+
+# Definitions for ARIA cipher
+
+!Alias aria 1 2 410 200046 1 1
+aria 1 : ARIA-128-ECB : aria-128-ecb
+aria 2 : ARIA-128-CBC : aria-128-cbc
+!Cname aria-128-cfb128
+aria 3 : ARIA-128-CFB : aria-128-cfb
+!Cname aria-128-ofb128
+aria 4 : ARIA-128-OFB : aria-128-ofb
+aria 5 : ARIA-128-CTR : aria-128-ctr
+
+aria 6 : ARIA-192-ECB : aria-192-ecb
+aria 7 : ARIA-192-CBC : aria-192-cbc
+!Cname aria-192-cfb128
+aria 8 : ARIA-192-CFB : aria-192-cfb
+!Cname aria-192-ofb128
+aria 9 : ARIA-192-OFB : aria-192-ofb
+aria 10 : ARIA-192-CTR : aria-192-ctr
+
+aria 11 : ARIA-256-ECB : aria-256-ecb
+aria 12 : ARIA-256-CBC : aria-256-cbc
+!Cname aria-256-cfb128
+aria 13 : ARIA-256-CFB : aria-256-cfb
+!Cname aria-256-ofb128
+aria 14 : ARIA-256-OFB : aria-256-ofb
+aria 15 : ARIA-256-CTR : aria-256-ctr
+
+# There are no OIDs for these ARIA modes...
+ : ARIA-128-CFB1 : aria-128-cfb1
+ : ARIA-192-CFB1 : aria-192-cfb1
+ : ARIA-256-CFB1 : aria-256-cfb1
+ : ARIA-128-CFB8 : aria-128-cfb8
+ : ARIA-192-CFB8 : aria-192-cfb8
+ : ARIA-256-CFB8 : aria-256-cfb8
+
+aria 37 : ARIA-128-CCM : aria-128-ccm
+aria 38 : ARIA-192-CCM : aria-192-ccm
+aria 39 : ARIA-256-CCM : aria-256-ccm
+aria 34 : ARIA-128-GCM : aria-128-gcm
+aria 35 : ARIA-192-GCM : aria-192-gcm
+aria 36 : ARIA-256-GCM : aria-256-gcm
+
+# Definitions for SEED cipher - ECB, CBC, OFB mode
+
+member-body 410 200004 : KISA : kisa
+kisa 1 3 : SEED-ECB : seed-ecb
+kisa 1 4 : SEED-CBC : seed-cbc
+!Cname seed-cfb128
+kisa 1 5 : SEED-CFB : seed-cfb
+!Cname seed-ofb128
+kisa 1 6 : SEED-OFB : seed-ofb
+
+# There is no OID that just denotes "HMAC" oddly enough...
+
+ : HMAC : hmac
+# Nor CMAC either
+ : CMAC : cmac
+
+# Synthetic composite ciphersuites
+ : RC4-HMAC-MD5 : rc4-hmac-md5
+ : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1
+ : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
+ : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
+ : AES-128-CBC-HMAC-SHA256 : aes-128-cbc-hmac-sha256
+ : AES-192-CBC-HMAC-SHA256 : aes-192-cbc-hmac-sha256
+ : AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256
+ : ChaCha20-Poly1305 : chacha20-poly1305
+ : ChaCha20 : chacha20
+
+ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH
+
+# RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt)
+# versionOne OBJECT IDENTIFIER ::= {
+# iso(1) identifified-organization(3) teletrust(36) algorithm(3)
+# signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8)
+# ellipticCurve(1) 1 }
+1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1
+1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1
+1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1
+1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1
+1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1
+1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1
+1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1
+1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1
+1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1
+1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1
+1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1
+1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
+1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
+1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1
+
+# ECDH schemes from RFC5753
+!Alias x9-63-scheme 1 3 133 16 840 63 0
+!Alias secg-scheme certicom-arc 1
+
+x9-63-scheme 2 : dhSinglePass-stdDH-sha1kdf-scheme
+secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
+secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
+secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
+secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
+
+x9-63-scheme 3 : dhSinglePass-cofactorDH-sha1kdf-scheme
+secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
+secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
+secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
+secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
+# NIDs for use with lookup tables.
+ : dh-std-kdf
+ : dh-cofactor-kdf
+
+# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
+1 3 6 1 4 1 11129 2 4 2 : ct_precert_scts : CT Precertificate SCTs
+1 3 6 1 4 1 11129 2 4 3 : ct_precert_poison : CT Precertificate Poison
+1 3 6 1 4 1 11129 2 4 4 : ct_precert_signer : CT Precertificate Signer
+1 3 6 1 4 1 11129 2 4 5 : ct_cert_scts : CT Certificate SCTs
+
+# CABForum EV SSL Certificate Guidelines
+# (see https://cabforum.org/extended-validation/)
+# OIDs for Subject Jurisdiction of Incorporation or Registration
+1 3 6 1 4 1 311 60 2 1 1 : jurisdictionL : jurisdictionLocalityName
+1 3 6 1 4 1 311 60 2 1 2 : jurisdictionST : jurisdictionStateOrProvinceName
+1 3 6 1 4 1 311 60 2 1 3 : jurisdictionC : jurisdictionCountryName
+
+# SCRYPT algorithm
+!Cname id-scrypt
+1 3 6 1 4 1 11591 4 11 : id-scrypt : scrypt
+
+# NID for TLS1 PRF
+ : TLS1-PRF : tls1-prf
+
+# NID for HKDF
+ : HKDF : hkdf
+
+# RFC 4556
+1 3 6 1 5 2 3 : id-pkinit
+id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth
+id-pkinit 5 : pkInitKDC : Signing KDC Response
+
+# New algorithms from draft-ietf-curdle-pkix-04
+1 3 101 110 : X25519
+1 3 101 111 : X448
+1 3 101 112 : ED25519
+1 3 101 113 : ED448
+
+
+# NIDs for cipher key exchange
+ : KxRSA : kx-rsa
+ : KxECDHE : kx-ecdhe
+ : KxDHE : kx-dhe
+ : KxECDHE-PSK : kx-ecdhe-psk
+ : KxDHE-PSK : kx-dhe-psk
+ : KxRSA_PSK : kx-rsa-psk
+ : KxPSK : kx-psk
+ : KxSRP : kx-srp
+ : KxGOST : kx-gost
+ : KxANY : kx-any
+
+# NIDs for cipher authentication
+ : AuthRSA : auth-rsa
+ : AuthECDSA : auth-ecdsa
+ : AuthPSK : auth-psk
+ : AuthDSS : auth-dss
+ : AuthGOST01 : auth-gost01
+ : AuthGOST12 : auth-gost12
+ : AuthSRP : auth-srp
+ : AuthNULL : auth-null
+ : AuthANY : auth-any
+# NID for Poly1305
+ : Poly1305 : poly1305
+# NID for SipHash
+ : SipHash : siphash