]>
Commit | Line | Data |
---|---|---|
f9d183c2 RL |
1 | # CCITT was renamed to ITU-T quite some time ago |
2 | 0 : ITU-T : itu-t | |
3 | !Alias ccitt itu-t | |
64b48877 | 4 | |
c2bbf9cf | 5 | 1 : ISO : iso |
622ec449 | 6 | |
f9d183c2 RL |
7 | 2 : JOINT-ISO-ITU-T : joint-iso-itu-t |
8 | !Alias joint-iso-ccitt joint-iso-itu-t | |
4b125068 | 9 | |
c2bbf9cf | 10 | iso 2 : member-body : ISO Member Body |
622ec449 | 11 | |
36c19463 BM |
12 | iso 3 : identified-organization |
13 | ||
86140095 LJ |
14 | # HMAC OIDs |
15 | identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 | |
16 | identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 | |
17 | ||
0c9d6818 F |
18 | # "1.3.36.8.3.3" |
19 | identified-organization 36 8 3 3 : x509ExtAdmission : Professional Information or basis for Admission | |
20 | ||
36c19463 BM |
21 | identified-organization 132 : certicom-arc |
22 | ||
f9d183c2 RL |
23 | joint-iso-itu-t 23 : international-organizations : International Organizations |
24 | ||
25 | international-organizations 43 : wap | |
cab6de03 | 26 | wap 1 : wap-wsg |
1d284535 | 27 | |
f9d183c2 | 28 | joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types |
4b125068 RL |
29 | |
30 | selected-attribute-types 55 : clearance | |
31 | ||
c2bbf9cf RL |
32 | member-body 840 : ISO-US : ISO US Member Body |
33 | ISO-US 10040 : X9-57 : X9.57 | |
34 | X9-57 4 : X9cm : X9.57 CM ? | |
35 | ||
36 | !Cname dsa | |
37 | X9cm 1 : DSA : dsaEncryption | |
38 | X9cm 3 : DSA-SHA1 : dsaWithSHA1 | |
39 | ||
14f7ee49 BM |
40 | |
41 | ISO-US 10045 : ansi-X9-62 : ANSI X9.62 | |
42 | !module X9-62 | |
43 | !Alias id-fieldType ansi-X9-62 1 | |
44 | X9-62_id-fieldType 1 : prime-field | |
45 | X9-62_id-fieldType 2 : characteristic-two-field | |
2d9b1b3f BM |
46 | X9-62_characteristic-two-field 3 : id-characteristic-two-basis |
47 | X9-62_id-characteristic-two-basis 1 : onBasis | |
48 | X9-62_id-characteristic-two-basis 2 : tpBasis | |
49 | X9-62_id-characteristic-two-basis 3 : ppBasis | |
14f7ee49 BM |
50 | !Alias id-publicKeyType ansi-X9-62 2 |
51 | X9-62_id-publicKeyType 1 : id-ecPublicKey | |
52 | !Alias ellipticCurve ansi-X9-62 3 | |
53 | !Alias c-TwoCurve X9-62_ellipticCurve 0 | |
2d9b1b3f BM |
54 | X9-62_c-TwoCurve 1 : c2pnb163v1 |
55 | X9-62_c-TwoCurve 2 : c2pnb163v2 | |
56 | X9-62_c-TwoCurve 3 : c2pnb163v3 | |
57 | X9-62_c-TwoCurve 4 : c2pnb176v1 | |
58 | X9-62_c-TwoCurve 5 : c2tnb191v1 | |
59 | X9-62_c-TwoCurve 6 : c2tnb191v2 | |
60 | X9-62_c-TwoCurve 7 : c2tnb191v3 | |
61 | X9-62_c-TwoCurve 8 : c2onb191v4 | |
62 | X9-62_c-TwoCurve 9 : c2onb191v5 | |
63 | X9-62_c-TwoCurve 10 : c2pnb208w1 | |
64 | X9-62_c-TwoCurve 11 : c2tnb239v1 | |
65 | X9-62_c-TwoCurve 12 : c2tnb239v2 | |
66 | X9-62_c-TwoCurve 13 : c2tnb239v3 | |
67 | X9-62_c-TwoCurve 14 : c2onb239v4 | |
68 | X9-62_c-TwoCurve 15 : c2onb239v5 | |
69 | X9-62_c-TwoCurve 16 : c2pnb272w1 | |
70 | X9-62_c-TwoCurve 17 : c2pnb304w1 | |
71 | X9-62_c-TwoCurve 18 : c2tnb359v1 | |
72 | X9-62_c-TwoCurve 19 : c2pnb368w1 | |
73 | X9-62_c-TwoCurve 20 : c2tnb431r1 | |
14f7ee49 BM |
74 | !Alias primeCurve X9-62_ellipticCurve 1 |
75 | X9-62_primeCurve 1 : prime192v1 | |
76 | X9-62_primeCurve 2 : prime192v2 | |
77 | X9-62_primeCurve 3 : prime192v3 | |
78 | X9-62_primeCurve 4 : prime239v1 | |
79 | X9-62_primeCurve 5 : prime239v2 | |
80 | X9-62_primeCurve 6 : prime239v3 | |
81 | X9-62_primeCurve 7 : prime256v1 | |
82 | !Alias id-ecSigType ansi-X9-62 4 | |
83 | !global | |
84 | X9-62_id-ecSigType 1 : ecdsa-with-SHA1 | |
06e2dd03 NL |
85 | X9-62_id-ecSigType 2 : ecdsa-with-Recommended |
86 | X9-62_id-ecSigType 3 : ecdsa-with-Specified | |
87 | ecdsa-with-Specified 1 : ecdsa-with-SHA224 | |
88 | ecdsa-with-Specified 2 : ecdsa-with-SHA256 | |
89 | ecdsa-with-Specified 3 : ecdsa-with-SHA384 | |
90 | ecdsa-with-Specified 4 : ecdsa-with-SHA512 | |
14f7ee49 | 91 | |
1d284535 BM |
92 | # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" |
93 | # (http://www.secg.org/) | |
36c19463 | 94 | !Alias secg_ellipticCurve certicom-arc 0 |
1d284535 | 95 | # SECG prime curves OIDs |
36c19463 BM |
96 | secg-ellipticCurve 6 : secp112r1 |
97 | secg-ellipticCurve 7 : secp112r2 | |
98 | secg-ellipticCurve 28 : secp128r1 | |
99 | secg-ellipticCurve 29 : secp128r2 | |
100 | secg-ellipticCurve 9 : secp160k1 | |
101 | secg-ellipticCurve 8 : secp160r1 | |
102 | secg-ellipticCurve 30 : secp160r2 | |
103 | secg-ellipticCurve 31 : secp192k1 | |
d745af4b BM |
104 | # NOTE: the curve secp192r1 is the same as prime192v1 defined above |
105 | # and is therefore omitted | |
36c19463 BM |
106 | secg-ellipticCurve 32 : secp224k1 |
107 | secg-ellipticCurve 33 : secp224r1 | |
108 | secg-ellipticCurve 10 : secp256k1 | |
d745af4b BM |
109 | # NOTE: the curve secp256r1 is the same as prime256v1 defined above |
110 | # and is therefore omitted | |
36c19463 BM |
111 | secg-ellipticCurve 34 : secp384r1 |
112 | secg-ellipticCurve 35 : secp521r1 | |
1d284535 | 113 | # SECG characteristic two curves OIDs |
36c19463 BM |
114 | secg-ellipticCurve 4 : sect113r1 |
115 | secg-ellipticCurve 5 : sect113r2 | |
116 | secg-ellipticCurve 22 : sect131r1 | |
117 | secg-ellipticCurve 23 : sect131r2 | |
118 | secg-ellipticCurve 1 : sect163k1 | |
119 | secg-ellipticCurve 2 : sect163r1 | |
120 | secg-ellipticCurve 15 : sect163r2 | |
121 | secg-ellipticCurve 24 : sect193r1 | |
122 | secg-ellipticCurve 25 : sect193r2 | |
123 | secg-ellipticCurve 26 : sect233k1 | |
124 | secg-ellipticCurve 27 : sect233r1 | |
125 | secg-ellipticCurve 3 : sect239k1 | |
126 | secg-ellipticCurve 16 : sect283k1 | |
127 | secg-ellipticCurve 17 : sect283r1 | |
128 | secg-ellipticCurve 36 : sect409k1 | |
129 | secg-ellipticCurve 37 : sect409r1 | |
130 | secg-ellipticCurve 38 : sect571k1 | |
131 | secg-ellipticCurve 39 : sect571r1 | |
14f7ee49 | 132 | |
1d284535 BM |
133 | # WAP/TLS curve OIDs (http://www.wapforum.org/) |
134 | !Alias wap-wsg-idm-ecid wap-wsg 4 | |
135 | wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1 | |
16dc1cfb BM |
136 | wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3 |
137 | wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4 | |
138 | wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5 | |
1d284535 | 139 | wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6 |
16dc1cfb | 140 | wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7 |
1d284535 BM |
141 | wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8 |
142 | wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9 | |
16dc1cfb BM |
143 | wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10 |
144 | wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11 | |
145 | wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12 | |
1d284535 BM |
146 | |
147 | ||
c2bbf9cf RL |
148 | ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc |
149 | : CAST5-ECB : cast5-ecb | |
150 | !Cname cast5-cfb64 | |
151 | : CAST5-CFB : cast5-cfb | |
152 | !Cname cast5-ofb64 | |
153 | : CAST5-OFB : cast5-ofb | |
154 | !Cname pbeWithMD5AndCast5-CBC | |
155 | ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC | |
156 | ||
86140095 LJ |
157 | # Macs for CMP and CRMF |
158 | ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC | |
159 | ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC | |
160 | ||
c2bbf9cf RL |
161 | ISO-US 113549 : rsadsi : RSA Data Security, Inc. |
162 | ||
163 | rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS | |
164 | ||
165 | pkcs 1 : pkcs1 | |
166 | pkcs1 1 : : rsaEncryption | |
167 | pkcs1 2 : RSA-MD2 : md2WithRSAEncryption | |
dd5e7746 | 168 | pkcs1 3 : RSA-MD4 : md4WithRSAEncryption |
c2bbf9cf RL |
169 | pkcs1 4 : RSA-MD5 : md5WithRSAEncryption |
170 | pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption | |
6bca8e38 | 171 | # According to PKCS #1 version 2.1 |
b3339050 | 172 | pkcs1 7 : RSAES-OAEP : rsaesOaep |
ff04bbe3 | 173 | pkcs1 8 : MGF1 : mgf1 |
e423c360 | 174 | pkcs1 9 : PSPECIFIED : pSpecified |
ff04bbe3 DSH |
175 | pkcs1 10 : RSASSA-PSS : rsassaPss |
176 | ||
6bca8e38 AP |
177 | pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption |
178 | pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption | |
179 | pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption | |
180 | pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption | |
c2bbf9cf RL |
181 | |
182 | pkcs 3 : pkcs3 | |
183 | pkcs3 1 : : dhKeyAgreement | |
184 | ||
185 | pkcs 5 : pkcs5 | |
186 | pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC | |
187 | pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC | |
188 | pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC | |
189 | pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC | |
190 | pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC | |
191 | pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC | |
192 | !Cname id_pbkdf2 | |
193 | pkcs5 12 : : PBKDF2 | |
194 | !Cname pbes2 | |
195 | pkcs5 13 : : PBES2 | |
196 | !Cname pbmac1 | |
197 | pkcs5 14 : : PBMAC1 | |
198 | ||
199 | pkcs 7 : pkcs7 | |
200 | pkcs7 1 : : pkcs7-data | |
201 | !Cname pkcs7-signed | |
202 | pkcs7 2 : : pkcs7-signedData | |
203 | !Cname pkcs7-enveloped | |
204 | pkcs7 3 : : pkcs7-envelopedData | |
205 | !Cname pkcs7-signedAndEnveloped | |
206 | pkcs7 4 : : pkcs7-signedAndEnvelopedData | |
207 | !Cname pkcs7-digest | |
208 | pkcs7 5 : : pkcs7-digestData | |
209 | !Cname pkcs7-encrypted | |
210 | pkcs7 6 : : pkcs7-encryptedData | |
211 | ||
212 | pkcs 9 : pkcs9 | |
213 | !module pkcs9 | |
30911232 | 214 | pkcs9 1 : : emailAddress |
c2bbf9cf RL |
215 | pkcs9 2 : : unstructuredName |
216 | pkcs9 3 : : contentType | |
217 | pkcs9 4 : : messageDigest | |
218 | pkcs9 5 : : signingTime | |
219 | pkcs9 6 : : countersignature | |
220 | pkcs9 7 : : challengePassword | |
221 | pkcs9 8 : : unstructuredAddress | |
222 | !Cname extCertAttributes | |
223 | pkcs9 9 : : extendedCertificateAttributes | |
224 | !global | |
225 | ||
226 | !Cname ext-req | |
227 | pkcs9 14 : extReq : Extension Request | |
228 | ||
229 | !Cname SMIMECapabilities | |
230 | pkcs9 15 : SMIME-CAPS : S/MIME Capabilities | |
231 | ||
232 | # S/MIME | |
233 | !Cname SMIME | |
234 | pkcs9 16 : SMIME : S/MIME | |
235 | SMIME 0 : id-smime-mod | |
236 | SMIME 1 : id-smime-ct | |
237 | SMIME 2 : id-smime-aa | |
238 | SMIME 3 : id-smime-alg | |
239 | SMIME 4 : id-smime-cd | |
240 | SMIME 5 : id-smime-spq | |
241 | SMIME 6 : id-smime-cti | |
242 | ||
243 | # S/MIME Modules | |
244 | id-smime-mod 1 : id-smime-mod-cms | |
245 | id-smime-mod 2 : id-smime-mod-ess | |
246 | id-smime-mod 3 : id-smime-mod-oid | |
247 | id-smime-mod 4 : id-smime-mod-msg-v3 | |
248 | id-smime-mod 5 : id-smime-mod-ets-eSignature-88 | |
249 | id-smime-mod 6 : id-smime-mod-ets-eSignature-97 | |
250 | id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 | |
251 | id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 | |
252 | ||
253 | # S/MIME Content Types | |
254 | id-smime-ct 1 : id-smime-ct-receipt | |
255 | id-smime-ct 2 : id-smime-ct-authData | |
256 | id-smime-ct 3 : id-smime-ct-publishCert | |
257 | id-smime-ct 4 : id-smime-ct-TSTInfo | |
258 | id-smime-ct 5 : id-smime-ct-TDTInfo | |
259 | id-smime-ct 6 : id-smime-ct-contentInfo | |
260 | id-smime-ct 7 : id-smime-ct-DVCSRequestData | |
261 | id-smime-ct 8 : id-smime-ct-DVCSResponseData | |
400ca0e4 | 262 | id-smime-ct 9 : id-smime-ct-compressedData |
505aee29 WL |
263 | id-smime-ct 19 : id-smime-ct-contentCollection |
264 | id-smime-ct 23 : id-smime-ct-authEnvelopedData | |
054307e7 | 265 | id-smime-ct 27 : id-ct-asciiTextWithCRLF |
505aee29 | 266 | id-smime-ct 28 : id-ct-xml |
c2bbf9cf RL |
267 | |
268 | # S/MIME Attributes | |
269 | id-smime-aa 1 : id-smime-aa-receiptRequest | |
270 | id-smime-aa 2 : id-smime-aa-securityLabel | |
271 | id-smime-aa 3 : id-smime-aa-mlExpandHistory | |
272 | id-smime-aa 4 : id-smime-aa-contentHint | |
273 | id-smime-aa 5 : id-smime-aa-msgSigDigest | |
274 | # obsolete | |
275 | id-smime-aa 6 : id-smime-aa-encapContentType | |
276 | id-smime-aa 7 : id-smime-aa-contentIdentifier | |
277 | # obsolete | |
278 | id-smime-aa 8 : id-smime-aa-macValue | |
279 | id-smime-aa 9 : id-smime-aa-equivalentLabels | |
280 | id-smime-aa 10 : id-smime-aa-contentReference | |
281 | id-smime-aa 11 : id-smime-aa-encrypKeyPref | |
282 | id-smime-aa 12 : id-smime-aa-signingCertificate | |
283 | id-smime-aa 13 : id-smime-aa-smimeEncryptCerts | |
284 | id-smime-aa 14 : id-smime-aa-timeStampToken | |
285 | id-smime-aa 15 : id-smime-aa-ets-sigPolicyId | |
286 | id-smime-aa 16 : id-smime-aa-ets-commitmentType | |
287 | id-smime-aa 17 : id-smime-aa-ets-signerLocation | |
288 | id-smime-aa 18 : id-smime-aa-ets-signerAttr | |
289 | id-smime-aa 19 : id-smime-aa-ets-otherSigCert | |
290 | id-smime-aa 20 : id-smime-aa-ets-contentTimestamp | |
291 | id-smime-aa 21 : id-smime-aa-ets-CertificateRefs | |
292 | id-smime-aa 22 : id-smime-aa-ets-RevocationRefs | |
293 | id-smime-aa 23 : id-smime-aa-ets-certValues | |
294 | id-smime-aa 24 : id-smime-aa-ets-revocationValues | |
295 | id-smime-aa 25 : id-smime-aa-ets-escTimeStamp | |
296 | id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp | |
297 | id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp | |
298 | id-smime-aa 28 : id-smime-aa-signatureType | |
299 | id-smime-aa 29 : id-smime-aa-dvcs-dvc | |
e92947d8 | 300 | id-smime-aa 47 : id-smime-aa-signingCertificateV2 |
c2bbf9cf RL |
301 | |
302 | # S/MIME Algorithm Identifiers | |
303 | # obsolete | |
304 | id-smime-alg 1 : id-smime-alg-ESDHwith3DES | |
305 | # obsolete | |
306 | id-smime-alg 2 : id-smime-alg-ESDHwithRC2 | |
307 | # obsolete | |
308 | id-smime-alg 3 : id-smime-alg-3DESwrap | |
309 | # obsolete | |
310 | id-smime-alg 4 : id-smime-alg-RC2wrap | |
311 | id-smime-alg 5 : id-smime-alg-ESDH | |
312 | id-smime-alg 6 : id-smime-alg-CMS3DESwrap | |
313 | id-smime-alg 7 : id-smime-alg-CMSRC2wrap | |
f2334630 | 314 | id-smime-alg 9 : id-alg-PWRI-KEK |
c2bbf9cf RL |
315 | |
316 | # S/MIME Certificate Distribution | |
317 | id-smime-cd 1 : id-smime-cd-ldap | |
318 | ||
319 | # S/MIME Signature Policy Qualifier | |
320 | id-smime-spq 1 : id-smime-spq-ets-sqt-uri | |
321 | id-smime-spq 2 : id-smime-spq-ets-sqt-unotice | |
322 | ||
323 | # S/MIME Commitment Type Identifier | |
324 | id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin | |
325 | id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt | |
326 | id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery | |
327 | id-smime-cti 4 : id-smime-cti-ets-proofOfSender | |
328 | id-smime-cti 5 : id-smime-cti-ets-proofOfApproval | |
329 | id-smime-cti 6 : id-smime-cti-ets-proofOfCreation | |
330 | ||
331 | pkcs9 20 : : friendlyName | |
332 | pkcs9 21 : : localKeyID | |
f2a253e0 DSH |
333 | !Cname ms-csp-name |
334 | 1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name | |
8528128b | 335 | 1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set |
c2bbf9cf RL |
336 | !Alias certTypes pkcs9 22 |
337 | certTypes 1 : : x509Certificate | |
338 | certTypes 2 : : sdsiCertificate | |
339 | !Alias crlTypes pkcs9 23 | |
340 | crlTypes 1 : : x509Crl | |
341 | ||
342 | !Alias pkcs12 pkcs 12 | |
343 | !Alias pkcs12-pbeids pkcs12 1 | |
344 | ||
345 | !Cname pbe-WithSHA1And128BitRC4 | |
346 | pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 | |
347 | !Cname pbe-WithSHA1And40BitRC4 | |
348 | pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 | |
349 | !Cname pbe-WithSHA1And3_Key_TripleDES-CBC | |
350 | pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC | |
351 | !Cname pbe-WithSHA1And2_Key_TripleDES-CBC | |
352 | pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC | |
353 | !Cname pbe-WithSHA1And128BitRC2-CBC | |
354 | pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC | |
355 | !Cname pbe-WithSHA1And40BitRC2-CBC | |
356 | pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC | |
357 | ||
358 | !Alias pkcs12-Version1 pkcs12 10 | |
359 | !Alias pkcs12-BagIds pkcs12-Version1 1 | |
360 | pkcs12-BagIds 1 : : keyBag | |
361 | pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag | |
362 | pkcs12-BagIds 3 : : certBag | |
363 | pkcs12-BagIds 4 : : crlBag | |
364 | pkcs12-BagIds 5 : : secretBag | |
365 | pkcs12-BagIds 6 : : safeContentsBag | |
366 | ||
367 | rsadsi 2 2 : MD2 : md2 | |
368 | rsadsi 2 4 : MD4 : md4 | |
369 | rsadsi 2 5 : MD5 : md5 | |
370 | : MD5-SHA1 : md5-sha1 | |
856640b5 | 371 | rsadsi 2 6 : : hmacWithMD5 |
c2bbf9cf | 372 | rsadsi 2 7 : : hmacWithSHA1 |
1631d5f9 | 373 | |
a0c3e4fa JL |
374 | member-body 156 10197 1 401 : SM3 : sm3 |
375 | member-body 156 10197 1 504 : RSA-SM3 : sm3WithRSAEncryption | |
376 | ||
1631d5f9 DSH |
377 | # From RFC4231 |
378 | rsadsi 2 8 : : hmacWithSHA224 | |
379 | rsadsi 2 9 : : hmacWithSHA256 | |
380 | rsadsi 2 10 : : hmacWithSHA384 | |
381 | rsadsi 2 11 : : hmacWithSHA512 | |
382 | ||
c2bbf9cf RL |
383 | rsadsi 3 2 : RC2-CBC : rc2-cbc |
384 | : RC2-ECB : rc2-ecb | |
385 | !Cname rc2-cfb64 | |
386 | : RC2-CFB : rc2-cfb | |
387 | !Cname rc2-ofb64 | |
388 | : RC2-OFB : rc2-ofb | |
389 | : RC2-40-CBC : rc2-40-cbc | |
390 | : RC2-64-CBC : rc2-64-cbc | |
391 | rsadsi 3 4 : RC4 : rc4 | |
392 | : RC4-40 : rc4-40 | |
393 | rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc | |
394 | rsadsi 3 8 : RC5-CBC : rc5-cbc | |
395 | : RC5-ECB : rc5-ecb | |
396 | !Cname rc5-cfb64 | |
397 | : RC5-CFB : rc5-cfb | |
398 | !Cname rc5-ofb64 | |
399 | : RC5-OFB : rc5-ofb | |
400 | ||
401 | !Cname ms-ext-req | |
402 | 1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request | |
403 | !Cname ms-code-ind | |
404 | 1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing | |
405 | !Cname ms-code-com | |
406 | 1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing | |
407 | !Cname ms-ctl-sign | |
408 | 1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing | |
409 | !Cname ms-sgc | |
410 | 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto | |
411 | !Cname ms-efs | |
412 | 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System | |
ce4f169f RL |
413 | !Cname ms-smartcard-login |
414 | 1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin | |
415 | !Cname ms-upn | |
416 | 1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name | |
c2bbf9cf RL |
417 | |
418 | 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc | |
419 | : IDEA-ECB : idea-ecb | |
420 | !Cname idea-cfb64 | |
421 | : IDEA-CFB : idea-cfb | |
422 | !Cname idea-ofb64 | |
423 | : IDEA-OFB : idea-ofb | |
424 | ||
425 | 1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc | |
426 | : BF-ECB : bf-ecb | |
427 | !Cname bf-cfb64 | |
428 | : BF-CFB : bf-cfb | |
429 | !Cname bf-ofb64 | |
430 | : BF-OFB : bf-ofb | |
431 | ||
432 | !Cname id-pkix | |
433 | 1 3 6 1 5 5 7 : PKIX | |
434 | ||
435 | # PKIX Arcs | |
436 | id-pkix 0 : id-pkix-mod | |
437 | id-pkix 1 : id-pe | |
438 | id-pkix 2 : id-qt | |
439 | id-pkix 3 : id-kp | |
440 | id-pkix 4 : id-it | |
441 | id-pkix 5 : id-pkip | |
442 | id-pkix 6 : id-alg | |
443 | id-pkix 7 : id-cmc | |
444 | id-pkix 8 : id-on | |
445 | id-pkix 9 : id-pda | |
446 | id-pkix 10 : id-aca | |
447 | id-pkix 11 : id-qcs | |
448 | id-pkix 12 : id-cct | |
6951c23a | 449 | id-pkix 21 : id-ppl |
c2bbf9cf RL |
450 | id-pkix 48 : id-ad |
451 | ||
452 | # PKIX Modules | |
453 | id-pkix-mod 1 : id-pkix1-explicit-88 | |
454 | id-pkix-mod 2 : id-pkix1-implicit-88 | |
455 | id-pkix-mod 3 : id-pkix1-explicit-93 | |
456 | id-pkix-mod 4 : id-pkix1-implicit-93 | |
457 | id-pkix-mod 5 : id-mod-crmf | |
458 | id-pkix-mod 6 : id-mod-cmc | |
459 | id-pkix-mod 7 : id-mod-kea-profile-88 | |
460 | id-pkix-mod 8 : id-mod-kea-profile-93 | |
461 | id-pkix-mod 9 : id-mod-cmp | |
462 | id-pkix-mod 10 : id-mod-qualified-cert-88 | |
463 | id-pkix-mod 11 : id-mod-qualified-cert-93 | |
464 | id-pkix-mod 12 : id-mod-attribute-cert | |
465 | id-pkix-mod 13 : id-mod-timestamp-protocol | |
466 | id-pkix-mod 14 : id-mod-ocsp | |
467 | id-pkix-mod 15 : id-mod-dvcs | |
468 | id-pkix-mod 16 : id-mod-cmp2000 | |
469 | ||
470 | # PKIX Private Extensions | |
471 | !Cname info-access | |
472 | id-pe 1 : authorityInfoAccess : Authority Information Access | |
473 | id-pe 2 : biometricInfo : Biometric Info | |
474 | id-pe 3 : qcStatements | |
475 | id-pe 4 : ac-auditEntity | |
476 | id-pe 5 : ac-targeting | |
477 | id-pe 6 : aaControls | |
5f10073c NL |
478 | id-pe 7 : sbgp-ipAddrBlock |
479 | id-pe 8 : sbgp-autonomousSysNum | |
480 | id-pe 9 : sbgp-routerIdentifier | |
4b125068 RL |
481 | id-pe 10 : ac-proxying |
482 | !Cname sinfo-access | |
483 | id-pe 11 : subjectInfoAccess : Subject Information Access | |
6951c23a | 484 | id-pe 14 : proxyCertInfo : Proxy Certificate Information |
ba67253d | 485 | id-pe 24 : tlsfeature : TLS Feature |
c2bbf9cf RL |
486 | |
487 | # PKIX policyQualifiers for Internet policy qualifiers | |
488 | id-qt 1 : id-qt-cps : Policy Qualifier CPS | |
489 | id-qt 2 : id-qt-unotice : Policy Qualifier User Notice | |
490 | id-qt 3 : textNotice | |
491 | ||
492 | # PKIX key purpose identifiers | |
493 | !Cname server-auth | |
494 | id-kp 1 : serverAuth : TLS Web Server Authentication | |
495 | !Cname client-auth | |
496 | id-kp 2 : clientAuth : TLS Web Client Authentication | |
497 | !Cname code-sign | |
498 | id-kp 3 : codeSigning : Code Signing | |
499 | !Cname email-protect | |
500 | id-kp 4 : emailProtection : E-mail Protection | |
501 | id-kp 5 : ipsecEndSystem : IPSec End System | |
502 | id-kp 6 : ipsecTunnel : IPSec Tunnel | |
503 | id-kp 7 : ipsecUser : IPSec User | |
504 | !Cname time-stamp | |
505 | id-kp 8 : timeStamping : Time Stamping | |
d4fbe318 | 506 | # From OCSP spec RFC2560 |
c2bbf9cf RL |
507 | !Cname OCSP-sign |
508 | id-kp 9 : OCSPSigning : OCSP Signing | |
509 | id-kp 10 : DVCS : dvcs | |
b5c5a971 RS |
510 | !Cname ipsec-IKE |
511 | id-kp 17 : ipsecIKE : ipsec Internet Key Exchange | |
d9f77726 RS |
512 | id-kp 18 : capwapAC : Ctrl/provision WAP Access |
513 | id-kp 19 : capwapWTP : Ctrl/Provision WAP Termination | |
514 | !Cname sshClient | |
515 | id-kp 21 : secureShellClient : SSH Client | |
516 | !Cname sshServer | |
517 | id-kp 22 : secureShellServer : SSH Server | |
518 | id-kp 23 : sendRouter : Send Router | |
519 | id-kp 24 : sendProxiedRouter : Send Proxied Router | |
520 | id-kp 25 : sendOwner : Send Owner | |
521 | id-kp 26 : sendProxiedOwner : Send Proxied Owner | |
fdc83a7c MR |
522 | id-kp 27 : cmcCA : CMC Certificate Authority |
523 | id-kp 28 : cmcRA : CMC Registration Authority | |
c2bbf9cf RL |
524 | |
525 | # CMP information types | |
526 | id-it 1 : id-it-caProtEncCert | |
527 | id-it 2 : id-it-signKeyPairTypes | |
528 | id-it 3 : id-it-encKeyPairTypes | |
529 | id-it 4 : id-it-preferredSymmAlg | |
530 | id-it 5 : id-it-caKeyUpdateInfo | |
531 | id-it 6 : id-it-currentCRL | |
532 | id-it 7 : id-it-unsupportedOIDs | |
533 | # obsolete | |
534 | id-it 8 : id-it-subscriptionRequest | |
535 | # obsolete | |
536 | id-it 9 : id-it-subscriptionResponse | |
537 | id-it 10 : id-it-keyPairParamReq | |
538 | id-it 11 : id-it-keyPairParamRep | |
539 | id-it 12 : id-it-revPassphrase | |
540 | id-it 13 : id-it-implicitConfirm | |
541 | id-it 14 : id-it-confirmWaitTime | |
542 | id-it 15 : id-it-origPKIMessage | |
86140095 | 543 | id-it 16 : id-it-suppLangTags |
c2bbf9cf RL |
544 | |
545 | # CRMF registration | |
546 | id-pkip 1 : id-regCtrl | |
547 | id-pkip 2 : id-regInfo | |
548 | ||
549 | # CRMF registration controls | |
550 | id-regCtrl 1 : id-regCtrl-regToken | |
551 | id-regCtrl 2 : id-regCtrl-authenticator | |
552 | id-regCtrl 3 : id-regCtrl-pkiPublicationInfo | |
553 | id-regCtrl 4 : id-regCtrl-pkiArchiveOptions | |
554 | id-regCtrl 5 : id-regCtrl-oldCertID | |
555 | id-regCtrl 6 : id-regCtrl-protocolEncrKey | |
556 | ||
557 | # CRMF registration information | |
558 | id-regInfo 1 : id-regInfo-utf8Pairs | |
559 | id-regInfo 2 : id-regInfo-certReq | |
560 | ||
561 | # algorithms | |
562 | id-alg 1 : id-alg-des40 | |
563 | id-alg 2 : id-alg-noSignature | |
564 | id-alg 3 : id-alg-dh-sig-hmac-sha1 | |
565 | id-alg 4 : id-alg-dh-pop | |
566 | ||
567 | # CMC controls | |
568 | id-cmc 1 : id-cmc-statusInfo | |
569 | id-cmc 2 : id-cmc-identification | |
570 | id-cmc 3 : id-cmc-identityProof | |
571 | id-cmc 4 : id-cmc-dataReturn | |
572 | id-cmc 5 : id-cmc-transactionId | |
573 | id-cmc 6 : id-cmc-senderNonce | |
574 | id-cmc 7 : id-cmc-recipientNonce | |
575 | id-cmc 8 : id-cmc-addExtensions | |
576 | id-cmc 9 : id-cmc-encryptedPOP | |
577 | id-cmc 10 : id-cmc-decryptedPOP | |
578 | id-cmc 11 : id-cmc-lraPOPWitness | |
579 | id-cmc 15 : id-cmc-getCert | |
580 | id-cmc 16 : id-cmc-getCRL | |
581 | id-cmc 17 : id-cmc-revokeRequest | |
582 | id-cmc 18 : id-cmc-regInfo | |
583 | id-cmc 19 : id-cmc-responseInfo | |
584 | id-cmc 21 : id-cmc-queryPending | |
585 | id-cmc 22 : id-cmc-popLinkRandom | |
586 | id-cmc 23 : id-cmc-popLinkWitness | |
fdc83a7c | 587 | id-cmc 24 : id-cmc-confirmCertAcceptance |
c2bbf9cf RL |
588 | |
589 | # other names | |
590 | id-on 1 : id-on-personalData | |
df0681e5 | 591 | id-on 3 : id-on-permanentIdentifier : Permanent Identifier |
c2bbf9cf RL |
592 | |
593 | # personal data attributes | |
594 | id-pda 1 : id-pda-dateOfBirth | |
595 | id-pda 2 : id-pda-placeOfBirth | |
7ef70151 RL |
596 | id-pda 3 : id-pda-gender |
597 | id-pda 4 : id-pda-countryOfCitizenship | |
598 | id-pda 5 : id-pda-countryOfResidence | |
c2bbf9cf RL |
599 | |
600 | # attribute certificate attributes | |
601 | id-aca 1 : id-aca-authenticationInfo | |
602 | id-aca 2 : id-aca-accessIdentity | |
603 | id-aca 3 : id-aca-chargingIdentity | |
604 | id-aca 4 : id-aca-group | |
4b125068 | 605 | # attention : the following seems to be obsolete, replace by 'role' |
c2bbf9cf | 606 | id-aca 5 : id-aca-role |
4b125068 | 607 | id-aca 6 : id-aca-encAttrs |
c2bbf9cf RL |
608 | |
609 | # qualified certificate statements | |
610 | id-qcs 1 : id-qcs-pkixQCSyntax-v1 | |
611 | ||
612 | # CMC content types | |
613 | id-cct 1 : id-cct-crs | |
614 | id-cct 2 : id-cct-PKIData | |
615 | id-cct 3 : id-cct-PKIResponse | |
616 | ||
6951c23a RL |
617 | # Predefined Proxy Certificate policy languages |
618 | id-ppl 0 : id-ppl-anyLanguage : Any language | |
619 | id-ppl 1 : id-ppl-inheritAll : Inherit all | |
620 | id-ppl 2 : id-ppl-independent : Independent | |
621 | ||
c2bbf9cf RL |
622 | # access descriptors for authority info access extension |
623 | !Cname ad-OCSP | |
624 | id-ad 1 : OCSP : OCSP | |
625 | !Cname ad-ca-issuers | |
626 | id-ad 2 : caIssuers : CA Issuers | |
627 | !Cname ad-timeStamping | |
15c2e126 | 628 | id-ad 3 : ad_timestamping : AD Time Stamping |
c2bbf9cf | 629 | !Cname ad-dvcs |
15c2e126 | 630 | id-ad 4 : AD_DVCS : ad dvcs |
6e150083 | 631 | id-ad 5 : caRepository : CA Repository |
c2bbf9cf RL |
632 | |
633 | ||
634 | !Alias id-pkix-OCSP ad-OCSP | |
635 | !module id-pkix-OCSP | |
636 | !Cname basic | |
637 | id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response | |
638 | id-pkix-OCSP 2 : Nonce : OCSP Nonce | |
639 | id-pkix-OCSP 3 : CrlID : OCSP CRL ID | |
640 | id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses | |
f1a6a0d4 | 641 | id-pkix-OCSP 5 : noCheck : OCSP No Check |
c2bbf9cf RL |
642 | id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff |
643 | id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator | |
644 | id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status | |
645 | id-pkix-OCSP 9 : valid | |
646 | id-pkix-OCSP 10 : path | |
647 | id-pkix-OCSP 11 : trustRoot : Trust Root | |
648 | !global | |
649 | ||
650 | 1 3 14 3 2 : algorithm : algorithm | |
651 | algorithm 3 : RSA-NP-MD5 : md5WithRSA | |
652 | algorithm 6 : DES-ECB : des-ecb | |
653 | algorithm 7 : DES-CBC : des-cbc | |
654 | !Cname des-ofb64 | |
655 | algorithm 8 : DES-OFB : des-ofb | |
656 | !Cname des-cfb64 | |
657 | algorithm 9 : DES-CFB : des-cfb | |
d02b48c6 | 658 | algorithm 11 : rsaSignature |
c2bbf9cf RL |
659 | !Cname dsa-2 |
660 | algorithm 12 : DSA-old : dsaEncryption-old | |
661 | algorithm 13 : DSA-SHA : dsaWithSHA | |
662 | algorithm 15 : RSA-SHA : shaWithRSAEncryption | |
c518ade1 | 663 | !Cname des-ede-ecb |
c2bbf9cf | 664 | algorithm 17 : DES-EDE : des-ede |
c518ade1 | 665 | !Cname des-ede3-ecb |
c2bbf9cf RL |
666 | : DES-EDE3 : des-ede3 |
667 | : DES-EDE-CBC : des-ede-cbc | |
668 | !Cname des-ede-cfb64 | |
669 | : DES-EDE-CFB : des-ede-cfb | |
670 | !Cname des-ede3-cfb64 | |
671 | : DES-EDE3-CFB : des-ede3-cfb | |
672 | !Cname des-ede-ofb64 | |
673 | : DES-EDE-OFB : des-ede-ofb | |
674 | !Cname des-ede3-ofb64 | |
675 | : DES-EDE3-OFB : des-ede3-ofb | |
676 | : DESX-CBC : desx-cbc | |
677 | algorithm 18 : SHA : sha | |
678 | algorithm 26 : SHA1 : sha1 | |
679 | !Cname dsaWithSHA1-2 | |
680 | algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old | |
681 | algorithm 29 : RSA-SHA1-2 : sha1WithRSA | |
682 | ||
683 | 1 3 36 3 2 1 : RIPEMD160 : ripemd160 | |
684 | 1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA | |
685 | ||
208527a7 KR |
686 | 1 3 6 1 4 1 1722 12 2 1 16 : BLAKE2b512 : blake2b512 |
687 | 1 3 6 1 4 1 1722 12 2 2 8 : BLAKE2s256 : blake2s256 | |
2d0b4412 | 688 | |
c2bbf9cf RL |
689 | !Cname sxnet |
690 | 1 3 101 1 4 1 : SXNetID : Strong Extranet ID | |
691 | ||
692 | 2 5 : X500 : directory services (X.500) | |
693 | ||
694 | X500 4 : X509 | |
695 | X509 3 : CN : commonName | |
54d4f8c3 | 696 | X509 4 : SN : surname |
ffbe98b7 | 697 | X509 5 : : serialNumber |
c2bbf9cf RL |
698 | X509 6 : C : countryName |
699 | X509 7 : L : localityName | |
700 | X509 8 : ST : stateOrProvinceName | |
ddcfc25a | 701 | X509 9 : street : streetAddress |
c2bbf9cf RL |
702 | X509 10 : O : organizationName |
703 | X509 11 : OU : organizationalUnitName | |
ddcfc25a | 704 | X509 12 : title : title |
30911232 | 705 | X509 13 : : description |
ddcfc25a DSH |
706 | X509 14 : : searchGuide |
707 | X509 15 : : businessCategory | |
708 | X509 16 : : postalAddress | |
709 | X509 17 : : postalCode | |
710 | X509 18 : : postOfficeBox | |
711 | X509 19 : : physicalDeliveryOfficeName | |
712 | X509 20 : : telephoneNumber | |
713 | X509 21 : : telexNumber | |
714 | X509 22 : : teletexTerminalIdentifier | |
715 | X509 23 : : facsimileTelephoneNumber | |
716 | X509 24 : : x121Address | |
717 | X509 25 : : internationaliSDNNumber | |
718 | X509 26 : : registeredAddress | |
719 | X509 27 : : destinationIndicator | |
720 | X509 28 : : preferredDeliveryMethod | |
721 | X509 29 : : presentationAddress | |
722 | X509 30 : : supportedApplicationContext | |
723 | X509 31 : member : | |
724 | X509 32 : owner : | |
725 | X509 33 : : roleOccupant | |
726 | X509 34 : seeAlso : | |
727 | X509 35 : : userPassword | |
728 | X509 36 : : userCertificate | |
729 | X509 37 : : cACertificate | |
730 | X509 38 : : authorityRevocationList | |
731 | X509 39 : : certificateRevocationList | |
732 | X509 40 : : crossCertificatePair | |
c2bbf9cf | 733 | X509 41 : name : name |
aafafa31 | 734 | X509 42 : GN : givenName |
ddcfc25a | 735 | X509 43 : initials : initials |
f1e66437 | 736 | X509 44 : : generationQualifier |
30911232 | 737 | X509 45 : : x500UniqueIdentifier |
c2bbf9cf | 738 | X509 46 : dnQualifier : dnQualifier |
ddcfc25a DSH |
739 | X509 47 : : enhancedSearchGuide |
740 | X509 48 : : protocolInformation | |
741 | X509 49 : : distinguishedName | |
742 | X509 50 : : uniqueMember | |
743 | X509 51 : : houseIdentifier | |
744 | X509 52 : : supportedAlgorithms | |
745 | X509 53 : : deltaRevocationList | |
746 | X509 54 : dmdName : | |
34573173 | 747 | X509 65 : : pseudonym |
4b125068 | 748 | X509 72 : role : role |
4a8ab10d EA |
749 | X509 97 : : organizationIdentifier |
750 | X509 98 : c3 : countryCode3c | |
751 | X509 99 : n3 : countryCode3n | |
752 | X509 100 : : dnsName | |
753 | ||
c2bbf9cf RL |
754 | |
755 | X500 8 : X500algorithms : directory services - algorithms | |
756 | X500algorithms 1 1 : RSA : rsa | |
757 | X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA | |
758 | X500algorithms 3 101 : MDC2 : mdc2 | |
759 | ||
760 | X500 29 : id-ce | |
b0eedd77 NL |
761 | !Cname subject-directory-attributes |
762 | id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes | |
c2bbf9cf RL |
763 | !Cname subject-key-identifier |
764 | id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier | |
765 | !Cname key-usage | |
766 | id-ce 15 : keyUsage : X509v3 Key Usage | |
767 | !Cname private-key-usage-period | |
768 | id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period | |
769 | !Cname subject-alt-name | |
770 | id-ce 17 : subjectAltName : X509v3 Subject Alternative Name | |
771 | !Cname issuer-alt-name | |
772 | id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name | |
773 | !Cname basic-constraints | |
774 | id-ce 19 : basicConstraints : X509v3 Basic Constraints | |
775 | !Cname crl-number | |
776 | id-ce 20 : crlNumber : X509v3 CRL Number | |
777 | !Cname crl-reason | |
778 | id-ce 21 : CRLReason : X509v3 CRL Reason Code | |
779 | !Cname invalidity-date | |
780 | id-ce 24 : invalidityDate : Invalidity Date | |
781 | !Cname delta-crl | |
782 | id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator | |
231493c9 | 783 | !Cname issuing-distribution-point |
8332f91c | 784 | id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distribution Point |
b0eedd77 NL |
785 | !Cname certificate-issuer |
786 | id-ce 29 : certificateIssuer : X509v3 Certificate Issuer | |
1c2d1412 DSH |
787 | !Cname name-constraints |
788 | id-ce 30 : nameConstraints : X509v3 Name Constraints | |
c2bbf9cf RL |
789 | !Cname crl-distribution-points |
790 | id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points | |
791 | !Cname certificate-policies | |
792 | id-ce 32 : certificatePolicies : X509v3 Certificate Policies | |
ba5df66a DSH |
793 | !Cname any-policy |
794 | certificate-policies 0 : anyPolicy : X509v3 Any Policy | |
6f528cac DSH |
795 | !Cname policy-mappings |
796 | id-ce 33 : policyMappings : X509v3 Policy Mappings | |
c2bbf9cf RL |
797 | !Cname authority-key-identifier |
798 | id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier | |
4b125068 RL |
799 | !Cname policy-constraints |
800 | id-ce 36 : policyConstraints : X509v3 Policy Constraints | |
c2bbf9cf RL |
801 | !Cname ext-key-usage |
802 | id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage | |
249a77f5 DSH |
803 | !Cname freshest-crl |
804 | id-ce 46 : freshestCRL : X509v3 Freshest CRL | |
edec614e DSH |
805 | !Cname inhibit-any-policy |
806 | id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy | |
4b125068 RL |
807 | !Cname target-information |
808 | id-ce 55 : targetInformation : X509v3 AC Targeting | |
809 | !Cname no-rev-avail | |
810 | id-ce 56 : noRevAvail : X509v3 No Revocation Available | |
c2bbf9cf | 811 | |
df4c395c DSH |
812 | # From RFC5280 |
813 | ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage | |
814 | ||
815 | ||
c2bbf9cf RL |
816 | !Cname netscape |
817 | 2 16 840 1 113730 : Netscape : Netscape Communications Corp. | |
818 | !Cname netscape-cert-extension | |
819 | netscape 1 : nsCertExt : Netscape Certificate Extension | |
820 | !Cname netscape-data-type | |
821 | netscape 2 : nsDataType : Netscape Data Type | |
822 | !Cname netscape-cert-type | |
823 | netscape-cert-extension 1 : nsCertType : Netscape Cert Type | |
824 | !Cname netscape-base-url | |
825 | netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url | |
826 | !Cname netscape-revocation-url | |
827 | netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url | |
828 | !Cname netscape-ca-revocation-url | |
829 | netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url | |
830 | !Cname netscape-renewal-url | |
831 | netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url | |
832 | !Cname netscape-ca-policy-url | |
833 | netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url | |
834 | !Cname netscape-ssl-server-name | |
835 | netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name | |
836 | !Cname netscape-comment | |
837 | netscape-cert-extension 13 : nsComment : Netscape Comment | |
838 | !Cname netscape-cert-sequence | |
839 | netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence | |
840 | !Cname ns-sgc | |
841 | netscape 4 1 : nsSGC : Netscape Server Gated Crypto | |
d02b48c6 | 842 | |
622ec449 RL |
843 | # iso(1) |
844 | iso 3 : ORG : org | |
845 | org 6 : DOD : dod | |
846 | dod 1 : IANA : iana | |
847 | !Alias internet iana | |
848 | ||
849 | internet 1 : directory : Directory | |
850 | internet 2 : mgmt : Management | |
851 | internet 3 : experimental : Experimental | |
852 | internet 4 : private : Private | |
853 | internet 5 : security : Security | |
854 | internet 6 : snmpv2 : SNMPv2 | |
ea7fc031 LJ |
855 | # Documents refer to "internet 7" as "mail". This however leads to ambiguities |
856 | # with RFC2798, Section 9.1.3, where "mail" is defined as the short name for | |
857 | # rfc822Mailbox. The short name is therefore here left out for a reason. | |
46f4e1be | 858 | # Subclasses of "mail", e.g. "MIME MHS" don't constitute a problem, as |
ea7fc031 LJ |
859 | # references are realized via long name "Mail" (with capital M). |
860 | internet 7 : : Mail | |
622ec449 | 861 | |
4825092b | 862 | Private 1 : enterprises : Enterprises |
622ec449 RL |
863 | |
864 | # RFC 2247 | |
4825092b | 865 | Enterprises 1466 344 : dcobject : dcObject |
622ec449 | 866 | |
30911232 LJ |
867 | # RFC 1495 |
868 | Mail 1 : mime-mhs : MIME MHS | |
869 | mime-mhs 1 : mime-mhs-headings : mime-mhs-headings | |
870 | mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies | |
871 | mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message | |
872 | mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message | |
873 | ||
12048657 | 874 | # RFC 3274 |
c2bbf9cf | 875 | !Cname zlib-compression |
b510d775 | 876 | id-smime-alg 8 : ZLIB : zlib compression |
622ec449 | 877 | |
deb2c1a1 DSH |
878 | # AES aka Rijndael |
879 | ||
880 | !Alias csor 2 16 840 1 101 3 | |
881 | !Alias nistAlgorithms csor 4 | |
882 | !Alias aes nistAlgorithms 1 | |
883 | ||
884 | aes 1 : AES-128-ECB : aes-128-ecb | |
885 | aes 2 : AES-128-CBC : aes-128-cbc | |
ab1dee1e | 886 | !Cname aes-128-ofb128 |
deb2c1a1 | 887 | aes 3 : AES-128-OFB : aes-128-ofb |
ab1dee1e | 888 | !Cname aes-128-cfb128 |
deb2c1a1 | 889 | aes 4 : AES-128-CFB : aes-128-cfb |
e5a4de9e AP |
890 | aes 5 : id-aes128-wrap |
891 | aes 6 : id-aes128-GCM : aes-128-gcm | |
892 | aes 7 : id-aes128-CCM : aes-128-ccm | |
893 | aes 8 : id-aes128-wrap-pad | |
deb2c1a1 DSH |
894 | |
895 | aes 21 : AES-192-ECB : aes-192-ecb | |
896 | aes 22 : AES-192-CBC : aes-192-cbc | |
ab1dee1e | 897 | !Cname aes-192-ofb128 |
deb2c1a1 | 898 | aes 23 : AES-192-OFB : aes-192-ofb |
ab1dee1e | 899 | !Cname aes-192-cfb128 |
deb2c1a1 | 900 | aes 24 : AES-192-CFB : aes-192-cfb |
e5a4de9e AP |
901 | aes 25 : id-aes192-wrap |
902 | aes 26 : id-aes192-GCM : aes-192-gcm | |
903 | aes 27 : id-aes192-CCM : aes-192-ccm | |
904 | aes 28 : id-aes192-wrap-pad | |
deb2c1a1 DSH |
905 | |
906 | aes 41 : AES-256-ECB : aes-256-ecb | |
907 | aes 42 : AES-256-CBC : aes-256-cbc | |
ab1dee1e | 908 | !Cname aes-256-ofb128 |
deb2c1a1 | 909 | aes 43 : AES-256-OFB : aes-256-ofb |
ab1dee1e | 910 | !Cname aes-256-cfb128 |
deb2c1a1 | 911 | aes 44 : AES-256-CFB : aes-256-cfb |
e5a4de9e AP |
912 | aes 45 : id-aes256-wrap |
913 | aes 46 : id-aes256-GCM : aes-256-gcm | |
914 | aes 47 : id-aes256-CCM : aes-256-ccm | |
915 | aes 48 : id-aes256-wrap-pad | |
deb2c1a1 | 916 | |
8d1ebe0b RL |
917 | # There are no OIDs for these modes... |
918 | ||
919 | : AES-128-CFB1 : aes-128-cfb1 | |
920 | : AES-192-CFB1 : aes-192-cfb1 | |
921 | : AES-256-CFB1 : aes-256-cfb1 | |
922 | : AES-128-CFB8 : aes-128-cfb8 | |
923 | : AES-192-CFB8 : aes-192-cfb8 | |
924 | : AES-256-CFB8 : aes-256-cfb8 | |
e5a4de9e AP |
925 | : AES-128-CTR : aes-128-ctr |
926 | : AES-192-CTR : aes-192-ctr | |
927 | : AES-256-CTR : aes-256-ctr | |
e6b336ef MC |
928 | : AES-128-OCB : aes-128-ocb |
929 | : AES-192-OCB : aes-192-ocb | |
930 | : AES-256-OCB : aes-256-ocb | |
32a2d8dd DSH |
931 | : AES-128-XTS : aes-128-xts |
932 | : AES-256-XTS : aes-256-xts | |
8d1ebe0b RL |
933 | : DES-CFB1 : des-cfb1 |
934 | : DES-CFB8 : des-cfb8 | |
935 | : DES-EDE3-CFB1 : des-ede3-cfb1 | |
936 | : DES-EDE3-CFB8 : des-ede3-cfb8 | |
937 | ||
4811746f AP |
938 | # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84 and |
939 | # http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html | |
940 | # "Middle" names are specified to be id-sha256, id-sha384, etc., but | |
941 | # we adhere to unprefixed capitals for backward compatibility... | |
6bca8e38 AP |
942 | !Alias nist_hashalgs nistAlgorithms 2 |
943 | nist_hashalgs 1 : SHA256 : sha256 | |
944 | nist_hashalgs 2 : SHA384 : sha384 | |
945 | nist_hashalgs 3 : SHA512 : sha512 | |
946 | nist_hashalgs 4 : SHA224 : sha224 | |
4811746f AP |
947 | nist_hashalgs 5 : SHA512-224 : sha512-224 |
948 | nist_hashalgs 6 : SHA512-256 : sha512-256 | |
949 | nist_hashalgs 7 : SHA3-224 : sha3-224 | |
950 | nist_hashalgs 8 : SHA3-256 : sha3-256 | |
951 | nist_hashalgs 9 : SHA3-384 : sha3-384 | |
952 | nist_hashalgs 10 : SHA3-512 : sha3-512 | |
953 | nist_hashalgs 11 : SHAKE128 : shake128 | |
954 | nist_hashalgs 12 : SHAKE256 : shake256 | |
955 | nist_hashalgs 13 : id-hmacWithSHA3-224 : hmac-sha3-224 | |
956 | nist_hashalgs 14 : id-hmacWithSHA3-256 : hmac-sha3-256 | |
957 | nist_hashalgs 15 : id-hmacWithSHA3-384 : hmac-sha3-384 | |
958 | nist_hashalgs 16 : id-hmacWithSHA3-512 : hmac-sha3-512 | |
959 | # Below two are incomplete OIDs, to be uncommented when we figure out | |
960 | # how to handle them... | |
961 | # nist_hashalgs 17 : id-shake128-len : shake128-len | |
962 | # nist_hashalgs 18 : id-shake256-len : shake256-len | |
6bca8e38 | 963 | |
357d5de5 NL |
964 | # OIDs for dsa-with-sha224 and dsa-with-sha256 |
965 | !Alias dsa_with_sha2 nistAlgorithms 3 | |
966 | dsa_with_sha2 1 : dsa_with_SHA224 | |
967 | dsa_with_sha2 2 : dsa_with_SHA256 | |
4811746f AP |
968 | # Above two belong below, but kept as they are for backward compatibility |
969 | !Alias sigAlgs nistAlgorithms 3 | |
970 | sigAlgs 3 : id-dsa-with-sha384 : dsa_with_SHA384 | |
971 | sigAlgs 4 : id-dsa-with-sha512 : dsa_with_SHA512 | |
972 | sigAlgs 5 : id-dsa-with-sha3-224 : dsa_with_SHA3-224 | |
973 | sigAlgs 6 : id-dsa-with-sha3-256 : dsa_with_SHA3-256 | |
974 | sigAlgs 7 : id-dsa-with-sha3-384 : dsa_with_SHA3-384 | |
975 | sigAlgs 8 : id-dsa-with-sha3-512 : dsa_with_SHA3-512 | |
976 | sigAlgs 9 : id-ecdsa-with-sha3-224 : ecdsa_with_SHA3-224 | |
977 | sigAlgs 10 : id-ecdsa-with-sha3-256 : ecdsa_with_SHA3-256 | |
978 | sigAlgs 11 : id-ecdsa-with-sha3-384 : ecdsa_with_SHA3-384 | |
979 | sigAlgs 12 : id-ecdsa-with-sha3-512 : ecdsa_with_SHA3-512 | |
980 | sigAlgs 13 : id-rsassa-pkcs1-v1_5-with-sha3-224 : RSA-SHA3-224 | |
981 | sigAlgs 14 : id-rsassa-pkcs1-v1_5-with-sha3-256 : RSA-SHA3-256 | |
f9f3e175 | 982 | sigAlgs 15 : id-rsassa-pkcs1-v1_5-with-sha3-384 : RSA-SHA3-384 |
4811746f | 983 | sigAlgs 16 : id-rsassa-pkcs1-v1_5-with-sha3-512 : RSA-SHA3-512 |
357d5de5 | 984 | |
a6b7ffdd DSH |
985 | # Hold instruction CRL entry extension |
986 | !Cname hold-instruction-code | |
987 | id-ce 23 : holdInstructionCode : Hold Instruction Code | |
988 | !Alias holdInstruction X9-57 2 | |
989 | !Cname hold-instruction-none | |
990 | holdInstruction 1 : holdInstructionNone : Hold Instruction None | |
991 | !Cname hold-instruction-call-issuer | |
992 | holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer | |
993 | !Cname hold-instruction-reject | |
994 | holdInstruction 3 : holdInstructionReject : Hold Instruction Reject | |
64b48877 | 995 | |
f9d183c2 | 996 | # OID's from ITU-T. Most of this is defined in RFC 1274. A couple of |
64b48877 | 997 | # them are also mentioned in RFC 2247 |
f9d183c2 | 998 | itu-t 9 : data |
64b48877 RL |
999 | data 2342 : pss |
1000 | pss 19200300 : ucl | |
1001 | ucl 100 : pilot | |
1002 | pilot 1 : : pilotAttributeType | |
1003 | pilot 3 : : pilotAttributeSyntax | |
1004 | pilot 4 : : pilotObjectClass | |
1005 | pilot 10 : : pilotGroups | |
1006 | pilotAttributeSyntax 4 : : iA5StringSyntax | |
1007 | pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax | |
1008 | pilotObjectClass 3 : : pilotObject | |
1009 | pilotObjectClass 4 : : pilotPerson | |
1010 | pilotObjectClass 5 : account | |
1011 | pilotObjectClass 6 : document | |
1012 | pilotObjectClass 7 : room | |
1013 | pilotObjectClass 9 : : documentSeries | |
1014 | pilotObjectClass 13 : domain : Domain | |
1015 | pilotObjectClass 14 : : rFC822localPart | |
1016 | pilotObjectClass 15 : : dNSDomain | |
1017 | pilotObjectClass 17 : : domainRelatedObject | |
1018 | pilotObjectClass 18 : : friendlyCountry | |
1019 | pilotObjectClass 19 : : simpleSecurityObject | |
1020 | pilotObjectClass 20 : : pilotOrganization | |
1021 | pilotObjectClass 21 : : pilotDSA | |
1022 | pilotObjectClass 22 : : qualityLabelledData | |
d4704d52 | 1023 | pilotAttributeType 1 : UID : userId |
64b48877 | 1024 | pilotAttributeType 2 : : textEncodedORAddress |
ea7fc031 | 1025 | pilotAttributeType 3 : mail : rfc822Mailbox |
64b48877 RL |
1026 | pilotAttributeType 4 : info |
1027 | pilotAttributeType 5 : : favouriteDrink | |
1028 | pilotAttributeType 6 : : roomNumber | |
1029 | pilotAttributeType 7 : photo | |
1030 | pilotAttributeType 8 : : userClass | |
1031 | pilotAttributeType 9 : host | |
1032 | pilotAttributeType 10 : manager | |
1033 | pilotAttributeType 11 : : documentIdentifier | |
1034 | pilotAttributeType 12 : : documentTitle | |
1035 | pilotAttributeType 13 : : documentVersion | |
1036 | pilotAttributeType 14 : : documentAuthor | |
1037 | pilotAttributeType 15 : : documentLocation | |
1038 | pilotAttributeType 20 : : homeTelephoneNumber | |
1039 | pilotAttributeType 21 : secretary | |
1040 | pilotAttributeType 22 : : otherMailbox | |
1041 | pilotAttributeType 23 : : lastModifiedTime | |
1042 | pilotAttributeType 24 : : lastModifiedBy | |
1043 | pilotAttributeType 25 : DC : domainComponent | |
1044 | pilotAttributeType 26 : : aRecord | |
1d00800e | 1045 | pilotAttributeType 27 : : pilotAttributeType27 |
64b48877 RL |
1046 | pilotAttributeType 28 : : mXRecord |
1047 | pilotAttributeType 29 : : nSRecord | |
1048 | pilotAttributeType 30 : : sOARecord | |
1049 | pilotAttributeType 31 : : cNAMERecord | |
1050 | pilotAttributeType 37 : : associatedDomain | |
1051 | pilotAttributeType 38 : : associatedName | |
1052 | pilotAttributeType 39 : : homePostalAddress | |
1053 | pilotAttributeType 40 : : personalTitle | |
1054 | pilotAttributeType 41 : : mobileTelephoneNumber | |
1055 | pilotAttributeType 42 : : pagerTelephoneNumber | |
1056 | pilotAttributeType 43 : : friendlyCountryName | |
c81f425e | 1057 | pilotAttributeType 44 : uid : uniqueIdentifier |
64b48877 RL |
1058 | pilotAttributeType 45 : : organizationalStatus |
1059 | pilotAttributeType 46 : : janetMailbox | |
1060 | pilotAttributeType 47 : : mailPreferenceOption | |
1061 | pilotAttributeType 48 : : buildingName | |
1062 | pilotAttributeType 49 : : dSAQuality | |
1063 | pilotAttributeType 50 : : singleLevelQuality | |
1064 | pilotAttributeType 51 : : subtreeMinimumQuality | |
1065 | pilotAttributeType 52 : : subtreeMaximumQuality | |
1066 | pilotAttributeType 53 : : personalSignature | |
1067 | pilotAttributeType 54 : : dITRedirect | |
1068 | pilotAttributeType 55 : audio | |
1069 | pilotAttributeType 56 : : documentPublisher | |
82869b3c | 1070 | |
f9d183c2 | 1071 | international-organizations 42 : id-set : Secure Electronic Transactions |
82869b3c LJ |
1072 | |
1073 | id-set 0 : set-ctype : content types | |
1074 | id-set 1 : set-msgExt : message extensions | |
1075 | id-set 3 : set-attr | |
1076 | id-set 5 : set-policy | |
1077 | id-set 7 : set-certExt : certificate extensions | |
1078 | id-set 8 : set-brand | |
1079 | ||
1080 | set-ctype 0 : setct-PANData | |
1081 | set-ctype 1 : setct-PANToken | |
1082 | set-ctype 2 : setct-PANOnly | |
1083 | set-ctype 3 : setct-OIData | |
1084 | set-ctype 4 : setct-PI | |
1085 | set-ctype 5 : setct-PIData | |
1086 | set-ctype 6 : setct-PIDataUnsigned | |
1087 | set-ctype 7 : setct-HODInput | |
1088 | set-ctype 8 : setct-AuthResBaggage | |
1089 | set-ctype 9 : setct-AuthRevReqBaggage | |
1090 | set-ctype 10 : setct-AuthRevResBaggage | |
1091 | set-ctype 11 : setct-CapTokenSeq | |
1092 | set-ctype 12 : setct-PInitResData | |
1093 | set-ctype 13 : setct-PI-TBS | |
1094 | set-ctype 14 : setct-PResData | |
1095 | set-ctype 16 : setct-AuthReqTBS | |
1096 | set-ctype 17 : setct-AuthResTBS | |
1097 | set-ctype 18 : setct-AuthResTBSX | |
1098 | set-ctype 19 : setct-AuthTokenTBS | |
1099 | set-ctype 20 : setct-CapTokenData | |
1100 | set-ctype 21 : setct-CapTokenTBS | |
1101 | set-ctype 22 : setct-AcqCardCodeMsg | |
1102 | set-ctype 23 : setct-AuthRevReqTBS | |
1103 | set-ctype 24 : setct-AuthRevResData | |
1104 | set-ctype 25 : setct-AuthRevResTBS | |
1105 | set-ctype 26 : setct-CapReqTBS | |
1106 | set-ctype 27 : setct-CapReqTBSX | |
1107 | set-ctype 28 : setct-CapResData | |
1108 | set-ctype 29 : setct-CapRevReqTBS | |
1109 | set-ctype 30 : setct-CapRevReqTBSX | |
1110 | set-ctype 31 : setct-CapRevResData | |
1111 | set-ctype 32 : setct-CredReqTBS | |
1112 | set-ctype 33 : setct-CredReqTBSX | |
1113 | set-ctype 34 : setct-CredResData | |
1114 | set-ctype 35 : setct-CredRevReqTBS | |
1115 | set-ctype 36 : setct-CredRevReqTBSX | |
1116 | set-ctype 37 : setct-CredRevResData | |
1117 | set-ctype 38 : setct-PCertReqData | |
1118 | set-ctype 39 : setct-PCertResTBS | |
1119 | set-ctype 40 : setct-BatchAdminReqData | |
1120 | set-ctype 41 : setct-BatchAdminResData | |
1121 | set-ctype 42 : setct-CardCInitResTBS | |
1122 | set-ctype 43 : setct-MeAqCInitResTBS | |
1123 | set-ctype 44 : setct-RegFormResTBS | |
1124 | set-ctype 45 : setct-CertReqData | |
1125 | set-ctype 46 : setct-CertReqTBS | |
1126 | set-ctype 47 : setct-CertResData | |
1127 | set-ctype 48 : setct-CertInqReqTBS | |
1128 | set-ctype 49 : setct-ErrorTBS | |
1129 | set-ctype 50 : setct-PIDualSignedTBE | |
1130 | set-ctype 51 : setct-PIUnsignedTBE | |
1131 | set-ctype 52 : setct-AuthReqTBE | |
1132 | set-ctype 53 : setct-AuthResTBE | |
1133 | set-ctype 54 : setct-AuthResTBEX | |
1134 | set-ctype 55 : setct-AuthTokenTBE | |
1135 | set-ctype 56 : setct-CapTokenTBE | |
1136 | set-ctype 57 : setct-CapTokenTBEX | |
1137 | set-ctype 58 : setct-AcqCardCodeMsgTBE | |
1138 | set-ctype 59 : setct-AuthRevReqTBE | |
1139 | set-ctype 60 : setct-AuthRevResTBE | |
1140 | set-ctype 61 : setct-AuthRevResTBEB | |
1141 | set-ctype 62 : setct-CapReqTBE | |
1142 | set-ctype 63 : setct-CapReqTBEX | |
1143 | set-ctype 64 : setct-CapResTBE | |
1144 | set-ctype 65 : setct-CapRevReqTBE | |
1145 | set-ctype 66 : setct-CapRevReqTBEX | |
1146 | set-ctype 67 : setct-CapRevResTBE | |
1147 | set-ctype 68 : setct-CredReqTBE | |
1148 | set-ctype 69 : setct-CredReqTBEX | |
1149 | set-ctype 70 : setct-CredResTBE | |
1150 | set-ctype 71 : setct-CredRevReqTBE | |
1151 | set-ctype 72 : setct-CredRevReqTBEX | |
1152 | set-ctype 73 : setct-CredRevResTBE | |
1153 | set-ctype 74 : setct-BatchAdminReqTBE | |
1154 | set-ctype 75 : setct-BatchAdminResTBE | |
1155 | set-ctype 76 : setct-RegFormReqTBE | |
1156 | set-ctype 77 : setct-CertReqTBE | |
1157 | set-ctype 78 : setct-CertReqTBEX | |
1158 | set-ctype 79 : setct-CertResTBE | |
1159 | set-ctype 80 : setct-CRLNotificationTBS | |
1160 | set-ctype 81 : setct-CRLNotificationResTBS | |
1161 | set-ctype 82 : setct-BCIDistributionTBS | |
1162 | ||
1163 | set-msgExt 1 : setext-genCrypt : generic cryptogram | |
1164 | set-msgExt 3 : setext-miAuth : merchant initiated auth | |
1165 | set-msgExt 4 : setext-pinSecure | |
1166 | set-msgExt 5 : setext-pinAny | |
1167 | set-msgExt 7 : setext-track2 | |
1168 | set-msgExt 8 : setext-cv : additional verification | |
1169 | ||
1170 | set-policy 0 : set-policy-root | |
1171 | ||
1172 | set-certExt 0 : setCext-hashedRoot | |
1173 | set-certExt 1 : setCext-certType | |
1174 | set-certExt 2 : setCext-merchData | |
1175 | set-certExt 3 : setCext-cCertRequired | |
1176 | set-certExt 4 : setCext-tunneling | |
1177 | set-certExt 5 : setCext-setExt | |
1178 | set-certExt 6 : setCext-setQualf | |
1179 | set-certExt 7 : setCext-PGWYcapabilities | |
1180 | set-certExt 8 : setCext-TokenIdentifier | |
1181 | set-certExt 9 : setCext-Track2Data | |
1182 | set-certExt 10 : setCext-TokenType | |
1183 | set-certExt 11 : setCext-IssuerCapabilities | |
1184 | ||
1185 | set-attr 0 : setAttr-Cert | |
1186 | set-attr 1 : setAttr-PGWYcap : payment gateway capabilities | |
1187 | set-attr 2 : setAttr-TokenType | |
1188 | set-attr 3 : setAttr-IssCap : issuer capabilities | |
1189 | ||
1190 | setAttr-Cert 0 : set-rootKeyThumb | |
1191 | setAttr-Cert 1 : set-addPolicy | |
1192 | ||
1193 | setAttr-TokenType 1 : setAttr-Token-EMV | |
1194 | setAttr-TokenType 2 : setAttr-Token-B0Prime | |
1195 | ||
1196 | setAttr-IssCap 3 : setAttr-IssCap-CVM | |
1197 | setAttr-IssCap 4 : setAttr-IssCap-T2 | |
1198 | setAttr-IssCap 5 : setAttr-IssCap-Sig | |
1199 | ||
1200 | setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram | |
1201 | setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2 | |
1202 | setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2 | |
1203 | ||
1204 | setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature | |
1205 | setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature | |
1206 | ||
1207 | set-brand 1 : set-brand-IATA-ATA | |
1208 | set-brand 30 : set-brand-Diners | |
1209 | set-brand 34 : set-brand-AmericanExpress | |
1210 | set-brand 35 : set-brand-JCB | |
1211 | set-brand 4 : set-brand-Visa | |
1212 | set-brand 5 : set-brand-MasterCard | |
1213 | set-brand 6011 : set-brand-Novus | |
1214 | ||
1215 | rsadsi 3 10 : DES-CDMF : des-cdmf | |
1216 | rsadsi 1 1 6 : rsaOAEPEncryptionSET | |
0d78bc33 RL |
1217 | |
1218 | : Oakley-EC2N-3 : ipsec3 | |
1219 | : Oakley-EC2N-4 : ipsec4 | |
f106fb85 AP |
1220 | |
1221 | iso 0 10118 3 0 55 : whirlpool | |
74e564cd DSH |
1222 | |
1223 | # GOST OIDs | |
1224 | ||
1225 | member-body 643 2 2 : cryptopro | |
362ab3e4 | 1226 | member-body 643 2 9 : cryptocom |
31001f81 | 1227 | member-body 643 7 1 : id-tc26 |
228b4e42 | 1228 | |
74e564cd DSH |
1229 | cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 |
1230 | cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 | |
228b4e42 DSH |
1231 | !Cname id-GostR3411-94 |
1232 | cryptopro 9 : md_gost94 : GOST R 34.11-94 | |
362ab3e4 | 1233 | cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94 |
5a47825e DSH |
1234 | !Cname id-GostR3410-2001 |
1235 | cryptopro 19 : gost2001 : GOST R 34.10-2001 | |
1236 | !Cname id-GostR3410-94 | |
1237 | cryptopro 20 : gost94 : GOST R 34.10-94 | |
5e0e9fce DSH |
1238 | !Cname id-Gost28147-89 |
1239 | cryptopro 21 : gost89 : GOST 28147-89 | |
9981a51e | 1240 | : gost89-cnt |
31001f81 | 1241 | : gost89-cnt-12 |
52ee3ed3 DB |
1242 | : gost89-cbc |
1243 | : gost89-ecb | |
1244 | : gost89-ctr | |
16fe5f8b | 1245 | !Cname id-Gost28147-89-MAC |
81025661 | 1246 | cryptopro 22 : gost-mac : GOST 28147-89 MAC |
31001f81 | 1247 | : gost-mac-12 |
228b4e42 DSH |
1248 | !Cname id-GostR3411-94-prf |
1249 | cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF | |
362ab3e4 DSH |
1250 | cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH |
1251 | cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH | |
1252 | ||
1253 | cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing | |
1254 | cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing | |
2aed84d1 DSH |
1255 | |
1256 | # GOST parameter set OIDs | |
1257 | ||
1258 | cryptopro 30 0 : id-GostR3411-94-TestParamSet | |
1259 | cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet | |
1260 | ||
1261 | cryptopro 31 0 : id-Gost28147-89-TestParamSet | |
1262 | cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet | |
1263 | cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet | |
1264 | cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet | |
1265 | cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet | |
1266 | cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet | |
1267 | cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet | |
1268 | cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet | |
1269 | ||
1270 | cryptopro 32 0 : id-GostR3410-94-TestParamSet | |
1271 | cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet | |
1272 | cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet | |
1273 | cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet | |
1274 | cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet | |
1275 | ||
1276 | cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet | |
1277 | cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet | |
1278 | cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet | |
1279 | ||
1280 | cryptopro 35 0 : id-GostR3410-2001-TestParamSet | |
1281 | cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet | |
1282 | cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet | |
1283 | cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet | |
1284 | ||
1285 | cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet | |
1286 | cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet | |
1287 | ||
362ab3e4 DSH |
1288 | id-GostR3410-94 1 : id-GostR3410-94-a |
1289 | id-GostR3410-94 2 : id-GostR3410-94-aBis | |
1290 | id-GostR3410-94 3 : id-GostR3410-94-b | |
1291 | id-GostR3410-94 4 : id-GostR3410-94-bBis | |
1292 | ||
1293 | # Cryptocom LTD GOST OIDs | |
1294 | ||
228b4e42 | 1295 | cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet |
de908d63 | 1296 | !Cname id-GostR3410-94-cc |
362ab3e4 | 1297 | cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom |
de908d63 | 1298 | !Cname id-GostR3410-2001-cc |
362ab3e4 DSH |
1299 | cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom |
1300 | ||
d2027098 DSH |
1301 | cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom |
1302 | cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom | |
362ab3e4 DSH |
1303 | |
1304 | cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom | |
f3dea9a5 | 1305 | |
31001f81 DB |
1306 | # TC26 GOST OIDs |
1307 | ||
1308 | id-tc26 1 : id-tc26-algorithms | |
1309 | id-tc26-algorithms 1 : id-tc26-sign | |
1310 | !Cname id-GostR3410-2012-256 | |
1311 | id-tc26-sign 1 : gost2012_256: GOST R 34.10-2012 with 256 bit modulus | |
1312 | !Cname id-GostR3410-2012-512 | |
1313 | id-tc26-sign 2 : gost2012_512: GOST R 34.10-2012 with 512 bit modulus | |
1314 | ||
1315 | id-tc26-algorithms 2 : id-tc26-digest | |
1316 | !Cname id-GostR3411-2012-256 | |
1317 | id-tc26-digest 2 : md_gost12_256: GOST R 34.11-2012 with 256 bit hash | |
1318 | !Cname id-GostR3411-2012-512 | |
1319 | id-tc26-digest 3 : md_gost12_512: GOST R 34.11-2012 with 512 bit hash | |
1320 | ||
1321 | id-tc26-algorithms 3 : id-tc26-signwithdigest | |
1322 | id-tc26-signwithdigest 2: id-tc26-signwithdigest-gost3410-2012-256: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit) | |
1323 | id-tc26-signwithdigest 3: id-tc26-signwithdigest-gost3410-2012-512: GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit) | |
1324 | ||
1325 | id-tc26-algorithms 4 : id-tc26-mac | |
1326 | id-tc26-mac 1 : id-tc26-hmac-gost-3411-2012-256 : HMAC GOST 34.11-2012 256 bit | |
1327 | id-tc26-mac 2 : id-tc26-hmac-gost-3411-2012-512 : HMAC GOST 34.11-2012 512 bit | |
1328 | ||
1329 | id-tc26-algorithms 5 : id-tc26-cipher | |
1330 | ||
1331 | id-tc26-algorithms 6 : id-tc26-agreement | |
1332 | id-tc26-agreement 1 : id-tc26-agreement-gost-3410-2012-256 | |
1333 | id-tc26-agreement 2 : id-tc26-agreement-gost-3410-2012-512 | |
1334 | ||
1335 | id-tc26 2 : id-tc26-constants | |
1336 | ||
1337 | id-tc26-constants 1 : id-tc26-sign-constants | |
1338 | id-tc26-sign-constants 2: id-tc26-gost-3410-2012-512-constants | |
1339 | id-tc26-gost-3410-2012-512-constants 0 : id-tc26-gost-3410-2012-512-paramSetTest: GOST R 34.10-2012 (512 bit) testing parameter set | |
1340 | id-tc26-gost-3410-2012-512-constants 1 : id-tc26-gost-3410-2012-512-paramSetA: GOST R 34.10-2012 (512 bit) ParamSet A | |
1341 | id-tc26-gost-3410-2012-512-constants 2 : id-tc26-gost-3410-2012-512-paramSetB: GOST R 34.10-2012 (512 bit) ParamSet B | |
1342 | ||
1343 | id-tc26-constants 2 : id-tc26-digest-constants | |
1344 | id-tc26-constants 5 : id-tc26-cipher-constants | |
1345 | id-tc26-cipher-constants 1 : id-tc26-gost-28147-constants | |
1346 | id-tc26-gost-28147-constants 1 : id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 parameter set | |
1347 | ||
1348 | member-body 643 3 131 1 1 : INN : INN | |
1349 | member-body 643 100 1 : OGRN : OGRN | |
1350 | member-body 643 100 3 : SNILS : SNILS | |
1351 | member-body 643 100 111 : subjectSignTool : Signing Tool of Subject | |
1352 | member-body 643 100 112 : issuerSignTool : Signing Tool of Issuer | |
1353 | ||
52ee3ed3 DB |
1354 | #GOST R34.13-2015 Grasshopper "Kuznechik" |
1355 | : grasshopper-ecb | |
1356 | : grasshopper-ctr | |
1357 | : grasshopper-ofb | |
1358 | : grasshopper-cbc | |
1359 | : grasshopper-cfb | |
1360 | : grasshopper-mac | |
1361 | ||
f3dea9a5 BM |
1362 | # Definitions for Camellia cipher - CBC MODE |
1363 | ||
1364 | 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc | |
1365 | 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc | |
1366 | 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc | |
e5a4de9e AP |
1367 | 1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap |
1368 | 1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap | |
1369 | 1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap | |
f3dea9a5 BM |
1370 | |
1371 | # Definitions for Camellia cipher - ECB, CFB, OFB MODE | |
1372 | ||
1373 | !Alias ntt-ds 0 3 4401 5 | |
f19a5ff9 | 1374 | !Alias camellia ntt-ds 3 1 9 |
f3dea9a5 BM |
1375 | |
1376 | camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb | |
1377 | !Cname camellia-128-ofb128 | |
1378 | camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb | |
1379 | !Cname camellia-128-cfb128 | |
1380 | camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb | |
c79e1773 AP |
1381 | camellia 6 : CAMELLIA-128-GCM : camellia-128-gcm |
1382 | camellia 7 : CAMELLIA-128-CCM : camellia-128-ccm | |
1383 | camellia 9 : CAMELLIA-128-CTR : camellia-128-ctr | |
1384 | camellia 10 : CAMELLIA-128-CMAC : camellia-128-cmac | |
f3dea9a5 BM |
1385 | |
1386 | camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb | |
1387 | !Cname camellia-192-ofb128 | |
1388 | camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb | |
1389 | !Cname camellia-192-cfb128 | |
1390 | camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb | |
c79e1773 AP |
1391 | camellia 26 : CAMELLIA-192-GCM : camellia-192-gcm |
1392 | camellia 27 : CAMELLIA-192-CCM : camellia-192-ccm | |
1393 | camellia 29 : CAMELLIA-192-CTR : camellia-192-ctr | |
1394 | camellia 30 : CAMELLIA-192-CMAC : camellia-192-cmac | |
f3dea9a5 BM |
1395 | |
1396 | camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb | |
1397 | !Cname camellia-256-ofb128 | |
1398 | camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb | |
1399 | !Cname camellia-256-cfb128 | |
1400 | camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb | |
c79e1773 AP |
1401 | camellia 46 : CAMELLIA-256-GCM : camellia-256-gcm |
1402 | camellia 47 : CAMELLIA-256-CCM : camellia-256-ccm | |
1403 | camellia 49 : CAMELLIA-256-CTR : camellia-256-ctr | |
1404 | camellia 50 : CAMELLIA-256-CMAC : camellia-256-cmac | |
f3dea9a5 BM |
1405 | |
1406 | # There are no OIDs for these modes... | |
1407 | ||
1408 | : CAMELLIA-128-CFB1 : camellia-128-cfb1 | |
1409 | : CAMELLIA-192-CFB1 : camellia-192-cfb1 | |
1410 | : CAMELLIA-256-CFB1 : camellia-256-cfb1 | |
1411 | : CAMELLIA-128-CFB8 : camellia-128-cfb8 | |
1412 | : CAMELLIA-192-CFB8 : camellia-192-cfb8 | |
1413 | : CAMELLIA-256-CFB8 : camellia-256-cfb8 | |
74633553 | 1414 | |
d42d0a4d P |
1415 | # Definitions for ARIA cipher |
1416 | ||
1417 | !Alias aria 1 2 410 200046 1 1 | |
1418 | aria 1 : ARIA-128-ECB : aria-128-ecb | |
1419 | aria 2 : ARIA-128-CBC : aria-128-cbc | |
1420 | !Cname aria-128-cfb128 | |
1421 | aria 3 : ARIA-128-CFB : aria-128-cfb | |
1422 | !Cname aria-128-ofb128 | |
1423 | aria 4 : ARIA-128-OFB : aria-128-ofb | |
1424 | aria 5 : ARIA-128-CTR : aria-128-ctr | |
1425 | ||
1426 | aria 6 : ARIA-192-ECB : aria-192-ecb | |
1427 | aria 7 : ARIA-192-CBC : aria-192-cbc | |
1428 | !Cname aria-192-cfb128 | |
1429 | aria 8 : ARIA-192-CFB : aria-192-cfb | |
1430 | !Cname aria-192-ofb128 | |
1431 | aria 9 : ARIA-192-OFB : aria-192-ofb | |
1432 | aria 10 : ARIA-192-CTR : aria-192-ctr | |
1433 | ||
1434 | aria 11 : ARIA-256-ECB : aria-256-ecb | |
1435 | aria 12 : ARIA-256-CBC : aria-256-cbc | |
1436 | !Cname aria-256-cfb128 | |
1437 | aria 13 : ARIA-256-CFB : aria-256-cfb | |
1438 | !Cname aria-256-ofb128 | |
1439 | aria 14 : ARIA-256-OFB : aria-256-ofb | |
1440 | aria 15 : ARIA-256-CTR : aria-256-ctr | |
1441 | ||
1442 | # There are no OIDs for these ARIA modes... | |
1443 | : ARIA-128-CFB1 : aria-128-cfb1 | |
1444 | : ARIA-192-CFB1 : aria-192-cfb1 | |
1445 | : ARIA-256-CFB1 : aria-256-cfb1 | |
1446 | : ARIA-128-CFB8 : aria-128-cfb8 | |
1447 | : ARIA-192-CFB8 : aria-192-cfb8 | |
1448 | : ARIA-256-CFB8 : aria-256-cfb8 | |
1449 | ||
bc326738 JS |
1450 | aria 37 : ARIA-128-CCM : aria-128-ccm |
1451 | aria 38 : ARIA-192-CCM : aria-192-ccm | |
1452 | aria 39 : ARIA-256-CCM : aria-256-ccm | |
1453 | aria 34 : ARIA-128-GCM : aria-128-gcm | |
1454 | aria 35 : ARIA-192-GCM : aria-192-gcm | |
1455 | aria 36 : ARIA-256-GCM : aria-256-gcm | |
1456 | ||
96afc1cf BM |
1457 | # Definitions for SEED cipher - ECB, CBC, OFB mode |
1458 | ||
1459 | member-body 410 200004 : KISA : kisa | |
1460 | kisa 1 3 : SEED-ECB : seed-ecb | |
1461 | kisa 1 4 : SEED-CBC : seed-cbc | |
1462 | !Cname seed-cfb128 | |
1463 | kisa 1 5 : SEED-CFB : seed-cfb | |
1464 | !Cname seed-ofb128 | |
1465 | kisa 1 6 : SEED-OFB : seed-ofb | |
1466 | ||
f19a5ff9 RT |
1467 | |
1468 | # Definitions for SM4 cipher | |
1469 | ||
1470 | member-body 156 : ISO-CN : ISO CN Member Body | |
1471 | ISO-CN 10197 : oscca | |
1472 | oscca 1 : sm-scheme | |
1473 | ||
1474 | sm-scheme 104 1 : SM4-ECB : sm4-ecb | |
1475 | sm-scheme 104 2 : SM4-CBC : sm4-cbc | |
1476 | !Cname sm4-ofb128 | |
1477 | sm-scheme 104 3 : SM4-OFB : sm4-ofb | |
1478 | !Cname sm4-cfb128 | |
1479 | sm-scheme 104 4 : SM4-CFB : sm4-cfb | |
1480 | sm-scheme 104 5 : SM4-CFB1 : sm4-cfb1 | |
1481 | sm-scheme 104 6 : SM4-CFB8 : sm4-cfb8 | |
1482 | sm-scheme 104 7 : SM4-CTR : sm4-ctr | |
1483 | ||
74633553 DSH |
1484 | # There is no OID that just denotes "HMAC" oddly enough... |
1485 | ||
1486 | : HMAC : hmac | |
c8ef656d DSH |
1487 | # Nor CMAC either |
1488 | : CMAC : cmac | |
c608171d AP |
1489 | |
1490 | # Synthetic composite ciphersuites | |
1491 | : RC4-HMAC-MD5 : rc4-hmac-md5 | |
1492 | : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 | |
1493 | : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 | |
1494 | : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 | |
8a97a330 AP |
1495 | : AES-128-CBC-HMAC-SHA256 : aes-128-cbc-hmac-sha256 |
1496 | : AES-192-CBC-HMAC-SHA256 : aes-192-cbc-hmac-sha256 | |
1497 | : AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256 | |
72bb2f64 AP |
1498 | : ChaCha20-Poly1305 : chacha20-poly1305 |
1499 | : ChaCha20 : chacha20 | |
afb14cda DSH |
1500 | |
1501 | ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH | |
b36bab78 DSH |
1502 | |
1503 | # RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt) | |
1504 | # versionOne OBJECT IDENTIFIER ::= { | |
46f4e1be | 1505 | # iso(1) identified-organization(3) teletrust(36) algorithm(3) |
b36bab78 DSH |
1506 | # signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8) |
1507 | # ellipticCurve(1) 1 } | |
1508 | 1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1 | |
1509 | 1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1 | |
1510 | 1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1 | |
1511 | 1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1 | |
1512 | 1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1 | |
1513 | 1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1 | |
1514 | 1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1 | |
1515 | 1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1 | |
1516 | 1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1 | |
1517 | 1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1 | |
1518 | 1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1 | |
1519 | 1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1 | |
1520 | 1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1 | |
f19a5ff9 | 1521 | 1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1 |
6af440ce DSH |
1522 | |
1523 | # ECDH schemes from RFC5753 | |
1524 | !Alias x9-63-scheme 1 3 133 16 840 63 0 | |
1525 | !Alias secg-scheme certicom-arc 1 | |
1526 | ||
1527 | x9-63-scheme 2 : dhSinglePass-stdDH-sha1kdf-scheme | |
1528 | secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme | |
1529 | secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme | |
1530 | secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme | |
1531 | secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme | |
1532 | ||
1533 | x9-63-scheme 3 : dhSinglePass-cofactorDH-sha1kdf-scheme | |
1534 | secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme | |
1535 | secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme | |
1536 | secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme | |
1537 | secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme | |
1538 | # NIDs for use with lookup tables. | |
1539 | : dh-std-kdf | |
1540 | : dh-cofactor-kdf | |
dcfe8df1 RS |
1541 | |
1542 | # RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt) | |
1543 | 1 3 6 1 4 1 11129 2 4 2 : ct_precert_scts : CT Precertificate SCTs | |
1544 | 1 3 6 1 4 1 11129 2 4 3 : ct_precert_poison : CT Precertificate Poison | |
1545 | 1 3 6 1 4 1 11129 2 4 4 : ct_precert_signer : CT Precertificate Signer | |
1546 | 1 3 6 1 4 1 11129 2 4 5 : ct_cert_scts : CT Certificate SCTs | |
52f71f81 RS |
1547 | |
1548 | # CABForum EV SSL Certificate Guidelines | |
1549 | # (see https://cabforum.org/extended-validation/) | |
1550 | # OIDs for Subject Jurisdiction of Incorporation or Registration | |
1551 | 1 3 6 1 4 1 311 60 2 1 1 : jurisdictionL : jurisdictionLocalityName | |
1552 | 1 3 6 1 4 1 311 60 2 1 2 : jurisdictionST : jurisdictionStateOrProvinceName | |
1553 | 1 3 6 1 4 1 311 60 2 1 3 : jurisdictionC : jurisdictionCountryName | |
96b96d6c DSH |
1554 | |
1555 | # SCRYPT algorithm | |
cefa762e JB |
1556 | !Cname id-scrypt |
1557 | 1 3 6 1 4 1 11591 4 11 : id-scrypt : scrypt | |
1eff3485 DSH |
1558 | |
1559 | # NID for TLS1 PRF | |
1560 | : TLS1-PRF : tls1-prf | |
d9f77726 | 1561 | |
aacfb134 AG |
1562 | # NID for HKDF |
1563 | : HKDF : hkdf | |
1564 | ||
d9f77726 RS |
1565 | # RFC 4556 |
1566 | 1 3 6 1 5 2 3 : id-pkinit | |
1567 | id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth | |
1568 | id-pkinit 5 : pkInitKDC : Signing KDC Response | |
d8489448 | 1569 | |
9691a749 | 1570 | # New algorithms from draft-ietf-curdle-pkix-04 |
4950f888 DSH |
1571 | 1 3 101 110 : X25519 |
1572 | 1 3 101 111 : X448 | |
9691a749 DSH |
1573 | 1 3 101 112 : ED25519 |
1574 | 1 3 101 113 : ED448 | |
1575 | ||
3ec13237 TS |
1576 | |
1577 | # NIDs for cipher key exchange | |
1578 | : KxRSA : kx-rsa | |
1579 | : KxECDHE : kx-ecdhe | |
1580 | : KxDHE : kx-dhe | |
1581 | : KxECDHE-PSK : kx-ecdhe-psk | |
1582 | : KxDHE-PSK : kx-dhe-psk | |
1583 | : KxRSA_PSK : kx-rsa-psk | |
1584 | : KxPSK : kx-psk | |
1585 | : KxSRP : kx-srp | |
1586 | : KxGOST : kx-gost | |
7114af30 | 1587 | : KxANY : kx-any |
3ec13237 TS |
1588 | |
1589 | # NIDs for cipher authentication | |
1590 | : AuthRSA : auth-rsa | |
1591 | : AuthECDSA : auth-ecdsa | |
1592 | : AuthPSK : auth-psk | |
1593 | : AuthDSS : auth-dss | |
1594 | : AuthGOST01 : auth-gost01 | |
1595 | : AuthGOST12 : auth-gost12 | |
1596 | : AuthSRP : auth-srp | |
1597 | : AuthNULL : auth-null | |
7114af30 | 1598 | : AuthANY : auth-any |
52ad5b60 TS |
1599 | # NID for Poly1305 |
1600 | : Poly1305 : poly1305 | |
3f5616d7 TS |
1601 | # NID for SipHash |
1602 | : SipHash : siphash | |
b6eae147 DSH |
1603 | |
1604 | # NIDs for RFC7919 DH parameters | |
1605 | : ffdhe2048 | |
1606 | : ffdhe3072 | |
1607 | : ffdhe4096 | |
1608 | : ffdhe6144 | |
1609 | : ffdhe8192 |