 nist_hashalgs 8 : SHA3-256 : sha3-256
948 nist_hashalgs 9 : SHA3-384 : sha3-384
949 nist_hashalgs 10 : SHA3-512 : sha3-512
950 nist_hashalgs 11 : SHAKE128 : shake128
951 nist_hashalgs 12 : SHAKE256 : shake256
952 nist_hashalgs 13 : id-hmacWithSHA3-224 : hmac-sha3-224
953 nist_hashalgs 14 : id-hmacWithSHA3-256 : hmac-sha3-256
954 nist_hashalgs 15 : id-hmacWithSHA3-384 : hmac-sha3-384
955 nist_hashalgs 16 : id-hmacWithSHA3-512 : hmac-sha3-512
956 # Below two are incomplete OIDs, to be uncommented when we figure out
957 # how to handle them...
958 # nist_hashalgs 17 : id-shake128-len : shake128-len
959 # nist_hashalgs 18 : id-shake256-len : shake256-len
960
961 # OIDs for dsa-with-sha224 and dsa-with-sha256
962 !Alias dsa_with_sha2 nistAlgorithms 3
963 dsa_with_sha2 1 : dsa_with_SHA224
964 dsa_with_sha2 2 : dsa_with_SHA256
965 # Above two belong below, but kept as they are for backward compatibility
966 !Alias sigAlgs nistAlgorithms 3
967 sigAlgs 3 : id-dsa-with-sha384 : dsa_with_SHA384
968 sigAlgs 4 : id-dsa-with-sha512 : dsa_with_SHA512
969 sigAlgs 5 : id-dsa-with-sha3-224 : dsa_with_SHA3-224
970 sigAlgs 6 : id-dsa-with-sha3-256 : dsa_with_SHA3-256
971 sigAlgs 7 : id-dsa-with-sha3-384 : dsa_with_SHA3-384
972 sigAlgs 8 : id-dsa-with-sha3-512 : dsa_with_SHA3-512
973 sigAlgs 9 : id-ecdsa-with-sha3-224 : ecdsa_with_SHA3-224
974 sigAlgs 10 : id-ecdsa-with-sha3-256 : ecdsa_with_SHA3-256
975 sigAlgs 11 : id-ecdsa-with-sha3-384 : ecdsa_with_SHA3-384
976 sigAlgs 12 : id-ecdsa-with-sha3-512 : ecdsa_with_SHA3-512
977 sigAlgs 13 : id-rsassa-pkcs1-v1_5-with-sha3-224 : RSA-SHA3-224
978 sigAlgs 14 : id-rsassa-pkcs1-v1_5-with-sha3-256 : RSA-SHA3-256
979 sigAlgs 15 : id-rsassa-pkcs1-v1_5-with-sha3-384 : RSA-SHA3-384
980 sigAlgs 16 : id-rsassa-pkcs1-v1_5-with-sha3-512 : RSA-SHA3-512
981
982 # Hold instruction CRL entry extension
983 !Cname hold-instruction-code
984 id-ce 23 : holdInstructionCode : Hold Instruction Code
985 !Alias holdInstruction X9-57 2
986 !Cname hold-instruction-none
987 holdInstruction 1 : holdInstructionNone : Hold Instruction None
988 !Cname hold-instruction-call-issuer
989 holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer
990 !Cname hold-instruction-reject
991 holdInstruction 3 : holdInstructionReject : Hold Instruction Reject
992
993 # OID's from ITU-T. Most of this is defined in RFC 1274. A couple of
994 # them are also mentioned in RFC 2247
995 itu-t 9 : data
996 data 2342 : pss
997 pss 19200300 : ucl
998 ucl 100 : pilot
999 pilot 1 : : pilotAttributeType
1000 pilot 3 : : pilotAttributeSyntax
1001 pilot 4 : : pilotObjectClass
1002 pilot 10 : : pilotGroups
1003 pilotAttributeSyntax 4 : : iA5StringSyntax
1004 pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax
1005 pilotObjectClass 3 : : pilotObject
1006 pilotObjectClass 4 : : pilotPerson
1007 pilotObjectClass 5 : account
1008 pilotObjectClass 6 : document
1009 pilotObjectClass 7 : room
1010 pilotObjectClass 9 : : documentSeries
1011 pilotObjectClass 13 : domain : Domain
1012 pilotObjectClass 14 : : rFC822localPart
1013 pilotObjectClass 15 : : dNSDomain
1014 pilotObjectClass 17 : : domainRelatedObject
1015 pilotObjectClass 18 : : friendlyCountry
1016 pilotObjectClass 19 : : simpleSecurityObject
1017 pilotObjectClass 20 : : pilotOrganization
1018 pilotObjectClass 21 : : pilotDSA
1019 pilotObjectClass 22 : : qualityLabelledData
1020 pilotAttributeType 1 : UID : userId
1021 pilotAttributeType 2 : : textEncodedORAddress
1022 pilotAttributeType 3 : mail : rfc822Mailbox
1023 pilotAttributeType 4 : info
1024 pilotAttributeType 5 : : favouriteDrink
1025 pilotAttributeType 6 : : roomNumber
1026 pilotAttributeType 7 : photo
1027 pilotAttributeType 8 : : userClass
1028 pilotAttributeType 9 : host
1029 pilotAttributeType 10 : manager
1030 pilotAttributeType 11 : : documentIdentifier
1031 pilotAttributeType 12 : : documentTitle
1032 pilotAttributeType 13 : : documentVersion
1033 pilotAttributeType 14 : : documentAuthor
1034 pilotAttributeType 15 : : documentLocation
1035 pilotAttributeType 20 : : homeTelephoneNumber
1036 pilotAttributeType 21 : secretary
1037 pilotAttributeType 22 : : otherMailbox
1038 pilotAttributeType 23 : : lastModifiedTime
1039 pilotAttributeType 24 : : lastModifiedBy
1040 pilotAttributeType 25 : DC : domainComponent
1041 pilotAttributeType 26 : : aRecord
1042 pilotAttributeType 27 : : pilotAttributeType27
1043 pilotAttributeType 28 : : mXRecord
1044 pilotAttributeType 29 : : nSRecord
1045 pilotAttributeType 30 : : sOARecord
1046 pilotAttributeType 31 : : cNAMERecord
1047 pilotAttributeType 37 : : associatedDomain
1048 pilotAttributeType 38 : : associatedName
1049 pilotAttributeType 39 : : homePostalAddress
1050 pilotAttributeType 40 : : personalTitle
1051 pilotAttributeType 41 : : mobileTelephoneNumber
1052 pilotAttributeType 42 : : pagerTelephoneNumber
1053 pilotAttributeType 43 : : friendlyCountryName
1054 pilotAttributeType 44 : uid : uniqueIdentifier
1055 pilotAttributeType 45 : : organizationalStatus
1056 pilotAttributeType 46 : : janetMailbox
1057 pilotAttributeType 47 : : mailPreferenceOption
1058 pilotAttributeType 48 : : buildingName
1059 pilotAttributeType 49 : : dSAQuality
1060 pilotAttributeType 50 : : singleLevelQuality
1061 pilotAttributeType 51 : : subtreeMinimumQuality
1062 pilotAttributeType 52 : : subtreeMaximumQuality
1063 pilotAttributeType 53 : : personalSignature
1064 pilotAttributeType 54 : : dITRedirect
1065 pilotAttributeType 55 : audio
1066 pilotAttributeType 56 : : documentPublisher
1067
1068 international-organizations 42 : id-set : Secure Electronic Transactions
1069
1070 id-set 0 : set-ctype : content types
1071 id-set 1 : set-msgExt : message extensions
1072 id-set 3 : set-attr
1073 id-set 5 : set-policy
1074 id-set 7 : set-certExt : certificate extensions
1075 id-set 8 : set-brand
1076
1077 set-ctype 0 : setct-PANData
1078 set-ctype 1 : setct-PANToken
1079 set-ctype 2 : setct-PANOnly
1080 set-ctype 3 : setct-OIData
1081 set-ctype 4 : setct-PI
1082 set-ctype 5 : setct-PIData
1083 set-ctype 6 : setct-PIDataUnsigned
1084 set-ctype 7 : setct-HODInput
1085 set-ctype 8 : setct-AuthResBaggage
1086 set-ctype 9 : setct-AuthRevReqBaggage
1087 set-ctype 10 : setct-AuthRevResBaggage
1088 set-ctype 11 : setct-CapTokenSeq
1089 set-ctype 12 : setct-PInitResData
1090 set-ctype 13 : setct-PI-TBS
1091 set-ctype 14 : setct-PResData
1092 set-ctype 16 : setct-AuthReqTBS
1093 set-ctype 17 : setct-AuthResTBS
1094 set-ctype 18 : setct-AuthResTBSX
1095 set-ctype 19 : setct-AuthTokenTBS
1096 set-ctype 20 : setct-CapTokenData
1097 set-ctype 21 : setct-CapTokenTBS
1098 set-ctype 22 : setct-AcqCardCodeMsg
1099 set-ctype 23 : setct-AuthRevReqTBS
1100 set-ctype 24 : setct-AuthRevResData
1101 set-ctype 25 : setct-AuthRevResTBS
1102 set-ctype 26 : setct-CapReqTBS
1103 set-ctype 27 : setct-CapReqTBSX
1104 set-ctype 28 : setct-CapResData
1105 set-ctype 29 : setct-CapRevReqTBS
1106 set-ctype 30 : setct-CapRevReqTBSX
1107 set-ctype 31 : setct-CapRevResData
1108 set-ctype 32 : setct-CredReqTBS
1109 set-ctype 33 : setct-CredReqTBSX
1110 set-ctype 34 : setct-CredResData
1111 set-ctype 35 : setct-CredRevReqTBS
1112 set-ctype 36 : setct-CredRevReqTBSX
1113 set-ctype 37 : setct-CredRevResData
1114 set-ctype 38 : setct-PCertReqData
1115 set-ctype 39 : setct-PCertResTBS
1116 set-ctype 40 : setct-BatchAdminReqData
1117 set-ctype 41 : setct-BatchAdminResData
1118 set-ctype 42 : setct-CardCInitResTBS
1119 set-ctype 43 : setct-MeAqCInitResTBS
1120 set-ctype 44 : setct-RegFormResTBS
1121 set-ctype 45 : setct-CertReqData
1122 set-ctype 46 : setct-CertReqTBS
1123 set-ctype 47 : setct-CertResData
1124 set-ctype 48 : setct-CertInqReqTBS
1125 set-ctype 49 : setct-ErrorTBS
1126 set-ctype 50 : setct-PIDualSignedTBE
1127 set-ctype 51 : setct-PIUnsignedTBE
1128 set-ctype 52 : setct-AuthReqTBE
1129 set-ctype 53 : setct-AuthResTBE
1130 set-ctype 54 : setct-AuthResTBEX
1131 set-ctype 55 : setct-AuthTokenTBE
1132 set-ctype 56 : setct-CapTokenTBE
1133 set-ctype 57 : setct-CapTokenTBEX
1134 set-ctype 58 : setct-AcqCardCodeMsgTBE
1135 set-ctype 59 : setct-AuthRevReqTBE
1136 set-ctype 60 : setct-AuthRevResTBE
1137 set-ctype 61 : setct-AuthRevResTBEB
1138 set-ctype 62 : setct-CapReqTBE
1139 set-ctype 63 : setct-CapReqTBEX
1140 set-ctype 64 : setct-CapResTBE
1141 set-ctype 65 : setct-CapRevReqTBE
1142 set-ctype 66 : setct-CapRevReqTBEX
1143 set-ctype 67 : setct-CapRevResTBE
1144 set-ctype 68 : setct-CredReqTBE
1145 set-ctype 69 : setct-CredReqTBEX
1146 set-ctype 70 : setct-CredResTBE
1147 set-ctype 71 : setct-CredRevReqTBE
1148 set-ctype 72 : setct-CredRevReqTBEX
1149 set-ctype 73 : setct-CredRevResTBE
1150 set-ctype 74 : setct-BatchAdminReqTBE
1151 set-ctype 75 : setct-BatchAdminResTBE
1152 set-ctype 76 : setct-RegFormReqTBE
1153 set-ctype 77 : setct-CertReqTBE
1154 set-ctype 78 : setct-CertReqTBEX
1155 set-ctype 79 : setct-CertResTBE
1156 set-ctype 80 : setct-CRLNotificationTBS
1157 set-ctype 81 : setct-CRLNotificationResTBS
1158 set-ctype 82 : setct-BCIDistributionTBS
1159
1160 set-msgExt 1 : setext-genCrypt : generic cryptogram
1161 set-msgExt 3 : setext-miAuth : merchant initiated auth
1162 set-msgExt 4 : setext-pinSecure
1163 set-msgExt 5 : setext-pinAny
1164 set-msgExt 7 : setext-track2
1165 set-msgExt 8 : setext-cv : additional verification
1166
1167 set-policy 0 : set-policy-root
1168
1169 set-certExt 0 : setCext-hashedRoot
1170 set-certExt 1 : setCext-certType
1171 set-certExt 2 : setCext-merchData
1172 set-certExt 3 : setCext-cCertRequired
1173 set-certExt 4 : setCext-tunneling
1174 set-certExt 5 : setCext-setExt
1175 set-certExt 6 : setCext-setQualf
1176 set-certExt 7 : setCext-PGWYcapabilities
1177 set-certExt 8 : setCext-TokenIdentifier
1178 set-certExt 9 : setCext-Track2Data
1179 set-certExt 10 : setCext-TokenType
1180 set-certExt 11 : setCext-IssuerCapabilities
1181
1182 set-attr 0 : setAttr-Cert
1183 set-attr 1 : setAttr-PGWYcap : payment gateway capabilities
1184 set-attr 2 : setAttr-TokenType
1185 set-attr 3 : setAttr-IssCap : issuer capabilities
1186
1187 setAttr-Cert 0 : set-rootKeyThumb
1188 setAttr-Cert 1 : set-addPolicy
1189
1190 setAttr-TokenType 1 : setAttr-Token-EMV
1191 setAttr-TokenType 2 : setAttr-Token-B0Prime
1192
1193 setAttr-IssCap 3 : setAttr-IssCap-CVM
1194 setAttr-IssCap 4 : setAttr-IssCap-T2
1195 setAttr-IssCap 5 : setAttr-IssCap-Sig
1196
1197 setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram
1198 setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2
1199 setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2
1200
1201 setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature
1202 setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature
1203
1204 set-brand 1 : set-brand-IATA-ATA
1205 set-brand 30 : set-brand-Diners
1206 set-brand 34 : set-brand-AmericanExpress
1207 set-brand 35 : set-brand-JCB
1208 set-brand 4 : set-brand-Visa
1209 set-brand 5 : set-brand-MasterCard
1210 set-brand 6011 : set-brand-Novus
1211
1212 rsadsi 3 10 : DES-CDMF : des-cdmf
1213 rsadsi 1 1 6 : rsaOAEPEncryptionSET
1214
1215 : Oakley-EC2N-3 : ipsec3
1216 : Oakley-EC2N-4 : ipsec4
1217
1218 iso 0 10118 3 0 55 : whirlpool
1219
1220 # GOST OIDs
1221
1222 member-body 643 2 2 : cryptopro
1223 member-body 643 2 9 : cryptocom
1224 member-body 643 7 1 : id-tc26
1225
1226 cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
1227 cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
1228 !Cname id-GostR3411-94
1229 cryptopro 9 : md_gost94 : GOST R 34.11-94
1230 cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94
1231 !Cname id-GostR3410-2001
1232 cryptopro 19 : gost2001 : GOST R 34.10-2001
1233 !Cname id-GostR3410-94
1234 cryptopro 20 : gost94 : GOST R 34.10-94
1235 !Cname id-Gost28147-89
1236 cryptopro 21 : gost89 : GOST 28147-89
1237 : gost89-cnt
1238 : gost89-cnt-12
1239 : gost89-cbc
1240 : gost89-ecb
1241 : gost89-ctr
1242 !Cname id-Gost28147-89-MAC
1243 cryptopro 22 : gost-mac : GOST 28147-89 MAC
1244 : gost-mac-12
1245 !Cname id-GostR3411-94-prf
1246 cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF
1247 cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH
1248 cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH
1249
1250 cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing
1251 cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing
1252
1253 # GOST parameter set OIDs
1254
1255 cryptopro 30 0 : id-GostR3411-94-TestParamSet
1256 cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet
1257
1258 cryptopro 31 0 : id-Gost28147-89-TestParamSet
1259 cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet
1260 cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet
1261 cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet
1262 cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet
1263 cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
1264 cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
1265 cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet
1266
1267 cryptopro 32 0 : id-GostR3410-94-TestParamSet
1268 cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet
1269 cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet
1270 cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet
1271 cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet
1272
1273 cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet
1274 cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet
1275 cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet
1276
1277 cryptopro 35 0 : id-GostR3410-2001-TestParamSet
1278 cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet
1279 cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet
1280 cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet
1281
1282 cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet
1283 cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet
1284
1285 id-GostR3410-94 1 : id-GostR3410-94-a
1286 id-GostR3410-94 2 : id-GostR3410-94-aBis
1287 id-GostR3410-94 3 : id-GostR3410-94-b
1288 id-GostR3410-94 4 : id-GostR3410-94-bBis
1289
1290 # Cryptocom LTD GOST OIDs
1291
1292 cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet
1293 !Cname id-GostR3410-94-cc
1294 cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom
1295 !Cname id-GostR3410-2001-cc
1296 cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom
1297
1298 cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
1299 cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
1300
1301 cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
1302
1303 # TC26 GOST OIDs
1304
1305 id-tc26 1 : id-tc26-algorithms
1306 id-tc26-algorithms 1 : id-tc26-sign
1307 !Cname id-GostR3410-2012-256
1308 id-tc26-sign 1 : gost2012_256: GOST R 34.10-2012 with 256 bit modulus
1309 !Cname id-GostR3410-2012-512
1310 id-tc26-sign 2 : gost2012_512: GOST R 34.10-2012 with 512 bit modulus
1311
1312 id-tc26-algorithms 2 : id-tc26-digest
1313 !Cname id-GostR3411-2012-256
1314 id-tc26-digest 2 : md_gost12_256: GOST R 34.11-2012 with 256 bit hash
1315 !Cname id-GostR3411-2012-512
1316 id-tc26-digest 3 : md_gost12_512: GOST R 34.11-2012 with 512 bit hash
1317
1318 id-tc26-algorithms 3 : id-tc26-signwithdigest
1319 id-tc26-signwithdigest 2: id-tc26-signwithdigest-gost3410-2012-256: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
1320 id-tc26-signwithdigest 3: id-tc26-signwithdigest-gost3410-2012-512: GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)
1321
1322 id-tc26-algorithms 4 : id-tc26-mac
1323 id-tc26-mac 1 : id-tc26-hmac-gost-3411-2012-256 : HMAC GOST 34.11-2012 256 bit
1324 id-tc26-mac 2 : id-tc26-hmac-gost-3411-2012-512 : HMAC GOST 34.11-2012 512 bit
1325
1326 id-tc26-algorithms 5 : id-tc26-cipher
1327
1328 id-tc26-algorithms 6 : id-tc26-agreement
1329 id-tc26-agreement 1 : id-tc26-agreement-gost-3410-2012-256
1330 id-tc26-agreement 2 : id-tc26-agreement-gost-3410-2012-512
1331
1332 id-tc26 2 : id-tc26-constants
1333
1334 id-tc26-constants 1 : id-tc26-sign-constants
1335 id-tc26-sign-constants 2: id-tc26-gost-3410-2012-512-constants
1336 id-tc26-gost-3410-2012-512-constants 0 : id-tc26-gost-3410-2012-512-paramSetTest: GOST R 34.10-2012 (512 bit) testing parameter set
1337 id-tc26-gost-3410-2012-512-constants 1 : id-tc26-gost-3410-2012-512-paramSetA: GOST R 34.10-2012 (512 bit) ParamSet A
1338 id-tc26-gost-3410-2012-512-constants 2 : id-tc26-gost-3410-2012-512-paramSetB: GOST R 34.10-2012 (512 bit) ParamSet B
1339
1340 id-tc26-constants 2 : id-tc26-digest-constants
1341 id-tc26-constants 5 : id-tc26-cipher-constants
1342 id-tc26-cipher-constants 1 : id-tc26-gost-28147-constants
1343 id-tc26-gost-28147-constants 1 : id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 parameter set
1344
1345 member-body 643 3 131 1 1 : INN : INN
1346 member-body 643 100 1 : OGRN : OGRN
1347 member-body 643 100 3 : SNILS : SNILS
1348 member-body 643 100 111 : subjectSignTool : Signing Tool of Subject
1349 member-body 643 100 112 : issuerSignTool : Signing Tool of Issuer
1350
1351 #GOST R34.13-2015 Grasshopper "Kuznechik"
1352 : grasshopper-ecb
1353 : grasshopper-ctr
1354 : grasshopper-ofb
1355 : grasshopper-cbc
1356 : grasshopper-cfb
1357 : grasshopper-mac
1358
1359 # Definitions for Camellia cipher - CBC MODE
1360
1361 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
1362 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
1363 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
1364 1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
1365 1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
1366 1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
1367
1368 # Definitions for Camellia cipher - ECB, CFB, OFB MODE
1369
1370 !Alias ntt-ds 0 3 4401 5
1371 !Alias camellia ntt-ds 3 1 9
1372
1373 camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb
1374 !Cname camellia-128-ofb128
1375 camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb
1376 !Cname camellia-128-cfb128
1377 camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb
1378 camellia 6 : CAMELLIA-128-GCM : camellia-128-gcm
1379 camellia 7 : CAMELLIA-128-CCM : camellia-128-ccm
1380 camellia 9 : CAMELLIA-128-CTR : camellia-128-ctr
1381 camellia 10 : CAMELLIA-128-CMAC : camellia-128-cmac
1382
1383 camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb
1384 !Cname camellia-192-ofb128
1385 camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb
1386 !Cname camellia-192-cfb128
1387 camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb
1388 camellia 26 : CAMELLIA-192-GCM : camellia-192-gcm
1389 camellia 27 : CAMELLIA-192-CCM : camellia-192-ccm
1390 camellia 29 : CAMELLIA-192-CTR : camellia-192-ctr
1391 camellia 30 : CAMELLIA-192-CMAC : camellia-192-cmac
1392
1393 camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb
1394 !Cname camellia-256-ofb128
1395 camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb
1396 !Cname camellia-256-cfb128
1397 camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb
1398 camellia 46 : CAMELLIA-256-GCM : camellia-256-gcm
1399 camellia 47 : CAMELLIA-256-CCM : camellia-256-ccm
1400 camellia 49 : CAMELLIA-256-CTR : camellia-256-ctr
1401 camellia 50 : CAMELLIA-256-CMAC : camellia-256-cmac
1402
1403 # There are no OIDs for these modes...
1404
1405 : CAMELLIA-128-CFB1 : camellia-128-cfb1
1406 : CAMELLIA-192-CFB1 : camellia-192-cfb1
1407 : CAMELLIA-256-CFB1 : camellia-256-cfb1
1408 : CAMELLIA-128-CFB8 : camellia-128-cfb8
1409 : CAMELLIA-192-CFB8 : camellia-192-cfb8
1410 : CAMELLIA-256-CFB8 : camellia-256-cfb8
1411
1412 # Definitions for ARIA cipher
1413
1414 !Alias aria 1 2 410 200046 1 1
1415 aria 1 : ARIA-128-ECB : aria-128-ecb
1416 aria 2 : ARIA-128-CBC : aria-128-cbc
1417 !Cname aria-128-cfb128
1418 aria 3 : ARIA-128-CFB : aria-128-cfb
1419 !Cname aria-128-ofb128
1420 aria 4 : ARIA-128-OFB : aria-128-ofb
1421 aria 5 : ARIA-128-CTR : aria-128-ctr
1422
1423 aria 6 : ARIA-192-ECB : aria-192-ecb
1424 aria 7 : ARIA-192-CBC : aria-192-cbc
1425 !Cname aria-192-cfb128
1426 aria 8 : ARIA-192-CFB : aria-192-cfb
1427 !Cname aria-192-ofb128
1428 aria 9 : ARIA-192-OFB : aria-192-ofb
1429 aria 10 : ARIA-192-CTR : aria-192-ctr
1430
1431 aria 11 : ARIA-256-ECB : aria-256-ecb
1432 aria 12 : ARIA-256-CBC : aria-256-cbc
1433 !Cname aria-256-cfb128
1434 aria 13 : ARIA-256-CFB : aria-256-cfb
1435 !Cname aria-256-ofb128
1436 aria 14 : ARIA-256-OFB : aria-256-ofb
1437 aria 15 : ARIA-256-CTR : aria-256-ctr
1438
1439 # There are no OIDs for these ARIA modes...
1440 : ARIA-128-CFB1 : aria-128-cfb1
1441 : ARIA-192-CFB1 : aria-192-cfb1
1442 : ARIA-256-CFB1 : aria-256-cfb1
1443 : ARIA-128-CFB8 : aria-128-cfb8
1444 : ARIA-192-CFB8 : aria-192-cfb8
1445 : ARIA-256-CFB8 : aria-256-cfb8
1446
1447 aria 37 : ARIA-128-CCM : aria-128-ccm
1448 aria 38 : ARIA-192-CCM : aria-192-ccm
1449 aria 39 : ARIA-256-CCM : aria-256-ccm
1450 aria 34 : ARIA-128-GCM : aria-128-gcm
1451 aria 35 : ARIA-192-GCM : aria-192-gcm
1452 aria 36 : ARIA-256-GCM : aria-256-gcm
1453
1454 # Definitions for SEED cipher - ECB, CBC, OFB mode
1455
1456 member-body 410 200004 : KISA : kisa
1457 kisa 1 3 : SEED-ECB : seed-ecb
1458 kisa 1 4 : SEED-CBC : seed-cbc
1459 !Cname seed-cfb128
1460 kisa 1 5 : SEED-CFB : seed-cfb
1461 !Cname seed-ofb128
1462 kisa 1 6 : SEED-OFB : seed-ofb
1463
1464
1465 # Definitions for SM4 cipher
1466
1467 member-body 156 : ISO-CN : ISO CN Member Body
1468 ISO-CN 10197 : oscca
1469 oscca 1 : sm-scheme
1470
1471 sm-scheme 104 1 : SM4-ECB : sm4-ecb
1472 sm-scheme 104 2 : SM4-CBC : sm4-cbc
1473 !Cname sm4-ofb128
1474 sm-scheme 104 3 : SM4-OFB : sm4-ofb
1475 !Cname sm4-cfb128
1476 sm-scheme 104 4 : SM4-CFB : sm4-cfb
1477 sm-scheme 104 5 : SM4-CFB1 : sm4-cfb1
1478 sm-scheme 104 6 : SM4-CFB8 : sm4-cfb8
1479 sm-scheme 104 7 : SM4-CTR : sm4-ctr
1480
1481 # There is no OID that just denotes "HMAC" oddly enough...
1482
1483 : HMAC : hmac
1484 # Nor CMAC either
1485 : CMAC : cmac
1486
1487 # Synthetic composite ciphersuites
1488 : RC4-HMAC-MD5 : rc4-hmac-md5
1489 : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
1490 : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
1491 : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
1492 : AES-128-CBC-HMAC-SHA256 : aes-128-cbc-hmac-sha256
1493 : AES-192-CBC-HMAC-SHA256 : aes-192-cbc-hmac-sha256
1494 : AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256
1495 : ChaCha20-Poly1305 : chacha20-poly1305
1496 : ChaCha20 : chacha20
1497
1498 ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH
1499
1500 # RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt)
1501 # versionOne OBJECT IDENTIFIER ::= {
1502 # iso(1) identifified-organization(3) teletrust(36) algorithm(3)
1503 # signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8)
1504 # ellipticCurve(1) 1 }
1505 1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1
1506 1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1
1507 1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1
1508 1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1
1509 1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1
1510 1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1
1511 1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1
1512 1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1
1513 1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1
1514 1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1
1515 1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1
1516 1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
1517 1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
1518 1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1
1519
1520 # ECDH schemes from RFC5753
1521 !Alias x9-63-scheme 1 3 133 16 840 63 0
1522 !Alias secg-scheme certicom-arc 1
1523
1524 x9-63-scheme 2 : dhSinglePass-stdDH-sha1kdf-scheme
1525 secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
1526 secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
1527 secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
1528 secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
1529
1530 x9-63-scheme 3 : dhSinglePass-cofactorDH-sha1kdf-scheme
1531 secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
1532 secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
1533 secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
1534 secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
1535 # NIDs for use with lookup tables.
1536 : dh-std-kdf
1537 : dh-cofactor-kdf
1538
1539 # RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
1540 1 3 6 1 4 1 11129 2 4 2 : ct_precert_scts : CT Precertificate SCTs
1541 1 3 6 1 4 1 11129 2 4 3 : ct_precert_poison : CT Precertificate Poison
1542 1 3 6 1 4 1 11129 2 4 4 : ct_precert_signer : CT Precertificate Signer
1543 1 3 6 1 4 1 11129 2 4 5 : ct_cert_scts : CT Certificate SCTs
1544
1545 # CABForum EV SSL Certificate Guidelines
1546 # (see https://cabforum.org/extended-validation/)
1547 # OIDs for Subject Jurisdiction of Incorporation or Registration
1548 1 3 6 1 4 1 311 60 2 1 1 : jurisdictionL : jurisdictionLocalityName
1549 1 3 6 1 4 1 311 60 2 1 2 : jurisdictionST : jurisdictionStateOrProvinceName
1550 1 3 6 1 4 1 311 60 2 1 3 : jurisdictionC : jurisdictionCountryName
1551
1552 # SCRYPT algorithm
1553 !Cname id-scrypt
1554 1 3 6 1 4 1 11591 4 11 : id-scrypt : scrypt
1555
1556 # NID for TLS1 PRF
1557 : TLS1-PRF : tls1-prf
1558
1559 # NID for HKDF
1560 : HKDF : hkdf
1561
1562 # RFC 4556
1563 1 3 6 1 5 2 3 : id-pkinit
1564 id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth
1565 id-pkinit 5 : pkInitKDC : Signing KDC Response
1566
1567 # New algorithms from draft-ietf-curdle-pkix-04
1568 1 3 101 110 : X25519
1569 1 3 101 111 : X448
1570 1 3 101 112 : ED25519
1571 1 3 101 113 : ED448
1572
1573
1574 # NIDs for cipher key exchange
1575 : KxRSA : kx-rsa
1576 : KxECDHE : kx-ecdhe
1577 : KxDHE : kx-dhe
1578 : KxECDHE-PSK : kx-ecdhe-psk
1579 : KxDHE-PSK : kx-dhe-psk
1580 : KxRSA_PSK : kx-rsa-psk
1581 : KxPSK : kx-psk
1582 : KxSRP : kx-srp
1583 : KxGOST : kx-gost
1584 : KxANY : kx-any
1585
1586 # NIDs for cipher authentication
1587 : AuthRSA : auth-rsa
1588 : AuthECDSA : auth-ecdsa
1589 : AuthPSK : auth-psk
1590 : AuthDSS : auth-dss
1591 : AuthGOST01 : auth-gost01
1592 : AuthGOST12 : auth-gost12
1593 : AuthSRP : auth-srp
1594 : AuthNULL : auth-null
1595 : AuthANY : auth-any
1596 # NID for Poly1305
1597 : Poly1305 : poly1305
1598 # NID for SipHash
1599 : SipHash : siphash
1600
1601 # NIDs for RFC7919 DH parameters
1602 : ffdhe2048
1603 : ffdhe3072
1604 : ffdhe4096
1605 : ffdhe6144
1606 : ffdhe8192
A mirror of the official openssl repository