generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

I got sick and tired of having to keep track of NIDs when such a thing

Browse Source 
could be done automagically, much like the numbering in libeay.num and
ssleay.num.  The solution works as follows:

  - New object identifiers are inserted in objects.txt, following the
    syntax given in objects.README.
  - objects.pl is used to process obj_mac.num and create a new
    obj_mac.h.
  - obj_dat.pl is used to create a new obj_dat.h, using the data in
    obj_mac.h.

This is currently kind of a hack, and the perl code in objects.pl
isn't very elegant, but it works as I intended.  The simplest way to
check that it worked correctly is to look in obj_dat.h and check the
array nid_objs and make sure the objects haven't moved around (this is
important!).  Additions are OK, as well as consistent name changes.
This commit is contained in:
Richard Levitte
2000-07-05 02:45:36 +00:00
parent 8f0d68fa27
commit c2bbf9cf6c
25 changed files with 5845 additions and 1857 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
crypto/objects/Makefile.ssl
View File

@@ -27,7 +27,7 @@ LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o
SRC= $(LIBSRC)
EXHEADER= objects.h
EXHEADER= objects.h obj_mac.h
HEADER= $(EXHEADER) obj_dat.h
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -80,28 +80,29 @@ clean:
o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
o_names.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
o_names.o: ../../include/openssl/lhash.h ../../include/openssl/objects.h
o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
o_names.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
o_names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
o_names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
o_names.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
o_names.o: ../../include/openssl/stack.h
obj_dat.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
obj_dat.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
obj_dat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/objects.h
obj_dat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
obj_dat.o: ../cryptlib.h obj_dat.h
obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
obj_dat.o: ../../include/openssl/stack.h ../cryptlib.h obj_dat.h
obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
obj_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
obj_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
obj_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
obj_err.o: ../../include/openssl/stack.h
obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
obj_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
obj_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
obj_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
obj_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/objects.h
obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
obj_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
obj_lib.o: ../cryptlib.h
obj_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
obj_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
obj_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
obj_lib.o: ../../include/openssl/stack.h ../cryptlib.h

1050
crypto/objects/obj_dat.h
View File

File diff suppressed because it is too large Load Diff

1726
crypto/objects/obj_mac.h Normal file
View File

File diff suppressed because it is too large Load Diff

378
crypto/objects/obj_mac.num Normal file
View File

@@ -0,0 +1,378 @@
undef 0
rsadsi 1
pkcs 2
md2 3
md5 4
rc4 5
rsaEncryption 6
md2WithRSAEncryption 7
md5WithRSAEncryption 8
pbeWithMD2AndDES_CBC 9
pbeWithMD5AndDES_CBC 10
X500 11
X509 12
commonName 13
countryName 14
localityName 15
stateOrProvinceName 16
organizationName 17
organizationalUnitName 18
rsa 19
pkcs7 20
pkcs7_data 21
pkcs7_signed 22
pkcs7_enveloped 23
pkcs7_signedAndEnveloped 24
pkcs7_digest 25
pkcs7_encrypted 26
pkcs3 27
dhKeyAgreement 28
des_ecb 29
des_cfb64 30
des_cbc 31
des_ede 32
des_ede3 33
idea_cbc 34
idea_cfb64 35
idea_ecb 36
rc2_cbc 37
rc2_ecb 38
rc2_cfb64 39
rc2_ofb64 40
sha 41
shaWithRSAEncryption 42
des_ede_cbc 43
des_ede3_cbc 44
des_ofb64 45
idea_ofb64 46
pkcs9 47
pkcs9_emailAddress 48
pkcs9_unstructuredName 49
pkcs9_contentType 50
pkcs9_messageDigest 51
pkcs9_signingTime 52
pkcs9_countersignature 53
pkcs9_challengePassword 54
pkcs9_unstructuredAddress 55
pkcs9_extCertAttributes 56
netscape 57
netscape_cert_extension 58
netscape_data_type 59
des_ede_cfb64 60
des_ede3_cfb64 61
des_ede_ofb64 62
des_ede3_ofb64 63
sha1 64
sha1WithRSAEncryption 65
dsaWithSHA 66
dsa_2 67
pbeWithSHA1AndRC2_CBC 68
id_pbkdf2 69
dsaWithSHA1_2 70
netscape_cert_type 71
netscape_base_url 72
netscape_revocation_url 73
netscape_ca_revocation_url 74
netscape_renewal_url 75
netscape_ca_policy_url 76
netscape_ssl_server_name 77
netscape_comment 78
netscape_cert_sequence 79
desx_cbc 80
id_ce 81
subject_key_identifier 82
key_usage 83
private_key_usage_period 84
subject_alt_name 85
issuer_alt_name 86
basic_constraints 87
crl_number 88
certificate_policies 89
authority_key_identifier 90
bf_cbc 91
bf_ecb 92
bf_cfb64 93
bf_ofb64 94
mdc2 95
mdc2WithRSA 96
rc4_40 97
rc2_40_cbc 98
givenName 99
surname 100
initials 101
uniqueIdentifier 102
crl_distribution_points 103
md5WithRSA 104
serialNumber 105
title 106
description 107
cast5_cbc 108
cast5_ecb 109
cast5_cfb64 110
cast5_ofb64 111
pbeWithMD5AndCast5_CBC 112
dsaWithSHA1 113
md5_sha1 114
sha1WithRSA 115
dsa 116
ripemd160 117
ripemd160WithRSA 119
rc5_cbc 120
rc5_ecb 121
rc5_cfb64 122
rc5_ofb64 123
rle_compression 124
zlib_compression 125
ext_key_usage 126
id_pkix 127
id_kp 128
server_auth 129
client_auth 130
code_sign 131
email_protect 132
time_stamp 133
ms_code_ind 134
ms_code_com 135
ms_ctl_sign 136
ms_sgc 137
ms_efs 138
ns_sgc 139
delta_crl 140
crl_reason 141
invalidity_date 142
sxnet 143
pbe_WithSHA1And128BitRC4 144
pbe_WithSHA1And40BitRC4 145
pbe_WithSHA1And3_Key_TripleDES_CBC 146
pbe_WithSHA1And2_Key_TripleDES_CBC 147
pbe_WithSHA1And128BitRC2_CBC 148
pbe_WithSHA1And40BitRC2_CBC 149
keyBag 150
pkcs8ShroudedKeyBag 151
certBag 152
crlBag 153
secretBag 154
safeContentsBag 155
friendlyName 156
localKeyID 157
x509Certificate 158
sdsiCertificate 159
x509Crl 160
pbes2 161
pbmac1 162
hmacWithSHA1 163
id_qt_cps 164
id_qt_unotice 165
rc2_64_cbc 166
SMIMECapabilities 167
pbeWithMD2AndRC2_CBC 168
pbeWithMD5AndRC2_CBC 169
pbeWithSHA1AndDES_CBC 170
ms_ext_req 171
ext_req 172
name 173
dnQualifier 174
id_pe 175
id_ad 176
info_access 177
ad_OCSP 178
ad_ca_issuers 179
OCSP_sign 180
iso 181
member_body 182
ISO_US 183
X9_57 184
X9cm 185
pkcs1 186
pkcs5 187
SMIME 188
id_smime_mod 189
id_smime_ct 190
id_smime_aa 191
id_smime_alg 192
id_smime_cd 193
id_smime_spq 194
id_smime_cti 195
id_smime_mod_cms 196
id_smime_mod_ess 197
id_smime_mod_oid 198
id_smime_mod_msg_v3 199
id_smime_mod_ets_eSignature_88 200
id_smime_mod_ets_eSignature_97 201
id_smime_mod_ets_eSigPolicy_88 202
id_smime_mod_ets_eSigPolicy_97 203
id_smime_ct_receipt 204
id_smime_ct_authData 205
id_smime_ct_publishCert 206
id_smime_ct_TSTInfo 207
id_smime_ct_TDTInfo 208
id_smime_ct_contentInfo 209
id_smime_ct_DVCSRequestData 210
id_smime_ct_DVCSResponseData 211
id_smime_aa_receiptRequest 212
id_smime_aa_securityLabel 213
id_smime_aa_mlExpandHistory 214
id_smime_aa_contentHint 215
id_smime_aa_msgSigDigest 216
id_smime_aa_encapContentType 217
id_smime_aa_contentIdentifier 218
id_smime_aa_macValue 219
id_smime_aa_equivalentLabels 220
id_smime_aa_contentReference 221
id_smime_aa_encrypKeyPref 222
id_smime_aa_signingCertificate 223
id_smime_aa_smimeEncryptCerts 224
id_smime_aa_timeStampToken 225
id_smime_aa_ets_sigPolicyId 226
id_smime_aa_ets_commitmentType 227
id_smime_aa_ets_signerLocation 228
id_smime_aa_ets_signerAttr 229
id_smime_aa_ets_otherSigCert 230
id_smime_aa_ets_contentTimestamp 231
id_smime_aa_ets_CertificateRefs 232
id_smime_aa_ets_RevocationRefs 233
id_smime_aa_ets_certValues 234
id_smime_aa_ets_revocationValues 235
id_smime_aa_ets_escTimeStamp 236
id_smime_aa_ets_certCRLTimestamp 237
id_smime_aa_ets_archiveTimeStamp 238
id_smime_aa_signatureType 239
id_smime_aa_dvcs_dvc 240
id_smime_alg_ESDHwith3DES 241
id_smime_alg_ESDHwithRC2 242
id_smime_alg_3DESwrap 243
id_smime_alg_RC2wrap 244
id_smime_alg_ESDH 245
id_smime_alg_CMS3DESwrap 246
id_smime_alg_CMSRC2wrap 247
id_smime_cd_ldap 248
id_smime_spq_ets_sqt_uri 249
id_smime_spq_ets_sqt_unotice 250
id_smime_cti_ets_proofOfOrigin 251
id_smime_cti_ets_proofOfReceipt 252
id_smime_cti_ets_proofOfDelivery 253
id_smime_cti_ets_proofOfSender 254
id_smime_cti_ets_proofOfApproval 255
id_smime_cti_ets_proofOfCreation 256
md4 257
id_pkix_mod 258
id_qt 259
id_it 260
id_pkip 261
id_alg 262
id_cmc 263
id_on 264
id_pda 265
id_aca 266
id_qcs 267
id_cct 268
id_pkix1_explicit_88 269
id_pkix1_implicit_88 270
id_pkix1_explicit_93 271
id_pkix1_implicit_93 272
id_mod_crmf 273
id_mod_cmc 274
id_mod_kea_profile_88 275
id_mod_kea_profile_93 276
id_mod_cmp 277
id_mod_qualified_cert_88 278
id_mod_qualified_cert_93 279
id_mod_attribute_cert 280
id_mod_timestamp_protocol 281
id_mod_ocsp 282
id_mod_dvcs 283
id_mod_cmp2000 284
biometricInfo 285
qcStatements 286
ac_auditEntity 287
ac_targeting 288
aaControls 289
sbqp_ipAddrBlock 290
sbqp_autonomousSysNum 291
sbqp_routerIdentifier 292
textNotice 293
ipsecEndSystem 294
ipsecTunnel 295
ipsecUser 296
dvcs 297
id_it_caProtEncCert 298
id_it_signKeyPairTypes 299
id_it_encKeyPairTypes 300
id_it_preferredSymmAlg 301
id_it_caKeyUpdateInfo 302
id_it_currentCRL 303
id_it_unsupportedOIDs 304
id_it_subscriptionRequest 305
id_it_subscriptionResponse 306
id_it_keyPairParamReq 307
id_it_keyPairParamRep 308
id_it_revPassphrase 309
id_it_implicitConfirm 310
id_it_confirmWaitTime 311
id_it_origPKIMessage 312
id_regCtrl 313
id_regInfo 314
id_regCtrl_regToken 315
id_regCtrl_authenticator 316
id_regCtrl_pkiPublicationInfo 317
id_regCtrl_pkiArchiveOptions 318
id_regCtrl_oldCertID 319
id_regCtrl_protocolEncrKey 320
id_regInfo_utf8Pairs 321
id_regInfo_certReq 322
id_alg_des40 323
id_alg_noSignature 324
id_alg_dh_sig_hmac_sha1 325
id_alg_dh_pop 326
id_cmc_statusInfo 327
id_cmc_identification 328
id_cmc_identityProof 329
id_cmc_dataReturn 330
id_cmc_transactionId 331
id_cmc_senderNonce 332
id_cmc_recipientNonce 333
id_cmc_addExtensions 334
id_cmc_encryptedPOP 335
id_cmc_decryptedPOP 336
id_cmc_lraPOPWitness 337
id_cmc_getCert 338
id_cmc_getCRL 339
id_cmc_revokeRequest 340
id_cmc_regInfo 341
id_cmc_responseInfo 342
id_cmc_queryPending 343
id_cmc_popLinkRandom 344
id_cmc_popLinkWitness 345
id_cmc_confirmCertAcceptance 346
id_on_personalData 347
id_pda_dateOfBirth 348
id_pda_placeOfBirth 349
id_pda_pseudonym 350
id_pda_gender 351
id_pda_countryOfCitizenship 352
id_pda_countryOfResidence 353
id_aca_authenticationInfo 354
id_aca_accessIdentity 355
id_aca_chargingIdentity 356
id_aca_group 357
id_aca_role 358
id_qcs_pkixQCSyntax_v1 359
id_cct_crs 360
id_cct_PKIData 361
id_cct_PKIResponse 362
ad_timeStamping 363
ad_dvcs 364
id_pkix_OCSP_basic 365
id_pkix_OCSP_Nonce 366
id_pkix_OCSP_CrlID 367
id_pkix_OCSP_acceptableResponses 368
id_pkix_OCSP_noCheck 369
id_pkix_OCSP_archiveCutoff 370
id_pkix_OCSP_serviceLocator 371
id_pkix_OCSP_extendedStatus 372
id_pkix_OCSP_valid 373
id_pkix_OCSP_path 374
id_pkix_OCSP_trustRoot 375
algorithm 376
rsaSignature 377
X500algorithms 378

44
crypto/objects/objects.README Normal file
View File

@@ -0,0 +1,44 @@
objects.txt syntax
------------------
To cover all the naming hacks that were previously in objects.h needed some
kind of hacks in objects.txt.
The basic syntax for adding an object is as follows:
1 2 3 4 : shortName : Long Name
If the long name doesn't contain spaces, or no short name
exists, the long name is used as basis for the base name
in C. Otherwise, the short name is used.
The base name (let's call it 'base') will then be used to
create the C macros SN_base, LN_base, NID_base and OBJ_base.
Note that if the base name contains spaces, dashes or periods,
those will be converte to underscore.
Then there are some extra commands:
!Alias foo 1 2 3 4
This juts makes a name foo for an OID. The C macro
OBJ_foo will be created as a result.
!Cname foo
This makes sure that the name foo will be used as base name
in C.
!module foo
1 2 3 4 : shortName : Long Name
!global
The !module command was meant to define a kind of modularity.
What it does is to make sure the module name is prepended
to the base name. !global turns this off. This construction
is not recursive.
Lines starting with # are treated as comments, as well as any line starting
with ! and not matching the commands above.

6
crypto/objects/objects.h
View File

@@ -59,6 +59,11 @@
#ifndef HEADER_OBJECTS_H
#define HEADER_OBJECTS_H
#define USE_OBJ_MAC
#ifdef USE_OBJ_MAC
#include <openssl/obj_mac.h>
#else
#define SN_undef "UNDEF"
#define LN_undef "undefined"
#define NID_undef 0
@@ -949,6 +954,7 @@
#define LN_OCSP_sign "OCSP Signing"
#define NID_OCSP_sign 180
#define OBJ_OCSP_sign OBJ_id_kp,9L
#endif /* USE_OBJ_MAC */
#include <openssl/bio.h>
#include <openssl/asn1.h>

213
crypto/objects/objects.pl Normal file
View File

@@ -0,0 +1,213 @@
#!/usr/local/bin/perl
open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
$max_nid=0;
$o=0;
while(<NUMIN>)
{
chop;
$o++;
s/#.*$//;
next if /^\s*$/;
($Cname,$mynum) = split;
if (defined($nidn{$mynum}))
{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
$nid{$Cname} = $mynum;
$nidn{$mynum} = $Cname;
$order{$mynum} = $o;
$max_nid = $mynum if $mynum > $max_nid;
}
close NUMIN;
open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
$Cname="";
$o=0;
while (<IN>)
{
chop;
$o++;
if (/^!module\s+(.*)$/)
{
$module = $1."-";
$module =~ s/\./_/g;
$module =~ s/-/_/g;
}
if (/^!global$/)
{ $module = ""; }
if (/^!Cname\s+(.*)$/)
{ $Cname = $1; }
if (/^!Alias\s+(.+?)\s+(.*)$/)
{
$Cname = $module.$1;
$myoid = $2;
$myoid = &process_oid($myoid);
$Cname =~ s/-/_/g;
$ordern{$o} = $Cname;
$order{$Cname} = $o;
$obj{$Cname} = $myoid;
$_ = "";
$Cname = "";
}
s/!.*$//;
s/#.*$//;
next if /^\s*$/;
($myoid,$mysn,$myln) = split ':';
$mysn =~ s/^\s*//;
$mysn =~ s/\s*$//;
$myln =~ s/^\s*//;
$myln =~ s/\s*$//;
$myoid =~ s/^\s*//;
$myoid =~ s/\s*$//;
if ($myoid ne "")
{
$myoid = &process_oid($myoid);
}
if ($Cname eq "" && !($myln =~ / /))
{
$Cname = $myln;
$Cname =~ s/\./_/g;
$Cname =~ s/-/_/g;
if ($Cname ne "" && defined($ln{$module.$Cname}))
{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
}
if ($Cname eq "")
{
$Cname = $mysn;
$Cname =~ s/-/_/g;
if ($Cname ne "" && defined($sn{$module.$Cname}))
{ die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
}
if ($Cname eq "")
{
$Cname = $myln;
$Cname =~ s/-/_/g;
$Cname =~ s/\./_/g;
$Cname =~ s/ /_/g;
if ($Cname ne "" && defined($ln{$module.$Cname}))
{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
}
$Cname =~ s/\./_/g;
$Cname =~ s/-/_/g;
$Cname = $module.$Cname;
$ordern{$o} = $Cname;
$order{$Cname} = $o;
$sn{$Cname} = $mysn;
$ln{$Cname} = $myln;
$obj{$Cname} = $myoid;
if (!defined($nid{$Cname}))
{
$max_nid++;
$nid{$Cname} = $max_nid;
$nidn{$max_nid} = $Cname;
}
$Cname="";
}
close IN;
open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
foreach (sort { $a <=> $b } keys %nidn)
{
print NUMOUT $nidn{$_},"\t\t",$_,"\n";
}
close NUMOUT;
open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
print OUT <<'EOF';
/* lib/obj/obj_mac.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
* following command:
* perl objects.pl objects.txt obj_mac.num obj_mac.h
*/
#define SN_undef "UNDEF"
#define LN_undef "undefined"
#define NID_undef 0
#define OBJ_undef 0L
EOF
foreach (sort { $a <=> $b } keys %ordern)
{
$Cname=$ordern{$_};
print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
print OUT "\n";
}
close OUT;
sub process_oid
{
local($oid)=@_;
local(@a,$oid_pref);
@a = split(/\s+/,$myoid);
$pref_oid = "";
if (!($a[0] =~ /^[0-9]+$/))
{
$a[0] =~ s/-/_/g;
$pref_oid = "OBJ_" . $a[0] . ',';
shift @a;
}
return($pref_oid . join('L,',@a) . 'L');
}

601
crypto/objects/objects.txt
View File

@@ -1,40 +1,567 @@
1 2 : ISO member bodies
1 2 840 : US (ANSI)
1 2 840 113549 : rsadsi : RSA Data Security, Inc.
1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS
1 2 840 113549 1 1 1 : rsaEncryption
1 2 840 113549 1 1 2 : md2withRSAEncryption
1 2 840 113549 1 1 4 : md5withRSAEncryption
1 2 840 113549 1 7 : pkcs-7
1 2 840 113549 1 7 1 : pkcs-7-data
1 2 840 113549 1 7 2 : pkcs-7-signedData
1 2 840 113549 1 7 3 : pkcs-7-envelopedData
1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData
1 2 840 113549 1 7 5 : pkcs-7-digestData
1 2 840 113549 1 7 6 : pkcs-7-encryptedData
1 2 840 113549 2 2 : md2
1 2 840 113549 2 4 : md4
1 2 840 113549 2 5 : md5
1 2 840 113549 3 4 : rc4
1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC
1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC
2 5 : X500 : directory services (X.500)
2 5 4 : X509
2 5 4 3 : commonName
2 5 4 6 : countryName
2 5 4 7 : localityName
2 5 4 8 : stateOrProvinceName
2 5 4 10 : organizationName
2 5 4 11 : organizationalUnitName
2 5 8 : directory services - algorithms
2 5 8 1 1 : rsa
1 : ISO : iso
iso 2 : member-body : ISO Member Body
member-body 840 : ISO-US : ISO US Member Body
ISO-US 10040 : X9-57 : X9.57
X9-57 4 : X9cm : X9.57 CM ?
algorithm 18 : sha
encryptionAlgorithm 1 : rsa
!Cname dsa
X9cm 1 : DSA : dsaEncryption
X9cm 3 : DSA-SHA1 : dsaWithSHA1
ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc
: CAST5-ECB : cast5-ecb
!Cname cast5-cfb64
: CAST5-CFB : cast5-cfb
!Cname cast5-ofb64
: CAST5-OFB : cast5-ofb
!Cname pbeWithMD5AndCast5-CBC
ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC
ISO-US 113549 : rsadsi : RSA Data Security, Inc.
rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS
pkcs 1 : pkcs1
pkcs1 1 : : rsaEncryption
pkcs1 2 : RSA-MD2 : md2WithRSAEncryption
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
pkcs 3 : pkcs3
pkcs3 1 : : dhKeyAgreement
pkcs 5 : pkcs5
pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC
pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC
pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC
pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC
pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC
pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC
!Cname id_pbkdf2
pkcs5 12 : : PBKDF2
!Cname pbes2
pkcs5 13 : : PBES2
!Cname pbmac1
pkcs5 14 : : PBMAC1
pkcs 7 : pkcs7
pkcs7 1 : : pkcs7-data
!Cname pkcs7-signed
pkcs7 2 : : pkcs7-signedData
!Cname pkcs7-enveloped
pkcs7 3 : : pkcs7-envelopedData
!Cname pkcs7-signedAndEnveloped
pkcs7 4 : : pkcs7-signedAndEnvelopedData
!Cname pkcs7-digest
pkcs7 5 : : pkcs7-digestData
!Cname pkcs7-encrypted
pkcs7 6 : : pkcs7-encryptedData
pkcs 9 : pkcs9
!module pkcs9
pkcs9 1 : Email : emailAddress
pkcs9 2 : : unstructuredName
pkcs9 3 : : contentType
pkcs9 4 : : messageDigest
pkcs9 5 : : signingTime
pkcs9 6 : : countersignature
pkcs9 7 : : challengePassword
pkcs9 8 : : unstructuredAddress
!Cname extCertAttributes
pkcs9 9 : : extendedCertificateAttributes
!global
!Cname ext-req
pkcs9 14 : extReq : Extension Request
!Cname SMIMECapabilities
pkcs9 15 : SMIME-CAPS : S/MIME Capabilities
# S/MIME
!Cname SMIME
pkcs9 16 : SMIME : S/MIME
SMIME 0 : id-smime-mod
SMIME 1 : id-smime-ct
SMIME 2 : id-smime-aa
SMIME 3 : id-smime-alg
SMIME 4 : id-smime-cd
SMIME 5 : id-smime-spq
SMIME 6 : id-smime-cti
# S/MIME Modules
id-smime-mod 1 : id-smime-mod-cms
id-smime-mod 2 : id-smime-mod-ess
id-smime-mod 3 : id-smime-mod-oid
id-smime-mod 4 : id-smime-mod-msg-v3
id-smime-mod 5 : id-smime-mod-ets-eSignature-88
id-smime-mod 6 : id-smime-mod-ets-eSignature-97
id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88
id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97
# S/MIME Content Types
id-smime-ct 1 : id-smime-ct-receipt
id-smime-ct 2 : id-smime-ct-authData
id-smime-ct 3 : id-smime-ct-publishCert
id-smime-ct 4 : id-smime-ct-TSTInfo
id-smime-ct 5 : id-smime-ct-TDTInfo
id-smime-ct 6 : id-smime-ct-contentInfo
id-smime-ct 7 : id-smime-ct-DVCSRequestData
id-smime-ct 8 : id-smime-ct-DVCSResponseData
# S/MIME Attributes
id-smime-aa 1 : id-smime-aa-receiptRequest
id-smime-aa 2 : id-smime-aa-securityLabel
id-smime-aa 3 : id-smime-aa-mlExpandHistory
id-smime-aa 4 : id-smime-aa-contentHint
id-smime-aa 5 : id-smime-aa-msgSigDigest
# obsolete
id-smime-aa 6 : id-smime-aa-encapContentType
id-smime-aa 7 : id-smime-aa-contentIdentifier
# obsolete
id-smime-aa 8 : id-smime-aa-macValue
id-smime-aa 9 : id-smime-aa-equivalentLabels
id-smime-aa 10 : id-smime-aa-contentReference
id-smime-aa 11 : id-smime-aa-encrypKeyPref
id-smime-aa 12 : id-smime-aa-signingCertificate
id-smime-aa 13 : id-smime-aa-smimeEncryptCerts
id-smime-aa 14 : id-smime-aa-timeStampToken
id-smime-aa 15 : id-smime-aa-ets-sigPolicyId
id-smime-aa 16 : id-smime-aa-ets-commitmentType
id-smime-aa 17 : id-smime-aa-ets-signerLocation
id-smime-aa 18 : id-smime-aa-ets-signerAttr
id-smime-aa 19 : id-smime-aa-ets-otherSigCert
id-smime-aa 20 : id-smime-aa-ets-contentTimestamp
id-smime-aa 21 : id-smime-aa-ets-CertificateRefs
id-smime-aa 22 : id-smime-aa-ets-RevocationRefs
id-smime-aa 23 : id-smime-aa-ets-certValues
id-smime-aa 24 : id-smime-aa-ets-revocationValues
id-smime-aa 25 : id-smime-aa-ets-escTimeStamp
id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp
id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp
id-smime-aa 28 : id-smime-aa-signatureType
id-smime-aa 29 : id-smime-aa-dvcs-dvc
# S/MIME Algorithm Identifiers
# obsolete
id-smime-alg 1 : id-smime-alg-ESDHwith3DES
# obsolete
id-smime-alg 2 : id-smime-alg-ESDHwithRC2
# obsolete
id-smime-alg 3 : id-smime-alg-3DESwrap
# obsolete
id-smime-alg 4 : id-smime-alg-RC2wrap
id-smime-alg 5 : id-smime-alg-ESDH
id-smime-alg 6 : id-smime-alg-CMS3DESwrap
id-smime-alg 7 : id-smime-alg-CMSRC2wrap
# S/MIME Certificate Distribution
id-smime-cd 1 : id-smime-cd-ldap
# S/MIME Signature Policy Qualifier
id-smime-spq 1 : id-smime-spq-ets-sqt-uri
id-smime-spq 2 : id-smime-spq-ets-sqt-unotice
# S/MIME Commitment Type Identifier
id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin
id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt
id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery
id-smime-cti 4 : id-smime-cti-ets-proofOfSender
id-smime-cti 5 : id-smime-cti-ets-proofOfApproval
id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
pkcs9 20 : : friendlyName
pkcs9 21 : : localKeyID
!Alias certTypes pkcs9 22
certTypes 1 : : x509Certificate
certTypes 2 : : sdsiCertificate
!Alias crlTypes pkcs9 23
crlTypes 1 : : x509Crl
!Alias pkcs12 pkcs 12
!Alias pkcs12-pbeids pkcs12 1
!Cname pbe-WithSHA1And128BitRC4
pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4
!Cname pbe-WithSHA1And40BitRC4
pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4
!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC
!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC
!Cname pbe-WithSHA1And128BitRC2-CBC
pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC
!Cname pbe-WithSHA1And40BitRC2-CBC
pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC
!Alias pkcs12-Version1 pkcs12 10
!Alias pkcs12-BagIds pkcs12-Version1 1
pkcs12-BagIds 1 : : keyBag
pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag
pkcs12-BagIds 3 : : certBag
pkcs12-BagIds 4 : : crlBag
pkcs12-BagIds 5 : : secretBag
pkcs12-BagIds 6 : : safeContentsBag
rsadsi 2 2 : MD2 : md2
rsadsi 2 4 : MD4 : md4
rsadsi 2 5 : MD5 : md5
: MD5-SHA1 : md5-sha1
rsadsi 2 7 : : hmacWithSHA1
rsadsi 3 2 : RC2-CBC : rc2-cbc
: RC2-ECB : rc2-ecb
!Cname rc2-cfb64
: RC2-CFB : rc2-cfb
!Cname rc2-ofb64
: RC2-OFB : rc2-ofb
: RC2-40-CBC : rc2-40-cbc
: RC2-64-CBC : rc2-64-cbc
rsadsi 3 4 : RC4 : rc4
: RC4-40 : rc4-40
rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc
rsadsi 3 8 : RC5-CBC : rc5-cbc
: RC5-ECB : rc5-ecb
!Cname rc5-cfb64
: RC5-CFB : rc5-cfb
!Cname rc5-ofb64
: RC5-OFB : rc5-ofb
!Cname ms-ext-req
1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request
!Cname ms-code-ind
1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing
!Cname ms-code-com
1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing
!Cname ms-ctl-sign
1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing
!Cname ms-sgc
1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto
!Cname ms-efs
1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System
1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc
: IDEA-ECB : idea-ecb
!Cname idea-cfb64
: IDEA-CFB : idea-cfb
!Cname idea-ofb64
: IDEA-OFB : idea-ofb
1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc
: BF-ECB : bf-ecb
!Cname bf-cfb64
: BF-CFB : bf-cfb
!Cname bf-ofb64
: BF-OFB : bf-ofb
!Cname id-pkix
1 3 6 1 5 5 7 : PKIX
# PKIX Arcs
id-pkix 0 : id-pkix-mod
id-pkix 1 : id-pe
id-pkix 2 : id-qt
id-pkix 3 : id-kp
id-pkix 4 : id-it
id-pkix 5 : id-pkip
id-pkix 6 : id-alg
id-pkix 7 : id-cmc
id-pkix 8 : id-on
id-pkix 9 : id-pda
id-pkix 10 : id-aca
id-pkix 11 : id-qcs
id-pkix 12 : id-cct
id-pkix 48 : id-ad
# PKIX Modules
id-pkix-mod 1 : id-pkix1-explicit-88
id-pkix-mod 2 : id-pkix1-implicit-88
id-pkix-mod 3 : id-pkix1-explicit-93
id-pkix-mod 4 : id-pkix1-implicit-93
id-pkix-mod 5 : id-mod-crmf
id-pkix-mod 6 : id-mod-cmc
id-pkix-mod 7 : id-mod-kea-profile-88
id-pkix-mod 8 : id-mod-kea-profile-93
id-pkix-mod 9 : id-mod-cmp
id-pkix-mod 10 : id-mod-qualified-cert-88
id-pkix-mod 11 : id-mod-qualified-cert-93
id-pkix-mod 12 : id-mod-attribute-cert
id-pkix-mod 13 : id-mod-timestamp-protocol
id-pkix-mod 14 : id-mod-ocsp
id-pkix-mod 15 : id-mod-dvcs
id-pkix-mod 16 : id-mod-cmp2000
# PKIX Private Extensions
!Cname info-access
id-pe 1 : authorityInfoAccess : Authority Information Access
id-pe 2 : biometricInfo : Biometric Info
id-pe 3 : qcStatements
id-pe 4 : ac-auditEntity
id-pe 5 : ac-targeting
id-pe 6 : aaControls
id-pe 7 : sbqp-ipAddrBlock
id-pe 8 : sbqp-autonomousSysNum
id-pe 9 : sbqp-routerIdentifier
# PKIX policyQualifiers for Internet policy qualifiers
id-qt 1 : id-qt-cps : Policy Qualifier CPS
id-qt 2 : id-qt-unotice : Policy Qualifier User Notice
id-qt 3 : textNotice
# PKIX key purpose identifiers
!Cname server-auth
id-kp 1 : serverAuth : TLS Web Server Authentication
!Cname client-auth
id-kp 2 : clientAuth : TLS Web Client Authentication
!Cname code-sign
id-kp 3 : codeSigning : Code Signing
!Cname email-protect
id-kp 4 : emailProtection : E-mail Protection
id-kp 5 : ipsecEndSystem : IPSec End System
id-kp 6 : ipsecTunnel : IPSec Tunnel
id-kp 7 : ipsecUser : IPSec User
!Cname time-stamp
id-kp 8 : timeStamping : Time Stamping
#??? According to PKIX, id-kp 9 is temporalDataAuthority
#??? I've no idea where OCSP-sign comes from -- Richard Levitte
!Cname OCSP-sign
id-kp 9 : OCSPSigning : OCSP Signing
id-kp 10 : DVCS : dvcs
# CMP information types
id-it 1 : id-it-caProtEncCert
id-it 2 : id-it-signKeyPairTypes
id-it 3 : id-it-encKeyPairTypes
id-it 4 : id-it-preferredSymmAlg
id-it 5 : id-it-caKeyUpdateInfo
id-it 6 : id-it-currentCRL
id-it 7 : id-it-unsupportedOIDs
# obsolete
id-it 8 : id-it-subscriptionRequest
# obsolete
id-it 9 : id-it-subscriptionResponse
id-it 10 : id-it-keyPairParamReq
id-it 11 : id-it-keyPairParamRep
id-it 12 : id-it-revPassphrase
id-it 13 : id-it-implicitConfirm
id-it 14 : id-it-confirmWaitTime
id-it 15 : id-it-origPKIMessage
# CRMF registration
id-pkip 1 : id-regCtrl
id-pkip 2 : id-regInfo
# CRMF registration controls
id-regCtrl 1 : id-regCtrl-regToken
id-regCtrl 2 : id-regCtrl-authenticator
id-regCtrl 3 : id-regCtrl-pkiPublicationInfo
id-regCtrl 4 : id-regCtrl-pkiArchiveOptions
id-regCtrl 5 : id-regCtrl-oldCertID
id-regCtrl 6 : id-regCtrl-protocolEncrKey
# CRMF registration information
id-regInfo 1 : id-regInfo-utf8Pairs
id-regInfo 2 : id-regInfo-certReq
# algorithms
id-alg 1 : id-alg-des40
id-alg 2 : id-alg-noSignature
id-alg 3 : id-alg-dh-sig-hmac-sha1
id-alg 4 : id-alg-dh-pop
# CMC controls
id-cmc 1 : id-cmc-statusInfo
id-cmc 2 : id-cmc-identification
id-cmc 3 : id-cmc-identityProof
id-cmc 4 : id-cmc-dataReturn
id-cmc 5 : id-cmc-transactionId
id-cmc 6 : id-cmc-senderNonce
id-cmc 7 : id-cmc-recipientNonce
id-cmc 8 : id-cmc-addExtensions
id-cmc 9 : id-cmc-encryptedPOP
id-cmc 10 : id-cmc-decryptedPOP
id-cmc 11 : id-cmc-lraPOPWitness
id-cmc 15 : id-cmc-getCert
id-cmc 16 : id-cmc-getCRL
id-cmc 17 : id-cmc-revokeRequest
id-cmc 18 : id-cmc-regInfo
id-cmc 19 : id-cmc-responseInfo
id-cmc 21 : id-cmc-queryPending
id-cmc 22 : id-cmc-popLinkRandom
id-cmc 23 : id-cmc-popLinkWitness
id-cmc 24 : id-cmc-confirmCertAcceptance
# other names
id-on 1 : id-on-personalData
# personal data attributes
id-pda 1 : id-pda-dateOfBirth
id-pda 2 : id-pda-placeOfBirth
id-pda 3 : id-pda-pseudonym
id-pda 4 : id-pda-gender
id-pda 5 : id-pda-countryOfCitizenship
id-pda 6 : id-pda-countryOfResidence
# attribute certificate attributes
id-aca 1 : id-aca-authenticationInfo
id-aca 2 : id-aca-accessIdentity
id-aca 3 : id-aca-chargingIdentity
id-aca 4 : id-aca-group
id-aca 5 : id-aca-role
# qualified certificate statements
id-qcs 1 : id-qcs-pkixQCSyntax-v1
# CMC content types
id-cct 1 : id-cct-crs
id-cct 2 : id-cct-PKIData
id-cct 3 : id-cct-PKIResponse
# access descriptors for authority info access extension
!Cname ad-OCSP
id-ad 1 : OCSP : OCSP
!Cname ad-ca-issuers
id-ad 2 : caIssuers : CA Issuers
!Cname ad-timeStamping
id-ad 3 : timestamping : Time Stamping
!Cname ad-dvcs
id-ad 4 : DVCS : dvcs
!Alias id-pkix-OCSP ad-OCSP
!module id-pkix-OCSP
!Cname basic
id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response
id-pkix-OCSP 2 : Nonce : OCSP Nonce
id-pkix-OCSP 3 : CrlID : OCSP CRL ID
id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses
id-pkix-OCSP 5 : noCheck
id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff
id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator
id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status
id-pkix-OCSP 9 : valid
id-pkix-OCSP 10 : path
id-pkix-OCSP 11 : trustRoot : Trust Root
!global
1 3 14 3 2 : algorithm : algorithm
algorithm 3 : RSA-NP-MD5 : md5WithRSA
algorithm 6 : DES-ECB : des-ecb
algorithm 7 : DES-CBC : des-cbc
!Cname des-ofb64
algorithm 8 : DES-OFB : des-ofb
!Cname des-cfb64
algorithm 9 : DES-CFB : des-cfb
algorithm 11 : rsaSignature
!Cname dsa-2
algorithm 12 : DSA-old : dsaEncryption-old
algorithm 13 : DSA-SHA : dsaWithSHA
algorithm 15 : RSA-SHA : shaWithRSAEncryption
algorithm 17 : DES-EDE : des-ede
: DES-EDE3 : des-ede3
: DES-EDE-CBC : des-ede-cbc
!Cname des-ede-cfb64
: DES-EDE-CFB : des-ede-cfb
!Cname des-ede3-cfb64
: DES-EDE3-CFB : des-ede3-cfb
!Cname des-ede-ofb64
: DES-EDE-OFB : des-ede-ofb
!Cname des-ede3-ofb64
: DES-EDE3-OFB : des-ede3-ofb
: DESX-CBC : desx-cbc
algorithm 18 : SHA : sha
algorithm 26 : SHA1 : sha1
!Cname dsaWithSHA1-2
algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old
algorithm 29 : RSA-SHA1-2 : sha1WithRSA
algorithm 6 : desECB
algorithm 7 : desCBC
algorithm 8 : desOFB
algorithm 9 : desCFB
algorithm 17 : desEDE2
1 3 36 3 2 1 : RIPEMD160 : ripemd160
1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
!Cname sxnet
1 3 101 1 4 1 : SXNetID : Strong Extranet ID
2 5 : X500 : directory services (X.500)
X500 4 : X509
X509 3 : CN : commonName
X509 4 : S : surname
X509 5 : SN : serialNumber
X509 6 : C : countryName
X509 7 : L : localityName
X509 8 : ST : stateOrProvinceName
X509 10 : O : organizationName
X509 11 : OU : organizationalUnitName
X509 12 : T : title
X509 13 : D : description
X509 41 : name : name
X509 42 : G : givenName
X509 43 : I : initials
X509 45 : UID : uniqueIdentifier
X509 46 : dnQualifier : dnQualifier
X500 8 : X500algorithms : directory services - algorithms
X500algorithms 1 1 : RSA : rsa
X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA
X500algorithms 3 101 : MDC2 : mdc2
X500 29 : id-ce
!Cname subject-key-identifier
id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier
!Cname key-usage
id-ce 15 : keyUsage : X509v3 Key Usage
!Cname private-key-usage-period
id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period
!Cname subject-alt-name
id-ce 17 : subjectAltName : X509v3 Subject Alternative Name
!Cname issuer-alt-name
id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name
!Cname basic-constraints
id-ce 19 : basicConstraints : X509v3 Basic Constraints
!Cname crl-number
id-ce 20 : crlNumber : X509v3 CRL Number
!Cname crl-reason
id-ce 21 : CRLReason : X509v3 CRL Reason Code
!Cname invalidity-date
id-ce 24 : invalidityDate : Invalidity Date
!Cname delta-crl
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
!Cname crl-distribution-points
id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
!Cname certificate-policies
id-ce 32 : certificatePolicies : X509v3 Certificate Policies
!Cname authority-key-identifier
id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
!Cname ext-key-usage
id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
!Cname netscape
2 16 840 1 113730 : Netscape : Netscape Communications Corp.
!Cname netscape-cert-extension
netscape 1 : nsCertExt : Netscape Certificate Extension
!Cname netscape-data-type
netscape 2 : nsDataType : Netscape Data Type
!Cname netscape-cert-type
netscape-cert-extension 1 : nsCertType : Netscape Cert Type
!Cname netscape-base-url
netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url
!Cname netscape-revocation-url
netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url
!Cname netscape-ca-revocation-url
netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url
!Cname netscape-renewal-url
netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url
!Cname netscape-ca-policy-url
netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url
!Cname netscape-ssl-server-name
netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name
!Cname netscape-comment
netscape-cert-extension 13 : nsComment : Netscape Comment
!Cname netscape-cert-sequence
netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence
!Cname ns-sgc
netscape 4 1 : nsSGC : Netscape Server Gated Crypto
# What the hell are these OIDs, really?
!Cname rle-compression
1 1 1 1 666 1 : RLE : run length compression
!Cname zlib-compression
1 1 1 1 666 2 : ZLIB : zlib compression