summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/objects
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2025-04-14 17:32:06 +0000
committercvs2svn <admin@example.com>2025-04-14 17:32:06 +0000
commitb1ddde874c215cc8891531ed92876f091b7eb83e (patch)
treeedb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/objects
parentf0a36529837a161734c802ae4c42e84e42347be2 (diff)
downloadopenbsd-tb_20250414.tar.gz
openbsd-tb_20250414.tar.bz2
openbsd-tb_20250414.zip
This commit was manufactured by cvs2git to create tag 'tb_20250414'.tb_20250414
Diffstat (limited to 'src/lib/libcrypto/objects')
-rw-r--r--src/lib/libcrypto/objects/obj_dat.c584
-rw-r--r--src/lib/libcrypto/objects/obj_dat.pl307
-rw-r--r--src/lib/libcrypto/objects/obj_err.c93
-rw-r--r--src/lib/libcrypto/objects/obj_lib.c135
-rw-r--r--src/lib/libcrypto/objects/obj_mac.num1055
-rw-r--r--src/lib/libcrypto/objects/obj_xref.c332
-rw-r--r--src/lib/libcrypto/objects/objects.README44
-rw-r--r--src/lib/libcrypto/objects/objects.h137
-rw-r--r--src/lib/libcrypto/objects/objects.pl233
-rw-r--r--src/lib/libcrypto/objects/objects.txt1479
10 files changed, 0 insertions, 4399 deletions
diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
deleted file mode 100644
index 2f4012fe15..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ /dev/null
@@ -1,584 +0,0 @@
1/* $OpenBSD: obj_dat.c,v 1.94 2025/02/26 10:48:25 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <ctype.h>
60#include <limits.h>
61#include <stdio.h>
62#include <stdlib.h>
63#include <string.h>
64
65#include <openssl/opensslconf.h>
66
67#include <openssl/asn1.h>
68#include <openssl/bn.h>
69#include <openssl/err.h>
70#include <openssl/lhash.h>
71#include <openssl/objects.h>
72
73#include "asn1_local.h"
74
75/* obj_dat.h is generated from objects.h by obj_dat.pl */
76#include "obj_dat.h"
77
78#define ADDED_DATA 0
79#define ADDED_SNAME 1
80#define ADDED_LNAME 2
81#define ADDED_NID 3
82
83typedef struct added_obj_st {
84 int type;
85 ASN1_OBJECT *obj;
86} ADDED_OBJ;
87DECLARE_LHASH_OF(ADDED_OBJ);
88
89static int new_nid = NUM_NID;
90static LHASH_OF(ADDED_OBJ) *added = NULL;
91
92static unsigned long
93added_obj_hash(const ADDED_OBJ *ca)
94{
95 const ASN1_OBJECT *a;
96 int i;
97 unsigned long ret = 0;
98 unsigned char *p;
99
100 a = ca->obj;
101 switch (ca->type) {
102 case ADDED_DATA:
103 ret = (unsigned long)a->length << 20L;
104 p = (unsigned char *)a->data;
105 for (i = 0; i < a->length; i++)
106 ret ^= p[i] << ((i * 3) % 24);
107 break;
108 case ADDED_SNAME:
109 ret = lh_strhash(a->sn);
110 break;
111 case ADDED_LNAME:
112 ret = lh_strhash(a->ln);
113 break;
114 case ADDED_NID:
115 ret = a->nid;
116 break;
117 default:
118 return 0;
119 }
120 ret &= 0x3fffffffL;
121 ret |= (unsigned long)ca->type << 30L;
122 return ret;
123}
124static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
125
126static int
127added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
128{
129 const ASN1_OBJECT *a, *b;
130 int cmp;
131
132 if ((cmp = ca->type - cb->type) != 0)
133 return cmp;
134
135 a = ca->obj;
136 b = cb->obj;
137 switch (ca->type) {
138 case ADDED_DATA:
139 return OBJ_cmp(a, b);
140 case ADDED_SNAME:
141 if (a->sn == NULL)
142 return -1;
143 if (b->sn == NULL)
144 return 1;
145 return strcmp(a->sn, b->sn);
146 case ADDED_LNAME:
147 if (a->ln == NULL)
148 return -1;
149 if (b->ln == NULL)
150 return 1;
151 return strcmp(a->ln, b->ln);
152 case ADDED_NID:
153 return a->nid - b->nid;
154 default:
155 return 0;
156 }
157}
158static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
159
160static void
161cleanup1_doall(ADDED_OBJ *a)
162{
163 a->obj->nid = 0;
164 a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC |
165 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
166 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
167}
168
169static void
170cleanup2_doall(ADDED_OBJ *a)
171{
172 a->obj->nid++;
173}
174
175static void
176cleanup3_doall(ADDED_OBJ *a)
177{
178 if (--a->obj->nid == 0)
179 ASN1_OBJECT_free(a->obj);
180 free(a);
181}
182
183static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
184static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
185static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
186
187void
188OBJ_cleanup(void)
189{
190 if (added == NULL)
191 return;
192
193 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
194 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
195 lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
196 lh_ADDED_OBJ_free(added);
197 added = NULL;
198}
199LCRYPTO_ALIAS(OBJ_cleanup);
200
201int
202OBJ_new_nid(int num)
203{
204 int i;
205
206 i = new_nid;
207 new_nid += num;
208 return i;
209}
210LCRYPTO_ALIAS(OBJ_new_nid);
211
212static int
213OBJ_add_object(const ASN1_OBJECT *obj)
214{
215 ASN1_OBJECT *o = NULL;
216 ADDED_OBJ *ao[4] = {NULL, NULL, NULL, NULL}, *aop;
217 int i;
218
219 if (added == NULL)
220 added = lh_ADDED_OBJ_new();
221 if (added == NULL)
222 goto err;
223 if (obj == NULL || obj->nid == NID_undef)
224 goto err;
225 if ((o = OBJ_dup(obj)) == NULL)
226 goto err;
227 if (!(ao[ADDED_NID] = malloc(sizeof(ADDED_OBJ))))
228 goto err2;
229 if ((o->length != 0) && (obj->data != NULL))
230 if (!(ao[ADDED_DATA] = malloc(sizeof(ADDED_OBJ))))
231 goto err2;
232 if (o->sn != NULL)
233 if (!(ao[ADDED_SNAME] = malloc(sizeof(ADDED_OBJ))))
234 goto err2;
235 if (o->ln != NULL)
236 if (!(ao[ADDED_LNAME] = malloc(sizeof(ADDED_OBJ))))
237 goto err2;
238
239 for (i = ADDED_DATA; i <= ADDED_NID; i++) {
240 if (ao[i] != NULL) {
241 ao[i]->type = i;
242 ao[i]->obj = o;
243 aop = lh_ADDED_OBJ_insert(added, ao[i]);
244 /* memory leak, but should not normally matter */
245 free(aop);
246 }
247 }
248 o->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC |
249 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
250 ASN1_OBJECT_FLAG_DYNAMIC_DATA);
251
252 return o->nid;
253
254 err2:
255 OBJerror(ERR_R_MALLOC_FAILURE);
256 err:
257 for (i = ADDED_DATA; i <= ADDED_NID; i++)
258 free(ao[i]);
259 ASN1_OBJECT_free(o);
260 return NID_undef;
261}
262
263ASN1_OBJECT *
264OBJ_nid2obj(int nid)
265{
266 if (nid >= 0 && nid < NUM_NID) {
267 if (nid == NID_undef || nid_objs[nid].nid != NID_undef)
268 return (ASN1_OBJECT *)&nid_objs[nid];
269
270 goto unknown;
271 }
272
273 /* XXX - locking. */
274 if (added != NULL) {
275 ASN1_OBJECT aobj = {
276 .nid = nid,
277 };
278 ADDED_OBJ needle = {
279 .type = ADDED_NID,
280 .obj = &aobj,
281 };
282 ADDED_OBJ *found;
283
284 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL)
285 return found->obj;
286 }
287
288 unknown:
289 OBJerror(OBJ_R_UNKNOWN_NID);
290
291 return NULL;
292}
293LCRYPTO_ALIAS(OBJ_nid2obj);
294
295const char *
296OBJ_nid2sn(int nid)
297{
298 ASN1_OBJECT *aobj;
299
300 if ((aobj = OBJ_nid2obj(nid)) == NULL)
301 return NULL;
302
303 return aobj->sn;
304}
305LCRYPTO_ALIAS(OBJ_nid2sn);
306
307const char *
308OBJ_nid2ln(int nid)
309{
310 ASN1_OBJECT *aobj;
311
312 if ((aobj = OBJ_nid2obj(nid)) == NULL)
313 return NULL;
314
315 return aobj->ln;
316}
317LCRYPTO_ALIAS(OBJ_nid2ln);
318
319static int
320obj_objs_cmp(const void *aobj, const void *b)
321{
322 const unsigned int *nid = b;
323
324 OPENSSL_assert(*nid < NUM_NID);
325
326 return OBJ_cmp(aobj, &nid_objs[*nid]);
327}
328
329int
330OBJ_obj2nid(const ASN1_OBJECT *aobj)
331{
332 const unsigned int *nid;
333
334 if (aobj == NULL || aobj->length == 0)
335 return NID_undef;
336
337 if (aobj->nid != NID_undef)
338 return aobj->nid;
339
340 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */
341 if (added != NULL) {
342 ADDED_OBJ needle = {
343 .type = ADDED_DATA,
344 .obj = (ASN1_OBJECT *)aobj,
345 };
346 ADDED_OBJ *found;
347
348 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL)
349 return found->obj->nid;
350 }
351
352 /* obj_objs holds built-in obj NIDs in ascending OBJ_cmp() order. */
353 nid = bsearch(aobj, obj_objs, NUM_OBJ, sizeof(unsigned int), obj_objs_cmp);
354 if (nid != NULL)
355 return *nid;
356
357 return NID_undef;
358}
359LCRYPTO_ALIAS(OBJ_obj2nid);
360
361static int
362sn_objs_cmp(const void *sn, const void *b)
363{
364 const unsigned int *nid = b;
365
366 OPENSSL_assert(*nid < NUM_NID);
367
368 return strcmp(sn, nid_objs[*nid].sn);
369}
370
371int
372OBJ_sn2nid(const char *sn)
373{
374 const unsigned int *nid;
375
376 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */
377 if (added != NULL) {
378 ASN1_OBJECT aobj = {
379 .sn = sn,
380 };
381 ADDED_OBJ needle = {
382 .type = ADDED_SNAME,
383 .obj = &aobj,
384 };
385 ADDED_OBJ *found;
386
387 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL)
388 return found->obj->nid;
389 }
390
391 /* sn_objs holds NIDs in ascending alphabetical order of SN. */
392 nid = bsearch(sn, sn_objs, NUM_SN, sizeof(unsigned int), sn_objs_cmp);
393 if (nid != NULL)
394 return *nid;
395
396 return NID_undef;
397}
398LCRYPTO_ALIAS(OBJ_sn2nid);
399
400static int
401ln_objs_cmp(const void *ln, const void *b)
402{
403 const unsigned int *nid = b;
404
405 OPENSSL_assert(*nid < NUM_NID);
406
407 return strcmp(ln, nid_objs[*nid].ln);
408}
409
410int
411OBJ_ln2nid(const char *ln)
412{
413 const unsigned int *nid;
414
415 /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */
416 if (added != NULL) {
417 ASN1_OBJECT aobj = {
418 .ln = ln,
419 };
420 ADDED_OBJ needle = {
421 .type = ADDED_LNAME,
422 .obj = &aobj,
423 };
424 ADDED_OBJ *found;
425
426 if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL)
427 return found->obj->nid;
428 }
429
430 /* ln_objs holds NIDs in ascending alphabetical order of LN. */
431 nid = bsearch(ln, ln_objs, NUM_LN, sizeof(unsigned int), ln_objs_cmp);
432 if (nid != NULL)
433 return *nid;
434
435 return NID_undef;
436}
437LCRYPTO_ALIAS(OBJ_ln2nid);
438
439/* Convert an object name into an ASN1_OBJECT
440 * if "noname" is not set then search for short and long names first.
441 * This will convert the "dotted" form into an object: unlike OBJ_txt2nid
442 * it can be used with any objects, not just registered ones.
443 */
444
445ASN1_OBJECT *
446OBJ_txt2obj(const char *s, int no_name)
447{
448 int nid;
449
450 if (!no_name) {
451 if ((nid = OBJ_sn2nid(s)) != NID_undef ||
452 (nid = OBJ_ln2nid(s)) != NID_undef)
453 return OBJ_nid2obj(nid);
454 }
455
456 return t2i_ASN1_OBJECT_internal(s);
457}
458LCRYPTO_ALIAS(OBJ_txt2obj);
459
460int
461OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *aobj, int no_name)
462{
463 return i2t_ASN1_OBJECT_internal(aobj, buf, buf_len, no_name);
464}
465LCRYPTO_ALIAS(OBJ_obj2txt);
466
467int
468OBJ_txt2nid(const char *s)
469{
470 ASN1_OBJECT *obj;
471 int nid;
472
473 obj = OBJ_txt2obj(s, 0);
474 nid = OBJ_obj2nid(obj);
475 ASN1_OBJECT_free(obj);
476 return nid;
477}
478LCRYPTO_ALIAS(OBJ_txt2nid);
479
480int
481OBJ_create_objects(BIO *in)
482{
483 char buf[512];
484 int i, num = 0;
485 char *o, *s, *l = NULL;
486
487 for (;;) {
488 s = o = NULL;
489 i = BIO_gets(in, buf, 512);
490 if (i <= 0)
491 return num;
492 buf[i - 1] = '\0';
493 if (!isalnum((unsigned char)buf[0]))
494 return num;
495 o = s=buf;
496 while (isdigit((unsigned char)*s) || (*s == '.'))
497 s++;
498 if (*s != '\0') {
499 *(s++) = '\0';
500 while (isspace((unsigned char)*s))
501 s++;
502 if (*s == '\0')
503 s = NULL;
504 else {
505 l = s;
506 while ((*l != '\0') &&
507 !isspace((unsigned char)*l))
508 l++;
509 if (*l != '\0') {
510 *(l++) = '\0';
511 while (isspace((unsigned char)*l))
512 l++;
513 if (*l == '\0')
514 l = NULL;
515 } else
516 l = NULL;
517 }
518 } else
519 s = NULL;
520 if ((o == NULL) || (*o == '\0'))
521 return num;
522 if (!OBJ_create(o, s, l))
523 return num;
524 num++;
525 }
526 /* return(num); */
527}
528LCRYPTO_ALIAS(OBJ_create_objects);
529
530int
531OBJ_create(const char *oid, const char *sn, const char *ln)
532{
533 ASN1_OBJECT *aobj = NULL;
534 unsigned char *buf = NULL;
535 int len, nid;
536 int ret = 0;
537
538 if ((len = a2d_ASN1_OBJECT(NULL, 0, oid, -1)) <= 0)
539 goto err;
540
541 if ((buf = calloc(1, len)) == NULL) {
542 OBJerror(ERR_R_MALLOC_FAILURE);
543 goto err;
544 }
545
546 if ((len = a2d_ASN1_OBJECT(buf, len, oid, -1)) == 0)
547 goto err;
548
549 nid = OBJ_new_nid(1);
550 if ((aobj = ASN1_OBJECT_create(nid, buf, len, sn, ln)) == NULL)
551 goto err;
552
553 ret = OBJ_add_object(aobj);
554
555 err:
556 ASN1_OBJECT_free(aobj);
557 free(buf);
558
559 return ret;
560}
561LCRYPTO_ALIAS(OBJ_create);
562
563size_t
564OBJ_length(const ASN1_OBJECT *obj)
565{
566 if (obj == NULL)
567 return 0;
568
569 if (obj->length < 0)
570 return 0;
571
572 return obj->length;
573}
574LCRYPTO_ALIAS(OBJ_length);
575
576const unsigned char *
577OBJ_get0_data(const ASN1_OBJECT *obj)
578{
579 if (obj == NULL)
580 return NULL;
581
582 return obj->data;
583}
584LCRYPTO_ALIAS(OBJ_get0_data);
diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl
deleted file mode 100644
index 86bcefb97a..0000000000
--- a/src/lib/libcrypto/objects/obj_dat.pl
+++ /dev/null
@@ -1,307 +0,0 @@
1#!/usr/local/bin/perl
2
3# fixes bug in floating point emulation on sparc64 when
4# this script produces off-by-one output on sparc64
5use integer;
6
7sub obj_cmp
8 {
9 local(@a,@b,$_,$r);
10
11 $A=$obj_len{$obj{$nid{$a}}};
12 $B=$obj_len{$obj{$nid{$b}}};
13
14 $r=($A-$B);
15 return($r) if $r != 0;
16
17 $A=$obj_der{$obj{$nid{$a}}};
18 $B=$obj_der{$obj{$nid{$b}}};
19
20 return($A cmp $B);
21 }
22
23sub expand_obj
24 {
25 local(*v)=@_;
26 local($k,$d);
27 local($i);
28
29 do {
30 $i=0;
31 foreach $k (keys %v)
32 {
33 if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
34 { $i++; }
35 }
36 } while($i);
37 foreach $k (keys %v)
38 {
39 @a=split(/,/,$v{$k});
40 $objn{$k}=$#a+1;
41 }
42 return(%objn);
43 }
44
45open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
46open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
47
48while (<IN>)
49 {
50 next unless /^\#define\s+(\S+)\s+(.*)$/;
51 $v=$1;
52 $d=$2;
53 $d =~ s/^\"//;
54 $d =~ s/\"$//;
55 if ($v =~ /^SN_(.*)$/)
56 {
57 if(defined $snames{$d})
58 {
59 print "WARNING: Duplicate short name \"$d\"\n";
60 }
61 else
62 { $snames{$d} = "X"; }
63 $sn{$1}=$d;
64 }
65 elsif ($v =~ /^LN_(.*)$/)
66 {
67 if(defined $lnames{$d})
68 {
69 print "WARNING: Duplicate long name \"$d\"\n";
70 }
71 else
72 { $lnames{$d} = "X"; }
73 $ln{$1}=$d;
74 }
75 elsif ($v =~ /^NID_(.*)$/)
76 { $nid{$d}=$1; }
77 elsif ($v =~ /^OBJ_(.*)$/)
78 {
79 $obj{$1}=$v;
80 $objd{$v}=$d;
81 }
82 }
83close IN;
84
85%ob=&expand_obj(*objd);
86
87@a=sort { $a <=> $b } keys %nid;
88$n=$a[$#a]+1;
89
90@lvalues=();
91$lvalues=0;
92
93for ($i=0; $i<$n; $i++)
94 {
95 if (!defined($nid{$i}))
96 {
97 push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
98 }
99 else
100 {
101 $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
102 $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
103
104 if ($sn eq "NULL") {
105 $sn=$ln;
106 $sn{$nid{$i}} = $ln;
107 }
108
109 if ($ln eq "NULL") {
110 $ln=$sn;
111 $ln{$nid{$i}} = $sn;
112 }
113
114 $out ="{";
115 $out.="\"$sn\"";
116 $out.=","."\"$ln\"";
117 $out.=",NID_$nid{$i},";
118 if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
119 {
120 $v=$objd{$obj{$nid{$i}}};
121 $v =~ s/L//g;
122 $v =~ s/,/ /g;
123 $r=&der_it($v);
124 $z="";
125 $length=0;
126 foreach (unpack("C*",$r))
127 {
128 $z.=sprintf("0x%02X,",$_);
129 $length++;
130 }
131 $obj_der{$obj{$nid{$i}}}=$z;
132 $obj_len{$obj{$nid{$i}}}=$length;
133
134 push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
135 $z,$lvalues,$obj{$nid{$i}}));
136 $out.="$length,&(lvalues[$lvalues]),0";
137 $lvalues+=$length;
138 }
139 else
140 {
141 $out.="0,NULL,0";
142 }
143 $out.="},\n";
144 push(@out,$out);
145 }
146 }
147
148@a=grep(defined($sn{$nid{$_}}),0 .. $n);
149foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
150 {
151 push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
152 }
153
154@a=grep(defined($ln{$nid{$_}}),0 .. $n);
155foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
156 {
157 push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
158 }
159
160@a=grep(defined($obj{$nid{$_}}),0 .. $n);
161foreach (sort obj_cmp @a)
162 {
163 $m=$obj{$nid{$_}};
164 $v=$objd{$m};
165 $v =~ s/L//g;
166 $v =~ s/,/ /g;
167 push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
168 }
169
170print OUT <<'EOF';
171/* crypto/objects/obj_dat.h */
172
173/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
174 * following command:
175 * perl obj_dat.pl obj_mac.h obj_dat.h
176 */
177
178/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
179 * All rights reserved.
180 *
181 * This package is an SSL implementation written
182 * by Eric Young (eay@cryptsoft.com).
183 * The implementation was written so as to conform with Netscapes SSL.
184 *
185 * This library is free for commercial and non-commercial use as long as
186 * the following conditions are aheared to. The following conditions
187 * apply to all code found in this distribution, be it the RC4, RSA,
188 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
189 * included with this distribution is covered by the same copyright terms
190 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
191 *
192 * Copyright remains Eric Young's, and as such any Copyright notices in
193 * the code are not to be removed.
194 * If this package is used in a product, Eric Young should be given attribution
195 * as the author of the parts of the library used.
196 * This can be in the form of a textual message at program startup or
197 * in documentation (online or textual) provided with the package.
198 *
199 * Redistribution and use in source and binary forms, with or without
200 * modification, are permitted provided that the following conditions
201 * are met:
202 * 1. Redistributions of source code must retain the copyright
203 * notice, this list of conditions and the following disclaimer.
204 * 2. Redistributions in binary form must reproduce the above copyright
205 * notice, this list of conditions and the following disclaimer in the
206 * documentation and/or other materials provided with the distribution.
207 * 3. All advertising materials mentioning features or use of this software
208 * must display the following acknowledgement:
209 * "This product includes cryptographic software written by
210 * Eric Young (eay@cryptsoft.com)"
211 * The word 'cryptographic' can be left out if the rouines from the library
212 * being used are not cryptographic related :-).
213 * 4. If you include any Windows specific code (or a derivative thereof) from
214 * the apps directory (application code) you must include an acknowledgement:
215 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
216 *
217 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
218 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
219 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
220 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
221 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
222 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
223 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
224 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
225 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
226 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
227 * SUCH DAMAGE.
228 *
229 * The licence and distribution terms for any publically available version or
230 * derivative of this code cannot be changed. i.e. this code cannot simply be
231 * copied and put under another distribution licence
232 * [including the GNU Public Licence.]
233 */
234
235EOF
236
237printf OUT "#define NUM_NID %d\n",$n;
238printf OUT "#define NUM_SN %d\n",$#sn+1;
239printf OUT "#define NUM_LN %d\n",$#ln+1;
240printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
241
242printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
243print OUT @lvalues;
244print OUT "};\n\n";
245
246printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n";
247foreach (@out)
248 {
249 if (length($_) > 75)
250 {
251 $out="";
252 foreach (split(/,/))
253 {
254 $t=$out.$_.",";
255 if (length($t) > 70)
256 {
257 print OUT "$out\n";
258 $t="\t$_,";
259 }
260 $out=$t;
261 }
262 chop $out;
263 print OUT "$out";
264 }
265 else
266 { print OUT $_; }
267 }
268print OUT "};\n\n";
269
270printf OUT "static const unsigned int sn_objs[NUM_SN]={\n";
271print OUT @sn;
272print OUT "};\n\n";
273
274printf OUT "static const unsigned int ln_objs[NUM_LN]={\n";
275print OUT @ln;
276print OUT "};\n\n";
277
278printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n";
279print OUT @ob;
280print OUT "};\n\n";
281
282close OUT;
283
284sub der_it
285 {
286 local($v)=@_;
287 local(@a,$i,$ret,@r);
288
289 @a=split(/\s+/,$v);
290 $ret.=pack("C*",$a[0]*40+$a[1]);
291 shift @a;
292 shift @a;
293 foreach (@a)
294 {
295 @r=();
296 $t=0;
297 while ($_ >= 128)
298 {
299 $x=$_%128;
300 $_/=128;
301 push(@r,((($t++)?0x80:0)|$x));
302 }
303 push(@r,((($t++)?0x80:0)|$_));
304 $ret.=pack("C*",reverse(@r));
305 }
306 return($ret);
307 }
diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c
deleted file mode 100644
index 514fb0d4f0..0000000000
--- a/src/lib/libcrypto/objects/obj_err.c
+++ /dev/null
@@ -1,93 +0,0 @@
1/* $OpenBSD: obj_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <stdio.h>
57
58#include <openssl/opensslconf.h>
59
60#include <openssl/err.h>
61#include <openssl/objects.h>
62
63#include "err_local.h"
64
65#ifndef OPENSSL_NO_ERR
66
67#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
68#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
69
70static const ERR_STRING_DATA OBJ_str_functs[] = {
71 {ERR_FUNC(0xfff), "CRYPTO_internal"},
72 {0, NULL}
73};
74
75static const ERR_STRING_DATA OBJ_str_reasons[] = {
76 {ERR_REASON(OBJ_R_MALLOC_FAILURE) , "malloc failure"},
77 {ERR_REASON(OBJ_R_UNKNOWN_NID) , "unknown nid"},
78 {0, NULL}
79};
80
81#endif
82
83void
84ERR_load_OBJ_strings(void)
85{
86#ifndef OPENSSL_NO_ERR
87 if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) {
88 ERR_load_const_strings(OBJ_str_functs);
89 ERR_load_const_strings(OBJ_str_reasons);
90 }
91#endif
92}
93LCRYPTO_ALIAS(ERR_load_OBJ_strings);
diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c
deleted file mode 100644
index 45062dbd4c..0000000000
--- a/src/lib/libcrypto/objects/obj_lib.c
+++ /dev/null
@@ -1,135 +0,0 @@
1/* $OpenBSD: obj_lib.c,v 1.19 2023/08/17 09:13:01 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/err.h>
63#include <openssl/buffer.h>
64#include <openssl/lhash.h>
65#include <openssl/objects.h>
66
67#include "asn1_local.h"
68
69ASN1_OBJECT *
70OBJ_dup(const ASN1_OBJECT *o)
71{
72 ASN1_OBJECT *r;
73 char *ln = NULL, *sn = NULL;
74 unsigned char *data = NULL;
75
76 if (o == NULL)
77 return (NULL);
78 if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
79 return((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of
80 duplication is this??? */
81
82 r = ASN1_OBJECT_new();
83 if (r == NULL) {
84 OBJerror(ERR_R_ASN1_LIB);
85 return (NULL);
86 }
87 data = malloc(o->length);
88 if (data == NULL)
89 goto err;
90 if (o->data != NULL)
91 memcpy(data, o->data, o->length);
92 /* once data attached to object it remains const */
93 r->data = data;
94 r->length = o->length;
95 r->nid = o->nid;
96 r->ln = r->sn = NULL;
97 if (o->ln != NULL) {
98 ln = strdup(o->ln);
99 if (ln == NULL)
100 goto err;
101 r->ln = ln;
102 }
103
104 if (o->sn != NULL) {
105 sn = strdup(o->sn);
106 if (sn == NULL)
107 goto err;
108 r->sn = sn;
109 }
110 r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
111 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA);
112 return (r);
113
114 err:
115 OBJerror(ERR_R_MALLOC_FAILURE);
116 free(ln);
117 free(sn);
118 free(data);
119 free(r);
120 return (NULL);
121}
122LCRYPTO_ALIAS(OBJ_dup);
123
124int
125OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
126{
127 int cmp;
128
129 if ((cmp = a->length - b->length) != 0)
130 return cmp;
131 if (a->length == 0)
132 return 0;
133 return memcmp(a->data, b->data, a->length);
134}
135LCRYPTO_ALIAS(OBJ_cmp);
diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num
deleted file mode 100644
index 728bf02400..0000000000
--- a/src/lib/libcrypto/objects/obj_mac.num
+++ /dev/null
@@ -1,1055 +0,0 @@
1undef 0
2rsadsi 1
3pkcs 2
4md2 3
5md5 4
6rc4 5
7rsaEncryption 6
8md2WithRSAEncryption 7
9md5WithRSAEncryption 8
10pbeWithMD2AndDES_CBC 9
11pbeWithMD5AndDES_CBC 10
12X500 11
13X509 12
14commonName 13
15countryName 14
16localityName 15
17stateOrProvinceName 16
18organizationName 17
19organizationalUnitName 18
20rsa 19
21pkcs7 20
22pkcs7_data 21
23pkcs7_signed 22
24pkcs7_enveloped 23
25pkcs7_signedAndEnveloped 24
26pkcs7_digest 25
27pkcs7_encrypted 26
28pkcs3 27
29dhKeyAgreement 28
30des_ecb 29
31des_cfb64 30
32des_cbc 31
33des_ede_ecb 32
34des_ede3_ecb 33
35idea_cbc 34
36idea_cfb64 35
37idea_ecb 36
38rc2_cbc 37
39rc2_ecb 38
40rc2_cfb64 39
41rc2_ofb64 40
42sha 41
43shaWithRSAEncryption 42
44des_ede_cbc 43
45des_ede3_cbc 44
46des_ofb64 45
47idea_ofb64 46
48pkcs9 47
49pkcs9_emailAddress 48
50pkcs9_unstructuredName 49
51pkcs9_contentType 50
52pkcs9_messageDigest 51
53pkcs9_signingTime 52
54pkcs9_countersignature 53
55pkcs9_challengePassword 54
56pkcs9_unstructuredAddress 55
57pkcs9_extCertAttributes 56
58netscape 57
59netscape_cert_extension 58
60netscape_data_type 59
61des_ede_cfb64 60
62des_ede3_cfb64 61
63des_ede_ofb64 62
64des_ede3_ofb64 63
65sha1 64
66sha1WithRSAEncryption 65
67dsaWithSHA 66
68dsa_2 67
69pbeWithSHA1AndRC2_CBC 68
70id_pbkdf2 69
71dsaWithSHA1_2 70
72netscape_cert_type 71
73netscape_base_url 72
74netscape_revocation_url 73
75netscape_ca_revocation_url 74
76netscape_renewal_url 75
77netscape_ca_policy_url 76
78netscape_ssl_server_name 77
79netscape_comment 78
80netscape_cert_sequence 79
81desx_cbc 80
82id_ce 81
83subject_key_identifier 82
84key_usage 83
85private_key_usage_period 84
86subject_alt_name 85
87issuer_alt_name 86
88basic_constraints 87
89crl_number 88
90certificate_policies 89
91authority_key_identifier 90
92bf_cbc 91
93bf_ecb 92
94bf_cfb64 93
95bf_ofb64 94
96mdc2 95
97mdc2WithRSA 96
98rc4_40 97
99rc2_40_cbc 98
100givenName 99
101surname 100
102initials 101
103uniqueIdentifier 102
104crl_distribution_points 103
105md5WithRSA 104
106serialNumber 105
107title 106
108description 107
109cast5_cbc 108
110cast5_ecb 109
111cast5_cfb64 110
112cast5_ofb64 111
113pbeWithMD5AndCast5_CBC 112
114dsaWithSHA1 113
115md5_sha1 114
116sha1WithRSA 115
117dsa 116
118ripemd160 117
119ripemd160WithRSA 119
120rc5_cbc 120
121rc5_ecb 121
122rc5_cfb64 122
123rc5_ofb64 123
124rle_compression 124
125zlib_compression 125
126ext_key_usage 126
127id_pkix 127
128id_kp 128
129server_auth 129
130client_auth 130
131code_sign 131
132email_protect 132
133time_stamp 133
134ms_code_ind 134
135ms_code_com 135
136ms_ctl_sign 136
137ms_sgc 137
138ms_efs 138
139ns_sgc 139
140delta_crl 140
141crl_reason 141
142invalidity_date 142
143sxnet 143
144pbe_WithSHA1And128BitRC4 144
145pbe_WithSHA1And40BitRC4 145
146pbe_WithSHA1And3_Key_TripleDES_CBC 146
147pbe_WithSHA1And2_Key_TripleDES_CBC 147
148pbe_WithSHA1And128BitRC2_CBC 148
149pbe_WithSHA1And40BitRC2_CBC 149
150keyBag 150
151pkcs8ShroudedKeyBag 151
152certBag 152
153crlBag 153
154secretBag 154
155safeContentsBag 155
156friendlyName 156
157localKeyID 157
158x509Certificate 158
159sdsiCertificate 159
160x509Crl 160
161pbes2 161
162pbmac1 162
163hmacWithSHA1 163
164id_qt_cps 164
165id_qt_unotice 165
166rc2_64_cbc 166
167SMIMECapabilities 167
168pbeWithMD2AndRC2_CBC 168
169pbeWithMD5AndRC2_CBC 169
170pbeWithSHA1AndDES_CBC 170
171ms_ext_req 171
172ext_req 172
173name 173
174dnQualifier 174
175id_pe 175
176id_ad 176
177info_access 177
178ad_OCSP 178
179ad_ca_issuers 179
180OCSP_sign 180
181iso 181
182member_body 182
183ISO_US 183
184X9_57 184
185X9cm 185
186pkcs1 186
187pkcs5 187
188SMIME 188
189id_smime_mod 189
190id_smime_ct 190
191id_smime_aa 191
192id_smime_alg 192
193id_smime_cd 193
194id_smime_spq 194
195id_smime_cti 195
196id_smime_mod_cms 196
197id_smime_mod_ess 197
198id_smime_mod_oid 198
199id_smime_mod_msg_v3 199
200id_smime_mod_ets_eSignature_88 200
201id_smime_mod_ets_eSignature_97 201
202id_smime_mod_ets_eSigPolicy_88 202
203id_smime_mod_ets_eSigPolicy_97 203
204id_smime_ct_receipt 204
205id_smime_ct_authData 205
206id_smime_ct_publishCert 206
207id_smime_ct_TSTInfo 207
208id_smime_ct_TDTInfo 208
209id_smime_ct_contentInfo 209
210id_smime_ct_DVCSRequestData 210
211id_smime_ct_DVCSResponseData 211
212id_smime_aa_receiptRequest 212
213id_smime_aa_securityLabel 213
214id_smime_aa_mlExpandHistory 214
215id_smime_aa_contentHint 215
216id_smime_aa_msgSigDigest 216
217id_smime_aa_encapContentType 217
218id_smime_aa_contentIdentifier 218
219id_smime_aa_macValue 219
220id_smime_aa_equivalentLabels 220
221id_smime_aa_contentReference 221
222id_smime_aa_encrypKeyPref 222
223id_smime_aa_signingCertificate 223
224id_smime_aa_smimeEncryptCerts 224
225id_smime_aa_timeStampToken 225
226id_smime_aa_ets_sigPolicyId 226
227id_smime_aa_ets_commitmentType 227
228id_smime_aa_ets_signerLocation 228
229id_smime_aa_ets_signerAttr 229
230id_smime_aa_ets_otherSigCert 230
231id_smime_aa_ets_contentTimestamp 231
232id_smime_aa_ets_CertificateRefs 232
233id_smime_aa_ets_RevocationRefs 233
234id_smime_aa_ets_certValues 234
235id_smime_aa_ets_revocationValues 235
236id_smime_aa_ets_escTimeStamp 236
237id_smime_aa_ets_certCRLTimestamp 237
238id_smime_aa_ets_archiveTimeStamp 238
239id_smime_aa_signatureType 239
240id_smime_aa_dvcs_dvc 240
241id_smime_alg_ESDHwith3DES 241
242id_smime_alg_ESDHwithRC2 242
243id_smime_alg_3DESwrap 243
244id_smime_alg_RC2wrap 244
245id_smime_alg_ESDH 245
246id_smime_alg_CMS3DESwrap 246
247id_smime_alg_CMSRC2wrap 247
248id_smime_cd_ldap 248
249id_smime_spq_ets_sqt_uri 249
250id_smime_spq_ets_sqt_unotice 250
251id_smime_cti_ets_proofOfOrigin 251
252id_smime_cti_ets_proofOfReceipt 252
253id_smime_cti_ets_proofOfDelivery 253
254id_smime_cti_ets_proofOfSender 254
255id_smime_cti_ets_proofOfApproval 255
256id_smime_cti_ets_proofOfCreation 256
257md4 257
258id_pkix_mod 258
259id_qt 259
260id_it 260
261id_pkip 261
262id_alg 262
263id_cmc 263
264id_on 264
265id_pda 265
266id_aca 266
267id_qcs 267
268id_cct 268
269id_pkix1_explicit_88 269
270id_pkix1_implicit_88 270
271id_pkix1_explicit_93 271
272id_pkix1_implicit_93 272
273id_mod_crmf 273
274id_mod_cmc 274
275id_mod_kea_profile_88 275
276id_mod_kea_profile_93 276
277id_mod_cmp 277
278id_mod_qualified_cert_88 278
279id_mod_qualified_cert_93 279
280id_mod_attribute_cert 280
281id_mod_timestamp_protocol 281
282id_mod_ocsp 282
283id_mod_dvcs 283
284id_mod_cmp2000 284
285biometricInfo 285
286qcStatements 286
287ac_auditEntity 287
288ac_targeting 288
289aaControls 289
290sbgp_ipAddrBlock 290
291sbgp_autonomousSysNum 291
292sbgp_routerIdentifier 292
293textNotice 293
294ipsecEndSystem 294
295ipsecTunnel 295
296ipsecUser 296
297dvcs 297
298id_it_caProtEncCert 298
299id_it_signKeyPairTypes 299
300id_it_encKeyPairTypes 300
301id_it_preferredSymmAlg 301
302id_it_caKeyUpdateInfo 302
303id_it_currentCRL 303
304id_it_unsupportedOIDs 304
305id_it_subscriptionRequest 305
306id_it_subscriptionResponse 306
307id_it_keyPairParamReq 307
308id_it_keyPairParamRep 308
309id_it_revPassphrase 309
310id_it_implicitConfirm 310
311id_it_confirmWaitTime 311
312id_it_origPKIMessage 312
313id_regCtrl 313
314id_regInfo 314
315id_regCtrl_regToken 315
316id_regCtrl_authenticator 316
317id_regCtrl_pkiPublicationInfo 317
318id_regCtrl_pkiArchiveOptions 318
319id_regCtrl_oldCertID 319
320id_regCtrl_protocolEncrKey 320
321id_regInfo_utf8Pairs 321
322id_regInfo_certReq 322
323id_alg_des40 323
324id_alg_noSignature 324
325id_alg_dh_sig_hmac_sha1 325
326id_alg_dh_pop 326
327id_cmc_statusInfo 327
328id_cmc_identification 328
329id_cmc_identityProof 329
330id_cmc_dataReturn 330
331id_cmc_transactionId 331
332id_cmc_senderNonce 332
333id_cmc_recipientNonce 333
334id_cmc_addExtensions 334
335id_cmc_encryptedPOP 335
336id_cmc_decryptedPOP 336
337id_cmc_lraPOPWitness 337
338id_cmc_getCert 338
339id_cmc_getCRL 339
340id_cmc_revokeRequest 340
341id_cmc_regInfo 341
342id_cmc_responseInfo 342
343id_cmc_queryPending 343
344id_cmc_popLinkRandom 344
345id_cmc_popLinkWitness 345
346id_cmc_confirmCertAcceptance 346
347id_on_personalData 347
348id_pda_dateOfBirth 348
349id_pda_placeOfBirth 349
350id_pda_pseudonym 350
351id_pda_gender 351
352id_pda_countryOfCitizenship 352
353id_pda_countryOfResidence 353
354id_aca_authenticationInfo 354
355id_aca_accessIdentity 355
356id_aca_chargingIdentity 356
357id_aca_group 357
358id_aca_role 358
359id_qcs_pkixQCSyntax_v1 359
360id_cct_crs 360
361id_cct_PKIData 361
362id_cct_PKIResponse 362
363ad_timeStamping 363
364ad_dvcs 364
365id_pkix_OCSP_basic 365
366id_pkix_OCSP_Nonce 366
367id_pkix_OCSP_CrlID 367
368id_pkix_OCSP_acceptableResponses 368
369id_pkix_OCSP_noCheck 369
370id_pkix_OCSP_archiveCutoff 370
371id_pkix_OCSP_serviceLocator 371
372id_pkix_OCSP_extendedStatus 372
373id_pkix_OCSP_valid 373
374id_pkix_OCSP_path 374
375id_pkix_OCSP_trustRoot 375
376algorithm 376
377rsaSignature 377
378X500algorithms 378
379org 379
380dod 380
381iana 381
382Directory 382
383Management 383
384Experimental 384
385Private 385
386Security 386
387SNMPv2 387
388Mail 388
389Enterprises 389
390dcObject 390
391domainComponent 391
392Domain 392
393joint_iso_ccitt 393
394selected_attribute_types 394
395clearance 395
396md4WithRSAEncryption 396
397ac_proxying 397
398sinfo_access 398
399id_aca_encAttrs 399
400role 400
401policy_constraints 401
402target_information 402
403no_rev_avail 403
404ccitt 404
405ansi_X9_62 405
406X9_62_prime_field 406
407X9_62_characteristic_two_field 407
408X9_62_id_ecPublicKey 408
409X9_62_prime192v1 409
410X9_62_prime192v2 410
411X9_62_prime192v3 411
412X9_62_prime239v1 412
413X9_62_prime239v2 413
414X9_62_prime239v3 414
415X9_62_prime256v1 415
416ecdsa_with_SHA1 416
417ms_csp_name 417
418aes_128_ecb 418
419aes_128_cbc 419
420aes_128_ofb128 420
421aes_128_cfb128 421
422aes_192_ecb 422
423aes_192_cbc 423
424aes_192_ofb128 424
425aes_192_cfb128 425
426aes_256_ecb 426
427aes_256_cbc 427
428aes_256_ofb128 428
429aes_256_cfb128 429
430hold_instruction_code 430
431hold_instruction_none 431
432hold_instruction_call_issuer 432
433hold_instruction_reject 433
434data 434
435pss 435
436ucl 436
437pilot 437
438pilotAttributeType 438
439pilotAttributeSyntax 439
440pilotObjectClass 440
441pilotGroups 441
442iA5StringSyntax 442
443caseIgnoreIA5StringSyntax 443
444pilotObject 444
445pilotPerson 445
446account 446
447document 447
448room 448
449documentSeries 449
450rFC822localPart 450
451dNSDomain 451
452domainRelatedObject 452
453friendlyCountry 453
454simpleSecurityObject 454
455pilotOrganization 455
456pilotDSA 456
457qualityLabelledData 457
458userId 458
459textEncodedORAddress 459
460rfc822Mailbox 460
461info 461
462favouriteDrink 462
463roomNumber 463
464photo 464
465userClass 465
466host 466
467manager 467
468documentIdentifier 468
469documentTitle 469
470documentVersion 470
471documentAuthor 471
472documentLocation 472
473homeTelephoneNumber 473
474secretary 474
475otherMailbox 475
476lastModifiedTime 476
477lastModifiedBy 477
478aRecord 478
479pilotAttributeType27 479
480mXRecord 480
481nSRecord 481
482sOARecord 482
483cNAMERecord 483
484associatedDomain 484
485associatedName 485
486homePostalAddress 486
487personalTitle 487
488mobileTelephoneNumber 488
489pagerTelephoneNumber 489
490friendlyCountryName 490
491organizationalStatus 491
492janetMailbox 492
493mailPreferenceOption 493
494buildingName 494
495dSAQuality 495
496singleLevelQuality 496
497subtreeMinimumQuality 497
498subtreeMaximumQuality 498
499personalSignature 499
500dITRedirect 500
501audio 501
502documentPublisher 502
503x500UniqueIdentifier 503
504mime_mhs 504
505mime_mhs_headings 505
506mime_mhs_bodies 506
507id_hex_partial_message 507
508id_hex_multipart_message 508
509generationQualifier 509
510pseudonym 510
511InternationalRA 511
512id_set 512
513set_ctype 513
514set_msgExt 514
515set_attr 515
516set_policy 516
517set_certExt 517
518set_brand 518
519setct_PANData 519
520setct_PANToken 520
521setct_PANOnly 521
522setct_OIData 522
523setct_PI 523
524setct_PIData 524
525setct_PIDataUnsigned 525
526setct_HODInput 526
527setct_AuthResBaggage 527
528setct_AuthRevReqBaggage 528
529setct_AuthRevResBaggage 529
530setct_CapTokenSeq 530
531setct_PInitResData 531
532setct_PI_TBS 532
533setct_PResData 533
534setct_AuthReqTBS 534
535setct_AuthResTBS 535
536setct_AuthResTBSX 536
537setct_AuthTokenTBS 537
538setct_CapTokenData 538
539setct_CapTokenTBS 539
540setct_AcqCardCodeMsg 540
541setct_AuthRevReqTBS 541
542setct_AuthRevResData 542
543setct_AuthRevResTBS 543
544setct_CapReqTBS 544
545setct_CapReqTBSX 545
546setct_CapResData 546
547setct_CapRevReqTBS 547
548setct_CapRevReqTBSX 548
549setct_CapRevResData 549
550setct_CredReqTBS 550
551setct_CredReqTBSX 551
552setct_CredResData 552
553setct_CredRevReqTBS 553
554setct_CredRevReqTBSX 554
555setct_CredRevResData 555
556setct_PCertReqData 556
557setct_PCertResTBS 557
558setct_BatchAdminReqData 558
559setct_BatchAdminResData 559
560setct_CardCInitResTBS 560
561setct_MeAqCInitResTBS 561
562setct_RegFormResTBS 562
563setct_CertReqData 563
564setct_CertReqTBS 564
565setct_CertResData 565
566setct_CertInqReqTBS 566
567setct_ErrorTBS 567
568setct_PIDualSignedTBE 568
569setct_PIUnsignedTBE 569
570setct_AuthReqTBE 570
571setct_AuthResTBE 571
572setct_AuthResTBEX 572
573setct_AuthTokenTBE 573
574setct_CapTokenTBE 574
575setct_CapTokenTBEX 575
576setct_AcqCardCodeMsgTBE 576
577setct_AuthRevReqTBE 577
578setct_AuthRevResTBE 578
579setct_AuthRevResTBEB 579
580setct_CapReqTBE 580
581setct_CapReqTBEX 581
582setct_CapResTBE 582
583setct_CapRevReqTBE 583
584setct_CapRevReqTBEX 584
585setct_CapRevResTBE 585
586setct_CredReqTBE 586
587setct_CredReqTBEX 587
588setct_CredResTBE 588
589setct_CredRevReqTBE 589
590setct_CredRevReqTBEX 590
591setct_CredRevResTBE 591
592setct_BatchAdminReqTBE 592
593setct_BatchAdminResTBE 593
594setct_RegFormReqTBE 594
595setct_CertReqTBE 595
596setct_CertReqTBEX 596
597setct_CertResTBE 597
598setct_CRLNotificationTBS 598
599setct_CRLNotificationResTBS 599
600setct_BCIDistributionTBS 600
601setext_genCrypt 601
602setext_miAuth 602
603setext_pinSecure 603
604setext_pinAny 604
605setext_track2 605
606setext_cv 606
607set_policy_root 607
608setCext_hashedRoot 608
609setCext_certType 609
610setCext_merchData 610
611setCext_cCertRequired 611
612setCext_tunneling 612
613setCext_setExt 613
614setCext_setQualf 614
615setCext_PGWYcapabilities 615
616setCext_TokenIdentifier 616
617setCext_Track2Data 617
618setCext_TokenType 618
619setCext_IssuerCapabilities 619
620setAttr_Cert 620
621setAttr_PGWYcap 621
622setAttr_TokenType 622
623setAttr_IssCap 623
624set_rootKeyThumb 624
625set_addPolicy 625
626setAttr_Token_EMV 626
627setAttr_Token_B0Prime 627
628setAttr_IssCap_CVM 628
629setAttr_IssCap_T2 629
630setAttr_IssCap_Sig 630
631setAttr_GenCryptgrm 631
632setAttr_T2Enc 632
633setAttr_T2cleartxt 633
634setAttr_TokICCsig 634
635setAttr_SecDevSig 635
636set_brand_IATA_ATA 636
637set_brand_Diners 637
638set_brand_AmericanExpress 638
639set_brand_JCB 639
640set_brand_Visa 640
641set_brand_MasterCard 641
642set_brand_Novus 642
643des_cdmf 643
644rsaOAEPEncryptionSET 644
645itu_t 645
646joint_iso_itu_t 646
647international_organizations 647
648ms_smartcard_login 648
649ms_upn 649
650aes_128_cfb1 650
651aes_192_cfb1 651
652aes_256_cfb1 652
653aes_128_cfb8 653
654aes_192_cfb8 654
655aes_256_cfb8 655
656des_cfb1 656
657des_cfb8 657
658des_ede3_cfb1 658
659des_ede3_cfb8 659
660streetAddress 660
661postalCode 661
662id_ppl 662
663proxyCertInfo 663
664id_ppl_anyLanguage 664
665id_ppl_inheritAll 665
666name_constraints 666
667Independent 667
668sha256WithRSAEncryption 668
669sha384WithRSAEncryption 669
670sha512WithRSAEncryption 670
671sha224WithRSAEncryption 671
672sha256 672
673sha384 673
674sha512 674
675sha224 675
676identified_organization 676
677certicom_arc 677
678wap 678
679wap_wsg 679
680X9_62_id_characteristic_two_basis 680
681X9_62_onBasis 681
682X9_62_tpBasis 682
683X9_62_ppBasis 683
684X9_62_c2pnb163v1 684
685X9_62_c2pnb163v2 685
686X9_62_c2pnb163v3 686
687X9_62_c2pnb176v1 687
688X9_62_c2tnb191v1 688
689X9_62_c2tnb191v2 689
690X9_62_c2tnb191v3 690
691X9_62_c2onb191v4 691
692X9_62_c2onb191v5 692
693X9_62_c2pnb208w1 693
694X9_62_c2tnb239v1 694
695X9_62_c2tnb239v2 695
696X9_62_c2tnb239v3 696
697X9_62_c2onb239v4 697
698X9_62_c2onb239v5 698
699X9_62_c2pnb272w1 699
700X9_62_c2pnb304w1 700
701X9_62_c2tnb359v1 701
702X9_62_c2pnb368w1 702
703X9_62_c2tnb431r1 703
704secp112r1 704
705secp112r2 705
706secp128r1 706
707secp128r2 707
708secp160k1 708
709secp160r1 709
710secp160r2 710
711secp192k1 711
712secp224k1 712
713secp224r1 713
714secp256k1 714
715secp384r1 715
716secp521r1 716
717sect113r1 717
718sect113r2 718
719sect131r1 719
720sect131r2 720
721sect163k1 721
722sect163r1 722
723sect163r2 723
724sect193r1 724
725sect193r2 725
726sect233k1 726
727sect233r1 727
728sect239k1 728
729sect283k1 729
730sect283r1 730
731sect409k1 731
732sect409r1 732
733sect571k1 733
734sect571r1 734
735wap_wsg_idm_ecid_wtls1 735
736wap_wsg_idm_ecid_wtls3 736
737wap_wsg_idm_ecid_wtls4 737
738wap_wsg_idm_ecid_wtls5 738
739wap_wsg_idm_ecid_wtls6 739
740wap_wsg_idm_ecid_wtls7 740
741wap_wsg_idm_ecid_wtls8 741
742wap_wsg_idm_ecid_wtls9 742
743wap_wsg_idm_ecid_wtls10 743
744wap_wsg_idm_ecid_wtls11 744
745wap_wsg_idm_ecid_wtls12 745
746any_policy 746
747policy_mappings 747
748inhibit_any_policy 748
749ipsec3 749
750ipsec4 750
751camellia_128_cbc 751
752camellia_192_cbc 752
753camellia_256_cbc 753
754camellia_128_ecb 754
755camellia_192_ecb 755
756camellia_256_ecb 756
757camellia_128_cfb128 757
758camellia_192_cfb128 758
759camellia_256_cfb128 759
760camellia_128_cfb1 760
761camellia_192_cfb1 761
762camellia_256_cfb1 762
763camellia_128_cfb8 763
764camellia_192_cfb8 764
765camellia_256_cfb8 765
766camellia_128_ofb128 766
767camellia_192_ofb128 767
768camellia_256_ofb128 768
769subject_directory_attributes 769
770issuing_distribution_point 770
771certificate_issuer 771
772korea 772
773kisa 773
774kftc 774
775npki_alg 775
776seed_ecb 776
777seed_cbc 777
778seed_ofb128 778
779seed_cfb128 779
780hmac_md5 780
781hmac_sha1 781
782id_PasswordBasedMAC 782
783id_DHBasedMac 783
784id_it_suppLangTags 784
785caRepository 785
786id_smime_ct_compressedData 786
787id_ct_asciiTextWithCRLF 787
788id_aes128_wrap 788
789id_aes192_wrap 789
790id_aes256_wrap 790
791ecdsa_with_Recommended 791
792ecdsa_with_Specified 792
793ecdsa_with_SHA224 793
794ecdsa_with_SHA256 794
795ecdsa_with_SHA384 795
796ecdsa_with_SHA512 796
797hmacWithMD5 797
798hmacWithSHA224 798
799hmacWithSHA256 799
800hmacWithSHA384 800
801hmacWithSHA512 801
802dsa_with_SHA224 802
803dsa_with_SHA256 803
804whirlpool 804
805cryptopro 805
806cryptocom 806
807id_GostR3411_94_with_GostR3410_2001 807
808id_GostR3411_94_with_GostR3410_94 808
809id_GostR3411_94 809
810id_HMACGostR3411_94 810
811id_GostR3410_2001 811
812id_GostR3410_94 812
813id_Gost28147_89 813
814gost89_cnt 814
815id_Gost28147_89_MAC 815
816id_GostR3411_94_prf 816
817id_GostR3410_2001DH 817
818id_GostR3410_94DH 818
819id_Gost28147_89_CryptoPro_KeyMeshing 819
820id_Gost28147_89_None_KeyMeshing 820
821id_GostR3411_94_TestParamSet 821
822id_GostR3411_94_CryptoProParamSet 822
823id_Gost28147_89_TestParamSet 823
824id_Gost28147_89_CryptoPro_A_ParamSet 824
825id_Gost28147_89_CryptoPro_B_ParamSet 825
826id_Gost28147_89_CryptoPro_C_ParamSet 826
827id_Gost28147_89_CryptoPro_D_ParamSet 827
828id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
829id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
830id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
831id_GostR3410_94_TestParamSet 831
832id_GostR3410_94_CryptoPro_A_ParamSet 832
833id_GostR3410_94_CryptoPro_B_ParamSet 833
834id_GostR3410_94_CryptoPro_C_ParamSet 834
835id_GostR3410_94_CryptoPro_D_ParamSet 835
836id_GostR3410_94_CryptoPro_XchA_ParamSet 836
837id_GostR3410_94_CryptoPro_XchB_ParamSet 837
838id_GostR3410_94_CryptoPro_XchC_ParamSet 838
839id_GostR3410_2001_TestParamSet 839
840id_GostR3410_2001_CryptoPro_A_ParamSet 840
841id_GostR3410_2001_CryptoPro_B_ParamSet 841
842id_GostR3410_2001_CryptoPro_C_ParamSet 842
843id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
844id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
845id_GostR3410_94_a 845
846id_GostR3410_94_aBis 846
847id_GostR3410_94_b 847
848id_GostR3410_94_bBis 848
849id_Gost28147_89_cc 849
850id_GostR3410_94_cc 850
851id_GostR3410_2001_cc 851
852id_GostR3411_94_with_GostR3410_94_cc 852
853id_GostR3411_94_with_GostR3410_2001_cc 853
854id_GostR3410_2001_ParamSet_cc 854
855hmac 855
856LocalKeySet 856
857freshest_crl 857
858id_on_permanentIdentifier 858
859searchGuide 859
860businessCategory 860
861postalAddress 861
862postOfficeBox 862
863physicalDeliveryOfficeName 863
864telephoneNumber 864
865telexNumber 865
866teletexTerminalIdentifier 866
867facsimileTelephoneNumber 867
868x121Address 868
869internationaliSDNNumber 869
870registeredAddress 870
871destinationIndicator 871
872preferredDeliveryMethod 872
873presentationAddress 873
874supportedApplicationContext 874
875member 875
876owner 876
877roleOccupant 877
878seeAlso 878
879userPassword 879
880userCertificate 880
881cACertificate 881
882authorityRevocationList 882
883certificateRevocationList 883
884crossCertificatePair 884
885enhancedSearchGuide 885
886protocolInformation 886
887distinguishedName 887
888uniqueMember 888
889houseIdentifier 889
890supportedAlgorithms 890
891deltaRevocationList 891
892dmdName 892
893id_alg_PWRI_KEK 893
894cmac 894
895aes_128_gcm 895
896aes_128_ccm 896
897id_aes128_wrap_pad 897
898aes_192_gcm 898
899aes_192_ccm 899
900id_aes192_wrap_pad 900
901aes_256_gcm 901
902aes_256_ccm 902
903id_aes256_wrap_pad 903
904aes_128_ctr 904
905aes_192_ctr 905
906aes_256_ctr 906
907id_camellia128_wrap 907
908id_camellia192_wrap 908
909id_camellia256_wrap 909
910anyExtendedKeyUsage 910
911mgf1 911
912rsassaPss 912
913aes_128_xts 913
914aes_256_xts 914
915rc4_hmac_md5 915
916aes_128_cbc_hmac_sha1 916
917aes_192_cbc_hmac_sha1 917
918aes_256_cbc_hmac_sha1 918
919rsaesOaep 919
920teletrust 920
921brainpool 921
922brainpoolP160r1 922
923brainpoolP160t1 923
924brainpoolP192r1 924
925brainpoolP192t1 925
926brainpoolP224r1 926
927brainpoolP224t1 927
928brainpoolP256r1 928
929brainpoolP256t1 929
930brainpoolP320r1 930
931brainpoolP320t1 931
932brainpoolP384r1 932
933brainpoolP384t1 933
934brainpoolP512r1 934
935brainpoolP512t1 935
936FRP256v1 936
937chacha20 937
938gost89_ecb 938
939gost89_cbc 939
940tc26 940
941id_tc26_gost3411_2012_256 941
942id_tc26_gost3411_2012_512 942
943id_tc26_gost_3410_12_512_paramSetA 943
944id_tc26_gost_3410_12_512_paramSetB 944
945id_tc26_gost_28147_param_Z 945
946id_tc26_gost3410_2012_256 946
947id_tc26_gost3410_2012_512 947
948id_tc26_signwithdigest_gost3410_2012_256 948
949id_tc26_signwithdigest_gost3410_2012_512 949
950X25519 950
951X448 951
952Ed25519 952
953Ed448 953
954Ed25519ph 954
955Ed448ph 955
956jurisdictionLocalityName 956
957jurisdictionStateOrProvinceName 957
958jurisdictionCountryName 958
959kx_rsa 959
960kx_ecdhe 960
961kx_dhe 961
962kx_gost 962
963auth_rsa 963
964auth_ecdsa 964
965auth_gost01 965
966auth_null 966
967chacha20_poly1305 967
968sm3 968
969sm3WithRSAEncryption 969
970ISO_CN 970
971oscca 971
972sm_scheme 972
973sm4_ecb 973
974sm4_cbc 974
975sm4_ofb128 975
976sm4_cfb128 976
977sm4_cfb1 977
978sm4_cfb8 978
979sm4_ctr 979
980dhSinglePass_stdDH_sha1kdf_scheme 980
981dhSinglePass_stdDH_sha224kdf_scheme 981
982dhSinglePass_stdDH_sha256kdf_scheme 982
983dhSinglePass_stdDH_sha384kdf_scheme 983
984dhSinglePass_stdDH_sha512kdf_scheme 984
985dhSinglePass_cofactorDH_sha1kdf_scheme 985
986dhSinglePass_cofactorDH_sha224kdf_scheme 986
987dhSinglePass_cofactorDH_sha256kdf_scheme 987
988dhSinglePass_cofactorDH_sha384kdf_scheme 988
989dhSinglePass_cofactorDH_sha512kdf_scheme 989
990dh_std_kdf 990
991dh_cofactor_kdf 991
992pSpecified 992
993id_tc26_gost_3410_12_256_paramSetA 993
994id_tc26_gost_3410_12_256_paramSetB 994
995id_tc26_gost_3410_12_256_paramSetC 995
996id_tc26_gost_3410_12_256_paramSetD 996
997id_tc26_gost_3410_12_512_paramSetTest 997
998id_tc26_gost_3410_12_512_paramSetC 998
999id_tc26_hmac_gost_3411_12_256 999
1000id_tc26_hmac_gost_3411_12_512 1000
1001id_ct_routeOriginAuthz 1001
1002id_ct_rpkiManifest 1002
1003id_ct_rpkiGhostbusters 1003
1004id_ct_resourceTaggedAttest 1004
1005id_cp 1005
1006sbgp_ipAddrBlockv2 1006
1007sbgp_autonomousSysNumv2 1007
1008ipAddr_asNumber 1008
1009ipAddr_asNumberv2 1009
1010rpkiManifest 1010
1011signedObject 1011
1012rpkiNotify 1012
1013id_ct_geofeedCSVwithCRLF 1013
1014id_ct_signedChecklist 1014
1015id_kp_bgpsec_router 1015
1016tlsfeature 1016
1017id_ct_ASPA 1017
1018ct_precert_scts 1018
1019ct_precert_poison 1019
1020ct_precert_signer 1020
1021ct_cert_scts 1021
1022hkdf 1022
1023id_smime_aa_signingCertificateV2 1023
1024id_ct_signedTAL 1024
1025sha512_224WithRSAEncryption 1025
1026sha512_256WithRSAEncryption 1026
1027hmacWithSHA512_224 1027
1028hmacWithSHA512_256 1028
1029sha512_224 1029
1030sha512_256 1030
1031sha3_224 1031
1032sha3_256 1032
1033sha3_384 1033
1034sha3_512 1034
1035hmac_sha3_224 1035
1036hmac_sha3_256 1036
1037hmac_sha3_384 1037
1038hmac_sha3_512 1038
1039dsa_with_SHA384 1039
1040dsa_with_SHA512 1040
1041dsa_with_SHA3_224 1041
1042dsa_with_SHA3_256 1042
1043dsa_with_SHA3_384 1043
1044dsa_with_SHA3_512 1044
1045ecdsa_with_SHA3_224 1045
1046ecdsa_with_SHA3_256 1046
1047ecdsa_with_SHA3_384 1047
1048ecdsa_with_SHA3_512 1048
1049RSA_SHA3_224 1049
1050RSA_SHA3_256 1050
1051RSA_SHA3_384 1051
1052RSA_SHA3_512 1052
1053acmeIdentifier 1053
1054id_ct_rpkiSignedPrefixList 1054
1055tls1_prf 1055
diff --git a/src/lib/libcrypto/objects/obj_xref.c b/src/lib/libcrypto/objects/obj_xref.c
deleted file mode 100644
index 04611d68e3..0000000000
--- a/src/lib/libcrypto/objects/obj_xref.c
+++ /dev/null
@@ -1,332 +0,0 @@
1/* $OpenBSD: obj_xref.c,v 1.15 2024/08/28 06:53:24 tb Exp $ */
2
3/*
4 * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <openssl/objects.h>
20
21/*
22 * Map between signature nids and pairs of (hash, pkey) nids. If the hash nid
23 * is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's
24 * ASN.1 method needs to handle algorithm identifiers and part of the message
25 * digest.
26 */
27
28static const struct {
29 int sign_nid;
30 int hash_nid;
31 int pkey_nid;
32} nid_triple[] = {
33 {
34 .sign_nid = NID_md2WithRSAEncryption,
35 .hash_nid = NID_md2,
36 .pkey_nid = NID_rsaEncryption,
37 },
38 {
39 .sign_nid = NID_md5WithRSAEncryption,
40 .hash_nid = NID_md5,
41 .pkey_nid = NID_rsaEncryption,
42 },
43 {
44 .sign_nid = NID_shaWithRSAEncryption,
45 .hash_nid = NID_sha,
46 .pkey_nid = NID_rsaEncryption,
47 },
48 {
49 .sign_nid = NID_sha1WithRSAEncryption,
50 .hash_nid = NID_sha1,
51 .pkey_nid = NID_rsaEncryption,
52 },
53 {
54 .sign_nid = NID_dsaWithSHA,
55 .hash_nid = NID_sha,
56 .pkey_nid = NID_dsa,
57 },
58 {
59 .sign_nid = NID_dsaWithSHA1_2,
60 .hash_nid = NID_sha1,
61 .pkey_nid = NID_dsa_2,
62 },
63 {
64 .sign_nid = NID_mdc2WithRSA,
65 .hash_nid = NID_mdc2,
66 .pkey_nid = NID_rsaEncryption,
67 },
68 {
69 .sign_nid = NID_md5WithRSA,
70 .hash_nid = NID_md5,
71 .pkey_nid = NID_rsa,
72 },
73 {
74 .sign_nid = NID_dsaWithSHA1,
75 .hash_nid = NID_sha1,
76 .pkey_nid = NID_dsa,
77 },
78 {
79 .sign_nid = NID_sha1WithRSA,
80 .hash_nid = NID_sha1,
81 .pkey_nid = NID_rsa,
82 },
83 {
84 .sign_nid = NID_ripemd160WithRSA,
85 .hash_nid = NID_ripemd160,
86 .pkey_nid = NID_rsaEncryption,
87 },
88 {
89 .sign_nid = NID_md4WithRSAEncryption,
90 .hash_nid = NID_md4,
91 .pkey_nid = NID_rsaEncryption,
92 },
93 {
94 .sign_nid = NID_ecdsa_with_SHA1,
95 .hash_nid = NID_sha1,
96 .pkey_nid = NID_X9_62_id_ecPublicKey,
97 },
98 {
99 .sign_nid = NID_sha256WithRSAEncryption,
100 .hash_nid = NID_sha256,
101 .pkey_nid = NID_rsaEncryption,
102 },
103 {
104 .sign_nid = NID_sha384WithRSAEncryption,
105 .hash_nid = NID_sha384,
106 .pkey_nid = NID_rsaEncryption,
107 },
108 {
109 .sign_nid = NID_sha512WithRSAEncryption,
110 .hash_nid = NID_sha512,
111 .pkey_nid = NID_rsaEncryption,
112 },
113 {
114 .sign_nid = NID_sha224WithRSAEncryption,
115 .hash_nid = NID_sha224,
116 .pkey_nid = NID_rsaEncryption,
117 },
118 {
119 .sign_nid = NID_ecdsa_with_Recommended,
120 .hash_nid = NID_undef,
121 .pkey_nid = NID_X9_62_id_ecPublicKey,
122 },
123 {
124 .sign_nid = NID_ecdsa_with_Specified,
125 .hash_nid = NID_undef,
126 .pkey_nid = NID_X9_62_id_ecPublicKey,
127 },
128 {
129 .sign_nid = NID_ecdsa_with_SHA224,
130 .hash_nid = NID_sha224,
131 .pkey_nid = NID_X9_62_id_ecPublicKey,
132 },
133 {
134 .sign_nid = NID_ecdsa_with_SHA256,
135 .hash_nid = NID_sha256,
136 .pkey_nid = NID_X9_62_id_ecPublicKey,
137 },
138 {
139 .sign_nid = NID_ecdsa_with_SHA384,
140 .hash_nid = NID_sha384,
141 .pkey_nid = NID_X9_62_id_ecPublicKey,
142 },
143 {
144 .sign_nid = NID_ecdsa_with_SHA512,
145 .hash_nid = NID_sha512,
146 .pkey_nid = NID_X9_62_id_ecPublicKey,
147 },
148 {
149 .sign_nid = NID_dsa_with_SHA224,
150 .hash_nid = NID_sha224,
151 .pkey_nid = NID_dsa,
152 },
153 {
154 .sign_nid = NID_dsa_with_SHA256,
155 .hash_nid = NID_sha256,
156 .pkey_nid = NID_dsa,
157 },
158 {
159 .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001,
160 .hash_nid = NID_id_GostR3411_94,
161 .pkey_nid = NID_id_GostR3410_2001,
162 },
163 {
164 .sign_nid = NID_id_GostR3411_94_with_GostR3410_94,
165 .hash_nid = NID_id_GostR3411_94,
166 .pkey_nid = NID_id_GostR3410_94,
167 },
168 {
169 .sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc,
170 .hash_nid = NID_id_GostR3411_94,
171 .pkey_nid = NID_id_GostR3410_94_cc,
172 },
173 {
174 .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc,
175 .hash_nid = NID_id_GostR3411_94,
176 .pkey_nid = NID_id_GostR3410_2001_cc,
177 },
178 {
179 .sign_nid = NID_rsassaPss,
180 .hash_nid = NID_undef,
181 .pkey_nid = NID_rsassaPss,
182 },
183 {
184 .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256,
185 .hash_nid = NID_id_tc26_gost3411_2012_256,
186 .pkey_nid = NID_id_GostR3410_2001,
187 },
188 {
189 .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512,
190 .hash_nid = NID_id_tc26_gost3411_2012_512,
191 .pkey_nid = NID_id_GostR3410_2001,
192 },
193 {
194 .sign_nid = NID_Ed25519,
195 .hash_nid = NID_undef,
196 .pkey_nid = NID_Ed25519,
197 },
198 {
199 .sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme,
200 .hash_nid = NID_sha1,
201 .pkey_nid = NID_dh_std_kdf,
202 },
203 {
204 .sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme,
205 .hash_nid = NID_sha224,
206 .pkey_nid = NID_dh_std_kdf,
207 },
208 {
209 .sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme,
210 .hash_nid = NID_sha256,
211 .pkey_nid = NID_dh_std_kdf,
212 },
213 {
214 .sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme,
215 .hash_nid = NID_sha384,
216 .pkey_nid = NID_dh_std_kdf,
217 },
218 {
219 .sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme,
220 .hash_nid = NID_sha512,
221 .pkey_nid = NID_dh_std_kdf,
222 },
223 {
224 .sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme,
225 .hash_nid = NID_sha1,
226 .pkey_nid = NID_dh_cofactor_kdf,
227 },
228 {
229 .sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme,
230 .hash_nid = NID_sha224,
231 .pkey_nid = NID_dh_cofactor_kdf,
232 },
233 {
234 .sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme,
235 .hash_nid = NID_sha256,
236 .pkey_nid = NID_dh_cofactor_kdf,
237 },
238 {
239 .sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme,
240 .hash_nid = NID_sha384,
241 .pkey_nid = NID_dh_cofactor_kdf,
242 },
243 {
244 .sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme,
245 .hash_nid = NID_sha512,
246 .pkey_nid = NID_dh_cofactor_kdf,
247 },
248 {
249 .sign_nid = NID_RSA_SHA3_224,
250 .hash_nid = NID_sha3_224,
251 .pkey_nid = NID_rsaEncryption,
252 },
253 {
254 .sign_nid = NID_RSA_SHA3_256,
255 .hash_nid = NID_sha3_256,
256 .pkey_nid = NID_rsaEncryption,
257 },
258 {
259 .sign_nid = NID_RSA_SHA3_384,
260 .hash_nid = NID_sha3_384,
261 .pkey_nid = NID_rsaEncryption,
262 },
263 {
264 .sign_nid = NID_RSA_SHA3_512,
265 .hash_nid = NID_sha3_512,
266 .pkey_nid = NID_rsaEncryption,
267 },
268 {
269 .sign_nid = NID_ecdsa_with_SHA3_224,
270 .hash_nid = NID_sha3_224,
271 .pkey_nid = NID_X9_62_id_ecPublicKey,
272 },
273 {
274 .sign_nid = NID_ecdsa_with_SHA3_256,
275 .hash_nid = NID_sha3_256,
276 .pkey_nid = NID_X9_62_id_ecPublicKey,
277 },
278 {
279 .sign_nid = NID_ecdsa_with_SHA3_384,
280 .hash_nid = NID_sha3_384,
281 .pkey_nid = NID_X9_62_id_ecPublicKey,
282 },
283 {
284 .sign_nid = NID_ecdsa_with_SHA3_512,
285 .hash_nid = NID_sha3_512,
286 .pkey_nid = NID_X9_62_id_ecPublicKey,
287 },
288};
289
290#define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0]))
291
292int
293OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid)
294{
295 size_t i;
296
297 for (i = 0; i < N_NID_TRIPLES; i++) {
298 if (sign_nid != nid_triple[i].sign_nid)
299 continue;
300
301 if (hash_nid != NULL)
302 *hash_nid = nid_triple[i].hash_nid;
303 if (pkey_nid != NULL)
304 *pkey_nid = nid_triple[i].pkey_nid;
305
306 return 1;
307 }
308
309 return 0;
310}
311LCRYPTO_ALIAS(OBJ_find_sigid_algs);
312
313int
314OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid)
315{
316 size_t i;
317
318 for (i = 0; i < N_NID_TRIPLES; i++) {
319 if (hash_nid != nid_triple[i].hash_nid)
320 continue;
321 if (pkey_nid != nid_triple[i].pkey_nid)
322 continue;
323
324 if (sign_nid != NULL)
325 *sign_nid = nid_triple[i].sign_nid;
326
327 return 1;
328 }
329
330 return 0;
331}
332LCRYPTO_ALIAS(OBJ_find_sigid_by_algs);
diff --git a/src/lib/libcrypto/objects/objects.README b/src/lib/libcrypto/objects/objects.README
deleted file mode 100644
index c49e93d679..0000000000
--- a/src/lib/libcrypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
1objects.txt syntax
2------------------
3
4To cover all the naming hacks that were previously in objects.h, we needed some
5kind of hacks in objects.txt.
6
7The basic syntax for adding an object is as follows:
8
9 1 2 3 4 : shortName : Long Name
10
11 If the long name doesn't contain spaces, or no short name
12 exists, the long name is used as basis for the base name
13 in C. Otherwise, the short name is used.
14
15 The base name (let's call it 'base') will then be used to
16 create the C macros SN_base, LN_base, NID_base and OBJ_base.
17
18 Note that if the base name contains spaces, dashes or periods,
19 those will be converted to underscore.
20
21Then there are some extra commands:
22
23 !Alias foo 1 2 3 4
24
25 This just makes a name foo for an OID. The C macro
26 OBJ_foo will be created as a result.
27
28 !Cname foo
29
30 This makes sure that the name foo will be used as base name
31 in C.
32
33 !module foo
34 1 2 3 4 : shortName : Long Name
35 !global
36
37 The !module command was meant to define a kind of modularity.
38 What it does is to make sure the module name is prepended
39 to the base name. !global turns this off. This construction
40 is not recursive.
41
42Lines starting with # are treated as comments, as well as any line starting
43with ! and not matching the commands above.
44
diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h
deleted file mode 100644
index 1a8490bd1a..0000000000
--- a/src/lib/libcrypto/objects/objects.h
+++ /dev/null
@@ -1,137 +0,0 @@
1/* $OpenBSD: objects.h,v 1.29 2024/03/02 09:51:36 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_OBJECTS_H
60#define HEADER_OBJECTS_H
61
62#include <openssl/obj_mac.h>
63
64#define SN_ED25519 SN_Ed25519
65#define NID_ED25519 NID_Ed25519
66#define OBJ_ED25519 OBJ_Ed25519
67
68#include <openssl/bio.h>
69#include <openssl/asn1.h>
70
71#define OBJ_NAME_TYPE_UNDEF 0x00
72#define OBJ_NAME_TYPE_MD_METH 0x01
73#define OBJ_NAME_TYPE_CIPHER_METH 0x02
74#define OBJ_NAME_TYPE_NUM 0x03
75
76#define OBJ_NAME_ALIAS 0x8000
77
78#ifdef __cplusplus
79extern "C" {
80#endif
81
82typedef struct obj_name_st {
83 int type;
84 int alias;
85 const char *name;
86 const void *data;
87} OBJ_NAME;
88
89void OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg),
90 void *arg);
91void OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
92 void *arg);
93
94ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
95ASN1_OBJECT * OBJ_nid2obj(int n);
96const char * OBJ_nid2ln(int n);
97const char * OBJ_nid2sn(int n);
98int OBJ_obj2nid(const ASN1_OBJECT *o);
99ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
100int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
101int OBJ_txt2nid(const char *s);
102int OBJ_ln2nid(const char *s);
103int OBJ_sn2nid(const char *s);
104int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
105
106int OBJ_new_nid(int num);
107int OBJ_create(const char *oid, const char *sn, const char *ln);
108void OBJ_cleanup(void);
109int OBJ_create_objects(BIO *in);
110
111size_t OBJ_length(const ASN1_OBJECT *obj);
112const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
113
114int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
115int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
116
117void ERR_load_OBJ_strings(void);
118
119/* Error codes for the OBJ functions. */
120
121/* Function codes. */
122#define OBJ_F_OBJ_ADD_OBJECT 105
123#define OBJ_F_OBJ_CREATE 100
124#define OBJ_F_OBJ_DUP 101
125#define OBJ_F_OBJ_NAME_NEW_INDEX 106
126#define OBJ_F_OBJ_NID2LN 102
127#define OBJ_F_OBJ_NID2OBJ 103
128#define OBJ_F_OBJ_NID2SN 104
129
130/* Reason codes. */
131#define OBJ_R_MALLOC_FAILURE 100
132#define OBJ_R_UNKNOWN_NID 101
133
134#ifdef __cplusplus
135}
136#endif
137#endif
diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl
deleted file mode 100644
index d2bf659d88..0000000000
--- a/src/lib/libcrypto/objects/objects.pl
+++ /dev/null
@@ -1,233 +0,0 @@
1#!/usr/local/bin/perl
2
3open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
4$max_nid=0;
5$o=0;
6while(<NUMIN>)
7 {
8 chop;
9 $o++;
10 s/#.*$//;
11 next if /^\s*$/;
12 $_ = 'X'.$_;
13 ($Cname,$mynum) = split;
14 $Cname =~ s/^X//;
15 if (defined($nidn{$mynum}))
16 { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
17 if (defined($nid{$Cname}))
18 { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
19 $nid{$Cname} = $mynum;
20 $nidn{$mynum} = $Cname;
21 $order{$mynum} = $o;
22 $max_nid = $mynum if $mynum > $max_nid;
23 }
24close NUMIN;
25
26open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
27$Cname="";
28$o=0;
29while (<IN>)
30 {
31 chop;
32 $o++;
33 if (/^!module\s+(.*)$/)
34 {
35 $module = $1."-";
36 $module =~ s/\./_/g;
37 $module =~ s/-/_/g;
38 }
39 if (/^!global$/)
40 { $module = ""; }
41 if (/^!Cname\s+(.*)$/)
42 { $Cname = $1; }
43 if (/^!Alias\s+(.+?)\s+(.*)$/)
44 {
45 $Cname = $module.$1;
46 $myoid = $2;
47 $myoid = &process_oid($myoid);
48 $Cname =~ s/-/_/g;
49 $ordern{$o} = $Cname;
50 $order{$Cname} = $o;
51 $obj{$Cname} = $myoid;
52 $_ = "";
53 $Cname = "";
54 }
55 s/!.*$//;
56 s/#.*$//;
57 next if /^\s*$/;
58 ($myoid,$mysn,$myln) = split ':';
59 $mysn =~ s/^\s*//;
60 $mysn =~ s/\s*$//;
61 $myln =~ s/^\s*//;
62 $myln =~ s/\s*$//;
63 $myoid =~ s/^\s*//;
64 $myoid =~ s/\s*$//;
65 if ($myoid ne "")
66 {
67 $myoid = &process_oid($myoid);
68 }
69
70 if ($Cname eq "" && !($myln =~ / /))
71 {
72 $Cname = $myln;
73 $Cname =~ s/\./_/g;
74 $Cname =~ s/-/_/g;
75 if ($Cname ne "" && defined($ln{$module.$Cname}))
76 { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
77 }
78 if ($Cname eq "")
79 {
80 $Cname = $mysn;
81 $Cname =~ s/-/_/g;
82 if ($Cname ne "" && defined($sn{$module.$Cname}))
83 { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
84 }
85 if ($Cname eq "")
86 {
87 $Cname = $myln;
88 $Cname =~ s/-/_/g;
89 $Cname =~ s/\./_/g;
90 $Cname =~ s/ /_/g;
91 if ($Cname ne "" && defined($ln{$module.$Cname}))
92 { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
93 }
94 $Cname =~ s/\./_/g;
95 $Cname =~ s/-/_/g;
96 $Cname = $module.$Cname;
97 $ordern{$o} = $Cname;
98 $order{$Cname} = $o;
99 $sn{$Cname} = $mysn;
100 $ln{$Cname} = $myln;
101 $obj{$Cname} = $myoid;
102 if (!defined($nid{$Cname}))
103 {
104 $max_nid++;
105 $nid{$Cname} = $max_nid;
106 $nidn{$max_nid} = $Cname;
107print STDERR "Added OID $Cname\n";
108 }
109 $Cname="";
110 }
111close IN;
112
113#XXX don't modify input files
114#open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
115#foreach (sort { $a <=> $b } keys %nidn)
116# {
117# print NUMOUT $nidn{$_},"\t\t",$_,"\n";
118# }
119#close NUMOUT;
120
121open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
122print OUT <<'EOF';
123/* crypto/objects/obj_mac.h */
124
125/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
126 * following command:
127 * perl objects.pl objects.txt obj_mac.num obj_mac.h
128 */
129
130/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
131 * All rights reserved.
132 *
133 * This package is an SSL implementation written
134 * by Eric Young (eay@cryptsoft.com).
135 * The implementation was written so as to conform with Netscapes SSL.
136 *
137 * This library is free for commercial and non-commercial use as long as
138 * the following conditions are aheared to. The following conditions
139 * apply to all code found in this distribution, be it the RC4, RSA,
140 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
141 * included with this distribution is covered by the same copyright terms
142 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
143 *
144 * Copyright remains Eric Young's, and as such any Copyright notices in
145 * the code are not to be removed.
146 * If this package is used in a product, Eric Young should be given attribution
147 * as the author of the parts of the library used.
148 * This can be in the form of a textual message at program startup or
149 * in documentation (online or textual) provided with the package.
150 *
151 * Redistribution and use in source and binary forms, with or without
152 * modification, are permitted provided that the following conditions
153 * are met:
154 * 1. Redistributions of source code must retain the copyright
155 * notice, this list of conditions and the following disclaimer.
156 * 2. Redistributions in binary form must reproduce the above copyright
157 * notice, this list of conditions and the following disclaimer in the
158 * documentation and/or other materials provided with the distribution.
159 * 3. All advertising materials mentioning features or use of this software
160 * must display the following acknowledgement:
161 * "This product includes cryptographic software written by
162 * Eric Young (eay@cryptsoft.com)"
163 * The word 'cryptographic' can be left out if the rouines from the library
164 * being used are not cryptographic related :-).
165 * 4. If you include any Windows specific code (or a derivative thereof) from
166 * the apps directory (application code) you must include an acknowledgement:
167 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
168 *
169 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
170 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
171 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
172 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
173 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
174 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
175 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
176 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
177 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
178 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
179 * SUCH DAMAGE.
180 *
181 * The licence and distribution terms for any publically available version or
182 * derivative of this code cannot be changed. i.e. this code cannot simply be
183 * copied and put under another distribution licence
184 * [including the GNU Public Licence.]
185 */
186
187#define SN_undef "UNDEF"
188#define LN_undef "undefined"
189#define NID_undef 0
190#define OBJ_undef 0L
191
192EOF
193
194foreach (sort { $a <=> $b } keys %ordern)
195 {
196 $Cname=$ordern{$_};
197 print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
198 print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
199 print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
200 print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
201 print OUT "\n";
202 }
203
204close OUT;
205
206sub process_oid
207 {
208 local($oid)=@_;
209 local(@a,$oid_pref);
210
211 @a = split(/\s+/,$myoid);
212 $pref_oid = "";
213 $pref_sep = "";
214 if (!($a[0] =~ /^[0-9]+$/))
215 {
216 $a[0] =~ s/-/_/g;
217 if (!defined($obj{$a[0]}))
218 { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
219 $pref_oid = "OBJ_" . $a[0];
220 $pref_sep = ",";
221 shift @a;
222 }
223 $oids = join('L,',@a) . "L";
224 if ($oids ne "L")
225 {
226 $oids = $pref_oid . $pref_sep . $oids;
227 }
228 else
229 {
230 $oids = $pref_oid;
231 }
232 return($oids);
233 }
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt
deleted file mode 100644
index 4d5a52efcf..0000000000
--- a/src/lib/libcrypto/objects/objects.txt
+++ /dev/null
@@ -1,1479 +0,0 @@
1# CCITT was renamed to ITU-T quite some time ago
20 : ITU-T : itu-t
3!Alias ccitt itu-t
4
51 : ISO : iso
6
72 : JOINT-ISO-ITU-T : joint-iso-itu-t
8!Alias joint-iso-ccitt joint-iso-itu-t
9
10iso 2 : member-body : ISO Member Body
11
12iso 3 : identified-organization
13
14# HMAC OIDs
15identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5
16identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1
17
18identified-organization 132 : certicom-arc
19
20joint-iso-itu-t 23 : international-organizations : International Organizations
21
22international-organizations 43 : wap
23wap 1 : wap-wsg
24
25joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types
26
27selected-attribute-types 55 : clearance
28
29member-body 840 : ISO-US : ISO US Member Body
30ISO-US 10040 : X9-57 : X9.57
31X9-57 4 : X9cm : X9.57 CM ?
32
33!Cname dsa
34X9cm 1 : DSA : dsaEncryption
35X9cm 3 : DSA-SHA1 : dsaWithSHA1
36
37
38ISO-US 10045 : ansi-X9-62 : ANSI X9.62
39!module X9-62
40!Alias id-fieldType ansi-X9-62 1
41X9-62_id-fieldType 1 : prime-field
42X9-62_id-fieldType 2 : characteristic-two-field
43X9-62_characteristic-two-field 3 : id-characteristic-two-basis
44X9-62_id-characteristic-two-basis 1 : onBasis
45X9-62_id-characteristic-two-basis 2 : tpBasis
46X9-62_id-characteristic-two-basis 3 : ppBasis
47!Alias id-publicKeyType ansi-X9-62 2
48X9-62_id-publicKeyType 1 : id-ecPublicKey
49!Alias ellipticCurve ansi-X9-62 3
50!Alias c-TwoCurve X9-62_ellipticCurve 0
51X9-62_c-TwoCurve 1 : c2pnb163v1
52X9-62_c-TwoCurve 2 : c2pnb163v2
53X9-62_c-TwoCurve 3 : c2pnb163v3
54X9-62_c-TwoCurve 4 : c2pnb176v1
55X9-62_c-TwoCurve 5 : c2tnb191v1
56X9-62_c-TwoCurve 6 : c2tnb191v2
57X9-62_c-TwoCurve 7 : c2tnb191v3
58X9-62_c-TwoCurve 8 : c2onb191v4
59X9-62_c-TwoCurve 9 : c2onb191v5
60X9-62_c-TwoCurve 10 : c2pnb208w1
61X9-62_c-TwoCurve 11 : c2tnb239v1
62X9-62_c-TwoCurve 12 : c2tnb239v2
63X9-62_c-TwoCurve 13 : c2tnb239v3
64X9-62_c-TwoCurve 14 : c2onb239v4
65X9-62_c-TwoCurve 15 : c2onb239v5
66X9-62_c-TwoCurve 16 : c2pnb272w1
67X9-62_c-TwoCurve 17 : c2pnb304w1
68X9-62_c-TwoCurve 18 : c2tnb359v1
69X9-62_c-TwoCurve 19 : c2pnb368w1
70X9-62_c-TwoCurve 20 : c2tnb431r1
71!Alias primeCurve X9-62_ellipticCurve 1
72X9-62_primeCurve 1 : prime192v1
73X9-62_primeCurve 2 : prime192v2
74X9-62_primeCurve 3 : prime192v3
75X9-62_primeCurve 4 : prime239v1
76X9-62_primeCurve 5 : prime239v2
77X9-62_primeCurve 6 : prime239v3
78X9-62_primeCurve 7 : prime256v1
79!Alias id-ecSigType ansi-X9-62 4
80!global
81X9-62_id-ecSigType 1 : ecdsa-with-SHA1
82X9-62_id-ecSigType 2 : ecdsa-with-Recommended
83X9-62_id-ecSigType 3 : ecdsa-with-Specified
84ecdsa-with-Specified 1 : ecdsa-with-SHA224
85ecdsa-with-Specified 2 : ecdsa-with-SHA256
86ecdsa-with-Specified 3 : ecdsa-with-SHA384
87ecdsa-with-Specified 4 : ecdsa-with-SHA512
88
89# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
90# (http://www.secg.org/)
91!Alias secg_ellipticCurve certicom-arc 0
92# SECG prime curves OIDs
93secg-ellipticCurve 6 : secp112r1
94secg-ellipticCurve 7 : secp112r2
95secg-ellipticCurve 28 : secp128r1
96secg-ellipticCurve 29 : secp128r2
97secg-ellipticCurve 9 : secp160k1
98secg-ellipticCurve 8 : secp160r1
99secg-ellipticCurve 30 : secp160r2
100secg-ellipticCurve 31 : secp192k1
101# NOTE: the curve secp192r1 is the same as prime192v1 defined above
102# and is therefore omitted
103secg-ellipticCurve 32 : secp224k1
104secg-ellipticCurve 33 : secp224r1
105secg-ellipticCurve 10 : secp256k1
106# NOTE: the curve secp256r1 is the same as prime256v1 defined above
107# and is therefore omitted
108secg-ellipticCurve 34 : secp384r1
109secg-ellipticCurve 35 : secp521r1
110# SECG characteristic two curves OIDs
111secg-ellipticCurve 4 : sect113r1
112secg-ellipticCurve 5 : sect113r2
113secg-ellipticCurve 22 : sect131r1
114secg-ellipticCurve 23 : sect131r2
115secg-ellipticCurve 1 : sect163k1
116secg-ellipticCurve 2 : sect163r1
117secg-ellipticCurve 15 : sect163r2
118secg-ellipticCurve 24 : sect193r1
119secg-ellipticCurve 25 : sect193r2
120secg-ellipticCurve 26 : sect233k1
121secg-ellipticCurve 27 : sect233r1
122secg-ellipticCurve 3 : sect239k1
123secg-ellipticCurve 16 : sect283k1
124secg-ellipticCurve 17 : sect283r1
125secg-ellipticCurve 36 : sect409k1
126secg-ellipticCurve 37 : sect409r1
127secg-ellipticCurve 38 : sect571k1
128secg-ellipticCurve 39 : sect571r1
129
130# WAP/TLS curve OIDs (http://www.wapforum.org/)
131!Alias wap-wsg-idm-ecid wap-wsg 4
132wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1
133wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3
134wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4
135wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5
136wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6
137wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7
138wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8
139wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9
140wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10
141wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11
142wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12
143
144
145ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
146 : CAST5-ECB : cast5-ecb
147!Cname cast5-cfb64
148 : CAST5-CFB : cast5-cfb
149!Cname cast5-ofb64
150 : CAST5-OFB : cast5-ofb
151!Cname pbeWithMD5AndCast5-CBC
152ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
153
154# Macs for CMP and CRMF
155ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC
156ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC
157
158ISO-US 113549 : rsadsi : RSA Data Security, Inc.
159
160rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
161
162pkcs 1 : pkcs1
163pkcs1 1 : : rsaEncryption
164pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
165pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
166pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
167pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
168# According to PKCS #1 version 2.1
169pkcs1 7 : RSAES-OAEP : rsaesOaep
170pkcs1 8 : MGF1 : mgf1
171pkcs1 9 : PSPECIFIED : pSpecified
172pkcs1 10 : RSASSA-PSS : rsassaPss
173
174pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
175pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
176pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
177pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
178pkcs1 15 : RSA-SHA512/224 : sha512-224WithRSAEncryption
179pkcs1 16 : RSA-SHA512/256 : sha512-256WithRSAEncryption
180
181pkcs 3 : pkcs3
182pkcs3 1 : : dhKeyAgreement
183
184pkcs 5 : pkcs5
185pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
186pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
187pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
188pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
189pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
190pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
191!Cname id_pbkdf2
192pkcs5 12 : : PBKDF2
193!Cname pbes2
194pkcs5 13 : : PBES2
195!Cname pbmac1
196pkcs5 14 : : PBMAC1
197
198pkcs 7 : pkcs7
199pkcs7 1 : : pkcs7-data
200!Cname pkcs7-signed
201pkcs7 2 : : pkcs7-signedData
202!Cname pkcs7-enveloped
203pkcs7 3 : : pkcs7-envelopedData
204!Cname pkcs7-signedAndEnveloped
205pkcs7 4 : : pkcs7-signedAndEnvelopedData
206!Cname pkcs7-digest
207pkcs7 5 : : pkcs7-digestData
208!Cname pkcs7-encrypted
209pkcs7 6 : : pkcs7-encryptedData
210
211pkcs 9 : pkcs9
212!module pkcs9
213pkcs9 1 : : emailAddress
214pkcs9 2 : : unstructuredName
215pkcs9 3 : : contentType
216pkcs9 4 : : messageDigest
217pkcs9 5 : : signingTime
218pkcs9 6 : : countersignature
219pkcs9 7 : : challengePassword
220pkcs9 8 : : unstructuredAddress
221!Cname extCertAttributes
222pkcs9 9 : : extendedCertificateAttributes
223!global
224
225!Cname ext-req
226pkcs9 14 : extReq : Extension Request
227
228!Cname SMIMECapabilities
229pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
230
231# S/MIME
232!Cname SMIME
233pkcs9 16 : SMIME : S/MIME
234SMIME 0 : id-smime-mod
235SMIME 1 : id-smime-ct
236SMIME 2 : id-smime-aa
237SMIME 3 : id-smime-alg
238SMIME 4 : id-smime-cd
239SMIME 5 : id-smime-spq
240SMIME 6 : id-smime-cti
241
242# S/MIME Modules
243id-smime-mod 1 : id-smime-mod-cms
244id-smime-mod 2 : id-smime-mod-ess
245id-smime-mod 3 : id-smime-mod-oid
246id-smime-mod 4 : id-smime-mod-msg-v3
247id-smime-mod 5 : id-smime-mod-ets-eSignature-88
248id-smime-mod 6 : id-smime-mod-ets-eSignature-97
249id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
250id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
251
252# S/MIME Content Types
253id-smime-ct 1 : id-smime-ct-receipt
254id-smime-ct 2 : id-smime-ct-authData
255id-smime-ct 3 : id-smime-ct-publishCert
256id-smime-ct 4 : id-smime-ct-TSTInfo
257id-smime-ct 5 : id-smime-ct-TDTInfo
258id-smime-ct 6 : id-smime-ct-contentInfo
259id-smime-ct 7 : id-smime-ct-DVCSRequestData
260id-smime-ct 8 : id-smime-ct-DVCSResponseData
261id-smime-ct 9 : id-smime-ct-compressedData
262id-smime-ct 24 : id-ct-routeOriginAuthz
263id-smime-ct 26 : id-ct-rpkiManifest
264id-smime-ct 27 : id-ct-asciiTextWithCRLF
265id-smime-ct 35 : id-ct-rpkiGhostbusters
266id-smime-ct 36 : id-ct-resourceTaggedAttest
267id-smime-ct 47 : id-ct-geofeedCSVwithCRLF
268id-smime-ct 48 : id-ct-signedChecklist
269id-smime-ct 49 : id-ct-ASPA
270id-smime-ct 50 : id-ct-signedTAL
271id-smime-ct 51 : id-ct-rpkiSignedPrefixList
272
273# S/MIME Attributes
274id-smime-aa 1 : id-smime-aa-receiptRequest
275id-smime-aa 2 : id-smime-aa-securityLabel
276id-smime-aa 3 : id-smime-aa-mlExpandHistory
277id-smime-aa 4 : id-smime-aa-contentHint
278id-smime-aa 5 : id-smime-aa-msgSigDigest
279# obsolete
280id-smime-aa 6 : id-smime-aa-encapContentType
281id-smime-aa 7 : id-smime-aa-contentIdentifier
282# obsolete
283id-smime-aa 8 : id-smime-aa-macValue
284id-smime-aa 9 : id-smime-aa-equivalentLabels
285id-smime-aa 10 : id-smime-aa-contentReference
286id-smime-aa 11 : id-smime-aa-encrypKeyPref
287id-smime-aa 12 : id-smime-aa-signingCertificate
288id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
289id-smime-aa 14 : id-smime-aa-timeStampToken
290id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
291id-smime-aa 16 : id-smime-aa-ets-commitmentType
292id-smime-aa 17 : id-smime-aa-ets-signerLocation
293id-smime-aa 18 : id-smime-aa-ets-signerAttr
294id-smime-aa 19 : id-smime-aa-ets-otherSigCert
295id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
296id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
297id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
298id-smime-aa 23 : id-smime-aa-ets-certValues
299id-smime-aa 24 : id-smime-aa-ets-revocationValues
300id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
301id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
302id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
303id-smime-aa 28 : id-smime-aa-signatureType
304id-smime-aa 29 : id-smime-aa-dvcs-dvc
305id-smime-aa 47 : id-smime-aa-signingCertificateV2
306
307# S/MIME Algorithm Identifiers
308# obsolete
309id-smime-alg 1 : id-smime-alg-ESDHwith3DES
310# obsolete
311id-smime-alg 2 : id-smime-alg-ESDHwithRC2
312# obsolete
313id-smime-alg 3 : id-smime-alg-3DESwrap
314# obsolete
315id-smime-alg 4 : id-smime-alg-RC2wrap
316id-smime-alg 5 : id-smime-alg-ESDH
317id-smime-alg 6 : id-smime-alg-CMS3DESwrap
318id-smime-alg 7 : id-smime-alg-CMSRC2wrap
319id-smime-alg 9 : id-alg-PWRI-KEK
320
321# S/MIME Certificate Distribution
322id-smime-cd 1 : id-smime-cd-ldap
323
324# S/MIME Signature Policy Qualifier
325id-smime-spq 1 : id-smime-spq-ets-sqt-uri
326id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
327
328# S/MIME Commitment Type Identifier
329id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
330id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
331id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
332id-smime-cti 4 : id-smime-cti-ets-proofOfSender
333id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
334id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
335
336pkcs9 20 : : friendlyName
337pkcs9 21 : : localKeyID
338!Cname ms-csp-name
3391 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name
3401 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set
341!Alias certTypes pkcs9 22
342certTypes 1 : : x509Certificate
343certTypes 2 : : sdsiCertificate
344!Alias crlTypes pkcs9 23
345crlTypes 1 : : x509Crl
346
347!Alias pkcs12 pkcs 12
348!Alias pkcs12-pbeids pkcs12 1
349
350!Cname pbe-WithSHA1And128BitRC4
351pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
352!Cname pbe-WithSHA1And40BitRC4
353pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
354!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
355pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
356!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
357pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
358!Cname pbe-WithSHA1And128BitRC2-CBC
359pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
360!Cname pbe-WithSHA1And40BitRC2-CBC
361pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
362
363!Alias pkcs12-Version1 pkcs12 10
364!Alias pkcs12-BagIds pkcs12-Version1 1
365pkcs12-BagIds 1 : : keyBag
366pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
367pkcs12-BagIds 3 : : certBag
368pkcs12-BagIds 4 : : crlBag
369pkcs12-BagIds 5 : : secretBag
370pkcs12-BagIds 6 : : safeContentsBag
371
372rsadsi 2 2 : MD2 : md2
373rsadsi 2 4 : MD4 : md4
374rsadsi 2 5 : MD5 : md5
375 : MD5-SHA1 : md5-sha1
376rsadsi 2 6 : : hmacWithMD5
377rsadsi 2 7 : : hmacWithSHA1
378
379# From RFC4231
380rsadsi 2 8 : : hmacWithSHA224
381rsadsi 2 9 : : hmacWithSHA256
382rsadsi 2 10 : : hmacWithSHA384
383rsadsi 2 11 : : hmacWithSHA512
384
385rsadsi 2 12 : : hmacWithSHA512-224
386rsadsi 2 13 : : hmacWithSHA512-256
387
388rsadsi 3 2 : RC2-CBC : rc2-cbc
389 : RC2-ECB : rc2-ecb
390!Cname rc2-cfb64
391 : RC2-CFB : rc2-cfb
392!Cname rc2-ofb64
393 : RC2-OFB : rc2-ofb
394 : RC2-40-CBC : rc2-40-cbc
395 : RC2-64-CBC : rc2-64-cbc
396rsadsi 3 4 : RC4 : rc4
397 : RC4-40 : rc4-40
398rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
399rsadsi 3 8 : RC5-CBC : rc5-cbc
400 : RC5-ECB : rc5-ecb
401!Cname rc5-cfb64
402 : RC5-CFB : rc5-cfb
403!Cname rc5-ofb64
404 : RC5-OFB : rc5-ofb
405
406!Cname ms-ext-req
4071 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
408!Cname ms-code-ind
4091 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
410!Cname ms-code-com
4111 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
412!Cname ms-ctl-sign
4131 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
414!Cname ms-sgc
4151 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
416!Cname ms-efs
4171 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
418!Cname ms-smartcard-login
4191 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin
420!Cname ms-upn
4211 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name
422
4231 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
424 : IDEA-ECB : idea-ecb
425!Cname idea-cfb64
426 : IDEA-CFB : idea-cfb
427!Cname idea-ofb64
428 : IDEA-OFB : idea-ofb
429
4301 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
431 : BF-ECB : bf-ecb
432!Cname bf-cfb64
433 : BF-CFB : bf-cfb
434!Cname bf-ofb64
435 : BF-OFB : bf-ofb
436
437!Cname id-pkix
4381 3 6 1 5 5 7 : PKIX
439
440# PKIX Arcs
441id-pkix 0 : id-pkix-mod
442id-pkix 1 : id-pe
443id-pkix 2 : id-qt
444id-pkix 3 : id-kp
445id-pkix 4 : id-it
446id-pkix 5 : id-pkip
447id-pkix 6 : id-alg
448id-pkix 7 : id-cmc
449id-pkix 8 : id-on
450id-pkix 9 : id-pda
451id-pkix 10 : id-aca
452id-pkix 11 : id-qcs
453id-pkix 12 : id-cct
454id-pkix 14 : id-cp
455id-pkix 21 : id-ppl
456id-pkix 48 : id-ad
457
458# PKIX Modules
459id-pkix-mod 1 : id-pkix1-explicit-88
460id-pkix-mod 2 : id-pkix1-implicit-88
461id-pkix-mod 3 : id-pkix1-explicit-93
462id-pkix-mod 4 : id-pkix1-implicit-93
463id-pkix-mod 5 : id-mod-crmf
464id-pkix-mod 6 : id-mod-cmc
465id-pkix-mod 7 : id-mod-kea-profile-88
466id-pkix-mod 8 : id-mod-kea-profile-93
467id-pkix-mod 9 : id-mod-cmp
468id-pkix-mod 10 : id-mod-qualified-cert-88
469id-pkix-mod 11 : id-mod-qualified-cert-93
470id-pkix-mod 12 : id-mod-attribute-cert
471id-pkix-mod 13 : id-mod-timestamp-protocol
472id-pkix-mod 14 : id-mod-ocsp
473id-pkix-mod 15 : id-mod-dvcs
474id-pkix-mod 16 : id-mod-cmp2000
475
476# PKIX Private Extensions
477!Cname info-access
478id-pe 1 : authorityInfoAccess : Authority Information Access
479id-pe 2 : biometricInfo : Biometric Info
480id-pe 3 : qcStatements
481id-pe 4 : ac-auditEntity
482id-pe 5 : ac-targeting
483id-pe 6 : aaControls
484id-pe 7 : sbgp-ipAddrBlock
485id-pe 8 : sbgp-autonomousSysNum
486id-pe 9 : sbgp-routerIdentifier
487id-pe 10 : ac-proxying
488!Cname sinfo-access
489id-pe 11 : subjectInfoAccess : Subject Information Access
490id-pe 14 : proxyCertInfo : Proxy Certificate Information
491id-pe 24 : tlsfeature : TLS Feature
492id-pe 28 : sbgp-ipAddrBlockv2
493id-pe 29 : sbgp-autonomousSysNumv2
494id-pe 31 : acmeIdentifier : ACME Identifier
495
496# PKIX policyQualifiers for Internet policy qualifiers
497id-qt 1 : id-qt-cps : Policy Qualifier CPS
498id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
499id-qt 3 : textNotice
500
501# PKIX key purpose identifiers
502!Cname server-auth
503id-kp 1 : serverAuth : TLS Web Server Authentication
504!Cname client-auth
505id-kp 2 : clientAuth : TLS Web Client Authentication
506!Cname code-sign
507id-kp 3 : codeSigning : Code Signing
508!Cname email-protect
509id-kp 4 : emailProtection : E-mail Protection
510id-kp 5 : ipsecEndSystem : IPSec End System
511id-kp 6 : ipsecTunnel : IPSec Tunnel
512id-kp 7 : ipsecUser : IPSec User
513!Cname time-stamp
514id-kp 8 : timeStamping : Time Stamping
515# From OCSP spec RFC2560
516!Cname OCSP-sign
517id-kp 9 : OCSPSigning : OCSP Signing
518id-kp 10 : DVCS : dvcs
519id-kp 30 : id-kp-bgpsec-router : BGPsec Router
520
521# CMP information types
522id-it 1 : id-it-caProtEncCert
523id-it 2 : id-it-signKeyPairTypes
524id-it 3 : id-it-encKeyPairTypes
525id-it 4 : id-it-preferredSymmAlg
526id-it 5 : id-it-caKeyUpdateInfo
527id-it 6 : id-it-currentCRL
528id-it 7 : id-it-unsupportedOIDs
529# obsolete
530id-it 8 : id-it-subscriptionRequest
531# obsolete
532id-it 9 : id-it-subscriptionResponse
533id-it 10 : id-it-keyPairParamReq
534id-it 11 : id-it-keyPairParamRep
535id-it 12 : id-it-revPassphrase
536id-it 13 : id-it-implicitConfirm
537id-it 14 : id-it-confirmWaitTime
538id-it 15 : id-it-origPKIMessage
539id-it 16 : id-it-suppLangTags
540
541# CRMF registration
542id-pkip 1 : id-regCtrl
543id-pkip 2 : id-regInfo
544
545# CRMF registration controls
546id-regCtrl 1 : id-regCtrl-regToken
547id-regCtrl 2 : id-regCtrl-authenticator
548id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
549id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
550id-regCtrl 5 : id-regCtrl-oldCertID
551id-regCtrl 6 : id-regCtrl-protocolEncrKey
552
553# CRMF registration information
554id-regInfo 1 : id-regInfo-utf8Pairs
555id-regInfo 2 : id-regInfo-certReq
556
557# algorithms
558id-alg 1 : id-alg-des40
559id-alg 2 : id-alg-noSignature
560id-alg 3 : id-alg-dh-sig-hmac-sha1
561id-alg 4 : id-alg-dh-pop
562
563# CMC controls
564id-cmc 1 : id-cmc-statusInfo
565id-cmc 2 : id-cmc-identification
566id-cmc 3 : id-cmc-identityProof
567id-cmc 4 : id-cmc-dataReturn
568id-cmc 5 : id-cmc-transactionId
569id-cmc 6 : id-cmc-senderNonce
570id-cmc 7 : id-cmc-recipientNonce
571id-cmc 8 : id-cmc-addExtensions
572id-cmc 9 : id-cmc-encryptedPOP
573id-cmc 10 : id-cmc-decryptedPOP
574id-cmc 11 : id-cmc-lraPOPWitness
575id-cmc 15 : id-cmc-getCert
576id-cmc 16 : id-cmc-getCRL
577id-cmc 17 : id-cmc-revokeRequest
578id-cmc 18 : id-cmc-regInfo
579id-cmc 19 : id-cmc-responseInfo
580id-cmc 21 : id-cmc-queryPending
581id-cmc 22 : id-cmc-popLinkRandom
582id-cmc 23 : id-cmc-popLinkWitness
583id-cmc 24 : id-cmc-confirmCertAcceptance
584
585# other names
586id-on 1 : id-on-personalData
587id-on 3 : id-on-permanentIdentifier : Permanent Identifier
588
589# personal data attributes
590id-pda 1 : id-pda-dateOfBirth
591id-pda 2 : id-pda-placeOfBirth
592id-pda 3 : id-pda-gender
593id-pda 4 : id-pda-countryOfCitizenship
594id-pda 5 : id-pda-countryOfResidence
595
596# attribute certificate attributes
597id-aca 1 : id-aca-authenticationInfo
598id-aca 2 : id-aca-accessIdentity
599id-aca 3 : id-aca-chargingIdentity
600id-aca 4 : id-aca-group
601# attention : the following seems to be obsolete, replace by 'role'
602id-aca 5 : id-aca-role
603id-aca 6 : id-aca-encAttrs
604
605# qualified certificate statements
606id-qcs 1 : id-qcs-pkixQCSyntax-v1
607
608# CMC content types
609id-cct 1 : id-cct-crs
610id-cct 2 : id-cct-PKIData
611id-cct 3 : id-cct-PKIResponse
612
613# PKIX Certificate Policies
614id-cp 2 : ipAddr-asNumber
615id-cp 3 : ipAddr-asNumberv2
616
617# Predefined Proxy Certificate policy languages
618id-ppl 0 : id-ppl-anyLanguage : Any language
619id-ppl 1 : id-ppl-inheritAll : Inherit all
620id-ppl 2 : id-ppl-independent : Independent
621
622# access descriptors for authority info access extension
623!Cname ad-OCSP
624id-ad 1 : OCSP : OCSP
625!Cname ad-ca-issuers
626id-ad 2 : caIssuers : CA Issuers
627!Cname ad-timeStamping
628id-ad 3 : ad_timestamping : AD Time Stamping
629!Cname ad-dvcs
630id-ad 4 : AD_DVCS : ad dvcs
631id-ad 5 : caRepository : CA Repository
632id-ad 10 : rpkiManifest : RPKI Manifest
633id-ad 11 : signedObject : Signed Object
634id-ad 13 : rpkiNotify : RPKI Notify
635
636!Alias id-pkix-OCSP ad-OCSP
637!module id-pkix-OCSP
638!Cname basic
639id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
640id-pkix-OCSP 2 : Nonce : OCSP Nonce
641id-pkix-OCSP 3 : CrlID : OCSP CRL ID
642id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
643id-pkix-OCSP 5 : noCheck : OCSP No Check
644id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
645id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
646id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
647id-pkix-OCSP 9 : valid
648id-pkix-OCSP 10 : path
649id-pkix-OCSP 11 : trustRoot : Trust Root
650!global
651
6521 3 14 3 2 : algorithm : algorithm
653algorithm 3 : RSA-NP-MD5 : md5WithRSA
654algorithm 6 : DES-ECB : des-ecb
655algorithm 7 : DES-CBC : des-cbc
656!Cname des-ofb64
657algorithm 8 : DES-OFB : des-ofb
658!Cname des-cfb64
659algorithm 9 : DES-CFB : des-cfb
660algorithm 11 : rsaSignature
661!Cname dsa-2
662algorithm 12 : DSA-old : dsaEncryption-old
663algorithm 13 : DSA-SHA : dsaWithSHA
664algorithm 15 : RSA-SHA : shaWithRSAEncryption
665!Cname des-ede-ecb
666algorithm 17 : DES-EDE : des-ede
667!Cname des-ede3-ecb
668 : DES-EDE3 : des-ede3
669 : DES-EDE-CBC : des-ede-cbc
670!Cname des-ede-cfb64
671 : DES-EDE-CFB : des-ede-cfb
672!Cname des-ede3-cfb64
673 : DES-EDE3-CFB : des-ede3-cfb
674!Cname des-ede-ofb64
675 : DES-EDE-OFB : des-ede-ofb
676!Cname des-ede3-ofb64
677 : DES-EDE3-OFB : des-ede3-ofb
678 : DESX-CBC : desx-cbc
679algorithm 18 : SHA : sha
680algorithm 26 : SHA1 : sha1
681!Cname dsaWithSHA1-2
682algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
683algorithm 29 : RSA-SHA1-2 : sha1WithRSA
684
6851 3 36 3 2 1 : RIPEMD160 : ripemd160
6861 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
687
688!Cname sxnet
6891 3 101 1 4 1 : SXNetID : Strong Extranet ID
690
6912 5 : X500 : directory services (X.500)
692
693X500 4 : X509
694X509 3 : CN : commonName
695X509 4 : SN : surname
696X509 5 : : serialNumber
697X509 6 : C : countryName
698X509 7 : L : localityName
699X509 8 : ST : stateOrProvinceName
700X509 9 : street : streetAddress
701X509 10 : O : organizationName
702X509 11 : OU : organizationalUnitName
703X509 12 : title : title
704X509 13 : : description
705X509 14 : : searchGuide
706X509 15 : : businessCategory
707X509 16 : : postalAddress
708X509 17 : : postalCode
709X509 18 : : postOfficeBox
710X509 19 : : physicalDeliveryOfficeName
711X509 20 : : telephoneNumber
712X509 21 : : telexNumber
713X509 22 : : teletexTerminalIdentifier
714X509 23 : : facsimileTelephoneNumber
715X509 24 : : x121Address
716X509 25 : : internationaliSDNNumber
717X509 26 : : registeredAddress
718X509 27 : : destinationIndicator
719X509 28 : : preferredDeliveryMethod
720X509 29 : : presentationAddress
721X509 30 : : supportedApplicationContext
722X509 31 : member :
723X509 32 : owner :
724X509 33 : : roleOccupant
725X509 34 : seeAlso :
726X509 35 : : userPassword
727X509 36 : : userCertificate
728X509 37 : : cACertificate
729X509 38 : : authorityRevocationList
730X509 39 : : certificateRevocationList
731X509 40 : : crossCertificatePair
732X509 41 : name : name
733X509 42 : GN : givenName
734X509 43 : initials : initials
735X509 44 : : generationQualifier
736X509 45 : : x500UniqueIdentifier
737X509 46 : dnQualifier : dnQualifier
738X509 47 : : enhancedSearchGuide
739X509 48 : : protocolInformation
740X509 49 : : distinguishedName
741X509 50 : : uniqueMember
742X509 51 : : houseIdentifier
743X509 52 : : supportedAlgorithms
744X509 53 : : deltaRevocationList
745X509 54 : dmdName :
746X509 65 : : pseudonym
747X509 72 : role : role
748
749X500 8 : X500algorithms : directory services - algorithms
750X500algorithms 1 1 : RSA : rsa
751X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
752X500algorithms 3 101 : MDC2 : mdc2
753
754X500 29 : id-ce
755!Cname subject-directory-attributes
756id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes
757!Cname subject-key-identifier
758id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
759!Cname key-usage
760id-ce 15 : keyUsage : X509v3 Key Usage
761!Cname private-key-usage-period
762id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
763!Cname subject-alt-name
764id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
765!Cname issuer-alt-name
766id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
767!Cname basic-constraints
768id-ce 19 : basicConstraints : X509v3 Basic Constraints
769!Cname crl-number
770id-ce 20 : crlNumber : X509v3 CRL Number
771!Cname crl-reason
772id-ce 21 : CRLReason : X509v3 CRL Reason Code
773!Cname invalidity-date
774id-ce 24 : invalidityDate : Invalidity Date
775!Cname delta-crl
776id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
777!Cname issuing-distribution-point
778id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distribution Point
779!Cname certificate-issuer
780id-ce 29 : certificateIssuer : X509v3 Certificate Issuer
781!Cname name-constraints
782id-ce 30 : nameConstraints : X509v3 Name Constraints
783!Cname crl-distribution-points
784id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
785!Cname certificate-policies
786id-ce 32 : certificatePolicies : X509v3 Certificate Policies
787!Cname any-policy
788certificate-policies 0 : anyPolicy : X509v3 Any Policy
789!Cname policy-mappings
790id-ce 33 : policyMappings : X509v3 Policy Mappings
791!Cname authority-key-identifier
792id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
793!Cname policy-constraints
794id-ce 36 : policyConstraints : X509v3 Policy Constraints
795!Cname ext-key-usage
796id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
797!Cname freshest-crl
798id-ce 46 : freshestCRL : X509v3 Freshest CRL
799!Cname inhibit-any-policy
800id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy
801!Cname target-information
802id-ce 55 : targetInformation : X509v3 AC Targeting
803!Cname no-rev-avail
804id-ce 56 : noRevAvail : X509v3 No Revocation Available
805
806# From RFC5280
807ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage
808
809
810!Cname netscape
8112 16 840 1 113730 : Netscape : Netscape Communications Corp.
812!Cname netscape-cert-extension
813netscape 1 : nsCertExt : Netscape Certificate Extension
814!Cname netscape-data-type
815netscape 2 : nsDataType : Netscape Data Type
816!Cname netscape-cert-type
817netscape-cert-extension 1 : nsCertType : Netscape Cert Type
818!Cname netscape-base-url
819netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
820!Cname netscape-revocation-url
821netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
822!Cname netscape-ca-revocation-url
823netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
824!Cname netscape-renewal-url
825netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
826!Cname netscape-ca-policy-url
827netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
828!Cname netscape-ssl-server-name
829netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
830!Cname netscape-comment
831netscape-cert-extension 13 : nsComment : Netscape Comment
832!Cname netscape-cert-sequence
833netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
834!Cname ns-sgc
835netscape 4 1 : nsSGC : Netscape Server Gated Crypto
836
837# iso(1)
838iso 3 : ORG : org
839org 6 : DOD : dod
840dod 1 : IANA : iana
841!Alias internet iana
842
843internet 1 : directory : Directory
844internet 2 : mgmt : Management
845internet 3 : experimental : Experimental
846internet 4 : private : Private
847internet 5 : security : Security
848internet 6 : snmpv2 : SNMPv2
849# Documents refer to "internet 7" as "mail". This however leads to ambiguities
850# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
851# rfc822Mailbox. The short name is therefore here left out for a reason.
852# Subclasses of "mail", e.g. "MIME MHS" don't constitute a problem, as
853# references are realized via long name "Mail" (with capital M).
854internet 7 : : Mail
855
856Private 1 : enterprises : Enterprises
857
858# RFC 2247
859Enterprises 1466 344 : dcobject : dcObject
860
861# Extended Validation
862!Alias extendedValidation Enterprises 311 60
863extendedValidation 2 1 1 : : jurisdictionLocalityName
864extendedValidation 2 1 2 : : jurisdictionStateOrProvinceName
865extendedValidation 2 1 3 : : jurisdictionCountryName
866
867# RFC 1495
868Mail 1 : mime-mhs : MIME MHS
869mime-mhs 1 : mime-mhs-headings : mime-mhs-headings
870mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies
871mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message
872mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message
873
874# What the hell are these OIDs, really?
875!Cname rle-compression
8761 1 1 1 666 1 : RLE : run length compression
877!Cname zlib-compression
878id-smime-alg 8 : ZLIB : zlib compression
879
880#
881# NIST CSOR
882#
883# https://csrc.nisg.gov/projects/computer-security-objects/register/algorithm-registration
884#
885
886!Alias csor 2 16 840 1 101 3
887!Alias nistAlgorithms csor 4
888
889# AES aka Rijndael
890!Alias aes nistAlgorithms 1
891
892aes 1 : AES-128-ECB : aes-128-ecb
893aes 2 : AES-128-CBC : aes-128-cbc
894!Cname aes-128-ofb128
895aes 3 : AES-128-OFB : aes-128-ofb
896!Cname aes-128-cfb128
897aes 4 : AES-128-CFB : aes-128-cfb
898aes 5 : id-aes128-wrap
899aes 6 : id-aes128-GCM : aes-128-gcm
900aes 7 : id-aes128-CCM : aes-128-ccm
901aes 8 : id-aes128-wrap-pad
902
903aes 21 : AES-192-ECB : aes-192-ecb
904aes 22 : AES-192-CBC : aes-192-cbc
905!Cname aes-192-ofb128
906aes 23 : AES-192-OFB : aes-192-ofb
907!Cname aes-192-cfb128
908aes 24 : AES-192-CFB : aes-192-cfb
909aes 25 : id-aes192-wrap
910aes 26 : id-aes192-GCM : aes-192-gcm
911aes 27 : id-aes192-CCM : aes-192-ccm
912aes 28 : id-aes192-wrap-pad
913
914aes 41 : AES-256-ECB : aes-256-ecb
915aes 42 : AES-256-CBC : aes-256-cbc
916!Cname aes-256-ofb128
917aes 43 : AES-256-OFB : aes-256-ofb
918!Cname aes-256-cfb128
919aes 44 : AES-256-CFB : aes-256-cfb
920aes 45 : id-aes256-wrap
921aes 46 : id-aes256-GCM : aes-256-gcm
922aes 47 : id-aes256-CCM : aes-256-ccm
923aes 48 : id-aes256-wrap-pad
924
925# There are no OIDs for these modes...
926
927 : AES-128-CFB1 : aes-128-cfb1
928 : AES-192-CFB1 : aes-192-cfb1
929 : AES-256-CFB1 : aes-256-cfb1
930 : AES-128-CFB8 : aes-128-cfb8
931 : AES-192-CFB8 : aes-192-cfb8
932 : AES-256-CFB8 : aes-256-cfb8
933 : AES-128-CTR : aes-128-ctr
934 : AES-192-CTR : aes-192-ctr
935 : AES-256-CTR : aes-256-ctr
936 : AES-128-XTS : aes-128-xts
937 : AES-256-XTS : aes-256-xts
938 : DES-CFB1 : des-cfb1
939 : DES-CFB8 : des-cfb8
940 : DES-EDE3-CFB1 : des-ede3-cfb1
941 : DES-EDE3-CFB8 : des-ede3-cfb8
942
943# NIST CSOR Hash Algorithms (see also RFC 4231, RFC 8017, RFC 8702)
944!Alias nist_hashalgs nistAlgorithms 2
945nist_hashalgs 1 : SHA256 : sha256
946nist_hashalgs 2 : SHA384 : sha384
947nist_hashalgs 3 : SHA512 : sha512
948nist_hashalgs 4 : SHA224 : sha224
949nist_hashalgs 5 : SHA512-224 : sha512-224
950nist_hashalgs 6 : SHA512-256 : sha512-256
951nist_hashalgs 7 : SHA3-224 : sha3-224
952nist_hashalgs 8 : SHA3-256 : sha3-256
953nist_hashalgs 9 : SHA3-384 : sha3-384
954nist_hashalgs 10 : SHA3-512 : sha3-512
955#nist_hashalgs 11 : SHAKE128 : shake128
956#nist_hashalgs 12 : SHAKE256 : shake256
957nist_hashalgs 13 : id-hmacWithSHA3-224 : hmac-sha3-224
958nist_hashalgs 14 : id-hmacWithSHA3-256 : hmac-sha3-256
959nist_hashalgs 15 : id-hmacWithSHA3-384 : hmac-sha3-384
960nist_hashalgs 16 : id-hmacWithSHA3-512 : hmac-sha3-512
961
962# NIST CSOR Signature Algorithms
963!Alias nist_sigalgs nistAlgorithms 3
964nist_sigalgs 1 : id-dsa-with-sha224 : dsa_with_SHA224
965nist_sigalgs 2 : id-dsa-with-sha256 : dsa_with_SHA256
966nist_sigalgs 3 : id-dsa-with-sha384 : dsa_with_SHA384
967nist_sigalgs 4 : id-dsa-with-sha512 : dsa_with_SHA512
968nist_sigalgs 5 : id-dsa-with-sha3-224 : dsa_with_SHA3-224
969nist_sigalgs 6 : id-dsa-with-sha3-256 : dsa_with_SHA3-256
970nist_sigalgs 7 : id-dsa-with-sha3-384 : dsa_with_SHA3-384
971nist_sigalgs 8 : id-dsa-with-sha3-512 : dsa_with_SHA3-512
972nist_sigalgs 9 : id-ecdsa-with-sha3-224 : ecdsa_with_SHA3-224
973nist_sigalgs 10 : id-ecdsa-with-sha3-256 : ecdsa_with_SHA3-256
974nist_sigalgs 11 : id-ecdsa-with-sha3-384 : ecdsa_with_SHA3-384
975nist_sigalgs 12 : id-ecdsa-with-sha3-512 : ecdsa_with_SHA3-512
976nist_sigalgs 13 : id-rsassa-pkcs1-v1_5-with-sha3-224 : RSA-SHA3-224
977nist_sigalgs 14 : id-rsassa-pkcs1-v1_5-with-sha3-256 : RSA-SHA3-256
978nist_sigalgs 15 : id-rsassa-pkcs1-v1_5-with-sha3-384 : RSA-SHA3-384
979nist_sigalgs 16 : id-rsassa-pkcs1-v1_5-with-sha3-512 : RSA-SHA3-512
980
981# Hold instruction CRL entry extension
982!Cname hold-instruction-code
983id-ce 23 : holdInstructionCode : Hold Instruction Code
984!Alias holdInstruction X9-57 2
985!Cname hold-instruction-none
986holdInstruction 1 : holdInstructionNone : Hold Instruction None
987!Cname hold-instruction-call-issuer
988holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer
989!Cname hold-instruction-reject
990holdInstruction 3 : holdInstructionReject : Hold Instruction Reject
991
992# OID's from ITU-T. Most of this is defined in RFC 1274. A couple of
993# them are also mentioned in RFC 2247
994itu-t 9 : data
995data 2342 : pss
996pss 19200300 : ucl
997ucl 100 : pilot
998pilot 1 : : pilotAttributeType
999pilot 3 : : pilotAttributeSyntax
1000pilot 4 : : pilotObjectClass
1001pilot 10 : : pilotGroups
1002pilotAttributeSyntax 4 : : iA5StringSyntax
1003pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax
1004pilotObjectClass 3 : : pilotObject
1005pilotObjectClass 4 : : pilotPerson
1006pilotObjectClass 5 : account
1007pilotObjectClass 6 : document
1008pilotObjectClass 7 : room
1009pilotObjectClass 9 : : documentSeries
1010pilotObjectClass 13 : domain : Domain
1011pilotObjectClass 14 : : rFC822localPart
1012pilotObjectClass 15 : : dNSDomain
1013pilotObjectClass 17 : : domainRelatedObject
1014pilotObjectClass 18 : : friendlyCountry
1015pilotObjectClass 19 : : simpleSecurityObject
1016pilotObjectClass 20 : : pilotOrganization
1017pilotObjectClass 21 : : pilotDSA
1018pilotObjectClass 22 : : qualityLabelledData
1019pilotAttributeType 1 : UID : userId
1020pilotAttributeType 2 : : textEncodedORAddress
1021pilotAttributeType 3 : mail : rfc822Mailbox
1022pilotAttributeType 4 : info
1023pilotAttributeType 5 : : favouriteDrink
1024pilotAttributeType 6 : : roomNumber
1025pilotAttributeType 7 : photo
1026pilotAttributeType 8 : : userClass
1027pilotAttributeType 9 : host
1028pilotAttributeType 10 : manager
1029pilotAttributeType 11 : : documentIdentifier
1030pilotAttributeType 12 : : documentTitle
1031pilotAttributeType 13 : : documentVersion
1032pilotAttributeType 14 : : documentAuthor
1033pilotAttributeType 15 : : documentLocation
1034pilotAttributeType 20 : : homeTelephoneNumber
1035pilotAttributeType 21 : secretary
1036pilotAttributeType 22 : : otherMailbox
1037pilotAttributeType 23 : : lastModifiedTime
1038pilotAttributeType 24 : : lastModifiedBy
1039pilotAttributeType 25 : DC : domainComponent
1040pilotAttributeType 26 : : aRecord
1041pilotAttributeType 27 : : pilotAttributeType27
1042pilotAttributeType 28 : : mXRecord
1043pilotAttributeType 29 : : nSRecord
1044pilotAttributeType 30 : : sOARecord
1045pilotAttributeType 31 : : cNAMERecord
1046pilotAttributeType 37 : : associatedDomain
1047pilotAttributeType 38 : : associatedName
1048pilotAttributeType 39 : : homePostalAddress
1049pilotAttributeType 40 : : personalTitle
1050pilotAttributeType 41 : : mobileTelephoneNumber
1051pilotAttributeType 42 : : pagerTelephoneNumber
1052pilotAttributeType 43 : : friendlyCountryName
1053# The following clashes with 2.5.4.45, so commented away
1054#pilotAttributeType 44 : uid : uniqueIdentifier
1055pilotAttributeType 45 : : organizationalStatus
1056pilotAttributeType 46 : : janetMailbox
1057pilotAttributeType 47 : : mailPreferenceOption
1058pilotAttributeType 48 : : buildingName
1059pilotAttributeType 49 : : dSAQuality
1060pilotAttributeType 50 : : singleLevelQuality
1061pilotAttributeType 51 : : subtreeMinimumQuality
1062pilotAttributeType 52 : : subtreeMaximumQuality
1063pilotAttributeType 53 : : personalSignature
1064pilotAttributeType 54 : : dITRedirect
1065pilotAttributeType 55 : audio
1066pilotAttributeType 56 : : documentPublisher
1067
1068international-organizations 42 : id-set : Secure Electronic Transactions
1069
1070id-set 0 : set-ctype : content types
1071id-set 1 : set-msgExt : message extensions
1072id-set 3 : set-attr
1073id-set 5 : set-policy
1074id-set 7 : set-certExt : certificate extensions
1075id-set 8 : set-brand
1076
1077set-ctype 0 : setct-PANData
1078set-ctype 1 : setct-PANToken
1079set-ctype 2 : setct-PANOnly
1080set-ctype 3 : setct-OIData
1081set-ctype 4 : setct-PI
1082set-ctype 5 : setct-PIData
1083set-ctype 6 : setct-PIDataUnsigned
1084set-ctype 7 : setct-HODInput
1085set-ctype 8 : setct-AuthResBaggage
1086set-ctype 9 : setct-AuthRevReqBaggage
1087set-ctype 10 : setct-AuthRevResBaggage
1088set-ctype 11 : setct-CapTokenSeq
1089set-ctype 12 : setct-PInitResData
1090set-ctype 13 : setct-PI-TBS
1091set-ctype 14 : setct-PResData
1092set-ctype 16 : setct-AuthReqTBS
1093set-ctype 17 : setct-AuthResTBS
1094set-ctype 18 : setct-AuthResTBSX
1095set-ctype 19 : setct-AuthTokenTBS
1096set-ctype 20 : setct-CapTokenData
1097set-ctype 21 : setct-CapTokenTBS
1098set-ctype 22 : setct-AcqCardCodeMsg
1099set-ctype 23 : setct-AuthRevReqTBS
1100set-ctype 24 : setct-AuthRevResData
1101set-ctype 25 : setct-AuthRevResTBS
1102set-ctype 26 : setct-CapReqTBS
1103set-ctype 27 : setct-CapReqTBSX
1104set-ctype 28 : setct-CapResData
1105set-ctype 29 : setct-CapRevReqTBS
1106set-ctype 30 : setct-CapRevReqTBSX
1107set-ctype 31 : setct-CapRevResData
1108set-ctype 32 : setct-CredReqTBS
1109set-ctype 33 : setct-CredReqTBSX
1110set-ctype 34 : setct-CredResData
1111set-ctype 35 : setct-CredRevReqTBS
1112set-ctype 36 : setct-CredRevReqTBSX
1113set-ctype 37 : setct-CredRevResData
1114set-ctype 38 : setct-PCertReqData
1115set-ctype 39 : setct-PCertResTBS
1116set-ctype 40 : setct-BatchAdminReqData
1117set-ctype 41 : setct-BatchAdminResData
1118set-ctype 42 : setct-CardCInitResTBS
1119set-ctype 43 : setct-MeAqCInitResTBS
1120set-ctype 44 : setct-RegFormResTBS
1121set-ctype 45 : setct-CertReqData
1122set-ctype 46 : setct-CertReqTBS
1123set-ctype 47 : setct-CertResData
1124set-ctype 48 : setct-CertInqReqTBS
1125set-ctype 49 : setct-ErrorTBS
1126set-ctype 50 : setct-PIDualSignedTBE
1127set-ctype 51 : setct-PIUnsignedTBE
1128set-ctype 52 : setct-AuthReqTBE
1129set-ctype 53 : setct-AuthResTBE
1130set-ctype 54 : setct-AuthResTBEX
1131set-ctype 55 : setct-AuthTokenTBE
1132set-ctype 56 : setct-CapTokenTBE
1133set-ctype 57 : setct-CapTokenTBEX
1134set-ctype 58 : setct-AcqCardCodeMsgTBE
1135set-ctype 59 : setct-AuthRevReqTBE
1136set-ctype 60 : setct-AuthRevResTBE
1137set-ctype 61 : setct-AuthRevResTBEB
1138set-ctype 62 : setct-CapReqTBE
1139set-ctype 63 : setct-CapReqTBEX
1140set-ctype 64 : setct-CapResTBE
1141set-ctype 65 : setct-CapRevReqTBE
1142set-ctype 66 : setct-CapRevReqTBEX
1143set-ctype 67 : setct-CapRevResTBE
1144set-ctype 68 : setct-CredReqTBE
1145set-ctype 69 : setct-CredReqTBEX
1146set-ctype 70 : setct-CredResTBE
1147set-ctype 71 : setct-CredRevReqTBE
1148set-ctype 72 : setct-CredRevReqTBEX
1149set-ctype 73 : setct-CredRevResTBE
1150set-ctype 74 : setct-BatchAdminReqTBE
1151set-ctype 75 : setct-BatchAdminResTBE
1152set-ctype 76 : setct-RegFormReqTBE
1153set-ctype 77 : setct-CertReqTBE
1154set-ctype 78 : setct-CertReqTBEX
1155set-ctype 79 : setct-CertResTBE
1156set-ctype 80 : setct-CRLNotificationTBS
1157set-ctype 81 : setct-CRLNotificationResTBS
1158set-ctype 82 : setct-BCIDistributionTBS
1159
1160set-msgExt 1 : setext-genCrypt : generic cryptogram
1161set-msgExt 3 : setext-miAuth : merchant initiated auth
1162set-msgExt 4 : setext-pinSecure
1163set-msgExt 5 : setext-pinAny
1164set-msgExt 7 : setext-track2
1165set-msgExt 8 : setext-cv : additional verification
1166
1167set-policy 0 : set-policy-root
1168
1169set-certExt 0 : setCext-hashedRoot
1170set-certExt 1 : setCext-certType
1171set-certExt 2 : setCext-merchData
1172set-certExt 3 : setCext-cCertRequired
1173set-certExt 4 : setCext-tunneling
1174set-certExt 5 : setCext-setExt
1175set-certExt 6 : setCext-setQualf
1176set-certExt 7 : setCext-PGWYcapabilities
1177set-certExt 8 : setCext-TokenIdentifier
1178set-certExt 9 : setCext-Track2Data
1179set-certExt 10 : setCext-TokenType
1180set-certExt 11 : setCext-IssuerCapabilities
1181
1182set-attr 0 : setAttr-Cert
1183set-attr 1 : setAttr-PGWYcap : payment gateway capabilities
1184set-attr 2 : setAttr-TokenType
1185set-attr 3 : setAttr-IssCap : issuer capabilities
1186
1187setAttr-Cert 0 : set-rootKeyThumb
1188setAttr-Cert 1 : set-addPolicy
1189
1190setAttr-TokenType 1 : setAttr-Token-EMV
1191setAttr-TokenType 2 : setAttr-Token-B0Prime
1192
1193setAttr-IssCap 3 : setAttr-IssCap-CVM
1194setAttr-IssCap 4 : setAttr-IssCap-T2
1195setAttr-IssCap 5 : setAttr-IssCap-Sig
1196
1197setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram
1198setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2
1199setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2
1200
1201setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature
1202setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature
1203
1204set-brand 1 : set-brand-IATA-ATA
1205set-brand 30 : set-brand-Diners
1206set-brand 34 : set-brand-AmericanExpress
1207set-brand 35 : set-brand-JCB
1208set-brand 4 : set-brand-Visa
1209set-brand 5 : set-brand-MasterCard
1210set-brand 6011 : set-brand-Novus
1211
1212rsadsi 3 10 : DES-CDMF : des-cdmf
1213rsadsi 1 1 6 : rsaOAEPEncryptionSET
1214
1215 : Oakley-EC2N-3 : ipsec3
1216 : Oakley-EC2N-4 : ipsec4
1217
1218iso 0 10118 3 0 55 : whirlpool
1219
1220# GOST OIDs
1221
1222member-body 643 2 2 : cryptopro
1223member-body 643 2 9 : cryptocom
1224
1225cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
1226cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
1227!Cname id-GostR3411-94
1228cryptopro 9 : md_gost94 : GOST R 34.11-94
1229cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94
1230!Cname id-GostR3410-2001
1231cryptopro 19 : gost2001 : GOST R 34.10-2001
1232!Cname id-GostR3410-94
1233cryptopro 20 : gost94 : GOST R 34.10-94
1234!Cname id-Gost28147-89
1235cryptopro 21 : gost89 : GOST 28147-89
1236 : gost89-cnt
1237!Cname id-Gost28147-89-MAC
1238cryptopro 22 : gost-mac : GOST 28147-89 MAC
1239!Cname id-GostR3411-94-prf
1240cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF
1241cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH
1242cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH
1243
1244cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing
1245cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing
1246
1247# GOST parameter set OIDs
1248
1249cryptopro 30 0 : id-GostR3411-94-TestParamSet
1250cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet
1251
1252cryptopro 31 0 : id-Gost28147-89-TestParamSet
1253cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet
1254cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet
1255cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet
1256cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet
1257cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
1258cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
1259cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet
1260
1261cryptopro 32 0 : id-GostR3410-94-TestParamSet
1262cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet
1263cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet
1264cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet
1265cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet
1266
1267cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet
1268cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet
1269cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet
1270
1271cryptopro 35 0 : id-GostR3410-2001-TestParamSet
1272cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet
1273cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet
1274cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet
1275
1276cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet
1277cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet
1278
1279id-GostR3410-94 1 : id-GostR3410-94-a
1280id-GostR3410-94 2 : id-GostR3410-94-aBis
1281id-GostR3410-94 3 : id-GostR3410-94-b
1282id-GostR3410-94 4 : id-GostR3410-94-bBis
1283
1284# Cryptocom LTD GOST OIDs
1285
1286cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet
1287!Cname id-GostR3410-94-cc
1288cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom
1289!Cname id-GostR3410-2001-cc
1290cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom
1291
1292cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
1293cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
1294
1295cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
1296
1297# Definitions for SM3
1298
12991 2 156 10197 1 401 : SM3 : sm3
13001 2 156 10197 1 504 : RSA-SM3 : sm3WithRSAEncryption
1301
1302# Definitions for Camellia cipher - CBC MODE
1303
13041 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
13051 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
13061 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
13071 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
13081 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
13091 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
1310
1311# Definitions for Camellia cipher - ECB, CFB, OFB MODE
1312
1313!Alias ntt-ds 0 3 4401 5
1314!Alias camellia ntt-ds 3 1 9
1315
1316camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb
1317!Cname camellia-128-ofb128
1318camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb
1319!Cname camellia-128-cfb128
1320camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb
1321
1322camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb
1323!Cname camellia-192-ofb128
1324camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb
1325!Cname camellia-192-cfb128
1326camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb
1327
1328camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb
1329!Cname camellia-256-ofb128
1330camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb
1331!Cname camellia-256-cfb128
1332camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb
1333
1334# There are no OIDs for these modes...
1335
1336 : CAMELLIA-128-CFB1 : camellia-128-cfb1
1337 : CAMELLIA-192-CFB1 : camellia-192-cfb1
1338 : CAMELLIA-256-CFB1 : camellia-256-cfb1
1339 : CAMELLIA-128-CFB8 : camellia-128-cfb8
1340 : CAMELLIA-192-CFB8 : camellia-192-cfb8
1341 : CAMELLIA-256-CFB8 : camellia-256-cfb8
1342
1343# Definitions for SEED cipher - ECB, CBC, OFB mode
1344
1345member-body 410 200004 : KISA : kisa
1346kisa 1 3 : SEED-ECB : seed-ecb
1347kisa 1 4 : SEED-CBC : seed-cbc
1348!Cname seed-cfb128
1349kisa 1 5 : SEED-CFB : seed-cfb
1350!Cname seed-ofb128
1351kisa 1 6 : SEED-OFB : seed-ofb
1352
1353# Definitions for SM4 cipher
1354
1355member-body 156 : ISO-CN : ISO CN Member Body
1356ISO-CN 10197 : oscca
1357oscca 1 : sm-scheme
1358
1359sm-scheme 104 1 : SM4-ECB : sm4-ecb
1360sm-scheme 104 2 : SM4-CBC : sm4-cbc
1361!Cname sm4-ofb128
1362sm-scheme 104 3 : SM4-OFB : sm4-ofb
1363!Cname sm4-cfb128
1364sm-scheme 104 4 : SM4-CFB : sm4-cfb
1365sm-scheme 104 5 : SM4-CFB1 : sm4-cfb1
1366sm-scheme 104 6 : SM4-CFB8 : sm4-cfb8
1367sm-scheme 104 7 : SM4-CTR : sm4-ctr
1368
1369# There is no OID that just denotes "HMAC" oddly enough...
1370
1371 : HMAC : hmac
1372# Nor CMAC either
1373 : CMAC : cmac
1374
1375# Synthetic composite ciphersuites
1376 : RC4-HMAC-MD5 : rc4-hmac-md5
1377 : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
1378 : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
1379 : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
1380
1381# ECDH schemes from RFC 5753
1382!Alias x9-63-scheme 1 3 133 16 840 63 0
1383!Alias secg-scheme certicom-arc 1
1384
1385x9-63-scheme 2 : dhSinglePass-stdDH-sha1kdf-scheme
1386secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
1387secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
1388secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
1389secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
1390
1391x9-63-scheme 3 : dhSinglePass-cofactorDH-sha1kdf-scheme
1392secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
1393secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
1394secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
1395secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
1396
1397# DH NIDs for use with lookup tables.
1398 : dh-std-kdf
1399 : dh-cofactor-kdf
1400
1401# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
14021 3 6 1 4 1 11129 2 4 2 : ct_precert_scts : CT Precertificate SCTs
14031 3 6 1 4 1 11129 2 4 3 : ct_precert_poison : CT Precertificate Poison
14041 3 6 1 4 1 11129 2 4 4 : ct_precert_signer : CT Precertificate Signer
14051 3 6 1 4 1 11129 2 4 5 : ct_cert_scts : CT Certificate SCTs
1406
1407# NID for TLS1 PRF
1408 : TLS1-PRF : tls1-prf
1409# NID for HKDF
1410 : HKDF : hkdf
1411
1412identified-organization 36 : teletrust
1413teletrust 3 3 2 8 1 : brainpool
1414brainpool 1 1 : brainpoolP160r1
1415brainpool 1 2 : brainpoolP160t1
1416brainpool 1 3 : brainpoolP192r1
1417brainpool 1 4 : brainpoolP192t1
1418brainpool 1 5 : brainpoolP224r1
1419brainpool 1 6 : brainpoolP224t1
1420brainpool 1 7 : brainpoolP256r1
1421brainpool 1 8 : brainpoolP256t1
1422brainpool 1 9 : brainpoolP320r1
1423brainpool 1 10 : brainpoolP320t1
1424brainpool 1 11 : brainpoolP384r1
1425brainpool 1 12 : brainpoolP384t1
1426brainpool 1 13 : brainpoolP512r1
1427brainpool 1 14 : brainpoolP512t1
1428
14291 2 250 1 223 101 256 1 : FRP256v1
1430
1431# ChaCha Stream Cipher
1432!Cname chacha20
1433 : ChaCha : chacha
1434
1435 : ChaCha20-Poly1305 : chacha20-poly1305
1436
1437 : gost89-ecb
1438 : gost89-cbc
1439
1440member-body 643 7 1 : tc26
1441!Cname id-tc26-gost3411-2012-256
1442tc26 1 2 2 : streebog256 : GOST R 34.11-2012 (256 bit)
1443!Cname id-tc26-gost3411-2012-512
1444tc26 1 2 3 : streebog512 : GOST R 34-11-2012 (512 bit)
1445tc26 1 4 1 : id-tc26-hmac-gost-3411-12-256 : HMAC STREEBOG 256
1446tc26 1 4 2 : id-tc26-hmac-gost-3411-12-512 : HMAC STREEBOG 512
1447tc26 2 1 1 1 : id-tc26-gost-3410-12-256-paramSetA : GOST R 34.10-2012 (256 bit) ParamSet A
1448tc26 2 1 1 2 : id-tc26-gost-3410-12-256-paramSetB : GOST R 34.10-2012 (256 bit) ParamSet B
1449tc26 2 1 1 3 : id-tc26-gost-3410-12-256-paramSetC : GOST R 34.10-2012 (256 bit) ParamSet C
1450tc26 2 1 1 4 : id-tc26-gost-3410-12-256-paramSetD : GOST R 34.10-2012 (256 bit) ParamSet D
1451tc26 2 1 2 0 : id-tc26-gost-3410-12-512-paramSetTest : GOST R 34.10-2012 (512 bit) testing parameter set
1452tc26 2 1 2 1 : id-tc26-gost-3410-12-512-paramSetA : GOST R 34.10-2012 (512 bit) ParamSet A
1453tc26 2 1 2 2 : id-tc26-gost-3410-12-512-paramSetB : GOST R 34.10-2012 (512 bit) ParamSet B
1454tc26 2 1 2 3 : id-tc26-gost-3410-12-512-paramSetC : GOST R 34.10-2012 (512 bit) ParamSet C
1455tc26 2 5 1 1 : id-tc26-gost-28147-param-Z
1456tc26 1 1 1 : id-tc26-gost3410-2012-256 : GOST R 34.10-2012 (256 bit)
1457tc26 1 1 2 : id-tc26-gost3410-2012-512 : GOST R 34.10-2012 (512 bit)
1458tc26 1 3 2 : id-tc26-signwithdigest-gost3410-2012-256 : GOST R 34.11-2012 with GOST R 34.10-2012 (256 bit)
1459tc26 1 3 3 : id-tc26-signwithdigest-gost3410-2012-512 : GOST R 34.11-2012 with GOST R 34.10-2012 (512 bit)
1460
1461# Curves from draft-ietf-curdle-pkix-02
14621 3 101 110 : X25519
14631 3 101 111 : X448
14641 3 101 112 : Ed25519
14651 3 101 113 : Ed448
14661 3 101 114 : Ed25519ph
14671 3 101 115 : Ed448ph
1468
1469# TLS cipher suite key exchange
1470 : KxRSA : kx-rsa
1471 : KxECDHE : kx-ecdhe
1472 : KxDHE : kx-dhe
1473 : KxGOST : kx-gost
1474
1475# TLS cipher suite authentication
1476 : AuthRSA : auth-rsa
1477 : AuthECDSA : auth-ecdsa
1478 : AuthGOST01 : auth-gost01
1479 : AuthNULL : auth-null
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-23 18:38:54 +0000