-0 : CCITT : ccitt
+# CCITT was renamed to ITU-T quite some time ago
+0 : ITU-T : itu-t
+!Alias ccitt itu-t
1 : ISO : iso
-2 : JOINT-ISO-CCITT : joint-iso-ccitt
+2 : JOINT-ISO-ITU-T : joint-iso-itu-t
+!Alias joint-iso-ccitt joint-iso-itu-t
iso 2 : member-body : ISO Member Body
identified-organization 132 : certicom-arc
-joint-iso-ccitt 23 43 : wap
+joint-iso-itu-t 23 : international-organizations : International Organizations
+
+international-organizations 43 : wap
wap 13 : wap-wsg
-joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types
+joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types
selected-attribute-types 55 : clearance
!Alias id-ecSigType ansi-X9-62 4
!global
X9-62_id-ecSigType 1 : ecdsa-with-SHA1
+X9-62_id-ecSigType 2 : ecdsa-with-Recommended
+X9-62_id-ecSigType 3 : ecdsa-with-Specified
+ecdsa-with-Specified 1 : ecdsa-with-SHA224
+ecdsa-with-Specified 2 : ecdsa-with-SHA256
+ecdsa-with-Specified 3 : ecdsa-with-SHA384
+ecdsa-with-Specified 4 : ecdsa-with-SHA512
# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
# (http://www.secg.org/)
secg-ellipticCurve 8 : secp160r1
secg-ellipticCurve 30 : secp160r2
secg-ellipticCurve 31 : secp192k1
+# NOTE: the curve secp192r1 is the same as prime192v1 defined above
+# and is therefore omitted
secg-ellipticCurve 32 : secp224k1
secg-ellipticCurve 33 : secp224r1
secg-ellipticCurve 10 : secp256k1
+# NOTE: the curve secp256r1 is the same as prime256v1 defined above
+# and is therefore omitted
secg-ellipticCurve 34 : secp384r1
secg-ellipticCurve 35 : secp521r1
# SECG characteristic two curves OIDs
pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
+# According to PKCS #1 version 2.1
+pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
+pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
+pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
+pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
pkcs 3 : pkcs3
pkcs3 1 : : dhKeyAgreement
rsadsi 2 4 : MD4 : md4
rsadsi 2 5 : MD5 : md5
: MD5-SHA1 : md5-sha1
+rsadsi 2 6 : : hmacWithMD5
rsadsi 2 7 : : hmacWithSHA1
+
+# From RFC4231
+rsadsi 2 8 : : hmacWithSHA224
+rsadsi 2 9 : : hmacWithSHA256
+rsadsi 2 10 : : hmacWithSHA384
+rsadsi 2 11 : : hmacWithSHA512
+
rsadsi 3 2 : RC2-CBC : rc2-cbc
: RC2-ECB : rc2-ecb
!Cname rc2-cfb64
1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
!Cname ms-efs
1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
+!Cname ms-smartcard-login
+1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin
+!Cname ms-upn
+1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name
1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
: IDEA-ECB : idea-ecb
id-pkix 10 : id-aca
id-pkix 11 : id-qcs
id-pkix 12 : id-cct
+id-pkix 21 : id-ppl
id-pkix 48 : id-ad
# PKIX Modules
id-pe 4 : ac-auditEntity
id-pe 5 : ac-targeting
id-pe 6 : aaControls
-id-pe 7 : sbqp-ipAddrBlock
-id-pe 8 : sbqp-autonomousSysNum
-id-pe 9 : sbqp-routerIdentifier
+id-pe 7 : sbgp-ipAddrBlock
+id-pe 8 : sbgp-autonomousSysNum
+id-pe 9 : sbgp-routerIdentifier
id-pe 10 : ac-proxying
!Cname sinfo-access
id-pe 11 : subjectInfoAccess : Subject Information Access
+id-pe 14 : proxyCertInfo : Proxy Certificate Information
# PKIX policyQualifiers for Internet policy qualifiers
id-qt 1 : id-qt-cps : Policy Qualifier CPS
id-cct 2 : id-cct-PKIData
id-cct 3 : id-cct-PKIResponse
+# Predefined Proxy Certificate policy languages
+id-ppl 0 : id-ppl-anyLanguage : Any language
+id-ppl 1 : id-ppl-inheritAll : Inherit all
+id-ppl 2 : id-ppl-independent : Independent
+
# access descriptors for authority info access extension
!Cname ad-OCSP
id-ad 1 : OCSP : OCSP
X509 6 : C : countryName
X509 7 : L : localityName
X509 8 : ST : stateOrProvinceName
+X509 9 : : streetAddress
X509 10 : O : organizationName
X509 11 : OU : organizationalUnitName
X509 12 : : title
X509 13 : : description
+X509 17 : : postalCode
X509 41 : name : name
-X509 42 : gn : givenName
+X509 42 : GN : givenName
X509 43 : : initials
X509 44 : : generationQualifier
X509 45 : : x500UniqueIdentifier
X500algorithms 3 101 : MDC2 : mdc2
X500 29 : id-ce
+!Cname subject-directory-attributes
+id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes
!Cname subject-key-identifier
id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
!Cname key-usage
id-ce 24 : invalidityDate : Invalidity Date
!Cname delta-crl
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
+!Cname issuing-distribution-point
+id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point
+!Cname certificate-issuer
+id-ce 29 : certificateIssuer : X509v3 Certificate Issuer
+!Cname name-constraints
+id-ce 30 : nameConstraints : X509v3 Name Constraints
!Cname crl-distribution-points
id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
!Cname certificate-policies
id-ce 32 : certificatePolicies : X509v3 Certificate Policies
+!Cname any-policy
+certificate-policies 0 : anyPolicy : X509v3 Any Policy
+!Cname policy-mappings
+id-ce 33 : policyMappings : X509v3 Policy Mappings
!Cname authority-key-identifier
id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
!Cname policy-constraints
id-ce 36 : policyConstraints : X509v3 Policy Constraints
!Cname ext-key-usage
id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
+!Cname inhibit-any-policy
+id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy
!Cname target-information
id-ce 55 : targetInformation : X509v3 AC Targeting
!Cname no-rev-avail
!Cname aes-256-cfb128
aes 44 : AES-256-CFB : aes-256-cfb
+# There are no OIDs for these modes...
+
+ : AES-128-CFB1 : aes-128-cfb1
+ : AES-192-CFB1 : aes-192-cfb1
+ : AES-256-CFB1 : aes-256-cfb1
+ : AES-128-CFB8 : aes-128-cfb8
+ : AES-192-CFB8 : aes-192-cfb8
+ : AES-256-CFB8 : aes-256-cfb8
+ : DES-CFB1 : des-cfb1
+ : DES-CFB8 : des-cfb8
+ : DES-EDE3-CFB1 : des-ede3-cfb1
+ : DES-EDE3-CFB8 : des-ede3-cfb8
+
+# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
+!Alias nist_hashalgs nistAlgorithms 2
+nist_hashalgs 1 : SHA256 : sha256
+nist_hashalgs 2 : SHA384 : sha384
+nist_hashalgs 3 : SHA512 : sha512
+nist_hashalgs 4 : SHA224 : sha224
+
# Hold instruction CRL entry extension
!Cname hold-instruction-code
id-ce 23 : holdInstructionCode : Hold Instruction Code
!Cname hold-instruction-reject
holdInstruction 3 : holdInstructionReject : Hold Instruction Reject
-# OID's from CCITT. Most of this is defined in RFC 1274. A couple of
+# OID's from ITU-T. Most of this is defined in RFC 1274. A couple of
# them are also mentioned in RFC 2247
-ccitt 9 : data
+itu-t 9 : data
data 2342 : pss
pss 19200300 : ucl
ucl 100 : pilot
pilotAttributeType 55 : audio
pilotAttributeType 56 : : documentPublisher
-2 23 42 : id-set : Secure Electronic Transactions
+international-organizations 42 : id-set : Secure Electronic Transactions
id-set 0 : set-ctype : content types
id-set 1 : set-msgExt : message extensions
rsadsi 3 10 : DES-CDMF : des-cdmf
rsadsi 1 1 6 : rsaOAEPEncryptionSET
+
+ : Oakley-EC2N-3 : ipsec3
+ : Oakley-EC2N-4 : ipsec4
+
+iso 0 10118 3 0 55 : whirlpool
+
+# GOST OIDs
+
+member-body 643 2 2 : cryptopro
+member-body 643 2 9 : cryptocom
+
+cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
+cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
+!Cname id-GostR3411-94
+cryptopro 9 : md_gost94 : GOST R 34.11-94
+cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94
+!Cname id-GostR3410-2001
+cryptopro 19 : gost2001 : GOST R 34.10-2001
+!Cname id-GostR3410-94
+cryptopro 20 : gost94 : GOST R 34.10-94
+!Cname id-Gost28147-89
+cryptopro 21 : gost89 : GOST 28147-89
+cryptopro 22 : id-Gost28147-89-MAC : GOST 28147-89 MAC
+!Cname id-GostR3411-94-prf
+cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF
+cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH
+cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH
+
+cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing
+cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing
+
+# GOST parameter set OIDs
+
+cryptopro 30 0 : id-GostR3411-94-TestParamSet
+cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet
+
+cryptopro 31 0 : id-Gost28147-89-TestParamSet
+cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet
+cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet
+cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet
+cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet
+cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
+cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
+cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet
+
+cryptopro 32 0 : id-GostR3410-94-TestParamSet
+cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet
+cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet
+cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet
+cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet
+
+cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet
+cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet
+cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet
+
+cryptopro 35 0 : id-GostR3410-2001-TestParamSet
+cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet
+cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet
+cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet
+
+cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet
+cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet
+
+id-GostR3410-94 1 : id-GostR3410-94-a
+id-GostR3410-94 2 : id-GostR3410-94-aBis
+id-GostR3410-94 3 : id-GostR3410-94-b
+id-GostR3410-94 4 : id-GostR3410-94-bBis
+
+# Cryptocom LTD GOST OIDs
+
+cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet
+!Cname id-GostR3410-94-cc
+cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom
+!Cname id-GostR3410-2001-cc
+cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom
+
+cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
+cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
+
+cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
+
+# Definitions for Camellia cipher - CBC MODE
+
+1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc
+1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc
+1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc
+
+# Definitions for Camellia cipher - ECB, CFB, OFB MODE
+
+!Alias ntt-ds 0 3 4401 5
+!Alias camellia ntt-ds 3 1 9
+
+camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb
+!Cname camellia-128-ofb128
+camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb
+!Cname camellia-128-cfb128
+camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb
+
+camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb
+!Cname camellia-192-ofb128
+camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb
+!Cname camellia-192-cfb128
+camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb
+
+camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb
+!Cname camellia-256-ofb128
+camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb
+!Cname camellia-256-cfb128
+camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb
+
+# There are no OIDs for these modes...
+
+ : CAMELLIA-128-CFB1 : camellia-128-cfb1
+ : CAMELLIA-192-CFB1 : camellia-192-cfb1
+ : CAMELLIA-256-CFB1 : camellia-256-cfb1
+ : CAMELLIA-128-CFB8 : camellia-128-cfb8
+ : CAMELLIA-192-CFB8 : camellia-192-cfb8
+ : CAMELLIA-256-CFB8 : camellia-256-cfb8
projects / openssl.git / blobdiff