external/boringssl: Sync to 9c33ae85621ef8e00a42309b5101e0bedd02b816.
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/629db8cd0c84628e37aa81242b5b07fec7602f55..9c33ae85621ef8e00a42309b5101e0bedd02b816
Bug: 33622440
Test: BoringSSL tests
Change-Id: I20da15ad995a620b6b2f08db20c77ebd0f05ca10
diff --git a/BORINGSSL_REVISION b/BORINGSSL_REVISION
index 1ab89ef..027b126 100644
--- a/BORINGSSL_REVISION
+++ b/BORINGSSL_REVISION
@@ -1 +1 @@
-629db8cd0c84628e37aa81242b5b07fec7602f55
+9c33ae85621ef8e00a42309b5101e0bedd02b816
diff --git a/linux-x86_64/crypto/bn/rsaz-x86_64.S b/linux-x86_64/crypto/bn/rsaz-x86_64.S
deleted file mode 100644
index 21531d1..0000000
--- a/linux-x86_64/crypto/bn/rsaz-x86_64.S
+++ /dev/null
@@ -1,1229 +0,0 @@
-#if defined(__x86_64__)
-.text
-
-.extern OPENSSL_ia32cap_P
-.hidden OPENSSL_ia32cap_P
-
-.globl rsaz_512_sqr
-.hidden rsaz_512_sqr
-.type rsaz_512_sqr,@function
-.align 32
-rsaz_512_sqr:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-.Lsqr_body:
- movq %rdx,%rbp
- movq (%rsi),%rdx
- movq 8(%rsi),%rax
- movq %rcx,128(%rsp)
- jmp .Loop_sqr
-
-.align 32
-.Loop_sqr:
- movl %r8d,128+8(%rsp)
-
- movq %rdx,%rbx
- mulq %rdx
- movq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq %rbx,%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- addq %r8,%r8
- movq %r9,%rcx
- adcq %r9,%r9
-
- mulq %rax
- movq %rax,(%rsp)
- addq %rdx,%r8
- adcq $0,%r9
-
- movq %r8,8(%rsp)
- shrq $63,%rcx
-
-
- movq 8(%rsi),%r8
- movq 16(%rsi),%rax
- mulq %r8
- addq %rax,%r10
- movq 24(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r11
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r12
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r13
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r14
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r15
- movq %r8,%rax
- adcq $0,%rdx
- addq %rbx,%r15
- movq %rdx,%r8
- movq %r10,%rdx
- adcq $0,%r8
-
- addq %rdx,%rdx
- leaq (%rcx,%r10,2),%r10
- movq %r11,%rbx
- adcq %r11,%r11
-
- mulq %rax
- addq %rax,%r9
- adcq %rdx,%r10
- adcq $0,%r11
-
- movq %r9,16(%rsp)
- movq %r10,24(%rsp)
- shrq $63,%rbx
-
-
- movq 16(%rsi),%r9
- movq 24(%rsi),%rax
- mulq %r9
- addq %rax,%r12
- movq 32(%rsi),%rax
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- addq %rax,%r13
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r13
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- addq %rax,%r14
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r14
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- movq %r12,%r10
- leaq (%rbx,%r12,2),%r12
- addq %rax,%r15
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r15
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- shrq $63,%r10
- addq %rax,%r8
- movq %r9,%rax
- adcq $0,%rdx
- addq %rcx,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- movq %r13,%rcx
- leaq (%r10,%r13,2),%r13
-
- mulq %rax
- addq %rax,%r11
- adcq %rdx,%r12
- adcq $0,%r13
-
- movq %r11,32(%rsp)
- movq %r12,40(%rsp)
- shrq $63,%rcx
-
-
- movq 24(%rsi),%r10
- movq 32(%rsi),%rax
- mulq %r10
- addq %rax,%r14
- movq 40(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- addq %rax,%r15
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r15
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- movq %r14,%r12
- leaq (%rcx,%r14,2),%r14
- addq %rax,%r8
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r8
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- shrq $63,%r12
- addq %rax,%r9
- movq %r10,%rax
- adcq $0,%rdx
- addq %rbx,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- movq %r15,%rbx
- leaq (%r12,%r15,2),%r15
-
- mulq %rax
- addq %rax,%r13
- adcq %rdx,%r14
- adcq $0,%r15
-
- movq %r13,48(%rsp)
- movq %r14,56(%rsp)
- shrq $63,%rbx
-
-
- movq 32(%rsi),%r11
- movq 40(%rsi),%rax
- mulq %r11
- addq %rax,%r8
- movq 48(%rsi),%rax
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r11
- addq %rax,%r9
- movq 56(%rsi),%rax
- adcq $0,%rdx
- movq %r8,%r12
- leaq (%rbx,%r8,2),%r8
- addq %rcx,%r9
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r11
- shrq $63,%r12
- addq %rax,%r10
- movq %r11,%rax
- adcq $0,%rdx
- addq %rcx,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- movq %r9,%rcx
- leaq (%r12,%r9,2),%r9
-
- mulq %rax
- addq %rax,%r15
- adcq %rdx,%r8
- adcq $0,%r9
-
- movq %r15,64(%rsp)
- movq %r8,72(%rsp)
- shrq $63,%rcx
-
-
- movq 40(%rsi),%r12
- movq 48(%rsi),%rax
- mulq %r12
- addq %rax,%r10
- movq 56(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r12
- addq %rax,%r11
- movq %r12,%rax
- movq %r10,%r15
- leaq (%rcx,%r10,2),%r10
- adcq $0,%rdx
- shrq $63,%r15
- addq %rbx,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- movq %r11,%rbx
- leaq (%r15,%r11,2),%r11
-
- mulq %rax
- addq %rax,%r9
- adcq %rdx,%r10
- adcq $0,%r11
-
- movq %r9,80(%rsp)
- movq %r10,88(%rsp)
-
-
- movq 48(%rsi),%r13
- movq 56(%rsi),%rax
- mulq %r13
- addq %rax,%r12
- movq %r13,%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- xorq %r14,%r14
- shlq $1,%rbx
- adcq %r12,%r12
- adcq %r13,%r13
- adcq %r14,%r14
-
- mulq %rax
- addq %rax,%r11
- adcq %rdx,%r12
- adcq $0,%r13
-
- movq %r11,96(%rsp)
- movq %r12,104(%rsp)
-
-
- movq 56(%rsi),%rax
- mulq %rax
- addq %rax,%r13
- adcq $0,%rdx
-
- addq %rdx,%r14
-
- movq %r13,112(%rsp)
- movq %r14,120(%rsp)
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
-
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- movq %r8,%rdx
- movq %r9,%rax
- movl 128+8(%rsp),%r8d
- movq %rdi,%rsi
-
- decl %r8d
- jnz .Loop_sqr
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-.Lsqr_epilogue:
- .byte 0xf3,0xc3
-.size rsaz_512_sqr,.-rsaz_512_sqr
-.globl rsaz_512_mul
-.hidden rsaz_512_mul
-.type rsaz_512_mul,@function
-.align 32
-rsaz_512_mul:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-.Lmul_body:
-.byte 102,72,15,110,199
-.byte 102,72,15,110,201
- movq %r8,128(%rsp)
- movq (%rdx),%rbx
- movq %rdx,%rbp
- call __rsaz_512_mul
-
-.byte 102,72,15,126,199
-.byte 102,72,15,126,205
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-.Lmul_epilogue:
- .byte 0xf3,0xc3
-.size rsaz_512_mul,.-rsaz_512_mul
-.globl rsaz_512_mul_gather4
-.hidden rsaz_512_mul_gather4
-.type rsaz_512_mul_gather4,@function
-.align 32
-rsaz_512_mul_gather4:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $152,%rsp
-.Lmul_gather4_body:
- movd %r9d,%xmm8
- movdqa .Linc+16(%rip),%xmm1
- movdqa .Linc(%rip),%xmm0
-
- pshufd $0,%xmm8,%xmm8
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
- paddd %xmm0,%xmm1
- pcmpeqd %xmm8,%xmm0
- movdqa %xmm7,%xmm3
- paddd %xmm1,%xmm2
- pcmpeqd %xmm8,%xmm1
- movdqa %xmm7,%xmm4
- paddd %xmm2,%xmm3
- pcmpeqd %xmm8,%xmm2
- movdqa %xmm7,%xmm5
- paddd %xmm3,%xmm4
- pcmpeqd %xmm8,%xmm3
- movdqa %xmm7,%xmm6
- paddd %xmm4,%xmm5
- pcmpeqd %xmm8,%xmm4
- paddd %xmm5,%xmm6
- pcmpeqd %xmm8,%xmm5
- paddd %xmm6,%xmm7
- pcmpeqd %xmm8,%xmm6
- pcmpeqd %xmm8,%xmm7
-
- movdqa 0(%rdx),%xmm8
- movdqa 16(%rdx),%xmm9
- movdqa 32(%rdx),%xmm10
- movdqa 48(%rdx),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rdx),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rdx),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rdx),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rdx),%xmm15
- leaq 128(%rdx),%rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-.byte 102,76,15,126,195
-
- movq %r8,128(%rsp)
- movq %rdi,128+8(%rsp)
- movq %rcx,128+16(%rsp)
-
- movq (%rsi),%rax
- movq 8(%rsi),%rcx
- mulq %rbx
- movq %rax,(%rsp)
- movq %rcx,%rax
- movq %rdx,%r8
-
- mulq %rbx
- addq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq (%rsi),%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rsp),%rdi
- movl $7,%ecx
- jmp .Loop_mul_gather
-
-.align 32
-.Loop_mul_gather:
- movdqa 0(%rbp),%xmm8
- movdqa 16(%rbp),%xmm9
- movdqa 32(%rbp),%xmm10
- movdqa 48(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rbp),%xmm15
- leaq 128(%rbp),%rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-.byte 102,76,15,126,195
-
- mulq %rbx
- addq %rax,%r8
- movq 8(%rsi),%rax
- movq %r8,(%rdi)
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rsi),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rsi),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r15
- movq (%rsi),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rdi),%rdi
-
- decl %ecx
- jnz .Loop_mul_gather
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- movq 128+8(%rsp),%rdi
- movq 128+16(%rsp),%rbp
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-.Lmul_gather4_epilogue:
- .byte 0xf3,0xc3
-.size rsaz_512_mul_gather4,.-rsaz_512_mul_gather4
-.globl rsaz_512_mul_scatter4
-.hidden rsaz_512_mul_scatter4
-.type rsaz_512_mul_scatter4,@function
-.align 32
-rsaz_512_mul_scatter4:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- movl %r9d,%r9d
- subq $128+24,%rsp
-.Lmul_scatter4_body:
- leaq (%r8,%r9,8),%r8
-.byte 102,72,15,110,199
-.byte 102,72,15,110,202
-.byte 102,73,15,110,208
- movq %rcx,128(%rsp)
-
- movq %rdi,%rbp
- movq (%rdi),%rbx
- call __rsaz_512_mul
-
-.byte 102,72,15,126,199
-.byte 102,72,15,126,205
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
-.byte 102,72,15,126,214
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- movq %r8,0(%rsi)
- movq %r9,128(%rsi)
- movq %r10,256(%rsi)
- movq %r11,384(%rsi)
- movq %r12,512(%rsi)
- movq %r13,640(%rsi)
- movq %r14,768(%rsi)
- movq %r15,896(%rsi)
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-.Lmul_scatter4_epilogue:
- .byte 0xf3,0xc3
-.size rsaz_512_mul_scatter4,.-rsaz_512_mul_scatter4
-.globl rsaz_512_mul_by_one
-.hidden rsaz_512_mul_by_one
-.type rsaz_512_mul_by_one,@function
-.align 32
-rsaz_512_mul_by_one:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-.Lmul_by_one_body:
- movq %rdx,%rbp
- movq %rcx,128(%rsp)
-
- movq (%rsi),%r8
- pxor %xmm0,%xmm0
- movq 8(%rsi),%r9
- movq 16(%rsi),%r10
- movq 24(%rsi),%r11
- movq 32(%rsi),%r12
- movq 40(%rsi),%r13
- movq 48(%rsi),%r14
- movq 56(%rsi),%r15
-
- movdqa %xmm0,(%rsp)
- movdqa %xmm0,16(%rsp)
- movdqa %xmm0,32(%rsp)
- movdqa %xmm0,48(%rsp)
- movdqa %xmm0,64(%rsp)
- movdqa %xmm0,80(%rsp)
- movdqa %xmm0,96(%rsp)
- call __rsaz_512_reduce
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-.Lmul_by_one_epilogue:
- .byte 0xf3,0xc3
-.size rsaz_512_mul_by_one,.-rsaz_512_mul_by_one
-.type __rsaz_512_reduce,@function
-.align 32
-__rsaz_512_reduce:
- movq %r8,%rbx
- imulq 128+8(%rsp),%rbx
- movq 0(%rbp),%rax
- movl $8,%ecx
- jmp .Lreduction_loop
-
-.align 32
-.Lreduction_loop:
- mulq %rbx
- movq 8(%rbp),%rax
- negq %r8
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rbp),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rbp),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rbp),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq 128+8(%rsp),%rsi
-
-
- adcq $0,%rdx
- movq %rdx,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rbp),%rax
- adcq $0,%rdx
- imulq %r8,%rsi
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rbp),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rbp),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- movq %rsi,%rbx
- addq %rax,%r15
- movq 0(%rbp),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- decl %ecx
- jne .Lreduction_loop
-
- .byte 0xf3,0xc3
-.size __rsaz_512_reduce,.-__rsaz_512_reduce
-.type __rsaz_512_subtract,@function
-.align 32
-__rsaz_512_subtract:
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- movq 0(%rbp),%r8
- movq 8(%rbp),%r9
- negq %r8
- notq %r9
- andq %rcx,%r8
- movq 16(%rbp),%r10
- andq %rcx,%r9
- notq %r10
- movq 24(%rbp),%r11
- andq %rcx,%r10
- notq %r11
- movq 32(%rbp),%r12
- andq %rcx,%r11
- notq %r12
- movq 40(%rbp),%r13
- andq %rcx,%r12
- notq %r13
- movq 48(%rbp),%r14
- andq %rcx,%r13
- notq %r14
- movq 56(%rbp),%r15
- andq %rcx,%r14
- notq %r15
- andq %rcx,%r15
-
- addq (%rdi),%r8
- adcq 8(%rdi),%r9
- adcq 16(%rdi),%r10
- adcq 24(%rdi),%r11
- adcq 32(%rdi),%r12
- adcq 40(%rdi),%r13
- adcq 48(%rdi),%r14
- adcq 56(%rdi),%r15
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- .byte 0xf3,0xc3
-.size __rsaz_512_subtract,.-__rsaz_512_subtract
-.type __rsaz_512_mul,@function
-.align 32
-__rsaz_512_mul:
- leaq 8(%rsp),%rdi
-
- movq (%rsi),%rax
- mulq %rbx
- movq %rax,(%rdi)
- movq 8(%rsi),%rax
- movq %rdx,%r8
-
- mulq %rbx
- addq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq (%rsi),%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rbp),%rbp
- leaq 8(%rdi),%rdi
-
- movl $7,%ecx
- jmp .Loop_mul
-
-.align 32
-.Loop_mul:
- movq (%rbp),%rbx
- mulq %rbx
- addq %rax,%r8
- movq 8(%rsi),%rax
- movq %r8,(%rdi)
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rsi),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rsi),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- leaq 8(%rbp),%rbp
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r15
- movq (%rsi),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rdi),%rdi
-
- decl %ecx
- jnz .Loop_mul
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- .byte 0xf3,0xc3
-.size __rsaz_512_mul,.-__rsaz_512_mul
-.globl rsaz_512_scatter4
-.hidden rsaz_512_scatter4
-.type rsaz_512_scatter4,@function
-.align 16
-rsaz_512_scatter4:
- leaq (%rdi,%rdx,8),%rdi
- movl $8,%r9d
- jmp .Loop_scatter
-.align 16
-.Loop_scatter:
- movq (%rsi),%rax
- leaq 8(%rsi),%rsi
- movq %rax,(%rdi)
- leaq 128(%rdi),%rdi
- decl %r9d
- jnz .Loop_scatter
- .byte 0xf3,0xc3
-.size rsaz_512_scatter4,.-rsaz_512_scatter4
-
-.globl rsaz_512_gather4
-.hidden rsaz_512_gather4
-.type rsaz_512_gather4,@function
-.align 16
-rsaz_512_gather4:
- movd %edx,%xmm8
- movdqa .Linc+16(%rip),%xmm1
- movdqa .Linc(%rip),%xmm0
-
- pshufd $0,%xmm8,%xmm8
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
- paddd %xmm0,%xmm1
- pcmpeqd %xmm8,%xmm0
- movdqa %xmm7,%xmm3
- paddd %xmm1,%xmm2
- pcmpeqd %xmm8,%xmm1
- movdqa %xmm7,%xmm4
- paddd %xmm2,%xmm3
- pcmpeqd %xmm8,%xmm2
- movdqa %xmm7,%xmm5
- paddd %xmm3,%xmm4
- pcmpeqd %xmm8,%xmm3
- movdqa %xmm7,%xmm6
- paddd %xmm4,%xmm5
- pcmpeqd %xmm8,%xmm4
- paddd %xmm5,%xmm6
- pcmpeqd %xmm8,%xmm5
- paddd %xmm6,%xmm7
- pcmpeqd %xmm8,%xmm6
- pcmpeqd %xmm8,%xmm7
- movl $8,%r9d
- jmp .Loop_gather
-.align 16
-.Loop_gather:
- movdqa 0(%rsi),%xmm8
- movdqa 16(%rsi),%xmm9
- movdqa 32(%rsi),%xmm10
- movdqa 48(%rsi),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rsi),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rsi),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rsi),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rsi),%xmm15
- leaq 128(%rsi),%rsi
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,(%rdi)
- leaq 8(%rdi),%rdi
- decl %r9d
- jnz .Loop_gather
- .byte 0xf3,0xc3
-.LSEH_end_rsaz_512_gather4:
-.size rsaz_512_gather4,.-rsaz_512_gather4
-
-.align 64
-.Linc:
-.long 0,0, 1,1
-.long 2,2, 2,2
-#endif
diff --git a/mac-x86_64/crypto/bn/rsaz-x86_64.S b/mac-x86_64/crypto/bn/rsaz-x86_64.S
deleted file mode 100644
index 337276f..0000000
--- a/mac-x86_64/crypto/bn/rsaz-x86_64.S
+++ /dev/null
@@ -1,1228 +0,0 @@
-#if defined(__x86_64__)
-.text
-
-
-
-.globl _rsaz_512_sqr
-.private_extern _rsaz_512_sqr
-
-.p2align 5
-_rsaz_512_sqr:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-L$sqr_body:
- movq %rdx,%rbp
- movq (%rsi),%rdx
- movq 8(%rsi),%rax
- movq %rcx,128(%rsp)
- jmp L$oop_sqr
-
-.p2align 5
-L$oop_sqr:
- movl %r8d,128+8(%rsp)
-
- movq %rdx,%rbx
- mulq %rdx
- movq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq %rbx,%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- addq %r8,%r8
- movq %r9,%rcx
- adcq %r9,%r9
-
- mulq %rax
- movq %rax,(%rsp)
- addq %rdx,%r8
- adcq $0,%r9
-
- movq %r8,8(%rsp)
- shrq $63,%rcx
-
-
- movq 8(%rsi),%r8
- movq 16(%rsi),%rax
- mulq %r8
- addq %rax,%r10
- movq 24(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r11
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r12
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r13
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r14
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r8
- addq %rax,%r15
- movq %r8,%rax
- adcq $0,%rdx
- addq %rbx,%r15
- movq %rdx,%r8
- movq %r10,%rdx
- adcq $0,%r8
-
- addq %rdx,%rdx
- leaq (%rcx,%r10,2),%r10
- movq %r11,%rbx
- adcq %r11,%r11
-
- mulq %rax
- addq %rax,%r9
- adcq %rdx,%r10
- adcq $0,%r11
-
- movq %r9,16(%rsp)
- movq %r10,24(%rsp)
- shrq $63,%rbx
-
-
- movq 16(%rsi),%r9
- movq 24(%rsi),%rax
- mulq %r9
- addq %rax,%r12
- movq 32(%rsi),%rax
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- addq %rax,%r13
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r13
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- addq %rax,%r14
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r14
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- movq %r12,%r10
- leaq (%rbx,%r12,2),%r12
- addq %rax,%r15
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rcx,%r15
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r9
- shrq $63,%r10
- addq %rax,%r8
- movq %r9,%rax
- adcq $0,%rdx
- addq %rcx,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- movq %r13,%rcx
- leaq (%r10,%r13,2),%r13
-
- mulq %rax
- addq %rax,%r11
- adcq %rdx,%r12
- adcq $0,%r13
-
- movq %r11,32(%rsp)
- movq %r12,40(%rsp)
- shrq $63,%rcx
-
-
- movq 24(%rsi),%r10
- movq 32(%rsi),%rax
- mulq %r10
- addq %rax,%r14
- movq 40(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- addq %rax,%r15
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r15
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- movq %r14,%r12
- leaq (%rcx,%r14,2),%r14
- addq %rax,%r8
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %rbx,%r8
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r10
- shrq $63,%r12
- addq %rax,%r9
- movq %r10,%rax
- adcq $0,%rdx
- addq %rbx,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- movq %r15,%rbx
- leaq (%r12,%r15,2),%r15
-
- mulq %rax
- addq %rax,%r13
- adcq %rdx,%r14
- adcq $0,%r15
-
- movq %r13,48(%rsp)
- movq %r14,56(%rsp)
- shrq $63,%rbx
-
-
- movq 32(%rsi),%r11
- movq 40(%rsi),%rax
- mulq %r11
- addq %rax,%r8
- movq 48(%rsi),%rax
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r11
- addq %rax,%r9
- movq 56(%rsi),%rax
- adcq $0,%rdx
- movq %r8,%r12
- leaq (%rbx,%r8,2),%r8
- addq %rcx,%r9
- movq %rdx,%rcx
- adcq $0,%rcx
-
- mulq %r11
- shrq $63,%r12
- addq %rax,%r10
- movq %r11,%rax
- adcq $0,%rdx
- addq %rcx,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- movq %r9,%rcx
- leaq (%r12,%r9,2),%r9
-
- mulq %rax
- addq %rax,%r15
- adcq %rdx,%r8
- adcq $0,%r9
-
- movq %r15,64(%rsp)
- movq %r8,72(%rsp)
- shrq $63,%rcx
-
-
- movq 40(%rsi),%r12
- movq 48(%rsi),%rax
- mulq %r12
- addq %rax,%r10
- movq 56(%rsi),%rax
- movq %rdx,%rbx
- adcq $0,%rbx
-
- mulq %r12
- addq %rax,%r11
- movq %r12,%rax
- movq %r10,%r15
- leaq (%rcx,%r10,2),%r10
- adcq $0,%rdx
- shrq $63,%r15
- addq %rbx,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- movq %r11,%rbx
- leaq (%r15,%r11,2),%r11
-
- mulq %rax
- addq %rax,%r9
- adcq %rdx,%r10
- adcq $0,%r11
-
- movq %r9,80(%rsp)
- movq %r10,88(%rsp)
-
-
- movq 48(%rsi),%r13
- movq 56(%rsi),%rax
- mulq %r13
- addq %rax,%r12
- movq %r13,%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- xorq %r14,%r14
- shlq $1,%rbx
- adcq %r12,%r12
- adcq %r13,%r13
- adcq %r14,%r14
-
- mulq %rax
- addq %rax,%r11
- adcq %rdx,%r12
- adcq $0,%r13
-
- movq %r11,96(%rsp)
- movq %r12,104(%rsp)
-
-
- movq 56(%rsi),%rax
- mulq %rax
- addq %rax,%r13
- adcq $0,%rdx
-
- addq %rdx,%r14
-
- movq %r13,112(%rsp)
- movq %r14,120(%rsp)
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
-
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- movq %r8,%rdx
- movq %r9,%rax
- movl 128+8(%rsp),%r8d
- movq %rdi,%rsi
-
- decl %r8d
- jnz L$oop_sqr
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-L$sqr_epilogue:
- .byte 0xf3,0xc3
-
-.globl _rsaz_512_mul
-.private_extern _rsaz_512_mul
-
-.p2align 5
-_rsaz_512_mul:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-L$mul_body:
-.byte 102,72,15,110,199
-.byte 102,72,15,110,201
- movq %r8,128(%rsp)
- movq (%rdx),%rbx
- movq %rdx,%rbp
- call __rsaz_512_mul
-
-.byte 102,72,15,126,199
-.byte 102,72,15,126,205
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-L$mul_epilogue:
- .byte 0xf3,0xc3
-
-.globl _rsaz_512_mul_gather4
-.private_extern _rsaz_512_mul_gather4
-
-.p2align 5
-_rsaz_512_mul_gather4:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $152,%rsp
-L$mul_gather4_body:
- movd %r9d,%xmm8
- movdqa L$inc+16(%rip),%xmm1
- movdqa L$inc(%rip),%xmm0
-
- pshufd $0,%xmm8,%xmm8
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
- paddd %xmm0,%xmm1
- pcmpeqd %xmm8,%xmm0
- movdqa %xmm7,%xmm3
- paddd %xmm1,%xmm2
- pcmpeqd %xmm8,%xmm1
- movdqa %xmm7,%xmm4
- paddd %xmm2,%xmm3
- pcmpeqd %xmm8,%xmm2
- movdqa %xmm7,%xmm5
- paddd %xmm3,%xmm4
- pcmpeqd %xmm8,%xmm3
- movdqa %xmm7,%xmm6
- paddd %xmm4,%xmm5
- pcmpeqd %xmm8,%xmm4
- paddd %xmm5,%xmm6
- pcmpeqd %xmm8,%xmm5
- paddd %xmm6,%xmm7
- pcmpeqd %xmm8,%xmm6
- pcmpeqd %xmm8,%xmm7
-
- movdqa 0(%rdx),%xmm8
- movdqa 16(%rdx),%xmm9
- movdqa 32(%rdx),%xmm10
- movdqa 48(%rdx),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rdx),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rdx),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rdx),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rdx),%xmm15
- leaq 128(%rdx),%rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-.byte 102,76,15,126,195
-
- movq %r8,128(%rsp)
- movq %rdi,128+8(%rsp)
- movq %rcx,128+16(%rsp)
-
- movq (%rsi),%rax
- movq 8(%rsi),%rcx
- mulq %rbx
- movq %rax,(%rsp)
- movq %rcx,%rax
- movq %rdx,%r8
-
- mulq %rbx
- addq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq (%rsi),%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rsp),%rdi
- movl $7,%ecx
- jmp L$oop_mul_gather
-
-.p2align 5
-L$oop_mul_gather:
- movdqa 0(%rbp),%xmm8
- movdqa 16(%rbp),%xmm9
- movdqa 32(%rbp),%xmm10
- movdqa 48(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rbp),%xmm15
- leaq 128(%rbp),%rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-.byte 102,76,15,126,195
-
- mulq %rbx
- addq %rax,%r8
- movq 8(%rsi),%rax
- movq %r8,(%rdi)
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rsi),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rsi),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r15
- movq (%rsi),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rdi),%rdi
-
- decl %ecx
- jnz L$oop_mul_gather
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- movq 128+8(%rsp),%rdi
- movq 128+16(%rsp),%rbp
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-L$mul_gather4_epilogue:
- .byte 0xf3,0xc3
-
-.globl _rsaz_512_mul_scatter4
-.private_extern _rsaz_512_mul_scatter4
-
-.p2align 5
-_rsaz_512_mul_scatter4:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- movl %r9d,%r9d
- subq $128+24,%rsp
-L$mul_scatter4_body:
- leaq (%r8,%r9,8),%r8
-.byte 102,72,15,110,199
-.byte 102,72,15,110,202
-.byte 102,73,15,110,208
- movq %rcx,128(%rsp)
-
- movq %rdi,%rbp
- movq (%rdi),%rbx
- call __rsaz_512_mul
-
-.byte 102,72,15,126,199
-.byte 102,72,15,126,205
-
- movq (%rsp),%r8
- movq 8(%rsp),%r9
- movq 16(%rsp),%r10
- movq 24(%rsp),%r11
- movq 32(%rsp),%r12
- movq 40(%rsp),%r13
- movq 48(%rsp),%r14
- movq 56(%rsp),%r15
-
- call __rsaz_512_reduce
- addq 64(%rsp),%r8
- adcq 72(%rsp),%r9
- adcq 80(%rsp),%r10
- adcq 88(%rsp),%r11
- adcq 96(%rsp),%r12
- adcq 104(%rsp),%r13
- adcq 112(%rsp),%r14
- adcq 120(%rsp),%r15
-.byte 102,72,15,126,214
- sbbq %rcx,%rcx
-
- call __rsaz_512_subtract
-
- movq %r8,0(%rsi)
- movq %r9,128(%rsi)
- movq %r10,256(%rsi)
- movq %r11,384(%rsi)
- movq %r12,512(%rsi)
- movq %r13,640(%rsi)
- movq %r14,768(%rsi)
- movq %r15,896(%rsi)
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-L$mul_scatter4_epilogue:
- .byte 0xf3,0xc3
-
-.globl _rsaz_512_mul_by_one
-.private_extern _rsaz_512_mul_by_one
-
-.p2align 5
-_rsaz_512_mul_by_one:
- pushq %rbx
- pushq %rbp
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
-
- subq $128+24,%rsp
-L$mul_by_one_body:
- movq %rdx,%rbp
- movq %rcx,128(%rsp)
-
- movq (%rsi),%r8
- pxor %xmm0,%xmm0
- movq 8(%rsi),%r9
- movq 16(%rsi),%r10
- movq 24(%rsi),%r11
- movq 32(%rsi),%r12
- movq 40(%rsi),%r13
- movq 48(%rsi),%r14
- movq 56(%rsi),%r15
-
- movdqa %xmm0,(%rsp)
- movdqa %xmm0,16(%rsp)
- movdqa %xmm0,32(%rsp)
- movdqa %xmm0,48(%rsp)
- movdqa %xmm0,64(%rsp)
- movdqa %xmm0,80(%rsp)
- movdqa %xmm0,96(%rsp)
- call __rsaz_512_reduce
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- leaq 128+24+48(%rsp),%rax
- movq -48(%rax),%r15
- movq -40(%rax),%r14
- movq -32(%rax),%r13
- movq -24(%rax),%r12
- movq -16(%rax),%rbp
- movq -8(%rax),%rbx
- leaq (%rax),%rsp
-L$mul_by_one_epilogue:
- .byte 0xf3,0xc3
-
-
-.p2align 5
-__rsaz_512_reduce:
- movq %r8,%rbx
- imulq 128+8(%rsp),%rbx
- movq 0(%rbp),%rax
- movl $8,%ecx
- jmp L$reduction_loop
-
-.p2align 5
-L$reduction_loop:
- mulq %rbx
- movq 8(%rbp),%rax
- negq %r8
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rbp),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rbp),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rbp),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq 128+8(%rsp),%rsi
-
-
- adcq $0,%rdx
- movq %rdx,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rbp),%rax
- adcq $0,%rdx
- imulq %r8,%rsi
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rbp),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rbp),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- movq %rsi,%rbx
- addq %rax,%r15
- movq 0(%rbp),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- decl %ecx
- jne L$reduction_loop
-
- .byte 0xf3,0xc3
-
-
-.p2align 5
-__rsaz_512_subtract:
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- movq 0(%rbp),%r8
- movq 8(%rbp),%r9
- negq %r8
- notq %r9
- andq %rcx,%r8
- movq 16(%rbp),%r10
- andq %rcx,%r9
- notq %r10
- movq 24(%rbp),%r11
- andq %rcx,%r10
- notq %r11
- movq 32(%rbp),%r12
- andq %rcx,%r11
- notq %r12
- movq 40(%rbp),%r13
- andq %rcx,%r12
- notq %r13
- movq 48(%rbp),%r14
- andq %rcx,%r13
- notq %r14
- movq 56(%rbp),%r15
- andq %rcx,%r14
- notq %r15
- andq %rcx,%r15
-
- addq (%rdi),%r8
- adcq 8(%rdi),%r9
- adcq 16(%rdi),%r10
- adcq 24(%rdi),%r11
- adcq 32(%rdi),%r12
- adcq 40(%rdi),%r13
- adcq 48(%rdi),%r14
- adcq 56(%rdi),%r15
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- .byte 0xf3,0xc3
-
-
-.p2align 5
-__rsaz_512_mul:
- leaq 8(%rsp),%rdi
-
- movq (%rsi),%rax
- mulq %rbx
- movq %rax,(%rdi)
- movq 8(%rsi),%rax
- movq %rdx,%r8
-
- mulq %rbx
- addq %rax,%r8
- movq 16(%rsi),%rax
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r9
- movq 24(%rsi),%rax
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r10
- movq 32(%rsi),%rax
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r11
- movq 40(%rsi),%rax
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r12
- movq 48(%rsi),%rax
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r13
- movq 56(%rsi),%rax
- movq %rdx,%r14
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r14
- movq (%rsi),%rax
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rbp),%rbp
- leaq 8(%rdi),%rdi
-
- movl $7,%ecx
- jmp L$oop_mul
-
-.p2align 5
-L$oop_mul:
- movq (%rbp),%rbx
- mulq %rbx
- addq %rax,%r8
- movq 8(%rsi),%rax
- movq %r8,(%rdi)
- movq %rdx,%r8
- adcq $0,%r8
-
- mulq %rbx
- addq %rax,%r9
- movq 16(%rsi),%rax
- adcq $0,%rdx
- addq %r9,%r8
- movq %rdx,%r9
- adcq $0,%r9
-
- mulq %rbx
- addq %rax,%r10
- movq 24(%rsi),%rax
- adcq $0,%rdx
- addq %r10,%r9
- movq %rdx,%r10
- adcq $0,%r10
-
- mulq %rbx
- addq %rax,%r11
- movq 32(%rsi),%rax
- adcq $0,%rdx
- addq %r11,%r10
- movq %rdx,%r11
- adcq $0,%r11
-
- mulq %rbx
- addq %rax,%r12
- movq 40(%rsi),%rax
- adcq $0,%rdx
- addq %r12,%r11
- movq %rdx,%r12
- adcq $0,%r12
-
- mulq %rbx
- addq %rax,%r13
- movq 48(%rsi),%rax
- adcq $0,%rdx
- addq %r13,%r12
- movq %rdx,%r13
- adcq $0,%r13
-
- mulq %rbx
- addq %rax,%r14
- movq 56(%rsi),%rax
- adcq $0,%rdx
- addq %r14,%r13
- movq %rdx,%r14
- leaq 8(%rbp),%rbp
- adcq $0,%r14
-
- mulq %rbx
- addq %rax,%r15
- movq (%rsi),%rax
- adcq $0,%rdx
- addq %r15,%r14
- movq %rdx,%r15
- adcq $0,%r15
-
- leaq 8(%rdi),%rdi
-
- decl %ecx
- jnz L$oop_mul
-
- movq %r8,(%rdi)
- movq %r9,8(%rdi)
- movq %r10,16(%rdi)
- movq %r11,24(%rdi)
- movq %r12,32(%rdi)
- movq %r13,40(%rdi)
- movq %r14,48(%rdi)
- movq %r15,56(%rdi)
-
- .byte 0xf3,0xc3
-
-.globl _rsaz_512_scatter4
-.private_extern _rsaz_512_scatter4
-
-.p2align 4
-_rsaz_512_scatter4:
- leaq (%rdi,%rdx,8),%rdi
- movl $8,%r9d
- jmp L$oop_scatter
-.p2align 4
-L$oop_scatter:
- movq (%rsi),%rax
- leaq 8(%rsi),%rsi
- movq %rax,(%rdi)
- leaq 128(%rdi),%rdi
- decl %r9d
- jnz L$oop_scatter
- .byte 0xf3,0xc3
-
-
-.globl _rsaz_512_gather4
-.private_extern _rsaz_512_gather4
-
-.p2align 4
-_rsaz_512_gather4:
- movd %edx,%xmm8
- movdqa L$inc+16(%rip),%xmm1
- movdqa L$inc(%rip),%xmm0
-
- pshufd $0,%xmm8,%xmm8
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
- paddd %xmm0,%xmm1
- pcmpeqd %xmm8,%xmm0
- movdqa %xmm7,%xmm3
- paddd %xmm1,%xmm2
- pcmpeqd %xmm8,%xmm1
- movdqa %xmm7,%xmm4
- paddd %xmm2,%xmm3
- pcmpeqd %xmm8,%xmm2
- movdqa %xmm7,%xmm5
- paddd %xmm3,%xmm4
- pcmpeqd %xmm8,%xmm3
- movdqa %xmm7,%xmm6
- paddd %xmm4,%xmm5
- pcmpeqd %xmm8,%xmm4
- paddd %xmm5,%xmm6
- pcmpeqd %xmm8,%xmm5
- paddd %xmm6,%xmm7
- pcmpeqd %xmm8,%xmm6
- pcmpeqd %xmm8,%xmm7
- movl $8,%r9d
- jmp L$oop_gather
-.p2align 4
-L$oop_gather:
- movdqa 0(%rsi),%xmm8
- movdqa 16(%rsi),%xmm9
- movdqa 32(%rsi),%xmm10
- movdqa 48(%rsi),%xmm11
- pand %xmm0,%xmm8
- movdqa 64(%rsi),%xmm12
- pand %xmm1,%xmm9
- movdqa 80(%rsi),%xmm13
- pand %xmm2,%xmm10
- movdqa 96(%rsi),%xmm14
- pand %xmm3,%xmm11
- movdqa 112(%rsi),%xmm15
- leaq 128(%rsi),%rsi
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd $0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,(%rdi)
- leaq 8(%rdi),%rdi
- decl %r9d
- jnz L$oop_gather
- .byte 0xf3,0xc3
-L$SEH_end_rsaz_512_gather4:
-
-
-.p2align 6
-L$inc:
-.long 0,0, 1,1
-.long 2,2, 2,2
-#endif
diff --git a/sources.bp b/sources.bp
index 3dedf39..9672673 100644
--- a/sources.bp
+++ b/sources.bp
@@ -355,7 +355,6 @@
"linux-x86_64/crypto/aes/bsaes-x86_64.S",
"linux-x86_64/crypto/aes/vpaes-x86_64.S",
"linux-x86_64/crypto/bn/rsaz-avx2.S",
- "linux-x86_64/crypto/bn/rsaz-x86_64.S",
"linux-x86_64/crypto/bn/x86_64-mont.S",
"linux-x86_64/crypto/bn/x86_64-mont5.S",
"linux-x86_64/crypto/chacha/chacha-x86_64.S",
@@ -377,7 +376,6 @@
"linux-x86_64/crypto/aes/bsaes-x86_64.S",
"linux-x86_64/crypto/aes/vpaes-x86_64.S",
"linux-x86_64/crypto/bn/rsaz-avx2.S",
- "linux-x86_64/crypto/bn/rsaz-x86_64.S",
"linux-x86_64/crypto/bn/x86_64-mont.S",
"linux-x86_64/crypto/bn/x86_64-mont5.S",
"linux-x86_64/crypto/chacha/chacha-x86_64.S",
@@ -474,13 +472,13 @@
"src/crypto/cipher/aead_test.cc",
"src/crypto/cipher/cipher_test.cc",
"src/crypto/cmac/cmac_test.cc",
- "src/crypto/constant_time_test.c",
+ "src/crypto/constant_time_test.cc",
"src/crypto/curve25519/ed25519_test.cc",
"src/crypto/curve25519/spake25519_test.cc",
"src/crypto/curve25519/x25519_test.cc",
"src/crypto/dh/dh_test.cc",
"src/crypto/digest/digest_test.cc",
- "src/crypto/dsa/dsa_test.c",
+ "src/crypto/dsa/dsa_test.cc",
"src/crypto/ec/ec_test.cc",
"src/crypto/ec/example_mul.c",
"src/crypto/ec/p256-x86_64_test.cc",
@@ -492,16 +490,16 @@
"src/crypto/evp/evp_extra_test.cc",
"src/crypto/evp/evp_test.cc",
"src/crypto/evp/pbkdf_test.cc",
- "src/crypto/hkdf/hkdf_test.c",
+ "src/crypto/hkdf/hkdf_test.cc",
"src/crypto/hmac/hmac_test.cc",
- "src/crypto/lhash/lhash_test.c",
+ "src/crypto/lhash/lhash_test.cc",
"src/crypto/modes/gcm_test.cc",
"src/crypto/obj/obj_test.cc",
"src/crypto/pkcs8/pkcs12_test.cc",
"src/crypto/pkcs8/pkcs8_test.cc",
"src/crypto/poly1305/poly1305_test.cc",
"src/crypto/pool/pool_test.cc",
- "src/crypto/refcount_test.c",
+ "src/crypto/refcount_test.cc",
"src/crypto/rsa/rsa_test.cc",
"src/crypto/thread_test.c",
"src/crypto/x509/pkcs7_test.c",
diff --git a/sources.mk b/sources.mk
index 5b134c0..d872d77 100644
--- a/sources.mk
+++ b/sources.mk
@@ -333,7 +333,6 @@
linux-x86_64/crypto/aes/bsaes-x86_64.S\
linux-x86_64/crypto/aes/vpaes-x86_64.S\
linux-x86_64/crypto/bn/rsaz-avx2.S\
- linux-x86_64/crypto/bn/rsaz-x86_64.S\
linux-x86_64/crypto/bn/x86_64-mont.S\
linux-x86_64/crypto/bn/x86_64-mont5.S\
linux-x86_64/crypto/chacha/chacha-x86_64.S\
diff --git a/src/API-CONVENTIONS.md b/src/API-CONVENTIONS.md
index 0dbb2e7..7b33797 100644
--- a/src/API-CONVENTIONS.md
+++ b/src/API-CONVENTIONS.md
@@ -14,10 +14,10 @@
Some headers lack documention comments. These are functions and structures from
OpenSSL's legacy ASN.1, X.509, and PEM implementation. If possible, avoid using
them. These are left largely unmodified from upstream and are retained only for
-compatibilty with existing OpenSSL consumers.
+compatibility with existing OpenSSL consumers.
-# Forward declarations
+## Forward declarations
Do not write `typedef struct foo_st FOO` or try otherwise to define BoringSSL's
types. Including `openssl/base.h` (or `openssl/ossl_typ.h` for consumers who
diff --git a/src/BUILDING.md b/src/BUILDING.md
index 522bee1..8e226c0 100644
--- a/src/BUILDING.md
+++ b/src/BUILDING.md
@@ -2,7 +2,7 @@
## Build Prerequisites
- * [CMake](https://cmake.org/download/) 2.8.8 or later is required.
+ * [CMake](https://cmake.org/download/) 2.8.10 or later is required.
* Perl 5.6.1 or later is required. On Windows,
[Active State Perl](http://www.activestate.com/activeperl/) has been
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index cb8bb53..b194160 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -194,6 +194,35 @@
set(ARCH "x86_64")
endif()
+if (MSAN)
+ if(NOT CMAKE_CXX_COMPILER_ID MATCHES "Clang")
+ message(FATAL_ERROR "Cannot enable MSAN unless using Clang")
+ endif()
+
+ if (ASAN)
+ message(FATAL_ERROR "ASAN and MSAN are mutually exclusive")
+ endif()
+
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
+ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=memory -fsanitize-memory-track-origins -fno-omit-frame-pointer")
+ set(OPENSSL_NO_ASM "1")
+endif()
+
+if (ASAN)
+ if(NOT CMAKE_CXX_COMPILER_ID MATCHES "Clang")
+ message(FATAL_ERROR "Cannot enable ASAN unless using Clang")
+ endif()
+
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fno-omit-frame-pointer")
+ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer")
+ set(OPENSSL_NO_ASM "1")
+endif()
+
+if (GCOV)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
+ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fprofile-arcs -ftest-coverage")
+endif()
+
if (OPENSSL_NO_ASM)
add_definitions(-DOPENSSL_NO_ASM)
set(ARCH "generic")
diff --git a/src/STYLE.md b/src/STYLE.md
index 4c88945..4b377e7 100644
--- a/src/STYLE.md
+++ b/src/STYLE.md
@@ -45,6 +45,16 @@
Rather than `malloc()` and `free()`, use the wrappers `OPENSSL_malloc()`
and `OPENSSL_free()`. Use the standard C `assert()` function freely.
+Use the following wrappers, found in `crypto/internal.h` instead of the
+corresponding C standard library functions. They behave the same but avoid
+confusing undefined behavior.
+
+* `OPENSSL_memchr`
+* `OPENSSL_memcmp`
+* `OPENSSL_memcpy`
+* `OPENSSL_memmove`
+* `OPENSSL_memset`
+
For new constants, prefer enums when the values are sequential and typed
constants for flags. If adding values to an existing set of `#define`s,
continue with `#define`.
diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt
index fceef1a..97fea5f 100644
--- a/src/crypto/CMakeLists.txt
+++ b/src/crypto/CMakeLists.txt
@@ -180,7 +180,7 @@
add_executable(
constant_time_test
- constant_time_test.c
+ constant_time_test.cc
$<TARGET_OBJECTS:test_support>
)
@@ -202,7 +202,7 @@
add_executable(
refcount_test
- refcount_test.c
+ refcount_test.cc
)
target_link_libraries(refcount_test crypto)
diff --git a/src/crypto/aes/aes_test.cc b/src/crypto/aes/aes_test.cc
index 4fb3a31..cdf03d3 100644
--- a/src/crypto/aes/aes_test.cc
+++ b/src/crypto/aes/aes_test.cc
@@ -21,6 +21,7 @@
#include <openssl/aes.h>
#include <openssl/crypto.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -54,7 +55,7 @@
}
// Test in-place encryption.
- memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
AES_encrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, ciphertext.data(),
ciphertext.size())) {
@@ -76,7 +77,7 @@
}
// Test in-place decryption.
- memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
AES_decrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, plaintext.data(),
plaintext.size())) {
@@ -123,7 +124,7 @@
return false;
}
- memset(buf.get(), 0, ciphertext.size());
+ OPENSSL_memset(buf.get(), 0, ciphertext.size());
if (AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
plaintext.size()) != static_cast<int>(ciphertext.size()) ||
!t->ExpectBytesEqual(buf.get(), ciphertext.size(), ciphertext.data(),
@@ -146,7 +147,7 @@
return false;
}
- memset(buf.get(), 0, plaintext.size());
+ OPENSSL_memset(buf.get(), 0, plaintext.size());
if (AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
ciphertext.size()) != static_cast<int>(plaintext.size()) ||
!t->ExpectBytesEqual(buf.get(), plaintext.size(), plaintext.data(),
@@ -155,6 +156,13 @@
return false;
}
+ ciphertext[0] ^= 1;
+ if (AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
+ ciphertext.size()) != -1) {
+ t->PrintLine("AES_unwrap_key with bad input unexpectedly succeeded.");
+ return false;
+ }
+
return true;
}
diff --git a/src/crypto/aes/key_wrap.c b/src/crypto/aes/key_wrap.c
index c8b6a03..23553b7 100644
--- a/src/crypto/aes/key_wrap.c
+++ b/src/crypto/aes/key_wrap.c
@@ -53,6 +53,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* kDefaultIV is the default IV value given in RFC 3394, 2.2.3.1. */
static const uint8_t kDefaultIV[] = {
@@ -73,15 +75,15 @@
iv = kDefaultIV;
}
- memmove(out + 8, in, in_len);
+ OPENSSL_memmove(out + 8, in, in_len);
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, iv, 8);
+ OPENSSL_memcpy(A, iv, 8);
size_t n = in_len / 8;
for (unsigned j = 0; j < kBound; j++) {
for (size_t i = 1; i <= n; i++) {
- memcpy(A + 8, out + 8 * i, 8);
+ OPENSSL_memcpy(A + 8, out + 8 * i, 8);
AES_encrypt(A, A, key);
uint32_t t = (uint32_t)(n * j + i);
@@ -89,11 +91,11 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(out + 8 * i, A + 8, 8);
+ OPENSSL_memcpy(out + 8 * i, A + 8, 8);
}
}
- memcpy(out, A, 8);
+ OPENSSL_memcpy(out, A, 8);
return (int)in_len + 8;
}
@@ -110,8 +112,8 @@
}
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, in, 8);
- memmove(out, in + 8, in_len - 8);
+ OPENSSL_memcpy(A, in, 8);
+ OPENSSL_memmove(out, in + 8, in_len - 8);
size_t n = (in_len / 8) - 1;
@@ -122,9 +124,9 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(A + 8, out + 8 * (i - 1), 8);
+ OPENSSL_memcpy(A + 8, out + 8 * (i - 1), 8);
AES_decrypt(A, A, key);
- memcpy(out + 8 * (i - 1), A + 8, 8);
+ OPENSSL_memcpy(out + 8 * (i - 1), A + 8, 8);
}
}
diff --git a/src/crypto/asn1/a_bitstr.c b/src/crypto/asn1/a_bitstr.c
index 2705ea5..ea9da24 100644
--- a/src/crypto/asn1/a_bitstr.c
+++ b/src/crypto/asn1/a_bitstr.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{
return M_ASN1_BIT_STRING_set(x, d, len);
@@ -115,7 +118,7 @@
*(p++) = (unsigned char)bits;
d = a->data;
- memcpy(p, d, len);
+ OPENSSL_memcpy(p, d, len);
p += len;
if (len > 0)
p[-1] &= (0xff << bits);
@@ -162,7 +165,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
s[len - 1] &= (0xff << padding);
p += len;
} else
@@ -215,7 +218,7 @@
return 0;
}
if (w + 1 - a->length > 0)
- memset(c + a->length, 0, w + 1 - a->length);
+ OPENSSL_memset(c + a->length, 0, w + 1 - a->length);
a->data = c;
a->length = w + 1;
}
diff --git a/src/crypto/asn1/a_enum.c b/src/crypto/asn1/a_enum.c
index 0b95fc9..cc46905 100644
--- a/src/crypto/asn1/a_enum.c
+++ b/src/crypto/asn1/a_enum.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Code for ENUMERATED type: identical to INTEGER apart from a different tag.
* for comments on encoding see a_int.c
@@ -79,7 +82,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/src/crypto/asn1/a_int.c b/src/crypto/asn1/a_int.c
index 38a01bc..617ba96 100644
--- a/src/crypto/asn1/a_int.c
+++ b/src/crypto/asn1/a_int.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{
return M_ASN1_INTEGER_dup(x);
@@ -157,7 +160,7 @@
if (a->length == 0)
*(p++) = 0;
else if (!neg)
- memcpy(p, a->data, (unsigned int)a->length);
+ OPENSSL_memcpy(p, a->data, (unsigned int)a->length);
else {
/* Begin at the end of the encoding */
n = a->data + a->length - 1;
@@ -254,7 +257,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
}
if (ret->data != NULL)
@@ -322,7 +325,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
p += len;
}
@@ -354,7 +357,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/src/crypto/asn1/a_object.c b/src/crypto/asn1/a_object.c
index fef9b79..a710add 100644
--- a/src/crypto/asn1/a_object.c
+++ b/src/crypto/asn1/a_object.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
@@ -77,7 +80,7 @@
p = *pp;
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
- memcpy(p, a->data, a->length);
+ OPENSSL_memcpy(p, a->data, a->length);
p += a->length;
*pp = p;
@@ -321,7 +324,7 @@
}
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(data, p, length);
+ OPENSSL_memcpy(data, p, length);
/* reattach data to object, after which it remains const */
ret->data = data;
ret->length = length;
diff --git a/src/crypto/asn1/a_utctm.c b/src/crypto/asn1/a_utctm.c
index db5cd29..3b9d257 100644
--- a/src/crypto/asn1/a_utctm.c
+++ b/src/crypto/asn1/a_utctm.c
@@ -270,7 +270,7 @@
struct tm tm;
int offset;
- memset(&tm, '\0', sizeof tm);
+ OPENSSL_memset(&tm, '\0', sizeof tm);
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data);
diff --git a/src/crypto/asn1/asn1_lib.c b/src/crypto/asn1/asn1_lib.c
index 94553b1..774f151 100644
--- a/src/crypto/asn1/asn1_lib.c
+++ b/src/crypto/asn1/asn1_lib.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* Cross-module errors from crypto/x509/i2d_pr.c. */
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE)
@@ -401,7 +404,7 @@
}
str->length = len;
if (data != NULL) {
- memcpy(str->data, data, len);
+ OPENSSL_memcpy(str->data, data, len);
/* an allowance for strings :-) */
str->data[len] = '\0';
}
@@ -452,7 +455,7 @@
i = (a->length - b->length);
if (i == 0) {
- i = memcmp(a->data, b->data, a->length);
+ i = OPENSSL_memcmp(a->data, b->data, a->length);
if (i == 0)
return (a->type - b->type);
else
diff --git a/src/crypto/asn1/tasn_dec.c b/src/crypto/asn1/tasn_dec.c
index dfbd222..40778a8 100644
--- a/src/crypto/asn1/tasn_dec.c
+++ b/src/crypto/asn1/tasn_dec.c
@@ -1108,7 +1108,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(buf->data + len, *p, plen);
+ OPENSSL_memcpy(buf->data + len, *p, plen);
}
*p += plen;
return 1;
diff --git a/src/crypto/asn1/tasn_enc.c b/src/crypto/asn1/tasn_enc.c
index 7c2b365..9286ef6 100644
--- a/src/crypto/asn1/tasn_enc.c
+++ b/src/crypto/asn1/tasn_enc.c
@@ -62,6 +62,9 @@
#include <openssl/asn1t.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
@@ -415,7 +418,7 @@
const DER_ENC *d1 = a, *d2 = b;
int cmplen, i;
cmplen = (d1->length < d2->length) ? d1->length : d2->length;
- i = memcmp(d1->data, d2->data, cmplen);
+ i = OPENSSL_memcmp(d1->data, d2->data, cmplen);
if (i)
return i;
return d1->length - d2->length;
@@ -470,7 +473,7 @@
/* Output sorted DER encoding */
p = *out;
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
- memcpy(p, tder->data, tder->length);
+ OPENSSL_memcpy(p, tder->data, tder->length);
p += tder->length;
}
*out = p;
@@ -660,6 +663,6 @@
}
if (cout && len)
- memcpy(cout, cont, len);
+ OPENSSL_memcpy(cout, cont, len);
return len;
}
diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c
index 232fe46..053b732 100644
--- a/src/crypto/asn1/tasn_new.c
+++ b/src/crypto/asn1/tasn_new.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);
static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
@@ -153,7 +156,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
}
asn1_set_choice_selector(pval, -1, it);
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
@@ -178,7 +181,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
asn1_refcount_set_one(pval, it);
asn1_enc_init(pval, it);
}
diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c
index 3f53072..a7516f6 100644
--- a/src/crypto/asn1/tasn_utl.c
+++ b/src/crypto/asn1/tasn_utl.c
@@ -178,7 +178,7 @@
if (!enc->enc) {
return 0;
}
- memcpy(enc->enc, in, inlen);
+ OPENSSL_memcpy(enc->enc, in, inlen);
}
enc->len = inlen;
@@ -195,7 +195,7 @@
return 0;
}
if (out) {
- memcpy(*out, enc->enc, enc->len);
+ OPENSSL_memcpy(*out, enc->enc, enc->len);
*out += enc->len;
}
if (len) {
diff --git a/src/crypto/asn1/x_long.c b/src/crypto/asn1/x_long.c
index bc4d275..b53127a 100644
--- a/src/crypto/asn1/x_long.c
+++ b/src/crypto/asn1/x_long.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Custom primitive type for long handling. This converts between an
* ASN1_INTEGER and a long directly.
@@ -117,7 +120,7 @@
char *cp = (char *)pval;
/* use memcpy, because we may not be long aligned */
- memcpy(<mp, cp, sizeof(long));
+ OPENSSL_memcpy(<mp, cp, sizeof(long));
if (ltmp == it->size)
return -1;
@@ -186,7 +189,7 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
- memcpy(cp, <mp, sizeof(long));
+ OPENSSL_memcpy(cp, <mp, sizeof(long));
return 1;
}
diff --git a/src/crypto/base64/base64.c b/src/crypto/base64/base64.c
index a74c3f5..7afadf7 100644
--- a/src/crypto/base64/base64.c
+++ b/src/crypto/base64/base64.c
@@ -62,6 +62,8 @@
#include <openssl/type_check.h>
+#include "../internal.h"
+
/* Encoding. */
@@ -95,7 +97,7 @@
}
void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
@@ -110,14 +112,14 @@
assert(ctx->data_used < sizeof(ctx->data));
if (sizeof(ctx->data) - ctx->data_used > in_len) {
- memcpy(&ctx->data[ctx->data_used], in, in_len);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, in_len);
ctx->data_used += (unsigned)in_len;
return;
}
if (ctx->data_used != 0) {
const size_t todo = sizeof(ctx->data) - ctx->data_used;
- memcpy(&ctx->data[ctx->data_used], in, todo);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, todo);
in += todo;
in_len -= todo;
@@ -149,7 +151,7 @@
}
if (in_len != 0) {
- memcpy(ctx->data, in, in_len);
+ OPENSSL_memcpy(ctx->data, in, in_len);
}
ctx->data_used = (unsigned)in_len;
@@ -224,7 +226,7 @@
}
void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
/* kBase64ASCIIToBinData maps characters (c < 128) to their base64 value, or
diff --git a/src/crypto/base64/base64_test.cc b/src/crypto/base64/base64_test.cc
index f8af66c..bdf3d9a 100644
--- a/src/crypto/base64/base64_test.cc
+++ b/src/crypto/base64/base64_test.cc
@@ -136,7 +136,7 @@
std::string encoded(RemoveNewlines(t->encoded));
if (len != encoded.size() ||
- memcmp(out, encoded.data(), len) != 0) {
+ OPENSSL_memcmp(out, encoded.data(), len) != 0) {
fprintf(stderr, "encode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->decoded, (int)len, (const char*)out, encoded.c_str());
return false;
@@ -178,7 +178,7 @@
}
if (len != strlen(t->decoded) ||
- memcmp(out, t->decoded, len) != 0) {
+ OPENSSL_memcmp(out, t->decoded, len) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
encoded.c_str(), (int)len, (const char*)out, t->decoded);
return false;
@@ -217,7 +217,7 @@
ret -= 3 - (expected_len % 3);
}
if (static_cast<size_t>(ret) != strlen(t->decoded) ||
- memcmp(out, t->decoded, ret) != 0) {
+ OPENSSL_memcmp(out, t->decoded, ret) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->encoded, ret, (const char*)out, t->decoded);
return false;
@@ -258,7 +258,8 @@
EVP_EncodeFinal(&ctx, out + total, &out_len);
total += out_len;
- if (total != strlen(t->encoded) || memcmp(out, t->encoded, total) != 0) {
+ if (total != strlen(t->encoded) ||
+ OPENSSL_memcmp(out, t->encoded, total) != 0) {
fprintf(stderr, "#%u: EVP_EncodeUpdate produced different output: '%s' (%u)\n",
test_num, out, static_cast<unsigned>(total));
return false;
@@ -287,7 +288,8 @@
fprintf(stderr, "#%u: EVP_DecodeUpdate failed\n", test_num);
return false;
}
- if (total != decoded_len || memcmp(out, t->decoded, decoded_len)) {
+ if (total != decoded_len ||
+ OPENSSL_memcmp(out, t->decoded, decoded_len)) {
fprintf(stderr, "#%u: EVP_DecodeUpdate produced incorrect output\n",
test_num);
return false;
@@ -368,7 +370,7 @@
out_len += bytes_written;
if (out_len != strlen(t->decoded) ||
- memcmp(out.data(), t->decoded, out_len) != 0) {
+ OPENSSL_memcmp(out.data(), t->decoded, out_len) != 0) {
fprintf(stderr, "#%u: incorrect output\n", test_num);
return 0;
}
diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c
index 9619c22..8aad9fb 100644
--- a/src/crypto/bio/bio.c
+++ b/src/crypto/bio/bio.c
@@ -75,7 +75,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BIO));
+ OPENSSL_memset(ret, 0, sizeof(BIO));
ret->method = method;
ret->shutdown = 1;
ret->references = 1;
@@ -488,7 +488,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, prefix, prefix_len);
+ OPENSSL_memcpy(*out, prefix, prefix_len);
size_t done = prefix_len;
for (;;) {
@@ -595,7 +595,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, header, header_len);
+ OPENSSL_memcpy(*out, header, header_len);
if (BIO_read(bio, (*out) + header_len, len - header_len) !=
(int) (len - header_len)) {
OPENSSL_free(*out);
diff --git a/src/crypto/bio/bio_mem.c b/src/crypto/bio/bio_mem.c
index 844fba7..24ed5be 100644
--- a/src/crypto/bio/bio_mem.c
+++ b/src/crypto/bio/bio_mem.c
@@ -63,6 +63,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
BIO *BIO_new_mem_buf(const void *buf, int len) {
BIO *ret;
@@ -144,12 +146,12 @@
}
if (ret > 0) {
- memcpy(out, b->data, ret);
+ OPENSSL_memcpy(out, b->data, ret);
b->length -= ret;
if (bio->flags & BIO_FLAGS_MEM_RDONLY) {
b->data += ret;
} else {
- memmove(b->data, &b->data[ret], b->length);
+ OPENSSL_memmove(b->data, &b->data[ret], b->length);
}
} else if (b->length == 0) {
ret = bio->num;
@@ -180,7 +182,7 @@
if (BUF_MEM_grow_clean(b, blen + inl) != ((size_t) blen) + inl) {
goto err;
}
- memcpy(&b->data[blen], in, inl);
+ OPENSSL_memcpy(&b->data[blen], in, inl);
ret = inl;
err:
@@ -240,7 +242,7 @@
b->data -= b->max - b->length;
b->length = b->max;
} else {
- memset(b->data, 0, b->max);
+ OPENSSL_memset(b->data, 0, b->max);
b->length = 0;
}
}
diff --git a/src/crypto/bio/bio_test.cc b/src/crypto/bio/bio_test.cc
index 4ae6c6e..fbfacf8 100644
--- a/src/crypto/bio/bio_test.cc
+++ b/src/crypto/bio/bio_test.cc
@@ -79,7 +79,7 @@
ScopedSocket listening_sock_closer(listening_sock);
struct sockaddr_in sin;
- memset(&sin, 0, sizeof(sin));
+ OPENSSL_memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) {
PrintSocketError("inet_pton");
@@ -128,7 +128,7 @@
PrintSocketError("read");
return false;
}
- if (memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
+ if (OPENSSL_memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
return false;
}
@@ -152,7 +152,7 @@
fprintf(stderr, "Bad test string length\n");
return false;
}
- memset(string, 'a', sizeof(string));
+ OPENSSL_memset(string, 'a', sizeof(string));
string[kLengths[i]] = '\0';
int ret = BIO_printf(bio.get(), "test %s", string);
@@ -198,8 +198,8 @@
return false;
}
- if (should_succeed &&
- (out_len != expected_len || memcmp(data, out, expected_len) != 0)) {
+ if (should_succeed && (out_len != expected_len ||
+ OPENSSL_memcmp(data, out, expected_len) != 0)) {
return false;
}
@@ -227,8 +227,8 @@
if (!large) {
return false;
}
- memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
- memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
+ OPENSSL_memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
+ OPENSSL_memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
@@ -245,7 +245,7 @@
}
static const uint8_t kIndefPrefix[] = {0x30, 0x80};
- memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
+ OPENSSL_memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
kLargePayloadLen*2)) {
@@ -287,7 +287,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -298,7 +298,7 @@
BIO_write(bio1, "z", 1) != -1 ||
!BIO_should_write(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "1234567890", 10) != 0 ||
+ OPENSSL_memcmp(buf, "1234567890", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -323,10 +323,10 @@
BIO_write(bio1, "67890___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "123", 3) != 0 ||
+ OPENSSL_memcmp(buf, "123", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 3 ||
BIO_read(bio2, buf, sizeof(buf)) != 7 ||
- memcmp(buf, "4567890", 7) != 0 ||
+ OPENSSL_memcmp(buf, "4567890", 7) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -341,12 +341,12 @@
if (BIO_write(bio1, "abcdefgh", 8) != 8 ||
BIO_ctrl_get_write_guarantee(bio1) != 2 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "abc", 3) != 0 ||
+ OPENSSL_memcmp(buf, "abc", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_write(bio1, "ijklm___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "defghijklm", 10) != 0 ||
+ OPENSSL_memcmp(buf, "defghijklm", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -355,9 +355,9 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_write(bio2, "67890", 5) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "67890", 5) != 0) {
+ OPENSSL_memcmp(buf, "67890", 5) != 0) {
return false;
}
@@ -365,7 +365,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
!BIO_shutdown_wr(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 0) {
return false;
}
@@ -385,7 +385,7 @@
// The other end is still functional.
if (BIO_write(bio2, "12345", 5) != 5 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0) {
+ OPENSSL_memcmp(buf, "12345", 5) != 0) {
return false;
}
}
diff --git a/src/crypto/bio/buffer.c b/src/crypto/bio/buffer.c
index 1557451..6190f29 100644
--- a/src/crypto/bio/buffer.c
+++ b/src/crypto/bio/buffer.c
@@ -62,6 +62,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
#define DEFAULT_BUFFER_SIZE 4096
@@ -94,7 +96,7 @@
if (ctx == NULL) {
return 0;
}
- memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
ctx->ibuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
if (ctx->ibuf == NULL) {
@@ -158,7 +160,7 @@
if (i > outl) {
i = outl;
}
- memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
+ OPENSSL_memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
ctx->ibuf_off += i;
ctx->ibuf_len -= i;
num += i;
@@ -222,7 +224,7 @@
i = ctx->obuf_size - (ctx->obuf_off + ctx->obuf_len);
/* add to buffer and return */
if (i >= inl) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
ctx->obuf_len += inl;
return num + inl;
}
@@ -230,7 +232,7 @@
/* stuff already in buffer, so add to it first, then flush */
if (ctx->obuf_len != 0) {
if (i > 0) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
in += i;
inl -= i;
num += i;
@@ -310,22 +312,10 @@
case BIO_CTRL_WPENDING:
ret = (long)ctx->obuf_len;
- if (ret == 0) {
- if (b->next_bio == NULL) {
- return 0;
- }
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- }
break;
case BIO_CTRL_PENDING:
ret = (long)ctx->ibuf_len;
- if (ret == 0) {
- if (b->next_bio == NULL) {
- return 0;
- }
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- }
break;
case BIO_C_SET_BUFF_SIZE:
diff --git a/src/crypto/bio/connect.c b/src/crypto/bio/connect.c
index 7e54447..f6cc837 100644
--- a/src/crypto/bio/connect.c
+++ b/src/crypto/bio/connect.c
@@ -77,6 +77,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
enum {
@@ -298,7 +299,7 @@
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(BIO_CONNECT));
+ OPENSSL_memset(ret, 0, sizeof(BIO_CONNECT));
ret->state = BIO_CONN_S_BEFORE;
return ret;
diff --git a/src/crypto/bio/hexdump.c b/src/crypto/bio/hexdump.c
index 8c35114..d55df62 100644
--- a/src/crypto/bio/hexdump.c
+++ b/src/crypto/bio/hexdump.c
@@ -59,6 +59,8 @@
#include <limits.h>
#include <string.h>
+#include "../internal.h"
+
/* hexdump_ctx contains the state of a hexdump. */
struct hexdump_ctx {
@@ -154,7 +156,7 @@
return 1;
}
- memset(buf, ' ', 4);
+ OPENSSL_memset(buf, ' ', 4);
buf[4] = '|';
for (; ctx->used < 16; ctx->used++) {
@@ -179,7 +181,7 @@
int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len, unsigned indent) {
struct hexdump_ctx ctx;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
ctx.bio = bio;
ctx.indent = indent;
diff --git a/src/crypto/bio/pair.c b/src/crypto/bio/pair.c
index df36343..e933a1d 100644
--- a/src/crypto/bio/pair.c
+++ b/src/crypto/bio/pair.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct bio_bio_st {
BIO *peer; /* NULL if buf == NULL.
@@ -86,7 +88,7 @@
if (b == NULL) {
return 0;
}
- memset(b, 0, sizeof(struct bio_bio_st));
+ OPENSSL_memset(b, 0, sizeof(struct bio_bio_st));
b->size = 17 * 1024; /* enough for one TLS record (just a default) */
bio->ptr = b;
@@ -207,7 +209,7 @@
}
assert(peer_b->offset + chunk <= peer_b->size);
- memcpy(buf, peer_b->buf + peer_b->offset, chunk);
+ OPENSSL_memcpy(buf, peer_b->buf + peer_b->offset, chunk);
peer_b->len -= chunk;
if (peer_b->len) {
@@ -287,7 +289,7 @@
chunk = b->size - write_offset;
}
- memcpy(b->buf + write_offset, buf, chunk);
+ OPENSSL_memcpy(b->buf + write_offset, buf, chunk);
b->len += chunk;
diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c
index 9500788..268405a 100644
--- a/src/crypto/bio/socket_helper.c
+++ b/src/crypto/bio/socket_helper.c
@@ -33,6 +33,7 @@
#endif
#include "internal.h"
+#include "../internal.h"
int bio_ip_and_port_to_socket_and_addr(int *out_sock,
@@ -45,7 +46,7 @@
*out_sock = -1;
- memset(&hint, 0, sizeof(hint));
+ OPENSSL_memset(&hint, 0, sizeof(hint));
hint.ai_family = AF_UNSPEC;
hint.ai_socktype = SOCK_STREAM;
@@ -62,8 +63,8 @@
if ((size_t) cur->ai_addrlen > sizeof(struct sockaddr_storage)) {
continue;
}
- memset(out_addr, 0, sizeof(struct sockaddr_storage));
- memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
+ OPENSSL_memset(out_addr, 0, sizeof(struct sockaddr_storage));
+ OPENSSL_memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
*out_addr_length = cur->ai_addrlen;
*out_sock = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);
diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt
index 49cfe2f..9dd24b4 100644
--- a/src/crypto/bn/CMakeLists.txt
+++ b/src/crypto/bn/CMakeLists.txt
@@ -6,7 +6,6 @@
x86_64-mont.${ASM_EXT}
x86_64-mont5.${ASM_EXT}
- rsaz-x86_64.${ASM_EXT}
rsaz-avx2.${ASM_EXT}
rsaz_exp.c
@@ -69,7 +68,6 @@
perlasm(x86_64-mont.${ASM_EXT} asm/x86_64-mont.pl)
perlasm(x86_64-mont5.${ASM_EXT} asm/x86_64-mont5.pl)
-perlasm(rsaz-x86_64.${ASM_EXT} asm/rsaz-x86_64.pl)
perlasm(rsaz-avx2.${ASM_EXT} asm/rsaz-avx2.pl)
perlasm(bn-586.${ASM_EXT} asm/bn-586.pl)
perlasm(co-586.${ASM_EXT} asm/co-586.pl)
diff --git a/src/crypto/bn/add.c b/src/crypto/bn/add.c
index 23f9f80..cfa3bbe 100644
--- a/src/crypto/bn/add.c
+++ b/src/crypto/bn/add.c
@@ -314,7 +314,7 @@
}
if (dif > 0 && rp != ap) {
- memcpy(rp, ap, sizeof(*rp) * dif);
+ OPENSSL_memcpy(rp, ap, sizeof(*rp) * dif);
}
r->top = max;
diff --git a/src/crypto/bn/asm/rsaz-x86_64.pl b/src/crypto/bn/asm/rsaz-x86_64.pl
deleted file mode 100755
index ac6b5db..0000000
--- a/src/crypto/bn/asm/rsaz-x86_64.pl
+++ /dev/null
@@ -1,2338 +0,0 @@
-#!/usr/bin/env perl
-
-##############################################################################
-# #
-# Copyright (c) 2012, Intel Corporation #
-# #
-# All rights reserved. #
-# #
-# Redistribution and use in source and binary forms, with or without #
-# modification, are permitted provided that the following conditions are #
-# met: #
-# #
-# * Redistributions of source code must retain the above copyright #
-# notice, this list of conditions and the following disclaimer. #
-# #
-# * Redistributions in binary form must reproduce the above copyright #
-# notice, this list of conditions and the following disclaimer in the #
-# documentation and/or other materials provided with the #
-# distribution. #
-# #
-# * Neither the name of the Intel Corporation nor the names of its #
-# contributors may be used to endorse or promote products derived from #
-# this software without specific prior written permission. #
-# #
-# #
-# THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY #
-# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE #
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR #
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR #
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, #
-# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, #
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR #
-# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF #
-# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING #
-# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS #
-# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #
-# #
-##############################################################################
-# Developers and authors: #
-# Shay Gueron (1, 2), and Vlad Krasnov (1) #
-# (1) Intel Architecture Group, Microprocessor and Chipset Development, #
-# Israel Development Center, Haifa, Israel #
-# (2) University of Haifa #
-##############################################################################
-# Reference: #
-# [1] S. Gueron, "Efficient Software Implementations of Modular #
-# Exponentiation", http://eprint.iacr.org/2011/239 #
-# [2] S. Gueron, V. Krasnov. "Speeding up Big-Numbers Squaring". #
-# IEEE Proceedings of 9th International Conference on Information #
-# Technology: New Generations (ITNG 2012), 821-823 (2012). #
-# [3] S. Gueron, Efficient Software Implementations of Modular Exponentiation#
-# Journal of Cryptographic Engineering 2:31-43 (2012). #
-# [4] S. Gueron, V. Krasnov: "[PATCH] Efficient and side channel analysis #
-# resistant 512-bit and 1024-bit modular exponentiation for optimizing #
-# RSA1024 and RSA2048 on x86_64 platforms", #
-# http://rt.openssl.org/Ticket/Display.html?id=2582&user=guest&pass=guest#
-##############################################################################
-
-# While original submission covers 512- and 1024-bit exponentiation,
-# this module is limited to 512-bit version only (and as such
-# accelerates RSA1024 sign). This is because improvement for longer
-# keys is not high enough to justify the effort, highest measured
-# was ~5% on Westmere. [This is relative to OpenSSL 1.0.2, upcoming
-# for the moment of this writing!] Nor does this module implement
-# "monolithic" complete exponentiation jumbo-subroutine, but adheres
-# to more modular mixture of C and assembly. And it's optimized even
-# for processors other than Intel Core family (see table below for
-# improvement coefficients).
-# <appro@openssl.org>
-#
-# RSA1024 sign/sec this/original |this/rsax(*) this/fips(*)
-# ----------------+---------------------------
-# Opteron +13% |+5% +20%
-# Bulldozer -0% |-1% +10%
-# P4 +11% |+7% +8%
-# Westmere +5% |+14% +17%
-# Sandy Bridge +2% |+12% +29%
-# Ivy Bridge +1% |+11% +35%
-# Haswell(**) -0% |+12% +39%
-# Atom +13% |+11% +4%
-# VIA Nano +70% |+9% +25%
-#
-# (*) rsax engine and fips numbers are presented for reference
-# purposes;
-# (**) MULX was attempted, but found to give only marginal improvement;
-
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
-*STDOUT=*OUT;
-
-# In upstream, this is controlled by shelling out to the compiler to check
-# versions, but BoringSSL is intended to be used with pre-generated perlasm
-# output, so this isn't useful anyway.
-#
-# TODO(davidben): Enable this after testing. $addx goes up to 1.
-$addx = 0;
-
-($out, $inp, $mod) = ("%rdi", "%rsi", "%rbp"); # common internal API
-{
-my ($out,$inp,$mod,$n0,$times) = ("%rdi","%rsi","%rdx","%rcx","%r8d");
-
-$code.=<<___;
-.text
-
-.extern OPENSSL_ia32cap_P
-
-.globl rsaz_512_sqr
-.type rsaz_512_sqr,\@function,5
-.align 32
-rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lsqr_body:
- movq $mod, %rbp # common argument
- movq ($inp), %rdx
- movq 8($inp), %rax
- movq $n0, 128(%rsp)
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Loop_sqrx
-___
-$code.=<<___;
- jmp .Loop_sqr
-
-.align 32
-.Loop_sqr:
- movl $times,128+8(%rsp)
-#first iteration
- movq %rdx, %rbx
- mulq %rdx
- movq %rax, %r8
- movq 16($inp), %rax
- movq %rdx, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($inp), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($inp), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($inp), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($inp), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($inp), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq %rbx, %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- addq %r8, %r8 #shlq \$1, %r8
- movq %r9, %rcx
- adcq %r9, %r9 #shld \$1, %r8, %r9
-
- mulq %rax
- movq %rax, (%rsp)
- addq %rdx, %r8
- adcq \$0, %r9
-
- movq %r8, 8(%rsp)
- shrq \$63, %rcx
-
-#second iteration
- movq 8($inp), %r8
- movq 16($inp), %rax
- mulq %r8
- addq %rax, %r10
- movq 24($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r11
- movq 32($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r11
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r12
- movq 40($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r12
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r13
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r13
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r14
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r14
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r15
- movq %r8, %rax
- adcq \$0, %rdx
- addq %rbx, %r15
- movq %rdx, %r8
- movq %r10, %rdx
- adcq \$0, %r8
-
- add %rdx, %rdx
- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- movq %r11, %rbx
- adcq %r11, %r11 #shld \$1, %r10, %r11
-
- mulq %rax
- addq %rax, %r9
- adcq %rdx, %r10
- adcq \$0, %r11
-
- movq %r9, 16(%rsp)
- movq %r10, 24(%rsp)
- shrq \$63, %rbx
-
-#third iteration
- movq 16($inp), %r9
- movq 24($inp), %rax
- mulq %r9
- addq %rax, %r12
- movq 32($inp), %rax
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- addq %rax, %r13
- movq 40($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r13
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- addq %rax, %r14
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r14
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- movq %r12, %r10
- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
- addq %rax, %r15
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r15
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- shrq \$63, %r10
- addq %rax, %r8
- movq %r9, %rax
- adcq \$0, %rdx
- addq %rcx, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- movq %r13, %rcx
- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
-
- mulq %rax
- addq %rax, %r11
- adcq %rdx, %r12
- adcq \$0, %r13
-
- movq %r11, 32(%rsp)
- movq %r12, 40(%rsp)
- shrq \$63, %rcx
-
-#fourth iteration
- movq 24($inp), %r10
- movq 32($inp), %rax
- mulq %r10
- addq %rax, %r14
- movq 40($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- addq %rax, %r15
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r15
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- movq %r14, %r12
- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
- addq %rax, %r8
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r8
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- shrq \$63, %r12
- addq %rax, %r9
- movq %r10, %rax
- adcq \$0, %rdx
- addq %rbx, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- movq %r15, %rbx
- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
-
- mulq %rax
- addq %rax, %r13
- adcq %rdx, %r14
- adcq \$0, %r15
-
- movq %r13, 48(%rsp)
- movq %r14, 56(%rsp)
- shrq \$63, %rbx
-
-#fifth iteration
- movq 32($inp), %r11
- movq 40($inp), %rax
- mulq %r11
- addq %rax, %r8
- movq 48($inp), %rax
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r11
- addq %rax, %r9
- movq 56($inp), %rax
- adcq \$0, %rdx
- movq %r8, %r12
- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
- addq %rcx, %r9
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r11
- shrq \$63, %r12
- addq %rax, %r10
- movq %r11, %rax
- adcq \$0, %rdx
- addq %rcx, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- movq %r9, %rcx
- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
-
- mulq %rax
- addq %rax, %r15
- adcq %rdx, %r8
- adcq \$0, %r9
-
- movq %r15, 64(%rsp)
- movq %r8, 72(%rsp)
- shrq \$63, %rcx
-
-#sixth iteration
- movq 40($inp), %r12
- movq 48($inp), %rax
- mulq %r12
- addq %rax, %r10
- movq 56($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r12
- addq %rax, %r11
- movq %r12, %rax
- movq %r10, %r15
- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- adcq \$0, %rdx
- shrq \$63, %r15
- addq %rbx, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- movq %r11, %rbx
- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
-
- mulq %rax
- addq %rax, %r9
- adcq %rdx, %r10
- adcq \$0, %r11
-
- movq %r9, 80(%rsp)
- movq %r10, 88(%rsp)
-
-#seventh iteration
- movq 48($inp), %r13
- movq 56($inp), %rax
- mulq %r13
- addq %rax, %r12
- movq %r13, %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- xorq %r14, %r14
- shlq \$1, %rbx
- adcq %r12, %r12 #shld \$1, %rbx, %r12
- adcq %r13, %r13 #shld \$1, %r12, %r13
- adcq %r14, %r14 #shld \$1, %r13, %r14
-
- mulq %rax
- addq %rax, %r11
- adcq %rdx, %r12
- adcq \$0, %r13
-
- movq %r11, 96(%rsp)
- movq %r12, 104(%rsp)
-
-#eighth iteration
- movq 56($inp), %rax
- mulq %rax
- addq %rax, %r13
- adcq \$0, %rdx
-
- addq %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, %rdx
- movq %r9, %rax
- movl 128+8(%rsp), $times
- movq $out, $inp
-
- decl $times
- jnz .Loop_sqr
-___
-if ($addx) {
-$code.=<<___;
- jmp .Lsqr_tail
-
-.align 32
-.Loop_sqrx:
- movl $times,128+8(%rsp)
- movq $out, %xmm0 # off-load
- movq %rbp, %xmm1 # off-load
-#first iteration
- mulx %rax, %r8, %r9
-
- mulx 16($inp), %rcx, %r10
- xor %rbp, %rbp # cf=0, of=0
-
- mulx 24($inp), %rax, %r11
- adcx %rcx, %r9
-
- mulx 32($inp), %rcx, %r12
- adcx %rax, %r10
-
- mulx 40($inp), %rax, %r13
- adcx %rcx, %r11
-
- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
- adcx %rax, %r12
- adcx %rcx, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
- adcx %rax, %r14
- adcx %rbp, %r15 # %rbp is 0
-
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shl \$1, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rdx, %r8
- mov 8($inp), %rdx
- adcx %rbp, %r9
-
- mov %rax, (%rsp)
- mov %r8, 8(%rsp)
-
-#second iteration
- mulx 16($inp), %rax, %rbx
- adox %rax, %r10
- adcx %rbx, %r11
-
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
- adox $out, %r11
- adcx %r8, %r12
-
- mulx 32($inp), %rax, %rbx
- adox %rax, %r12
- adcx %rbx, %r13
-
- mulx 40($inp), $out, %r8
- adox $out, %r13
- adcx %r8, %r14
-
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rbx
- adox %rax, %r14
- adcx %rbx, %r15
-
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
- adox $out, %r15
- adcx %rbp, %r8
- adox %rbp, %r8
-
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp,%ebp
- mulx %rdx, %rax, %rcx
- mov 16($inp), %rdx
- adcx %rax, %r9
- adcx %rcx, %r10
- adcx %rbp, %r11
-
- mov %r9, 16(%rsp)
- .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
-
-#third iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
- adox $out, %r12
- adcx %r9, %r13
-
- mulx 32($inp), %rax, %rcx
- adox %rax, %r13
- adcx %rcx, %r14
-
- mulx 40($inp), $out, %r9
- adox $out, %r14
- adcx %r9, %r15
-
- .byte 0xc4,0xe2,0xfb,0xf6,0x8e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rcx
- adox %rax, %r15
- adcx %rcx, %r8
-
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
- adox $out, %r8
- adcx %rbp, %r9
- adox %rbp, %r9
-
- mov %r13, %rcx
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
- mov 24($inp), %rdx
- adcx %rbp, %r13
-
- mov %r11, 32(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
-
-#fourth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
- adox %rax, %r14
- adcx %rbx, %r15
-
- mulx 40($inp), $out, %r10
- adox $out, %r15
- adcx %r10, %r8
-
- mulx 48($inp), %rax, %rbx
- adox %rax, %r8
- adcx %rbx, %r9
-
- mulx 56($inp), $out, %r10
- adox $out, %r9
- adcx %rbp, %r10
- adox %rbp, %r10
-
- .byte 0x66
- mov %r15, %rbx
- shld \$1, %r14, %r15
- shld \$1, %rcx, %r14
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r13
- adcx %rdx, %r14
- mov 32($inp), %rdx
- adcx %rbp, %r15
-
- mov %r13, 48(%rsp)
- mov %r14, 56(%rsp)
-
-#fifth iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
- adox $out, %r8
- adcx %r11, %r9
-
- mulx 48($inp), %rax, %rcx
- adox %rax, %r9
- adcx %rcx, %r10
-
- mulx 56($inp), $out, %r11
- adox $out, %r10
- adcx %rbp, %r11
- adox %rbp, %r11
-
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shld \$1, %rbx, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r15
- adcx %rdx, %r8
- mov 40($inp), %rdx
- adcx %rbp, %r9
-
- mov %r15, 64(%rsp)
- mov %r8, 72(%rsp)
-
-#sixth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rbx
- adox %rax, %r10
- adcx %rbx, %r11
-
- .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
- adox $out, %r11
- adcx %rbp, %r12
- adox %rbp, %r12
-
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r9
- adcx %rdx, %r10
- mov 48($inp), %rdx
- adcx %rbp, %r11
-
- mov %r9, 80(%rsp)
- mov %r10, 88(%rsp)
-
-#seventh iteration
- .byte 0xc4,0x62,0xfb,0xf6,0xae,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r13
- adox %rax, %r12
- adox %rbp, %r13
-
- xor %r14, %r14
- shld \$1, %r13, %r14
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
- mov 56($inp), %rdx
- adcx %rbp, %r13
-
- .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
-
-#eighth iteration
- mulx %rdx, %rax, %rdx
- adox %rax, %r13
- adox %rbp, %rdx
-
- .byte 0x66
- add %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, %rdx
- movq %r9, %rax
- movl 128+8(%rsp), $times
- movq $out, $inp
-
- decl $times
- jnz .Loop_sqrx
-
-.Lsqr_tail:
-___
-}
-$code.=<<___;
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lsqr_epilogue:
- ret
-.size rsaz_512_sqr,.-rsaz_512_sqr
-___
-}
-{
-my ($out,$ap,$bp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx","%r8");
-$code.=<<___;
-.globl rsaz_512_mul
-.type rsaz_512_mul,\@function,5
-.align 32
-rsaz_512_mul:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lmul_body:
- movq $out, %xmm0 # off-load arguments
- movq $mod, %xmm1
- movq $n0, 128(%rsp)
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx
-___
-$code.=<<___;
- movq ($bp), %rbx # pass b[0]
- movq $bp, %rbp # pass argument
- call __rsaz_512_mul
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_tail
-
-.align 32
-.Lmulx:
- movq $bp, %rbp # pass argument
- movq ($bp), %rdx # pass b[0]
- call __rsaz_512_mulx
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-.Lmul_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_epilogue:
- ret
-.size rsaz_512_mul,.-rsaz_512_mul
-___
-}
-{
-my ($out,$ap,$bp,$mod,$n0,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-$code.=<<___;
-.globl rsaz_512_mul_gather4
-.type rsaz_512_mul_gather4,\@function,6
-.align 32
-rsaz_512_mul_gather4:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$`128+24+($win64?0xb0:0)`, %rsp
-___
-$code.=<<___ if ($win64);
- movaps %xmm6,0xa0(%rsp)
- movaps %xmm7,0xb0(%rsp)
- movaps %xmm8,0xc0(%rsp)
- movaps %xmm9,0xd0(%rsp)
- movaps %xmm10,0xe0(%rsp)
- movaps %xmm11,0xf0(%rsp)
- movaps %xmm12,0x100(%rsp)
- movaps %xmm13,0x110(%rsp)
- movaps %xmm14,0x120(%rsp)
- movaps %xmm15,0x130(%rsp)
-___
-$code.=<<___;
-.Lmul_gather4_body:
- movd $pwr,%xmm8
- movdqa .Linc+16(%rip),%xmm1 # 00000002000000020000000200000002
- movdqa .Linc(%rip),%xmm0 # 00000001000000010000000000000000
-
- pshufd \$0,%xmm8,%xmm8 # broadcast $power
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
-___
-########################################################################
-# calculate mask by comparing 0..15 to $power
-#
-for($i=0;$i<4;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
- movdqa %xmm7,%xmm`$i+3`
-___
-}
-for(;$i<7;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
-___
-}
-$code.=<<___;
- pcmpeqd %xmm8,%xmm7
-
- movdqa 16*0($bp),%xmm8
- movdqa 16*1($bp),%xmm9
- movdqa 16*2($bp),%xmm10
- movdqa 16*3($bp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4($bp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5($bp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6($bp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7($bp),%xmm15
- leaq 128($bp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx_gather
-___
-$code.=<<___;
- movq %xmm8,%rbx
-
- movq $n0, 128(%rsp) # off-load arguments
- movq $out, 128+8(%rsp)
- movq $mod, 128+16(%rsp)
-
- movq ($ap), %rax
- movq 8($ap), %rcx
- mulq %rbx # 0 iteration
- movq %rax, (%rsp)
- movq %rcx, %rax
- movq %rdx, %r8
-
- mulq %rbx
- addq %rax, %r8
- movq 16($ap), %rax
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($ap), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($ap), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($ap), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($ap), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($ap), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq ($ap), %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rsp), %rdi
- movl \$7, %ecx
- jmp .Loop_mul_gather
-
-.align 32
-.Loop_mul_gather:
- movdqa 16*0(%rbp),%xmm8
- movdqa 16*1(%rbp),%xmm9
- movdqa 16*2(%rbp),%xmm10
- movdqa 16*3(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7(%rbp),%xmm15
- leaq 128(%rbp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,%rbx
-
- mulq %rbx
- addq %rax, %r8
- movq 8($ap), %rax
- movq %r8, (%rdi)
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16($ap), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24($ap), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32($ap), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40($ap), %rax
- adcq \$0, %rdx
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48($ap), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56($ap), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r15
- movq ($ap), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rdi), %rdi
-
- decl %ecx
- jnz .Loop_mul_gather
-
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, 32(%rdi)
- movq %r13, 40(%rdi)
- movq %r14, 48(%rdi)
- movq %r15, 56(%rdi)
-
- movq 128+8(%rsp), $out
- movq 128+16(%rsp), %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_gather_tail
-
-.align 32
-.Lmulx_gather:
- movq %xmm8,%rdx
-
- mov $n0, 128(%rsp) # off-load arguments
- mov $out, 128+8(%rsp)
- mov $mod, 128+16(%rsp)
-
- mulx ($ap), %rbx, %r8 # 0 iteration
- mov %rbx, (%rsp)
- xor %edi, %edi # cf=0, of=0
-
- mulx 8($ap), %rax, %r9
-
- mulx 16($ap), %rbx, %r10
- adcx %rax, %r8
-
- mulx 24($ap), %rax, %r11
- adcx %rbx, %r9
-
- mulx 32($ap), %rbx, %r12
- adcx %rax, %r10
-
- mulx 40($ap), %rax, %r13
- adcx %rbx, %r11
-
- mulx 48($ap), %rbx, %r14
- adcx %rax, %r12
-
- mulx 56($ap), %rax, %r15
- adcx %rbx, %r13
- adcx %rax, %r14
- .byte 0x67
- mov %r8, %rbx
- adcx %rdi, %r15 # %rdi is 0
-
- mov \$-7, %rcx
- jmp .Loop_mulx_gather
-
-.align 32
-.Loop_mulx_gather:
- movdqa 16*0(%rbp),%xmm8
- movdqa 16*1(%rbp),%xmm9
- movdqa 16*2(%rbp),%xmm10
- movdqa 16*3(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7(%rbp),%xmm15
- leaq 128(%rbp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,%rdx
-
- .byte 0xc4,0x62,0xfb,0xf6,0x86,0x00,0x00,0x00,0x00 # mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- .byte 0xc4,0x62,0xfb,0xf6,0x9e,0x18,0x00,0x00,0x00 # mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- .byte 0x67
- adox %r15, %r14
-
- mulx 56($ap), %rax, %r15
- mov %rbx, 64(%rsp,%rcx,8)
- adcx %rax, %r14
- adox %rdi, %r15
- mov %r8, %rbx
- adcx %rdi, %r15 # cf=0
-
- inc %rcx # of=0
- jnz .Loop_mulx_gather
-
- mov %r8, 64(%rsp)
- mov %r9, 64+8(%rsp)
- mov %r10, 64+16(%rsp)
- mov %r11, 64+24(%rsp)
- mov %r12, 64+32(%rsp)
- mov %r13, 64+40(%rsp)
- mov %r14, 64+48(%rsp)
- mov %r15, 64+56(%rsp)
-
- mov 128(%rsp), %rdx # pull arguments
- mov 128+8(%rsp), $out
- mov 128+16(%rsp), %rbp
-
- mov (%rsp), %r8
- mov 8(%rsp), %r9
- mov 16(%rsp), %r10
- mov 24(%rsp), %r11
- mov 32(%rsp), %r12
- mov 40(%rsp), %r13
- mov 48(%rsp), %r14
- mov 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
-.Lmul_gather_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp), %rax
-___
-$code.=<<___ if ($win64);
- movaps 0xa0-0xc8(%rax),%xmm6
- movaps 0xb0-0xc8(%rax),%xmm7
- movaps 0xc0-0xc8(%rax),%xmm8
- movaps 0xd0-0xc8(%rax),%xmm9
- movaps 0xe0-0xc8(%rax),%xmm10
- movaps 0xf0-0xc8(%rax),%xmm11
- movaps 0x100-0xc8(%rax),%xmm12
- movaps 0x110-0xc8(%rax),%xmm13
- movaps 0x120-0xc8(%rax),%xmm14
- movaps 0x130-0xc8(%rax),%xmm15
- lea 0xb0(%rax),%rax
-___
-$code.=<<___;
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_gather4_epilogue:
- ret
-.size rsaz_512_mul_gather4,.-rsaz_512_mul_gather4
-___
-}
-{
-my ($out,$ap,$mod,$n0,$tbl,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-$code.=<<___;
-.globl rsaz_512_mul_scatter4
-.type rsaz_512_mul_scatter4,\@function,6
-.align 32
-rsaz_512_mul_scatter4:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- mov $pwr, $pwr
- subq \$128+24, %rsp
-.Lmul_scatter4_body:
- leaq ($tbl,$pwr,8), $tbl
- movq $out, %xmm0 # off-load arguments
- movq $mod, %xmm1
- movq $tbl, %xmm2
- movq $n0, 128(%rsp)
-
- movq $out, %rbp
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx_scatter
-___
-$code.=<<___;
- movq ($out),%rbx # pass b[0]
- call __rsaz_512_mul
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_scatter_tail
-
-.align 32
-.Lmulx_scatter:
- movq ($out), %rdx # pass b[0]
- call __rsaz_512_mulx
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
-.Lmul_scatter_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- movq %xmm2, $inp
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, 128*0($inp) # scatter
- movq %r9, 128*1($inp)
- movq %r10, 128*2($inp)
- movq %r11, 128*3($inp)
- movq %r12, 128*4($inp)
- movq %r13, 128*5($inp)
- movq %r14, 128*6($inp)
- movq %r15, 128*7($inp)
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_scatter4_epilogue:
- ret
-.size rsaz_512_mul_scatter4,.-rsaz_512_mul_scatter4
-___
-}
-{
-my ($out,$inp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx");
-$code.=<<___;
-.globl rsaz_512_mul_by_one
-.type rsaz_512_mul_by_one,\@function,4
-.align 32
-rsaz_512_mul_by_one:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lmul_by_one_body:
-___
-$code.=<<___ if ($addx);
- movl OPENSSL_ia32cap_P+8(%rip),%eax
-___
-$code.=<<___;
- movq $mod, %rbp # reassign argument
- movq $n0, 128(%rsp)
-
- movq ($inp), %r8
- pxor %xmm0, %xmm0
- movq 8($inp), %r9
- movq 16($inp), %r10
- movq 24($inp), %r11
- movq 32($inp), %r12
- movq 40($inp), %r13
- movq 48($inp), %r14
- movq 56($inp), %r15
-
- movdqa %xmm0, (%rsp)
- movdqa %xmm0, 16(%rsp)
- movdqa %xmm0, 32(%rsp)
- movdqa %xmm0, 48(%rsp)
- movdqa %xmm0, 64(%rsp)
- movdqa %xmm0, 80(%rsp)
- movdqa %xmm0, 96(%rsp)
-___
-$code.=<<___ if ($addx);
- andl \$0x80100,%eax
- cmpl \$0x80100,%eax # check for MULX and ADO/CX
- je .Lby_one_callx
-___
-$code.=<<___;
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lby_one_tail
-.align 32
-.Lby_one_callx:
- movq 128(%rsp), %rdx # pull $n0
- call __rsaz_512_reducex
-.Lby_one_tail:
-___
-$code.=<<___;
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_by_one_epilogue:
- ret
-.size rsaz_512_mul_by_one,.-rsaz_512_mul_by_one
-___
-}
-{ # __rsaz_512_reduce
- #
- # input: %r8-%r15, %rbp - mod, 128(%rsp) - n0
- # output: %r8-%r15
- # clobbers: everything except %rbp and %rdi
-$code.=<<___;
-.type __rsaz_512_reduce,\@abi-omnipotent
-.align 32
-__rsaz_512_reduce:
- movq %r8, %rbx
- imulq 128+8(%rsp), %rbx
- movq 0(%rbp), %rax
- movl \$8, %ecx
- jmp .Lreduction_loop
-
-.align 32
-.Lreduction_loop:
- mulq %rbx
- movq 8(%rbp), %rax
- negq %r8
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16(%rbp), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24(%rbp), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32(%rbp), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq 128+8(%rsp), %rsi
- #movq %rdx, %r11
- #adcq \$0, %r11
- adcq \$0, %rdx
- movq %rdx, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40(%rbp), %rax
- adcq \$0, %rdx
- imulq %r8, %rsi
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48(%rbp), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56(%rbp), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- movq %rsi, %rbx
- addq %rax, %r15
- movq 0(%rbp), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- decl %ecx
- jne .Lreduction_loop
-
- ret
-.size __rsaz_512_reduce,.-__rsaz_512_reduce
-___
-}
-if ($addx) {
- # __rsaz_512_reducex
- #
- # input: %r8-%r15, %rbp - mod, 128(%rsp) - n0
- # output: %r8-%r15
- # clobbers: everything except %rbp and %rdi
-$code.=<<___;
-.type __rsaz_512_reducex,\@abi-omnipotent
-.align 32
-__rsaz_512_reducex:
- #movq 128+8(%rsp), %rdx # pull $n0
- imulq %r8, %rdx
- xorq %rsi, %rsi # cf=0,of=0
- movl \$8, %ecx
- jmp .Lreduction_loopx
-
-.align 32
-.Lreduction_loopx:
- mov %r8, %rbx
- mulx 0(%rbp), %rax, %r8
- adcx %rbx, %rax
- adox %r9, %r8
-
- mulx 8(%rbp), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16(%rbp), %rbx, %r10
- adcx %rbx, %r9
- adox %r11, %r10
-
- mulx 24(%rbp), %rbx, %r11
- adcx %rbx, %r10
- adox %r12, %r11
-
- .byte 0xc4,0x62,0xe3,0xf6,0xa5,0x20,0x00,0x00,0x00 # mulx 32(%rbp), %rbx, %r12
- mov %rdx, %rax
- mov %r8, %rdx
- adcx %rbx, %r11
- adox %r13, %r12
-
- mulx 128+8(%rsp), %rbx, %rdx
- mov %rax, %rdx
-
- mulx 40(%rbp), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb5,0x30,0x00,0x00,0x00 # mulx 48(%rbp), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- mulx 56(%rbp), %rax, %r15
- mov %rbx, %rdx
- adcx %rax, %r14
- adox %rsi, %r15 # %rsi is 0
- adcx %rsi, %r15 # cf=0
-
- decl %ecx # of=0
- jne .Lreduction_loopx
-
- ret
-.size __rsaz_512_reducex,.-__rsaz_512_reducex
-___
-}
-{ # __rsaz_512_subtract
- # input: %r8-%r15, %rdi - $out, %rbp - $mod, %rcx - mask
- # output:
- # clobbers: everything but %rdi, %rsi and %rbp
-$code.=<<___;
-.type __rsaz_512_subtract,\@abi-omnipotent
-.align 32
-__rsaz_512_subtract:
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- movq 0($mod), %r8
- movq 8($mod), %r9
- negq %r8
- notq %r9
- andq %rcx, %r8
- movq 16($mod), %r10
- andq %rcx, %r9
- notq %r10
- movq 24($mod), %r11
- andq %rcx, %r10
- notq %r11
- movq 32($mod), %r12
- andq %rcx, %r11
- notq %r12
- movq 40($mod), %r13
- andq %rcx, %r12
- notq %r13
- movq 48($mod), %r14
- andq %rcx, %r13
- notq %r14
- movq 56($mod), %r15
- andq %rcx, %r14
- notq %r15
- andq %rcx, %r15
-
- addq ($out), %r8
- adcq 8($out), %r9
- adcq 16($out), %r10
- adcq 24($out), %r11
- adcq 32($out), %r12
- adcq 40($out), %r13
- adcq 48($out), %r14
- adcq 56($out), %r15
-
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- ret
-.size __rsaz_512_subtract,.-__rsaz_512_subtract
-___
-}
-{ # __rsaz_512_mul
- #
- # input: %rsi - ap, %rbp - bp
- # ouput:
- # clobbers: everything
-my ($ap,$bp) = ("%rsi","%rbp");
-$code.=<<___;
-.type __rsaz_512_mul,\@abi-omnipotent
-.align 32
-__rsaz_512_mul:
- leaq 8(%rsp), %rdi
-
- movq ($ap), %rax
- mulq %rbx
- movq %rax, (%rdi)
- movq 8($ap), %rax
- movq %rdx, %r8
-
- mulq %rbx
- addq %rax, %r8
- movq 16($ap), %rax
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($ap), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($ap), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($ap), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($ap), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($ap), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq ($ap), %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8($bp), $bp
- leaq 8(%rdi), %rdi
-
- movl \$7, %ecx
- jmp .Loop_mul
-
-.align 32
-.Loop_mul:
- movq ($bp), %rbx
- mulq %rbx
- addq %rax, %r8
- movq 8($ap), %rax
- movq %r8, (%rdi)
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16($ap), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24($ap), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32($ap), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40($ap), %rax
- adcq \$0, %rdx
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48($ap), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56($ap), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- leaq 8($bp), $bp
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r15
- movq ($ap), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rdi), %rdi
-
- decl %ecx
- jnz .Loop_mul
-
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, 32(%rdi)
- movq %r13, 40(%rdi)
- movq %r14, 48(%rdi)
- movq %r15, 56(%rdi)
-
- ret
-.size __rsaz_512_mul,.-__rsaz_512_mul
-___
-}
-if ($addx) {
- # __rsaz_512_mulx
- #
- # input: %rsi - ap, %rbp - bp
- # ouput:
- # clobbers: everything
-my ($ap,$bp,$zero) = ("%rsi","%rbp","%rdi");
-$code.=<<___;
-.type __rsaz_512_mulx,\@abi-omnipotent
-.align 32
-__rsaz_512_mulx:
- mulx ($ap), %rbx, %r8 # initial %rdx preloaded by caller
- mov \$-6, %rcx
-
- mulx 8($ap), %rax, %r9
- movq %rbx, 8(%rsp)
-
- mulx 16($ap), %rbx, %r10
- adc %rax, %r8
-
- mulx 24($ap), %rax, %r11
- adc %rbx, %r9
-
- mulx 32($ap), %rbx, %r12
- adc %rax, %r10
-
- mulx 40($ap), %rax, %r13
- adc %rbx, %r11
-
- mulx 48($ap), %rbx, %r14
- adc %rax, %r12
-
- mulx 56($ap), %rax, %r15
- mov 8($bp), %rdx
- adc %rbx, %r13
- adc %rax, %r14
- adc \$0, %r15
-
- xor $zero, $zero # cf=0,of=0
- jmp .Loop_mulx
-
-.align 32
-.Loop_mulx:
- movq %r8, %rbx
- mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- .byte 0x3e,0xc4,0x62,0xfb,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- mulx 56($ap), %rax, %r15
- movq 64($bp,%rcx,8), %rdx
- movq %rbx, 8+64-8(%rsp,%rcx,8)
- adcx %rax, %r14
- adox $zero, %r15
- adcx $zero, %r15 # cf=0
-
- inc %rcx # of=0
- jnz .Loop_mulx
-
- movq %r8, %rbx
- mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- .byte 0xc4,0x62,0xfb,0xf6,0x8e,0x08,0x00,0x00,0x00 # mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- .byte 0xc4,0x62,0xfb,0xf6,0x96,0x10,0x00,0x00,0x00 # mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($ap), %rax, %r15
- adcx %rax, %r14
- adox $zero, %r15
- adcx $zero, %r15
-
- mov %rbx, 8+64-8(%rsp)
- mov %r8, 8+64(%rsp)
- mov %r9, 8+64+8(%rsp)
- mov %r10, 8+64+16(%rsp)
- mov %r11, 8+64+24(%rsp)
- mov %r12, 8+64+32(%rsp)
- mov %r13, 8+64+40(%rsp)
- mov %r14, 8+64+48(%rsp)
- mov %r15, 8+64+56(%rsp)
-
- ret
-.size __rsaz_512_mulx,.-__rsaz_512_mulx
-___
-}
-{
-my ($out,$inp,$power)= $win64 ? ("%rcx","%rdx","%r8d") : ("%rdi","%rsi","%edx");
-$code.=<<___;
-.globl rsaz_512_scatter4
-.type rsaz_512_scatter4,\@abi-omnipotent
-.align 16
-rsaz_512_scatter4:
- leaq ($out,$power,8), $out
- movl \$8, %r9d
- jmp .Loop_scatter
-.align 16
-.Loop_scatter:
- movq ($inp), %rax
- leaq 8($inp), $inp
- movq %rax, ($out)
- leaq 128($out), $out
- decl %r9d
- jnz .Loop_scatter
- ret
-.size rsaz_512_scatter4,.-rsaz_512_scatter4
-
-.globl rsaz_512_gather4
-.type rsaz_512_gather4,\@abi-omnipotent
-.align 16
-rsaz_512_gather4:
-___
-$code.=<<___ if ($win64);
-.LSEH_begin_rsaz_512_gather4:
- .byte 0x48,0x81,0xec,0xa8,0x00,0x00,0x00 # sub $0xa8,%rsp
- .byte 0x0f,0x29,0x34,0x24 # movaps %xmm6,(%rsp)
- .byte 0x0f,0x29,0x7c,0x24,0x10 # movaps %xmm7,0x10(%rsp)
- .byte 0x44,0x0f,0x29,0x44,0x24,0x20 # movaps %xmm8,0x20(%rsp)
- .byte 0x44,0x0f,0x29,0x4c,0x24,0x30 # movaps %xmm9,0x30(%rsp)
- .byte 0x44,0x0f,0x29,0x54,0x24,0x40 # movaps %xmm10,0x40(%rsp)
- .byte 0x44,0x0f,0x29,0x5c,0x24,0x50 # movaps %xmm11,0x50(%rsp)
- .byte 0x44,0x0f,0x29,0x64,0x24,0x60 # movaps %xmm12,0x60(%rsp)
- .byte 0x44,0x0f,0x29,0x6c,0x24,0x70 # movaps %xmm13,0x70(%rsp)
- .byte 0x44,0x0f,0x29,0xb4,0x24,0x80,0,0,0 # movaps %xmm14,0x80(%rsp)
- .byte 0x44,0x0f,0x29,0xbc,0x24,0x90,0,0,0 # movaps %xmm15,0x90(%rsp)
-___
-$code.=<<___;
- movd $power,%xmm8
- movdqa .Linc+16(%rip),%xmm1 # 00000002000000020000000200000002
- movdqa .Linc(%rip),%xmm0 # 00000001000000010000000000000000
-
- pshufd \$0,%xmm8,%xmm8 # broadcast $power
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
-___
-########################################################################
-# calculate mask by comparing 0..15 to $power
-#
-for($i=0;$i<4;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
- movdqa %xmm7,%xmm`$i+3`
-___
-}
-for(;$i<7;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
-___
-}
-$code.=<<___;
- pcmpeqd %xmm8,%xmm7
- movl \$8, %r9d
- jmp .Loop_gather
-.align 16
-.Loop_gather:
- movdqa 16*0($inp),%xmm8
- movdqa 16*1($inp),%xmm9
- movdqa 16*2($inp),%xmm10
- movdqa 16*3($inp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4($inp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5($inp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6($inp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7($inp),%xmm15
- leaq 128($inp), $inp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,($out)
- leaq 8($out), $out
- decl %r9d
- jnz .Loop_gather
-___
-$code.=<<___ if ($win64);
- movaps 0x00(%rsp),%xmm6
- movaps 0x10(%rsp),%xmm7
- movaps 0x20(%rsp),%xmm8
- movaps 0x30(%rsp),%xmm9
- movaps 0x40(%rsp),%xmm10
- movaps 0x50(%rsp),%xmm11
- movaps 0x60(%rsp),%xmm12
- movaps 0x70(%rsp),%xmm13
- movaps 0x80(%rsp),%xmm14
- movaps 0x90(%rsp),%xmm15
- add \$0xa8,%rsp
-___
-$code.=<<___;
- ret
-.LSEH_end_rsaz_512_gather4:
-.size rsaz_512_gather4,.-rsaz_512_gather4
-
-.align 64
-.Linc:
- .long 0,0, 1,1
- .long 2,2, 2,2
-___
-}
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-.type se_handler,\@abi-omnipotent
-.align 16
-se_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- mov 8($disp),%rsi # disp->ImageBase
- mov 56($disp),%r11 # disp->HandlerData
-
- mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # end of prologue label
- cmp %r10,%rbx # context->Rip<end of prologue label
- jb .Lcommon_seh_tail
-
- mov 152($context),%rax # pull context->Rsp
-
- mov 4(%r11),%r10d # HandlerData[1]
- lea (%rsi,%r10),%r10 # epilogue label
- cmp %r10,%rbx # context->Rip>=epilogue label
- jae .Lcommon_seh_tail
-
- lea 128+24+48(%rax),%rax
-
- lea .Lmul_gather4_epilogue(%rip),%rbx
- cmp %r10,%rbx
- jne .Lse_not_in_mul_gather4
-
- lea 0xb0(%rax),%rax
-
- lea -48-0xa8(%rax),%rsi
- lea 512($context),%rdi
- mov \$20,%ecx
- .long 0xa548f3fc # cld; rep movsq
-
-.Lse_not_in_mul_gather4:
- mov -8(%rax),%rbx
- mov -16(%rax),%rbp
- mov -24(%rax),%r12
- mov -32(%rax),%r13
- mov -40(%rax),%r14
- mov -48(%rax),%r15
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
-
-.Lcommon_seh_tail:
- mov 8(%rax),%rdi
- mov 16(%rax),%rsi
- mov %rax,152($context) # restore context->Rsp
- mov %rsi,168($context) # restore context->Rsi
- mov %rdi,176($context) # restore context->Rdi
-
- mov 40($disp),%rdi # disp->ContextRecord
- mov $context,%rsi # context
- mov \$154,%ecx # sizeof(CONTEXT)
- .long 0xa548f3fc # cld; rep movsq
-
- mov $disp,%rsi
- xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
- mov 8(%rsi),%rdx # arg2, disp->ImageBase
- mov 0(%rsi),%r8 # arg3, disp->ControlPc
- mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
- mov 40(%rsi),%r10 # disp->ContextRecord
- lea 56(%rsi),%r11 # &disp->HandlerData
- lea 24(%rsi),%r12 # &disp->EstablisherFrame
- mov %r10,32(%rsp) # arg5
- mov %r11,40(%rsp) # arg6
- mov %r12,48(%rsp) # arg7
- mov %rcx,56(%rsp) # arg8, (NULL)
- call *__imp_RtlVirtualUnwind(%rip)
-
- mov \$1,%eax # ExceptionContinueSearch
- add \$64,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
- pop %rdi
- pop %rsi
- ret
-.size se_handler,.-se_handler
-
-.section .pdata
-.align 4
- .rva .LSEH_begin_rsaz_512_sqr
- .rva .LSEH_end_rsaz_512_sqr
- .rva .LSEH_info_rsaz_512_sqr
-
- .rva .LSEH_begin_rsaz_512_mul
- .rva .LSEH_end_rsaz_512_mul
- .rva .LSEH_info_rsaz_512_mul
-
- .rva .LSEH_begin_rsaz_512_mul_gather4
- .rva .LSEH_end_rsaz_512_mul_gather4
- .rva .LSEH_info_rsaz_512_mul_gather4
-
- .rva .LSEH_begin_rsaz_512_mul_scatter4
- .rva .LSEH_end_rsaz_512_mul_scatter4
- .rva .LSEH_info_rsaz_512_mul_scatter4
-
- .rva .LSEH_begin_rsaz_512_mul_by_one
- .rva .LSEH_end_rsaz_512_mul_by_one
- .rva .LSEH_info_rsaz_512_mul_by_one
-
- .rva .LSEH_begin_rsaz_512_gather4
- .rva .LSEH_end_rsaz_512_gather4
- .rva .LSEH_info_rsaz_512_gather4
-
-.section .xdata
-.align 8
-.LSEH_info_rsaz_512_sqr:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lsqr_body,.Lsqr_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_gather4:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_gather4_body,.Lmul_gather4_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_scatter4:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_scatter4_body,.Lmul_scatter4_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_by_one:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_by_one_body,.Lmul_by_one_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_gather4:
- .byte 0x01,0x46,0x16,0x00
- .byte 0x46,0xf8,0x09,0x00 # vmovaps 0x90(rsp),xmm15
- .byte 0x3d,0xe8,0x08,0x00 # vmovaps 0x80(rsp),xmm14
- .byte 0x34,0xd8,0x07,0x00 # vmovaps 0x70(rsp),xmm13
- .byte 0x2e,0xc8,0x06,0x00 # vmovaps 0x60(rsp),xmm12
- .byte 0x28,0xb8,0x05,0x00 # vmovaps 0x50(rsp),xmm11
- .byte 0x22,0xa8,0x04,0x00 # vmovaps 0x40(rsp),xmm10
- .byte 0x1c,0x98,0x03,0x00 # vmovaps 0x30(rsp),xmm9
- .byte 0x16,0x88,0x02,0x00 # vmovaps 0x20(rsp),xmm8
- .byte 0x10,0x78,0x01,0x00 # vmovaps 0x10(rsp),xmm7
- .byte 0x0b,0x68,0x00,0x00 # vmovaps 0x00(rsp),xmm6
- .byte 0x07,0x01,0x15,0x00 # sub rsp,0xa8
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/src/crypto/bn/bn.c b/src/crypto/bn/bn.c
index 87d81d2..31bb937 100644
--- a/src/crypto/bn/bn.c
+++ b/src/crypto/bn/bn.c
@@ -73,14 +73,14 @@
return NULL;
}
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
bn->flags = BN_FLG_MALLOCED;
return bn;
}
void BN_init(BIGNUM *bn) {
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
}
void BN_free(BIGNUM *bn) {
@@ -149,7 +149,7 @@
return NULL;
}
- memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
+ OPENSSL_memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
dest->top = src->top;
dest->neg = src->neg;
@@ -158,7 +158,7 @@
void BN_clear(BIGNUM *bn) {
if (bn->d != NULL) {
- memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
+ OPENSSL_memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
}
bn->top = 0;
@@ -173,7 +173,7 @@
}
void BN_with_flags(BIGNUM *out, const BIGNUM *in, int flags) {
- memcpy(out, in, sizeof(BIGNUM));
+ OPENSSL_memcpy(out, in, sizeof(BIGNUM));
out->flags &= ~BN_FLG_MALLOCED;
out->flags |= BN_FLG_STATIC_DATA | flags;
}
@@ -292,7 +292,7 @@
if (bn_wexpand(bn, num) == NULL) {
return 0;
}
- memmove(bn->d, words, num * sizeof(BN_ULONG));
+ OPENSSL_memmove(bn->d, words, num * sizeof(BN_ULONG));
/* |bn_wexpand| verified that |num| isn't too large. */
bn->top = (int)num;
bn_correct_top(bn);
@@ -335,7 +335,7 @@
return NULL;
}
- memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
+ OPENSSL_memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
OPENSSL_free(bn->d);
bn->d = a;
diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc
index 044af5f..4f544a7 100644
--- a/src/crypto/bn/bn_test.cc
+++ b/src/crypto/bn/bn_test.cc
@@ -680,7 +680,7 @@
static bool TestBN2BinPadded(BN_CTX *ctx) {
uint8_t zeros[256], out[256], reference[128];
- memset(zeros, 0, sizeof(zeros));
+ OPENSSL_memset(zeros, 0, sizeof(zeros));
// Test edge case at 0.
bssl::UniquePtr<BIGNUM> n(BN_new());
@@ -689,13 +689,13 @@
"BN_bn2bin_padded failed to encode 0 in an empty buffer.\n");
return false;
}
- memset(out, -1, sizeof(out));
+ OPENSSL_memset(out, -1, sizeof(out));
if (!BN_bn2bin_padded(out, sizeof(out), n.get())) {
fprintf(stderr,
"BN_bn2bin_padded failed to encode 0 in a non-empty buffer.\n");
return false;
}
- if (memcmp(zeros, out, sizeof(out))) {
+ if (OPENSSL_memcmp(zeros, out, sizeof(out))) {
fprintf(stderr, "BN_bn2bin_padded did not zero buffer.\n");
return false;
}
@@ -724,20 +724,21 @@
}
// Exactly right size should encode.
if (!BN_bn2bin_padded(out, bytes, n.get()) ||
- memcmp(out, reference, bytes) != 0) {
+ OPENSSL_memcmp(out, reference, bytes) != 0) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up one byte extra.
if (!BN_bn2bin_padded(out, bytes + 1, n.get()) ||
- memcmp(out + 1, reference, bytes) || memcmp(out, zeros, 1)) {
+ OPENSSL_memcmp(out + 1, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, 1)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up to 256.
if (!BN_bn2bin_padded(out, sizeof(out), n.get()) ||
- memcmp(out + sizeof(out) - bytes, reference, bytes) ||
- memcmp(out, zeros, sizeof(out) - bytes)) {
+ OPENSSL_memcmp(out + sizeof(out) - bytes, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, sizeof(out) - bytes)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
@@ -746,6 +747,82 @@
return true;
}
+static bool TestLittleEndian() {
+ bssl::UniquePtr<BIGNUM> x(BN_new());
+ bssl::UniquePtr<BIGNUM> y(BN_new());
+ if (!x || !y) {
+ fprintf(stderr, "BN_new failed to malloc.\n");
+ return false;
+ }
+
+ // Test edge case at 0. Fill |out| with garbage to ensure |BN_bn2le_padded|
+ // wrote the result.
+ uint8_t out[256], zeros[256];
+ OPENSSL_memset(out, -1, sizeof(out));
+ OPENSSL_memset(zeros, 0, sizeof(zeros));
+ if (!BN_bn2le_padded(out, sizeof(out), x.get()) ||
+ OPENSSL_memcmp(zeros, out, sizeof(out))) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode 0.\n");
+ return false;
+ }
+
+ if (!BN_le2bn(out, sizeof(out), y.get()) ||
+ BN_cmp(x.get(), y.get()) != 0) {
+ fprintf(stderr, "BN_le2bn failed to decode 0 correctly.\n");
+ return false;
+ }
+
+ // Test random numbers at various byte lengths.
+ for (size_t bytes = 128 - 7; bytes <= 128; bytes++) {
+ if (!BN_rand(x.get(), bytes * 8, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) {
+ ERR_print_errors_fp(stderr);
+ return false;
+ }
+
+ // Fill |out| with garbage to ensure |BN_bn2le_padded| wrote the result.
+ OPENSSL_memset(out, -1, sizeof(out));
+ if (!BN_bn2le_padded(out, sizeof(out), x.get())) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode random value.\n");
+ return false;
+ }
+
+ // Compute the expected value by reversing the big-endian output.
+ uint8_t expected[sizeof(out)];
+ if (!BN_bn2bin_padded(expected, sizeof(expected), x.get())) {
+ return false;
+ }
+ for (size_t i = 0; i < sizeof(expected) / 2; i++) {
+ uint8_t tmp = expected[i];
+ expected[i] = expected[sizeof(expected) - 1 - i];
+ expected[sizeof(expected) - 1 - i] = tmp;
+ }
+
+ if (OPENSSL_memcmp(expected, out, sizeof(out))) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode value correctly.\n");
+ hexdump(stderr, "Expected: ", expected, sizeof(expected));
+ hexdump(stderr, "Got: ", out, sizeof(out));
+ return false;
+ }
+
+ // Make sure the decoding produces the same BIGNUM.
+ if (!BN_le2bn(out, bytes, y.get()) ||
+ BN_cmp(x.get(), y.get()) != 0) {
+ bssl::UniquePtr<char> x_hex(BN_bn2hex(x.get())),
+ y_hex(BN_bn2hex(y.get()));
+ if (!x_hex || !y_hex) {
+ return false;
+ }
+ fprintf(stderr, "BN_le2bn failed to decode value correctly.\n");
+ fprintf(stderr, "Expected: %s\n", x_hex.get());
+ hexdump(stderr, "Encoding: ", out, bytes);
+ fprintf(stderr, "Got: %s\n", y_hex.get());
+ return false;
+ }
+ }
+
+ return true;
+}
+
static int DecimalToBIGNUM(bssl::UniquePtr<BIGNUM> *out, const char *in) {
BIGNUM *raw = NULL;
int ret = BN_dec2bn(&raw, in);
@@ -922,7 +999,7 @@
}
if (mpi_len != test.mpi_len ||
- memcmp(test.mpi, scratch, mpi_len) != 0) {
+ OPENSSL_memcmp(test.mpi, scratch, mpi_len) != 0) {
fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i);
hexdump(stderr, "Expected: ", test.mpi, test.mpi_len);
hexdump(stderr, "Got: ", scratch, mpi_len);
@@ -1062,7 +1139,8 @@
}
bssl::UniquePtr<uint8_t> delete_der(der);
if (der_len != test.der_len ||
- memcmp(der, reinterpret_cast<const uint8_t*>(test.der), der_len) != 0) {
+ OPENSSL_memcmp(der, reinterpret_cast<const uint8_t *>(test.der),
+ der_len) != 0) {
fprintf(stderr, "Bad serialization.\n");
return false;
}
@@ -1173,42 +1251,35 @@
return false;
}
- for (int consttime = 0; consttime < 2; consttime++) {
- bssl::UniquePtr<BIGNUM> numerator(BN_new()), denominator(BN_new());
- if (!numerator || !denominator) {
- return false;
- }
+ bssl::UniquePtr<BIGNUM> numerator(BN_new()), denominator(BN_new());
+ if (!numerator || !denominator) {
+ return false;
+ }
- if (consttime) {
- BN_set_flags(numerator.get(), BN_FLG_CONSTTIME);
- BN_set_flags(denominator.get(), BN_FLG_CONSTTIME);
- }
+ // Test that BN_div never gives negative zero in the quotient.
+ if (!BN_set_word(numerator.get(), 1) ||
+ !BN_set_word(denominator.get(), 2)) {
+ return false;
+ }
+ BN_set_negative(numerator.get(), 1);
+ if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
+ return false;
+ }
+ if (!BN_is_zero(a.get()) || BN_is_negative(a.get())) {
+ fprintf(stderr, "Incorrect quotient.\n");
+ return false;
+ }
- // Test that BN_div never gives negative zero in the quotient.
- if (!BN_set_word(numerator.get(), 1) ||
- !BN_set_word(denominator.get(), 2)) {
- return false;
- }
- BN_set_negative(numerator.get(), 1);
- if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
- return false;
- }
- if (!BN_is_zero(a.get()) || BN_is_negative(a.get())) {
- fprintf(stderr, "Incorrect quotient (consttime = %d).\n", consttime);
- return false;
- }
-
- // Test that BN_div never gives negative zero in the remainder.
- if (!BN_set_word(denominator.get(), 1)) {
- return false;
- }
- if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
- return false;
- }
- if (!BN_is_zero(b.get()) || BN_is_negative(b.get())) {
- fprintf(stderr, "Incorrect remainder (consttime = %d).\n", consttime);
- return false;
- }
+ // Test that BN_div never gives negative zero in the remainder.
+ if (!BN_set_word(denominator.get(), 1)) {
+ return false;
+ }
+ if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
+ return false;
+ }
+ if (!BN_is_zero(b.get()) || BN_is_negative(b.get())) {
+ fprintf(stderr, "Incorrect remainder.\n");
+ return false;
}
// Test that BN_set_negative will not produce a negative zero.
@@ -1500,7 +1571,7 @@
return true;
}
-static bool TestBNSetU64() {
+static bool TestBNSetGetU64() {
static const struct {
const char *hex;
uint64_t value;
@@ -1522,6 +1593,36 @@
ERR_print_errors_fp(stderr);
return false;
}
+
+ uint64_t tmp;
+ if (!BN_get_u64(bn.get(), &tmp) || tmp != test.value) {
+ fprintf(stderr, "BN_get_u64 test failed for 0x%s.\n", test.hex);
+ return false;
+ }
+
+ BN_set_negative(bn.get(), 1);
+ if (!BN_get_u64(bn.get(), &tmp) || tmp != test.value) {
+ fprintf(stderr, "BN_get_u64 test failed for -0x%s.\n", test.hex);
+ return false;
+ }
+ }
+
+ // Test that BN_get_u64 fails on large numbers.
+ bssl::UniquePtr<BIGNUM> bn(BN_new());
+ if (!BN_lshift(bn.get(), BN_value_one(), 64)) {
+ return false;
+ }
+
+ uint64_t tmp;
+ if (BN_get_u64(bn.get(), &tmp)) {
+ fprintf(stderr, "BN_get_u64 of 2^64 unexpectedly succeeded.\n");
+ return false;
+ }
+
+ BN_set_negative(bn.get(), 1);
+ if (BN_get_u64(bn.get(), &tmp)) {
+ fprintf(stderr, "BN_get_u64 of -2^64 unexpectedly succeeded.\n");
+ return false;
}
return true;
@@ -1544,6 +1645,7 @@
!TestDec2BN(ctx.get()) ||
!TestHex2BN(ctx.get()) ||
!TestASC2BN(ctx.get()) ||
+ !TestLittleEndian() ||
!TestMPI() ||
!TestRand() ||
!TestASN1() ||
@@ -1553,7 +1655,7 @@
!TestSmallPrime(ctx.get()) ||
!TestCmpWord() ||
!TestBN2Dec() ||
- !TestBNSetU64()) {
+ !TestBNSetGetU64()) {
return 1;
}
diff --git a/src/crypto/bn/bn_tests.txt b/src/crypto/bn/bn_tests.txt
index ec89b8e..46c788f 100644
--- a/src/crypto/bn/bn_tests.txt
+++ b/src/crypto/bn/bn_tests.txt
@@ -10387,6 +10387,89 @@
M = e4e784aa1fa88625a43ba0185a153a929663920be7fe674a4d33c943d3b898cff051482e7050a070cede53be5e89f31515772c7aea637576f99f82708f89d9e244f6ad3a24a02cbe5c0ff7bcf2dad5491f53db7c3f2698a7c41b44f086652f17bb05fe4c5c0a92433c34086b49d7e1825b28bab6c5a9bd0bc95b53d659afa0d7
+# RSAZ 512-bit.
+#
+# These are regression tests for code which historically reached the RSAZ-512
+# code. That has since been removed, but the test vectors remain. Note that the
+# lengths of the inputs, especially the *bit* length of |M|, matter a lot.
+
+# Control: No relationship between A and M except that A < M and they're the same number of limbs.
+ModExp = 7f34c1cd63377bc3abf2bb5b2d1bf5f06454e1e8040fe19a72245ce9731cbee1bf9e84532300776c8021ed4f3a8de508d85b4cf320bd82065a013754857b50c4
+A = 8e4e67da6ff890643d0599387955996ef6f0c2045eb9944576ddb965ca64cdb6247727ce128ef178d4a84e5a56d2e67eb0fe389ecbf691f9244ae80f4c11b364
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# Same as above except A is negative.
+ModExp = 71fa6a4c8ae75368eda8cc6282c26afa69e2af12a97fb9444f16b7dd6c99e0a5d6034cab4248cae4357346b211039f4a2bc4c5a20a297372094162417af703cd
+A = -8e4e67da6ff890643d0599387955996ef6f0c2045eb9944576ddb965ca64cdb6247727ce128ef178d4a84e5a56d2e67eb0fe389ecbf691f9244ae80f4c11b364
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A == M - 1 == -1 (mod M) and the exponent is odd so A ^ E (mod M) == A.
+ModExp = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+A = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# Same inputs as above except A is negative. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 1
+A = -f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A == M, so A == 0 (mod M) so A ^ E (mod M) == 0. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 0
+A = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A is negative, and A (mod M) is the right length for RSAZ.
+ModExp = 8d76eb0f8c7bc3160cc8bb0e0c3590fbed26c5932f5f525b48045c0bd46dda287ba5483f97c851fb7c12c2e858ee7a4a4d1af745cbfb3eb311fa54bea12cde25
+A = -80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+
+# RSAZ 1024-bit.
+# Note that the lengths of the inputs, especially the *bit* length of |M|, matter a lot.
+
+# Control: No relationship between A and M except that A < M and they're the same number of limbs.
+ModExp = 8984f8c16044f9c0ad7bd72347af90f58e6e003acda92b76e3c7c4a56ea8e918409d8e9b34884d4c89d0b17cb40fe898f2627c084a0f1698e46beccbf6f48eecc281e11ea9e5135adba460ddae157f2c655b5f589ce29b254d43a960a71cede8a08dbb86be4dac22458da232fb1ec2470856827302ed772c9ddafa408c931aa7
+A = 21158da5fe20356825e72b3f5384ec57720d22f727b27ce2f945c8ee311db781add73bf8fae96b775c909bd22fca75c44c2b0584284a5bb1c07f8eefcd6b0a44047a02b185df34f897f11d4fb9a86c9eb841b4cb8d0383441fdc5af3ef385b5e8380f605d73ed41bb42eb2c2a5704d6034b3ad058dafffce83dbbfb6295daaf8
+E = ecdebd112b3b5788669449dcddbd479a203ee9ab72a9bb9c406b97623513bf0ab9a22f1f23634d269e16bfd6d3b64202b71fc355057411967b6ac70f8d9cef0a4e06819a9a18cc06bbe438243fa9759303d98be8a65dc1cb13595ee9b99f138554425d50f6fbc025d8ffa3eaea828d6f3b82a3584146bafde34da257995f0575
+M = ff3a3e023db3bba929ca4ededbace13d0d1264387b5ef62734e177eaf47a78af56b58aacc8ac5d46f5b066bafb95d93d4442bb948653613eec76837b4ffb7991cb080b6c8b403fb09bc817d026e283ee47ab2fc9af274b12f626eda2fe02004a8e27b9ed7d3b614e8955c7e7c2c0700edd079455237c4475fbd41857e206e4b7
+
+# Same as above except A is negative.
+ModExp = 75b54540dd6ec1e87c4e77bb93fd50477ea463fdadb5cab05119b34585d18f971617fc1194240ffa6bdfb53e4785f0a451e03f8c3c444aa6080a96af5906eaa508862a4de15b2c55c023b6f278cd04c1e24fd0711244afeda8e3444256e51261ed99fe66beedb52c43c825b4c7a1adc7d4b111e2208ecd495df91e175573ca10
+A = -21158da5fe20356825e72b3f5384ec57720d22f727b27ce2f945c8ee311db781add73bf8fae96b775c909bd22fca75c44c2b0584284a5bb1c07f8eefcd6b0a44047a02b185df34f897f11d4fb9a86c9eb841b4cb8d0383441fdc5af3ef385b5e8380f605d73ed41bb42eb2c2a5704d6034b3ad058dafffce83dbbfb6295daaf8
+E = ecdebd112b3b5788669449dcddbd479a203ee9ab72a9bb9c406b97623513bf0ab9a22f1f23634d269e16bfd6d3b64202b71fc355057411967b6ac70f8d9cef0a4e06819a9a18cc06bbe438243fa9759303d98be8a65dc1cb13595ee9b99f138554425d50f6fbc025d8ffa3eaea828d6f3b82a3584146bafde34da257995f0575
+M = ff3a3e023db3bba929ca4ededbace13d0d1264387b5ef62734e177eaf47a78af56b58aacc8ac5d46f5b066bafb95d93d4442bb948653613eec76837b4ffb7991cb080b6c8b403fb09bc817d026e283ee47ab2fc9af274b12f626eda2fe02004a8e27b9ed7d3b614e8955c7e7c2c0700edd079455237c4475fbd41857e206e4b7
+
+# A == M - 1 == -1 (mod M) and the exponent is odd so A ^ E (mod M) == A.
+ModExp = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+A = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# Same inputs as above except A is negative. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 1
+A = -b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# A == M, so A == 0 (mod M) so A ^ E (mod M) == 0. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 0
+A = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# A is negative, and A (mod M) is the right length for RSAZ.
+ModExp = 9cf810b9e89d5cbc4b79ae64e123ea06d92965e2bab077df97a1b906dc2e1ddcf96a9c4ed14e2cd96309b829ea9cc2a74a7d4b43c5f34d792a7c583201427754b8f78b783608070a84b61f18913e3ced7f7f530972de7764667c54e29d756eea38a93cd1703c676a4587231b0ebfeadddf908e2877a7a84b5bfc370ecf0d158d
+A = -8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+
# Exp tests.
#
# These test vectors satisfy A ^ E = Exp.
diff --git a/src/crypto/bn/convert.c b/src/crypto/bn/convert.c
index 8f4b964..1fa0dd4 100644
--- a/src/crypto/bn/convert.c
+++ b/src/crypto/bn/convert.c
@@ -118,6 +118,42 @@
return ret;
}
+BIGNUM *BN_le2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
+ BIGNUM *bn = NULL;
+ if (ret == NULL) {
+ bn = BN_new();
+ ret = bn;
+ }
+
+ if (ret == NULL) {
+ return NULL;
+ }
+
+ if (len == 0) {
+ ret->top = 0;
+ ret->neg = 0;
+ return ret;
+ }
+
+ /* Reserve enough space in |ret|. */
+ size_t num_words = ((len - 1) / BN_BYTES) + 1;
+ if (!bn_wexpand(ret, num_words)) {
+ BN_free(bn);
+ return NULL;
+ }
+ ret->top = num_words;
+
+ /* Make sure the top bytes will be zeroed. */
+ ret->d[num_words - 1] = 0;
+
+ /* We only support little-endian platforms, so we can simply memcpy the
+ * internal representation. */
+ OPENSSL_memcpy(ret->d, in, len);
+
+ bn_correct_top(ret);
+ return ret;
+}
+
size_t BN_bn2bin(const BIGNUM *in, uint8_t *out) {
size_t n, i;
BN_ULONG l;
@@ -130,6 +166,23 @@
return n;
}
+int BN_bn2le_padded(uint8_t *out, size_t len, const BIGNUM *in) {
+ /* If we don't have enough space, fail out. */
+ size_t num_bytes = BN_num_bytes(in);
+ if (len < num_bytes) {
+ return 0;
+ }
+
+ /* We only support little-endian platforms, so we can simply memcpy into the
+ * internal representation. */
+ OPENSSL_memcpy(out, in->d, num_bytes);
+
+ /* Pad out the rest of the buffer with zeroes. */
+ OPENSSL_memset(out + num_bytes, 0, len - num_bytes);
+
+ return 1;
+}
+
/* constant_time_select_ulong returns |x| if |v| is 1 and |y| if |v| is 0. Its
* behavior is undefined if |v| takes any other value. */
static BN_ULONG constant_time_select_ulong(int v, BN_ULONG x, BN_ULONG y) {
@@ -162,7 +215,7 @@
int BN_bn2bin_padded(uint8_t *out, size_t len, const BIGNUM *in) {
/* Special case for |in| = 0. Just branch as the probability is negligible. */
if (BN_is_zero(in)) {
- memset(out, 0, len);
+ OPENSSL_memset(out, 0, len);
return 1;
}
@@ -515,6 +568,24 @@
}
}
+int BN_get_u64(const BIGNUM *bn, uint64_t *out) {
+ switch (bn->top) {
+ case 0:
+ *out = 0;
+ return 1;
+ case 1:
+ *out = bn->d[0];
+ return 1;
+#if defined(OPENSSL_32_BIT)
+ case 2:
+ *out = (uint64_t) bn->d[0] | (((uint64_t) bn->d[1]) << 32);
+ return 1;
+#endif
+ default:
+ return 0;
+ }
+}
+
size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out) {
const size_t bits = BN_num_bits(in);
const size_t bytes = (bits + 7) / 8;
@@ -532,7 +603,7 @@
/* If we cannot represent the number then we emit zero as the interface
* doesn't allow an error to be signalled. */
if (out) {
- memset(out, 0, 4);
+ OPENSSL_memset(out, 0, 4);
}
return 4;
}
diff --git a/src/crypto/bn/ctx.c b/src/crypto/bn/ctx.c
index 48d9adf..bca6619 100644
--- a/src/crypto/bn/ctx.c
+++ b/src/crypto/bn/ctx.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
/* How many bignums are in each "pool item"; */
#define BN_CTX_POOL_SIZE 16
@@ -218,7 +220,7 @@
return 0;
}
if (st->depth) {
- memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
+ OPENSSL_memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
}
OPENSSL_free(st->indexes);
st->indexes = newitems;
diff --git a/src/crypto/bn/div.c b/src/crypto/bn/div.c
index ab49281..6e3df7d 100644
--- a/src/crypto/bn/div.c
+++ b/src/crypto/bn/div.c
@@ -182,7 +182,12 @@
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
* rm->neg == num->neg (unless the remainder is zero)
- * If 'dv' or 'rm' is NULL, the respective value is not returned. */
+ * If 'dv' or 'rm' is NULL, the respective value is not returned.
+ *
+ * This was specifically designed to contain fewer branches that may leak
+ * sensitive information; see "New Branch Prediction Vulnerabilities in OpenSSL
+ * and Necessary Software Countermeasures" by Onur Acıçmez, Shay Gueron, and
+ * Jean-Pierre Seifert. */
int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
BN_CTX *ctx) {
int norm_shift, i, loop;
@@ -190,7 +195,6 @@
BN_ULONG *resp, *wnump;
BN_ULONG d0, d1;
int num_n, div_n;
- int no_branch = 0;
/* Invalid zero-padding would have particularly bad consequences
* so don't just rely on bn_check_top() here */
@@ -200,28 +204,11 @@
return 0;
}
- if ((num->flags & BN_FLG_CONSTTIME) != 0 ||
- (divisor->flags & BN_FLG_CONSTTIME) != 0) {
- no_branch = 1;
- }
-
if (BN_is_zero(divisor)) {
OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO);
return 0;
}
- if (!no_branch && BN_ucmp(num, divisor) < 0) {
- if (rm != NULL) {
- if (BN_copy(rm, num) == NULL) {
- return 0;
- }
- }
- if (dv != NULL) {
- BN_zero(dv);
- }
- return 1;
- }
-
BN_CTX_start(ctx);
tmp = BN_CTX_get(ctx);
snum = BN_CTX_get(ctx);
@@ -247,26 +234,23 @@
}
snum->neg = 0;
- if (no_branch) {
- /* Since we don't know whether snum is larger than sdiv,
- * we pad snum with enough zeroes without changing its
- * value.
- */
- if (snum->top <= sdiv->top + 1) {
- if (bn_wexpand(snum, sdiv->top + 2) == NULL) {
- goto err;
- }
- for (i = snum->top; i < sdiv->top + 2; i++) {
- snum->d[i] = 0;
- }
- snum->top = sdiv->top + 2;
- } else {
- if (bn_wexpand(snum, snum->top + 1) == NULL) {
- goto err;
- }
- snum->d[snum->top] = 0;
- snum->top++;
+ /* Since we don't want to have special-case logic for the case where snum is
+ * larger than sdiv, we pad snum with enough zeroes without changing its
+ * value. */
+ if (snum->top <= sdiv->top + 1) {
+ if (bn_wexpand(snum, sdiv->top + 2) == NULL) {
+ goto err;
}
+ for (i = snum->top; i < sdiv->top + 2; i++) {
+ snum->d[i] = 0;
+ }
+ snum->top = sdiv->top + 2;
+ } else {
+ if (bn_wexpand(snum, snum->top + 1) == NULL) {
+ goto err;
+ }
+ snum->d[snum->top] = 0;
+ snum->top++;
}
div_n = sdiv->top;
@@ -294,7 +278,7 @@
if (!bn_wexpand(res, (loop + 1))) {
goto err;
}
- res->top = loop - no_branch;
+ res->top = loop - 1;
resp = &(res->d[loop - 1]);
/* space for temp */
@@ -302,15 +286,6 @@
goto err;
}
- if (!no_branch) {
- if (BN_ucmp(&wnum, sdiv) >= 0) {
- bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
- *resp = 1;
- } else {
- res->top--;
- }
- }
-
/* if res->top == 0 then clear the neg value otherwise decrease
* the resp pointer */
if (res->top == 0) {
@@ -401,9 +376,7 @@
rm->neg = neg;
}
}
- if (no_branch) {
- bn_correct_top(res);
- }
+ bn_correct_top(res);
BN_CTX_end(ctx);
return 1;
diff --git a/src/crypto/bn/exponentiation.c b/src/crypto/bn/exponentiation.c
index 2d68808..3161a2a 100644
--- a/src/crypto/bn/exponentiation.c
+++ b/src/crypto/bn/exponentiation.c
@@ -876,6 +876,7 @@
int powerbufLen = 0;
unsigned char *powerbuf = NULL;
BIGNUM tmp, am;
+ BIGNUM *new_a = NULL;
if (!BN_is_odd(m)) {
OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS);
@@ -903,6 +904,15 @@
mont = new_mont;
}
+ if (a->neg || BN_ucmp(a, m) >= 0) {
+ new_a = BN_new();
+ if (new_a == NULL ||
+ !BN_nnmod(new_a, a, m, ctx)) {
+ goto err;
+ }
+ a = new_a;
+ }
+
#ifdef RSAZ_ENABLED
/* If the size of the operands allow it, perform the optimized
* RSAZ exponentiation. For further information see
@@ -918,16 +928,6 @@
bn_correct_top(rr);
ret = 1;
goto err;
- } else if ((8 == a->top) && (8 == p->top) && (BN_num_bits(m) == 512)) {
- if (NULL == bn_wexpand(rr, 8)) {
- goto err;
- }
- RSAZ_512_mod_exp(rr->d, a->d, p->d, m->d, mont->n0[0], mont->RR.d);
- rr->top = 8;
- rr->neg = 0;
- bn_correct_top(rr);
- ret = 1;
- goto err;
}
#endif
@@ -961,7 +961,7 @@
}
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
- memset(powerbuf, 0, powerbufLen);
+ OPENSSL_memset(powerbuf, 0, powerbufLen);
#ifdef alloca
if (powerbufLen < 3072) {
@@ -991,12 +991,9 @@
}
/* prepare a^1 in Montgomery domain */
- if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_nnmod(&am, a, m, ctx) ||
- !BN_to_montgomery(&am, &am, mont, ctx)) {
- goto err;
- }
- } else if (!BN_to_montgomery(&am, a, mont, ctx)) {
+ assert(!a->neg);
+ assert(BN_ucmp(a, m) < 0);
+ if (!BN_to_montgomery(&am, a, mont, ctx)) {
goto err;
}
@@ -1190,6 +1187,7 @@
err:
BN_MONT_CTX_free(new_mont);
+ BN_clear_free(new_a);
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
OPENSSL_free(powerbufFree);
diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c
index a1ed5d9..9e62da0 100644
--- a/src/crypto/bn/gcd.c
+++ b/src/crypto/bn/gcd.c
@@ -423,9 +423,6 @@
if (a_reduced == NULL) {
goto err;
}
- if (no_branch) {
- BN_set_flags(a_reduced, BN_FLG_CONSTTIME);
- }
if (!BN_nnmod(a_reduced, a_reduced, n, ctx)) {
goto err;
}
@@ -481,15 +478,13 @@
/* bn_mod_inverse_general is the general inversion algorithm that works for
* both even and odd |n|. It was specifically designed to contain fewer
- * branches that may leak sensitive information. See "New Branch Prediction
+ * branches that may leak sensitive information; see "New Branch Prediction
* Vulnerabilities in OpenSSL and Necessary Software Countermeasures" by
* Onur Acıçmez, Shay Gueron, and Jean-Pierre Seifert. */
static int bn_mod_inverse_general(BIGNUM *out, int *out_no_inverse,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx) {
BIGNUM *A, *B, *X, *Y, *M, *D, *T;
- BIGNUM local_A;
- BIGNUM *pA;
int ret = 0;
int sign;
@@ -532,14 +527,8 @@
* sign*Y*a == A (mod |n|)
*/
- /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
- * BN_div_no_branch will be called eventually.
- */
- pA = &local_A;
- BN_with_flags(pA, A, BN_FLG_CONSTTIME);
-
/* (D, M) := (A/B, A%B) ... */
- if (!BN_div(D, M, pA, B, ctx)) {
+ if (!BN_div(D, M, A, B, ctx)) {
goto err;
}
@@ -626,3 +615,27 @@
BN_CTX_end(ctx);
return ret;
}
+
+int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
+ BN_CTX_start(ctx);
+ BIGNUM *p_minus_2 = BN_CTX_get(ctx);
+ int ok = p_minus_2 != NULL &&
+ BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont(out, a, p_minus_2, p, ctx, mont_p);
+ BN_CTX_end(ctx);
+ return ok;
+}
+
+int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
+ BN_CTX_start(ctx);
+ BIGNUM *p_minus_2 = BN_CTX_get(ctx);
+ int ok = p_minus_2 != NULL &&
+ BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont_consttime(out, a, p_minus_2, p, ctx, mont_p);
+ BN_CTX_end(ctx);
+ return ok;
+}
diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h
index aeed88f..1ee29fd 100644
--- a/src/crypto/bn/internal.h
+++ b/src/crypto/bn/internal.h
@@ -228,6 +228,7 @@
const BN_ULONG *np, const BN_ULONG *n0, int num);
uint64_t bn_mont_n0(const BIGNUM *n);
+int bn_mod_exp_base_2_vartime(BIGNUM *r, unsigned p, const BIGNUM *n);
#if defined(OPENSSL_X86_64) && defined(_MSC_VER)
#define BN_UMULT_LOHI(low, high, a, b) ((low) = _umul128((a), (b), &(high)))
@@ -237,6 +238,18 @@
#error "Either BN_ULLONG or BN_UMULT_LOHI must be defined on every platform."
#endif
+/* bn_mod_inverse_prime sets |out| to the modular inverse of |a| modulo |p|,
+ * computed with Fermat's Little Theorem. It returns one on success and zero on
+ * error. If |mont_p| is NULL, one will be computed temporarily. */
+int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p);
+
+/* bn_mod_inverse_secret_prime behaves like |bn_mod_inverse_prime| but uses
+ * |BN_mod_exp_mont_consttime| instead of |BN_mod_exp_mont| in hopes of
+ * protecting the exponent. */
+int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/crypto/bn/montgomery.c b/src/crypto/bn/montgomery.c
index 91251e5..70f0585 100644
--- a/src/crypto/bn/montgomery.c
+++ b/src/crypto/bn/montgomery.c
@@ -108,6 +108,7 @@
#include <openssl/bn.h>
+#include <assert.h>
#include <string.h>
#include <openssl/err.h>
@@ -131,7 +132,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BN_MONT_CTX));
+ OPENSSL_memset(ret, 0, sizeof(BN_MONT_CTX));
BN_init(&ret->RR);
BN_init(&ret->N);
@@ -207,12 +208,13 @@
/* Save RR = R**2 (mod N). R is the smallest power of 2**BN_BITS such that R
* > mod. Even though the assembly on some 32-bit platforms works with 64-bit
* values, using |BN_BITS2| here, rather than |BN_MONT_CTX_N0_LIMBS *
- * BN_BITS2|, is correct because because R^2 will still be a multiple of the
- * latter as |BN_MONT_CTX_N0_LIMBS| is either one or two. */
+ * BN_BITS2|, is correct because R**2 will still be a multiple of the latter
+ * as |BN_MONT_CTX_N0_LIMBS| is either one or two.
+ *
+ * XXX: This is not constant time with respect to |mont->N|, but it should
+ * be. */
unsigned lgBigR = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
- BN_zero(&mont->RR);
- if (!BN_set_bit(&mont->RR, lgBigR * 2) ||
- !BN_mod(&mont->RR, &mont->RR, &mont->N, ctx)) {
+ if (!bn_mod_exp_base_2_vartime(&mont->RR, lgBigR * 2, &mont->N)) {
return 0;
}
@@ -279,7 +281,7 @@
/* clear the top words of T */
if (max > r->top) {
- memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
+ OPENSSL_memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
}
r->top = max;
diff --git a/src/crypto/bn/montgomery_inv.c b/src/crypto/bn/montgomery_inv.c
index 28db62b..9264adb 100644
--- a/src/crypto/bn/montgomery_inv.c
+++ b/src/crypto/bn/montgomery_inv.c
@@ -158,3 +158,50 @@
return v;
}
+
+/* bn_mod_exp_base_2_vartime calculates r = 2**p (mod n). |p| must be larger
+ * than log_2(n); i.e. 2**p must be larger than |n|. |n| must be positive and
+ * odd. */
+int bn_mod_exp_base_2_vartime(BIGNUM *r, unsigned p, const BIGNUM *n) {
+ assert(!BN_is_zero(n));
+ assert(!BN_is_negative(n));
+ assert(BN_is_odd(n));
+
+ BN_zero(r);
+
+ unsigned n_bits = BN_num_bits(n);
+ assert(n_bits != 0);
+ if (n_bits == 1) {
+ return 1;
+ }
+
+ /* Set |r| to the smallest power of two larger than |n|. */
+ assert(p > n_bits);
+ if (!BN_set_bit(r, n_bits)) {
+ return 0;
+ }
+
+ /* Unconditionally reduce |r|. */
+ assert(BN_cmp(r, n) > 0);
+ if (!BN_usub(r, r, n)) {
+ return 0;
+ }
+ assert(BN_cmp(r, n) < 0);
+
+ for (unsigned i = n_bits; i < p; ++i) {
+ /* This is like |BN_mod_lshift1_quick| except using |BN_usub|.
+ *
+ * TODO: Replace this with the use of a constant-time variant of
+ * |BN_mod_lshift1_quick|. */
+ if (!BN_lshift1(r, r)) {
+ return 0;
+ }
+ if (BN_cmp(r, n) >= 0) {
+ if (!BN_usub(r, r, n)) {
+ return 0;
+ }
+ }
+ }
+
+ return 1;
+}
diff --git a/src/crypto/bn/mul.c b/src/crypto/bn/mul.c
index 06e53ee..fdf2c69 100644
--- a/src/crypto/bn/mul.c
+++ b/src/crypto/bn/mul.c
@@ -312,7 +312,8 @@
if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
if ((dna + dnb) < 0) {
- memset(&r[2 * n2 + dna + dnb], 0, sizeof(BN_ULONG) * -(dna + dnb));
+ OPENSSL_memset(&r[2 * n2 + dna + dnb], 0,
+ sizeof(BN_ULONG) * -(dna + dnb));
}
return;
}
@@ -358,7 +359,7 @@
if (!zero) {
bn_mul_comba4(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
}
bn_mul_comba4(r, a, b);
@@ -368,7 +369,7 @@
if (!zero) {
bn_mul_comba8(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
}
bn_mul_comba8(r, a, b);
@@ -378,7 +379,7 @@
if (!zero) {
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_mul_recursive(r, a, b, n, 0, 0, p);
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
@@ -473,7 +474,7 @@
bn_mul_comba8(&(t[n2]), t, &(t[n]));
bn_mul_comba8(r, a, b);
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
p = &(t[n2 * 2]);
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
@@ -489,14 +490,15 @@
if (j == 0) {
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
+ OPENSSL_memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
} else if (j > 0) {
/* eg, n == 16, i == 8 and tn == 11 */
bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0,
+ sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
/* (j < 0) eg, n == 16, i == 8 and tn == 5 */
- memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
+ OPENSSL_memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL &&
tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
@@ -735,7 +737,7 @@
if (!zero) {
bn_sqr_recursive(&(t[n2]), t, n, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_sqr_recursive(r, a, n, p);
bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c
index ecf43c1..6f922c0 100644
--- a/src/crypto/bn/random.c
+++ b/src/crypto/bn/random.c
@@ -115,6 +115,9 @@
#include <openssl/rand.h>
#include <openssl/sha.h>
+#include "../internal.h"
+
+
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) {
uint8_t *buf = NULL;
int ret = 0, bit, bytes, mask;
@@ -298,8 +301,8 @@
OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE);
goto err;
}
- memcpy(private_bytes, priv->d, todo);
- memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
+ OPENSSL_memcpy(private_bytes, priv->d, todo);
+ OPENSSL_memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
for (attempt = 0;; attempt++) {
for (done = 0; done < num_k_bytes;) {
@@ -318,7 +321,7 @@
if (todo > SHA512_DIGEST_LENGTH) {
todo = SHA512_DIGEST_LENGTH;
}
- memcpy(k_bytes + done, digest, todo);
+ OPENSSL_memcpy(k_bytes + done, digest, todo);
done += todo;
}
diff --git a/src/crypto/bn/rsaz_exp.c b/src/crypto/bn/rsaz_exp.c
index 30f08e5..c7eed38 100644
--- a/src/crypto/bn/rsaz_exp.c
+++ b/src/crypto/bn/rsaz_exp.c
@@ -251,69 +251,4 @@
OPENSSL_cleanse(storage,sizeof(storage));
}
-/*
- * See crypto/bn/rsaz-x86_64.pl for further details.
- */
-void rsaz_512_mul(void *ret,const void *a,const void *b,const void *n,BN_ULONG k);
-void rsaz_512_mul_scatter4(void *ret,const void *a,const void *n,BN_ULONG k,const void *tbl,unsigned int power);
-void rsaz_512_mul_gather4(void *ret,const void *a,const void *tbl,const void *n,BN_ULONG k,unsigned int power);
-void rsaz_512_mul_by_one(void *ret,const void *a,const void *n,BN_ULONG k);
-void rsaz_512_sqr(void *ret,const void *a,const void *n,BN_ULONG k,int cnt);
-void rsaz_512_scatter4(void *tbl, const BN_ULONG *val, int power);
-void rsaz_512_gather4(BN_ULONG *val, const void *tbl, int power);
-
-void RSAZ_512_mod_exp(BN_ULONG result[8],
- const BN_ULONG base[8], const BN_ULONG exponent[8],
- const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8])
-{
- alignas(64) uint8_t storage[(16*8*8) + (64 * 2)]; /* 1.2KB */
- unsigned char *table = storage;
- BN_ULONG *a_inv = (BN_ULONG *)(table+16*8*8),
- *temp = (BN_ULONG *)(table+16*8*8+8*8);
- int index;
- unsigned int wvalue;
-
- /* table[0] = 1_inv */
- temp[0] = 0-m[0]; temp[1] = ~m[1];
- temp[2] = ~m[2]; temp[3] = ~m[3];
- temp[4] = ~m[4]; temp[5] = ~m[5];
- temp[6] = ~m[6]; temp[7] = ~m[7];
- rsaz_512_scatter4(table, temp, 0);
-
- /* table [1] = a_inv^1 */
- rsaz_512_mul(a_inv, base, RR, m, k0);
- rsaz_512_scatter4(table, a_inv, 1);
-
- /* table [2] = a_inv^2 */
- rsaz_512_sqr(temp, a_inv, m, k0, 1);
- rsaz_512_scatter4(table, temp, 2);
-
- for (index=3; index<16; index++)
- rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index);
-
- const uint8_t *p_str = (const uint8_t *)exponent;
-
- /* load first window */
- wvalue = p_str[63];
-
- rsaz_512_gather4(temp, table, wvalue>>4);
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue&0xf);
-
- for (index=62; index>=0; index--) {
- wvalue = p_str[index];
-
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue>>4);
-
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue&0x0f);
- }
-
- /* from Montgomery */
- rsaz_512_mul_by_one(result, temp, m, k0);
-
- OPENSSL_cleanse(storage,sizeof(storage));
-}
-
#endif /* OPENSSL_X86_64 */
diff --git a/src/crypto/bn/rsaz_exp.h b/src/crypto/bn/rsaz_exp.h
index c752b45..4a8967c 100644
--- a/src/crypto/bn/rsaz_exp.h
+++ b/src/crypto/bn/rsaz_exp.h
@@ -50,7 +50,4 @@
const BN_ULONG m_norm[16], const BN_ULONG RR[16], BN_ULONG k0);
int rsaz_avx2_eligible(void);
-void RSAZ_512_mod_exp(BN_ULONG result[8],
- const BN_ULONG base_norm[8], const BN_ULONG exponent[8],
- const BN_ULONG m_norm[8], BN_ULONG k0, const BN_ULONG RR[8]);
#endif
diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c
index 22006d1..dc9b795 100644
--- a/src/crypto/bn/shift.c
+++ b/src/crypto/bn/shift.c
@@ -94,7 +94,7 @@
t[nw + i] = (l << lb) & BN_MASK2;
}
}
- memset(t, 0, nw * sizeof(t[0]));
+ OPENSSL_memset(t, 0, nw * sizeof(t[0]));
r->top = a->top + nw + 1;
bn_correct_top(r);
diff --git a/src/crypto/buf/buf.c b/src/crypto/buf/buf.c
index efe9952..ca1d70b 100644
--- a/src/crypto/buf/buf.c
+++ b/src/crypto/buf/buf.c
@@ -61,6 +61,8 @@
#include <openssl/mem.h>
#include <openssl/err.h>
+#include "../internal.h"
+
BUF_MEM *BUF_MEM_new(void) {
BUF_MEM *ret;
@@ -71,7 +73,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BUF_MEM));
+ OPENSSL_memset(ret, 0, sizeof(BUF_MEM));
return ret;
}
@@ -137,7 +139,7 @@
return 0;
}
if (buf->length < len) {
- memset(&buf->data[buf->length], 0, len - buf->length);
+ OPENSSL_memset(&buf->data[buf->length], 0, len - buf->length);
}
buf->length = len;
return len;
@@ -193,7 +195,7 @@
return NULL;
}
- memcpy(ret, buf, size);
+ OPENSSL_memcpy(ret, buf, size);
ret[size] = '\0';
return ret;
}
@@ -234,6 +236,6 @@
return NULL;
}
- memcpy(ret, data, dst_size);
+ OPENSSL_memcpy(ret, data, dst_size);
return ret;
}
diff --git a/src/crypto/bytestring/asn1_compat.c b/src/crypto/bytestring/asn1_compat.c
index b17d2d1..50df9cc 100644
--- a/src/crypto/bytestring/asn1_compat.c
+++ b/src/crypto/bytestring/asn1_compat.c
@@ -22,6 +22,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int CBB_finish_i2d(CBB *cbb, uint8_t **outp) {
@@ -42,7 +43,7 @@
*outp = der;
der = NULL;
} else {
- memcpy(*outp, der, der_len);
+ OPENSSL_memcpy(*outp, der, der_len);
*outp += der_len;
}
}
diff --git a/src/crypto/bytestring/ber.c b/src/crypto/bytestring/ber.c
index 04fcac6..ee3cd0a 100644
--- a/src/crypto/bytestring/ber.c
+++ b/src/crypto/bytestring/ber.c
@@ -18,6 +18,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
/* kMaxDepth is a just a sanity limit. The code should be such that the length
@@ -100,7 +101,7 @@
* |CBS_get_any_ber_asn1_element|, indicate an "end of contents" (EOC) value. */
static char is_eoc(size_t header_len, CBS *contents) {
return header_len == 2 && CBS_len(contents) == 2 &&
- memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
+ OPENSSL_memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
}
/* cbs_convert_ber reads BER data from |in| and writes DER data to |out|. If
diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc
index b2b20d7..6ec6fcf 100644
--- a/src/crypto/bytestring/bytestring_test.cc
+++ b/src/crypto/bytestring/bytestring_test.cc
@@ -132,7 +132,7 @@
}
if (!CBS_get_asn1(&data, &contents, 0x30) ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -193,7 +193,7 @@
!CBS_get_optional_asn1(&data, &contents, &present, 0xa1) ||
!present ||
CBS_len(&contents) != 3 ||
- memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
return false;
}
@@ -235,7 +235,7 @@
if (!CBS_get_any_asn1(&data, &contents, &tag) ||
tag != CBS_ASN1_SEQUENCE ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -245,7 +245,7 @@
tag != CBS_ASN1_SEQUENCE ||
header_len != 2 ||
CBS_len(&contents) != 4 ||
- memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
return false;
}
@@ -312,7 +312,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBFixed() {
@@ -396,7 +397,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBDiscardChild() {
@@ -445,7 +447,8 @@
0, 0, 3, 0xdd, 0xdd, 0xdd,
1, 0xff,
};
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBMisuse() {
@@ -484,7 +487,7 @@
bssl::UniquePtr<uint8_t> scoper(buf);
if (buf_len != 3 ||
- memcmp(buf, "\x01\x01\x02", 3) != 0) {
+ OPENSSL_memcmp(buf, "\x01\x01\x02", 3) != 0) {
return false;
}
return true;
@@ -507,7 +510,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- if (buf_len != sizeof(kExpected) || memcmp(buf, kExpected, buf_len) != 0) {
+ if (buf_len != sizeof(kExpected) ||
+ OPENSSL_memcmp(buf, kExpected, buf_len) != 0) {
return false;
}
@@ -525,8 +529,8 @@
scoper.reset(buf);
if (buf_len != 3 + 130 ||
- memcmp(buf, "\x30\x81\x82", 3) != 0 ||
- memcmp(buf + 3, test_data.data(), 130) != 0) {
+ OPENSSL_memcmp(buf, "\x30\x81\x82", 3) != 0 ||
+ OPENSSL_memcmp(buf + 3, test_data.data(), 130) != 0) {
return false;
}
@@ -542,8 +546,8 @@
scoper.reset(buf);
if (buf_len != 4 + 1000 ||
- memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
- memcmp(buf + 4, test_data.data(), 1000)) {
+ OPENSSL_memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
+ OPENSSL_memcmp(buf + 4, test_data.data(), 1000)) {
return false;
}
@@ -560,8 +564,9 @@
scoper.reset(buf);
if (buf_len != 5 + 5 + 100000 ||
- memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) != 0 ||
- memcmp(buf + 10, test_data.data(), 100000)) {
+ OPENSSL_memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) !=
+ 0 ||
+ OPENSSL_memcmp(buf + 10, test_data.data(), 100000)) {
return false;
}
@@ -584,7 +589,7 @@
if (out == NULL) {
if (ber_len != der_len ||
- memcmp(der_expected, ber, ber_len) != 0) {
+ OPENSSL_memcmp(der_expected, ber, ber_len) != 0) {
fprintf(stderr, "%s: incorrect unconverted result.\n", name);
return false;
}
@@ -593,7 +598,7 @@
}
if (out_len != der_len ||
- memcmp(out, der_expected, der_len) != 0) {
+ OPENSSL_memcmp(out, der_expected, der_len) != 0) {
fprintf(stderr, "%s: incorrect converted result.\n", name);
return false;
}
@@ -702,7 +707,7 @@
}
if (ok && (CBS_len(&out) != test.out_len ||
- memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
+ OPENSSL_memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
fprintf(stderr, "CBS_get_asn1_implicit_string gave the wrong output\n");
return false;
}
@@ -772,7 +777,8 @@
return false;
}
bssl::UniquePtr<uint8_t> scoper(out);
- if (len != test->encoding_len || memcmp(out, test->encoding, len) != 0) {
+ if (len != test->encoding_len ||
+ OPENSSL_memcmp(out, test->encoding, len) != 0) {
return false;
}
}
@@ -907,7 +913,7 @@
static const std::vector<uint8_t> kInvalidBitStrings[] = {
// BIT STRINGs always have a leading byte.
- {},
+ std::vector<uint8_t>{},
// It's not possible to take an unused bit off the empty string.
{0x01},
// There can be at most 7 unused bits.
diff --git a/src/crypto/bytestring/cbb.c b/src/crypto/bytestring/cbb.c
index 2d65be8..14116be 100644
--- a/src/crypto/bytestring/cbb.c
+++ b/src/crypto/bytestring/cbb.c
@@ -19,9 +19,11 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
void CBB_zero(CBB *cbb) {
- memset(cbb, 0, sizeof(CBB));
+ OPENSSL_memset(cbb, 0, sizeof(CBB));
}
static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) {
@@ -252,8 +254,8 @@
if (!cbb_buffer_add(cbb->base, NULL, extra_bytes)) {
goto err;
}
- memmove(cbb->base->buf + child_start + extra_bytes,
- cbb->base->buf + child_start, len);
+ OPENSSL_memmove(cbb->base->buf + child_start + extra_bytes,
+ cbb->base->buf + child_start, len);
}
cbb->base->buf[cbb->child->offset++] = initial_length_byte;
cbb->child->pending_len_len = len_len - 1;
@@ -303,8 +305,8 @@
return 0;
}
- memset(prefix_bytes, 0, len_len);
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(prefix_bytes, 0, len_len);
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -346,7 +348,7 @@
return 0;
}
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -363,7 +365,7 @@
!cbb_buffer_add(cbb->base, &dest, len)) {
return 0;
}
- memcpy(dest, data, len);
+ OPENSSL_memcpy(dest, data, len);
return 1;
}
diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c
index 132fe03..14c55a4 100644
--- a/src/crypto/bytestring/cbs.c
+++ b/src/crypto/bytestring/cbs.c
@@ -20,6 +20,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {
@@ -76,7 +77,7 @@
}
int CBS_contains_zero_byte(const CBS *cbs) {
- return memchr(cbs->data, 0, cbs->len) != NULL;
+ return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL;
}
int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
@@ -150,7 +151,7 @@
if (!cbs_get(cbs, &v, len)) {
return 0;
}
- memcpy(out, v, len);
+ OPENSSL_memcpy(out, v, len);
return 1;
}
diff --git a/src/crypto/chacha/chacha.c b/src/crypto/chacha/chacha.c
index feaa98a..fe32596 100644
--- a/src/crypto/chacha/chacha.c
+++ b/src/crypto/chacha/chacha.c
@@ -96,7 +96,7 @@
uint32_t x[16];
int i;
- memcpy(x, input, sizeof(uint32_t) * 16);
+ OPENSSL_memcpy(x, input, sizeof(uint32_t) * 16);
for (i = 20; i > 0; i -= 2) {
QUARTERROUND(0, 4, 8, 12)
QUARTERROUND(1, 5, 9, 13)
diff --git a/src/crypto/chacha/chacha_test.cc b/src/crypto/chacha/chacha_test.cc
index 0a5972f..6bfb03e 100644
--- a/src/crypto/chacha/chacha_test.cc
+++ b/src/crypto/chacha/chacha_test.cc
@@ -21,6 +21,8 @@
#include <openssl/crypto.h>
#include <openssl/chacha.h>
+#include "../internal.h"
+
static const uint8_t kKey[32] = {
0x98, 0xbe, 0xf1, 0x46, 0x9b, 0xe7, 0x26, 0x98, 0x37, 0xa4, 0x5b,
@@ -217,15 +219,15 @@
static bool TestChaCha20(size_t len) {
std::unique_ptr<uint8_t[]> buf(new uint8_t[len]);
CRYPTO_chacha_20(buf.get(), kInput, len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu.\n", len);
return false;
}
// Test in-place.
- memcpy(buf.get(), kInput, len);
+ OPENSSL_memcpy(buf.get(), kInput, len);
CRYPTO_chacha_20(buf.get(), buf.get(), len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu, in-place.\n", len);
return false;
}
diff --git a/src/crypto/cipher/aead.c b/src/crypto/cipher/aead.c
index 2d56715..b5ff48a 100644
--- a/src/crypto/cipher/aead.c
+++ b/src/crypto/cipher/aead.c
@@ -32,7 +32,7 @@
size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; }
void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_AEAD_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_AEAD_CTX));
}
int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
@@ -116,7 +116,7 @@
error:
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't send raw data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
@@ -139,7 +139,7 @@
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't try and process bad
* data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc
index 313f041..0c95fb4 100644
--- a/src/crypto/cipher/aead_test.cc
+++ b/src/crypto/cipher/aead_test.cc
@@ -21,6 +21,7 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -86,8 +87,8 @@
}
} else {
out.resize(ct.size() + tag.size());
- memcpy(out.data(), ct.data(), ct.size());
- memcpy(out.data() + ct.size(), tag.data(), tag.size());
+ OPENSSL_memcpy(out.data(), ct.data(), ct.size());
+ OPENSSL_memcpy(out.data() + ct.size(), tag.data(), tag.size());
}
// The "stateful" AEADs for implementing pre-AEAD cipher suites need to be
@@ -170,7 +171,7 @@
EVP_AEAD_CTX ctx;
uint8_t key[128];
- memset(key, 0, sizeof(key));
+ OPENSSL_memset(key, 0, sizeof(key));
const size_t key_len = EVP_AEAD_key_length(aead);
if (key_len > sizeof(key)) {
fprintf(stderr, "Key length of AEAD too long.\n");
@@ -239,7 +240,7 @@
uint8_t *out1 = buffer.data();
uint8_t *out2 = buffer.data() + 2;
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
size_t out_len;
if (EVP_AEAD_CTX_seal(ctx.get(), out1, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -252,7 +253,7 @@
}
ERR_clear_error();
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (EVP_AEAD_CTX_open(ctx.get(), out1, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0) ||
@@ -265,7 +266,7 @@
ERR_clear_error();
// Test with out == in, which we expect to work.
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
if (!EVP_AEAD_CTX_seal(ctx.get(), in, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -275,12 +276,12 @@
}
if (out_len != valid_encryption_len ||
- memcmp(in, valid_encryption.data(), out_len) != 0) {
+ OPENSSL_memcmp(in, valid_encryption.data(), out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_seal produced bad output in-place.\n");
return false;
}
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (!EVP_AEAD_CTX_open(ctx.get(), in, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0)) {
@@ -289,7 +290,7 @@
}
if (out_len != sizeof(kPlaintext) ||
- memcmp(in, kPlaintext, out_len) != 0) {
+ OPENSSL_memcmp(in, kPlaintext, out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_open produced bad output in-place.\n");
return false;
}
diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c
index f61c59f..ae045ae 100644
--- a/src/crypto/cipher/cipher.c
+++ b/src/crypto/cipher/cipher.c
@@ -64,6 +64,7 @@
#include <openssl/nid.h>
#include "internal.h"
+#include "../internal.h"
const EVP_CIPHER *EVP_get_cipherbynid(int nid) {
@@ -88,7 +89,7 @@
}
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
}
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) {
@@ -108,7 +109,7 @@
}
OPENSSL_free(c->cipher_data);
- memset(c, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(c, 0, sizeof(EVP_CIPHER_CTX));
return 1;
}
@@ -126,7 +127,7 @@
}
EVP_CIPHER_CTX_cleanup(out);
- memcpy(out, in, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memcpy(out, in, sizeof(EVP_CIPHER_CTX));
if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+ OPENSSL_memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
}
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
@@ -210,9 +211,9 @@
case EVP_CIPH_CBC_MODE:
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
if (iv) {
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
case EVP_CIPH_CTR_MODE:
@@ -220,7 +221,7 @@
ctx->num = 0;
/* Don't reuse IV for CTR mode */
if (iv) {
- memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
break;
@@ -285,13 +286,13 @@
assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
if (bl - i > in_len) {
- memcpy(&ctx->buf[i], in, in_len);
+ OPENSSL_memcpy(&ctx->buf[i], in, in_len);
ctx->buf_len += in_len;
*out_len = 0;
return 1;
} else {
j = bl - i;
- memcpy(&ctx->buf[i], in, j);
+ OPENSSL_memcpy(&ctx->buf[i], in, j);
if (!ctx->cipher->cipher(ctx, out, ctx->buf, bl)) {
return 0;
}
@@ -314,7 +315,7 @@
}
if (i != 0) {
- memcpy(ctx->buf, &in[in_len], i);
+ OPENSSL_memcpy(ctx->buf, &in[in_len], i);
}
ctx->buf_len = i;
return 1;
@@ -393,7 +394,7 @@
assert(b <= sizeof(ctx->final));
if (ctx->final_used) {
- memcpy(out, ctx->final, b);
+ OPENSSL_memcpy(out, ctx->final, b);
out += b;
fix_len = 1;
} else {
@@ -409,7 +410,7 @@
if (b > 1 && !ctx->buf_len) {
*out_len -= b;
ctx->final_used = 1;
- memcpy(ctx->final, &out[*out_len], b);
+ OPENSSL_memcpy(ctx->final, &out[*out_len], b);
} else {
ctx->final_used = 0;
}
diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c
index f99022f..0e9a7cd 100644
--- a/src/crypto/cipher/e_aes.c
+++ b/src/crypto/cipher/e_aes.c
@@ -479,7 +479,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -545,7 +545,7 @@
if (arg <= 0 || arg > 16 || c->encrypt) {
return 0;
}
- memcpy(c->buf, ptr, arg);
+ OPENSSL_memcpy(c->buf, ptr, arg);
gctx->taglen = arg;
return 1;
@@ -553,13 +553,13 @@
if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) {
return 0;
}
- memcpy(ptr, c->buf, arg);
+ OPENSSL_memcpy(ptr, c->buf, arg);
return 1;
case EVP_CTRL_GCM_SET_IV_FIXED:
/* Special case: -1 length restores whole IV */
if (arg == -1) {
- memcpy(gctx->iv, ptr, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, ptr, gctx->ivlen);
gctx->iv_gen = 1;
return 1;
}
@@ -569,7 +569,7 @@
return 0;
}
if (arg) {
- memcpy(gctx->iv, ptr, arg);
+ OPENSSL_memcpy(gctx->iv, ptr, arg);
}
if (c->encrypt && !RAND_bytes(gctx->iv + arg, gctx->ivlen - arg)) {
return 0;
@@ -585,7 +585,7 @@
if (arg <= 0 || arg > gctx->ivlen) {
arg = gctx->ivlen;
}
- memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+ OPENSSL_memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
/* Invocation field will be at least 8 bytes in size and
* so no need to check wrap around or increment more than
* last 8 bytes. */
@@ -597,7 +597,7 @@
if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) {
return 0;
}
- memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+ OPENSSL_memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, gctx->iv, gctx->ivlen);
gctx->iv_set = 1;
return 1;
@@ -612,7 +612,7 @@
if (!gctx_out->iv) {
return 0;
}
- memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
}
return 1;
}
@@ -860,7 +860,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -1073,7 +1073,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (ad_len > 0 && !CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1120,7 +1120,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (!CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1198,8 +1198,8 @@
const uint8_t hmac_key[32]) {
static const size_t hmac_key_len = 32;
uint8_t block[SHA256_CBLOCK];
- memcpy(block, hmac_key, hmac_key_len);
- memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
+ OPENSSL_memcpy(block, hmac_key, hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
unsigned i;
for (i = 0; i < hmac_key_len; i++) {
@@ -1209,7 +1209,7 @@
SHA256_Init(out_inner);
SHA256_Update(out_inner, block, sizeof(block));
- memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
for (i = 0; i < hmac_key_len; i++) {
block[i] ^= (0x36 ^ 0x5c);
}
@@ -1284,7 +1284,7 @@
const uint8_t *nonce, const uint8_t *ciphertext,
size_t ciphertext_len) {
SHA256_CTX sha256;
- memcpy(&sha256, inner_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, inner_init_state, sizeof(sha256));
hmac_update_uint64(&sha256, ad_len);
hmac_update_uint64(&sha256, ciphertext_len);
SHA256_Update(&sha256, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
@@ -1297,7 +1297,7 @@
SHA256_CBLOCK)) %
SHA256_CBLOCK;
uint8_t padding[SHA256_CBLOCK];
- memset(padding, 0, num_padding);
+ OPENSSL_memset(padding, 0, num_padding);
SHA256_Update(&sha256, padding, num_padding);
SHA256_Update(&sha256, ciphertext, ciphertext_len);
@@ -1305,7 +1305,7 @@
uint8_t inner_digest[SHA256_DIGEST_LENGTH];
SHA256_Final(inner_digest, &sha256);
- memcpy(&sha256, outer_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, outer_init_state, sizeof(sha256));
SHA256_Update(&sha256, inner_digest, sizeof(inner_digest));
SHA256_Final(out, &sha256);
}
@@ -1317,11 +1317,11 @@
* bytes is pointless. However, |CRYPTO_ctr128_encrypt| requires it. */
uint8_t partial_block_buffer[AES_BLOCK_SIZE];
unsigned partial_block_offset = 0;
- memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
+ OPENSSL_memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
uint8_t counter[AES_BLOCK_SIZE];
- memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
- memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
+ OPENSSL_memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
+ OPENSSL_memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
if (aes_ctx->ctr) {
CRYPTO_ctr128_encrypt_ctr32(in, out, len, &aes_ctx->ks.ks, counter,
@@ -1364,7 +1364,7 @@
uint8_t hmac_result[SHA256_DIGEST_LENGTH];
hmac_calculate(hmac_result, &aes_ctx->inner_init_state,
&aes_ctx->outer_init_state, ad, ad_len, nonce, out, in_len);
- memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
*out_len = in_len + aes_ctx->tag_len;
return 1;
@@ -1482,7 +1482,7 @@
if (gcm_siv_ctx == NULL) {
return 0;
}
- memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
+ OPENSSL_memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
if (aesni_capable()) {
aesni_set_encrypt_key(key, key_len * 8, &gcm_siv_ctx->ks.ks);
@@ -1525,7 +1525,7 @@
uint8_t c[16];
} counter;
- memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
+ OPENSSL_memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
counter.c[15] |= 0x80;
for (size_t done = 0; done < in_len;) {
@@ -1558,15 +1558,15 @@
uint8_t scratch[16];
if (ad_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, in, in_len & ~15);
if (in_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &in[in_len & ~15], in_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &in[in_len & ~15], in_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
@@ -1655,7 +1655,7 @@
gcm_siv_crypt(out, in, in_len, tag, keys.enc_block, &keys.enc_key.ks);
- memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
+ OPENSSL_memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
*out_len = in_len + EVP_AEAD_AES_GCM_SIV_TAG_LEN;
return 1;
diff --git a/src/crypto/cipher/e_chacha20poly1305.c b/src/crypto/cipher/e_chacha20poly1305.c
index 9c80ba1..ed0d74c 100644
--- a/src/crypto/cipher/e_chacha20poly1305.c
+++ b/src/crypto/cipher/e_chacha20poly1305.c
@@ -55,7 +55,7 @@
return 0;
}
- memcpy(c20_ctx->key, key, key_len);
+ OPENSSL_memcpy(c20_ctx->key, key, key_len);
c20_ctx->tag_len = tag_len;
ctx->aead_state = c20_ctx;
@@ -94,7 +94,7 @@
size_t ad_len, const uint8_t *ciphertext,
size_t ciphertext_len) {
alignas(16) uint8_t poly1305_key[32];
- memset(poly1305_key, 0, sizeof(poly1305_key));
+ OPENSSL_memset(poly1305_key, 0, sizeof(poly1305_key));
CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
c20_ctx->key, nonce, 0);
poly1305_state ctx;
@@ -137,7 +137,7 @@
alignas(16) uint8_t tag[POLY1305_TAG_LEN];
aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, out, in_len);
- memcpy(out + in_len, tag, c20_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, tag, c20_ctx->tag_len);
*out_len = in_len + c20_ctx->tag_len;
return 1;
}
@@ -261,8 +261,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return seal_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
@@ -276,8 +276,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return open_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
diff --git a/src/crypto/cipher/e_null.c b/src/crypto/cipher/e_null.c
index 3d6a24c..9f89308 100644
--- a/src/crypto/cipher/e_null.c
+++ b/src/crypto/cipher/e_null.c
@@ -60,6 +60,7 @@
#include <openssl/nid.h>
+#include "../internal.h"
#include "internal.h"
@@ -71,7 +72,7 @@
static int null_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t in_len) {
if (in != out) {
- memcpy(out, in, in_len);
+ OPENSSL_memcpy(out, in, in_len);
}
return 1;
}
diff --git a/src/crypto/cipher/e_ssl3.c b/src/crypto/cipher/e_ssl3.c
index ef87594..f1dad2b 100644
--- a/src/crypto/cipher/e_ssl3.c
+++ b/src/crypto/cipher/e_ssl3.c
@@ -25,6 +25,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
typedef struct {
@@ -49,7 +50,7 @@
uint8_t pad[48];
uint8_t tmp[EVP_MAX_MD_SIZE];
- memset(pad, 0x36, pad_len);
+ OPENSSL_memset(pad, 0x36, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, ad, ad_len) ||
@@ -60,7 +61,7 @@
return 0;
}
- memset(pad, 0x5c, pad_len);
+ OPENSSL_memset(pad, 0x5c, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, tmp, md_size) ||
@@ -188,7 +189,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, 0, padding_len - 1);
+ OPENSSL_memset(padding, 0, padding_len - 1);
padding[padding_len - 1] = padding_len - 1;
if (!EVP_EncryptUpdate(&ssl3_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
diff --git a/src/crypto/cipher/e_tls.c b/src/crypto/cipher/e_tls.c
index c0d18fd..7d9bbee 100644
--- a/src/crypto/cipher/e_tls.c
+++ b/src/crypto/cipher/e_tls.c
@@ -80,7 +80,7 @@
EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx);
HMAC_CTX_init(&tls_ctx->hmac_ctx);
assert(mac_key_len <= EVP_MAX_MD_SIZE);
- memcpy(tls_ctx->mac_key, key, mac_key_len);
+ OPENSSL_memcpy(tls_ctx->mac_key, key, mac_key_len);
tls_ctx->mac_key_len = (uint8_t)mac_key_len;
tls_ctx->implicit_iv = implicit_iv;
@@ -182,7 +182,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, padding_len - 1, padding_len);
+ OPENSSL_memset(padding, padding_len - 1, padding_len);
if (!EVP_EncryptUpdate(&tls_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
return 0;
@@ -288,7 +288,7 @@
/* To allow for CBC mode which changes cipher length, |ad| doesn't include the
* length for legacy ciphers. */
uint8_t ad_fixed[13];
- memcpy(ad_fixed, ad, 11);
+ OPENSSL_memcpy(ad_fixed, ad, 11);
ad_fixed[11] = (uint8_t)(data_len >> 8);
ad_fixed[12] = (uint8_t)(data_len & 0xff);
ad_len += 2;
diff --git a/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt b/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
index a929b59..faf97c1 100644
--- a/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
+++ b/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
@@ -234,3 +234,12 @@
AD: 0100000000000000000000000000000002000000
CT: b26d43ae158316ac37f41579ccf1d461274e
TAG: 13b7c01d08dd6969d51d1bf0fbbdc4d2
+
+# Sample large random test vector.
+
+KEY: ee0f62a965fa640d1c95d79b215dca71
+NONCE: 7df5a22c91e6b6f37594dfef54847bd9
+IN: 5d90037e677666fbc0215305096301d852609e1380992d8c2e3594344a7f9a0521fdeda53de07d3184d590667fc7151a93ba097f20c67da0b1da8c23bd05887a4b66ab50333874819035eafd775fcfa86b380968f15d8cd46483d418b2c074f0dc18407108f63abe89c5448e83d064b6544a275dd75a21dd0241dafa086beb8446f398f6c1b2b117ad6f2cdb04031640852b5e15560d39b8d9088824f728ae66b2214e4cd70f60174313a5f0286741caeb4b66d0513b63c4a1325306f79f1f79bb28ccf6448fa3160876eefd85ca03c196a3e5568b0f3c818e7cf9d661423ed6a50a6911d52217a1b81e94ba040f336e74ac71b33964c3a7d960a32c255e22fcb7dcc41b9b136815b784ce4015b61b55e305e2ab1f96d17b561eb0281476cbaec54e942a186fbf3df92358960182c3c034066364e80fa492b36d36ee68f2738220f249a69f24405fe9995dab0b0b338ee68d85f0e59870903ca9d02f32ee6a24efc85434610586470b938daa9d14206c360339f7ec50857f4e5075a29bb51720d9a6f399f7b8bd45b402b0eed8f6e427d5dd358a0c3f10a58582be8934ebd7903497cc6622a977d6045f97a58f5ed7a3470583ebf88f71150499047e4b624f8018cffaca0d5a9db7f73da2db6770c98cd628d2d6682a4c41d584f37ea0ff7e8763616a548027e29cb3ec3e02a82eab205f7af46b6c9b02a15de54fc301a9845d50396cf3826b23296c360fafbaf65e5f48c4998085d7dac07736b106a8bb1e8e69dca15464d1bf156a5f84b62170f680826dcca7bf1c126cdb70dc872a005806d423cee46ab0d84d2d8d490c8eaec8b17b12913d4856c59f5348c6956c96a32595eef8c89ee5ae99706c92e748714dae4ae45685710261cd66d3ef93ed01bb862bfeb3b4fb5074ffec5517c8845173fde2774cd3b5a25cc1dc11d833c29614b7272bf213aeb19f83603aee97a9bc43e8b88c8789c520f634028cce2b0be343e74c8c341a153a36f797f38a4ebb53589e45f1e64299fedd2e9bbdeb9ad9ab4e2eccb4bd2b57000a5d7b064e6b6fb5cb9c743d6afe697bac549ade238c7a3a094e799e9c7e6cef6e6d4b8c8f1d862bc8ab9b96238c7d5393b2f684c5b4826df6c5f48cadb43fd6d6cb189ca56125bfee9dd44d22a2e28d7a9e63565321c9ecad96b3ae7376c984c44cab978002ff78d947230fe15918b3a73232ff5c05586c4b0e2e0d737be6abef80414b008ad2deea1944a4248f02063500a9276217ceabeca39ec4d6af647395a9c91401dcbe8f9645ef97eca5624029f942cc9979fd31636d65ed181a65763c5c16e65f8673a3cc6143ede8144d894559dedfac3000e8d86590b0ced25dd8666d71f237fd3511d7f8a20dbb4e95e3aca9807a2351bf705a7eec5a80f2b390ef9df496c5cd7ca9f5d8846df291025beb9781c793613efe7798
+AD: 4b7531e0a946b20c80f70dea4d437833f3dd26ae6f6dc37b7b99e82122acf2b7975f6d8efcb7ec4c6ff3c0ce4a5864adba0e658aeb8d9b839f3509f033827bc69a1ab080a0a1cc63559b00a3a259c53c145b0282f5e56930fc35b11c83b6564f2e80f186c2ef2e8886641fe6c4966dc9f86c567e73902d1a8fc33be1551e8359aa585bd2b8da83c0cd78a086cdebf8904d1b66a2fee176fa19714f062b752653d75a0e441ff7fba0c5a0cb6ded48f68b38af82faa985f9d97ba3c0978e1d23d8eb8899072fbec9379ca5f2b91293cb57eac81a6d711f9cccb36ff16b0de86d27d62e136ddbc1a2be38d5a1284e4620f4f9ab1f16729630e16dd2901f24f5ad6e
+CT: 1b5a273ee4e1f87516bb711bd97c559fd5139286d90d3f64813f88c697ff448c7ce57ff3a2b70479c0f904f0c6de92234ef72b4ad62038a32108804042e07ad94e49a327bd28f1c49786c2b1537392c582031f52e3bd27336dab9d237ce47ffd0c8002b60b1055226cf28c6d99be0e4f75afb72c6953ffa0b033f74304efe19601d34dfda29874efdc9ebfa74c9d55c7273561c46b7cd4d631ab05ca7172111c13f0703ff9cec063988b7bf1bd9557b8d8a914162d2f31113f1682e951acaba4a314aabf901bdc5117184109fca1cecfe552f2e7d003eab51ceb992c2bb11245e1cd7e230398a3d18bab59c9acf033bde779166bfd3f98792902f84e4ef32cf5f410af2cec9cbe67ebb28f3fceb497abf4b1c240cab4852d840de9dec20f0e21853be6227784beee276ea3a4c6092654f7d62af614e5ea976791195415befa1f4a9d77c35a84b0d54b5eb1e00f55bbafac209468532b18d020e16798256aab9ea3989d876822cc68135ee103169962965a9383b2cff70213f9c52bcf2441e7b8ec07bee0c225be5353bcfe6d9ff546d30889813a13e1e966028dd80ec096202a26e478278af8b15bcf29137d536658d51293c6cfecde110e5b17ec39ce5317db5a03a1919f52f89ceeec0b5f48875e9692501b34303110e52ef4ea96d98cc28ab6e9ca24a8bb124629ac480b06fa8321b5712f2ae22e750848404ac20232716e195b343adebb52234cbc002c602574a7fbad638c1a7201eb38d4404b3d672119617e1190402b57568ee1e776ba18087164ddfbbf77f26ae5ee229ef101f10306f6449920b08d4e46bb2039d4777319547d7b4ef32e61c3cc897bc36cc2d5983c63e38814276a28125468112b646b877bbe2d206e578a8fd402be6d963b1d79c8b14dbca801bb92d7217cb7375d5e126702270158c89db653f1ee34e1c1ca066fe854532a36b74d36d9bc077506349a4cb8143dca1be3241f64cdc410c4d362982500aeea2a12172ccac996a333a2bff5393e0be9bcb93ca0fd62a22f0f72618325e233b42214ce8683c57dcf3113edbc5102e84b265aa031e26ec5fa18b1a7fa72358072d47b85e045cd52541e49b94d74fb21bb19725675c0d014ca8f8219c26cb8158f5d84b2cafb0474b2b39cb7f21c3320b5cbd57cff7133243a462e492de6340ee7d60ef888d639ca50380529f09b9eb279c49ad04662b7ec4f579fcec011790f18b2c0ad081eaf2be13d6f6a5969db46d56df9daea2cb332e719135109fd1d7caa84af315c0054f37177312c01a9f3f05a6e9bca719f906d1e8af7fdc24a3677c922f435e6e4c069073ea779c2b74c98f9374f5a38961a4354e74803f0f4042b91fb82a0c593c13f9ff720a70136d0b108acdb762a08f98a222f48c2858c0cc9a27edc9e79fe0f71ebe2940c60a279476975926eab478685ebf8a74705
+TAG: 6f5223329c07cbf6b038d307cbb8a719
diff --git a/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt b/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
index cd38e23..b7a9efe 100644
--- a/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
+++ b/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
@@ -224,3 +224,12 @@
AD: 0100000000000000000000000000000002000000
CT: c6d3d28704bf20067d62e1a3872d40dda44b
TAG: 6ac0135a4379dbc67967ff55fd4d1f2f
+
+# Sample large random test vector.
+
+KEY: 83475d5042f8baedf4ca779088abfab17d35416a767d8c42c2a650cc597e5004
+NONCE: 7df5a22c91e6b6f37594dfef54847bd9
+IN: 5d90037e677666fbc0215305096301d852609e1380992d8c2e3594344a7f9a0521fdeda53de07d3184d590667fc7151a93ba097f20c67da0b1da8c23bd05887a4b66ab50333874819035eafd775fcfa86b380968f15d8cd46483d418b2c074f0dc18407108f63abe89c5448e83d064b6544a275dd75a21dd0241dafa086beb8446f398f6c1b2b117ad6f2cdb04031640852b5e15560d39b8d9088824f728ae66b2214e4cd70f60174313a5f0286741caeb4b66d0513b63c4a1325306f79f1f79bb28ccf6448fa3160876eefd85ca03c196a3e5568b0f3c818e7cf9d661423ed6a50a6911d52217a1b81e94ba040f336e74ac71b33964c3a7d960a32c255e22fcb7dcc41b9b136815b784ce4015b61b55e305e2ab1f96d17b561eb0281476cbaec54e942a186fbf3df92358960182c3c034066364e80fa492b36d36ee68f2738220f249a69f24405fe9995dab0b0b338ee68d85f0e59870903ca9d02f32ee6a24efc85434610586470b938daa9d14206c360339f7ec50857f4e5075a29bb51720d9a6f399f7b8bd45b402b0eed8f6e427d5dd358a0c3f10a58582be8934ebd7903497cc6622a977d6045f97a58f5ed7a3470583ebf88f71150499047e4b624f8018cffaca0d5a9db7f73da2db6770c98cd628d2d6682a4c41d584f37ea0ff7e8763616a548027e29cb3ec3e02a82eab205f7af46b6c9b02a15de54fc301a9845d50396cf3826b23296c360fafbaf65e5f48c4998085d7dac07736b106a8bb1e8e69dca15464d1bf156a5f84b62170f680826dcca7bf1c126cdb70dc872a005806d423cee46ab0d84d2d8d490c8eaec8b17b12913d4856c59f5348c6956c96a32595eef8c89ee5ae99706c92e748714dae4ae45685710261cd66d3ef93ed01bb862bfeb3b4fb5074ffec5517c8845173fde2774cd3b5a25cc1dc11d833c29614b7272bf213aeb19f83603aee97a9bc43e8b88c8789c520f634028cce2b0be343e74c8c341a153a36f797f38a4ebb53589e45f1e64299fedd2e9bbdeb9ad9ab4e2eccb4bd2b57000a5d7b064e6b6fb5cb9c743d6afe697bac549ade238c7a3a094e799e9c7e6cef6e6d4b8c8f1d862bc8ab9b96238c7d5393b2f684c5b4826df6c5f48cadb43fd6d6cb189ca56125bfee9dd44d22a2e28d7a9e63565321c9ecad96b3ae7376c984c44cab978002ff78d947230fe15918b3a73232ff5c05586c4b0e2e0d737be6abef80414b008ad2deea1944a4248f02063500a9276217ceabeca39ec4d6af647395a9c91401dcbe8f9645ef97eca5624029f942cc9979fd31636d65ed181a65763c5c16e65f8673a3cc6143ede8144d894559dedfac3000e8d86590b0ced25dd8666d71f237fd3511d7f8a20dbb4e95e3aca9807a2351bf705a7eec5a80f2b390ef9df496c5cd7ca9f5d8846df291025beb9781c793613efe7798
+AD: 4b7531e0a946b20c80f70dea4d437833f3dd26ae6f6dc37b7b99e82122acf2b7975f6d8efcb7ec4c6ff3c0ce4a5864adba0e658aeb8d9b839f3509f033827bc69a1ab080a0a1cc63559b00a3a259c53c145b0282f5e56930fc35b11c83b6564f2e80f186c2ef2e8886641fe6c4966dc9f86c567e73902d1a8fc33be1551e8359aa585bd2b8da83c0cd78a086cdebf8904d1b66a2fee176fa19714f062b752653d75a0e441ff7fba0c5a0cb6ded48f68b38af82faa985f9d97ba3c0978e1d23d8eb8899072fbec9379ca5f2b91293cb57eac81a6d711f9cccb36ff16b0de86d27d62e136ddbc1a2be38d5a1284e4620f4f9ab1f16729630e16dd2901f24f5ad6e
+CT: 30b73374cc093ffaad4be2088142b08ed1b0d2914f96d90e0279aeb3a6547807b9b3bbfe2cd880e8f3a9f3b6e42da1ef53d78a6c63da686498b61523ac4c82caa01d31afe1ec00e80349df969684b060299aa86e4b7a38c643987889eab5a0a0996d18b2350439c7162d566dbb0d55f0f50a81d982df5e2047a23800a418b5adf42d8ff26cfd961527347439e76fbb2c2da08c1dd1a5fddf149d47eaf571498e23c3104c6b2dffb8e5d5e5f90e50eae9146f48b19a6e2d49cd170654a0041096f4f57aff5054dbf784e7748b3ddfdb9c447ed86681bcfb8055407fcec320990609089c3b51845f8e9bcb21382421a2f8634e1ad8739795202ade68aa47ab10026031cb3bfd94adc70702c31760753af4a2bb852581519e91cce5b1e0e49d028a1a03b915917d1011a4a7c04b46e1d8434663aa9473d1ad135966ab18145caf825f4a04d47b953989e188d21ec9f3858623fe16c413d2caa73761ec9dab8bf4e6dcdb997a503168487b67d1b3a9768a1887c292b9f39d40a404b8ffd011150490ed2e751ccbe4f7661785d8c5b778a21aa7e6efc132afe81765cc4ef32b5959e19ca97a4c37601257b8484fab234760242db6fd140ed1cfaff1d11cfad836171b42a164671c178164bbdb14815376f4eed1fbbb95f8e4614ff23de5cc9a0642a228d6bce19fbeea0e661b14696c6eb4aca97ac2cbe838578e7033703e2b551f7ef5dae4a68cdc58daac41eddc07b38ea7c4de1262ce04fb16f75870bbf41c95acbce6eb86dc3452a0d177aef3bc1e39878788d4a2680feb5d888debe62ec64fd72290c0cf8b9105c365c7305d994b28a2b32b88fdd11c3879dc1e005d6a2aa99daa926b18338f0980cdf0d8275e190bb9b8da9a63ff332bb5f5b654414a110b9d6128d0984d015c2a0a100985733fd400be0829f57e72655bfcd10c20341cd24cad0705647363ec0a3d678f30f7a1e85bc1a2dd133fcef5f25852eb6d81d7b4b531aff4e655285375f1b1ceee0d58a63f85f21f6525e3ad43f76a8fef16c785047778e1eccfe8e3c7cb34f2e037a61e3f01af88874b30911df60664e5ca65d6836166ff796e6b710af474add57957c2139b24257bcee287090f1ca1f91c95cc2c9348689aa7b95dfcedb02e68e38c1cd75ef966f0d33c4e09c40e2e58d30f6d0771d11debf01e57f342f3fffa34a1ed2bf10035c1607f3fd79423c0164dd6c171d8046edaed9b7b2a75bc11e1e8417c4550795aab6f106a95b5dda022e512269e8b2937b1d5601cfec1dba8b763707b97bc786ac94e38cd368cadeb1b48a3e068b614fc7b06430db80d46889027ca3d228d87c6eb00531e8d913734e3af987b104d052bbd63564184cd9dc803e6948d70575c9606a704245ef6136f707ddba8a00f288199867774c6e7487311c29aada3f607fc904f88be90cae49789a5163a4c
+TAG: 37db916a9c13afd36e39ce5d01665067
diff --git a/src/crypto/cipher/tls_cbc.c b/src/crypto/cipher/tls_cbc.c
index eb56604..52880b0 100644
--- a/src/crypto/cipher/tls_cbc.c
+++ b/src/crypto/cipher/tls_cbc.c
@@ -148,7 +148,7 @@
unsigned rotate_offset = 0;
uint8_t mac_started = 0;
- memset(rotated_mac, 0, md_size);
+ OPENSSL_memset(rotated_mac, 0, md_size);
for (unsigned i = scan_start, j = 0; i < orig_len; i++, j++) {
if (j >= md_size) {
j -= md_size;
@@ -184,7 +184,7 @@
rotated_mac_tmp = tmp;
}
- memcpy(out, rotated_mac, md_size);
+ OPENSSL_memcpy(out, rotated_mac, md_size);
}
/* u32toBE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
@@ -382,16 +382,16 @@
/* Compute the initial HMAC block. */
bits += 8 * md_block_size;
- memset(hmac_pad, 0, md_block_size);
+ OPENSSL_memset(hmac_pad, 0, md_block_size);
assert(mac_secret_length <= sizeof(hmac_pad));
- memcpy(hmac_pad, mac_secret, mac_secret_length);
+ OPENSSL_memcpy(hmac_pad, mac_secret, mac_secret_length);
for (i = 0; i < md_block_size; i++) {
hmac_pad[i] ^= 0x36;
}
md_transform(md_state.c, hmac_pad);
- memset(length_bytes, 0, md_length_size - 4);
+ OPENSSL_memset(length_bytes, 0, md_length_size - 4);
length_bytes[md_length_size - 4] = (uint8_t)(bits >> 24);
length_bytes[md_length_size - 3] = (uint8_t)(bits >> 16);
length_bytes[md_length_size - 2] = (uint8_t)(bits >> 8);
@@ -399,15 +399,15 @@
if (k > 0) {
/* k is a multiple of md_block_size. */
- memcpy(first_block, header, 13);
- memcpy(first_block + 13, data, md_block_size - 13);
+ OPENSSL_memcpy(first_block, header, 13);
+ OPENSSL_memcpy(first_block + 13, data, md_block_size - 13);
md_transform(md_state.c, first_block);
for (i = 1; i < k / md_block_size; i++) {
md_transform(md_state.c, data + md_block_size * i - 13);
}
}
- memset(mac_out, 0, sizeof(mac_out));
+ OPENSSL_memset(mac_out, 0, sizeof(mac_out));
/* We now process the final hash blocks. For each block, we construct
* it in constant time. If the |i==index_a| then we'll include the 0x80
diff --git a/src/crypto/cmac/cmac.c b/src/crypto/cmac/cmac.c
index fa4c3c4..a9a527d 100644
--- a/src/crypto/cmac/cmac.c
+++ b/src/crypto/cmac/cmac.c
@@ -55,6 +55,8 @@
#include <openssl/cipher.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct cmac_ctx_st {
EVP_CIPHER_CTX cipher_ctx;
@@ -176,7 +178,7 @@
todo = in_len;
}
- memcpy(ctx->block + ctx->block_used, in, todo);
+ OPENSSL_memcpy(ctx->block + ctx->block_used, in, todo);
in += todo;
in_len -= todo;
ctx->block_used += todo;
@@ -206,7 +208,7 @@
in_len -= AES_BLOCK_SIZE;
}
- memcpy(ctx->block, in, in_len);
+ OPENSSL_memcpy(ctx->block, in, in_len);
ctx->block_used = in_len;
return 1;
@@ -224,8 +226,8 @@
/* If the last block is incomplete, terminate it with a single 'one' bit
* followed by zeros. */
ctx->block[ctx->block_used] = 0x80;
- memset(ctx->block + ctx->block_used + 1, 0,
- AES_BLOCK_SIZE - (ctx->block_used + 1));
+ OPENSSL_memset(ctx->block + ctx->block_used + 1, 0,
+ AES_BLOCK_SIZE - (ctx->block_used + 1));
mask = ctx->k2;
}
diff --git a/src/crypto/conf/conf.c b/src/crypto/conf/conf.c
index 96a534a..5b51d22 100644
--- a/src/crypto/conf/conf.c
+++ b/src/crypto/conf/conf.c
@@ -66,6 +66,7 @@
#include "conf_def.h"
#include "internal.h"
+#include "../internal.h"
static uint32_t conf_value_hash(const CONF_VALUE *v) {
@@ -118,7 +119,7 @@
OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(v, 0, sizeof(CONF_VALUE));
+ OPENSSL_memset(v, 0, sizeof(CONF_VALUE));
return v;
}
@@ -353,7 +354,7 @@
static CONF_VALUE *get_section(const CONF *conf, const char *section) {
CONF_VALUE template;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
return lh_CONF_VALUE_retrieve(conf->data, &template);
}
@@ -370,7 +371,7 @@
const char *name) {
CONF_VALUE template, *value;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
template.name = (char *) name;
value = lh_CONF_VALUE_retrieve(conf->data, &template);
diff --git a/src/crypto/constant_time_test.c b/src/crypto/constant_time_test.cc
similarity index 100%
rename from src/crypto/constant_time_test.c
rename to src/crypto/constant_time_test.cc
diff --git a/src/crypto/cpu-arm-linux.c b/src/crypto/cpu-arm-linux.c
index 73c38ec..95bb5ee 100644
--- a/src/crypto/cpu-arm-linux.c
+++ b/src/crypto/cpu-arm-linux.c
@@ -161,7 +161,7 @@
static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
size_t b_len = strlen(b);
- return a->len == b_len && memcmp(a->data, b, b_len) == 0;
+ return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
}
/* STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
@@ -169,7 +169,7 @@
* returns one if |sep| was found and zero otherwise. */
static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
const STRING_PIECE *in, char sep) {
- const char *p = memchr(in->data, sep, in->len);
+ const char *p = OPENSSL_memchr(in->data, sep, in->len);
if (p == NULL) {
return 0;
}
diff --git a/src/crypto/curve25519/curve25519.c b/src/crypto/curve25519/curve25519.c
index d660b6c..c91e78e 100644
--- a/src/crypto/curve25519/curve25519.c
+++ b/src/crypto/curve25519/curve25519.c
@@ -29,6 +29,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
static const int64_t kBottom25Bits = INT64_C(0x1ffffff);
@@ -204,15 +205,15 @@
/* h = f */
static void fe_copy(fe h, const fe f) {
- memmove(h, f, sizeof(int32_t) * 10);
+ OPENSSL_memmove(h, f, sizeof(int32_t) * 10);
}
/* h = 0 */
-static void fe_0(fe h) { memset(h, 0, sizeof(int32_t) * 10); }
+static void fe_0(fe h) { OPENSSL_memset(h, 0, sizeof(int32_t) * 10); }
/* h = 1 */
static void fe_1(fe h) {
- memset(h, 0, sizeof(int32_t) * 10);
+ OPENSSL_memset(h, 0, sizeof(int32_t) * 10);
h[0] = 1;
}
@@ -4662,11 +4663,11 @@
fe_neg(A.T, A.T);
uint8_t pkcopy[32];
- memcpy(pkcopy, public_key, 32);
+ OPENSSL_memcpy(pkcopy, public_key, 32);
uint8_t rcopy[32];
- memcpy(rcopy, signature, 32);
+ OPENSSL_memcpy(rcopy, signature, 32);
uint8_t scopy[32];
- memcpy(scopy, signature + 32, 32);
+ OPENSSL_memcpy(scopy, signature + 32, 32);
SHA512_CTX hash_ctx;
SHA512_Init(&hash_ctx);
@@ -4701,8 +4702,8 @@
x25519_ge_scalarmult_base(&A, az);
ge_p3_tobytes(out_public_key, &A);
- memcpy(out_private_key, seed, 32);
- memcpy(out_private_key + 32, out_public_key, 32);
+ OPENSSL_memcpy(out_private_key, seed, 32);
+ OPENSSL_memcpy(out_private_key + 32, out_public_key, 32);
}
@@ -4800,7 +4801,7 @@
fe x1, x2, z2, x3, z3, tmp0, tmp1;
uint8_t e[32];
- memcpy(e, scalar, 32);
+ OPENSSL_memcpy(e, scalar, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
@@ -4916,7 +4917,7 @@
#endif
uint8_t e[32];
- memcpy(e, private_key, 32);
+ OPENSSL_memcpy(e, private_key, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
diff --git a/src/crypto/curve25519/ed25519_test.cc b/src/crypto/curve25519/ed25519_test.cc
index 5af8ba7..7581730 100644
--- a/src/crypto/curve25519/ed25519_test.cc
+++ b/src/crypto/curve25519/ed25519_test.cc
@@ -17,6 +17,7 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -58,13 +59,13 @@
ED25519_keypair(public_key1, private_key1);
uint8_t seed[32];
- memcpy(seed, private_key1, sizeof(seed));
+ OPENSSL_memcpy(seed, private_key1, sizeof(seed));
uint8_t public_key2[32], private_key2[64];
ED25519_keypair_from_seed(public_key2, private_key2, seed);
- if (memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
- memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
+ if (OPENSSL_memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
+ OPENSSL_memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
fprintf(stderr, "TestKeypairFromSeed: resulting keypairs did not match.\n");
return false;
}
diff --git a/src/crypto/curve25519/spake25519.c b/src/crypto/curve25519/spake25519.c
index 617418c..5b794b3 100644
--- a/src/crypto/curve25519/spake25519.c
+++ b/src/crypto/curve25519/spake25519.c
@@ -22,6 +22,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
/* The following precomputation tables are for the following
@@ -291,7 +292,7 @@
return NULL;
}
- memset(ctx, 0, sizeof(SPAKE2_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(SPAKE2_CTX));
ctx->my_role = my_role;
CBS my_name_cbs, their_name_cbs;
@@ -346,7 +347,7 @@
/* Multiply by the cofactor (eight) so that we'll clear it when operating on
* the peer's point later in the protocol. */
left_shift_3(private_tmp);
- memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
+ OPENSSL_memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
ge_p3 P;
x25519_ge_scalarmult_base(&P, ctx->private_key);
@@ -354,9 +355,9 @@
/* mask = h(password) * <N or M>. */
uint8_t password_tmp[SHA512_DIGEST_LENGTH];
SHA512(password, password_len, password_tmp);
- memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
+ OPENSSL_memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
x25519_sc_reduce(password_tmp);
- memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
+ OPENSSL_memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
ge_p3 mask;
x25519_ge_scalarmult_small_precomp(&mask, ctx->password_scalar,
@@ -375,7 +376,7 @@
x25519_ge_p1p1_to_p2(&Pstar_proj, &Pstar);
x25519_ge_tobytes(ctx->my_msg, &Pstar_proj);
- memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
+ OPENSSL_memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
*out_len = sizeof(ctx->my_msg);
ctx->state = spake2_state_msg_generated;
@@ -456,7 +457,7 @@
if (to_copy > sizeof(key)) {
to_copy = sizeof(key);
}
- memcpy(out_key, key, to_copy);
+ OPENSSL_memcpy(out_key, key, to_copy);
*out_key_len = to_copy;
ctx->state = spake2_state_key_generated;
diff --git a/src/crypto/curve25519/spake25519_test.cc b/src/crypto/curve25519/spake25519_test.cc
index 363b60c..3af073d 100644
--- a/src/crypto/curve25519/spake25519_test.cc
+++ b/src/crypto/curve25519/spake25519_test.cc
@@ -20,6 +20,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
struct SPAKE2Run {
bool Run() {
@@ -71,7 +73,7 @@
}
key_matches_ = (alice_key_len == bob_key_len &&
- memcmp(alice_key, bob_key, alice_key_len) == 0);
+ OPENSSL_memcmp(alice_key, bob_key, alice_key_len) == 0);
return true;
}
diff --git a/src/crypto/curve25519/x25519-x86_64.c b/src/crypto/curve25519/x25519-x86_64.c
index 1bd86a0..9c3d414 100644
--- a/src/crypto/curve25519/x25519-x86_64.c
+++ b/src/crypto/curve25519/x25519-x86_64.c
@@ -23,6 +23,7 @@
#include <string.h>
+#include "../internal.h"
#include "internal.h"
@@ -228,7 +229,7 @@
void x25519_x86_64(uint8_t out[32], const uint8_t scalar[32],
const uint8_t point[32]) {
uint8_t e[32];
- memcpy(e, scalar, sizeof(e));
+ OPENSSL_memcpy(e, scalar, sizeof(e));
e[0] &= 248;
e[31] &= 127;
diff --git a/src/crypto/curve25519/x25519_test.cc b/src/crypto/curve25519/x25519_test.cc
index 24dfa65..b1a37d4 100644
--- a/src/crypto/curve25519/x25519_test.cc
+++ b/src/crypto/curve25519/x25519_test.cc
@@ -18,6 +18,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
static bool TestX25519() {
/* Taken from https://tools.ietf.org/html/rfc7748#section-5.2 */
@@ -40,7 +42,7 @@
0x4d, 0xf2, 0x8d, 0x08, 0x4f, 0x32, 0xec, 0xcf, 0x03, 0x49, 0x1c,
0x71, 0xf7, 0x54, 0xb4, 0x07, 0x55, 0x77, 0xa2, 0x85, 0x52,
};
- if (memcmp(kExpected1, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected1, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test one failed.\n");
return false;
}
@@ -63,7 +65,7 @@
0x5c, 0xb4, 0xb8, 0x73, 0xf8, 0x8b, 0x59, 0x5a, 0x68, 0x79, 0x9f,
0xa1, 0x52, 0xe6, 0xf8, 0xf7, 0x64, 0x7a, 0xac, 0x79, 0x57,
};
- if (memcmp(kExpected2, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected2, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test two failed.\n");
return false;
}
@@ -79,7 +81,7 @@
};
uint8_t out[32], private_key[32];
- memset(private_key, 0x11, sizeof(private_key));
+ OPENSSL_memset(private_key, 0x11, sizeof(private_key));
if (X25519(out, private_key, kSmallOrderPoint)) {
fprintf(stderr, "X25519 returned success with a small-order input.\n");
@@ -96,8 +98,8 @@
unsigned i;
for (i = 0; i < 1000; i++) {
X25519(out, scalar, point);
- memcpy(point, scalar, sizeof(point));
- memcpy(scalar, out, sizeof(scalar));
+ OPENSSL_memcpy(point, scalar, sizeof(point));
+ OPENSSL_memcpy(scalar, out, sizeof(scalar));
}
static const uint8_t kExpected[32] = {
@@ -106,7 +108,7 @@
0xe3, 0x87, 0x5f, 0x2e, 0xb9, 0x4d, 0x99, 0x53, 0x2c, 0x51,
};
- if (memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
+ if (OPENSSL_memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
fprintf(stderr, "Iterated X25519 test failed\n");
return false;
}
diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c
index 7545071..69a7ec8 100644
--- a/src/crypto/dh/dh.c
+++ b/src/crypto/dh/dh.c
@@ -79,7 +79,7 @@
return NULL;
}
- memset(dh, 0, sizeof(DH));
+ OPENSSL_memset(dh, 0, sizeof(DH));
CRYPTO_MUTEX_init(&dh->method_mont_p_lock);
diff --git a/src/crypto/dh/dh_test.cc b/src/crypto/dh/dh_test.cc
index 99bb945..8165c1a 100644
--- a/src/crypto/dh/dh_test.cc
+++ b/src/crypto/dh/dh_test.cc
@@ -68,6 +68,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
static bool RunBasicTests();
static bool RunRFC5114Tests();
@@ -470,9 +472,9 @@
}
if (static_cast<size_t>(ret1) != td->Z_len ||
- memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
+ OPENSSL_memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
static_cast<size_t>(ret2) != td->Z_len ||
- memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
+ OPENSSL_memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
fprintf(stderr, "Test failed RFC5114 set %u\n", i + 1);
return false;
}
@@ -576,7 +578,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der(der);
- if (der_len != sizeof(kParams) || memcmp(der, kParams, der_len) != 0) {
+ if (der_len != sizeof(kParams) ||
+ OPENSSL_memcmp(der, kParams, der_len) != 0) {
return false;
}
@@ -618,7 +621,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der2(der);
- if (der_len != sizeof(kParamsDSA) || memcmp(der, kParamsDSA, der_len) != 0) {
+ if (der_len != sizeof(kParamsDSA) ||
+ OPENSSL_memcmp(der, kParamsDSA, der_len) != 0) {
return false;
}
@@ -653,7 +657,7 @@
uint8_t buffer[sizeof(kPrime1536)];
if (BN_num_bytes(bn.get()) != sizeof(kPrime1536) ||
BN_bn2bin(bn.get(), buffer) != sizeof(kPrime1536) ||
- memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
+ OPENSSL_memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
fprintf(stderr, "1536-bit MODP prime did not match.\n");
return false;
}
diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c
index fdd9fe5..9c9962b 100644
--- a/src/crypto/digest/digest.c
+++ b/src/crypto/digest/digest.c
@@ -63,6 +63,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int EVP_MD_type(const EVP_MD *md) { return md->type; }
@@ -74,7 +75,9 @@
size_t EVP_MD_block_size(const EVP_MD *md) { return md->block_size; }
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { memset(ctx, 0, sizeof(EVP_MD_CTX)); }
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx) {
+ OPENSSL_memset(ctx, 0, sizeof(EVP_MD_CTX));
+}
EVP_MD_CTX *EVP_MD_CTX_create(void) {
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
@@ -140,7 +143,7 @@
return 0;
}
}
- memcpy(out->md_data, in->md_data, in->digest->ctx_size);
+ OPENSSL_memcpy(out->md_data, in->md_data, in->digest->ctx_size);
}
assert(in->pctx == NULL || in->pctx_ops != NULL);
diff --git a/src/crypto/digest/digest_test.cc b/src/crypto/digest/digest_test.cc
index 0d3f16e..8b29236 100644
--- a/src/crypto/digest/digest_test.cc
+++ b/src/crypto/digest/digest_test.cc
@@ -23,6 +23,7 @@
#include <openssl/err.h>
#include <openssl/md4.h>
#include <openssl/md5.h>
+#include <openssl/nid.h>
#include <openssl/sha.h>
#include "../internal.h"
@@ -235,9 +236,17 @@
}
static int TestGetters() {
- if (EVP_get_digestbyname("RSA-SHA512") == NULL ||
- EVP_get_digestbyname("sha512WithRSAEncryption") == NULL ||
- EVP_get_digestbyname("nonsense") != NULL) {
+ if (EVP_get_digestbyname("RSA-SHA512") != EVP_sha512() ||
+ EVP_get_digestbyname("sha512WithRSAEncryption") != EVP_sha512() ||
+ EVP_get_digestbyname("nonsense") != NULL ||
+ EVP_get_digestbyname("SHA512") != EVP_sha512() ||
+ EVP_get_digestbyname("sha512") != EVP_sha512()) {
+ return false;
+ }
+
+ if (EVP_get_digestbynid(NID_sha512) != EVP_sha512() ||
+ EVP_get_digestbynid(NID_sha512WithRSAEncryption) != NULL ||
+ EVP_get_digestbynid(NID_undef) != NULL) {
return false;
}
diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c
index 3307f26..351e031 100644
--- a/src/crypto/digest/digests.c
+++ b/src/crypto/digest/digests.c
@@ -65,6 +65,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
#if defined(NDEBUG)
#define CHECK(x) (void) (x)
@@ -262,36 +263,41 @@
};
static const struct nid_to_digest nid_to_digest_mapping[] = {
- { NID_md4, EVP_md4, SN_md4, LN_md4 },
- { NID_md5, EVP_md5, SN_md5, LN_md5 },
- { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 },
- { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 },
- { NID_sha256, EVP_sha256, SN_sha256, LN_sha256 },
- { NID_sha384, EVP_sha384, SN_sha384, LN_sha384 },
- { NID_sha512, EVP_sha512, SN_sha512, LN_sha512 },
- { NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1 },
- { NID_dsaWithSHA, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA },
- { NID_dsaWithSHA1, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1 },
- { NID_ecdsa_with_SHA1, EVP_sha1, SN_ecdsa_with_SHA1, NULL },
- { NID_md5WithRSAEncryption, EVP_md5, SN_md5WithRSAEncryption,
- LN_md5WithRSAEncryption },
- { NID_sha1WithRSAEncryption, EVP_sha1, SN_sha1WithRSAEncryption,
- LN_sha1WithRSAEncryption },
- { NID_sha224WithRSAEncryption, EVP_sha224, SN_sha224WithRSAEncryption,
- LN_sha224WithRSAEncryption },
- { NID_sha256WithRSAEncryption, EVP_sha256, SN_sha256WithRSAEncryption,
- LN_sha256WithRSAEncryption },
- { NID_sha384WithRSAEncryption, EVP_sha384, SN_sha384WithRSAEncryption,
- LN_sha384WithRSAEncryption },
- { NID_sha512WithRSAEncryption, EVP_sha512, SN_sha512WithRSAEncryption,
- LN_sha512WithRSAEncryption },
+ {NID_md4, EVP_md4, SN_md4, LN_md4},
+ {NID_md5, EVP_md5, SN_md5, LN_md5},
+ {NID_sha1, EVP_sha1, SN_sha1, LN_sha1},
+ {NID_sha224, EVP_sha224, SN_sha224, LN_sha224},
+ {NID_sha256, EVP_sha256, SN_sha256, LN_sha256},
+ {NID_sha384, EVP_sha384, SN_sha384, LN_sha384},
+ {NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
+ {NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
+ /* As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
+ * hash function when given a signature OID. To avoid unintended lax parsing
+ * of hash OIDs, this is no longer supported for lookup by OID or NID.
+ * Node.js, however, exposes |EVP_get_digestbyname|'s full behavior to
+ * consumers so we retain it there. */
+ {NID_undef, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA},
+ {NID_undef, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1},
+ {NID_undef, EVP_sha1, SN_ecdsa_with_SHA1, NULL},
+ {NID_undef, EVP_md5, SN_md5WithRSAEncryption, LN_md5WithRSAEncryption},
+ {NID_undef, EVP_sha1, SN_sha1WithRSAEncryption, LN_sha1WithRSAEncryption},
+ {NID_undef, EVP_sha224, SN_sha224WithRSAEncryption,
+ LN_sha224WithRSAEncryption},
+ {NID_undef, EVP_sha256, SN_sha256WithRSAEncryption,
+ LN_sha256WithRSAEncryption},
+ {NID_undef, EVP_sha384, SN_sha384WithRSAEncryption,
+ LN_sha384WithRSAEncryption},
+ {NID_undef, EVP_sha512, SN_sha512WithRSAEncryption,
+ LN_sha512WithRSAEncryption},
};
const EVP_MD* EVP_get_digestbynid(int nid) {
- unsigned i;
+ if (nid == NID_undef) {
+ /* Skip the |NID_undef| entries in |nid_to_digest_mapping|. */
+ return NULL;
+ }
- for (i = 0; i < sizeof(nid_to_digest_mapping) / sizeof(struct nid_to_digest);
- i++) {
+ for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
if (nid_to_digest_mapping[i].nid == nid) {
return nid_to_digest_mapping[i].md_func();
}
@@ -305,10 +311,7 @@
}
const EVP_MD *EVP_get_digestbyname(const char *name) {
- unsigned i;
-
- for (i = 0; i < sizeof(nid_to_digest_mapping) / sizeof(struct nid_to_digest);
- i++) {
+ for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
const char *short_name = nid_to_digest_mapping[i].short_name;
const char *long_name = nid_to_digest_mapping[i].long_name;
if ((short_name && strcmp(short_name, name) == 0) ||
diff --git a/src/crypto/digest/md32_common.h b/src/crypto/digest/md32_common.h
index 818eb63..45fe939 100644
--- a/src/crypto/digest/md32_common.h
+++ b/src/crypto/digest/md32_common.h
@@ -53,6 +53,8 @@
#include <assert.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -194,16 +196,16 @@
size_t n = c->num;
if (n != 0) {
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
- memcpy(c->data + n, data, HASH_CBLOCK - n);
+ OPENSSL_memcpy(c->data + n, data, HASH_CBLOCK - n);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
n = HASH_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
/* Keep |c->data| zeroed when unused. */
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
} else {
- memcpy(c->data + n, data, len);
+ OPENSSL_memcpy(c->data + n, data, len);
c->num += (unsigned)len;
return 1;
}
@@ -219,7 +221,7 @@
if (len != 0) {
c->num = (unsigned)len;
- memcpy(c->data, data, len);
+ OPENSSL_memcpy(c->data, data, len);
}
return 1;
}
@@ -240,11 +242,11 @@
/* Fill the block with zeros if there isn't room for a 64-bit length. */
if (n > (HASH_CBLOCK - 8)) {
- memset(c->data + n, 0, HASH_CBLOCK - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - n);
n = 0;
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
}
- memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
/* Append a 64-bit length to the block and process it. */
uint8_t *p = c->data + HASH_CBLOCK - 8;
@@ -258,7 +260,7 @@
assert(p == c->data + HASH_CBLOCK);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
c->num = 0;
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
HASH_MAKE_STRING(c, md);
return 1;
diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt
index de36565..4d66136 100644
--- a/src/crypto/dsa/CMakeLists.txt
+++ b/src/crypto/dsa/CMakeLists.txt
@@ -12,7 +12,7 @@
add_executable(
dsa_test
- dsa_test.c
+ dsa_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c
index 3e5894a..15583be 100644
--- a/src/crypto/dsa/dsa.c
+++ b/src/crypto/dsa/dsa.c
@@ -72,6 +72,7 @@
#include <openssl/sha.h>
#include <openssl/thread.h>
+#include "../bn/internal.h"
#include "../internal.h"
@@ -90,7 +91,7 @@
return NULL;
}
- memset(dsa, 0, sizeof(DSA));
+ OPENSSL_memset(dsa, 0, sizeof(DSA));
dsa->references = 1;
@@ -188,7 +189,7 @@
/* Only consume as much seed as is expected. */
seed_len = qsize;
}
- memcpy(seed, seed_in, seed_len);
+ OPENSSL_memcpy(seed, seed_in, seed_len);
}
ctx = BN_CTX_new();
@@ -232,8 +233,8 @@
/* If we come back through, use random seed next time. */
seed_in = NULL;
}
- memcpy(buf, seed, qsize);
- memcpy(buf2, seed, qsize);
+ OPENSSL_memcpy(buf, seed, qsize);
+ OPENSSL_memcpy(buf2, seed, qsize);
/* precompute "SEED + 1" for step 7: */
for (i = qsize - 1; i < qsize; i--) {
buf[i]++;
@@ -763,7 +764,8 @@
/* Ensure that the signature uses DER and doesn't have trailing garbage. */
int der_len = i2d_DSA_SIG(s, &der);
- if (der_len < 0 || (size_t)der_len != sig_len || memcmp(sig, der, sig_len)) {
+ if (der_len < 0 || (size_t)der_len != sig_len ||
+ OPENSSL_memcmp(sig, der, sig_len)) {
goto err;
}
@@ -813,7 +815,7 @@
int DSA_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
BIGNUM **out_r) {
BN_CTX *ctx;
- BIGNUM k, kq, qm2, *kinv = NULL, *r = NULL;
+ BIGNUM k, kq, *kinv = NULL, *r = NULL;
int ret = 0;
if (!dsa->p || !dsa->q || !dsa->g) {
@@ -823,7 +825,6 @@
BN_init(&k);
BN_init(&kq);
- BN_init(&qm2);
ctx = ctx_in;
if (ctx == NULL) {
@@ -885,9 +886,7 @@
* Theorem. */
kinv = BN_new();
if (kinv == NULL ||
- !BN_set_word(&qm2, 2) ||
- !BN_sub(&qm2, dsa->q, &qm2) ||
- !BN_mod_exp_mont(kinv, &k, &qm2, dsa->q, ctx, dsa->method_mont_q)) {
+ !bn_mod_inverse_prime(kinv, &k, dsa->q, ctx, dsa->method_mont_q)) {
goto err;
}
@@ -911,7 +910,7 @@
}
BN_clear_free(&k);
BN_clear_free(&kq);
- BN_free(&qm2);
+ BN_clear_free(kinv);
return ret;
}
diff --git a/src/crypto/dsa/dsa_test.c b/src/crypto/dsa/dsa_test.cc
similarity index 78%
rename from src/crypto/dsa/dsa_test.c
rename to src/crypto/dsa/dsa_test.cc
index 6296c8f..5fee6aa 100644
--- a/src/crypto/dsa/dsa_test.c
+++ b/src/crypto/dsa/dsa_test.cc
@@ -59,14 +59,15 @@
#include <openssl/dsa.h>
+#include <stdio.h>
#include <string.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
-static int dsa_cb(int p, int n, BN_GENCB *arg);
/* The following values are taken from the updated Appendix 5 to FIPS PUB 186
* and also appear in Appendix 5 to FIPS PUB 186-1. */
@@ -163,28 +164,59 @@
0xdc, 0xd8, 0xc8,
};
-static DSA *get_fips_dsa(void) {
- DSA *dsa = DSA_new();
+static bssl::UniquePtr<DSA> GetFIPSDSA(void) {
+ bssl::UniquePtr<DSA> dsa(DSA_new());
if (!dsa) {
- return NULL;
+ return nullptr;
}
- dsa->p = BN_bin2bn(fips_p, sizeof(fips_p), NULL);
- dsa->q = BN_bin2bn(fips_q, sizeof(fips_q), NULL);
- dsa->g = BN_bin2bn(fips_g, sizeof(fips_g), NULL);
- dsa->pub_key = BN_bin2bn(fips_y, sizeof(fips_y), NULL);
- dsa->priv_key = BN_bin2bn(fips_x, sizeof(fips_x), NULL);
- if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL ||
- dsa->pub_key == NULL || dsa->priv_key == NULL) {
- DSA_free(dsa);
- return NULL;
+ dsa->p = BN_bin2bn(fips_p, sizeof(fips_p), nullptr);
+ dsa->q = BN_bin2bn(fips_q, sizeof(fips_q), nullptr);
+ dsa->g = BN_bin2bn(fips_g, sizeof(fips_g), nullptr);
+ dsa->pub_key = BN_bin2bn(fips_y, sizeof(fips_y), nullptr);
+ dsa->priv_key = BN_bin2bn(fips_x, sizeof(fips_x), nullptr);
+ if (dsa->p == nullptr || dsa->q == nullptr || dsa->g == nullptr ||
+ dsa->pub_key == nullptr || dsa->priv_key == nullptr) {
+ return nullptr;
}
return dsa;
}
-static int test_generate(FILE *out) {
+struct GenerateContext {
+ FILE *out = nullptr;
+ int ok = 0;
+ int num = 0;
+};
+
+static int GenerateCallback(int p, int n, BN_GENCB *arg) {
+ GenerateContext *ctx = reinterpret_cast<GenerateContext *>(arg->arg);
+ char c = '*';
+ switch (p) {
+ case 0:
+ c = '.';
+ ctx->num++;
+ break;
+ case 1:
+ c = '+';
+ break;
+ case 2:
+ c = '*';
+ ctx->ok++;
+ break;
+ case 3:
+ c = '\n';
+ }
+ fputc(c, ctx->out);
+ fflush(ctx->out);
+ if (!ctx->ok && p == 0 && ctx->num > 1) {
+ fprintf(stderr, "error in dsatest\n");
+ return 0;
+ }
+ return 1;
+}
+
+static int TestGenerate(FILE *out) {
BN_GENCB cb;
- DSA *dsa = NULL;
- int counter, ok = 0, i, j;
+ int counter, i, j;
uint8_t buf[256];
unsigned long h;
uint8_t sig[256];
@@ -192,11 +224,14 @@
fprintf(out, "test generation of DSA parameters\n");
- BN_GENCB_set(&cb, dsa_cb, out);
- dsa = DSA_new();
- if (dsa == NULL ||
- !DSA_generate_parameters_ex(dsa, 512, seed, 20, &counter, &h, &cb)) {
- goto end;
+ GenerateContext ctx;
+ ctx.out = out;
+ BN_GENCB_set(&cb, GenerateCallback, &ctx);
+ bssl::UniquePtr<DSA> dsa(DSA_new());
+ if (!dsa ||
+ !DSA_generate_parameters_ex(dsa.get(), 512, seed, 20, &counter, &h,
+ &cb)) {
+ return false;
}
fprintf(out, "seed\n");
@@ -208,81 +243,74 @@
if (counter != 105) {
fprintf(stderr, "counter should be 105\n");
- goto end;
+ return false;
}
if (h != 2) {
fprintf(stderr, "h should be 2\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->q, buf);
j = sizeof(fips_q);
- if (i != j || memcmp(buf, fips_q, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_q, i) != 0) {
fprintf(stderr, "q value is wrong\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(fips_p);
- if (i != j || memcmp(buf, fips_p, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_p, i) != 0) {
fprintf(stderr, "p value is wrong\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(fips_g);
- if (i != j || memcmp(buf, fips_g, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_g, i) != 0) {
fprintf(stderr, "g value is wrong\n");
- goto end;
+ return false;
}
- if (!DSA_generate_key(dsa) ||
- !DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa)) {
- goto end;
+ if (!DSA_generate_key(dsa.get()) ||
+ !DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa.get())) {
+ return false;
}
- if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa) == 1) {
- ok = 1;
- } else {
+ if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa.get()) !=
+ 1) {
fprintf(stderr, "verification failure\n");
+ return false;
}
-end:
- DSA_free(dsa);
-
- return ok;
+ return true;
}
-static int test_verify(const uint8_t *sig, size_t sig_len, int expect) {
- int ok = 0;
- DSA *dsa = get_fips_dsa();
- if (dsa == NULL) {
- goto end;
+static bool TestVerify(const uint8_t *sig, size_t sig_len, int expect) {
+ bssl::UniquePtr<DSA> dsa = GetFIPSDSA();
+ if (!dsa) {
+ return false;
}
- int ret = DSA_verify(0, fips_digest, sizeof(fips_digest), sig, sig_len, dsa);
+ int ret =
+ DSA_verify(0, fips_digest, sizeof(fips_digest), sig, sig_len, dsa.get());
if (ret != expect) {
fprintf(stderr, "DSA_verify returned %d, want %d\n", ret, expect);
- goto end;
+ return false;
}
- ok = 1;
- /* Clear any errorrs from a test with expected failure. */
+
+ /* Clear any errors from a test with expected failure. */
ERR_clear_error();
-
-end:
- DSA_free(dsa);
-
- return ok;
+ return true;
}
int main(int argc, char **argv) {
CRYPTO_library_init();
- if (!test_generate(stdout) ||
- !test_verify(fips_sig, sizeof(fips_sig), 1) ||
- !test_verify(fips_sig_negative, sizeof(fips_sig_negative), -1) ||
- !test_verify(fips_sig_extra, sizeof(fips_sig_extra), -1) ||
- !test_verify(fips_sig_bad_length, sizeof(fips_sig_bad_length), -1) ||
- !test_verify(fips_sig_bad_r, sizeof(fips_sig_bad_r), 0)) {
+ if (!TestGenerate(stdout) ||
+ !TestVerify(fips_sig, sizeof(fips_sig), 1) ||
+ !TestVerify(fips_sig_negative, sizeof(fips_sig_negative), -1) ||
+ !TestVerify(fips_sig_extra, sizeof(fips_sig_extra), -1) ||
+ !TestVerify(fips_sig_bad_length, sizeof(fips_sig_bad_length), -1) ||
+ !TestVerify(fips_sig_bad_r, sizeof(fips_sig_bad_r), 0)) {
ERR_print_errors_fp(stderr);
return 1;
}
@@ -290,34 +318,3 @@
printf("PASS\n");
return 0;
}
-
-static int dsa_cb(int p, int n, BN_GENCB *arg) {
- char c = '*';
- static int ok = 0, num = 0;
-
- switch (p) {
- case 0:
- c = '.';
- num++;
- break;
- case 1:
- c = '+';
- break;
- case 2:
- c = '*';
- ok++;
- break;
- case 3:
- c = '\n';
- }
-
- fputc(c, arg->arg);
- fflush(arg->arg);
-
- if (!ok && p == 0 && num > 1) {
- fprintf(stderr, "error in dsatest\n");
- return 0;
- }
-
- return 1;
-}
diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c
index 7e76dfe..96bb703 100644
--- a/src/crypto/ec/ec.c
+++ b/src/crypto/ec/ec.c
@@ -350,7 +350,7 @@
OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EC_GROUP));
+ OPENSSL_memset(ret, 0, sizeof(EC_GROUP));
ret->meth = meth;
BN_init(&ret->order);
diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c
index f31e158..35c8f27 100644
--- a/src/crypto/ec/ec_asn1.c
+++ b/src/crypto/ec/ec_asn1.c
@@ -64,6 +64,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static const uint8_t kParametersTag =
@@ -271,7 +272,7 @@
!CBS_get_asn1(¶ms, &field_id, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1(&field_id, &field_type, CBS_ASN1_OBJECT) ||
CBS_len(&field_type) != sizeof(kPrimeField) ||
- memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
+ OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
!CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
!is_unsigned_integer(out_prime) ||
CBS_len(&field_id) != 0 ||
@@ -335,7 +336,7 @@
for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {
const struct built_in_curve *curve = &OPENSSL_built_in_curves[i];
if (CBS_len(&named_curve) == curve->oid_len &&
- memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
return EC_GROUP_new_by_curve_name(curve->nid);
}
}
diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c
index 3e4456c..1a93346 100644
--- a/src/crypto/ec/ec_key.c
+++ b/src/crypto/ec/ec_key.c
@@ -91,7 +91,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EC_KEY));
+ OPENSSL_memset(ret, 0, sizeof(EC_KEY));
if (engine) {
ret->ecdsa_meth = ENGINE_get_ECDSA_method(engine);
diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c
index 1253a73..4643fd2 100644
--- a/src/crypto/ec/ec_montgomery.c
+++ b/src/crypto/ec/ec_montgomery.c
@@ -71,6 +71,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../bn/internal.h"
#include "internal.h"
@@ -230,11 +231,9 @@
BIGNUM *Z_1 = BN_CTX_get(ctx);
BIGNUM *Z_2 = BN_CTX_get(ctx);
BIGNUM *Z_3 = BN_CTX_get(ctx);
- BIGNUM *field_minus_2 = BN_CTX_get(ctx);
if (Z_1 == NULL ||
Z_2 == NULL ||
- Z_3 == NULL ||
- field_minus_2 == NULL) {
+ Z_3 == NULL) {
goto err;
}
@@ -247,16 +246,12 @@
* is more efficient (at least in theory) than |BN_to_montgomery|, since it
* doesn't have to do the multiplication before the reduction.
*
- * Use Fermat's Little Theorem with |BN_mod_exp_mont_consttime| instead of
- * |BN_mod_inverse_odd| since this inversion may be done as the final step
- * of private key operations. Unfortunately, this is suboptimal for ECDSA
- * verification. */
+ * Use Fermat's Little Theorem instead of |BN_mod_inverse_odd| since this
+ * inversion may be done as the final step of private key operations.
+ * Unfortunately, this is suboptimal for ECDSA verification. */
if (!BN_from_montgomery(Z_1, &point->Z, group->mont, ctx) ||
!BN_from_montgomery(Z_1, Z_1, group->mont, ctx) ||
- !BN_copy(field_minus_2, &group->field) ||
- !BN_sub_word(field_minus_2, 2) ||
- !BN_mod_exp_mont_consttime(Z_1, Z_1, field_minus_2, &group->field,
- ctx, group->mont)) {
+ !bn_mod_inverse_prime(Z_1, Z_1, &group->field, ctx, group->mont)) {
goto err;
}
diff --git a/src/crypto/ec/p224-64.c b/src/crypto/ec/p224-64.c
index 825bbc3..7b2ae68 100644
--- a/src/crypto/ec/p224-64.c
+++ b/src/crypto/ec/p224-64.c
@@ -211,7 +211,7 @@
static int BN_to_felem(felem out, const BIGNUM *bn) {
/* BN_bn2bin eats leading zeroes */
felem_bytearray b_out;
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out) ||
BN_is_negative(bn)) {
@@ -860,7 +860,7 @@
static void select_point(const u64 idx, size_t size,
const felem pre_comp[/*size*/][3], felem out[3]) {
limb *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(felem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(felem));
for (size_t i = 0; i < size; i++) {
const limb *inlimbs = &pre_comp[i][0][0];
@@ -885,26 +885,24 @@
}
/* Interleaved point multiplication using precomputed point multiples:
- * The small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[],
- * the scalars in scalars[]. If g_scalar is non-NULL, we also add this multiple
+ * The small point multiples 0*P, 1*P, ..., 16*P are in p_pre_comp, the scalars
+ * in p_scalar, if non-NULL. If g_scalar is non-NULL, we also add this multiple
* of the generator, using certain (large) precomputed multiples in g_pre_comp.
* Output point (X, Y, Z) is stored in x_out, y_out, z_out */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
- const felem_bytearray scalars[],
- const size_t num_points, const u8 *g_scalar,
- const felem pre_comp[][17][3]) {
+static void batch_mul(felem x_out, felem y_out, felem z_out, const u8 *p_scalar,
+ const u8 *g_scalar, const felem p_pre_comp[17][3]) {
felem nq[3], tmp[4];
u64 bits;
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
- /* Loop over all scalars msb-to-lsb, interleaving additions
- * of multiples of the generator (two in each of the last 28 rounds)
- * and additions of other points multiples (every 5th round). */
+ /* Loop over both scalars msb-to-lsb, interleaving additions of multiples of
+ * the generator (two in each of the last 28 rounds) and additions of p (every
+ * 5th round). */
int skip = 1; /* save two point operations in the first round */
- size_t i = num_points != 0 ? 220 : 27;
+ size_t i = p_scalar != NULL ? 220 : 27;
for (;;) {
/* double */
if (!skip) {
@@ -925,7 +923,7 @@
point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */,
tmp[0], tmp[1], tmp[2]);
} else {
- memcpy(nq, tmp, 3 * sizeof(felem));
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
skip = 0;
}
@@ -941,30 +939,26 @@
}
/* do other additions every 5 doublings */
- if (num_points != 0 && i % 5 == 0) {
- /* loop over all scalars */
- size_t num;
- for (num = 0; num < num_points; ++num) {
- bits = get_bit(scalars[num], i + 4) << 5;
- bits |= get_bit(scalars[num], i + 3) << 4;
- bits |= get_bit(scalars[num], i + 2) << 3;
- bits |= get_bit(scalars[num], i + 1) << 2;
- bits |= get_bit(scalars[num], i) << 1;
- bits |= get_bit(scalars[num], i - 1);
- ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+ if (p_scalar != NULL && i % 5 == 0) {
+ bits = get_bit(p_scalar, i + 4) << 5;
+ bits |= get_bit(p_scalar, i + 3) << 4;
+ bits |= get_bit(p_scalar, i + 2) << 3;
+ bits |= get_bit(p_scalar, i + 1) << 2;
+ bits |= get_bit(p_scalar, i) << 1;
+ bits |= get_bit(p_scalar, i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
- /* select the point to add or subtract */
- select_point(digit, 17, pre_comp[num], tmp);
- felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative point */
- copy_conditional(tmp[1], tmp[3], sign);
+ /* select the point to add or subtract */
+ select_point(digit, 17, p_pre_comp, tmp);
+ felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative point */
+ copy_conditional(tmp[1], tmp[3], sign);
- if (!skip) {
- point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
- tmp[0], tmp[1], tmp[2]);
- } else {
- memcpy(nq, tmp, 3 * sizeof(felem));
- skip = 0;
- }
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
+ tmp[0], tmp[1], tmp[2]);
+ } else {
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
}
}
@@ -1022,30 +1016,16 @@
return 1;
}
-static int ec_GFp_nistp224_points_mul(const EC_GROUP *group,
- EC_POINT *r,
- const BIGNUM *g_scalar,
- const EC_POINT *p_,
- const BIGNUM *p_scalar_,
- BN_CTX *ctx) {
- /* TODO: This function used to take |points| and |scalars| as arrays of
- * |num| elements. The code below should be simplified to work in terms of
- * |p_| and |p_scalar_|. */
- size_t num = p_ != NULL ? 1 : 0;
- const EC_POINT **points = p_ != NULL ? &p_ : NULL;
- BIGNUM const *const *scalars = p_ != NULL ? &p_scalar_ : NULL;
-
+static int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *g_scalar, const EC_POINT *p,
+ const BIGNUM *p_scalar, BN_CTX *ctx) {
int ret = 0;
BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *z, *tmp_scalar;
- felem_bytearray g_secret;
- felem_bytearray *secrets = NULL;
- felem(*pre_comp)[17][3] = NULL;
+ felem_bytearray g_secret, p_secret;
+ felem p_pre_comp[17][3];
felem_bytearray tmp;
- size_t num_points = num;
felem x_in, y_in, z_in, x_out, y_out, z_out;
- const EC_POINT *p = NULL;
- const BIGNUM *p_scalar = NULL;
if (ctx == NULL) {
ctx = BN_CTX_new();
@@ -1063,75 +1043,53 @@
goto err;
}
- if (num_points > 0) {
- secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
- pre_comp = OPENSSL_malloc(num_points * sizeof(felem[17][3]));
- if (secrets == NULL ||
- pre_comp == NULL) {
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
+ if (p != NULL && p_scalar != NULL) {
+ /* We treat NULL scalars as 0, and NULL points as points at infinity, i.e.,
+ * they contribute nothing to the linear combination. */
+ OPENSSL_memset(&p_secret, 0, sizeof(p_secret));
+ OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp));
+ size_t num_bytes;
+ /* reduce g_scalar to 0 <= g_scalar < 2^224 */
+ if (BN_num_bits(p_scalar) > 224 || BN_is_negative(p_scalar)) {
+ /* this is an unusual input, and we don't guarantee
+ * constant-timeness */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else {
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ }
+
+ flip_endian(p_secret, tmp, num_bytes);
+ /* precompute multiples */
+ if (!BN_to_felem(x_out, &p->X) ||
+ !BN_to_felem(y_out, &p->Y) ||
+ !BN_to_felem(z_out, &p->Z)) {
goto err;
}
- /* we treat NULL scalars as 0, and NULL points as points at infinity,
- * i.e., they contribute nothing to the linear combination */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
- for (size_t i = 0; i < num_points; ++i) {
- if (i == num) {
- /* the generator */
- p = EC_GROUP_get0_generator(group);
- p_scalar = g_scalar;
+ felem_assign(p_pre_comp[1][0], x_out);
+ felem_assign(p_pre_comp[1][1], y_out);
+ felem_assign(p_pre_comp[1][2], z_out);
+
+ for (size_t j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add(p_pre_comp[j][0], p_pre_comp[j][1], p_pre_comp[j][2],
+ p_pre_comp[1][0], p_pre_comp[1][1], p_pre_comp[1][2],
+ 0, p_pre_comp[j - 1][0], p_pre_comp[j - 1][1],
+ p_pre_comp[j - 1][2]);
} else {
- /* the i^th point */
- p = points[i];
- p_scalar = scalars[i];
- }
-
- if (p_scalar != NULL && p != NULL) {
- size_t num_bytes;
- /* reduce g_scalar to 0 <= g_scalar < 2^224 */
- if (BN_num_bits(p_scalar) > 224 || BN_is_negative(p_scalar)) {
- /* this is an unusual input, and we don't guarantee
- * constant-timeness */
- if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
- OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
- goto err;
- }
- num_bytes = BN_bn2bin(tmp_scalar, tmp);
- } else {
- num_bytes = BN_bn2bin(p_scalar, tmp);
- }
-
- flip_endian(secrets[i], tmp, num_bytes);
- /* precompute multiples */
- if (!BN_to_felem(x_out, &p->X) ||
- !BN_to_felem(y_out, &p->Y) ||
- !BN_to_felem(z_out, &p->Z)) {
- goto err;
- }
-
- felem_assign(pre_comp[i][1][0], x_out);
- felem_assign(pre_comp[i][1][1], y_out);
- felem_assign(pre_comp[i][1][2], z_out);
-
- for (size_t j = 2; j <= 16; ++j) {
- if (j & 1) {
- point_add(pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
- pre_comp[i][1][0], pre_comp[i][1][1], pre_comp[i][1][2],
- 0, pre_comp[i][j - 1][0], pre_comp[i][j - 1][1],
- pre_comp[i][j - 1][2]);
- } else {
- point_double(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][j / 2][0],
- pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
- }
- }
+ point_double(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[j / 2][0],
+ p_pre_comp[j / 2][1], p_pre_comp[j / 2][2]);
}
}
}
if (g_scalar != NULL) {
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
size_t num_bytes;
/* reduce g_scalar to 0 <= g_scalar < 2^224 */
if (BN_num_bits(g_scalar) > 224 || BN_is_negative(g_scalar)) {
@@ -1147,9 +1105,9 @@
flip_endian(g_secret, tmp, num_bytes);
}
- batch_mul(x_out, y_out, z_out, (const felem_bytearray(*))secrets,
- num_points, g_scalar != NULL ? g_secret : NULL,
- (const felem(*)[17][3])pre_comp);
+ batch_mul(x_out, y_out, z_out,
+ (p != NULL && p_scalar != NULL) ? p_secret : NULL,
+ g_scalar != NULL ? g_secret : NULL, (const felem(*)[3])p_pre_comp);
/* reduce the output to its unique minimal representation */
felem_contract(x_in, x_out);
@@ -1166,8 +1124,6 @@
err:
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
- OPENSSL_free(secrets);
- OPENSSL_free(pre_comp);
return ret;
}
diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c
index 6a54200..0f32c2e 100644
--- a/src/crypto/ec/p256-64.c
+++ b/src/crypto/ec/p256-64.c
@@ -108,7 +108,7 @@
felem_bytearray b_out;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out)) {
OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE);
@@ -1402,7 +1402,7 @@
const smallfelem pre_comp[/*size*/][3],
smallfelem out[3]) {
u64 *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(smallfelem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(smallfelem));
for (size_t i = 0; i < size; i++) {
const u64 *inlimbs = (const u64 *)&pre_comp[i][0][0];
@@ -1427,28 +1427,26 @@
}
/* Interleaved point multiplication using precomputed point multiples: The
- * small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[], the scalars
- * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
- * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * small point multiples 0*P, 1*P, ..., 17*P are in p_pre_comp, the scalar
+ * in p_scalar, if non-NULL. If g_scalar is non-NULL, we also add this multiple
+ * of the generator, using certain (large) precomputed multiples in g_pre_comp.
* Output point (X, Y, Z) is stored in x_out, y_out, z_out. */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
- const felem_bytearray scalars[],
- const size_t num_points, const u8 *g_scalar,
- const smallfelem pre_comp[][17][3]) {
+static void batch_mul(felem x_out, felem y_out, felem z_out, const u8 *p_scalar,
+ const u8 *g_scalar, const smallfelem p_pre_comp[17][3]) {
felem nq[3], ftmp;
smallfelem tmp[3];
u64 bits;
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
- /* Loop over all scalars msb-to-lsb, interleaving additions of multiples
- * of the generator (two in each of the last 32 rounds) and additions of
- * other points multiples (every 5th round). */
+ /* Loop over both scalars msb-to-lsb, interleaving additions of multiples
+ * of the generator (two in each of the last 32 rounds) and additions of p
+ * (every 5th round). */
int skip = 1; /* save two point operations in the first round */
- size_t i = num_points != 0 ? 255 : 31;
+ size_t i = p_scalar != NULL ? 255 : 31;
for (;;) {
/* double */
if (!skip) {
@@ -1487,34 +1485,30 @@
}
/* do other additions every 5 doublings */
- if (num_points != 0 && i % 5 == 0) {
- /* loop over all scalars */
- size_t num;
- for (num = 0; num < num_points; ++num) {
- bits = get_bit(scalars[num], i + 4) << 5;
- bits |= get_bit(scalars[num], i + 3) << 4;
- bits |= get_bit(scalars[num], i + 2) << 3;
- bits |= get_bit(scalars[num], i + 1) << 2;
- bits |= get_bit(scalars[num], i) << 1;
- bits |= get_bit(scalars[num], i - 1);
- ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+ if (p_scalar != NULL && i % 5 == 0) {
+ bits = get_bit(p_scalar, i + 4) << 5;
+ bits |= get_bit(p_scalar, i + 3) << 4;
+ bits |= get_bit(p_scalar, i + 2) << 3;
+ bits |= get_bit(p_scalar, i + 1) << 2;
+ bits |= get_bit(p_scalar, i) << 1;
+ bits |= get_bit(p_scalar, i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
- /* select the point to add or subtract, in constant time. */
- select_point(digit, 17, pre_comp[num], tmp);
- smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
- * point */
- copy_small_conditional(ftmp, tmp[1], (((limb)sign) - 1));
- felem_contract(tmp[1], ftmp);
+ /* select the point to add or subtract, in constant time. */
+ select_point(digit, 17, p_pre_comp, tmp);
+ smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
+ * point */
+ copy_small_conditional(ftmp, tmp[1], (((limb)sign) - 1));
+ felem_contract(tmp[1], ftmp);
- if (!skip) {
- point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
- tmp[0], tmp[1], tmp[2]);
- } else {
- smallfelem_expand(nq[0], tmp[0]);
- smallfelem_expand(nq[1], tmp[1]);
- smallfelem_expand(nq[2], tmp[2]);
- skip = 0;
- }
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
+ tmp[0], tmp[1], tmp[2]);
+ } else {
+ smallfelem_expand(nq[0], tmp[0]);
+ smallfelem_expand(nq[1], tmp[1]);
+ smallfelem_expand(nq[2], tmp[2]);
+ skip = 0;
}
}
@@ -1581,31 +1575,17 @@
return 1;
}
-static int ec_GFp_nistp256_points_mul(const EC_GROUP *group,
- EC_POINT *r,
- const BIGNUM *g_scalar,
- const EC_POINT *p_,
- const BIGNUM *p_scalar_,
- BN_CTX *ctx) {
- /* TODO: This function used to take |points| and |scalars| as arrays of
- * |num| elements. The code below should be simplified to work in terms of |p|
- * and |p_scalar|. */
- size_t num = p_ != NULL ? 1 : 0;
- const EC_POINT **points = p_ != NULL ? &p_ : NULL;
- BIGNUM const *const *scalars = p_ != NULL ? &p_scalar_ : NULL;
-
+static int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *g_scalar, const EC_POINT *p,
+ const BIGNUM *p_scalar, BN_CTX *ctx) {
int ret = 0;
BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *z, *tmp_scalar;
- felem_bytearray g_secret;
- felem_bytearray *secrets = NULL;
- smallfelem(*pre_comp)[17][3] = NULL;
+ felem_bytearray g_secret, p_secret;
+ smallfelem p_pre_comp[17][3];
felem_bytearray tmp;
- size_t num_points = num;
smallfelem x_in, y_in, z_in;
felem x_out, y_out, z_out;
- const EC_POINT *p = NULL;
- const BIGNUM *p_scalar = NULL;
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
@@ -1622,65 +1602,44 @@
goto err;
}
- if (num_points > 0) {
- secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
- pre_comp = OPENSSL_malloc(num_points * sizeof(smallfelem[17][3]));
- if (secrets == NULL || pre_comp == NULL) {
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
+ if (p != NULL && p_scalar != NULL) {
+ /* We treat NULL scalars as 0, and NULL points as points at infinity, i.e.,
+ * they contribute nothing to the linear combination. */
+ OPENSSL_memset(&p_secret, 0, sizeof(p_secret));
+ OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp));
+ size_t num_bytes;
+ /* Reduce g_scalar to 0 <= g_scalar < 2^256. */
+ if (BN_num_bits(p_scalar) > 256 || BN_is_negative(p_scalar)) {
+ /* This is an unusual input, and we don't guarantee constant-timeness. */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else {
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ }
+ flip_endian(p_secret, tmp, num_bytes);
+ /* Precompute multiples. */
+ if (!BN_to_felem(x_out, &p->X) ||
+ !BN_to_felem(y_out, &p->Y) ||
+ !BN_to_felem(z_out, &p->Z)) {
goto err;
}
-
- /* we treat NULL scalars as 0, and NULL points as points at infinity,
- * i.e., they contribute nothing to the linear combination. */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
- for (size_t i = 0; i < num_points; ++i) {
- if (i == num) {
- /* we didn't have a valid precomputation, so we pick the generator. */
- p = EC_GROUP_get0_generator(group);
- p_scalar = g_scalar;
+ felem_shrink(p_pre_comp[1][0], x_out);
+ felem_shrink(p_pre_comp[1][1], y_out);
+ felem_shrink(p_pre_comp[1][2], z_out);
+ for (size_t j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add_small(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[1][0],
+ p_pre_comp[1][1], p_pre_comp[1][2],
+ p_pre_comp[j - 1][0], p_pre_comp[j - 1][1],
+ p_pre_comp[j - 1][2]);
} else {
- /* the i^th point */
- p = points[i];
- p_scalar = scalars[i];
- }
- if (p_scalar != NULL && p != NULL) {
- size_t num_bytes;
- /* reduce g_scalar to 0 <= g_scalar < 2^256 */
- if (BN_num_bits(p_scalar) > 256 || BN_is_negative(p_scalar)) {
- /* this is an unusual input, and we don't guarantee
- * constant-timeness. */
- if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
- OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
- goto err;
- }
- num_bytes = BN_bn2bin(tmp_scalar, tmp);
- } else {
- num_bytes = BN_bn2bin(p_scalar, tmp);
- }
- flip_endian(secrets[i], tmp, num_bytes);
- /* precompute multiples */
- if (!BN_to_felem(x_out, &p->X) ||
- !BN_to_felem(y_out, &p->Y) ||
- !BN_to_felem(z_out, &p->Z)) {
- goto err;
- }
- felem_shrink(pre_comp[i][1][0], x_out);
- felem_shrink(pre_comp[i][1][1], y_out);
- felem_shrink(pre_comp[i][1][2], z_out);
- for (size_t j = 2; j <= 16; ++j) {
- if (j & 1) {
- point_add_small(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][1][0],
- pre_comp[i][1][1], pre_comp[i][1][2],
- pre_comp[i][j - 1][0], pre_comp[i][j - 1][1],
- pre_comp[i][j - 1][2]);
- } else {
- point_double_small(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][j / 2][0],
- pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
- }
- }
+ point_double_small(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[j / 2][0],
+ p_pre_comp[j / 2][1], p_pre_comp[j / 2][2]);
}
}
}
@@ -1688,7 +1647,7 @@
if (g_scalar != NULL) {
size_t num_bytes;
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
/* reduce g_scalar to 0 <= g_scalar < 2^256 */
if (BN_num_bits(g_scalar) > 256 || BN_is_negative(g_scalar)) {
/* this is an unusual input, and we don't guarantee
@@ -1703,9 +1662,10 @@
}
flip_endian(g_secret, tmp, num_bytes);
}
- batch_mul(x_out, y_out, z_out, (const felem_bytearray(*))secrets,
- num_points, g_scalar != NULL ? g_secret : NULL,
- (const smallfelem(*)[17][3])pre_comp);
+ batch_mul(x_out, y_out, z_out,
+ (p != NULL && p_scalar != NULL) ? p_secret : NULL,
+ g_scalar != NULL ? g_secret : NULL,
+ (const smallfelem(*)[3]) &p_pre_comp);
/* reduce the output to its unique minimal representation */
felem_contract(x_in, x_out);
@@ -1722,8 +1682,6 @@
err:
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
- OPENSSL_free(secrets);
- OPENSSL_free(pre_comp);
return ret;
}
diff --git a/src/crypto/ec/p256-x86_64.c b/src/crypto/ec/p256-x86_64.c
index 0a3be92..2400740 100644
--- a/src/crypto/ec/p256-x86_64.c
+++ b/src/crypto/ec/p256-x86_64.c
@@ -208,8 +208,8 @@
return 0;
}
- memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
- memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
+ OPENSSL_memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
+ OPENSSL_memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
return 1;
}
@@ -441,7 +441,7 @@
/* Convert |p| from affine to Jacobian coordinates. We set Z to zero if |p|
* is infinity and |ONE| otherwise. |p| was computed from the table, so it
* is infinity iff |wvalue >> 1| is zero. */
- memset(p.p.Z, 0, sizeof(p.p.Z));
+ OPENSSL_memset(p.p.Z, 0, sizeof(p.p.Z));
copy_conditional(p.p.Z, ONE, is_not_zero(wvalue >> 1));
for (i = 1; i < 37; i++) {
diff --git a/src/crypto/ec/p256-x86_64_test.cc b/src/crypto/ec/p256-x86_64_test.cc
index 531edcf..afc3b54 100644
--- a/src/crypto/ec/p256-x86_64_test.cc
+++ b/src/crypto/ec/p256-x86_64_test.cc
@@ -38,9 +38,9 @@
// Fill a table with some garbage input.
P256_POINT table[16];
for (size_t i = 0; i < 16; i++) {
- memset(table[i].X, 3 * i, sizeof(table[i].X));
- memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
- memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
+ OPENSSL_memset(table[i].X, 3 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
}
for (int i = 0; i <= 16; i++) {
@@ -49,12 +49,12 @@
P256_POINT expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w5(%d) gave the wrong value.\n", i);
return false;
}
@@ -67,8 +67,8 @@
// Fill a table with some garbage input.
P256_POINT_AFFINE table[64];
for (size_t i = 0; i < 64; i++) {
- memset(table[i].X, 2 * i, sizeof(table[i].X));
- memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].X, 2 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
}
for (int i = 0; i <= 64; i++) {
@@ -77,12 +77,12 @@
P256_POINT_AFFINE expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w7(%d) gave the wrong value.\n", i);
return false;
}
@@ -105,7 +105,7 @@
// |byte| contains bytes in big-endian while |out| should contain |BN_ULONG|s
// in little-endian.
- memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
+ OPENSSL_memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
for (size_t i = 0; i < bytes.size(); i++) {
out[P256_LIMBS - 1 - (i / BN_BYTES)] <<= 8;
out[P256_LIMBS - 1 - (i / BN_BYTES)] |= bytes[i];
@@ -127,7 +127,7 @@
static bool ExpectFieldElementsEqual(FileTest *t, const char *message,
const BN_ULONG expected[P256_LIMBS],
const BN_ULONG actual[P256_LIMBS]) {
- if (memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
+ if (OPENSSL_memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
return true;
}
@@ -160,7 +160,7 @@
return false;
}
- memset(out, 0, sizeof(P256_POINT_AFFINE));
+ OPENSSL_memset(out, 0, sizeof(P256_POINT_AFFINE));
if (BN_is_zero(z.get())) {
// The point at infinity is represented as (0, 0).
@@ -189,8 +189,8 @@
return false;
}
- memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
- memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
+ OPENSSL_memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
+ OPENSSL_memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
return true;
}
@@ -209,7 +209,7 @@
return false;
}
- if (memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
t->PrintLine("%s", message);
t->PrintLine("Expected: (%s, %s)",
FieldElementToString(expected->X).c_str(),
@@ -237,7 +237,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(A) was incorrect.", b, ret)) {
@@ -251,7 +251,7 @@
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(B) was incorrect.", a, ret)) {
@@ -282,42 +282,42 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, b);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = A, B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, b, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(B, ret = A) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, a, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(A, ret = B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, a);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = B, A) was incorrect.", result, ret)) {
return false;
}
- if (memcmp(a, b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(a, b, sizeof(a)) == 0) {
ecp_nistz256_sqr_mont(ret, a);
if (!ExpectFieldElementsEqual(t, "ecp_nistz256_sqr_mont(A) was incorrect.",
result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_sqr_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_sqr_mont(ret = A) was incorrect.", result, ret)) {
@@ -342,7 +342,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_from_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_from_mont(ret = A) was incorrect.", result, ret)) {
@@ -379,28 +379,28 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &b);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &b, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(B, ret = A) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &a, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = B, A) was incorrect.",
&result, &ret)) {
@@ -408,7 +408,7 @@
}
P256_POINT_AFFINE a_affine, b_affine, infinity;
- memset(&infinity, 0, sizeof(infinity));
+ OPENSSL_memset(&infinity, 0, sizeof(infinity));
if (!PointToAffine(&a_affine, &a) ||
!PointToAffine(&b_affine, &b)) {
return false;
@@ -416,8 +416,8 @@
// ecp_nistz256_point_add_affine does not work when a == b unless doubling the
// point at infinity.
- if (memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
- memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
+ if (OPENSSL_memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
+ OPENSSL_memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
ecp_nistz256_point_add_affine(&ret, &a, &b_affine);
if (!ExpectPointsEqual(t,
"ecp_nistz256_point_add_affine(A, B) was incorrect.",
@@ -425,7 +425,7 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &b_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = A, B) was incorrect.",
@@ -440,7 +440,7 @@
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &a_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = B, A) was incorrect.",
@@ -449,7 +449,7 @@
}
}
- if (memcmp(&a, &b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(&a, &b, sizeof(a)) == 0) {
ecp_nistz256_point_double(&ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_double(A) was incorrect.",
&result, &ret)) {
diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c
index a1e6229..880b717 100644
--- a/src/crypto/ec/simple.c
+++ b/src/crypto/ec/simple.c
@@ -74,6 +74,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
/* Most method functions in this file are designed to work with non-trivial
@@ -988,7 +989,7 @@
if (prod_Z == NULL) {
goto err;
}
- memset(prod_Z, 0, num * sizeof(prod_Z[0]));
+ OPENSSL_memset(prod_Z, 0, num * sizeof(prod_Z[0]));
for (size_t i = 0; i < num; i++) {
prod_Z[i] = BN_new();
if (prod_Z[i] == NULL) {
diff --git a/src/crypto/ecdh/ecdh.c b/src/crypto/ecdh/ecdh.c
index 50a844e..22b216e 100644
--- a/src/crypto/ecdh/ecdh.c
+++ b/src/crypto/ecdh/ecdh.c
@@ -74,6 +74,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *priv_key,
@@ -140,7 +142,7 @@
if (buflen < outlen) {
outlen = buflen;
}
- memcpy(out, buf, outlen);
+ OPENSSL_memcpy(out, buf, outlen);
}
if (outlen > INT_MAX) {
diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c
index 6320992..3432081 100644
--- a/src/crypto/ecdsa/ecdsa.c
+++ b/src/crypto/ecdsa/ecdsa.c
@@ -60,7 +60,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../bn/internal.h"
#include "../ec/internal.h"
+#include "../internal.h"
int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig,
@@ -88,7 +90,7 @@
/* Defend against potential laxness in the DER parser. */
size_t der_len;
if (!ECDSA_SIG_to_bytes(&der, &der_len, s) ||
- der_len != sig_len || memcmp(sig, der, sig_len) != 0) {
+ der_len != sig_len || OPENSSL_memcmp(sig, der, sig_len) != 0) {
/* This should never happen. crypto/bytestring is strictly DER. */
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
goto err;
@@ -308,12 +310,9 @@
} while (BN_is_zero(r));
/* Compute the inverse of k. The order is a prime, so use Fermat's Little
- * Theorem. */
- if (!BN_set_word(tmp, 2) ||
- !BN_sub(tmp, order, tmp) ||
- /* Note |ec_group_get_mont_data| may return NULL but |BN_mod_exp_mont|
- * allows it to be. */
- !BN_mod_exp_mont(k, k, tmp, order, ctx, ec_group_get_mont_data(group))) {
+ * Theorem. Note |ec_group_get_mont_data| may return NULL but
+ * |bn_mod_inverse_prime| allows this. */
+ if (!bn_mod_inverse_prime(k, k, order, ctx, ec_group_get_mont_data(group))) {
OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB);
goto err;
}
diff --git a/src/crypto/engine/engine.c b/src/crypto/engine/engine.c
index f1037d4..141ed23 100644
--- a/src/crypto/engine/engine.c
+++ b/src/crypto/engine/engine.c
@@ -23,6 +23,8 @@
#include <openssl/rsa.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
struct engine_st {
RSA_METHOD *rsa_method;
@@ -35,7 +37,7 @@
return NULL;
}
- memset(engine, 0, sizeof(ENGINE));
+ OPENSSL_memset(engine, 0, sizeof(ENGINE));
return engine;
}
diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c
index 48d631f..cbb1260 100644
--- a/src/crypto/err/err.c
+++ b/src/crypto/err/err.c
@@ -141,7 +141,7 @@
/* err_clear clears the given queued error. */
static void err_clear(struct err_error_st *error) {
err_clear_data(error);
- memset(error, 0, sizeof(struct err_error_st));
+ OPENSSL_memset(error, 0, sizeof(struct err_error_st));
}
/* global_next_library contains the next custom library value to return. */
@@ -175,7 +175,7 @@
if (state == NULL) {
return NULL;
}
- memset(state, 0, sizeof(ERR_STATE));
+ OPENSSL_memset(state, 0, sizeof(ERR_STATE));
if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_ERR, state,
err_state_free)) {
return NULL;
@@ -349,7 +349,7 @@
#if !defined(NDEBUG)
/* This is aimed to help catch callers who don't provide
* |ERR_ERROR_STRING_BUF_LEN| bytes of space. */
- memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
+ OPENSSL_memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
#endif
ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN);
@@ -407,7 +407,7 @@
* terminating 0). If we're setting this colon, then all whole of the
* rest of the string must be colons in order to have the correct
* number. */
- memset(last_pos, ':', num_colons - i);
+ OPENSSL_memset(last_pos, ':', num_colons - i);
break;
}
@@ -675,7 +675,7 @@
buf = new_buf;
}
- memcpy(buf + len, substr, substr_len);
+ OPENSSL_memcpy(buf + len, substr, substr_len);
len = new_len;
}
diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c
index 0916092..f083879 100644
--- a/src/crypto/evp/evp.c
+++ b/src/crypto/evp/evp.c
@@ -80,7 +80,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY));
ret->type = EVP_PKEY_NONE;
ret->references = 1;
diff --git a/src/crypto/evp/evp_asn1.c b/src/crypto/evp/evp_asn1.c
index 2b24858..6c90571 100644
--- a/src/crypto/evp/evp_asn1.c
+++ b/src/crypto/evp/evp_asn1.c
@@ -84,7 +84,7 @@
for (i = 0; i < OPENSSL_ARRAY_SIZE(kASN1Methods); i++) {
const EVP_PKEY_ASN1_METHOD *method = kASN1Methods[i];
if (CBS_len(&oid) == method->oid_len &&
- memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
*out_type = method->pkey_id;
return 1;
}
diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c
index f7d4b41..8cf23bb 100644
--- a/src/crypto/evp/evp_ctx.c
+++ b/src/crypto/evp/evp_ctx.c
@@ -61,6 +61,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
#include "internal.h"
@@ -105,7 +106,7 @@
OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));
ret->engine = e;
ret->pmeth = pmeth;
@@ -159,7 +160,7 @@
return NULL;
}
- memset(rctx, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(EVP_PKEY_CTX));
rctx->pmeth = pctx->pmeth;
rctx->engine = pctx->engine;
diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc
index 4d41760..2758917 100644
--- a/src/crypto/evp/evp_extra_test.cc
+++ b/src/crypto/evp/evp_extra_test.cc
@@ -27,6 +27,8 @@
#include <openssl/pkcs8.h>
#include <openssl/rsa.h>
+#include "../internal.h"
+
// kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
// should never use this key anywhere but in an example.
@@ -469,7 +471,7 @@
return false;
}
- if (memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
+ if (OPENSSL_memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
fprintf(stderr, "verify_recover got wrong value.\n");
ERR_print_errors_fp(stderr);
return false;
diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc
index bfaa38a..d03c61f 100644
--- a/src/crypto/evp/evp_test.cc
+++ b/src/crypto/evp/evp_test.cc
@@ -72,6 +72,7 @@
#include <openssl/crypto.h>
#include <openssl/digest.h>
#include <openssl/err.h>
+#include <openssl/rsa.h>
#include "../test/file_test.h"
@@ -113,6 +114,23 @@
return EVP_PKEY_NONE;
}
+static int GetRSAPadding(FileTest *t, int *out, const std::string &name) {
+ if (name == "PKCS1") {
+ *out = RSA_PKCS1_PADDING;
+ return true;
+ }
+ if (name == "PSS") {
+ *out = RSA_PKCS1_PSS_PADDING;
+ return true;
+ }
+ if (name == "OAEP") {
+ *out = RSA_PKCS1_OAEP_PADDING;
+ return true;
+ }
+ t->PrintLine("Unknown RSA padding mode: '%s'", name.c_str());
+ return false;
+}
+
using KeyMap = std::map<std::string, bssl::UniquePtr<EVP_PKEY>>;
static bool ImportKey(FileTest *t, KeyMap *key_map,
@@ -224,6 +242,25 @@
return false;
}
}
+ if (t->HasAttribute("RSAPadding")) {
+ int padding;
+ if (!GetRSAPadding(t, &padding, t->GetAttributeOrDie("RSAPadding")) ||
+ !EVP_PKEY_CTX_set_rsa_padding(ctx.get(), padding)) {
+ return false;
+ }
+ }
+ if (t->HasAttribute("PSSSaltLength") &&
+ !EVP_PKEY_CTX_set_rsa_pss_saltlen(
+ ctx.get(), atoi(t->GetAttributeOrDie("PSSSaltLength").c_str()))) {
+ return false;
+ }
+ if (t->HasAttribute("MGF1Digest")) {
+ const EVP_MD *digest = GetDigest(t, t->GetAttributeOrDie("MGF1Digest"));
+ if (digest == nullptr ||
+ !EVP_PKEY_CTX_set_rsa_mgf1_md(ctx.get(), digest)) {
+ return false;
+ }
+ }
if (t->GetType() == "Verify") {
if (!EVP_PKEY_verify(ctx.get(), output.data(), output.size(), input.data(),
diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt
index 7c316d8..eaee888 100644
--- a/src/crypto/evp/evp_tests.txt
+++ b/src/crypto/evp/evp_tests.txt
@@ -155,6 +155,111 @@
Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
Error = BAD_SIGNATURE
+
+# RSA-PSS tests.
+
+# Zero salt length makes the output deterministic
+Sign = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+
+# Verify of above signature
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+
+# Wrong digest
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "00000000000000000000000000000000"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = BAD_SIGNATURE
+
+# Digest too short
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDE"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = INVALID_DIGEST_LENGTH
+
+# Digest too long
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF0"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = INVALID_DIGEST_LENGTH
+
+# Wrong salt length
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 2
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = SLEN_CHECK_FAILED
+
+# Wrong MGF1 digest, SHA-1
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+MGF1Digest = SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+# If SHA-1, this input happens to succeed recovering a salt length, but it does
+# not match.
+Error = SLEN_CHECK_FAILED
+
+# Wrong MGF1 digest, SHA-384
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+MGF1Digest = SHA384
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+# If SHA-384, this input happens fail to recover the salt length altogether.
+Error = SLEN_RECOVERY_FAILED
+
+
+# RSA decrypt
+
+Decrypt = RSA-2048
+Input = 550af55a2904e7b9762352f8fb7fa235a9cb053aacb2d5fcb8ca48453cb2ee3619746c701abf2d4cc67003471a187900b05aa812bd25ed05c675dfc8c97a24a7bf49bd6214992cad766d05a9a2b57b74f26a737e0237b8b76c45f1f226a836d7cfbc75ba999bdbe48dbc09227aa46c88f21dccba7840141ad5a5d71fd122e6bd6ac3e564780dfe623fc1ca9b995a6037bf0bbd43b205a84ac5444f34202c05ce9113087176432476576de6ffff9a52ea57c08be3ec2f49676cb8e12f762ac71fa3c321e00ac988910c85ff52f93825666ce0d40ffaa0592078919d4493f46d95ccf76364c6d57760dd0b64805f9afc76a2365a5575ca301d5103f0ea76cb9a78
+Output = "Hello World"
+
+# Corrupted ciphertext
+Decrypt = RSA-2048
+Input = 550af55a2904e7b9762352f8fb7fa235a9cb053aacb2d5fcb8ca48453cb2ee3619746c701abf2d4cc67003471a187900b05aa812bd25ed05c675dfc8c97a24a7bf49bd6214992cad766d05a9a2b57b74f26a737e0237b8b76c45f1f226a836d7cfbc75ba999bdbe48dbc09227aa46c88f21dccba7840141ad5a5d71fd122e6bd6ac3e564780dfe623fc1ca9b995a6037bf0bbd43b205a84ac5444f34202c05ce9113087176432476576de6ffff9a52ea57c08be3ec2f49676cb8e12f762ac71fa3c321e00ac988910c85ff52f93825666ce0d40ffaa0592078919d4493f46d95ccf76364c6d57760dd0b64805f9afc76a2365a5575ca301d5103f0ea76cb9a79
+Output = "Hello World"
+Error = PKCS_DECODING_ERROR
+
+# OAEP padding
+Decrypt = RSA-2048
+RSAPadding = OAEP
+Input = 458708dfbd42a1297ce7a9c86c7087ab80b1754810929b89c5107ca55368587686986fce94d86cc1595b3fb736223a656ec0f34d18ba1cc5665593610f56c58e26b272d584f3d983a5c91085700755aebd921fb280bba3eda7046ec07b43e7298e52d59edc92be4639a8ce08b2f85976ecf6d98cc469eeb9d5d8e2a32ea8a6626edafe1038b3df455668a9f3c77cad8b92fb872e00058c3d2a7ede1a1f03fc5622084ae04d9d24f6bf0995c58d35b93b699b9763595e123f2ab0863cc9229eb290e2ede7715c7a8f39e0b9a3e2e1b56ebb62f1cbfbb5986fb212ebd785b83d01d968b11d1756c7337f70c1f1a63bff03608e24f3a2fd44e67f832a8701c5d5af
+Output = "Hello World"
+
+# OAEP padding, corrupted ciphertext
+Decrypt = RSA-2048
+RSAPadding = OAEP
+Input = 458708dfbd42a1297ce7a9c86c7087ab80b1754810929b89c5107ca55368587686986fce94d86cc1595b3fb736223a656ec0f34d18ba1cc5665593610f56c58e26b272d584f3d983a5c91085700755aebd921fb280bba3eda7046ec07b43e7298e52d59edc92be4639a8ce08b2f85976ecf6d98cc469eeb9d5d8e2a32ea8a6626edafe1038b3df455668a9f3c77cad8b92fb872e00058c3d2a7ede1a1f03fc5622084ae04d9d24f6bf0995c58d35b93b699b9763595e123f2ab0863cc9229eb290e2ede7715c7a8f39e0b9a3e2e1b56ebb62f1cbfbb5986fb212ebd785b83d01d968b11d1756c7337f70c1f1a63bff03608e24f3a2fd44e67f832a8701c5d5ac
+Output = "Hello World"
+Error = OAEP_DECODING_ERROR
+
+
# EC tests
Verify = P-256
diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c
index f92c87c..dc1ea6f 100644
--- a/src/crypto/evp/p_ec.c
+++ b/src/crypto/evp/p_ec.c
@@ -70,6 +70,7 @@
#include "internal.h"
#include "../ec/internal.h"
+#include "../internal.h"
typedef struct {
@@ -84,7 +85,7 @@
if (!dctx) {
return 0;
}
- memset(dctx, 0, sizeof(EC_PKEY_CTX));
+ OPENSSL_memset(dctx, 0, sizeof(EC_PKEY_CTX));
ctx->data = dctx;
diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c
index a210657..ea2ba99 100644
--- a/src/crypto/evp/p_rsa.c
+++ b/src/crypto/evp/p_rsa.c
@@ -67,6 +67,7 @@
#include <openssl/nid.h>
#include <openssl/rsa.h>
+#include "../internal.h"
#include "../rsa/internal.h"
#include "internal.h"
@@ -97,7 +98,7 @@
if (!rctx) {
return 0;
}
- memset(rctx, 0, sizeof(RSA_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(RSA_PKEY_CTX));
rctx->nbits = 2048;
rctx->pad_mode = RSA_PKCS1_PADDING;
@@ -231,6 +232,11 @@
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa);
case RSA_PKCS1_PSS_PADDING:
+ if (tbslen != EVP_MD_size(rctx->md)) {
+ OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH);
+ return 0;
+ }
+
if (!setup_tbuf(rctx, ctx) ||
!RSA_verify_raw(rsa, &rslen, rctx->tbuf, key_len, sig, siglen,
RSA_NO_PADDING) ||
@@ -284,7 +290,7 @@
return 0;
}
*out_len = ret;
- memcpy(out, rctx->tbuf, *out_len);
+ OPENSSL_memcpy(out, rctx->tbuf, *out_len);
return 1;
}
@@ -324,7 +330,7 @@
}
if (out != NULL) {
- memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
+ OPENSSL_memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
}
*out_len = result_len;
diff --git a/src/crypto/evp/pbkdf.c b/src/crypto/evp/pbkdf.c
index b06b922..1792cdc 100644
--- a/src/crypto/evp/pbkdf.c
+++ b/src/crypto/evp/pbkdf.c
@@ -59,6 +59,8 @@
#include <openssl/hmac.h>
+#include "../internal.h"
+
int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
const uint8_t *salt, size_t salt_len, unsigned iterations,
@@ -101,7 +103,7 @@
return 0;
}
HMAC_CTX_cleanup(&hctx);
- memcpy(p, digest_tmp, cplen);
+ OPENSSL_memcpy(p, digest_tmp, cplen);
for (j = 1; j < iterations; j++) {
if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
HMAC_CTX_cleanup(&hctx_tpl);
diff --git a/src/crypto/evp/pbkdf_test.cc b/src/crypto/evp/pbkdf_test.cc
index 438ab64..5284700 100644
--- a/src/crypto/evp/pbkdf_test.cc
+++ b/src/crypto/evp/pbkdf_test.cc
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/evp.h>
+#include "../internal.h"
+
// Prints out the data buffer as a sequence of hex bytes.
static void PrintDataHex(const void *data, size_t len) {
@@ -49,7 +51,7 @@
return false;
}
- if (memcmp(key, expected_key, key_len) != 0) {
+ if (OPENSSL_memcmp(key, expected_key, key_len) != 0) {
fprintf(stderr, "Resulting key material does not match expectation\n");
fprintf(stderr, "Expected:\n ");
PrintDataHex(expected_key, key_len);
diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt
index d9db933..3056a54 100644
--- a/src/crypto/hkdf/CMakeLists.txt
+++ b/src/crypto/hkdf/CMakeLists.txt
@@ -11,7 +11,7 @@
add_executable(
hkdf_test
- hkdf_test.c
+ hkdf_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/hkdf/hkdf.c b/src/crypto/hkdf/hkdf.c
index f21cb42..ae43b69 100644
--- a/src/crypto/hkdf/hkdf.c
+++ b/src/crypto/hkdf/hkdf.c
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/hmac.h>
+#include "../internal.h"
+
int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
const uint8_t *secret, size_t secret_len, const uint8_t *salt,
@@ -95,7 +97,7 @@
if (done + todo > out_len) {
todo = out_len - done;
}
- memcpy(out_key + done, previous, todo);
+ OPENSSL_memcpy(out_key + done, previous, todo);
done += todo;
}
diff --git a/src/crypto/hkdf/hkdf_test.c b/src/crypto/hkdf/hkdf_test.cc
similarity index 95%
rename from src/crypto/hkdf/hkdf_test.c
rename to src/crypto/hkdf/hkdf_test.cc
index 4499cc0..164fa1f 100644
--- a/src/crypto/hkdf/hkdf_test.c
+++ b/src/crypto/hkdf/hkdf_test.cc
@@ -24,7 +24,7 @@
#include "../test/test_util.h"
-typedef struct {
+struct HKDFTestVector {
const EVP_MD *(*md_func)(void);
const uint8_t ikm[80];
const size_t ikm_len;
@@ -36,10 +36,10 @@
const size_t prk_len;
const size_t out_len;
const uint8_t out[82];
-} hkdf_test_vector_t;
+};
/* These test vectors are from RFC 5869. */
-static const hkdf_test_vector_t kTests[] = {
+static const HKDFTestVector kTests[] = {
{
EVP_sha256,
{
@@ -248,13 +248,12 @@
};
int main(void) {
- uint8_t buf[82], prk[EVP_MAX_MD_SIZE];
- size_t i, prk_len;
-
CRYPTO_library_init();
- for (i = 0; i < OPENSSL_ARRAY_SIZE(kTests); i++) {
- const hkdf_test_vector_t *test = &kTests[i];
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTests); i++) {
+ const HKDFTestVector *test = &kTests[i];
+ uint8_t prk[EVP_MAX_MD_SIZE];
+ size_t prk_len;
if (!HKDF_extract(prk, &prk_len, test->md_func(), test->ikm, test->ikm_len,
test->salt, test->salt_len)) {
fprintf(stderr, "Call to HKDF_extract failed\n");
@@ -262,17 +261,18 @@
return 1;
}
if (prk_len != test->prk_len ||
- memcmp(prk, test->prk, test->prk_len) != 0) {
+ OPENSSL_memcmp(prk, test->prk, test->prk_len) != 0) {
fprintf(stderr, "%zu: Resulting PRK does not match test vector\n", i);
return 1;
}
+ uint8_t buf[82];
if (!HKDF_expand(buf, test->out_len, test->md_func(), prk, prk_len,
test->info, test->info_len)) {
fprintf(stderr, "Call to HKDF_expand failed\n");
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
@@ -284,7 +284,7 @@
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
@@ -292,6 +292,5 @@
}
printf("PASS\n");
- ERR_free_strings();
return 0;
}
diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c
index 2eae9e8..a252667 100644
--- a/src/crypto/hmac/hmac.c
+++ b/src/crypto/hmac/hmac.c
@@ -62,6 +62,8 @@
#include <openssl/digest.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
const uint8_t *data, size_t data_len, uint8_t *out,
@@ -130,12 +132,12 @@
}
} else {
assert(key_len <= sizeof(key_block));
- memcpy(key_block, key, key_len);
+ OPENSSL_memcpy(key_block, key, key_len);
key_block_len = (unsigned)key_len;
}
/* Keys are then padded with zeros. */
if (key_block_len != EVP_MAX_MD_BLOCK_SIZE) {
- memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
+ OPENSSL_memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
}
for (size_t i = 0; i < EVP_MAX_MD_BLOCK_SIZE; i++) {
diff --git a/src/crypto/internal.h b/src/crypto/internal.h
index 896cc3b..2724956 100644
--- a/src/crypto/internal.h
+++ b/src/crypto/internal.h
@@ -112,6 +112,8 @@
#include <openssl/ex_data.h>
#include <openssl/thread.h>
+#include <string.h>
+
#if defined(_MSC_VER)
#if !defined(__cplusplus) || _MSC_VER < 1900
#define alignas(x) __declspec(align(x))
@@ -520,6 +522,85 @@
void *obj, CRYPTO_EX_DATA *ad);
+/* Language bug workarounds.
+ *
+ * Most C standard library functions are undefined if passed NULL, even when the
+ * corresponding length is zero. This gives them (and, in turn, all functions
+ * which call them) surprising behavior on empty arrays. Some compilers will
+ * miscompile code due to this rule. See also
+ * https://www.imperialviolet.org/2016/06/26/nonnull.html
+ *
+ * These wrapper functions behave the same as the corresponding C standard
+ * functions, but behave as expected when passed NULL if the length is zero.
+ *
+ * Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|. */
+
+/* C++ defines |memchr| as a const-correct overload. */
+#if defined(__cplusplus)
+extern "C++" {
+
+static inline const void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+static inline void *OPENSSL_memchr(void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+} /* extern "C++" */
+#else /* __cplusplus */
+
+static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+#endif /* __cplusplus */
+
+static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) {
+ if (n == 0) {
+ return 0;
+ }
+
+ return memcmp(s1, s2, n);
+}
+
+static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memcpy(dst, src, n);
+}
+
+static inline void *OPENSSL_memmove(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memmove(dst, src, n);
+}
+
+static inline void *OPENSSL_memset(void *dst, int c, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memset(dst, c, n);
+}
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt
index 4f4dea7..bd6005b 100644
--- a/src/crypto/lhash/CMakeLists.txt
+++ b/src/crypto/lhash/CMakeLists.txt
@@ -11,7 +11,7 @@
add_executable(
lhash_test
- lhash_test.c
+ lhash_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/lhash/lhash.c b/src/crypto/lhash/lhash.c
index 233f34f..27960d9 100644
--- a/src/crypto/lhash/lhash.c
+++ b/src/crypto/lhash/lhash.c
@@ -62,6 +62,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinNumBuckets is the minimum size of the buckets array in an |_LHASH|. */
static const size_t kMinNumBuckets = 16;
@@ -71,13 +74,11 @@
static const size_t kMinAverageChainLength = 1;
_LHASH *lh_new(lhash_hash_func hash, lhash_cmp_func comp) {
- _LHASH *ret;
-
- ret = OPENSSL_malloc(sizeof(_LHASH));
+ _LHASH *ret = OPENSSL_malloc(sizeof(_LHASH));
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(_LHASH));
+ OPENSSL_memset(ret, 0, sizeof(_LHASH));
ret->num_buckets = kMinNumBuckets;
ret->buckets = OPENSSL_malloc(sizeof(LHASH_ITEM *) * ret->num_buckets);
@@ -85,17 +86,10 @@
OPENSSL_free(ret);
return NULL;
}
- memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
+ OPENSSL_memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
ret->comp = comp;
- if (ret->comp == NULL) {
- ret->comp = (lhash_cmp_func) strcmp;
- }
ret->hash = hash;
- if (ret->hash == NULL) {
- ret->hash = (lhash_hash_func) lh_strhash;
- }
-
return ret;
}
@@ -173,7 +167,7 @@
if (new_buckets == NULL) {
return;
}
- memset(new_buckets, 0, alloc_size);
+ OPENSSL_memset(new_buckets, 0, alloc_size);
for (i = 0; i < lh->num_buckets; i++) {
for (cur = lh->buckets[i]; cur != NULL; cur = next) {
diff --git a/src/crypto/lhash/lhash_test.c b/src/crypto/lhash/lhash_test.c
deleted file mode 100644
index 309b765..0000000
--- a/src/crypto/lhash/lhash_test.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#if !defined(_POSIX_C_SOURCE)
-#define _POSIX_C_SOURCE 201410L
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-struct dummy_lhash_node {
- char *s;
- struct dummy_lhash_node *next;
-};
-
-struct dummy_lhash {
- struct dummy_lhash_node *head;
-};
-
-static void dummy_lh_free(struct dummy_lhash *lh) {
- struct dummy_lhash_node *cur, *next;
-
- for (cur = lh->head; cur != NULL; cur = next) {
- next = cur->next;
- free(cur->s);
- free(cur);
- }
-}
-
-static size_t dummy_lh_num_items(const struct dummy_lhash *lh) {
- size_t count = 0;
- struct dummy_lhash_node *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- count++;
- }
-
- return count;
-}
-
-static char *dummy_lh_retrieve(struct dummy_lhash *lh, const char *s) {
- struct dummy_lhash_node *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- return cur->s;
- }
- }
-
- return NULL;
-}
-
-static int dummy_lh_insert(struct dummy_lhash *lh, char **old_data, char *s) {
- struct dummy_lhash_node *node, *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- *old_data = cur->s;
- cur->s = s;
- return 1;
- }
- }
-
- node = malloc(sizeof(struct dummy_lhash_node));
- *old_data = NULL;
- node->s = s;
- node->next = lh->head;
- lh->head = node;
- return 1;
-}
-
-static char *dummy_lh_delete(struct dummy_lhash *lh, const void *s) {
- struct dummy_lhash_node *cur, **next_ptr;
- char *ret;
-
- next_ptr = &lh->head;
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- ret = cur->s;
- *next_ptr = cur->next;
- free(cur);
- return ret;
- }
- next_ptr = &cur->next;
- }
-
- return NULL;
-}
-
-static char *rand_string(void) {
- unsigned len = 1 + (rand() % 3);
- char *ret = malloc(len + 1);
- unsigned i;
-
- for (i = 0; i < len; i++) {
- ret[i] = '0' + (rand() & 7);
- }
- ret[i] = 0;
-
- return ret;
-}
-
-int main(int argc, char **argv) {
- _LHASH *lh;
- struct dummy_lhash dummy_lh = {NULL};
- unsigned i;
-
- CRYPTO_library_init();
-
- lh = lh_new(NULL, NULL);
- if (lh == NULL) {
- return 1;
- }
-
- for (i = 0; i < 100000; i++) {
- unsigned action;
- char *s, *s1, *s2;
-
- if (dummy_lh_num_items(&dummy_lh) != lh_num_items(lh)) {
- fprintf(stderr, "Length mismatch\n");
- return 1;
- }
-
- action = rand() % 3;
- switch (action) {
- case 0:
- s = rand_string();
- s1 = (char *)lh_retrieve(lh, s);
- s2 = dummy_lh_retrieve(&dummy_lh, s);
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_retrieve failure\n");
- abort();
- }
- free(s);
- break;
-
- case 1:
- s = rand_string();
- lh_insert(lh, (void **)&s1, s);
-#if defined(OPENSSL_WINDOWS)
- dummy_lh_insert(&dummy_lh, &s2, _strdup(s));
-#else
- dummy_lh_insert(&dummy_lh, &s2, strdup(s));
-#endif
-
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_insert failure\n");
- abort();
- }
-
- if (s1) {
- free(s1);
- }
- if (s2) {
- free(s2);
- }
- break;
-
- case 2:
- s = rand_string();
- s1 = lh_delete(lh, s);
- s2 = dummy_lh_delete(&dummy_lh, s);
-
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_insert failure\n");
- abort();
- }
-
- if (s1) {
- free(s1);
- }
- if (s2) {
- free(s2);
- }
- free(s);
- break;
-
- default:
- abort();
- }
- }
-
- lh_doall(lh, free);
- lh_free(lh);
- dummy_lh_free(&dummy_lh);
- printf("PASS\n");
- return 0;
-}
diff --git a/src/crypto/lhash/lhash_test.cc b/src/crypto/lhash/lhash_test.cc
new file mode 100644
index 0000000..cbeb15b
--- /dev/null
+++ b/src/crypto/lhash/lhash_test.cc
@@ -0,0 +1,161 @@
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 201410L
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <algorithm>
+#include <memory>
+#include <map>
+#include <string>
+#include <utility>
+#include <vector>
+
+
+static std::unique_ptr<char[]> RandString(void) {
+ unsigned len = 1 + (rand() % 3);
+ std::unique_ptr<char[]> ret(new char[len + 1]);
+
+ for (unsigned i = 0; i < len; i++) {
+ ret[i] = '0' + (rand() & 7);
+ }
+ ret[len] = 0;
+
+ return ret;
+}
+
+struct FreeLHASH {
+ void operator()(_LHASH *lh) { lh_free(lh); }
+};
+
+static const char *Lookup(
+ std::map<std::string, std::unique_ptr<char[]>> *dummy_lh, const char *key) {
+ // Using operator[] implicitly inserts into the map.
+ auto iter = dummy_lh->find(key);
+ if (iter == dummy_lh->end()) {
+ return nullptr;
+ }
+ return iter->second.get();
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ std::unique_ptr<_LHASH, FreeLHASH> lh(
+ lh_new((lhash_hash_func)lh_strhash, (lhash_cmp_func)strcmp));
+ if (!lh) {
+ return 1;
+ }
+
+ // lh is expected to store a canonical instance of each string. dummy_lh
+ // mirrors what it stores for comparison. It also manages ownership of the
+ // pointers.
+ std::map<std::string, std::unique_ptr<char[]>> dummy_lh;
+
+ for (unsigned i = 0; i < 100000; i++) {
+ if (dummy_lh.size() != lh_num_items(lh.get())) {
+ fprintf(stderr, "Length mismatch\n");
+ return 1;
+ }
+
+ // Check the entire contents and test |lh_doall_arg|. This takes O(N) time,
+ // so only do it every few iterations.
+ //
+ // TODO(davidben): |lh_doall_arg| also supports modifying the hash in the
+ // callback. Test this.
+ if (i % 1000 == 0) {
+ using ValueList = std::vector<const char *>;
+ ValueList expected, actual;
+ for (const auto &pair : dummy_lh) {
+ expected.push_back(pair.second.get());
+ }
+ std::sort(expected.begin(), expected.end());
+
+ lh_doall_arg(lh.get(),
+ [](void *ptr, void *arg) {
+ ValueList *out = reinterpret_cast<ValueList *>(arg);
+ out->push_back(reinterpret_cast<char *>(ptr));
+ },
+ &actual);
+ std::sort(actual.begin(), actual.end());
+
+ if (expected != actual) {
+ fprintf(stderr, "Contents mismatch\n");
+ return 1;
+ }
+ }
+
+ enum Action {
+ kRetrieve = 0,
+ kInsert,
+ kDelete,
+ };
+
+ Action action = static_cast<Action>(rand() % 3);
+ switch (action) {
+ case kRetrieve: {
+ std::unique_ptr<char[]> key = RandString();
+ void *value = lh_retrieve(lh.get(), key.get());
+ if (value != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_retrieve failure\n");
+ return 1;
+ }
+ break;
+ }
+
+ case kInsert: {
+ std::unique_ptr<char[]> key = RandString();
+ void *previous;
+ if (!lh_insert(lh.get(), &previous, key.get())) {
+ return 1;
+ }
+
+ if (previous != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_insert failure\n");
+ return 1;
+ }
+
+ dummy_lh[key.get()] = std::move(key);
+ break;
+ }
+
+ case kDelete: {
+ std::unique_ptr<char[]> key = RandString();
+ void *value = lh_delete(lh.get(), key.get());
+
+ if (value != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_delete failure\n");
+ return 1;
+ }
+
+ dummy_lh.erase(key.get());
+ break;
+ }
+
+ default:
+ abort();
+ }
+ }
+
+ printf("PASS\n");
+ return 0;
+}
diff --git a/src/crypto/md4/md4.c b/src/crypto/md4/md4.c
index 7da3ec8..0046c21 100644
--- a/src/crypto/md4/md4.c
+++ b/src/crypto/md4/md4.c
@@ -59,6 +59,8 @@
#include <stdlib.h>
#include <string.h>
+#include "../internal.h"
+
uint8_t *MD4(const uint8_t *data, size_t len, uint8_t *out) {
MD4_CTX ctx;
@@ -72,7 +74,7 @@
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm. */
int MD4_Init(MD4_CTX *md4) {
- memset(md4, 0, sizeof(MD4_CTX));
+ OPENSSL_memset(md4, 0, sizeof(MD4_CTX));
md4->h[0] = 0x67452301UL;
md4->h[1] = 0xefcdab89UL;
md4->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c
index a66fa7f..7712f47 100644
--- a/src/crypto/md5/md5.c
+++ b/src/crypto/md5/md5.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out) {
MD5_CTX ctx;
@@ -78,7 +80,7 @@
}
int MD5_Init(MD5_CTX *md5) {
- memset(md5, 0, sizeof(MD5_CTX));
+ OPENSSL_memset(md5, 0, sizeof(MD5_CTX));
md5->h[0] = 0x67452301UL;
md5->h[1] = 0xefcdab89UL;
md5->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/mem.c b/src/crypto/mem.c
index ee34767..390ca2e 100644
--- a/src/crypto/mem.c
+++ b/src/crypto/mem.c
@@ -73,6 +73,8 @@
#include <strings.h>
#endif
+#include "internal.h"
+
void *OPENSSL_realloc_clean(void *ptr, size_t old_size, size_t new_size) {
if (ptr == NULL) {
@@ -94,7 +96,7 @@
return NULL;
}
- memcpy(ret, ptr, old_size);
+ OPENSSL_memcpy(ret, ptr, old_size);
OPENSSL_cleanse(ptr, old_size);
OPENSSL_free(ptr);
return ret;
@@ -104,7 +106,7 @@
#if defined(OPENSSL_WINDOWS)
SecureZeroMemory(ptr, len);
#else
- memset(ptr, 0, len);
+ OPENSSL_memset(ptr, 0, len);
#if !defined(OPENSSL_NO_ASM)
/* As best as we can tell, this is sufficient to break any optimisations that
diff --git a/src/crypto/modes/cbc.c b/src/crypto/modes/cbc.c
index 6e9fe24..12d551c 100644
--- a/src/crypto/modes/cbc.c
+++ b/src/crypto/modes/cbc.c
@@ -103,7 +103,7 @@
out += 16;
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
}
void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len,
@@ -154,7 +154,7 @@
out += 16;
}
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
} else {
/* |out| is less than two blocks behind |in|. Decrypting an input block
* directly to |out| would overwrite a ciphertext block before it is used as
diff --git a/src/crypto/modes/cfb.c b/src/crypto/modes/cfb.c
index 51b883e..af15255 100644
--- a/src/crypto/modes/cfb.c
+++ b/src/crypto/modes/cfb.c
@@ -167,7 +167,7 @@
}
/* fill in the first half of the new IV with the current IV */
- memcpy(ovec, ivec, 16);
+ OPENSSL_memcpy(ovec, ivec, 16);
/* construct the new IV */
(*block)(ivec, ivec, key);
num = (nbits + 7) / 8;
@@ -186,7 +186,7 @@
rem = nbits % 8;
num = nbits / 8;
if (rem == 0) {
- memcpy(ivec, ovec + num, 16);
+ OPENSSL_memcpy(ivec, ovec + num, 16);
} else {
for (n = 0; n < 16; ++n) {
ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
diff --git a/src/crypto/modes/ctr.c b/src/crypto/modes/ctr.c
index b84e72c..c026d15 100644
--- a/src/crypto/modes/ctr.c
+++ b/src/crypto/modes/ctr.c
@@ -202,7 +202,7 @@
in += blocks;
}
if (len) {
- memset(ecount_buf, 0, 16);
+ OPENSSL_memset(ecount_buf, 0, 16);
(*func)(ecount_buf, ecount_buf, 1, key, ivec);
++ctr32;
PUTU32(ivec + 12, ctr32);
diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c
index 3b793e8..df68c40 100644
--- a/src/crypto/modes/gcm.c
+++ b/src/crypto/modes/gcm.c
@@ -363,7 +363,7 @@
uint8_t c[16];
} H;
- memcpy(H.c, gcm_key, 16);
+ OPENSSL_memcpy(H.c, gcm_key, 16);
/* H is stored in host byte order */
H.u[0] = CRYPTO_bswap8(H.u[0]);
@@ -426,11 +426,11 @@
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, const void *aes_key,
block128_f block) {
- memset(ctx, 0, sizeof(*ctx));
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->block = block;
uint8_t gcm_key[16];
- memset(gcm_key, 0, sizeof(gcm_key));
+ OPENSSL_memset(gcm_key, 0, sizeof(gcm_key));
(*block)(gcm_key, gcm_key, aes_key);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, gcm_key);
@@ -453,7 +453,7 @@
ctx->mres = 0;
if (len == 12) {
- memcpy(ctx->Yi.c, iv, 12);
+ OPENSSL_memcpy(ctx->Yi.c, iv, 12);
ctx->Yi.c[15] = 1;
ctr = 1;
} else {
@@ -1060,7 +1060,8 @@
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) {
CRYPTO_gcm128_finish(ctx, NULL, 0);
- memcpy(tag, ctx->Xi.c, len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
+ OPENSSL_memcpy(tag, ctx->Xi.c,
+ len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
}
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
diff --git a/src/crypto/modes/gcm_test.cc b/src/crypto/modes/gcm_test.cc
index 8baf20e..1a5e034 100644
--- a/src/crypto/modes/gcm_test.cc
+++ b/src/crypto/modes/gcm_test.cc
@@ -350,7 +350,7 @@
CRYPTO_gcm128_init(&ctx, &aes_key, (block128_f) AES_encrypt);
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -358,7 +358,7 @@
CRYPTO_gcm128_encrypt(&ctx, &aes_key, plaintext, out, plaintext_len);
}
if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) ||
- (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) {
+ (ciphertext && OPENSSL_memcmp(out, ciphertext, plaintext_len) != 0)) {
fprintf(stderr, "%u: encrypt failed.\n", test_num);
hexdump(stderr, "got :", out, plaintext_len);
hexdump(stderr, "want:", ciphertext, plaintext_len);
@@ -366,7 +366,7 @@
}
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -377,7 +377,7 @@
fprintf(stderr, "%u: decrypt failed.\n", test_num);
goto out;
}
- if (plaintext && memcmp(out, plaintext, plaintext_len)) {
+ if (plaintext && OPENSSL_memcmp(out, plaintext, plaintext_len)) {
fprintf(stderr, "%u: plaintext doesn't match.\n", test_num);
goto out;
}
diff --git a/src/crypto/modes/internal.h b/src/crypto/modes/internal.h
index a53da04..9b579fa 100644
--- a/src/crypto/modes/internal.h
+++ b/src/crypto/modes/internal.h
@@ -53,6 +53,8 @@
#include <string.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -100,13 +102,13 @@
static inline uint32_t GETU32(const void *in) {
uint32_t v;
- memcpy(&v, in, sizeof(v));
+ OPENSSL_memcpy(&v, in, sizeof(v));
return CRYPTO_bswap4(v);
}
static inline void PUTU32(void *out, uint32_t v) {
v = CRYPTO_bswap4(v);
- memcpy(out, &v, sizeof(v));
+ OPENSSL_memcpy(out, &v, sizeof(v));
}
static inline uint32_t GETU32_aligned(const void *in) {
diff --git a/src/crypto/modes/ofb.c b/src/crypto/modes/ofb.c
index 0ee95ca..95d15c3 100644
--- a/src/crypto/modes/ofb.c
+++ b/src/crypto/modes/ofb.c
@@ -73,11 +73,11 @@
(*block)(ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t a, b;
- memcpy(&a, in + n, sizeof(size_t));
- memcpy(&b, ivec + n, sizeof(size_t));
+ OPENSSL_memcpy(&a, in + n, sizeof(size_t));
+ OPENSSL_memcpy(&b, ivec + n, sizeof(size_t));
const size_t c = a ^ b;
- memcpy(out + n, &c, sizeof(size_t));
+ OPENSSL_memcpy(out + n, &c, sizeof(size_t));
}
len -= 16;
out += 16;
diff --git a/src/crypto/modes/polyval.c b/src/crypto/modes/polyval.c
index c5121a1..125b256 100644
--- a/src/crypto/modes/polyval.c
+++ b/src/crypto/modes/polyval.c
@@ -54,11 +54,11 @@
void CRYPTO_POLYVAL_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
polyval_block H;
- memcpy(H.c, key, 16);
+ OPENSSL_memcpy(H.c, key, 16);
reverse_and_mulX_ghash(&H);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H.c);
- memset(&ctx->S, 0, sizeof(ctx->S));
+ OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
}
void CRYPTO_POLYVAL_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
@@ -71,7 +71,8 @@
if (todo > sizeof(reversed)) {
todo = sizeof(reversed);
}
- memcpy(reversed, in, todo);
+ OPENSSL_memcpy(reversed, in, todo);
+ in += todo;
in_len -= todo;
size_t blocks = todo / sizeof(polyval_block);
@@ -86,7 +87,7 @@
void CRYPTO_POLYVAL_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
polyval_block S = ctx->S;
byte_reverse(&S);
- memcpy(out, &S.c, sizeof(polyval_block));
+ OPENSSL_memcpy(out, &S.c, sizeof(polyval_block));
}
diff --git a/src/crypto/obj/README b/src/crypto/obj/README
index 6199fb4..797bb68 100644
--- a/src/crypto/obj/README
+++ b/src/crypto/obj/README
@@ -1,37 +1,15 @@
-OID information is generated via a series of perl scripts. In order, the full
-list of commands to run are:
+The files nid.h, obj_mac.num, and obj_dat.h are generated from objects.txt and
+obj_mac.num. To regenerate them, run:
- perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h
- perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h
- perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h
+ go run objects.go
objects.txt contains the list of all built-in OIDs. It is processed by
-objects.pl to output obj_mac.num and nid.h. obj_mac.num is the list of NID
-values for each OID. This is an input/output parameter so NID values are stable
-across regenerations. nid.h is the header which defines macros for all the
-built-in OIDs in C.
+objects.go to output obj_mac.num, obj_dat.h, and nid.h.
-nid.h is read by obj_dat.pl to generate obj_dat.h. obj_dat.h contains the
-ASN1_OBJECTs corresponding to built-in OIDs themselves along with lookup tables
-for search by short name, OID, etc.
+obj_mac.num is the list of NID values for each OID. This is an input/output
+file so NID values are stable across regenerations.
-obj_mac.num and obj_xref.txt are read by obj_xref.pl to generate
-obj_xref.h. obj_xref.txt links signature OIDs to corresponding public key
-algorithms and digests. obj_xref.h contains lookup tables for querying this
-information in both directions.
+nid.h is the header which defines macros for all the built-in OIDs in C.
-Dependency graph:
-
- objects.txt
- |
- V
- [objects.pl] <--+
- / \ |
- V V |
- nid.h obj_mac.num obj_xref.txt
- | \ /
- V V V
- [obj_dat.pl] [obj_xref.pl]
- | |
- V V
- obj_dat.h obj_xref.h
+obj_dat.h contains the ASN1_OBJECTs corresponding to built-in OIDs themselves
+along with lookup tables for search by short name, OID, etc.
diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c
index c44ffc8..173257f 100644
--- a/src/crypto/obj/obj.c
+++ b/src/crypto/obj/obj.c
@@ -123,7 +123,7 @@
goto err;
}
if (o->data != NULL) {
- memcpy(data, o->data, o->length);
+ OPENSSL_memcpy(data, o->data, o->length);
}
/* once data is attached to an object, it remains const */
@@ -169,7 +169,7 @@
if (ret) {
return ret;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
/* obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is
@@ -185,7 +185,7 @@
} else if (a->length > b->length) {
return 1;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
int OBJ_obj2nid(const ASN1_OBJECT *obj) {
@@ -211,7 +211,8 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(obj, kNIDsInOIDOrder, NUM_OBJ, sizeof(unsigned), obj_cmp);
+ nid_ptr = bsearch(obj, kNIDsInOIDOrder, OPENSSL_ARRAY_SIZE(kNIDsInOIDOrder),
+ sizeof(kNIDsInOIDOrder[0]), obj_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -225,7 +226,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = CBS_data(cbs);
obj.length = (int)CBS_len(cbs);
@@ -258,7 +259,9 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(short_name, kNIDsInShortNameOrder, NUM_SN, sizeof(unsigned), short_name_cmp);
+ nid_ptr = bsearch(short_name, kNIDsInShortNameOrder,
+ OPENSSL_ARRAY_SIZE(kNIDsInShortNameOrder),
+ sizeof(kNIDsInShortNameOrder[0]), short_name_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -292,7 +295,9 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(long_name, kNIDsInLongNameOrder, NUM_LN, sizeof(unsigned), long_name_cmp);
+ nid_ptr = bsearch(long_name, kNIDsInLongNameOrder,
+ OPENSSL_ARRAY_SIZE(kNIDsInLongNameOrder),
+ sizeof(kNIDsInLongNameOrder[0]), long_name_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -543,7 +548,7 @@
if (i) {
return i;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
diff --git a/src/crypto/obj/obj_dat.h b/src/crypto/obj/obj_dat.h
index 1d779de..4905f0d 100644
--- a/src/crypto/obj/obj_dat.h
+++ b/src/crypto/obj/obj_dat.h
@@ -1,7 +1,3 @@
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h */
-
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -58,5197 +54,6123 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.] */
+/* This file is generated by crypto/obj/objects.go. */
+
#define NUM_NID 949
-#define NUM_SN 941
-#define NUM_LN 941
-#define NUM_OBJ 876
-static const unsigned char lvalues[6176]={
-0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
-0x55, /* [ 82] OBJ_X500 */
-0x55,0x04, /* [ 83] OBJ_X509 */
-0x55,0x04,0x03, /* [ 85] OBJ_commonName */
-0x55,0x04,0x06, /* [ 88] OBJ_countryName */
-0x55,0x04,0x07, /* [ 91] OBJ_localityName */
-0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
-0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [217] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12, /* [225] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F, /* [230] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [235] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08, /* [243] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [248] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [337] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [344] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [352] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A, /* [360] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D, /* [374] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C, /* [379] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B, /* [402] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */
-0x55,0x1D, /* [488] OBJ_id_ce */
-0x55,0x1D,0x0E, /* [490] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F, /* [493] OBJ_key_usage */
-0x55,0x1D,0x10, /* [496] OBJ_private_key_usage_period */
-0x55,0x1D,0x11, /* [499] OBJ_subject_alt_name */
-0x55,0x1D,0x12, /* [502] OBJ_issuer_alt_name */
-0x55,0x1D,0x13, /* [505] OBJ_basic_constraints */
-0x55,0x1D,0x14, /* [508] OBJ_crl_number */
-0x55,0x1D,0x20, /* [511] OBJ_certificate_policies */
-0x55,0x1D,0x23, /* [514] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65, /* [526] OBJ_mdc2 */
-0x55,0x08,0x03,0x64, /* [530] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A, /* [534] OBJ_givenName */
-0x55,0x04,0x04, /* [537] OBJ_surname */
-0x55,0x04,0x2B, /* [540] OBJ_initials */
-0x55,0x1D,0x1F, /* [543] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03, /* [546] OBJ_md5WithRSA */
-0x55,0x04,0x05, /* [551] OBJ_serialNumber */
-0x55,0x04,0x0C, /* [554] OBJ_title */
-0x55,0x04,0x0D, /* [557] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [578] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D, /* [585] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [590] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [616] OBJ_zlib_compression */
-0x55,0x1D,0x25, /* [627] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07, /* [630] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [636] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [643] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [651] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [659] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [667] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [675] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [683] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [693] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [703] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [713] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [723] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [733] OBJ_ns_sgc */
-0x55,0x1D,0x1B, /* [742] OBJ_delta_crl */
-0x55,0x1D,0x15, /* [745] OBJ_crl_reason */
-0x55,0x1D,0x18, /* [748] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01, /* [751] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [756] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [766] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [776] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [786] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [796] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [806] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [816] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [827] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [838] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [849] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [860] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [871] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [882] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [891] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [900] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [910] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [920] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [930] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [939] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [948] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [956] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [964] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [972] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [981] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [990] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [999] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1008] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1018] OBJ_ext_req */
-0x55,0x04,0x29, /* [1027] OBJ_name */
-0x55,0x04,0x2E, /* [1030] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1033] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1040] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1047] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1055] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1063] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1071] OBJ_OCSP_sign */
-0x2A, /* [1079] OBJ_member_body */
-0x2A,0x86,0x48, /* [1080] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38, /* [1083] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1088] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1094] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1102] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1110] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1119] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1129] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1139] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1149] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1159] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1169] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1179] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1189] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1200] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1211] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1222] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1233] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1244] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1255] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1266] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1277] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1288] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1299] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1310] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1321] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1332] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1343] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1354] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1365] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1376] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1387] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1398] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1409] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1420] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1431] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1442] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1453] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1464] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1475] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1486] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1497] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1508] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1519] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1530] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1541] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1552] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1563] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1574] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1585] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1596] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1607] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1618] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1629] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1640] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1651] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1662] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1673] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1684] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1695] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1706] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1717] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1728] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1739] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1750] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1761] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1772] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1783] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1794] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1805] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1816] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1827] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1838] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1849] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1860] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1868] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1875] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1882] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1889] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1896] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1903] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1910] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1917] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1924] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1931] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1938] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1945] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1953] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1961] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1969] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1977] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1985] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1993] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2001] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2009] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2017] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2025] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2033] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2041] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2049] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2057] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2065] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2073] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2081] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2089] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2097] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2105] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2113] OBJ_sbgp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2121] OBJ_sbgp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2129] OBJ_sbgp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2137] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2145] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2153] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2161] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2169] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2177] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2185] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2193] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2201] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2209] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2217] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2225] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2233] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2241] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2249] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2257] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2265] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2273] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2281] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2289] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2297] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2305] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2313] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2322] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2331] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2340] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2349] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2358] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2367] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2376] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2385] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2393] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2401] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2409] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2417] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2425] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2433] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2441] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2449] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2457] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2465] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2473] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2481] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2489] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2497] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2505] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2513] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2521] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2529] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2537] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2545] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2553] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2561] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2569] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2577] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2585] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2593] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2601] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2609] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2617] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2625] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2633] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2641] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2649] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2657] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2665] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2673] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2681] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2689] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2697] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2705] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2713] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2722] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2731] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2740] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2749] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2758] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2767] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2776] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2785] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2794] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2803] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02, /* [2812] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B, /* [2816] OBJ_rsaSignature */
-0x55,0x08, /* [2821] OBJ_X500algorithms */
-0x2B, /* [2823] OBJ_org */
-0x2B,0x06, /* [2824] OBJ_dod */
-0x2B,0x06,0x01, /* [2826] OBJ_iana */
-0x2B,0x06,0x01,0x01, /* [2829] OBJ_Directory */
-0x2B,0x06,0x01,0x02, /* [2833] OBJ_Management */
-0x2B,0x06,0x01,0x03, /* [2837] OBJ_Experimental */
-0x2B,0x06,0x01,0x04, /* [2841] OBJ_Private */
-0x2B,0x06,0x01,0x05, /* [2845] OBJ_Security */
-0x2B,0x06,0x01,0x06, /* [2849] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07, /* [2853] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01, /* [2857] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2862] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2871] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2881] OBJ_Domain */
-0x55,0x01,0x05, /* [2891] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37, /* [2894] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2898] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2907] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2915] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2923] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48, /* [2931] OBJ_role */
-0x55,0x1D,0x24, /* [2934] OBJ_policy_constraints */
-0x55,0x1D,0x37, /* [2937] OBJ_target_information */
-0x55,0x1D,0x38, /* [2940] OBJ_no_rev_avail */
-0x2A,0x86,0x48,0xCE,0x3D, /* [2943] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2948] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2955] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2962] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2969] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2977] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2985] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2993] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3001] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3009] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3017] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3025] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3032] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3041] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3050] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3059] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3068] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3077] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3086] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3095] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3104] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3113] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3122] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3131] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3140] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17, /* [3149] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3152] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3159] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3166] OBJ_hold_instruction_reject */
-0x09, /* [3173] OBJ_data */
-0x09,0x92,0x26, /* [3174] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3177] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3184] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3192] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3201] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3210] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3219] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3228] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3238] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3248] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3258] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3268] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3278] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3288] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3298] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3308] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3318] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3328] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3338] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3348] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3358] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3368] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3378] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3388] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3398] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3408] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3418] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3428] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3438] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3448] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3458] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3468] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3478] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3488] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3498] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3508] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3518] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3528] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3538] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3548] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3558] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3568] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3578] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3588] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3598] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3608] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3618] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3628] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3638] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3648] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3658] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3668] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3678] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3688] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3698] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3708] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3718] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3728] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3738] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3748] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3758] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3768] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3778] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3788] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3798] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3808] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3818] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3828] OBJ_documentPublisher */
-0x55,0x04,0x2D, /* [3838] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01, /* [3841] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01, /* [3846] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02, /* [3852] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3858] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3865] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C, /* [3872] OBJ_generationQualifier */
-0x55,0x04,0x41, /* [3875] OBJ_pseudonym */
-0x67,0x2A, /* [3878] OBJ_id_set */
-0x67,0x2A,0x00, /* [3880] OBJ_set_ctype */
-0x67,0x2A,0x01, /* [3883] OBJ_set_msgExt */
-0x67,0x2A,0x03, /* [3886] OBJ_set_attr */
-0x67,0x2A,0x05, /* [3889] OBJ_set_policy */
-0x67,0x2A,0x07, /* [3892] OBJ_set_certExt */
-0x67,0x2A,0x08, /* [3895] OBJ_set_brand */
-0x67,0x2A,0x00,0x00, /* [3898] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01, /* [3902] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02, /* [3906] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03, /* [3910] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04, /* [3914] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05, /* [3918] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06, /* [3922] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07, /* [3926] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08, /* [3930] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09, /* [3934] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A, /* [3938] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B, /* [3942] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C, /* [3946] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D, /* [3950] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E, /* [3954] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10, /* [3958] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11, /* [3962] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12, /* [3966] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13, /* [3970] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14, /* [3974] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15, /* [3978] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16, /* [3982] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17, /* [3986] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18, /* [3990] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19, /* [3994] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A, /* [3998] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B, /* [4002] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C, /* [4006] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D, /* [4010] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E, /* [4014] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F, /* [4018] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20, /* [4022] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21, /* [4026] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22, /* [4030] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23, /* [4034] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24, /* [4038] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25, /* [4042] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26, /* [4046] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27, /* [4050] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28, /* [4054] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29, /* [4058] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A, /* [4062] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B, /* [4066] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C, /* [4070] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D, /* [4074] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E, /* [4078] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F, /* [4082] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30, /* [4086] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31, /* [4090] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32, /* [4094] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33, /* [4098] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34, /* [4102] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35, /* [4106] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36, /* [4110] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37, /* [4114] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38, /* [4118] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39, /* [4122] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A, /* [4126] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B, /* [4130] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C, /* [4134] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D, /* [4138] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E, /* [4142] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F, /* [4146] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40, /* [4150] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41, /* [4154] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42, /* [4158] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43, /* [4162] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44, /* [4166] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45, /* [4170] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46, /* [4174] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47, /* [4178] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48, /* [4182] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49, /* [4186] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A, /* [4190] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B, /* [4194] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C, /* [4198] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D, /* [4202] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E, /* [4206] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F, /* [4210] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50, /* [4214] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51, /* [4218] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52, /* [4222] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01, /* [4226] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03, /* [4230] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04, /* [4234] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05, /* [4238] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07, /* [4242] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08, /* [4246] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00, /* [4250] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00, /* [4254] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01, /* [4258] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02, /* [4262] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03, /* [4266] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04, /* [4270] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05, /* [4274] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06, /* [4278] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07, /* [4282] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08, /* [4286] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09, /* [4290] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A, /* [4294] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B, /* [4298] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00, /* [4302] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01, /* [4306] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02, /* [4310] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03, /* [4314] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00, /* [4318] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01, /* [4323] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01, /* [4328] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02, /* [4333] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03, /* [4338] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04, /* [4343] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05, /* [4348] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01, /* [4353] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01, /* [4359] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02, /* [4365] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01, /* [4371] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02, /* [4377] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01, /* [4383] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E, /* [4387] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22, /* [4391] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23, /* [4395] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04, /* [4399] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05, /* [4403] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B, /* [4407] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4412] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4420] OBJ_rsaOAEPEncryptionSET */
-0x67, /* [4429] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4430] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4440] OBJ_ms_upn */
-0x55,0x04,0x09, /* [4450] OBJ_streetAddress */
-0x55,0x04,0x11, /* [4453] OBJ_postalCode */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4456] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4463] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4471] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4479] OBJ_id_ppl_inheritAll */
-0x55,0x1D,0x1E, /* [4487] OBJ_name_constraints */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4490] OBJ_Independent */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4498] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4507] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4516] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4525] OBJ_sha224WithRSAEncryption */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4534] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4543] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4552] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4561] OBJ_sha224 */
-0x2B, /* [4570] OBJ_identified_organization */
-0x2B,0x81,0x04, /* [4571] OBJ_certicom_arc */
-0x67,0x2B, /* [4574] OBJ_wap */
-0x67,0x2B,0x01, /* [4576] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4579] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4587] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4596] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4605] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4614] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4622] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4630] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4638] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4646] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4654] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4662] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4670] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4678] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4686] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4694] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4702] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4710] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4718] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4726] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4734] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4742] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4750] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4758] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4766] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06, /* [4774] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07, /* [4779] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C, /* [4784] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D, /* [4789] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09, /* [4794] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08, /* [4799] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E, /* [4804] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F, /* [4809] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20, /* [4814] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21, /* [4819] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A, /* [4824] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22, /* [4829] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23, /* [4834] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04, /* [4839] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05, /* [4844] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16, /* [4849] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17, /* [4854] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01, /* [4859] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02, /* [4864] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F, /* [4869] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18, /* [4874] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19, /* [4879] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A, /* [4884] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B, /* [4889] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03, /* [4894] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10, /* [4899] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11, /* [4904] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24, /* [4909] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25, /* [4914] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26, /* [4919] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27, /* [4924] OBJ_sect571r1 */
-0x67,0x2B,0x01,0x04,0x01, /* [4929] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x01,0x04,0x03, /* [4934] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x01,0x04,0x04, /* [4939] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x01,0x04,0x05, /* [4944] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x01,0x04,0x06, /* [4949] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x01,0x04,0x07, /* [4954] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x01,0x04,0x08, /* [4959] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x01,0x04,0x09, /* [4964] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x01,0x04,0x0A, /* [4969] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x01,0x04,0x0B, /* [4974] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x01,0x04,0x0C, /* [4979] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x55,0x1D,0x20,0x00, /* [4984] OBJ_any_policy */
-0x55,0x1D,0x21, /* [4988] OBJ_policy_mappings */
-0x55,0x1D,0x36, /* [4991] OBJ_inhibit_any_policy */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [4994] OBJ_camellia_128_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5005] OBJ_camellia_192_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5016] OBJ_camellia_256_cbc */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5027] OBJ_camellia_128_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5035] OBJ_camellia_192_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5043] OBJ_camellia_256_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5051] OBJ_camellia_128_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5059] OBJ_camellia_192_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5067] OBJ_camellia_256_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5075] OBJ_camellia_128_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5083] OBJ_camellia_192_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5091] OBJ_camellia_256_ofb128 */
-0x55,0x1D,0x09, /* [5099] OBJ_subject_directory_attributes */
-0x55,0x1D,0x1C, /* [5102] OBJ_issuing_distribution_point */
-0x55,0x1D,0x1D, /* [5105] OBJ_certificate_issuer */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5108] OBJ_kisa */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5114] OBJ_seed_ecb */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5122] OBJ_seed_cbc */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5130] OBJ_seed_ofb128 */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5138] OBJ_seed_cfb128 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5146] OBJ_hmac_md5 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5154] OBJ_hmac_sha1 */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5162] OBJ_id_PasswordBasedMAC */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5171] OBJ_id_DHBasedMac */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5180] OBJ_id_it_suppLangTags */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5188] OBJ_caRepository */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5196] OBJ_id_smime_ct_compressedData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5207] OBJ_id_ct_asciiTextWithCRLF */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5218] OBJ_id_aes128_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5227] OBJ_id_aes192_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5236] OBJ_id_aes256_wrap */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5245] OBJ_ecdsa_with_Recommended */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5252] OBJ_ecdsa_with_Specified */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5259] OBJ_ecdsa_with_SHA224 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5267] OBJ_ecdsa_with_SHA256 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5275] OBJ_ecdsa_with_SHA384 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5283] OBJ_ecdsa_with_SHA512 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5291] OBJ_hmacWithMD5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5299] OBJ_hmacWithSHA224 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5307] OBJ_hmacWithSHA256 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5315] OBJ_hmacWithSHA384 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5323] OBJ_hmacWithSHA512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5331] OBJ_dsa_with_SHA224 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5340] OBJ_dsa_with_SHA256 */
-0x28,0xCF,0x06,0x03,0x00,0x37, /* [5349] OBJ_whirlpool */
-0x2A,0x85,0x03,0x02,0x02, /* [5355] OBJ_cryptopro */
-0x2A,0x85,0x03,0x02,0x09, /* [5360] OBJ_cryptocom */
-0x2A,0x85,0x03,0x02,0x02,0x03, /* [5365] OBJ_id_GostR3411_94_with_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x04, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x09, /* [5377] OBJ_id_GostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5383] OBJ_id_HMACGostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x13, /* [5389] OBJ_id_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x14, /* [5395] OBJ_id_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x15, /* [5401] OBJ_id_Gost28147_89 */
-0x2A,0x85,0x03,0x02,0x02,0x16, /* [5407] OBJ_id_Gost28147_89_MAC */
-0x2A,0x85,0x03,0x02,0x02,0x17, /* [5413] OBJ_id_GostR3411_94_prf */
-0x2A,0x85,0x03,0x02,0x02,0x62, /* [5419] OBJ_id_GostR3410_2001DH */
-0x2A,0x85,0x03,0x02,0x02,0x63, /* [5425] OBJ_id_GostR3410_94DH */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5431] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5438] OBJ_id_Gost28147_89_None_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5445] OBJ_id_GostR3411_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5452] OBJ_id_GostR3411_94_CryptoProParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5459] OBJ_id_Gost28147_89_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5466] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5473] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5480] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5487] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5494] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5501] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5508] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5515] OBJ_id_GostR3410_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5522] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5529] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5536] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5543] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5550] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5557] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5564] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5571] OBJ_id_GostR3410_2001_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5578] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5585] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5592] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5599] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5606] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5613] OBJ_id_GostR3410_94_a */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5620] OBJ_id_GostR3410_94_aBis */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5627] OBJ_id_GostR3410_94_b */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5634] OBJ_id_GostR3410_94_bBis */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5641] OBJ_id_Gost28147_89_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5649] OBJ_id_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5657] OBJ_id_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5665] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5673] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5681] OBJ_id_GostR3410_2001_ParamSet_cc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5689] OBJ_LocalKeySet */
-0x55,0x1D,0x2E, /* [5698] OBJ_freshest_crl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5701] OBJ_id_on_permanentIdentifier */
-0x55,0x04,0x0E, /* [5709] OBJ_searchGuide */
-0x55,0x04,0x0F, /* [5712] OBJ_businessCategory */
-0x55,0x04,0x10, /* [5715] OBJ_postalAddress */
-0x55,0x04,0x12, /* [5718] OBJ_postOfficeBox */
-0x55,0x04,0x13, /* [5721] OBJ_physicalDeliveryOfficeName */
-0x55,0x04,0x14, /* [5724] OBJ_telephoneNumber */
-0x55,0x04,0x15, /* [5727] OBJ_telexNumber */
-0x55,0x04,0x16, /* [5730] OBJ_teletexTerminalIdentifier */
-0x55,0x04,0x17, /* [5733] OBJ_facsimileTelephoneNumber */
-0x55,0x04,0x18, /* [5736] OBJ_x121Address */
-0x55,0x04,0x19, /* [5739] OBJ_internationaliSDNNumber */
-0x55,0x04,0x1A, /* [5742] OBJ_registeredAddress */
-0x55,0x04,0x1B, /* [5745] OBJ_destinationIndicator */
-0x55,0x04,0x1C, /* [5748] OBJ_preferredDeliveryMethod */
-0x55,0x04,0x1D, /* [5751] OBJ_presentationAddress */
-0x55,0x04,0x1E, /* [5754] OBJ_supportedApplicationContext */
-0x55,0x04,0x1F, /* [5757] OBJ_member */
-0x55,0x04,0x20, /* [5760] OBJ_owner */
-0x55,0x04,0x21, /* [5763] OBJ_roleOccupant */
-0x55,0x04,0x22, /* [5766] OBJ_seeAlso */
-0x55,0x04,0x23, /* [5769] OBJ_userPassword */
-0x55,0x04,0x24, /* [5772] OBJ_userCertificate */
-0x55,0x04,0x25, /* [5775] OBJ_cACertificate */
-0x55,0x04,0x26, /* [5778] OBJ_authorityRevocationList */
-0x55,0x04,0x27, /* [5781] OBJ_certificateRevocationList */
-0x55,0x04,0x28, /* [5784] OBJ_crossCertificatePair */
-0x55,0x04,0x2F, /* [5787] OBJ_enhancedSearchGuide */
-0x55,0x04,0x30, /* [5790] OBJ_protocolInformation */
-0x55,0x04,0x31, /* [5793] OBJ_distinguishedName */
-0x55,0x04,0x32, /* [5796] OBJ_uniqueMember */
-0x55,0x04,0x33, /* [5799] OBJ_houseIdentifier */
-0x55,0x04,0x34, /* [5802] OBJ_supportedAlgorithms */
-0x55,0x04,0x35, /* [5805] OBJ_deltaRevocationList */
-0x55,0x04,0x36, /* [5808] OBJ_dmdName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5811] OBJ_id_alg_PWRI_KEK */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5822] OBJ_aes_128_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5831] OBJ_aes_128_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5840] OBJ_id_aes128_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5849] OBJ_aes_192_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5858] OBJ_aes_192_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5867] OBJ_id_aes192_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5876] OBJ_aes_256_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5885] OBJ_aes_256_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5894] OBJ_id_aes256_wrap_pad */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5903] OBJ_id_camellia128_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5914] OBJ_id_camellia192_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5925] OBJ_id_camellia256_wrap */
-0x55,0x1D,0x25,0x00, /* [5936] OBJ_anyExtendedKeyUsage */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5940] OBJ_mgf1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5949] OBJ_rsassaPss */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5958] OBJ_rsaesOaep */
-0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5967] OBJ_dhpublicnumber */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5974] OBJ_brainpoolP160r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5983] OBJ_brainpoolP160t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5992] OBJ_brainpoolP192r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6001] OBJ_brainpoolP192t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6010] OBJ_brainpoolP224r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6019] OBJ_brainpoolP224t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6028] OBJ_brainpoolP256r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6037] OBJ_brainpoolP256t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6046] OBJ_brainpoolP320r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6055] OBJ_brainpoolP320t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6064] OBJ_brainpoolP384r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6073] OBJ_brainpoolP384t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6082] OBJ_brainpoolP512r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6091] OBJ_brainpoolP512t1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6100] OBJ_pSpecified */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6109] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x00, /* [6118] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x01, /* [6124] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x02, /* [6130] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x03, /* [6136] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6142] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x00, /* [6151] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x01, /* [6157] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x02, /* [6163] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x03, /* [6169] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */
+static const uint8_t kObjectData[] = {
+ /* NID_rsadsi */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ /* NID_pkcs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+ /* NID_md2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02,
+ /* NID_md5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
+ /* NID_rc4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x04,
+ /* NID_rsaEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
+ /* NID_md2WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02,
+ /* NID_md5WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04,
+ /* NID_pbeWithMD2AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x01,
+ /* NID_pbeWithMD5AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x03,
+ /* NID_X500 */
+ 0x55,
+ /* NID_X509 */
+ 0x55, 0x04,
+ /* NID_commonName */
+ 0x55, 0x04, 0x03,
+ /* NID_countryName */
+ 0x55, 0x04, 0x06,
+ /* NID_localityName */
+ 0x55, 0x04, 0x07,
+ /* NID_stateOrProvinceName */
+ 0x55, 0x04, 0x08,
+ /* NID_organizationName */
+ 0x55, 0x04, 0x0a,
+ /* NID_organizationalUnitName */
+ 0x55, 0x04, 0x0b,
+ /* NID_rsa */
+ 0x55, 0x08, 0x01, 0x01,
+ /* NID_pkcs7 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
+ /* NID_pkcs7_data */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
+ /* NID_pkcs7_signed */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02,
+ /* NID_pkcs7_enveloped */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x03,
+ /* NID_pkcs7_signedAndEnveloped */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x04,
+ /* NID_pkcs7_digest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x05,
+ /* NID_pkcs7_encrypted */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06,
+ /* NID_pkcs3 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03,
+ /* NID_dhKeyAgreement */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03, 0x01,
+ /* NID_des_ecb */
+ 0x2b, 0x0e, 0x03, 0x02, 0x06,
+ /* NID_des_cfb64 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x09,
+ /* NID_des_cbc */
+ 0x2b, 0x0e, 0x03, 0x02, 0x07,
+ /* NID_des_ede_ecb */
+ 0x2b, 0x0e, 0x03, 0x02, 0x11,
+ /* NID_idea_cbc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x3c, 0x07, 0x01, 0x01, 0x02,
+ /* NID_rc2_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x02,
+ /* NID_sha */
+ 0x2b, 0x0e, 0x03, 0x02, 0x12,
+ /* NID_shaWithRSAEncryption */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0f,
+ /* NID_des_ede3_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x07,
+ /* NID_des_ofb64 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x08,
+ /* NID_pkcs9 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
+ /* NID_pkcs9_emailAddress */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01,
+ /* NID_pkcs9_unstructuredName */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x02,
+ /* NID_pkcs9_contentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03,
+ /* NID_pkcs9_messageDigest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04,
+ /* NID_pkcs9_signingTime */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05,
+ /* NID_pkcs9_countersignature */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x06,
+ /* NID_pkcs9_challengePassword */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x07,
+ /* NID_pkcs9_unstructuredAddress */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x08,
+ /* NID_pkcs9_extCertAttributes */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x09,
+ /* NID_netscape */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42,
+ /* NID_netscape_cert_extension */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01,
+ /* NID_netscape_data_type */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02,
+ /* NID_sha1 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a,
+ /* NID_sha1WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
+ /* NID_dsaWithSHA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0d,
+ /* NID_dsa_2 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0c,
+ /* NID_pbeWithSHA1AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0b,
+ /* NID_id_pbkdf2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0c,
+ /* NID_dsaWithSHA1_2 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1b,
+ /* NID_netscape_cert_type */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x01,
+ /* NID_netscape_base_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x02,
+ /* NID_netscape_revocation_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x03,
+ /* NID_netscape_ca_revocation_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x04,
+ /* NID_netscape_renewal_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x07,
+ /* NID_netscape_ca_policy_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x08,
+ /* NID_netscape_ssl_server_name */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x0c,
+ /* NID_netscape_comment */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x0d,
+ /* NID_netscape_cert_sequence */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02, 0x05,
+ /* NID_id_ce */
+ 0x55, 0x1d,
+ /* NID_subject_key_identifier */
+ 0x55, 0x1d, 0x0e,
+ /* NID_key_usage */
+ 0x55, 0x1d, 0x0f,
+ /* NID_private_key_usage_period */
+ 0x55, 0x1d, 0x10,
+ /* NID_subject_alt_name */
+ 0x55, 0x1d, 0x11,
+ /* NID_issuer_alt_name */
+ 0x55, 0x1d, 0x12,
+ /* NID_basic_constraints */
+ 0x55, 0x1d, 0x13,
+ /* NID_crl_number */
+ 0x55, 0x1d, 0x14,
+ /* NID_certificate_policies */
+ 0x55, 0x1d, 0x20,
+ /* NID_authority_key_identifier */
+ 0x55, 0x1d, 0x23,
+ /* NID_bf_cbc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x02,
+ /* NID_mdc2 */
+ 0x55, 0x08, 0x03, 0x65,
+ /* NID_mdc2WithRSA */
+ 0x55, 0x08, 0x03, 0x64,
+ /* NID_givenName */
+ 0x55, 0x04, 0x2a,
+ /* NID_surname */
+ 0x55, 0x04, 0x04,
+ /* NID_initials */
+ 0x55, 0x04, 0x2b,
+ /* NID_crl_distribution_points */
+ 0x55, 0x1d, 0x1f,
+ /* NID_md5WithRSA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x03,
+ /* NID_serialNumber */
+ 0x55, 0x04, 0x05,
+ /* NID_title */
+ 0x55, 0x04, 0x0c,
+ /* NID_description */
+ 0x55, 0x04, 0x0d,
+ /* NID_cast5_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0a,
+ /* NID_pbeWithMD5AndCast5_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0c,
+ /* NID_dsaWithSHA1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x03,
+ /* NID_sha1WithRSA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1d,
+ /* NID_dsa */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x01,
+ /* NID_ripemd160 */
+ 0x2b, 0x24, 0x03, 0x02, 0x01,
+ /* NID_ripemd160WithRSA */
+ 0x2b, 0x24, 0x03, 0x03, 0x01, 0x02,
+ /* NID_rc5_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x08,
+ /* NID_zlib_compression */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x08,
+ /* NID_ext_key_usage */
+ 0x55, 0x1d, 0x25,
+ /* NID_id_pkix */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
+ /* NID_id_kp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
+ /* NID_server_auth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
+ /* NID_client_auth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
+ /* NID_code_sign */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03,
+ /* NID_email_protect */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x04,
+ /* NID_time_stamp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08,
+ /* NID_ms_code_ind */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15,
+ /* NID_ms_code_com */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x16,
+ /* NID_ms_ctl_sign */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x01,
+ /* NID_ms_sgc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x03,
+ /* NID_ms_efs */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x04,
+ /* NID_ns_sgc */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01,
+ /* NID_delta_crl */
+ 0x55, 0x1d, 0x1b,
+ /* NID_crl_reason */
+ 0x55, 0x1d, 0x15,
+ /* NID_invalidity_date */
+ 0x55, 0x1d, 0x18,
+ /* NID_sxnet */
+ 0x2b, 0x65, 0x01, 0x04, 0x01,
+ /* NID_pbe_WithSHA1And128BitRC4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x01,
+ /* NID_pbe_WithSHA1And40BitRC4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x02,
+ /* NID_pbe_WithSHA1And3_Key_TripleDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03,
+ /* NID_pbe_WithSHA1And2_Key_TripleDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x04,
+ /* NID_pbe_WithSHA1And128BitRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x05,
+ /* NID_pbe_WithSHA1And40BitRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06,
+ /* NID_keyBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x01,
+ /* NID_pkcs8ShroudedKeyBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02,
+ /* NID_certBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x03,
+ /* NID_crlBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x04,
+ /* NID_secretBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x05,
+ /* NID_safeContentsBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x06,
+ /* NID_friendlyName */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14,
+ /* NID_localKeyID */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15,
+ /* NID_x509Certificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x16, 0x01,
+ /* NID_sdsiCertificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x16, 0x02,
+ /* NID_x509Crl */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x17, 0x01,
+ /* NID_pbes2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0d,
+ /* NID_pbmac1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0e,
+ /* NID_hmacWithSHA1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x07,
+ /* NID_id_qt_cps */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01,
+ /* NID_id_qt_unotice */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02,
+ /* NID_SMIMECapabilities */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0f,
+ /* NID_pbeWithMD2AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x04,
+ /* NID_pbeWithMD5AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x06,
+ /* NID_pbeWithSHA1AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0a,
+ /* NID_ms_ext_req */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0e,
+ /* NID_ext_req */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0e,
+ /* NID_name */
+ 0x55, 0x04, 0x29,
+ /* NID_dnQualifier */
+ 0x55, 0x04, 0x2e,
+ /* NID_id_pe */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
+ /* NID_id_ad */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
+ /* NID_info_access */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
+ /* NID_ad_OCSP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
+ /* NID_ad_ca_issuers */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02,
+ /* NID_OCSP_sign */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09,
+ /* NID_member_body */
+ 0x2a,
+ /* NID_ISO_US */
+ 0x2a, 0x86, 0x48,
+ /* NID_X9_57 */
+ 0x2a, 0x86, 0x48, 0xce, 0x38,
+ /* NID_X9cm */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04,
+ /* NID_pkcs1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ /* NID_pkcs5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05,
+ /* NID_SMIME */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10,
+ /* NID_id_smime_mod */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00,
+ /* NID_id_smime_ct */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01,
+ /* NID_id_smime_aa */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02,
+ /* NID_id_smime_alg */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03,
+ /* NID_id_smime_cd */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x04,
+ /* NID_id_smime_spq */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05,
+ /* NID_id_smime_cti */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06,
+ /* NID_id_smime_mod_cms */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x01,
+ /* NID_id_smime_mod_ess */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x02,
+ /* NID_id_smime_mod_oid */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x03,
+ /* NID_id_smime_mod_msg_v3 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x04,
+ /* NID_id_smime_mod_ets_eSignature_88 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x05,
+ /* NID_id_smime_mod_ets_eSignature_97 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x06,
+ /* NID_id_smime_mod_ets_eSigPolicy_88 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x07,
+ /* NID_id_smime_mod_ets_eSigPolicy_97 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x08,
+ /* NID_id_smime_ct_receipt */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x01,
+ /* NID_id_smime_ct_authData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x02,
+ /* NID_id_smime_ct_publishCert */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x03,
+ /* NID_id_smime_ct_TSTInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04,
+ /* NID_id_smime_ct_TDTInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x05,
+ /* NID_id_smime_ct_contentInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x06,
+ /* NID_id_smime_ct_DVCSRequestData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x07,
+ /* NID_id_smime_ct_DVCSResponseData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x08,
+ /* NID_id_smime_aa_receiptRequest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x01,
+ /* NID_id_smime_aa_securityLabel */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x02,
+ /* NID_id_smime_aa_mlExpandHistory */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x03,
+ /* NID_id_smime_aa_contentHint */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x04,
+ /* NID_id_smime_aa_msgSigDigest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x05,
+ /* NID_id_smime_aa_encapContentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x06,
+ /* NID_id_smime_aa_contentIdentifier */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x07,
+ /* NID_id_smime_aa_macValue */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x08,
+ /* NID_id_smime_aa_equivalentLabels */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x09,
+ /* NID_id_smime_aa_contentReference */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0a,
+ /* NID_id_smime_aa_encrypKeyPref */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0b,
+ /* NID_id_smime_aa_signingCertificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0c,
+ /* NID_id_smime_aa_smimeEncryptCerts */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0d,
+ /* NID_id_smime_aa_timeStampToken */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0e,
+ /* NID_id_smime_aa_ets_sigPolicyId */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0f,
+ /* NID_id_smime_aa_ets_commitmentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x10,
+ /* NID_id_smime_aa_ets_signerLocation */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x11,
+ /* NID_id_smime_aa_ets_signerAttr */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x12,
+ /* NID_id_smime_aa_ets_otherSigCert */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x13,
+ /* NID_id_smime_aa_ets_contentTimestamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x14,
+ /* NID_id_smime_aa_ets_CertificateRefs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x15,
+ /* NID_id_smime_aa_ets_RevocationRefs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x16,
+ /* NID_id_smime_aa_ets_certValues */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x17,
+ /* NID_id_smime_aa_ets_revocationValues */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x18,
+ /* NID_id_smime_aa_ets_escTimeStamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x19,
+ /* NID_id_smime_aa_ets_certCRLTimestamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1a,
+ /* NID_id_smime_aa_ets_archiveTimeStamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1b,
+ /* NID_id_smime_aa_signatureType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1c,
+ /* NID_id_smime_aa_dvcs_dvc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1d,
+ /* NID_id_smime_alg_ESDHwith3DES */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x01,
+ /* NID_id_smime_alg_ESDHwithRC2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x02,
+ /* NID_id_smime_alg_3DESwrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x03,
+ /* NID_id_smime_alg_RC2wrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x04,
+ /* NID_id_smime_alg_ESDH */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x05,
+ /* NID_id_smime_alg_CMS3DESwrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x06,
+ /* NID_id_smime_alg_CMSRC2wrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x07,
+ /* NID_id_smime_cd_ldap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x04, 0x01,
+ /* NID_id_smime_spq_ets_sqt_uri */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05, 0x01,
+ /* NID_id_smime_spq_ets_sqt_unotice */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05, 0x02,
+ /* NID_id_smime_cti_ets_proofOfOrigin */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x01,
+ /* NID_id_smime_cti_ets_proofOfReceipt */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x02,
+ /* NID_id_smime_cti_ets_proofOfDelivery */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x03,
+ /* NID_id_smime_cti_ets_proofOfSender */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x04,
+ /* NID_id_smime_cti_ets_proofOfApproval */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x05,
+ /* NID_id_smime_cti_ets_proofOfCreation */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x06,
+ /* NID_md4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x04,
+ /* NID_id_pkix_mod */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00,
+ /* NID_id_qt */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02,
+ /* NID_id_it */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04,
+ /* NID_id_pkip */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05,
+ /* NID_id_alg */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06,
+ /* NID_id_cmc */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07,
+ /* NID_id_on */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08,
+ /* NID_id_pda */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09,
+ /* NID_id_aca */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a,
+ /* NID_id_qcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0b,
+ /* NID_id_cct */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c,
+ /* NID_id_pkix1_explicit_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x01,
+ /* NID_id_pkix1_implicit_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x02,
+ /* NID_id_pkix1_explicit_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x03,
+ /* NID_id_pkix1_implicit_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x04,
+ /* NID_id_mod_crmf */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x05,
+ /* NID_id_mod_cmc */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x06,
+ /* NID_id_mod_kea_profile_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x07,
+ /* NID_id_mod_kea_profile_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x08,
+ /* NID_id_mod_cmp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x09,
+ /* NID_id_mod_qualified_cert_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0a,
+ /* NID_id_mod_qualified_cert_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0b,
+ /* NID_id_mod_attribute_cert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0c,
+ /* NID_id_mod_timestamp_protocol */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0d,
+ /* NID_id_mod_ocsp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0e,
+ /* NID_id_mod_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0f,
+ /* NID_id_mod_cmp2000 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x10,
+ /* NID_biometricInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x02,
+ /* NID_qcStatements */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x03,
+ /* NID_ac_auditEntity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x04,
+ /* NID_ac_targeting */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x05,
+ /* NID_aaControls */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x06,
+ /* NID_sbgp_ipAddrBlock */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x07,
+ /* NID_sbgp_autonomousSysNum */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x08,
+ /* NID_sbgp_routerIdentifier */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x09,
+ /* NID_textNotice */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x03,
+ /* NID_ipsecEndSystem */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x05,
+ /* NID_ipsecTunnel */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x06,
+ /* NID_ipsecUser */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x07,
+ /* NID_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x0a,
+ /* NID_id_it_caProtEncCert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x01,
+ /* NID_id_it_signKeyPairTypes */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x02,
+ /* NID_id_it_encKeyPairTypes */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x03,
+ /* NID_id_it_preferredSymmAlg */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x04,
+ /* NID_id_it_caKeyUpdateInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x05,
+ /* NID_id_it_currentCRL */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x06,
+ /* NID_id_it_unsupportedOIDs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x07,
+ /* NID_id_it_subscriptionRequest */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x08,
+ /* NID_id_it_subscriptionResponse */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x09,
+ /* NID_id_it_keyPairParamReq */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0a,
+ /* NID_id_it_keyPairParamRep */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0b,
+ /* NID_id_it_revPassphrase */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0c,
+ /* NID_id_it_implicitConfirm */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0d,
+ /* NID_id_it_confirmWaitTime */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0e,
+ /* NID_id_it_origPKIMessage */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0f,
+ /* NID_id_regCtrl */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01,
+ /* NID_id_regInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02,
+ /* NID_id_regCtrl_regToken */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x01,
+ /* NID_id_regCtrl_authenticator */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x02,
+ /* NID_id_regCtrl_pkiPublicationInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x03,
+ /* NID_id_regCtrl_pkiArchiveOptions */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x04,
+ /* NID_id_regCtrl_oldCertID */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x05,
+ /* NID_id_regCtrl_protocolEncrKey */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x06,
+ /* NID_id_regInfo_utf8Pairs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02, 0x01,
+ /* NID_id_regInfo_certReq */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02, 0x02,
+ /* NID_id_alg_des40 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x01,
+ /* NID_id_alg_noSignature */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x02,
+ /* NID_id_alg_dh_sig_hmac_sha1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x03,
+ /* NID_id_alg_dh_pop */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x04,
+ /* NID_id_cmc_statusInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x01,
+ /* NID_id_cmc_identification */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x02,
+ /* NID_id_cmc_identityProof */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x03,
+ /* NID_id_cmc_dataReturn */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x04,
+ /* NID_id_cmc_transactionId */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x05,
+ /* NID_id_cmc_senderNonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x06,
+ /* NID_id_cmc_recipientNonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x07,
+ /* NID_id_cmc_addExtensions */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x08,
+ /* NID_id_cmc_encryptedPOP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x09,
+ /* NID_id_cmc_decryptedPOP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0a,
+ /* NID_id_cmc_lraPOPWitness */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0b,
+ /* NID_id_cmc_getCert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0f,
+ /* NID_id_cmc_getCRL */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x10,
+ /* NID_id_cmc_revokeRequest */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x11,
+ /* NID_id_cmc_regInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x12,
+ /* NID_id_cmc_responseInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x13,
+ /* NID_id_cmc_queryPending */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x15,
+ /* NID_id_cmc_popLinkRandom */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x16,
+ /* NID_id_cmc_popLinkWitness */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x17,
+ /* NID_id_cmc_confirmCertAcceptance */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x18,
+ /* NID_id_on_personalData */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x01,
+ /* NID_id_pda_dateOfBirth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x01,
+ /* NID_id_pda_placeOfBirth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x02,
+ /* NID_id_pda_gender */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x03,
+ /* NID_id_pda_countryOfCitizenship */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x04,
+ /* NID_id_pda_countryOfResidence */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x05,
+ /* NID_id_aca_authenticationInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x01,
+ /* NID_id_aca_accessIdentity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x02,
+ /* NID_id_aca_chargingIdentity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x03,
+ /* NID_id_aca_group */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x04,
+ /* NID_id_aca_role */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x05,
+ /* NID_id_qcs_pkixQCSyntax_v1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0b, 0x01,
+ /* NID_id_cct_crs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x01,
+ /* NID_id_cct_PKIData */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x02,
+ /* NID_id_cct_PKIResponse */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x03,
+ /* NID_ad_timeStamping */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x03,
+ /* NID_ad_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x04,
+ /* NID_id_pkix_OCSP_basic */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01,
+ /* NID_id_pkix_OCSP_Nonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02,
+ /* NID_id_pkix_OCSP_CrlID */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x03,
+ /* NID_id_pkix_OCSP_acceptableResponses */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04,
+ /* NID_id_pkix_OCSP_noCheck */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x05,
+ /* NID_id_pkix_OCSP_archiveCutoff */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x06,
+ /* NID_id_pkix_OCSP_serviceLocator */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x07,
+ /* NID_id_pkix_OCSP_extendedStatus */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x08,
+ /* NID_id_pkix_OCSP_valid */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x09,
+ /* NID_id_pkix_OCSP_path */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x0a,
+ /* NID_id_pkix_OCSP_trustRoot */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x0b,
+ /* NID_algorithm */
+ 0x2b, 0x0e, 0x03, 0x02,
+ /* NID_rsaSignature */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0b,
+ /* NID_X500algorithms */
+ 0x55, 0x08,
+ /* NID_org */
+ 0x2b,
+ /* NID_dod */
+ 0x2b, 0x06,
+ /* NID_iana */
+ 0x2b, 0x06, 0x01,
+ /* NID_Directory */
+ 0x2b, 0x06, 0x01, 0x01,
+ /* NID_Management */
+ 0x2b, 0x06, 0x01, 0x02,
+ /* NID_Experimental */
+ 0x2b, 0x06, 0x01, 0x03,
+ /* NID_Private */
+ 0x2b, 0x06, 0x01, 0x04,
+ /* NID_Security */
+ 0x2b, 0x06, 0x01, 0x05,
+ /* NID_SNMPv2 */
+ 0x2b, 0x06, 0x01, 0x06,
+ /* NID_Mail */
+ 0x2b, 0x06, 0x01, 0x07,
+ /* NID_Enterprises */
+ 0x2b, 0x06, 0x01, 0x04, 0x01,
+ /* NID_dcObject */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x82, 0x58,
+ /* NID_domainComponent */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x19,
+ /* NID_Domain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0d,
+ /* NID_selected_attribute_types */
+ 0x55, 0x01, 0x05,
+ /* NID_clearance */
+ 0x55, 0x01, 0x05, 0x37,
+ /* NID_md4WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x03,
+ /* NID_ac_proxying */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0a,
+ /* NID_sinfo_access */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0b,
+ /* NID_id_aca_encAttrs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x06,
+ /* NID_role */
+ 0x55, 0x04, 0x48,
+ /* NID_policy_constraints */
+ 0x55, 0x1d, 0x24,
+ /* NID_target_information */
+ 0x55, 0x1d, 0x37,
+ /* NID_no_rev_avail */
+ 0x55, 0x1d, 0x38,
+ /* NID_ansi_X9_62 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ /* NID_X9_62_prime_field */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+ /* NID_X9_62_characteristic_two_field */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02,
+ /* NID_X9_62_id_ecPublicKey */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ /* NID_X9_62_prime192v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x01,
+ /* NID_X9_62_prime192v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x02,
+ /* NID_X9_62_prime192v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x03,
+ /* NID_X9_62_prime239v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x04,
+ /* NID_X9_62_prime239v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x05,
+ /* NID_X9_62_prime239v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x06,
+ /* NID_X9_62_prime256v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+ /* NID_ecdsa_with_SHA1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
+ /* NID_ms_csp_name */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x11, 0x01,
+ /* NID_aes_128_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x01,
+ /* NID_aes_128_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x02,
+ /* NID_aes_128_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x03,
+ /* NID_aes_128_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x04,
+ /* NID_aes_192_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x15,
+ /* NID_aes_192_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x16,
+ /* NID_aes_192_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x17,
+ /* NID_aes_192_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x18,
+ /* NID_aes_256_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x29,
+ /* NID_aes_256_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2a,
+ /* NID_aes_256_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2b,
+ /* NID_aes_256_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2c,
+ /* NID_hold_instruction_code */
+ 0x55, 0x1d, 0x17,
+ /* NID_hold_instruction_none */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x01,
+ /* NID_hold_instruction_call_issuer */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x02,
+ /* NID_hold_instruction_reject */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x03,
+ /* NID_data */
+ 0x09,
+ /* NID_pss */
+ 0x09, 0x92, 0x26,
+ /* NID_ucl */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c,
+ /* NID_pilot */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64,
+ /* NID_pilotAttributeType */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01,
+ /* NID_pilotAttributeSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03,
+ /* NID_pilotObjectClass */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04,
+ /* NID_pilotGroups */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x0a,
+ /* NID_iA5StringSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03, 0x04,
+ /* NID_caseIgnoreIA5StringSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03, 0x05,
+ /* NID_pilotObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x03,
+ /* NID_pilotPerson */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x04,
+ /* NID_account */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x05,
+ /* NID_document */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x06,
+ /* NID_room */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x07,
+ /* NID_documentSeries */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x09,
+ /* NID_rFC822localPart */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0e,
+ /* NID_dNSDomain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0f,
+ /* NID_domainRelatedObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x11,
+ /* NID_friendlyCountry */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x12,
+ /* NID_simpleSecurityObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x13,
+ /* NID_pilotOrganization */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x14,
+ /* NID_pilotDSA */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x15,
+ /* NID_qualityLabelledData */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x16,
+ /* NID_userId */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x01,
+ /* NID_textEncodedORAddress */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x02,
+ /* NID_rfc822Mailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x03,
+ /* NID_info */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x04,
+ /* NID_favouriteDrink */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x05,
+ /* NID_roomNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x06,
+ /* NID_photo */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x07,
+ /* NID_userClass */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x08,
+ /* NID_host */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x09,
+ /* NID_manager */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0a,
+ /* NID_documentIdentifier */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0b,
+ /* NID_documentTitle */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0c,
+ /* NID_documentVersion */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0d,
+ /* NID_documentAuthor */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0e,
+ /* NID_documentLocation */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0f,
+ /* NID_homeTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x14,
+ /* NID_secretary */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x15,
+ /* NID_otherMailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x16,
+ /* NID_lastModifiedTime */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x17,
+ /* NID_lastModifiedBy */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x18,
+ /* NID_aRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1a,
+ /* NID_pilotAttributeType27 */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1b,
+ /* NID_mXRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1c,
+ /* NID_nSRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1d,
+ /* NID_sOARecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1e,
+ /* NID_cNAMERecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1f,
+ /* NID_associatedDomain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x25,
+ /* NID_associatedName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x26,
+ /* NID_homePostalAddress */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x27,
+ /* NID_personalTitle */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x28,
+ /* NID_mobileTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x29,
+ /* NID_pagerTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2a,
+ /* NID_friendlyCountryName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2b,
+ /* NID_organizationalStatus */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2d,
+ /* NID_janetMailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2e,
+ /* NID_mailPreferenceOption */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2f,
+ /* NID_buildingName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x30,
+ /* NID_dSAQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x31,
+ /* NID_singleLevelQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x32,
+ /* NID_subtreeMinimumQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x33,
+ /* NID_subtreeMaximumQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x34,
+ /* NID_personalSignature */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x35,
+ /* NID_dITRedirect */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x36,
+ /* NID_audio */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x37,
+ /* NID_documentPublisher */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x38,
+ /* NID_x500UniqueIdentifier */
+ 0x55, 0x04, 0x2d,
+ /* NID_mime_mhs */
+ 0x2b, 0x06, 0x01, 0x07, 0x01,
+ /* NID_mime_mhs_headings */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01,
+ /* NID_mime_mhs_bodies */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x02,
+ /* NID_id_hex_partial_message */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01, 0x01,
+ /* NID_id_hex_multipart_message */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01, 0x02,
+ /* NID_generationQualifier */
+ 0x55, 0x04, 0x2c,
+ /* NID_pseudonym */
+ 0x55, 0x04, 0x41,
+ /* NID_id_set */
+ 0x67, 0x2a,
+ /* NID_set_ctype */
+ 0x67, 0x2a, 0x00,
+ /* NID_set_msgExt */
+ 0x67, 0x2a, 0x01,
+ /* NID_set_attr */
+ 0x67, 0x2a, 0x03,
+ /* NID_set_policy */
+ 0x67, 0x2a, 0x05,
+ /* NID_set_certExt */
+ 0x67, 0x2a, 0x07,
+ /* NID_set_brand */
+ 0x67, 0x2a, 0x08,
+ /* NID_setct_PANData */
+ 0x67, 0x2a, 0x00, 0x00,
+ /* NID_setct_PANToken */
+ 0x67, 0x2a, 0x00, 0x01,
+ /* NID_setct_PANOnly */
+ 0x67, 0x2a, 0x00, 0x02,
+ /* NID_setct_OIData */
+ 0x67, 0x2a, 0x00, 0x03,
+ /* NID_setct_PI */
+ 0x67, 0x2a, 0x00, 0x04,
+ /* NID_setct_PIData */
+ 0x67, 0x2a, 0x00, 0x05,
+ /* NID_setct_PIDataUnsigned */
+ 0x67, 0x2a, 0x00, 0x06,
+ /* NID_setct_HODInput */
+ 0x67, 0x2a, 0x00, 0x07,
+ /* NID_setct_AuthResBaggage */
+ 0x67, 0x2a, 0x00, 0x08,
+ /* NID_setct_AuthRevReqBaggage */
+ 0x67, 0x2a, 0x00, 0x09,
+ /* NID_setct_AuthRevResBaggage */
+ 0x67, 0x2a, 0x00, 0x0a,
+ /* NID_setct_CapTokenSeq */
+ 0x67, 0x2a, 0x00, 0x0b,
+ /* NID_setct_PInitResData */
+ 0x67, 0x2a, 0x00, 0x0c,
+ /* NID_setct_PI_TBS */
+ 0x67, 0x2a, 0x00, 0x0d,
+ /* NID_setct_PResData */
+ 0x67, 0x2a, 0x00, 0x0e,
+ /* NID_setct_AuthReqTBS */
+ 0x67, 0x2a, 0x00, 0x10,
+ /* NID_setct_AuthResTBS */
+ 0x67, 0x2a, 0x00, 0x11,
+ /* NID_setct_AuthResTBSX */
+ 0x67, 0x2a, 0x00, 0x12,
+ /* NID_setct_AuthTokenTBS */
+ 0x67, 0x2a, 0x00, 0x13,
+ /* NID_setct_CapTokenData */
+ 0x67, 0x2a, 0x00, 0x14,
+ /* NID_setct_CapTokenTBS */
+ 0x67, 0x2a, 0x00, 0x15,
+ /* NID_setct_AcqCardCodeMsg */
+ 0x67, 0x2a, 0x00, 0x16,
+ /* NID_setct_AuthRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x17,
+ /* NID_setct_AuthRevResData */
+ 0x67, 0x2a, 0x00, 0x18,
+ /* NID_setct_AuthRevResTBS */
+ 0x67, 0x2a, 0x00, 0x19,
+ /* NID_setct_CapReqTBS */
+ 0x67, 0x2a, 0x00, 0x1a,
+ /* NID_setct_CapReqTBSX */
+ 0x67, 0x2a, 0x00, 0x1b,
+ /* NID_setct_CapResData */
+ 0x67, 0x2a, 0x00, 0x1c,
+ /* NID_setct_CapRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x1d,
+ /* NID_setct_CapRevReqTBSX */
+ 0x67, 0x2a, 0x00, 0x1e,
+ /* NID_setct_CapRevResData */
+ 0x67, 0x2a, 0x00, 0x1f,
+ /* NID_setct_CredReqTBS */
+ 0x67, 0x2a, 0x00, 0x20,
+ /* NID_setct_CredReqTBSX */
+ 0x67, 0x2a, 0x00, 0x21,
+ /* NID_setct_CredResData */
+ 0x67, 0x2a, 0x00, 0x22,
+ /* NID_setct_CredRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x23,
+ /* NID_setct_CredRevReqTBSX */
+ 0x67, 0x2a, 0x00, 0x24,
+ /* NID_setct_CredRevResData */
+ 0x67, 0x2a, 0x00, 0x25,
+ /* NID_setct_PCertReqData */
+ 0x67, 0x2a, 0x00, 0x26,
+ /* NID_setct_PCertResTBS */
+ 0x67, 0x2a, 0x00, 0x27,
+ /* NID_setct_BatchAdminReqData */
+ 0x67, 0x2a, 0x00, 0x28,
+ /* NID_setct_BatchAdminResData */
+ 0x67, 0x2a, 0x00, 0x29,
+ /* NID_setct_CardCInitResTBS */
+ 0x67, 0x2a, 0x00, 0x2a,
+ /* NID_setct_MeAqCInitResTBS */
+ 0x67, 0x2a, 0x00, 0x2b,
+ /* NID_setct_RegFormResTBS */
+ 0x67, 0x2a, 0x00, 0x2c,
+ /* NID_setct_CertReqData */
+ 0x67, 0x2a, 0x00, 0x2d,
+ /* NID_setct_CertReqTBS */
+ 0x67, 0x2a, 0x00, 0x2e,
+ /* NID_setct_CertResData */
+ 0x67, 0x2a, 0x00, 0x2f,
+ /* NID_setct_CertInqReqTBS */
+ 0x67, 0x2a, 0x00, 0x30,
+ /* NID_setct_ErrorTBS */
+ 0x67, 0x2a, 0x00, 0x31,
+ /* NID_setct_PIDualSignedTBE */
+ 0x67, 0x2a, 0x00, 0x32,
+ /* NID_setct_PIUnsignedTBE */
+ 0x67, 0x2a, 0x00, 0x33,
+ /* NID_setct_AuthReqTBE */
+ 0x67, 0x2a, 0x00, 0x34,
+ /* NID_setct_AuthResTBE */
+ 0x67, 0x2a, 0x00, 0x35,
+ /* NID_setct_AuthResTBEX */
+ 0x67, 0x2a, 0x00, 0x36,
+ /* NID_setct_AuthTokenTBE */
+ 0x67, 0x2a, 0x00, 0x37,
+ /* NID_setct_CapTokenTBE */
+ 0x67, 0x2a, 0x00, 0x38,
+ /* NID_setct_CapTokenTBEX */
+ 0x67, 0x2a, 0x00, 0x39,
+ /* NID_setct_AcqCardCodeMsgTBE */
+ 0x67, 0x2a, 0x00, 0x3a,
+ /* NID_setct_AuthRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x3b,
+ /* NID_setct_AuthRevResTBE */
+ 0x67, 0x2a, 0x00, 0x3c,
+ /* NID_setct_AuthRevResTBEB */
+ 0x67, 0x2a, 0x00, 0x3d,
+ /* NID_setct_CapReqTBE */
+ 0x67, 0x2a, 0x00, 0x3e,
+ /* NID_setct_CapReqTBEX */
+ 0x67, 0x2a, 0x00, 0x3f,
+ /* NID_setct_CapResTBE */
+ 0x67, 0x2a, 0x00, 0x40,
+ /* NID_setct_CapRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x41,
+ /* NID_setct_CapRevReqTBEX */
+ 0x67, 0x2a, 0x00, 0x42,
+ /* NID_setct_CapRevResTBE */
+ 0x67, 0x2a, 0x00, 0x43,
+ /* NID_setct_CredReqTBE */
+ 0x67, 0x2a, 0x00, 0x44,
+ /* NID_setct_CredReqTBEX */
+ 0x67, 0x2a, 0x00, 0x45,
+ /* NID_setct_CredResTBE */
+ 0x67, 0x2a, 0x00, 0x46,
+ /* NID_setct_CredRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x47,
+ /* NID_setct_CredRevReqTBEX */
+ 0x67, 0x2a, 0x00, 0x48,
+ /* NID_setct_CredRevResTBE */
+ 0x67, 0x2a, 0x00, 0x49,
+ /* NID_setct_BatchAdminReqTBE */
+ 0x67, 0x2a, 0x00, 0x4a,
+ /* NID_setct_BatchAdminResTBE */
+ 0x67, 0x2a, 0x00, 0x4b,
+ /* NID_setct_RegFormReqTBE */
+ 0x67, 0x2a, 0x00, 0x4c,
+ /* NID_setct_CertReqTBE */
+ 0x67, 0x2a, 0x00, 0x4d,
+ /* NID_setct_CertReqTBEX */
+ 0x67, 0x2a, 0x00, 0x4e,
+ /* NID_setct_CertResTBE */
+ 0x67, 0x2a, 0x00, 0x4f,
+ /* NID_setct_CRLNotificationTBS */
+ 0x67, 0x2a, 0x00, 0x50,
+ /* NID_setct_CRLNotificationResTBS */
+ 0x67, 0x2a, 0x00, 0x51,
+ /* NID_setct_BCIDistributionTBS */
+ 0x67, 0x2a, 0x00, 0x52,
+ /* NID_setext_genCrypt */
+ 0x67, 0x2a, 0x01, 0x01,
+ /* NID_setext_miAuth */
+ 0x67, 0x2a, 0x01, 0x03,
+ /* NID_setext_pinSecure */
+ 0x67, 0x2a, 0x01, 0x04,
+ /* NID_setext_pinAny */
+ 0x67, 0x2a, 0x01, 0x05,
+ /* NID_setext_track2 */
+ 0x67, 0x2a, 0x01, 0x07,
+ /* NID_setext_cv */
+ 0x67, 0x2a, 0x01, 0x08,
+ /* NID_set_policy_root */
+ 0x67, 0x2a, 0x05, 0x00,
+ /* NID_setCext_hashedRoot */
+ 0x67, 0x2a, 0x07, 0x00,
+ /* NID_setCext_certType */
+ 0x67, 0x2a, 0x07, 0x01,
+ /* NID_setCext_merchData */
+ 0x67, 0x2a, 0x07, 0x02,
+ /* NID_setCext_cCertRequired */
+ 0x67, 0x2a, 0x07, 0x03,
+ /* NID_setCext_tunneling */
+ 0x67, 0x2a, 0x07, 0x04,
+ /* NID_setCext_setExt */
+ 0x67, 0x2a, 0x07, 0x05,
+ /* NID_setCext_setQualf */
+ 0x67, 0x2a, 0x07, 0x06,
+ /* NID_setCext_PGWYcapabilities */
+ 0x67, 0x2a, 0x07, 0x07,
+ /* NID_setCext_TokenIdentifier */
+ 0x67, 0x2a, 0x07, 0x08,
+ /* NID_setCext_Track2Data */
+ 0x67, 0x2a, 0x07, 0x09,
+ /* NID_setCext_TokenType */
+ 0x67, 0x2a, 0x07, 0x0a,
+ /* NID_setCext_IssuerCapabilities */
+ 0x67, 0x2a, 0x07, 0x0b,
+ /* NID_setAttr_Cert */
+ 0x67, 0x2a, 0x03, 0x00,
+ /* NID_setAttr_PGWYcap */
+ 0x67, 0x2a, 0x03, 0x01,
+ /* NID_setAttr_TokenType */
+ 0x67, 0x2a, 0x03, 0x02,
+ /* NID_setAttr_IssCap */
+ 0x67, 0x2a, 0x03, 0x03,
+ /* NID_set_rootKeyThumb */
+ 0x67, 0x2a, 0x03, 0x00, 0x00,
+ /* NID_set_addPolicy */
+ 0x67, 0x2a, 0x03, 0x00, 0x01,
+ /* NID_setAttr_Token_EMV */
+ 0x67, 0x2a, 0x03, 0x02, 0x01,
+ /* NID_setAttr_Token_B0Prime */
+ 0x67, 0x2a, 0x03, 0x02, 0x02,
+ /* NID_setAttr_IssCap_CVM */
+ 0x67, 0x2a, 0x03, 0x03, 0x03,
+ /* NID_setAttr_IssCap_T2 */
+ 0x67, 0x2a, 0x03, 0x03, 0x04,
+ /* NID_setAttr_IssCap_Sig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05,
+ /* NID_setAttr_GenCryptgrm */
+ 0x67, 0x2a, 0x03, 0x03, 0x03, 0x01,
+ /* NID_setAttr_T2Enc */
+ 0x67, 0x2a, 0x03, 0x03, 0x04, 0x01,
+ /* NID_setAttr_T2cleartxt */
+ 0x67, 0x2a, 0x03, 0x03, 0x04, 0x02,
+ /* NID_setAttr_TokICCsig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05, 0x01,
+ /* NID_setAttr_SecDevSig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05, 0x02,
+ /* NID_set_brand_IATA_ATA */
+ 0x67, 0x2a, 0x08, 0x01,
+ /* NID_set_brand_Diners */
+ 0x67, 0x2a, 0x08, 0x1e,
+ /* NID_set_brand_AmericanExpress */
+ 0x67, 0x2a, 0x08, 0x22,
+ /* NID_set_brand_JCB */
+ 0x67, 0x2a, 0x08, 0x23,
+ /* NID_set_brand_Visa */
+ 0x67, 0x2a, 0x08, 0x04,
+ /* NID_set_brand_MasterCard */
+ 0x67, 0x2a, 0x08, 0x05,
+ /* NID_set_brand_Novus */
+ 0x67, 0x2a, 0x08, 0xae, 0x7b,
+ /* NID_des_cdmf */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x0a,
+ /* NID_rsaOAEPEncryptionSET */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x06,
+ /* NID_international_organizations */
+ 0x67,
+ /* NID_ms_smartcard_login */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x02,
+ /* NID_ms_upn */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03,
+ /* NID_streetAddress */
+ 0x55, 0x04, 0x09,
+ /* NID_postalCode */
+ 0x55, 0x04, 0x11,
+ /* NID_id_ppl */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15,
+ /* NID_proxyCertInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0e,
+ /* NID_id_ppl_anyLanguage */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x00,
+ /* NID_id_ppl_inheritAll */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x01,
+ /* NID_name_constraints */
+ 0x55, 0x1d, 0x1e,
+ /* NID_Independent */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x02,
+ /* NID_sha256WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
+ /* NID_sha384WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
+ /* NID_sha512WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
+ /* NID_sha224WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0e,
+ /* NID_sha256 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
+ /* NID_sha384 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
+ /* NID_sha512 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
+ /* NID_sha224 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04,
+ /* NID_identified_organization */
+ 0x2b,
+ /* NID_certicom_arc */
+ 0x2b, 0x81, 0x04,
+ /* NID_wap */
+ 0x67, 0x2b,
+ /* NID_wap_wsg */
+ 0x67, 0x2b, 0x01,
+ /* NID_X9_62_id_characteristic_two_basis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03,
+ /* NID_X9_62_onBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x01,
+ /* NID_X9_62_tpBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x02,
+ /* NID_X9_62_ppBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x03,
+ /* NID_X9_62_c2pnb163v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x01,
+ /* NID_X9_62_c2pnb163v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x02,
+ /* NID_X9_62_c2pnb163v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x03,
+ /* NID_X9_62_c2pnb176v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x04,
+ /* NID_X9_62_c2tnb191v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x05,
+ /* NID_X9_62_c2tnb191v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x06,
+ /* NID_X9_62_c2tnb191v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x07,
+ /* NID_X9_62_c2onb191v4 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x08,
+ /* NID_X9_62_c2onb191v5 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x09,
+ /* NID_X9_62_c2pnb208w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0a,
+ /* NID_X9_62_c2tnb239v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0b,
+ /* NID_X9_62_c2tnb239v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0c,
+ /* NID_X9_62_c2tnb239v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0d,
+ /* NID_X9_62_c2onb239v4 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0e,
+ /* NID_X9_62_c2onb239v5 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0f,
+ /* NID_X9_62_c2pnb272w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x10,
+ /* NID_X9_62_c2pnb304w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x11,
+ /* NID_X9_62_c2tnb359v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x12,
+ /* NID_X9_62_c2pnb368w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x13,
+ /* NID_X9_62_c2tnb431r1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x14,
+ /* NID_secp112r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x06,
+ /* NID_secp112r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x07,
+ /* NID_secp128r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1c,
+ /* NID_secp128r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1d,
+ /* NID_secp160k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x09,
+ /* NID_secp160r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x08,
+ /* NID_secp160r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1e,
+ /* NID_secp192k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1f,
+ /* NID_secp224k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x20,
+ /* NID_secp224r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x21,
+ /* NID_secp256k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x0a,
+ /* NID_secp384r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x22,
+ /* NID_secp521r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x23,
+ /* NID_sect113r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x04,
+ /* NID_sect113r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x05,
+ /* NID_sect131r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x16,
+ /* NID_sect131r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x17,
+ /* NID_sect163k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x01,
+ /* NID_sect163r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x02,
+ /* NID_sect163r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x0f,
+ /* NID_sect193r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x18,
+ /* NID_sect193r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x19,
+ /* NID_sect233k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1a,
+ /* NID_sect233r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1b,
+ /* NID_sect239k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x03,
+ /* NID_sect283k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x10,
+ /* NID_sect283r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x11,
+ /* NID_sect409k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x24,
+ /* NID_sect409r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x25,
+ /* NID_sect571k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x26,
+ /* NID_sect571r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x27,
+ /* NID_wap_wsg_idm_ecid_wtls1 */
+ 0x67, 0x2b, 0x01, 0x04, 0x01,
+ /* NID_wap_wsg_idm_ecid_wtls3 */
+ 0x67, 0x2b, 0x01, 0x04, 0x03,
+ /* NID_wap_wsg_idm_ecid_wtls4 */
+ 0x67, 0x2b, 0x01, 0x04, 0x04,
+ /* NID_wap_wsg_idm_ecid_wtls5 */
+ 0x67, 0x2b, 0x01, 0x04, 0x05,
+ /* NID_wap_wsg_idm_ecid_wtls6 */
+ 0x67, 0x2b, 0x01, 0x04, 0x06,
+ /* NID_wap_wsg_idm_ecid_wtls7 */
+ 0x67, 0x2b, 0x01, 0x04, 0x07,
+ /* NID_wap_wsg_idm_ecid_wtls8 */
+ 0x67, 0x2b, 0x01, 0x04, 0x08,
+ /* NID_wap_wsg_idm_ecid_wtls9 */
+ 0x67, 0x2b, 0x01, 0x04, 0x09,
+ /* NID_wap_wsg_idm_ecid_wtls10 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0a,
+ /* NID_wap_wsg_idm_ecid_wtls11 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0b,
+ /* NID_wap_wsg_idm_ecid_wtls12 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0c,
+ /* NID_any_policy */
+ 0x55, 0x1d, 0x20, 0x00,
+ /* NID_policy_mappings */
+ 0x55, 0x1d, 0x21,
+ /* NID_inhibit_any_policy */
+ 0x55, 0x1d, 0x36,
+ /* NID_camellia_128_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x02,
+ /* NID_camellia_192_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x03,
+ /* NID_camellia_256_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x04,
+ /* NID_camellia_128_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x01,
+ /* NID_camellia_192_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x15,
+ /* NID_camellia_256_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x29,
+ /* NID_camellia_128_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x04,
+ /* NID_camellia_192_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x18,
+ /* NID_camellia_256_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x2c,
+ /* NID_camellia_128_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x03,
+ /* NID_camellia_192_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x17,
+ /* NID_camellia_256_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x2b,
+ /* NID_subject_directory_attributes */
+ 0x55, 0x1d, 0x09,
+ /* NID_issuing_distribution_point */
+ 0x55, 0x1d, 0x1c,
+ /* NID_certificate_issuer */
+ 0x55, 0x1d, 0x1d,
+ /* NID_kisa */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44,
+ /* NID_seed_ecb */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x03,
+ /* NID_seed_cbc */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x04,
+ /* NID_seed_ofb128 */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x06,
+ /* NID_seed_cfb128 */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x05,
+ /* NID_hmac_md5 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x08, 0x01, 0x01,
+ /* NID_hmac_sha1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x08, 0x01, 0x02,
+ /* NID_id_PasswordBasedMAC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0d,
+ /* NID_id_DHBasedMac */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x1e,
+ /* NID_id_it_suppLangTags */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x10,
+ /* NID_caRepository */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x05,
+ /* NID_id_smime_ct_compressedData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x09,
+ /* NID_id_ct_asciiTextWithCRLF */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x1b,
+ /* NID_id_aes128_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x05,
+ /* NID_id_aes192_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x19,
+ /* NID_id_aes256_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2d,
+ /* NID_ecdsa_with_Recommended */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x02,
+ /* NID_ecdsa_with_Specified */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03,
+ /* NID_ecdsa_with_SHA224 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x01,
+ /* NID_ecdsa_with_SHA256 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
+ /* NID_ecdsa_with_SHA384 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
+ /* NID_ecdsa_with_SHA512 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
+ /* NID_hmacWithMD5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x06,
+ /* NID_hmacWithSHA224 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x08,
+ /* NID_hmacWithSHA256 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x09,
+ /* NID_hmacWithSHA384 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x0a,
+ /* NID_hmacWithSHA512 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x0b,
+ /* NID_dsa_with_SHA224 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x01,
+ /* NID_dsa_with_SHA256 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x02,
+ /* NID_whirlpool */
+ 0x28, 0xcf, 0x06, 0x03, 0x00, 0x37,
+ /* NID_cryptopro */
+ 0x2a, 0x85, 0x03, 0x02, 0x02,
+ /* NID_cryptocom */
+ 0x2a, 0x85, 0x03, 0x02, 0x09,
+ /* NID_id_GostR3411_94_with_GostR3410_2001 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x03,
+ /* NID_id_GostR3411_94_with_GostR3410_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x04,
+ /* NID_id_GostR3411_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x09,
+ /* NID_id_HMACGostR3411_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0a,
+ /* NID_id_GostR3410_2001 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13,
+ /* NID_id_GostR3410_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14,
+ /* NID_id_Gost28147_89 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x15,
+ /* NID_id_Gost28147_89_MAC */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16,
+ /* NID_id_GostR3411_94_prf */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17,
+ /* NID_id_GostR3410_2001DH */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x62,
+ /* NID_id_GostR3410_94DH */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x63,
+ /* NID_id_Gost28147_89_CryptoPro_KeyMeshing */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0e, 0x01,
+ /* NID_id_Gost28147_89_None_KeyMeshing */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0e, 0x00,
+ /* NID_id_GostR3411_94_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x00,
+ /* NID_id_GostR3411_94_CryptoProParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x01,
+ /* NID_id_Gost28147_89_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x00,
+ /* NID_id_Gost28147_89_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x01,
+ /* NID_id_Gost28147_89_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x02,
+ /* NID_id_Gost28147_89_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x03,
+ /* NID_id_Gost28147_89_CryptoPro_D_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x04,
+ /* NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x05,
+ /* NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x06,
+ /* NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x07,
+ /* NID_id_GostR3410_94_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x00,
+ /* NID_id_GostR3410_94_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x02,
+ /* NID_id_GostR3410_94_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x03,
+ /* NID_id_GostR3410_94_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x04,
+ /* NID_id_GostR3410_94_CryptoPro_D_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x05,
+ /* NID_id_GostR3410_94_CryptoPro_XchA_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x01,
+ /* NID_id_GostR3410_94_CryptoPro_XchB_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x02,
+ /* NID_id_GostR3410_94_CryptoPro_XchC_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x03,
+ /* NID_id_GostR3410_2001_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x00,
+ /* NID_id_GostR3410_2001_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x01,
+ /* NID_id_GostR3410_2001_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x02,
+ /* NID_id_GostR3410_2001_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x03,
+ /* NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x24, 0x00,
+ /* NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x24, 0x01,
+ /* NID_id_GostR3410_94_a */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x01,
+ /* NID_id_GostR3410_94_aBis */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x02,
+ /* NID_id_GostR3410_94_b */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x03,
+ /* NID_id_GostR3410_94_bBis */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x04,
+ /* NID_id_Gost28147_89_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x06, 0x01,
+ /* NID_id_GostR3410_94_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x05, 0x03,
+ /* NID_id_GostR3410_2001_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x05, 0x04,
+ /* NID_id_GostR3411_94_with_GostR3410_94_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x03, 0x03,
+ /* NID_id_GostR3411_94_with_GostR3410_2001_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x03, 0x04,
+ /* NID_id_GostR3410_2001_ParamSet_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x08, 0x01,
+ /* NID_LocalKeySet */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x11, 0x02,
+ /* NID_freshest_crl */
+ 0x55, 0x1d, 0x2e,
+ /* NID_id_on_permanentIdentifier */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x03,
+ /* NID_searchGuide */
+ 0x55, 0x04, 0x0e,
+ /* NID_businessCategory */
+ 0x55, 0x04, 0x0f,
+ /* NID_postalAddress */
+ 0x55, 0x04, 0x10,
+ /* NID_postOfficeBox */
+ 0x55, 0x04, 0x12,
+ /* NID_physicalDeliveryOfficeName */
+ 0x55, 0x04, 0x13,
+ /* NID_telephoneNumber */
+ 0x55, 0x04, 0x14,
+ /* NID_telexNumber */
+ 0x55, 0x04, 0x15,
+ /* NID_teletexTerminalIdentifier */
+ 0x55, 0x04, 0x16,
+ /* NID_facsimileTelephoneNumber */
+ 0x55, 0x04, 0x17,
+ /* NID_x121Address */
+ 0x55, 0x04, 0x18,
+ /* NID_internationaliSDNNumber */
+ 0x55, 0x04, 0x19,
+ /* NID_registeredAddress */
+ 0x55, 0x04, 0x1a,
+ /* NID_destinationIndicator */
+ 0x55, 0x04, 0x1b,
+ /* NID_preferredDeliveryMethod */
+ 0x55, 0x04, 0x1c,
+ /* NID_presentationAddress */
+ 0x55, 0x04, 0x1d,
+ /* NID_supportedApplicationContext */
+ 0x55, 0x04, 0x1e,
+ /* NID_member */
+ 0x55, 0x04, 0x1f,
+ /* NID_owner */
+ 0x55, 0x04, 0x20,
+ /* NID_roleOccupant */
+ 0x55, 0x04, 0x21,
+ /* NID_seeAlso */
+ 0x55, 0x04, 0x22,
+ /* NID_userPassword */
+ 0x55, 0x04, 0x23,
+ /* NID_userCertificate */
+ 0x55, 0x04, 0x24,
+ /* NID_cACertificate */
+ 0x55, 0x04, 0x25,
+ /* NID_authorityRevocationList */
+ 0x55, 0x04, 0x26,
+ /* NID_certificateRevocationList */
+ 0x55, 0x04, 0x27,
+ /* NID_crossCertificatePair */
+ 0x55, 0x04, 0x28,
+ /* NID_enhancedSearchGuide */
+ 0x55, 0x04, 0x2f,
+ /* NID_protocolInformation */
+ 0x55, 0x04, 0x30,
+ /* NID_distinguishedName */
+ 0x55, 0x04, 0x31,
+ /* NID_uniqueMember */
+ 0x55, 0x04, 0x32,
+ /* NID_houseIdentifier */
+ 0x55, 0x04, 0x33,
+ /* NID_supportedAlgorithms */
+ 0x55, 0x04, 0x34,
+ /* NID_deltaRevocationList */
+ 0x55, 0x04, 0x35,
+ /* NID_dmdName */
+ 0x55, 0x04, 0x36,
+ /* NID_id_alg_PWRI_KEK */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x09,
+ /* NID_aes_128_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x06,
+ /* NID_aes_128_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x07,
+ /* NID_id_aes128_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x08,
+ /* NID_aes_192_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1a,
+ /* NID_aes_192_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1b,
+ /* NID_id_aes192_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1c,
+ /* NID_aes_256_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2e,
+ /* NID_aes_256_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2f,
+ /* NID_id_aes256_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x30,
+ /* NID_id_camellia128_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x02,
+ /* NID_id_camellia192_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x03,
+ /* NID_id_camellia256_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x04,
+ /* NID_anyExtendedKeyUsage */
+ 0x55, 0x1d, 0x25, 0x00,
+ /* NID_mgf1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08,
+ /* NID_rsassaPss */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a,
+ /* NID_rsaesOaep */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x07,
+ /* NID_dhpublicnumber */
+ 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x02, 0x01,
+ /* NID_brainpoolP160r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x01,
+ /* NID_brainpoolP160t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x02,
+ /* NID_brainpoolP192r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x03,
+ /* NID_brainpoolP192t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x04,
+ /* NID_brainpoolP224r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x05,
+ /* NID_brainpoolP224t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x06,
+ /* NID_brainpoolP256r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07,
+ /* NID_brainpoolP256t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x08,
+ /* NID_brainpoolP320r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x09,
+ /* NID_brainpoolP320t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0a,
+ /* NID_brainpoolP384r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b,
+ /* NID_brainpoolP384t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0c,
+ /* NID_brainpoolP512r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d,
+ /* NID_brainpoolP512t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0e,
+ /* NID_pSpecified */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x09,
+ /* NID_dhSinglePass_stdDH_sha1kdf_scheme */
+ 0x2b, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3f, 0x00, 0x02,
+ /* NID_dhSinglePass_stdDH_sha224kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x00,
+ /* NID_dhSinglePass_stdDH_sha256kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x01,
+ /* NID_dhSinglePass_stdDH_sha384kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x02,
+ /* NID_dhSinglePass_stdDH_sha512kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x03,
+ /* NID_dhSinglePass_cofactorDH_sha1kdf_scheme */
+ 0x2b, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3f, 0x00, 0x03,
+ /* NID_dhSinglePass_cofactorDH_sha224kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x00,
+ /* NID_dhSinglePass_cofactorDH_sha256kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x01,
+ /* NID_dhSinglePass_cofactorDH_sha384kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x02,
+ /* NID_dhSinglePass_cofactorDH_sha512kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x03,
};
-static const ASN1_OBJECT kObjects[NUM_NID]={
-{"UNDEF","undefined",NID_undef,0,NULL,0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
-{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
- &(lvalues[46]),0},
-{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
- &(lvalues[55]),0},
-{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
- &(lvalues[64]),0},
-{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
- &(lvalues[73]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0},
-{"X509","X509",NID_X509,2,&(lvalues[83]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
-{"OU","organizationalUnitName",NID_organizationalUnitName,3,
- &(lvalues[100]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
-{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
- &(lvalues[124]),0},
-{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
- &(lvalues[133]),0},
-{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
- NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
-{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
- &(lvalues[151]),0},
-{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
- &(lvalues[160]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
-{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
- &(lvalues[177]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
-{"SHA","sha",NID_sha,5,&(lvalues[225]),0},
-{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
- &(lvalues[230]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0},
-{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
- &(lvalues[256]),0},
-{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
- &(lvalues[265]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0},
-{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
- &(lvalues[283]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0},
-{"countersignature","countersignature",NID_pkcs9_countersignature,9,
- &(lvalues[301]),0},
-{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
- 9,&(lvalues[310]),0},
-{"unstructuredAddress","unstructuredAddress",
- NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0},
-{"extendedCertificateAttributes","extendedCertificateAttributes",
- NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0},
-{"Netscape","Netscape Communications Corp.",NID_netscape,7,
- &(lvalues[337]),0},
-{"nsCertExt","Netscape Certificate Extension",
- NID_netscape_cert_extension,8,&(lvalues[344]),0},
-{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
- &(lvalues[352]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0},
-{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
- &(lvalues[365]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0},
-{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
- 9,&(lvalues[384]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0},
-{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
- &(lvalues[407]),0},
-{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
- &(lvalues[416]),0},
-{"nsRevocationUrl","Netscape Revocation Url",
- NID_netscape_revocation_url,9,&(lvalues[425]),0},
-{"nsCaRevocationUrl","Netscape CA Revocation Url",
- NID_netscape_ca_revocation_url,9,&(lvalues[434]),0},
-{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
- &(lvalues[443]),0},
-{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
- 9,&(lvalues[452]),0},
-{"nsSslServerName","Netscape SSL Server Name",
- NID_netscape_ssl_server_name,9,&(lvalues[461]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0},
-{"nsCertSequence","Netscape Certificate Sequence",
- NID_netscape_cert_sequence,9,&(lvalues[479]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0},
-{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
- NID_subject_key_identifier,3,&(lvalues[490]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0},
-{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
- NID_private_key_usage_period,3,&(lvalues[496]),0},
-{"subjectAltName","X509v3 Subject Alternative Name",
- NID_subject_alt_name,3,&(lvalues[499]),0},
-{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
- 3,&(lvalues[502]),0},
-{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
- 3,&(lvalues[505]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0},
-{"certificatePolicies","X509v3 Certificate Policies",
- NID_certificate_policies,3,&(lvalues[511]),0},
-{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
- NID_authority_key_identifier,3,&(lvalues[514]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
-{"GN","givenName",NID_givenName,3,&(lvalues[534]),0},
-{"SN","surname",NID_surname,3,&(lvalues[537]),0},
-{"initials","initials",NID_initials,3,&(lvalues[540]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"crlDistributionPoints","X509v3 CRL Distribution Points",
- NID_crl_distribution_points,3,&(lvalues[543]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0},
-{"title","title",NID_title,3,&(lvalues[554]),0},
-{"description","description",NID_description,3,&(lvalues[557]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
-{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
- NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
- &(lvalues[602]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[616]),0},
-{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
- &(lvalues[627]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[630]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[636]),0},
-{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
- &(lvalues[643]),0},
-{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
- &(lvalues[651]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[659]),0},
-{"emailProtection","E-mail Protection",NID_email_protect,8,
- &(lvalues[667]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[675]),0},
-{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
- &(lvalues[683]),0},
-{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
- &(lvalues[693]),0},
-{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
- &(lvalues[703]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[713]),0},
-{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
- &(lvalues[723]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[733]),0},
-{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
- &(lvalues[742]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[745]),0},
-{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
- &(lvalues[748]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[751]),0},
-{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
- NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[756]),0},
-{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
- NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[766]),0},
-{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[776]),0},
-{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[786]),0},
-{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
- NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[796]),0},
-{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
- NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[806]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[816]),0},
-{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
- 11,&(lvalues[827]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[838]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[849]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[860]),0},
-{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
- &(lvalues[871]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[882]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[891]),0},
-{"x509Certificate","x509Certificate",NID_x509Certificate,10,
- &(lvalues[900]),0},
-{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
- &(lvalues[910]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[920]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[930]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[939]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[948]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[956]),0},
-{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
- &(lvalues[964]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
- &(lvalues[972]),0},
-{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
- &(lvalues[981]),0},
-{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
- &(lvalues[990]),0},
-{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
- &(lvalues[999]),0},
-{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
- &(lvalues[1008]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1018]),0},
-{"name","name",NID_name,3,&(lvalues[1027]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1030]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1033]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1040]),0},
-{"authorityInfoAccess","Authority Information Access",NID_info_access,
- 8,&(lvalues[1047]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1055]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1063]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1071]),0},
-{"ISO","iso",NID_iso,0,NULL,0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1079]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1080]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1083]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1088]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1094]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1102]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1110]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1119]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1129]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1139]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1149]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1159]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1169]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1179]),0},
-{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
- &(lvalues[1189]),0},
-{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
- &(lvalues[1200]),0},
-{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
- &(lvalues[1211]),0},
-{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
- 11,&(lvalues[1222]),0},
-{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
- NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1233]),0},
-{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
- NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1244]),0},
-{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
- NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1255]),0},
-{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
- NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1266]),0},
-{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
- 11,&(lvalues[1277]),0},
-{"id-smime-ct-authData","id-smime-ct-authData",
- NID_id_smime_ct_authData,11,&(lvalues[1288]),0},
-{"id-smime-ct-publishCert","id-smime-ct-publishCert",
- NID_id_smime_ct_publishCert,11,&(lvalues[1299]),0},
-{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
- 11,&(lvalues[1310]),0},
-{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
- 11,&(lvalues[1321]),0},
-{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
- NID_id_smime_ct_contentInfo,11,&(lvalues[1332]),0},
-{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
- NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1343]),0},
-{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
- NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1354]),0},
-{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
- NID_id_smime_aa_receiptRequest,11,&(lvalues[1365]),0},
-{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
- NID_id_smime_aa_securityLabel,11,&(lvalues[1376]),0},
-{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
- NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1387]),0},
-{"id-smime-aa-contentHint","id-smime-aa-contentHint",
- NID_id_smime_aa_contentHint,11,&(lvalues[1398]),0},
-{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
- NID_id_smime_aa_msgSigDigest,11,&(lvalues[1409]),0},
-{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
- NID_id_smime_aa_encapContentType,11,&(lvalues[1420]),0},
-{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
- NID_id_smime_aa_contentIdentifier,11,&(lvalues[1431]),0},
-{"id-smime-aa-macValue","id-smime-aa-macValue",
- NID_id_smime_aa_macValue,11,&(lvalues[1442]),0},
-{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
- NID_id_smime_aa_equivalentLabels,11,&(lvalues[1453]),0},
-{"id-smime-aa-contentReference","id-smime-aa-contentReference",
- NID_id_smime_aa_contentReference,11,&(lvalues[1464]),0},
-{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
- NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1475]),0},
-{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
- NID_id_smime_aa_signingCertificate,11,&(lvalues[1486]),0},
-{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
- NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1497]),0},
-{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
- NID_id_smime_aa_timeStampToken,11,&(lvalues[1508]),0},
-{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
- NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1519]),0},
-{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
- NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1530]),0},
-{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
- NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1541]),0},
-{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
- NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1552]),0},
-{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
- NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1563]),0},
-{"id-smime-aa-ets-contentTimestamp",
- "id-smime-aa-ets-contentTimestamp",
- NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1574]),0},
-{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
- NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1585]),0},
-{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
- NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1596]),0},
-{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
- NID_id_smime_aa_ets_certValues,11,&(lvalues[1607]),0},
-{"id-smime-aa-ets-revocationValues",
- "id-smime-aa-ets-revocationValues",
- NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1618]),0},
-{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
- NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1629]),0},
-{"id-smime-aa-ets-certCRLTimestamp",
- "id-smime-aa-ets-certCRLTimestamp",
- NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1640]),0},
-{"id-smime-aa-ets-archiveTimeStamp",
- "id-smime-aa-ets-archiveTimeStamp",
- NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1651]),0},
-{"id-smime-aa-signatureType","id-smime-aa-signatureType",
- NID_id_smime_aa_signatureType,11,&(lvalues[1662]),0},
-{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
- NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1673]),0},
-{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
- NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1684]),0},
-{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
- NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1695]),0},
-{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
- NID_id_smime_alg_3DESwrap,11,&(lvalues[1706]),0},
-{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
- NID_id_smime_alg_RC2wrap,11,&(lvalues[1717]),0},
-{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
- &(lvalues[1728]),0},
-{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
- NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1739]),0},
-{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
- NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1750]),0},
-{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
- &(lvalues[1761]),0},
-{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
- NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1772]),0},
-{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
- NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1783]),0},
-{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
- NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1794]),0},
-{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
- NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1805]),0},
-{"id-smime-cti-ets-proofOfDelivery",
- "id-smime-cti-ets-proofOfDelivery",
- NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1816]),0},
-{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
- NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1827]),0},
-{"id-smime-cti-ets-proofOfApproval",
- "id-smime-cti-ets-proofOfApproval",
- NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1838]),0},
-{"id-smime-cti-ets-proofOfCreation",
- "id-smime-cti-ets-proofOfCreation",
- NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1849]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1860]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1868]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1875]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1882]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1889]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1896]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1903]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1910]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1917]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1924]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1931]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1938]),0},
-{"id-pkix1-explicit-88","id-pkix1-explicit-88",
- NID_id_pkix1_explicit_88,8,&(lvalues[1945]),0},
-{"id-pkix1-implicit-88","id-pkix1-implicit-88",
- NID_id_pkix1_implicit_88,8,&(lvalues[1953]),0},
-{"id-pkix1-explicit-93","id-pkix1-explicit-93",
- NID_id_pkix1_explicit_93,8,&(lvalues[1961]),0},
-{"id-pkix1-implicit-93","id-pkix1-implicit-93",
- NID_id_pkix1_implicit_93,8,&(lvalues[1969]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1977]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1985]),0},
-{"id-mod-kea-profile-88","id-mod-kea-profile-88",
- NID_id_mod_kea_profile_88,8,&(lvalues[1993]),0},
-{"id-mod-kea-profile-93","id-mod-kea-profile-93",
- NID_id_mod_kea_profile_93,8,&(lvalues[2001]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2009]),0},
-{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
- NID_id_mod_qualified_cert_88,8,&(lvalues[2017]),0},
-{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
- NID_id_mod_qualified_cert_93,8,&(lvalues[2025]),0},
-{"id-mod-attribute-cert","id-mod-attribute-cert",
- NID_id_mod_attribute_cert,8,&(lvalues[2033]),0},
-{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
- NID_id_mod_timestamp_protocol,8,&(lvalues[2041]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2049]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2057]),0},
-{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
- &(lvalues[2065]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2073]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2081]),0},
-{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
- &(lvalues[2089]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2097]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2105]),0},
-{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
- &(lvalues[2113]),0},
-{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
- NID_sbgp_autonomousSysNum,8,&(lvalues[2121]),0},
-{"sbgp-routerIdentifier","sbgp-routerIdentifier",
- NID_sbgp_routerIdentifier,8,&(lvalues[2129]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2137]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
- &(lvalues[2145]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2153]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2161]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2169]),0},
-{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
- 8,&(lvalues[2177]),0},
-{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
- NID_id_it_signKeyPairTypes,8,&(lvalues[2185]),0},
-{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
- NID_id_it_encKeyPairTypes,8,&(lvalues[2193]),0},
-{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
- NID_id_it_preferredSymmAlg,8,&(lvalues[2201]),0},
-{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
- NID_id_it_caKeyUpdateInfo,8,&(lvalues[2209]),0},
-{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
- &(lvalues[2217]),0},
-{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
- NID_id_it_unsupportedOIDs,8,&(lvalues[2225]),0},
-{"id-it-subscriptionRequest","id-it-subscriptionRequest",
- NID_id_it_subscriptionRequest,8,&(lvalues[2233]),0},
-{"id-it-subscriptionResponse","id-it-subscriptionResponse",
- NID_id_it_subscriptionResponse,8,&(lvalues[2241]),0},
-{"id-it-keyPairParamReq","id-it-keyPairParamReq",
- NID_id_it_keyPairParamReq,8,&(lvalues[2249]),0},
-{"id-it-keyPairParamRep","id-it-keyPairParamRep",
- NID_id_it_keyPairParamRep,8,&(lvalues[2257]),0},
-{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
- 8,&(lvalues[2265]),0},
-{"id-it-implicitConfirm","id-it-implicitConfirm",
- NID_id_it_implicitConfirm,8,&(lvalues[2273]),0},
-{"id-it-confirmWaitTime","id-it-confirmWaitTime",
- NID_id_it_confirmWaitTime,8,&(lvalues[2281]),0},
-{"id-it-origPKIMessage","id-it-origPKIMessage",
- NID_id_it_origPKIMessage,8,&(lvalues[2289]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2297]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2305]),0},
-{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
- 9,&(lvalues[2313]),0},
-{"id-regCtrl-authenticator","id-regCtrl-authenticator",
- NID_id_regCtrl_authenticator,9,&(lvalues[2322]),0},
-{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
- NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2331]),0},
-{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
- NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2340]),0},
-{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
- NID_id_regCtrl_oldCertID,9,&(lvalues[2349]),0},
-{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
- NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2358]),0},
-{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
- NID_id_regInfo_utf8Pairs,9,&(lvalues[2367]),0},
-{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
- &(lvalues[2376]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2385]),0},
-{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
- &(lvalues[2393]),0},
-{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
- NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2401]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2409]),0},
-{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
- &(lvalues[2417]),0},
-{"id-cmc-identification","id-cmc-identification",
- NID_id_cmc_identification,8,&(lvalues[2425]),0},
-{"id-cmc-identityProof","id-cmc-identityProof",
- NID_id_cmc_identityProof,8,&(lvalues[2433]),0},
-{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
- &(lvalues[2441]),0},
-{"id-cmc-transactionId","id-cmc-transactionId",
- NID_id_cmc_transactionId,8,&(lvalues[2449]),0},
-{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
- &(lvalues[2457]),0},
-{"id-cmc-recipientNonce","id-cmc-recipientNonce",
- NID_id_cmc_recipientNonce,8,&(lvalues[2465]),0},
-{"id-cmc-addExtensions","id-cmc-addExtensions",
- NID_id_cmc_addExtensions,8,&(lvalues[2473]),0},
-{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
- 8,&(lvalues[2481]),0},
-{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
- 8,&(lvalues[2489]),0},
-{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
- NID_id_cmc_lraPOPWitness,8,&(lvalues[2497]),0},
-{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
- &(lvalues[2505]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2513]),0},
-{"id-cmc-revokeRequest","id-cmc-revokeRequest",
- NID_id_cmc_revokeRequest,8,&(lvalues[2521]),0},
-{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
- &(lvalues[2529]),0},
-{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
- 8,&(lvalues[2537]),0},
-{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
- 8,&(lvalues[2545]),0},
-{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
- NID_id_cmc_popLinkRandom,8,&(lvalues[2553]),0},
-{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
- NID_id_cmc_popLinkWitness,8,&(lvalues[2561]),0},
-{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
- NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2569]),0},
-{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
- &(lvalues[2577]),0},
-{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
- &(lvalues[2585]),0},
-{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
- 8,&(lvalues[2593]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2601]),0},
-{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
- NID_id_pda_countryOfCitizenship,8,&(lvalues[2609]),0},
-{"id-pda-countryOfResidence","id-pda-countryOfResidence",
- NID_id_pda_countryOfResidence,8,&(lvalues[2617]),0},
-{"id-aca-authenticationInfo","id-aca-authenticationInfo",
- NID_id_aca_authenticationInfo,8,&(lvalues[2625]),0},
-{"id-aca-accessIdentity","id-aca-accessIdentity",
- NID_id_aca_accessIdentity,8,&(lvalues[2633]),0},
-{"id-aca-chargingIdentity","id-aca-chargingIdentity",
- NID_id_aca_chargingIdentity,8,&(lvalues[2641]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2649]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2657]),0},
-{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
- NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2665]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2673]),0},
-{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
- &(lvalues[2681]),0},
-{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
- &(lvalues[2689]),0},
-{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
- &(lvalues[2697]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2705]),0},
-{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
- &(lvalues[2713]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2722]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2731]),0},
-{"acceptableResponses","Acceptable OCSP Responses",
- NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2740]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2749]),0},
-{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
- 9,&(lvalues[2758]),0},
-{"serviceLocator","OCSP Service Locator",
- NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2767]),0},
-{"extendedStatus","Extended OCSP Status",
- NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2776]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2785]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2794]),0},
-{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
- &(lvalues[2803]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2812]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2816]),0},
-{"X500algorithms","directory services - algorithms",
- NID_X500algorithms,2,&(lvalues[2821]),0},
-{"ORG","org",NID_org,1,&(lvalues[2823]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2824]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2826]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2829]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2833]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2837]),0},
-{"private","Private",NID_Private,4,&(lvalues[2841]),0},
-{"security","Security",NID_Security,4,&(lvalues[2845]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2849]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2853]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2857]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2862]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2871]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2881]),0},
-{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0},
-{"selected-attribute-types","Selected Attribute Types",
- NID_selected_attribute_types,3,&(lvalues[2891]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2894]),0},
-{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
- &(lvalues[2898]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2907]),0},
-{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
- &(lvalues[2915]),0},
-{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
- &(lvalues[2923]),0},
-{"role","role",NID_role,3,&(lvalues[2931]),0},
-{"policyConstraints","X509v3 Policy Constraints",
- NID_policy_constraints,3,&(lvalues[2934]),0},
-{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
- &(lvalues[2937]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
- &(lvalues[2940]),0},
-{"NULL","NULL",NID_ccitt,0,NULL,0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2943]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2948]),0},
-{"characteristic-two-field","characteristic-two-field",
- NID_X9_62_characteristic_two_field,7,&(lvalues[2955]),0},
-{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
- &(lvalues[2962]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2969]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2977]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2985]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2993]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3001]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3009]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3017]),0},
-{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
- &(lvalues[3025]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3032]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3041]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3050]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3059]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3068]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3077]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3086]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3095]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3104]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3113]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3122]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3131]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3140]),0},
-{"holdInstructionCode","Hold Instruction Code",
- NID_hold_instruction_code,3,&(lvalues[3149]),0},
-{"holdInstructionNone","Hold Instruction None",
- NID_hold_instruction_none,7,&(lvalues[3152]),0},
-{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
- NID_hold_instruction_call_issuer,7,&(lvalues[3159]),0},
-{"holdInstructionReject","Hold Instruction Reject",
- NID_hold_instruction_reject,7,&(lvalues[3166]),0},
-{"data","data",NID_data,1,&(lvalues[3173]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3174]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3177]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3184]),0},
-{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
- &(lvalues[3192]),0},
-{"pilotAttributeSyntax","pilotAttributeSyntax",
- NID_pilotAttributeSyntax,9,&(lvalues[3201]),0},
-{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
- &(lvalues[3210]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3219]),0},
-{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
- &(lvalues[3228]),0},
-{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
- NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3238]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3248]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3258]),0},
-{"account","account",NID_account,10,&(lvalues[3268]),0},
-{"document","document",NID_document,10,&(lvalues[3278]),0},
-{"room","room",NID_room,10,&(lvalues[3288]),0},
-{"documentSeries","documentSeries",NID_documentSeries,10,
- &(lvalues[3298]),0},
-{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
- &(lvalues[3308]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3318]),0},
-{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
- 10,&(lvalues[3328]),0},
-{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
- &(lvalues[3338]),0},
-{"simpleSecurityObject","simpleSecurityObject",
- NID_simpleSecurityObject,10,&(lvalues[3348]),0},
-{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
- &(lvalues[3358]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3368]),0},
-{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
- 10,&(lvalues[3378]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3388]),0},
-{"textEncodedORAddress","textEncodedORAddress",
- NID_textEncodedORAddress,10,&(lvalues[3398]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3408]),0},
-{"info","info",NID_info,10,&(lvalues[3418]),0},
-{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
- &(lvalues[3428]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3438]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3448]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3458]),0},
-{"host","host",NID_host,10,&(lvalues[3468]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3478]),0},
-{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
- &(lvalues[3488]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3498]),0},
-{"documentVersion","documentVersion",NID_documentVersion,10,
- &(lvalues[3508]),0},
-{"documentAuthor","documentAuthor",NID_documentAuthor,10,
- &(lvalues[3518]),0},
-{"documentLocation","documentLocation",NID_documentLocation,10,
- &(lvalues[3528]),0},
-{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
- 10,&(lvalues[3538]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3548]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3558]),0},
-{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
- &(lvalues[3568]),0},
-{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
- &(lvalues[3578]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3588]),0},
-{"pilotAttributeType27","pilotAttributeType27",
- NID_pilotAttributeType27,10,&(lvalues[3598]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3608]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3618]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3628]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3638]),0},
-{"associatedDomain","associatedDomain",NID_associatedDomain,10,
- &(lvalues[3648]),0},
-{"associatedName","associatedName",NID_associatedName,10,
- &(lvalues[3658]),0},
-{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
- &(lvalues[3668]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3678]),0},
-{"mobileTelephoneNumber","mobileTelephoneNumber",
- NID_mobileTelephoneNumber,10,&(lvalues[3688]),0},
-{"pagerTelephoneNumber","pagerTelephoneNumber",
- NID_pagerTelephoneNumber,10,&(lvalues[3698]),0},
-{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
- 10,&(lvalues[3708]),0},
-{"organizationalStatus","organizationalStatus",
- NID_organizationalStatus,10,&(lvalues[3718]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3728]),0},
-{"mailPreferenceOption","mailPreferenceOption",
- NID_mailPreferenceOption,10,&(lvalues[3738]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3748]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3758]),0},
-{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
- &(lvalues[3768]),0},
-{"subtreeMinimumQuality","subtreeMinimumQuality",
- NID_subtreeMinimumQuality,10,&(lvalues[3778]),0},
-{"subtreeMaximumQuality","subtreeMaximumQuality",
- NID_subtreeMaximumQuality,10,&(lvalues[3788]),0},
-{"personalSignature","personalSignature",NID_personalSignature,10,
- &(lvalues[3798]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3808]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3818]),0},
-{"documentPublisher","documentPublisher",NID_documentPublisher,10,
- &(lvalues[3828]),0},
-{"x500UniqueIdentifier","x500UniqueIdentifier",
- NID_x500UniqueIdentifier,3,&(lvalues[3838]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3841]),0},
-{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
- &(lvalues[3846]),0},
-{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
- &(lvalues[3852]),0},
-{"id-hex-partial-message","id-hex-partial-message",
- NID_id_hex_partial_message,7,&(lvalues[3858]),0},
-{"id-hex-multipart-message","id-hex-multipart-message",
- NID_id_hex_multipart_message,7,&(lvalues[3865]),0},
-{"generationQualifier","generationQualifier",NID_generationQualifier,
- 3,&(lvalues[3872]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3875]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-set","Secure Electronic Transactions",NID_id_set,2,
- &(lvalues[3878]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3880]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3883]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3886]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3889]),0},
-{"set-certExt","certificate extensions",NID_set_certExt,3,
- &(lvalues[3892]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3895]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3898]),0},
-{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
- &(lvalues[3902]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3906]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3910]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3914]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3918]),0},
-{"setct-PIDataUnsigned","setct-PIDataUnsigned",
- NID_setct_PIDataUnsigned,4,&(lvalues[3922]),0},
-{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
- &(lvalues[3926]),0},
-{"setct-AuthResBaggage","setct-AuthResBaggage",
- NID_setct_AuthResBaggage,4,&(lvalues[3930]),0},
-{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
- NID_setct_AuthRevReqBaggage,4,&(lvalues[3934]),0},
-{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
- NID_setct_AuthRevResBaggage,4,&(lvalues[3938]),0},
-{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
- &(lvalues[3942]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
- &(lvalues[3946]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3950]),0},
-{"setct-PResData","setct-PResData",NID_setct_PResData,4,
- &(lvalues[3954]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
- &(lvalues[3958]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
- &(lvalues[3962]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
- &(lvalues[3966]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
- &(lvalues[3970]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
- &(lvalues[3974]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
- &(lvalues[3978]),0},
-{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
- NID_setct_AcqCardCodeMsg,4,&(lvalues[3982]),0},
-{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
- 4,&(lvalues[3986]),0},
-{"setct-AuthRevResData","setct-AuthRevResData",
- NID_setct_AuthRevResData,4,&(lvalues[3990]),0},
-{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
- 4,&(lvalues[3994]),0},
-{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
- &(lvalues[3998]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
- &(lvalues[4002]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
- &(lvalues[4006]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
- &(lvalues[4010]),0},
-{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
- 4,&(lvalues[4014]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
- 4,&(lvalues[4018]),0},
-{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
- &(lvalues[4022]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
- &(lvalues[4026]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
- &(lvalues[4030]),0},
-{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
- 4,&(lvalues[4034]),0},
-{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
- NID_setct_CredRevReqTBSX,4,&(lvalues[4038]),0},
-{"setct-CredRevResData","setct-CredRevResData",
- NID_setct_CredRevResData,4,&(lvalues[4042]),0},
-{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
- &(lvalues[4046]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
- &(lvalues[4050]),0},
-{"setct-BatchAdminReqData","setct-BatchAdminReqData",
- NID_setct_BatchAdminReqData,4,&(lvalues[4054]),0},
-{"setct-BatchAdminResData","setct-BatchAdminResData",
- NID_setct_BatchAdminResData,4,&(lvalues[4058]),0},
-{"setct-CardCInitResTBS","setct-CardCInitResTBS",
- NID_setct_CardCInitResTBS,4,&(lvalues[4062]),0},
-{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
- NID_setct_MeAqCInitResTBS,4,&(lvalues[4066]),0},
-{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
- 4,&(lvalues[4070]),0},
-{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
- &(lvalues[4074]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
- &(lvalues[4078]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
- &(lvalues[4082]),0},
-{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
- 4,&(lvalues[4086]),0},
-{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
- &(lvalues[4090]),0},
-{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
- NID_setct_PIDualSignedTBE,4,&(lvalues[4094]),0},
-{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
- 4,&(lvalues[4098]),0},
-{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
- &(lvalues[4102]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
- &(lvalues[4106]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
- &(lvalues[4110]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
- &(lvalues[4114]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
- &(lvalues[4118]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
- &(lvalues[4122]),0},
-{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
- NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4126]),0},
-{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
- 4,&(lvalues[4130]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
- 4,&(lvalues[4134]),0},
-{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
- NID_setct_AuthRevResTBEB,4,&(lvalues[4138]),0},
-{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
- &(lvalues[4142]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
- &(lvalues[4146]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
- &(lvalues[4150]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
- &(lvalues[4154]),0},
-{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
- 4,&(lvalues[4158]),0},
-{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
- &(lvalues[4162]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
- &(lvalues[4166]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
- &(lvalues[4170]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
- &(lvalues[4174]),0},
-{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
- 4,&(lvalues[4178]),0},
-{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
- NID_setct_CredRevReqTBEX,4,&(lvalues[4182]),0},
-{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
- 4,&(lvalues[4186]),0},
-{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
- NID_setct_BatchAdminReqTBE,4,&(lvalues[4190]),0},
-{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
- NID_setct_BatchAdminResTBE,4,&(lvalues[4194]),0},
-{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
- 4,&(lvalues[4198]),0},
-{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
- &(lvalues[4202]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
- &(lvalues[4206]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
- &(lvalues[4210]),0},
-{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
- NID_setct_CRLNotificationTBS,4,&(lvalues[4214]),0},
-{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
- NID_setct_CRLNotificationResTBS,4,&(lvalues[4218]),0},
-{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
- NID_setct_BCIDistributionTBS,4,&(lvalues[4222]),0},
-{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
- &(lvalues[4226]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
- &(lvalues[4230]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
- &(lvalues[4234]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4238]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4242]),0},
-{"setext-cv","additional verification",NID_setext_cv,4,
- &(lvalues[4246]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
- &(lvalues[4250]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
- &(lvalues[4254]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
- &(lvalues[4258]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
- &(lvalues[4262]),0},
-{"setCext-cCertRequired","setCext-cCertRequired",
- NID_setCext_cCertRequired,4,&(lvalues[4266]),0},
-{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
- &(lvalues[4270]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
- &(lvalues[4274]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
- &(lvalues[4278]),0},
-{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
- NID_setCext_PGWYcapabilities,4,&(lvalues[4282]),0},
-{"setCext-TokenIdentifier","setCext-TokenIdentifier",
- NID_setCext_TokenIdentifier,4,&(lvalues[4286]),0},
-{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
- &(lvalues[4290]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
- &(lvalues[4294]),0},
-{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
- NID_setCext_IssuerCapabilities,4,&(lvalues[4298]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4302]),0},
-{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
- 4,&(lvalues[4306]),0},
-{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
- &(lvalues[4310]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
- &(lvalues[4314]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
- &(lvalues[4318]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4323]),0},
-{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
- &(lvalues[4328]),0},
-{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
- NID_setAttr_Token_B0Prime,5,&(lvalues[4333]),0},
-{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
- &(lvalues[4338]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
- &(lvalues[4343]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
- &(lvalues[4348]),0},
-{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
- 6,&(lvalues[4353]),0},
-{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
- &(lvalues[4359]),0},
-{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
- &(lvalues[4365]),0},
-{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
- &(lvalues[4371]),0},
-{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
- 6,&(lvalues[4377]),0},
-{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
- &(lvalues[4383]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
- &(lvalues[4387]),0},
-{"set-brand-AmericanExpress","set-brand-AmericanExpress",
- NID_set_brand_AmericanExpress,4,&(lvalues[4391]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4395]),0},
-{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
- &(lvalues[4399]),0},
-{"set-brand-MasterCard","set-brand-MasterCard",
- NID_set_brand_MasterCard,4,&(lvalues[4403]),0},
-{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
- &(lvalues[4407]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4412]),0},
-{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
- NID_rsaOAEPEncryptionSET,9,&(lvalues[4420]),0},
-{"ITU-T","itu-t",NID_itu_t,0,NULL,0},
-{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0},
-{"international-organizations","International Organizations",
- NID_international_organizations,1,&(lvalues[4429]),0},
-{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
- 10,&(lvalues[4430]),0},
-{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
- &(lvalues[4440]),0},
-{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
-{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
-{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
-{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0},
-{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0},
-{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0},
-{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0},
-{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
-{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
-{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
-{"street","streetAddress",NID_streetAddress,3,&(lvalues[4450]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4453]),0},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4456]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
- &(lvalues[4463]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
- &(lvalues[4471]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
- &(lvalues[4479]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
- &(lvalues[4487]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4490]),0},
-{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
- &(lvalues[4498]),0},
-{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
- &(lvalues[4507]),0},
-{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
- &(lvalues[4516]),0},
-{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
- &(lvalues[4525]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4534]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4543]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4552]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4561]),0},
-{"identified-organization","identified-organization",
- NID_identified_organization,1,&(lvalues[4570]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4571]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4574]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4576]),0},
-{"id-characteristic-two-basis","id-characteristic-two-basis",
- NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4579]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4587]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4596]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4605]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4614]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4622]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4630]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4638]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4646]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4654]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4662]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4670]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4678]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4686]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4694]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4702]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4710]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4718]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4726]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4734]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4742]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4750]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4758]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4766]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4774]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4779]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4784]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4789]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4794]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4799]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4804]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4809]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4814]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4819]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4824]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4829]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4834]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4839]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4844]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4849]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4854]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4859]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4864]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4869]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4874]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4879]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4884]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4889]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4894]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4899]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4904]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4909]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4914]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4919]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4924]),0},
-{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
- NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4929]),0},
-{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
- NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4934]),0},
-{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
- NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4939]),0},
-{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
- NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4944]),0},
-{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
- NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4949]),0},
-{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
- NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4954]),0},
-{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
- NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4959]),0},
-{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
- NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4964]),0},
-{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
- NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4969]),0},
-{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
- NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4974]),0},
-{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
- NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4979]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4984]),0},
-{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
- &(lvalues[4988]),0},
-{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
- NID_inhibit_any_policy,3,&(lvalues[4991]),0},
-{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
-{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
-{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
- &(lvalues[4994]),0},
-{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
- &(lvalues[5005]),0},
-{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
- &(lvalues[5016]),0},
-{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
- &(lvalues[5027]),0},
-{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
- &(lvalues[5035]),0},
-{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
- &(lvalues[5043]),0},
-{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
- &(lvalues[5051]),0},
-{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
- &(lvalues[5059]),0},
-{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
- &(lvalues[5067]),0},
-{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
-{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
-{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
-{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
-{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
-{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
-{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
- &(lvalues[5075]),0},
-{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
- &(lvalues[5083]),0},
-{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
- &(lvalues[5091]),0},
-{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
- NID_subject_directory_attributes,3,&(lvalues[5099]),0},
-{"issuingDistributionPoint","X509v3 Issuing Distribution Point",
- NID_issuing_distribution_point,3,&(lvalues[5102]),0},
-{"certificateIssuer","X509v3 Certificate Issuer",
- NID_certificate_issuer,3,&(lvalues[5105]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"KISA","kisa",NID_kisa,6,&(lvalues[5108]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5114]),0},
-{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5122]),0},
-{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5130]),0},
-{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5138]),0},
-{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5146]),0},
-{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5154]),0},
-{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
- &(lvalues[5162]),0},
-{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
- &(lvalues[5171]),0},
-{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
- &(lvalues[5180]),0},
-{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5188]),0},
-{"id-smime-ct-compressedData","id-smime-ct-compressedData",
- NID_id_smime_ct_compressedData,11,&(lvalues[5196]),0},
-{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
- NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5207]),0},
-{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
- &(lvalues[5218]),0},
-{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
- &(lvalues[5227]),0},
-{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
- &(lvalues[5236]),0},
-{"ecdsa-with-Recommended","ecdsa-with-Recommended",
- NID_ecdsa_with_Recommended,7,&(lvalues[5245]),0},
-{"ecdsa-with-Specified","ecdsa-with-Specified",
- NID_ecdsa_with_Specified,7,&(lvalues[5252]),0},
-{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
- &(lvalues[5259]),0},
-{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
- &(lvalues[5267]),0},
-{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
- &(lvalues[5275]),0},
-{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
- &(lvalues[5283]),0},
-{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5291]),0},
-{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
- &(lvalues[5299]),0},
-{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
- &(lvalues[5307]),0},
-{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
- &(lvalues[5315]),0},
-{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
- &(lvalues[5323]),0},
-{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
- &(lvalues[5331]),0},
-{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
- &(lvalues[5340]),0},
-{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5349]),0},
-{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5355]),0},
-{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5360]),0},
-{"id-GostR3411-94-with-GostR3410-2001",
- "GOST R 34.11-94 with GOST R 34.10-2001",
- NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5365]),0},
-{"id-GostR3411-94-with-GostR3410-94",
- "GOST R 34.11-94 with GOST R 34.10-94",
- NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5371]),0},
-{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5377]),0},
-{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
- &(lvalues[5383]),0},
-{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
- &(lvalues[5389]),0},
-{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5395]),0},
-{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5401]),0},
-{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
-{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
- &(lvalues[5407]),0},
-{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
- &(lvalues[5413]),0},
-{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
- 6,&(lvalues[5419]),0},
-{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
- &(lvalues[5425]),0},
-{"id-Gost28147-89-CryptoPro-KeyMeshing",
- "id-Gost28147-89-CryptoPro-KeyMeshing",
- NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5431]),0},
-{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
- NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5438]),0},
-{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
- NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5445]),0},
-{"id-GostR3411-94-CryptoProParamSet",
- "id-GostR3411-94-CryptoProParamSet",
- NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5452]),0},
-{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
- NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5459]),0},
-{"id-Gost28147-89-CryptoPro-A-ParamSet",
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5466]),0},
-{"id-Gost28147-89-CryptoPro-B-ParamSet",
- "id-Gost28147-89-CryptoPro-B-ParamSet",
- NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5473]),0},
-{"id-Gost28147-89-CryptoPro-C-ParamSet",
- "id-Gost28147-89-CryptoPro-C-ParamSet",
- NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5480]),0},
-{"id-Gost28147-89-CryptoPro-D-ParamSet",
- "id-Gost28147-89-CryptoPro-D-ParamSet",
- NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5487]),0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
- "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5494]),
- 0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
- "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5501]),
- 0},
-{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
- "id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5508]),0},
-{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
- NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5515]),0},
-{"id-GostR3410-94-CryptoPro-A-ParamSet",
- "id-GostR3410-94-CryptoPro-A-ParamSet",
- NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5522]),0},
-{"id-GostR3410-94-CryptoPro-B-ParamSet",
- "id-GostR3410-94-CryptoPro-B-ParamSet",
- NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5529]),0},
-{"id-GostR3410-94-CryptoPro-C-ParamSet",
- "id-GostR3410-94-CryptoPro-C-ParamSet",
- NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5536]),0},
-{"id-GostR3410-94-CryptoPro-D-ParamSet",
- "id-GostR3410-94-CryptoPro-D-ParamSet",
- NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5543]),0},
-{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
- "id-GostR3410-94-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5550]),0},
-{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
- "id-GostR3410-94-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5557]),0},
-{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
- "id-GostR3410-94-CryptoPro-XchC-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5564]),0},
-{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
- NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5571]),0},
-{"id-GostR3410-2001-CryptoPro-A-ParamSet",
- "id-GostR3410-2001-CryptoPro-A-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5578]),0},
-{"id-GostR3410-2001-CryptoPro-B-ParamSet",
- "id-GostR3410-2001-CryptoPro-B-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5585]),0},
-{"id-GostR3410-2001-CryptoPro-C-ParamSet",
- "id-GostR3410-2001-CryptoPro-C-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5592]),0},
-{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
- "id-GostR3410-2001-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5599]),0},
-
-{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
- "id-GostR3410-2001-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5606]),0},
-
-{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
- &(lvalues[5613]),0},
-{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
- NID_id_GostR3410_94_aBis,7,&(lvalues[5620]),0},
-{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
- &(lvalues[5627]),0},
-{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
- NID_id_GostR3410_94_bBis,7,&(lvalues[5634]),0},
-{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
- NID_id_Gost28147_89_cc,8,&(lvalues[5641]),0},
-{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
- &(lvalues[5649]),0},
-{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
- &(lvalues[5657]),0},
-{"id-GostR3411-94-with-GostR3410-94-cc",
- "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5665]),0},
-{"id-GostR3411-94-with-GostR3410-2001-cc",
- "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5673]),0},
-{"id-GostR3410-2001-ParamSet-cc",
- "GOST R 3410-2001 Parameter Set Cryptocom",
- NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5681]),0},
-{"HMAC","hmac",NID_hmac,0,NULL,0},
-{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
- &(lvalues[5689]),0},
-{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
- &(lvalues[5698]),0},
-{"id-on-permanentIdentifier","Permanent Identifier",
- NID_id_on_permanentIdentifier,8,&(lvalues[5701]),0},
-{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5709]),0},
-{"businessCategory","businessCategory",NID_businessCategory,3,
- &(lvalues[5712]),0},
-{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5715]),0},
-{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5718]),0},
-{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
- NID_physicalDeliveryOfficeName,3,&(lvalues[5721]),0},
-{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
- &(lvalues[5724]),0},
-{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5727]),0},
-{"teletexTerminalIdentifier","teletexTerminalIdentifier",
- NID_teletexTerminalIdentifier,3,&(lvalues[5730]),0},
-{"facsimileTelephoneNumber","facsimileTelephoneNumber",
- NID_facsimileTelephoneNumber,3,&(lvalues[5733]),0},
-{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5736]),0},
-{"internationaliSDNNumber","internationaliSDNNumber",
- NID_internationaliSDNNumber,3,&(lvalues[5739]),0},
-{"registeredAddress","registeredAddress",NID_registeredAddress,3,
- &(lvalues[5742]),0},
-{"destinationIndicator","destinationIndicator",
- NID_destinationIndicator,3,&(lvalues[5745]),0},
-{"preferredDeliveryMethod","preferredDeliveryMethod",
- NID_preferredDeliveryMethod,3,&(lvalues[5748]),0},
-{"presentationAddress","presentationAddress",NID_presentationAddress,
- 3,&(lvalues[5751]),0},
-{"supportedApplicationContext","supportedApplicationContext",
- NID_supportedApplicationContext,3,&(lvalues[5754]),0},
-{"member","member",NID_member,3,&(lvalues[5757]),0},
-{"owner","owner",NID_owner,3,&(lvalues[5760]),0},
-{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5763]),0},
-{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5766]),0},
-{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5769]),0},
-{"userCertificate","userCertificate",NID_userCertificate,3,
- &(lvalues[5772]),0},
-{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5775]),0},
-{"authorityRevocationList","authorityRevocationList",
- NID_authorityRevocationList,3,&(lvalues[5778]),0},
-{"certificateRevocationList","certificateRevocationList",
- NID_certificateRevocationList,3,&(lvalues[5781]),0},
-{"crossCertificatePair","crossCertificatePair",
- NID_crossCertificatePair,3,&(lvalues[5784]),0},
-{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
- 3,&(lvalues[5787]),0},
-{"protocolInformation","protocolInformation",NID_protocolInformation,
- 3,&(lvalues[5790]),0},
-{"distinguishedName","distinguishedName",NID_distinguishedName,3,
- &(lvalues[5793]),0},
-{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5796]),0},
-{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
- &(lvalues[5799]),0},
-{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
- 3,&(lvalues[5802]),0},
-{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
- 3,&(lvalues[5805]),0},
-{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5808]),0},
-{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
- &(lvalues[5811]),0},
-{"CMAC","cmac",NID_cmac,0,NULL,0},
-{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5822]),0},
-{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5831]),0},
-{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
- &(lvalues[5840]),0},
-{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5849]),0},
-{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5858]),0},
-{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
- &(lvalues[5867]),0},
-{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5876]),0},
-{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5885]),0},
-{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
- &(lvalues[5894]),0},
-{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
-{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
-{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
-{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
- 11,&(lvalues[5903]),0},
-{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
- 11,&(lvalues[5914]),0},
-{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
- 11,&(lvalues[5925]),0},
-{"anyExtendedKeyUsage","Any Extended Key Usage",
- NID_anyExtendedKeyUsage,4,&(lvalues[5936]),0},
-{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5940]),0},
-{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5949]),0},
-{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
-{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
-{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
-{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
- NID_aes_128_cbc_hmac_sha1,0,NULL,0},
-{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
- NID_aes_192_cbc_hmac_sha1,0,NULL,0},
-{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
- NID_aes_256_cbc_hmac_sha1,0,NULL,0},
-{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5958]),0},
-{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5967]),0},
-{"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9,
- &(lvalues[5974]),0},
-{"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9,
- &(lvalues[5983]),0},
-{"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9,
- &(lvalues[5992]),0},
-{"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9,
- &(lvalues[6001]),0},
-{"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9,
- &(lvalues[6010]),0},
-{"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9,
- &(lvalues[6019]),0},
-{"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9,
- &(lvalues[6028]),0},
-{"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9,
- &(lvalues[6037]),0},
-{"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9,
- &(lvalues[6046]),0},
-{"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9,
- &(lvalues[6055]),0},
-{"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9,
- &(lvalues[6064]),0},
-{"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9,
- &(lvalues[6073]),0},
-{"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9,
- &(lvalues[6082]),0},
-{"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9,
- &(lvalues[6091]),0},
-{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6100]),0},
-{"dhSinglePass-stdDH-sha1kdf-scheme",
- "dhSinglePass-stdDH-sha1kdf-scheme",
- NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6109]),0},
-{"dhSinglePass-stdDH-sha224kdf-scheme",
- "dhSinglePass-stdDH-sha224kdf-scheme",
- NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6118]),0},
-{"dhSinglePass-stdDH-sha256kdf-scheme",
- "dhSinglePass-stdDH-sha256kdf-scheme",
- NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6124]),0},
-{"dhSinglePass-stdDH-sha384kdf-scheme",
- "dhSinglePass-stdDH-sha384kdf-scheme",
- NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6130]),0},
-{"dhSinglePass-stdDH-sha512kdf-scheme",
- "dhSinglePass-stdDH-sha512kdf-scheme",
- NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6136]),0},
-{"dhSinglePass-cofactorDH-sha1kdf-scheme",
- "dhSinglePass-cofactorDH-sha1kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6142]),0},
-{"dhSinglePass-cofactorDH-sha224kdf-scheme",
- "dhSinglePass-cofactorDH-sha224kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6151]),0},
-{"dhSinglePass-cofactorDH-sha256kdf-scheme",
- "dhSinglePass-cofactorDH-sha256kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6157]),0},
-{"dhSinglePass-cofactorDH-sha384kdf-scheme",
- "dhSinglePass-cofactorDH-sha384kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6163]),0},
-{"dhSinglePass-cofactorDH-sha512kdf-scheme",
- "dhSinglePass-cofactorDH-sha512kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6169]),0},
-{"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0},
-{"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0},
-{"X25519","X25519",NID_X25519,0,NULL,0},
+static const ASN1_OBJECT kObjects[NUM_NID] = {
+ {"UNDEF", "undefined", NID_undef, 0, NULL, 0},
+ {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &kObjectData[0], 0},
+ {"pkcs", "RSA Data Security, Inc. PKCS", NID_pkcs, 7, &kObjectData[6], 0},
+ {"MD2", "md2", NID_md2, 8, &kObjectData[13], 0},
+ {"MD5", "md5", NID_md5, 8, &kObjectData[21], 0},
+ {"RC4", "rc4", NID_rc4, 8, &kObjectData[29], 0},
+ {"rsaEncryption", "rsaEncryption", NID_rsaEncryption, 9, &kObjectData[37],
+ 0},
+ {"RSA-MD2", "md2WithRSAEncryption", NID_md2WithRSAEncryption, 9,
+ &kObjectData[46], 0},
+ {"RSA-MD5", "md5WithRSAEncryption", NID_md5WithRSAEncryption, 9,
+ &kObjectData[55], 0},
+ {"PBE-MD2-DES", "pbeWithMD2AndDES-CBC", NID_pbeWithMD2AndDES_CBC, 9,
+ &kObjectData[64], 0},
+ {"PBE-MD5-DES", "pbeWithMD5AndDES-CBC", NID_pbeWithMD5AndDES_CBC, 9,
+ &kObjectData[73], 0},
+ {"X500", "directory services (X.500)", NID_X500, 1, &kObjectData[82], 0},
+ {"X509", "X509", NID_X509, 2, &kObjectData[83], 0},
+ {"CN", "commonName", NID_commonName, 3, &kObjectData[85], 0},
+ {"C", "countryName", NID_countryName, 3, &kObjectData[88], 0},
+ {"L", "localityName", NID_localityName, 3, &kObjectData[91], 0},
+ {"ST", "stateOrProvinceName", NID_stateOrProvinceName, 3, &kObjectData[94],
+ 0},
+ {"O", "organizationName", NID_organizationName, 3, &kObjectData[97], 0},
+ {"OU", "organizationalUnitName", NID_organizationalUnitName, 3,
+ &kObjectData[100], 0},
+ {"RSA", "rsa", NID_rsa, 4, &kObjectData[103], 0},
+ {"pkcs7", "pkcs7", NID_pkcs7, 8, &kObjectData[107], 0},
+ {"pkcs7-data", "pkcs7-data", NID_pkcs7_data, 9, &kObjectData[115], 0},
+ {"pkcs7-signedData", "pkcs7-signedData", NID_pkcs7_signed, 9,
+ &kObjectData[124], 0},
+ {"pkcs7-envelopedData", "pkcs7-envelopedData", NID_pkcs7_enveloped, 9,
+ &kObjectData[133], 0},
+ {"pkcs7-signedAndEnvelopedData", "pkcs7-signedAndEnvelopedData",
+ NID_pkcs7_signedAndEnveloped, 9, &kObjectData[142], 0},
+ {"pkcs7-digestData", "pkcs7-digestData", NID_pkcs7_digest, 9,
+ &kObjectData[151], 0},
+ {"pkcs7-encryptedData", "pkcs7-encryptedData", NID_pkcs7_encrypted, 9,
+ &kObjectData[160], 0},
+ {"pkcs3", "pkcs3", NID_pkcs3, 8, &kObjectData[169], 0},
+ {"dhKeyAgreement", "dhKeyAgreement", NID_dhKeyAgreement, 9,
+ &kObjectData[177], 0},
+ {"DES-ECB", "des-ecb", NID_des_ecb, 5, &kObjectData[186], 0},
+ {"DES-CFB", "des-cfb", NID_des_cfb64, 5, &kObjectData[191], 0},
+ {"DES-CBC", "des-cbc", NID_des_cbc, 5, &kObjectData[196], 0},
+ {"DES-EDE", "des-ede", NID_des_ede_ecb, 5, &kObjectData[201], 0},
+ {"DES-EDE3", "des-ede3", NID_des_ede3_ecb, 0, NULL, 0},
+ {"IDEA-CBC", "idea-cbc", NID_idea_cbc, 11, &kObjectData[206], 0},
+ {"IDEA-CFB", "idea-cfb", NID_idea_cfb64, 0, NULL, 0},
+ {"IDEA-ECB", "idea-ecb", NID_idea_ecb, 0, NULL, 0},
+ {"RC2-CBC", "rc2-cbc", NID_rc2_cbc, 8, &kObjectData[217], 0},
+ {"RC2-ECB", "rc2-ecb", NID_rc2_ecb, 0, NULL, 0},
+ {"RC2-CFB", "rc2-cfb", NID_rc2_cfb64, 0, NULL, 0},
+ {"RC2-OFB", "rc2-ofb", NID_rc2_ofb64, 0, NULL, 0},
+ {"SHA", "sha", NID_sha, 5, &kObjectData[225], 0},
+ {"RSA-SHA", "shaWithRSAEncryption", NID_shaWithRSAEncryption, 5,
+ &kObjectData[230], 0},
+ {"DES-EDE-CBC", "des-ede-cbc", NID_des_ede_cbc, 0, NULL, 0},
+ {"DES-EDE3-CBC", "des-ede3-cbc", NID_des_ede3_cbc, 8, &kObjectData[235], 0},
+ {"DES-OFB", "des-ofb", NID_des_ofb64, 5, &kObjectData[243], 0},
+ {"IDEA-OFB", "idea-ofb", NID_idea_ofb64, 0, NULL, 0},
+ {"pkcs9", "pkcs9", NID_pkcs9, 8, &kObjectData[248], 0},
+ {"emailAddress", "emailAddress", NID_pkcs9_emailAddress, 9,
+ &kObjectData[256], 0},
+ {"unstructuredName", "unstructuredName", NID_pkcs9_unstructuredName, 9,
+ &kObjectData[265], 0},
+ {"contentType", "contentType", NID_pkcs9_contentType, 9, &kObjectData[274],
+ 0},
+ {"messageDigest", "messageDigest", NID_pkcs9_messageDigest, 9,
+ &kObjectData[283], 0},
+ {"signingTime", "signingTime", NID_pkcs9_signingTime, 9, &kObjectData[292],
+ 0},
+ {"countersignature", "countersignature", NID_pkcs9_countersignature, 9,
+ &kObjectData[301], 0},
+ {"challengePassword", "challengePassword", NID_pkcs9_challengePassword, 9,
+ &kObjectData[310], 0},
+ {"unstructuredAddress", "unstructuredAddress",
+ NID_pkcs9_unstructuredAddress, 9, &kObjectData[319], 0},
+ {"extendedCertificateAttributes", "extendedCertificateAttributes",
+ NID_pkcs9_extCertAttributes, 9, &kObjectData[328], 0},
+ {"Netscape", "Netscape Communications Corp.", NID_netscape, 7,
+ &kObjectData[337], 0},
+ {"nsCertExt", "Netscape Certificate Extension", NID_netscape_cert_extension,
+ 8, &kObjectData[344], 0},
+ {"nsDataType", "Netscape Data Type", NID_netscape_data_type, 8,
+ &kObjectData[352], 0},
+ {"DES-EDE-CFB", "des-ede-cfb", NID_des_ede_cfb64, 0, NULL, 0},
+ {"DES-EDE3-CFB", "des-ede3-cfb", NID_des_ede3_cfb64, 0, NULL, 0},
+ {"DES-EDE-OFB", "des-ede-ofb", NID_des_ede_ofb64, 0, NULL, 0},
+ {"DES-EDE3-OFB", "des-ede3-ofb", NID_des_ede3_ofb64, 0, NULL, 0},
+ {"SHA1", "sha1", NID_sha1, 5, &kObjectData[360], 0},
+ {"RSA-SHA1", "sha1WithRSAEncryption", NID_sha1WithRSAEncryption, 9,
+ &kObjectData[365], 0},
+ {"DSA-SHA", "dsaWithSHA", NID_dsaWithSHA, 5, &kObjectData[374], 0},
+ {"DSA-old", "dsaEncryption-old", NID_dsa_2, 5, &kObjectData[379], 0},
+ {"PBE-SHA1-RC2-64", "pbeWithSHA1AndRC2-CBC", NID_pbeWithSHA1AndRC2_CBC, 9,
+ &kObjectData[384], 0},
+ {"PBKDF2", "PBKDF2", NID_id_pbkdf2, 9, &kObjectData[393], 0},
+ {"DSA-SHA1-old", "dsaWithSHA1-old", NID_dsaWithSHA1_2, 5, &kObjectData[402],
+ 0},
+ {"nsCertType", "Netscape Cert Type", NID_netscape_cert_type, 9,
+ &kObjectData[407], 0},
+ {"nsBaseUrl", "Netscape Base Url", NID_netscape_base_url, 9,
+ &kObjectData[416], 0},
+ {"nsRevocationUrl", "Netscape Revocation Url", NID_netscape_revocation_url,
+ 9, &kObjectData[425], 0},
+ {"nsCaRevocationUrl", "Netscape CA Revocation Url",
+ NID_netscape_ca_revocation_url, 9, &kObjectData[434], 0},
+ {"nsRenewalUrl", "Netscape Renewal Url", NID_netscape_renewal_url, 9,
+ &kObjectData[443], 0},
+ {"nsCaPolicyUrl", "Netscape CA Policy Url", NID_netscape_ca_policy_url, 9,
+ &kObjectData[452], 0},
+ {"nsSslServerName", "Netscape SSL Server Name",
+ NID_netscape_ssl_server_name, 9, &kObjectData[461], 0},
+ {"nsComment", "Netscape Comment", NID_netscape_comment, 9,
+ &kObjectData[470], 0},
+ {"nsCertSequence", "Netscape Certificate Sequence",
+ NID_netscape_cert_sequence, 9, &kObjectData[479], 0},
+ {"DESX-CBC", "desx-cbc", NID_desx_cbc, 0, NULL, 0},
+ {"id-ce", "id-ce", NID_id_ce, 2, &kObjectData[488], 0},
+ {"subjectKeyIdentifier", "X509v3 Subject Key Identifier",
+ NID_subject_key_identifier, 3, &kObjectData[490], 0},
+ {"keyUsage", "X509v3 Key Usage", NID_key_usage, 3, &kObjectData[493], 0},
+ {"privateKeyUsagePeriod", "X509v3 Private Key Usage Period",
+ NID_private_key_usage_period, 3, &kObjectData[496], 0},
+ {"subjectAltName", "X509v3 Subject Alternative Name", NID_subject_alt_name,
+ 3, &kObjectData[499], 0},
+ {"issuerAltName", "X509v3 Issuer Alternative Name", NID_issuer_alt_name, 3,
+ &kObjectData[502], 0},
+ {"basicConstraints", "X509v3 Basic Constraints", NID_basic_constraints, 3,
+ &kObjectData[505], 0},
+ {"crlNumber", "X509v3 CRL Number", NID_crl_number, 3, &kObjectData[508], 0},
+ {"certificatePolicies", "X509v3 Certificate Policies",
+ NID_certificate_policies, 3, &kObjectData[511], 0},
+ {"authorityKeyIdentifier", "X509v3 Authority Key Identifier",
+ NID_authority_key_identifier, 3, &kObjectData[514], 0},
+ {"BF-CBC", "bf-cbc", NID_bf_cbc, 9, &kObjectData[517], 0},
+ {"BF-ECB", "bf-ecb", NID_bf_ecb, 0, NULL, 0},
+ {"BF-CFB", "bf-cfb", NID_bf_cfb64, 0, NULL, 0},
+ {"BF-OFB", "bf-ofb", NID_bf_ofb64, 0, NULL, 0},
+ {"MDC2", "mdc2", NID_mdc2, 4, &kObjectData[526], 0},
+ {"RSA-MDC2", "mdc2WithRSA", NID_mdc2WithRSA, 4, &kObjectData[530], 0},
+ {"RC4-40", "rc4-40", NID_rc4_40, 0, NULL, 0},
+ {"RC2-40-CBC", "rc2-40-cbc", NID_rc2_40_cbc, 0, NULL, 0},
+ {"GN", "givenName", NID_givenName, 3, &kObjectData[534], 0},
+ {"SN", "surname", NID_surname, 3, &kObjectData[537], 0},
+ {"initials", "initials", NID_initials, 3, &kObjectData[540], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"crlDistributionPoints", "X509v3 CRL Distribution Points",
+ NID_crl_distribution_points, 3, &kObjectData[543], 0},
+ {"RSA-NP-MD5", "md5WithRSA", NID_md5WithRSA, 5, &kObjectData[546], 0},
+ {"serialNumber", "serialNumber", NID_serialNumber, 3, &kObjectData[551], 0},
+ {"title", "title", NID_title, 3, &kObjectData[554], 0},
+ {"description", "description", NID_description, 3, &kObjectData[557], 0},
+ {"CAST5-CBC", "cast5-cbc", NID_cast5_cbc, 9, &kObjectData[560], 0},
+ {"CAST5-ECB", "cast5-ecb", NID_cast5_ecb, 0, NULL, 0},
+ {"CAST5-CFB", "cast5-cfb", NID_cast5_cfb64, 0, NULL, 0},
+ {"CAST5-OFB", "cast5-ofb", NID_cast5_ofb64, 0, NULL, 0},
+ {"pbeWithMD5AndCast5CBC", "pbeWithMD5AndCast5CBC",
+ NID_pbeWithMD5AndCast5_CBC, 9, &kObjectData[569], 0},
+ {"DSA-SHA1", "dsaWithSHA1", NID_dsaWithSHA1, 7, &kObjectData[578], 0},
+ {"MD5-SHA1", "md5-sha1", NID_md5_sha1, 0, NULL, 0},
+ {"RSA-SHA1-2", "sha1WithRSA", NID_sha1WithRSA, 5, &kObjectData[585], 0},
+ {"DSA", "dsaEncryption", NID_dsa, 7, &kObjectData[590], 0},
+ {"RIPEMD160", "ripemd160", NID_ripemd160, 5, &kObjectData[597], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"RSA-RIPEMD160", "ripemd160WithRSA", NID_ripemd160WithRSA, 6,
+ &kObjectData[602], 0},
+ {"RC5-CBC", "rc5-cbc", NID_rc5_cbc, 8, &kObjectData[608], 0},
+ {"RC5-ECB", "rc5-ecb", NID_rc5_ecb, 0, NULL, 0},
+ {"RC5-CFB", "rc5-cfb", NID_rc5_cfb64, 0, NULL, 0},
+ {"RC5-OFB", "rc5-ofb", NID_rc5_ofb64, 0, NULL, 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"ZLIB", "zlib compression", NID_zlib_compression, 11, &kObjectData[616],
+ 0},
+ {"extendedKeyUsage", "X509v3 Extended Key Usage", NID_ext_key_usage, 3,
+ &kObjectData[627], 0},
+ {"PKIX", "PKIX", NID_id_pkix, 6, &kObjectData[630], 0},
+ {"id-kp", "id-kp", NID_id_kp, 7, &kObjectData[636], 0},
+ {"serverAuth", "TLS Web Server Authentication", NID_server_auth, 8,
+ &kObjectData[643], 0},
+ {"clientAuth", "TLS Web Client Authentication", NID_client_auth, 8,
+ &kObjectData[651], 0},
+ {"codeSigning", "Code Signing", NID_code_sign, 8, &kObjectData[659], 0},
+ {"emailProtection", "E-mail Protection", NID_email_protect, 8,
+ &kObjectData[667], 0},
+ {"timeStamping", "Time Stamping", NID_time_stamp, 8, &kObjectData[675], 0},
+ {"msCodeInd", "Microsoft Individual Code Signing", NID_ms_code_ind, 10,
+ &kObjectData[683], 0},
+ {"msCodeCom", "Microsoft Commercial Code Signing", NID_ms_code_com, 10,
+ &kObjectData[693], 0},
+ {"msCTLSign", "Microsoft Trust List Signing", NID_ms_ctl_sign, 10,
+ &kObjectData[703], 0},
+ {"msSGC", "Microsoft Server Gated Crypto", NID_ms_sgc, 10,
+ &kObjectData[713], 0},
+ {"msEFS", "Microsoft Encrypted File System", NID_ms_efs, 10,
+ &kObjectData[723], 0},
+ {"nsSGC", "Netscape Server Gated Crypto", NID_ns_sgc, 9, &kObjectData[733],
+ 0},
+ {"deltaCRL", "X509v3 Delta CRL Indicator", NID_delta_crl, 3,
+ &kObjectData[742], 0},
+ {"CRLReason", "X509v3 CRL Reason Code", NID_crl_reason, 3,
+ &kObjectData[745], 0},
+ {"invalidityDate", "Invalidity Date", NID_invalidity_date, 3,
+ &kObjectData[748], 0},
+ {"SXNetID", "Strong Extranet ID", NID_sxnet, 5, &kObjectData[751], 0},
+ {"PBE-SHA1-RC4-128", "pbeWithSHA1And128BitRC4",
+ NID_pbe_WithSHA1And128BitRC4, 10, &kObjectData[756], 0},
+ {"PBE-SHA1-RC4-40", "pbeWithSHA1And40BitRC4", NID_pbe_WithSHA1And40BitRC4,
+ 10, &kObjectData[766], 0},
+ {"PBE-SHA1-3DES", "pbeWithSHA1And3-KeyTripleDES-CBC",
+ NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 10, &kObjectData[776], 0},
+ {"PBE-SHA1-2DES", "pbeWithSHA1And2-KeyTripleDES-CBC",
+ NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 10, &kObjectData[786], 0},
+ {"PBE-SHA1-RC2-128", "pbeWithSHA1And128BitRC2-CBC",
+ NID_pbe_WithSHA1And128BitRC2_CBC, 10, &kObjectData[796], 0},
+ {"PBE-SHA1-RC2-40", "pbeWithSHA1And40BitRC2-CBC",
+ NID_pbe_WithSHA1And40BitRC2_CBC, 10, &kObjectData[806], 0},
+ {"keyBag", "keyBag", NID_keyBag, 11, &kObjectData[816], 0},
+ {"pkcs8ShroudedKeyBag", "pkcs8ShroudedKeyBag", NID_pkcs8ShroudedKeyBag, 11,
+ &kObjectData[827], 0},
+ {"certBag", "certBag", NID_certBag, 11, &kObjectData[838], 0},
+ {"crlBag", "crlBag", NID_crlBag, 11, &kObjectData[849], 0},
+ {"secretBag", "secretBag", NID_secretBag, 11, &kObjectData[860], 0},
+ {"safeContentsBag", "safeContentsBag", NID_safeContentsBag, 11,
+ &kObjectData[871], 0},
+ {"friendlyName", "friendlyName", NID_friendlyName, 9, &kObjectData[882], 0},
+ {"localKeyID", "localKeyID", NID_localKeyID, 9, &kObjectData[891], 0},
+ {"x509Certificate", "x509Certificate", NID_x509Certificate, 10,
+ &kObjectData[900], 0},
+ {"sdsiCertificate", "sdsiCertificate", NID_sdsiCertificate, 10,
+ &kObjectData[910], 0},
+ {"x509Crl", "x509Crl", NID_x509Crl, 10, &kObjectData[920], 0},
+ {"PBES2", "PBES2", NID_pbes2, 9, &kObjectData[930], 0},
+ {"PBMAC1", "PBMAC1", NID_pbmac1, 9, &kObjectData[939], 0},
+ {"hmacWithSHA1", "hmacWithSHA1", NID_hmacWithSHA1, 8, &kObjectData[948], 0},
+ {"id-qt-cps", "Policy Qualifier CPS", NID_id_qt_cps, 8, &kObjectData[956],
+ 0},
+ {"id-qt-unotice", "Policy Qualifier User Notice", NID_id_qt_unotice, 8,
+ &kObjectData[964], 0},
+ {"RC2-64-CBC", "rc2-64-cbc", NID_rc2_64_cbc, 0, NULL, 0},
+ {"SMIME-CAPS", "S/MIME Capabilities", NID_SMIMECapabilities, 9,
+ &kObjectData[972], 0},
+ {"PBE-MD2-RC2-64", "pbeWithMD2AndRC2-CBC", NID_pbeWithMD2AndRC2_CBC, 9,
+ &kObjectData[981], 0},
+ {"PBE-MD5-RC2-64", "pbeWithMD5AndRC2-CBC", NID_pbeWithMD5AndRC2_CBC, 9,
+ &kObjectData[990], 0},
+ {"PBE-SHA1-DES", "pbeWithSHA1AndDES-CBC", NID_pbeWithSHA1AndDES_CBC, 9,
+ &kObjectData[999], 0},
+ {"msExtReq", "Microsoft Extension Request", NID_ms_ext_req, 10,
+ &kObjectData[1008], 0},
+ {"extReq", "Extension Request", NID_ext_req, 9, &kObjectData[1018], 0},
+ {"name", "name", NID_name, 3, &kObjectData[1027], 0},
+ {"dnQualifier", "dnQualifier", NID_dnQualifier, 3, &kObjectData[1030], 0},
+ {"id-pe", "id-pe", NID_id_pe, 7, &kObjectData[1033], 0},
+ {"id-ad", "id-ad", NID_id_ad, 7, &kObjectData[1040], 0},
+ {"authorityInfoAccess", "Authority Information Access", NID_info_access, 8,
+ &kObjectData[1047], 0},
+ {"OCSP", "OCSP", NID_ad_OCSP, 8, &kObjectData[1055], 0},
+ {"caIssuers", "CA Issuers", NID_ad_ca_issuers, 8, &kObjectData[1063], 0},
+ {"OCSPSigning", "OCSP Signing", NID_OCSP_sign, 8, &kObjectData[1071], 0},
+ {"ISO", "iso", NID_iso, 0, NULL, 0},
+ {"member-body", "ISO Member Body", NID_member_body, 1, &kObjectData[1079],
+ 0},
+ {"ISO-US", "ISO US Member Body", NID_ISO_US, 3, &kObjectData[1080], 0},
+ {"X9-57", "X9.57", NID_X9_57, 5, &kObjectData[1083], 0},
+ {"X9cm", "X9.57 CM ?", NID_X9cm, 6, &kObjectData[1088], 0},
+ {"pkcs1", "pkcs1", NID_pkcs1, 8, &kObjectData[1094], 0},
+ {"pkcs5", "pkcs5", NID_pkcs5, 8, &kObjectData[1102], 0},
+ {"SMIME", "S/MIME", NID_SMIME, 9, &kObjectData[1110], 0},
+ {"id-smime-mod", "id-smime-mod", NID_id_smime_mod, 10, &kObjectData[1119],
+ 0},
+ {"id-smime-ct", "id-smime-ct", NID_id_smime_ct, 10, &kObjectData[1129], 0},
+ {"id-smime-aa", "id-smime-aa", NID_id_smime_aa, 10, &kObjectData[1139], 0},
+ {"id-smime-alg", "id-smime-alg", NID_id_smime_alg, 10, &kObjectData[1149],
+ 0},
+ {"id-smime-cd", "id-smime-cd", NID_id_smime_cd, 10, &kObjectData[1159], 0},
+ {"id-smime-spq", "id-smime-spq", NID_id_smime_spq, 10, &kObjectData[1169],
+ 0},
+ {"id-smime-cti", "id-smime-cti", NID_id_smime_cti, 10, &kObjectData[1179],
+ 0},
+ {"id-smime-mod-cms", "id-smime-mod-cms", NID_id_smime_mod_cms, 11,
+ &kObjectData[1189], 0},
+ {"id-smime-mod-ess", "id-smime-mod-ess", NID_id_smime_mod_ess, 11,
+ &kObjectData[1200], 0},
+ {"id-smime-mod-oid", "id-smime-mod-oid", NID_id_smime_mod_oid, 11,
+ &kObjectData[1211], 0},
+ {"id-smime-mod-msg-v3", "id-smime-mod-msg-v3", NID_id_smime_mod_msg_v3, 11,
+ &kObjectData[1222], 0},
+ {"id-smime-mod-ets-eSignature-88", "id-smime-mod-ets-eSignature-88",
+ NID_id_smime_mod_ets_eSignature_88, 11, &kObjectData[1233], 0},
+ {"id-smime-mod-ets-eSignature-97", "id-smime-mod-ets-eSignature-97",
+ NID_id_smime_mod_ets_eSignature_97, 11, &kObjectData[1244], 0},
+ {"id-smime-mod-ets-eSigPolicy-88", "id-smime-mod-ets-eSigPolicy-88",
+ NID_id_smime_mod_ets_eSigPolicy_88, 11, &kObjectData[1255], 0},
+ {"id-smime-mod-ets-eSigPolicy-97", "id-smime-mod-ets-eSigPolicy-97",
+ NID_id_smime_mod_ets_eSigPolicy_97, 11, &kObjectData[1266], 0},
+ {"id-smime-ct-receipt", "id-smime-ct-receipt", NID_id_smime_ct_receipt, 11,
+ &kObjectData[1277], 0},
+ {"id-smime-ct-authData", "id-smime-ct-authData", NID_id_smime_ct_authData,
+ 11, &kObjectData[1288], 0},
+ {"id-smime-ct-publishCert", "id-smime-ct-publishCert",
+ NID_id_smime_ct_publishCert, 11, &kObjectData[1299], 0},
+ {"id-smime-ct-TSTInfo", "id-smime-ct-TSTInfo", NID_id_smime_ct_TSTInfo, 11,
+ &kObjectData[1310], 0},
+ {"id-smime-ct-TDTInfo", "id-smime-ct-TDTInfo", NID_id_smime_ct_TDTInfo, 11,
+ &kObjectData[1321], 0},
+ {"id-smime-ct-contentInfo", "id-smime-ct-contentInfo",
+ NID_id_smime_ct_contentInfo, 11, &kObjectData[1332], 0},
+ {"id-smime-ct-DVCSRequestData", "id-smime-ct-DVCSRequestData",
+ NID_id_smime_ct_DVCSRequestData, 11, &kObjectData[1343], 0},
+ {"id-smime-ct-DVCSResponseData", "id-smime-ct-DVCSResponseData",
+ NID_id_smime_ct_DVCSResponseData, 11, &kObjectData[1354], 0},
+ {"id-smime-aa-receiptRequest", "id-smime-aa-receiptRequest",
+ NID_id_smime_aa_receiptRequest, 11, &kObjectData[1365], 0},
+ {"id-smime-aa-securityLabel", "id-smime-aa-securityLabel",
+ NID_id_smime_aa_securityLabel, 11, &kObjectData[1376], 0},
+ {"id-smime-aa-mlExpandHistory", "id-smime-aa-mlExpandHistory",
+ NID_id_smime_aa_mlExpandHistory, 11, &kObjectData[1387], 0},
+ {"id-smime-aa-contentHint", "id-smime-aa-contentHint",
+ NID_id_smime_aa_contentHint, 11, &kObjectData[1398], 0},
+ {"id-smime-aa-msgSigDigest", "id-smime-aa-msgSigDigest",
+ NID_id_smime_aa_msgSigDigest, 11, &kObjectData[1409], 0},
+ {"id-smime-aa-encapContentType", "id-smime-aa-encapContentType",
+ NID_id_smime_aa_encapContentType, 11, &kObjectData[1420], 0},
+ {"id-smime-aa-contentIdentifier", "id-smime-aa-contentIdentifier",
+ NID_id_smime_aa_contentIdentifier, 11, &kObjectData[1431], 0},
+ {"id-smime-aa-macValue", "id-smime-aa-macValue", NID_id_smime_aa_macValue,
+ 11, &kObjectData[1442], 0},
+ {"id-smime-aa-equivalentLabels", "id-smime-aa-equivalentLabels",
+ NID_id_smime_aa_equivalentLabels, 11, &kObjectData[1453], 0},
+ {"id-smime-aa-contentReference", "id-smime-aa-contentReference",
+ NID_id_smime_aa_contentReference, 11, &kObjectData[1464], 0},
+ {"id-smime-aa-encrypKeyPref", "id-smime-aa-encrypKeyPref",
+ NID_id_smime_aa_encrypKeyPref, 11, &kObjectData[1475], 0},
+ {"id-smime-aa-signingCertificate", "id-smime-aa-signingCertificate",
+ NID_id_smime_aa_signingCertificate, 11, &kObjectData[1486], 0},
+ {"id-smime-aa-smimeEncryptCerts", "id-smime-aa-smimeEncryptCerts",
+ NID_id_smime_aa_smimeEncryptCerts, 11, &kObjectData[1497], 0},
+ {"id-smime-aa-timeStampToken", "id-smime-aa-timeStampToken",
+ NID_id_smime_aa_timeStampToken, 11, &kObjectData[1508], 0},
+ {"id-smime-aa-ets-sigPolicyId", "id-smime-aa-ets-sigPolicyId",
+ NID_id_smime_aa_ets_sigPolicyId, 11, &kObjectData[1519], 0},
+ {"id-smime-aa-ets-commitmentType", "id-smime-aa-ets-commitmentType",
+ NID_id_smime_aa_ets_commitmentType, 11, &kObjectData[1530], 0},
+ {"id-smime-aa-ets-signerLocation", "id-smime-aa-ets-signerLocation",
+ NID_id_smime_aa_ets_signerLocation, 11, &kObjectData[1541], 0},
+ {"id-smime-aa-ets-signerAttr", "id-smime-aa-ets-signerAttr",
+ NID_id_smime_aa_ets_signerAttr, 11, &kObjectData[1552], 0},
+ {"id-smime-aa-ets-otherSigCert", "id-smime-aa-ets-otherSigCert",
+ NID_id_smime_aa_ets_otherSigCert, 11, &kObjectData[1563], 0},
+ {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp",
+ NID_id_smime_aa_ets_contentTimestamp, 11, &kObjectData[1574], 0},
+ {"id-smime-aa-ets-CertificateRefs", "id-smime-aa-ets-CertificateRefs",
+ NID_id_smime_aa_ets_CertificateRefs, 11, &kObjectData[1585], 0},
+ {"id-smime-aa-ets-RevocationRefs", "id-smime-aa-ets-RevocationRefs",
+ NID_id_smime_aa_ets_RevocationRefs, 11, &kObjectData[1596], 0},
+ {"id-smime-aa-ets-certValues", "id-smime-aa-ets-certValues",
+ NID_id_smime_aa_ets_certValues, 11, &kObjectData[1607], 0},
+ {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues",
+ NID_id_smime_aa_ets_revocationValues, 11, &kObjectData[1618], 0},
+ {"id-smime-aa-ets-escTimeStamp", "id-smime-aa-ets-escTimeStamp",
+ NID_id_smime_aa_ets_escTimeStamp, 11, &kObjectData[1629], 0},
+ {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp",
+ NID_id_smime_aa_ets_certCRLTimestamp, 11, &kObjectData[1640], 0},
+ {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp",
+ NID_id_smime_aa_ets_archiveTimeStamp, 11, &kObjectData[1651], 0},
+ {"id-smime-aa-signatureType", "id-smime-aa-signatureType",
+ NID_id_smime_aa_signatureType, 11, &kObjectData[1662], 0},
+ {"id-smime-aa-dvcs-dvc", "id-smime-aa-dvcs-dvc", NID_id_smime_aa_dvcs_dvc,
+ 11, &kObjectData[1673], 0},
+ {"id-smime-alg-ESDHwith3DES", "id-smime-alg-ESDHwith3DES",
+ NID_id_smime_alg_ESDHwith3DES, 11, &kObjectData[1684], 0},
+ {"id-smime-alg-ESDHwithRC2", "id-smime-alg-ESDHwithRC2",
+ NID_id_smime_alg_ESDHwithRC2, 11, &kObjectData[1695], 0},
+ {"id-smime-alg-3DESwrap", "id-smime-alg-3DESwrap",
+ NID_id_smime_alg_3DESwrap, 11, &kObjectData[1706], 0},
+ {"id-smime-alg-RC2wrap", "id-smime-alg-RC2wrap", NID_id_smime_alg_RC2wrap,
+ 11, &kObjectData[1717], 0},
+ {"id-smime-alg-ESDH", "id-smime-alg-ESDH", NID_id_smime_alg_ESDH, 11,
+ &kObjectData[1728], 0},
+ {"id-smime-alg-CMS3DESwrap", "id-smime-alg-CMS3DESwrap",
+ NID_id_smime_alg_CMS3DESwrap, 11, &kObjectData[1739], 0},
+ {"id-smime-alg-CMSRC2wrap", "id-smime-alg-CMSRC2wrap",
+ NID_id_smime_alg_CMSRC2wrap, 11, &kObjectData[1750], 0},
+ {"id-smime-cd-ldap", "id-smime-cd-ldap", NID_id_smime_cd_ldap, 11,
+ &kObjectData[1761], 0},
+ {"id-smime-spq-ets-sqt-uri", "id-smime-spq-ets-sqt-uri",
+ NID_id_smime_spq_ets_sqt_uri, 11, &kObjectData[1772], 0},
+ {"id-smime-spq-ets-sqt-unotice", "id-smime-spq-ets-sqt-unotice",
+ NID_id_smime_spq_ets_sqt_unotice, 11, &kObjectData[1783], 0},
+ {"id-smime-cti-ets-proofOfOrigin", "id-smime-cti-ets-proofOfOrigin",
+ NID_id_smime_cti_ets_proofOfOrigin, 11, &kObjectData[1794], 0},
+ {"id-smime-cti-ets-proofOfReceipt", "id-smime-cti-ets-proofOfReceipt",
+ NID_id_smime_cti_ets_proofOfReceipt, 11, &kObjectData[1805], 0},
+ {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery",
+ NID_id_smime_cti_ets_proofOfDelivery, 11, &kObjectData[1816], 0},
+ {"id-smime-cti-ets-proofOfSender", "id-smime-cti-ets-proofOfSender",
+ NID_id_smime_cti_ets_proofOfSender, 11, &kObjectData[1827], 0},
+ {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval",
+ NID_id_smime_cti_ets_proofOfApproval, 11, &kObjectData[1838], 0},
+ {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation",
+ NID_id_smime_cti_ets_proofOfCreation, 11, &kObjectData[1849], 0},
+ {"MD4", "md4", NID_md4, 8, &kObjectData[1860], 0},
+ {"id-pkix-mod", "id-pkix-mod", NID_id_pkix_mod, 7, &kObjectData[1868], 0},
+ {"id-qt", "id-qt", NID_id_qt, 7, &kObjectData[1875], 0},
+ {"id-it", "id-it", NID_id_it, 7, &kObjectData[1882], 0},
+ {"id-pkip", "id-pkip", NID_id_pkip, 7, &kObjectData[1889], 0},
+ {"id-alg", "id-alg", NID_id_alg, 7, &kObjectData[1896], 0},
+ {"id-cmc", "id-cmc", NID_id_cmc, 7, &kObjectData[1903], 0},
+ {"id-on", "id-on", NID_id_on, 7, &kObjectData[1910], 0},
+ {"id-pda", "id-pda", NID_id_pda, 7, &kObjectData[1917], 0},
+ {"id-aca", "id-aca", NID_id_aca, 7, &kObjectData[1924], 0},
+ {"id-qcs", "id-qcs", NID_id_qcs, 7, &kObjectData[1931], 0},
+ {"id-cct", "id-cct", NID_id_cct, 7, &kObjectData[1938], 0},
+ {"id-pkix1-explicit-88", "id-pkix1-explicit-88", NID_id_pkix1_explicit_88,
+ 8, &kObjectData[1945], 0},
+ {"id-pkix1-implicit-88", "id-pkix1-implicit-88", NID_id_pkix1_implicit_88,
+ 8, &kObjectData[1953], 0},
+ {"id-pkix1-explicit-93", "id-pkix1-explicit-93", NID_id_pkix1_explicit_93,
+ 8, &kObjectData[1961], 0},
+ {"id-pkix1-implicit-93", "id-pkix1-implicit-93", NID_id_pkix1_implicit_93,
+ 8, &kObjectData[1969], 0},
+ {"id-mod-crmf", "id-mod-crmf", NID_id_mod_crmf, 8, &kObjectData[1977], 0},
+ {"id-mod-cmc", "id-mod-cmc", NID_id_mod_cmc, 8, &kObjectData[1985], 0},
+ {"id-mod-kea-profile-88", "id-mod-kea-profile-88",
+ NID_id_mod_kea_profile_88, 8, &kObjectData[1993], 0},
+ {"id-mod-kea-profile-93", "id-mod-kea-profile-93",
+ NID_id_mod_kea_profile_93, 8, &kObjectData[2001], 0},
+ {"id-mod-cmp", "id-mod-cmp", NID_id_mod_cmp, 8, &kObjectData[2009], 0},
+ {"id-mod-qualified-cert-88", "id-mod-qualified-cert-88",
+ NID_id_mod_qualified_cert_88, 8, &kObjectData[2017], 0},
+ {"id-mod-qualified-cert-93", "id-mod-qualified-cert-93",
+ NID_id_mod_qualified_cert_93, 8, &kObjectData[2025], 0},
+ {"id-mod-attribute-cert", "id-mod-attribute-cert",
+ NID_id_mod_attribute_cert, 8, &kObjectData[2033], 0},
+ {"id-mod-timestamp-protocol", "id-mod-timestamp-protocol",
+ NID_id_mod_timestamp_protocol, 8, &kObjectData[2041], 0},
+ {"id-mod-ocsp", "id-mod-ocsp", NID_id_mod_ocsp, 8, &kObjectData[2049], 0},
+ {"id-mod-dvcs", "id-mod-dvcs", NID_id_mod_dvcs, 8, &kObjectData[2057], 0},
+ {"id-mod-cmp2000", "id-mod-cmp2000", NID_id_mod_cmp2000, 8,
+ &kObjectData[2065], 0},
+ {"biometricInfo", "Biometric Info", NID_biometricInfo, 8,
+ &kObjectData[2073], 0},
+ {"qcStatements", "qcStatements", NID_qcStatements, 8, &kObjectData[2081],
+ 0},
+ {"ac-auditEntity", "ac-auditEntity", NID_ac_auditEntity, 8,
+ &kObjectData[2089], 0},
+ {"ac-targeting", "ac-targeting", NID_ac_targeting, 8, &kObjectData[2097],
+ 0},
+ {"aaControls", "aaControls", NID_aaControls, 8, &kObjectData[2105], 0},
+ {"sbgp-ipAddrBlock", "sbgp-ipAddrBlock", NID_sbgp_ipAddrBlock, 8,
+ &kObjectData[2113], 0},
+ {"sbgp-autonomousSysNum", "sbgp-autonomousSysNum",
+ NID_sbgp_autonomousSysNum, 8, &kObjectData[2121], 0},
+ {"sbgp-routerIdentifier", "sbgp-routerIdentifier",
+ NID_sbgp_routerIdentifier, 8, &kObjectData[2129], 0},
+ {"textNotice", "textNotice", NID_textNotice, 8, &kObjectData[2137], 0},
+ {"ipsecEndSystem", "IPSec End System", NID_ipsecEndSystem, 8,
+ &kObjectData[2145], 0},
+ {"ipsecTunnel", "IPSec Tunnel", NID_ipsecTunnel, 8, &kObjectData[2153], 0},
+ {"ipsecUser", "IPSec User", NID_ipsecUser, 8, &kObjectData[2161], 0},
+ {"DVCS", "dvcs", NID_dvcs, 8, &kObjectData[2169], 0},
+ {"id-it-caProtEncCert", "id-it-caProtEncCert", NID_id_it_caProtEncCert, 8,
+ &kObjectData[2177], 0},
+ {"id-it-signKeyPairTypes", "id-it-signKeyPairTypes",
+ NID_id_it_signKeyPairTypes, 8, &kObjectData[2185], 0},
+ {"id-it-encKeyPairTypes", "id-it-encKeyPairTypes",
+ NID_id_it_encKeyPairTypes, 8, &kObjectData[2193], 0},
+ {"id-it-preferredSymmAlg", "id-it-preferredSymmAlg",
+ NID_id_it_preferredSymmAlg, 8, &kObjectData[2201], 0},
+ {"id-it-caKeyUpdateInfo", "id-it-caKeyUpdateInfo",
+ NID_id_it_caKeyUpdateInfo, 8, &kObjectData[2209], 0},
+ {"id-it-currentCRL", "id-it-currentCRL", NID_id_it_currentCRL, 8,
+ &kObjectData[2217], 0},
+ {"id-it-unsupportedOIDs", "id-it-unsupportedOIDs",
+ NID_id_it_unsupportedOIDs, 8, &kObjectData[2225], 0},
+ {"id-it-subscriptionRequest", "id-it-subscriptionRequest",
+ NID_id_it_subscriptionRequest, 8, &kObjectData[2233], 0},
+ {"id-it-subscriptionResponse", "id-it-subscriptionResponse",
+ NID_id_it_subscriptionResponse, 8, &kObjectData[2241], 0},
+ {"id-it-keyPairParamReq", "id-it-keyPairParamReq",
+ NID_id_it_keyPairParamReq, 8, &kObjectData[2249], 0},
+ {"id-it-keyPairParamRep", "id-it-keyPairParamRep",
+ NID_id_it_keyPairParamRep, 8, &kObjectData[2257], 0},
+ {"id-it-revPassphrase", "id-it-revPassphrase", NID_id_it_revPassphrase, 8,
+ &kObjectData[2265], 0},
+ {"id-it-implicitConfirm", "id-it-implicitConfirm",
+ NID_id_it_implicitConfirm, 8, &kObjectData[2273], 0},
+ {"id-it-confirmWaitTime", "id-it-confirmWaitTime",
+ NID_id_it_confirmWaitTime, 8, &kObjectData[2281], 0},
+ {"id-it-origPKIMessage", "id-it-origPKIMessage", NID_id_it_origPKIMessage,
+ 8, &kObjectData[2289], 0},
+ {"id-regCtrl", "id-regCtrl", NID_id_regCtrl, 8, &kObjectData[2297], 0},
+ {"id-regInfo", "id-regInfo", NID_id_regInfo, 8, &kObjectData[2305], 0},
+ {"id-regCtrl-regToken", "id-regCtrl-regToken", NID_id_regCtrl_regToken, 9,
+ &kObjectData[2313], 0},
+ {"id-regCtrl-authenticator", "id-regCtrl-authenticator",
+ NID_id_regCtrl_authenticator, 9, &kObjectData[2322], 0},
+ {"id-regCtrl-pkiPublicationInfo", "id-regCtrl-pkiPublicationInfo",
+ NID_id_regCtrl_pkiPublicationInfo, 9, &kObjectData[2331], 0},
+ {"id-regCtrl-pkiArchiveOptions", "id-regCtrl-pkiArchiveOptions",
+ NID_id_regCtrl_pkiArchiveOptions, 9, &kObjectData[2340], 0},
+ {"id-regCtrl-oldCertID", "id-regCtrl-oldCertID", NID_id_regCtrl_oldCertID,
+ 9, &kObjectData[2349], 0},
+ {"id-regCtrl-protocolEncrKey", "id-regCtrl-protocolEncrKey",
+ NID_id_regCtrl_protocolEncrKey, 9, &kObjectData[2358], 0},
+ {"id-regInfo-utf8Pairs", "id-regInfo-utf8Pairs", NID_id_regInfo_utf8Pairs,
+ 9, &kObjectData[2367], 0},
+ {"id-regInfo-certReq", "id-regInfo-certReq", NID_id_regInfo_certReq, 9,
+ &kObjectData[2376], 0},
+ {"id-alg-des40", "id-alg-des40", NID_id_alg_des40, 8, &kObjectData[2385],
+ 0},
+ {"id-alg-noSignature", "id-alg-noSignature", NID_id_alg_noSignature, 8,
+ &kObjectData[2393], 0},
+ {"id-alg-dh-sig-hmac-sha1", "id-alg-dh-sig-hmac-sha1",
+ NID_id_alg_dh_sig_hmac_sha1, 8, &kObjectData[2401], 0},
+ {"id-alg-dh-pop", "id-alg-dh-pop", NID_id_alg_dh_pop, 8, &kObjectData[2409],
+ 0},
+ {"id-cmc-statusInfo", "id-cmc-statusInfo", NID_id_cmc_statusInfo, 8,
+ &kObjectData[2417], 0},
+ {"id-cmc-identification", "id-cmc-identification",
+ NID_id_cmc_identification, 8, &kObjectData[2425], 0},
+ {"id-cmc-identityProof", "id-cmc-identityProof", NID_id_cmc_identityProof,
+ 8, &kObjectData[2433], 0},
+ {"id-cmc-dataReturn", "id-cmc-dataReturn", NID_id_cmc_dataReturn, 8,
+ &kObjectData[2441], 0},
+ {"id-cmc-transactionId", "id-cmc-transactionId", NID_id_cmc_transactionId,
+ 8, &kObjectData[2449], 0},
+ {"id-cmc-senderNonce", "id-cmc-senderNonce", NID_id_cmc_senderNonce, 8,
+ &kObjectData[2457], 0},
+ {"id-cmc-recipientNonce", "id-cmc-recipientNonce",
+ NID_id_cmc_recipientNonce, 8, &kObjectData[2465], 0},
+ {"id-cmc-addExtensions", "id-cmc-addExtensions", NID_id_cmc_addExtensions,
+ 8, &kObjectData[2473], 0},
+ {"id-cmc-encryptedPOP", "id-cmc-encryptedPOP", NID_id_cmc_encryptedPOP, 8,
+ &kObjectData[2481], 0},
+ {"id-cmc-decryptedPOP", "id-cmc-decryptedPOP", NID_id_cmc_decryptedPOP, 8,
+ &kObjectData[2489], 0},
+ {"id-cmc-lraPOPWitness", "id-cmc-lraPOPWitness", NID_id_cmc_lraPOPWitness,
+ 8, &kObjectData[2497], 0},
+ {"id-cmc-getCert", "id-cmc-getCert", NID_id_cmc_getCert, 8,
+ &kObjectData[2505], 0},
+ {"id-cmc-getCRL", "id-cmc-getCRL", NID_id_cmc_getCRL, 8, &kObjectData[2513],
+ 0},
+ {"id-cmc-revokeRequest", "id-cmc-revokeRequest", NID_id_cmc_revokeRequest,
+ 8, &kObjectData[2521], 0},
+ {"id-cmc-regInfo", "id-cmc-regInfo", NID_id_cmc_regInfo, 8,
+ &kObjectData[2529], 0},
+ {"id-cmc-responseInfo", "id-cmc-responseInfo", NID_id_cmc_responseInfo, 8,
+ &kObjectData[2537], 0},
+ {"id-cmc-queryPending", "id-cmc-queryPending", NID_id_cmc_queryPending, 8,
+ &kObjectData[2545], 0},
+ {"id-cmc-popLinkRandom", "id-cmc-popLinkRandom", NID_id_cmc_popLinkRandom,
+ 8, &kObjectData[2553], 0},
+ {"id-cmc-popLinkWitness", "id-cmc-popLinkWitness",
+ NID_id_cmc_popLinkWitness, 8, &kObjectData[2561], 0},
+ {"id-cmc-confirmCertAcceptance", "id-cmc-confirmCertAcceptance",
+ NID_id_cmc_confirmCertAcceptance, 8, &kObjectData[2569], 0},
+ {"id-on-personalData", "id-on-personalData", NID_id_on_personalData, 8,
+ &kObjectData[2577], 0},
+ {"id-pda-dateOfBirth", "id-pda-dateOfBirth", NID_id_pda_dateOfBirth, 8,
+ &kObjectData[2585], 0},
+ {"id-pda-placeOfBirth", "id-pda-placeOfBirth", NID_id_pda_placeOfBirth, 8,
+ &kObjectData[2593], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"id-pda-gender", "id-pda-gender", NID_id_pda_gender, 8, &kObjectData[2601],
+ 0},
+ {"id-pda-countryOfCitizenship", "id-pda-countryOfCitizenship",
+ NID_id_pda_countryOfCitizenship, 8, &kObjectData[2609], 0},
+ {"id-pda-countryOfResidence", "id-pda-countryOfResidence",
+ NID_id_pda_countryOfResidence, 8, &kObjectData[2617], 0},
+ {"id-aca-authenticationInfo", "id-aca-authenticationInfo",
+ NID_id_aca_authenticationInfo, 8, &kObjectData[2625], 0},
+ {"id-aca-accessIdentity", "id-aca-accessIdentity",
+ NID_id_aca_accessIdentity, 8, &kObjectData[2633], 0},
+ {"id-aca-chargingIdentity", "id-aca-chargingIdentity",
+ NID_id_aca_chargingIdentity, 8, &kObjectData[2641], 0},
+ {"id-aca-group", "id-aca-group", NID_id_aca_group, 8, &kObjectData[2649],
+ 0},
+ {"id-aca-role", "id-aca-role", NID_id_aca_role, 8, &kObjectData[2657], 0},
+ {"id-qcs-pkixQCSyntax-v1", "id-qcs-pkixQCSyntax-v1",
+ NID_id_qcs_pkixQCSyntax_v1, 8, &kObjectData[2665], 0},
+ {"id-cct-crs", "id-cct-crs", NID_id_cct_crs, 8, &kObjectData[2673], 0},
+ {"id-cct-PKIData", "id-cct-PKIData", NID_id_cct_PKIData, 8,
+ &kObjectData[2681], 0},
+ {"id-cct-PKIResponse", "id-cct-PKIResponse", NID_id_cct_PKIResponse, 8,
+ &kObjectData[2689], 0},
+ {"ad_timestamping", "AD Time Stamping", NID_ad_timeStamping, 8,
+ &kObjectData[2697], 0},
+ {"AD_DVCS", "ad dvcs", NID_ad_dvcs, 8, &kObjectData[2705], 0},
+ {"basicOCSPResponse", "Basic OCSP Response", NID_id_pkix_OCSP_basic, 9,
+ &kObjectData[2713], 0},
+ {"Nonce", "OCSP Nonce", NID_id_pkix_OCSP_Nonce, 9, &kObjectData[2722], 0},
+ {"CrlID", "OCSP CRL ID", NID_id_pkix_OCSP_CrlID, 9, &kObjectData[2731], 0},
+ {"acceptableResponses", "Acceptable OCSP Responses",
+ NID_id_pkix_OCSP_acceptableResponses, 9, &kObjectData[2740], 0},
+ {"noCheck", "OCSP No Check", NID_id_pkix_OCSP_noCheck, 9,
+ &kObjectData[2749], 0},
+ {"archiveCutoff", "OCSP Archive Cutoff", NID_id_pkix_OCSP_archiveCutoff, 9,
+ &kObjectData[2758], 0},
+ {"serviceLocator", "OCSP Service Locator", NID_id_pkix_OCSP_serviceLocator,
+ 9, &kObjectData[2767], 0},
+ {"extendedStatus", "Extended OCSP Status", NID_id_pkix_OCSP_extendedStatus,
+ 9, &kObjectData[2776], 0},
+ {"valid", "valid", NID_id_pkix_OCSP_valid, 9, &kObjectData[2785], 0},
+ {"path", "path", NID_id_pkix_OCSP_path, 9, &kObjectData[2794], 0},
+ {"trustRoot", "Trust Root", NID_id_pkix_OCSP_trustRoot, 9,
+ &kObjectData[2803], 0},
+ {"algorithm", "algorithm", NID_algorithm, 4, &kObjectData[2812], 0},
+ {"rsaSignature", "rsaSignature", NID_rsaSignature, 5, &kObjectData[2816],
+ 0},
+ {"X500algorithms", "directory services - algorithms", NID_X500algorithms, 2,
+ &kObjectData[2821], 0},
+ {"ORG", "org", NID_org, 1, &kObjectData[2823], 0},
+ {"DOD", "dod", NID_dod, 2, &kObjectData[2824], 0},
+ {"IANA", "iana", NID_iana, 3, &kObjectData[2826], 0},
+ {"directory", "Directory", NID_Directory, 4, &kObjectData[2829], 0},
+ {"mgmt", "Management", NID_Management, 4, &kObjectData[2833], 0},
+ {"experimental", "Experimental", NID_Experimental, 4, &kObjectData[2837],
+ 0},
+ {"private", "Private", NID_Private, 4, &kObjectData[2841], 0},
+ {"security", "Security", NID_Security, 4, &kObjectData[2845], 0},
+ {"snmpv2", "SNMPv2", NID_SNMPv2, 4, &kObjectData[2849], 0},
+ {"Mail", "Mail", NID_Mail, 4, &kObjectData[2853], 0},
+ {"enterprises", "Enterprises", NID_Enterprises, 5, &kObjectData[2857], 0},
+ {"dcobject", "dcObject", NID_dcObject, 9, &kObjectData[2862], 0},
+ {"DC", "domainComponent", NID_domainComponent, 10, &kObjectData[2871], 0},
+ {"domain", "Domain", NID_Domain, 10, &kObjectData[2881], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"selected-attribute-types", "Selected Attribute Types",
+ NID_selected_attribute_types, 3, &kObjectData[2891], 0},
+ {"clearance", "clearance", NID_clearance, 4, &kObjectData[2894], 0},
+ {"RSA-MD4", "md4WithRSAEncryption", NID_md4WithRSAEncryption, 9,
+ &kObjectData[2898], 0},
+ {"ac-proxying", "ac-proxying", NID_ac_proxying, 8, &kObjectData[2907], 0},
+ {"subjectInfoAccess", "Subject Information Access", NID_sinfo_access, 8,
+ &kObjectData[2915], 0},
+ {"id-aca-encAttrs", "id-aca-encAttrs", NID_id_aca_encAttrs, 8,
+ &kObjectData[2923], 0},
+ {"role", "role", NID_role, 3, &kObjectData[2931], 0},
+ {"policyConstraints", "X509v3 Policy Constraints", NID_policy_constraints,
+ 3, &kObjectData[2934], 0},
+ {"targetInformation", "X509v3 AC Targeting", NID_target_information, 3,
+ &kObjectData[2937], 0},
+ {"noRevAvail", "X509v3 No Revocation Available", NID_no_rev_avail, 3,
+ &kObjectData[2940], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"ansi-X9-62", "ANSI X9.62", NID_ansi_X9_62, 5, &kObjectData[2943], 0},
+ {"prime-field", "prime-field", NID_X9_62_prime_field, 7, &kObjectData[2948],
+ 0},
+ {"characteristic-two-field", "characteristic-two-field",
+ NID_X9_62_characteristic_two_field, 7, &kObjectData[2955], 0},
+ {"id-ecPublicKey", "id-ecPublicKey", NID_X9_62_id_ecPublicKey, 7,
+ &kObjectData[2962], 0},
+ {"prime192v1", "prime192v1", NID_X9_62_prime192v1, 8, &kObjectData[2969],
+ 0},
+ {"prime192v2", "prime192v2", NID_X9_62_prime192v2, 8, &kObjectData[2977],
+ 0},
+ {"prime192v3", "prime192v3", NID_X9_62_prime192v3, 8, &kObjectData[2985],
+ 0},
+ {"prime239v1", "prime239v1", NID_X9_62_prime239v1, 8, &kObjectData[2993],
+ 0},
+ {"prime239v2", "prime239v2", NID_X9_62_prime239v2, 8, &kObjectData[3001],
+ 0},
+ {"prime239v3", "prime239v3", NID_X9_62_prime239v3, 8, &kObjectData[3009],
+ 0},
+ {"prime256v1", "prime256v1", NID_X9_62_prime256v1, 8, &kObjectData[3017],
+ 0},
+ {"ecdsa-with-SHA1", "ecdsa-with-SHA1", NID_ecdsa_with_SHA1, 7,
+ &kObjectData[3025], 0},
+ {"CSPName", "Microsoft CSP Name", NID_ms_csp_name, 9, &kObjectData[3032],
+ 0},
+ {"AES-128-ECB", "aes-128-ecb", NID_aes_128_ecb, 9, &kObjectData[3041], 0},
+ {"AES-128-CBC", "aes-128-cbc", NID_aes_128_cbc, 9, &kObjectData[3050], 0},
+ {"AES-128-OFB", "aes-128-ofb", NID_aes_128_ofb128, 9, &kObjectData[3059],
+ 0},
+ {"AES-128-CFB", "aes-128-cfb", NID_aes_128_cfb128, 9, &kObjectData[3068],
+ 0},
+ {"AES-192-ECB", "aes-192-ecb", NID_aes_192_ecb, 9, &kObjectData[3077], 0},
+ {"AES-192-CBC", "aes-192-cbc", NID_aes_192_cbc, 9, &kObjectData[3086], 0},
+ {"AES-192-OFB", "aes-192-ofb", NID_aes_192_ofb128, 9, &kObjectData[3095],
+ 0},
+ {"AES-192-CFB", "aes-192-cfb", NID_aes_192_cfb128, 9, &kObjectData[3104],
+ 0},
+ {"AES-256-ECB", "aes-256-ecb", NID_aes_256_ecb, 9, &kObjectData[3113], 0},
+ {"AES-256-CBC", "aes-256-cbc", NID_aes_256_cbc, 9, &kObjectData[3122], 0},
+ {"AES-256-OFB", "aes-256-ofb", NID_aes_256_ofb128, 9, &kObjectData[3131],
+ 0},
+ {"AES-256-CFB", "aes-256-cfb", NID_aes_256_cfb128, 9, &kObjectData[3140],
+ 0},
+ {"holdInstructionCode", "Hold Instruction Code", NID_hold_instruction_code,
+ 3, &kObjectData[3149], 0},
+ {"holdInstructionNone", "Hold Instruction None", NID_hold_instruction_none,
+ 7, &kObjectData[3152], 0},
+ {"holdInstructionCallIssuer", "Hold Instruction Call Issuer",
+ NID_hold_instruction_call_issuer, 7, &kObjectData[3159], 0},
+ {"holdInstructionReject", "Hold Instruction Reject",
+ NID_hold_instruction_reject, 7, &kObjectData[3166], 0},
+ {"data", "data", NID_data, 1, &kObjectData[3173], 0},
+ {"pss", "pss", NID_pss, 3, &kObjectData[3174], 0},
+ {"ucl", "ucl", NID_ucl, 7, &kObjectData[3177], 0},
+ {"pilot", "pilot", NID_pilot, 8, &kObjectData[3184], 0},
+ {"pilotAttributeType", "pilotAttributeType", NID_pilotAttributeType, 9,
+ &kObjectData[3192], 0},
+ {"pilotAttributeSyntax", "pilotAttributeSyntax", NID_pilotAttributeSyntax,
+ 9, &kObjectData[3201], 0},
+ {"pilotObjectClass", "pilotObjectClass", NID_pilotObjectClass, 9,
+ &kObjectData[3210], 0},
+ {"pilotGroups", "pilotGroups", NID_pilotGroups, 9, &kObjectData[3219], 0},
+ {"iA5StringSyntax", "iA5StringSyntax", NID_iA5StringSyntax, 10,
+ &kObjectData[3228], 0},
+ {"caseIgnoreIA5StringSyntax", "caseIgnoreIA5StringSyntax",
+ NID_caseIgnoreIA5StringSyntax, 10, &kObjectData[3238], 0},
+ {"pilotObject", "pilotObject", NID_pilotObject, 10, &kObjectData[3248], 0},
+ {"pilotPerson", "pilotPerson", NID_pilotPerson, 10, &kObjectData[3258], 0},
+ {"account", "account", NID_account, 10, &kObjectData[3268], 0},
+ {"document", "document", NID_document, 10, &kObjectData[3278], 0},
+ {"room", "room", NID_room, 10, &kObjectData[3288], 0},
+ {"documentSeries", "documentSeries", NID_documentSeries, 10,
+ &kObjectData[3298], 0},
+ {"rFC822localPart", "rFC822localPart", NID_rFC822localPart, 10,
+ &kObjectData[3308], 0},
+ {"dNSDomain", "dNSDomain", NID_dNSDomain, 10, &kObjectData[3318], 0},
+ {"domainRelatedObject", "domainRelatedObject", NID_domainRelatedObject, 10,
+ &kObjectData[3328], 0},
+ {"friendlyCountry", "friendlyCountry", NID_friendlyCountry, 10,
+ &kObjectData[3338], 0},
+ {"simpleSecurityObject", "simpleSecurityObject", NID_simpleSecurityObject,
+ 10, &kObjectData[3348], 0},
+ {"pilotOrganization", "pilotOrganization", NID_pilotOrganization, 10,
+ &kObjectData[3358], 0},
+ {"pilotDSA", "pilotDSA", NID_pilotDSA, 10, &kObjectData[3368], 0},
+ {"qualityLabelledData", "qualityLabelledData", NID_qualityLabelledData, 10,
+ &kObjectData[3378], 0},
+ {"UID", "userId", NID_userId, 10, &kObjectData[3388], 0},
+ {"textEncodedORAddress", "textEncodedORAddress", NID_textEncodedORAddress,
+ 10, &kObjectData[3398], 0},
+ {"mail", "rfc822Mailbox", NID_rfc822Mailbox, 10, &kObjectData[3408], 0},
+ {"info", "info", NID_info, 10, &kObjectData[3418], 0},
+ {"favouriteDrink", "favouriteDrink", NID_favouriteDrink, 10,
+ &kObjectData[3428], 0},
+ {"roomNumber", "roomNumber", NID_roomNumber, 10, &kObjectData[3438], 0},
+ {"photo", "photo", NID_photo, 10, &kObjectData[3448], 0},
+ {"userClass", "userClass", NID_userClass, 10, &kObjectData[3458], 0},
+ {"host", "host", NID_host, 10, &kObjectData[3468], 0},
+ {"manager", "manager", NID_manager, 10, &kObjectData[3478], 0},
+ {"documentIdentifier", "documentIdentifier", NID_documentIdentifier, 10,
+ &kObjectData[3488], 0},
+ {"documentTitle", "documentTitle", NID_documentTitle, 10,
+ &kObjectData[3498], 0},
+ {"documentVersion", "documentVersion", NID_documentVersion, 10,
+ &kObjectData[3508], 0},
+ {"documentAuthor", "documentAuthor", NID_documentAuthor, 10,
+ &kObjectData[3518], 0},
+ {"documentLocation", "documentLocation", NID_documentLocation, 10,
+ &kObjectData[3528], 0},
+ {"homeTelephoneNumber", "homeTelephoneNumber", NID_homeTelephoneNumber, 10,
+ &kObjectData[3538], 0},
+ {"secretary", "secretary", NID_secretary, 10, &kObjectData[3548], 0},
+ {"otherMailbox", "otherMailbox", NID_otherMailbox, 10, &kObjectData[3558],
+ 0},
+ {"lastModifiedTime", "lastModifiedTime", NID_lastModifiedTime, 10,
+ &kObjectData[3568], 0},
+ {"lastModifiedBy", "lastModifiedBy", NID_lastModifiedBy, 10,
+ &kObjectData[3578], 0},
+ {"aRecord", "aRecord", NID_aRecord, 10, &kObjectData[3588], 0},
+ {"pilotAttributeType27", "pilotAttributeType27", NID_pilotAttributeType27,
+ 10, &kObjectData[3598], 0},
+ {"mXRecord", "mXRecord", NID_mXRecord, 10, &kObjectData[3608], 0},
+ {"nSRecord", "nSRecord", NID_nSRecord, 10, &kObjectData[3618], 0},
+ {"sOARecord", "sOARecord", NID_sOARecord, 10, &kObjectData[3628], 0},
+ {"cNAMERecord", "cNAMERecord", NID_cNAMERecord, 10, &kObjectData[3638], 0},
+ {"associatedDomain", "associatedDomain", NID_associatedDomain, 10,
+ &kObjectData[3648], 0},
+ {"associatedName", "associatedName", NID_associatedName, 10,
+ &kObjectData[3658], 0},
+ {"homePostalAddress", "homePostalAddress", NID_homePostalAddress, 10,
+ &kObjectData[3668], 0},
+ {"personalTitle", "personalTitle", NID_personalTitle, 10,
+ &kObjectData[3678], 0},
+ {"mobileTelephoneNumber", "mobileTelephoneNumber",
+ NID_mobileTelephoneNumber, 10, &kObjectData[3688], 0},
+ {"pagerTelephoneNumber", "pagerTelephoneNumber", NID_pagerTelephoneNumber,
+ 10, &kObjectData[3698], 0},
+ {"friendlyCountryName", "friendlyCountryName", NID_friendlyCountryName, 10,
+ &kObjectData[3708], 0},
+ {"organizationalStatus", "organizationalStatus", NID_organizationalStatus,
+ 10, &kObjectData[3718], 0},
+ {"janetMailbox", "janetMailbox", NID_janetMailbox, 10, &kObjectData[3728],
+ 0},
+ {"mailPreferenceOption", "mailPreferenceOption", NID_mailPreferenceOption,
+ 10, &kObjectData[3738], 0},
+ {"buildingName", "buildingName", NID_buildingName, 10, &kObjectData[3748],
+ 0},
+ {"dSAQuality", "dSAQuality", NID_dSAQuality, 10, &kObjectData[3758], 0},
+ {"singleLevelQuality", "singleLevelQuality", NID_singleLevelQuality, 10,
+ &kObjectData[3768], 0},
+ {"subtreeMinimumQuality", "subtreeMinimumQuality",
+ NID_subtreeMinimumQuality, 10, &kObjectData[3778], 0},
+ {"subtreeMaximumQuality", "subtreeMaximumQuality",
+ NID_subtreeMaximumQuality, 10, &kObjectData[3788], 0},
+ {"personalSignature", "personalSignature", NID_personalSignature, 10,
+ &kObjectData[3798], 0},
+ {"dITRedirect", "dITRedirect", NID_dITRedirect, 10, &kObjectData[3808], 0},
+ {"audio", "audio", NID_audio, 10, &kObjectData[3818], 0},
+ {"documentPublisher", "documentPublisher", NID_documentPublisher, 10,
+ &kObjectData[3828], 0},
+ {"x500UniqueIdentifier", "x500UniqueIdentifier", NID_x500UniqueIdentifier,
+ 3, &kObjectData[3838], 0},
+ {"mime-mhs", "MIME MHS", NID_mime_mhs, 5, &kObjectData[3841], 0},
+ {"mime-mhs-headings", "mime-mhs-headings", NID_mime_mhs_headings, 6,
+ &kObjectData[3846], 0},
+ {"mime-mhs-bodies", "mime-mhs-bodies", NID_mime_mhs_bodies, 6,
+ &kObjectData[3852], 0},
+ {"id-hex-partial-message", "id-hex-partial-message",
+ NID_id_hex_partial_message, 7, &kObjectData[3858], 0},
+ {"id-hex-multipart-message", "id-hex-multipart-message",
+ NID_id_hex_multipart_message, 7, &kObjectData[3865], 0},
+ {"generationQualifier", "generationQualifier", NID_generationQualifier, 3,
+ &kObjectData[3872], 0},
+ {"pseudonym", "pseudonym", NID_pseudonym, 3, &kObjectData[3875], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"id-set", "Secure Electronic Transactions", NID_id_set, 2,
+ &kObjectData[3878], 0},
+ {"set-ctype", "content types", NID_set_ctype, 3, &kObjectData[3880], 0},
+ {"set-msgExt", "message extensions", NID_set_msgExt, 3, &kObjectData[3883],
+ 0},
+ {"set-attr", "set-attr", NID_set_attr, 3, &kObjectData[3886], 0},
+ {"set-policy", "set-policy", NID_set_policy, 3, &kObjectData[3889], 0},
+ {"set-certExt", "certificate extensions", NID_set_certExt, 3,
+ &kObjectData[3892], 0},
+ {"set-brand", "set-brand", NID_set_brand, 3, &kObjectData[3895], 0},
+ {"setct-PANData", "setct-PANData", NID_setct_PANData, 4, &kObjectData[3898],
+ 0},
+ {"setct-PANToken", "setct-PANToken", NID_setct_PANToken, 4,
+ &kObjectData[3902], 0},
+ {"setct-PANOnly", "setct-PANOnly", NID_setct_PANOnly, 4, &kObjectData[3906],
+ 0},
+ {"setct-OIData", "setct-OIData", NID_setct_OIData, 4, &kObjectData[3910],
+ 0},
+ {"setct-PI", "setct-PI", NID_setct_PI, 4, &kObjectData[3914], 0},
+ {"setct-PIData", "setct-PIData", NID_setct_PIData, 4, &kObjectData[3918],
+ 0},
+ {"setct-PIDataUnsigned", "setct-PIDataUnsigned", NID_setct_PIDataUnsigned,
+ 4, &kObjectData[3922], 0},
+ {"setct-HODInput", "setct-HODInput", NID_setct_HODInput, 4,
+ &kObjectData[3926], 0},
+ {"setct-AuthResBaggage", "setct-AuthResBaggage", NID_setct_AuthResBaggage,
+ 4, &kObjectData[3930], 0},
+ {"setct-AuthRevReqBaggage", "setct-AuthRevReqBaggage",
+ NID_setct_AuthRevReqBaggage, 4, &kObjectData[3934], 0},
+ {"setct-AuthRevResBaggage", "setct-AuthRevResBaggage",
+ NID_setct_AuthRevResBaggage, 4, &kObjectData[3938], 0},
+ {"setct-CapTokenSeq", "setct-CapTokenSeq", NID_setct_CapTokenSeq, 4,
+ &kObjectData[3942], 0},
+ {"setct-PInitResData", "setct-PInitResData", NID_setct_PInitResData, 4,
+ &kObjectData[3946], 0},
+ {"setct-PI-TBS", "setct-PI-TBS", NID_setct_PI_TBS, 4, &kObjectData[3950],
+ 0},
+ {"setct-PResData", "setct-PResData", NID_setct_PResData, 4,
+ &kObjectData[3954], 0},
+ {"setct-AuthReqTBS", "setct-AuthReqTBS", NID_setct_AuthReqTBS, 4,
+ &kObjectData[3958], 0},
+ {"setct-AuthResTBS", "setct-AuthResTBS", NID_setct_AuthResTBS, 4,
+ &kObjectData[3962], 0},
+ {"setct-AuthResTBSX", "setct-AuthResTBSX", NID_setct_AuthResTBSX, 4,
+ &kObjectData[3966], 0},
+ {"setct-AuthTokenTBS", "setct-AuthTokenTBS", NID_setct_AuthTokenTBS, 4,
+ &kObjectData[3970], 0},
+ {"setct-CapTokenData", "setct-CapTokenData", NID_setct_CapTokenData, 4,
+ &kObjectData[3974], 0},
+ {"setct-CapTokenTBS", "setct-CapTokenTBS", NID_setct_CapTokenTBS, 4,
+ &kObjectData[3978], 0},
+ {"setct-AcqCardCodeMsg", "setct-AcqCardCodeMsg", NID_setct_AcqCardCodeMsg,
+ 4, &kObjectData[3982], 0},
+ {"setct-AuthRevReqTBS", "setct-AuthRevReqTBS", NID_setct_AuthRevReqTBS, 4,
+ &kObjectData[3986], 0},
+ {"setct-AuthRevResData", "setct-AuthRevResData", NID_setct_AuthRevResData,
+ 4, &kObjectData[3990], 0},
+ {"setct-AuthRevResTBS", "setct-AuthRevResTBS", NID_setct_AuthRevResTBS, 4,
+ &kObjectData[3994], 0},
+ {"setct-CapReqTBS", "setct-CapReqTBS", NID_setct_CapReqTBS, 4,
+ &kObjectData[3998], 0},
+ {"setct-CapReqTBSX", "setct-CapReqTBSX", NID_setct_CapReqTBSX, 4,
+ &kObjectData[4002], 0},
+ {"setct-CapResData", "setct-CapResData", NID_setct_CapResData, 4,
+ &kObjectData[4006], 0},
+ {"setct-CapRevReqTBS", "setct-CapRevReqTBS", NID_setct_CapRevReqTBS, 4,
+ &kObjectData[4010], 0},
+ {"setct-CapRevReqTBSX", "setct-CapRevReqTBSX", NID_setct_CapRevReqTBSX, 4,
+ &kObjectData[4014], 0},
+ {"setct-CapRevResData", "setct-CapRevResData", NID_setct_CapRevResData, 4,
+ &kObjectData[4018], 0},
+ {"setct-CredReqTBS", "setct-CredReqTBS", NID_setct_CredReqTBS, 4,
+ &kObjectData[4022], 0},
+ {"setct-CredReqTBSX", "setct-CredReqTBSX", NID_setct_CredReqTBSX, 4,
+ &kObjectData[4026], 0},
+ {"setct-CredResData", "setct-CredResData", NID_setct_CredResData, 4,
+ &kObjectData[4030], 0},
+ {"setct-CredRevReqTBS", "setct-CredRevReqTBS", NID_setct_CredRevReqTBS, 4,
+ &kObjectData[4034], 0},
+ {"setct-CredRevReqTBSX", "setct-CredRevReqTBSX", NID_setct_CredRevReqTBSX,
+ 4, &kObjectData[4038], 0},
+ {"setct-CredRevResData", "setct-CredRevResData", NID_setct_CredRevResData,
+ 4, &kObjectData[4042], 0},
+ {"setct-PCertReqData", "setct-PCertReqData", NID_setct_PCertReqData, 4,
+ &kObjectData[4046], 0},
+ {"setct-PCertResTBS", "setct-PCertResTBS", NID_setct_PCertResTBS, 4,
+ &kObjectData[4050], 0},
+ {"setct-BatchAdminReqData", "setct-BatchAdminReqData",
+ NID_setct_BatchAdminReqData, 4, &kObjectData[4054], 0},
+ {"setct-BatchAdminResData", "setct-BatchAdminResData",
+ NID_setct_BatchAdminResData, 4, &kObjectData[4058], 0},
+ {"setct-CardCInitResTBS", "setct-CardCInitResTBS",
+ NID_setct_CardCInitResTBS, 4, &kObjectData[4062], 0},
+ {"setct-MeAqCInitResTBS", "setct-MeAqCInitResTBS",
+ NID_setct_MeAqCInitResTBS, 4, &kObjectData[4066], 0},
+ {"setct-RegFormResTBS", "setct-RegFormResTBS", NID_setct_RegFormResTBS, 4,
+ &kObjectData[4070], 0},
+ {"setct-CertReqData", "setct-CertReqData", NID_setct_CertReqData, 4,
+ &kObjectData[4074], 0},
+ {"setct-CertReqTBS", "setct-CertReqTBS", NID_setct_CertReqTBS, 4,
+ &kObjectData[4078], 0},
+ {"setct-CertResData", "setct-CertResData", NID_setct_CertResData, 4,
+ &kObjectData[4082], 0},
+ {"setct-CertInqReqTBS", "setct-CertInqReqTBS", NID_setct_CertInqReqTBS, 4,
+ &kObjectData[4086], 0},
+ {"setct-ErrorTBS", "setct-ErrorTBS", NID_setct_ErrorTBS, 4,
+ &kObjectData[4090], 0},
+ {"setct-PIDualSignedTBE", "setct-PIDualSignedTBE",
+ NID_setct_PIDualSignedTBE, 4, &kObjectData[4094], 0},
+ {"setct-PIUnsignedTBE", "setct-PIUnsignedTBE", NID_setct_PIUnsignedTBE, 4,
+ &kObjectData[4098], 0},
+ {"setct-AuthReqTBE", "setct-AuthReqTBE", NID_setct_AuthReqTBE, 4,
+ &kObjectData[4102], 0},
+ {"setct-AuthResTBE", "setct-AuthResTBE", NID_setct_AuthResTBE, 4,
+ &kObjectData[4106], 0},
+ {"setct-AuthResTBEX", "setct-AuthResTBEX", NID_setct_AuthResTBEX, 4,
+ &kObjectData[4110], 0},
+ {"setct-AuthTokenTBE", "setct-AuthTokenTBE", NID_setct_AuthTokenTBE, 4,
+ &kObjectData[4114], 0},
+ {"setct-CapTokenTBE", "setct-CapTokenTBE", NID_setct_CapTokenTBE, 4,
+ &kObjectData[4118], 0},
+ {"setct-CapTokenTBEX", "setct-CapTokenTBEX", NID_setct_CapTokenTBEX, 4,
+ &kObjectData[4122], 0},
+ {"setct-AcqCardCodeMsgTBE", "setct-AcqCardCodeMsgTBE",
+ NID_setct_AcqCardCodeMsgTBE, 4, &kObjectData[4126], 0},
+ {"setct-AuthRevReqTBE", "setct-AuthRevReqTBE", NID_setct_AuthRevReqTBE, 4,
+ &kObjectData[4130], 0},
+ {"setct-AuthRevResTBE", "setct-AuthRevResTBE", NID_setct_AuthRevResTBE, 4,
+ &kObjectData[4134], 0},
+ {"setct-AuthRevResTBEB", "setct-AuthRevResTBEB", NID_setct_AuthRevResTBEB,
+ 4, &kObjectData[4138], 0},
+ {"setct-CapReqTBE", "setct-CapReqTBE", NID_setct_CapReqTBE, 4,
+ &kObjectData[4142], 0},
+ {"setct-CapReqTBEX", "setct-CapReqTBEX", NID_setct_CapReqTBEX, 4,
+ &kObjectData[4146], 0},
+ {"setct-CapResTBE", "setct-CapResTBE", NID_setct_CapResTBE, 4,
+ &kObjectData[4150], 0},
+ {"setct-CapRevReqTBE", "setct-CapRevReqTBE", NID_setct_CapRevReqTBE, 4,
+ &kObjectData[4154], 0},
+ {"setct-CapRevReqTBEX", "setct-CapRevReqTBEX", NID_setct_CapRevReqTBEX, 4,
+ &kObjectData[4158], 0},
+ {"setct-CapRevResTBE", "setct-CapRevResTBE", NID_setct_CapRevResTBE, 4,
+ &kObjectData[4162], 0},
+ {"setct-CredReqTBE", "setct-CredReqTBE", NID_setct_CredReqTBE, 4,
+ &kObjectData[4166], 0},
+ {"setct-CredReqTBEX", "setct-CredReqTBEX", NID_setct_CredReqTBEX, 4,
+ &kObjectData[4170], 0},
+ {"setct-CredResTBE", "setct-CredResTBE", NID_setct_CredResTBE, 4,
+ &kObjectData[4174], 0},
+ {"setct-CredRevReqTBE", "setct-CredRevReqTBE", NID_setct_CredRevReqTBE, 4,
+ &kObjectData[4178], 0},
+ {"setct-CredRevReqTBEX", "setct-CredRevReqTBEX", NID_setct_CredRevReqTBEX,
+ 4, &kObjectData[4182], 0},
+ {"setct-CredRevResTBE", "setct-CredRevResTBE", NID_setct_CredRevResTBE, 4,
+ &kObjectData[4186], 0},
+ {"setct-BatchAdminReqTBE", "setct-BatchAdminReqTBE",
+ NID_setct_BatchAdminReqTBE, 4, &kObjectData[4190], 0},
+ {"setct-BatchAdminResTBE", "setct-BatchAdminResTBE",
+ NID_setct_BatchAdminResTBE, 4, &kObjectData[4194], 0},
+ {"setct-RegFormReqTBE", "setct-RegFormReqTBE", NID_setct_RegFormReqTBE, 4,
+ &kObjectData[4198], 0},
+ {"setct-CertReqTBE", "setct-CertReqTBE", NID_setct_CertReqTBE, 4,
+ &kObjectData[4202], 0},
+ {"setct-CertReqTBEX", "setct-CertReqTBEX", NID_setct_CertReqTBEX, 4,
+ &kObjectData[4206], 0},
+ {"setct-CertResTBE", "setct-CertResTBE", NID_setct_CertResTBE, 4,
+ &kObjectData[4210], 0},
+ {"setct-CRLNotificationTBS", "setct-CRLNotificationTBS",
+ NID_setct_CRLNotificationTBS, 4, &kObjectData[4214], 0},
+ {"setct-CRLNotificationResTBS", "setct-CRLNotificationResTBS",
+ NID_setct_CRLNotificationResTBS, 4, &kObjectData[4218], 0},
+ {"setct-BCIDistributionTBS", "setct-BCIDistributionTBS",
+ NID_setct_BCIDistributionTBS, 4, &kObjectData[4222], 0},
+ {"setext-genCrypt", "generic cryptogram", NID_setext_genCrypt, 4,
+ &kObjectData[4226], 0},
+ {"setext-miAuth", "merchant initiated auth", NID_setext_miAuth, 4,
+ &kObjectData[4230], 0},
+ {"setext-pinSecure", "setext-pinSecure", NID_setext_pinSecure, 4,
+ &kObjectData[4234], 0},
+ {"setext-pinAny", "setext-pinAny", NID_setext_pinAny, 4, &kObjectData[4238],
+ 0},
+ {"setext-track2", "setext-track2", NID_setext_track2, 4, &kObjectData[4242],
+ 0},
+ {"setext-cv", "additional verification", NID_setext_cv, 4,
+ &kObjectData[4246], 0},
+ {"set-policy-root", "set-policy-root", NID_set_policy_root, 4,
+ &kObjectData[4250], 0},
+ {"setCext-hashedRoot", "setCext-hashedRoot", NID_setCext_hashedRoot, 4,
+ &kObjectData[4254], 0},
+ {"setCext-certType", "setCext-certType", NID_setCext_certType, 4,
+ &kObjectData[4258], 0},
+ {"setCext-merchData", "setCext-merchData", NID_setCext_merchData, 4,
+ &kObjectData[4262], 0},
+ {"setCext-cCertRequired", "setCext-cCertRequired",
+ NID_setCext_cCertRequired, 4, &kObjectData[4266], 0},
+ {"setCext-tunneling", "setCext-tunneling", NID_setCext_tunneling, 4,
+ &kObjectData[4270], 0},
+ {"setCext-setExt", "setCext-setExt", NID_setCext_setExt, 4,
+ &kObjectData[4274], 0},
+ {"setCext-setQualf", "setCext-setQualf", NID_setCext_setQualf, 4,
+ &kObjectData[4278], 0},
+ {"setCext-PGWYcapabilities", "setCext-PGWYcapabilities",
+ NID_setCext_PGWYcapabilities, 4, &kObjectData[4282], 0},
+ {"setCext-TokenIdentifier", "setCext-TokenIdentifier",
+ NID_setCext_TokenIdentifier, 4, &kObjectData[4286], 0},
+ {"setCext-Track2Data", "setCext-Track2Data", NID_setCext_Track2Data, 4,
+ &kObjectData[4290], 0},
+ {"setCext-TokenType", "setCext-TokenType", NID_setCext_TokenType, 4,
+ &kObjectData[4294], 0},
+ {"setCext-IssuerCapabilities", "setCext-IssuerCapabilities",
+ NID_setCext_IssuerCapabilities, 4, &kObjectData[4298], 0},
+ {"setAttr-Cert", "setAttr-Cert", NID_setAttr_Cert, 4, &kObjectData[4302],
+ 0},
+ {"setAttr-PGWYcap", "payment gateway capabilities", NID_setAttr_PGWYcap, 4,
+ &kObjectData[4306], 0},
+ {"setAttr-TokenType", "setAttr-TokenType", NID_setAttr_TokenType, 4,
+ &kObjectData[4310], 0},
+ {"setAttr-IssCap", "issuer capabilities", NID_setAttr_IssCap, 4,
+ &kObjectData[4314], 0},
+ {"set-rootKeyThumb", "set-rootKeyThumb", NID_set_rootKeyThumb, 5,
+ &kObjectData[4318], 0},
+ {"set-addPolicy", "set-addPolicy", NID_set_addPolicy, 5, &kObjectData[4323],
+ 0},
+ {"setAttr-Token-EMV", "setAttr-Token-EMV", NID_setAttr_Token_EMV, 5,
+ &kObjectData[4328], 0},
+ {"setAttr-Token-B0Prime", "setAttr-Token-B0Prime",
+ NID_setAttr_Token_B0Prime, 5, &kObjectData[4333], 0},
+ {"setAttr-IssCap-CVM", "setAttr-IssCap-CVM", NID_setAttr_IssCap_CVM, 5,
+ &kObjectData[4338], 0},
+ {"setAttr-IssCap-T2", "setAttr-IssCap-T2", NID_setAttr_IssCap_T2, 5,
+ &kObjectData[4343], 0},
+ {"setAttr-IssCap-Sig", "setAttr-IssCap-Sig", NID_setAttr_IssCap_Sig, 5,
+ &kObjectData[4348], 0},
+ {"setAttr-GenCryptgrm", "generate cryptogram", NID_setAttr_GenCryptgrm, 6,
+ &kObjectData[4353], 0},
+ {"setAttr-T2Enc", "encrypted track 2", NID_setAttr_T2Enc, 6,
+ &kObjectData[4359], 0},
+ {"setAttr-T2cleartxt", "cleartext track 2", NID_setAttr_T2cleartxt, 6,
+ &kObjectData[4365], 0},
+ {"setAttr-TokICCsig", "ICC or token signature", NID_setAttr_TokICCsig, 6,
+ &kObjectData[4371], 0},
+ {"setAttr-SecDevSig", "secure device signature", NID_setAttr_SecDevSig, 6,
+ &kObjectData[4377], 0},
+ {"set-brand-IATA-ATA", "set-brand-IATA-ATA", NID_set_brand_IATA_ATA, 4,
+ &kObjectData[4383], 0},
+ {"set-brand-Diners", "set-brand-Diners", NID_set_brand_Diners, 4,
+ &kObjectData[4387], 0},
+ {"set-brand-AmericanExpress", "set-brand-AmericanExpress",
+ NID_set_brand_AmericanExpress, 4, &kObjectData[4391], 0},
+ {"set-brand-JCB", "set-brand-JCB", NID_set_brand_JCB, 4, &kObjectData[4395],
+ 0},
+ {"set-brand-Visa", "set-brand-Visa", NID_set_brand_Visa, 4,
+ &kObjectData[4399], 0},
+ {"set-brand-MasterCard", "set-brand-MasterCard", NID_set_brand_MasterCard,
+ 4, &kObjectData[4403], 0},
+ {"set-brand-Novus", "set-brand-Novus", NID_set_brand_Novus, 5,
+ &kObjectData[4407], 0},
+ {"DES-CDMF", "des-cdmf", NID_des_cdmf, 8, &kObjectData[4412], 0},
+ {"rsaOAEPEncryptionSET", "rsaOAEPEncryptionSET", NID_rsaOAEPEncryptionSET,
+ 9, &kObjectData[4420], 0},
+ {"ITU-T", "itu-t", NID_itu_t, 0, NULL, 0},
+ {"JOINT-ISO-ITU-T", "joint-iso-itu-t", NID_joint_iso_itu_t, 0, NULL, 0},
+ {"international-organizations", "International Organizations",
+ NID_international_organizations, 1, &kObjectData[4429], 0},
+ {"msSmartcardLogin", "Microsoft Smartcardlogin", NID_ms_smartcard_login, 10,
+ &kObjectData[4430], 0},
+ {"msUPN", "Microsoft Universal Principal Name", NID_ms_upn, 10,
+ &kObjectData[4440], 0},
+ {"AES-128-CFB1", "aes-128-cfb1", NID_aes_128_cfb1, 0, NULL, 0},
+ {"AES-192-CFB1", "aes-192-cfb1", NID_aes_192_cfb1, 0, NULL, 0},
+ {"AES-256-CFB1", "aes-256-cfb1", NID_aes_256_cfb1, 0, NULL, 0},
+ {"AES-128-CFB8", "aes-128-cfb8", NID_aes_128_cfb8, 0, NULL, 0},
+ {"AES-192-CFB8", "aes-192-cfb8", NID_aes_192_cfb8, 0, NULL, 0},
+ {"AES-256-CFB8", "aes-256-cfb8", NID_aes_256_cfb8, 0, NULL, 0},
+ {"DES-CFB1", "des-cfb1", NID_des_cfb1, 0, NULL, 0},
+ {"DES-CFB8", "des-cfb8", NID_des_cfb8, 0, NULL, 0},
+ {"DES-EDE3-CFB1", "des-ede3-cfb1", NID_des_ede3_cfb1, 0, NULL, 0},
+ {"DES-EDE3-CFB8", "des-ede3-cfb8", NID_des_ede3_cfb8, 0, NULL, 0},
+ {"street", "streetAddress", NID_streetAddress, 3, &kObjectData[4450], 0},
+ {"postalCode", "postalCode", NID_postalCode, 3, &kObjectData[4453], 0},
+ {"id-ppl", "id-ppl", NID_id_ppl, 7, &kObjectData[4456], 0},
+ {"proxyCertInfo", "Proxy Certificate Information", NID_proxyCertInfo, 8,
+ &kObjectData[4463], 0},
+ {"id-ppl-anyLanguage", "Any language", NID_id_ppl_anyLanguage, 8,
+ &kObjectData[4471], 0},
+ {"id-ppl-inheritAll", "Inherit all", NID_id_ppl_inheritAll, 8,
+ &kObjectData[4479], 0},
+ {"nameConstraints", "X509v3 Name Constraints", NID_name_constraints, 3,
+ &kObjectData[4487], 0},
+ {"id-ppl-independent", "Independent", NID_Independent, 8,
+ &kObjectData[4490], 0},
+ {"RSA-SHA256", "sha256WithRSAEncryption", NID_sha256WithRSAEncryption, 9,
+ &kObjectData[4498], 0},
+ {"RSA-SHA384", "sha384WithRSAEncryption", NID_sha384WithRSAEncryption, 9,
+ &kObjectData[4507], 0},
+ {"RSA-SHA512", "sha512WithRSAEncryption", NID_sha512WithRSAEncryption, 9,
+ &kObjectData[4516], 0},
+ {"RSA-SHA224", "sha224WithRSAEncryption", NID_sha224WithRSAEncryption, 9,
+ &kObjectData[4525], 0},
+ {"SHA256", "sha256", NID_sha256, 9, &kObjectData[4534], 0},
+ {"SHA384", "sha384", NID_sha384, 9, &kObjectData[4543], 0},
+ {"SHA512", "sha512", NID_sha512, 9, &kObjectData[4552], 0},
+ {"SHA224", "sha224", NID_sha224, 9, &kObjectData[4561], 0},
+ {"identified-organization", "identified-organization",
+ NID_identified_organization, 1, &kObjectData[4570], 0},
+ {"certicom-arc", "certicom-arc", NID_certicom_arc, 3, &kObjectData[4571],
+ 0},
+ {"wap", "wap", NID_wap, 2, &kObjectData[4574], 0},
+ {"wap-wsg", "wap-wsg", NID_wap_wsg, 3, &kObjectData[4576], 0},
+ {"id-characteristic-two-basis", "id-characteristic-two-basis",
+ NID_X9_62_id_characteristic_two_basis, 8, &kObjectData[4579], 0},
+ {"onBasis", "onBasis", NID_X9_62_onBasis, 9, &kObjectData[4587], 0},
+ {"tpBasis", "tpBasis", NID_X9_62_tpBasis, 9, &kObjectData[4596], 0},
+ {"ppBasis", "ppBasis", NID_X9_62_ppBasis, 9, &kObjectData[4605], 0},
+ {"c2pnb163v1", "c2pnb163v1", NID_X9_62_c2pnb163v1, 8, &kObjectData[4614],
+ 0},
+ {"c2pnb163v2", "c2pnb163v2", NID_X9_62_c2pnb163v2, 8, &kObjectData[4622],
+ 0},
+ {"c2pnb163v3", "c2pnb163v3", NID_X9_62_c2pnb163v3, 8, &kObjectData[4630],
+ 0},
+ {"c2pnb176v1", "c2pnb176v1", NID_X9_62_c2pnb176v1, 8, &kObjectData[4638],
+ 0},
+ {"c2tnb191v1", "c2tnb191v1", NID_X9_62_c2tnb191v1, 8, &kObjectData[4646],
+ 0},
+ {"c2tnb191v2", "c2tnb191v2", NID_X9_62_c2tnb191v2, 8, &kObjectData[4654],
+ 0},
+ {"c2tnb191v3", "c2tnb191v3", NID_X9_62_c2tnb191v3, 8, &kObjectData[4662],
+ 0},
+ {"c2onb191v4", "c2onb191v4", NID_X9_62_c2onb191v4, 8, &kObjectData[4670],
+ 0},
+ {"c2onb191v5", "c2onb191v5", NID_X9_62_c2onb191v5, 8, &kObjectData[4678],
+ 0},
+ {"c2pnb208w1", "c2pnb208w1", NID_X9_62_c2pnb208w1, 8, &kObjectData[4686],
+ 0},
+ {"c2tnb239v1", "c2tnb239v1", NID_X9_62_c2tnb239v1, 8, &kObjectData[4694],
+ 0},
+ {"c2tnb239v2", "c2tnb239v2", NID_X9_62_c2tnb239v2, 8, &kObjectData[4702],
+ 0},
+ {"c2tnb239v3", "c2tnb239v3", NID_X9_62_c2tnb239v3, 8, &kObjectData[4710],
+ 0},
+ {"c2onb239v4", "c2onb239v4", NID_X9_62_c2onb239v4, 8, &kObjectData[4718],
+ 0},
+ {"c2onb239v5", "c2onb239v5", NID_X9_62_c2onb239v5, 8, &kObjectData[4726],
+ 0},
+ {"c2pnb272w1", "c2pnb272w1", NID_X9_62_c2pnb272w1, 8, &kObjectData[4734],
+ 0},
+ {"c2pnb304w1", "c2pnb304w1", NID_X9_62_c2pnb304w1, 8, &kObjectData[4742],
+ 0},
+ {"c2tnb359v1", "c2tnb359v1", NID_X9_62_c2tnb359v1, 8, &kObjectData[4750],
+ 0},
+ {"c2pnb368w1", "c2pnb368w1", NID_X9_62_c2pnb368w1, 8, &kObjectData[4758],
+ 0},
+ {"c2tnb431r1", "c2tnb431r1", NID_X9_62_c2tnb431r1, 8, &kObjectData[4766],
+ 0},
+ {"secp112r1", "secp112r1", NID_secp112r1, 5, &kObjectData[4774], 0},
+ {"secp112r2", "secp112r2", NID_secp112r2, 5, &kObjectData[4779], 0},
+ {"secp128r1", "secp128r1", NID_secp128r1, 5, &kObjectData[4784], 0},
+ {"secp128r2", "secp128r2", NID_secp128r2, 5, &kObjectData[4789], 0},
+ {"secp160k1", "secp160k1", NID_secp160k1, 5, &kObjectData[4794], 0},
+ {"secp160r1", "secp160r1", NID_secp160r1, 5, &kObjectData[4799], 0},
+ {"secp160r2", "secp160r2", NID_secp160r2, 5, &kObjectData[4804], 0},
+ {"secp192k1", "secp192k1", NID_secp192k1, 5, &kObjectData[4809], 0},
+ {"secp224k1", "secp224k1", NID_secp224k1, 5, &kObjectData[4814], 0},
+ {"secp224r1", "secp224r1", NID_secp224r1, 5, &kObjectData[4819], 0},
+ {"secp256k1", "secp256k1", NID_secp256k1, 5, &kObjectData[4824], 0},
+ {"secp384r1", "secp384r1", NID_secp384r1, 5, &kObjectData[4829], 0},
+ {"secp521r1", "secp521r1", NID_secp521r1, 5, &kObjectData[4834], 0},
+ {"sect113r1", "sect113r1", NID_sect113r1, 5, &kObjectData[4839], 0},
+ {"sect113r2", "sect113r2", NID_sect113r2, 5, &kObjectData[4844], 0},
+ {"sect131r1", "sect131r1", NID_sect131r1, 5, &kObjectData[4849], 0},
+ {"sect131r2", "sect131r2", NID_sect131r2, 5, &kObjectData[4854], 0},
+ {"sect163k1", "sect163k1", NID_sect163k1, 5, &kObjectData[4859], 0},
+ {"sect163r1", "sect163r1", NID_sect163r1, 5, &kObjectData[4864], 0},
+ {"sect163r2", "sect163r2", NID_sect163r2, 5, &kObjectData[4869], 0},
+ {"sect193r1", "sect193r1", NID_sect193r1, 5, &kObjectData[4874], 0},
+ {"sect193r2", "sect193r2", NID_sect193r2, 5, &kObjectData[4879], 0},
+ {"sect233k1", "sect233k1", NID_sect233k1, 5, &kObjectData[4884], 0},
+ {"sect233r1", "sect233r1", NID_sect233r1, 5, &kObjectData[4889], 0},
+ {"sect239k1", "sect239k1", NID_sect239k1, 5, &kObjectData[4894], 0},
+ {"sect283k1", "sect283k1", NID_sect283k1, 5, &kObjectData[4899], 0},
+ {"sect283r1", "sect283r1", NID_sect283r1, 5, &kObjectData[4904], 0},
+ {"sect409k1", "sect409k1", NID_sect409k1, 5, &kObjectData[4909], 0},
+ {"sect409r1", "sect409r1", NID_sect409r1, 5, &kObjectData[4914], 0},
+ {"sect571k1", "sect571k1", NID_sect571k1, 5, &kObjectData[4919], 0},
+ {"sect571r1", "sect571r1", NID_sect571r1, 5, &kObjectData[4924], 0},
+ {"wap-wsg-idm-ecid-wtls1", "wap-wsg-idm-ecid-wtls1",
+ NID_wap_wsg_idm_ecid_wtls1, 5, &kObjectData[4929], 0},
+ {"wap-wsg-idm-ecid-wtls3", "wap-wsg-idm-ecid-wtls3",
+ NID_wap_wsg_idm_ecid_wtls3, 5, &kObjectData[4934], 0},
+ {"wap-wsg-idm-ecid-wtls4", "wap-wsg-idm-ecid-wtls4",
+ NID_wap_wsg_idm_ecid_wtls4, 5, &kObjectData[4939], 0},
+ {"wap-wsg-idm-ecid-wtls5", "wap-wsg-idm-ecid-wtls5",
+ NID_wap_wsg_idm_ecid_wtls5, 5, &kObjectData[4944], 0},
+ {"wap-wsg-idm-ecid-wtls6", "wap-wsg-idm-ecid-wtls6",
+ NID_wap_wsg_idm_ecid_wtls6, 5, &kObjectData[4949], 0},
+ {"wap-wsg-idm-ecid-wtls7", "wap-wsg-idm-ecid-wtls7",
+ NID_wap_wsg_idm_ecid_wtls7, 5, &kObjectData[4954], 0},
+ {"wap-wsg-idm-ecid-wtls8", "wap-wsg-idm-ecid-wtls8",
+ NID_wap_wsg_idm_ecid_wtls8, 5, &kObjectData[4959], 0},
+ {"wap-wsg-idm-ecid-wtls9", "wap-wsg-idm-ecid-wtls9",
+ NID_wap_wsg_idm_ecid_wtls9, 5, &kObjectData[4964], 0},
+ {"wap-wsg-idm-ecid-wtls10", "wap-wsg-idm-ecid-wtls10",
+ NID_wap_wsg_idm_ecid_wtls10, 5, &kObjectData[4969], 0},
+ {"wap-wsg-idm-ecid-wtls11", "wap-wsg-idm-ecid-wtls11",
+ NID_wap_wsg_idm_ecid_wtls11, 5, &kObjectData[4974], 0},
+ {"wap-wsg-idm-ecid-wtls12", "wap-wsg-idm-ecid-wtls12",
+ NID_wap_wsg_idm_ecid_wtls12, 5, &kObjectData[4979], 0},
+ {"anyPolicy", "X509v3 Any Policy", NID_any_policy, 4, &kObjectData[4984],
+ 0},
+ {"policyMappings", "X509v3 Policy Mappings", NID_policy_mappings, 3,
+ &kObjectData[4988], 0},
+ {"inhibitAnyPolicy", "X509v3 Inhibit Any Policy", NID_inhibit_any_policy, 3,
+ &kObjectData[4991], 0},
+ {"Oakley-EC2N-3", "ipsec3", NID_ipsec3, 0, NULL, 0},
+ {"Oakley-EC2N-4", "ipsec4", NID_ipsec4, 0, NULL, 0},
+ {"CAMELLIA-128-CBC", "camellia-128-cbc", NID_camellia_128_cbc, 11,
+ &kObjectData[4994], 0},
+ {"CAMELLIA-192-CBC", "camellia-192-cbc", NID_camellia_192_cbc, 11,
+ &kObjectData[5005], 0},
+ {"CAMELLIA-256-CBC", "camellia-256-cbc", NID_camellia_256_cbc, 11,
+ &kObjectData[5016], 0},
+ {"CAMELLIA-128-ECB", "camellia-128-ecb", NID_camellia_128_ecb, 8,
+ &kObjectData[5027], 0},
+ {"CAMELLIA-192-ECB", "camellia-192-ecb", NID_camellia_192_ecb, 8,
+ &kObjectData[5035], 0},
+ {"CAMELLIA-256-ECB", "camellia-256-ecb", NID_camellia_256_ecb, 8,
+ &kObjectData[5043], 0},
+ {"CAMELLIA-128-CFB", "camellia-128-cfb", NID_camellia_128_cfb128, 8,
+ &kObjectData[5051], 0},
+ {"CAMELLIA-192-CFB", "camellia-192-cfb", NID_camellia_192_cfb128, 8,
+ &kObjectData[5059], 0},
+ {"CAMELLIA-256-CFB", "camellia-256-cfb", NID_camellia_256_cfb128, 8,
+ &kObjectData[5067], 0},
+ {"CAMELLIA-128-CFB1", "camellia-128-cfb1", NID_camellia_128_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-192-CFB1", "camellia-192-cfb1", NID_camellia_192_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-256-CFB1", "camellia-256-cfb1", NID_camellia_256_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-128-CFB8", "camellia-128-cfb8", NID_camellia_128_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-192-CFB8", "camellia-192-cfb8", NID_camellia_192_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-256-CFB8", "camellia-256-cfb8", NID_camellia_256_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-128-OFB", "camellia-128-ofb", NID_camellia_128_ofb128, 8,
+ &kObjectData[5075], 0},
+ {"CAMELLIA-192-OFB", "camellia-192-ofb", NID_camellia_192_ofb128, 8,
+ &kObjectData[5083], 0},
+ {"CAMELLIA-256-OFB", "camellia-256-ofb", NID_camellia_256_ofb128, 8,
+ &kObjectData[5091], 0},
+ {"subjectDirectoryAttributes", "X509v3 Subject Directory Attributes",
+ NID_subject_directory_attributes, 3, &kObjectData[5099], 0},
+ {"issuingDistributionPoint", "X509v3 Issuing Distribution Point",
+ NID_issuing_distribution_point, 3, &kObjectData[5102], 0},
+ {"certificateIssuer", "X509v3 Certificate Issuer", NID_certificate_issuer,
+ 3, &kObjectData[5105], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"KISA", "kisa", NID_kisa, 6, &kObjectData[5108], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"SEED-ECB", "seed-ecb", NID_seed_ecb, 8, &kObjectData[5114], 0},
+ {"SEED-CBC", "seed-cbc", NID_seed_cbc, 8, &kObjectData[5122], 0},
+ {"SEED-OFB", "seed-ofb", NID_seed_ofb128, 8, &kObjectData[5130], 0},
+ {"SEED-CFB", "seed-cfb", NID_seed_cfb128, 8, &kObjectData[5138], 0},
+ {"HMAC-MD5", "hmac-md5", NID_hmac_md5, 8, &kObjectData[5146], 0},
+ {"HMAC-SHA1", "hmac-sha1", NID_hmac_sha1, 8, &kObjectData[5154], 0},
+ {"id-PasswordBasedMAC", "password based MAC", NID_id_PasswordBasedMAC, 9,
+ &kObjectData[5162], 0},
+ {"id-DHBasedMac", "Diffie-Hellman based MAC", NID_id_DHBasedMac, 9,
+ &kObjectData[5171], 0},
+ {"id-it-suppLangTags", "id-it-suppLangTags", NID_id_it_suppLangTags, 8,
+ &kObjectData[5180], 0},
+ {"caRepository", "CA Repository", NID_caRepository, 8, &kObjectData[5188],
+ 0},
+ {"id-smime-ct-compressedData", "id-smime-ct-compressedData",
+ NID_id_smime_ct_compressedData, 11, &kObjectData[5196], 0},
+ {"id-ct-asciiTextWithCRLF", "id-ct-asciiTextWithCRLF",
+ NID_id_ct_asciiTextWithCRLF, 11, &kObjectData[5207], 0},
+ {"id-aes128-wrap", "id-aes128-wrap", NID_id_aes128_wrap, 9,
+ &kObjectData[5218], 0},
+ {"id-aes192-wrap", "id-aes192-wrap", NID_id_aes192_wrap, 9,
+ &kObjectData[5227], 0},
+ {"id-aes256-wrap", "id-aes256-wrap", NID_id_aes256_wrap, 9,
+ &kObjectData[5236], 0},
+ {"ecdsa-with-Recommended", "ecdsa-with-Recommended",
+ NID_ecdsa_with_Recommended, 7, &kObjectData[5245], 0},
+ {"ecdsa-with-Specified", "ecdsa-with-Specified", NID_ecdsa_with_Specified,
+ 7, &kObjectData[5252], 0},
+ {"ecdsa-with-SHA224", "ecdsa-with-SHA224", NID_ecdsa_with_SHA224, 8,
+ &kObjectData[5259], 0},
+ {"ecdsa-with-SHA256", "ecdsa-with-SHA256", NID_ecdsa_with_SHA256, 8,
+ &kObjectData[5267], 0},
+ {"ecdsa-with-SHA384", "ecdsa-with-SHA384", NID_ecdsa_with_SHA384, 8,
+ &kObjectData[5275], 0},
+ {"ecdsa-with-SHA512", "ecdsa-with-SHA512", NID_ecdsa_with_SHA512, 8,
+ &kObjectData[5283], 0},
+ {"hmacWithMD5", "hmacWithMD5", NID_hmacWithMD5, 8, &kObjectData[5291], 0},
+ {"hmacWithSHA224", "hmacWithSHA224", NID_hmacWithSHA224, 8,
+ &kObjectData[5299], 0},
+ {"hmacWithSHA256", "hmacWithSHA256", NID_hmacWithSHA256, 8,
+ &kObjectData[5307], 0},
+ {"hmacWithSHA384", "hmacWithSHA384", NID_hmacWithSHA384, 8,
+ &kObjectData[5315], 0},
+ {"hmacWithSHA512", "hmacWithSHA512", NID_hmacWithSHA512, 8,
+ &kObjectData[5323], 0},
+ {"dsa_with_SHA224", "dsa_with_SHA224", NID_dsa_with_SHA224, 9,
+ &kObjectData[5331], 0},
+ {"dsa_with_SHA256", "dsa_with_SHA256", NID_dsa_with_SHA256, 9,
+ &kObjectData[5340], 0},
+ {"whirlpool", "whirlpool", NID_whirlpool, 6, &kObjectData[5349], 0},
+ {"cryptopro", "cryptopro", NID_cryptopro, 5, &kObjectData[5355], 0},
+ {"cryptocom", "cryptocom", NID_cryptocom, 5, &kObjectData[5360], 0},
+ {"id-GostR3411-94-with-GostR3410-2001",
+ "GOST R 34.11-94 with GOST R 34.10-2001",
+ NID_id_GostR3411_94_with_GostR3410_2001, 6, &kObjectData[5365], 0},
+ {"id-GostR3411-94-with-GostR3410-94",
+ "GOST R 34.11-94 with GOST R 34.10-94",
+ NID_id_GostR3411_94_with_GostR3410_94, 6, &kObjectData[5371], 0},
+ {"md_gost94", "GOST R 34.11-94", NID_id_GostR3411_94, 6, &kObjectData[5377],
+ 0},
+ {"id-HMACGostR3411-94", "HMAC GOST 34.11-94", NID_id_HMACGostR3411_94, 6,
+ &kObjectData[5383], 0},
+ {"gost2001", "GOST R 34.10-2001", NID_id_GostR3410_2001, 6,
+ &kObjectData[5389], 0},
+ {"gost94", "GOST R 34.10-94", NID_id_GostR3410_94, 6, &kObjectData[5395],
+ 0},
+ {"gost89", "GOST 28147-89", NID_id_Gost28147_89, 6, &kObjectData[5401], 0},
+ {"gost89-cnt", "gost89-cnt", NID_gost89_cnt, 0, NULL, 0},
+ {"gost-mac", "GOST 28147-89 MAC", NID_id_Gost28147_89_MAC, 6,
+ &kObjectData[5407], 0},
+ {"prf-gostr3411-94", "GOST R 34.11-94 PRF", NID_id_GostR3411_94_prf, 6,
+ &kObjectData[5413], 0},
+ {"id-GostR3410-2001DH", "GOST R 34.10-2001 DH", NID_id_GostR3410_2001DH, 6,
+ &kObjectData[5419], 0},
+ {"id-GostR3410-94DH", "GOST R 34.10-94 DH", NID_id_GostR3410_94DH, 6,
+ &kObjectData[5425], 0},
+ {"id-Gost28147-89-CryptoPro-KeyMeshing",
+ "id-Gost28147-89-CryptoPro-KeyMeshing",
+ NID_id_Gost28147_89_CryptoPro_KeyMeshing, 7, &kObjectData[5431], 0},
+ {"id-Gost28147-89-None-KeyMeshing", "id-Gost28147-89-None-KeyMeshing",
+ NID_id_Gost28147_89_None_KeyMeshing, 7, &kObjectData[5438], 0},
+ {"id-GostR3411-94-TestParamSet", "id-GostR3411-94-TestParamSet",
+ NID_id_GostR3411_94_TestParamSet, 7, &kObjectData[5445], 0},
+ {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet",
+ NID_id_GostR3411_94_CryptoProParamSet, 7, &kObjectData[5452], 0},
+ {"id-Gost28147-89-TestParamSet", "id-Gost28147-89-TestParamSet",
+ NID_id_Gost28147_89_TestParamSet, 7, &kObjectData[5459], 0},
+ {"id-Gost28147-89-CryptoPro-A-ParamSet",
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_A_ParamSet, 7, &kObjectData[5466], 0},
+ {"id-Gost28147-89-CryptoPro-B-ParamSet",
+ "id-Gost28147-89-CryptoPro-B-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_B_ParamSet, 7, &kObjectData[5473], 0},
+ {"id-Gost28147-89-CryptoPro-C-ParamSet",
+ "id-Gost28147-89-CryptoPro-C-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_C_ParamSet, 7, &kObjectData[5480], 0},
+ {"id-Gost28147-89-CryptoPro-D-ParamSet",
+ "id-Gost28147-89-CryptoPro-D-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_D_ParamSet, 7, &kObjectData[5487], 0},
+ {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+ "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet, 7, &kObjectData[5494],
+ 0},
+ {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+ "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet, 7, &kObjectData[5501],
+ 0},
+ {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+ "id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet, 7, &kObjectData[5508], 0},
+ {"id-GostR3410-94-TestParamSet", "id-GostR3410-94-TestParamSet",
+ NID_id_GostR3410_94_TestParamSet, 7, &kObjectData[5515], 0},
+ {"id-GostR3410-94-CryptoPro-A-ParamSet",
+ "id-GostR3410-94-CryptoPro-A-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_A_ParamSet, 7, &kObjectData[5522], 0},
+ {"id-GostR3410-94-CryptoPro-B-ParamSet",
+ "id-GostR3410-94-CryptoPro-B-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_B_ParamSet, 7, &kObjectData[5529], 0},
+ {"id-GostR3410-94-CryptoPro-C-ParamSet",
+ "id-GostR3410-94-CryptoPro-C-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_C_ParamSet, 7, &kObjectData[5536], 0},
+ {"id-GostR3410-94-CryptoPro-D-ParamSet",
+ "id-GostR3410-94-CryptoPro-D-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_D_ParamSet, 7, &kObjectData[5543], 0},
+ {"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchA-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchA_ParamSet, 7, &kObjectData[5550], 0},
+ {"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchB-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchB_ParamSet, 7, &kObjectData[5557], 0},
+ {"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchC-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchC_ParamSet, 7, &kObjectData[5564], 0},
+ {"id-GostR3410-2001-TestParamSet", "id-GostR3410-2001-TestParamSet",
+ NID_id_GostR3410_2001_TestParamSet, 7, &kObjectData[5571], 0},
+ {"id-GostR3410-2001-CryptoPro-A-ParamSet",
+ "id-GostR3410-2001-CryptoPro-A-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_A_ParamSet, 7, &kObjectData[5578], 0},
+ {"id-GostR3410-2001-CryptoPro-B-ParamSet",
+ "id-GostR3410-2001-CryptoPro-B-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_B_ParamSet, 7, &kObjectData[5585], 0},
+ {"id-GostR3410-2001-CryptoPro-C-ParamSet",
+ "id-GostR3410-2001-CryptoPro-C-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_C_ParamSet, 7, &kObjectData[5592], 0},
+ {"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+ "id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, 7, &kObjectData[5599], 0},
+ {"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+ "id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, 7, &kObjectData[5606], 0},
+ {"id-GostR3410-94-a", "id-GostR3410-94-a", NID_id_GostR3410_94_a, 7,
+ &kObjectData[5613], 0},
+ {"id-GostR3410-94-aBis", "id-GostR3410-94-aBis", NID_id_GostR3410_94_aBis,
+ 7, &kObjectData[5620], 0},
+ {"id-GostR3410-94-b", "id-GostR3410-94-b", NID_id_GostR3410_94_b, 7,
+ &kObjectData[5627], 0},
+ {"id-GostR3410-94-bBis", "id-GostR3410-94-bBis", NID_id_GostR3410_94_bBis,
+ 7, &kObjectData[5634], 0},
+ {"id-Gost28147-89-cc", "GOST 28147-89 Cryptocom ParamSet",
+ NID_id_Gost28147_89_cc, 8, &kObjectData[5641], 0},
+ {"gost94cc", "GOST 34.10-94 Cryptocom", NID_id_GostR3410_94_cc, 8,
+ &kObjectData[5649], 0},
+ {"gost2001cc", "GOST 34.10-2001 Cryptocom", NID_id_GostR3410_2001_cc, 8,
+ &kObjectData[5657], 0},
+ {"id-GostR3411-94-with-GostR3410-94-cc",
+ "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
+ NID_id_GostR3411_94_with_GostR3410_94_cc, 8, &kObjectData[5665], 0},
+ {"id-GostR3411-94-with-GostR3410-2001-cc",
+ "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
+ NID_id_GostR3411_94_with_GostR3410_2001_cc, 8, &kObjectData[5673], 0},
+ {"id-GostR3410-2001-ParamSet-cc",
+ "GOST R 3410-2001 Parameter Set Cryptocom",
+ NID_id_GostR3410_2001_ParamSet_cc, 8, &kObjectData[5681], 0},
+ {"HMAC", "hmac", NID_hmac, 0, NULL, 0},
+ {"LocalKeySet", "Microsoft Local Key set", NID_LocalKeySet, 9,
+ &kObjectData[5689], 0},
+ {"freshestCRL", "X509v3 Freshest CRL", NID_freshest_crl, 3,
+ &kObjectData[5698], 0},
+ {"id-on-permanentIdentifier", "Permanent Identifier",
+ NID_id_on_permanentIdentifier, 8, &kObjectData[5701], 0},
+ {"searchGuide", "searchGuide", NID_searchGuide, 3, &kObjectData[5709], 0},
+ {"businessCategory", "businessCategory", NID_businessCategory, 3,
+ &kObjectData[5712], 0},
+ {"postalAddress", "postalAddress", NID_postalAddress, 3, &kObjectData[5715],
+ 0},
+ {"postOfficeBox", "postOfficeBox", NID_postOfficeBox, 3, &kObjectData[5718],
+ 0},
+ {"physicalDeliveryOfficeName", "physicalDeliveryOfficeName",
+ NID_physicalDeliveryOfficeName, 3, &kObjectData[5721], 0},
+ {"telephoneNumber", "telephoneNumber", NID_telephoneNumber, 3,
+ &kObjectData[5724], 0},
+ {"telexNumber", "telexNumber", NID_telexNumber, 3, &kObjectData[5727], 0},
+ {"teletexTerminalIdentifier", "teletexTerminalIdentifier",
+ NID_teletexTerminalIdentifier, 3, &kObjectData[5730], 0},
+ {"facsimileTelephoneNumber", "facsimileTelephoneNumber",
+ NID_facsimileTelephoneNumber, 3, &kObjectData[5733], 0},
+ {"x121Address", "x121Address", NID_x121Address, 3, &kObjectData[5736], 0},
+ {"internationaliSDNNumber", "internationaliSDNNumber",
+ NID_internationaliSDNNumber, 3, &kObjectData[5739], 0},
+ {"registeredAddress", "registeredAddress", NID_registeredAddress, 3,
+ &kObjectData[5742], 0},
+ {"destinationIndicator", "destinationIndicator", NID_destinationIndicator,
+ 3, &kObjectData[5745], 0},
+ {"preferredDeliveryMethod", "preferredDeliveryMethod",
+ NID_preferredDeliveryMethod, 3, &kObjectData[5748], 0},
+ {"presentationAddress", "presentationAddress", NID_presentationAddress, 3,
+ &kObjectData[5751], 0},
+ {"supportedApplicationContext", "supportedApplicationContext",
+ NID_supportedApplicationContext, 3, &kObjectData[5754], 0},
+ {"member", "member", NID_member, 3, &kObjectData[5757], 0},
+ {"owner", "owner", NID_owner, 3, &kObjectData[5760], 0},
+ {"roleOccupant", "roleOccupant", NID_roleOccupant, 3, &kObjectData[5763],
+ 0},
+ {"seeAlso", "seeAlso", NID_seeAlso, 3, &kObjectData[5766], 0},
+ {"userPassword", "userPassword", NID_userPassword, 3, &kObjectData[5769],
+ 0},
+ {"userCertificate", "userCertificate", NID_userCertificate, 3,
+ &kObjectData[5772], 0},
+ {"cACertificate", "cACertificate", NID_cACertificate, 3, &kObjectData[5775],
+ 0},
+ {"authorityRevocationList", "authorityRevocationList",
+ NID_authorityRevocationList, 3, &kObjectData[5778], 0},
+ {"certificateRevocationList", "certificateRevocationList",
+ NID_certificateRevocationList, 3, &kObjectData[5781], 0},
+ {"crossCertificatePair", "crossCertificatePair", NID_crossCertificatePair,
+ 3, &kObjectData[5784], 0},
+ {"enhancedSearchGuide", "enhancedSearchGuide", NID_enhancedSearchGuide, 3,
+ &kObjectData[5787], 0},
+ {"protocolInformation", "protocolInformation", NID_protocolInformation, 3,
+ &kObjectData[5790], 0},
+ {"distinguishedName", "distinguishedName", NID_distinguishedName, 3,
+ &kObjectData[5793], 0},
+ {"uniqueMember", "uniqueMember", NID_uniqueMember, 3, &kObjectData[5796],
+ 0},
+ {"houseIdentifier", "houseIdentifier", NID_houseIdentifier, 3,
+ &kObjectData[5799], 0},
+ {"supportedAlgorithms", "supportedAlgorithms", NID_supportedAlgorithms, 3,
+ &kObjectData[5802], 0},
+ {"deltaRevocationList", "deltaRevocationList", NID_deltaRevocationList, 3,
+ &kObjectData[5805], 0},
+ {"dmdName", "dmdName", NID_dmdName, 3, &kObjectData[5808], 0},
+ {"id-alg-PWRI-KEK", "id-alg-PWRI-KEK", NID_id_alg_PWRI_KEK, 11,
+ &kObjectData[5811], 0},
+ {"CMAC", "cmac", NID_cmac, 0, NULL, 0},
+ {"id-aes128-GCM", "aes-128-gcm", NID_aes_128_gcm, 9, &kObjectData[5822], 0},
+ {"id-aes128-CCM", "aes-128-ccm", NID_aes_128_ccm, 9, &kObjectData[5831], 0},
+ {"id-aes128-wrap-pad", "id-aes128-wrap-pad", NID_id_aes128_wrap_pad, 9,
+ &kObjectData[5840], 0},
+ {"id-aes192-GCM", "aes-192-gcm", NID_aes_192_gcm, 9, &kObjectData[5849], 0},
+ {"id-aes192-CCM", "aes-192-ccm", NID_aes_192_ccm, 9, &kObjectData[5858], 0},
+ {"id-aes192-wrap-pad", "id-aes192-wrap-pad", NID_id_aes192_wrap_pad, 9,
+ &kObjectData[5867], 0},
+ {"id-aes256-GCM", "aes-256-gcm", NID_aes_256_gcm, 9, &kObjectData[5876], 0},
+ {"id-aes256-CCM", "aes-256-ccm", NID_aes_256_ccm, 9, &kObjectData[5885], 0},
+ {"id-aes256-wrap-pad", "id-aes256-wrap-pad", NID_id_aes256_wrap_pad, 9,
+ &kObjectData[5894], 0},
+ {"AES-128-CTR", "aes-128-ctr", NID_aes_128_ctr, 0, NULL, 0},
+ {"AES-192-CTR", "aes-192-ctr", NID_aes_192_ctr, 0, NULL, 0},
+ {"AES-256-CTR", "aes-256-ctr", NID_aes_256_ctr, 0, NULL, 0},
+ {"id-camellia128-wrap", "id-camellia128-wrap", NID_id_camellia128_wrap, 11,
+ &kObjectData[5903], 0},
+ {"id-camellia192-wrap", "id-camellia192-wrap", NID_id_camellia192_wrap, 11,
+ &kObjectData[5914], 0},
+ {"id-camellia256-wrap", "id-camellia256-wrap", NID_id_camellia256_wrap, 11,
+ &kObjectData[5925], 0},
+ {"anyExtendedKeyUsage", "Any Extended Key Usage", NID_anyExtendedKeyUsage,
+ 4, &kObjectData[5936], 0},
+ {"MGF1", "mgf1", NID_mgf1, 9, &kObjectData[5940], 0},
+ {"RSASSA-PSS", "rsassaPss", NID_rsassaPss, 9, &kObjectData[5949], 0},
+ {"AES-128-XTS", "aes-128-xts", NID_aes_128_xts, 0, NULL, 0},
+ {"AES-256-XTS", "aes-256-xts", NID_aes_256_xts, 0, NULL, 0},
+ {"RC4-HMAC-MD5", "rc4-hmac-md5", NID_rc4_hmac_md5, 0, NULL, 0},
+ {"AES-128-CBC-HMAC-SHA1", "aes-128-cbc-hmac-sha1",
+ NID_aes_128_cbc_hmac_sha1, 0, NULL, 0},
+ {"AES-192-CBC-HMAC-SHA1", "aes-192-cbc-hmac-sha1",
+ NID_aes_192_cbc_hmac_sha1, 0, NULL, 0},
+ {"AES-256-CBC-HMAC-SHA1", "aes-256-cbc-hmac-sha1",
+ NID_aes_256_cbc_hmac_sha1, 0, NULL, 0},
+ {"RSAES-OAEP", "rsaesOaep", NID_rsaesOaep, 9, &kObjectData[5958], 0},
+ {"dhpublicnumber", "X9.42 DH", NID_dhpublicnumber, 7, &kObjectData[5967],
+ 0},
+ {"brainpoolP160r1", "brainpoolP160r1", NID_brainpoolP160r1, 9,
+ &kObjectData[5974], 0},
+ {"brainpoolP160t1", "brainpoolP160t1", NID_brainpoolP160t1, 9,
+ &kObjectData[5983], 0},
+ {"brainpoolP192r1", "brainpoolP192r1", NID_brainpoolP192r1, 9,
+ &kObjectData[5992], 0},
+ {"brainpoolP192t1", "brainpoolP192t1", NID_brainpoolP192t1, 9,
+ &kObjectData[6001], 0},
+ {"brainpoolP224r1", "brainpoolP224r1", NID_brainpoolP224r1, 9,
+ &kObjectData[6010], 0},
+ {"brainpoolP224t1", "brainpoolP224t1", NID_brainpoolP224t1, 9,
+ &kObjectData[6019], 0},
+ {"brainpoolP256r1", "brainpoolP256r1", NID_brainpoolP256r1, 9,
+ &kObjectData[6028], 0},
+ {"brainpoolP256t1", "brainpoolP256t1", NID_brainpoolP256t1, 9,
+ &kObjectData[6037], 0},
+ {"brainpoolP320r1", "brainpoolP320r1", NID_brainpoolP320r1, 9,
+ &kObjectData[6046], 0},
+ {"brainpoolP320t1", "brainpoolP320t1", NID_brainpoolP320t1, 9,
+ &kObjectData[6055], 0},
+ {"brainpoolP384r1", "brainpoolP384r1", NID_brainpoolP384r1, 9,
+ &kObjectData[6064], 0},
+ {"brainpoolP384t1", "brainpoolP384t1", NID_brainpoolP384t1, 9,
+ &kObjectData[6073], 0},
+ {"brainpoolP512r1", "brainpoolP512r1", NID_brainpoolP512r1, 9,
+ &kObjectData[6082], 0},
+ {"brainpoolP512t1", "brainpoolP512t1", NID_brainpoolP512t1, 9,
+ &kObjectData[6091], 0},
+ {"PSPECIFIED", "pSpecified", NID_pSpecified, 9, &kObjectData[6100], 0},
+ {"dhSinglePass-stdDH-sha1kdf-scheme", "dhSinglePass-stdDH-sha1kdf-scheme",
+ NID_dhSinglePass_stdDH_sha1kdf_scheme, 9, &kObjectData[6109], 0},
+ {"dhSinglePass-stdDH-sha224kdf-scheme",
+ "dhSinglePass-stdDH-sha224kdf-scheme",
+ NID_dhSinglePass_stdDH_sha224kdf_scheme, 6, &kObjectData[6118], 0},
+ {"dhSinglePass-stdDH-sha256kdf-scheme",
+ "dhSinglePass-stdDH-sha256kdf-scheme",
+ NID_dhSinglePass_stdDH_sha256kdf_scheme, 6, &kObjectData[6124], 0},
+ {"dhSinglePass-stdDH-sha384kdf-scheme",
+ "dhSinglePass-stdDH-sha384kdf-scheme",
+ NID_dhSinglePass_stdDH_sha384kdf_scheme, 6, &kObjectData[6130], 0},
+ {"dhSinglePass-stdDH-sha512kdf-scheme",
+ "dhSinglePass-stdDH-sha512kdf-scheme",
+ NID_dhSinglePass_stdDH_sha512kdf_scheme, 6, &kObjectData[6136], 0},
+ {"dhSinglePass-cofactorDH-sha1kdf-scheme",
+ "dhSinglePass-cofactorDH-sha1kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha1kdf_scheme, 9, &kObjectData[6142], 0},
+ {"dhSinglePass-cofactorDH-sha224kdf-scheme",
+ "dhSinglePass-cofactorDH-sha224kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha224kdf_scheme, 6, &kObjectData[6151], 0},
+ {"dhSinglePass-cofactorDH-sha256kdf-scheme",
+ "dhSinglePass-cofactorDH-sha256kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha256kdf_scheme, 6, &kObjectData[6157], 0},
+ {"dhSinglePass-cofactorDH-sha384kdf-scheme",
+ "dhSinglePass-cofactorDH-sha384kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha384kdf_scheme, 6, &kObjectData[6163], 0},
+ {"dhSinglePass-cofactorDH-sha512kdf-scheme",
+ "dhSinglePass-cofactorDH-sha512kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha512kdf_scheme, 6, &kObjectData[6169], 0},
+ {"dh-std-kdf", "dh-std-kdf", NID_dh_std_kdf, 0, NULL, 0},
+ {"dh-cofactor-kdf", "dh-cofactor-kdf", NID_dh_cofactor_kdf, 0, NULL, 0},
+ {"X25519", "X25519", NID_X25519, 0, NULL, 0},
};
-static const unsigned int kNIDsInShortNameOrder[NUM_SN]={
-364, /* "AD_DVCS" */
-419, /* "AES-128-CBC" */
-916, /* "AES-128-CBC-HMAC-SHA1" */
-421, /* "AES-128-CFB" */
-650, /* "AES-128-CFB1" */
-653, /* "AES-128-CFB8" */
-904, /* "AES-128-CTR" */
-418, /* "AES-128-ECB" */
-420, /* "AES-128-OFB" */
-913, /* "AES-128-XTS" */
-423, /* "AES-192-CBC" */
-917, /* "AES-192-CBC-HMAC-SHA1" */
-425, /* "AES-192-CFB" */
-651, /* "AES-192-CFB1" */
-654, /* "AES-192-CFB8" */
-905, /* "AES-192-CTR" */
-422, /* "AES-192-ECB" */
-424, /* "AES-192-OFB" */
-427, /* "AES-256-CBC" */
-918, /* "AES-256-CBC-HMAC-SHA1" */
-429, /* "AES-256-CFB" */
-652, /* "AES-256-CFB1" */
-655, /* "AES-256-CFB8" */
-906, /* "AES-256-CTR" */
-426, /* "AES-256-ECB" */
-428, /* "AES-256-OFB" */
-914, /* "AES-256-XTS" */
-91, /* "BF-CBC" */
-93, /* "BF-CFB" */
-92, /* "BF-ECB" */
-94, /* "BF-OFB" */
-14, /* "C" */
-751, /* "CAMELLIA-128-CBC" */
-757, /* "CAMELLIA-128-CFB" */
-760, /* "CAMELLIA-128-CFB1" */
-763, /* "CAMELLIA-128-CFB8" */
-754, /* "CAMELLIA-128-ECB" */
-766, /* "CAMELLIA-128-OFB" */
-752, /* "CAMELLIA-192-CBC" */
-758, /* "CAMELLIA-192-CFB" */
-761, /* "CAMELLIA-192-CFB1" */
-764, /* "CAMELLIA-192-CFB8" */
-755, /* "CAMELLIA-192-ECB" */
-767, /* "CAMELLIA-192-OFB" */
-753, /* "CAMELLIA-256-CBC" */
-759, /* "CAMELLIA-256-CFB" */
-762, /* "CAMELLIA-256-CFB1" */
-765, /* "CAMELLIA-256-CFB8" */
-756, /* "CAMELLIA-256-ECB" */
-768, /* "CAMELLIA-256-OFB" */
-108, /* "CAST5-CBC" */
-110, /* "CAST5-CFB" */
-109, /* "CAST5-ECB" */
-111, /* "CAST5-OFB" */
-894, /* "CMAC" */
-13, /* "CN" */
-141, /* "CRLReason" */
-417, /* "CSPName" */
-367, /* "CrlID" */
-391, /* "DC" */
-31, /* "DES-CBC" */
-643, /* "DES-CDMF" */
-30, /* "DES-CFB" */
-656, /* "DES-CFB1" */
-657, /* "DES-CFB8" */
-29, /* "DES-ECB" */
-32, /* "DES-EDE" */
-43, /* "DES-EDE-CBC" */
-60, /* "DES-EDE-CFB" */
-62, /* "DES-EDE-OFB" */
-33, /* "DES-EDE3" */
-44, /* "DES-EDE3-CBC" */
-61, /* "DES-EDE3-CFB" */
-658, /* "DES-EDE3-CFB1" */
-659, /* "DES-EDE3-CFB8" */
-63, /* "DES-EDE3-OFB" */
-45, /* "DES-OFB" */
-80, /* "DESX-CBC" */
-380, /* "DOD" */
-116, /* "DSA" */
-66, /* "DSA-SHA" */
-113, /* "DSA-SHA1" */
-70, /* "DSA-SHA1-old" */
-67, /* "DSA-old" */
-297, /* "DVCS" */
-99, /* "GN" */
-855, /* "HMAC" */
-780, /* "HMAC-MD5" */
-781, /* "HMAC-SHA1" */
-381, /* "IANA" */
-34, /* "IDEA-CBC" */
-35, /* "IDEA-CFB" */
-36, /* "IDEA-ECB" */
-46, /* "IDEA-OFB" */
-181, /* "ISO" */
-183, /* "ISO-US" */
-645, /* "ITU-T" */
-646, /* "JOINT-ISO-ITU-T" */
-773, /* "KISA" */
-15, /* "L" */
-856, /* "LocalKeySet" */
- 3, /* "MD2" */
-257, /* "MD4" */
- 4, /* "MD5" */
-114, /* "MD5-SHA1" */
-95, /* "MDC2" */
-911, /* "MGF1" */
-388, /* "Mail" */
-393, /* "NULL" */
-404, /* "NULL" */
-57, /* "Netscape" */
-366, /* "Nonce" */
-17, /* "O" */
-178, /* "OCSP" */
-180, /* "OCSPSigning" */
-379, /* "ORG" */
-18, /* "OU" */
-749, /* "Oakley-EC2N-3" */
-750, /* "Oakley-EC2N-4" */
- 9, /* "PBE-MD2-DES" */
-168, /* "PBE-MD2-RC2-64" */
-10, /* "PBE-MD5-DES" */
-169, /* "PBE-MD5-RC2-64" */
-147, /* "PBE-SHA1-2DES" */
-146, /* "PBE-SHA1-3DES" */
-170, /* "PBE-SHA1-DES" */
-148, /* "PBE-SHA1-RC2-128" */
-149, /* "PBE-SHA1-RC2-40" */
-68, /* "PBE-SHA1-RC2-64" */
-144, /* "PBE-SHA1-RC4-128" */
-145, /* "PBE-SHA1-RC4-40" */
-161, /* "PBES2" */
-69, /* "PBKDF2" */
-162, /* "PBMAC1" */
-127, /* "PKIX" */
-935, /* "PSPECIFIED" */
-98, /* "RC2-40-CBC" */
-166, /* "RC2-64-CBC" */
-37, /* "RC2-CBC" */
-39, /* "RC2-CFB" */
-38, /* "RC2-ECB" */
-40, /* "RC2-OFB" */
- 5, /* "RC4" */
-97, /* "RC4-40" */
-915, /* "RC4-HMAC-MD5" */
-120, /* "RC5-CBC" */
-122, /* "RC5-CFB" */
-121, /* "RC5-ECB" */
-123, /* "RC5-OFB" */
-117, /* "RIPEMD160" */
-19, /* "RSA" */
- 7, /* "RSA-MD2" */
-396, /* "RSA-MD4" */
- 8, /* "RSA-MD5" */
-96, /* "RSA-MDC2" */
-104, /* "RSA-NP-MD5" */
-119, /* "RSA-RIPEMD160" */
-42, /* "RSA-SHA" */
-65, /* "RSA-SHA1" */
-115, /* "RSA-SHA1-2" */
-671, /* "RSA-SHA224" */
-668, /* "RSA-SHA256" */
-669, /* "RSA-SHA384" */
-670, /* "RSA-SHA512" */
-919, /* "RSAES-OAEP" */
-912, /* "RSASSA-PSS" */
-777, /* "SEED-CBC" */
-779, /* "SEED-CFB" */
-776, /* "SEED-ECB" */
-778, /* "SEED-OFB" */
-41, /* "SHA" */
-64, /* "SHA1" */
-675, /* "SHA224" */
-672, /* "SHA256" */
-673, /* "SHA384" */
-674, /* "SHA512" */
-188, /* "SMIME" */
-167, /* "SMIME-CAPS" */
-100, /* "SN" */
-16, /* "ST" */
-143, /* "SXNetID" */
-458, /* "UID" */
- 0, /* "UNDEF" */
-948, /* "X25519" */
-11, /* "X500" */
-378, /* "X500algorithms" */
-12, /* "X509" */
-184, /* "X9-57" */
-185, /* "X9cm" */
-125, /* "ZLIB" */
-478, /* "aRecord" */
-289, /* "aaControls" */
-287, /* "ac-auditEntity" */
-397, /* "ac-proxying" */
-288, /* "ac-targeting" */
-368, /* "acceptableResponses" */
-446, /* "account" */
-363, /* "ad_timestamping" */
-376, /* "algorithm" */
-405, /* "ansi-X9-62" */
-910, /* "anyExtendedKeyUsage" */
-746, /* "anyPolicy" */
-370, /* "archiveCutoff" */
-484, /* "associatedDomain" */
-485, /* "associatedName" */
-501, /* "audio" */
-177, /* "authorityInfoAccess" */
-90, /* "authorityKeyIdentifier" */
-882, /* "authorityRevocationList" */
-87, /* "basicConstraints" */
-365, /* "basicOCSPResponse" */
-285, /* "biometricInfo" */
-921, /* "brainpoolP160r1" */
-922, /* "brainpoolP160t1" */
-923, /* "brainpoolP192r1" */
-924, /* "brainpoolP192t1" */
-925, /* "brainpoolP224r1" */
-926, /* "brainpoolP224t1" */
-927, /* "brainpoolP256r1" */
-928, /* "brainpoolP256t1" */
-929, /* "brainpoolP320r1" */
-930, /* "brainpoolP320t1" */
-931, /* "brainpoolP384r1" */
-932, /* "brainpoolP384t1" */
-933, /* "brainpoolP512r1" */
-934, /* "brainpoolP512t1" */
-494, /* "buildingName" */
-860, /* "businessCategory" */
-691, /* "c2onb191v4" */
-692, /* "c2onb191v5" */
-697, /* "c2onb239v4" */
-698, /* "c2onb239v5" */
-684, /* "c2pnb163v1" */
-685, /* "c2pnb163v2" */
-686, /* "c2pnb163v3" */
-687, /* "c2pnb176v1" */
-693, /* "c2pnb208w1" */
-699, /* "c2pnb272w1" */
-700, /* "c2pnb304w1" */
-702, /* "c2pnb368w1" */
-688, /* "c2tnb191v1" */
-689, /* "c2tnb191v2" */
-690, /* "c2tnb191v3" */
-694, /* "c2tnb239v1" */
-695, /* "c2tnb239v2" */
-696, /* "c2tnb239v3" */
-701, /* "c2tnb359v1" */
-703, /* "c2tnb431r1" */
-881, /* "cACertificate" */
-483, /* "cNAMERecord" */
-179, /* "caIssuers" */
-785, /* "caRepository" */
-443, /* "caseIgnoreIA5StringSyntax" */
-152, /* "certBag" */
-677, /* "certicom-arc" */
-771, /* "certificateIssuer" */
-89, /* "certificatePolicies" */
-883, /* "certificateRevocationList" */
-54, /* "challengePassword" */
-407, /* "characteristic-two-field" */
-395, /* "clearance" */
-130, /* "clientAuth" */
-131, /* "codeSigning" */
-50, /* "contentType" */
-53, /* "countersignature" */
-153, /* "crlBag" */
-103, /* "crlDistributionPoints" */
-88, /* "crlNumber" */
-884, /* "crossCertificatePair" */
-806, /* "cryptocom" */
-805, /* "cryptopro" */
-500, /* "dITRedirect" */
-451, /* "dNSDomain" */
-495, /* "dSAQuality" */
-434, /* "data" */
-390, /* "dcobject" */
-140, /* "deltaCRL" */
-891, /* "deltaRevocationList" */
-107, /* "description" */
-871, /* "destinationIndicator" */
-947, /* "dh-cofactor-kdf" */
-946, /* "dh-std-kdf" */
-28, /* "dhKeyAgreement" */
-941, /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942, /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943, /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944, /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945, /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936, /* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937, /* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938, /* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939, /* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940, /* "dhSinglePass-stdDH-sha512kdf-scheme" */
-920, /* "dhpublicnumber" */
-382, /* "directory" */
-887, /* "distinguishedName" */
-892, /* "dmdName" */
-174, /* "dnQualifier" */
-447, /* "document" */
-471, /* "documentAuthor" */
-468, /* "documentIdentifier" */
-472, /* "documentLocation" */
-502, /* "documentPublisher" */
-449, /* "documentSeries" */
-469, /* "documentTitle" */
-470, /* "documentVersion" */
-392, /* "domain" */
-452, /* "domainRelatedObject" */
-802, /* "dsa_with_SHA224" */
-803, /* "dsa_with_SHA256" */
-791, /* "ecdsa-with-Recommended" */
-416, /* "ecdsa-with-SHA1" */
-793, /* "ecdsa-with-SHA224" */
-794, /* "ecdsa-with-SHA256" */
-795, /* "ecdsa-with-SHA384" */
-796, /* "ecdsa-with-SHA512" */
-792, /* "ecdsa-with-Specified" */
-48, /* "emailAddress" */
-132, /* "emailProtection" */
-885, /* "enhancedSearchGuide" */
-389, /* "enterprises" */
-384, /* "experimental" */
-172, /* "extReq" */
-56, /* "extendedCertificateAttributes" */
-126, /* "extendedKeyUsage" */
-372, /* "extendedStatus" */
-867, /* "facsimileTelephoneNumber" */
-462, /* "favouriteDrink" */
-857, /* "freshestCRL" */
-453, /* "friendlyCountry" */
-490, /* "friendlyCountryName" */
-156, /* "friendlyName" */
-509, /* "generationQualifier" */
-815, /* "gost-mac" */
-811, /* "gost2001" */
-851, /* "gost2001cc" */
-813, /* "gost89" */
-814, /* "gost89-cnt" */
-812, /* "gost94" */
-850, /* "gost94cc" */
-797, /* "hmacWithMD5" */
-163, /* "hmacWithSHA1" */
-798, /* "hmacWithSHA224" */
-799, /* "hmacWithSHA256" */
-800, /* "hmacWithSHA384" */
-801, /* "hmacWithSHA512" */
-432, /* "holdInstructionCallIssuer" */
-430, /* "holdInstructionCode" */
-431, /* "holdInstructionNone" */
-433, /* "holdInstructionReject" */
-486, /* "homePostalAddress" */
-473, /* "homeTelephoneNumber" */
-466, /* "host" */
-889, /* "houseIdentifier" */
-442, /* "iA5StringSyntax" */
-783, /* "id-DHBasedMac" */
-824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820, /* "id-Gost28147-89-None-KeyMeshing" */
-823, /* "id-Gost28147-89-TestParamSet" */
-849, /* "id-Gost28147-89-cc" */
-840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-854, /* "id-GostR3410-2001-ParamSet-cc" */
-839, /* "id-GostR3410-2001-TestParamSet" */
-817, /* "id-GostR3410-2001DH" */
-832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831, /* "id-GostR3410-94-TestParamSet" */
-845, /* "id-GostR3410-94-a" */
-846, /* "id-GostR3410-94-aBis" */
-847, /* "id-GostR3410-94-b" */
-848, /* "id-GostR3410-94-bBis" */
-818, /* "id-GostR3410-94DH" */
-822, /* "id-GostR3411-94-CryptoProParamSet" */
-821, /* "id-GostR3411-94-TestParamSet" */
-807, /* "id-GostR3411-94-with-GostR3410-2001" */
-853, /* "id-GostR3411-94-with-GostR3410-2001-cc" */
-808, /* "id-GostR3411-94-with-GostR3410-94" */
-852, /* "id-GostR3411-94-with-GostR3410-94-cc" */
-810, /* "id-HMACGostR3411-94" */
-782, /* "id-PasswordBasedMAC" */
-266, /* "id-aca" */
-355, /* "id-aca-accessIdentity" */
-354, /* "id-aca-authenticationInfo" */
-356, /* "id-aca-chargingIdentity" */
-399, /* "id-aca-encAttrs" */
-357, /* "id-aca-group" */
-358, /* "id-aca-role" */
-176, /* "id-ad" */
-896, /* "id-aes128-CCM" */
-895, /* "id-aes128-GCM" */
-788, /* "id-aes128-wrap" */
-897, /* "id-aes128-wrap-pad" */
-899, /* "id-aes192-CCM" */
-898, /* "id-aes192-GCM" */
-789, /* "id-aes192-wrap" */
-900, /* "id-aes192-wrap-pad" */
-902, /* "id-aes256-CCM" */
-901, /* "id-aes256-GCM" */
-790, /* "id-aes256-wrap" */
-903, /* "id-aes256-wrap-pad" */
-262, /* "id-alg" */
-893, /* "id-alg-PWRI-KEK" */
-323, /* "id-alg-des40" */
-326, /* "id-alg-dh-pop" */
-325, /* "id-alg-dh-sig-hmac-sha1" */
-324, /* "id-alg-noSignature" */
-907, /* "id-camellia128-wrap" */
-908, /* "id-camellia192-wrap" */
-909, /* "id-camellia256-wrap" */
-268, /* "id-cct" */
-361, /* "id-cct-PKIData" */
-362, /* "id-cct-PKIResponse" */
-360, /* "id-cct-crs" */
-81, /* "id-ce" */
-680, /* "id-characteristic-two-basis" */
-263, /* "id-cmc" */
-334, /* "id-cmc-addExtensions" */
-346, /* "id-cmc-confirmCertAcceptance" */
-330, /* "id-cmc-dataReturn" */
-336, /* "id-cmc-decryptedPOP" */
-335, /* "id-cmc-encryptedPOP" */
-339, /* "id-cmc-getCRL" */
-338, /* "id-cmc-getCert" */
-328, /* "id-cmc-identification" */
-329, /* "id-cmc-identityProof" */
-337, /* "id-cmc-lraPOPWitness" */
-344, /* "id-cmc-popLinkRandom" */
-345, /* "id-cmc-popLinkWitness" */
-343, /* "id-cmc-queryPending" */
-333, /* "id-cmc-recipientNonce" */
-341, /* "id-cmc-regInfo" */
-342, /* "id-cmc-responseInfo" */
-340, /* "id-cmc-revokeRequest" */
-332, /* "id-cmc-senderNonce" */
-327, /* "id-cmc-statusInfo" */
-331, /* "id-cmc-transactionId" */
-787, /* "id-ct-asciiTextWithCRLF" */
-408, /* "id-ecPublicKey" */
-508, /* "id-hex-multipart-message" */
-507, /* "id-hex-partial-message" */
-260, /* "id-it" */
-302, /* "id-it-caKeyUpdateInfo" */
-298, /* "id-it-caProtEncCert" */
-311, /* "id-it-confirmWaitTime" */
-303, /* "id-it-currentCRL" */
-300, /* "id-it-encKeyPairTypes" */
-310, /* "id-it-implicitConfirm" */
-308, /* "id-it-keyPairParamRep" */
-307, /* "id-it-keyPairParamReq" */
-312, /* "id-it-origPKIMessage" */
-301, /* "id-it-preferredSymmAlg" */
-309, /* "id-it-revPassphrase" */
-299, /* "id-it-signKeyPairTypes" */
-305, /* "id-it-subscriptionRequest" */
-306, /* "id-it-subscriptionResponse" */
-784, /* "id-it-suppLangTags" */
-304, /* "id-it-unsupportedOIDs" */
-128, /* "id-kp" */
-280, /* "id-mod-attribute-cert" */
-274, /* "id-mod-cmc" */
-277, /* "id-mod-cmp" */
-284, /* "id-mod-cmp2000" */
-273, /* "id-mod-crmf" */
-283, /* "id-mod-dvcs" */
-275, /* "id-mod-kea-profile-88" */
-276, /* "id-mod-kea-profile-93" */
-282, /* "id-mod-ocsp" */
-278, /* "id-mod-qualified-cert-88" */
-279, /* "id-mod-qualified-cert-93" */
-281, /* "id-mod-timestamp-protocol" */
-264, /* "id-on" */
-858, /* "id-on-permanentIdentifier" */
-347, /* "id-on-personalData" */
-265, /* "id-pda" */
-352, /* "id-pda-countryOfCitizenship" */
-353, /* "id-pda-countryOfResidence" */
-348, /* "id-pda-dateOfBirth" */
-351, /* "id-pda-gender" */
-349, /* "id-pda-placeOfBirth" */
-175, /* "id-pe" */
-261, /* "id-pkip" */
-258, /* "id-pkix-mod" */
-269, /* "id-pkix1-explicit-88" */
-271, /* "id-pkix1-explicit-93" */
-270, /* "id-pkix1-implicit-88" */
-272, /* "id-pkix1-implicit-93" */
-662, /* "id-ppl" */
-664, /* "id-ppl-anyLanguage" */
-667, /* "id-ppl-independent" */
-665, /* "id-ppl-inheritAll" */
-267, /* "id-qcs" */
-359, /* "id-qcs-pkixQCSyntax-v1" */
-259, /* "id-qt" */
-164, /* "id-qt-cps" */
-165, /* "id-qt-unotice" */
-313, /* "id-regCtrl" */
-316, /* "id-regCtrl-authenticator" */
-319, /* "id-regCtrl-oldCertID" */
-318, /* "id-regCtrl-pkiArchiveOptions" */
-317, /* "id-regCtrl-pkiPublicationInfo" */
-320, /* "id-regCtrl-protocolEncrKey" */
-315, /* "id-regCtrl-regToken" */
-314, /* "id-regInfo" */
-322, /* "id-regInfo-certReq" */
-321, /* "id-regInfo-utf8Pairs" */
-512, /* "id-set" */
-191, /* "id-smime-aa" */
-215, /* "id-smime-aa-contentHint" */
-218, /* "id-smime-aa-contentIdentifier" */
-221, /* "id-smime-aa-contentReference" */
-240, /* "id-smime-aa-dvcs-dvc" */
-217, /* "id-smime-aa-encapContentType" */
-222, /* "id-smime-aa-encrypKeyPref" */
-220, /* "id-smime-aa-equivalentLabels" */
-232, /* "id-smime-aa-ets-CertificateRefs" */
-233, /* "id-smime-aa-ets-RevocationRefs" */
-238, /* "id-smime-aa-ets-archiveTimeStamp" */
-237, /* "id-smime-aa-ets-certCRLTimestamp" */
-234, /* "id-smime-aa-ets-certValues" */
-227, /* "id-smime-aa-ets-commitmentType" */
-231, /* "id-smime-aa-ets-contentTimestamp" */
-236, /* "id-smime-aa-ets-escTimeStamp" */
-230, /* "id-smime-aa-ets-otherSigCert" */
-235, /* "id-smime-aa-ets-revocationValues" */
-226, /* "id-smime-aa-ets-sigPolicyId" */
-229, /* "id-smime-aa-ets-signerAttr" */
-228, /* "id-smime-aa-ets-signerLocation" */
-219, /* "id-smime-aa-macValue" */
-214, /* "id-smime-aa-mlExpandHistory" */
-216, /* "id-smime-aa-msgSigDigest" */
-212, /* "id-smime-aa-receiptRequest" */
-213, /* "id-smime-aa-securityLabel" */
-239, /* "id-smime-aa-signatureType" */
-223, /* "id-smime-aa-signingCertificate" */
-224, /* "id-smime-aa-smimeEncryptCerts" */
-225, /* "id-smime-aa-timeStampToken" */
-192, /* "id-smime-alg" */
-243, /* "id-smime-alg-3DESwrap" */
-246, /* "id-smime-alg-CMS3DESwrap" */
-247, /* "id-smime-alg-CMSRC2wrap" */
-245, /* "id-smime-alg-ESDH" */
-241, /* "id-smime-alg-ESDHwith3DES" */
-242, /* "id-smime-alg-ESDHwithRC2" */
-244, /* "id-smime-alg-RC2wrap" */
-193, /* "id-smime-cd" */
-248, /* "id-smime-cd-ldap" */
-190, /* "id-smime-ct" */
-210, /* "id-smime-ct-DVCSRequestData" */
-211, /* "id-smime-ct-DVCSResponseData" */
-208, /* "id-smime-ct-TDTInfo" */
-207, /* "id-smime-ct-TSTInfo" */
-205, /* "id-smime-ct-authData" */
-786, /* "id-smime-ct-compressedData" */
-209, /* "id-smime-ct-contentInfo" */
-206, /* "id-smime-ct-publishCert" */
-204, /* "id-smime-ct-receipt" */
-195, /* "id-smime-cti" */
-255, /* "id-smime-cti-ets-proofOfApproval" */
-256, /* "id-smime-cti-ets-proofOfCreation" */
-253, /* "id-smime-cti-ets-proofOfDelivery" */
-251, /* "id-smime-cti-ets-proofOfOrigin" */
-252, /* "id-smime-cti-ets-proofOfReceipt" */
-254, /* "id-smime-cti-ets-proofOfSender" */
-189, /* "id-smime-mod" */
-196, /* "id-smime-mod-cms" */
-197, /* "id-smime-mod-ess" */
-202, /* "id-smime-mod-ets-eSigPolicy-88" */
-203, /* "id-smime-mod-ets-eSigPolicy-97" */
-200, /* "id-smime-mod-ets-eSignature-88" */
-201, /* "id-smime-mod-ets-eSignature-97" */
-199, /* "id-smime-mod-msg-v3" */
-198, /* "id-smime-mod-oid" */
-194, /* "id-smime-spq" */
-250, /* "id-smime-spq-ets-sqt-unotice" */
-249, /* "id-smime-spq-ets-sqt-uri" */
-676, /* "identified-organization" */
-461, /* "info" */
-748, /* "inhibitAnyPolicy" */
-101, /* "initials" */
-647, /* "international-organizations" */
-869, /* "internationaliSDNNumber" */
-142, /* "invalidityDate" */
-294, /* "ipsecEndSystem" */
-295, /* "ipsecTunnel" */
-296, /* "ipsecUser" */
-86, /* "issuerAltName" */
-770, /* "issuingDistributionPoint" */
-492, /* "janetMailbox" */
-150, /* "keyBag" */
-83, /* "keyUsage" */
-477, /* "lastModifiedBy" */
-476, /* "lastModifiedTime" */
-157, /* "localKeyID" */
-480, /* "mXRecord" */
-460, /* "mail" */
-493, /* "mailPreferenceOption" */
-467, /* "manager" */
-809, /* "md_gost94" */
-875, /* "member" */
-182, /* "member-body" */
-51, /* "messageDigest" */
-383, /* "mgmt" */
-504, /* "mime-mhs" */
-506, /* "mime-mhs-bodies" */
-505, /* "mime-mhs-headings" */
-488, /* "mobileTelephoneNumber" */
-136, /* "msCTLSign" */
-135, /* "msCodeCom" */
-134, /* "msCodeInd" */
-138, /* "msEFS" */
-171, /* "msExtReq" */
-137, /* "msSGC" */
-648, /* "msSmartcardLogin" */
-649, /* "msUPN" */
-481, /* "nSRecord" */
-173, /* "name" */
-666, /* "nameConstraints" */
-369, /* "noCheck" */
-403, /* "noRevAvail" */
-72, /* "nsBaseUrl" */
-76, /* "nsCaPolicyUrl" */
-74, /* "nsCaRevocationUrl" */
-58, /* "nsCertExt" */
-79, /* "nsCertSequence" */
-71, /* "nsCertType" */
-78, /* "nsComment" */
-59, /* "nsDataType" */
-75, /* "nsRenewalUrl" */
-73, /* "nsRevocationUrl" */
-139, /* "nsSGC" */
-77, /* "nsSslServerName" */
-681, /* "onBasis" */
-491, /* "organizationalStatus" */
-475, /* "otherMailbox" */
-876, /* "owner" */
-489, /* "pagerTelephoneNumber" */
-374, /* "path" */
-112, /* "pbeWithMD5AndCast5CBC" */
-499, /* "personalSignature" */
-487, /* "personalTitle" */
-464, /* "photo" */
-863, /* "physicalDeliveryOfficeName" */
-437, /* "pilot" */
-439, /* "pilotAttributeSyntax" */
-438, /* "pilotAttributeType" */
-479, /* "pilotAttributeType27" */
-456, /* "pilotDSA" */
-441, /* "pilotGroups" */
-444, /* "pilotObject" */
-440, /* "pilotObjectClass" */
-455, /* "pilotOrganization" */
-445, /* "pilotPerson" */
- 2, /* "pkcs" */
-186, /* "pkcs1" */
-27, /* "pkcs3" */
-187, /* "pkcs5" */
-20, /* "pkcs7" */
-21, /* "pkcs7-data" */
-25, /* "pkcs7-digestData" */
-26, /* "pkcs7-encryptedData" */
-23, /* "pkcs7-envelopedData" */
-24, /* "pkcs7-signedAndEnvelopedData" */
-22, /* "pkcs7-signedData" */
-151, /* "pkcs8ShroudedKeyBag" */
-47, /* "pkcs9" */
-401, /* "policyConstraints" */
-747, /* "policyMappings" */
-862, /* "postOfficeBox" */
-861, /* "postalAddress" */
-661, /* "postalCode" */
-683, /* "ppBasis" */
-872, /* "preferredDeliveryMethod" */
-873, /* "presentationAddress" */
-816, /* "prf-gostr3411-94" */
-406, /* "prime-field" */
-409, /* "prime192v1" */
-410, /* "prime192v2" */
-411, /* "prime192v3" */
-412, /* "prime239v1" */
-413, /* "prime239v2" */
-414, /* "prime239v3" */
-415, /* "prime256v1" */
-385, /* "private" */
-84, /* "privateKeyUsagePeriod" */
-886, /* "protocolInformation" */
-663, /* "proxyCertInfo" */
-510, /* "pseudonym" */
-435, /* "pss" */
-286, /* "qcStatements" */
-457, /* "qualityLabelledData" */
-450, /* "rFC822localPart" */
-870, /* "registeredAddress" */
-400, /* "role" */
-877, /* "roleOccupant" */
-448, /* "room" */
-463, /* "roomNumber" */
- 6, /* "rsaEncryption" */
-644, /* "rsaOAEPEncryptionSET" */
-377, /* "rsaSignature" */
- 1, /* "rsadsi" */
-482, /* "sOARecord" */
-155, /* "safeContentsBag" */
-291, /* "sbgp-autonomousSysNum" */
-290, /* "sbgp-ipAddrBlock" */
-292, /* "sbgp-routerIdentifier" */
-159, /* "sdsiCertificate" */
-859, /* "searchGuide" */
-704, /* "secp112r1" */
-705, /* "secp112r2" */
-706, /* "secp128r1" */
-707, /* "secp128r2" */
-708, /* "secp160k1" */
-709, /* "secp160r1" */
-710, /* "secp160r2" */
-711, /* "secp192k1" */
-712, /* "secp224k1" */
-713, /* "secp224r1" */
-714, /* "secp256k1" */
-715, /* "secp384r1" */
-716, /* "secp521r1" */
-154, /* "secretBag" */
-474, /* "secretary" */
-717, /* "sect113r1" */
-718, /* "sect113r2" */
-719, /* "sect131r1" */
-720, /* "sect131r2" */
-721, /* "sect163k1" */
-722, /* "sect163r1" */
-723, /* "sect163r2" */
-724, /* "sect193r1" */
-725, /* "sect193r2" */
-726, /* "sect233k1" */
-727, /* "sect233r1" */
-728, /* "sect239k1" */
-729, /* "sect283k1" */
-730, /* "sect283r1" */
-731, /* "sect409k1" */
-732, /* "sect409r1" */
-733, /* "sect571k1" */
-734, /* "sect571r1" */
-386, /* "security" */
-878, /* "seeAlso" */
-394, /* "selected-attribute-types" */
-105, /* "serialNumber" */
-129, /* "serverAuth" */
-371, /* "serviceLocator" */
-625, /* "set-addPolicy" */
-515, /* "set-attr" */
-518, /* "set-brand" */
-638, /* "set-brand-AmericanExpress" */
-637, /* "set-brand-Diners" */
-636, /* "set-brand-IATA-ATA" */
-639, /* "set-brand-JCB" */
-641, /* "set-brand-MasterCard" */
-642, /* "set-brand-Novus" */
-640, /* "set-brand-Visa" */
-517, /* "set-certExt" */
-513, /* "set-ctype" */
-514, /* "set-msgExt" */
-516, /* "set-policy" */
-607, /* "set-policy-root" */
-624, /* "set-rootKeyThumb" */
-620, /* "setAttr-Cert" */
-631, /* "setAttr-GenCryptgrm" */
-623, /* "setAttr-IssCap" */
-628, /* "setAttr-IssCap-CVM" */
-630, /* "setAttr-IssCap-Sig" */
-629, /* "setAttr-IssCap-T2" */
-621, /* "setAttr-PGWYcap" */
-635, /* "setAttr-SecDevSig" */
-632, /* "setAttr-T2Enc" */
-633, /* "setAttr-T2cleartxt" */
-634, /* "setAttr-TokICCsig" */
-627, /* "setAttr-Token-B0Prime" */
-626, /* "setAttr-Token-EMV" */
-622, /* "setAttr-TokenType" */
-619, /* "setCext-IssuerCapabilities" */
-615, /* "setCext-PGWYcapabilities" */
-616, /* "setCext-TokenIdentifier" */
-618, /* "setCext-TokenType" */
-617, /* "setCext-Track2Data" */
-611, /* "setCext-cCertRequired" */
-609, /* "setCext-certType" */
-608, /* "setCext-hashedRoot" */
-610, /* "setCext-merchData" */
-613, /* "setCext-setExt" */
-614, /* "setCext-setQualf" */
-612, /* "setCext-tunneling" */
-540, /* "setct-AcqCardCodeMsg" */
-576, /* "setct-AcqCardCodeMsgTBE" */
-570, /* "setct-AuthReqTBE" */
-534, /* "setct-AuthReqTBS" */
-527, /* "setct-AuthResBaggage" */
-571, /* "setct-AuthResTBE" */
-572, /* "setct-AuthResTBEX" */
-535, /* "setct-AuthResTBS" */
-536, /* "setct-AuthResTBSX" */
-528, /* "setct-AuthRevReqBaggage" */
-577, /* "setct-AuthRevReqTBE" */
-541, /* "setct-AuthRevReqTBS" */
-529, /* "setct-AuthRevResBaggage" */
-542, /* "setct-AuthRevResData" */
-578, /* "setct-AuthRevResTBE" */
-579, /* "setct-AuthRevResTBEB" */
-543, /* "setct-AuthRevResTBS" */
-573, /* "setct-AuthTokenTBE" */
-537, /* "setct-AuthTokenTBS" */
-600, /* "setct-BCIDistributionTBS" */
-558, /* "setct-BatchAdminReqData" */
-592, /* "setct-BatchAdminReqTBE" */
-559, /* "setct-BatchAdminResData" */
-593, /* "setct-BatchAdminResTBE" */
-599, /* "setct-CRLNotificationResTBS" */
-598, /* "setct-CRLNotificationTBS" */
-580, /* "setct-CapReqTBE" */
-581, /* "setct-CapReqTBEX" */
-544, /* "setct-CapReqTBS" */
-545, /* "setct-CapReqTBSX" */
-546, /* "setct-CapResData" */
-582, /* "setct-CapResTBE" */
-583, /* "setct-CapRevReqTBE" */
-584, /* "setct-CapRevReqTBEX" */
-547, /* "setct-CapRevReqTBS" */
-548, /* "setct-CapRevReqTBSX" */
-549, /* "setct-CapRevResData" */
-585, /* "setct-CapRevResTBE" */
-538, /* "setct-CapTokenData" */
-530, /* "setct-CapTokenSeq" */
-574, /* "setct-CapTokenTBE" */
-575, /* "setct-CapTokenTBEX" */
-539, /* "setct-CapTokenTBS" */
-560, /* "setct-CardCInitResTBS" */
-566, /* "setct-CertInqReqTBS" */
-563, /* "setct-CertReqData" */
-595, /* "setct-CertReqTBE" */
-596, /* "setct-CertReqTBEX" */
-564, /* "setct-CertReqTBS" */
-565, /* "setct-CertResData" */
-597, /* "setct-CertResTBE" */
-586, /* "setct-CredReqTBE" */
-587, /* "setct-CredReqTBEX" */
-550, /* "setct-CredReqTBS" */
-551, /* "setct-CredReqTBSX" */
-552, /* "setct-CredResData" */
-588, /* "setct-CredResTBE" */
-589, /* "setct-CredRevReqTBE" */
-590, /* "setct-CredRevReqTBEX" */
-553, /* "setct-CredRevReqTBS" */
-554, /* "setct-CredRevReqTBSX" */
-555, /* "setct-CredRevResData" */
-591, /* "setct-CredRevResTBE" */
-567, /* "setct-ErrorTBS" */
-526, /* "setct-HODInput" */
-561, /* "setct-MeAqCInitResTBS" */
-522, /* "setct-OIData" */
-519, /* "setct-PANData" */
-521, /* "setct-PANOnly" */
-520, /* "setct-PANToken" */
-556, /* "setct-PCertReqData" */
-557, /* "setct-PCertResTBS" */
-523, /* "setct-PI" */
-532, /* "setct-PI-TBS" */
-524, /* "setct-PIData" */
-525, /* "setct-PIDataUnsigned" */
-568, /* "setct-PIDualSignedTBE" */
-569, /* "setct-PIUnsignedTBE" */
-531, /* "setct-PInitResData" */
-533, /* "setct-PResData" */
-594, /* "setct-RegFormReqTBE" */
-562, /* "setct-RegFormResTBS" */
-606, /* "setext-cv" */
-601, /* "setext-genCrypt" */
-602, /* "setext-miAuth" */
-604, /* "setext-pinAny" */
-603, /* "setext-pinSecure" */
-605, /* "setext-track2" */
-52, /* "signingTime" */
-454, /* "simpleSecurityObject" */
-496, /* "singleLevelQuality" */
-387, /* "snmpv2" */
-660, /* "street" */
-85, /* "subjectAltName" */
-769, /* "subjectDirectoryAttributes" */
-398, /* "subjectInfoAccess" */
-82, /* "subjectKeyIdentifier" */
-498, /* "subtreeMaximumQuality" */
-497, /* "subtreeMinimumQuality" */
-890, /* "supportedAlgorithms" */
-874, /* "supportedApplicationContext" */
-402, /* "targetInformation" */
-864, /* "telephoneNumber" */
-866, /* "teletexTerminalIdentifier" */
-865, /* "telexNumber" */
-459, /* "textEncodedORAddress" */
-293, /* "textNotice" */
-133, /* "timeStamping" */
-106, /* "title" */
-682, /* "tpBasis" */
-375, /* "trustRoot" */
-436, /* "ucl" */
-888, /* "uniqueMember" */
-55, /* "unstructuredAddress" */
-49, /* "unstructuredName" */
-880, /* "userCertificate" */
-465, /* "userClass" */
-879, /* "userPassword" */
-373, /* "valid" */
-678, /* "wap" */
-679, /* "wap-wsg" */
-735, /* "wap-wsg-idm-ecid-wtls1" */
-743, /* "wap-wsg-idm-ecid-wtls10" */
-744, /* "wap-wsg-idm-ecid-wtls11" */
-745, /* "wap-wsg-idm-ecid-wtls12" */
-736, /* "wap-wsg-idm-ecid-wtls3" */
-737, /* "wap-wsg-idm-ecid-wtls4" */
-738, /* "wap-wsg-idm-ecid-wtls5" */
-739, /* "wap-wsg-idm-ecid-wtls6" */
-740, /* "wap-wsg-idm-ecid-wtls7" */
-741, /* "wap-wsg-idm-ecid-wtls8" */
-742, /* "wap-wsg-idm-ecid-wtls9" */
-804, /* "whirlpool" */
-868, /* "x121Address" */
-503, /* "x500UniqueIdentifier" */
-158, /* "x509Certificate" */
-160, /* "x509Crl" */
+static const unsigned kNIDsInShortNameOrder[] = {
+ 364 /* AD_DVCS */,
+ 419 /* AES-128-CBC */,
+ 916 /* AES-128-CBC-HMAC-SHA1 */,
+ 421 /* AES-128-CFB */,
+ 650 /* AES-128-CFB1 */,
+ 653 /* AES-128-CFB8 */,
+ 904 /* AES-128-CTR */,
+ 418 /* AES-128-ECB */,
+ 420 /* AES-128-OFB */,
+ 913 /* AES-128-XTS */,
+ 423 /* AES-192-CBC */,
+ 917 /* AES-192-CBC-HMAC-SHA1 */,
+ 425 /* AES-192-CFB */,
+ 651 /* AES-192-CFB1 */,
+ 654 /* AES-192-CFB8 */,
+ 905 /* AES-192-CTR */,
+ 422 /* AES-192-ECB */,
+ 424 /* AES-192-OFB */,
+ 427 /* AES-256-CBC */,
+ 918 /* AES-256-CBC-HMAC-SHA1 */,
+ 429 /* AES-256-CFB */,
+ 652 /* AES-256-CFB1 */,
+ 655 /* AES-256-CFB8 */,
+ 906 /* AES-256-CTR */,
+ 426 /* AES-256-ECB */,
+ 428 /* AES-256-OFB */,
+ 914 /* AES-256-XTS */,
+ 91 /* BF-CBC */,
+ 93 /* BF-CFB */,
+ 92 /* BF-ECB */,
+ 94 /* BF-OFB */,
+ 14 /* C */,
+ 751 /* CAMELLIA-128-CBC */,
+ 757 /* CAMELLIA-128-CFB */,
+ 760 /* CAMELLIA-128-CFB1 */,
+ 763 /* CAMELLIA-128-CFB8 */,
+ 754 /* CAMELLIA-128-ECB */,
+ 766 /* CAMELLIA-128-OFB */,
+ 752 /* CAMELLIA-192-CBC */,
+ 758 /* CAMELLIA-192-CFB */,
+ 761 /* CAMELLIA-192-CFB1 */,
+ 764 /* CAMELLIA-192-CFB8 */,
+ 755 /* CAMELLIA-192-ECB */,
+ 767 /* CAMELLIA-192-OFB */,
+ 753 /* CAMELLIA-256-CBC */,
+ 759 /* CAMELLIA-256-CFB */,
+ 762 /* CAMELLIA-256-CFB1 */,
+ 765 /* CAMELLIA-256-CFB8 */,
+ 756 /* CAMELLIA-256-ECB */,
+ 768 /* CAMELLIA-256-OFB */,
+ 108 /* CAST5-CBC */,
+ 110 /* CAST5-CFB */,
+ 109 /* CAST5-ECB */,
+ 111 /* CAST5-OFB */,
+ 894 /* CMAC */,
+ 13 /* CN */,
+ 141 /* CRLReason */,
+ 417 /* CSPName */,
+ 367 /* CrlID */,
+ 391 /* DC */,
+ 31 /* DES-CBC */,
+ 643 /* DES-CDMF */,
+ 30 /* DES-CFB */,
+ 656 /* DES-CFB1 */,
+ 657 /* DES-CFB8 */,
+ 29 /* DES-ECB */,
+ 32 /* DES-EDE */,
+ 43 /* DES-EDE-CBC */,
+ 60 /* DES-EDE-CFB */,
+ 62 /* DES-EDE-OFB */,
+ 33 /* DES-EDE3 */,
+ 44 /* DES-EDE3-CBC */,
+ 61 /* DES-EDE3-CFB */,
+ 658 /* DES-EDE3-CFB1 */,
+ 659 /* DES-EDE3-CFB8 */,
+ 63 /* DES-EDE3-OFB */,
+ 45 /* DES-OFB */,
+ 80 /* DESX-CBC */,
+ 380 /* DOD */,
+ 116 /* DSA */,
+ 66 /* DSA-SHA */,
+ 113 /* DSA-SHA1 */,
+ 70 /* DSA-SHA1-old */,
+ 67 /* DSA-old */,
+ 297 /* DVCS */,
+ 99 /* GN */,
+ 855 /* HMAC */,
+ 780 /* HMAC-MD5 */,
+ 781 /* HMAC-SHA1 */,
+ 381 /* IANA */,
+ 34 /* IDEA-CBC */,
+ 35 /* IDEA-CFB */,
+ 36 /* IDEA-ECB */,
+ 46 /* IDEA-OFB */,
+ 181 /* ISO */,
+ 183 /* ISO-US */,
+ 645 /* ITU-T */,
+ 646 /* JOINT-ISO-ITU-T */,
+ 773 /* KISA */,
+ 15 /* L */,
+ 856 /* LocalKeySet */,
+ 3 /* MD2 */,
+ 257 /* MD4 */,
+ 4 /* MD5 */,
+ 114 /* MD5-SHA1 */,
+ 95 /* MDC2 */,
+ 911 /* MGF1 */,
+ 388 /* Mail */,
+ 57 /* Netscape */,
+ 366 /* Nonce */,
+ 17 /* O */,
+ 178 /* OCSP */,
+ 180 /* OCSPSigning */,
+ 379 /* ORG */,
+ 18 /* OU */,
+ 749 /* Oakley-EC2N-3 */,
+ 750 /* Oakley-EC2N-4 */,
+ 9 /* PBE-MD2-DES */,
+ 168 /* PBE-MD2-RC2-64 */,
+ 10 /* PBE-MD5-DES */,
+ 169 /* PBE-MD5-RC2-64 */,
+ 147 /* PBE-SHA1-2DES */,
+ 146 /* PBE-SHA1-3DES */,
+ 170 /* PBE-SHA1-DES */,
+ 148 /* PBE-SHA1-RC2-128 */,
+ 149 /* PBE-SHA1-RC2-40 */,
+ 68 /* PBE-SHA1-RC2-64 */,
+ 144 /* PBE-SHA1-RC4-128 */,
+ 145 /* PBE-SHA1-RC4-40 */,
+ 161 /* PBES2 */,
+ 69 /* PBKDF2 */,
+ 162 /* PBMAC1 */,
+ 127 /* PKIX */,
+ 935 /* PSPECIFIED */,
+ 98 /* RC2-40-CBC */,
+ 166 /* RC2-64-CBC */,
+ 37 /* RC2-CBC */,
+ 39 /* RC2-CFB */,
+ 38 /* RC2-ECB */,
+ 40 /* RC2-OFB */,
+ 5 /* RC4 */,
+ 97 /* RC4-40 */,
+ 915 /* RC4-HMAC-MD5 */,
+ 120 /* RC5-CBC */,
+ 122 /* RC5-CFB */,
+ 121 /* RC5-ECB */,
+ 123 /* RC5-OFB */,
+ 117 /* RIPEMD160 */,
+ 19 /* RSA */,
+ 7 /* RSA-MD2 */,
+ 396 /* RSA-MD4 */,
+ 8 /* RSA-MD5 */,
+ 96 /* RSA-MDC2 */,
+ 104 /* RSA-NP-MD5 */,
+ 119 /* RSA-RIPEMD160 */,
+ 42 /* RSA-SHA */,
+ 65 /* RSA-SHA1 */,
+ 115 /* RSA-SHA1-2 */,
+ 671 /* RSA-SHA224 */,
+ 668 /* RSA-SHA256 */,
+ 669 /* RSA-SHA384 */,
+ 670 /* RSA-SHA512 */,
+ 919 /* RSAES-OAEP */,
+ 912 /* RSASSA-PSS */,
+ 777 /* SEED-CBC */,
+ 779 /* SEED-CFB */,
+ 776 /* SEED-ECB */,
+ 778 /* SEED-OFB */,
+ 41 /* SHA */,
+ 64 /* SHA1 */,
+ 675 /* SHA224 */,
+ 672 /* SHA256 */,
+ 673 /* SHA384 */,
+ 674 /* SHA512 */,
+ 188 /* SMIME */,
+ 167 /* SMIME-CAPS */,
+ 100 /* SN */,
+ 16 /* ST */,
+ 143 /* SXNetID */,
+ 458 /* UID */,
+ 0 /* UNDEF */,
+ 948 /* X25519 */,
+ 11 /* X500 */,
+ 378 /* X500algorithms */,
+ 12 /* X509 */,
+ 184 /* X9-57 */,
+ 185 /* X9cm */,
+ 125 /* ZLIB */,
+ 478 /* aRecord */,
+ 289 /* aaControls */,
+ 287 /* ac-auditEntity */,
+ 397 /* ac-proxying */,
+ 288 /* ac-targeting */,
+ 368 /* acceptableResponses */,
+ 446 /* account */,
+ 363 /* ad_timestamping */,
+ 376 /* algorithm */,
+ 405 /* ansi-X9-62 */,
+ 910 /* anyExtendedKeyUsage */,
+ 746 /* anyPolicy */,
+ 370 /* archiveCutoff */,
+ 484 /* associatedDomain */,
+ 485 /* associatedName */,
+ 501 /* audio */,
+ 177 /* authorityInfoAccess */,
+ 90 /* authorityKeyIdentifier */,
+ 882 /* authorityRevocationList */,
+ 87 /* basicConstraints */,
+ 365 /* basicOCSPResponse */,
+ 285 /* biometricInfo */,
+ 921 /* brainpoolP160r1 */,
+ 922 /* brainpoolP160t1 */,
+ 923 /* brainpoolP192r1 */,
+ 924 /* brainpoolP192t1 */,
+ 925 /* brainpoolP224r1 */,
+ 926 /* brainpoolP224t1 */,
+ 927 /* brainpoolP256r1 */,
+ 928 /* brainpoolP256t1 */,
+ 929 /* brainpoolP320r1 */,
+ 930 /* brainpoolP320t1 */,
+ 931 /* brainpoolP384r1 */,
+ 932 /* brainpoolP384t1 */,
+ 933 /* brainpoolP512r1 */,
+ 934 /* brainpoolP512t1 */,
+ 494 /* buildingName */,
+ 860 /* businessCategory */,
+ 691 /* c2onb191v4 */,
+ 692 /* c2onb191v5 */,
+ 697 /* c2onb239v4 */,
+ 698 /* c2onb239v5 */,
+ 684 /* c2pnb163v1 */,
+ 685 /* c2pnb163v2 */,
+ 686 /* c2pnb163v3 */,
+ 687 /* c2pnb176v1 */,
+ 693 /* c2pnb208w1 */,
+ 699 /* c2pnb272w1 */,
+ 700 /* c2pnb304w1 */,
+ 702 /* c2pnb368w1 */,
+ 688 /* c2tnb191v1 */,
+ 689 /* c2tnb191v2 */,
+ 690 /* c2tnb191v3 */,
+ 694 /* c2tnb239v1 */,
+ 695 /* c2tnb239v2 */,
+ 696 /* c2tnb239v3 */,
+ 701 /* c2tnb359v1 */,
+ 703 /* c2tnb431r1 */,
+ 881 /* cACertificate */,
+ 483 /* cNAMERecord */,
+ 179 /* caIssuers */,
+ 785 /* caRepository */,
+ 443 /* caseIgnoreIA5StringSyntax */,
+ 152 /* certBag */,
+ 677 /* certicom-arc */,
+ 771 /* certificateIssuer */,
+ 89 /* certificatePolicies */,
+ 883 /* certificateRevocationList */,
+ 54 /* challengePassword */,
+ 407 /* characteristic-two-field */,
+ 395 /* clearance */,
+ 130 /* clientAuth */,
+ 131 /* codeSigning */,
+ 50 /* contentType */,
+ 53 /* countersignature */,
+ 153 /* crlBag */,
+ 103 /* crlDistributionPoints */,
+ 88 /* crlNumber */,
+ 884 /* crossCertificatePair */,
+ 806 /* cryptocom */,
+ 805 /* cryptopro */,
+ 500 /* dITRedirect */,
+ 451 /* dNSDomain */,
+ 495 /* dSAQuality */,
+ 434 /* data */,
+ 390 /* dcobject */,
+ 140 /* deltaCRL */,
+ 891 /* deltaRevocationList */,
+ 107 /* description */,
+ 871 /* destinationIndicator */,
+ 947 /* dh-cofactor-kdf */,
+ 946 /* dh-std-kdf */,
+ 28 /* dhKeyAgreement */,
+ 941 /* dhSinglePass-cofactorDH-sha1kdf-scheme */,
+ 942 /* dhSinglePass-cofactorDH-sha224kdf-scheme */,
+ 943 /* dhSinglePass-cofactorDH-sha256kdf-scheme */,
+ 944 /* dhSinglePass-cofactorDH-sha384kdf-scheme */,
+ 945 /* dhSinglePass-cofactorDH-sha512kdf-scheme */,
+ 936 /* dhSinglePass-stdDH-sha1kdf-scheme */,
+ 937 /* dhSinglePass-stdDH-sha224kdf-scheme */,
+ 938 /* dhSinglePass-stdDH-sha256kdf-scheme */,
+ 939 /* dhSinglePass-stdDH-sha384kdf-scheme */,
+ 940 /* dhSinglePass-stdDH-sha512kdf-scheme */,
+ 920 /* dhpublicnumber */,
+ 382 /* directory */,
+ 887 /* distinguishedName */,
+ 892 /* dmdName */,
+ 174 /* dnQualifier */,
+ 447 /* document */,
+ 471 /* documentAuthor */,
+ 468 /* documentIdentifier */,
+ 472 /* documentLocation */,
+ 502 /* documentPublisher */,
+ 449 /* documentSeries */,
+ 469 /* documentTitle */,
+ 470 /* documentVersion */,
+ 392 /* domain */,
+ 452 /* domainRelatedObject */,
+ 802 /* dsa_with_SHA224 */,
+ 803 /* dsa_with_SHA256 */,
+ 791 /* ecdsa-with-Recommended */,
+ 416 /* ecdsa-with-SHA1 */,
+ 793 /* ecdsa-with-SHA224 */,
+ 794 /* ecdsa-with-SHA256 */,
+ 795 /* ecdsa-with-SHA384 */,
+ 796 /* ecdsa-with-SHA512 */,
+ 792 /* ecdsa-with-Specified */,
+ 48 /* emailAddress */,
+ 132 /* emailProtection */,
+ 885 /* enhancedSearchGuide */,
+ 389 /* enterprises */,
+ 384 /* experimental */,
+ 172 /* extReq */,
+ 56 /* extendedCertificateAttributes */,
+ 126 /* extendedKeyUsage */,
+ 372 /* extendedStatus */,
+ 867 /* facsimileTelephoneNumber */,
+ 462 /* favouriteDrink */,
+ 857 /* freshestCRL */,
+ 453 /* friendlyCountry */,
+ 490 /* friendlyCountryName */,
+ 156 /* friendlyName */,
+ 509 /* generationQualifier */,
+ 815 /* gost-mac */,
+ 811 /* gost2001 */,
+ 851 /* gost2001cc */,
+ 813 /* gost89 */,
+ 814 /* gost89-cnt */,
+ 812 /* gost94 */,
+ 850 /* gost94cc */,
+ 797 /* hmacWithMD5 */,
+ 163 /* hmacWithSHA1 */,
+ 798 /* hmacWithSHA224 */,
+ 799 /* hmacWithSHA256 */,
+ 800 /* hmacWithSHA384 */,
+ 801 /* hmacWithSHA512 */,
+ 432 /* holdInstructionCallIssuer */,
+ 430 /* holdInstructionCode */,
+ 431 /* holdInstructionNone */,
+ 433 /* holdInstructionReject */,
+ 486 /* homePostalAddress */,
+ 473 /* homeTelephoneNumber */,
+ 466 /* host */,
+ 889 /* houseIdentifier */,
+ 442 /* iA5StringSyntax */,
+ 783 /* id-DHBasedMac */,
+ 824 /* id-Gost28147-89-CryptoPro-A-ParamSet */,
+ 825 /* id-Gost28147-89-CryptoPro-B-ParamSet */,
+ 826 /* id-Gost28147-89-CryptoPro-C-ParamSet */,
+ 827 /* id-Gost28147-89-CryptoPro-D-ParamSet */,
+ 819 /* id-Gost28147-89-CryptoPro-KeyMeshing */,
+ 829 /* id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet */,
+ 828 /* id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet */,
+ 830 /* id-Gost28147-89-CryptoPro-RIC-1-ParamSet */,
+ 820 /* id-Gost28147-89-None-KeyMeshing */,
+ 823 /* id-Gost28147-89-TestParamSet */,
+ 849 /* id-Gost28147-89-cc */,
+ 840 /* id-GostR3410-2001-CryptoPro-A-ParamSet */,
+ 841 /* id-GostR3410-2001-CryptoPro-B-ParamSet */,
+ 842 /* id-GostR3410-2001-CryptoPro-C-ParamSet */,
+ 843 /* id-GostR3410-2001-CryptoPro-XchA-ParamSet */,
+ 844 /* id-GostR3410-2001-CryptoPro-XchB-ParamSet */,
+ 854 /* id-GostR3410-2001-ParamSet-cc */,
+ 839 /* id-GostR3410-2001-TestParamSet */,
+ 817 /* id-GostR3410-2001DH */,
+ 832 /* id-GostR3410-94-CryptoPro-A-ParamSet */,
+ 833 /* id-GostR3410-94-CryptoPro-B-ParamSet */,
+ 834 /* id-GostR3410-94-CryptoPro-C-ParamSet */,
+ 835 /* id-GostR3410-94-CryptoPro-D-ParamSet */,
+ 836 /* id-GostR3410-94-CryptoPro-XchA-ParamSet */,
+ 837 /* id-GostR3410-94-CryptoPro-XchB-ParamSet */,
+ 838 /* id-GostR3410-94-CryptoPro-XchC-ParamSet */,
+ 831 /* id-GostR3410-94-TestParamSet */,
+ 845 /* id-GostR3410-94-a */,
+ 846 /* id-GostR3410-94-aBis */,
+ 847 /* id-GostR3410-94-b */,
+ 848 /* id-GostR3410-94-bBis */,
+ 818 /* id-GostR3410-94DH */,
+ 822 /* id-GostR3411-94-CryptoProParamSet */,
+ 821 /* id-GostR3411-94-TestParamSet */,
+ 807 /* id-GostR3411-94-with-GostR3410-2001 */,
+ 853 /* id-GostR3411-94-with-GostR3410-2001-cc */,
+ 808 /* id-GostR3411-94-with-GostR3410-94 */,
+ 852 /* id-GostR3411-94-with-GostR3410-94-cc */,
+ 810 /* id-HMACGostR3411-94 */,
+ 782 /* id-PasswordBasedMAC */,
+ 266 /* id-aca */,
+ 355 /* id-aca-accessIdentity */,
+ 354 /* id-aca-authenticationInfo */,
+ 356 /* id-aca-chargingIdentity */,
+ 399 /* id-aca-encAttrs */,
+ 357 /* id-aca-group */,
+ 358 /* id-aca-role */,
+ 176 /* id-ad */,
+ 896 /* id-aes128-CCM */,
+ 895 /* id-aes128-GCM */,
+ 788 /* id-aes128-wrap */,
+ 897 /* id-aes128-wrap-pad */,
+ 899 /* id-aes192-CCM */,
+ 898 /* id-aes192-GCM */,
+ 789 /* id-aes192-wrap */,
+ 900 /* id-aes192-wrap-pad */,
+ 902 /* id-aes256-CCM */,
+ 901 /* id-aes256-GCM */,
+ 790 /* id-aes256-wrap */,
+ 903 /* id-aes256-wrap-pad */,
+ 262 /* id-alg */,
+ 893 /* id-alg-PWRI-KEK */,
+ 323 /* id-alg-des40 */,
+ 326 /* id-alg-dh-pop */,
+ 325 /* id-alg-dh-sig-hmac-sha1 */,
+ 324 /* id-alg-noSignature */,
+ 907 /* id-camellia128-wrap */,
+ 908 /* id-camellia192-wrap */,
+ 909 /* id-camellia256-wrap */,
+ 268 /* id-cct */,
+ 361 /* id-cct-PKIData */,
+ 362 /* id-cct-PKIResponse */,
+ 360 /* id-cct-crs */,
+ 81 /* id-ce */,
+ 680 /* id-characteristic-two-basis */,
+ 263 /* id-cmc */,
+ 334 /* id-cmc-addExtensions */,
+ 346 /* id-cmc-confirmCertAcceptance */,
+ 330 /* id-cmc-dataReturn */,
+ 336 /* id-cmc-decryptedPOP */,
+ 335 /* id-cmc-encryptedPOP */,
+ 339 /* id-cmc-getCRL */,
+ 338 /* id-cmc-getCert */,
+ 328 /* id-cmc-identification */,
+ 329 /* id-cmc-identityProof */,
+ 337 /* id-cmc-lraPOPWitness */,
+ 344 /* id-cmc-popLinkRandom */,
+ 345 /* id-cmc-popLinkWitness */,
+ 343 /* id-cmc-queryPending */,
+ 333 /* id-cmc-recipientNonce */,
+ 341 /* id-cmc-regInfo */,
+ 342 /* id-cmc-responseInfo */,
+ 340 /* id-cmc-revokeRequest */,
+ 332 /* id-cmc-senderNonce */,
+ 327 /* id-cmc-statusInfo */,
+ 331 /* id-cmc-transactionId */,
+ 787 /* id-ct-asciiTextWithCRLF */,
+ 408 /* id-ecPublicKey */,
+ 508 /* id-hex-multipart-message */,
+ 507 /* id-hex-partial-message */,
+ 260 /* id-it */,
+ 302 /* id-it-caKeyUpdateInfo */,
+ 298 /* id-it-caProtEncCert */,
+ 311 /* id-it-confirmWaitTime */,
+ 303 /* id-it-currentCRL */,
+ 300 /* id-it-encKeyPairTypes */,
+ 310 /* id-it-implicitConfirm */,
+ 308 /* id-it-keyPairParamRep */,
+ 307 /* id-it-keyPairParamReq */,
+ 312 /* id-it-origPKIMessage */,
+ 301 /* id-it-preferredSymmAlg */,
+ 309 /* id-it-revPassphrase */,
+ 299 /* id-it-signKeyPairTypes */,
+ 305 /* id-it-subscriptionRequest */,
+ 306 /* id-it-subscriptionResponse */,
+ 784 /* id-it-suppLangTags */,
+ 304 /* id-it-unsupportedOIDs */,
+ 128 /* id-kp */,
+ 280 /* id-mod-attribute-cert */,
+ 274 /* id-mod-cmc */,
+ 277 /* id-mod-cmp */,
+ 284 /* id-mod-cmp2000 */,
+ 273 /* id-mod-crmf */,
+ 283 /* id-mod-dvcs */,
+ 275 /* id-mod-kea-profile-88 */,
+ 276 /* id-mod-kea-profile-93 */,
+ 282 /* id-mod-ocsp */,
+ 278 /* id-mod-qualified-cert-88 */,
+ 279 /* id-mod-qualified-cert-93 */,
+ 281 /* id-mod-timestamp-protocol */,
+ 264 /* id-on */,
+ 858 /* id-on-permanentIdentifier */,
+ 347 /* id-on-personalData */,
+ 265 /* id-pda */,
+ 352 /* id-pda-countryOfCitizenship */,
+ 353 /* id-pda-countryOfResidence */,
+ 348 /* id-pda-dateOfBirth */,
+ 351 /* id-pda-gender */,
+ 349 /* id-pda-placeOfBirth */,
+ 175 /* id-pe */,
+ 261 /* id-pkip */,
+ 258 /* id-pkix-mod */,
+ 269 /* id-pkix1-explicit-88 */,
+ 271 /* id-pkix1-explicit-93 */,
+ 270 /* id-pkix1-implicit-88 */,
+ 272 /* id-pkix1-implicit-93 */,
+ 662 /* id-ppl */,
+ 664 /* id-ppl-anyLanguage */,
+ 667 /* id-ppl-independent */,
+ 665 /* id-ppl-inheritAll */,
+ 267 /* id-qcs */,
+ 359 /* id-qcs-pkixQCSyntax-v1 */,
+ 259 /* id-qt */,
+ 164 /* id-qt-cps */,
+ 165 /* id-qt-unotice */,
+ 313 /* id-regCtrl */,
+ 316 /* id-regCtrl-authenticator */,
+ 319 /* id-regCtrl-oldCertID */,
+ 318 /* id-regCtrl-pkiArchiveOptions */,
+ 317 /* id-regCtrl-pkiPublicationInfo */,
+ 320 /* id-regCtrl-protocolEncrKey */,
+ 315 /* id-regCtrl-regToken */,
+ 314 /* id-regInfo */,
+ 322 /* id-regInfo-certReq */,
+ 321 /* id-regInfo-utf8Pairs */,
+ 512 /* id-set */,
+ 191 /* id-smime-aa */,
+ 215 /* id-smime-aa-contentHint */,
+ 218 /* id-smime-aa-contentIdentifier */,
+ 221 /* id-smime-aa-contentReference */,
+ 240 /* id-smime-aa-dvcs-dvc */,
+ 217 /* id-smime-aa-encapContentType */,
+ 222 /* id-smime-aa-encrypKeyPref */,
+ 220 /* id-smime-aa-equivalentLabels */,
+ 232 /* id-smime-aa-ets-CertificateRefs */,
+ 233 /* id-smime-aa-ets-RevocationRefs */,
+ 238 /* id-smime-aa-ets-archiveTimeStamp */,
+ 237 /* id-smime-aa-ets-certCRLTimestamp */,
+ 234 /* id-smime-aa-ets-certValues */,
+ 227 /* id-smime-aa-ets-commitmentType */,
+ 231 /* id-smime-aa-ets-contentTimestamp */,
+ 236 /* id-smime-aa-ets-escTimeStamp */,
+ 230 /* id-smime-aa-ets-otherSigCert */,
+ 235 /* id-smime-aa-ets-revocationValues */,
+ 226 /* id-smime-aa-ets-sigPolicyId */,
+ 229 /* id-smime-aa-ets-signerAttr */,
+ 228 /* id-smime-aa-ets-signerLocation */,
+ 219 /* id-smime-aa-macValue */,
+ 214 /* id-smime-aa-mlExpandHistory */,
+ 216 /* id-smime-aa-msgSigDigest */,
+ 212 /* id-smime-aa-receiptRequest */,
+ 213 /* id-smime-aa-securityLabel */,
+ 239 /* id-smime-aa-signatureType */,
+ 223 /* id-smime-aa-signingCertificate */,
+ 224 /* id-smime-aa-smimeEncryptCerts */,
+ 225 /* id-smime-aa-timeStampToken */,
+ 192 /* id-smime-alg */,
+ 243 /* id-smime-alg-3DESwrap */,
+ 246 /* id-smime-alg-CMS3DESwrap */,
+ 247 /* id-smime-alg-CMSRC2wrap */,
+ 245 /* id-smime-alg-ESDH */,
+ 241 /* id-smime-alg-ESDHwith3DES */,
+ 242 /* id-smime-alg-ESDHwithRC2 */,
+ 244 /* id-smime-alg-RC2wrap */,
+ 193 /* id-smime-cd */,
+ 248 /* id-smime-cd-ldap */,
+ 190 /* id-smime-ct */,
+ 210 /* id-smime-ct-DVCSRequestData */,
+ 211 /* id-smime-ct-DVCSResponseData */,
+ 208 /* id-smime-ct-TDTInfo */,
+ 207 /* id-smime-ct-TSTInfo */,
+ 205 /* id-smime-ct-authData */,
+ 786 /* id-smime-ct-compressedData */,
+ 209 /* id-smime-ct-contentInfo */,
+ 206 /* id-smime-ct-publishCert */,
+ 204 /* id-smime-ct-receipt */,
+ 195 /* id-smime-cti */,
+ 255 /* id-smime-cti-ets-proofOfApproval */,
+ 256 /* id-smime-cti-ets-proofOfCreation */,
+ 253 /* id-smime-cti-ets-proofOfDelivery */,
+ 251 /* id-smime-cti-ets-proofOfOrigin */,
+ 252 /* id-smime-cti-ets-proofOfReceipt */,
+ 254 /* id-smime-cti-ets-proofOfSender */,
+ 189 /* id-smime-mod */,
+ 196 /* id-smime-mod-cms */,
+ 197 /* id-smime-mod-ess */,
+ 202 /* id-smime-mod-ets-eSigPolicy-88 */,
+ 203 /* id-smime-mod-ets-eSigPolicy-97 */,
+ 200 /* id-smime-mod-ets-eSignature-88 */,
+ 201 /* id-smime-mod-ets-eSignature-97 */,
+ 199 /* id-smime-mod-msg-v3 */,
+ 198 /* id-smime-mod-oid */,
+ 194 /* id-smime-spq */,
+ 250 /* id-smime-spq-ets-sqt-unotice */,
+ 249 /* id-smime-spq-ets-sqt-uri */,
+ 676 /* identified-organization */,
+ 461 /* info */,
+ 748 /* inhibitAnyPolicy */,
+ 101 /* initials */,
+ 647 /* international-organizations */,
+ 869 /* internationaliSDNNumber */,
+ 142 /* invalidityDate */,
+ 294 /* ipsecEndSystem */,
+ 295 /* ipsecTunnel */,
+ 296 /* ipsecUser */,
+ 86 /* issuerAltName */,
+ 770 /* issuingDistributionPoint */,
+ 492 /* janetMailbox */,
+ 150 /* keyBag */,
+ 83 /* keyUsage */,
+ 477 /* lastModifiedBy */,
+ 476 /* lastModifiedTime */,
+ 157 /* localKeyID */,
+ 480 /* mXRecord */,
+ 460 /* mail */,
+ 493 /* mailPreferenceOption */,
+ 467 /* manager */,
+ 809 /* md_gost94 */,
+ 875 /* member */,
+ 182 /* member-body */,
+ 51 /* messageDigest */,
+ 383 /* mgmt */,
+ 504 /* mime-mhs */,
+ 506 /* mime-mhs-bodies */,
+ 505 /* mime-mhs-headings */,
+ 488 /* mobileTelephoneNumber */,
+ 136 /* msCTLSign */,
+ 135 /* msCodeCom */,
+ 134 /* msCodeInd */,
+ 138 /* msEFS */,
+ 171 /* msExtReq */,
+ 137 /* msSGC */,
+ 648 /* msSmartcardLogin */,
+ 649 /* msUPN */,
+ 481 /* nSRecord */,
+ 173 /* name */,
+ 666 /* nameConstraints */,
+ 369 /* noCheck */,
+ 403 /* noRevAvail */,
+ 72 /* nsBaseUrl */,
+ 76 /* nsCaPolicyUrl */,
+ 74 /* nsCaRevocationUrl */,
+ 58 /* nsCertExt */,
+ 79 /* nsCertSequence */,
+ 71 /* nsCertType */,
+ 78 /* nsComment */,
+ 59 /* nsDataType */,
+ 75 /* nsRenewalUrl */,
+ 73 /* nsRevocationUrl */,
+ 139 /* nsSGC */,
+ 77 /* nsSslServerName */,
+ 681 /* onBasis */,
+ 491 /* organizationalStatus */,
+ 475 /* otherMailbox */,
+ 876 /* owner */,
+ 489 /* pagerTelephoneNumber */,
+ 374 /* path */,
+ 112 /* pbeWithMD5AndCast5CBC */,
+ 499 /* personalSignature */,
+ 487 /* personalTitle */,
+ 464 /* photo */,
+ 863 /* physicalDeliveryOfficeName */,
+ 437 /* pilot */,
+ 439 /* pilotAttributeSyntax */,
+ 438 /* pilotAttributeType */,
+ 479 /* pilotAttributeType27 */,
+ 456 /* pilotDSA */,
+ 441 /* pilotGroups */,
+ 444 /* pilotObject */,
+ 440 /* pilotObjectClass */,
+ 455 /* pilotOrganization */,
+ 445 /* pilotPerson */,
+ 2 /* pkcs */,
+ 186 /* pkcs1 */,
+ 27 /* pkcs3 */,
+ 187 /* pkcs5 */,
+ 20 /* pkcs7 */,
+ 21 /* pkcs7-data */,
+ 25 /* pkcs7-digestData */,
+ 26 /* pkcs7-encryptedData */,
+ 23 /* pkcs7-envelopedData */,
+ 24 /* pkcs7-signedAndEnvelopedData */,
+ 22 /* pkcs7-signedData */,
+ 151 /* pkcs8ShroudedKeyBag */,
+ 47 /* pkcs9 */,
+ 401 /* policyConstraints */,
+ 747 /* policyMappings */,
+ 862 /* postOfficeBox */,
+ 861 /* postalAddress */,
+ 661 /* postalCode */,
+ 683 /* ppBasis */,
+ 872 /* preferredDeliveryMethod */,
+ 873 /* presentationAddress */,
+ 816 /* prf-gostr3411-94 */,
+ 406 /* prime-field */,
+ 409 /* prime192v1 */,
+ 410 /* prime192v2 */,
+ 411 /* prime192v3 */,
+ 412 /* prime239v1 */,
+ 413 /* prime239v2 */,
+ 414 /* prime239v3 */,
+ 415 /* prime256v1 */,
+ 385 /* private */,
+ 84 /* privateKeyUsagePeriod */,
+ 886 /* protocolInformation */,
+ 663 /* proxyCertInfo */,
+ 510 /* pseudonym */,
+ 435 /* pss */,
+ 286 /* qcStatements */,
+ 457 /* qualityLabelledData */,
+ 450 /* rFC822localPart */,
+ 870 /* registeredAddress */,
+ 400 /* role */,
+ 877 /* roleOccupant */,
+ 448 /* room */,
+ 463 /* roomNumber */,
+ 6 /* rsaEncryption */,
+ 644 /* rsaOAEPEncryptionSET */,
+ 377 /* rsaSignature */,
+ 1 /* rsadsi */,
+ 482 /* sOARecord */,
+ 155 /* safeContentsBag */,
+ 291 /* sbgp-autonomousSysNum */,
+ 290 /* sbgp-ipAddrBlock */,
+ 292 /* sbgp-routerIdentifier */,
+ 159 /* sdsiCertificate */,
+ 859 /* searchGuide */,
+ 704 /* secp112r1 */,
+ 705 /* secp112r2 */,
+ 706 /* secp128r1 */,
+ 707 /* secp128r2 */,
+ 708 /* secp160k1 */,
+ 709 /* secp160r1 */,
+ 710 /* secp160r2 */,
+ 711 /* secp192k1 */,
+ 712 /* secp224k1 */,
+ 713 /* secp224r1 */,
+ 714 /* secp256k1 */,
+ 715 /* secp384r1 */,
+ 716 /* secp521r1 */,
+ 154 /* secretBag */,
+ 474 /* secretary */,
+ 717 /* sect113r1 */,
+ 718 /* sect113r2 */,
+ 719 /* sect131r1 */,
+ 720 /* sect131r2 */,
+ 721 /* sect163k1 */,
+ 722 /* sect163r1 */,
+ 723 /* sect163r2 */,
+ 724 /* sect193r1 */,
+ 725 /* sect193r2 */,
+ 726 /* sect233k1 */,
+ 727 /* sect233r1 */,
+ 728 /* sect239k1 */,
+ 729 /* sect283k1 */,
+ 730 /* sect283r1 */,
+ 731 /* sect409k1 */,
+ 732 /* sect409r1 */,
+ 733 /* sect571k1 */,
+ 734 /* sect571r1 */,
+ 386 /* security */,
+ 878 /* seeAlso */,
+ 394 /* selected-attribute-types */,
+ 105 /* serialNumber */,
+ 129 /* serverAuth */,
+ 371 /* serviceLocator */,
+ 625 /* set-addPolicy */,
+ 515 /* set-attr */,
+ 518 /* set-brand */,
+ 638 /* set-brand-AmericanExpress */,
+ 637 /* set-brand-Diners */,
+ 636 /* set-brand-IATA-ATA */,
+ 639 /* set-brand-JCB */,
+ 641 /* set-brand-MasterCard */,
+ 642 /* set-brand-Novus */,
+ 640 /* set-brand-Visa */,
+ 517 /* set-certExt */,
+ 513 /* set-ctype */,
+ 514 /* set-msgExt */,
+ 516 /* set-policy */,
+ 607 /* set-policy-root */,
+ 624 /* set-rootKeyThumb */,
+ 620 /* setAttr-Cert */,
+ 631 /* setAttr-GenCryptgrm */,
+ 623 /* setAttr-IssCap */,
+ 628 /* setAttr-IssCap-CVM */,
+ 630 /* setAttr-IssCap-Sig */,
+ 629 /* setAttr-IssCap-T2 */,
+ 621 /* setAttr-PGWYcap */,
+ 635 /* setAttr-SecDevSig */,
+ 632 /* setAttr-T2Enc */,
+ 633 /* setAttr-T2cleartxt */,
+ 634 /* setAttr-TokICCsig */,
+ 627 /* setAttr-Token-B0Prime */,
+ 626 /* setAttr-Token-EMV */,
+ 622 /* setAttr-TokenType */,
+ 619 /* setCext-IssuerCapabilities */,
+ 615 /* setCext-PGWYcapabilities */,
+ 616 /* setCext-TokenIdentifier */,
+ 618 /* setCext-TokenType */,
+ 617 /* setCext-Track2Data */,
+ 611 /* setCext-cCertRequired */,
+ 609 /* setCext-certType */,
+ 608 /* setCext-hashedRoot */,
+ 610 /* setCext-merchData */,
+ 613 /* setCext-setExt */,
+ 614 /* setCext-setQualf */,
+ 612 /* setCext-tunneling */,
+ 540 /* setct-AcqCardCodeMsg */,
+ 576 /* setct-AcqCardCodeMsgTBE */,
+ 570 /* setct-AuthReqTBE */,
+ 534 /* setct-AuthReqTBS */,
+ 527 /* setct-AuthResBaggage */,
+ 571 /* setct-AuthResTBE */,
+ 572 /* setct-AuthResTBEX */,
+ 535 /* setct-AuthResTBS */,
+ 536 /* setct-AuthResTBSX */,
+ 528 /* setct-AuthRevReqBaggage */,
+ 577 /* setct-AuthRevReqTBE */,
+ 541 /* setct-AuthRevReqTBS */,
+ 529 /* setct-AuthRevResBaggage */,
+ 542 /* setct-AuthRevResData */,
+ 578 /* setct-AuthRevResTBE */,
+ 579 /* setct-AuthRevResTBEB */,
+ 543 /* setct-AuthRevResTBS */,
+ 573 /* setct-AuthTokenTBE */,
+ 537 /* setct-AuthTokenTBS */,
+ 600 /* setct-BCIDistributionTBS */,
+ 558 /* setct-BatchAdminReqData */,
+ 592 /* setct-BatchAdminReqTBE */,
+ 559 /* setct-BatchAdminResData */,
+ 593 /* setct-BatchAdminResTBE */,
+ 599 /* setct-CRLNotificationResTBS */,
+ 598 /* setct-CRLNotificationTBS */,
+ 580 /* setct-CapReqTBE */,
+ 581 /* setct-CapReqTBEX */,
+ 544 /* setct-CapReqTBS */,
+ 545 /* setct-CapReqTBSX */,
+ 546 /* setct-CapResData */,
+ 582 /* setct-CapResTBE */,
+ 583 /* setct-CapRevReqTBE */,
+ 584 /* setct-CapRevReqTBEX */,
+ 547 /* setct-CapRevReqTBS */,
+ 548 /* setct-CapRevReqTBSX */,
+ 549 /* setct-CapRevResData */,
+ 585 /* setct-CapRevResTBE */,
+ 538 /* setct-CapTokenData */,
+ 530 /* setct-CapTokenSeq */,
+ 574 /* setct-CapTokenTBE */,
+ 575 /* setct-CapTokenTBEX */,
+ 539 /* setct-CapTokenTBS */,
+ 560 /* setct-CardCInitResTBS */,
+ 566 /* setct-CertInqReqTBS */,
+ 563 /* setct-CertReqData */,
+ 595 /* setct-CertReqTBE */,
+ 596 /* setct-CertReqTBEX */,
+ 564 /* setct-CertReqTBS */,
+ 565 /* setct-CertResData */,
+ 597 /* setct-CertResTBE */,
+ 586 /* setct-CredReqTBE */,
+ 587 /* setct-CredReqTBEX */,
+ 550 /* setct-CredReqTBS */,
+ 551 /* setct-CredReqTBSX */,
+ 552 /* setct-CredResData */,
+ 588 /* setct-CredResTBE */,
+ 589 /* setct-CredRevReqTBE */,
+ 590 /* setct-CredRevReqTBEX */,
+ 553 /* setct-CredRevReqTBS */,
+ 554 /* setct-CredRevReqTBSX */,
+ 555 /* setct-CredRevResData */,
+ 591 /* setct-CredRevResTBE */,
+ 567 /* setct-ErrorTBS */,
+ 526 /* setct-HODInput */,
+ 561 /* setct-MeAqCInitResTBS */,
+ 522 /* setct-OIData */,
+ 519 /* setct-PANData */,
+ 521 /* setct-PANOnly */,
+ 520 /* setct-PANToken */,
+ 556 /* setct-PCertReqData */,
+ 557 /* setct-PCertResTBS */,
+ 523 /* setct-PI */,
+ 532 /* setct-PI-TBS */,
+ 524 /* setct-PIData */,
+ 525 /* setct-PIDataUnsigned */,
+ 568 /* setct-PIDualSignedTBE */,
+ 569 /* setct-PIUnsignedTBE */,
+ 531 /* setct-PInitResData */,
+ 533 /* setct-PResData */,
+ 594 /* setct-RegFormReqTBE */,
+ 562 /* setct-RegFormResTBS */,
+ 606 /* setext-cv */,
+ 601 /* setext-genCrypt */,
+ 602 /* setext-miAuth */,
+ 604 /* setext-pinAny */,
+ 603 /* setext-pinSecure */,
+ 605 /* setext-track2 */,
+ 52 /* signingTime */,
+ 454 /* simpleSecurityObject */,
+ 496 /* singleLevelQuality */,
+ 387 /* snmpv2 */,
+ 660 /* street */,
+ 85 /* subjectAltName */,
+ 769 /* subjectDirectoryAttributes */,
+ 398 /* subjectInfoAccess */,
+ 82 /* subjectKeyIdentifier */,
+ 498 /* subtreeMaximumQuality */,
+ 497 /* subtreeMinimumQuality */,
+ 890 /* supportedAlgorithms */,
+ 874 /* supportedApplicationContext */,
+ 402 /* targetInformation */,
+ 864 /* telephoneNumber */,
+ 866 /* teletexTerminalIdentifier */,
+ 865 /* telexNumber */,
+ 459 /* textEncodedORAddress */,
+ 293 /* textNotice */,
+ 133 /* timeStamping */,
+ 106 /* title */,
+ 682 /* tpBasis */,
+ 375 /* trustRoot */,
+ 436 /* ucl */,
+ 888 /* uniqueMember */,
+ 55 /* unstructuredAddress */,
+ 49 /* unstructuredName */,
+ 880 /* userCertificate */,
+ 465 /* userClass */,
+ 879 /* userPassword */,
+ 373 /* valid */,
+ 678 /* wap */,
+ 679 /* wap-wsg */,
+ 735 /* wap-wsg-idm-ecid-wtls1 */,
+ 743 /* wap-wsg-idm-ecid-wtls10 */,
+ 744 /* wap-wsg-idm-ecid-wtls11 */,
+ 745 /* wap-wsg-idm-ecid-wtls12 */,
+ 736 /* wap-wsg-idm-ecid-wtls3 */,
+ 737 /* wap-wsg-idm-ecid-wtls4 */,
+ 738 /* wap-wsg-idm-ecid-wtls5 */,
+ 739 /* wap-wsg-idm-ecid-wtls6 */,
+ 740 /* wap-wsg-idm-ecid-wtls7 */,
+ 741 /* wap-wsg-idm-ecid-wtls8 */,
+ 742 /* wap-wsg-idm-ecid-wtls9 */,
+ 804 /* whirlpool */,
+ 868 /* x121Address */,
+ 503 /* x500UniqueIdentifier */,
+ 158 /* x509Certificate */,
+ 160 /* x509Crl */,
};
-static const unsigned int kNIDsInLongNameOrder[NUM_LN]={
-363, /* "AD Time Stamping" */
-405, /* "ANSI X9.62" */
-368, /* "Acceptable OCSP Responses" */
-910, /* "Any Extended Key Usage" */
-664, /* "Any language" */
-177, /* "Authority Information Access" */
-365, /* "Basic OCSP Response" */
-285, /* "Biometric Info" */
-179, /* "CA Issuers" */
-785, /* "CA Repository" */
-131, /* "Code Signing" */
-783, /* "Diffie-Hellman based MAC" */
-382, /* "Directory" */
-392, /* "Domain" */
-132, /* "E-mail Protection" */
-389, /* "Enterprises" */
-384, /* "Experimental" */
-372, /* "Extended OCSP Status" */
-172, /* "Extension Request" */
-813, /* "GOST 28147-89" */
-849, /* "GOST 28147-89 Cryptocom ParamSet" */
-815, /* "GOST 28147-89 MAC" */
-851, /* "GOST 34.10-2001 Cryptocom" */
-850, /* "GOST 34.10-94 Cryptocom" */
-811, /* "GOST R 34.10-2001" */
-817, /* "GOST R 34.10-2001 DH" */
-812, /* "GOST R 34.10-94" */
-818, /* "GOST R 34.10-94 DH" */
-809, /* "GOST R 34.11-94" */
-816, /* "GOST R 34.11-94 PRF" */
-807, /* "GOST R 34.11-94 with GOST R 34.10-2001" */
-853, /* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
-808, /* "GOST R 34.11-94 with GOST R 34.10-94" */
-852, /* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
-854, /* "GOST R 3410-2001 Parameter Set Cryptocom" */
-810, /* "HMAC GOST 34.11-94" */
-432, /* "Hold Instruction Call Issuer" */
-430, /* "Hold Instruction Code" */
-431, /* "Hold Instruction None" */
-433, /* "Hold Instruction Reject" */
-634, /* "ICC or token signature" */
-294, /* "IPSec End System" */
-295, /* "IPSec Tunnel" */
-296, /* "IPSec User" */
-182, /* "ISO Member Body" */
-183, /* "ISO US Member Body" */
-667, /* "Independent" */
-665, /* "Inherit all" */
-647, /* "International Organizations" */
-142, /* "Invalidity Date" */
-504, /* "MIME MHS" */
-388, /* "Mail" */
-383, /* "Management" */
-417, /* "Microsoft CSP Name" */
-135, /* "Microsoft Commercial Code Signing" */
-138, /* "Microsoft Encrypted File System" */
-171, /* "Microsoft Extension Request" */
-134, /* "Microsoft Individual Code Signing" */
-856, /* "Microsoft Local Key set" */
-137, /* "Microsoft Server Gated Crypto" */
-648, /* "Microsoft Smartcardlogin" */
-136, /* "Microsoft Trust List Signing" */
-649, /* "Microsoft Universal Principal Name" */
-393, /* "NULL" */
-404, /* "NULL" */
-72, /* "Netscape Base Url" */
-76, /* "Netscape CA Policy Url" */
-74, /* "Netscape CA Revocation Url" */
-71, /* "Netscape Cert Type" */
-58, /* "Netscape Certificate Extension" */
-79, /* "Netscape Certificate Sequence" */
-78, /* "Netscape Comment" */
-57, /* "Netscape Communications Corp." */
-59, /* "Netscape Data Type" */
-75, /* "Netscape Renewal Url" */
-73, /* "Netscape Revocation Url" */
-77, /* "Netscape SSL Server Name" */
-139, /* "Netscape Server Gated Crypto" */
-178, /* "OCSP" */
-370, /* "OCSP Archive Cutoff" */
-367, /* "OCSP CRL ID" */
-369, /* "OCSP No Check" */
-366, /* "OCSP Nonce" */
-371, /* "OCSP Service Locator" */
-180, /* "OCSP Signing" */
-161, /* "PBES2" */
-69, /* "PBKDF2" */
-162, /* "PBMAC1" */
-127, /* "PKIX" */
-858, /* "Permanent Identifier" */
-164, /* "Policy Qualifier CPS" */
-165, /* "Policy Qualifier User Notice" */
-385, /* "Private" */
-663, /* "Proxy Certificate Information" */
- 1, /* "RSA Data Security, Inc." */
- 2, /* "RSA Data Security, Inc. PKCS" */
-188, /* "S/MIME" */
-167, /* "S/MIME Capabilities" */
-387, /* "SNMPv2" */
-512, /* "Secure Electronic Transactions" */
-386, /* "Security" */
-394, /* "Selected Attribute Types" */
-143, /* "Strong Extranet ID" */
-398, /* "Subject Information Access" */
-130, /* "TLS Web Client Authentication" */
-129, /* "TLS Web Server Authentication" */
-133, /* "Time Stamping" */
-375, /* "Trust Root" */
-948, /* "X25519" */
-12, /* "X509" */
-402, /* "X509v3 AC Targeting" */
-746, /* "X509v3 Any Policy" */
-90, /* "X509v3 Authority Key Identifier" */
-87, /* "X509v3 Basic Constraints" */
-103, /* "X509v3 CRL Distribution Points" */
-88, /* "X509v3 CRL Number" */
-141, /* "X509v3 CRL Reason Code" */
-771, /* "X509v3 Certificate Issuer" */
-89, /* "X509v3 Certificate Policies" */
-140, /* "X509v3 Delta CRL Indicator" */
-126, /* "X509v3 Extended Key Usage" */
-857, /* "X509v3 Freshest CRL" */
-748, /* "X509v3 Inhibit Any Policy" */
-86, /* "X509v3 Issuer Alternative Name" */
-770, /* "X509v3 Issuing Distribution Point" */
-83, /* "X509v3 Key Usage" */
-666, /* "X509v3 Name Constraints" */
-403, /* "X509v3 No Revocation Available" */
-401, /* "X509v3 Policy Constraints" */
-747, /* "X509v3 Policy Mappings" */
-84, /* "X509v3 Private Key Usage Period" */
-85, /* "X509v3 Subject Alternative Name" */
-769, /* "X509v3 Subject Directory Attributes" */
-82, /* "X509v3 Subject Key Identifier" */
-920, /* "X9.42 DH" */
-184, /* "X9.57" */
-185, /* "X9.57 CM ?" */
-478, /* "aRecord" */
-289, /* "aaControls" */
-287, /* "ac-auditEntity" */
-397, /* "ac-proxying" */
-288, /* "ac-targeting" */
-446, /* "account" */
-364, /* "ad dvcs" */
-606, /* "additional verification" */
-419, /* "aes-128-cbc" */
-916, /* "aes-128-cbc-hmac-sha1" */
-896, /* "aes-128-ccm" */
-421, /* "aes-128-cfb" */
-650, /* "aes-128-cfb1" */
-653, /* "aes-128-cfb8" */
-904, /* "aes-128-ctr" */
-418, /* "aes-128-ecb" */
-895, /* "aes-128-gcm" */
-420, /* "aes-128-ofb" */
-913, /* "aes-128-xts" */
-423, /* "aes-192-cbc" */
-917, /* "aes-192-cbc-hmac-sha1" */
-899, /* "aes-192-ccm" */
-425, /* "aes-192-cfb" */
-651, /* "aes-192-cfb1" */
-654, /* "aes-192-cfb8" */
-905, /* "aes-192-ctr" */
-422, /* "aes-192-ecb" */
-898, /* "aes-192-gcm" */
-424, /* "aes-192-ofb" */
-427, /* "aes-256-cbc" */
-918, /* "aes-256-cbc-hmac-sha1" */
-902, /* "aes-256-ccm" */
-429, /* "aes-256-cfb" */
-652, /* "aes-256-cfb1" */
-655, /* "aes-256-cfb8" */
-906, /* "aes-256-ctr" */
-426, /* "aes-256-ecb" */
-901, /* "aes-256-gcm" */
-428, /* "aes-256-ofb" */
-914, /* "aes-256-xts" */
-376, /* "algorithm" */
-484, /* "associatedDomain" */
-485, /* "associatedName" */
-501, /* "audio" */
-882, /* "authorityRevocationList" */
-91, /* "bf-cbc" */
-93, /* "bf-cfb" */
-92, /* "bf-ecb" */
-94, /* "bf-ofb" */
-921, /* "brainpoolP160r1" */
-922, /* "brainpoolP160t1" */
-923, /* "brainpoolP192r1" */
-924, /* "brainpoolP192t1" */
-925, /* "brainpoolP224r1" */
-926, /* "brainpoolP224t1" */
-927, /* "brainpoolP256r1" */
-928, /* "brainpoolP256t1" */
-929, /* "brainpoolP320r1" */
-930, /* "brainpoolP320t1" */
-931, /* "brainpoolP384r1" */
-932, /* "brainpoolP384t1" */
-933, /* "brainpoolP512r1" */
-934, /* "brainpoolP512t1" */
-494, /* "buildingName" */
-860, /* "businessCategory" */
-691, /* "c2onb191v4" */
-692, /* "c2onb191v5" */
-697, /* "c2onb239v4" */
-698, /* "c2onb239v5" */
-684, /* "c2pnb163v1" */
-685, /* "c2pnb163v2" */
-686, /* "c2pnb163v3" */
-687, /* "c2pnb176v1" */
-693, /* "c2pnb208w1" */
-699, /* "c2pnb272w1" */
-700, /* "c2pnb304w1" */
-702, /* "c2pnb368w1" */
-688, /* "c2tnb191v1" */
-689, /* "c2tnb191v2" */
-690, /* "c2tnb191v3" */
-694, /* "c2tnb239v1" */
-695, /* "c2tnb239v2" */
-696, /* "c2tnb239v3" */
-701, /* "c2tnb359v1" */
-703, /* "c2tnb431r1" */
-881, /* "cACertificate" */
-483, /* "cNAMERecord" */
-751, /* "camellia-128-cbc" */
-757, /* "camellia-128-cfb" */
-760, /* "camellia-128-cfb1" */
-763, /* "camellia-128-cfb8" */
-754, /* "camellia-128-ecb" */
-766, /* "camellia-128-ofb" */
-752, /* "camellia-192-cbc" */
-758, /* "camellia-192-cfb" */
-761, /* "camellia-192-cfb1" */
-764, /* "camellia-192-cfb8" */
-755, /* "camellia-192-ecb" */
-767, /* "camellia-192-ofb" */
-753, /* "camellia-256-cbc" */
-759, /* "camellia-256-cfb" */
-762, /* "camellia-256-cfb1" */
-765, /* "camellia-256-cfb8" */
-756, /* "camellia-256-ecb" */
-768, /* "camellia-256-ofb" */
-443, /* "caseIgnoreIA5StringSyntax" */
-108, /* "cast5-cbc" */
-110, /* "cast5-cfb" */
-109, /* "cast5-ecb" */
-111, /* "cast5-ofb" */
-152, /* "certBag" */
-677, /* "certicom-arc" */
-517, /* "certificate extensions" */
-883, /* "certificateRevocationList" */
-54, /* "challengePassword" */
-407, /* "characteristic-two-field" */
-395, /* "clearance" */
-633, /* "cleartext track 2" */
-894, /* "cmac" */
-13, /* "commonName" */
-513, /* "content types" */
-50, /* "contentType" */
-53, /* "countersignature" */
-14, /* "countryName" */
-153, /* "crlBag" */
-884, /* "crossCertificatePair" */
-806, /* "cryptocom" */
-805, /* "cryptopro" */
-500, /* "dITRedirect" */
-451, /* "dNSDomain" */
-495, /* "dSAQuality" */
-434, /* "data" */
-390, /* "dcObject" */
-891, /* "deltaRevocationList" */
-31, /* "des-cbc" */
-643, /* "des-cdmf" */
-30, /* "des-cfb" */
-656, /* "des-cfb1" */
-657, /* "des-cfb8" */
-29, /* "des-ecb" */
-32, /* "des-ede" */
-43, /* "des-ede-cbc" */
-60, /* "des-ede-cfb" */
-62, /* "des-ede-ofb" */
-33, /* "des-ede3" */
-44, /* "des-ede3-cbc" */
-61, /* "des-ede3-cfb" */
-658, /* "des-ede3-cfb1" */
-659, /* "des-ede3-cfb8" */
-63, /* "des-ede3-ofb" */
-45, /* "des-ofb" */
-107, /* "description" */
-871, /* "destinationIndicator" */
-80, /* "desx-cbc" */
-947, /* "dh-cofactor-kdf" */
-946, /* "dh-std-kdf" */
-28, /* "dhKeyAgreement" */
-941, /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942, /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943, /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944, /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945, /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936, /* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937, /* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938, /* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939, /* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940, /* "dhSinglePass-stdDH-sha512kdf-scheme" */
-11, /* "directory services (X.500)" */
-378, /* "directory services - algorithms" */
-887, /* "distinguishedName" */
-892, /* "dmdName" */
-174, /* "dnQualifier" */
-447, /* "document" */
-471, /* "documentAuthor" */
-468, /* "documentIdentifier" */
-472, /* "documentLocation" */
-502, /* "documentPublisher" */
-449, /* "documentSeries" */
-469, /* "documentTitle" */
-470, /* "documentVersion" */
-380, /* "dod" */
-391, /* "domainComponent" */
-452, /* "domainRelatedObject" */
-116, /* "dsaEncryption" */
-67, /* "dsaEncryption-old" */
-66, /* "dsaWithSHA" */
-113, /* "dsaWithSHA1" */
-70, /* "dsaWithSHA1-old" */
-802, /* "dsa_with_SHA224" */
-803, /* "dsa_with_SHA256" */
-297, /* "dvcs" */
-791, /* "ecdsa-with-Recommended" */
-416, /* "ecdsa-with-SHA1" */
-793, /* "ecdsa-with-SHA224" */
-794, /* "ecdsa-with-SHA256" */
-795, /* "ecdsa-with-SHA384" */
-796, /* "ecdsa-with-SHA512" */
-792, /* "ecdsa-with-Specified" */
-48, /* "emailAddress" */
-632, /* "encrypted track 2" */
-885, /* "enhancedSearchGuide" */
-56, /* "extendedCertificateAttributes" */
-867, /* "facsimileTelephoneNumber" */
-462, /* "favouriteDrink" */
-453, /* "friendlyCountry" */
-490, /* "friendlyCountryName" */
-156, /* "friendlyName" */
-631, /* "generate cryptogram" */
-509, /* "generationQualifier" */
-601, /* "generic cryptogram" */
-99, /* "givenName" */
-814, /* "gost89-cnt" */
-855, /* "hmac" */
-780, /* "hmac-md5" */
-781, /* "hmac-sha1" */
-797, /* "hmacWithMD5" */
-163, /* "hmacWithSHA1" */
-798, /* "hmacWithSHA224" */
-799, /* "hmacWithSHA256" */
-800, /* "hmacWithSHA384" */
-801, /* "hmacWithSHA512" */
-486, /* "homePostalAddress" */
-473, /* "homeTelephoneNumber" */
-466, /* "host" */
-889, /* "houseIdentifier" */
-442, /* "iA5StringSyntax" */
-381, /* "iana" */
-824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820, /* "id-Gost28147-89-None-KeyMeshing" */
-823, /* "id-Gost28147-89-TestParamSet" */
-840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-839, /* "id-GostR3410-2001-TestParamSet" */
-832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831, /* "id-GostR3410-94-TestParamSet" */
-845, /* "id-GostR3410-94-a" */
-846, /* "id-GostR3410-94-aBis" */
-847, /* "id-GostR3410-94-b" */
-848, /* "id-GostR3410-94-bBis" */
-822, /* "id-GostR3411-94-CryptoProParamSet" */
-821, /* "id-GostR3411-94-TestParamSet" */
-266, /* "id-aca" */
-355, /* "id-aca-accessIdentity" */
-354, /* "id-aca-authenticationInfo" */
-356, /* "id-aca-chargingIdentity" */
-399, /* "id-aca-encAttrs" */
-357, /* "id-aca-group" */
-358, /* "id-aca-role" */
-176, /* "id-ad" */
-788, /* "id-aes128-wrap" */
-897, /* "id-aes128-wrap-pad" */
-789, /* "id-aes192-wrap" */
-900, /* "id-aes192-wrap-pad" */
-790, /* "id-aes256-wrap" */
-903, /* "id-aes256-wrap-pad" */
-262, /* "id-alg" */
-893, /* "id-alg-PWRI-KEK" */
-323, /* "id-alg-des40" */
-326, /* "id-alg-dh-pop" */
-325, /* "id-alg-dh-sig-hmac-sha1" */
-324, /* "id-alg-noSignature" */
-907, /* "id-camellia128-wrap" */
-908, /* "id-camellia192-wrap" */
-909, /* "id-camellia256-wrap" */
-268, /* "id-cct" */
-361, /* "id-cct-PKIData" */
-362, /* "id-cct-PKIResponse" */
-360, /* "id-cct-crs" */
-81, /* "id-ce" */
-680, /* "id-characteristic-two-basis" */
-263, /* "id-cmc" */
-334, /* "id-cmc-addExtensions" */
-346, /* "id-cmc-confirmCertAcceptance" */
-330, /* "id-cmc-dataReturn" */
-336, /* "id-cmc-decryptedPOP" */
-335, /* "id-cmc-encryptedPOP" */
-339, /* "id-cmc-getCRL" */
-338, /* "id-cmc-getCert" */
-328, /* "id-cmc-identification" */
-329, /* "id-cmc-identityProof" */
-337, /* "id-cmc-lraPOPWitness" */
-344, /* "id-cmc-popLinkRandom" */
-345, /* "id-cmc-popLinkWitness" */
-343, /* "id-cmc-queryPending" */
-333, /* "id-cmc-recipientNonce" */
-341, /* "id-cmc-regInfo" */
-342, /* "id-cmc-responseInfo" */
-340, /* "id-cmc-revokeRequest" */
-332, /* "id-cmc-senderNonce" */
-327, /* "id-cmc-statusInfo" */
-331, /* "id-cmc-transactionId" */
-787, /* "id-ct-asciiTextWithCRLF" */
-408, /* "id-ecPublicKey" */
-508, /* "id-hex-multipart-message" */
-507, /* "id-hex-partial-message" */
-260, /* "id-it" */
-302, /* "id-it-caKeyUpdateInfo" */
-298, /* "id-it-caProtEncCert" */
-311, /* "id-it-confirmWaitTime" */
-303, /* "id-it-currentCRL" */
-300, /* "id-it-encKeyPairTypes" */
-310, /* "id-it-implicitConfirm" */
-308, /* "id-it-keyPairParamRep" */
-307, /* "id-it-keyPairParamReq" */
-312, /* "id-it-origPKIMessage" */
-301, /* "id-it-preferredSymmAlg" */
-309, /* "id-it-revPassphrase" */
-299, /* "id-it-signKeyPairTypes" */
-305, /* "id-it-subscriptionRequest" */
-306, /* "id-it-subscriptionResponse" */
-784, /* "id-it-suppLangTags" */
-304, /* "id-it-unsupportedOIDs" */
-128, /* "id-kp" */
-280, /* "id-mod-attribute-cert" */
-274, /* "id-mod-cmc" */
-277, /* "id-mod-cmp" */
-284, /* "id-mod-cmp2000" */
-273, /* "id-mod-crmf" */
-283, /* "id-mod-dvcs" */
-275, /* "id-mod-kea-profile-88" */
-276, /* "id-mod-kea-profile-93" */
-282, /* "id-mod-ocsp" */
-278, /* "id-mod-qualified-cert-88" */
-279, /* "id-mod-qualified-cert-93" */
-281, /* "id-mod-timestamp-protocol" */
-264, /* "id-on" */
-347, /* "id-on-personalData" */
-265, /* "id-pda" */
-352, /* "id-pda-countryOfCitizenship" */
-353, /* "id-pda-countryOfResidence" */
-348, /* "id-pda-dateOfBirth" */
-351, /* "id-pda-gender" */
-349, /* "id-pda-placeOfBirth" */
-175, /* "id-pe" */
-261, /* "id-pkip" */
-258, /* "id-pkix-mod" */
-269, /* "id-pkix1-explicit-88" */
-271, /* "id-pkix1-explicit-93" */
-270, /* "id-pkix1-implicit-88" */
-272, /* "id-pkix1-implicit-93" */
-662, /* "id-ppl" */
-267, /* "id-qcs" */
-359, /* "id-qcs-pkixQCSyntax-v1" */
-259, /* "id-qt" */
-313, /* "id-regCtrl" */
-316, /* "id-regCtrl-authenticator" */
-319, /* "id-regCtrl-oldCertID" */
-318, /* "id-regCtrl-pkiArchiveOptions" */
-317, /* "id-regCtrl-pkiPublicationInfo" */
-320, /* "id-regCtrl-protocolEncrKey" */
-315, /* "id-regCtrl-regToken" */
-314, /* "id-regInfo" */
-322, /* "id-regInfo-certReq" */
-321, /* "id-regInfo-utf8Pairs" */
-191, /* "id-smime-aa" */
-215, /* "id-smime-aa-contentHint" */
-218, /* "id-smime-aa-contentIdentifier" */
-221, /* "id-smime-aa-contentReference" */
-240, /* "id-smime-aa-dvcs-dvc" */
-217, /* "id-smime-aa-encapContentType" */
-222, /* "id-smime-aa-encrypKeyPref" */
-220, /* "id-smime-aa-equivalentLabels" */
-232, /* "id-smime-aa-ets-CertificateRefs" */
-233, /* "id-smime-aa-ets-RevocationRefs" */
-238, /* "id-smime-aa-ets-archiveTimeStamp" */
-237, /* "id-smime-aa-ets-certCRLTimestamp" */
-234, /* "id-smime-aa-ets-certValues" */
-227, /* "id-smime-aa-ets-commitmentType" */
-231, /* "id-smime-aa-ets-contentTimestamp" */
-236, /* "id-smime-aa-ets-escTimeStamp" */
-230, /* "id-smime-aa-ets-otherSigCert" */
-235, /* "id-smime-aa-ets-revocationValues" */
-226, /* "id-smime-aa-ets-sigPolicyId" */
-229, /* "id-smime-aa-ets-signerAttr" */
-228, /* "id-smime-aa-ets-signerLocation" */
-219, /* "id-smime-aa-macValue" */
-214, /* "id-smime-aa-mlExpandHistory" */
-216, /* "id-smime-aa-msgSigDigest" */
-212, /* "id-smime-aa-receiptRequest" */
-213, /* "id-smime-aa-securityLabel" */
-239, /* "id-smime-aa-signatureType" */
-223, /* "id-smime-aa-signingCertificate" */
-224, /* "id-smime-aa-smimeEncryptCerts" */
-225, /* "id-smime-aa-timeStampToken" */
-192, /* "id-smime-alg" */
-243, /* "id-smime-alg-3DESwrap" */
-246, /* "id-smime-alg-CMS3DESwrap" */
-247, /* "id-smime-alg-CMSRC2wrap" */
-245, /* "id-smime-alg-ESDH" */
-241, /* "id-smime-alg-ESDHwith3DES" */
-242, /* "id-smime-alg-ESDHwithRC2" */
-244, /* "id-smime-alg-RC2wrap" */
-193, /* "id-smime-cd" */
-248, /* "id-smime-cd-ldap" */
-190, /* "id-smime-ct" */
-210, /* "id-smime-ct-DVCSRequestData" */
-211, /* "id-smime-ct-DVCSResponseData" */
-208, /* "id-smime-ct-TDTInfo" */
-207, /* "id-smime-ct-TSTInfo" */
-205, /* "id-smime-ct-authData" */
-786, /* "id-smime-ct-compressedData" */
-209, /* "id-smime-ct-contentInfo" */
-206, /* "id-smime-ct-publishCert" */
-204, /* "id-smime-ct-receipt" */
-195, /* "id-smime-cti" */
-255, /* "id-smime-cti-ets-proofOfApproval" */
-256, /* "id-smime-cti-ets-proofOfCreation" */
-253, /* "id-smime-cti-ets-proofOfDelivery" */
-251, /* "id-smime-cti-ets-proofOfOrigin" */
-252, /* "id-smime-cti-ets-proofOfReceipt" */
-254, /* "id-smime-cti-ets-proofOfSender" */
-189, /* "id-smime-mod" */
-196, /* "id-smime-mod-cms" */
-197, /* "id-smime-mod-ess" */
-202, /* "id-smime-mod-ets-eSigPolicy-88" */
-203, /* "id-smime-mod-ets-eSigPolicy-97" */
-200, /* "id-smime-mod-ets-eSignature-88" */
-201, /* "id-smime-mod-ets-eSignature-97" */
-199, /* "id-smime-mod-msg-v3" */
-198, /* "id-smime-mod-oid" */
-194, /* "id-smime-spq" */
-250, /* "id-smime-spq-ets-sqt-unotice" */
-249, /* "id-smime-spq-ets-sqt-uri" */
-34, /* "idea-cbc" */
-35, /* "idea-cfb" */
-36, /* "idea-ecb" */
-46, /* "idea-ofb" */
-676, /* "identified-organization" */
-461, /* "info" */
-101, /* "initials" */
-869, /* "internationaliSDNNumber" */
-749, /* "ipsec3" */
-750, /* "ipsec4" */
-181, /* "iso" */
-623, /* "issuer capabilities" */
-645, /* "itu-t" */
-492, /* "janetMailbox" */
-646, /* "joint-iso-itu-t" */
-150, /* "keyBag" */
-773, /* "kisa" */
-477, /* "lastModifiedBy" */
-476, /* "lastModifiedTime" */
-157, /* "localKeyID" */
-15, /* "localityName" */
-480, /* "mXRecord" */
-493, /* "mailPreferenceOption" */
-467, /* "manager" */
- 3, /* "md2" */
- 7, /* "md2WithRSAEncryption" */
-257, /* "md4" */
-396, /* "md4WithRSAEncryption" */
- 4, /* "md5" */
-114, /* "md5-sha1" */
-104, /* "md5WithRSA" */
- 8, /* "md5WithRSAEncryption" */
-95, /* "mdc2" */
-96, /* "mdc2WithRSA" */
-875, /* "member" */
-602, /* "merchant initiated auth" */
-514, /* "message extensions" */
-51, /* "messageDigest" */
-911, /* "mgf1" */
-506, /* "mime-mhs-bodies" */
-505, /* "mime-mhs-headings" */
-488, /* "mobileTelephoneNumber" */
-481, /* "nSRecord" */
-173, /* "name" */
-681, /* "onBasis" */
-379, /* "org" */
-17, /* "organizationName" */
-491, /* "organizationalStatus" */
-18, /* "organizationalUnitName" */
-475, /* "otherMailbox" */
-876, /* "owner" */
-935, /* "pSpecified" */
-489, /* "pagerTelephoneNumber" */
-782, /* "password based MAC" */
-374, /* "path" */
-621, /* "payment gateway capabilities" */
- 9, /* "pbeWithMD2AndDES-CBC" */
-168, /* "pbeWithMD2AndRC2-CBC" */
-112, /* "pbeWithMD5AndCast5CBC" */
-10, /* "pbeWithMD5AndDES-CBC" */
-169, /* "pbeWithMD5AndRC2-CBC" */
-148, /* "pbeWithSHA1And128BitRC2-CBC" */
-144, /* "pbeWithSHA1And128BitRC4" */
-147, /* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-146, /* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-149, /* "pbeWithSHA1And40BitRC2-CBC" */
-145, /* "pbeWithSHA1And40BitRC4" */
-170, /* "pbeWithSHA1AndDES-CBC" */
-68, /* "pbeWithSHA1AndRC2-CBC" */
-499, /* "personalSignature" */
-487, /* "personalTitle" */
-464, /* "photo" */
-863, /* "physicalDeliveryOfficeName" */
-437, /* "pilot" */
-439, /* "pilotAttributeSyntax" */
-438, /* "pilotAttributeType" */
-479, /* "pilotAttributeType27" */
-456, /* "pilotDSA" */
-441, /* "pilotGroups" */
-444, /* "pilotObject" */
-440, /* "pilotObjectClass" */
-455, /* "pilotOrganization" */
-445, /* "pilotPerson" */
-186, /* "pkcs1" */
-27, /* "pkcs3" */
-187, /* "pkcs5" */
-20, /* "pkcs7" */
-21, /* "pkcs7-data" */
-25, /* "pkcs7-digestData" */
-26, /* "pkcs7-encryptedData" */
-23, /* "pkcs7-envelopedData" */
-24, /* "pkcs7-signedAndEnvelopedData" */
-22, /* "pkcs7-signedData" */
-151, /* "pkcs8ShroudedKeyBag" */
-47, /* "pkcs9" */
-862, /* "postOfficeBox" */
-861, /* "postalAddress" */
-661, /* "postalCode" */
-683, /* "ppBasis" */
-872, /* "preferredDeliveryMethod" */
-873, /* "presentationAddress" */
-406, /* "prime-field" */
-409, /* "prime192v1" */
-410, /* "prime192v2" */
-411, /* "prime192v3" */
-412, /* "prime239v1" */
-413, /* "prime239v2" */
-414, /* "prime239v3" */
-415, /* "prime256v1" */
-886, /* "protocolInformation" */
-510, /* "pseudonym" */
-435, /* "pss" */
-286, /* "qcStatements" */
-457, /* "qualityLabelledData" */
-450, /* "rFC822localPart" */
-98, /* "rc2-40-cbc" */
-166, /* "rc2-64-cbc" */
-37, /* "rc2-cbc" */
-39, /* "rc2-cfb" */
-38, /* "rc2-ecb" */
-40, /* "rc2-ofb" */
- 5, /* "rc4" */
-97, /* "rc4-40" */
-915, /* "rc4-hmac-md5" */
-120, /* "rc5-cbc" */
-122, /* "rc5-cfb" */
-121, /* "rc5-ecb" */
-123, /* "rc5-ofb" */
-870, /* "registeredAddress" */
-460, /* "rfc822Mailbox" */
-117, /* "ripemd160" */
-119, /* "ripemd160WithRSA" */
-400, /* "role" */
-877, /* "roleOccupant" */
-448, /* "room" */
-463, /* "roomNumber" */
-19, /* "rsa" */
- 6, /* "rsaEncryption" */
-644, /* "rsaOAEPEncryptionSET" */
-377, /* "rsaSignature" */
-919, /* "rsaesOaep" */
-912, /* "rsassaPss" */
-482, /* "sOARecord" */
-155, /* "safeContentsBag" */
-291, /* "sbgp-autonomousSysNum" */
-290, /* "sbgp-ipAddrBlock" */
-292, /* "sbgp-routerIdentifier" */
-159, /* "sdsiCertificate" */
-859, /* "searchGuide" */
-704, /* "secp112r1" */
-705, /* "secp112r2" */
-706, /* "secp128r1" */
-707, /* "secp128r2" */
-708, /* "secp160k1" */
-709, /* "secp160r1" */
-710, /* "secp160r2" */
-711, /* "secp192k1" */
-712, /* "secp224k1" */
-713, /* "secp224r1" */
-714, /* "secp256k1" */
-715, /* "secp384r1" */
-716, /* "secp521r1" */
-154, /* "secretBag" */
-474, /* "secretary" */
-717, /* "sect113r1" */
-718, /* "sect113r2" */
-719, /* "sect131r1" */
-720, /* "sect131r2" */
-721, /* "sect163k1" */
-722, /* "sect163r1" */
-723, /* "sect163r2" */
-724, /* "sect193r1" */
-725, /* "sect193r2" */
-726, /* "sect233k1" */
-727, /* "sect233r1" */
-728, /* "sect239k1" */
-729, /* "sect283k1" */
-730, /* "sect283r1" */
-731, /* "sect409k1" */
-732, /* "sect409r1" */
-733, /* "sect571k1" */
-734, /* "sect571r1" */
-635, /* "secure device signature" */
-878, /* "seeAlso" */
-777, /* "seed-cbc" */
-779, /* "seed-cfb" */
-776, /* "seed-ecb" */
-778, /* "seed-ofb" */
-105, /* "serialNumber" */
-625, /* "set-addPolicy" */
-515, /* "set-attr" */
-518, /* "set-brand" */
-638, /* "set-brand-AmericanExpress" */
-637, /* "set-brand-Diners" */
-636, /* "set-brand-IATA-ATA" */
-639, /* "set-brand-JCB" */
-641, /* "set-brand-MasterCard" */
-642, /* "set-brand-Novus" */
-640, /* "set-brand-Visa" */
-516, /* "set-policy" */
-607, /* "set-policy-root" */
-624, /* "set-rootKeyThumb" */
-620, /* "setAttr-Cert" */
-628, /* "setAttr-IssCap-CVM" */
-630, /* "setAttr-IssCap-Sig" */
-629, /* "setAttr-IssCap-T2" */
-627, /* "setAttr-Token-B0Prime" */
-626, /* "setAttr-Token-EMV" */
-622, /* "setAttr-TokenType" */
-619, /* "setCext-IssuerCapabilities" */
-615, /* "setCext-PGWYcapabilities" */
-616, /* "setCext-TokenIdentifier" */
-618, /* "setCext-TokenType" */
-617, /* "setCext-Track2Data" */
-611, /* "setCext-cCertRequired" */
-609, /* "setCext-certType" */
-608, /* "setCext-hashedRoot" */
-610, /* "setCext-merchData" */
-613, /* "setCext-setExt" */
-614, /* "setCext-setQualf" */
-612, /* "setCext-tunneling" */
-540, /* "setct-AcqCardCodeMsg" */
-576, /* "setct-AcqCardCodeMsgTBE" */
-570, /* "setct-AuthReqTBE" */
-534, /* "setct-AuthReqTBS" */
-527, /* "setct-AuthResBaggage" */
-571, /* "setct-AuthResTBE" */
-572, /* "setct-AuthResTBEX" */
-535, /* "setct-AuthResTBS" */
-536, /* "setct-AuthResTBSX" */
-528, /* "setct-AuthRevReqBaggage" */
-577, /* "setct-AuthRevReqTBE" */
-541, /* "setct-AuthRevReqTBS" */
-529, /* "setct-AuthRevResBaggage" */
-542, /* "setct-AuthRevResData" */
-578, /* "setct-AuthRevResTBE" */
-579, /* "setct-AuthRevResTBEB" */
-543, /* "setct-AuthRevResTBS" */
-573, /* "setct-AuthTokenTBE" */
-537, /* "setct-AuthTokenTBS" */
-600, /* "setct-BCIDistributionTBS" */
-558, /* "setct-BatchAdminReqData" */
-592, /* "setct-BatchAdminReqTBE" */
-559, /* "setct-BatchAdminResData" */
-593, /* "setct-BatchAdminResTBE" */
-599, /* "setct-CRLNotificationResTBS" */
-598, /* "setct-CRLNotificationTBS" */
-580, /* "setct-CapReqTBE" */
-581, /* "setct-CapReqTBEX" */
-544, /* "setct-CapReqTBS" */
-545, /* "setct-CapReqTBSX" */
-546, /* "setct-CapResData" */
-582, /* "setct-CapResTBE" */
-583, /* "setct-CapRevReqTBE" */
-584, /* "setct-CapRevReqTBEX" */
-547, /* "setct-CapRevReqTBS" */
-548, /* "setct-CapRevReqTBSX" */
-549, /* "setct-CapRevResData" */
-585, /* "setct-CapRevResTBE" */
-538, /* "setct-CapTokenData" */
-530, /* "setct-CapTokenSeq" */
-574, /* "setct-CapTokenTBE" */
-575, /* "setct-CapTokenTBEX" */
-539, /* "setct-CapTokenTBS" */
-560, /* "setct-CardCInitResTBS" */
-566, /* "setct-CertInqReqTBS" */
-563, /* "setct-CertReqData" */
-595, /* "setct-CertReqTBE" */
-596, /* "setct-CertReqTBEX" */
-564, /* "setct-CertReqTBS" */
-565, /* "setct-CertResData" */
-597, /* "setct-CertResTBE" */
-586, /* "setct-CredReqTBE" */
-587, /* "setct-CredReqTBEX" */
-550, /* "setct-CredReqTBS" */
-551, /* "setct-CredReqTBSX" */
-552, /* "setct-CredResData" */
-588, /* "setct-CredResTBE" */
-589, /* "setct-CredRevReqTBE" */
-590, /* "setct-CredRevReqTBEX" */
-553, /* "setct-CredRevReqTBS" */
-554, /* "setct-CredRevReqTBSX" */
-555, /* "setct-CredRevResData" */
-591, /* "setct-CredRevResTBE" */
-567, /* "setct-ErrorTBS" */
-526, /* "setct-HODInput" */
-561, /* "setct-MeAqCInitResTBS" */
-522, /* "setct-OIData" */
-519, /* "setct-PANData" */
-521, /* "setct-PANOnly" */
-520, /* "setct-PANToken" */
-556, /* "setct-PCertReqData" */
-557, /* "setct-PCertResTBS" */
-523, /* "setct-PI" */
-532, /* "setct-PI-TBS" */
-524, /* "setct-PIData" */
-525, /* "setct-PIDataUnsigned" */
-568, /* "setct-PIDualSignedTBE" */
-569, /* "setct-PIUnsignedTBE" */
-531, /* "setct-PInitResData" */
-533, /* "setct-PResData" */
-594, /* "setct-RegFormReqTBE" */
-562, /* "setct-RegFormResTBS" */
-604, /* "setext-pinAny" */
-603, /* "setext-pinSecure" */
-605, /* "setext-track2" */
-41, /* "sha" */
-64, /* "sha1" */
-115, /* "sha1WithRSA" */
-65, /* "sha1WithRSAEncryption" */
-675, /* "sha224" */
-671, /* "sha224WithRSAEncryption" */
-672, /* "sha256" */
-668, /* "sha256WithRSAEncryption" */
-673, /* "sha384" */
-669, /* "sha384WithRSAEncryption" */
-674, /* "sha512" */
-670, /* "sha512WithRSAEncryption" */
-42, /* "shaWithRSAEncryption" */
-52, /* "signingTime" */
-454, /* "simpleSecurityObject" */
-496, /* "singleLevelQuality" */
-16, /* "stateOrProvinceName" */
-660, /* "streetAddress" */
-498, /* "subtreeMaximumQuality" */
-497, /* "subtreeMinimumQuality" */
-890, /* "supportedAlgorithms" */
-874, /* "supportedApplicationContext" */
-100, /* "surname" */
-864, /* "telephoneNumber" */
-866, /* "teletexTerminalIdentifier" */
-865, /* "telexNumber" */
-459, /* "textEncodedORAddress" */
-293, /* "textNotice" */
-106, /* "title" */
-682, /* "tpBasis" */
-436, /* "ucl" */
- 0, /* "undefined" */
-888, /* "uniqueMember" */
-55, /* "unstructuredAddress" */
-49, /* "unstructuredName" */
-880, /* "userCertificate" */
-465, /* "userClass" */
-458, /* "userId" */
-879, /* "userPassword" */
-373, /* "valid" */
-678, /* "wap" */
-679, /* "wap-wsg" */
-735, /* "wap-wsg-idm-ecid-wtls1" */
-743, /* "wap-wsg-idm-ecid-wtls10" */
-744, /* "wap-wsg-idm-ecid-wtls11" */
-745, /* "wap-wsg-idm-ecid-wtls12" */
-736, /* "wap-wsg-idm-ecid-wtls3" */
-737, /* "wap-wsg-idm-ecid-wtls4" */
-738, /* "wap-wsg-idm-ecid-wtls5" */
-739, /* "wap-wsg-idm-ecid-wtls6" */
-740, /* "wap-wsg-idm-ecid-wtls7" */
-741, /* "wap-wsg-idm-ecid-wtls8" */
-742, /* "wap-wsg-idm-ecid-wtls9" */
-804, /* "whirlpool" */
-868, /* "x121Address" */
-503, /* "x500UniqueIdentifier" */
-158, /* "x509Certificate" */
-160, /* "x509Crl" */
-125, /* "zlib compression" */
+static const unsigned kNIDsInLongNameOrder[] = {
+ 363 /* AD Time Stamping */,
+ 405 /* ANSI X9.62 */,
+ 368 /* Acceptable OCSP Responses */,
+ 910 /* Any Extended Key Usage */,
+ 664 /* Any language */,
+ 177 /* Authority Information Access */,
+ 365 /* Basic OCSP Response */,
+ 285 /* Biometric Info */,
+ 179 /* CA Issuers */,
+ 785 /* CA Repository */,
+ 131 /* Code Signing */,
+ 783 /* Diffie-Hellman based MAC */,
+ 382 /* Directory */,
+ 392 /* Domain */,
+ 132 /* E-mail Protection */,
+ 389 /* Enterprises */,
+ 384 /* Experimental */,
+ 372 /* Extended OCSP Status */,
+ 172 /* Extension Request */,
+ 813 /* GOST 28147-89 */,
+ 849 /* GOST 28147-89 Cryptocom ParamSet */,
+ 815 /* GOST 28147-89 MAC */,
+ 851 /* GOST 34.10-2001 Cryptocom */,
+ 850 /* GOST 34.10-94 Cryptocom */,
+ 811 /* GOST R 34.10-2001 */,
+ 817 /* GOST R 34.10-2001 DH */,
+ 812 /* GOST R 34.10-94 */,
+ 818 /* GOST R 34.10-94 DH */,
+ 809 /* GOST R 34.11-94 */,
+ 816 /* GOST R 34.11-94 PRF */,
+ 807 /* GOST R 34.11-94 with GOST R 34.10-2001 */,
+ 853 /* GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom */,
+ 808 /* GOST R 34.11-94 with GOST R 34.10-94 */,
+ 852 /* GOST R 34.11-94 with GOST R 34.10-94 Cryptocom */,
+ 854 /* GOST R 3410-2001 Parameter Set Cryptocom */,
+ 810 /* HMAC GOST 34.11-94 */,
+ 432 /* Hold Instruction Call Issuer */,
+ 430 /* Hold Instruction Code */,
+ 431 /* Hold Instruction None */,
+ 433 /* Hold Instruction Reject */,
+ 634 /* ICC or token signature */,
+ 294 /* IPSec End System */,
+ 295 /* IPSec Tunnel */,
+ 296 /* IPSec User */,
+ 182 /* ISO Member Body */,
+ 183 /* ISO US Member Body */,
+ 667 /* Independent */,
+ 665 /* Inherit all */,
+ 647 /* International Organizations */,
+ 142 /* Invalidity Date */,
+ 504 /* MIME MHS */,
+ 388 /* Mail */,
+ 383 /* Management */,
+ 417 /* Microsoft CSP Name */,
+ 135 /* Microsoft Commercial Code Signing */,
+ 138 /* Microsoft Encrypted File System */,
+ 171 /* Microsoft Extension Request */,
+ 134 /* Microsoft Individual Code Signing */,
+ 856 /* Microsoft Local Key set */,
+ 137 /* Microsoft Server Gated Crypto */,
+ 648 /* Microsoft Smartcardlogin */,
+ 136 /* Microsoft Trust List Signing */,
+ 649 /* Microsoft Universal Principal Name */,
+ 72 /* Netscape Base Url */,
+ 76 /* Netscape CA Policy Url */,
+ 74 /* Netscape CA Revocation Url */,
+ 71 /* Netscape Cert Type */,
+ 58 /* Netscape Certificate Extension */,
+ 79 /* Netscape Certificate Sequence */,
+ 78 /* Netscape Comment */,
+ 57 /* Netscape Communications Corp. */,
+ 59 /* Netscape Data Type */,
+ 75 /* Netscape Renewal Url */,
+ 73 /* Netscape Revocation Url */,
+ 77 /* Netscape SSL Server Name */,
+ 139 /* Netscape Server Gated Crypto */,
+ 178 /* OCSP */,
+ 370 /* OCSP Archive Cutoff */,
+ 367 /* OCSP CRL ID */,
+ 369 /* OCSP No Check */,
+ 366 /* OCSP Nonce */,
+ 371 /* OCSP Service Locator */,
+ 180 /* OCSP Signing */,
+ 161 /* PBES2 */,
+ 69 /* PBKDF2 */,
+ 162 /* PBMAC1 */,
+ 127 /* PKIX */,
+ 858 /* Permanent Identifier */,
+ 164 /* Policy Qualifier CPS */,
+ 165 /* Policy Qualifier User Notice */,
+ 385 /* Private */,
+ 663 /* Proxy Certificate Information */,
+ 1 /* RSA Data Security, Inc. */,
+ 2 /* RSA Data Security, Inc. PKCS */,
+ 188 /* S/MIME */,
+ 167 /* S/MIME Capabilities */,
+ 387 /* SNMPv2 */,
+ 512 /* Secure Electronic Transactions */,
+ 386 /* Security */,
+ 394 /* Selected Attribute Types */,
+ 143 /* Strong Extranet ID */,
+ 398 /* Subject Information Access */,
+ 130 /* TLS Web Client Authentication */,
+ 129 /* TLS Web Server Authentication */,
+ 133 /* Time Stamping */,
+ 375 /* Trust Root */,
+ 948 /* X25519 */,
+ 12 /* X509 */,
+ 402 /* X509v3 AC Targeting */,
+ 746 /* X509v3 Any Policy */,
+ 90 /* X509v3 Authority Key Identifier */,
+ 87 /* X509v3 Basic Constraints */,
+ 103 /* X509v3 CRL Distribution Points */,
+ 88 /* X509v3 CRL Number */,
+ 141 /* X509v3 CRL Reason Code */,
+ 771 /* X509v3 Certificate Issuer */,
+ 89 /* X509v3 Certificate Policies */,
+ 140 /* X509v3 Delta CRL Indicator */,
+ 126 /* X509v3 Extended Key Usage */,
+ 857 /* X509v3 Freshest CRL */,
+ 748 /* X509v3 Inhibit Any Policy */,
+ 86 /* X509v3 Issuer Alternative Name */,
+ 770 /* X509v3 Issuing Distribution Point */,
+ 83 /* X509v3 Key Usage */,
+ 666 /* X509v3 Name Constraints */,
+ 403 /* X509v3 No Revocation Available */,
+ 401 /* X509v3 Policy Constraints */,
+ 747 /* X509v3 Policy Mappings */,
+ 84 /* X509v3 Private Key Usage Period */,
+ 85 /* X509v3 Subject Alternative Name */,
+ 769 /* X509v3 Subject Directory Attributes */,
+ 82 /* X509v3 Subject Key Identifier */,
+ 920 /* X9.42 DH */,
+ 184 /* X9.57 */,
+ 185 /* X9.57 CM ? */,
+ 478 /* aRecord */,
+ 289 /* aaControls */,
+ 287 /* ac-auditEntity */,
+ 397 /* ac-proxying */,
+ 288 /* ac-targeting */,
+ 446 /* account */,
+ 364 /* ad dvcs */,
+ 606 /* additional verification */,
+ 419 /* aes-128-cbc */,
+ 916 /* aes-128-cbc-hmac-sha1 */,
+ 896 /* aes-128-ccm */,
+ 421 /* aes-128-cfb */,
+ 650 /* aes-128-cfb1 */,
+ 653 /* aes-128-cfb8 */,
+ 904 /* aes-128-ctr */,
+ 418 /* aes-128-ecb */,
+ 895 /* aes-128-gcm */,
+ 420 /* aes-128-ofb */,
+ 913 /* aes-128-xts */,
+ 423 /* aes-192-cbc */,
+ 917 /* aes-192-cbc-hmac-sha1 */,
+ 899 /* aes-192-ccm */,
+ 425 /* aes-192-cfb */,
+ 651 /* aes-192-cfb1 */,
+ 654 /* aes-192-cfb8 */,
+ 905 /* aes-192-ctr */,
+ 422 /* aes-192-ecb */,
+ 898 /* aes-192-gcm */,
+ 424 /* aes-192-ofb */,
+ 427 /* aes-256-cbc */,
+ 918 /* aes-256-cbc-hmac-sha1 */,
+ 902 /* aes-256-ccm */,
+ 429 /* aes-256-cfb */,
+ 652 /* aes-256-cfb1 */,
+ 655 /* aes-256-cfb8 */,
+ 906 /* aes-256-ctr */,
+ 426 /* aes-256-ecb */,
+ 901 /* aes-256-gcm */,
+ 428 /* aes-256-ofb */,
+ 914 /* aes-256-xts */,
+ 376 /* algorithm */,
+ 484 /* associatedDomain */,
+ 485 /* associatedName */,
+ 501 /* audio */,
+ 882 /* authorityRevocationList */,
+ 91 /* bf-cbc */,
+ 93 /* bf-cfb */,
+ 92 /* bf-ecb */,
+ 94 /* bf-ofb */,
+ 921 /* brainpoolP160r1 */,
+ 922 /* brainpoolP160t1 */,
+ 923 /* brainpoolP192r1 */,
+ 924 /* brainpoolP192t1 */,
+ 925 /* brainpoolP224r1 */,
+ 926 /* brainpoolP224t1 */,
+ 927 /* brainpoolP256r1 */,
+ 928 /* brainpoolP256t1 */,
+ 929 /* brainpoolP320r1 */,
+ 930 /* brainpoolP320t1 */,
+ 931 /* brainpoolP384r1 */,
+ 932 /* brainpoolP384t1 */,
+ 933 /* brainpoolP512r1 */,
+ 934 /* brainpoolP512t1 */,
+ 494 /* buildingName */,
+ 860 /* businessCategory */,
+ 691 /* c2onb191v4 */,
+ 692 /* c2onb191v5 */,
+ 697 /* c2onb239v4 */,
+ 698 /* c2onb239v5 */,
+ 684 /* c2pnb163v1 */,
+ 685 /* c2pnb163v2 */,
+ 686 /* c2pnb163v3 */,
+ 687 /* c2pnb176v1 */,
+ 693 /* c2pnb208w1 */,
+ 699 /* c2pnb272w1 */,
+ 700 /* c2pnb304w1 */,
+ 702 /* c2pnb368w1 */,
+ 688 /* c2tnb191v1 */,
+ 689 /* c2tnb191v2 */,
+ 690 /* c2tnb191v3 */,
+ 694 /* c2tnb239v1 */,
+ 695 /* c2tnb239v2 */,
+ 696 /* c2tnb239v3 */,
+ 701 /* c2tnb359v1 */,
+ 703 /* c2tnb431r1 */,
+ 881 /* cACertificate */,
+ 483 /* cNAMERecord */,
+ 751 /* camellia-128-cbc */,
+ 757 /* camellia-128-cfb */,
+ 760 /* camellia-128-cfb1 */,
+ 763 /* camellia-128-cfb8 */,
+ 754 /* camellia-128-ecb */,
+ 766 /* camellia-128-ofb */,
+ 752 /* camellia-192-cbc */,
+ 758 /* camellia-192-cfb */,
+ 761 /* camellia-192-cfb1 */,
+ 764 /* camellia-192-cfb8 */,
+ 755 /* camellia-192-ecb */,
+ 767 /* camellia-192-ofb */,
+ 753 /* camellia-256-cbc */,
+ 759 /* camellia-256-cfb */,
+ 762 /* camellia-256-cfb1 */,
+ 765 /* camellia-256-cfb8 */,
+ 756 /* camellia-256-ecb */,
+ 768 /* camellia-256-ofb */,
+ 443 /* caseIgnoreIA5StringSyntax */,
+ 108 /* cast5-cbc */,
+ 110 /* cast5-cfb */,
+ 109 /* cast5-ecb */,
+ 111 /* cast5-ofb */,
+ 152 /* certBag */,
+ 677 /* certicom-arc */,
+ 517 /* certificate extensions */,
+ 883 /* certificateRevocationList */,
+ 54 /* challengePassword */,
+ 407 /* characteristic-two-field */,
+ 395 /* clearance */,
+ 633 /* cleartext track 2 */,
+ 894 /* cmac */,
+ 13 /* commonName */,
+ 513 /* content types */,
+ 50 /* contentType */,
+ 53 /* countersignature */,
+ 14 /* countryName */,
+ 153 /* crlBag */,
+ 884 /* crossCertificatePair */,
+ 806 /* cryptocom */,
+ 805 /* cryptopro */,
+ 500 /* dITRedirect */,
+ 451 /* dNSDomain */,
+ 495 /* dSAQuality */,
+ 434 /* data */,
+ 390 /* dcObject */,
+ 891 /* deltaRevocationList */,
+ 31 /* des-cbc */,
+ 643 /* des-cdmf */,
+ 30 /* des-cfb */,
+ 656 /* des-cfb1 */,
+ 657 /* des-cfb8 */,
+ 29 /* des-ecb */,
+ 32 /* des-ede */,
+ 43 /* des-ede-cbc */,
+ 60 /* des-ede-cfb */,
+ 62 /* des-ede-ofb */,
+ 33 /* des-ede3 */,
+ 44 /* des-ede3-cbc */,
+ 61 /* des-ede3-cfb */,
+ 658 /* des-ede3-cfb1 */,
+ 659 /* des-ede3-cfb8 */,
+ 63 /* des-ede3-ofb */,
+ 45 /* des-ofb */,
+ 107 /* description */,
+ 871 /* destinationIndicator */,
+ 80 /* desx-cbc */,
+ 947 /* dh-cofactor-kdf */,
+ 946 /* dh-std-kdf */,
+ 28 /* dhKeyAgreement */,
+ 941 /* dhSinglePass-cofactorDH-sha1kdf-scheme */,
+ 942 /* dhSinglePass-cofactorDH-sha224kdf-scheme */,
+ 943 /* dhSinglePass-cofactorDH-sha256kdf-scheme */,
+ 944 /* dhSinglePass-cofactorDH-sha384kdf-scheme */,
+ 945 /* dhSinglePass-cofactorDH-sha512kdf-scheme */,
+ 936 /* dhSinglePass-stdDH-sha1kdf-scheme */,
+ 937 /* dhSinglePass-stdDH-sha224kdf-scheme */,
+ 938 /* dhSinglePass-stdDH-sha256kdf-scheme */,
+ 939 /* dhSinglePass-stdDH-sha384kdf-scheme */,
+ 940 /* dhSinglePass-stdDH-sha512kdf-scheme */,
+ 11 /* directory services (X.500) */,
+ 378 /* directory services - algorithms */,
+ 887 /* distinguishedName */,
+ 892 /* dmdName */,
+ 174 /* dnQualifier */,
+ 447 /* document */,
+ 471 /* documentAuthor */,
+ 468 /* documentIdentifier */,
+ 472 /* documentLocation */,
+ 502 /* documentPublisher */,
+ 449 /* documentSeries */,
+ 469 /* documentTitle */,
+ 470 /* documentVersion */,
+ 380 /* dod */,
+ 391 /* domainComponent */,
+ 452 /* domainRelatedObject */,
+ 116 /* dsaEncryption */,
+ 67 /* dsaEncryption-old */,
+ 66 /* dsaWithSHA */,
+ 113 /* dsaWithSHA1 */,
+ 70 /* dsaWithSHA1-old */,
+ 802 /* dsa_with_SHA224 */,
+ 803 /* dsa_with_SHA256 */,
+ 297 /* dvcs */,
+ 791 /* ecdsa-with-Recommended */,
+ 416 /* ecdsa-with-SHA1 */,
+ 793 /* ecdsa-with-SHA224 */,
+ 794 /* ecdsa-with-SHA256 */,
+ 795 /* ecdsa-with-SHA384 */,
+ 796 /* ecdsa-with-SHA512 */,
+ 792 /* ecdsa-with-Specified */,
+ 48 /* emailAddress */,
+ 632 /* encrypted track 2 */,
+ 885 /* enhancedSearchGuide */,
+ 56 /* extendedCertificateAttributes */,
+ 867 /* facsimileTelephoneNumber */,
+ 462 /* favouriteDrink */,
+ 453 /* friendlyCountry */,
+ 490 /* friendlyCountryName */,
+ 156 /* friendlyName */,
+ 631 /* generate cryptogram */,
+ 509 /* generationQualifier */,
+ 601 /* generic cryptogram */,
+ 99 /* givenName */,
+ 814 /* gost89-cnt */,
+ 855 /* hmac */,
+ 780 /* hmac-md5 */,
+ 781 /* hmac-sha1 */,
+ 797 /* hmacWithMD5 */,
+ 163 /* hmacWithSHA1 */,
+ 798 /* hmacWithSHA224 */,
+ 799 /* hmacWithSHA256 */,
+ 800 /* hmacWithSHA384 */,
+ 801 /* hmacWithSHA512 */,
+ 486 /* homePostalAddress */,
+ 473 /* homeTelephoneNumber */,
+ 466 /* host */,
+ 889 /* houseIdentifier */,
+ 442 /* iA5StringSyntax */,
+ 381 /* iana */,
+ 824 /* id-Gost28147-89-CryptoPro-A-ParamSet */,
+ 825 /* id-Gost28147-89-CryptoPro-B-ParamSet */,
+ 826 /* id-Gost28147-89-CryptoPro-C-ParamSet */,
+ 827 /* id-Gost28147-89-CryptoPro-D-ParamSet */,
+ 819 /* id-Gost28147-89-CryptoPro-KeyMeshing */,
+ 829 /* id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet */,
+ 828 /* id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet */,
+ 830 /* id-Gost28147-89-CryptoPro-RIC-1-ParamSet */,
+ 820 /* id-Gost28147-89-None-KeyMeshing */,
+ 823 /* id-Gost28147-89-TestParamSet */,
+ 840 /* id-GostR3410-2001-CryptoPro-A-ParamSet */,
+ 841 /* id-GostR3410-2001-CryptoPro-B-ParamSet */,
+ 842 /* id-GostR3410-2001-CryptoPro-C-ParamSet */,
+ 843 /* id-GostR3410-2001-CryptoPro-XchA-ParamSet */,
+ 844 /* id-GostR3410-2001-CryptoPro-XchB-ParamSet */,
+ 839 /* id-GostR3410-2001-TestParamSet */,
+ 832 /* id-GostR3410-94-CryptoPro-A-ParamSet */,
+ 833 /* id-GostR3410-94-CryptoPro-B-ParamSet */,
+ 834 /* id-GostR3410-94-CryptoPro-C-ParamSet */,
+ 835 /* id-GostR3410-94-CryptoPro-D-ParamSet */,
+ 836 /* id-GostR3410-94-CryptoPro-XchA-ParamSet */,
+ 837 /* id-GostR3410-94-CryptoPro-XchB-ParamSet */,
+ 838 /* id-GostR3410-94-CryptoPro-XchC-ParamSet */,
+ 831 /* id-GostR3410-94-TestParamSet */,
+ 845 /* id-GostR3410-94-a */,
+ 846 /* id-GostR3410-94-aBis */,
+ 847 /* id-GostR3410-94-b */,
+ 848 /* id-GostR3410-94-bBis */,
+ 822 /* id-GostR3411-94-CryptoProParamSet */,
+ 821 /* id-GostR3411-94-TestParamSet */,
+ 266 /* id-aca */,
+ 355 /* id-aca-accessIdentity */,
+ 354 /* id-aca-authenticationInfo */,
+ 356 /* id-aca-chargingIdentity */,
+ 399 /* id-aca-encAttrs */,
+ 357 /* id-aca-group */,
+ 358 /* id-aca-role */,
+ 176 /* id-ad */,
+ 788 /* id-aes128-wrap */,
+ 897 /* id-aes128-wrap-pad */,
+ 789 /* id-aes192-wrap */,
+ 900 /* id-aes192-wrap-pad */,
+ 790 /* id-aes256-wrap */,
+ 903 /* id-aes256-wrap-pad */,
+ 262 /* id-alg */,
+ 893 /* id-alg-PWRI-KEK */,
+ 323 /* id-alg-des40 */,
+ 326 /* id-alg-dh-pop */,
+ 325 /* id-alg-dh-sig-hmac-sha1 */,
+ 324 /* id-alg-noSignature */,
+ 907 /* id-camellia128-wrap */,
+ 908 /* id-camellia192-wrap */,
+ 909 /* id-camellia256-wrap */,
+ 268 /* id-cct */,
+ 361 /* id-cct-PKIData */,
+ 362 /* id-cct-PKIResponse */,
+ 360 /* id-cct-crs */,
+ 81 /* id-ce */,
+ 680 /* id-characteristic-two-basis */,
+ 263 /* id-cmc */,
+ 334 /* id-cmc-addExtensions */,
+ 346 /* id-cmc-confirmCertAcceptance */,
+ 330 /* id-cmc-dataReturn */,
+ 336 /* id-cmc-decryptedPOP */,
+ 335 /* id-cmc-encryptedPOP */,
+ 339 /* id-cmc-getCRL */,
+ 338 /* id-cmc-getCert */,
+ 328 /* id-cmc-identification */,
+ 329 /* id-cmc-identityProof */,
+ 337 /* id-cmc-lraPOPWitness */,
+ 344 /* id-cmc-popLinkRandom */,
+ 345 /* id-cmc-popLinkWitness */,
+ 343 /* id-cmc-queryPending */,
+ 333 /* id-cmc-recipientNonce */,
+ 341 /* id-cmc-regInfo */,
+ 342 /* id-cmc-responseInfo */,
+ 340 /* id-cmc-revokeRequest */,
+ 332 /* id-cmc-senderNonce */,
+ 327 /* id-cmc-statusInfo */,
+ 331 /* id-cmc-transactionId */,
+ 787 /* id-ct-asciiTextWithCRLF */,
+ 408 /* id-ecPublicKey */,
+ 508 /* id-hex-multipart-message */,
+ 507 /* id-hex-partial-message */,
+ 260 /* id-it */,
+ 302 /* id-it-caKeyUpdateInfo */,
+ 298 /* id-it-caProtEncCert */,
+ 311 /* id-it-confirmWaitTime */,
+ 303 /* id-it-currentCRL */,
+ 300 /* id-it-encKeyPairTypes */,
+ 310 /* id-it-implicitConfirm */,
+ 308 /* id-it-keyPairParamRep */,
+ 307 /* id-it-keyPairParamReq */,
+ 312 /* id-it-origPKIMessage */,
+ 301 /* id-it-preferredSymmAlg */,
+ 309 /* id-it-revPassphrase */,
+ 299 /* id-it-signKeyPairTypes */,
+ 305 /* id-it-subscriptionRequest */,
+ 306 /* id-it-subscriptionResponse */,
+ 784 /* id-it-suppLangTags */,
+ 304 /* id-it-unsupportedOIDs */,
+ 128 /* id-kp */,
+ 280 /* id-mod-attribute-cert */,
+ 274 /* id-mod-cmc */,
+ 277 /* id-mod-cmp */,
+ 284 /* id-mod-cmp2000 */,
+ 273 /* id-mod-crmf */,
+ 283 /* id-mod-dvcs */,
+ 275 /* id-mod-kea-profile-88 */,
+ 276 /* id-mod-kea-profile-93 */,
+ 282 /* id-mod-ocsp */,
+ 278 /* id-mod-qualified-cert-88 */,
+ 279 /* id-mod-qualified-cert-93 */,
+ 281 /* id-mod-timestamp-protocol */,
+ 264 /* id-on */,
+ 347 /* id-on-personalData */,
+ 265 /* id-pda */,
+ 352 /* id-pda-countryOfCitizenship */,
+ 353 /* id-pda-countryOfResidence */,
+ 348 /* id-pda-dateOfBirth */,
+ 351 /* id-pda-gender */,
+ 349 /* id-pda-placeOfBirth */,
+ 175 /* id-pe */,
+ 261 /* id-pkip */,
+ 258 /* id-pkix-mod */,
+ 269 /* id-pkix1-explicit-88 */,
+ 271 /* id-pkix1-explicit-93 */,
+ 270 /* id-pkix1-implicit-88 */,
+ 272 /* id-pkix1-implicit-93 */,
+ 662 /* id-ppl */,
+ 267 /* id-qcs */,
+ 359 /* id-qcs-pkixQCSyntax-v1 */,
+ 259 /* id-qt */,
+ 313 /* id-regCtrl */,
+ 316 /* id-regCtrl-authenticator */,
+ 319 /* id-regCtrl-oldCertID */,
+ 318 /* id-regCtrl-pkiArchiveOptions */,
+ 317 /* id-regCtrl-pkiPublicationInfo */,
+ 320 /* id-regCtrl-protocolEncrKey */,
+ 315 /* id-regCtrl-regToken */,
+ 314 /* id-regInfo */,
+ 322 /* id-regInfo-certReq */,
+ 321 /* id-regInfo-utf8Pairs */,
+ 191 /* id-smime-aa */,
+ 215 /* id-smime-aa-contentHint */,
+ 218 /* id-smime-aa-contentIdentifier */,
+ 221 /* id-smime-aa-contentReference */,
+ 240 /* id-smime-aa-dvcs-dvc */,
+ 217 /* id-smime-aa-encapContentType */,
+ 222 /* id-smime-aa-encrypKeyPref */,
+ 220 /* id-smime-aa-equivalentLabels */,
+ 232 /* id-smime-aa-ets-CertificateRefs */,
+ 233 /* id-smime-aa-ets-RevocationRefs */,
+ 238 /* id-smime-aa-ets-archiveTimeStamp */,
+ 237 /* id-smime-aa-ets-certCRLTimestamp */,
+ 234 /* id-smime-aa-ets-certValues */,
+ 227 /* id-smime-aa-ets-commitmentType */,
+ 231 /* id-smime-aa-ets-contentTimestamp */,
+ 236 /* id-smime-aa-ets-escTimeStamp */,
+ 230 /* id-smime-aa-ets-otherSigCert */,
+ 235 /* id-smime-aa-ets-revocationValues */,
+ 226 /* id-smime-aa-ets-sigPolicyId */,
+ 229 /* id-smime-aa-ets-signerAttr */,
+ 228 /* id-smime-aa-ets-signerLocation */,
+ 219 /* id-smime-aa-macValue */,
+ 214 /* id-smime-aa-mlExpandHistory */,
+ 216 /* id-smime-aa-msgSigDigest */,
+ 212 /* id-smime-aa-receiptRequest */,
+ 213 /* id-smime-aa-securityLabel */,
+ 239 /* id-smime-aa-signatureType */,
+ 223 /* id-smime-aa-signingCertificate */,
+ 224 /* id-smime-aa-smimeEncryptCerts */,
+ 225 /* id-smime-aa-timeStampToken */,
+ 192 /* id-smime-alg */,
+ 243 /* id-smime-alg-3DESwrap */,
+ 246 /* id-smime-alg-CMS3DESwrap */,
+ 247 /* id-smime-alg-CMSRC2wrap */,
+ 245 /* id-smime-alg-ESDH */,
+ 241 /* id-smime-alg-ESDHwith3DES */,
+ 242 /* id-smime-alg-ESDHwithRC2 */,
+ 244 /* id-smime-alg-RC2wrap */,
+ 193 /* id-smime-cd */,
+ 248 /* id-smime-cd-ldap */,
+ 190 /* id-smime-ct */,
+ 210 /* id-smime-ct-DVCSRequestData */,
+ 211 /* id-smime-ct-DVCSResponseData */,
+ 208 /* id-smime-ct-TDTInfo */,
+ 207 /* id-smime-ct-TSTInfo */,
+ 205 /* id-smime-ct-authData */,
+ 786 /* id-smime-ct-compressedData */,
+ 209 /* id-smime-ct-contentInfo */,
+ 206 /* id-smime-ct-publishCert */,
+ 204 /* id-smime-ct-receipt */,
+ 195 /* id-smime-cti */,
+ 255 /* id-smime-cti-ets-proofOfApproval */,
+ 256 /* id-smime-cti-ets-proofOfCreation */,
+ 253 /* id-smime-cti-ets-proofOfDelivery */,
+ 251 /* id-smime-cti-ets-proofOfOrigin */,
+ 252 /* id-smime-cti-ets-proofOfReceipt */,
+ 254 /* id-smime-cti-ets-proofOfSender */,
+ 189 /* id-smime-mod */,
+ 196 /* id-smime-mod-cms */,
+ 197 /* id-smime-mod-ess */,
+ 202 /* id-smime-mod-ets-eSigPolicy-88 */,
+ 203 /* id-smime-mod-ets-eSigPolicy-97 */,
+ 200 /* id-smime-mod-ets-eSignature-88 */,
+ 201 /* id-smime-mod-ets-eSignature-97 */,
+ 199 /* id-smime-mod-msg-v3 */,
+ 198 /* id-smime-mod-oid */,
+ 194 /* id-smime-spq */,
+ 250 /* id-smime-spq-ets-sqt-unotice */,
+ 249 /* id-smime-spq-ets-sqt-uri */,
+ 34 /* idea-cbc */,
+ 35 /* idea-cfb */,
+ 36 /* idea-ecb */,
+ 46 /* idea-ofb */,
+ 676 /* identified-organization */,
+ 461 /* info */,
+ 101 /* initials */,
+ 869 /* internationaliSDNNumber */,
+ 749 /* ipsec3 */,
+ 750 /* ipsec4 */,
+ 181 /* iso */,
+ 623 /* issuer capabilities */,
+ 645 /* itu-t */,
+ 492 /* janetMailbox */,
+ 646 /* joint-iso-itu-t */,
+ 150 /* keyBag */,
+ 773 /* kisa */,
+ 477 /* lastModifiedBy */,
+ 476 /* lastModifiedTime */,
+ 157 /* localKeyID */,
+ 15 /* localityName */,
+ 480 /* mXRecord */,
+ 493 /* mailPreferenceOption */,
+ 467 /* manager */,
+ 3 /* md2 */,
+ 7 /* md2WithRSAEncryption */,
+ 257 /* md4 */,
+ 396 /* md4WithRSAEncryption */,
+ 4 /* md5 */,
+ 114 /* md5-sha1 */,
+ 104 /* md5WithRSA */,
+ 8 /* md5WithRSAEncryption */,
+ 95 /* mdc2 */,
+ 96 /* mdc2WithRSA */,
+ 875 /* member */,
+ 602 /* merchant initiated auth */,
+ 514 /* message extensions */,
+ 51 /* messageDigest */,
+ 911 /* mgf1 */,
+ 506 /* mime-mhs-bodies */,
+ 505 /* mime-mhs-headings */,
+ 488 /* mobileTelephoneNumber */,
+ 481 /* nSRecord */,
+ 173 /* name */,
+ 681 /* onBasis */,
+ 379 /* org */,
+ 17 /* organizationName */,
+ 491 /* organizationalStatus */,
+ 18 /* organizationalUnitName */,
+ 475 /* otherMailbox */,
+ 876 /* owner */,
+ 935 /* pSpecified */,
+ 489 /* pagerTelephoneNumber */,
+ 782 /* password based MAC */,
+ 374 /* path */,
+ 621 /* payment gateway capabilities */,
+ 9 /* pbeWithMD2AndDES-CBC */,
+ 168 /* pbeWithMD2AndRC2-CBC */,
+ 112 /* pbeWithMD5AndCast5CBC */,
+ 10 /* pbeWithMD5AndDES-CBC */,
+ 169 /* pbeWithMD5AndRC2-CBC */,
+ 148 /* pbeWithSHA1And128BitRC2-CBC */,
+ 144 /* pbeWithSHA1And128BitRC4 */,
+ 147 /* pbeWithSHA1And2-KeyTripleDES-CBC */,
+ 146 /* pbeWithSHA1And3-KeyTripleDES-CBC */,
+ 149 /* pbeWithSHA1And40BitRC2-CBC */,
+ 145 /* pbeWithSHA1And40BitRC4 */,
+ 170 /* pbeWithSHA1AndDES-CBC */,
+ 68 /* pbeWithSHA1AndRC2-CBC */,
+ 499 /* personalSignature */,
+ 487 /* personalTitle */,
+ 464 /* photo */,
+ 863 /* physicalDeliveryOfficeName */,
+ 437 /* pilot */,
+ 439 /* pilotAttributeSyntax */,
+ 438 /* pilotAttributeType */,
+ 479 /* pilotAttributeType27 */,
+ 456 /* pilotDSA */,
+ 441 /* pilotGroups */,
+ 444 /* pilotObject */,
+ 440 /* pilotObjectClass */,
+ 455 /* pilotOrganization */,
+ 445 /* pilotPerson */,
+ 186 /* pkcs1 */,
+ 27 /* pkcs3 */,
+ 187 /* pkcs5 */,
+ 20 /* pkcs7 */,
+ 21 /* pkcs7-data */,
+ 25 /* pkcs7-digestData */,
+ 26 /* pkcs7-encryptedData */,
+ 23 /* pkcs7-envelopedData */,
+ 24 /* pkcs7-signedAndEnvelopedData */,
+ 22 /* pkcs7-signedData */,
+ 151 /* pkcs8ShroudedKeyBag */,
+ 47 /* pkcs9 */,
+ 862 /* postOfficeBox */,
+ 861 /* postalAddress */,
+ 661 /* postalCode */,
+ 683 /* ppBasis */,
+ 872 /* preferredDeliveryMethod */,
+ 873 /* presentationAddress */,
+ 406 /* prime-field */,
+ 409 /* prime192v1 */,
+ 410 /* prime192v2 */,
+ 411 /* prime192v3 */,
+ 412 /* prime239v1 */,
+ 413 /* prime239v2 */,
+ 414 /* prime239v3 */,
+ 415 /* prime256v1 */,
+ 886 /* protocolInformation */,
+ 510 /* pseudonym */,
+ 435 /* pss */,
+ 286 /* qcStatements */,
+ 457 /* qualityLabelledData */,
+ 450 /* rFC822localPart */,
+ 98 /* rc2-40-cbc */,
+ 166 /* rc2-64-cbc */,
+ 37 /* rc2-cbc */,
+ 39 /* rc2-cfb */,
+ 38 /* rc2-ecb */,
+ 40 /* rc2-ofb */,
+ 5 /* rc4 */,
+ 97 /* rc4-40 */,
+ 915 /* rc4-hmac-md5 */,
+ 120 /* rc5-cbc */,
+ 122 /* rc5-cfb */,
+ 121 /* rc5-ecb */,
+ 123 /* rc5-ofb */,
+ 870 /* registeredAddress */,
+ 460 /* rfc822Mailbox */,
+ 117 /* ripemd160 */,
+ 119 /* ripemd160WithRSA */,
+ 400 /* role */,
+ 877 /* roleOccupant */,
+ 448 /* room */,
+ 463 /* roomNumber */,
+ 19 /* rsa */,
+ 6 /* rsaEncryption */,
+ 644 /* rsaOAEPEncryptionSET */,
+ 377 /* rsaSignature */,
+ 919 /* rsaesOaep */,
+ 912 /* rsassaPss */,
+ 482 /* sOARecord */,
+ 155 /* safeContentsBag */,
+ 291 /* sbgp-autonomousSysNum */,
+ 290 /* sbgp-ipAddrBlock */,
+ 292 /* sbgp-routerIdentifier */,
+ 159 /* sdsiCertificate */,
+ 859 /* searchGuide */,
+ 704 /* secp112r1 */,
+ 705 /* secp112r2 */,
+ 706 /* secp128r1 */,
+ 707 /* secp128r2 */,
+ 708 /* secp160k1 */,
+ 709 /* secp160r1 */,
+ 710 /* secp160r2 */,
+ 711 /* secp192k1 */,
+ 712 /* secp224k1 */,
+ 713 /* secp224r1 */,
+ 714 /* secp256k1 */,
+ 715 /* secp384r1 */,
+ 716 /* secp521r1 */,
+ 154 /* secretBag */,
+ 474 /* secretary */,
+ 717 /* sect113r1 */,
+ 718 /* sect113r2 */,
+ 719 /* sect131r1 */,
+ 720 /* sect131r2 */,
+ 721 /* sect163k1 */,
+ 722 /* sect163r1 */,
+ 723 /* sect163r2 */,
+ 724 /* sect193r1 */,
+ 725 /* sect193r2 */,
+ 726 /* sect233k1 */,
+ 727 /* sect233r1 */,
+ 728 /* sect239k1 */,
+ 729 /* sect283k1 */,
+ 730 /* sect283r1 */,
+ 731 /* sect409k1 */,
+ 732 /* sect409r1 */,
+ 733 /* sect571k1 */,
+ 734 /* sect571r1 */,
+ 635 /* secure device signature */,
+ 878 /* seeAlso */,
+ 777 /* seed-cbc */,
+ 779 /* seed-cfb */,
+ 776 /* seed-ecb */,
+ 778 /* seed-ofb */,
+ 105 /* serialNumber */,
+ 625 /* set-addPolicy */,
+ 515 /* set-attr */,
+ 518 /* set-brand */,
+ 638 /* set-brand-AmericanExpress */,
+ 637 /* set-brand-Diners */,
+ 636 /* set-brand-IATA-ATA */,
+ 639 /* set-brand-JCB */,
+ 641 /* set-brand-MasterCard */,
+ 642 /* set-brand-Novus */,
+ 640 /* set-brand-Visa */,
+ 516 /* set-policy */,
+ 607 /* set-policy-root */,
+ 624 /* set-rootKeyThumb */,
+ 620 /* setAttr-Cert */,
+ 628 /* setAttr-IssCap-CVM */,
+ 630 /* setAttr-IssCap-Sig */,
+ 629 /* setAttr-IssCap-T2 */,
+ 627 /* setAttr-Token-B0Prime */,
+ 626 /* setAttr-Token-EMV */,
+ 622 /* setAttr-TokenType */,
+ 619 /* setCext-IssuerCapabilities */,
+ 615 /* setCext-PGWYcapabilities */,
+ 616 /* setCext-TokenIdentifier */,
+ 618 /* setCext-TokenType */,
+ 617 /* setCext-Track2Data */,
+ 611 /* setCext-cCertRequired */,
+ 609 /* setCext-certType */,
+ 608 /* setCext-hashedRoot */,
+ 610 /* setCext-merchData */,
+ 613 /* setCext-setExt */,
+ 614 /* setCext-setQualf */,
+ 612 /* setCext-tunneling */,
+ 540 /* setct-AcqCardCodeMsg */,
+ 576 /* setct-AcqCardCodeMsgTBE */,
+ 570 /* setct-AuthReqTBE */,
+ 534 /* setct-AuthReqTBS */,
+ 527 /* setct-AuthResBaggage */,
+ 571 /* setct-AuthResTBE */,
+ 572 /* setct-AuthResTBEX */,
+ 535 /* setct-AuthResTBS */,
+ 536 /* setct-AuthResTBSX */,
+ 528 /* setct-AuthRevReqBaggage */,
+ 577 /* setct-AuthRevReqTBE */,
+ 541 /* setct-AuthRevReqTBS */,
+ 529 /* setct-AuthRevResBaggage */,
+ 542 /* setct-AuthRevResData */,
+ 578 /* setct-AuthRevResTBE */,
+ 579 /* setct-AuthRevResTBEB */,
+ 543 /* setct-AuthRevResTBS */,
+ 573 /* setct-AuthTokenTBE */,
+ 537 /* setct-AuthTokenTBS */,
+ 600 /* setct-BCIDistributionTBS */,
+ 558 /* setct-BatchAdminReqData */,
+ 592 /* setct-BatchAdminReqTBE */,
+ 559 /* setct-BatchAdminResData */,
+ 593 /* setct-BatchAdminResTBE */,
+ 599 /* setct-CRLNotificationResTBS */,
+ 598 /* setct-CRLNotificationTBS */,
+ 580 /* setct-CapReqTBE */,
+ 581 /* setct-CapReqTBEX */,
+ 544 /* setct-CapReqTBS */,
+ 545 /* setct-CapReqTBSX */,
+ 546 /* setct-CapResData */,
+ 582 /* setct-CapResTBE */,
+ 583 /* setct-CapRevReqTBE */,
+ 584 /* setct-CapRevReqTBEX */,
+ 547 /* setct-CapRevReqTBS */,
+ 548 /* setct-CapRevReqTBSX */,
+ 549 /* setct-CapRevResData */,
+ 585 /* setct-CapRevResTBE */,
+ 538 /* setct-CapTokenData */,
+ 530 /* setct-CapTokenSeq */,
+ 574 /* setct-CapTokenTBE */,
+ 575 /* setct-CapTokenTBEX */,
+ 539 /* setct-CapTokenTBS */,
+ 560 /* setct-CardCInitResTBS */,
+ 566 /* setct-CertInqReqTBS */,
+ 563 /* setct-CertReqData */,
+ 595 /* setct-CertReqTBE */,
+ 596 /* setct-CertReqTBEX */,
+ 564 /* setct-CertReqTBS */,
+ 565 /* setct-CertResData */,
+ 597 /* setct-CertResTBE */,
+ 586 /* setct-CredReqTBE */,
+ 587 /* setct-CredReqTBEX */,
+ 550 /* setct-CredReqTBS */,
+ 551 /* setct-CredReqTBSX */,
+ 552 /* setct-CredResData */,
+ 588 /* setct-CredResTBE */,
+ 589 /* setct-CredRevReqTBE */,
+ 590 /* setct-CredRevReqTBEX */,
+ 553 /* setct-CredRevReqTBS */,
+ 554 /* setct-CredRevReqTBSX */,
+ 555 /* setct-CredRevResData */,
+ 591 /* setct-CredRevResTBE */,
+ 567 /* setct-ErrorTBS */,
+ 526 /* setct-HODInput */,
+ 561 /* setct-MeAqCInitResTBS */,
+ 522 /* setct-OIData */,
+ 519 /* setct-PANData */,
+ 521 /* setct-PANOnly */,
+ 520 /* setct-PANToken */,
+ 556 /* setct-PCertReqData */,
+ 557 /* setct-PCertResTBS */,
+ 523 /* setct-PI */,
+ 532 /* setct-PI-TBS */,
+ 524 /* setct-PIData */,
+ 525 /* setct-PIDataUnsigned */,
+ 568 /* setct-PIDualSignedTBE */,
+ 569 /* setct-PIUnsignedTBE */,
+ 531 /* setct-PInitResData */,
+ 533 /* setct-PResData */,
+ 594 /* setct-RegFormReqTBE */,
+ 562 /* setct-RegFormResTBS */,
+ 604 /* setext-pinAny */,
+ 603 /* setext-pinSecure */,
+ 605 /* setext-track2 */,
+ 41 /* sha */,
+ 64 /* sha1 */,
+ 115 /* sha1WithRSA */,
+ 65 /* sha1WithRSAEncryption */,
+ 675 /* sha224 */,
+ 671 /* sha224WithRSAEncryption */,
+ 672 /* sha256 */,
+ 668 /* sha256WithRSAEncryption */,
+ 673 /* sha384 */,
+ 669 /* sha384WithRSAEncryption */,
+ 674 /* sha512 */,
+ 670 /* sha512WithRSAEncryption */,
+ 42 /* shaWithRSAEncryption */,
+ 52 /* signingTime */,
+ 454 /* simpleSecurityObject */,
+ 496 /* singleLevelQuality */,
+ 16 /* stateOrProvinceName */,
+ 660 /* streetAddress */,
+ 498 /* subtreeMaximumQuality */,
+ 497 /* subtreeMinimumQuality */,
+ 890 /* supportedAlgorithms */,
+ 874 /* supportedApplicationContext */,
+ 100 /* surname */,
+ 864 /* telephoneNumber */,
+ 866 /* teletexTerminalIdentifier */,
+ 865 /* telexNumber */,
+ 459 /* textEncodedORAddress */,
+ 293 /* textNotice */,
+ 106 /* title */,
+ 682 /* tpBasis */,
+ 436 /* ucl */,
+ 0 /* undefined */,
+ 888 /* uniqueMember */,
+ 55 /* unstructuredAddress */,
+ 49 /* unstructuredName */,
+ 880 /* userCertificate */,
+ 465 /* userClass */,
+ 458 /* userId */,
+ 879 /* userPassword */,
+ 373 /* valid */,
+ 678 /* wap */,
+ 679 /* wap-wsg */,
+ 735 /* wap-wsg-idm-ecid-wtls1 */,
+ 743 /* wap-wsg-idm-ecid-wtls10 */,
+ 744 /* wap-wsg-idm-ecid-wtls11 */,
+ 745 /* wap-wsg-idm-ecid-wtls12 */,
+ 736 /* wap-wsg-idm-ecid-wtls3 */,
+ 737 /* wap-wsg-idm-ecid-wtls4 */,
+ 738 /* wap-wsg-idm-ecid-wtls5 */,
+ 739 /* wap-wsg-idm-ecid-wtls6 */,
+ 740 /* wap-wsg-idm-ecid-wtls7 */,
+ 741 /* wap-wsg-idm-ecid-wtls8 */,
+ 742 /* wap-wsg-idm-ecid-wtls9 */,
+ 804 /* whirlpool */,
+ 868 /* x121Address */,
+ 503 /* x500UniqueIdentifier */,
+ 158 /* x509Certificate */,
+ 160 /* x509Crl */,
+ 125 /* zlib compression */,
};
-static const unsigned int kNIDsInOIDOrder[NUM_OBJ]={
-434, /* OBJ_data 0 9 */
-182, /* OBJ_member_body 1 2 */
-379, /* OBJ_org 1 3 */
-676, /* OBJ_identified_organization 1 3 */
-11, /* OBJ_X500 2 5 */
-647, /* OBJ_international_organizations 2 23 */
-380, /* OBJ_dod 1 3 6 */
-12, /* OBJ_X509 2 5 4 */
-378, /* OBJ_X500algorithms 2 5 8 */
-81, /* OBJ_id_ce 2 5 29 */
-512, /* OBJ_id_set 2 23 42 */
-678, /* OBJ_wap 2 23 43 */
-435, /* OBJ_pss 0 9 2342 */
-183, /* OBJ_ISO_US 1 2 840 */
-381, /* OBJ_iana 1 3 6 1 */
-677, /* OBJ_certicom_arc 1 3 132 */
-394, /* OBJ_selected_attribute_types 2 5 1 5 */
-13, /* OBJ_commonName 2 5 4 3 */
-100, /* OBJ_surname 2 5 4 4 */
-105, /* OBJ_serialNumber 2 5 4 5 */
-14, /* OBJ_countryName 2 5 4 6 */
-15, /* OBJ_localityName 2 5 4 7 */
-16, /* OBJ_stateOrProvinceName 2 5 4 8 */
-660, /* OBJ_streetAddress 2 5 4 9 */
-17, /* OBJ_organizationName 2 5 4 10 */
-18, /* OBJ_organizationalUnitName 2 5 4 11 */
-106, /* OBJ_title 2 5 4 12 */
-107, /* OBJ_description 2 5 4 13 */
-859, /* OBJ_searchGuide 2 5 4 14 */
-860, /* OBJ_businessCategory 2 5 4 15 */
-861, /* OBJ_postalAddress 2 5 4 16 */
-661, /* OBJ_postalCode 2 5 4 17 */
-862, /* OBJ_postOfficeBox 2 5 4 18 */
-863, /* OBJ_physicalDeliveryOfficeName 2 5 4 19 */
-864, /* OBJ_telephoneNumber 2 5 4 20 */
-865, /* OBJ_telexNumber 2 5 4 21 */
-866, /* OBJ_teletexTerminalIdentifier 2 5 4 22 */
-867, /* OBJ_facsimileTelephoneNumber 2 5 4 23 */
-868, /* OBJ_x121Address 2 5 4 24 */
-869, /* OBJ_internationaliSDNNumber 2 5 4 25 */
-870, /* OBJ_registeredAddress 2 5 4 26 */
-871, /* OBJ_destinationIndicator 2 5 4 27 */
-872, /* OBJ_preferredDeliveryMethod 2 5 4 28 */
-873, /* OBJ_presentationAddress 2 5 4 29 */
-874, /* OBJ_supportedApplicationContext 2 5 4 30 */
-875, /* OBJ_member 2 5 4 31 */
-876, /* OBJ_owner 2 5 4 32 */
-877, /* OBJ_roleOccupant 2 5 4 33 */
-878, /* OBJ_seeAlso 2 5 4 34 */
-879, /* OBJ_userPassword 2 5 4 35 */
-880, /* OBJ_userCertificate 2 5 4 36 */
-881, /* OBJ_cACertificate 2 5 4 37 */
-882, /* OBJ_authorityRevocationList 2 5 4 38 */
-883, /* OBJ_certificateRevocationList 2 5 4 39 */
-884, /* OBJ_crossCertificatePair 2 5 4 40 */
-173, /* OBJ_name 2 5 4 41 */
-99, /* OBJ_givenName 2 5 4 42 */
-101, /* OBJ_initials 2 5 4 43 */
-509, /* OBJ_generationQualifier 2 5 4 44 */
-503, /* OBJ_x500UniqueIdentifier 2 5 4 45 */
-174, /* OBJ_dnQualifier 2 5 4 46 */
-885, /* OBJ_enhancedSearchGuide 2 5 4 47 */
-886, /* OBJ_protocolInformation 2 5 4 48 */
-887, /* OBJ_distinguishedName 2 5 4 49 */
-888, /* OBJ_uniqueMember 2 5 4 50 */
-889, /* OBJ_houseIdentifier 2 5 4 51 */
-890, /* OBJ_supportedAlgorithms 2 5 4 52 */
-891, /* OBJ_deltaRevocationList 2 5 4 53 */
-892, /* OBJ_dmdName 2 5 4 54 */
-510, /* OBJ_pseudonym 2 5 4 65 */
-400, /* OBJ_role 2 5 4 72 */
-769, /* OBJ_subject_directory_attributes 2 5 29 9 */
-82, /* OBJ_subject_key_identifier 2 5 29 14 */
-83, /* OBJ_key_usage 2 5 29 15 */
-84, /* OBJ_private_key_usage_period 2 5 29 16 */
-85, /* OBJ_subject_alt_name 2 5 29 17 */
-86, /* OBJ_issuer_alt_name 2 5 29 18 */
-87, /* OBJ_basic_constraints 2 5 29 19 */
-88, /* OBJ_crl_number 2 5 29 20 */
-141, /* OBJ_crl_reason 2 5 29 21 */
-430, /* OBJ_hold_instruction_code 2 5 29 23 */
-142, /* OBJ_invalidity_date 2 5 29 24 */
-140, /* OBJ_delta_crl 2 5 29 27 */
-770, /* OBJ_issuing_distribution_point 2 5 29 28 */
-771, /* OBJ_certificate_issuer 2 5 29 29 */
-666, /* OBJ_name_constraints 2 5 29 30 */
-103, /* OBJ_crl_distribution_points 2 5 29 31 */
-89, /* OBJ_certificate_policies 2 5 29 32 */
-747, /* OBJ_policy_mappings 2 5 29 33 */
-90, /* OBJ_authority_key_identifier 2 5 29 35 */
-401, /* OBJ_policy_constraints 2 5 29 36 */
-126, /* OBJ_ext_key_usage 2 5 29 37 */
-857, /* OBJ_freshest_crl 2 5 29 46 */
-748, /* OBJ_inhibit_any_policy 2 5 29 54 */
-402, /* OBJ_target_information 2 5 29 55 */
-403, /* OBJ_no_rev_avail 2 5 29 56 */
-513, /* OBJ_set_ctype 2 23 42 0 */
-514, /* OBJ_set_msgExt 2 23 42 1 */
-515, /* OBJ_set_attr 2 23 42 3 */
-516, /* OBJ_set_policy 2 23 42 5 */
-517, /* OBJ_set_certExt 2 23 42 7 */
-518, /* OBJ_set_brand 2 23 42 8 */
-679, /* OBJ_wap_wsg 2 23 43 1 */
-382, /* OBJ_Directory 1 3 6 1 1 */
-383, /* OBJ_Management 1 3 6 1 2 */
-384, /* OBJ_Experimental 1 3 6 1 3 */
-385, /* OBJ_Private 1 3 6 1 4 */
-386, /* OBJ_Security 1 3 6 1 5 */
-387, /* OBJ_SNMPv2 1 3 6 1 6 */
-388, /* OBJ_Mail 1 3 6 1 7 */
-376, /* OBJ_algorithm 1 3 14 3 2 */
-395, /* OBJ_clearance 2 5 1 5 55 */
-19, /* OBJ_rsa 2 5 8 1 1 */
-96, /* OBJ_mdc2WithRSA 2 5 8 3 100 */
-95, /* OBJ_mdc2 2 5 8 3 101 */
-746, /* OBJ_any_policy 2 5 29 32 0 */
-910, /* OBJ_anyExtendedKeyUsage 2 5 29 37 0 */
-519, /* OBJ_setct_PANData 2 23 42 0 0 */
-520, /* OBJ_setct_PANToken 2 23 42 0 1 */
-521, /* OBJ_setct_PANOnly 2 23 42 0 2 */
-522, /* OBJ_setct_OIData 2 23 42 0 3 */
-523, /* OBJ_setct_PI 2 23 42 0 4 */
-524, /* OBJ_setct_PIData 2 23 42 0 5 */
-525, /* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
-526, /* OBJ_setct_HODInput 2 23 42 0 7 */
-527, /* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
-528, /* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
-529, /* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
-530, /* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
-531, /* OBJ_setct_PInitResData 2 23 42 0 12 */
-532, /* OBJ_setct_PI_TBS 2 23 42 0 13 */
-533, /* OBJ_setct_PResData 2 23 42 0 14 */
-534, /* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
-535, /* OBJ_setct_AuthResTBS 2 23 42 0 17 */
-536, /* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
-537, /* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
-538, /* OBJ_setct_CapTokenData 2 23 42 0 20 */
-539, /* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
-540, /* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
-541, /* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
-542, /* OBJ_setct_AuthRevResData 2 23 42 0 24 */
-543, /* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
-544, /* OBJ_setct_CapReqTBS 2 23 42 0 26 */
-545, /* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
-546, /* OBJ_setct_CapResData 2 23 42 0 28 */
-547, /* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
-548, /* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
-549, /* OBJ_setct_CapRevResData 2 23 42 0 31 */
-550, /* OBJ_setct_CredReqTBS 2 23 42 0 32 */
-551, /* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
-552, /* OBJ_setct_CredResData 2 23 42 0 34 */
-553, /* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
-554, /* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
-555, /* OBJ_setct_CredRevResData 2 23 42 0 37 */
-556, /* OBJ_setct_PCertReqData 2 23 42 0 38 */
-557, /* OBJ_setct_PCertResTBS 2 23 42 0 39 */
-558, /* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
-559, /* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
-560, /* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
-561, /* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
-562, /* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
-563, /* OBJ_setct_CertReqData 2 23 42 0 45 */
-564, /* OBJ_setct_CertReqTBS 2 23 42 0 46 */
-565, /* OBJ_setct_CertResData 2 23 42 0 47 */
-566, /* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
-567, /* OBJ_setct_ErrorTBS 2 23 42 0 49 */
-568, /* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
-569, /* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
-570, /* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
-571, /* OBJ_setct_AuthResTBE 2 23 42 0 53 */
-572, /* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
-573, /* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
-574, /* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
-575, /* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
-576, /* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
-577, /* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
-578, /* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
-579, /* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
-580, /* OBJ_setct_CapReqTBE 2 23 42 0 62 */
-581, /* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
-582, /* OBJ_setct_CapResTBE 2 23 42 0 64 */
-583, /* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
-584, /* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
-585, /* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
-586, /* OBJ_setct_CredReqTBE 2 23 42 0 68 */
-587, /* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
-588, /* OBJ_setct_CredResTBE 2 23 42 0 70 */
-589, /* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
-590, /* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
-591, /* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
-592, /* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
-593, /* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
-594, /* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
-595, /* OBJ_setct_CertReqTBE 2 23 42 0 77 */
-596, /* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
-597, /* OBJ_setct_CertResTBE 2 23 42 0 79 */
-598, /* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
-599, /* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
-600, /* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
-601, /* OBJ_setext_genCrypt 2 23 42 1 1 */
-602, /* OBJ_setext_miAuth 2 23 42 1 3 */
-603, /* OBJ_setext_pinSecure 2 23 42 1 4 */
-604, /* OBJ_setext_pinAny 2 23 42 1 5 */
-605, /* OBJ_setext_track2 2 23 42 1 7 */
-606, /* OBJ_setext_cv 2 23 42 1 8 */
-620, /* OBJ_setAttr_Cert 2 23 42 3 0 */
-621, /* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
-622, /* OBJ_setAttr_TokenType 2 23 42 3 2 */
-623, /* OBJ_setAttr_IssCap 2 23 42 3 3 */
-607, /* OBJ_set_policy_root 2 23 42 5 0 */
-608, /* OBJ_setCext_hashedRoot 2 23 42 7 0 */
-609, /* OBJ_setCext_certType 2 23 42 7 1 */
-610, /* OBJ_setCext_merchData 2 23 42 7 2 */
-611, /* OBJ_setCext_cCertRequired 2 23 42 7 3 */
-612, /* OBJ_setCext_tunneling 2 23 42 7 4 */
-613, /* OBJ_setCext_setExt 2 23 42 7 5 */
-614, /* OBJ_setCext_setQualf 2 23 42 7 6 */
-615, /* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
-616, /* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
-617, /* OBJ_setCext_Track2Data 2 23 42 7 9 */
-618, /* OBJ_setCext_TokenType 2 23 42 7 10 */
-619, /* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
-636, /* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
-640, /* OBJ_set_brand_Visa 2 23 42 8 4 */
-641, /* OBJ_set_brand_MasterCard 2 23 42 8 5 */
-637, /* OBJ_set_brand_Diners 2 23 42 8 30 */
-638, /* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
-639, /* OBJ_set_brand_JCB 2 23 42 8 35 */
-805, /* OBJ_cryptopro 1 2 643 2 2 */
-806, /* OBJ_cryptocom 1 2 643 2 9 */
-184, /* OBJ_X9_57 1 2 840 10040 */
-405, /* OBJ_ansi_X9_62 1 2 840 10045 */
-389, /* OBJ_Enterprises 1 3 6 1 4 1 */
-504, /* OBJ_mime_mhs 1 3 6 1 7 1 */
-104, /* OBJ_md5WithRSA 1 3 14 3 2 3 */
-29, /* OBJ_des_ecb 1 3 14 3 2 6 */
-31, /* OBJ_des_cbc 1 3 14 3 2 7 */
-45, /* OBJ_des_ofb64 1 3 14 3 2 8 */
-30, /* OBJ_des_cfb64 1 3 14 3 2 9 */
-377, /* OBJ_rsaSignature 1 3 14 3 2 11 */
-67, /* OBJ_dsa_2 1 3 14 3 2 12 */
-66, /* OBJ_dsaWithSHA 1 3 14 3 2 13 */
-42, /* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
-32, /* OBJ_des_ede_ecb 1 3 14 3 2 17 */
-41, /* OBJ_sha 1 3 14 3 2 18 */
-64, /* OBJ_sha1 1 3 14 3 2 26 */
-70, /* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
-115, /* OBJ_sha1WithRSA 1 3 14 3 2 29 */
-117, /* OBJ_ripemd160 1 3 36 3 2 1 */
-143, /* OBJ_sxnet 1 3 101 1 4 1 */
-721, /* OBJ_sect163k1 1 3 132 0 1 */
-722, /* OBJ_sect163r1 1 3 132 0 2 */
-728, /* OBJ_sect239k1 1 3 132 0 3 */
-717, /* OBJ_sect113r1 1 3 132 0 4 */
-718, /* OBJ_sect113r2 1 3 132 0 5 */
-704, /* OBJ_secp112r1 1 3 132 0 6 */
-705, /* OBJ_secp112r2 1 3 132 0 7 */
-709, /* OBJ_secp160r1 1 3 132 0 8 */
-708, /* OBJ_secp160k1 1 3 132 0 9 */
-714, /* OBJ_secp256k1 1 3 132 0 10 */
-723, /* OBJ_sect163r2 1 3 132 0 15 */
-729, /* OBJ_sect283k1 1 3 132 0 16 */
-730, /* OBJ_sect283r1 1 3 132 0 17 */
-719, /* OBJ_sect131r1 1 3 132 0 22 */
-720, /* OBJ_sect131r2 1 3 132 0 23 */
-724, /* OBJ_sect193r1 1 3 132 0 24 */
-725, /* OBJ_sect193r2 1 3 132 0 25 */
-726, /* OBJ_sect233k1 1 3 132 0 26 */
-727, /* OBJ_sect233r1 1 3 132 0 27 */
-706, /* OBJ_secp128r1 1 3 132 0 28 */
-707, /* OBJ_secp128r2 1 3 132 0 29 */
-710, /* OBJ_secp160r2 1 3 132 0 30 */
-711, /* OBJ_secp192k1 1 3 132 0 31 */
-712, /* OBJ_secp224k1 1 3 132 0 32 */
-713, /* OBJ_secp224r1 1 3 132 0 33 */
-715, /* OBJ_secp384r1 1 3 132 0 34 */
-716, /* OBJ_secp521r1 1 3 132 0 35 */
-731, /* OBJ_sect409k1 1 3 132 0 36 */
-732, /* OBJ_sect409r1 1 3 132 0 37 */
-733, /* OBJ_sect571k1 1 3 132 0 38 */
-734, /* OBJ_sect571r1 1 3 132 0 39 */
-624, /* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
-625, /* OBJ_set_addPolicy 2 23 42 3 0 1 */
-626, /* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
-627, /* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
-628, /* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
-629, /* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
-630, /* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
-642, /* OBJ_set_brand_Novus 2 23 42 8 6011 */
-735, /* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 1 4 1 */
-736, /* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 1 4 3 */
-737, /* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 1 4 4 */
-738, /* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 1 4 5 */
-739, /* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 1 4 6 */
-740, /* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 1 4 7 */
-741, /* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 1 4 8 */
-742, /* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 1 4 9 */
-743, /* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 1 4 10 */
-744, /* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 1 4 11 */
-745, /* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 1 4 12 */
-804, /* OBJ_whirlpool 1 0 10118 3 0 55 */
-773, /* OBJ_kisa 1 2 410 200004 */
-807, /* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
-808, /* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
-809, /* OBJ_id_GostR3411_94 1 2 643 2 2 9 */
-810, /* OBJ_id_HMACGostR3411_94 1 2 643 2 2 10 */
-811, /* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */
-812, /* OBJ_id_GostR3410_94 1 2 643 2 2 20 */
-813, /* OBJ_id_Gost28147_89 1 2 643 2 2 21 */
-815, /* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */
-816, /* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */
-817, /* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */
-818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */
- 1, /* OBJ_rsadsi 1 2 840 113549 */
-185, /* OBJ_X9cm 1 2 840 10040 4 */
-127, /* OBJ_id_pkix 1 3 6 1 5 5 7 */
-505, /* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
-506, /* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
-119, /* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
-937, /* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
-938, /* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
-939, /* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
-940, /* OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1 3 132 1 11 3 */
-942, /* OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1 3 132 1 14 0 */
-943, /* OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1 3 132 1 14 1 */
-944, /* OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1 3 132 1 14 2 */
-945, /* OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1 3 132 1 14 3 */
-631, /* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
-632, /* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
-633, /* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
-634, /* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
-635, /* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
-436, /* OBJ_ucl 0 9 2342 19200300 */
-820, /* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
-819, /* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
-845, /* OBJ_id_GostR3410_94_a 1 2 643 2 2 20 1 */
-846, /* OBJ_id_GostR3410_94_aBis 1 2 643 2 2 20 2 */
-847, /* OBJ_id_GostR3410_94_b 1 2 643 2 2 20 3 */
-848, /* OBJ_id_GostR3410_94_bBis 1 2 643 2 2 20 4 */
-821, /* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
-822, /* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
-823, /* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
-824, /* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
-825, /* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
-826, /* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
-827, /* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
-828, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
-829, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
-830, /* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
-831, /* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
-832, /* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
-833, /* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
-834, /* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
-835, /* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
-836, /* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
-837, /* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
-838, /* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
-839, /* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
-840, /* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
-841, /* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
-842, /* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
-843, /* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
-844, /* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
- 2, /* OBJ_pkcs 1 2 840 113549 1 */
-431, /* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
-432, /* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-433, /* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */
-116, /* OBJ_dsa 1 2 840 10040 4 1 */
-113, /* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
-406, /* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */
-407, /* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-408, /* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
-416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
-791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
-792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
-920, /* OBJ_dhpublicnumber 1 2 840 10046 2 1 */
-258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
-175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */
-259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */
-128, /* OBJ_id_kp 1 3 6 1 5 5 7 3 */
-260, /* OBJ_id_it 1 3 6 1 5 5 7 4 */
-261, /* OBJ_id_pkip 1 3 6 1 5 5 7 5 */
-262, /* OBJ_id_alg 1 3 6 1 5 5 7 6 */
-263, /* OBJ_id_cmc 1 3 6 1 5 5 7 7 */
-264, /* OBJ_id_on 1 3 6 1 5 5 7 8 */
-265, /* OBJ_id_pda 1 3 6 1 5 5 7 9 */
-266, /* OBJ_id_aca 1 3 6 1 5 5 7 10 */
-267, /* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
-268, /* OBJ_id_cct 1 3 6 1 5 5 7 12 */
-662, /* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
-176, /* OBJ_id_ad 1 3 6 1 5 5 7 48 */
-507, /* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
-508, /* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
-57, /* OBJ_netscape 2 16 840 1 113730 */
-754, /* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */
-766, /* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */
-757, /* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */
-755, /* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */
-767, /* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */
-758, /* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */
-756, /* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */
-768, /* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
-759, /* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
-437, /* OBJ_pilot 0 9 2342 19200300 100 */
-776, /* OBJ_seed_ecb 1 2 410 200004 1 3 */
-777, /* OBJ_seed_cbc 1 2 410 200004 1 4 */
-779, /* OBJ_seed_cfb128 1 2 410 200004 1 5 */
-778, /* OBJ_seed_ofb128 1 2 410 200004 1 6 */
-852, /* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
-853, /* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
-850, /* OBJ_id_GostR3410_94_cc 1 2 643 2 9 1 5 3 */
-851, /* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */
-849, /* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */
-854, /* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
-186, /* OBJ_pkcs1 1 2 840 113549 1 1 */
-27, /* OBJ_pkcs3 1 2 840 113549 1 3 */
-187, /* OBJ_pkcs5 1 2 840 113549 1 5 */
-20, /* OBJ_pkcs7 1 2 840 113549 1 7 */
-47, /* OBJ_pkcs9 1 2 840 113549 1 9 */
- 3, /* OBJ_md2 1 2 840 113549 2 2 */
-257, /* OBJ_md4 1 2 840 113549 2 4 */
- 4, /* OBJ_md5 1 2 840 113549 2 5 */
-797, /* OBJ_hmacWithMD5 1 2 840 113549 2 6 */
-163, /* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
-798, /* OBJ_hmacWithSHA224 1 2 840 113549 2 8 */
-799, /* OBJ_hmacWithSHA256 1 2 840 113549 2 9 */
-800, /* OBJ_hmacWithSHA384 1 2 840 113549 2 10 */
-801, /* OBJ_hmacWithSHA512 1 2 840 113549 2 11 */
-37, /* OBJ_rc2_cbc 1 2 840 113549 3 2 */
- 5, /* OBJ_rc4 1 2 840 113549 3 4 */
-44, /* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
-120, /* OBJ_rc5_cbc 1 2 840 113549 3 8 */
-643, /* OBJ_des_cdmf 1 2 840 113549 3 10 */
-680, /* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-684, /* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
-685, /* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
-686, /* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
-687, /* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
-688, /* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
-689, /* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
-690, /* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
-691, /* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
-692, /* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
-693, /* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
-694, /* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
-695, /* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
-696, /* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
-697, /* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
-698, /* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
-699, /* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
-700, /* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
-701, /* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
-702, /* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
-703, /* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
-409, /* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
-410, /* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
-411, /* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
-412, /* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */
-413, /* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
-414, /* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
-415, /* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
-793, /* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */
-794, /* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */
-795, /* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */
-796, /* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */
-269, /* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
-270, /* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
-271, /* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
-272, /* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */
-273, /* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */
-274, /* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */
-275, /* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */
-276, /* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */
-277, /* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */
-278, /* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */
-279, /* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */
-280, /* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */
-281, /* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */
-282, /* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */
-283, /* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */
-284, /* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */
-177, /* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
-285, /* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */
-286, /* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */
-287, /* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
-288, /* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
-289, /* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
-290, /* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
-291, /* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
-292, /* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
-397, /* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
-398, /* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
-663, /* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
-164, /* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
-165, /* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
-293, /* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
-129, /* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
-130, /* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
-131, /* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
-132, /* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
-294, /* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
-295, /* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
-296, /* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */
-133, /* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
-180, /* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
-297, /* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
-298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
-299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
-300, /* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */
-301, /* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */
-302, /* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */
-303, /* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */
-304, /* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */
-305, /* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */
-306, /* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */
-307, /* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */
-308, /* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */
-309, /* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */
-310, /* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */
-311, /* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */
-312, /* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */
-784, /* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */
-313, /* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */
-314, /* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */
-323, /* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */
-324, /* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */
-325, /* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */
-326, /* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */
-327, /* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */
-328, /* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */
-329, /* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */
-330, /* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */
-331, /* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */
-332, /* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */
-333, /* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */
-334, /* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */
-335, /* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */
-336, /* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */
-337, /* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */
-338, /* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */
-339, /* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */
-340, /* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */
-341, /* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */
-342, /* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */
-343, /* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */
-344, /* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */
-345, /* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */
-346, /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-347, /* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
-858, /* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */
-348, /* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
-349, /* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
-351, /* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
-352, /* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */
-353, /* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */
-354, /* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */
-355, /* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */
-356, /* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */
-357, /* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */
-358, /* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */
-399, /* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */
-359, /* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */
-360, /* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
-361, /* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
-362, /* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
-664, /* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
-665, /* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
-667, /* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
-178, /* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
-179, /* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
-363, /* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
-364, /* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */
-785, /* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */
-780, /* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */
-781, /* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */
-58, /* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
-59, /* OBJ_netscape_data_type 2 16 840 1 113730 2 */
-438, /* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */
-439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */
-440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */
-441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */
-108, /* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
-112, /* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
-782, /* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */
-783, /* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */
- 6, /* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
- 7, /* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
-396, /* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
- 8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
-65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
-644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
-919, /* OBJ_rsaesOaep 1 2 840 113549 1 1 7 */
-911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */
-935, /* OBJ_pSpecified 1 2 840 113549 1 1 9 */
-912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */
-668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
-669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
-670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
-671, /* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
-28, /* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
- 9, /* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
-10, /* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
-168, /* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
-169, /* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
-170, /* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
-68, /* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
-69, /* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
-161, /* OBJ_pbes2 1 2 840 113549 1 5 13 */
-162, /* OBJ_pbmac1 1 2 840 113549 1 5 14 */
-21, /* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
-22, /* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
-23, /* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
-24, /* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
-25, /* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
-26, /* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
-48, /* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
-49, /* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
-50, /* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
-51, /* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
-52, /* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
-53, /* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
-54, /* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
-55, /* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
-56, /* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
-172, /* OBJ_ext_req 1 2 840 113549 1 9 14 */
-167, /* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
-188, /* OBJ_SMIME 1 2 840 113549 1 9 16 */
-156, /* OBJ_friendlyName 1 2 840 113549 1 9 20 */
-157, /* OBJ_localKeyID 1 2 840 113549 1 9 21 */
-681, /* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
-682, /* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
-683, /* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
-417, /* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
-856, /* OBJ_LocalKeySet 1 3 6 1 4 1 311 17 2 */
-390, /* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
-91, /* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
-315, /* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
-316, /* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
-317, /* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-318, /* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-319, /* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */
-320, /* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */
-321, /* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */
-322, /* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */
-365, /* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */
-366, /* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */
-367, /* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */
-368, /* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-369, /* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */
-370, /* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */
-371, /* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */
-372, /* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */
-373, /* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
-374, /* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
-375, /* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
-921, /* OBJ_brainpoolP160r1 1 3 36 3 3 2 8 1 1 1 */
-922, /* OBJ_brainpoolP160t1 1 3 36 3 3 2 8 1 1 2 */
-923, /* OBJ_brainpoolP192r1 1 3 36 3 3 2 8 1 1 3 */
-924, /* OBJ_brainpoolP192t1 1 3 36 3 3 2 8 1 1 4 */
-925, /* OBJ_brainpoolP224r1 1 3 36 3 3 2 8 1 1 5 */
-926, /* OBJ_brainpoolP224t1 1 3 36 3 3 2 8 1 1 6 */
-927, /* OBJ_brainpoolP256r1 1 3 36 3 3 2 8 1 1 7 */
-928, /* OBJ_brainpoolP256t1 1 3 36 3 3 2 8 1 1 8 */
-929, /* OBJ_brainpoolP320r1 1 3 36 3 3 2 8 1 1 9 */
-930, /* OBJ_brainpoolP320t1 1 3 36 3 3 2 8 1 1 10 */
-931, /* OBJ_brainpoolP384r1 1 3 36 3 3 2 8 1 1 11 */
-932, /* OBJ_brainpoolP384t1 1 3 36 3 3 2 8 1 1 12 */
-933, /* OBJ_brainpoolP512r1 1 3 36 3 3 2 8 1 1 13 */
-934, /* OBJ_brainpoolP512t1 1 3 36 3 3 2 8 1 1 14 */
-936, /* OBJ_dhSinglePass_stdDH_sha1kdf_scheme 1 3 133 16 840 63 0 2 */
-941, /* OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme 1 3 133 16 840 63 0 3 */
-418, /* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
-419, /* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
-420, /* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
-421, /* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
-788, /* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */
-895, /* OBJ_aes_128_gcm 2 16 840 1 101 3 4 1 6 */
-896, /* OBJ_aes_128_ccm 2 16 840 1 101 3 4 1 7 */
-897, /* OBJ_id_aes128_wrap_pad 2 16 840 1 101 3 4 1 8 */
-422, /* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
-423, /* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
-424, /* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
-425, /* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
-789, /* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */
-898, /* OBJ_aes_192_gcm 2 16 840 1 101 3 4 1 26 */
-899, /* OBJ_aes_192_ccm 2 16 840 1 101 3 4 1 27 */
-900, /* OBJ_id_aes192_wrap_pad 2 16 840 1 101 3 4 1 28 */
-426, /* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
-427, /* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
-428, /* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
-429, /* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
-790, /* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */
-901, /* OBJ_aes_256_gcm 2 16 840 1 101 3 4 1 46 */
-902, /* OBJ_aes_256_ccm 2 16 840 1 101 3 4 1 47 */
-903, /* OBJ_id_aes256_wrap_pad 2 16 840 1 101 3 4 1 48 */
-672, /* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
-673, /* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
-674, /* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
-675, /* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
-802, /* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */
-803, /* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */
-71, /* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
-72, /* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
-73, /* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
-74, /* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
-75, /* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
-76, /* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
-77, /* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
-78, /* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
-79, /* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
-139, /* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
-458, /* OBJ_userId 0 9 2342 19200300 100 1 1 */
-459, /* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */
-460, /* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */
-461, /* OBJ_info 0 9 2342 19200300 100 1 4 */
-462, /* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */
-463, /* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */
-464, /* OBJ_photo 0 9 2342 19200300 100 1 7 */
-465, /* OBJ_userClass 0 9 2342 19200300 100 1 8 */
-466, /* OBJ_host 0 9 2342 19200300 100 1 9 */
-467, /* OBJ_manager 0 9 2342 19200300 100 1 10 */
-468, /* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */
-469, /* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */
-470, /* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */
-471, /* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */
-472, /* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */
-473, /* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */
-474, /* OBJ_secretary 0 9 2342 19200300 100 1 21 */
-475, /* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */
-476, /* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */
-477, /* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */
-391, /* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */
-478, /* OBJ_aRecord 0 9 2342 19200300 100 1 26 */
-479, /* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */
-480, /* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */
-481, /* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */
-482, /* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */
-483, /* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */
-484, /* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */
-485, /* OBJ_associatedName 0 9 2342 19200300 100 1 38 */
-486, /* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */
-487, /* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */
-488, /* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */
-489, /* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */
-490, /* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */
-491, /* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */
-492, /* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */
-493, /* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */
-494, /* OBJ_buildingName 0 9 2342 19200300 100 1 48 */
-495, /* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */
-496, /* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */
-497, /* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */
-498, /* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */
-499, /* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */
-500, /* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */
-501, /* OBJ_audio 0 9 2342 19200300 100 1 55 */
-502, /* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */
-442, /* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */
-443, /* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */
-444, /* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */
-445, /* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */
-446, /* OBJ_account 0 9 2342 19200300 100 4 5 */
-447, /* OBJ_document 0 9 2342 19200300 100 4 6 */
-448, /* OBJ_room 0 9 2342 19200300 100 4 7 */
-449, /* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */
-392, /* OBJ_Domain 0 9 2342 19200300 100 4 13 */
-450, /* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */
-451, /* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */
-452, /* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */
-453, /* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */
-454, /* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */
-455, /* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */
-456, /* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */
-457, /* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */
-189, /* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */
-190, /* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */
-191, /* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */
-192, /* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */
-193, /* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */
-194, /* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */
-195, /* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */
-158, /* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
-159, /* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
-160, /* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
-144, /* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
-145, /* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
-146, /* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-147, /* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-148, /* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-149, /* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
-171, /* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
-134, /* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
-135, /* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
-136, /* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
-137, /* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
-138, /* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
-648, /* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
-649, /* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
-751, /* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
-752, /* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
-753, /* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
-907, /* OBJ_id_camellia128_wrap 1 2 392 200011 61 1 1 3 2 */
-908, /* OBJ_id_camellia192_wrap 1 2 392 200011 61 1 1 3 3 */
-909, /* OBJ_id_camellia256_wrap 1 2 392 200011 61 1 1 3 4 */
-196, /* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
-197, /* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
-198, /* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
-199, /* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */
-200, /* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-201, /* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-202, /* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-203, /* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-204, /* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */
-205, /* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */
-206, /* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */
-207, /* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */
-208, /* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */
-209, /* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */
-210, /* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
-211, /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-786, /* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */
-787, /* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */
-212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
-213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
-214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */
-215, /* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */
-216, /* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */
-217, /* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-218, /* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-219, /* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */
-220, /* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-221, /* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-222, /* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */
-223, /* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-224, /* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-225, /* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */
-226, /* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */
-227, /* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-228, /* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-229, /* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */
-230, /* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-231, /* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-232, /* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-233, /* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-234, /* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */
-235, /* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-236, /* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-237, /* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-238, /* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-239, /* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */
-240, /* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */
-241, /* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */
-242, /* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */
-243, /* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */
-244, /* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */
-245, /* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */
-246, /* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
-247, /* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
-125, /* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */
-893, /* OBJ_id_alg_PWRI_KEK 1 2 840 113549 1 9 16 3 9 */
-248, /* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
-249, /* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
-250, /* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-251, /* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-252, /* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-253, /* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-254, /* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-255, /* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-256, /* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-150, /* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
-151, /* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
-152, /* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
-153, /* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
-154, /* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
-155, /* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
-34, /* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
+static const unsigned kNIDsInOIDOrder[] = {
+ 434 /* 0.9 (OBJ_data) */, 182 /* 1.2 (OBJ_member_body) */,
+ 379 /* 1.3 (OBJ_org) */, 676 /* 1.3 (OBJ_identified_organization) */,
+ 11 /* 2.5 (OBJ_X500) */, 647 /* 2.23 (OBJ_international_organizations) */,
+ 380 /* 1.3.6 (OBJ_dod) */, 12 /* 2.5.4 (OBJ_X509) */,
+ 378 /* 2.5.8 (OBJ_X500algorithms) */, 81 /* 2.5.29 (OBJ_id_ce) */,
+ 512 /* 2.23.42 (OBJ_id_set) */, 678 /* 2.23.43 (OBJ_wap) */,
+ 435 /* 0.9.2342 (OBJ_pss) */, 183 /* 1.2.840 (OBJ_ISO_US) */,
+ 381 /* 1.3.6.1 (OBJ_iana) */, 677 /* 1.3.132 (OBJ_certicom_arc) */,
+ 394 /* 2.5.1.5 (OBJ_selected_attribute_types) */,
+ 13 /* 2.5.4.3 (OBJ_commonName) */, 100 /* 2.5.4.4 (OBJ_surname) */,
+ 105 /* 2.5.4.5 (OBJ_serialNumber) */, 14 /* 2.5.4.6 (OBJ_countryName) */,
+ 15 /* 2.5.4.7 (OBJ_localityName) */,
+ 16 /* 2.5.4.8 (OBJ_stateOrProvinceName) */,
+ 660 /* 2.5.4.9 (OBJ_streetAddress) */,
+ 17 /* 2.5.4.10 (OBJ_organizationName) */,
+ 18 /* 2.5.4.11 (OBJ_organizationalUnitName) */,
+ 106 /* 2.5.4.12 (OBJ_title) */, 107 /* 2.5.4.13 (OBJ_description) */,
+ 859 /* 2.5.4.14 (OBJ_searchGuide) */,
+ 860 /* 2.5.4.15 (OBJ_businessCategory) */,
+ 861 /* 2.5.4.16 (OBJ_postalAddress) */, 661 /* 2.5.4.17 (OBJ_postalCode) */,
+ 862 /* 2.5.4.18 (OBJ_postOfficeBox) */,
+ 863 /* 2.5.4.19 (OBJ_physicalDeliveryOfficeName) */,
+ 864 /* 2.5.4.20 (OBJ_telephoneNumber) */,
+ 865 /* 2.5.4.21 (OBJ_telexNumber) */,
+ 866 /* 2.5.4.22 (OBJ_teletexTerminalIdentifier) */,
+ 867 /* 2.5.4.23 (OBJ_facsimileTelephoneNumber) */,
+ 868 /* 2.5.4.24 (OBJ_x121Address) */,
+ 869 /* 2.5.4.25 (OBJ_internationaliSDNNumber) */,
+ 870 /* 2.5.4.26 (OBJ_registeredAddress) */,
+ 871 /* 2.5.4.27 (OBJ_destinationIndicator) */,
+ 872 /* 2.5.4.28 (OBJ_preferredDeliveryMethod) */,
+ 873 /* 2.5.4.29 (OBJ_presentationAddress) */,
+ 874 /* 2.5.4.30 (OBJ_supportedApplicationContext) */,
+ 875 /* 2.5.4.31 (OBJ_member) */, 876 /* 2.5.4.32 (OBJ_owner) */,
+ 877 /* 2.5.4.33 (OBJ_roleOccupant) */, 878 /* 2.5.4.34 (OBJ_seeAlso) */,
+ 879 /* 2.5.4.35 (OBJ_userPassword) */,
+ 880 /* 2.5.4.36 (OBJ_userCertificate) */,
+ 881 /* 2.5.4.37 (OBJ_cACertificate) */,
+ 882 /* 2.5.4.38 (OBJ_authorityRevocationList) */,
+ 883 /* 2.5.4.39 (OBJ_certificateRevocationList) */,
+ 884 /* 2.5.4.40 (OBJ_crossCertificatePair) */,
+ 173 /* 2.5.4.41 (OBJ_name) */, 99 /* 2.5.4.42 (OBJ_givenName) */,
+ 101 /* 2.5.4.43 (OBJ_initials) */,
+ 509 /* 2.5.4.44 (OBJ_generationQualifier) */,
+ 503 /* 2.5.4.45 (OBJ_x500UniqueIdentifier) */,
+ 174 /* 2.5.4.46 (OBJ_dnQualifier) */,
+ 885 /* 2.5.4.47 (OBJ_enhancedSearchGuide) */,
+ 886 /* 2.5.4.48 (OBJ_protocolInformation) */,
+ 887 /* 2.5.4.49 (OBJ_distinguishedName) */,
+ 888 /* 2.5.4.50 (OBJ_uniqueMember) */,
+ 889 /* 2.5.4.51 (OBJ_houseIdentifier) */,
+ 890 /* 2.5.4.52 (OBJ_supportedAlgorithms) */,
+ 891 /* 2.5.4.53 (OBJ_deltaRevocationList) */,
+ 892 /* 2.5.4.54 (OBJ_dmdName) */, 510 /* 2.5.4.65 (OBJ_pseudonym) */,
+ 400 /* 2.5.4.72 (OBJ_role) */,
+ 769 /* 2.5.29.9 (OBJ_subject_directory_attributes) */,
+ 82 /* 2.5.29.14 (OBJ_subject_key_identifier) */,
+ 83 /* 2.5.29.15 (OBJ_key_usage) */,
+ 84 /* 2.5.29.16 (OBJ_private_key_usage_period) */,
+ 85 /* 2.5.29.17 (OBJ_subject_alt_name) */,
+ 86 /* 2.5.29.18 (OBJ_issuer_alt_name) */,
+ 87 /* 2.5.29.19 (OBJ_basic_constraints) */,
+ 88 /* 2.5.29.20 (OBJ_crl_number) */, 141 /* 2.5.29.21 (OBJ_crl_reason) */,
+ 430 /* 2.5.29.23 (OBJ_hold_instruction_code) */,
+ 142 /* 2.5.29.24 (OBJ_invalidity_date) */,
+ 140 /* 2.5.29.27 (OBJ_delta_crl) */,
+ 770 /* 2.5.29.28 (OBJ_issuing_distribution_point) */,
+ 771 /* 2.5.29.29 (OBJ_certificate_issuer) */,
+ 666 /* 2.5.29.30 (OBJ_name_constraints) */,
+ 103 /* 2.5.29.31 (OBJ_crl_distribution_points) */,
+ 89 /* 2.5.29.32 (OBJ_certificate_policies) */,
+ 747 /* 2.5.29.33 (OBJ_policy_mappings) */,
+ 90 /* 2.5.29.35 (OBJ_authority_key_identifier) */,
+ 401 /* 2.5.29.36 (OBJ_policy_constraints) */,
+ 126 /* 2.5.29.37 (OBJ_ext_key_usage) */,
+ 857 /* 2.5.29.46 (OBJ_freshest_crl) */,
+ 748 /* 2.5.29.54 (OBJ_inhibit_any_policy) */,
+ 402 /* 2.5.29.55 (OBJ_target_information) */,
+ 403 /* 2.5.29.56 (OBJ_no_rev_avail) */, 513 /* 2.23.42.0 (OBJ_set_ctype) */,
+ 514 /* 2.23.42.1 (OBJ_set_msgExt) */, 515 /* 2.23.42.3 (OBJ_set_attr) */,
+ 516 /* 2.23.42.5 (OBJ_set_policy) */, 517 /* 2.23.42.7 (OBJ_set_certExt) */,
+ 518 /* 2.23.42.8 (OBJ_set_brand) */, 679 /* 2.23.43.1 (OBJ_wap_wsg) */,
+ 382 /* 1.3.6.1.1 (OBJ_Directory) */, 383 /* 1.3.6.1.2 (OBJ_Management) */,
+ 384 /* 1.3.6.1.3 (OBJ_Experimental) */, 385 /* 1.3.6.1.4 (OBJ_Private) */,
+ 386 /* 1.3.6.1.5 (OBJ_Security) */, 387 /* 1.3.6.1.6 (OBJ_SNMPv2) */,
+ 388 /* 1.3.6.1.7 (OBJ_Mail) */, 376 /* 1.3.14.3.2 (OBJ_algorithm) */,
+ 395 /* 2.5.1.5.55 (OBJ_clearance) */, 19 /* 2.5.8.1.1 (OBJ_rsa) */,
+ 96 /* 2.5.8.3.100 (OBJ_mdc2WithRSA) */, 95 /* 2.5.8.3.101 (OBJ_mdc2) */,
+ 746 /* 2.5.29.32.0 (OBJ_any_policy) */,
+ 910 /* 2.5.29.37.0 (OBJ_anyExtendedKeyUsage) */,
+ 519 /* 2.23.42.0.0 (OBJ_setct_PANData) */,
+ 520 /* 2.23.42.0.1 (OBJ_setct_PANToken) */,
+ 521 /* 2.23.42.0.2 (OBJ_setct_PANOnly) */,
+ 522 /* 2.23.42.0.3 (OBJ_setct_OIData) */,
+ 523 /* 2.23.42.0.4 (OBJ_setct_PI) */,
+ 524 /* 2.23.42.0.5 (OBJ_setct_PIData) */,
+ 525 /* 2.23.42.0.6 (OBJ_setct_PIDataUnsigned) */,
+ 526 /* 2.23.42.0.7 (OBJ_setct_HODInput) */,
+ 527 /* 2.23.42.0.8 (OBJ_setct_AuthResBaggage) */,
+ 528 /* 2.23.42.0.9 (OBJ_setct_AuthRevReqBaggage) */,
+ 529 /* 2.23.42.0.10 (OBJ_setct_AuthRevResBaggage) */,
+ 530 /* 2.23.42.0.11 (OBJ_setct_CapTokenSeq) */,
+ 531 /* 2.23.42.0.12 (OBJ_setct_PInitResData) */,
+ 532 /* 2.23.42.0.13 (OBJ_setct_PI_TBS) */,
+ 533 /* 2.23.42.0.14 (OBJ_setct_PResData) */,
+ 534 /* 2.23.42.0.16 (OBJ_setct_AuthReqTBS) */,
+ 535 /* 2.23.42.0.17 (OBJ_setct_AuthResTBS) */,
+ 536 /* 2.23.42.0.18 (OBJ_setct_AuthResTBSX) */,
+ 537 /* 2.23.42.0.19 (OBJ_setct_AuthTokenTBS) */,
+ 538 /* 2.23.42.0.20 (OBJ_setct_CapTokenData) */,
+ 539 /* 2.23.42.0.21 (OBJ_setct_CapTokenTBS) */,
+ 540 /* 2.23.42.0.22 (OBJ_setct_AcqCardCodeMsg) */,
+ 541 /* 2.23.42.0.23 (OBJ_setct_AuthRevReqTBS) */,
+ 542 /* 2.23.42.0.24 (OBJ_setct_AuthRevResData) */,
+ 543 /* 2.23.42.0.25 (OBJ_setct_AuthRevResTBS) */,
+ 544 /* 2.23.42.0.26 (OBJ_setct_CapReqTBS) */,
+ 545 /* 2.23.42.0.27 (OBJ_setct_CapReqTBSX) */,
+ 546 /* 2.23.42.0.28 (OBJ_setct_CapResData) */,
+ 547 /* 2.23.42.0.29 (OBJ_setct_CapRevReqTBS) */,
+ 548 /* 2.23.42.0.30 (OBJ_setct_CapRevReqTBSX) */,
+ 549 /* 2.23.42.0.31 (OBJ_setct_CapRevResData) */,
+ 550 /* 2.23.42.0.32 (OBJ_setct_CredReqTBS) */,
+ 551 /* 2.23.42.0.33 (OBJ_setct_CredReqTBSX) */,
+ 552 /* 2.23.42.0.34 (OBJ_setct_CredResData) */,
+ 553 /* 2.23.42.0.35 (OBJ_setct_CredRevReqTBS) */,
+ 554 /* 2.23.42.0.36 (OBJ_setct_CredRevReqTBSX) */,
+ 555 /* 2.23.42.0.37 (OBJ_setct_CredRevResData) */,
+ 556 /* 2.23.42.0.38 (OBJ_setct_PCertReqData) */,
+ 557 /* 2.23.42.0.39 (OBJ_setct_PCertResTBS) */,
+ 558 /* 2.23.42.0.40 (OBJ_setct_BatchAdminReqData) */,
+ 559 /* 2.23.42.0.41 (OBJ_setct_BatchAdminResData) */,
+ 560 /* 2.23.42.0.42 (OBJ_setct_CardCInitResTBS) */,
+ 561 /* 2.23.42.0.43 (OBJ_setct_MeAqCInitResTBS) */,
+ 562 /* 2.23.42.0.44 (OBJ_setct_RegFormResTBS) */,
+ 563 /* 2.23.42.0.45 (OBJ_setct_CertReqData) */,
+ 564 /* 2.23.42.0.46 (OBJ_setct_CertReqTBS) */,
+ 565 /* 2.23.42.0.47 (OBJ_setct_CertResData) */,
+ 566 /* 2.23.42.0.48 (OBJ_setct_CertInqReqTBS) */,
+ 567 /* 2.23.42.0.49 (OBJ_setct_ErrorTBS) */,
+ 568 /* 2.23.42.0.50 (OBJ_setct_PIDualSignedTBE) */,
+ 569 /* 2.23.42.0.51 (OBJ_setct_PIUnsignedTBE) */,
+ 570 /* 2.23.42.0.52 (OBJ_setct_AuthReqTBE) */,
+ 571 /* 2.23.42.0.53 (OBJ_setct_AuthResTBE) */,
+ 572 /* 2.23.42.0.54 (OBJ_setct_AuthResTBEX) */,
+ 573 /* 2.23.42.0.55 (OBJ_setct_AuthTokenTBE) */,
+ 574 /* 2.23.42.0.56 (OBJ_setct_CapTokenTBE) */,
+ 575 /* 2.23.42.0.57 (OBJ_setct_CapTokenTBEX) */,
+ 576 /* 2.23.42.0.58 (OBJ_setct_AcqCardCodeMsgTBE) */,
+ 577 /* 2.23.42.0.59 (OBJ_setct_AuthRevReqTBE) */,
+ 578 /* 2.23.42.0.60 (OBJ_setct_AuthRevResTBE) */,
+ 579 /* 2.23.42.0.61 (OBJ_setct_AuthRevResTBEB) */,
+ 580 /* 2.23.42.0.62 (OBJ_setct_CapReqTBE) */,
+ 581 /* 2.23.42.0.63 (OBJ_setct_CapReqTBEX) */,
+ 582 /* 2.23.42.0.64 (OBJ_setct_CapResTBE) */,
+ 583 /* 2.23.42.0.65 (OBJ_setct_CapRevReqTBE) */,
+ 584 /* 2.23.42.0.66 (OBJ_setct_CapRevReqTBEX) */,
+ 585 /* 2.23.42.0.67 (OBJ_setct_CapRevResTBE) */,
+ 586 /* 2.23.42.0.68 (OBJ_setct_CredReqTBE) */,
+ 587 /* 2.23.42.0.69 (OBJ_setct_CredReqTBEX) */,
+ 588 /* 2.23.42.0.70 (OBJ_setct_CredResTBE) */,
+ 589 /* 2.23.42.0.71 (OBJ_setct_CredRevReqTBE) */,
+ 590 /* 2.23.42.0.72 (OBJ_setct_CredRevReqTBEX) */,
+ 591 /* 2.23.42.0.73 (OBJ_setct_CredRevResTBE) */,
+ 592 /* 2.23.42.0.74 (OBJ_setct_BatchAdminReqTBE) */,
+ 593 /* 2.23.42.0.75 (OBJ_setct_BatchAdminResTBE) */,
+ 594 /* 2.23.42.0.76 (OBJ_setct_RegFormReqTBE) */,
+ 595 /* 2.23.42.0.77 (OBJ_setct_CertReqTBE) */,
+ 596 /* 2.23.42.0.78 (OBJ_setct_CertReqTBEX) */,
+ 597 /* 2.23.42.0.79 (OBJ_setct_CertResTBE) */,
+ 598 /* 2.23.42.0.80 (OBJ_setct_CRLNotificationTBS) */,
+ 599 /* 2.23.42.0.81 (OBJ_setct_CRLNotificationResTBS) */,
+ 600 /* 2.23.42.0.82 (OBJ_setct_BCIDistributionTBS) */,
+ 601 /* 2.23.42.1.1 (OBJ_setext_genCrypt) */,
+ 602 /* 2.23.42.1.3 (OBJ_setext_miAuth) */,
+ 603 /* 2.23.42.1.4 (OBJ_setext_pinSecure) */,
+ 604 /* 2.23.42.1.5 (OBJ_setext_pinAny) */,
+ 605 /* 2.23.42.1.7 (OBJ_setext_track2) */,
+ 606 /* 2.23.42.1.8 (OBJ_setext_cv) */,
+ 620 /* 2.23.42.3.0 (OBJ_setAttr_Cert) */,
+ 621 /* 2.23.42.3.1 (OBJ_setAttr_PGWYcap) */,
+ 622 /* 2.23.42.3.2 (OBJ_setAttr_TokenType) */,
+ 623 /* 2.23.42.3.3 (OBJ_setAttr_IssCap) */,
+ 607 /* 2.23.42.5.0 (OBJ_set_policy_root) */,
+ 608 /* 2.23.42.7.0 (OBJ_setCext_hashedRoot) */,
+ 609 /* 2.23.42.7.1 (OBJ_setCext_certType) */,
+ 610 /* 2.23.42.7.2 (OBJ_setCext_merchData) */,
+ 611 /* 2.23.42.7.3 (OBJ_setCext_cCertRequired) */,
+ 612 /* 2.23.42.7.4 (OBJ_setCext_tunneling) */,
+ 613 /* 2.23.42.7.5 (OBJ_setCext_setExt) */,
+ 614 /* 2.23.42.7.6 (OBJ_setCext_setQualf) */,
+ 615 /* 2.23.42.7.7 (OBJ_setCext_PGWYcapabilities) */,
+ 616 /* 2.23.42.7.8 (OBJ_setCext_TokenIdentifier) */,
+ 617 /* 2.23.42.7.9 (OBJ_setCext_Track2Data) */,
+ 618 /* 2.23.42.7.10 (OBJ_setCext_TokenType) */,
+ 619 /* 2.23.42.7.11 (OBJ_setCext_IssuerCapabilities) */,
+ 636 /* 2.23.42.8.1 (OBJ_set_brand_IATA_ATA) */,
+ 640 /* 2.23.42.8.4 (OBJ_set_brand_Visa) */,
+ 641 /* 2.23.42.8.5 (OBJ_set_brand_MasterCard) */,
+ 637 /* 2.23.42.8.30 (OBJ_set_brand_Diners) */,
+ 638 /* 2.23.42.8.34 (OBJ_set_brand_AmericanExpress) */,
+ 639 /* 2.23.42.8.35 (OBJ_set_brand_JCB) */,
+ 805 /* 1.2.643.2.2 (OBJ_cryptopro) */,
+ 806 /* 1.2.643.2.9 (OBJ_cryptocom) */, 184 /* 1.2.840.10040 (OBJ_X9_57) */,
+ 405 /* 1.2.840.10045 (OBJ_ansi_X9_62) */,
+ 389 /* 1.3.6.1.4.1 (OBJ_Enterprises) */,
+ 504 /* 1.3.6.1.7.1 (OBJ_mime_mhs) */,
+ 104 /* 1.3.14.3.2.3 (OBJ_md5WithRSA) */,
+ 29 /* 1.3.14.3.2.6 (OBJ_des_ecb) */, 31 /* 1.3.14.3.2.7 (OBJ_des_cbc) */,
+ 45 /* 1.3.14.3.2.8 (OBJ_des_ofb64) */,
+ 30 /* 1.3.14.3.2.9 (OBJ_des_cfb64) */,
+ 377 /* 1.3.14.3.2.11 (OBJ_rsaSignature) */,
+ 67 /* 1.3.14.3.2.12 (OBJ_dsa_2) */, 66 /* 1.3.14.3.2.13 (OBJ_dsaWithSHA) */,
+ 42 /* 1.3.14.3.2.15 (OBJ_shaWithRSAEncryption) */,
+ 32 /* 1.3.14.3.2.17 (OBJ_des_ede_ecb) */, 41 /* 1.3.14.3.2.18 (OBJ_sha) */,
+ 64 /* 1.3.14.3.2.26 (OBJ_sha1) */,
+ 70 /* 1.3.14.3.2.27 (OBJ_dsaWithSHA1_2) */,
+ 115 /* 1.3.14.3.2.29 (OBJ_sha1WithRSA) */,
+ 117 /* 1.3.36.3.2.1 (OBJ_ripemd160) */, 143 /* 1.3.101.1.4.1 (OBJ_sxnet) */,
+ 721 /* 1.3.132.0.1 (OBJ_sect163k1) */,
+ 722 /* 1.3.132.0.2 (OBJ_sect163r1) */,
+ 728 /* 1.3.132.0.3 (OBJ_sect239k1) */,
+ 717 /* 1.3.132.0.4 (OBJ_sect113r1) */,
+ 718 /* 1.3.132.0.5 (OBJ_sect113r2) */,
+ 704 /* 1.3.132.0.6 (OBJ_secp112r1) */,
+ 705 /* 1.3.132.0.7 (OBJ_secp112r2) */,
+ 709 /* 1.3.132.0.8 (OBJ_secp160r1) */,
+ 708 /* 1.3.132.0.9 (OBJ_secp160k1) */,
+ 714 /* 1.3.132.0.10 (OBJ_secp256k1) */,
+ 723 /* 1.3.132.0.15 (OBJ_sect163r2) */,
+ 729 /* 1.3.132.0.16 (OBJ_sect283k1) */,
+ 730 /* 1.3.132.0.17 (OBJ_sect283r1) */,
+ 719 /* 1.3.132.0.22 (OBJ_sect131r1) */,
+ 720 /* 1.3.132.0.23 (OBJ_sect131r2) */,
+ 724 /* 1.3.132.0.24 (OBJ_sect193r1) */,
+ 725 /* 1.3.132.0.25 (OBJ_sect193r2) */,
+ 726 /* 1.3.132.0.26 (OBJ_sect233k1) */,
+ 727 /* 1.3.132.0.27 (OBJ_sect233r1) */,
+ 706 /* 1.3.132.0.28 (OBJ_secp128r1) */,
+ 707 /* 1.3.132.0.29 (OBJ_secp128r2) */,
+ 710 /* 1.3.132.0.30 (OBJ_secp160r2) */,
+ 711 /* 1.3.132.0.31 (OBJ_secp192k1) */,
+ 712 /* 1.3.132.0.32 (OBJ_secp224k1) */,
+ 713 /* 1.3.132.0.33 (OBJ_secp224r1) */,
+ 715 /* 1.3.132.0.34 (OBJ_secp384r1) */,
+ 716 /* 1.3.132.0.35 (OBJ_secp521r1) */,
+ 731 /* 1.3.132.0.36 (OBJ_sect409k1) */,
+ 732 /* 1.3.132.0.37 (OBJ_sect409r1) */,
+ 733 /* 1.3.132.0.38 (OBJ_sect571k1) */,
+ 734 /* 1.3.132.0.39 (OBJ_sect571r1) */,
+ 624 /* 2.23.42.3.0.0 (OBJ_set_rootKeyThumb) */,
+ 625 /* 2.23.42.3.0.1 (OBJ_set_addPolicy) */,
+ 626 /* 2.23.42.3.2.1 (OBJ_setAttr_Token_EMV) */,
+ 627 /* 2.23.42.3.2.2 (OBJ_setAttr_Token_B0Prime) */,
+ 628 /* 2.23.42.3.3.3 (OBJ_setAttr_IssCap_CVM) */,
+ 629 /* 2.23.42.3.3.4 (OBJ_setAttr_IssCap_T2) */,
+ 630 /* 2.23.42.3.3.5 (OBJ_setAttr_IssCap_Sig) */,
+ 642 /* 2.23.42.8.6011 (OBJ_set_brand_Novus) */,
+ 735 /* 2.23.43.1.4.1 (OBJ_wap_wsg_idm_ecid_wtls1) */,
+ 736 /* 2.23.43.1.4.3 (OBJ_wap_wsg_idm_ecid_wtls3) */,
+ 737 /* 2.23.43.1.4.4 (OBJ_wap_wsg_idm_ecid_wtls4) */,
+ 738 /* 2.23.43.1.4.5 (OBJ_wap_wsg_idm_ecid_wtls5) */,
+ 739 /* 2.23.43.1.4.6 (OBJ_wap_wsg_idm_ecid_wtls6) */,
+ 740 /* 2.23.43.1.4.7 (OBJ_wap_wsg_idm_ecid_wtls7) */,
+ 741 /* 2.23.43.1.4.8 (OBJ_wap_wsg_idm_ecid_wtls8) */,
+ 742 /* 2.23.43.1.4.9 (OBJ_wap_wsg_idm_ecid_wtls9) */,
+ 743 /* 2.23.43.1.4.10 (OBJ_wap_wsg_idm_ecid_wtls10) */,
+ 744 /* 2.23.43.1.4.11 (OBJ_wap_wsg_idm_ecid_wtls11) */,
+ 745 /* 2.23.43.1.4.12 (OBJ_wap_wsg_idm_ecid_wtls12) */,
+ 804 /* 1.0.10118.3.0.55 (OBJ_whirlpool) */,
+ 773 /* 1.2.410.200004 (OBJ_kisa) */,
+ 807 /* 1.2.643.2.2.3 (OBJ_id_GostR3411_94_with_GostR3410_2001) */,
+ 808 /* 1.2.643.2.2.4 (OBJ_id_GostR3411_94_with_GostR3410_94) */,
+ 809 /* 1.2.643.2.2.9 (OBJ_id_GostR3411_94) */,
+ 810 /* 1.2.643.2.2.10 (OBJ_id_HMACGostR3411_94) */,
+ 811 /* 1.2.643.2.2.19 (OBJ_id_GostR3410_2001) */,
+ 812 /* 1.2.643.2.2.20 (OBJ_id_GostR3410_94) */,
+ 813 /* 1.2.643.2.2.21 (OBJ_id_Gost28147_89) */,
+ 815 /* 1.2.643.2.2.22 (OBJ_id_Gost28147_89_MAC) */,
+ 816 /* 1.2.643.2.2.23 (OBJ_id_GostR3411_94_prf) */,
+ 817 /* 1.2.643.2.2.98 (OBJ_id_GostR3410_2001DH) */,
+ 818 /* 1.2.643.2.2.99 (OBJ_id_GostR3410_94DH) */,
+ 1 /* 1.2.840.113549 (OBJ_rsadsi) */, 185 /* 1.2.840.10040.4 (OBJ_X9cm) */,
+ 127 /* 1.3.6.1.5.5.7 (OBJ_id_pkix) */,
+ 505 /* 1.3.6.1.7.1.1 (OBJ_mime_mhs_headings) */,
+ 506 /* 1.3.6.1.7.1.2 (OBJ_mime_mhs_bodies) */,
+ 119 /* 1.3.36.3.3.1.2 (OBJ_ripemd160WithRSA) */,
+ 937 /* 1.3.132.1.11.0 (OBJ_dhSinglePass_stdDH_sha224kdf_scheme) */,
+ 938 /* 1.3.132.1.11.1 (OBJ_dhSinglePass_stdDH_sha256kdf_scheme) */,
+ 939 /* 1.3.132.1.11.2 (OBJ_dhSinglePass_stdDH_sha384kdf_scheme) */,
+ 940 /* 1.3.132.1.11.3 (OBJ_dhSinglePass_stdDH_sha512kdf_scheme) */,
+ 942 /* 1.3.132.1.14.0 (OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme) */,
+ 943 /* 1.3.132.1.14.1 (OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme) */,
+ 944 /* 1.3.132.1.14.2 (OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme) */,
+ 945 /* 1.3.132.1.14.3 (OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme) */,
+ 631 /* 2.23.42.3.3.3.1 (OBJ_setAttr_GenCryptgrm) */,
+ 632 /* 2.23.42.3.3.4.1 (OBJ_setAttr_T2Enc) */,
+ 633 /* 2.23.42.3.3.4.2 (OBJ_setAttr_T2cleartxt) */,
+ 634 /* 2.23.42.3.3.5.1 (OBJ_setAttr_TokICCsig) */,
+ 635 /* 2.23.42.3.3.5.2 (OBJ_setAttr_SecDevSig) */,
+ 436 /* 0.9.2342.19200300 (OBJ_ucl) */,
+ 820 /* 1.2.643.2.2.14.0 (OBJ_id_Gost28147_89_None_KeyMeshing) */,
+ 819 /* 1.2.643.2.2.14.1 (OBJ_id_Gost28147_89_CryptoPro_KeyMeshing) */,
+ 845 /* 1.2.643.2.2.20.1 (OBJ_id_GostR3410_94_a) */,
+ 846 /* 1.2.643.2.2.20.2 (OBJ_id_GostR3410_94_aBis) */,
+ 847 /* 1.2.643.2.2.20.3 (OBJ_id_GostR3410_94_b) */,
+ 848 /* 1.2.643.2.2.20.4 (OBJ_id_GostR3410_94_bBis) */,
+ 821 /* 1.2.643.2.2.30.0 (OBJ_id_GostR3411_94_TestParamSet) */,
+ 822 /* 1.2.643.2.2.30.1 (OBJ_id_GostR3411_94_CryptoProParamSet) */,
+ 823 /* 1.2.643.2.2.31.0 (OBJ_id_Gost28147_89_TestParamSet) */,
+ 824 /* 1.2.643.2.2.31.1 (OBJ_id_Gost28147_89_CryptoPro_A_ParamSet) */,
+ 825 /* 1.2.643.2.2.31.2 (OBJ_id_Gost28147_89_CryptoPro_B_ParamSet) */,
+ 826 /* 1.2.643.2.2.31.3 (OBJ_id_Gost28147_89_CryptoPro_C_ParamSet) */,
+ 827 /* 1.2.643.2.2.31.4 (OBJ_id_Gost28147_89_CryptoPro_D_ParamSet) */,
+ 828 /* 1.2.643.2.2.31.5 (OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet) */
+ ,
+ 829 /* 1.2.643.2.2.31.6 (OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet) */
+ ,
+ 830 /* 1.2.643.2.2.31.7 (OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet) */,
+ 831 /* 1.2.643.2.2.32.0 (OBJ_id_GostR3410_94_TestParamSet) */,
+ 832 /* 1.2.643.2.2.32.2 (OBJ_id_GostR3410_94_CryptoPro_A_ParamSet) */,
+ 833 /* 1.2.643.2.2.32.3 (OBJ_id_GostR3410_94_CryptoPro_B_ParamSet) */,
+ 834 /* 1.2.643.2.2.32.4 (OBJ_id_GostR3410_94_CryptoPro_C_ParamSet) */,
+ 835 /* 1.2.643.2.2.32.5 (OBJ_id_GostR3410_94_CryptoPro_D_ParamSet) */,
+ 836 /* 1.2.643.2.2.33.1 (OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet) */,
+ 837 /* 1.2.643.2.2.33.2 (OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet) */,
+ 838 /* 1.2.643.2.2.33.3 (OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet) */,
+ 839 /* 1.2.643.2.2.35.0 (OBJ_id_GostR3410_2001_TestParamSet) */,
+ 840 /* 1.2.643.2.2.35.1 (OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet) */,
+ 841 /* 1.2.643.2.2.35.2 (OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet) */,
+ 842 /* 1.2.643.2.2.35.3 (OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet) */,
+ 843 /* 1.2.643.2.2.36.0 (OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet) */,
+ 844 /* 1.2.643.2.2.36.1 (OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet) */,
+ 2 /* 1.2.840.113549.1 (OBJ_pkcs) */,
+ 431 /* 1.2.840.10040.2.1 (OBJ_hold_instruction_none) */,
+ 432 /* 1.2.840.10040.2.2 (OBJ_hold_instruction_call_issuer) */,
+ 433 /* 1.2.840.10040.2.3 (OBJ_hold_instruction_reject) */,
+ 116 /* 1.2.840.10040.4.1 (OBJ_dsa) */,
+ 113 /* 1.2.840.10040.4.3 (OBJ_dsaWithSHA1) */,
+ 406 /* 1.2.840.10045.1.1 (OBJ_X9_62_prime_field) */,
+ 407 /* 1.2.840.10045.1.2 (OBJ_X9_62_characteristic_two_field) */,
+ 408 /* 1.2.840.10045.2.1 (OBJ_X9_62_id_ecPublicKey) */,
+ 416 /* 1.2.840.10045.4.1 (OBJ_ecdsa_with_SHA1) */,
+ 791 /* 1.2.840.10045.4.2 (OBJ_ecdsa_with_Recommended) */,
+ 792 /* 1.2.840.10045.4.3 (OBJ_ecdsa_with_Specified) */,
+ 920 /* 1.2.840.10046.2.1 (OBJ_dhpublicnumber) */,
+ 258 /* 1.3.6.1.5.5.7.0 (OBJ_id_pkix_mod) */,
+ 175 /* 1.3.6.1.5.5.7.1 (OBJ_id_pe) */,
+ 259 /* 1.3.6.1.5.5.7.2 (OBJ_id_qt) */,
+ 128 /* 1.3.6.1.5.5.7.3 (OBJ_id_kp) */,
+ 260 /* 1.3.6.1.5.5.7.4 (OBJ_id_it) */,
+ 261 /* 1.3.6.1.5.5.7.5 (OBJ_id_pkip) */,
+ 262 /* 1.3.6.1.5.5.7.6 (OBJ_id_alg) */,
+ 263 /* 1.3.6.1.5.5.7.7 (OBJ_id_cmc) */,
+ 264 /* 1.3.6.1.5.5.7.8 (OBJ_id_on) */,
+ 265 /* 1.3.6.1.5.5.7.9 (OBJ_id_pda) */,
+ 266 /* 1.3.6.1.5.5.7.10 (OBJ_id_aca) */,
+ 267 /* 1.3.6.1.5.5.7.11 (OBJ_id_qcs) */,
+ 268 /* 1.3.6.1.5.5.7.12 (OBJ_id_cct) */,
+ 662 /* 1.3.6.1.5.5.7.21 (OBJ_id_ppl) */,
+ 176 /* 1.3.6.1.5.5.7.48 (OBJ_id_ad) */,
+ 507 /* 1.3.6.1.7.1.1.1 (OBJ_id_hex_partial_message) */,
+ 508 /* 1.3.6.1.7.1.1.2 (OBJ_id_hex_multipart_message) */,
+ 57 /* 2.16.840.1.113730 (OBJ_netscape) */,
+ 754 /* 0.3.4401.5.3.1.9.1 (OBJ_camellia_128_ecb) */,
+ 766 /* 0.3.4401.5.3.1.9.3 (OBJ_camellia_128_ofb128) */,
+ 757 /* 0.3.4401.5.3.1.9.4 (OBJ_camellia_128_cfb128) */,
+ 755 /* 0.3.4401.5.3.1.9.21 (OBJ_camellia_192_ecb) */,
+ 767 /* 0.3.4401.5.3.1.9.23 (OBJ_camellia_192_ofb128) */,
+ 758 /* 0.3.4401.5.3.1.9.24 (OBJ_camellia_192_cfb128) */,
+ 756 /* 0.3.4401.5.3.1.9.41 (OBJ_camellia_256_ecb) */,
+ 768 /* 0.3.4401.5.3.1.9.43 (OBJ_camellia_256_ofb128) */,
+ 759 /* 0.3.4401.5.3.1.9.44 (OBJ_camellia_256_cfb128) */,
+ 437 /* 0.9.2342.19200300.100 (OBJ_pilot) */,
+ 776 /* 1.2.410.200004.1.3 (OBJ_seed_ecb) */,
+ 777 /* 1.2.410.200004.1.4 (OBJ_seed_cbc) */,
+ 779 /* 1.2.410.200004.1.5 (OBJ_seed_cfb128) */,
+ 778 /* 1.2.410.200004.1.6 (OBJ_seed_ofb128) */,
+ 852 /* 1.2.643.2.9.1.3.3 (OBJ_id_GostR3411_94_with_GostR3410_94_cc) */,
+ 853 /* 1.2.643.2.9.1.3.4 (OBJ_id_GostR3411_94_with_GostR3410_2001_cc) */,
+ 850 /* 1.2.643.2.9.1.5.3 (OBJ_id_GostR3410_94_cc) */,
+ 851 /* 1.2.643.2.9.1.5.4 (OBJ_id_GostR3410_2001_cc) */,
+ 849 /* 1.2.643.2.9.1.6.1 (OBJ_id_Gost28147_89_cc) */,
+ 854 /* 1.2.643.2.9.1.8.1 (OBJ_id_GostR3410_2001_ParamSet_cc) */,
+ 186 /* 1.2.840.113549.1.1 (OBJ_pkcs1) */,
+ 27 /* 1.2.840.113549.1.3 (OBJ_pkcs3) */,
+ 187 /* 1.2.840.113549.1.5 (OBJ_pkcs5) */,
+ 20 /* 1.2.840.113549.1.7 (OBJ_pkcs7) */,
+ 47 /* 1.2.840.113549.1.9 (OBJ_pkcs9) */,
+ 3 /* 1.2.840.113549.2.2 (OBJ_md2) */,
+ 257 /* 1.2.840.113549.2.4 (OBJ_md4) */,
+ 4 /* 1.2.840.113549.2.5 (OBJ_md5) */,
+ 797 /* 1.2.840.113549.2.6 (OBJ_hmacWithMD5) */,
+ 163 /* 1.2.840.113549.2.7 (OBJ_hmacWithSHA1) */,
+ 798 /* 1.2.840.113549.2.8 (OBJ_hmacWithSHA224) */,
+ 799 /* 1.2.840.113549.2.9 (OBJ_hmacWithSHA256) */,
+ 800 /* 1.2.840.113549.2.10 (OBJ_hmacWithSHA384) */,
+ 801 /* 1.2.840.113549.2.11 (OBJ_hmacWithSHA512) */,
+ 37 /* 1.2.840.113549.3.2 (OBJ_rc2_cbc) */,
+ 5 /* 1.2.840.113549.3.4 (OBJ_rc4) */,
+ 44 /* 1.2.840.113549.3.7 (OBJ_des_ede3_cbc) */,
+ 120 /* 1.2.840.113549.3.8 (OBJ_rc5_cbc) */,
+ 643 /* 1.2.840.113549.3.10 (OBJ_des_cdmf) */,
+ 680 /* 1.2.840.10045.1.2.3 (OBJ_X9_62_id_characteristic_two_basis) */,
+ 684 /* 1.2.840.10045.3.0.1 (OBJ_X9_62_c2pnb163v1) */,
+ 685 /* 1.2.840.10045.3.0.2 (OBJ_X9_62_c2pnb163v2) */,
+ 686 /* 1.2.840.10045.3.0.3 (OBJ_X9_62_c2pnb163v3) */,
+ 687 /* 1.2.840.10045.3.0.4 (OBJ_X9_62_c2pnb176v1) */,
+ 688 /* 1.2.840.10045.3.0.5 (OBJ_X9_62_c2tnb191v1) */,
+ 689 /* 1.2.840.10045.3.0.6 (OBJ_X9_62_c2tnb191v2) */,
+ 690 /* 1.2.840.10045.3.0.7 (OBJ_X9_62_c2tnb191v3) */,
+ 691 /* 1.2.840.10045.3.0.8 (OBJ_X9_62_c2onb191v4) */,
+ 692 /* 1.2.840.10045.3.0.9 (OBJ_X9_62_c2onb191v5) */,
+ 693 /* 1.2.840.10045.3.0.10 (OBJ_X9_62_c2pnb208w1) */,
+ 694 /* 1.2.840.10045.3.0.11 (OBJ_X9_62_c2tnb239v1) */,
+ 695 /* 1.2.840.10045.3.0.12 (OBJ_X9_62_c2tnb239v2) */,
+ 696 /* 1.2.840.10045.3.0.13 (OBJ_X9_62_c2tnb239v3) */,
+ 697 /* 1.2.840.10045.3.0.14 (OBJ_X9_62_c2onb239v4) */,
+ 698 /* 1.2.840.10045.3.0.15 (OBJ_X9_62_c2onb239v5) */,
+ 699 /* 1.2.840.10045.3.0.16 (OBJ_X9_62_c2pnb272w1) */,
+ 700 /* 1.2.840.10045.3.0.17 (OBJ_X9_62_c2pnb304w1) */,
+ 701 /* 1.2.840.10045.3.0.18 (OBJ_X9_62_c2tnb359v1) */,
+ 702 /* 1.2.840.10045.3.0.19 (OBJ_X9_62_c2pnb368w1) */,
+ 703 /* 1.2.840.10045.3.0.20 (OBJ_X9_62_c2tnb431r1) */,
+ 409 /* 1.2.840.10045.3.1.1 (OBJ_X9_62_prime192v1) */,
+ 410 /* 1.2.840.10045.3.1.2 (OBJ_X9_62_prime192v2) */,
+ 411 /* 1.2.840.10045.3.1.3 (OBJ_X9_62_prime192v3) */,
+ 412 /* 1.2.840.10045.3.1.4 (OBJ_X9_62_prime239v1) */,
+ 413 /* 1.2.840.10045.3.1.5 (OBJ_X9_62_prime239v2) */,
+ 414 /* 1.2.840.10045.3.1.6 (OBJ_X9_62_prime239v3) */,
+ 415 /* 1.2.840.10045.3.1.7 (OBJ_X9_62_prime256v1) */,
+ 793 /* 1.2.840.10045.4.3.1 (OBJ_ecdsa_with_SHA224) */,
+ 794 /* 1.2.840.10045.4.3.2 (OBJ_ecdsa_with_SHA256) */,
+ 795 /* 1.2.840.10045.4.3.3 (OBJ_ecdsa_with_SHA384) */,
+ 796 /* 1.2.840.10045.4.3.4 (OBJ_ecdsa_with_SHA512) */,
+ 269 /* 1.3.6.1.5.5.7.0.1 (OBJ_id_pkix1_explicit_88) */,
+ 270 /* 1.3.6.1.5.5.7.0.2 (OBJ_id_pkix1_implicit_88) */,
+ 271 /* 1.3.6.1.5.5.7.0.3 (OBJ_id_pkix1_explicit_93) */,
+ 272 /* 1.3.6.1.5.5.7.0.4 (OBJ_id_pkix1_implicit_93) */,
+ 273 /* 1.3.6.1.5.5.7.0.5 (OBJ_id_mod_crmf) */,
+ 274 /* 1.3.6.1.5.5.7.0.6 (OBJ_id_mod_cmc) */,
+ 275 /* 1.3.6.1.5.5.7.0.7 (OBJ_id_mod_kea_profile_88) */,
+ 276 /* 1.3.6.1.5.5.7.0.8 (OBJ_id_mod_kea_profile_93) */,
+ 277 /* 1.3.6.1.5.5.7.0.9 (OBJ_id_mod_cmp) */,
+ 278 /* 1.3.6.1.5.5.7.0.10 (OBJ_id_mod_qualified_cert_88) */,
+ 279 /* 1.3.6.1.5.5.7.0.11 (OBJ_id_mod_qualified_cert_93) */,
+ 280 /* 1.3.6.1.5.5.7.0.12 (OBJ_id_mod_attribute_cert) */,
+ 281 /* 1.3.6.1.5.5.7.0.13 (OBJ_id_mod_timestamp_protocol) */,
+ 282 /* 1.3.6.1.5.5.7.0.14 (OBJ_id_mod_ocsp) */,
+ 283 /* 1.3.6.1.5.5.7.0.15 (OBJ_id_mod_dvcs) */,
+ 284 /* 1.3.6.1.5.5.7.0.16 (OBJ_id_mod_cmp2000) */,
+ 177 /* 1.3.6.1.5.5.7.1.1 (OBJ_info_access) */,
+ 285 /* 1.3.6.1.5.5.7.1.2 (OBJ_biometricInfo) */,
+ 286 /* 1.3.6.1.5.5.7.1.3 (OBJ_qcStatements) */,
+ 287 /* 1.3.6.1.5.5.7.1.4 (OBJ_ac_auditEntity) */,
+ 288 /* 1.3.6.1.5.5.7.1.5 (OBJ_ac_targeting) */,
+ 289 /* 1.3.6.1.5.5.7.1.6 (OBJ_aaControls) */,
+ 290 /* 1.3.6.1.5.5.7.1.7 (OBJ_sbgp_ipAddrBlock) */,
+ 291 /* 1.3.6.1.5.5.7.1.8 (OBJ_sbgp_autonomousSysNum) */,
+ 292 /* 1.3.6.1.5.5.7.1.9 (OBJ_sbgp_routerIdentifier) */,
+ 397 /* 1.3.6.1.5.5.7.1.10 (OBJ_ac_proxying) */,
+ 398 /* 1.3.6.1.5.5.7.1.11 (OBJ_sinfo_access) */,
+ 663 /* 1.3.6.1.5.5.7.1.14 (OBJ_proxyCertInfo) */,
+ 164 /* 1.3.6.1.5.5.7.2.1 (OBJ_id_qt_cps) */,
+ 165 /* 1.3.6.1.5.5.7.2.2 (OBJ_id_qt_unotice) */,
+ 293 /* 1.3.6.1.5.5.7.2.3 (OBJ_textNotice) */,
+ 129 /* 1.3.6.1.5.5.7.3.1 (OBJ_server_auth) */,
+ 130 /* 1.3.6.1.5.5.7.3.2 (OBJ_client_auth) */,
+ 131 /* 1.3.6.1.5.5.7.3.3 (OBJ_code_sign) */,
+ 132 /* 1.3.6.1.5.5.7.3.4 (OBJ_email_protect) */,
+ 294 /* 1.3.6.1.5.5.7.3.5 (OBJ_ipsecEndSystem) */,
+ 295 /* 1.3.6.1.5.5.7.3.6 (OBJ_ipsecTunnel) */,
+ 296 /* 1.3.6.1.5.5.7.3.7 (OBJ_ipsecUser) */,
+ 133 /* 1.3.6.1.5.5.7.3.8 (OBJ_time_stamp) */,
+ 180 /* 1.3.6.1.5.5.7.3.9 (OBJ_OCSP_sign) */,
+ 297 /* 1.3.6.1.5.5.7.3.10 (OBJ_dvcs) */,
+ 298 /* 1.3.6.1.5.5.7.4.1 (OBJ_id_it_caProtEncCert) */,
+ 299 /* 1.3.6.1.5.5.7.4.2 (OBJ_id_it_signKeyPairTypes) */,
+ 300 /* 1.3.6.1.5.5.7.4.3 (OBJ_id_it_encKeyPairTypes) */,
+ 301 /* 1.3.6.1.5.5.7.4.4 (OBJ_id_it_preferredSymmAlg) */,
+ 302 /* 1.3.6.1.5.5.7.4.5 (OBJ_id_it_caKeyUpdateInfo) */,
+ 303 /* 1.3.6.1.5.5.7.4.6 (OBJ_id_it_currentCRL) */,
+ 304 /* 1.3.6.1.5.5.7.4.7 (OBJ_id_it_unsupportedOIDs) */,
+ 305 /* 1.3.6.1.5.5.7.4.8 (OBJ_id_it_subscriptionRequest) */,
+ 306 /* 1.3.6.1.5.5.7.4.9 (OBJ_id_it_subscriptionResponse) */,
+ 307 /* 1.3.6.1.5.5.7.4.10 (OBJ_id_it_keyPairParamReq) */,
+ 308 /* 1.3.6.1.5.5.7.4.11 (OBJ_id_it_keyPairParamRep) */,
+ 309 /* 1.3.6.1.5.5.7.4.12 (OBJ_id_it_revPassphrase) */,
+ 310 /* 1.3.6.1.5.5.7.4.13 (OBJ_id_it_implicitConfirm) */,
+ 311 /* 1.3.6.1.5.5.7.4.14 (OBJ_id_it_confirmWaitTime) */,
+ 312 /* 1.3.6.1.5.5.7.4.15 (OBJ_id_it_origPKIMessage) */,
+ 784 /* 1.3.6.1.5.5.7.4.16 (OBJ_id_it_suppLangTags) */,
+ 313 /* 1.3.6.1.5.5.7.5.1 (OBJ_id_regCtrl) */,
+ 314 /* 1.3.6.1.5.5.7.5.2 (OBJ_id_regInfo) */,
+ 323 /* 1.3.6.1.5.5.7.6.1 (OBJ_id_alg_des40) */,
+ 324 /* 1.3.6.1.5.5.7.6.2 (OBJ_id_alg_noSignature) */,
+ 325 /* 1.3.6.1.5.5.7.6.3 (OBJ_id_alg_dh_sig_hmac_sha1) */,
+ 326 /* 1.3.6.1.5.5.7.6.4 (OBJ_id_alg_dh_pop) */,
+ 327 /* 1.3.6.1.5.5.7.7.1 (OBJ_id_cmc_statusInfo) */,
+ 328 /* 1.3.6.1.5.5.7.7.2 (OBJ_id_cmc_identification) */,
+ 329 /* 1.3.6.1.5.5.7.7.3 (OBJ_id_cmc_identityProof) */,
+ 330 /* 1.3.6.1.5.5.7.7.4 (OBJ_id_cmc_dataReturn) */,
+ 331 /* 1.3.6.1.5.5.7.7.5 (OBJ_id_cmc_transactionId) */,
+ 332 /* 1.3.6.1.5.5.7.7.6 (OBJ_id_cmc_senderNonce) */,
+ 333 /* 1.3.6.1.5.5.7.7.7 (OBJ_id_cmc_recipientNonce) */,
+ 334 /* 1.3.6.1.5.5.7.7.8 (OBJ_id_cmc_addExtensions) */,
+ 335 /* 1.3.6.1.5.5.7.7.9 (OBJ_id_cmc_encryptedPOP) */,
+ 336 /* 1.3.6.1.5.5.7.7.10 (OBJ_id_cmc_decryptedPOP) */,
+ 337 /* 1.3.6.1.5.5.7.7.11 (OBJ_id_cmc_lraPOPWitness) */,
+ 338 /* 1.3.6.1.5.5.7.7.15 (OBJ_id_cmc_getCert) */,
+ 339 /* 1.3.6.1.5.5.7.7.16 (OBJ_id_cmc_getCRL) */,
+ 340 /* 1.3.6.1.5.5.7.7.17 (OBJ_id_cmc_revokeRequest) */,
+ 341 /* 1.3.6.1.5.5.7.7.18 (OBJ_id_cmc_regInfo) */,
+ 342 /* 1.3.6.1.5.5.7.7.19 (OBJ_id_cmc_responseInfo) */,
+ 343 /* 1.3.6.1.5.5.7.7.21 (OBJ_id_cmc_queryPending) */,
+ 344 /* 1.3.6.1.5.5.7.7.22 (OBJ_id_cmc_popLinkRandom) */,
+ 345 /* 1.3.6.1.5.5.7.7.23 (OBJ_id_cmc_popLinkWitness) */,
+ 346 /* 1.3.6.1.5.5.7.7.24 (OBJ_id_cmc_confirmCertAcceptance) */,
+ 347 /* 1.3.6.1.5.5.7.8.1 (OBJ_id_on_personalData) */,
+ 858 /* 1.3.6.1.5.5.7.8.3 (OBJ_id_on_permanentIdentifier) */,
+ 348 /* 1.3.6.1.5.5.7.9.1 (OBJ_id_pda_dateOfBirth) */,
+ 349 /* 1.3.6.1.5.5.7.9.2 (OBJ_id_pda_placeOfBirth) */,
+ 351 /* 1.3.6.1.5.5.7.9.3 (OBJ_id_pda_gender) */,
+ 352 /* 1.3.6.1.5.5.7.9.4 (OBJ_id_pda_countryOfCitizenship) */,
+ 353 /* 1.3.6.1.5.5.7.9.5 (OBJ_id_pda_countryOfResidence) */,
+ 354 /* 1.3.6.1.5.5.7.10.1 (OBJ_id_aca_authenticationInfo) */,
+ 355 /* 1.3.6.1.5.5.7.10.2 (OBJ_id_aca_accessIdentity) */,
+ 356 /* 1.3.6.1.5.5.7.10.3 (OBJ_id_aca_chargingIdentity) */,
+ 357 /* 1.3.6.1.5.5.7.10.4 (OBJ_id_aca_group) */,
+ 358 /* 1.3.6.1.5.5.7.10.5 (OBJ_id_aca_role) */,
+ 399 /* 1.3.6.1.5.5.7.10.6 (OBJ_id_aca_encAttrs) */,
+ 359 /* 1.3.6.1.5.5.7.11.1 (OBJ_id_qcs_pkixQCSyntax_v1) */,
+ 360 /* 1.3.6.1.5.5.7.12.1 (OBJ_id_cct_crs) */,
+ 361 /* 1.3.6.1.5.5.7.12.2 (OBJ_id_cct_PKIData) */,
+ 362 /* 1.3.6.1.5.5.7.12.3 (OBJ_id_cct_PKIResponse) */,
+ 664 /* 1.3.6.1.5.5.7.21.0 (OBJ_id_ppl_anyLanguage) */,
+ 665 /* 1.3.6.1.5.5.7.21.1 (OBJ_id_ppl_inheritAll) */,
+ 667 /* 1.3.6.1.5.5.7.21.2 (OBJ_Independent) */,
+ 178 /* 1.3.6.1.5.5.7.48.1 (OBJ_ad_OCSP) */,
+ 179 /* 1.3.6.1.5.5.7.48.2 (OBJ_ad_ca_issuers) */,
+ 363 /* 1.3.6.1.5.5.7.48.3 (OBJ_ad_timeStamping) */,
+ 364 /* 1.3.6.1.5.5.7.48.4 (OBJ_ad_dvcs) */,
+ 785 /* 1.3.6.1.5.5.7.48.5 (OBJ_caRepository) */,
+ 780 /* 1.3.6.1.5.5.8.1.1 (OBJ_hmac_md5) */,
+ 781 /* 1.3.6.1.5.5.8.1.2 (OBJ_hmac_sha1) */,
+ 58 /* 2.16.840.1.113730.1 (OBJ_netscape_cert_extension) */,
+ 59 /* 2.16.840.1.113730.2 (OBJ_netscape_data_type) */,
+ 438 /* 0.9.2342.19200300.100.1 (OBJ_pilotAttributeType) */,
+ 439 /* 0.9.2342.19200300.100.3 (OBJ_pilotAttributeSyntax) */,
+ 440 /* 0.9.2342.19200300.100.4 (OBJ_pilotObjectClass) */,
+ 441 /* 0.9.2342.19200300.100.10 (OBJ_pilotGroups) */,
+ 108 /* 1.2.840.113533.7.66.10 (OBJ_cast5_cbc) */,
+ 112 /* 1.2.840.113533.7.66.12 (OBJ_pbeWithMD5AndCast5_CBC) */,
+ 782 /* 1.2.840.113533.7.66.13 (OBJ_id_PasswordBasedMAC) */,
+ 783 /* 1.2.840.113533.7.66.30 (OBJ_id_DHBasedMac) */,
+ 6 /* 1.2.840.113549.1.1.1 (OBJ_rsaEncryption) */,
+ 7 /* 1.2.840.113549.1.1.2 (OBJ_md2WithRSAEncryption) */,
+ 396 /* 1.2.840.113549.1.1.3 (OBJ_md4WithRSAEncryption) */,
+ 8 /* 1.2.840.113549.1.1.4 (OBJ_md5WithRSAEncryption) */,
+ 65 /* 1.2.840.113549.1.1.5 (OBJ_sha1WithRSAEncryption) */,
+ 644 /* 1.2.840.113549.1.1.6 (OBJ_rsaOAEPEncryptionSET) */,
+ 919 /* 1.2.840.113549.1.1.7 (OBJ_rsaesOaep) */,
+ 911 /* 1.2.840.113549.1.1.8 (OBJ_mgf1) */,
+ 935 /* 1.2.840.113549.1.1.9 (OBJ_pSpecified) */,
+ 912 /* 1.2.840.113549.1.1.10 (OBJ_rsassaPss) */,
+ 668 /* 1.2.840.113549.1.1.11 (OBJ_sha256WithRSAEncryption) */,
+ 669 /* 1.2.840.113549.1.1.12 (OBJ_sha384WithRSAEncryption) */,
+ 670 /* 1.2.840.113549.1.1.13 (OBJ_sha512WithRSAEncryption) */,
+ 671 /* 1.2.840.113549.1.1.14 (OBJ_sha224WithRSAEncryption) */,
+ 28 /* 1.2.840.113549.1.3.1 (OBJ_dhKeyAgreement) */,
+ 9 /* 1.2.840.113549.1.5.1 (OBJ_pbeWithMD2AndDES_CBC) */,
+ 10 /* 1.2.840.113549.1.5.3 (OBJ_pbeWithMD5AndDES_CBC) */,
+ 168 /* 1.2.840.113549.1.5.4 (OBJ_pbeWithMD2AndRC2_CBC) */,
+ 169 /* 1.2.840.113549.1.5.6 (OBJ_pbeWithMD5AndRC2_CBC) */,
+ 170 /* 1.2.840.113549.1.5.10 (OBJ_pbeWithSHA1AndDES_CBC) */,
+ 68 /* 1.2.840.113549.1.5.11 (OBJ_pbeWithSHA1AndRC2_CBC) */,
+ 69 /* 1.2.840.113549.1.5.12 (OBJ_id_pbkdf2) */,
+ 161 /* 1.2.840.113549.1.5.13 (OBJ_pbes2) */,
+ 162 /* 1.2.840.113549.1.5.14 (OBJ_pbmac1) */,
+ 21 /* 1.2.840.113549.1.7.1 (OBJ_pkcs7_data) */,
+ 22 /* 1.2.840.113549.1.7.2 (OBJ_pkcs7_signed) */,
+ 23 /* 1.2.840.113549.1.7.3 (OBJ_pkcs7_enveloped) */,
+ 24 /* 1.2.840.113549.1.7.4 (OBJ_pkcs7_signedAndEnveloped) */,
+ 25 /* 1.2.840.113549.1.7.5 (OBJ_pkcs7_digest) */,
+ 26 /* 1.2.840.113549.1.7.6 (OBJ_pkcs7_encrypted) */,
+ 48 /* 1.2.840.113549.1.9.1 (OBJ_pkcs9_emailAddress) */,
+ 49 /* 1.2.840.113549.1.9.2 (OBJ_pkcs9_unstructuredName) */,
+ 50 /* 1.2.840.113549.1.9.3 (OBJ_pkcs9_contentType) */,
+ 51 /* 1.2.840.113549.1.9.4 (OBJ_pkcs9_messageDigest) */,
+ 52 /* 1.2.840.113549.1.9.5 (OBJ_pkcs9_signingTime) */,
+ 53 /* 1.2.840.113549.1.9.6 (OBJ_pkcs9_countersignature) */,
+ 54 /* 1.2.840.113549.1.9.7 (OBJ_pkcs9_challengePassword) */,
+ 55 /* 1.2.840.113549.1.9.8 (OBJ_pkcs9_unstructuredAddress) */,
+ 56 /* 1.2.840.113549.1.9.9 (OBJ_pkcs9_extCertAttributes) */,
+ 172 /* 1.2.840.113549.1.9.14 (OBJ_ext_req) */,
+ 167 /* 1.2.840.113549.1.9.15 (OBJ_SMIMECapabilities) */,
+ 188 /* 1.2.840.113549.1.9.16 (OBJ_SMIME) */,
+ 156 /* 1.2.840.113549.1.9.20 (OBJ_friendlyName) */,
+ 157 /* 1.2.840.113549.1.9.21 (OBJ_localKeyID) */,
+ 681 /* 1.2.840.10045.1.2.3.1 (OBJ_X9_62_onBasis) */,
+ 682 /* 1.2.840.10045.1.2.3.2 (OBJ_X9_62_tpBasis) */,
+ 683 /* 1.2.840.10045.1.2.3.3 (OBJ_X9_62_ppBasis) */,
+ 417 /* 1.3.6.1.4.1.311.17.1 (OBJ_ms_csp_name) */,
+ 856 /* 1.3.6.1.4.1.311.17.2 (OBJ_LocalKeySet) */,
+ 390 /* 1.3.6.1.4.1.1466.344 (OBJ_dcObject) */,
+ 91 /* 1.3.6.1.4.1.3029.1.2 (OBJ_bf_cbc) */,
+ 315 /* 1.3.6.1.5.5.7.5.1.1 (OBJ_id_regCtrl_regToken) */,
+ 316 /* 1.3.6.1.5.5.7.5.1.2 (OBJ_id_regCtrl_authenticator) */,
+ 317 /* 1.3.6.1.5.5.7.5.1.3 (OBJ_id_regCtrl_pkiPublicationInfo) */,
+ 318 /* 1.3.6.1.5.5.7.5.1.4 (OBJ_id_regCtrl_pkiArchiveOptions) */,
+ 319 /* 1.3.6.1.5.5.7.5.1.5 (OBJ_id_regCtrl_oldCertID) */,
+ 320 /* 1.3.6.1.5.5.7.5.1.6 (OBJ_id_regCtrl_protocolEncrKey) */,
+ 321 /* 1.3.6.1.5.5.7.5.2.1 (OBJ_id_regInfo_utf8Pairs) */,
+ 322 /* 1.3.6.1.5.5.7.5.2.2 (OBJ_id_regInfo_certReq) */,
+ 365 /* 1.3.6.1.5.5.7.48.1.1 (OBJ_id_pkix_OCSP_basic) */,
+ 366 /* 1.3.6.1.5.5.7.48.1.2 (OBJ_id_pkix_OCSP_Nonce) */,
+ 367 /* 1.3.6.1.5.5.7.48.1.3 (OBJ_id_pkix_OCSP_CrlID) */,
+ 368 /* 1.3.6.1.5.5.7.48.1.4 (OBJ_id_pkix_OCSP_acceptableResponses) */,
+ 369 /* 1.3.6.1.5.5.7.48.1.5 (OBJ_id_pkix_OCSP_noCheck) */,
+ 370 /* 1.3.6.1.5.5.7.48.1.6 (OBJ_id_pkix_OCSP_archiveCutoff) */,
+ 371 /* 1.3.6.1.5.5.7.48.1.7 (OBJ_id_pkix_OCSP_serviceLocator) */,
+ 372 /* 1.3.6.1.5.5.7.48.1.8 (OBJ_id_pkix_OCSP_extendedStatus) */,
+ 373 /* 1.3.6.1.5.5.7.48.1.9 (OBJ_id_pkix_OCSP_valid) */,
+ 374 /* 1.3.6.1.5.5.7.48.1.10 (OBJ_id_pkix_OCSP_path) */,
+ 375 /* 1.3.6.1.5.5.7.48.1.11 (OBJ_id_pkix_OCSP_trustRoot) */,
+ 921 /* 1.3.36.3.3.2.8.1.1.1 (OBJ_brainpoolP160r1) */,
+ 922 /* 1.3.36.3.3.2.8.1.1.2 (OBJ_brainpoolP160t1) */,
+ 923 /* 1.3.36.3.3.2.8.1.1.3 (OBJ_brainpoolP192r1) */,
+ 924 /* 1.3.36.3.3.2.8.1.1.4 (OBJ_brainpoolP192t1) */,
+ 925 /* 1.3.36.3.3.2.8.1.1.5 (OBJ_brainpoolP224r1) */,
+ 926 /* 1.3.36.3.3.2.8.1.1.6 (OBJ_brainpoolP224t1) */,
+ 927 /* 1.3.36.3.3.2.8.1.1.7 (OBJ_brainpoolP256r1) */,
+ 928 /* 1.3.36.3.3.2.8.1.1.8 (OBJ_brainpoolP256t1) */,
+ 929 /* 1.3.36.3.3.2.8.1.1.9 (OBJ_brainpoolP320r1) */,
+ 930 /* 1.3.36.3.3.2.8.1.1.10 (OBJ_brainpoolP320t1) */,
+ 931 /* 1.3.36.3.3.2.8.1.1.11 (OBJ_brainpoolP384r1) */,
+ 932 /* 1.3.36.3.3.2.8.1.1.12 (OBJ_brainpoolP384t1) */,
+ 933 /* 1.3.36.3.3.2.8.1.1.13 (OBJ_brainpoolP512r1) */,
+ 934 /* 1.3.36.3.3.2.8.1.1.14 (OBJ_brainpoolP512t1) */,
+ 936 /* 1.3.133.16.840.63.0.2 (OBJ_dhSinglePass_stdDH_sha1kdf_scheme) */,
+ 941 /* 1.3.133.16.840.63.0.3 (OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme) */
+ ,
+ 418 /* 2.16.840.1.101.3.4.1.1 (OBJ_aes_128_ecb) */,
+ 419 /* 2.16.840.1.101.3.4.1.2 (OBJ_aes_128_cbc) */,
+ 420 /* 2.16.840.1.101.3.4.1.3 (OBJ_aes_128_ofb128) */,
+ 421 /* 2.16.840.1.101.3.4.1.4 (OBJ_aes_128_cfb128) */,
+ 788 /* 2.16.840.1.101.3.4.1.5 (OBJ_id_aes128_wrap) */,
+ 895 /* 2.16.840.1.101.3.4.1.6 (OBJ_aes_128_gcm) */,
+ 896 /* 2.16.840.1.101.3.4.1.7 (OBJ_aes_128_ccm) */,
+ 897 /* 2.16.840.1.101.3.4.1.8 (OBJ_id_aes128_wrap_pad) */,
+ 422 /* 2.16.840.1.101.3.4.1.21 (OBJ_aes_192_ecb) */,
+ 423 /* 2.16.840.1.101.3.4.1.22 (OBJ_aes_192_cbc) */,
+ 424 /* 2.16.840.1.101.3.4.1.23 (OBJ_aes_192_ofb128) */,
+ 425 /* 2.16.840.1.101.3.4.1.24 (OBJ_aes_192_cfb128) */,
+ 789 /* 2.16.840.1.101.3.4.1.25 (OBJ_id_aes192_wrap) */,
+ 898 /* 2.16.840.1.101.3.4.1.26 (OBJ_aes_192_gcm) */,
+ 899 /* 2.16.840.1.101.3.4.1.27 (OBJ_aes_192_ccm) */,
+ 900 /* 2.16.840.1.101.3.4.1.28 (OBJ_id_aes192_wrap_pad) */,
+ 426 /* 2.16.840.1.101.3.4.1.41 (OBJ_aes_256_ecb) */,
+ 427 /* 2.16.840.1.101.3.4.1.42 (OBJ_aes_256_cbc) */,
+ 428 /* 2.16.840.1.101.3.4.1.43 (OBJ_aes_256_ofb128) */,
+ 429 /* 2.16.840.1.101.3.4.1.44 (OBJ_aes_256_cfb128) */,
+ 790 /* 2.16.840.1.101.3.4.1.45 (OBJ_id_aes256_wrap) */,
+ 901 /* 2.16.840.1.101.3.4.1.46 (OBJ_aes_256_gcm) */,
+ 902 /* 2.16.840.1.101.3.4.1.47 (OBJ_aes_256_ccm) */,
+ 903 /* 2.16.840.1.101.3.4.1.48 (OBJ_id_aes256_wrap_pad) */,
+ 672 /* 2.16.840.1.101.3.4.2.1 (OBJ_sha256) */,
+ 673 /* 2.16.840.1.101.3.4.2.2 (OBJ_sha384) */,
+ 674 /* 2.16.840.1.101.3.4.2.3 (OBJ_sha512) */,
+ 675 /* 2.16.840.1.101.3.4.2.4 (OBJ_sha224) */,
+ 802 /* 2.16.840.1.101.3.4.3.1 (OBJ_dsa_with_SHA224) */,
+ 803 /* 2.16.840.1.101.3.4.3.2 (OBJ_dsa_with_SHA256) */,
+ 71 /* 2.16.840.1.113730.1.1 (OBJ_netscape_cert_type) */,
+ 72 /* 2.16.840.1.113730.1.2 (OBJ_netscape_base_url) */,
+ 73 /* 2.16.840.1.113730.1.3 (OBJ_netscape_revocation_url) */,
+ 74 /* 2.16.840.1.113730.1.4 (OBJ_netscape_ca_revocation_url) */,
+ 75 /* 2.16.840.1.113730.1.7 (OBJ_netscape_renewal_url) */,
+ 76 /* 2.16.840.1.113730.1.8 (OBJ_netscape_ca_policy_url) */,
+ 77 /* 2.16.840.1.113730.1.12 (OBJ_netscape_ssl_server_name) */,
+ 78 /* 2.16.840.1.113730.1.13 (OBJ_netscape_comment) */,
+ 79 /* 2.16.840.1.113730.2.5 (OBJ_netscape_cert_sequence) */,
+ 139 /* 2.16.840.1.113730.4.1 (OBJ_ns_sgc) */,
+ 458 /* 0.9.2342.19200300.100.1.1 (OBJ_userId) */,
+ 459 /* 0.9.2342.19200300.100.1.2 (OBJ_textEncodedORAddress) */,
+ 460 /* 0.9.2342.19200300.100.1.3 (OBJ_rfc822Mailbox) */,
+ 461 /* 0.9.2342.19200300.100.1.4 (OBJ_info) */,
+ 462 /* 0.9.2342.19200300.100.1.5 (OBJ_favouriteDrink) */,
+ 463 /* 0.9.2342.19200300.100.1.6 (OBJ_roomNumber) */,
+ 464 /* 0.9.2342.19200300.100.1.7 (OBJ_photo) */,
+ 465 /* 0.9.2342.19200300.100.1.8 (OBJ_userClass) */,
+ 466 /* 0.9.2342.19200300.100.1.9 (OBJ_host) */,
+ 467 /* 0.9.2342.19200300.100.1.10 (OBJ_manager) */,
+ 468 /* 0.9.2342.19200300.100.1.11 (OBJ_documentIdentifier) */,
+ 469 /* 0.9.2342.19200300.100.1.12 (OBJ_documentTitle) */,
+ 470 /* 0.9.2342.19200300.100.1.13 (OBJ_documentVersion) */,
+ 471 /* 0.9.2342.19200300.100.1.14 (OBJ_documentAuthor) */,
+ 472 /* 0.9.2342.19200300.100.1.15 (OBJ_documentLocation) */,
+ 473 /* 0.9.2342.19200300.100.1.20 (OBJ_homeTelephoneNumber) */,
+ 474 /* 0.9.2342.19200300.100.1.21 (OBJ_secretary) */,
+ 475 /* 0.9.2342.19200300.100.1.22 (OBJ_otherMailbox) */,
+ 476 /* 0.9.2342.19200300.100.1.23 (OBJ_lastModifiedTime) */,
+ 477 /* 0.9.2342.19200300.100.1.24 (OBJ_lastModifiedBy) */,
+ 391 /* 0.9.2342.19200300.100.1.25 (OBJ_domainComponent) */,
+ 478 /* 0.9.2342.19200300.100.1.26 (OBJ_aRecord) */,
+ 479 /* 0.9.2342.19200300.100.1.27 (OBJ_pilotAttributeType27) */,
+ 480 /* 0.9.2342.19200300.100.1.28 (OBJ_mXRecord) */,
+ 481 /* 0.9.2342.19200300.100.1.29 (OBJ_nSRecord) */,
+ 482 /* 0.9.2342.19200300.100.1.30 (OBJ_sOARecord) */,
+ 483 /* 0.9.2342.19200300.100.1.31 (OBJ_cNAMERecord) */,
+ 484 /* 0.9.2342.19200300.100.1.37 (OBJ_associatedDomain) */,
+ 485 /* 0.9.2342.19200300.100.1.38 (OBJ_associatedName) */,
+ 486 /* 0.9.2342.19200300.100.1.39 (OBJ_homePostalAddress) */,
+ 487 /* 0.9.2342.19200300.100.1.40 (OBJ_personalTitle) */,
+ 488 /* 0.9.2342.19200300.100.1.41 (OBJ_mobileTelephoneNumber) */,
+ 489 /* 0.9.2342.19200300.100.1.42 (OBJ_pagerTelephoneNumber) */,
+ 490 /* 0.9.2342.19200300.100.1.43 (OBJ_friendlyCountryName) */,
+ 491 /* 0.9.2342.19200300.100.1.45 (OBJ_organizationalStatus) */,
+ 492 /* 0.9.2342.19200300.100.1.46 (OBJ_janetMailbox) */,
+ 493 /* 0.9.2342.19200300.100.1.47 (OBJ_mailPreferenceOption) */,
+ 494 /* 0.9.2342.19200300.100.1.48 (OBJ_buildingName) */,
+ 495 /* 0.9.2342.19200300.100.1.49 (OBJ_dSAQuality) */,
+ 496 /* 0.9.2342.19200300.100.1.50 (OBJ_singleLevelQuality) */,
+ 497 /* 0.9.2342.19200300.100.1.51 (OBJ_subtreeMinimumQuality) */,
+ 498 /* 0.9.2342.19200300.100.1.52 (OBJ_subtreeMaximumQuality) */,
+ 499 /* 0.9.2342.19200300.100.1.53 (OBJ_personalSignature) */,
+ 500 /* 0.9.2342.19200300.100.1.54 (OBJ_dITRedirect) */,
+ 501 /* 0.9.2342.19200300.100.1.55 (OBJ_audio) */,
+ 502 /* 0.9.2342.19200300.100.1.56 (OBJ_documentPublisher) */,
+ 442 /* 0.9.2342.19200300.100.3.4 (OBJ_iA5StringSyntax) */,
+ 443 /* 0.9.2342.19200300.100.3.5 (OBJ_caseIgnoreIA5StringSyntax) */,
+ 444 /* 0.9.2342.19200300.100.4.3 (OBJ_pilotObject) */,
+ 445 /* 0.9.2342.19200300.100.4.4 (OBJ_pilotPerson) */,
+ 446 /* 0.9.2342.19200300.100.4.5 (OBJ_account) */,
+ 447 /* 0.9.2342.19200300.100.4.6 (OBJ_document) */,
+ 448 /* 0.9.2342.19200300.100.4.7 (OBJ_room) */,
+ 449 /* 0.9.2342.19200300.100.4.9 (OBJ_documentSeries) */,
+ 392 /* 0.9.2342.19200300.100.4.13 (OBJ_Domain) */,
+ 450 /* 0.9.2342.19200300.100.4.14 (OBJ_rFC822localPart) */,
+ 451 /* 0.9.2342.19200300.100.4.15 (OBJ_dNSDomain) */,
+ 452 /* 0.9.2342.19200300.100.4.17 (OBJ_domainRelatedObject) */,
+ 453 /* 0.9.2342.19200300.100.4.18 (OBJ_friendlyCountry) */,
+ 454 /* 0.9.2342.19200300.100.4.19 (OBJ_simpleSecurityObject) */,
+ 455 /* 0.9.2342.19200300.100.4.20 (OBJ_pilotOrganization) */,
+ 456 /* 0.9.2342.19200300.100.4.21 (OBJ_pilotDSA) */,
+ 457 /* 0.9.2342.19200300.100.4.22 (OBJ_qualityLabelledData) */,
+ 189 /* 1.2.840.113549.1.9.16.0 (OBJ_id_smime_mod) */,
+ 190 /* 1.2.840.113549.1.9.16.1 (OBJ_id_smime_ct) */,
+ 191 /* 1.2.840.113549.1.9.16.2 (OBJ_id_smime_aa) */,
+ 192 /* 1.2.840.113549.1.9.16.3 (OBJ_id_smime_alg) */,
+ 193 /* 1.2.840.113549.1.9.16.4 (OBJ_id_smime_cd) */,
+ 194 /* 1.2.840.113549.1.9.16.5 (OBJ_id_smime_spq) */,
+ 195 /* 1.2.840.113549.1.9.16.6 (OBJ_id_smime_cti) */,
+ 158 /* 1.2.840.113549.1.9.22.1 (OBJ_x509Certificate) */,
+ 159 /* 1.2.840.113549.1.9.22.2 (OBJ_sdsiCertificate) */,
+ 160 /* 1.2.840.113549.1.9.23.1 (OBJ_x509Crl) */,
+ 144 /* 1.2.840.113549.1.12.1.1 (OBJ_pbe_WithSHA1And128BitRC4) */,
+ 145 /* 1.2.840.113549.1.12.1.2 (OBJ_pbe_WithSHA1And40BitRC4) */,
+ 146 /* 1.2.840.113549.1.12.1.3 (OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC) */,
+ 147 /* 1.2.840.113549.1.12.1.4 (OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC) */,
+ 148 /* 1.2.840.113549.1.12.1.5 (OBJ_pbe_WithSHA1And128BitRC2_CBC) */,
+ 149 /* 1.2.840.113549.1.12.1.6 (OBJ_pbe_WithSHA1And40BitRC2_CBC) */,
+ 171 /* 1.3.6.1.4.1.311.2.1.14 (OBJ_ms_ext_req) */,
+ 134 /* 1.3.6.1.4.1.311.2.1.21 (OBJ_ms_code_ind) */,
+ 135 /* 1.3.6.1.4.1.311.2.1.22 (OBJ_ms_code_com) */,
+ 136 /* 1.3.6.1.4.1.311.10.3.1 (OBJ_ms_ctl_sign) */,
+ 137 /* 1.3.6.1.4.1.311.10.3.3 (OBJ_ms_sgc) */,
+ 138 /* 1.3.6.1.4.1.311.10.3.4 (OBJ_ms_efs) */,
+ 648 /* 1.3.6.1.4.1.311.20.2.2 (OBJ_ms_smartcard_login) */,
+ 649 /* 1.3.6.1.4.1.311.20.2.3 (OBJ_ms_upn) */,
+ 751 /* 1.2.392.200011.61.1.1.1.2 (OBJ_camellia_128_cbc) */,
+ 752 /* 1.2.392.200011.61.1.1.1.3 (OBJ_camellia_192_cbc) */,
+ 753 /* 1.2.392.200011.61.1.1.1.4 (OBJ_camellia_256_cbc) */,
+ 907 /* 1.2.392.200011.61.1.1.3.2 (OBJ_id_camellia128_wrap) */,
+ 908 /* 1.2.392.200011.61.1.1.3.3 (OBJ_id_camellia192_wrap) */,
+ 909 /* 1.2.392.200011.61.1.1.3.4 (OBJ_id_camellia256_wrap) */,
+ 196 /* 1.2.840.113549.1.9.16.0.1 (OBJ_id_smime_mod_cms) */,
+ 197 /* 1.2.840.113549.1.9.16.0.2 (OBJ_id_smime_mod_ess) */,
+ 198 /* 1.2.840.113549.1.9.16.0.3 (OBJ_id_smime_mod_oid) */,
+ 199 /* 1.2.840.113549.1.9.16.0.4 (OBJ_id_smime_mod_msg_v3) */,
+ 200 /* 1.2.840.113549.1.9.16.0.5 (OBJ_id_smime_mod_ets_eSignature_88) */,
+ 201 /* 1.2.840.113549.1.9.16.0.6 (OBJ_id_smime_mod_ets_eSignature_97) */,
+ 202 /* 1.2.840.113549.1.9.16.0.7 (OBJ_id_smime_mod_ets_eSigPolicy_88) */,
+ 203 /* 1.2.840.113549.1.9.16.0.8 (OBJ_id_smime_mod_ets_eSigPolicy_97) */,
+ 204 /* 1.2.840.113549.1.9.16.1.1 (OBJ_id_smime_ct_receipt) */,
+ 205 /* 1.2.840.113549.1.9.16.1.2 (OBJ_id_smime_ct_authData) */,
+ 206 /* 1.2.840.113549.1.9.16.1.3 (OBJ_id_smime_ct_publishCert) */,
+ 207 /* 1.2.840.113549.1.9.16.1.4 (OBJ_id_smime_ct_TSTInfo) */,
+ 208 /* 1.2.840.113549.1.9.16.1.5 (OBJ_id_smime_ct_TDTInfo) */,
+ 209 /* 1.2.840.113549.1.9.16.1.6 (OBJ_id_smime_ct_contentInfo) */,
+ 210 /* 1.2.840.113549.1.9.16.1.7 (OBJ_id_smime_ct_DVCSRequestData) */,
+ 211 /* 1.2.840.113549.1.9.16.1.8 (OBJ_id_smime_ct_DVCSResponseData) */,
+ 786 /* 1.2.840.113549.1.9.16.1.9 (OBJ_id_smime_ct_compressedData) */,
+ 787 /* 1.2.840.113549.1.9.16.1.27 (OBJ_id_ct_asciiTextWithCRLF) */,
+ 212 /* 1.2.840.113549.1.9.16.2.1 (OBJ_id_smime_aa_receiptRequest) */,
+ 213 /* 1.2.840.113549.1.9.16.2.2 (OBJ_id_smime_aa_securityLabel) */,
+ 214 /* 1.2.840.113549.1.9.16.2.3 (OBJ_id_smime_aa_mlExpandHistory) */,
+ 215 /* 1.2.840.113549.1.9.16.2.4 (OBJ_id_smime_aa_contentHint) */,
+ 216 /* 1.2.840.113549.1.9.16.2.5 (OBJ_id_smime_aa_msgSigDigest) */,
+ 217 /* 1.2.840.113549.1.9.16.2.6 (OBJ_id_smime_aa_encapContentType) */,
+ 218 /* 1.2.840.113549.1.9.16.2.7 (OBJ_id_smime_aa_contentIdentifier) */,
+ 219 /* 1.2.840.113549.1.9.16.2.8 (OBJ_id_smime_aa_macValue) */,
+ 220 /* 1.2.840.113549.1.9.16.2.9 (OBJ_id_smime_aa_equivalentLabels) */,
+ 221 /* 1.2.840.113549.1.9.16.2.10 (OBJ_id_smime_aa_contentReference) */,
+ 222 /* 1.2.840.113549.1.9.16.2.11 (OBJ_id_smime_aa_encrypKeyPref) */,
+ 223 /* 1.2.840.113549.1.9.16.2.12 (OBJ_id_smime_aa_signingCertificate) */,
+ 224 /* 1.2.840.113549.1.9.16.2.13 (OBJ_id_smime_aa_smimeEncryptCerts) */,
+ 225 /* 1.2.840.113549.1.9.16.2.14 (OBJ_id_smime_aa_timeStampToken) */,
+ 226 /* 1.2.840.113549.1.9.16.2.15 (OBJ_id_smime_aa_ets_sigPolicyId) */,
+ 227 /* 1.2.840.113549.1.9.16.2.16 (OBJ_id_smime_aa_ets_commitmentType) */,
+ 228 /* 1.2.840.113549.1.9.16.2.17 (OBJ_id_smime_aa_ets_signerLocation) */,
+ 229 /* 1.2.840.113549.1.9.16.2.18 (OBJ_id_smime_aa_ets_signerAttr) */,
+ 230 /* 1.2.840.113549.1.9.16.2.19 (OBJ_id_smime_aa_ets_otherSigCert) */,
+ 231 /* 1.2.840.113549.1.9.16.2.20 (OBJ_id_smime_aa_ets_contentTimestamp) */,
+ 232 /* 1.2.840.113549.1.9.16.2.21 (OBJ_id_smime_aa_ets_CertificateRefs) */,
+ 233 /* 1.2.840.113549.1.9.16.2.22 (OBJ_id_smime_aa_ets_RevocationRefs) */,
+ 234 /* 1.2.840.113549.1.9.16.2.23 (OBJ_id_smime_aa_ets_certValues) */,
+ 235 /* 1.2.840.113549.1.9.16.2.24 (OBJ_id_smime_aa_ets_revocationValues) */,
+ 236 /* 1.2.840.113549.1.9.16.2.25 (OBJ_id_smime_aa_ets_escTimeStamp) */,
+ 237 /* 1.2.840.113549.1.9.16.2.26 (OBJ_id_smime_aa_ets_certCRLTimestamp) */,
+ 238 /* 1.2.840.113549.1.9.16.2.27 (OBJ_id_smime_aa_ets_archiveTimeStamp) */,
+ 239 /* 1.2.840.113549.1.9.16.2.28 (OBJ_id_smime_aa_signatureType) */,
+ 240 /* 1.2.840.113549.1.9.16.2.29 (OBJ_id_smime_aa_dvcs_dvc) */,
+ 241 /* 1.2.840.113549.1.9.16.3.1 (OBJ_id_smime_alg_ESDHwith3DES) */,
+ 242 /* 1.2.840.113549.1.9.16.3.2 (OBJ_id_smime_alg_ESDHwithRC2) */,
+ 243 /* 1.2.840.113549.1.9.16.3.3 (OBJ_id_smime_alg_3DESwrap) */,
+ 244 /* 1.2.840.113549.1.9.16.3.4 (OBJ_id_smime_alg_RC2wrap) */,
+ 245 /* 1.2.840.113549.1.9.16.3.5 (OBJ_id_smime_alg_ESDH) */,
+ 246 /* 1.2.840.113549.1.9.16.3.6 (OBJ_id_smime_alg_CMS3DESwrap) */,
+ 247 /* 1.2.840.113549.1.9.16.3.7 (OBJ_id_smime_alg_CMSRC2wrap) */,
+ 125 /* 1.2.840.113549.1.9.16.3.8 (OBJ_zlib_compression) */,
+ 893 /* 1.2.840.113549.1.9.16.3.9 (OBJ_id_alg_PWRI_KEK) */,
+ 248 /* 1.2.840.113549.1.9.16.4.1 (OBJ_id_smime_cd_ldap) */,
+ 249 /* 1.2.840.113549.1.9.16.5.1 (OBJ_id_smime_spq_ets_sqt_uri) */,
+ 250 /* 1.2.840.113549.1.9.16.5.2 (OBJ_id_smime_spq_ets_sqt_unotice) */,
+ 251 /* 1.2.840.113549.1.9.16.6.1 (OBJ_id_smime_cti_ets_proofOfOrigin) */,
+ 252 /* 1.2.840.113549.1.9.16.6.2 (OBJ_id_smime_cti_ets_proofOfReceipt) */,
+ 253 /* 1.2.840.113549.1.9.16.6.3 (OBJ_id_smime_cti_ets_proofOfDelivery) */,
+ 254 /* 1.2.840.113549.1.9.16.6.4 (OBJ_id_smime_cti_ets_proofOfSender) */,
+ 255 /* 1.2.840.113549.1.9.16.6.5 (OBJ_id_smime_cti_ets_proofOfApproval) */,
+ 256 /* 1.2.840.113549.1.9.16.6.6 (OBJ_id_smime_cti_ets_proofOfCreation) */,
+ 150 /* 1.2.840.113549.1.12.10.1.1 (OBJ_keyBag) */,
+ 151 /* 1.2.840.113549.1.12.10.1.2 (OBJ_pkcs8ShroudedKeyBag) */,
+ 152 /* 1.2.840.113549.1.12.10.1.3 (OBJ_certBag) */,
+ 153 /* 1.2.840.113549.1.12.10.1.4 (OBJ_crlBag) */,
+ 154 /* 1.2.840.113549.1.12.10.1.5 (OBJ_secretBag) */,
+ 155 /* 1.2.840.113549.1.12.10.1.6 (OBJ_safeContentsBag) */,
+ 34 /* 1.3.6.1.4.1.188.7.1.1.2 (OBJ_idea_cbc) */,
};
-
diff --git a/src/crypto/obj/obj_dat.pl b/src/crypto/obj/obj_dat.pl
deleted file mode 100644
index 036ded5..0000000
--- a/src/crypto/obj/obj_dat.pl
+++ /dev/null
@@ -1,309 +0,0 @@
-#!/usr/bin/env perl
-
-# fixes bug in floating point emulation on sparc64 when
-# this script produces off-by-one output on sparc64
-use integer;
-
-if (scalar @ARGV != 2)
- {
- print "Usage: perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h\n";
- exit 1;
- }
-
-sub obj_cmp
- {
- local(@a,@b,$_,$r);
-
- $A=$obj_len{$obj{$nid{$a}}};
- $B=$obj_len{$obj{$nid{$b}}};
-
- $r=($A-$B);
- return($r) if $r != 0;
-
- $A=$obj_der{$obj{$nid{$a}}};
- $B=$obj_der{$obj{$nid{$b}}};
-
- return($A cmp $B);
- }
-
-sub expand_obj
- {
- local(*v)=@_;
- local($k,$d);
- local($i);
-
- do {
- $i=0;
- foreach $k (keys %v)
- {
- if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
- { $i++; }
- }
- } while($i);
- foreach $k (keys %v)
- {
- @a=split(/,/,$v{$k});
- $objn{$k}=$#a+1;
- }
- return(%objn);
- }
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-
-while (<IN>)
- {
- next unless /^\#define\s+(\S+)\s+(.*)$/;
- $v=$1;
- $d=$2;
- $d =~ s/^\"//;
- $d =~ s/\"$//;
- if ($v =~ /^SN_(.*)$/)
- {
- if(defined $snames{$d})
- {
- print "WARNING: Duplicate short name \"$d\"\n";
- }
- else
- { $snames{$d} = "X"; }
- $sn{$1}=$d;
- }
- elsif ($v =~ /^LN_(.*)$/)
- {
- if(defined $lnames{$d})
- {
- print "WARNING: Duplicate long name \"$d\"\n";
- }
- else
- { $lnames{$d} = "X"; }
- $ln{$1}=$d;
- }
- elsif ($v =~ /^NID_(.*)$/)
- { $nid{$d}=$1; }
- elsif ($v =~ /^OBJ_(.*)$/)
- {
- $obj{$1}=$v;
- $objd{$v}=$d;
- }
- }
-close IN;
-
-%ob=&expand_obj(*objd);
-
-@a=sort { $a <=> $b } keys %nid;
-$n=$a[$#a]+1;
-
-@lvalues=();
-$lvalues=0;
-
-for ($i=0; $i<$n; $i++)
- {
- if (!defined($nid{$i}))
- {
- push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
- }
- else
- {
- $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
- $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
-
- if ($sn eq "NULL") {
- $sn=$ln;
- $sn{$nid{$i}} = $ln;
- }
-
- if ($ln eq "NULL") {
- $ln=$sn;
- $ln{$nid{$i}} = $sn;
- }
-
- $out ="{";
- $out.="\"$sn\"";
- $out.=","."\"$ln\"";
- $out.=",NID_$nid{$i},";
- if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
- {
- $v=$objd{$obj{$nid{$i}}};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- $r=&der_it($v);
- $z="";
- $length=0;
- foreach (unpack("C*",$r))
- {
- $z.=sprintf("0x%02X,",$_);
- $length++;
- }
- $obj_der{$obj{$nid{$i}}}=$z;
- $obj_len{$obj{$nid{$i}}}=$length;
-
- push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
- $z,$lvalues,$obj{$nid{$i}}));
- $out.="$length,&(lvalues[$lvalues]),0";
- $lvalues+=$length;
- }
- else
- {
- $out.="0,NULL,0";
- }
- $out.="},\n";
- push(@out,$out);
- }
- }
-
-@a=grep(defined($sn{$nid{$_}}),0 .. $n);
-foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
- {
- push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($ln{$nid{$_}}),0 .. $n);
-foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
- {
- push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($obj{$nid{$_}}) && $objd{$obj{$nid{$_}}} =~ /,/,0 .. $n);
-foreach (sort obj_cmp @a)
- {
- $m=$obj{$nid{$_}};
- $v=$objd{$m};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
- }
-
-print OUT <<'EOF';
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.] */
-
-EOF
-
-printf OUT "#define NUM_NID %d\n",$n;
-printf OUT "#define NUM_SN %d\n",$#sn+1;
-printf OUT "#define NUM_LN %d\n",$#ln+1;
-printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-
-printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
-print OUT @lvalues;
-print OUT "};\n\n";
-
-printf OUT "static const ASN1_OBJECT kObjects[NUM_NID]={\n";
-foreach (@out)
- {
- if (length($_) > 75)
- {
- $out="";
- foreach (split(/,/))
- {
- $t=$out.$_.",";
- if (length($t) > 70)
- {
- print OUT "$out\n";
- $t="\t$_,";
- }
- $out=$t;
- }
- chop $out;
- print OUT "$out";
- }
- else
- { print OUT $_; }
- }
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInShortNameOrder[NUM_SN]={\n";
-print OUT @sn;
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInLongNameOrder[NUM_LN]={\n";
-print OUT @ln;
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInOIDOrder[NUM_OBJ]={\n";
-print OUT @ob;
-print OUT "};\n\n";
-
-close OUT;
-
-sub der_it
- {
- local($v)=@_;
- local(@a,$i,$ret,@r);
-
- @a=split(/\s+/,$v);
- $ret.=pack("C*",$a[0]*40+$a[1]);
- shift @a;
- shift @a;
- foreach (@a)
- {
- @r=();
- $t=0;
- while ($_ >= 128)
- {
- $x=$_%128;
- $_/=128;
- push(@r,((($t++)?0x80:0)|$x));
- }
- push(@r,((($t++)?0x80:0)|$_));
- $ret.=pack("C*",reverse(@r));
- }
- return($ret);
- }
diff --git a/src/crypto/obj/obj_mac.num b/src/crypto/obj/obj_mac.num
index 074657a..ef19a6d 100644
--- a/src/crypto/obj/obj_mac.num
+++ b/src/crypto/obj/obj_mac.num
@@ -100,7 +100,6 @@
givenName 99
surname 100
initials 101
-uniqueIdentifier 102
crl_distribution_points 103
md5WithRSA 104
serialNumber 105
@@ -121,7 +120,6 @@
rc5_ecb 121
rc5_cfb64 122
rc5_ofb64 123
-rle_compression 124
zlib_compression 125
ext_key_usage 126
id_pkix 127
@@ -347,7 +345,6 @@
id_on_personalData 347
id_pda_dateOfBirth 348
id_pda_placeOfBirth 349
-id_pda_pseudonym 350
id_pda_gender 351
id_pda_countryOfCitizenship 352
id_pda_countryOfResidence 353
@@ -390,7 +387,6 @@
dcObject 390
domainComponent 391
Domain 392
-joint_iso_ccitt 393
selected_attribute_types 394
clearance 395
md4WithRSAEncryption 396
@@ -401,7 +397,6 @@
policy_constraints 401
target_information 402
no_rev_avail 403
-ccitt 404
ansi_X9_62 405
X9_62_prime_field 406
X9_62_characteristic_two_field 407
@@ -508,7 +503,6 @@
id_hex_multipart_message 508
generationQualifier 509
pseudonym 510
-InternationalRA 511
id_set 512
set_ctype 513
set_msgExt 514
@@ -769,10 +763,7 @@
subject_directory_attributes 769
issuing_distribution_point 770
certificate_issuer 771
-korea 772
kisa 773
-kftc 774
-npki_alg 775
seed_ecb 776
seed_cbc 777
seed_ofb128 778
diff --git a/src/crypto/obj/obj_test.cc b/src/crypto/obj/obj_test.cc
index 4813b05..6c9dc3f 100644
--- a/src/crypto/obj/obj_test.cc
+++ b/src/crypto/obj/obj_test.cc
@@ -20,6 +20,8 @@
#include <openssl/crypto.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
static bool TestBasic() {
static const int kNID = NID_sha256WithRSAEncryption;
@@ -97,7 +99,7 @@
static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,
bool always_return_oid, const char *expected) {
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = der;
obj.length = static_cast<int>(der_len);
@@ -112,7 +114,7 @@
}
char short_buf[1];
- memset(short_buf, 0xff, sizeof(short_buf));
+ OPENSSL_memset(short_buf, 0xff, sizeof(short_buf));
len = OBJ_obj2txt(short_buf, sizeof(short_buf), &obj, always_return_oid);
if (len != expected_len) {
fprintf(stderr,
@@ -121,7 +123,7 @@
return false;
}
- if (memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
+ if (OPENSSL_memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 1 did not NUL-terminate the "
"output.\n",
@@ -186,7 +188,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
// kNonMinimalOID is kBasicConstraints with the final component non-minimally
// encoded.
diff --git a/src/crypto/obj/obj_xref.c b/src/crypto/obj/obj_xref.c
index 70babea..7b4ff12 100644
--- a/src/crypto/obj/obj_xref.c
+++ b/src/crypto/obj/obj_xref.c
@@ -56,69 +56,67 @@
#include <openssl/obj.h>
-#include <stdlib.h>
-
-#include "obj_xref.h"
+#include "../internal.h"
-static int nid_triple_cmp_by_sign_id(const void *in_a, const void *in_b) {
- const nid_triple *a = in_a;
- const nid_triple *b = in_b;
+typedef struct {
+ int sign_nid;
+ int digest_nid;
+ int pkey_nid;
+} nid_triple;
- return a->sign_id - b->sign_id;
-}
+static const nid_triple kTriples[] = {
+ /* RSA PKCS#1. */
+ {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
+ {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
+ {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
+ {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
+ {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
+ {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
+ {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
+ /* DSA. */
+ {NID_dsaWithSHA1, NID_sha1, NID_dsa},
+ {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
+ {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
+ {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
+ /* ECDSA. */
+ {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
+ /* For PSS the digest algorithm can vary and depends on the included
+ * AlgorithmIdentifier. The digest "undef" indicates the public key method
+ * should handle this explicitly. */
+ {NID_rsassaPss, NID_undef, NID_rsaEncryption},
+};
int OBJ_find_sigid_algs(int sign_nid, int *out_digest_nid, int *out_pkey_nid) {
- nid_triple key;
- const nid_triple *triple;
-
- key.sign_id = sign_nid;
-
- triple = bsearch(&key, sigoid_srt, sizeof(sigoid_srt) / sizeof(nid_triple),
- sizeof(nid_triple), nid_triple_cmp_by_sign_id);
-
- if (triple == NULL) {
- return 0;
- }
- if (out_digest_nid) {
- *out_digest_nid = triple->hash_id;
- }
- if (out_pkey_nid) {
- *out_pkey_nid = triple->pkey_id;
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
+ if (kTriples[i].sign_nid == sign_nid) {
+ if (out_digest_nid != NULL) {
+ *out_digest_nid = kTriples[i].digest_nid;
+ }
+ if (out_pkey_nid != NULL) {
+ *out_pkey_nid = kTriples[i].pkey_nid;
+ }
+ return 1;
+ }
}
- return 1;
-}
-
-static int nid_triple_cmp_by_digest_and_hash(const void *in_a,
- const void *in_b) {
- const nid_triple *a = *((nid_triple**) in_a);
- const nid_triple *b = *((nid_triple**) in_b);
-
- int ret = a->hash_id - b->hash_id;
- if (ret) {
- return ret;
- }
- return a->pkey_id - b->pkey_id;
+ return 0;
}
int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid, int pkey_nid) {
- nid_triple key, *pkey;
- const nid_triple **triple;
-
- key.hash_id = digest_nid;
- key.pkey_id = pkey_nid;
- pkey = &key;
-
- triple = bsearch(&pkey, sigoid_srt_xref,
- sizeof(sigoid_srt_xref) / sizeof(nid_triple *),
- sizeof(nid_triple *), nid_triple_cmp_by_digest_and_hash);
-
- if (triple == NULL) {
- return 0;
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
+ if (kTriples[i].digest_nid == digest_nid &&
+ kTriples[i].pkey_nid == pkey_nid) {
+ if (out_sign_nid != NULL) {
+ *out_sign_nid = kTriples[i].sign_nid;
+ }
+ return 1;
+ }
}
- if (out_sign_nid) {
- *out_sign_nid = (*triple)->sign_id;
- }
- return 1;
+
+ return 0;
}
diff --git a/src/crypto/obj/obj_xref.h b/src/crypto/obj/obj_xref.h
deleted file mode 100644
index b2082f5..0000000
--- a/src/crypto/obj/obj_xref.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* THIS FILE IS GENERATED FROM obj_xref.txt by obj_xref.pl via the
- * following command:
- * perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h */
-
-typedef struct
- {
- int sign_id;
- int hash_id;
- int pkey_id;
- } nid_triple;
-
-static const nid_triple sigoid_srt[] =
- {
- {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
- {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
- {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
- {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
- {NID_dsaWithSHA, NID_sha, NID_dsa},
- {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
- {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
- {NID_md5WithRSA, NID_md5, NID_rsa},
- {NID_dsaWithSHA1, NID_sha1, NID_dsa},
- {NID_sha1WithRSA, NID_sha1, NID_rsa},
- {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
- {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
- {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
- {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
- {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
- {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
- {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
- {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
- {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
- {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
- {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
- {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
- {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
- {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
- {NID_rsassaPss, NID_undef, NID_rsaEncryption},
- {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
- {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
- };
-
-static const nid_triple * const sigoid_srt_xref[] =
- {
- &sigoid_srt[0],
- &sigoid_srt[1],
- &sigoid_srt[7],
- &sigoid_srt[2],
- &sigoid_srt[4],
- &sigoid_srt[3],
- &sigoid_srt[9],
- &sigoid_srt[5],
- &sigoid_srt[8],
- &sigoid_srt[12],
- &sigoid_srt[30],
- &sigoid_srt[35],
- &sigoid_srt[6],
- &sigoid_srt[10],
- &sigoid_srt[11],
- &sigoid_srt[13],
- &sigoid_srt[24],
- &sigoid_srt[20],
- &sigoid_srt[32],
- &sigoid_srt[37],
- &sigoid_srt[14],
- &sigoid_srt[21],
- &sigoid_srt[33],
- &sigoid_srt[38],
- &sigoid_srt[15],
- &sigoid_srt[22],
- &sigoid_srt[34],
- &sigoid_srt[39],
- &sigoid_srt[16],
- &sigoid_srt[23],
- &sigoid_srt[19],
- &sigoid_srt[31],
- &sigoid_srt[36],
- &sigoid_srt[25],
- &sigoid_srt[26],
- &sigoid_srt[27],
- &sigoid_srt[28],
- };
-
diff --git a/src/crypto/obj/obj_xref.pl b/src/crypto/obj/obj_xref.pl
deleted file mode 100644
index 51dd68f..0000000
--- a/src/crypto/obj/obj_xref.pl
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/bin/env perl
-
-use strict;
-
-if (scalar @ARGV != 2)
- {
- print "Usage: perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h\n";
- exit 1;
- }
-
-my %xref_tbl;
-my %oid_tbl;
-
-my ($mac_file, $xref_file) = @ARGV;
-
-open(IN, $mac_file) || die "Can't open $mac_file";
-
-# Read in OID nid values for a lookup table.
-
-while (<IN>)
- {
- chomp;
- my ($name, $num) = /^(\S+)\s+(\S+)$/;
- $oid_tbl{$name} = $num;
- }
-close IN;
-
-open(IN, $xref_file) || die "Can't open $xref_file";
-
-my $ln = 1;
-
-while (<IN>)
- {
- chomp;
- s/#.*$//;
- next if (/^\S*$/);
- my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
- check_oid($xr);
- check_oid($p1);
- check_oid($p2);
- $xref_tbl{$xr} = [$p1, $p2, $ln];
- }
-
-my @xrkeys = keys %xref_tbl;
-
-my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
-
-for(my $i = 0; $i <= $#srt1; $i++)
- {
- $xref_tbl{$srt1[$i]}[2] = $i;
- }
-
-my @srt2 = sort
- {
- my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
- my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
- return $ap1 - $bp1 if ($ap1 != $bp1);
- my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
- my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
-
- return $ap2 - $bp2;
- } @xrkeys;
-
-my $pname = $0;
-
-$pname =~ s|^.[^/]/||;
-
-print <<EOF;
-/* THIS FILE IS GENERATED FROM obj_xref.txt by obj_xref.pl via the
- * following command:
- * perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h */
-
-typedef struct
- {
- int sign_id;
- int hash_id;
- int pkey_id;
- } nid_triple;
-
-static const nid_triple sigoid_srt[] =
- {
-EOF
-
-foreach (@srt1)
- {
- my $xr = $_;
- my ($p1, $p2) = @{$xref_tbl{$_}};
- print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
- }
-
-print "\t};";
-print <<EOF;
-
-
-static const nid_triple * const sigoid_srt_xref[] =
- {
-EOF
-
-foreach (@srt2)
- {
- my ($p1, $p2, $x) = @{$xref_tbl{$_}};
- # If digest or signature algorithm is "undef" then the algorithm
- # needs special handling and is excluded from the cross reference table.
- next if $p1 eq "undef" || $p2 eq "undef";
- print "\t\&sigoid_srt\[$x\],\n";
- }
-
-print "\t};\n\n";
-
-sub check_oid
- {
- my ($chk) = @_;
- if (!exists $oid_tbl{$chk})
- {
- die "Not Found \"$chk\"\n";
- }
- }
-
diff --git a/src/crypto/obj/obj_xref.txt b/src/crypto/obj/obj_xref.txt
deleted file mode 100644
index 19c9422..0000000
--- a/src/crypto/obj/obj_xref.txt
+++ /dev/null
@@ -1,58 +0,0 @@
-# OID cross reference table.
-# Links signatures OIDs to their corresponding public key algorithms
-# and digests.
-
-md2WithRSAEncryption md2 rsaEncryption
-md5WithRSAEncryption md5 rsaEncryption
-shaWithRSAEncryption sha rsaEncryption
-sha1WithRSAEncryption sha1 rsaEncryption
-md4WithRSAEncryption md4 rsaEncryption
-sha256WithRSAEncryption sha256 rsaEncryption
-sha384WithRSAEncryption sha384 rsaEncryption
-sha512WithRSAEncryption sha512 rsaEncryption
-sha224WithRSAEncryption sha224 rsaEncryption
-mdc2WithRSA mdc2 rsaEncryption
-ripemd160WithRSA ripemd160 rsaEncryption
-# For PSS the digest algorithm can vary and depends on the included
-# AlgorithmIdentifier. The digest "undef" indicates the public key
-# method should handle this explicitly.
-rsassaPss undef rsaEncryption
-
-# Alternative deprecated OIDs. By using the older "rsa" OID this
-# type will be recognized by not normally used.
-
-md5WithRSA md5 rsa
-sha1WithRSA sha1 rsa
-
-dsaWithSHA sha dsa
-dsaWithSHA1 sha1 dsa
-
-dsaWithSHA1_2 sha1 dsa_2
-
-ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey
-ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey
-ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey
-ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey
-ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey
-ecdsa_with_Recommended undef X9_62_id_ecPublicKey
-ecdsa_with_Specified undef X9_62_id_ecPublicKey
-
-dsa_with_SHA224 sha224 dsa
-dsa_with_SHA256 sha256 dsa
-
-id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001
-id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94
-id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc
-id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
-# ECDH KDFs and their corresponding message digests and schemes
-dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf
-dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf
-dhSinglePass_stdDH_sha256kdf_scheme sha256 dh_std_kdf
-dhSinglePass_stdDH_sha384kdf_scheme sha384 dh_std_kdf
-dhSinglePass_stdDH_sha512kdf_scheme sha512 dh_std_kdf
-
-dhSinglePass_cofactorDH_sha1kdf_scheme sha1 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf
diff --git a/src/crypto/obj/objects.go b/src/crypto/obj/objects.go
new file mode 100644
index 0000000..28887c0
--- /dev/null
+++ b/src/crypto/obj/objects.go
@@ -0,0 +1,732 @@
+// Copyright (c) 2016, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+package main
+
+import (
+ "bufio"
+ "bytes"
+ "errors"
+ "fmt"
+ "io/ioutil"
+ "os"
+ "os/exec"
+ "sort"
+ "strconv"
+ "strings"
+)
+
+func sanitizeName(in string) string {
+ in = strings.Replace(in, "-", "_", -1)
+ in = strings.Replace(in, ".", "_", -1)
+ in = strings.Replace(in, " ", "_", -1)
+ return in
+}
+
+type object struct {
+ name string
+ // shortName and longName are the short and long names, respectively. If
+ // one is missing, it takes the value of the other, but the
+ // corresponding SN_foo or LN_foo macro is not defined.
+ shortName, longName string
+ hasShortName, hasLongName bool
+ oid []int
+ encoded []byte
+}
+
+type objects struct {
+ // byNID is the list of all objects, indexed by nid.
+ byNID []object
+ // nameToNID is a map from object name to nid.
+ nameToNID map[string]int
+}
+
+func readNumbers(path string) (nameToNID map[string]int, numNIDs int, err error) {
+ in, err := os.Open(path)
+ if err != nil {
+ return nil, 0, err
+ }
+ defer in.Close()
+
+ nameToNID = make(map[string]int)
+ nidsSeen := make(map[int]struct{})
+
+ // Reserve NID 0 for NID_undef.
+ numNIDs = 1
+ nameToNID["undef"] = 0
+ nidsSeen[0] = struct{}{}
+
+ var lineNo int
+ scanner := bufio.NewScanner(in)
+ for scanner.Scan() {
+ line := scanner.Text()
+ lineNo++
+ withLine := func(err error) error {
+ return fmt.Errorf("%s:%d: %s", path, lineNo, err)
+ }
+
+ fields := strings.Fields(line)
+ if len(fields) == 0 {
+ // Skip blank lines.
+ continue
+ }
+
+ // Each line is a name and a nid, separated by space.
+ if len(fields) != 2 {
+ return nil, 0, withLine(errors.New("syntax error"))
+ }
+ name := fields[0]
+ nid, err := strconv.Atoi(fields[1])
+ if err != nil {
+ return nil, 0, withLine(err)
+ }
+ if nid < 0 {
+ return nil, 0, withLine(errors.New("invalid NID"))
+ }
+
+ // NID_undef is implicitly defined.
+ if name == "undef" && nid == 0 {
+ continue
+ }
+
+ // Forbid duplicates.
+ if _, ok := nameToNID[name]; ok {
+ return nil, 0, withLine(fmt.Errorf("duplicate name %q", name))
+ }
+ if _, ok := nidsSeen[nid]; ok {
+ return nil, 0, withLine(fmt.Errorf("duplicate NID %d", nid))
+ }
+
+ nameToNID[name] = nid
+ nidsSeen[nid] = struct{}{}
+
+ if nid >= numNIDs {
+ numNIDs = nid + 1
+ }
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, 0, fmt.Errorf("error reading %s: %s", path, err)
+ }
+
+ return nameToNID, numNIDs, nil
+}
+
+func parseOID(aliases map[string][]int, in []string) (oid []int, err error) {
+ if len(in) == 0 {
+ return
+ }
+
+ // The first entry may be a reference to a previous alias.
+ if alias, ok := aliases[sanitizeName(in[0])]; ok {
+ in = in[1:]
+ oid = append(oid, alias...)
+ }
+
+ for _, c := range in {
+ val, err := strconv.Atoi(c)
+ if err != nil {
+ return nil, err
+ }
+ if val < 0 {
+ return nil, fmt.Errorf("negative component")
+ }
+ oid = append(oid, val)
+ }
+ return
+}
+
+func appendBase128(dst []byte, value int) []byte {
+ // Zero is encoded with one, not zero bytes.
+ if value == 0 {
+ return append(dst, 0)
+ }
+
+ // Count how many bytes are needed.
+ var l int
+ for n := value; n != 0; n >>= 7 {
+ l++
+ }
+ for ; l > 0; l-- {
+ b := byte(value>>uint(7*(l-1))) & 0x7f
+ if l > 1 {
+ b |= 0x80
+ }
+ dst = append(dst, b)
+ }
+ return dst
+}
+
+func encodeOID(oid []int) []byte {
+ if len(oid) < 2 {
+ return nil
+ }
+
+ var der []byte
+ der = appendBase128(der, 40*oid[0]+oid[1])
+ for _, value := range oid[2:] {
+ der = appendBase128(der, value)
+ }
+ return der
+}
+
+func readObjects(numPath, objectsPath string) (*objects, error) {
+ nameToNID, numNIDs, err := readNumbers(numPath)
+ if err != nil {
+ return nil, err
+ }
+
+ in, err := os.Open(objectsPath)
+ if err != nil {
+ return nil, err
+ }
+ defer in.Close()
+
+ // Implicitly define NID_undef.
+ objs := &objects{
+ byNID: make([]object, numNIDs),
+ nameToNID: make(map[string]int),
+ }
+
+ objs.byNID[0] = object{
+ name: "undef",
+ shortName: "UNDEF",
+ longName: "undefined",
+ hasShortName: true,
+ hasLongName: true,
+ }
+ objs.nameToNID["undef"] = 0
+
+ var module, nextName string
+ var lineNo int
+ longNamesSeen := make(map[string]struct{})
+ shortNamesSeen := make(map[string]struct{})
+ aliases := make(map[string][]int)
+ scanner := bufio.NewScanner(in)
+ for scanner.Scan() {
+ line := scanner.Text()
+ lineNo++
+ withLine := func(err error) error {
+ return fmt.Errorf("%s:%d: %s", objectsPath, lineNo, err)
+ }
+
+ // Remove comments.
+ idx := strings.IndexRune(line, '#')
+ if idx >= 0 {
+ line = line[:idx]
+ }
+
+ // Skip empty lines.
+ line = strings.TrimSpace(line)
+ if len(line) == 0 {
+ continue
+ }
+
+ if line[0] == '!' {
+ args := strings.Fields(line)
+ switch args[0] {
+ case "!module":
+ if len(args) != 2 {
+ return nil, withLine(errors.New("too many arguments"))
+ }
+ module = sanitizeName(args[1]) + "_"
+ case "!global":
+ module = ""
+ case "!Cname":
+ // !Cname directives override the name for the
+ // next object.
+ if len(args) != 2 {
+ return nil, withLine(errors.New("too many arguments"))
+ }
+ nextName = sanitizeName(args[1])
+ case "!Alias":
+ // !Alias directives define an alias for an OID
+ // without emitting an object.
+ if len(nextName) != 0 {
+ return nil, withLine(errors.New("!Cname directives may not modify !Alias directives."))
+ }
+ if len(args) < 3 {
+ return nil, withLine(errors.New("not enough arguments"))
+ }
+ aliasName := module + sanitizeName(args[1])
+ oid, err := parseOID(aliases, args[2:])
+ if err != nil {
+ return nil, withLine(err)
+ }
+ if _, ok := aliases[aliasName]; ok {
+ return nil, withLine(fmt.Errorf("duplicate name '%s'", aliasName))
+ }
+ aliases[aliasName] = oid
+ default:
+ return nil, withLine(fmt.Errorf("unknown directive '%s'", args[0]))
+ }
+ continue
+ }
+
+ fields := strings.Split(line, ":")
+ if len(fields) < 2 || len(fields) > 3 {
+ return nil, withLine(errors.New("invalid field count"))
+ }
+
+ obj := object{name: nextName}
+ nextName = ""
+
+ var err error
+ obj.oid, err = parseOID(aliases, strings.Fields(fields[0]))
+ if err != nil {
+ return nil, withLine(err)
+ }
+ obj.encoded = encodeOID(obj.oid)
+
+ obj.shortName = strings.TrimSpace(fields[1])
+ if len(fields) == 3 {
+ obj.longName = strings.TrimSpace(fields[2])
+ }
+
+ // Long and short names default to each other if missing.
+ if len(obj.shortName) == 0 {
+ obj.shortName = obj.longName
+ } else {
+ obj.hasShortName = true
+ }
+ if len(obj.longName) == 0 {
+ obj.longName = obj.shortName
+ } else {
+ obj.hasLongName = true
+ }
+ if len(obj.shortName) == 0 || len(obj.longName) == 0 {
+ return nil, withLine(errors.New("object with no name"))
+ }
+
+ // If not already specified, prefer the long name if it has no
+ // spaces, otherwise the short name.
+ if len(obj.name) == 0 && strings.IndexRune(obj.longName, ' ') < 0 {
+ obj.name = sanitizeName(obj.longName)
+ }
+ if len(obj.name) == 0 {
+ obj.name = sanitizeName(obj.shortName)
+ }
+ obj.name = module + obj.name
+
+ // Check for duplicate names.
+ if _, ok := aliases[obj.name]; ok {
+ return nil, withLine(fmt.Errorf("duplicate name '%s'", obj.name))
+ }
+ if _, ok := shortNamesSeen[obj.shortName]; ok && len(obj.shortName) > 0 {
+ return nil, withLine(fmt.Errorf("duplicate short name '%s'", obj.shortName))
+ }
+ if _, ok := longNamesSeen[obj.longName]; ok && len(obj.longName) > 0 {
+ return nil, withLine(fmt.Errorf("duplicate long name '%s'", obj.longName))
+ }
+
+ // Allocate a NID.
+ nid, ok := nameToNID[obj.name]
+ if !ok {
+ nid = len(objs.byNID)
+ objs.byNID = append(objs.byNID, object{})
+ }
+
+ objs.byNID[nid] = obj
+ objs.nameToNID[obj.name] = nid
+
+ longNamesSeen[obj.longName] = struct{}{}
+ shortNamesSeen[obj.shortName] = struct{}{}
+ aliases[obj.name] = obj.oid
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, err
+ }
+
+ return objs, nil
+}
+
+func writeNumbers(path string, objs *objects) error {
+ out, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer out.Close()
+
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ continue
+ }
+ if _, err := fmt.Fprintf(out, "%s\t\t%d\n", obj.name, nid); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func clangFormat(input string) (string, error) {
+ var b bytes.Buffer
+ cmd := exec.Command("clang-format")
+ cmd.Stdin = strings.NewReader(input)
+ cmd.Stdout = &b
+ cmd.Stderr = os.Stderr
+ if err := cmd.Run(); err != nil {
+ return "", err
+ }
+ return b.String(), nil
+}
+
+func writeHeader(path string, objs *objects) error {
+ var b bytes.Buffer
+ fmt.Fprintf(&b, `/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG `+"``"+`AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+/* This file is generated by crypto/obj/objects.go. */
+
+#ifndef OPENSSL_HEADER_NID_H
+#define OPENSSL_HEADER_NID_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+/* The nid library provides numbered values for ASN.1 object identifiers and
+ * other symbols. These values are used by other libraries to identify
+ * cryptographic primitives.
+ *
+ * A separate objects library, obj.h, provides functions for converting between
+ * nids and object identifiers. However it depends on large internal tables with
+ * the encodings of every nid defined. Consumers concerned with binary size
+ * should instead embed the encodings of the few consumed OIDs and compare
+ * against those.
+ *
+ * These values should not be used outside of a single process; they are not
+ * stable identifiers. */
+
+
+`)
+
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ continue
+ }
+
+ if obj.hasShortName {
+ fmt.Fprintf(&b, "#define SN_%s \"%s\"\n", obj.name, obj.shortName)
+ }
+ if obj.hasLongName {
+ fmt.Fprintf(&b, "#define LN_%s \"%s\"\n", obj.name, obj.longName)
+ }
+ fmt.Fprintf(&b, "#define NID_%s %d\n", obj.name, nid)
+
+ // Although NID_undef does not have an OID, OpenSSL emits
+ // OBJ_undef as if it were zero.
+ oid := obj.oid
+ if nid == 0 {
+ oid = []int{0}
+ }
+ if len(oid) != 0 {
+ var oidStr string
+ for _, val := range oid {
+ if len(oidStr) != 0 {
+ oidStr += ","
+ }
+ oidStr += fmt.Sprintf("%dL", val)
+ }
+
+ fmt.Fprintf(&b, "#define OBJ_%s %s\n", obj.name, oidStr)
+ }
+
+ fmt.Fprintf(&b, "\n")
+ }
+
+ fmt.Fprintf(&b, `
+#if defined(__cplusplus)
+} /* extern C */
+#endif
+
+#endif /* OPENSSL_HEADER_NID_H */
+`)
+
+ formatted, err := clangFormat(b.String())
+ if err != nil {
+ return err
+ }
+
+ return ioutil.WriteFile(path, []byte(formatted), 0666)
+}
+
+// TODO(davidben): Replace this with sort.Slice once Go 1.8 is sufficiently
+// common.
+type nidSorter struct {
+ nids []int
+ objs *objects
+ cmp func(a, b object) bool
+}
+
+func (a nidSorter) obj(i int) object { return a.objs.byNID[a.nids[i]] }
+func (a nidSorter) Len() int { return len(a.nids) }
+func (a nidSorter) Swap(i, j int) { a.nids[i], a.nids[j] = a.nids[j], a.nids[i] }
+func (a nidSorter) Less(i, j int) bool { return a.cmp(a.obj(i), a.obj(j)) }
+
+func sortNIDs(nids []int, objs *objects, cmp func(a, b object) bool) {
+ sort.Sort(&nidSorter{nids, objs, cmp})
+}
+
+func writeData(path string, objs *objects) error {
+ var b bytes.Buffer
+ fmt.Fprintf(&b, `/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG `+"``"+`AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+/* This file is generated by crypto/obj/objects.go. */
+
+
+`)
+
+ fmt.Fprintf(&b, "#define NUM_NID %d\n", len(objs.byNID))
+
+ // Emit each object's DER encoding, concatenated, and save the offsets.
+ fmt.Fprintf(&b, "\nstatic const uint8_t kObjectData[] = {\n")
+ offsets := make([]int, len(objs.byNID))
+ var nextOffset int
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.encoded) == 0 {
+ offsets[nid] = -1
+ continue
+ }
+
+ offsets[nid] = nextOffset
+ nextOffset += len(obj.encoded)
+ fmt.Fprintf(&b, "/* NID_%s */\n", obj.name)
+ for _, val := range obj.encoded {
+ fmt.Fprintf(&b, "0x%02x, ", val)
+ }
+ fmt.Fprintf(&b, "\n")
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit an ASN1_OBJECT for each object.
+ fmt.Fprintf(&b, "\nstatic const ASN1_OBJECT kObjects[NUM_NID] = {\n")
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ fmt.Fprintf(&b, "{NULL, NULL, NID_undef, 0, NULL, 0},\n")
+ continue
+ }
+
+ fmt.Fprintf(&b, "{\"%s\", \"%s\", NID_%s, ", obj.shortName, obj.longName, obj.name)
+ if offset := offsets[nid]; offset >= 0 {
+ fmt.Fprintf(&b, "%d, &kObjectData[%d], 0},\n", len(obj.encoded), offset)
+ } else {
+ fmt.Fprintf(&b, "0, NULL, 0},\n")
+ }
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by short name.
+ var nids []int
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.shortName) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool { return a.shortName < b.shortName })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInShortNameOrder[] = {\n")
+ for _, nid := range nids {
+ fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].shortName)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by long name.
+ nids = nil
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.longName) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool { return a.longName < b.longName })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInLongNameOrder[] = {\n")
+ for _, nid := range nids {
+ fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].longName)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by OID.
+ nids = nil
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.encoded) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool {
+ // This comparison must match the definition of |obj_cmp|.
+ if len(a.encoded) < len(b.encoded) {
+ return true
+ }
+ if len(a.encoded) > len(b.encoded) {
+ return false
+ }
+ return bytes.Compare(a.encoded, b.encoded) < 0
+ })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInOIDOrder[] = {\n")
+ for _, nid := range nids {
+ obj := objs.byNID[nid]
+ fmt.Fprintf(&b, "%d /* ", nid)
+ for i, c := range obj.oid {
+ if i > 0 {
+ fmt.Fprintf(&b, ".")
+ }
+ fmt.Fprintf(&b, "%d", c)
+ }
+ fmt.Fprintf(&b, " (OBJ_%s) */,\n", obj.name)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ formatted, err := clangFormat(b.String())
+ if err != nil {
+ return err
+ }
+
+ return ioutil.WriteFile(path, []byte(formatted), 0666)
+}
+
+func main() {
+ objs, err := readObjects("obj_mac.num", "objects.txt")
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error reading objects: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeNumbers("obj_mac.num", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing numbers: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeHeader("../../include/openssl/nid.h", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing header: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeData("obj_dat.h", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing data: %s\n", err)
+ os.Exit(1)
+ }
+}
diff --git a/src/crypto/obj/objects.pl b/src/crypto/obj/objects.pl
deleted file mode 100644
index 165429b..0000000
--- a/src/crypto/obj/objects.pl
+++ /dev/null
@@ -1,255 +0,0 @@
-#!/usr/bin/env perl
-
-if (scalar @ARGV != 3)
- {
- print "Usage: perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h\n";
- exit 1;
- }
-
-open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
-$max_nid=0;
-$o=0;
-while(<NUMIN>)
- {
- chop;
- $o++;
- s/#.*$//;
- next if /^\s*$/;
- $_ = 'X'.$_;
- ($Cname,$mynum) = split;
- $Cname =~ s/^X//;
- if (defined($nidn{$mynum}))
- { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
- if (defined($nid{$Cname}))
- { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
- $nid{$Cname} = $mynum;
- $nidn{$mynum} = $Cname;
- $order{$mynum} = $o;
- $max_nid = $mynum if $mynum > $max_nid;
- }
-close NUMIN;
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-$Cname="";
-$o=0;
-while (<IN>)
- {
- chop;
- $o++;
- if (/^!module\s+(.*)$/)
- {
- $module = $1."-";
- $module =~ s/\./_/g;
- $module =~ s/-/_/g;
- }
- if (/^!global$/)
- { $module = ""; }
- if (/^!Cname\s+(.*)$/)
- { $Cname = $1; }
- if (/^!Alias\s+(.+?)\s+(.*)$/)
- {
- $Cname = $module.$1;
- $myoid = $2;
- $myoid = &process_oid($myoid);
- $Cname =~ s/-/_/g;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $obj{$Cname} = $myoid;
- $_ = "";
- $Cname = "";
- }
- s/!.*$//;
- s/#.*$//;
- next if /^\s*$/;
- ($myoid,$mysn,$myln) = split ':';
- $mysn =~ s/^\s*//;
- $mysn =~ s/\s*$//;
- $myln =~ s/^\s*//;
- $myln =~ s/\s*$//;
- $myoid =~ s/^\s*//;
- $myoid =~ s/\s*$//;
- if ($myoid ne "")
- {
- $myoid = &process_oid($myoid);
- }
-
- if ($Cname eq "" && !($myln =~ / /))
- {
- $Cname = $myln;
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $mysn;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($sn{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $myln;
- $Cname =~ s/-/_/g;
- $Cname =~ s/\./_/g;
- $Cname =~ s/ /_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- $Cname = $module.$Cname;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $sn{$Cname} = $mysn;
- $ln{$Cname} = $myln;
- $obj{$Cname} = $myoid;
- if (!defined($nid{$Cname}))
- {
- $max_nid++;
- $nid{$Cname} = $max_nid;
- $nidn{$max_nid} = $Cname;
-print STDERR "Added OID $Cname\n";
- }
- $Cname="";
- }
-close IN;
-
-open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-foreach (sort { $a <=> $b } keys %nidn)
- {
- print NUMOUT $nidn{$_},"\t\t",$_,"\n";
- }
-close NUMOUT;
-
-open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
-print OUT <<'EOF';
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_HEADER_NID_H
-#define OPENSSL_HEADER_NID_H
-
-
-/* The nid library provides numbered values for ASN.1 object identifiers and
- * other symbols. These values are used by other libraries to identify
- * cryptographic primitives.
- *
- * A separate objects library, obj.h, provides functions for converting between
- * nids and object identifiers. However it depends on large internal tables with
- * the encodings of every nid defind. Consumers concerned with binary size
- * should instead embed the encodings of the few consumed OIDs and compare
- * against those.
- *
- * These values should not be used outside of a single process; they are not
- * stable identifiers. */
-
-
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
-EOF
-
-foreach (sort { $a <=> $b } keys %ordern)
- {
- $Cname=$ordern{$_};
- print OUT "#define SN_",$Cname," \"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
- print OUT "#define LN_",$Cname," \"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
- print OUT "#define NID_",$Cname," ",$nid{$Cname},"\n" if $nid{$Cname} ne "";
- print OUT "#define OBJ_",$Cname," ",$obj{$Cname},"\n" if $obj{$Cname} ne "";
- print OUT "\n";
- }
-
-print OUT "\n#endif /* OPENSSL_HEADER_NID_H */\n";
-
-close OUT;
-
-sub process_oid
- {
- local($oid)=@_;
- local(@a,$oid_pref);
-
- @a = split(/\s+/,$myoid);
- $pref_oid = "";
- $pref_sep = "";
- if (!($a[0] =~ /^[0-9]+$/))
- {
- $a[0] =~ s/-/_/g;
- if (!defined($obj{$a[0]}))
- { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
- $pref_oid = "OBJ_" . $a[0];
- $pref_sep = ",";
- shift @a;
- }
- $oids = join('L,',@a) . "L";
- if ($oids ne "L")
- {
- $oids = $pref_oid . $pref_sep . $oids;
- }
- else
- {
- $oids = $pref_oid;
- }
- return($oids);
- }
diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c
index e53abf8..8b7932e 100644
--- a/src/crypto/pem/pem_lib.c
+++ b/src/crypto/pem/pem_lib.c
@@ -71,6 +71,9 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
#define MIN_LENGTH 4
static int load_iv(char **fromp, unsigned char *to, int num);
@@ -638,7 +641,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(nameB->data, &(buf[11]), i - 6);
+ OPENSSL_memcpy(nameB->data, &(buf[11]), i - 6);
nameB->data[i - 6] = '\0';
break;
}
@@ -669,7 +672,7 @@
nohead = 1;
break;
}
- memcpy(&(headerB->data[hl]), buf, i);
+ OPENSSL_memcpy(&(headerB->data[hl]), buf, i);
headerB->data[hl + i] = '\0';
hl += i;
}
@@ -701,7 +704,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(&(dataB->data[bl]), buf, i);
+ OPENSSL_memcpy(&(dataB->data[bl]), buf, i);
dataB->data[bl + i] = '\0';
bl += i;
if (end) {
diff --git a/src/crypto/pkcs8/p5_pbe.c b/src/crypto/pkcs8/p5_pbe.c
index 8e56d41..eee2e00 100644
--- a/src/crypto/pkcs8/p5_pbe.c
+++ b/src/crypto/pkcs8/p5_pbe.c
@@ -62,6 +62,7 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "internal.h"
@@ -106,7 +107,7 @@
}
sstr = ASN1_STRING_data(pbe->salt);
if (salt)
- memcpy(sstr, salt, saltlen);
+ OPENSSL_memcpy(sstr, salt, saltlen);
else if (!RAND_bytes(sstr, saltlen))
goto err;
diff --git a/src/crypto/pkcs8/p5_pbev2.c b/src/crypto/pkcs8/p5_pbev2.c
index 050a4d6..c16b83f 100644
--- a/src/crypto/pkcs8/p5_pbev2.c
+++ b/src/crypto/pkcs8/p5_pbev2.c
@@ -67,6 +67,7 @@
#include <openssl/x509.h>
#include "internal.h"
+#include "../internal.h"
/* PKCS#5 v2.0 password based encryption structures */
@@ -144,7 +145,7 @@
if (EVP_CIPHER_iv_length(cipher))
{
if (aiv)
- memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+ OPENSSL_memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (!RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)))
goto err;
}
@@ -246,7 +247,7 @@
osalt->length = saltlen;
if (salt)
- memcpy (osalt->data, salt, saltlen);
+ OPENSSL_memcpy (osalt->data, salt, saltlen);
else if (!RAND_bytes(osalt->data, saltlen))
goto merr;
diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c
index 7b34705..e965bc9 100644
--- a/src/crypto/pkcs8/pkcs8.c
+++ b/src/crypto/pkcs8/pkcs8.c
@@ -124,7 +124,7 @@
/* 1. Construct a string, D (the "diversifier"), by concatenating v/8 copies
* of ID. */
uint8_t D[EVP_MAX_MD_BLOCK_SIZE];
- memset(D, id, block_size);
+ OPENSSL_memset(D, id, block_size);
/* 2. Concatenate copies of the salt together to create a string S of length
* v(ceiling(s/v)) bits (the final copy of the salt may be truncated to
@@ -186,7 +186,7 @@
}
size_t todo = out_len < A_len ? out_len : A_len;
- memcpy(out, A, todo);
+ OPENSSL_memcpy(out, A, todo);
out += todo;
out_len -= todo;
if (out_len == 0) {
@@ -911,7 +911,7 @@
}
*out_key = NULL;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
/* See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section
* four. */
@@ -1068,7 +1068,7 @@
return NULL;
}
- memcpy(p12->ber_bytes, *ber_bytes, ber_len);
+ OPENSSL_memcpy(p12->ber_bytes, *ber_bytes, ber_len);
p12->ber_len = ber_len;
*ber_bytes += ber_len;
@@ -1193,7 +1193,7 @@
}
} else if (password_len != -1 &&
(password[password_len] != 0 ||
- memchr(password, 0, password_len) != NULL)) {
+ OPENSSL_memchr(password, 0, password_len) != NULL)) {
return 0;
}
diff --git a/src/crypto/poly1305/poly1305.c b/src/crypto/poly1305/poly1305.c
index 4c5d11f..77e8046 100644
--- a/src/crypto/poly1305/poly1305.c
+++ b/src/crypto/poly1305/poly1305.c
@@ -23,6 +23,7 @@
#include <openssl/cpu.h>
#include "internal.h"
+#include "../internal.h"
#if defined(OPENSSL_WINDOWS) || !defined(OPENSSL_X86_64)
@@ -30,11 +31,13 @@
/* We can assume little-endian. */
static uint32_t U8TO32_LE(const uint8_t *m) {
uint32_t r;
- memcpy(&r, m, sizeof(r));
+ OPENSSL_memcpy(&r, m, sizeof(r));
return r;
}
-static void U32TO8_LE(uint8_t *m, uint32_t v) { memcpy(m, &v, sizeof(v)); }
+static void U32TO8_LE(uint8_t *m, uint32_t v) {
+ OPENSSL_memcpy(m, &v, sizeof(v));
+}
static uint64_t mul32x32_64(uint32_t a, uint32_t b) { return (uint64_t)a * b; }
@@ -192,7 +195,7 @@
state->h4 = 0;
state->buf_used = 0;
- memcpy(state->key, key + 16, sizeof(state->key));
+ OPENSSL_memcpy(state->key, key + 16, sizeof(state->key));
}
void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
diff --git a/src/crypto/poly1305/poly1305_arm.c b/src/crypto/poly1305/poly1305_arm.c
index de31d6b..444413b 100644
--- a/src/crypto/poly1305/poly1305_arm.c
+++ b/src/crypto/poly1305/poly1305_arm.c
@@ -129,7 +129,7 @@
* fe1305x2_frombytearray. */
static uint32_t load32(uint8_t *t) {
uint32_t tmp;
- memcpy(&tmp, t, sizeof(tmp));
+ OPENSSL_memcpy(&tmp, t, sizeof(tmp));
return tmp;
}
@@ -203,7 +203,7 @@
addmulmod(precomp, r, r, &zero); /* precompute r^2 */
addmulmod(precomp + 1, precomp, precomp, &zero); /* precompute r^4 */
- memcpy(st->key, key + 16, 16);
+ OPENSSL_memcpy(st->key, key + 16, 16);
st->buf_used = 0;
}
diff --git a/src/crypto/pool/pool.c b/src/crypto/pool/pool.c
index ca058fc..44d10af 100644
--- a/src/crypto/pool/pool.c
+++ b/src/crypto/pool/pool.c
@@ -34,7 +34,7 @@
if (a->len != b->len) {
return 1;
}
- return memcmp(a->data, b->data, a->len);
+ return OPENSSL_memcmp(a->data, b->data, a->len);
}
CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void) {
@@ -43,7 +43,7 @@
return NULL;
}
- memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
+ OPENSSL_memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
pool->bufs = lh_CRYPTO_BUFFER_new(CRYPTO_BUFFER_hash, CRYPTO_BUFFER_cmp);
if (pool->bufs == NULL) {
OPENSSL_free(pool);
@@ -95,7 +95,7 @@
if (buf == NULL) {
return NULL;
}
- memset(buf, 0, sizeof(CRYPTO_BUFFER));
+ OPENSSL_memset(buf, 0, sizeof(CRYPTO_BUFFER));
buf->data = BUF_memdup(data, len);
if (len != 0 && buf->data == NULL) {
diff --git a/src/crypto/pool/pool_test.cc b/src/crypto/pool/pool_test.cc
index 0b5338f..72b8ce0 100644
--- a/src/crypto/pool/pool_test.cc
+++ b/src/crypto/pool/pool_test.cc
@@ -17,6 +17,8 @@
#include <openssl/pool.h>
+#include "../internal.h"
+
static bool TestUnpooled() {
static const uint8_t kData[4] = {1, 2, 3, 4};
@@ -27,7 +29,8 @@
}
if (CRYPTO_BUFFER_len(buf.get()) != sizeof(kData) ||
- memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) != 0) {
+ OPENSSL_memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) !=
+ 0) {
fprintf(stderr, "CRYPTO_BUFFER corrupted data.\n");
return false;
}
diff --git a/src/crypto/rand/deterministic.c b/src/crypto/rand/deterministic.c
index c0a347c..d96a505 100644
--- a/src/crypto/rand/deterministic.c
+++ b/src/crypto/rand/deterministic.c
@@ -21,6 +21,7 @@
#include <openssl/chacha.h>
#include "internal.h"
+#include "../internal.h"
/* g_num_calls is the number of calls to |CRYPTO_sysrand| that have occured.
@@ -36,10 +37,10 @@
static const uint8_t kZeroKey[32];
uint8_t nonce[12];
- memset(nonce, 0, sizeof(nonce));
- memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
+ OPENSSL_memset(nonce, 0, sizeof(nonce));
+ OPENSSL_memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
- memset(out, 0, requested);
+ OPENSSL_memset(out, 0, requested);
CRYPTO_chacha_20(out, out, requested, kZeroKey, nonce, 0);
g_num_calls++;
}
diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c
index ec78a2e..51da6ba 100644
--- a/src/crypto/rand/rand.c
+++ b/src/crypto/rand/rand.c
@@ -101,7 +101,7 @@
if (!CRYPTO_rdrand(rand_buf)) {
return 0;
}
- memcpy(buf + len_multiple8, rand_buf, len);
+ OPENSSL_memcpy(buf + len_multiple8, rand_buf, len);
}
return 1;
@@ -138,7 +138,7 @@
return 1;
}
- memset(state->partial_block, 0, sizeof(state->partial_block));
+ OPENSSL_memset(state->partial_block, 0, sizeof(state->partial_block));
state->calls_used = kMaxCallsPerRefresh;
}
@@ -161,8 +161,8 @@
todo = kMaxBytesPerCall;
}
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(buf, buf, todo, state->key, nonce, 0);
buf += todo;
remaining -= todo;
@@ -171,8 +171,8 @@
} else {
if (sizeof(state->partial_block) - state->partial_block_used < len) {
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(state->partial_block, state->partial_block,
sizeof(state->partial_block), state->key, nonce, 0);
state->partial_block_used = 0;
diff --git a/src/crypto/rand/urandom.c b/src/crypto/rand/urandom.c
index 17d194c..2233203 100644
--- a/src/crypto/rand/urandom.c
+++ b/src/crypto/rand/urandom.c
@@ -207,12 +207,12 @@
abort(); // Already initialized
}
- if (urandom_fd == kHaveGetrandom) {
- if (fd >= 0) {
+ if (fd >= 0) {
+ if (urandom_fd == kHaveGetrandom) {
close(fd);
+ } else if (urandom_fd != fd) {
+ abort(); // Already initialized.
}
- } else if (urandom_fd != fd) {
- abort(); // Already initialized.
}
}
@@ -237,18 +237,35 @@
return buf;
}
+#if defined(USE_SYS_getrandom) && defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+void __msan_unpoison(void *, size_t);
+#endif
+#endif
+
/* fill_with_entropy writes |len| bytes of entropy into |out|. It returns one
* on success and zero on error. */
static char fill_with_entropy(uint8_t *out, size_t len) {
- ssize_t r;
-
while (len > 0) {
+ ssize_t r;
+
if (urandom_fd == kHaveGetrandom) {
#if defined(USE_SYS_getrandom)
do {
r = syscall(SYS_getrandom, out, len, 0 /* no flags */);
} while (r == -1 && errno == EINTR);
-#else
+
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+ if (r > 0) {
+ /* MSAN doesn't recognise |syscall| and thus doesn't notice that we
+ * have initialised the output buffer. */
+ __msan_unpoison(out, r);
+ }
+#endif /* memory_sanitizer */
+#endif /*__has_feature */
+
+#else /* USE_SYS_getrandom */
abort();
#endif
} else {
@@ -274,7 +291,7 @@
size_t remaining = BUF_SIZE - buf->used;
while (requested > remaining) {
- memcpy(out, &buf->rand[buf->used], remaining);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], remaining);
buf->used += remaining;
out += remaining;
requested -= remaining;
@@ -287,7 +304,7 @@
remaining = BUF_SIZE;
}
- memcpy(out, &buf->rand[buf->used], requested);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], requested);
buf->used += requested;
}
diff --git a/src/crypto/refcount_test.c b/src/crypto/refcount_test.cc
similarity index 100%
rename from src/crypto/refcount_test.c
rename to src/crypto/refcount_test.cc
diff --git a/src/crypto/rsa/blinding.c b/src/crypto/rsa/blinding.c
index 0a485ee..693dced 100644
--- a/src/crypto/rsa/blinding.c
+++ b/src/crypto/rsa/blinding.c
@@ -115,6 +115,7 @@
#include <openssl/err.h>
#include "internal.h"
+#include "../internal.h"
#define BN_BLINDING_COUNTER 32
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(BN_BLINDING));
+ OPENSSL_memset(ret, 0, sizeof(BN_BLINDING));
ret->A = BN_new();
if (ret->A == NULL) {
diff --git a/src/crypto/rsa/padding.c b/src/crypto/rsa/padding.c
index 987349b..3ed19ad 100644
--- a/src/crypto/rsa/padding.c
+++ b/src/crypto/rsa/padding.c
@@ -92,10 +92,10 @@
/* pad out with 0xff data */
j = to_len - 3 - from_len;
- memset(p, 0xff, j);
+ OPENSSL_memset(p, 0xff, j);
p += j;
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -146,7 +146,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
return -1;
}
- memcpy(to, p, j);
+ OPENSSL_memcpy(to, p, j);
return j;
}
@@ -188,7 +188,7 @@
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -254,7 +254,7 @@
return -1;
}
- memcpy(to, &from[zero_index], msg_len);
+ OPENSSL_memcpy(to, &from[zero_index], msg_len);
return (int)msg_len;
}
@@ -270,7 +270,7 @@
return 0;
}
- memcpy(to, from, from_len);
+ OPENSSL_memcpy(to, from, from_len);
return 1;
}
@@ -305,7 +305,7 @@
if (!EVP_DigestFinal_ex(&ctx, digest, NULL)) {
goto err;
}
- memcpy(out, digest, len);
+ OPENSSL_memcpy(out, digest, len);
len = 0;
}
}
@@ -358,9 +358,9 @@
if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) {
return 0;
}
- memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
+ OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
db[emlen - from_len - mdlen - 1] = 0x01;
- memcpy(db + emlen - from_len - mdlen, from, from_len);
+ OPENSSL_memcpy(db + emlen - from_len - mdlen, from, from_len);
if (!RAND_bytes(seed, mdlen)) {
return 0;
}
@@ -471,7 +471,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
mlen = -1;
} else {
- memcpy(to, db + one_index, mlen);
+ OPENSSL_memcpy(to, db + one_index, mlen);
}
OPENSSL_free(db);
@@ -579,7 +579,7 @@
if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) {
goto err;
}
- if (memcmp(H_, H, hLen)) {
+ if (OPENSSL_memcmp(H_, H, hLen)) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
ret = 0;
} else {
diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c
index 17f0a8a..731293f 100644
--- a/src/crypto/rsa/rsa.c
+++ b/src/crypto/rsa/rsa.c
@@ -82,7 +82,7 @@
return NULL;
}
- memset(rsa, 0, sizeof(RSA));
+ OPENSSL_memset(rsa, 0, sizeof(RSA));
if (engine) {
rsa->meth = ENGINE_get_RSA_method(engine);
@@ -446,8 +446,8 @@
return 0;
}
- memcpy(signed_msg, prefix, prefix_len);
- memcpy(signed_msg + prefix_len, msg, msg_len);
+ OPENSSL_memcpy(signed_msg, prefix, prefix_len);
+ OPENSSL_memcpy(signed_msg + prefix_len, msg, msg_len);
*out_msg = signed_msg;
*out_msg_len = signed_msg_len;
@@ -532,7 +532,7 @@
goto out;
}
- if (len != signed_msg_len || memcmp(buf, signed_msg, len) != 0) {
+ if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
goto out;
}
diff --git a/src/crypto/rsa/rsa_asn1.c b/src/crypto/rsa/rsa_asn1.c
index 509f1aa..88b1dfb 100644
--- a/src/crypto/rsa/rsa_asn1.c
+++ b/src/crypto/rsa/rsa_asn1.c
@@ -66,6 +66,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) {
@@ -183,7 +184,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(ret, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ret, 0, sizeof(RSA_additional_prime));
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
@@ -280,6 +281,11 @@
goto err;
}
+ if (!RSA_check_key(ret)) {
+ OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
+ goto err;
+ }
+
BN_CTX_free(ctx);
BN_free(product_of_primes_so_far);
return ret;
diff --git a/src/crypto/rsa/rsa_impl.c b/src/crypto/rsa/rsa_impl.c
index fb7a368..3834be5 100644
--- a/src/crypto/rsa/rsa_impl.c
+++ b/src/crypto/rsa/rsa_impl.c
@@ -65,6 +65,7 @@
#include <openssl/thread.h>
#include "internal.h"
+#include "../bn/internal.h"
#include "../internal.h"
@@ -263,7 +264,7 @@
if (new_blindings == NULL) {
goto err1;
}
- memcpy(new_blindings, rsa->blindings,
+ OPENSSL_memcpy(new_blindings, rsa->blindings,
sizeof(BN_BLINDING *) * rsa->num_blindings);
new_blindings[rsa->num_blindings] = ret;
@@ -271,7 +272,7 @@
if (new_blindings_inuse == NULL) {
goto err2;
}
- memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
+ OPENSSL_memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
new_blindings_inuse[rsa->num_blindings] = 1;
*index_used = rsa->num_blindings;
@@ -590,17 +591,9 @@
if (!mod_exp(result, f, rsa, ctx)) {
goto err;
}
- } else {
- BIGNUM local_d;
- BIGNUM *d = NULL;
-
- BN_init(&local_d);
- d = &local_d;
- BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-
- if (!BN_mod_exp_mont_consttime(result, f, d, rsa->n, ctx, rsa->mont_n)) {
- goto err;
- }
+ } else if (!BN_mod_exp_mont_consttime(result, f, rsa->d, rsa->n, ctx,
+ rsa->mont_n)) {
+ goto err;
}
/* Verify the result to protect against fault attacks as described in the
@@ -658,8 +651,6 @@
assert(rsa->iqmp != NULL);
BIGNUM *r1, *m1, *vrfy;
- BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
- BIGNUM *dmp1, *dmq1, *c, *pr1;
int ret = 0;
size_t i, num_additional_primes = 0;
@@ -677,23 +668,9 @@
goto err;
}
- {
- BIGNUM local_p, local_q;
- BIGNUM *p = NULL, *q = NULL;
-
- /* Make sure BN_mod in Montgomery initialization uses BN_FLG_CONSTTIME. */
- BN_init(&local_p);
- p = &local_p;
- BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
- BN_init(&local_q);
- q = &local_q;
- BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
-
- if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, p, ctx) ||
- !BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, q, ctx)) {
- goto err;
- }
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
+ !BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, rsa->q, ctx)) {
+ goto err;
}
if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx)) {
@@ -701,30 +678,22 @@
}
/* compute I mod q */
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->q, ctx)) {
+ if (!BN_mod(r1, I, rsa->q, ctx)) {
goto err;
}
/* compute r1^dmq1 mod q */
- dmq1 = &local_dmq1;
- BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
- if (!BN_mod_exp_mont_consttime(m1, r1, dmq1, rsa->q, ctx, rsa->mont_q)) {
+ if (!BN_mod_exp_mont_consttime(m1, r1, rsa->dmq1, rsa->q, ctx, rsa->mont_q)) {
goto err;
}
/* compute I mod p */
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->p, ctx)) {
+ if (!BN_mod(r1, I, rsa->p, ctx)) {
goto err;
}
/* compute r1^dmp1 mod p */
- dmp1 = &local_dmp1;
- BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
- if (!BN_mod_exp_mont_consttime(r0, r1, dmp1, rsa->p, ctx, rsa->mont_p)) {
+ if (!BN_mod_exp_mont_consttime(r0, r1, rsa->dmp1, rsa->p, ctx, rsa->mont_p)) {
goto err;
}
@@ -743,11 +712,7 @@
goto err;
}
- /* Turn BN_FLG_CONSTTIME flag on before division operation */
- pr1 = &local_r1;
- BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
-
- if (!BN_mod(r0, pr1, rsa->p, ctx)) {
+ if (!BN_mod(r0, r1, rsa->p, ctx)) {
goto err;
}
@@ -771,30 +736,23 @@
for (i = 0; i < num_additional_primes; i++) {
/* multi-prime RSA. */
- BIGNUM local_exp, local_prime;
- BIGNUM *exp = &local_exp, *prime = &local_prime;
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
- BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME);
- BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME);
-
/* c will already point to a BIGNUM with the correct flags. */
- if (!BN_mod(r1, c, prime, ctx)) {
+ if (!BN_mod(r1, I, ap->prime, ctx)) {
goto err;
}
- if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, prime, ctx) ||
- !BN_mod_exp_mont_consttime(m1, r1, exp, prime, ctx, ap->mont)) {
+ if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
+ !BN_mod_exp_mont_consttime(m1, r1, ap->exp, ap->prime, ctx, ap->mont)) {
goto err;
}
- BN_set_flags(m1, BN_FLG_CONSTTIME);
-
if (!BN_sub(m1, m1, r0) ||
!BN_mul(m1, m1, ap->coeff, ctx) ||
- !BN_mod(m1, m1, prime, ctx) ||
- (BN_is_negative(m1) && !BN_add(m1, m1, prime)) ||
+ !BN_mod(m1, m1, ap->prime, ctx) ||
+ (BN_is_negative(m1) && !BN_add(m1, m1, ap->prime)) ||
!BN_mul(m1, m1, ap->r, ctx) ||
!BN_add(r0, r0, m1)) {
goto err;
@@ -811,8 +769,8 @@
int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
BIGNUM *e_value, BN_GENCB *cb) {
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
- BIGNUM local_r0, local_d, local_p;
- BIGNUM *pr0, *d, *p;
+ BIGNUM local_r0, local_p;
+ BIGNUM *pr0, *p;
int prime_bits, ok = -1, n = 0, i, j;
BN_CTX *ctx = NULL;
STACK_OF(RSA_additional_prime) *additional_primes = NULL;
@@ -848,7 +806,7 @@
if (ap == NULL) {
goto err;
}
- memset(ap, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ap, 0, sizeof(RSA_additional_prime));
ap->prime = BN_new();
ap->exp = BN_new();
ap->coeff = BN_new();
@@ -1047,25 +1005,24 @@
goto err; /* d */
}
- /* set up d for correct BN_FLG_CONSTTIME flag */
- d = &local_d;
- BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-
/* calculate d mod (p-1) */
- if (!BN_mod(rsa->dmp1, d, r1, ctx)) {
+ if (!BN_mod(rsa->dmp1, rsa->d, r1, ctx)) {
goto err;
}
/* calculate d mod (q-1) */
- if (!BN_mod(rsa->dmq1, d, r2, ctx)) {
+ if (!BN_mod(rsa->dmq1, rsa->d, r2, ctx)) {
goto err;
}
- /* calculate inverse of q mod p */
+ /* Calculate inverse of q mod p. Note that although RSA key generation is far
+ * from constant-time, |bn_mod_inverse_secret_prime| uses the same modular
+ * exponentation logic as in RSA private key operations and, if the RSAZ-1024
+ * code is enabled, will be optimized for common RSA prime sizes. */
p = &local_p;
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
- if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) {
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
+ !bn_mod_inverse_secret_prime(rsa->iqmp, rsa->q, p, ctx, rsa->mont_p)) {
goto err;
}
@@ -1074,15 +1031,24 @@
sk_RSA_additional_prime_value(additional_primes, i - 2);
if (!BN_sub(ap->exp, ap->prime, BN_value_one()) ||
!BN_mod(ap->exp, rsa->d, ap->exp, ctx) ||
- !BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) {
+ !BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
+ !bn_mod_inverse_secret_prime(ap->coeff, ap->r, ap->prime, ctx,
+ ap->mont)) {
goto err;
}
}
- ok = 1;
rsa->additional_primes = additional_primes;
additional_primes = NULL;
+ /* The key generation process is complex and thus error-prone. It could be
+ * disastrous to generate and then use a bad key so double-check that the key
+ * makes sense. */
+ ok = RSA_check_key(rsa);
+ if (!ok) {
+ OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR);
+ }
+
err:
if (ok == -1) {
OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
diff --git a/src/crypto/rsa/rsa_test.cc b/src/crypto/rsa/rsa_test.cc
index 8c4a787..306df7e 100644
--- a/src/crypto/rsa/rsa_test.cc
+++ b/src/crypto/rsa/rsa_test.cc
@@ -65,6 +65,8 @@
#include <openssl/err.h>
#include <openssl/nid.h>
+#include "../internal.h"
+
// kPlaintext is a sample plaintext.
static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
@@ -549,7 +551,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n");
return false;
}
@@ -566,7 +568,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (encrypted data) failed!\n");
return false;
}
@@ -577,13 +579,13 @@
oaep_ciphertext, oaep_ciphertext_len,
RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (test vector data) failed!\n");
return false;
}
// Try decrypting corrupted ciphertexts.
- memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
+ OPENSSL_memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
for (size_t i = 0; i < oaep_ciphertext_len; i++) {
ciphertext[i] ^= 1;
if (RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
@@ -628,7 +630,7 @@
if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size,
RSA_PKCS1_PADDING) ||
out_len != 11 ||
- memcmp(out, "hello world", 11) != 0) {
+ OPENSSL_memcmp(out, "hello world", 11) != 0) {
fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes);
ERR_print_errors_fp(stderr);
return false;
@@ -655,7 +657,7 @@
!RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted),
encrypted, encrypted_len, RSA_PKCS1_PADDING) ||
decrypted_len != sizeof(kMessage) ||
- memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
+ OPENSSL_memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
ERR_print_errors_fp(stderr);
return false;
}
@@ -688,6 +690,19 @@
return false;
}
+ uint8_t *der;
+ size_t der_len;
+ if (!RSA_private_key_to_bytes(&der, &der_len, key.get())) {
+ fprintf(stderr, "RSA_private_key_to_bytes failed to serialize bad key\n.");
+ return false;
+ }
+ bssl::UniquePtr<uint8_t> delete_der(der);
+
+ key.reset(RSA_private_key_from_bytes(der, der_len));
+ if (key) {
+ fprintf(stderr, "RSA_private_key_from_bytes accepted bad key\n.");
+ }
+
ERR_clear_error();
return true;
}
@@ -854,7 +869,8 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der(der);
- if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) {
+ if (der_len != sizeof(kKey1) - 1 ||
+ OPENSSL_memcmp(der, kKey1, der_len) != 0) {
return false;
}
@@ -877,7 +893,7 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der2(der2);
- if (der_len != der2_len || memcmp(der, der2, der_len) != 0) {
+ if (der_len != der2_len || OPENSSL_memcmp(der, der2, der_len) != 0) {
return false;
}
diff --git a/src/crypto/sha/sha1.c b/src/crypto/sha/sha1.c
index 12fb457..7c72713 100644
--- a/src/crypto/sha/sha1.c
+++ b/src/crypto/sha/sha1.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -69,7 +71,7 @@
#endif
int SHA1_Init(SHA_CTX *sha) {
- memset(sha, 0, sizeof(SHA_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA_CTX));
sha->h[0] = 0x67452301UL;
sha->h[1] = 0xefcdab89UL;
sha->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/sha/sha256.c b/src/crypto/sha/sha256.c
index 58f7c42..fb950d7 100644
--- a/src/crypto/sha/sha256.c
+++ b/src/crypto/sha/sha256.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -68,7 +70,7 @@
#endif
int SHA224_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0xc1059ed8UL;
sha->h[1] = 0x367cd507UL;
sha->h[2] = 0x3070dd17UL;
@@ -82,7 +84,7 @@
}
int SHA256_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0x6a09e667UL;
sha->h[1] = 0xbb67ae85UL;
sha->h[2] = 0x3c6ef372UL;
diff --git a/src/crypto/sha/sha512.c b/src/crypto/sha/sha512.c
index 355011f..8761150 100644
--- a/src/crypto/sha/sha512.c
+++ b/src/crypto/sha/sha512.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* IMPLEMENTATION NOTES.
*
@@ -167,7 +169,7 @@
void SHA512_Transform(SHA512_CTX *c, const uint8_t *block) {
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)block % sizeof(c->u.d[0]) != 0) {
- memcpy(c->u.p, block, sizeof(c->u.p));
+ OPENSSL_memcpy(c->u.p, block, sizeof(c->u.p));
block = c->u.p;
}
#endif
@@ -196,11 +198,11 @@
size_t n = sizeof(c->u) - c->num;
if (len < n) {
- memcpy(p + c->num, data, len);
+ OPENSSL_memcpy(p + c->num, data, len);
c->num += (unsigned int)len;
return 1;
} else {
- memcpy(p + c->num, data, n), c->num = 0;
+ OPENSSL_memcpy(p + c->num, data, n), c->num = 0;
len -= n;
data += n;
sha512_block_data_order(c->h, (uint64_t *)p, 1);
@@ -211,7 +213,7 @@
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)data % sizeof(c->u.d[0]) != 0) {
while (len >= sizeof(c->u)) {
- memcpy(p, data, sizeof(c->u));
+ OPENSSL_memcpy(p, data, sizeof(c->u));
sha512_block_data_order(c->h, (uint64_t *)p, 1);
len -= sizeof(c->u);
data += sizeof(c->u);
@@ -227,7 +229,7 @@
}
if (len != 0) {
- memcpy(p, data, len);
+ OPENSSL_memcpy(p, data, len);
c->num = (int)len;
}
@@ -241,12 +243,12 @@
p[n] = 0x80; /* There always is a room for one */
n++;
if (n > (sizeof(sha->u) - 16)) {
- memset(p + n, 0, sizeof(sha->u) - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - n);
n = 0;
sha512_block_data_order(sha->h, (uint64_t *)p, 1);
}
- memset(p + n, 0, sizeof(sha->u) - 16 - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - 16 - n);
p[sizeof(sha->u) - 1] = (uint8_t)(sha->Nl);
p[sizeof(sha->u) - 2] = (uint8_t)(sha->Nl >> 8);
p[sizeof(sha->u) - 3] = (uint8_t)(sha->Nl >> 16);
diff --git a/src/crypto/stack/stack.c b/src/crypto/stack/stack.c
index 2d5744a..f78209d 100644
--- a/src/crypto/stack/stack.c
+++ b/src/crypto/stack/stack.c
@@ -60,6 +60,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinSize is the number of pointers that will be initially allocated in a new
* stack. */
static const size_t kMinSize = 4;
@@ -71,14 +74,14 @@
if (ret == NULL) {
goto err;
}
- memset(ret, 0, sizeof(_STACK));
+ OPENSSL_memset(ret, 0, sizeof(_STACK));
ret->data = OPENSSL_malloc(sizeof(void *) * kMinSize);
if (ret->data == NULL) {
goto err;
}
- memset(ret->data, 0, sizeof(void *) * kMinSize);
+ OPENSSL_memset(ret->data, 0, sizeof(void *) * kMinSize);
ret->comp = comp;
ret->num_alloc = kMinSize;
@@ -103,7 +106,7 @@
if (sk == NULL || sk->num == 0) {
return;
}
- memset(sk->data, 0, sizeof(void*) * sk->num);
+ OPENSSL_memset(sk->data, 0, sizeof(void*) * sk->num);
sk->num = 0;
sk->sorted = 0;
}
@@ -177,8 +180,8 @@
if (where >= sk->num) {
sk->data[sk->num] = p;
} else {
- memmove(&sk->data[where + 1], &sk->data[where],
- sizeof(void *) * (sk->num - where));
+ OPENSSL_memmove(&sk->data[where + 1], &sk->data[where],
+ sizeof(void *) * (sk->num - where));
sk->data[where] = p;
}
@@ -198,7 +201,7 @@
ret = sk->data[where];
if (where != sk->num - 1) {
- memmove(&sk->data[where], &sk->data[where + 1],
+ OPENSSL_memmove(&sk->data[where], &sk->data[where + 1],
sizeof(void *) * (sk->num - where - 1));
}
@@ -308,7 +311,7 @@
ret->data = s;
ret->num = sk->num;
- memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
+ OPENSSL_memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
ret->sorted = sk->sorted;
ret->num_alloc = sk->num_alloc;
ret->comp = sk->comp;
diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc
index d684aa0..715907e 100644
--- a/src/crypto/test/file_test.cc
+++ b/src/crypto/test/file_test.cc
@@ -24,6 +24,8 @@
#include <openssl/err.h>
+#include "../internal.h"
+
FileTest::FileTest(const char *path) {
file_ = fopen(path, "r");
@@ -227,7 +229,7 @@
bool FileTest::ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
const uint8_t *actual, size_t actual_len) {
if (expected_len == actual_len &&
- memcmp(expected, actual, expected_len) == 0) {
+ OPENSSL_memcmp(expected, actual, expected_len) == 0) {
return true;
}
diff --git a/src/crypto/thread_pthread.c b/src/crypto/thread_pthread.c
index 90ff861..d9e87f2 100644
--- a/src/crypto/thread_pthread.c
+++ b/src/crypto/thread_pthread.c
@@ -103,7 +103,7 @@
if (pthread_mutex_lock(&g_destructors_lock) != 0) {
return;
}
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
pthread_mutex_unlock(&g_destructors_lock);
unsigned i;
@@ -154,7 +154,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (pthread_setspecific(g_thread_local_key, pointers) != 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/src/crypto/thread_test.c b/src/crypto/thread_test.c
index 12ca2ec..c702ace 100644
--- a/src/crypto/thread_test.c
+++ b/src/crypto/thread_test.c
@@ -30,7 +30,7 @@
static DWORD WINAPI thread_run(LPVOID arg) {
void (*thread_func)(void);
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&thread_func, &arg, sizeof(thread_func));
+ OPENSSL_memcpy(&thread_func, &arg, sizeof(thread_func));
thread_func();
return 0;
}
@@ -38,7 +38,7 @@
static int run_thread(thread_t *out_thread, void (*thread_func)(void)) {
void *arg;
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&arg, &thread_func, sizeof(arg));
+ OPENSSL_memcpy(&arg, &thread_func, sizeof(arg));
*out_thread = CreateThread(NULL /* security attributes */,
0 /* default stack size */, thread_run, arg,
@@ -86,7 +86,7 @@
Sleep(1 /* milliseconds */);
#else
struct timespec req;
- memset(&req, 0, sizeof(req));
+ OPENSSL_memset(&req, 0, sizeof(req));
req.tv_nsec = 1000000;
nanosleep(&req, NULL);
#endif
diff --git a/src/crypto/thread_win.c b/src/crypto/thread_win.c
index 836cf0f..62119b4 100644
--- a/src/crypto/thread_win.c
+++ b/src/crypto/thread_win.c
@@ -122,7 +122,7 @@
thread_local_destructor_t destructors[NUM_OPENSSL_THREAD_LOCALS];
EnterCriticalSection(&g_destructors_lock);
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
LeaveCriticalSection(&g_destructors_lock);
unsigned i;
@@ -218,7 +218,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (TlsSetValue(g_thread_local_key, pointers) == 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/src/crypto/x509/a_verify.c b/src/crypto/x509/a_verify.c
index 5a9adb6..0af4197 100644
--- a/src/crypto/x509/a_verify.c
+++ b/src/crypto/x509/a_verify.c
@@ -119,7 +119,7 @@
* we don't need to zero the 'ctx' because we just checked public
* information
*/
- /* memset(&ctx,0,sizeof(ctx)); */
+ /* OPENSSL_memset(&ctx,0,sizeof(ctx)); */
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
diff --git a/src/crypto/x509/asn1_gen.c b/src/crypto/x509/asn1_gen.c
index 03a0ab9..c52a1ac 100644
--- a/src/crypto/x509/asn1_gen.c
+++ b/src/crypto/x509/asn1_gen.c
@@ -261,7 +261,7 @@
}
/* Copy across original encoding */
- memcpy(p, cpy_start, cpy_len);
+ OPENSSL_memcpy(p, cpy_start, cpy_len);
cp = new_der;
diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c
index 434e5ab..e68ca5a 100644
--- a/src/crypto/x509/by_dir.c
+++ b/src/crypto/x509/by_dir.c
@@ -433,7 +433,7 @@
if (tmp != NULL) {
ok = 1;
ret->type = tmp->type;
- memcpy(&ret->data, &tmp->data, sizeof(ret->data));
+ OPENSSL_memcpy(&ret->data, &tmp->data, sizeof(ret->data));
/*
* If we were going to up the reference count, we would need
* to do it on a perl 'type' basis
diff --git a/src/crypto/x509/pkcs7_test.c b/src/crypto/x509/pkcs7_test.c
index bebcbd9..7bf4b81 100644
--- a/src/crypto/x509/pkcs7_test.c
+++ b/src/crypto/x509/pkcs7_test.c
@@ -22,6 +22,7 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "../test/test_util.h"
@@ -520,7 +521,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
@@ -584,7 +585,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
diff --git a/src/crypto/x509/x509_cmp.c b/src/crypto/x509/x509_cmp.c
index 32862eb..98236d9 100644
--- a/src/crypto/x509/x509_cmp.c
+++ b/src/crypto/x509/x509_cmp.c
@@ -67,6 +67,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
{
int i;
@@ -125,7 +128,7 @@
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
{
- return memcmp(a->sha1_hash, b->sha1_hash, 20);
+ return OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, 20);
}
X509_NAME *X509_get_issuer_name(X509 *a)
@@ -178,7 +181,7 @@
X509_check_purpose((X509 *)a, -1, 0);
X509_check_purpose((X509 *)b, -1, 0);
- rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
+ rv = OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
if (rv)
return rv;
/* Check for match against stored encoding too */
@@ -186,8 +189,8 @@
rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);
if (rv)
return rv;
- return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
- a->cert_info->enc.len);
+ return OPENSSL_memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
+ a->cert_info->enc.len);
}
return rv;
}
@@ -215,7 +218,7 @@
if (ret)
return ret;
- return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
+ return OPENSSL_memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
}
diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c
index 7aee3bb..9e45964 100644
--- a/src/crypto/x509/x509_lu.c
+++ b/src/crypto/x509/x509_lu.c
@@ -188,7 +188,7 @@
if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
return NULL;
- memset(ret, 0, sizeof(*ret));
+ OPENSSL_memset(ret, 0, sizeof(*ret));
CRYPTO_MUTEX_init(&ret->objs_lock);
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
if (ret->objs == NULL)
@@ -396,6 +396,11 @@
return ret;
}
+void X509_STORE_set0_additional_untrusted(X509_STORE *ctx,
+ STACK_OF(X509) *untrusted) {
+ ctx->additional_untrusted = untrusted;
+}
+
int X509_OBJECT_up_ref_count(X509_OBJECT *a)
{
switch (a->type) {
diff --git a/src/crypto/x509/x509_obj.c b/src/crypto/x509/x509_obj.c
index a7f31e0..33eafc4 100644
--- a/src/crypto/x509/x509_obj.c
+++ b/src/crypto/x509/x509_obj.c
@@ -64,6 +64,9 @@
#include <openssl/obj.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
/*
* Limit to ensure we don't overflow: much greater than
* anything enountered in practice.
@@ -161,7 +164,7 @@
} else
p = &(buf[lold]);
*(p++) = '/';
- memcpy(p, s, (unsigned int)l1);
+ OPENSSL_memcpy(p, s, (unsigned int)l1);
p += l1;
*(p++) = '=';
diff --git a/src/crypto/x509/x509_test.cc b/src/crypto/x509/x509_test.cc
index 0c25754..3629c13 100644
--- a/src/crypto/x509/x509_test.cc
+++ b/src/crypto/x509/x509_test.cc
@@ -25,6 +25,8 @@
#include <openssl/pool.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
static const char kCrossSigningRootPEM[] =
"-----BEGIN CERTIFICATE-----\n"
@@ -450,7 +452,8 @@
static int Verify(X509 *leaf, const std::vector<X509 *> &roots,
const std::vector<X509 *> &intermediates,
const std::vector<X509_CRL *> &crls,
- unsigned long flags = 0) {
+ unsigned long flags,
+ bool use_additional_untrusted) {
bssl::UniquePtr<STACK_OF(X509)> roots_stack(CertsToStack(roots));
bssl::UniquePtr<STACK_OF(X509)> intermediates_stack(
CertsToStack(intermediates));
@@ -469,8 +472,14 @@
return X509_V_ERR_UNSPECIFIED;
}
- if (!X509_STORE_CTX_init(ctx.get(), store.get(), leaf,
- intermediates_stack.get())) {
+ if (use_additional_untrusted) {
+ X509_STORE_set0_additional_untrusted(store.get(),
+ intermediates_stack.get());
+ }
+
+ if (!X509_STORE_CTX_init(
+ ctx.get(), store.get(), leaf,
+ use_additional_untrusted ? nullptr : intermediates_stack.get())) {
return X509_V_ERR_UNSPECIFIED;
}
@@ -496,6 +505,24 @@
return X509_V_OK;
}
+static int Verify(X509 *leaf, const std::vector<X509 *> &roots,
+ const std::vector<X509 *> &intermediates,
+ const std::vector<X509_CRL *> &crls,
+ unsigned long flags = 0) {
+ const int r1 = Verify(leaf, roots, intermediates, crls, flags, false);
+ const int r2 = Verify(leaf, roots, intermediates, crls, flags, true);
+
+ if (r1 != r2) {
+ fprintf(stderr,
+ "Verify with, and without, use_additional_untrusted gave different "
+ "results: %d vs %d.\n",
+ r1, r2);
+ return false;
+ }
+
+ return r1;
+}
+
static bool TestVerify() {
bssl::UniquePtr<X509> cross_signing_root(CertFromPEM(kCrossSigningRootPEM));
bssl::UniquePtr<X509> root(CertFromPEM(kRootCAPEM));
@@ -814,7 +841,7 @@
}
std::unique_ptr<uint8_t[]> trailing_data(new uint8_t[data_len + 1]);
- memcpy(trailing_data.get(), data.get(), data_len);
+ OPENSSL_memcpy(trailing_data.get(), data.get(), data_len);
bssl::UniquePtr<CRYPTO_BUFFER> buf_trailing_data(
CRYPTO_BUFFER_new(trailing_data.get(), data_len + 1, nullptr));
@@ -927,7 +954,7 @@
return false;
}
if (i2d_len != static_cast<long>(data2_len) ||
- memcmp(data2.get(), i2d, i2d_len) != 0) {
+ OPENSSL_memcmp(data2.get(), i2d, i2d_len) != 0) {
fprintf(stderr, "TestFromBufferReused: i2d gave wrong result.\n");
return false;
}
@@ -964,7 +991,7 @@
}
std::unique_ptr<uint8_t[]> data_with_trailing_byte(new uint8_t[data_len + 1]);
- memcpy(data_with_trailing_byte.get(), data.get(), data_len);
+ OPENSSL_memcpy(data_with_trailing_byte.get(), data.get(), data_len);
data_with_trailing_byte[data_len] = 0;
bssl::UniquePtr<CRYPTO_BUFFER> buf_with_trailing_byte(
diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c
index fa6a5c5..27b58f4 100644
--- a/src/crypto/x509/x509_vfy.c
+++ b/src/crypto/x509/x509_vfy.c
@@ -226,7 +226,8 @@
X509_up_ref(ctx->cert);
ctx->last_untrusted = 1;
- /* We use a temporary STACK so we can chop and hack at it */
+ /* We use a temporary STACK so we can chop and hack at it.
+ * sktmp = ctx->untrusted ++ ctx->ctx->additional_untrusted */
if (ctx->untrusted != NULL
&& (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
@@ -234,6 +235,28 @@
goto end;
}
+ if (ctx->ctx->additional_untrusted != NULL) {
+ if (sktmp == NULL) {
+ sktmp = sk_X509_new_null();
+ if (sktmp == NULL) {
+ OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ goto end;
+ }
+ }
+
+ for (size_t k = 0; k < sk_X509_num(ctx->ctx->additional_untrusted);
+ k++) {
+ if (!sk_X509_push(sktmp,
+ sk_X509_value(ctx->ctx->additional_untrusted,
+ k))) {
+ OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ goto end;
+ }
+ }
+ }
+
num = sk_X509_num(ctx->chain);
x = sk_X509_value(ctx->chain, num - 1);
depth = param->depth;
@@ -269,7 +292,7 @@
}
/* If we were passed a cert chain, use it first */
- if (ctx->untrusted != NULL) {
+ if (sktmp != NULL) {
xtmp = find_issuer(ctx, sktmp, x);
if (xtmp != NULL) {
if (!sk_X509_push(ctx->chain, xtmp)) {
@@ -1258,6 +1281,17 @@
return;
}
}
+
+ for (i = 0; i < sk_X509_num(ctx->ctx->additional_untrusted); i++) {
+ crl_issuer = sk_X509_value(ctx->ctx->additional_untrusted, i);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pissuer = crl_issuer;
+ *pcrl_score |= CRL_SCORE_AKID;
+ return;
+ }
+ }
}
/*
@@ -1829,7 +1863,7 @@
int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 10);
+ OPENSSL_memcpy(p, str, 10);
p += 10;
str += 10;
remaining -= 10;
@@ -1841,7 +1875,7 @@
int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 12);
+ OPENSSL_memcpy(p, str, 12);
p += 12;
str += 12;
remaining -= 12;
@@ -2226,7 +2260,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
return ctx;
}
@@ -2244,7 +2278,7 @@
{
int ret = 1;
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
ctx->ctx = store;
ctx->cert = x509;
ctx->untrusted = chain;
@@ -2337,7 +2371,7 @@
X509_VERIFY_PARAM_free(ctx->param);
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -2375,7 +2409,7 @@
ctx->chain = NULL;
}
CRYPTO_free_ex_data(&g_ex_data_class, ctx, &(ctx->ex_data));
- memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
+ OPENSSL_memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
diff --git a/src/crypto/x509/x509_vpm.c b/src/crypto/x509/x509_vpm.c
index 924cfa7..2317214 100644
--- a/src/crypto/x509/x509_vpm.c
+++ b/src/crypto/x509/x509_vpm.c
@@ -65,6 +65,8 @@
#include <openssl/x509v3.h>
#include "vpm_int.h"
+#include "../internal.h"
+
/* X509_VERIFY_PARAM functions */
@@ -92,7 +94,7 @@
* Refuse names with embedded NUL bytes.
* XXX: Do we need to push an error onto the error stack?
*/
- if (name && memchr(name, '\0', namelen))
+ if (name && OPENSSL_memchr(name, '\0', namelen))
return 0;
if (mode == SET_HOST && id->hosts) {
@@ -176,8 +178,8 @@
OPENSSL_free(param);
return NULL;
}
- memset(param, 0, sizeof(X509_VERIFY_PARAM));
- memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
+ OPENSSL_memset(param, 0, sizeof(X509_VERIFY_PARAM));
+ OPENSSL_memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
param->id = paramid;
x509_verify_param_zero(param);
return param;
diff --git a/src/crypto/x509/x509name.c b/src/crypto/x509/x509name.c
index 050e16a..610de5f 100644
--- a/src/crypto/x509/x509name.c
+++ b/src/crypto/x509/x509name.c
@@ -63,6 +63,9 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
{
const ASN1_OBJECT *obj;
@@ -86,7 +89,7 @@
i = (data->length > (len - 1)) ? (len - 1) : data->length;
if (buf == NULL)
return (data->length);
- memcpy(buf, data->data, i);
+ OPENSSL_memcpy(buf, data->data, i);
buf[i] = '\0';
return (i);
}
diff --git a/src/crypto/x509/x_name.c b/src/crypto/x509/x_name.c
index 19f536c..f97081d 100644
--- a/src/crypto/x509/x_name.c
+++ b/src/crypto/x509/x_name.c
@@ -67,6 +67,8 @@
#include <openssl/x509.h>
#include "../asn1/asn1_locl.h"
+#include "../internal.h"
+
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
@@ -233,7 +235,7 @@
local_sk_X509_NAME_ENTRY_pop_free);
goto err;
}
- memcpy(nm.x->bytes->data, q, p - q);
+ OPENSSL_memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
@@ -276,7 +278,7 @@
}
ret = a->bytes->length;
if (out != NULL) {
- memcpy(*out, a->bytes->data, ret);
+ OPENSSL_memcpy(*out, a->bytes->data, ret);
*out += ret;
}
return ret;
@@ -336,8 +338,8 @@
* spaces collapsed, converted to lower case and the leading SEQUENCE header
* removed. In future we could also normalize the UTF8 too. By doing this
* comparison of Name structures can be rapidly perfomed by just using
- * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
- * constraints of type dirName can also be checked with a simple memcmp().
+ * OPENSSL_memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple OPENSSL_memcmp().
*/
static int x509_name_canon(X509_NAME *a)
diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c
index fc44595..8231a24 100644
--- a/src/crypto/x509/x_pkey.c
+++ b/src/crypto/x509/x_pkey.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
+
X509_PKEY *X509_PKEY_new(void)
{
X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY));
@@ -70,7 +73,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(ret, 0, sizeof(X509_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(X509_PKEY));
ret->enc_algor = X509_ALGOR_new();
if (ret->enc_algor == NULL)
diff --git a/src/crypto/x509v3/pcy_tree.c b/src/crypto/x509v3/pcy_tree.c
index a13a4fa..a588107 100644
--- a/src/crypto/x509v3/pcy_tree.c
+++ b/src/crypto/x509v3/pcy_tree.c
@@ -66,6 +66,7 @@
#include <openssl/x509v3.h>
#include "pcy_int.h"
+#include "../internal.h"
/*
* Enable this to print out the complete policy tree at various point during
@@ -238,7 +239,7 @@
return 0;
}
- memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
+ OPENSSL_memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
tree->nlevel = n;
diff --git a/src/crypto/x509v3/v3_ia5.c b/src/crypto/x509v3/v3_ia5.c
index 6fc6b59..6b2056d 100644
--- a/src/crypto/x509v3/v3_ia5.c
+++ b/src/crypto/x509v3/v3_ia5.c
@@ -67,6 +67,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
ASN1_IA5STRING *ia5);
static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
@@ -92,7 +95,7 @@
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memcpy(tmp, ia5->data, ia5->length);
+ OPENSSL_memcpy(tmp, ia5->data, ia5->length);
tmp[ia5->length] = 0;
return tmp;
}
diff --git a/src/crypto/x509v3/v3_ncons.c b/src/crypto/x509v3/v3_ncons.c
index 368ad27..fc2843e 100644
--- a/src/crypto/x509v3/v3_ncons.c
+++ b/src/crypto/x509v3/v3_ncons.c
@@ -65,6 +65,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
@@ -365,7 +368,7 @@
return X509_V_ERR_OUT_OF_MEM;
if (base->canon_enclen > nm->canon_enclen)
return X509_V_ERR_PERMITTED_VIOLATION;
- if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+ if (OPENSSL_memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
return X509_V_ERR_PERMITTED_VIOLATION;
return X509_V_OK;
}
diff --git a/src/crypto/x509v3/v3_pci.c b/src/crypto/x509v3/v3_pci.c
index 220f65e..68dca5e 100644
--- a/src/crypto/x509v3/v3_pci.c
+++ b/src/crypto/x509v3/v3_pci.c
@@ -44,6 +44,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
BIO *out, int indent);
static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
@@ -133,7 +136,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
tmp_data2, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
@@ -171,7 +174,7 @@
break;
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length], buf, n);
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length], buf, n);
(*policy)->length += n;
(*policy)->data[(*policy)->length] = '\0';
}
@@ -188,7 +191,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
val->value + 5, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c
index a238a20..b603274 100644
--- a/src/crypto/x509v3/v3_utl.c
+++ b/src/crypto/x509v3/v3_utl.c
@@ -71,6 +71,8 @@
#include <openssl/x509v3.h>
#include "../conf/internal.h"
+#include "../internal.h"
+
static char *strip_spaces(char *name);
static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b);
@@ -690,7 +692,7 @@
return 1;
}
-/* Compare using memcmp. */
+/* Compare using OPENSSL_memcmp. */
static int equal_case(const unsigned char *pattern, size_t pattern_len,
const unsigned char *subject, size_t subject_len,
unsigned int flags)
@@ -698,7 +700,7 @@
skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
if (pattern_len != subject_len)
return 0;
- return !memcmp(pattern, subject, pattern_len);
+ return !OPENSSL_memcmp(pattern, subject, pattern_len);
}
/*
@@ -909,7 +911,7 @@
return 0;
if (cmp_type == V_ASN1_IA5STRING)
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
- else if (a->length == (int)blen && !memcmp(a->data, b, blen))
+ else if (a->length == (int)blen && !OPENSSL_memcmp(a->data, b, blen))
rv = 1;
if (rv > 0 && peername)
*peername = BUF_strndup((char *)a->data, a->length);
@@ -1014,7 +1016,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
}
@@ -1024,7 +1026,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
}
@@ -1213,16 +1215,16 @@
if (v6stat.zero_pos >= 0) {
/* Copy initial part */
- memcpy(v6, v6stat.tmp, v6stat.zero_pos);
+ OPENSSL_memcpy(v6, v6stat.tmp, v6stat.zero_pos);
/* Zero middle */
- memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
+ OPENSSL_memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
/* Copy final part */
if (v6stat.total != v6stat.zero_pos)
- memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
- v6stat.tmp + v6stat.zero_pos,
- v6stat.total - v6stat.zero_pos);
+ OPENSSL_memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+ v6stat.tmp + v6stat.zero_pos,
+ v6stat.total - v6stat.zero_pos);
} else
- memcpy(v6, v6stat.tmp, 16);
+ OPENSSL_memcpy(v6, v6stat.tmp, 16);
return 1;
}
diff --git a/src/crypto/x509v3/v3name_test.c b/src/crypto/x509v3/v3name_test.c
index dadf488..959b924 100644
--- a/src/crypto/x509v3/v3name_test.c
+++ b/src/crypto/x509v3/v3name_test.c
@@ -62,6 +62,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static const char *const names[] = {
"a", "b", ".", "*", "@",
".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
@@ -334,7 +337,7 @@
size_t namelen = strlen(*pname);
char *name = malloc(namelen);
int match, ret;
- memcpy(name, *pname, namelen);
+ OPENSSL_memcpy(name, *pname, namelen);
ret = X509_check_host(crt, name, namelen, 0, NULL);
match = -1;
diff --git a/src/decrepit/bio/base64_bio.c b/src/decrepit/bio/base64_bio.c
index 8415bfe..85f30ff 100644
--- a/src/decrepit/bio/base64_bio.c
+++ b/src/decrepit/bio/base64_bio.c
@@ -65,6 +65,8 @@
#include <openssl/evp.h>
#include <openssl/mem.h>
+#include "../../crypto/internal.h"
+
#define B64_BLOCK_SIZE 1024
#define B64_BLOCK_SIZE2 768
@@ -94,7 +96,7 @@
return 0;
}
- memset(ctx, 0, sizeof(*ctx));
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->cont = 1;
ctx->start = 1;
@@ -147,7 +149,7 @@
i = outl;
}
assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
- memcpy(out, &ctx->buf[ctx->buf_off], i);
+ OPENSSL_memcpy(out, &ctx->buf[ctx->buf_off], i);
ret = i;
out += i;
outl -= i;
@@ -274,7 +276,7 @@
}
/* z is now number of output bytes and jj is the number consumed. */
if (jj != i) {
- memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
+ OPENSSL_memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
ctx->tmp_len = i - jj;
}
ctx->buf_len = 0;
@@ -300,7 +302,7 @@
i = outl;
}
- memcpy(out, ctx->buf, i);
+ OPENSSL_memcpy(out, ctx->buf, i);
ret += i;
ctx->buf_off = i;
if (ctx->buf_off == ctx->buf_len) {
@@ -367,7 +369,7 @@
if (n > inl) {
n = inl;
}
- memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
+ OPENSSL_memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
ctx->tmp_len += n;
ret += n;
if (ctx->tmp_len < 3) {
@@ -383,7 +385,7 @@
ctx->tmp_len = 0;
} else {
if (n < 3) {
- memcpy(ctx->tmp, in, n);
+ OPENSSL_memcpy(ctx->tmp, in, n);
ctx->tmp_len = n;
ret += n;
break;
diff --git a/src/decrepit/blowfish/blowfish.c b/src/decrepit/blowfish/blowfish.c
index e277f34..04b7368 100644
--- a/src/decrepit/blowfish/blowfish.c
+++ b/src/decrepit/blowfish/blowfish.c
@@ -58,6 +58,7 @@
#include <string.h>
+#include "../../crypto/internal.h"
#include "../macros.h"
@@ -441,7 +442,7 @@
uint32_t *p, ri, in[2];
const uint8_t *d, *end;
- memcpy(key, &bf_init, sizeof(BF_KEY));
+ OPENSSL_memcpy(key, &bf_init, sizeof(BF_KEY));
p = key->P;
if (len > ((BF_ROUNDS + 2) * 4))
diff --git a/src/decrepit/des/cfb64ede.c b/src/decrepit/des/cfb64ede.c
index f7e81d4..3099127 100644
--- a/src/decrepit/des/cfb64ede.c
+++ b/src/decrepit/des/cfb64ede.c
@@ -58,7 +58,8 @@
#include <openssl/des.h>
-#include "../crypto/des/internal.h"
+#include "../../crypto/des/internal.h"
+#include "../../crypto/internal.h"
/* The input and output encrypted as though 64bit cfb mode is being used. The
@@ -174,7 +175,7 @@
l2c(d0, iv);
l2c(d1, iv);
/* shift ovec left most of the bits... */
- memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
+ OPENSSL_memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
/* now the remaining bits */
if (num % 8 != 0) {
for (i = 0; i < 8; ++i) {
@@ -210,7 +211,7 @@
l2c(d0, iv);
l2c(d1, iv);
/* shift ovec left most of the bits... */
- memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
+ OPENSSL_memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
/* now the remaining bits */
if (num % 8 != 0) {
for (i = 0; i < 8; ++i) {
diff --git a/src/decrepit/obj/obj_decrepit.c b/src/decrepit/obj/obj_decrepit.c
index 8ea2e0a..65b2b13 100644
--- a/src/decrepit/obj/obj_decrepit.c
+++ b/src/decrepit/obj/obj_decrepit.c
@@ -19,6 +19,8 @@
#include <openssl/evp.h>
+#include "../../crypto/internal.h"
+
struct wrapped_callback {
void (*callback)(const OBJ_NAME *, void *arg);
@@ -30,7 +32,7 @@
const struct wrapped_callback *wrapped = (struct wrapped_callback *)arg;
OBJ_NAME obj_name;
- memset(&obj_name, 0, sizeof(obj_name));
+ OPENSSL_memset(&obj_name, 0, sizeof(obj_name));
obj_name.type = OBJ_NAME_TYPE_CIPHER_METH;
obj_name.name = name;
obj_name.data = (const char *)cipher;
@@ -43,7 +45,7 @@
const struct wrapped_callback *wrapped = (struct wrapped_callback*) arg;
OBJ_NAME obj_name;
- memset(&obj_name, 0, sizeof(obj_name));
+ OPENSSL_memset(&obj_name, 0, sizeof(obj_name));
obj_name.type = OBJ_NAME_TYPE_MD_METH;
obj_name.name = name;
obj_name.data = (const char *)md;
diff --git a/src/decrepit/ripemd/ripemd.c b/src/decrepit/ripemd/ripemd.c
index ce47c28..ab9bc32 100644
--- a/src/decrepit/ripemd/ripemd.c
+++ b/src/decrepit/ripemd/ripemd.c
@@ -62,7 +62,7 @@
int RIPEMD160_Init(RIPEMD160_CTX *ctx) {
- memset(ctx, 0, sizeof(*ctx));
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->h[0] = RIPEMD160_A;
ctx->h[1] = RIPEMD160_B;
ctx->h[2] = RIPEMD160_C;
diff --git a/src/decrepit/ripemd/ripemd_test.cc b/src/decrepit/ripemd/ripemd_test.cc
index ebcabdf..e39c893 100644
--- a/src/decrepit/ripemd/ripemd_test.cc
+++ b/src/decrepit/ripemd/ripemd_test.cc
@@ -19,6 +19,7 @@
#include <stdio.h>
#include <string.h>
+#include "../../crypto/internal.h"
#include "../../crypto/test/test_util.h"
@@ -85,7 +86,7 @@
RIPEMD160_Final(digest, &ctx);
}
- if (memcmp(digest, test.expected, sizeof(digest)) != 0) {
+ if (OPENSSL_memcmp(digest, test.expected, sizeof(digest)) != 0) {
fprintf(stderr, "#%u: bad result with stride %u: ", test_num,
static_cast<unsigned>(stride));
hexdump(stderr, "", digest, sizeof(digest));
@@ -96,7 +97,7 @@
static const size_t kLargeBufSize = 1000000;
std::unique_ptr<uint8_t[]> buf(new uint8_t[kLargeBufSize]);
- memset(buf.get(), 'a', kLargeBufSize);
+ OPENSSL_memset(buf.get(), 'a', kLargeBufSize);
uint8_t digest[RIPEMD160_DIGEST_LENGTH];
RIPEMD160(buf.get(), kLargeBufSize, digest);
@@ -104,7 +105,7 @@
0x52, 0x78, 0x32, 0x43, 0xc1, 0x69, 0x7b, 0xdb, 0xe1, 0x6d,
0x37, 0xf9, 0x7f, 0x68, 0xf0, 0x83, 0x25, 0xdc, 0x15, 0x28};
- if (memcmp(digest, kMillionADigest, sizeof(digest)) != 0) {
+ if (OPENSSL_memcmp(digest, kMillionADigest, sizeof(digest)) != 0) {
fprintf(stderr, "Digest incorrect for “million a's” test: ");
hexdump(stderr, "", digest, sizeof(digest));
ok = 0;
diff --git a/src/decrepit/xts/xts.c b/src/decrepit/xts/xts.c
index 10a696d..2811445 100644
--- a/src/decrepit/xts/xts.c
+++ b/src/decrepit/xts/xts.c
@@ -73,7 +73,7 @@
if (len < 16) return 0;
- memcpy(tweak.c, iv, 16);
+ OPENSSL_memcpy(tweak.c, iv, 16);
(*ctx->block2)(tweak.c, tweak.c, ctx->key2);
@@ -81,7 +81,7 @@
while (len >= 16) {
#if STRICT_ALIGNMENT
- memcpy(scratch.c, inp, 16);
+ OPENSSL_memcpy(scratch.c, inp, 16);
scratch.u[0] ^= tweak.u[0];
scratch.u[1] ^= tweak.u[1];
#else
@@ -92,7 +92,7 @@
#if STRICT_ALIGNMENT
scratch.u[0] ^= tweak.u[0];
scratch.u[1] ^= tweak.u[1];
- memcpy(out, scratch.c, 16);
+ OPENSSL_memcpy(out, scratch.c, 16);
#else
((uint64_t *)out)[0] = scratch.u[0] ^= tweak.u[0];
((uint64_t *)out)[1] = scratch.u[1] ^= tweak.u[1];
@@ -121,7 +121,7 @@
(*ctx->block1)(scratch.c, scratch.c, ctx->key1);
scratch.u[0] ^= tweak.u[0];
scratch.u[1] ^= tweak.u[1];
- memcpy(out - 16, scratch.c, 16);
+ OPENSSL_memcpy(out - 16, scratch.c, 16);
} else {
union {
uint64_t u[2];
@@ -135,7 +135,7 @@
tweak1.u[0] = (tweak.u[0] << 1) ^ res;
tweak1.u[1] = (tweak.u[1] << 1) | carry;
#if STRICT_ALIGNMENT
- memcpy(scratch.c, inp, 16);
+ OPENSSL_memcpy(scratch.c, inp, 16);
scratch.u[0] ^= tweak1.u[0];
scratch.u[1] ^= tweak1.u[1];
#else
@@ -157,7 +157,7 @@
#if STRICT_ALIGNMENT
scratch.u[0] ^= tweak.u[0];
scratch.u[1] ^= tweak.u[1];
- memcpy(out, scratch.c, 16);
+ OPENSSL_memcpy(out, scratch.c, 16);
#else
((uint64_t *)out)[0] = scratch.u[0] ^ tweak.u[0];
((uint64_t *)out)[1] = scratch.u[1] ^ tweak.u[1];
@@ -200,7 +200,7 @@
if (iv) {
xctx->xts.key2 = &xctx->ks2;
- memcpy(ctx->iv, iv, 16);
+ OPENSSL_memcpy(ctx->iv, iv, 16);
}
return 1;
diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h
index 8deb278..18beba4 100644
--- a/src/include/openssl/bn.h
+++ b/src/include/openssl/bn.h
@@ -253,6 +253,18 @@
* number of bytes written. */
OPENSSL_EXPORT size_t BN_bn2bin(const BIGNUM *in, uint8_t *out);
+/* BN_le2bn sets |*ret| to the value of |len| bytes from |in|, interpreted as
+ * a little-endian number, and returns |ret|. If |ret| is NULL then a fresh
+ * |BIGNUM| is allocated and returned. It returns NULL on allocation
+ * failure. */
+OPENSSL_EXPORT BIGNUM *BN_le2bn(const uint8_t *in, size_t len, BIGNUM *ret);
+
+/* BN_bn2le_padded serialises the absolute value of |in| to |out| as a
+ * little-endian integer, which must have |len| of space available, padding
+ * out the remainder of out with zeros. If |len| is smaller than |BN_num_bytes|,
+ * the function fails and returns 0. Otherwise, it returns 1. */
+OPENSSL_EXPORT int BN_bn2le_padded(uint8_t *out, size_t len, const BIGNUM *in);
+
/* BN_bn2bin_padded serialises the absolute value of |in| to |out| as a
* big-endian integer. The integer is padded with leading zeros up to size
* |len|. If |len| is smaller than |BN_num_bytes|, the function fails and
@@ -306,6 +318,11 @@
* will be returned. */
OPENSSL_EXPORT BN_ULONG BN_get_word(const BIGNUM *bn);
+/* BN_get_u64 sets |*out| to the absolute value of |bn| as a |uint64_t| and
+ * returns one. If |bn| is too large to be represented as a |uint64_t|, it
+ * returns zero. */
+OPENSSL_EXPORT int BN_get_u64(const BIGNUM *bn, uint64_t *out);
+
/* ASN.1 functions. */
@@ -913,9 +930,9 @@
#define BN_FLG_MALLOCED 0x01
#define BN_FLG_STATIC_DATA 0x02
-/* avoid leaking exponent information through timing, BN_mod_exp_mont() will
- * call BN_mod_exp_mont_consttime, BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch. */
+/* Avoid leaking exponent information through timing. |BN_mod_exp_mont| will
+ * call |BN_mod_exp_mont_consttime| and |BN_mod_inverse| will call
+ * |BN_mod_inverse_no_branch|. */
#define BN_FLG_CONSTTIME 0x04
diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h
index 58b388a..e8deb10 100644
--- a/src/include/openssl/evp.h
+++ b/src/include/openssl/evp.h
@@ -577,7 +577,10 @@
/* EVP_PKEY_CTX_set_rsa_pss_saltlen sets the length of the salt in a PSS-padded
* signature. A value of -1 cause the salt to be the same length as the digest
* in the signature. A value of -2 causes the salt to be the maximum length
- * that will fit. Otherwise the value gives the size of the salt in bytes.
+ * that will fit when signing and recovered from the signature when verifying.
+ * Otherwise the value gives the size of the salt in bytes.
+ *
+ * If unsure, use -1.
*
* Returns one on success or zero on error. */
OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx,
diff --git a/src/include/openssl/lhash.h b/src/include/openssl/lhash.h
index 130ffb1..b95d4f2 100644
--- a/src/include/openssl/lhash.h
+++ b/src/include/openssl/lhash.h
@@ -144,9 +144,7 @@
lhash_hash_func hash;
} _LHASH;
-/* lh_new returns a new, empty hash table or NULL on error. If |comp| is NULL,
- * |strcmp| will be used. If |hash| is NULL, a generic hash function will be
- * used. */
+/* lh_new returns a new, empty hash table or NULL on error. */
OPENSSL_EXPORT _LHASH *lh_new(lhash_hash_func hash, lhash_cmp_func comp);
/* lh_free frees the hash table itself but none of the elements. See
diff --git a/src/include/openssl/nid.h b/src/include/openssl/nid.h
index d51a67c..4270dc1 100644
--- a/src/include/openssl/nid.h
+++ b/src/include/openssl/nid.h
@@ -1,28 +1,24 @@
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h */
-
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -37,10 +33,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -52,16 +48,22 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
+ * [including the GNU Public Licence.] */
+
+/* This file is generated by crypto/obj/objects.go. */
#ifndef OPENSSL_HEADER_NID_H
#define OPENSSL_HEADER_NID_H
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
/* The nid library provides numbered values for ASN.1 object identifiers and
* other symbols. These values are used by other libraries to identify
@@ -69,1136 +71,188 @@
*
* A separate objects library, obj.h, provides functions for converting between
* nids and object identifiers. However it depends on large internal tables with
- * the encodings of every nid defind. Consumers concerned with binary size
+ * the encodings of every nid defined. Consumers concerned with binary size
* should instead embed the encodings of the few consumed OIDs and compare
* against those.
*
* These values should not be used outside of a single process; they are not
* stable identifiers. */
-
#define SN_undef "UNDEF"
#define LN_undef "undefined"
#define NID_undef 0
#define OBJ_undef 0L
-#define SN_itu_t "ITU-T"
-#define LN_itu_t "itu-t"
-#define NID_itu_t 645
-#define OBJ_itu_t 0L
-
-#define NID_ccitt 404
-#define OBJ_ccitt OBJ_itu_t
-
-#define SN_iso "ISO"
-#define LN_iso "iso"
-#define NID_iso 181
-#define OBJ_iso 1L
-
-#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
-#define LN_joint_iso_itu_t "joint-iso-itu-t"
-#define NID_joint_iso_itu_t 646
-#define OBJ_joint_iso_itu_t 2L
-
-#define NID_joint_iso_ccitt 393
-#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t
-
-#define SN_member_body "member-body"
-#define LN_member_body "ISO Member Body"
-#define NID_member_body 182
-#define OBJ_member_body OBJ_iso,2L
-
-#define SN_identified_organization "identified-organization"
-#define NID_identified_organization 676
-#define OBJ_identified_organization OBJ_iso,3L
-
-#define SN_hmac_md5 "HMAC-MD5"
-#define LN_hmac_md5 "hmac-md5"
-#define NID_hmac_md5 780
-#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
-
-#define SN_hmac_sha1 "HMAC-SHA1"
-#define LN_hmac_sha1 "hmac-sha1"
-#define NID_hmac_sha1 781
-#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
-
-#define SN_certicom_arc "certicom-arc"
-#define NID_certicom_arc 677
-#define OBJ_certicom_arc OBJ_identified_organization,132L
-
-#define SN_international_organizations "international-organizations"
-#define LN_international_organizations "International Organizations"
-#define NID_international_organizations 647
-#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L
-
-#define SN_wap "wap"
-#define NID_wap 678
-#define OBJ_wap OBJ_international_organizations,43L
-
-#define SN_wap_wsg "wap-wsg"
-#define NID_wap_wsg 679
-#define OBJ_wap_wsg OBJ_wap,1L
-
-#define SN_selected_attribute_types "selected-attribute-types"
-#define LN_selected_attribute_types "Selected Attribute Types"
-#define NID_selected_attribute_types 394
-#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L
-
-#define SN_clearance "clearance"
-#define NID_clearance 395
-#define OBJ_clearance OBJ_selected_attribute_types,55L
-
-#define SN_ISO_US "ISO-US"
-#define LN_ISO_US "ISO US Member Body"
-#define NID_ISO_US 183
-#define OBJ_ISO_US OBJ_member_body,840L
-
-#define SN_X9_57 "X9-57"
-#define LN_X9_57 "X9.57"
-#define NID_X9_57 184
-#define OBJ_X9_57 OBJ_ISO_US,10040L
-
-#define SN_X9cm "X9cm"
-#define LN_X9cm "X9.57 CM ?"
-#define NID_X9cm 185
-#define OBJ_X9cm OBJ_X9_57,4L
-
-#define SN_dsa "DSA"
-#define LN_dsa "dsaEncryption"
-#define NID_dsa 116
-#define OBJ_dsa OBJ_X9cm,1L
-
-#define SN_dsaWithSHA1 "DSA-SHA1"
-#define LN_dsaWithSHA1 "dsaWithSHA1"
-#define NID_dsaWithSHA1 113
-#define OBJ_dsaWithSHA1 OBJ_X9cm,3L
-
-#define SN_ansi_X9_62 "ansi-X9-62"
-#define LN_ansi_X9_62 "ANSI X9.62"
-#define NID_ansi_X9_62 405
-#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L
-
-#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L
-
-#define SN_X9_62_prime_field "prime-field"
-#define NID_X9_62_prime_field 406
-#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L
-
-#define SN_X9_62_characteristic_two_field "characteristic-two-field"
-#define NID_X9_62_characteristic_two_field 407
-#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
-
-#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
-#define NID_X9_62_id_characteristic_two_basis 680
-#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L
-
-#define SN_X9_62_onBasis "onBasis"
-#define NID_X9_62_onBasis 681
-#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L
-
-#define SN_X9_62_tpBasis "tpBasis"
-#define NID_X9_62_tpBasis 682
-#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L
-
-#define SN_X9_62_ppBasis "ppBasis"
-#define NID_X9_62_ppBasis 683
-#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L
-
-#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
-
-#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
-#define NID_X9_62_id_ecPublicKey 408
-#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L
-
-#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L
-
-#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
-
-#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
-#define NID_X9_62_c2pnb163v1 684
-#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L
-
-#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
-#define NID_X9_62_c2pnb163v2 685
-#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L
-
-#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
-#define NID_X9_62_c2pnb163v3 686
-#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L
-
-#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
-#define NID_X9_62_c2pnb176v1 687
-#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L
-
-#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
-#define NID_X9_62_c2tnb191v1 688
-#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L
-
-#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
-#define NID_X9_62_c2tnb191v2 689
-#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L
-
-#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
-#define NID_X9_62_c2tnb191v3 690
-#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L
-
-#define SN_X9_62_c2onb191v4 "c2onb191v4"
-#define NID_X9_62_c2onb191v4 691
-#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L
-
-#define SN_X9_62_c2onb191v5 "c2onb191v5"
-#define NID_X9_62_c2onb191v5 692
-#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L
-
-#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
-#define NID_X9_62_c2pnb208w1 693
-#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L
-
-#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
-#define NID_X9_62_c2tnb239v1 694
-#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L
-
-#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
-#define NID_X9_62_c2tnb239v2 695
-#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L
-
-#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
-#define NID_X9_62_c2tnb239v3 696
-#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L
-
-#define SN_X9_62_c2onb239v4 "c2onb239v4"
-#define NID_X9_62_c2onb239v4 697
-#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L
-
-#define SN_X9_62_c2onb239v5 "c2onb239v5"
-#define NID_X9_62_c2onb239v5 698
-#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L
-
-#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
-#define NID_X9_62_c2pnb272w1 699
-#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L
-
-#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
-#define NID_X9_62_c2pnb304w1 700
-#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L
-
-#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
-#define NID_X9_62_c2tnb359v1 701
-#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L
-
-#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
-#define NID_X9_62_c2pnb368w1 702
-#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L
-
-#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
-#define NID_X9_62_c2tnb431r1 703
-#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L
-
-#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
-
-#define SN_X9_62_prime192v1 "prime192v1"
-#define NID_X9_62_prime192v1 409
-#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L
-
-#define SN_X9_62_prime192v2 "prime192v2"
-#define NID_X9_62_prime192v2 410
-#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L
-
-#define SN_X9_62_prime192v3 "prime192v3"
-#define NID_X9_62_prime192v3 411
-#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L
-
-#define SN_X9_62_prime239v1 "prime239v1"
-#define NID_X9_62_prime239v1 412
-#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L
-
-#define SN_X9_62_prime239v2 "prime239v2"
-#define NID_X9_62_prime239v2 413
-#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L
-
-#define SN_X9_62_prime239v3 "prime239v3"
-#define NID_X9_62_prime239v3 414
-#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L
-
-#define SN_X9_62_prime256v1 "prime256v1"
-#define NID_X9_62_prime256v1 415
-#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L
-
-#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L
-
-#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
-#define NID_ecdsa_with_SHA1 416
-#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
-
-#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
-#define NID_ecdsa_with_Recommended 791
-#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
-
-#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
-#define NID_ecdsa_with_Specified 792
-#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
-
-#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
-#define NID_ecdsa_with_SHA224 793
-#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
-
-#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
-#define NID_ecdsa_with_SHA256 794
-#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
-
-#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
-#define NID_ecdsa_with_SHA384 795
-#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
-
-#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
-#define NID_ecdsa_with_SHA512 796
-#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
-
-#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
-
-#define SN_secp112r1 "secp112r1"
-#define NID_secp112r1 704
-#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L
-
-#define SN_secp112r2 "secp112r2"
-#define NID_secp112r2 705
-#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L
-
-#define SN_secp128r1 "secp128r1"
-#define NID_secp128r1 706
-#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L
-
-#define SN_secp128r2 "secp128r2"
-#define NID_secp128r2 707
-#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L
-
-#define SN_secp160k1 "secp160k1"
-#define NID_secp160k1 708
-#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L
-
-#define SN_secp160r1 "secp160r1"
-#define NID_secp160r1 709
-#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L
-
-#define SN_secp160r2 "secp160r2"
-#define NID_secp160r2 710
-#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L
-
-#define SN_secp192k1 "secp192k1"
-#define NID_secp192k1 711
-#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L
-
-#define SN_secp224k1 "secp224k1"
-#define NID_secp224k1 712
-#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L
-
-#define SN_secp224r1 "secp224r1"
-#define NID_secp224r1 713
-#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L
-
-#define SN_secp256k1 "secp256k1"
-#define NID_secp256k1 714
-#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L
-
-#define SN_secp384r1 "secp384r1"
-#define NID_secp384r1 715
-#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L
-
-#define SN_secp521r1 "secp521r1"
-#define NID_secp521r1 716
-#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L
-
-#define SN_sect113r1 "sect113r1"
-#define NID_sect113r1 717
-#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L
-
-#define SN_sect113r2 "sect113r2"
-#define NID_sect113r2 718
-#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L
-
-#define SN_sect131r1 "sect131r1"
-#define NID_sect131r1 719
-#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L
-
-#define SN_sect131r2 "sect131r2"
-#define NID_sect131r2 720
-#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L
-
-#define SN_sect163k1 "sect163k1"
-#define NID_sect163k1 721
-#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L
-
-#define SN_sect163r1 "sect163r1"
-#define NID_sect163r1 722
-#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L
-
-#define SN_sect163r2 "sect163r2"
-#define NID_sect163r2 723
-#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L
-
-#define SN_sect193r1 "sect193r1"
-#define NID_sect193r1 724
-#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L
-
-#define SN_sect193r2 "sect193r2"
-#define NID_sect193r2 725
-#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L
-
-#define SN_sect233k1 "sect233k1"
-#define NID_sect233k1 726
-#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L
-
-#define SN_sect233r1 "sect233r1"
-#define NID_sect233r1 727
-#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L
-
-#define SN_sect239k1 "sect239k1"
-#define NID_sect239k1 728
-#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L
-
-#define SN_sect283k1 "sect283k1"
-#define NID_sect283k1 729
-#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L
-
-#define SN_sect283r1 "sect283r1"
-#define NID_sect283r1 730
-#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L
-
-#define SN_sect409k1 "sect409k1"
-#define NID_sect409k1 731
-#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L
-
-#define SN_sect409r1 "sect409r1"
-#define NID_sect409r1 732
-#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L
-
-#define SN_sect571k1 "sect571k1"
-#define NID_sect571k1 733
-#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L
-
-#define SN_sect571r1 "sect571r1"
-#define NID_sect571r1 734
-#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L
-
-#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L
-
-#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
-#define NID_wap_wsg_idm_ecid_wtls1 735
-#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L
-
-#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
-#define NID_wap_wsg_idm_ecid_wtls3 736
-#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L
-
-#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
-#define NID_wap_wsg_idm_ecid_wtls4 737
-#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L
-
-#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
-#define NID_wap_wsg_idm_ecid_wtls5 738
-#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L
-
-#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
-#define NID_wap_wsg_idm_ecid_wtls6 739
-#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L
-
-#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
-#define NID_wap_wsg_idm_ecid_wtls7 740
-#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L
-
-#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
-#define NID_wap_wsg_idm_ecid_wtls8 741
-#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L
-
-#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
-#define NID_wap_wsg_idm_ecid_wtls9 742
-#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L
-
-#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
-#define NID_wap_wsg_idm_ecid_wtls10 743
-#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L
-
-#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
-#define NID_wap_wsg_idm_ecid_wtls11 744
-#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L
-
-#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
-#define NID_wap_wsg_idm_ecid_wtls12 745
-#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L
-
-#define SN_cast5_cbc "CAST5-CBC"
-#define LN_cast5_cbc "cast5-cbc"
-#define NID_cast5_cbc 108
-#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L
-
-#define SN_cast5_ecb "CAST5-ECB"
-#define LN_cast5_ecb "cast5-ecb"
-#define NID_cast5_ecb 109
-
-#define SN_cast5_cfb64 "CAST5-CFB"
-#define LN_cast5_cfb64 "cast5-cfb"
-#define NID_cast5_cfb64 110
-
-#define SN_cast5_ofb64 "CAST5-OFB"
-#define LN_cast5_ofb64 "cast5-ofb"
-#define NID_cast5_ofb64 111
-
-#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC 112
-#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L
-
-#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC"
-#define LN_id_PasswordBasedMAC "password based MAC"
-#define NID_id_PasswordBasedMAC 782
-#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L
-
-#define SN_id_DHBasedMac "id-DHBasedMac"
-#define LN_id_DHBasedMac "Diffie-Hellman based MAC"
-#define NID_id_DHBasedMac 783
-#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L
-
#define SN_rsadsi "rsadsi"
#define LN_rsadsi "RSA Data Security, Inc."
#define NID_rsadsi 1
-#define OBJ_rsadsi OBJ_ISO_US,113549L
+#define OBJ_rsadsi 1L, 2L, 840L, 113549L
#define SN_pkcs "pkcs"
#define LN_pkcs "RSA Data Security, Inc. PKCS"
#define NID_pkcs 2
-#define OBJ_pkcs OBJ_rsadsi,1L
-
-#define SN_pkcs1 "pkcs1"
-#define NID_pkcs1 186
-#define OBJ_pkcs1 OBJ_pkcs,1L
-
-#define LN_rsaEncryption "rsaEncryption"
-#define NID_rsaEncryption 6
-#define OBJ_rsaEncryption OBJ_pkcs1,1L
-
-#define SN_md2WithRSAEncryption "RSA-MD2"
-#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption 7
-#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L
-
-#define SN_md4WithRSAEncryption "RSA-MD4"
-#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
-#define NID_md4WithRSAEncryption 396
-#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L
-
-#define SN_md5WithRSAEncryption "RSA-MD5"
-#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption 8
-#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L
-
-#define SN_sha1WithRSAEncryption "RSA-SHA1"
-#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption 65
-#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
-
-#define SN_rsaesOaep "RSAES-OAEP"
-#define LN_rsaesOaep "rsaesOaep"
-#define NID_rsaesOaep 919
-#define OBJ_rsaesOaep OBJ_pkcs1,7L
-
-#define SN_mgf1 "MGF1"
-#define LN_mgf1 "mgf1"
-#define NID_mgf1 911
-#define OBJ_mgf1 OBJ_pkcs1,8L
-
-#define SN_pSpecified "PSPECIFIED"
-#define LN_pSpecified "pSpecified"
-#define NID_pSpecified 935
-#define OBJ_pSpecified OBJ_pkcs1,9L
-
-#define SN_rsassaPss "RSASSA-PSS"
-#define LN_rsassaPss "rsassaPss"
-#define NID_rsassaPss 912
-#define OBJ_rsassaPss OBJ_pkcs1,10L
-
-#define SN_sha256WithRSAEncryption "RSA-SHA256"
-#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption 668
-#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
-
-#define SN_sha384WithRSAEncryption "RSA-SHA384"
-#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption 669
-#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
-
-#define SN_sha512WithRSAEncryption "RSA-SHA512"
-#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption 670
-#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
-
-#define SN_sha224WithRSAEncryption "RSA-SHA224"
-#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption 671
-#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
-
-#define SN_pkcs3 "pkcs3"
-#define NID_pkcs3 27
-#define OBJ_pkcs3 OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement "dhKeyAgreement"
-#define NID_dhKeyAgreement 28
-#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
-
-#define SN_pkcs5 "pkcs5"
-#define NID_pkcs5 187
-#define OBJ_pkcs5 OBJ_pkcs,5L
-
-#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC 9
-#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L
-
-#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC 10
-#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L
-
-#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC 168
-#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L
-
-#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC 169
-#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L
-
-#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC 170
-#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L
-
-#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC 68
-#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L
-
-#define LN_id_pbkdf2 "PBKDF2"
-#define NID_id_pbkdf2 69
-#define OBJ_id_pbkdf2 OBJ_pkcs5,12L
-
-#define LN_pbes2 "PBES2"
-#define NID_pbes2 161
-#define OBJ_pbes2 OBJ_pkcs5,13L
-
-#define LN_pbmac1 "PBMAC1"
-#define NID_pbmac1 162
-#define OBJ_pbmac1 OBJ_pkcs5,14L
-
-#define SN_pkcs7 "pkcs7"
-#define NID_pkcs7 20
-#define OBJ_pkcs7 OBJ_pkcs,7L
-
-#define LN_pkcs7_data "pkcs7-data"
-#define NID_pkcs7_data 21
-#define OBJ_pkcs7_data OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed "pkcs7-signedData"
-#define NID_pkcs7_signed 22
-#define OBJ_pkcs7_signed OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped "pkcs7-envelopedData"
-#define NID_pkcs7_enveloped 23
-#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped 24
-#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest "pkcs7-digestData"
-#define NID_pkcs7_digest 25
-#define OBJ_pkcs7_digest OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted "pkcs7-encryptedData"
-#define NID_pkcs7_encrypted 26
-#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
-
-#define SN_pkcs9 "pkcs9"
-#define NID_pkcs9 47
-#define OBJ_pkcs9 OBJ_pkcs,9L
-
-#define LN_pkcs9_emailAddress "emailAddress"
-#define NID_pkcs9_emailAddress 48
-#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName "unstructuredName"
-#define NID_pkcs9_unstructuredName 49
-#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType "contentType"
-#define NID_pkcs9_contentType 50
-#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest "messageDigest"
-#define NID_pkcs9_messageDigest 51
-#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime "signingTime"
-#define NID_pkcs9_signingTime 52
-#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature "countersignature"
-#define NID_pkcs9_countersignature 53
-#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword "challengePassword"
-#define NID_pkcs9_challengePassword 54
-#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress 55
-#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes 56
-#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
-
-#define SN_ext_req "extReq"
-#define LN_ext_req "Extension Request"
-#define NID_ext_req 172
-#define OBJ_ext_req OBJ_pkcs9,14L
-
-#define SN_SMIMECapabilities "SMIME-CAPS"
-#define LN_SMIMECapabilities "S/MIME Capabilities"
-#define NID_SMIMECapabilities 167
-#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
-
-#define SN_SMIME "SMIME"
-#define LN_SMIME "S/MIME"
-#define NID_SMIME 188
-#define OBJ_SMIME OBJ_pkcs9,16L
-
-#define SN_id_smime_mod "id-smime-mod"
-#define NID_id_smime_mod 189
-#define OBJ_id_smime_mod OBJ_SMIME,0L
-
-#define SN_id_smime_ct "id-smime-ct"
-#define NID_id_smime_ct 190
-#define OBJ_id_smime_ct OBJ_SMIME,1L
-
-#define SN_id_smime_aa "id-smime-aa"
-#define NID_id_smime_aa 191
-#define OBJ_id_smime_aa OBJ_SMIME,2L
-
-#define SN_id_smime_alg "id-smime-alg"
-#define NID_id_smime_alg 192
-#define OBJ_id_smime_alg OBJ_SMIME,3L
-
-#define SN_id_smime_cd "id-smime-cd"
-#define NID_id_smime_cd 193
-#define OBJ_id_smime_cd OBJ_SMIME,4L
-
-#define SN_id_smime_spq "id-smime-spq"
-#define NID_id_smime_spq 194
-#define OBJ_id_smime_spq OBJ_SMIME,5L
-
-#define SN_id_smime_cti "id-smime-cti"
-#define NID_id_smime_cti 195
-#define OBJ_id_smime_cti OBJ_SMIME,6L
-
-#define SN_id_smime_mod_cms "id-smime-mod-cms"
-#define NID_id_smime_mod_cms 196
-#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L
-
-#define SN_id_smime_mod_ess "id-smime-mod-ess"
-#define NID_id_smime_mod_ess 197
-#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L
-
-#define SN_id_smime_mod_oid "id-smime-mod-oid"
-#define NID_id_smime_mod_oid 198
-#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L
-
-#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
-#define NID_id_smime_mod_msg_v3 199
-#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L
-
-#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
-#define NID_id_smime_mod_ets_eSignature_88 200
-#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L
-
-#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
-#define NID_id_smime_mod_ets_eSignature_97 201
-#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L
-
-#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
-#define NID_id_smime_mod_ets_eSigPolicy_88 202
-#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L
-
-#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
-#define NID_id_smime_mod_ets_eSigPolicy_97 203
-#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L
-
-#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
-#define NID_id_smime_ct_receipt 204
-#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L
-
-#define SN_id_smime_ct_authData "id-smime-ct-authData"
-#define NID_id_smime_ct_authData 205
-#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L
-
-#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
-#define NID_id_smime_ct_publishCert 206
-#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L
-
-#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
-#define NID_id_smime_ct_TSTInfo 207
-#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L
-
-#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
-#define NID_id_smime_ct_TDTInfo 208
-#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L
-
-#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
-#define NID_id_smime_ct_contentInfo 209
-#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L
-
-#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
-#define NID_id_smime_ct_DVCSRequestData 210
-#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L
-
-#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
-#define NID_id_smime_ct_DVCSResponseData 211
-#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L
-
-#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData"
-#define NID_id_smime_ct_compressedData 786
-#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L
-
-#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
-#define NID_id_ct_asciiTextWithCRLF 787
-#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
-
-#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
-#define NID_id_smime_aa_receiptRequest 212
-#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
-
-#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
-#define NID_id_smime_aa_securityLabel 213
-#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L
-
-#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
-#define NID_id_smime_aa_mlExpandHistory 214
-#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L
-
-#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
-#define NID_id_smime_aa_contentHint 215
-#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L
-
-#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
-#define NID_id_smime_aa_msgSigDigest 216
-#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L
-
-#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
-#define NID_id_smime_aa_encapContentType 217
-#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L
-
-#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
-#define NID_id_smime_aa_contentIdentifier 218
-#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L
-
-#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
-#define NID_id_smime_aa_macValue 219
-#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L
-
-#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
-#define NID_id_smime_aa_equivalentLabels 220
-#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L
-
-#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
-#define NID_id_smime_aa_contentReference 221
-#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L
-
-#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
-#define NID_id_smime_aa_encrypKeyPref 222
-#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L
-
-#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
-#define NID_id_smime_aa_signingCertificate 223
-#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L
-
-#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
-#define NID_id_smime_aa_smimeEncryptCerts 224
-#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L
-
-#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
-#define NID_id_smime_aa_timeStampToken 225
-#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L
-
-#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
-#define NID_id_smime_aa_ets_sigPolicyId 226
-#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L
-
-#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
-#define NID_id_smime_aa_ets_commitmentType 227
-#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L
-
-#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
-#define NID_id_smime_aa_ets_signerLocation 228
-#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L
-
-#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
-#define NID_id_smime_aa_ets_signerAttr 229
-#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L
-
-#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
-#define NID_id_smime_aa_ets_otherSigCert 230
-#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L
-
-#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
-#define NID_id_smime_aa_ets_contentTimestamp 231
-#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L
-
-#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
-#define NID_id_smime_aa_ets_CertificateRefs 232
-#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L
-
-#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
-#define NID_id_smime_aa_ets_RevocationRefs 233
-#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L
-
-#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
-#define NID_id_smime_aa_ets_certValues 234
-#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L
-
-#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
-#define NID_id_smime_aa_ets_revocationValues 235
-#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L
-
-#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
-#define NID_id_smime_aa_ets_escTimeStamp 236
-#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L
-
-#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
-#define NID_id_smime_aa_ets_certCRLTimestamp 237
-#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L
-
-#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
-#define NID_id_smime_aa_ets_archiveTimeStamp 238
-#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L
-
-#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
-#define NID_id_smime_aa_signatureType 239
-#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L
-
-#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
-#define NID_id_smime_aa_dvcs_dvc 240
-#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L
-
-#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
-#define NID_id_smime_alg_ESDHwith3DES 241
-#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L
-
-#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
-#define NID_id_smime_alg_ESDHwithRC2 242
-#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L
-
-#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
-#define NID_id_smime_alg_3DESwrap 243
-#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L
-
-#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
-#define NID_id_smime_alg_RC2wrap 244
-#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L
-
-#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
-#define NID_id_smime_alg_ESDH 245
-#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L
-
-#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
-#define NID_id_smime_alg_CMS3DESwrap 246
-#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L
-
-#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
-#define NID_id_smime_alg_CMSRC2wrap 247
-#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
-
-#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
-#define NID_id_alg_PWRI_KEK 893
-#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
-
-#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
-#define NID_id_smime_cd_ldap 248
-#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
-
-#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
-#define NID_id_smime_spq_ets_sqt_uri 249
-#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L
-
-#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
-#define NID_id_smime_spq_ets_sqt_unotice 250
-#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L
-
-#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
-#define NID_id_smime_cti_ets_proofOfOrigin 251
-#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L
-
-#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
-#define NID_id_smime_cti_ets_proofOfReceipt 252
-#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L
-
-#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
-#define NID_id_smime_cti_ets_proofOfDelivery 253
-#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L
-
-#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
-#define NID_id_smime_cti_ets_proofOfSender 254
-#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L
-
-#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
-#define NID_id_smime_cti_ets_proofOfApproval 255
-#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L
-
-#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
-#define NID_id_smime_cti_ets_proofOfCreation 256
-#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L
-
-#define LN_friendlyName "friendlyName"
-#define NID_friendlyName 156
-#define OBJ_friendlyName OBJ_pkcs9,20L
-
-#define LN_localKeyID "localKeyID"
-#define NID_localKeyID 157
-#define OBJ_localKeyID OBJ_pkcs9,21L
-
-#define SN_ms_csp_name "CSPName"
-#define LN_ms_csp_name "Microsoft CSP Name"
-#define NID_ms_csp_name 417
-#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
-
-#define SN_LocalKeySet "LocalKeySet"
-#define LN_LocalKeySet "Microsoft Local Key set"
-#define NID_LocalKeySet 856
-#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L
-
-#define OBJ_certTypes OBJ_pkcs9,22L
-
-#define LN_x509Certificate "x509Certificate"
-#define NID_x509Certificate 158
-#define OBJ_x509Certificate OBJ_certTypes,1L
-
-#define LN_sdsiCertificate "sdsiCertificate"
-#define NID_sdsiCertificate 159
-#define OBJ_sdsiCertificate OBJ_certTypes,2L
-
-#define OBJ_crlTypes OBJ_pkcs9,23L
-
-#define LN_x509Crl "x509Crl"
-#define NID_x509Crl 160
-#define OBJ_x509Crl OBJ_crlTypes,1L
-
-#define OBJ_pkcs12 OBJ_pkcs,12L
-
-#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L
-
-#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4 144
-#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L
-
-#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4 145
-#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC 148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC 149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L
-
-#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L
-
-#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L
-
-#define LN_keyBag "keyBag"
-#define NID_keyBag 150
-#define OBJ_keyBag OBJ_pkcs12_BagIds,1L
-
-#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag 151
-#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L
-
-#define LN_certBag "certBag"
-#define NID_certBag 152
-#define OBJ_certBag OBJ_pkcs12_BagIds,3L
-
-#define LN_crlBag "crlBag"
-#define NID_crlBag 153
-#define OBJ_crlBag OBJ_pkcs12_BagIds,4L
-
-#define LN_secretBag "secretBag"
-#define NID_secretBag 154
-#define OBJ_secretBag OBJ_pkcs12_BagIds,5L
-
-#define LN_safeContentsBag "safeContentsBag"
-#define NID_safeContentsBag 155
-#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L
+#define OBJ_pkcs 1L, 2L, 840L, 113549L, 1L
#define SN_md2 "MD2"
#define LN_md2 "md2"
#define NID_md2 3
-#define OBJ_md2 OBJ_rsadsi,2L,2L
-
-#define SN_md4 "MD4"
-#define LN_md4 "md4"
-#define NID_md4 257
-#define OBJ_md4 OBJ_rsadsi,2L,4L
+#define OBJ_md2 1L, 2L, 840L, 113549L, 2L, 2L
#define SN_md5 "MD5"
#define LN_md5 "md5"
#define NID_md5 4
-#define OBJ_md5 OBJ_rsadsi,2L,5L
+#define OBJ_md5 1L, 2L, 840L, 113549L, 2L, 5L
-#define SN_md5_sha1 "MD5-SHA1"
-#define LN_md5_sha1 "md5-sha1"
-#define NID_md5_sha1 114
+#define SN_rc4 "RC4"
+#define LN_rc4 "rc4"
+#define NID_rc4 5
+#define OBJ_rc4 1L, 2L, 840L, 113549L, 3L, 4L
-#define LN_hmacWithMD5 "hmacWithMD5"
-#define NID_hmacWithMD5 797
-#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L
+#define LN_rsaEncryption "rsaEncryption"
+#define NID_rsaEncryption 6
+#define OBJ_rsaEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 1L
-#define LN_hmacWithSHA1 "hmacWithSHA1"
-#define NID_hmacWithSHA1 163
-#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
+#define SN_md2WithRSAEncryption "RSA-MD2"
+#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption 7
+#define OBJ_md2WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 2L
-#define LN_hmacWithSHA224 "hmacWithSHA224"
-#define NID_hmacWithSHA224 798
-#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L
+#define SN_md5WithRSAEncryption "RSA-MD5"
+#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption 8
+#define OBJ_md5WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 4L
-#define LN_hmacWithSHA256 "hmacWithSHA256"
-#define NID_hmacWithSHA256 799
-#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L
+#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
+#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC 9
+#define OBJ_pbeWithMD2AndDES_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 1L
-#define LN_hmacWithSHA384 "hmacWithSHA384"
-#define NID_hmacWithSHA384 800
-#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L
+#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
+#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC 10
+#define OBJ_pbeWithMD5AndDES_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 3L
-#define LN_hmacWithSHA512 "hmacWithSHA512"
-#define NID_hmacWithSHA512 801
-#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L
+#define SN_X500 "X500"
+#define LN_X500 "directory services (X.500)"
+#define NID_X500 11
+#define OBJ_X500 2L, 5L
+
+#define SN_X509 "X509"
+#define NID_X509 12
+#define OBJ_X509 2L, 5L, 4L
+
+#define SN_commonName "CN"
+#define LN_commonName "commonName"
+#define NID_commonName 13
+#define OBJ_commonName 2L, 5L, 4L, 3L
+
+#define SN_countryName "C"
+#define LN_countryName "countryName"
+#define NID_countryName 14
+#define OBJ_countryName 2L, 5L, 4L, 6L
+
+#define SN_localityName "L"
+#define LN_localityName "localityName"
+#define NID_localityName 15
+#define OBJ_localityName 2L, 5L, 4L, 7L
+
+#define SN_stateOrProvinceName "ST"
+#define LN_stateOrProvinceName "stateOrProvinceName"
+#define NID_stateOrProvinceName 16
+#define OBJ_stateOrProvinceName 2L, 5L, 4L, 8L
+
+#define SN_organizationName "O"
+#define LN_organizationName "organizationName"
+#define NID_organizationName 17
+#define OBJ_organizationName 2L, 5L, 4L, 10L
+
+#define SN_organizationalUnitName "OU"
+#define LN_organizationalUnitName "organizationalUnitName"
+#define NID_organizationalUnitName 18
+#define OBJ_organizationalUnitName 2L, 5L, 4L, 11L
+
+#define SN_rsa "RSA"
+#define LN_rsa "rsa"
+#define NID_rsa 19
+#define OBJ_rsa 2L, 5L, 8L, 1L, 1L
+
+#define SN_pkcs7 "pkcs7"
+#define NID_pkcs7 20
+#define OBJ_pkcs7 1L, 2L, 840L, 113549L, 1L, 7L
+
+#define LN_pkcs7_data "pkcs7-data"
+#define NID_pkcs7_data 21
+#define OBJ_pkcs7_data 1L, 2L, 840L, 113549L, 1L, 7L, 1L
+
+#define LN_pkcs7_signed "pkcs7-signedData"
+#define NID_pkcs7_signed 22
+#define OBJ_pkcs7_signed 1L, 2L, 840L, 113549L, 1L, 7L, 2L
+
+#define LN_pkcs7_enveloped "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped 23
+#define OBJ_pkcs7_enveloped 1L, 2L, 840L, 113549L, 1L, 7L, 3L
+
+#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped 24
+#define OBJ_pkcs7_signedAndEnveloped 1L, 2L, 840L, 113549L, 1L, 7L, 4L
+
+#define LN_pkcs7_digest "pkcs7-digestData"
+#define NID_pkcs7_digest 25
+#define OBJ_pkcs7_digest 1L, 2L, 840L, 113549L, 1L, 7L, 5L
+
+#define LN_pkcs7_encrypted "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted 26
+#define OBJ_pkcs7_encrypted 1L, 2L, 840L, 113549L, 1L, 7L, 6L
+
+#define SN_pkcs3 "pkcs3"
+#define NID_pkcs3 27
+#define OBJ_pkcs3 1L, 2L, 840L, 113549L, 1L, 3L
+
+#define LN_dhKeyAgreement "dhKeyAgreement"
+#define NID_dhKeyAgreement 28
+#define OBJ_dhKeyAgreement 1L, 2L, 840L, 113549L, 1L, 3L, 1L
+
+#define SN_des_ecb "DES-ECB"
+#define LN_des_ecb "des-ecb"
+#define NID_des_ecb 29
+#define OBJ_des_ecb 1L, 3L, 14L, 3L, 2L, 6L
+
+#define SN_des_cfb64 "DES-CFB"
+#define LN_des_cfb64 "des-cfb"
+#define NID_des_cfb64 30
+#define OBJ_des_cfb64 1L, 3L, 14L, 3L, 2L, 9L
+
+#define SN_des_cbc "DES-CBC"
+#define LN_des_cbc "des-cbc"
+#define NID_des_cbc 31
+#define OBJ_des_cbc 1L, 3L, 14L, 3L, 2L, 7L
+
+#define SN_des_ede_ecb "DES-EDE"
+#define LN_des_ede_ecb "des-ede"
+#define NID_des_ede_ecb 32
+#define OBJ_des_ede_ecb 1L, 3L, 14L, 3L, 2L, 17L
+
+#define SN_des_ede3_ecb "DES-EDE3"
+#define LN_des_ede3_ecb "des-ede3"
+#define NID_des_ede3_ecb 33
+
+#define SN_idea_cbc "IDEA-CBC"
+#define LN_idea_cbc "idea-cbc"
+#define NID_idea_cbc 34
+#define OBJ_idea_cbc 1L, 3L, 6L, 1L, 4L, 1L, 188L, 7L, 1L, 1L, 2L
+
+#define SN_idea_cfb64 "IDEA-CFB"
+#define LN_idea_cfb64 "idea-cfb"
+#define NID_idea_cfb64 35
+
+#define SN_idea_ecb "IDEA-ECB"
+#define LN_idea_ecb "idea-ecb"
+#define NID_idea_ecb 36
#define SN_rc2_cbc "RC2-CBC"
#define LN_rc2_cbc "rc2-cbc"
#define NID_rc2_cbc 37
-#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+#define OBJ_rc2_cbc 1L, 2L, 840L, 113549L, 3L, 2L
#define SN_rc2_ecb "RC2-ECB"
#define LN_rc2_ecb "rc2-ecb"
@@ -1212,788 +266,88 @@
#define LN_rc2_ofb64 "rc2-ofb"
#define NID_rc2_ofb64 40
-#define SN_rc2_40_cbc "RC2-40-CBC"
-#define LN_rc2_40_cbc "rc2-40-cbc"
-#define NID_rc2_40_cbc 98
+#define SN_sha "SHA"
+#define LN_sha "sha"
+#define NID_sha 41
+#define OBJ_sha 1L, 3L, 14L, 3L, 2L, 18L
-#define SN_rc2_64_cbc "RC2-64-CBC"
-#define LN_rc2_64_cbc "rc2-64-cbc"
-#define NID_rc2_64_cbc 166
+#define SN_shaWithRSAEncryption "RSA-SHA"
+#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption 42
+#define OBJ_shaWithRSAEncryption 1L, 3L, 14L, 3L, 2L, 15L
-#define SN_rc4 "RC4"
-#define LN_rc4 "rc4"
-#define NID_rc4 5
-#define OBJ_rc4 OBJ_rsadsi,3L,4L
-
-#define SN_rc4_40 "RC4-40"
-#define LN_rc4_40 "rc4-40"
-#define NID_rc4_40 97
+#define SN_des_ede_cbc "DES-EDE-CBC"
+#define LN_des_ede_cbc "des-ede-cbc"
+#define NID_des_ede_cbc 43
#define SN_des_ede3_cbc "DES-EDE3-CBC"
#define LN_des_ede3_cbc "des-ede3-cbc"
#define NID_des_ede3_cbc 44
-#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+#define OBJ_des_ede3_cbc 1L, 2L, 840L, 113549L, 3L, 7L
-#define SN_rc5_cbc "RC5-CBC"
-#define LN_rc5_cbc "rc5-cbc"
-#define NID_rc5_cbc 120
-#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb "RC5-ECB"
-#define LN_rc5_ecb "rc5-ecb"
-#define NID_rc5_ecb 121
-
-#define SN_rc5_cfb64 "RC5-CFB"
-#define LN_rc5_cfb64 "rc5-cfb"
-#define NID_rc5_cfb64 122
-
-#define SN_rc5_ofb64 "RC5-OFB"
-#define LN_rc5_ofb64 "rc5-ofb"
-#define NID_rc5_ofb64 123
-
-#define SN_ms_ext_req "msExtReq"
-#define LN_ms_ext_req "Microsoft Extension Request"
-#define NID_ms_ext_req 171
-#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define SN_ms_code_ind "msCodeInd"
-#define LN_ms_code_ind "Microsoft Individual Code Signing"
-#define NID_ms_code_ind 134
-#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com "msCodeCom"
-#define LN_ms_code_com "Microsoft Commercial Code Signing"
-#define NID_ms_code_com 135
-#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign "msCTLSign"
-#define LN_ms_ctl_sign "Microsoft Trust List Signing"
-#define NID_ms_ctl_sign 136
-#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc "msSGC"
-#define LN_ms_sgc "Microsoft Server Gated Crypto"
-#define NID_ms_sgc 137
-#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs "msEFS"
-#define LN_ms_efs "Microsoft Encrypted File System"
-#define NID_ms_efs 138
-#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-#define SN_ms_smartcard_login "msSmartcardLogin"
-#define LN_ms_smartcard_login "Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login 648
-#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
-
-#define SN_ms_upn "msUPN"
-#define LN_ms_upn "Microsoft Universal Principal Name"
-#define NID_ms_upn 649
-#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
-
-#define SN_idea_cbc "IDEA-CBC"
-#define LN_idea_cbc "idea-cbc"
-#define NID_idea_cbc 34
-#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_ecb "IDEA-ECB"
-#define LN_idea_ecb "idea-ecb"
-#define NID_idea_ecb 36
-
-#define SN_idea_cfb64 "IDEA-CFB"
-#define LN_idea_cfb64 "idea-cfb"
-#define NID_idea_cfb64 35
+#define SN_des_ofb64 "DES-OFB"
+#define LN_des_ofb64 "des-ofb"
+#define NID_des_ofb64 45
+#define OBJ_des_ofb64 1L, 3L, 14L, 3L, 2L, 8L
#define SN_idea_ofb64 "IDEA-OFB"
#define LN_idea_ofb64 "idea-ofb"
#define NID_idea_ofb64 46
-#define SN_bf_cbc "BF-CBC"
-#define LN_bf_cbc "bf-cbc"
-#define NID_bf_cbc 91
-#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
+#define SN_pkcs9 "pkcs9"
+#define NID_pkcs9 47
+#define OBJ_pkcs9 1L, 2L, 840L, 113549L, 1L, 9L
-#define SN_bf_ecb "BF-ECB"
-#define LN_bf_ecb "bf-ecb"
-#define NID_bf_ecb 92
+#define LN_pkcs9_emailAddress "emailAddress"
+#define NID_pkcs9_emailAddress 48
+#define OBJ_pkcs9_emailAddress 1L, 2L, 840L, 113549L, 1L, 9L, 1L
-#define SN_bf_cfb64 "BF-CFB"
-#define LN_bf_cfb64 "bf-cfb"
-#define NID_bf_cfb64 93
+#define LN_pkcs9_unstructuredName "unstructuredName"
+#define NID_pkcs9_unstructuredName 49
+#define OBJ_pkcs9_unstructuredName 1L, 2L, 840L, 113549L, 1L, 9L, 2L
-#define SN_bf_ofb64 "BF-OFB"
-#define LN_bf_ofb64 "bf-ofb"
-#define NID_bf_ofb64 94
+#define LN_pkcs9_contentType "contentType"
+#define NID_pkcs9_contentType 50
+#define OBJ_pkcs9_contentType 1L, 2L, 840L, 113549L, 1L, 9L, 3L
-#define SN_id_pkix "PKIX"
-#define NID_id_pkix 127
-#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
+#define LN_pkcs9_messageDigest "messageDigest"
+#define NID_pkcs9_messageDigest 51
+#define OBJ_pkcs9_messageDigest 1L, 2L, 840L, 113549L, 1L, 9L, 4L
-#define SN_id_pkix_mod "id-pkix-mod"
-#define NID_id_pkix_mod 258
-#define OBJ_id_pkix_mod OBJ_id_pkix,0L
+#define LN_pkcs9_signingTime "signingTime"
+#define NID_pkcs9_signingTime 52
+#define OBJ_pkcs9_signingTime 1L, 2L, 840L, 113549L, 1L, 9L, 5L
-#define SN_id_pe "id-pe"
-#define NID_id_pe 175
-#define OBJ_id_pe OBJ_id_pkix,1L
+#define LN_pkcs9_countersignature "countersignature"
+#define NID_pkcs9_countersignature 53
+#define OBJ_pkcs9_countersignature 1L, 2L, 840L, 113549L, 1L, 9L, 6L
-#define SN_id_qt "id-qt"
-#define NID_id_qt 259
-#define OBJ_id_qt OBJ_id_pkix,2L
+#define LN_pkcs9_challengePassword "challengePassword"
+#define NID_pkcs9_challengePassword 54
+#define OBJ_pkcs9_challengePassword 1L, 2L, 840L, 113549L, 1L, 9L, 7L
-#define SN_id_kp "id-kp"
-#define NID_id_kp 128
-#define OBJ_id_kp OBJ_id_pkix,3L
+#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress 55
+#define OBJ_pkcs9_unstructuredAddress 1L, 2L, 840L, 113549L, 1L, 9L, 8L
-#define SN_id_it "id-it"
-#define NID_id_it 260
-#define OBJ_id_it OBJ_id_pkix,4L
+#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes 56
+#define OBJ_pkcs9_extCertAttributes 1L, 2L, 840L, 113549L, 1L, 9L, 9L
-#define SN_id_pkip "id-pkip"
-#define NID_id_pkip 261
-#define OBJ_id_pkip OBJ_id_pkix,5L
+#define SN_netscape "Netscape"
+#define LN_netscape "Netscape Communications Corp."
+#define NID_netscape 57
+#define OBJ_netscape 2L, 16L, 840L, 1L, 113730L
-#define SN_id_alg "id-alg"
-#define NID_id_alg 262
-#define OBJ_id_alg OBJ_id_pkix,6L
+#define SN_netscape_cert_extension "nsCertExt"
+#define LN_netscape_cert_extension "Netscape Certificate Extension"
+#define NID_netscape_cert_extension 58
+#define OBJ_netscape_cert_extension 2L, 16L, 840L, 1L, 113730L, 1L
-#define SN_id_cmc "id-cmc"
-#define NID_id_cmc 263
-#define OBJ_id_cmc OBJ_id_pkix,7L
-
-#define SN_id_on "id-on"
-#define NID_id_on 264
-#define OBJ_id_on OBJ_id_pkix,8L
-
-#define SN_id_pda "id-pda"
-#define NID_id_pda 265
-#define OBJ_id_pda OBJ_id_pkix,9L
-
-#define SN_id_aca "id-aca"
-#define NID_id_aca 266
-#define OBJ_id_aca OBJ_id_pkix,10L
-
-#define SN_id_qcs "id-qcs"
-#define NID_id_qcs 267
-#define OBJ_id_qcs OBJ_id_pkix,11L
-
-#define SN_id_cct "id-cct"
-#define NID_id_cct 268
-#define OBJ_id_cct OBJ_id_pkix,12L
-
-#define SN_id_ppl "id-ppl"
-#define NID_id_ppl 662
-#define OBJ_id_ppl OBJ_id_pkix,21L
-
-#define SN_id_ad "id-ad"
-#define NID_id_ad 176
-#define OBJ_id_ad OBJ_id_pkix,48L
-
-#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
-#define NID_id_pkix1_explicit_88 269
-#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L
-
-#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
-#define NID_id_pkix1_implicit_88 270
-#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L
-
-#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
-#define NID_id_pkix1_explicit_93 271
-#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L
-
-#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
-#define NID_id_pkix1_implicit_93 272
-#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L
-
-#define SN_id_mod_crmf "id-mod-crmf"
-#define NID_id_mod_crmf 273
-#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L
-
-#define SN_id_mod_cmc "id-mod-cmc"
-#define NID_id_mod_cmc 274
-#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L
-
-#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
-#define NID_id_mod_kea_profile_88 275
-#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L
-
-#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
-#define NID_id_mod_kea_profile_93 276
-#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L
-
-#define SN_id_mod_cmp "id-mod-cmp"
-#define NID_id_mod_cmp 277
-#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L
-
-#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
-#define NID_id_mod_qualified_cert_88 278
-#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L
-
-#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
-#define NID_id_mod_qualified_cert_93 279
-#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L
-
-#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
-#define NID_id_mod_attribute_cert 280
-#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L
-
-#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
-#define NID_id_mod_timestamp_protocol 281
-#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L
-
-#define SN_id_mod_ocsp "id-mod-ocsp"
-#define NID_id_mod_ocsp 282
-#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L
-
-#define SN_id_mod_dvcs "id-mod-dvcs"
-#define NID_id_mod_dvcs 283
-#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L
-
-#define SN_id_mod_cmp2000 "id-mod-cmp2000"
-#define NID_id_mod_cmp2000 284
-#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L
-
-#define SN_info_access "authorityInfoAccess"
-#define LN_info_access "Authority Information Access"
-#define NID_info_access 177
-#define OBJ_info_access OBJ_id_pe,1L
-
-#define SN_biometricInfo "biometricInfo"
-#define LN_biometricInfo "Biometric Info"
-#define NID_biometricInfo 285
-#define OBJ_biometricInfo OBJ_id_pe,2L
-
-#define SN_qcStatements "qcStatements"
-#define NID_qcStatements 286
-#define OBJ_qcStatements OBJ_id_pe,3L
-
-#define SN_ac_auditEntity "ac-auditEntity"
-#define NID_ac_auditEntity 287
-#define OBJ_ac_auditEntity OBJ_id_pe,4L
-
-#define SN_ac_targeting "ac-targeting"
-#define NID_ac_targeting 288
-#define OBJ_ac_targeting OBJ_id_pe,5L
-
-#define SN_aaControls "aaControls"
-#define NID_aaControls 289
-#define OBJ_aaControls OBJ_id_pe,6L
-
-#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
-#define NID_sbgp_ipAddrBlock 290
-#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
-
-#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
-#define NID_sbgp_autonomousSysNum 291
-#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
-
-#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
-#define NID_sbgp_routerIdentifier 292
-#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
-
-#define SN_ac_proxying "ac-proxying"
-#define NID_ac_proxying 397
-#define OBJ_ac_proxying OBJ_id_pe,10L
-
-#define SN_sinfo_access "subjectInfoAccess"
-#define LN_sinfo_access "Subject Information Access"
-#define NID_sinfo_access 398
-#define OBJ_sinfo_access OBJ_id_pe,11L
-
-#define SN_proxyCertInfo "proxyCertInfo"
-#define LN_proxyCertInfo "Proxy Certificate Information"
-#define NID_proxyCertInfo 663
-#define OBJ_proxyCertInfo OBJ_id_pe,14L
-
-#define SN_id_qt_cps "id-qt-cps"
-#define LN_id_qt_cps "Policy Qualifier CPS"
-#define NID_id_qt_cps 164
-#define OBJ_id_qt_cps OBJ_id_qt,1L
-
-#define SN_id_qt_unotice "id-qt-unotice"
-#define LN_id_qt_unotice "Policy Qualifier User Notice"
-#define NID_id_qt_unotice 165
-#define OBJ_id_qt_unotice OBJ_id_qt,2L
-
-#define SN_textNotice "textNotice"
-#define NID_textNotice 293
-#define OBJ_textNotice OBJ_id_qt,3L
-
-#define SN_server_auth "serverAuth"
-#define LN_server_auth "TLS Web Server Authentication"
-#define NID_server_auth 129
-#define OBJ_server_auth OBJ_id_kp,1L
-
-#define SN_client_auth "clientAuth"
-#define LN_client_auth "TLS Web Client Authentication"
-#define NID_client_auth 130
-#define OBJ_client_auth OBJ_id_kp,2L
-
-#define SN_code_sign "codeSigning"
-#define LN_code_sign "Code Signing"
-#define NID_code_sign 131
-#define OBJ_code_sign OBJ_id_kp,3L
-
-#define SN_email_protect "emailProtection"
-#define LN_email_protect "E-mail Protection"
-#define NID_email_protect 132
-#define OBJ_email_protect OBJ_id_kp,4L
-
-#define SN_ipsecEndSystem "ipsecEndSystem"
-#define LN_ipsecEndSystem "IPSec End System"
-#define NID_ipsecEndSystem 294
-#define OBJ_ipsecEndSystem OBJ_id_kp,5L
-
-#define SN_ipsecTunnel "ipsecTunnel"
-#define LN_ipsecTunnel "IPSec Tunnel"
-#define NID_ipsecTunnel 295
-#define OBJ_ipsecTunnel OBJ_id_kp,6L
-
-#define SN_ipsecUser "ipsecUser"
-#define LN_ipsecUser "IPSec User"
-#define NID_ipsecUser 296
-#define OBJ_ipsecUser OBJ_id_kp,7L
-
-#define SN_time_stamp "timeStamping"
-#define LN_time_stamp "Time Stamping"
-#define NID_time_stamp 133
-#define OBJ_time_stamp OBJ_id_kp,8L
-
-#define SN_OCSP_sign "OCSPSigning"
-#define LN_OCSP_sign "OCSP Signing"
-#define NID_OCSP_sign 180
-#define OBJ_OCSP_sign OBJ_id_kp,9L
-
-#define SN_dvcs "DVCS"
-#define LN_dvcs "dvcs"
-#define NID_dvcs 297
-#define OBJ_dvcs OBJ_id_kp,10L
-
-#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
-#define NID_id_it_caProtEncCert 298
-#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
-
-#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
-#define NID_id_it_signKeyPairTypes 299
-#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L
-
-#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
-#define NID_id_it_encKeyPairTypes 300
-#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L
-
-#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
-#define NID_id_it_preferredSymmAlg 301
-#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L
-
-#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
-#define NID_id_it_caKeyUpdateInfo 302
-#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L
-
-#define SN_id_it_currentCRL "id-it-currentCRL"
-#define NID_id_it_currentCRL 303
-#define OBJ_id_it_currentCRL OBJ_id_it,6L
-
-#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
-#define NID_id_it_unsupportedOIDs 304
-#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L
-
-#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
-#define NID_id_it_subscriptionRequest 305
-#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L
-
-#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
-#define NID_id_it_subscriptionResponse 306
-#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L
-
-#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
-#define NID_id_it_keyPairParamReq 307
-#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L
-
-#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
-#define NID_id_it_keyPairParamRep 308
-#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L
-
-#define SN_id_it_revPassphrase "id-it-revPassphrase"
-#define NID_id_it_revPassphrase 309
-#define OBJ_id_it_revPassphrase OBJ_id_it,12L
-
-#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
-#define NID_id_it_implicitConfirm 310
-#define OBJ_id_it_implicitConfirm OBJ_id_it,13L
-
-#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
-#define NID_id_it_confirmWaitTime 311
-#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L
-
-#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
-#define NID_id_it_origPKIMessage 312
-#define OBJ_id_it_origPKIMessage OBJ_id_it,15L
-
-#define SN_id_it_suppLangTags "id-it-suppLangTags"
-#define NID_id_it_suppLangTags 784
-#define OBJ_id_it_suppLangTags OBJ_id_it,16L
-
-#define SN_id_regCtrl "id-regCtrl"
-#define NID_id_regCtrl 313
-#define OBJ_id_regCtrl OBJ_id_pkip,1L
-
-#define SN_id_regInfo "id-regInfo"
-#define NID_id_regInfo 314
-#define OBJ_id_regInfo OBJ_id_pkip,2L
-
-#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
-#define NID_id_regCtrl_regToken 315
-#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L
-
-#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
-#define NID_id_regCtrl_authenticator 316
-#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L
-
-#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
-#define NID_id_regCtrl_pkiPublicationInfo 317
-#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L
-
-#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
-#define NID_id_regCtrl_pkiArchiveOptions 318
-#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L
-
-#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
-#define NID_id_regCtrl_oldCertID 319
-#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L
-
-#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
-#define NID_id_regCtrl_protocolEncrKey 320
-#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L
-
-#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
-#define NID_id_regInfo_utf8Pairs 321
-#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L
-
-#define SN_id_regInfo_certReq "id-regInfo-certReq"
-#define NID_id_regInfo_certReq 322
-#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L
-
-#define SN_id_alg_des40 "id-alg-des40"
-#define NID_id_alg_des40 323
-#define OBJ_id_alg_des40 OBJ_id_alg,1L
-
-#define SN_id_alg_noSignature "id-alg-noSignature"
-#define NID_id_alg_noSignature 324
-#define OBJ_id_alg_noSignature OBJ_id_alg,2L
-
-#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
-#define NID_id_alg_dh_sig_hmac_sha1 325
-#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L
-
-#define SN_id_alg_dh_pop "id-alg-dh-pop"
-#define NID_id_alg_dh_pop 326
-#define OBJ_id_alg_dh_pop OBJ_id_alg,4L
-
-#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
-#define NID_id_cmc_statusInfo 327
-#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L
-
-#define SN_id_cmc_identification "id-cmc-identification"
-#define NID_id_cmc_identification 328
-#define OBJ_id_cmc_identification OBJ_id_cmc,2L
-
-#define SN_id_cmc_identityProof "id-cmc-identityProof"
-#define NID_id_cmc_identityProof 329
-#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L
-
-#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
-#define NID_id_cmc_dataReturn 330
-#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L
-
-#define SN_id_cmc_transactionId "id-cmc-transactionId"
-#define NID_id_cmc_transactionId 331
-#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L
-
-#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
-#define NID_id_cmc_senderNonce 332
-#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L
-
-#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
-#define NID_id_cmc_recipientNonce 333
-#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L
-
-#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
-#define NID_id_cmc_addExtensions 334
-#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L
-
-#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
-#define NID_id_cmc_encryptedPOP 335
-#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L
-
-#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
-#define NID_id_cmc_decryptedPOP 336
-#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L
-
-#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
-#define NID_id_cmc_lraPOPWitness 337
-#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L
-
-#define SN_id_cmc_getCert "id-cmc-getCert"
-#define NID_id_cmc_getCert 338
-#define OBJ_id_cmc_getCert OBJ_id_cmc,15L
-
-#define SN_id_cmc_getCRL "id-cmc-getCRL"
-#define NID_id_cmc_getCRL 339
-#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L
-
-#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
-#define NID_id_cmc_revokeRequest 340
-#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L
-
-#define SN_id_cmc_regInfo "id-cmc-regInfo"
-#define NID_id_cmc_regInfo 341
-#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L
-
-#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
-#define NID_id_cmc_responseInfo 342
-#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L
-
-#define SN_id_cmc_queryPending "id-cmc-queryPending"
-#define NID_id_cmc_queryPending 343
-#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L
-
-#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
-#define NID_id_cmc_popLinkRandom 344
-#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L
-
-#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
-#define NID_id_cmc_popLinkWitness 345
-#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L
-
-#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
-#define NID_id_cmc_confirmCertAcceptance 346
-#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L
-
-#define SN_id_on_personalData "id-on-personalData"
-#define NID_id_on_personalData 347
-#define OBJ_id_on_personalData OBJ_id_on,1L
-
-#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
-#define LN_id_on_permanentIdentifier "Permanent Identifier"
-#define NID_id_on_permanentIdentifier 858
-#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
-
-#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
-#define NID_id_pda_dateOfBirth 348
-#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
-
-#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
-#define NID_id_pda_placeOfBirth 349
-#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L
-
-#define SN_id_pda_gender "id-pda-gender"
-#define NID_id_pda_gender 351
-#define OBJ_id_pda_gender OBJ_id_pda,3L
-
-#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
-#define NID_id_pda_countryOfCitizenship 352
-#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L
-
-#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
-#define NID_id_pda_countryOfResidence 353
-#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L
-
-#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
-#define NID_id_aca_authenticationInfo 354
-#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L
-
-#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
-#define NID_id_aca_accessIdentity 355
-#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L
-
-#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
-#define NID_id_aca_chargingIdentity 356
-#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L
-
-#define SN_id_aca_group "id-aca-group"
-#define NID_id_aca_group 357
-#define OBJ_id_aca_group OBJ_id_aca,4L
-
-#define SN_id_aca_role "id-aca-role"
-#define NID_id_aca_role 358
-#define OBJ_id_aca_role OBJ_id_aca,5L
-
-#define SN_id_aca_encAttrs "id-aca-encAttrs"
-#define NID_id_aca_encAttrs 399
-#define OBJ_id_aca_encAttrs OBJ_id_aca,6L
-
-#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
-#define NID_id_qcs_pkixQCSyntax_v1 359
-#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
-
-#define SN_id_cct_crs "id-cct-crs"
-#define NID_id_cct_crs 360
-#define OBJ_id_cct_crs OBJ_id_cct,1L
-
-#define SN_id_cct_PKIData "id-cct-PKIData"
-#define NID_id_cct_PKIData 361
-#define OBJ_id_cct_PKIData OBJ_id_cct,2L
-
-#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
-#define NID_id_cct_PKIResponse 362
-#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
-
-#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
-#define LN_id_ppl_anyLanguage "Any language"
-#define NID_id_ppl_anyLanguage 664
-#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
-
-#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
-#define LN_id_ppl_inheritAll "Inherit all"
-#define NID_id_ppl_inheritAll 665
-#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
-
-#define SN_Independent "id-ppl-independent"
-#define LN_Independent "Independent"
-#define NID_Independent 667
-#define OBJ_Independent OBJ_id_ppl,2L
-
-#define SN_ad_OCSP "OCSP"
-#define LN_ad_OCSP "OCSP"
-#define NID_ad_OCSP 178
-#define OBJ_ad_OCSP OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers "caIssuers"
-#define LN_ad_ca_issuers "CA Issuers"
-#define NID_ad_ca_issuers 179
-#define OBJ_ad_ca_issuers OBJ_id_ad,2L
-
-#define SN_ad_timeStamping "ad_timestamping"
-#define LN_ad_timeStamping "AD Time Stamping"
-#define NID_ad_timeStamping 363
-#define OBJ_ad_timeStamping OBJ_id_ad,3L
-
-#define SN_ad_dvcs "AD_DVCS"
-#define LN_ad_dvcs "ad dvcs"
-#define NID_ad_dvcs 364
-#define OBJ_ad_dvcs OBJ_id_ad,4L
-
-#define SN_caRepository "caRepository"
-#define LN_caRepository "CA Repository"
-#define NID_caRepository 785
-#define OBJ_caRepository OBJ_id_ad,5L
-
-#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
-
-#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
-#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
-#define NID_id_pkix_OCSP_basic 365
-#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L
-
-#define SN_id_pkix_OCSP_Nonce "Nonce"
-#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
-#define NID_id_pkix_OCSP_Nonce 366
-#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L
-
-#define SN_id_pkix_OCSP_CrlID "CrlID"
-#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
-#define NID_id_pkix_OCSP_CrlID 367
-#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L
-
-#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
-#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
-#define NID_id_pkix_OCSP_acceptableResponses 368
-#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L
-
-#define SN_id_pkix_OCSP_noCheck "noCheck"
-#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
-#define NID_id_pkix_OCSP_noCheck 369
-#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L
-
-#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
-#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
-#define NID_id_pkix_OCSP_archiveCutoff 370
-#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L
-
-#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
-#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
-#define NID_id_pkix_OCSP_serviceLocator 371
-#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L
-
-#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
-#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
-#define NID_id_pkix_OCSP_extendedStatus 372
-#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L
-
-#define SN_id_pkix_OCSP_valid "valid"
-#define NID_id_pkix_OCSP_valid 373
-#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L
-
-#define SN_id_pkix_OCSP_path "path"
-#define NID_id_pkix_OCSP_path 374
-#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L
-
-#define SN_id_pkix_OCSP_trustRoot "trustRoot"
-#define LN_id_pkix_OCSP_trustRoot "Trust Root"
-#define NID_id_pkix_OCSP_trustRoot 375
-#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L
-
-#define SN_algorithm "algorithm"
-#define LN_algorithm "algorithm"
-#define NID_algorithm 376
-#define OBJ_algorithm 1L,3L,14L,3L,2L
-
-#define SN_md5WithRSA "RSA-NP-MD5"
-#define LN_md5WithRSA "md5WithRSA"
-#define NID_md5WithRSA 104
-#define OBJ_md5WithRSA OBJ_algorithm,3L
-
-#define SN_des_ecb "DES-ECB"
-#define LN_des_ecb "des-ecb"
-#define NID_des_ecb 29
-#define OBJ_des_ecb OBJ_algorithm,6L
-
-#define SN_des_cbc "DES-CBC"
-#define LN_des_cbc "des-cbc"
-#define NID_des_cbc 31
-#define OBJ_des_cbc OBJ_algorithm,7L
-
-#define SN_des_ofb64 "DES-OFB"
-#define LN_des_ofb64 "des-ofb"
-#define NID_des_ofb64 45
-#define OBJ_des_ofb64 OBJ_algorithm,8L
-
-#define SN_des_cfb64 "DES-CFB"
-#define LN_des_cfb64 "des-cfb"
-#define NID_des_cfb64 30
-#define OBJ_des_cfb64 OBJ_algorithm,9L
-
-#define SN_rsaSignature "rsaSignature"
-#define NID_rsaSignature 377
-#define OBJ_rsaSignature OBJ_algorithm,11L
-
-#define SN_dsa_2 "DSA-old"
-#define LN_dsa_2 "dsaEncryption-old"
-#define NID_dsa_2 67
-#define OBJ_dsa_2 OBJ_algorithm,12L
-
-#define SN_dsaWithSHA "DSA-SHA"
-#define LN_dsaWithSHA "dsaWithSHA"
-#define NID_dsaWithSHA 66
-#define OBJ_dsaWithSHA OBJ_algorithm,13L
-
-#define SN_shaWithRSAEncryption "RSA-SHA"
-#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption 42
-#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
-
-#define SN_des_ede_ecb "DES-EDE"
-#define LN_des_ede_ecb "des-ede"
-#define NID_des_ede_ecb 32
-#define OBJ_des_ede_ecb OBJ_algorithm,17L
-
-#define SN_des_ede3_ecb "DES-EDE3"
-#define LN_des_ede3_ecb "des-ede3"
-#define NID_des_ede3_ecb 33
-
-#define SN_des_ede_cbc "DES-EDE-CBC"
-#define LN_des_ede_cbc "des-ede-cbc"
-#define NID_des_ede_cbc 43
+#define SN_netscape_data_type "nsDataType"
+#define LN_netscape_data_type "Netscape Data Type"
+#define NID_netscape_data_type 59
+#define OBJ_netscape_data_type 2L, 16L, 840L, 1L, 113730L, 2L
#define SN_des_ede_cfb64 "DES-EDE-CFB"
#define LN_des_ede_cfb64 "des-ede-cfb"
@@ -2011,713 +365,2528 @@
#define LN_des_ede3_ofb64 "des-ede3-ofb"
#define NID_des_ede3_ofb64 63
-#define SN_desx_cbc "DESX-CBC"
-#define LN_desx_cbc "desx-cbc"
-#define NID_desx_cbc 80
-
-#define SN_sha "SHA"
-#define LN_sha "sha"
-#define NID_sha 41
-#define OBJ_sha OBJ_algorithm,18L
-
#define SN_sha1 "SHA1"
#define LN_sha1 "sha1"
#define NID_sha1 64
-#define OBJ_sha1 OBJ_algorithm,26L
+#define OBJ_sha1 1L, 3L, 14L, 3L, 2L, 26L
+
+#define SN_sha1WithRSAEncryption "RSA-SHA1"
+#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption 65
+#define OBJ_sha1WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 5L
+
+#define SN_dsaWithSHA "DSA-SHA"
+#define LN_dsaWithSHA "dsaWithSHA"
+#define NID_dsaWithSHA 66
+#define OBJ_dsaWithSHA 1L, 3L, 14L, 3L, 2L, 13L
+
+#define SN_dsa_2 "DSA-old"
+#define LN_dsa_2 "dsaEncryption-old"
+#define NID_dsa_2 67
+#define OBJ_dsa_2 1L, 3L, 14L, 3L, 2L, 12L
+
+#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
+#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC 68
+#define OBJ_pbeWithSHA1AndRC2_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 11L
+
+#define LN_id_pbkdf2 "PBKDF2"
+#define NID_id_pbkdf2 69
+#define OBJ_id_pbkdf2 1L, 2L, 840L, 113549L, 1L, 5L, 12L
#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
#define NID_dsaWithSHA1_2 70
-#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
-
-#define SN_sha1WithRSA "RSA-SHA1-2"
-#define LN_sha1WithRSA "sha1WithRSA"
-#define NID_sha1WithRSA 115
-#define OBJ_sha1WithRSA OBJ_algorithm,29L
-
-#define SN_ripemd160 "RIPEMD160"
-#define LN_ripemd160 "ripemd160"
-#define NID_ripemd160 117
-#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
-
-#define SN_ripemd160WithRSA "RSA-RIPEMD160"
-#define LN_ripemd160WithRSA "ripemd160WithRSA"
-#define NID_ripemd160WithRSA 119
-#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
-
-#define SN_sxnet "SXNetID"
-#define LN_sxnet "Strong Extranet ID"
-#define NID_sxnet 143
-#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
-
-#define SN_X500 "X500"
-#define LN_X500 "directory services (X.500)"
-#define NID_X500 11
-#define OBJ_X500 2L,5L
-
-#define SN_X509 "X509"
-#define NID_X509 12
-#define OBJ_X509 OBJ_X500,4L
-
-#define SN_commonName "CN"
-#define LN_commonName "commonName"
-#define NID_commonName 13
-#define OBJ_commonName OBJ_X509,3L
-
-#define SN_surname "SN"
-#define LN_surname "surname"
-#define NID_surname 100
-#define OBJ_surname OBJ_X509,4L
-
-#define LN_serialNumber "serialNumber"
-#define NID_serialNumber 105
-#define OBJ_serialNumber OBJ_X509,5L
-
-#define SN_countryName "C"
-#define LN_countryName "countryName"
-#define NID_countryName 14
-#define OBJ_countryName OBJ_X509,6L
-
-#define SN_localityName "L"
-#define LN_localityName "localityName"
-#define NID_localityName 15
-#define OBJ_localityName OBJ_X509,7L
-
-#define SN_stateOrProvinceName "ST"
-#define LN_stateOrProvinceName "stateOrProvinceName"
-#define NID_stateOrProvinceName 16
-#define OBJ_stateOrProvinceName OBJ_X509,8L
-
-#define SN_streetAddress "street"
-#define LN_streetAddress "streetAddress"
-#define NID_streetAddress 660
-#define OBJ_streetAddress OBJ_X509,9L
-
-#define SN_organizationName "O"
-#define LN_organizationName "organizationName"
-#define NID_organizationName 17
-#define OBJ_organizationName OBJ_X509,10L
-
-#define SN_organizationalUnitName "OU"
-#define LN_organizationalUnitName "organizationalUnitName"
-#define NID_organizationalUnitName 18
-#define OBJ_organizationalUnitName OBJ_X509,11L
-
-#define SN_title "title"
-#define LN_title "title"
-#define NID_title 106
-#define OBJ_title OBJ_X509,12L
-
-#define LN_description "description"
-#define NID_description 107
-#define OBJ_description OBJ_X509,13L
-
-#define LN_searchGuide "searchGuide"
-#define NID_searchGuide 859
-#define OBJ_searchGuide OBJ_X509,14L
-
-#define LN_businessCategory "businessCategory"
-#define NID_businessCategory 860
-#define OBJ_businessCategory OBJ_X509,15L
-
-#define LN_postalAddress "postalAddress"
-#define NID_postalAddress 861
-#define OBJ_postalAddress OBJ_X509,16L
-
-#define LN_postalCode "postalCode"
-#define NID_postalCode 661
-#define OBJ_postalCode OBJ_X509,17L
-
-#define LN_postOfficeBox "postOfficeBox"
-#define NID_postOfficeBox 862
-#define OBJ_postOfficeBox OBJ_X509,18L
-
-#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
-#define NID_physicalDeliveryOfficeName 863
-#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L
-
-#define LN_telephoneNumber "telephoneNumber"
-#define NID_telephoneNumber 864
-#define OBJ_telephoneNumber OBJ_X509,20L
-
-#define LN_telexNumber "telexNumber"
-#define NID_telexNumber 865
-#define OBJ_telexNumber OBJ_X509,21L
-
-#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
-#define NID_teletexTerminalIdentifier 866
-#define OBJ_teletexTerminalIdentifier OBJ_X509,22L
-
-#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
-#define NID_facsimileTelephoneNumber 867
-#define OBJ_facsimileTelephoneNumber OBJ_X509,23L
-
-#define LN_x121Address "x121Address"
-#define NID_x121Address 868
-#define OBJ_x121Address OBJ_X509,24L
-
-#define LN_internationaliSDNNumber "internationaliSDNNumber"
-#define NID_internationaliSDNNumber 869
-#define OBJ_internationaliSDNNumber OBJ_X509,25L
-
-#define LN_registeredAddress "registeredAddress"
-#define NID_registeredAddress 870
-#define OBJ_registeredAddress OBJ_X509,26L
-
-#define LN_destinationIndicator "destinationIndicator"
-#define NID_destinationIndicator 871
-#define OBJ_destinationIndicator OBJ_X509,27L
-
-#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
-#define NID_preferredDeliveryMethod 872
-#define OBJ_preferredDeliveryMethod OBJ_X509,28L
-
-#define LN_presentationAddress "presentationAddress"
-#define NID_presentationAddress 873
-#define OBJ_presentationAddress OBJ_X509,29L
-
-#define LN_supportedApplicationContext "supportedApplicationContext"
-#define NID_supportedApplicationContext 874
-#define OBJ_supportedApplicationContext OBJ_X509,30L
-
-#define SN_member "member"
-#define NID_member 875
-#define OBJ_member OBJ_X509,31L
-
-#define SN_owner "owner"
-#define NID_owner 876
-#define OBJ_owner OBJ_X509,32L
-
-#define LN_roleOccupant "roleOccupant"
-#define NID_roleOccupant 877
-#define OBJ_roleOccupant OBJ_X509,33L
-
-#define SN_seeAlso "seeAlso"
-#define NID_seeAlso 878
-#define OBJ_seeAlso OBJ_X509,34L
-
-#define LN_userPassword "userPassword"
-#define NID_userPassword 879
-#define OBJ_userPassword OBJ_X509,35L
-
-#define LN_userCertificate "userCertificate"
-#define NID_userCertificate 880
-#define OBJ_userCertificate OBJ_X509,36L
-
-#define LN_cACertificate "cACertificate"
-#define NID_cACertificate 881
-#define OBJ_cACertificate OBJ_X509,37L
-
-#define LN_authorityRevocationList "authorityRevocationList"
-#define NID_authorityRevocationList 882
-#define OBJ_authorityRevocationList OBJ_X509,38L
-
-#define LN_certificateRevocationList "certificateRevocationList"
-#define NID_certificateRevocationList 883
-#define OBJ_certificateRevocationList OBJ_X509,39L
-
-#define LN_crossCertificatePair "crossCertificatePair"
-#define NID_crossCertificatePair 884
-#define OBJ_crossCertificatePair OBJ_X509,40L
-
-#define SN_name "name"
-#define LN_name "name"
-#define NID_name 173
-#define OBJ_name OBJ_X509,41L
-
-#define SN_givenName "GN"
-#define LN_givenName "givenName"
-#define NID_givenName 99
-#define OBJ_givenName OBJ_X509,42L
-
-#define SN_initials "initials"
-#define LN_initials "initials"
-#define NID_initials 101
-#define OBJ_initials OBJ_X509,43L
-
-#define LN_generationQualifier "generationQualifier"
-#define NID_generationQualifier 509
-#define OBJ_generationQualifier OBJ_X509,44L
-
-#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier 503
-#define OBJ_x500UniqueIdentifier OBJ_X509,45L
-
-#define SN_dnQualifier "dnQualifier"
-#define LN_dnQualifier "dnQualifier"
-#define NID_dnQualifier 174
-#define OBJ_dnQualifier OBJ_X509,46L
-
-#define LN_enhancedSearchGuide "enhancedSearchGuide"
-#define NID_enhancedSearchGuide 885
-#define OBJ_enhancedSearchGuide OBJ_X509,47L
-
-#define LN_protocolInformation "protocolInformation"
-#define NID_protocolInformation 886
-#define OBJ_protocolInformation OBJ_X509,48L
-
-#define LN_distinguishedName "distinguishedName"
-#define NID_distinguishedName 887
-#define OBJ_distinguishedName OBJ_X509,49L
-
-#define LN_uniqueMember "uniqueMember"
-#define NID_uniqueMember 888
-#define OBJ_uniqueMember OBJ_X509,50L
-
-#define LN_houseIdentifier "houseIdentifier"
-#define NID_houseIdentifier 889
-#define OBJ_houseIdentifier OBJ_X509,51L
-
-#define LN_supportedAlgorithms "supportedAlgorithms"
-#define NID_supportedAlgorithms 890
-#define OBJ_supportedAlgorithms OBJ_X509,52L
-
-#define LN_deltaRevocationList "deltaRevocationList"
-#define NID_deltaRevocationList 891
-#define OBJ_deltaRevocationList OBJ_X509,53L
-
-#define SN_dmdName "dmdName"
-#define NID_dmdName 892
-#define OBJ_dmdName OBJ_X509,54L
-
-#define LN_pseudonym "pseudonym"
-#define NID_pseudonym 510
-#define OBJ_pseudonym OBJ_X509,65L
-
-#define SN_role "role"
-#define LN_role "role"
-#define NID_role 400
-#define OBJ_role OBJ_X509,72L
-
-#define SN_X500algorithms "X500algorithms"
-#define LN_X500algorithms "directory services - algorithms"
-#define NID_X500algorithms 378
-#define OBJ_X500algorithms OBJ_X500,8L
-
-#define SN_rsa "RSA"
-#define LN_rsa "rsa"
-#define NID_rsa 19
-#define OBJ_rsa OBJ_X500algorithms,1L,1L
-
-#define SN_mdc2WithRSA "RSA-MDC2"
-#define LN_mdc2WithRSA "mdc2WithRSA"
-#define NID_mdc2WithRSA 96
-#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L
-
-#define SN_mdc2 "MDC2"
-#define LN_mdc2 "mdc2"
-#define NID_mdc2 95
-#define OBJ_mdc2 OBJ_X500algorithms,3L,101L
-
-#define SN_id_ce "id-ce"
-#define NID_id_ce 81
-#define OBJ_id_ce OBJ_X500,29L
-
-#define SN_subject_directory_attributes "subjectDirectoryAttributes"
-#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
-#define NID_subject_directory_attributes 769
-#define OBJ_subject_directory_attributes OBJ_id_ce,9L
-
-#define SN_subject_key_identifier "subjectKeyIdentifier"
-#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier 82
-#define OBJ_subject_key_identifier OBJ_id_ce,14L
-
-#define SN_key_usage "keyUsage"
-#define LN_key_usage "X509v3 Key Usage"
-#define NID_key_usage 83
-#define OBJ_key_usage OBJ_id_ce,15L
-
-#define SN_private_key_usage_period "privateKeyUsagePeriod"
-#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period 84
-#define OBJ_private_key_usage_period OBJ_id_ce,16L
-
-#define SN_subject_alt_name "subjectAltName"
-#define LN_subject_alt_name "X509v3 Subject Alternative Name"
-#define NID_subject_alt_name 85
-#define OBJ_subject_alt_name OBJ_id_ce,17L
-
-#define SN_issuer_alt_name "issuerAltName"
-#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name 86
-#define OBJ_issuer_alt_name OBJ_id_ce,18L
-
-#define SN_basic_constraints "basicConstraints"
-#define LN_basic_constraints "X509v3 Basic Constraints"
-#define NID_basic_constraints 87
-#define OBJ_basic_constraints OBJ_id_ce,19L
-
-#define SN_crl_number "crlNumber"
-#define LN_crl_number "X509v3 CRL Number"
-#define NID_crl_number 88
-#define OBJ_crl_number OBJ_id_ce,20L
-
-#define SN_crl_reason "CRLReason"
-#define LN_crl_reason "X509v3 CRL Reason Code"
-#define NID_crl_reason 141
-#define OBJ_crl_reason OBJ_id_ce,21L
-
-#define SN_invalidity_date "invalidityDate"
-#define LN_invalidity_date "Invalidity Date"
-#define NID_invalidity_date 142
-#define OBJ_invalidity_date OBJ_id_ce,24L
-
-#define SN_delta_crl "deltaCRL"
-#define LN_delta_crl "X509v3 Delta CRL Indicator"
-#define NID_delta_crl 140
-#define OBJ_delta_crl OBJ_id_ce,27L
-
-#define SN_issuing_distribution_point "issuingDistributionPoint"
-#define LN_issuing_distribution_point "X509v3 Issuing Distribution Point"
-#define NID_issuing_distribution_point 770
-#define OBJ_issuing_distribution_point OBJ_id_ce,28L
-
-#define SN_certificate_issuer "certificateIssuer"
-#define LN_certificate_issuer "X509v3 Certificate Issuer"
-#define NID_certificate_issuer 771
-#define OBJ_certificate_issuer OBJ_id_ce,29L
-
-#define SN_name_constraints "nameConstraints"
-#define LN_name_constraints "X509v3 Name Constraints"
-#define NID_name_constraints 666
-#define OBJ_name_constraints OBJ_id_ce,30L
-
-#define SN_crl_distribution_points "crlDistributionPoints"
-#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points 103
-#define OBJ_crl_distribution_points OBJ_id_ce,31L
-
-#define SN_certificate_policies "certificatePolicies"
-#define LN_certificate_policies "X509v3 Certificate Policies"
-#define NID_certificate_policies 89
-#define OBJ_certificate_policies OBJ_id_ce,32L
-
-#define SN_any_policy "anyPolicy"
-#define LN_any_policy "X509v3 Any Policy"
-#define NID_any_policy 746
-#define OBJ_any_policy OBJ_certificate_policies,0L
-
-#define SN_policy_mappings "policyMappings"
-#define LN_policy_mappings "X509v3 Policy Mappings"
-#define NID_policy_mappings 747
-#define OBJ_policy_mappings OBJ_id_ce,33L
-
-#define SN_authority_key_identifier "authorityKeyIdentifier"
-#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier 90
-#define OBJ_authority_key_identifier OBJ_id_ce,35L
-
-#define SN_policy_constraints "policyConstraints"
-#define LN_policy_constraints "X509v3 Policy Constraints"
-#define NID_policy_constraints 401
-#define OBJ_policy_constraints OBJ_id_ce,36L
-
-#define SN_ext_key_usage "extendedKeyUsage"
-#define LN_ext_key_usage "X509v3 Extended Key Usage"
-#define NID_ext_key_usage 126
-#define OBJ_ext_key_usage OBJ_id_ce,37L
-
-#define SN_freshest_crl "freshestCRL"
-#define LN_freshest_crl "X509v3 Freshest CRL"
-#define NID_freshest_crl 857
-#define OBJ_freshest_crl OBJ_id_ce,46L
-
-#define SN_inhibit_any_policy "inhibitAnyPolicy"
-#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
-#define NID_inhibit_any_policy 748
-#define OBJ_inhibit_any_policy OBJ_id_ce,54L
-
-#define SN_target_information "targetInformation"
-#define LN_target_information "X509v3 AC Targeting"
-#define NID_target_information 402
-#define OBJ_target_information OBJ_id_ce,55L
-
-#define SN_no_rev_avail "noRevAvail"
-#define LN_no_rev_avail "X509v3 No Revocation Available"
-#define NID_no_rev_avail 403
-#define OBJ_no_rev_avail OBJ_id_ce,56L
-
-#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
-#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
-#define NID_anyExtendedKeyUsage 910
-#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
-
-#define SN_netscape "Netscape"
-#define LN_netscape "Netscape Communications Corp."
-#define NID_netscape 57
-#define OBJ_netscape 2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension "nsCertExt"
-#define LN_netscape_cert_extension "Netscape Certificate Extension"
-#define NID_netscape_cert_extension 58
-#define OBJ_netscape_cert_extension OBJ_netscape,1L
-
-#define SN_netscape_data_type "nsDataType"
-#define LN_netscape_data_type "Netscape Data Type"
-#define NID_netscape_data_type 59
-#define OBJ_netscape_data_type OBJ_netscape,2L
+#define OBJ_dsaWithSHA1_2 1L, 3L, 14L, 3L, 2L, 27L
#define SN_netscape_cert_type "nsCertType"
#define LN_netscape_cert_type "Netscape Cert Type"
#define NID_netscape_cert_type 71
-#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+#define OBJ_netscape_cert_type 2L, 16L, 840L, 1L, 113730L, 1L, 1L
#define SN_netscape_base_url "nsBaseUrl"
#define LN_netscape_base_url "Netscape Base Url"
#define NID_netscape_base_url 72
-#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+#define OBJ_netscape_base_url 2L, 16L, 840L, 1L, 113730L, 1L, 2L
#define SN_netscape_revocation_url "nsRevocationUrl"
#define LN_netscape_revocation_url "Netscape Revocation Url"
#define NID_netscape_revocation_url 73
-#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+#define OBJ_netscape_revocation_url 2L, 16L, 840L, 1L, 113730L, 1L, 3L
#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
#define NID_netscape_ca_revocation_url 74
-#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+#define OBJ_netscape_ca_revocation_url 2L, 16L, 840L, 1L, 113730L, 1L, 4L
#define SN_netscape_renewal_url "nsRenewalUrl"
#define LN_netscape_renewal_url "Netscape Renewal Url"
#define NID_netscape_renewal_url 75
-#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+#define OBJ_netscape_renewal_url 2L, 16L, 840L, 1L, 113730L, 1L, 7L
#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
#define NID_netscape_ca_policy_url 76
-#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+#define OBJ_netscape_ca_policy_url 2L, 16L, 840L, 1L, 113730L, 1L, 8L
#define SN_netscape_ssl_server_name "nsSslServerName"
#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
#define NID_netscape_ssl_server_name 77
-#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+#define OBJ_netscape_ssl_server_name 2L, 16L, 840L, 1L, 113730L, 1L, 12L
#define SN_netscape_comment "nsComment"
#define LN_netscape_comment "Netscape Comment"
#define NID_netscape_comment 78
-#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+#define OBJ_netscape_comment 2L, 16L, 840L, 1L, 113730L, 1L, 13L
#define SN_netscape_cert_sequence "nsCertSequence"
#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
#define NID_netscape_cert_sequence 79
-#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+#define OBJ_netscape_cert_sequence 2L, 16L, 840L, 1L, 113730L, 2L, 5L
-#define SN_ns_sgc "nsSGC"
-#define LN_ns_sgc "Netscape Server Gated Crypto"
-#define NID_ns_sgc 139
-#define OBJ_ns_sgc OBJ_netscape,4L,1L
+#define SN_desx_cbc "DESX-CBC"
+#define LN_desx_cbc "desx-cbc"
+#define NID_desx_cbc 80
-#define SN_org "ORG"
-#define LN_org "org"
-#define NID_org 379
-#define OBJ_org OBJ_iso,3L
+#define SN_id_ce "id-ce"
+#define NID_id_ce 81
+#define OBJ_id_ce 2L, 5L, 29L
-#define SN_dod "DOD"
-#define LN_dod "dod"
-#define NID_dod 380
-#define OBJ_dod OBJ_org,6L
+#define SN_subject_key_identifier "subjectKeyIdentifier"
+#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier 82
+#define OBJ_subject_key_identifier 2L, 5L, 29L, 14L
-#define SN_iana "IANA"
-#define LN_iana "iana"
-#define NID_iana 381
-#define OBJ_iana OBJ_dod,1L
+#define SN_key_usage "keyUsage"
+#define LN_key_usage "X509v3 Key Usage"
+#define NID_key_usage 83
+#define OBJ_key_usage 2L, 5L, 29L, 15L
-#define OBJ_internet OBJ_iana
+#define SN_private_key_usage_period "privateKeyUsagePeriod"
+#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period 84
+#define OBJ_private_key_usage_period 2L, 5L, 29L, 16L
-#define SN_Directory "directory"
-#define LN_Directory "Directory"
-#define NID_Directory 382
-#define OBJ_Directory OBJ_internet,1L
+#define SN_subject_alt_name "subjectAltName"
+#define LN_subject_alt_name "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name 85
+#define OBJ_subject_alt_name 2L, 5L, 29L, 17L
-#define SN_Management "mgmt"
-#define LN_Management "Management"
-#define NID_Management 383
-#define OBJ_Management OBJ_internet,2L
+#define SN_issuer_alt_name "issuerAltName"
+#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name 86
+#define OBJ_issuer_alt_name 2L, 5L, 29L, 18L
-#define SN_Experimental "experimental"
-#define LN_Experimental "Experimental"
-#define NID_Experimental 384
-#define OBJ_Experimental OBJ_internet,3L
+#define SN_basic_constraints "basicConstraints"
+#define LN_basic_constraints "X509v3 Basic Constraints"
+#define NID_basic_constraints 87
+#define OBJ_basic_constraints 2L, 5L, 29L, 19L
-#define SN_Private "private"
-#define LN_Private "Private"
-#define NID_Private 385
-#define OBJ_Private OBJ_internet,4L
+#define SN_crl_number "crlNumber"
+#define LN_crl_number "X509v3 CRL Number"
+#define NID_crl_number 88
+#define OBJ_crl_number 2L, 5L, 29L, 20L
-#define SN_Security "security"
-#define LN_Security "Security"
-#define NID_Security 386
-#define OBJ_Security OBJ_internet,5L
+#define SN_certificate_policies "certificatePolicies"
+#define LN_certificate_policies "X509v3 Certificate Policies"
+#define NID_certificate_policies 89
+#define OBJ_certificate_policies 2L, 5L, 29L, 32L
-#define SN_SNMPv2 "snmpv2"
-#define LN_SNMPv2 "SNMPv2"
-#define NID_SNMPv2 387
-#define OBJ_SNMPv2 OBJ_internet,6L
+#define SN_authority_key_identifier "authorityKeyIdentifier"
+#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier 90
+#define OBJ_authority_key_identifier 2L, 5L, 29L, 35L
-#define LN_Mail "Mail"
-#define NID_Mail 388
-#define OBJ_Mail OBJ_internet,7L
+#define SN_bf_cbc "BF-CBC"
+#define LN_bf_cbc "bf-cbc"
+#define NID_bf_cbc 91
+#define OBJ_bf_cbc 1L, 3L, 6L, 1L, 4L, 1L, 3029L, 1L, 2L
-#define SN_Enterprises "enterprises"
-#define LN_Enterprises "Enterprises"
-#define NID_Enterprises 389
-#define OBJ_Enterprises OBJ_Private,1L
+#define SN_bf_ecb "BF-ECB"
+#define LN_bf_ecb "bf-ecb"
+#define NID_bf_ecb 92
-#define SN_dcObject "dcobject"
-#define LN_dcObject "dcObject"
-#define NID_dcObject 390
-#define OBJ_dcObject OBJ_Enterprises,1466L,344L
+#define SN_bf_cfb64 "BF-CFB"
+#define LN_bf_cfb64 "bf-cfb"
+#define NID_bf_cfb64 93
-#define SN_mime_mhs "mime-mhs"
-#define LN_mime_mhs "MIME MHS"
-#define NID_mime_mhs 504
-#define OBJ_mime_mhs OBJ_Mail,1L
+#define SN_bf_ofb64 "BF-OFB"
+#define LN_bf_ofb64 "bf-ofb"
+#define NID_bf_ofb64 94
-#define SN_mime_mhs_headings "mime-mhs-headings"
-#define LN_mime_mhs_headings "mime-mhs-headings"
-#define NID_mime_mhs_headings 505
-#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
+#define SN_mdc2 "MDC2"
+#define LN_mdc2 "mdc2"
+#define NID_mdc2 95
+#define OBJ_mdc2 2L, 5L, 8L, 3L, 101L
-#define SN_mime_mhs_bodies "mime-mhs-bodies"
-#define LN_mime_mhs_bodies "mime-mhs-bodies"
-#define NID_mime_mhs_bodies 506
-#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
+#define SN_mdc2WithRSA "RSA-MDC2"
+#define LN_mdc2WithRSA "mdc2WithRSA"
+#define NID_mdc2WithRSA 96
+#define OBJ_mdc2WithRSA 2L, 5L, 8L, 3L, 100L
-#define SN_id_hex_partial_message "id-hex-partial-message"
-#define LN_id_hex_partial_message "id-hex-partial-message"
-#define NID_id_hex_partial_message 507
-#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
+#define SN_rc4_40 "RC4-40"
+#define LN_rc4_40 "rc4-40"
+#define NID_rc4_40 97
-#define SN_id_hex_multipart_message "id-hex-multipart-message"
-#define LN_id_hex_multipart_message "id-hex-multipart-message"
-#define NID_id_hex_multipart_message 508
-#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
+#define SN_rc2_40_cbc "RC2-40-CBC"
+#define LN_rc2_40_cbc "rc2-40-cbc"
+#define NID_rc2_40_cbc 98
+
+#define SN_givenName "GN"
+#define LN_givenName "givenName"
+#define NID_givenName 99
+#define OBJ_givenName 2L, 5L, 4L, 42L
+
+#define SN_surname "SN"
+#define LN_surname "surname"
+#define NID_surname 100
+#define OBJ_surname 2L, 5L, 4L, 4L
+
+#define SN_initials "initials"
+#define LN_initials "initials"
+#define NID_initials 101
+#define OBJ_initials 2L, 5L, 4L, 43L
+
+#define SN_crl_distribution_points "crlDistributionPoints"
+#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points 103
+#define OBJ_crl_distribution_points 2L, 5L, 29L, 31L
+
+#define SN_md5WithRSA "RSA-NP-MD5"
+#define LN_md5WithRSA "md5WithRSA"
+#define NID_md5WithRSA 104
+#define OBJ_md5WithRSA 1L, 3L, 14L, 3L, 2L, 3L
+
+#define LN_serialNumber "serialNumber"
+#define NID_serialNumber 105
+#define OBJ_serialNumber 2L, 5L, 4L, 5L
+
+#define SN_title "title"
+#define LN_title "title"
+#define NID_title 106
+#define OBJ_title 2L, 5L, 4L, 12L
+
+#define LN_description "description"
+#define NID_description 107
+#define OBJ_description 2L, 5L, 4L, 13L
+
+#define SN_cast5_cbc "CAST5-CBC"
+#define LN_cast5_cbc "cast5-cbc"
+#define NID_cast5_cbc 108
+#define OBJ_cast5_cbc 1L, 2L, 840L, 113533L, 7L, 66L, 10L
+
+#define SN_cast5_ecb "CAST5-ECB"
+#define LN_cast5_ecb "cast5-ecb"
+#define NID_cast5_ecb 109
+
+#define SN_cast5_cfb64 "CAST5-CFB"
+#define LN_cast5_cfb64 "cast5-cfb"
+#define NID_cast5_cfb64 110
+
+#define SN_cast5_ofb64 "CAST5-OFB"
+#define LN_cast5_ofb64 "cast5-ofb"
+#define NID_cast5_ofb64 111
+
+#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC 112
+#define OBJ_pbeWithMD5AndCast5_CBC 1L, 2L, 840L, 113533L, 7L, 66L, 12L
+
+#define SN_dsaWithSHA1 "DSA-SHA1"
+#define LN_dsaWithSHA1 "dsaWithSHA1"
+#define NID_dsaWithSHA1 113
+#define OBJ_dsaWithSHA1 1L, 2L, 840L, 10040L, 4L, 3L
+
+#define SN_md5_sha1 "MD5-SHA1"
+#define LN_md5_sha1 "md5-sha1"
+#define NID_md5_sha1 114
+
+#define SN_sha1WithRSA "RSA-SHA1-2"
+#define LN_sha1WithRSA "sha1WithRSA"
+#define NID_sha1WithRSA 115
+#define OBJ_sha1WithRSA 1L, 3L, 14L, 3L, 2L, 29L
+
+#define SN_dsa "DSA"
+#define LN_dsa "dsaEncryption"
+#define NID_dsa 116
+#define OBJ_dsa 1L, 2L, 840L, 10040L, 4L, 1L
+
+#define SN_ripemd160 "RIPEMD160"
+#define LN_ripemd160 "ripemd160"
+#define NID_ripemd160 117
+#define OBJ_ripemd160 1L, 3L, 36L, 3L, 2L, 1L
+
+#define SN_ripemd160WithRSA "RSA-RIPEMD160"
+#define LN_ripemd160WithRSA "ripemd160WithRSA"
+#define NID_ripemd160WithRSA 119
+#define OBJ_ripemd160WithRSA 1L, 3L, 36L, 3L, 3L, 1L, 2L
+
+#define SN_rc5_cbc "RC5-CBC"
+#define LN_rc5_cbc "rc5-cbc"
+#define NID_rc5_cbc 120
+#define OBJ_rc5_cbc 1L, 2L, 840L, 113549L, 3L, 8L
+
+#define SN_rc5_ecb "RC5-ECB"
+#define LN_rc5_ecb "rc5-ecb"
+#define NID_rc5_ecb 121
+
+#define SN_rc5_cfb64 "RC5-CFB"
+#define LN_rc5_cfb64 "rc5-cfb"
+#define NID_rc5_cfb64 122
+
+#define SN_rc5_ofb64 "RC5-OFB"
+#define LN_rc5_ofb64 "rc5-ofb"
+#define NID_rc5_ofb64 123
#define SN_zlib_compression "ZLIB"
#define LN_zlib_compression "zlib compression"
#define NID_zlib_compression 125
-#define OBJ_zlib_compression OBJ_id_smime_alg,8L
+#define OBJ_zlib_compression 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 8L
-#define OBJ_csor 2L,16L,840L,1L,101L,3L
+#define SN_ext_key_usage "extendedKeyUsage"
+#define LN_ext_key_usage "X509v3 Extended Key Usage"
+#define NID_ext_key_usage 126
+#define OBJ_ext_key_usage 2L, 5L, 29L, 37L
-#define OBJ_nistAlgorithms OBJ_csor,4L
+#define SN_id_pkix "PKIX"
+#define NID_id_pkix 127
+#define OBJ_id_pkix 1L, 3L, 6L, 1L, 5L, 5L, 7L
-#define OBJ_aes OBJ_nistAlgorithms,1L
+#define SN_id_kp "id-kp"
+#define NID_id_kp 128
+#define OBJ_id_kp 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L
+
+#define SN_server_auth "serverAuth"
+#define LN_server_auth "TLS Web Server Authentication"
+#define NID_server_auth 129
+#define OBJ_server_auth 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 1L
+
+#define SN_client_auth "clientAuth"
+#define LN_client_auth "TLS Web Client Authentication"
+#define NID_client_auth 130
+#define OBJ_client_auth 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 2L
+
+#define SN_code_sign "codeSigning"
+#define LN_code_sign "Code Signing"
+#define NID_code_sign 131
+#define OBJ_code_sign 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 3L
+
+#define SN_email_protect "emailProtection"
+#define LN_email_protect "E-mail Protection"
+#define NID_email_protect 132
+#define OBJ_email_protect 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 4L
+
+#define SN_time_stamp "timeStamping"
+#define LN_time_stamp "Time Stamping"
+#define NID_time_stamp 133
+#define OBJ_time_stamp 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 8L
+
+#define SN_ms_code_ind "msCodeInd"
+#define LN_ms_code_ind "Microsoft Individual Code Signing"
+#define NID_ms_code_ind 134
+#define OBJ_ms_code_ind 1L, 3L, 6L, 1L, 4L, 1L, 311L, 2L, 1L, 21L
+
+#define SN_ms_code_com "msCodeCom"
+#define LN_ms_code_com "Microsoft Commercial Code Signing"
+#define NID_ms_code_com 135
+#define OBJ_ms_code_com 1L, 3L, 6L, 1L, 4L, 1L, 311L, 2L, 1L, 22L
+
+#define SN_ms_ctl_sign "msCTLSign"
+#define LN_ms_ctl_sign "Microsoft Trust List Signing"
+#define NID_ms_ctl_sign 136
+#define OBJ_ms_ctl_sign 1L, 3L, 6L, 1L, 4L, 1L, 311L, 10L, 3L, 1L
+
+#define SN_ms_sgc "msSGC"
+#define LN_ms_sgc "Microsoft Server Gated Crypto"
+#define NID_ms_sgc 137
+#define OBJ_ms_sgc 1L, 3L, 6L, 1L, 4L, 1L, 311L, 10L, 3L, 3L
+
+#define SN_ms_efs "msEFS"
+#define LN_ms_efs "Microsoft Encrypted File System"
+#define NID_ms_efs 138
+#define OBJ_ms_efs 1L, 3L, 6L, 1L, 4L, 1L, 311L, 10L, 3L, 4L
+
+#define SN_ns_sgc "nsSGC"
+#define LN_ns_sgc "Netscape Server Gated Crypto"
+#define NID_ns_sgc 139
+#define OBJ_ns_sgc 2L, 16L, 840L, 1L, 113730L, 4L, 1L
+
+#define SN_delta_crl "deltaCRL"
+#define LN_delta_crl "X509v3 Delta CRL Indicator"
+#define NID_delta_crl 140
+#define OBJ_delta_crl 2L, 5L, 29L, 27L
+
+#define SN_crl_reason "CRLReason"
+#define LN_crl_reason "X509v3 CRL Reason Code"
+#define NID_crl_reason 141
+#define OBJ_crl_reason 2L, 5L, 29L, 21L
+
+#define SN_invalidity_date "invalidityDate"
+#define LN_invalidity_date "Invalidity Date"
+#define NID_invalidity_date 142
+#define OBJ_invalidity_date 2L, 5L, 29L, 24L
+
+#define SN_sxnet "SXNetID"
+#define LN_sxnet "Strong Extranet ID"
+#define NID_sxnet 143
+#define OBJ_sxnet 1L, 3L, 101L, 1L, 4L, 1L
+
+#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
+#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
+#define NID_pbe_WithSHA1And128BitRC4 144
+#define OBJ_pbe_WithSHA1And128BitRC4 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 1L
+
+#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
+#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
+#define NID_pbe_WithSHA1And40BitRC4 145
+#define OBJ_pbe_WithSHA1And40BitRC4 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 2L
+
+#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
+#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
+#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC \
+ 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 3L
+
+#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
+#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
+#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC \
+ 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 4L
+
+#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
+#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
+#define NID_pbe_WithSHA1And128BitRC2_CBC 148
+#define OBJ_pbe_WithSHA1And128BitRC2_CBC 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 5L
+
+#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
+#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
+#define NID_pbe_WithSHA1And40BitRC2_CBC 149
+#define OBJ_pbe_WithSHA1And40BitRC2_CBC 1L, 2L, 840L, 113549L, 1L, 12L, 1L, 6L
+
+#define LN_keyBag "keyBag"
+#define NID_keyBag 150
+#define OBJ_keyBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 1L
+
+#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
+#define NID_pkcs8ShroudedKeyBag 151
+#define OBJ_pkcs8ShroudedKeyBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 2L
+
+#define LN_certBag "certBag"
+#define NID_certBag 152
+#define OBJ_certBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 3L
+
+#define LN_crlBag "crlBag"
+#define NID_crlBag 153
+#define OBJ_crlBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 4L
+
+#define LN_secretBag "secretBag"
+#define NID_secretBag 154
+#define OBJ_secretBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 5L
+
+#define LN_safeContentsBag "safeContentsBag"
+#define NID_safeContentsBag 155
+#define OBJ_safeContentsBag 1L, 2L, 840L, 113549L, 1L, 12L, 10L, 1L, 6L
+
+#define LN_friendlyName "friendlyName"
+#define NID_friendlyName 156
+#define OBJ_friendlyName 1L, 2L, 840L, 113549L, 1L, 9L, 20L
+
+#define LN_localKeyID "localKeyID"
+#define NID_localKeyID 157
+#define OBJ_localKeyID 1L, 2L, 840L, 113549L, 1L, 9L, 21L
+
+#define LN_x509Certificate "x509Certificate"
+#define NID_x509Certificate 158
+#define OBJ_x509Certificate 1L, 2L, 840L, 113549L, 1L, 9L, 22L, 1L
+
+#define LN_sdsiCertificate "sdsiCertificate"
+#define NID_sdsiCertificate 159
+#define OBJ_sdsiCertificate 1L, 2L, 840L, 113549L, 1L, 9L, 22L, 2L
+
+#define LN_x509Crl "x509Crl"
+#define NID_x509Crl 160
+#define OBJ_x509Crl 1L, 2L, 840L, 113549L, 1L, 9L, 23L, 1L
+
+#define LN_pbes2 "PBES2"
+#define NID_pbes2 161
+#define OBJ_pbes2 1L, 2L, 840L, 113549L, 1L, 5L, 13L
+
+#define LN_pbmac1 "PBMAC1"
+#define NID_pbmac1 162
+#define OBJ_pbmac1 1L, 2L, 840L, 113549L, 1L, 5L, 14L
+
+#define LN_hmacWithSHA1 "hmacWithSHA1"
+#define NID_hmacWithSHA1 163
+#define OBJ_hmacWithSHA1 1L, 2L, 840L, 113549L, 2L, 7L
+
+#define SN_id_qt_cps "id-qt-cps"
+#define LN_id_qt_cps "Policy Qualifier CPS"
+#define NID_id_qt_cps 164
+#define OBJ_id_qt_cps 1L, 3L, 6L, 1L, 5L, 5L, 7L, 2L, 1L
+
+#define SN_id_qt_unotice "id-qt-unotice"
+#define LN_id_qt_unotice "Policy Qualifier User Notice"
+#define NID_id_qt_unotice 165
+#define OBJ_id_qt_unotice 1L, 3L, 6L, 1L, 5L, 5L, 7L, 2L, 2L
+
+#define SN_rc2_64_cbc "RC2-64-CBC"
+#define LN_rc2_64_cbc "rc2-64-cbc"
+#define NID_rc2_64_cbc 166
+
+#define SN_SMIMECapabilities "SMIME-CAPS"
+#define LN_SMIMECapabilities "S/MIME Capabilities"
+#define NID_SMIMECapabilities 167
+#define OBJ_SMIMECapabilities 1L, 2L, 840L, 113549L, 1L, 9L, 15L
+
+#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
+#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC 168
+#define OBJ_pbeWithMD2AndRC2_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 4L
+
+#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
+#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC 169
+#define OBJ_pbeWithMD5AndRC2_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 6L
+
+#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
+#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC 170
+#define OBJ_pbeWithSHA1AndDES_CBC 1L, 2L, 840L, 113549L, 1L, 5L, 10L
+
+#define SN_ms_ext_req "msExtReq"
+#define LN_ms_ext_req "Microsoft Extension Request"
+#define NID_ms_ext_req 171
+#define OBJ_ms_ext_req 1L, 3L, 6L, 1L, 4L, 1L, 311L, 2L, 1L, 14L
+
+#define SN_ext_req "extReq"
+#define LN_ext_req "Extension Request"
+#define NID_ext_req 172
+#define OBJ_ext_req 1L, 2L, 840L, 113549L, 1L, 9L, 14L
+
+#define SN_name "name"
+#define LN_name "name"
+#define NID_name 173
+#define OBJ_name 2L, 5L, 4L, 41L
+
+#define SN_dnQualifier "dnQualifier"
+#define LN_dnQualifier "dnQualifier"
+#define NID_dnQualifier 174
+#define OBJ_dnQualifier 2L, 5L, 4L, 46L
+
+#define SN_id_pe "id-pe"
+#define NID_id_pe 175
+#define OBJ_id_pe 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L
+
+#define SN_id_ad "id-ad"
+#define NID_id_ad 176
+#define OBJ_id_ad 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L
+
+#define SN_info_access "authorityInfoAccess"
+#define LN_info_access "Authority Information Access"
+#define NID_info_access 177
+#define OBJ_info_access 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 1L
+
+#define SN_ad_OCSP "OCSP"
+#define LN_ad_OCSP "OCSP"
+#define NID_ad_OCSP 178
+#define OBJ_ad_OCSP 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L
+
+#define SN_ad_ca_issuers "caIssuers"
+#define LN_ad_ca_issuers "CA Issuers"
+#define NID_ad_ca_issuers 179
+#define OBJ_ad_ca_issuers 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 2L
+
+#define SN_OCSP_sign "OCSPSigning"
+#define LN_OCSP_sign "OCSP Signing"
+#define NID_OCSP_sign 180
+#define OBJ_OCSP_sign 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 9L
+
+#define SN_iso "ISO"
+#define LN_iso "iso"
+#define NID_iso 181
+#define OBJ_iso 1L
+
+#define SN_member_body "member-body"
+#define LN_member_body "ISO Member Body"
+#define NID_member_body 182
+#define OBJ_member_body 1L, 2L
+
+#define SN_ISO_US "ISO-US"
+#define LN_ISO_US "ISO US Member Body"
+#define NID_ISO_US 183
+#define OBJ_ISO_US 1L, 2L, 840L
+
+#define SN_X9_57 "X9-57"
+#define LN_X9_57 "X9.57"
+#define NID_X9_57 184
+#define OBJ_X9_57 1L, 2L, 840L, 10040L
+
+#define SN_X9cm "X9cm"
+#define LN_X9cm "X9.57 CM ?"
+#define NID_X9cm 185
+#define OBJ_X9cm 1L, 2L, 840L, 10040L, 4L
+
+#define SN_pkcs1 "pkcs1"
+#define NID_pkcs1 186
+#define OBJ_pkcs1 1L, 2L, 840L, 113549L, 1L, 1L
+
+#define SN_pkcs5 "pkcs5"
+#define NID_pkcs5 187
+#define OBJ_pkcs5 1L, 2L, 840L, 113549L, 1L, 5L
+
+#define SN_SMIME "SMIME"
+#define LN_SMIME "S/MIME"
+#define NID_SMIME 188
+#define OBJ_SMIME 1L, 2L, 840L, 113549L, 1L, 9L, 16L
+
+#define SN_id_smime_mod "id-smime-mod"
+#define NID_id_smime_mod 189
+#define OBJ_id_smime_mod 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L
+
+#define SN_id_smime_ct "id-smime-ct"
+#define NID_id_smime_ct 190
+#define OBJ_id_smime_ct 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L
+
+#define SN_id_smime_aa "id-smime-aa"
+#define NID_id_smime_aa 191
+#define OBJ_id_smime_aa 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L
+
+#define SN_id_smime_alg "id-smime-alg"
+#define NID_id_smime_alg 192
+#define OBJ_id_smime_alg 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L
+
+#define SN_id_smime_cd "id-smime-cd"
+#define NID_id_smime_cd 193
+#define OBJ_id_smime_cd 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 4L
+
+#define SN_id_smime_spq "id-smime-spq"
+#define NID_id_smime_spq 194
+#define OBJ_id_smime_spq 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 5L
+
+#define SN_id_smime_cti "id-smime-cti"
+#define NID_id_smime_cti 195
+#define OBJ_id_smime_cti 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L
+
+#define SN_id_smime_mod_cms "id-smime-mod-cms"
+#define NID_id_smime_mod_cms 196
+#define OBJ_id_smime_mod_cms 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 1L
+
+#define SN_id_smime_mod_ess "id-smime-mod-ess"
+#define NID_id_smime_mod_ess 197
+#define OBJ_id_smime_mod_ess 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 2L
+
+#define SN_id_smime_mod_oid "id-smime-mod-oid"
+#define NID_id_smime_mod_oid 198
+#define OBJ_id_smime_mod_oid 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 3L
+
+#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
+#define NID_id_smime_mod_msg_v3 199
+#define OBJ_id_smime_mod_msg_v3 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 4L
+
+#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
+#define NID_id_smime_mod_ets_eSignature_88 200
+#define OBJ_id_smime_mod_ets_eSignature_88 \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 5L
+
+#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
+#define NID_id_smime_mod_ets_eSignature_97 201
+#define OBJ_id_smime_mod_ets_eSignature_97 \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 6L
+
+#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
+#define NID_id_smime_mod_ets_eSigPolicy_88 202
+#define OBJ_id_smime_mod_ets_eSigPolicy_88 \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 7L
+
+#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
+#define NID_id_smime_mod_ets_eSigPolicy_97 203
+#define OBJ_id_smime_mod_ets_eSigPolicy_97 \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 0L, 8L
+
+#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
+#define NID_id_smime_ct_receipt 204
+#define OBJ_id_smime_ct_receipt 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 1L
+
+#define SN_id_smime_ct_authData "id-smime-ct-authData"
+#define NID_id_smime_ct_authData 205
+#define OBJ_id_smime_ct_authData 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 2L
+
+#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
+#define NID_id_smime_ct_publishCert 206
+#define OBJ_id_smime_ct_publishCert 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 3L
+
+#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
+#define NID_id_smime_ct_TSTInfo 207
+#define OBJ_id_smime_ct_TSTInfo 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 4L
+
+#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
+#define NID_id_smime_ct_TDTInfo 208
+#define OBJ_id_smime_ct_TDTInfo 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 5L
+
+#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
+#define NID_id_smime_ct_contentInfo 209
+#define OBJ_id_smime_ct_contentInfo 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 6L
+
+#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
+#define NID_id_smime_ct_DVCSRequestData 210
+#define OBJ_id_smime_ct_DVCSRequestData \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 7L
+
+#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
+#define NID_id_smime_ct_DVCSResponseData 211
+#define OBJ_id_smime_ct_DVCSResponseData \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 8L
+
+#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
+#define NID_id_smime_aa_receiptRequest 212
+#define OBJ_id_smime_aa_receiptRequest \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 1L
+
+#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
+#define NID_id_smime_aa_securityLabel 213
+#define OBJ_id_smime_aa_securityLabel 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 2L
+
+#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
+#define NID_id_smime_aa_mlExpandHistory 214
+#define OBJ_id_smime_aa_mlExpandHistory \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 3L
+
+#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
+#define NID_id_smime_aa_contentHint 215
+#define OBJ_id_smime_aa_contentHint 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 4L
+
+#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
+#define NID_id_smime_aa_msgSigDigest 216
+#define OBJ_id_smime_aa_msgSigDigest 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 5L
+
+#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
+#define NID_id_smime_aa_encapContentType 217
+#define OBJ_id_smime_aa_encapContentType \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 6L
+
+#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
+#define NID_id_smime_aa_contentIdentifier 218
+#define OBJ_id_smime_aa_contentIdentifier \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 7L
+
+#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
+#define NID_id_smime_aa_macValue 219
+#define OBJ_id_smime_aa_macValue 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 8L
+
+#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
+#define NID_id_smime_aa_equivalentLabels 220
+#define OBJ_id_smime_aa_equivalentLabels \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 9L
+
+#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
+#define NID_id_smime_aa_contentReference 221
+#define OBJ_id_smime_aa_contentReference \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 10L
+
+#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
+#define NID_id_smime_aa_encrypKeyPref 222
+#define OBJ_id_smime_aa_encrypKeyPref \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 11L
+
+#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
+#define NID_id_smime_aa_signingCertificate 223
+#define OBJ_id_smime_aa_signingCertificate \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 12L
+
+#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
+#define NID_id_smime_aa_smimeEncryptCerts 224
+#define OBJ_id_smime_aa_smimeEncryptCerts \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 13L
+
+#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
+#define NID_id_smime_aa_timeStampToken 225
+#define OBJ_id_smime_aa_timeStampToken \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 14L
+
+#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
+#define NID_id_smime_aa_ets_sigPolicyId 226
+#define OBJ_id_smime_aa_ets_sigPolicyId \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 15L
+
+#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
+#define NID_id_smime_aa_ets_commitmentType 227
+#define OBJ_id_smime_aa_ets_commitmentType \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 16L
+
+#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
+#define NID_id_smime_aa_ets_signerLocation 228
+#define OBJ_id_smime_aa_ets_signerLocation \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 17L
+
+#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
+#define NID_id_smime_aa_ets_signerAttr 229
+#define OBJ_id_smime_aa_ets_signerAttr \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 18L
+
+#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
+#define NID_id_smime_aa_ets_otherSigCert 230
+#define OBJ_id_smime_aa_ets_otherSigCert \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 19L
+
+#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
+#define NID_id_smime_aa_ets_contentTimestamp 231
+#define OBJ_id_smime_aa_ets_contentTimestamp \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 20L
+
+#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
+#define NID_id_smime_aa_ets_CertificateRefs 232
+#define OBJ_id_smime_aa_ets_CertificateRefs \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 21L
+
+#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
+#define NID_id_smime_aa_ets_RevocationRefs 233
+#define OBJ_id_smime_aa_ets_RevocationRefs \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 22L
+
+#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
+#define NID_id_smime_aa_ets_certValues 234
+#define OBJ_id_smime_aa_ets_certValues \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 23L
+
+#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
+#define NID_id_smime_aa_ets_revocationValues 235
+#define OBJ_id_smime_aa_ets_revocationValues \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 24L
+
+#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
+#define NID_id_smime_aa_ets_escTimeStamp 236
+#define OBJ_id_smime_aa_ets_escTimeStamp \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 25L
+
+#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
+#define NID_id_smime_aa_ets_certCRLTimestamp 237
+#define OBJ_id_smime_aa_ets_certCRLTimestamp \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 26L
+
+#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
+#define NID_id_smime_aa_ets_archiveTimeStamp 238
+#define OBJ_id_smime_aa_ets_archiveTimeStamp \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 27L
+
+#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
+#define NID_id_smime_aa_signatureType 239
+#define OBJ_id_smime_aa_signatureType \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 28L
+
+#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
+#define NID_id_smime_aa_dvcs_dvc 240
+#define OBJ_id_smime_aa_dvcs_dvc 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 2L, 29L
+
+#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
+#define NID_id_smime_alg_ESDHwith3DES 241
+#define OBJ_id_smime_alg_ESDHwith3DES 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 1L
+
+#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
+#define NID_id_smime_alg_ESDHwithRC2 242
+#define OBJ_id_smime_alg_ESDHwithRC2 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 2L
+
+#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
+#define NID_id_smime_alg_3DESwrap 243
+#define OBJ_id_smime_alg_3DESwrap 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 3L
+
+#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
+#define NID_id_smime_alg_RC2wrap 244
+#define OBJ_id_smime_alg_RC2wrap 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 4L
+
+#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
+#define NID_id_smime_alg_ESDH 245
+#define OBJ_id_smime_alg_ESDH 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 5L
+
+#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
+#define NID_id_smime_alg_CMS3DESwrap 246
+#define OBJ_id_smime_alg_CMS3DESwrap 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 6L
+
+#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
+#define NID_id_smime_alg_CMSRC2wrap 247
+#define OBJ_id_smime_alg_CMSRC2wrap 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 7L
+
+#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
+#define NID_id_smime_cd_ldap 248
+#define OBJ_id_smime_cd_ldap 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 4L, 1L
+
+#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
+#define NID_id_smime_spq_ets_sqt_uri 249
+#define OBJ_id_smime_spq_ets_sqt_uri 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 5L, 1L
+
+#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
+#define NID_id_smime_spq_ets_sqt_unotice 250
+#define OBJ_id_smime_spq_ets_sqt_unotice \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 5L, 2L
+
+#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
+#define NID_id_smime_cti_ets_proofOfOrigin 251
+#define OBJ_id_smime_cti_ets_proofOfOrigin \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 1L
+
+#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
+#define NID_id_smime_cti_ets_proofOfReceipt 252
+#define OBJ_id_smime_cti_ets_proofOfReceipt \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 2L
+
+#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
+#define NID_id_smime_cti_ets_proofOfDelivery 253
+#define OBJ_id_smime_cti_ets_proofOfDelivery \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 3L
+
+#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
+#define NID_id_smime_cti_ets_proofOfSender 254
+#define OBJ_id_smime_cti_ets_proofOfSender \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 4L
+
+#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
+#define NID_id_smime_cti_ets_proofOfApproval 255
+#define OBJ_id_smime_cti_ets_proofOfApproval \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 5L
+
+#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
+#define NID_id_smime_cti_ets_proofOfCreation 256
+#define OBJ_id_smime_cti_ets_proofOfCreation \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 6L, 6L
+
+#define SN_md4 "MD4"
+#define LN_md4 "md4"
+#define NID_md4 257
+#define OBJ_md4 1L, 2L, 840L, 113549L, 2L, 4L
+
+#define SN_id_pkix_mod "id-pkix-mod"
+#define NID_id_pkix_mod 258
+#define OBJ_id_pkix_mod 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L
+
+#define SN_id_qt "id-qt"
+#define NID_id_qt 259
+#define OBJ_id_qt 1L, 3L, 6L, 1L, 5L, 5L, 7L, 2L
+
+#define SN_id_it "id-it"
+#define NID_id_it 260
+#define OBJ_id_it 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L
+
+#define SN_id_pkip "id-pkip"
+#define NID_id_pkip 261
+#define OBJ_id_pkip 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L
+
+#define SN_id_alg "id-alg"
+#define NID_id_alg 262
+#define OBJ_id_alg 1L, 3L, 6L, 1L, 5L, 5L, 7L, 6L
+
+#define SN_id_cmc "id-cmc"
+#define NID_id_cmc 263
+#define OBJ_id_cmc 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L
+
+#define SN_id_on "id-on"
+#define NID_id_on 264
+#define OBJ_id_on 1L, 3L, 6L, 1L, 5L, 5L, 7L, 8L
+
+#define SN_id_pda "id-pda"
+#define NID_id_pda 265
+#define OBJ_id_pda 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L
+
+#define SN_id_aca "id-aca"
+#define NID_id_aca 266
+#define OBJ_id_aca 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L
+
+#define SN_id_qcs "id-qcs"
+#define NID_id_qcs 267
+#define OBJ_id_qcs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 11L
+
+#define SN_id_cct "id-cct"
+#define NID_id_cct 268
+#define OBJ_id_cct 1L, 3L, 6L, 1L, 5L, 5L, 7L, 12L
+
+#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
+#define NID_id_pkix1_explicit_88 269
+#define OBJ_id_pkix1_explicit_88 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 1L
+
+#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
+#define NID_id_pkix1_implicit_88 270
+#define OBJ_id_pkix1_implicit_88 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 2L
+
+#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
+#define NID_id_pkix1_explicit_93 271
+#define OBJ_id_pkix1_explicit_93 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 3L
+
+#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
+#define NID_id_pkix1_implicit_93 272
+#define OBJ_id_pkix1_implicit_93 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 4L
+
+#define SN_id_mod_crmf "id-mod-crmf"
+#define NID_id_mod_crmf 273
+#define OBJ_id_mod_crmf 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 5L
+
+#define SN_id_mod_cmc "id-mod-cmc"
+#define NID_id_mod_cmc 274
+#define OBJ_id_mod_cmc 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 6L
+
+#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
+#define NID_id_mod_kea_profile_88 275
+#define OBJ_id_mod_kea_profile_88 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 7L
+
+#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
+#define NID_id_mod_kea_profile_93 276
+#define OBJ_id_mod_kea_profile_93 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 8L
+
+#define SN_id_mod_cmp "id-mod-cmp"
+#define NID_id_mod_cmp 277
+#define OBJ_id_mod_cmp 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 9L
+
+#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
+#define NID_id_mod_qualified_cert_88 278
+#define OBJ_id_mod_qualified_cert_88 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 10L
+
+#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
+#define NID_id_mod_qualified_cert_93 279
+#define OBJ_id_mod_qualified_cert_93 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 11L
+
+#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
+#define NID_id_mod_attribute_cert 280
+#define OBJ_id_mod_attribute_cert 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 12L
+
+#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
+#define NID_id_mod_timestamp_protocol 281
+#define OBJ_id_mod_timestamp_protocol 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 13L
+
+#define SN_id_mod_ocsp "id-mod-ocsp"
+#define NID_id_mod_ocsp 282
+#define OBJ_id_mod_ocsp 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 14L
+
+#define SN_id_mod_dvcs "id-mod-dvcs"
+#define NID_id_mod_dvcs 283
+#define OBJ_id_mod_dvcs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 15L
+
+#define SN_id_mod_cmp2000 "id-mod-cmp2000"
+#define NID_id_mod_cmp2000 284
+#define OBJ_id_mod_cmp2000 1L, 3L, 6L, 1L, 5L, 5L, 7L, 0L, 16L
+
+#define SN_biometricInfo "biometricInfo"
+#define LN_biometricInfo "Biometric Info"
+#define NID_biometricInfo 285
+#define OBJ_biometricInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 2L
+
+#define SN_qcStatements "qcStatements"
+#define NID_qcStatements 286
+#define OBJ_qcStatements 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 3L
+
+#define SN_ac_auditEntity "ac-auditEntity"
+#define NID_ac_auditEntity 287
+#define OBJ_ac_auditEntity 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 4L
+
+#define SN_ac_targeting "ac-targeting"
+#define NID_ac_targeting 288
+#define OBJ_ac_targeting 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 5L
+
+#define SN_aaControls "aaControls"
+#define NID_aaControls 289
+#define OBJ_aaControls 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 6L
+
+#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
+#define NID_sbgp_ipAddrBlock 290
+#define OBJ_sbgp_ipAddrBlock 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 7L
+
+#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
+#define NID_sbgp_autonomousSysNum 291
+#define OBJ_sbgp_autonomousSysNum 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 8L
+
+#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
+#define NID_sbgp_routerIdentifier 292
+#define OBJ_sbgp_routerIdentifier 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 9L
+
+#define SN_textNotice "textNotice"
+#define NID_textNotice 293
+#define OBJ_textNotice 1L, 3L, 6L, 1L, 5L, 5L, 7L, 2L, 3L
+
+#define SN_ipsecEndSystem "ipsecEndSystem"
+#define LN_ipsecEndSystem "IPSec End System"
+#define NID_ipsecEndSystem 294
+#define OBJ_ipsecEndSystem 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 5L
+
+#define SN_ipsecTunnel "ipsecTunnel"
+#define LN_ipsecTunnel "IPSec Tunnel"
+#define NID_ipsecTunnel 295
+#define OBJ_ipsecTunnel 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 6L
+
+#define SN_ipsecUser "ipsecUser"
+#define LN_ipsecUser "IPSec User"
+#define NID_ipsecUser 296
+#define OBJ_ipsecUser 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 7L
+
+#define SN_dvcs "DVCS"
+#define LN_dvcs "dvcs"
+#define NID_dvcs 297
+#define OBJ_dvcs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 3L, 10L
+
+#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
+#define NID_id_it_caProtEncCert 298
+#define OBJ_id_it_caProtEncCert 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 1L
+
+#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
+#define NID_id_it_signKeyPairTypes 299
+#define OBJ_id_it_signKeyPairTypes 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 2L
+
+#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
+#define NID_id_it_encKeyPairTypes 300
+#define OBJ_id_it_encKeyPairTypes 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 3L
+
+#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
+#define NID_id_it_preferredSymmAlg 301
+#define OBJ_id_it_preferredSymmAlg 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 4L
+
+#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
+#define NID_id_it_caKeyUpdateInfo 302
+#define OBJ_id_it_caKeyUpdateInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 5L
+
+#define SN_id_it_currentCRL "id-it-currentCRL"
+#define NID_id_it_currentCRL 303
+#define OBJ_id_it_currentCRL 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 6L
+
+#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
+#define NID_id_it_unsupportedOIDs 304
+#define OBJ_id_it_unsupportedOIDs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 7L
+
+#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
+#define NID_id_it_subscriptionRequest 305
+#define OBJ_id_it_subscriptionRequest 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 8L
+
+#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
+#define NID_id_it_subscriptionResponse 306
+#define OBJ_id_it_subscriptionResponse 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 9L
+
+#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
+#define NID_id_it_keyPairParamReq 307
+#define OBJ_id_it_keyPairParamReq 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 10L
+
+#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
+#define NID_id_it_keyPairParamRep 308
+#define OBJ_id_it_keyPairParamRep 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 11L
+
+#define SN_id_it_revPassphrase "id-it-revPassphrase"
+#define NID_id_it_revPassphrase 309
+#define OBJ_id_it_revPassphrase 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 12L
+
+#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
+#define NID_id_it_implicitConfirm 310
+#define OBJ_id_it_implicitConfirm 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 13L
+
+#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
+#define NID_id_it_confirmWaitTime 311
+#define OBJ_id_it_confirmWaitTime 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 14L
+
+#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
+#define NID_id_it_origPKIMessage 312
+#define OBJ_id_it_origPKIMessage 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 15L
+
+#define SN_id_regCtrl "id-regCtrl"
+#define NID_id_regCtrl 313
+#define OBJ_id_regCtrl 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L
+
+#define SN_id_regInfo "id-regInfo"
+#define NID_id_regInfo 314
+#define OBJ_id_regInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 2L
+
+#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
+#define NID_id_regCtrl_regToken 315
+#define OBJ_id_regCtrl_regToken 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 1L
+
+#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
+#define NID_id_regCtrl_authenticator 316
+#define OBJ_id_regCtrl_authenticator 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 2L
+
+#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
+#define NID_id_regCtrl_pkiPublicationInfo 317
+#define OBJ_id_regCtrl_pkiPublicationInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 3L
+
+#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
+#define NID_id_regCtrl_pkiArchiveOptions 318
+#define OBJ_id_regCtrl_pkiArchiveOptions 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 4L
+
+#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
+#define NID_id_regCtrl_oldCertID 319
+#define OBJ_id_regCtrl_oldCertID 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 5L
+
+#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
+#define NID_id_regCtrl_protocolEncrKey 320
+#define OBJ_id_regCtrl_protocolEncrKey 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 1L, 6L
+
+#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
+#define NID_id_regInfo_utf8Pairs 321
+#define OBJ_id_regInfo_utf8Pairs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 2L, 1L
+
+#define SN_id_regInfo_certReq "id-regInfo-certReq"
+#define NID_id_regInfo_certReq 322
+#define OBJ_id_regInfo_certReq 1L, 3L, 6L, 1L, 5L, 5L, 7L, 5L, 2L, 2L
+
+#define SN_id_alg_des40 "id-alg-des40"
+#define NID_id_alg_des40 323
+#define OBJ_id_alg_des40 1L, 3L, 6L, 1L, 5L, 5L, 7L, 6L, 1L
+
+#define SN_id_alg_noSignature "id-alg-noSignature"
+#define NID_id_alg_noSignature 324
+#define OBJ_id_alg_noSignature 1L, 3L, 6L, 1L, 5L, 5L, 7L, 6L, 2L
+
+#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
+#define NID_id_alg_dh_sig_hmac_sha1 325
+#define OBJ_id_alg_dh_sig_hmac_sha1 1L, 3L, 6L, 1L, 5L, 5L, 7L, 6L, 3L
+
+#define SN_id_alg_dh_pop "id-alg-dh-pop"
+#define NID_id_alg_dh_pop 326
+#define OBJ_id_alg_dh_pop 1L, 3L, 6L, 1L, 5L, 5L, 7L, 6L, 4L
+
+#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
+#define NID_id_cmc_statusInfo 327
+#define OBJ_id_cmc_statusInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 1L
+
+#define SN_id_cmc_identification "id-cmc-identification"
+#define NID_id_cmc_identification 328
+#define OBJ_id_cmc_identification 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 2L
+
+#define SN_id_cmc_identityProof "id-cmc-identityProof"
+#define NID_id_cmc_identityProof 329
+#define OBJ_id_cmc_identityProof 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 3L
+
+#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
+#define NID_id_cmc_dataReturn 330
+#define OBJ_id_cmc_dataReturn 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 4L
+
+#define SN_id_cmc_transactionId "id-cmc-transactionId"
+#define NID_id_cmc_transactionId 331
+#define OBJ_id_cmc_transactionId 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 5L
+
+#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
+#define NID_id_cmc_senderNonce 332
+#define OBJ_id_cmc_senderNonce 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 6L
+
+#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
+#define NID_id_cmc_recipientNonce 333
+#define OBJ_id_cmc_recipientNonce 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 7L
+
+#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
+#define NID_id_cmc_addExtensions 334
+#define OBJ_id_cmc_addExtensions 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 8L
+
+#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
+#define NID_id_cmc_encryptedPOP 335
+#define OBJ_id_cmc_encryptedPOP 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 9L
+
+#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
+#define NID_id_cmc_decryptedPOP 336
+#define OBJ_id_cmc_decryptedPOP 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 10L
+
+#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
+#define NID_id_cmc_lraPOPWitness 337
+#define OBJ_id_cmc_lraPOPWitness 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 11L
+
+#define SN_id_cmc_getCert "id-cmc-getCert"
+#define NID_id_cmc_getCert 338
+#define OBJ_id_cmc_getCert 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 15L
+
+#define SN_id_cmc_getCRL "id-cmc-getCRL"
+#define NID_id_cmc_getCRL 339
+#define OBJ_id_cmc_getCRL 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 16L
+
+#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
+#define NID_id_cmc_revokeRequest 340
+#define OBJ_id_cmc_revokeRequest 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 17L
+
+#define SN_id_cmc_regInfo "id-cmc-regInfo"
+#define NID_id_cmc_regInfo 341
+#define OBJ_id_cmc_regInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 18L
+
+#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
+#define NID_id_cmc_responseInfo 342
+#define OBJ_id_cmc_responseInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 19L
+
+#define SN_id_cmc_queryPending "id-cmc-queryPending"
+#define NID_id_cmc_queryPending 343
+#define OBJ_id_cmc_queryPending 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 21L
+
+#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
+#define NID_id_cmc_popLinkRandom 344
+#define OBJ_id_cmc_popLinkRandom 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 22L
+
+#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
+#define NID_id_cmc_popLinkWitness 345
+#define OBJ_id_cmc_popLinkWitness 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 23L
+
+#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
+#define NID_id_cmc_confirmCertAcceptance 346
+#define OBJ_id_cmc_confirmCertAcceptance 1L, 3L, 6L, 1L, 5L, 5L, 7L, 7L, 24L
+
+#define SN_id_on_personalData "id-on-personalData"
+#define NID_id_on_personalData 347
+#define OBJ_id_on_personalData 1L, 3L, 6L, 1L, 5L, 5L, 7L, 8L, 1L
+
+#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
+#define NID_id_pda_dateOfBirth 348
+#define OBJ_id_pda_dateOfBirth 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L, 1L
+
+#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
+#define NID_id_pda_placeOfBirth 349
+#define OBJ_id_pda_placeOfBirth 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L, 2L
+
+#define SN_id_pda_gender "id-pda-gender"
+#define NID_id_pda_gender 351
+#define OBJ_id_pda_gender 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L, 3L
+
+#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
+#define NID_id_pda_countryOfCitizenship 352
+#define OBJ_id_pda_countryOfCitizenship 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L, 4L
+
+#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
+#define NID_id_pda_countryOfResidence 353
+#define OBJ_id_pda_countryOfResidence 1L, 3L, 6L, 1L, 5L, 5L, 7L, 9L, 5L
+
+#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
+#define NID_id_aca_authenticationInfo 354
+#define OBJ_id_aca_authenticationInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 1L
+
+#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
+#define NID_id_aca_accessIdentity 355
+#define OBJ_id_aca_accessIdentity 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 2L
+
+#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
+#define NID_id_aca_chargingIdentity 356
+#define OBJ_id_aca_chargingIdentity 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 3L
+
+#define SN_id_aca_group "id-aca-group"
+#define NID_id_aca_group 357
+#define OBJ_id_aca_group 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 4L
+
+#define SN_id_aca_role "id-aca-role"
+#define NID_id_aca_role 358
+#define OBJ_id_aca_role 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 5L
+
+#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
+#define NID_id_qcs_pkixQCSyntax_v1 359
+#define OBJ_id_qcs_pkixQCSyntax_v1 1L, 3L, 6L, 1L, 5L, 5L, 7L, 11L, 1L
+
+#define SN_id_cct_crs "id-cct-crs"
+#define NID_id_cct_crs 360
+#define OBJ_id_cct_crs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 12L, 1L
+
+#define SN_id_cct_PKIData "id-cct-PKIData"
+#define NID_id_cct_PKIData 361
+#define OBJ_id_cct_PKIData 1L, 3L, 6L, 1L, 5L, 5L, 7L, 12L, 2L
+
+#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
+#define NID_id_cct_PKIResponse 362
+#define OBJ_id_cct_PKIResponse 1L, 3L, 6L, 1L, 5L, 5L, 7L, 12L, 3L
+
+#define SN_ad_timeStamping "ad_timestamping"
+#define LN_ad_timeStamping "AD Time Stamping"
+#define NID_ad_timeStamping 363
+#define OBJ_ad_timeStamping 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 3L
+
+#define SN_ad_dvcs "AD_DVCS"
+#define LN_ad_dvcs "ad dvcs"
+#define NID_ad_dvcs 364
+#define OBJ_ad_dvcs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 4L
+
+#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
+#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
+#define NID_id_pkix_OCSP_basic 365
+#define OBJ_id_pkix_OCSP_basic 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 1L
+
+#define SN_id_pkix_OCSP_Nonce "Nonce"
+#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
+#define NID_id_pkix_OCSP_Nonce 366
+#define OBJ_id_pkix_OCSP_Nonce 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 2L
+
+#define SN_id_pkix_OCSP_CrlID "CrlID"
+#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
+#define NID_id_pkix_OCSP_CrlID 367
+#define OBJ_id_pkix_OCSP_CrlID 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 3L
+
+#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
+#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
+#define NID_id_pkix_OCSP_acceptableResponses 368
+#define OBJ_id_pkix_OCSP_acceptableResponses \
+ 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 4L
+
+#define SN_id_pkix_OCSP_noCheck "noCheck"
+#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
+#define NID_id_pkix_OCSP_noCheck 369
+#define OBJ_id_pkix_OCSP_noCheck 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 5L
+
+#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
+#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
+#define NID_id_pkix_OCSP_archiveCutoff 370
+#define OBJ_id_pkix_OCSP_archiveCutoff 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 6L
+
+#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
+#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
+#define NID_id_pkix_OCSP_serviceLocator 371
+#define OBJ_id_pkix_OCSP_serviceLocator 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 7L
+
+#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
+#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
+#define NID_id_pkix_OCSP_extendedStatus 372
+#define OBJ_id_pkix_OCSP_extendedStatus 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 8L
+
+#define SN_id_pkix_OCSP_valid "valid"
+#define NID_id_pkix_OCSP_valid 373
+#define OBJ_id_pkix_OCSP_valid 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 9L
+
+#define SN_id_pkix_OCSP_path "path"
+#define NID_id_pkix_OCSP_path 374
+#define OBJ_id_pkix_OCSP_path 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 10L
+
+#define SN_id_pkix_OCSP_trustRoot "trustRoot"
+#define LN_id_pkix_OCSP_trustRoot "Trust Root"
+#define NID_id_pkix_OCSP_trustRoot 375
+#define OBJ_id_pkix_OCSP_trustRoot 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 1L, 11L
+
+#define SN_algorithm "algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 376
+#define OBJ_algorithm 1L, 3L, 14L, 3L, 2L
+
+#define SN_rsaSignature "rsaSignature"
+#define NID_rsaSignature 377
+#define OBJ_rsaSignature 1L, 3L, 14L, 3L, 2L, 11L
+
+#define SN_X500algorithms "X500algorithms"
+#define LN_X500algorithms "directory services - algorithms"
+#define NID_X500algorithms 378
+#define OBJ_X500algorithms 2L, 5L, 8L
+
+#define SN_org "ORG"
+#define LN_org "org"
+#define NID_org 379
+#define OBJ_org 1L, 3L
+
+#define SN_dod "DOD"
+#define LN_dod "dod"
+#define NID_dod 380
+#define OBJ_dod 1L, 3L, 6L
+
+#define SN_iana "IANA"
+#define LN_iana "iana"
+#define NID_iana 381
+#define OBJ_iana 1L, 3L, 6L, 1L
+
+#define SN_Directory "directory"
+#define LN_Directory "Directory"
+#define NID_Directory 382
+#define OBJ_Directory 1L, 3L, 6L, 1L, 1L
+
+#define SN_Management "mgmt"
+#define LN_Management "Management"
+#define NID_Management 383
+#define OBJ_Management 1L, 3L, 6L, 1L, 2L
+
+#define SN_Experimental "experimental"
+#define LN_Experimental "Experimental"
+#define NID_Experimental 384
+#define OBJ_Experimental 1L, 3L, 6L, 1L, 3L
+
+#define SN_Private "private"
+#define LN_Private "Private"
+#define NID_Private 385
+#define OBJ_Private 1L, 3L, 6L, 1L, 4L
+
+#define SN_Security "security"
+#define LN_Security "Security"
+#define NID_Security 386
+#define OBJ_Security 1L, 3L, 6L, 1L, 5L
+
+#define SN_SNMPv2 "snmpv2"
+#define LN_SNMPv2 "SNMPv2"
+#define NID_SNMPv2 387
+#define OBJ_SNMPv2 1L, 3L, 6L, 1L, 6L
+
+#define LN_Mail "Mail"
+#define NID_Mail 388
+#define OBJ_Mail 1L, 3L, 6L, 1L, 7L
+
+#define SN_Enterprises "enterprises"
+#define LN_Enterprises "Enterprises"
+#define NID_Enterprises 389
+#define OBJ_Enterprises 1L, 3L, 6L, 1L, 4L, 1L
+
+#define SN_dcObject "dcobject"
+#define LN_dcObject "dcObject"
+#define NID_dcObject 390
+#define OBJ_dcObject 1L, 3L, 6L, 1L, 4L, 1L, 1466L, 344L
+
+#define SN_domainComponent "DC"
+#define LN_domainComponent "domainComponent"
+#define NID_domainComponent 391
+#define OBJ_domainComponent 0L, 9L, 2342L, 19200300L, 100L, 1L, 25L
+
+#define SN_Domain "domain"
+#define LN_Domain "Domain"
+#define NID_Domain 392
+#define OBJ_Domain 0L, 9L, 2342L, 19200300L, 100L, 4L, 13L
+
+#define SN_selected_attribute_types "selected-attribute-types"
+#define LN_selected_attribute_types "Selected Attribute Types"
+#define NID_selected_attribute_types 394
+#define OBJ_selected_attribute_types 2L, 5L, 1L, 5L
+
+#define SN_clearance "clearance"
+#define NID_clearance 395
+#define OBJ_clearance 2L, 5L, 1L, 5L, 55L
+
+#define SN_md4WithRSAEncryption "RSA-MD4"
+#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
+#define NID_md4WithRSAEncryption 396
+#define OBJ_md4WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 3L
+
+#define SN_ac_proxying "ac-proxying"
+#define NID_ac_proxying 397
+#define OBJ_ac_proxying 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 10L
+
+#define SN_sinfo_access "subjectInfoAccess"
+#define LN_sinfo_access "Subject Information Access"
+#define NID_sinfo_access 398
+#define OBJ_sinfo_access 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 11L
+
+#define SN_id_aca_encAttrs "id-aca-encAttrs"
+#define NID_id_aca_encAttrs 399
+#define OBJ_id_aca_encAttrs 1L, 3L, 6L, 1L, 5L, 5L, 7L, 10L, 6L
+
+#define SN_role "role"
+#define LN_role "role"
+#define NID_role 400
+#define OBJ_role 2L, 5L, 4L, 72L
+
+#define SN_policy_constraints "policyConstraints"
+#define LN_policy_constraints "X509v3 Policy Constraints"
+#define NID_policy_constraints 401
+#define OBJ_policy_constraints 2L, 5L, 29L, 36L
+
+#define SN_target_information "targetInformation"
+#define LN_target_information "X509v3 AC Targeting"
+#define NID_target_information 402
+#define OBJ_target_information 2L, 5L, 29L, 55L
+
+#define SN_no_rev_avail "noRevAvail"
+#define LN_no_rev_avail "X509v3 No Revocation Available"
+#define NID_no_rev_avail 403
+#define OBJ_no_rev_avail 2L, 5L, 29L, 56L
+
+#define SN_ansi_X9_62 "ansi-X9-62"
+#define LN_ansi_X9_62 "ANSI X9.62"
+#define NID_ansi_X9_62 405
+#define OBJ_ansi_X9_62 1L, 2L, 840L, 10045L
+
+#define SN_X9_62_prime_field "prime-field"
+#define NID_X9_62_prime_field 406
+#define OBJ_X9_62_prime_field 1L, 2L, 840L, 10045L, 1L, 1L
+
+#define SN_X9_62_characteristic_two_field "characteristic-two-field"
+#define NID_X9_62_characteristic_two_field 407
+#define OBJ_X9_62_characteristic_two_field 1L, 2L, 840L, 10045L, 1L, 2L
+
+#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
+#define NID_X9_62_id_ecPublicKey 408
+#define OBJ_X9_62_id_ecPublicKey 1L, 2L, 840L, 10045L, 2L, 1L
+
+#define SN_X9_62_prime192v1 "prime192v1"
+#define NID_X9_62_prime192v1 409
+#define OBJ_X9_62_prime192v1 1L, 2L, 840L, 10045L, 3L, 1L, 1L
+
+#define SN_X9_62_prime192v2 "prime192v2"
+#define NID_X9_62_prime192v2 410
+#define OBJ_X9_62_prime192v2 1L, 2L, 840L, 10045L, 3L, 1L, 2L
+
+#define SN_X9_62_prime192v3 "prime192v3"
+#define NID_X9_62_prime192v3 411
+#define OBJ_X9_62_prime192v3 1L, 2L, 840L, 10045L, 3L, 1L, 3L
+
+#define SN_X9_62_prime239v1 "prime239v1"
+#define NID_X9_62_prime239v1 412
+#define OBJ_X9_62_prime239v1 1L, 2L, 840L, 10045L, 3L, 1L, 4L
+
+#define SN_X9_62_prime239v2 "prime239v2"
+#define NID_X9_62_prime239v2 413
+#define OBJ_X9_62_prime239v2 1L, 2L, 840L, 10045L, 3L, 1L, 5L
+
+#define SN_X9_62_prime239v3 "prime239v3"
+#define NID_X9_62_prime239v3 414
+#define OBJ_X9_62_prime239v3 1L, 2L, 840L, 10045L, 3L, 1L, 6L
+
+#define SN_X9_62_prime256v1 "prime256v1"
+#define NID_X9_62_prime256v1 415
+#define OBJ_X9_62_prime256v1 1L, 2L, 840L, 10045L, 3L, 1L, 7L
+
+#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
+#define NID_ecdsa_with_SHA1 416
+#define OBJ_ecdsa_with_SHA1 1L, 2L, 840L, 10045L, 4L, 1L
+
+#define SN_ms_csp_name "CSPName"
+#define LN_ms_csp_name "Microsoft CSP Name"
+#define NID_ms_csp_name 417
+#define OBJ_ms_csp_name 1L, 3L, 6L, 1L, 4L, 1L, 311L, 17L, 1L
#define SN_aes_128_ecb "AES-128-ECB"
#define LN_aes_128_ecb "aes-128-ecb"
#define NID_aes_128_ecb 418
-#define OBJ_aes_128_ecb OBJ_aes,1L
+#define OBJ_aes_128_ecb 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 1L
#define SN_aes_128_cbc "AES-128-CBC"
#define LN_aes_128_cbc "aes-128-cbc"
#define NID_aes_128_cbc 419
-#define OBJ_aes_128_cbc OBJ_aes,2L
+#define OBJ_aes_128_cbc 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 2L
#define SN_aes_128_ofb128 "AES-128-OFB"
#define LN_aes_128_ofb128 "aes-128-ofb"
#define NID_aes_128_ofb128 420
-#define OBJ_aes_128_ofb128 OBJ_aes,3L
+#define OBJ_aes_128_ofb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 3L
#define SN_aes_128_cfb128 "AES-128-CFB"
#define LN_aes_128_cfb128 "aes-128-cfb"
#define NID_aes_128_cfb128 421
-#define OBJ_aes_128_cfb128 OBJ_aes,4L
-
-#define SN_id_aes128_wrap "id-aes128-wrap"
-#define NID_id_aes128_wrap 788
-#define OBJ_id_aes128_wrap OBJ_aes,5L
-
-#define SN_aes_128_gcm "id-aes128-GCM"
-#define LN_aes_128_gcm "aes-128-gcm"
-#define NID_aes_128_gcm 895
-#define OBJ_aes_128_gcm OBJ_aes,6L
-
-#define SN_aes_128_ccm "id-aes128-CCM"
-#define LN_aes_128_ccm "aes-128-ccm"
-#define NID_aes_128_ccm 896
-#define OBJ_aes_128_ccm OBJ_aes,7L
-
-#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
-#define NID_id_aes128_wrap_pad 897
-#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
+#define OBJ_aes_128_cfb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 4L
#define SN_aes_192_ecb "AES-192-ECB"
#define LN_aes_192_ecb "aes-192-ecb"
#define NID_aes_192_ecb 422
-#define OBJ_aes_192_ecb OBJ_aes,21L
+#define OBJ_aes_192_ecb 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 21L
#define SN_aes_192_cbc "AES-192-CBC"
#define LN_aes_192_cbc "aes-192-cbc"
#define NID_aes_192_cbc 423
-#define OBJ_aes_192_cbc OBJ_aes,22L
+#define OBJ_aes_192_cbc 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 22L
#define SN_aes_192_ofb128 "AES-192-OFB"
#define LN_aes_192_ofb128 "aes-192-ofb"
#define NID_aes_192_ofb128 424
-#define OBJ_aes_192_ofb128 OBJ_aes,23L
+#define OBJ_aes_192_ofb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 23L
#define SN_aes_192_cfb128 "AES-192-CFB"
#define LN_aes_192_cfb128 "aes-192-cfb"
#define NID_aes_192_cfb128 425
-#define OBJ_aes_192_cfb128 OBJ_aes,24L
-
-#define SN_id_aes192_wrap "id-aes192-wrap"
-#define NID_id_aes192_wrap 789
-#define OBJ_id_aes192_wrap OBJ_aes,25L
-
-#define SN_aes_192_gcm "id-aes192-GCM"
-#define LN_aes_192_gcm "aes-192-gcm"
-#define NID_aes_192_gcm 898
-#define OBJ_aes_192_gcm OBJ_aes,26L
-
-#define SN_aes_192_ccm "id-aes192-CCM"
-#define LN_aes_192_ccm "aes-192-ccm"
-#define NID_aes_192_ccm 899
-#define OBJ_aes_192_ccm OBJ_aes,27L
-
-#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
-#define NID_id_aes192_wrap_pad 900
-#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
+#define OBJ_aes_192_cfb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 24L
#define SN_aes_256_ecb "AES-256-ECB"
#define LN_aes_256_ecb "aes-256-ecb"
#define NID_aes_256_ecb 426
-#define OBJ_aes_256_ecb OBJ_aes,41L
+#define OBJ_aes_256_ecb 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 41L
#define SN_aes_256_cbc "AES-256-CBC"
#define LN_aes_256_cbc "aes-256-cbc"
#define NID_aes_256_cbc 427
-#define OBJ_aes_256_cbc OBJ_aes,42L
+#define OBJ_aes_256_cbc 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 42L
#define SN_aes_256_ofb128 "AES-256-OFB"
#define LN_aes_256_ofb128 "aes-256-ofb"
#define NID_aes_256_ofb128 428
-#define OBJ_aes_256_ofb128 OBJ_aes,43L
+#define OBJ_aes_256_ofb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 43L
#define SN_aes_256_cfb128 "AES-256-CFB"
#define LN_aes_256_cfb128 "aes-256-cfb"
#define NID_aes_256_cfb128 429
-#define OBJ_aes_256_cfb128 OBJ_aes,44L
+#define OBJ_aes_256_cfb128 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 44L
-#define SN_id_aes256_wrap "id-aes256-wrap"
-#define NID_id_aes256_wrap 790
-#define OBJ_id_aes256_wrap OBJ_aes,45L
+#define SN_hold_instruction_code "holdInstructionCode"
+#define LN_hold_instruction_code "Hold Instruction Code"
+#define NID_hold_instruction_code 430
+#define OBJ_hold_instruction_code 2L, 5L, 29L, 23L
-#define SN_aes_256_gcm "id-aes256-GCM"
-#define LN_aes_256_gcm "aes-256-gcm"
-#define NID_aes_256_gcm 901
-#define OBJ_aes_256_gcm OBJ_aes,46L
+#define SN_hold_instruction_none "holdInstructionNone"
+#define LN_hold_instruction_none "Hold Instruction None"
+#define NID_hold_instruction_none 431
+#define OBJ_hold_instruction_none 1L, 2L, 840L, 10040L, 2L, 1L
-#define SN_aes_256_ccm "id-aes256-CCM"
-#define LN_aes_256_ccm "aes-256-ccm"
-#define NID_aes_256_ccm 902
-#define OBJ_aes_256_ccm OBJ_aes,47L
+#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
+#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
+#define NID_hold_instruction_call_issuer 432
+#define OBJ_hold_instruction_call_issuer 1L, 2L, 840L, 10040L, 2L, 2L
-#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
-#define NID_id_aes256_wrap_pad 903
-#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
+#define SN_hold_instruction_reject "holdInstructionReject"
+#define LN_hold_instruction_reject "Hold Instruction Reject"
+#define NID_hold_instruction_reject 433
+#define OBJ_hold_instruction_reject 1L, 2L, 840L, 10040L, 2L, 3L
+
+#define SN_data "data"
+#define NID_data 434
+#define OBJ_data 0L, 9L
+
+#define SN_pss "pss"
+#define NID_pss 435
+#define OBJ_pss 0L, 9L, 2342L
+
+#define SN_ucl "ucl"
+#define NID_ucl 436
+#define OBJ_ucl 0L, 9L, 2342L, 19200300L
+
+#define SN_pilot "pilot"
+#define NID_pilot 437
+#define OBJ_pilot 0L, 9L, 2342L, 19200300L, 100L
+
+#define LN_pilotAttributeType "pilotAttributeType"
+#define NID_pilotAttributeType 438
+#define OBJ_pilotAttributeType 0L, 9L, 2342L, 19200300L, 100L, 1L
+
+#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
+#define NID_pilotAttributeSyntax 439
+#define OBJ_pilotAttributeSyntax 0L, 9L, 2342L, 19200300L, 100L, 3L
+
+#define LN_pilotObjectClass "pilotObjectClass"
+#define NID_pilotObjectClass 440
+#define OBJ_pilotObjectClass 0L, 9L, 2342L, 19200300L, 100L, 4L
+
+#define LN_pilotGroups "pilotGroups"
+#define NID_pilotGroups 441
+#define OBJ_pilotGroups 0L, 9L, 2342L, 19200300L, 100L, 10L
+
+#define LN_iA5StringSyntax "iA5StringSyntax"
+#define NID_iA5StringSyntax 442
+#define OBJ_iA5StringSyntax 0L, 9L, 2342L, 19200300L, 100L, 3L, 4L
+
+#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
+#define NID_caseIgnoreIA5StringSyntax 443
+#define OBJ_caseIgnoreIA5StringSyntax 0L, 9L, 2342L, 19200300L, 100L, 3L, 5L
+
+#define LN_pilotObject "pilotObject"
+#define NID_pilotObject 444
+#define OBJ_pilotObject 0L, 9L, 2342L, 19200300L, 100L, 4L, 3L
+
+#define LN_pilotPerson "pilotPerson"
+#define NID_pilotPerson 445
+#define OBJ_pilotPerson 0L, 9L, 2342L, 19200300L, 100L, 4L, 4L
+
+#define SN_account "account"
+#define NID_account 446
+#define OBJ_account 0L, 9L, 2342L, 19200300L, 100L, 4L, 5L
+
+#define SN_document "document"
+#define NID_document 447
+#define OBJ_document 0L, 9L, 2342L, 19200300L, 100L, 4L, 6L
+
+#define SN_room "room"
+#define NID_room 448
+#define OBJ_room 0L, 9L, 2342L, 19200300L, 100L, 4L, 7L
+
+#define LN_documentSeries "documentSeries"
+#define NID_documentSeries 449
+#define OBJ_documentSeries 0L, 9L, 2342L, 19200300L, 100L, 4L, 9L
+
+#define LN_rFC822localPart "rFC822localPart"
+#define NID_rFC822localPart 450
+#define OBJ_rFC822localPart 0L, 9L, 2342L, 19200300L, 100L, 4L, 14L
+
+#define LN_dNSDomain "dNSDomain"
+#define NID_dNSDomain 451
+#define OBJ_dNSDomain 0L, 9L, 2342L, 19200300L, 100L, 4L, 15L
+
+#define LN_domainRelatedObject "domainRelatedObject"
+#define NID_domainRelatedObject 452
+#define OBJ_domainRelatedObject 0L, 9L, 2342L, 19200300L, 100L, 4L, 17L
+
+#define LN_friendlyCountry "friendlyCountry"
+#define NID_friendlyCountry 453
+#define OBJ_friendlyCountry 0L, 9L, 2342L, 19200300L, 100L, 4L, 18L
+
+#define LN_simpleSecurityObject "simpleSecurityObject"
+#define NID_simpleSecurityObject 454
+#define OBJ_simpleSecurityObject 0L, 9L, 2342L, 19200300L, 100L, 4L, 19L
+
+#define LN_pilotOrganization "pilotOrganization"
+#define NID_pilotOrganization 455
+#define OBJ_pilotOrganization 0L, 9L, 2342L, 19200300L, 100L, 4L, 20L
+
+#define LN_pilotDSA "pilotDSA"
+#define NID_pilotDSA 456
+#define OBJ_pilotDSA 0L, 9L, 2342L, 19200300L, 100L, 4L, 21L
+
+#define LN_qualityLabelledData "qualityLabelledData"
+#define NID_qualityLabelledData 457
+#define OBJ_qualityLabelledData 0L, 9L, 2342L, 19200300L, 100L, 4L, 22L
+
+#define SN_userId "UID"
+#define LN_userId "userId"
+#define NID_userId 458
+#define OBJ_userId 0L, 9L, 2342L, 19200300L, 100L, 1L, 1L
+
+#define LN_textEncodedORAddress "textEncodedORAddress"
+#define NID_textEncodedORAddress 459
+#define OBJ_textEncodedORAddress 0L, 9L, 2342L, 19200300L, 100L, 1L, 2L
+
+#define SN_rfc822Mailbox "mail"
+#define LN_rfc822Mailbox "rfc822Mailbox"
+#define NID_rfc822Mailbox 460
+#define OBJ_rfc822Mailbox 0L, 9L, 2342L, 19200300L, 100L, 1L, 3L
+
+#define SN_info "info"
+#define NID_info 461
+#define OBJ_info 0L, 9L, 2342L, 19200300L, 100L, 1L, 4L
+
+#define LN_favouriteDrink "favouriteDrink"
+#define NID_favouriteDrink 462
+#define OBJ_favouriteDrink 0L, 9L, 2342L, 19200300L, 100L, 1L, 5L
+
+#define LN_roomNumber "roomNumber"
+#define NID_roomNumber 463
+#define OBJ_roomNumber 0L, 9L, 2342L, 19200300L, 100L, 1L, 6L
+
+#define SN_photo "photo"
+#define NID_photo 464
+#define OBJ_photo 0L, 9L, 2342L, 19200300L, 100L, 1L, 7L
+
+#define LN_userClass "userClass"
+#define NID_userClass 465
+#define OBJ_userClass 0L, 9L, 2342L, 19200300L, 100L, 1L, 8L
+
+#define SN_host "host"
+#define NID_host 466
+#define OBJ_host 0L, 9L, 2342L, 19200300L, 100L, 1L, 9L
+
+#define SN_manager "manager"
+#define NID_manager 467
+#define OBJ_manager 0L, 9L, 2342L, 19200300L, 100L, 1L, 10L
+
+#define LN_documentIdentifier "documentIdentifier"
+#define NID_documentIdentifier 468
+#define OBJ_documentIdentifier 0L, 9L, 2342L, 19200300L, 100L, 1L, 11L
+
+#define LN_documentTitle "documentTitle"
+#define NID_documentTitle 469
+#define OBJ_documentTitle 0L, 9L, 2342L, 19200300L, 100L, 1L, 12L
+
+#define LN_documentVersion "documentVersion"
+#define NID_documentVersion 470
+#define OBJ_documentVersion 0L, 9L, 2342L, 19200300L, 100L, 1L, 13L
+
+#define LN_documentAuthor "documentAuthor"
+#define NID_documentAuthor 471
+#define OBJ_documentAuthor 0L, 9L, 2342L, 19200300L, 100L, 1L, 14L
+
+#define LN_documentLocation "documentLocation"
+#define NID_documentLocation 472
+#define OBJ_documentLocation 0L, 9L, 2342L, 19200300L, 100L, 1L, 15L
+
+#define LN_homeTelephoneNumber "homeTelephoneNumber"
+#define NID_homeTelephoneNumber 473
+#define OBJ_homeTelephoneNumber 0L, 9L, 2342L, 19200300L, 100L, 1L, 20L
+
+#define SN_secretary "secretary"
+#define NID_secretary 474
+#define OBJ_secretary 0L, 9L, 2342L, 19200300L, 100L, 1L, 21L
+
+#define LN_otherMailbox "otherMailbox"
+#define NID_otherMailbox 475
+#define OBJ_otherMailbox 0L, 9L, 2342L, 19200300L, 100L, 1L, 22L
+
+#define LN_lastModifiedTime "lastModifiedTime"
+#define NID_lastModifiedTime 476
+#define OBJ_lastModifiedTime 0L, 9L, 2342L, 19200300L, 100L, 1L, 23L
+
+#define LN_lastModifiedBy "lastModifiedBy"
+#define NID_lastModifiedBy 477
+#define OBJ_lastModifiedBy 0L, 9L, 2342L, 19200300L, 100L, 1L, 24L
+
+#define LN_aRecord "aRecord"
+#define NID_aRecord 478
+#define OBJ_aRecord 0L, 9L, 2342L, 19200300L, 100L, 1L, 26L
+
+#define LN_pilotAttributeType27 "pilotAttributeType27"
+#define NID_pilotAttributeType27 479
+#define OBJ_pilotAttributeType27 0L, 9L, 2342L, 19200300L, 100L, 1L, 27L
+
+#define LN_mXRecord "mXRecord"
+#define NID_mXRecord 480
+#define OBJ_mXRecord 0L, 9L, 2342L, 19200300L, 100L, 1L, 28L
+
+#define LN_nSRecord "nSRecord"
+#define NID_nSRecord 481
+#define OBJ_nSRecord 0L, 9L, 2342L, 19200300L, 100L, 1L, 29L
+
+#define LN_sOARecord "sOARecord"
+#define NID_sOARecord 482
+#define OBJ_sOARecord 0L, 9L, 2342L, 19200300L, 100L, 1L, 30L
+
+#define LN_cNAMERecord "cNAMERecord"
+#define NID_cNAMERecord 483
+#define OBJ_cNAMERecord 0L, 9L, 2342L, 19200300L, 100L, 1L, 31L
+
+#define LN_associatedDomain "associatedDomain"
+#define NID_associatedDomain 484
+#define OBJ_associatedDomain 0L, 9L, 2342L, 19200300L, 100L, 1L, 37L
+
+#define LN_associatedName "associatedName"
+#define NID_associatedName 485
+#define OBJ_associatedName 0L, 9L, 2342L, 19200300L, 100L, 1L, 38L
+
+#define LN_homePostalAddress "homePostalAddress"
+#define NID_homePostalAddress 486
+#define OBJ_homePostalAddress 0L, 9L, 2342L, 19200300L, 100L, 1L, 39L
+
+#define LN_personalTitle "personalTitle"
+#define NID_personalTitle 487
+#define OBJ_personalTitle 0L, 9L, 2342L, 19200300L, 100L, 1L, 40L
+
+#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
+#define NID_mobileTelephoneNumber 488
+#define OBJ_mobileTelephoneNumber 0L, 9L, 2342L, 19200300L, 100L, 1L, 41L
+
+#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
+#define NID_pagerTelephoneNumber 489
+#define OBJ_pagerTelephoneNumber 0L, 9L, 2342L, 19200300L, 100L, 1L, 42L
+
+#define LN_friendlyCountryName "friendlyCountryName"
+#define NID_friendlyCountryName 490
+#define OBJ_friendlyCountryName 0L, 9L, 2342L, 19200300L, 100L, 1L, 43L
+
+#define LN_organizationalStatus "organizationalStatus"
+#define NID_organizationalStatus 491
+#define OBJ_organizationalStatus 0L, 9L, 2342L, 19200300L, 100L, 1L, 45L
+
+#define LN_janetMailbox "janetMailbox"
+#define NID_janetMailbox 492
+#define OBJ_janetMailbox 0L, 9L, 2342L, 19200300L, 100L, 1L, 46L
+
+#define LN_mailPreferenceOption "mailPreferenceOption"
+#define NID_mailPreferenceOption 493
+#define OBJ_mailPreferenceOption 0L, 9L, 2342L, 19200300L, 100L, 1L, 47L
+
+#define LN_buildingName "buildingName"
+#define NID_buildingName 494
+#define OBJ_buildingName 0L, 9L, 2342L, 19200300L, 100L, 1L, 48L
+
+#define LN_dSAQuality "dSAQuality"
+#define NID_dSAQuality 495
+#define OBJ_dSAQuality 0L, 9L, 2342L, 19200300L, 100L, 1L, 49L
+
+#define LN_singleLevelQuality "singleLevelQuality"
+#define NID_singleLevelQuality 496
+#define OBJ_singleLevelQuality 0L, 9L, 2342L, 19200300L, 100L, 1L, 50L
+
+#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
+#define NID_subtreeMinimumQuality 497
+#define OBJ_subtreeMinimumQuality 0L, 9L, 2342L, 19200300L, 100L, 1L, 51L
+
+#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
+#define NID_subtreeMaximumQuality 498
+#define OBJ_subtreeMaximumQuality 0L, 9L, 2342L, 19200300L, 100L, 1L, 52L
+
+#define LN_personalSignature "personalSignature"
+#define NID_personalSignature 499
+#define OBJ_personalSignature 0L, 9L, 2342L, 19200300L, 100L, 1L, 53L
+
+#define LN_dITRedirect "dITRedirect"
+#define NID_dITRedirect 500
+#define OBJ_dITRedirect 0L, 9L, 2342L, 19200300L, 100L, 1L, 54L
+
+#define SN_audio "audio"
+#define NID_audio 501
+#define OBJ_audio 0L, 9L, 2342L, 19200300L, 100L, 1L, 55L
+
+#define LN_documentPublisher "documentPublisher"
+#define NID_documentPublisher 502
+#define OBJ_documentPublisher 0L, 9L, 2342L, 19200300L, 100L, 1L, 56L
+
+#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
+#define NID_x500UniqueIdentifier 503
+#define OBJ_x500UniqueIdentifier 2L, 5L, 4L, 45L
+
+#define SN_mime_mhs "mime-mhs"
+#define LN_mime_mhs "MIME MHS"
+#define NID_mime_mhs 504
+#define OBJ_mime_mhs 1L, 3L, 6L, 1L, 7L, 1L
+
+#define SN_mime_mhs_headings "mime-mhs-headings"
+#define LN_mime_mhs_headings "mime-mhs-headings"
+#define NID_mime_mhs_headings 505
+#define OBJ_mime_mhs_headings 1L, 3L, 6L, 1L, 7L, 1L, 1L
+
+#define SN_mime_mhs_bodies "mime-mhs-bodies"
+#define LN_mime_mhs_bodies "mime-mhs-bodies"
+#define NID_mime_mhs_bodies 506
+#define OBJ_mime_mhs_bodies 1L, 3L, 6L, 1L, 7L, 1L, 2L
+
+#define SN_id_hex_partial_message "id-hex-partial-message"
+#define LN_id_hex_partial_message "id-hex-partial-message"
+#define NID_id_hex_partial_message 507
+#define OBJ_id_hex_partial_message 1L, 3L, 6L, 1L, 7L, 1L, 1L, 1L
+
+#define SN_id_hex_multipart_message "id-hex-multipart-message"
+#define LN_id_hex_multipart_message "id-hex-multipart-message"
+#define NID_id_hex_multipart_message 508
+#define OBJ_id_hex_multipart_message 1L, 3L, 6L, 1L, 7L, 1L, 1L, 2L
+
+#define LN_generationQualifier "generationQualifier"
+#define NID_generationQualifier 509
+#define OBJ_generationQualifier 2L, 5L, 4L, 44L
+
+#define LN_pseudonym "pseudonym"
+#define NID_pseudonym 510
+#define OBJ_pseudonym 2L, 5L, 4L, 65L
+
+#define SN_id_set "id-set"
+#define LN_id_set "Secure Electronic Transactions"
+#define NID_id_set 512
+#define OBJ_id_set 2L, 23L, 42L
+
+#define SN_set_ctype "set-ctype"
+#define LN_set_ctype "content types"
+#define NID_set_ctype 513
+#define OBJ_set_ctype 2L, 23L, 42L, 0L
+
+#define SN_set_msgExt "set-msgExt"
+#define LN_set_msgExt "message extensions"
+#define NID_set_msgExt 514
+#define OBJ_set_msgExt 2L, 23L, 42L, 1L
+
+#define SN_set_attr "set-attr"
+#define NID_set_attr 515
+#define OBJ_set_attr 2L, 23L, 42L, 3L
+
+#define SN_set_policy "set-policy"
+#define NID_set_policy 516
+#define OBJ_set_policy 2L, 23L, 42L, 5L
+
+#define SN_set_certExt "set-certExt"
+#define LN_set_certExt "certificate extensions"
+#define NID_set_certExt 517
+#define OBJ_set_certExt 2L, 23L, 42L, 7L
+
+#define SN_set_brand "set-brand"
+#define NID_set_brand 518
+#define OBJ_set_brand 2L, 23L, 42L, 8L
+
+#define SN_setct_PANData "setct-PANData"
+#define NID_setct_PANData 519
+#define OBJ_setct_PANData 2L, 23L, 42L, 0L, 0L
+
+#define SN_setct_PANToken "setct-PANToken"
+#define NID_setct_PANToken 520
+#define OBJ_setct_PANToken 2L, 23L, 42L, 0L, 1L
+
+#define SN_setct_PANOnly "setct-PANOnly"
+#define NID_setct_PANOnly 521
+#define OBJ_setct_PANOnly 2L, 23L, 42L, 0L, 2L
+
+#define SN_setct_OIData "setct-OIData"
+#define NID_setct_OIData 522
+#define OBJ_setct_OIData 2L, 23L, 42L, 0L, 3L
+
+#define SN_setct_PI "setct-PI"
+#define NID_setct_PI 523
+#define OBJ_setct_PI 2L, 23L, 42L, 0L, 4L
+
+#define SN_setct_PIData "setct-PIData"
+#define NID_setct_PIData 524
+#define OBJ_setct_PIData 2L, 23L, 42L, 0L, 5L
+
+#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
+#define NID_setct_PIDataUnsigned 525
+#define OBJ_setct_PIDataUnsigned 2L, 23L, 42L, 0L, 6L
+
+#define SN_setct_HODInput "setct-HODInput"
+#define NID_setct_HODInput 526
+#define OBJ_setct_HODInput 2L, 23L, 42L, 0L, 7L
+
+#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
+#define NID_setct_AuthResBaggage 527
+#define OBJ_setct_AuthResBaggage 2L, 23L, 42L, 0L, 8L
+
+#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
+#define NID_setct_AuthRevReqBaggage 528
+#define OBJ_setct_AuthRevReqBaggage 2L, 23L, 42L, 0L, 9L
+
+#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
+#define NID_setct_AuthRevResBaggage 529
+#define OBJ_setct_AuthRevResBaggage 2L, 23L, 42L, 0L, 10L
+
+#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
+#define NID_setct_CapTokenSeq 530
+#define OBJ_setct_CapTokenSeq 2L, 23L, 42L, 0L, 11L
+
+#define SN_setct_PInitResData "setct-PInitResData"
+#define NID_setct_PInitResData 531
+#define OBJ_setct_PInitResData 2L, 23L, 42L, 0L, 12L
+
+#define SN_setct_PI_TBS "setct-PI-TBS"
+#define NID_setct_PI_TBS 532
+#define OBJ_setct_PI_TBS 2L, 23L, 42L, 0L, 13L
+
+#define SN_setct_PResData "setct-PResData"
+#define NID_setct_PResData 533
+#define OBJ_setct_PResData 2L, 23L, 42L, 0L, 14L
+
+#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
+#define NID_setct_AuthReqTBS 534
+#define OBJ_setct_AuthReqTBS 2L, 23L, 42L, 0L, 16L
+
+#define SN_setct_AuthResTBS "setct-AuthResTBS"
+#define NID_setct_AuthResTBS 535
+#define OBJ_setct_AuthResTBS 2L, 23L, 42L, 0L, 17L
+
+#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
+#define NID_setct_AuthResTBSX 536
+#define OBJ_setct_AuthResTBSX 2L, 23L, 42L, 0L, 18L
+
+#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
+#define NID_setct_AuthTokenTBS 537
+#define OBJ_setct_AuthTokenTBS 2L, 23L, 42L, 0L, 19L
+
+#define SN_setct_CapTokenData "setct-CapTokenData"
+#define NID_setct_CapTokenData 538
+#define OBJ_setct_CapTokenData 2L, 23L, 42L, 0L, 20L
+
+#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
+#define NID_setct_CapTokenTBS 539
+#define OBJ_setct_CapTokenTBS 2L, 23L, 42L, 0L, 21L
+
+#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
+#define NID_setct_AcqCardCodeMsg 540
+#define OBJ_setct_AcqCardCodeMsg 2L, 23L, 42L, 0L, 22L
+
+#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
+#define NID_setct_AuthRevReqTBS 541
+#define OBJ_setct_AuthRevReqTBS 2L, 23L, 42L, 0L, 23L
+
+#define SN_setct_AuthRevResData "setct-AuthRevResData"
+#define NID_setct_AuthRevResData 542
+#define OBJ_setct_AuthRevResData 2L, 23L, 42L, 0L, 24L
+
+#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
+#define NID_setct_AuthRevResTBS 543
+#define OBJ_setct_AuthRevResTBS 2L, 23L, 42L, 0L, 25L
+
+#define SN_setct_CapReqTBS "setct-CapReqTBS"
+#define NID_setct_CapReqTBS 544
+#define OBJ_setct_CapReqTBS 2L, 23L, 42L, 0L, 26L
+
+#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
+#define NID_setct_CapReqTBSX 545
+#define OBJ_setct_CapReqTBSX 2L, 23L, 42L, 0L, 27L
+
+#define SN_setct_CapResData "setct-CapResData"
+#define NID_setct_CapResData 546
+#define OBJ_setct_CapResData 2L, 23L, 42L, 0L, 28L
+
+#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
+#define NID_setct_CapRevReqTBS 547
+#define OBJ_setct_CapRevReqTBS 2L, 23L, 42L, 0L, 29L
+
+#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
+#define NID_setct_CapRevReqTBSX 548
+#define OBJ_setct_CapRevReqTBSX 2L, 23L, 42L, 0L, 30L
+
+#define SN_setct_CapRevResData "setct-CapRevResData"
+#define NID_setct_CapRevResData 549
+#define OBJ_setct_CapRevResData 2L, 23L, 42L, 0L, 31L
+
+#define SN_setct_CredReqTBS "setct-CredReqTBS"
+#define NID_setct_CredReqTBS 550
+#define OBJ_setct_CredReqTBS 2L, 23L, 42L, 0L, 32L
+
+#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
+#define NID_setct_CredReqTBSX 551
+#define OBJ_setct_CredReqTBSX 2L, 23L, 42L, 0L, 33L
+
+#define SN_setct_CredResData "setct-CredResData"
+#define NID_setct_CredResData 552
+#define OBJ_setct_CredResData 2L, 23L, 42L, 0L, 34L
+
+#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
+#define NID_setct_CredRevReqTBS 553
+#define OBJ_setct_CredRevReqTBS 2L, 23L, 42L, 0L, 35L
+
+#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
+#define NID_setct_CredRevReqTBSX 554
+#define OBJ_setct_CredRevReqTBSX 2L, 23L, 42L, 0L, 36L
+
+#define SN_setct_CredRevResData "setct-CredRevResData"
+#define NID_setct_CredRevResData 555
+#define OBJ_setct_CredRevResData 2L, 23L, 42L, 0L, 37L
+
+#define SN_setct_PCertReqData "setct-PCertReqData"
+#define NID_setct_PCertReqData 556
+#define OBJ_setct_PCertReqData 2L, 23L, 42L, 0L, 38L
+
+#define SN_setct_PCertResTBS "setct-PCertResTBS"
+#define NID_setct_PCertResTBS 557
+#define OBJ_setct_PCertResTBS 2L, 23L, 42L, 0L, 39L
+
+#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
+#define NID_setct_BatchAdminReqData 558
+#define OBJ_setct_BatchAdminReqData 2L, 23L, 42L, 0L, 40L
+
+#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
+#define NID_setct_BatchAdminResData 559
+#define OBJ_setct_BatchAdminResData 2L, 23L, 42L, 0L, 41L
+
+#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
+#define NID_setct_CardCInitResTBS 560
+#define OBJ_setct_CardCInitResTBS 2L, 23L, 42L, 0L, 42L
+
+#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
+#define NID_setct_MeAqCInitResTBS 561
+#define OBJ_setct_MeAqCInitResTBS 2L, 23L, 42L, 0L, 43L
+
+#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
+#define NID_setct_RegFormResTBS 562
+#define OBJ_setct_RegFormResTBS 2L, 23L, 42L, 0L, 44L
+
+#define SN_setct_CertReqData "setct-CertReqData"
+#define NID_setct_CertReqData 563
+#define OBJ_setct_CertReqData 2L, 23L, 42L, 0L, 45L
+
+#define SN_setct_CertReqTBS "setct-CertReqTBS"
+#define NID_setct_CertReqTBS 564
+#define OBJ_setct_CertReqTBS 2L, 23L, 42L, 0L, 46L
+
+#define SN_setct_CertResData "setct-CertResData"
+#define NID_setct_CertResData 565
+#define OBJ_setct_CertResData 2L, 23L, 42L, 0L, 47L
+
+#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
+#define NID_setct_CertInqReqTBS 566
+#define OBJ_setct_CertInqReqTBS 2L, 23L, 42L, 0L, 48L
+
+#define SN_setct_ErrorTBS "setct-ErrorTBS"
+#define NID_setct_ErrorTBS 567
+#define OBJ_setct_ErrorTBS 2L, 23L, 42L, 0L, 49L
+
+#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
+#define NID_setct_PIDualSignedTBE 568
+#define OBJ_setct_PIDualSignedTBE 2L, 23L, 42L, 0L, 50L
+
+#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
+#define NID_setct_PIUnsignedTBE 569
+#define OBJ_setct_PIUnsignedTBE 2L, 23L, 42L, 0L, 51L
+
+#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
+#define NID_setct_AuthReqTBE 570
+#define OBJ_setct_AuthReqTBE 2L, 23L, 42L, 0L, 52L
+
+#define SN_setct_AuthResTBE "setct-AuthResTBE"
+#define NID_setct_AuthResTBE 571
+#define OBJ_setct_AuthResTBE 2L, 23L, 42L, 0L, 53L
+
+#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
+#define NID_setct_AuthResTBEX 572
+#define OBJ_setct_AuthResTBEX 2L, 23L, 42L, 0L, 54L
+
+#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
+#define NID_setct_AuthTokenTBE 573
+#define OBJ_setct_AuthTokenTBE 2L, 23L, 42L, 0L, 55L
+
+#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
+#define NID_setct_CapTokenTBE 574
+#define OBJ_setct_CapTokenTBE 2L, 23L, 42L, 0L, 56L
+
+#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
+#define NID_setct_CapTokenTBEX 575
+#define OBJ_setct_CapTokenTBEX 2L, 23L, 42L, 0L, 57L
+
+#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
+#define NID_setct_AcqCardCodeMsgTBE 576
+#define OBJ_setct_AcqCardCodeMsgTBE 2L, 23L, 42L, 0L, 58L
+
+#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
+#define NID_setct_AuthRevReqTBE 577
+#define OBJ_setct_AuthRevReqTBE 2L, 23L, 42L, 0L, 59L
+
+#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
+#define NID_setct_AuthRevResTBE 578
+#define OBJ_setct_AuthRevResTBE 2L, 23L, 42L, 0L, 60L
+
+#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
+#define NID_setct_AuthRevResTBEB 579
+#define OBJ_setct_AuthRevResTBEB 2L, 23L, 42L, 0L, 61L
+
+#define SN_setct_CapReqTBE "setct-CapReqTBE"
+#define NID_setct_CapReqTBE 580
+#define OBJ_setct_CapReqTBE 2L, 23L, 42L, 0L, 62L
+
+#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
+#define NID_setct_CapReqTBEX 581
+#define OBJ_setct_CapReqTBEX 2L, 23L, 42L, 0L, 63L
+
+#define SN_setct_CapResTBE "setct-CapResTBE"
+#define NID_setct_CapResTBE 582
+#define OBJ_setct_CapResTBE 2L, 23L, 42L, 0L, 64L
+
+#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
+#define NID_setct_CapRevReqTBE 583
+#define OBJ_setct_CapRevReqTBE 2L, 23L, 42L, 0L, 65L
+
+#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
+#define NID_setct_CapRevReqTBEX 584
+#define OBJ_setct_CapRevReqTBEX 2L, 23L, 42L, 0L, 66L
+
+#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
+#define NID_setct_CapRevResTBE 585
+#define OBJ_setct_CapRevResTBE 2L, 23L, 42L, 0L, 67L
+
+#define SN_setct_CredReqTBE "setct-CredReqTBE"
+#define NID_setct_CredReqTBE 586
+#define OBJ_setct_CredReqTBE 2L, 23L, 42L, 0L, 68L
+
+#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
+#define NID_setct_CredReqTBEX 587
+#define OBJ_setct_CredReqTBEX 2L, 23L, 42L, 0L, 69L
+
+#define SN_setct_CredResTBE "setct-CredResTBE"
+#define NID_setct_CredResTBE 588
+#define OBJ_setct_CredResTBE 2L, 23L, 42L, 0L, 70L
+
+#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
+#define NID_setct_CredRevReqTBE 589
+#define OBJ_setct_CredRevReqTBE 2L, 23L, 42L, 0L, 71L
+
+#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
+#define NID_setct_CredRevReqTBEX 590
+#define OBJ_setct_CredRevReqTBEX 2L, 23L, 42L, 0L, 72L
+
+#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
+#define NID_setct_CredRevResTBE 591
+#define OBJ_setct_CredRevResTBE 2L, 23L, 42L, 0L, 73L
+
+#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
+#define NID_setct_BatchAdminReqTBE 592
+#define OBJ_setct_BatchAdminReqTBE 2L, 23L, 42L, 0L, 74L
+
+#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
+#define NID_setct_BatchAdminResTBE 593
+#define OBJ_setct_BatchAdminResTBE 2L, 23L, 42L, 0L, 75L
+
+#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
+#define NID_setct_RegFormReqTBE 594
+#define OBJ_setct_RegFormReqTBE 2L, 23L, 42L, 0L, 76L
+
+#define SN_setct_CertReqTBE "setct-CertReqTBE"
+#define NID_setct_CertReqTBE 595
+#define OBJ_setct_CertReqTBE 2L, 23L, 42L, 0L, 77L
+
+#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
+#define NID_setct_CertReqTBEX 596
+#define OBJ_setct_CertReqTBEX 2L, 23L, 42L, 0L, 78L
+
+#define SN_setct_CertResTBE "setct-CertResTBE"
+#define NID_setct_CertResTBE 597
+#define OBJ_setct_CertResTBE 2L, 23L, 42L, 0L, 79L
+
+#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
+#define NID_setct_CRLNotificationTBS 598
+#define OBJ_setct_CRLNotificationTBS 2L, 23L, 42L, 0L, 80L
+
+#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
+#define NID_setct_CRLNotificationResTBS 599
+#define OBJ_setct_CRLNotificationResTBS 2L, 23L, 42L, 0L, 81L
+
+#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
+#define NID_setct_BCIDistributionTBS 600
+#define OBJ_setct_BCIDistributionTBS 2L, 23L, 42L, 0L, 82L
+
+#define SN_setext_genCrypt "setext-genCrypt"
+#define LN_setext_genCrypt "generic cryptogram"
+#define NID_setext_genCrypt 601
+#define OBJ_setext_genCrypt 2L, 23L, 42L, 1L, 1L
+
+#define SN_setext_miAuth "setext-miAuth"
+#define LN_setext_miAuth "merchant initiated auth"
+#define NID_setext_miAuth 602
+#define OBJ_setext_miAuth 2L, 23L, 42L, 1L, 3L
+
+#define SN_setext_pinSecure "setext-pinSecure"
+#define NID_setext_pinSecure 603
+#define OBJ_setext_pinSecure 2L, 23L, 42L, 1L, 4L
+
+#define SN_setext_pinAny "setext-pinAny"
+#define NID_setext_pinAny 604
+#define OBJ_setext_pinAny 2L, 23L, 42L, 1L, 5L
+
+#define SN_setext_track2 "setext-track2"
+#define NID_setext_track2 605
+#define OBJ_setext_track2 2L, 23L, 42L, 1L, 7L
+
+#define SN_setext_cv "setext-cv"
+#define LN_setext_cv "additional verification"
+#define NID_setext_cv 606
+#define OBJ_setext_cv 2L, 23L, 42L, 1L, 8L
+
+#define SN_set_policy_root "set-policy-root"
+#define NID_set_policy_root 607
+#define OBJ_set_policy_root 2L, 23L, 42L, 5L, 0L
+
+#define SN_setCext_hashedRoot "setCext-hashedRoot"
+#define NID_setCext_hashedRoot 608
+#define OBJ_setCext_hashedRoot 2L, 23L, 42L, 7L, 0L
+
+#define SN_setCext_certType "setCext-certType"
+#define NID_setCext_certType 609
+#define OBJ_setCext_certType 2L, 23L, 42L, 7L, 1L
+
+#define SN_setCext_merchData "setCext-merchData"
+#define NID_setCext_merchData 610
+#define OBJ_setCext_merchData 2L, 23L, 42L, 7L, 2L
+
+#define SN_setCext_cCertRequired "setCext-cCertRequired"
+#define NID_setCext_cCertRequired 611
+#define OBJ_setCext_cCertRequired 2L, 23L, 42L, 7L, 3L
+
+#define SN_setCext_tunneling "setCext-tunneling"
+#define NID_setCext_tunneling 612
+#define OBJ_setCext_tunneling 2L, 23L, 42L, 7L, 4L
+
+#define SN_setCext_setExt "setCext-setExt"
+#define NID_setCext_setExt 613
+#define OBJ_setCext_setExt 2L, 23L, 42L, 7L, 5L
+
+#define SN_setCext_setQualf "setCext-setQualf"
+#define NID_setCext_setQualf 614
+#define OBJ_setCext_setQualf 2L, 23L, 42L, 7L, 6L
+
+#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
+#define NID_setCext_PGWYcapabilities 615
+#define OBJ_setCext_PGWYcapabilities 2L, 23L, 42L, 7L, 7L
+
+#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
+#define NID_setCext_TokenIdentifier 616
+#define OBJ_setCext_TokenIdentifier 2L, 23L, 42L, 7L, 8L
+
+#define SN_setCext_Track2Data "setCext-Track2Data"
+#define NID_setCext_Track2Data 617
+#define OBJ_setCext_Track2Data 2L, 23L, 42L, 7L, 9L
+
+#define SN_setCext_TokenType "setCext-TokenType"
+#define NID_setCext_TokenType 618
+#define OBJ_setCext_TokenType 2L, 23L, 42L, 7L, 10L
+
+#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
+#define NID_setCext_IssuerCapabilities 619
+#define OBJ_setCext_IssuerCapabilities 2L, 23L, 42L, 7L, 11L
+
+#define SN_setAttr_Cert "setAttr-Cert"
+#define NID_setAttr_Cert 620
+#define OBJ_setAttr_Cert 2L, 23L, 42L, 3L, 0L
+
+#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
+#define LN_setAttr_PGWYcap "payment gateway capabilities"
+#define NID_setAttr_PGWYcap 621
+#define OBJ_setAttr_PGWYcap 2L, 23L, 42L, 3L, 1L
+
+#define SN_setAttr_TokenType "setAttr-TokenType"
+#define NID_setAttr_TokenType 622
+#define OBJ_setAttr_TokenType 2L, 23L, 42L, 3L, 2L
+
+#define SN_setAttr_IssCap "setAttr-IssCap"
+#define LN_setAttr_IssCap "issuer capabilities"
+#define NID_setAttr_IssCap 623
+#define OBJ_setAttr_IssCap 2L, 23L, 42L, 3L, 3L
+
+#define SN_set_rootKeyThumb "set-rootKeyThumb"
+#define NID_set_rootKeyThumb 624
+#define OBJ_set_rootKeyThumb 2L, 23L, 42L, 3L, 0L, 0L
+
+#define SN_set_addPolicy "set-addPolicy"
+#define NID_set_addPolicy 625
+#define OBJ_set_addPolicy 2L, 23L, 42L, 3L, 0L, 1L
+
+#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
+#define NID_setAttr_Token_EMV 626
+#define OBJ_setAttr_Token_EMV 2L, 23L, 42L, 3L, 2L, 1L
+
+#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
+#define NID_setAttr_Token_B0Prime 627
+#define OBJ_setAttr_Token_B0Prime 2L, 23L, 42L, 3L, 2L, 2L
+
+#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
+#define NID_setAttr_IssCap_CVM 628
+#define OBJ_setAttr_IssCap_CVM 2L, 23L, 42L, 3L, 3L, 3L
+
+#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
+#define NID_setAttr_IssCap_T2 629
+#define OBJ_setAttr_IssCap_T2 2L, 23L, 42L, 3L, 3L, 4L
+
+#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
+#define NID_setAttr_IssCap_Sig 630
+#define OBJ_setAttr_IssCap_Sig 2L, 23L, 42L, 3L, 3L, 5L
+
+#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
+#define LN_setAttr_GenCryptgrm "generate cryptogram"
+#define NID_setAttr_GenCryptgrm 631
+#define OBJ_setAttr_GenCryptgrm 2L, 23L, 42L, 3L, 3L, 3L, 1L
+
+#define SN_setAttr_T2Enc "setAttr-T2Enc"
+#define LN_setAttr_T2Enc "encrypted track 2"
+#define NID_setAttr_T2Enc 632
+#define OBJ_setAttr_T2Enc 2L, 23L, 42L, 3L, 3L, 4L, 1L
+
+#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
+#define LN_setAttr_T2cleartxt "cleartext track 2"
+#define NID_setAttr_T2cleartxt 633
+#define OBJ_setAttr_T2cleartxt 2L, 23L, 42L, 3L, 3L, 4L, 2L
+
+#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
+#define LN_setAttr_TokICCsig "ICC or token signature"
+#define NID_setAttr_TokICCsig 634
+#define OBJ_setAttr_TokICCsig 2L, 23L, 42L, 3L, 3L, 5L, 1L
+
+#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
+#define LN_setAttr_SecDevSig "secure device signature"
+#define NID_setAttr_SecDevSig 635
+#define OBJ_setAttr_SecDevSig 2L, 23L, 42L, 3L, 3L, 5L, 2L
+
+#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
+#define NID_set_brand_IATA_ATA 636
+#define OBJ_set_brand_IATA_ATA 2L, 23L, 42L, 8L, 1L
+
+#define SN_set_brand_Diners "set-brand-Diners"
+#define NID_set_brand_Diners 637
+#define OBJ_set_brand_Diners 2L, 23L, 42L, 8L, 30L
+
+#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
+#define NID_set_brand_AmericanExpress 638
+#define OBJ_set_brand_AmericanExpress 2L, 23L, 42L, 8L, 34L
+
+#define SN_set_brand_JCB "set-brand-JCB"
+#define NID_set_brand_JCB 639
+#define OBJ_set_brand_JCB 2L, 23L, 42L, 8L, 35L
+
+#define SN_set_brand_Visa "set-brand-Visa"
+#define NID_set_brand_Visa 640
+#define OBJ_set_brand_Visa 2L, 23L, 42L, 8L, 4L
+
+#define SN_set_brand_MasterCard "set-brand-MasterCard"
+#define NID_set_brand_MasterCard 641
+#define OBJ_set_brand_MasterCard 2L, 23L, 42L, 8L, 5L
+
+#define SN_set_brand_Novus "set-brand-Novus"
+#define NID_set_brand_Novus 642
+#define OBJ_set_brand_Novus 2L, 23L, 42L, 8L, 6011L
+
+#define SN_des_cdmf "DES-CDMF"
+#define LN_des_cdmf "des-cdmf"
+#define NID_des_cdmf 643
+#define OBJ_des_cdmf 1L, 2L, 840L, 113549L, 3L, 10L
+
+#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
+#define NID_rsaOAEPEncryptionSET 644
+#define OBJ_rsaOAEPEncryptionSET 1L, 2L, 840L, 113549L, 1L, 1L, 6L
+
+#define SN_itu_t "ITU-T"
+#define LN_itu_t "itu-t"
+#define NID_itu_t 645
+#define OBJ_itu_t 0L
+
+#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
+#define LN_joint_iso_itu_t "joint-iso-itu-t"
+#define NID_joint_iso_itu_t 646
+#define OBJ_joint_iso_itu_t 2L
+
+#define SN_international_organizations "international-organizations"
+#define LN_international_organizations "International Organizations"
+#define NID_international_organizations 647
+#define OBJ_international_organizations 2L, 23L
+
+#define SN_ms_smartcard_login "msSmartcardLogin"
+#define LN_ms_smartcard_login "Microsoft Smartcardlogin"
+#define NID_ms_smartcard_login 648
+#define OBJ_ms_smartcard_login 1L, 3L, 6L, 1L, 4L, 1L, 311L, 20L, 2L, 2L
+
+#define SN_ms_upn "msUPN"
+#define LN_ms_upn "Microsoft Universal Principal Name"
+#define NID_ms_upn 649
+#define OBJ_ms_upn 1L, 3L, 6L, 1L, 4L, 1L, 311L, 20L, 2L, 3L
#define SN_aes_128_cfb1 "AES-128-CFB1"
#define LN_aes_128_cfb1 "aes-128-cfb1"
@@ -2743,26 +2912,6 @@
#define LN_aes_256_cfb8 "aes-256-cfb8"
#define NID_aes_256_cfb8 655
-#define SN_aes_128_ctr "AES-128-CTR"
-#define LN_aes_128_ctr "aes-128-ctr"
-#define NID_aes_128_ctr 904
-
-#define SN_aes_192_ctr "AES-192-CTR"
-#define LN_aes_192_ctr "aes-192-ctr"
-#define NID_aes_192_ctr 905
-
-#define SN_aes_256_ctr "AES-256-CTR"
-#define LN_aes_256_ctr "aes-256-ctr"
-#define NID_aes_256_ctr 906
-
-#define SN_aes_128_xts "AES-128-XTS"
-#define LN_aes_128_xts "aes-128-xts"
-#define NID_aes_128_xts 913
-
-#define SN_aes_256_xts "AES-256-XTS"
-#define LN_aes_256_xts "aes-256-xts"
-#define NID_aes_256_xts 914
-
#define SN_des_cfb1 "DES-CFB1"
#define LN_des_cfb1 "des-cfb1"
#define NID_des_cfb1 656
@@ -2779,894 +2928,378 @@
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
#define NID_des_ede3_cfb8 659
-#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
+#define SN_streetAddress "street"
+#define LN_streetAddress "streetAddress"
+#define NID_streetAddress 660
+#define OBJ_streetAddress 2L, 5L, 4L, 9L
+
+#define LN_postalCode "postalCode"
+#define NID_postalCode 661
+#define OBJ_postalCode 2L, 5L, 4L, 17L
+
+#define SN_id_ppl "id-ppl"
+#define NID_id_ppl 662
+#define OBJ_id_ppl 1L, 3L, 6L, 1L, 5L, 5L, 7L, 21L
+
+#define SN_proxyCertInfo "proxyCertInfo"
+#define LN_proxyCertInfo "Proxy Certificate Information"
+#define NID_proxyCertInfo 663
+#define OBJ_proxyCertInfo 1L, 3L, 6L, 1L, 5L, 5L, 7L, 1L, 14L
+
+#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
+#define LN_id_ppl_anyLanguage "Any language"
+#define NID_id_ppl_anyLanguage 664
+#define OBJ_id_ppl_anyLanguage 1L, 3L, 6L, 1L, 5L, 5L, 7L, 21L, 0L
+
+#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
+#define LN_id_ppl_inheritAll "Inherit all"
+#define NID_id_ppl_inheritAll 665
+#define OBJ_id_ppl_inheritAll 1L, 3L, 6L, 1L, 5L, 5L, 7L, 21L, 1L
+
+#define SN_name_constraints "nameConstraints"
+#define LN_name_constraints "X509v3 Name Constraints"
+#define NID_name_constraints 666
+#define OBJ_name_constraints 2L, 5L, 29L, 30L
+
+#define SN_Independent "id-ppl-independent"
+#define LN_Independent "Independent"
+#define NID_Independent 667
+#define OBJ_Independent 1L, 3L, 6L, 1L, 5L, 5L, 7L, 21L, 2L
+
+#define SN_sha256WithRSAEncryption "RSA-SHA256"
+#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
+#define NID_sha256WithRSAEncryption 668
+#define OBJ_sha256WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 11L
+
+#define SN_sha384WithRSAEncryption "RSA-SHA384"
+#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
+#define NID_sha384WithRSAEncryption 669
+#define OBJ_sha384WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 12L
+
+#define SN_sha512WithRSAEncryption "RSA-SHA512"
+#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
+#define NID_sha512WithRSAEncryption 670
+#define OBJ_sha512WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 13L
+
+#define SN_sha224WithRSAEncryption "RSA-SHA224"
+#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
+#define NID_sha224WithRSAEncryption 671
+#define OBJ_sha224WithRSAEncryption 1L, 2L, 840L, 113549L, 1L, 1L, 14L
#define SN_sha256 "SHA256"
#define LN_sha256 "sha256"
#define NID_sha256 672
-#define OBJ_sha256 OBJ_nist_hashalgs,1L
+#define OBJ_sha256 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 1L
#define SN_sha384 "SHA384"
#define LN_sha384 "sha384"
#define NID_sha384 673
-#define OBJ_sha384 OBJ_nist_hashalgs,2L
+#define OBJ_sha384 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 2L
#define SN_sha512 "SHA512"
#define LN_sha512 "sha512"
#define NID_sha512 674
-#define OBJ_sha512 OBJ_nist_hashalgs,3L
+#define OBJ_sha512 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 3L
#define SN_sha224 "SHA224"
#define LN_sha224 "sha224"
#define NID_sha224 675
-#define OBJ_sha224 OBJ_nist_hashalgs,4L
+#define OBJ_sha224 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 4L
-#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L
+#define SN_identified_organization "identified-organization"
+#define NID_identified_organization 676
+#define OBJ_identified_organization 1L, 3L
-#define SN_dsa_with_SHA224 "dsa_with_SHA224"
-#define NID_dsa_with_SHA224 802
-#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L
+#define SN_certicom_arc "certicom-arc"
+#define NID_certicom_arc 677
+#define OBJ_certicom_arc 1L, 3L, 132L
-#define SN_dsa_with_SHA256 "dsa_with_SHA256"
-#define NID_dsa_with_SHA256 803
-#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L
+#define SN_wap "wap"
+#define NID_wap 678
+#define OBJ_wap 2L, 23L, 43L
-#define SN_hold_instruction_code "holdInstructionCode"
-#define LN_hold_instruction_code "Hold Instruction Code"
-#define NID_hold_instruction_code 430
-#define OBJ_hold_instruction_code OBJ_id_ce,23L
+#define SN_wap_wsg "wap-wsg"
+#define NID_wap_wsg 679
+#define OBJ_wap_wsg 2L, 23L, 43L, 1L
-#define OBJ_holdInstruction OBJ_X9_57,2L
+#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
+#define NID_X9_62_id_characteristic_two_basis 680
+#define OBJ_X9_62_id_characteristic_two_basis 1L, 2L, 840L, 10045L, 1L, 2L, 3L
-#define SN_hold_instruction_none "holdInstructionNone"
-#define LN_hold_instruction_none "Hold Instruction None"
-#define NID_hold_instruction_none 431
-#define OBJ_hold_instruction_none OBJ_holdInstruction,1L
+#define SN_X9_62_onBasis "onBasis"
+#define NID_X9_62_onBasis 681
+#define OBJ_X9_62_onBasis 1L, 2L, 840L, 10045L, 1L, 2L, 3L, 1L
-#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
-#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
-#define NID_hold_instruction_call_issuer 432
-#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L
+#define SN_X9_62_tpBasis "tpBasis"
+#define NID_X9_62_tpBasis 682
+#define OBJ_X9_62_tpBasis 1L, 2L, 840L, 10045L, 1L, 2L, 3L, 2L
-#define SN_hold_instruction_reject "holdInstructionReject"
-#define LN_hold_instruction_reject "Hold Instruction Reject"
-#define NID_hold_instruction_reject 433
-#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L
+#define SN_X9_62_ppBasis "ppBasis"
+#define NID_X9_62_ppBasis 683
+#define OBJ_X9_62_ppBasis 1L, 2L, 840L, 10045L, 1L, 2L, 3L, 3L
-#define SN_data "data"
-#define NID_data 434
-#define OBJ_data OBJ_itu_t,9L
+#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
+#define NID_X9_62_c2pnb163v1 684
+#define OBJ_X9_62_c2pnb163v1 1L, 2L, 840L, 10045L, 3L, 0L, 1L
-#define SN_pss "pss"
-#define NID_pss 435
-#define OBJ_pss OBJ_data,2342L
+#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
+#define NID_X9_62_c2pnb163v2 685
+#define OBJ_X9_62_c2pnb163v2 1L, 2L, 840L, 10045L, 3L, 0L, 2L
-#define SN_ucl "ucl"
-#define NID_ucl 436
-#define OBJ_ucl OBJ_pss,19200300L
+#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
+#define NID_X9_62_c2pnb163v3 686
+#define OBJ_X9_62_c2pnb163v3 1L, 2L, 840L, 10045L, 3L, 0L, 3L
-#define SN_pilot "pilot"
-#define NID_pilot 437
-#define OBJ_pilot OBJ_ucl,100L
+#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
+#define NID_X9_62_c2pnb176v1 687
+#define OBJ_X9_62_c2pnb176v1 1L, 2L, 840L, 10045L, 3L, 0L, 4L
-#define LN_pilotAttributeType "pilotAttributeType"
-#define NID_pilotAttributeType 438
-#define OBJ_pilotAttributeType OBJ_pilot,1L
+#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
+#define NID_X9_62_c2tnb191v1 688
+#define OBJ_X9_62_c2tnb191v1 1L, 2L, 840L, 10045L, 3L, 0L, 5L
-#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
-#define NID_pilotAttributeSyntax 439
-#define OBJ_pilotAttributeSyntax OBJ_pilot,3L
+#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
+#define NID_X9_62_c2tnb191v2 689
+#define OBJ_X9_62_c2tnb191v2 1L, 2L, 840L, 10045L, 3L, 0L, 6L
-#define LN_pilotObjectClass "pilotObjectClass"
-#define NID_pilotObjectClass 440
-#define OBJ_pilotObjectClass OBJ_pilot,4L
+#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
+#define NID_X9_62_c2tnb191v3 690
+#define OBJ_X9_62_c2tnb191v3 1L, 2L, 840L, 10045L, 3L, 0L, 7L
-#define LN_pilotGroups "pilotGroups"
-#define NID_pilotGroups 441
-#define OBJ_pilotGroups OBJ_pilot,10L
+#define SN_X9_62_c2onb191v4 "c2onb191v4"
+#define NID_X9_62_c2onb191v4 691
+#define OBJ_X9_62_c2onb191v4 1L, 2L, 840L, 10045L, 3L, 0L, 8L
-#define LN_iA5StringSyntax "iA5StringSyntax"
-#define NID_iA5StringSyntax 442
-#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L
+#define SN_X9_62_c2onb191v5 "c2onb191v5"
+#define NID_X9_62_c2onb191v5 692
+#define OBJ_X9_62_c2onb191v5 1L, 2L, 840L, 10045L, 3L, 0L, 9L
-#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
-#define NID_caseIgnoreIA5StringSyntax 443
-#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L
+#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
+#define NID_X9_62_c2pnb208w1 693
+#define OBJ_X9_62_c2pnb208w1 1L, 2L, 840L, 10045L, 3L, 0L, 10L
-#define LN_pilotObject "pilotObject"
-#define NID_pilotObject 444
-#define OBJ_pilotObject OBJ_pilotObjectClass,3L
+#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
+#define NID_X9_62_c2tnb239v1 694
+#define OBJ_X9_62_c2tnb239v1 1L, 2L, 840L, 10045L, 3L, 0L, 11L
-#define LN_pilotPerson "pilotPerson"
-#define NID_pilotPerson 445
-#define OBJ_pilotPerson OBJ_pilotObjectClass,4L
+#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
+#define NID_X9_62_c2tnb239v2 695
+#define OBJ_X9_62_c2tnb239v2 1L, 2L, 840L, 10045L, 3L, 0L, 12L
-#define SN_account "account"
-#define NID_account 446
-#define OBJ_account OBJ_pilotObjectClass,5L
+#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
+#define NID_X9_62_c2tnb239v3 696
+#define OBJ_X9_62_c2tnb239v3 1L, 2L, 840L, 10045L, 3L, 0L, 13L
-#define SN_document "document"
-#define NID_document 447
-#define OBJ_document OBJ_pilotObjectClass,6L
+#define SN_X9_62_c2onb239v4 "c2onb239v4"
+#define NID_X9_62_c2onb239v4 697
+#define OBJ_X9_62_c2onb239v4 1L, 2L, 840L, 10045L, 3L, 0L, 14L
-#define SN_room "room"
-#define NID_room 448
-#define OBJ_room OBJ_pilotObjectClass,7L
+#define SN_X9_62_c2onb239v5 "c2onb239v5"
+#define NID_X9_62_c2onb239v5 698
+#define OBJ_X9_62_c2onb239v5 1L, 2L, 840L, 10045L, 3L, 0L, 15L
-#define LN_documentSeries "documentSeries"
-#define NID_documentSeries 449
-#define OBJ_documentSeries OBJ_pilotObjectClass,9L
+#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
+#define NID_X9_62_c2pnb272w1 699
+#define OBJ_X9_62_c2pnb272w1 1L, 2L, 840L, 10045L, 3L, 0L, 16L
-#define SN_Domain "domain"
-#define LN_Domain "Domain"
-#define NID_Domain 392
-#define OBJ_Domain OBJ_pilotObjectClass,13L
+#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
+#define NID_X9_62_c2pnb304w1 700
+#define OBJ_X9_62_c2pnb304w1 1L, 2L, 840L, 10045L, 3L, 0L, 17L
-#define LN_rFC822localPart "rFC822localPart"
-#define NID_rFC822localPart 450
-#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L
+#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
+#define NID_X9_62_c2tnb359v1 701
+#define OBJ_X9_62_c2tnb359v1 1L, 2L, 840L, 10045L, 3L, 0L, 18L
-#define LN_dNSDomain "dNSDomain"
-#define NID_dNSDomain 451
-#define OBJ_dNSDomain OBJ_pilotObjectClass,15L
+#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
+#define NID_X9_62_c2pnb368w1 702
+#define OBJ_X9_62_c2pnb368w1 1L, 2L, 840L, 10045L, 3L, 0L, 19L
-#define LN_domainRelatedObject "domainRelatedObject"
-#define NID_domainRelatedObject 452
-#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L
+#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
+#define NID_X9_62_c2tnb431r1 703
+#define OBJ_X9_62_c2tnb431r1 1L, 2L, 840L, 10045L, 3L, 0L, 20L
-#define LN_friendlyCountry "friendlyCountry"
-#define NID_friendlyCountry 453
-#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L
+#define SN_secp112r1 "secp112r1"
+#define NID_secp112r1 704
+#define OBJ_secp112r1 1L, 3L, 132L, 0L, 6L
-#define LN_simpleSecurityObject "simpleSecurityObject"
-#define NID_simpleSecurityObject 454
-#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L
+#define SN_secp112r2 "secp112r2"
+#define NID_secp112r2 705
+#define OBJ_secp112r2 1L, 3L, 132L, 0L, 7L
-#define LN_pilotOrganization "pilotOrganization"
-#define NID_pilotOrganization 455
-#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L
+#define SN_secp128r1 "secp128r1"
+#define NID_secp128r1 706
+#define OBJ_secp128r1 1L, 3L, 132L, 0L, 28L
-#define LN_pilotDSA "pilotDSA"
-#define NID_pilotDSA 456
-#define OBJ_pilotDSA OBJ_pilotObjectClass,21L
+#define SN_secp128r2 "secp128r2"
+#define NID_secp128r2 707
+#define OBJ_secp128r2 1L, 3L, 132L, 0L, 29L
-#define LN_qualityLabelledData "qualityLabelledData"
-#define NID_qualityLabelledData 457
-#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L
+#define SN_secp160k1 "secp160k1"
+#define NID_secp160k1 708
+#define OBJ_secp160k1 1L, 3L, 132L, 0L, 9L
-#define SN_userId "UID"
-#define LN_userId "userId"
-#define NID_userId 458
-#define OBJ_userId OBJ_pilotAttributeType,1L
+#define SN_secp160r1 "secp160r1"
+#define NID_secp160r1 709
+#define OBJ_secp160r1 1L, 3L, 132L, 0L, 8L
-#define LN_textEncodedORAddress "textEncodedORAddress"
-#define NID_textEncodedORAddress 459
-#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L
+#define SN_secp160r2 "secp160r2"
+#define NID_secp160r2 710
+#define OBJ_secp160r2 1L, 3L, 132L, 0L, 30L
-#define SN_rfc822Mailbox "mail"
-#define LN_rfc822Mailbox "rfc822Mailbox"
-#define NID_rfc822Mailbox 460
-#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L
+#define SN_secp192k1 "secp192k1"
+#define NID_secp192k1 711
+#define OBJ_secp192k1 1L, 3L, 132L, 0L, 31L
-#define SN_info "info"
-#define NID_info 461
-#define OBJ_info OBJ_pilotAttributeType,4L
+#define SN_secp224k1 "secp224k1"
+#define NID_secp224k1 712
+#define OBJ_secp224k1 1L, 3L, 132L, 0L, 32L
-#define LN_favouriteDrink "favouriteDrink"
-#define NID_favouriteDrink 462
-#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L
+#define SN_secp224r1 "secp224r1"
+#define NID_secp224r1 713
+#define OBJ_secp224r1 1L, 3L, 132L, 0L, 33L
-#define LN_roomNumber "roomNumber"
-#define NID_roomNumber 463
-#define OBJ_roomNumber OBJ_pilotAttributeType,6L
+#define SN_secp256k1 "secp256k1"
+#define NID_secp256k1 714
+#define OBJ_secp256k1 1L, 3L, 132L, 0L, 10L
-#define SN_photo "photo"
-#define NID_photo 464
-#define OBJ_photo OBJ_pilotAttributeType,7L
+#define SN_secp384r1 "secp384r1"
+#define NID_secp384r1 715
+#define OBJ_secp384r1 1L, 3L, 132L, 0L, 34L
-#define LN_userClass "userClass"
-#define NID_userClass 465
-#define OBJ_userClass OBJ_pilotAttributeType,8L
+#define SN_secp521r1 "secp521r1"
+#define NID_secp521r1 716
+#define OBJ_secp521r1 1L, 3L, 132L, 0L, 35L
-#define SN_host "host"
-#define NID_host 466
-#define OBJ_host OBJ_pilotAttributeType,9L
+#define SN_sect113r1 "sect113r1"
+#define NID_sect113r1 717
+#define OBJ_sect113r1 1L, 3L, 132L, 0L, 4L
-#define SN_manager "manager"
-#define NID_manager 467
-#define OBJ_manager OBJ_pilotAttributeType,10L
+#define SN_sect113r2 "sect113r2"
+#define NID_sect113r2 718
+#define OBJ_sect113r2 1L, 3L, 132L, 0L, 5L
-#define LN_documentIdentifier "documentIdentifier"
-#define NID_documentIdentifier 468
-#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L
+#define SN_sect131r1 "sect131r1"
+#define NID_sect131r1 719
+#define OBJ_sect131r1 1L, 3L, 132L, 0L, 22L
-#define LN_documentTitle "documentTitle"
-#define NID_documentTitle 469
-#define OBJ_documentTitle OBJ_pilotAttributeType,12L
+#define SN_sect131r2 "sect131r2"
+#define NID_sect131r2 720
+#define OBJ_sect131r2 1L, 3L, 132L, 0L, 23L
-#define LN_documentVersion "documentVersion"
-#define NID_documentVersion 470
-#define OBJ_documentVersion OBJ_pilotAttributeType,13L
+#define SN_sect163k1 "sect163k1"
+#define NID_sect163k1 721
+#define OBJ_sect163k1 1L, 3L, 132L, 0L, 1L
-#define LN_documentAuthor "documentAuthor"
-#define NID_documentAuthor 471
-#define OBJ_documentAuthor OBJ_pilotAttributeType,14L
+#define SN_sect163r1 "sect163r1"
+#define NID_sect163r1 722
+#define OBJ_sect163r1 1L, 3L, 132L, 0L, 2L
-#define LN_documentLocation "documentLocation"
-#define NID_documentLocation 472
-#define OBJ_documentLocation OBJ_pilotAttributeType,15L
+#define SN_sect163r2 "sect163r2"
+#define NID_sect163r2 723
+#define OBJ_sect163r2 1L, 3L, 132L, 0L, 15L
-#define LN_homeTelephoneNumber "homeTelephoneNumber"
-#define NID_homeTelephoneNumber 473
-#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L
+#define SN_sect193r1 "sect193r1"
+#define NID_sect193r1 724
+#define OBJ_sect193r1 1L, 3L, 132L, 0L, 24L
-#define SN_secretary "secretary"
-#define NID_secretary 474
-#define OBJ_secretary OBJ_pilotAttributeType,21L
+#define SN_sect193r2 "sect193r2"
+#define NID_sect193r2 725
+#define OBJ_sect193r2 1L, 3L, 132L, 0L, 25L
-#define LN_otherMailbox "otherMailbox"
-#define NID_otherMailbox 475
-#define OBJ_otherMailbox OBJ_pilotAttributeType,22L
+#define SN_sect233k1 "sect233k1"
+#define NID_sect233k1 726
+#define OBJ_sect233k1 1L, 3L, 132L, 0L, 26L
-#define LN_lastModifiedTime "lastModifiedTime"
-#define NID_lastModifiedTime 476
-#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L
+#define SN_sect233r1 "sect233r1"
+#define NID_sect233r1 727
+#define OBJ_sect233r1 1L, 3L, 132L, 0L, 27L
-#define LN_lastModifiedBy "lastModifiedBy"
-#define NID_lastModifiedBy 477
-#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L
+#define SN_sect239k1 "sect239k1"
+#define NID_sect239k1 728
+#define OBJ_sect239k1 1L, 3L, 132L, 0L, 3L
-#define SN_domainComponent "DC"
-#define LN_domainComponent "domainComponent"
-#define NID_domainComponent 391
-#define OBJ_domainComponent OBJ_pilotAttributeType,25L
+#define SN_sect283k1 "sect283k1"
+#define NID_sect283k1 729
+#define OBJ_sect283k1 1L, 3L, 132L, 0L, 16L
-#define LN_aRecord "aRecord"
-#define NID_aRecord 478
-#define OBJ_aRecord OBJ_pilotAttributeType,26L
+#define SN_sect283r1 "sect283r1"
+#define NID_sect283r1 730
+#define OBJ_sect283r1 1L, 3L, 132L, 0L, 17L
-#define LN_pilotAttributeType27 "pilotAttributeType27"
-#define NID_pilotAttributeType27 479
-#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L
+#define SN_sect409k1 "sect409k1"
+#define NID_sect409k1 731
+#define OBJ_sect409k1 1L, 3L, 132L, 0L, 36L
-#define LN_mXRecord "mXRecord"
-#define NID_mXRecord 480
-#define OBJ_mXRecord OBJ_pilotAttributeType,28L
+#define SN_sect409r1 "sect409r1"
+#define NID_sect409r1 732
+#define OBJ_sect409r1 1L, 3L, 132L, 0L, 37L
-#define LN_nSRecord "nSRecord"
-#define NID_nSRecord 481
-#define OBJ_nSRecord OBJ_pilotAttributeType,29L
+#define SN_sect571k1 "sect571k1"
+#define NID_sect571k1 733
+#define OBJ_sect571k1 1L, 3L, 132L, 0L, 38L
-#define LN_sOARecord "sOARecord"
-#define NID_sOARecord 482
-#define OBJ_sOARecord OBJ_pilotAttributeType,30L
+#define SN_sect571r1 "sect571r1"
+#define NID_sect571r1 734
+#define OBJ_sect571r1 1L, 3L, 132L, 0L, 39L
-#define LN_cNAMERecord "cNAMERecord"
-#define NID_cNAMERecord 483
-#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L
+#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
+#define NID_wap_wsg_idm_ecid_wtls1 735
+#define OBJ_wap_wsg_idm_ecid_wtls1 2L, 23L, 43L, 1L, 4L, 1L
-#define LN_associatedDomain "associatedDomain"
-#define NID_associatedDomain 484
-#define OBJ_associatedDomain OBJ_pilotAttributeType,37L
+#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
+#define NID_wap_wsg_idm_ecid_wtls3 736
+#define OBJ_wap_wsg_idm_ecid_wtls3 2L, 23L, 43L, 1L, 4L, 3L
-#define LN_associatedName "associatedName"
-#define NID_associatedName 485
-#define OBJ_associatedName OBJ_pilotAttributeType,38L
+#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
+#define NID_wap_wsg_idm_ecid_wtls4 737
+#define OBJ_wap_wsg_idm_ecid_wtls4 2L, 23L, 43L, 1L, 4L, 4L
-#define LN_homePostalAddress "homePostalAddress"
-#define NID_homePostalAddress 486
-#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L
+#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
+#define NID_wap_wsg_idm_ecid_wtls5 738
+#define OBJ_wap_wsg_idm_ecid_wtls5 2L, 23L, 43L, 1L, 4L, 5L
-#define LN_personalTitle "personalTitle"
-#define NID_personalTitle 487
-#define OBJ_personalTitle OBJ_pilotAttributeType,40L
+#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
+#define NID_wap_wsg_idm_ecid_wtls6 739
+#define OBJ_wap_wsg_idm_ecid_wtls6 2L, 23L, 43L, 1L, 4L, 6L
-#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
-#define NID_mobileTelephoneNumber 488
-#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L
+#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
+#define NID_wap_wsg_idm_ecid_wtls7 740
+#define OBJ_wap_wsg_idm_ecid_wtls7 2L, 23L, 43L, 1L, 4L, 7L
-#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
-#define NID_pagerTelephoneNumber 489
-#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L
+#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
+#define NID_wap_wsg_idm_ecid_wtls8 741
+#define OBJ_wap_wsg_idm_ecid_wtls8 2L, 23L, 43L, 1L, 4L, 8L
-#define LN_friendlyCountryName "friendlyCountryName"
-#define NID_friendlyCountryName 490
-#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L
+#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
+#define NID_wap_wsg_idm_ecid_wtls9 742
+#define OBJ_wap_wsg_idm_ecid_wtls9 2L, 23L, 43L, 1L, 4L, 9L
-#define LN_organizationalStatus "organizationalStatus"
-#define NID_organizationalStatus 491
-#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L
+#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
+#define NID_wap_wsg_idm_ecid_wtls10 743
+#define OBJ_wap_wsg_idm_ecid_wtls10 2L, 23L, 43L, 1L, 4L, 10L
-#define LN_janetMailbox "janetMailbox"
-#define NID_janetMailbox 492
-#define OBJ_janetMailbox OBJ_pilotAttributeType,46L
+#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
+#define NID_wap_wsg_idm_ecid_wtls11 744
+#define OBJ_wap_wsg_idm_ecid_wtls11 2L, 23L, 43L, 1L, 4L, 11L
-#define LN_mailPreferenceOption "mailPreferenceOption"
-#define NID_mailPreferenceOption 493
-#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L
+#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
+#define NID_wap_wsg_idm_ecid_wtls12 745
+#define OBJ_wap_wsg_idm_ecid_wtls12 2L, 23L, 43L, 1L, 4L, 12L
-#define LN_buildingName "buildingName"
-#define NID_buildingName 494
-#define OBJ_buildingName OBJ_pilotAttributeType,48L
+#define SN_any_policy "anyPolicy"
+#define LN_any_policy "X509v3 Any Policy"
+#define NID_any_policy 746
+#define OBJ_any_policy 2L, 5L, 29L, 32L, 0L
-#define LN_dSAQuality "dSAQuality"
-#define NID_dSAQuality 495
-#define OBJ_dSAQuality OBJ_pilotAttributeType,49L
+#define SN_policy_mappings "policyMappings"
+#define LN_policy_mappings "X509v3 Policy Mappings"
+#define NID_policy_mappings 747
+#define OBJ_policy_mappings 2L, 5L, 29L, 33L
-#define LN_singleLevelQuality "singleLevelQuality"
-#define NID_singleLevelQuality 496
-#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L
-
-#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
-#define NID_subtreeMinimumQuality 497
-#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L
-
-#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
-#define NID_subtreeMaximumQuality 498
-#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L
-
-#define LN_personalSignature "personalSignature"
-#define NID_personalSignature 499
-#define OBJ_personalSignature OBJ_pilotAttributeType,53L
-
-#define LN_dITRedirect "dITRedirect"
-#define NID_dITRedirect 500
-#define OBJ_dITRedirect OBJ_pilotAttributeType,54L
-
-#define SN_audio "audio"
-#define NID_audio 501
-#define OBJ_audio OBJ_pilotAttributeType,55L
-
-#define LN_documentPublisher "documentPublisher"
-#define NID_documentPublisher 502
-#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
-
-#define SN_id_set "id-set"
-#define LN_id_set "Secure Electronic Transactions"
-#define NID_id_set 512
-#define OBJ_id_set OBJ_international_organizations,42L
-
-#define SN_set_ctype "set-ctype"
-#define LN_set_ctype "content types"
-#define NID_set_ctype 513
-#define OBJ_set_ctype OBJ_id_set,0L
-
-#define SN_set_msgExt "set-msgExt"
-#define LN_set_msgExt "message extensions"
-#define NID_set_msgExt 514
-#define OBJ_set_msgExt OBJ_id_set,1L
-
-#define SN_set_attr "set-attr"
-#define NID_set_attr 515
-#define OBJ_set_attr OBJ_id_set,3L
-
-#define SN_set_policy "set-policy"
-#define NID_set_policy 516
-#define OBJ_set_policy OBJ_id_set,5L
-
-#define SN_set_certExt "set-certExt"
-#define LN_set_certExt "certificate extensions"
-#define NID_set_certExt 517
-#define OBJ_set_certExt OBJ_id_set,7L
-
-#define SN_set_brand "set-brand"
-#define NID_set_brand 518
-#define OBJ_set_brand OBJ_id_set,8L
-
-#define SN_setct_PANData "setct-PANData"
-#define NID_setct_PANData 519
-#define OBJ_setct_PANData OBJ_set_ctype,0L
-
-#define SN_setct_PANToken "setct-PANToken"
-#define NID_setct_PANToken 520
-#define OBJ_setct_PANToken OBJ_set_ctype,1L
-
-#define SN_setct_PANOnly "setct-PANOnly"
-#define NID_setct_PANOnly 521
-#define OBJ_setct_PANOnly OBJ_set_ctype,2L
-
-#define SN_setct_OIData "setct-OIData"
-#define NID_setct_OIData 522
-#define OBJ_setct_OIData OBJ_set_ctype,3L
-
-#define SN_setct_PI "setct-PI"
-#define NID_setct_PI 523
-#define OBJ_setct_PI OBJ_set_ctype,4L
-
-#define SN_setct_PIData "setct-PIData"
-#define NID_setct_PIData 524
-#define OBJ_setct_PIData OBJ_set_ctype,5L
-
-#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned 525
-#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
-
-#define SN_setct_HODInput "setct-HODInput"
-#define NID_setct_HODInput 526
-#define OBJ_setct_HODInput OBJ_set_ctype,7L
-
-#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage 527
-#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
-
-#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage 528
-#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
-
-#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage 529
-#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
-
-#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq 530
-#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
-
-#define SN_setct_PInitResData "setct-PInitResData"
-#define NID_setct_PInitResData 531
-#define OBJ_setct_PInitResData OBJ_set_ctype,12L
-
-#define SN_setct_PI_TBS "setct-PI-TBS"
-#define NID_setct_PI_TBS 532
-#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
-
-#define SN_setct_PResData "setct-PResData"
-#define NID_setct_PResData 533
-#define OBJ_setct_PResData OBJ_set_ctype,14L
-
-#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS 534
-#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
-
-#define SN_setct_AuthResTBS "setct-AuthResTBS"
-#define NID_setct_AuthResTBS 535
-#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
-
-#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX 536
-#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
-
-#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS 537
-#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
-
-#define SN_setct_CapTokenData "setct-CapTokenData"
-#define NID_setct_CapTokenData 538
-#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
-
-#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS 539
-#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
-
-#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg 540
-#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
-
-#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS 541
-#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
-
-#define SN_setct_AuthRevResData "setct-AuthRevResData"
-#define NID_setct_AuthRevResData 542
-#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
-
-#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS 543
-#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
-
-#define SN_setct_CapReqTBS "setct-CapReqTBS"
-#define NID_setct_CapReqTBS 544
-#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
-
-#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX 545
-#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
-
-#define SN_setct_CapResData "setct-CapResData"
-#define NID_setct_CapResData 546
-#define OBJ_setct_CapResData OBJ_set_ctype,28L
-
-#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS 547
-#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
-
-#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX 548
-#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
-
-#define SN_setct_CapRevResData "setct-CapRevResData"
-#define NID_setct_CapRevResData 549
-#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
-
-#define SN_setct_CredReqTBS "setct-CredReqTBS"
-#define NID_setct_CredReqTBS 550
-#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
-
-#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX 551
-#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
-
-#define SN_setct_CredResData "setct-CredResData"
-#define NID_setct_CredResData 552
-#define OBJ_setct_CredResData OBJ_set_ctype,34L
-
-#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS 553
-#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
-
-#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX 554
-#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
-
-#define SN_setct_CredRevResData "setct-CredRevResData"
-#define NID_setct_CredRevResData 555
-#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
-
-#define SN_setct_PCertReqData "setct-PCertReqData"
-#define NID_setct_PCertReqData 556
-#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
-
-#define SN_setct_PCertResTBS "setct-PCertResTBS"
-#define NID_setct_PCertResTBS 557
-#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
-
-#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData 558
-#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
-
-#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData 559
-#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
-
-#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS 560
-#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
-
-#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS 561
-#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
-
-#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS 562
-#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
-
-#define SN_setct_CertReqData "setct-CertReqData"
-#define NID_setct_CertReqData 563
-#define OBJ_setct_CertReqData OBJ_set_ctype,45L
-
-#define SN_setct_CertReqTBS "setct-CertReqTBS"
-#define NID_setct_CertReqTBS 564
-#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
-
-#define SN_setct_CertResData "setct-CertResData"
-#define NID_setct_CertResData 565
-#define OBJ_setct_CertResData OBJ_set_ctype,47L
-
-#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS 566
-#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
-
-#define SN_setct_ErrorTBS "setct-ErrorTBS"
-#define NID_setct_ErrorTBS 567
-#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
-
-#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE 568
-#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
-
-#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE 569
-#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
-
-#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE 570
-#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
-
-#define SN_setct_AuthResTBE "setct-AuthResTBE"
-#define NID_setct_AuthResTBE 571
-#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
-
-#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX 572
-#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
-
-#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE 573
-#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
-
-#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE 574
-#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
-
-#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX 575
-#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
-
-#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE 576
-#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
-
-#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE 577
-#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
-
-#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE 578
-#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
-
-#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB 579
-#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
-
-#define SN_setct_CapReqTBE "setct-CapReqTBE"
-#define NID_setct_CapReqTBE 580
-#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
-
-#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX 581
-#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
-
-#define SN_setct_CapResTBE "setct-CapResTBE"
-#define NID_setct_CapResTBE 582
-#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
-
-#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE 583
-#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
-
-#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX 584
-#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
-
-#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE 585
-#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
-
-#define SN_setct_CredReqTBE "setct-CredReqTBE"
-#define NID_setct_CredReqTBE 586
-#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
-
-#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX 587
-#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
-
-#define SN_setct_CredResTBE "setct-CredResTBE"
-#define NID_setct_CredResTBE 588
-#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
-
-#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE 589
-#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
-
-#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX 590
-#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
-
-#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE 591
-#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
-
-#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE 592
-#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
-
-#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE 593
-#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
-
-#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE 594
-#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
-
-#define SN_setct_CertReqTBE "setct-CertReqTBE"
-#define NID_setct_CertReqTBE 595
-#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
-
-#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX 596
-#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
-
-#define SN_setct_CertResTBE "setct-CertResTBE"
-#define NID_setct_CertResTBE 597
-#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
-
-#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS 598
-#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
-
-#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS 599
-#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
-
-#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS 600
-#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
-
-#define SN_setext_genCrypt "setext-genCrypt"
-#define LN_setext_genCrypt "generic cryptogram"
-#define NID_setext_genCrypt 601
-#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
-
-#define SN_setext_miAuth "setext-miAuth"
-#define LN_setext_miAuth "merchant initiated auth"
-#define NID_setext_miAuth 602
-#define OBJ_setext_miAuth OBJ_set_msgExt,3L
-
-#define SN_setext_pinSecure "setext-pinSecure"
-#define NID_setext_pinSecure 603
-#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
-
-#define SN_setext_pinAny "setext-pinAny"
-#define NID_setext_pinAny 604
-#define OBJ_setext_pinAny OBJ_set_msgExt,5L
-
-#define SN_setext_track2 "setext-track2"
-#define NID_setext_track2 605
-#define OBJ_setext_track2 OBJ_set_msgExt,7L
-
-#define SN_setext_cv "setext-cv"
-#define LN_setext_cv "additional verification"
-#define NID_setext_cv 606
-#define OBJ_setext_cv OBJ_set_msgExt,8L
-
-#define SN_set_policy_root "set-policy-root"
-#define NID_set_policy_root 607
-#define OBJ_set_policy_root OBJ_set_policy,0L
-
-#define SN_setCext_hashedRoot "setCext-hashedRoot"
-#define NID_setCext_hashedRoot 608
-#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
-
-#define SN_setCext_certType "setCext-certType"
-#define NID_setCext_certType 609
-#define OBJ_setCext_certType OBJ_set_certExt,1L
-
-#define SN_setCext_merchData "setCext-merchData"
-#define NID_setCext_merchData 610
-#define OBJ_setCext_merchData OBJ_set_certExt,2L
-
-#define SN_setCext_cCertRequired "setCext-cCertRequired"
-#define NID_setCext_cCertRequired 611
-#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
-
-#define SN_setCext_tunneling "setCext-tunneling"
-#define NID_setCext_tunneling 612
-#define OBJ_setCext_tunneling OBJ_set_certExt,4L
-
-#define SN_setCext_setExt "setCext-setExt"
-#define NID_setCext_setExt 613
-#define OBJ_setCext_setExt OBJ_set_certExt,5L
-
-#define SN_setCext_setQualf "setCext-setQualf"
-#define NID_setCext_setQualf 614
-#define OBJ_setCext_setQualf OBJ_set_certExt,6L
-
-#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities 615
-#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
-
-#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier 616
-#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
-
-#define SN_setCext_Track2Data "setCext-Track2Data"
-#define NID_setCext_Track2Data 617
-#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
-
-#define SN_setCext_TokenType "setCext-TokenType"
-#define NID_setCext_TokenType 618
-#define OBJ_setCext_TokenType OBJ_set_certExt,10L
-
-#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities 619
-#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
-
-#define SN_setAttr_Cert "setAttr-Cert"
-#define NID_setAttr_Cert 620
-#define OBJ_setAttr_Cert OBJ_set_attr,0L
-
-#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
-#define LN_setAttr_PGWYcap "payment gateway capabilities"
-#define NID_setAttr_PGWYcap 621
-#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
-
-#define SN_setAttr_TokenType "setAttr-TokenType"
-#define NID_setAttr_TokenType 622
-#define OBJ_setAttr_TokenType OBJ_set_attr,2L
-
-#define SN_setAttr_IssCap "setAttr-IssCap"
-#define LN_setAttr_IssCap "issuer capabilities"
-#define NID_setAttr_IssCap 623
-#define OBJ_setAttr_IssCap OBJ_set_attr,3L
-
-#define SN_set_rootKeyThumb "set-rootKeyThumb"
-#define NID_set_rootKeyThumb 624
-#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
-
-#define SN_set_addPolicy "set-addPolicy"
-#define NID_set_addPolicy 625
-#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
-
-#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV 626
-#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
-
-#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime 627
-#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
-
-#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM 628
-#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
-
-#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2 629
-#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
-
-#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig 630
-#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
-
-#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
-#define LN_setAttr_GenCryptgrm "generate cryptogram"
-#define NID_setAttr_GenCryptgrm 631
-#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
-
-#define SN_setAttr_T2Enc "setAttr-T2Enc"
-#define LN_setAttr_T2Enc "encrypted track 2"
-#define NID_setAttr_T2Enc 632
-#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
-
-#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
-#define LN_setAttr_T2cleartxt "cleartext track 2"
-#define NID_setAttr_T2cleartxt 633
-#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
-
-#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
-#define LN_setAttr_TokICCsig "ICC or token signature"
-#define NID_setAttr_TokICCsig 634
-#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
-
-#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
-#define LN_setAttr_SecDevSig "secure device signature"
-#define NID_setAttr_SecDevSig 635
-#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
-
-#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA 636
-#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
-
-#define SN_set_brand_Diners "set-brand-Diners"
-#define NID_set_brand_Diners 637
-#define OBJ_set_brand_Diners OBJ_set_brand,30L
-
-#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress 638
-#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
-
-#define SN_set_brand_JCB "set-brand-JCB"
-#define NID_set_brand_JCB 639
-#define OBJ_set_brand_JCB OBJ_set_brand,35L
-
-#define SN_set_brand_Visa "set-brand-Visa"
-#define NID_set_brand_Visa 640
-#define OBJ_set_brand_Visa OBJ_set_brand,4L
-
-#define SN_set_brand_MasterCard "set-brand-MasterCard"
-#define NID_set_brand_MasterCard 641
-#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
-
-#define SN_set_brand_Novus "set-brand-Novus"
-#define NID_set_brand_Novus 642
-#define OBJ_set_brand_Novus OBJ_set_brand,6011L
-
-#define SN_des_cdmf "DES-CDMF"
-#define LN_des_cdmf "des-cdmf"
-#define NID_des_cdmf 643
-#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
-
-#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET 644
-#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
+#define SN_inhibit_any_policy "inhibitAnyPolicy"
+#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
+#define NID_inhibit_any_policy 748
+#define OBJ_inhibit_any_policy 2L, 5L, 29L, 54L
#define SN_ipsec3 "Oakley-EC2N-3"
#define LN_ipsec3 "ipsec3"
@@ -3676,301 +3309,50 @@
#define LN_ipsec4 "ipsec4"
#define NID_ipsec4 750
-#define SN_whirlpool "whirlpool"
-#define NID_whirlpool 804
-#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L
-
-#define SN_cryptopro "cryptopro"
-#define NID_cryptopro 805
-#define OBJ_cryptopro OBJ_member_body,643L,2L,2L
-
-#define SN_cryptocom "cryptocom"
-#define NID_cryptocom 806
-#define OBJ_cryptocom OBJ_member_body,643L,2L,9L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001"
-#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001"
-#define NID_id_GostR3411_94_with_GostR3410_2001 807
-#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
-#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94"
-#define NID_id_GostR3411_94_with_GostR3410_94 808
-#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L
-
-#define SN_id_GostR3411_94 "md_gost94"
-#define LN_id_GostR3411_94 "GOST R 34.11-94"
-#define NID_id_GostR3411_94 809
-#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L
-
-#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
-#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
-#define NID_id_HMACGostR3411_94 810
-#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L
-
-#define SN_id_GostR3410_2001 "gost2001"
-#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
-#define NID_id_GostR3410_2001 811
-#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L
-
-#define SN_id_GostR3410_94 "gost94"
-#define LN_id_GostR3410_94 "GOST R 34.10-94"
-#define NID_id_GostR3410_94 812
-#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L
-
-#define SN_id_Gost28147_89 "gost89"
-#define LN_id_Gost28147_89 "GOST 28147-89"
-#define NID_id_Gost28147_89 813
-#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L
-
-#define SN_gost89_cnt "gost89-cnt"
-#define NID_gost89_cnt 814
-
-#define SN_id_Gost28147_89_MAC "gost-mac"
-#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
-#define NID_id_Gost28147_89_MAC 815
-#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L
-
-#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
-#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
-#define NID_id_GostR3411_94_prf 816
-#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L
-
-#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
-#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
-#define NID_id_GostR3410_2001DH 817
-#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L
-
-#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
-#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
-#define NID_id_GostR3410_94DH 818
-#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L
-
-#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing"
-#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
-#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L
-
-#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
-#define NID_id_Gost28147_89_None_KeyMeshing 820
-#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L
-
-#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
-#define NID_id_GostR3411_94_TestParamSet 821
-#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L
-
-#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
-#define NID_id_GostR3411_94_CryptoProParamSet 822
-#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L
-
-#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
-#define NID_id_Gost28147_89_TestParamSet 823
-#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L
-
-#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
-#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L
-
-#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
-#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L
-
-#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
-#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L
-
-#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
-#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L
-
-#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
-#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L
-
-#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
-#define NID_id_GostR3410_94_TestParamSet 831
-#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L
-
-#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
-#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
-#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L
-
-#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
-#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L
-
-#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
-#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L
-
-#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
-#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L
-
-#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
-#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
-#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L
-
-#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
-#define NID_id_GostR3410_2001_TestParamSet 839
-#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
-#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L
-
-#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
-#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L
-
-#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
-#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
-#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
-#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L
-
-#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
-#define NID_id_GostR3410_94_a 845
-#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L
-
-#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
-#define NID_id_GostR3410_94_aBis 846
-#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L
-
-#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
-#define NID_id_GostR3410_94_b 847
-#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L
-
-#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
-#define NID_id_GostR3410_94_bBis 848
-#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L
-
-#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
-#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
-#define NID_id_Gost28147_89_cc 849
-#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L
-
-#define SN_id_GostR3410_94_cc "gost94cc"
-#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
-#define NID_id_GostR3410_94_cc 850
-#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L
-
-#define SN_id_GostR3410_2001_cc "gost2001cc"
-#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
-#define NID_id_GostR3410_2001_cc 851
-#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L
-
-#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc"
-#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
-#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc"
-#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
-#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L
-
-#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
-#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom"
-#define NID_id_GostR3410_2001_ParamSet_cc 854
-#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L
-
#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
#define LN_camellia_128_cbc "camellia-128-cbc"
#define NID_camellia_128_cbc 751
-#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L
+#define OBJ_camellia_128_cbc 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 1L, 2L
#define SN_camellia_192_cbc "CAMELLIA-192-CBC"
#define LN_camellia_192_cbc "camellia-192-cbc"
#define NID_camellia_192_cbc 752
-#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L
+#define OBJ_camellia_192_cbc 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 1L, 3L
#define SN_camellia_256_cbc "CAMELLIA-256-CBC"
#define LN_camellia_256_cbc "camellia-256-cbc"
#define NID_camellia_256_cbc 753
-#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
-
-#define SN_id_camellia128_wrap "id-camellia128-wrap"
-#define NID_id_camellia128_wrap 907
-#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
-
-#define SN_id_camellia192_wrap "id-camellia192-wrap"
-#define NID_id_camellia192_wrap 908
-#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
-
-#define SN_id_camellia256_wrap "id-camellia256-wrap"
-#define NID_id_camellia256_wrap 909
-#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
-
-#define OBJ_ntt_ds 0L,3L,4401L,5L
-
-#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
+#define OBJ_camellia_256_cbc 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 1L, 4L
#define SN_camellia_128_ecb "CAMELLIA-128-ECB"
#define LN_camellia_128_ecb "camellia-128-ecb"
#define NID_camellia_128_ecb 754
-#define OBJ_camellia_128_ecb OBJ_camellia,1L
-
-#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
-#define LN_camellia_128_ofb128 "camellia-128-ofb"
-#define NID_camellia_128_ofb128 766
-#define OBJ_camellia_128_ofb128 OBJ_camellia,3L
-
-#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
-#define LN_camellia_128_cfb128 "camellia-128-cfb"
-#define NID_camellia_128_cfb128 757
-#define OBJ_camellia_128_cfb128 OBJ_camellia,4L
+#define OBJ_camellia_128_ecb 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 1L
#define SN_camellia_192_ecb "CAMELLIA-192-ECB"
#define LN_camellia_192_ecb "camellia-192-ecb"
#define NID_camellia_192_ecb 755
-#define OBJ_camellia_192_ecb OBJ_camellia,21L
-
-#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
-#define LN_camellia_192_ofb128 "camellia-192-ofb"
-#define NID_camellia_192_ofb128 767
-#define OBJ_camellia_192_ofb128 OBJ_camellia,23L
-
-#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
-#define LN_camellia_192_cfb128 "camellia-192-cfb"
-#define NID_camellia_192_cfb128 758
-#define OBJ_camellia_192_cfb128 OBJ_camellia,24L
+#define OBJ_camellia_192_ecb 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 21L
#define SN_camellia_256_ecb "CAMELLIA-256-ECB"
#define LN_camellia_256_ecb "camellia-256-ecb"
#define NID_camellia_256_ecb 756
-#define OBJ_camellia_256_ecb OBJ_camellia,41L
+#define OBJ_camellia_256_ecb 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 41L
-#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
-#define LN_camellia_256_ofb128 "camellia-256-ofb"
-#define NID_camellia_256_ofb128 768
-#define OBJ_camellia_256_ofb128 OBJ_camellia,43L
+#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
+#define LN_camellia_128_cfb128 "camellia-128-cfb"
+#define NID_camellia_128_cfb128 757
+#define OBJ_camellia_128_cfb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 4L
+
+#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
+#define LN_camellia_192_cfb128 "camellia-192-cfb"
+#define NID_camellia_192_cfb128 758
+#define OBJ_camellia_192_cfb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 24L
#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB"
#define LN_camellia_256_cfb128 "camellia-256-cfb"
#define NID_camellia_256_cfb128 759
-#define OBJ_camellia_256_cfb128 OBJ_camellia,44L
+#define OBJ_camellia_256_cfb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 44L
#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1"
#define LN_camellia_128_cfb1 "camellia-128-cfb1"
@@ -3996,39 +3378,673 @@
#define LN_camellia_256_cfb8 "camellia-256-cfb8"
#define NID_camellia_256_cfb8 765
+#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
+#define LN_camellia_128_ofb128 "camellia-128-ofb"
+#define NID_camellia_128_ofb128 766
+#define OBJ_camellia_128_ofb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 3L
+
+#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
+#define LN_camellia_192_ofb128 "camellia-192-ofb"
+#define NID_camellia_192_ofb128 767
+#define OBJ_camellia_192_ofb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 23L
+
+#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
+#define LN_camellia_256_ofb128 "camellia-256-ofb"
+#define NID_camellia_256_ofb128 768
+#define OBJ_camellia_256_ofb128 0L, 3L, 4401L, 5L, 3L, 1L, 9L, 43L
+
+#define SN_subject_directory_attributes "subjectDirectoryAttributes"
+#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
+#define NID_subject_directory_attributes 769
+#define OBJ_subject_directory_attributes 2L, 5L, 29L, 9L
+
+#define SN_issuing_distribution_point "issuingDistributionPoint"
+#define LN_issuing_distribution_point "X509v3 Issuing Distribution Point"
+#define NID_issuing_distribution_point 770
+#define OBJ_issuing_distribution_point 2L, 5L, 29L, 28L
+
+#define SN_certificate_issuer "certificateIssuer"
+#define LN_certificate_issuer "X509v3 Certificate Issuer"
+#define NID_certificate_issuer 771
+#define OBJ_certificate_issuer 2L, 5L, 29L, 29L
+
#define SN_kisa "KISA"
#define LN_kisa "kisa"
#define NID_kisa 773
-#define OBJ_kisa OBJ_member_body,410L,200004L
+#define OBJ_kisa 1L, 2L, 410L, 200004L
#define SN_seed_ecb "SEED-ECB"
#define LN_seed_ecb "seed-ecb"
#define NID_seed_ecb 776
-#define OBJ_seed_ecb OBJ_kisa,1L,3L
+#define OBJ_seed_ecb 1L, 2L, 410L, 200004L, 1L, 3L
#define SN_seed_cbc "SEED-CBC"
#define LN_seed_cbc "seed-cbc"
#define NID_seed_cbc 777
-#define OBJ_seed_cbc OBJ_kisa,1L,4L
-
-#define SN_seed_cfb128 "SEED-CFB"
-#define LN_seed_cfb128 "seed-cfb"
-#define NID_seed_cfb128 779
-#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
+#define OBJ_seed_cbc 1L, 2L, 410L, 200004L, 1L, 4L
#define SN_seed_ofb128 "SEED-OFB"
#define LN_seed_ofb128 "seed-ofb"
#define NID_seed_ofb128 778
-#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
+#define OBJ_seed_ofb128 1L, 2L, 410L, 200004L, 1L, 6L
+
+#define SN_seed_cfb128 "SEED-CFB"
+#define LN_seed_cfb128 "seed-cfb"
+#define NID_seed_cfb128 779
+#define OBJ_seed_cfb128 1L, 2L, 410L, 200004L, 1L, 5L
+
+#define SN_hmac_md5 "HMAC-MD5"
+#define LN_hmac_md5 "hmac-md5"
+#define NID_hmac_md5 780
+#define OBJ_hmac_md5 1L, 3L, 6L, 1L, 5L, 5L, 8L, 1L, 1L
+
+#define SN_hmac_sha1 "HMAC-SHA1"
+#define LN_hmac_sha1 "hmac-sha1"
+#define NID_hmac_sha1 781
+#define OBJ_hmac_sha1 1L, 3L, 6L, 1L, 5L, 5L, 8L, 1L, 2L
+
+#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC"
+#define LN_id_PasswordBasedMAC "password based MAC"
+#define NID_id_PasswordBasedMAC 782
+#define OBJ_id_PasswordBasedMAC 1L, 2L, 840L, 113533L, 7L, 66L, 13L
+
+#define SN_id_DHBasedMac "id-DHBasedMac"
+#define LN_id_DHBasedMac "Diffie-Hellman based MAC"
+#define NID_id_DHBasedMac 783
+#define OBJ_id_DHBasedMac 1L, 2L, 840L, 113533L, 7L, 66L, 30L
+
+#define SN_id_it_suppLangTags "id-it-suppLangTags"
+#define NID_id_it_suppLangTags 784
+#define OBJ_id_it_suppLangTags 1L, 3L, 6L, 1L, 5L, 5L, 7L, 4L, 16L
+
+#define SN_caRepository "caRepository"
+#define LN_caRepository "CA Repository"
+#define NID_caRepository 785
+#define OBJ_caRepository 1L, 3L, 6L, 1L, 5L, 5L, 7L, 48L, 5L
+
+#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData"
+#define NID_id_smime_ct_compressedData 786
+#define OBJ_id_smime_ct_compressedData \
+ 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 9L
+
+#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF 787
+#define OBJ_id_ct_asciiTextWithCRLF 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 1L, 27L
+
+#define SN_id_aes128_wrap "id-aes128-wrap"
+#define NID_id_aes128_wrap 788
+#define OBJ_id_aes128_wrap 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 5L
+
+#define SN_id_aes192_wrap "id-aes192-wrap"
+#define NID_id_aes192_wrap 789
+#define OBJ_id_aes192_wrap 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 25L
+
+#define SN_id_aes256_wrap "id-aes256-wrap"
+#define NID_id_aes256_wrap 790
+#define OBJ_id_aes256_wrap 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 45L
+
+#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
+#define NID_ecdsa_with_Recommended 791
+#define OBJ_ecdsa_with_Recommended 1L, 2L, 840L, 10045L, 4L, 2L
+
+#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
+#define NID_ecdsa_with_Specified 792
+#define OBJ_ecdsa_with_Specified 1L, 2L, 840L, 10045L, 4L, 3L
+
+#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
+#define NID_ecdsa_with_SHA224 793
+#define OBJ_ecdsa_with_SHA224 1L, 2L, 840L, 10045L, 4L, 3L, 1L
+
+#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
+#define NID_ecdsa_with_SHA256 794
+#define OBJ_ecdsa_with_SHA256 1L, 2L, 840L, 10045L, 4L, 3L, 2L
+
+#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
+#define NID_ecdsa_with_SHA384 795
+#define OBJ_ecdsa_with_SHA384 1L, 2L, 840L, 10045L, 4L, 3L, 3L
+
+#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
+#define NID_ecdsa_with_SHA512 796
+#define OBJ_ecdsa_with_SHA512 1L, 2L, 840L, 10045L, 4L, 3L, 4L
+
+#define LN_hmacWithMD5 "hmacWithMD5"
+#define NID_hmacWithMD5 797
+#define OBJ_hmacWithMD5 1L, 2L, 840L, 113549L, 2L, 6L
+
+#define LN_hmacWithSHA224 "hmacWithSHA224"
+#define NID_hmacWithSHA224 798
+#define OBJ_hmacWithSHA224 1L, 2L, 840L, 113549L, 2L, 8L
+
+#define LN_hmacWithSHA256 "hmacWithSHA256"
+#define NID_hmacWithSHA256 799
+#define OBJ_hmacWithSHA256 1L, 2L, 840L, 113549L, 2L, 9L
+
+#define LN_hmacWithSHA384 "hmacWithSHA384"
+#define NID_hmacWithSHA384 800
+#define OBJ_hmacWithSHA384 1L, 2L, 840L, 113549L, 2L, 10L
+
+#define LN_hmacWithSHA512 "hmacWithSHA512"
+#define NID_hmacWithSHA512 801
+#define OBJ_hmacWithSHA512 1L, 2L, 840L, 113549L, 2L, 11L
+
+#define SN_dsa_with_SHA224 "dsa_with_SHA224"
+#define NID_dsa_with_SHA224 802
+#define OBJ_dsa_with_SHA224 2L, 16L, 840L, 1L, 101L, 3L, 4L, 3L, 1L
+
+#define SN_dsa_with_SHA256 "dsa_with_SHA256"
+#define NID_dsa_with_SHA256 803
+#define OBJ_dsa_with_SHA256 2L, 16L, 840L, 1L, 101L, 3L, 4L, 3L, 2L
+
+#define SN_whirlpool "whirlpool"
+#define NID_whirlpool 804
+#define OBJ_whirlpool 1L, 0L, 10118L, 3L, 0L, 55L
+
+#define SN_cryptopro "cryptopro"
+#define NID_cryptopro 805
+#define OBJ_cryptopro 1L, 2L, 643L, 2L, 2L
+
+#define SN_cryptocom "cryptocom"
+#define NID_cryptocom 806
+#define OBJ_cryptocom 1L, 2L, 643L, 2L, 9L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001 \
+ "id-GostR3411-94-with-GostR3410-2001"
+#define LN_id_GostR3411_94_with_GostR3410_2001 \
+ "GOST R 34.11-94 with GOST R 34.10-2001"
+#define NID_id_GostR3411_94_with_GostR3410_2001 807
+#define OBJ_id_GostR3411_94_with_GostR3410_2001 1L, 2L, 643L, 2L, 2L, 3L
+
+#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
+#define LN_id_GostR3411_94_with_GostR3410_94 \
+ "GOST R 34.11-94 with GOST R 34.10-94"
+#define NID_id_GostR3411_94_with_GostR3410_94 808
+#define OBJ_id_GostR3411_94_with_GostR3410_94 1L, 2L, 643L, 2L, 2L, 4L
+
+#define SN_id_GostR3411_94 "md_gost94"
+#define LN_id_GostR3411_94 "GOST R 34.11-94"
+#define NID_id_GostR3411_94 809
+#define OBJ_id_GostR3411_94 1L, 2L, 643L, 2L, 2L, 9L
+
+#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
+#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
+#define NID_id_HMACGostR3411_94 810
+#define OBJ_id_HMACGostR3411_94 1L, 2L, 643L, 2L, 2L, 10L
+
+#define SN_id_GostR3410_2001 "gost2001"
+#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
+#define NID_id_GostR3410_2001 811
+#define OBJ_id_GostR3410_2001 1L, 2L, 643L, 2L, 2L, 19L
+
+#define SN_id_GostR3410_94 "gost94"
+#define LN_id_GostR3410_94 "GOST R 34.10-94"
+#define NID_id_GostR3410_94 812
+#define OBJ_id_GostR3410_94 1L, 2L, 643L, 2L, 2L, 20L
+
+#define SN_id_Gost28147_89 "gost89"
+#define LN_id_Gost28147_89 "GOST 28147-89"
+#define NID_id_Gost28147_89 813
+#define OBJ_id_Gost28147_89 1L, 2L, 643L, 2L, 2L, 21L
+
+#define SN_gost89_cnt "gost89-cnt"
+#define NID_gost89_cnt 814
+
+#define SN_id_Gost28147_89_MAC "gost-mac"
+#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
+#define NID_id_Gost28147_89_MAC 815
+#define OBJ_id_Gost28147_89_MAC 1L, 2L, 643L, 2L, 2L, 22L
+
+#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
+#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
+#define NID_id_GostR3411_94_prf 816
+#define OBJ_id_GostR3411_94_prf 1L, 2L, 643L, 2L, 2L, 23L
+
+#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
+#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
+#define NID_id_GostR3410_2001DH 817
+#define OBJ_id_GostR3410_2001DH 1L, 2L, 643L, 2L, 2L, 98L
+
+#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
+#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
+#define NID_id_GostR3410_94DH 818
+#define OBJ_id_GostR3410_94DH 1L, 2L, 643L, 2L, 2L, 99L
+
+#define SN_id_Gost28147_89_CryptoPro_KeyMeshing \
+ "id-Gost28147-89-CryptoPro-KeyMeshing"
+#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
+#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1L, 2L, 643L, 2L, 2L, 14L, 1L
+
+#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
+#define NID_id_Gost28147_89_None_KeyMeshing 820
+#define OBJ_id_Gost28147_89_None_KeyMeshing 1L, 2L, 643L, 2L, 2L, 14L, 0L
+
+#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
+#define NID_id_GostR3411_94_TestParamSet 821
+#define OBJ_id_GostR3411_94_TestParamSet 1L, 2L, 643L, 2L, 2L, 30L, 0L
+
+#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
+#define NID_id_GostR3411_94_CryptoProParamSet 822
+#define OBJ_id_GostR3411_94_CryptoProParamSet 1L, 2L, 643L, 2L, 2L, 30L, 1L
+
+#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
+#define NID_id_Gost28147_89_TestParamSet 823
+#define OBJ_id_Gost28147_89_TestParamSet 1L, 2L, 643L, 2L, 2L, 31L, 0L
+
+#define SN_id_Gost28147_89_CryptoPro_A_ParamSet \
+ "id-Gost28147-89-CryptoPro-A-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
+#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1L, 2L, 643L, 2L, 2L, 31L, 1L
+
+#define SN_id_Gost28147_89_CryptoPro_B_ParamSet \
+ "id-Gost28147-89-CryptoPro-B-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
+#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1L, 2L, 643L, 2L, 2L, 31L, 2L
+
+#define SN_id_Gost28147_89_CryptoPro_C_ParamSet \
+ "id-Gost28147-89-CryptoPro-C-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
+#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1L, 2L, 643L, 2L, 2L, 31L, 3L
+
+#define SN_id_Gost28147_89_CryptoPro_D_ParamSet \
+ "id-Gost28147-89-CryptoPro-D-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
+#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1L, 2L, 643L, 2L, 2L, 31L, 4L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet \
+ "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 31L, 5L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet \
+ "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 31L, 6L
+
+#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet \
+ "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
+#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 31L, 7L
+
+#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
+#define NID_id_GostR3410_94_TestParamSet 831
+#define OBJ_id_GostR3410_94_TestParamSet 1L, 2L, 643L, 2L, 2L, 32L, 0L
+
+#define SN_id_GostR3410_94_CryptoPro_A_ParamSet \
+ "id-GostR3410-94-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
+#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1L, 2L, 643L, 2L, 2L, 32L, 2L
+
+#define SN_id_GostR3410_94_CryptoPro_B_ParamSet \
+ "id-GostR3410-94-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
+#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1L, 2L, 643L, 2L, 2L, 32L, 3L
+
+#define SN_id_GostR3410_94_CryptoPro_C_ParamSet \
+ "id-GostR3410-94-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
+#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1L, 2L, 643L, 2L, 2L, 32L, 4L
+
+#define SN_id_GostR3410_94_CryptoPro_D_ParamSet \
+ "id-GostR3410-94-CryptoPro-D-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
+#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1L, 2L, 643L, 2L, 2L, 32L, 5L
+
+#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet \
+ "id-GostR3410-94-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
+#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 33L, 1L
+
+#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet \
+ "id-GostR3410-94-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
+#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 33L, 2L
+
+#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet \
+ "id-GostR3410-94-CryptoPro-XchC-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
+#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 33L, 3L
+
+#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
+#define NID_id_GostR3410_2001_TestParamSet 839
+#define OBJ_id_GostR3410_2001_TestParamSet 1L, 2L, 643L, 2L, 2L, 35L, 0L
+
+#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet \
+ "id-GostR3410-2001-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
+#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1L, 2L, 643L, 2L, 2L, 35L, 1L
+
+#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet \
+ "id-GostR3410-2001-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
+#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1L, 2L, 643L, 2L, 2L, 35L, 2L
+
+#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet \
+ "id-GostR3410-2001-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
+#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1L, 2L, 643L, 2L, 2L, 35L, 3L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet \
+ "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
+#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 36L, 0L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet \
+ "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
+#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet \
+ 1L, 2L, 643L, 2L, 2L, 36L, 1L
+
+#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
+#define NID_id_GostR3410_94_a 845
+#define OBJ_id_GostR3410_94_a 1L, 2L, 643L, 2L, 2L, 20L, 1L
+
+#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
+#define NID_id_GostR3410_94_aBis 846
+#define OBJ_id_GostR3410_94_aBis 1L, 2L, 643L, 2L, 2L, 20L, 2L
+
+#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
+#define NID_id_GostR3410_94_b 847
+#define OBJ_id_GostR3410_94_b 1L, 2L, 643L, 2L, 2L, 20L, 3L
+
+#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
+#define NID_id_GostR3410_94_bBis 848
+#define OBJ_id_GostR3410_94_bBis 1L, 2L, 643L, 2L, 2L, 20L, 4L
+
+#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
+#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
+#define NID_id_Gost28147_89_cc 849
+#define OBJ_id_Gost28147_89_cc 1L, 2L, 643L, 2L, 9L, 1L, 6L, 1L
+
+#define SN_id_GostR3410_94_cc "gost94cc"
+#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
+#define NID_id_GostR3410_94_cc 850
+#define OBJ_id_GostR3410_94_cc 1L, 2L, 643L, 2L, 9L, 1L, 5L, 3L
+
+#define SN_id_GostR3410_2001_cc "gost2001cc"
+#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
+#define NID_id_GostR3410_2001_cc 851
+#define OBJ_id_GostR3410_2001_cc 1L, 2L, 643L, 2L, 9L, 1L, 5L, 4L
+
+#define SN_id_GostR3411_94_with_GostR3410_94_cc \
+ "id-GostR3411-94-with-GostR3410-94-cc"
+#define LN_id_GostR3411_94_with_GostR3410_94_cc \
+ "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
+#define OBJ_id_GostR3411_94_with_GostR3410_94_cc \
+ 1L, 2L, 643L, 2L, 9L, 1L, 3L, 3L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001_cc \
+ "id-GostR3411-94-with-GostR3410-2001-cc"
+#define LN_id_GostR3411_94_with_GostR3410_2001_cc \
+ "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
+#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc \
+ 1L, 2L, 643L, 2L, 9L, 1L, 3L, 4L
+
+#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
+#define LN_id_GostR3410_2001_ParamSet_cc \
+ "GOST R 3410-2001 Parameter Set Cryptocom"
+#define NID_id_GostR3410_2001_ParamSet_cc 854
+#define OBJ_id_GostR3410_2001_ParamSet_cc 1L, 2L, 643L, 2L, 9L, 1L, 8L, 1L
#define SN_hmac "HMAC"
#define LN_hmac "hmac"
#define NID_hmac 855
+#define SN_LocalKeySet "LocalKeySet"
+#define LN_LocalKeySet "Microsoft Local Key set"
+#define NID_LocalKeySet 856
+#define OBJ_LocalKeySet 1L, 3L, 6L, 1L, 4L, 1L, 311L, 17L, 2L
+
+#define SN_freshest_crl "freshestCRL"
+#define LN_freshest_crl "X509v3 Freshest CRL"
+#define NID_freshest_crl 857
+#define OBJ_freshest_crl 2L, 5L, 29L, 46L
+
+#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
+#define LN_id_on_permanentIdentifier "Permanent Identifier"
+#define NID_id_on_permanentIdentifier 858
+#define OBJ_id_on_permanentIdentifier 1L, 3L, 6L, 1L, 5L, 5L, 7L, 8L, 3L
+
+#define LN_searchGuide "searchGuide"
+#define NID_searchGuide 859
+#define OBJ_searchGuide 2L, 5L, 4L, 14L
+
+#define LN_businessCategory "businessCategory"
+#define NID_businessCategory 860
+#define OBJ_businessCategory 2L, 5L, 4L, 15L
+
+#define LN_postalAddress "postalAddress"
+#define NID_postalAddress 861
+#define OBJ_postalAddress 2L, 5L, 4L, 16L
+
+#define LN_postOfficeBox "postOfficeBox"
+#define NID_postOfficeBox 862
+#define OBJ_postOfficeBox 2L, 5L, 4L, 18L
+
+#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
+#define NID_physicalDeliveryOfficeName 863
+#define OBJ_physicalDeliveryOfficeName 2L, 5L, 4L, 19L
+
+#define LN_telephoneNumber "telephoneNumber"
+#define NID_telephoneNumber 864
+#define OBJ_telephoneNumber 2L, 5L, 4L, 20L
+
+#define LN_telexNumber "telexNumber"
+#define NID_telexNumber 865
+#define OBJ_telexNumber 2L, 5L, 4L, 21L
+
+#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
+#define NID_teletexTerminalIdentifier 866
+#define OBJ_teletexTerminalIdentifier 2L, 5L, 4L, 22L
+
+#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
+#define NID_facsimileTelephoneNumber 867
+#define OBJ_facsimileTelephoneNumber 2L, 5L, 4L, 23L
+
+#define LN_x121Address "x121Address"
+#define NID_x121Address 868
+#define OBJ_x121Address 2L, 5L, 4L, 24L
+
+#define LN_internationaliSDNNumber "internationaliSDNNumber"
+#define NID_internationaliSDNNumber 869
+#define OBJ_internationaliSDNNumber 2L, 5L, 4L, 25L
+
+#define LN_registeredAddress "registeredAddress"
+#define NID_registeredAddress 870
+#define OBJ_registeredAddress 2L, 5L, 4L, 26L
+
+#define LN_destinationIndicator "destinationIndicator"
+#define NID_destinationIndicator 871
+#define OBJ_destinationIndicator 2L, 5L, 4L, 27L
+
+#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
+#define NID_preferredDeliveryMethod 872
+#define OBJ_preferredDeliveryMethod 2L, 5L, 4L, 28L
+
+#define LN_presentationAddress "presentationAddress"
+#define NID_presentationAddress 873
+#define OBJ_presentationAddress 2L, 5L, 4L, 29L
+
+#define LN_supportedApplicationContext "supportedApplicationContext"
+#define NID_supportedApplicationContext 874
+#define OBJ_supportedApplicationContext 2L, 5L, 4L, 30L
+
+#define SN_member "member"
+#define NID_member 875
+#define OBJ_member 2L, 5L, 4L, 31L
+
+#define SN_owner "owner"
+#define NID_owner 876
+#define OBJ_owner 2L, 5L, 4L, 32L
+
+#define LN_roleOccupant "roleOccupant"
+#define NID_roleOccupant 877
+#define OBJ_roleOccupant 2L, 5L, 4L, 33L
+
+#define SN_seeAlso "seeAlso"
+#define NID_seeAlso 878
+#define OBJ_seeAlso 2L, 5L, 4L, 34L
+
+#define LN_userPassword "userPassword"
+#define NID_userPassword 879
+#define OBJ_userPassword 2L, 5L, 4L, 35L
+
+#define LN_userCertificate "userCertificate"
+#define NID_userCertificate 880
+#define OBJ_userCertificate 2L, 5L, 4L, 36L
+
+#define LN_cACertificate "cACertificate"
+#define NID_cACertificate 881
+#define OBJ_cACertificate 2L, 5L, 4L, 37L
+
+#define LN_authorityRevocationList "authorityRevocationList"
+#define NID_authorityRevocationList 882
+#define OBJ_authorityRevocationList 2L, 5L, 4L, 38L
+
+#define LN_certificateRevocationList "certificateRevocationList"
+#define NID_certificateRevocationList 883
+#define OBJ_certificateRevocationList 2L, 5L, 4L, 39L
+
+#define LN_crossCertificatePair "crossCertificatePair"
+#define NID_crossCertificatePair 884
+#define OBJ_crossCertificatePair 2L, 5L, 4L, 40L
+
+#define LN_enhancedSearchGuide "enhancedSearchGuide"
+#define NID_enhancedSearchGuide 885
+#define OBJ_enhancedSearchGuide 2L, 5L, 4L, 47L
+
+#define LN_protocolInformation "protocolInformation"
+#define NID_protocolInformation 886
+#define OBJ_protocolInformation 2L, 5L, 4L, 48L
+
+#define LN_distinguishedName "distinguishedName"
+#define NID_distinguishedName 887
+#define OBJ_distinguishedName 2L, 5L, 4L, 49L
+
+#define LN_uniqueMember "uniqueMember"
+#define NID_uniqueMember 888
+#define OBJ_uniqueMember 2L, 5L, 4L, 50L
+
+#define LN_houseIdentifier "houseIdentifier"
+#define NID_houseIdentifier 889
+#define OBJ_houseIdentifier 2L, 5L, 4L, 51L
+
+#define LN_supportedAlgorithms "supportedAlgorithms"
+#define NID_supportedAlgorithms 890
+#define OBJ_supportedAlgorithms 2L, 5L, 4L, 52L
+
+#define LN_deltaRevocationList "deltaRevocationList"
+#define NID_deltaRevocationList 891
+#define OBJ_deltaRevocationList 2L, 5L, 4L, 53L
+
+#define SN_dmdName "dmdName"
+#define NID_dmdName 892
+#define OBJ_dmdName 2L, 5L, 4L, 54L
+
+#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK 893
+#define OBJ_id_alg_PWRI_KEK 1L, 2L, 840L, 113549L, 1L, 9L, 16L, 3L, 9L
+
#define SN_cmac "CMAC"
#define LN_cmac "cmac"
#define NID_cmac 894
+#define SN_aes_128_gcm "id-aes128-GCM"
+#define LN_aes_128_gcm "aes-128-gcm"
+#define NID_aes_128_gcm 895
+#define OBJ_aes_128_gcm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 6L
+
+#define SN_aes_128_ccm "id-aes128-CCM"
+#define LN_aes_128_ccm "aes-128-ccm"
+#define NID_aes_128_ccm 896
+#define OBJ_aes_128_ccm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 7L
+
+#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad 897
+#define OBJ_id_aes128_wrap_pad 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 8L
+
+#define SN_aes_192_gcm "id-aes192-GCM"
+#define LN_aes_192_gcm "aes-192-gcm"
+#define NID_aes_192_gcm 898
+#define OBJ_aes_192_gcm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 26L
+
+#define SN_aes_192_ccm "id-aes192-CCM"
+#define LN_aes_192_ccm "aes-192-ccm"
+#define NID_aes_192_ccm 899
+#define OBJ_aes_192_ccm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 27L
+
+#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad 900
+#define OBJ_id_aes192_wrap_pad 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 28L
+
+#define SN_aes_256_gcm "id-aes256-GCM"
+#define LN_aes_256_gcm "aes-256-gcm"
+#define NID_aes_256_gcm 901
+#define OBJ_aes_256_gcm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 46L
+
+#define SN_aes_256_ccm "id-aes256-CCM"
+#define LN_aes_256_ccm "aes-256-ccm"
+#define NID_aes_256_ccm 902
+#define OBJ_aes_256_ccm 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 47L
+
+#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad 903
+#define OBJ_id_aes256_wrap_pad 2L, 16L, 840L, 1L, 101L, 3L, 4L, 1L, 48L
+
+#define SN_aes_128_ctr "AES-128-CTR"
+#define LN_aes_128_ctr "aes-128-ctr"
+#define NID_aes_128_ctr 904
+
+#define SN_aes_192_ctr "AES-192-CTR"
+#define LN_aes_192_ctr "aes-192-ctr"
+#define NID_aes_192_ctr 905
+
+#define SN_aes_256_ctr "AES-256-CTR"
+#define LN_aes_256_ctr "aes-256-ctr"
+#define NID_aes_256_ctr 906
+
+#define SN_id_camellia128_wrap "id-camellia128-wrap"
+#define NID_id_camellia128_wrap 907
+#define OBJ_id_camellia128_wrap 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 3L, 2L
+
+#define SN_id_camellia192_wrap "id-camellia192-wrap"
+#define NID_id_camellia192_wrap 908
+#define OBJ_id_camellia192_wrap 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 3L, 3L
+
+#define SN_id_camellia256_wrap "id-camellia256-wrap"
+#define NID_id_camellia256_wrap 909
+#define OBJ_id_camellia256_wrap 1L, 2L, 392L, 200011L, 61L, 1L, 1L, 3L, 4L
+
+#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage 910
+#define OBJ_anyExtendedKeyUsage 2L, 5L, 29L, 37L, 0L
+
+#define SN_mgf1 "MGF1"
+#define LN_mgf1 "mgf1"
+#define NID_mgf1 911
+#define OBJ_mgf1 1L, 2L, 840L, 113549L, 1L, 1L, 8L
+
+#define SN_rsassaPss "RSASSA-PSS"
+#define LN_rsassaPss "rsassaPss"
+#define NID_rsassaPss 912
+#define OBJ_rsassaPss 1L, 2L, 840L, 113549L, 1L, 1L, 10L
+
+#define SN_aes_128_xts "AES-128-XTS"
+#define LN_aes_128_xts "aes-128-xts"
+#define NID_aes_128_xts 913
+
+#define SN_aes_256_xts "AES-256-XTS"
+#define LN_aes_256_xts "aes-256-xts"
+#define NID_aes_256_xts 914
+
#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
#define LN_rc4_hmac_md5 "rc4-hmac-md5"
#define NID_rc4_hmac_md5 915
@@ -4045,110 +4061,127 @@
#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
#define NID_aes_256_cbc_hmac_sha1 918
+#define SN_rsaesOaep "RSAES-OAEP"
+#define LN_rsaesOaep "rsaesOaep"
+#define NID_rsaesOaep 919
+#define OBJ_rsaesOaep 1L, 2L, 840L, 113549L, 1L, 1L, 7L
+
#define SN_dhpublicnumber "dhpublicnumber"
#define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 920
-#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
+#define OBJ_dhpublicnumber 1L, 2L, 840L, 10046L, 2L, 1L
#define SN_brainpoolP160r1 "brainpoolP160r1"
#define NID_brainpoolP160r1 921
-#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
+#define OBJ_brainpoolP160r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 1L
#define SN_brainpoolP160t1 "brainpoolP160t1"
#define NID_brainpoolP160t1 922
-#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
+#define OBJ_brainpoolP160t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 2L
#define SN_brainpoolP192r1 "brainpoolP192r1"
#define NID_brainpoolP192r1 923
-#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
+#define OBJ_brainpoolP192r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 3L
#define SN_brainpoolP192t1 "brainpoolP192t1"
#define NID_brainpoolP192t1 924
-#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
+#define OBJ_brainpoolP192t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 4L
#define SN_brainpoolP224r1 "brainpoolP224r1"
#define NID_brainpoolP224r1 925
-#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
+#define OBJ_brainpoolP224r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 5L
#define SN_brainpoolP224t1 "brainpoolP224t1"
#define NID_brainpoolP224t1 926
-#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
+#define OBJ_brainpoolP224t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 6L
#define SN_brainpoolP256r1 "brainpoolP256r1"
#define NID_brainpoolP256r1 927
-#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
+#define OBJ_brainpoolP256r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 7L
#define SN_brainpoolP256t1 "brainpoolP256t1"
#define NID_brainpoolP256t1 928
-#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
+#define OBJ_brainpoolP256t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 8L
#define SN_brainpoolP320r1 "brainpoolP320r1"
#define NID_brainpoolP320r1 929
-#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
+#define OBJ_brainpoolP320r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 9L
#define SN_brainpoolP320t1 "brainpoolP320t1"
#define NID_brainpoolP320t1 930
-#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
+#define OBJ_brainpoolP320t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 10L
#define SN_brainpoolP384r1 "brainpoolP384r1"
#define NID_brainpoolP384r1 931
-#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
+#define OBJ_brainpoolP384r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 11L
#define SN_brainpoolP384t1 "brainpoolP384t1"
#define NID_brainpoolP384t1 932
-#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
+#define OBJ_brainpoolP384t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 12L
#define SN_brainpoolP512r1 "brainpoolP512r1"
#define NID_brainpoolP512r1 933
-#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
+#define OBJ_brainpoolP512r1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 13L
#define SN_brainpoolP512t1 "brainpoolP512t1"
#define NID_brainpoolP512t1 934
-#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
+#define OBJ_brainpoolP512t1 1L, 3L, 36L, 3L, 3L, 2L, 8L, 1L, 1L, 14L
-#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L
-
-#define OBJ_secg_scheme OBJ_certicom_arc,1L
+#define SN_pSpecified "PSPECIFIED"
+#define LN_pSpecified "pSpecified"
+#define NID_pSpecified 935
+#define OBJ_pSpecified 1L, 2L, 840L, 113549L, 1L, 1L, 9L
#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme"
#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936
-#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L
+#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme \
+ 1L, 3L, 133L, 16L, 840L, 63L, 0L, 2L
-#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme"
+#define SN_dhSinglePass_stdDH_sha224kdf_scheme \
+ "dhSinglePass-stdDH-sha224kdf-scheme"
#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937
-#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L
+#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1L, 3L, 132L, 1L, 11L, 0L
-#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme"
+#define SN_dhSinglePass_stdDH_sha256kdf_scheme \
+ "dhSinglePass-stdDH-sha256kdf-scheme"
#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938
-#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L
+#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1L, 3L, 132L, 1L, 11L, 1L
-#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme"
+#define SN_dhSinglePass_stdDH_sha384kdf_scheme \
+ "dhSinglePass-stdDH-sha384kdf-scheme"
#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939
-#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L
+#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1L, 3L, 132L, 1L, 11L, 2L
-#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme"
+#define SN_dhSinglePass_stdDH_sha512kdf_scheme \
+ "dhSinglePass-stdDH-sha512kdf-scheme"
#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940
-#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L
+#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1L, 3L, 132L, 1L, 11L, 3L
-#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme"
+#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme \
+ "dhSinglePass-cofactorDH-sha1kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941
-#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L
+#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme \
+ 1L, 3L, 133L, 16L, 840L, 63L, 0L, 3L
-#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme"
+#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme \
+ "dhSinglePass-cofactorDH-sha224kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942
-#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L
+#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1L, 3L, 132L, 1L, 14L, 0L
-#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme"
+#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme \
+ "dhSinglePass-cofactorDH-sha256kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943
-#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L
+#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1L, 3L, 132L, 1L, 14L, 1L
-#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme"
+#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme \
+ "dhSinglePass-cofactorDH-sha384kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944
-#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L
+#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1L, 3L, 132L, 1L, 14L, 2L
-#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme"
+#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme \
+ "dhSinglePass-cofactorDH-sha512kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945
-#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L
+#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1L, 3L, 132L, 1L, 14L, 3L
#define SN_dh_std_kdf "dh-std-kdf"
#define NID_dh_std_kdf 946
@@ -4159,5 +4192,8 @@
#define SN_X25519 "X25519"
#define NID_X25519 948
+#if defined(__cplusplus)
+} /* extern C */
+#endif
-#endif /* OPENSSL_HEADER_NID_H */
+#endif /* OPENSSL_HEADER_NID_H */
diff --git a/src/include/openssl/rsa.h b/src/include/openssl/rsa.h
index 78d5b32..19be3ba 100644
--- a/src/include/openssl/rsa.h
+++ b/src/include/openssl/rsa.h
@@ -322,7 +322,9 @@
* hash function for generating the mask. If NULL, |Hash| is used. The |sLen|
* argument specifies the expected salt length in bytes. If |sLen| is -1 then
* the salt length is the same as the hash length. If -2, then the salt length
- * is maximal and is taken from the size of |EM|.
+ * is recovered and all values accepted.
+ *
+ * If unsure, use -1.
*
* It returns one on success or zero on error. */
OPENSSL_EXPORT int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash,
diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h
index 2a76fe2..c230f8c 100644
--- a/src/include/openssl/ssl.h
+++ b/src/include/openssl/ssl.h
@@ -1331,25 +1331,11 @@
* |str| as a cipher string. It returns one on success and zero on failure. */
OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
-/* SSL_CTX_set_cipher_list_tls10 configures the TLS 1.0+ cipher list for |ctx|,
- * evaluating |str| as a cipher string. It returns one on success and zero on
- * failure. If set, servers will use this cipher suite list for TLS 1.0 or
- * higher. */
-OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls10(SSL_CTX *ctx, const char *str);
-
-/* SSL_CTX_set_cipher_list_tls11 configures the TLS 1.1+ cipher list for |ctx|,
- * evaluating |str| as a cipher string. It returns one on success and zero on
- * failure. If set, servers will use this cipher suite list for TLS 1.1 or
- * higher. */
-OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *ctx, const char *str);
-
/* SSL_set_cipher_list configures the cipher list for |ssl|, evaluating |str| as
* a cipher string. It returns one on success and zero on failure. */
OPENSSL_EXPORT int SSL_set_cipher_list(SSL *ssl, const char *str);
-/* SSL_get_ciphers returns the cipher list for |ssl|, in order of preference. If
- * |SSL_CTX_set_cipher_list_tls10| or |SSL_CTX_set_cipher_list_tls11| has been
- * used, the corresponding list for the current version is returned. */
+/* SSL_get_ciphers returns the cipher list for |ssl|, in order of preference. */
OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
@@ -2927,6 +2913,11 @@
* peformed by |ssl|. This includes the pending renegotiation, if any. */
OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl);
+/* SSL_CTX_set_early_data_enabled sets whether early data is allowed to be used
+ * with resumptions using |ctx|. WARNING: This is experimental and may cause
+ * interop failures until fully implemented. */
+OPENSSL_EXPORT void SSL_CTX_set_early_data_enabled(SSL_CTX *ctx, int enabled);
+
/* SSL_MAX_CERT_LIST_DEFAULT is the default maximum length, in bytes, of a peer
* certificate chain. */
#define SSL_MAX_CERT_LIST_DEFAULT (1024 * 100)
@@ -3163,6 +3154,11 @@
* record with |ssl|. */
OPENSSL_EXPORT size_t SSL_max_seal_overhead(const SSL *ssl);
+/* SSL_CTX_set_short_header_enabled configures whether a short record header in
+ * TLS 1.3 may be negotiated. This allows client and server to negotiate
+ * https://github.com/tlswg/tls13-spec/pull/762 for testing. */
+OPENSSL_EXPORT void SSL_CTX_set_short_header_enabled(SSL_CTX *ctx, int enabled);
+
/* Deprecated functions. */
@@ -3767,6 +3763,10 @@
uint32_t ticket_age_add;
+ /* ticket_max_early_data is the maximum amount of data allowed to be sent as
+ * early data. If zero, 0-RTT is disallowed. */
+ uint32_t ticket_max_early_data;
+
/* extended_master_secret is true if the master secret in this session was
* generated using EMS and thus isn't vulnerable to the Triple Handshake
* attack. */
@@ -3839,21 +3839,6 @@
struct ssl_cipher_preference_list_st *cipher_list;
- /* cipher_list_tls10 is the list of ciphers when TLS 1.0 or greater is in
- * use. This only applies to server connections as, for clients, the version
- * number is known at connect time and so the cipher list can be set then. If
- * |cipher_list_tls11| is non-NULL then this applies only to TLS 1.0
- * connections.
- *
- * TODO(agl): this exists to assist in the death of SSLv3. It can hopefully
- * be removed after that. */
- struct ssl_cipher_preference_list_st *cipher_list_tls10;
-
- /* cipher_list_tls11 is the list of ciphers when TLS 1.1 or greater is in
- * use. This only applies to server connections as, for clients, the version
- * number is known at connect time and so the cipher list can be set then. */
- struct ssl_cipher_preference_list_st *cipher_list_tls11;
-
X509_STORE *cert_store;
LHASH_OF(SSL_SESSION) *sessions;
/* Most session-ids that will be cached, default is
@@ -4057,6 +4042,10 @@
* shutdown. */
unsigned quiet_shutdown:1;
+ /* If enable_early_data is non-zero, early data can be sent and accepted over
+ * new connections. */
+ unsigned enable_early_data:1;
+
/* ocsp_stapling_enabled is only used by client connections and indicates
* whether OCSP stapling will be requested. */
unsigned ocsp_stapling_enabled:1;
@@ -4073,6 +4062,10 @@
* otherwise. */
unsigned grease_enabled:1;
+ /* short_header_enabled is one if a short record header in TLS 1.3 may
+ * be negotiated and zero otherwise. */
+ unsigned short_header_enabled:1;
+
/* extra_certs is a dummy value included for compatibility.
* TODO(agl): remove once node.js no longer references this. */
STACK_OF(X509)* extra_certs;
diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h
index 54c2800..7d9f2ac 100644
--- a/src/include/openssl/tls1.h
+++ b/src/include/openssl/tls1.h
@@ -213,6 +213,7 @@
#define TLSEXT_TYPE_supported_versions 43
#define TLSEXT_TYPE_cookie 44
#define TLSEXT_TYPE_psk_key_exchange_modes 45
+#define TLSEXT_TYPE_ticket_early_data_info 46
/* ExtensionType value from RFC5746 */
#define TLSEXT_TYPE_renegotiate 0xff01
@@ -226,6 +227,9 @@
/* This is not an IANA defined extension number */
#define TLSEXT_TYPE_channel_id 30032
+/* This is not an IANA defined extension number */
+#define TLSEXT_TYPE_short_header 27463
+
/* status request value from RFC 3546 */
#define TLSEXT_STATUSTYPE_ocsp 1
diff --git a/src/include/openssl/x509_vfy.h b/src/include/openssl/x509_vfy.h
index 1182bc2..f069cb2 100644
--- a/src/include/openssl/x509_vfy.h
+++ b/src/include/openssl/x509_vfy.h
@@ -184,6 +184,7 @@
int cache; /* if true, stash any hits */
STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
CRYPTO_MUTEX objs_lock;
+ STACK_OF(X509) *additional_untrusted;
/* These are external lookup methods */
STACK_OF(X509_LOOKUP) *get_cert_methods;
@@ -447,6 +448,11 @@
OPENSSL_EXPORT int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
OPENSSL_EXPORT int X509_STORE_set_trust(X509_STORE *ctx, int trust);
OPENSSL_EXPORT int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+/* X509_STORE_set0_additional_untrusted sets a stack of additional, untrusted
+ * certificates that are available for chain building. This function does not
+ * take ownership of the stack. */
+OPENSSL_EXPORT void X509_STORE_set0_additional_untrusted(
+ X509_STORE *ctx, STACK_OF(X509) *untrusted);
OPENSSL_EXPORT void X509_STORE_set_verify_cb(X509_STORE *ctx,
int (*verify_cb)(int, X509_STORE_CTX *));
diff --git a/src/ssl/d1_both.c b/src/ssl/d1_both.c
index f9bb8f4..d3e4a92 100644
--- a/src/ssl/d1_both.c
+++ b/src/ssl/d1_both.c
@@ -124,6 +124,7 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -157,7 +158,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(frag, 0, sizeof(hm_fragment));
+ OPENSSL_memset(frag, 0, sizeof(hm_fragment));
frag->type = msg_hdr->type;
frag->seq = msg_hdr->seq;
frag->msg_len = msg_hdr->msg_len;
@@ -195,7 +196,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(frag->reassembly, 0, bitmask_len);
+ OPENSSL_memset(frag->reassembly, 0, bitmask_len);
}
return frag;
@@ -383,7 +384,7 @@
assert(msg_len > 0);
/* Copy the body into the fragment. */
- memcpy(frag->data + DTLS1_HM_HEADER_LENGTH + frag_off, CBS_data(&body),
+ OPENSSL_memcpy(frag->data + DTLS1_HM_HEADER_LENGTH + frag_off, CBS_data(&body),
CBS_len(&body));
dtls1_hm_fragment_mark(frag, frag_off, frag_off + frag_len);
}
@@ -489,7 +490,7 @@
int dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
CBS *out_body) {
- memset(out_hdr, 0x00, sizeof(struct hm_header_st));
+ OPENSSL_memset(out_hdr, 0x00, sizeof(struct hm_header_st));
if (!CBS_get_u8(cbs, &out_hdr->type) ||
!CBS_get_u24(cbs, &out_hdr->msg_len) ||
@@ -747,7 +748,7 @@
/* Fix up the header. Copy the fragment length into the total message
* length. */
- memcpy(*out_msg + 1, *out_msg + DTLS1_HM_HEADER_LENGTH - 3, 3);
+ OPENSSL_memcpy(*out_msg + 1, *out_msg + DTLS1_HM_HEADER_LENGTH - 3, 3);
return 1;
}
diff --git a/src/ssl/d1_lib.c b/src/ssl/d1_lib.c
index cafb4c2..258e9ab 100644
--- a/src/ssl/d1_lib.c
+++ b/src/ssl/d1_lib.c
@@ -64,9 +64,11 @@
#include <openssl/mem.h>
#include <openssl/nid.h>
+#include "../crypto/internal.h"
#include "internal.h"
+
/* DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire
* before starting to decrease the MTU. */
#define DTLS1_MTU_TIMEOUTS 2
@@ -86,7 +88,7 @@
ssl3_free(ssl);
return 0;
}
- memset(d1, 0, sizeof *d1);
+ OPENSSL_memset(d1, 0, sizeof *d1);
ssl->d1 = d1;
@@ -154,12 +156,12 @@
if (ssl->d1->next_timeout.tv_sec < timenow.tv_sec ||
(ssl->d1->next_timeout.tv_sec == timenow.tv_sec &&
ssl->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
- memset(out, 0, sizeof(struct timeval));
+ OPENSSL_memset(out, 0, sizeof(struct timeval));
return 1;
}
/* Calculate time left until timer expires */
- memcpy(out, &ssl->d1->next_timeout, sizeof(struct timeval));
+ OPENSSL_memcpy(out, &ssl->d1->next_timeout, sizeof(struct timeval));
out->tv_sec -= timenow.tv_sec;
out->tv_usec -= timenow.tv_usec;
if (out->tv_usec < 0) {
@@ -170,7 +172,7 @@
/* If remaining time is less than 15 ms, set it to 0 to prevent issues
* because of small devergences with socket timeouts. */
if (out->tv_sec == 0 && out->tv_usec < 15000) {
- memset(out, 0, sizeof(struct timeval));
+ OPENSSL_memset(out, 0, sizeof(struct timeval));
}
return 1;
@@ -204,7 +206,7 @@
void dtls1_stop_timer(SSL *ssl) {
/* Reset everything */
ssl->d1->num_timeouts = 0;
- memset(&ssl->d1->next_timeout, 0, sizeof(struct timeval));
+ OPENSSL_memset(&ssl->d1->next_timeout, 0, sizeof(struct timeval));
ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
BIO_ctrl(ssl->rbio, BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
&ssl->d1->next_timeout);
@@ -234,9 +236,7 @@
}
int DTLSv1_handle_timeout(SSL *ssl) {
- ssl->rwstate = SSL_NOTHING;
- /* Functions which use SSL_get_error must clear the error queue on entry. */
- ERR_clear_error();
+ ssl_reset_error_state(ssl);
if (!SSL_is_dtls(ssl)) {
return -1;
diff --git a/src/ssl/d1_pkt.c b/src/ssl/d1_pkt.c
index 155359c..c6950d5 100644
--- a/src/ssl/d1_pkt.c
+++ b/src/ssl/d1_pkt.c
@@ -122,6 +122,7 @@
#include <openssl/err.h>
#include <openssl/rand.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -265,7 +266,7 @@
len = rr->length;
}
- memcpy(buf, rr->data, len);
+ OPENSSL_memcpy(buf, rr->data, len);
if (!peek) {
/* TODO(davidben): Should the record be truncated instead? This is a
* datagram transport. See https://crbug.com/boringssl/65. */
diff --git a/src/ssl/dtls_method.c b/src/ssl/dtls_method.c
index 89b5491..6576686 100644
--- a/src/ssl/dtls_method.c
+++ b/src/ssl/dtls_method.c
@@ -62,6 +62,7 @@
#include <openssl/buf.h>
#include <openssl/err.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -112,8 +113,8 @@
}
ssl->d1->r_epoch++;
- memset(&ssl->d1->bitmap, 0, sizeof(ssl->d1->bitmap));
- memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
+ OPENSSL_memset(&ssl->d1->bitmap, 0, sizeof(ssl->d1->bitmap));
+ OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
SSL_AEAD_CTX_free(ssl->s3->aead_read_ctx);
ssl->s3->aead_read_ctx = aead_ctx;
@@ -122,9 +123,9 @@
static int dtls1_set_write_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
ssl->d1->w_epoch++;
- memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
- sizeof(ssl->s3->write_sequence));
- memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
+ OPENSSL_memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
+ sizeof(ssl->s3->write_sequence));
+ OPENSSL_memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
SSL_AEAD_CTX_free(ssl->s3->aead_write_ctx);
ssl->s3->aead_write_ctx = aead_ctx;
diff --git a/src/ssl/dtls_record.c b/src/ssl/dtls_record.c
index ffe4053..e507f5c 100644
--- a/src/ssl/dtls_record.c
+++ b/src/ssl/dtls_record.c
@@ -283,7 +283,7 @@
out[3] = epoch >> 8;
out[4] = epoch & 0xff;
- memcpy(&out[5], &seq[2], 6);
+ OPENSSL_memcpy(&out[5], &seq[2], 6);
size_t ciphertext_len;
if (!SSL_AEAD_CTX_seal(aead, out + DTLS1_RT_HEADER_LENGTH, &ciphertext_len,
diff --git a/src/ssl/handshake_client.c b/src/ssl/handshake_client.c
index 8c21818..720c215 100644
--- a/src/ssl/handshake_client.c
+++ b/src/ssl/handshake_client.c
@@ -167,6 +167,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -349,7 +350,7 @@
case SSL3_ST_CW_CERT_VRFY_A:
case SSL3_ST_CW_CERT_VRFY_B:
case SSL3_ST_CW_CERT_VRFY_C:
- if (hs->cert_request) {
+ if (hs->cert_request && ssl_has_certificate(ssl)) {
ret = ssl3_send_cert_verify(hs);
if (ret <= 0) {
goto end;
@@ -815,7 +816,7 @@
goto f_err;
}
- memcpy(ssl->d1->cookie, CBS_data(&cookie), CBS_len(&cookie));
+ OPENSSL_memcpy(ssl->d1->cookie, CBS_data(&cookie), CBS_len(&cookie));
ssl->d1->cookie_len = CBS_len(&cookie);
ssl->d1->send_cookie = 1;
@@ -913,7 +914,7 @@
}
/* Copy over the server random. */
- memcpy(ssl->s3->server_random, CBS_data(&server_random), SSL3_RANDOM_SIZE);
+ OPENSSL_memcpy(ssl->s3->server_random, CBS_data(&server_random), SSL3_RANDOM_SIZE);
/* TODO(davidben): Implement the TLS 1.1 and 1.2 downgrade sentinels once TLS
* 1.3 is finalized and we are not implementing a draft version. */
@@ -932,7 +933,7 @@
}
/* Note: session_id could be empty. */
ssl->s3->new_session->session_id_length = CBS_len(&session_id);
- memcpy(ssl->s3->new_session->session_id, CBS_data(&session_id),
+ OPENSSL_memcpy(ssl->s3->new_session->session_id, CBS_data(&session_id),
CBS_len(&session_id));
}
@@ -1466,7 +1467,6 @@
}
if (!ssl_has_certificate(ssl)) {
- hs->cert_request = 0;
/* Without a client certificate, the handshake buffer may be released. */
ssl3_free_handshake_buffer(ssl);
@@ -1477,7 +1477,8 @@
}
}
- if (!ssl3_output_cert_chain(ssl)) {
+ if (!ssl_auto_chain_if_needed(ssl) ||
+ !ssl3_output_cert_chain(ssl)) {
return -1;
}
hs->state = SSL3_ST_CW_CERT_B;
@@ -1515,7 +1516,7 @@
}
char identity[PSK_MAX_IDENTITY_LEN + 1];
- memset(identity, 0, sizeof(identity));
+ OPENSSL_memset(identity, 0, sizeof(identity));
psk_len =
ssl->psk_client_callback(ssl, hs->peer_psk_identity_hint, identity,
sizeof(identity), psk, sizeof(psk));
@@ -1616,7 +1617,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(pms, 0, pms_len);
+ OPENSSL_memset(pms, 0, pms_len);
} else {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
diff --git a/src/ssl/handshake_server.c b/src/ssl/handshake_server.c
index d41685e..6ce49f5 100644
--- a/src/ssl/handshake_server.c
+++ b/src/ssl/handshake_server.c
@@ -881,12 +881,12 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return -1;
}
- memcpy(ssl->s3->client_random, client_hello.random,
- client_hello.random_len);
+ OPENSSL_memcpy(ssl->s3->client_random, client_hello.random,
+ client_hello.random_len);
/* Only null compression is supported. */
- if (memchr(client_hello.compression_methods, 0,
- client_hello.compression_methods_len) == NULL) {
+ if (OPENSSL_memchr(client_hello.compression_methods, 0,
+ client_hello.compression_methods_len) == NULL) {
al = SSL_AD_ILLEGAL_PARAMETER;
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMPRESSION_SPECIFIED);
goto f_err;
@@ -916,6 +916,10 @@
}
}
+ if (!ssl_auto_chain_if_needed(ssl)) {
+ goto err;
+ }
+
/* Negotiate the cipher suite. This must be done after |cert_cb| so the
* certificate is finalized. */
ssl->s3->tmp.new_cipher =
@@ -1736,7 +1740,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(premaster_secret, 0, premaster_secret_len);
+ OPENSSL_memset(premaster_secret, 0, premaster_secret_len);
} else {
al = SSL_AD_HANDSHAKE_FAILURE;
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CIPHER_TYPE);
diff --git a/src/ssl/internal.h b/src/ssl/internal.h
index 2688bc7..919f5aa 100644
--- a/src/ssl/internal.h
+++ b/src/ssl/internal.h
@@ -779,6 +779,11 @@
* empty certificate list. It returns one on success and zero on error. */
int ssl_add_cert_chain(SSL *ssl, CBB *cbb);
+/* ssl_auto_chain_if_needed runs the deprecated auto-chaining logic if
+ * necessary. On success, it updates |ssl|'s certificate configuration as needed
+ * and returns one. Otherwise, it returns zero. */
+int ssl_auto_chain_if_needed(SSL *ssl);
+
/* ssl_cert_check_digital_signature_key_usage parses the DER-encoded, X.509
* certificate in |in| and returns one if doesn't specify a key usage or, if it
* does, if it includes digitalSignature. Otherwise it pushes to the error
@@ -833,10 +838,9 @@
const uint8_t *traffic_secret,
size_t traffic_secret_len);
-/* tls13_set_handshake_traffic derives the handshake traffic secret and
- * switches both read and write traffic to it. It returns one on success and
- * zero on error. */
-int tls13_set_handshake_traffic(SSL_HANDSHAKE *hs);
+/* tls13_derive_handshake_secrets derives the handshake traffic secret. It
+ * returns one on success and zero on error. */
+int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
/* tls13_rotate_traffic_key derives the next read or write traffic secret. It
* returns one on success and zero on error. */
@@ -914,6 +918,8 @@
size_t hash_len;
uint8_t secret[EVP_MAX_MD_SIZE];
+ uint8_t client_handshake_secret[EVP_MAX_MD_SIZE];
+ uint8_t server_handshake_secret[EVP_MAX_MD_SIZE];
uint8_t client_traffic_secret_0[EVP_MAX_MD_SIZE];
uint8_t server_traffic_secret_0[EVP_MAX_MD_SIZE];
@@ -1142,10 +1148,10 @@
* it. It writes the parsed extensions to pointers denoted by |ext_types|. On
* success, it fills in the |out_present| and |out_data| fields and returns one.
* Otherwise, it sets |*out_alert| to an alert to send and returns zero. Unknown
- * extensions are rejected. */
+ * extensions are rejected unless |ignore_unknown| is 1. */
int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
const SSL_EXTENSION_TYPE *ext_types,
- size_t num_ext_types);
+ size_t num_ext_types, int ignore_unknown);
/* SSLKEYLOGFILE functions. */
@@ -1482,6 +1488,10 @@
* handshake. */
unsigned tlsext_channel_id_valid:1;
+ /* short_header is one if https://github.com/tlswg/tls13-spec/pull/762 has
+ * been negotiated. */
+ unsigned short_header:1;
+
uint8_t send_alert[2];
/* pending_message is the current outgoing handshake message. */
@@ -1936,6 +1946,9 @@
void ssl_get_current_time(const SSL *ssl, struct timeval *out_clock);
+/* ssl_reset_error_state resets state for |SSL_get_error|. */
+void ssl_reset_error_state(SSL *ssl);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/ssl/s3_both.c b/src/ssl/s3_both.c
index 4800f92..492884f 100644
--- a/src/ssl/s3_both.c
+++ b/src/ssl/s3_both.c
@@ -127,6 +127,7 @@
#include <openssl/sha.h>
#include <openssl/x509.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -136,7 +137,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(hs, 0, sizeof(SSL_HANDSHAKE));
+ OPENSSL_memset(hs, 0, sizeof(SSL_HANDSHAKE));
hs->ssl = ssl;
hs->wait = ssl_hs_ok;
hs->state = SSL_ST_INIT;
@@ -149,6 +150,10 @@
}
OPENSSL_cleanse(hs->secret, sizeof(hs->secret));
+ OPENSSL_cleanse(hs->client_handshake_secret,
+ sizeof(hs->client_handshake_secret));
+ OPENSSL_cleanse(hs->server_handshake_secret,
+ sizeof(hs->server_handshake_secret));
OPENSSL_cleanse(hs->client_traffic_secret_0,
sizeof(hs->client_traffic_secret_0));
OPENSSL_cleanse(hs->server_traffic_secret_0,
@@ -291,10 +296,10 @@
}
if (ssl->server) {
- memcpy(ssl->s3->previous_server_finished, finished, finished_len);
+ OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
ssl->s3->previous_server_finished_len = finished_len;
} else {
- memcpy(ssl->s3->previous_client_finished, finished, finished_len);
+ OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
ssl->s3->previous_client_finished_len = finished_len;
}
}
@@ -349,10 +354,10 @@
}
if (ssl->server) {
- memcpy(ssl->s3->previous_client_finished, finished, finished_len);
+ OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
ssl->s3->previous_client_finished_len = finished_len;
} else {
- memcpy(ssl->s3->previous_server_finished, finished, finished_len);
+ OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
ssl->s3->previous_server_finished_len = finished_len;
}
}
@@ -517,9 +522,9 @@
rand_len = SSL3_RANDOM_SIZE;
}
uint8_t random[SSL3_RANDOM_SIZE];
- memset(random, 0, SSL3_RANDOM_SIZE);
- memcpy(random + (SSL3_RANDOM_SIZE - rand_len), CBS_data(&challenge),
- rand_len);
+ OPENSSL_memset(random, 0, SSL3_RANDOM_SIZE);
+ OPENSSL_memcpy(random + (SSL3_RANDOM_SIZE - rand_len), CBS_data(&challenge),
+ rand_len);
/* Write out an equivalent SSLv3 ClientHello. */
size_t max_v3_client_hello = SSL3_HM_HEADER_LENGTH + 2 /* version */ +
@@ -775,7 +780,7 @@
int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
const SSL_EXTENSION_TYPE *ext_types,
- size_t num_ext_types) {
+ size_t num_ext_types, int ignore_unknown) {
/* Reset everything. */
for (size_t i = 0; i < num_ext_types; i++) {
*ext_types[i].out_present = 0;
@@ -802,6 +807,9 @@
}
if (ext_type == NULL) {
+ if (ignore_unknown) {
+ continue;
+ }
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
*out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
return 0;
diff --git a/src/ssl/s3_enc.c b/src/ssl/s3_enc.c
index 7cdc294..bf82e08 100644
--- a/src/ssl/s3_enc.c
+++ b/src/ssl/s3_enc.c
@@ -144,8 +144,10 @@
#include <openssl/md5.h>
#include <openssl/nid.h>
+#include "../crypto/internal.h"
#include "internal.h"
+
static int ssl3_prf(const SSL *ssl, uint8_t *out, size_t out_len,
const uint8_t *secret, size_t secret_len, const char *label,
size_t label_len, const uint8_t *seed1, size_t seed1_len,
@@ -194,7 +196,7 @@
EVP_DigestUpdate(&md5, smd, SHA_DIGEST_LENGTH);
if (i + MD5_DIGEST_LENGTH > out_len) {
EVP_DigestFinal_ex(&md5, smd, NULL);
- memcpy(out, smd, out_len - i);
+ OPENSSL_memcpy(out, smd, out_len - i);
} else {
EVP_DigestFinal_ex(&md5, out, NULL);
}
@@ -269,7 +271,8 @@
if (!BUF_MEM_grow(ssl->s3->handshake_buffer, new_len)) {
return 0;
}
- memcpy(ssl->s3->handshake_buffer->data + new_len - in_len, in, in_len);
+ OPENSSL_memcpy(ssl->s3->handshake_buffer->data + new_len - in_len, in,
+ in_len);
}
if (EVP_MD_CTX_md(&ssl->s3->handshake_hash) != NULL) {
diff --git a/src/ssl/s3_lib.c b/src/ssl/s3_lib.c
index 859cb9b..7039418 100644
--- a/src/ssl/s3_lib.c
+++ b/src/ssl/s3_lib.c
@@ -159,6 +159,7 @@
#include <openssl/mem.h>
#include <openssl/nid.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -169,7 +170,7 @@
if (s3 == NULL) {
return 0;
}
- memset(s3, 0, sizeof *s3);
+ OPENSSL_memset(s3, 0, sizeof *s3);
s3->hs = ssl_handshake_new(ssl);
if (s3->hs == NULL) {
@@ -221,19 +222,7 @@
return ssl->cipher_list;
}
- if (ssl->version >= TLS1_1_VERSION && ssl->ctx->cipher_list_tls11 != NULL) {
- return ssl->ctx->cipher_list_tls11;
- }
-
- if (ssl->version >= TLS1_VERSION && ssl->ctx->cipher_list_tls10 != NULL) {
- return ssl->ctx->cipher_list_tls10;
- }
-
- if (ssl->ctx->cipher_list != NULL) {
- return ssl->ctx->cipher_list;
- }
-
- return NULL;
+ return ssl->ctx->cipher_list;
}
/* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
diff --git a/src/ssl/s3_pkt.c b/src/ssl/s3_pkt.c
index e4116fb..9bd9f1f 100644
--- a/src/ssl/s3_pkt.c
+++ b/src/ssl/s3_pkt.c
@@ -118,6 +118,7 @@
#include <openssl/mem.h>
#include <openssl/rand.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -319,7 +320,7 @@
len = (int)rr->length;
}
- memcpy(out, rr->data, len);
+ OPENSSL_memcpy(out, rr->data, len);
if (!peek) {
rr->length -= len;
rr->data += len;
diff --git a/src/ssl/ssl_aead_ctx.c b/src/ssl/ssl_aead_ctx.c
index b05df0b..1b95150 100644
--- a/src/ssl/ssl_aead_ctx.c
+++ b/src/ssl/ssl_aead_ctx.c
@@ -22,6 +22,7 @@
#include <openssl/rand.h>
#include <openssl/type_check.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -52,9 +53,10 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0;
}
- memcpy(merged_key, mac_key, mac_key_len);
- memcpy(merged_key + mac_key_len, enc_key, enc_key_len);
- memcpy(merged_key + mac_key_len + enc_key_len, fixed_iv, fixed_iv_len);
+ OPENSSL_memcpy(merged_key, mac_key, mac_key_len);
+ OPENSSL_memcpy(merged_key + mac_key_len, enc_key, enc_key_len);
+ OPENSSL_memcpy(merged_key + mac_key_len + enc_key_len, fixed_iv,
+ fixed_iv_len);
enc_key = merged_key;
enc_key_len += mac_key_len;
enc_key_len += fixed_iv_len;
@@ -65,7 +67,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(aead_ctx, 0, sizeof(SSL_AEAD_CTX));
+ OPENSSL_memset(aead_ctx, 0, sizeof(SSL_AEAD_CTX));
aead_ctx->cipher = cipher;
if (!EVP_AEAD_CTX_init_with_direction(
@@ -79,7 +81,7 @@
aead_ctx->variable_nonce_len = (uint8_t)EVP_AEAD_nonce_length(aead);
if (mac_key_len == 0) {
assert(fixed_iv_len <= sizeof(aead_ctx->fixed_nonce));
- memcpy(aead_ctx->fixed_nonce, fixed_iv, fixed_iv_len);
+ OPENSSL_memcpy(aead_ctx->fixed_nonce, fixed_iv, fixed_iv_len);
aead_ctx->fixed_nonce_len = fixed_iv_len;
if (cipher->algorithm_enc & SSL_CHACHA20POLY1305) {
@@ -158,7 +160,7 @@
return 0;
}
- memcpy(out, seqnum, 8);
+ OPENSSL_memcpy(out, seqnum, 8);
size_t len = 8;
out[len++] = type;
if (!aead->omit_version_in_ad) {
@@ -208,9 +210,9 @@
/* Prepend the fixed nonce, or left-pad with zeros if XORing. */
if (aead->xor_fixed_nonce) {
nonce_len = aead->fixed_nonce_len - aead->variable_nonce_len;
- memset(nonce, 0, nonce_len);
+ OPENSSL_memset(nonce, 0, nonce_len);
} else {
- memcpy(nonce, aead->fixed_nonce, aead->fixed_nonce_len);
+ OPENSSL_memcpy(nonce, aead->fixed_nonce, aead->fixed_nonce_len);
nonce_len += aead->fixed_nonce_len;
}
@@ -221,12 +223,12 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_PACKET_LENGTH);
return 0;
}
- memcpy(nonce + nonce_len, in, aead->variable_nonce_len);
+ OPENSSL_memcpy(nonce + nonce_len, in, aead->variable_nonce_len);
in += aead->variable_nonce_len;
in_len -= aead->variable_nonce_len;
} else {
assert(aead->variable_nonce_len == 8);
- memcpy(nonce + nonce_len, seqnum, aead->variable_nonce_len);
+ OPENSSL_memcpy(nonce + nonce_len, seqnum, aead->variable_nonce_len);
}
nonce_len += aead->variable_nonce_len;
@@ -262,7 +264,7 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
return 0;
}
- memmove(out, in, in_len);
+ OPENSSL_memmove(out, in, in_len);
*out_len = in_len;
return 1;
}
@@ -278,9 +280,9 @@
/* Prepend the fixed nonce, or left-pad with zeros if XORing. */
if (aead->xor_fixed_nonce) {
nonce_len = aead->fixed_nonce_len - aead->variable_nonce_len;
- memset(nonce, 0, nonce_len);
+ OPENSSL_memset(nonce, 0, nonce_len);
} else {
- memcpy(nonce, aead->fixed_nonce, aead->fixed_nonce_len);
+ OPENSSL_memcpy(nonce, aead->fixed_nonce, aead->fixed_nonce_len);
nonce_len += aead->fixed_nonce_len;
}
@@ -294,7 +296,7 @@
/* When sending we use the sequence number as the variable part of the
* nonce. */
assert(aead->variable_nonce_len == 8);
- memcpy(nonce + nonce_len, seqnum, aead->variable_nonce_len);
+ OPENSSL_memcpy(nonce + nonce_len, seqnum, aead->variable_nonce_len);
}
nonce_len += aead->variable_nonce_len;
@@ -310,7 +312,8 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_OUTPUT_ALIASES_INPUT);
return 0;
}
- memcpy(out, nonce + aead->fixed_nonce_len, aead->variable_nonce_len);
+ OPENSSL_memcpy(out, nonce + aead->fixed_nonce_len,
+ aead->variable_nonce_len);
extra_len = aead->variable_nonce_len;
out += aead->variable_nonce_len;
max_out -= aead->variable_nonce_len;
diff --git a/src/ssl/ssl_asn1.c b/src/ssl/ssl_asn1.c
index 902b580..c9dfdcc 100644
--- a/src/ssl/ssl_asn1.c
+++ b/src/ssl/ssl_asn1.c
@@ -91,6 +91,7 @@
#include <openssl/mem.h>
#include <openssl/x509.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -127,6 +128,7 @@
* ticketAgeAdd [21] OCTET STRING OPTIONAL,
* isServer [22] BOOLEAN DEFAULT TRUE,
* peerSignatureAlgorithm [23] INTEGER OPTIONAL,
+ * ticketMaxEarlyData [24] INTEGER OPTIONAL,
* }
*
* Note: historically this serialization has included other optional
@@ -179,6 +181,8 @@
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 22;
static const int kPeerSignatureAlgorithmTag =
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 23;
+static const int kTicketMaxEarlyDataTag =
+ CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 24;
static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
size_t *out_len, int for_ticket) {
@@ -391,6 +395,13 @@
goto err;
}
+ if (in->ticket_max_early_data != 0 &&
+ (!CBB_add_asn1(&session, &child, kTicketMaxEarlyDataTag) ||
+ !CBB_add_asn1_uint64(&child, in->ticket_max_early_data))) {
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
if (!CBB_finish(&cbb, out_data, out_len)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
@@ -443,7 +454,7 @@
}
if (pp) {
- memcpy(*pp, out, len);
+ OPENSSL_memcpy(*pp, out, len);
*pp += len;
}
OPENSSL_free(out);
@@ -510,7 +521,7 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
return 0;
}
- memcpy(out, CBS_data(&value), CBS_len(&value));
+ OPENSSL_memcpy(out, CBS_data(&value), CBS_len(&value));
*out_len = (uint8_t)CBS_len(&value);
return 1;
}
@@ -593,9 +604,9 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
goto err;
}
- memcpy(ret->session_id, CBS_data(&session_id), CBS_len(&session_id));
+ OPENSSL_memcpy(ret->session_id, CBS_data(&session_id), CBS_len(&session_id));
ret->session_id_length = CBS_len(&session_id);
- memcpy(ret->master_key, CBS_data(&master_key), CBS_len(&master_key));
+ OPENSSL_memcpy(ret->master_key, CBS_data(&master_key), CBS_len(&master_key));
ret->master_key_length = CBS_len(&master_key);
CBS child;
@@ -647,7 +658,8 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
goto err;
}
- memcpy(ret->peer_sha256, CBS_data(&peer_sha256), sizeof(ret->peer_sha256));
+ OPENSSL_memcpy(ret->peer_sha256, CBS_data(&peer_sha256),
+ sizeof(ret->peer_sha256));
ret->peer_sha256_valid = 1;
} else {
ret->peer_sha256_valid = 0;
@@ -773,6 +785,8 @@
if (!SSL_SESSION_parse_u16(&session, &ret->peer_signature_algorithm,
kPeerSignatureAlgorithmTag, 0) ||
+ !SSL_SESSION_parse_u32(&session, &ret->ticket_max_early_data,
+ kTicketMaxEarlyDataTag, 0) ||
CBS_len(&session) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
goto err;
diff --git a/src/ssl/ssl_buffer.c b/src/ssl/ssl_buffer.c
index 7feb161..c27db8b 100644
--- a/src/ssl/ssl_buffer.c
+++ b/src/ssl/ssl_buffer.c
@@ -24,6 +24,7 @@
#include <openssl/mem.h>
#include <openssl/type_check.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -67,7 +68,7 @@
static void clear_buffer(SSL3_BUFFER *buf) {
OPENSSL_free(buf->buf);
- memset(buf, 0, sizeof(SSL3_BUFFER));
+ OPENSSL_memset(buf, 0, sizeof(SSL3_BUFFER));
}
OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH <=
diff --git a/src/ssl/ssl_cert.c b/src/ssl/ssl_cert.c
index 277ee4d..397fbf0 100644
--- a/src/ssl/ssl_cert.c
+++ b/src/ssl/ssl_cert.c
@@ -147,7 +147,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(CERT));
+ OPENSSL_memset(ret, 0, sizeof(CERT));
return ret;
}
@@ -158,7 +158,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(CERT));
+ OPENSSL_memset(ret, 0, sizeof(CERT));
if (cert->x509_leaf != NULL) {
X509_up_ref(cert->x509_leaf);
@@ -557,56 +557,55 @@
return CBB_add_u24(cbb, 0);
}
- CERT *cert = ssl->cert;
- X509 *x = cert->x509_leaf;
-
CBB child;
- if (!CBB_add_u24_length_prefixed(cbb, &child)) {
+ if (!CBB_add_u24_length_prefixed(cbb, &child) ||
+ !ssl_add_cert_with_length(&child, ssl->cert->x509_leaf)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0;
}
- int no_chain = 0;
- STACK_OF(X509) *chain = cert->x509_chain;
- if ((ssl->mode & SSL_MODE_NO_AUTO_CHAIN) || chain != NULL) {
- no_chain = 1;
- }
-
- if (no_chain) {
- if (!ssl_add_cert_with_length(&child, x)) {
+ STACK_OF(X509) *chain = ssl->cert->x509_chain;
+ for (size_t i = 0; i < sk_X509_num(chain); i++) {
+ if (!ssl_add_cert_with_length(&child, sk_X509_value(chain, i))) {
return 0;
}
-
- for (size_t i = 0; i < sk_X509_num(chain); i++) {
- x = sk_X509_value(chain, i);
- if (!ssl_add_cert_with_length(&child, x)) {
- return 0;
- }
- }
- } else {
- X509_STORE_CTX xs_ctx;
-
- if (!X509_STORE_CTX_init(&xs_ctx, ssl->ctx->cert_store, x, NULL)) {
- OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB);
- return 0;
- }
- X509_verify_cert(&xs_ctx);
- /* Don't leave errors in the queue */
- ERR_clear_error();
-
- for (size_t i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
- x = sk_X509_value(xs_ctx.chain, i);
- if (!ssl_add_cert_with_length(&child, x)) {
- X509_STORE_CTX_cleanup(&xs_ctx);
- return 0;
- }
- }
- X509_STORE_CTX_cleanup(&xs_ctx);
}
return CBB_flush(cbb);
}
+int ssl_auto_chain_if_needed(SSL *ssl) {
+ /* Only build a chain if there are no intermediates configured and the feature
+ * isn't disabled. */
+ if ((ssl->mode & SSL_MODE_NO_AUTO_CHAIN) ||
+ !ssl_has_certificate(ssl) ||
+ ssl->cert->x509_chain != NULL) {
+ return 1;
+ }
+
+ X509_STORE_CTX ctx;
+ if (!X509_STORE_CTX_init(&ctx, ssl->ctx->cert_store, ssl->cert->x509_leaf,
+ NULL)) {
+ OPENSSL_PUT_ERROR(SSL, ERR_R_X509_LIB);
+ return 0;
+ }
+
+ /* Attempt to build a chain, ignoring the result. */
+ X509_verify_cert(&ctx);
+ ERR_clear_error();
+
+ /* Configure the intermediates from any partial chain we managed to build. */
+ for (size_t i = 1; i < sk_X509_num(ctx.chain); i++) {
+ if (!SSL_add1_chain_cert(ssl, sk_X509_value(ctx.chain, i))) {
+ X509_STORE_CTX_cleanup(&ctx);
+ return 0;
+ }
+ }
+
+ X509_STORE_CTX_cleanup(&ctx);
+ return 1;
+}
+
/* ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from |in| and
* positions |*out_tbs_cert| to cover the TBSCertificate, starting at the
* subjectPublicKeyInfo. */
@@ -707,7 +706,8 @@
static const uint8_t kKeyUsageOID[3] = {0x55, 0x1d, 0x0f};
if (CBS_len(&oid) != sizeof(kKeyUsageOID) ||
- memcmp(CBS_data(&oid), kKeyUsageOID, sizeof(kKeyUsageOID)) != 0) {
+ OPENSSL_memcmp(CBS_data(&oid), kKeyUsageOID, sizeof(kKeyUsageOID)) !=
+ 0) {
continue;
}
diff --git a/src/ssl/ssl_cipher.c b/src/ssl/ssl_cipher.c
index 5223721..20b075e 100644
--- a/src/ssl/ssl_cipher.c
+++ b/src/ssl/ssl_cipher.c
@@ -1073,7 +1073,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
+ OPENSSL_memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
/* Now find the strength_bits values actually used. */
curr = *head_p;
@@ -1437,7 +1437,7 @@
if (!pref_list->in_group_flags) {
goto err;
}
- memcpy(pref_list->in_group_flags, in_group_flags, num_in_group_flags);
+ OPENSSL_memcpy(pref_list->in_group_flags, in_group_flags, num_in_group_flags);
OPENSSL_free(in_group_flags);
in_group_flags = NULL;
if (*out_cipher_list != NULL) {
diff --git a/src/ssl/ssl_lib.c b/src/ssl/ssl_lib.c
index 77e86a8..a60bf81 100644
--- a/src/ssl/ssl_lib.c
+++ b/src/ssl/ssl_lib.c
@@ -196,8 +196,8 @@
uint8_t tmp_storage[sizeof(uint32_t)];
if (sess->session_id_length < sizeof(tmp_storage)) {
- memset(tmp_storage, 0, sizeof(tmp_storage));
- memcpy(tmp_storage, sess->session_id, sess->session_id_length);
+ OPENSSL_memset(tmp_storage, 0, sizeof(tmp_storage));
+ OPENSSL_memcpy(tmp_storage, sess->session_id, sess->session_id_length);
session_id = tmp_storage;
}
@@ -224,7 +224,7 @@
return 1;
}
- return memcmp(a->session_id, b->session_id, a->session_id_length);
+ return OPENSSL_memcmp(a->session_id, b->session_id, a->session_id_length);
}
SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) {
@@ -245,7 +245,7 @@
goto err;
}
- memset(ret, 0, sizeof(SSL_CTX));
+ OPENSSL_memset(ret, 0, sizeof(SSL_CTX));
ret->method = method->method;
@@ -352,8 +352,6 @@
lh_SSL_SESSION_free(ctx->sessions);
X509_STORE_free(ctx->cert_store);
ssl_cipher_preference_list_free(ctx->cipher_list);
- ssl_cipher_preference_list_free(ctx->cipher_list_tls10);
- ssl_cipher_preference_list_free(ctx->cipher_list_tls11);
ssl_cert_free(ctx->cert);
sk_SSL_CUSTOM_EXTENSION_pop_free(ctx->client_custom_extensions,
SSL_CUSTOM_EXTENSION_free);
@@ -385,7 +383,7 @@
if (ssl == NULL) {
goto err;
}
- memset(ssl, 0, sizeof(SSL));
+ OPENSSL_memset(ssl, 0, sizeof(SSL));
ssl->min_version = ctx->min_version;
ssl->max_version = ctx->max_version;
@@ -408,7 +406,7 @@
ssl->verify_mode = ctx->verify_mode;
ssl->sid_ctx_length = ctx->sid_ctx_length;
assert(ssl->sid_ctx_length <= sizeof ssl->sid_ctx);
- memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
+ OPENSSL_memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
ssl->verify_callback = ctx->default_verify_callback;
ssl->retain_only_sha256_of_client_certs =
ctx->retain_only_sha256_of_client_certs;
@@ -421,9 +419,9 @@
ssl->quiet_shutdown = ctx->quiet_shutdown;
ssl->max_send_fragment = ctx->max_send_fragment;
- CRYPTO_refcount_inc(&ctx->references);
+ SSL_CTX_up_ref(ctx);
ssl->ctx = ctx;
- CRYPTO_refcount_inc(&ctx->references);
+ SSL_CTX_up_ref(ctx);
ssl->initial_ctx = ctx;
if (ctx->supported_group_list) {
@@ -614,11 +612,16 @@
return ssl->wbio;
}
-int SSL_do_handshake(SSL *ssl) {
+void ssl_reset_error_state(SSL *ssl) {
+ /* Functions which use |SSL_get_error| must reset I/O and error state on
+ * entry. */
ssl->rwstate = SSL_NOTHING;
- /* Functions which use SSL_get_error must clear the error queue on entry. */
ERR_clear_error();
ERR_clear_system_error();
+}
+
+int SSL_do_handshake(SSL *ssl) {
+ ssl_reset_error_state(ssl);
if (ssl->handshake_func == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_TYPE_NOT_SET);
@@ -737,10 +740,7 @@
}
static int ssl_read_impl(SSL *ssl, void *buf, int num, int peek) {
- ssl->rwstate = SSL_NOTHING;
- /* Functions which use SSL_get_error must clear the error queue on entry. */
- ERR_clear_error();
- ERR_clear_system_error();
+ ssl_reset_error_state(ssl);
if (ssl->handshake_func == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
@@ -786,10 +786,7 @@
}
int SSL_write(SSL *ssl, const void *buf, int num) {
- ssl->rwstate = SSL_NOTHING;
- /* Functions which use SSL_get_error must clear the error queue on entry. */
- ERR_clear_error();
- ERR_clear_system_error();
+ ssl_reset_error_state(ssl);
if (ssl->handshake_func == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
@@ -817,10 +814,7 @@
}
int SSL_shutdown(SSL *ssl) {
- ssl->rwstate = SSL_NOTHING;
- /* Functions which use SSL_get_error must clear the error queue on entry. */
- ERR_clear_error();
- ERR_clear_system_error();
+ ssl_reset_error_state(ssl);
if (ssl->handshake_func == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
@@ -880,6 +874,10 @@
return ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
}
+void SSL_CTX_set_early_data_enabled(SSL_CTX *ctx, int enabled) {
+ ctx->enable_early_data = !!enabled;
+}
+
static int bio_retry_reason_to_error(int reason) {
switch (reason) {
case BIO_RR_CONNECT:
@@ -1159,12 +1157,12 @@
*out_len = max_out;
}
- memcpy(out, finished, *out_len);
+ OPENSSL_memcpy(out, finished, *out_len);
return 1;
err:
*out_len = 0;
- memset(out, 0, max_out);
+ OPENSSL_memset(out, 0, max_out);
return 0;
}
@@ -1177,7 +1175,7 @@
assert(sizeof(ctx->sid_ctx) < 256);
ctx->sid_ctx_length = (uint8_t)sid_ctx_len;
- memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
+ OPENSSL_memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
return 1;
}
@@ -1191,7 +1189,7 @@
assert(sizeof(ssl->sid_ctx) < 256);
ssl->sid_ctx_length = (uint8_t)sid_ctx_len;
- memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
+ OPENSSL_memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
return 1;
}
@@ -1311,7 +1309,7 @@
if (out_len > in_len) {
out_len = in_len;
}
- memcpy(out, in, out_len);
+ OPENSSL_memcpy(out, in, out_len);
return in_len;
}
@@ -1547,9 +1545,9 @@
return 0;
}
uint8_t *out_bytes = out;
- memcpy(out_bytes, ctx->tlsext_tick_key_name, 16);
- memcpy(out_bytes + 16, ctx->tlsext_tick_hmac_key, 16);
- memcpy(out_bytes + 32, ctx->tlsext_tick_aes_key, 16);
+ OPENSSL_memcpy(out_bytes, ctx->tlsext_tick_key_name, 16);
+ OPENSSL_memcpy(out_bytes + 16, ctx->tlsext_tick_hmac_key, 16);
+ OPENSSL_memcpy(out_bytes + 32, ctx->tlsext_tick_aes_key, 16);
return 1;
}
@@ -1562,9 +1560,9 @@
return 0;
}
const uint8_t *in_bytes = in;
- memcpy(ctx->tlsext_tick_key_name, in_bytes, 16);
- memcpy(ctx->tlsext_tick_hmac_key, in_bytes + 16, 16);
- memcpy(ctx->tlsext_tick_aes_key, in_bytes + 32, 16);
+ OPENSSL_memcpy(ctx->tlsext_tick_key_name, in_bytes, 16);
+ OPENSSL_memcpy(ctx->tlsext_tick_hmac_key, in_bytes + 16, 16);
+ OPENSSL_memcpy(ctx->tlsext_tick_aes_key, in_bytes + 32, 16);
return 1;
}
@@ -1680,38 +1678,6 @@
return 1;
}
-int SSL_CTX_set_cipher_list_tls10(SSL_CTX *ctx, const char *str) {
- STACK_OF(SSL_CIPHER) *cipher_list =
- ssl_create_cipher_list(ctx->method, &ctx->cipher_list_tls10, str);
- if (cipher_list == NULL) {
- return 0;
- }
-
- /* |ssl_create_cipher_list| may succeed but return an empty cipher list. */
- if (sk_SSL_CIPHER_num(cipher_list) == 0) {
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH);
- return 0;
- }
-
- return 1;
-}
-
-int SSL_CTX_set_cipher_list_tls11(SSL_CTX *ctx, const char *str) {
- STACK_OF(SSL_CIPHER) *cipher_list =
- ssl_create_cipher_list(ctx->method, &ctx->cipher_list_tls11, str);
- if (cipher_list == NULL) {
- return 0;
- }
-
- /* |ssl_create_cipher_list| may succeed but return an empty cipher list. */
- if (sk_SSL_CIPHER_num(cipher_list) == 0) {
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHER_MATCH);
- return 0;
- }
-
- return 1;
-}
-
int SSL_set_cipher_list(SSL *ssl, const char *str) {
STACK_OF(SSL_CIPHER) *cipher_list =
ssl_create_cipher_list(ssl->ctx->method, &ssl->cipher_list, str);
@@ -1878,7 +1844,7 @@
for (i = 0; i < server_len;) {
for (j = 0; j < client_len;) {
if (server[i] == client[j] &&
- memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+ OPENSSL_memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
/* We found a match */
result = &server[i];
status = OPENSSL_NPN_NEGOTIATED;
@@ -2030,7 +1996,8 @@
if (!ssl->s3->tlsext_channel_id_valid) {
return 0;
}
- memcpy(out, ssl->s3->tlsext_channel_id, (max_out < 64) ? max_out : 64);
+ OPENSSL_memcpy(out, ssl->s3->tlsext_channel_id,
+ (max_out < 64) ? max_out : 64);
return 64;
}
@@ -2299,13 +2266,13 @@
ssl_cert_free(ssl->cert);
ssl->cert = ssl_cert_dup(ctx->cert);
- CRYPTO_refcount_inc(&ctx->references);
- SSL_CTX_free(ssl->ctx); /* decrement reference count */
+ SSL_CTX_up_ref(ctx);
+ SSL_CTX_free(ssl->ctx);
ssl->ctx = ctx;
ssl->sid_ctx_length = ctx->sid_ctx_length;
assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
- memcpy(ssl->sid_ctx, ctx->sid_ctx, sizeof(ssl->sid_ctx));
+ OPENSSL_memcpy(ssl->sid_ctx, ctx->sid_ctx, sizeof(ssl->sid_ctx));
return ssl->ctx;
}
@@ -2869,7 +2836,7 @@
if (max_out > sizeof(ssl->s3->client_random)) {
max_out = sizeof(ssl->s3->client_random);
}
- memcpy(out, ssl->s3->client_random, max_out);
+ OPENSSL_memcpy(out, ssl->s3->client_random, max_out);
return max_out;
}
@@ -2880,7 +2847,7 @@
if (max_out > sizeof(ssl->s3->server_random)) {
max_out = sizeof(ssl->s3->server_random);
}
- memcpy(out, ssl->s3->server_random, max_out);
+ OPENSSL_memcpy(out, ssl->s3->server_random, max_out);
return max_out;
}
@@ -2903,6 +2870,10 @@
ctx->grease_enabled = !!enabled;
}
+void SSL_CTX_set_short_header_enabled(SSL_CTX *ctx, int enabled) {
+ ctx->short_header_enabled = !!enabled;
+}
+
int SSL_clear(SSL *ssl) {
/* In OpenSSL, reusing a client |SSL| with |SSL_clear| causes the previously
* established session to be offered the next time around. wpa_supplicant
diff --git a/src/ssl/ssl_session.c b/src/ssl/ssl_session.c
index d6d7dab..7adef1a 100644
--- a/src/ssl/ssl_session.c
+++ b/src/ssl/ssl_session.c
@@ -166,7 +166,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(session, 0, sizeof(SSL_SESSION));
+ OPENSSL_memset(session, 0, sizeof(SSL_SESSION));
session->verify_result = X509_V_ERR_INVALID_CALL;
session->references = 1;
@@ -185,11 +185,11 @@
new_session->is_server = session->is_server;
new_session->ssl_version = session->ssl_version;
new_session->sid_ctx_length = session->sid_ctx_length;
- memcpy(new_session->sid_ctx, session->sid_ctx, session->sid_ctx_length);
+ OPENSSL_memcpy(new_session->sid_ctx, session->sid_ctx, session->sid_ctx_length);
/* Copy the key material. */
new_session->master_key_length = session->master_key_length;
- memcpy(new_session->master_key, session->master_key,
+ OPENSSL_memcpy(new_session->master_key, session->master_key,
session->master_key_length);
new_session->cipher = session->cipher;
@@ -245,7 +245,8 @@
}
}
- memcpy(new_session->peer_sha256, session->peer_sha256, SHA256_DIGEST_LENGTH);
+ OPENSSL_memcpy(new_session->peer_sha256, session->peer_sha256,
+ SHA256_DIGEST_LENGTH);
new_session->peer_sha256_valid = session->peer_sha256_valid;
if (session->tlsext_hostname != NULL) {
@@ -263,18 +264,19 @@
/* Copy non-authentication connection properties. */
if (dup_flags & SSL_SESSION_INCLUDE_NONAUTH) {
new_session->session_id_length = session->session_id_length;
- memcpy(new_session->session_id, session->session_id,
- session->session_id_length);
+ OPENSSL_memcpy(new_session->session_id, session->session_id,
+ session->session_id_length);
new_session->group_id = session->group_id;
- memcpy(new_session->original_handshake_hash,
- session->original_handshake_hash,
- session->original_handshake_hash_len);
+ OPENSSL_memcpy(new_session->original_handshake_hash,
+ session->original_handshake_hash,
+ session->original_handshake_hash_len);
new_session->original_handshake_hash_len =
session->original_handshake_hash_len;
new_session->tlsext_tick_lifetime_hint = session->tlsext_tick_lifetime_hint;
new_session->ticket_age_add = session->ticket_age_add;
+ new_session->ticket_max_early_data = session->ticket_max_early_data;
new_session->extended_master_secret = session->extended_master_secret;
}
@@ -387,7 +389,7 @@
if (max_out > (size_t)session->master_key_length) {
max_out = (size_t)session->master_key_length;
}
- memcpy(out, session->master_key, max_out);
+ OPENSSL_memcpy(out, session->master_key, max_out);
return max_out;
}
@@ -418,7 +420,7 @@
assert(sizeof(session->sid_ctx) < 256);
session->sid_ctx_length = (uint8_t)sid_ctx_len;
- memcpy(session->sid_ctx, sid_ctx, sid_ctx_len);
+ OPENSSL_memcpy(session->sid_ctx, sid_ctx, sid_ctx_len);
return 1;
}
@@ -517,7 +519,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
goto err;
}
- memcpy(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length);
+ OPENSSL_memcpy(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length);
session->sid_ctx_length = ssl->sid_ctx_length;
/* The session is marked not resumable until it is completely filled in. */
@@ -627,7 +629,7 @@
NULL)) {
goto err;
}
- memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+ OPENSSL_memcpy(key_name, tctx->tlsext_tick_key_name, 16);
}
uint8_t *ptr;
@@ -639,7 +641,7 @@
size_t total = 0;
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- memcpy(ptr, session_buf, session_len);
+ OPENSSL_memcpy(ptr, session_buf, session_len);
total = session_len;
#else
int len;
@@ -679,7 +681,8 @@
}
return session->sid_ctx_length == ssl->sid_ctx_length &&
- memcmp(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length) == 0;
+ OPENSSL_memcmp(session->sid_ctx, ssl->sid_ctx, ssl->sid_ctx_length) ==
+ 0;
}
int ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session) {
@@ -737,7 +740,7 @@
SSL_SESSION data;
data.ssl_version = ssl->version;
data.session_id_length = session_id_len;
- memcpy(data.session_id, session_id, session_id_len);
+ OPENSSL_memcpy(data.session_id, session_id, session_id_len);
CRYPTO_MUTEX_lock_read(&ssl->initial_ctx->lock);
session = lh_SSL_SESSION_retrieve(ssl->initial_ctx->sessions, &data);
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc
index b74e51e..952ac11 100644
--- a/src/ssl/ssl_test.cc
+++ b/src/ssl/ssl_test.cc
@@ -673,7 +673,7 @@
}
encoded.reset(encoded_raw);
if (encoded_len != input.size() ||
- memcmp(input.data(), encoded.get(), input.size()) != 0) {
+ OPENSSL_memcmp(input.data(), encoded.get(), input.size()) != 0) {
fprintf(stderr, "SSL_SESSION_to_bytes did not round-trip\n");
hexdump(stderr, "Before: ", input.data(), input.size());
hexdump(stderr, "After: ", encoded_raw, encoded_len);
@@ -711,7 +711,7 @@
fprintf(stderr, "i2d_SSL_SESSION did not advance ptr correctly\n");
return false;
}
- if (memcmp(input.data(), encoded.get(), input.size()) != 0) {
+ if (OPENSSL_memcmp(input.data(), encoded.get(), input.size()) != 0) {
fprintf(stderr, "i2d_SSL_SESSION did not round-trip\n");
return false;
}
@@ -838,7 +838,7 @@
if (session->tlsext_tick == nullptr) {
return nullptr;
}
- memset(session->tlsext_tick, 'a', ticket_len);
+ OPENSSL_memset(session->tlsext_tick, 'a', ticket_len);
session->tlsext_ticklen = ticket_len;
// Fix up the timeout.
@@ -1030,8 +1030,8 @@
}
ret->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
- memset(ret->session_id, 0, ret->session_id_length);
- memcpy(ret->session_id, &number, sizeof(number));
+ OPENSSL_memset(ret->session_id, 0, ret->session_id_length);
+ OPENSSL_memcpy(ret->session_id, &number, sizeof(number));
return ret;
}
@@ -1142,7 +1142,8 @@
"j2VNHwsSrJwkD4QUGlUtH7vwnQmyCFxZMmWAJg==\n"
"-----END CERTIFICATE-----\n";
bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
- return bssl::UniquePtr<X509>(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
+ return bssl::UniquePtr<X509>(
+ PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
}
static bssl::UniquePtr<EVP_PKEY> GetTestKey() {
@@ -1197,6 +1198,90 @@
PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr));
}
+static bssl::UniquePtr<X509> GetChainTestCertificate() {
+ static const char kCertPEM[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIC0jCCAbqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEQiBD\n"
+ "QTAeFw0xNjAyMjgyMDI3MDNaFw0yNjAyMjUyMDI3MDNaMBgxFjAUBgNVBAMMDUNs\n"
+ "aWVudCBDZXJ0IEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRvaz8\n"
+ "CC/cshpCafJo4jLkHEoBqDLhdgFelJoAiQUyIqyWl2O7YHPnpJH+TgR7oelzNzt/\n"
+ "kLRcH89M/TszB6zqyLTC4aqmvzKL0peD/jL2LWBucR0WXIvjA3zoRuF/x86+rYH3\n"
+ "tHb+xs2PSs8EGL/Ev+ss+qTzTGEn26fuGNHkNw6tOwPpc+o8+wUtzf/kAthamo+c\n"
+ "IDs2rQ+lP7+aLZTLeU/q4gcLutlzcK5imex5xy2jPkweq48kijK0kIzl1cPlA5d1\n"
+ "z7C8jU50Pj9X9sQDJTN32j7UYRisJeeYQF8GaaN8SbrDI6zHgKzrRLyxDt/KQa9V\n"
+ "iLeXANgZi+Xx9KgfAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI\n"
+ "KwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBFEVbmYl+2RtNw\n"
+ "rDftRDF1v2QUbcN2ouSnQDHxeDQdSgasLzT3ui8iYu0Rw2WWcZ0DV5e0ztGPhWq7\n"
+ "AO0B120aFRMOY+4+bzu9Q2FFkQqc7/fKTvTDzIJI5wrMnFvUfzzvxh3OHWMYSs/w\n"
+ "giq33hTKeHEq6Jyk3btCny0Ycecyc3yGXH10sizUfiHlhviCkDuESk8mFDwDDzqW\n"
+ "ZF0IipzFbEDHoIxLlm3GQxpiLoEV4k8KYJp3R5KBLFyxM6UGPz8h72mIPCJp2RuK\n"
+ "MYgF91UDvVzvnYm6TfseM2+ewKirC00GOrZ7rEcFvtxnKSqYf4ckqfNdSU1Y+RRC\n"
+ "1ngWZ7Ih\n"
+ "-----END CERTIFICATE-----\n";
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
+ return bssl::UniquePtr<X509>(
+ PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
+}
+
+static bssl::UniquePtr<X509> GetChainTestIntermediate() {
+ static const char kCertPEM[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICwjCCAaqgAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwFDESMBAGA1UEAwwJQyBS\n"
+ "b290IENBMB4XDTE2MDIyODIwMjcwM1oXDTI2MDIyNTIwMjcwM1owDzENMAsGA1UE\n"
+ "AwwEQiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsSCYmDip2D\n"
+ "GkjFxw7ykz26JSjELkl6ArlYjFJ3aT/SCh8qbS4gln7RH8CPBd78oFdfhIKQrwtZ\n"
+ "3/q21ykD9BAS3qHe2YdcJfm8/kWAy5DvXk6NXU4qX334KofBAEpgdA/igEFq1P1l\n"
+ "HAuIfZCpMRfT+i5WohVsGi8f/NgpRvVaMONLNfgw57mz1lbtFeBEISmX0kbsuJxF\n"
+ "Qj/Bwhi5/0HAEXG8e7zN4cEx0yPRvmOATRdVb/8dW2pwOHRJq9R5M0NUkIsTSnL7\n"
+ "6N/z8hRAHMsV3IudC5Yd7GXW1AGu9a+iKU+Q4xcZCoj0DC99tL4VKujrV1kAeqsM\n"
+ "cz5/dKzi6+cCAwEAAaMjMCEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\n"
+ "AQYwDQYJKoZIhvcNAQELBQADggEBAIIeZiEeNhWWQ8Y4D+AGDwqUUeG8NjCbKrXQ\n"
+ "BlHg5wZ8xftFaiP1Dp/UAezmx2LNazdmuwrYB8lm3FVTyaPDTKEGIPS4wJKHgqH1\n"
+ "QPDhqNm85ey7TEtI9oYjsNim/Rb+iGkIAMXaxt58SzxbjvP0kMr1JfJIZbic9vye\n"
+ "NwIspMFIpP3FB8ywyu0T0hWtCQgL4J47nigCHpOu58deP88fS/Nyz/fyGVWOZ76b\n"
+ "WhWwgM3P3X95fQ3d7oFPR/bVh0YV+Cf861INwplokXgXQ3/TCQ+HNXeAMWn3JLWv\n"
+ "XFwk8owk9dq/kQGdndGgy3KTEW4ctPX5GNhf3LJ9Q7dLji4ReQ4=\n"
+ "-----END CERTIFICATE-----\n";
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
+ return bssl::UniquePtr<X509>(
+ PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
+}
+
+static bssl::UniquePtr<EVP_PKEY> GetChainTestKey() {
+ static const char kKeyPEM[] =
+ "-----BEGIN PRIVATE KEY-----\n"
+ "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDRvaz8CC/cshpC\n"
+ "afJo4jLkHEoBqDLhdgFelJoAiQUyIqyWl2O7YHPnpJH+TgR7oelzNzt/kLRcH89M\n"
+ "/TszB6zqyLTC4aqmvzKL0peD/jL2LWBucR0WXIvjA3zoRuF/x86+rYH3tHb+xs2P\n"
+ "Ss8EGL/Ev+ss+qTzTGEn26fuGNHkNw6tOwPpc+o8+wUtzf/kAthamo+cIDs2rQ+l\n"
+ "P7+aLZTLeU/q4gcLutlzcK5imex5xy2jPkweq48kijK0kIzl1cPlA5d1z7C8jU50\n"
+ "Pj9X9sQDJTN32j7UYRisJeeYQF8GaaN8SbrDI6zHgKzrRLyxDt/KQa9ViLeXANgZ\n"
+ "i+Xx9KgfAgMBAAECggEBAK0VjSJzkyPaamcyTVSWjo7GdaBGcK60lk657RjR+lK0\n"
+ "YJ7pkej4oM2hdsVZFsP8Cs4E33nXLa/0pDsRov/qrp0WQm2skwqGMC1I/bZ0WRPk\n"
+ "wHaDrBBfESWnJDX/AGpVtlyOjPmgmK6J2usMPihQUDkKdAYrVWJePrMIxt1q6BMe\n"
+ "iczs3qriMmtY3bUc4UyUwJ5fhDLjshHvfuIpYQyI6EXZM6dZksn9LylXJnigY6QJ\n"
+ "HxOYO0BDwOsZ8yQ8J8afLk88i0GizEkgE1z3REtQUwgWfxr1WV/ud+T6/ZhSAgH9\n"
+ "042mQvSFZnIUSEsmCvjhWuAunfxHKCTcAoYISWfzWpkCgYEA7gpf3HHU5Tn+CgUn\n"
+ "1X5uGpG3DmcMgfeGgs2r2f/IIg/5Ac1dfYILiybL1tN9zbyLCJfcbFpWBc9hJL6f\n"
+ "CPc5hUiwWFJqBJewxQkC1Ae/HakHbip+IZ+Jr0842O4BAArvixk4Lb7/N2Ct9sTE\n"
+ "NJO6RtK9lbEZ5uK61DglHy8CS2UCgYEA4ZC1o36kPAMQBggajgnucb2yuUEelk0f\n"
+ "AEr+GI32MGE+93xMr7rAhBoqLg4AITyIfEnOSQ5HwagnIHonBbv1LV/Gf9ursx8Z\n"
+ "YOGbvT8zzzC+SU1bkDzdjAYnFQVGIjMtKOBJ3K07++ypwX1fr4QsQ8uKL8WSOWwt\n"
+ "Z3Bym6XiZzMCgYADnhy+2OwHX85AkLt+PyGlPbmuelpyTzS4IDAQbBa6jcuW/2wA\n"
+ "UE2km75VUXmD+u2R/9zVuLm99NzhFhSMqlUxdV1YukfqMfP5yp1EY6m/5aW7QuIP\n"
+ "2MDa7TVL9rIFMiVZ09RKvbBbQxjhuzPQKL6X/PPspnhiTefQ+dl2k9xREQKBgHDS\n"
+ "fMfGNEeAEKezrfSVqxphE9/tXms3L+ZpnCaT+yu/uEr5dTIAawKoQ6i9f/sf1/Sy\n"
+ "xedsqR+IB+oKrzIDDWMgoJybN4pkZ8E5lzhVQIjFjKgFdWLzzqyW9z1gYfABQPlN\n"
+ "FiS20WX0vgP1vcKAjdNrHzc9zyHBpgQzDmAj3NZZAoGBAI8vKCKdH7w3aL5CNkZQ\n"
+ "2buIeWNA2HZazVwAGG5F2TU/LmXfRKnG6dX5bkU+AkBZh56jNZy//hfFSewJB4Kk\n"
+ "buB7ERSdaNbO21zXt9FEA3+z0RfMd/Zv2vlIWOSB5nzl/7UKti3sribK6s9ZVLfi\n"
+ "SxpiPQ8d/hmSGwn4ksrWUsJD\n"
+ "-----END PRIVATE KEY-----\n";
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kKeyPEM, strlen(kKeyPEM)));
+ return bssl::UniquePtr<EVP_PKEY>(
+ PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr));
+}
+
static bool CompleteHandshakes(SSL *client, SSL *server) {
// Drive both their handshakes to completion.
for (;;) {
@@ -1442,7 +1527,7 @@
}
bssl::UniquePtr<uint8_t> free_s1(s1_bytes);
- return s0_len == s1_len && memcmp(s0_bytes, s1_bytes, s0_len) == 0;
+ return s0_len == s1_len && OPENSSL_memcmp(s0_bytes, s1_bytes, s0_len) == 0;
}
static bool ExpectFDs(const SSL *ssl, int rfd, int wfd) {
@@ -1711,7 +1796,8 @@
return false;
}
- if (memcmp(cert_sha256, session->peer_sha256, SHA256_DIGEST_LENGTH) != 0) {
+ if (OPENSSL_memcmp(cert_sha256, session->peer_sha256, SHA256_DIGEST_LENGTH) !=
+ 0) {
fprintf(stderr, "peer_sha256 did not match.\n");
return false;
}
@@ -1747,10 +1833,10 @@
fprintf(stderr, "ClientHello for version %04x too short.\n", version);
return false;
}
- memset(client_hello.data() + kRandomOffset, 0, SSL3_RANDOM_SIZE);
+ OPENSSL_memset(client_hello.data() + kRandomOffset, 0, SSL3_RANDOM_SIZE);
if (client_hello.size() != expected_len ||
- memcmp(client_hello.data(), expected, expected_len) != 0) {
+ OPENSSL_memcmp(client_hello.data(), expected, expected_len) != 0) {
fprintf(stderr, "ClientHello for version %04x did not match:\n", version);
fprintf(stderr, "Got:\n\t");
for (size_t i = 0; i < client_hello.size(); i++) {
@@ -2097,9 +2183,9 @@
static const uint8_t kZeros[16] = {0};
if (encrypt) {
- memcpy(key_name, kZeros, sizeof(kZeros));
+ OPENSSL_memcpy(key_name, kZeros, sizeof(kZeros));
RAND_bytes(iv, 16);
- } else if (memcmp(key_name, kZeros, 16) != 0) {
+ } else if (OPENSSL_memcmp(key_name, kZeros, 16) != 0) {
return 0;
}
@@ -2124,7 +2210,7 @@
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
// Fuzzer-mode tickets are unencrypted.
- memcpy(plaintext.get(), ciphertext, len);
+ OPENSSL_memcpy(plaintext.get(), ciphertext, len);
#else
static const uint8_t kZeros[16] = {0};
const uint8_t *iv = session->tlsext_tick + 16;
@@ -2588,6 +2674,27 @@
return true;
}
+static const char *GetVersionName(uint16_t version) {
+ switch (version) {
+ case SSL3_VERSION:
+ return "SSLv3";
+ case TLS1_VERSION:
+ return "TLSv1";
+ case TLS1_1_VERSION:
+ return "TLSv1.1";
+ case TLS1_2_VERSION:
+ return "TLSv1.2";
+ case TLS1_3_VERSION:
+ return "TLSv1.3";
+ case DTLS1_VERSION:
+ return "DTLSv1";
+ case DTLS1_2_VERSION:
+ return "DTLSv1.2";
+ default:
+ return "???";
+ }
+}
+
static bool TestVersion(bool is_dtls, const SSL_METHOD *method,
uint16_t version) {
bssl::UniquePtr<X509> cert = GetTestCertificate();
@@ -2619,6 +2726,29 @@
return false;
}
+ // Test the version name is reported as expected.
+ const char *version_name = GetVersionName(version);
+ if (strcmp(version_name, SSL_get_version(client.get())) != 0 ||
+ strcmp(version_name, SSL_get_version(server.get())) != 0) {
+ fprintf(stderr, "Version name mismatch. Got '%s' and '%s', wanted '%s'.\n",
+ SSL_get_version(client.get()), SSL_get_version(server.get()),
+ version_name);
+ return false;
+ }
+
+ // Test SSL_SESSION reports the same name.
+ const char *client_name =
+ SSL_SESSION_get_version(SSL_get_session(client.get()));
+ const char *server_name =
+ SSL_SESSION_get_version(SSL_get_session(server.get()));
+ if (strcmp(version_name, client_name) != 0 ||
+ strcmp(version_name, server_name) != 0) {
+ fprintf(stderr,
+ "Session version name mismatch. Got '%s' and '%s', wanted '%s'.\n",
+ client_name, server_name, version_name);
+ return false;
+ }
+
return true;
}
@@ -2738,6 +2868,268 @@
return true;
}
+static bool ChainsEqual(STACK_OF(X509) *chain,
+ const std::vector<X509 *> &expected) {
+ if (sk_X509_num(chain) != expected.size()) {
+ return false;
+ }
+
+ for (size_t i = 0; i < expected.size(); i++) {
+ if (X509_cmp(sk_X509_value(chain, i), expected[i]) != 0) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+static bool TestAutoChain(bool is_dtls, const SSL_METHOD *method,
+ uint16_t version) {
+ bssl::UniquePtr<X509> cert = GetChainTestCertificate();
+ bssl::UniquePtr<X509> intermediate = GetChainTestIntermediate();
+ bssl::UniquePtr<EVP_PKEY> key = GetChainTestKey();
+ if (!cert || !intermediate || !key) {
+ return false;
+ }
+
+ // Configure both client and server to accept any certificate. Add
+ // |intermediate| to the cert store.
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(method));
+ if (!ctx ||
+ !SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
+ !SSL_CTX_use_PrivateKey(ctx.get(), key.get()) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), version) ||
+ !X509_STORE_add_cert(SSL_CTX_get_cert_store(ctx.get()),
+ intermediate.get())) {
+ return false;
+ }
+ SSL_CTX_set_verify(
+ ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
+ SSL_CTX_set_cert_verify_callback(ctx.get(), VerifySucceed, NULL);
+
+ // By default, the client and server should each only send the leaf.
+ bssl::UniquePtr<SSL> client, server;
+ if (!ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
+ nullptr /* no session */)) {
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(client.get()), {cert.get()})) {
+ fprintf(stderr, "Client-received chain did not match.\n");
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(server.get()), {cert.get()})) {
+ fprintf(stderr, "Server-received chain did not match.\n");
+ return false;
+ }
+
+ // If auto-chaining is enabled, then the intermediate is sent.
+ SSL_CTX_clear_mode(ctx.get(), SSL_MODE_NO_AUTO_CHAIN);
+ if (!ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
+ nullptr /* no session */)) {
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(client.get()),
+ {cert.get(), intermediate.get()})) {
+ fprintf(stderr, "Client-received chain did not match (auto-chaining).\n");
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(server.get()),
+ {cert.get(), intermediate.get()})) {
+ fprintf(stderr, "Server-received chain did not match (auto-chaining).\n");
+ return false;
+ }
+
+ // Auto-chaining does not override explicitly-configured intermediates.
+ if (!SSL_CTX_add1_chain_cert(ctx.get(), cert.get()) ||
+ !ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
+ nullptr /* no session */)) {
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(client.get()),
+ {cert.get(), cert.get()})) {
+ fprintf(stderr,
+ "Client-received chain did not match (auto-chaining, explicit "
+ "intermediate).\n");
+ return false;
+ }
+
+ if (!ChainsEqual(SSL_get_peer_full_cert_chain(server.get()),
+ {cert.get(), cert.get()})) {
+ fprintf(stderr,
+ "Server-received chain did not match (auto-chaining, explicit "
+ "intermediate).\n");
+ return false;
+ }
+
+ return true;
+}
+
+static bool ExpectBadWriteRetry() {
+ int err = ERR_get_error();
+ if (ERR_GET_LIB(err) != ERR_LIB_SSL ||
+ ERR_GET_REASON(err) != SSL_R_BAD_WRITE_RETRY) {
+ char buf[ERR_ERROR_STRING_BUF_LEN];
+ ERR_error_string_n(err, buf, sizeof(buf));
+ fprintf(stderr, "Wanted SSL_R_BAD_WRITE_RETRY, got: %s.\n", buf);
+ return false;
+ }
+
+ if (ERR_peek_error() != 0) {
+ fprintf(stderr, "Unexpected error following SSL_R_BAD_WRITE_RETRY.\n");
+ return false;
+ }
+
+ return true;
+}
+
+static bool TestSSLWriteRetry(bool is_dtls, const SSL_METHOD *method,
+ uint16_t version) {
+ if (is_dtls) {
+ return true;
+ }
+
+ for (bool enable_partial_write : std::vector<bool>{false, true}) {
+ // Connect a client and server.
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(method));
+ bssl::UniquePtr<SSL> client, server;
+ if (!cert || !key || !ctx ||
+ !SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
+ !SSL_CTX_use_PrivateKey(ctx.get(), key.get()) ||
+ !SSL_CTX_set_min_proto_version(ctx.get(), version) ||
+ !SSL_CTX_set_max_proto_version(ctx.get(), version) ||
+ !ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
+ nullptr /* no session */)) {
+ return false;
+ }
+
+ if (enable_partial_write) {
+ SSL_set_mode(client.get(), SSL_MODE_ENABLE_PARTIAL_WRITE);
+ }
+
+ // Write without reading until the buffer is full and we have an unfinished
+ // write. Keep a count so we may reread it again later. "hello!" will be
+ // written in two chunks, "hello" and "!".
+ char data[] = "hello!";
+ static const int kChunkLen = 5; // The length of "hello".
+ unsigned count = 0;
+ for (;;) {
+ int ret = SSL_write(client.get(), data, kChunkLen);
+ if (ret <= 0) {
+ int err = SSL_get_error(client.get(), ret);
+ if (SSL_get_error(client.get(), ret) == SSL_ERROR_WANT_WRITE) {
+ break;
+ }
+ fprintf(stderr, "SSL_write failed in unexpected way: %d\n", err);
+ return false;
+ }
+
+ if (ret != 5) {
+ fprintf(stderr, "SSL_write wrote %d bytes, expected 5.\n", ret);
+ return false;
+ }
+
+ count++;
+ }
+
+ // Retrying with the same parameters is legal.
+ if (SSL_get_error(client.get(), SSL_write(client.get(), data, kChunkLen)) !=
+ SSL_ERROR_WANT_WRITE) {
+ fprintf(stderr, "SSL_write retry unexpectedly failed.\n");
+ return false;
+ }
+
+ // Retrying with the same buffer but shorter length is not legal.
+ if (SSL_get_error(client.get(),
+ SSL_write(client.get(), data, kChunkLen - 1)) !=
+ SSL_ERROR_SSL ||
+ !ExpectBadWriteRetry()) {
+ fprintf(stderr, "SSL_write retry did not fail as expected.\n");
+ return false;
+ }
+
+ // Retrying with a different buffer pointer is not legal.
+ char data2[] = "hello";
+ if (SSL_get_error(client.get(), SSL_write(client.get(), data2,
+ kChunkLen)) != SSL_ERROR_SSL ||
+ !ExpectBadWriteRetry()) {
+ fprintf(stderr, "SSL_write retry did not fail as expected.\n");
+ return false;
+ }
+
+ // With |SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER|, the buffer may move.
+ SSL_set_mode(client.get(), SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+ if (SSL_get_error(client.get(),
+ SSL_write(client.get(), data2, kChunkLen)) !=
+ SSL_ERROR_WANT_WRITE) {
+ fprintf(stderr, "SSL_write retry unexpectedly failed.\n");
+ return false;
+ }
+
+ // |SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER| does not disable length checks.
+ if (SSL_get_error(client.get(),
+ SSL_write(client.get(), data2, kChunkLen - 1)) !=
+ SSL_ERROR_SSL ||
+ !ExpectBadWriteRetry()) {
+ fprintf(stderr, "SSL_write retry did not fail as expected.\n");
+ return false;
+ }
+
+ // Retrying with a larger buffer is legal.
+ if (SSL_get_error(client.get(),
+ SSL_write(client.get(), data, kChunkLen + 1)) !=
+ SSL_ERROR_WANT_WRITE) {
+ fprintf(stderr, "SSL_write retry unexpectedly failed.\n");
+ return false;
+ }
+
+ // Drain the buffer.
+ char buf[20];
+ for (unsigned i = 0; i < count; i++) {
+ if (SSL_read(server.get(), buf, sizeof(buf)) != kChunkLen ||
+ OPENSSL_memcmp(buf, "hello", kChunkLen) != 0) {
+ fprintf(stderr, "Failed to read initial records.\n");
+ return false;
+ }
+ }
+
+ // Now that there is space, a retry with a larger buffer should flush the
+ // pending record, skip over that many bytes of input (on assumption they
+ // are the same), and write the remainder. If SSL_MODE_ENABLE_PARTIAL_WRITE
+ // is set, this will complete in two steps.
+ char data3[] = "_____!";
+ if (enable_partial_write) {
+ if (SSL_write(client.get(), data3, kChunkLen + 1) != kChunkLen ||
+ SSL_write(client.get(), data3 + kChunkLen, 1) != 1) {
+ fprintf(stderr, "SSL_write retry failed.\n");
+ return false;
+ }
+ } else if (SSL_write(client.get(), data3, kChunkLen + 1) != kChunkLen + 1) {
+ fprintf(stderr, "SSL_write retry failed.\n");
+ return false;
+ }
+
+ // Check the last write was correct. The data will be spread over two
+ // records, so SSL_read returns twice.
+ if (SSL_read(server.get(), buf, sizeof(buf)) != kChunkLen ||
+ OPENSSL_memcmp(buf, "hello", kChunkLen) != 0 ||
+ SSL_read(server.get(), buf, sizeof(buf)) != 1 ||
+ buf[0] != '!') {
+ fprintf(stderr, "Failed to read write retry.\n");
+ return false;
+ }
+ }
+
+ return true;
+}
+
static bool ForEachVersion(bool (*test_func)(bool is_dtls,
const SSL_METHOD *method,
uint16_t version)) {
@@ -2814,7 +3206,9 @@
!TestSetVersion() ||
!ForEachVersion(TestVersion) ||
!ForEachVersion(TestALPNCipherAvailable) ||
- !ForEachVersion(TestSSLClearSessionResumption)) {
+ !ForEachVersion(TestSSLClearSessionResumption) ||
+ !ForEachVersion(TestAutoChain) ||
+ !ForEachVersion(TestSSLWriteRetry)) {
ERR_print_errors_fp(stderr);
return 1;
}
diff --git a/src/ssl/t1_enc.c b/src/ssl/t1_enc.c
index 70907e1..5e5c348 100644
--- a/src/ssl/t1_enc.c
+++ b/src/ssl/t1_enc.c
@@ -146,6 +146,7 @@
#include <openssl/nid.h>
#include <openssl/rand.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -231,7 +232,7 @@
return 1;
}
- memset(out, 0, out_len);
+ OPENSSL_memset(out, 0, out_len);
uint32_t algorithm_prf = ssl_get_algorithm_prf(ssl);
if (algorithm_prf == SSL_HANDSHAKE_MAC_DEFAULT) {
@@ -528,12 +529,13 @@
return 0;
}
- memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE);
- memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random, SSL3_RANDOM_SIZE);
+ OPENSSL_memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE);
+ OPENSSL_memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random,
+ SSL3_RANDOM_SIZE);
if (use_context) {
seed[2 * SSL3_RANDOM_SIZE] = (uint8_t)(context_len >> 8);
seed[2 * SSL3_RANDOM_SIZE + 1] = (uint8_t)context_len;
- memcpy(seed + 2 * SSL3_RANDOM_SIZE + 2, context, context_len);
+ OPENSSL_memcpy(seed + 2 * SSL3_RANDOM_SIZE + 2, context, context_len);
}
int ret =
diff --git a/src/ssl/t1_lib.c b/src/ssl/t1_lib.c
index 4549fe2..0681919 100644
--- a/src/ssl/t1_lib.c
+++ b/src/ssl/t1_lib.c
@@ -205,7 +205,7 @@
int ssl_client_hello_init(SSL *ssl, SSL_CLIENT_HELLO *out, const uint8_t *in,
size_t in_len) {
- memset(out, 0, sizeof(*out));
+ OPENSSL_memset(out, 0, sizeof(*out));
out->ssl = ssl;
out->client_hello = in;
out->client_hello_len = in_len;
@@ -308,9 +308,6 @@
SSL_CURVE_X25519,
SSL_CURVE_SECP256R1,
SSL_CURVE_SECP384R1,
-#if defined(BORINGSSL_ANDROID_SYSTEM)
- SSL_CURVE_SECP521R1,
-#endif
};
void tls1_get_grouplist(SSL *ssl, const uint16_t **out_group_ids,
@@ -464,8 +461,7 @@
#endif
SSL_SIGN_RSA_PKCS1_SHA384,
- /* TODO(davidben): Remove this entry and SSL_CURVE_SECP521R1 from
- * kDefaultGroups. */
+ /* TODO(davidben): Remove this. */
#if defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_ECDSA_SECP521R1_SHA512,
#endif
@@ -1510,8 +1506,9 @@
}
if (CBS_len(&client_protocol_name) == CBS_len(&protocol_name) &&
- memcmp(CBS_data(&client_protocol_name), CBS_data(&protocol_name),
- CBS_len(&protocol_name)) == 0) {
+ OPENSSL_memcmp(CBS_data(&client_protocol_name),
+ CBS_data(&protocol_name),
+ CBS_len(&protocol_name)) == 0) {
protocol_ok = 1;
break;
}
@@ -1885,8 +1882,9 @@
/* Per RFC 4492, section 5.1.2, implementations MUST support the uncompressed
* point format. */
- if (memchr(CBS_data(&ec_point_format_list), TLSEXT_ECPOINTFORMAT_uncompressed,
- CBS_len(&ec_point_format_list)) == NULL) {
+ if (OPENSSL_memchr(CBS_data(&ec_point_format_list),
+ TLSEXT_ECPOINTFORMAT_uncompressed,
+ CBS_len(&ec_point_format_list)) == NULL) {
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
return 0;
}
@@ -2145,8 +2143,8 @@
}
/* We only support tickets with PSK_DHE_KE. */
- hs->accept_psk_mode =
- memchr(CBS_data(&ke_modes), SSL_PSK_DHE_KE, CBS_len(&ke_modes)) != NULL;
+ hs->accept_psk_mode = OPENSSL_memchr(CBS_data(&ke_modes), SSL_PSK_DHE_KE,
+ CBS_len(&ke_modes)) != NULL;
return 1;
}
@@ -2347,7 +2345,7 @@
uint8_t *secret = NULL;
size_t secret_len;
SSL_ECDH_CTX group;
- memset(&group, 0, sizeof(SSL_ECDH_CTX));
+ OPENSSL_memset(&group, 0, sizeof(SSL_ECDH_CTX));
CBB public_key;
if (!CBB_init(&public_key, 32) ||
!SSL_ECDH_CTX_init(&group, group_id) ||
@@ -2460,6 +2458,46 @@
}
+/* Short record headers
+ *
+ * This is a non-standard extension which negotiates
+ * https://github.com/tlswg/tls13-spec/pull/762 for experimenting. */
+
+static int ext_short_header_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
+ SSL *const ssl = hs->ssl;
+ uint16_t min_version, max_version;
+ if (!ssl_get_version_range(ssl, &min_version, &max_version)) {
+ return 0;
+ }
+
+ if (max_version < TLS1_3_VERSION ||
+ !ssl->ctx->short_header_enabled) {
+ return 1;
+ }
+
+ return CBB_add_u16(out, TLSEXT_TYPE_short_header) &&
+ CBB_add_u16(out, 0 /* empty extension */);
+}
+
+static int ext_short_header_parse_clienthello(SSL_HANDSHAKE *hs,
+ uint8_t *out_alert,
+ CBS *contents) {
+ SSL *const ssl = hs->ssl;
+ if (contents == NULL ||
+ !ssl->ctx->short_header_enabled ||
+ ssl3_protocol_version(ssl) < TLS1_3_VERSION) {
+ return 1;
+ }
+
+ if (CBS_len(contents) != 0) {
+ return 0;
+ }
+
+ ssl->s3->short_header = 1;
+ return 1;
+}
+
+
/* Negotiated Groups
*
* https://tools.ietf.org/html/rfc4492#section-5.1.2
@@ -2690,6 +2728,14 @@
ignore_parse_clienthello,
dont_add_serverhello,
},
+ {
+ TLSEXT_TYPE_short_header,
+ NULL,
+ ext_short_header_add_clienthello,
+ forbid_parse_serverhello,
+ ext_short_header_parse_clienthello,
+ dont_add_serverhello,
+ },
/* The final extension must be non-empty. WebSphere Application Server 7.0 is
* intolerant to the last extension being zero-length. See
* https://crbug.com/363583. */
@@ -2824,7 +2870,7 @@
goto err;
}
- memset(padding_bytes, 0, padding_len);
+ OPENSSL_memset(padding_bytes, 0, padding_len);
}
}
@@ -3187,8 +3233,8 @@
}
} else {
/* Check the key name matches. */
- if (memcmp(ticket, ssl_ctx->tlsext_tick_key_name,
- SSL_TICKET_KEY_NAME_LEN) != 0) {
+ if (OPENSSL_memcmp(ticket, ssl_ctx->tlsext_tick_key_name,
+ SSL_TICKET_KEY_NAME_LEN) != 0) {
goto done;
}
if (!HMAC_Init_ex(&hmac_ctx, ssl_ctx->tlsext_tick_hmac_key,
@@ -3231,7 +3277,7 @@
}
size_t plaintext_len;
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
- memcpy(plaintext, ciphertext, ciphertext_len);
+ OPENSSL_memcpy(plaintext, ciphertext, ciphertext_len);
plaintext_len = ciphertext_len;
#else
if (ciphertext_len >= INT_MAX) {
@@ -3256,7 +3302,7 @@
/* Copy the client's session ID into the new session, to denote the ticket has
* been accepted. */
- memcpy(session->session_id, session_id, session_id_len);
+ OPENSSL_memcpy(session->session_id, session_id, session_id_len);
session->session_id_length = session_id_len;
*out_session = session;
@@ -3443,7 +3489,7 @@
goto err;
}
- memcpy(ssl->s3->tlsext_channel_id, p, 64);
+ OPENSSL_memcpy(ssl->s3->tlsext_channel_id, p, 64);
ret = 1;
err:
diff --git a/src/ssl/test/async_bio.cc b/src/ssl/test/async_bio.cc
index 605b33a..fd35176 100644
--- a/src/ssl/test/async_bio.cc
+++ b/src/ssl/test/async_bio.cc
@@ -20,6 +20,8 @@
#include <openssl/bio.h>
#include <openssl/mem.h>
+#include "../../crypto/internal.h"
+
namespace {
@@ -110,7 +112,7 @@
if (a == NULL) {
return 0;
}
- memset(a, 0, sizeof(*a));
+ OPENSSL_memset(a, 0, sizeof(*a));
a->enforce_write_quota = true;
bio->init = 1;
bio->ptr = (char *)a;
diff --git a/src/ssl/test/bssl_shim.cc b/src/ssl/test/bssl_shim.cc
index a3903e2..a98ff43 100644
--- a/src/ssl/test/bssl_shim.cc
+++ b/src/ssl/test/bssl_shim.cc
@@ -330,8 +330,8 @@
fprintf(stderr, "Output buffer too small.\n");
return ssl_private_key_failure;
}
- memcpy(out, test_state->private_key_result.data(),
- test_state->private_key_result.size());
+ OPENSSL_memcpy(out, test_state->private_key_result.data(),
+ test_state->private_key_result.size());
*out_len = test_state->private_key_result.size();
test_state->private_key_result.clear();
@@ -498,9 +498,9 @@
size_t certificate_types_len =
SSL_get0_certificate_types(ssl, &certificate_types);
if (certificate_types_len != config->expected_certificate_types.size() ||
- memcmp(certificate_types,
- config->expected_certificate_types.data(),
- certificate_types_len) != 0) {
+ OPENSSL_memcmp(certificate_types,
+ config->expected_certificate_types.data(),
+ certificate_types_len) != 0) {
fprintf(stderr, "certificate types mismatch\n");
return false;
}
@@ -626,8 +626,8 @@
if (!config->expected_advertised_alpn.empty() &&
(config->expected_advertised_alpn.size() != inlen ||
- memcmp(config->expected_advertised_alpn.data(),
- in, inlen) != 0)) {
+ OPENSSL_memcmp(config->expected_advertised_alpn.data(), in, inlen) !=
+ 0)) {
fprintf(stderr, "bad ALPN select callback inputs\n");
exit(1);
}
@@ -663,7 +663,7 @@
BUF_strlcpy(out_identity, config->psk_identity.c_str(),
max_identity_len);
- memcpy(out_psk, config->psk.data(), config->psk.size());
+ OPENSSL_memcpy(out_psk, config->psk.data(), config->psk.size());
return config->psk.size();
}
@@ -681,7 +681,7 @@
return 0;
}
- memcpy(out_psk, config->psk.data(), config->psk.size());
+ OPENSSL_memcpy(out_psk, config->psk.data(), config->psk.size());
return config->psk.size();
}
@@ -758,9 +758,9 @@
static const uint8_t kZeros[16] = {0};
if (encrypt) {
- memcpy(key_name, kZeros, sizeof(kZeros));
+ OPENSSL_memcpy(key_name, kZeros, sizeof(kZeros));
RAND_bytes(iv, 16);
- } else if (memcmp(key_name, kZeros, 16) != 0) {
+ } else if (OPENSSL_memcmp(key_name, kZeros, 16) != 0) {
return 0;
}
@@ -824,7 +824,7 @@
}
if (contents_len != sizeof(kCustomExtensionContents) - 1 ||
- memcmp(contents, kCustomExtensionContents, contents_len) != 0) {
+ OPENSSL_memcmp(contents, kCustomExtensionContents, contents_len) != 0) {
*out_alert_value = SSL_AD_DECODE_ERROR;
return 0;
}
@@ -862,7 +862,7 @@
return -1;
}
sockaddr_in sin;
- memset(&sin, 0, sizeof(sin));
+ OPENSSL_memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) {
@@ -928,17 +928,6 @@
return nullptr;
}
- if (!config->cipher_tls10.empty() &&
- !SSL_CTX_set_cipher_list_tls10(ssl_ctx.get(),
- config->cipher_tls10.c_str())) {
- return nullptr;
- }
- if (!config->cipher_tls11.empty() &&
- !SSL_CTX_set_cipher_list_tls11(ssl_ctx.get(),
- config->cipher_tls11.c_str())) {
- return nullptr;
- }
-
bssl::UniquePtr<DH> dh(DH_get_2048_256(NULL));
if (!dh) {
return nullptr;
@@ -994,7 +983,6 @@
SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectCallback, NULL);
}
- SSL_CTX_set_tls_channel_id_enabled(ssl_ctx.get(), 1);
SSL_CTX_set_channel_id_cb(ssl_ctx.get(), ChannelIdCallback);
SSL_CTX_set_current_time_cb(ssl_ctx.get(), CurrentTimeCallback);
@@ -1053,6 +1041,14 @@
return nullptr;
}
+ if (config->enable_short_header) {
+ SSL_CTX_set_short_header_enabled(ssl_ctx.get(), 1);
+ }
+
+ if (config->enable_early_data) {
+ SSL_CTX_set_early_data_enabled(ssl_ctx.get(), 1);
+ }
+
return ssl_ctx;
}
@@ -1154,7 +1150,7 @@
// SSL_peek should synchronously return the same data.
int ret2 = SSL_peek(ssl, buf.get(), ret);
if (ret2 != ret ||
- memcmp(buf.get(), out, ret) != 0) {
+ OPENSSL_memcmp(buf.get(), out, ret) != 0) {
fprintf(stderr, "First and second SSL_peek did not match.\n");
return -1;
}
@@ -1162,7 +1158,7 @@
// SSL_read should synchronously return the same data and consume it.
ret2 = SSL_read(ssl, buf.get(), ret);
if (ret2 != ret ||
- memcmp(buf.get(), out, ret) != 0) {
+ OPENSSL_memcmp(buf.get(), out, ret) != 0) {
fprintf(stderr, "SSL_peek and SSL_read did not match.\n");
return -1;
}
@@ -1276,8 +1272,8 @@
unsigned next_proto_len;
SSL_get0_next_proto_negotiated(ssl, &next_proto, &next_proto_len);
if (next_proto_len != config->expected_next_proto.size() ||
- memcmp(next_proto, config->expected_next_proto.data(),
- next_proto_len) != 0) {
+ OPENSSL_memcmp(next_proto, config->expected_next_proto.data(),
+ next_proto_len) != 0) {
fprintf(stderr, "negotiated next proto mismatch\n");
return false;
}
@@ -1288,8 +1284,8 @@
unsigned alpn_proto_len;
SSL_get0_alpn_selected(ssl, &alpn_proto, &alpn_proto_len);
if (alpn_proto_len != config->expected_alpn.size() ||
- memcmp(alpn_proto, config->expected_alpn.data(),
- alpn_proto_len) != 0) {
+ OPENSSL_memcmp(alpn_proto, config->expected_alpn.data(),
+ alpn_proto_len) != 0) {
fprintf(stderr, "negotiated alpn proto mismatch\n");
return false;
}
@@ -1302,8 +1298,8 @@
return false;
}
if (config->expected_channel_id.size() != 64 ||
- memcmp(config->expected_channel_id.data(),
- channel_id, 64) != 0) {
+ OPENSSL_memcmp(config->expected_channel_id.data(), channel_id, 64) !=
+ 0) {
fprintf(stderr, "channel id mismatch\n");
return false;
}
@@ -1321,7 +1317,7 @@
size_t len;
SSL_get0_ocsp_response(ssl, &data, &len);
if (config->expected_ocsp_response.size() != len ||
- memcmp(config->expected_ocsp_response.data(), data, len) != 0) {
+ OPENSSL_memcmp(config->expected_ocsp_response.data(), data, len) != 0) {
fprintf(stderr, "OCSP response mismatch\n");
return false;
}
@@ -1332,8 +1328,8 @@
size_t len;
SSL_get0_signed_cert_timestamp_list(ssl, &data, &len);
if (config->expected_signed_cert_timestamps.size() != len ||
- memcmp(config->expected_signed_cert_timestamps.data(),
- data, len) != 0) {
+ OPENSSL_memcmp(config->expected_signed_cert_timestamps.data(), data,
+ len) != 0) {
fprintf(stderr, "SCT list mismatch\n");
return false;
}
@@ -1754,7 +1750,7 @@
// trip up the CBC record splitting code.
static const size_t kBufLen = 32769;
std::unique_ptr<uint8_t[]> buf(new uint8_t[kBufLen]);
- memset(buf.get(), 0x42, kBufLen);
+ OPENSSL_memset(buf.get(), 0x42, kBufLen);
static const size_t kRecordSizes[] = {
0, 1, 255, 256, 257, 16383, 16384, 16385, 32767, 32768, 32769};
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kRecordSizes); i++) {
@@ -1768,6 +1764,19 @@
}
}
} else {
+ if (config->read_with_unfinished_write) {
+ if (!config->async) {
+ fprintf(stderr, "-read-with-unfinished-write requires -async.\n");
+ return false;
+ }
+
+ int write_ret = SSL_write(ssl.get(),
+ reinterpret_cast<const uint8_t *>("unfinished"), 10);
+ if (SSL_get_error(ssl.get(), write_ret) != SSL_ERROR_WANT_WRITE) {
+ fprintf(stderr, "Failed to leave unfinished write.\n");
+ return false;
+ }
+ }
if (config->shim_writes_first) {
if (WriteAll(ssl.get(), reinterpret_cast<const uint8_t *>("hello"),
5) < 0) {
@@ -1839,6 +1848,19 @@
GetTestState(ssl.get())->got_new_session ? "" : " not");
return false;
}
+
+ if (expect_new_session) {
+ bool got_early_data_info =
+ GetTestState(ssl.get())->new_session->ticket_max_early_data != 0;
+ if (config->expect_early_data_info != got_early_data_info) {
+ fprintf(
+ stderr,
+ "new session did%s include ticket_early_data_info, but we expected "
+ "the opposite\n",
+ got_early_data_info ? "" : " not");
+ return false;
+ }
+ }
}
if (out_session) {
diff --git a/src/ssl/test/packeted_bio.cc b/src/ssl/test/packeted_bio.cc
index 8331b4b..835df0e 100644
--- a/src/ssl/test/packeted_bio.cc
+++ b/src/ssl/test/packeted_bio.cc
@@ -21,6 +21,8 @@
#include <openssl/mem.h>
+#include "../../crypto/internal.h"
+
namespace {
@@ -33,8 +35,8 @@
struct PacketedBio {
PacketedBio(timeval *clock_arg, bool advance_clock_arg)
: clock(clock_arg), advance_clock(advance_clock_arg) {
- memset(&timeout, 0, sizeof(timeout));
- memset(&read_deadline, 0, sizeof(read_deadline));
+ OPENSSL_memset(&timeout, 0, sizeof(timeout));
+ OPENSSL_memset(&read_deadline, 0, sizeof(read_deadline));
}
bool HasTimeout() const {
@@ -209,7 +211,7 @@
if (outl > (int)len) {
outl = len;
}
- memcpy(out, buf, outl);
+ OPENSSL_memcpy(out, buf, outl);
OPENSSL_free(buf);
return outl;
}
@@ -217,7 +219,7 @@
static long PacketedCtrl(BIO *bio, int cmd, long num, void *ptr) {
if (cmd == BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT) {
- memcpy(&GetData(bio)->read_deadline, ptr, sizeof(timeval));
+ OPENSSL_memcpy(&GetData(bio)->read_deadline, ptr, sizeof(timeval));
return 1;
}
@@ -290,6 +292,6 @@
data->clock->tv_sec += data->clock->tv_usec / 1000000;
data->clock->tv_usec %= 1000000;
data->clock->tv_sec += data->timeout.tv_sec;
- memset(&data->timeout, 0, sizeof(data->timeout));
+ OPENSSL_memset(&data->timeout, 0, sizeof(data->timeout));
return true;
}
diff --git a/src/ssl/test/runner/alert.go b/src/ssl/test/runner/alert.go
index 8320b7e..652e9ee 100644
--- a/src/ssl/test/runner/alert.go
+++ b/src/ssl/test/runner/alert.go
@@ -23,7 +23,7 @@
alertRecordOverflow alert = 22
alertDecompressionFailure alert = 30
alertHandshakeFailure alert = 40
- alertNoCertficate alert = 41
+ alertNoCertificate alert = 41
alertBadCertificate alert = 42
alertUnsupportedCertificate alert = 43
alertCertificateRevoked alert = 44
@@ -37,6 +37,7 @@
alertProtocolVersion alert = 70
alertInsufficientSecurity alert = 71
alertInternalError alert = 80
+ alertInappropriateFallback alert = 86
alertUserCanceled alert = 90
alertNoRenegotiation alert = 100
alertMissingExtension alert = 109
@@ -55,6 +56,7 @@
alertRecordOverflow: "record overflow",
alertDecompressionFailure: "decompression failure",
alertHandshakeFailure: "handshake failure",
+ alertNoCertificate: "no certificate",
alertBadCertificate: "bad certificate",
alertUnsupportedCertificate: "unsupported certificate",
alertCertificateRevoked: "revoked certificate",
@@ -68,6 +70,7 @@
alertProtocolVersion: "protocol version not supported",
alertInsufficientSecurity: "insufficient security level",
alertInternalError: "internal error",
+ alertInappropriateFallback: "inappropriate fallback",
alertUserCanceled: "user canceled",
alertNoRenegotiation: "no renegotiation",
alertMissingExtension: "missing extension",
diff --git a/src/ssl/test/runner/common.go b/src/ssl/test/runner/common.go
index f5fedb0..96bc39a 100644
--- a/src/ssl/test/runner/common.go
+++ b/src/ssl/test/runner/common.go
@@ -95,15 +95,12 @@
extensionSupportedVersions uint16 = 43 // draft-ietf-tls-tls13-16
extensionCookie uint16 = 44 // draft-ietf-tls-tls13-16
extensionPSKKeyExchangeModes uint16 = 45 // draft-ietf-tls-tls13-18
+ extensionTicketEarlyDataInfo uint16 = 46 // draft-ietf-tls-tls13-18
extensionCustom uint16 = 1234 // not IANA assigned
extensionNextProtoNeg uint16 = 13172 // not IANA assigned
extensionRenegotiationInfo uint16 = 0xff01
extensionChannelID uint16 = 30032 // not IANA assigned
-)
-
-// TLS ticket extension numbers
-const (
- ticketExtensionCustom uint16 = 1234 // not IANA assigned
+ extensionShortHeader uint16 = 27463 // not IANA assigned
)
// TLS signaling cipher suite values
@@ -126,7 +123,8 @@
// TLS Elliptic Curve Point Formats
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
const (
- pointFormatUncompressed uint8 = 0
+ pointFormatUncompressed uint8 = 0
+ pointFormatCompressedPrime uint8 = 1
)
// TLS CertificateStatusType (RFC 3546)
@@ -225,6 +223,7 @@
SCTList []byte // signed certificate timestamp list
PeerSignatureAlgorithm signatureAlgorithm // algorithm used by the peer in the handshake
CurveID CurveID // the curve used in ECDHE
+ ShortHeader bool // whether the short header extension was negotiated
}
// ClientAuthType declares the policy the server will follow for
@@ -956,6 +955,19 @@
// receipt of a NewSessionTicket message.
ExpectNoNewSessionTicket bool
+ // SendTicketEarlyDataInfo, if non-zero, is the maximum amount of data that we
+ // will accept as early data, and gets sent in the ticket_early_data_info
+ // extension of the NewSessionTicket message.
+ SendTicketEarlyDataInfo uint32
+
+ // DuplicateTicketEarlyDataInfo causes an extra empty extension of
+ // ticket_early_data_info to be sent in NewSessionTicket.
+ DuplicateTicketEarlyDataInfo bool
+
+ // ExpectTicketEarlyDataInfo, if true, means that the client will fail upon
+ // absence of the ticket_early_data_info extension.
+ ExpectTicketEarlyDataInfo bool
+
// ExpectTicketAge, if non-zero, is the expected age of the ticket that the
// server receives from the client.
ExpectTicketAge time.Duration
@@ -1224,6 +1236,23 @@
// NoSignedCertificateTimestamps, if true, causes the client to not
// request signed certificate timestamps.
NoSignedCertificateTimestamps bool
+
+ // EnableShortHeader, if true, causes the TLS 1.3 short header extension
+ // to be enabled.
+ EnableShortHeader bool
+
+ // AlwaysNegotiateShortHeader, if true, causes the server to always
+ // negotiate the short header extension in ServerHello.
+ AlwaysNegotiateShortHeader bool
+
+ // ClearShortHeaderBit, if true, causes the server to send short headers
+ // without the high bit set.
+ ClearShortHeaderBit bool
+
+ // SendSupportedPointFormats, if not nil, is the list of supported point
+ // formats to send in ClientHello or ServerHello. If set to a non-nil
+ // empty slice, no extension will be sent.
+ SendSupportedPointFormats []byte
}
func (c *Config) serverInit() {
diff --git a/src/ssl/test/runner/conn.go b/src/ssl/test/runner/conn.go
index 80a5b06..ee342fa 100644
--- a/src/ssl/test/runner/conn.go
+++ b/src/ssl/test/runner/conn.go
@@ -21,6 +21,8 @@
"time"
)
+var errNoCertificateAlert = errors.New("tls: no certificate alert")
+
// A Conn represents a secured connection.
// It implements the net.Conn interface.
type Conn struct {
@@ -163,6 +165,8 @@
trafficSecret []byte
+ shortHeader bool
+
config *Config
}
@@ -301,10 +305,17 @@
copy(hc.outSeq[:], hc.seq[:])
}
+func (hc *halfConn) isShortHeader() bool {
+ return hc.shortHeader && hc.cipher != nil
+}
+
func (hc *halfConn) recordHeaderLen() int {
if hc.isDTLS {
return dtlsRecordHeaderLen
}
+ if hc.isShortHeader() {
+ return 2
+ }
return tlsRecordHeaderLen
}
@@ -608,6 +619,9 @@
n := len(b.data) - recordHeaderLen
b.data[recordHeaderLen-2] = byte(n >> 8)
b.data[recordHeaderLen-1] = byte(n)
+ if hc.isShortHeader() && !hc.config.Bugs.ClearShortHeaderBit {
+ b.data[0] |= 0x80
+ }
hc.incSeq(true)
return true, 0
@@ -716,7 +730,7 @@
return c.dtlsDoReadRecord(want)
}
- recordHeaderLen := tlsRecordHeaderLen
+ recordHeaderLen := c.in.recordHeaderLen()
if c.rawInput == nil {
c.rawInput = c.in.newBlock()
@@ -736,19 +750,36 @@
}
return 0, nil, err
}
- typ := recordType(b.data[0])
- // No valid TLS record has a type of 0x80, however SSLv2 handshakes
- // start with a uint16 length where the MSB is set and the first record
- // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests
- // an SSLv2 client.
- if want == recordTypeHandshake && typ == 0x80 {
- c.sendAlert(alertProtocolVersion)
- return 0, nil, c.in.setErrorLocked(errors.New("tls: unsupported SSLv2 handshake received"))
+ var typ recordType
+ var vers uint16
+ var n int
+ if c.in.isShortHeader() {
+ typ = recordTypeApplicationData
+ vers = VersionTLS10
+ n = int(b.data[0])<<8 | int(b.data[1])
+ if n&0x8000 == 0 {
+ c.sendAlert(alertDecodeError)
+ return 0, nil, c.in.setErrorLocked(errors.New("tls: length did not have high bit set"))
+ }
+
+ n = n & 0x7fff
+ } else {
+ typ = recordType(b.data[0])
+
+ // No valid TLS record has a type of 0x80, however SSLv2 handshakes
+ // start with a uint16 length where the MSB is set and the first record
+ // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests
+ // an SSLv2 client.
+ if want == recordTypeHandshake && typ == 0x80 {
+ c.sendAlert(alertProtocolVersion)
+ return 0, nil, c.in.setErrorLocked(errors.New("tls: unsupported SSLv2 handshake received"))
+ }
+
+ vers = uint16(b.data[1])<<8 | uint16(b.data[2])
+ n = int(b.data[3])<<8 | int(b.data[4])
}
- vers := uint16(b.data[1])<<8 | uint16(b.data[2])
- n := int(b.data[3])<<8 | int(b.data[4])
// Alerts sent near version negotiation do not have a well-defined
// record-layer version prior to TLS 1.3. (In TLS 1.3, the record-layer
// version is irrelevant.)
@@ -866,6 +897,11 @@
}
switch data[0] {
case alertLevelWarning:
+ if alert(data[1]) == alertNoCertificate {
+ c.in.freeBlock(b)
+ return errNoCertificateAlert
+ }
+
// drop on the floor
c.in.freeBlock(b)
goto Again
@@ -934,7 +970,7 @@
// L < c.out.Mutex.
func (c *Conn) sendAlert(err alert) error {
level := byte(alertLevelError)
- if err == alertNoRenegotiation || err == alertCloseNotify || err == alertNoCertficate {
+ if err == alertNoRenegotiation || err == alertCloseNotify || err == alertNoCertificate {
level = alertLevelWarning
}
return c.SendAlert(level, err)
@@ -1007,7 +1043,7 @@
}
func (c *Conn) doWriteRecord(typ recordType, data []byte) (n int, err error) {
- recordHeaderLen := tlsRecordHeaderLen
+ recordHeaderLen := c.out.recordHeaderLen()
b := c.out.newBlock()
first := true
isClientHello := typ == recordTypeHandshake && len(data) > 0 && data[0] == typeClientHello
@@ -1049,32 +1085,36 @@
}
}
b.resize(recordHeaderLen + explicitIVLen + m)
- b.data[0] = byte(typ)
- if c.vers >= VersionTLS13 && c.out.cipher != nil {
- b.data[0] = byte(recordTypeApplicationData)
- if outerType := c.config.Bugs.OuterRecordType; outerType != 0 {
- b.data[0] = byte(outerType)
+ // If using a short record header, the length will be filled in
+ // by encrypt.
+ if !c.out.isShortHeader() {
+ b.data[0] = byte(typ)
+ if c.vers >= VersionTLS13 && c.out.cipher != nil {
+ b.data[0] = byte(recordTypeApplicationData)
+ if outerType := c.config.Bugs.OuterRecordType; outerType != 0 {
+ b.data[0] = byte(outerType)
+ }
}
+ vers := c.vers
+ if vers == 0 || vers >= VersionTLS13 {
+ // Some TLS servers fail if the record version is
+ // greater than TLS 1.0 for the initial ClientHello.
+ //
+ // TLS 1.3 fixes the version number in the record
+ // layer to {3, 1}.
+ vers = VersionTLS10
+ }
+ if c.config.Bugs.SendRecordVersion != 0 {
+ vers = c.config.Bugs.SendRecordVersion
+ }
+ if c.vers == 0 && c.config.Bugs.SendInitialRecordVersion != 0 {
+ vers = c.config.Bugs.SendInitialRecordVersion
+ }
+ b.data[1] = byte(vers >> 8)
+ b.data[2] = byte(vers)
+ b.data[3] = byte(m >> 8)
+ b.data[4] = byte(m)
}
- vers := c.vers
- if vers == 0 || vers >= VersionTLS13 {
- // Some TLS servers fail if the record version is
- // greater than TLS 1.0 for the initial ClientHello.
- //
- // TLS 1.3 fixes the version number in the record
- // layer to {3, 1}.
- vers = VersionTLS10
- }
- if c.config.Bugs.SendRecordVersion != 0 {
- vers = c.config.Bugs.SendRecordVersion
- }
- if c.vers == 0 && c.config.Bugs.SendInitialRecordVersion != 0 {
- vers = c.config.Bugs.SendInitialRecordVersion
- }
- b.data[1] = byte(vers >> 8)
- b.data[2] = byte(vers)
- b.data[3] = byte(m >> 8)
- b.data[4] = byte(m)
if explicitIVLen > 0 {
explicitIV := b.data[recordHeaderLen : recordHeaderLen+explicitIVLen]
if explicitIVIsSeq {
@@ -1162,6 +1202,13 @@
// c.in.Mutex < L; c.out.Mutex < L.
func (c *Conn) readHandshake() (interface{}, error) {
data, err := c.doReadHandshake()
+ if err == errNoCertificateAlert {
+ if c.hand.Len() != 0 {
+ // The warning alert may not interleave with a handshake message.
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ return new(ssl3NoCertificateMsg), nil
+ }
if err != nil {
return nil, err
}
@@ -1404,6 +1451,10 @@
return errors.New("tls: no GREASE ticket extension found")
}
+ if c.config.Bugs.ExpectTicketEarlyDataInfo && newSessionTicket.earlyDataInfo == 0 {
+ return errors.New("tls: no ticket_early_data_info extension found")
+ }
+
if c.config.Bugs.ExpectNoNewSessionTicket {
return errors.New("tls: received unexpected NewSessionTicket")
}
@@ -1620,6 +1671,7 @@
state.SCTList = c.sctList
state.PeerSignatureAlgorithm = c.peerSignatureAlgorithm
state.CurveID = c.curveID
+ state.ShortHeader = c.in.shortHeader
}
return state
@@ -1715,10 +1767,12 @@
// TODO(davidben): Allow configuring these values.
m := &newSessionTicketMsg{
- version: c.vers,
- ticketLifetime: uint32(24 * time.Hour / time.Second),
- customExtension: c.config.Bugs.CustomTicketExtension,
- ticketAgeAdd: ticketAgeAdd,
+ version: c.vers,
+ ticketLifetime: uint32(24 * time.Hour / time.Second),
+ earlyDataInfo: c.config.Bugs.SendTicketEarlyDataInfo,
+ duplicateEarlyDataInfo: c.config.Bugs.DuplicateTicketEarlyDataInfo,
+ customExtension: c.config.Bugs.CustomTicketExtension,
+ ticketAgeAdd: ticketAgeAdd,
}
state := sessionState{
@@ -1781,3 +1835,8 @@
_, err := c.conn.Write(payload)
return err
}
+
+func (c *Conn) setShortHeader() {
+ c.in.shortHeader = true
+ c.out.shortHeader = true
+}
diff --git a/src/ssl/test/runner/fuzzer_mode.json b/src/ssl/test/runner/fuzzer_mode.json
index cb2befa..80a9bf1 100644
--- a/src/ssl/test/runner/fuzzer_mode.json
+++ b/src/ssl/test/runner/fuzzer_mode.json
@@ -25,12 +25,15 @@
"ECDSACurveMismatch-Verify-TLS13": "Fuzzer mode always accepts a signature.",
"InvalidChannelIDSignature-*": "Fuzzer mode always accepts a signature.",
+ "Resume-Server-CipherNotPreferred*": "Fuzzer mode does not encrypt tickets.",
"Resume-Server-DeclineBadCipher*": "Fuzzer mode does not encrypt tickets.",
"Resume-Server-DeclineCrossVersion*": "Fuzzer mode does not encrypt tickets.",
"TicketCallback-SingleCall-*": "Fuzzer mode does not encrypt tickets.",
"CorruptTicket-*": "Fuzzer mode does not encrypt tickets.",
"ShimTicketRewritable": "Fuzzer mode does not encrypt tickets.",
- "Resume-Server-*Binder*": "Fuzzer mode does not check binders."
+ "Resume-Server-*Binder*": "Fuzzer mode does not check binders.",
+
+ "SkipEarlyData*": "Trial decryption does not work with the NULL cipher."
}
}
diff --git a/src/ssl/test/runner/handshake_client.go b/src/ssl/test/runner/handshake_client.go
index 7fa7ea2..507ea40 100644
--- a/src/ssl/test/runner/handshake_client.go
+++ b/src/ssl/test/runner/handshake_client.go
@@ -81,6 +81,7 @@
srtpMasterKeyIdentifier: c.config.Bugs.SRTPMasterKeyIdentifer,
customExtension: c.config.Bugs.CustomExtension,
pskBinderFirst: c.config.Bugs.PSKBinderFirst,
+ shortHeaderSupported: c.config.Bugs.EnableShortHeader,
}
disableEMS := c.config.Bugs.NoExtendedMasterSecret
@@ -104,6 +105,10 @@
hello.compressionMethods = c.config.Bugs.SendCompressionMethods
}
+ if c.config.Bugs.SendSupportedPointFormats != nil {
+ hello.supportedPoints = c.config.Bugs.SendSupportedPointFormats
+ }
+
if len(c.clientVerify) > 0 && !c.config.Bugs.EmptyRenegotiationInfo {
if c.config.Bugs.BadRenegotiationInfo {
hello.secureRenegotiation = append(hello.secureRenegotiation, c.clientVerify...)
@@ -684,6 +689,18 @@
hs.finishedHash.addEntropy(zeroSecret)
}
+ if hs.serverHello.shortHeader && !hs.hello.shortHeaderSupported {
+ return errors.New("tls: server sent unsolicited short header extension")
+ }
+
+ if hs.serverHello.shortHeader && hs.hello.hasEarlyData {
+ return errors.New("tls: server sent short header extension in response to early data")
+ }
+
+ if hs.serverHello.shortHeader {
+ c.setShortHeader()
+ }
+
// Switch to handshake traffic keys.
clientHandshakeTrafficSecret := hs.finishedHash.deriveSecret(clientHandshakeTrafficLabel)
c.out.useTrafficSecret(c.vers, hs.suite, clientHandshakeTrafficSecret, clientWrite)
@@ -1011,7 +1028,7 @@
// no_certificate warning alert.
if certRequested {
if c.vers == VersionSSL30 && chainToSend == nil {
- c.sendAlert(alertNoCertficate)
+ c.sendAlert(alertNoCertificate)
} else if !c.config.Bugs.SkipClientCertificate {
certMsg := new(certificateMsg)
if chainToSend != nil {
@@ -1291,6 +1308,10 @@
func (hs *clientHandshakeState) processServerHello() (bool, error) {
c := hs.c
+ if hs.serverHello.shortHeader {
+ return false, errors.New("tls: short header extension sent before TLS 1.3")
+ }
+
if hs.serverResumedSession() {
// For test purposes, assert that the server never accepts the
// resumption offer on renegotiation.
diff --git a/src/ssl/test/runner/handshake_messages.go b/src/ssl/test/runner/handshake_messages.go
index 8a338f0..62309b8 100644
--- a/src/ssl/test/runner/handshake_messages.go
+++ b/src/ssl/test/runner/handshake_messages.go
@@ -167,6 +167,7 @@
customExtension string
hasGREASEExtension bool
pskBinderFirst bool
+ shortHeaderSupported bool
}
func (m *clientHelloMsg) equal(i interface{}) bool {
@@ -212,7 +213,8 @@
m.sctListSupported == m1.sctListSupported &&
m.customExtension == m1.customExtension &&
m.hasGREASEExtension == m1.hasGREASEExtension &&
- m.pskBinderFirst == m1.pskBinderFirst
+ m.pskBinderFirst == m1.pskBinderFirst &&
+ m.shortHeaderSupported == m1.shortHeaderSupported
}
func (m *clientHelloMsg) marshal() []byte {
@@ -314,9 +316,7 @@
extensions.addU16(extensionSupportedPoints)
supportedPointsList := extensions.addU16LengthPrefixed()
supportedPoints := supportedPointsList.addU8LengthPrefixed()
- for _, pointFormat := range m.supportedPoints {
- supportedPoints.addU8(pointFormat)
- }
+ supportedPoints.addBytes(m.supportedPoints)
}
if m.hasKeyShares {
extensions.addU16(extensionKeyShare)
@@ -430,6 +430,10 @@
customExt := extensions.addU16LengthPrefixed()
customExt.addBytes([]byte(m.customExtension))
}
+ if m.shortHeaderSupported {
+ extensions.addU16(extensionShortHeader)
+ extensions.addU16(0) // Length is always 0
+ }
// The PSK extension must be last (draft-ietf-tls-tls13-18 section 4.2.6).
if len(m.pskIdentities) > 0 && !m.pskBinderFirst {
extensions.addU16(extensionPreSharedKey)
@@ -601,8 +605,7 @@
if length != l+1 {
return false
}
- m.supportedPoints = make([]uint8, l)
- copy(m.supportedPoints, data[1:])
+ m.supportedPoints = data[1 : 1+l]
case extensionSessionTicket:
// http://tools.ietf.org/html/rfc5077#section-3.2
m.ticketSupported = true
@@ -802,6 +805,11 @@
return false
}
m.sctListSupported = true
+ case extensionShortHeader:
+ if length != 0 {
+ return false
+ }
+ m.shortHeaderSupported = true
case extensionCustom:
m.customExtension = string(data[:length])
}
@@ -831,6 +839,7 @@
compressionMethod uint8
customExtension string
unencryptedALPN string
+ shortHeader bool
extensions serverExtensions
}
@@ -868,6 +877,11 @@
extensions := hello.addU16LengthPrefixed()
+ if m.shortHeader {
+ extensions.addU16(extensionShortHeader)
+ extensions.addU16(0) // Length
+ }
+
if vers >= VersionTLS13 {
if m.hasKeyShare {
extensions.addU16(extensionKeyShare)
@@ -996,6 +1010,11 @@
return false
}
m.earlyDataIndication = true
+ case extensionShortHeader:
+ if len(d) != 0 {
+ return false
+ }
+ m.shortHeader = true
default:
// Only allow the 3 extensions that are sent in
// the clear in TLS 1.3.
@@ -1071,6 +1090,7 @@
npnAfterAlpn bool
hasKeyShare bool
keyShare keyShareEntry
+ supportedPoints []uint8
}
func (m *serverExtensions) marshal(extensions *byteBuilder) {
@@ -1165,6 +1185,13 @@
keyExchange := keyShare.addU16LengthPrefixed()
keyExchange.addBytes(m.keyShare.keyExchange)
}
+ if len(m.supportedPoints) > 0 {
+ // http://tools.ietf.org/html/rfc4492#section-5.1.2
+ extensions.addU16(extensionSupportedPoints)
+ supportedPointsList := extensions.addU16LengthPrefixed()
+ supportedPoints := supportedPointsList.addU8LengthPrefixed()
+ supportedPoints.addBytes(m.supportedPoints)
+ }
}
func (m *serverExtensions) unmarshal(data []byte, version uint16) bool {
@@ -1265,7 +1292,15 @@
if version >= VersionTLS13 {
return false
}
- // Ignore this extension from the server.
+ // http://tools.ietf.org/html/rfc4492#section-5.5.2
+ if length < 1 {
+ return false
+ }
+ l := int(data[0])
+ if length != l+1 {
+ return false
+ }
+ m.supportedPoints = data[1 : 1+l]
case extensionSupportedCurves:
// The server can only send supported_curves in TLS 1.3.
if version < VersionTLS13 {
@@ -1968,13 +2003,15 @@
}
type newSessionTicketMsg struct {
- raw []byte
- version uint16
- ticketLifetime uint32
- ticketAgeAdd uint32
- ticket []byte
- customExtension string
- hasGREASEExtension bool
+ raw []byte
+ version uint16
+ ticketLifetime uint32
+ ticketAgeAdd uint32
+ ticket []byte
+ earlyDataInfo uint32
+ customExtension string
+ duplicateEarlyDataInfo bool
+ hasGREASEExtension bool
}
func (m *newSessionTicketMsg) marshal() []byte {
@@ -1996,8 +2033,16 @@
if m.version >= VersionTLS13 {
extensions := body.addU16LengthPrefixed()
+ if m.earlyDataInfo > 0 {
+ extensions.addU16(extensionTicketEarlyDataInfo)
+ extensions.addU16LengthPrefixed().addU32(m.earlyDataInfo)
+ if m.duplicateEarlyDataInfo {
+ extensions.addU16(extensionTicketEarlyDataInfo)
+ extensions.addU16LengthPrefixed().addU32(m.earlyDataInfo)
+ }
+ }
if len(m.customExtension) > 0 {
- extensions.addU16(ticketExtensionCustom)
+ extensions.addU16(extensionCustom)
extensions.addU16LengthPrefixed().addBytes([]byte(m.customExtension))
}
}
@@ -2043,28 +2088,37 @@
if len(data) < 2 {
return false
}
- extsLength := int(data[0])<<8 + int(data[1])
+
+ extensionsLength := int(data[0])<<8 | int(data[1])
data = data[2:]
- if len(data) < extsLength {
+ if extensionsLength != len(data) {
return false
}
- extensions := data[:extsLength]
- data = data[extsLength:]
- for len(extensions) > 0 {
- if len(extensions) < 4 {
+ for len(data) != 0 {
+ if len(data) < 4 {
return false
}
- extValue := uint16(extensions[0])<<8 | uint16(extensions[1])
- extLength := int(extensions[2])<<8 | int(extensions[3])
- if len(extensions) < 4+extLength {
+ extension := uint16(data[0])<<8 | uint16(data[1])
+ length := int(data[2])<<8 | int(data[3])
+ data = data[4:]
+ if len(data) < length {
return false
}
- extensions = extensions[4+extLength:]
- if isGREASEValue(extValue) {
- m.hasGREASEExtension = true
+ switch extension {
+ case extensionTicketEarlyDataInfo:
+ if length != 4 {
+ return false
+ }
+ m.earlyDataInfo = uint32(data[0])<<24 | uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ default:
+ if isGREASEValue(extension) {
+ m.hasGREASEExtension = true
+ }
}
+
+ data = data[length:]
}
}
@@ -2240,6 +2294,10 @@
return m.keyUpdateRequest == keyUpdateNotRequested || m.keyUpdateRequest == keyUpdateRequested
}
+// ssl3NoCertificateMsg is a dummy message to handle SSL 3.0 using a warning
+// alert in the handshake.
+type ssl3NoCertificateMsg struct{}
+
func eqUint16s(x, y []uint16) bool {
if len(x) != len(y) {
return false
diff --git a/src/ssl/test/runner/handshake_server.go b/src/ssl/test/runner/handshake_server.go
index 57566c5..1116d6c 100644
--- a/src/ssl/test/runner/handshake_server.go
+++ b/src/ssl/test/runner/handshake_server.go
@@ -365,6 +365,15 @@
versOverride: config.Bugs.SendServerHelloVersion,
customExtension: config.Bugs.CustomUnencryptedExtension,
unencryptedALPN: config.Bugs.SendUnencryptedALPN,
+ shortHeader: hs.clientHello.shortHeaderSupported && config.Bugs.EnableShortHeader,
+ }
+
+ if config.Bugs.AlwaysNegotiateShortHeader {
+ hs.hello.shortHeader = true
+ }
+
+ if hs.hello.shortHeader {
+ c.setShortHeader()
}
hs.hello.random = make([]byte, 32)
@@ -972,6 +981,7 @@
vers: versionToWire(c.vers, c.isDTLS),
versOverride: config.Bugs.SendServerHelloVersion,
compressionMethod: compressionNone,
+ shortHeader: config.Bugs.AlwaysNegotiateShortHeader,
}
hs.hello.random = make([]byte, 32)
@@ -1182,6 +1192,10 @@
serverExtensions.ticketSupported = true
}
+ if c.config.Bugs.SendSupportedPointFormats != nil {
+ serverExtensions.supportedPoints = c.config.Bugs.SendSupportedPointFormats
+ }
+
if !hs.clientHello.hasGREASEExtension && config.Bugs.ExpectGREASE {
return errors.New("tls: no GREASE extension found")
}
@@ -1438,7 +1452,13 @@
for _, cert := range certMsg.certificates {
certificates = append(certificates, cert.data)
}
- } else if c.vers != VersionSSL30 {
+ } else if c.vers == VersionSSL30 {
+ // In SSL 3.0, no certificate is signaled by a warning
+ // alert which we translate to ssl3NoCertificateMsg.
+ if _, ok := msg.(*ssl3NoCertificateMsg); !ok {
+ return errors.New("tls: client provided neither a certificate nor no_certificate warning alert")
+ }
+ } else {
// In TLS, the Certificate message is required. In SSL
// 3.0, the peer skips it when sending no certificates.
c.sendAlert(alertUnexpectedMessage)
@@ -1459,11 +1479,9 @@
return err
}
- if ok {
- msg, err = c.readHandshake()
- if err != nil {
- return err
- }
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
}
}
diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go
index fc66cf6..ba78fce 100644
--- a/src/ssl/test/runner/runner.go
+++ b/src/ssl/test/runner/runner.go
@@ -383,6 +383,8 @@
// expectPeerCertificate, if not nil, is the certificate chain the peer
// is expected to send.
expectPeerCertificate *Certificate
+ // expectShortHeader is whether the short header extension should be negotiated.
+ expectShortHeader bool
}
var testCases []testCase
@@ -611,6 +613,10 @@
}
}
+ if test.expectShortHeader != connState.ShortHeader {
+ return fmt.Errorf("ShortHeader is %t, but we expected the opposite", connState.ShortHeader)
+ }
+
if test.exportKeyingMaterial > 0 {
actual := make([]byte, test.exportKeyingMaterial)
if _, err := io.ReadFull(tlsConn, actual); err != nil {
@@ -1315,13 +1321,15 @@
SendFallbackSCSV: true,
},
},
- shouldFail: true,
- expectedError: ":INAPPROPRIATE_FALLBACK:",
+ shouldFail: true,
+ expectedError: ":INAPPROPRIATE_FALLBACK:",
+ expectedLocalError: "remote error: inappropriate fallback",
},
{
testType: serverTest,
- name: "FallbackSCSV-VersionMatch",
+ name: "FallbackSCSV-VersionMatch-TLS13",
config: Config{
+ MaxVersion: VersionTLS13,
Bugs: ProtocolBugs{
SendFallbackSCSV: true,
},
@@ -2561,11 +2569,57 @@
expectedError: expectedClientError,
})
- if !shouldClientFail {
- // Ensure the maximum record size is accepted.
+ if shouldClientFail {
+ return
+ }
+
+ // Ensure the maximum record size is accepted.
+ testCases = append(testCases, testCase{
+ protocol: protocol,
+ name: prefix + ver.name + "-" + suite.name + "-LargeRecord",
+ config: Config{
+ MinVersion: ver.version,
+ MaxVersion: ver.version,
+ CipherSuites: []uint16{suite.id},
+ Certificates: []Certificate{cert},
+ PreSharedKey: []byte(psk),
+ PreSharedKeyIdentity: pskIdentity,
+ },
+ flags: flags,
+ messageLen: maxPlaintext,
+ })
+
+ // Test bad records for all ciphers. Bad records are fatal in TLS
+ // and ignored in DTLS.
+ var shouldFail bool
+ var expectedError string
+ if protocol == tls {
+ shouldFail = true
+ expectedError = ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:"
+ }
+
+ testCases = append(testCases, testCase{
+ protocol: protocol,
+ name: prefix + ver.name + "-" + suite.name + "-BadRecord",
+ config: Config{
+ MinVersion: ver.version,
+ MaxVersion: ver.version,
+ CipherSuites: []uint16{suite.id},
+ Certificates: []Certificate{cert},
+ PreSharedKey: []byte(psk),
+ PreSharedKeyIdentity: pskIdentity,
+ },
+ flags: flags,
+ damageFirstWrite: true,
+ messageLen: maxPlaintext,
+ shouldFail: shouldFail,
+ expectedError: expectedError,
+ })
+
+ if ver.version >= VersionTLS13 {
testCases = append(testCases, testCase{
protocol: protocol,
- name: prefix + ver.name + "-" + suite.name + "-LargeRecord",
+ name: prefix + ver.name + "-" + suite.name + "-ShortHeader",
config: Config{
MinVersion: ver.version,
MaxVersion: ver.version,
@@ -2573,36 +2627,13 @@
Certificates: []Certificate{cert},
PreSharedKey: []byte(psk),
PreSharedKeyIdentity: pskIdentity,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
},
- flags: flags,
- messageLen: maxPlaintext,
- })
-
- // Test bad records for all ciphers. Bad records are fatal in TLS
- // and ignored in DTLS.
- var shouldFail bool
- var expectedError string
- if protocol == tls {
- shouldFail = true
- expectedError = ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:"
- }
-
- testCases = append(testCases, testCase{
- protocol: protocol,
- name: prefix + ver.name + "-" + suite.name + "-BadRecord",
- config: Config{
- MinVersion: ver.version,
- MaxVersion: ver.version,
- CipherSuites: []uint16{suite.id},
- Certificates: []Certificate{cert},
- PreSharedKey: []byte(psk),
- PreSharedKeyIdentity: pskIdentity,
- },
- flags: flags,
- damageFirstWrite: true,
- messageLen: maxPlaintext,
- shouldFail: shouldFail,
- expectedError: expectedError,
+ flags: append([]string{"-enable-short-header"}, flags...),
+ resumeSession: true,
+ expectShortHeader: true,
})
}
}
@@ -2774,94 +2805,6 @@
},
flags: []string{"-psk", "secret"},
})
-
- // versionSpecificCiphersTest specifies a test for the TLS 1.0 and TLS
- // 1.1 specific cipher suite settings. A server is setup with the given
- // cipher lists and then a connection is made for each member of
- // expectations. The cipher suite that the server selects must match
- // the specified one.
- var versionSpecificCiphersTest = []struct {
- ciphersDefault, ciphersTLS10, ciphersTLS11 string
- // expectations is a map from TLS version to cipher suite id.
- expectations map[uint16]uint16
- }{
- {
- // Test that the null case (where no version-specific ciphers are set)
- // works as expected.
- "DES-CBC3-SHA:AES128-SHA", // default ciphers
- "", // no ciphers specifically for TLS ≥ 1.0
- "", // no ciphers specifically for TLS ≥ 1.1
- map[uint16]uint16{
- VersionSSL30: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS10: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS11: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS12: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- },
- },
- {
- // With ciphers_tls10 set, TLS 1.0, 1.1 and 1.2 should get a different
- // cipher.
- "DES-CBC3-SHA:AES128-SHA", // default
- "AES128-SHA", // these ciphers for TLS ≥ 1.0
- "", // no ciphers specifically for TLS ≥ 1.1
- map[uint16]uint16{
- VersionSSL30: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS10: TLS_RSA_WITH_AES_128_CBC_SHA,
- VersionTLS11: TLS_RSA_WITH_AES_128_CBC_SHA,
- VersionTLS12: TLS_RSA_WITH_AES_128_CBC_SHA,
- },
- },
- {
- // With ciphers_tls11 set, TLS 1.1 and 1.2 should get a different
- // cipher.
- "DES-CBC3-SHA:AES128-SHA", // default
- "", // no ciphers specifically for TLS ≥ 1.0
- "AES128-SHA", // these ciphers for TLS ≥ 1.1
- map[uint16]uint16{
- VersionSSL30: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS10: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS11: TLS_RSA_WITH_AES_128_CBC_SHA,
- VersionTLS12: TLS_RSA_WITH_AES_128_CBC_SHA,
- },
- },
- {
- // With both ciphers_tls10 and ciphers_tls11 set, ciphers_tls11 should
- // mask ciphers_tls10 for TLS 1.1 and 1.2.
- "DES-CBC3-SHA:AES128-SHA", // default
- "AES128-SHA", // these ciphers for TLS ≥ 1.0
- "AES256-SHA", // these ciphers for TLS ≥ 1.1
- map[uint16]uint16{
- VersionSSL30: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- VersionTLS10: TLS_RSA_WITH_AES_128_CBC_SHA,
- VersionTLS11: TLS_RSA_WITH_AES_256_CBC_SHA,
- VersionTLS12: TLS_RSA_WITH_AES_256_CBC_SHA,
- },
- },
- }
-
- for i, test := range versionSpecificCiphersTest {
- for version, expectedCipherSuite := range test.expectations {
- flags := []string{"-cipher", test.ciphersDefault}
- if len(test.ciphersTLS10) > 0 {
- flags = append(flags, "-cipher-tls10", test.ciphersTLS10)
- }
- if len(test.ciphersTLS11) > 0 {
- flags = append(flags, "-cipher-tls11", test.ciphersTLS11)
- }
-
- testCases = append(testCases, testCase{
- testType: serverTest,
- name: fmt.Sprintf("VersionSpecificCiphersTest-%d-%x", i, version),
- config: Config{
- MaxVersion: version,
- MinVersion: version,
- CipherSuites: []uint16{TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA},
- },
- flags: flags,
- expectedCipher: expectedCipherSuite,
- })
- }
- }
}
func addBadECDSASignatureTests() {
@@ -6319,6 +6262,24 @@
expectedLocalError: "remote error: no renegotiation",
})
+ // Renegotiation is not allowed when there is an unfinished write.
+ testCases = append(testCases, testCase{
+ name: "Renegotiate-Client-UnfinishedWrite",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ },
+ renegotiate: 1,
+ flags: []string{
+ "-async",
+ "-renegotiate-freely",
+ "-read-with-unfinished-write",
+ },
+ shouldFail: true,
+ expectedError: ":NO_RENEGOTIATION:",
+ // We do not successfully send the no_renegotiation alert in
+ // this case. https://crbug.com/boringssl/130
+ })
+
// Stray HelloRequests during the handshake are ignored in TLS 1.2.
testCases = append(testCases, testCase{
name: "StrayHelloRequest",
@@ -8178,6 +8139,102 @@
},
resumeSession: true,
})
+
+ // Server-sent point formats are legal in TLS 1.2, but not in TLS 1.3.
+ testCases = append(testCases, testCase{
+ name: "PointFormat-ServerHello-TLS12",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{pointFormatUncompressed},
+ },
+ },
+ })
+ testCases = append(testCases, testCase{
+ name: "PointFormat-EncryptedExtensions-TLS13",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{pointFormatUncompressed},
+ },
+ },
+ shouldFail: true,
+ expectedError: ":ERROR_PARSING_EXTENSION:",
+ })
+
+ // Test that we tolerate unknown point formats, as long as
+ // pointFormatUncompressed is present. Limit ciphers to ECDHE ciphers to
+ // check they are still functional.
+ testCases = append(testCases, testCase{
+ name: "PointFormat-Client-Tolerance",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{42, pointFormatUncompressed, 99, pointFormatCompressedPrime},
+ },
+ },
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "PointFormat-Server-Tolerance",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{42, pointFormatUncompressed, 99, pointFormatCompressedPrime},
+ },
+ },
+ })
+
+ // Test TLS 1.2 does not require the point format extension to be
+ // present.
+ testCases = append(testCases, testCase{
+ name: "PointFormat-Client-Missing",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{},
+ },
+ },
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "PointFormat-Server-Missing",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{},
+ },
+ },
+ })
+
+ // If the point format extension is present, uncompressed points must be
+ // offered. BoringSSL requires this whether or not ECDHE is used.
+ testCases = append(testCases, testCase{
+ name: "PointFormat-Client-MissingUncompressed",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{pointFormatCompressedPrime},
+ },
+ },
+ shouldFail: true,
+ expectedError: ":ERROR_PARSING_EXTENSION:",
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "PointFormat-Server-MissingUncompressed",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ SendSupportedPointFormats: []byte{pointFormatCompressedPrime},
+ },
+ },
+ shouldFail: true,
+ expectedError: ":ERROR_PARSING_EXTENSION:",
+ })
}
func addTLS13RecordTests() {
@@ -8322,6 +8379,48 @@
expectedLocalError: "tls: invalid ticket age",
})
+ testCases = append(testCases, testCase{
+ testType: clientTest,
+ name: "TLS13-SendTicketEarlyDataInfo",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ SendTicketEarlyDataInfo: 16384,
+ },
+ },
+ flags: []string{
+ "-expect-early-data-info",
+ },
+ })
+
+ testCases = append(testCases, testCase{
+ testType: clientTest,
+ name: "TLS13-DuplicateTicketEarlyDataInfo",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ SendTicketEarlyDataInfo: 16384,
+ DuplicateTicketEarlyDataInfo: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":DUPLICATE_EXTENSION:",
+ expectedLocalError: "remote error: illegal parameter",
+ })
+
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "TLS13-ExpectTicketEarlyDataInfo",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ ExpectTicketEarlyDataInfo: true,
+ },
+ },
+ flags: []string{
+ "-enable-early-data",
+ },
+ })
}
func addChangeCipherSpecTests() {
@@ -9853,6 +9952,150 @@
}
}
+func addShortHeaderTests() {
+ // The short header extension may be negotiated as either client or
+ // server.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-Client",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ expectShortHeader: true,
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "ShortHeader-Server",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ expectShortHeader: true,
+ })
+
+ // If the peer doesn't support it, it will not be negotiated.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-No-Yes-Client",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ },
+ flags: []string{"-enable-short-header"},
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "ShortHeader-No-Yes-Server",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ },
+ flags: []string{"-enable-short-header"},
+ })
+
+ // If we don't support it, it will not be negotiated.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-Yes-No-Client",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "ShortHeader-Yes-No-Server",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ })
+
+ // It will not be negotiated at TLS 1.2.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-TLS12-Client",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "ShortHeader-TLS12-Server",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ })
+
+ // Servers reject early data and short header sent together.
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "ShortHeader-EarlyData",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ SendEarlyDataLength: 1,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_EXTENSION:",
+ })
+
+ // Clients reject unsolicited short header extensions.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-Unsolicited",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ AlwaysNegotiateShortHeader: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_EXTENSION:",
+ })
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-Unsolicited-TLS12",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ AlwaysNegotiateShortHeader: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_EXTENSION:",
+ })
+
+ // The high bit must be checked in short headers.
+ testCases = append(testCases, testCase{
+ name: "ShortHeader-ClearShortHeaderBit",
+ config: Config{
+ Bugs: ProtocolBugs{
+ EnableShortHeader: true,
+ ClearShortHeaderBit: true,
+ },
+ },
+ flags: []string{"-enable-short-header"},
+ shouldFail: true,
+ expectedError: ":DECODE_ERROR:",
+ expectedLocalError: "remote error: error decoding message",
+ })
+}
+
func worker(statusChan chan statusMsg, c chan *testCase, shimPath string, wg *sync.WaitGroup) {
defer wg.Done()
@@ -9979,6 +10222,7 @@
addCertificateTests()
addRetainOnlySHA256ClientCertTests()
addECDSAKeyUsageTests()
+ addShortHeaderTests()
var wg sync.WaitGroup
diff --git a/src/ssl/test/test_config.cc b/src/ssl/test/test_config.cc
index 492dd73..a06b5e5 100644
--- a/src/ssl/test/test_config.cc
+++ b/src/ssl/test/test_config.cc
@@ -81,8 +81,10 @@
{ "-tls-unique", &TestConfig::tls_unique },
{ "-expect-ticket-renewal", &TestConfig::expect_ticket_renewal },
{ "-expect-no-session", &TestConfig::expect_no_session },
+ { "-expect-early-data-info", &TestConfig::expect_early_data_info },
{ "-use-ticket-callback", &TestConfig::use_ticket_callback },
{ "-renew-ticket", &TestConfig::renew_ticket },
+ { "-enable-early-data", &TestConfig::enable_early_data },
{ "-enable-client-custom-extension",
&TestConfig::enable_client_custom_extension },
{ "-enable-server-custom-extension",
@@ -115,6 +117,8 @@
&TestConfig::expect_sha256_client_cert_initial },
{ "-expect-sha256-client-cert-resume",
&TestConfig::expect_sha256_client_cert_resume },
+ { "-enable-short-header", &TestConfig::enable_short_header },
+ { "-read-with-unfinished-write", &TestConfig::read_with_unfinished_write },
};
const Flag<std::string> kStringFlags[] = {
@@ -135,8 +139,6 @@
{ "-psk-identity", &TestConfig::psk_identity },
{ "-srtp-profiles", &TestConfig::srtp_profiles },
{ "-cipher", &TestConfig::cipher },
- { "-cipher-tls10", &TestConfig::cipher_tls10 },
- { "-cipher-tls11", &TestConfig::cipher_tls11 },
{ "-export-label", &TestConfig::export_label },
{ "-export-context", &TestConfig::export_context },
{ "-expect-peer-cert-file", &TestConfig::expect_peer_cert_file },
diff --git a/src/ssl/test/test_config.h b/src/ssl/test/test_config.h
index 4d6a336..1307d56 100644
--- a/src/ssl/test/test_config.h
+++ b/src/ssl/test/test_config.h
@@ -75,8 +75,6 @@
bool fail_second_ddos_callback = false;
bool fail_cert_callback = false;
std::string cipher;
- std::string cipher_tls10;
- std::string cipher_tls11;
bool handshake_never_done = false;
int export_keying_material = 0;
std::string export_label;
@@ -85,8 +83,10 @@
bool tls_unique = false;
bool expect_ticket_renewal = false;
bool expect_no_session = false;
+ bool expect_early_data_info = false;
bool use_ticket_callback = false;
bool renew_ticket = false;
+ bool enable_early_data = false;
bool enable_client_custom_extension = false;
bool enable_server_custom_extension = false;
bool custom_extension_skip = false;
@@ -125,6 +125,8 @@
bool retain_only_sha256_client_cert_resume = false;
bool expect_sha256_client_cert_initial = false;
bool expect_sha256_client_cert_resume = false;
+ bool enable_short_header = false;
+ bool read_with_unfinished_write = false;
};
bool ParseConfig(int argc, char **argv, TestConfig *out_config);
diff --git a/src/ssl/tls13_both.c b/src/ssl/tls13_both.c
index 5a058b1..7347fc4 100644
--- a/src/ssl/tls13_both.c
+++ b/src/ssl/tls13_both.c
@@ -243,7 +243,8 @@
uint8_t alert;
if (!ssl_parse_extensions(&extensions, &alert, ext_types,
- OPENSSL_ARRAY_SIZE(ext_types))) {
+ OPENSSL_ARRAY_SIZE(ext_types),
+ 0 /* reject unknown */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
goto err;
}
diff --git a/src/ssl/tls13_client.c b/src/ssl/tls13_client.c
index 4a202d7..6f2bb21 100644
--- a/src/ssl/tls13_client.c
+++ b/src/ssl/tls13_client.c
@@ -78,7 +78,8 @@
uint8_t alert;
if (!ssl_parse_extensions(&extensions, &alert, ext_types,
- OPENSSL_ARRAY_SIZE(ext_types))) {
+ OPENSSL_ARRAY_SIZE(ext_types),
+ 0 /* reject unknown */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
return ssl_hs_error;
}
@@ -182,7 +183,8 @@
}
assert(ssl->s3->have_version);
- memcpy(ssl->s3->server_random, CBS_data(&server_random), SSL3_RANDOM_SIZE);
+ OPENSSL_memcpy(ssl->s3->server_random, CBS_data(&server_random),
+ SSL3_RANDOM_SIZE);
const SSL_CIPHER *cipher = SSL_get_cipher_by_value(cipher_suite);
if (cipher == NULL) {
@@ -200,16 +202,18 @@
}
/* Parse out the extensions. */
- int have_key_share = 0, have_pre_shared_key = 0;
- CBS key_share, pre_shared_key;
+ int have_key_share = 0, have_pre_shared_key = 0, have_short_header = 0;
+ CBS key_share, pre_shared_key, short_header;
const SSL_EXTENSION_TYPE ext_types[] = {
{TLSEXT_TYPE_key_share, &have_key_share, &key_share},
{TLSEXT_TYPE_pre_shared_key, &have_pre_shared_key, &pre_shared_key},
+ {TLSEXT_TYPE_short_header, &have_short_header, &short_header},
};
uint8_t alert;
if (!ssl_parse_extensions(&extensions, &alert, ext_types,
- OPENSSL_ARRAY_SIZE(ext_types))) {
+ OPENSSL_ARRAY_SIZE(ext_types),
+ 0 /* reject unknown */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
return ssl_hs_error;
}
@@ -304,6 +308,23 @@
}
OPENSSL_free(dhe_secret);
+ /* Negotiate short record headers. */
+ if (have_short_header) {
+ if (CBS_len(&short_header) != 0) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ return ssl_hs_error;
+ }
+
+ if (!ssl->ctx->short_header_enabled) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
+ return ssl_hs_error;
+ }
+
+ ssl->s3->short_header = 1;
+ }
+
/* If there was no HelloRetryRequest, the version negotiation logic has
* already hashed the message. */
if (hs->received_hello_retry_request &&
@@ -311,7 +332,11 @@
return ssl_hs_error;
}
- if (!tls13_set_handshake_traffic(hs)) {
+ if (!tls13_derive_handshake_secrets(hs) ||
+ !tls13_set_traffic_key(ssl, evp_aead_open, hs->server_handshake_secret,
+ hs->hash_len) ||
+ !tls13_set_traffic_key(ssl, evp_aead_seal, hs->client_handshake_secret,
+ hs->hash_len)) {
return ssl_hs_error;
}
@@ -464,7 +489,8 @@
}
}
- if (!tls13_prepare_certificate(hs)) {
+ if (!ssl_auto_chain_if_needed(ssl) ||
+ !tls13_prepare_certificate(hs)) {
return ssl_hs_error;
}
@@ -612,6 +638,7 @@
}
int tls13_process_new_session_ticket(SSL *ssl) {
+ int ret = 0;
SSL_SESSION *session =
SSL_SESSION_dup(ssl->s3->established_session,
SSL_SESSION_INCLUDE_NONAUTH);
@@ -629,10 +656,34 @@
!CBS_stow(&ticket, &session->tlsext_tick, &session->tlsext_ticklen) ||
!CBS_get_u16_length_prefixed(&cbs, &extensions) ||
CBS_len(&cbs) != 0) {
- SSL_SESSION_free(session);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- return 0;
+ goto err;
+ }
+
+ /* Parse out the extensions. */
+ int have_early_data_info = 0;
+ CBS early_data_info;
+ const SSL_EXTENSION_TYPE ext_types[] = {
+ {TLSEXT_TYPE_ticket_early_data_info, &have_early_data_info,
+ &early_data_info},
+ };
+
+ uint8_t alert;
+ if (!ssl_parse_extensions(&extensions, &alert, ext_types,
+ OPENSSL_ARRAY_SIZE(ext_types),
+ 1 /* ignore unknown */)) {
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
+ goto err;
+ }
+
+ if (have_early_data_info) {
+ if (!CBS_get_u32(&early_data_info, &session->ticket_max_early_data) ||
+ CBS_len(&early_data_info) != 0) {
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
+ goto err;
+ }
}
session->ticket_age_add_valid = 1;
@@ -641,11 +692,14 @@
if (ssl->ctx->new_session_cb != NULL &&
ssl->ctx->new_session_cb(ssl, session)) {
/* |new_session_cb|'s return value signals that it took ownership. */
- return 1;
+ session = NULL;
}
+ ret = 1;
+
+err:
SSL_SESSION_free(session);
- return 1;
+ return ret;
}
void ssl_clear_tls13_state(SSL_HANDSHAKE *hs) {
diff --git a/src/ssl/tls13_enc.c b/src/ssl/tls13_enc.c
index 4fca65b..ea9dce8 100644
--- a/src/ssl/tls13_enc.c
+++ b/src/ssl/tls13_enc.c
@@ -24,6 +24,7 @@
#include <openssl/hmac.h>
#include <openssl/mem.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -34,7 +35,7 @@
hs->hash_len = EVP_MD_size(digest);
/* Initialize the secret to the zero key. */
- memset(hs->secret, 0, hs->hash_len);
+ OPENSSL_memset(hs->secret, 0, hs->hash_len);
/* Initialize the rolling hashes and release the handshake buffer. */
if (!ssl3_init_handshake_hash(ssl)) {
@@ -166,10 +167,12 @@
/* Save the traffic secret. */
if (direction == evp_aead_open) {
- memmove(ssl->s3->read_traffic_secret, traffic_secret, traffic_secret_len);
+ OPENSSL_memmove(ssl->s3->read_traffic_secret, traffic_secret,
+ traffic_secret_len);
ssl->s3->read_traffic_secret_len = traffic_secret_len;
} else {
- memmove(ssl->s3->write_traffic_secret, traffic_secret, traffic_secret_len);
+ OPENSSL_memmove(ssl->s3->write_traffic_secret, traffic_secret,
+ traffic_secret_len);
ssl->s3->write_traffic_secret_len = traffic_secret_len;
}
@@ -185,39 +188,18 @@
static const char kTLS13LabelServerApplicationTraffic[] =
"server application traffic secret";
-int tls13_set_handshake_traffic(SSL_HANDSHAKE *hs) {
+int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- uint8_t client_traffic_secret[EVP_MAX_MD_SIZE];
- uint8_t server_traffic_secret[EVP_MAX_MD_SIZE];
- if (!derive_secret(hs, client_traffic_secret, hs->hash_len,
- (const uint8_t *)kTLS13LabelClientHandshakeTraffic,
- strlen(kTLS13LabelClientHandshakeTraffic)) ||
- !ssl_log_secret(ssl, "CLIENT_HANDSHAKE_TRAFFIC_SECRET",
- client_traffic_secret, hs->hash_len) ||
- !derive_secret(hs, server_traffic_secret, hs->hash_len,
- (const uint8_t *)kTLS13LabelServerHandshakeTraffic,
- strlen(kTLS13LabelServerHandshakeTraffic)) ||
- !ssl_log_secret(ssl, "SERVER_HANDSHAKE_TRAFFIC_SECRET",
- server_traffic_secret, hs->hash_len)) {
- return 0;
- }
-
- if (ssl->server) {
- if (!tls13_set_traffic_key(ssl, evp_aead_open, client_traffic_secret,
- hs->hash_len) ||
- !tls13_set_traffic_key(ssl, evp_aead_seal, server_traffic_secret,
- hs->hash_len)) {
- return 0;
- }
- } else {
- if (!tls13_set_traffic_key(ssl, evp_aead_open, server_traffic_secret,
- hs->hash_len) ||
- !tls13_set_traffic_key(ssl, evp_aead_seal, client_traffic_secret,
- hs->hash_len)) {
- return 0;
- }
- }
- return 1;
+ return derive_secret(hs, hs->client_handshake_secret, hs->hash_len,
+ (const uint8_t *)kTLS13LabelClientHandshakeTraffic,
+ strlen(kTLS13LabelClientHandshakeTraffic)) &&
+ ssl_log_secret(ssl, "CLIENT_HANDSHAKE_TRAFFIC_SECRET",
+ hs->client_handshake_secret, hs->hash_len) &&
+ derive_secret(hs, hs->server_handshake_secret, hs->hash_len,
+ (const uint8_t *)kTLS13LabelServerHandshakeTraffic,
+ strlen(kTLS13LabelServerHandshakeTraffic)) &&
+ ssl_log_secret(ssl, "SERVER_HANDSHAKE_TRAFFIC_SECRET",
+ hs->server_handshake_secret, hs->hash_len);
}
static const char kTLS13LabelExporter[] = "exporter master secret";
@@ -405,7 +387,7 @@
return 0;
}
- memcpy(msg + len - hash_len, verify_data, hash_len);
+ OPENSSL_memcpy(msg + len - hash_len, verify_data, hash_len);
return 1;
}
diff --git a/src/ssl/tls13_server.c b/src/ssl/tls13_server.c
index 1aca634..750e47f 100644
--- a/src/ssl/tls13_server.c
+++ b/src/ssl/tls13_server.c
@@ -25,9 +25,15 @@
#include <openssl/rand.h>
#include <openssl/stack.h>
+#include "../crypto/internal.h"
#include "internal.h"
+/* kMaxEarlyDataAccepted is the advertised number of plaintext bytes of early
+ * data that will be accepted. This value should be slightly below
+ * kMaxEarlyDataSkipped in tls_record.c, which is measured in ciphertext. */
+static const size_t kMaxEarlyDataAccepted = 14336;
+
enum server_hs_state_t {
state_process_client_hello = 0,
state_select_parameters,
@@ -109,7 +115,8 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return ssl_hs_error;
}
- memcpy(ssl->s3->client_random, client_hello.random, client_hello.random_len);
+ OPENSSL_memcpy(ssl->s3->client_random, client_hello.random,
+ client_hello.random_len);
/* TLS 1.3 requires the peer only advertise the null compression. */
if (client_hello.compression_methods_len != 1 ||
@@ -125,6 +132,12 @@
return ssl_hs_error;
}
+ /* The short record header extension is incompatible with early data. */
+ if (ssl->s3->skip_early_data && ssl->s3->short_header) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
+ return ssl_hs_error;
+ }
+
hs->tls13_state = state_select_parameters;
return ssl_hs_ok;
}
@@ -191,6 +204,10 @@
}
}
+ if (!ssl_auto_chain_if_needed(ssl)) {
+ return ssl_hs_error;
+ }
+
SSL_CLIENT_HELLO client_hello;
if (!ssl_client_hello_init(ssl, &client_hello, ssl->init_msg,
ssl->init_num)) {
@@ -389,8 +406,18 @@
!CBB_add_u16(&body, ssl_cipher_get_value(ssl->s3->tmp.new_cipher)) ||
!CBB_add_u16_length_prefixed(&body, &extensions) ||
!ssl_ext_pre_shared_key_add_serverhello(hs, &extensions) ||
- !ssl_ext_key_share_add_serverhello(hs, &extensions) ||
- !ssl_complete_message(ssl, &cbb)) {
+ !ssl_ext_key_share_add_serverhello(hs, &extensions)) {
+ goto err;
+ }
+
+ if (ssl->s3->short_header) {
+ if (!CBB_add_u16(&extensions, TLSEXT_TYPE_short_header) ||
+ !CBB_add_u16(&extensions, 0 /* empty extension */)) {
+ goto err;
+ }
+ }
+
+ if (!ssl_complete_message(ssl, &cbb)) {
goto err;
}
@@ -404,7 +431,11 @@
static enum ssl_hs_wait_t do_send_encrypted_extensions(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (!tls13_set_handshake_traffic(hs)) {
+ if (!tls13_derive_handshake_secrets(hs) ||
+ !tls13_set_traffic_key(ssl, evp_aead_open, hs->client_handshake_secret,
+ hs->hash_len) ||
+ !tls13_set_traffic_key(ssl, evp_aead_seal, hs->server_handshake_secret,
+ hs->hash_len)) {
return ssl_hs_error;
}
@@ -631,9 +662,6 @@
goto err;
}
- /* TODO(svaldez): Add support for sending 0RTT through TicketEarlyDataInfo
- * extension. */
-
CBB cbb, body, ticket, extensions;
if (!ssl->method->init_message(ssl, &cbb, &body,
SSL3_MT_NEW_SESSION_TICKET) ||
@@ -645,6 +673,18 @@
goto err;
}
+ if (ssl->ctx->enable_early_data) {
+ session->ticket_max_early_data = kMaxEarlyDataAccepted;
+
+ CBB early_data_info;
+ if (!CBB_add_u16(&extensions, TLSEXT_TYPE_ticket_early_data_info) ||
+ !CBB_add_u16_length_prefixed(&extensions, &early_data_info) ||
+ !CBB_add_u32(&early_data_info, session->ticket_max_early_data) ||
+ !CBB_flush(&extensions)) {
+ goto err;
+ }
+ }
+
/* Add a fake extension. See draft-davidben-tls-grease-01. */
if (!CBB_add_u16(&extensions,
ssl_get_grease_value(ssl, ssl_grease_ticket_extension)) ||
diff --git a/src/ssl/tls_method.c b/src/ssl/tls_method.c
index 9effb36..4efed3f 100644
--- a/src/ssl/tls_method.c
+++ b/src/ssl/tls_method.c
@@ -61,6 +61,7 @@
#include <openssl/buf.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -112,7 +113,7 @@
return 0;
}
- memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
+ OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
SSL_AEAD_CTX_free(ssl->s3->aead_read_ctx);
ssl->s3->aead_read_ctx = aead_ctx;
@@ -120,7 +121,7 @@
}
static int ssl3_set_write_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
- memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
+ OPENSSL_memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
SSL_AEAD_CTX_free(ssl->s3->aead_write_ctx);
ssl->s3->aead_write_ctx = aead_ctx;
diff --git a/src/ssl/tls_record.c b/src/ssl/tls_record.c
index c52909c..362b0c2 100644
--- a/src/ssl/tls_record.c
+++ b/src/ssl/tls_record.c
@@ -125,10 +125,11 @@
* forever. */
static const uint8_t kMaxEmptyRecords = 32;
-/* kMaxEarlyDataSkipped is the maximum amount of data processed when skipping
- * over early data. Without this limit an attacker could send records at a
- * faster rate than we can process and cause trial decryption to loop
- * forever. */
+/* kMaxEarlyDataSkipped is the maximum number of rejected early data bytes that
+ * will be skipped. Without this limit an attacker could send records at a
+ * faster rate than we can process and cause trial decryption to loop forever.
+ * This value should be slightly above kMaxEarlyDataAccepted in tls13_server.c,
+ * which is measured in plaintext. */
static const size_t kMaxEarlyDataSkipped = 16384;
/* kMaxWarningAlerts is the number of consecutive warning alerts that will be
@@ -144,6 +145,19 @@
SSL_CIPHER_is_block_cipher(ssl->s3->aead_write_ctx->cipher);
}
+static int ssl_uses_short_header(const SSL *ssl,
+ enum evp_aead_direction_t dir) {
+ if (!ssl->s3->short_header) {
+ return 0;
+ }
+
+ if (dir == evp_aead_open) {
+ return ssl->s3->aead_read_ctx != NULL;
+ }
+
+ return ssl->s3->aead_write_ctx != NULL;
+}
+
int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) {
for (size_t i = seq_len - 1; i < seq_len; i--) {
++seq[i];
@@ -156,34 +170,46 @@
}
size_t ssl_record_prefix_len(const SSL *ssl) {
+ size_t header_len;
if (SSL_is_dtls(ssl)) {
- return DTLS1_RT_HEADER_LENGTH +
- SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_read_ctx);
+ header_len = DTLS1_RT_HEADER_LENGTH;
+ } else if (ssl_uses_short_header(ssl, evp_aead_open)) {
+ header_len = 2;
} else {
- return SSL3_RT_HEADER_LENGTH +
- SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_read_ctx);
+ header_len = SSL3_RT_HEADER_LENGTH;
}
+
+ return header_len + SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_read_ctx);
}
size_t ssl_seal_align_prefix_len(const SSL *ssl) {
if (SSL_is_dtls(ssl)) {
return DTLS1_RT_HEADER_LENGTH +
SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_write_ctx);
- } else {
- size_t ret = SSL3_RT_HEADER_LENGTH +
- SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_write_ctx);
- if (ssl_needs_record_splitting(ssl)) {
- ret += SSL3_RT_HEADER_LENGTH;
- ret += ssl_cipher_get_record_split_len(ssl->s3->aead_write_ctx->cipher);
- }
- return ret;
}
+
+ size_t header_len;
+ if (ssl_uses_short_header(ssl, evp_aead_seal)) {
+ header_len = 2;
+ } else {
+ header_len = SSL3_RT_HEADER_LENGTH;
+ }
+
+ size_t ret =
+ header_len + SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_write_ctx);
+ if (ssl_needs_record_splitting(ssl)) {
+ ret += header_len;
+ ret += ssl_cipher_get_record_split_len(ssl->s3->aead_write_ctx->cipher);
+ }
+ return ret;
}
size_t SSL_max_seal_overhead(const SSL *ssl) {
size_t ret = SSL_AEAD_CTX_max_overhead(ssl->s3->aead_write_ctx);
if (SSL_is_dtls(ssl)) {
ret += DTLS1_RT_HEADER_LENGTH;
+ } else if (ssl_uses_short_header(ssl, evp_aead_seal)) {
+ ret += 2;
} else {
ret += SSL3_RT_HEADER_LENGTH;
}
@@ -209,11 +235,31 @@
/* Decode the record header. */
uint8_t type;
uint16_t version, ciphertext_len;
- if (!CBS_get_u8(&cbs, &type) ||
- !CBS_get_u16(&cbs, &version) ||
- !CBS_get_u16(&cbs, &ciphertext_len)) {
- *out_consumed = SSL3_RT_HEADER_LENGTH;
- return ssl_open_record_partial;
+ size_t header_len;
+ if (ssl_uses_short_header(ssl, evp_aead_open)) {
+ if (!CBS_get_u16(&cbs, &ciphertext_len)) {
+ *out_consumed = 2;
+ return ssl_open_record_partial;
+ }
+
+ if ((ciphertext_len & 0x8000) == 0) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
+ *out_alert = SSL_AD_DECODE_ERROR;
+ return ssl_open_record_error;
+ }
+
+ ciphertext_len &= 0x7fff;
+ type = SSL3_RT_APPLICATION_DATA;
+ version = TLS1_VERSION;
+ header_len = 2;
+ } else {
+ if (!CBS_get_u8(&cbs, &type) ||
+ !CBS_get_u16(&cbs, &version) ||
+ !CBS_get_u16(&cbs, &ciphertext_len)) {
+ *out_consumed = SSL3_RT_HEADER_LENGTH;
+ return ssl_open_record_partial;
+ }
+ header_len = SSL3_RT_HEADER_LENGTH;
}
int version_ok;
@@ -245,12 +291,11 @@
/* Extract the body. */
CBS body;
if (!CBS_get_bytes(&cbs, &body, ciphertext_len)) {
- *out_consumed = SSL3_RT_HEADER_LENGTH + (size_t)ciphertext_len;
+ *out_consumed = header_len + (size_t)ciphertext_len;
return ssl_open_record_partial;
}
- ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HEADER, in,
- SSL3_RT_HEADER_LENGTH);
+ ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HEADER, in, header_len);
*out_consumed = in_len - CBS_len(&cbs);
@@ -352,21 +397,32 @@
static int do_seal_record(SSL *ssl, uint8_t *out, size_t *out_len,
size_t max_out, uint8_t type, const uint8_t *in,
size_t in_len) {
- if (max_out < SSL3_RT_HEADER_LENGTH) {
+ assert(!buffers_alias(in, in_len, out, max_out));
+
+ const int short_header = ssl_uses_short_header(ssl, evp_aead_seal);
+ size_t header_len = short_header ? 2 : SSL3_RT_HEADER_LENGTH;
+
+ /* TLS 1.3 hides the actual record type inside the encrypted data. */
+ if (ssl->s3->have_version &&
+ ssl3_protocol_version(ssl) >= TLS1_3_VERSION &&
+ ssl->s3->aead_write_ctx != NULL) {
+ if (in_len > in_len + header_len + 1 || max_out < in_len + header_len + 1) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
+
+ OPENSSL_memcpy(out + header_len, in, in_len);
+ out[header_len + in_len] = type;
+ in = out + header_len;
+ type = SSL3_RT_APPLICATION_DATA;
+ in_len++;
+ }
+
+ if (max_out < header_len) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
return 0;
}
- /* Either |in| and |out| don't alias or |in| aligns with the
- * ciphertext. |tls_seal_record| forbids aliasing, but TLS 1.3 aliases them
- * internally. */
- assert(!buffers_alias(in, in_len, out, max_out) ||
- in ==
- out + SSL3_RT_HEADER_LENGTH +
- SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_write_ctx));
-
- out[0] = type;
-
/* The TLS record-layer version number is meaningless and, starting in
* TLS 1.3, is frozen at TLS 1.0. But for historical reasons, SSL 3.0
* ClientHellos should use SSL 3.0 and pre-TLS-1.3 expects the version
@@ -376,29 +432,39 @@
(ssl->s3->have_version && ssl3_protocol_version(ssl) < TLS1_3_VERSION)) {
wire_version = ssl->version;
}
- out[1] = wire_version >> 8;
- out[2] = wire_version & 0xff;
+ /* Write the non-length portions of the header. */
+ if (!short_header) {
+ out[0] = type;
+ out[1] = wire_version >> 8;
+ out[2] = wire_version & 0xff;
+ out += 3;
+ max_out -= 3;
+ }
+
+ /* Write the ciphertext, leaving two bytes for the length. */
size_t ciphertext_len;
- if (!SSL_AEAD_CTX_seal(ssl->s3->aead_write_ctx, out + SSL3_RT_HEADER_LENGTH,
- &ciphertext_len, max_out - SSL3_RT_HEADER_LENGTH,
- type, wire_version, ssl->s3->write_sequence, in,
- in_len) ||
+ if (!SSL_AEAD_CTX_seal(ssl->s3->aead_write_ctx, out + 2, &ciphertext_len,
+ max_out - 2, type, wire_version,
+ ssl->s3->write_sequence, in, in_len) ||
!ssl_record_sequence_update(ssl->s3->write_sequence, 8)) {
return 0;
}
- if (ciphertext_len >= 1 << 16) {
+ /* Fill in the length. */
+ if (ciphertext_len >= 1 << 15) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
return 0;
}
- out[3] = ciphertext_len >> 8;
- out[4] = ciphertext_len & 0xff;
+ out[0] = ciphertext_len >> 8;
+ out[1] = ciphertext_len & 0xff;
+ if (short_header) {
+ out[0] |= 0x80;
+ }
- *out_len = SSL3_RT_HEADER_LENGTH + ciphertext_len;
+ *out_len = header_len + ciphertext_len;
- ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, out,
- SSL3_RT_HEADER_LENGTH);
+ ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, out, header_len);
return 1;
}
@@ -410,25 +476,6 @@
}
size_t frag_len = 0;
-
- /* TLS 1.3 hides the actual record type inside the encrypted data. */
- if (ssl->s3->have_version &&
- ssl3_protocol_version(ssl) >= TLS1_3_VERSION &&
- ssl->s3->aead_write_ctx != NULL) {
- size_t padding = SSL3_RT_HEADER_LENGTH + 1;
-
- if (in_len > in_len + padding || max_out < in_len + padding) {
- OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
- return 0;
- }
-
- memmove(out + SSL3_RT_HEADER_LENGTH, in, in_len);
- out[SSL3_RT_HEADER_LENGTH + in_len] = type;
- in = out + SSL3_RT_HEADER_LENGTH;
- type = SSL3_RT_APPLICATION_DATA;
- in_len++;
- }
-
if (type == SSL3_RT_APPLICATION_DATA && in_len > 1 &&
ssl_needs_record_splitting(ssl)) {
if (!do_seal_record(ssl, out, &frag_len, max_out, type, in, 1)) {
@@ -439,6 +486,7 @@
out += frag_len;
max_out -= frag_len;
+ assert(!ssl_uses_short_header(ssl, evp_aead_seal));
#if !defined(BORINGSSL_UNSAFE_FUZZER_MODE)
assert(SSL3_RT_HEADER_LENGTH + ssl_cipher_get_record_split_len(
ssl->s3->aead_write_ctx->cipher) ==
diff --git a/src/tool/client.cc b/src/tool/client.cc
index b9f1c13..dd3f846 100644
--- a/src/tool/client.cc
+++ b/src/tool/client.cc
@@ -16,10 +16,17 @@
#include <stdio.h>
+#if !defined(OPENSSL_WINDOWS)
+#include <sys/select.h>
+#else
+#include <winsock2.h>
+#endif
+
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
+#include "../crypto/internal.h"
#include "internal.h"
#include "transport_common.h"
@@ -93,6 +100,10 @@
"Enable GREASE",
},
{
+ "-resume", kBooleanArgument,
+ "Establish a second connection resuming the original connection.",
+ },
+ {
"", kOptionalArgument, "",
},
};
@@ -122,6 +133,7 @@
}
static bssl::UniquePtr<BIO> session_out;
+static bssl::UniquePtr<SSL_SESSION> resume_session;
static int NewSessionCallback(SSL *ssl, SSL_SESSION *session) {
if (session_out) {
@@ -132,8 +144,105 @@
return 0;
}
}
+ resume_session = bssl::UniquePtr<SSL_SESSION>(session);
+ return 1;
+}
- return 0;
+static bool WaitForSession(SSL *ssl, int sock) {
+ fd_set read_fds;
+ FD_ZERO(&read_fds);
+
+ if (!SocketSetNonBlocking(sock, true)) {
+ return false;
+ }
+
+ while (!resume_session) {
+ FD_SET(sock, &read_fds);
+ int ret = select(sock + 1, &read_fds, NULL, NULL, NULL);
+ if (ret <= 0) {
+ perror("select");
+ return false;
+ }
+
+ uint8_t buffer[512];
+ int ssl_ret = SSL_read(ssl, buffer, sizeof(buffer));
+
+ if (ssl_ret <= 0) {
+ int ssl_err = SSL_get_error(ssl, ssl_ret);
+ if (ssl_err == SSL_ERROR_WANT_READ) {
+ continue;
+ }
+ fprintf(stderr, "Error while reading: %d\n", ssl_err);
+ ERR_print_errors_cb(PrintErrorCallback, stderr);
+ return false;
+ }
+ }
+
+ return true;
+}
+
+static bool DoConnection(SSL_CTX *ctx,
+ std::map<std::string, std::string> args_map,
+ bool (*cb)(SSL *ssl, int sock)) {
+ int sock = -1;
+ if (!Connect(&sock, args_map["-connect"])) {
+ return false;
+ }
+
+ if (args_map.count("-starttls") != 0) {
+ const std::string& starttls = args_map["-starttls"];
+ if (starttls == "smtp") {
+ if (!DoSMTPStartTLS(sock)) {
+ return false;
+ }
+ } else {
+ fprintf(stderr, "Unknown value for -starttls: %s\n", starttls.c_str());
+ return false;
+ }
+ }
+
+ bssl::UniquePtr<BIO> bio(BIO_new_socket(sock, BIO_CLOSE));
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx));
+
+ if (args_map.count("-server-name") != 0) {
+ SSL_set_tlsext_host_name(ssl.get(), args_map["-server-name"].c_str());
+ }
+
+ if (args_map.count("-session-in") != 0) {
+ bssl::UniquePtr<BIO> in(BIO_new_file(args_map["-session-in"].c_str(),
+ "rb"));
+ if (!in) {
+ fprintf(stderr, "Error reading session\n");
+ ERR_print_errors_cb(PrintErrorCallback, stderr);
+ return false;
+ }
+ bssl::UniquePtr<SSL_SESSION> session(PEM_read_bio_SSL_SESSION(in.get(),
+ nullptr, nullptr, nullptr));
+ if (!session) {
+ fprintf(stderr, "Error reading session\n");
+ ERR_print_errors_cb(PrintErrorCallback, stderr);
+ return false;
+ }
+ SSL_set_session(ssl.get(), session.get());
+ } else if (resume_session) {
+ SSL_set_session(ssl.get(), resume_session.get());
+ }
+
+ SSL_set_bio(ssl.get(), bio.get(), bio.get());
+ bio.release();
+
+ int ret = SSL_connect(ssl.get());
+ if (ret != 1) {
+ int ssl_err = SSL_get_error(ssl.get(), ret);
+ fprintf(stderr, "Error while connecting: %d\n", ssl_err);
+ ERR_print_errors_cb(PrintErrorCallback, stderr);
+ return false;
+ }
+
+ fprintf(stderr, "Connected.\n");
+ PrintConnectionInfo(ssl.get());
+
+ return cb(ssl.get(), sock);
}
bool Client(const std::vector<std::string> &args) {
@@ -217,7 +326,8 @@
}
wire.push_back(static_cast<uint8_t>(len));
wire.resize(wire.size() + len);
- memcpy(wire.data() + wire.size() - len, alpn_protos.data() + i, len);
+ OPENSSL_memcpy(wire.data() + wire.size() - len, alpn_protos.data() + i,
+ len);
i = j + 1;
}
if (SSL_CTX_set_alpn_protos(ctx.get(), wire.data(), wire.size()) != 0) {
@@ -261,6 +371,9 @@
}
}
+ SSL_CTX_set_session_cache_mode(ctx.get(), SSL_SESS_CACHE_CLIENT);
+ SSL_CTX_sess_set_new_cb(ctx.get(), NewSessionCallback);
+
if (args_map.count("-session-out") != 0) {
session_out.reset(BIO_new_file(args_map["-session-out"].c_str(), "wb"));
if (!session_out) {
@@ -269,71 +382,16 @@
ERR_print_errors_cb(PrintErrorCallback, stderr);
return false;
}
- SSL_CTX_set_session_cache_mode(ctx.get(), SSL_SESS_CACHE_CLIENT);
- SSL_CTX_sess_set_new_cb(ctx.get(), NewSessionCallback);
}
if (args_map.count("-grease") != 0) {
SSL_CTX_set_grease_enabled(ctx.get(), 1);
}
- int sock = -1;
- if (!Connect(&sock, args_map["-connect"])) {
+ if (args_map.count("-resume") != 0 &&
+ !DoConnection(ctx.get(), args_map, &WaitForSession)) {
return false;
}
- if (args_map.count("-starttls") != 0) {
- const std::string& starttls = args_map["-starttls"];
- if (starttls == "smtp") {
- if (!DoSMTPStartTLS(sock)) {
- return false;
- }
- } else {
- fprintf(stderr, "Unknown value for -starttls: %s\n", starttls.c_str());
- return false;
- }
- }
-
- bssl::UniquePtr<BIO> bio(BIO_new_socket(sock, BIO_CLOSE));
- bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
-
- if (args_map.count("-server-name") != 0) {
- SSL_set_tlsext_host_name(ssl.get(), args_map["-server-name"].c_str());
- }
-
- if (args_map.count("-session-in") != 0) {
- bssl::UniquePtr<BIO> in(BIO_new_file(args_map["-session-in"].c_str(),
- "rb"));
- if (!in) {
- fprintf(stderr, "Error reading session\n");
- ERR_print_errors_cb(PrintErrorCallback, stderr);
- return false;
- }
- bssl::UniquePtr<SSL_SESSION> session(PEM_read_bio_SSL_SESSION(in.get(),
- nullptr, nullptr, nullptr));
- if (!session) {
- fprintf(stderr, "Error reading session\n");
- ERR_print_errors_cb(PrintErrorCallback, stderr);
- return false;
- }
- SSL_set_session(ssl.get(), session.get());
- }
-
- SSL_set_bio(ssl.get(), bio.get(), bio.get());
- bio.release();
-
- int ret = SSL_connect(ssl.get());
- if (ret != 1) {
- int ssl_err = SSL_get_error(ssl.get(), ret);
- fprintf(stderr, "Error while connecting: %d\n", ssl_err);
- ERR_print_errors_cb(PrintErrorCallback, stderr);
- return false;
- }
-
- fprintf(stderr, "Connected.\n");
- PrintConnectionInfo(ssl.get());
-
- bool ok = TransferData(ssl.get(), sock);
-
- return ok;
+ return DoConnection(ctx.get(), args_map, &TransferData);
}
diff --git a/src/tool/pkcs12.cc b/src/tool/pkcs12.cc
index 7fd6f13..a8ddb0e 100644
--- a/src/tool/pkcs12.cc
+++ b/src/tool/pkcs12.cc
@@ -36,6 +36,7 @@
#include <openssl/pkcs8.h>
#include <openssl/stack.h>
+#include "../crypto/internal.h"
#include "internal.h"
@@ -106,11 +107,11 @@
if (n >= 0) {
off += static_cast<size_t>(n);
}
- } while ((n > 0 && memchr(password, '\n', off) == NULL &&
+ } while ((n > 0 && OPENSSL_memchr(password, '\n', off) == NULL &&
off < sizeof(password) - 1) ||
(n == -1 && errno == EINTR));
- char *newline = reinterpret_cast<char*>(memchr(password, '\n', off));
+ char *newline = reinterpret_cast<char *>(OPENSSL_memchr(password, '\n', off));
if (newline == NULL) {
return false;
}
diff --git a/src/tool/server.cc b/src/tool/server.cc
index a049422..94abbbd 100644
--- a/src/tool/server.cc
+++ b/src/tool/server.cc
@@ -24,33 +24,37 @@
static const struct argument kArguments[] = {
{
- "-accept", kRequiredArgument,
- "The port of the server to bind on; eg 45102",
+ "-accept", kRequiredArgument,
+ "The port of the server to bind on; eg 45102",
},
{
- "-cipher", kOptionalArgument,
- "An OpenSSL-style cipher suite string that configures the offered ciphers",
+ "-cipher", kOptionalArgument,
+ "An OpenSSL-style cipher suite string that configures the offered "
+ "ciphers",
},
{
- "-max-version", kOptionalArgument,
- "The maximum acceptable protocol version",
+ "-max-version", kOptionalArgument,
+ "The maximum acceptable protocol version",
},
{
- "-min-version", kOptionalArgument,
- "The minimum acceptable protocol version",
+ "-min-version", kOptionalArgument,
+ "The minimum acceptable protocol version",
},
{
- "-key", kOptionalArgument,
- "PEM-encoded file containing the private key, leaf certificate and "
- "optional certificate chain. A self-signed certificate is generated "
- "at runtime if this argument is not provided.",
+ "-key", kOptionalArgument,
+ "PEM-encoded file containing the private key, leaf certificate and "
+ "optional certificate chain. A self-signed certificate is generated "
+ "at runtime if this argument is not provided.",
},
{
- "-ocsp-response", kOptionalArgument,
- "OCSP response file to send",
+ "-ocsp-response", kOptionalArgument, "OCSP response file to send",
},
{
- "", kOptionalArgument, "",
+ "-loop", kBooleanArgument,
+ "The server will continue accepting new sequential connections.",
+ },
+ {
+ "", kOptionalArgument, "",
},
};
@@ -219,25 +223,30 @@
return false;
}
- int sock = -1;
- if (!Accept(&sock, args_map["-accept"])) {
- return false;
- }
+ bool result = true;
+ do {
+ int sock = -1;
+ if (!Accept(&sock, args_map["-accept"])) {
+ return false;
+ }
- BIO *bio = BIO_new_socket(sock, BIO_CLOSE);
- bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
- SSL_set_bio(ssl.get(), bio, bio);
+ BIO *bio = BIO_new_socket(sock, BIO_CLOSE);
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
+ SSL_set_bio(ssl.get(), bio, bio);
- int ret = SSL_accept(ssl.get());
- if (ret != 1) {
- int ssl_err = SSL_get_error(ssl.get(), ret);
- fprintf(stderr, "Error while connecting: %d\n", ssl_err);
- ERR_print_errors_cb(PrintErrorCallback, stderr);
- return false;
- }
+ int ret = SSL_accept(ssl.get());
+ if (ret != 1) {
+ int ssl_err = SSL_get_error(ssl.get(), ret);
+ fprintf(stderr, "Error while connecting: %d\n", ssl_err);
+ ERR_print_errors_cb(PrintErrorCallback, stderr);
+ return false;
+ }
- fprintf(stderr, "Connected.\n");
- PrintConnectionInfo(ssl.get());
+ fprintf(stderr, "Connected.\n");
+ PrintConnectionInfo(ssl.get());
- return TransferData(ssl.get(), sock);
+ result = TransferData(ssl.get(), sock);
+ } while (result && args_map.count("-loop") != 0);
+
+ return result;
}
diff --git a/src/tool/speed.cc b/src/tool/speed.cc
index ad2ce95..52708c0 100644
--- a/src/tool/speed.cc
+++ b/src/tool/speed.cc
@@ -43,6 +43,7 @@
#include <time.h>
#endif
+#include "../crypto/internal.h"
#include "internal.h"
@@ -208,18 +209,18 @@
const size_t overhead_len = EVP_AEAD_max_overhead(aead);
std::unique_ptr<uint8_t[]> key(new uint8_t[key_len]);
- memset(key.get(), 0, key_len);
+ OPENSSL_memset(key.get(), 0, key_len);
std::unique_ptr<uint8_t[]> nonce(new uint8_t[nonce_len]);
- memset(nonce.get(), 0, nonce_len);
+ OPENSSL_memset(nonce.get(), 0, nonce_len);
std::unique_ptr<uint8_t[]> in_storage(new uint8_t[chunk_len + kAlignment]);
std::unique_ptr<uint8_t[]> out_storage(new uint8_t[chunk_len + overhead_len + kAlignment]);
std::unique_ptr<uint8_t[]> ad(new uint8_t[ad_len]);
- memset(ad.get(), 0, ad_len);
+ OPENSSL_memset(ad.get(), 0, ad_len);
uint8_t *const in = align(in_storage.get(), kAlignment);
- memset(in, 0, chunk_len);
+ OPENSSL_memset(in, 0, chunk_len);
uint8_t *const out = align(out_storage.get(), kAlignment);
- memset(out, 0, chunk_len + overhead_len);
+ OPENSSL_memset(out, 0, chunk_len + overhead_len);
if (!EVP_AEAD_CTX_init_with_direction(ctx.get(), aead, key.get(), key_len,
EVP_AEAD_DEFAULT_TAG_LENGTH,
@@ -381,7 +382,7 @@
return false;
}
uint8_t digest[20];
- memset(digest, 42, sizeof(digest));
+ OPENSSL_memset(digest, 42, sizeof(digest));
unsigned sig_len;
TimeResults results;
@@ -462,7 +463,7 @@
if (!TimeFunction(&results, []() -> bool {
uint8_t out[32], in[32];
- memset(in, 0, sizeof(in));
+ OPENSSL_memset(in, 0, sizeof(in));
X25519_public_from_private(out, in);
return true;
})) {
@@ -474,8 +475,8 @@
if (!TimeFunction(&results, []() -> bool {
uint8_t out[32], in1[32], in2[32];
- memset(in1, 0, sizeof(in1));
- memset(in2, 0, sizeof(in2));
+ OPENSSL_memset(in1, 0, sizeof(in1));
+ OPENSSL_memset(in2, 0, sizeof(in2));
in1[0] = 1;
in2[0] = 9;
return X25519(out, in1, in2) == 1;
diff --git a/src/tool/transport_common.cc b/src/tool/transport_common.cc
index 0fee377..cd3e0d6 100644
--- a/src/tool/transport_common.cc
+++ b/src/tool/transport_common.cc
@@ -47,6 +47,7 @@
#include <openssl/ssl.h>
#include <openssl/x509.h>
+#include "../crypto/internal.h"
#include "internal.h"
#include "transport_common.h"
@@ -98,7 +99,7 @@
}
struct addrinfo hint, *result;
- memset(&hint, 0, sizeof(hint));
+ OPENSSL_memset(&hint, 0, sizeof(hint));
hint.ai_family = AF_UNSPEC;
hint.ai_socktype = SOCK_STREAM;
@@ -151,13 +152,18 @@
bool Accept(int *out_sock, const std::string &port) {
struct sockaddr_in6 addr, cli_addr;
socklen_t cli_addr_len = sizeof(cli_addr);
- memset(&addr, 0, sizeof(addr));
+ OPENSSL_memset(&addr, 0, sizeof(addr));
addr.sin6_family = AF_INET6;
addr.sin6_addr = IN6ADDR_ANY_INIT;
addr.sin6_port = htons(atoi(port.c_str()));
bool ok = false;
+#if defined(OPENSSL_WINDOWS)
+ const BOOL enable = TRUE;
+#else
+ const int enable = 1;
+#endif
int server_sock = -1;
server_sock =
@@ -167,6 +173,12 @@
goto out;
}
+ if (setsockopt(server_sock, SOL_SOCKET, SO_REUSEADDR, (const char *)&enable,
+ sizeof(enable)) < 0) {
+ perror("setsockopt");
+ goto out;
+ }
+
if (bind(server_sock, (struct sockaddr*)&addr, sizeof(addr)) != 0) {
perror("connect");
goto out;
@@ -434,7 +446,7 @@
out_line->assign(buf_, length);
buf_len_ -= i + 1;
- memmove(buf_, &buf_[i + 1], buf_len_);
+ OPENSSL_memmove(buf_, &buf_[i + 1], buf_len_);
return true;
}
diff --git a/src/util/generate-coverage.sh b/src/util/generate-coverage.sh
index edd2edb..e16a9a4 100755
--- a/src/util/generate-coverage.sh
+++ b/src/util/generate-coverage.sh
@@ -27,8 +27,7 @@
fi
cd "$BUILD"
-cmake "$SRC" -GNinja -DCMAKE_C_FLAGS='-fprofile-arcs -ftest-coverage' \
- -DCMAKE_CXX_FLAGS='-fprofile-arcs -ftest-coverage'
+cmake "$SRC" -GNinja -DGCOV=1
ninja
cp -r "$SRC/crypto" "$SRC/decrepit" "$SRC/include" "$SRC/ssl" "$SRC/tool" \
diff --git a/win-x86_64/crypto/bn/rsaz-x86_64.asm b/win-x86_64/crypto/bn/rsaz-x86_64.asm
deleted file mode 100644
index 72ec505..0000000
--- a/win-x86_64/crypto/bn/rsaz-x86_64.asm
+++ /dev/null
@@ -1,1495 +0,0 @@
-default rel
-%define XMMWORD
-%define YMMWORD
-%define ZMMWORD
-section .text code align=64
-
-
-EXTERN OPENSSL_ia32cap_P
-
-global rsaz_512_sqr
-
-ALIGN 32
-rsaz_512_sqr:
- mov QWORD[8+rsp],rdi ;WIN64 prologue
- mov QWORD[16+rsp],rsi
- mov rax,rsp
-$L$SEH_begin_rsaz_512_sqr:
- mov rdi,rcx
- mov rsi,rdx
- mov rdx,r8
- mov rcx,r9
- mov r8,QWORD[40+rsp]
-
-
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
-
- sub rsp,128+24
-$L$sqr_body:
- mov rbp,rdx
- mov rdx,QWORD[rsi]
- mov rax,QWORD[8+rsi]
- mov QWORD[128+rsp],rcx
- jmp NEAR $L$oop_sqr
-
-ALIGN 32
-$L$oop_sqr:
- mov DWORD[((128+8))+rsp],r8d
-
- mov rbx,rdx
- mul rdx
- mov r8,rax
- mov rax,QWORD[16+rsi]
- mov r9,rdx
-
- mul rbx
- add r9,rax
- mov rax,QWORD[24+rsi]
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[32+rsi]
- mov r11,rdx
- adc r11,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[40+rsi]
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r12,rax
- mov rax,QWORD[48+rsi]
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[56+rsi]
- mov r14,rdx
- adc r14,0
-
- mul rbx
- add r14,rax
- mov rax,rbx
- mov r15,rdx
- adc r15,0
-
- add r8,r8
- mov rcx,r9
- adc r9,r9
-
- mul rax
- mov QWORD[rsp],rax
- add r8,rdx
- adc r9,0
-
- mov QWORD[8+rsp],r8
- shr rcx,63
-
-
- mov r8,QWORD[8+rsi]
- mov rax,QWORD[16+rsi]
- mul r8
- add r10,rax
- mov rax,QWORD[24+rsi]
- mov rbx,rdx
- adc rbx,0
-
- mul r8
- add r11,rax
- mov rax,QWORD[32+rsi]
- adc rdx,0
- add r11,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r8
- add r12,rax
- mov rax,QWORD[40+rsi]
- adc rdx,0
- add r12,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r8
- add r13,rax
- mov rax,QWORD[48+rsi]
- adc rdx,0
- add r13,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r8
- add r14,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- add r14,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r8
- add r15,rax
- mov rax,r8
- adc rdx,0
- add r15,rbx
- mov r8,rdx
- mov rdx,r10
- adc r8,0
-
- add rdx,rdx
- lea r10,[r10*2+rcx]
- mov rbx,r11
- adc r11,r11
-
- mul rax
- add r9,rax
- adc r10,rdx
- adc r11,0
-
- mov QWORD[16+rsp],r9
- mov QWORD[24+rsp],r10
- shr rbx,63
-
-
- mov r9,QWORD[16+rsi]
- mov rax,QWORD[24+rsi]
- mul r9
- add r12,rax
- mov rax,QWORD[32+rsi]
- mov rcx,rdx
- adc rcx,0
-
- mul r9
- add r13,rax
- mov rax,QWORD[40+rsi]
- adc rdx,0
- add r13,rcx
- mov rcx,rdx
- adc rcx,0
-
- mul r9
- add r14,rax
- mov rax,QWORD[48+rsi]
- adc rdx,0
- add r14,rcx
- mov rcx,rdx
- adc rcx,0
-
- mul r9
- mov r10,r12
- lea r12,[r12*2+rbx]
- add r15,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- add r15,rcx
- mov rcx,rdx
- adc rcx,0
-
- mul r9
- shr r10,63
- add r8,rax
- mov rax,r9
- adc rdx,0
- add r8,rcx
- mov r9,rdx
- adc r9,0
-
- mov rcx,r13
- lea r13,[r13*2+r10]
-
- mul rax
- add r11,rax
- adc r12,rdx
- adc r13,0
-
- mov QWORD[32+rsp],r11
- mov QWORD[40+rsp],r12
- shr rcx,63
-
-
- mov r10,QWORD[24+rsi]
- mov rax,QWORD[32+rsi]
- mul r10
- add r14,rax
- mov rax,QWORD[40+rsi]
- mov rbx,rdx
- adc rbx,0
-
- mul r10
- add r15,rax
- mov rax,QWORD[48+rsi]
- adc rdx,0
- add r15,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r10
- mov r12,r14
- lea r14,[r14*2+rcx]
- add r8,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- add r8,rbx
- mov rbx,rdx
- adc rbx,0
-
- mul r10
- shr r12,63
- add r9,rax
- mov rax,r10
- adc rdx,0
- add r9,rbx
- mov r10,rdx
- adc r10,0
-
- mov rbx,r15
- lea r15,[r15*2+r12]
-
- mul rax
- add r13,rax
- adc r14,rdx
- adc r15,0
-
- mov QWORD[48+rsp],r13
- mov QWORD[56+rsp],r14
- shr rbx,63
-
-
- mov r11,QWORD[32+rsi]
- mov rax,QWORD[40+rsi]
- mul r11
- add r8,rax
- mov rax,QWORD[48+rsi]
- mov rcx,rdx
- adc rcx,0
-
- mul r11
- add r9,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- mov r12,r8
- lea r8,[r8*2+rbx]
- add r9,rcx
- mov rcx,rdx
- adc rcx,0
-
- mul r11
- shr r12,63
- add r10,rax
- mov rax,r11
- adc rdx,0
- add r10,rcx
- mov r11,rdx
- adc r11,0
-
- mov rcx,r9
- lea r9,[r9*2+r12]
-
- mul rax
- add r15,rax
- adc r8,rdx
- adc r9,0
-
- mov QWORD[64+rsp],r15
- mov QWORD[72+rsp],r8
- shr rcx,63
-
-
- mov r12,QWORD[40+rsi]
- mov rax,QWORD[48+rsi]
- mul r12
- add r10,rax
- mov rax,QWORD[56+rsi]
- mov rbx,rdx
- adc rbx,0
-
- mul r12
- add r11,rax
- mov rax,r12
- mov r15,r10
- lea r10,[r10*2+rcx]
- adc rdx,0
- shr r15,63
- add r11,rbx
- mov r12,rdx
- adc r12,0
-
- mov rbx,r11
- lea r11,[r11*2+r15]
-
- mul rax
- add r9,rax
- adc r10,rdx
- adc r11,0
-
- mov QWORD[80+rsp],r9
- mov QWORD[88+rsp],r10
-
-
- mov r13,QWORD[48+rsi]
- mov rax,QWORD[56+rsi]
- mul r13
- add r12,rax
- mov rax,r13
- mov r13,rdx
- adc r13,0
-
- xor r14,r14
- shl rbx,1
- adc r12,r12
- adc r13,r13
- adc r14,r14
-
- mul rax
- add r11,rax
- adc r12,rdx
- adc r13,0
-
- mov QWORD[96+rsp],r11
- mov QWORD[104+rsp],r12
-
-
- mov rax,QWORD[56+rsi]
- mul rax
- add r13,rax
- adc rdx,0
-
- add r14,rdx
-
- mov QWORD[112+rsp],r13
- mov QWORD[120+rsp],r14
-
- mov r8,QWORD[rsp]
- mov r9,QWORD[8+rsp]
- mov r10,QWORD[16+rsp]
- mov r11,QWORD[24+rsp]
- mov r12,QWORD[32+rsp]
- mov r13,QWORD[40+rsp]
- mov r14,QWORD[48+rsp]
- mov r15,QWORD[56+rsp]
-
- call __rsaz_512_reduce
-
- add r8,QWORD[64+rsp]
- adc r9,QWORD[72+rsp]
- adc r10,QWORD[80+rsp]
- adc r11,QWORD[88+rsp]
- adc r12,QWORD[96+rsp]
- adc r13,QWORD[104+rsp]
- adc r14,QWORD[112+rsp]
- adc r15,QWORD[120+rsp]
- sbb rcx,rcx
-
- call __rsaz_512_subtract
-
- mov rdx,r8
- mov rax,r9
- mov r8d,DWORD[((128+8))+rsp]
- mov rsi,rdi
-
- dec r8d
- jnz NEAR $L$oop_sqr
-
- lea rax,[((128+24+48))+rsp]
- mov r15,QWORD[((-48))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r12,QWORD[((-24))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov rbx,QWORD[((-8))+rax]
- lea rsp,[rax]
-$L$sqr_epilogue:
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_sqr:
-global rsaz_512_mul
-
-ALIGN 32
-rsaz_512_mul:
- mov QWORD[8+rsp],rdi ;WIN64 prologue
- mov QWORD[16+rsp],rsi
- mov rax,rsp
-$L$SEH_begin_rsaz_512_mul:
- mov rdi,rcx
- mov rsi,rdx
- mov rdx,r8
- mov rcx,r9
- mov r8,QWORD[40+rsp]
-
-
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
-
- sub rsp,128+24
-$L$mul_body:
-DB 102,72,15,110,199
-DB 102,72,15,110,201
- mov QWORD[128+rsp],r8
- mov rbx,QWORD[rdx]
- mov rbp,rdx
- call __rsaz_512_mul
-
-DB 102,72,15,126,199
-DB 102,72,15,126,205
-
- mov r8,QWORD[rsp]
- mov r9,QWORD[8+rsp]
- mov r10,QWORD[16+rsp]
- mov r11,QWORD[24+rsp]
- mov r12,QWORD[32+rsp]
- mov r13,QWORD[40+rsp]
- mov r14,QWORD[48+rsp]
- mov r15,QWORD[56+rsp]
-
- call __rsaz_512_reduce
- add r8,QWORD[64+rsp]
- adc r9,QWORD[72+rsp]
- adc r10,QWORD[80+rsp]
- adc r11,QWORD[88+rsp]
- adc r12,QWORD[96+rsp]
- adc r13,QWORD[104+rsp]
- adc r14,QWORD[112+rsp]
- adc r15,QWORD[120+rsp]
- sbb rcx,rcx
-
- call __rsaz_512_subtract
-
- lea rax,[((128+24+48))+rsp]
- mov r15,QWORD[((-48))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r12,QWORD[((-24))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov rbx,QWORD[((-8))+rax]
- lea rsp,[rax]
-$L$mul_epilogue:
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_mul:
-global rsaz_512_mul_gather4
-
-ALIGN 32
-rsaz_512_mul_gather4:
- mov QWORD[8+rsp],rdi ;WIN64 prologue
- mov QWORD[16+rsp],rsi
- mov rax,rsp
-$L$SEH_begin_rsaz_512_mul_gather4:
- mov rdi,rcx
- mov rsi,rdx
- mov rdx,r8
- mov rcx,r9
- mov r8,QWORD[40+rsp]
- mov r9,QWORD[48+rsp]
-
-
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
-
- sub rsp,328
- movaps XMMWORD[160+rsp],xmm6
- movaps XMMWORD[176+rsp],xmm7
- movaps XMMWORD[192+rsp],xmm8
- movaps XMMWORD[208+rsp],xmm9
- movaps XMMWORD[224+rsp],xmm10
- movaps XMMWORD[240+rsp],xmm11
- movaps XMMWORD[256+rsp],xmm12
- movaps XMMWORD[272+rsp],xmm13
- movaps XMMWORD[288+rsp],xmm14
- movaps XMMWORD[304+rsp],xmm15
-$L$mul_gather4_body:
- movd xmm8,r9d
- movdqa xmm1,XMMWORD[(($L$inc+16))]
- movdqa xmm0,XMMWORD[$L$inc]
-
- pshufd xmm8,xmm8,0
- movdqa xmm7,xmm1
- movdqa xmm2,xmm1
- paddd xmm1,xmm0
- pcmpeqd xmm0,xmm8
- movdqa xmm3,xmm7
- paddd xmm2,xmm1
- pcmpeqd xmm1,xmm8
- movdqa xmm4,xmm7
- paddd xmm3,xmm2
- pcmpeqd xmm2,xmm8
- movdqa xmm5,xmm7
- paddd xmm4,xmm3
- pcmpeqd xmm3,xmm8
- movdqa xmm6,xmm7
- paddd xmm5,xmm4
- pcmpeqd xmm4,xmm8
- paddd xmm6,xmm5
- pcmpeqd xmm5,xmm8
- paddd xmm7,xmm6
- pcmpeqd xmm6,xmm8
- pcmpeqd xmm7,xmm8
-
- movdqa xmm8,XMMWORD[rdx]
- movdqa xmm9,XMMWORD[16+rdx]
- movdqa xmm10,XMMWORD[32+rdx]
- movdqa xmm11,XMMWORD[48+rdx]
- pand xmm8,xmm0
- movdqa xmm12,XMMWORD[64+rdx]
- pand xmm9,xmm1
- movdqa xmm13,XMMWORD[80+rdx]
- pand xmm10,xmm2
- movdqa xmm14,XMMWORD[96+rdx]
- pand xmm11,xmm3
- movdqa xmm15,XMMWORD[112+rdx]
- lea rbp,[128+rdx]
- pand xmm12,xmm4
- pand xmm13,xmm5
- pand xmm14,xmm6
- pand xmm15,xmm7
- por xmm8,xmm10
- por xmm9,xmm11
- por xmm8,xmm12
- por xmm9,xmm13
- por xmm8,xmm14
- por xmm9,xmm15
-
- por xmm8,xmm9
- pshufd xmm9,xmm8,0x4e
- por xmm8,xmm9
-DB 102,76,15,126,195
-
- mov QWORD[128+rsp],r8
- mov QWORD[((128+8))+rsp],rdi
- mov QWORD[((128+16))+rsp],rcx
-
- mov rax,QWORD[rsi]
- mov rcx,QWORD[8+rsi]
- mul rbx
- mov QWORD[rsp],rax
- mov rax,rcx
- mov r8,rdx
-
- mul rbx
- add r8,rax
- mov rax,QWORD[16+rsi]
- mov r9,rdx
- adc r9,0
-
- mul rbx
- add r9,rax
- mov rax,QWORD[24+rsi]
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[32+rsi]
- mov r11,rdx
- adc r11,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[40+rsi]
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r12,rax
- mov rax,QWORD[48+rsi]
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[56+rsi]
- mov r14,rdx
- adc r14,0
-
- mul rbx
- add r14,rax
- mov rax,QWORD[rsi]
- mov r15,rdx
- adc r15,0
-
- lea rdi,[8+rsp]
- mov ecx,7
- jmp NEAR $L$oop_mul_gather
-
-ALIGN 32
-$L$oop_mul_gather:
- movdqa xmm8,XMMWORD[rbp]
- movdqa xmm9,XMMWORD[16+rbp]
- movdqa xmm10,XMMWORD[32+rbp]
- movdqa xmm11,XMMWORD[48+rbp]
- pand xmm8,xmm0
- movdqa xmm12,XMMWORD[64+rbp]
- pand xmm9,xmm1
- movdqa xmm13,XMMWORD[80+rbp]
- pand xmm10,xmm2
- movdqa xmm14,XMMWORD[96+rbp]
- pand xmm11,xmm3
- movdqa xmm15,XMMWORD[112+rbp]
- lea rbp,[128+rbp]
- pand xmm12,xmm4
- pand xmm13,xmm5
- pand xmm14,xmm6
- pand xmm15,xmm7
- por xmm8,xmm10
- por xmm9,xmm11
- por xmm8,xmm12
- por xmm9,xmm13
- por xmm8,xmm14
- por xmm9,xmm15
-
- por xmm8,xmm9
- pshufd xmm9,xmm8,0x4e
- por xmm8,xmm9
-DB 102,76,15,126,195
-
- mul rbx
- add r8,rax
- mov rax,QWORD[8+rsi]
- mov QWORD[rdi],r8
- mov r8,rdx
- adc r8,0
-
- mul rbx
- add r9,rax
- mov rax,QWORD[16+rsi]
- adc rdx,0
- add r8,r9
- mov r9,rdx
- adc r9,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[24+rsi]
- adc rdx,0
- add r9,r10
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[32+rsi]
- adc rdx,0
- add r10,r11
- mov r11,rdx
- adc r11,0
-
- mul rbx
- add r12,rax
- mov rax,QWORD[40+rsi]
- adc rdx,0
- add r11,r12
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[48+rsi]
- adc rdx,0
- add r12,r13
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r14,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- add r13,r14
- mov r14,rdx
- adc r14,0
-
- mul rbx
- add r15,rax
- mov rax,QWORD[rsi]
- adc rdx,0
- add r14,r15
- mov r15,rdx
- adc r15,0
-
- lea rdi,[8+rdi]
-
- dec ecx
- jnz NEAR $L$oop_mul_gather
-
- mov QWORD[rdi],r8
- mov QWORD[8+rdi],r9
- mov QWORD[16+rdi],r10
- mov QWORD[24+rdi],r11
- mov QWORD[32+rdi],r12
- mov QWORD[40+rdi],r13
- mov QWORD[48+rdi],r14
- mov QWORD[56+rdi],r15
-
- mov rdi,QWORD[((128+8))+rsp]
- mov rbp,QWORD[((128+16))+rsp]
-
- mov r8,QWORD[rsp]
- mov r9,QWORD[8+rsp]
- mov r10,QWORD[16+rsp]
- mov r11,QWORD[24+rsp]
- mov r12,QWORD[32+rsp]
- mov r13,QWORD[40+rsp]
- mov r14,QWORD[48+rsp]
- mov r15,QWORD[56+rsp]
-
- call __rsaz_512_reduce
- add r8,QWORD[64+rsp]
- adc r9,QWORD[72+rsp]
- adc r10,QWORD[80+rsp]
- adc r11,QWORD[88+rsp]
- adc r12,QWORD[96+rsp]
- adc r13,QWORD[104+rsp]
- adc r14,QWORD[112+rsp]
- adc r15,QWORD[120+rsp]
- sbb rcx,rcx
-
- call __rsaz_512_subtract
-
- lea rax,[((128+24+48))+rsp]
- movaps xmm6,XMMWORD[((160-200))+rax]
- movaps xmm7,XMMWORD[((176-200))+rax]
- movaps xmm8,XMMWORD[((192-200))+rax]
- movaps xmm9,XMMWORD[((208-200))+rax]
- movaps xmm10,XMMWORD[((224-200))+rax]
- movaps xmm11,XMMWORD[((240-200))+rax]
- movaps xmm12,XMMWORD[((256-200))+rax]
- movaps xmm13,XMMWORD[((272-200))+rax]
- movaps xmm14,XMMWORD[((288-200))+rax]
- movaps xmm15,XMMWORD[((304-200))+rax]
- lea rax,[176+rax]
- mov r15,QWORD[((-48))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r12,QWORD[((-24))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov rbx,QWORD[((-8))+rax]
- lea rsp,[rax]
-$L$mul_gather4_epilogue:
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_mul_gather4:
-global rsaz_512_mul_scatter4
-
-ALIGN 32
-rsaz_512_mul_scatter4:
- mov QWORD[8+rsp],rdi ;WIN64 prologue
- mov QWORD[16+rsp],rsi
- mov rax,rsp
-$L$SEH_begin_rsaz_512_mul_scatter4:
- mov rdi,rcx
- mov rsi,rdx
- mov rdx,r8
- mov rcx,r9
- mov r8,QWORD[40+rsp]
- mov r9,QWORD[48+rsp]
-
-
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
-
- mov r9d,r9d
- sub rsp,128+24
-$L$mul_scatter4_body:
- lea r8,[r9*8+r8]
-DB 102,72,15,110,199
-DB 102,72,15,110,202
-DB 102,73,15,110,208
- mov QWORD[128+rsp],rcx
-
- mov rbp,rdi
- mov rbx,QWORD[rdi]
- call __rsaz_512_mul
-
-DB 102,72,15,126,199
-DB 102,72,15,126,205
-
- mov r8,QWORD[rsp]
- mov r9,QWORD[8+rsp]
- mov r10,QWORD[16+rsp]
- mov r11,QWORD[24+rsp]
- mov r12,QWORD[32+rsp]
- mov r13,QWORD[40+rsp]
- mov r14,QWORD[48+rsp]
- mov r15,QWORD[56+rsp]
-
- call __rsaz_512_reduce
- add r8,QWORD[64+rsp]
- adc r9,QWORD[72+rsp]
- adc r10,QWORD[80+rsp]
- adc r11,QWORD[88+rsp]
- adc r12,QWORD[96+rsp]
- adc r13,QWORD[104+rsp]
- adc r14,QWORD[112+rsp]
- adc r15,QWORD[120+rsp]
-DB 102,72,15,126,214
- sbb rcx,rcx
-
- call __rsaz_512_subtract
-
- mov QWORD[rsi],r8
- mov QWORD[128+rsi],r9
- mov QWORD[256+rsi],r10
- mov QWORD[384+rsi],r11
- mov QWORD[512+rsi],r12
- mov QWORD[640+rsi],r13
- mov QWORD[768+rsi],r14
- mov QWORD[896+rsi],r15
-
- lea rax,[((128+24+48))+rsp]
- mov r15,QWORD[((-48))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r12,QWORD[((-24))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov rbx,QWORD[((-8))+rax]
- lea rsp,[rax]
-$L$mul_scatter4_epilogue:
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_mul_scatter4:
-global rsaz_512_mul_by_one
-
-ALIGN 32
-rsaz_512_mul_by_one:
- mov QWORD[8+rsp],rdi ;WIN64 prologue
- mov QWORD[16+rsp],rsi
- mov rax,rsp
-$L$SEH_begin_rsaz_512_mul_by_one:
- mov rdi,rcx
- mov rsi,rdx
- mov rdx,r8
- mov rcx,r9
-
-
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
-
- sub rsp,128+24
-$L$mul_by_one_body:
- mov rbp,rdx
- mov QWORD[128+rsp],rcx
-
- mov r8,QWORD[rsi]
- pxor xmm0,xmm0
- mov r9,QWORD[8+rsi]
- mov r10,QWORD[16+rsi]
- mov r11,QWORD[24+rsi]
- mov r12,QWORD[32+rsi]
- mov r13,QWORD[40+rsi]
- mov r14,QWORD[48+rsi]
- mov r15,QWORD[56+rsi]
-
- movdqa XMMWORD[rsp],xmm0
- movdqa XMMWORD[16+rsp],xmm0
- movdqa XMMWORD[32+rsp],xmm0
- movdqa XMMWORD[48+rsp],xmm0
- movdqa XMMWORD[64+rsp],xmm0
- movdqa XMMWORD[80+rsp],xmm0
- movdqa XMMWORD[96+rsp],xmm0
- call __rsaz_512_reduce
- mov QWORD[rdi],r8
- mov QWORD[8+rdi],r9
- mov QWORD[16+rdi],r10
- mov QWORD[24+rdi],r11
- mov QWORD[32+rdi],r12
- mov QWORD[40+rdi],r13
- mov QWORD[48+rdi],r14
- mov QWORD[56+rdi],r15
-
- lea rax,[((128+24+48))+rsp]
- mov r15,QWORD[((-48))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r12,QWORD[((-24))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov rbx,QWORD[((-8))+rax]
- lea rsp,[rax]
-$L$mul_by_one_epilogue:
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_mul_by_one:
-
-ALIGN 32
-__rsaz_512_reduce:
- mov rbx,r8
- imul rbx,QWORD[((128+8))+rsp]
- mov rax,QWORD[rbp]
- mov ecx,8
- jmp NEAR $L$reduction_loop
-
-ALIGN 32
-$L$reduction_loop:
- mul rbx
- mov rax,QWORD[8+rbp]
- neg r8
- mov r8,rdx
- adc r8,0
-
- mul rbx
- add r9,rax
- mov rax,QWORD[16+rbp]
- adc rdx,0
- add r8,r9
- mov r9,rdx
- adc r9,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[24+rbp]
- adc rdx,0
- add r9,r10
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[32+rbp]
- adc rdx,0
- add r10,r11
- mov rsi,QWORD[((128+8))+rsp]
-
-
- adc rdx,0
- mov r11,rdx
-
- mul rbx
- add r12,rax
- mov rax,QWORD[40+rbp]
- adc rdx,0
- imul rsi,r8
- add r11,r12
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[48+rbp]
- adc rdx,0
- add r12,r13
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r14,rax
- mov rax,QWORD[56+rbp]
- adc rdx,0
- add r13,r14
- mov r14,rdx
- adc r14,0
-
- mul rbx
- mov rbx,rsi
- add r15,rax
- mov rax,QWORD[rbp]
- adc rdx,0
- add r14,r15
- mov r15,rdx
- adc r15,0
-
- dec ecx
- jne NEAR $L$reduction_loop
-
- DB 0F3h,0C3h ;repret
-
-
-ALIGN 32
-__rsaz_512_subtract:
- mov QWORD[rdi],r8
- mov QWORD[8+rdi],r9
- mov QWORD[16+rdi],r10
- mov QWORD[24+rdi],r11
- mov QWORD[32+rdi],r12
- mov QWORD[40+rdi],r13
- mov QWORD[48+rdi],r14
- mov QWORD[56+rdi],r15
-
- mov r8,QWORD[rbp]
- mov r9,QWORD[8+rbp]
- neg r8
- not r9
- and r8,rcx
- mov r10,QWORD[16+rbp]
- and r9,rcx
- not r10
- mov r11,QWORD[24+rbp]
- and r10,rcx
- not r11
- mov r12,QWORD[32+rbp]
- and r11,rcx
- not r12
- mov r13,QWORD[40+rbp]
- and r12,rcx
- not r13
- mov r14,QWORD[48+rbp]
- and r13,rcx
- not r14
- mov r15,QWORD[56+rbp]
- and r14,rcx
- not r15
- and r15,rcx
-
- add r8,QWORD[rdi]
- adc r9,QWORD[8+rdi]
- adc r10,QWORD[16+rdi]
- adc r11,QWORD[24+rdi]
- adc r12,QWORD[32+rdi]
- adc r13,QWORD[40+rdi]
- adc r14,QWORD[48+rdi]
- adc r15,QWORD[56+rdi]
-
- mov QWORD[rdi],r8
- mov QWORD[8+rdi],r9
- mov QWORD[16+rdi],r10
- mov QWORD[24+rdi],r11
- mov QWORD[32+rdi],r12
- mov QWORD[40+rdi],r13
- mov QWORD[48+rdi],r14
- mov QWORD[56+rdi],r15
-
- DB 0F3h,0C3h ;repret
-
-
-ALIGN 32
-__rsaz_512_mul:
- lea rdi,[8+rsp]
-
- mov rax,QWORD[rsi]
- mul rbx
- mov QWORD[rdi],rax
- mov rax,QWORD[8+rsi]
- mov r8,rdx
-
- mul rbx
- add r8,rax
- mov rax,QWORD[16+rsi]
- mov r9,rdx
- adc r9,0
-
- mul rbx
- add r9,rax
- mov rax,QWORD[24+rsi]
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[32+rsi]
- mov r11,rdx
- adc r11,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[40+rsi]
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r12,rax
- mov rax,QWORD[48+rsi]
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[56+rsi]
- mov r14,rdx
- adc r14,0
-
- mul rbx
- add r14,rax
- mov rax,QWORD[rsi]
- mov r15,rdx
- adc r15,0
-
- lea rbp,[8+rbp]
- lea rdi,[8+rdi]
-
- mov ecx,7
- jmp NEAR $L$oop_mul
-
-ALIGN 32
-$L$oop_mul:
- mov rbx,QWORD[rbp]
- mul rbx
- add r8,rax
- mov rax,QWORD[8+rsi]
- mov QWORD[rdi],r8
- mov r8,rdx
- adc r8,0
-
- mul rbx
- add r9,rax
- mov rax,QWORD[16+rsi]
- adc rdx,0
- add r8,r9
- mov r9,rdx
- adc r9,0
-
- mul rbx
- add r10,rax
- mov rax,QWORD[24+rsi]
- adc rdx,0
- add r9,r10
- mov r10,rdx
- adc r10,0
-
- mul rbx
- add r11,rax
- mov rax,QWORD[32+rsi]
- adc rdx,0
- add r10,r11
- mov r11,rdx
- adc r11,0
-
- mul rbx
- add r12,rax
- mov rax,QWORD[40+rsi]
- adc rdx,0
- add r11,r12
- mov r12,rdx
- adc r12,0
-
- mul rbx
- add r13,rax
- mov rax,QWORD[48+rsi]
- adc rdx,0
- add r12,r13
- mov r13,rdx
- adc r13,0
-
- mul rbx
- add r14,rax
- mov rax,QWORD[56+rsi]
- adc rdx,0
- add r13,r14
- mov r14,rdx
- lea rbp,[8+rbp]
- adc r14,0
-
- mul rbx
- add r15,rax
- mov rax,QWORD[rsi]
- adc rdx,0
- add r14,r15
- mov r15,rdx
- adc r15,0
-
- lea rdi,[8+rdi]
-
- dec ecx
- jnz NEAR $L$oop_mul
-
- mov QWORD[rdi],r8
- mov QWORD[8+rdi],r9
- mov QWORD[16+rdi],r10
- mov QWORD[24+rdi],r11
- mov QWORD[32+rdi],r12
- mov QWORD[40+rdi],r13
- mov QWORD[48+rdi],r14
- mov QWORD[56+rdi],r15
-
- DB 0F3h,0C3h ;repret
-
-global rsaz_512_scatter4
-
-ALIGN 16
-rsaz_512_scatter4:
- lea rcx,[r8*8+rcx]
- mov r9d,8
- jmp NEAR $L$oop_scatter
-ALIGN 16
-$L$oop_scatter:
- mov rax,QWORD[rdx]
- lea rdx,[8+rdx]
- mov QWORD[rcx],rax
- lea rcx,[128+rcx]
- dec r9d
- jnz NEAR $L$oop_scatter
- DB 0F3h,0C3h ;repret
-
-
-global rsaz_512_gather4
-
-ALIGN 16
-rsaz_512_gather4:
-$L$SEH_begin_rsaz_512_gather4:
-DB 0x48,0x81,0xec,0xa8,0x00,0x00,0x00
-DB 0x0f,0x29,0x34,0x24
-DB 0x0f,0x29,0x7c,0x24,0x10
-DB 0x44,0x0f,0x29,0x44,0x24,0x20
-DB 0x44,0x0f,0x29,0x4c,0x24,0x30
-DB 0x44,0x0f,0x29,0x54,0x24,0x40
-DB 0x44,0x0f,0x29,0x5c,0x24,0x50
-DB 0x44,0x0f,0x29,0x64,0x24,0x60
-DB 0x44,0x0f,0x29,0x6c,0x24,0x70
-DB 0x44,0x0f,0x29,0xb4,0x24,0x80,0,0,0
-DB 0x44,0x0f,0x29,0xbc,0x24,0x90,0,0,0
- movd xmm8,r8d
- movdqa xmm1,XMMWORD[(($L$inc+16))]
- movdqa xmm0,XMMWORD[$L$inc]
-
- pshufd xmm8,xmm8,0
- movdqa xmm7,xmm1
- movdqa xmm2,xmm1
- paddd xmm1,xmm0
- pcmpeqd xmm0,xmm8
- movdqa xmm3,xmm7
- paddd xmm2,xmm1
- pcmpeqd xmm1,xmm8
- movdqa xmm4,xmm7
- paddd xmm3,xmm2
- pcmpeqd xmm2,xmm8
- movdqa xmm5,xmm7
- paddd xmm4,xmm3
- pcmpeqd xmm3,xmm8
- movdqa xmm6,xmm7
- paddd xmm5,xmm4
- pcmpeqd xmm4,xmm8
- paddd xmm6,xmm5
- pcmpeqd xmm5,xmm8
- paddd xmm7,xmm6
- pcmpeqd xmm6,xmm8
- pcmpeqd xmm7,xmm8
- mov r9d,8
- jmp NEAR $L$oop_gather
-ALIGN 16
-$L$oop_gather:
- movdqa xmm8,XMMWORD[rdx]
- movdqa xmm9,XMMWORD[16+rdx]
- movdqa xmm10,XMMWORD[32+rdx]
- movdqa xmm11,XMMWORD[48+rdx]
- pand xmm8,xmm0
- movdqa xmm12,XMMWORD[64+rdx]
- pand xmm9,xmm1
- movdqa xmm13,XMMWORD[80+rdx]
- pand xmm10,xmm2
- movdqa xmm14,XMMWORD[96+rdx]
- pand xmm11,xmm3
- movdqa xmm15,XMMWORD[112+rdx]
- lea rdx,[128+rdx]
- pand xmm12,xmm4
- pand xmm13,xmm5
- pand xmm14,xmm6
- pand xmm15,xmm7
- por xmm8,xmm10
- por xmm9,xmm11
- por xmm8,xmm12
- por xmm9,xmm13
- por xmm8,xmm14
- por xmm9,xmm15
-
- por xmm8,xmm9
- pshufd xmm9,xmm8,0x4e
- por xmm8,xmm9
- movq QWORD[rcx],xmm8
- lea rcx,[8+rcx]
- dec r9d
- jnz NEAR $L$oop_gather
- movaps xmm6,XMMWORD[rsp]
- movaps xmm7,XMMWORD[16+rsp]
- movaps xmm8,XMMWORD[32+rsp]
- movaps xmm9,XMMWORD[48+rsp]
- movaps xmm10,XMMWORD[64+rsp]
- movaps xmm11,XMMWORD[80+rsp]
- movaps xmm12,XMMWORD[96+rsp]
- movaps xmm13,XMMWORD[112+rsp]
- movaps xmm14,XMMWORD[128+rsp]
- movaps xmm15,XMMWORD[144+rsp]
- add rsp,0xa8
- DB 0F3h,0C3h ;repret
-$L$SEH_end_rsaz_512_gather4:
-
-
-ALIGN 64
-$L$inc:
- DD 0,0,1,1
- DD 2,2,2,2
-EXTERN __imp_RtlVirtualUnwind
-
-ALIGN 16
-se_handler:
- push rsi
- push rdi
- push rbx
- push rbp
- push r12
- push r13
- push r14
- push r15
- pushfq
- sub rsp,64
-
- mov rax,QWORD[120+r8]
- mov rbx,QWORD[248+r8]
-
- mov rsi,QWORD[8+r9]
- mov r11,QWORD[56+r9]
-
- mov r10d,DWORD[r11]
- lea r10,[r10*1+rsi]
- cmp rbx,r10
- jb NEAR $L$common_seh_tail
-
- mov rax,QWORD[152+r8]
-
- mov r10d,DWORD[4+r11]
- lea r10,[r10*1+rsi]
- cmp rbx,r10
- jae NEAR $L$common_seh_tail
-
- lea rax,[((128+24+48))+rax]
-
- lea rbx,[$L$mul_gather4_epilogue]
- cmp rbx,r10
- jne NEAR $L$se_not_in_mul_gather4
-
- lea rax,[176+rax]
-
- lea rsi,[((-48-168))+rax]
- lea rdi,[512+r8]
- mov ecx,20
- DD 0xa548f3fc
-
-$L$se_not_in_mul_gather4:
- mov rbx,QWORD[((-8))+rax]
- mov rbp,QWORD[((-16))+rax]
- mov r12,QWORD[((-24))+rax]
- mov r13,QWORD[((-32))+rax]
- mov r14,QWORD[((-40))+rax]
- mov r15,QWORD[((-48))+rax]
- mov QWORD[144+r8],rbx
- mov QWORD[160+r8],rbp
- mov QWORD[216+r8],r12
- mov QWORD[224+r8],r13
- mov QWORD[232+r8],r14
- mov QWORD[240+r8],r15
-
-$L$common_seh_tail:
- mov rdi,QWORD[8+rax]
- mov rsi,QWORD[16+rax]
- mov QWORD[152+r8],rax
- mov QWORD[168+r8],rsi
- mov QWORD[176+r8],rdi
-
- mov rdi,QWORD[40+r9]
- mov rsi,r8
- mov ecx,154
- DD 0xa548f3fc
-
- mov rsi,r9
- xor rcx,rcx
- mov rdx,QWORD[8+rsi]
- mov r8,QWORD[rsi]
- mov r9,QWORD[16+rsi]
- mov r10,QWORD[40+rsi]
- lea r11,[56+rsi]
- lea r12,[24+rsi]
- mov QWORD[32+rsp],r10
- mov QWORD[40+rsp],r11
- mov QWORD[48+rsp],r12
- mov QWORD[56+rsp],rcx
- call QWORD[__imp_RtlVirtualUnwind]
-
- mov eax,1
- add rsp,64
- popfq
- pop r15
- pop r14
- pop r13
- pop r12
- pop rbp
- pop rbx
- pop rdi
- pop rsi
- DB 0F3h,0C3h ;repret
-
-
-section .pdata rdata align=4
-ALIGN 4
- DD $L$SEH_begin_rsaz_512_sqr wrt ..imagebase
- DD $L$SEH_end_rsaz_512_sqr wrt ..imagebase
- DD $L$SEH_info_rsaz_512_sqr wrt ..imagebase
-
- DD $L$SEH_begin_rsaz_512_mul wrt ..imagebase
- DD $L$SEH_end_rsaz_512_mul wrt ..imagebase
- DD $L$SEH_info_rsaz_512_mul wrt ..imagebase
-
- DD $L$SEH_begin_rsaz_512_mul_gather4 wrt ..imagebase
- DD $L$SEH_end_rsaz_512_mul_gather4 wrt ..imagebase
- DD $L$SEH_info_rsaz_512_mul_gather4 wrt ..imagebase
-
- DD $L$SEH_begin_rsaz_512_mul_scatter4 wrt ..imagebase
- DD $L$SEH_end_rsaz_512_mul_scatter4 wrt ..imagebase
- DD $L$SEH_info_rsaz_512_mul_scatter4 wrt ..imagebase
-
- DD $L$SEH_begin_rsaz_512_mul_by_one wrt ..imagebase
- DD $L$SEH_end_rsaz_512_mul_by_one wrt ..imagebase
- DD $L$SEH_info_rsaz_512_mul_by_one wrt ..imagebase
-
- DD $L$SEH_begin_rsaz_512_gather4 wrt ..imagebase
- DD $L$SEH_end_rsaz_512_gather4 wrt ..imagebase
- DD $L$SEH_info_rsaz_512_gather4 wrt ..imagebase
-
-section .xdata rdata align=8
-ALIGN 8
-$L$SEH_info_rsaz_512_sqr:
-DB 9,0,0,0
- DD se_handler wrt ..imagebase
- DD $L$sqr_body wrt ..imagebase,$L$sqr_epilogue wrt ..imagebase
-$L$SEH_info_rsaz_512_mul:
-DB 9,0,0,0
- DD se_handler wrt ..imagebase
- DD $L$mul_body wrt ..imagebase,$L$mul_epilogue wrt ..imagebase
-$L$SEH_info_rsaz_512_mul_gather4:
-DB 9,0,0,0
- DD se_handler wrt ..imagebase
- DD $L$mul_gather4_body wrt ..imagebase,$L$mul_gather4_epilogue wrt ..imagebase
-$L$SEH_info_rsaz_512_mul_scatter4:
-DB 9,0,0,0
- DD se_handler wrt ..imagebase
- DD $L$mul_scatter4_body wrt ..imagebase,$L$mul_scatter4_epilogue wrt ..imagebase
-$L$SEH_info_rsaz_512_mul_by_one:
-DB 9,0,0,0
- DD se_handler wrt ..imagebase
- DD $L$mul_by_one_body wrt ..imagebase,$L$mul_by_one_epilogue wrt ..imagebase
-$L$SEH_info_rsaz_512_gather4:
-DB 0x01,0x46,0x16,0x00
-DB 0x46,0xf8,0x09,0x00
-DB 0x3d,0xe8,0x08,0x00
-DB 0x34,0xd8,0x07,0x00
-DB 0x2e,0xc8,0x06,0x00
-DB 0x28,0xb8,0x05,0x00
-DB 0x22,0xa8,0x04,0x00
-DB 0x1c,0x98,0x03,0x00
-DB 0x16,0x88,0x02,0x00
-DB 0x10,0x78,0x01,0x00
-DB 0x0b,0x68,0x00,0x00
-DB 0x07,0x01,0x15,0x00