1 files changed, 591 insertions, 38 deletions
diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt
index cb276e90e9..3d443cf884 100644
--- a/src/lib/libcrypto/objects/objects.txt
+++ b/src/lib/libcrypto/objects/objects.txt
@@ -1,40 +1,593 @@
-1 2                     : ISO member bodies
+1                       : ISO                   : iso
-1 2 840                 : US (ANSI)
-1 2 840 113549          : rsadsi        : RSA Data Security, Inc.
+iso 2                   : member-body           : ISO Member Body
-1 2 840 113549 1        : pkcs          : RSA Data Security, Inc. PKCS
-1 2 840 113549 1 1 1    : rsaEncryption
+member-body 840         : ISO-US                : ISO US Member Body
-1 2 840 113549 1 1 2    : md2withRSAEncryption
+ISO-US 10040            : X9-57                 : X9.57
-1 2 840 113549 1 1 4    : md5withRSAEncryption
+X9-57 4                 : X9cm                  : X9.57 CM ?
-1 2 840 113549 1 7      : pkcs-7
-1 2 840 113549 1 7 1    : pkcs-7-data
+!Cname dsa
-1 2 840 113549 1 7 2    : pkcs-7-signedData
+X9cm 1                  : DSA                   : dsaEncryption
-1 2 840 113549 1 7 3    : pkcs-7-envelopedData
+X9cm 3                  : DSA-SHA1              : dsaWithSHA1
-1 2 840 113549 1 7 4    : pkcs-7-signedAndEnvelopedData
-1 2 840 113549 1 7 5    : pkcs-7-digestData
+ISO-US 113533 7 66 10   : CAST5-CBC             : cast5-cbc
-1 2 840 113549 1 7 6    : pkcs-7-encryptedData
+                        : CAST5-ECB             : cast5-ecb
-1 2 840 113549 2 2      : md2
+!Cname cast5-cfb64
-1 2 840 113549 2 4      : md4
+                        : CAST5-CFB             : cast5-cfb
-1 2 840 113549 2 5      : md5
+!Cname cast5-ofb64
-1 2 840 113549 3 4      : rc4
+                        : CAST5-OFB             : cast5-ofb
-1 2 840 113549 5 1      : pbeWithMD2AndDES_CBC
+!Cname pbeWithMD5AndCast5-CBC
-1 2 840 113549 5 3      : pbeWithMD5AndDES_CBC
+ISO-US 113533 7 66 12   :                       : pbeWithMD5AndCast5CBC
-2 5                     : X500          : directory services (X.500)
-2 5 4                   : X509
+ISO-US 113549           : rsadsi                : RSA Data Security, Inc.
-2 5 4 3                 : commonName
-2 5 4 6                 : countryName
+rsadsi 1                : pkcs                  : RSA Data Security, Inc. PKCS
-2 5 4 7                 : localityName
-2 5 4 8                 : stateOrProvinceName
+pkcs 1                  : pkcs1
-2 5 4 10                : organizationName
+pkcs1 1                 :                       : rsaEncryption
-2 5 4 11                : organizationalUnitName
+pkcs1 2                 : RSA-MD2               : md2WithRSAEncryption
-2 5 8                   : directory services - algorithms
+pkcs1 4                 : RSA-MD5               : md5WithRSAEncryption
-2 5 8 1 1               : rsa
+pkcs1 5                 : RSA-SHA1              : sha1WithRSAEncryption
-algorithm 18            : sha
+pkcs 3                  : pkcs3
-encryptionAlgorithm 1   : rsa
+pkcs3 1                 :                       : dhKeyAgreement
+pkcs 5                  : pkcs5
+pkcs5 1                 : PBE-MD2-DES           : pbeWithMD2AndDES-CBC
+pkcs5 3                 : PBE-MD5-DES           : pbeWithMD5AndDES-CBC
+pkcs5 4                 : PBE-MD2-RC2-64        : pbeWithMD2AndRC2-CBC
+pkcs5 6                 : PBE-MD5-RC2-64        : pbeWithMD5AndRC2-CBC
+pkcs5 10                : PBE-SHA1-DES          : pbeWithSHA1AndDES-CBC
+pkcs5 11                : PBE-SHA1-RC2-64       : pbeWithSHA1AndRC2-CBC
+!Cname id_pbkdf2
+pkcs5 12                :                       : PBKDF2
+!Cname pbes2
+pkcs5 13                :                       : PBES2
+!Cname pbmac1
+pkcs5 14                :                       : PBMAC1
+pkcs 7                  : pkcs7
+pkcs7 1                 :                       : pkcs7-data
+!Cname pkcs7-signed
+pkcs7 2                 :                       : pkcs7-signedData
+!Cname pkcs7-enveloped
+pkcs7 3                 :                       : pkcs7-envelopedData
+!Cname pkcs7-signedAndEnveloped
+pkcs7 4                 :                       : pkcs7-signedAndEnvelopedData
+!Cname pkcs7-digest
+pkcs7 5                 :                       : pkcs7-digestData
+!Cname pkcs7-encrypted
+pkcs7 6                 :                       : pkcs7-encryptedData
+pkcs 9                  : pkcs9
+!module pkcs9
+pkcs9 1                 : Email                 : emailAddress
+pkcs9 2                 :                       : unstructuredName
+pkcs9 3                 :                       : contentType
+pkcs9 4                 :                       : messageDigest
+pkcs9 5                 :                       : signingTime
+pkcs9 6                 :                       : countersignature
+pkcs9 7                 :                       : challengePassword
+pkcs9 8                 :                       : unstructuredAddress
+!Cname extCertAttributes
+pkcs9 9                 :                       : extendedCertificateAttributes
+!global
+!Cname ext-req
+pkcs9 14                : extReq                : Extension Request
+!Cname SMIMECapabilities
+pkcs9 15                : SMIME-CAPS            : S/MIME Capabilities
+# S/MIME
+!Cname SMIME
+pkcs9 16                : SMIME                 : S/MIME
+SMIME 0                 : id-smime-mod
+SMIME 1                 : id-smime-ct
+SMIME 2                 : id-smime-aa
+SMIME 3                 : id-smime-alg
+SMIME 4                 : id-smime-cd
+SMIME 5                 : id-smime-spq
+SMIME 6                 : id-smime-cti
+# S/MIME Modules
+id-smime-mod 1          : id-smime-mod-cms
+id-smime-mod 2          : id-smime-mod-ess
+id-smime-mod 3          : id-smime-mod-oid
+id-smime-mod 4          : id-smime-mod-msg-v3
+id-smime-mod 5          : id-smime-mod-ets-eSignature-88
+id-smime-mod 6          : id-smime-mod-ets-eSignature-97
+id-smime-mod 7          : id-smime-mod-ets-eSigPolicy-88
+id-smime-mod 8          : id-smime-mod-ets-eSigPolicy-97
+# S/MIME Content Types
+id-smime-ct 1           : id-smime-ct-receipt
+id-smime-ct 2           : id-smime-ct-authData
+id-smime-ct 3           : id-smime-ct-publishCert
+id-smime-ct 4           : id-smime-ct-TSTInfo
+id-smime-ct 5           : id-smime-ct-TDTInfo
+id-smime-ct 6           : id-smime-ct-contentInfo
+id-smime-ct 7           : id-smime-ct-DVCSRequestData
+id-smime-ct 8           : id-smime-ct-DVCSResponseData
+# S/MIME Attributes
+id-smime-aa 1           : id-smime-aa-receiptRequest
+id-smime-aa 2           : id-smime-aa-securityLabel
+id-smime-aa 3           : id-smime-aa-mlExpandHistory
+id-smime-aa 4           : id-smime-aa-contentHint
+id-smime-aa 5           : id-smime-aa-msgSigDigest
+# obsolete
+id-smime-aa 6           : id-smime-aa-encapContentType
+id-smime-aa 7           : id-smime-aa-contentIdentifier
+# obsolete
+id-smime-aa 8           : id-smime-aa-macValue
+id-smime-aa 9           : id-smime-aa-equivalentLabels
+id-smime-aa 10          : id-smime-aa-contentReference
+id-smime-aa 11          : id-smime-aa-encrypKeyPref
+id-smime-aa 12          : id-smime-aa-signingCertificate
+id-smime-aa 13          : id-smime-aa-smimeEncryptCerts
+id-smime-aa 14          : id-smime-aa-timeStampToken
+id-smime-aa 15          : id-smime-aa-ets-sigPolicyId
+id-smime-aa 16          : id-smime-aa-ets-commitmentType
+id-smime-aa 17          : id-smime-aa-ets-signerLocation
+id-smime-aa 18          : id-smime-aa-ets-signerAttr
+id-smime-aa 19          : id-smime-aa-ets-otherSigCert
+id-smime-aa 20          : id-smime-aa-ets-contentTimestamp
+id-smime-aa 21          : id-smime-aa-ets-CertificateRefs
+id-smime-aa 22          : id-smime-aa-ets-RevocationRefs
+id-smime-aa 23          : id-smime-aa-ets-certValues
+id-smime-aa 24          : id-smime-aa-ets-revocationValues
+id-smime-aa 25          : id-smime-aa-ets-escTimeStamp
+id-smime-aa 26          : id-smime-aa-ets-certCRLTimestamp
+id-smime-aa 27          : id-smime-aa-ets-archiveTimeStamp
+id-smime-aa 28          : id-smime-aa-signatureType
+id-smime-aa 29          : id-smime-aa-dvcs-dvc
+# S/MIME Algorithm Identifiers
+# obsolete
+id-smime-alg 1          : id-smime-alg-ESDHwith3DES
+# obsolete
+id-smime-alg 2          : id-smime-alg-ESDHwithRC2
+# obsolete
+id-smime-alg 3          : id-smime-alg-3DESwrap
+# obsolete
+id-smime-alg 4          : id-smime-alg-RC2wrap
+id-smime-alg 5          : id-smime-alg-ESDH
+id-smime-alg 6          : id-smime-alg-CMS3DESwrap
+id-smime-alg 7          : id-smime-alg-CMSRC2wrap
+# S/MIME Certificate Distribution
+id-smime-cd 1           : id-smime-cd-ldap
+# S/MIME Signature Policy Qualifier
+id-smime-spq 1          : id-smime-spq-ets-sqt-uri
+id-smime-spq 2          : id-smime-spq-ets-sqt-unotice
+# S/MIME Commitment Type Identifier
+id-smime-cti 1          : id-smime-cti-ets-proofOfOrigin
+id-smime-cti 2          : id-smime-cti-ets-proofOfReceipt
+id-smime-cti 3          : id-smime-cti-ets-proofOfDelivery
+id-smime-cti 4          : id-smime-cti-ets-proofOfSender
+id-smime-cti 5          : id-smime-cti-ets-proofOfApproval
+id-smime-cti 6          : id-smime-cti-ets-proofOfCreation
+pkcs9 20                :                       : friendlyName
+pkcs9 21                :                       : localKeyID
+!Alias certTypes pkcs9 22
+certTypes 1             :                       : x509Certificate
+certTypes 2             :                       : sdsiCertificate
+!Alias crlTypes pkcs9 23
+crlTypes 1              :                       : x509Crl
+!Alias pkcs12 pkcs 12
+!Alias pkcs12-pbeids pkcs12 1
+!Cname pbe-WithSHA1And128BitRC4
+pkcs12-pbeids 1         : PBE-SHA1-RC4-128      : pbeWithSHA1And128BitRC4
+!Cname pbe-WithSHA1And40BitRC4
+pkcs12-pbeids 2         : PBE-SHA1-RC4-40       : pbeWithSHA1And40BitRC4
+!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
+pkcs12-pbeids 3         : PBE-SHA1-3DES         : pbeWithSHA1And3-KeyTripleDES-CBC
+!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
+pkcs12-pbeids 4         : PBE-SHA1-2DES         : pbeWithSHA1And2-KeyTripleDES-CBC
+!Cname pbe-WithSHA1And128BitRC2-CBC
+pkcs12-pbeids 5         : PBE-SHA1-RC2-128      : pbeWithSHA1And128BitRC2-CBC
+!Cname pbe-WithSHA1And40BitRC2-CBC
+pkcs12-pbeids 6         : PBE-SHA1-RC2-40       : pbeWithSHA1And40BitRC2-CBC
+!Alias pkcs12-Version1 pkcs12 10
+!Alias pkcs12-BagIds pkcs12-Version1 1
+pkcs12-BagIds 1         :                       : keyBag
+pkcs12-BagIds 2         :                       : pkcs8ShroudedKeyBag
+pkcs12-BagIds 3         :                       : certBag
+pkcs12-BagIds 4         :                       : crlBag
+pkcs12-BagIds 5         :                       : secretBag
+pkcs12-BagIds 6         :                       : safeContentsBag
+rsadsi 2 2              : MD2                   : md2
+rsadsi 2 4              : MD4                   : md4
+rsadsi 2 5              : MD5                   : md5
+                        : MD5-SHA1              : md5-sha1
+rsadsi 2 7              :                       : hmacWithSHA1
+rsadsi 3 2              : RC2-CBC               : rc2-cbc
+                        : RC2-ECB               : rc2-ecb
+!Cname rc2-cfb64
+                        : RC2-CFB               : rc2-cfb
+!Cname rc2-ofb64
+                        : RC2-OFB               : rc2-ofb
+                        : RC2-40-CBC            : rc2-40-cbc
+                        : RC2-64-CBC            : rc2-64-cbc
+rsadsi 3 4              : RC4                   : rc4
+                        : RC4-40                : rc4-40
+rsadsi 3 7              : DES-EDE3-CBC          : des-ede3-cbc
+rsadsi 3 8              : RC5-CBC               : rc5-cbc
+                        : RC5-ECB               : rc5-ecb
+!Cname rc5-cfb64
+                        : RC5-CFB               : rc5-cfb
+!Cname rc5-ofb64
+                        : RC5-OFB               : rc5-ofb
+!Cname ms-ext-req
+1 3 6 1 4 1 311 2 1 14  : msExtReq              : Microsoft Extension Request
+!Cname ms-code-ind
+1 3 6 1 4 1 311 2 1 21  : msCodeInd             : Microsoft Individual Code Signing
+!Cname ms-code-com
+1 3 6 1 4 1 311 2 1 22  : msCodeCom             : Microsoft Commercial Code Signing
+!Cname ms-ctl-sign
+1 3 6 1 4 1 311 10 3 1  : msCTLSign             : Microsoft Trust List Signing
+!Cname ms-sgc
+1 3 6 1 4 1 311 10 3 3  : msSGC                 : Microsoft Server Gated Crypto
+!Cname ms-efs
+1 3 6 1 4 1 311 10 3 4  : msEFS                 : Microsoft Encrypted File System
+1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC              : idea-cbc
+                        : IDEA-ECB              : idea-ecb
+!Cname idea-cfb64
+                        : IDEA-CFB              : idea-cfb
+!Cname idea-ofb64
+                        : IDEA-OFB              : idea-ofb
+1 3 6 1 4 1 3029 1 2    : BF-CBC                : bf-cbc
+                        : BF-ECB                : bf-ecb
+!Cname bf-cfb64
+                        : BF-CFB                : bf-cfb
+!Cname bf-ofb64
+                        : BF-OFB                : bf-ofb
+!Cname id-pkix
+1 3 6 1 5 5 7           : PKIX
+# PKIX Arcs
+id-pkix 0               : id-pkix-mod
+id-pkix 1               : id-pe
+id-pkix 2               : id-qt
+id-pkix 3               : id-kp
+id-pkix 4               : id-it
+id-pkix 5               : id-pkip
+id-pkix 6               : id-alg
+id-pkix 7               : id-cmc
+id-pkix 8               : id-on
+id-pkix 9               : id-pda
+id-pkix 10              : id-aca
+id-pkix 11              : id-qcs
+id-pkix 12              : id-cct
+id-pkix 48              : id-ad
+# PKIX Modules
+id-pkix-mod 1           : id-pkix1-explicit-88
+id-pkix-mod 2           : id-pkix1-implicit-88
+id-pkix-mod 3           : id-pkix1-explicit-93
+id-pkix-mod 4           : id-pkix1-implicit-93
+id-pkix-mod 5           : id-mod-crmf
+id-pkix-mod 6           : id-mod-cmc
+id-pkix-mod 7           : id-mod-kea-profile-88
+id-pkix-mod 8           : id-mod-kea-profile-93
+id-pkix-mod 9           : id-mod-cmp
+id-pkix-mod 10          : id-mod-qualified-cert-88
+id-pkix-mod 11          : id-mod-qualified-cert-93
+id-pkix-mod 12          : id-mod-attribute-cert
+id-pkix-mod 13          : id-mod-timestamp-protocol
+id-pkix-mod 14          : id-mod-ocsp
+id-pkix-mod 15          : id-mod-dvcs
+id-pkix-mod 16          : id-mod-cmp2000
+# PKIX Private Extensions
+!Cname info-access
+id-pe 1                 : authorityInfoAccess   : Authority Information Access
+id-pe 2                 : biometricInfo         : Biometric Info
+id-pe 3                 : qcStatements
+id-pe 4                 : ac-auditEntity
+id-pe 5                 : ac-targeting
+id-pe 6                 : aaControls
+id-pe 7                 : sbqp-ipAddrBlock
+id-pe 8                 : sbqp-autonomousSysNum
+id-pe 9                 : sbqp-routerIdentifier
+# PKIX policyQualifiers for Internet policy qualifiers
+id-qt 1                 : id-qt-cps             : Policy Qualifier CPS
+id-qt 2                 : id-qt-unotice         : Policy Qualifier User Notice
+id-qt 3                 : textNotice
+# PKIX key purpose identifiers
+!Cname server-auth
+id-kp 1                 : serverAuth            : TLS Web Server Authentication
+!Cname client-auth
+id-kp 2                 : clientAuth            : TLS Web Client Authentication
+!Cname code-sign
+id-kp 3                 : codeSigning           : Code Signing
+!Cname email-protect
+id-kp 4                 : emailProtection       : E-mail Protection
+id-kp 5                 : ipsecEndSystem        : IPSec End System
+id-kp 6                 : ipsecTunnel           : IPSec Tunnel
+id-kp 7                 : ipsecUser             : IPSec User
+!Cname time-stamp
+id-kp 8                 : timeStamping          : Time Stamping
+# From OCSP spec RFC2560
+!Cname OCSP-sign
+id-kp 9                 : OCSPSigning           : OCSP Signing
+id-kp 10                : DVCS                  : dvcs
+# CMP information types
+id-it 1                 : id-it-caProtEncCert
+id-it 2                 : id-it-signKeyPairTypes
+id-it 3                 : id-it-encKeyPairTypes
+id-it 4                 : id-it-preferredSymmAlg
+id-it 5                 : id-it-caKeyUpdateInfo
+id-it 6                 : id-it-currentCRL
+id-it 7                 : id-it-unsupportedOIDs
+# obsolete
+id-it 8                 : id-it-subscriptionRequest
+# obsolete
+id-it 9                 : id-it-subscriptionResponse
+id-it 10                : id-it-keyPairParamReq
+id-it 11                : id-it-keyPairParamRep
+id-it 12                : id-it-revPassphrase
+id-it 13                : id-it-implicitConfirm
+id-it 14                : id-it-confirmWaitTime
+id-it 15                : id-it-origPKIMessage
+# CRMF registration
+id-pkip 1               : id-regCtrl
+id-pkip 2               : id-regInfo
+# CRMF registration controls
+id-regCtrl 1            : id-regCtrl-regToken
+id-regCtrl 2            : id-regCtrl-authenticator
+id-regCtrl 3            : id-regCtrl-pkiPublicationInfo
+id-regCtrl 4            : id-regCtrl-pkiArchiveOptions
+id-regCtrl 5            : id-regCtrl-oldCertID
+id-regCtrl 6            : id-regCtrl-protocolEncrKey
+# CRMF registration information
+id-regInfo 1            : id-regInfo-utf8Pairs
+id-regInfo 2            : id-regInfo-certReq
+# algorithms
+id-alg 1                : id-alg-des40
+id-alg 2                : id-alg-noSignature
+id-alg 3                : id-alg-dh-sig-hmac-sha1
+id-alg 4                : id-alg-dh-pop
+# CMC controls
+id-cmc 1                : id-cmc-statusInfo
+id-cmc 2                : id-cmc-identification
+id-cmc 3                : id-cmc-identityProof
+id-cmc 4                : id-cmc-dataReturn
+id-cmc 5                : id-cmc-transactionId
+id-cmc 6                : id-cmc-senderNonce
+id-cmc 7                : id-cmc-recipientNonce
+id-cmc 8                : id-cmc-addExtensions
+id-cmc 9                : id-cmc-encryptedPOP
+id-cmc 10               : id-cmc-decryptedPOP
+id-cmc 11               : id-cmc-lraPOPWitness
+id-cmc 15               : id-cmc-getCert
+id-cmc 16               : id-cmc-getCRL
+id-cmc 17               : id-cmc-revokeRequest
+id-cmc 18               : id-cmc-regInfo
+id-cmc 19               : id-cmc-responseInfo
+id-cmc 21               : id-cmc-queryPending
+id-cmc 22               : id-cmc-popLinkRandom
+id-cmc 23               : id-cmc-popLinkWitness
+id-cmc 24               : id-cmc-confirmCertAcceptance 
+# other names
+id-on 1                 : id-on-personalData
+# personal data attributes
+id-pda 1                : id-pda-dateOfBirth
+id-pda 2                : id-pda-placeOfBirth
+id-pda 3                : id-pda-pseudonym
+id-pda 4                : id-pda-gender
+id-pda 5                : id-pda-countryOfCitizenship
+id-pda 6                : id-pda-countryOfResidence
+# attribute certificate attributes
+id-aca 1                : id-aca-authenticationInfo
+id-aca 2                : id-aca-accessIdentity
+id-aca 3                : id-aca-chargingIdentity
+id-aca 4                : id-aca-group
+id-aca 5                : id-aca-role
+# qualified certificate statements
+id-qcs 1                : id-qcs-pkixQCSyntax-v1
+# CMC content types
+id-cct 1                : id-cct-crs
+id-cct 2                : id-cct-PKIData
+id-cct 3                : id-cct-PKIResponse
+# access descriptors for authority info access extension
+!Cname ad-OCSP
+id-ad 1                 : OCSP                  : OCSP
+!Cname ad-ca-issuers
+id-ad 2                 : caIssuers             : CA Issuers
+!Cname ad-timeStamping
+id-ad 3                 : ad_timestamping       : AD Time Stamping
+!Cname ad-dvcs
+id-ad 4                 : AD_DVCS               : ad dvcs
+!Alias id-pkix-OCSP ad-OCSP
+!module id-pkix-OCSP
+!Cname basic
+id-pkix-OCSP 1          : basicOCSPResponse     : Basic OCSP Response
+id-pkix-OCSP 2          : Nonce                 : OCSP Nonce
+id-pkix-OCSP 3          : CrlID                 : OCSP CRL ID
+id-pkix-OCSP 4          : acceptableResponses   : Acceptable OCSP Responses
+id-pkix-OCSP 5          : noCheck
+id-pkix-OCSP 6          : archiveCutoff         : OCSP Archive Cutoff
+id-pkix-OCSP 7          : serviceLocator        : OCSP Service Locator
+id-pkix-OCSP 8          : extendedStatus        : Extended OCSP Status
+id-pkix-OCSP 9          : valid
+id-pkix-OCSP 10         : path
+id-pkix-OCSP 11         : trustRoot             : Trust Root
+!global
+1 3 14 3 2              : algorithm             : algorithm
+algorithm 3             : RSA-NP-MD5            : md5WithRSA
+algorithm 6             : DES-ECB               : des-ecb
+algorithm 7             : DES-CBC               : des-cbc
+!Cname des-ofb64
+algorithm 8             : DES-OFB               : des-ofb
+!Cname des-cfb64
+algorithm 9             : DES-CFB               : des-cfb
 algorithm 11            : rsaSignature
+!Cname dsa-2
+algorithm 12            : DSA-old               : dsaEncryption-old
+algorithm 13            : DSA-SHA               : dsaWithSHA
+algorithm 15            : RSA-SHA               : shaWithRSAEncryption
+algorithm 17            : DES-EDE               : des-ede
+                        : DES-EDE3              : des-ede3
+                        : DES-EDE-CBC           : des-ede-cbc
+!Cname des-ede-cfb64
+                        : DES-EDE-CFB           : des-ede-cfb
+!Cname des-ede3-cfb64
+                        : DES-EDE3-CFB          : des-ede3-cfb
+!Cname des-ede-ofb64
+                        : DES-EDE-OFB           : des-ede-ofb
+!Cname des-ede3-ofb64
+                        : DES-EDE3-OFB          : des-ede3-ofb
+                        : DESX-CBC              : desx-cbc
+algorithm 18            : SHA                   : sha
+algorithm 26            : SHA1                  : sha1
+!Cname dsaWithSHA1-2
+algorithm 27            : DSA-SHA1-old          : dsaWithSHA1-old
+algorithm 29            : RSA-SHA1-2            : sha1WithRSA
+1 3 36 3 2 1            : RIPEMD160             : ripemd160
+1 3 36 3 3 1 2          : RSA-RIPEMD160         : ripemd160WithRSA
+!Cname sxnet
+1 3 101 1 4 1           : SXNetID               : Strong Extranet ID
+2 5                     : X500                  : directory services (X.500)
+X500 4                  : X509
+X509 3                  : CN                    : commonName
+X509 4                  : S                     : surname
+X509 5                  : SN                    : serialNumber
+X509 6                  : C                     : countryName
+X509 7                  : L                     : localityName
+X509 8                  : ST                    : stateOrProvinceName
+X509 10                 : O                     : organizationName
+X509 11                 : OU                    : organizationalUnitName
+X509 12                 : T                     : title
+X509 13                 : D                     : description
+X509 41                 : name                  : name
+X509 42                 : G                     : givenName
+X509 43                 : I                     : initials
+X509 45                 : UID                   : uniqueIdentifier
+X509 46                 : dnQualifier           : dnQualifier
+X500 8                  : X500algorithms        : directory services - algorithms
+X500algorithms 1 1      : RSA                   : rsa
+X500algorithms 3 100    : RSA-MDC2              : mdc2WithRSA
+X500algorithms 3 101    : MDC2                  : mdc2
+X500 29                 : id-ce
+!Cname subject-key-identifier
+id-ce 14                : subjectKeyIdentifier  : X509v3 Subject Key Identifier
+!Cname key-usage
+id-ce 15                : keyUsage              : X509v3 Key Usage
+!Cname private-key-usage-period
+id-ce 16                : privateKeyUsagePeriod : X509v3 Private Key Usage Period
+!Cname subject-alt-name
+id-ce 17                : subjectAltName        : X509v3 Subject Alternative Name
+!Cname issuer-alt-name
+id-ce 18                : issuerAltName         : X509v3 Issuer Alternative Name
+!Cname basic-constraints
+id-ce 19                : basicConstraints      : X509v3 Basic Constraints
+!Cname crl-number
+id-ce 20                : crlNumber             : X509v3 CRL Number
+!Cname crl-reason
+id-ce 21                : CRLReason             : X509v3 CRL Reason Code
+!Cname invalidity-date
+id-ce 24                : invalidityDate        : Invalidity Date
+!Cname delta-crl
+id-ce 27                : deltaCRL              : X509v3 Delta CRL Indicator
+!Cname crl-distribution-points
+id-ce 31                : crlDistributionPoints : X509v3 CRL Distribution Points
+!Cname certificate-policies
+id-ce 32                : certificatePolicies   : X509v3 Certificate Policies
+!Cname authority-key-identifier
+id-ce 35                : authorityKeyIdentifier : X509v3 Authority Key Identifier
+!Cname ext-key-usage
+id-ce 37                : extendedKeyUsage      : X509v3 Extended Key Usage
+!Cname netscape
+2 16 840 1 113730       : Netscape              : Netscape Communications Corp.
+!Cname netscape-cert-extension
+netscape 1              : nsCertExt             : Netscape Certificate Extension
+!Cname netscape-data-type
+netscape 2              : nsDataType            : Netscape Data Type
+!Cname netscape-cert-type
+netscape-cert-extension 1 : nsCertType          : Netscape Cert Type
+!Cname netscape-base-url
+netscape-cert-extension 2 : nsBaseUrl           : Netscape Base Url
+!Cname netscape-revocation-url
+netscape-cert-extension 3 : nsRevocationUrl     : Netscape Revocation Url
+!Cname netscape-ca-revocation-url
+netscape-cert-extension 4 : nsCaRevocationUrl   : Netscape CA Revocation Url
+!Cname netscape-renewal-url
+netscape-cert-extension 7 : nsRenewalUrl        : Netscape Renewal Url
+!Cname netscape-ca-policy-url
+netscape-cert-extension 8 : nsCaPolicyUrl       : Netscape CA Policy Url
+!Cname netscape-ssl-server-name
+netscape-cert-extension 12 : nsSslServerName    : Netscape SSL Server Name
+!Cname netscape-comment
+netscape-cert-extension 13 : nsComment          : Netscape Comment
+!Cname netscape-cert-sequence
+netscape-data-type 5    : nsCertSequence        : Netscape Certificate Sequence
+!Cname ns-sgc
+netscape 4 1            : nsSGC                 : Netscape Server Gated Crypto
+# iso(1)
+iso 3                   : ORG                   : org
+org 6                   : DOD                   : dod
+dod 1                   : IANA                  : iana
+!Alias internet iana
+internet 1              : directory             : Directory
+internet 2              : mgmt                  : Management
+internet 3              : experimental          : Experimental
+internet 4              : private               : Private
+internet 5              : security              : Security
+internet 6              : snmpv2                : SNMPv2
+internet 7              : mail                  : Mail
+private 1               : enterprises           : Enterprises
+# RFC 2247
+enterprises 1466 344    : dcobject              : dcObject
+# Stray OIDs we don't know the full name of each step for
+# RFC 2247
+0 9 2342 19200300 100 1 25 : DC                 : domainComponent
+0 9 2342 19200300 100 4 13 : domain             : Domain
+# What the hell are these OIDs, really?
+!Cname rle-compression
+1 1 1 1 666 1           : RLE                   : run length compression
+!Cname zlib-compression
+1 1 1 1 666 2           : ZLIB                  : zlib compression
-algorithm 6             : desECB
-algorithm 7             : desCBC
-algorithm 8             : desOFB
-algorithm 9             : desCFB
-algorithm 17            : desEDE2

diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt index cb276e90e9..3d443cf884 100644 --- a/src/lib/libcrypto/objects/objects.txt +++ b/src/lib/libcrypto/objects/objects.txt
@@ -1,40 +1,593 @@
1	1 2 : ISO member bodies	1	1 : ISO : iso
2	1 2 840 : US (ANSI)	2
3	1 2 840 113549 : rsadsi : RSA Data Security, Inc.	3	iso 2 : member-body : ISO Member Body
4	1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS	4
5	1 2 840 113549 1 1 1 : rsaEncryption	5	member-body 840 : ISO-US : ISO US Member Body
6	1 2 840 113549 1 1 2 : md2withRSAEncryption	6	ISO-US 10040 : X9-57 : X9.57
7	1 2 840 113549 1 1 4 : md5withRSAEncryption	7	X9-57 4 : X9cm : X9.57 CM ?
8	1 2 840 113549 1 7 : pkcs-7	8
9	1 2 840 113549 1 7 1 : pkcs-7-data	9	!Cname dsa
10	1 2 840 113549 1 7 2 : pkcs-7-signedData	10	X9cm 1 : DSA : dsaEncryption
11	1 2 840 113549 1 7 3 : pkcs-7-envelopedData	11	X9cm 3 : DSA-SHA1 : dsaWithSHA1
12	1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData	12
13	1 2 840 113549 1 7 5 : pkcs-7-digestData	13	ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
14	1 2 840 113549 1 7 6 : pkcs-7-encryptedData	14	: CAST5-ECB : cast5-ecb
15	1 2 840 113549 2 2 : md2	15	!Cname cast5-cfb64
16	1 2 840 113549 2 4 : md4	16	: CAST5-CFB : cast5-cfb
17	1 2 840 113549 2 5 : md5	17	!Cname cast5-ofb64
18	1 2 840 113549 3 4 : rc4	18	: CAST5-OFB : cast5-ofb
19	1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC	19	!Cname pbeWithMD5AndCast5-CBC
20	1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC	20	ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
21	2 5 : X500 : directory services (X.500)	21
22	2 5 4 : X509	22	ISO-US 113549 : rsadsi : RSA Data Security, Inc.
23	2 5 4 3 : commonName	23
24	2 5 4 6 : countryName	24	rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
25	2 5 4 7 : localityName	25
26	2 5 4 8 : stateOrProvinceName	26	pkcs 1 : pkcs1
27	2 5 4 10 : organizationName	27	pkcs1 1 : : rsaEncryption
28	2 5 4 11 : organizationalUnitName	28	pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
29	2 5 8 : directory services - algorithms	29	pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
30	2 5 8 1 1 : rsa	30	pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
31		31
32	algorithm 18 : sha	32	pkcs 3 : pkcs3
33	encryptionAlgorithm 1 : rsa	33	pkcs3 1 : : dhKeyAgreement
		34
		35	pkcs 5 : pkcs5
		36	pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
		37	pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
		38	pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
		39	pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
		40	pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
		41	pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
		42	!Cname id_pbkdf2
		43	pkcs5 12 : : PBKDF2
		44	!Cname pbes2
		45	pkcs5 13 : : PBES2
		46	!Cname pbmac1
		47	pkcs5 14 : : PBMAC1
		48
		49	pkcs 7 : pkcs7
		50	pkcs7 1 : : pkcs7-data
		51	!Cname pkcs7-signed
		52	pkcs7 2 : : pkcs7-signedData
		53	!Cname pkcs7-enveloped
		54	pkcs7 3 : : pkcs7-envelopedData
		55	!Cname pkcs7-signedAndEnveloped
		56	pkcs7 4 : : pkcs7-signedAndEnvelopedData
		57	!Cname pkcs7-digest
		58	pkcs7 5 : : pkcs7-digestData
		59	!Cname pkcs7-encrypted
		60	pkcs7 6 : : pkcs7-encryptedData
		61
		62	pkcs 9 : pkcs9
		63	!module pkcs9
		64	pkcs9 1 : Email : emailAddress
		65	pkcs9 2 : : unstructuredName
		66	pkcs9 3 : : contentType
		67	pkcs9 4 : : messageDigest
		68	pkcs9 5 : : signingTime
		69	pkcs9 6 : : countersignature
		70	pkcs9 7 : : challengePassword
		71	pkcs9 8 : : unstructuredAddress
		72	!Cname extCertAttributes
		73	pkcs9 9 : : extendedCertificateAttributes
		74	!global
		75
		76	!Cname ext-req
		77	pkcs9 14 : extReq : Extension Request
		78
		79	!Cname SMIMECapabilities
		80	pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
		81
		82	# S/MIME
		83	!Cname SMIME
		84	pkcs9 16 : SMIME : S/MIME
		85	SMIME 0 : id-smime-mod
		86	SMIME 1 : id-smime-ct
		87	SMIME 2 : id-smime-aa
		88	SMIME 3 : id-smime-alg
		89	SMIME 4 : id-smime-cd
		90	SMIME 5 : id-smime-spq
		91	SMIME 6 : id-smime-cti
		92
		93	# S/MIME Modules
		94	id-smime-mod 1 : id-smime-mod-cms
		95	id-smime-mod 2 : id-smime-mod-ess
		96	id-smime-mod 3 : id-smime-mod-oid
		97	id-smime-mod 4 : id-smime-mod-msg-v3
		98	id-smime-mod 5 : id-smime-mod-ets-eSignature-88
		99	id-smime-mod 6 : id-smime-mod-ets-eSignature-97
		100	id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
		101	id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
		102
		103	# S/MIME Content Types
		104	id-smime-ct 1 : id-smime-ct-receipt
		105	id-smime-ct 2 : id-smime-ct-authData
		106	id-smime-ct 3 : id-smime-ct-publishCert
		107	id-smime-ct 4 : id-smime-ct-TSTInfo
		108	id-smime-ct 5 : id-smime-ct-TDTInfo
		109	id-smime-ct 6 : id-smime-ct-contentInfo
		110	id-smime-ct 7 : id-smime-ct-DVCSRequestData
		111	id-smime-ct 8 : id-smime-ct-DVCSResponseData
		112
		113	# S/MIME Attributes
		114	id-smime-aa 1 : id-smime-aa-receiptRequest
		115	id-smime-aa 2 : id-smime-aa-securityLabel
		116	id-smime-aa 3 : id-smime-aa-mlExpandHistory
		117	id-smime-aa 4 : id-smime-aa-contentHint
		118	id-smime-aa 5 : id-smime-aa-msgSigDigest
		119	# obsolete
		120	id-smime-aa 6 : id-smime-aa-encapContentType
		121	id-smime-aa 7 : id-smime-aa-contentIdentifier
		122	# obsolete
		123	id-smime-aa 8 : id-smime-aa-macValue
		124	id-smime-aa 9 : id-smime-aa-equivalentLabels
		125	id-smime-aa 10 : id-smime-aa-contentReference
		126	id-smime-aa 11 : id-smime-aa-encrypKeyPref
		127	id-smime-aa 12 : id-smime-aa-signingCertificate
		128	id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
		129	id-smime-aa 14 : id-smime-aa-timeStampToken
		130	id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
		131	id-smime-aa 16 : id-smime-aa-ets-commitmentType
		132	id-smime-aa 17 : id-smime-aa-ets-signerLocation
		133	id-smime-aa 18 : id-smime-aa-ets-signerAttr
		134	id-smime-aa 19 : id-smime-aa-ets-otherSigCert
		135	id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
		136	id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
		137	id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
		138	id-smime-aa 23 : id-smime-aa-ets-certValues
		139	id-smime-aa 24 : id-smime-aa-ets-revocationValues
		140	id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
		141	id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
		142	id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
		143	id-smime-aa 28 : id-smime-aa-signatureType
		144	id-smime-aa 29 : id-smime-aa-dvcs-dvc
		145
		146	# S/MIME Algorithm Identifiers
		147	# obsolete
		148	id-smime-alg 1 : id-smime-alg-ESDHwith3DES
		149	# obsolete
		150	id-smime-alg 2 : id-smime-alg-ESDHwithRC2
		151	# obsolete
		152	id-smime-alg 3 : id-smime-alg-3DESwrap
		153	# obsolete
		154	id-smime-alg 4 : id-smime-alg-RC2wrap
		155	id-smime-alg 5 : id-smime-alg-ESDH
		156	id-smime-alg 6 : id-smime-alg-CMS3DESwrap
		157	id-smime-alg 7 : id-smime-alg-CMSRC2wrap
		158
		159	# S/MIME Certificate Distribution
		160	id-smime-cd 1 : id-smime-cd-ldap
		161
		162	# S/MIME Signature Policy Qualifier
		163	id-smime-spq 1 : id-smime-spq-ets-sqt-uri
		164	id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
		165
		166	# S/MIME Commitment Type Identifier
		167	id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
		168	id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
		169	id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
		170	id-smime-cti 4 : id-smime-cti-ets-proofOfSender
		171	id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
		172	id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
		173
		174	pkcs9 20 : : friendlyName
		175	pkcs9 21 : : localKeyID
		176	!Alias certTypes pkcs9 22
		177	certTypes 1 : : x509Certificate
		178	certTypes 2 : : sdsiCertificate
		179	!Alias crlTypes pkcs9 23
		180	crlTypes 1 : : x509Crl
		181
		182	!Alias pkcs12 pkcs 12
		183	!Alias pkcs12-pbeids pkcs12 1
		184
		185	!Cname pbe-WithSHA1And128BitRC4
		186	pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
		187	!Cname pbe-WithSHA1And40BitRC4
		188	pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
		189	!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
		190	pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
		191	!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
		192	pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
		193	!Cname pbe-WithSHA1And128BitRC2-CBC
		194	pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
		195	!Cname pbe-WithSHA1And40BitRC2-CBC
		196	pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
		197
		198	!Alias pkcs12-Version1 pkcs12 10
		199	!Alias pkcs12-BagIds pkcs12-Version1 1
		200	pkcs12-BagIds 1 : : keyBag
		201	pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
		202	pkcs12-BagIds 3 : : certBag
		203	pkcs12-BagIds 4 : : crlBag
		204	pkcs12-BagIds 5 : : secretBag
		205	pkcs12-BagIds 6 : : safeContentsBag
		206
		207	rsadsi 2 2 : MD2 : md2
		208	rsadsi 2 4 : MD4 : md4
		209	rsadsi 2 5 : MD5 : md5
		210	: MD5-SHA1 : md5-sha1
		211	rsadsi 2 7 : : hmacWithSHA1
		212	rsadsi 3 2 : RC2-CBC : rc2-cbc
		213	: RC2-ECB : rc2-ecb
		214	!Cname rc2-cfb64
		215	: RC2-CFB : rc2-cfb
		216	!Cname rc2-ofb64
		217	: RC2-OFB : rc2-ofb
		218	: RC2-40-CBC : rc2-40-cbc
		219	: RC2-64-CBC : rc2-64-cbc
		220	rsadsi 3 4 : RC4 : rc4
		221	: RC4-40 : rc4-40
		222	rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
		223	rsadsi 3 8 : RC5-CBC : rc5-cbc
		224	: RC5-ECB : rc5-ecb
		225	!Cname rc5-cfb64
		226	: RC5-CFB : rc5-cfb
		227	!Cname rc5-ofb64
		228	: RC5-OFB : rc5-ofb
		229
		230	!Cname ms-ext-req
		231	1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
		232	!Cname ms-code-ind
		233	1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
		234	!Cname ms-code-com
		235	1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
		236	!Cname ms-ctl-sign
		237	1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
		238	!Cname ms-sgc
		239	1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
		240	!Cname ms-efs
		241	1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
		242
		243	1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
		244	: IDEA-ECB : idea-ecb
		245	!Cname idea-cfb64
		246	: IDEA-CFB : idea-cfb
		247	!Cname idea-ofb64
		248	: IDEA-OFB : idea-ofb
		249
		250	1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
		251	: BF-ECB : bf-ecb
		252	!Cname bf-cfb64
		253	: BF-CFB : bf-cfb
		254	!Cname bf-ofb64
		255	: BF-OFB : bf-ofb
		256
		257	!Cname id-pkix
		258	1 3 6 1 5 5 7 : PKIX
		259
		260	# PKIX Arcs
		261	id-pkix 0 : id-pkix-mod
		262	id-pkix 1 : id-pe
		263	id-pkix 2 : id-qt
		264	id-pkix 3 : id-kp
		265	id-pkix 4 : id-it
		266	id-pkix 5 : id-pkip
		267	id-pkix 6 : id-alg
		268	id-pkix 7 : id-cmc
		269	id-pkix 8 : id-on
		270	id-pkix 9 : id-pda
		271	id-pkix 10 : id-aca
		272	id-pkix 11 : id-qcs
		273	id-pkix 12 : id-cct
		274	id-pkix 48 : id-ad
		275
		276	# PKIX Modules
		277	id-pkix-mod 1 : id-pkix1-explicit-88
		278	id-pkix-mod 2 : id-pkix1-implicit-88
		279	id-pkix-mod 3 : id-pkix1-explicit-93
		280	id-pkix-mod 4 : id-pkix1-implicit-93
		281	id-pkix-mod 5 : id-mod-crmf
		282	id-pkix-mod 6 : id-mod-cmc
		283	id-pkix-mod 7 : id-mod-kea-profile-88
		284	id-pkix-mod 8 : id-mod-kea-profile-93
		285	id-pkix-mod 9 : id-mod-cmp
		286	id-pkix-mod 10 : id-mod-qualified-cert-88
		287	id-pkix-mod 11 : id-mod-qualified-cert-93
		288	id-pkix-mod 12 : id-mod-attribute-cert
		289	id-pkix-mod 13 : id-mod-timestamp-protocol
		290	id-pkix-mod 14 : id-mod-ocsp
		291	id-pkix-mod 15 : id-mod-dvcs
		292	id-pkix-mod 16 : id-mod-cmp2000
		293
		294	# PKIX Private Extensions
		295	!Cname info-access
		296	id-pe 1 : authorityInfoAccess : Authority Information Access
		297	id-pe 2 : biometricInfo : Biometric Info
		298	id-pe 3 : qcStatements
		299	id-pe 4 : ac-auditEntity
		300	id-pe 5 : ac-targeting
		301	id-pe 6 : aaControls
		302	id-pe 7 : sbqp-ipAddrBlock
		303	id-pe 8 : sbqp-autonomousSysNum
		304	id-pe 9 : sbqp-routerIdentifier
		305
		306	# PKIX policyQualifiers for Internet policy qualifiers
		307	id-qt 1 : id-qt-cps : Policy Qualifier CPS
		308	id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
		309	id-qt 3 : textNotice
		310
		311	# PKIX key purpose identifiers
		312	!Cname server-auth
		313	id-kp 1 : serverAuth : TLS Web Server Authentication
		314	!Cname client-auth
		315	id-kp 2 : clientAuth : TLS Web Client Authentication
		316	!Cname code-sign
		317	id-kp 3 : codeSigning : Code Signing
		318	!Cname email-protect
		319	id-kp 4 : emailProtection : E-mail Protection
		320	id-kp 5 : ipsecEndSystem : IPSec End System
		321	id-kp 6 : ipsecTunnel : IPSec Tunnel
		322	id-kp 7 : ipsecUser : IPSec User
		323	!Cname time-stamp
		324	id-kp 8 : timeStamping : Time Stamping
		325	# From OCSP spec RFC2560
		326	!Cname OCSP-sign
		327	id-kp 9 : OCSPSigning : OCSP Signing
		328	id-kp 10 : DVCS : dvcs
		329
		330	# CMP information types
		331	id-it 1 : id-it-caProtEncCert
		332	id-it 2 : id-it-signKeyPairTypes
		333	id-it 3 : id-it-encKeyPairTypes
		334	id-it 4 : id-it-preferredSymmAlg
		335	id-it 5 : id-it-caKeyUpdateInfo
		336	id-it 6 : id-it-currentCRL
		337	id-it 7 : id-it-unsupportedOIDs
		338	# obsolete
		339	id-it 8 : id-it-subscriptionRequest
		340	# obsolete
		341	id-it 9 : id-it-subscriptionResponse
		342	id-it 10 : id-it-keyPairParamReq
		343	id-it 11 : id-it-keyPairParamRep
		344	id-it 12 : id-it-revPassphrase
		345	id-it 13 : id-it-implicitConfirm
		346	id-it 14 : id-it-confirmWaitTime
		347	id-it 15 : id-it-origPKIMessage
		348
		349	# CRMF registration
		350	id-pkip 1 : id-regCtrl
		351	id-pkip 2 : id-regInfo
		352
		353	# CRMF registration controls
		354	id-regCtrl 1 : id-regCtrl-regToken
		355	id-regCtrl 2 : id-regCtrl-authenticator
		356	id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
		357	id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
		358	id-regCtrl 5 : id-regCtrl-oldCertID
		359	id-regCtrl 6 : id-regCtrl-protocolEncrKey
		360
		361	# CRMF registration information
		362	id-regInfo 1 : id-regInfo-utf8Pairs
		363	id-regInfo 2 : id-regInfo-certReq
		364
		365	# algorithms
		366	id-alg 1 : id-alg-des40
		367	id-alg 2 : id-alg-noSignature
		368	id-alg 3 : id-alg-dh-sig-hmac-sha1
		369	id-alg 4 : id-alg-dh-pop
		370
		371	# CMC controls
		372	id-cmc 1 : id-cmc-statusInfo
		373	id-cmc 2 : id-cmc-identification
		374	id-cmc 3 : id-cmc-identityProof
		375	id-cmc 4 : id-cmc-dataReturn
		376	id-cmc 5 : id-cmc-transactionId
		377	id-cmc 6 : id-cmc-senderNonce
		378	id-cmc 7 : id-cmc-recipientNonce
		379	id-cmc 8 : id-cmc-addExtensions
		380	id-cmc 9 : id-cmc-encryptedPOP
		381	id-cmc 10 : id-cmc-decryptedPOP
		382	id-cmc 11 : id-cmc-lraPOPWitness
		383	id-cmc 15 : id-cmc-getCert
		384	id-cmc 16 : id-cmc-getCRL
		385	id-cmc 17 : id-cmc-revokeRequest
		386	id-cmc 18 : id-cmc-regInfo
		387	id-cmc 19 : id-cmc-responseInfo
		388	id-cmc 21 : id-cmc-queryPending
		389	id-cmc 22 : id-cmc-popLinkRandom
		390	id-cmc 23 : id-cmc-popLinkWitness
		391	id-cmc 24 : id-cmc-confirmCertAcceptance
		392
		393	# other names
		394	id-on 1 : id-on-personalData
		395
		396	# personal data attributes
		397	id-pda 1 : id-pda-dateOfBirth
		398	id-pda 2 : id-pda-placeOfBirth
		399	id-pda 3 : id-pda-pseudonym
		400	id-pda 4 : id-pda-gender
		401	id-pda 5 : id-pda-countryOfCitizenship
		402	id-pda 6 : id-pda-countryOfResidence
		403
		404	# attribute certificate attributes
		405	id-aca 1 : id-aca-authenticationInfo
		406	id-aca 2 : id-aca-accessIdentity
		407	id-aca 3 : id-aca-chargingIdentity
		408	id-aca 4 : id-aca-group
		409	id-aca 5 : id-aca-role
		410
		411	# qualified certificate statements
		412	id-qcs 1 : id-qcs-pkixQCSyntax-v1
		413
		414	# CMC content types
		415	id-cct 1 : id-cct-crs
		416	id-cct 2 : id-cct-PKIData
		417	id-cct 3 : id-cct-PKIResponse
		418
		419	# access descriptors for authority info access extension
		420	!Cname ad-OCSP
		421	id-ad 1 : OCSP : OCSP
		422	!Cname ad-ca-issuers
		423	id-ad 2 : caIssuers : CA Issuers
		424	!Cname ad-timeStamping
		425	id-ad 3 : ad_timestamping : AD Time Stamping
		426	!Cname ad-dvcs
		427	id-ad 4 : AD_DVCS : ad dvcs
		428
		429
		430	!Alias id-pkix-OCSP ad-OCSP
		431	!module id-pkix-OCSP
		432	!Cname basic
		433	id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
		434	id-pkix-OCSP 2 : Nonce : OCSP Nonce
		435	id-pkix-OCSP 3 : CrlID : OCSP CRL ID
		436	id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
		437	id-pkix-OCSP 5 : noCheck
		438	id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
		439	id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
		440	id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
		441	id-pkix-OCSP 9 : valid
		442	id-pkix-OCSP 10 : path
		443	id-pkix-OCSP 11 : trustRoot : Trust Root
		444	!global
		445
		446	1 3 14 3 2 : algorithm : algorithm
		447	algorithm 3 : RSA-NP-MD5 : md5WithRSA
		448	algorithm 6 : DES-ECB : des-ecb
		449	algorithm 7 : DES-CBC : des-cbc
		450	!Cname des-ofb64
		451	algorithm 8 : DES-OFB : des-ofb
		452	!Cname des-cfb64
		453	algorithm 9 : DES-CFB : des-cfb
34	algorithm 11 : rsaSignature	454	algorithm 11 : rsaSignature
		455	!Cname dsa-2
		456	algorithm 12 : DSA-old : dsaEncryption-old
		457	algorithm 13 : DSA-SHA : dsaWithSHA
		458	algorithm 15 : RSA-SHA : shaWithRSAEncryption
		459	algorithm 17 : DES-EDE : des-ede
		460	: DES-EDE3 : des-ede3
		461	: DES-EDE-CBC : des-ede-cbc
		462	!Cname des-ede-cfb64
		463	: DES-EDE-CFB : des-ede-cfb
		464	!Cname des-ede3-cfb64
		465	: DES-EDE3-CFB : des-ede3-cfb
		466	!Cname des-ede-ofb64
		467	: DES-EDE-OFB : des-ede-ofb
		468	!Cname des-ede3-ofb64
		469	: DES-EDE3-OFB : des-ede3-ofb
		470	: DESX-CBC : desx-cbc
		471	algorithm 18 : SHA : sha
		472	algorithm 26 : SHA1 : sha1
		473	!Cname dsaWithSHA1-2
		474	algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
		475	algorithm 29 : RSA-SHA1-2 : sha1WithRSA
		476
		477	1 3 36 3 2 1 : RIPEMD160 : ripemd160
		478	1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
		479
		480	!Cname sxnet
		481	1 3 101 1 4 1 : SXNetID : Strong Extranet ID
		482
		483	2 5 : X500 : directory services (X.500)
		484
		485	X500 4 : X509
		486	X509 3 : CN : commonName
		487	X509 4 : S : surname
		488	X509 5 : SN : serialNumber
		489	X509 6 : C : countryName
		490	X509 7 : L : localityName
		491	X509 8 : ST : stateOrProvinceName
		492	X509 10 : O : organizationName
		493	X509 11 : OU : organizationalUnitName
		494	X509 12 : T : title
		495	X509 13 : D : description
		496	X509 41 : name : name
		497	X509 42 : G : givenName
		498	X509 43 : I : initials
		499	X509 45 : UID : uniqueIdentifier
		500	X509 46 : dnQualifier : dnQualifier
		501
		502	X500 8 : X500algorithms : directory services - algorithms
		503	X500algorithms 1 1 : RSA : rsa
		504	X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
		505	X500algorithms 3 101 : MDC2 : mdc2
		506
		507	X500 29 : id-ce
		508	!Cname subject-key-identifier
		509	id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
		510	!Cname key-usage
		511	id-ce 15 : keyUsage : X509v3 Key Usage
		512	!Cname private-key-usage-period
		513	id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
		514	!Cname subject-alt-name
		515	id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
		516	!Cname issuer-alt-name
		517	id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
		518	!Cname basic-constraints
		519	id-ce 19 : basicConstraints : X509v3 Basic Constraints
		520	!Cname crl-number
		521	id-ce 20 : crlNumber : X509v3 CRL Number
		522	!Cname crl-reason
		523	id-ce 21 : CRLReason : X509v3 CRL Reason Code
		524	!Cname invalidity-date
		525	id-ce 24 : invalidityDate : Invalidity Date
		526	!Cname delta-crl
		527	id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
		528	!Cname crl-distribution-points
		529	id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
		530	!Cname certificate-policies
		531	id-ce 32 : certificatePolicies : X509v3 Certificate Policies
		532	!Cname authority-key-identifier
		533	id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
		534	!Cname ext-key-usage
		535	id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
		536
		537	!Cname netscape
		538	2 16 840 1 113730 : Netscape : Netscape Communications Corp.
		539	!Cname netscape-cert-extension
		540	netscape 1 : nsCertExt : Netscape Certificate Extension
		541	!Cname netscape-data-type
		542	netscape 2 : nsDataType : Netscape Data Type
		543	!Cname netscape-cert-type
		544	netscape-cert-extension 1 : nsCertType : Netscape Cert Type
		545	!Cname netscape-base-url
		546	netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
		547	!Cname netscape-revocation-url
		548	netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
		549	!Cname netscape-ca-revocation-url
		550	netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
		551	!Cname netscape-renewal-url
		552	netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
		553	!Cname netscape-ca-policy-url
		554	netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
		555	!Cname netscape-ssl-server-name
		556	netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
		557	!Cname netscape-comment
		558	netscape-cert-extension 13 : nsComment : Netscape Comment
		559	!Cname netscape-cert-sequence
		560	netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
		561	!Cname ns-sgc
		562	netscape 4 1 : nsSGC : Netscape Server Gated Crypto
		563
		564	# iso(1)
		565	iso 3 : ORG : org
		566	org 6 : DOD : dod
		567	dod 1 : IANA : iana
		568	!Alias internet iana
		569
		570	internet 1 : directory : Directory
		571	internet 2 : mgmt : Management
		572	internet 3 : experimental : Experimental
		573	internet 4 : private : Private
		574	internet 5 : security : Security
		575	internet 6 : snmpv2 : SNMPv2
		576	internet 7 : mail : Mail
		577
		578	private 1 : enterprises : Enterprises
		579
		580	# RFC 2247
		581	enterprises 1466 344 : dcobject : dcObject
		582
		583	# Stray OIDs we don't know the full name of each step for
		584	# RFC 2247
		585	0 9 2342 19200300 100 1 25 : DC : domainComponent
		586	0 9 2342 19200300 100 4 13 : domain : Domain
		587
		588	# What the hell are these OIDs, really?
		589	!Cname rle-compression
		590	1 1 1 1 666 1 : RLE : run length compression
		591	!Cname zlib-compression
		592	1 1 1 1 666 2 : ZLIB : zlib compression
35		593
36	algorithm 6 : desECB
37	algorithm 7 : desCBC
38	algorithm 8 : desOFB
39	algorithm 9 : desCFB
40	algorithm 17 : desEDE2