X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fobjects%2Fobjects.txt;h=1de8e79e5b0dfe220f7dfbe78cc98f7efea0e6dc;hp=97be8779068a6a36c86aa41ae2321332ffce2ff6;hb=1eff3485b63f84956b5f212aa4d853783bf6c8b5;hpb=cab6de03a2b721c89baffde254a4d3482f93c524

diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 97be877906..1de8e79e5b 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -166,6 +166,11 @@ pkcs1 3			: RSA-MD4		: md4WithRSAEncryption
 pkcs1 4			: RSA-MD5		: md5WithRSAEncryption
 pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption
 # According to PKCS #1 version 2.1
+pkcs1 7			: RSAES-OAEP		: rsaesOaep
+pkcs1 8			: MGF1			: mgf1
+pkcs1 9			: PSPECIFIED		: pSpecified
+pkcs1 10		: RSASSA-PSS		: rsassaPss
+
 pkcs1 11		: RSA-SHA256		: sha256WithRSAEncryption
 pkcs1 12		: RSA-SHA384		: sha384WithRSAEncryption
 pkcs1 13		: RSA-SHA512		: sha512WithRSAEncryption
@@ -467,6 +472,7 @@ id-pe 10		: ac-proxying
 !Cname sinfo-access
 id-pe 11		: subjectInfoAccess	: Subject Information Access
 id-pe 14		: proxyCertInfo		: Proxy Certificate Information
+id-pe 24		: tlsfeature		: TLS Feature
 
 # PKIX policyQualifiers for Internet policy qualifiers
 id-qt 1			: id-qt-cps		: Policy Qualifier CPS
@@ -743,7 +749,7 @@ id-ce 24		: invalidityDate	: Invalidity Date
 !Cname delta-crl
 id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
 !Cname issuing-distribution-point
-id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distrubution Point
+id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distribution Point
 !Cname certificate-issuer
 id-ce 29		: certificateIssuer	: X509v3 Certificate Issuer
 !Cname name-constraints
@@ -771,6 +777,10 @@ id-ce 55		: targetInformation	: X509v3 AC Targeting
 !Cname no-rev-avail
 id-ce 56		: noRevAvail		: X509v3 No Revocation Available
 
+# From RFC5280
+ext-key-usage 0		: anyExtendedKeyUsage	: Any Extended Key Usage
+
+
 !Cname netscape
 2 16 840 1 113730	: Netscape		: Netscape Communications Corp.
 !Cname netscape-cert-extension
@@ -829,9 +839,7 @@ mime-mhs 2		: mime-mhs-bodies	: mime-mhs-bodies
 mime-mhs-headings 1	: id-hex-partial-message : id-hex-partial-message
 mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
 
-# What the hell are these OIDs, really?
-!Cname rle-compression
-1 1 1 1 666 1		: RLE			: run length compression
+# RFC 3274
 !Cname zlib-compression
 id-smime-alg 8		: ZLIB			: zlib compression
 
@@ -847,6 +855,10 @@ aes 2			: AES-128-CBC		: aes-128-cbc
 aes 3			: AES-128-OFB		: aes-128-ofb
 !Cname aes-128-cfb128
 aes 4			: AES-128-CFB		: aes-128-cfb
+aes 5			: id-aes128-wrap
+aes 6			: id-aes128-GCM		: aes-128-gcm
+aes 7			: id-aes128-CCM		: aes-128-ccm
+aes 8			: id-aes128-wrap-pad
 
 aes 21			: AES-192-ECB		: aes-192-ecb
 aes 22			: AES-192-CBC		: aes-192-cbc
@@ -854,6 +866,10 @@ aes 22			: AES-192-CBC		: aes-192-cbc
 aes 23			: AES-192-OFB		: aes-192-ofb
 !Cname aes-192-cfb128
 aes 24			: AES-192-CFB		: aes-192-cfb
+aes 25			: id-aes192-wrap
+aes 26			: id-aes192-GCM		: aes-192-gcm
+aes 27			: id-aes192-CCM		: aes-192-ccm
+aes 28			: id-aes192-wrap-pad
 
 aes 41			: AES-256-ECB		: aes-256-ecb
 aes 42			: AES-256-CBC		: aes-256-cbc
@@ -861,6 +877,10 @@ aes 42			: AES-256-CBC		: aes-256-cbc
 aes 43			: AES-256-OFB		: aes-256-ofb
 !Cname aes-256-cfb128
 aes 44			: AES-256-CFB		: aes-256-cfb
+aes 45			: id-aes256-wrap
+aes 46			: id-aes256-GCM		: aes-256-gcm
+aes 47			: id-aes256-CCM		: aes-256-ccm
+aes 48			: id-aes256-wrap-pad
 
 # There are no OIDs for these modes...
 
@@ -870,15 +890,19 @@ aes 44			: AES-256-CFB		: aes-256-cfb
 			: AES-128-CFB8		: aes-128-cfb8
 			: AES-192-CFB8		: aes-192-cfb8
 			: AES-256-CFB8		: aes-256-cfb8
+			: AES-128-CTR		: aes-128-ctr
+			: AES-192-CTR		: aes-192-ctr
+			: AES-256-CTR		: aes-256-ctr
+			: AES-128-OCB		: aes-128-ocb
+			: AES-192-OCB		: aes-192-ocb
+			: AES-256-OCB		: aes-256-ocb
+			: AES-128-XTS		: aes-128-xts
+			: AES-256-XTS		: aes-256-xts
 			: DES-CFB1		: des-cfb1
 			: DES-CFB8		: des-cfb8
 			: DES-EDE3-CFB1		: des-ede3-cfb1
 			: DES-EDE3-CFB8		: des-ede3-cfb8
 
-aes 5			: id-aes128-wrap 
-aes 25			: id-aes192-wrap 
-aes 45			: id-aes256-wrap 
-
 # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
 !Alias nist_hashalgs nistAlgorithms 2
 nist_hashalgs 1		: SHA256		: sha256
@@ -963,8 +987,7 @@ pilotAttributeType 40	:			: personalTitle
 pilotAttributeType 41	:			: mobileTelephoneNumber
 pilotAttributeType 42	:			: pagerTelephoneNumber
 pilotAttributeType 43	:			: friendlyCountryName
-# The following clashes with 2.5.4.45, so commented away
-#pilotAttributeType 44	: uid			: uniqueIdentifier
+pilotAttributeType 44	: uid			: uniqueIdentifier
 pilotAttributeType 45	:			: organizationalStatus
 pilotAttributeType 46	:			: janetMailbox
 pilotAttributeType 47	:			: mailPreferenceOption
@@ -1134,6 +1157,7 @@ iso 0 10118 3 0 55	: whirlpool
 
 member-body 643 2 2	: cryptopro
 member-body 643 2 9	: cryptocom
+member-body 643 7 1	: id-tc26
 
 cryptopro 3		: id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
 cryptopro 4		: id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
@@ -1147,8 +1171,13 @@ cryptopro 20		: gost94	: GOST R 34.10-94
 !Cname id-Gost28147-89
 cryptopro 21		: gost89 		: GOST 28147-89
 			: gost89-cnt
+			: gost89-cnt-12
+			: gost89-cbc
+			: gost89-ecb
+			: gost89-ctr
 !Cname id-Gost28147-89-MAC
 cryptopro 22		: gost-mac	: GOST 28147-89 MAC
+			: gost-mac-12
 !Cname id-GostR3411-94-prf
 cryptopro 23		: prf-gostr3411-94	: GOST R 34.11-94 PRF
 cryptopro 98		: id-GostR3410-2001DH	: GOST R 34.10-2001 DH
@@ -1207,11 +1236,70 @@ cryptocom 1 3 4		: id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with
 
 cryptocom 1 8 1		: id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
 
+# TC26 GOST OIDs
+
+id-tc26 1 		: id-tc26-algorithms
+id-tc26-algorithms 1	: id-tc26-sign
+!Cname id-GostR3410-2012-256
+id-tc26-sign 1		: gost2012_256: GOST R 34.10-2012 with 256 bit modulus
+!Cname id-GostR3410-2012-512
+id-tc26-sign 2		: gost2012_512: GOST R 34.10-2012 with 512 bit modulus
+
+id-tc26-algorithms 2	: id-tc26-digest
+!Cname id-GostR3411-2012-256
+id-tc26-digest 2	: md_gost12_256: GOST R 34.11-2012 with 256 bit hash
+!Cname id-GostR3411-2012-512
+id-tc26-digest 3	: md_gost12_512: GOST R 34.11-2012 with 512 bit hash
+
+id-tc26-algorithms 3	: id-tc26-signwithdigest
+id-tc26-signwithdigest 2: id-tc26-signwithdigest-gost3410-2012-256: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
+id-tc26-signwithdigest 3: id-tc26-signwithdigest-gost3410-2012-512: GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)
+
+id-tc26-algorithms 4	: id-tc26-mac
+id-tc26-mac 1		: id-tc26-hmac-gost-3411-2012-256 : HMAC GOST 34.11-2012 256 bit
+id-tc26-mac 2		: id-tc26-hmac-gost-3411-2012-512 : HMAC GOST 34.11-2012 512 bit
+
+id-tc26-algorithms 5	: id-tc26-cipher
+
+id-tc26-algorithms 6	: id-tc26-agreement
+id-tc26-agreement 1	: id-tc26-agreement-gost-3410-2012-256
+id-tc26-agreement 2	: id-tc26-agreement-gost-3410-2012-512
+
+id-tc26 2 		: id-tc26-constants
+
+id-tc26-constants 1	: id-tc26-sign-constants
+id-tc26-sign-constants 2: id-tc26-gost-3410-2012-512-constants
+id-tc26-gost-3410-2012-512-constants 0	: id-tc26-gost-3410-2012-512-paramSetTest: GOST R 34.10-2012 (512 bit) testing parameter set
+id-tc26-gost-3410-2012-512-constants 1	: id-tc26-gost-3410-2012-512-paramSetA: GOST R 34.10-2012 (512 bit) ParamSet A
+id-tc26-gost-3410-2012-512-constants 2	: id-tc26-gost-3410-2012-512-paramSetB: GOST R 34.10-2012 (512 bit) ParamSet B
+
+id-tc26-constants 2     : id-tc26-digest-constants
+id-tc26-constants 5     : id-tc26-cipher-constants
+id-tc26-cipher-constants 1	: id-tc26-gost-28147-constants
+id-tc26-gost-28147-constants 1	: id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 parameter set
+
+member-body 643 3 131 1 1	: INN	: INN
+member-body 643 100 1		: OGRN	: OGRN
+member-body 643 100 3		: SNILS	: SNILS
+member-body 643 100 111	: subjectSignTool	: Signing Tool of Subject
+member-body 643 100 112	: issuerSignTool	: Signing Tool of Issuer
+
+#GOST R34.13-2015 Grasshopper "Kuznechik"
+			: grasshopper-ecb
+			: grasshopper-ctr
+			: grasshopper-ofb
+			: grasshopper-cbc
+			: grasshopper-cfb
+			: grasshopper-mac
+
 # Definitions for Camellia cipher - CBC MODE
 
 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC		: camellia-128-cbc
 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC		: camellia-192-cbc
 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC		: camellia-256-cbc
+1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
+1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
+1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
 
 # Definitions for Camellia cipher - ECB, CFB, OFB MODE
 
@@ -1223,18 +1311,30 @@ camellia 1		: CAMELLIA-128-ECB		: camellia-128-ecb
 camellia 3		: CAMELLIA-128-OFB		: camellia-128-ofb
 !Cname camellia-128-cfb128
 camellia 4		: CAMELLIA-128-CFB		: camellia-128-cfb
+camellia 6		: CAMELLIA-128-GCM		: camellia-128-gcm
+camellia 7		: CAMELLIA-128-CCM		: camellia-128-ccm
+camellia 9		: CAMELLIA-128-CTR		: camellia-128-ctr
+camellia 10		: CAMELLIA-128-CMAC		: camellia-128-cmac
 
 camellia 21		: CAMELLIA-192-ECB		: camellia-192-ecb
 !Cname camellia-192-ofb128
 camellia 23		: CAMELLIA-192-OFB		: camellia-192-ofb
 !Cname camellia-192-cfb128
 camellia 24		: CAMELLIA-192-CFB		: camellia-192-cfb
+camellia 26		: CAMELLIA-192-GCM		: camellia-192-gcm
+camellia 27		: CAMELLIA-192-CCM		: camellia-192-ccm
+camellia 29		: CAMELLIA-192-CTR		: camellia-192-ctr
+camellia 30		: CAMELLIA-192-CMAC		: camellia-192-cmac
 
 camellia 41		: CAMELLIA-256-ECB		: camellia-256-ecb
 !Cname camellia-256-ofb128
 camellia 43		: CAMELLIA-256-OFB		: camellia-256-ofb
 !Cname camellia-256-cfb128
 camellia 44		: CAMELLIA-256-CFB		: camellia-256-cfb
+camellia 46		: CAMELLIA-256-GCM		: camellia-256-gcm
+camellia 47		: CAMELLIA-256-CCM		: camellia-256-ccm
+camellia 49		: CAMELLIA-256-CTR		: camellia-256-ctr
+camellia 50		: CAMELLIA-256-CMAC		: camellia-256-cmac
 
 # There are no OIDs for these modes...
 
@@ -1258,3 +1358,76 @@ kisa 1 6                : SEED-OFB      : seed-ofb
 # There is no OID that just denotes "HMAC" oddly enough...
 
 			: HMAC				: hmac
+# Nor CMAC either
+			: CMAC				: cmac
+
+# Synthetic composite ciphersuites
+			: RC4-HMAC-MD5			: rc4-hmac-md5
+			: AES-128-CBC-HMAC-SHA1		: aes-128-cbc-hmac-sha1
+			: AES-192-CBC-HMAC-SHA1		: aes-192-cbc-hmac-sha1
+			: AES-256-CBC-HMAC-SHA1		: aes-256-cbc-hmac-sha1
+			: AES-128-CBC-HMAC-SHA256	: aes-128-cbc-hmac-sha256
+			: AES-192-CBC-HMAC-SHA256	: aes-192-cbc-hmac-sha256
+			: AES-256-CBC-HMAC-SHA256	: aes-256-cbc-hmac-sha256
+			: ChaCha20-Poly1305		: chacha20-poly1305
+			: ChaCha20			: chacha20
+
+ISO-US 10046 2 1	: dhpublicnumber		: X9.42 DH
+
+# RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt)
+# versionOne OBJECT IDENTIFIER ::= {
+# iso(1) identifified-organization(3) teletrust(36) algorithm(3)
+# signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8)
+# ellipticCurve(1) 1 }
+1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1
+1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1
+1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1
+1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1
+1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1
+1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1
+1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1
+1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1
+1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1
+1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1
+1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1
+1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
+1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
+1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1            
+
+# ECDH schemes from RFC5753
+!Alias x9-63-scheme 1 3 133 16 840 63 0
+!Alias secg-scheme certicom-arc 1
+
+x9-63-scheme 2   : dhSinglePass-stdDH-sha1kdf-scheme
+secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
+secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
+secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
+secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
+
+x9-63-scheme 3   : dhSinglePass-cofactorDH-sha1kdf-scheme
+secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
+secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
+secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
+secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
+# NIDs for use with lookup tables.
+                 : dh-std-kdf
+                 : dh-cofactor-kdf
+
+# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
+1 3 6 1 4 1 11129 2 4 2	: ct_precert_scts		: CT Precertificate SCTs
+1 3 6 1 4 1 11129 2 4 3	: ct_precert_poison		: CT Precertificate Poison
+1 3 6 1 4 1 11129 2 4 4	: ct_precert_signer		: CT Precertificate Signer
+1 3 6 1 4 1 11129 2 4 5	: ct_cert_scts			: CT Certificate SCTs
+
+# CABForum EV SSL Certificate Guidelines
+# (see https://cabforum.org/extended-validation/)
+# OIDs for Subject Jurisdiction of Incorporation or Registration
+1 3 6 1 4 1 311 60 2 1 1	: jurisdictionL		: jurisdictionLocalityName
+1 3 6 1 4 1 311 60 2 1 2	: jurisdictionST	: jurisdictionStateOrProvinceName
+1 3 6 1 4 1 311 60 2 1 3	: jurisdictionC		: jurisdictionCountryName
+
+# SCRYPT algorithm
+1 3 6 1 4 1 11591 4 11		: id-scrypt
+
+# NID for TLS1 PRF
+                            : TLS1-PRF          : tls1-prf