external/boringssl: Sync to 9c33ae85621ef8e00a42309b5101e0bedd02b816.
This includes the following changes:
https://boringssl.googlesource.com/boringssl/+log/629db8cd0c84628e37aa81242b5b07fec7602f55..9c33ae85621ef8e00a42309b5101e0bedd02b816
Bug: 33622440
Test: BoringSSL tests
Change-Id: I20da15ad995a620b6b2f08db20c77ebd0f05ca10
diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt
index fceef1a..97fea5f 100644
--- a/src/crypto/CMakeLists.txt
+++ b/src/crypto/CMakeLists.txt
@@ -180,7 +180,7 @@
add_executable(
constant_time_test
- constant_time_test.c
+ constant_time_test.cc
$<TARGET_OBJECTS:test_support>
)
@@ -202,7 +202,7 @@
add_executable(
refcount_test
- refcount_test.c
+ refcount_test.cc
)
target_link_libraries(refcount_test crypto)
diff --git a/src/crypto/aes/aes_test.cc b/src/crypto/aes/aes_test.cc
index 4fb3a31..cdf03d3 100644
--- a/src/crypto/aes/aes_test.cc
+++ b/src/crypto/aes/aes_test.cc
@@ -21,6 +21,7 @@
#include <openssl/aes.h>
#include <openssl/crypto.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -54,7 +55,7 @@
}
// Test in-place encryption.
- memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
AES_encrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, ciphertext.data(),
ciphertext.size())) {
@@ -76,7 +77,7 @@
}
// Test in-place decryption.
- memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
AES_decrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, plaintext.data(),
plaintext.size())) {
@@ -123,7 +124,7 @@
return false;
}
- memset(buf.get(), 0, ciphertext.size());
+ OPENSSL_memset(buf.get(), 0, ciphertext.size());
if (AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
plaintext.size()) != static_cast<int>(ciphertext.size()) ||
!t->ExpectBytesEqual(buf.get(), ciphertext.size(), ciphertext.data(),
@@ -146,7 +147,7 @@
return false;
}
- memset(buf.get(), 0, plaintext.size());
+ OPENSSL_memset(buf.get(), 0, plaintext.size());
if (AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
ciphertext.size()) != static_cast<int>(plaintext.size()) ||
!t->ExpectBytesEqual(buf.get(), plaintext.size(), plaintext.data(),
@@ -155,6 +156,13 @@
return false;
}
+ ciphertext[0] ^= 1;
+ if (AES_unwrap_key(&aes_key, nullptr /* iv */, buf.get(), ciphertext.data(),
+ ciphertext.size()) != -1) {
+ t->PrintLine("AES_unwrap_key with bad input unexpectedly succeeded.");
+ return false;
+ }
+
return true;
}
diff --git a/src/crypto/aes/key_wrap.c b/src/crypto/aes/key_wrap.c
index c8b6a03..23553b7 100644
--- a/src/crypto/aes/key_wrap.c
+++ b/src/crypto/aes/key_wrap.c
@@ -53,6 +53,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* kDefaultIV is the default IV value given in RFC 3394, 2.2.3.1. */
static const uint8_t kDefaultIV[] = {
@@ -73,15 +75,15 @@
iv = kDefaultIV;
}
- memmove(out + 8, in, in_len);
+ OPENSSL_memmove(out + 8, in, in_len);
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, iv, 8);
+ OPENSSL_memcpy(A, iv, 8);
size_t n = in_len / 8;
for (unsigned j = 0; j < kBound; j++) {
for (size_t i = 1; i <= n; i++) {
- memcpy(A + 8, out + 8 * i, 8);
+ OPENSSL_memcpy(A + 8, out + 8 * i, 8);
AES_encrypt(A, A, key);
uint32_t t = (uint32_t)(n * j + i);
@@ -89,11 +91,11 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(out + 8 * i, A + 8, 8);
+ OPENSSL_memcpy(out + 8 * i, A + 8, 8);
}
}
- memcpy(out, A, 8);
+ OPENSSL_memcpy(out, A, 8);
return (int)in_len + 8;
}
@@ -110,8 +112,8 @@
}
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, in, 8);
- memmove(out, in + 8, in_len - 8);
+ OPENSSL_memcpy(A, in, 8);
+ OPENSSL_memmove(out, in + 8, in_len - 8);
size_t n = (in_len / 8) - 1;
@@ -122,9 +124,9 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(A + 8, out + 8 * (i - 1), 8);
+ OPENSSL_memcpy(A + 8, out + 8 * (i - 1), 8);
AES_decrypt(A, A, key);
- memcpy(out + 8 * (i - 1), A + 8, 8);
+ OPENSSL_memcpy(out + 8 * (i - 1), A + 8, 8);
}
}
diff --git a/src/crypto/asn1/a_bitstr.c b/src/crypto/asn1/a_bitstr.c
index 2705ea5..ea9da24 100644
--- a/src/crypto/asn1/a_bitstr.c
+++ b/src/crypto/asn1/a_bitstr.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{
return M_ASN1_BIT_STRING_set(x, d, len);
@@ -115,7 +118,7 @@
*(p++) = (unsigned char)bits;
d = a->data;
- memcpy(p, d, len);
+ OPENSSL_memcpy(p, d, len);
p += len;
if (len > 0)
p[-1] &= (0xff << bits);
@@ -162,7 +165,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
s[len - 1] &= (0xff << padding);
p += len;
} else
@@ -215,7 +218,7 @@
return 0;
}
if (w + 1 - a->length > 0)
- memset(c + a->length, 0, w + 1 - a->length);
+ OPENSSL_memset(c + a->length, 0, w + 1 - a->length);
a->data = c;
a->length = w + 1;
}
diff --git a/src/crypto/asn1/a_enum.c b/src/crypto/asn1/a_enum.c
index 0b95fc9..cc46905 100644
--- a/src/crypto/asn1/a_enum.c
+++ b/src/crypto/asn1/a_enum.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Code for ENUMERATED type: identical to INTEGER apart from a different tag.
* for comments on encoding see a_int.c
@@ -79,7 +82,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/src/crypto/asn1/a_int.c b/src/crypto/asn1/a_int.c
index 38a01bc..617ba96 100644
--- a/src/crypto/asn1/a_int.c
+++ b/src/crypto/asn1/a_int.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{
return M_ASN1_INTEGER_dup(x);
@@ -157,7 +160,7 @@
if (a->length == 0)
*(p++) = 0;
else if (!neg)
- memcpy(p, a->data, (unsigned int)a->length);
+ OPENSSL_memcpy(p, a->data, (unsigned int)a->length);
else {
/* Begin at the end of the encoding */
n = a->data + a->length - 1;
@@ -254,7 +257,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
}
if (ret->data != NULL)
@@ -322,7 +325,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
p += len;
}
@@ -354,7 +357,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/src/crypto/asn1/a_object.c b/src/crypto/asn1/a_object.c
index fef9b79..a710add 100644
--- a/src/crypto/asn1/a_object.c
+++ b/src/crypto/asn1/a_object.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
@@ -77,7 +80,7 @@
p = *pp;
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
- memcpy(p, a->data, a->length);
+ OPENSSL_memcpy(p, a->data, a->length);
p += a->length;
*pp = p;
@@ -321,7 +324,7 @@
}
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(data, p, length);
+ OPENSSL_memcpy(data, p, length);
/* reattach data to object, after which it remains const */
ret->data = data;
ret->length = length;
diff --git a/src/crypto/asn1/a_utctm.c b/src/crypto/asn1/a_utctm.c
index db5cd29..3b9d257 100644
--- a/src/crypto/asn1/a_utctm.c
+++ b/src/crypto/asn1/a_utctm.c
@@ -270,7 +270,7 @@
struct tm tm;
int offset;
- memset(&tm, '\0', sizeof tm);
+ OPENSSL_memset(&tm, '\0', sizeof tm);
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data);
diff --git a/src/crypto/asn1/asn1_lib.c b/src/crypto/asn1/asn1_lib.c
index 94553b1..774f151 100644
--- a/src/crypto/asn1/asn1_lib.c
+++ b/src/crypto/asn1/asn1_lib.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* Cross-module errors from crypto/x509/i2d_pr.c. */
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE)
@@ -401,7 +404,7 @@
}
str->length = len;
if (data != NULL) {
- memcpy(str->data, data, len);
+ OPENSSL_memcpy(str->data, data, len);
/* an allowance for strings :-) */
str->data[len] = '\0';
}
@@ -452,7 +455,7 @@
i = (a->length - b->length);
if (i == 0) {
- i = memcmp(a->data, b->data, a->length);
+ i = OPENSSL_memcmp(a->data, b->data, a->length);
if (i == 0)
return (a->type - b->type);
else
diff --git a/src/crypto/asn1/tasn_dec.c b/src/crypto/asn1/tasn_dec.c
index dfbd222..40778a8 100644
--- a/src/crypto/asn1/tasn_dec.c
+++ b/src/crypto/asn1/tasn_dec.c
@@ -1108,7 +1108,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(buf->data + len, *p, plen);
+ OPENSSL_memcpy(buf->data + len, *p, plen);
}
*p += plen;
return 1;
diff --git a/src/crypto/asn1/tasn_enc.c b/src/crypto/asn1/tasn_enc.c
index 7c2b365..9286ef6 100644
--- a/src/crypto/asn1/tasn_enc.c
+++ b/src/crypto/asn1/tasn_enc.c
@@ -62,6 +62,9 @@
#include <openssl/asn1t.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
@@ -415,7 +418,7 @@
const DER_ENC *d1 = a, *d2 = b;
int cmplen, i;
cmplen = (d1->length < d2->length) ? d1->length : d2->length;
- i = memcmp(d1->data, d2->data, cmplen);
+ i = OPENSSL_memcmp(d1->data, d2->data, cmplen);
if (i)
return i;
return d1->length - d2->length;
@@ -470,7 +473,7 @@
/* Output sorted DER encoding */
p = *out;
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
- memcpy(p, tder->data, tder->length);
+ OPENSSL_memcpy(p, tder->data, tder->length);
p += tder->length;
}
*out = p;
@@ -660,6 +663,6 @@
}
if (cout && len)
- memcpy(cout, cont, len);
+ OPENSSL_memcpy(cout, cont, len);
return len;
}
diff --git a/src/crypto/asn1/tasn_new.c b/src/crypto/asn1/tasn_new.c
index 232fe46..053b732 100644
--- a/src/crypto/asn1/tasn_new.c
+++ b/src/crypto/asn1/tasn_new.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);
static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
@@ -153,7 +156,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
}
asn1_set_choice_selector(pval, -1, it);
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
@@ -178,7 +181,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
asn1_refcount_set_one(pval, it);
asn1_enc_init(pval, it);
}
diff --git a/src/crypto/asn1/tasn_utl.c b/src/crypto/asn1/tasn_utl.c
index 3f53072..a7516f6 100644
--- a/src/crypto/asn1/tasn_utl.c
+++ b/src/crypto/asn1/tasn_utl.c
@@ -178,7 +178,7 @@
if (!enc->enc) {
return 0;
}
- memcpy(enc->enc, in, inlen);
+ OPENSSL_memcpy(enc->enc, in, inlen);
}
enc->len = inlen;
@@ -195,7 +195,7 @@
return 0;
}
if (out) {
- memcpy(*out, enc->enc, enc->len);
+ OPENSSL_memcpy(*out, enc->enc, enc->len);
*out += enc->len;
}
if (len) {
diff --git a/src/crypto/asn1/x_long.c b/src/crypto/asn1/x_long.c
index bc4d275..b53127a 100644
--- a/src/crypto/asn1/x_long.c
+++ b/src/crypto/asn1/x_long.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Custom primitive type for long handling. This converts between an
* ASN1_INTEGER and a long directly.
@@ -117,7 +120,7 @@
char *cp = (char *)pval;
/* use memcpy, because we may not be long aligned */
- memcpy(<mp, cp, sizeof(long));
+ OPENSSL_memcpy(<mp, cp, sizeof(long));
if (ltmp == it->size)
return -1;
@@ -186,7 +189,7 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
- memcpy(cp, <mp, sizeof(long));
+ OPENSSL_memcpy(cp, <mp, sizeof(long));
return 1;
}
diff --git a/src/crypto/base64/base64.c b/src/crypto/base64/base64.c
index a74c3f5..7afadf7 100644
--- a/src/crypto/base64/base64.c
+++ b/src/crypto/base64/base64.c
@@ -62,6 +62,8 @@
#include <openssl/type_check.h>
+#include "../internal.h"
+
/* Encoding. */
@@ -95,7 +97,7 @@
}
void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
@@ -110,14 +112,14 @@
assert(ctx->data_used < sizeof(ctx->data));
if (sizeof(ctx->data) - ctx->data_used > in_len) {
- memcpy(&ctx->data[ctx->data_used], in, in_len);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, in_len);
ctx->data_used += (unsigned)in_len;
return;
}
if (ctx->data_used != 0) {
const size_t todo = sizeof(ctx->data) - ctx->data_used;
- memcpy(&ctx->data[ctx->data_used], in, todo);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, todo);
in += todo;
in_len -= todo;
@@ -149,7 +151,7 @@
}
if (in_len != 0) {
- memcpy(ctx->data, in, in_len);
+ OPENSSL_memcpy(ctx->data, in, in_len);
}
ctx->data_used = (unsigned)in_len;
@@ -224,7 +226,7 @@
}
void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
/* kBase64ASCIIToBinData maps characters (c < 128) to their base64 value, or
diff --git a/src/crypto/base64/base64_test.cc b/src/crypto/base64/base64_test.cc
index f8af66c..bdf3d9a 100644
--- a/src/crypto/base64/base64_test.cc
+++ b/src/crypto/base64/base64_test.cc
@@ -136,7 +136,7 @@
std::string encoded(RemoveNewlines(t->encoded));
if (len != encoded.size() ||
- memcmp(out, encoded.data(), len) != 0) {
+ OPENSSL_memcmp(out, encoded.data(), len) != 0) {
fprintf(stderr, "encode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->decoded, (int)len, (const char*)out, encoded.c_str());
return false;
@@ -178,7 +178,7 @@
}
if (len != strlen(t->decoded) ||
- memcmp(out, t->decoded, len) != 0) {
+ OPENSSL_memcmp(out, t->decoded, len) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
encoded.c_str(), (int)len, (const char*)out, t->decoded);
return false;
@@ -217,7 +217,7 @@
ret -= 3 - (expected_len % 3);
}
if (static_cast<size_t>(ret) != strlen(t->decoded) ||
- memcmp(out, t->decoded, ret) != 0) {
+ OPENSSL_memcmp(out, t->decoded, ret) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->encoded, ret, (const char*)out, t->decoded);
return false;
@@ -258,7 +258,8 @@
EVP_EncodeFinal(&ctx, out + total, &out_len);
total += out_len;
- if (total != strlen(t->encoded) || memcmp(out, t->encoded, total) != 0) {
+ if (total != strlen(t->encoded) ||
+ OPENSSL_memcmp(out, t->encoded, total) != 0) {
fprintf(stderr, "#%u: EVP_EncodeUpdate produced different output: '%s' (%u)\n",
test_num, out, static_cast<unsigned>(total));
return false;
@@ -287,7 +288,8 @@
fprintf(stderr, "#%u: EVP_DecodeUpdate failed\n", test_num);
return false;
}
- if (total != decoded_len || memcmp(out, t->decoded, decoded_len)) {
+ if (total != decoded_len ||
+ OPENSSL_memcmp(out, t->decoded, decoded_len)) {
fprintf(stderr, "#%u: EVP_DecodeUpdate produced incorrect output\n",
test_num);
return false;
@@ -368,7 +370,7 @@
out_len += bytes_written;
if (out_len != strlen(t->decoded) ||
- memcmp(out.data(), t->decoded, out_len) != 0) {
+ OPENSSL_memcmp(out.data(), t->decoded, out_len) != 0) {
fprintf(stderr, "#%u: incorrect output\n", test_num);
return 0;
}
diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c
index 9619c22..8aad9fb 100644
--- a/src/crypto/bio/bio.c
+++ b/src/crypto/bio/bio.c
@@ -75,7 +75,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BIO));
+ OPENSSL_memset(ret, 0, sizeof(BIO));
ret->method = method;
ret->shutdown = 1;
ret->references = 1;
@@ -488,7 +488,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, prefix, prefix_len);
+ OPENSSL_memcpy(*out, prefix, prefix_len);
size_t done = prefix_len;
for (;;) {
@@ -595,7 +595,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, header, header_len);
+ OPENSSL_memcpy(*out, header, header_len);
if (BIO_read(bio, (*out) + header_len, len - header_len) !=
(int) (len - header_len)) {
OPENSSL_free(*out);
diff --git a/src/crypto/bio/bio_mem.c b/src/crypto/bio/bio_mem.c
index 844fba7..24ed5be 100644
--- a/src/crypto/bio/bio_mem.c
+++ b/src/crypto/bio/bio_mem.c
@@ -63,6 +63,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
BIO *BIO_new_mem_buf(const void *buf, int len) {
BIO *ret;
@@ -144,12 +146,12 @@
}
if (ret > 0) {
- memcpy(out, b->data, ret);
+ OPENSSL_memcpy(out, b->data, ret);
b->length -= ret;
if (bio->flags & BIO_FLAGS_MEM_RDONLY) {
b->data += ret;
} else {
- memmove(b->data, &b->data[ret], b->length);
+ OPENSSL_memmove(b->data, &b->data[ret], b->length);
}
} else if (b->length == 0) {
ret = bio->num;
@@ -180,7 +182,7 @@
if (BUF_MEM_grow_clean(b, blen + inl) != ((size_t) blen) + inl) {
goto err;
}
- memcpy(&b->data[blen], in, inl);
+ OPENSSL_memcpy(&b->data[blen], in, inl);
ret = inl;
err:
@@ -240,7 +242,7 @@
b->data -= b->max - b->length;
b->length = b->max;
} else {
- memset(b->data, 0, b->max);
+ OPENSSL_memset(b->data, 0, b->max);
b->length = 0;
}
}
diff --git a/src/crypto/bio/bio_test.cc b/src/crypto/bio/bio_test.cc
index 4ae6c6e..fbfacf8 100644
--- a/src/crypto/bio/bio_test.cc
+++ b/src/crypto/bio/bio_test.cc
@@ -79,7 +79,7 @@
ScopedSocket listening_sock_closer(listening_sock);
struct sockaddr_in sin;
- memset(&sin, 0, sizeof(sin));
+ OPENSSL_memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) {
PrintSocketError("inet_pton");
@@ -128,7 +128,7 @@
PrintSocketError("read");
return false;
}
- if (memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
+ if (OPENSSL_memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
return false;
}
@@ -152,7 +152,7 @@
fprintf(stderr, "Bad test string length\n");
return false;
}
- memset(string, 'a', sizeof(string));
+ OPENSSL_memset(string, 'a', sizeof(string));
string[kLengths[i]] = '\0';
int ret = BIO_printf(bio.get(), "test %s", string);
@@ -198,8 +198,8 @@
return false;
}
- if (should_succeed &&
- (out_len != expected_len || memcmp(data, out, expected_len) != 0)) {
+ if (should_succeed && (out_len != expected_len ||
+ OPENSSL_memcmp(data, out, expected_len) != 0)) {
return false;
}
@@ -227,8 +227,8 @@
if (!large) {
return false;
}
- memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
- memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
+ OPENSSL_memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
+ OPENSSL_memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
@@ -245,7 +245,7 @@
}
static const uint8_t kIndefPrefix[] = {0x30, 0x80};
- memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
+ OPENSSL_memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
kLargePayloadLen*2)) {
@@ -287,7 +287,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -298,7 +298,7 @@
BIO_write(bio1, "z", 1) != -1 ||
!BIO_should_write(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "1234567890", 10) != 0 ||
+ OPENSSL_memcmp(buf, "1234567890", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -323,10 +323,10 @@
BIO_write(bio1, "67890___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "123", 3) != 0 ||
+ OPENSSL_memcmp(buf, "123", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 3 ||
BIO_read(bio2, buf, sizeof(buf)) != 7 ||
- memcmp(buf, "4567890", 7) != 0 ||
+ OPENSSL_memcmp(buf, "4567890", 7) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -341,12 +341,12 @@
if (BIO_write(bio1, "abcdefgh", 8) != 8 ||
BIO_ctrl_get_write_guarantee(bio1) != 2 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "abc", 3) != 0 ||
+ OPENSSL_memcmp(buf, "abc", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_write(bio1, "ijklm___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "defghijklm", 10) != 0 ||
+ OPENSSL_memcmp(buf, "defghijklm", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -355,9 +355,9 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_write(bio2, "67890", 5) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "67890", 5) != 0) {
+ OPENSSL_memcmp(buf, "67890", 5) != 0) {
return false;
}
@@ -365,7 +365,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
!BIO_shutdown_wr(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 0) {
return false;
}
@@ -385,7 +385,7 @@
// The other end is still functional.
if (BIO_write(bio2, "12345", 5) != 5 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0) {
+ OPENSSL_memcmp(buf, "12345", 5) != 0) {
return false;
}
}
diff --git a/src/crypto/bio/buffer.c b/src/crypto/bio/buffer.c
index 1557451..6190f29 100644
--- a/src/crypto/bio/buffer.c
+++ b/src/crypto/bio/buffer.c
@@ -62,6 +62,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
#define DEFAULT_BUFFER_SIZE 4096
@@ -94,7 +96,7 @@
if (ctx == NULL) {
return 0;
}
- memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
ctx->ibuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
if (ctx->ibuf == NULL) {
@@ -158,7 +160,7 @@
if (i > outl) {
i = outl;
}
- memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
+ OPENSSL_memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
ctx->ibuf_off += i;
ctx->ibuf_len -= i;
num += i;
@@ -222,7 +224,7 @@
i = ctx->obuf_size - (ctx->obuf_off + ctx->obuf_len);
/* add to buffer and return */
if (i >= inl) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
ctx->obuf_len += inl;
return num + inl;
}
@@ -230,7 +232,7 @@
/* stuff already in buffer, so add to it first, then flush */
if (ctx->obuf_len != 0) {
if (i > 0) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
in += i;
inl -= i;
num += i;
@@ -310,22 +312,10 @@
case BIO_CTRL_WPENDING:
ret = (long)ctx->obuf_len;
- if (ret == 0) {
- if (b->next_bio == NULL) {
- return 0;
- }
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- }
break;
case BIO_CTRL_PENDING:
ret = (long)ctx->ibuf_len;
- if (ret == 0) {
- if (b->next_bio == NULL) {
- return 0;
- }
- ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
- }
break;
case BIO_C_SET_BUFF_SIZE:
diff --git a/src/crypto/bio/connect.c b/src/crypto/bio/connect.c
index 7e54447..f6cc837 100644
--- a/src/crypto/bio/connect.c
+++ b/src/crypto/bio/connect.c
@@ -77,6 +77,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
enum {
@@ -298,7 +299,7 @@
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(BIO_CONNECT));
+ OPENSSL_memset(ret, 0, sizeof(BIO_CONNECT));
ret->state = BIO_CONN_S_BEFORE;
return ret;
diff --git a/src/crypto/bio/hexdump.c b/src/crypto/bio/hexdump.c
index 8c35114..d55df62 100644
--- a/src/crypto/bio/hexdump.c
+++ b/src/crypto/bio/hexdump.c
@@ -59,6 +59,8 @@
#include <limits.h>
#include <string.h>
+#include "../internal.h"
+
/* hexdump_ctx contains the state of a hexdump. */
struct hexdump_ctx {
@@ -154,7 +156,7 @@
return 1;
}
- memset(buf, ' ', 4);
+ OPENSSL_memset(buf, ' ', 4);
buf[4] = '|';
for (; ctx->used < 16; ctx->used++) {
@@ -179,7 +181,7 @@
int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len, unsigned indent) {
struct hexdump_ctx ctx;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
ctx.bio = bio;
ctx.indent = indent;
diff --git a/src/crypto/bio/pair.c b/src/crypto/bio/pair.c
index df36343..e933a1d 100644
--- a/src/crypto/bio/pair.c
+++ b/src/crypto/bio/pair.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct bio_bio_st {
BIO *peer; /* NULL if buf == NULL.
@@ -86,7 +88,7 @@
if (b == NULL) {
return 0;
}
- memset(b, 0, sizeof(struct bio_bio_st));
+ OPENSSL_memset(b, 0, sizeof(struct bio_bio_st));
b->size = 17 * 1024; /* enough for one TLS record (just a default) */
bio->ptr = b;
@@ -207,7 +209,7 @@
}
assert(peer_b->offset + chunk <= peer_b->size);
- memcpy(buf, peer_b->buf + peer_b->offset, chunk);
+ OPENSSL_memcpy(buf, peer_b->buf + peer_b->offset, chunk);
peer_b->len -= chunk;
if (peer_b->len) {
@@ -287,7 +289,7 @@
chunk = b->size - write_offset;
}
- memcpy(b->buf + write_offset, buf, chunk);
+ OPENSSL_memcpy(b->buf + write_offset, buf, chunk);
b->len += chunk;
diff --git a/src/crypto/bio/socket_helper.c b/src/crypto/bio/socket_helper.c
index 9500788..268405a 100644
--- a/src/crypto/bio/socket_helper.c
+++ b/src/crypto/bio/socket_helper.c
@@ -33,6 +33,7 @@
#endif
#include "internal.h"
+#include "../internal.h"
int bio_ip_and_port_to_socket_and_addr(int *out_sock,
@@ -45,7 +46,7 @@
*out_sock = -1;
- memset(&hint, 0, sizeof(hint));
+ OPENSSL_memset(&hint, 0, sizeof(hint));
hint.ai_family = AF_UNSPEC;
hint.ai_socktype = SOCK_STREAM;
@@ -62,8 +63,8 @@
if ((size_t) cur->ai_addrlen > sizeof(struct sockaddr_storage)) {
continue;
}
- memset(out_addr, 0, sizeof(struct sockaddr_storage));
- memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
+ OPENSSL_memset(out_addr, 0, sizeof(struct sockaddr_storage));
+ OPENSSL_memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
*out_addr_length = cur->ai_addrlen;
*out_sock = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);
diff --git a/src/crypto/bn/CMakeLists.txt b/src/crypto/bn/CMakeLists.txt
index 49cfe2f..9dd24b4 100644
--- a/src/crypto/bn/CMakeLists.txt
+++ b/src/crypto/bn/CMakeLists.txt
@@ -6,7 +6,6 @@
x86_64-mont.${ASM_EXT}
x86_64-mont5.${ASM_EXT}
- rsaz-x86_64.${ASM_EXT}
rsaz-avx2.${ASM_EXT}
rsaz_exp.c
@@ -69,7 +68,6 @@
perlasm(x86_64-mont.${ASM_EXT} asm/x86_64-mont.pl)
perlasm(x86_64-mont5.${ASM_EXT} asm/x86_64-mont5.pl)
-perlasm(rsaz-x86_64.${ASM_EXT} asm/rsaz-x86_64.pl)
perlasm(rsaz-avx2.${ASM_EXT} asm/rsaz-avx2.pl)
perlasm(bn-586.${ASM_EXT} asm/bn-586.pl)
perlasm(co-586.${ASM_EXT} asm/co-586.pl)
diff --git a/src/crypto/bn/add.c b/src/crypto/bn/add.c
index 23f9f80..cfa3bbe 100644
--- a/src/crypto/bn/add.c
+++ b/src/crypto/bn/add.c
@@ -314,7 +314,7 @@
}
if (dif > 0 && rp != ap) {
- memcpy(rp, ap, sizeof(*rp) * dif);
+ OPENSSL_memcpy(rp, ap, sizeof(*rp) * dif);
}
r->top = max;
diff --git a/src/crypto/bn/asm/rsaz-x86_64.pl b/src/crypto/bn/asm/rsaz-x86_64.pl
deleted file mode 100755
index ac6b5db..0000000
--- a/src/crypto/bn/asm/rsaz-x86_64.pl
+++ /dev/null
@@ -1,2338 +0,0 @@
-#!/usr/bin/env perl
-
-##############################################################################
-# #
-# Copyright (c) 2012, Intel Corporation #
-# #
-# All rights reserved. #
-# #
-# Redistribution and use in source and binary forms, with or without #
-# modification, are permitted provided that the following conditions are #
-# met: #
-# #
-# * Redistributions of source code must retain the above copyright #
-# notice, this list of conditions and the following disclaimer. #
-# #
-# * Redistributions in binary form must reproduce the above copyright #
-# notice, this list of conditions and the following disclaimer in the #
-# documentation and/or other materials provided with the #
-# distribution. #
-# #
-# * Neither the name of the Intel Corporation nor the names of its #
-# contributors may be used to endorse or promote products derived from #
-# this software without specific prior written permission. #
-# #
-# #
-# THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY #
-# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE #
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR #
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR #
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, #
-# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, #
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR #
-# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF #
-# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING #
-# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS #
-# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #
-# #
-##############################################################################
-# Developers and authors: #
-# Shay Gueron (1, 2), and Vlad Krasnov (1) #
-# (1) Intel Architecture Group, Microprocessor and Chipset Development, #
-# Israel Development Center, Haifa, Israel #
-# (2) University of Haifa #
-##############################################################################
-# Reference: #
-# [1] S. Gueron, "Efficient Software Implementations of Modular #
-# Exponentiation", http://eprint.iacr.org/2011/239 #
-# [2] S. Gueron, V. Krasnov. "Speeding up Big-Numbers Squaring". #
-# IEEE Proceedings of 9th International Conference on Information #
-# Technology: New Generations (ITNG 2012), 821-823 (2012). #
-# [3] S. Gueron, Efficient Software Implementations of Modular Exponentiation#
-# Journal of Cryptographic Engineering 2:31-43 (2012). #
-# [4] S. Gueron, V. Krasnov: "[PATCH] Efficient and side channel analysis #
-# resistant 512-bit and 1024-bit modular exponentiation for optimizing #
-# RSA1024 and RSA2048 on x86_64 platforms", #
-# http://rt.openssl.org/Ticket/Display.html?id=2582&user=guest&pass=guest#
-##############################################################################
-
-# While original submission covers 512- and 1024-bit exponentiation,
-# this module is limited to 512-bit version only (and as such
-# accelerates RSA1024 sign). This is because improvement for longer
-# keys is not high enough to justify the effort, highest measured
-# was ~5% on Westmere. [This is relative to OpenSSL 1.0.2, upcoming
-# for the moment of this writing!] Nor does this module implement
-# "monolithic" complete exponentiation jumbo-subroutine, but adheres
-# to more modular mixture of C and assembly. And it's optimized even
-# for processors other than Intel Core family (see table below for
-# improvement coefficients).
-# <appro@openssl.org>
-#
-# RSA1024 sign/sec this/original |this/rsax(*) this/fips(*)
-# ----------------+---------------------------
-# Opteron +13% |+5% +20%
-# Bulldozer -0% |-1% +10%
-# P4 +11% |+7% +8%
-# Westmere +5% |+14% +17%
-# Sandy Bridge +2% |+12% +29%
-# Ivy Bridge +1% |+11% +35%
-# Haswell(**) -0% |+12% +39%
-# Atom +13% |+11% +4%
-# VIA Nano +70% |+9% +25%
-#
-# (*) rsax engine and fips numbers are presented for reference
-# purposes;
-# (**) MULX was attempted, but found to give only marginal improvement;
-
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
-*STDOUT=*OUT;
-
-# In upstream, this is controlled by shelling out to the compiler to check
-# versions, but BoringSSL is intended to be used with pre-generated perlasm
-# output, so this isn't useful anyway.
-#
-# TODO(davidben): Enable this after testing. $addx goes up to 1.
-$addx = 0;
-
-($out, $inp, $mod) = ("%rdi", "%rsi", "%rbp"); # common internal API
-{
-my ($out,$inp,$mod,$n0,$times) = ("%rdi","%rsi","%rdx","%rcx","%r8d");
-
-$code.=<<___;
-.text
-
-.extern OPENSSL_ia32cap_P
-
-.globl rsaz_512_sqr
-.type rsaz_512_sqr,\@function,5
-.align 32
-rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lsqr_body:
- movq $mod, %rbp # common argument
- movq ($inp), %rdx
- movq 8($inp), %rax
- movq $n0, 128(%rsp)
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Loop_sqrx
-___
-$code.=<<___;
- jmp .Loop_sqr
-
-.align 32
-.Loop_sqr:
- movl $times,128+8(%rsp)
-#first iteration
- movq %rdx, %rbx
- mulq %rdx
- movq %rax, %r8
- movq 16($inp), %rax
- movq %rdx, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($inp), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($inp), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($inp), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($inp), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($inp), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq %rbx, %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- addq %r8, %r8 #shlq \$1, %r8
- movq %r9, %rcx
- adcq %r9, %r9 #shld \$1, %r8, %r9
-
- mulq %rax
- movq %rax, (%rsp)
- addq %rdx, %r8
- adcq \$0, %r9
-
- movq %r8, 8(%rsp)
- shrq \$63, %rcx
-
-#second iteration
- movq 8($inp), %r8
- movq 16($inp), %rax
- mulq %r8
- addq %rax, %r10
- movq 24($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r11
- movq 32($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r11
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r12
- movq 40($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r12
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r13
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r13
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r14
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r14
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r8
- addq %rax, %r15
- movq %r8, %rax
- adcq \$0, %rdx
- addq %rbx, %r15
- movq %rdx, %r8
- movq %r10, %rdx
- adcq \$0, %r8
-
- add %rdx, %rdx
- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- movq %r11, %rbx
- adcq %r11, %r11 #shld \$1, %r10, %r11
-
- mulq %rax
- addq %rax, %r9
- adcq %rdx, %r10
- adcq \$0, %r11
-
- movq %r9, 16(%rsp)
- movq %r10, 24(%rsp)
- shrq \$63, %rbx
-
-#third iteration
- movq 16($inp), %r9
- movq 24($inp), %rax
- mulq %r9
- addq %rax, %r12
- movq 32($inp), %rax
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- addq %rax, %r13
- movq 40($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r13
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- addq %rax, %r14
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r14
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- movq %r12, %r10
- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
- addq %rax, %r15
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rcx, %r15
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r9
- shrq \$63, %r10
- addq %rax, %r8
- movq %r9, %rax
- adcq \$0, %rdx
- addq %rcx, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- movq %r13, %rcx
- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
-
- mulq %rax
- addq %rax, %r11
- adcq %rdx, %r12
- adcq \$0, %r13
-
- movq %r11, 32(%rsp)
- movq %r12, 40(%rsp)
- shrq \$63, %rcx
-
-#fourth iteration
- movq 24($inp), %r10
- movq 32($inp), %rax
- mulq %r10
- addq %rax, %r14
- movq 40($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- addq %rax, %r15
- movq 48($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r15
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- movq %r14, %r12
- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
- addq %rax, %r8
- movq 56($inp), %rax
- adcq \$0, %rdx
- addq %rbx, %r8
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r10
- shrq \$63, %r12
- addq %rax, %r9
- movq %r10, %rax
- adcq \$0, %rdx
- addq %rbx, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- movq %r15, %rbx
- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
-
- mulq %rax
- addq %rax, %r13
- adcq %rdx, %r14
- adcq \$0, %r15
-
- movq %r13, 48(%rsp)
- movq %r14, 56(%rsp)
- shrq \$63, %rbx
-
-#fifth iteration
- movq 32($inp), %r11
- movq 40($inp), %rax
- mulq %r11
- addq %rax, %r8
- movq 48($inp), %rax
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r11
- addq %rax, %r9
- movq 56($inp), %rax
- adcq \$0, %rdx
- movq %r8, %r12
- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
- addq %rcx, %r9
- movq %rdx, %rcx
- adcq \$0, %rcx
-
- mulq %r11
- shrq \$63, %r12
- addq %rax, %r10
- movq %r11, %rax
- adcq \$0, %rdx
- addq %rcx, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- movq %r9, %rcx
- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
-
- mulq %rax
- addq %rax, %r15
- adcq %rdx, %r8
- adcq \$0, %r9
-
- movq %r15, 64(%rsp)
- movq %r8, 72(%rsp)
- shrq \$63, %rcx
-
-#sixth iteration
- movq 40($inp), %r12
- movq 48($inp), %rax
- mulq %r12
- addq %rax, %r10
- movq 56($inp), %rax
- movq %rdx, %rbx
- adcq \$0, %rbx
-
- mulq %r12
- addq %rax, %r11
- movq %r12, %rax
- movq %r10, %r15
- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- adcq \$0, %rdx
- shrq \$63, %r15
- addq %rbx, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- movq %r11, %rbx
- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
-
- mulq %rax
- addq %rax, %r9
- adcq %rdx, %r10
- adcq \$0, %r11
-
- movq %r9, 80(%rsp)
- movq %r10, 88(%rsp)
-
-#seventh iteration
- movq 48($inp), %r13
- movq 56($inp), %rax
- mulq %r13
- addq %rax, %r12
- movq %r13, %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- xorq %r14, %r14
- shlq \$1, %rbx
- adcq %r12, %r12 #shld \$1, %rbx, %r12
- adcq %r13, %r13 #shld \$1, %r12, %r13
- adcq %r14, %r14 #shld \$1, %r13, %r14
-
- mulq %rax
- addq %rax, %r11
- adcq %rdx, %r12
- adcq \$0, %r13
-
- movq %r11, 96(%rsp)
- movq %r12, 104(%rsp)
-
-#eighth iteration
- movq 56($inp), %rax
- mulq %rax
- addq %rax, %r13
- adcq \$0, %rdx
-
- addq %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, %rdx
- movq %r9, %rax
- movl 128+8(%rsp), $times
- movq $out, $inp
-
- decl $times
- jnz .Loop_sqr
-___
-if ($addx) {
-$code.=<<___;
- jmp .Lsqr_tail
-
-.align 32
-.Loop_sqrx:
- movl $times,128+8(%rsp)
- movq $out, %xmm0 # off-load
- movq %rbp, %xmm1 # off-load
-#first iteration
- mulx %rax, %r8, %r9
-
- mulx 16($inp), %rcx, %r10
- xor %rbp, %rbp # cf=0, of=0
-
- mulx 24($inp), %rax, %r11
- adcx %rcx, %r9
-
- mulx 32($inp), %rcx, %r12
- adcx %rax, %r10
-
- mulx 40($inp), %rax, %r13
- adcx %rcx, %r11
-
- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
- adcx %rax, %r12
- adcx %rcx, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
- adcx %rax, %r14
- adcx %rbp, %r15 # %rbp is 0
-
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shl \$1, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rdx, %r8
- mov 8($inp), %rdx
- adcx %rbp, %r9
-
- mov %rax, (%rsp)
- mov %r8, 8(%rsp)
-
-#second iteration
- mulx 16($inp), %rax, %rbx
- adox %rax, %r10
- adcx %rbx, %r11
-
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
- adox $out, %r11
- adcx %r8, %r12
-
- mulx 32($inp), %rax, %rbx
- adox %rax, %r12
- adcx %rbx, %r13
-
- mulx 40($inp), $out, %r8
- adox $out, %r13
- adcx %r8, %r14
-
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rbx
- adox %rax, %r14
- adcx %rbx, %r15
-
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
- adox $out, %r15
- adcx %rbp, %r8
- adox %rbp, %r8
-
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp,%ebp
- mulx %rdx, %rax, %rcx
- mov 16($inp), %rdx
- adcx %rax, %r9
- adcx %rcx, %r10
- adcx %rbp, %r11
-
- mov %r9, 16(%rsp)
- .byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
-
-#third iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
- adox $out, %r12
- adcx %r9, %r13
-
- mulx 32($inp), %rax, %rcx
- adox %rax, %r13
- adcx %rcx, %r14
-
- mulx 40($inp), $out, %r9
- adox $out, %r14
- adcx %r9, %r15
-
- .byte 0xc4,0xe2,0xfb,0xf6,0x8e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rcx
- adox %rax, %r15
- adcx %rcx, %r8
-
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
- adox $out, %r8
- adcx %rbp, %r9
- adox %rbp, %r9
-
- mov %r13, %rcx
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
- mov 24($inp), %rdx
- adcx %rbp, %r13
-
- mov %r11, 32(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
-
-#fourth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
- adox %rax, %r14
- adcx %rbx, %r15
-
- mulx 40($inp), $out, %r10
- adox $out, %r15
- adcx %r10, %r8
-
- mulx 48($inp), %rax, %rbx
- adox %rax, %r8
- adcx %rbx, %r9
-
- mulx 56($inp), $out, %r10
- adox $out, %r9
- adcx %rbp, %r10
- adox %rbp, %r10
-
- .byte 0x66
- mov %r15, %rbx
- shld \$1, %r14, %r15
- shld \$1, %rcx, %r14
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r13
- adcx %rdx, %r14
- mov 32($inp), %rdx
- adcx %rbp, %r15
-
- mov %r13, 48(%rsp)
- mov %r14, 56(%rsp)
-
-#fifth iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
- adox $out, %r8
- adcx %r11, %r9
-
- mulx 48($inp), %rax, %rcx
- adox %rax, %r9
- adcx %rcx, %r10
-
- mulx 56($inp), $out, %r11
- adox $out, %r10
- adcx %rbp, %r11
- adox %rbp, %r11
-
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shld \$1, %rbx, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r15
- adcx %rdx, %r8
- mov 40($inp), %rdx
- adcx %rbp, %r9
-
- mov %r15, 64(%rsp)
- mov %r8, 72(%rsp)
-
-#sixth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00 # mulx 48($inp), %rax, %rbx
- adox %rax, %r10
- adcx %rbx, %r11
-
- .byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
- adox $out, %r11
- adcx %rbp, %r12
- adox %rbp, %r12
-
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r9
- adcx %rdx, %r10
- mov 48($inp), %rdx
- adcx %rbp, %r11
-
- mov %r9, 80(%rsp)
- mov %r10, 88(%rsp)
-
-#seventh iteration
- .byte 0xc4,0x62,0xfb,0xf6,0xae,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r13
- adox %rax, %r12
- adox %rbp, %r13
-
- xor %r14, %r14
- shld \$1, %r13, %r14
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
- mov 56($inp), %rdx
- adcx %rbp, %r13
-
- .byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
-
-#eighth iteration
- mulx %rdx, %rax, %rdx
- adox %rax, %r13
- adox %rbp, %rdx
-
- .byte 0x66
- add %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, %rdx
- movq %r9, %rax
- movl 128+8(%rsp), $times
- movq $out, $inp
-
- decl $times
- jnz .Loop_sqrx
-
-.Lsqr_tail:
-___
-}
-$code.=<<___;
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lsqr_epilogue:
- ret
-.size rsaz_512_sqr,.-rsaz_512_sqr
-___
-}
-{
-my ($out,$ap,$bp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx","%r8");
-$code.=<<___;
-.globl rsaz_512_mul
-.type rsaz_512_mul,\@function,5
-.align 32
-rsaz_512_mul:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lmul_body:
- movq $out, %xmm0 # off-load arguments
- movq $mod, %xmm1
- movq $n0, 128(%rsp)
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx
-___
-$code.=<<___;
- movq ($bp), %rbx # pass b[0]
- movq $bp, %rbp # pass argument
- call __rsaz_512_mul
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_tail
-
-.align 32
-.Lmulx:
- movq $bp, %rbp # pass argument
- movq ($bp), %rdx # pass b[0]
- call __rsaz_512_mulx
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-.Lmul_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_epilogue:
- ret
-.size rsaz_512_mul,.-rsaz_512_mul
-___
-}
-{
-my ($out,$ap,$bp,$mod,$n0,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-$code.=<<___;
-.globl rsaz_512_mul_gather4
-.type rsaz_512_mul_gather4,\@function,6
-.align 32
-rsaz_512_mul_gather4:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$`128+24+($win64?0xb0:0)`, %rsp
-___
-$code.=<<___ if ($win64);
- movaps %xmm6,0xa0(%rsp)
- movaps %xmm7,0xb0(%rsp)
- movaps %xmm8,0xc0(%rsp)
- movaps %xmm9,0xd0(%rsp)
- movaps %xmm10,0xe0(%rsp)
- movaps %xmm11,0xf0(%rsp)
- movaps %xmm12,0x100(%rsp)
- movaps %xmm13,0x110(%rsp)
- movaps %xmm14,0x120(%rsp)
- movaps %xmm15,0x130(%rsp)
-___
-$code.=<<___;
-.Lmul_gather4_body:
- movd $pwr,%xmm8
- movdqa .Linc+16(%rip),%xmm1 # 00000002000000020000000200000002
- movdqa .Linc(%rip),%xmm0 # 00000001000000010000000000000000
-
- pshufd \$0,%xmm8,%xmm8 # broadcast $power
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
-___
-########################################################################
-# calculate mask by comparing 0..15 to $power
-#
-for($i=0;$i<4;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
- movdqa %xmm7,%xmm`$i+3`
-___
-}
-for(;$i<7;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
-___
-}
-$code.=<<___;
- pcmpeqd %xmm8,%xmm7
-
- movdqa 16*0($bp),%xmm8
- movdqa 16*1($bp),%xmm9
- movdqa 16*2($bp),%xmm10
- movdqa 16*3($bp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4($bp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5($bp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6($bp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7($bp),%xmm15
- leaq 128($bp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx_gather
-___
-$code.=<<___;
- movq %xmm8,%rbx
-
- movq $n0, 128(%rsp) # off-load arguments
- movq $out, 128+8(%rsp)
- movq $mod, 128+16(%rsp)
-
- movq ($ap), %rax
- movq 8($ap), %rcx
- mulq %rbx # 0 iteration
- movq %rax, (%rsp)
- movq %rcx, %rax
- movq %rdx, %r8
-
- mulq %rbx
- addq %rax, %r8
- movq 16($ap), %rax
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($ap), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($ap), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($ap), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($ap), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($ap), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq ($ap), %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rsp), %rdi
- movl \$7, %ecx
- jmp .Loop_mul_gather
-
-.align 32
-.Loop_mul_gather:
- movdqa 16*0(%rbp),%xmm8
- movdqa 16*1(%rbp),%xmm9
- movdqa 16*2(%rbp),%xmm10
- movdqa 16*3(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7(%rbp),%xmm15
- leaq 128(%rbp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,%rbx
-
- mulq %rbx
- addq %rax, %r8
- movq 8($ap), %rax
- movq %r8, (%rdi)
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16($ap), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24($ap), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32($ap), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40($ap), %rax
- adcq \$0, %rdx
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48($ap), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56($ap), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r15
- movq ($ap), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rdi), %rdi
-
- decl %ecx
- jnz .Loop_mul_gather
-
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, 32(%rdi)
- movq %r13, 40(%rdi)
- movq %r14, 48(%rdi)
- movq %r15, 56(%rdi)
-
- movq 128+8(%rsp), $out
- movq 128+16(%rsp), %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_gather_tail
-
-.align 32
-.Lmulx_gather:
- movq %xmm8,%rdx
-
- mov $n0, 128(%rsp) # off-load arguments
- mov $out, 128+8(%rsp)
- mov $mod, 128+16(%rsp)
-
- mulx ($ap), %rbx, %r8 # 0 iteration
- mov %rbx, (%rsp)
- xor %edi, %edi # cf=0, of=0
-
- mulx 8($ap), %rax, %r9
-
- mulx 16($ap), %rbx, %r10
- adcx %rax, %r8
-
- mulx 24($ap), %rax, %r11
- adcx %rbx, %r9
-
- mulx 32($ap), %rbx, %r12
- adcx %rax, %r10
-
- mulx 40($ap), %rax, %r13
- adcx %rbx, %r11
-
- mulx 48($ap), %rbx, %r14
- adcx %rax, %r12
-
- mulx 56($ap), %rax, %r15
- adcx %rbx, %r13
- adcx %rax, %r14
- .byte 0x67
- mov %r8, %rbx
- adcx %rdi, %r15 # %rdi is 0
-
- mov \$-7, %rcx
- jmp .Loop_mulx_gather
-
-.align 32
-.Loop_mulx_gather:
- movdqa 16*0(%rbp),%xmm8
- movdqa 16*1(%rbp),%xmm9
- movdqa 16*2(%rbp),%xmm10
- movdqa 16*3(%rbp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4(%rbp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5(%rbp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6(%rbp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7(%rbp),%xmm15
- leaq 128(%rbp), %rbp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,%rdx
-
- .byte 0xc4,0x62,0xfb,0xf6,0x86,0x00,0x00,0x00,0x00 # mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- .byte 0xc4,0x62,0xfb,0xf6,0x9e,0x18,0x00,0x00,0x00 # mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- .byte 0x67
- adox %r15, %r14
-
- mulx 56($ap), %rax, %r15
- mov %rbx, 64(%rsp,%rcx,8)
- adcx %rax, %r14
- adox %rdi, %r15
- mov %r8, %rbx
- adcx %rdi, %r15 # cf=0
-
- inc %rcx # of=0
- jnz .Loop_mulx_gather
-
- mov %r8, 64(%rsp)
- mov %r9, 64+8(%rsp)
- mov %r10, 64+16(%rsp)
- mov %r11, 64+24(%rsp)
- mov %r12, 64+32(%rsp)
- mov %r13, 64+40(%rsp)
- mov %r14, 64+48(%rsp)
- mov %r15, 64+56(%rsp)
-
- mov 128(%rsp), %rdx # pull arguments
- mov 128+8(%rsp), $out
- mov 128+16(%rsp), %rbp
-
- mov (%rsp), %r8
- mov 8(%rsp), %r9
- mov 16(%rsp), %r10
- mov 24(%rsp), %r11
- mov 32(%rsp), %r12
- mov 40(%rsp), %r13
- mov 48(%rsp), %r14
- mov 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
-.Lmul_gather_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- leaq 128+24+48(%rsp), %rax
-___
-$code.=<<___ if ($win64);
- movaps 0xa0-0xc8(%rax),%xmm6
- movaps 0xb0-0xc8(%rax),%xmm7
- movaps 0xc0-0xc8(%rax),%xmm8
- movaps 0xd0-0xc8(%rax),%xmm9
- movaps 0xe0-0xc8(%rax),%xmm10
- movaps 0xf0-0xc8(%rax),%xmm11
- movaps 0x100-0xc8(%rax),%xmm12
- movaps 0x110-0xc8(%rax),%xmm13
- movaps 0x120-0xc8(%rax),%xmm14
- movaps 0x130-0xc8(%rax),%xmm15
- lea 0xb0(%rax),%rax
-___
-$code.=<<___;
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_gather4_epilogue:
- ret
-.size rsaz_512_mul_gather4,.-rsaz_512_mul_gather4
-___
-}
-{
-my ($out,$ap,$mod,$n0,$tbl,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-$code.=<<___;
-.globl rsaz_512_mul_scatter4
-.type rsaz_512_mul_scatter4,\@function,6
-.align 32
-rsaz_512_mul_scatter4:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- mov $pwr, $pwr
- subq \$128+24, %rsp
-.Lmul_scatter4_body:
- leaq ($tbl,$pwr,8), $tbl
- movq $out, %xmm0 # off-load arguments
- movq $mod, %xmm1
- movq $tbl, %xmm2
- movq $n0, 128(%rsp)
-
- movq $out, %rbp
-___
-$code.=<<___ if ($addx);
- movl \$0x80100,%r11d
- andl OPENSSL_ia32cap_P+8(%rip),%r11d
- cmpl \$0x80100,%r11d # check for MULX and ADO/CX
- je .Lmulx_scatter
-___
-$code.=<<___;
- movq ($out),%rbx # pass b[0]
- call __rsaz_512_mul
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lmul_scatter_tail
-
-.align 32
-.Lmulx_scatter:
- movq ($out), %rdx # pass b[0]
- call __rsaz_512_mulx
-
- movq %xmm0, $out
- movq %xmm1, %rbp
-
- movq 128(%rsp), %rdx # pull $n0
- movq (%rsp), %r8
- movq 8(%rsp), %r9
- movq 16(%rsp), %r10
- movq 24(%rsp), %r11
- movq 32(%rsp), %r12
- movq 40(%rsp), %r13
- movq 48(%rsp), %r14
- movq 56(%rsp), %r15
-
- call __rsaz_512_reducex
-
-.Lmul_scatter_tail:
-___
-$code.=<<___;
- addq 64(%rsp), %r8
- adcq 72(%rsp), %r9
- adcq 80(%rsp), %r10
- adcq 88(%rsp), %r11
- adcq 96(%rsp), %r12
- adcq 104(%rsp), %r13
- adcq 112(%rsp), %r14
- adcq 120(%rsp), %r15
- movq %xmm2, $inp
- sbbq %rcx, %rcx
-
- call __rsaz_512_subtract
-
- movq %r8, 128*0($inp) # scatter
- movq %r9, 128*1($inp)
- movq %r10, 128*2($inp)
- movq %r11, 128*3($inp)
- movq %r12, 128*4($inp)
- movq %r13, 128*5($inp)
- movq %r14, 128*6($inp)
- movq %r15, 128*7($inp)
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_scatter4_epilogue:
- ret
-.size rsaz_512_mul_scatter4,.-rsaz_512_mul_scatter4
-___
-}
-{
-my ($out,$inp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx");
-$code.=<<___;
-.globl rsaz_512_mul_by_one
-.type rsaz_512_mul_by_one,\@function,4
-.align 32
-rsaz_512_mul_by_one:
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
-
- subq \$128+24, %rsp
-.Lmul_by_one_body:
-___
-$code.=<<___ if ($addx);
- movl OPENSSL_ia32cap_P+8(%rip),%eax
-___
-$code.=<<___;
- movq $mod, %rbp # reassign argument
- movq $n0, 128(%rsp)
-
- movq ($inp), %r8
- pxor %xmm0, %xmm0
- movq 8($inp), %r9
- movq 16($inp), %r10
- movq 24($inp), %r11
- movq 32($inp), %r12
- movq 40($inp), %r13
- movq 48($inp), %r14
- movq 56($inp), %r15
-
- movdqa %xmm0, (%rsp)
- movdqa %xmm0, 16(%rsp)
- movdqa %xmm0, 32(%rsp)
- movdqa %xmm0, 48(%rsp)
- movdqa %xmm0, 64(%rsp)
- movdqa %xmm0, 80(%rsp)
- movdqa %xmm0, 96(%rsp)
-___
-$code.=<<___ if ($addx);
- andl \$0x80100,%eax
- cmpl \$0x80100,%eax # check for MULX and ADO/CX
- je .Lby_one_callx
-___
-$code.=<<___;
- call __rsaz_512_reduce
-___
-$code.=<<___ if ($addx);
- jmp .Lby_one_tail
-.align 32
-.Lby_one_callx:
- movq 128(%rsp), %rdx # pull $n0
- call __rsaz_512_reducex
-.Lby_one_tail:
-___
-$code.=<<___;
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- leaq 128+24+48(%rsp), %rax
- movq -48(%rax), %r15
- movq -40(%rax), %r14
- movq -32(%rax), %r13
- movq -24(%rax), %r12
- movq -16(%rax), %rbp
- movq -8(%rax), %rbx
- leaq (%rax), %rsp
-.Lmul_by_one_epilogue:
- ret
-.size rsaz_512_mul_by_one,.-rsaz_512_mul_by_one
-___
-}
-{ # __rsaz_512_reduce
- #
- # input: %r8-%r15, %rbp - mod, 128(%rsp) - n0
- # output: %r8-%r15
- # clobbers: everything except %rbp and %rdi
-$code.=<<___;
-.type __rsaz_512_reduce,\@abi-omnipotent
-.align 32
-__rsaz_512_reduce:
- movq %r8, %rbx
- imulq 128+8(%rsp), %rbx
- movq 0(%rbp), %rax
- movl \$8, %ecx
- jmp .Lreduction_loop
-
-.align 32
-.Lreduction_loop:
- mulq %rbx
- movq 8(%rbp), %rax
- negq %r8
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16(%rbp), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24(%rbp), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32(%rbp), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq 128+8(%rsp), %rsi
- #movq %rdx, %r11
- #adcq \$0, %r11
- adcq \$0, %rdx
- movq %rdx, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40(%rbp), %rax
- adcq \$0, %rdx
- imulq %r8, %rsi
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48(%rbp), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56(%rbp), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- movq %rsi, %rbx
- addq %rax, %r15
- movq 0(%rbp), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- decl %ecx
- jne .Lreduction_loop
-
- ret
-.size __rsaz_512_reduce,.-__rsaz_512_reduce
-___
-}
-if ($addx) {
- # __rsaz_512_reducex
- #
- # input: %r8-%r15, %rbp - mod, 128(%rsp) - n0
- # output: %r8-%r15
- # clobbers: everything except %rbp and %rdi
-$code.=<<___;
-.type __rsaz_512_reducex,\@abi-omnipotent
-.align 32
-__rsaz_512_reducex:
- #movq 128+8(%rsp), %rdx # pull $n0
- imulq %r8, %rdx
- xorq %rsi, %rsi # cf=0,of=0
- movl \$8, %ecx
- jmp .Lreduction_loopx
-
-.align 32
-.Lreduction_loopx:
- mov %r8, %rbx
- mulx 0(%rbp), %rax, %r8
- adcx %rbx, %rax
- adox %r9, %r8
-
- mulx 8(%rbp), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16(%rbp), %rbx, %r10
- adcx %rbx, %r9
- adox %r11, %r10
-
- mulx 24(%rbp), %rbx, %r11
- adcx %rbx, %r10
- adox %r12, %r11
-
- .byte 0xc4,0x62,0xe3,0xf6,0xa5,0x20,0x00,0x00,0x00 # mulx 32(%rbp), %rbx, %r12
- mov %rdx, %rax
- mov %r8, %rdx
- adcx %rbx, %r11
- adox %r13, %r12
-
- mulx 128+8(%rsp), %rbx, %rdx
- mov %rax, %rdx
-
- mulx 40(%rbp), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb5,0x30,0x00,0x00,0x00 # mulx 48(%rbp), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- mulx 56(%rbp), %rax, %r15
- mov %rbx, %rdx
- adcx %rax, %r14
- adox %rsi, %r15 # %rsi is 0
- adcx %rsi, %r15 # cf=0
-
- decl %ecx # of=0
- jne .Lreduction_loopx
-
- ret
-.size __rsaz_512_reducex,.-__rsaz_512_reducex
-___
-}
-{ # __rsaz_512_subtract
- # input: %r8-%r15, %rdi - $out, %rbp - $mod, %rcx - mask
- # output:
- # clobbers: everything but %rdi, %rsi and %rbp
-$code.=<<___;
-.type __rsaz_512_subtract,\@abi-omnipotent
-.align 32
-__rsaz_512_subtract:
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- movq 0($mod), %r8
- movq 8($mod), %r9
- negq %r8
- notq %r9
- andq %rcx, %r8
- movq 16($mod), %r10
- andq %rcx, %r9
- notq %r10
- movq 24($mod), %r11
- andq %rcx, %r10
- notq %r11
- movq 32($mod), %r12
- andq %rcx, %r11
- notq %r12
- movq 40($mod), %r13
- andq %rcx, %r12
- notq %r13
- movq 48($mod), %r14
- andq %rcx, %r13
- notq %r14
- movq 56($mod), %r15
- andq %rcx, %r14
- notq %r15
- andq %rcx, %r15
-
- addq ($out), %r8
- adcq 8($out), %r9
- adcq 16($out), %r10
- adcq 24($out), %r11
- adcq 32($out), %r12
- adcq 40($out), %r13
- adcq 48($out), %r14
- adcq 56($out), %r15
-
- movq %r8, ($out)
- movq %r9, 8($out)
- movq %r10, 16($out)
- movq %r11, 24($out)
- movq %r12, 32($out)
- movq %r13, 40($out)
- movq %r14, 48($out)
- movq %r15, 56($out)
-
- ret
-.size __rsaz_512_subtract,.-__rsaz_512_subtract
-___
-}
-{ # __rsaz_512_mul
- #
- # input: %rsi - ap, %rbp - bp
- # ouput:
- # clobbers: everything
-my ($ap,$bp) = ("%rsi","%rbp");
-$code.=<<___;
-.type __rsaz_512_mul,\@abi-omnipotent
-.align 32
-__rsaz_512_mul:
- leaq 8(%rsp), %rdi
-
- movq ($ap), %rax
- mulq %rbx
- movq %rax, (%rdi)
- movq 8($ap), %rax
- movq %rdx, %r8
-
- mulq %rbx
- addq %rax, %r8
- movq 16($ap), %rax
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r9
- movq 24($ap), %rax
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r10
- movq 32($ap), %rax
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r11
- movq 40($ap), %rax
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r12
- movq 48($ap), %rax
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r13
- movq 56($ap), %rax
- movq %rdx, %r14
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r14
- movq ($ap), %rax
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8($bp), $bp
- leaq 8(%rdi), %rdi
-
- movl \$7, %ecx
- jmp .Loop_mul
-
-.align 32
-.Loop_mul:
- movq ($bp), %rbx
- mulq %rbx
- addq %rax, %r8
- movq 8($ap), %rax
- movq %r8, (%rdi)
- movq %rdx, %r8
- adcq \$0, %r8
-
- mulq %rbx
- addq %rax, %r9
- movq 16($ap), %rax
- adcq \$0, %rdx
- addq %r9, %r8
- movq %rdx, %r9
- adcq \$0, %r9
-
- mulq %rbx
- addq %rax, %r10
- movq 24($ap), %rax
- adcq \$0, %rdx
- addq %r10, %r9
- movq %rdx, %r10
- adcq \$0, %r10
-
- mulq %rbx
- addq %rax, %r11
- movq 32($ap), %rax
- adcq \$0, %rdx
- addq %r11, %r10
- movq %rdx, %r11
- adcq \$0, %r11
-
- mulq %rbx
- addq %rax, %r12
- movq 40($ap), %rax
- adcq \$0, %rdx
- addq %r12, %r11
- movq %rdx, %r12
- adcq \$0, %r12
-
- mulq %rbx
- addq %rax, %r13
- movq 48($ap), %rax
- adcq \$0, %rdx
- addq %r13, %r12
- movq %rdx, %r13
- adcq \$0, %r13
-
- mulq %rbx
- addq %rax, %r14
- movq 56($ap), %rax
- adcq \$0, %rdx
- addq %r14, %r13
- movq %rdx, %r14
- leaq 8($bp), $bp
- adcq \$0, %r14
-
- mulq %rbx
- addq %rax, %r15
- movq ($ap), %rax
- adcq \$0, %rdx
- addq %r15, %r14
- movq %rdx, %r15
- adcq \$0, %r15
-
- leaq 8(%rdi), %rdi
-
- decl %ecx
- jnz .Loop_mul
-
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, 32(%rdi)
- movq %r13, 40(%rdi)
- movq %r14, 48(%rdi)
- movq %r15, 56(%rdi)
-
- ret
-.size __rsaz_512_mul,.-__rsaz_512_mul
-___
-}
-if ($addx) {
- # __rsaz_512_mulx
- #
- # input: %rsi - ap, %rbp - bp
- # ouput:
- # clobbers: everything
-my ($ap,$bp,$zero) = ("%rsi","%rbp","%rdi");
-$code.=<<___;
-.type __rsaz_512_mulx,\@abi-omnipotent
-.align 32
-__rsaz_512_mulx:
- mulx ($ap), %rbx, %r8 # initial %rdx preloaded by caller
- mov \$-6, %rcx
-
- mulx 8($ap), %rax, %r9
- movq %rbx, 8(%rsp)
-
- mulx 16($ap), %rbx, %r10
- adc %rax, %r8
-
- mulx 24($ap), %rax, %r11
- adc %rbx, %r9
-
- mulx 32($ap), %rbx, %r12
- adc %rax, %r10
-
- mulx 40($ap), %rax, %r13
- adc %rbx, %r11
-
- mulx 48($ap), %rbx, %r14
- adc %rax, %r12
-
- mulx 56($ap), %rax, %r15
- mov 8($bp), %rdx
- adc %rbx, %r13
- adc %rax, %r14
- adc \$0, %r15
-
- xor $zero, $zero # cf=0,of=0
- jmp .Loop_mulx
-
-.align 32
-.Loop_mulx:
- movq %r8, %rbx
- mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- .byte 0x3e,0xc4,0x62,0xfb,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- mulx 56($ap), %rax, %r15
- movq 64($bp,%rcx,8), %rdx
- movq %rbx, 8+64-8(%rsp,%rcx,8)
- adcx %rax, %r14
- adox $zero, %r15
- adcx $zero, %r15 # cf=0
-
- inc %rcx # of=0
- jnz .Loop_mulx
-
- movq %r8, %rbx
- mulx ($ap), %rax, %r8
- adcx %rax, %rbx
- adox %r9, %r8
-
- .byte 0xc4,0x62,0xfb,0xf6,0x8e,0x08,0x00,0x00,0x00 # mulx 8($ap), %rax, %r9
- adcx %rax, %r8
- adox %r10, %r9
-
- .byte 0xc4,0x62,0xfb,0xf6,0x96,0x10,0x00,0x00,0x00 # mulx 16($ap), %rax, %r10
- adcx %rax, %r9
- adox %r11, %r10
-
- mulx 24($ap), %rax, %r11
- adcx %rax, %r10
- adox %r12, %r11
-
- mulx 32($ap), %rax, %r12
- adcx %rax, %r11
- adox %r13, %r12
-
- mulx 40($ap), %rax, %r13
- adcx %rax, %r12
- adox %r14, %r13
-
- .byte 0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($ap), %rax, %r14
- adcx %rax, %r13
- adox %r15, %r14
-
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($ap), %rax, %r15
- adcx %rax, %r14
- adox $zero, %r15
- adcx $zero, %r15
-
- mov %rbx, 8+64-8(%rsp)
- mov %r8, 8+64(%rsp)
- mov %r9, 8+64+8(%rsp)
- mov %r10, 8+64+16(%rsp)
- mov %r11, 8+64+24(%rsp)
- mov %r12, 8+64+32(%rsp)
- mov %r13, 8+64+40(%rsp)
- mov %r14, 8+64+48(%rsp)
- mov %r15, 8+64+56(%rsp)
-
- ret
-.size __rsaz_512_mulx,.-__rsaz_512_mulx
-___
-}
-{
-my ($out,$inp,$power)= $win64 ? ("%rcx","%rdx","%r8d") : ("%rdi","%rsi","%edx");
-$code.=<<___;
-.globl rsaz_512_scatter4
-.type rsaz_512_scatter4,\@abi-omnipotent
-.align 16
-rsaz_512_scatter4:
- leaq ($out,$power,8), $out
- movl \$8, %r9d
- jmp .Loop_scatter
-.align 16
-.Loop_scatter:
- movq ($inp), %rax
- leaq 8($inp), $inp
- movq %rax, ($out)
- leaq 128($out), $out
- decl %r9d
- jnz .Loop_scatter
- ret
-.size rsaz_512_scatter4,.-rsaz_512_scatter4
-
-.globl rsaz_512_gather4
-.type rsaz_512_gather4,\@abi-omnipotent
-.align 16
-rsaz_512_gather4:
-___
-$code.=<<___ if ($win64);
-.LSEH_begin_rsaz_512_gather4:
- .byte 0x48,0x81,0xec,0xa8,0x00,0x00,0x00 # sub $0xa8,%rsp
- .byte 0x0f,0x29,0x34,0x24 # movaps %xmm6,(%rsp)
- .byte 0x0f,0x29,0x7c,0x24,0x10 # movaps %xmm7,0x10(%rsp)
- .byte 0x44,0x0f,0x29,0x44,0x24,0x20 # movaps %xmm8,0x20(%rsp)
- .byte 0x44,0x0f,0x29,0x4c,0x24,0x30 # movaps %xmm9,0x30(%rsp)
- .byte 0x44,0x0f,0x29,0x54,0x24,0x40 # movaps %xmm10,0x40(%rsp)
- .byte 0x44,0x0f,0x29,0x5c,0x24,0x50 # movaps %xmm11,0x50(%rsp)
- .byte 0x44,0x0f,0x29,0x64,0x24,0x60 # movaps %xmm12,0x60(%rsp)
- .byte 0x44,0x0f,0x29,0x6c,0x24,0x70 # movaps %xmm13,0x70(%rsp)
- .byte 0x44,0x0f,0x29,0xb4,0x24,0x80,0,0,0 # movaps %xmm14,0x80(%rsp)
- .byte 0x44,0x0f,0x29,0xbc,0x24,0x90,0,0,0 # movaps %xmm15,0x90(%rsp)
-___
-$code.=<<___;
- movd $power,%xmm8
- movdqa .Linc+16(%rip),%xmm1 # 00000002000000020000000200000002
- movdqa .Linc(%rip),%xmm0 # 00000001000000010000000000000000
-
- pshufd \$0,%xmm8,%xmm8 # broadcast $power
- movdqa %xmm1,%xmm7
- movdqa %xmm1,%xmm2
-___
-########################################################################
-# calculate mask by comparing 0..15 to $power
-#
-for($i=0;$i<4;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
- movdqa %xmm7,%xmm`$i+3`
-___
-}
-for(;$i<7;$i++) {
-$code.=<<___;
- paddd %xmm`$i`,%xmm`$i+1`
- pcmpeqd %xmm8,%xmm`$i`
-___
-}
-$code.=<<___;
- pcmpeqd %xmm8,%xmm7
- movl \$8, %r9d
- jmp .Loop_gather
-.align 16
-.Loop_gather:
- movdqa 16*0($inp),%xmm8
- movdqa 16*1($inp),%xmm9
- movdqa 16*2($inp),%xmm10
- movdqa 16*3($inp),%xmm11
- pand %xmm0,%xmm8
- movdqa 16*4($inp),%xmm12
- pand %xmm1,%xmm9
- movdqa 16*5($inp),%xmm13
- pand %xmm2,%xmm10
- movdqa 16*6($inp),%xmm14
- pand %xmm3,%xmm11
- movdqa 16*7($inp),%xmm15
- leaq 128($inp), $inp
- pand %xmm4,%xmm12
- pand %xmm5,%xmm13
- pand %xmm6,%xmm14
- pand %xmm7,%xmm15
- por %xmm10,%xmm8
- por %xmm11,%xmm9
- por %xmm12,%xmm8
- por %xmm13,%xmm9
- por %xmm14,%xmm8
- por %xmm15,%xmm9
-
- por %xmm9,%xmm8
- pshufd \$0x4e,%xmm8,%xmm9
- por %xmm9,%xmm8
- movq %xmm8,($out)
- leaq 8($out), $out
- decl %r9d
- jnz .Loop_gather
-___
-$code.=<<___ if ($win64);
- movaps 0x00(%rsp),%xmm6
- movaps 0x10(%rsp),%xmm7
- movaps 0x20(%rsp),%xmm8
- movaps 0x30(%rsp),%xmm9
- movaps 0x40(%rsp),%xmm10
- movaps 0x50(%rsp),%xmm11
- movaps 0x60(%rsp),%xmm12
- movaps 0x70(%rsp),%xmm13
- movaps 0x80(%rsp),%xmm14
- movaps 0x90(%rsp),%xmm15
- add \$0xa8,%rsp
-___
-$code.=<<___;
- ret
-.LSEH_end_rsaz_512_gather4:
-.size rsaz_512_gather4,.-rsaz_512_gather4
-
-.align 64
-.Linc:
- .long 0,0, 1,1
- .long 2,2, 2,2
-___
-}
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-# CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-.type se_handler,\@abi-omnipotent
-.align 16
-se_handler:
- push %rsi
- push %rdi
- push %rbx
- push %rbp
- push %r12
- push %r13
- push %r14
- push %r15
- pushfq
- sub \$64,%rsp
-
- mov 120($context),%rax # pull context->Rax
- mov 248($context),%rbx # pull context->Rip
-
- mov 8($disp),%rsi # disp->ImageBase
- mov 56($disp),%r11 # disp->HandlerData
-
- mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # end of prologue label
- cmp %r10,%rbx # context->Rip<end of prologue label
- jb .Lcommon_seh_tail
-
- mov 152($context),%rax # pull context->Rsp
-
- mov 4(%r11),%r10d # HandlerData[1]
- lea (%rsi,%r10),%r10 # epilogue label
- cmp %r10,%rbx # context->Rip>=epilogue label
- jae .Lcommon_seh_tail
-
- lea 128+24+48(%rax),%rax
-
- lea .Lmul_gather4_epilogue(%rip),%rbx
- cmp %r10,%rbx
- jne .Lse_not_in_mul_gather4
-
- lea 0xb0(%rax),%rax
-
- lea -48-0xa8(%rax),%rsi
- lea 512($context),%rdi
- mov \$20,%ecx
- .long 0xa548f3fc # cld; rep movsq
-
-.Lse_not_in_mul_gather4:
- mov -8(%rax),%rbx
- mov -16(%rax),%rbp
- mov -24(%rax),%r12
- mov -32(%rax),%r13
- mov -40(%rax),%r14
- mov -48(%rax),%r15
- mov %rbx,144($context) # restore context->Rbx
- mov %rbp,160($context) # restore context->Rbp
- mov %r12,216($context) # restore context->R12
- mov %r13,224($context) # restore context->R13
- mov %r14,232($context) # restore context->R14
- mov %r15,240($context) # restore context->R15
-
-.Lcommon_seh_tail:
- mov 8(%rax),%rdi
- mov 16(%rax),%rsi
- mov %rax,152($context) # restore context->Rsp
- mov %rsi,168($context) # restore context->Rsi
- mov %rdi,176($context) # restore context->Rdi
-
- mov 40($disp),%rdi # disp->ContextRecord
- mov $context,%rsi # context
- mov \$154,%ecx # sizeof(CONTEXT)
- .long 0xa548f3fc # cld; rep movsq
-
- mov $disp,%rsi
- xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
- mov 8(%rsi),%rdx # arg2, disp->ImageBase
- mov 0(%rsi),%r8 # arg3, disp->ControlPc
- mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
- mov 40(%rsi),%r10 # disp->ContextRecord
- lea 56(%rsi),%r11 # &disp->HandlerData
- lea 24(%rsi),%r12 # &disp->EstablisherFrame
- mov %r10,32(%rsp) # arg5
- mov %r11,40(%rsp) # arg6
- mov %r12,48(%rsp) # arg7
- mov %rcx,56(%rsp) # arg8, (NULL)
- call *__imp_RtlVirtualUnwind(%rip)
-
- mov \$1,%eax # ExceptionContinueSearch
- add \$64,%rsp
- popfq
- pop %r15
- pop %r14
- pop %r13
- pop %r12
- pop %rbp
- pop %rbx
- pop %rdi
- pop %rsi
- ret
-.size se_handler,.-se_handler
-
-.section .pdata
-.align 4
- .rva .LSEH_begin_rsaz_512_sqr
- .rva .LSEH_end_rsaz_512_sqr
- .rva .LSEH_info_rsaz_512_sqr
-
- .rva .LSEH_begin_rsaz_512_mul
- .rva .LSEH_end_rsaz_512_mul
- .rva .LSEH_info_rsaz_512_mul
-
- .rva .LSEH_begin_rsaz_512_mul_gather4
- .rva .LSEH_end_rsaz_512_mul_gather4
- .rva .LSEH_info_rsaz_512_mul_gather4
-
- .rva .LSEH_begin_rsaz_512_mul_scatter4
- .rva .LSEH_end_rsaz_512_mul_scatter4
- .rva .LSEH_info_rsaz_512_mul_scatter4
-
- .rva .LSEH_begin_rsaz_512_mul_by_one
- .rva .LSEH_end_rsaz_512_mul_by_one
- .rva .LSEH_info_rsaz_512_mul_by_one
-
- .rva .LSEH_begin_rsaz_512_gather4
- .rva .LSEH_end_rsaz_512_gather4
- .rva .LSEH_info_rsaz_512_gather4
-
-.section .xdata
-.align 8
-.LSEH_info_rsaz_512_sqr:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lsqr_body,.Lsqr_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_body,.Lmul_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_gather4:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_gather4_body,.Lmul_gather4_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_scatter4:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_scatter4_body,.Lmul_scatter4_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_mul_by_one:
- .byte 9,0,0,0
- .rva se_handler
- .rva .Lmul_by_one_body,.Lmul_by_one_epilogue # HandlerData[]
-.LSEH_info_rsaz_512_gather4:
- .byte 0x01,0x46,0x16,0x00
- .byte 0x46,0xf8,0x09,0x00 # vmovaps 0x90(rsp),xmm15
- .byte 0x3d,0xe8,0x08,0x00 # vmovaps 0x80(rsp),xmm14
- .byte 0x34,0xd8,0x07,0x00 # vmovaps 0x70(rsp),xmm13
- .byte 0x2e,0xc8,0x06,0x00 # vmovaps 0x60(rsp),xmm12
- .byte 0x28,0xb8,0x05,0x00 # vmovaps 0x50(rsp),xmm11
- .byte 0x22,0xa8,0x04,0x00 # vmovaps 0x40(rsp),xmm10
- .byte 0x1c,0x98,0x03,0x00 # vmovaps 0x30(rsp),xmm9
- .byte 0x16,0x88,0x02,0x00 # vmovaps 0x20(rsp),xmm8
- .byte 0x10,0x78,0x01,0x00 # vmovaps 0x10(rsp),xmm7
- .byte 0x0b,0x68,0x00,0x00 # vmovaps 0x00(rsp),xmm6
- .byte 0x07,0x01,0x15,0x00 # sub rsp,0xa8
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/src/crypto/bn/bn.c b/src/crypto/bn/bn.c
index 87d81d2..31bb937 100644
--- a/src/crypto/bn/bn.c
+++ b/src/crypto/bn/bn.c
@@ -73,14 +73,14 @@
return NULL;
}
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
bn->flags = BN_FLG_MALLOCED;
return bn;
}
void BN_init(BIGNUM *bn) {
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
}
void BN_free(BIGNUM *bn) {
@@ -149,7 +149,7 @@
return NULL;
}
- memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
+ OPENSSL_memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
dest->top = src->top;
dest->neg = src->neg;
@@ -158,7 +158,7 @@
void BN_clear(BIGNUM *bn) {
if (bn->d != NULL) {
- memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
+ OPENSSL_memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
}
bn->top = 0;
@@ -173,7 +173,7 @@
}
void BN_with_flags(BIGNUM *out, const BIGNUM *in, int flags) {
- memcpy(out, in, sizeof(BIGNUM));
+ OPENSSL_memcpy(out, in, sizeof(BIGNUM));
out->flags &= ~BN_FLG_MALLOCED;
out->flags |= BN_FLG_STATIC_DATA | flags;
}
@@ -292,7 +292,7 @@
if (bn_wexpand(bn, num) == NULL) {
return 0;
}
- memmove(bn->d, words, num * sizeof(BN_ULONG));
+ OPENSSL_memmove(bn->d, words, num * sizeof(BN_ULONG));
/* |bn_wexpand| verified that |num| isn't too large. */
bn->top = (int)num;
bn_correct_top(bn);
@@ -335,7 +335,7 @@
return NULL;
}
- memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
+ OPENSSL_memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
OPENSSL_free(bn->d);
bn->d = a;
diff --git a/src/crypto/bn/bn_test.cc b/src/crypto/bn/bn_test.cc
index 044af5f..4f544a7 100644
--- a/src/crypto/bn/bn_test.cc
+++ b/src/crypto/bn/bn_test.cc
@@ -680,7 +680,7 @@
static bool TestBN2BinPadded(BN_CTX *ctx) {
uint8_t zeros[256], out[256], reference[128];
- memset(zeros, 0, sizeof(zeros));
+ OPENSSL_memset(zeros, 0, sizeof(zeros));
// Test edge case at 0.
bssl::UniquePtr<BIGNUM> n(BN_new());
@@ -689,13 +689,13 @@
"BN_bn2bin_padded failed to encode 0 in an empty buffer.\n");
return false;
}
- memset(out, -1, sizeof(out));
+ OPENSSL_memset(out, -1, sizeof(out));
if (!BN_bn2bin_padded(out, sizeof(out), n.get())) {
fprintf(stderr,
"BN_bn2bin_padded failed to encode 0 in a non-empty buffer.\n");
return false;
}
- if (memcmp(zeros, out, sizeof(out))) {
+ if (OPENSSL_memcmp(zeros, out, sizeof(out))) {
fprintf(stderr, "BN_bn2bin_padded did not zero buffer.\n");
return false;
}
@@ -724,20 +724,21 @@
}
// Exactly right size should encode.
if (!BN_bn2bin_padded(out, bytes, n.get()) ||
- memcmp(out, reference, bytes) != 0) {
+ OPENSSL_memcmp(out, reference, bytes) != 0) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up one byte extra.
if (!BN_bn2bin_padded(out, bytes + 1, n.get()) ||
- memcmp(out + 1, reference, bytes) || memcmp(out, zeros, 1)) {
+ OPENSSL_memcmp(out + 1, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, 1)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up to 256.
if (!BN_bn2bin_padded(out, sizeof(out), n.get()) ||
- memcmp(out + sizeof(out) - bytes, reference, bytes) ||
- memcmp(out, zeros, sizeof(out) - bytes)) {
+ OPENSSL_memcmp(out + sizeof(out) - bytes, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, sizeof(out) - bytes)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
@@ -746,6 +747,82 @@
return true;
}
+static bool TestLittleEndian() {
+ bssl::UniquePtr<BIGNUM> x(BN_new());
+ bssl::UniquePtr<BIGNUM> y(BN_new());
+ if (!x || !y) {
+ fprintf(stderr, "BN_new failed to malloc.\n");
+ return false;
+ }
+
+ // Test edge case at 0. Fill |out| with garbage to ensure |BN_bn2le_padded|
+ // wrote the result.
+ uint8_t out[256], zeros[256];
+ OPENSSL_memset(out, -1, sizeof(out));
+ OPENSSL_memset(zeros, 0, sizeof(zeros));
+ if (!BN_bn2le_padded(out, sizeof(out), x.get()) ||
+ OPENSSL_memcmp(zeros, out, sizeof(out))) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode 0.\n");
+ return false;
+ }
+
+ if (!BN_le2bn(out, sizeof(out), y.get()) ||
+ BN_cmp(x.get(), y.get()) != 0) {
+ fprintf(stderr, "BN_le2bn failed to decode 0 correctly.\n");
+ return false;
+ }
+
+ // Test random numbers at various byte lengths.
+ for (size_t bytes = 128 - 7; bytes <= 128; bytes++) {
+ if (!BN_rand(x.get(), bytes * 8, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) {
+ ERR_print_errors_fp(stderr);
+ return false;
+ }
+
+ // Fill |out| with garbage to ensure |BN_bn2le_padded| wrote the result.
+ OPENSSL_memset(out, -1, sizeof(out));
+ if (!BN_bn2le_padded(out, sizeof(out), x.get())) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode random value.\n");
+ return false;
+ }
+
+ // Compute the expected value by reversing the big-endian output.
+ uint8_t expected[sizeof(out)];
+ if (!BN_bn2bin_padded(expected, sizeof(expected), x.get())) {
+ return false;
+ }
+ for (size_t i = 0; i < sizeof(expected) / 2; i++) {
+ uint8_t tmp = expected[i];
+ expected[i] = expected[sizeof(expected) - 1 - i];
+ expected[sizeof(expected) - 1 - i] = tmp;
+ }
+
+ if (OPENSSL_memcmp(expected, out, sizeof(out))) {
+ fprintf(stderr, "BN_bn2le_padded failed to encode value correctly.\n");
+ hexdump(stderr, "Expected: ", expected, sizeof(expected));
+ hexdump(stderr, "Got: ", out, sizeof(out));
+ return false;
+ }
+
+ // Make sure the decoding produces the same BIGNUM.
+ if (!BN_le2bn(out, bytes, y.get()) ||
+ BN_cmp(x.get(), y.get()) != 0) {
+ bssl::UniquePtr<char> x_hex(BN_bn2hex(x.get())),
+ y_hex(BN_bn2hex(y.get()));
+ if (!x_hex || !y_hex) {
+ return false;
+ }
+ fprintf(stderr, "BN_le2bn failed to decode value correctly.\n");
+ fprintf(stderr, "Expected: %s\n", x_hex.get());
+ hexdump(stderr, "Encoding: ", out, bytes);
+ fprintf(stderr, "Got: %s\n", y_hex.get());
+ return false;
+ }
+ }
+
+ return true;
+}
+
static int DecimalToBIGNUM(bssl::UniquePtr<BIGNUM> *out, const char *in) {
BIGNUM *raw = NULL;
int ret = BN_dec2bn(&raw, in);
@@ -922,7 +999,7 @@
}
if (mpi_len != test.mpi_len ||
- memcmp(test.mpi, scratch, mpi_len) != 0) {
+ OPENSSL_memcmp(test.mpi, scratch, mpi_len) != 0) {
fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i);
hexdump(stderr, "Expected: ", test.mpi, test.mpi_len);
hexdump(stderr, "Got: ", scratch, mpi_len);
@@ -1062,7 +1139,8 @@
}
bssl::UniquePtr<uint8_t> delete_der(der);
if (der_len != test.der_len ||
- memcmp(der, reinterpret_cast<const uint8_t*>(test.der), der_len) != 0) {
+ OPENSSL_memcmp(der, reinterpret_cast<const uint8_t *>(test.der),
+ der_len) != 0) {
fprintf(stderr, "Bad serialization.\n");
return false;
}
@@ -1173,42 +1251,35 @@
return false;
}
- for (int consttime = 0; consttime < 2; consttime++) {
- bssl::UniquePtr<BIGNUM> numerator(BN_new()), denominator(BN_new());
- if (!numerator || !denominator) {
- return false;
- }
+ bssl::UniquePtr<BIGNUM> numerator(BN_new()), denominator(BN_new());
+ if (!numerator || !denominator) {
+ return false;
+ }
- if (consttime) {
- BN_set_flags(numerator.get(), BN_FLG_CONSTTIME);
- BN_set_flags(denominator.get(), BN_FLG_CONSTTIME);
- }
+ // Test that BN_div never gives negative zero in the quotient.
+ if (!BN_set_word(numerator.get(), 1) ||
+ !BN_set_word(denominator.get(), 2)) {
+ return false;
+ }
+ BN_set_negative(numerator.get(), 1);
+ if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
+ return false;
+ }
+ if (!BN_is_zero(a.get()) || BN_is_negative(a.get())) {
+ fprintf(stderr, "Incorrect quotient.\n");
+ return false;
+ }
- // Test that BN_div never gives negative zero in the quotient.
- if (!BN_set_word(numerator.get(), 1) ||
- !BN_set_word(denominator.get(), 2)) {
- return false;
- }
- BN_set_negative(numerator.get(), 1);
- if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
- return false;
- }
- if (!BN_is_zero(a.get()) || BN_is_negative(a.get())) {
- fprintf(stderr, "Incorrect quotient (consttime = %d).\n", consttime);
- return false;
- }
-
- // Test that BN_div never gives negative zero in the remainder.
- if (!BN_set_word(denominator.get(), 1)) {
- return false;
- }
- if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
- return false;
- }
- if (!BN_is_zero(b.get()) || BN_is_negative(b.get())) {
- fprintf(stderr, "Incorrect remainder (consttime = %d).\n", consttime);
- return false;
- }
+ // Test that BN_div never gives negative zero in the remainder.
+ if (!BN_set_word(denominator.get(), 1)) {
+ return false;
+ }
+ if (!BN_div(a.get(), b.get(), numerator.get(), denominator.get(), ctx)) {
+ return false;
+ }
+ if (!BN_is_zero(b.get()) || BN_is_negative(b.get())) {
+ fprintf(stderr, "Incorrect remainder.\n");
+ return false;
}
// Test that BN_set_negative will not produce a negative zero.
@@ -1500,7 +1571,7 @@
return true;
}
-static bool TestBNSetU64() {
+static bool TestBNSetGetU64() {
static const struct {
const char *hex;
uint64_t value;
@@ -1522,6 +1593,36 @@
ERR_print_errors_fp(stderr);
return false;
}
+
+ uint64_t tmp;
+ if (!BN_get_u64(bn.get(), &tmp) || tmp != test.value) {
+ fprintf(stderr, "BN_get_u64 test failed for 0x%s.\n", test.hex);
+ return false;
+ }
+
+ BN_set_negative(bn.get(), 1);
+ if (!BN_get_u64(bn.get(), &tmp) || tmp != test.value) {
+ fprintf(stderr, "BN_get_u64 test failed for -0x%s.\n", test.hex);
+ return false;
+ }
+ }
+
+ // Test that BN_get_u64 fails on large numbers.
+ bssl::UniquePtr<BIGNUM> bn(BN_new());
+ if (!BN_lshift(bn.get(), BN_value_one(), 64)) {
+ return false;
+ }
+
+ uint64_t tmp;
+ if (BN_get_u64(bn.get(), &tmp)) {
+ fprintf(stderr, "BN_get_u64 of 2^64 unexpectedly succeeded.\n");
+ return false;
+ }
+
+ BN_set_negative(bn.get(), 1);
+ if (BN_get_u64(bn.get(), &tmp)) {
+ fprintf(stderr, "BN_get_u64 of -2^64 unexpectedly succeeded.\n");
+ return false;
}
return true;
@@ -1544,6 +1645,7 @@
!TestDec2BN(ctx.get()) ||
!TestHex2BN(ctx.get()) ||
!TestASC2BN(ctx.get()) ||
+ !TestLittleEndian() ||
!TestMPI() ||
!TestRand() ||
!TestASN1() ||
@@ -1553,7 +1655,7 @@
!TestSmallPrime(ctx.get()) ||
!TestCmpWord() ||
!TestBN2Dec() ||
- !TestBNSetU64()) {
+ !TestBNSetGetU64()) {
return 1;
}
diff --git a/src/crypto/bn/bn_tests.txt b/src/crypto/bn/bn_tests.txt
index ec89b8e..46c788f 100644
--- a/src/crypto/bn/bn_tests.txt
+++ b/src/crypto/bn/bn_tests.txt
@@ -10387,6 +10387,89 @@
M = e4e784aa1fa88625a43ba0185a153a929663920be7fe674a4d33c943d3b898cff051482e7050a070cede53be5e89f31515772c7aea637576f99f82708f89d9e244f6ad3a24a02cbe5c0ff7bcf2dad5491f53db7c3f2698a7c41b44f086652f17bb05fe4c5c0a92433c34086b49d7e1825b28bab6c5a9bd0bc95b53d659afa0d7
+# RSAZ 512-bit.
+#
+# These are regression tests for code which historically reached the RSAZ-512
+# code. That has since been removed, but the test vectors remain. Note that the
+# lengths of the inputs, especially the *bit* length of |M|, matter a lot.
+
+# Control: No relationship between A and M except that A < M and they're the same number of limbs.
+ModExp = 7f34c1cd63377bc3abf2bb5b2d1bf5f06454e1e8040fe19a72245ce9731cbee1bf9e84532300776c8021ed4f3a8de508d85b4cf320bd82065a013754857b50c4
+A = 8e4e67da6ff890643d0599387955996ef6f0c2045eb9944576ddb965ca64cdb6247727ce128ef178d4a84e5a56d2e67eb0fe389ecbf691f9244ae80f4c11b364
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# Same as above except A is negative.
+ModExp = 71fa6a4c8ae75368eda8cc6282c26afa69e2af12a97fb9444f16b7dd6c99e0a5d6034cab4248cae4357346b211039f4a2bc4c5a20a297372094162417af703cd
+A = -8e4e67da6ff890643d0599387955996ef6f0c2045eb9944576ddb965ca64cdb6247727ce128ef178d4a84e5a56d2e67eb0fe389ecbf691f9244ae80f4c11b364
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A == M - 1 == -1 (mod M) and the exponent is odd so A ^ E (mod M) == A.
+ModExp = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+A = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# Same inputs as above except A is negative. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 1
+A = -f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725490
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A == M, so A == 0 (mod M) so A ^ E (mod M) == 0. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 0
+A = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+# A is negative, and A (mod M) is the right length for RSAZ.
+ModExp = 8d76eb0f8c7bc3160cc8bb0e0c3590fbed26c5932f5f525b48045c0bd46dda287ba5483f97c851fb7c12c2e858ee7a4a4d1af745cbfb3eb311fa54bea12cde25
+A = -80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+E = be99d8f0650e540b9b191e9cf96f74881b902e32ed169ffd8a1776c3f3e80f0ac765aa14615713e1549f250a20fe4ee48c4e0c6176162fc7842a0dd64d640d1
+M = f12f2c19ee1ecf2c999b87bdafde60eace3790faad8f9adec13b14c6dfb69f8795a1d0fe65494250b59534014b918453042012952ae6f5786342999600725491
+
+
+# RSAZ 1024-bit.
+# Note that the lengths of the inputs, especially the *bit* length of |M|, matter a lot.
+
+# Control: No relationship between A and M except that A < M and they're the same number of limbs.
+ModExp = 8984f8c16044f9c0ad7bd72347af90f58e6e003acda92b76e3c7c4a56ea8e918409d8e9b34884d4c89d0b17cb40fe898f2627c084a0f1698e46beccbf6f48eecc281e11ea9e5135adba460ddae157f2c655b5f589ce29b254d43a960a71cede8a08dbb86be4dac22458da232fb1ec2470856827302ed772c9ddafa408c931aa7
+A = 21158da5fe20356825e72b3f5384ec57720d22f727b27ce2f945c8ee311db781add73bf8fae96b775c909bd22fca75c44c2b0584284a5bb1c07f8eefcd6b0a44047a02b185df34f897f11d4fb9a86c9eb841b4cb8d0383441fdc5af3ef385b5e8380f605d73ed41bb42eb2c2a5704d6034b3ad058dafffce83dbbfb6295daaf8
+E = ecdebd112b3b5788669449dcddbd479a203ee9ab72a9bb9c406b97623513bf0ab9a22f1f23634d269e16bfd6d3b64202b71fc355057411967b6ac70f8d9cef0a4e06819a9a18cc06bbe438243fa9759303d98be8a65dc1cb13595ee9b99f138554425d50f6fbc025d8ffa3eaea828d6f3b82a3584146bafde34da257995f0575
+M = ff3a3e023db3bba929ca4ededbace13d0d1264387b5ef62734e177eaf47a78af56b58aacc8ac5d46f5b066bafb95d93d4442bb948653613eec76837b4ffb7991cb080b6c8b403fb09bc817d026e283ee47ab2fc9af274b12f626eda2fe02004a8e27b9ed7d3b614e8955c7e7c2c0700edd079455237c4475fbd41857e206e4b7
+
+# Same as above except A is negative.
+ModExp = 75b54540dd6ec1e87c4e77bb93fd50477ea463fdadb5cab05119b34585d18f971617fc1194240ffa6bdfb53e4785f0a451e03f8c3c444aa6080a96af5906eaa508862a4de15b2c55c023b6f278cd04c1e24fd0711244afeda8e3444256e51261ed99fe66beedb52c43c825b4c7a1adc7d4b111e2208ecd495df91e175573ca10
+A = -21158da5fe20356825e72b3f5384ec57720d22f727b27ce2f945c8ee311db781add73bf8fae96b775c909bd22fca75c44c2b0584284a5bb1c07f8eefcd6b0a44047a02b185df34f897f11d4fb9a86c9eb841b4cb8d0383441fdc5af3ef385b5e8380f605d73ed41bb42eb2c2a5704d6034b3ad058dafffce83dbbfb6295daaf8
+E = ecdebd112b3b5788669449dcddbd479a203ee9ab72a9bb9c406b97623513bf0ab9a22f1f23634d269e16bfd6d3b64202b71fc355057411967b6ac70f8d9cef0a4e06819a9a18cc06bbe438243fa9759303d98be8a65dc1cb13595ee9b99f138554425d50f6fbc025d8ffa3eaea828d6f3b82a3584146bafde34da257995f0575
+M = ff3a3e023db3bba929ca4ededbace13d0d1264387b5ef62734e177eaf47a78af56b58aacc8ac5d46f5b066bafb95d93d4442bb948653613eec76837b4ffb7991cb080b6c8b403fb09bc817d026e283ee47ab2fc9af274b12f626eda2fe02004a8e27b9ed7d3b614e8955c7e7c2c0700edd079455237c4475fbd41857e206e4b7
+
+# A == M - 1 == -1 (mod M) and the exponent is odd so A ^ E (mod M) == A.
+ModExp = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+A = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# Same inputs as above except A is negative. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 1
+A = -b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d964
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# A == M, so A == 0 (mod M) so A ^ E (mod M) == 0. Note that A mod M with a "correct top" isn't the right length for RSAZ.
+ModExp = 0
+A = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+# A is negative, and A (mod M) is the right length for RSAZ.
+ModExp = 9cf810b9e89d5cbc4b79ae64e123ea06d92965e2bab077df97a1b906dc2e1ddcf96a9c4ed14e2cd96309b829ea9cc2a74a7d4b43c5f34d792a7c583201427754b8f78b783608070a84b61f18913e3ced7f7f530972de7764667c54e29d756eea38a93cd1703c676a4587231b0ebfeadddf908e2877a7a84b5bfc370ecf0d158d
+A = -8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
+E = 61803d4973ae68cfb2ba6770dbed70d36760fa42c01a16d1482eacf0d01adf7a917bc86ece58a73b920295c1291b90f49167ef856ecad149330e1fd49ec71392fb62d47270b53e6d4f3c8f044b80a5736753364896932abc6d872c4c5e135d1edb200597a93ceb262ff6c99079177cd10808b9ed20c8cd7352d80ac7f6963103
+M = b5d257b2c50b050d42f0852eff5cfa2571157c500cd0bd9aa0b2ccdd89c531c9609d520eb81d928fb52b06da25dc713561aa0bd365ee56db9e62ac6787a85936990f44438363560f7af9e0c16f378e5b83f658252390d849401817624da97ec613a1b855fd901847352f434a777e4e32af0cb4033c7547fb6437d067fcd3d965
+
+
# Exp tests.
#
# These test vectors satisfy A ^ E = Exp.
diff --git a/src/crypto/bn/convert.c b/src/crypto/bn/convert.c
index 8f4b964..1fa0dd4 100644
--- a/src/crypto/bn/convert.c
+++ b/src/crypto/bn/convert.c
@@ -118,6 +118,42 @@
return ret;
}
+BIGNUM *BN_le2bn(const uint8_t *in, size_t len, BIGNUM *ret) {
+ BIGNUM *bn = NULL;
+ if (ret == NULL) {
+ bn = BN_new();
+ ret = bn;
+ }
+
+ if (ret == NULL) {
+ return NULL;
+ }
+
+ if (len == 0) {
+ ret->top = 0;
+ ret->neg = 0;
+ return ret;
+ }
+
+ /* Reserve enough space in |ret|. */
+ size_t num_words = ((len - 1) / BN_BYTES) + 1;
+ if (!bn_wexpand(ret, num_words)) {
+ BN_free(bn);
+ return NULL;
+ }
+ ret->top = num_words;
+
+ /* Make sure the top bytes will be zeroed. */
+ ret->d[num_words - 1] = 0;
+
+ /* We only support little-endian platforms, so we can simply memcpy the
+ * internal representation. */
+ OPENSSL_memcpy(ret->d, in, len);
+
+ bn_correct_top(ret);
+ return ret;
+}
+
size_t BN_bn2bin(const BIGNUM *in, uint8_t *out) {
size_t n, i;
BN_ULONG l;
@@ -130,6 +166,23 @@
return n;
}
+int BN_bn2le_padded(uint8_t *out, size_t len, const BIGNUM *in) {
+ /* If we don't have enough space, fail out. */
+ size_t num_bytes = BN_num_bytes(in);
+ if (len < num_bytes) {
+ return 0;
+ }
+
+ /* We only support little-endian platforms, so we can simply memcpy into the
+ * internal representation. */
+ OPENSSL_memcpy(out, in->d, num_bytes);
+
+ /* Pad out the rest of the buffer with zeroes. */
+ OPENSSL_memset(out + num_bytes, 0, len - num_bytes);
+
+ return 1;
+}
+
/* constant_time_select_ulong returns |x| if |v| is 1 and |y| if |v| is 0. Its
* behavior is undefined if |v| takes any other value. */
static BN_ULONG constant_time_select_ulong(int v, BN_ULONG x, BN_ULONG y) {
@@ -162,7 +215,7 @@
int BN_bn2bin_padded(uint8_t *out, size_t len, const BIGNUM *in) {
/* Special case for |in| = 0. Just branch as the probability is negligible. */
if (BN_is_zero(in)) {
- memset(out, 0, len);
+ OPENSSL_memset(out, 0, len);
return 1;
}
@@ -515,6 +568,24 @@
}
}
+int BN_get_u64(const BIGNUM *bn, uint64_t *out) {
+ switch (bn->top) {
+ case 0:
+ *out = 0;
+ return 1;
+ case 1:
+ *out = bn->d[0];
+ return 1;
+#if defined(OPENSSL_32_BIT)
+ case 2:
+ *out = (uint64_t) bn->d[0] | (((uint64_t) bn->d[1]) << 32);
+ return 1;
+#endif
+ default:
+ return 0;
+ }
+}
+
size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out) {
const size_t bits = BN_num_bits(in);
const size_t bytes = (bits + 7) / 8;
@@ -532,7 +603,7 @@
/* If we cannot represent the number then we emit zero as the interface
* doesn't allow an error to be signalled. */
if (out) {
- memset(out, 0, 4);
+ OPENSSL_memset(out, 0, 4);
}
return 4;
}
diff --git a/src/crypto/bn/ctx.c b/src/crypto/bn/ctx.c
index 48d9adf..bca6619 100644
--- a/src/crypto/bn/ctx.c
+++ b/src/crypto/bn/ctx.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
/* How many bignums are in each "pool item"; */
#define BN_CTX_POOL_SIZE 16
@@ -218,7 +220,7 @@
return 0;
}
if (st->depth) {
- memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
+ OPENSSL_memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
}
OPENSSL_free(st->indexes);
st->indexes = newitems;
diff --git a/src/crypto/bn/div.c b/src/crypto/bn/div.c
index ab49281..6e3df7d 100644
--- a/src/crypto/bn/div.c
+++ b/src/crypto/bn/div.c
@@ -182,7 +182,12 @@
* Thus:
* dv->neg == num->neg ^ divisor->neg (unless the result is zero)
* rm->neg == num->neg (unless the remainder is zero)
- * If 'dv' or 'rm' is NULL, the respective value is not returned. */
+ * If 'dv' or 'rm' is NULL, the respective value is not returned.
+ *
+ * This was specifically designed to contain fewer branches that may leak
+ * sensitive information; see "New Branch Prediction Vulnerabilities in OpenSSL
+ * and Necessary Software Countermeasures" by Onur Acıçmez, Shay Gueron, and
+ * Jean-Pierre Seifert. */
int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
BN_CTX *ctx) {
int norm_shift, i, loop;
@@ -190,7 +195,6 @@
BN_ULONG *resp, *wnump;
BN_ULONG d0, d1;
int num_n, div_n;
- int no_branch = 0;
/* Invalid zero-padding would have particularly bad consequences
* so don't just rely on bn_check_top() here */
@@ -200,28 +204,11 @@
return 0;
}
- if ((num->flags & BN_FLG_CONSTTIME) != 0 ||
- (divisor->flags & BN_FLG_CONSTTIME) != 0) {
- no_branch = 1;
- }
-
if (BN_is_zero(divisor)) {
OPENSSL_PUT_ERROR(BN, BN_R_DIV_BY_ZERO);
return 0;
}
- if (!no_branch && BN_ucmp(num, divisor) < 0) {
- if (rm != NULL) {
- if (BN_copy(rm, num) == NULL) {
- return 0;
- }
- }
- if (dv != NULL) {
- BN_zero(dv);
- }
- return 1;
- }
-
BN_CTX_start(ctx);
tmp = BN_CTX_get(ctx);
snum = BN_CTX_get(ctx);
@@ -247,26 +234,23 @@
}
snum->neg = 0;
- if (no_branch) {
- /* Since we don't know whether snum is larger than sdiv,
- * we pad snum with enough zeroes without changing its
- * value.
- */
- if (snum->top <= sdiv->top + 1) {
- if (bn_wexpand(snum, sdiv->top + 2) == NULL) {
- goto err;
- }
- for (i = snum->top; i < sdiv->top + 2; i++) {
- snum->d[i] = 0;
- }
- snum->top = sdiv->top + 2;
- } else {
- if (bn_wexpand(snum, snum->top + 1) == NULL) {
- goto err;
- }
- snum->d[snum->top] = 0;
- snum->top++;
+ /* Since we don't want to have special-case logic for the case where snum is
+ * larger than sdiv, we pad snum with enough zeroes without changing its
+ * value. */
+ if (snum->top <= sdiv->top + 1) {
+ if (bn_wexpand(snum, sdiv->top + 2) == NULL) {
+ goto err;
}
+ for (i = snum->top; i < sdiv->top + 2; i++) {
+ snum->d[i] = 0;
+ }
+ snum->top = sdiv->top + 2;
+ } else {
+ if (bn_wexpand(snum, snum->top + 1) == NULL) {
+ goto err;
+ }
+ snum->d[snum->top] = 0;
+ snum->top++;
}
div_n = sdiv->top;
@@ -294,7 +278,7 @@
if (!bn_wexpand(res, (loop + 1))) {
goto err;
}
- res->top = loop - no_branch;
+ res->top = loop - 1;
resp = &(res->d[loop - 1]);
/* space for temp */
@@ -302,15 +286,6 @@
goto err;
}
- if (!no_branch) {
- if (BN_ucmp(&wnum, sdiv) >= 0) {
- bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
- *resp = 1;
- } else {
- res->top--;
- }
- }
-
/* if res->top == 0 then clear the neg value otherwise decrease
* the resp pointer */
if (res->top == 0) {
@@ -401,9 +376,7 @@
rm->neg = neg;
}
}
- if (no_branch) {
- bn_correct_top(res);
- }
+ bn_correct_top(res);
BN_CTX_end(ctx);
return 1;
diff --git a/src/crypto/bn/exponentiation.c b/src/crypto/bn/exponentiation.c
index 2d68808..3161a2a 100644
--- a/src/crypto/bn/exponentiation.c
+++ b/src/crypto/bn/exponentiation.c
@@ -876,6 +876,7 @@
int powerbufLen = 0;
unsigned char *powerbuf = NULL;
BIGNUM tmp, am;
+ BIGNUM *new_a = NULL;
if (!BN_is_odd(m)) {
OPENSSL_PUT_ERROR(BN, BN_R_CALLED_WITH_EVEN_MODULUS);
@@ -903,6 +904,15 @@
mont = new_mont;
}
+ if (a->neg || BN_ucmp(a, m) >= 0) {
+ new_a = BN_new();
+ if (new_a == NULL ||
+ !BN_nnmod(new_a, a, m, ctx)) {
+ goto err;
+ }
+ a = new_a;
+ }
+
#ifdef RSAZ_ENABLED
/* If the size of the operands allow it, perform the optimized
* RSAZ exponentiation. For further information see
@@ -918,16 +928,6 @@
bn_correct_top(rr);
ret = 1;
goto err;
- } else if ((8 == a->top) && (8 == p->top) && (BN_num_bits(m) == 512)) {
- if (NULL == bn_wexpand(rr, 8)) {
- goto err;
- }
- RSAZ_512_mod_exp(rr->d, a->d, p->d, m->d, mont->n0[0], mont->RR.d);
- rr->top = 8;
- rr->neg = 0;
- bn_correct_top(rr);
- ret = 1;
- goto err;
}
#endif
@@ -961,7 +961,7 @@
}
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
- memset(powerbuf, 0, powerbufLen);
+ OPENSSL_memset(powerbuf, 0, powerbufLen);
#ifdef alloca
if (powerbufLen < 3072) {
@@ -991,12 +991,9 @@
}
/* prepare a^1 in Montgomery domain */
- if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_nnmod(&am, a, m, ctx) ||
- !BN_to_montgomery(&am, &am, mont, ctx)) {
- goto err;
- }
- } else if (!BN_to_montgomery(&am, a, mont, ctx)) {
+ assert(!a->neg);
+ assert(BN_ucmp(a, m) < 0);
+ if (!BN_to_montgomery(&am, a, mont, ctx)) {
goto err;
}
@@ -1190,6 +1187,7 @@
err:
BN_MONT_CTX_free(new_mont);
+ BN_clear_free(new_a);
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
OPENSSL_free(powerbufFree);
diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c
index a1ed5d9..9e62da0 100644
--- a/src/crypto/bn/gcd.c
+++ b/src/crypto/bn/gcd.c
@@ -423,9 +423,6 @@
if (a_reduced == NULL) {
goto err;
}
- if (no_branch) {
- BN_set_flags(a_reduced, BN_FLG_CONSTTIME);
- }
if (!BN_nnmod(a_reduced, a_reduced, n, ctx)) {
goto err;
}
@@ -481,15 +478,13 @@
/* bn_mod_inverse_general is the general inversion algorithm that works for
* both even and odd |n|. It was specifically designed to contain fewer
- * branches that may leak sensitive information. See "New Branch Prediction
+ * branches that may leak sensitive information; see "New Branch Prediction
* Vulnerabilities in OpenSSL and Necessary Software Countermeasures" by
* Onur Acıçmez, Shay Gueron, and Jean-Pierre Seifert. */
static int bn_mod_inverse_general(BIGNUM *out, int *out_no_inverse,
const BIGNUM *a, const BIGNUM *n,
BN_CTX *ctx) {
BIGNUM *A, *B, *X, *Y, *M, *D, *T;
- BIGNUM local_A;
- BIGNUM *pA;
int ret = 0;
int sign;
@@ -532,14 +527,8 @@
* sign*Y*a == A (mod |n|)
*/
- /* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
- * BN_div_no_branch will be called eventually.
- */
- pA = &local_A;
- BN_with_flags(pA, A, BN_FLG_CONSTTIME);
-
/* (D, M) := (A/B, A%B) ... */
- if (!BN_div(D, M, pA, B, ctx)) {
+ if (!BN_div(D, M, A, B, ctx)) {
goto err;
}
@@ -626,3 +615,27 @@
BN_CTX_end(ctx);
return ret;
}
+
+int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
+ BN_CTX_start(ctx);
+ BIGNUM *p_minus_2 = BN_CTX_get(ctx);
+ int ok = p_minus_2 != NULL &&
+ BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont(out, a, p_minus_2, p, ctx, mont_p);
+ BN_CTX_end(ctx);
+ return ok;
+}
+
+int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p) {
+ BN_CTX_start(ctx);
+ BIGNUM *p_minus_2 = BN_CTX_get(ctx);
+ int ok = p_minus_2 != NULL &&
+ BN_copy(p_minus_2, p) &&
+ BN_sub_word(p_minus_2, 2) &&
+ BN_mod_exp_mont_consttime(out, a, p_minus_2, p, ctx, mont_p);
+ BN_CTX_end(ctx);
+ return ok;
+}
diff --git a/src/crypto/bn/internal.h b/src/crypto/bn/internal.h
index aeed88f..1ee29fd 100644
--- a/src/crypto/bn/internal.h
+++ b/src/crypto/bn/internal.h
@@ -228,6 +228,7 @@
const BN_ULONG *np, const BN_ULONG *n0, int num);
uint64_t bn_mont_n0(const BIGNUM *n);
+int bn_mod_exp_base_2_vartime(BIGNUM *r, unsigned p, const BIGNUM *n);
#if defined(OPENSSL_X86_64) && defined(_MSC_VER)
#define BN_UMULT_LOHI(low, high, a, b) ((low) = _umul128((a), (b), &(high)))
@@ -237,6 +238,18 @@
#error "Either BN_ULLONG or BN_UMULT_LOHI must be defined on every platform."
#endif
+/* bn_mod_inverse_prime sets |out| to the modular inverse of |a| modulo |p|,
+ * computed with Fermat's Little Theorem. It returns one on success and zero on
+ * error. If |mont_p| is NULL, one will be computed temporarily. */
+int bn_mod_inverse_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p);
+
+/* bn_mod_inverse_secret_prime behaves like |bn_mod_inverse_prime| but uses
+ * |BN_mod_exp_mont_consttime| instead of |BN_mod_exp_mont| in hopes of
+ * protecting the exponent. */
+int bn_mod_inverse_secret_prime(BIGNUM *out, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx, const BN_MONT_CTX *mont_p);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/crypto/bn/montgomery.c b/src/crypto/bn/montgomery.c
index 91251e5..70f0585 100644
--- a/src/crypto/bn/montgomery.c
+++ b/src/crypto/bn/montgomery.c
@@ -108,6 +108,7 @@
#include <openssl/bn.h>
+#include <assert.h>
#include <string.h>
#include <openssl/err.h>
@@ -131,7 +132,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BN_MONT_CTX));
+ OPENSSL_memset(ret, 0, sizeof(BN_MONT_CTX));
BN_init(&ret->RR);
BN_init(&ret->N);
@@ -207,12 +208,13 @@
/* Save RR = R**2 (mod N). R is the smallest power of 2**BN_BITS such that R
* > mod. Even though the assembly on some 32-bit platforms works with 64-bit
* values, using |BN_BITS2| here, rather than |BN_MONT_CTX_N0_LIMBS *
- * BN_BITS2|, is correct because because R^2 will still be a multiple of the
- * latter as |BN_MONT_CTX_N0_LIMBS| is either one or two. */
+ * BN_BITS2|, is correct because R**2 will still be a multiple of the latter
+ * as |BN_MONT_CTX_N0_LIMBS| is either one or two.
+ *
+ * XXX: This is not constant time with respect to |mont->N|, but it should
+ * be. */
unsigned lgBigR = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
- BN_zero(&mont->RR);
- if (!BN_set_bit(&mont->RR, lgBigR * 2) ||
- !BN_mod(&mont->RR, &mont->RR, &mont->N, ctx)) {
+ if (!bn_mod_exp_base_2_vartime(&mont->RR, lgBigR * 2, &mont->N)) {
return 0;
}
@@ -279,7 +281,7 @@
/* clear the top words of T */
if (max > r->top) {
- memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
+ OPENSSL_memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
}
r->top = max;
diff --git a/src/crypto/bn/montgomery_inv.c b/src/crypto/bn/montgomery_inv.c
index 28db62b..9264adb 100644
--- a/src/crypto/bn/montgomery_inv.c
+++ b/src/crypto/bn/montgomery_inv.c
@@ -158,3 +158,50 @@
return v;
}
+
+/* bn_mod_exp_base_2_vartime calculates r = 2**p (mod n). |p| must be larger
+ * than log_2(n); i.e. 2**p must be larger than |n|. |n| must be positive and
+ * odd. */
+int bn_mod_exp_base_2_vartime(BIGNUM *r, unsigned p, const BIGNUM *n) {
+ assert(!BN_is_zero(n));
+ assert(!BN_is_negative(n));
+ assert(BN_is_odd(n));
+
+ BN_zero(r);
+
+ unsigned n_bits = BN_num_bits(n);
+ assert(n_bits != 0);
+ if (n_bits == 1) {
+ return 1;
+ }
+
+ /* Set |r| to the smallest power of two larger than |n|. */
+ assert(p > n_bits);
+ if (!BN_set_bit(r, n_bits)) {
+ return 0;
+ }
+
+ /* Unconditionally reduce |r|. */
+ assert(BN_cmp(r, n) > 0);
+ if (!BN_usub(r, r, n)) {
+ return 0;
+ }
+ assert(BN_cmp(r, n) < 0);
+
+ for (unsigned i = n_bits; i < p; ++i) {
+ /* This is like |BN_mod_lshift1_quick| except using |BN_usub|.
+ *
+ * TODO: Replace this with the use of a constant-time variant of
+ * |BN_mod_lshift1_quick|. */
+ if (!BN_lshift1(r, r)) {
+ return 0;
+ }
+ if (BN_cmp(r, n) >= 0) {
+ if (!BN_usub(r, r, n)) {
+ return 0;
+ }
+ }
+ }
+
+ return 1;
+}
diff --git a/src/crypto/bn/mul.c b/src/crypto/bn/mul.c
index 06e53ee..fdf2c69 100644
--- a/src/crypto/bn/mul.c
+++ b/src/crypto/bn/mul.c
@@ -312,7 +312,8 @@
if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
if ((dna + dnb) < 0) {
- memset(&r[2 * n2 + dna + dnb], 0, sizeof(BN_ULONG) * -(dna + dnb));
+ OPENSSL_memset(&r[2 * n2 + dna + dnb], 0,
+ sizeof(BN_ULONG) * -(dna + dnb));
}
return;
}
@@ -358,7 +359,7 @@
if (!zero) {
bn_mul_comba4(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
}
bn_mul_comba4(r, a, b);
@@ -368,7 +369,7 @@
if (!zero) {
bn_mul_comba8(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
}
bn_mul_comba8(r, a, b);
@@ -378,7 +379,7 @@
if (!zero) {
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_mul_recursive(r, a, b, n, 0, 0, p);
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
@@ -473,7 +474,7 @@
bn_mul_comba8(&(t[n2]), t, &(t[n]));
bn_mul_comba8(r, a, b);
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
p = &(t[n2 * 2]);
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
@@ -489,14 +490,15 @@
if (j == 0) {
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
+ OPENSSL_memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
} else if (j > 0) {
/* eg, n == 16, i == 8 and tn == 11 */
bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0,
+ sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
/* (j < 0) eg, n == 16, i == 8 and tn == 5 */
- memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
+ OPENSSL_memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL &&
tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
@@ -735,7 +737,7 @@
if (!zero) {
bn_sqr_recursive(&(t[n2]), t, n, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_sqr_recursive(r, a, n, p);
bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
diff --git a/src/crypto/bn/random.c b/src/crypto/bn/random.c
index ecf43c1..6f922c0 100644
--- a/src/crypto/bn/random.c
+++ b/src/crypto/bn/random.c
@@ -115,6 +115,9 @@
#include <openssl/rand.h>
#include <openssl/sha.h>
+#include "../internal.h"
+
+
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) {
uint8_t *buf = NULL;
int ret = 0, bit, bytes, mask;
@@ -298,8 +301,8 @@
OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE);
goto err;
}
- memcpy(private_bytes, priv->d, todo);
- memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
+ OPENSSL_memcpy(private_bytes, priv->d, todo);
+ OPENSSL_memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
for (attempt = 0;; attempt++) {
for (done = 0; done < num_k_bytes;) {
@@ -318,7 +321,7 @@
if (todo > SHA512_DIGEST_LENGTH) {
todo = SHA512_DIGEST_LENGTH;
}
- memcpy(k_bytes + done, digest, todo);
+ OPENSSL_memcpy(k_bytes + done, digest, todo);
done += todo;
}
diff --git a/src/crypto/bn/rsaz_exp.c b/src/crypto/bn/rsaz_exp.c
index 30f08e5..c7eed38 100644
--- a/src/crypto/bn/rsaz_exp.c
+++ b/src/crypto/bn/rsaz_exp.c
@@ -251,69 +251,4 @@
OPENSSL_cleanse(storage,sizeof(storage));
}
-/*
- * See crypto/bn/rsaz-x86_64.pl for further details.
- */
-void rsaz_512_mul(void *ret,const void *a,const void *b,const void *n,BN_ULONG k);
-void rsaz_512_mul_scatter4(void *ret,const void *a,const void *n,BN_ULONG k,const void *tbl,unsigned int power);
-void rsaz_512_mul_gather4(void *ret,const void *a,const void *tbl,const void *n,BN_ULONG k,unsigned int power);
-void rsaz_512_mul_by_one(void *ret,const void *a,const void *n,BN_ULONG k);
-void rsaz_512_sqr(void *ret,const void *a,const void *n,BN_ULONG k,int cnt);
-void rsaz_512_scatter4(void *tbl, const BN_ULONG *val, int power);
-void rsaz_512_gather4(BN_ULONG *val, const void *tbl, int power);
-
-void RSAZ_512_mod_exp(BN_ULONG result[8],
- const BN_ULONG base[8], const BN_ULONG exponent[8],
- const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8])
-{
- alignas(64) uint8_t storage[(16*8*8) + (64 * 2)]; /* 1.2KB */
- unsigned char *table = storage;
- BN_ULONG *a_inv = (BN_ULONG *)(table+16*8*8),
- *temp = (BN_ULONG *)(table+16*8*8+8*8);
- int index;
- unsigned int wvalue;
-
- /* table[0] = 1_inv */
- temp[0] = 0-m[0]; temp[1] = ~m[1];
- temp[2] = ~m[2]; temp[3] = ~m[3];
- temp[4] = ~m[4]; temp[5] = ~m[5];
- temp[6] = ~m[6]; temp[7] = ~m[7];
- rsaz_512_scatter4(table, temp, 0);
-
- /* table [1] = a_inv^1 */
- rsaz_512_mul(a_inv, base, RR, m, k0);
- rsaz_512_scatter4(table, a_inv, 1);
-
- /* table [2] = a_inv^2 */
- rsaz_512_sqr(temp, a_inv, m, k0, 1);
- rsaz_512_scatter4(table, temp, 2);
-
- for (index=3; index<16; index++)
- rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index);
-
- const uint8_t *p_str = (const uint8_t *)exponent;
-
- /* load first window */
- wvalue = p_str[63];
-
- rsaz_512_gather4(temp, table, wvalue>>4);
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue&0xf);
-
- for (index=62; index>=0; index--) {
- wvalue = p_str[index];
-
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue>>4);
-
- rsaz_512_sqr(temp, temp, m, k0, 4);
- rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue&0x0f);
- }
-
- /* from Montgomery */
- rsaz_512_mul_by_one(result, temp, m, k0);
-
- OPENSSL_cleanse(storage,sizeof(storage));
-}
-
#endif /* OPENSSL_X86_64 */
diff --git a/src/crypto/bn/rsaz_exp.h b/src/crypto/bn/rsaz_exp.h
index c752b45..4a8967c 100644
--- a/src/crypto/bn/rsaz_exp.h
+++ b/src/crypto/bn/rsaz_exp.h
@@ -50,7 +50,4 @@
const BN_ULONG m_norm[16], const BN_ULONG RR[16], BN_ULONG k0);
int rsaz_avx2_eligible(void);
-void RSAZ_512_mod_exp(BN_ULONG result[8],
- const BN_ULONG base_norm[8], const BN_ULONG exponent[8],
- const BN_ULONG m_norm[8], BN_ULONG k0, const BN_ULONG RR[8]);
#endif
diff --git a/src/crypto/bn/shift.c b/src/crypto/bn/shift.c
index 22006d1..dc9b795 100644
--- a/src/crypto/bn/shift.c
+++ b/src/crypto/bn/shift.c
@@ -94,7 +94,7 @@
t[nw + i] = (l << lb) & BN_MASK2;
}
}
- memset(t, 0, nw * sizeof(t[0]));
+ OPENSSL_memset(t, 0, nw * sizeof(t[0]));
r->top = a->top + nw + 1;
bn_correct_top(r);
diff --git a/src/crypto/buf/buf.c b/src/crypto/buf/buf.c
index efe9952..ca1d70b 100644
--- a/src/crypto/buf/buf.c
+++ b/src/crypto/buf/buf.c
@@ -61,6 +61,8 @@
#include <openssl/mem.h>
#include <openssl/err.h>
+#include "../internal.h"
+
BUF_MEM *BUF_MEM_new(void) {
BUF_MEM *ret;
@@ -71,7 +73,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BUF_MEM));
+ OPENSSL_memset(ret, 0, sizeof(BUF_MEM));
return ret;
}
@@ -137,7 +139,7 @@
return 0;
}
if (buf->length < len) {
- memset(&buf->data[buf->length], 0, len - buf->length);
+ OPENSSL_memset(&buf->data[buf->length], 0, len - buf->length);
}
buf->length = len;
return len;
@@ -193,7 +195,7 @@
return NULL;
}
- memcpy(ret, buf, size);
+ OPENSSL_memcpy(ret, buf, size);
ret[size] = '\0';
return ret;
}
@@ -234,6 +236,6 @@
return NULL;
}
- memcpy(ret, data, dst_size);
+ OPENSSL_memcpy(ret, data, dst_size);
return ret;
}
diff --git a/src/crypto/bytestring/asn1_compat.c b/src/crypto/bytestring/asn1_compat.c
index b17d2d1..50df9cc 100644
--- a/src/crypto/bytestring/asn1_compat.c
+++ b/src/crypto/bytestring/asn1_compat.c
@@ -22,6 +22,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int CBB_finish_i2d(CBB *cbb, uint8_t **outp) {
@@ -42,7 +43,7 @@
*outp = der;
der = NULL;
} else {
- memcpy(*outp, der, der_len);
+ OPENSSL_memcpy(*outp, der, der_len);
*outp += der_len;
}
}
diff --git a/src/crypto/bytestring/ber.c b/src/crypto/bytestring/ber.c
index 04fcac6..ee3cd0a 100644
--- a/src/crypto/bytestring/ber.c
+++ b/src/crypto/bytestring/ber.c
@@ -18,6 +18,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
/* kMaxDepth is a just a sanity limit. The code should be such that the length
@@ -100,7 +101,7 @@
* |CBS_get_any_ber_asn1_element|, indicate an "end of contents" (EOC) value. */
static char is_eoc(size_t header_len, CBS *contents) {
return header_len == 2 && CBS_len(contents) == 2 &&
- memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
+ OPENSSL_memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
}
/* cbs_convert_ber reads BER data from |in| and writes DER data to |out|. If
diff --git a/src/crypto/bytestring/bytestring_test.cc b/src/crypto/bytestring/bytestring_test.cc
index b2b20d7..6ec6fcf 100644
--- a/src/crypto/bytestring/bytestring_test.cc
+++ b/src/crypto/bytestring/bytestring_test.cc
@@ -132,7 +132,7 @@
}
if (!CBS_get_asn1(&data, &contents, 0x30) ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -193,7 +193,7 @@
!CBS_get_optional_asn1(&data, &contents, &present, 0xa1) ||
!present ||
CBS_len(&contents) != 3 ||
- memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
return false;
}
@@ -235,7 +235,7 @@
if (!CBS_get_any_asn1(&data, &contents, &tag) ||
tag != CBS_ASN1_SEQUENCE ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -245,7 +245,7 @@
tag != CBS_ASN1_SEQUENCE ||
header_len != 2 ||
CBS_len(&contents) != 4 ||
- memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
return false;
}
@@ -312,7 +312,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBFixed() {
@@ -396,7 +397,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBDiscardChild() {
@@ -445,7 +447,8 @@
0, 0, 3, 0xdd, 0xdd, 0xdd,
1, 0xff,
};
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBMisuse() {
@@ -484,7 +487,7 @@
bssl::UniquePtr<uint8_t> scoper(buf);
if (buf_len != 3 ||
- memcmp(buf, "\x01\x01\x02", 3) != 0) {
+ OPENSSL_memcmp(buf, "\x01\x01\x02", 3) != 0) {
return false;
}
return true;
@@ -507,7 +510,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- if (buf_len != sizeof(kExpected) || memcmp(buf, kExpected, buf_len) != 0) {
+ if (buf_len != sizeof(kExpected) ||
+ OPENSSL_memcmp(buf, kExpected, buf_len) != 0) {
return false;
}
@@ -525,8 +529,8 @@
scoper.reset(buf);
if (buf_len != 3 + 130 ||
- memcmp(buf, "\x30\x81\x82", 3) != 0 ||
- memcmp(buf + 3, test_data.data(), 130) != 0) {
+ OPENSSL_memcmp(buf, "\x30\x81\x82", 3) != 0 ||
+ OPENSSL_memcmp(buf + 3, test_data.data(), 130) != 0) {
return false;
}
@@ -542,8 +546,8 @@
scoper.reset(buf);
if (buf_len != 4 + 1000 ||
- memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
- memcmp(buf + 4, test_data.data(), 1000)) {
+ OPENSSL_memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
+ OPENSSL_memcmp(buf + 4, test_data.data(), 1000)) {
return false;
}
@@ -560,8 +564,9 @@
scoper.reset(buf);
if (buf_len != 5 + 5 + 100000 ||
- memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) != 0 ||
- memcmp(buf + 10, test_data.data(), 100000)) {
+ OPENSSL_memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) !=
+ 0 ||
+ OPENSSL_memcmp(buf + 10, test_data.data(), 100000)) {
return false;
}
@@ -584,7 +589,7 @@
if (out == NULL) {
if (ber_len != der_len ||
- memcmp(der_expected, ber, ber_len) != 0) {
+ OPENSSL_memcmp(der_expected, ber, ber_len) != 0) {
fprintf(stderr, "%s: incorrect unconverted result.\n", name);
return false;
}
@@ -593,7 +598,7 @@
}
if (out_len != der_len ||
- memcmp(out, der_expected, der_len) != 0) {
+ OPENSSL_memcmp(out, der_expected, der_len) != 0) {
fprintf(stderr, "%s: incorrect converted result.\n", name);
return false;
}
@@ -702,7 +707,7 @@
}
if (ok && (CBS_len(&out) != test.out_len ||
- memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
+ OPENSSL_memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
fprintf(stderr, "CBS_get_asn1_implicit_string gave the wrong output\n");
return false;
}
@@ -772,7 +777,8 @@
return false;
}
bssl::UniquePtr<uint8_t> scoper(out);
- if (len != test->encoding_len || memcmp(out, test->encoding, len) != 0) {
+ if (len != test->encoding_len ||
+ OPENSSL_memcmp(out, test->encoding, len) != 0) {
return false;
}
}
@@ -907,7 +913,7 @@
static const std::vector<uint8_t> kInvalidBitStrings[] = {
// BIT STRINGs always have a leading byte.
- {},
+ std::vector<uint8_t>{},
// It's not possible to take an unused bit off the empty string.
{0x01},
// There can be at most 7 unused bits.
diff --git a/src/crypto/bytestring/cbb.c b/src/crypto/bytestring/cbb.c
index 2d65be8..14116be 100644
--- a/src/crypto/bytestring/cbb.c
+++ b/src/crypto/bytestring/cbb.c
@@ -19,9 +19,11 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
void CBB_zero(CBB *cbb) {
- memset(cbb, 0, sizeof(CBB));
+ OPENSSL_memset(cbb, 0, sizeof(CBB));
}
static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) {
@@ -252,8 +254,8 @@
if (!cbb_buffer_add(cbb->base, NULL, extra_bytes)) {
goto err;
}
- memmove(cbb->base->buf + child_start + extra_bytes,
- cbb->base->buf + child_start, len);
+ OPENSSL_memmove(cbb->base->buf + child_start + extra_bytes,
+ cbb->base->buf + child_start, len);
}
cbb->base->buf[cbb->child->offset++] = initial_length_byte;
cbb->child->pending_len_len = len_len - 1;
@@ -303,8 +305,8 @@
return 0;
}
- memset(prefix_bytes, 0, len_len);
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(prefix_bytes, 0, len_len);
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -346,7 +348,7 @@
return 0;
}
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -363,7 +365,7 @@
!cbb_buffer_add(cbb->base, &dest, len)) {
return 0;
}
- memcpy(dest, data, len);
+ OPENSSL_memcpy(dest, data, len);
return 1;
}
diff --git a/src/crypto/bytestring/cbs.c b/src/crypto/bytestring/cbs.c
index 132fe03..14c55a4 100644
--- a/src/crypto/bytestring/cbs.c
+++ b/src/crypto/bytestring/cbs.c
@@ -20,6 +20,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {
@@ -76,7 +77,7 @@
}
int CBS_contains_zero_byte(const CBS *cbs) {
- return memchr(cbs->data, 0, cbs->len) != NULL;
+ return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL;
}
int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
@@ -150,7 +151,7 @@
if (!cbs_get(cbs, &v, len)) {
return 0;
}
- memcpy(out, v, len);
+ OPENSSL_memcpy(out, v, len);
return 1;
}
diff --git a/src/crypto/chacha/chacha.c b/src/crypto/chacha/chacha.c
index feaa98a..fe32596 100644
--- a/src/crypto/chacha/chacha.c
+++ b/src/crypto/chacha/chacha.c
@@ -96,7 +96,7 @@
uint32_t x[16];
int i;
- memcpy(x, input, sizeof(uint32_t) * 16);
+ OPENSSL_memcpy(x, input, sizeof(uint32_t) * 16);
for (i = 20; i > 0; i -= 2) {
QUARTERROUND(0, 4, 8, 12)
QUARTERROUND(1, 5, 9, 13)
diff --git a/src/crypto/chacha/chacha_test.cc b/src/crypto/chacha/chacha_test.cc
index 0a5972f..6bfb03e 100644
--- a/src/crypto/chacha/chacha_test.cc
+++ b/src/crypto/chacha/chacha_test.cc
@@ -21,6 +21,8 @@
#include <openssl/crypto.h>
#include <openssl/chacha.h>
+#include "../internal.h"
+
static const uint8_t kKey[32] = {
0x98, 0xbe, 0xf1, 0x46, 0x9b, 0xe7, 0x26, 0x98, 0x37, 0xa4, 0x5b,
@@ -217,15 +219,15 @@
static bool TestChaCha20(size_t len) {
std::unique_ptr<uint8_t[]> buf(new uint8_t[len]);
CRYPTO_chacha_20(buf.get(), kInput, len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu.\n", len);
return false;
}
// Test in-place.
- memcpy(buf.get(), kInput, len);
+ OPENSSL_memcpy(buf.get(), kInput, len);
CRYPTO_chacha_20(buf.get(), buf.get(), len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu, in-place.\n", len);
return false;
}
diff --git a/src/crypto/cipher/aead.c b/src/crypto/cipher/aead.c
index 2d56715..b5ff48a 100644
--- a/src/crypto/cipher/aead.c
+++ b/src/crypto/cipher/aead.c
@@ -32,7 +32,7 @@
size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; }
void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_AEAD_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_AEAD_CTX));
}
int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
@@ -116,7 +116,7 @@
error:
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't send raw data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
@@ -139,7 +139,7 @@
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't try and process bad
* data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
diff --git a/src/crypto/cipher/aead_test.cc b/src/crypto/cipher/aead_test.cc
index 313f041..0c95fb4 100644
--- a/src/crypto/cipher/aead_test.cc
+++ b/src/crypto/cipher/aead_test.cc
@@ -21,6 +21,7 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -86,8 +87,8 @@
}
} else {
out.resize(ct.size() + tag.size());
- memcpy(out.data(), ct.data(), ct.size());
- memcpy(out.data() + ct.size(), tag.data(), tag.size());
+ OPENSSL_memcpy(out.data(), ct.data(), ct.size());
+ OPENSSL_memcpy(out.data() + ct.size(), tag.data(), tag.size());
}
// The "stateful" AEADs for implementing pre-AEAD cipher suites need to be
@@ -170,7 +171,7 @@
EVP_AEAD_CTX ctx;
uint8_t key[128];
- memset(key, 0, sizeof(key));
+ OPENSSL_memset(key, 0, sizeof(key));
const size_t key_len = EVP_AEAD_key_length(aead);
if (key_len > sizeof(key)) {
fprintf(stderr, "Key length of AEAD too long.\n");
@@ -239,7 +240,7 @@
uint8_t *out1 = buffer.data();
uint8_t *out2 = buffer.data() + 2;
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
size_t out_len;
if (EVP_AEAD_CTX_seal(ctx.get(), out1, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -252,7 +253,7 @@
}
ERR_clear_error();
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (EVP_AEAD_CTX_open(ctx.get(), out1, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0) ||
@@ -265,7 +266,7 @@
ERR_clear_error();
// Test with out == in, which we expect to work.
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
if (!EVP_AEAD_CTX_seal(ctx.get(), in, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -275,12 +276,12 @@
}
if (out_len != valid_encryption_len ||
- memcmp(in, valid_encryption.data(), out_len) != 0) {
+ OPENSSL_memcmp(in, valid_encryption.data(), out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_seal produced bad output in-place.\n");
return false;
}
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (!EVP_AEAD_CTX_open(ctx.get(), in, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0)) {
@@ -289,7 +290,7 @@
}
if (out_len != sizeof(kPlaintext) ||
- memcmp(in, kPlaintext, out_len) != 0) {
+ OPENSSL_memcmp(in, kPlaintext, out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_open produced bad output in-place.\n");
return false;
}
diff --git a/src/crypto/cipher/cipher.c b/src/crypto/cipher/cipher.c
index f61c59f..ae045ae 100644
--- a/src/crypto/cipher/cipher.c
+++ b/src/crypto/cipher/cipher.c
@@ -64,6 +64,7 @@
#include <openssl/nid.h>
#include "internal.h"
+#include "../internal.h"
const EVP_CIPHER *EVP_get_cipherbynid(int nid) {
@@ -88,7 +89,7 @@
}
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
}
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) {
@@ -108,7 +109,7 @@
}
OPENSSL_free(c->cipher_data);
- memset(c, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(c, 0, sizeof(EVP_CIPHER_CTX));
return 1;
}
@@ -126,7 +127,7 @@
}
EVP_CIPHER_CTX_cleanup(out);
- memcpy(out, in, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memcpy(out, in, sizeof(EVP_CIPHER_CTX));
if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+ OPENSSL_memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
}
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
@@ -210,9 +211,9 @@
case EVP_CIPH_CBC_MODE:
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
if (iv) {
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
case EVP_CIPH_CTR_MODE:
@@ -220,7 +221,7 @@
ctx->num = 0;
/* Don't reuse IV for CTR mode */
if (iv) {
- memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
break;
@@ -285,13 +286,13 @@
assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
if (bl - i > in_len) {
- memcpy(&ctx->buf[i], in, in_len);
+ OPENSSL_memcpy(&ctx->buf[i], in, in_len);
ctx->buf_len += in_len;
*out_len = 0;
return 1;
} else {
j = bl - i;
- memcpy(&ctx->buf[i], in, j);
+ OPENSSL_memcpy(&ctx->buf[i], in, j);
if (!ctx->cipher->cipher(ctx, out, ctx->buf, bl)) {
return 0;
}
@@ -314,7 +315,7 @@
}
if (i != 0) {
- memcpy(ctx->buf, &in[in_len], i);
+ OPENSSL_memcpy(ctx->buf, &in[in_len], i);
}
ctx->buf_len = i;
return 1;
@@ -393,7 +394,7 @@
assert(b <= sizeof(ctx->final));
if (ctx->final_used) {
- memcpy(out, ctx->final, b);
+ OPENSSL_memcpy(out, ctx->final, b);
out += b;
fix_len = 1;
} else {
@@ -409,7 +410,7 @@
if (b > 1 && !ctx->buf_len) {
*out_len -= b;
ctx->final_used = 1;
- memcpy(ctx->final, &out[*out_len], b);
+ OPENSSL_memcpy(ctx->final, &out[*out_len], b);
} else {
ctx->final_used = 0;
}
diff --git a/src/crypto/cipher/e_aes.c b/src/crypto/cipher/e_aes.c
index f99022f..0e9a7cd 100644
--- a/src/crypto/cipher/e_aes.c
+++ b/src/crypto/cipher/e_aes.c
@@ -479,7 +479,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -545,7 +545,7 @@
if (arg <= 0 || arg > 16 || c->encrypt) {
return 0;
}
- memcpy(c->buf, ptr, arg);
+ OPENSSL_memcpy(c->buf, ptr, arg);
gctx->taglen = arg;
return 1;
@@ -553,13 +553,13 @@
if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) {
return 0;
}
- memcpy(ptr, c->buf, arg);
+ OPENSSL_memcpy(ptr, c->buf, arg);
return 1;
case EVP_CTRL_GCM_SET_IV_FIXED:
/* Special case: -1 length restores whole IV */
if (arg == -1) {
- memcpy(gctx->iv, ptr, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, ptr, gctx->ivlen);
gctx->iv_gen = 1;
return 1;
}
@@ -569,7 +569,7 @@
return 0;
}
if (arg) {
- memcpy(gctx->iv, ptr, arg);
+ OPENSSL_memcpy(gctx->iv, ptr, arg);
}
if (c->encrypt && !RAND_bytes(gctx->iv + arg, gctx->ivlen - arg)) {
return 0;
@@ -585,7 +585,7 @@
if (arg <= 0 || arg > gctx->ivlen) {
arg = gctx->ivlen;
}
- memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+ OPENSSL_memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
/* Invocation field will be at least 8 bytes in size and
* so no need to check wrap around or increment more than
* last 8 bytes. */
@@ -597,7 +597,7 @@
if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) {
return 0;
}
- memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+ OPENSSL_memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, gctx->iv, gctx->ivlen);
gctx->iv_set = 1;
return 1;
@@ -612,7 +612,7 @@
if (!gctx_out->iv) {
return 0;
}
- memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
}
return 1;
}
@@ -860,7 +860,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -1073,7 +1073,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (ad_len > 0 && !CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1120,7 +1120,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (!CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1198,8 +1198,8 @@
const uint8_t hmac_key[32]) {
static const size_t hmac_key_len = 32;
uint8_t block[SHA256_CBLOCK];
- memcpy(block, hmac_key, hmac_key_len);
- memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
+ OPENSSL_memcpy(block, hmac_key, hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
unsigned i;
for (i = 0; i < hmac_key_len; i++) {
@@ -1209,7 +1209,7 @@
SHA256_Init(out_inner);
SHA256_Update(out_inner, block, sizeof(block));
- memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
for (i = 0; i < hmac_key_len; i++) {
block[i] ^= (0x36 ^ 0x5c);
}
@@ -1284,7 +1284,7 @@
const uint8_t *nonce, const uint8_t *ciphertext,
size_t ciphertext_len) {
SHA256_CTX sha256;
- memcpy(&sha256, inner_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, inner_init_state, sizeof(sha256));
hmac_update_uint64(&sha256, ad_len);
hmac_update_uint64(&sha256, ciphertext_len);
SHA256_Update(&sha256, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
@@ -1297,7 +1297,7 @@
SHA256_CBLOCK)) %
SHA256_CBLOCK;
uint8_t padding[SHA256_CBLOCK];
- memset(padding, 0, num_padding);
+ OPENSSL_memset(padding, 0, num_padding);
SHA256_Update(&sha256, padding, num_padding);
SHA256_Update(&sha256, ciphertext, ciphertext_len);
@@ -1305,7 +1305,7 @@
uint8_t inner_digest[SHA256_DIGEST_LENGTH];
SHA256_Final(inner_digest, &sha256);
- memcpy(&sha256, outer_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, outer_init_state, sizeof(sha256));
SHA256_Update(&sha256, inner_digest, sizeof(inner_digest));
SHA256_Final(out, &sha256);
}
@@ -1317,11 +1317,11 @@
* bytes is pointless. However, |CRYPTO_ctr128_encrypt| requires it. */
uint8_t partial_block_buffer[AES_BLOCK_SIZE];
unsigned partial_block_offset = 0;
- memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
+ OPENSSL_memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
uint8_t counter[AES_BLOCK_SIZE];
- memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
- memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
+ OPENSSL_memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
+ OPENSSL_memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
if (aes_ctx->ctr) {
CRYPTO_ctr128_encrypt_ctr32(in, out, len, &aes_ctx->ks.ks, counter,
@@ -1364,7 +1364,7 @@
uint8_t hmac_result[SHA256_DIGEST_LENGTH];
hmac_calculate(hmac_result, &aes_ctx->inner_init_state,
&aes_ctx->outer_init_state, ad, ad_len, nonce, out, in_len);
- memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
*out_len = in_len + aes_ctx->tag_len;
return 1;
@@ -1482,7 +1482,7 @@
if (gcm_siv_ctx == NULL) {
return 0;
}
- memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
+ OPENSSL_memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
if (aesni_capable()) {
aesni_set_encrypt_key(key, key_len * 8, &gcm_siv_ctx->ks.ks);
@@ -1525,7 +1525,7 @@
uint8_t c[16];
} counter;
- memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
+ OPENSSL_memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
counter.c[15] |= 0x80;
for (size_t done = 0; done < in_len;) {
@@ -1558,15 +1558,15 @@
uint8_t scratch[16];
if (ad_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, in, in_len & ~15);
if (in_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &in[in_len & ~15], in_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &in[in_len & ~15], in_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
@@ -1655,7 +1655,7 @@
gcm_siv_crypt(out, in, in_len, tag, keys.enc_block, &keys.enc_key.ks);
- memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
+ OPENSSL_memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
*out_len = in_len + EVP_AEAD_AES_GCM_SIV_TAG_LEN;
return 1;
diff --git a/src/crypto/cipher/e_chacha20poly1305.c b/src/crypto/cipher/e_chacha20poly1305.c
index 9c80ba1..ed0d74c 100644
--- a/src/crypto/cipher/e_chacha20poly1305.c
+++ b/src/crypto/cipher/e_chacha20poly1305.c
@@ -55,7 +55,7 @@
return 0;
}
- memcpy(c20_ctx->key, key, key_len);
+ OPENSSL_memcpy(c20_ctx->key, key, key_len);
c20_ctx->tag_len = tag_len;
ctx->aead_state = c20_ctx;
@@ -94,7 +94,7 @@
size_t ad_len, const uint8_t *ciphertext,
size_t ciphertext_len) {
alignas(16) uint8_t poly1305_key[32];
- memset(poly1305_key, 0, sizeof(poly1305_key));
+ OPENSSL_memset(poly1305_key, 0, sizeof(poly1305_key));
CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
c20_ctx->key, nonce, 0);
poly1305_state ctx;
@@ -137,7 +137,7 @@
alignas(16) uint8_t tag[POLY1305_TAG_LEN];
aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, out, in_len);
- memcpy(out + in_len, tag, c20_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, tag, c20_ctx->tag_len);
*out_len = in_len + c20_ctx->tag_len;
return 1;
}
@@ -261,8 +261,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return seal_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
@@ -276,8 +276,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return open_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
diff --git a/src/crypto/cipher/e_null.c b/src/crypto/cipher/e_null.c
index 3d6a24c..9f89308 100644
--- a/src/crypto/cipher/e_null.c
+++ b/src/crypto/cipher/e_null.c
@@ -60,6 +60,7 @@
#include <openssl/nid.h>
+#include "../internal.h"
#include "internal.h"
@@ -71,7 +72,7 @@
static int null_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t in_len) {
if (in != out) {
- memcpy(out, in, in_len);
+ OPENSSL_memcpy(out, in, in_len);
}
return 1;
}
diff --git a/src/crypto/cipher/e_ssl3.c b/src/crypto/cipher/e_ssl3.c
index ef87594..f1dad2b 100644
--- a/src/crypto/cipher/e_ssl3.c
+++ b/src/crypto/cipher/e_ssl3.c
@@ -25,6 +25,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
typedef struct {
@@ -49,7 +50,7 @@
uint8_t pad[48];
uint8_t tmp[EVP_MAX_MD_SIZE];
- memset(pad, 0x36, pad_len);
+ OPENSSL_memset(pad, 0x36, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, ad, ad_len) ||
@@ -60,7 +61,7 @@
return 0;
}
- memset(pad, 0x5c, pad_len);
+ OPENSSL_memset(pad, 0x5c, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, tmp, md_size) ||
@@ -188,7 +189,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, 0, padding_len - 1);
+ OPENSSL_memset(padding, 0, padding_len - 1);
padding[padding_len - 1] = padding_len - 1;
if (!EVP_EncryptUpdate(&ssl3_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
diff --git a/src/crypto/cipher/e_tls.c b/src/crypto/cipher/e_tls.c
index c0d18fd..7d9bbee 100644
--- a/src/crypto/cipher/e_tls.c
+++ b/src/crypto/cipher/e_tls.c
@@ -80,7 +80,7 @@
EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx);
HMAC_CTX_init(&tls_ctx->hmac_ctx);
assert(mac_key_len <= EVP_MAX_MD_SIZE);
- memcpy(tls_ctx->mac_key, key, mac_key_len);
+ OPENSSL_memcpy(tls_ctx->mac_key, key, mac_key_len);
tls_ctx->mac_key_len = (uint8_t)mac_key_len;
tls_ctx->implicit_iv = implicit_iv;
@@ -182,7 +182,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, padding_len - 1, padding_len);
+ OPENSSL_memset(padding, padding_len - 1, padding_len);
if (!EVP_EncryptUpdate(&tls_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
return 0;
@@ -288,7 +288,7 @@
/* To allow for CBC mode which changes cipher length, |ad| doesn't include the
* length for legacy ciphers. */
uint8_t ad_fixed[13];
- memcpy(ad_fixed, ad, 11);
+ OPENSSL_memcpy(ad_fixed, ad, 11);
ad_fixed[11] = (uint8_t)(data_len >> 8);
ad_fixed[12] = (uint8_t)(data_len & 0xff);
ad_len += 2;
diff --git a/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt b/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
index a929b59..faf97c1 100644
--- a/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
+++ b/src/crypto/cipher/test/aes_128_gcm_siv_tests.txt
@@ -234,3 +234,12 @@
AD: 0100000000000000000000000000000002000000
CT: b26d43ae158316ac37f41579ccf1d461274e
TAG: 13b7c01d08dd6969d51d1bf0fbbdc4d2
+
+# Sample large random test vector.
+
+KEY: ee0f62a965fa640d1c95d79b215dca71
+NONCE: 7df5a22c91e6b6f37594dfef54847bd9
+IN: 5d90037e677666fbc0215305096301d852609e1380992d8c2e3594344a7f9a0521fdeda53de07d3184d590667fc7151a93ba097f20c67da0b1da8c23bd05887a4b66ab50333874819035eafd775fcfa86b380968f15d8cd46483d418b2c074f0dc18407108f63abe89c5448e83d064b6544a275dd75a21dd0241dafa086beb8446f398f6c1b2b117ad6f2cdb04031640852b5e15560d39b8d9088824f728ae66b2214e4cd70f60174313a5f0286741caeb4b66d0513b63c4a1325306f79f1f79bb28ccf6448fa3160876eefd85ca03c196a3e5568b0f3c818e7cf9d661423ed6a50a6911d52217a1b81e94ba040f336e74ac71b33964c3a7d960a32c255e22fcb7dcc41b9b136815b784ce4015b61b55e305e2ab1f96d17b561eb0281476cbaec54e942a186fbf3df92358960182c3c034066364e80fa492b36d36ee68f2738220f249a69f24405fe9995dab0b0b338ee68d85f0e59870903ca9d02f32ee6a24efc85434610586470b938daa9d14206c360339f7ec50857f4e5075a29bb51720d9a6f399f7b8bd45b402b0eed8f6e427d5dd358a0c3f10a58582be8934ebd7903497cc6622a977d6045f97a58f5ed7a3470583ebf88f71150499047e4b624f8018cffaca0d5a9db7f73da2db6770c98cd628d2d6682a4c41d584f37ea0ff7e8763616a548027e29cb3ec3e02a82eab205f7af46b6c9b02a15de54fc301a9845d50396cf3826b23296c360fafbaf65e5f48c4998085d7dac07736b106a8bb1e8e69dca15464d1bf156a5f84b62170f680826dcca7bf1c126cdb70dc872a005806d423cee46ab0d84d2d8d490c8eaec8b17b12913d4856c59f5348c6956c96a32595eef8c89ee5ae99706c92e748714dae4ae45685710261cd66d3ef93ed01bb862bfeb3b4fb5074ffec5517c8845173fde2774cd3b5a25cc1dc11d833c29614b7272bf213aeb19f83603aee97a9bc43e8b88c8789c520f634028cce2b0be343e74c8c341a153a36f797f38a4ebb53589e45f1e64299fedd2e9bbdeb9ad9ab4e2eccb4bd2b57000a5d7b064e6b6fb5cb9c743d6afe697bac549ade238c7a3a094e799e9c7e6cef6e6d4b8c8f1d862bc8ab9b96238c7d5393b2f684c5b4826df6c5f48cadb43fd6d6cb189ca56125bfee9dd44d22a2e28d7a9e63565321c9ecad96b3ae7376c984c44cab978002ff78d947230fe15918b3a73232ff5c05586c4b0e2e0d737be6abef80414b008ad2deea1944a4248f02063500a9276217ceabeca39ec4d6af647395a9c91401dcbe8f9645ef97eca5624029f942cc9979fd31636d65ed181a65763c5c16e65f8673a3cc6143ede8144d894559dedfac3000e8d86590b0ced25dd8666d71f237fd3511d7f8a20dbb4e95e3aca9807a2351bf705a7eec5a80f2b390ef9df496c5cd7ca9f5d8846df291025beb9781c793613efe7798
+AD: 4b7531e0a946b20c80f70dea4d437833f3dd26ae6f6dc37b7b99e82122acf2b7975f6d8efcb7ec4c6ff3c0ce4a5864adba0e658aeb8d9b839f3509f033827bc69a1ab080a0a1cc63559b00a3a259c53c145b0282f5e56930fc35b11c83b6564f2e80f186c2ef2e8886641fe6c4966dc9f86c567e73902d1a8fc33be1551e8359aa585bd2b8da83c0cd78a086cdebf8904d1b66a2fee176fa19714f062b752653d75a0e441ff7fba0c5a0cb6ded48f68b38af82faa985f9d97ba3c0978e1d23d8eb8899072fbec9379ca5f2b91293cb57eac81a6d711f9cccb36ff16b0de86d27d62e136ddbc1a2be38d5a1284e4620f4f9ab1f16729630e16dd2901f24f5ad6e
+CT: 1b5a273ee4e1f87516bb711bd97c559fd5139286d90d3f64813f88c697ff448c7ce57ff3a2b70479c0f904f0c6de92234ef72b4ad62038a32108804042e07ad94e49a327bd28f1c49786c2b1537392c582031f52e3bd27336dab9d237ce47ffd0c8002b60b1055226cf28c6d99be0e4f75afb72c6953ffa0b033f74304efe19601d34dfda29874efdc9ebfa74c9d55c7273561c46b7cd4d631ab05ca7172111c13f0703ff9cec063988b7bf1bd9557b8d8a914162d2f31113f1682e951acaba4a314aabf901bdc5117184109fca1cecfe552f2e7d003eab51ceb992c2bb11245e1cd7e230398a3d18bab59c9acf033bde779166bfd3f98792902f84e4ef32cf5f410af2cec9cbe67ebb28f3fceb497abf4b1c240cab4852d840de9dec20f0e21853be6227784beee276ea3a4c6092654f7d62af614e5ea976791195415befa1f4a9d77c35a84b0d54b5eb1e00f55bbafac209468532b18d020e16798256aab9ea3989d876822cc68135ee103169962965a9383b2cff70213f9c52bcf2441e7b8ec07bee0c225be5353bcfe6d9ff546d30889813a13e1e966028dd80ec096202a26e478278af8b15bcf29137d536658d51293c6cfecde110e5b17ec39ce5317db5a03a1919f52f89ceeec0b5f48875e9692501b34303110e52ef4ea96d98cc28ab6e9ca24a8bb124629ac480b06fa8321b5712f2ae22e750848404ac20232716e195b343adebb52234cbc002c602574a7fbad638c1a7201eb38d4404b3d672119617e1190402b57568ee1e776ba18087164ddfbbf77f26ae5ee229ef101f10306f6449920b08d4e46bb2039d4777319547d7b4ef32e61c3cc897bc36cc2d5983c63e38814276a28125468112b646b877bbe2d206e578a8fd402be6d963b1d79c8b14dbca801bb92d7217cb7375d5e126702270158c89db653f1ee34e1c1ca066fe854532a36b74d36d9bc077506349a4cb8143dca1be3241f64cdc410c4d362982500aeea2a12172ccac996a333a2bff5393e0be9bcb93ca0fd62a22f0f72618325e233b42214ce8683c57dcf3113edbc5102e84b265aa031e26ec5fa18b1a7fa72358072d47b85e045cd52541e49b94d74fb21bb19725675c0d014ca8f8219c26cb8158f5d84b2cafb0474b2b39cb7f21c3320b5cbd57cff7133243a462e492de6340ee7d60ef888d639ca50380529f09b9eb279c49ad04662b7ec4f579fcec011790f18b2c0ad081eaf2be13d6f6a5969db46d56df9daea2cb332e719135109fd1d7caa84af315c0054f37177312c01a9f3f05a6e9bca719f906d1e8af7fdc24a3677c922f435e6e4c069073ea779c2b74c98f9374f5a38961a4354e74803f0f4042b91fb82a0c593c13f9ff720a70136d0b108acdb762a08f98a222f48c2858c0cc9a27edc9e79fe0f71ebe2940c60a279476975926eab478685ebf8a74705
+TAG: 6f5223329c07cbf6b038d307cbb8a719
diff --git a/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt b/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
index cd38e23..b7a9efe 100644
--- a/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
+++ b/src/crypto/cipher/test/aes_256_gcm_siv_tests.txt
@@ -224,3 +224,12 @@
AD: 0100000000000000000000000000000002000000
CT: c6d3d28704bf20067d62e1a3872d40dda44b
TAG: 6ac0135a4379dbc67967ff55fd4d1f2f
+
+# Sample large random test vector.
+
+KEY: 83475d5042f8baedf4ca779088abfab17d35416a767d8c42c2a650cc597e5004
+NONCE: 7df5a22c91e6b6f37594dfef54847bd9
+IN: 5d90037e677666fbc0215305096301d852609e1380992d8c2e3594344a7f9a0521fdeda53de07d3184d590667fc7151a93ba097f20c67da0b1da8c23bd05887a4b66ab50333874819035eafd775fcfa86b380968f15d8cd46483d418b2c074f0dc18407108f63abe89c5448e83d064b6544a275dd75a21dd0241dafa086beb8446f398f6c1b2b117ad6f2cdb04031640852b5e15560d39b8d9088824f728ae66b2214e4cd70f60174313a5f0286741caeb4b66d0513b63c4a1325306f79f1f79bb28ccf6448fa3160876eefd85ca03c196a3e5568b0f3c818e7cf9d661423ed6a50a6911d52217a1b81e94ba040f336e74ac71b33964c3a7d960a32c255e22fcb7dcc41b9b136815b784ce4015b61b55e305e2ab1f96d17b561eb0281476cbaec54e942a186fbf3df92358960182c3c034066364e80fa492b36d36ee68f2738220f249a69f24405fe9995dab0b0b338ee68d85f0e59870903ca9d02f32ee6a24efc85434610586470b938daa9d14206c360339f7ec50857f4e5075a29bb51720d9a6f399f7b8bd45b402b0eed8f6e427d5dd358a0c3f10a58582be8934ebd7903497cc6622a977d6045f97a58f5ed7a3470583ebf88f71150499047e4b624f8018cffaca0d5a9db7f73da2db6770c98cd628d2d6682a4c41d584f37ea0ff7e8763616a548027e29cb3ec3e02a82eab205f7af46b6c9b02a15de54fc301a9845d50396cf3826b23296c360fafbaf65e5f48c4998085d7dac07736b106a8bb1e8e69dca15464d1bf156a5f84b62170f680826dcca7bf1c126cdb70dc872a005806d423cee46ab0d84d2d8d490c8eaec8b17b12913d4856c59f5348c6956c96a32595eef8c89ee5ae99706c92e748714dae4ae45685710261cd66d3ef93ed01bb862bfeb3b4fb5074ffec5517c8845173fde2774cd3b5a25cc1dc11d833c29614b7272bf213aeb19f83603aee97a9bc43e8b88c8789c520f634028cce2b0be343e74c8c341a153a36f797f38a4ebb53589e45f1e64299fedd2e9bbdeb9ad9ab4e2eccb4bd2b57000a5d7b064e6b6fb5cb9c743d6afe697bac549ade238c7a3a094e799e9c7e6cef6e6d4b8c8f1d862bc8ab9b96238c7d5393b2f684c5b4826df6c5f48cadb43fd6d6cb189ca56125bfee9dd44d22a2e28d7a9e63565321c9ecad96b3ae7376c984c44cab978002ff78d947230fe15918b3a73232ff5c05586c4b0e2e0d737be6abef80414b008ad2deea1944a4248f02063500a9276217ceabeca39ec4d6af647395a9c91401dcbe8f9645ef97eca5624029f942cc9979fd31636d65ed181a65763c5c16e65f8673a3cc6143ede8144d894559dedfac3000e8d86590b0ced25dd8666d71f237fd3511d7f8a20dbb4e95e3aca9807a2351bf705a7eec5a80f2b390ef9df496c5cd7ca9f5d8846df291025beb9781c793613efe7798
+AD: 4b7531e0a946b20c80f70dea4d437833f3dd26ae6f6dc37b7b99e82122acf2b7975f6d8efcb7ec4c6ff3c0ce4a5864adba0e658aeb8d9b839f3509f033827bc69a1ab080a0a1cc63559b00a3a259c53c145b0282f5e56930fc35b11c83b6564f2e80f186c2ef2e8886641fe6c4966dc9f86c567e73902d1a8fc33be1551e8359aa585bd2b8da83c0cd78a086cdebf8904d1b66a2fee176fa19714f062b752653d75a0e441ff7fba0c5a0cb6ded48f68b38af82faa985f9d97ba3c0978e1d23d8eb8899072fbec9379ca5f2b91293cb57eac81a6d711f9cccb36ff16b0de86d27d62e136ddbc1a2be38d5a1284e4620f4f9ab1f16729630e16dd2901f24f5ad6e
+CT: 30b73374cc093ffaad4be2088142b08ed1b0d2914f96d90e0279aeb3a6547807b9b3bbfe2cd880e8f3a9f3b6e42da1ef53d78a6c63da686498b61523ac4c82caa01d31afe1ec00e80349df969684b060299aa86e4b7a38c643987889eab5a0a0996d18b2350439c7162d566dbb0d55f0f50a81d982df5e2047a23800a418b5adf42d8ff26cfd961527347439e76fbb2c2da08c1dd1a5fddf149d47eaf571498e23c3104c6b2dffb8e5d5e5f90e50eae9146f48b19a6e2d49cd170654a0041096f4f57aff5054dbf784e7748b3ddfdb9c447ed86681bcfb8055407fcec320990609089c3b51845f8e9bcb21382421a2f8634e1ad8739795202ade68aa47ab10026031cb3bfd94adc70702c31760753af4a2bb852581519e91cce5b1e0e49d028a1a03b915917d1011a4a7c04b46e1d8434663aa9473d1ad135966ab18145caf825f4a04d47b953989e188d21ec9f3858623fe16c413d2caa73761ec9dab8bf4e6dcdb997a503168487b67d1b3a9768a1887c292b9f39d40a404b8ffd011150490ed2e751ccbe4f7661785d8c5b778a21aa7e6efc132afe81765cc4ef32b5959e19ca97a4c37601257b8484fab234760242db6fd140ed1cfaff1d11cfad836171b42a164671c178164bbdb14815376f4eed1fbbb95f8e4614ff23de5cc9a0642a228d6bce19fbeea0e661b14696c6eb4aca97ac2cbe838578e7033703e2b551f7ef5dae4a68cdc58daac41eddc07b38ea7c4de1262ce04fb16f75870bbf41c95acbce6eb86dc3452a0d177aef3bc1e39878788d4a2680feb5d888debe62ec64fd72290c0cf8b9105c365c7305d994b28a2b32b88fdd11c3879dc1e005d6a2aa99daa926b18338f0980cdf0d8275e190bb9b8da9a63ff332bb5f5b654414a110b9d6128d0984d015c2a0a100985733fd400be0829f57e72655bfcd10c20341cd24cad0705647363ec0a3d678f30f7a1e85bc1a2dd133fcef5f25852eb6d81d7b4b531aff4e655285375f1b1ceee0d58a63f85f21f6525e3ad43f76a8fef16c785047778e1eccfe8e3c7cb34f2e037a61e3f01af88874b30911df60664e5ca65d6836166ff796e6b710af474add57957c2139b24257bcee287090f1ca1f91c95cc2c9348689aa7b95dfcedb02e68e38c1cd75ef966f0d33c4e09c40e2e58d30f6d0771d11debf01e57f342f3fffa34a1ed2bf10035c1607f3fd79423c0164dd6c171d8046edaed9b7b2a75bc11e1e8417c4550795aab6f106a95b5dda022e512269e8b2937b1d5601cfec1dba8b763707b97bc786ac94e38cd368cadeb1b48a3e068b614fc7b06430db80d46889027ca3d228d87c6eb00531e8d913734e3af987b104d052bbd63564184cd9dc803e6948d70575c9606a704245ef6136f707ddba8a00f288199867774c6e7487311c29aada3f607fc904f88be90cae49789a5163a4c
+TAG: 37db916a9c13afd36e39ce5d01665067
diff --git a/src/crypto/cipher/tls_cbc.c b/src/crypto/cipher/tls_cbc.c
index eb56604..52880b0 100644
--- a/src/crypto/cipher/tls_cbc.c
+++ b/src/crypto/cipher/tls_cbc.c
@@ -148,7 +148,7 @@
unsigned rotate_offset = 0;
uint8_t mac_started = 0;
- memset(rotated_mac, 0, md_size);
+ OPENSSL_memset(rotated_mac, 0, md_size);
for (unsigned i = scan_start, j = 0; i < orig_len; i++, j++) {
if (j >= md_size) {
j -= md_size;
@@ -184,7 +184,7 @@
rotated_mac_tmp = tmp;
}
- memcpy(out, rotated_mac, md_size);
+ OPENSSL_memcpy(out, rotated_mac, md_size);
}
/* u32toBE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
@@ -382,16 +382,16 @@
/* Compute the initial HMAC block. */
bits += 8 * md_block_size;
- memset(hmac_pad, 0, md_block_size);
+ OPENSSL_memset(hmac_pad, 0, md_block_size);
assert(mac_secret_length <= sizeof(hmac_pad));
- memcpy(hmac_pad, mac_secret, mac_secret_length);
+ OPENSSL_memcpy(hmac_pad, mac_secret, mac_secret_length);
for (i = 0; i < md_block_size; i++) {
hmac_pad[i] ^= 0x36;
}
md_transform(md_state.c, hmac_pad);
- memset(length_bytes, 0, md_length_size - 4);
+ OPENSSL_memset(length_bytes, 0, md_length_size - 4);
length_bytes[md_length_size - 4] = (uint8_t)(bits >> 24);
length_bytes[md_length_size - 3] = (uint8_t)(bits >> 16);
length_bytes[md_length_size - 2] = (uint8_t)(bits >> 8);
@@ -399,15 +399,15 @@
if (k > 0) {
/* k is a multiple of md_block_size. */
- memcpy(first_block, header, 13);
- memcpy(first_block + 13, data, md_block_size - 13);
+ OPENSSL_memcpy(first_block, header, 13);
+ OPENSSL_memcpy(first_block + 13, data, md_block_size - 13);
md_transform(md_state.c, first_block);
for (i = 1; i < k / md_block_size; i++) {
md_transform(md_state.c, data + md_block_size * i - 13);
}
}
- memset(mac_out, 0, sizeof(mac_out));
+ OPENSSL_memset(mac_out, 0, sizeof(mac_out));
/* We now process the final hash blocks. For each block, we construct
* it in constant time. If the |i==index_a| then we'll include the 0x80
diff --git a/src/crypto/cmac/cmac.c b/src/crypto/cmac/cmac.c
index fa4c3c4..a9a527d 100644
--- a/src/crypto/cmac/cmac.c
+++ b/src/crypto/cmac/cmac.c
@@ -55,6 +55,8 @@
#include <openssl/cipher.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct cmac_ctx_st {
EVP_CIPHER_CTX cipher_ctx;
@@ -176,7 +178,7 @@
todo = in_len;
}
- memcpy(ctx->block + ctx->block_used, in, todo);
+ OPENSSL_memcpy(ctx->block + ctx->block_used, in, todo);
in += todo;
in_len -= todo;
ctx->block_used += todo;
@@ -206,7 +208,7 @@
in_len -= AES_BLOCK_SIZE;
}
- memcpy(ctx->block, in, in_len);
+ OPENSSL_memcpy(ctx->block, in, in_len);
ctx->block_used = in_len;
return 1;
@@ -224,8 +226,8 @@
/* If the last block is incomplete, terminate it with a single 'one' bit
* followed by zeros. */
ctx->block[ctx->block_used] = 0x80;
- memset(ctx->block + ctx->block_used + 1, 0,
- AES_BLOCK_SIZE - (ctx->block_used + 1));
+ OPENSSL_memset(ctx->block + ctx->block_used + 1, 0,
+ AES_BLOCK_SIZE - (ctx->block_used + 1));
mask = ctx->k2;
}
diff --git a/src/crypto/conf/conf.c b/src/crypto/conf/conf.c
index 96a534a..5b51d22 100644
--- a/src/crypto/conf/conf.c
+++ b/src/crypto/conf/conf.c
@@ -66,6 +66,7 @@
#include "conf_def.h"
#include "internal.h"
+#include "../internal.h"
static uint32_t conf_value_hash(const CONF_VALUE *v) {
@@ -118,7 +119,7 @@
OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(v, 0, sizeof(CONF_VALUE));
+ OPENSSL_memset(v, 0, sizeof(CONF_VALUE));
return v;
}
@@ -353,7 +354,7 @@
static CONF_VALUE *get_section(const CONF *conf, const char *section) {
CONF_VALUE template;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
return lh_CONF_VALUE_retrieve(conf->data, &template);
}
@@ -370,7 +371,7 @@
const char *name) {
CONF_VALUE template, *value;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
template.name = (char *) name;
value = lh_CONF_VALUE_retrieve(conf->data, &template);
diff --git a/src/crypto/constant_time_test.c b/src/crypto/constant_time_test.cc
similarity index 100%
rename from src/crypto/constant_time_test.c
rename to src/crypto/constant_time_test.cc
diff --git a/src/crypto/cpu-arm-linux.c b/src/crypto/cpu-arm-linux.c
index 73c38ec..95bb5ee 100644
--- a/src/crypto/cpu-arm-linux.c
+++ b/src/crypto/cpu-arm-linux.c
@@ -161,7 +161,7 @@
static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
size_t b_len = strlen(b);
- return a->len == b_len && memcmp(a->data, b, b_len) == 0;
+ return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
}
/* STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
@@ -169,7 +169,7 @@
* returns one if |sep| was found and zero otherwise. */
static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
const STRING_PIECE *in, char sep) {
- const char *p = memchr(in->data, sep, in->len);
+ const char *p = OPENSSL_memchr(in->data, sep, in->len);
if (p == NULL) {
return 0;
}
diff --git a/src/crypto/curve25519/curve25519.c b/src/crypto/curve25519/curve25519.c
index d660b6c..c91e78e 100644
--- a/src/crypto/curve25519/curve25519.c
+++ b/src/crypto/curve25519/curve25519.c
@@ -29,6 +29,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
static const int64_t kBottom25Bits = INT64_C(0x1ffffff);
@@ -204,15 +205,15 @@
/* h = f */
static void fe_copy(fe h, const fe f) {
- memmove(h, f, sizeof(int32_t) * 10);
+ OPENSSL_memmove(h, f, sizeof(int32_t) * 10);
}
/* h = 0 */
-static void fe_0(fe h) { memset(h, 0, sizeof(int32_t) * 10); }
+static void fe_0(fe h) { OPENSSL_memset(h, 0, sizeof(int32_t) * 10); }
/* h = 1 */
static void fe_1(fe h) {
- memset(h, 0, sizeof(int32_t) * 10);
+ OPENSSL_memset(h, 0, sizeof(int32_t) * 10);
h[0] = 1;
}
@@ -4662,11 +4663,11 @@
fe_neg(A.T, A.T);
uint8_t pkcopy[32];
- memcpy(pkcopy, public_key, 32);
+ OPENSSL_memcpy(pkcopy, public_key, 32);
uint8_t rcopy[32];
- memcpy(rcopy, signature, 32);
+ OPENSSL_memcpy(rcopy, signature, 32);
uint8_t scopy[32];
- memcpy(scopy, signature + 32, 32);
+ OPENSSL_memcpy(scopy, signature + 32, 32);
SHA512_CTX hash_ctx;
SHA512_Init(&hash_ctx);
@@ -4701,8 +4702,8 @@
x25519_ge_scalarmult_base(&A, az);
ge_p3_tobytes(out_public_key, &A);
- memcpy(out_private_key, seed, 32);
- memcpy(out_private_key + 32, out_public_key, 32);
+ OPENSSL_memcpy(out_private_key, seed, 32);
+ OPENSSL_memcpy(out_private_key + 32, out_public_key, 32);
}
@@ -4800,7 +4801,7 @@
fe x1, x2, z2, x3, z3, tmp0, tmp1;
uint8_t e[32];
- memcpy(e, scalar, 32);
+ OPENSSL_memcpy(e, scalar, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
@@ -4916,7 +4917,7 @@
#endif
uint8_t e[32];
- memcpy(e, private_key, 32);
+ OPENSSL_memcpy(e, private_key, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
diff --git a/src/crypto/curve25519/ed25519_test.cc b/src/crypto/curve25519/ed25519_test.cc
index 5af8ba7..7581730 100644
--- a/src/crypto/curve25519/ed25519_test.cc
+++ b/src/crypto/curve25519/ed25519_test.cc
@@ -17,6 +17,7 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -58,13 +59,13 @@
ED25519_keypair(public_key1, private_key1);
uint8_t seed[32];
- memcpy(seed, private_key1, sizeof(seed));
+ OPENSSL_memcpy(seed, private_key1, sizeof(seed));
uint8_t public_key2[32], private_key2[64];
ED25519_keypair_from_seed(public_key2, private_key2, seed);
- if (memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
- memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
+ if (OPENSSL_memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
+ OPENSSL_memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
fprintf(stderr, "TestKeypairFromSeed: resulting keypairs did not match.\n");
return false;
}
diff --git a/src/crypto/curve25519/spake25519.c b/src/crypto/curve25519/spake25519.c
index 617418c..5b794b3 100644
--- a/src/crypto/curve25519/spake25519.c
+++ b/src/crypto/curve25519/spake25519.c
@@ -22,6 +22,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
/* The following precomputation tables are for the following
@@ -291,7 +292,7 @@
return NULL;
}
- memset(ctx, 0, sizeof(SPAKE2_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(SPAKE2_CTX));
ctx->my_role = my_role;
CBS my_name_cbs, their_name_cbs;
@@ -346,7 +347,7 @@
/* Multiply by the cofactor (eight) so that we'll clear it when operating on
* the peer's point later in the protocol. */
left_shift_3(private_tmp);
- memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
+ OPENSSL_memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
ge_p3 P;
x25519_ge_scalarmult_base(&P, ctx->private_key);
@@ -354,9 +355,9 @@
/* mask = h(password) * <N or M>. */
uint8_t password_tmp[SHA512_DIGEST_LENGTH];
SHA512(password, password_len, password_tmp);
- memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
+ OPENSSL_memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
x25519_sc_reduce(password_tmp);
- memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
+ OPENSSL_memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
ge_p3 mask;
x25519_ge_scalarmult_small_precomp(&mask, ctx->password_scalar,
@@ -375,7 +376,7 @@
x25519_ge_p1p1_to_p2(&Pstar_proj, &Pstar);
x25519_ge_tobytes(ctx->my_msg, &Pstar_proj);
- memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
+ OPENSSL_memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
*out_len = sizeof(ctx->my_msg);
ctx->state = spake2_state_msg_generated;
@@ -456,7 +457,7 @@
if (to_copy > sizeof(key)) {
to_copy = sizeof(key);
}
- memcpy(out_key, key, to_copy);
+ OPENSSL_memcpy(out_key, key, to_copy);
*out_key_len = to_copy;
ctx->state = spake2_state_key_generated;
diff --git a/src/crypto/curve25519/spake25519_test.cc b/src/crypto/curve25519/spake25519_test.cc
index 363b60c..3af073d 100644
--- a/src/crypto/curve25519/spake25519_test.cc
+++ b/src/crypto/curve25519/spake25519_test.cc
@@ -20,6 +20,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
struct SPAKE2Run {
bool Run() {
@@ -71,7 +73,7 @@
}
key_matches_ = (alice_key_len == bob_key_len &&
- memcmp(alice_key, bob_key, alice_key_len) == 0);
+ OPENSSL_memcmp(alice_key, bob_key, alice_key_len) == 0);
return true;
}
diff --git a/src/crypto/curve25519/x25519-x86_64.c b/src/crypto/curve25519/x25519-x86_64.c
index 1bd86a0..9c3d414 100644
--- a/src/crypto/curve25519/x25519-x86_64.c
+++ b/src/crypto/curve25519/x25519-x86_64.c
@@ -23,6 +23,7 @@
#include <string.h>
+#include "../internal.h"
#include "internal.h"
@@ -228,7 +229,7 @@
void x25519_x86_64(uint8_t out[32], const uint8_t scalar[32],
const uint8_t point[32]) {
uint8_t e[32];
- memcpy(e, scalar, sizeof(e));
+ OPENSSL_memcpy(e, scalar, sizeof(e));
e[0] &= 248;
e[31] &= 127;
diff --git a/src/crypto/curve25519/x25519_test.cc b/src/crypto/curve25519/x25519_test.cc
index 24dfa65..b1a37d4 100644
--- a/src/crypto/curve25519/x25519_test.cc
+++ b/src/crypto/curve25519/x25519_test.cc
@@ -18,6 +18,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
static bool TestX25519() {
/* Taken from https://tools.ietf.org/html/rfc7748#section-5.2 */
@@ -40,7 +42,7 @@
0x4d, 0xf2, 0x8d, 0x08, 0x4f, 0x32, 0xec, 0xcf, 0x03, 0x49, 0x1c,
0x71, 0xf7, 0x54, 0xb4, 0x07, 0x55, 0x77, 0xa2, 0x85, 0x52,
};
- if (memcmp(kExpected1, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected1, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test one failed.\n");
return false;
}
@@ -63,7 +65,7 @@
0x5c, 0xb4, 0xb8, 0x73, 0xf8, 0x8b, 0x59, 0x5a, 0x68, 0x79, 0x9f,
0xa1, 0x52, 0xe6, 0xf8, 0xf7, 0x64, 0x7a, 0xac, 0x79, 0x57,
};
- if (memcmp(kExpected2, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected2, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test two failed.\n");
return false;
}
@@ -79,7 +81,7 @@
};
uint8_t out[32], private_key[32];
- memset(private_key, 0x11, sizeof(private_key));
+ OPENSSL_memset(private_key, 0x11, sizeof(private_key));
if (X25519(out, private_key, kSmallOrderPoint)) {
fprintf(stderr, "X25519 returned success with a small-order input.\n");
@@ -96,8 +98,8 @@
unsigned i;
for (i = 0; i < 1000; i++) {
X25519(out, scalar, point);
- memcpy(point, scalar, sizeof(point));
- memcpy(scalar, out, sizeof(scalar));
+ OPENSSL_memcpy(point, scalar, sizeof(point));
+ OPENSSL_memcpy(scalar, out, sizeof(scalar));
}
static const uint8_t kExpected[32] = {
@@ -106,7 +108,7 @@
0xe3, 0x87, 0x5f, 0x2e, 0xb9, 0x4d, 0x99, 0x53, 0x2c, 0x51,
};
- if (memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
+ if (OPENSSL_memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
fprintf(stderr, "Iterated X25519 test failed\n");
return false;
}
diff --git a/src/crypto/dh/dh.c b/src/crypto/dh/dh.c
index 7545071..69a7ec8 100644
--- a/src/crypto/dh/dh.c
+++ b/src/crypto/dh/dh.c
@@ -79,7 +79,7 @@
return NULL;
}
- memset(dh, 0, sizeof(DH));
+ OPENSSL_memset(dh, 0, sizeof(DH));
CRYPTO_MUTEX_init(&dh->method_mont_p_lock);
diff --git a/src/crypto/dh/dh_test.cc b/src/crypto/dh/dh_test.cc
index 99bb945..8165c1a 100644
--- a/src/crypto/dh/dh_test.cc
+++ b/src/crypto/dh/dh_test.cc
@@ -68,6 +68,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
static bool RunBasicTests();
static bool RunRFC5114Tests();
@@ -470,9 +472,9 @@
}
if (static_cast<size_t>(ret1) != td->Z_len ||
- memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
+ OPENSSL_memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
static_cast<size_t>(ret2) != td->Z_len ||
- memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
+ OPENSSL_memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
fprintf(stderr, "Test failed RFC5114 set %u\n", i + 1);
return false;
}
@@ -576,7 +578,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der(der);
- if (der_len != sizeof(kParams) || memcmp(der, kParams, der_len) != 0) {
+ if (der_len != sizeof(kParams) ||
+ OPENSSL_memcmp(der, kParams, der_len) != 0) {
return false;
}
@@ -618,7 +621,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der2(der);
- if (der_len != sizeof(kParamsDSA) || memcmp(der, kParamsDSA, der_len) != 0) {
+ if (der_len != sizeof(kParamsDSA) ||
+ OPENSSL_memcmp(der, kParamsDSA, der_len) != 0) {
return false;
}
@@ -653,7 +657,7 @@
uint8_t buffer[sizeof(kPrime1536)];
if (BN_num_bytes(bn.get()) != sizeof(kPrime1536) ||
BN_bn2bin(bn.get(), buffer) != sizeof(kPrime1536) ||
- memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
+ OPENSSL_memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
fprintf(stderr, "1536-bit MODP prime did not match.\n");
return false;
}
diff --git a/src/crypto/digest/digest.c b/src/crypto/digest/digest.c
index fdd9fe5..9c9962b 100644
--- a/src/crypto/digest/digest.c
+++ b/src/crypto/digest/digest.c
@@ -63,6 +63,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int EVP_MD_type(const EVP_MD *md) { return md->type; }
@@ -74,7 +75,9 @@
size_t EVP_MD_block_size(const EVP_MD *md) { return md->block_size; }
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { memset(ctx, 0, sizeof(EVP_MD_CTX)); }
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx) {
+ OPENSSL_memset(ctx, 0, sizeof(EVP_MD_CTX));
+}
EVP_MD_CTX *EVP_MD_CTX_create(void) {
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
@@ -140,7 +143,7 @@
return 0;
}
}
- memcpy(out->md_data, in->md_data, in->digest->ctx_size);
+ OPENSSL_memcpy(out->md_data, in->md_data, in->digest->ctx_size);
}
assert(in->pctx == NULL || in->pctx_ops != NULL);
diff --git a/src/crypto/digest/digest_test.cc b/src/crypto/digest/digest_test.cc
index 0d3f16e..8b29236 100644
--- a/src/crypto/digest/digest_test.cc
+++ b/src/crypto/digest/digest_test.cc
@@ -23,6 +23,7 @@
#include <openssl/err.h>
#include <openssl/md4.h>
#include <openssl/md5.h>
+#include <openssl/nid.h>
#include <openssl/sha.h>
#include "../internal.h"
@@ -235,9 +236,17 @@
}
static int TestGetters() {
- if (EVP_get_digestbyname("RSA-SHA512") == NULL ||
- EVP_get_digestbyname("sha512WithRSAEncryption") == NULL ||
- EVP_get_digestbyname("nonsense") != NULL) {
+ if (EVP_get_digestbyname("RSA-SHA512") != EVP_sha512() ||
+ EVP_get_digestbyname("sha512WithRSAEncryption") != EVP_sha512() ||
+ EVP_get_digestbyname("nonsense") != NULL ||
+ EVP_get_digestbyname("SHA512") != EVP_sha512() ||
+ EVP_get_digestbyname("sha512") != EVP_sha512()) {
+ return false;
+ }
+
+ if (EVP_get_digestbynid(NID_sha512) != EVP_sha512() ||
+ EVP_get_digestbynid(NID_sha512WithRSAEncryption) != NULL ||
+ EVP_get_digestbynid(NID_undef) != NULL) {
return false;
}
diff --git a/src/crypto/digest/digests.c b/src/crypto/digest/digests.c
index 3307f26..351e031 100644
--- a/src/crypto/digest/digests.c
+++ b/src/crypto/digest/digests.c
@@ -65,6 +65,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
#if defined(NDEBUG)
#define CHECK(x) (void) (x)
@@ -262,36 +263,41 @@
};
static const struct nid_to_digest nid_to_digest_mapping[] = {
- { NID_md4, EVP_md4, SN_md4, LN_md4 },
- { NID_md5, EVP_md5, SN_md5, LN_md5 },
- { NID_sha1, EVP_sha1, SN_sha1, LN_sha1 },
- { NID_sha224, EVP_sha224, SN_sha224, LN_sha224 },
- { NID_sha256, EVP_sha256, SN_sha256, LN_sha256 },
- { NID_sha384, EVP_sha384, SN_sha384, LN_sha384 },
- { NID_sha512, EVP_sha512, SN_sha512, LN_sha512 },
- { NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1 },
- { NID_dsaWithSHA, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA },
- { NID_dsaWithSHA1, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1 },
- { NID_ecdsa_with_SHA1, EVP_sha1, SN_ecdsa_with_SHA1, NULL },
- { NID_md5WithRSAEncryption, EVP_md5, SN_md5WithRSAEncryption,
- LN_md5WithRSAEncryption },
- { NID_sha1WithRSAEncryption, EVP_sha1, SN_sha1WithRSAEncryption,
- LN_sha1WithRSAEncryption },
- { NID_sha224WithRSAEncryption, EVP_sha224, SN_sha224WithRSAEncryption,
- LN_sha224WithRSAEncryption },
- { NID_sha256WithRSAEncryption, EVP_sha256, SN_sha256WithRSAEncryption,
- LN_sha256WithRSAEncryption },
- { NID_sha384WithRSAEncryption, EVP_sha384, SN_sha384WithRSAEncryption,
- LN_sha384WithRSAEncryption },
- { NID_sha512WithRSAEncryption, EVP_sha512, SN_sha512WithRSAEncryption,
- LN_sha512WithRSAEncryption },
+ {NID_md4, EVP_md4, SN_md4, LN_md4},
+ {NID_md5, EVP_md5, SN_md5, LN_md5},
+ {NID_sha1, EVP_sha1, SN_sha1, LN_sha1},
+ {NID_sha224, EVP_sha224, SN_sha224, LN_sha224},
+ {NID_sha256, EVP_sha256, SN_sha256, LN_sha256},
+ {NID_sha384, EVP_sha384, SN_sha384, LN_sha384},
+ {NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
+ {NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
+ /* As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
+ * hash function when given a signature OID. To avoid unintended lax parsing
+ * of hash OIDs, this is no longer supported for lookup by OID or NID.
+ * Node.js, however, exposes |EVP_get_digestbyname|'s full behavior to
+ * consumers so we retain it there. */
+ {NID_undef, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA},
+ {NID_undef, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1},
+ {NID_undef, EVP_sha1, SN_ecdsa_with_SHA1, NULL},
+ {NID_undef, EVP_md5, SN_md5WithRSAEncryption, LN_md5WithRSAEncryption},
+ {NID_undef, EVP_sha1, SN_sha1WithRSAEncryption, LN_sha1WithRSAEncryption},
+ {NID_undef, EVP_sha224, SN_sha224WithRSAEncryption,
+ LN_sha224WithRSAEncryption},
+ {NID_undef, EVP_sha256, SN_sha256WithRSAEncryption,
+ LN_sha256WithRSAEncryption},
+ {NID_undef, EVP_sha384, SN_sha384WithRSAEncryption,
+ LN_sha384WithRSAEncryption},
+ {NID_undef, EVP_sha512, SN_sha512WithRSAEncryption,
+ LN_sha512WithRSAEncryption},
};
const EVP_MD* EVP_get_digestbynid(int nid) {
- unsigned i;
+ if (nid == NID_undef) {
+ /* Skip the |NID_undef| entries in |nid_to_digest_mapping|. */
+ return NULL;
+ }
- for (i = 0; i < sizeof(nid_to_digest_mapping) / sizeof(struct nid_to_digest);
- i++) {
+ for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
if (nid_to_digest_mapping[i].nid == nid) {
return nid_to_digest_mapping[i].md_func();
}
@@ -305,10 +311,7 @@
}
const EVP_MD *EVP_get_digestbyname(const char *name) {
- unsigned i;
-
- for (i = 0; i < sizeof(nid_to_digest_mapping) / sizeof(struct nid_to_digest);
- i++) {
+ for (unsigned i = 0; i < OPENSSL_ARRAY_SIZE(nid_to_digest_mapping); i++) {
const char *short_name = nid_to_digest_mapping[i].short_name;
const char *long_name = nid_to_digest_mapping[i].long_name;
if ((short_name && strcmp(short_name, name) == 0) ||
diff --git a/src/crypto/digest/md32_common.h b/src/crypto/digest/md32_common.h
index 818eb63..45fe939 100644
--- a/src/crypto/digest/md32_common.h
+++ b/src/crypto/digest/md32_common.h
@@ -53,6 +53,8 @@
#include <assert.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -194,16 +196,16 @@
size_t n = c->num;
if (n != 0) {
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
- memcpy(c->data + n, data, HASH_CBLOCK - n);
+ OPENSSL_memcpy(c->data + n, data, HASH_CBLOCK - n);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
n = HASH_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
/* Keep |c->data| zeroed when unused. */
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
} else {
- memcpy(c->data + n, data, len);
+ OPENSSL_memcpy(c->data + n, data, len);
c->num += (unsigned)len;
return 1;
}
@@ -219,7 +221,7 @@
if (len != 0) {
c->num = (unsigned)len;
- memcpy(c->data, data, len);
+ OPENSSL_memcpy(c->data, data, len);
}
return 1;
}
@@ -240,11 +242,11 @@
/* Fill the block with zeros if there isn't room for a 64-bit length. */
if (n > (HASH_CBLOCK - 8)) {
- memset(c->data + n, 0, HASH_CBLOCK - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - n);
n = 0;
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
}
- memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
/* Append a 64-bit length to the block and process it. */
uint8_t *p = c->data + HASH_CBLOCK - 8;
@@ -258,7 +260,7 @@
assert(p == c->data + HASH_CBLOCK);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
c->num = 0;
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
HASH_MAKE_STRING(c, md);
return 1;
diff --git a/src/crypto/dsa/CMakeLists.txt b/src/crypto/dsa/CMakeLists.txt
index de36565..4d66136 100644
--- a/src/crypto/dsa/CMakeLists.txt
+++ b/src/crypto/dsa/CMakeLists.txt
@@ -12,7 +12,7 @@
add_executable(
dsa_test
- dsa_test.c
+ dsa_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/dsa/dsa.c b/src/crypto/dsa/dsa.c
index 3e5894a..15583be 100644
--- a/src/crypto/dsa/dsa.c
+++ b/src/crypto/dsa/dsa.c
@@ -72,6 +72,7 @@
#include <openssl/sha.h>
#include <openssl/thread.h>
+#include "../bn/internal.h"
#include "../internal.h"
@@ -90,7 +91,7 @@
return NULL;
}
- memset(dsa, 0, sizeof(DSA));
+ OPENSSL_memset(dsa, 0, sizeof(DSA));
dsa->references = 1;
@@ -188,7 +189,7 @@
/* Only consume as much seed as is expected. */
seed_len = qsize;
}
- memcpy(seed, seed_in, seed_len);
+ OPENSSL_memcpy(seed, seed_in, seed_len);
}
ctx = BN_CTX_new();
@@ -232,8 +233,8 @@
/* If we come back through, use random seed next time. */
seed_in = NULL;
}
- memcpy(buf, seed, qsize);
- memcpy(buf2, seed, qsize);
+ OPENSSL_memcpy(buf, seed, qsize);
+ OPENSSL_memcpy(buf2, seed, qsize);
/* precompute "SEED + 1" for step 7: */
for (i = qsize - 1; i < qsize; i--) {
buf[i]++;
@@ -763,7 +764,8 @@
/* Ensure that the signature uses DER and doesn't have trailing garbage. */
int der_len = i2d_DSA_SIG(s, &der);
- if (der_len < 0 || (size_t)der_len != sig_len || memcmp(sig, der, sig_len)) {
+ if (der_len < 0 || (size_t)der_len != sig_len ||
+ OPENSSL_memcmp(sig, der, sig_len)) {
goto err;
}
@@ -813,7 +815,7 @@
int DSA_sign_setup(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **out_kinv,
BIGNUM **out_r) {
BN_CTX *ctx;
- BIGNUM k, kq, qm2, *kinv = NULL, *r = NULL;
+ BIGNUM k, kq, *kinv = NULL, *r = NULL;
int ret = 0;
if (!dsa->p || !dsa->q || !dsa->g) {
@@ -823,7 +825,6 @@
BN_init(&k);
BN_init(&kq);
- BN_init(&qm2);
ctx = ctx_in;
if (ctx == NULL) {
@@ -885,9 +886,7 @@
* Theorem. */
kinv = BN_new();
if (kinv == NULL ||
- !BN_set_word(&qm2, 2) ||
- !BN_sub(&qm2, dsa->q, &qm2) ||
- !BN_mod_exp_mont(kinv, &k, &qm2, dsa->q, ctx, dsa->method_mont_q)) {
+ !bn_mod_inverse_prime(kinv, &k, dsa->q, ctx, dsa->method_mont_q)) {
goto err;
}
@@ -911,7 +910,7 @@
}
BN_clear_free(&k);
BN_clear_free(&kq);
- BN_free(&qm2);
+ BN_clear_free(kinv);
return ret;
}
diff --git a/src/crypto/dsa/dsa_test.c b/src/crypto/dsa/dsa_test.cc
similarity index 78%
rename from src/crypto/dsa/dsa_test.c
rename to src/crypto/dsa/dsa_test.cc
index 6296c8f..5fee6aa 100644
--- a/src/crypto/dsa/dsa_test.c
+++ b/src/crypto/dsa/dsa_test.cc
@@ -59,14 +59,15 @@
#include <openssl/dsa.h>
+#include <stdio.h>
#include <string.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
-static int dsa_cb(int p, int n, BN_GENCB *arg);
/* The following values are taken from the updated Appendix 5 to FIPS PUB 186
* and also appear in Appendix 5 to FIPS PUB 186-1. */
@@ -163,28 +164,59 @@
0xdc, 0xd8, 0xc8,
};
-static DSA *get_fips_dsa(void) {
- DSA *dsa = DSA_new();
+static bssl::UniquePtr<DSA> GetFIPSDSA(void) {
+ bssl::UniquePtr<DSA> dsa(DSA_new());
if (!dsa) {
- return NULL;
+ return nullptr;
}
- dsa->p = BN_bin2bn(fips_p, sizeof(fips_p), NULL);
- dsa->q = BN_bin2bn(fips_q, sizeof(fips_q), NULL);
- dsa->g = BN_bin2bn(fips_g, sizeof(fips_g), NULL);
- dsa->pub_key = BN_bin2bn(fips_y, sizeof(fips_y), NULL);
- dsa->priv_key = BN_bin2bn(fips_x, sizeof(fips_x), NULL);
- if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL ||
- dsa->pub_key == NULL || dsa->priv_key == NULL) {
- DSA_free(dsa);
- return NULL;
+ dsa->p = BN_bin2bn(fips_p, sizeof(fips_p), nullptr);
+ dsa->q = BN_bin2bn(fips_q, sizeof(fips_q), nullptr);
+ dsa->g = BN_bin2bn(fips_g, sizeof(fips_g), nullptr);
+ dsa->pub_key = BN_bin2bn(fips_y, sizeof(fips_y), nullptr);
+ dsa->priv_key = BN_bin2bn(fips_x, sizeof(fips_x), nullptr);
+ if (dsa->p == nullptr || dsa->q == nullptr || dsa->g == nullptr ||
+ dsa->pub_key == nullptr || dsa->priv_key == nullptr) {
+ return nullptr;
}
return dsa;
}
-static int test_generate(FILE *out) {
+struct GenerateContext {
+ FILE *out = nullptr;
+ int ok = 0;
+ int num = 0;
+};
+
+static int GenerateCallback(int p, int n, BN_GENCB *arg) {
+ GenerateContext *ctx = reinterpret_cast<GenerateContext *>(arg->arg);
+ char c = '*';
+ switch (p) {
+ case 0:
+ c = '.';
+ ctx->num++;
+ break;
+ case 1:
+ c = '+';
+ break;
+ case 2:
+ c = '*';
+ ctx->ok++;
+ break;
+ case 3:
+ c = '\n';
+ }
+ fputc(c, ctx->out);
+ fflush(ctx->out);
+ if (!ctx->ok && p == 0 && ctx->num > 1) {
+ fprintf(stderr, "error in dsatest\n");
+ return 0;
+ }
+ return 1;
+}
+
+static int TestGenerate(FILE *out) {
BN_GENCB cb;
- DSA *dsa = NULL;
- int counter, ok = 0, i, j;
+ int counter, i, j;
uint8_t buf[256];
unsigned long h;
uint8_t sig[256];
@@ -192,11 +224,14 @@
fprintf(out, "test generation of DSA parameters\n");
- BN_GENCB_set(&cb, dsa_cb, out);
- dsa = DSA_new();
- if (dsa == NULL ||
- !DSA_generate_parameters_ex(dsa, 512, seed, 20, &counter, &h, &cb)) {
- goto end;
+ GenerateContext ctx;
+ ctx.out = out;
+ BN_GENCB_set(&cb, GenerateCallback, &ctx);
+ bssl::UniquePtr<DSA> dsa(DSA_new());
+ if (!dsa ||
+ !DSA_generate_parameters_ex(dsa.get(), 512, seed, 20, &counter, &h,
+ &cb)) {
+ return false;
}
fprintf(out, "seed\n");
@@ -208,81 +243,74 @@
if (counter != 105) {
fprintf(stderr, "counter should be 105\n");
- goto end;
+ return false;
}
if (h != 2) {
fprintf(stderr, "h should be 2\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->q, buf);
j = sizeof(fips_q);
- if (i != j || memcmp(buf, fips_q, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_q, i) != 0) {
fprintf(stderr, "q value is wrong\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(fips_p);
- if (i != j || memcmp(buf, fips_p, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_p, i) != 0) {
fprintf(stderr, "p value is wrong\n");
- goto end;
+ return false;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(fips_g);
- if (i != j || memcmp(buf, fips_g, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_g, i) != 0) {
fprintf(stderr, "g value is wrong\n");
- goto end;
+ return false;
}
- if (!DSA_generate_key(dsa) ||
- !DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa)) {
- goto end;
+ if (!DSA_generate_key(dsa.get()) ||
+ !DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa.get())) {
+ return false;
}
- if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa) == 1) {
- ok = 1;
- } else {
+ if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa.get()) !=
+ 1) {
fprintf(stderr, "verification failure\n");
+ return false;
}
-end:
- DSA_free(dsa);
-
- return ok;
+ return true;
}
-static int test_verify(const uint8_t *sig, size_t sig_len, int expect) {
- int ok = 0;
- DSA *dsa = get_fips_dsa();
- if (dsa == NULL) {
- goto end;
+static bool TestVerify(const uint8_t *sig, size_t sig_len, int expect) {
+ bssl::UniquePtr<DSA> dsa = GetFIPSDSA();
+ if (!dsa) {
+ return false;
}
- int ret = DSA_verify(0, fips_digest, sizeof(fips_digest), sig, sig_len, dsa);
+ int ret =
+ DSA_verify(0, fips_digest, sizeof(fips_digest), sig, sig_len, dsa.get());
if (ret != expect) {
fprintf(stderr, "DSA_verify returned %d, want %d\n", ret, expect);
- goto end;
+ return false;
}
- ok = 1;
- /* Clear any errorrs from a test with expected failure. */
+
+ /* Clear any errors from a test with expected failure. */
ERR_clear_error();
-
-end:
- DSA_free(dsa);
-
- return ok;
+ return true;
}
int main(int argc, char **argv) {
CRYPTO_library_init();
- if (!test_generate(stdout) ||
- !test_verify(fips_sig, sizeof(fips_sig), 1) ||
- !test_verify(fips_sig_negative, sizeof(fips_sig_negative), -1) ||
- !test_verify(fips_sig_extra, sizeof(fips_sig_extra), -1) ||
- !test_verify(fips_sig_bad_length, sizeof(fips_sig_bad_length), -1) ||
- !test_verify(fips_sig_bad_r, sizeof(fips_sig_bad_r), 0)) {
+ if (!TestGenerate(stdout) ||
+ !TestVerify(fips_sig, sizeof(fips_sig), 1) ||
+ !TestVerify(fips_sig_negative, sizeof(fips_sig_negative), -1) ||
+ !TestVerify(fips_sig_extra, sizeof(fips_sig_extra), -1) ||
+ !TestVerify(fips_sig_bad_length, sizeof(fips_sig_bad_length), -1) ||
+ !TestVerify(fips_sig_bad_r, sizeof(fips_sig_bad_r), 0)) {
ERR_print_errors_fp(stderr);
return 1;
}
@@ -290,34 +318,3 @@
printf("PASS\n");
return 0;
}
-
-static int dsa_cb(int p, int n, BN_GENCB *arg) {
- char c = '*';
- static int ok = 0, num = 0;
-
- switch (p) {
- case 0:
- c = '.';
- num++;
- break;
- case 1:
- c = '+';
- break;
- case 2:
- c = '*';
- ok++;
- break;
- case 3:
- c = '\n';
- }
-
- fputc(c, arg->arg);
- fflush(arg->arg);
-
- if (!ok && p == 0 && num > 1) {
- fprintf(stderr, "error in dsatest\n");
- return 0;
- }
-
- return 1;
-}
diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c
index 7e76dfe..96bb703 100644
--- a/src/crypto/ec/ec.c
+++ b/src/crypto/ec/ec.c
@@ -350,7 +350,7 @@
OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EC_GROUP));
+ OPENSSL_memset(ret, 0, sizeof(EC_GROUP));
ret->meth = meth;
BN_init(&ret->order);
diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c
index f31e158..35c8f27 100644
--- a/src/crypto/ec/ec_asn1.c
+++ b/src/crypto/ec/ec_asn1.c
@@ -64,6 +64,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static const uint8_t kParametersTag =
@@ -271,7 +272,7 @@
!CBS_get_asn1(¶ms, &field_id, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1(&field_id, &field_type, CBS_ASN1_OBJECT) ||
CBS_len(&field_type) != sizeof(kPrimeField) ||
- memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
+ OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
!CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
!is_unsigned_integer(out_prime) ||
CBS_len(&field_id) != 0 ||
@@ -335,7 +336,7 @@
for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {
const struct built_in_curve *curve = &OPENSSL_built_in_curves[i];
if (CBS_len(&named_curve) == curve->oid_len &&
- memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
return EC_GROUP_new_by_curve_name(curve->nid);
}
}
diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c
index 3e4456c..1a93346 100644
--- a/src/crypto/ec/ec_key.c
+++ b/src/crypto/ec/ec_key.c
@@ -91,7 +91,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EC_KEY));
+ OPENSSL_memset(ret, 0, sizeof(EC_KEY));
if (engine) {
ret->ecdsa_meth = ENGINE_get_ECDSA_method(engine);
diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c
index 1253a73..4643fd2 100644
--- a/src/crypto/ec/ec_montgomery.c
+++ b/src/crypto/ec/ec_montgomery.c
@@ -71,6 +71,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../bn/internal.h"
#include "internal.h"
@@ -230,11 +231,9 @@
BIGNUM *Z_1 = BN_CTX_get(ctx);
BIGNUM *Z_2 = BN_CTX_get(ctx);
BIGNUM *Z_3 = BN_CTX_get(ctx);
- BIGNUM *field_minus_2 = BN_CTX_get(ctx);
if (Z_1 == NULL ||
Z_2 == NULL ||
- Z_3 == NULL ||
- field_minus_2 == NULL) {
+ Z_3 == NULL) {
goto err;
}
@@ -247,16 +246,12 @@
* is more efficient (at least in theory) than |BN_to_montgomery|, since it
* doesn't have to do the multiplication before the reduction.
*
- * Use Fermat's Little Theorem with |BN_mod_exp_mont_consttime| instead of
- * |BN_mod_inverse_odd| since this inversion may be done as the final step
- * of private key operations. Unfortunately, this is suboptimal for ECDSA
- * verification. */
+ * Use Fermat's Little Theorem instead of |BN_mod_inverse_odd| since this
+ * inversion may be done as the final step of private key operations.
+ * Unfortunately, this is suboptimal for ECDSA verification. */
if (!BN_from_montgomery(Z_1, &point->Z, group->mont, ctx) ||
!BN_from_montgomery(Z_1, Z_1, group->mont, ctx) ||
- !BN_copy(field_minus_2, &group->field) ||
- !BN_sub_word(field_minus_2, 2) ||
- !BN_mod_exp_mont_consttime(Z_1, Z_1, field_minus_2, &group->field,
- ctx, group->mont)) {
+ !bn_mod_inverse_prime(Z_1, Z_1, &group->field, ctx, group->mont)) {
goto err;
}
diff --git a/src/crypto/ec/p224-64.c b/src/crypto/ec/p224-64.c
index 825bbc3..7b2ae68 100644
--- a/src/crypto/ec/p224-64.c
+++ b/src/crypto/ec/p224-64.c
@@ -211,7 +211,7 @@
static int BN_to_felem(felem out, const BIGNUM *bn) {
/* BN_bn2bin eats leading zeroes */
felem_bytearray b_out;
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out) ||
BN_is_negative(bn)) {
@@ -860,7 +860,7 @@
static void select_point(const u64 idx, size_t size,
const felem pre_comp[/*size*/][3], felem out[3]) {
limb *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(felem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(felem));
for (size_t i = 0; i < size; i++) {
const limb *inlimbs = &pre_comp[i][0][0];
@@ -885,26 +885,24 @@
}
/* Interleaved point multiplication using precomputed point multiples:
- * The small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[],
- * the scalars in scalars[]. If g_scalar is non-NULL, we also add this multiple
+ * The small point multiples 0*P, 1*P, ..., 16*P are in p_pre_comp, the scalars
+ * in p_scalar, if non-NULL. If g_scalar is non-NULL, we also add this multiple
* of the generator, using certain (large) precomputed multiples in g_pre_comp.
* Output point (X, Y, Z) is stored in x_out, y_out, z_out */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
- const felem_bytearray scalars[],
- const size_t num_points, const u8 *g_scalar,
- const felem pre_comp[][17][3]) {
+static void batch_mul(felem x_out, felem y_out, felem z_out, const u8 *p_scalar,
+ const u8 *g_scalar, const felem p_pre_comp[17][3]) {
felem nq[3], tmp[4];
u64 bits;
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
- /* Loop over all scalars msb-to-lsb, interleaving additions
- * of multiples of the generator (two in each of the last 28 rounds)
- * and additions of other points multiples (every 5th round). */
+ /* Loop over both scalars msb-to-lsb, interleaving additions of multiples of
+ * the generator (two in each of the last 28 rounds) and additions of p (every
+ * 5th round). */
int skip = 1; /* save two point operations in the first round */
- size_t i = num_points != 0 ? 220 : 27;
+ size_t i = p_scalar != NULL ? 220 : 27;
for (;;) {
/* double */
if (!skip) {
@@ -925,7 +923,7 @@
point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */,
tmp[0], tmp[1], tmp[2]);
} else {
- memcpy(nq, tmp, 3 * sizeof(felem));
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
skip = 0;
}
@@ -941,30 +939,26 @@
}
/* do other additions every 5 doublings */
- if (num_points != 0 && i % 5 == 0) {
- /* loop over all scalars */
- size_t num;
- for (num = 0; num < num_points; ++num) {
- bits = get_bit(scalars[num], i + 4) << 5;
- bits |= get_bit(scalars[num], i + 3) << 4;
- bits |= get_bit(scalars[num], i + 2) << 3;
- bits |= get_bit(scalars[num], i + 1) << 2;
- bits |= get_bit(scalars[num], i) << 1;
- bits |= get_bit(scalars[num], i - 1);
- ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+ if (p_scalar != NULL && i % 5 == 0) {
+ bits = get_bit(p_scalar, i + 4) << 5;
+ bits |= get_bit(p_scalar, i + 3) << 4;
+ bits |= get_bit(p_scalar, i + 2) << 3;
+ bits |= get_bit(p_scalar, i + 1) << 2;
+ bits |= get_bit(p_scalar, i) << 1;
+ bits |= get_bit(p_scalar, i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
- /* select the point to add or subtract */
- select_point(digit, 17, pre_comp[num], tmp);
- felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative point */
- copy_conditional(tmp[1], tmp[3], sign);
+ /* select the point to add or subtract */
+ select_point(digit, 17, p_pre_comp, tmp);
+ felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative point */
+ copy_conditional(tmp[1], tmp[3], sign);
- if (!skip) {
- point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
- tmp[0], tmp[1], tmp[2]);
- } else {
- memcpy(nq, tmp, 3 * sizeof(felem));
- skip = 0;
- }
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
+ tmp[0], tmp[1], tmp[2]);
+ } else {
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
+ skip = 0;
}
}
@@ -1022,30 +1016,16 @@
return 1;
}
-static int ec_GFp_nistp224_points_mul(const EC_GROUP *group,
- EC_POINT *r,
- const BIGNUM *g_scalar,
- const EC_POINT *p_,
- const BIGNUM *p_scalar_,
- BN_CTX *ctx) {
- /* TODO: This function used to take |points| and |scalars| as arrays of
- * |num| elements. The code below should be simplified to work in terms of
- * |p_| and |p_scalar_|. */
- size_t num = p_ != NULL ? 1 : 0;
- const EC_POINT **points = p_ != NULL ? &p_ : NULL;
- BIGNUM const *const *scalars = p_ != NULL ? &p_scalar_ : NULL;
-
+static int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *g_scalar, const EC_POINT *p,
+ const BIGNUM *p_scalar, BN_CTX *ctx) {
int ret = 0;
BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *z, *tmp_scalar;
- felem_bytearray g_secret;
- felem_bytearray *secrets = NULL;
- felem(*pre_comp)[17][3] = NULL;
+ felem_bytearray g_secret, p_secret;
+ felem p_pre_comp[17][3];
felem_bytearray tmp;
- size_t num_points = num;
felem x_in, y_in, z_in, x_out, y_out, z_out;
- const EC_POINT *p = NULL;
- const BIGNUM *p_scalar = NULL;
if (ctx == NULL) {
ctx = BN_CTX_new();
@@ -1063,75 +1043,53 @@
goto err;
}
- if (num_points > 0) {
- secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
- pre_comp = OPENSSL_malloc(num_points * sizeof(felem[17][3]));
- if (secrets == NULL ||
- pre_comp == NULL) {
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
+ if (p != NULL && p_scalar != NULL) {
+ /* We treat NULL scalars as 0, and NULL points as points at infinity, i.e.,
+ * they contribute nothing to the linear combination. */
+ OPENSSL_memset(&p_secret, 0, sizeof(p_secret));
+ OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp));
+ size_t num_bytes;
+ /* reduce g_scalar to 0 <= g_scalar < 2^224 */
+ if (BN_num_bits(p_scalar) > 224 || BN_is_negative(p_scalar)) {
+ /* this is an unusual input, and we don't guarantee
+ * constant-timeness */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else {
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ }
+
+ flip_endian(p_secret, tmp, num_bytes);
+ /* precompute multiples */
+ if (!BN_to_felem(x_out, &p->X) ||
+ !BN_to_felem(y_out, &p->Y) ||
+ !BN_to_felem(z_out, &p->Z)) {
goto err;
}
- /* we treat NULL scalars as 0, and NULL points as points at infinity,
- * i.e., they contribute nothing to the linear combination */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
- for (size_t i = 0; i < num_points; ++i) {
- if (i == num) {
- /* the generator */
- p = EC_GROUP_get0_generator(group);
- p_scalar = g_scalar;
+ felem_assign(p_pre_comp[1][0], x_out);
+ felem_assign(p_pre_comp[1][1], y_out);
+ felem_assign(p_pre_comp[1][2], z_out);
+
+ for (size_t j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add(p_pre_comp[j][0], p_pre_comp[j][1], p_pre_comp[j][2],
+ p_pre_comp[1][0], p_pre_comp[1][1], p_pre_comp[1][2],
+ 0, p_pre_comp[j - 1][0], p_pre_comp[j - 1][1],
+ p_pre_comp[j - 1][2]);
} else {
- /* the i^th point */
- p = points[i];
- p_scalar = scalars[i];
- }
-
- if (p_scalar != NULL && p != NULL) {
- size_t num_bytes;
- /* reduce g_scalar to 0 <= g_scalar < 2^224 */
- if (BN_num_bits(p_scalar) > 224 || BN_is_negative(p_scalar)) {
- /* this is an unusual input, and we don't guarantee
- * constant-timeness */
- if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
- OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
- goto err;
- }
- num_bytes = BN_bn2bin(tmp_scalar, tmp);
- } else {
- num_bytes = BN_bn2bin(p_scalar, tmp);
- }
-
- flip_endian(secrets[i], tmp, num_bytes);
- /* precompute multiples */
- if (!BN_to_felem(x_out, &p->X) ||
- !BN_to_felem(y_out, &p->Y) ||
- !BN_to_felem(z_out, &p->Z)) {
- goto err;
- }
-
- felem_assign(pre_comp[i][1][0], x_out);
- felem_assign(pre_comp[i][1][1], y_out);
- felem_assign(pre_comp[i][1][2], z_out);
-
- for (size_t j = 2; j <= 16; ++j) {
- if (j & 1) {
- point_add(pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
- pre_comp[i][1][0], pre_comp[i][1][1], pre_comp[i][1][2],
- 0, pre_comp[i][j - 1][0], pre_comp[i][j - 1][1],
- pre_comp[i][j - 1][2]);
- } else {
- point_double(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][j / 2][0],
- pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
- }
- }
+ point_double(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[j / 2][0],
+ p_pre_comp[j / 2][1], p_pre_comp[j / 2][2]);
}
}
}
if (g_scalar != NULL) {
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
size_t num_bytes;
/* reduce g_scalar to 0 <= g_scalar < 2^224 */
if (BN_num_bits(g_scalar) > 224 || BN_is_negative(g_scalar)) {
@@ -1147,9 +1105,9 @@
flip_endian(g_secret, tmp, num_bytes);
}
- batch_mul(x_out, y_out, z_out, (const felem_bytearray(*))secrets,
- num_points, g_scalar != NULL ? g_secret : NULL,
- (const felem(*)[17][3])pre_comp);
+ batch_mul(x_out, y_out, z_out,
+ (p != NULL && p_scalar != NULL) ? p_secret : NULL,
+ g_scalar != NULL ? g_secret : NULL, (const felem(*)[3])p_pre_comp);
/* reduce the output to its unique minimal representation */
felem_contract(x_in, x_out);
@@ -1166,8 +1124,6 @@
err:
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
- OPENSSL_free(secrets);
- OPENSSL_free(pre_comp);
return ret;
}
diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c
index 6a54200..0f32c2e 100644
--- a/src/crypto/ec/p256-64.c
+++ b/src/crypto/ec/p256-64.c
@@ -108,7 +108,7 @@
felem_bytearray b_out;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out)) {
OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE);
@@ -1402,7 +1402,7 @@
const smallfelem pre_comp[/*size*/][3],
smallfelem out[3]) {
u64 *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(smallfelem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(smallfelem));
for (size_t i = 0; i < size; i++) {
const u64 *inlimbs = (const u64 *)&pre_comp[i][0][0];
@@ -1427,28 +1427,26 @@
}
/* Interleaved point multiplication using precomputed point multiples: The
- * small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[], the scalars
- * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
- * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * small point multiples 0*P, 1*P, ..., 17*P are in p_pre_comp, the scalar
+ * in p_scalar, if non-NULL. If g_scalar is non-NULL, we also add this multiple
+ * of the generator, using certain (large) precomputed multiples in g_pre_comp.
* Output point (X, Y, Z) is stored in x_out, y_out, z_out. */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
- const felem_bytearray scalars[],
- const size_t num_points, const u8 *g_scalar,
- const smallfelem pre_comp[][17][3]) {
+static void batch_mul(felem x_out, felem y_out, felem z_out, const u8 *p_scalar,
+ const u8 *g_scalar, const smallfelem p_pre_comp[17][3]) {
felem nq[3], ftmp;
smallfelem tmp[3];
u64 bits;
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
- /* Loop over all scalars msb-to-lsb, interleaving additions of multiples
- * of the generator (two in each of the last 32 rounds) and additions of
- * other points multiples (every 5th round). */
+ /* Loop over both scalars msb-to-lsb, interleaving additions of multiples
+ * of the generator (two in each of the last 32 rounds) and additions of p
+ * (every 5th round). */
int skip = 1; /* save two point operations in the first round */
- size_t i = num_points != 0 ? 255 : 31;
+ size_t i = p_scalar != NULL ? 255 : 31;
for (;;) {
/* double */
if (!skip) {
@@ -1487,34 +1485,30 @@
}
/* do other additions every 5 doublings */
- if (num_points != 0 && i % 5 == 0) {
- /* loop over all scalars */
- size_t num;
- for (num = 0; num < num_points; ++num) {
- bits = get_bit(scalars[num], i + 4) << 5;
- bits |= get_bit(scalars[num], i + 3) << 4;
- bits |= get_bit(scalars[num], i + 2) << 3;
- bits |= get_bit(scalars[num], i + 1) << 2;
- bits |= get_bit(scalars[num], i) << 1;
- bits |= get_bit(scalars[num], i - 1);
- ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+ if (p_scalar != NULL && i % 5 == 0) {
+ bits = get_bit(p_scalar, i + 4) << 5;
+ bits |= get_bit(p_scalar, i + 3) << 4;
+ bits |= get_bit(p_scalar, i + 2) << 3;
+ bits |= get_bit(p_scalar, i + 1) << 2;
+ bits |= get_bit(p_scalar, i) << 1;
+ bits |= get_bit(p_scalar, i - 1);
+ ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
- /* select the point to add or subtract, in constant time. */
- select_point(digit, 17, pre_comp[num], tmp);
- smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
- * point */
- copy_small_conditional(ftmp, tmp[1], (((limb)sign) - 1));
- felem_contract(tmp[1], ftmp);
+ /* select the point to add or subtract, in constant time. */
+ select_point(digit, 17, p_pre_comp, tmp);
+ smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
+ * point */
+ copy_small_conditional(ftmp, tmp[1], (((limb)sign) - 1));
+ felem_contract(tmp[1], ftmp);
- if (!skip) {
- point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
- tmp[0], tmp[1], tmp[2]);
- } else {
- smallfelem_expand(nq[0], tmp[0]);
- smallfelem_expand(nq[1], tmp[1]);
- smallfelem_expand(nq[2], tmp[2]);
- skip = 0;
- }
+ if (!skip) {
+ point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
+ tmp[0], tmp[1], tmp[2]);
+ } else {
+ smallfelem_expand(nq[0], tmp[0]);
+ smallfelem_expand(nq[1], tmp[1]);
+ smallfelem_expand(nq[2], tmp[2]);
+ skip = 0;
}
}
@@ -1581,31 +1575,17 @@
return 1;
}
-static int ec_GFp_nistp256_points_mul(const EC_GROUP *group,
- EC_POINT *r,
- const BIGNUM *g_scalar,
- const EC_POINT *p_,
- const BIGNUM *p_scalar_,
- BN_CTX *ctx) {
- /* TODO: This function used to take |points| and |scalars| as arrays of
- * |num| elements. The code below should be simplified to work in terms of |p|
- * and |p_scalar|. */
- size_t num = p_ != NULL ? 1 : 0;
- const EC_POINT **points = p_ != NULL ? &p_ : NULL;
- BIGNUM const *const *scalars = p_ != NULL ? &p_scalar_ : NULL;
-
+static int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *g_scalar, const EC_POINT *p,
+ const BIGNUM *p_scalar, BN_CTX *ctx) {
int ret = 0;
BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *z, *tmp_scalar;
- felem_bytearray g_secret;
- felem_bytearray *secrets = NULL;
- smallfelem(*pre_comp)[17][3] = NULL;
+ felem_bytearray g_secret, p_secret;
+ smallfelem p_pre_comp[17][3];
felem_bytearray tmp;
- size_t num_points = num;
smallfelem x_in, y_in, z_in;
felem x_out, y_out, z_out;
- const EC_POINT *p = NULL;
- const BIGNUM *p_scalar = NULL;
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
@@ -1622,65 +1602,44 @@
goto err;
}
- if (num_points > 0) {
- secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
- pre_comp = OPENSSL_malloc(num_points * sizeof(smallfelem[17][3]));
- if (secrets == NULL || pre_comp == NULL) {
- OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
+ if (p != NULL && p_scalar != NULL) {
+ /* We treat NULL scalars as 0, and NULL points as points at infinity, i.e.,
+ * they contribute nothing to the linear combination. */
+ OPENSSL_memset(&p_secret, 0, sizeof(p_secret));
+ OPENSSL_memset(&p_pre_comp, 0, sizeof(p_pre_comp));
+ size_t num_bytes;
+ /* Reduce g_scalar to 0 <= g_scalar < 2^256. */
+ if (BN_num_bits(p_scalar) > 256 || BN_is_negative(p_scalar)) {
+ /* This is an unusual input, and we don't guarantee constant-timeness. */
+ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+ OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
+ goto err;
+ }
+ num_bytes = BN_bn2bin(tmp_scalar, tmp);
+ } else {
+ num_bytes = BN_bn2bin(p_scalar, tmp);
+ }
+ flip_endian(p_secret, tmp, num_bytes);
+ /* Precompute multiples. */
+ if (!BN_to_felem(x_out, &p->X) ||
+ !BN_to_felem(y_out, &p->Y) ||
+ !BN_to_felem(z_out, &p->Z)) {
goto err;
}
-
- /* we treat NULL scalars as 0, and NULL points as points at infinity,
- * i.e., they contribute nothing to the linear combination. */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
- for (size_t i = 0; i < num_points; ++i) {
- if (i == num) {
- /* we didn't have a valid precomputation, so we pick the generator. */
- p = EC_GROUP_get0_generator(group);
- p_scalar = g_scalar;
+ felem_shrink(p_pre_comp[1][0], x_out);
+ felem_shrink(p_pre_comp[1][1], y_out);
+ felem_shrink(p_pre_comp[1][2], z_out);
+ for (size_t j = 2; j <= 16; ++j) {
+ if (j & 1) {
+ point_add_small(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[1][0],
+ p_pre_comp[1][1], p_pre_comp[1][2],
+ p_pre_comp[j - 1][0], p_pre_comp[j - 1][1],
+ p_pre_comp[j - 1][2]);
} else {
- /* the i^th point */
- p = points[i];
- p_scalar = scalars[i];
- }
- if (p_scalar != NULL && p != NULL) {
- size_t num_bytes;
- /* reduce g_scalar to 0 <= g_scalar < 2^256 */
- if (BN_num_bits(p_scalar) > 256 || BN_is_negative(p_scalar)) {
- /* this is an unusual input, and we don't guarantee
- * constant-timeness. */
- if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
- OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
- goto err;
- }
- num_bytes = BN_bn2bin(tmp_scalar, tmp);
- } else {
- num_bytes = BN_bn2bin(p_scalar, tmp);
- }
- flip_endian(secrets[i], tmp, num_bytes);
- /* precompute multiples */
- if (!BN_to_felem(x_out, &p->X) ||
- !BN_to_felem(y_out, &p->Y) ||
- !BN_to_felem(z_out, &p->Z)) {
- goto err;
- }
- felem_shrink(pre_comp[i][1][0], x_out);
- felem_shrink(pre_comp[i][1][1], y_out);
- felem_shrink(pre_comp[i][1][2], z_out);
- for (size_t j = 2; j <= 16; ++j) {
- if (j & 1) {
- point_add_small(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][1][0],
- pre_comp[i][1][1], pre_comp[i][1][2],
- pre_comp[i][j - 1][0], pre_comp[i][j - 1][1],
- pre_comp[i][j - 1][2]);
- } else {
- point_double_small(pre_comp[i][j][0], pre_comp[i][j][1],
- pre_comp[i][j][2], pre_comp[i][j / 2][0],
- pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
- }
- }
+ point_double_small(p_pre_comp[j][0], p_pre_comp[j][1],
+ p_pre_comp[j][2], p_pre_comp[j / 2][0],
+ p_pre_comp[j / 2][1], p_pre_comp[j / 2][2]);
}
}
}
@@ -1688,7 +1647,7 @@
if (g_scalar != NULL) {
size_t num_bytes;
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
/* reduce g_scalar to 0 <= g_scalar < 2^256 */
if (BN_num_bits(g_scalar) > 256 || BN_is_negative(g_scalar)) {
/* this is an unusual input, and we don't guarantee
@@ -1703,9 +1662,10 @@
}
flip_endian(g_secret, tmp, num_bytes);
}
- batch_mul(x_out, y_out, z_out, (const felem_bytearray(*))secrets,
- num_points, g_scalar != NULL ? g_secret : NULL,
- (const smallfelem(*)[17][3])pre_comp);
+ batch_mul(x_out, y_out, z_out,
+ (p != NULL && p_scalar != NULL) ? p_secret : NULL,
+ g_scalar != NULL ? g_secret : NULL,
+ (const smallfelem(*)[3]) &p_pre_comp);
/* reduce the output to its unique minimal representation */
felem_contract(x_in, x_out);
@@ -1722,8 +1682,6 @@
err:
BN_CTX_end(ctx);
BN_CTX_free(new_ctx);
- OPENSSL_free(secrets);
- OPENSSL_free(pre_comp);
return ret;
}
diff --git a/src/crypto/ec/p256-x86_64.c b/src/crypto/ec/p256-x86_64.c
index 0a3be92..2400740 100644
--- a/src/crypto/ec/p256-x86_64.c
+++ b/src/crypto/ec/p256-x86_64.c
@@ -208,8 +208,8 @@
return 0;
}
- memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
- memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
+ OPENSSL_memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
+ OPENSSL_memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
return 1;
}
@@ -441,7 +441,7 @@
/* Convert |p| from affine to Jacobian coordinates. We set Z to zero if |p|
* is infinity and |ONE| otherwise. |p| was computed from the table, so it
* is infinity iff |wvalue >> 1| is zero. */
- memset(p.p.Z, 0, sizeof(p.p.Z));
+ OPENSSL_memset(p.p.Z, 0, sizeof(p.p.Z));
copy_conditional(p.p.Z, ONE, is_not_zero(wvalue >> 1));
for (i = 1; i < 37; i++) {
diff --git a/src/crypto/ec/p256-x86_64_test.cc b/src/crypto/ec/p256-x86_64_test.cc
index 531edcf..afc3b54 100644
--- a/src/crypto/ec/p256-x86_64_test.cc
+++ b/src/crypto/ec/p256-x86_64_test.cc
@@ -38,9 +38,9 @@
// Fill a table with some garbage input.
P256_POINT table[16];
for (size_t i = 0; i < 16; i++) {
- memset(table[i].X, 3 * i, sizeof(table[i].X));
- memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
- memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
+ OPENSSL_memset(table[i].X, 3 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
}
for (int i = 0; i <= 16; i++) {
@@ -49,12 +49,12 @@
P256_POINT expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w5(%d) gave the wrong value.\n", i);
return false;
}
@@ -67,8 +67,8 @@
// Fill a table with some garbage input.
P256_POINT_AFFINE table[64];
for (size_t i = 0; i < 64; i++) {
- memset(table[i].X, 2 * i, sizeof(table[i].X));
- memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].X, 2 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
}
for (int i = 0; i <= 64; i++) {
@@ -77,12 +77,12 @@
P256_POINT_AFFINE expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w7(%d) gave the wrong value.\n", i);
return false;
}
@@ -105,7 +105,7 @@
// |byte| contains bytes in big-endian while |out| should contain |BN_ULONG|s
// in little-endian.
- memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
+ OPENSSL_memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
for (size_t i = 0; i < bytes.size(); i++) {
out[P256_LIMBS - 1 - (i / BN_BYTES)] <<= 8;
out[P256_LIMBS - 1 - (i / BN_BYTES)] |= bytes[i];
@@ -127,7 +127,7 @@
static bool ExpectFieldElementsEqual(FileTest *t, const char *message,
const BN_ULONG expected[P256_LIMBS],
const BN_ULONG actual[P256_LIMBS]) {
- if (memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
+ if (OPENSSL_memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
return true;
}
@@ -160,7 +160,7 @@
return false;
}
- memset(out, 0, sizeof(P256_POINT_AFFINE));
+ OPENSSL_memset(out, 0, sizeof(P256_POINT_AFFINE));
if (BN_is_zero(z.get())) {
// The point at infinity is represented as (0, 0).
@@ -189,8 +189,8 @@
return false;
}
- memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
- memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
+ OPENSSL_memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
+ OPENSSL_memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
return true;
}
@@ -209,7 +209,7 @@
return false;
}
- if (memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
t->PrintLine("%s", message);
t->PrintLine("Expected: (%s, %s)",
FieldElementToString(expected->X).c_str(),
@@ -237,7 +237,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(A) was incorrect.", b, ret)) {
@@ -251,7 +251,7 @@
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(B) was incorrect.", a, ret)) {
@@ -282,42 +282,42 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, b);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = A, B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, b, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(B, ret = A) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, a, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(A, ret = B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, a);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = B, A) was incorrect.", result, ret)) {
return false;
}
- if (memcmp(a, b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(a, b, sizeof(a)) == 0) {
ecp_nistz256_sqr_mont(ret, a);
if (!ExpectFieldElementsEqual(t, "ecp_nistz256_sqr_mont(A) was incorrect.",
result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_sqr_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_sqr_mont(ret = A) was incorrect.", result, ret)) {
@@ -342,7 +342,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_from_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_from_mont(ret = A) was incorrect.", result, ret)) {
@@ -379,28 +379,28 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &b);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &b, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(B, ret = A) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &a, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = B, A) was incorrect.",
&result, &ret)) {
@@ -408,7 +408,7 @@
}
P256_POINT_AFFINE a_affine, b_affine, infinity;
- memset(&infinity, 0, sizeof(infinity));
+ OPENSSL_memset(&infinity, 0, sizeof(infinity));
if (!PointToAffine(&a_affine, &a) ||
!PointToAffine(&b_affine, &b)) {
return false;
@@ -416,8 +416,8 @@
// ecp_nistz256_point_add_affine does not work when a == b unless doubling the
// point at infinity.
- if (memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
- memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
+ if (OPENSSL_memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
+ OPENSSL_memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
ecp_nistz256_point_add_affine(&ret, &a, &b_affine);
if (!ExpectPointsEqual(t,
"ecp_nistz256_point_add_affine(A, B) was incorrect.",
@@ -425,7 +425,7 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &b_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = A, B) was incorrect.",
@@ -440,7 +440,7 @@
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &a_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = B, A) was incorrect.",
@@ -449,7 +449,7 @@
}
}
- if (memcmp(&a, &b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(&a, &b, sizeof(a)) == 0) {
ecp_nistz256_point_double(&ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_double(A) was incorrect.",
&result, &ret)) {
diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c
index a1e6229..880b717 100644
--- a/src/crypto/ec/simple.c
+++ b/src/crypto/ec/simple.c
@@ -74,6 +74,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
/* Most method functions in this file are designed to work with non-trivial
@@ -988,7 +989,7 @@
if (prod_Z == NULL) {
goto err;
}
- memset(prod_Z, 0, num * sizeof(prod_Z[0]));
+ OPENSSL_memset(prod_Z, 0, num * sizeof(prod_Z[0]));
for (size_t i = 0; i < num; i++) {
prod_Z[i] = BN_new();
if (prod_Z[i] == NULL) {
diff --git a/src/crypto/ecdh/ecdh.c b/src/crypto/ecdh/ecdh.c
index 50a844e..22b216e 100644
--- a/src/crypto/ecdh/ecdh.c
+++ b/src/crypto/ecdh/ecdh.c
@@ -74,6 +74,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *priv_key,
@@ -140,7 +142,7 @@
if (buflen < outlen) {
outlen = buflen;
}
- memcpy(out, buf, outlen);
+ OPENSSL_memcpy(out, buf, outlen);
}
if (outlen > INT_MAX) {
diff --git a/src/crypto/ecdsa/ecdsa.c b/src/crypto/ecdsa/ecdsa.c
index 6320992..3432081 100644
--- a/src/crypto/ecdsa/ecdsa.c
+++ b/src/crypto/ecdsa/ecdsa.c
@@ -60,7 +60,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../bn/internal.h"
#include "../ec/internal.h"
+#include "../internal.h"
int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig,
@@ -88,7 +90,7 @@
/* Defend against potential laxness in the DER parser. */
size_t der_len;
if (!ECDSA_SIG_to_bytes(&der, &der_len, s) ||
- der_len != sig_len || memcmp(sig, der, sig_len) != 0) {
+ der_len != sig_len || OPENSSL_memcmp(sig, der, sig_len) != 0) {
/* This should never happen. crypto/bytestring is strictly DER. */
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
goto err;
@@ -308,12 +310,9 @@
} while (BN_is_zero(r));
/* Compute the inverse of k. The order is a prime, so use Fermat's Little
- * Theorem. */
- if (!BN_set_word(tmp, 2) ||
- !BN_sub(tmp, order, tmp) ||
- /* Note |ec_group_get_mont_data| may return NULL but |BN_mod_exp_mont|
- * allows it to be. */
- !BN_mod_exp_mont(k, k, tmp, order, ctx, ec_group_get_mont_data(group))) {
+ * Theorem. Note |ec_group_get_mont_data| may return NULL but
+ * |bn_mod_inverse_prime| allows this. */
+ if (!bn_mod_inverse_prime(k, k, order, ctx, ec_group_get_mont_data(group))) {
OPENSSL_PUT_ERROR(ECDSA, ERR_R_BN_LIB);
goto err;
}
diff --git a/src/crypto/engine/engine.c b/src/crypto/engine/engine.c
index f1037d4..141ed23 100644
--- a/src/crypto/engine/engine.c
+++ b/src/crypto/engine/engine.c
@@ -23,6 +23,8 @@
#include <openssl/rsa.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
struct engine_st {
RSA_METHOD *rsa_method;
@@ -35,7 +37,7 @@
return NULL;
}
- memset(engine, 0, sizeof(ENGINE));
+ OPENSSL_memset(engine, 0, sizeof(ENGINE));
return engine;
}
diff --git a/src/crypto/err/err.c b/src/crypto/err/err.c
index 48d631f..cbb1260 100644
--- a/src/crypto/err/err.c
+++ b/src/crypto/err/err.c
@@ -141,7 +141,7 @@
/* err_clear clears the given queued error. */
static void err_clear(struct err_error_st *error) {
err_clear_data(error);
- memset(error, 0, sizeof(struct err_error_st));
+ OPENSSL_memset(error, 0, sizeof(struct err_error_st));
}
/* global_next_library contains the next custom library value to return. */
@@ -175,7 +175,7 @@
if (state == NULL) {
return NULL;
}
- memset(state, 0, sizeof(ERR_STATE));
+ OPENSSL_memset(state, 0, sizeof(ERR_STATE));
if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_ERR, state,
err_state_free)) {
return NULL;
@@ -349,7 +349,7 @@
#if !defined(NDEBUG)
/* This is aimed to help catch callers who don't provide
* |ERR_ERROR_STRING_BUF_LEN| bytes of space. */
- memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
+ OPENSSL_memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
#endif
ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN);
@@ -407,7 +407,7 @@
* terminating 0). If we're setting this colon, then all whole of the
* rest of the string must be colons in order to have the correct
* number. */
- memset(last_pos, ':', num_colons - i);
+ OPENSSL_memset(last_pos, ':', num_colons - i);
break;
}
@@ -675,7 +675,7 @@
buf = new_buf;
}
- memcpy(buf + len, substr, substr_len);
+ OPENSSL_memcpy(buf + len, substr, substr_len);
len = new_len;
}
diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c
index 0916092..f083879 100644
--- a/src/crypto/evp/evp.c
+++ b/src/crypto/evp/evp.c
@@ -80,7 +80,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY));
ret->type = EVP_PKEY_NONE;
ret->references = 1;
diff --git a/src/crypto/evp/evp_asn1.c b/src/crypto/evp/evp_asn1.c
index 2b24858..6c90571 100644
--- a/src/crypto/evp/evp_asn1.c
+++ b/src/crypto/evp/evp_asn1.c
@@ -84,7 +84,7 @@
for (i = 0; i < OPENSSL_ARRAY_SIZE(kASN1Methods); i++) {
const EVP_PKEY_ASN1_METHOD *method = kASN1Methods[i];
if (CBS_len(&oid) == method->oid_len &&
- memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
*out_type = method->pkey_id;
return 1;
}
diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c
index f7d4b41..8cf23bb 100644
--- a/src/crypto/evp/evp_ctx.c
+++ b/src/crypto/evp/evp_ctx.c
@@ -61,6 +61,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
#include "internal.h"
@@ -105,7 +106,7 @@
OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));
ret->engine = e;
ret->pmeth = pmeth;
@@ -159,7 +160,7 @@
return NULL;
}
- memset(rctx, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(EVP_PKEY_CTX));
rctx->pmeth = pctx->pmeth;
rctx->engine = pctx->engine;
diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc
index 4d41760..2758917 100644
--- a/src/crypto/evp/evp_extra_test.cc
+++ b/src/crypto/evp/evp_extra_test.cc
@@ -27,6 +27,8 @@
#include <openssl/pkcs8.h>
#include <openssl/rsa.h>
+#include "../internal.h"
+
// kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
// should never use this key anywhere but in an example.
@@ -469,7 +471,7 @@
return false;
}
- if (memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
+ if (OPENSSL_memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
fprintf(stderr, "verify_recover got wrong value.\n");
ERR_print_errors_fp(stderr);
return false;
diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc
index bfaa38a..d03c61f 100644
--- a/src/crypto/evp/evp_test.cc
+++ b/src/crypto/evp/evp_test.cc
@@ -72,6 +72,7 @@
#include <openssl/crypto.h>
#include <openssl/digest.h>
#include <openssl/err.h>
+#include <openssl/rsa.h>
#include "../test/file_test.h"
@@ -113,6 +114,23 @@
return EVP_PKEY_NONE;
}
+static int GetRSAPadding(FileTest *t, int *out, const std::string &name) {
+ if (name == "PKCS1") {
+ *out = RSA_PKCS1_PADDING;
+ return true;
+ }
+ if (name == "PSS") {
+ *out = RSA_PKCS1_PSS_PADDING;
+ return true;
+ }
+ if (name == "OAEP") {
+ *out = RSA_PKCS1_OAEP_PADDING;
+ return true;
+ }
+ t->PrintLine("Unknown RSA padding mode: '%s'", name.c_str());
+ return false;
+}
+
using KeyMap = std::map<std::string, bssl::UniquePtr<EVP_PKEY>>;
static bool ImportKey(FileTest *t, KeyMap *key_map,
@@ -224,6 +242,25 @@
return false;
}
}
+ if (t->HasAttribute("RSAPadding")) {
+ int padding;
+ if (!GetRSAPadding(t, &padding, t->GetAttributeOrDie("RSAPadding")) ||
+ !EVP_PKEY_CTX_set_rsa_padding(ctx.get(), padding)) {
+ return false;
+ }
+ }
+ if (t->HasAttribute("PSSSaltLength") &&
+ !EVP_PKEY_CTX_set_rsa_pss_saltlen(
+ ctx.get(), atoi(t->GetAttributeOrDie("PSSSaltLength").c_str()))) {
+ return false;
+ }
+ if (t->HasAttribute("MGF1Digest")) {
+ const EVP_MD *digest = GetDigest(t, t->GetAttributeOrDie("MGF1Digest"));
+ if (digest == nullptr ||
+ !EVP_PKEY_CTX_set_rsa_mgf1_md(ctx.get(), digest)) {
+ return false;
+ }
+ }
if (t->GetType() == "Verify") {
if (!EVP_PKEY_verify(ctx.get(), output.data(), output.size(), input.data(),
diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt
index 7c316d8..eaee888 100644
--- a/src/crypto/evp/evp_tests.txt
+++ b/src/crypto/evp/evp_tests.txt
@@ -155,6 +155,111 @@
Output = 49525db4d44c755e560cba980b1d85ea604b0e077fcadd4ba44072a3487bbddb835016200a7d8739cce2dc3223d9c20cbdd25059ab02277f1f21318efd18e21038ec89aa9d40680987129e8b41ba33bceb86518bdf47268b921cce2037acabca6575d832499538d6f40cdba0d40bd7f4d8ea6ca6e2eec87f294efc971407857f5d7db09f6a7b31e301f571c6d82a5e3d08d2bb3a36e673d28b910f5bec57f0fcc4d968fd7c94d0b9226dec17f5192ad8b42bcab6f26e1bea1fdc3b958199acb00f14ebcb2a352f3afcedd4c09000128a603bbeb9696dea13040445253972d46237a25c7845e3b464e6984c2348ea1f1210a9ff0b00d2d72b50db00c009bb39f9
Error = BAD_SIGNATURE
+
+# RSA-PSS tests.
+
+# Zero salt length makes the output deterministic
+Sign = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+
+# Verify of above signature
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+
+# Wrong digest
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "00000000000000000000000000000000"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = BAD_SIGNATURE
+
+# Digest too short
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDE"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = INVALID_DIGEST_LENGTH
+
+# Digest too long
+Verify = RSA-2048-SPKI
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF0"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = INVALID_DIGEST_LENGTH
+
+# Wrong salt length
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 2
+Digest = SHA256
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+Error = SLEN_CHECK_FAILED
+
+# Wrong MGF1 digest, SHA-1
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+MGF1Digest = SHA1
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+# If SHA-1, this input happens to succeed recovering a salt length, but it does
+# not match.
+Error = SLEN_CHECK_FAILED
+
+# Wrong MGF1 digest, SHA-384
+Verify = RSA-2048
+RSAPadding = PSS
+PSSSaltLength = 0
+Digest = SHA256
+MGF1Digest = SHA384
+Input = "0123456789ABCDEF0123456789ABCDEF"
+Output = 4de433d5844043ef08d354da03cb29068780d52706d7d1e4d50efb7d58c9d547d83a747ddd0635a96b28f854e50145518482cb49e963054621b53c60c498d07c16e9c2789c893cf38d4d86900de71bde463bd2761d1271e358c7480a1ac0bab930ddf39602ad1bc165b5d7436b516b7a7858e8eb7ab1c420eeb482f4d207f0e462b1724959320a084e13848d11d10fb593e66bf680bf6d3f345fc3e9c3de60abbac37e1c6ec80a268c8d9fc49626c679097aa690bc1aa662b95eb8db70390861aa0898229f9349b4b5fdd030d4928c47084708a933144be23bd3c6e661b85b2c0ef9ed36d498d5b7320e8194d363d4ad478c059bae804181965e0b81b663158a
+# If SHA-384, this input happens fail to recover the salt length altogether.
+Error = SLEN_RECOVERY_FAILED
+
+
+# RSA decrypt
+
+Decrypt = RSA-2048
+Input = 550af55a2904e7b9762352f8fb7fa235a9cb053aacb2d5fcb8ca48453cb2ee3619746c701abf2d4cc67003471a187900b05aa812bd25ed05c675dfc8c97a24a7bf49bd6214992cad766d05a9a2b57b74f26a737e0237b8b76c45f1f226a836d7cfbc75ba999bdbe48dbc09227aa46c88f21dccba7840141ad5a5d71fd122e6bd6ac3e564780dfe623fc1ca9b995a6037bf0bbd43b205a84ac5444f34202c05ce9113087176432476576de6ffff9a52ea57c08be3ec2f49676cb8e12f762ac71fa3c321e00ac988910c85ff52f93825666ce0d40ffaa0592078919d4493f46d95ccf76364c6d57760dd0b64805f9afc76a2365a5575ca301d5103f0ea76cb9a78
+Output = "Hello World"
+
+# Corrupted ciphertext
+Decrypt = RSA-2048
+Input = 550af55a2904e7b9762352f8fb7fa235a9cb053aacb2d5fcb8ca48453cb2ee3619746c701abf2d4cc67003471a187900b05aa812bd25ed05c675dfc8c97a24a7bf49bd6214992cad766d05a9a2b57b74f26a737e0237b8b76c45f1f226a836d7cfbc75ba999bdbe48dbc09227aa46c88f21dccba7840141ad5a5d71fd122e6bd6ac3e564780dfe623fc1ca9b995a6037bf0bbd43b205a84ac5444f34202c05ce9113087176432476576de6ffff9a52ea57c08be3ec2f49676cb8e12f762ac71fa3c321e00ac988910c85ff52f93825666ce0d40ffaa0592078919d4493f46d95ccf76364c6d57760dd0b64805f9afc76a2365a5575ca301d5103f0ea76cb9a79
+Output = "Hello World"
+Error = PKCS_DECODING_ERROR
+
+# OAEP padding
+Decrypt = RSA-2048
+RSAPadding = OAEP
+Input = 458708dfbd42a1297ce7a9c86c7087ab80b1754810929b89c5107ca55368587686986fce94d86cc1595b3fb736223a656ec0f34d18ba1cc5665593610f56c58e26b272d584f3d983a5c91085700755aebd921fb280bba3eda7046ec07b43e7298e52d59edc92be4639a8ce08b2f85976ecf6d98cc469eeb9d5d8e2a32ea8a6626edafe1038b3df455668a9f3c77cad8b92fb872e00058c3d2a7ede1a1f03fc5622084ae04d9d24f6bf0995c58d35b93b699b9763595e123f2ab0863cc9229eb290e2ede7715c7a8f39e0b9a3e2e1b56ebb62f1cbfbb5986fb212ebd785b83d01d968b11d1756c7337f70c1f1a63bff03608e24f3a2fd44e67f832a8701c5d5af
+Output = "Hello World"
+
+# OAEP padding, corrupted ciphertext
+Decrypt = RSA-2048
+RSAPadding = OAEP
+Input = 458708dfbd42a1297ce7a9c86c7087ab80b1754810929b89c5107ca55368587686986fce94d86cc1595b3fb736223a656ec0f34d18ba1cc5665593610f56c58e26b272d584f3d983a5c91085700755aebd921fb280bba3eda7046ec07b43e7298e52d59edc92be4639a8ce08b2f85976ecf6d98cc469eeb9d5d8e2a32ea8a6626edafe1038b3df455668a9f3c77cad8b92fb872e00058c3d2a7ede1a1f03fc5622084ae04d9d24f6bf0995c58d35b93b699b9763595e123f2ab0863cc9229eb290e2ede7715c7a8f39e0b9a3e2e1b56ebb62f1cbfbb5986fb212ebd785b83d01d968b11d1756c7337f70c1f1a63bff03608e24f3a2fd44e67f832a8701c5d5ac
+Output = "Hello World"
+Error = OAEP_DECODING_ERROR
+
+
# EC tests
Verify = P-256
diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c
index f92c87c..dc1ea6f 100644
--- a/src/crypto/evp/p_ec.c
+++ b/src/crypto/evp/p_ec.c
@@ -70,6 +70,7 @@
#include "internal.h"
#include "../ec/internal.h"
+#include "../internal.h"
typedef struct {
@@ -84,7 +85,7 @@
if (!dctx) {
return 0;
}
- memset(dctx, 0, sizeof(EC_PKEY_CTX));
+ OPENSSL_memset(dctx, 0, sizeof(EC_PKEY_CTX));
ctx->data = dctx;
diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c
index a210657..ea2ba99 100644
--- a/src/crypto/evp/p_rsa.c
+++ b/src/crypto/evp/p_rsa.c
@@ -67,6 +67,7 @@
#include <openssl/nid.h>
#include <openssl/rsa.h>
+#include "../internal.h"
#include "../rsa/internal.h"
#include "internal.h"
@@ -97,7 +98,7 @@
if (!rctx) {
return 0;
}
- memset(rctx, 0, sizeof(RSA_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(RSA_PKEY_CTX));
rctx->nbits = 2048;
rctx->pad_mode = RSA_PKCS1_PADDING;
@@ -231,6 +232,11 @@
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, sig, siglen, rsa);
case RSA_PKCS1_PSS_PADDING:
+ if (tbslen != EVP_MD_size(rctx->md)) {
+ OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH);
+ return 0;
+ }
+
if (!setup_tbuf(rctx, ctx) ||
!RSA_verify_raw(rsa, &rslen, rctx->tbuf, key_len, sig, siglen,
RSA_NO_PADDING) ||
@@ -284,7 +290,7 @@
return 0;
}
*out_len = ret;
- memcpy(out, rctx->tbuf, *out_len);
+ OPENSSL_memcpy(out, rctx->tbuf, *out_len);
return 1;
}
@@ -324,7 +330,7 @@
}
if (out != NULL) {
- memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
+ OPENSSL_memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
}
*out_len = result_len;
diff --git a/src/crypto/evp/pbkdf.c b/src/crypto/evp/pbkdf.c
index b06b922..1792cdc 100644
--- a/src/crypto/evp/pbkdf.c
+++ b/src/crypto/evp/pbkdf.c
@@ -59,6 +59,8 @@
#include <openssl/hmac.h>
+#include "../internal.h"
+
int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
const uint8_t *salt, size_t salt_len, unsigned iterations,
@@ -101,7 +103,7 @@
return 0;
}
HMAC_CTX_cleanup(&hctx);
- memcpy(p, digest_tmp, cplen);
+ OPENSSL_memcpy(p, digest_tmp, cplen);
for (j = 1; j < iterations; j++) {
if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
HMAC_CTX_cleanup(&hctx_tpl);
diff --git a/src/crypto/evp/pbkdf_test.cc b/src/crypto/evp/pbkdf_test.cc
index 438ab64..5284700 100644
--- a/src/crypto/evp/pbkdf_test.cc
+++ b/src/crypto/evp/pbkdf_test.cc
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/evp.h>
+#include "../internal.h"
+
// Prints out the data buffer as a sequence of hex bytes.
static void PrintDataHex(const void *data, size_t len) {
@@ -49,7 +51,7 @@
return false;
}
- if (memcmp(key, expected_key, key_len) != 0) {
+ if (OPENSSL_memcmp(key, expected_key, key_len) != 0) {
fprintf(stderr, "Resulting key material does not match expectation\n");
fprintf(stderr, "Expected:\n ");
PrintDataHex(expected_key, key_len);
diff --git a/src/crypto/hkdf/CMakeLists.txt b/src/crypto/hkdf/CMakeLists.txt
index d9db933..3056a54 100644
--- a/src/crypto/hkdf/CMakeLists.txt
+++ b/src/crypto/hkdf/CMakeLists.txt
@@ -11,7 +11,7 @@
add_executable(
hkdf_test
- hkdf_test.c
+ hkdf_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/hkdf/hkdf.c b/src/crypto/hkdf/hkdf.c
index f21cb42..ae43b69 100644
--- a/src/crypto/hkdf/hkdf.c
+++ b/src/crypto/hkdf/hkdf.c
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/hmac.h>
+#include "../internal.h"
+
int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
const uint8_t *secret, size_t secret_len, const uint8_t *salt,
@@ -95,7 +97,7 @@
if (done + todo > out_len) {
todo = out_len - done;
}
- memcpy(out_key + done, previous, todo);
+ OPENSSL_memcpy(out_key + done, previous, todo);
done += todo;
}
diff --git a/src/crypto/hkdf/hkdf_test.c b/src/crypto/hkdf/hkdf_test.cc
similarity index 95%
rename from src/crypto/hkdf/hkdf_test.c
rename to src/crypto/hkdf/hkdf_test.cc
index 4499cc0..164fa1f 100644
--- a/src/crypto/hkdf/hkdf_test.c
+++ b/src/crypto/hkdf/hkdf_test.cc
@@ -24,7 +24,7 @@
#include "../test/test_util.h"
-typedef struct {
+struct HKDFTestVector {
const EVP_MD *(*md_func)(void);
const uint8_t ikm[80];
const size_t ikm_len;
@@ -36,10 +36,10 @@
const size_t prk_len;
const size_t out_len;
const uint8_t out[82];
-} hkdf_test_vector_t;
+};
/* These test vectors are from RFC 5869. */
-static const hkdf_test_vector_t kTests[] = {
+static const HKDFTestVector kTests[] = {
{
EVP_sha256,
{
@@ -248,13 +248,12 @@
};
int main(void) {
- uint8_t buf[82], prk[EVP_MAX_MD_SIZE];
- size_t i, prk_len;
-
CRYPTO_library_init();
- for (i = 0; i < OPENSSL_ARRAY_SIZE(kTests); i++) {
- const hkdf_test_vector_t *test = &kTests[i];
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTests); i++) {
+ const HKDFTestVector *test = &kTests[i];
+ uint8_t prk[EVP_MAX_MD_SIZE];
+ size_t prk_len;
if (!HKDF_extract(prk, &prk_len, test->md_func(), test->ikm, test->ikm_len,
test->salt, test->salt_len)) {
fprintf(stderr, "Call to HKDF_extract failed\n");
@@ -262,17 +261,18 @@
return 1;
}
if (prk_len != test->prk_len ||
- memcmp(prk, test->prk, test->prk_len) != 0) {
+ OPENSSL_memcmp(prk, test->prk, test->prk_len) != 0) {
fprintf(stderr, "%zu: Resulting PRK does not match test vector\n", i);
return 1;
}
+ uint8_t buf[82];
if (!HKDF_expand(buf, test->out_len, test->md_func(), prk, prk_len,
test->info, test->info_len)) {
fprintf(stderr, "Call to HKDF_expand failed\n");
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
@@ -284,7 +284,7 @@
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
@@ -292,6 +292,5 @@
}
printf("PASS\n");
- ERR_free_strings();
return 0;
}
diff --git a/src/crypto/hmac/hmac.c b/src/crypto/hmac/hmac.c
index 2eae9e8..a252667 100644
--- a/src/crypto/hmac/hmac.c
+++ b/src/crypto/hmac/hmac.c
@@ -62,6 +62,8 @@
#include <openssl/digest.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
const uint8_t *data, size_t data_len, uint8_t *out,
@@ -130,12 +132,12 @@
}
} else {
assert(key_len <= sizeof(key_block));
- memcpy(key_block, key, key_len);
+ OPENSSL_memcpy(key_block, key, key_len);
key_block_len = (unsigned)key_len;
}
/* Keys are then padded with zeros. */
if (key_block_len != EVP_MAX_MD_BLOCK_SIZE) {
- memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
+ OPENSSL_memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
}
for (size_t i = 0; i < EVP_MAX_MD_BLOCK_SIZE; i++) {
diff --git a/src/crypto/internal.h b/src/crypto/internal.h
index 896cc3b..2724956 100644
--- a/src/crypto/internal.h
+++ b/src/crypto/internal.h
@@ -112,6 +112,8 @@
#include <openssl/ex_data.h>
#include <openssl/thread.h>
+#include <string.h>
+
#if defined(_MSC_VER)
#if !defined(__cplusplus) || _MSC_VER < 1900
#define alignas(x) __declspec(align(x))
@@ -520,6 +522,85 @@
void *obj, CRYPTO_EX_DATA *ad);
+/* Language bug workarounds.
+ *
+ * Most C standard library functions are undefined if passed NULL, even when the
+ * corresponding length is zero. This gives them (and, in turn, all functions
+ * which call them) surprising behavior on empty arrays. Some compilers will
+ * miscompile code due to this rule. See also
+ * https://www.imperialviolet.org/2016/06/26/nonnull.html
+ *
+ * These wrapper functions behave the same as the corresponding C standard
+ * functions, but behave as expected when passed NULL if the length is zero.
+ *
+ * Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|. */
+
+/* C++ defines |memchr| as a const-correct overload. */
+#if defined(__cplusplus)
+extern "C++" {
+
+static inline const void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+static inline void *OPENSSL_memchr(void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+} /* extern "C++" */
+#else /* __cplusplus */
+
+static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+#endif /* __cplusplus */
+
+static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) {
+ if (n == 0) {
+ return 0;
+ }
+
+ return memcmp(s1, s2, n);
+}
+
+static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memcpy(dst, src, n);
+}
+
+static inline void *OPENSSL_memmove(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memmove(dst, src, n);
+}
+
+static inline void *OPENSSL_memset(void *dst, int c, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memset(dst, c, n);
+}
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
diff --git a/src/crypto/lhash/CMakeLists.txt b/src/crypto/lhash/CMakeLists.txt
index 4f4dea7..bd6005b 100644
--- a/src/crypto/lhash/CMakeLists.txt
+++ b/src/crypto/lhash/CMakeLists.txt
@@ -11,7 +11,7 @@
add_executable(
lhash_test
- lhash_test.c
+ lhash_test.cc
$<TARGET_OBJECTS:test_support>
)
diff --git a/src/crypto/lhash/lhash.c b/src/crypto/lhash/lhash.c
index 233f34f..27960d9 100644
--- a/src/crypto/lhash/lhash.c
+++ b/src/crypto/lhash/lhash.c
@@ -62,6 +62,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinNumBuckets is the minimum size of the buckets array in an |_LHASH|. */
static const size_t kMinNumBuckets = 16;
@@ -71,13 +74,11 @@
static const size_t kMinAverageChainLength = 1;
_LHASH *lh_new(lhash_hash_func hash, lhash_cmp_func comp) {
- _LHASH *ret;
-
- ret = OPENSSL_malloc(sizeof(_LHASH));
+ _LHASH *ret = OPENSSL_malloc(sizeof(_LHASH));
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(_LHASH));
+ OPENSSL_memset(ret, 0, sizeof(_LHASH));
ret->num_buckets = kMinNumBuckets;
ret->buckets = OPENSSL_malloc(sizeof(LHASH_ITEM *) * ret->num_buckets);
@@ -85,17 +86,10 @@
OPENSSL_free(ret);
return NULL;
}
- memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
+ OPENSSL_memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
ret->comp = comp;
- if (ret->comp == NULL) {
- ret->comp = (lhash_cmp_func) strcmp;
- }
ret->hash = hash;
- if (ret->hash == NULL) {
- ret->hash = (lhash_hash_func) lh_strhash;
- }
-
return ret;
}
@@ -173,7 +167,7 @@
if (new_buckets == NULL) {
return;
}
- memset(new_buckets, 0, alloc_size);
+ OPENSSL_memset(new_buckets, 0, alloc_size);
for (i = 0; i < lh->num_buckets; i++) {
for (cur = lh->buckets[i]; cur != NULL; cur = next) {
diff --git a/src/crypto/lhash/lhash_test.c b/src/crypto/lhash/lhash_test.c
deleted file mode 100644
index 309b765..0000000
--- a/src/crypto/lhash/lhash_test.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#if !defined(_POSIX_C_SOURCE)
-#define _POSIX_C_SOURCE 201410L
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-struct dummy_lhash_node {
- char *s;
- struct dummy_lhash_node *next;
-};
-
-struct dummy_lhash {
- struct dummy_lhash_node *head;
-};
-
-static void dummy_lh_free(struct dummy_lhash *lh) {
- struct dummy_lhash_node *cur, *next;
-
- for (cur = lh->head; cur != NULL; cur = next) {
- next = cur->next;
- free(cur->s);
- free(cur);
- }
-}
-
-static size_t dummy_lh_num_items(const struct dummy_lhash *lh) {
- size_t count = 0;
- struct dummy_lhash_node *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- count++;
- }
-
- return count;
-}
-
-static char *dummy_lh_retrieve(struct dummy_lhash *lh, const char *s) {
- struct dummy_lhash_node *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- return cur->s;
- }
- }
-
- return NULL;
-}
-
-static int dummy_lh_insert(struct dummy_lhash *lh, char **old_data, char *s) {
- struct dummy_lhash_node *node, *cur;
-
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- *old_data = cur->s;
- cur->s = s;
- return 1;
- }
- }
-
- node = malloc(sizeof(struct dummy_lhash_node));
- *old_data = NULL;
- node->s = s;
- node->next = lh->head;
- lh->head = node;
- return 1;
-}
-
-static char *dummy_lh_delete(struct dummy_lhash *lh, const void *s) {
- struct dummy_lhash_node *cur, **next_ptr;
- char *ret;
-
- next_ptr = &lh->head;
- for (cur = lh->head; cur != NULL; cur = cur->next) {
- if (strcmp(cur->s, s) == 0) {
- ret = cur->s;
- *next_ptr = cur->next;
- free(cur);
- return ret;
- }
- next_ptr = &cur->next;
- }
-
- return NULL;
-}
-
-static char *rand_string(void) {
- unsigned len = 1 + (rand() % 3);
- char *ret = malloc(len + 1);
- unsigned i;
-
- for (i = 0; i < len; i++) {
- ret[i] = '0' + (rand() & 7);
- }
- ret[i] = 0;
-
- return ret;
-}
-
-int main(int argc, char **argv) {
- _LHASH *lh;
- struct dummy_lhash dummy_lh = {NULL};
- unsigned i;
-
- CRYPTO_library_init();
-
- lh = lh_new(NULL, NULL);
- if (lh == NULL) {
- return 1;
- }
-
- for (i = 0; i < 100000; i++) {
- unsigned action;
- char *s, *s1, *s2;
-
- if (dummy_lh_num_items(&dummy_lh) != lh_num_items(lh)) {
- fprintf(stderr, "Length mismatch\n");
- return 1;
- }
-
- action = rand() % 3;
- switch (action) {
- case 0:
- s = rand_string();
- s1 = (char *)lh_retrieve(lh, s);
- s2 = dummy_lh_retrieve(&dummy_lh, s);
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_retrieve failure\n");
- abort();
- }
- free(s);
- break;
-
- case 1:
- s = rand_string();
- lh_insert(lh, (void **)&s1, s);
-#if defined(OPENSSL_WINDOWS)
- dummy_lh_insert(&dummy_lh, &s2, _strdup(s));
-#else
- dummy_lh_insert(&dummy_lh, &s2, strdup(s));
-#endif
-
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_insert failure\n");
- abort();
- }
-
- if (s1) {
- free(s1);
- }
- if (s2) {
- free(s2);
- }
- break;
-
- case 2:
- s = rand_string();
- s1 = lh_delete(lh, s);
- s2 = dummy_lh_delete(&dummy_lh, s);
-
- if (s1 != NULL && (s2 == NULL || strcmp(s1, s2) != 0)) {
- fprintf(stderr, "lh_insert failure\n");
- abort();
- }
-
- if (s1) {
- free(s1);
- }
- if (s2) {
- free(s2);
- }
- free(s);
- break;
-
- default:
- abort();
- }
- }
-
- lh_doall(lh, free);
- lh_free(lh);
- dummy_lh_free(&dummy_lh);
- printf("PASS\n");
- return 0;
-}
diff --git a/src/crypto/lhash/lhash_test.cc b/src/crypto/lhash/lhash_test.cc
new file mode 100644
index 0000000..cbeb15b
--- /dev/null
+++ b/src/crypto/lhash/lhash_test.cc
@@ -0,0 +1,161 @@
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#if !defined(_POSIX_C_SOURCE)
+#define _POSIX_C_SOURCE 201410L
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <algorithm>
+#include <memory>
+#include <map>
+#include <string>
+#include <utility>
+#include <vector>
+
+
+static std::unique_ptr<char[]> RandString(void) {
+ unsigned len = 1 + (rand() % 3);
+ std::unique_ptr<char[]> ret(new char[len + 1]);
+
+ for (unsigned i = 0; i < len; i++) {
+ ret[i] = '0' + (rand() & 7);
+ }
+ ret[len] = 0;
+
+ return ret;
+}
+
+struct FreeLHASH {
+ void operator()(_LHASH *lh) { lh_free(lh); }
+};
+
+static const char *Lookup(
+ std::map<std::string, std::unique_ptr<char[]>> *dummy_lh, const char *key) {
+ // Using operator[] implicitly inserts into the map.
+ auto iter = dummy_lh->find(key);
+ if (iter == dummy_lh->end()) {
+ return nullptr;
+ }
+ return iter->second.get();
+}
+
+int main(int argc, char **argv) {
+ CRYPTO_library_init();
+
+ std::unique_ptr<_LHASH, FreeLHASH> lh(
+ lh_new((lhash_hash_func)lh_strhash, (lhash_cmp_func)strcmp));
+ if (!lh) {
+ return 1;
+ }
+
+ // lh is expected to store a canonical instance of each string. dummy_lh
+ // mirrors what it stores for comparison. It also manages ownership of the
+ // pointers.
+ std::map<std::string, std::unique_ptr<char[]>> dummy_lh;
+
+ for (unsigned i = 0; i < 100000; i++) {
+ if (dummy_lh.size() != lh_num_items(lh.get())) {
+ fprintf(stderr, "Length mismatch\n");
+ return 1;
+ }
+
+ // Check the entire contents and test |lh_doall_arg|. This takes O(N) time,
+ // so only do it every few iterations.
+ //
+ // TODO(davidben): |lh_doall_arg| also supports modifying the hash in the
+ // callback. Test this.
+ if (i % 1000 == 0) {
+ using ValueList = std::vector<const char *>;
+ ValueList expected, actual;
+ for (const auto &pair : dummy_lh) {
+ expected.push_back(pair.second.get());
+ }
+ std::sort(expected.begin(), expected.end());
+
+ lh_doall_arg(lh.get(),
+ [](void *ptr, void *arg) {
+ ValueList *out = reinterpret_cast<ValueList *>(arg);
+ out->push_back(reinterpret_cast<char *>(ptr));
+ },
+ &actual);
+ std::sort(actual.begin(), actual.end());
+
+ if (expected != actual) {
+ fprintf(stderr, "Contents mismatch\n");
+ return 1;
+ }
+ }
+
+ enum Action {
+ kRetrieve = 0,
+ kInsert,
+ kDelete,
+ };
+
+ Action action = static_cast<Action>(rand() % 3);
+ switch (action) {
+ case kRetrieve: {
+ std::unique_ptr<char[]> key = RandString();
+ void *value = lh_retrieve(lh.get(), key.get());
+ if (value != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_retrieve failure\n");
+ return 1;
+ }
+ break;
+ }
+
+ case kInsert: {
+ std::unique_ptr<char[]> key = RandString();
+ void *previous;
+ if (!lh_insert(lh.get(), &previous, key.get())) {
+ return 1;
+ }
+
+ if (previous != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_insert failure\n");
+ return 1;
+ }
+
+ dummy_lh[key.get()] = std::move(key);
+ break;
+ }
+
+ case kDelete: {
+ std::unique_ptr<char[]> key = RandString();
+ void *value = lh_delete(lh.get(), key.get());
+
+ if (value != Lookup(&dummy_lh, key.get())) {
+ fprintf(stderr, "lh_delete failure\n");
+ return 1;
+ }
+
+ dummy_lh.erase(key.get());
+ break;
+ }
+
+ default:
+ abort();
+ }
+ }
+
+ printf("PASS\n");
+ return 0;
+}
diff --git a/src/crypto/md4/md4.c b/src/crypto/md4/md4.c
index 7da3ec8..0046c21 100644
--- a/src/crypto/md4/md4.c
+++ b/src/crypto/md4/md4.c
@@ -59,6 +59,8 @@
#include <stdlib.h>
#include <string.h>
+#include "../internal.h"
+
uint8_t *MD4(const uint8_t *data, size_t len, uint8_t *out) {
MD4_CTX ctx;
@@ -72,7 +74,7 @@
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm. */
int MD4_Init(MD4_CTX *md4) {
- memset(md4, 0, sizeof(MD4_CTX));
+ OPENSSL_memset(md4, 0, sizeof(MD4_CTX));
md4->h[0] = 0x67452301UL;
md4->h[1] = 0xefcdab89UL;
md4->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/md5/md5.c b/src/crypto/md5/md5.c
index a66fa7f..7712f47 100644
--- a/src/crypto/md5/md5.c
+++ b/src/crypto/md5/md5.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out) {
MD5_CTX ctx;
@@ -78,7 +80,7 @@
}
int MD5_Init(MD5_CTX *md5) {
- memset(md5, 0, sizeof(MD5_CTX));
+ OPENSSL_memset(md5, 0, sizeof(MD5_CTX));
md5->h[0] = 0x67452301UL;
md5->h[1] = 0xefcdab89UL;
md5->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/mem.c b/src/crypto/mem.c
index ee34767..390ca2e 100644
--- a/src/crypto/mem.c
+++ b/src/crypto/mem.c
@@ -73,6 +73,8 @@
#include <strings.h>
#endif
+#include "internal.h"
+
void *OPENSSL_realloc_clean(void *ptr, size_t old_size, size_t new_size) {
if (ptr == NULL) {
@@ -94,7 +96,7 @@
return NULL;
}
- memcpy(ret, ptr, old_size);
+ OPENSSL_memcpy(ret, ptr, old_size);
OPENSSL_cleanse(ptr, old_size);
OPENSSL_free(ptr);
return ret;
@@ -104,7 +106,7 @@
#if defined(OPENSSL_WINDOWS)
SecureZeroMemory(ptr, len);
#else
- memset(ptr, 0, len);
+ OPENSSL_memset(ptr, 0, len);
#if !defined(OPENSSL_NO_ASM)
/* As best as we can tell, this is sufficient to break any optimisations that
diff --git a/src/crypto/modes/cbc.c b/src/crypto/modes/cbc.c
index 6e9fe24..12d551c 100644
--- a/src/crypto/modes/cbc.c
+++ b/src/crypto/modes/cbc.c
@@ -103,7 +103,7 @@
out += 16;
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
}
void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len,
@@ -154,7 +154,7 @@
out += 16;
}
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
} else {
/* |out| is less than two blocks behind |in|. Decrypting an input block
* directly to |out| would overwrite a ciphertext block before it is used as
diff --git a/src/crypto/modes/cfb.c b/src/crypto/modes/cfb.c
index 51b883e..af15255 100644
--- a/src/crypto/modes/cfb.c
+++ b/src/crypto/modes/cfb.c
@@ -167,7 +167,7 @@
}
/* fill in the first half of the new IV with the current IV */
- memcpy(ovec, ivec, 16);
+ OPENSSL_memcpy(ovec, ivec, 16);
/* construct the new IV */
(*block)(ivec, ivec, key);
num = (nbits + 7) / 8;
@@ -186,7 +186,7 @@
rem = nbits % 8;
num = nbits / 8;
if (rem == 0) {
- memcpy(ivec, ovec + num, 16);
+ OPENSSL_memcpy(ivec, ovec + num, 16);
} else {
for (n = 0; n < 16; ++n) {
ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
diff --git a/src/crypto/modes/ctr.c b/src/crypto/modes/ctr.c
index b84e72c..c026d15 100644
--- a/src/crypto/modes/ctr.c
+++ b/src/crypto/modes/ctr.c
@@ -202,7 +202,7 @@
in += blocks;
}
if (len) {
- memset(ecount_buf, 0, 16);
+ OPENSSL_memset(ecount_buf, 0, 16);
(*func)(ecount_buf, ecount_buf, 1, key, ivec);
++ctr32;
PUTU32(ivec + 12, ctr32);
diff --git a/src/crypto/modes/gcm.c b/src/crypto/modes/gcm.c
index 3b793e8..df68c40 100644
--- a/src/crypto/modes/gcm.c
+++ b/src/crypto/modes/gcm.c
@@ -363,7 +363,7 @@
uint8_t c[16];
} H;
- memcpy(H.c, gcm_key, 16);
+ OPENSSL_memcpy(H.c, gcm_key, 16);
/* H is stored in host byte order */
H.u[0] = CRYPTO_bswap8(H.u[0]);
@@ -426,11 +426,11 @@
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, const void *aes_key,
block128_f block) {
- memset(ctx, 0, sizeof(*ctx));
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->block = block;
uint8_t gcm_key[16];
- memset(gcm_key, 0, sizeof(gcm_key));
+ OPENSSL_memset(gcm_key, 0, sizeof(gcm_key));
(*block)(gcm_key, gcm_key, aes_key);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, gcm_key);
@@ -453,7 +453,7 @@
ctx->mres = 0;
if (len == 12) {
- memcpy(ctx->Yi.c, iv, 12);
+ OPENSSL_memcpy(ctx->Yi.c, iv, 12);
ctx->Yi.c[15] = 1;
ctr = 1;
} else {
@@ -1060,7 +1060,8 @@
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) {
CRYPTO_gcm128_finish(ctx, NULL, 0);
- memcpy(tag, ctx->Xi.c, len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
+ OPENSSL_memcpy(tag, ctx->Xi.c,
+ len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
}
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
diff --git a/src/crypto/modes/gcm_test.cc b/src/crypto/modes/gcm_test.cc
index 8baf20e..1a5e034 100644
--- a/src/crypto/modes/gcm_test.cc
+++ b/src/crypto/modes/gcm_test.cc
@@ -350,7 +350,7 @@
CRYPTO_gcm128_init(&ctx, &aes_key, (block128_f) AES_encrypt);
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -358,7 +358,7 @@
CRYPTO_gcm128_encrypt(&ctx, &aes_key, plaintext, out, plaintext_len);
}
if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) ||
- (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) {
+ (ciphertext && OPENSSL_memcmp(out, ciphertext, plaintext_len) != 0)) {
fprintf(stderr, "%u: encrypt failed.\n", test_num);
hexdump(stderr, "got :", out, plaintext_len);
hexdump(stderr, "want:", ciphertext, plaintext_len);
@@ -366,7 +366,7 @@
}
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -377,7 +377,7 @@
fprintf(stderr, "%u: decrypt failed.\n", test_num);
goto out;
}
- if (plaintext && memcmp(out, plaintext, plaintext_len)) {
+ if (plaintext && OPENSSL_memcmp(out, plaintext, plaintext_len)) {
fprintf(stderr, "%u: plaintext doesn't match.\n", test_num);
goto out;
}
diff --git a/src/crypto/modes/internal.h b/src/crypto/modes/internal.h
index a53da04..9b579fa 100644
--- a/src/crypto/modes/internal.h
+++ b/src/crypto/modes/internal.h
@@ -53,6 +53,8 @@
#include <string.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -100,13 +102,13 @@
static inline uint32_t GETU32(const void *in) {
uint32_t v;
- memcpy(&v, in, sizeof(v));
+ OPENSSL_memcpy(&v, in, sizeof(v));
return CRYPTO_bswap4(v);
}
static inline void PUTU32(void *out, uint32_t v) {
v = CRYPTO_bswap4(v);
- memcpy(out, &v, sizeof(v));
+ OPENSSL_memcpy(out, &v, sizeof(v));
}
static inline uint32_t GETU32_aligned(const void *in) {
diff --git a/src/crypto/modes/ofb.c b/src/crypto/modes/ofb.c
index 0ee95ca..95d15c3 100644
--- a/src/crypto/modes/ofb.c
+++ b/src/crypto/modes/ofb.c
@@ -73,11 +73,11 @@
(*block)(ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t a, b;
- memcpy(&a, in + n, sizeof(size_t));
- memcpy(&b, ivec + n, sizeof(size_t));
+ OPENSSL_memcpy(&a, in + n, sizeof(size_t));
+ OPENSSL_memcpy(&b, ivec + n, sizeof(size_t));
const size_t c = a ^ b;
- memcpy(out + n, &c, sizeof(size_t));
+ OPENSSL_memcpy(out + n, &c, sizeof(size_t));
}
len -= 16;
out += 16;
diff --git a/src/crypto/modes/polyval.c b/src/crypto/modes/polyval.c
index c5121a1..125b256 100644
--- a/src/crypto/modes/polyval.c
+++ b/src/crypto/modes/polyval.c
@@ -54,11 +54,11 @@
void CRYPTO_POLYVAL_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
polyval_block H;
- memcpy(H.c, key, 16);
+ OPENSSL_memcpy(H.c, key, 16);
reverse_and_mulX_ghash(&H);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H.c);
- memset(&ctx->S, 0, sizeof(ctx->S));
+ OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
}
void CRYPTO_POLYVAL_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
@@ -71,7 +71,8 @@
if (todo > sizeof(reversed)) {
todo = sizeof(reversed);
}
- memcpy(reversed, in, todo);
+ OPENSSL_memcpy(reversed, in, todo);
+ in += todo;
in_len -= todo;
size_t blocks = todo / sizeof(polyval_block);
@@ -86,7 +87,7 @@
void CRYPTO_POLYVAL_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
polyval_block S = ctx->S;
byte_reverse(&S);
- memcpy(out, &S.c, sizeof(polyval_block));
+ OPENSSL_memcpy(out, &S.c, sizeof(polyval_block));
}
diff --git a/src/crypto/obj/README b/src/crypto/obj/README
index 6199fb4..797bb68 100644
--- a/src/crypto/obj/README
+++ b/src/crypto/obj/README
@@ -1,37 +1,15 @@
-OID information is generated via a series of perl scripts. In order, the full
-list of commands to run are:
+The files nid.h, obj_mac.num, and obj_dat.h are generated from objects.txt and
+obj_mac.num. To regenerate them, run:
- perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h
- perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h
- perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h
+ go run objects.go
objects.txt contains the list of all built-in OIDs. It is processed by
-objects.pl to output obj_mac.num and nid.h. obj_mac.num is the list of NID
-values for each OID. This is an input/output parameter so NID values are stable
-across regenerations. nid.h is the header which defines macros for all the
-built-in OIDs in C.
+objects.go to output obj_mac.num, obj_dat.h, and nid.h.
-nid.h is read by obj_dat.pl to generate obj_dat.h. obj_dat.h contains the
-ASN1_OBJECTs corresponding to built-in OIDs themselves along with lookup tables
-for search by short name, OID, etc.
+obj_mac.num is the list of NID values for each OID. This is an input/output
+file so NID values are stable across regenerations.
-obj_mac.num and obj_xref.txt are read by obj_xref.pl to generate
-obj_xref.h. obj_xref.txt links signature OIDs to corresponding public key
-algorithms and digests. obj_xref.h contains lookup tables for querying this
-information in both directions.
+nid.h is the header which defines macros for all the built-in OIDs in C.
-Dependency graph:
-
- objects.txt
- |
- V
- [objects.pl] <--+
- / \ |
- V V |
- nid.h obj_mac.num obj_xref.txt
- | \ /
- V V V
- [obj_dat.pl] [obj_xref.pl]
- | |
- V V
- obj_dat.h obj_xref.h
+obj_dat.h contains the ASN1_OBJECTs corresponding to built-in OIDs themselves
+along with lookup tables for search by short name, OID, etc.
diff --git a/src/crypto/obj/obj.c b/src/crypto/obj/obj.c
index c44ffc8..173257f 100644
--- a/src/crypto/obj/obj.c
+++ b/src/crypto/obj/obj.c
@@ -123,7 +123,7 @@
goto err;
}
if (o->data != NULL) {
- memcpy(data, o->data, o->length);
+ OPENSSL_memcpy(data, o->data, o->length);
}
/* once data is attached to an object, it remains const */
@@ -169,7 +169,7 @@
if (ret) {
return ret;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
/* obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is
@@ -185,7 +185,7 @@
} else if (a->length > b->length) {
return 1;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
int OBJ_obj2nid(const ASN1_OBJECT *obj) {
@@ -211,7 +211,8 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(obj, kNIDsInOIDOrder, NUM_OBJ, sizeof(unsigned), obj_cmp);
+ nid_ptr = bsearch(obj, kNIDsInOIDOrder, OPENSSL_ARRAY_SIZE(kNIDsInOIDOrder),
+ sizeof(kNIDsInOIDOrder[0]), obj_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -225,7 +226,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = CBS_data(cbs);
obj.length = (int)CBS_len(cbs);
@@ -258,7 +259,9 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(short_name, kNIDsInShortNameOrder, NUM_SN, sizeof(unsigned), short_name_cmp);
+ nid_ptr = bsearch(short_name, kNIDsInShortNameOrder,
+ OPENSSL_ARRAY_SIZE(kNIDsInShortNameOrder),
+ sizeof(kNIDsInShortNameOrder[0]), short_name_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -292,7 +295,9 @@
}
CRYPTO_STATIC_MUTEX_unlock_read(&global_added_lock);
- nid_ptr = bsearch(long_name, kNIDsInLongNameOrder, NUM_LN, sizeof(unsigned), long_name_cmp);
+ nid_ptr = bsearch(long_name, kNIDsInLongNameOrder,
+ OPENSSL_ARRAY_SIZE(kNIDsInLongNameOrder),
+ sizeof(kNIDsInLongNameOrder[0]), long_name_cmp);
if (nid_ptr == NULL) {
return NID_undef;
}
@@ -543,7 +548,7 @@
if (i) {
return i;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
diff --git a/src/crypto/obj/obj_dat.h b/src/crypto/obj/obj_dat.h
index 1d779de..4905f0d 100644
--- a/src/crypto/obj/obj_dat.h
+++ b/src/crypto/obj/obj_dat.h
@@ -1,7 +1,3 @@
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h */
-
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -58,5197 +54,6123 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.] */
+/* This file is generated by crypto/obj/objects.go. */
+
#define NUM_NID 949
-#define NUM_SN 941
-#define NUM_LN 941
-#define NUM_OBJ 876
-static const unsigned char lvalues[6176]={
-0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
-0x55, /* [ 82] OBJ_X500 */
-0x55,0x04, /* [ 83] OBJ_X509 */
-0x55,0x04,0x03, /* [ 85] OBJ_commonName */
-0x55,0x04,0x06, /* [ 88] OBJ_countryName */
-0x55,0x04,0x07, /* [ 91] OBJ_localityName */
-0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
-0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [217] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12, /* [225] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F, /* [230] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [235] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08, /* [243] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [248] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [337] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [344] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [352] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A, /* [360] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D, /* [374] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C, /* [379] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B, /* [402] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */
-0x55,0x1D, /* [488] OBJ_id_ce */
-0x55,0x1D,0x0E, /* [490] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F, /* [493] OBJ_key_usage */
-0x55,0x1D,0x10, /* [496] OBJ_private_key_usage_period */
-0x55,0x1D,0x11, /* [499] OBJ_subject_alt_name */
-0x55,0x1D,0x12, /* [502] OBJ_issuer_alt_name */
-0x55,0x1D,0x13, /* [505] OBJ_basic_constraints */
-0x55,0x1D,0x14, /* [508] OBJ_crl_number */
-0x55,0x1D,0x20, /* [511] OBJ_certificate_policies */
-0x55,0x1D,0x23, /* [514] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65, /* [526] OBJ_mdc2 */
-0x55,0x08,0x03,0x64, /* [530] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A, /* [534] OBJ_givenName */
-0x55,0x04,0x04, /* [537] OBJ_surname */
-0x55,0x04,0x2B, /* [540] OBJ_initials */
-0x55,0x1D,0x1F, /* [543] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03, /* [546] OBJ_md5WithRSA */
-0x55,0x04,0x05, /* [551] OBJ_serialNumber */
-0x55,0x04,0x0C, /* [554] OBJ_title */
-0x55,0x04,0x0D, /* [557] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [578] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D, /* [585] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [590] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01, /* [597] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02, /* [602] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [608] OBJ_rc5_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [616] OBJ_zlib_compression */
-0x55,0x1D,0x25, /* [627] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07, /* [630] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [636] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [643] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [651] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [659] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [667] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [675] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [683] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [693] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [703] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [713] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [723] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [733] OBJ_ns_sgc */
-0x55,0x1D,0x1B, /* [742] OBJ_delta_crl */
-0x55,0x1D,0x15, /* [745] OBJ_crl_reason */
-0x55,0x1D,0x18, /* [748] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01, /* [751] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [756] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [766] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [776] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [786] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [796] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [806] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [816] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [827] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [838] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [849] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [860] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [871] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [882] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [891] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [900] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [910] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [920] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [930] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [939] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [948] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [956] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [964] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [972] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [981] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [990] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [999] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1008] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1018] OBJ_ext_req */
-0x55,0x04,0x29, /* [1027] OBJ_name */
-0x55,0x04,0x2E, /* [1030] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1033] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1040] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1047] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1055] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1063] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1071] OBJ_OCSP_sign */
-0x2A, /* [1079] OBJ_member_body */
-0x2A,0x86,0x48, /* [1080] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38, /* [1083] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04, /* [1088] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01, /* [1094] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05, /* [1102] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1110] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1119] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1129] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1139] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1149] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1159] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1169] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1179] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1189] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1200] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1211] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1222] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1233] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1244] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1255] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1266] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1277] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1288] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1299] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1310] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1321] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1332] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1343] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1354] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1365] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1376] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1387] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1398] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1409] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1420] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1431] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1442] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1453] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1464] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1475] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1486] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1497] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1508] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1519] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1530] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1541] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1552] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1563] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1574] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1585] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1596] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1607] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1618] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1629] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1640] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1651] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1662] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1673] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1684] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1695] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1706] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1717] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1728] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1739] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1750] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1761] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1772] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1783] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1794] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1805] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1816] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1827] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1838] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1849] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04, /* [1860] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00, /* [1868] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02, /* [1875] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04, /* [1882] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05, /* [1889] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06, /* [1896] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07, /* [1903] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08, /* [1910] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09, /* [1917] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A, /* [1924] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B, /* [1931] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C, /* [1938] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01, /* [1945] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02, /* [1953] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03, /* [1961] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04, /* [1969] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05, /* [1977] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06, /* [1985] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07, /* [1993] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08, /* [2001] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09, /* [2009] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A, /* [2017] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B, /* [2025] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C, /* [2033] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D, /* [2041] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E, /* [2049] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F, /* [2057] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10, /* [2065] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02, /* [2073] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03, /* [2081] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04, /* [2089] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05, /* [2097] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06, /* [2105] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07, /* [2113] OBJ_sbgp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2121] OBJ_sbgp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2129] OBJ_sbgp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2137] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2145] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2153] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2161] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2169] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2177] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2185] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03, /* [2193] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04, /* [2201] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05, /* [2209] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06, /* [2217] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07, /* [2225] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08, /* [2233] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09, /* [2241] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A, /* [2249] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B, /* [2257] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C, /* [2265] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D, /* [2273] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E, /* [2281] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F, /* [2289] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01, /* [2297] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02, /* [2305] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2313] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2322] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2331] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2340] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2349] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2358] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2367] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2376] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01, /* [2385] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02, /* [2393] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03, /* [2401] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04, /* [2409] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01, /* [2417] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02, /* [2425] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03, /* [2433] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04, /* [2441] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05, /* [2449] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06, /* [2457] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07, /* [2465] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08, /* [2473] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09, /* [2481] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A, /* [2489] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B, /* [2497] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F, /* [2505] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10, /* [2513] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11, /* [2521] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12, /* [2529] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13, /* [2537] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15, /* [2545] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16, /* [2553] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17, /* [2561] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18, /* [2569] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01, /* [2577] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01, /* [2585] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02, /* [2593] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03, /* [2601] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04, /* [2609] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05, /* [2617] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01, /* [2625] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02, /* [2633] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03, /* [2641] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04, /* [2649] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05, /* [2657] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01, /* [2665] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01, /* [2673] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02, /* [2681] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03, /* [2689] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03, /* [2697] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04, /* [2705] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2713] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2722] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2731] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2740] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2749] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2758] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2767] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2776] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2785] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2794] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2803] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02, /* [2812] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B, /* [2816] OBJ_rsaSignature */
-0x55,0x08, /* [2821] OBJ_X500algorithms */
-0x2B, /* [2823] OBJ_org */
-0x2B,0x06, /* [2824] OBJ_dod */
-0x2B,0x06,0x01, /* [2826] OBJ_iana */
-0x2B,0x06,0x01,0x01, /* [2829] OBJ_Directory */
-0x2B,0x06,0x01,0x02, /* [2833] OBJ_Management */
-0x2B,0x06,0x01,0x03, /* [2837] OBJ_Experimental */
-0x2B,0x06,0x01,0x04, /* [2841] OBJ_Private */
-0x2B,0x06,0x01,0x05, /* [2845] OBJ_Security */
-0x2B,0x06,0x01,0x06, /* [2849] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07, /* [2853] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01, /* [2857] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2862] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2871] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2881] OBJ_Domain */
-0x55,0x01,0x05, /* [2891] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37, /* [2894] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2898] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A, /* [2907] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B, /* [2915] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06, /* [2923] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48, /* [2931] OBJ_role */
-0x55,0x1D,0x24, /* [2934] OBJ_policy_constraints */
-0x55,0x1D,0x37, /* [2937] OBJ_target_information */
-0x55,0x1D,0x38, /* [2940] OBJ_no_rev_avail */
-0x2A,0x86,0x48,0xCE,0x3D, /* [2943] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01, /* [2948] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02, /* [2955] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01, /* [2962] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01, /* [2969] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02, /* [2977] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03, /* [2985] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04, /* [2993] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05, /* [3001] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3009] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3017] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3025] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3032] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3041] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3050] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3059] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3068] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3077] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3086] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3095] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3104] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3113] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3122] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3131] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3140] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17, /* [3149] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01, /* [3152] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02, /* [3159] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03, /* [3166] OBJ_hold_instruction_reject */
-0x09, /* [3173] OBJ_data */
-0x09,0x92,0x26, /* [3174] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C, /* [3177] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64, /* [3184] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3192] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3201] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3210] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3219] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3228] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3238] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3248] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3258] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3268] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3278] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3288] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3298] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3308] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3318] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3328] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3338] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3348] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3358] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3368] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3378] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3388] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3398] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3408] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3418] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3428] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3438] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3448] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3458] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3468] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3478] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3488] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3498] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3508] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3518] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3528] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3538] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3548] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3558] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3568] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3578] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3588] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3598] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3608] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3618] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3628] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3638] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3648] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3658] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3668] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3678] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3688] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3698] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3708] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3718] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3728] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3738] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3748] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3758] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3768] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3778] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3788] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3798] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3808] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3818] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3828] OBJ_documentPublisher */
-0x55,0x04,0x2D, /* [3838] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01, /* [3841] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01, /* [3846] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02, /* [3852] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01, /* [3858] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02, /* [3865] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C, /* [3872] OBJ_generationQualifier */
-0x55,0x04,0x41, /* [3875] OBJ_pseudonym */
-0x67,0x2A, /* [3878] OBJ_id_set */
-0x67,0x2A,0x00, /* [3880] OBJ_set_ctype */
-0x67,0x2A,0x01, /* [3883] OBJ_set_msgExt */
-0x67,0x2A,0x03, /* [3886] OBJ_set_attr */
-0x67,0x2A,0x05, /* [3889] OBJ_set_policy */
-0x67,0x2A,0x07, /* [3892] OBJ_set_certExt */
-0x67,0x2A,0x08, /* [3895] OBJ_set_brand */
-0x67,0x2A,0x00,0x00, /* [3898] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01, /* [3902] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02, /* [3906] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03, /* [3910] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04, /* [3914] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05, /* [3918] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06, /* [3922] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07, /* [3926] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08, /* [3930] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09, /* [3934] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A, /* [3938] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B, /* [3942] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C, /* [3946] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D, /* [3950] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E, /* [3954] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10, /* [3958] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11, /* [3962] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12, /* [3966] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13, /* [3970] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14, /* [3974] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15, /* [3978] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16, /* [3982] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17, /* [3986] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18, /* [3990] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19, /* [3994] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A, /* [3998] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B, /* [4002] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C, /* [4006] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D, /* [4010] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E, /* [4014] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F, /* [4018] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20, /* [4022] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21, /* [4026] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22, /* [4030] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23, /* [4034] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24, /* [4038] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25, /* [4042] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26, /* [4046] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27, /* [4050] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28, /* [4054] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29, /* [4058] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A, /* [4062] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B, /* [4066] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C, /* [4070] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D, /* [4074] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E, /* [4078] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F, /* [4082] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30, /* [4086] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31, /* [4090] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32, /* [4094] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33, /* [4098] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34, /* [4102] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35, /* [4106] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36, /* [4110] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37, /* [4114] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38, /* [4118] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39, /* [4122] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A, /* [4126] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B, /* [4130] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C, /* [4134] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D, /* [4138] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E, /* [4142] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F, /* [4146] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40, /* [4150] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41, /* [4154] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42, /* [4158] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43, /* [4162] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44, /* [4166] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45, /* [4170] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46, /* [4174] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47, /* [4178] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48, /* [4182] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49, /* [4186] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A, /* [4190] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B, /* [4194] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C, /* [4198] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D, /* [4202] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E, /* [4206] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F, /* [4210] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50, /* [4214] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51, /* [4218] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52, /* [4222] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01, /* [4226] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03, /* [4230] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04, /* [4234] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05, /* [4238] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07, /* [4242] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08, /* [4246] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00, /* [4250] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00, /* [4254] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01, /* [4258] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02, /* [4262] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03, /* [4266] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04, /* [4270] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05, /* [4274] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06, /* [4278] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07, /* [4282] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08, /* [4286] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09, /* [4290] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A, /* [4294] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B, /* [4298] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00, /* [4302] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01, /* [4306] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02, /* [4310] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03, /* [4314] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00, /* [4318] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01, /* [4323] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01, /* [4328] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02, /* [4333] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03, /* [4338] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04, /* [4343] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05, /* [4348] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01, /* [4353] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01, /* [4359] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02, /* [4365] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01, /* [4371] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02, /* [4377] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01, /* [4383] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E, /* [4387] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22, /* [4391] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23, /* [4395] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04, /* [4399] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05, /* [4403] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B, /* [4407] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A, /* [4412] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4420] OBJ_rsaOAEPEncryptionSET */
-0x67, /* [4429] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4430] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4440] OBJ_ms_upn */
-0x55,0x04,0x09, /* [4450] OBJ_streetAddress */
-0x55,0x04,0x11, /* [4453] OBJ_postalCode */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15, /* [4456] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E, /* [4463] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4471] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4479] OBJ_id_ppl_inheritAll */
-0x55,0x1D,0x1E, /* [4487] OBJ_name_constraints */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4490] OBJ_Independent */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4498] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4507] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4516] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4525] OBJ_sha224WithRSAEncryption */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4534] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4543] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4552] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4561] OBJ_sha224 */
-0x2B, /* [4570] OBJ_identified_organization */
-0x2B,0x81,0x04, /* [4571] OBJ_certicom_arc */
-0x67,0x2B, /* [4574] OBJ_wap */
-0x67,0x2B,0x01, /* [4576] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03, /* [4579] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4587] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4596] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4605] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01, /* [4614] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02, /* [4622] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03, /* [4630] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04, /* [4638] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05, /* [4646] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06, /* [4654] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07, /* [4662] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08, /* [4670] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09, /* [4678] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A, /* [4686] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B, /* [4694] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C, /* [4702] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D, /* [4710] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E, /* [4718] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F, /* [4726] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10, /* [4734] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11, /* [4742] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12, /* [4750] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13, /* [4758] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14, /* [4766] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06, /* [4774] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07, /* [4779] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C, /* [4784] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D, /* [4789] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09, /* [4794] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08, /* [4799] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E, /* [4804] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F, /* [4809] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20, /* [4814] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21, /* [4819] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A, /* [4824] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22, /* [4829] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23, /* [4834] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04, /* [4839] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05, /* [4844] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16, /* [4849] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17, /* [4854] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01, /* [4859] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02, /* [4864] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F, /* [4869] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18, /* [4874] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19, /* [4879] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A, /* [4884] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B, /* [4889] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03, /* [4894] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10, /* [4899] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11, /* [4904] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24, /* [4909] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25, /* [4914] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26, /* [4919] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27, /* [4924] OBJ_sect571r1 */
-0x67,0x2B,0x01,0x04,0x01, /* [4929] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x01,0x04,0x03, /* [4934] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x01,0x04,0x04, /* [4939] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x01,0x04,0x05, /* [4944] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x01,0x04,0x06, /* [4949] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x01,0x04,0x07, /* [4954] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x01,0x04,0x08, /* [4959] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x01,0x04,0x09, /* [4964] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x01,0x04,0x0A, /* [4969] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x01,0x04,0x0B, /* [4974] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x01,0x04,0x0C, /* [4979] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x55,0x1D,0x20,0x00, /* [4984] OBJ_any_policy */
-0x55,0x1D,0x21, /* [4988] OBJ_policy_mappings */
-0x55,0x1D,0x36, /* [4991] OBJ_inhibit_any_policy */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [4994] OBJ_camellia_128_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5005] OBJ_camellia_192_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5016] OBJ_camellia_256_cbc */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01, /* [5027] OBJ_camellia_128_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15, /* [5035] OBJ_camellia_192_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29, /* [5043] OBJ_camellia_256_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04, /* [5051] OBJ_camellia_128_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18, /* [5059] OBJ_camellia_192_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C, /* [5067] OBJ_camellia_256_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03, /* [5075] OBJ_camellia_128_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17, /* [5083] OBJ_camellia_192_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B, /* [5091] OBJ_camellia_256_ofb128 */
-0x55,0x1D,0x09, /* [5099] OBJ_subject_directory_attributes */
-0x55,0x1D,0x1C, /* [5102] OBJ_issuing_distribution_point */
-0x55,0x1D,0x1D, /* [5105] OBJ_certificate_issuer */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44, /* [5108] OBJ_kisa */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03, /* [5114] OBJ_seed_ecb */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04, /* [5122] OBJ_seed_cbc */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06, /* [5130] OBJ_seed_ofb128 */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05, /* [5138] OBJ_seed_cfb128 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01, /* [5146] OBJ_hmac_md5 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02, /* [5154] OBJ_hmac_sha1 */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5162] OBJ_id_PasswordBasedMAC */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5171] OBJ_id_DHBasedMac */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10, /* [5180] OBJ_id_it_suppLangTags */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05, /* [5188] OBJ_caRepository */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5196] OBJ_id_smime_ct_compressedData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5207] OBJ_id_ct_asciiTextWithCRLF */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5218] OBJ_id_aes128_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5227] OBJ_id_aes192_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5236] OBJ_id_aes256_wrap */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5245] OBJ_ecdsa_with_Recommended */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5252] OBJ_ecdsa_with_Specified */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5259] OBJ_ecdsa_with_SHA224 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5267] OBJ_ecdsa_with_SHA256 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5275] OBJ_ecdsa_with_SHA384 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5283] OBJ_ecdsa_with_SHA512 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5291] OBJ_hmacWithMD5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5299] OBJ_hmacWithSHA224 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5307] OBJ_hmacWithSHA256 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5315] OBJ_hmacWithSHA384 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5323] OBJ_hmacWithSHA512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5331] OBJ_dsa_with_SHA224 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5340] OBJ_dsa_with_SHA256 */
-0x28,0xCF,0x06,0x03,0x00,0x37, /* [5349] OBJ_whirlpool */
-0x2A,0x85,0x03,0x02,0x02, /* [5355] OBJ_cryptopro */
-0x2A,0x85,0x03,0x02,0x09, /* [5360] OBJ_cryptocom */
-0x2A,0x85,0x03,0x02,0x02,0x03, /* [5365] OBJ_id_GostR3411_94_with_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x04, /* [5371] OBJ_id_GostR3411_94_with_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x09, /* [5377] OBJ_id_GostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5383] OBJ_id_HMACGostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x13, /* [5389] OBJ_id_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x14, /* [5395] OBJ_id_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x15, /* [5401] OBJ_id_Gost28147_89 */
-0x2A,0x85,0x03,0x02,0x02,0x16, /* [5407] OBJ_id_Gost28147_89_MAC */
-0x2A,0x85,0x03,0x02,0x02,0x17, /* [5413] OBJ_id_GostR3411_94_prf */
-0x2A,0x85,0x03,0x02,0x02,0x62, /* [5419] OBJ_id_GostR3410_2001DH */
-0x2A,0x85,0x03,0x02,0x02,0x63, /* [5425] OBJ_id_GostR3410_94DH */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5431] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5438] OBJ_id_Gost28147_89_None_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5445] OBJ_id_GostR3411_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5452] OBJ_id_GostR3411_94_CryptoProParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5459] OBJ_id_Gost28147_89_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5466] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5473] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5480] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5487] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5494] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5501] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5508] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5515] OBJ_id_GostR3410_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5522] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5529] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5536] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5543] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5550] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5557] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5564] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5571] OBJ_id_GostR3410_2001_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5578] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5585] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5592] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5599] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5606] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5613] OBJ_id_GostR3410_94_a */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5620] OBJ_id_GostR3410_94_aBis */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5627] OBJ_id_GostR3410_94_b */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5634] OBJ_id_GostR3410_94_bBis */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5641] OBJ_id_Gost28147_89_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5649] OBJ_id_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5657] OBJ_id_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5665] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5673] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5681] OBJ_id_GostR3410_2001_ParamSet_cc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5689] OBJ_LocalKeySet */
-0x55,0x1D,0x2E, /* [5698] OBJ_freshest_crl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5701] OBJ_id_on_permanentIdentifier */
-0x55,0x04,0x0E, /* [5709] OBJ_searchGuide */
-0x55,0x04,0x0F, /* [5712] OBJ_businessCategory */
-0x55,0x04,0x10, /* [5715] OBJ_postalAddress */
-0x55,0x04,0x12, /* [5718] OBJ_postOfficeBox */
-0x55,0x04,0x13, /* [5721] OBJ_physicalDeliveryOfficeName */
-0x55,0x04,0x14, /* [5724] OBJ_telephoneNumber */
-0x55,0x04,0x15, /* [5727] OBJ_telexNumber */
-0x55,0x04,0x16, /* [5730] OBJ_teletexTerminalIdentifier */
-0x55,0x04,0x17, /* [5733] OBJ_facsimileTelephoneNumber */
-0x55,0x04,0x18, /* [5736] OBJ_x121Address */
-0x55,0x04,0x19, /* [5739] OBJ_internationaliSDNNumber */
-0x55,0x04,0x1A, /* [5742] OBJ_registeredAddress */
-0x55,0x04,0x1B, /* [5745] OBJ_destinationIndicator */
-0x55,0x04,0x1C, /* [5748] OBJ_preferredDeliveryMethod */
-0x55,0x04,0x1D, /* [5751] OBJ_presentationAddress */
-0x55,0x04,0x1E, /* [5754] OBJ_supportedApplicationContext */
-0x55,0x04,0x1F, /* [5757] OBJ_member */
-0x55,0x04,0x20, /* [5760] OBJ_owner */
-0x55,0x04,0x21, /* [5763] OBJ_roleOccupant */
-0x55,0x04,0x22, /* [5766] OBJ_seeAlso */
-0x55,0x04,0x23, /* [5769] OBJ_userPassword */
-0x55,0x04,0x24, /* [5772] OBJ_userCertificate */
-0x55,0x04,0x25, /* [5775] OBJ_cACertificate */
-0x55,0x04,0x26, /* [5778] OBJ_authorityRevocationList */
-0x55,0x04,0x27, /* [5781] OBJ_certificateRevocationList */
-0x55,0x04,0x28, /* [5784] OBJ_crossCertificatePair */
-0x55,0x04,0x2F, /* [5787] OBJ_enhancedSearchGuide */
-0x55,0x04,0x30, /* [5790] OBJ_protocolInformation */
-0x55,0x04,0x31, /* [5793] OBJ_distinguishedName */
-0x55,0x04,0x32, /* [5796] OBJ_uniqueMember */
-0x55,0x04,0x33, /* [5799] OBJ_houseIdentifier */
-0x55,0x04,0x34, /* [5802] OBJ_supportedAlgorithms */
-0x55,0x04,0x35, /* [5805] OBJ_deltaRevocationList */
-0x55,0x04,0x36, /* [5808] OBJ_dmdName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5811] OBJ_id_alg_PWRI_KEK */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5822] OBJ_aes_128_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5831] OBJ_aes_128_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5840] OBJ_id_aes128_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5849] OBJ_aes_192_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5858] OBJ_aes_192_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5867] OBJ_id_aes192_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5876] OBJ_aes_256_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5885] OBJ_aes_256_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5894] OBJ_id_aes256_wrap_pad */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5903] OBJ_id_camellia128_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5914] OBJ_id_camellia192_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5925] OBJ_id_camellia256_wrap */
-0x55,0x1D,0x25,0x00, /* [5936] OBJ_anyExtendedKeyUsage */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5940] OBJ_mgf1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5949] OBJ_rsassaPss */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5958] OBJ_rsaesOaep */
-0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5967] OBJ_dhpublicnumber */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5974] OBJ_brainpoolP160r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5983] OBJ_brainpoolP160t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5992] OBJ_brainpoolP192r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6001] OBJ_brainpoolP192t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6010] OBJ_brainpoolP224r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6019] OBJ_brainpoolP224t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6028] OBJ_brainpoolP256r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6037] OBJ_brainpoolP256t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6046] OBJ_brainpoolP320r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6055] OBJ_brainpoolP320t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6064] OBJ_brainpoolP384r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6073] OBJ_brainpoolP384t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6082] OBJ_brainpoolP512r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6091] OBJ_brainpoolP512t1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6100] OBJ_pSpecified */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6109] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x00, /* [6118] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x01, /* [6124] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x02, /* [6130] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x03, /* [6136] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6142] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x00, /* [6151] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x01, /* [6157] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x02, /* [6163] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x03, /* [6169] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */
+static const uint8_t kObjectData[] = {
+ /* NID_rsadsi */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ /* NID_pkcs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+ /* NID_md2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02,
+ /* NID_md5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05,
+ /* NID_rc4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x04,
+ /* NID_rsaEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
+ /* NID_md2WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02,
+ /* NID_md5WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04,
+ /* NID_pbeWithMD2AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x01,
+ /* NID_pbeWithMD5AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x03,
+ /* NID_X500 */
+ 0x55,
+ /* NID_X509 */
+ 0x55, 0x04,
+ /* NID_commonName */
+ 0x55, 0x04, 0x03,
+ /* NID_countryName */
+ 0x55, 0x04, 0x06,
+ /* NID_localityName */
+ 0x55, 0x04, 0x07,
+ /* NID_stateOrProvinceName */
+ 0x55, 0x04, 0x08,
+ /* NID_organizationName */
+ 0x55, 0x04, 0x0a,
+ /* NID_organizationalUnitName */
+ 0x55, 0x04, 0x0b,
+ /* NID_rsa */
+ 0x55, 0x08, 0x01, 0x01,
+ /* NID_pkcs7 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
+ /* NID_pkcs7_data */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
+ /* NID_pkcs7_signed */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02,
+ /* NID_pkcs7_enveloped */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x03,
+ /* NID_pkcs7_signedAndEnveloped */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x04,
+ /* NID_pkcs7_digest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x05,
+ /* NID_pkcs7_encrypted */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06,
+ /* NID_pkcs3 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03,
+ /* NID_dhKeyAgreement */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03, 0x01,
+ /* NID_des_ecb */
+ 0x2b, 0x0e, 0x03, 0x02, 0x06,
+ /* NID_des_cfb64 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x09,
+ /* NID_des_cbc */
+ 0x2b, 0x0e, 0x03, 0x02, 0x07,
+ /* NID_des_ede_ecb */
+ 0x2b, 0x0e, 0x03, 0x02, 0x11,
+ /* NID_idea_cbc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x3c, 0x07, 0x01, 0x01, 0x02,
+ /* NID_rc2_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x02,
+ /* NID_sha */
+ 0x2b, 0x0e, 0x03, 0x02, 0x12,
+ /* NID_shaWithRSAEncryption */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0f,
+ /* NID_des_ede3_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x07,
+ /* NID_des_ofb64 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x08,
+ /* NID_pkcs9 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
+ /* NID_pkcs9_emailAddress */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01,
+ /* NID_pkcs9_unstructuredName */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x02,
+ /* NID_pkcs9_contentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x03,
+ /* NID_pkcs9_messageDigest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04,
+ /* NID_pkcs9_signingTime */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05,
+ /* NID_pkcs9_countersignature */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x06,
+ /* NID_pkcs9_challengePassword */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x07,
+ /* NID_pkcs9_unstructuredAddress */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x08,
+ /* NID_pkcs9_extCertAttributes */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x09,
+ /* NID_netscape */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42,
+ /* NID_netscape_cert_extension */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01,
+ /* NID_netscape_data_type */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02,
+ /* NID_sha1 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a,
+ /* NID_sha1WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
+ /* NID_dsaWithSHA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0d,
+ /* NID_dsa_2 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0c,
+ /* NID_pbeWithSHA1AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0b,
+ /* NID_id_pbkdf2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0c,
+ /* NID_dsaWithSHA1_2 */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1b,
+ /* NID_netscape_cert_type */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x01,
+ /* NID_netscape_base_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x02,
+ /* NID_netscape_revocation_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x03,
+ /* NID_netscape_ca_revocation_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x04,
+ /* NID_netscape_renewal_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x07,
+ /* NID_netscape_ca_policy_url */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x08,
+ /* NID_netscape_ssl_server_name */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x0c,
+ /* NID_netscape_comment */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x0d,
+ /* NID_netscape_cert_sequence */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x02, 0x05,
+ /* NID_id_ce */
+ 0x55, 0x1d,
+ /* NID_subject_key_identifier */
+ 0x55, 0x1d, 0x0e,
+ /* NID_key_usage */
+ 0x55, 0x1d, 0x0f,
+ /* NID_private_key_usage_period */
+ 0x55, 0x1d, 0x10,
+ /* NID_subject_alt_name */
+ 0x55, 0x1d, 0x11,
+ /* NID_issuer_alt_name */
+ 0x55, 0x1d, 0x12,
+ /* NID_basic_constraints */
+ 0x55, 0x1d, 0x13,
+ /* NID_crl_number */
+ 0x55, 0x1d, 0x14,
+ /* NID_certificate_policies */
+ 0x55, 0x1d, 0x20,
+ /* NID_authority_key_identifier */
+ 0x55, 0x1d, 0x23,
+ /* NID_bf_cbc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x02,
+ /* NID_mdc2 */
+ 0x55, 0x08, 0x03, 0x65,
+ /* NID_mdc2WithRSA */
+ 0x55, 0x08, 0x03, 0x64,
+ /* NID_givenName */
+ 0x55, 0x04, 0x2a,
+ /* NID_surname */
+ 0x55, 0x04, 0x04,
+ /* NID_initials */
+ 0x55, 0x04, 0x2b,
+ /* NID_crl_distribution_points */
+ 0x55, 0x1d, 0x1f,
+ /* NID_md5WithRSA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x03,
+ /* NID_serialNumber */
+ 0x55, 0x04, 0x05,
+ /* NID_title */
+ 0x55, 0x04, 0x0c,
+ /* NID_description */
+ 0x55, 0x04, 0x0d,
+ /* NID_cast5_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0a,
+ /* NID_pbeWithMD5AndCast5_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0c,
+ /* NID_dsaWithSHA1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x03,
+ /* NID_sha1WithRSA */
+ 0x2b, 0x0e, 0x03, 0x02, 0x1d,
+ /* NID_dsa */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x01,
+ /* NID_ripemd160 */
+ 0x2b, 0x24, 0x03, 0x02, 0x01,
+ /* NID_ripemd160WithRSA */
+ 0x2b, 0x24, 0x03, 0x03, 0x01, 0x02,
+ /* NID_rc5_cbc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x08,
+ /* NID_zlib_compression */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x08,
+ /* NID_ext_key_usage */
+ 0x55, 0x1d, 0x25,
+ /* NID_id_pkix */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
+ /* NID_id_kp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
+ /* NID_server_auth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
+ /* NID_client_auth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
+ /* NID_code_sign */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03,
+ /* NID_email_protect */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x04,
+ /* NID_time_stamp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08,
+ /* NID_ms_code_ind */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x15,
+ /* NID_ms_code_com */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x16,
+ /* NID_ms_ctl_sign */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x01,
+ /* NID_ms_sgc */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x03,
+ /* NID_ms_efs */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x0a, 0x03, 0x04,
+ /* NID_ns_sgc */
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01,
+ /* NID_delta_crl */
+ 0x55, 0x1d, 0x1b,
+ /* NID_crl_reason */
+ 0x55, 0x1d, 0x15,
+ /* NID_invalidity_date */
+ 0x55, 0x1d, 0x18,
+ /* NID_sxnet */
+ 0x2b, 0x65, 0x01, 0x04, 0x01,
+ /* NID_pbe_WithSHA1And128BitRC4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x01,
+ /* NID_pbe_WithSHA1And40BitRC4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x02,
+ /* NID_pbe_WithSHA1And3_Key_TripleDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03,
+ /* NID_pbe_WithSHA1And2_Key_TripleDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x04,
+ /* NID_pbe_WithSHA1And128BitRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x05,
+ /* NID_pbe_WithSHA1And40BitRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x06,
+ /* NID_keyBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x01,
+ /* NID_pkcs8ShroudedKeyBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02,
+ /* NID_certBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x03,
+ /* NID_crlBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x04,
+ /* NID_secretBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x05,
+ /* NID_safeContentsBag */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x06,
+ /* NID_friendlyName */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14,
+ /* NID_localKeyID */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15,
+ /* NID_x509Certificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x16, 0x01,
+ /* NID_sdsiCertificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x16, 0x02,
+ /* NID_x509Crl */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x17, 0x01,
+ /* NID_pbes2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0d,
+ /* NID_pbmac1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0e,
+ /* NID_hmacWithSHA1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x07,
+ /* NID_id_qt_cps */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01,
+ /* NID_id_qt_unotice */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x02,
+ /* NID_SMIMECapabilities */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0f,
+ /* NID_pbeWithMD2AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x04,
+ /* NID_pbeWithMD5AndRC2_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x06,
+ /* NID_pbeWithSHA1AndDES_CBC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0a,
+ /* NID_ms_ext_req */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x0e,
+ /* NID_ext_req */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x0e,
+ /* NID_name */
+ 0x55, 0x04, 0x29,
+ /* NID_dnQualifier */
+ 0x55, 0x04, 0x2e,
+ /* NID_id_pe */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
+ /* NID_id_ad */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
+ /* NID_info_access */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
+ /* NID_ad_OCSP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
+ /* NID_ad_ca_issuers */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x02,
+ /* NID_OCSP_sign */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09,
+ /* NID_member_body */
+ 0x2a,
+ /* NID_ISO_US */
+ 0x2a, 0x86, 0x48,
+ /* NID_X9_57 */
+ 0x2a, 0x86, 0x48, 0xce, 0x38,
+ /* NID_X9cm */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04,
+ /* NID_pkcs1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ /* NID_pkcs5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05,
+ /* NID_SMIME */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10,
+ /* NID_id_smime_mod */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00,
+ /* NID_id_smime_ct */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01,
+ /* NID_id_smime_aa */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02,
+ /* NID_id_smime_alg */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03,
+ /* NID_id_smime_cd */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x04,
+ /* NID_id_smime_spq */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05,
+ /* NID_id_smime_cti */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06,
+ /* NID_id_smime_mod_cms */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x01,
+ /* NID_id_smime_mod_ess */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x02,
+ /* NID_id_smime_mod_oid */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x03,
+ /* NID_id_smime_mod_msg_v3 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x04,
+ /* NID_id_smime_mod_ets_eSignature_88 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x05,
+ /* NID_id_smime_mod_ets_eSignature_97 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x06,
+ /* NID_id_smime_mod_ets_eSigPolicy_88 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x07,
+ /* NID_id_smime_mod_ets_eSigPolicy_97 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x00, 0x08,
+ /* NID_id_smime_ct_receipt */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x01,
+ /* NID_id_smime_ct_authData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x02,
+ /* NID_id_smime_ct_publishCert */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x03,
+ /* NID_id_smime_ct_TSTInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x04,
+ /* NID_id_smime_ct_TDTInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x05,
+ /* NID_id_smime_ct_contentInfo */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x06,
+ /* NID_id_smime_ct_DVCSRequestData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x07,
+ /* NID_id_smime_ct_DVCSResponseData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x08,
+ /* NID_id_smime_aa_receiptRequest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x01,
+ /* NID_id_smime_aa_securityLabel */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x02,
+ /* NID_id_smime_aa_mlExpandHistory */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x03,
+ /* NID_id_smime_aa_contentHint */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x04,
+ /* NID_id_smime_aa_msgSigDigest */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x05,
+ /* NID_id_smime_aa_encapContentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x06,
+ /* NID_id_smime_aa_contentIdentifier */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x07,
+ /* NID_id_smime_aa_macValue */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x08,
+ /* NID_id_smime_aa_equivalentLabels */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x09,
+ /* NID_id_smime_aa_contentReference */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0a,
+ /* NID_id_smime_aa_encrypKeyPref */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0b,
+ /* NID_id_smime_aa_signingCertificate */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0c,
+ /* NID_id_smime_aa_smimeEncryptCerts */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0d,
+ /* NID_id_smime_aa_timeStampToken */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0e,
+ /* NID_id_smime_aa_ets_sigPolicyId */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x0f,
+ /* NID_id_smime_aa_ets_commitmentType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x10,
+ /* NID_id_smime_aa_ets_signerLocation */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x11,
+ /* NID_id_smime_aa_ets_signerAttr */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x12,
+ /* NID_id_smime_aa_ets_otherSigCert */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x13,
+ /* NID_id_smime_aa_ets_contentTimestamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x14,
+ /* NID_id_smime_aa_ets_CertificateRefs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x15,
+ /* NID_id_smime_aa_ets_RevocationRefs */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x16,
+ /* NID_id_smime_aa_ets_certValues */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x17,
+ /* NID_id_smime_aa_ets_revocationValues */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x18,
+ /* NID_id_smime_aa_ets_escTimeStamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x19,
+ /* NID_id_smime_aa_ets_certCRLTimestamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1a,
+ /* NID_id_smime_aa_ets_archiveTimeStamp */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1b,
+ /* NID_id_smime_aa_signatureType */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1c,
+ /* NID_id_smime_aa_dvcs_dvc */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x02, 0x1d,
+ /* NID_id_smime_alg_ESDHwith3DES */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x01,
+ /* NID_id_smime_alg_ESDHwithRC2 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x02,
+ /* NID_id_smime_alg_3DESwrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x03,
+ /* NID_id_smime_alg_RC2wrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x04,
+ /* NID_id_smime_alg_ESDH */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x05,
+ /* NID_id_smime_alg_CMS3DESwrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x06,
+ /* NID_id_smime_alg_CMSRC2wrap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x07,
+ /* NID_id_smime_cd_ldap */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x04, 0x01,
+ /* NID_id_smime_spq_ets_sqt_uri */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05, 0x01,
+ /* NID_id_smime_spq_ets_sqt_unotice */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x05, 0x02,
+ /* NID_id_smime_cti_ets_proofOfOrigin */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x01,
+ /* NID_id_smime_cti_ets_proofOfReceipt */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x02,
+ /* NID_id_smime_cti_ets_proofOfDelivery */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x03,
+ /* NID_id_smime_cti_ets_proofOfSender */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x04,
+ /* NID_id_smime_cti_ets_proofOfApproval */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x05,
+ /* NID_id_smime_cti_ets_proofOfCreation */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x06, 0x06,
+ /* NID_md4 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x04,
+ /* NID_id_pkix_mod */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00,
+ /* NID_id_qt */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02,
+ /* NID_id_it */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04,
+ /* NID_id_pkip */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05,
+ /* NID_id_alg */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06,
+ /* NID_id_cmc */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07,
+ /* NID_id_on */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08,
+ /* NID_id_pda */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09,
+ /* NID_id_aca */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a,
+ /* NID_id_qcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0b,
+ /* NID_id_cct */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c,
+ /* NID_id_pkix1_explicit_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x01,
+ /* NID_id_pkix1_implicit_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x02,
+ /* NID_id_pkix1_explicit_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x03,
+ /* NID_id_pkix1_implicit_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x04,
+ /* NID_id_mod_crmf */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x05,
+ /* NID_id_mod_cmc */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x06,
+ /* NID_id_mod_kea_profile_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x07,
+ /* NID_id_mod_kea_profile_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x08,
+ /* NID_id_mod_cmp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x09,
+ /* NID_id_mod_qualified_cert_88 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0a,
+ /* NID_id_mod_qualified_cert_93 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0b,
+ /* NID_id_mod_attribute_cert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0c,
+ /* NID_id_mod_timestamp_protocol */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0d,
+ /* NID_id_mod_ocsp */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0e,
+ /* NID_id_mod_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x0f,
+ /* NID_id_mod_cmp2000 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x10,
+ /* NID_biometricInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x02,
+ /* NID_qcStatements */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x03,
+ /* NID_ac_auditEntity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x04,
+ /* NID_ac_targeting */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x05,
+ /* NID_aaControls */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x06,
+ /* NID_sbgp_ipAddrBlock */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x07,
+ /* NID_sbgp_autonomousSysNum */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x08,
+ /* NID_sbgp_routerIdentifier */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x09,
+ /* NID_textNotice */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x03,
+ /* NID_ipsecEndSystem */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x05,
+ /* NID_ipsecTunnel */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x06,
+ /* NID_ipsecUser */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x07,
+ /* NID_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x0a,
+ /* NID_id_it_caProtEncCert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x01,
+ /* NID_id_it_signKeyPairTypes */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x02,
+ /* NID_id_it_encKeyPairTypes */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x03,
+ /* NID_id_it_preferredSymmAlg */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x04,
+ /* NID_id_it_caKeyUpdateInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x05,
+ /* NID_id_it_currentCRL */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x06,
+ /* NID_id_it_unsupportedOIDs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x07,
+ /* NID_id_it_subscriptionRequest */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x08,
+ /* NID_id_it_subscriptionResponse */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x09,
+ /* NID_id_it_keyPairParamReq */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0a,
+ /* NID_id_it_keyPairParamRep */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0b,
+ /* NID_id_it_revPassphrase */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0c,
+ /* NID_id_it_implicitConfirm */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0d,
+ /* NID_id_it_confirmWaitTime */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0e,
+ /* NID_id_it_origPKIMessage */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x0f,
+ /* NID_id_regCtrl */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01,
+ /* NID_id_regInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02,
+ /* NID_id_regCtrl_regToken */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x01,
+ /* NID_id_regCtrl_authenticator */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x02,
+ /* NID_id_regCtrl_pkiPublicationInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x03,
+ /* NID_id_regCtrl_pkiArchiveOptions */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x04,
+ /* NID_id_regCtrl_oldCertID */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x05,
+ /* NID_id_regCtrl_protocolEncrKey */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x01, 0x06,
+ /* NID_id_regInfo_utf8Pairs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02, 0x01,
+ /* NID_id_regInfo_certReq */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x05, 0x02, 0x02,
+ /* NID_id_alg_des40 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x01,
+ /* NID_id_alg_noSignature */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x02,
+ /* NID_id_alg_dh_sig_hmac_sha1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x03,
+ /* NID_id_alg_dh_pop */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x04,
+ /* NID_id_cmc_statusInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x01,
+ /* NID_id_cmc_identification */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x02,
+ /* NID_id_cmc_identityProof */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x03,
+ /* NID_id_cmc_dataReturn */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x04,
+ /* NID_id_cmc_transactionId */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x05,
+ /* NID_id_cmc_senderNonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x06,
+ /* NID_id_cmc_recipientNonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x07,
+ /* NID_id_cmc_addExtensions */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x08,
+ /* NID_id_cmc_encryptedPOP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x09,
+ /* NID_id_cmc_decryptedPOP */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0a,
+ /* NID_id_cmc_lraPOPWitness */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0b,
+ /* NID_id_cmc_getCert */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x0f,
+ /* NID_id_cmc_getCRL */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x10,
+ /* NID_id_cmc_revokeRequest */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x11,
+ /* NID_id_cmc_regInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x12,
+ /* NID_id_cmc_responseInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x13,
+ /* NID_id_cmc_queryPending */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x15,
+ /* NID_id_cmc_popLinkRandom */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x16,
+ /* NID_id_cmc_popLinkWitness */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x17,
+ /* NID_id_cmc_confirmCertAcceptance */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x07, 0x18,
+ /* NID_id_on_personalData */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x01,
+ /* NID_id_pda_dateOfBirth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x01,
+ /* NID_id_pda_placeOfBirth */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x02,
+ /* NID_id_pda_gender */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x03,
+ /* NID_id_pda_countryOfCitizenship */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x04,
+ /* NID_id_pda_countryOfResidence */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x09, 0x05,
+ /* NID_id_aca_authenticationInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x01,
+ /* NID_id_aca_accessIdentity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x02,
+ /* NID_id_aca_chargingIdentity */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x03,
+ /* NID_id_aca_group */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x04,
+ /* NID_id_aca_role */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x05,
+ /* NID_id_qcs_pkixQCSyntax_v1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0b, 0x01,
+ /* NID_id_cct_crs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x01,
+ /* NID_id_cct_PKIData */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x02,
+ /* NID_id_cct_PKIResponse */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0c, 0x03,
+ /* NID_ad_timeStamping */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x03,
+ /* NID_ad_dvcs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x04,
+ /* NID_id_pkix_OCSP_basic */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01,
+ /* NID_id_pkix_OCSP_Nonce */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02,
+ /* NID_id_pkix_OCSP_CrlID */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x03,
+ /* NID_id_pkix_OCSP_acceptableResponses */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04,
+ /* NID_id_pkix_OCSP_noCheck */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x05,
+ /* NID_id_pkix_OCSP_archiveCutoff */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x06,
+ /* NID_id_pkix_OCSP_serviceLocator */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x07,
+ /* NID_id_pkix_OCSP_extendedStatus */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x08,
+ /* NID_id_pkix_OCSP_valid */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x09,
+ /* NID_id_pkix_OCSP_path */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x0a,
+ /* NID_id_pkix_OCSP_trustRoot */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x0b,
+ /* NID_algorithm */
+ 0x2b, 0x0e, 0x03, 0x02,
+ /* NID_rsaSignature */
+ 0x2b, 0x0e, 0x03, 0x02, 0x0b,
+ /* NID_X500algorithms */
+ 0x55, 0x08,
+ /* NID_org */
+ 0x2b,
+ /* NID_dod */
+ 0x2b, 0x06,
+ /* NID_iana */
+ 0x2b, 0x06, 0x01,
+ /* NID_Directory */
+ 0x2b, 0x06, 0x01, 0x01,
+ /* NID_Management */
+ 0x2b, 0x06, 0x01, 0x02,
+ /* NID_Experimental */
+ 0x2b, 0x06, 0x01, 0x03,
+ /* NID_Private */
+ 0x2b, 0x06, 0x01, 0x04,
+ /* NID_Security */
+ 0x2b, 0x06, 0x01, 0x05,
+ /* NID_SNMPv2 */
+ 0x2b, 0x06, 0x01, 0x06,
+ /* NID_Mail */
+ 0x2b, 0x06, 0x01, 0x07,
+ /* NID_Enterprises */
+ 0x2b, 0x06, 0x01, 0x04, 0x01,
+ /* NID_dcObject */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x82, 0x58,
+ /* NID_domainComponent */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x19,
+ /* NID_Domain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0d,
+ /* NID_selected_attribute_types */
+ 0x55, 0x01, 0x05,
+ /* NID_clearance */
+ 0x55, 0x01, 0x05, 0x37,
+ /* NID_md4WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x03,
+ /* NID_ac_proxying */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0a,
+ /* NID_sinfo_access */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0b,
+ /* NID_id_aca_encAttrs */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a, 0x06,
+ /* NID_role */
+ 0x55, 0x04, 0x48,
+ /* NID_policy_constraints */
+ 0x55, 0x1d, 0x24,
+ /* NID_target_information */
+ 0x55, 0x1d, 0x37,
+ /* NID_no_rev_avail */
+ 0x55, 0x1d, 0x38,
+ /* NID_ansi_X9_62 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ /* NID_X9_62_prime_field */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+ /* NID_X9_62_characteristic_two_field */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02,
+ /* NID_X9_62_id_ecPublicKey */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ /* NID_X9_62_prime192v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x01,
+ /* NID_X9_62_prime192v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x02,
+ /* NID_X9_62_prime192v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x03,
+ /* NID_X9_62_prime239v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x04,
+ /* NID_X9_62_prime239v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x05,
+ /* NID_X9_62_prime239v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x06,
+ /* NID_X9_62_prime256v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+ /* NID_ecdsa_with_SHA1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
+ /* NID_ms_csp_name */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x11, 0x01,
+ /* NID_aes_128_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x01,
+ /* NID_aes_128_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x02,
+ /* NID_aes_128_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x03,
+ /* NID_aes_128_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x04,
+ /* NID_aes_192_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x15,
+ /* NID_aes_192_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x16,
+ /* NID_aes_192_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x17,
+ /* NID_aes_192_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x18,
+ /* NID_aes_256_ecb */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x29,
+ /* NID_aes_256_cbc */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2a,
+ /* NID_aes_256_ofb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2b,
+ /* NID_aes_256_cfb128 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2c,
+ /* NID_hold_instruction_code */
+ 0x55, 0x1d, 0x17,
+ /* NID_hold_instruction_none */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x01,
+ /* NID_hold_instruction_call_issuer */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x02,
+ /* NID_hold_instruction_reject */
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x02, 0x03,
+ /* NID_data */
+ 0x09,
+ /* NID_pss */
+ 0x09, 0x92, 0x26,
+ /* NID_ucl */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c,
+ /* NID_pilot */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64,
+ /* NID_pilotAttributeType */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01,
+ /* NID_pilotAttributeSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03,
+ /* NID_pilotObjectClass */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04,
+ /* NID_pilotGroups */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x0a,
+ /* NID_iA5StringSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03, 0x04,
+ /* NID_caseIgnoreIA5StringSyntax */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x03, 0x05,
+ /* NID_pilotObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x03,
+ /* NID_pilotPerson */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x04,
+ /* NID_account */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x05,
+ /* NID_document */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x06,
+ /* NID_room */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x07,
+ /* NID_documentSeries */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x09,
+ /* NID_rFC822localPart */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0e,
+ /* NID_dNSDomain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x0f,
+ /* NID_domainRelatedObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x11,
+ /* NID_friendlyCountry */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x12,
+ /* NID_simpleSecurityObject */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x13,
+ /* NID_pilotOrganization */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x14,
+ /* NID_pilotDSA */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x15,
+ /* NID_qualityLabelledData */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04, 0x16,
+ /* NID_userId */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x01,
+ /* NID_textEncodedORAddress */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x02,
+ /* NID_rfc822Mailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x03,
+ /* NID_info */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x04,
+ /* NID_favouriteDrink */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x05,
+ /* NID_roomNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x06,
+ /* NID_photo */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x07,
+ /* NID_userClass */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x08,
+ /* NID_host */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x09,
+ /* NID_manager */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0a,
+ /* NID_documentIdentifier */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0b,
+ /* NID_documentTitle */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0c,
+ /* NID_documentVersion */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0d,
+ /* NID_documentAuthor */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0e,
+ /* NID_documentLocation */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x0f,
+ /* NID_homeTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x14,
+ /* NID_secretary */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x15,
+ /* NID_otherMailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x16,
+ /* NID_lastModifiedTime */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x17,
+ /* NID_lastModifiedBy */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x18,
+ /* NID_aRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1a,
+ /* NID_pilotAttributeType27 */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1b,
+ /* NID_mXRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1c,
+ /* NID_nSRecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1d,
+ /* NID_sOARecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1e,
+ /* NID_cNAMERecord */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x1f,
+ /* NID_associatedDomain */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x25,
+ /* NID_associatedName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x26,
+ /* NID_homePostalAddress */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x27,
+ /* NID_personalTitle */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x28,
+ /* NID_mobileTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x29,
+ /* NID_pagerTelephoneNumber */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2a,
+ /* NID_friendlyCountryName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2b,
+ /* NID_organizationalStatus */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2d,
+ /* NID_janetMailbox */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2e,
+ /* NID_mailPreferenceOption */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x2f,
+ /* NID_buildingName */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x30,
+ /* NID_dSAQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x31,
+ /* NID_singleLevelQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x32,
+ /* NID_subtreeMinimumQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x33,
+ /* NID_subtreeMaximumQuality */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x34,
+ /* NID_personalSignature */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x35,
+ /* NID_dITRedirect */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x36,
+ /* NID_audio */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x37,
+ /* NID_documentPublisher */
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01, 0x38,
+ /* NID_x500UniqueIdentifier */
+ 0x55, 0x04, 0x2d,
+ /* NID_mime_mhs */
+ 0x2b, 0x06, 0x01, 0x07, 0x01,
+ /* NID_mime_mhs_headings */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01,
+ /* NID_mime_mhs_bodies */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x02,
+ /* NID_id_hex_partial_message */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01, 0x01,
+ /* NID_id_hex_multipart_message */
+ 0x2b, 0x06, 0x01, 0x07, 0x01, 0x01, 0x02,
+ /* NID_generationQualifier */
+ 0x55, 0x04, 0x2c,
+ /* NID_pseudonym */
+ 0x55, 0x04, 0x41,
+ /* NID_id_set */
+ 0x67, 0x2a,
+ /* NID_set_ctype */
+ 0x67, 0x2a, 0x00,
+ /* NID_set_msgExt */
+ 0x67, 0x2a, 0x01,
+ /* NID_set_attr */
+ 0x67, 0x2a, 0x03,
+ /* NID_set_policy */
+ 0x67, 0x2a, 0x05,
+ /* NID_set_certExt */
+ 0x67, 0x2a, 0x07,
+ /* NID_set_brand */
+ 0x67, 0x2a, 0x08,
+ /* NID_setct_PANData */
+ 0x67, 0x2a, 0x00, 0x00,
+ /* NID_setct_PANToken */
+ 0x67, 0x2a, 0x00, 0x01,
+ /* NID_setct_PANOnly */
+ 0x67, 0x2a, 0x00, 0x02,
+ /* NID_setct_OIData */
+ 0x67, 0x2a, 0x00, 0x03,
+ /* NID_setct_PI */
+ 0x67, 0x2a, 0x00, 0x04,
+ /* NID_setct_PIData */
+ 0x67, 0x2a, 0x00, 0x05,
+ /* NID_setct_PIDataUnsigned */
+ 0x67, 0x2a, 0x00, 0x06,
+ /* NID_setct_HODInput */
+ 0x67, 0x2a, 0x00, 0x07,
+ /* NID_setct_AuthResBaggage */
+ 0x67, 0x2a, 0x00, 0x08,
+ /* NID_setct_AuthRevReqBaggage */
+ 0x67, 0x2a, 0x00, 0x09,
+ /* NID_setct_AuthRevResBaggage */
+ 0x67, 0x2a, 0x00, 0x0a,
+ /* NID_setct_CapTokenSeq */
+ 0x67, 0x2a, 0x00, 0x0b,
+ /* NID_setct_PInitResData */
+ 0x67, 0x2a, 0x00, 0x0c,
+ /* NID_setct_PI_TBS */
+ 0x67, 0x2a, 0x00, 0x0d,
+ /* NID_setct_PResData */
+ 0x67, 0x2a, 0x00, 0x0e,
+ /* NID_setct_AuthReqTBS */
+ 0x67, 0x2a, 0x00, 0x10,
+ /* NID_setct_AuthResTBS */
+ 0x67, 0x2a, 0x00, 0x11,
+ /* NID_setct_AuthResTBSX */
+ 0x67, 0x2a, 0x00, 0x12,
+ /* NID_setct_AuthTokenTBS */
+ 0x67, 0x2a, 0x00, 0x13,
+ /* NID_setct_CapTokenData */
+ 0x67, 0x2a, 0x00, 0x14,
+ /* NID_setct_CapTokenTBS */
+ 0x67, 0x2a, 0x00, 0x15,
+ /* NID_setct_AcqCardCodeMsg */
+ 0x67, 0x2a, 0x00, 0x16,
+ /* NID_setct_AuthRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x17,
+ /* NID_setct_AuthRevResData */
+ 0x67, 0x2a, 0x00, 0x18,
+ /* NID_setct_AuthRevResTBS */
+ 0x67, 0x2a, 0x00, 0x19,
+ /* NID_setct_CapReqTBS */
+ 0x67, 0x2a, 0x00, 0x1a,
+ /* NID_setct_CapReqTBSX */
+ 0x67, 0x2a, 0x00, 0x1b,
+ /* NID_setct_CapResData */
+ 0x67, 0x2a, 0x00, 0x1c,
+ /* NID_setct_CapRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x1d,
+ /* NID_setct_CapRevReqTBSX */
+ 0x67, 0x2a, 0x00, 0x1e,
+ /* NID_setct_CapRevResData */
+ 0x67, 0x2a, 0x00, 0x1f,
+ /* NID_setct_CredReqTBS */
+ 0x67, 0x2a, 0x00, 0x20,
+ /* NID_setct_CredReqTBSX */
+ 0x67, 0x2a, 0x00, 0x21,
+ /* NID_setct_CredResData */
+ 0x67, 0x2a, 0x00, 0x22,
+ /* NID_setct_CredRevReqTBS */
+ 0x67, 0x2a, 0x00, 0x23,
+ /* NID_setct_CredRevReqTBSX */
+ 0x67, 0x2a, 0x00, 0x24,
+ /* NID_setct_CredRevResData */
+ 0x67, 0x2a, 0x00, 0x25,
+ /* NID_setct_PCertReqData */
+ 0x67, 0x2a, 0x00, 0x26,
+ /* NID_setct_PCertResTBS */
+ 0x67, 0x2a, 0x00, 0x27,
+ /* NID_setct_BatchAdminReqData */
+ 0x67, 0x2a, 0x00, 0x28,
+ /* NID_setct_BatchAdminResData */
+ 0x67, 0x2a, 0x00, 0x29,
+ /* NID_setct_CardCInitResTBS */
+ 0x67, 0x2a, 0x00, 0x2a,
+ /* NID_setct_MeAqCInitResTBS */
+ 0x67, 0x2a, 0x00, 0x2b,
+ /* NID_setct_RegFormResTBS */
+ 0x67, 0x2a, 0x00, 0x2c,
+ /* NID_setct_CertReqData */
+ 0x67, 0x2a, 0x00, 0x2d,
+ /* NID_setct_CertReqTBS */
+ 0x67, 0x2a, 0x00, 0x2e,
+ /* NID_setct_CertResData */
+ 0x67, 0x2a, 0x00, 0x2f,
+ /* NID_setct_CertInqReqTBS */
+ 0x67, 0x2a, 0x00, 0x30,
+ /* NID_setct_ErrorTBS */
+ 0x67, 0x2a, 0x00, 0x31,
+ /* NID_setct_PIDualSignedTBE */
+ 0x67, 0x2a, 0x00, 0x32,
+ /* NID_setct_PIUnsignedTBE */
+ 0x67, 0x2a, 0x00, 0x33,
+ /* NID_setct_AuthReqTBE */
+ 0x67, 0x2a, 0x00, 0x34,
+ /* NID_setct_AuthResTBE */
+ 0x67, 0x2a, 0x00, 0x35,
+ /* NID_setct_AuthResTBEX */
+ 0x67, 0x2a, 0x00, 0x36,
+ /* NID_setct_AuthTokenTBE */
+ 0x67, 0x2a, 0x00, 0x37,
+ /* NID_setct_CapTokenTBE */
+ 0x67, 0x2a, 0x00, 0x38,
+ /* NID_setct_CapTokenTBEX */
+ 0x67, 0x2a, 0x00, 0x39,
+ /* NID_setct_AcqCardCodeMsgTBE */
+ 0x67, 0x2a, 0x00, 0x3a,
+ /* NID_setct_AuthRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x3b,
+ /* NID_setct_AuthRevResTBE */
+ 0x67, 0x2a, 0x00, 0x3c,
+ /* NID_setct_AuthRevResTBEB */
+ 0x67, 0x2a, 0x00, 0x3d,
+ /* NID_setct_CapReqTBE */
+ 0x67, 0x2a, 0x00, 0x3e,
+ /* NID_setct_CapReqTBEX */
+ 0x67, 0x2a, 0x00, 0x3f,
+ /* NID_setct_CapResTBE */
+ 0x67, 0x2a, 0x00, 0x40,
+ /* NID_setct_CapRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x41,
+ /* NID_setct_CapRevReqTBEX */
+ 0x67, 0x2a, 0x00, 0x42,
+ /* NID_setct_CapRevResTBE */
+ 0x67, 0x2a, 0x00, 0x43,
+ /* NID_setct_CredReqTBE */
+ 0x67, 0x2a, 0x00, 0x44,
+ /* NID_setct_CredReqTBEX */
+ 0x67, 0x2a, 0x00, 0x45,
+ /* NID_setct_CredResTBE */
+ 0x67, 0x2a, 0x00, 0x46,
+ /* NID_setct_CredRevReqTBE */
+ 0x67, 0x2a, 0x00, 0x47,
+ /* NID_setct_CredRevReqTBEX */
+ 0x67, 0x2a, 0x00, 0x48,
+ /* NID_setct_CredRevResTBE */
+ 0x67, 0x2a, 0x00, 0x49,
+ /* NID_setct_BatchAdminReqTBE */
+ 0x67, 0x2a, 0x00, 0x4a,
+ /* NID_setct_BatchAdminResTBE */
+ 0x67, 0x2a, 0x00, 0x4b,
+ /* NID_setct_RegFormReqTBE */
+ 0x67, 0x2a, 0x00, 0x4c,
+ /* NID_setct_CertReqTBE */
+ 0x67, 0x2a, 0x00, 0x4d,
+ /* NID_setct_CertReqTBEX */
+ 0x67, 0x2a, 0x00, 0x4e,
+ /* NID_setct_CertResTBE */
+ 0x67, 0x2a, 0x00, 0x4f,
+ /* NID_setct_CRLNotificationTBS */
+ 0x67, 0x2a, 0x00, 0x50,
+ /* NID_setct_CRLNotificationResTBS */
+ 0x67, 0x2a, 0x00, 0x51,
+ /* NID_setct_BCIDistributionTBS */
+ 0x67, 0x2a, 0x00, 0x52,
+ /* NID_setext_genCrypt */
+ 0x67, 0x2a, 0x01, 0x01,
+ /* NID_setext_miAuth */
+ 0x67, 0x2a, 0x01, 0x03,
+ /* NID_setext_pinSecure */
+ 0x67, 0x2a, 0x01, 0x04,
+ /* NID_setext_pinAny */
+ 0x67, 0x2a, 0x01, 0x05,
+ /* NID_setext_track2 */
+ 0x67, 0x2a, 0x01, 0x07,
+ /* NID_setext_cv */
+ 0x67, 0x2a, 0x01, 0x08,
+ /* NID_set_policy_root */
+ 0x67, 0x2a, 0x05, 0x00,
+ /* NID_setCext_hashedRoot */
+ 0x67, 0x2a, 0x07, 0x00,
+ /* NID_setCext_certType */
+ 0x67, 0x2a, 0x07, 0x01,
+ /* NID_setCext_merchData */
+ 0x67, 0x2a, 0x07, 0x02,
+ /* NID_setCext_cCertRequired */
+ 0x67, 0x2a, 0x07, 0x03,
+ /* NID_setCext_tunneling */
+ 0x67, 0x2a, 0x07, 0x04,
+ /* NID_setCext_setExt */
+ 0x67, 0x2a, 0x07, 0x05,
+ /* NID_setCext_setQualf */
+ 0x67, 0x2a, 0x07, 0x06,
+ /* NID_setCext_PGWYcapabilities */
+ 0x67, 0x2a, 0x07, 0x07,
+ /* NID_setCext_TokenIdentifier */
+ 0x67, 0x2a, 0x07, 0x08,
+ /* NID_setCext_Track2Data */
+ 0x67, 0x2a, 0x07, 0x09,
+ /* NID_setCext_TokenType */
+ 0x67, 0x2a, 0x07, 0x0a,
+ /* NID_setCext_IssuerCapabilities */
+ 0x67, 0x2a, 0x07, 0x0b,
+ /* NID_setAttr_Cert */
+ 0x67, 0x2a, 0x03, 0x00,
+ /* NID_setAttr_PGWYcap */
+ 0x67, 0x2a, 0x03, 0x01,
+ /* NID_setAttr_TokenType */
+ 0x67, 0x2a, 0x03, 0x02,
+ /* NID_setAttr_IssCap */
+ 0x67, 0x2a, 0x03, 0x03,
+ /* NID_set_rootKeyThumb */
+ 0x67, 0x2a, 0x03, 0x00, 0x00,
+ /* NID_set_addPolicy */
+ 0x67, 0x2a, 0x03, 0x00, 0x01,
+ /* NID_setAttr_Token_EMV */
+ 0x67, 0x2a, 0x03, 0x02, 0x01,
+ /* NID_setAttr_Token_B0Prime */
+ 0x67, 0x2a, 0x03, 0x02, 0x02,
+ /* NID_setAttr_IssCap_CVM */
+ 0x67, 0x2a, 0x03, 0x03, 0x03,
+ /* NID_setAttr_IssCap_T2 */
+ 0x67, 0x2a, 0x03, 0x03, 0x04,
+ /* NID_setAttr_IssCap_Sig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05,
+ /* NID_setAttr_GenCryptgrm */
+ 0x67, 0x2a, 0x03, 0x03, 0x03, 0x01,
+ /* NID_setAttr_T2Enc */
+ 0x67, 0x2a, 0x03, 0x03, 0x04, 0x01,
+ /* NID_setAttr_T2cleartxt */
+ 0x67, 0x2a, 0x03, 0x03, 0x04, 0x02,
+ /* NID_setAttr_TokICCsig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05, 0x01,
+ /* NID_setAttr_SecDevSig */
+ 0x67, 0x2a, 0x03, 0x03, 0x05, 0x02,
+ /* NID_set_brand_IATA_ATA */
+ 0x67, 0x2a, 0x08, 0x01,
+ /* NID_set_brand_Diners */
+ 0x67, 0x2a, 0x08, 0x1e,
+ /* NID_set_brand_AmericanExpress */
+ 0x67, 0x2a, 0x08, 0x22,
+ /* NID_set_brand_JCB */
+ 0x67, 0x2a, 0x08, 0x23,
+ /* NID_set_brand_Visa */
+ 0x67, 0x2a, 0x08, 0x04,
+ /* NID_set_brand_MasterCard */
+ 0x67, 0x2a, 0x08, 0x05,
+ /* NID_set_brand_Novus */
+ 0x67, 0x2a, 0x08, 0xae, 0x7b,
+ /* NID_des_cdmf */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x03, 0x0a,
+ /* NID_rsaOAEPEncryptionSET */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x06,
+ /* NID_international_organizations */
+ 0x67,
+ /* NID_ms_smartcard_login */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x02,
+ /* NID_ms_upn */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03,
+ /* NID_streetAddress */
+ 0x55, 0x04, 0x09,
+ /* NID_postalCode */
+ 0x55, 0x04, 0x11,
+ /* NID_id_ppl */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15,
+ /* NID_proxyCertInfo */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x0e,
+ /* NID_id_ppl_anyLanguage */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x00,
+ /* NID_id_ppl_inheritAll */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x01,
+ /* NID_name_constraints */
+ 0x55, 0x1d, 0x1e,
+ /* NID_Independent */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x15, 0x02,
+ /* NID_sha256WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
+ /* NID_sha384WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
+ /* NID_sha512WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
+ /* NID_sha224WithRSAEncryption */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0e,
+ /* NID_sha256 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
+ /* NID_sha384 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
+ /* NID_sha512 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
+ /* NID_sha224 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04,
+ /* NID_identified_organization */
+ 0x2b,
+ /* NID_certicom_arc */
+ 0x2b, 0x81, 0x04,
+ /* NID_wap */
+ 0x67, 0x2b,
+ /* NID_wap_wsg */
+ 0x67, 0x2b, 0x01,
+ /* NID_X9_62_id_characteristic_two_basis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03,
+ /* NID_X9_62_onBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x01,
+ /* NID_X9_62_tpBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x02,
+ /* NID_X9_62_ppBasis */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x02, 0x03, 0x03,
+ /* NID_X9_62_c2pnb163v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x01,
+ /* NID_X9_62_c2pnb163v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x02,
+ /* NID_X9_62_c2pnb163v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x03,
+ /* NID_X9_62_c2pnb176v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x04,
+ /* NID_X9_62_c2tnb191v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x05,
+ /* NID_X9_62_c2tnb191v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x06,
+ /* NID_X9_62_c2tnb191v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x07,
+ /* NID_X9_62_c2onb191v4 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x08,
+ /* NID_X9_62_c2onb191v5 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x09,
+ /* NID_X9_62_c2pnb208w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0a,
+ /* NID_X9_62_c2tnb239v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0b,
+ /* NID_X9_62_c2tnb239v2 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0c,
+ /* NID_X9_62_c2tnb239v3 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0d,
+ /* NID_X9_62_c2onb239v4 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0e,
+ /* NID_X9_62_c2onb239v5 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x0f,
+ /* NID_X9_62_c2pnb272w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x10,
+ /* NID_X9_62_c2pnb304w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x11,
+ /* NID_X9_62_c2tnb359v1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x12,
+ /* NID_X9_62_c2pnb368w1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x13,
+ /* NID_X9_62_c2tnb431r1 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x00, 0x14,
+ /* NID_secp112r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x06,
+ /* NID_secp112r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x07,
+ /* NID_secp128r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1c,
+ /* NID_secp128r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1d,
+ /* NID_secp160k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x09,
+ /* NID_secp160r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x08,
+ /* NID_secp160r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1e,
+ /* NID_secp192k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1f,
+ /* NID_secp224k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x20,
+ /* NID_secp224r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x21,
+ /* NID_secp256k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x0a,
+ /* NID_secp384r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x22,
+ /* NID_secp521r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x23,
+ /* NID_sect113r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x04,
+ /* NID_sect113r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x05,
+ /* NID_sect131r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x16,
+ /* NID_sect131r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x17,
+ /* NID_sect163k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x01,
+ /* NID_sect163r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x02,
+ /* NID_sect163r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x0f,
+ /* NID_sect193r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x18,
+ /* NID_sect193r2 */
+ 0x2b, 0x81, 0x04, 0x00, 0x19,
+ /* NID_sect233k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1a,
+ /* NID_sect233r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x1b,
+ /* NID_sect239k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x03,
+ /* NID_sect283k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x10,
+ /* NID_sect283r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x11,
+ /* NID_sect409k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x24,
+ /* NID_sect409r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x25,
+ /* NID_sect571k1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x26,
+ /* NID_sect571r1 */
+ 0x2b, 0x81, 0x04, 0x00, 0x27,
+ /* NID_wap_wsg_idm_ecid_wtls1 */
+ 0x67, 0x2b, 0x01, 0x04, 0x01,
+ /* NID_wap_wsg_idm_ecid_wtls3 */
+ 0x67, 0x2b, 0x01, 0x04, 0x03,
+ /* NID_wap_wsg_idm_ecid_wtls4 */
+ 0x67, 0x2b, 0x01, 0x04, 0x04,
+ /* NID_wap_wsg_idm_ecid_wtls5 */
+ 0x67, 0x2b, 0x01, 0x04, 0x05,
+ /* NID_wap_wsg_idm_ecid_wtls6 */
+ 0x67, 0x2b, 0x01, 0x04, 0x06,
+ /* NID_wap_wsg_idm_ecid_wtls7 */
+ 0x67, 0x2b, 0x01, 0x04, 0x07,
+ /* NID_wap_wsg_idm_ecid_wtls8 */
+ 0x67, 0x2b, 0x01, 0x04, 0x08,
+ /* NID_wap_wsg_idm_ecid_wtls9 */
+ 0x67, 0x2b, 0x01, 0x04, 0x09,
+ /* NID_wap_wsg_idm_ecid_wtls10 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0a,
+ /* NID_wap_wsg_idm_ecid_wtls11 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0b,
+ /* NID_wap_wsg_idm_ecid_wtls12 */
+ 0x67, 0x2b, 0x01, 0x04, 0x0c,
+ /* NID_any_policy */
+ 0x55, 0x1d, 0x20, 0x00,
+ /* NID_policy_mappings */
+ 0x55, 0x1d, 0x21,
+ /* NID_inhibit_any_policy */
+ 0x55, 0x1d, 0x36,
+ /* NID_camellia_128_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x02,
+ /* NID_camellia_192_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x03,
+ /* NID_camellia_256_cbc */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x01, 0x04,
+ /* NID_camellia_128_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x01,
+ /* NID_camellia_192_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x15,
+ /* NID_camellia_256_ecb */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x29,
+ /* NID_camellia_128_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x04,
+ /* NID_camellia_192_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x18,
+ /* NID_camellia_256_cfb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x2c,
+ /* NID_camellia_128_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x03,
+ /* NID_camellia_192_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x17,
+ /* NID_camellia_256_ofb128 */
+ 0x03, 0xa2, 0x31, 0x05, 0x03, 0x01, 0x09, 0x2b,
+ /* NID_subject_directory_attributes */
+ 0x55, 0x1d, 0x09,
+ /* NID_issuing_distribution_point */
+ 0x55, 0x1d, 0x1c,
+ /* NID_certificate_issuer */
+ 0x55, 0x1d, 0x1d,
+ /* NID_kisa */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44,
+ /* NID_seed_ecb */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x03,
+ /* NID_seed_cbc */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x04,
+ /* NID_seed_ofb128 */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x06,
+ /* NID_seed_cfb128 */
+ 0x2a, 0x83, 0x1a, 0x8c, 0x9a, 0x44, 0x01, 0x05,
+ /* NID_hmac_md5 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x08, 0x01, 0x01,
+ /* NID_hmac_sha1 */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x08, 0x01, 0x02,
+ /* NID_id_PasswordBasedMAC */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x0d,
+ /* NID_id_DHBasedMac */
+ 0x2a, 0x86, 0x48, 0x86, 0xf6, 0x7d, 0x07, 0x42, 0x1e,
+ /* NID_id_it_suppLangTags */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x04, 0x10,
+ /* NID_caRepository */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x05,
+ /* NID_id_smime_ct_compressedData */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x09,
+ /* NID_id_ct_asciiTextWithCRLF */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x01, 0x1b,
+ /* NID_id_aes128_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x05,
+ /* NID_id_aes192_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x19,
+ /* NID_id_aes256_wrap */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2d,
+ /* NID_ecdsa_with_Recommended */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x02,
+ /* NID_ecdsa_with_Specified */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03,
+ /* NID_ecdsa_with_SHA224 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x01,
+ /* NID_ecdsa_with_SHA256 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
+ /* NID_ecdsa_with_SHA384 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
+ /* NID_ecdsa_with_SHA512 */
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
+ /* NID_hmacWithMD5 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x06,
+ /* NID_hmacWithSHA224 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x08,
+ /* NID_hmacWithSHA256 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x09,
+ /* NID_hmacWithSHA384 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x0a,
+ /* NID_hmacWithSHA512 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x0b,
+ /* NID_dsa_with_SHA224 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x01,
+ /* NID_dsa_with_SHA256 */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x02,
+ /* NID_whirlpool */
+ 0x28, 0xcf, 0x06, 0x03, 0x00, 0x37,
+ /* NID_cryptopro */
+ 0x2a, 0x85, 0x03, 0x02, 0x02,
+ /* NID_cryptocom */
+ 0x2a, 0x85, 0x03, 0x02, 0x09,
+ /* NID_id_GostR3411_94_with_GostR3410_2001 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x03,
+ /* NID_id_GostR3411_94_with_GostR3410_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x04,
+ /* NID_id_GostR3411_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x09,
+ /* NID_id_HMACGostR3411_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0a,
+ /* NID_id_GostR3410_2001 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x13,
+ /* NID_id_GostR3410_94 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14,
+ /* NID_id_Gost28147_89 */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x15,
+ /* NID_id_Gost28147_89_MAC */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16,
+ /* NID_id_GostR3411_94_prf */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17,
+ /* NID_id_GostR3410_2001DH */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x62,
+ /* NID_id_GostR3410_94DH */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x63,
+ /* NID_id_Gost28147_89_CryptoPro_KeyMeshing */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0e, 0x01,
+ /* NID_id_Gost28147_89_None_KeyMeshing */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x0e, 0x00,
+ /* NID_id_GostR3411_94_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x00,
+ /* NID_id_GostR3411_94_CryptoProParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1e, 0x01,
+ /* NID_id_Gost28147_89_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x00,
+ /* NID_id_Gost28147_89_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x01,
+ /* NID_id_Gost28147_89_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x02,
+ /* NID_id_Gost28147_89_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x03,
+ /* NID_id_Gost28147_89_CryptoPro_D_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x04,
+ /* NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x05,
+ /* NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x06,
+ /* NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x1f, 0x07,
+ /* NID_id_GostR3410_94_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x00,
+ /* NID_id_GostR3410_94_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x02,
+ /* NID_id_GostR3410_94_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x03,
+ /* NID_id_GostR3410_94_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x04,
+ /* NID_id_GostR3410_94_CryptoPro_D_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x20, 0x05,
+ /* NID_id_GostR3410_94_CryptoPro_XchA_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x01,
+ /* NID_id_GostR3410_94_CryptoPro_XchB_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x02,
+ /* NID_id_GostR3410_94_CryptoPro_XchC_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x21, 0x03,
+ /* NID_id_GostR3410_2001_TestParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x00,
+ /* NID_id_GostR3410_2001_CryptoPro_A_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x01,
+ /* NID_id_GostR3410_2001_CryptoPro_B_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x02,
+ /* NID_id_GostR3410_2001_CryptoPro_C_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x03,
+ /* NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x24, 0x00,
+ /* NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x24, 0x01,
+ /* NID_id_GostR3410_94_a */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x01,
+ /* NID_id_GostR3410_94_aBis */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x02,
+ /* NID_id_GostR3410_94_b */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x03,
+ /* NID_id_GostR3410_94_bBis */
+ 0x2a, 0x85, 0x03, 0x02, 0x02, 0x14, 0x04,
+ /* NID_id_Gost28147_89_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x06, 0x01,
+ /* NID_id_GostR3410_94_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x05, 0x03,
+ /* NID_id_GostR3410_2001_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x05, 0x04,
+ /* NID_id_GostR3411_94_with_GostR3410_94_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x03, 0x03,
+ /* NID_id_GostR3411_94_with_GostR3410_2001_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x03, 0x04,
+ /* NID_id_GostR3410_2001_ParamSet_cc */
+ 0x2a, 0x85, 0x03, 0x02, 0x09, 0x01, 0x08, 0x01,
+ /* NID_LocalKeySet */
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x11, 0x02,
+ /* NID_freshest_crl */
+ 0x55, 0x1d, 0x2e,
+ /* NID_id_on_permanentIdentifier */
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x03,
+ /* NID_searchGuide */
+ 0x55, 0x04, 0x0e,
+ /* NID_businessCategory */
+ 0x55, 0x04, 0x0f,
+ /* NID_postalAddress */
+ 0x55, 0x04, 0x10,
+ /* NID_postOfficeBox */
+ 0x55, 0x04, 0x12,
+ /* NID_physicalDeliveryOfficeName */
+ 0x55, 0x04, 0x13,
+ /* NID_telephoneNumber */
+ 0x55, 0x04, 0x14,
+ /* NID_telexNumber */
+ 0x55, 0x04, 0x15,
+ /* NID_teletexTerminalIdentifier */
+ 0x55, 0x04, 0x16,
+ /* NID_facsimileTelephoneNumber */
+ 0x55, 0x04, 0x17,
+ /* NID_x121Address */
+ 0x55, 0x04, 0x18,
+ /* NID_internationaliSDNNumber */
+ 0x55, 0x04, 0x19,
+ /* NID_registeredAddress */
+ 0x55, 0x04, 0x1a,
+ /* NID_destinationIndicator */
+ 0x55, 0x04, 0x1b,
+ /* NID_preferredDeliveryMethod */
+ 0x55, 0x04, 0x1c,
+ /* NID_presentationAddress */
+ 0x55, 0x04, 0x1d,
+ /* NID_supportedApplicationContext */
+ 0x55, 0x04, 0x1e,
+ /* NID_member */
+ 0x55, 0x04, 0x1f,
+ /* NID_owner */
+ 0x55, 0x04, 0x20,
+ /* NID_roleOccupant */
+ 0x55, 0x04, 0x21,
+ /* NID_seeAlso */
+ 0x55, 0x04, 0x22,
+ /* NID_userPassword */
+ 0x55, 0x04, 0x23,
+ /* NID_userCertificate */
+ 0x55, 0x04, 0x24,
+ /* NID_cACertificate */
+ 0x55, 0x04, 0x25,
+ /* NID_authorityRevocationList */
+ 0x55, 0x04, 0x26,
+ /* NID_certificateRevocationList */
+ 0x55, 0x04, 0x27,
+ /* NID_crossCertificatePair */
+ 0x55, 0x04, 0x28,
+ /* NID_enhancedSearchGuide */
+ 0x55, 0x04, 0x2f,
+ /* NID_protocolInformation */
+ 0x55, 0x04, 0x30,
+ /* NID_distinguishedName */
+ 0x55, 0x04, 0x31,
+ /* NID_uniqueMember */
+ 0x55, 0x04, 0x32,
+ /* NID_houseIdentifier */
+ 0x55, 0x04, 0x33,
+ /* NID_supportedAlgorithms */
+ 0x55, 0x04, 0x34,
+ /* NID_deltaRevocationList */
+ 0x55, 0x04, 0x35,
+ /* NID_dmdName */
+ 0x55, 0x04, 0x36,
+ /* NID_id_alg_PWRI_KEK */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x10, 0x03, 0x09,
+ /* NID_aes_128_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x06,
+ /* NID_aes_128_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x07,
+ /* NID_id_aes128_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x08,
+ /* NID_aes_192_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1a,
+ /* NID_aes_192_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1b,
+ /* NID_id_aes192_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x1c,
+ /* NID_aes_256_gcm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2e,
+ /* NID_aes_256_ccm */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2f,
+ /* NID_id_aes256_wrap_pad */
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x30,
+ /* NID_id_camellia128_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x02,
+ /* NID_id_camellia192_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x03,
+ /* NID_id_camellia256_wrap */
+ 0x2a, 0x83, 0x08, 0x8c, 0x9a, 0x4b, 0x3d, 0x01, 0x01, 0x03, 0x04,
+ /* NID_anyExtendedKeyUsage */
+ 0x55, 0x1d, 0x25, 0x00,
+ /* NID_mgf1 */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08,
+ /* NID_rsassaPss */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a,
+ /* NID_rsaesOaep */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x07,
+ /* NID_dhpublicnumber */
+ 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x02, 0x01,
+ /* NID_brainpoolP160r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x01,
+ /* NID_brainpoolP160t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x02,
+ /* NID_brainpoolP192r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x03,
+ /* NID_brainpoolP192t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x04,
+ /* NID_brainpoolP224r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x05,
+ /* NID_brainpoolP224t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x06,
+ /* NID_brainpoolP256r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07,
+ /* NID_brainpoolP256t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x08,
+ /* NID_brainpoolP320r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x09,
+ /* NID_brainpoolP320t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0a,
+ /* NID_brainpoolP384r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b,
+ /* NID_brainpoolP384t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0c,
+ /* NID_brainpoolP512r1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d,
+ /* NID_brainpoolP512t1 */
+ 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0e,
+ /* NID_pSpecified */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x09,
+ /* NID_dhSinglePass_stdDH_sha1kdf_scheme */
+ 0x2b, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3f, 0x00, 0x02,
+ /* NID_dhSinglePass_stdDH_sha224kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x00,
+ /* NID_dhSinglePass_stdDH_sha256kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x01,
+ /* NID_dhSinglePass_stdDH_sha384kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x02,
+ /* NID_dhSinglePass_stdDH_sha512kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0b, 0x03,
+ /* NID_dhSinglePass_cofactorDH_sha1kdf_scheme */
+ 0x2b, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3f, 0x00, 0x03,
+ /* NID_dhSinglePass_cofactorDH_sha224kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x00,
+ /* NID_dhSinglePass_cofactorDH_sha256kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x01,
+ /* NID_dhSinglePass_cofactorDH_sha384kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x02,
+ /* NID_dhSinglePass_cofactorDH_sha512kdf_scheme */
+ 0x2b, 0x81, 0x04, 0x01, 0x0e, 0x03,
};
-static const ASN1_OBJECT kObjects[NUM_NID]={
-{"UNDEF","undefined",NID_undef,0,NULL,0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
-{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
- &(lvalues[46]),0},
-{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
- &(lvalues[55]),0},
-{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
- &(lvalues[64]),0},
-{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
- &(lvalues[73]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0},
-{"X509","X509",NID_X509,2,&(lvalues[83]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
-{"OU","organizationalUnitName",NID_organizationalUnitName,3,
- &(lvalues[100]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
-{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
- &(lvalues[124]),0},
-{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
- &(lvalues[133]),0},
-{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
- NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
-{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
- &(lvalues[151]),0},
-{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
- &(lvalues[160]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
-{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
- &(lvalues[177]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
-{"SHA","sha",NID_sha,5,&(lvalues[225]),0},
-{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
- &(lvalues[230]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0},
-{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
- &(lvalues[256]),0},
-{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
- &(lvalues[265]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0},
-{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
- &(lvalues[283]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0},
-{"countersignature","countersignature",NID_pkcs9_countersignature,9,
- &(lvalues[301]),0},
-{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
- 9,&(lvalues[310]),0},
-{"unstructuredAddress","unstructuredAddress",
- NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0},
-{"extendedCertificateAttributes","extendedCertificateAttributes",
- NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0},
-{"Netscape","Netscape Communications Corp.",NID_netscape,7,
- &(lvalues[337]),0},
-{"nsCertExt","Netscape Certificate Extension",
- NID_netscape_cert_extension,8,&(lvalues[344]),0},
-{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
- &(lvalues[352]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0},
-{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
- &(lvalues[365]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0},
-{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
- 9,&(lvalues[384]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0},
-{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
- &(lvalues[407]),0},
-{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
- &(lvalues[416]),0},
-{"nsRevocationUrl","Netscape Revocation Url",
- NID_netscape_revocation_url,9,&(lvalues[425]),0},
-{"nsCaRevocationUrl","Netscape CA Revocation Url",
- NID_netscape_ca_revocation_url,9,&(lvalues[434]),0},
-{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
- &(lvalues[443]),0},
-{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
- 9,&(lvalues[452]),0},
-{"nsSslServerName","Netscape SSL Server Name",
- NID_netscape_ssl_server_name,9,&(lvalues[461]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0},
-{"nsCertSequence","Netscape Certificate Sequence",
- NID_netscape_cert_sequence,9,&(lvalues[479]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0},
-{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
- NID_subject_key_identifier,3,&(lvalues[490]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0},
-{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
- NID_private_key_usage_period,3,&(lvalues[496]),0},
-{"subjectAltName","X509v3 Subject Alternative Name",
- NID_subject_alt_name,3,&(lvalues[499]),0},
-{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
- 3,&(lvalues[502]),0},
-{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
- 3,&(lvalues[505]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0},
-{"certificatePolicies","X509v3 Certificate Policies",
- NID_certificate_policies,3,&(lvalues[511]),0},
-{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
- NID_authority_key_identifier,3,&(lvalues[514]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
-{"GN","givenName",NID_givenName,3,&(lvalues[534]),0},
-{"SN","surname",NID_surname,3,&(lvalues[537]),0},
-{"initials","initials",NID_initials,3,&(lvalues[540]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"crlDistributionPoints","X509v3 CRL Distribution Points",
- NID_crl_distribution_points,3,&(lvalues[543]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0},
-{"title","title",NID_title,3,&(lvalues[554]),0},
-{"description","description",NID_description,3,&(lvalues[557]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
-{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
- NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
- &(lvalues[602]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[616]),0},
-{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
- &(lvalues[627]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[630]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[636]),0},
-{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
- &(lvalues[643]),0},
-{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
- &(lvalues[651]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[659]),0},
-{"emailProtection","E-mail Protection",NID_email_protect,8,
- &(lvalues[667]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[675]),0},
-{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
- &(lvalues[683]),0},
-{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
- &(lvalues[693]),0},
-{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
- &(lvalues[703]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[713]),0},
-{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
- &(lvalues[723]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[733]),0},
-{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
- &(lvalues[742]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[745]),0},
-{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
- &(lvalues[748]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[751]),0},
-{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
- NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[756]),0},
-{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
- NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[766]),0},
-{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[776]),0},
-{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
- NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[786]),0},
-{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
- NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[796]),0},
-{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
- NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[806]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[816]),0},
-{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
- 11,&(lvalues[827]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[838]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[849]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[860]),0},
-{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
- &(lvalues[871]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[882]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[891]),0},
-{"x509Certificate","x509Certificate",NID_x509Certificate,10,
- &(lvalues[900]),0},
-{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
- &(lvalues[910]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[920]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[930]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[939]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[948]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[956]),0},
-{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
- &(lvalues[964]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
- &(lvalues[972]),0},
-{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
- &(lvalues[981]),0},
-{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
- &(lvalues[990]),0},
-{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
- &(lvalues[999]),0},
-{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
- &(lvalues[1008]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1018]),0},
-{"name","name",NID_name,3,&(lvalues[1027]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1030]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1033]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1040]),0},
-{"authorityInfoAccess","Authority Information Access",NID_info_access,
- 8,&(lvalues[1047]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1055]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1063]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1071]),0},
-{"ISO","iso",NID_iso,0,NULL,0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1079]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1080]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1083]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1088]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1094]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1102]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1110]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1119]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1129]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1139]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1149]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1159]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1169]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1179]),0},
-{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
- &(lvalues[1189]),0},
-{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
- &(lvalues[1200]),0},
-{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
- &(lvalues[1211]),0},
-{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
- 11,&(lvalues[1222]),0},
-{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
- NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1233]),0},
-{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
- NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1244]),0},
-{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
- NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1255]),0},
-{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
- NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1266]),0},
-{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
- 11,&(lvalues[1277]),0},
-{"id-smime-ct-authData","id-smime-ct-authData",
- NID_id_smime_ct_authData,11,&(lvalues[1288]),0},
-{"id-smime-ct-publishCert","id-smime-ct-publishCert",
- NID_id_smime_ct_publishCert,11,&(lvalues[1299]),0},
-{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
- 11,&(lvalues[1310]),0},
-{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
- 11,&(lvalues[1321]),0},
-{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
- NID_id_smime_ct_contentInfo,11,&(lvalues[1332]),0},
-{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
- NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1343]),0},
-{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
- NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1354]),0},
-{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
- NID_id_smime_aa_receiptRequest,11,&(lvalues[1365]),0},
-{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
- NID_id_smime_aa_securityLabel,11,&(lvalues[1376]),0},
-{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
- NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1387]),0},
-{"id-smime-aa-contentHint","id-smime-aa-contentHint",
- NID_id_smime_aa_contentHint,11,&(lvalues[1398]),0},
-{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
- NID_id_smime_aa_msgSigDigest,11,&(lvalues[1409]),0},
-{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
- NID_id_smime_aa_encapContentType,11,&(lvalues[1420]),0},
-{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
- NID_id_smime_aa_contentIdentifier,11,&(lvalues[1431]),0},
-{"id-smime-aa-macValue","id-smime-aa-macValue",
- NID_id_smime_aa_macValue,11,&(lvalues[1442]),0},
-{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
- NID_id_smime_aa_equivalentLabels,11,&(lvalues[1453]),0},
-{"id-smime-aa-contentReference","id-smime-aa-contentReference",
- NID_id_smime_aa_contentReference,11,&(lvalues[1464]),0},
-{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
- NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1475]),0},
-{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
- NID_id_smime_aa_signingCertificate,11,&(lvalues[1486]),0},
-{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
- NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1497]),0},
-{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
- NID_id_smime_aa_timeStampToken,11,&(lvalues[1508]),0},
-{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
- NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1519]),0},
-{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
- NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1530]),0},
-{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
- NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1541]),0},
-{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
- NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1552]),0},
-{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
- NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1563]),0},
-{"id-smime-aa-ets-contentTimestamp",
- "id-smime-aa-ets-contentTimestamp",
- NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1574]),0},
-{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
- NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1585]),0},
-{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
- NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1596]),0},
-{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
- NID_id_smime_aa_ets_certValues,11,&(lvalues[1607]),0},
-{"id-smime-aa-ets-revocationValues",
- "id-smime-aa-ets-revocationValues",
- NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1618]),0},
-{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
- NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1629]),0},
-{"id-smime-aa-ets-certCRLTimestamp",
- "id-smime-aa-ets-certCRLTimestamp",
- NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1640]),0},
-{"id-smime-aa-ets-archiveTimeStamp",
- "id-smime-aa-ets-archiveTimeStamp",
- NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1651]),0},
-{"id-smime-aa-signatureType","id-smime-aa-signatureType",
- NID_id_smime_aa_signatureType,11,&(lvalues[1662]),0},
-{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
- NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1673]),0},
-{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
- NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1684]),0},
-{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
- NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1695]),0},
-{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
- NID_id_smime_alg_3DESwrap,11,&(lvalues[1706]),0},
-{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
- NID_id_smime_alg_RC2wrap,11,&(lvalues[1717]),0},
-{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
- &(lvalues[1728]),0},
-{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
- NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1739]),0},
-{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
- NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1750]),0},
-{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
- &(lvalues[1761]),0},
-{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
- NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1772]),0},
-{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
- NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1783]),0},
-{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
- NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1794]),0},
-{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
- NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1805]),0},
-{"id-smime-cti-ets-proofOfDelivery",
- "id-smime-cti-ets-proofOfDelivery",
- NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1816]),0},
-{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
- NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1827]),0},
-{"id-smime-cti-ets-proofOfApproval",
- "id-smime-cti-ets-proofOfApproval",
- NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1838]),0},
-{"id-smime-cti-ets-proofOfCreation",
- "id-smime-cti-ets-proofOfCreation",
- NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1849]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1860]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1868]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1875]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1882]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1889]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1896]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1903]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1910]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1917]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1924]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1931]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1938]),0},
-{"id-pkix1-explicit-88","id-pkix1-explicit-88",
- NID_id_pkix1_explicit_88,8,&(lvalues[1945]),0},
-{"id-pkix1-implicit-88","id-pkix1-implicit-88",
- NID_id_pkix1_implicit_88,8,&(lvalues[1953]),0},
-{"id-pkix1-explicit-93","id-pkix1-explicit-93",
- NID_id_pkix1_explicit_93,8,&(lvalues[1961]),0},
-{"id-pkix1-implicit-93","id-pkix1-implicit-93",
- NID_id_pkix1_implicit_93,8,&(lvalues[1969]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1977]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1985]),0},
-{"id-mod-kea-profile-88","id-mod-kea-profile-88",
- NID_id_mod_kea_profile_88,8,&(lvalues[1993]),0},
-{"id-mod-kea-profile-93","id-mod-kea-profile-93",
- NID_id_mod_kea_profile_93,8,&(lvalues[2001]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2009]),0},
-{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
- NID_id_mod_qualified_cert_88,8,&(lvalues[2017]),0},
-{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
- NID_id_mod_qualified_cert_93,8,&(lvalues[2025]),0},
-{"id-mod-attribute-cert","id-mod-attribute-cert",
- NID_id_mod_attribute_cert,8,&(lvalues[2033]),0},
-{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
- NID_id_mod_timestamp_protocol,8,&(lvalues[2041]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2049]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2057]),0},
-{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
- &(lvalues[2065]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2073]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2081]),0},
-{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
- &(lvalues[2089]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2097]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2105]),0},
-{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
- &(lvalues[2113]),0},
-{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
- NID_sbgp_autonomousSysNum,8,&(lvalues[2121]),0},
-{"sbgp-routerIdentifier","sbgp-routerIdentifier",
- NID_sbgp_routerIdentifier,8,&(lvalues[2129]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2137]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
- &(lvalues[2145]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2153]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2161]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2169]),0},
-{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
- 8,&(lvalues[2177]),0},
-{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
- NID_id_it_signKeyPairTypes,8,&(lvalues[2185]),0},
-{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
- NID_id_it_encKeyPairTypes,8,&(lvalues[2193]),0},
-{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
- NID_id_it_preferredSymmAlg,8,&(lvalues[2201]),0},
-{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
- NID_id_it_caKeyUpdateInfo,8,&(lvalues[2209]),0},
-{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
- &(lvalues[2217]),0},
-{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
- NID_id_it_unsupportedOIDs,8,&(lvalues[2225]),0},
-{"id-it-subscriptionRequest","id-it-subscriptionRequest",
- NID_id_it_subscriptionRequest,8,&(lvalues[2233]),0},
-{"id-it-subscriptionResponse","id-it-subscriptionResponse",
- NID_id_it_subscriptionResponse,8,&(lvalues[2241]),0},
-{"id-it-keyPairParamReq","id-it-keyPairParamReq",
- NID_id_it_keyPairParamReq,8,&(lvalues[2249]),0},
-{"id-it-keyPairParamRep","id-it-keyPairParamRep",
- NID_id_it_keyPairParamRep,8,&(lvalues[2257]),0},
-{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
- 8,&(lvalues[2265]),0},
-{"id-it-implicitConfirm","id-it-implicitConfirm",
- NID_id_it_implicitConfirm,8,&(lvalues[2273]),0},
-{"id-it-confirmWaitTime","id-it-confirmWaitTime",
- NID_id_it_confirmWaitTime,8,&(lvalues[2281]),0},
-{"id-it-origPKIMessage","id-it-origPKIMessage",
- NID_id_it_origPKIMessage,8,&(lvalues[2289]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2297]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2305]),0},
-{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
- 9,&(lvalues[2313]),0},
-{"id-regCtrl-authenticator","id-regCtrl-authenticator",
- NID_id_regCtrl_authenticator,9,&(lvalues[2322]),0},
-{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
- NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2331]),0},
-{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
- NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2340]),0},
-{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
- NID_id_regCtrl_oldCertID,9,&(lvalues[2349]),0},
-{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
- NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2358]),0},
-{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
- NID_id_regInfo_utf8Pairs,9,&(lvalues[2367]),0},
-{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
- &(lvalues[2376]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2385]),0},
-{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
- &(lvalues[2393]),0},
-{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
- NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2401]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2409]),0},
-{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
- &(lvalues[2417]),0},
-{"id-cmc-identification","id-cmc-identification",
- NID_id_cmc_identification,8,&(lvalues[2425]),0},
-{"id-cmc-identityProof","id-cmc-identityProof",
- NID_id_cmc_identityProof,8,&(lvalues[2433]),0},
-{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
- &(lvalues[2441]),0},
-{"id-cmc-transactionId","id-cmc-transactionId",
- NID_id_cmc_transactionId,8,&(lvalues[2449]),0},
-{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
- &(lvalues[2457]),0},
-{"id-cmc-recipientNonce","id-cmc-recipientNonce",
- NID_id_cmc_recipientNonce,8,&(lvalues[2465]),0},
-{"id-cmc-addExtensions","id-cmc-addExtensions",
- NID_id_cmc_addExtensions,8,&(lvalues[2473]),0},
-{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
- 8,&(lvalues[2481]),0},
-{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
- 8,&(lvalues[2489]),0},
-{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
- NID_id_cmc_lraPOPWitness,8,&(lvalues[2497]),0},
-{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
- &(lvalues[2505]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2513]),0},
-{"id-cmc-revokeRequest","id-cmc-revokeRequest",
- NID_id_cmc_revokeRequest,8,&(lvalues[2521]),0},
-{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
- &(lvalues[2529]),0},
-{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
- 8,&(lvalues[2537]),0},
-{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
- 8,&(lvalues[2545]),0},
-{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
- NID_id_cmc_popLinkRandom,8,&(lvalues[2553]),0},
-{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
- NID_id_cmc_popLinkWitness,8,&(lvalues[2561]),0},
-{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
- NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2569]),0},
-{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
- &(lvalues[2577]),0},
-{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
- &(lvalues[2585]),0},
-{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
- 8,&(lvalues[2593]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2601]),0},
-{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
- NID_id_pda_countryOfCitizenship,8,&(lvalues[2609]),0},
-{"id-pda-countryOfResidence","id-pda-countryOfResidence",
- NID_id_pda_countryOfResidence,8,&(lvalues[2617]),0},
-{"id-aca-authenticationInfo","id-aca-authenticationInfo",
- NID_id_aca_authenticationInfo,8,&(lvalues[2625]),0},
-{"id-aca-accessIdentity","id-aca-accessIdentity",
- NID_id_aca_accessIdentity,8,&(lvalues[2633]),0},
-{"id-aca-chargingIdentity","id-aca-chargingIdentity",
- NID_id_aca_chargingIdentity,8,&(lvalues[2641]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2649]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2657]),0},
-{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
- NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2665]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2673]),0},
-{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
- &(lvalues[2681]),0},
-{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
- &(lvalues[2689]),0},
-{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
- &(lvalues[2697]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2705]),0},
-{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
- &(lvalues[2713]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2722]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2731]),0},
-{"acceptableResponses","Acceptable OCSP Responses",
- NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2740]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2749]),0},
-{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
- 9,&(lvalues[2758]),0},
-{"serviceLocator","OCSP Service Locator",
- NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2767]),0},
-{"extendedStatus","Extended OCSP Status",
- NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2776]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2785]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2794]),0},
-{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
- &(lvalues[2803]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2812]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2816]),0},
-{"X500algorithms","directory services - algorithms",
- NID_X500algorithms,2,&(lvalues[2821]),0},
-{"ORG","org",NID_org,1,&(lvalues[2823]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2824]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2826]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2829]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2833]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2837]),0},
-{"private","Private",NID_Private,4,&(lvalues[2841]),0},
-{"security","Security",NID_Security,4,&(lvalues[2845]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2849]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2853]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2857]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2862]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2871]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2881]),0},
-{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0},
-{"selected-attribute-types","Selected Attribute Types",
- NID_selected_attribute_types,3,&(lvalues[2891]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2894]),0},
-{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
- &(lvalues[2898]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2907]),0},
-{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
- &(lvalues[2915]),0},
-{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
- &(lvalues[2923]),0},
-{"role","role",NID_role,3,&(lvalues[2931]),0},
-{"policyConstraints","X509v3 Policy Constraints",
- NID_policy_constraints,3,&(lvalues[2934]),0},
-{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
- &(lvalues[2937]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
- &(lvalues[2940]),0},
-{"NULL","NULL",NID_ccitt,0,NULL,0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2943]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2948]),0},
-{"characteristic-two-field","characteristic-two-field",
- NID_X9_62_characteristic_two_field,7,&(lvalues[2955]),0},
-{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
- &(lvalues[2962]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2969]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2977]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2985]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2993]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3001]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3009]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3017]),0},
-{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
- &(lvalues[3025]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3032]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3041]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3050]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3059]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3068]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3077]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3086]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3095]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3104]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3113]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3122]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3131]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3140]),0},
-{"holdInstructionCode","Hold Instruction Code",
- NID_hold_instruction_code,3,&(lvalues[3149]),0},
-{"holdInstructionNone","Hold Instruction None",
- NID_hold_instruction_none,7,&(lvalues[3152]),0},
-{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
- NID_hold_instruction_call_issuer,7,&(lvalues[3159]),0},
-{"holdInstructionReject","Hold Instruction Reject",
- NID_hold_instruction_reject,7,&(lvalues[3166]),0},
-{"data","data",NID_data,1,&(lvalues[3173]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3174]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3177]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3184]),0},
-{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
- &(lvalues[3192]),0},
-{"pilotAttributeSyntax","pilotAttributeSyntax",
- NID_pilotAttributeSyntax,9,&(lvalues[3201]),0},
-{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
- &(lvalues[3210]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3219]),0},
-{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
- &(lvalues[3228]),0},
-{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
- NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3238]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3248]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3258]),0},
-{"account","account",NID_account,10,&(lvalues[3268]),0},
-{"document","document",NID_document,10,&(lvalues[3278]),0},
-{"room","room",NID_room,10,&(lvalues[3288]),0},
-{"documentSeries","documentSeries",NID_documentSeries,10,
- &(lvalues[3298]),0},
-{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
- &(lvalues[3308]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3318]),0},
-{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
- 10,&(lvalues[3328]),0},
-{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
- &(lvalues[3338]),0},
-{"simpleSecurityObject","simpleSecurityObject",
- NID_simpleSecurityObject,10,&(lvalues[3348]),0},
-{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
- &(lvalues[3358]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3368]),0},
-{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
- 10,&(lvalues[3378]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3388]),0},
-{"textEncodedORAddress","textEncodedORAddress",
- NID_textEncodedORAddress,10,&(lvalues[3398]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3408]),0},
-{"info","info",NID_info,10,&(lvalues[3418]),0},
-{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
- &(lvalues[3428]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3438]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3448]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3458]),0},
-{"host","host",NID_host,10,&(lvalues[3468]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3478]),0},
-{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
- &(lvalues[3488]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3498]),0},
-{"documentVersion","documentVersion",NID_documentVersion,10,
- &(lvalues[3508]),0},
-{"documentAuthor","documentAuthor",NID_documentAuthor,10,
- &(lvalues[3518]),0},
-{"documentLocation","documentLocation",NID_documentLocation,10,
- &(lvalues[3528]),0},
-{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
- 10,&(lvalues[3538]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3548]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3558]),0},
-{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
- &(lvalues[3568]),0},
-{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
- &(lvalues[3578]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3588]),0},
-{"pilotAttributeType27","pilotAttributeType27",
- NID_pilotAttributeType27,10,&(lvalues[3598]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3608]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3618]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3628]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3638]),0},
-{"associatedDomain","associatedDomain",NID_associatedDomain,10,
- &(lvalues[3648]),0},
-{"associatedName","associatedName",NID_associatedName,10,
- &(lvalues[3658]),0},
-{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
- &(lvalues[3668]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3678]),0},
-{"mobileTelephoneNumber","mobileTelephoneNumber",
- NID_mobileTelephoneNumber,10,&(lvalues[3688]),0},
-{"pagerTelephoneNumber","pagerTelephoneNumber",
- NID_pagerTelephoneNumber,10,&(lvalues[3698]),0},
-{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
- 10,&(lvalues[3708]),0},
-{"organizationalStatus","organizationalStatus",
- NID_organizationalStatus,10,&(lvalues[3718]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3728]),0},
-{"mailPreferenceOption","mailPreferenceOption",
- NID_mailPreferenceOption,10,&(lvalues[3738]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3748]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3758]),0},
-{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
- &(lvalues[3768]),0},
-{"subtreeMinimumQuality","subtreeMinimumQuality",
- NID_subtreeMinimumQuality,10,&(lvalues[3778]),0},
-{"subtreeMaximumQuality","subtreeMaximumQuality",
- NID_subtreeMaximumQuality,10,&(lvalues[3788]),0},
-{"personalSignature","personalSignature",NID_personalSignature,10,
- &(lvalues[3798]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3808]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3818]),0},
-{"documentPublisher","documentPublisher",NID_documentPublisher,10,
- &(lvalues[3828]),0},
-{"x500UniqueIdentifier","x500UniqueIdentifier",
- NID_x500UniqueIdentifier,3,&(lvalues[3838]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3841]),0},
-{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
- &(lvalues[3846]),0},
-{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
- &(lvalues[3852]),0},
-{"id-hex-partial-message","id-hex-partial-message",
- NID_id_hex_partial_message,7,&(lvalues[3858]),0},
-{"id-hex-multipart-message","id-hex-multipart-message",
- NID_id_hex_multipart_message,7,&(lvalues[3865]),0},
-{"generationQualifier","generationQualifier",NID_generationQualifier,
- 3,&(lvalues[3872]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3875]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-set","Secure Electronic Transactions",NID_id_set,2,
- &(lvalues[3878]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3880]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3883]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3886]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3889]),0},
-{"set-certExt","certificate extensions",NID_set_certExt,3,
- &(lvalues[3892]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3895]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3898]),0},
-{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
- &(lvalues[3902]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3906]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3910]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3914]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3918]),0},
-{"setct-PIDataUnsigned","setct-PIDataUnsigned",
- NID_setct_PIDataUnsigned,4,&(lvalues[3922]),0},
-{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
- &(lvalues[3926]),0},
-{"setct-AuthResBaggage","setct-AuthResBaggage",
- NID_setct_AuthResBaggage,4,&(lvalues[3930]),0},
-{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
- NID_setct_AuthRevReqBaggage,4,&(lvalues[3934]),0},
-{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
- NID_setct_AuthRevResBaggage,4,&(lvalues[3938]),0},
-{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
- &(lvalues[3942]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
- &(lvalues[3946]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3950]),0},
-{"setct-PResData","setct-PResData",NID_setct_PResData,4,
- &(lvalues[3954]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
- &(lvalues[3958]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
- &(lvalues[3962]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
- &(lvalues[3966]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
- &(lvalues[3970]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
- &(lvalues[3974]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
- &(lvalues[3978]),0},
-{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
- NID_setct_AcqCardCodeMsg,4,&(lvalues[3982]),0},
-{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
- 4,&(lvalues[3986]),0},
-{"setct-AuthRevResData","setct-AuthRevResData",
- NID_setct_AuthRevResData,4,&(lvalues[3990]),0},
-{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
- 4,&(lvalues[3994]),0},
-{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
- &(lvalues[3998]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
- &(lvalues[4002]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
- &(lvalues[4006]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
- &(lvalues[4010]),0},
-{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
- 4,&(lvalues[4014]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
- 4,&(lvalues[4018]),0},
-{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
- &(lvalues[4022]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
- &(lvalues[4026]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
- &(lvalues[4030]),0},
-{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
- 4,&(lvalues[4034]),0},
-{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
- NID_setct_CredRevReqTBSX,4,&(lvalues[4038]),0},
-{"setct-CredRevResData","setct-CredRevResData",
- NID_setct_CredRevResData,4,&(lvalues[4042]),0},
-{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
- &(lvalues[4046]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
- &(lvalues[4050]),0},
-{"setct-BatchAdminReqData","setct-BatchAdminReqData",
- NID_setct_BatchAdminReqData,4,&(lvalues[4054]),0},
-{"setct-BatchAdminResData","setct-BatchAdminResData",
- NID_setct_BatchAdminResData,4,&(lvalues[4058]),0},
-{"setct-CardCInitResTBS","setct-CardCInitResTBS",
- NID_setct_CardCInitResTBS,4,&(lvalues[4062]),0},
-{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
- NID_setct_MeAqCInitResTBS,4,&(lvalues[4066]),0},
-{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
- 4,&(lvalues[4070]),0},
-{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
- &(lvalues[4074]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
- &(lvalues[4078]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
- &(lvalues[4082]),0},
-{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
- 4,&(lvalues[4086]),0},
-{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
- &(lvalues[4090]),0},
-{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
- NID_setct_PIDualSignedTBE,4,&(lvalues[4094]),0},
-{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
- 4,&(lvalues[4098]),0},
-{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
- &(lvalues[4102]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
- &(lvalues[4106]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
- &(lvalues[4110]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
- &(lvalues[4114]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
- &(lvalues[4118]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
- &(lvalues[4122]),0},
-{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
- NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4126]),0},
-{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
- 4,&(lvalues[4130]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
- 4,&(lvalues[4134]),0},
-{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
- NID_setct_AuthRevResTBEB,4,&(lvalues[4138]),0},
-{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
- &(lvalues[4142]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
- &(lvalues[4146]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
- &(lvalues[4150]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
- &(lvalues[4154]),0},
-{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
- 4,&(lvalues[4158]),0},
-{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
- &(lvalues[4162]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
- &(lvalues[4166]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
- &(lvalues[4170]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
- &(lvalues[4174]),0},
-{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
- 4,&(lvalues[4178]),0},
-{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
- NID_setct_CredRevReqTBEX,4,&(lvalues[4182]),0},
-{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
- 4,&(lvalues[4186]),0},
-{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
- NID_setct_BatchAdminReqTBE,4,&(lvalues[4190]),0},
-{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
- NID_setct_BatchAdminResTBE,4,&(lvalues[4194]),0},
-{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
- 4,&(lvalues[4198]),0},
-{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
- &(lvalues[4202]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
- &(lvalues[4206]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
- &(lvalues[4210]),0},
-{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
- NID_setct_CRLNotificationTBS,4,&(lvalues[4214]),0},
-{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
- NID_setct_CRLNotificationResTBS,4,&(lvalues[4218]),0},
-{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
- NID_setct_BCIDistributionTBS,4,&(lvalues[4222]),0},
-{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
- &(lvalues[4226]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
- &(lvalues[4230]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
- &(lvalues[4234]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4238]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4242]),0},
-{"setext-cv","additional verification",NID_setext_cv,4,
- &(lvalues[4246]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
- &(lvalues[4250]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
- &(lvalues[4254]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
- &(lvalues[4258]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
- &(lvalues[4262]),0},
-{"setCext-cCertRequired","setCext-cCertRequired",
- NID_setCext_cCertRequired,4,&(lvalues[4266]),0},
-{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
- &(lvalues[4270]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
- &(lvalues[4274]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
- &(lvalues[4278]),0},
-{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
- NID_setCext_PGWYcapabilities,4,&(lvalues[4282]),0},
-{"setCext-TokenIdentifier","setCext-TokenIdentifier",
- NID_setCext_TokenIdentifier,4,&(lvalues[4286]),0},
-{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
- &(lvalues[4290]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
- &(lvalues[4294]),0},
-{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
- NID_setCext_IssuerCapabilities,4,&(lvalues[4298]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4302]),0},
-{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
- 4,&(lvalues[4306]),0},
-{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
- &(lvalues[4310]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
- &(lvalues[4314]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
- &(lvalues[4318]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4323]),0},
-{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
- &(lvalues[4328]),0},
-{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
- NID_setAttr_Token_B0Prime,5,&(lvalues[4333]),0},
-{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
- &(lvalues[4338]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
- &(lvalues[4343]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
- &(lvalues[4348]),0},
-{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
- 6,&(lvalues[4353]),0},
-{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
- &(lvalues[4359]),0},
-{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
- &(lvalues[4365]),0},
-{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
- &(lvalues[4371]),0},
-{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
- 6,&(lvalues[4377]),0},
-{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
- &(lvalues[4383]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
- &(lvalues[4387]),0},
-{"set-brand-AmericanExpress","set-brand-AmericanExpress",
- NID_set_brand_AmericanExpress,4,&(lvalues[4391]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4395]),0},
-{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
- &(lvalues[4399]),0},
-{"set-brand-MasterCard","set-brand-MasterCard",
- NID_set_brand_MasterCard,4,&(lvalues[4403]),0},
-{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
- &(lvalues[4407]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4412]),0},
-{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
- NID_rsaOAEPEncryptionSET,9,&(lvalues[4420]),0},
-{"ITU-T","itu-t",NID_itu_t,0,NULL,0},
-{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0},
-{"international-organizations","International Organizations",
- NID_international_organizations,1,&(lvalues[4429]),0},
-{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
- 10,&(lvalues[4430]),0},
-{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
- &(lvalues[4440]),0},
-{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
-{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
-{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
-{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0},
-{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0},
-{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0},
-{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0},
-{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
-{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
-{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
-{"street","streetAddress",NID_streetAddress,3,&(lvalues[4450]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4453]),0},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4456]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
- &(lvalues[4463]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
- &(lvalues[4471]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
- &(lvalues[4479]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
- &(lvalues[4487]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4490]),0},
-{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
- &(lvalues[4498]),0},
-{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
- &(lvalues[4507]),0},
-{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
- &(lvalues[4516]),0},
-{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
- &(lvalues[4525]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4534]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4543]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4552]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4561]),0},
-{"identified-organization","identified-organization",
- NID_identified_organization,1,&(lvalues[4570]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4571]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4574]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4576]),0},
-{"id-characteristic-two-basis","id-characteristic-two-basis",
- NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4579]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4587]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4596]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4605]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4614]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4622]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4630]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4638]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4646]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4654]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4662]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4670]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4678]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4686]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4694]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4702]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4710]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4718]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4726]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4734]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4742]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4750]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4758]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4766]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4774]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4779]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4784]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4789]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4794]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4799]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4804]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4809]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4814]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4819]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4824]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4829]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4834]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4839]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4844]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4849]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4854]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4859]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4864]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4869]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4874]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4879]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4884]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4889]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4894]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4899]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4904]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4909]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4914]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4919]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4924]),0},
-{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
- NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4929]),0},
-{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
- NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4934]),0},
-{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
- NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4939]),0},
-{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
- NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4944]),0},
-{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
- NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4949]),0},
-{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
- NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4954]),0},
-{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
- NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4959]),0},
-{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
- NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4964]),0},
-{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
- NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4969]),0},
-{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
- NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4974]),0},
-{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
- NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4979]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4984]),0},
-{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
- &(lvalues[4988]),0},
-{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
- NID_inhibit_any_policy,3,&(lvalues[4991]),0},
-{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
-{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
-{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
- &(lvalues[4994]),0},
-{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
- &(lvalues[5005]),0},
-{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
- &(lvalues[5016]),0},
-{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
- &(lvalues[5027]),0},
-{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
- &(lvalues[5035]),0},
-{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
- &(lvalues[5043]),0},
-{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
- &(lvalues[5051]),0},
-{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
- &(lvalues[5059]),0},
-{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
- &(lvalues[5067]),0},
-{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
-{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
-{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
-{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
-{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
-{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
-{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
- &(lvalues[5075]),0},
-{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
- &(lvalues[5083]),0},
-{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
- &(lvalues[5091]),0},
-{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
- NID_subject_directory_attributes,3,&(lvalues[5099]),0},
-{"issuingDistributionPoint","X509v3 Issuing Distribution Point",
- NID_issuing_distribution_point,3,&(lvalues[5102]),0},
-{"certificateIssuer","X509v3 Certificate Issuer",
- NID_certificate_issuer,3,&(lvalues[5105]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"KISA","kisa",NID_kisa,6,&(lvalues[5108]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5114]),0},
-{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5122]),0},
-{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5130]),0},
-{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5138]),0},
-{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5146]),0},
-{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5154]),0},
-{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
- &(lvalues[5162]),0},
-{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
- &(lvalues[5171]),0},
-{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
- &(lvalues[5180]),0},
-{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5188]),0},
-{"id-smime-ct-compressedData","id-smime-ct-compressedData",
- NID_id_smime_ct_compressedData,11,&(lvalues[5196]),0},
-{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
- NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5207]),0},
-{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
- &(lvalues[5218]),0},
-{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
- &(lvalues[5227]),0},
-{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
- &(lvalues[5236]),0},
-{"ecdsa-with-Recommended","ecdsa-with-Recommended",
- NID_ecdsa_with_Recommended,7,&(lvalues[5245]),0},
-{"ecdsa-with-Specified","ecdsa-with-Specified",
- NID_ecdsa_with_Specified,7,&(lvalues[5252]),0},
-{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
- &(lvalues[5259]),0},
-{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
- &(lvalues[5267]),0},
-{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
- &(lvalues[5275]),0},
-{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
- &(lvalues[5283]),0},
-{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5291]),0},
-{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
- &(lvalues[5299]),0},
-{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
- &(lvalues[5307]),0},
-{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
- &(lvalues[5315]),0},
-{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
- &(lvalues[5323]),0},
-{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
- &(lvalues[5331]),0},
-{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
- &(lvalues[5340]),0},
-{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5349]),0},
-{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5355]),0},
-{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5360]),0},
-{"id-GostR3411-94-with-GostR3410-2001",
- "GOST R 34.11-94 with GOST R 34.10-2001",
- NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5365]),0},
-{"id-GostR3411-94-with-GostR3410-94",
- "GOST R 34.11-94 with GOST R 34.10-94",
- NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5371]),0},
-{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5377]),0},
-{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
- &(lvalues[5383]),0},
-{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
- &(lvalues[5389]),0},
-{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5395]),0},
-{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5401]),0},
-{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
-{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
- &(lvalues[5407]),0},
-{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
- &(lvalues[5413]),0},
-{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
- 6,&(lvalues[5419]),0},
-{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
- &(lvalues[5425]),0},
-{"id-Gost28147-89-CryptoPro-KeyMeshing",
- "id-Gost28147-89-CryptoPro-KeyMeshing",
- NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5431]),0},
-{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
- NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5438]),0},
-{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
- NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5445]),0},
-{"id-GostR3411-94-CryptoProParamSet",
- "id-GostR3411-94-CryptoProParamSet",
- NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5452]),0},
-{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
- NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5459]),0},
-{"id-Gost28147-89-CryptoPro-A-ParamSet",
- "id-Gost28147-89-CryptoPro-A-ParamSet",
- NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5466]),0},
-{"id-Gost28147-89-CryptoPro-B-ParamSet",
- "id-Gost28147-89-CryptoPro-B-ParamSet",
- NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5473]),0},
-{"id-Gost28147-89-CryptoPro-C-ParamSet",
- "id-Gost28147-89-CryptoPro-C-ParamSet",
- NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5480]),0},
-{"id-Gost28147-89-CryptoPro-D-ParamSet",
- "id-Gost28147-89-CryptoPro-D-ParamSet",
- NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5487]),0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
- "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5494]),
- 0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
- "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
- NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5501]),
- 0},
-{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
- "id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
- NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5508]),0},
-{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
- NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5515]),0},
-{"id-GostR3410-94-CryptoPro-A-ParamSet",
- "id-GostR3410-94-CryptoPro-A-ParamSet",
- NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5522]),0},
-{"id-GostR3410-94-CryptoPro-B-ParamSet",
- "id-GostR3410-94-CryptoPro-B-ParamSet",
- NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5529]),0},
-{"id-GostR3410-94-CryptoPro-C-ParamSet",
- "id-GostR3410-94-CryptoPro-C-ParamSet",
- NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5536]),0},
-{"id-GostR3410-94-CryptoPro-D-ParamSet",
- "id-GostR3410-94-CryptoPro-D-ParamSet",
- NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5543]),0},
-{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
- "id-GostR3410-94-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5550]),0},
-{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
- "id-GostR3410-94-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5557]),0},
-{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
- "id-GostR3410-94-CryptoPro-XchC-ParamSet",
- NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5564]),0},
-{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
- NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5571]),0},
-{"id-GostR3410-2001-CryptoPro-A-ParamSet",
- "id-GostR3410-2001-CryptoPro-A-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5578]),0},
-{"id-GostR3410-2001-CryptoPro-B-ParamSet",
- "id-GostR3410-2001-CryptoPro-B-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5585]),0},
-{"id-GostR3410-2001-CryptoPro-C-ParamSet",
- "id-GostR3410-2001-CryptoPro-C-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5592]),0},
-{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
- "id-GostR3410-2001-CryptoPro-XchA-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5599]),0},
-
-{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
- "id-GostR3410-2001-CryptoPro-XchB-ParamSet",
- NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5606]),0},
-
-{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
- &(lvalues[5613]),0},
-{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
- NID_id_GostR3410_94_aBis,7,&(lvalues[5620]),0},
-{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
- &(lvalues[5627]),0},
-{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
- NID_id_GostR3410_94_bBis,7,&(lvalues[5634]),0},
-{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
- NID_id_Gost28147_89_cc,8,&(lvalues[5641]),0},
-{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
- &(lvalues[5649]),0},
-{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
- &(lvalues[5657]),0},
-{"id-GostR3411-94-with-GostR3410-94-cc",
- "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5665]),0},
-{"id-GostR3411-94-with-GostR3410-2001-cc",
- "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
- NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5673]),0},
-{"id-GostR3410-2001-ParamSet-cc",
- "GOST R 3410-2001 Parameter Set Cryptocom",
- NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5681]),0},
-{"HMAC","hmac",NID_hmac,0,NULL,0},
-{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
- &(lvalues[5689]),0},
-{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
- &(lvalues[5698]),0},
-{"id-on-permanentIdentifier","Permanent Identifier",
- NID_id_on_permanentIdentifier,8,&(lvalues[5701]),0},
-{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5709]),0},
-{"businessCategory","businessCategory",NID_businessCategory,3,
- &(lvalues[5712]),0},
-{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5715]),0},
-{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5718]),0},
-{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
- NID_physicalDeliveryOfficeName,3,&(lvalues[5721]),0},
-{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
- &(lvalues[5724]),0},
-{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5727]),0},
-{"teletexTerminalIdentifier","teletexTerminalIdentifier",
- NID_teletexTerminalIdentifier,3,&(lvalues[5730]),0},
-{"facsimileTelephoneNumber","facsimileTelephoneNumber",
- NID_facsimileTelephoneNumber,3,&(lvalues[5733]),0},
-{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5736]),0},
-{"internationaliSDNNumber","internationaliSDNNumber",
- NID_internationaliSDNNumber,3,&(lvalues[5739]),0},
-{"registeredAddress","registeredAddress",NID_registeredAddress,3,
- &(lvalues[5742]),0},
-{"destinationIndicator","destinationIndicator",
- NID_destinationIndicator,3,&(lvalues[5745]),0},
-{"preferredDeliveryMethod","preferredDeliveryMethod",
- NID_preferredDeliveryMethod,3,&(lvalues[5748]),0},
-{"presentationAddress","presentationAddress",NID_presentationAddress,
- 3,&(lvalues[5751]),0},
-{"supportedApplicationContext","supportedApplicationContext",
- NID_supportedApplicationContext,3,&(lvalues[5754]),0},
-{"member","member",NID_member,3,&(lvalues[5757]),0},
-{"owner","owner",NID_owner,3,&(lvalues[5760]),0},
-{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5763]),0},
-{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5766]),0},
-{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5769]),0},
-{"userCertificate","userCertificate",NID_userCertificate,3,
- &(lvalues[5772]),0},
-{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5775]),0},
-{"authorityRevocationList","authorityRevocationList",
- NID_authorityRevocationList,3,&(lvalues[5778]),0},
-{"certificateRevocationList","certificateRevocationList",
- NID_certificateRevocationList,3,&(lvalues[5781]),0},
-{"crossCertificatePair","crossCertificatePair",
- NID_crossCertificatePair,3,&(lvalues[5784]),0},
-{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
- 3,&(lvalues[5787]),0},
-{"protocolInformation","protocolInformation",NID_protocolInformation,
- 3,&(lvalues[5790]),0},
-{"distinguishedName","distinguishedName",NID_distinguishedName,3,
- &(lvalues[5793]),0},
-{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5796]),0},
-{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
- &(lvalues[5799]),0},
-{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
- 3,&(lvalues[5802]),0},
-{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
- 3,&(lvalues[5805]),0},
-{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5808]),0},
-{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
- &(lvalues[5811]),0},
-{"CMAC","cmac",NID_cmac,0,NULL,0},
-{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5822]),0},
-{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5831]),0},
-{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
- &(lvalues[5840]),0},
-{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5849]),0},
-{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5858]),0},
-{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
- &(lvalues[5867]),0},
-{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5876]),0},
-{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5885]),0},
-{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
- &(lvalues[5894]),0},
-{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
-{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
-{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
-{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
- 11,&(lvalues[5903]),0},
-{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
- 11,&(lvalues[5914]),0},
-{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
- 11,&(lvalues[5925]),0},
-{"anyExtendedKeyUsage","Any Extended Key Usage",
- NID_anyExtendedKeyUsage,4,&(lvalues[5936]),0},
-{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5940]),0},
-{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5949]),0},
-{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
-{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
-{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
-{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
- NID_aes_128_cbc_hmac_sha1,0,NULL,0},
-{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
- NID_aes_192_cbc_hmac_sha1,0,NULL,0},
-{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
- NID_aes_256_cbc_hmac_sha1,0,NULL,0},
-{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5958]),0},
-{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5967]),0},
-{"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9,
- &(lvalues[5974]),0},
-{"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9,
- &(lvalues[5983]),0},
-{"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9,
- &(lvalues[5992]),0},
-{"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9,
- &(lvalues[6001]),0},
-{"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9,
- &(lvalues[6010]),0},
-{"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9,
- &(lvalues[6019]),0},
-{"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9,
- &(lvalues[6028]),0},
-{"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9,
- &(lvalues[6037]),0},
-{"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9,
- &(lvalues[6046]),0},
-{"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9,
- &(lvalues[6055]),0},
-{"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9,
- &(lvalues[6064]),0},
-{"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9,
- &(lvalues[6073]),0},
-{"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9,
- &(lvalues[6082]),0},
-{"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9,
- &(lvalues[6091]),0},
-{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6100]),0},
-{"dhSinglePass-stdDH-sha1kdf-scheme",
- "dhSinglePass-stdDH-sha1kdf-scheme",
- NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6109]),0},
-{"dhSinglePass-stdDH-sha224kdf-scheme",
- "dhSinglePass-stdDH-sha224kdf-scheme",
- NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6118]),0},
-{"dhSinglePass-stdDH-sha256kdf-scheme",
- "dhSinglePass-stdDH-sha256kdf-scheme",
- NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6124]),0},
-{"dhSinglePass-stdDH-sha384kdf-scheme",
- "dhSinglePass-stdDH-sha384kdf-scheme",
- NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6130]),0},
-{"dhSinglePass-stdDH-sha512kdf-scheme",
- "dhSinglePass-stdDH-sha512kdf-scheme",
- NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6136]),0},
-{"dhSinglePass-cofactorDH-sha1kdf-scheme",
- "dhSinglePass-cofactorDH-sha1kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6142]),0},
-{"dhSinglePass-cofactorDH-sha224kdf-scheme",
- "dhSinglePass-cofactorDH-sha224kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6151]),0},
-{"dhSinglePass-cofactorDH-sha256kdf-scheme",
- "dhSinglePass-cofactorDH-sha256kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6157]),0},
-{"dhSinglePass-cofactorDH-sha384kdf-scheme",
- "dhSinglePass-cofactorDH-sha384kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6163]),0},
-{"dhSinglePass-cofactorDH-sha512kdf-scheme",
- "dhSinglePass-cofactorDH-sha512kdf-scheme",
- NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6169]),0},
-{"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0},
-{"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0},
-{"X25519","X25519",NID_X25519,0,NULL,0},
+static const ASN1_OBJECT kObjects[NUM_NID] = {
+ {"UNDEF", "undefined", NID_undef, 0, NULL, 0},
+ {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &kObjectData[0], 0},
+ {"pkcs", "RSA Data Security, Inc. PKCS", NID_pkcs, 7, &kObjectData[6], 0},
+ {"MD2", "md2", NID_md2, 8, &kObjectData[13], 0},
+ {"MD5", "md5", NID_md5, 8, &kObjectData[21], 0},
+ {"RC4", "rc4", NID_rc4, 8, &kObjectData[29], 0},
+ {"rsaEncryption", "rsaEncryption", NID_rsaEncryption, 9, &kObjectData[37],
+ 0},
+ {"RSA-MD2", "md2WithRSAEncryption", NID_md2WithRSAEncryption, 9,
+ &kObjectData[46], 0},
+ {"RSA-MD5", "md5WithRSAEncryption", NID_md5WithRSAEncryption, 9,
+ &kObjectData[55], 0},
+ {"PBE-MD2-DES", "pbeWithMD2AndDES-CBC", NID_pbeWithMD2AndDES_CBC, 9,
+ &kObjectData[64], 0},
+ {"PBE-MD5-DES", "pbeWithMD5AndDES-CBC", NID_pbeWithMD5AndDES_CBC, 9,
+ &kObjectData[73], 0},
+ {"X500", "directory services (X.500)", NID_X500, 1, &kObjectData[82], 0},
+ {"X509", "X509", NID_X509, 2, &kObjectData[83], 0},
+ {"CN", "commonName", NID_commonName, 3, &kObjectData[85], 0},
+ {"C", "countryName", NID_countryName, 3, &kObjectData[88], 0},
+ {"L", "localityName", NID_localityName, 3, &kObjectData[91], 0},
+ {"ST", "stateOrProvinceName", NID_stateOrProvinceName, 3, &kObjectData[94],
+ 0},
+ {"O", "organizationName", NID_organizationName, 3, &kObjectData[97], 0},
+ {"OU", "organizationalUnitName", NID_organizationalUnitName, 3,
+ &kObjectData[100], 0},
+ {"RSA", "rsa", NID_rsa, 4, &kObjectData[103], 0},
+ {"pkcs7", "pkcs7", NID_pkcs7, 8, &kObjectData[107], 0},
+ {"pkcs7-data", "pkcs7-data", NID_pkcs7_data, 9, &kObjectData[115], 0},
+ {"pkcs7-signedData", "pkcs7-signedData", NID_pkcs7_signed, 9,
+ &kObjectData[124], 0},
+ {"pkcs7-envelopedData", "pkcs7-envelopedData", NID_pkcs7_enveloped, 9,
+ &kObjectData[133], 0},
+ {"pkcs7-signedAndEnvelopedData", "pkcs7-signedAndEnvelopedData",
+ NID_pkcs7_signedAndEnveloped, 9, &kObjectData[142], 0},
+ {"pkcs7-digestData", "pkcs7-digestData", NID_pkcs7_digest, 9,
+ &kObjectData[151], 0},
+ {"pkcs7-encryptedData", "pkcs7-encryptedData", NID_pkcs7_encrypted, 9,
+ &kObjectData[160], 0},
+ {"pkcs3", "pkcs3", NID_pkcs3, 8, &kObjectData[169], 0},
+ {"dhKeyAgreement", "dhKeyAgreement", NID_dhKeyAgreement, 9,
+ &kObjectData[177], 0},
+ {"DES-ECB", "des-ecb", NID_des_ecb, 5, &kObjectData[186], 0},
+ {"DES-CFB", "des-cfb", NID_des_cfb64, 5, &kObjectData[191], 0},
+ {"DES-CBC", "des-cbc", NID_des_cbc, 5, &kObjectData[196], 0},
+ {"DES-EDE", "des-ede", NID_des_ede_ecb, 5, &kObjectData[201], 0},
+ {"DES-EDE3", "des-ede3", NID_des_ede3_ecb, 0, NULL, 0},
+ {"IDEA-CBC", "idea-cbc", NID_idea_cbc, 11, &kObjectData[206], 0},
+ {"IDEA-CFB", "idea-cfb", NID_idea_cfb64, 0, NULL, 0},
+ {"IDEA-ECB", "idea-ecb", NID_idea_ecb, 0, NULL, 0},
+ {"RC2-CBC", "rc2-cbc", NID_rc2_cbc, 8, &kObjectData[217], 0},
+ {"RC2-ECB", "rc2-ecb", NID_rc2_ecb, 0, NULL, 0},
+ {"RC2-CFB", "rc2-cfb", NID_rc2_cfb64, 0, NULL, 0},
+ {"RC2-OFB", "rc2-ofb", NID_rc2_ofb64, 0, NULL, 0},
+ {"SHA", "sha", NID_sha, 5, &kObjectData[225], 0},
+ {"RSA-SHA", "shaWithRSAEncryption", NID_shaWithRSAEncryption, 5,
+ &kObjectData[230], 0},
+ {"DES-EDE-CBC", "des-ede-cbc", NID_des_ede_cbc, 0, NULL, 0},
+ {"DES-EDE3-CBC", "des-ede3-cbc", NID_des_ede3_cbc, 8, &kObjectData[235], 0},
+ {"DES-OFB", "des-ofb", NID_des_ofb64, 5, &kObjectData[243], 0},
+ {"IDEA-OFB", "idea-ofb", NID_idea_ofb64, 0, NULL, 0},
+ {"pkcs9", "pkcs9", NID_pkcs9, 8, &kObjectData[248], 0},
+ {"emailAddress", "emailAddress", NID_pkcs9_emailAddress, 9,
+ &kObjectData[256], 0},
+ {"unstructuredName", "unstructuredName", NID_pkcs9_unstructuredName, 9,
+ &kObjectData[265], 0},
+ {"contentType", "contentType", NID_pkcs9_contentType, 9, &kObjectData[274],
+ 0},
+ {"messageDigest", "messageDigest", NID_pkcs9_messageDigest, 9,
+ &kObjectData[283], 0},
+ {"signingTime", "signingTime", NID_pkcs9_signingTime, 9, &kObjectData[292],
+ 0},
+ {"countersignature", "countersignature", NID_pkcs9_countersignature, 9,
+ &kObjectData[301], 0},
+ {"challengePassword", "challengePassword", NID_pkcs9_challengePassword, 9,
+ &kObjectData[310], 0},
+ {"unstructuredAddress", "unstructuredAddress",
+ NID_pkcs9_unstructuredAddress, 9, &kObjectData[319], 0},
+ {"extendedCertificateAttributes", "extendedCertificateAttributes",
+ NID_pkcs9_extCertAttributes, 9, &kObjectData[328], 0},
+ {"Netscape", "Netscape Communications Corp.", NID_netscape, 7,
+ &kObjectData[337], 0},
+ {"nsCertExt", "Netscape Certificate Extension", NID_netscape_cert_extension,
+ 8, &kObjectData[344], 0},
+ {"nsDataType", "Netscape Data Type", NID_netscape_data_type, 8,
+ &kObjectData[352], 0},
+ {"DES-EDE-CFB", "des-ede-cfb", NID_des_ede_cfb64, 0, NULL, 0},
+ {"DES-EDE3-CFB", "des-ede3-cfb", NID_des_ede3_cfb64, 0, NULL, 0},
+ {"DES-EDE-OFB", "des-ede-ofb", NID_des_ede_ofb64, 0, NULL, 0},
+ {"DES-EDE3-OFB", "des-ede3-ofb", NID_des_ede3_ofb64, 0, NULL, 0},
+ {"SHA1", "sha1", NID_sha1, 5, &kObjectData[360], 0},
+ {"RSA-SHA1", "sha1WithRSAEncryption", NID_sha1WithRSAEncryption, 9,
+ &kObjectData[365], 0},
+ {"DSA-SHA", "dsaWithSHA", NID_dsaWithSHA, 5, &kObjectData[374], 0},
+ {"DSA-old", "dsaEncryption-old", NID_dsa_2, 5, &kObjectData[379], 0},
+ {"PBE-SHA1-RC2-64", "pbeWithSHA1AndRC2-CBC", NID_pbeWithSHA1AndRC2_CBC, 9,
+ &kObjectData[384], 0},
+ {"PBKDF2", "PBKDF2", NID_id_pbkdf2, 9, &kObjectData[393], 0},
+ {"DSA-SHA1-old", "dsaWithSHA1-old", NID_dsaWithSHA1_2, 5, &kObjectData[402],
+ 0},
+ {"nsCertType", "Netscape Cert Type", NID_netscape_cert_type, 9,
+ &kObjectData[407], 0},
+ {"nsBaseUrl", "Netscape Base Url", NID_netscape_base_url, 9,
+ &kObjectData[416], 0},
+ {"nsRevocationUrl", "Netscape Revocation Url", NID_netscape_revocation_url,
+ 9, &kObjectData[425], 0},
+ {"nsCaRevocationUrl", "Netscape CA Revocation Url",
+ NID_netscape_ca_revocation_url, 9, &kObjectData[434], 0},
+ {"nsRenewalUrl", "Netscape Renewal Url", NID_netscape_renewal_url, 9,
+ &kObjectData[443], 0},
+ {"nsCaPolicyUrl", "Netscape CA Policy Url", NID_netscape_ca_policy_url, 9,
+ &kObjectData[452], 0},
+ {"nsSslServerName", "Netscape SSL Server Name",
+ NID_netscape_ssl_server_name, 9, &kObjectData[461], 0},
+ {"nsComment", "Netscape Comment", NID_netscape_comment, 9,
+ &kObjectData[470], 0},
+ {"nsCertSequence", "Netscape Certificate Sequence",
+ NID_netscape_cert_sequence, 9, &kObjectData[479], 0},
+ {"DESX-CBC", "desx-cbc", NID_desx_cbc, 0, NULL, 0},
+ {"id-ce", "id-ce", NID_id_ce, 2, &kObjectData[488], 0},
+ {"subjectKeyIdentifier", "X509v3 Subject Key Identifier",
+ NID_subject_key_identifier, 3, &kObjectData[490], 0},
+ {"keyUsage", "X509v3 Key Usage", NID_key_usage, 3, &kObjectData[493], 0},
+ {"privateKeyUsagePeriod", "X509v3 Private Key Usage Period",
+ NID_private_key_usage_period, 3, &kObjectData[496], 0},
+ {"subjectAltName", "X509v3 Subject Alternative Name", NID_subject_alt_name,
+ 3, &kObjectData[499], 0},
+ {"issuerAltName", "X509v3 Issuer Alternative Name", NID_issuer_alt_name, 3,
+ &kObjectData[502], 0},
+ {"basicConstraints", "X509v3 Basic Constraints", NID_basic_constraints, 3,
+ &kObjectData[505], 0},
+ {"crlNumber", "X509v3 CRL Number", NID_crl_number, 3, &kObjectData[508], 0},
+ {"certificatePolicies", "X509v3 Certificate Policies",
+ NID_certificate_policies, 3, &kObjectData[511], 0},
+ {"authorityKeyIdentifier", "X509v3 Authority Key Identifier",
+ NID_authority_key_identifier, 3, &kObjectData[514], 0},
+ {"BF-CBC", "bf-cbc", NID_bf_cbc, 9, &kObjectData[517], 0},
+ {"BF-ECB", "bf-ecb", NID_bf_ecb, 0, NULL, 0},
+ {"BF-CFB", "bf-cfb", NID_bf_cfb64, 0, NULL, 0},
+ {"BF-OFB", "bf-ofb", NID_bf_ofb64, 0, NULL, 0},
+ {"MDC2", "mdc2", NID_mdc2, 4, &kObjectData[526], 0},
+ {"RSA-MDC2", "mdc2WithRSA", NID_mdc2WithRSA, 4, &kObjectData[530], 0},
+ {"RC4-40", "rc4-40", NID_rc4_40, 0, NULL, 0},
+ {"RC2-40-CBC", "rc2-40-cbc", NID_rc2_40_cbc, 0, NULL, 0},
+ {"GN", "givenName", NID_givenName, 3, &kObjectData[534], 0},
+ {"SN", "surname", NID_surname, 3, &kObjectData[537], 0},
+ {"initials", "initials", NID_initials, 3, &kObjectData[540], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"crlDistributionPoints", "X509v3 CRL Distribution Points",
+ NID_crl_distribution_points, 3, &kObjectData[543], 0},
+ {"RSA-NP-MD5", "md5WithRSA", NID_md5WithRSA, 5, &kObjectData[546], 0},
+ {"serialNumber", "serialNumber", NID_serialNumber, 3, &kObjectData[551], 0},
+ {"title", "title", NID_title, 3, &kObjectData[554], 0},
+ {"description", "description", NID_description, 3, &kObjectData[557], 0},
+ {"CAST5-CBC", "cast5-cbc", NID_cast5_cbc, 9, &kObjectData[560], 0},
+ {"CAST5-ECB", "cast5-ecb", NID_cast5_ecb, 0, NULL, 0},
+ {"CAST5-CFB", "cast5-cfb", NID_cast5_cfb64, 0, NULL, 0},
+ {"CAST5-OFB", "cast5-ofb", NID_cast5_ofb64, 0, NULL, 0},
+ {"pbeWithMD5AndCast5CBC", "pbeWithMD5AndCast5CBC",
+ NID_pbeWithMD5AndCast5_CBC, 9, &kObjectData[569], 0},
+ {"DSA-SHA1", "dsaWithSHA1", NID_dsaWithSHA1, 7, &kObjectData[578], 0},
+ {"MD5-SHA1", "md5-sha1", NID_md5_sha1, 0, NULL, 0},
+ {"RSA-SHA1-2", "sha1WithRSA", NID_sha1WithRSA, 5, &kObjectData[585], 0},
+ {"DSA", "dsaEncryption", NID_dsa, 7, &kObjectData[590], 0},
+ {"RIPEMD160", "ripemd160", NID_ripemd160, 5, &kObjectData[597], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"RSA-RIPEMD160", "ripemd160WithRSA", NID_ripemd160WithRSA, 6,
+ &kObjectData[602], 0},
+ {"RC5-CBC", "rc5-cbc", NID_rc5_cbc, 8, &kObjectData[608], 0},
+ {"RC5-ECB", "rc5-ecb", NID_rc5_ecb, 0, NULL, 0},
+ {"RC5-CFB", "rc5-cfb", NID_rc5_cfb64, 0, NULL, 0},
+ {"RC5-OFB", "rc5-ofb", NID_rc5_ofb64, 0, NULL, 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"ZLIB", "zlib compression", NID_zlib_compression, 11, &kObjectData[616],
+ 0},
+ {"extendedKeyUsage", "X509v3 Extended Key Usage", NID_ext_key_usage, 3,
+ &kObjectData[627], 0},
+ {"PKIX", "PKIX", NID_id_pkix, 6, &kObjectData[630], 0},
+ {"id-kp", "id-kp", NID_id_kp, 7, &kObjectData[636], 0},
+ {"serverAuth", "TLS Web Server Authentication", NID_server_auth, 8,
+ &kObjectData[643], 0},
+ {"clientAuth", "TLS Web Client Authentication", NID_client_auth, 8,
+ &kObjectData[651], 0},
+ {"codeSigning", "Code Signing", NID_code_sign, 8, &kObjectData[659], 0},
+ {"emailProtection", "E-mail Protection", NID_email_protect, 8,
+ &kObjectData[667], 0},
+ {"timeStamping", "Time Stamping", NID_time_stamp, 8, &kObjectData[675], 0},
+ {"msCodeInd", "Microsoft Individual Code Signing", NID_ms_code_ind, 10,
+ &kObjectData[683], 0},
+ {"msCodeCom", "Microsoft Commercial Code Signing", NID_ms_code_com, 10,
+ &kObjectData[693], 0},
+ {"msCTLSign", "Microsoft Trust List Signing", NID_ms_ctl_sign, 10,
+ &kObjectData[703], 0},
+ {"msSGC", "Microsoft Server Gated Crypto", NID_ms_sgc, 10,
+ &kObjectData[713], 0},
+ {"msEFS", "Microsoft Encrypted File System", NID_ms_efs, 10,
+ &kObjectData[723], 0},
+ {"nsSGC", "Netscape Server Gated Crypto", NID_ns_sgc, 9, &kObjectData[733],
+ 0},
+ {"deltaCRL", "X509v3 Delta CRL Indicator", NID_delta_crl, 3,
+ &kObjectData[742], 0},
+ {"CRLReason", "X509v3 CRL Reason Code", NID_crl_reason, 3,
+ &kObjectData[745], 0},
+ {"invalidityDate", "Invalidity Date", NID_invalidity_date, 3,
+ &kObjectData[748], 0},
+ {"SXNetID", "Strong Extranet ID", NID_sxnet, 5, &kObjectData[751], 0},
+ {"PBE-SHA1-RC4-128", "pbeWithSHA1And128BitRC4",
+ NID_pbe_WithSHA1And128BitRC4, 10, &kObjectData[756], 0},
+ {"PBE-SHA1-RC4-40", "pbeWithSHA1And40BitRC4", NID_pbe_WithSHA1And40BitRC4,
+ 10, &kObjectData[766], 0},
+ {"PBE-SHA1-3DES", "pbeWithSHA1And3-KeyTripleDES-CBC",
+ NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 10, &kObjectData[776], 0},
+ {"PBE-SHA1-2DES", "pbeWithSHA1And2-KeyTripleDES-CBC",
+ NID_pbe_WithSHA1And2_Key_TripleDES_CBC, 10, &kObjectData[786], 0},
+ {"PBE-SHA1-RC2-128", "pbeWithSHA1And128BitRC2-CBC",
+ NID_pbe_WithSHA1And128BitRC2_CBC, 10, &kObjectData[796], 0},
+ {"PBE-SHA1-RC2-40", "pbeWithSHA1And40BitRC2-CBC",
+ NID_pbe_WithSHA1And40BitRC2_CBC, 10, &kObjectData[806], 0},
+ {"keyBag", "keyBag", NID_keyBag, 11, &kObjectData[816], 0},
+ {"pkcs8ShroudedKeyBag", "pkcs8ShroudedKeyBag", NID_pkcs8ShroudedKeyBag, 11,
+ &kObjectData[827], 0},
+ {"certBag", "certBag", NID_certBag, 11, &kObjectData[838], 0},
+ {"crlBag", "crlBag", NID_crlBag, 11, &kObjectData[849], 0},
+ {"secretBag", "secretBag", NID_secretBag, 11, &kObjectData[860], 0},
+ {"safeContentsBag", "safeContentsBag", NID_safeContentsBag, 11,
+ &kObjectData[871], 0},
+ {"friendlyName", "friendlyName", NID_friendlyName, 9, &kObjectData[882], 0},
+ {"localKeyID", "localKeyID", NID_localKeyID, 9, &kObjectData[891], 0},
+ {"x509Certificate", "x509Certificate", NID_x509Certificate, 10,
+ &kObjectData[900], 0},
+ {"sdsiCertificate", "sdsiCertificate", NID_sdsiCertificate, 10,
+ &kObjectData[910], 0},
+ {"x509Crl", "x509Crl", NID_x509Crl, 10, &kObjectData[920], 0},
+ {"PBES2", "PBES2", NID_pbes2, 9, &kObjectData[930], 0},
+ {"PBMAC1", "PBMAC1", NID_pbmac1, 9, &kObjectData[939], 0},
+ {"hmacWithSHA1", "hmacWithSHA1", NID_hmacWithSHA1, 8, &kObjectData[948], 0},
+ {"id-qt-cps", "Policy Qualifier CPS", NID_id_qt_cps, 8, &kObjectData[956],
+ 0},
+ {"id-qt-unotice", "Policy Qualifier User Notice", NID_id_qt_unotice, 8,
+ &kObjectData[964], 0},
+ {"RC2-64-CBC", "rc2-64-cbc", NID_rc2_64_cbc, 0, NULL, 0},
+ {"SMIME-CAPS", "S/MIME Capabilities", NID_SMIMECapabilities, 9,
+ &kObjectData[972], 0},
+ {"PBE-MD2-RC2-64", "pbeWithMD2AndRC2-CBC", NID_pbeWithMD2AndRC2_CBC, 9,
+ &kObjectData[981], 0},
+ {"PBE-MD5-RC2-64", "pbeWithMD5AndRC2-CBC", NID_pbeWithMD5AndRC2_CBC, 9,
+ &kObjectData[990], 0},
+ {"PBE-SHA1-DES", "pbeWithSHA1AndDES-CBC", NID_pbeWithSHA1AndDES_CBC, 9,
+ &kObjectData[999], 0},
+ {"msExtReq", "Microsoft Extension Request", NID_ms_ext_req, 10,
+ &kObjectData[1008], 0},
+ {"extReq", "Extension Request", NID_ext_req, 9, &kObjectData[1018], 0},
+ {"name", "name", NID_name, 3, &kObjectData[1027], 0},
+ {"dnQualifier", "dnQualifier", NID_dnQualifier, 3, &kObjectData[1030], 0},
+ {"id-pe", "id-pe", NID_id_pe, 7, &kObjectData[1033], 0},
+ {"id-ad", "id-ad", NID_id_ad, 7, &kObjectData[1040], 0},
+ {"authorityInfoAccess", "Authority Information Access", NID_info_access, 8,
+ &kObjectData[1047], 0},
+ {"OCSP", "OCSP", NID_ad_OCSP, 8, &kObjectData[1055], 0},
+ {"caIssuers", "CA Issuers", NID_ad_ca_issuers, 8, &kObjectData[1063], 0},
+ {"OCSPSigning", "OCSP Signing", NID_OCSP_sign, 8, &kObjectData[1071], 0},
+ {"ISO", "iso", NID_iso, 0, NULL, 0},
+ {"member-body", "ISO Member Body", NID_member_body, 1, &kObjectData[1079],
+ 0},
+ {"ISO-US", "ISO US Member Body", NID_ISO_US, 3, &kObjectData[1080], 0},
+ {"X9-57", "X9.57", NID_X9_57, 5, &kObjectData[1083], 0},
+ {"X9cm", "X9.57 CM ?", NID_X9cm, 6, &kObjectData[1088], 0},
+ {"pkcs1", "pkcs1", NID_pkcs1, 8, &kObjectData[1094], 0},
+ {"pkcs5", "pkcs5", NID_pkcs5, 8, &kObjectData[1102], 0},
+ {"SMIME", "S/MIME", NID_SMIME, 9, &kObjectData[1110], 0},
+ {"id-smime-mod", "id-smime-mod", NID_id_smime_mod, 10, &kObjectData[1119],
+ 0},
+ {"id-smime-ct", "id-smime-ct", NID_id_smime_ct, 10, &kObjectData[1129], 0},
+ {"id-smime-aa", "id-smime-aa", NID_id_smime_aa, 10, &kObjectData[1139], 0},
+ {"id-smime-alg", "id-smime-alg", NID_id_smime_alg, 10, &kObjectData[1149],
+ 0},
+ {"id-smime-cd", "id-smime-cd", NID_id_smime_cd, 10, &kObjectData[1159], 0},
+ {"id-smime-spq", "id-smime-spq", NID_id_smime_spq, 10, &kObjectData[1169],
+ 0},
+ {"id-smime-cti", "id-smime-cti", NID_id_smime_cti, 10, &kObjectData[1179],
+ 0},
+ {"id-smime-mod-cms", "id-smime-mod-cms", NID_id_smime_mod_cms, 11,
+ &kObjectData[1189], 0},
+ {"id-smime-mod-ess", "id-smime-mod-ess", NID_id_smime_mod_ess, 11,
+ &kObjectData[1200], 0},
+ {"id-smime-mod-oid", "id-smime-mod-oid", NID_id_smime_mod_oid, 11,
+ &kObjectData[1211], 0},
+ {"id-smime-mod-msg-v3", "id-smime-mod-msg-v3", NID_id_smime_mod_msg_v3, 11,
+ &kObjectData[1222], 0},
+ {"id-smime-mod-ets-eSignature-88", "id-smime-mod-ets-eSignature-88",
+ NID_id_smime_mod_ets_eSignature_88, 11, &kObjectData[1233], 0},
+ {"id-smime-mod-ets-eSignature-97", "id-smime-mod-ets-eSignature-97",
+ NID_id_smime_mod_ets_eSignature_97, 11, &kObjectData[1244], 0},
+ {"id-smime-mod-ets-eSigPolicy-88", "id-smime-mod-ets-eSigPolicy-88",
+ NID_id_smime_mod_ets_eSigPolicy_88, 11, &kObjectData[1255], 0},
+ {"id-smime-mod-ets-eSigPolicy-97", "id-smime-mod-ets-eSigPolicy-97",
+ NID_id_smime_mod_ets_eSigPolicy_97, 11, &kObjectData[1266], 0},
+ {"id-smime-ct-receipt", "id-smime-ct-receipt", NID_id_smime_ct_receipt, 11,
+ &kObjectData[1277], 0},
+ {"id-smime-ct-authData", "id-smime-ct-authData", NID_id_smime_ct_authData,
+ 11, &kObjectData[1288], 0},
+ {"id-smime-ct-publishCert", "id-smime-ct-publishCert",
+ NID_id_smime_ct_publishCert, 11, &kObjectData[1299], 0},
+ {"id-smime-ct-TSTInfo", "id-smime-ct-TSTInfo", NID_id_smime_ct_TSTInfo, 11,
+ &kObjectData[1310], 0},
+ {"id-smime-ct-TDTInfo", "id-smime-ct-TDTInfo", NID_id_smime_ct_TDTInfo, 11,
+ &kObjectData[1321], 0},
+ {"id-smime-ct-contentInfo", "id-smime-ct-contentInfo",
+ NID_id_smime_ct_contentInfo, 11, &kObjectData[1332], 0},
+ {"id-smime-ct-DVCSRequestData", "id-smime-ct-DVCSRequestData",
+ NID_id_smime_ct_DVCSRequestData, 11, &kObjectData[1343], 0},
+ {"id-smime-ct-DVCSResponseData", "id-smime-ct-DVCSResponseData",
+ NID_id_smime_ct_DVCSResponseData, 11, &kObjectData[1354], 0},
+ {"id-smime-aa-receiptRequest", "id-smime-aa-receiptRequest",
+ NID_id_smime_aa_receiptRequest, 11, &kObjectData[1365], 0},
+ {"id-smime-aa-securityLabel", "id-smime-aa-securityLabel",
+ NID_id_smime_aa_securityLabel, 11, &kObjectData[1376], 0},
+ {"id-smime-aa-mlExpandHistory", "id-smime-aa-mlExpandHistory",
+ NID_id_smime_aa_mlExpandHistory, 11, &kObjectData[1387], 0},
+ {"id-smime-aa-contentHint", "id-smime-aa-contentHint",
+ NID_id_smime_aa_contentHint, 11, &kObjectData[1398], 0},
+ {"id-smime-aa-msgSigDigest", "id-smime-aa-msgSigDigest",
+ NID_id_smime_aa_msgSigDigest, 11, &kObjectData[1409], 0},
+ {"id-smime-aa-encapContentType", "id-smime-aa-encapContentType",
+ NID_id_smime_aa_encapContentType, 11, &kObjectData[1420], 0},
+ {"id-smime-aa-contentIdentifier", "id-smime-aa-contentIdentifier",
+ NID_id_smime_aa_contentIdentifier, 11, &kObjectData[1431], 0},
+ {"id-smime-aa-macValue", "id-smime-aa-macValue", NID_id_smime_aa_macValue,
+ 11, &kObjectData[1442], 0},
+ {"id-smime-aa-equivalentLabels", "id-smime-aa-equivalentLabels",
+ NID_id_smime_aa_equivalentLabels, 11, &kObjectData[1453], 0},
+ {"id-smime-aa-contentReference", "id-smime-aa-contentReference",
+ NID_id_smime_aa_contentReference, 11, &kObjectData[1464], 0},
+ {"id-smime-aa-encrypKeyPref", "id-smime-aa-encrypKeyPref",
+ NID_id_smime_aa_encrypKeyPref, 11, &kObjectData[1475], 0},
+ {"id-smime-aa-signingCertificate", "id-smime-aa-signingCertificate",
+ NID_id_smime_aa_signingCertificate, 11, &kObjectData[1486], 0},
+ {"id-smime-aa-smimeEncryptCerts", "id-smime-aa-smimeEncryptCerts",
+ NID_id_smime_aa_smimeEncryptCerts, 11, &kObjectData[1497], 0},
+ {"id-smime-aa-timeStampToken", "id-smime-aa-timeStampToken",
+ NID_id_smime_aa_timeStampToken, 11, &kObjectData[1508], 0},
+ {"id-smime-aa-ets-sigPolicyId", "id-smime-aa-ets-sigPolicyId",
+ NID_id_smime_aa_ets_sigPolicyId, 11, &kObjectData[1519], 0},
+ {"id-smime-aa-ets-commitmentType", "id-smime-aa-ets-commitmentType",
+ NID_id_smime_aa_ets_commitmentType, 11, &kObjectData[1530], 0},
+ {"id-smime-aa-ets-signerLocation", "id-smime-aa-ets-signerLocation",
+ NID_id_smime_aa_ets_signerLocation, 11, &kObjectData[1541], 0},
+ {"id-smime-aa-ets-signerAttr", "id-smime-aa-ets-signerAttr",
+ NID_id_smime_aa_ets_signerAttr, 11, &kObjectData[1552], 0},
+ {"id-smime-aa-ets-otherSigCert", "id-smime-aa-ets-otherSigCert",
+ NID_id_smime_aa_ets_otherSigCert, 11, &kObjectData[1563], 0},
+ {"id-smime-aa-ets-contentTimestamp", "id-smime-aa-ets-contentTimestamp",
+ NID_id_smime_aa_ets_contentTimestamp, 11, &kObjectData[1574], 0},
+ {"id-smime-aa-ets-CertificateRefs", "id-smime-aa-ets-CertificateRefs",
+ NID_id_smime_aa_ets_CertificateRefs, 11, &kObjectData[1585], 0},
+ {"id-smime-aa-ets-RevocationRefs", "id-smime-aa-ets-RevocationRefs",
+ NID_id_smime_aa_ets_RevocationRefs, 11, &kObjectData[1596], 0},
+ {"id-smime-aa-ets-certValues", "id-smime-aa-ets-certValues",
+ NID_id_smime_aa_ets_certValues, 11, &kObjectData[1607], 0},
+ {"id-smime-aa-ets-revocationValues", "id-smime-aa-ets-revocationValues",
+ NID_id_smime_aa_ets_revocationValues, 11, &kObjectData[1618], 0},
+ {"id-smime-aa-ets-escTimeStamp", "id-smime-aa-ets-escTimeStamp",
+ NID_id_smime_aa_ets_escTimeStamp, 11, &kObjectData[1629], 0},
+ {"id-smime-aa-ets-certCRLTimestamp", "id-smime-aa-ets-certCRLTimestamp",
+ NID_id_smime_aa_ets_certCRLTimestamp, 11, &kObjectData[1640], 0},
+ {"id-smime-aa-ets-archiveTimeStamp", "id-smime-aa-ets-archiveTimeStamp",
+ NID_id_smime_aa_ets_archiveTimeStamp, 11, &kObjectData[1651], 0},
+ {"id-smime-aa-signatureType", "id-smime-aa-signatureType",
+ NID_id_smime_aa_signatureType, 11, &kObjectData[1662], 0},
+ {"id-smime-aa-dvcs-dvc", "id-smime-aa-dvcs-dvc", NID_id_smime_aa_dvcs_dvc,
+ 11, &kObjectData[1673], 0},
+ {"id-smime-alg-ESDHwith3DES", "id-smime-alg-ESDHwith3DES",
+ NID_id_smime_alg_ESDHwith3DES, 11, &kObjectData[1684], 0},
+ {"id-smime-alg-ESDHwithRC2", "id-smime-alg-ESDHwithRC2",
+ NID_id_smime_alg_ESDHwithRC2, 11, &kObjectData[1695], 0},
+ {"id-smime-alg-3DESwrap", "id-smime-alg-3DESwrap",
+ NID_id_smime_alg_3DESwrap, 11, &kObjectData[1706], 0},
+ {"id-smime-alg-RC2wrap", "id-smime-alg-RC2wrap", NID_id_smime_alg_RC2wrap,
+ 11, &kObjectData[1717], 0},
+ {"id-smime-alg-ESDH", "id-smime-alg-ESDH", NID_id_smime_alg_ESDH, 11,
+ &kObjectData[1728], 0},
+ {"id-smime-alg-CMS3DESwrap", "id-smime-alg-CMS3DESwrap",
+ NID_id_smime_alg_CMS3DESwrap, 11, &kObjectData[1739], 0},
+ {"id-smime-alg-CMSRC2wrap", "id-smime-alg-CMSRC2wrap",
+ NID_id_smime_alg_CMSRC2wrap, 11, &kObjectData[1750], 0},
+ {"id-smime-cd-ldap", "id-smime-cd-ldap", NID_id_smime_cd_ldap, 11,
+ &kObjectData[1761], 0},
+ {"id-smime-spq-ets-sqt-uri", "id-smime-spq-ets-sqt-uri",
+ NID_id_smime_spq_ets_sqt_uri, 11, &kObjectData[1772], 0},
+ {"id-smime-spq-ets-sqt-unotice", "id-smime-spq-ets-sqt-unotice",
+ NID_id_smime_spq_ets_sqt_unotice, 11, &kObjectData[1783], 0},
+ {"id-smime-cti-ets-proofOfOrigin", "id-smime-cti-ets-proofOfOrigin",
+ NID_id_smime_cti_ets_proofOfOrigin, 11, &kObjectData[1794], 0},
+ {"id-smime-cti-ets-proofOfReceipt", "id-smime-cti-ets-proofOfReceipt",
+ NID_id_smime_cti_ets_proofOfReceipt, 11, &kObjectData[1805], 0},
+ {"id-smime-cti-ets-proofOfDelivery", "id-smime-cti-ets-proofOfDelivery",
+ NID_id_smime_cti_ets_proofOfDelivery, 11, &kObjectData[1816], 0},
+ {"id-smime-cti-ets-proofOfSender", "id-smime-cti-ets-proofOfSender",
+ NID_id_smime_cti_ets_proofOfSender, 11, &kObjectData[1827], 0},
+ {"id-smime-cti-ets-proofOfApproval", "id-smime-cti-ets-proofOfApproval",
+ NID_id_smime_cti_ets_proofOfApproval, 11, &kObjectData[1838], 0},
+ {"id-smime-cti-ets-proofOfCreation", "id-smime-cti-ets-proofOfCreation",
+ NID_id_smime_cti_ets_proofOfCreation, 11, &kObjectData[1849], 0},
+ {"MD4", "md4", NID_md4, 8, &kObjectData[1860], 0},
+ {"id-pkix-mod", "id-pkix-mod", NID_id_pkix_mod, 7, &kObjectData[1868], 0},
+ {"id-qt", "id-qt", NID_id_qt, 7, &kObjectData[1875], 0},
+ {"id-it", "id-it", NID_id_it, 7, &kObjectData[1882], 0},
+ {"id-pkip", "id-pkip", NID_id_pkip, 7, &kObjectData[1889], 0},
+ {"id-alg", "id-alg", NID_id_alg, 7, &kObjectData[1896], 0},
+ {"id-cmc", "id-cmc", NID_id_cmc, 7, &kObjectData[1903], 0},
+ {"id-on", "id-on", NID_id_on, 7, &kObjectData[1910], 0},
+ {"id-pda", "id-pda", NID_id_pda, 7, &kObjectData[1917], 0},
+ {"id-aca", "id-aca", NID_id_aca, 7, &kObjectData[1924], 0},
+ {"id-qcs", "id-qcs", NID_id_qcs, 7, &kObjectData[1931], 0},
+ {"id-cct", "id-cct", NID_id_cct, 7, &kObjectData[1938], 0},
+ {"id-pkix1-explicit-88", "id-pkix1-explicit-88", NID_id_pkix1_explicit_88,
+ 8, &kObjectData[1945], 0},
+ {"id-pkix1-implicit-88", "id-pkix1-implicit-88", NID_id_pkix1_implicit_88,
+ 8, &kObjectData[1953], 0},
+ {"id-pkix1-explicit-93", "id-pkix1-explicit-93", NID_id_pkix1_explicit_93,
+ 8, &kObjectData[1961], 0},
+ {"id-pkix1-implicit-93", "id-pkix1-implicit-93", NID_id_pkix1_implicit_93,
+ 8, &kObjectData[1969], 0},
+ {"id-mod-crmf", "id-mod-crmf", NID_id_mod_crmf, 8, &kObjectData[1977], 0},
+ {"id-mod-cmc", "id-mod-cmc", NID_id_mod_cmc, 8, &kObjectData[1985], 0},
+ {"id-mod-kea-profile-88", "id-mod-kea-profile-88",
+ NID_id_mod_kea_profile_88, 8, &kObjectData[1993], 0},
+ {"id-mod-kea-profile-93", "id-mod-kea-profile-93",
+ NID_id_mod_kea_profile_93, 8, &kObjectData[2001], 0},
+ {"id-mod-cmp", "id-mod-cmp", NID_id_mod_cmp, 8, &kObjectData[2009], 0},
+ {"id-mod-qualified-cert-88", "id-mod-qualified-cert-88",
+ NID_id_mod_qualified_cert_88, 8, &kObjectData[2017], 0},
+ {"id-mod-qualified-cert-93", "id-mod-qualified-cert-93",
+ NID_id_mod_qualified_cert_93, 8, &kObjectData[2025], 0},
+ {"id-mod-attribute-cert", "id-mod-attribute-cert",
+ NID_id_mod_attribute_cert, 8, &kObjectData[2033], 0},
+ {"id-mod-timestamp-protocol", "id-mod-timestamp-protocol",
+ NID_id_mod_timestamp_protocol, 8, &kObjectData[2041], 0},
+ {"id-mod-ocsp", "id-mod-ocsp", NID_id_mod_ocsp, 8, &kObjectData[2049], 0},
+ {"id-mod-dvcs", "id-mod-dvcs", NID_id_mod_dvcs, 8, &kObjectData[2057], 0},
+ {"id-mod-cmp2000", "id-mod-cmp2000", NID_id_mod_cmp2000, 8,
+ &kObjectData[2065], 0},
+ {"biometricInfo", "Biometric Info", NID_biometricInfo, 8,
+ &kObjectData[2073], 0},
+ {"qcStatements", "qcStatements", NID_qcStatements, 8, &kObjectData[2081],
+ 0},
+ {"ac-auditEntity", "ac-auditEntity", NID_ac_auditEntity, 8,
+ &kObjectData[2089], 0},
+ {"ac-targeting", "ac-targeting", NID_ac_targeting, 8, &kObjectData[2097],
+ 0},
+ {"aaControls", "aaControls", NID_aaControls, 8, &kObjectData[2105], 0},
+ {"sbgp-ipAddrBlock", "sbgp-ipAddrBlock", NID_sbgp_ipAddrBlock, 8,
+ &kObjectData[2113], 0},
+ {"sbgp-autonomousSysNum", "sbgp-autonomousSysNum",
+ NID_sbgp_autonomousSysNum, 8, &kObjectData[2121], 0},
+ {"sbgp-routerIdentifier", "sbgp-routerIdentifier",
+ NID_sbgp_routerIdentifier, 8, &kObjectData[2129], 0},
+ {"textNotice", "textNotice", NID_textNotice, 8, &kObjectData[2137], 0},
+ {"ipsecEndSystem", "IPSec End System", NID_ipsecEndSystem, 8,
+ &kObjectData[2145], 0},
+ {"ipsecTunnel", "IPSec Tunnel", NID_ipsecTunnel, 8, &kObjectData[2153], 0},
+ {"ipsecUser", "IPSec User", NID_ipsecUser, 8, &kObjectData[2161], 0},
+ {"DVCS", "dvcs", NID_dvcs, 8, &kObjectData[2169], 0},
+ {"id-it-caProtEncCert", "id-it-caProtEncCert", NID_id_it_caProtEncCert, 8,
+ &kObjectData[2177], 0},
+ {"id-it-signKeyPairTypes", "id-it-signKeyPairTypes",
+ NID_id_it_signKeyPairTypes, 8, &kObjectData[2185], 0},
+ {"id-it-encKeyPairTypes", "id-it-encKeyPairTypes",
+ NID_id_it_encKeyPairTypes, 8, &kObjectData[2193], 0},
+ {"id-it-preferredSymmAlg", "id-it-preferredSymmAlg",
+ NID_id_it_preferredSymmAlg, 8, &kObjectData[2201], 0},
+ {"id-it-caKeyUpdateInfo", "id-it-caKeyUpdateInfo",
+ NID_id_it_caKeyUpdateInfo, 8, &kObjectData[2209], 0},
+ {"id-it-currentCRL", "id-it-currentCRL", NID_id_it_currentCRL, 8,
+ &kObjectData[2217], 0},
+ {"id-it-unsupportedOIDs", "id-it-unsupportedOIDs",
+ NID_id_it_unsupportedOIDs, 8, &kObjectData[2225], 0},
+ {"id-it-subscriptionRequest", "id-it-subscriptionRequest",
+ NID_id_it_subscriptionRequest, 8, &kObjectData[2233], 0},
+ {"id-it-subscriptionResponse", "id-it-subscriptionResponse",
+ NID_id_it_subscriptionResponse, 8, &kObjectData[2241], 0},
+ {"id-it-keyPairParamReq", "id-it-keyPairParamReq",
+ NID_id_it_keyPairParamReq, 8, &kObjectData[2249], 0},
+ {"id-it-keyPairParamRep", "id-it-keyPairParamRep",
+ NID_id_it_keyPairParamRep, 8, &kObjectData[2257], 0},
+ {"id-it-revPassphrase", "id-it-revPassphrase", NID_id_it_revPassphrase, 8,
+ &kObjectData[2265], 0},
+ {"id-it-implicitConfirm", "id-it-implicitConfirm",
+ NID_id_it_implicitConfirm, 8, &kObjectData[2273], 0},
+ {"id-it-confirmWaitTime", "id-it-confirmWaitTime",
+ NID_id_it_confirmWaitTime, 8, &kObjectData[2281], 0},
+ {"id-it-origPKIMessage", "id-it-origPKIMessage", NID_id_it_origPKIMessage,
+ 8, &kObjectData[2289], 0},
+ {"id-regCtrl", "id-regCtrl", NID_id_regCtrl, 8, &kObjectData[2297], 0},
+ {"id-regInfo", "id-regInfo", NID_id_regInfo, 8, &kObjectData[2305], 0},
+ {"id-regCtrl-regToken", "id-regCtrl-regToken", NID_id_regCtrl_regToken, 9,
+ &kObjectData[2313], 0},
+ {"id-regCtrl-authenticator", "id-regCtrl-authenticator",
+ NID_id_regCtrl_authenticator, 9, &kObjectData[2322], 0},
+ {"id-regCtrl-pkiPublicationInfo", "id-regCtrl-pkiPublicationInfo",
+ NID_id_regCtrl_pkiPublicationInfo, 9, &kObjectData[2331], 0},
+ {"id-regCtrl-pkiArchiveOptions", "id-regCtrl-pkiArchiveOptions",
+ NID_id_regCtrl_pkiArchiveOptions, 9, &kObjectData[2340], 0},
+ {"id-regCtrl-oldCertID", "id-regCtrl-oldCertID", NID_id_regCtrl_oldCertID,
+ 9, &kObjectData[2349], 0},
+ {"id-regCtrl-protocolEncrKey", "id-regCtrl-protocolEncrKey",
+ NID_id_regCtrl_protocolEncrKey, 9, &kObjectData[2358], 0},
+ {"id-regInfo-utf8Pairs", "id-regInfo-utf8Pairs", NID_id_regInfo_utf8Pairs,
+ 9, &kObjectData[2367], 0},
+ {"id-regInfo-certReq", "id-regInfo-certReq", NID_id_regInfo_certReq, 9,
+ &kObjectData[2376], 0},
+ {"id-alg-des40", "id-alg-des40", NID_id_alg_des40, 8, &kObjectData[2385],
+ 0},
+ {"id-alg-noSignature", "id-alg-noSignature", NID_id_alg_noSignature, 8,
+ &kObjectData[2393], 0},
+ {"id-alg-dh-sig-hmac-sha1", "id-alg-dh-sig-hmac-sha1",
+ NID_id_alg_dh_sig_hmac_sha1, 8, &kObjectData[2401], 0},
+ {"id-alg-dh-pop", "id-alg-dh-pop", NID_id_alg_dh_pop, 8, &kObjectData[2409],
+ 0},
+ {"id-cmc-statusInfo", "id-cmc-statusInfo", NID_id_cmc_statusInfo, 8,
+ &kObjectData[2417], 0},
+ {"id-cmc-identification", "id-cmc-identification",
+ NID_id_cmc_identification, 8, &kObjectData[2425], 0},
+ {"id-cmc-identityProof", "id-cmc-identityProof", NID_id_cmc_identityProof,
+ 8, &kObjectData[2433], 0},
+ {"id-cmc-dataReturn", "id-cmc-dataReturn", NID_id_cmc_dataReturn, 8,
+ &kObjectData[2441], 0},
+ {"id-cmc-transactionId", "id-cmc-transactionId", NID_id_cmc_transactionId,
+ 8, &kObjectData[2449], 0},
+ {"id-cmc-senderNonce", "id-cmc-senderNonce", NID_id_cmc_senderNonce, 8,
+ &kObjectData[2457], 0},
+ {"id-cmc-recipientNonce", "id-cmc-recipientNonce",
+ NID_id_cmc_recipientNonce, 8, &kObjectData[2465], 0},
+ {"id-cmc-addExtensions", "id-cmc-addExtensions", NID_id_cmc_addExtensions,
+ 8, &kObjectData[2473], 0},
+ {"id-cmc-encryptedPOP", "id-cmc-encryptedPOP", NID_id_cmc_encryptedPOP, 8,
+ &kObjectData[2481], 0},
+ {"id-cmc-decryptedPOP", "id-cmc-decryptedPOP", NID_id_cmc_decryptedPOP, 8,
+ &kObjectData[2489], 0},
+ {"id-cmc-lraPOPWitness", "id-cmc-lraPOPWitness", NID_id_cmc_lraPOPWitness,
+ 8, &kObjectData[2497], 0},
+ {"id-cmc-getCert", "id-cmc-getCert", NID_id_cmc_getCert, 8,
+ &kObjectData[2505], 0},
+ {"id-cmc-getCRL", "id-cmc-getCRL", NID_id_cmc_getCRL, 8, &kObjectData[2513],
+ 0},
+ {"id-cmc-revokeRequest", "id-cmc-revokeRequest", NID_id_cmc_revokeRequest,
+ 8, &kObjectData[2521], 0},
+ {"id-cmc-regInfo", "id-cmc-regInfo", NID_id_cmc_regInfo, 8,
+ &kObjectData[2529], 0},
+ {"id-cmc-responseInfo", "id-cmc-responseInfo", NID_id_cmc_responseInfo, 8,
+ &kObjectData[2537], 0},
+ {"id-cmc-queryPending", "id-cmc-queryPending", NID_id_cmc_queryPending, 8,
+ &kObjectData[2545], 0},
+ {"id-cmc-popLinkRandom", "id-cmc-popLinkRandom", NID_id_cmc_popLinkRandom,
+ 8, &kObjectData[2553], 0},
+ {"id-cmc-popLinkWitness", "id-cmc-popLinkWitness",
+ NID_id_cmc_popLinkWitness, 8, &kObjectData[2561], 0},
+ {"id-cmc-confirmCertAcceptance", "id-cmc-confirmCertAcceptance",
+ NID_id_cmc_confirmCertAcceptance, 8, &kObjectData[2569], 0},
+ {"id-on-personalData", "id-on-personalData", NID_id_on_personalData, 8,
+ &kObjectData[2577], 0},
+ {"id-pda-dateOfBirth", "id-pda-dateOfBirth", NID_id_pda_dateOfBirth, 8,
+ &kObjectData[2585], 0},
+ {"id-pda-placeOfBirth", "id-pda-placeOfBirth", NID_id_pda_placeOfBirth, 8,
+ &kObjectData[2593], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"id-pda-gender", "id-pda-gender", NID_id_pda_gender, 8, &kObjectData[2601],
+ 0},
+ {"id-pda-countryOfCitizenship", "id-pda-countryOfCitizenship",
+ NID_id_pda_countryOfCitizenship, 8, &kObjectData[2609], 0},
+ {"id-pda-countryOfResidence", "id-pda-countryOfResidence",
+ NID_id_pda_countryOfResidence, 8, &kObjectData[2617], 0},
+ {"id-aca-authenticationInfo", "id-aca-authenticationInfo",
+ NID_id_aca_authenticationInfo, 8, &kObjectData[2625], 0},
+ {"id-aca-accessIdentity", "id-aca-accessIdentity",
+ NID_id_aca_accessIdentity, 8, &kObjectData[2633], 0},
+ {"id-aca-chargingIdentity", "id-aca-chargingIdentity",
+ NID_id_aca_chargingIdentity, 8, &kObjectData[2641], 0},
+ {"id-aca-group", "id-aca-group", NID_id_aca_group, 8, &kObjectData[2649],
+ 0},
+ {"id-aca-role", "id-aca-role", NID_id_aca_role, 8, &kObjectData[2657], 0},
+ {"id-qcs-pkixQCSyntax-v1", "id-qcs-pkixQCSyntax-v1",
+ NID_id_qcs_pkixQCSyntax_v1, 8, &kObjectData[2665], 0},
+ {"id-cct-crs", "id-cct-crs", NID_id_cct_crs, 8, &kObjectData[2673], 0},
+ {"id-cct-PKIData", "id-cct-PKIData", NID_id_cct_PKIData, 8,
+ &kObjectData[2681], 0},
+ {"id-cct-PKIResponse", "id-cct-PKIResponse", NID_id_cct_PKIResponse, 8,
+ &kObjectData[2689], 0},
+ {"ad_timestamping", "AD Time Stamping", NID_ad_timeStamping, 8,
+ &kObjectData[2697], 0},
+ {"AD_DVCS", "ad dvcs", NID_ad_dvcs, 8, &kObjectData[2705], 0},
+ {"basicOCSPResponse", "Basic OCSP Response", NID_id_pkix_OCSP_basic, 9,
+ &kObjectData[2713], 0},
+ {"Nonce", "OCSP Nonce", NID_id_pkix_OCSP_Nonce, 9, &kObjectData[2722], 0},
+ {"CrlID", "OCSP CRL ID", NID_id_pkix_OCSP_CrlID, 9, &kObjectData[2731], 0},
+ {"acceptableResponses", "Acceptable OCSP Responses",
+ NID_id_pkix_OCSP_acceptableResponses, 9, &kObjectData[2740], 0},
+ {"noCheck", "OCSP No Check", NID_id_pkix_OCSP_noCheck, 9,
+ &kObjectData[2749], 0},
+ {"archiveCutoff", "OCSP Archive Cutoff", NID_id_pkix_OCSP_archiveCutoff, 9,
+ &kObjectData[2758], 0},
+ {"serviceLocator", "OCSP Service Locator", NID_id_pkix_OCSP_serviceLocator,
+ 9, &kObjectData[2767], 0},
+ {"extendedStatus", "Extended OCSP Status", NID_id_pkix_OCSP_extendedStatus,
+ 9, &kObjectData[2776], 0},
+ {"valid", "valid", NID_id_pkix_OCSP_valid, 9, &kObjectData[2785], 0},
+ {"path", "path", NID_id_pkix_OCSP_path, 9, &kObjectData[2794], 0},
+ {"trustRoot", "Trust Root", NID_id_pkix_OCSP_trustRoot, 9,
+ &kObjectData[2803], 0},
+ {"algorithm", "algorithm", NID_algorithm, 4, &kObjectData[2812], 0},
+ {"rsaSignature", "rsaSignature", NID_rsaSignature, 5, &kObjectData[2816],
+ 0},
+ {"X500algorithms", "directory services - algorithms", NID_X500algorithms, 2,
+ &kObjectData[2821], 0},
+ {"ORG", "org", NID_org, 1, &kObjectData[2823], 0},
+ {"DOD", "dod", NID_dod, 2, &kObjectData[2824], 0},
+ {"IANA", "iana", NID_iana, 3, &kObjectData[2826], 0},
+ {"directory", "Directory", NID_Directory, 4, &kObjectData[2829], 0},
+ {"mgmt", "Management", NID_Management, 4, &kObjectData[2833], 0},
+ {"experimental", "Experimental", NID_Experimental, 4, &kObjectData[2837],
+ 0},
+ {"private", "Private", NID_Private, 4, &kObjectData[2841], 0},
+ {"security", "Security", NID_Security, 4, &kObjectData[2845], 0},
+ {"snmpv2", "SNMPv2", NID_SNMPv2, 4, &kObjectData[2849], 0},
+ {"Mail", "Mail", NID_Mail, 4, &kObjectData[2853], 0},
+ {"enterprises", "Enterprises", NID_Enterprises, 5, &kObjectData[2857], 0},
+ {"dcobject", "dcObject", NID_dcObject, 9, &kObjectData[2862], 0},
+ {"DC", "domainComponent", NID_domainComponent, 10, &kObjectData[2871], 0},
+ {"domain", "Domain", NID_Domain, 10, &kObjectData[2881], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"selected-attribute-types", "Selected Attribute Types",
+ NID_selected_attribute_types, 3, &kObjectData[2891], 0},
+ {"clearance", "clearance", NID_clearance, 4, &kObjectData[2894], 0},
+ {"RSA-MD4", "md4WithRSAEncryption", NID_md4WithRSAEncryption, 9,
+ &kObjectData[2898], 0},
+ {"ac-proxying", "ac-proxying", NID_ac_proxying, 8, &kObjectData[2907], 0},
+ {"subjectInfoAccess", "Subject Information Access", NID_sinfo_access, 8,
+ &kObjectData[2915], 0},
+ {"id-aca-encAttrs", "id-aca-encAttrs", NID_id_aca_encAttrs, 8,
+ &kObjectData[2923], 0},
+ {"role", "role", NID_role, 3, &kObjectData[2931], 0},
+ {"policyConstraints", "X509v3 Policy Constraints", NID_policy_constraints,
+ 3, &kObjectData[2934], 0},
+ {"targetInformation", "X509v3 AC Targeting", NID_target_information, 3,
+ &kObjectData[2937], 0},
+ {"noRevAvail", "X509v3 No Revocation Available", NID_no_rev_avail, 3,
+ &kObjectData[2940], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"ansi-X9-62", "ANSI X9.62", NID_ansi_X9_62, 5, &kObjectData[2943], 0},
+ {"prime-field", "prime-field", NID_X9_62_prime_field, 7, &kObjectData[2948],
+ 0},
+ {"characteristic-two-field", "characteristic-two-field",
+ NID_X9_62_characteristic_two_field, 7, &kObjectData[2955], 0},
+ {"id-ecPublicKey", "id-ecPublicKey", NID_X9_62_id_ecPublicKey, 7,
+ &kObjectData[2962], 0},
+ {"prime192v1", "prime192v1", NID_X9_62_prime192v1, 8, &kObjectData[2969],
+ 0},
+ {"prime192v2", "prime192v2", NID_X9_62_prime192v2, 8, &kObjectData[2977],
+ 0},
+ {"prime192v3", "prime192v3", NID_X9_62_prime192v3, 8, &kObjectData[2985],
+ 0},
+ {"prime239v1", "prime239v1", NID_X9_62_prime239v1, 8, &kObjectData[2993],
+ 0},
+ {"prime239v2", "prime239v2", NID_X9_62_prime239v2, 8, &kObjectData[3001],
+ 0},
+ {"prime239v3", "prime239v3", NID_X9_62_prime239v3, 8, &kObjectData[3009],
+ 0},
+ {"prime256v1", "prime256v1", NID_X9_62_prime256v1, 8, &kObjectData[3017],
+ 0},
+ {"ecdsa-with-SHA1", "ecdsa-with-SHA1", NID_ecdsa_with_SHA1, 7,
+ &kObjectData[3025], 0},
+ {"CSPName", "Microsoft CSP Name", NID_ms_csp_name, 9, &kObjectData[3032],
+ 0},
+ {"AES-128-ECB", "aes-128-ecb", NID_aes_128_ecb, 9, &kObjectData[3041], 0},
+ {"AES-128-CBC", "aes-128-cbc", NID_aes_128_cbc, 9, &kObjectData[3050], 0},
+ {"AES-128-OFB", "aes-128-ofb", NID_aes_128_ofb128, 9, &kObjectData[3059],
+ 0},
+ {"AES-128-CFB", "aes-128-cfb", NID_aes_128_cfb128, 9, &kObjectData[3068],
+ 0},
+ {"AES-192-ECB", "aes-192-ecb", NID_aes_192_ecb, 9, &kObjectData[3077], 0},
+ {"AES-192-CBC", "aes-192-cbc", NID_aes_192_cbc, 9, &kObjectData[3086], 0},
+ {"AES-192-OFB", "aes-192-ofb", NID_aes_192_ofb128, 9, &kObjectData[3095],
+ 0},
+ {"AES-192-CFB", "aes-192-cfb", NID_aes_192_cfb128, 9, &kObjectData[3104],
+ 0},
+ {"AES-256-ECB", "aes-256-ecb", NID_aes_256_ecb, 9, &kObjectData[3113], 0},
+ {"AES-256-CBC", "aes-256-cbc", NID_aes_256_cbc, 9, &kObjectData[3122], 0},
+ {"AES-256-OFB", "aes-256-ofb", NID_aes_256_ofb128, 9, &kObjectData[3131],
+ 0},
+ {"AES-256-CFB", "aes-256-cfb", NID_aes_256_cfb128, 9, &kObjectData[3140],
+ 0},
+ {"holdInstructionCode", "Hold Instruction Code", NID_hold_instruction_code,
+ 3, &kObjectData[3149], 0},
+ {"holdInstructionNone", "Hold Instruction None", NID_hold_instruction_none,
+ 7, &kObjectData[3152], 0},
+ {"holdInstructionCallIssuer", "Hold Instruction Call Issuer",
+ NID_hold_instruction_call_issuer, 7, &kObjectData[3159], 0},
+ {"holdInstructionReject", "Hold Instruction Reject",
+ NID_hold_instruction_reject, 7, &kObjectData[3166], 0},
+ {"data", "data", NID_data, 1, &kObjectData[3173], 0},
+ {"pss", "pss", NID_pss, 3, &kObjectData[3174], 0},
+ {"ucl", "ucl", NID_ucl, 7, &kObjectData[3177], 0},
+ {"pilot", "pilot", NID_pilot, 8, &kObjectData[3184], 0},
+ {"pilotAttributeType", "pilotAttributeType", NID_pilotAttributeType, 9,
+ &kObjectData[3192], 0},
+ {"pilotAttributeSyntax", "pilotAttributeSyntax", NID_pilotAttributeSyntax,
+ 9, &kObjectData[3201], 0},
+ {"pilotObjectClass", "pilotObjectClass", NID_pilotObjectClass, 9,
+ &kObjectData[3210], 0},
+ {"pilotGroups", "pilotGroups", NID_pilotGroups, 9, &kObjectData[3219], 0},
+ {"iA5StringSyntax", "iA5StringSyntax", NID_iA5StringSyntax, 10,
+ &kObjectData[3228], 0},
+ {"caseIgnoreIA5StringSyntax", "caseIgnoreIA5StringSyntax",
+ NID_caseIgnoreIA5StringSyntax, 10, &kObjectData[3238], 0},
+ {"pilotObject", "pilotObject", NID_pilotObject, 10, &kObjectData[3248], 0},
+ {"pilotPerson", "pilotPerson", NID_pilotPerson, 10, &kObjectData[3258], 0},
+ {"account", "account", NID_account, 10, &kObjectData[3268], 0},
+ {"document", "document", NID_document, 10, &kObjectData[3278], 0},
+ {"room", "room", NID_room, 10, &kObjectData[3288], 0},
+ {"documentSeries", "documentSeries", NID_documentSeries, 10,
+ &kObjectData[3298], 0},
+ {"rFC822localPart", "rFC822localPart", NID_rFC822localPart, 10,
+ &kObjectData[3308], 0},
+ {"dNSDomain", "dNSDomain", NID_dNSDomain, 10, &kObjectData[3318], 0},
+ {"domainRelatedObject", "domainRelatedObject", NID_domainRelatedObject, 10,
+ &kObjectData[3328], 0},
+ {"friendlyCountry", "friendlyCountry", NID_friendlyCountry, 10,
+ &kObjectData[3338], 0},
+ {"simpleSecurityObject", "simpleSecurityObject", NID_simpleSecurityObject,
+ 10, &kObjectData[3348], 0},
+ {"pilotOrganization", "pilotOrganization", NID_pilotOrganization, 10,
+ &kObjectData[3358], 0},
+ {"pilotDSA", "pilotDSA", NID_pilotDSA, 10, &kObjectData[3368], 0},
+ {"qualityLabelledData", "qualityLabelledData", NID_qualityLabelledData, 10,
+ &kObjectData[3378], 0},
+ {"UID", "userId", NID_userId, 10, &kObjectData[3388], 0},
+ {"textEncodedORAddress", "textEncodedORAddress", NID_textEncodedORAddress,
+ 10, &kObjectData[3398], 0},
+ {"mail", "rfc822Mailbox", NID_rfc822Mailbox, 10, &kObjectData[3408], 0},
+ {"info", "info", NID_info, 10, &kObjectData[3418], 0},
+ {"favouriteDrink", "favouriteDrink", NID_favouriteDrink, 10,
+ &kObjectData[3428], 0},
+ {"roomNumber", "roomNumber", NID_roomNumber, 10, &kObjectData[3438], 0},
+ {"photo", "photo", NID_photo, 10, &kObjectData[3448], 0},
+ {"userClass", "userClass", NID_userClass, 10, &kObjectData[3458], 0},
+ {"host", "host", NID_host, 10, &kObjectData[3468], 0},
+ {"manager", "manager", NID_manager, 10, &kObjectData[3478], 0},
+ {"documentIdentifier", "documentIdentifier", NID_documentIdentifier, 10,
+ &kObjectData[3488], 0},
+ {"documentTitle", "documentTitle", NID_documentTitle, 10,
+ &kObjectData[3498], 0},
+ {"documentVersion", "documentVersion", NID_documentVersion, 10,
+ &kObjectData[3508], 0},
+ {"documentAuthor", "documentAuthor", NID_documentAuthor, 10,
+ &kObjectData[3518], 0},
+ {"documentLocation", "documentLocation", NID_documentLocation, 10,
+ &kObjectData[3528], 0},
+ {"homeTelephoneNumber", "homeTelephoneNumber", NID_homeTelephoneNumber, 10,
+ &kObjectData[3538], 0},
+ {"secretary", "secretary", NID_secretary, 10, &kObjectData[3548], 0},
+ {"otherMailbox", "otherMailbox", NID_otherMailbox, 10, &kObjectData[3558],
+ 0},
+ {"lastModifiedTime", "lastModifiedTime", NID_lastModifiedTime, 10,
+ &kObjectData[3568], 0},
+ {"lastModifiedBy", "lastModifiedBy", NID_lastModifiedBy, 10,
+ &kObjectData[3578], 0},
+ {"aRecord", "aRecord", NID_aRecord, 10, &kObjectData[3588], 0},
+ {"pilotAttributeType27", "pilotAttributeType27", NID_pilotAttributeType27,
+ 10, &kObjectData[3598], 0},
+ {"mXRecord", "mXRecord", NID_mXRecord, 10, &kObjectData[3608], 0},
+ {"nSRecord", "nSRecord", NID_nSRecord, 10, &kObjectData[3618], 0},
+ {"sOARecord", "sOARecord", NID_sOARecord, 10, &kObjectData[3628], 0},
+ {"cNAMERecord", "cNAMERecord", NID_cNAMERecord, 10, &kObjectData[3638], 0},
+ {"associatedDomain", "associatedDomain", NID_associatedDomain, 10,
+ &kObjectData[3648], 0},
+ {"associatedName", "associatedName", NID_associatedName, 10,
+ &kObjectData[3658], 0},
+ {"homePostalAddress", "homePostalAddress", NID_homePostalAddress, 10,
+ &kObjectData[3668], 0},
+ {"personalTitle", "personalTitle", NID_personalTitle, 10,
+ &kObjectData[3678], 0},
+ {"mobileTelephoneNumber", "mobileTelephoneNumber",
+ NID_mobileTelephoneNumber, 10, &kObjectData[3688], 0},
+ {"pagerTelephoneNumber", "pagerTelephoneNumber", NID_pagerTelephoneNumber,
+ 10, &kObjectData[3698], 0},
+ {"friendlyCountryName", "friendlyCountryName", NID_friendlyCountryName, 10,
+ &kObjectData[3708], 0},
+ {"organizationalStatus", "organizationalStatus", NID_organizationalStatus,
+ 10, &kObjectData[3718], 0},
+ {"janetMailbox", "janetMailbox", NID_janetMailbox, 10, &kObjectData[3728],
+ 0},
+ {"mailPreferenceOption", "mailPreferenceOption", NID_mailPreferenceOption,
+ 10, &kObjectData[3738], 0},
+ {"buildingName", "buildingName", NID_buildingName, 10, &kObjectData[3748],
+ 0},
+ {"dSAQuality", "dSAQuality", NID_dSAQuality, 10, &kObjectData[3758], 0},
+ {"singleLevelQuality", "singleLevelQuality", NID_singleLevelQuality, 10,
+ &kObjectData[3768], 0},
+ {"subtreeMinimumQuality", "subtreeMinimumQuality",
+ NID_subtreeMinimumQuality, 10, &kObjectData[3778], 0},
+ {"subtreeMaximumQuality", "subtreeMaximumQuality",
+ NID_subtreeMaximumQuality, 10, &kObjectData[3788], 0},
+ {"personalSignature", "personalSignature", NID_personalSignature, 10,
+ &kObjectData[3798], 0},
+ {"dITRedirect", "dITRedirect", NID_dITRedirect, 10, &kObjectData[3808], 0},
+ {"audio", "audio", NID_audio, 10, &kObjectData[3818], 0},
+ {"documentPublisher", "documentPublisher", NID_documentPublisher, 10,
+ &kObjectData[3828], 0},
+ {"x500UniqueIdentifier", "x500UniqueIdentifier", NID_x500UniqueIdentifier,
+ 3, &kObjectData[3838], 0},
+ {"mime-mhs", "MIME MHS", NID_mime_mhs, 5, &kObjectData[3841], 0},
+ {"mime-mhs-headings", "mime-mhs-headings", NID_mime_mhs_headings, 6,
+ &kObjectData[3846], 0},
+ {"mime-mhs-bodies", "mime-mhs-bodies", NID_mime_mhs_bodies, 6,
+ &kObjectData[3852], 0},
+ {"id-hex-partial-message", "id-hex-partial-message",
+ NID_id_hex_partial_message, 7, &kObjectData[3858], 0},
+ {"id-hex-multipart-message", "id-hex-multipart-message",
+ NID_id_hex_multipart_message, 7, &kObjectData[3865], 0},
+ {"generationQualifier", "generationQualifier", NID_generationQualifier, 3,
+ &kObjectData[3872], 0},
+ {"pseudonym", "pseudonym", NID_pseudonym, 3, &kObjectData[3875], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"id-set", "Secure Electronic Transactions", NID_id_set, 2,
+ &kObjectData[3878], 0},
+ {"set-ctype", "content types", NID_set_ctype, 3, &kObjectData[3880], 0},
+ {"set-msgExt", "message extensions", NID_set_msgExt, 3, &kObjectData[3883],
+ 0},
+ {"set-attr", "set-attr", NID_set_attr, 3, &kObjectData[3886], 0},
+ {"set-policy", "set-policy", NID_set_policy, 3, &kObjectData[3889], 0},
+ {"set-certExt", "certificate extensions", NID_set_certExt, 3,
+ &kObjectData[3892], 0},
+ {"set-brand", "set-brand", NID_set_brand, 3, &kObjectData[3895], 0},
+ {"setct-PANData", "setct-PANData", NID_setct_PANData, 4, &kObjectData[3898],
+ 0},
+ {"setct-PANToken", "setct-PANToken", NID_setct_PANToken, 4,
+ &kObjectData[3902], 0},
+ {"setct-PANOnly", "setct-PANOnly", NID_setct_PANOnly, 4, &kObjectData[3906],
+ 0},
+ {"setct-OIData", "setct-OIData", NID_setct_OIData, 4, &kObjectData[3910],
+ 0},
+ {"setct-PI", "setct-PI", NID_setct_PI, 4, &kObjectData[3914], 0},
+ {"setct-PIData", "setct-PIData", NID_setct_PIData, 4, &kObjectData[3918],
+ 0},
+ {"setct-PIDataUnsigned", "setct-PIDataUnsigned", NID_setct_PIDataUnsigned,
+ 4, &kObjectData[3922], 0},
+ {"setct-HODInput", "setct-HODInput", NID_setct_HODInput, 4,
+ &kObjectData[3926], 0},
+ {"setct-AuthResBaggage", "setct-AuthResBaggage", NID_setct_AuthResBaggage,
+ 4, &kObjectData[3930], 0},
+ {"setct-AuthRevReqBaggage", "setct-AuthRevReqBaggage",
+ NID_setct_AuthRevReqBaggage, 4, &kObjectData[3934], 0},
+ {"setct-AuthRevResBaggage", "setct-AuthRevResBaggage",
+ NID_setct_AuthRevResBaggage, 4, &kObjectData[3938], 0},
+ {"setct-CapTokenSeq", "setct-CapTokenSeq", NID_setct_CapTokenSeq, 4,
+ &kObjectData[3942], 0},
+ {"setct-PInitResData", "setct-PInitResData", NID_setct_PInitResData, 4,
+ &kObjectData[3946], 0},
+ {"setct-PI-TBS", "setct-PI-TBS", NID_setct_PI_TBS, 4, &kObjectData[3950],
+ 0},
+ {"setct-PResData", "setct-PResData", NID_setct_PResData, 4,
+ &kObjectData[3954], 0},
+ {"setct-AuthReqTBS", "setct-AuthReqTBS", NID_setct_AuthReqTBS, 4,
+ &kObjectData[3958], 0},
+ {"setct-AuthResTBS", "setct-AuthResTBS", NID_setct_AuthResTBS, 4,
+ &kObjectData[3962], 0},
+ {"setct-AuthResTBSX", "setct-AuthResTBSX", NID_setct_AuthResTBSX, 4,
+ &kObjectData[3966], 0},
+ {"setct-AuthTokenTBS", "setct-AuthTokenTBS", NID_setct_AuthTokenTBS, 4,
+ &kObjectData[3970], 0},
+ {"setct-CapTokenData", "setct-CapTokenData", NID_setct_CapTokenData, 4,
+ &kObjectData[3974], 0},
+ {"setct-CapTokenTBS", "setct-CapTokenTBS", NID_setct_CapTokenTBS, 4,
+ &kObjectData[3978], 0},
+ {"setct-AcqCardCodeMsg", "setct-AcqCardCodeMsg", NID_setct_AcqCardCodeMsg,
+ 4, &kObjectData[3982], 0},
+ {"setct-AuthRevReqTBS", "setct-AuthRevReqTBS", NID_setct_AuthRevReqTBS, 4,
+ &kObjectData[3986], 0},
+ {"setct-AuthRevResData", "setct-AuthRevResData", NID_setct_AuthRevResData,
+ 4, &kObjectData[3990], 0},
+ {"setct-AuthRevResTBS", "setct-AuthRevResTBS", NID_setct_AuthRevResTBS, 4,
+ &kObjectData[3994], 0},
+ {"setct-CapReqTBS", "setct-CapReqTBS", NID_setct_CapReqTBS, 4,
+ &kObjectData[3998], 0},
+ {"setct-CapReqTBSX", "setct-CapReqTBSX", NID_setct_CapReqTBSX, 4,
+ &kObjectData[4002], 0},
+ {"setct-CapResData", "setct-CapResData", NID_setct_CapResData, 4,
+ &kObjectData[4006], 0},
+ {"setct-CapRevReqTBS", "setct-CapRevReqTBS", NID_setct_CapRevReqTBS, 4,
+ &kObjectData[4010], 0},
+ {"setct-CapRevReqTBSX", "setct-CapRevReqTBSX", NID_setct_CapRevReqTBSX, 4,
+ &kObjectData[4014], 0},
+ {"setct-CapRevResData", "setct-CapRevResData", NID_setct_CapRevResData, 4,
+ &kObjectData[4018], 0},
+ {"setct-CredReqTBS", "setct-CredReqTBS", NID_setct_CredReqTBS, 4,
+ &kObjectData[4022], 0},
+ {"setct-CredReqTBSX", "setct-CredReqTBSX", NID_setct_CredReqTBSX, 4,
+ &kObjectData[4026], 0},
+ {"setct-CredResData", "setct-CredResData", NID_setct_CredResData, 4,
+ &kObjectData[4030], 0},
+ {"setct-CredRevReqTBS", "setct-CredRevReqTBS", NID_setct_CredRevReqTBS, 4,
+ &kObjectData[4034], 0},
+ {"setct-CredRevReqTBSX", "setct-CredRevReqTBSX", NID_setct_CredRevReqTBSX,
+ 4, &kObjectData[4038], 0},
+ {"setct-CredRevResData", "setct-CredRevResData", NID_setct_CredRevResData,
+ 4, &kObjectData[4042], 0},
+ {"setct-PCertReqData", "setct-PCertReqData", NID_setct_PCertReqData, 4,
+ &kObjectData[4046], 0},
+ {"setct-PCertResTBS", "setct-PCertResTBS", NID_setct_PCertResTBS, 4,
+ &kObjectData[4050], 0},
+ {"setct-BatchAdminReqData", "setct-BatchAdminReqData",
+ NID_setct_BatchAdminReqData, 4, &kObjectData[4054], 0},
+ {"setct-BatchAdminResData", "setct-BatchAdminResData",
+ NID_setct_BatchAdminResData, 4, &kObjectData[4058], 0},
+ {"setct-CardCInitResTBS", "setct-CardCInitResTBS",
+ NID_setct_CardCInitResTBS, 4, &kObjectData[4062], 0},
+ {"setct-MeAqCInitResTBS", "setct-MeAqCInitResTBS",
+ NID_setct_MeAqCInitResTBS, 4, &kObjectData[4066], 0},
+ {"setct-RegFormResTBS", "setct-RegFormResTBS", NID_setct_RegFormResTBS, 4,
+ &kObjectData[4070], 0},
+ {"setct-CertReqData", "setct-CertReqData", NID_setct_CertReqData, 4,
+ &kObjectData[4074], 0},
+ {"setct-CertReqTBS", "setct-CertReqTBS", NID_setct_CertReqTBS, 4,
+ &kObjectData[4078], 0},
+ {"setct-CertResData", "setct-CertResData", NID_setct_CertResData, 4,
+ &kObjectData[4082], 0},
+ {"setct-CertInqReqTBS", "setct-CertInqReqTBS", NID_setct_CertInqReqTBS, 4,
+ &kObjectData[4086], 0},
+ {"setct-ErrorTBS", "setct-ErrorTBS", NID_setct_ErrorTBS, 4,
+ &kObjectData[4090], 0},
+ {"setct-PIDualSignedTBE", "setct-PIDualSignedTBE",
+ NID_setct_PIDualSignedTBE, 4, &kObjectData[4094], 0},
+ {"setct-PIUnsignedTBE", "setct-PIUnsignedTBE", NID_setct_PIUnsignedTBE, 4,
+ &kObjectData[4098], 0},
+ {"setct-AuthReqTBE", "setct-AuthReqTBE", NID_setct_AuthReqTBE, 4,
+ &kObjectData[4102], 0},
+ {"setct-AuthResTBE", "setct-AuthResTBE", NID_setct_AuthResTBE, 4,
+ &kObjectData[4106], 0},
+ {"setct-AuthResTBEX", "setct-AuthResTBEX", NID_setct_AuthResTBEX, 4,
+ &kObjectData[4110], 0},
+ {"setct-AuthTokenTBE", "setct-AuthTokenTBE", NID_setct_AuthTokenTBE, 4,
+ &kObjectData[4114], 0},
+ {"setct-CapTokenTBE", "setct-CapTokenTBE", NID_setct_CapTokenTBE, 4,
+ &kObjectData[4118], 0},
+ {"setct-CapTokenTBEX", "setct-CapTokenTBEX", NID_setct_CapTokenTBEX, 4,
+ &kObjectData[4122], 0},
+ {"setct-AcqCardCodeMsgTBE", "setct-AcqCardCodeMsgTBE",
+ NID_setct_AcqCardCodeMsgTBE, 4, &kObjectData[4126], 0},
+ {"setct-AuthRevReqTBE", "setct-AuthRevReqTBE", NID_setct_AuthRevReqTBE, 4,
+ &kObjectData[4130], 0},
+ {"setct-AuthRevResTBE", "setct-AuthRevResTBE", NID_setct_AuthRevResTBE, 4,
+ &kObjectData[4134], 0},
+ {"setct-AuthRevResTBEB", "setct-AuthRevResTBEB", NID_setct_AuthRevResTBEB,
+ 4, &kObjectData[4138], 0},
+ {"setct-CapReqTBE", "setct-CapReqTBE", NID_setct_CapReqTBE, 4,
+ &kObjectData[4142], 0},
+ {"setct-CapReqTBEX", "setct-CapReqTBEX", NID_setct_CapReqTBEX, 4,
+ &kObjectData[4146], 0},
+ {"setct-CapResTBE", "setct-CapResTBE", NID_setct_CapResTBE, 4,
+ &kObjectData[4150], 0},
+ {"setct-CapRevReqTBE", "setct-CapRevReqTBE", NID_setct_CapRevReqTBE, 4,
+ &kObjectData[4154], 0},
+ {"setct-CapRevReqTBEX", "setct-CapRevReqTBEX", NID_setct_CapRevReqTBEX, 4,
+ &kObjectData[4158], 0},
+ {"setct-CapRevResTBE", "setct-CapRevResTBE", NID_setct_CapRevResTBE, 4,
+ &kObjectData[4162], 0},
+ {"setct-CredReqTBE", "setct-CredReqTBE", NID_setct_CredReqTBE, 4,
+ &kObjectData[4166], 0},
+ {"setct-CredReqTBEX", "setct-CredReqTBEX", NID_setct_CredReqTBEX, 4,
+ &kObjectData[4170], 0},
+ {"setct-CredResTBE", "setct-CredResTBE", NID_setct_CredResTBE, 4,
+ &kObjectData[4174], 0},
+ {"setct-CredRevReqTBE", "setct-CredRevReqTBE", NID_setct_CredRevReqTBE, 4,
+ &kObjectData[4178], 0},
+ {"setct-CredRevReqTBEX", "setct-CredRevReqTBEX", NID_setct_CredRevReqTBEX,
+ 4, &kObjectData[4182], 0},
+ {"setct-CredRevResTBE", "setct-CredRevResTBE", NID_setct_CredRevResTBE, 4,
+ &kObjectData[4186], 0},
+ {"setct-BatchAdminReqTBE", "setct-BatchAdminReqTBE",
+ NID_setct_BatchAdminReqTBE, 4, &kObjectData[4190], 0},
+ {"setct-BatchAdminResTBE", "setct-BatchAdminResTBE",
+ NID_setct_BatchAdminResTBE, 4, &kObjectData[4194], 0},
+ {"setct-RegFormReqTBE", "setct-RegFormReqTBE", NID_setct_RegFormReqTBE, 4,
+ &kObjectData[4198], 0},
+ {"setct-CertReqTBE", "setct-CertReqTBE", NID_setct_CertReqTBE, 4,
+ &kObjectData[4202], 0},
+ {"setct-CertReqTBEX", "setct-CertReqTBEX", NID_setct_CertReqTBEX, 4,
+ &kObjectData[4206], 0},
+ {"setct-CertResTBE", "setct-CertResTBE", NID_setct_CertResTBE, 4,
+ &kObjectData[4210], 0},
+ {"setct-CRLNotificationTBS", "setct-CRLNotificationTBS",
+ NID_setct_CRLNotificationTBS, 4, &kObjectData[4214], 0},
+ {"setct-CRLNotificationResTBS", "setct-CRLNotificationResTBS",
+ NID_setct_CRLNotificationResTBS, 4, &kObjectData[4218], 0},
+ {"setct-BCIDistributionTBS", "setct-BCIDistributionTBS",
+ NID_setct_BCIDistributionTBS, 4, &kObjectData[4222], 0},
+ {"setext-genCrypt", "generic cryptogram", NID_setext_genCrypt, 4,
+ &kObjectData[4226], 0},
+ {"setext-miAuth", "merchant initiated auth", NID_setext_miAuth, 4,
+ &kObjectData[4230], 0},
+ {"setext-pinSecure", "setext-pinSecure", NID_setext_pinSecure, 4,
+ &kObjectData[4234], 0},
+ {"setext-pinAny", "setext-pinAny", NID_setext_pinAny, 4, &kObjectData[4238],
+ 0},
+ {"setext-track2", "setext-track2", NID_setext_track2, 4, &kObjectData[4242],
+ 0},
+ {"setext-cv", "additional verification", NID_setext_cv, 4,
+ &kObjectData[4246], 0},
+ {"set-policy-root", "set-policy-root", NID_set_policy_root, 4,
+ &kObjectData[4250], 0},
+ {"setCext-hashedRoot", "setCext-hashedRoot", NID_setCext_hashedRoot, 4,
+ &kObjectData[4254], 0},
+ {"setCext-certType", "setCext-certType", NID_setCext_certType, 4,
+ &kObjectData[4258], 0},
+ {"setCext-merchData", "setCext-merchData", NID_setCext_merchData, 4,
+ &kObjectData[4262], 0},
+ {"setCext-cCertRequired", "setCext-cCertRequired",
+ NID_setCext_cCertRequired, 4, &kObjectData[4266], 0},
+ {"setCext-tunneling", "setCext-tunneling", NID_setCext_tunneling, 4,
+ &kObjectData[4270], 0},
+ {"setCext-setExt", "setCext-setExt", NID_setCext_setExt, 4,
+ &kObjectData[4274], 0},
+ {"setCext-setQualf", "setCext-setQualf", NID_setCext_setQualf, 4,
+ &kObjectData[4278], 0},
+ {"setCext-PGWYcapabilities", "setCext-PGWYcapabilities",
+ NID_setCext_PGWYcapabilities, 4, &kObjectData[4282], 0},
+ {"setCext-TokenIdentifier", "setCext-TokenIdentifier",
+ NID_setCext_TokenIdentifier, 4, &kObjectData[4286], 0},
+ {"setCext-Track2Data", "setCext-Track2Data", NID_setCext_Track2Data, 4,
+ &kObjectData[4290], 0},
+ {"setCext-TokenType", "setCext-TokenType", NID_setCext_TokenType, 4,
+ &kObjectData[4294], 0},
+ {"setCext-IssuerCapabilities", "setCext-IssuerCapabilities",
+ NID_setCext_IssuerCapabilities, 4, &kObjectData[4298], 0},
+ {"setAttr-Cert", "setAttr-Cert", NID_setAttr_Cert, 4, &kObjectData[4302],
+ 0},
+ {"setAttr-PGWYcap", "payment gateway capabilities", NID_setAttr_PGWYcap, 4,
+ &kObjectData[4306], 0},
+ {"setAttr-TokenType", "setAttr-TokenType", NID_setAttr_TokenType, 4,
+ &kObjectData[4310], 0},
+ {"setAttr-IssCap", "issuer capabilities", NID_setAttr_IssCap, 4,
+ &kObjectData[4314], 0},
+ {"set-rootKeyThumb", "set-rootKeyThumb", NID_set_rootKeyThumb, 5,
+ &kObjectData[4318], 0},
+ {"set-addPolicy", "set-addPolicy", NID_set_addPolicy, 5, &kObjectData[4323],
+ 0},
+ {"setAttr-Token-EMV", "setAttr-Token-EMV", NID_setAttr_Token_EMV, 5,
+ &kObjectData[4328], 0},
+ {"setAttr-Token-B0Prime", "setAttr-Token-B0Prime",
+ NID_setAttr_Token_B0Prime, 5, &kObjectData[4333], 0},
+ {"setAttr-IssCap-CVM", "setAttr-IssCap-CVM", NID_setAttr_IssCap_CVM, 5,
+ &kObjectData[4338], 0},
+ {"setAttr-IssCap-T2", "setAttr-IssCap-T2", NID_setAttr_IssCap_T2, 5,
+ &kObjectData[4343], 0},
+ {"setAttr-IssCap-Sig", "setAttr-IssCap-Sig", NID_setAttr_IssCap_Sig, 5,
+ &kObjectData[4348], 0},
+ {"setAttr-GenCryptgrm", "generate cryptogram", NID_setAttr_GenCryptgrm, 6,
+ &kObjectData[4353], 0},
+ {"setAttr-T2Enc", "encrypted track 2", NID_setAttr_T2Enc, 6,
+ &kObjectData[4359], 0},
+ {"setAttr-T2cleartxt", "cleartext track 2", NID_setAttr_T2cleartxt, 6,
+ &kObjectData[4365], 0},
+ {"setAttr-TokICCsig", "ICC or token signature", NID_setAttr_TokICCsig, 6,
+ &kObjectData[4371], 0},
+ {"setAttr-SecDevSig", "secure device signature", NID_setAttr_SecDevSig, 6,
+ &kObjectData[4377], 0},
+ {"set-brand-IATA-ATA", "set-brand-IATA-ATA", NID_set_brand_IATA_ATA, 4,
+ &kObjectData[4383], 0},
+ {"set-brand-Diners", "set-brand-Diners", NID_set_brand_Diners, 4,
+ &kObjectData[4387], 0},
+ {"set-brand-AmericanExpress", "set-brand-AmericanExpress",
+ NID_set_brand_AmericanExpress, 4, &kObjectData[4391], 0},
+ {"set-brand-JCB", "set-brand-JCB", NID_set_brand_JCB, 4, &kObjectData[4395],
+ 0},
+ {"set-brand-Visa", "set-brand-Visa", NID_set_brand_Visa, 4,
+ &kObjectData[4399], 0},
+ {"set-brand-MasterCard", "set-brand-MasterCard", NID_set_brand_MasterCard,
+ 4, &kObjectData[4403], 0},
+ {"set-brand-Novus", "set-brand-Novus", NID_set_brand_Novus, 5,
+ &kObjectData[4407], 0},
+ {"DES-CDMF", "des-cdmf", NID_des_cdmf, 8, &kObjectData[4412], 0},
+ {"rsaOAEPEncryptionSET", "rsaOAEPEncryptionSET", NID_rsaOAEPEncryptionSET,
+ 9, &kObjectData[4420], 0},
+ {"ITU-T", "itu-t", NID_itu_t, 0, NULL, 0},
+ {"JOINT-ISO-ITU-T", "joint-iso-itu-t", NID_joint_iso_itu_t, 0, NULL, 0},
+ {"international-organizations", "International Organizations",
+ NID_international_organizations, 1, &kObjectData[4429], 0},
+ {"msSmartcardLogin", "Microsoft Smartcardlogin", NID_ms_smartcard_login, 10,
+ &kObjectData[4430], 0},
+ {"msUPN", "Microsoft Universal Principal Name", NID_ms_upn, 10,
+ &kObjectData[4440], 0},
+ {"AES-128-CFB1", "aes-128-cfb1", NID_aes_128_cfb1, 0, NULL, 0},
+ {"AES-192-CFB1", "aes-192-cfb1", NID_aes_192_cfb1, 0, NULL, 0},
+ {"AES-256-CFB1", "aes-256-cfb1", NID_aes_256_cfb1, 0, NULL, 0},
+ {"AES-128-CFB8", "aes-128-cfb8", NID_aes_128_cfb8, 0, NULL, 0},
+ {"AES-192-CFB8", "aes-192-cfb8", NID_aes_192_cfb8, 0, NULL, 0},
+ {"AES-256-CFB8", "aes-256-cfb8", NID_aes_256_cfb8, 0, NULL, 0},
+ {"DES-CFB1", "des-cfb1", NID_des_cfb1, 0, NULL, 0},
+ {"DES-CFB8", "des-cfb8", NID_des_cfb8, 0, NULL, 0},
+ {"DES-EDE3-CFB1", "des-ede3-cfb1", NID_des_ede3_cfb1, 0, NULL, 0},
+ {"DES-EDE3-CFB8", "des-ede3-cfb8", NID_des_ede3_cfb8, 0, NULL, 0},
+ {"street", "streetAddress", NID_streetAddress, 3, &kObjectData[4450], 0},
+ {"postalCode", "postalCode", NID_postalCode, 3, &kObjectData[4453], 0},
+ {"id-ppl", "id-ppl", NID_id_ppl, 7, &kObjectData[4456], 0},
+ {"proxyCertInfo", "Proxy Certificate Information", NID_proxyCertInfo, 8,
+ &kObjectData[4463], 0},
+ {"id-ppl-anyLanguage", "Any language", NID_id_ppl_anyLanguage, 8,
+ &kObjectData[4471], 0},
+ {"id-ppl-inheritAll", "Inherit all", NID_id_ppl_inheritAll, 8,
+ &kObjectData[4479], 0},
+ {"nameConstraints", "X509v3 Name Constraints", NID_name_constraints, 3,
+ &kObjectData[4487], 0},
+ {"id-ppl-independent", "Independent", NID_Independent, 8,
+ &kObjectData[4490], 0},
+ {"RSA-SHA256", "sha256WithRSAEncryption", NID_sha256WithRSAEncryption, 9,
+ &kObjectData[4498], 0},
+ {"RSA-SHA384", "sha384WithRSAEncryption", NID_sha384WithRSAEncryption, 9,
+ &kObjectData[4507], 0},
+ {"RSA-SHA512", "sha512WithRSAEncryption", NID_sha512WithRSAEncryption, 9,
+ &kObjectData[4516], 0},
+ {"RSA-SHA224", "sha224WithRSAEncryption", NID_sha224WithRSAEncryption, 9,
+ &kObjectData[4525], 0},
+ {"SHA256", "sha256", NID_sha256, 9, &kObjectData[4534], 0},
+ {"SHA384", "sha384", NID_sha384, 9, &kObjectData[4543], 0},
+ {"SHA512", "sha512", NID_sha512, 9, &kObjectData[4552], 0},
+ {"SHA224", "sha224", NID_sha224, 9, &kObjectData[4561], 0},
+ {"identified-organization", "identified-organization",
+ NID_identified_organization, 1, &kObjectData[4570], 0},
+ {"certicom-arc", "certicom-arc", NID_certicom_arc, 3, &kObjectData[4571],
+ 0},
+ {"wap", "wap", NID_wap, 2, &kObjectData[4574], 0},
+ {"wap-wsg", "wap-wsg", NID_wap_wsg, 3, &kObjectData[4576], 0},
+ {"id-characteristic-two-basis", "id-characteristic-two-basis",
+ NID_X9_62_id_characteristic_two_basis, 8, &kObjectData[4579], 0},
+ {"onBasis", "onBasis", NID_X9_62_onBasis, 9, &kObjectData[4587], 0},
+ {"tpBasis", "tpBasis", NID_X9_62_tpBasis, 9, &kObjectData[4596], 0},
+ {"ppBasis", "ppBasis", NID_X9_62_ppBasis, 9, &kObjectData[4605], 0},
+ {"c2pnb163v1", "c2pnb163v1", NID_X9_62_c2pnb163v1, 8, &kObjectData[4614],
+ 0},
+ {"c2pnb163v2", "c2pnb163v2", NID_X9_62_c2pnb163v2, 8, &kObjectData[4622],
+ 0},
+ {"c2pnb163v3", "c2pnb163v3", NID_X9_62_c2pnb163v3, 8, &kObjectData[4630],
+ 0},
+ {"c2pnb176v1", "c2pnb176v1", NID_X9_62_c2pnb176v1, 8, &kObjectData[4638],
+ 0},
+ {"c2tnb191v1", "c2tnb191v1", NID_X9_62_c2tnb191v1, 8, &kObjectData[4646],
+ 0},
+ {"c2tnb191v2", "c2tnb191v2", NID_X9_62_c2tnb191v2, 8, &kObjectData[4654],
+ 0},
+ {"c2tnb191v3", "c2tnb191v3", NID_X9_62_c2tnb191v3, 8, &kObjectData[4662],
+ 0},
+ {"c2onb191v4", "c2onb191v4", NID_X9_62_c2onb191v4, 8, &kObjectData[4670],
+ 0},
+ {"c2onb191v5", "c2onb191v5", NID_X9_62_c2onb191v5, 8, &kObjectData[4678],
+ 0},
+ {"c2pnb208w1", "c2pnb208w1", NID_X9_62_c2pnb208w1, 8, &kObjectData[4686],
+ 0},
+ {"c2tnb239v1", "c2tnb239v1", NID_X9_62_c2tnb239v1, 8, &kObjectData[4694],
+ 0},
+ {"c2tnb239v2", "c2tnb239v2", NID_X9_62_c2tnb239v2, 8, &kObjectData[4702],
+ 0},
+ {"c2tnb239v3", "c2tnb239v3", NID_X9_62_c2tnb239v3, 8, &kObjectData[4710],
+ 0},
+ {"c2onb239v4", "c2onb239v4", NID_X9_62_c2onb239v4, 8, &kObjectData[4718],
+ 0},
+ {"c2onb239v5", "c2onb239v5", NID_X9_62_c2onb239v5, 8, &kObjectData[4726],
+ 0},
+ {"c2pnb272w1", "c2pnb272w1", NID_X9_62_c2pnb272w1, 8, &kObjectData[4734],
+ 0},
+ {"c2pnb304w1", "c2pnb304w1", NID_X9_62_c2pnb304w1, 8, &kObjectData[4742],
+ 0},
+ {"c2tnb359v1", "c2tnb359v1", NID_X9_62_c2tnb359v1, 8, &kObjectData[4750],
+ 0},
+ {"c2pnb368w1", "c2pnb368w1", NID_X9_62_c2pnb368w1, 8, &kObjectData[4758],
+ 0},
+ {"c2tnb431r1", "c2tnb431r1", NID_X9_62_c2tnb431r1, 8, &kObjectData[4766],
+ 0},
+ {"secp112r1", "secp112r1", NID_secp112r1, 5, &kObjectData[4774], 0},
+ {"secp112r2", "secp112r2", NID_secp112r2, 5, &kObjectData[4779], 0},
+ {"secp128r1", "secp128r1", NID_secp128r1, 5, &kObjectData[4784], 0},
+ {"secp128r2", "secp128r2", NID_secp128r2, 5, &kObjectData[4789], 0},
+ {"secp160k1", "secp160k1", NID_secp160k1, 5, &kObjectData[4794], 0},
+ {"secp160r1", "secp160r1", NID_secp160r1, 5, &kObjectData[4799], 0},
+ {"secp160r2", "secp160r2", NID_secp160r2, 5, &kObjectData[4804], 0},
+ {"secp192k1", "secp192k1", NID_secp192k1, 5, &kObjectData[4809], 0},
+ {"secp224k1", "secp224k1", NID_secp224k1, 5, &kObjectData[4814], 0},
+ {"secp224r1", "secp224r1", NID_secp224r1, 5, &kObjectData[4819], 0},
+ {"secp256k1", "secp256k1", NID_secp256k1, 5, &kObjectData[4824], 0},
+ {"secp384r1", "secp384r1", NID_secp384r1, 5, &kObjectData[4829], 0},
+ {"secp521r1", "secp521r1", NID_secp521r1, 5, &kObjectData[4834], 0},
+ {"sect113r1", "sect113r1", NID_sect113r1, 5, &kObjectData[4839], 0},
+ {"sect113r2", "sect113r2", NID_sect113r2, 5, &kObjectData[4844], 0},
+ {"sect131r1", "sect131r1", NID_sect131r1, 5, &kObjectData[4849], 0},
+ {"sect131r2", "sect131r2", NID_sect131r2, 5, &kObjectData[4854], 0},
+ {"sect163k1", "sect163k1", NID_sect163k1, 5, &kObjectData[4859], 0},
+ {"sect163r1", "sect163r1", NID_sect163r1, 5, &kObjectData[4864], 0},
+ {"sect163r2", "sect163r2", NID_sect163r2, 5, &kObjectData[4869], 0},
+ {"sect193r1", "sect193r1", NID_sect193r1, 5, &kObjectData[4874], 0},
+ {"sect193r2", "sect193r2", NID_sect193r2, 5, &kObjectData[4879], 0},
+ {"sect233k1", "sect233k1", NID_sect233k1, 5, &kObjectData[4884], 0},
+ {"sect233r1", "sect233r1", NID_sect233r1, 5, &kObjectData[4889], 0},
+ {"sect239k1", "sect239k1", NID_sect239k1, 5, &kObjectData[4894], 0},
+ {"sect283k1", "sect283k1", NID_sect283k1, 5, &kObjectData[4899], 0},
+ {"sect283r1", "sect283r1", NID_sect283r1, 5, &kObjectData[4904], 0},
+ {"sect409k1", "sect409k1", NID_sect409k1, 5, &kObjectData[4909], 0},
+ {"sect409r1", "sect409r1", NID_sect409r1, 5, &kObjectData[4914], 0},
+ {"sect571k1", "sect571k1", NID_sect571k1, 5, &kObjectData[4919], 0},
+ {"sect571r1", "sect571r1", NID_sect571r1, 5, &kObjectData[4924], 0},
+ {"wap-wsg-idm-ecid-wtls1", "wap-wsg-idm-ecid-wtls1",
+ NID_wap_wsg_idm_ecid_wtls1, 5, &kObjectData[4929], 0},
+ {"wap-wsg-idm-ecid-wtls3", "wap-wsg-idm-ecid-wtls3",
+ NID_wap_wsg_idm_ecid_wtls3, 5, &kObjectData[4934], 0},
+ {"wap-wsg-idm-ecid-wtls4", "wap-wsg-idm-ecid-wtls4",
+ NID_wap_wsg_idm_ecid_wtls4, 5, &kObjectData[4939], 0},
+ {"wap-wsg-idm-ecid-wtls5", "wap-wsg-idm-ecid-wtls5",
+ NID_wap_wsg_idm_ecid_wtls5, 5, &kObjectData[4944], 0},
+ {"wap-wsg-idm-ecid-wtls6", "wap-wsg-idm-ecid-wtls6",
+ NID_wap_wsg_idm_ecid_wtls6, 5, &kObjectData[4949], 0},
+ {"wap-wsg-idm-ecid-wtls7", "wap-wsg-idm-ecid-wtls7",
+ NID_wap_wsg_idm_ecid_wtls7, 5, &kObjectData[4954], 0},
+ {"wap-wsg-idm-ecid-wtls8", "wap-wsg-idm-ecid-wtls8",
+ NID_wap_wsg_idm_ecid_wtls8, 5, &kObjectData[4959], 0},
+ {"wap-wsg-idm-ecid-wtls9", "wap-wsg-idm-ecid-wtls9",
+ NID_wap_wsg_idm_ecid_wtls9, 5, &kObjectData[4964], 0},
+ {"wap-wsg-idm-ecid-wtls10", "wap-wsg-idm-ecid-wtls10",
+ NID_wap_wsg_idm_ecid_wtls10, 5, &kObjectData[4969], 0},
+ {"wap-wsg-idm-ecid-wtls11", "wap-wsg-idm-ecid-wtls11",
+ NID_wap_wsg_idm_ecid_wtls11, 5, &kObjectData[4974], 0},
+ {"wap-wsg-idm-ecid-wtls12", "wap-wsg-idm-ecid-wtls12",
+ NID_wap_wsg_idm_ecid_wtls12, 5, &kObjectData[4979], 0},
+ {"anyPolicy", "X509v3 Any Policy", NID_any_policy, 4, &kObjectData[4984],
+ 0},
+ {"policyMappings", "X509v3 Policy Mappings", NID_policy_mappings, 3,
+ &kObjectData[4988], 0},
+ {"inhibitAnyPolicy", "X509v3 Inhibit Any Policy", NID_inhibit_any_policy, 3,
+ &kObjectData[4991], 0},
+ {"Oakley-EC2N-3", "ipsec3", NID_ipsec3, 0, NULL, 0},
+ {"Oakley-EC2N-4", "ipsec4", NID_ipsec4, 0, NULL, 0},
+ {"CAMELLIA-128-CBC", "camellia-128-cbc", NID_camellia_128_cbc, 11,
+ &kObjectData[4994], 0},
+ {"CAMELLIA-192-CBC", "camellia-192-cbc", NID_camellia_192_cbc, 11,
+ &kObjectData[5005], 0},
+ {"CAMELLIA-256-CBC", "camellia-256-cbc", NID_camellia_256_cbc, 11,
+ &kObjectData[5016], 0},
+ {"CAMELLIA-128-ECB", "camellia-128-ecb", NID_camellia_128_ecb, 8,
+ &kObjectData[5027], 0},
+ {"CAMELLIA-192-ECB", "camellia-192-ecb", NID_camellia_192_ecb, 8,
+ &kObjectData[5035], 0},
+ {"CAMELLIA-256-ECB", "camellia-256-ecb", NID_camellia_256_ecb, 8,
+ &kObjectData[5043], 0},
+ {"CAMELLIA-128-CFB", "camellia-128-cfb", NID_camellia_128_cfb128, 8,
+ &kObjectData[5051], 0},
+ {"CAMELLIA-192-CFB", "camellia-192-cfb", NID_camellia_192_cfb128, 8,
+ &kObjectData[5059], 0},
+ {"CAMELLIA-256-CFB", "camellia-256-cfb", NID_camellia_256_cfb128, 8,
+ &kObjectData[5067], 0},
+ {"CAMELLIA-128-CFB1", "camellia-128-cfb1", NID_camellia_128_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-192-CFB1", "camellia-192-cfb1", NID_camellia_192_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-256-CFB1", "camellia-256-cfb1", NID_camellia_256_cfb1, 0, NULL,
+ 0},
+ {"CAMELLIA-128-CFB8", "camellia-128-cfb8", NID_camellia_128_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-192-CFB8", "camellia-192-cfb8", NID_camellia_192_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-256-CFB8", "camellia-256-cfb8", NID_camellia_256_cfb8, 0, NULL,
+ 0},
+ {"CAMELLIA-128-OFB", "camellia-128-ofb", NID_camellia_128_ofb128, 8,
+ &kObjectData[5075], 0},
+ {"CAMELLIA-192-OFB", "camellia-192-ofb", NID_camellia_192_ofb128, 8,
+ &kObjectData[5083], 0},
+ {"CAMELLIA-256-OFB", "camellia-256-ofb", NID_camellia_256_ofb128, 8,
+ &kObjectData[5091], 0},
+ {"subjectDirectoryAttributes", "X509v3 Subject Directory Attributes",
+ NID_subject_directory_attributes, 3, &kObjectData[5099], 0},
+ {"issuingDistributionPoint", "X509v3 Issuing Distribution Point",
+ NID_issuing_distribution_point, 3, &kObjectData[5102], 0},
+ {"certificateIssuer", "X509v3 Certificate Issuer", NID_certificate_issuer,
+ 3, &kObjectData[5105], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"KISA", "kisa", NID_kisa, 6, &kObjectData[5108], 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {NULL, NULL, NID_undef, 0, NULL, 0},
+ {"SEED-ECB", "seed-ecb", NID_seed_ecb, 8, &kObjectData[5114], 0},
+ {"SEED-CBC", "seed-cbc", NID_seed_cbc, 8, &kObjectData[5122], 0},
+ {"SEED-OFB", "seed-ofb", NID_seed_ofb128, 8, &kObjectData[5130], 0},
+ {"SEED-CFB", "seed-cfb", NID_seed_cfb128, 8, &kObjectData[5138], 0},
+ {"HMAC-MD5", "hmac-md5", NID_hmac_md5, 8, &kObjectData[5146], 0},
+ {"HMAC-SHA1", "hmac-sha1", NID_hmac_sha1, 8, &kObjectData[5154], 0},
+ {"id-PasswordBasedMAC", "password based MAC", NID_id_PasswordBasedMAC, 9,
+ &kObjectData[5162], 0},
+ {"id-DHBasedMac", "Diffie-Hellman based MAC", NID_id_DHBasedMac, 9,
+ &kObjectData[5171], 0},
+ {"id-it-suppLangTags", "id-it-suppLangTags", NID_id_it_suppLangTags, 8,
+ &kObjectData[5180], 0},
+ {"caRepository", "CA Repository", NID_caRepository, 8, &kObjectData[5188],
+ 0},
+ {"id-smime-ct-compressedData", "id-smime-ct-compressedData",
+ NID_id_smime_ct_compressedData, 11, &kObjectData[5196], 0},
+ {"id-ct-asciiTextWithCRLF", "id-ct-asciiTextWithCRLF",
+ NID_id_ct_asciiTextWithCRLF, 11, &kObjectData[5207], 0},
+ {"id-aes128-wrap", "id-aes128-wrap", NID_id_aes128_wrap, 9,
+ &kObjectData[5218], 0},
+ {"id-aes192-wrap", "id-aes192-wrap", NID_id_aes192_wrap, 9,
+ &kObjectData[5227], 0},
+ {"id-aes256-wrap", "id-aes256-wrap", NID_id_aes256_wrap, 9,
+ &kObjectData[5236], 0},
+ {"ecdsa-with-Recommended", "ecdsa-with-Recommended",
+ NID_ecdsa_with_Recommended, 7, &kObjectData[5245], 0},
+ {"ecdsa-with-Specified", "ecdsa-with-Specified", NID_ecdsa_with_Specified,
+ 7, &kObjectData[5252], 0},
+ {"ecdsa-with-SHA224", "ecdsa-with-SHA224", NID_ecdsa_with_SHA224, 8,
+ &kObjectData[5259], 0},
+ {"ecdsa-with-SHA256", "ecdsa-with-SHA256", NID_ecdsa_with_SHA256, 8,
+ &kObjectData[5267], 0},
+ {"ecdsa-with-SHA384", "ecdsa-with-SHA384", NID_ecdsa_with_SHA384, 8,
+ &kObjectData[5275], 0},
+ {"ecdsa-with-SHA512", "ecdsa-with-SHA512", NID_ecdsa_with_SHA512, 8,
+ &kObjectData[5283], 0},
+ {"hmacWithMD5", "hmacWithMD5", NID_hmacWithMD5, 8, &kObjectData[5291], 0},
+ {"hmacWithSHA224", "hmacWithSHA224", NID_hmacWithSHA224, 8,
+ &kObjectData[5299], 0},
+ {"hmacWithSHA256", "hmacWithSHA256", NID_hmacWithSHA256, 8,
+ &kObjectData[5307], 0},
+ {"hmacWithSHA384", "hmacWithSHA384", NID_hmacWithSHA384, 8,
+ &kObjectData[5315], 0},
+ {"hmacWithSHA512", "hmacWithSHA512", NID_hmacWithSHA512, 8,
+ &kObjectData[5323], 0},
+ {"dsa_with_SHA224", "dsa_with_SHA224", NID_dsa_with_SHA224, 9,
+ &kObjectData[5331], 0},
+ {"dsa_with_SHA256", "dsa_with_SHA256", NID_dsa_with_SHA256, 9,
+ &kObjectData[5340], 0},
+ {"whirlpool", "whirlpool", NID_whirlpool, 6, &kObjectData[5349], 0},
+ {"cryptopro", "cryptopro", NID_cryptopro, 5, &kObjectData[5355], 0},
+ {"cryptocom", "cryptocom", NID_cryptocom, 5, &kObjectData[5360], 0},
+ {"id-GostR3411-94-with-GostR3410-2001",
+ "GOST R 34.11-94 with GOST R 34.10-2001",
+ NID_id_GostR3411_94_with_GostR3410_2001, 6, &kObjectData[5365], 0},
+ {"id-GostR3411-94-with-GostR3410-94",
+ "GOST R 34.11-94 with GOST R 34.10-94",
+ NID_id_GostR3411_94_with_GostR3410_94, 6, &kObjectData[5371], 0},
+ {"md_gost94", "GOST R 34.11-94", NID_id_GostR3411_94, 6, &kObjectData[5377],
+ 0},
+ {"id-HMACGostR3411-94", "HMAC GOST 34.11-94", NID_id_HMACGostR3411_94, 6,
+ &kObjectData[5383], 0},
+ {"gost2001", "GOST R 34.10-2001", NID_id_GostR3410_2001, 6,
+ &kObjectData[5389], 0},
+ {"gost94", "GOST R 34.10-94", NID_id_GostR3410_94, 6, &kObjectData[5395],
+ 0},
+ {"gost89", "GOST 28147-89", NID_id_Gost28147_89, 6, &kObjectData[5401], 0},
+ {"gost89-cnt", "gost89-cnt", NID_gost89_cnt, 0, NULL, 0},
+ {"gost-mac", "GOST 28147-89 MAC", NID_id_Gost28147_89_MAC, 6,
+ &kObjectData[5407], 0},
+ {"prf-gostr3411-94", "GOST R 34.11-94 PRF", NID_id_GostR3411_94_prf, 6,
+ &kObjectData[5413], 0},
+ {"id-GostR3410-2001DH", "GOST R 34.10-2001 DH", NID_id_GostR3410_2001DH, 6,
+ &kObjectData[5419], 0},
+ {"id-GostR3410-94DH", "GOST R 34.10-94 DH", NID_id_GostR3410_94DH, 6,
+ &kObjectData[5425], 0},
+ {"id-Gost28147-89-CryptoPro-KeyMeshing",
+ "id-Gost28147-89-CryptoPro-KeyMeshing",
+ NID_id_Gost28147_89_CryptoPro_KeyMeshing, 7, &kObjectData[5431], 0},
+ {"id-Gost28147-89-None-KeyMeshing", "id-Gost28147-89-None-KeyMeshing",
+ NID_id_Gost28147_89_None_KeyMeshing, 7, &kObjectData[5438], 0},
+ {"id-GostR3411-94-TestParamSet", "id-GostR3411-94-TestParamSet",
+ NID_id_GostR3411_94_TestParamSet, 7, &kObjectData[5445], 0},
+ {"id-GostR3411-94-CryptoProParamSet", "id-GostR3411-94-CryptoProParamSet",
+ NID_id_GostR3411_94_CryptoProParamSet, 7, &kObjectData[5452], 0},
+ {"id-Gost28147-89-TestParamSet", "id-Gost28147-89-TestParamSet",
+ NID_id_Gost28147_89_TestParamSet, 7, &kObjectData[5459], 0},
+ {"id-Gost28147-89-CryptoPro-A-ParamSet",
+ "id-Gost28147-89-CryptoPro-A-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_A_ParamSet, 7, &kObjectData[5466], 0},
+ {"id-Gost28147-89-CryptoPro-B-ParamSet",
+ "id-Gost28147-89-CryptoPro-B-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_B_ParamSet, 7, &kObjectData[5473], 0},
+ {"id-Gost28147-89-CryptoPro-C-ParamSet",
+ "id-Gost28147-89-CryptoPro-C-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_C_ParamSet, 7, &kObjectData[5480], 0},
+ {"id-Gost28147-89-CryptoPro-D-ParamSet",
+ "id-Gost28147-89-CryptoPro-D-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_D_ParamSet, 7, &kObjectData[5487], 0},
+ {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+ "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet, 7, &kObjectData[5494],
+ 0},
+ {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+ "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet, 7, &kObjectData[5501],
+ 0},
+ {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+ "id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+ NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet, 7, &kObjectData[5508], 0},
+ {"id-GostR3410-94-TestParamSet", "id-GostR3410-94-TestParamSet",
+ NID_id_GostR3410_94_TestParamSet, 7, &kObjectData[5515], 0},
+ {"id-GostR3410-94-CryptoPro-A-ParamSet",
+ "id-GostR3410-94-CryptoPro-A-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_A_ParamSet, 7, &kObjectData[5522], 0},
+ {"id-GostR3410-94-CryptoPro-B-ParamSet",
+ "id-GostR3410-94-CryptoPro-B-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_B_ParamSet, 7, &kObjectData[5529], 0},
+ {"id-GostR3410-94-CryptoPro-C-ParamSet",
+ "id-GostR3410-94-CryptoPro-C-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_C_ParamSet, 7, &kObjectData[5536], 0},
+ {"id-GostR3410-94-CryptoPro-D-ParamSet",
+ "id-GostR3410-94-CryptoPro-D-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_D_ParamSet, 7, &kObjectData[5543], 0},
+ {"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchA-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchA_ParamSet, 7, &kObjectData[5550], 0},
+ {"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchB-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchB_ParamSet, 7, &kObjectData[5557], 0},
+ {"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+ "id-GostR3410-94-CryptoPro-XchC-ParamSet",
+ NID_id_GostR3410_94_CryptoPro_XchC_ParamSet, 7, &kObjectData[5564], 0},
+ {"id-GostR3410-2001-TestParamSet", "id-GostR3410-2001-TestParamSet",
+ NID_id_GostR3410_2001_TestParamSet, 7, &kObjectData[5571], 0},
+ {"id-GostR3410-2001-CryptoPro-A-ParamSet",
+ "id-GostR3410-2001-CryptoPro-A-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_A_ParamSet, 7, &kObjectData[5578], 0},
+ {"id-GostR3410-2001-CryptoPro-B-ParamSet",
+ "id-GostR3410-2001-CryptoPro-B-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_B_ParamSet, 7, &kObjectData[5585], 0},
+ {"id-GostR3410-2001-CryptoPro-C-ParamSet",
+ "id-GostR3410-2001-CryptoPro-C-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_C_ParamSet, 7, &kObjectData[5592], 0},
+ {"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+ "id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, 7, &kObjectData[5599], 0},
+ {"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+ "id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+ NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, 7, &kObjectData[5606], 0},
+ {"id-GostR3410-94-a", "id-GostR3410-94-a", NID_id_GostR3410_94_a, 7,
+ &kObjectData[5613], 0},
+ {"id-GostR3410-94-aBis", "id-GostR3410-94-aBis", NID_id_GostR3410_94_aBis,
+ 7, &kObjectData[5620], 0},
+ {"id-GostR3410-94-b", "id-GostR3410-94-b", NID_id_GostR3410_94_b, 7,
+ &kObjectData[5627], 0},
+ {"id-GostR3410-94-bBis", "id-GostR3410-94-bBis", NID_id_GostR3410_94_bBis,
+ 7, &kObjectData[5634], 0},
+ {"id-Gost28147-89-cc", "GOST 28147-89 Cryptocom ParamSet",
+ NID_id_Gost28147_89_cc, 8, &kObjectData[5641], 0},
+ {"gost94cc", "GOST 34.10-94 Cryptocom", NID_id_GostR3410_94_cc, 8,
+ &kObjectData[5649], 0},
+ {"gost2001cc", "GOST 34.10-2001 Cryptocom", NID_id_GostR3410_2001_cc, 8,
+ &kObjectData[5657], 0},
+ {"id-GostR3411-94-with-GostR3410-94-cc",
+ "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
+ NID_id_GostR3411_94_with_GostR3410_94_cc, 8, &kObjectData[5665], 0},
+ {"id-GostR3411-94-with-GostR3410-2001-cc",
+ "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
+ NID_id_GostR3411_94_with_GostR3410_2001_cc, 8, &kObjectData[5673], 0},
+ {"id-GostR3410-2001-ParamSet-cc",
+ "GOST R 3410-2001 Parameter Set Cryptocom",
+ NID_id_GostR3410_2001_ParamSet_cc, 8, &kObjectData[5681], 0},
+ {"HMAC", "hmac", NID_hmac, 0, NULL, 0},
+ {"LocalKeySet", "Microsoft Local Key set", NID_LocalKeySet, 9,
+ &kObjectData[5689], 0},
+ {"freshestCRL", "X509v3 Freshest CRL", NID_freshest_crl, 3,
+ &kObjectData[5698], 0},
+ {"id-on-permanentIdentifier", "Permanent Identifier",
+ NID_id_on_permanentIdentifier, 8, &kObjectData[5701], 0},
+ {"searchGuide", "searchGuide", NID_searchGuide, 3, &kObjectData[5709], 0},
+ {"businessCategory", "businessCategory", NID_businessCategory, 3,
+ &kObjectData[5712], 0},
+ {"postalAddress", "postalAddress", NID_postalAddress, 3, &kObjectData[5715],
+ 0},
+ {"postOfficeBox", "postOfficeBox", NID_postOfficeBox, 3, &kObjectData[5718],
+ 0},
+ {"physicalDeliveryOfficeName", "physicalDeliveryOfficeName",
+ NID_physicalDeliveryOfficeName, 3, &kObjectData[5721], 0},
+ {"telephoneNumber", "telephoneNumber", NID_telephoneNumber, 3,
+ &kObjectData[5724], 0},
+ {"telexNumber", "telexNumber", NID_telexNumber, 3, &kObjectData[5727], 0},
+ {"teletexTerminalIdentifier", "teletexTerminalIdentifier",
+ NID_teletexTerminalIdentifier, 3, &kObjectData[5730], 0},
+ {"facsimileTelephoneNumber", "facsimileTelephoneNumber",
+ NID_facsimileTelephoneNumber, 3, &kObjectData[5733], 0},
+ {"x121Address", "x121Address", NID_x121Address, 3, &kObjectData[5736], 0},
+ {"internationaliSDNNumber", "internationaliSDNNumber",
+ NID_internationaliSDNNumber, 3, &kObjectData[5739], 0},
+ {"registeredAddress", "registeredAddress", NID_registeredAddress, 3,
+ &kObjectData[5742], 0},
+ {"destinationIndicator", "destinationIndicator", NID_destinationIndicator,
+ 3, &kObjectData[5745], 0},
+ {"preferredDeliveryMethod", "preferredDeliveryMethod",
+ NID_preferredDeliveryMethod, 3, &kObjectData[5748], 0},
+ {"presentationAddress", "presentationAddress", NID_presentationAddress, 3,
+ &kObjectData[5751], 0},
+ {"supportedApplicationContext", "supportedApplicationContext",
+ NID_supportedApplicationContext, 3, &kObjectData[5754], 0},
+ {"member", "member", NID_member, 3, &kObjectData[5757], 0},
+ {"owner", "owner", NID_owner, 3, &kObjectData[5760], 0},
+ {"roleOccupant", "roleOccupant", NID_roleOccupant, 3, &kObjectData[5763],
+ 0},
+ {"seeAlso", "seeAlso", NID_seeAlso, 3, &kObjectData[5766], 0},
+ {"userPassword", "userPassword", NID_userPassword, 3, &kObjectData[5769],
+ 0},
+ {"userCertificate", "userCertificate", NID_userCertificate, 3,
+ &kObjectData[5772], 0},
+ {"cACertificate", "cACertificate", NID_cACertificate, 3, &kObjectData[5775],
+ 0},
+ {"authorityRevocationList", "authorityRevocationList",
+ NID_authorityRevocationList, 3, &kObjectData[5778], 0},
+ {"certificateRevocationList", "certificateRevocationList",
+ NID_certificateRevocationList, 3, &kObjectData[5781], 0},
+ {"crossCertificatePair", "crossCertificatePair", NID_crossCertificatePair,
+ 3, &kObjectData[5784], 0},
+ {"enhancedSearchGuide", "enhancedSearchGuide", NID_enhancedSearchGuide, 3,
+ &kObjectData[5787], 0},
+ {"protocolInformation", "protocolInformation", NID_protocolInformation, 3,
+ &kObjectData[5790], 0},
+ {"distinguishedName", "distinguishedName", NID_distinguishedName, 3,
+ &kObjectData[5793], 0},
+ {"uniqueMember", "uniqueMember", NID_uniqueMember, 3, &kObjectData[5796],
+ 0},
+ {"houseIdentifier", "houseIdentifier", NID_houseIdentifier, 3,
+ &kObjectData[5799], 0},
+ {"supportedAlgorithms", "supportedAlgorithms", NID_supportedAlgorithms, 3,
+ &kObjectData[5802], 0},
+ {"deltaRevocationList", "deltaRevocationList", NID_deltaRevocationList, 3,
+ &kObjectData[5805], 0},
+ {"dmdName", "dmdName", NID_dmdName, 3, &kObjectData[5808], 0},
+ {"id-alg-PWRI-KEK", "id-alg-PWRI-KEK", NID_id_alg_PWRI_KEK, 11,
+ &kObjectData[5811], 0},
+ {"CMAC", "cmac", NID_cmac, 0, NULL, 0},
+ {"id-aes128-GCM", "aes-128-gcm", NID_aes_128_gcm, 9, &kObjectData[5822], 0},
+ {"id-aes128-CCM", "aes-128-ccm", NID_aes_128_ccm, 9, &kObjectData[5831], 0},
+ {"id-aes128-wrap-pad", "id-aes128-wrap-pad", NID_id_aes128_wrap_pad, 9,
+ &kObjectData[5840], 0},
+ {"id-aes192-GCM", "aes-192-gcm", NID_aes_192_gcm, 9, &kObjectData[5849], 0},
+ {"id-aes192-CCM", "aes-192-ccm", NID_aes_192_ccm, 9, &kObjectData[5858], 0},
+ {"id-aes192-wrap-pad", "id-aes192-wrap-pad", NID_id_aes192_wrap_pad, 9,
+ &kObjectData[5867], 0},
+ {"id-aes256-GCM", "aes-256-gcm", NID_aes_256_gcm, 9, &kObjectData[5876], 0},
+ {"id-aes256-CCM", "aes-256-ccm", NID_aes_256_ccm, 9, &kObjectData[5885], 0},
+ {"id-aes256-wrap-pad", "id-aes256-wrap-pad", NID_id_aes256_wrap_pad, 9,
+ &kObjectData[5894], 0},
+ {"AES-128-CTR", "aes-128-ctr", NID_aes_128_ctr, 0, NULL, 0},
+ {"AES-192-CTR", "aes-192-ctr", NID_aes_192_ctr, 0, NULL, 0},
+ {"AES-256-CTR", "aes-256-ctr", NID_aes_256_ctr, 0, NULL, 0},
+ {"id-camellia128-wrap", "id-camellia128-wrap", NID_id_camellia128_wrap, 11,
+ &kObjectData[5903], 0},
+ {"id-camellia192-wrap", "id-camellia192-wrap", NID_id_camellia192_wrap, 11,
+ &kObjectData[5914], 0},
+ {"id-camellia256-wrap", "id-camellia256-wrap", NID_id_camellia256_wrap, 11,
+ &kObjectData[5925], 0},
+ {"anyExtendedKeyUsage", "Any Extended Key Usage", NID_anyExtendedKeyUsage,
+ 4, &kObjectData[5936], 0},
+ {"MGF1", "mgf1", NID_mgf1, 9, &kObjectData[5940], 0},
+ {"RSASSA-PSS", "rsassaPss", NID_rsassaPss, 9, &kObjectData[5949], 0},
+ {"AES-128-XTS", "aes-128-xts", NID_aes_128_xts, 0, NULL, 0},
+ {"AES-256-XTS", "aes-256-xts", NID_aes_256_xts, 0, NULL, 0},
+ {"RC4-HMAC-MD5", "rc4-hmac-md5", NID_rc4_hmac_md5, 0, NULL, 0},
+ {"AES-128-CBC-HMAC-SHA1", "aes-128-cbc-hmac-sha1",
+ NID_aes_128_cbc_hmac_sha1, 0, NULL, 0},
+ {"AES-192-CBC-HMAC-SHA1", "aes-192-cbc-hmac-sha1",
+ NID_aes_192_cbc_hmac_sha1, 0, NULL, 0},
+ {"AES-256-CBC-HMAC-SHA1", "aes-256-cbc-hmac-sha1",
+ NID_aes_256_cbc_hmac_sha1, 0, NULL, 0},
+ {"RSAES-OAEP", "rsaesOaep", NID_rsaesOaep, 9, &kObjectData[5958], 0},
+ {"dhpublicnumber", "X9.42 DH", NID_dhpublicnumber, 7, &kObjectData[5967],
+ 0},
+ {"brainpoolP160r1", "brainpoolP160r1", NID_brainpoolP160r1, 9,
+ &kObjectData[5974], 0},
+ {"brainpoolP160t1", "brainpoolP160t1", NID_brainpoolP160t1, 9,
+ &kObjectData[5983], 0},
+ {"brainpoolP192r1", "brainpoolP192r1", NID_brainpoolP192r1, 9,
+ &kObjectData[5992], 0},
+ {"brainpoolP192t1", "brainpoolP192t1", NID_brainpoolP192t1, 9,
+ &kObjectData[6001], 0},
+ {"brainpoolP224r1", "brainpoolP224r1", NID_brainpoolP224r1, 9,
+ &kObjectData[6010], 0},
+ {"brainpoolP224t1", "brainpoolP224t1", NID_brainpoolP224t1, 9,
+ &kObjectData[6019], 0},
+ {"brainpoolP256r1", "brainpoolP256r1", NID_brainpoolP256r1, 9,
+ &kObjectData[6028], 0},
+ {"brainpoolP256t1", "brainpoolP256t1", NID_brainpoolP256t1, 9,
+ &kObjectData[6037], 0},
+ {"brainpoolP320r1", "brainpoolP320r1", NID_brainpoolP320r1, 9,
+ &kObjectData[6046], 0},
+ {"brainpoolP320t1", "brainpoolP320t1", NID_brainpoolP320t1, 9,
+ &kObjectData[6055], 0},
+ {"brainpoolP384r1", "brainpoolP384r1", NID_brainpoolP384r1, 9,
+ &kObjectData[6064], 0},
+ {"brainpoolP384t1", "brainpoolP384t1", NID_brainpoolP384t1, 9,
+ &kObjectData[6073], 0},
+ {"brainpoolP512r1", "brainpoolP512r1", NID_brainpoolP512r1, 9,
+ &kObjectData[6082], 0},
+ {"brainpoolP512t1", "brainpoolP512t1", NID_brainpoolP512t1, 9,
+ &kObjectData[6091], 0},
+ {"PSPECIFIED", "pSpecified", NID_pSpecified, 9, &kObjectData[6100], 0},
+ {"dhSinglePass-stdDH-sha1kdf-scheme", "dhSinglePass-stdDH-sha1kdf-scheme",
+ NID_dhSinglePass_stdDH_sha1kdf_scheme, 9, &kObjectData[6109], 0},
+ {"dhSinglePass-stdDH-sha224kdf-scheme",
+ "dhSinglePass-stdDH-sha224kdf-scheme",
+ NID_dhSinglePass_stdDH_sha224kdf_scheme, 6, &kObjectData[6118], 0},
+ {"dhSinglePass-stdDH-sha256kdf-scheme",
+ "dhSinglePass-stdDH-sha256kdf-scheme",
+ NID_dhSinglePass_stdDH_sha256kdf_scheme, 6, &kObjectData[6124], 0},
+ {"dhSinglePass-stdDH-sha384kdf-scheme",
+ "dhSinglePass-stdDH-sha384kdf-scheme",
+ NID_dhSinglePass_stdDH_sha384kdf_scheme, 6, &kObjectData[6130], 0},
+ {"dhSinglePass-stdDH-sha512kdf-scheme",
+ "dhSinglePass-stdDH-sha512kdf-scheme",
+ NID_dhSinglePass_stdDH_sha512kdf_scheme, 6, &kObjectData[6136], 0},
+ {"dhSinglePass-cofactorDH-sha1kdf-scheme",
+ "dhSinglePass-cofactorDH-sha1kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha1kdf_scheme, 9, &kObjectData[6142], 0},
+ {"dhSinglePass-cofactorDH-sha224kdf-scheme",
+ "dhSinglePass-cofactorDH-sha224kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha224kdf_scheme, 6, &kObjectData[6151], 0},
+ {"dhSinglePass-cofactorDH-sha256kdf-scheme",
+ "dhSinglePass-cofactorDH-sha256kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha256kdf_scheme, 6, &kObjectData[6157], 0},
+ {"dhSinglePass-cofactorDH-sha384kdf-scheme",
+ "dhSinglePass-cofactorDH-sha384kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha384kdf_scheme, 6, &kObjectData[6163], 0},
+ {"dhSinglePass-cofactorDH-sha512kdf-scheme",
+ "dhSinglePass-cofactorDH-sha512kdf-scheme",
+ NID_dhSinglePass_cofactorDH_sha512kdf_scheme, 6, &kObjectData[6169], 0},
+ {"dh-std-kdf", "dh-std-kdf", NID_dh_std_kdf, 0, NULL, 0},
+ {"dh-cofactor-kdf", "dh-cofactor-kdf", NID_dh_cofactor_kdf, 0, NULL, 0},
+ {"X25519", "X25519", NID_X25519, 0, NULL, 0},
};
-static const unsigned int kNIDsInShortNameOrder[NUM_SN]={
-364, /* "AD_DVCS" */
-419, /* "AES-128-CBC" */
-916, /* "AES-128-CBC-HMAC-SHA1" */
-421, /* "AES-128-CFB" */
-650, /* "AES-128-CFB1" */
-653, /* "AES-128-CFB8" */
-904, /* "AES-128-CTR" */
-418, /* "AES-128-ECB" */
-420, /* "AES-128-OFB" */
-913, /* "AES-128-XTS" */
-423, /* "AES-192-CBC" */
-917, /* "AES-192-CBC-HMAC-SHA1" */
-425, /* "AES-192-CFB" */
-651, /* "AES-192-CFB1" */
-654, /* "AES-192-CFB8" */
-905, /* "AES-192-CTR" */
-422, /* "AES-192-ECB" */
-424, /* "AES-192-OFB" */
-427, /* "AES-256-CBC" */
-918, /* "AES-256-CBC-HMAC-SHA1" */
-429, /* "AES-256-CFB" */
-652, /* "AES-256-CFB1" */
-655, /* "AES-256-CFB8" */
-906, /* "AES-256-CTR" */
-426, /* "AES-256-ECB" */
-428, /* "AES-256-OFB" */
-914, /* "AES-256-XTS" */
-91, /* "BF-CBC" */
-93, /* "BF-CFB" */
-92, /* "BF-ECB" */
-94, /* "BF-OFB" */
-14, /* "C" */
-751, /* "CAMELLIA-128-CBC" */
-757, /* "CAMELLIA-128-CFB" */
-760, /* "CAMELLIA-128-CFB1" */
-763, /* "CAMELLIA-128-CFB8" */
-754, /* "CAMELLIA-128-ECB" */
-766, /* "CAMELLIA-128-OFB" */
-752, /* "CAMELLIA-192-CBC" */
-758, /* "CAMELLIA-192-CFB" */
-761, /* "CAMELLIA-192-CFB1" */
-764, /* "CAMELLIA-192-CFB8" */
-755, /* "CAMELLIA-192-ECB" */
-767, /* "CAMELLIA-192-OFB" */
-753, /* "CAMELLIA-256-CBC" */
-759, /* "CAMELLIA-256-CFB" */
-762, /* "CAMELLIA-256-CFB1" */
-765, /* "CAMELLIA-256-CFB8" */
-756, /* "CAMELLIA-256-ECB" */
-768, /* "CAMELLIA-256-OFB" */
-108, /* "CAST5-CBC" */
-110, /* "CAST5-CFB" */
-109, /* "CAST5-ECB" */
-111, /* "CAST5-OFB" */
-894, /* "CMAC" */
-13, /* "CN" */
-141, /* "CRLReason" */
-417, /* "CSPName" */
-367, /* "CrlID" */
-391, /* "DC" */
-31, /* "DES-CBC" */
-643, /* "DES-CDMF" */
-30, /* "DES-CFB" */
-656, /* "DES-CFB1" */
-657, /* "DES-CFB8" */
-29, /* "DES-ECB" */
-32, /* "DES-EDE" */
-43, /* "DES-EDE-CBC" */
-60, /* "DES-EDE-CFB" */
-62, /* "DES-EDE-OFB" */
-33, /* "DES-EDE3" */
-44, /* "DES-EDE3-CBC" */
-61, /* "DES-EDE3-CFB" */
-658, /* "DES-EDE3-CFB1" */
-659, /* "DES-EDE3-CFB8" */
-63, /* "DES-EDE3-OFB" */
-45, /* "DES-OFB" */
-80, /* "DESX-CBC" */
-380, /* "DOD" */
-116, /* "DSA" */
-66, /* "DSA-SHA" */
-113, /* "DSA-SHA1" */
-70, /* "DSA-SHA1-old" */
-67, /* "DSA-old" */
-297, /* "DVCS" */
-99, /* "GN" */
-855, /* "HMAC" */
-780, /* "HMAC-MD5" */
-781, /* "HMAC-SHA1" */
-381, /* "IANA" */
-34, /* "IDEA-CBC" */
-35, /* "IDEA-CFB" */
-36, /* "IDEA-ECB" */
-46, /* "IDEA-OFB" */
-181, /* "ISO" */
-183, /* "ISO-US" */
-645, /* "ITU-T" */
-646, /* "JOINT-ISO-ITU-T" */
-773, /* "KISA" */
-15, /* "L" */
-856, /* "LocalKeySet" */
- 3, /* "MD2" */
-257, /* "MD4" */
- 4, /* "MD5" */
-114, /* "MD5-SHA1" */
-95, /* "MDC2" */
-911, /* "MGF1" */
-388, /* "Mail" */
-393, /* "NULL" */
-404, /* "NULL" */
-57, /* "Netscape" */
-366, /* "Nonce" */
-17, /* "O" */
-178, /* "OCSP" */
-180, /* "OCSPSigning" */
-379, /* "ORG" */
-18, /* "OU" */
-749, /* "Oakley-EC2N-3" */
-750, /* "Oakley-EC2N-4" */
- 9, /* "PBE-MD2-DES" */
-168, /* "PBE-MD2-RC2-64" */
-10, /* "PBE-MD5-DES" */
-169, /* "PBE-MD5-RC2-64" */
-147, /* "PBE-SHA1-2DES" */
-146, /* "PBE-SHA1-3DES" */
-170, /* "PBE-SHA1-DES" */
-148, /* "PBE-SHA1-RC2-128" */
-149, /* "PBE-SHA1-RC2-40" */
-68, /* "PBE-SHA1-RC2-64" */
-144, /* "PBE-SHA1-RC4-128" */
-145, /* "PBE-SHA1-RC4-40" */
-161, /* "PBES2" */
-69, /* "PBKDF2" */
-162, /* "PBMAC1" */
-127, /* "PKIX" */
-935, /* "PSPECIFIED" */
-98, /* "RC2-40-CBC" */
-166, /* "RC2-64-CBC" */
-37, /* "RC2-CBC" */
-39, /* "RC2-CFB" */
-38, /* "RC2-ECB" */
-40, /* "RC2-OFB" */
- 5, /* "RC4" */
-97, /* "RC4-40" */
-915, /* "RC4-HMAC-MD5" */
-120, /* "RC5-CBC" */
-122, /* "RC5-CFB" */
-121, /* "RC5-ECB" */
-123, /* "RC5-OFB" */
-117, /* "RIPEMD160" */
-19, /* "RSA" */
- 7, /* "RSA-MD2" */
-396, /* "RSA-MD4" */
- 8, /* "RSA-MD5" */
-96, /* "RSA-MDC2" */
-104, /* "RSA-NP-MD5" */
-119, /* "RSA-RIPEMD160" */
-42, /* "RSA-SHA" */
-65, /* "RSA-SHA1" */
-115, /* "RSA-SHA1-2" */
-671, /* "RSA-SHA224" */
-668, /* "RSA-SHA256" */
-669, /* "RSA-SHA384" */
-670, /* "RSA-SHA512" */
-919, /* "RSAES-OAEP" */
-912, /* "RSASSA-PSS" */
-777, /* "SEED-CBC" */
-779, /* "SEED-CFB" */
-776, /* "SEED-ECB" */
-778, /* "SEED-OFB" */
-41, /* "SHA" */
-64, /* "SHA1" */
-675, /* "SHA224" */
-672, /* "SHA256" */
-673, /* "SHA384" */
-674, /* "SHA512" */
-188, /* "SMIME" */
-167, /* "SMIME-CAPS" */
-100, /* "SN" */
-16, /* "ST" */
-143, /* "SXNetID" */
-458, /* "UID" */
- 0, /* "UNDEF" */
-948, /* "X25519" */
-11, /* "X500" */
-378, /* "X500algorithms" */
-12, /* "X509" */
-184, /* "X9-57" */
-185, /* "X9cm" */
-125, /* "ZLIB" */
-478, /* "aRecord" */
-289, /* "aaControls" */
-287, /* "ac-auditEntity" */
-397, /* "ac-proxying" */
-288, /* "ac-targeting" */
-368, /* "acceptableResponses" */
-446, /* "account" */
-363, /* "ad_timestamping" */
-376, /* "algorithm" */
-405, /* "ansi-X9-62" */
-910, /* "anyExtendedKeyUsage" */
-746, /* "anyPolicy" */
-370, /* "archiveCutoff" */
-484, /* "associatedDomain" */
-485, /* "associatedName" */
-501, /* "audio" */
-177, /* "authorityInfoAccess" */
-90, /* "authorityKeyIdentifier" */
-882, /* "authorityRevocationList" */
-87, /* "basicConstraints" */
-365, /* "basicOCSPResponse" */
-285, /* "biometricInfo" */
-921, /* "brainpoolP160r1" */
-922, /* "brainpoolP160t1" */
-923, /* "brainpoolP192r1" */
-924, /* "brainpoolP192t1" */
-925, /* "brainpoolP224r1" */
-926, /* "brainpoolP224t1" */
-927, /* "brainpoolP256r1" */
-928, /* "brainpoolP256t1" */
-929, /* "brainpoolP320r1" */
-930, /* "brainpoolP320t1" */
-931, /* "brainpoolP384r1" */
-932, /* "brainpoolP384t1" */
-933, /* "brainpoolP512r1" */
-934, /* "brainpoolP512t1" */
-494, /* "buildingName" */
-860, /* "businessCategory" */
-691, /* "c2onb191v4" */
-692, /* "c2onb191v5" */
-697, /* "c2onb239v4" */
-698, /* "c2onb239v5" */
-684, /* "c2pnb163v1" */
-685, /* "c2pnb163v2" */
-686, /* "c2pnb163v3" */
-687, /* "c2pnb176v1" */
-693, /* "c2pnb208w1" */
-699, /* "c2pnb272w1" */
-700, /* "c2pnb304w1" */
-702, /* "c2pnb368w1" */
-688, /* "c2tnb191v1" */
-689, /* "c2tnb191v2" */
-690, /* "c2tnb191v3" */
-694, /* "c2tnb239v1" */
-695, /* "c2tnb239v2" */
-696, /* "c2tnb239v3" */
-701, /* "c2tnb359v1" */
-703, /* "c2tnb431r1" */
-881, /* "cACertificate" */
-483, /* "cNAMERecord" */
-179, /* "caIssuers" */
-785, /* "caRepository" */
-443, /* "caseIgnoreIA5StringSyntax" */
-152, /* "certBag" */
-677, /* "certicom-arc" */
-771, /* "certificateIssuer" */
-89, /* "certificatePolicies" */
-883, /* "certificateRevocationList" */
-54, /* "challengePassword" */
-407, /* "characteristic-two-field" */
-395, /* "clearance" */
-130, /* "clientAuth" */
-131, /* "codeSigning" */
-50, /* "contentType" */
-53, /* "countersignature" */
-153, /* "crlBag" */
-103, /* "crlDistributionPoints" */
-88, /* "crlNumber" */
-884, /* "crossCertificatePair" */
-806, /* "cryptocom" */
-805, /* "cryptopro" */
-500, /* "dITRedirect" */
-451, /* "dNSDomain" */
-495, /* "dSAQuality" */
-434, /* "data" */
-390, /* "dcobject" */
-140, /* "deltaCRL" */
-891, /* "deltaRevocationList" */
-107, /* "description" */
-871, /* "destinationIndicator" */
-947, /* "dh-cofactor-kdf" */
-946, /* "dh-std-kdf" */
-28, /* "dhKeyAgreement" */
-941, /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942, /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943, /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944, /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945, /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936, /* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937, /* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938, /* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939, /* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940, /* "dhSinglePass-stdDH-sha512kdf-scheme" */
-920, /* "dhpublicnumber" */
-382, /* "directory" */
-887, /* "distinguishedName" */
-892, /* "dmdName" */
-174, /* "dnQualifier" */
-447, /* "document" */
-471, /* "documentAuthor" */
-468, /* "documentIdentifier" */
-472, /* "documentLocation" */
-502, /* "documentPublisher" */
-449, /* "documentSeries" */
-469, /* "documentTitle" */
-470, /* "documentVersion" */
-392, /* "domain" */
-452, /* "domainRelatedObject" */
-802, /* "dsa_with_SHA224" */
-803, /* "dsa_with_SHA256" */
-791, /* "ecdsa-with-Recommended" */
-416, /* "ecdsa-with-SHA1" */
-793, /* "ecdsa-with-SHA224" */
-794, /* "ecdsa-with-SHA256" */
-795, /* "ecdsa-with-SHA384" */
-796, /* "ecdsa-with-SHA512" */
-792, /* "ecdsa-with-Specified" */
-48, /* "emailAddress" */
-132, /* "emailProtection" */
-885, /* "enhancedSearchGuide" */
-389, /* "enterprises" */
-384, /* "experimental" */
-172, /* "extReq" */
-56, /* "extendedCertificateAttributes" */
-126, /* "extendedKeyUsage" */
-372, /* "extendedStatus" */
-867, /* "facsimileTelephoneNumber" */
-462, /* "favouriteDrink" */
-857, /* "freshestCRL" */
-453, /* "friendlyCountry" */
-490, /* "friendlyCountryName" */
-156, /* "friendlyName" */
-509, /* "generationQualifier" */
-815, /* "gost-mac" */
-811, /* "gost2001" */
-851, /* "gost2001cc" */
-813, /* "gost89" */
-814, /* "gost89-cnt" */
-812, /* "gost94" */
-850, /* "gost94cc" */
-797, /* "hmacWithMD5" */
-163, /* "hmacWithSHA1" */
-798, /* "hmacWithSHA224" */
-799, /* "hmacWithSHA256" */
-800, /* "hmacWithSHA384" */
-801, /* "hmacWithSHA512" */
-432, /* "holdInstructionCallIssuer" */
-430, /* "holdInstructionCode" */
-431, /* "holdInstructionNone" */
-433, /* "holdInstructionReject" */
-486, /* "homePostalAddress" */
-473, /* "homeTelephoneNumber" */
-466, /* "host" */
-889, /* "houseIdentifier" */
-442, /* "iA5StringSyntax" */
-783, /* "id-DHBasedMac" */
-824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820, /* "id-Gost28147-89-None-KeyMeshing" */
-823, /* "id-Gost28147-89-TestParamSet" */
-849, /* "id-Gost28147-89-cc" */
-840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-854, /* "id-GostR3410-2001-ParamSet-cc" */
-839, /* "id-GostR3410-2001-TestParamSet" */
-817, /* "id-GostR3410-2001DH" */
-832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831, /* "id-GostR3410-94-TestParamSet" */
-845, /* "id-GostR3410-94-a" */
-846, /* "id-GostR3410-94-aBis" */
-847, /* "id-GostR3410-94-b" */
-848, /* "id-GostR3410-94-bBis" */
-818, /* "id-GostR3410-94DH" */
-822, /* "id-GostR3411-94-CryptoProParamSet" */
-821, /* "id-GostR3411-94-TestParamSet" */
-807, /* "id-GostR3411-94-with-GostR3410-2001" */
-853, /* "id-GostR3411-94-with-GostR3410-2001-cc" */
-808, /* "id-GostR3411-94-with-GostR3410-94" */
-852, /* "id-GostR3411-94-with-GostR3410-94-cc" */
-810, /* "id-HMACGostR3411-94" */
-782, /* "id-PasswordBasedMAC" */
-266, /* "id-aca" */
-355, /* "id-aca-accessIdentity" */
-354, /* "id-aca-authenticationInfo" */
-356, /* "id-aca-chargingIdentity" */
-399, /* "id-aca-encAttrs" */
-357, /* "id-aca-group" */
-358, /* "id-aca-role" */
-176, /* "id-ad" */
-896, /* "id-aes128-CCM" */
-895, /* "id-aes128-GCM" */
-788, /* "id-aes128-wrap" */
-897, /* "id-aes128-wrap-pad" */
-899, /* "id-aes192-CCM" */
-898, /* "id-aes192-GCM" */
-789, /* "id-aes192-wrap" */
-900, /* "id-aes192-wrap-pad" */
-902, /* "id-aes256-CCM" */
-901, /* "id-aes256-GCM" */
-790, /* "id-aes256-wrap" */
-903, /* "id-aes256-wrap-pad" */
-262, /* "id-alg" */
-893, /* "id-alg-PWRI-KEK" */
-323, /* "id-alg-des40" */
-326, /* "id-alg-dh-pop" */
-325, /* "id-alg-dh-sig-hmac-sha1" */
-324, /* "id-alg-noSignature" */
-907, /* "id-camellia128-wrap" */
-908, /* "id-camellia192-wrap" */
-909, /* "id-camellia256-wrap" */
-268, /* "id-cct" */
-361, /* "id-cct-PKIData" */
-362, /* "id-cct-PKIResponse" */
-360, /* "id-cct-crs" */
-81, /* "id-ce" */
-680, /* "id-characteristic-two-basis" */
-263, /* "id-cmc" */
-334, /* "id-cmc-addExtensions" */
-346, /* "id-cmc-confirmCertAcceptance" */
-330, /* "id-cmc-dataReturn" */
-336, /* "id-cmc-decryptedPOP" */
-335, /* "id-cmc-encryptedPOP" */
-339, /* "id-cmc-getCRL" */
-338, /* "id-cmc-getCert" */
-328, /* "id-cmc-identification" */
-329, /* "id-cmc-identityProof" */
-337, /* "id-cmc-lraPOPWitness" */
-344, /* "id-cmc-popLinkRandom" */
-345, /* "id-cmc-popLinkWitness" */
-343, /* "id-cmc-queryPending" */
-333, /* "id-cmc-recipientNonce" */
-341, /* "id-cmc-regInfo" */
-342, /* "id-cmc-responseInfo" */
-340, /* "id-cmc-revokeRequest" */
-332, /* "id-cmc-senderNonce" */
-327, /* "id-cmc-statusInfo" */
-331, /* "id-cmc-transactionId" */
-787, /* "id-ct-asciiTextWithCRLF" */
-408, /* "id-ecPublicKey" */
-508, /* "id-hex-multipart-message" */
-507, /* "id-hex-partial-message" */
-260, /* "id-it" */
-302, /* "id-it-caKeyUpdateInfo" */
-298, /* "id-it-caProtEncCert" */
-311, /* "id-it-confirmWaitTime" */
-303, /* "id-it-currentCRL" */
-300, /* "id-it-encKeyPairTypes" */
-310, /* "id-it-implicitConfirm" */
-308, /* "id-it-keyPairParamRep" */
-307, /* "id-it-keyPairParamReq" */
-312, /* "id-it-origPKIMessage" */
-301, /* "id-it-preferredSymmAlg" */
-309, /* "id-it-revPassphrase" */
-299, /* "id-it-signKeyPairTypes" */
-305, /* "id-it-subscriptionRequest" */
-306, /* "id-it-subscriptionResponse" */
-784, /* "id-it-suppLangTags" */
-304, /* "id-it-unsupportedOIDs" */
-128, /* "id-kp" */
-280, /* "id-mod-attribute-cert" */
-274, /* "id-mod-cmc" */
-277, /* "id-mod-cmp" */
-284, /* "id-mod-cmp2000" */
-273, /* "id-mod-crmf" */
-283, /* "id-mod-dvcs" */
-275, /* "id-mod-kea-profile-88" */
-276, /* "id-mod-kea-profile-93" */
-282, /* "id-mod-ocsp" */
-278, /* "id-mod-qualified-cert-88" */
-279, /* "id-mod-qualified-cert-93" */
-281, /* "id-mod-timestamp-protocol" */
-264, /* "id-on" */
-858, /* "id-on-permanentIdentifier" */
-347, /* "id-on-personalData" */
-265, /* "id-pda" */
-352, /* "id-pda-countryOfCitizenship" */
-353, /* "id-pda-countryOfResidence" */
-348, /* "id-pda-dateOfBirth" */
-351, /* "id-pda-gender" */
-349, /* "id-pda-placeOfBirth" */
-175, /* "id-pe" */
-261, /* "id-pkip" */
-258, /* "id-pkix-mod" */
-269, /* "id-pkix1-explicit-88" */
-271, /* "id-pkix1-explicit-93" */
-270, /* "id-pkix1-implicit-88" */
-272, /* "id-pkix1-implicit-93" */
-662, /* "id-ppl" */
-664, /* "id-ppl-anyLanguage" */
-667, /* "id-ppl-independent" */
-665, /* "id-ppl-inheritAll" */
-267, /* "id-qcs" */
-359, /* "id-qcs-pkixQCSyntax-v1" */
-259, /* "id-qt" */
-164, /* "id-qt-cps" */
-165, /* "id-qt-unotice" */
-313, /* "id-regCtrl" */
-316, /* "id-regCtrl-authenticator" */
-319, /* "id-regCtrl-oldCertID" */
-318, /* "id-regCtrl-pkiArchiveOptions" */
-317, /* "id-regCtrl-pkiPublicationInfo" */
-320, /* "id-regCtrl-protocolEncrKey" */
-315, /* "id-regCtrl-regToken" */
-314, /* "id-regInfo" */
-322, /* "id-regInfo-certReq" */
-321, /* "id-regInfo-utf8Pairs" */
-512, /* "id-set" */
-191, /* "id-smime-aa" */
-215, /* "id-smime-aa-contentHint" */
-218, /* "id-smime-aa-contentIdentifier" */
-221, /* "id-smime-aa-contentReference" */
-240, /* "id-smime-aa-dvcs-dvc" */
-217, /* "id-smime-aa-encapContentType" */
-222, /* "id-smime-aa-encrypKeyPref" */
-220, /* "id-smime-aa-equivalentLabels" */
-232, /* "id-smime-aa-ets-CertificateRefs" */
-233, /* "id-smime-aa-ets-RevocationRefs" */
-238, /* "id-smime-aa-ets-archiveTimeStamp" */
-237, /* "id-smime-aa-ets-certCRLTimestamp" */
-234, /* "id-smime-aa-ets-certValues" */
-227, /* "id-smime-aa-ets-commitmentType" */
-231, /* "id-smime-aa-ets-contentTimestamp" */
-236, /* "id-smime-aa-ets-escTimeStamp" */
-230, /* "id-smime-aa-ets-otherSigCert" */
-235, /* "id-smime-aa-ets-revocationValues" */
-226, /* "id-smime-aa-ets-sigPolicyId" */
-229, /* "id-smime-aa-ets-signerAttr" */
-228, /* "id-smime-aa-ets-signerLocation" */
-219, /* "id-smime-aa-macValue" */
-214, /* "id-smime-aa-mlExpandHistory" */
-216, /* "id-smime-aa-msgSigDigest" */
-212, /* "id-smime-aa-receiptRequest" */
-213, /* "id-smime-aa-securityLabel" */
-239, /* "id-smime-aa-signatureType" */
-223, /* "id-smime-aa-signingCertificate" */
-224, /* "id-smime-aa-smimeEncryptCerts" */
-225, /* "id-smime-aa-timeStampToken" */
-192, /* "id-smime-alg" */
-243, /* "id-smime-alg-3DESwrap" */
-246, /* "id-smime-alg-CMS3DESwrap" */
-247, /* "id-smime-alg-CMSRC2wrap" */
-245, /* "id-smime-alg-ESDH" */
-241, /* "id-smime-alg-ESDHwith3DES" */
-242, /* "id-smime-alg-ESDHwithRC2" */
-244, /* "id-smime-alg-RC2wrap" */
-193, /* "id-smime-cd" */
-248, /* "id-smime-cd-ldap" */
-190, /* "id-smime-ct" */
-210, /* "id-smime-ct-DVCSRequestData" */
-211, /* "id-smime-ct-DVCSResponseData" */
-208, /* "id-smime-ct-TDTInfo" */
-207, /* "id-smime-ct-TSTInfo" */
-205, /* "id-smime-ct-authData" */
-786, /* "id-smime-ct-compressedData" */
-209, /* "id-smime-ct-contentInfo" */
-206, /* "id-smime-ct-publishCert" */
-204, /* "id-smime-ct-receipt" */
-195, /* "id-smime-cti" */
-255, /* "id-smime-cti-ets-proofOfApproval" */
-256, /* "id-smime-cti-ets-proofOfCreation" */
-253, /* "id-smime-cti-ets-proofOfDelivery" */
-251, /* "id-smime-cti-ets-proofOfOrigin" */
-252, /* "id-smime-cti-ets-proofOfReceipt" */
-254, /* "id-smime-cti-ets-proofOfSender" */
-189, /* "id-smime-mod" */
-196, /* "id-smime-mod-cms" */
-197, /* "id-smime-mod-ess" */
-202, /* "id-smime-mod-ets-eSigPolicy-88" */
-203, /* "id-smime-mod-ets-eSigPolicy-97" */
-200, /* "id-smime-mod-ets-eSignature-88" */
-201, /* "id-smime-mod-ets-eSignature-97" */
-199, /* "id-smime-mod-msg-v3" */
-198, /* "id-smime-mod-oid" */
-194, /* "id-smime-spq" */
-250, /* "id-smime-spq-ets-sqt-unotice" */
-249, /* "id-smime-spq-ets-sqt-uri" */
-676, /* "identified-organization" */
-461, /* "info" */
-748, /* "inhibitAnyPolicy" */
-101, /* "initials" */
-647, /* "international-organizations" */
-869, /* "internationaliSDNNumber" */
-142, /* "invalidityDate" */
-294, /* "ipsecEndSystem" */
-295, /* "ipsecTunnel" */
-296, /* "ipsecUser" */
-86, /* "issuerAltName" */
-770, /* "issuingDistributionPoint" */
-492, /* "janetMailbox" */
-150, /* "keyBag" */
-83, /* "keyUsage" */
-477, /* "lastModifiedBy" */
-476, /* "lastModifiedTime" */
-157, /* "localKeyID" */
-480, /* "mXRecord" */
-460, /* "mail" */
-493, /* "mailPreferenceOption" */
-467, /* "manager" */
-809, /* "md_gost94" */
-875, /* "member" */
-182, /* "member-body" */
-51, /* "messageDigest" */
-383, /* "mgmt" */
-504, /* "mime-mhs" */
-506, /* "mime-mhs-bodies" */
-505, /* "mime-mhs-headings" */
-488, /* "mobileTelephoneNumber" */
-136, /* "msCTLSign" */
-135, /* "msCodeCom" */
-134, /* "msCodeInd" */
-138, /* "msEFS" */
-171, /* "msExtReq" */
-137, /* "msSGC" */
-648, /* "msSmartcardLogin" */
-649, /* "msUPN" */
-481, /* "nSRecord" */
-173, /* "name" */
-666, /* "nameConstraints" */
-369, /* "noCheck" */
-403, /* "noRevAvail" */
-72, /* "nsBaseUrl" */
-76, /* "nsCaPolicyUrl" */
-74, /* "nsCaRevocationUrl" */
-58, /* "nsCertExt" */
-79, /* "nsCertSequence" */
-71, /* "nsCertType" */
-78, /* "nsComment" */
-59, /* "nsDataType" */
-75, /* "nsRenewalUrl" */
-73, /* "nsRevocationUrl" */
-139, /* "nsSGC" */
-77, /* "nsSslServerName" */
-681, /* "onBasis" */
-491, /* "organizationalStatus" */
-475, /* "otherMailbox" */
-876, /* "owner" */
-489, /* "pagerTelephoneNumber" */
-374, /* "path" */
-112, /* "pbeWithMD5AndCast5CBC" */
-499, /* "personalSignature" */
-487, /* "personalTitle" */
-464, /* "photo" */
-863, /* "physicalDeliveryOfficeName" */
-437, /* "pilot" */
-439, /* "pilotAttributeSyntax" */
-438, /* "pilotAttributeType" */
-479, /* "pilotAttributeType27" */
-456, /* "pilotDSA" */
-441, /* "pilotGroups" */
-444, /* "pilotObject" */
-440, /* "pilotObjectClass" */
-455, /* "pilotOrganization" */
-445, /* "pilotPerson" */
- 2, /* "pkcs" */
-186, /* "pkcs1" */
-27, /* "pkcs3" */
-187, /* "pkcs5" */
-20, /* "pkcs7" */
-21, /* "pkcs7-data" */
-25, /* "pkcs7-digestData" */
-26, /* "pkcs7-encryptedData" */
-23, /* "pkcs7-envelopedData" */
-24, /* "pkcs7-signedAndEnvelopedData" */
-22, /* "pkcs7-signedData" */
-151, /* "pkcs8ShroudedKeyBag" */
-47, /* "pkcs9" */
-401, /* "policyConstraints" */
-747, /* "policyMappings" */
-862, /* "postOfficeBox" */
-861, /* "postalAddress" */
-661, /* "postalCode" */
-683, /* "ppBasis" */
-872, /* "preferredDeliveryMethod" */
-873, /* "presentationAddress" */
-816, /* "prf-gostr3411-94" */
-406, /* "prime-field" */
-409, /* "prime192v1" */
-410, /* "prime192v2" */
-411, /* "prime192v3" */
-412, /* "prime239v1" */
-413, /* "prime239v2" */
-414, /* "prime239v3" */
-415, /* "prime256v1" */
-385, /* "private" */
-84, /* "privateKeyUsagePeriod" */
-886, /* "protocolInformation" */
-663, /* "proxyCertInfo" */
-510, /* "pseudonym" */
-435, /* "pss" */
-286, /* "qcStatements" */
-457, /* "qualityLabelledData" */
-450, /* "rFC822localPart" */
-870, /* "registeredAddress" */
-400, /* "role" */
-877, /* "roleOccupant" */
-448, /* "room" */
-463, /* "roomNumber" */
- 6, /* "rsaEncryption" */
-644, /* "rsaOAEPEncryptionSET" */
-377, /* "rsaSignature" */
- 1, /* "rsadsi" */
-482, /* "sOARecord" */
-155, /* "safeContentsBag" */
-291, /* "sbgp-autonomousSysNum" */
-290, /* "sbgp-ipAddrBlock" */
-292, /* "sbgp-routerIdentifier" */
-159, /* "sdsiCertificate" */
-859, /* "searchGuide" */
-704, /* "secp112r1" */
-705, /* "secp112r2" */
-706, /* "secp128r1" */
-707, /* "secp128r2" */
-708, /* "secp160k1" */
-709, /* "secp160r1" */
-710, /* "secp160r2" */
-711, /* "secp192k1" */
-712, /* "secp224k1" */
-713, /* "secp224r1" */
-714, /* "secp256k1" */
-715, /* "secp384r1" */
-716, /* "secp521r1" */
-154, /* "secretBag" */
-474, /* "secretary" */
-717, /* "sect113r1" */
-718, /* "sect113r2" */
-719, /* "sect131r1" */
-720, /* "sect131r2" */
-721, /* "sect163k1" */
-722, /* "sect163r1" */
-723, /* "sect163r2" */
-724, /* "sect193r1" */
-725, /* "sect193r2" */
-726, /* "sect233k1" */
-727, /* "sect233r1" */
-728, /* "sect239k1" */
-729, /* "sect283k1" */
-730, /* "sect283r1" */
-731, /* "sect409k1" */
-732, /* "sect409r1" */
-733, /* "sect571k1" */
-734, /* "sect571r1" */
-386, /* "security" */
-878, /* "seeAlso" */
-394, /* "selected-attribute-types" */
-105, /* "serialNumber" */
-129, /* "serverAuth" */
-371, /* "serviceLocator" */
-625, /* "set-addPolicy" */
-515, /* "set-attr" */
-518, /* "set-brand" */
-638, /* "set-brand-AmericanExpress" */
-637, /* "set-brand-Diners" */
-636, /* "set-brand-IATA-ATA" */
-639, /* "set-brand-JCB" */
-641, /* "set-brand-MasterCard" */
-642, /* "set-brand-Novus" */
-640, /* "set-brand-Visa" */
-517, /* "set-certExt" */
-513, /* "set-ctype" */
-514, /* "set-msgExt" */
-516, /* "set-policy" */
-607, /* "set-policy-root" */
-624, /* "set-rootKeyThumb" */
-620, /* "setAttr-Cert" */
-631, /* "setAttr-GenCryptgrm" */
-623, /* "setAttr-IssCap" */
-628, /* "setAttr-IssCap-CVM" */
-630, /* "setAttr-IssCap-Sig" */
-629, /* "setAttr-IssCap-T2" */
-621, /* "setAttr-PGWYcap" */
-635, /* "setAttr-SecDevSig" */
-632, /* "setAttr-T2Enc" */
-633, /* "setAttr-T2cleartxt" */
-634, /* "setAttr-TokICCsig" */
-627, /* "setAttr-Token-B0Prime" */
-626, /* "setAttr-Token-EMV" */
-622, /* "setAttr-TokenType" */
-619, /* "setCext-IssuerCapabilities" */
-615, /* "setCext-PGWYcapabilities" */
-616, /* "setCext-TokenIdentifier" */
-618, /* "setCext-TokenType" */
-617, /* "setCext-Track2Data" */
-611, /* "setCext-cCertRequired" */
-609, /* "setCext-certType" */
-608, /* "setCext-hashedRoot" */
-610, /* "setCext-merchData" */
-613, /* "setCext-setExt" */
-614, /* "setCext-setQualf" */
-612, /* "setCext-tunneling" */
-540, /* "setct-AcqCardCodeMsg" */
-576, /* "setct-AcqCardCodeMsgTBE" */
-570, /* "setct-AuthReqTBE" */
-534, /* "setct-AuthReqTBS" */
-527, /* "setct-AuthResBaggage" */
-571, /* "setct-AuthResTBE" */
-572, /* "setct-AuthResTBEX" */
-535, /* "setct-AuthResTBS" */
-536, /* "setct-AuthResTBSX" */
-528, /* "setct-AuthRevReqBaggage" */
-577, /* "setct-AuthRevReqTBE" */
-541, /* "setct-AuthRevReqTBS" */
-529, /* "setct-AuthRevResBaggage" */
-542, /* "setct-AuthRevResData" */
-578, /* "setct-AuthRevResTBE" */
-579, /* "setct-AuthRevResTBEB" */
-543, /* "setct-AuthRevResTBS" */
-573, /* "setct-AuthTokenTBE" */
-537, /* "setct-AuthTokenTBS" */
-600, /* "setct-BCIDistributionTBS" */
-558, /* "setct-BatchAdminReqData" */
-592, /* "setct-BatchAdminReqTBE" */
-559, /* "setct-BatchAdminResData" */
-593, /* "setct-BatchAdminResTBE" */
-599, /* "setct-CRLNotificationResTBS" */
-598, /* "setct-CRLNotificationTBS" */
-580, /* "setct-CapReqTBE" */
-581, /* "setct-CapReqTBEX" */
-544, /* "setct-CapReqTBS" */
-545, /* "setct-CapReqTBSX" */
-546, /* "setct-CapResData" */
-582, /* "setct-CapResTBE" */
-583, /* "setct-CapRevReqTBE" */
-584, /* "setct-CapRevReqTBEX" */
-547, /* "setct-CapRevReqTBS" */
-548, /* "setct-CapRevReqTBSX" */
-549, /* "setct-CapRevResData" */
-585, /* "setct-CapRevResTBE" */
-538, /* "setct-CapTokenData" */
-530, /* "setct-CapTokenSeq" */
-574, /* "setct-CapTokenTBE" */
-575, /* "setct-CapTokenTBEX" */
-539, /* "setct-CapTokenTBS" */
-560, /* "setct-CardCInitResTBS" */
-566, /* "setct-CertInqReqTBS" */
-563, /* "setct-CertReqData" */
-595, /* "setct-CertReqTBE" */
-596, /* "setct-CertReqTBEX" */
-564, /* "setct-CertReqTBS" */
-565, /* "setct-CertResData" */
-597, /* "setct-CertResTBE" */
-586, /* "setct-CredReqTBE" */
-587, /* "setct-CredReqTBEX" */
-550, /* "setct-CredReqTBS" */
-551, /* "setct-CredReqTBSX" */
-552, /* "setct-CredResData" */
-588, /* "setct-CredResTBE" */
-589, /* "setct-CredRevReqTBE" */
-590, /* "setct-CredRevReqTBEX" */
-553, /* "setct-CredRevReqTBS" */
-554, /* "setct-CredRevReqTBSX" */
-555, /* "setct-CredRevResData" */
-591, /* "setct-CredRevResTBE" */
-567, /* "setct-ErrorTBS" */
-526, /* "setct-HODInput" */
-561, /* "setct-MeAqCInitResTBS" */
-522, /* "setct-OIData" */
-519, /* "setct-PANData" */
-521, /* "setct-PANOnly" */
-520, /* "setct-PANToken" */
-556, /* "setct-PCertReqData" */
-557, /* "setct-PCertResTBS" */
-523, /* "setct-PI" */
-532, /* "setct-PI-TBS" */
-524, /* "setct-PIData" */
-525, /* "setct-PIDataUnsigned" */
-568, /* "setct-PIDualSignedTBE" */
-569, /* "setct-PIUnsignedTBE" */
-531, /* "setct-PInitResData" */
-533, /* "setct-PResData" */
-594, /* "setct-RegFormReqTBE" */
-562, /* "setct-RegFormResTBS" */
-606, /* "setext-cv" */
-601, /* "setext-genCrypt" */
-602, /* "setext-miAuth" */
-604, /* "setext-pinAny" */
-603, /* "setext-pinSecure" */
-605, /* "setext-track2" */
-52, /* "signingTime" */
-454, /* "simpleSecurityObject" */
-496, /* "singleLevelQuality" */
-387, /* "snmpv2" */
-660, /* "street" */
-85, /* "subjectAltName" */
-769, /* "subjectDirectoryAttributes" */
-398, /* "subjectInfoAccess" */
-82, /* "subjectKeyIdentifier" */
-498, /* "subtreeMaximumQuality" */
-497, /* "subtreeMinimumQuality" */
-890, /* "supportedAlgorithms" */
-874, /* "supportedApplicationContext" */
-402, /* "targetInformation" */
-864, /* "telephoneNumber" */
-866, /* "teletexTerminalIdentifier" */
-865, /* "telexNumber" */
-459, /* "textEncodedORAddress" */
-293, /* "textNotice" */
-133, /* "timeStamping" */
-106, /* "title" */
-682, /* "tpBasis" */
-375, /* "trustRoot" */
-436, /* "ucl" */
-888, /* "uniqueMember" */
-55, /* "unstructuredAddress" */
-49, /* "unstructuredName" */
-880, /* "userCertificate" */
-465, /* "userClass" */
-879, /* "userPassword" */
-373, /* "valid" */
-678, /* "wap" */
-679, /* "wap-wsg" */
-735, /* "wap-wsg-idm-ecid-wtls1" */
-743, /* "wap-wsg-idm-ecid-wtls10" */
-744, /* "wap-wsg-idm-ecid-wtls11" */
-745, /* "wap-wsg-idm-ecid-wtls12" */
-736, /* "wap-wsg-idm-ecid-wtls3" */
-737, /* "wap-wsg-idm-ecid-wtls4" */
-738, /* "wap-wsg-idm-ecid-wtls5" */
-739, /* "wap-wsg-idm-ecid-wtls6" */
-740, /* "wap-wsg-idm-ecid-wtls7" */
-741, /* "wap-wsg-idm-ecid-wtls8" */
-742, /* "wap-wsg-idm-ecid-wtls9" */
-804, /* "whirlpool" */
-868, /* "x121Address" */
-503, /* "x500UniqueIdentifier" */
-158, /* "x509Certificate" */
-160, /* "x509Crl" */
+static const unsigned kNIDsInShortNameOrder[] = {
+ 364 /* AD_DVCS */,
+ 419 /* AES-128-CBC */,
+ 916 /* AES-128-CBC-HMAC-SHA1 */,
+ 421 /* AES-128-CFB */,
+ 650 /* AES-128-CFB1 */,
+ 653 /* AES-128-CFB8 */,
+ 904 /* AES-128-CTR */,
+ 418 /* AES-128-ECB */,
+ 420 /* AES-128-OFB */,
+ 913 /* AES-128-XTS */,
+ 423 /* AES-192-CBC */,
+ 917 /* AES-192-CBC-HMAC-SHA1 */,
+ 425 /* AES-192-CFB */,
+ 651 /* AES-192-CFB1 */,
+ 654 /* AES-192-CFB8 */,
+ 905 /* AES-192-CTR */,
+ 422 /* AES-192-ECB */,
+ 424 /* AES-192-OFB */,
+ 427 /* AES-256-CBC */,
+ 918 /* AES-256-CBC-HMAC-SHA1 */,
+ 429 /* AES-256-CFB */,
+ 652 /* AES-256-CFB1 */,
+ 655 /* AES-256-CFB8 */,
+ 906 /* AES-256-CTR */,
+ 426 /* AES-256-ECB */,
+ 428 /* AES-256-OFB */,
+ 914 /* AES-256-XTS */,
+ 91 /* BF-CBC */,
+ 93 /* BF-CFB */,
+ 92 /* BF-ECB */,
+ 94 /* BF-OFB */,
+ 14 /* C */,
+ 751 /* CAMELLIA-128-CBC */,
+ 757 /* CAMELLIA-128-CFB */,
+ 760 /* CAMELLIA-128-CFB1 */,
+ 763 /* CAMELLIA-128-CFB8 */,
+ 754 /* CAMELLIA-128-ECB */,
+ 766 /* CAMELLIA-128-OFB */,
+ 752 /* CAMELLIA-192-CBC */,
+ 758 /* CAMELLIA-192-CFB */,
+ 761 /* CAMELLIA-192-CFB1 */,
+ 764 /* CAMELLIA-192-CFB8 */,
+ 755 /* CAMELLIA-192-ECB */,
+ 767 /* CAMELLIA-192-OFB */,
+ 753 /* CAMELLIA-256-CBC */,
+ 759 /* CAMELLIA-256-CFB */,
+ 762 /* CAMELLIA-256-CFB1 */,
+ 765 /* CAMELLIA-256-CFB8 */,
+ 756 /* CAMELLIA-256-ECB */,
+ 768 /* CAMELLIA-256-OFB */,
+ 108 /* CAST5-CBC */,
+ 110 /* CAST5-CFB */,
+ 109 /* CAST5-ECB */,
+ 111 /* CAST5-OFB */,
+ 894 /* CMAC */,
+ 13 /* CN */,
+ 141 /* CRLReason */,
+ 417 /* CSPName */,
+ 367 /* CrlID */,
+ 391 /* DC */,
+ 31 /* DES-CBC */,
+ 643 /* DES-CDMF */,
+ 30 /* DES-CFB */,
+ 656 /* DES-CFB1 */,
+ 657 /* DES-CFB8 */,
+ 29 /* DES-ECB */,
+ 32 /* DES-EDE */,
+ 43 /* DES-EDE-CBC */,
+ 60 /* DES-EDE-CFB */,
+ 62 /* DES-EDE-OFB */,
+ 33 /* DES-EDE3 */,
+ 44 /* DES-EDE3-CBC */,
+ 61 /* DES-EDE3-CFB */,
+ 658 /* DES-EDE3-CFB1 */,
+ 659 /* DES-EDE3-CFB8 */,
+ 63 /* DES-EDE3-OFB */,
+ 45 /* DES-OFB */,
+ 80 /* DESX-CBC */,
+ 380 /* DOD */,
+ 116 /* DSA */,
+ 66 /* DSA-SHA */,
+ 113 /* DSA-SHA1 */,
+ 70 /* DSA-SHA1-old */,
+ 67 /* DSA-old */,
+ 297 /* DVCS */,
+ 99 /* GN */,
+ 855 /* HMAC */,
+ 780 /* HMAC-MD5 */,
+ 781 /* HMAC-SHA1 */,
+ 381 /* IANA */,
+ 34 /* IDEA-CBC */,
+ 35 /* IDEA-CFB */,
+ 36 /* IDEA-ECB */,
+ 46 /* IDEA-OFB */,
+ 181 /* ISO */,
+ 183 /* ISO-US */,
+ 645 /* ITU-T */,
+ 646 /* JOINT-ISO-ITU-T */,
+ 773 /* KISA */,
+ 15 /* L */,
+ 856 /* LocalKeySet */,
+ 3 /* MD2 */,
+ 257 /* MD4 */,
+ 4 /* MD5 */,
+ 114 /* MD5-SHA1 */,
+ 95 /* MDC2 */,
+ 911 /* MGF1 */,
+ 388 /* Mail */,
+ 57 /* Netscape */,
+ 366 /* Nonce */,
+ 17 /* O */,
+ 178 /* OCSP */,
+ 180 /* OCSPSigning */,
+ 379 /* ORG */,
+ 18 /* OU */,
+ 749 /* Oakley-EC2N-3 */,
+ 750 /* Oakley-EC2N-4 */,
+ 9 /* PBE-MD2-DES */,
+ 168 /* PBE-MD2-RC2-64 */,
+ 10 /* PBE-MD5-DES */,
+ 169 /* PBE-MD5-RC2-64 */,
+ 147 /* PBE-SHA1-2DES */,
+ 146 /* PBE-SHA1-3DES */,
+ 170 /* PBE-SHA1-DES */,
+ 148 /* PBE-SHA1-RC2-128 */,
+ 149 /* PBE-SHA1-RC2-40 */,
+ 68 /* PBE-SHA1-RC2-64 */,
+ 144 /* PBE-SHA1-RC4-128 */,
+ 145 /* PBE-SHA1-RC4-40 */,
+ 161 /* PBES2 */,
+ 69 /* PBKDF2 */,
+ 162 /* PBMAC1 */,
+ 127 /* PKIX */,
+ 935 /* PSPECIFIED */,
+ 98 /* RC2-40-CBC */,
+ 166 /* RC2-64-CBC */,
+ 37 /* RC2-CBC */,
+ 39 /* RC2-CFB */,
+ 38 /* RC2-ECB */,
+ 40 /* RC2-OFB */,
+ 5 /* RC4 */,
+ 97 /* RC4-40 */,
+ 915 /* RC4-HMAC-MD5 */,
+ 120 /* RC5-CBC */,
+ 122 /* RC5-CFB */,
+ 121 /* RC5-ECB */,
+ 123 /* RC5-OFB */,
+ 117 /* RIPEMD160 */,
+ 19 /* RSA */,
+ 7 /* RSA-MD2 */,
+ 396 /* RSA-MD4 */,
+ 8 /* RSA-MD5 */,
+ 96 /* RSA-MDC2 */,
+ 104 /* RSA-NP-MD5 */,
+ 119 /* RSA-RIPEMD160 */,
+ 42 /* RSA-SHA */,
+ 65 /* RSA-SHA1 */,
+ 115 /* RSA-SHA1-2 */,
+ 671 /* RSA-SHA224 */,
+ 668 /* RSA-SHA256 */,
+ 669 /* RSA-SHA384 */,
+ 670 /* RSA-SHA512 */,
+ 919 /* RSAES-OAEP */,
+ 912 /* RSASSA-PSS */,
+ 777 /* SEED-CBC */,
+ 779 /* SEED-CFB */,
+ 776 /* SEED-ECB */,
+ 778 /* SEED-OFB */,
+ 41 /* SHA */,
+ 64 /* SHA1 */,
+ 675 /* SHA224 */,
+ 672 /* SHA256 */,
+ 673 /* SHA384 */,
+ 674 /* SHA512 */,
+ 188 /* SMIME */,
+ 167 /* SMIME-CAPS */,
+ 100 /* SN */,
+ 16 /* ST */,
+ 143 /* SXNetID */,
+ 458 /* UID */,
+ 0 /* UNDEF */,
+ 948 /* X25519 */,
+ 11 /* X500 */,
+ 378 /* X500algorithms */,
+ 12 /* X509 */,
+ 184 /* X9-57 */,
+ 185 /* X9cm */,
+ 125 /* ZLIB */,
+ 478 /* aRecord */,
+ 289 /* aaControls */,
+ 287 /* ac-auditEntity */,
+ 397 /* ac-proxying */,
+ 288 /* ac-targeting */,
+ 368 /* acceptableResponses */,
+ 446 /* account */,
+ 363 /* ad_timestamping */,
+ 376 /* algorithm */,
+ 405 /* ansi-X9-62 */,
+ 910 /* anyExtendedKeyUsage */,
+ 746 /* anyPolicy */,
+ 370 /* archiveCutoff */,
+ 484 /* associatedDomain */,
+ 485 /* associatedName */,
+ 501 /* audio */,
+ 177 /* authorityInfoAccess */,
+ 90 /* authorityKeyIdentifier */,
+ 882 /* authorityRevocationList */,
+ 87 /* basicConstraints */,
+ 365 /* basicOCSPResponse */,
+ 285 /* biometricInfo */,
+ 921 /* brainpoolP160r1 */,
+ 922 /* brainpoolP160t1 */,
+ 923 /* brainpoolP192r1 */,
+ 924 /* brainpoolP192t1 */,
+ 925 /* brainpoolP224r1 */,
+ 926 /* brainpoolP224t1 */,
+ 927 /* brainpoolP256r1 */,
+ 928 /* brainpoolP256t1 */,
+ 929 /* brainpoolP320r1 */,
+ 930 /* brainpoolP320t1 */,
+ 931 /* brainpoolP384r1 */,
+ 932 /* brainpoolP384t1 */,
+ 933 /* brainpoolP512r1 */,
+ 934 /* brainpoolP512t1 */,
+ 494 /* buildingName */,
+ 860 /* businessCategory */,
+ 691 /* c2onb191v4 */,
+ 692 /* c2onb191v5 */,
+ 697 /* c2onb239v4 */,
+ 698 /* c2onb239v5 */,
+ 684 /* c2pnb163v1 */,
+ 685 /* c2pnb163v2 */,
+ 686 /* c2pnb163v3 */,
+ 687 /* c2pnb176v1 */,
+ 693 /* c2pnb208w1 */,
+ 699 /* c2pnb272w1 */,
+ 700 /* c2pnb304w1 */,
+ 702 /* c2pnb368w1 */,
+ 688 /* c2tnb191v1 */,
+ 689 /* c2tnb191v2 */,
+ 690 /* c2tnb191v3 */,
+ 694 /* c2tnb239v1 */,
+ 695 /* c2tnb239v2 */,
+ 696 /* c2tnb239v3 */,
+ 701 /* c2tnb359v1 */,
+ 703 /* c2tnb431r1 */,
+ 881 /* cACertificate */,
+ 483 /* cNAMERecord */,
+ 179 /* caIssuers */,
+ 785 /* caRepository */,
+ 443 /* caseIgnoreIA5StringSyntax */,
+ 152 /* certBag */,
+ 677 /* certicom-arc */,
+ 771 /* certificateIssuer */,
+ 89 /* certificatePolicies */,
+ 883 /* certificateRevocationList */,
+ 54 /* challengePassword */,
+ 407 /* characteristic-two-field */,
+ 395 /* clearance */,
+ 130 /* clientAuth */,
+ 131 /* codeSigning */,
+ 50 /* contentType */,
+ 53 /* countersignature */,
+ 153 /* crlBag */,
+ 103 /* crlDistributionPoints */,
+ 88 /* crlNumber */,
+ 884 /* crossCertificatePair */,
+ 806 /* cryptocom */,
+ 805 /* cryptopro */,
+ 500 /* dITRedirect */,
+ 451 /* dNSDomain */,
+ 495 /* dSAQuality */,
+ 434 /* data */,
+ 390 /* dcobject */,
+ 140 /* deltaCRL */,
+ 891 /* deltaRevocationList */,
+ 107 /* description */,
+ 871 /* destinationIndicator */,
+ 947 /* dh-cofactor-kdf */,
+ 946 /* dh-std-kdf */,
+ 28 /* dhKeyAgreement */,
+ 941 /* dhSinglePass-cofactorDH-sha1kdf-scheme */,
+ 942 /* dhSinglePass-cofactorDH-sha224kdf-scheme */,
+ 943 /* dhSinglePass-cofactorDH-sha256kdf-scheme */,
+ 944 /* dhSinglePass-cofactorDH-sha384kdf-scheme */,
+ 945 /* dhSinglePass-cofactorDH-sha512kdf-scheme */,
+ 936 /* dhSinglePass-stdDH-sha1kdf-scheme */,
+ 937 /* dhSinglePass-stdDH-sha224kdf-scheme */,
+ 938 /* dhSinglePass-stdDH-sha256kdf-scheme */,
+ 939 /* dhSinglePass-stdDH-sha384kdf-scheme */,
+ 940 /* dhSinglePass-stdDH-sha512kdf-scheme */,
+ 920 /* dhpublicnumber */,
+ 382 /* directory */,
+ 887 /* distinguishedName */,
+ 892 /* dmdName */,
+ 174 /* dnQualifier */,
+ 447 /* document */,
+ 471 /* documentAuthor */,
+ 468 /* documentIdentifier */,
+ 472 /* documentLocation */,
+ 502 /* documentPublisher */,
+ 449 /* documentSeries */,
+ 469 /* documentTitle */,
+ 470 /* documentVersion */,
+ 392 /* domain */,
+ 452 /* domainRelatedObject */,
+ 802 /* dsa_with_SHA224 */,
+ 803 /* dsa_with_SHA256 */,
+ 791 /* ecdsa-with-Recommended */,
+ 416 /* ecdsa-with-SHA1 */,
+ 793 /* ecdsa-with-SHA224 */,
+ 794 /* ecdsa-with-SHA256 */,
+ 795 /* ecdsa-with-SHA384 */,
+ 796 /* ecdsa-with-SHA512 */,
+ 792 /* ecdsa-with-Specified */,
+ 48 /* emailAddress */,
+ 132 /* emailProtection */,
+ 885 /* enhancedSearchGuide */,
+ 389 /* enterprises */,
+ 384 /* experimental */,
+ 172 /* extReq */,
+ 56 /* extendedCertificateAttributes */,
+ 126 /* extendedKeyUsage */,
+ 372 /* extendedStatus */,
+ 867 /* facsimileTelephoneNumber */,
+ 462 /* favouriteDrink */,
+ 857 /* freshestCRL */,
+ 453 /* friendlyCountry */,
+ 490 /* friendlyCountryName */,
+ 156 /* friendlyName */,
+ 509 /* generationQualifier */,
+ 815 /* gost-mac */,
+ 811 /* gost2001 */,
+ 851 /* gost2001cc */,
+ 813 /* gost89 */,
+ 814 /* gost89-cnt */,
+ 812 /* gost94 */,
+ 850 /* gost94cc */,
+ 797 /* hmacWithMD5 */,
+ 163 /* hmacWithSHA1 */,
+ 798 /* hmacWithSHA224 */,
+ 799 /* hmacWithSHA256 */,
+ 800 /* hmacWithSHA384 */,
+ 801 /* hmacWithSHA512 */,
+ 432 /* holdInstructionCallIssuer */,
+ 430 /* holdInstructionCode */,
+ 431 /* holdInstructionNone */,
+ 433 /* holdInstructionReject */,
+ 486 /* homePostalAddress */,
+ 473 /* homeTelephoneNumber */,
+ 466 /* host */,
+ 889 /* houseIdentifier */,
+ 442 /* iA5StringSyntax */,
+ 783 /* id-DHBasedMac */,
+ 824 /* id-Gost28147-89-CryptoPro-A-ParamSet */,
+ 825 /* id-Gost28147-89-CryptoPro-B-ParamSet */,
+ 826 /* id-Gost28147-89-CryptoPro-C-ParamSet */,
+ 827 /* id-Gost28147-89-CryptoPro-D-ParamSet */,
+ 819 /* id-Gost28147-89-CryptoPro-KeyMeshing */,
+ 829 /* id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet */,
+ 828 /* id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet */,
+ 830 /* id-Gost28147-89-CryptoPro-RIC-1-ParamSet */,
+ 820 /* id-Gost28147-89-None-KeyMeshing */,
+ 823 /* id-Gost28147-89-TestParamSet */,
+ 849 /* id-Gost28147-89-cc */,
+ 840 /* id-GostR3410-2001-CryptoPro-A-ParamSet */,
+ 841 /* id-GostR3410-2001-CryptoPro-B-ParamSet */,
+ 842 /* id-GostR3410-2001-CryptoPro-C-ParamSet */,
+ 843 /* id-GostR3410-2001-CryptoPro-XchA-ParamSet */,
+ 844 /* id-GostR3410-2001-CryptoPro-XchB-ParamSet */,
+ 854 /* id-GostR3410-2001-ParamSet-cc */,
+ 839 /* id-GostR3410-2001-TestParamSet */,
+ 817 /* id-GostR3410-2001DH */,
+ 832 /* id-GostR3410-94-CryptoPro-A-ParamSet */,
+ 833 /* id-GostR3410-94-CryptoPro-B-ParamSet */,
+ 834 /* id-GostR3410-94-CryptoPro-C-ParamSet */,
+ 835 /* id-GostR3410-94-CryptoPro-D-ParamSet */,
+ 836 /* id-GostR3410-94-CryptoPro-XchA-ParamSet */,
+ 837 /* id-GostR3410-94-CryptoPro-XchB-ParamSet */,
+ 838 /* id-GostR3410-94-CryptoPro-XchC-ParamSet */,
+ 831 /* id-GostR3410-94-TestParamSet */,
+ 845 /* id-GostR3410-94-a */,
+ 846 /* id-GostR3410-94-aBis */,
+ 847 /* id-GostR3410-94-b */,
+ 848 /* id-GostR3410-94-bBis */,
+ 818 /* id-GostR3410-94DH */,
+ 822 /* id-GostR3411-94-CryptoProParamSet */,
+ 821 /* id-GostR3411-94-TestParamSet */,
+ 807 /* id-GostR3411-94-with-GostR3410-2001 */,
+ 853 /* id-GostR3411-94-with-GostR3410-2001-cc */,
+ 808 /* id-GostR3411-94-with-GostR3410-94 */,
+ 852 /* id-GostR3411-94-with-GostR3410-94-cc */,
+ 810 /* id-HMACGostR3411-94 */,
+ 782 /* id-PasswordBasedMAC */,
+ 266 /* id-aca */,
+ 355 /* id-aca-accessIdentity */,
+ 354 /* id-aca-authenticationInfo */,
+ 356 /* id-aca-chargingIdentity */,
+ 399 /* id-aca-encAttrs */,
+ 357 /* id-aca-group */,
+ 358 /* id-aca-role */,
+ 176 /* id-ad */,
+ 896 /* id-aes128-CCM */,
+ 895 /* id-aes128-GCM */,
+ 788 /* id-aes128-wrap */,
+ 897 /* id-aes128-wrap-pad */,
+ 899 /* id-aes192-CCM */,
+ 898 /* id-aes192-GCM */,
+ 789 /* id-aes192-wrap */,
+ 900 /* id-aes192-wrap-pad */,
+ 902 /* id-aes256-CCM */,
+ 901 /* id-aes256-GCM */,
+ 790 /* id-aes256-wrap */,
+ 903 /* id-aes256-wrap-pad */,
+ 262 /* id-alg */,
+ 893 /* id-alg-PWRI-KEK */,
+ 323 /* id-alg-des40 */,
+ 326 /* id-alg-dh-pop */,
+ 325 /* id-alg-dh-sig-hmac-sha1 */,
+ 324 /* id-alg-noSignature */,
+ 907 /* id-camellia128-wrap */,
+ 908 /* id-camellia192-wrap */,
+ 909 /* id-camellia256-wrap */,
+ 268 /* id-cct */,
+ 361 /* id-cct-PKIData */,
+ 362 /* id-cct-PKIResponse */,
+ 360 /* id-cct-crs */,
+ 81 /* id-ce */,
+ 680 /* id-characteristic-two-basis */,
+ 263 /* id-cmc */,
+ 334 /* id-cmc-addExtensions */,
+ 346 /* id-cmc-confirmCertAcceptance */,
+ 330 /* id-cmc-dataReturn */,
+ 336 /* id-cmc-decryptedPOP */,
+ 335 /* id-cmc-encryptedPOP */,
+ 339 /* id-cmc-getCRL */,
+ 338 /* id-cmc-getCert */,
+ 328 /* id-cmc-identification */,
+ 329 /* id-cmc-identityProof */,
+ 337 /* id-cmc-lraPOPWitness */,
+ 344 /* id-cmc-popLinkRandom */,
+ 345 /* id-cmc-popLinkWitness */,
+ 343 /* id-cmc-queryPending */,
+ 333 /* id-cmc-recipientNonce */,
+ 341 /* id-cmc-regInfo */,
+ 342 /* id-cmc-responseInfo */,
+ 340 /* id-cmc-revokeRequest */,
+ 332 /* id-cmc-senderNonce */,
+ 327 /* id-cmc-statusInfo */,
+ 331 /* id-cmc-transactionId */,
+ 787 /* id-ct-asciiTextWithCRLF */,
+ 408 /* id-ecPublicKey */,
+ 508 /* id-hex-multipart-message */,
+ 507 /* id-hex-partial-message */,
+ 260 /* id-it */,
+ 302 /* id-it-caKeyUpdateInfo */,
+ 298 /* id-it-caProtEncCert */,
+ 311 /* id-it-confirmWaitTime */,
+ 303 /* id-it-currentCRL */,
+ 300 /* id-it-encKeyPairTypes */,
+ 310 /* id-it-implicitConfirm */,
+ 308 /* id-it-keyPairParamRep */,
+ 307 /* id-it-keyPairParamReq */,
+ 312 /* id-it-origPKIMessage */,
+ 301 /* id-it-preferredSymmAlg */,
+ 309 /* id-it-revPassphrase */,
+ 299 /* id-it-signKeyPairTypes */,
+ 305 /* id-it-subscriptionRequest */,
+ 306 /* id-it-subscriptionResponse */,
+ 784 /* id-it-suppLangTags */,
+ 304 /* id-it-unsupportedOIDs */,
+ 128 /* id-kp */,
+ 280 /* id-mod-attribute-cert */,
+ 274 /* id-mod-cmc */,
+ 277 /* id-mod-cmp */,
+ 284 /* id-mod-cmp2000 */,
+ 273 /* id-mod-crmf */,
+ 283 /* id-mod-dvcs */,
+ 275 /* id-mod-kea-profile-88 */,
+ 276 /* id-mod-kea-profile-93 */,
+ 282 /* id-mod-ocsp */,
+ 278 /* id-mod-qualified-cert-88 */,
+ 279 /* id-mod-qualified-cert-93 */,
+ 281 /* id-mod-timestamp-protocol */,
+ 264 /* id-on */,
+ 858 /* id-on-permanentIdentifier */,
+ 347 /* id-on-personalData */,
+ 265 /* id-pda */,
+ 352 /* id-pda-countryOfCitizenship */,
+ 353 /* id-pda-countryOfResidence */,
+ 348 /* id-pda-dateOfBirth */,
+ 351 /* id-pda-gender */,
+ 349 /* id-pda-placeOfBirth */,
+ 175 /* id-pe */,
+ 261 /* id-pkip */,
+ 258 /* id-pkix-mod */,
+ 269 /* id-pkix1-explicit-88 */,
+ 271 /* id-pkix1-explicit-93 */,
+ 270 /* id-pkix1-implicit-88 */,
+ 272 /* id-pkix1-implicit-93 */,
+ 662 /* id-ppl */,
+ 664 /* id-ppl-anyLanguage */,
+ 667 /* id-ppl-independent */,
+ 665 /* id-ppl-inheritAll */,
+ 267 /* id-qcs */,
+ 359 /* id-qcs-pkixQCSyntax-v1 */,
+ 259 /* id-qt */,
+ 164 /* id-qt-cps */,
+ 165 /* id-qt-unotice */,
+ 313 /* id-regCtrl */,
+ 316 /* id-regCtrl-authenticator */,
+ 319 /* id-regCtrl-oldCertID */,
+ 318 /* id-regCtrl-pkiArchiveOptions */,
+ 317 /* id-regCtrl-pkiPublicationInfo */,
+ 320 /* id-regCtrl-protocolEncrKey */,
+ 315 /* id-regCtrl-regToken */,
+ 314 /* id-regInfo */,
+ 322 /* id-regInfo-certReq */,
+ 321 /* id-regInfo-utf8Pairs */,
+ 512 /* id-set */,
+ 191 /* id-smime-aa */,
+ 215 /* id-smime-aa-contentHint */,
+ 218 /* id-smime-aa-contentIdentifier */,
+ 221 /* id-smime-aa-contentReference */,
+ 240 /* id-smime-aa-dvcs-dvc */,
+ 217 /* id-smime-aa-encapContentType */,
+ 222 /* id-smime-aa-encrypKeyPref */,
+ 220 /* id-smime-aa-equivalentLabels */,
+ 232 /* id-smime-aa-ets-CertificateRefs */,
+ 233 /* id-smime-aa-ets-RevocationRefs */,
+ 238 /* id-smime-aa-ets-archiveTimeStamp */,
+ 237 /* id-smime-aa-ets-certCRLTimestamp */,
+ 234 /* id-smime-aa-ets-certValues */,
+ 227 /* id-smime-aa-ets-commitmentType */,
+ 231 /* id-smime-aa-ets-contentTimestamp */,
+ 236 /* id-smime-aa-ets-escTimeStamp */,
+ 230 /* id-smime-aa-ets-otherSigCert */,
+ 235 /* id-smime-aa-ets-revocationValues */,
+ 226 /* id-smime-aa-ets-sigPolicyId */,
+ 229 /* id-smime-aa-ets-signerAttr */,
+ 228 /* id-smime-aa-ets-signerLocation */,
+ 219 /* id-smime-aa-macValue */,
+ 214 /* id-smime-aa-mlExpandHistory */,
+ 216 /* id-smime-aa-msgSigDigest */,
+ 212 /* id-smime-aa-receiptRequest */,
+ 213 /* id-smime-aa-securityLabel */,
+ 239 /* id-smime-aa-signatureType */,
+ 223 /* id-smime-aa-signingCertificate */,
+ 224 /* id-smime-aa-smimeEncryptCerts */,
+ 225 /* id-smime-aa-timeStampToken */,
+ 192 /* id-smime-alg */,
+ 243 /* id-smime-alg-3DESwrap */,
+ 246 /* id-smime-alg-CMS3DESwrap */,
+ 247 /* id-smime-alg-CMSRC2wrap */,
+ 245 /* id-smime-alg-ESDH */,
+ 241 /* id-smime-alg-ESDHwith3DES */,
+ 242 /* id-smime-alg-ESDHwithRC2 */,
+ 244 /* id-smime-alg-RC2wrap */,
+ 193 /* id-smime-cd */,
+ 248 /* id-smime-cd-ldap */,
+ 190 /* id-smime-ct */,
+ 210 /* id-smime-ct-DVCSRequestData */,
+ 211 /* id-smime-ct-DVCSResponseData */,
+ 208 /* id-smime-ct-TDTInfo */,
+ 207 /* id-smime-ct-TSTInfo */,
+ 205 /* id-smime-ct-authData */,
+ 786 /* id-smime-ct-compressedData */,
+ 209 /* id-smime-ct-contentInfo */,
+ 206 /* id-smime-ct-publishCert */,
+ 204 /* id-smime-ct-receipt */,
+ 195 /* id-smime-cti */,
+ 255 /* id-smime-cti-ets-proofOfApproval */,
+ 256 /* id-smime-cti-ets-proofOfCreation */,
+ 253 /* id-smime-cti-ets-proofOfDelivery */,
+ 251 /* id-smime-cti-ets-proofOfOrigin */,
+ 252 /* id-smime-cti-ets-proofOfReceipt */,
+ 254 /* id-smime-cti-ets-proofOfSender */,
+ 189 /* id-smime-mod */,
+ 196 /* id-smime-mod-cms */,
+ 197 /* id-smime-mod-ess */,
+ 202 /* id-smime-mod-ets-eSigPolicy-88 */,
+ 203 /* id-smime-mod-ets-eSigPolicy-97 */,
+ 200 /* id-smime-mod-ets-eSignature-88 */,
+ 201 /* id-smime-mod-ets-eSignature-97 */,
+ 199 /* id-smime-mod-msg-v3 */,
+ 198 /* id-smime-mod-oid */,
+ 194 /* id-smime-spq */,
+ 250 /* id-smime-spq-ets-sqt-unotice */,
+ 249 /* id-smime-spq-ets-sqt-uri */,
+ 676 /* identified-organization */,
+ 461 /* info */,
+ 748 /* inhibitAnyPolicy */,
+ 101 /* initials */,
+ 647 /* international-organizations */,
+ 869 /* internationaliSDNNumber */,
+ 142 /* invalidityDate */,
+ 294 /* ipsecEndSystem */,
+ 295 /* ipsecTunnel */,
+ 296 /* ipsecUser */,
+ 86 /* issuerAltName */,
+ 770 /* issuingDistributionPoint */,
+ 492 /* janetMailbox */,
+ 150 /* keyBag */,
+ 83 /* keyUsage */,
+ 477 /* lastModifiedBy */,
+ 476 /* lastModifiedTime */,
+ 157 /* localKeyID */,
+ 480 /* mXRecord */,
+ 460 /* mail */,
+ 493 /* mailPreferenceOption */,
+ 467 /* manager */,
+ 809 /* md_gost94 */,
+ 875 /* member */,
+ 182 /* member-body */,
+ 51 /* messageDigest */,
+ 383 /* mgmt */,
+ 504 /* mime-mhs */,
+ 506 /* mime-mhs-bodies */,
+ 505 /* mime-mhs-headings */,
+ 488 /* mobileTelephoneNumber */,
+ 136 /* msCTLSign */,
+ 135 /* msCodeCom */,
+ 134 /* msCodeInd */,
+ 138 /* msEFS */,
+ 171 /* msExtReq */,
+ 137 /* msSGC */,
+ 648 /* msSmartcardLogin */,
+ 649 /* msUPN */,
+ 481 /* nSRecord */,
+ 173 /* name */,
+ 666 /* nameConstraints */,
+ 369 /* noCheck */,
+ 403 /* noRevAvail */,
+ 72 /* nsBaseUrl */,
+ 76 /* nsCaPolicyUrl */,
+ 74 /* nsCaRevocationUrl */,
+ 58 /* nsCertExt */,
+ 79 /* nsCertSequence */,
+ 71 /* nsCertType */,
+ 78 /* nsComment */,
+ 59 /* nsDataType */,
+ 75 /* nsRenewalUrl */,
+ 73 /* nsRevocationUrl */,
+ 139 /* nsSGC */,
+ 77 /* nsSslServerName */,
+ 681 /* onBasis */,
+ 491 /* organizationalStatus */,
+ 475 /* otherMailbox */,
+ 876 /* owner */,
+ 489 /* pagerTelephoneNumber */,
+ 374 /* path */,
+ 112 /* pbeWithMD5AndCast5CBC */,
+ 499 /* personalSignature */,
+ 487 /* personalTitle */,
+ 464 /* photo */,
+ 863 /* physicalDeliveryOfficeName */,
+ 437 /* pilot */,
+ 439 /* pilotAttributeSyntax */,
+ 438 /* pilotAttributeType */,
+ 479 /* pilotAttributeType27 */,
+ 456 /* pilotDSA */,
+ 441 /* pilotGroups */,
+ 444 /* pilotObject */,
+ 440 /* pilotObjectClass */,
+ 455 /* pilotOrganization */,
+ 445 /* pilotPerson */,
+ 2 /* pkcs */,
+ 186 /* pkcs1 */,
+ 27 /* pkcs3 */,
+ 187 /* pkcs5 */,
+ 20 /* pkcs7 */,
+ 21 /* pkcs7-data */,
+ 25 /* pkcs7-digestData */,
+ 26 /* pkcs7-encryptedData */,
+ 23 /* pkcs7-envelopedData */,
+ 24 /* pkcs7-signedAndEnvelopedData */,
+ 22 /* pkcs7-signedData */,
+ 151 /* pkcs8ShroudedKeyBag */,
+ 47 /* pkcs9 */,
+ 401 /* policyConstraints */,
+ 747 /* policyMappings */,
+ 862 /* postOfficeBox */,
+ 861 /* postalAddress */,
+ 661 /* postalCode */,
+ 683 /* ppBasis */,
+ 872 /* preferredDeliveryMethod */,
+ 873 /* presentationAddress */,
+ 816 /* prf-gostr3411-94 */,
+ 406 /* prime-field */,
+ 409 /* prime192v1 */,
+ 410 /* prime192v2 */,
+ 411 /* prime192v3 */,
+ 412 /* prime239v1 */,
+ 413 /* prime239v2 */,
+ 414 /* prime239v3 */,
+ 415 /* prime256v1 */,
+ 385 /* private */,
+ 84 /* privateKeyUsagePeriod */,
+ 886 /* protocolInformation */,
+ 663 /* proxyCertInfo */,
+ 510 /* pseudonym */,
+ 435 /* pss */,
+ 286 /* qcStatements */,
+ 457 /* qualityLabelledData */,
+ 450 /* rFC822localPart */,
+ 870 /* registeredAddress */,
+ 400 /* role */,
+ 877 /* roleOccupant */,
+ 448 /* room */,
+ 463 /* roomNumber */,
+ 6 /* rsaEncryption */,
+ 644 /* rsaOAEPEncryptionSET */,
+ 377 /* rsaSignature */,
+ 1 /* rsadsi */,
+ 482 /* sOARecord */,
+ 155 /* safeContentsBag */,
+ 291 /* sbgp-autonomousSysNum */,
+ 290 /* sbgp-ipAddrBlock */,
+ 292 /* sbgp-routerIdentifier */,
+ 159 /* sdsiCertificate */,
+ 859 /* searchGuide */,
+ 704 /* secp112r1 */,
+ 705 /* secp112r2 */,
+ 706 /* secp128r1 */,
+ 707 /* secp128r2 */,
+ 708 /* secp160k1 */,
+ 709 /* secp160r1 */,
+ 710 /* secp160r2 */,
+ 711 /* secp192k1 */,
+ 712 /* secp224k1 */,
+ 713 /* secp224r1 */,
+ 714 /* secp256k1 */,
+ 715 /* secp384r1 */,
+ 716 /* secp521r1 */,
+ 154 /* secretBag */,
+ 474 /* secretary */,
+ 717 /* sect113r1 */,
+ 718 /* sect113r2 */,
+ 719 /* sect131r1 */,
+ 720 /* sect131r2 */,
+ 721 /* sect163k1 */,
+ 722 /* sect163r1 */,
+ 723 /* sect163r2 */,
+ 724 /* sect193r1 */,
+ 725 /* sect193r2 */,
+ 726 /* sect233k1 */,
+ 727 /* sect233r1 */,
+ 728 /* sect239k1 */,
+ 729 /* sect283k1 */,
+ 730 /* sect283r1 */,
+ 731 /* sect409k1 */,
+ 732 /* sect409r1 */,
+ 733 /* sect571k1 */,
+ 734 /* sect571r1 */,
+ 386 /* security */,
+ 878 /* seeAlso */,
+ 394 /* selected-attribute-types */,
+ 105 /* serialNumber */,
+ 129 /* serverAuth */,
+ 371 /* serviceLocator */,
+ 625 /* set-addPolicy */,
+ 515 /* set-attr */,
+ 518 /* set-brand */,
+ 638 /* set-brand-AmericanExpress */,
+ 637 /* set-brand-Diners */,
+ 636 /* set-brand-IATA-ATA */,
+ 639 /* set-brand-JCB */,
+ 641 /* set-brand-MasterCard */,
+ 642 /* set-brand-Novus */,
+ 640 /* set-brand-Visa */,
+ 517 /* set-certExt */,
+ 513 /* set-ctype */,
+ 514 /* set-msgExt */,
+ 516 /* set-policy */,
+ 607 /* set-policy-root */,
+ 624 /* set-rootKeyThumb */,
+ 620 /* setAttr-Cert */,
+ 631 /* setAttr-GenCryptgrm */,
+ 623 /* setAttr-IssCap */,
+ 628 /* setAttr-IssCap-CVM */,
+ 630 /* setAttr-IssCap-Sig */,
+ 629 /* setAttr-IssCap-T2 */,
+ 621 /* setAttr-PGWYcap */,
+ 635 /* setAttr-SecDevSig */,
+ 632 /* setAttr-T2Enc */,
+ 633 /* setAttr-T2cleartxt */,
+ 634 /* setAttr-TokICCsig */,
+ 627 /* setAttr-Token-B0Prime */,
+ 626 /* setAttr-Token-EMV */,
+ 622 /* setAttr-TokenType */,
+ 619 /* setCext-IssuerCapabilities */,
+ 615 /* setCext-PGWYcapabilities */,
+ 616 /* setCext-TokenIdentifier */,
+ 618 /* setCext-TokenType */,
+ 617 /* setCext-Track2Data */,
+ 611 /* setCext-cCertRequired */,
+ 609 /* setCext-certType */,
+ 608 /* setCext-hashedRoot */,
+ 610 /* setCext-merchData */,
+ 613 /* setCext-setExt */,
+ 614 /* setCext-setQualf */,
+ 612 /* setCext-tunneling */,
+ 540 /* setct-AcqCardCodeMsg */,
+ 576 /* setct-AcqCardCodeMsgTBE */,
+ 570 /* setct-AuthReqTBE */,
+ 534 /* setct-AuthReqTBS */,
+ 527 /* setct-AuthResBaggage */,
+ 571 /* setct-AuthResTBE */,
+ 572 /* setct-AuthResTBEX */,
+ 535 /* setct-AuthResTBS */,
+ 536 /* setct-AuthResTBSX */,
+ 528 /* setct-AuthRevReqBaggage */,
+ 577 /* setct-AuthRevReqTBE */,
+ 541 /* setct-AuthRevReqTBS */,
+ 529 /* setct-AuthRevResBaggage */,
+ 542 /* setct-AuthRevResData */,
+ 578 /* setct-AuthRevResTBE */,
+ 579 /* setct-AuthRevResTBEB */,
+ 543 /* setct-AuthRevResTBS */,
+ 573 /* setct-AuthTokenTBE */,
+ 537 /* setct-AuthTokenTBS */,
+ 600 /* setct-BCIDistributionTBS */,
+ 558 /* setct-BatchAdminReqData */,
+ 592 /* setct-BatchAdminReqTBE */,
+ 559 /* setct-BatchAdminResData */,
+ 593 /* setct-BatchAdminResTBE */,
+ 599 /* setct-CRLNotificationResTBS */,
+ 598 /* setct-CRLNotificationTBS */,
+ 580 /* setct-CapReqTBE */,
+ 581 /* setct-CapReqTBEX */,
+ 544 /* setct-CapReqTBS */,
+ 545 /* setct-CapReqTBSX */,
+ 546 /* setct-CapResData */,
+ 582 /* setct-CapResTBE */,
+ 583 /* setct-CapRevReqTBE */,
+ 584 /* setct-CapRevReqTBEX */,
+ 547 /* setct-CapRevReqTBS */,
+ 548 /* setct-CapRevReqTBSX */,
+ 549 /* setct-CapRevResData */,
+ 585 /* setct-CapRevResTBE */,
+ 538 /* setct-CapTokenData */,
+ 530 /* setct-CapTokenSeq */,
+ 574 /* setct-CapTokenTBE */,
+ 575 /* setct-CapTokenTBEX */,
+ 539 /* setct-CapTokenTBS */,
+ 560 /* setct-CardCInitResTBS */,
+ 566 /* setct-CertInqReqTBS */,
+ 563 /* setct-CertReqData */,
+ 595 /* setct-CertReqTBE */,
+ 596 /* setct-CertReqTBEX */,
+ 564 /* setct-CertReqTBS */,
+ 565 /* setct-CertResData */,
+ 597 /* setct-CertResTBE */,
+ 586 /* setct-CredReqTBE */,
+ 587 /* setct-CredReqTBEX */,
+ 550 /* setct-CredReqTBS */,
+ 551 /* setct-CredReqTBSX */,
+ 552 /* setct-CredResData */,
+ 588 /* setct-CredResTBE */,
+ 589 /* setct-CredRevReqTBE */,
+ 590 /* setct-CredRevReqTBEX */,
+ 553 /* setct-CredRevReqTBS */,
+ 554 /* setct-CredRevReqTBSX */,
+ 555 /* setct-CredRevResData */,
+ 591 /* setct-CredRevResTBE */,
+ 567 /* setct-ErrorTBS */,
+ 526 /* setct-HODInput */,
+ 561 /* setct-MeAqCInitResTBS */,
+ 522 /* setct-OIData */,
+ 519 /* setct-PANData */,
+ 521 /* setct-PANOnly */,
+ 520 /* setct-PANToken */,
+ 556 /* setct-PCertReqData */,
+ 557 /* setct-PCertResTBS */,
+ 523 /* setct-PI */,
+ 532 /* setct-PI-TBS */,
+ 524 /* setct-PIData */,
+ 525 /* setct-PIDataUnsigned */,
+ 568 /* setct-PIDualSignedTBE */,
+ 569 /* setct-PIUnsignedTBE */,
+ 531 /* setct-PInitResData */,
+ 533 /* setct-PResData */,
+ 594 /* setct-RegFormReqTBE */,
+ 562 /* setct-RegFormResTBS */,
+ 606 /* setext-cv */,
+ 601 /* setext-genCrypt */,
+ 602 /* setext-miAuth */,
+ 604 /* setext-pinAny */,
+ 603 /* setext-pinSecure */,
+ 605 /* setext-track2 */,
+ 52 /* signingTime */,
+ 454 /* simpleSecurityObject */,
+ 496 /* singleLevelQuality */,
+ 387 /* snmpv2 */,
+ 660 /* street */,
+ 85 /* subjectAltName */,
+ 769 /* subjectDirectoryAttributes */,
+ 398 /* subjectInfoAccess */,
+ 82 /* subjectKeyIdentifier */,
+ 498 /* subtreeMaximumQuality */,
+ 497 /* subtreeMinimumQuality */,
+ 890 /* supportedAlgorithms */,
+ 874 /* supportedApplicationContext */,
+ 402 /* targetInformation */,
+ 864 /* telephoneNumber */,
+ 866 /* teletexTerminalIdentifier */,
+ 865 /* telexNumber */,
+ 459 /* textEncodedORAddress */,
+ 293 /* textNotice */,
+ 133 /* timeStamping */,
+ 106 /* title */,
+ 682 /* tpBasis */,
+ 375 /* trustRoot */,
+ 436 /* ucl */,
+ 888 /* uniqueMember */,
+ 55 /* unstructuredAddress */,
+ 49 /* unstructuredName */,
+ 880 /* userCertificate */,
+ 465 /* userClass */,
+ 879 /* userPassword */,
+ 373 /* valid */,
+ 678 /* wap */,
+ 679 /* wap-wsg */,
+ 735 /* wap-wsg-idm-ecid-wtls1 */,
+ 743 /* wap-wsg-idm-ecid-wtls10 */,
+ 744 /* wap-wsg-idm-ecid-wtls11 */,
+ 745 /* wap-wsg-idm-ecid-wtls12 */,
+ 736 /* wap-wsg-idm-ecid-wtls3 */,
+ 737 /* wap-wsg-idm-ecid-wtls4 */,
+ 738 /* wap-wsg-idm-ecid-wtls5 */,
+ 739 /* wap-wsg-idm-ecid-wtls6 */,
+ 740 /* wap-wsg-idm-ecid-wtls7 */,
+ 741 /* wap-wsg-idm-ecid-wtls8 */,
+ 742 /* wap-wsg-idm-ecid-wtls9 */,
+ 804 /* whirlpool */,
+ 868 /* x121Address */,
+ 503 /* x500UniqueIdentifier */,
+ 158 /* x509Certificate */,
+ 160 /* x509Crl */,
};
-static const unsigned int kNIDsInLongNameOrder[NUM_LN]={
-363, /* "AD Time Stamping" */
-405, /* "ANSI X9.62" */
-368, /* "Acceptable OCSP Responses" */
-910, /* "Any Extended Key Usage" */
-664, /* "Any language" */
-177, /* "Authority Information Access" */
-365, /* "Basic OCSP Response" */
-285, /* "Biometric Info" */
-179, /* "CA Issuers" */
-785, /* "CA Repository" */
-131, /* "Code Signing" */
-783, /* "Diffie-Hellman based MAC" */
-382, /* "Directory" */
-392, /* "Domain" */
-132, /* "E-mail Protection" */
-389, /* "Enterprises" */
-384, /* "Experimental" */
-372, /* "Extended OCSP Status" */
-172, /* "Extension Request" */
-813, /* "GOST 28147-89" */
-849, /* "GOST 28147-89 Cryptocom ParamSet" */
-815, /* "GOST 28147-89 MAC" */
-851, /* "GOST 34.10-2001 Cryptocom" */
-850, /* "GOST 34.10-94 Cryptocom" */
-811, /* "GOST R 34.10-2001" */
-817, /* "GOST R 34.10-2001 DH" */
-812, /* "GOST R 34.10-94" */
-818, /* "GOST R 34.10-94 DH" */
-809, /* "GOST R 34.11-94" */
-816, /* "GOST R 34.11-94 PRF" */
-807, /* "GOST R 34.11-94 with GOST R 34.10-2001" */
-853, /* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
-808, /* "GOST R 34.11-94 with GOST R 34.10-94" */
-852, /* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
-854, /* "GOST R 3410-2001 Parameter Set Cryptocom" */
-810, /* "HMAC GOST 34.11-94" */
-432, /* "Hold Instruction Call Issuer" */
-430, /* "Hold Instruction Code" */
-431, /* "Hold Instruction None" */
-433, /* "Hold Instruction Reject" */
-634, /* "ICC or token signature" */
-294, /* "IPSec End System" */
-295, /* "IPSec Tunnel" */
-296, /* "IPSec User" */
-182, /* "ISO Member Body" */
-183, /* "ISO US Member Body" */
-667, /* "Independent" */
-665, /* "Inherit all" */
-647, /* "International Organizations" */
-142, /* "Invalidity Date" */
-504, /* "MIME MHS" */
-388, /* "Mail" */
-383, /* "Management" */
-417, /* "Microsoft CSP Name" */
-135, /* "Microsoft Commercial Code Signing" */
-138, /* "Microsoft Encrypted File System" */
-171, /* "Microsoft Extension Request" */
-134, /* "Microsoft Individual Code Signing" */
-856, /* "Microsoft Local Key set" */
-137, /* "Microsoft Server Gated Crypto" */
-648, /* "Microsoft Smartcardlogin" */
-136, /* "Microsoft Trust List Signing" */
-649, /* "Microsoft Universal Principal Name" */
-393, /* "NULL" */
-404, /* "NULL" */
-72, /* "Netscape Base Url" */
-76, /* "Netscape CA Policy Url" */
-74, /* "Netscape CA Revocation Url" */
-71, /* "Netscape Cert Type" */
-58, /* "Netscape Certificate Extension" */
-79, /* "Netscape Certificate Sequence" */
-78, /* "Netscape Comment" */
-57, /* "Netscape Communications Corp." */
-59, /* "Netscape Data Type" */
-75, /* "Netscape Renewal Url" */
-73, /* "Netscape Revocation Url" */
-77, /* "Netscape SSL Server Name" */
-139, /* "Netscape Server Gated Crypto" */
-178, /* "OCSP" */
-370, /* "OCSP Archive Cutoff" */
-367, /* "OCSP CRL ID" */
-369, /* "OCSP No Check" */
-366, /* "OCSP Nonce" */
-371, /* "OCSP Service Locator" */
-180, /* "OCSP Signing" */
-161, /* "PBES2" */
-69, /* "PBKDF2" */
-162, /* "PBMAC1" */
-127, /* "PKIX" */
-858, /* "Permanent Identifier" */
-164, /* "Policy Qualifier CPS" */
-165, /* "Policy Qualifier User Notice" */
-385, /* "Private" */
-663, /* "Proxy Certificate Information" */
- 1, /* "RSA Data Security, Inc." */
- 2, /* "RSA Data Security, Inc. PKCS" */
-188, /* "S/MIME" */
-167, /* "S/MIME Capabilities" */
-387, /* "SNMPv2" */
-512, /* "Secure Electronic Transactions" */
-386, /* "Security" */
-394, /* "Selected Attribute Types" */
-143, /* "Strong Extranet ID" */
-398, /* "Subject Information Access" */
-130, /* "TLS Web Client Authentication" */
-129, /* "TLS Web Server Authentication" */
-133, /* "Time Stamping" */
-375, /* "Trust Root" */
-948, /* "X25519" */
-12, /* "X509" */
-402, /* "X509v3 AC Targeting" */
-746, /* "X509v3 Any Policy" */
-90, /* "X509v3 Authority Key Identifier" */
-87, /* "X509v3 Basic Constraints" */
-103, /* "X509v3 CRL Distribution Points" */
-88, /* "X509v3 CRL Number" */
-141, /* "X509v3 CRL Reason Code" */
-771, /* "X509v3 Certificate Issuer" */
-89, /* "X509v3 Certificate Policies" */
-140, /* "X509v3 Delta CRL Indicator" */
-126, /* "X509v3 Extended Key Usage" */
-857, /* "X509v3 Freshest CRL" */
-748, /* "X509v3 Inhibit Any Policy" */
-86, /* "X509v3 Issuer Alternative Name" */
-770, /* "X509v3 Issuing Distribution Point" */
-83, /* "X509v3 Key Usage" */
-666, /* "X509v3 Name Constraints" */
-403, /* "X509v3 No Revocation Available" */
-401, /* "X509v3 Policy Constraints" */
-747, /* "X509v3 Policy Mappings" */
-84, /* "X509v3 Private Key Usage Period" */
-85, /* "X509v3 Subject Alternative Name" */
-769, /* "X509v3 Subject Directory Attributes" */
-82, /* "X509v3 Subject Key Identifier" */
-920, /* "X9.42 DH" */
-184, /* "X9.57" */
-185, /* "X9.57 CM ?" */
-478, /* "aRecord" */
-289, /* "aaControls" */
-287, /* "ac-auditEntity" */
-397, /* "ac-proxying" */
-288, /* "ac-targeting" */
-446, /* "account" */
-364, /* "ad dvcs" */
-606, /* "additional verification" */
-419, /* "aes-128-cbc" */
-916, /* "aes-128-cbc-hmac-sha1" */
-896, /* "aes-128-ccm" */
-421, /* "aes-128-cfb" */
-650, /* "aes-128-cfb1" */
-653, /* "aes-128-cfb8" */
-904, /* "aes-128-ctr" */
-418, /* "aes-128-ecb" */
-895, /* "aes-128-gcm" */
-420, /* "aes-128-ofb" */
-913, /* "aes-128-xts" */
-423, /* "aes-192-cbc" */
-917, /* "aes-192-cbc-hmac-sha1" */
-899, /* "aes-192-ccm" */
-425, /* "aes-192-cfb" */
-651, /* "aes-192-cfb1" */
-654, /* "aes-192-cfb8" */
-905, /* "aes-192-ctr" */
-422, /* "aes-192-ecb" */
-898, /* "aes-192-gcm" */
-424, /* "aes-192-ofb" */
-427, /* "aes-256-cbc" */
-918, /* "aes-256-cbc-hmac-sha1" */
-902, /* "aes-256-ccm" */
-429, /* "aes-256-cfb" */
-652, /* "aes-256-cfb1" */
-655, /* "aes-256-cfb8" */
-906, /* "aes-256-ctr" */
-426, /* "aes-256-ecb" */
-901, /* "aes-256-gcm" */
-428, /* "aes-256-ofb" */
-914, /* "aes-256-xts" */
-376, /* "algorithm" */
-484, /* "associatedDomain" */
-485, /* "associatedName" */
-501, /* "audio" */
-882, /* "authorityRevocationList" */
-91, /* "bf-cbc" */
-93, /* "bf-cfb" */
-92, /* "bf-ecb" */
-94, /* "bf-ofb" */
-921, /* "brainpoolP160r1" */
-922, /* "brainpoolP160t1" */
-923, /* "brainpoolP192r1" */
-924, /* "brainpoolP192t1" */
-925, /* "brainpoolP224r1" */
-926, /* "brainpoolP224t1" */
-927, /* "brainpoolP256r1" */
-928, /* "brainpoolP256t1" */
-929, /* "brainpoolP320r1" */
-930, /* "brainpoolP320t1" */
-931, /* "brainpoolP384r1" */
-932, /* "brainpoolP384t1" */
-933, /* "brainpoolP512r1" */
-934, /* "brainpoolP512t1" */
-494, /* "buildingName" */
-860, /* "businessCategory" */
-691, /* "c2onb191v4" */
-692, /* "c2onb191v5" */
-697, /* "c2onb239v4" */
-698, /* "c2onb239v5" */
-684, /* "c2pnb163v1" */
-685, /* "c2pnb163v2" */
-686, /* "c2pnb163v3" */
-687, /* "c2pnb176v1" */
-693, /* "c2pnb208w1" */
-699, /* "c2pnb272w1" */
-700, /* "c2pnb304w1" */
-702, /* "c2pnb368w1" */
-688, /* "c2tnb191v1" */
-689, /* "c2tnb191v2" */
-690, /* "c2tnb191v3" */
-694, /* "c2tnb239v1" */
-695, /* "c2tnb239v2" */
-696, /* "c2tnb239v3" */
-701, /* "c2tnb359v1" */
-703, /* "c2tnb431r1" */
-881, /* "cACertificate" */
-483, /* "cNAMERecord" */
-751, /* "camellia-128-cbc" */
-757, /* "camellia-128-cfb" */
-760, /* "camellia-128-cfb1" */
-763, /* "camellia-128-cfb8" */
-754, /* "camellia-128-ecb" */
-766, /* "camellia-128-ofb" */
-752, /* "camellia-192-cbc" */
-758, /* "camellia-192-cfb" */
-761, /* "camellia-192-cfb1" */
-764, /* "camellia-192-cfb8" */
-755, /* "camellia-192-ecb" */
-767, /* "camellia-192-ofb" */
-753, /* "camellia-256-cbc" */
-759, /* "camellia-256-cfb" */
-762, /* "camellia-256-cfb1" */
-765, /* "camellia-256-cfb8" */
-756, /* "camellia-256-ecb" */
-768, /* "camellia-256-ofb" */
-443, /* "caseIgnoreIA5StringSyntax" */
-108, /* "cast5-cbc" */
-110, /* "cast5-cfb" */
-109, /* "cast5-ecb" */
-111, /* "cast5-ofb" */
-152, /* "certBag" */
-677, /* "certicom-arc" */
-517, /* "certificate extensions" */
-883, /* "certificateRevocationList" */
-54, /* "challengePassword" */
-407, /* "characteristic-two-field" */
-395, /* "clearance" */
-633, /* "cleartext track 2" */
-894, /* "cmac" */
-13, /* "commonName" */
-513, /* "content types" */
-50, /* "contentType" */
-53, /* "countersignature" */
-14, /* "countryName" */
-153, /* "crlBag" */
-884, /* "crossCertificatePair" */
-806, /* "cryptocom" */
-805, /* "cryptopro" */
-500, /* "dITRedirect" */
-451, /* "dNSDomain" */
-495, /* "dSAQuality" */
-434, /* "data" */
-390, /* "dcObject" */
-891, /* "deltaRevocationList" */
-31, /* "des-cbc" */
-643, /* "des-cdmf" */
-30, /* "des-cfb" */
-656, /* "des-cfb1" */
-657, /* "des-cfb8" */
-29, /* "des-ecb" */
-32, /* "des-ede" */
-43, /* "des-ede-cbc" */
-60, /* "des-ede-cfb" */
-62, /* "des-ede-ofb" */
-33, /* "des-ede3" */
-44, /* "des-ede3-cbc" */
-61, /* "des-ede3-cfb" */
-658, /* "des-ede3-cfb1" */
-659, /* "des-ede3-cfb8" */
-63, /* "des-ede3-ofb" */
-45, /* "des-ofb" */
-107, /* "description" */
-871, /* "destinationIndicator" */
-80, /* "desx-cbc" */
-947, /* "dh-cofactor-kdf" */
-946, /* "dh-std-kdf" */
-28, /* "dhKeyAgreement" */
-941, /* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942, /* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943, /* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944, /* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945, /* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936, /* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937, /* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938, /* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939, /* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940, /* "dhSinglePass-stdDH-sha512kdf-scheme" */
-11, /* "directory services (X.500)" */
-378, /* "directory services - algorithms" */
-887, /* "distinguishedName" */
-892, /* "dmdName" */
-174, /* "dnQualifier" */
-447, /* "document" */
-471, /* "documentAuthor" */
-468, /* "documentIdentifier" */
-472, /* "documentLocation" */
-502, /* "documentPublisher" */
-449, /* "documentSeries" */
-469, /* "documentTitle" */
-470, /* "documentVersion" */
-380, /* "dod" */
-391, /* "domainComponent" */
-452, /* "domainRelatedObject" */
-116, /* "dsaEncryption" */
-67, /* "dsaEncryption-old" */
-66, /* "dsaWithSHA" */
-113, /* "dsaWithSHA1" */
-70, /* "dsaWithSHA1-old" */
-802, /* "dsa_with_SHA224" */
-803, /* "dsa_with_SHA256" */
-297, /* "dvcs" */
-791, /* "ecdsa-with-Recommended" */
-416, /* "ecdsa-with-SHA1" */
-793, /* "ecdsa-with-SHA224" */
-794, /* "ecdsa-with-SHA256" */
-795, /* "ecdsa-with-SHA384" */
-796, /* "ecdsa-with-SHA512" */
-792, /* "ecdsa-with-Specified" */
-48, /* "emailAddress" */
-632, /* "encrypted track 2" */
-885, /* "enhancedSearchGuide" */
-56, /* "extendedCertificateAttributes" */
-867, /* "facsimileTelephoneNumber" */
-462, /* "favouriteDrink" */
-453, /* "friendlyCountry" */
-490, /* "friendlyCountryName" */
-156, /* "friendlyName" */
-631, /* "generate cryptogram" */
-509, /* "generationQualifier" */
-601, /* "generic cryptogram" */
-99, /* "givenName" */
-814, /* "gost89-cnt" */
-855, /* "hmac" */
-780, /* "hmac-md5" */
-781, /* "hmac-sha1" */
-797, /* "hmacWithMD5" */
-163, /* "hmacWithSHA1" */
-798, /* "hmacWithSHA224" */
-799, /* "hmacWithSHA256" */
-800, /* "hmacWithSHA384" */
-801, /* "hmacWithSHA512" */
-486, /* "homePostalAddress" */
-473, /* "homeTelephoneNumber" */
-466, /* "host" */
-889, /* "houseIdentifier" */
-442, /* "iA5StringSyntax" */
-381, /* "iana" */
-824, /* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825, /* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826, /* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827, /* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819, /* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829, /* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828, /* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830, /* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820, /* "id-Gost28147-89-None-KeyMeshing" */
-823, /* "id-Gost28147-89-TestParamSet" */
-840, /* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841, /* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842, /* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843, /* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844, /* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-839, /* "id-GostR3410-2001-TestParamSet" */
-832, /* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833, /* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834, /* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835, /* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836, /* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837, /* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838, /* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831, /* "id-GostR3410-94-TestParamSet" */
-845, /* "id-GostR3410-94-a" */
-846, /* "id-GostR3410-94-aBis" */
-847, /* "id-GostR3410-94-b" */
-848, /* "id-GostR3410-94-bBis" */
-822, /* "id-GostR3411-94-CryptoProParamSet" */
-821, /* "id-GostR3411-94-TestParamSet" */
-266, /* "id-aca" */
-355, /* "id-aca-accessIdentity" */
-354, /* "id-aca-authenticationInfo" */
-356, /* "id-aca-chargingIdentity" */
-399, /* "id-aca-encAttrs" */
-357, /* "id-aca-group" */
-358, /* "id-aca-role" */
-176, /* "id-ad" */
-788, /* "id-aes128-wrap" */
-897, /* "id-aes128-wrap-pad" */
-789, /* "id-aes192-wrap" */
-900, /* "id-aes192-wrap-pad" */
-790, /* "id-aes256-wrap" */
-903, /* "id-aes256-wrap-pad" */
-262, /* "id-alg" */
-893, /* "id-alg-PWRI-KEK" */
-323, /* "id-alg-des40" */
-326, /* "id-alg-dh-pop" */
-325, /* "id-alg-dh-sig-hmac-sha1" */
-324, /* "id-alg-noSignature" */
-907, /* "id-camellia128-wrap" */
-908, /* "id-camellia192-wrap" */
-909, /* "id-camellia256-wrap" */
-268, /* "id-cct" */
-361, /* "id-cct-PKIData" */
-362, /* "id-cct-PKIResponse" */
-360, /* "id-cct-crs" */
-81, /* "id-ce" */
-680, /* "id-characteristic-two-basis" */
-263, /* "id-cmc" */
-334, /* "id-cmc-addExtensions" */
-346, /* "id-cmc-confirmCertAcceptance" */
-330, /* "id-cmc-dataReturn" */
-336, /* "id-cmc-decryptedPOP" */
-335, /* "id-cmc-encryptedPOP" */
-339, /* "id-cmc-getCRL" */
-338, /* "id-cmc-getCert" */
-328, /* "id-cmc-identification" */
-329, /* "id-cmc-identityProof" */
-337, /* "id-cmc-lraPOPWitness" */
-344, /* "id-cmc-popLinkRandom" */
-345, /* "id-cmc-popLinkWitness" */
-343, /* "id-cmc-queryPending" */
-333, /* "id-cmc-recipientNonce" */
-341, /* "id-cmc-regInfo" */
-342, /* "id-cmc-responseInfo" */
-340, /* "id-cmc-revokeRequest" */
-332, /* "id-cmc-senderNonce" */
-327, /* "id-cmc-statusInfo" */
-331, /* "id-cmc-transactionId" */
-787, /* "id-ct-asciiTextWithCRLF" */
-408, /* "id-ecPublicKey" */
-508, /* "id-hex-multipart-message" */
-507, /* "id-hex-partial-message" */
-260, /* "id-it" */
-302, /* "id-it-caKeyUpdateInfo" */
-298, /* "id-it-caProtEncCert" */
-311, /* "id-it-confirmWaitTime" */
-303, /* "id-it-currentCRL" */
-300, /* "id-it-encKeyPairTypes" */
-310, /* "id-it-implicitConfirm" */
-308, /* "id-it-keyPairParamRep" */
-307, /* "id-it-keyPairParamReq" */
-312, /* "id-it-origPKIMessage" */
-301, /* "id-it-preferredSymmAlg" */
-309, /* "id-it-revPassphrase" */
-299, /* "id-it-signKeyPairTypes" */
-305, /* "id-it-subscriptionRequest" */
-306, /* "id-it-subscriptionResponse" */
-784, /* "id-it-suppLangTags" */
-304, /* "id-it-unsupportedOIDs" */
-128, /* "id-kp" */
-280, /* "id-mod-attribute-cert" */
-274, /* "id-mod-cmc" */
-277, /* "id-mod-cmp" */
-284, /* "id-mod-cmp2000" */
-273, /* "id-mod-crmf" */
-283, /* "id-mod-dvcs" */
-275, /* "id-mod-kea-profile-88" */
-276, /* "id-mod-kea-profile-93" */
-282, /* "id-mod-ocsp" */
-278, /* "id-mod-qualified-cert-88" */
-279, /* "id-mod-qualified-cert-93" */
-281, /* "id-mod-timestamp-protocol" */
-264, /* "id-on" */
-347, /* "id-on-personalData" */
-265, /* "id-pda" */
-352, /* "id-pda-countryOfCitizenship" */
-353, /* "id-pda-countryOfResidence" */
-348, /* "id-pda-dateOfBirth" */
-351, /* "id-pda-gender" */
-349, /* "id-pda-placeOfBirth" */
-175, /* "id-pe" */
-261, /* "id-pkip" */
-258, /* "id-pkix-mod" */
-269, /* "id-pkix1-explicit-88" */
-271, /* "id-pkix1-explicit-93" */
-270, /* "id-pkix1-implicit-88" */
-272, /* "id-pkix1-implicit-93" */
-662, /* "id-ppl" */
-267, /* "id-qcs" */
-359, /* "id-qcs-pkixQCSyntax-v1" */
-259, /* "id-qt" */
-313, /* "id-regCtrl" */
-316, /* "id-regCtrl-authenticator" */
-319, /* "id-regCtrl-oldCertID" */
-318, /* "id-regCtrl-pkiArchiveOptions" */
-317, /* "id-regCtrl-pkiPublicationInfo" */
-320, /* "id-regCtrl-protocolEncrKey" */
-315, /* "id-regCtrl-regToken" */
-314, /* "id-regInfo" */
-322, /* "id-regInfo-certReq" */
-321, /* "id-regInfo-utf8Pairs" */
-191, /* "id-smime-aa" */
-215, /* "id-smime-aa-contentHint" */
-218, /* "id-smime-aa-contentIdentifier" */
-221, /* "id-smime-aa-contentReference" */
-240, /* "id-smime-aa-dvcs-dvc" */
-217, /* "id-smime-aa-encapContentType" */
-222, /* "id-smime-aa-encrypKeyPref" */
-220, /* "id-smime-aa-equivalentLabels" */
-232, /* "id-smime-aa-ets-CertificateRefs" */
-233, /* "id-smime-aa-ets-RevocationRefs" */
-238, /* "id-smime-aa-ets-archiveTimeStamp" */
-237, /* "id-smime-aa-ets-certCRLTimestamp" */
-234, /* "id-smime-aa-ets-certValues" */
-227, /* "id-smime-aa-ets-commitmentType" */
-231, /* "id-smime-aa-ets-contentTimestamp" */
-236, /* "id-smime-aa-ets-escTimeStamp" */
-230, /* "id-smime-aa-ets-otherSigCert" */
-235, /* "id-smime-aa-ets-revocationValues" */
-226, /* "id-smime-aa-ets-sigPolicyId" */
-229, /* "id-smime-aa-ets-signerAttr" */
-228, /* "id-smime-aa-ets-signerLocation" */
-219, /* "id-smime-aa-macValue" */
-214, /* "id-smime-aa-mlExpandHistory" */
-216, /* "id-smime-aa-msgSigDigest" */
-212, /* "id-smime-aa-receiptRequest" */
-213, /* "id-smime-aa-securityLabel" */
-239, /* "id-smime-aa-signatureType" */
-223, /* "id-smime-aa-signingCertificate" */
-224, /* "id-smime-aa-smimeEncryptCerts" */
-225, /* "id-smime-aa-timeStampToken" */
-192, /* "id-smime-alg" */
-243, /* "id-smime-alg-3DESwrap" */
-246, /* "id-smime-alg-CMS3DESwrap" */
-247, /* "id-smime-alg-CMSRC2wrap" */
-245, /* "id-smime-alg-ESDH" */
-241, /* "id-smime-alg-ESDHwith3DES" */
-242, /* "id-smime-alg-ESDHwithRC2" */
-244, /* "id-smime-alg-RC2wrap" */
-193, /* "id-smime-cd" */
-248, /* "id-smime-cd-ldap" */
-190, /* "id-smime-ct" */
-210, /* "id-smime-ct-DVCSRequestData" */
-211, /* "id-smime-ct-DVCSResponseData" */
-208, /* "id-smime-ct-TDTInfo" */
-207, /* "id-smime-ct-TSTInfo" */
-205, /* "id-smime-ct-authData" */
-786, /* "id-smime-ct-compressedData" */
-209, /* "id-smime-ct-contentInfo" */
-206, /* "id-smime-ct-publishCert" */
-204, /* "id-smime-ct-receipt" */
-195, /* "id-smime-cti" */
-255, /* "id-smime-cti-ets-proofOfApproval" */
-256, /* "id-smime-cti-ets-proofOfCreation" */
-253, /* "id-smime-cti-ets-proofOfDelivery" */
-251, /* "id-smime-cti-ets-proofOfOrigin" */
-252, /* "id-smime-cti-ets-proofOfReceipt" */
-254, /* "id-smime-cti-ets-proofOfSender" */
-189, /* "id-smime-mod" */
-196, /* "id-smime-mod-cms" */
-197, /* "id-smime-mod-ess" */
-202, /* "id-smime-mod-ets-eSigPolicy-88" */
-203, /* "id-smime-mod-ets-eSigPolicy-97" */
-200, /* "id-smime-mod-ets-eSignature-88" */
-201, /* "id-smime-mod-ets-eSignature-97" */
-199, /* "id-smime-mod-msg-v3" */
-198, /* "id-smime-mod-oid" */
-194, /* "id-smime-spq" */
-250, /* "id-smime-spq-ets-sqt-unotice" */
-249, /* "id-smime-spq-ets-sqt-uri" */
-34, /* "idea-cbc" */
-35, /* "idea-cfb" */
-36, /* "idea-ecb" */
-46, /* "idea-ofb" */
-676, /* "identified-organization" */
-461, /* "info" */
-101, /* "initials" */
-869, /* "internationaliSDNNumber" */
-749, /* "ipsec3" */
-750, /* "ipsec4" */
-181, /* "iso" */
-623, /* "issuer capabilities" */
-645, /* "itu-t" */
-492, /* "janetMailbox" */
-646, /* "joint-iso-itu-t" */
-150, /* "keyBag" */
-773, /* "kisa" */
-477, /* "lastModifiedBy" */
-476, /* "lastModifiedTime" */
-157, /* "localKeyID" */
-15, /* "localityName" */
-480, /* "mXRecord" */
-493, /* "mailPreferenceOption" */
-467, /* "manager" */
- 3, /* "md2" */
- 7, /* "md2WithRSAEncryption" */
-257, /* "md4" */
-396, /* "md4WithRSAEncryption" */
- 4, /* "md5" */
-114, /* "md5-sha1" */
-104, /* "md5WithRSA" */
- 8, /* "md5WithRSAEncryption" */
-95, /* "mdc2" */
-96, /* "mdc2WithRSA" */
-875, /* "member" */
-602, /* "merchant initiated auth" */
-514, /* "message extensions" */
-51, /* "messageDigest" */
-911, /* "mgf1" */
-506, /* "mime-mhs-bodies" */
-505, /* "mime-mhs-headings" */
-488, /* "mobileTelephoneNumber" */
-481, /* "nSRecord" */
-173, /* "name" */
-681, /* "onBasis" */
-379, /* "org" */
-17, /* "organizationName" */
-491, /* "organizationalStatus" */
-18, /* "organizationalUnitName" */
-475, /* "otherMailbox" */
-876, /* "owner" */
-935, /* "pSpecified" */
-489, /* "pagerTelephoneNumber" */
-782, /* "password based MAC" */
-374, /* "path" */
-621, /* "payment gateway capabilities" */
- 9, /* "pbeWithMD2AndDES-CBC" */
-168, /* "pbeWithMD2AndRC2-CBC" */
-112, /* "pbeWithMD5AndCast5CBC" */
-10, /* "pbeWithMD5AndDES-CBC" */
-169, /* "pbeWithMD5AndRC2-CBC" */
-148, /* "pbeWithSHA1And128BitRC2-CBC" */
-144, /* "pbeWithSHA1And128BitRC4" */
-147, /* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-146, /* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-149, /* "pbeWithSHA1And40BitRC2-CBC" */
-145, /* "pbeWithSHA1And40BitRC4" */
-170, /* "pbeWithSHA1AndDES-CBC" */
-68, /* "pbeWithSHA1AndRC2-CBC" */
-499, /* "personalSignature" */
-487, /* "personalTitle" */
-464, /* "photo" */
-863, /* "physicalDeliveryOfficeName" */
-437, /* "pilot" */
-439, /* "pilotAttributeSyntax" */
-438, /* "pilotAttributeType" */
-479, /* "pilotAttributeType27" */
-456, /* "pilotDSA" */
-441, /* "pilotGroups" */
-444, /* "pilotObject" */
-440, /* "pilotObjectClass" */
-455, /* "pilotOrganization" */
-445, /* "pilotPerson" */
-186, /* "pkcs1" */
-27, /* "pkcs3" */
-187, /* "pkcs5" */
-20, /* "pkcs7" */
-21, /* "pkcs7-data" */
-25, /* "pkcs7-digestData" */
-26, /* "pkcs7-encryptedData" */
-23, /* "pkcs7-envelopedData" */
-24, /* "pkcs7-signedAndEnvelopedData" */
-22, /* "pkcs7-signedData" */
-151, /* "pkcs8ShroudedKeyBag" */
-47, /* "pkcs9" */
-862, /* "postOfficeBox" */
-861, /* "postalAddress" */
-661, /* "postalCode" */
-683, /* "ppBasis" */
-872, /* "preferredDeliveryMethod" */
-873, /* "presentationAddress" */
-406, /* "prime-field" */
-409, /* "prime192v1" */
-410, /* "prime192v2" */
-411, /* "prime192v3" */
-412, /* "prime239v1" */
-413, /* "prime239v2" */
-414, /* "prime239v3" */
-415, /* "prime256v1" */
-886, /* "protocolInformation" */
-510, /* "pseudonym" */
-435, /* "pss" */
-286, /* "qcStatements" */
-457, /* "qualityLabelledData" */
-450, /* "rFC822localPart" */
-98, /* "rc2-40-cbc" */
-166, /* "rc2-64-cbc" */
-37, /* "rc2-cbc" */
-39, /* "rc2-cfb" */
-38, /* "rc2-ecb" */
-40, /* "rc2-ofb" */
- 5, /* "rc4" */
-97, /* "rc4-40" */
-915, /* "rc4-hmac-md5" */
-120, /* "rc5-cbc" */
-122, /* "rc5-cfb" */
-121, /* "rc5-ecb" */
-123, /* "rc5-ofb" */
-870, /* "registeredAddress" */
-460, /* "rfc822Mailbox" */
-117, /* "ripemd160" */
-119, /* "ripemd160WithRSA" */
-400, /* "role" */
-877, /* "roleOccupant" */
-448, /* "room" */
-463, /* "roomNumber" */
-19, /* "rsa" */
- 6, /* "rsaEncryption" */
-644, /* "rsaOAEPEncryptionSET" */
-377, /* "rsaSignature" */
-919, /* "rsaesOaep" */
-912, /* "rsassaPss" */
-482, /* "sOARecord" */
-155, /* "safeContentsBag" */
-291, /* "sbgp-autonomousSysNum" */
-290, /* "sbgp-ipAddrBlock" */
-292, /* "sbgp-routerIdentifier" */
-159, /* "sdsiCertificate" */
-859, /* "searchGuide" */
-704, /* "secp112r1" */
-705, /* "secp112r2" */
-706, /* "secp128r1" */
-707, /* "secp128r2" */
-708, /* "secp160k1" */
-709, /* "secp160r1" */
-710, /* "secp160r2" */
-711, /* "secp192k1" */
-712, /* "secp224k1" */
-713, /* "secp224r1" */
-714, /* "secp256k1" */
-715, /* "secp384r1" */
-716, /* "secp521r1" */
-154, /* "secretBag" */
-474, /* "secretary" */
-717, /* "sect113r1" */
-718, /* "sect113r2" */
-719, /* "sect131r1" */
-720, /* "sect131r2" */
-721, /* "sect163k1" */
-722, /* "sect163r1" */
-723, /* "sect163r2" */
-724, /* "sect193r1" */
-725, /* "sect193r2" */
-726, /* "sect233k1" */
-727, /* "sect233r1" */
-728, /* "sect239k1" */
-729, /* "sect283k1" */
-730, /* "sect283r1" */
-731, /* "sect409k1" */
-732, /* "sect409r1" */
-733, /* "sect571k1" */
-734, /* "sect571r1" */
-635, /* "secure device signature" */
-878, /* "seeAlso" */
-777, /* "seed-cbc" */
-779, /* "seed-cfb" */
-776, /* "seed-ecb" */
-778, /* "seed-ofb" */
-105, /* "serialNumber" */
-625, /* "set-addPolicy" */
-515, /* "set-attr" */
-518, /* "set-brand" */
-638, /* "set-brand-AmericanExpress" */
-637, /* "set-brand-Diners" */
-636, /* "set-brand-IATA-ATA" */
-639, /* "set-brand-JCB" */
-641, /* "set-brand-MasterCard" */
-642, /* "set-brand-Novus" */
-640, /* "set-brand-Visa" */
-516, /* "set-policy" */
-607, /* "set-policy-root" */
-624, /* "set-rootKeyThumb" */
-620, /* "setAttr-Cert" */
-628, /* "setAttr-IssCap-CVM" */
-630, /* "setAttr-IssCap-Sig" */
-629, /* "setAttr-IssCap-T2" */
-627, /* "setAttr-Token-B0Prime" */
-626, /* "setAttr-Token-EMV" */
-622, /* "setAttr-TokenType" */
-619, /* "setCext-IssuerCapabilities" */
-615, /* "setCext-PGWYcapabilities" */
-616, /* "setCext-TokenIdentifier" */
-618, /* "setCext-TokenType" */
-617, /* "setCext-Track2Data" */
-611, /* "setCext-cCertRequired" */
-609, /* "setCext-certType" */
-608, /* "setCext-hashedRoot" */
-610, /* "setCext-merchData" */
-613, /* "setCext-setExt" */
-614, /* "setCext-setQualf" */
-612, /* "setCext-tunneling" */
-540, /* "setct-AcqCardCodeMsg" */
-576, /* "setct-AcqCardCodeMsgTBE" */
-570, /* "setct-AuthReqTBE" */
-534, /* "setct-AuthReqTBS" */
-527, /* "setct-AuthResBaggage" */
-571, /* "setct-AuthResTBE" */
-572, /* "setct-AuthResTBEX" */
-535, /* "setct-AuthResTBS" */
-536, /* "setct-AuthResTBSX" */
-528, /* "setct-AuthRevReqBaggage" */
-577, /* "setct-AuthRevReqTBE" */
-541, /* "setct-AuthRevReqTBS" */
-529, /* "setct-AuthRevResBaggage" */
-542, /* "setct-AuthRevResData" */
-578, /* "setct-AuthRevResTBE" */
-579, /* "setct-AuthRevResTBEB" */
-543, /* "setct-AuthRevResTBS" */
-573, /* "setct-AuthTokenTBE" */
-537, /* "setct-AuthTokenTBS" */
-600, /* "setct-BCIDistributionTBS" */
-558, /* "setct-BatchAdminReqData" */
-592, /* "setct-BatchAdminReqTBE" */
-559, /* "setct-BatchAdminResData" */
-593, /* "setct-BatchAdminResTBE" */
-599, /* "setct-CRLNotificationResTBS" */
-598, /* "setct-CRLNotificationTBS" */
-580, /* "setct-CapReqTBE" */
-581, /* "setct-CapReqTBEX" */
-544, /* "setct-CapReqTBS" */
-545, /* "setct-CapReqTBSX" */
-546, /* "setct-CapResData" */
-582, /* "setct-CapResTBE" */
-583, /* "setct-CapRevReqTBE" */
-584, /* "setct-CapRevReqTBEX" */
-547, /* "setct-CapRevReqTBS" */
-548, /* "setct-CapRevReqTBSX" */
-549, /* "setct-CapRevResData" */
-585, /* "setct-CapRevResTBE" */
-538, /* "setct-CapTokenData" */
-530, /* "setct-CapTokenSeq" */
-574, /* "setct-CapTokenTBE" */
-575, /* "setct-CapTokenTBEX" */
-539, /* "setct-CapTokenTBS" */
-560, /* "setct-CardCInitResTBS" */
-566, /* "setct-CertInqReqTBS" */
-563, /* "setct-CertReqData" */
-595, /* "setct-CertReqTBE" */
-596, /* "setct-CertReqTBEX" */
-564, /* "setct-CertReqTBS" */
-565, /* "setct-CertResData" */
-597, /* "setct-CertResTBE" */
-586, /* "setct-CredReqTBE" */
-587, /* "setct-CredReqTBEX" */
-550, /* "setct-CredReqTBS" */
-551, /* "setct-CredReqTBSX" */
-552, /* "setct-CredResData" */
-588, /* "setct-CredResTBE" */
-589, /* "setct-CredRevReqTBE" */
-590, /* "setct-CredRevReqTBEX" */
-553, /* "setct-CredRevReqTBS" */
-554, /* "setct-CredRevReqTBSX" */
-555, /* "setct-CredRevResData" */
-591, /* "setct-CredRevResTBE" */
-567, /* "setct-ErrorTBS" */
-526, /* "setct-HODInput" */
-561, /* "setct-MeAqCInitResTBS" */
-522, /* "setct-OIData" */
-519, /* "setct-PANData" */
-521, /* "setct-PANOnly" */
-520, /* "setct-PANToken" */
-556, /* "setct-PCertReqData" */
-557, /* "setct-PCertResTBS" */
-523, /* "setct-PI" */
-532, /* "setct-PI-TBS" */
-524, /* "setct-PIData" */
-525, /* "setct-PIDataUnsigned" */
-568, /* "setct-PIDualSignedTBE" */
-569, /* "setct-PIUnsignedTBE" */
-531, /* "setct-PInitResData" */
-533, /* "setct-PResData" */
-594, /* "setct-RegFormReqTBE" */
-562, /* "setct-RegFormResTBS" */
-604, /* "setext-pinAny" */
-603, /* "setext-pinSecure" */
-605, /* "setext-track2" */
-41, /* "sha" */
-64, /* "sha1" */
-115, /* "sha1WithRSA" */
-65, /* "sha1WithRSAEncryption" */
-675, /* "sha224" */
-671, /* "sha224WithRSAEncryption" */
-672, /* "sha256" */
-668, /* "sha256WithRSAEncryption" */
-673, /* "sha384" */
-669, /* "sha384WithRSAEncryption" */
-674, /* "sha512" */
-670, /* "sha512WithRSAEncryption" */
-42, /* "shaWithRSAEncryption" */
-52, /* "signingTime" */
-454, /* "simpleSecurityObject" */
-496, /* "singleLevelQuality" */
-16, /* "stateOrProvinceName" */
-660, /* "streetAddress" */
-498, /* "subtreeMaximumQuality" */
-497, /* "subtreeMinimumQuality" */
-890, /* "supportedAlgorithms" */
-874, /* "supportedApplicationContext" */
-100, /* "surname" */
-864, /* "telephoneNumber" */
-866, /* "teletexTerminalIdentifier" */
-865, /* "telexNumber" */
-459, /* "textEncodedORAddress" */
-293, /* "textNotice" */
-106, /* "title" */
-682, /* "tpBasis" */
-436, /* "ucl" */
- 0, /* "undefined" */
-888, /* "uniqueMember" */
-55, /* "unstructuredAddress" */
-49, /* "unstructuredName" */
-880, /* "userCertificate" */
-465, /* "userClass" */
-458, /* "userId" */
-879, /* "userPassword" */
-373, /* "valid" */
-678, /* "wap" */
-679, /* "wap-wsg" */
-735, /* "wap-wsg-idm-ecid-wtls1" */
-743, /* "wap-wsg-idm-ecid-wtls10" */
-744, /* "wap-wsg-idm-ecid-wtls11" */
-745, /* "wap-wsg-idm-ecid-wtls12" */
-736, /* "wap-wsg-idm-ecid-wtls3" */
-737, /* "wap-wsg-idm-ecid-wtls4" */
-738, /* "wap-wsg-idm-ecid-wtls5" */
-739, /* "wap-wsg-idm-ecid-wtls6" */
-740, /* "wap-wsg-idm-ecid-wtls7" */
-741, /* "wap-wsg-idm-ecid-wtls8" */
-742, /* "wap-wsg-idm-ecid-wtls9" */
-804, /* "whirlpool" */
-868, /* "x121Address" */
-503, /* "x500UniqueIdentifier" */
-158, /* "x509Certificate" */
-160, /* "x509Crl" */
-125, /* "zlib compression" */
+static const unsigned kNIDsInLongNameOrder[] = {
+ 363 /* AD Time Stamping */,
+ 405 /* ANSI X9.62 */,
+ 368 /* Acceptable OCSP Responses */,
+ 910 /* Any Extended Key Usage */,
+ 664 /* Any language */,
+ 177 /* Authority Information Access */,
+ 365 /* Basic OCSP Response */,
+ 285 /* Biometric Info */,
+ 179 /* CA Issuers */,
+ 785 /* CA Repository */,
+ 131 /* Code Signing */,
+ 783 /* Diffie-Hellman based MAC */,
+ 382 /* Directory */,
+ 392 /* Domain */,
+ 132 /* E-mail Protection */,
+ 389 /* Enterprises */,
+ 384 /* Experimental */,
+ 372 /* Extended OCSP Status */,
+ 172 /* Extension Request */,
+ 813 /* GOST 28147-89 */,
+ 849 /* GOST 28147-89 Cryptocom ParamSet */,
+ 815 /* GOST 28147-89 MAC */,
+ 851 /* GOST 34.10-2001 Cryptocom */,
+ 850 /* GOST 34.10-94 Cryptocom */,
+ 811 /* GOST R 34.10-2001 */,
+ 817 /* GOST R 34.10-2001 DH */,
+ 812 /* GOST R 34.10-94 */,
+ 818 /* GOST R 34.10-94 DH */,
+ 809 /* GOST R 34.11-94 */,
+ 816 /* GOST R 34.11-94 PRF */,
+ 807 /* GOST R 34.11-94 with GOST R 34.10-2001 */,
+ 853 /* GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom */,
+ 808 /* GOST R 34.11-94 with GOST R 34.10-94 */,
+ 852 /* GOST R 34.11-94 with GOST R 34.10-94 Cryptocom */,
+ 854 /* GOST R 3410-2001 Parameter Set Cryptocom */,
+ 810 /* HMAC GOST 34.11-94 */,
+ 432 /* Hold Instruction Call Issuer */,
+ 430 /* Hold Instruction Code */,
+ 431 /* Hold Instruction None */,
+ 433 /* Hold Instruction Reject */,
+ 634 /* ICC or token signature */,
+ 294 /* IPSec End System */,
+ 295 /* IPSec Tunnel */,
+ 296 /* IPSec User */,
+ 182 /* ISO Member Body */,
+ 183 /* ISO US Member Body */,
+ 667 /* Independent */,
+ 665 /* Inherit all */,
+ 647 /* International Organizations */,
+ 142 /* Invalidity Date */,
+ 504 /* MIME MHS */,
+ 388 /* Mail */,
+ 383 /* Management */,
+ 417 /* Microsoft CSP Name */,
+ 135 /* Microsoft Commercial Code Signing */,
+ 138 /* Microsoft Encrypted File System */,
+ 171 /* Microsoft Extension Request */,
+ 134 /* Microsoft Individual Code Signing */,
+ 856 /* Microsoft Local Key set */,
+ 137 /* Microsoft Server Gated Crypto */,
+ 648 /* Microsoft Smartcardlogin */,
+ 136 /* Microsoft Trust List Signing */,
+ 649 /* Microsoft Universal Principal Name */,
+ 72 /* Netscape Base Url */,
+ 76 /* Netscape CA Policy Url */,
+ 74 /* Netscape CA Revocation Url */,
+ 71 /* Netscape Cert Type */,
+ 58 /* Netscape Certificate Extension */,
+ 79 /* Netscape Certificate Sequence */,
+ 78 /* Netscape Comment */,
+ 57 /* Netscape Communications Corp. */,
+ 59 /* Netscape Data Type */,
+ 75 /* Netscape Renewal Url */,
+ 73 /* Netscape Revocation Url */,
+ 77 /* Netscape SSL Server Name */,
+ 139 /* Netscape Server Gated Crypto */,
+ 178 /* OCSP */,
+ 370 /* OCSP Archive Cutoff */,
+ 367 /* OCSP CRL ID */,
+ 369 /* OCSP No Check */,
+ 366 /* OCSP Nonce */,
+ 371 /* OCSP Service Locator */,
+ 180 /* OCSP Signing */,
+ 161 /* PBES2 */,
+ 69 /* PBKDF2 */,
+ 162 /* PBMAC1 */,
+ 127 /* PKIX */,
+ 858 /* Permanent Identifier */,
+ 164 /* Policy Qualifier CPS */,
+ 165 /* Policy Qualifier User Notice */,
+ 385 /* Private */,
+ 663 /* Proxy Certificate Information */,
+ 1 /* RSA Data Security, Inc. */,
+ 2 /* RSA Data Security, Inc. PKCS */,
+ 188 /* S/MIME */,
+ 167 /* S/MIME Capabilities */,
+ 387 /* SNMPv2 */,
+ 512 /* Secure Electronic Transactions */,
+ 386 /* Security */,
+ 394 /* Selected Attribute Types */,
+ 143 /* Strong Extranet ID */,
+ 398 /* Subject Information Access */,
+ 130 /* TLS Web Client Authentication */,
+ 129 /* TLS Web Server Authentication */,
+ 133 /* Time Stamping */,
+ 375 /* Trust Root */,
+ 948 /* X25519 */,
+ 12 /* X509 */,
+ 402 /* X509v3 AC Targeting */,
+ 746 /* X509v3 Any Policy */,
+ 90 /* X509v3 Authority Key Identifier */,
+ 87 /* X509v3 Basic Constraints */,
+ 103 /* X509v3 CRL Distribution Points */,
+ 88 /* X509v3 CRL Number */,
+ 141 /* X509v3 CRL Reason Code */,
+ 771 /* X509v3 Certificate Issuer */,
+ 89 /* X509v3 Certificate Policies */,
+ 140 /* X509v3 Delta CRL Indicator */,
+ 126 /* X509v3 Extended Key Usage */,
+ 857 /* X509v3 Freshest CRL */,
+ 748 /* X509v3 Inhibit Any Policy */,
+ 86 /* X509v3 Issuer Alternative Name */,
+ 770 /* X509v3 Issuing Distribution Point */,
+ 83 /* X509v3 Key Usage */,
+ 666 /* X509v3 Name Constraints */,
+ 403 /* X509v3 No Revocation Available */,
+ 401 /* X509v3 Policy Constraints */,
+ 747 /* X509v3 Policy Mappings */,
+ 84 /* X509v3 Private Key Usage Period */,
+ 85 /* X509v3 Subject Alternative Name */,
+ 769 /* X509v3 Subject Directory Attributes */,
+ 82 /* X509v3 Subject Key Identifier */,
+ 920 /* X9.42 DH */,
+ 184 /* X9.57 */,
+ 185 /* X9.57 CM ? */,
+ 478 /* aRecord */,
+ 289 /* aaControls */,
+ 287 /* ac-auditEntity */,
+ 397 /* ac-proxying */,
+ 288 /* ac-targeting */,
+ 446 /* account */,
+ 364 /* ad dvcs */,
+ 606 /* additional verification */,
+ 419 /* aes-128-cbc */,
+ 916 /* aes-128-cbc-hmac-sha1 */,
+ 896 /* aes-128-ccm */,
+ 421 /* aes-128-cfb */,
+ 650 /* aes-128-cfb1 */,
+ 653 /* aes-128-cfb8 */,
+ 904 /* aes-128-ctr */,
+ 418 /* aes-128-ecb */,
+ 895 /* aes-128-gcm */,
+ 420 /* aes-128-ofb */,
+ 913 /* aes-128-xts */,
+ 423 /* aes-192-cbc */,
+ 917 /* aes-192-cbc-hmac-sha1 */,
+ 899 /* aes-192-ccm */,
+ 425 /* aes-192-cfb */,
+ 651 /* aes-192-cfb1 */,
+ 654 /* aes-192-cfb8 */,
+ 905 /* aes-192-ctr */,
+ 422 /* aes-192-ecb */,
+ 898 /* aes-192-gcm */,
+ 424 /* aes-192-ofb */,
+ 427 /* aes-256-cbc */,
+ 918 /* aes-256-cbc-hmac-sha1 */,
+ 902 /* aes-256-ccm */,
+ 429 /* aes-256-cfb */,
+ 652 /* aes-256-cfb1 */,
+ 655 /* aes-256-cfb8 */,
+ 906 /* aes-256-ctr */,
+ 426 /* aes-256-ecb */,
+ 901 /* aes-256-gcm */,
+ 428 /* aes-256-ofb */,
+ 914 /* aes-256-xts */,
+ 376 /* algorithm */,
+ 484 /* associatedDomain */,
+ 485 /* associatedName */,
+ 501 /* audio */,
+ 882 /* authorityRevocationList */,
+ 91 /* bf-cbc */,
+ 93 /* bf-cfb */,
+ 92 /* bf-ecb */,
+ 94 /* bf-ofb */,
+ 921 /* brainpoolP160r1 */,
+ 922 /* brainpoolP160t1 */,
+ 923 /* brainpoolP192r1 */,
+ 924 /* brainpoolP192t1 */,
+ 925 /* brainpoolP224r1 */,
+ 926 /* brainpoolP224t1 */,
+ 927 /* brainpoolP256r1 */,
+ 928 /* brainpoolP256t1 */,
+ 929 /* brainpoolP320r1 */,
+ 930 /* brainpoolP320t1 */,
+ 931 /* brainpoolP384r1 */,
+ 932 /* brainpoolP384t1 */,
+ 933 /* brainpoolP512r1 */,
+ 934 /* brainpoolP512t1 */,
+ 494 /* buildingName */,
+ 860 /* businessCategory */,
+ 691 /* c2onb191v4 */,
+ 692 /* c2onb191v5 */,
+ 697 /* c2onb239v4 */,
+ 698 /* c2onb239v5 */,
+ 684 /* c2pnb163v1 */,
+ 685 /* c2pnb163v2 */,
+ 686 /* c2pnb163v3 */,
+ 687 /* c2pnb176v1 */,
+ 693 /* c2pnb208w1 */,
+ 699 /* c2pnb272w1 */,
+ 700 /* c2pnb304w1 */,
+ 702 /* c2pnb368w1 */,
+ 688 /* c2tnb191v1 */,
+ 689 /* c2tnb191v2 */,
+ 690 /* c2tnb191v3 */,
+ 694 /* c2tnb239v1 */,
+ 695 /* c2tnb239v2 */,
+ 696 /* c2tnb239v3 */,
+ 701 /* c2tnb359v1 */,
+ 703 /* c2tnb431r1 */,
+ 881 /* cACertificate */,
+ 483 /* cNAMERecord */,
+ 751 /* camellia-128-cbc */,
+ 757 /* camellia-128-cfb */,
+ 760 /* camellia-128-cfb1 */,
+ 763 /* camellia-128-cfb8 */,
+ 754 /* camellia-128-ecb */,
+ 766 /* camellia-128-ofb */,
+ 752 /* camellia-192-cbc */,
+ 758 /* camellia-192-cfb */,
+ 761 /* camellia-192-cfb1 */,
+ 764 /* camellia-192-cfb8 */,
+ 755 /* camellia-192-ecb */,
+ 767 /* camellia-192-ofb */,
+ 753 /* camellia-256-cbc */,
+ 759 /* camellia-256-cfb */,
+ 762 /* camellia-256-cfb1 */,
+ 765 /* camellia-256-cfb8 */,
+ 756 /* camellia-256-ecb */,
+ 768 /* camellia-256-ofb */,
+ 443 /* caseIgnoreIA5StringSyntax */,
+ 108 /* cast5-cbc */,
+ 110 /* cast5-cfb */,
+ 109 /* cast5-ecb */,
+ 111 /* cast5-ofb */,
+ 152 /* certBag */,
+ 677 /* certicom-arc */,
+ 517 /* certificate extensions */,
+ 883 /* certificateRevocationList */,
+ 54 /* challengePassword */,
+ 407 /* characteristic-two-field */,
+ 395 /* clearance */,
+ 633 /* cleartext track 2 */,
+ 894 /* cmac */,
+ 13 /* commonName */,
+ 513 /* content types */,
+ 50 /* contentType */,
+ 53 /* countersignature */,
+ 14 /* countryName */,
+ 153 /* crlBag */,
+ 884 /* crossCertificatePair */,
+ 806 /* cryptocom */,
+ 805 /* cryptopro */,
+ 500 /* dITRedirect */,
+ 451 /* dNSDomain */,
+ 495 /* dSAQuality */,
+ 434 /* data */,
+ 390 /* dcObject */,
+ 891 /* deltaRevocationList */,
+ 31 /* des-cbc */,
+ 643 /* des-cdmf */,
+ 30 /* des-cfb */,
+ 656 /* des-cfb1 */,
+ 657 /* des-cfb8 */,
+ 29 /* des-ecb */,
+ 32 /* des-ede */,
+ 43 /* des-ede-cbc */,
+ 60 /* des-ede-cfb */,
+ 62 /* des-ede-ofb */,
+ 33 /* des-ede3 */,
+ 44 /* des-ede3-cbc */,
+ 61 /* des-ede3-cfb */,
+ 658 /* des-ede3-cfb1 */,
+ 659 /* des-ede3-cfb8 */,
+ 63 /* des-ede3-ofb */,
+ 45 /* des-ofb */,
+ 107 /* description */,
+ 871 /* destinationIndicator */,
+ 80 /* desx-cbc */,
+ 947 /* dh-cofactor-kdf */,
+ 946 /* dh-std-kdf */,
+ 28 /* dhKeyAgreement */,
+ 941 /* dhSinglePass-cofactorDH-sha1kdf-scheme */,
+ 942 /* dhSinglePass-cofactorDH-sha224kdf-scheme */,
+ 943 /* dhSinglePass-cofactorDH-sha256kdf-scheme */,
+ 944 /* dhSinglePass-cofactorDH-sha384kdf-scheme */,
+ 945 /* dhSinglePass-cofactorDH-sha512kdf-scheme */,
+ 936 /* dhSinglePass-stdDH-sha1kdf-scheme */,
+ 937 /* dhSinglePass-stdDH-sha224kdf-scheme */,
+ 938 /* dhSinglePass-stdDH-sha256kdf-scheme */,
+ 939 /* dhSinglePass-stdDH-sha384kdf-scheme */,
+ 940 /* dhSinglePass-stdDH-sha512kdf-scheme */,
+ 11 /* directory services (X.500) */,
+ 378 /* directory services - algorithms */,
+ 887 /* distinguishedName */,
+ 892 /* dmdName */,
+ 174 /* dnQualifier */,
+ 447 /* document */,
+ 471 /* documentAuthor */,
+ 468 /* documentIdentifier */,
+ 472 /* documentLocation */,
+ 502 /* documentPublisher */,
+ 449 /* documentSeries */,
+ 469 /* documentTitle */,
+ 470 /* documentVersion */,
+ 380 /* dod */,
+ 391 /* domainComponent */,
+ 452 /* domainRelatedObject */,
+ 116 /* dsaEncryption */,
+ 67 /* dsaEncryption-old */,
+ 66 /* dsaWithSHA */,
+ 113 /* dsaWithSHA1 */,
+ 70 /* dsaWithSHA1-old */,
+ 802 /* dsa_with_SHA224 */,
+ 803 /* dsa_with_SHA256 */,
+ 297 /* dvcs */,
+ 791 /* ecdsa-with-Recommended */,
+ 416 /* ecdsa-with-SHA1 */,
+ 793 /* ecdsa-with-SHA224 */,
+ 794 /* ecdsa-with-SHA256 */,
+ 795 /* ecdsa-with-SHA384 */,
+ 796 /* ecdsa-with-SHA512 */,
+ 792 /* ecdsa-with-Specified */,
+ 48 /* emailAddress */,
+ 632 /* encrypted track 2 */,
+ 885 /* enhancedSearchGuide */,
+ 56 /* extendedCertificateAttributes */,
+ 867 /* facsimileTelephoneNumber */,
+ 462 /* favouriteDrink */,
+ 453 /* friendlyCountry */,
+ 490 /* friendlyCountryName */,
+ 156 /* friendlyName */,
+ 631 /* generate cryptogram */,
+ 509 /* generationQualifier */,
+ 601 /* generic cryptogram */,
+ 99 /* givenName */,
+ 814 /* gost89-cnt */,
+ 855 /* hmac */,
+ 780 /* hmac-md5 */,
+ 781 /* hmac-sha1 */,
+ 797 /* hmacWithMD5 */,
+ 163 /* hmacWithSHA1 */,
+ 798 /* hmacWithSHA224 */,
+ 799 /* hmacWithSHA256 */,
+ 800 /* hmacWithSHA384 */,
+ 801 /* hmacWithSHA512 */,
+ 486 /* homePostalAddress */,
+ 473 /* homeTelephoneNumber */,
+ 466 /* host */,
+ 889 /* houseIdentifier */,
+ 442 /* iA5StringSyntax */,
+ 381 /* iana */,
+ 824 /* id-Gost28147-89-CryptoPro-A-ParamSet */,
+ 825 /* id-Gost28147-89-CryptoPro-B-ParamSet */,
+ 826 /* id-Gost28147-89-CryptoPro-C-ParamSet */,
+ 827 /* id-Gost28147-89-CryptoPro-D-ParamSet */,
+ 819 /* id-Gost28147-89-CryptoPro-KeyMeshing */,
+ 829 /* id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet */,
+ 828 /* id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet */,
+ 830 /* id-Gost28147-89-CryptoPro-RIC-1-ParamSet */,
+ 820 /* id-Gost28147-89-None-KeyMeshing */,
+ 823 /* id-Gost28147-89-TestParamSet */,
+ 840 /* id-GostR3410-2001-CryptoPro-A-ParamSet */,
+ 841 /* id-GostR3410-2001-CryptoPro-B-ParamSet */,
+ 842 /* id-GostR3410-2001-CryptoPro-C-ParamSet */,
+ 843 /* id-GostR3410-2001-CryptoPro-XchA-ParamSet */,
+ 844 /* id-GostR3410-2001-CryptoPro-XchB-ParamSet */,
+ 839 /* id-GostR3410-2001-TestParamSet */,
+ 832 /* id-GostR3410-94-CryptoPro-A-ParamSet */,
+ 833 /* id-GostR3410-94-CryptoPro-B-ParamSet */,
+ 834 /* id-GostR3410-94-CryptoPro-C-ParamSet */,
+ 835 /* id-GostR3410-94-CryptoPro-D-ParamSet */,
+ 836 /* id-GostR3410-94-CryptoPro-XchA-ParamSet */,
+ 837 /* id-GostR3410-94-CryptoPro-XchB-ParamSet */,
+ 838 /* id-GostR3410-94-CryptoPro-XchC-ParamSet */,
+ 831 /* id-GostR3410-94-TestParamSet */,
+ 845 /* id-GostR3410-94-a */,
+ 846 /* id-GostR3410-94-aBis */,
+ 847 /* id-GostR3410-94-b */,
+ 848 /* id-GostR3410-94-bBis */,
+ 822 /* id-GostR3411-94-CryptoProParamSet */,
+ 821 /* id-GostR3411-94-TestParamSet */,
+ 266 /* id-aca */,
+ 355 /* id-aca-accessIdentity */,
+ 354 /* id-aca-authenticationInfo */,
+ 356 /* id-aca-chargingIdentity */,
+ 399 /* id-aca-encAttrs */,
+ 357 /* id-aca-group */,
+ 358 /* id-aca-role */,
+ 176 /* id-ad */,
+ 788 /* id-aes128-wrap */,
+ 897 /* id-aes128-wrap-pad */,
+ 789 /* id-aes192-wrap */,
+ 900 /* id-aes192-wrap-pad */,
+ 790 /* id-aes256-wrap */,
+ 903 /* id-aes256-wrap-pad */,
+ 262 /* id-alg */,
+ 893 /* id-alg-PWRI-KEK */,
+ 323 /* id-alg-des40 */,
+ 326 /* id-alg-dh-pop */,
+ 325 /* id-alg-dh-sig-hmac-sha1 */,
+ 324 /* id-alg-noSignature */,
+ 907 /* id-camellia128-wrap */,
+ 908 /* id-camellia192-wrap */,
+ 909 /* id-camellia256-wrap */,
+ 268 /* id-cct */,
+ 361 /* id-cct-PKIData */,
+ 362 /* id-cct-PKIResponse */,
+ 360 /* id-cct-crs */,
+ 81 /* id-ce */,
+ 680 /* id-characteristic-two-basis */,
+ 263 /* id-cmc */,
+ 334 /* id-cmc-addExtensions */,
+ 346 /* id-cmc-confirmCertAcceptance */,
+ 330 /* id-cmc-dataReturn */,
+ 336 /* id-cmc-decryptedPOP */,
+ 335 /* id-cmc-encryptedPOP */,
+ 339 /* id-cmc-getCRL */,
+ 338 /* id-cmc-getCert */,
+ 328 /* id-cmc-identification */,
+ 329 /* id-cmc-identityProof */,
+ 337 /* id-cmc-lraPOPWitness */,
+ 344 /* id-cmc-popLinkRandom */,
+ 345 /* id-cmc-popLinkWitness */,
+ 343 /* id-cmc-queryPending */,
+ 333 /* id-cmc-recipientNonce */,
+ 341 /* id-cmc-regInfo */,
+ 342 /* id-cmc-responseInfo */,
+ 340 /* id-cmc-revokeRequest */,
+ 332 /* id-cmc-senderNonce */,
+ 327 /* id-cmc-statusInfo */,
+ 331 /* id-cmc-transactionId */,
+ 787 /* id-ct-asciiTextWithCRLF */,
+ 408 /* id-ecPublicKey */,
+ 508 /* id-hex-multipart-message */,
+ 507 /* id-hex-partial-message */,
+ 260 /* id-it */,
+ 302 /* id-it-caKeyUpdateInfo */,
+ 298 /* id-it-caProtEncCert */,
+ 311 /* id-it-confirmWaitTime */,
+ 303 /* id-it-currentCRL */,
+ 300 /* id-it-encKeyPairTypes */,
+ 310 /* id-it-implicitConfirm */,
+ 308 /* id-it-keyPairParamRep */,
+ 307 /* id-it-keyPairParamReq */,
+ 312 /* id-it-origPKIMessage */,
+ 301 /* id-it-preferredSymmAlg */,
+ 309 /* id-it-revPassphrase */,
+ 299 /* id-it-signKeyPairTypes */,
+ 305 /* id-it-subscriptionRequest */,
+ 306 /* id-it-subscriptionResponse */,
+ 784 /* id-it-suppLangTags */,
+ 304 /* id-it-unsupportedOIDs */,
+ 128 /* id-kp */,
+ 280 /* id-mod-attribute-cert */,
+ 274 /* id-mod-cmc */,
+ 277 /* id-mod-cmp */,
+ 284 /* id-mod-cmp2000 */,
+ 273 /* id-mod-crmf */,
+ 283 /* id-mod-dvcs */,
+ 275 /* id-mod-kea-profile-88 */,
+ 276 /* id-mod-kea-profile-93 */,
+ 282 /* id-mod-ocsp */,
+ 278 /* id-mod-qualified-cert-88 */,
+ 279 /* id-mod-qualified-cert-93 */,
+ 281 /* id-mod-timestamp-protocol */,
+ 264 /* id-on */,
+ 347 /* id-on-personalData */,
+ 265 /* id-pda */,
+ 352 /* id-pda-countryOfCitizenship */,
+ 353 /* id-pda-countryOfResidence */,
+ 348 /* id-pda-dateOfBirth */,
+ 351 /* id-pda-gender */,
+ 349 /* id-pda-placeOfBirth */,
+ 175 /* id-pe */,
+ 261 /* id-pkip */,
+ 258 /* id-pkix-mod */,
+ 269 /* id-pkix1-explicit-88 */,
+ 271 /* id-pkix1-explicit-93 */,
+ 270 /* id-pkix1-implicit-88 */,
+ 272 /* id-pkix1-implicit-93 */,
+ 662 /* id-ppl */,
+ 267 /* id-qcs */,
+ 359 /* id-qcs-pkixQCSyntax-v1 */,
+ 259 /* id-qt */,
+ 313 /* id-regCtrl */,
+ 316 /* id-regCtrl-authenticator */,
+ 319 /* id-regCtrl-oldCertID */,
+ 318 /* id-regCtrl-pkiArchiveOptions */,
+ 317 /* id-regCtrl-pkiPublicationInfo */,
+ 320 /* id-regCtrl-protocolEncrKey */,
+ 315 /* id-regCtrl-regToken */,
+ 314 /* id-regInfo */,
+ 322 /* id-regInfo-certReq */,
+ 321 /* id-regInfo-utf8Pairs */,
+ 191 /* id-smime-aa */,
+ 215 /* id-smime-aa-contentHint */,
+ 218 /* id-smime-aa-contentIdentifier */,
+ 221 /* id-smime-aa-contentReference */,
+ 240 /* id-smime-aa-dvcs-dvc */,
+ 217 /* id-smime-aa-encapContentType */,
+ 222 /* id-smime-aa-encrypKeyPref */,
+ 220 /* id-smime-aa-equivalentLabels */,
+ 232 /* id-smime-aa-ets-CertificateRefs */,
+ 233 /* id-smime-aa-ets-RevocationRefs */,
+ 238 /* id-smime-aa-ets-archiveTimeStamp */,
+ 237 /* id-smime-aa-ets-certCRLTimestamp */,
+ 234 /* id-smime-aa-ets-certValues */,
+ 227 /* id-smime-aa-ets-commitmentType */,
+ 231 /* id-smime-aa-ets-contentTimestamp */,
+ 236 /* id-smime-aa-ets-escTimeStamp */,
+ 230 /* id-smime-aa-ets-otherSigCert */,
+ 235 /* id-smime-aa-ets-revocationValues */,
+ 226 /* id-smime-aa-ets-sigPolicyId */,
+ 229 /* id-smime-aa-ets-signerAttr */,
+ 228 /* id-smime-aa-ets-signerLocation */,
+ 219 /* id-smime-aa-macValue */,
+ 214 /* id-smime-aa-mlExpandHistory */,
+ 216 /* id-smime-aa-msgSigDigest */,
+ 212 /* id-smime-aa-receiptRequest */,
+ 213 /* id-smime-aa-securityLabel */,
+ 239 /* id-smime-aa-signatureType */,
+ 223 /* id-smime-aa-signingCertificate */,
+ 224 /* id-smime-aa-smimeEncryptCerts */,
+ 225 /* id-smime-aa-timeStampToken */,
+ 192 /* id-smime-alg */,
+ 243 /* id-smime-alg-3DESwrap */,
+ 246 /* id-smime-alg-CMS3DESwrap */,
+ 247 /* id-smime-alg-CMSRC2wrap */,
+ 245 /* id-smime-alg-ESDH */,
+ 241 /* id-smime-alg-ESDHwith3DES */,
+ 242 /* id-smime-alg-ESDHwithRC2 */,
+ 244 /* id-smime-alg-RC2wrap */,
+ 193 /* id-smime-cd */,
+ 248 /* id-smime-cd-ldap */,
+ 190 /* id-smime-ct */,
+ 210 /* id-smime-ct-DVCSRequestData */,
+ 211 /* id-smime-ct-DVCSResponseData */,
+ 208 /* id-smime-ct-TDTInfo */,
+ 207 /* id-smime-ct-TSTInfo */,
+ 205 /* id-smime-ct-authData */,
+ 786 /* id-smime-ct-compressedData */,
+ 209 /* id-smime-ct-contentInfo */,
+ 206 /* id-smime-ct-publishCert */,
+ 204 /* id-smime-ct-receipt */,
+ 195 /* id-smime-cti */,
+ 255 /* id-smime-cti-ets-proofOfApproval */,
+ 256 /* id-smime-cti-ets-proofOfCreation */,
+ 253 /* id-smime-cti-ets-proofOfDelivery */,
+ 251 /* id-smime-cti-ets-proofOfOrigin */,
+ 252 /* id-smime-cti-ets-proofOfReceipt */,
+ 254 /* id-smime-cti-ets-proofOfSender */,
+ 189 /* id-smime-mod */,
+ 196 /* id-smime-mod-cms */,
+ 197 /* id-smime-mod-ess */,
+ 202 /* id-smime-mod-ets-eSigPolicy-88 */,
+ 203 /* id-smime-mod-ets-eSigPolicy-97 */,
+ 200 /* id-smime-mod-ets-eSignature-88 */,
+ 201 /* id-smime-mod-ets-eSignature-97 */,
+ 199 /* id-smime-mod-msg-v3 */,
+ 198 /* id-smime-mod-oid */,
+ 194 /* id-smime-spq */,
+ 250 /* id-smime-spq-ets-sqt-unotice */,
+ 249 /* id-smime-spq-ets-sqt-uri */,
+ 34 /* idea-cbc */,
+ 35 /* idea-cfb */,
+ 36 /* idea-ecb */,
+ 46 /* idea-ofb */,
+ 676 /* identified-organization */,
+ 461 /* info */,
+ 101 /* initials */,
+ 869 /* internationaliSDNNumber */,
+ 749 /* ipsec3 */,
+ 750 /* ipsec4 */,
+ 181 /* iso */,
+ 623 /* issuer capabilities */,
+ 645 /* itu-t */,
+ 492 /* janetMailbox */,
+ 646 /* joint-iso-itu-t */,
+ 150 /* keyBag */,
+ 773 /* kisa */,
+ 477 /* lastModifiedBy */,
+ 476 /* lastModifiedTime */,
+ 157 /* localKeyID */,
+ 15 /* localityName */,
+ 480 /* mXRecord */,
+ 493 /* mailPreferenceOption */,
+ 467 /* manager */,
+ 3 /* md2 */,
+ 7 /* md2WithRSAEncryption */,
+ 257 /* md4 */,
+ 396 /* md4WithRSAEncryption */,
+ 4 /* md5 */,
+ 114 /* md5-sha1 */,
+ 104 /* md5WithRSA */,
+ 8 /* md5WithRSAEncryption */,
+ 95 /* mdc2 */,
+ 96 /* mdc2WithRSA */,
+ 875 /* member */,
+ 602 /* merchant initiated auth */,
+ 514 /* message extensions */,
+ 51 /* messageDigest */,
+ 911 /* mgf1 */,
+ 506 /* mime-mhs-bodies */,
+ 505 /* mime-mhs-headings */,
+ 488 /* mobileTelephoneNumber */,
+ 481 /* nSRecord */,
+ 173 /* name */,
+ 681 /* onBasis */,
+ 379 /* org */,
+ 17 /* organizationName */,
+ 491 /* organizationalStatus */,
+ 18 /* organizationalUnitName */,
+ 475 /* otherMailbox */,
+ 876 /* owner */,
+ 935 /* pSpecified */,
+ 489 /* pagerTelephoneNumber */,
+ 782 /* password based MAC */,
+ 374 /* path */,
+ 621 /* payment gateway capabilities */,
+ 9 /* pbeWithMD2AndDES-CBC */,
+ 168 /* pbeWithMD2AndRC2-CBC */,
+ 112 /* pbeWithMD5AndCast5CBC */,
+ 10 /* pbeWithMD5AndDES-CBC */,
+ 169 /* pbeWithMD5AndRC2-CBC */,
+ 148 /* pbeWithSHA1And128BitRC2-CBC */,
+ 144 /* pbeWithSHA1And128BitRC4 */,
+ 147 /* pbeWithSHA1And2-KeyTripleDES-CBC */,
+ 146 /* pbeWithSHA1And3-KeyTripleDES-CBC */,
+ 149 /* pbeWithSHA1And40BitRC2-CBC */,
+ 145 /* pbeWithSHA1And40BitRC4 */,
+ 170 /* pbeWithSHA1AndDES-CBC */,
+ 68 /* pbeWithSHA1AndRC2-CBC */,
+ 499 /* personalSignature */,
+ 487 /* personalTitle */,
+ 464 /* photo */,
+ 863 /* physicalDeliveryOfficeName */,
+ 437 /* pilot */,
+ 439 /* pilotAttributeSyntax */,
+ 438 /* pilotAttributeType */,
+ 479 /* pilotAttributeType27 */,
+ 456 /* pilotDSA */,
+ 441 /* pilotGroups */,
+ 444 /* pilotObject */,
+ 440 /* pilotObjectClass */,
+ 455 /* pilotOrganization */,
+ 445 /* pilotPerson */,
+ 186 /* pkcs1 */,
+ 27 /* pkcs3 */,
+ 187 /* pkcs5 */,
+ 20 /* pkcs7 */,
+ 21 /* pkcs7-data */,
+ 25 /* pkcs7-digestData */,
+ 26 /* pkcs7-encryptedData */,
+ 23 /* pkcs7-envelopedData */,
+ 24 /* pkcs7-signedAndEnvelopedData */,
+ 22 /* pkcs7-signedData */,
+ 151 /* pkcs8ShroudedKeyBag */,
+ 47 /* pkcs9 */,
+ 862 /* postOfficeBox */,
+ 861 /* postalAddress */,
+ 661 /* postalCode */,
+ 683 /* ppBasis */,
+ 872 /* preferredDeliveryMethod */,
+ 873 /* presentationAddress */,
+ 406 /* prime-field */,
+ 409 /* prime192v1 */,
+ 410 /* prime192v2 */,
+ 411 /* prime192v3 */,
+ 412 /* prime239v1 */,
+ 413 /* prime239v2 */,
+ 414 /* prime239v3 */,
+ 415 /* prime256v1 */,
+ 886 /* protocolInformation */,
+ 510 /* pseudonym */,
+ 435 /* pss */,
+ 286 /* qcStatements */,
+ 457 /* qualityLabelledData */,
+ 450 /* rFC822localPart */,
+ 98 /* rc2-40-cbc */,
+ 166 /* rc2-64-cbc */,
+ 37 /* rc2-cbc */,
+ 39 /* rc2-cfb */,
+ 38 /* rc2-ecb */,
+ 40 /* rc2-ofb */,
+ 5 /* rc4 */,
+ 97 /* rc4-40 */,
+ 915 /* rc4-hmac-md5 */,
+ 120 /* rc5-cbc */,
+ 122 /* rc5-cfb */,
+ 121 /* rc5-ecb */,
+ 123 /* rc5-ofb */,
+ 870 /* registeredAddress */,
+ 460 /* rfc822Mailbox */,
+ 117 /* ripemd160 */,
+ 119 /* ripemd160WithRSA */,
+ 400 /* role */,
+ 877 /* roleOccupant */,
+ 448 /* room */,
+ 463 /* roomNumber */,
+ 19 /* rsa */,
+ 6 /* rsaEncryption */,
+ 644 /* rsaOAEPEncryptionSET */,
+ 377 /* rsaSignature */,
+ 919 /* rsaesOaep */,
+ 912 /* rsassaPss */,
+ 482 /* sOARecord */,
+ 155 /* safeContentsBag */,
+ 291 /* sbgp-autonomousSysNum */,
+ 290 /* sbgp-ipAddrBlock */,
+ 292 /* sbgp-routerIdentifier */,
+ 159 /* sdsiCertificate */,
+ 859 /* searchGuide */,
+ 704 /* secp112r1 */,
+ 705 /* secp112r2 */,
+ 706 /* secp128r1 */,
+ 707 /* secp128r2 */,
+ 708 /* secp160k1 */,
+ 709 /* secp160r1 */,
+ 710 /* secp160r2 */,
+ 711 /* secp192k1 */,
+ 712 /* secp224k1 */,
+ 713 /* secp224r1 */,
+ 714 /* secp256k1 */,
+ 715 /* secp384r1 */,
+ 716 /* secp521r1 */,
+ 154 /* secretBag */,
+ 474 /* secretary */,
+ 717 /* sect113r1 */,
+ 718 /* sect113r2 */,
+ 719 /* sect131r1 */,
+ 720 /* sect131r2 */,
+ 721 /* sect163k1 */,
+ 722 /* sect163r1 */,
+ 723 /* sect163r2 */,
+ 724 /* sect193r1 */,
+ 725 /* sect193r2 */,
+ 726 /* sect233k1 */,
+ 727 /* sect233r1 */,
+ 728 /* sect239k1 */,
+ 729 /* sect283k1 */,
+ 730 /* sect283r1 */,
+ 731 /* sect409k1 */,
+ 732 /* sect409r1 */,
+ 733 /* sect571k1 */,
+ 734 /* sect571r1 */,
+ 635 /* secure device signature */,
+ 878 /* seeAlso */,
+ 777 /* seed-cbc */,
+ 779 /* seed-cfb */,
+ 776 /* seed-ecb */,
+ 778 /* seed-ofb */,
+ 105 /* serialNumber */,
+ 625 /* set-addPolicy */,
+ 515 /* set-attr */,
+ 518 /* set-brand */,
+ 638 /* set-brand-AmericanExpress */,
+ 637 /* set-brand-Diners */,
+ 636 /* set-brand-IATA-ATA */,
+ 639 /* set-brand-JCB */,
+ 641 /* set-brand-MasterCard */,
+ 642 /* set-brand-Novus */,
+ 640 /* set-brand-Visa */,
+ 516 /* set-policy */,
+ 607 /* set-policy-root */,
+ 624 /* set-rootKeyThumb */,
+ 620 /* setAttr-Cert */,
+ 628 /* setAttr-IssCap-CVM */,
+ 630 /* setAttr-IssCap-Sig */,
+ 629 /* setAttr-IssCap-T2 */,
+ 627 /* setAttr-Token-B0Prime */,
+ 626 /* setAttr-Token-EMV */,
+ 622 /* setAttr-TokenType */,
+ 619 /* setCext-IssuerCapabilities */,
+ 615 /* setCext-PGWYcapabilities */,
+ 616 /* setCext-TokenIdentifier */,
+ 618 /* setCext-TokenType */,
+ 617 /* setCext-Track2Data */,
+ 611 /* setCext-cCertRequired */,
+ 609 /* setCext-certType */,
+ 608 /* setCext-hashedRoot */,
+ 610 /* setCext-merchData */,
+ 613 /* setCext-setExt */,
+ 614 /* setCext-setQualf */,
+ 612 /* setCext-tunneling */,
+ 540 /* setct-AcqCardCodeMsg */,
+ 576 /* setct-AcqCardCodeMsgTBE */,
+ 570 /* setct-AuthReqTBE */,
+ 534 /* setct-AuthReqTBS */,
+ 527 /* setct-AuthResBaggage */,
+ 571 /* setct-AuthResTBE */,
+ 572 /* setct-AuthResTBEX */,
+ 535 /* setct-AuthResTBS */,
+ 536 /* setct-AuthResTBSX */,
+ 528 /* setct-AuthRevReqBaggage */,
+ 577 /* setct-AuthRevReqTBE */,
+ 541 /* setct-AuthRevReqTBS */,
+ 529 /* setct-AuthRevResBaggage */,
+ 542 /* setct-AuthRevResData */,
+ 578 /* setct-AuthRevResTBE */,
+ 579 /* setct-AuthRevResTBEB */,
+ 543 /* setct-AuthRevResTBS */,
+ 573 /* setct-AuthTokenTBE */,
+ 537 /* setct-AuthTokenTBS */,
+ 600 /* setct-BCIDistributionTBS */,
+ 558 /* setct-BatchAdminReqData */,
+ 592 /* setct-BatchAdminReqTBE */,
+ 559 /* setct-BatchAdminResData */,
+ 593 /* setct-BatchAdminResTBE */,
+ 599 /* setct-CRLNotificationResTBS */,
+ 598 /* setct-CRLNotificationTBS */,
+ 580 /* setct-CapReqTBE */,
+ 581 /* setct-CapReqTBEX */,
+ 544 /* setct-CapReqTBS */,
+ 545 /* setct-CapReqTBSX */,
+ 546 /* setct-CapResData */,
+ 582 /* setct-CapResTBE */,
+ 583 /* setct-CapRevReqTBE */,
+ 584 /* setct-CapRevReqTBEX */,
+ 547 /* setct-CapRevReqTBS */,
+ 548 /* setct-CapRevReqTBSX */,
+ 549 /* setct-CapRevResData */,
+ 585 /* setct-CapRevResTBE */,
+ 538 /* setct-CapTokenData */,
+ 530 /* setct-CapTokenSeq */,
+ 574 /* setct-CapTokenTBE */,
+ 575 /* setct-CapTokenTBEX */,
+ 539 /* setct-CapTokenTBS */,
+ 560 /* setct-CardCInitResTBS */,
+ 566 /* setct-CertInqReqTBS */,
+ 563 /* setct-CertReqData */,
+ 595 /* setct-CertReqTBE */,
+ 596 /* setct-CertReqTBEX */,
+ 564 /* setct-CertReqTBS */,
+ 565 /* setct-CertResData */,
+ 597 /* setct-CertResTBE */,
+ 586 /* setct-CredReqTBE */,
+ 587 /* setct-CredReqTBEX */,
+ 550 /* setct-CredReqTBS */,
+ 551 /* setct-CredReqTBSX */,
+ 552 /* setct-CredResData */,
+ 588 /* setct-CredResTBE */,
+ 589 /* setct-CredRevReqTBE */,
+ 590 /* setct-CredRevReqTBEX */,
+ 553 /* setct-CredRevReqTBS */,
+ 554 /* setct-CredRevReqTBSX */,
+ 555 /* setct-CredRevResData */,
+ 591 /* setct-CredRevResTBE */,
+ 567 /* setct-ErrorTBS */,
+ 526 /* setct-HODInput */,
+ 561 /* setct-MeAqCInitResTBS */,
+ 522 /* setct-OIData */,
+ 519 /* setct-PANData */,
+ 521 /* setct-PANOnly */,
+ 520 /* setct-PANToken */,
+ 556 /* setct-PCertReqData */,
+ 557 /* setct-PCertResTBS */,
+ 523 /* setct-PI */,
+ 532 /* setct-PI-TBS */,
+ 524 /* setct-PIData */,
+ 525 /* setct-PIDataUnsigned */,
+ 568 /* setct-PIDualSignedTBE */,
+ 569 /* setct-PIUnsignedTBE */,
+ 531 /* setct-PInitResData */,
+ 533 /* setct-PResData */,
+ 594 /* setct-RegFormReqTBE */,
+ 562 /* setct-RegFormResTBS */,
+ 604 /* setext-pinAny */,
+ 603 /* setext-pinSecure */,
+ 605 /* setext-track2 */,
+ 41 /* sha */,
+ 64 /* sha1 */,
+ 115 /* sha1WithRSA */,
+ 65 /* sha1WithRSAEncryption */,
+ 675 /* sha224 */,
+ 671 /* sha224WithRSAEncryption */,
+ 672 /* sha256 */,
+ 668 /* sha256WithRSAEncryption */,
+ 673 /* sha384 */,
+ 669 /* sha384WithRSAEncryption */,
+ 674 /* sha512 */,
+ 670 /* sha512WithRSAEncryption */,
+ 42 /* shaWithRSAEncryption */,
+ 52 /* signingTime */,
+ 454 /* simpleSecurityObject */,
+ 496 /* singleLevelQuality */,
+ 16 /* stateOrProvinceName */,
+ 660 /* streetAddress */,
+ 498 /* subtreeMaximumQuality */,
+ 497 /* subtreeMinimumQuality */,
+ 890 /* supportedAlgorithms */,
+ 874 /* supportedApplicationContext */,
+ 100 /* surname */,
+ 864 /* telephoneNumber */,
+ 866 /* teletexTerminalIdentifier */,
+ 865 /* telexNumber */,
+ 459 /* textEncodedORAddress */,
+ 293 /* textNotice */,
+ 106 /* title */,
+ 682 /* tpBasis */,
+ 436 /* ucl */,
+ 0 /* undefined */,
+ 888 /* uniqueMember */,
+ 55 /* unstructuredAddress */,
+ 49 /* unstructuredName */,
+ 880 /* userCertificate */,
+ 465 /* userClass */,
+ 458 /* userId */,
+ 879 /* userPassword */,
+ 373 /* valid */,
+ 678 /* wap */,
+ 679 /* wap-wsg */,
+ 735 /* wap-wsg-idm-ecid-wtls1 */,
+ 743 /* wap-wsg-idm-ecid-wtls10 */,
+ 744 /* wap-wsg-idm-ecid-wtls11 */,
+ 745 /* wap-wsg-idm-ecid-wtls12 */,
+ 736 /* wap-wsg-idm-ecid-wtls3 */,
+ 737 /* wap-wsg-idm-ecid-wtls4 */,
+ 738 /* wap-wsg-idm-ecid-wtls5 */,
+ 739 /* wap-wsg-idm-ecid-wtls6 */,
+ 740 /* wap-wsg-idm-ecid-wtls7 */,
+ 741 /* wap-wsg-idm-ecid-wtls8 */,
+ 742 /* wap-wsg-idm-ecid-wtls9 */,
+ 804 /* whirlpool */,
+ 868 /* x121Address */,
+ 503 /* x500UniqueIdentifier */,
+ 158 /* x509Certificate */,
+ 160 /* x509Crl */,
+ 125 /* zlib compression */,
};
-static const unsigned int kNIDsInOIDOrder[NUM_OBJ]={
-434, /* OBJ_data 0 9 */
-182, /* OBJ_member_body 1 2 */
-379, /* OBJ_org 1 3 */
-676, /* OBJ_identified_organization 1 3 */
-11, /* OBJ_X500 2 5 */
-647, /* OBJ_international_organizations 2 23 */
-380, /* OBJ_dod 1 3 6 */
-12, /* OBJ_X509 2 5 4 */
-378, /* OBJ_X500algorithms 2 5 8 */
-81, /* OBJ_id_ce 2 5 29 */
-512, /* OBJ_id_set 2 23 42 */
-678, /* OBJ_wap 2 23 43 */
-435, /* OBJ_pss 0 9 2342 */
-183, /* OBJ_ISO_US 1 2 840 */
-381, /* OBJ_iana 1 3 6 1 */
-677, /* OBJ_certicom_arc 1 3 132 */
-394, /* OBJ_selected_attribute_types 2 5 1 5 */
-13, /* OBJ_commonName 2 5 4 3 */
-100, /* OBJ_surname 2 5 4 4 */
-105, /* OBJ_serialNumber 2 5 4 5 */
-14, /* OBJ_countryName 2 5 4 6 */
-15, /* OBJ_localityName 2 5 4 7 */
-16, /* OBJ_stateOrProvinceName 2 5 4 8 */
-660, /* OBJ_streetAddress 2 5 4 9 */
-17, /* OBJ_organizationName 2 5 4 10 */
-18, /* OBJ_organizationalUnitName 2 5 4 11 */
-106, /* OBJ_title 2 5 4 12 */
-107, /* OBJ_description 2 5 4 13 */
-859, /* OBJ_searchGuide 2 5 4 14 */
-860, /* OBJ_businessCategory 2 5 4 15 */
-861, /* OBJ_postalAddress 2 5 4 16 */
-661, /* OBJ_postalCode 2 5 4 17 */
-862, /* OBJ_postOfficeBox 2 5 4 18 */
-863, /* OBJ_physicalDeliveryOfficeName 2 5 4 19 */
-864, /* OBJ_telephoneNumber 2 5 4 20 */
-865, /* OBJ_telexNumber 2 5 4 21 */
-866, /* OBJ_teletexTerminalIdentifier 2 5 4 22 */
-867, /* OBJ_facsimileTelephoneNumber 2 5 4 23 */
-868, /* OBJ_x121Address 2 5 4 24 */
-869, /* OBJ_internationaliSDNNumber 2 5 4 25 */
-870, /* OBJ_registeredAddress 2 5 4 26 */
-871, /* OBJ_destinationIndicator 2 5 4 27 */
-872, /* OBJ_preferredDeliveryMethod 2 5 4 28 */
-873, /* OBJ_presentationAddress 2 5 4 29 */
-874, /* OBJ_supportedApplicationContext 2 5 4 30 */
-875, /* OBJ_member 2 5 4 31 */
-876, /* OBJ_owner 2 5 4 32 */
-877, /* OBJ_roleOccupant 2 5 4 33 */
-878, /* OBJ_seeAlso 2 5 4 34 */
-879, /* OBJ_userPassword 2 5 4 35 */
-880, /* OBJ_userCertificate 2 5 4 36 */
-881, /* OBJ_cACertificate 2 5 4 37 */
-882, /* OBJ_authorityRevocationList 2 5 4 38 */
-883, /* OBJ_certificateRevocationList 2 5 4 39 */
-884, /* OBJ_crossCertificatePair 2 5 4 40 */
-173, /* OBJ_name 2 5 4 41 */
-99, /* OBJ_givenName 2 5 4 42 */
-101, /* OBJ_initials 2 5 4 43 */
-509, /* OBJ_generationQualifier 2 5 4 44 */
-503, /* OBJ_x500UniqueIdentifier 2 5 4 45 */
-174, /* OBJ_dnQualifier 2 5 4 46 */
-885, /* OBJ_enhancedSearchGuide 2 5 4 47 */
-886, /* OBJ_protocolInformation 2 5 4 48 */
-887, /* OBJ_distinguishedName 2 5 4 49 */
-888, /* OBJ_uniqueMember 2 5 4 50 */
-889, /* OBJ_houseIdentifier 2 5 4 51 */
-890, /* OBJ_supportedAlgorithms 2 5 4 52 */
-891, /* OBJ_deltaRevocationList 2 5 4 53 */
-892, /* OBJ_dmdName 2 5 4 54 */
-510, /* OBJ_pseudonym 2 5 4 65 */
-400, /* OBJ_role 2 5 4 72 */
-769, /* OBJ_subject_directory_attributes 2 5 29 9 */
-82, /* OBJ_subject_key_identifier 2 5 29 14 */
-83, /* OBJ_key_usage 2 5 29 15 */
-84, /* OBJ_private_key_usage_period 2 5 29 16 */
-85, /* OBJ_subject_alt_name 2 5 29 17 */
-86, /* OBJ_issuer_alt_name 2 5 29 18 */
-87, /* OBJ_basic_constraints 2 5 29 19 */
-88, /* OBJ_crl_number 2 5 29 20 */
-141, /* OBJ_crl_reason 2 5 29 21 */
-430, /* OBJ_hold_instruction_code 2 5 29 23 */
-142, /* OBJ_invalidity_date 2 5 29 24 */
-140, /* OBJ_delta_crl 2 5 29 27 */
-770, /* OBJ_issuing_distribution_point 2 5 29 28 */
-771, /* OBJ_certificate_issuer 2 5 29 29 */
-666, /* OBJ_name_constraints 2 5 29 30 */
-103, /* OBJ_crl_distribution_points 2 5 29 31 */
-89, /* OBJ_certificate_policies 2 5 29 32 */
-747, /* OBJ_policy_mappings 2 5 29 33 */
-90, /* OBJ_authority_key_identifier 2 5 29 35 */
-401, /* OBJ_policy_constraints 2 5 29 36 */
-126, /* OBJ_ext_key_usage 2 5 29 37 */
-857, /* OBJ_freshest_crl 2 5 29 46 */
-748, /* OBJ_inhibit_any_policy 2 5 29 54 */
-402, /* OBJ_target_information 2 5 29 55 */
-403, /* OBJ_no_rev_avail 2 5 29 56 */
-513, /* OBJ_set_ctype 2 23 42 0 */
-514, /* OBJ_set_msgExt 2 23 42 1 */
-515, /* OBJ_set_attr 2 23 42 3 */
-516, /* OBJ_set_policy 2 23 42 5 */
-517, /* OBJ_set_certExt 2 23 42 7 */
-518, /* OBJ_set_brand 2 23 42 8 */
-679, /* OBJ_wap_wsg 2 23 43 1 */
-382, /* OBJ_Directory 1 3 6 1 1 */
-383, /* OBJ_Management 1 3 6 1 2 */
-384, /* OBJ_Experimental 1 3 6 1 3 */
-385, /* OBJ_Private 1 3 6 1 4 */
-386, /* OBJ_Security 1 3 6 1 5 */
-387, /* OBJ_SNMPv2 1 3 6 1 6 */
-388, /* OBJ_Mail 1 3 6 1 7 */
-376, /* OBJ_algorithm 1 3 14 3 2 */
-395, /* OBJ_clearance 2 5 1 5 55 */
-19, /* OBJ_rsa 2 5 8 1 1 */
-96, /* OBJ_mdc2WithRSA 2 5 8 3 100 */
-95, /* OBJ_mdc2 2 5 8 3 101 */
-746, /* OBJ_any_policy 2 5 29 32 0 */
-910, /* OBJ_anyExtendedKeyUsage 2 5 29 37 0 */
-519, /* OBJ_setct_PANData 2 23 42 0 0 */
-520, /* OBJ_setct_PANToken 2 23 42 0 1 */
-521, /* OBJ_setct_PANOnly 2 23 42 0 2 */
-522, /* OBJ_setct_OIData 2 23 42 0 3 */
-523, /* OBJ_setct_PI 2 23 42 0 4 */
-524, /* OBJ_setct_PIData 2 23 42 0 5 */
-525, /* OBJ_setct_PIDataUnsigned 2 23 42 0 6 */
-526, /* OBJ_setct_HODInput 2 23 42 0 7 */
-527, /* OBJ_setct_AuthResBaggage 2 23 42 0 8 */
-528, /* OBJ_setct_AuthRevReqBaggage 2 23 42 0 9 */
-529, /* OBJ_setct_AuthRevResBaggage 2 23 42 0 10 */
-530, /* OBJ_setct_CapTokenSeq 2 23 42 0 11 */
-531, /* OBJ_setct_PInitResData 2 23 42 0 12 */
-532, /* OBJ_setct_PI_TBS 2 23 42 0 13 */
-533, /* OBJ_setct_PResData 2 23 42 0 14 */
-534, /* OBJ_setct_AuthReqTBS 2 23 42 0 16 */
-535, /* OBJ_setct_AuthResTBS 2 23 42 0 17 */
-536, /* OBJ_setct_AuthResTBSX 2 23 42 0 18 */
-537, /* OBJ_setct_AuthTokenTBS 2 23 42 0 19 */
-538, /* OBJ_setct_CapTokenData 2 23 42 0 20 */
-539, /* OBJ_setct_CapTokenTBS 2 23 42 0 21 */
-540, /* OBJ_setct_AcqCardCodeMsg 2 23 42 0 22 */
-541, /* OBJ_setct_AuthRevReqTBS 2 23 42 0 23 */
-542, /* OBJ_setct_AuthRevResData 2 23 42 0 24 */
-543, /* OBJ_setct_AuthRevResTBS 2 23 42 0 25 */
-544, /* OBJ_setct_CapReqTBS 2 23 42 0 26 */
-545, /* OBJ_setct_CapReqTBSX 2 23 42 0 27 */
-546, /* OBJ_setct_CapResData 2 23 42 0 28 */
-547, /* OBJ_setct_CapRevReqTBS 2 23 42 0 29 */
-548, /* OBJ_setct_CapRevReqTBSX 2 23 42 0 30 */
-549, /* OBJ_setct_CapRevResData 2 23 42 0 31 */
-550, /* OBJ_setct_CredReqTBS 2 23 42 0 32 */
-551, /* OBJ_setct_CredReqTBSX 2 23 42 0 33 */
-552, /* OBJ_setct_CredResData 2 23 42 0 34 */
-553, /* OBJ_setct_CredRevReqTBS 2 23 42 0 35 */
-554, /* OBJ_setct_CredRevReqTBSX 2 23 42 0 36 */
-555, /* OBJ_setct_CredRevResData 2 23 42 0 37 */
-556, /* OBJ_setct_PCertReqData 2 23 42 0 38 */
-557, /* OBJ_setct_PCertResTBS 2 23 42 0 39 */
-558, /* OBJ_setct_BatchAdminReqData 2 23 42 0 40 */
-559, /* OBJ_setct_BatchAdminResData 2 23 42 0 41 */
-560, /* OBJ_setct_CardCInitResTBS 2 23 42 0 42 */
-561, /* OBJ_setct_MeAqCInitResTBS 2 23 42 0 43 */
-562, /* OBJ_setct_RegFormResTBS 2 23 42 0 44 */
-563, /* OBJ_setct_CertReqData 2 23 42 0 45 */
-564, /* OBJ_setct_CertReqTBS 2 23 42 0 46 */
-565, /* OBJ_setct_CertResData 2 23 42 0 47 */
-566, /* OBJ_setct_CertInqReqTBS 2 23 42 0 48 */
-567, /* OBJ_setct_ErrorTBS 2 23 42 0 49 */
-568, /* OBJ_setct_PIDualSignedTBE 2 23 42 0 50 */
-569, /* OBJ_setct_PIUnsignedTBE 2 23 42 0 51 */
-570, /* OBJ_setct_AuthReqTBE 2 23 42 0 52 */
-571, /* OBJ_setct_AuthResTBE 2 23 42 0 53 */
-572, /* OBJ_setct_AuthResTBEX 2 23 42 0 54 */
-573, /* OBJ_setct_AuthTokenTBE 2 23 42 0 55 */
-574, /* OBJ_setct_CapTokenTBE 2 23 42 0 56 */
-575, /* OBJ_setct_CapTokenTBEX 2 23 42 0 57 */
-576, /* OBJ_setct_AcqCardCodeMsgTBE 2 23 42 0 58 */
-577, /* OBJ_setct_AuthRevReqTBE 2 23 42 0 59 */
-578, /* OBJ_setct_AuthRevResTBE 2 23 42 0 60 */
-579, /* OBJ_setct_AuthRevResTBEB 2 23 42 0 61 */
-580, /* OBJ_setct_CapReqTBE 2 23 42 0 62 */
-581, /* OBJ_setct_CapReqTBEX 2 23 42 0 63 */
-582, /* OBJ_setct_CapResTBE 2 23 42 0 64 */
-583, /* OBJ_setct_CapRevReqTBE 2 23 42 0 65 */
-584, /* OBJ_setct_CapRevReqTBEX 2 23 42 0 66 */
-585, /* OBJ_setct_CapRevResTBE 2 23 42 0 67 */
-586, /* OBJ_setct_CredReqTBE 2 23 42 0 68 */
-587, /* OBJ_setct_CredReqTBEX 2 23 42 0 69 */
-588, /* OBJ_setct_CredResTBE 2 23 42 0 70 */
-589, /* OBJ_setct_CredRevReqTBE 2 23 42 0 71 */
-590, /* OBJ_setct_CredRevReqTBEX 2 23 42 0 72 */
-591, /* OBJ_setct_CredRevResTBE 2 23 42 0 73 */
-592, /* OBJ_setct_BatchAdminReqTBE 2 23 42 0 74 */
-593, /* OBJ_setct_BatchAdminResTBE 2 23 42 0 75 */
-594, /* OBJ_setct_RegFormReqTBE 2 23 42 0 76 */
-595, /* OBJ_setct_CertReqTBE 2 23 42 0 77 */
-596, /* OBJ_setct_CertReqTBEX 2 23 42 0 78 */
-597, /* OBJ_setct_CertResTBE 2 23 42 0 79 */
-598, /* OBJ_setct_CRLNotificationTBS 2 23 42 0 80 */
-599, /* OBJ_setct_CRLNotificationResTBS 2 23 42 0 81 */
-600, /* OBJ_setct_BCIDistributionTBS 2 23 42 0 82 */
-601, /* OBJ_setext_genCrypt 2 23 42 1 1 */
-602, /* OBJ_setext_miAuth 2 23 42 1 3 */
-603, /* OBJ_setext_pinSecure 2 23 42 1 4 */
-604, /* OBJ_setext_pinAny 2 23 42 1 5 */
-605, /* OBJ_setext_track2 2 23 42 1 7 */
-606, /* OBJ_setext_cv 2 23 42 1 8 */
-620, /* OBJ_setAttr_Cert 2 23 42 3 0 */
-621, /* OBJ_setAttr_PGWYcap 2 23 42 3 1 */
-622, /* OBJ_setAttr_TokenType 2 23 42 3 2 */
-623, /* OBJ_setAttr_IssCap 2 23 42 3 3 */
-607, /* OBJ_set_policy_root 2 23 42 5 0 */
-608, /* OBJ_setCext_hashedRoot 2 23 42 7 0 */
-609, /* OBJ_setCext_certType 2 23 42 7 1 */
-610, /* OBJ_setCext_merchData 2 23 42 7 2 */
-611, /* OBJ_setCext_cCertRequired 2 23 42 7 3 */
-612, /* OBJ_setCext_tunneling 2 23 42 7 4 */
-613, /* OBJ_setCext_setExt 2 23 42 7 5 */
-614, /* OBJ_setCext_setQualf 2 23 42 7 6 */
-615, /* OBJ_setCext_PGWYcapabilities 2 23 42 7 7 */
-616, /* OBJ_setCext_TokenIdentifier 2 23 42 7 8 */
-617, /* OBJ_setCext_Track2Data 2 23 42 7 9 */
-618, /* OBJ_setCext_TokenType 2 23 42 7 10 */
-619, /* OBJ_setCext_IssuerCapabilities 2 23 42 7 11 */
-636, /* OBJ_set_brand_IATA_ATA 2 23 42 8 1 */
-640, /* OBJ_set_brand_Visa 2 23 42 8 4 */
-641, /* OBJ_set_brand_MasterCard 2 23 42 8 5 */
-637, /* OBJ_set_brand_Diners 2 23 42 8 30 */
-638, /* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */
-639, /* OBJ_set_brand_JCB 2 23 42 8 35 */
-805, /* OBJ_cryptopro 1 2 643 2 2 */
-806, /* OBJ_cryptocom 1 2 643 2 9 */
-184, /* OBJ_X9_57 1 2 840 10040 */
-405, /* OBJ_ansi_X9_62 1 2 840 10045 */
-389, /* OBJ_Enterprises 1 3 6 1 4 1 */
-504, /* OBJ_mime_mhs 1 3 6 1 7 1 */
-104, /* OBJ_md5WithRSA 1 3 14 3 2 3 */
-29, /* OBJ_des_ecb 1 3 14 3 2 6 */
-31, /* OBJ_des_cbc 1 3 14 3 2 7 */
-45, /* OBJ_des_ofb64 1 3 14 3 2 8 */
-30, /* OBJ_des_cfb64 1 3 14 3 2 9 */
-377, /* OBJ_rsaSignature 1 3 14 3 2 11 */
-67, /* OBJ_dsa_2 1 3 14 3 2 12 */
-66, /* OBJ_dsaWithSHA 1 3 14 3 2 13 */
-42, /* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
-32, /* OBJ_des_ede_ecb 1 3 14 3 2 17 */
-41, /* OBJ_sha 1 3 14 3 2 18 */
-64, /* OBJ_sha1 1 3 14 3 2 26 */
-70, /* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
-115, /* OBJ_sha1WithRSA 1 3 14 3 2 29 */
-117, /* OBJ_ripemd160 1 3 36 3 2 1 */
-143, /* OBJ_sxnet 1 3 101 1 4 1 */
-721, /* OBJ_sect163k1 1 3 132 0 1 */
-722, /* OBJ_sect163r1 1 3 132 0 2 */
-728, /* OBJ_sect239k1 1 3 132 0 3 */
-717, /* OBJ_sect113r1 1 3 132 0 4 */
-718, /* OBJ_sect113r2 1 3 132 0 5 */
-704, /* OBJ_secp112r1 1 3 132 0 6 */
-705, /* OBJ_secp112r2 1 3 132 0 7 */
-709, /* OBJ_secp160r1 1 3 132 0 8 */
-708, /* OBJ_secp160k1 1 3 132 0 9 */
-714, /* OBJ_secp256k1 1 3 132 0 10 */
-723, /* OBJ_sect163r2 1 3 132 0 15 */
-729, /* OBJ_sect283k1 1 3 132 0 16 */
-730, /* OBJ_sect283r1 1 3 132 0 17 */
-719, /* OBJ_sect131r1 1 3 132 0 22 */
-720, /* OBJ_sect131r2 1 3 132 0 23 */
-724, /* OBJ_sect193r1 1 3 132 0 24 */
-725, /* OBJ_sect193r2 1 3 132 0 25 */
-726, /* OBJ_sect233k1 1 3 132 0 26 */
-727, /* OBJ_sect233r1 1 3 132 0 27 */
-706, /* OBJ_secp128r1 1 3 132 0 28 */
-707, /* OBJ_secp128r2 1 3 132 0 29 */
-710, /* OBJ_secp160r2 1 3 132 0 30 */
-711, /* OBJ_secp192k1 1 3 132 0 31 */
-712, /* OBJ_secp224k1 1 3 132 0 32 */
-713, /* OBJ_secp224r1 1 3 132 0 33 */
-715, /* OBJ_secp384r1 1 3 132 0 34 */
-716, /* OBJ_secp521r1 1 3 132 0 35 */
-731, /* OBJ_sect409k1 1 3 132 0 36 */
-732, /* OBJ_sect409r1 1 3 132 0 37 */
-733, /* OBJ_sect571k1 1 3 132 0 38 */
-734, /* OBJ_sect571r1 1 3 132 0 39 */
-624, /* OBJ_set_rootKeyThumb 2 23 42 3 0 0 */
-625, /* OBJ_set_addPolicy 2 23 42 3 0 1 */
-626, /* OBJ_setAttr_Token_EMV 2 23 42 3 2 1 */
-627, /* OBJ_setAttr_Token_B0Prime 2 23 42 3 2 2 */
-628, /* OBJ_setAttr_IssCap_CVM 2 23 42 3 3 3 */
-629, /* OBJ_setAttr_IssCap_T2 2 23 42 3 3 4 */
-630, /* OBJ_setAttr_IssCap_Sig 2 23 42 3 3 5 */
-642, /* OBJ_set_brand_Novus 2 23 42 8 6011 */
-735, /* OBJ_wap_wsg_idm_ecid_wtls1 2 23 43 1 4 1 */
-736, /* OBJ_wap_wsg_idm_ecid_wtls3 2 23 43 1 4 3 */
-737, /* OBJ_wap_wsg_idm_ecid_wtls4 2 23 43 1 4 4 */
-738, /* OBJ_wap_wsg_idm_ecid_wtls5 2 23 43 1 4 5 */
-739, /* OBJ_wap_wsg_idm_ecid_wtls6 2 23 43 1 4 6 */
-740, /* OBJ_wap_wsg_idm_ecid_wtls7 2 23 43 1 4 7 */
-741, /* OBJ_wap_wsg_idm_ecid_wtls8 2 23 43 1 4 8 */
-742, /* OBJ_wap_wsg_idm_ecid_wtls9 2 23 43 1 4 9 */
-743, /* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 1 4 10 */
-744, /* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 1 4 11 */
-745, /* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 1 4 12 */
-804, /* OBJ_whirlpool 1 0 10118 3 0 55 */
-773, /* OBJ_kisa 1 2 410 200004 */
-807, /* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
-808, /* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
-809, /* OBJ_id_GostR3411_94 1 2 643 2 2 9 */
-810, /* OBJ_id_HMACGostR3411_94 1 2 643 2 2 10 */
-811, /* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */
-812, /* OBJ_id_GostR3410_94 1 2 643 2 2 20 */
-813, /* OBJ_id_Gost28147_89 1 2 643 2 2 21 */
-815, /* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */
-816, /* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */
-817, /* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */
-818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */
- 1, /* OBJ_rsadsi 1 2 840 113549 */
-185, /* OBJ_X9cm 1 2 840 10040 4 */
-127, /* OBJ_id_pkix 1 3 6 1 5 5 7 */
-505, /* OBJ_mime_mhs_headings 1 3 6 1 7 1 1 */
-506, /* OBJ_mime_mhs_bodies 1 3 6 1 7 1 2 */
-119, /* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
-937, /* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
-938, /* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
-939, /* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
-940, /* OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1 3 132 1 11 3 */
-942, /* OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1 3 132 1 14 0 */
-943, /* OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1 3 132 1 14 1 */
-944, /* OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1 3 132 1 14 2 */
-945, /* OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1 3 132 1 14 3 */
-631, /* OBJ_setAttr_GenCryptgrm 2 23 42 3 3 3 1 */
-632, /* OBJ_setAttr_T2Enc 2 23 42 3 3 4 1 */
-633, /* OBJ_setAttr_T2cleartxt 2 23 42 3 3 4 2 */
-634, /* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */
-635, /* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */
-436, /* OBJ_ucl 0 9 2342 19200300 */
-820, /* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
-819, /* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
-845, /* OBJ_id_GostR3410_94_a 1 2 643 2 2 20 1 */
-846, /* OBJ_id_GostR3410_94_aBis 1 2 643 2 2 20 2 */
-847, /* OBJ_id_GostR3410_94_b 1 2 643 2 2 20 3 */
-848, /* OBJ_id_GostR3410_94_bBis 1 2 643 2 2 20 4 */
-821, /* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
-822, /* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
-823, /* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
-824, /* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
-825, /* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
-826, /* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
-827, /* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
-828, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
-829, /* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
-830, /* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
-831, /* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
-832, /* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
-833, /* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
-834, /* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
-835, /* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
-836, /* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
-837, /* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
-838, /* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
-839, /* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
-840, /* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
-841, /* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
-842, /* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
-843, /* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
-844, /* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
- 2, /* OBJ_pkcs 1 2 840 113549 1 */
-431, /* OBJ_hold_instruction_none 1 2 840 10040 2 1 */
-432, /* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-433, /* OBJ_hold_instruction_reject 1 2 840 10040 2 3 */
-116, /* OBJ_dsa 1 2 840 10040 4 1 */
-113, /* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
-406, /* OBJ_X9_62_prime_field 1 2 840 10045 1 1 */
-407, /* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-408, /* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */
-416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
-791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
-792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
-920, /* OBJ_dhpublicnumber 1 2 840 10046 2 1 */
-258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
-175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */
-259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */
-128, /* OBJ_id_kp 1 3 6 1 5 5 7 3 */
-260, /* OBJ_id_it 1 3 6 1 5 5 7 4 */
-261, /* OBJ_id_pkip 1 3 6 1 5 5 7 5 */
-262, /* OBJ_id_alg 1 3 6 1 5 5 7 6 */
-263, /* OBJ_id_cmc 1 3 6 1 5 5 7 7 */
-264, /* OBJ_id_on 1 3 6 1 5 5 7 8 */
-265, /* OBJ_id_pda 1 3 6 1 5 5 7 9 */
-266, /* OBJ_id_aca 1 3 6 1 5 5 7 10 */
-267, /* OBJ_id_qcs 1 3 6 1 5 5 7 11 */
-268, /* OBJ_id_cct 1 3 6 1 5 5 7 12 */
-662, /* OBJ_id_ppl 1 3 6 1 5 5 7 21 */
-176, /* OBJ_id_ad 1 3 6 1 5 5 7 48 */
-507, /* OBJ_id_hex_partial_message 1 3 6 1 7 1 1 1 */
-508, /* OBJ_id_hex_multipart_message 1 3 6 1 7 1 1 2 */
-57, /* OBJ_netscape 2 16 840 1 113730 */
-754, /* OBJ_camellia_128_ecb 0 3 4401 5 3 1 9 1 */
-766, /* OBJ_camellia_128_ofb128 0 3 4401 5 3 1 9 3 */
-757, /* OBJ_camellia_128_cfb128 0 3 4401 5 3 1 9 4 */
-755, /* OBJ_camellia_192_ecb 0 3 4401 5 3 1 9 21 */
-767, /* OBJ_camellia_192_ofb128 0 3 4401 5 3 1 9 23 */
-758, /* OBJ_camellia_192_cfb128 0 3 4401 5 3 1 9 24 */
-756, /* OBJ_camellia_256_ecb 0 3 4401 5 3 1 9 41 */
-768, /* OBJ_camellia_256_ofb128 0 3 4401 5 3 1 9 43 */
-759, /* OBJ_camellia_256_cfb128 0 3 4401 5 3 1 9 44 */
-437, /* OBJ_pilot 0 9 2342 19200300 100 */
-776, /* OBJ_seed_ecb 1 2 410 200004 1 3 */
-777, /* OBJ_seed_cbc 1 2 410 200004 1 4 */
-779, /* OBJ_seed_cfb128 1 2 410 200004 1 5 */
-778, /* OBJ_seed_ofb128 1 2 410 200004 1 6 */
-852, /* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
-853, /* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
-850, /* OBJ_id_GostR3410_94_cc 1 2 643 2 9 1 5 3 */
-851, /* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */
-849, /* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */
-854, /* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
-186, /* OBJ_pkcs1 1 2 840 113549 1 1 */
-27, /* OBJ_pkcs3 1 2 840 113549 1 3 */
-187, /* OBJ_pkcs5 1 2 840 113549 1 5 */
-20, /* OBJ_pkcs7 1 2 840 113549 1 7 */
-47, /* OBJ_pkcs9 1 2 840 113549 1 9 */
- 3, /* OBJ_md2 1 2 840 113549 2 2 */
-257, /* OBJ_md4 1 2 840 113549 2 4 */
- 4, /* OBJ_md5 1 2 840 113549 2 5 */
-797, /* OBJ_hmacWithMD5 1 2 840 113549 2 6 */
-163, /* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
-798, /* OBJ_hmacWithSHA224 1 2 840 113549 2 8 */
-799, /* OBJ_hmacWithSHA256 1 2 840 113549 2 9 */
-800, /* OBJ_hmacWithSHA384 1 2 840 113549 2 10 */
-801, /* OBJ_hmacWithSHA512 1 2 840 113549 2 11 */
-37, /* OBJ_rc2_cbc 1 2 840 113549 3 2 */
- 5, /* OBJ_rc4 1 2 840 113549 3 4 */
-44, /* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
-120, /* OBJ_rc5_cbc 1 2 840 113549 3 8 */
-643, /* OBJ_des_cdmf 1 2 840 113549 3 10 */
-680, /* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-684, /* OBJ_X9_62_c2pnb163v1 1 2 840 10045 3 0 1 */
-685, /* OBJ_X9_62_c2pnb163v2 1 2 840 10045 3 0 2 */
-686, /* OBJ_X9_62_c2pnb163v3 1 2 840 10045 3 0 3 */
-687, /* OBJ_X9_62_c2pnb176v1 1 2 840 10045 3 0 4 */
-688, /* OBJ_X9_62_c2tnb191v1 1 2 840 10045 3 0 5 */
-689, /* OBJ_X9_62_c2tnb191v2 1 2 840 10045 3 0 6 */
-690, /* OBJ_X9_62_c2tnb191v3 1 2 840 10045 3 0 7 */
-691, /* OBJ_X9_62_c2onb191v4 1 2 840 10045 3 0 8 */
-692, /* OBJ_X9_62_c2onb191v5 1 2 840 10045 3 0 9 */
-693, /* OBJ_X9_62_c2pnb208w1 1 2 840 10045 3 0 10 */
-694, /* OBJ_X9_62_c2tnb239v1 1 2 840 10045 3 0 11 */
-695, /* OBJ_X9_62_c2tnb239v2 1 2 840 10045 3 0 12 */
-696, /* OBJ_X9_62_c2tnb239v3 1 2 840 10045 3 0 13 */
-697, /* OBJ_X9_62_c2onb239v4 1 2 840 10045 3 0 14 */
-698, /* OBJ_X9_62_c2onb239v5 1 2 840 10045 3 0 15 */
-699, /* OBJ_X9_62_c2pnb272w1 1 2 840 10045 3 0 16 */
-700, /* OBJ_X9_62_c2pnb304w1 1 2 840 10045 3 0 17 */
-701, /* OBJ_X9_62_c2tnb359v1 1 2 840 10045 3 0 18 */
-702, /* OBJ_X9_62_c2pnb368w1 1 2 840 10045 3 0 19 */
-703, /* OBJ_X9_62_c2tnb431r1 1 2 840 10045 3 0 20 */
-409, /* OBJ_X9_62_prime192v1 1 2 840 10045 3 1 1 */
-410, /* OBJ_X9_62_prime192v2 1 2 840 10045 3 1 2 */
-411, /* OBJ_X9_62_prime192v3 1 2 840 10045 3 1 3 */
-412, /* OBJ_X9_62_prime239v1 1 2 840 10045 3 1 4 */
-413, /* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */
-414, /* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */
-415, /* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */
-793, /* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */
-794, /* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */
-795, /* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */
-796, /* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */
-269, /* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */
-270, /* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */
-271, /* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */
-272, /* OBJ_id_pkix1_implicit_93 1 3 6 1 5 5 7 0 4 */
-273, /* OBJ_id_mod_crmf 1 3 6 1 5 5 7 0 5 */
-274, /* OBJ_id_mod_cmc 1 3 6 1 5 5 7 0 6 */
-275, /* OBJ_id_mod_kea_profile_88 1 3 6 1 5 5 7 0 7 */
-276, /* OBJ_id_mod_kea_profile_93 1 3 6 1 5 5 7 0 8 */
-277, /* OBJ_id_mod_cmp 1 3 6 1 5 5 7 0 9 */
-278, /* OBJ_id_mod_qualified_cert_88 1 3 6 1 5 5 7 0 10 */
-279, /* OBJ_id_mod_qualified_cert_93 1 3 6 1 5 5 7 0 11 */
-280, /* OBJ_id_mod_attribute_cert 1 3 6 1 5 5 7 0 12 */
-281, /* OBJ_id_mod_timestamp_protocol 1 3 6 1 5 5 7 0 13 */
-282, /* OBJ_id_mod_ocsp 1 3 6 1 5 5 7 0 14 */
-283, /* OBJ_id_mod_dvcs 1 3 6 1 5 5 7 0 15 */
-284, /* OBJ_id_mod_cmp2000 1 3 6 1 5 5 7 0 16 */
-177, /* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
-285, /* OBJ_biometricInfo 1 3 6 1 5 5 7 1 2 */
-286, /* OBJ_qcStatements 1 3 6 1 5 5 7 1 3 */
-287, /* OBJ_ac_auditEntity 1 3 6 1 5 5 7 1 4 */
-288, /* OBJ_ac_targeting 1 3 6 1 5 5 7 1 5 */
-289, /* OBJ_aaControls 1 3 6 1 5 5 7 1 6 */
-290, /* OBJ_sbgp_ipAddrBlock 1 3 6 1 5 5 7 1 7 */
-291, /* OBJ_sbgp_autonomousSysNum 1 3 6 1 5 5 7 1 8 */
-292, /* OBJ_sbgp_routerIdentifier 1 3 6 1 5 5 7 1 9 */
-397, /* OBJ_ac_proxying 1 3 6 1 5 5 7 1 10 */
-398, /* OBJ_sinfo_access 1 3 6 1 5 5 7 1 11 */
-663, /* OBJ_proxyCertInfo 1 3 6 1 5 5 7 1 14 */
-164, /* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
-165, /* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
-293, /* OBJ_textNotice 1 3 6 1 5 5 7 2 3 */
-129, /* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
-130, /* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
-131, /* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
-132, /* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
-294, /* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
-295, /* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
-296, /* OBJ_ipsecUser 1 3 6 1 5 5 7 3 7 */
-133, /* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
-180, /* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
-297, /* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
-298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
-299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
-300, /* OBJ_id_it_encKeyPairTypes 1 3 6 1 5 5 7 4 3 */
-301, /* OBJ_id_it_preferredSymmAlg 1 3 6 1 5 5 7 4 4 */
-302, /* OBJ_id_it_caKeyUpdateInfo 1 3 6 1 5 5 7 4 5 */
-303, /* OBJ_id_it_currentCRL 1 3 6 1 5 5 7 4 6 */
-304, /* OBJ_id_it_unsupportedOIDs 1 3 6 1 5 5 7 4 7 */
-305, /* OBJ_id_it_subscriptionRequest 1 3 6 1 5 5 7 4 8 */
-306, /* OBJ_id_it_subscriptionResponse 1 3 6 1 5 5 7 4 9 */
-307, /* OBJ_id_it_keyPairParamReq 1 3 6 1 5 5 7 4 10 */
-308, /* OBJ_id_it_keyPairParamRep 1 3 6 1 5 5 7 4 11 */
-309, /* OBJ_id_it_revPassphrase 1 3 6 1 5 5 7 4 12 */
-310, /* OBJ_id_it_implicitConfirm 1 3 6 1 5 5 7 4 13 */
-311, /* OBJ_id_it_confirmWaitTime 1 3 6 1 5 5 7 4 14 */
-312, /* OBJ_id_it_origPKIMessage 1 3 6 1 5 5 7 4 15 */
-784, /* OBJ_id_it_suppLangTags 1 3 6 1 5 5 7 4 16 */
-313, /* OBJ_id_regCtrl 1 3 6 1 5 5 7 5 1 */
-314, /* OBJ_id_regInfo 1 3 6 1 5 5 7 5 2 */
-323, /* OBJ_id_alg_des40 1 3 6 1 5 5 7 6 1 */
-324, /* OBJ_id_alg_noSignature 1 3 6 1 5 5 7 6 2 */
-325, /* OBJ_id_alg_dh_sig_hmac_sha1 1 3 6 1 5 5 7 6 3 */
-326, /* OBJ_id_alg_dh_pop 1 3 6 1 5 5 7 6 4 */
-327, /* OBJ_id_cmc_statusInfo 1 3 6 1 5 5 7 7 1 */
-328, /* OBJ_id_cmc_identification 1 3 6 1 5 5 7 7 2 */
-329, /* OBJ_id_cmc_identityProof 1 3 6 1 5 5 7 7 3 */
-330, /* OBJ_id_cmc_dataReturn 1 3 6 1 5 5 7 7 4 */
-331, /* OBJ_id_cmc_transactionId 1 3 6 1 5 5 7 7 5 */
-332, /* OBJ_id_cmc_senderNonce 1 3 6 1 5 5 7 7 6 */
-333, /* OBJ_id_cmc_recipientNonce 1 3 6 1 5 5 7 7 7 */
-334, /* OBJ_id_cmc_addExtensions 1 3 6 1 5 5 7 7 8 */
-335, /* OBJ_id_cmc_encryptedPOP 1 3 6 1 5 5 7 7 9 */
-336, /* OBJ_id_cmc_decryptedPOP 1 3 6 1 5 5 7 7 10 */
-337, /* OBJ_id_cmc_lraPOPWitness 1 3 6 1 5 5 7 7 11 */
-338, /* OBJ_id_cmc_getCert 1 3 6 1 5 5 7 7 15 */
-339, /* OBJ_id_cmc_getCRL 1 3 6 1 5 5 7 7 16 */
-340, /* OBJ_id_cmc_revokeRequest 1 3 6 1 5 5 7 7 17 */
-341, /* OBJ_id_cmc_regInfo 1 3 6 1 5 5 7 7 18 */
-342, /* OBJ_id_cmc_responseInfo 1 3 6 1 5 5 7 7 19 */
-343, /* OBJ_id_cmc_queryPending 1 3 6 1 5 5 7 7 21 */
-344, /* OBJ_id_cmc_popLinkRandom 1 3 6 1 5 5 7 7 22 */
-345, /* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */
-346, /* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-347, /* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */
-858, /* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */
-348, /* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */
-349, /* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */
-351, /* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */
-352, /* OBJ_id_pda_countryOfCitizenship 1 3 6 1 5 5 7 9 4 */
-353, /* OBJ_id_pda_countryOfResidence 1 3 6 1 5 5 7 9 5 */
-354, /* OBJ_id_aca_authenticationInfo 1 3 6 1 5 5 7 10 1 */
-355, /* OBJ_id_aca_accessIdentity 1 3 6 1 5 5 7 10 2 */
-356, /* OBJ_id_aca_chargingIdentity 1 3 6 1 5 5 7 10 3 */
-357, /* OBJ_id_aca_group 1 3 6 1 5 5 7 10 4 */
-358, /* OBJ_id_aca_role 1 3 6 1 5 5 7 10 5 */
-399, /* OBJ_id_aca_encAttrs 1 3 6 1 5 5 7 10 6 */
-359, /* OBJ_id_qcs_pkixQCSyntax_v1 1 3 6 1 5 5 7 11 1 */
-360, /* OBJ_id_cct_crs 1 3 6 1 5 5 7 12 1 */
-361, /* OBJ_id_cct_PKIData 1 3 6 1 5 5 7 12 2 */
-362, /* OBJ_id_cct_PKIResponse 1 3 6 1 5 5 7 12 3 */
-664, /* OBJ_id_ppl_anyLanguage 1 3 6 1 5 5 7 21 0 */
-665, /* OBJ_id_ppl_inheritAll 1 3 6 1 5 5 7 21 1 */
-667, /* OBJ_Independent 1 3 6 1 5 5 7 21 2 */
-178, /* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
-179, /* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
-363, /* OBJ_ad_timeStamping 1 3 6 1 5 5 7 48 3 */
-364, /* OBJ_ad_dvcs 1 3 6 1 5 5 7 48 4 */
-785, /* OBJ_caRepository 1 3 6 1 5 5 7 48 5 */
-780, /* OBJ_hmac_md5 1 3 6 1 5 5 8 1 1 */
-781, /* OBJ_hmac_sha1 1 3 6 1 5 5 8 1 2 */
-58, /* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
-59, /* OBJ_netscape_data_type 2 16 840 1 113730 2 */
-438, /* OBJ_pilotAttributeType 0 9 2342 19200300 100 1 */
-439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */
-440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */
-441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */
-108, /* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
-112, /* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
-782, /* OBJ_id_PasswordBasedMAC 1 2 840 113533 7 66 13 */
-783, /* OBJ_id_DHBasedMac 1 2 840 113533 7 66 30 */
- 6, /* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
- 7, /* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
-396, /* OBJ_md4WithRSAEncryption 1 2 840 113549 1 1 3 */
- 8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
-65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
-644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
-919, /* OBJ_rsaesOaep 1 2 840 113549 1 1 7 */
-911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */
-935, /* OBJ_pSpecified 1 2 840 113549 1 1 9 */
-912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */
-668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
-669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */
-670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */
-671, /* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */
-28, /* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
- 9, /* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
-10, /* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
-168, /* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
-169, /* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
-170, /* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
-68, /* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
-69, /* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
-161, /* OBJ_pbes2 1 2 840 113549 1 5 13 */
-162, /* OBJ_pbmac1 1 2 840 113549 1 5 14 */
-21, /* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
-22, /* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
-23, /* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
-24, /* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
-25, /* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
-26, /* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
-48, /* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
-49, /* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
-50, /* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
-51, /* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
-52, /* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
-53, /* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
-54, /* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
-55, /* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
-56, /* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
-172, /* OBJ_ext_req 1 2 840 113549 1 9 14 */
-167, /* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
-188, /* OBJ_SMIME 1 2 840 113549 1 9 16 */
-156, /* OBJ_friendlyName 1 2 840 113549 1 9 20 */
-157, /* OBJ_localKeyID 1 2 840 113549 1 9 21 */
-681, /* OBJ_X9_62_onBasis 1 2 840 10045 1 2 3 1 */
-682, /* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */
-683, /* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */
-417, /* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
-856, /* OBJ_LocalKeySet 1 3 6 1 4 1 311 17 2 */
-390, /* OBJ_dcObject 1 3 6 1 4 1 1466 344 */
-91, /* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
-315, /* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
-316, /* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
-317, /* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-318, /* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-319, /* OBJ_id_regCtrl_oldCertID 1 3 6 1 5 5 7 5 1 5 */
-320, /* OBJ_id_regCtrl_protocolEncrKey 1 3 6 1 5 5 7 5 1 6 */
-321, /* OBJ_id_regInfo_utf8Pairs 1 3 6 1 5 5 7 5 2 1 */
-322, /* OBJ_id_regInfo_certReq 1 3 6 1 5 5 7 5 2 2 */
-365, /* OBJ_id_pkix_OCSP_basic 1 3 6 1 5 5 7 48 1 1 */
-366, /* OBJ_id_pkix_OCSP_Nonce 1 3 6 1 5 5 7 48 1 2 */
-367, /* OBJ_id_pkix_OCSP_CrlID 1 3 6 1 5 5 7 48 1 3 */
-368, /* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-369, /* OBJ_id_pkix_OCSP_noCheck 1 3 6 1 5 5 7 48 1 5 */
-370, /* OBJ_id_pkix_OCSP_archiveCutoff 1 3 6 1 5 5 7 48 1 6 */
-371, /* OBJ_id_pkix_OCSP_serviceLocator 1 3 6 1 5 5 7 48 1 7 */
-372, /* OBJ_id_pkix_OCSP_extendedStatus 1 3 6 1 5 5 7 48 1 8 */
-373, /* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */
-374, /* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */
-375, /* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */
-921, /* OBJ_brainpoolP160r1 1 3 36 3 3 2 8 1 1 1 */
-922, /* OBJ_brainpoolP160t1 1 3 36 3 3 2 8 1 1 2 */
-923, /* OBJ_brainpoolP192r1 1 3 36 3 3 2 8 1 1 3 */
-924, /* OBJ_brainpoolP192t1 1 3 36 3 3 2 8 1 1 4 */
-925, /* OBJ_brainpoolP224r1 1 3 36 3 3 2 8 1 1 5 */
-926, /* OBJ_brainpoolP224t1 1 3 36 3 3 2 8 1 1 6 */
-927, /* OBJ_brainpoolP256r1 1 3 36 3 3 2 8 1 1 7 */
-928, /* OBJ_brainpoolP256t1 1 3 36 3 3 2 8 1 1 8 */
-929, /* OBJ_brainpoolP320r1 1 3 36 3 3 2 8 1 1 9 */
-930, /* OBJ_brainpoolP320t1 1 3 36 3 3 2 8 1 1 10 */
-931, /* OBJ_brainpoolP384r1 1 3 36 3 3 2 8 1 1 11 */
-932, /* OBJ_brainpoolP384t1 1 3 36 3 3 2 8 1 1 12 */
-933, /* OBJ_brainpoolP512r1 1 3 36 3 3 2 8 1 1 13 */
-934, /* OBJ_brainpoolP512t1 1 3 36 3 3 2 8 1 1 14 */
-936, /* OBJ_dhSinglePass_stdDH_sha1kdf_scheme 1 3 133 16 840 63 0 2 */
-941, /* OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme 1 3 133 16 840 63 0 3 */
-418, /* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */
-419, /* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */
-420, /* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */
-421, /* OBJ_aes_128_cfb128 2 16 840 1 101 3 4 1 4 */
-788, /* OBJ_id_aes128_wrap 2 16 840 1 101 3 4 1 5 */
-895, /* OBJ_aes_128_gcm 2 16 840 1 101 3 4 1 6 */
-896, /* OBJ_aes_128_ccm 2 16 840 1 101 3 4 1 7 */
-897, /* OBJ_id_aes128_wrap_pad 2 16 840 1 101 3 4 1 8 */
-422, /* OBJ_aes_192_ecb 2 16 840 1 101 3 4 1 21 */
-423, /* OBJ_aes_192_cbc 2 16 840 1 101 3 4 1 22 */
-424, /* OBJ_aes_192_ofb128 2 16 840 1 101 3 4 1 23 */
-425, /* OBJ_aes_192_cfb128 2 16 840 1 101 3 4 1 24 */
-789, /* OBJ_id_aes192_wrap 2 16 840 1 101 3 4 1 25 */
-898, /* OBJ_aes_192_gcm 2 16 840 1 101 3 4 1 26 */
-899, /* OBJ_aes_192_ccm 2 16 840 1 101 3 4 1 27 */
-900, /* OBJ_id_aes192_wrap_pad 2 16 840 1 101 3 4 1 28 */
-426, /* OBJ_aes_256_ecb 2 16 840 1 101 3 4 1 41 */
-427, /* OBJ_aes_256_cbc 2 16 840 1 101 3 4 1 42 */
-428, /* OBJ_aes_256_ofb128 2 16 840 1 101 3 4 1 43 */
-429, /* OBJ_aes_256_cfb128 2 16 840 1 101 3 4 1 44 */
-790, /* OBJ_id_aes256_wrap 2 16 840 1 101 3 4 1 45 */
-901, /* OBJ_aes_256_gcm 2 16 840 1 101 3 4 1 46 */
-902, /* OBJ_aes_256_ccm 2 16 840 1 101 3 4 1 47 */
-903, /* OBJ_id_aes256_wrap_pad 2 16 840 1 101 3 4 1 48 */
-672, /* OBJ_sha256 2 16 840 1 101 3 4 2 1 */
-673, /* OBJ_sha384 2 16 840 1 101 3 4 2 2 */
-674, /* OBJ_sha512 2 16 840 1 101 3 4 2 3 */
-675, /* OBJ_sha224 2 16 840 1 101 3 4 2 4 */
-802, /* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */
-803, /* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */
-71, /* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
-72, /* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
-73, /* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
-74, /* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
-75, /* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
-76, /* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
-77, /* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
-78, /* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
-79, /* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
-139, /* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
-458, /* OBJ_userId 0 9 2342 19200300 100 1 1 */
-459, /* OBJ_textEncodedORAddress 0 9 2342 19200300 100 1 2 */
-460, /* OBJ_rfc822Mailbox 0 9 2342 19200300 100 1 3 */
-461, /* OBJ_info 0 9 2342 19200300 100 1 4 */
-462, /* OBJ_favouriteDrink 0 9 2342 19200300 100 1 5 */
-463, /* OBJ_roomNumber 0 9 2342 19200300 100 1 6 */
-464, /* OBJ_photo 0 9 2342 19200300 100 1 7 */
-465, /* OBJ_userClass 0 9 2342 19200300 100 1 8 */
-466, /* OBJ_host 0 9 2342 19200300 100 1 9 */
-467, /* OBJ_manager 0 9 2342 19200300 100 1 10 */
-468, /* OBJ_documentIdentifier 0 9 2342 19200300 100 1 11 */
-469, /* OBJ_documentTitle 0 9 2342 19200300 100 1 12 */
-470, /* OBJ_documentVersion 0 9 2342 19200300 100 1 13 */
-471, /* OBJ_documentAuthor 0 9 2342 19200300 100 1 14 */
-472, /* OBJ_documentLocation 0 9 2342 19200300 100 1 15 */
-473, /* OBJ_homeTelephoneNumber 0 9 2342 19200300 100 1 20 */
-474, /* OBJ_secretary 0 9 2342 19200300 100 1 21 */
-475, /* OBJ_otherMailbox 0 9 2342 19200300 100 1 22 */
-476, /* OBJ_lastModifiedTime 0 9 2342 19200300 100 1 23 */
-477, /* OBJ_lastModifiedBy 0 9 2342 19200300 100 1 24 */
-391, /* OBJ_domainComponent 0 9 2342 19200300 100 1 25 */
-478, /* OBJ_aRecord 0 9 2342 19200300 100 1 26 */
-479, /* OBJ_pilotAttributeType27 0 9 2342 19200300 100 1 27 */
-480, /* OBJ_mXRecord 0 9 2342 19200300 100 1 28 */
-481, /* OBJ_nSRecord 0 9 2342 19200300 100 1 29 */
-482, /* OBJ_sOARecord 0 9 2342 19200300 100 1 30 */
-483, /* OBJ_cNAMERecord 0 9 2342 19200300 100 1 31 */
-484, /* OBJ_associatedDomain 0 9 2342 19200300 100 1 37 */
-485, /* OBJ_associatedName 0 9 2342 19200300 100 1 38 */
-486, /* OBJ_homePostalAddress 0 9 2342 19200300 100 1 39 */
-487, /* OBJ_personalTitle 0 9 2342 19200300 100 1 40 */
-488, /* OBJ_mobileTelephoneNumber 0 9 2342 19200300 100 1 41 */
-489, /* OBJ_pagerTelephoneNumber 0 9 2342 19200300 100 1 42 */
-490, /* OBJ_friendlyCountryName 0 9 2342 19200300 100 1 43 */
-491, /* OBJ_organizationalStatus 0 9 2342 19200300 100 1 45 */
-492, /* OBJ_janetMailbox 0 9 2342 19200300 100 1 46 */
-493, /* OBJ_mailPreferenceOption 0 9 2342 19200300 100 1 47 */
-494, /* OBJ_buildingName 0 9 2342 19200300 100 1 48 */
-495, /* OBJ_dSAQuality 0 9 2342 19200300 100 1 49 */
-496, /* OBJ_singleLevelQuality 0 9 2342 19200300 100 1 50 */
-497, /* OBJ_subtreeMinimumQuality 0 9 2342 19200300 100 1 51 */
-498, /* OBJ_subtreeMaximumQuality 0 9 2342 19200300 100 1 52 */
-499, /* OBJ_personalSignature 0 9 2342 19200300 100 1 53 */
-500, /* OBJ_dITRedirect 0 9 2342 19200300 100 1 54 */
-501, /* OBJ_audio 0 9 2342 19200300 100 1 55 */
-502, /* OBJ_documentPublisher 0 9 2342 19200300 100 1 56 */
-442, /* OBJ_iA5StringSyntax 0 9 2342 19200300 100 3 4 */
-443, /* OBJ_caseIgnoreIA5StringSyntax 0 9 2342 19200300 100 3 5 */
-444, /* OBJ_pilotObject 0 9 2342 19200300 100 4 3 */
-445, /* OBJ_pilotPerson 0 9 2342 19200300 100 4 4 */
-446, /* OBJ_account 0 9 2342 19200300 100 4 5 */
-447, /* OBJ_document 0 9 2342 19200300 100 4 6 */
-448, /* OBJ_room 0 9 2342 19200300 100 4 7 */
-449, /* OBJ_documentSeries 0 9 2342 19200300 100 4 9 */
-392, /* OBJ_Domain 0 9 2342 19200300 100 4 13 */
-450, /* OBJ_rFC822localPart 0 9 2342 19200300 100 4 14 */
-451, /* OBJ_dNSDomain 0 9 2342 19200300 100 4 15 */
-452, /* OBJ_domainRelatedObject 0 9 2342 19200300 100 4 17 */
-453, /* OBJ_friendlyCountry 0 9 2342 19200300 100 4 18 */
-454, /* OBJ_simpleSecurityObject 0 9 2342 19200300 100 4 19 */
-455, /* OBJ_pilotOrganization 0 9 2342 19200300 100 4 20 */
-456, /* OBJ_pilotDSA 0 9 2342 19200300 100 4 21 */
-457, /* OBJ_qualityLabelledData 0 9 2342 19200300 100 4 22 */
-189, /* OBJ_id_smime_mod 1 2 840 113549 1 9 16 0 */
-190, /* OBJ_id_smime_ct 1 2 840 113549 1 9 16 1 */
-191, /* OBJ_id_smime_aa 1 2 840 113549 1 9 16 2 */
-192, /* OBJ_id_smime_alg 1 2 840 113549 1 9 16 3 */
-193, /* OBJ_id_smime_cd 1 2 840 113549 1 9 16 4 */
-194, /* OBJ_id_smime_spq 1 2 840 113549 1 9 16 5 */
-195, /* OBJ_id_smime_cti 1 2 840 113549 1 9 16 6 */
-158, /* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
-159, /* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
-160, /* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
-144, /* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
-145, /* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
-146, /* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-147, /* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-148, /* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-149, /* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
-171, /* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
-134, /* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
-135, /* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
-136, /* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
-137, /* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
-138, /* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
-648, /* OBJ_ms_smartcard_login 1 3 6 1 4 1 311 20 2 2 */
-649, /* OBJ_ms_upn 1 3 6 1 4 1 311 20 2 3 */
-751, /* OBJ_camellia_128_cbc 1 2 392 200011 61 1 1 1 2 */
-752, /* OBJ_camellia_192_cbc 1 2 392 200011 61 1 1 1 3 */
-753, /* OBJ_camellia_256_cbc 1 2 392 200011 61 1 1 1 4 */
-907, /* OBJ_id_camellia128_wrap 1 2 392 200011 61 1 1 3 2 */
-908, /* OBJ_id_camellia192_wrap 1 2 392 200011 61 1 1 3 3 */
-909, /* OBJ_id_camellia256_wrap 1 2 392 200011 61 1 1 3 4 */
-196, /* OBJ_id_smime_mod_cms 1 2 840 113549 1 9 16 0 1 */
-197, /* OBJ_id_smime_mod_ess 1 2 840 113549 1 9 16 0 2 */
-198, /* OBJ_id_smime_mod_oid 1 2 840 113549 1 9 16 0 3 */
-199, /* OBJ_id_smime_mod_msg_v3 1 2 840 113549 1 9 16 0 4 */
-200, /* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-201, /* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-202, /* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-203, /* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-204, /* OBJ_id_smime_ct_receipt 1 2 840 113549 1 9 16 1 1 */
-205, /* OBJ_id_smime_ct_authData 1 2 840 113549 1 9 16 1 2 */
-206, /* OBJ_id_smime_ct_publishCert 1 2 840 113549 1 9 16 1 3 */
-207, /* OBJ_id_smime_ct_TSTInfo 1 2 840 113549 1 9 16 1 4 */
-208, /* OBJ_id_smime_ct_TDTInfo 1 2 840 113549 1 9 16 1 5 */
-209, /* OBJ_id_smime_ct_contentInfo 1 2 840 113549 1 9 16 1 6 */
-210, /* OBJ_id_smime_ct_DVCSRequestData 1 2 840 113549 1 9 16 1 7 */
-211, /* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-786, /* OBJ_id_smime_ct_compressedData 1 2 840 113549 1 9 16 1 9 */
-787, /* OBJ_id_ct_asciiTextWithCRLF 1 2 840 113549 1 9 16 1 27 */
-212, /* OBJ_id_smime_aa_receiptRequest 1 2 840 113549 1 9 16 2 1 */
-213, /* OBJ_id_smime_aa_securityLabel 1 2 840 113549 1 9 16 2 2 */
-214, /* OBJ_id_smime_aa_mlExpandHistory 1 2 840 113549 1 9 16 2 3 */
-215, /* OBJ_id_smime_aa_contentHint 1 2 840 113549 1 9 16 2 4 */
-216, /* OBJ_id_smime_aa_msgSigDigest 1 2 840 113549 1 9 16 2 5 */
-217, /* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-218, /* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-219, /* OBJ_id_smime_aa_macValue 1 2 840 113549 1 9 16 2 8 */
-220, /* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-221, /* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-222, /* OBJ_id_smime_aa_encrypKeyPref 1 2 840 113549 1 9 16 2 11 */
-223, /* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-224, /* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-225, /* OBJ_id_smime_aa_timeStampToken 1 2 840 113549 1 9 16 2 14 */
-226, /* OBJ_id_smime_aa_ets_sigPolicyId 1 2 840 113549 1 9 16 2 15 */
-227, /* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-228, /* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-229, /* OBJ_id_smime_aa_ets_signerAttr 1 2 840 113549 1 9 16 2 18 */
-230, /* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-231, /* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-232, /* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-233, /* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-234, /* OBJ_id_smime_aa_ets_certValues 1 2 840 113549 1 9 16 2 23 */
-235, /* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-236, /* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-237, /* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-238, /* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-239, /* OBJ_id_smime_aa_signatureType 1 2 840 113549 1 9 16 2 28 */
-240, /* OBJ_id_smime_aa_dvcs_dvc 1 2 840 113549 1 9 16 2 29 */
-241, /* OBJ_id_smime_alg_ESDHwith3DES 1 2 840 113549 1 9 16 3 1 */
-242, /* OBJ_id_smime_alg_ESDHwithRC2 1 2 840 113549 1 9 16 3 2 */
-243, /* OBJ_id_smime_alg_3DESwrap 1 2 840 113549 1 9 16 3 3 */
-244, /* OBJ_id_smime_alg_RC2wrap 1 2 840 113549 1 9 16 3 4 */
-245, /* OBJ_id_smime_alg_ESDH 1 2 840 113549 1 9 16 3 5 */
-246, /* OBJ_id_smime_alg_CMS3DESwrap 1 2 840 113549 1 9 16 3 6 */
-247, /* OBJ_id_smime_alg_CMSRC2wrap 1 2 840 113549 1 9 16 3 7 */
-125, /* OBJ_zlib_compression 1 2 840 113549 1 9 16 3 8 */
-893, /* OBJ_id_alg_PWRI_KEK 1 2 840 113549 1 9 16 3 9 */
-248, /* OBJ_id_smime_cd_ldap 1 2 840 113549 1 9 16 4 1 */
-249, /* OBJ_id_smime_spq_ets_sqt_uri 1 2 840 113549 1 9 16 5 1 */
-250, /* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-251, /* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-252, /* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-253, /* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-254, /* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-255, /* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-256, /* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-150, /* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
-151, /* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
-152, /* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
-153, /* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
-154, /* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
-155, /* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
-34, /* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
+static const unsigned kNIDsInOIDOrder[] = {
+ 434 /* 0.9 (OBJ_data) */, 182 /* 1.2 (OBJ_member_body) */,
+ 379 /* 1.3 (OBJ_org) */, 676 /* 1.3 (OBJ_identified_organization) */,
+ 11 /* 2.5 (OBJ_X500) */, 647 /* 2.23 (OBJ_international_organizations) */,
+ 380 /* 1.3.6 (OBJ_dod) */, 12 /* 2.5.4 (OBJ_X509) */,
+ 378 /* 2.5.8 (OBJ_X500algorithms) */, 81 /* 2.5.29 (OBJ_id_ce) */,
+ 512 /* 2.23.42 (OBJ_id_set) */, 678 /* 2.23.43 (OBJ_wap) */,
+ 435 /* 0.9.2342 (OBJ_pss) */, 183 /* 1.2.840 (OBJ_ISO_US) */,
+ 381 /* 1.3.6.1 (OBJ_iana) */, 677 /* 1.3.132 (OBJ_certicom_arc) */,
+ 394 /* 2.5.1.5 (OBJ_selected_attribute_types) */,
+ 13 /* 2.5.4.3 (OBJ_commonName) */, 100 /* 2.5.4.4 (OBJ_surname) */,
+ 105 /* 2.5.4.5 (OBJ_serialNumber) */, 14 /* 2.5.4.6 (OBJ_countryName) */,
+ 15 /* 2.5.4.7 (OBJ_localityName) */,
+ 16 /* 2.5.4.8 (OBJ_stateOrProvinceName) */,
+ 660 /* 2.5.4.9 (OBJ_streetAddress) */,
+ 17 /* 2.5.4.10 (OBJ_organizationName) */,
+ 18 /* 2.5.4.11 (OBJ_organizationalUnitName) */,
+ 106 /* 2.5.4.12 (OBJ_title) */, 107 /* 2.5.4.13 (OBJ_description) */,
+ 859 /* 2.5.4.14 (OBJ_searchGuide) */,
+ 860 /* 2.5.4.15 (OBJ_businessCategory) */,
+ 861 /* 2.5.4.16 (OBJ_postalAddress) */, 661 /* 2.5.4.17 (OBJ_postalCode) */,
+ 862 /* 2.5.4.18 (OBJ_postOfficeBox) */,
+ 863 /* 2.5.4.19 (OBJ_physicalDeliveryOfficeName) */,
+ 864 /* 2.5.4.20 (OBJ_telephoneNumber) */,
+ 865 /* 2.5.4.21 (OBJ_telexNumber) */,
+ 866 /* 2.5.4.22 (OBJ_teletexTerminalIdentifier) */,
+ 867 /* 2.5.4.23 (OBJ_facsimileTelephoneNumber) */,
+ 868 /* 2.5.4.24 (OBJ_x121Address) */,
+ 869 /* 2.5.4.25 (OBJ_internationaliSDNNumber) */,
+ 870 /* 2.5.4.26 (OBJ_registeredAddress) */,
+ 871 /* 2.5.4.27 (OBJ_destinationIndicator) */,
+ 872 /* 2.5.4.28 (OBJ_preferredDeliveryMethod) */,
+ 873 /* 2.5.4.29 (OBJ_presentationAddress) */,
+ 874 /* 2.5.4.30 (OBJ_supportedApplicationContext) */,
+ 875 /* 2.5.4.31 (OBJ_member) */, 876 /* 2.5.4.32 (OBJ_owner) */,
+ 877 /* 2.5.4.33 (OBJ_roleOccupant) */, 878 /* 2.5.4.34 (OBJ_seeAlso) */,
+ 879 /* 2.5.4.35 (OBJ_userPassword) */,
+ 880 /* 2.5.4.36 (OBJ_userCertificate) */,
+ 881 /* 2.5.4.37 (OBJ_cACertificate) */,
+ 882 /* 2.5.4.38 (OBJ_authorityRevocationList) */,
+ 883 /* 2.5.4.39 (OBJ_certificateRevocationList) */,
+ 884 /* 2.5.4.40 (OBJ_crossCertificatePair) */,
+ 173 /* 2.5.4.41 (OBJ_name) */, 99 /* 2.5.4.42 (OBJ_givenName) */,
+ 101 /* 2.5.4.43 (OBJ_initials) */,
+ 509 /* 2.5.4.44 (OBJ_generationQualifier) */,
+ 503 /* 2.5.4.45 (OBJ_x500UniqueIdentifier) */,
+ 174 /* 2.5.4.46 (OBJ_dnQualifier) */,
+ 885 /* 2.5.4.47 (OBJ_enhancedSearchGuide) */,
+ 886 /* 2.5.4.48 (OBJ_protocolInformation) */,
+ 887 /* 2.5.4.49 (OBJ_distinguishedName) */,
+ 888 /* 2.5.4.50 (OBJ_uniqueMember) */,
+ 889 /* 2.5.4.51 (OBJ_houseIdentifier) */,
+ 890 /* 2.5.4.52 (OBJ_supportedAlgorithms) */,
+ 891 /* 2.5.4.53 (OBJ_deltaRevocationList) */,
+ 892 /* 2.5.4.54 (OBJ_dmdName) */, 510 /* 2.5.4.65 (OBJ_pseudonym) */,
+ 400 /* 2.5.4.72 (OBJ_role) */,
+ 769 /* 2.5.29.9 (OBJ_subject_directory_attributes) */,
+ 82 /* 2.5.29.14 (OBJ_subject_key_identifier) */,
+ 83 /* 2.5.29.15 (OBJ_key_usage) */,
+ 84 /* 2.5.29.16 (OBJ_private_key_usage_period) */,
+ 85 /* 2.5.29.17 (OBJ_subject_alt_name) */,
+ 86 /* 2.5.29.18 (OBJ_issuer_alt_name) */,
+ 87 /* 2.5.29.19 (OBJ_basic_constraints) */,
+ 88 /* 2.5.29.20 (OBJ_crl_number) */, 141 /* 2.5.29.21 (OBJ_crl_reason) */,
+ 430 /* 2.5.29.23 (OBJ_hold_instruction_code) */,
+ 142 /* 2.5.29.24 (OBJ_invalidity_date) */,
+ 140 /* 2.5.29.27 (OBJ_delta_crl) */,
+ 770 /* 2.5.29.28 (OBJ_issuing_distribution_point) */,
+ 771 /* 2.5.29.29 (OBJ_certificate_issuer) */,
+ 666 /* 2.5.29.30 (OBJ_name_constraints) */,
+ 103 /* 2.5.29.31 (OBJ_crl_distribution_points) */,
+ 89 /* 2.5.29.32 (OBJ_certificate_policies) */,
+ 747 /* 2.5.29.33 (OBJ_policy_mappings) */,
+ 90 /* 2.5.29.35 (OBJ_authority_key_identifier) */,
+ 401 /* 2.5.29.36 (OBJ_policy_constraints) */,
+ 126 /* 2.5.29.37 (OBJ_ext_key_usage) */,
+ 857 /* 2.5.29.46 (OBJ_freshest_crl) */,
+ 748 /* 2.5.29.54 (OBJ_inhibit_any_policy) */,
+ 402 /* 2.5.29.55 (OBJ_target_information) */,
+ 403 /* 2.5.29.56 (OBJ_no_rev_avail) */, 513 /* 2.23.42.0 (OBJ_set_ctype) */,
+ 514 /* 2.23.42.1 (OBJ_set_msgExt) */, 515 /* 2.23.42.3 (OBJ_set_attr) */,
+ 516 /* 2.23.42.5 (OBJ_set_policy) */, 517 /* 2.23.42.7 (OBJ_set_certExt) */,
+ 518 /* 2.23.42.8 (OBJ_set_brand) */, 679 /* 2.23.43.1 (OBJ_wap_wsg) */,
+ 382 /* 1.3.6.1.1 (OBJ_Directory) */, 383 /* 1.3.6.1.2 (OBJ_Management) */,
+ 384 /* 1.3.6.1.3 (OBJ_Experimental) */, 385 /* 1.3.6.1.4 (OBJ_Private) */,
+ 386 /* 1.3.6.1.5 (OBJ_Security) */, 387 /* 1.3.6.1.6 (OBJ_SNMPv2) */,
+ 388 /* 1.3.6.1.7 (OBJ_Mail) */, 376 /* 1.3.14.3.2 (OBJ_algorithm) */,
+ 395 /* 2.5.1.5.55 (OBJ_clearance) */, 19 /* 2.5.8.1.1 (OBJ_rsa) */,
+ 96 /* 2.5.8.3.100 (OBJ_mdc2WithRSA) */, 95 /* 2.5.8.3.101 (OBJ_mdc2) */,
+ 746 /* 2.5.29.32.0 (OBJ_any_policy) */,
+ 910 /* 2.5.29.37.0 (OBJ_anyExtendedKeyUsage) */,
+ 519 /* 2.23.42.0.0 (OBJ_setct_PANData) */,
+ 520 /* 2.23.42.0.1 (OBJ_setct_PANToken) */,
+ 521 /* 2.23.42.0.2 (OBJ_setct_PANOnly) */,
+ 522 /* 2.23.42.0.3 (OBJ_setct_OIData) */,
+ 523 /* 2.23.42.0.4 (OBJ_setct_PI) */,
+ 524 /* 2.23.42.0.5 (OBJ_setct_PIData) */,
+ 525 /* 2.23.42.0.6 (OBJ_setct_PIDataUnsigned) */,
+ 526 /* 2.23.42.0.7 (OBJ_setct_HODInput) */,
+ 527 /* 2.23.42.0.8 (OBJ_setct_AuthResBaggage) */,
+ 528 /* 2.23.42.0.9 (OBJ_setct_AuthRevReqBaggage) */,
+ 529 /* 2.23.42.0.10 (OBJ_setct_AuthRevResBaggage) */,
+ 530 /* 2.23.42.0.11 (OBJ_setct_CapTokenSeq) */,
+ 531 /* 2.23.42.0.12 (OBJ_setct_PInitResData) */,
+ 532 /* 2.23.42.0.13 (OBJ_setct_PI_TBS) */,
+ 533 /* 2.23.42.0.14 (OBJ_setct_PResData) */,
+ 534 /* 2.23.42.0.16 (OBJ_setct_AuthReqTBS) */,
+ 535 /* 2.23.42.0.17 (OBJ_setct_AuthResTBS) */,
+ 536 /* 2.23.42.0.18 (OBJ_setct_AuthResTBSX) */,
+ 537 /* 2.23.42.0.19 (OBJ_setct_AuthTokenTBS) */,
+ 538 /* 2.23.42.0.20 (OBJ_setct_CapTokenData) */,
+ 539 /* 2.23.42.0.21 (OBJ_setct_CapTokenTBS) */,
+ 540 /* 2.23.42.0.22 (OBJ_setct_AcqCardCodeMsg) */,
+ 541 /* 2.23.42.0.23 (OBJ_setct_AuthRevReqTBS) */,
+ 542 /* 2.23.42.0.24 (OBJ_setct_AuthRevResData) */,
+ 543 /* 2.23.42.0.25 (OBJ_setct_AuthRevResTBS) */,
+ 544 /* 2.23.42.0.26 (OBJ_setct_CapReqTBS) */,
+ 545 /* 2.23.42.0.27 (OBJ_setct_CapReqTBSX) */,
+ 546 /* 2.23.42.0.28 (OBJ_setct_CapResData) */,
+ 547 /* 2.23.42.0.29 (OBJ_setct_CapRevReqTBS) */,
+ 548 /* 2.23.42.0.30 (OBJ_setct_CapRevReqTBSX) */,
+ 549 /* 2.23.42.0.31 (OBJ_setct_CapRevResData) */,
+ 550 /* 2.23.42.0.32 (OBJ_setct_CredReqTBS) */,
+ 551 /* 2.23.42.0.33 (OBJ_setct_CredReqTBSX) */,
+ 552 /* 2.23.42.0.34 (OBJ_setct_CredResData) */,
+ 553 /* 2.23.42.0.35 (OBJ_setct_CredRevReqTBS) */,
+ 554 /* 2.23.42.0.36 (OBJ_setct_CredRevReqTBSX) */,
+ 555 /* 2.23.42.0.37 (OBJ_setct_CredRevResData) */,
+ 556 /* 2.23.42.0.38 (OBJ_setct_PCertReqData) */,
+ 557 /* 2.23.42.0.39 (OBJ_setct_PCertResTBS) */,
+ 558 /* 2.23.42.0.40 (OBJ_setct_BatchAdminReqData) */,
+ 559 /* 2.23.42.0.41 (OBJ_setct_BatchAdminResData) */,
+ 560 /* 2.23.42.0.42 (OBJ_setct_CardCInitResTBS) */,
+ 561 /* 2.23.42.0.43 (OBJ_setct_MeAqCInitResTBS) */,
+ 562 /* 2.23.42.0.44 (OBJ_setct_RegFormResTBS) */,
+ 563 /* 2.23.42.0.45 (OBJ_setct_CertReqData) */,
+ 564 /* 2.23.42.0.46 (OBJ_setct_CertReqTBS) */,
+ 565 /* 2.23.42.0.47 (OBJ_setct_CertResData) */,
+ 566 /* 2.23.42.0.48 (OBJ_setct_CertInqReqTBS) */,
+ 567 /* 2.23.42.0.49 (OBJ_setct_ErrorTBS) */,
+ 568 /* 2.23.42.0.50 (OBJ_setct_PIDualSignedTBE) */,
+ 569 /* 2.23.42.0.51 (OBJ_setct_PIUnsignedTBE) */,
+ 570 /* 2.23.42.0.52 (OBJ_setct_AuthReqTBE) */,
+ 571 /* 2.23.42.0.53 (OBJ_setct_AuthResTBE) */,
+ 572 /* 2.23.42.0.54 (OBJ_setct_AuthResTBEX) */,
+ 573 /* 2.23.42.0.55 (OBJ_setct_AuthTokenTBE) */,
+ 574 /* 2.23.42.0.56 (OBJ_setct_CapTokenTBE) */,
+ 575 /* 2.23.42.0.57 (OBJ_setct_CapTokenTBEX) */,
+ 576 /* 2.23.42.0.58 (OBJ_setct_AcqCardCodeMsgTBE) */,
+ 577 /* 2.23.42.0.59 (OBJ_setct_AuthRevReqTBE) */,
+ 578 /* 2.23.42.0.60 (OBJ_setct_AuthRevResTBE) */,
+ 579 /* 2.23.42.0.61 (OBJ_setct_AuthRevResTBEB) */,
+ 580 /* 2.23.42.0.62 (OBJ_setct_CapReqTBE) */,
+ 581 /* 2.23.42.0.63 (OBJ_setct_CapReqTBEX) */,
+ 582 /* 2.23.42.0.64 (OBJ_setct_CapResTBE) */,
+ 583 /* 2.23.42.0.65 (OBJ_setct_CapRevReqTBE) */,
+ 584 /* 2.23.42.0.66 (OBJ_setct_CapRevReqTBEX) */,
+ 585 /* 2.23.42.0.67 (OBJ_setct_CapRevResTBE) */,
+ 586 /* 2.23.42.0.68 (OBJ_setct_CredReqTBE) */,
+ 587 /* 2.23.42.0.69 (OBJ_setct_CredReqTBEX) */,
+ 588 /* 2.23.42.0.70 (OBJ_setct_CredResTBE) */,
+ 589 /* 2.23.42.0.71 (OBJ_setct_CredRevReqTBE) */,
+ 590 /* 2.23.42.0.72 (OBJ_setct_CredRevReqTBEX) */,
+ 591 /* 2.23.42.0.73 (OBJ_setct_CredRevResTBE) */,
+ 592 /* 2.23.42.0.74 (OBJ_setct_BatchAdminReqTBE) */,
+ 593 /* 2.23.42.0.75 (OBJ_setct_BatchAdminResTBE) */,
+ 594 /* 2.23.42.0.76 (OBJ_setct_RegFormReqTBE) */,
+ 595 /* 2.23.42.0.77 (OBJ_setct_CertReqTBE) */,
+ 596 /* 2.23.42.0.78 (OBJ_setct_CertReqTBEX) */,
+ 597 /* 2.23.42.0.79 (OBJ_setct_CertResTBE) */,
+ 598 /* 2.23.42.0.80 (OBJ_setct_CRLNotificationTBS) */,
+ 599 /* 2.23.42.0.81 (OBJ_setct_CRLNotificationResTBS) */,
+ 600 /* 2.23.42.0.82 (OBJ_setct_BCIDistributionTBS) */,
+ 601 /* 2.23.42.1.1 (OBJ_setext_genCrypt) */,
+ 602 /* 2.23.42.1.3 (OBJ_setext_miAuth) */,
+ 603 /* 2.23.42.1.4 (OBJ_setext_pinSecure) */,
+ 604 /* 2.23.42.1.5 (OBJ_setext_pinAny) */,
+ 605 /* 2.23.42.1.7 (OBJ_setext_track2) */,
+ 606 /* 2.23.42.1.8 (OBJ_setext_cv) */,
+ 620 /* 2.23.42.3.0 (OBJ_setAttr_Cert) */,
+ 621 /* 2.23.42.3.1 (OBJ_setAttr_PGWYcap) */,
+ 622 /* 2.23.42.3.2 (OBJ_setAttr_TokenType) */,
+ 623 /* 2.23.42.3.3 (OBJ_setAttr_IssCap) */,
+ 607 /* 2.23.42.5.0 (OBJ_set_policy_root) */,
+ 608 /* 2.23.42.7.0 (OBJ_setCext_hashedRoot) */,
+ 609 /* 2.23.42.7.1 (OBJ_setCext_certType) */,
+ 610 /* 2.23.42.7.2 (OBJ_setCext_merchData) */,
+ 611 /* 2.23.42.7.3 (OBJ_setCext_cCertRequired) */,
+ 612 /* 2.23.42.7.4 (OBJ_setCext_tunneling) */,
+ 613 /* 2.23.42.7.5 (OBJ_setCext_setExt) */,
+ 614 /* 2.23.42.7.6 (OBJ_setCext_setQualf) */,
+ 615 /* 2.23.42.7.7 (OBJ_setCext_PGWYcapabilities) */,
+ 616 /* 2.23.42.7.8 (OBJ_setCext_TokenIdentifier) */,
+ 617 /* 2.23.42.7.9 (OBJ_setCext_Track2Data) */,
+ 618 /* 2.23.42.7.10 (OBJ_setCext_TokenType) */,
+ 619 /* 2.23.42.7.11 (OBJ_setCext_IssuerCapabilities) */,
+ 636 /* 2.23.42.8.1 (OBJ_set_brand_IATA_ATA) */,
+ 640 /* 2.23.42.8.4 (OBJ_set_brand_Visa) */,
+ 641 /* 2.23.42.8.5 (OBJ_set_brand_MasterCard) */,
+ 637 /* 2.23.42.8.30 (OBJ_set_brand_Diners) */,
+ 638 /* 2.23.42.8.34 (OBJ_set_brand_AmericanExpress) */,
+ 639 /* 2.23.42.8.35 (OBJ_set_brand_JCB) */,
+ 805 /* 1.2.643.2.2 (OBJ_cryptopro) */,
+ 806 /* 1.2.643.2.9 (OBJ_cryptocom) */, 184 /* 1.2.840.10040 (OBJ_X9_57) */,
+ 405 /* 1.2.840.10045 (OBJ_ansi_X9_62) */,
+ 389 /* 1.3.6.1.4.1 (OBJ_Enterprises) */,
+ 504 /* 1.3.6.1.7.1 (OBJ_mime_mhs) */,
+ 104 /* 1.3.14.3.2.3 (OBJ_md5WithRSA) */,
+ 29 /* 1.3.14.3.2.6 (OBJ_des_ecb) */, 31 /* 1.3.14.3.2.7 (OBJ_des_cbc) */,
+ 45 /* 1.3.14.3.2.8 (OBJ_des_ofb64) */,
+ 30 /* 1.3.14.3.2.9 (OBJ_des_cfb64) */,
+ 377 /* 1.3.14.3.2.11 (OBJ_rsaSignature) */,
+ 67 /* 1.3.14.3.2.12 (OBJ_dsa_2) */, 66 /* 1.3.14.3.2.13 (OBJ_dsaWithSHA) */,
+ 42 /* 1.3.14.3.2.15 (OBJ_shaWithRSAEncryption) */,
+ 32 /* 1.3.14.3.2.17 (OBJ_des_ede_ecb) */, 41 /* 1.3.14.3.2.18 (OBJ_sha) */,
+ 64 /* 1.3.14.3.2.26 (OBJ_sha1) */,
+ 70 /* 1.3.14.3.2.27 (OBJ_dsaWithSHA1_2) */,
+ 115 /* 1.3.14.3.2.29 (OBJ_sha1WithRSA) */,
+ 117 /* 1.3.36.3.2.1 (OBJ_ripemd160) */, 143 /* 1.3.101.1.4.1 (OBJ_sxnet) */,
+ 721 /* 1.3.132.0.1 (OBJ_sect163k1) */,
+ 722 /* 1.3.132.0.2 (OBJ_sect163r1) */,
+ 728 /* 1.3.132.0.3 (OBJ_sect239k1) */,
+ 717 /* 1.3.132.0.4 (OBJ_sect113r1) */,
+ 718 /* 1.3.132.0.5 (OBJ_sect113r2) */,
+ 704 /* 1.3.132.0.6 (OBJ_secp112r1) */,
+ 705 /* 1.3.132.0.7 (OBJ_secp112r2) */,
+ 709 /* 1.3.132.0.8 (OBJ_secp160r1) */,
+ 708 /* 1.3.132.0.9 (OBJ_secp160k1) */,
+ 714 /* 1.3.132.0.10 (OBJ_secp256k1) */,
+ 723 /* 1.3.132.0.15 (OBJ_sect163r2) */,
+ 729 /* 1.3.132.0.16 (OBJ_sect283k1) */,
+ 730 /* 1.3.132.0.17 (OBJ_sect283r1) */,
+ 719 /* 1.3.132.0.22 (OBJ_sect131r1) */,
+ 720 /* 1.3.132.0.23 (OBJ_sect131r2) */,
+ 724 /* 1.3.132.0.24 (OBJ_sect193r1) */,
+ 725 /* 1.3.132.0.25 (OBJ_sect193r2) */,
+ 726 /* 1.3.132.0.26 (OBJ_sect233k1) */,
+ 727 /* 1.3.132.0.27 (OBJ_sect233r1) */,
+ 706 /* 1.3.132.0.28 (OBJ_secp128r1) */,
+ 707 /* 1.3.132.0.29 (OBJ_secp128r2) */,
+ 710 /* 1.3.132.0.30 (OBJ_secp160r2) */,
+ 711 /* 1.3.132.0.31 (OBJ_secp192k1) */,
+ 712 /* 1.3.132.0.32 (OBJ_secp224k1) */,
+ 713 /* 1.3.132.0.33 (OBJ_secp224r1) */,
+ 715 /* 1.3.132.0.34 (OBJ_secp384r1) */,
+ 716 /* 1.3.132.0.35 (OBJ_secp521r1) */,
+ 731 /* 1.3.132.0.36 (OBJ_sect409k1) */,
+ 732 /* 1.3.132.0.37 (OBJ_sect409r1) */,
+ 733 /* 1.3.132.0.38 (OBJ_sect571k1) */,
+ 734 /* 1.3.132.0.39 (OBJ_sect571r1) */,
+ 624 /* 2.23.42.3.0.0 (OBJ_set_rootKeyThumb) */,
+ 625 /* 2.23.42.3.0.1 (OBJ_set_addPolicy) */,
+ 626 /* 2.23.42.3.2.1 (OBJ_setAttr_Token_EMV) */,
+ 627 /* 2.23.42.3.2.2 (OBJ_setAttr_Token_B0Prime) */,
+ 628 /* 2.23.42.3.3.3 (OBJ_setAttr_IssCap_CVM) */,
+ 629 /* 2.23.42.3.3.4 (OBJ_setAttr_IssCap_T2) */,
+ 630 /* 2.23.42.3.3.5 (OBJ_setAttr_IssCap_Sig) */,
+ 642 /* 2.23.42.8.6011 (OBJ_set_brand_Novus) */,
+ 735 /* 2.23.43.1.4.1 (OBJ_wap_wsg_idm_ecid_wtls1) */,
+ 736 /* 2.23.43.1.4.3 (OBJ_wap_wsg_idm_ecid_wtls3) */,
+ 737 /* 2.23.43.1.4.4 (OBJ_wap_wsg_idm_ecid_wtls4) */,
+ 738 /* 2.23.43.1.4.5 (OBJ_wap_wsg_idm_ecid_wtls5) */,
+ 739 /* 2.23.43.1.4.6 (OBJ_wap_wsg_idm_ecid_wtls6) */,
+ 740 /* 2.23.43.1.4.7 (OBJ_wap_wsg_idm_ecid_wtls7) */,
+ 741 /* 2.23.43.1.4.8 (OBJ_wap_wsg_idm_ecid_wtls8) */,
+ 742 /* 2.23.43.1.4.9 (OBJ_wap_wsg_idm_ecid_wtls9) */,
+ 743 /* 2.23.43.1.4.10 (OBJ_wap_wsg_idm_ecid_wtls10) */,
+ 744 /* 2.23.43.1.4.11 (OBJ_wap_wsg_idm_ecid_wtls11) */,
+ 745 /* 2.23.43.1.4.12 (OBJ_wap_wsg_idm_ecid_wtls12) */,
+ 804 /* 1.0.10118.3.0.55 (OBJ_whirlpool) */,
+ 773 /* 1.2.410.200004 (OBJ_kisa) */,
+ 807 /* 1.2.643.2.2.3 (OBJ_id_GostR3411_94_with_GostR3410_2001) */,
+ 808 /* 1.2.643.2.2.4 (OBJ_id_GostR3411_94_with_GostR3410_94) */,
+ 809 /* 1.2.643.2.2.9 (OBJ_id_GostR3411_94) */,
+ 810 /* 1.2.643.2.2.10 (OBJ_id_HMACGostR3411_94) */,
+ 811 /* 1.2.643.2.2.19 (OBJ_id_GostR3410_2001) */,
+ 812 /* 1.2.643.2.2.20 (OBJ_id_GostR3410_94) */,
+ 813 /* 1.2.643.2.2.21 (OBJ_id_Gost28147_89) */,
+ 815 /* 1.2.643.2.2.22 (OBJ_id_Gost28147_89_MAC) */,
+ 816 /* 1.2.643.2.2.23 (OBJ_id_GostR3411_94_prf) */,
+ 817 /* 1.2.643.2.2.98 (OBJ_id_GostR3410_2001DH) */,
+ 818 /* 1.2.643.2.2.99 (OBJ_id_GostR3410_94DH) */,
+ 1 /* 1.2.840.113549 (OBJ_rsadsi) */, 185 /* 1.2.840.10040.4 (OBJ_X9cm) */,
+ 127 /* 1.3.6.1.5.5.7 (OBJ_id_pkix) */,
+ 505 /* 1.3.6.1.7.1.1 (OBJ_mime_mhs_headings) */,
+ 506 /* 1.3.6.1.7.1.2 (OBJ_mime_mhs_bodies) */,
+ 119 /* 1.3.36.3.3.1.2 (OBJ_ripemd160WithRSA) */,
+ 937 /* 1.3.132.1.11.0 (OBJ_dhSinglePass_stdDH_sha224kdf_scheme) */,
+ 938 /* 1.3.132.1.11.1 (OBJ_dhSinglePass_stdDH_sha256kdf_scheme) */,
+ 939 /* 1.3.132.1.11.2 (OBJ_dhSinglePass_stdDH_sha384kdf_scheme) */,
+ 940 /* 1.3.132.1.11.3 (OBJ_dhSinglePass_stdDH_sha512kdf_scheme) */,
+ 942 /* 1.3.132.1.14.0 (OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme) */,
+ 943 /* 1.3.132.1.14.1 (OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme) */,
+ 944 /* 1.3.132.1.14.2 (OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme) */,
+ 945 /* 1.3.132.1.14.3 (OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme) */,
+ 631 /* 2.23.42.3.3.3.1 (OBJ_setAttr_GenCryptgrm) */,
+ 632 /* 2.23.42.3.3.4.1 (OBJ_setAttr_T2Enc) */,
+ 633 /* 2.23.42.3.3.4.2 (OBJ_setAttr_T2cleartxt) */,
+ 634 /* 2.23.42.3.3.5.1 (OBJ_setAttr_TokICCsig) */,
+ 635 /* 2.23.42.3.3.5.2 (OBJ_setAttr_SecDevSig) */,
+ 436 /* 0.9.2342.19200300 (OBJ_ucl) */,
+ 820 /* 1.2.643.2.2.14.0 (OBJ_id_Gost28147_89_None_KeyMeshing) */,
+ 819 /* 1.2.643.2.2.14.1 (OBJ_id_Gost28147_89_CryptoPro_KeyMeshing) */,
+ 845 /* 1.2.643.2.2.20.1 (OBJ_id_GostR3410_94_a) */,
+ 846 /* 1.2.643.2.2.20.2 (OBJ_id_GostR3410_94_aBis) */,
+ 847 /* 1.2.643.2.2.20.3 (OBJ_id_GostR3410_94_b) */,
+ 848 /* 1.2.643.2.2.20.4 (OBJ_id_GostR3410_94_bBis) */,
+ 821 /* 1.2.643.2.2.30.0 (OBJ_id_GostR3411_94_TestParamSet) */,
+ 822 /* 1.2.643.2.2.30.1 (OBJ_id_GostR3411_94_CryptoProParamSet) */,
+ 823 /* 1.2.643.2.2.31.0 (OBJ_id_Gost28147_89_TestParamSet) */,
+ 824 /* 1.2.643.2.2.31.1 (OBJ_id_Gost28147_89_CryptoPro_A_ParamSet) */,
+ 825 /* 1.2.643.2.2.31.2 (OBJ_id_Gost28147_89_CryptoPro_B_ParamSet) */,
+ 826 /* 1.2.643.2.2.31.3 (OBJ_id_Gost28147_89_CryptoPro_C_ParamSet) */,
+ 827 /* 1.2.643.2.2.31.4 (OBJ_id_Gost28147_89_CryptoPro_D_ParamSet) */,
+ 828 /* 1.2.643.2.2.31.5 (OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet) */
+ ,
+ 829 /* 1.2.643.2.2.31.6 (OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet) */
+ ,
+ 830 /* 1.2.643.2.2.31.7 (OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet) */,
+ 831 /* 1.2.643.2.2.32.0 (OBJ_id_GostR3410_94_TestParamSet) */,
+ 832 /* 1.2.643.2.2.32.2 (OBJ_id_GostR3410_94_CryptoPro_A_ParamSet) */,
+ 833 /* 1.2.643.2.2.32.3 (OBJ_id_GostR3410_94_CryptoPro_B_ParamSet) */,
+ 834 /* 1.2.643.2.2.32.4 (OBJ_id_GostR3410_94_CryptoPro_C_ParamSet) */,
+ 835 /* 1.2.643.2.2.32.5 (OBJ_id_GostR3410_94_CryptoPro_D_ParamSet) */,
+ 836 /* 1.2.643.2.2.33.1 (OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet) */,
+ 837 /* 1.2.643.2.2.33.2 (OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet) */,
+ 838 /* 1.2.643.2.2.33.3 (OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet) */,
+ 839 /* 1.2.643.2.2.35.0 (OBJ_id_GostR3410_2001_TestParamSet) */,
+ 840 /* 1.2.643.2.2.35.1 (OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet) */,
+ 841 /* 1.2.643.2.2.35.2 (OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet) */,
+ 842 /* 1.2.643.2.2.35.3 (OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet) */,
+ 843 /* 1.2.643.2.2.36.0 (OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet) */,
+ 844 /* 1.2.643.2.2.36.1 (OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet) */,
+ 2 /* 1.2.840.113549.1 (OBJ_pkcs) */,
+ 431 /* 1.2.840.10040.2.1 (OBJ_hold_instruction_none) */,
+ 432 /* 1.2.840.10040.2.2 (OBJ_hold_instruction_call_issuer) */,
+ 433 /* 1.2.840.10040.2.3 (OBJ_hold_instruction_reject) */,
+ 116 /* 1.2.840.10040.4.1 (OBJ_dsa) */,
+ 113 /* 1.2.840.10040.4.3 (OBJ_dsaWithSHA1) */,
+ 406 /* 1.2.840.10045.1.1 (OBJ_X9_62_prime_field) */,
+ 407 /* 1.2.840.10045.1.2 (OBJ_X9_62_characteristic_two_field) */,
+ 408 /* 1.2.840.10045.2.1 (OBJ_X9_62_id_ecPublicKey) */,
+ 416 /* 1.2.840.10045.4.1 (OBJ_ecdsa_with_SHA1) */,
+ 791 /* 1.2.840.10045.4.2 (OBJ_ecdsa_with_Recommended) */,
+ 792 /* 1.2.840.10045.4.3 (OBJ_ecdsa_with_Specified) */,
+ 920 /* 1.2.840.10046.2.1 (OBJ_dhpublicnumber) */,
+ 258 /* 1.3.6.1.5.5.7.0 (OBJ_id_pkix_mod) */,
+ 175 /* 1.3.6.1.5.5.7.1 (OBJ_id_pe) */,
+ 259 /* 1.3.6.1.5.5.7.2 (OBJ_id_qt) */,
+ 128 /* 1.3.6.1.5.5.7.3 (OBJ_id_kp) */,
+ 260 /* 1.3.6.1.5.5.7.4 (OBJ_id_it) */,
+ 261 /* 1.3.6.1.5.5.7.5 (OBJ_id_pkip) */,
+ 262 /* 1.3.6.1.5.5.7.6 (OBJ_id_alg) */,
+ 263 /* 1.3.6.1.5.5.7.7 (OBJ_id_cmc) */,
+ 264 /* 1.3.6.1.5.5.7.8 (OBJ_id_on) */,
+ 265 /* 1.3.6.1.5.5.7.9 (OBJ_id_pda) */,
+ 266 /* 1.3.6.1.5.5.7.10 (OBJ_id_aca) */,
+ 267 /* 1.3.6.1.5.5.7.11 (OBJ_id_qcs) */,
+ 268 /* 1.3.6.1.5.5.7.12 (OBJ_id_cct) */,
+ 662 /* 1.3.6.1.5.5.7.21 (OBJ_id_ppl) */,
+ 176 /* 1.3.6.1.5.5.7.48 (OBJ_id_ad) */,
+ 507 /* 1.3.6.1.7.1.1.1 (OBJ_id_hex_partial_message) */,
+ 508 /* 1.3.6.1.7.1.1.2 (OBJ_id_hex_multipart_message) */,
+ 57 /* 2.16.840.1.113730 (OBJ_netscape) */,
+ 754 /* 0.3.4401.5.3.1.9.1 (OBJ_camellia_128_ecb) */,
+ 766 /* 0.3.4401.5.3.1.9.3 (OBJ_camellia_128_ofb128) */,
+ 757 /* 0.3.4401.5.3.1.9.4 (OBJ_camellia_128_cfb128) */,
+ 755 /* 0.3.4401.5.3.1.9.21 (OBJ_camellia_192_ecb) */,
+ 767 /* 0.3.4401.5.3.1.9.23 (OBJ_camellia_192_ofb128) */,
+ 758 /* 0.3.4401.5.3.1.9.24 (OBJ_camellia_192_cfb128) */,
+ 756 /* 0.3.4401.5.3.1.9.41 (OBJ_camellia_256_ecb) */,
+ 768 /* 0.3.4401.5.3.1.9.43 (OBJ_camellia_256_ofb128) */,
+ 759 /* 0.3.4401.5.3.1.9.44 (OBJ_camellia_256_cfb128) */,
+ 437 /* 0.9.2342.19200300.100 (OBJ_pilot) */,
+ 776 /* 1.2.410.200004.1.3 (OBJ_seed_ecb) */,
+ 777 /* 1.2.410.200004.1.4 (OBJ_seed_cbc) */,
+ 779 /* 1.2.410.200004.1.5 (OBJ_seed_cfb128) */,
+ 778 /* 1.2.410.200004.1.6 (OBJ_seed_ofb128) */,
+ 852 /* 1.2.643.2.9.1.3.3 (OBJ_id_GostR3411_94_with_GostR3410_94_cc) */,
+ 853 /* 1.2.643.2.9.1.3.4 (OBJ_id_GostR3411_94_with_GostR3410_2001_cc) */,
+ 850 /* 1.2.643.2.9.1.5.3 (OBJ_id_GostR3410_94_cc) */,
+ 851 /* 1.2.643.2.9.1.5.4 (OBJ_id_GostR3410_2001_cc) */,
+ 849 /* 1.2.643.2.9.1.6.1 (OBJ_id_Gost28147_89_cc) */,
+ 854 /* 1.2.643.2.9.1.8.1 (OBJ_id_GostR3410_2001_ParamSet_cc) */,
+ 186 /* 1.2.840.113549.1.1 (OBJ_pkcs1) */,
+ 27 /* 1.2.840.113549.1.3 (OBJ_pkcs3) */,
+ 187 /* 1.2.840.113549.1.5 (OBJ_pkcs5) */,
+ 20 /* 1.2.840.113549.1.7 (OBJ_pkcs7) */,
+ 47 /* 1.2.840.113549.1.9 (OBJ_pkcs9) */,
+ 3 /* 1.2.840.113549.2.2 (OBJ_md2) */,
+ 257 /* 1.2.840.113549.2.4 (OBJ_md4) */,
+ 4 /* 1.2.840.113549.2.5 (OBJ_md5) */,
+ 797 /* 1.2.840.113549.2.6 (OBJ_hmacWithMD5) */,
+ 163 /* 1.2.840.113549.2.7 (OBJ_hmacWithSHA1) */,
+ 798 /* 1.2.840.113549.2.8 (OBJ_hmacWithSHA224) */,
+ 799 /* 1.2.840.113549.2.9 (OBJ_hmacWithSHA256) */,
+ 800 /* 1.2.840.113549.2.10 (OBJ_hmacWithSHA384) */,
+ 801 /* 1.2.840.113549.2.11 (OBJ_hmacWithSHA512) */,
+ 37 /* 1.2.840.113549.3.2 (OBJ_rc2_cbc) */,
+ 5 /* 1.2.840.113549.3.4 (OBJ_rc4) */,
+ 44 /* 1.2.840.113549.3.7 (OBJ_des_ede3_cbc) */,
+ 120 /* 1.2.840.113549.3.8 (OBJ_rc5_cbc) */,
+ 643 /* 1.2.840.113549.3.10 (OBJ_des_cdmf) */,
+ 680 /* 1.2.840.10045.1.2.3 (OBJ_X9_62_id_characteristic_two_basis) */,
+ 684 /* 1.2.840.10045.3.0.1 (OBJ_X9_62_c2pnb163v1) */,
+ 685 /* 1.2.840.10045.3.0.2 (OBJ_X9_62_c2pnb163v2) */,
+ 686 /* 1.2.840.10045.3.0.3 (OBJ_X9_62_c2pnb163v3) */,
+ 687 /* 1.2.840.10045.3.0.4 (OBJ_X9_62_c2pnb176v1) */,
+ 688 /* 1.2.840.10045.3.0.5 (OBJ_X9_62_c2tnb191v1) */,
+ 689 /* 1.2.840.10045.3.0.6 (OBJ_X9_62_c2tnb191v2) */,
+ 690 /* 1.2.840.10045.3.0.7 (OBJ_X9_62_c2tnb191v3) */,
+ 691 /* 1.2.840.10045.3.0.8 (OBJ_X9_62_c2onb191v4) */,
+ 692 /* 1.2.840.10045.3.0.9 (OBJ_X9_62_c2onb191v5) */,
+ 693 /* 1.2.840.10045.3.0.10 (OBJ_X9_62_c2pnb208w1) */,
+ 694 /* 1.2.840.10045.3.0.11 (OBJ_X9_62_c2tnb239v1) */,
+ 695 /* 1.2.840.10045.3.0.12 (OBJ_X9_62_c2tnb239v2) */,
+ 696 /* 1.2.840.10045.3.0.13 (OBJ_X9_62_c2tnb239v3) */,
+ 697 /* 1.2.840.10045.3.0.14 (OBJ_X9_62_c2onb239v4) */,
+ 698 /* 1.2.840.10045.3.0.15 (OBJ_X9_62_c2onb239v5) */,
+ 699 /* 1.2.840.10045.3.0.16 (OBJ_X9_62_c2pnb272w1) */,
+ 700 /* 1.2.840.10045.3.0.17 (OBJ_X9_62_c2pnb304w1) */,
+ 701 /* 1.2.840.10045.3.0.18 (OBJ_X9_62_c2tnb359v1) */,
+ 702 /* 1.2.840.10045.3.0.19 (OBJ_X9_62_c2pnb368w1) */,
+ 703 /* 1.2.840.10045.3.0.20 (OBJ_X9_62_c2tnb431r1) */,
+ 409 /* 1.2.840.10045.3.1.1 (OBJ_X9_62_prime192v1) */,
+ 410 /* 1.2.840.10045.3.1.2 (OBJ_X9_62_prime192v2) */,
+ 411 /* 1.2.840.10045.3.1.3 (OBJ_X9_62_prime192v3) */,
+ 412 /* 1.2.840.10045.3.1.4 (OBJ_X9_62_prime239v1) */,
+ 413 /* 1.2.840.10045.3.1.5 (OBJ_X9_62_prime239v2) */,
+ 414 /* 1.2.840.10045.3.1.6 (OBJ_X9_62_prime239v3) */,
+ 415 /* 1.2.840.10045.3.1.7 (OBJ_X9_62_prime256v1) */,
+ 793 /* 1.2.840.10045.4.3.1 (OBJ_ecdsa_with_SHA224) */,
+ 794 /* 1.2.840.10045.4.3.2 (OBJ_ecdsa_with_SHA256) */,
+ 795 /* 1.2.840.10045.4.3.3 (OBJ_ecdsa_with_SHA384) */,
+ 796 /* 1.2.840.10045.4.3.4 (OBJ_ecdsa_with_SHA512) */,
+ 269 /* 1.3.6.1.5.5.7.0.1 (OBJ_id_pkix1_explicit_88) */,
+ 270 /* 1.3.6.1.5.5.7.0.2 (OBJ_id_pkix1_implicit_88) */,
+ 271 /* 1.3.6.1.5.5.7.0.3 (OBJ_id_pkix1_explicit_93) */,
+ 272 /* 1.3.6.1.5.5.7.0.4 (OBJ_id_pkix1_implicit_93) */,
+ 273 /* 1.3.6.1.5.5.7.0.5 (OBJ_id_mod_crmf) */,
+ 274 /* 1.3.6.1.5.5.7.0.6 (OBJ_id_mod_cmc) */,
+ 275 /* 1.3.6.1.5.5.7.0.7 (OBJ_id_mod_kea_profile_88) */,
+ 276 /* 1.3.6.1.5.5.7.0.8 (OBJ_id_mod_kea_profile_93) */,
+ 277 /* 1.3.6.1.5.5.7.0.9 (OBJ_id_mod_cmp) */,
+ 278 /* 1.3.6.1.5.5.7.0.10 (OBJ_id_mod_qualified_cert_88) */,
+ 279 /* 1.3.6.1.5.5.7.0.11 (OBJ_id_mod_qualified_cert_93) */,
+ 280 /* 1.3.6.1.5.5.7.0.12 (OBJ_id_mod_attribute_cert) */,
+ 281 /* 1.3.6.1.5.5.7.0.13 (OBJ_id_mod_timestamp_protocol) */,
+ 282 /* 1.3.6.1.5.5.7.0.14 (OBJ_id_mod_ocsp) */,
+ 283 /* 1.3.6.1.5.5.7.0.15 (OBJ_id_mod_dvcs) */,
+ 284 /* 1.3.6.1.5.5.7.0.16 (OBJ_id_mod_cmp2000) */,
+ 177 /* 1.3.6.1.5.5.7.1.1 (OBJ_info_access) */,
+ 285 /* 1.3.6.1.5.5.7.1.2 (OBJ_biometricInfo) */,
+ 286 /* 1.3.6.1.5.5.7.1.3 (OBJ_qcStatements) */,
+ 287 /* 1.3.6.1.5.5.7.1.4 (OBJ_ac_auditEntity) */,
+ 288 /* 1.3.6.1.5.5.7.1.5 (OBJ_ac_targeting) */,
+ 289 /* 1.3.6.1.5.5.7.1.6 (OBJ_aaControls) */,
+ 290 /* 1.3.6.1.5.5.7.1.7 (OBJ_sbgp_ipAddrBlock) */,
+ 291 /* 1.3.6.1.5.5.7.1.8 (OBJ_sbgp_autonomousSysNum) */,
+ 292 /* 1.3.6.1.5.5.7.1.9 (OBJ_sbgp_routerIdentifier) */,
+ 397 /* 1.3.6.1.5.5.7.1.10 (OBJ_ac_proxying) */,
+ 398 /* 1.3.6.1.5.5.7.1.11 (OBJ_sinfo_access) */,
+ 663 /* 1.3.6.1.5.5.7.1.14 (OBJ_proxyCertInfo) */,
+ 164 /* 1.3.6.1.5.5.7.2.1 (OBJ_id_qt_cps) */,
+ 165 /* 1.3.6.1.5.5.7.2.2 (OBJ_id_qt_unotice) */,
+ 293 /* 1.3.6.1.5.5.7.2.3 (OBJ_textNotice) */,
+ 129 /* 1.3.6.1.5.5.7.3.1 (OBJ_server_auth) */,
+ 130 /* 1.3.6.1.5.5.7.3.2 (OBJ_client_auth) */,
+ 131 /* 1.3.6.1.5.5.7.3.3 (OBJ_code_sign) */,
+ 132 /* 1.3.6.1.5.5.7.3.4 (OBJ_email_protect) */,
+ 294 /* 1.3.6.1.5.5.7.3.5 (OBJ_ipsecEndSystem) */,
+ 295 /* 1.3.6.1.5.5.7.3.6 (OBJ_ipsecTunnel) */,
+ 296 /* 1.3.6.1.5.5.7.3.7 (OBJ_ipsecUser) */,
+ 133 /* 1.3.6.1.5.5.7.3.8 (OBJ_time_stamp) */,
+ 180 /* 1.3.6.1.5.5.7.3.9 (OBJ_OCSP_sign) */,
+ 297 /* 1.3.6.1.5.5.7.3.10 (OBJ_dvcs) */,
+ 298 /* 1.3.6.1.5.5.7.4.1 (OBJ_id_it_caProtEncCert) */,
+ 299 /* 1.3.6.1.5.5.7.4.2 (OBJ_id_it_signKeyPairTypes) */,
+ 300 /* 1.3.6.1.5.5.7.4.3 (OBJ_id_it_encKeyPairTypes) */,
+ 301 /* 1.3.6.1.5.5.7.4.4 (OBJ_id_it_preferredSymmAlg) */,
+ 302 /* 1.3.6.1.5.5.7.4.5 (OBJ_id_it_caKeyUpdateInfo) */,
+ 303 /* 1.3.6.1.5.5.7.4.6 (OBJ_id_it_currentCRL) */,
+ 304 /* 1.3.6.1.5.5.7.4.7 (OBJ_id_it_unsupportedOIDs) */,
+ 305 /* 1.3.6.1.5.5.7.4.8 (OBJ_id_it_subscriptionRequest) */,
+ 306 /* 1.3.6.1.5.5.7.4.9 (OBJ_id_it_subscriptionResponse) */,
+ 307 /* 1.3.6.1.5.5.7.4.10 (OBJ_id_it_keyPairParamReq) */,
+ 308 /* 1.3.6.1.5.5.7.4.11 (OBJ_id_it_keyPairParamRep) */,
+ 309 /* 1.3.6.1.5.5.7.4.12 (OBJ_id_it_revPassphrase) */,
+ 310 /* 1.3.6.1.5.5.7.4.13 (OBJ_id_it_implicitConfirm) */,
+ 311 /* 1.3.6.1.5.5.7.4.14 (OBJ_id_it_confirmWaitTime) */,
+ 312 /* 1.3.6.1.5.5.7.4.15 (OBJ_id_it_origPKIMessage) */,
+ 784 /* 1.3.6.1.5.5.7.4.16 (OBJ_id_it_suppLangTags) */,
+ 313 /* 1.3.6.1.5.5.7.5.1 (OBJ_id_regCtrl) */,
+ 314 /* 1.3.6.1.5.5.7.5.2 (OBJ_id_regInfo) */,
+ 323 /* 1.3.6.1.5.5.7.6.1 (OBJ_id_alg_des40) */,
+ 324 /* 1.3.6.1.5.5.7.6.2 (OBJ_id_alg_noSignature) */,
+ 325 /* 1.3.6.1.5.5.7.6.3 (OBJ_id_alg_dh_sig_hmac_sha1) */,
+ 326 /* 1.3.6.1.5.5.7.6.4 (OBJ_id_alg_dh_pop) */,
+ 327 /* 1.3.6.1.5.5.7.7.1 (OBJ_id_cmc_statusInfo) */,
+ 328 /* 1.3.6.1.5.5.7.7.2 (OBJ_id_cmc_identification) */,
+ 329 /* 1.3.6.1.5.5.7.7.3 (OBJ_id_cmc_identityProof) */,
+ 330 /* 1.3.6.1.5.5.7.7.4 (OBJ_id_cmc_dataReturn) */,
+ 331 /* 1.3.6.1.5.5.7.7.5 (OBJ_id_cmc_transactionId) */,
+ 332 /* 1.3.6.1.5.5.7.7.6 (OBJ_id_cmc_senderNonce) */,
+ 333 /* 1.3.6.1.5.5.7.7.7 (OBJ_id_cmc_recipientNonce) */,
+ 334 /* 1.3.6.1.5.5.7.7.8 (OBJ_id_cmc_addExtensions) */,
+ 335 /* 1.3.6.1.5.5.7.7.9 (OBJ_id_cmc_encryptedPOP) */,
+ 336 /* 1.3.6.1.5.5.7.7.10 (OBJ_id_cmc_decryptedPOP) */,
+ 337 /* 1.3.6.1.5.5.7.7.11 (OBJ_id_cmc_lraPOPWitness) */,
+ 338 /* 1.3.6.1.5.5.7.7.15 (OBJ_id_cmc_getCert) */,
+ 339 /* 1.3.6.1.5.5.7.7.16 (OBJ_id_cmc_getCRL) */,
+ 340 /* 1.3.6.1.5.5.7.7.17 (OBJ_id_cmc_revokeRequest) */,
+ 341 /* 1.3.6.1.5.5.7.7.18 (OBJ_id_cmc_regInfo) */,
+ 342 /* 1.3.6.1.5.5.7.7.19 (OBJ_id_cmc_responseInfo) */,
+ 343 /* 1.3.6.1.5.5.7.7.21 (OBJ_id_cmc_queryPending) */,
+ 344 /* 1.3.6.1.5.5.7.7.22 (OBJ_id_cmc_popLinkRandom) */,
+ 345 /* 1.3.6.1.5.5.7.7.23 (OBJ_id_cmc_popLinkWitness) */,
+ 346 /* 1.3.6.1.5.5.7.7.24 (OBJ_id_cmc_confirmCertAcceptance) */,
+ 347 /* 1.3.6.1.5.5.7.8.1 (OBJ_id_on_personalData) */,
+ 858 /* 1.3.6.1.5.5.7.8.3 (OBJ_id_on_permanentIdentifier) */,
+ 348 /* 1.3.6.1.5.5.7.9.1 (OBJ_id_pda_dateOfBirth) */,
+ 349 /* 1.3.6.1.5.5.7.9.2 (OBJ_id_pda_placeOfBirth) */,
+ 351 /* 1.3.6.1.5.5.7.9.3 (OBJ_id_pda_gender) */,
+ 352 /* 1.3.6.1.5.5.7.9.4 (OBJ_id_pda_countryOfCitizenship) */,
+ 353 /* 1.3.6.1.5.5.7.9.5 (OBJ_id_pda_countryOfResidence) */,
+ 354 /* 1.3.6.1.5.5.7.10.1 (OBJ_id_aca_authenticationInfo) */,
+ 355 /* 1.3.6.1.5.5.7.10.2 (OBJ_id_aca_accessIdentity) */,
+ 356 /* 1.3.6.1.5.5.7.10.3 (OBJ_id_aca_chargingIdentity) */,
+ 357 /* 1.3.6.1.5.5.7.10.4 (OBJ_id_aca_group) */,
+ 358 /* 1.3.6.1.5.5.7.10.5 (OBJ_id_aca_role) */,
+ 399 /* 1.3.6.1.5.5.7.10.6 (OBJ_id_aca_encAttrs) */,
+ 359 /* 1.3.6.1.5.5.7.11.1 (OBJ_id_qcs_pkixQCSyntax_v1) */,
+ 360 /* 1.3.6.1.5.5.7.12.1 (OBJ_id_cct_crs) */,
+ 361 /* 1.3.6.1.5.5.7.12.2 (OBJ_id_cct_PKIData) */,
+ 362 /* 1.3.6.1.5.5.7.12.3 (OBJ_id_cct_PKIResponse) */,
+ 664 /* 1.3.6.1.5.5.7.21.0 (OBJ_id_ppl_anyLanguage) */,
+ 665 /* 1.3.6.1.5.5.7.21.1 (OBJ_id_ppl_inheritAll) */,
+ 667 /* 1.3.6.1.5.5.7.21.2 (OBJ_Independent) */,
+ 178 /* 1.3.6.1.5.5.7.48.1 (OBJ_ad_OCSP) */,
+ 179 /* 1.3.6.1.5.5.7.48.2 (OBJ_ad_ca_issuers) */,
+ 363 /* 1.3.6.1.5.5.7.48.3 (OBJ_ad_timeStamping) */,
+ 364 /* 1.3.6.1.5.5.7.48.4 (OBJ_ad_dvcs) */,
+ 785 /* 1.3.6.1.5.5.7.48.5 (OBJ_caRepository) */,
+ 780 /* 1.3.6.1.5.5.8.1.1 (OBJ_hmac_md5) */,
+ 781 /* 1.3.6.1.5.5.8.1.2 (OBJ_hmac_sha1) */,
+ 58 /* 2.16.840.1.113730.1 (OBJ_netscape_cert_extension) */,
+ 59 /* 2.16.840.1.113730.2 (OBJ_netscape_data_type) */,
+ 438 /* 0.9.2342.19200300.100.1 (OBJ_pilotAttributeType) */,
+ 439 /* 0.9.2342.19200300.100.3 (OBJ_pilotAttributeSyntax) */,
+ 440 /* 0.9.2342.19200300.100.4 (OBJ_pilotObjectClass) */,
+ 441 /* 0.9.2342.19200300.100.10 (OBJ_pilotGroups) */,
+ 108 /* 1.2.840.113533.7.66.10 (OBJ_cast5_cbc) */,
+ 112 /* 1.2.840.113533.7.66.12 (OBJ_pbeWithMD5AndCast5_CBC) */,
+ 782 /* 1.2.840.113533.7.66.13 (OBJ_id_PasswordBasedMAC) */,
+ 783 /* 1.2.840.113533.7.66.30 (OBJ_id_DHBasedMac) */,
+ 6 /* 1.2.840.113549.1.1.1 (OBJ_rsaEncryption) */,
+ 7 /* 1.2.840.113549.1.1.2 (OBJ_md2WithRSAEncryption) */,
+ 396 /* 1.2.840.113549.1.1.3 (OBJ_md4WithRSAEncryption) */,
+ 8 /* 1.2.840.113549.1.1.4 (OBJ_md5WithRSAEncryption) */,
+ 65 /* 1.2.840.113549.1.1.5 (OBJ_sha1WithRSAEncryption) */,
+ 644 /* 1.2.840.113549.1.1.6 (OBJ_rsaOAEPEncryptionSET) */,
+ 919 /* 1.2.840.113549.1.1.7 (OBJ_rsaesOaep) */,
+ 911 /* 1.2.840.113549.1.1.8 (OBJ_mgf1) */,
+ 935 /* 1.2.840.113549.1.1.9 (OBJ_pSpecified) */,
+ 912 /* 1.2.840.113549.1.1.10 (OBJ_rsassaPss) */,
+ 668 /* 1.2.840.113549.1.1.11 (OBJ_sha256WithRSAEncryption) */,
+ 669 /* 1.2.840.113549.1.1.12 (OBJ_sha384WithRSAEncryption) */,
+ 670 /* 1.2.840.113549.1.1.13 (OBJ_sha512WithRSAEncryption) */,
+ 671 /* 1.2.840.113549.1.1.14 (OBJ_sha224WithRSAEncryption) */,
+ 28 /* 1.2.840.113549.1.3.1 (OBJ_dhKeyAgreement) */,
+ 9 /* 1.2.840.113549.1.5.1 (OBJ_pbeWithMD2AndDES_CBC) */,
+ 10 /* 1.2.840.113549.1.5.3 (OBJ_pbeWithMD5AndDES_CBC) */,
+ 168 /* 1.2.840.113549.1.5.4 (OBJ_pbeWithMD2AndRC2_CBC) */,
+ 169 /* 1.2.840.113549.1.5.6 (OBJ_pbeWithMD5AndRC2_CBC) */,
+ 170 /* 1.2.840.113549.1.5.10 (OBJ_pbeWithSHA1AndDES_CBC) */,
+ 68 /* 1.2.840.113549.1.5.11 (OBJ_pbeWithSHA1AndRC2_CBC) */,
+ 69 /* 1.2.840.113549.1.5.12 (OBJ_id_pbkdf2) */,
+ 161 /* 1.2.840.113549.1.5.13 (OBJ_pbes2) */,
+ 162 /* 1.2.840.113549.1.5.14 (OBJ_pbmac1) */,
+ 21 /* 1.2.840.113549.1.7.1 (OBJ_pkcs7_data) */,
+ 22 /* 1.2.840.113549.1.7.2 (OBJ_pkcs7_signed) */,
+ 23 /* 1.2.840.113549.1.7.3 (OBJ_pkcs7_enveloped) */,
+ 24 /* 1.2.840.113549.1.7.4 (OBJ_pkcs7_signedAndEnveloped) */,
+ 25 /* 1.2.840.113549.1.7.5 (OBJ_pkcs7_digest) */,
+ 26 /* 1.2.840.113549.1.7.6 (OBJ_pkcs7_encrypted) */,
+ 48 /* 1.2.840.113549.1.9.1 (OBJ_pkcs9_emailAddress) */,
+ 49 /* 1.2.840.113549.1.9.2 (OBJ_pkcs9_unstructuredName) */,
+ 50 /* 1.2.840.113549.1.9.3 (OBJ_pkcs9_contentType) */,
+ 51 /* 1.2.840.113549.1.9.4 (OBJ_pkcs9_messageDigest) */,
+ 52 /* 1.2.840.113549.1.9.5 (OBJ_pkcs9_signingTime) */,
+ 53 /* 1.2.840.113549.1.9.6 (OBJ_pkcs9_countersignature) */,
+ 54 /* 1.2.840.113549.1.9.7 (OBJ_pkcs9_challengePassword) */,
+ 55 /* 1.2.840.113549.1.9.8 (OBJ_pkcs9_unstructuredAddress) */,
+ 56 /* 1.2.840.113549.1.9.9 (OBJ_pkcs9_extCertAttributes) */,
+ 172 /* 1.2.840.113549.1.9.14 (OBJ_ext_req) */,
+ 167 /* 1.2.840.113549.1.9.15 (OBJ_SMIMECapabilities) */,
+ 188 /* 1.2.840.113549.1.9.16 (OBJ_SMIME) */,
+ 156 /* 1.2.840.113549.1.9.20 (OBJ_friendlyName) */,
+ 157 /* 1.2.840.113549.1.9.21 (OBJ_localKeyID) */,
+ 681 /* 1.2.840.10045.1.2.3.1 (OBJ_X9_62_onBasis) */,
+ 682 /* 1.2.840.10045.1.2.3.2 (OBJ_X9_62_tpBasis) */,
+ 683 /* 1.2.840.10045.1.2.3.3 (OBJ_X9_62_ppBasis) */,
+ 417 /* 1.3.6.1.4.1.311.17.1 (OBJ_ms_csp_name) */,
+ 856 /* 1.3.6.1.4.1.311.17.2 (OBJ_LocalKeySet) */,
+ 390 /* 1.3.6.1.4.1.1466.344 (OBJ_dcObject) */,
+ 91 /* 1.3.6.1.4.1.3029.1.2 (OBJ_bf_cbc) */,
+ 315 /* 1.3.6.1.5.5.7.5.1.1 (OBJ_id_regCtrl_regToken) */,
+ 316 /* 1.3.6.1.5.5.7.5.1.2 (OBJ_id_regCtrl_authenticator) */,
+ 317 /* 1.3.6.1.5.5.7.5.1.3 (OBJ_id_regCtrl_pkiPublicationInfo) */,
+ 318 /* 1.3.6.1.5.5.7.5.1.4 (OBJ_id_regCtrl_pkiArchiveOptions) */,
+ 319 /* 1.3.6.1.5.5.7.5.1.5 (OBJ_id_regCtrl_oldCertID) */,
+ 320 /* 1.3.6.1.5.5.7.5.1.6 (OBJ_id_regCtrl_protocolEncrKey) */,
+ 321 /* 1.3.6.1.5.5.7.5.2.1 (OBJ_id_regInfo_utf8Pairs) */,
+ 322 /* 1.3.6.1.5.5.7.5.2.2 (OBJ_id_regInfo_certReq) */,
+ 365 /* 1.3.6.1.5.5.7.48.1.1 (OBJ_id_pkix_OCSP_basic) */,
+ 366 /* 1.3.6.1.5.5.7.48.1.2 (OBJ_id_pkix_OCSP_Nonce) */,
+ 367 /* 1.3.6.1.5.5.7.48.1.3 (OBJ_id_pkix_OCSP_CrlID) */,
+ 368 /* 1.3.6.1.5.5.7.48.1.4 (OBJ_id_pkix_OCSP_acceptableResponses) */,
+ 369 /* 1.3.6.1.5.5.7.48.1.5 (OBJ_id_pkix_OCSP_noCheck) */,
+ 370 /* 1.3.6.1.5.5.7.48.1.6 (OBJ_id_pkix_OCSP_archiveCutoff) */,
+ 371 /* 1.3.6.1.5.5.7.48.1.7 (OBJ_id_pkix_OCSP_serviceLocator) */,
+ 372 /* 1.3.6.1.5.5.7.48.1.8 (OBJ_id_pkix_OCSP_extendedStatus) */,
+ 373 /* 1.3.6.1.5.5.7.48.1.9 (OBJ_id_pkix_OCSP_valid) */,
+ 374 /* 1.3.6.1.5.5.7.48.1.10 (OBJ_id_pkix_OCSP_path) */,
+ 375 /* 1.3.6.1.5.5.7.48.1.11 (OBJ_id_pkix_OCSP_trustRoot) */,
+ 921 /* 1.3.36.3.3.2.8.1.1.1 (OBJ_brainpoolP160r1) */,
+ 922 /* 1.3.36.3.3.2.8.1.1.2 (OBJ_brainpoolP160t1) */,
+ 923 /* 1.3.36.3.3.2.8.1.1.3 (OBJ_brainpoolP192r1) */,
+ 924 /* 1.3.36.3.3.2.8.1.1.4 (OBJ_brainpoolP192t1) */,
+ 925 /* 1.3.36.3.3.2.8.1.1.5 (OBJ_brainpoolP224r1) */,
+ 926 /* 1.3.36.3.3.2.8.1.1.6 (OBJ_brainpoolP224t1) */,
+ 927 /* 1.3.36.3.3.2.8.1.1.7 (OBJ_brainpoolP256r1) */,
+ 928 /* 1.3.36.3.3.2.8.1.1.8 (OBJ_brainpoolP256t1) */,
+ 929 /* 1.3.36.3.3.2.8.1.1.9 (OBJ_brainpoolP320r1) */,
+ 930 /* 1.3.36.3.3.2.8.1.1.10 (OBJ_brainpoolP320t1) */,
+ 931 /* 1.3.36.3.3.2.8.1.1.11 (OBJ_brainpoolP384r1) */,
+ 932 /* 1.3.36.3.3.2.8.1.1.12 (OBJ_brainpoolP384t1) */,
+ 933 /* 1.3.36.3.3.2.8.1.1.13 (OBJ_brainpoolP512r1) */,
+ 934 /* 1.3.36.3.3.2.8.1.1.14 (OBJ_brainpoolP512t1) */,
+ 936 /* 1.3.133.16.840.63.0.2 (OBJ_dhSinglePass_stdDH_sha1kdf_scheme) */,
+ 941 /* 1.3.133.16.840.63.0.3 (OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme) */
+ ,
+ 418 /* 2.16.840.1.101.3.4.1.1 (OBJ_aes_128_ecb) */,
+ 419 /* 2.16.840.1.101.3.4.1.2 (OBJ_aes_128_cbc) */,
+ 420 /* 2.16.840.1.101.3.4.1.3 (OBJ_aes_128_ofb128) */,
+ 421 /* 2.16.840.1.101.3.4.1.4 (OBJ_aes_128_cfb128) */,
+ 788 /* 2.16.840.1.101.3.4.1.5 (OBJ_id_aes128_wrap) */,
+ 895 /* 2.16.840.1.101.3.4.1.6 (OBJ_aes_128_gcm) */,
+ 896 /* 2.16.840.1.101.3.4.1.7 (OBJ_aes_128_ccm) */,
+ 897 /* 2.16.840.1.101.3.4.1.8 (OBJ_id_aes128_wrap_pad) */,
+ 422 /* 2.16.840.1.101.3.4.1.21 (OBJ_aes_192_ecb) */,
+ 423 /* 2.16.840.1.101.3.4.1.22 (OBJ_aes_192_cbc) */,
+ 424 /* 2.16.840.1.101.3.4.1.23 (OBJ_aes_192_ofb128) */,
+ 425 /* 2.16.840.1.101.3.4.1.24 (OBJ_aes_192_cfb128) */,
+ 789 /* 2.16.840.1.101.3.4.1.25 (OBJ_id_aes192_wrap) */,
+ 898 /* 2.16.840.1.101.3.4.1.26 (OBJ_aes_192_gcm) */,
+ 899 /* 2.16.840.1.101.3.4.1.27 (OBJ_aes_192_ccm) */,
+ 900 /* 2.16.840.1.101.3.4.1.28 (OBJ_id_aes192_wrap_pad) */,
+ 426 /* 2.16.840.1.101.3.4.1.41 (OBJ_aes_256_ecb) */,
+ 427 /* 2.16.840.1.101.3.4.1.42 (OBJ_aes_256_cbc) */,
+ 428 /* 2.16.840.1.101.3.4.1.43 (OBJ_aes_256_ofb128) */,
+ 429 /* 2.16.840.1.101.3.4.1.44 (OBJ_aes_256_cfb128) */,
+ 790 /* 2.16.840.1.101.3.4.1.45 (OBJ_id_aes256_wrap) */,
+ 901 /* 2.16.840.1.101.3.4.1.46 (OBJ_aes_256_gcm) */,
+ 902 /* 2.16.840.1.101.3.4.1.47 (OBJ_aes_256_ccm) */,
+ 903 /* 2.16.840.1.101.3.4.1.48 (OBJ_id_aes256_wrap_pad) */,
+ 672 /* 2.16.840.1.101.3.4.2.1 (OBJ_sha256) */,
+ 673 /* 2.16.840.1.101.3.4.2.2 (OBJ_sha384) */,
+ 674 /* 2.16.840.1.101.3.4.2.3 (OBJ_sha512) */,
+ 675 /* 2.16.840.1.101.3.4.2.4 (OBJ_sha224) */,
+ 802 /* 2.16.840.1.101.3.4.3.1 (OBJ_dsa_with_SHA224) */,
+ 803 /* 2.16.840.1.101.3.4.3.2 (OBJ_dsa_with_SHA256) */,
+ 71 /* 2.16.840.1.113730.1.1 (OBJ_netscape_cert_type) */,
+ 72 /* 2.16.840.1.113730.1.2 (OBJ_netscape_base_url) */,
+ 73 /* 2.16.840.1.113730.1.3 (OBJ_netscape_revocation_url) */,
+ 74 /* 2.16.840.1.113730.1.4 (OBJ_netscape_ca_revocation_url) */,
+ 75 /* 2.16.840.1.113730.1.7 (OBJ_netscape_renewal_url) */,
+ 76 /* 2.16.840.1.113730.1.8 (OBJ_netscape_ca_policy_url) */,
+ 77 /* 2.16.840.1.113730.1.12 (OBJ_netscape_ssl_server_name) */,
+ 78 /* 2.16.840.1.113730.1.13 (OBJ_netscape_comment) */,
+ 79 /* 2.16.840.1.113730.2.5 (OBJ_netscape_cert_sequence) */,
+ 139 /* 2.16.840.1.113730.4.1 (OBJ_ns_sgc) */,
+ 458 /* 0.9.2342.19200300.100.1.1 (OBJ_userId) */,
+ 459 /* 0.9.2342.19200300.100.1.2 (OBJ_textEncodedORAddress) */,
+ 460 /* 0.9.2342.19200300.100.1.3 (OBJ_rfc822Mailbox) */,
+ 461 /* 0.9.2342.19200300.100.1.4 (OBJ_info) */,
+ 462 /* 0.9.2342.19200300.100.1.5 (OBJ_favouriteDrink) */,
+ 463 /* 0.9.2342.19200300.100.1.6 (OBJ_roomNumber) */,
+ 464 /* 0.9.2342.19200300.100.1.7 (OBJ_photo) */,
+ 465 /* 0.9.2342.19200300.100.1.8 (OBJ_userClass) */,
+ 466 /* 0.9.2342.19200300.100.1.9 (OBJ_host) */,
+ 467 /* 0.9.2342.19200300.100.1.10 (OBJ_manager) */,
+ 468 /* 0.9.2342.19200300.100.1.11 (OBJ_documentIdentifier) */,
+ 469 /* 0.9.2342.19200300.100.1.12 (OBJ_documentTitle) */,
+ 470 /* 0.9.2342.19200300.100.1.13 (OBJ_documentVersion) */,
+ 471 /* 0.9.2342.19200300.100.1.14 (OBJ_documentAuthor) */,
+ 472 /* 0.9.2342.19200300.100.1.15 (OBJ_documentLocation) */,
+ 473 /* 0.9.2342.19200300.100.1.20 (OBJ_homeTelephoneNumber) */,
+ 474 /* 0.9.2342.19200300.100.1.21 (OBJ_secretary) */,
+ 475 /* 0.9.2342.19200300.100.1.22 (OBJ_otherMailbox) */,
+ 476 /* 0.9.2342.19200300.100.1.23 (OBJ_lastModifiedTime) */,
+ 477 /* 0.9.2342.19200300.100.1.24 (OBJ_lastModifiedBy) */,
+ 391 /* 0.9.2342.19200300.100.1.25 (OBJ_domainComponent) */,
+ 478 /* 0.9.2342.19200300.100.1.26 (OBJ_aRecord) */,
+ 479 /* 0.9.2342.19200300.100.1.27 (OBJ_pilotAttributeType27) */,
+ 480 /* 0.9.2342.19200300.100.1.28 (OBJ_mXRecord) */,
+ 481 /* 0.9.2342.19200300.100.1.29 (OBJ_nSRecord) */,
+ 482 /* 0.9.2342.19200300.100.1.30 (OBJ_sOARecord) */,
+ 483 /* 0.9.2342.19200300.100.1.31 (OBJ_cNAMERecord) */,
+ 484 /* 0.9.2342.19200300.100.1.37 (OBJ_associatedDomain) */,
+ 485 /* 0.9.2342.19200300.100.1.38 (OBJ_associatedName) */,
+ 486 /* 0.9.2342.19200300.100.1.39 (OBJ_homePostalAddress) */,
+ 487 /* 0.9.2342.19200300.100.1.40 (OBJ_personalTitle) */,
+ 488 /* 0.9.2342.19200300.100.1.41 (OBJ_mobileTelephoneNumber) */,
+ 489 /* 0.9.2342.19200300.100.1.42 (OBJ_pagerTelephoneNumber) */,
+ 490 /* 0.9.2342.19200300.100.1.43 (OBJ_friendlyCountryName) */,
+ 491 /* 0.9.2342.19200300.100.1.45 (OBJ_organizationalStatus) */,
+ 492 /* 0.9.2342.19200300.100.1.46 (OBJ_janetMailbox) */,
+ 493 /* 0.9.2342.19200300.100.1.47 (OBJ_mailPreferenceOption) */,
+ 494 /* 0.9.2342.19200300.100.1.48 (OBJ_buildingName) */,
+ 495 /* 0.9.2342.19200300.100.1.49 (OBJ_dSAQuality) */,
+ 496 /* 0.9.2342.19200300.100.1.50 (OBJ_singleLevelQuality) */,
+ 497 /* 0.9.2342.19200300.100.1.51 (OBJ_subtreeMinimumQuality) */,
+ 498 /* 0.9.2342.19200300.100.1.52 (OBJ_subtreeMaximumQuality) */,
+ 499 /* 0.9.2342.19200300.100.1.53 (OBJ_personalSignature) */,
+ 500 /* 0.9.2342.19200300.100.1.54 (OBJ_dITRedirect) */,
+ 501 /* 0.9.2342.19200300.100.1.55 (OBJ_audio) */,
+ 502 /* 0.9.2342.19200300.100.1.56 (OBJ_documentPublisher) */,
+ 442 /* 0.9.2342.19200300.100.3.4 (OBJ_iA5StringSyntax) */,
+ 443 /* 0.9.2342.19200300.100.3.5 (OBJ_caseIgnoreIA5StringSyntax) */,
+ 444 /* 0.9.2342.19200300.100.4.3 (OBJ_pilotObject) */,
+ 445 /* 0.9.2342.19200300.100.4.4 (OBJ_pilotPerson) */,
+ 446 /* 0.9.2342.19200300.100.4.5 (OBJ_account) */,
+ 447 /* 0.9.2342.19200300.100.4.6 (OBJ_document) */,
+ 448 /* 0.9.2342.19200300.100.4.7 (OBJ_room) */,
+ 449 /* 0.9.2342.19200300.100.4.9 (OBJ_documentSeries) */,
+ 392 /* 0.9.2342.19200300.100.4.13 (OBJ_Domain) */,
+ 450 /* 0.9.2342.19200300.100.4.14 (OBJ_rFC822localPart) */,
+ 451 /* 0.9.2342.19200300.100.4.15 (OBJ_dNSDomain) */,
+ 452 /* 0.9.2342.19200300.100.4.17 (OBJ_domainRelatedObject) */,
+ 453 /* 0.9.2342.19200300.100.4.18 (OBJ_friendlyCountry) */,
+ 454 /* 0.9.2342.19200300.100.4.19 (OBJ_simpleSecurityObject) */,
+ 455 /* 0.9.2342.19200300.100.4.20 (OBJ_pilotOrganization) */,
+ 456 /* 0.9.2342.19200300.100.4.21 (OBJ_pilotDSA) */,
+ 457 /* 0.9.2342.19200300.100.4.22 (OBJ_qualityLabelledData) */,
+ 189 /* 1.2.840.113549.1.9.16.0 (OBJ_id_smime_mod) */,
+ 190 /* 1.2.840.113549.1.9.16.1 (OBJ_id_smime_ct) */,
+ 191 /* 1.2.840.113549.1.9.16.2 (OBJ_id_smime_aa) */,
+ 192 /* 1.2.840.113549.1.9.16.3 (OBJ_id_smime_alg) */,
+ 193 /* 1.2.840.113549.1.9.16.4 (OBJ_id_smime_cd) */,
+ 194 /* 1.2.840.113549.1.9.16.5 (OBJ_id_smime_spq) */,
+ 195 /* 1.2.840.113549.1.9.16.6 (OBJ_id_smime_cti) */,
+ 158 /* 1.2.840.113549.1.9.22.1 (OBJ_x509Certificate) */,
+ 159 /* 1.2.840.113549.1.9.22.2 (OBJ_sdsiCertificate) */,
+ 160 /* 1.2.840.113549.1.9.23.1 (OBJ_x509Crl) */,
+ 144 /* 1.2.840.113549.1.12.1.1 (OBJ_pbe_WithSHA1And128BitRC4) */,
+ 145 /* 1.2.840.113549.1.12.1.2 (OBJ_pbe_WithSHA1And40BitRC4) */,
+ 146 /* 1.2.840.113549.1.12.1.3 (OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC) */,
+ 147 /* 1.2.840.113549.1.12.1.4 (OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC) */,
+ 148 /* 1.2.840.113549.1.12.1.5 (OBJ_pbe_WithSHA1And128BitRC2_CBC) */,
+ 149 /* 1.2.840.113549.1.12.1.6 (OBJ_pbe_WithSHA1And40BitRC2_CBC) */,
+ 171 /* 1.3.6.1.4.1.311.2.1.14 (OBJ_ms_ext_req) */,
+ 134 /* 1.3.6.1.4.1.311.2.1.21 (OBJ_ms_code_ind) */,
+ 135 /* 1.3.6.1.4.1.311.2.1.22 (OBJ_ms_code_com) */,
+ 136 /* 1.3.6.1.4.1.311.10.3.1 (OBJ_ms_ctl_sign) */,
+ 137 /* 1.3.6.1.4.1.311.10.3.3 (OBJ_ms_sgc) */,
+ 138 /* 1.3.6.1.4.1.311.10.3.4 (OBJ_ms_efs) */,
+ 648 /* 1.3.6.1.4.1.311.20.2.2 (OBJ_ms_smartcard_login) */,
+ 649 /* 1.3.6.1.4.1.311.20.2.3 (OBJ_ms_upn) */,
+ 751 /* 1.2.392.200011.61.1.1.1.2 (OBJ_camellia_128_cbc) */,
+ 752 /* 1.2.392.200011.61.1.1.1.3 (OBJ_camellia_192_cbc) */,
+ 753 /* 1.2.392.200011.61.1.1.1.4 (OBJ_camellia_256_cbc) */,
+ 907 /* 1.2.392.200011.61.1.1.3.2 (OBJ_id_camellia128_wrap) */,
+ 908 /* 1.2.392.200011.61.1.1.3.3 (OBJ_id_camellia192_wrap) */,
+ 909 /* 1.2.392.200011.61.1.1.3.4 (OBJ_id_camellia256_wrap) */,
+ 196 /* 1.2.840.113549.1.9.16.0.1 (OBJ_id_smime_mod_cms) */,
+ 197 /* 1.2.840.113549.1.9.16.0.2 (OBJ_id_smime_mod_ess) */,
+ 198 /* 1.2.840.113549.1.9.16.0.3 (OBJ_id_smime_mod_oid) */,
+ 199 /* 1.2.840.113549.1.9.16.0.4 (OBJ_id_smime_mod_msg_v3) */,
+ 200 /* 1.2.840.113549.1.9.16.0.5 (OBJ_id_smime_mod_ets_eSignature_88) */,
+ 201 /* 1.2.840.113549.1.9.16.0.6 (OBJ_id_smime_mod_ets_eSignature_97) */,
+ 202 /* 1.2.840.113549.1.9.16.0.7 (OBJ_id_smime_mod_ets_eSigPolicy_88) */,
+ 203 /* 1.2.840.113549.1.9.16.0.8 (OBJ_id_smime_mod_ets_eSigPolicy_97) */,
+ 204 /* 1.2.840.113549.1.9.16.1.1 (OBJ_id_smime_ct_receipt) */,
+ 205 /* 1.2.840.113549.1.9.16.1.2 (OBJ_id_smime_ct_authData) */,
+ 206 /* 1.2.840.113549.1.9.16.1.3 (OBJ_id_smime_ct_publishCert) */,
+ 207 /* 1.2.840.113549.1.9.16.1.4 (OBJ_id_smime_ct_TSTInfo) */,
+ 208 /* 1.2.840.113549.1.9.16.1.5 (OBJ_id_smime_ct_TDTInfo) */,
+ 209 /* 1.2.840.113549.1.9.16.1.6 (OBJ_id_smime_ct_contentInfo) */,
+ 210 /* 1.2.840.113549.1.9.16.1.7 (OBJ_id_smime_ct_DVCSRequestData) */,
+ 211 /* 1.2.840.113549.1.9.16.1.8 (OBJ_id_smime_ct_DVCSResponseData) */,
+ 786 /* 1.2.840.113549.1.9.16.1.9 (OBJ_id_smime_ct_compressedData) */,
+ 787 /* 1.2.840.113549.1.9.16.1.27 (OBJ_id_ct_asciiTextWithCRLF) */,
+ 212 /* 1.2.840.113549.1.9.16.2.1 (OBJ_id_smime_aa_receiptRequest) */,
+ 213 /* 1.2.840.113549.1.9.16.2.2 (OBJ_id_smime_aa_securityLabel) */,
+ 214 /* 1.2.840.113549.1.9.16.2.3 (OBJ_id_smime_aa_mlExpandHistory) */,
+ 215 /* 1.2.840.113549.1.9.16.2.4 (OBJ_id_smime_aa_contentHint) */,
+ 216 /* 1.2.840.113549.1.9.16.2.5 (OBJ_id_smime_aa_msgSigDigest) */,
+ 217 /* 1.2.840.113549.1.9.16.2.6 (OBJ_id_smime_aa_encapContentType) */,
+ 218 /* 1.2.840.113549.1.9.16.2.7 (OBJ_id_smime_aa_contentIdentifier) */,
+ 219 /* 1.2.840.113549.1.9.16.2.8 (OBJ_id_smime_aa_macValue) */,
+ 220 /* 1.2.840.113549.1.9.16.2.9 (OBJ_id_smime_aa_equivalentLabels) */,
+ 221 /* 1.2.840.113549.1.9.16.2.10 (OBJ_id_smime_aa_contentReference) */,
+ 222 /* 1.2.840.113549.1.9.16.2.11 (OBJ_id_smime_aa_encrypKeyPref) */,
+ 223 /* 1.2.840.113549.1.9.16.2.12 (OBJ_id_smime_aa_signingCertificate) */,
+ 224 /* 1.2.840.113549.1.9.16.2.13 (OBJ_id_smime_aa_smimeEncryptCerts) */,
+ 225 /* 1.2.840.113549.1.9.16.2.14 (OBJ_id_smime_aa_timeStampToken) */,
+ 226 /* 1.2.840.113549.1.9.16.2.15 (OBJ_id_smime_aa_ets_sigPolicyId) */,
+ 227 /* 1.2.840.113549.1.9.16.2.16 (OBJ_id_smime_aa_ets_commitmentType) */,
+ 228 /* 1.2.840.113549.1.9.16.2.17 (OBJ_id_smime_aa_ets_signerLocation) */,
+ 229 /* 1.2.840.113549.1.9.16.2.18 (OBJ_id_smime_aa_ets_signerAttr) */,
+ 230 /* 1.2.840.113549.1.9.16.2.19 (OBJ_id_smime_aa_ets_otherSigCert) */,
+ 231 /* 1.2.840.113549.1.9.16.2.20 (OBJ_id_smime_aa_ets_contentTimestamp) */,
+ 232 /* 1.2.840.113549.1.9.16.2.21 (OBJ_id_smime_aa_ets_CertificateRefs) */,
+ 233 /* 1.2.840.113549.1.9.16.2.22 (OBJ_id_smime_aa_ets_RevocationRefs) */,
+ 234 /* 1.2.840.113549.1.9.16.2.23 (OBJ_id_smime_aa_ets_certValues) */,
+ 235 /* 1.2.840.113549.1.9.16.2.24 (OBJ_id_smime_aa_ets_revocationValues) */,
+ 236 /* 1.2.840.113549.1.9.16.2.25 (OBJ_id_smime_aa_ets_escTimeStamp) */,
+ 237 /* 1.2.840.113549.1.9.16.2.26 (OBJ_id_smime_aa_ets_certCRLTimestamp) */,
+ 238 /* 1.2.840.113549.1.9.16.2.27 (OBJ_id_smime_aa_ets_archiveTimeStamp) */,
+ 239 /* 1.2.840.113549.1.9.16.2.28 (OBJ_id_smime_aa_signatureType) */,
+ 240 /* 1.2.840.113549.1.9.16.2.29 (OBJ_id_smime_aa_dvcs_dvc) */,
+ 241 /* 1.2.840.113549.1.9.16.3.1 (OBJ_id_smime_alg_ESDHwith3DES) */,
+ 242 /* 1.2.840.113549.1.9.16.3.2 (OBJ_id_smime_alg_ESDHwithRC2) */,
+ 243 /* 1.2.840.113549.1.9.16.3.3 (OBJ_id_smime_alg_3DESwrap) */,
+ 244 /* 1.2.840.113549.1.9.16.3.4 (OBJ_id_smime_alg_RC2wrap) */,
+ 245 /* 1.2.840.113549.1.9.16.3.5 (OBJ_id_smime_alg_ESDH) */,
+ 246 /* 1.2.840.113549.1.9.16.3.6 (OBJ_id_smime_alg_CMS3DESwrap) */,
+ 247 /* 1.2.840.113549.1.9.16.3.7 (OBJ_id_smime_alg_CMSRC2wrap) */,
+ 125 /* 1.2.840.113549.1.9.16.3.8 (OBJ_zlib_compression) */,
+ 893 /* 1.2.840.113549.1.9.16.3.9 (OBJ_id_alg_PWRI_KEK) */,
+ 248 /* 1.2.840.113549.1.9.16.4.1 (OBJ_id_smime_cd_ldap) */,
+ 249 /* 1.2.840.113549.1.9.16.5.1 (OBJ_id_smime_spq_ets_sqt_uri) */,
+ 250 /* 1.2.840.113549.1.9.16.5.2 (OBJ_id_smime_spq_ets_sqt_unotice) */,
+ 251 /* 1.2.840.113549.1.9.16.6.1 (OBJ_id_smime_cti_ets_proofOfOrigin) */,
+ 252 /* 1.2.840.113549.1.9.16.6.2 (OBJ_id_smime_cti_ets_proofOfReceipt) */,
+ 253 /* 1.2.840.113549.1.9.16.6.3 (OBJ_id_smime_cti_ets_proofOfDelivery) */,
+ 254 /* 1.2.840.113549.1.9.16.6.4 (OBJ_id_smime_cti_ets_proofOfSender) */,
+ 255 /* 1.2.840.113549.1.9.16.6.5 (OBJ_id_smime_cti_ets_proofOfApproval) */,
+ 256 /* 1.2.840.113549.1.9.16.6.6 (OBJ_id_smime_cti_ets_proofOfCreation) */,
+ 150 /* 1.2.840.113549.1.12.10.1.1 (OBJ_keyBag) */,
+ 151 /* 1.2.840.113549.1.12.10.1.2 (OBJ_pkcs8ShroudedKeyBag) */,
+ 152 /* 1.2.840.113549.1.12.10.1.3 (OBJ_certBag) */,
+ 153 /* 1.2.840.113549.1.12.10.1.4 (OBJ_crlBag) */,
+ 154 /* 1.2.840.113549.1.12.10.1.5 (OBJ_secretBag) */,
+ 155 /* 1.2.840.113549.1.12.10.1.6 (OBJ_safeContentsBag) */,
+ 34 /* 1.3.6.1.4.1.188.7.1.1.2 (OBJ_idea_cbc) */,
};
-
diff --git a/src/crypto/obj/obj_dat.pl b/src/crypto/obj/obj_dat.pl
deleted file mode 100644
index 036ded5..0000000
--- a/src/crypto/obj/obj_dat.pl
+++ /dev/null
@@ -1,309 +0,0 @@
-#!/usr/bin/env perl
-
-# fixes bug in floating point emulation on sparc64 when
-# this script produces off-by-one output on sparc64
-use integer;
-
-if (scalar @ARGV != 2)
- {
- print "Usage: perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h\n";
- exit 1;
- }
-
-sub obj_cmp
- {
- local(@a,@b,$_,$r);
-
- $A=$obj_len{$obj{$nid{$a}}};
- $B=$obj_len{$obj{$nid{$b}}};
-
- $r=($A-$B);
- return($r) if $r != 0;
-
- $A=$obj_der{$obj{$nid{$a}}};
- $B=$obj_der{$obj{$nid{$b}}};
-
- return($A cmp $B);
- }
-
-sub expand_obj
- {
- local(*v)=@_;
- local($k,$d);
- local($i);
-
- do {
- $i=0;
- foreach $k (keys %v)
- {
- if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
- { $i++; }
- }
- } while($i);
- foreach $k (keys %v)
- {
- @a=split(/,/,$v{$k});
- $objn{$k}=$#a+1;
- }
- return(%objn);
- }
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-
-while (<IN>)
- {
- next unless /^\#define\s+(\S+)\s+(.*)$/;
- $v=$1;
- $d=$2;
- $d =~ s/^\"//;
- $d =~ s/\"$//;
- if ($v =~ /^SN_(.*)$/)
- {
- if(defined $snames{$d})
- {
- print "WARNING: Duplicate short name \"$d\"\n";
- }
- else
- { $snames{$d} = "X"; }
- $sn{$1}=$d;
- }
- elsif ($v =~ /^LN_(.*)$/)
- {
- if(defined $lnames{$d})
- {
- print "WARNING: Duplicate long name \"$d\"\n";
- }
- else
- { $lnames{$d} = "X"; }
- $ln{$1}=$d;
- }
- elsif ($v =~ /^NID_(.*)$/)
- { $nid{$d}=$1; }
- elsif ($v =~ /^OBJ_(.*)$/)
- {
- $obj{$1}=$v;
- $objd{$v}=$d;
- }
- }
-close IN;
-
-%ob=&expand_obj(*objd);
-
-@a=sort { $a <=> $b } keys %nid;
-$n=$a[$#a]+1;
-
-@lvalues=();
-$lvalues=0;
-
-for ($i=0; $i<$n; $i++)
- {
- if (!defined($nid{$i}))
- {
- push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
- }
- else
- {
- $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
- $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
-
- if ($sn eq "NULL") {
- $sn=$ln;
- $sn{$nid{$i}} = $ln;
- }
-
- if ($ln eq "NULL") {
- $ln=$sn;
- $ln{$nid{$i}} = $sn;
- }
-
- $out ="{";
- $out.="\"$sn\"";
- $out.=","."\"$ln\"";
- $out.=",NID_$nid{$i},";
- if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
- {
- $v=$objd{$obj{$nid{$i}}};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- $r=&der_it($v);
- $z="";
- $length=0;
- foreach (unpack("C*",$r))
- {
- $z.=sprintf("0x%02X,",$_);
- $length++;
- }
- $obj_der{$obj{$nid{$i}}}=$z;
- $obj_len{$obj{$nid{$i}}}=$length;
-
- push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
- $z,$lvalues,$obj{$nid{$i}}));
- $out.="$length,&(lvalues[$lvalues]),0";
- $lvalues+=$length;
- }
- else
- {
- $out.="0,NULL,0";
- }
- $out.="},\n";
- push(@out,$out);
- }
- }
-
-@a=grep(defined($sn{$nid{$_}}),0 .. $n);
-foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
- {
- push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($ln{$nid{$_}}),0 .. $n);
-foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
- {
- push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
- }
-
-@a=grep(defined($obj{$nid{$_}}) && $objd{$obj{$nid{$_}}} =~ /,/,0 .. $n);
-foreach (sort obj_cmp @a)
- {
- $m=$obj{$nid{$_}};
- $v=$objd{$m};
- $v =~ s/L//g;
- $v =~ s/,/ /g;
- push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
- }
-
-print OUT <<'EOF';
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl ../../include/openssl/nid.h obj_dat.h */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.] */
-
-EOF
-
-printf OUT "#define NUM_NID %d\n",$n;
-printf OUT "#define NUM_SN %d\n",$#sn+1;
-printf OUT "#define NUM_LN %d\n",$#ln+1;
-printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-
-printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
-print OUT @lvalues;
-print OUT "};\n\n";
-
-printf OUT "static const ASN1_OBJECT kObjects[NUM_NID]={\n";
-foreach (@out)
- {
- if (length($_) > 75)
- {
- $out="";
- foreach (split(/,/))
- {
- $t=$out.$_.",";
- if (length($t) > 70)
- {
- print OUT "$out\n";
- $t="\t$_,";
- }
- $out=$t;
- }
- chop $out;
- print OUT "$out";
- }
- else
- { print OUT $_; }
- }
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInShortNameOrder[NUM_SN]={\n";
-print OUT @sn;
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInLongNameOrder[NUM_LN]={\n";
-print OUT @ln;
-print OUT "};\n\n";
-
-printf OUT "static const unsigned int kNIDsInOIDOrder[NUM_OBJ]={\n";
-print OUT @ob;
-print OUT "};\n\n";
-
-close OUT;
-
-sub der_it
- {
- local($v)=@_;
- local(@a,$i,$ret,@r);
-
- @a=split(/\s+/,$v);
- $ret.=pack("C*",$a[0]*40+$a[1]);
- shift @a;
- shift @a;
- foreach (@a)
- {
- @r=();
- $t=0;
- while ($_ >= 128)
- {
- $x=$_%128;
- $_/=128;
- push(@r,((($t++)?0x80:0)|$x));
- }
- push(@r,((($t++)?0x80:0)|$_));
- $ret.=pack("C*",reverse(@r));
- }
- return($ret);
- }
diff --git a/src/crypto/obj/obj_mac.num b/src/crypto/obj/obj_mac.num
index 074657a..ef19a6d 100644
--- a/src/crypto/obj/obj_mac.num
+++ b/src/crypto/obj/obj_mac.num
@@ -100,7 +100,6 @@
givenName 99
surname 100
initials 101
-uniqueIdentifier 102
crl_distribution_points 103
md5WithRSA 104
serialNumber 105
@@ -121,7 +120,6 @@
rc5_ecb 121
rc5_cfb64 122
rc5_ofb64 123
-rle_compression 124
zlib_compression 125
ext_key_usage 126
id_pkix 127
@@ -347,7 +345,6 @@
id_on_personalData 347
id_pda_dateOfBirth 348
id_pda_placeOfBirth 349
-id_pda_pseudonym 350
id_pda_gender 351
id_pda_countryOfCitizenship 352
id_pda_countryOfResidence 353
@@ -390,7 +387,6 @@
dcObject 390
domainComponent 391
Domain 392
-joint_iso_ccitt 393
selected_attribute_types 394
clearance 395
md4WithRSAEncryption 396
@@ -401,7 +397,6 @@
policy_constraints 401
target_information 402
no_rev_avail 403
-ccitt 404
ansi_X9_62 405
X9_62_prime_field 406
X9_62_characteristic_two_field 407
@@ -508,7 +503,6 @@
id_hex_multipart_message 508
generationQualifier 509
pseudonym 510
-InternationalRA 511
id_set 512
set_ctype 513
set_msgExt 514
@@ -769,10 +763,7 @@
subject_directory_attributes 769
issuing_distribution_point 770
certificate_issuer 771
-korea 772
kisa 773
-kftc 774
-npki_alg 775
seed_ecb 776
seed_cbc 777
seed_ofb128 778
diff --git a/src/crypto/obj/obj_test.cc b/src/crypto/obj/obj_test.cc
index 4813b05..6c9dc3f 100644
--- a/src/crypto/obj/obj_test.cc
+++ b/src/crypto/obj/obj_test.cc
@@ -20,6 +20,8 @@
#include <openssl/crypto.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
static bool TestBasic() {
static const int kNID = NID_sha256WithRSAEncryption;
@@ -97,7 +99,7 @@
static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,
bool always_return_oid, const char *expected) {
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = der;
obj.length = static_cast<int>(der_len);
@@ -112,7 +114,7 @@
}
char short_buf[1];
- memset(short_buf, 0xff, sizeof(short_buf));
+ OPENSSL_memset(short_buf, 0xff, sizeof(short_buf));
len = OBJ_obj2txt(short_buf, sizeof(short_buf), &obj, always_return_oid);
if (len != expected_len) {
fprintf(stderr,
@@ -121,7 +123,7 @@
return false;
}
- if (memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
+ if (OPENSSL_memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 1 did not NUL-terminate the "
"output.\n",
@@ -186,7 +188,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
// kNonMinimalOID is kBasicConstraints with the final component non-minimally
// encoded.
diff --git a/src/crypto/obj/obj_xref.c b/src/crypto/obj/obj_xref.c
index 70babea..7b4ff12 100644
--- a/src/crypto/obj/obj_xref.c
+++ b/src/crypto/obj/obj_xref.c
@@ -56,69 +56,67 @@
#include <openssl/obj.h>
-#include <stdlib.h>
-
-#include "obj_xref.h"
+#include "../internal.h"
-static int nid_triple_cmp_by_sign_id(const void *in_a, const void *in_b) {
- const nid_triple *a = in_a;
- const nid_triple *b = in_b;
+typedef struct {
+ int sign_nid;
+ int digest_nid;
+ int pkey_nid;
+} nid_triple;
- return a->sign_id - b->sign_id;
-}
+static const nid_triple kTriples[] = {
+ /* RSA PKCS#1. */
+ {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
+ {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
+ {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
+ {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
+ {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
+ {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
+ {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
+ /* DSA. */
+ {NID_dsaWithSHA1, NID_sha1, NID_dsa},
+ {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
+ {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
+ {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
+ /* ECDSA. */
+ {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
+ {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
+ /* For PSS the digest algorithm can vary and depends on the included
+ * AlgorithmIdentifier. The digest "undef" indicates the public key method
+ * should handle this explicitly. */
+ {NID_rsassaPss, NID_undef, NID_rsaEncryption},
+};
int OBJ_find_sigid_algs(int sign_nid, int *out_digest_nid, int *out_pkey_nid) {
- nid_triple key;
- const nid_triple *triple;
-
- key.sign_id = sign_nid;
-
- triple = bsearch(&key, sigoid_srt, sizeof(sigoid_srt) / sizeof(nid_triple),
- sizeof(nid_triple), nid_triple_cmp_by_sign_id);
-
- if (triple == NULL) {
- return 0;
- }
- if (out_digest_nid) {
- *out_digest_nid = triple->hash_id;
- }
- if (out_pkey_nid) {
- *out_pkey_nid = triple->pkey_id;
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
+ if (kTriples[i].sign_nid == sign_nid) {
+ if (out_digest_nid != NULL) {
+ *out_digest_nid = kTriples[i].digest_nid;
+ }
+ if (out_pkey_nid != NULL) {
+ *out_pkey_nid = kTriples[i].pkey_nid;
+ }
+ return 1;
+ }
}
- return 1;
-}
-
-static int nid_triple_cmp_by_digest_and_hash(const void *in_a,
- const void *in_b) {
- const nid_triple *a = *((nid_triple**) in_a);
- const nid_triple *b = *((nid_triple**) in_b);
-
- int ret = a->hash_id - b->hash_id;
- if (ret) {
- return ret;
- }
- return a->pkey_id - b->pkey_id;
+ return 0;
}
int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid, int pkey_nid) {
- nid_triple key, *pkey;
- const nid_triple **triple;
-
- key.hash_id = digest_nid;
- key.pkey_id = pkey_nid;
- pkey = &key;
-
- triple = bsearch(&pkey, sigoid_srt_xref,
- sizeof(sigoid_srt_xref) / sizeof(nid_triple *),
- sizeof(nid_triple *), nid_triple_cmp_by_digest_and_hash);
-
- if (triple == NULL) {
- return 0;
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kTriples); i++) {
+ if (kTriples[i].digest_nid == digest_nid &&
+ kTriples[i].pkey_nid == pkey_nid) {
+ if (out_sign_nid != NULL) {
+ *out_sign_nid = kTriples[i].sign_nid;
+ }
+ return 1;
+ }
}
- if (out_sign_nid) {
- *out_sign_nid = (*triple)->sign_id;
- }
- return 1;
+
+ return 0;
}
diff --git a/src/crypto/obj/obj_xref.h b/src/crypto/obj/obj_xref.h
deleted file mode 100644
index b2082f5..0000000
--- a/src/crypto/obj/obj_xref.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* THIS FILE IS GENERATED FROM obj_xref.txt by obj_xref.pl via the
- * following command:
- * perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h */
-
-typedef struct
- {
- int sign_id;
- int hash_id;
- int pkey_id;
- } nid_triple;
-
-static const nid_triple sigoid_srt[] =
- {
- {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
- {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
- {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
- {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
- {NID_dsaWithSHA, NID_sha, NID_dsa},
- {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
- {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
- {NID_md5WithRSA, NID_md5, NID_rsa},
- {NID_dsaWithSHA1, NID_sha1, NID_dsa},
- {NID_sha1WithRSA, NID_sha1, NID_rsa},
- {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
- {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
- {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
- {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
- {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
- {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
- {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
- {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
- {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
- {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
- {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
- {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
- {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
- {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
- {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
- {NID_rsassaPss, NID_undef, NID_rsaEncryption},
- {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
- {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
- {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
- {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
- };
-
-static const nid_triple * const sigoid_srt_xref[] =
- {
- &sigoid_srt[0],
- &sigoid_srt[1],
- &sigoid_srt[7],
- &sigoid_srt[2],
- &sigoid_srt[4],
- &sigoid_srt[3],
- &sigoid_srt[9],
- &sigoid_srt[5],
- &sigoid_srt[8],
- &sigoid_srt[12],
- &sigoid_srt[30],
- &sigoid_srt[35],
- &sigoid_srt[6],
- &sigoid_srt[10],
- &sigoid_srt[11],
- &sigoid_srt[13],
- &sigoid_srt[24],
- &sigoid_srt[20],
- &sigoid_srt[32],
- &sigoid_srt[37],
- &sigoid_srt[14],
- &sigoid_srt[21],
- &sigoid_srt[33],
- &sigoid_srt[38],
- &sigoid_srt[15],
- &sigoid_srt[22],
- &sigoid_srt[34],
- &sigoid_srt[39],
- &sigoid_srt[16],
- &sigoid_srt[23],
- &sigoid_srt[19],
- &sigoid_srt[31],
- &sigoid_srt[36],
- &sigoid_srt[25],
- &sigoid_srt[26],
- &sigoid_srt[27],
- &sigoid_srt[28],
- };
-
diff --git a/src/crypto/obj/obj_xref.pl b/src/crypto/obj/obj_xref.pl
deleted file mode 100644
index 51dd68f..0000000
--- a/src/crypto/obj/obj_xref.pl
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/bin/env perl
-
-use strict;
-
-if (scalar @ARGV != 2)
- {
- print "Usage: perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h\n";
- exit 1;
- }
-
-my %xref_tbl;
-my %oid_tbl;
-
-my ($mac_file, $xref_file) = @ARGV;
-
-open(IN, $mac_file) || die "Can't open $mac_file";
-
-# Read in OID nid values for a lookup table.
-
-while (<IN>)
- {
- chomp;
- my ($name, $num) = /^(\S+)\s+(\S+)$/;
- $oid_tbl{$name} = $num;
- }
-close IN;
-
-open(IN, $xref_file) || die "Can't open $xref_file";
-
-my $ln = 1;
-
-while (<IN>)
- {
- chomp;
- s/#.*$//;
- next if (/^\S*$/);
- my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
- check_oid($xr);
- check_oid($p1);
- check_oid($p2);
- $xref_tbl{$xr} = [$p1, $p2, $ln];
- }
-
-my @xrkeys = keys %xref_tbl;
-
-my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
-
-for(my $i = 0; $i <= $#srt1; $i++)
- {
- $xref_tbl{$srt1[$i]}[2] = $i;
- }
-
-my @srt2 = sort
- {
- my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
- my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
- return $ap1 - $bp1 if ($ap1 != $bp1);
- my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
- my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
-
- return $ap2 - $bp2;
- } @xrkeys;
-
-my $pname = $0;
-
-$pname =~ s|^.[^/]/||;
-
-print <<EOF;
-/* THIS FILE IS GENERATED FROM obj_xref.txt by obj_xref.pl via the
- * following command:
- * perl obj_xref.pl obj_mac.num obj_xref.txt > obj_xref.h */
-
-typedef struct
- {
- int sign_id;
- int hash_id;
- int pkey_id;
- } nid_triple;
-
-static const nid_triple sigoid_srt[] =
- {
-EOF
-
-foreach (@srt1)
- {
- my $xr = $_;
- my ($p1, $p2) = @{$xref_tbl{$_}};
- print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
- }
-
-print "\t};";
-print <<EOF;
-
-
-static const nid_triple * const sigoid_srt_xref[] =
- {
-EOF
-
-foreach (@srt2)
- {
- my ($p1, $p2, $x) = @{$xref_tbl{$_}};
- # If digest or signature algorithm is "undef" then the algorithm
- # needs special handling and is excluded from the cross reference table.
- next if $p1 eq "undef" || $p2 eq "undef";
- print "\t\&sigoid_srt\[$x\],\n";
- }
-
-print "\t};\n\n";
-
-sub check_oid
- {
- my ($chk) = @_;
- if (!exists $oid_tbl{$chk})
- {
- die "Not Found \"$chk\"\n";
- }
- }
-
diff --git a/src/crypto/obj/obj_xref.txt b/src/crypto/obj/obj_xref.txt
deleted file mode 100644
index 19c9422..0000000
--- a/src/crypto/obj/obj_xref.txt
+++ /dev/null
@@ -1,58 +0,0 @@
-# OID cross reference table.
-# Links signatures OIDs to their corresponding public key algorithms
-# and digests.
-
-md2WithRSAEncryption md2 rsaEncryption
-md5WithRSAEncryption md5 rsaEncryption
-shaWithRSAEncryption sha rsaEncryption
-sha1WithRSAEncryption sha1 rsaEncryption
-md4WithRSAEncryption md4 rsaEncryption
-sha256WithRSAEncryption sha256 rsaEncryption
-sha384WithRSAEncryption sha384 rsaEncryption
-sha512WithRSAEncryption sha512 rsaEncryption
-sha224WithRSAEncryption sha224 rsaEncryption
-mdc2WithRSA mdc2 rsaEncryption
-ripemd160WithRSA ripemd160 rsaEncryption
-# For PSS the digest algorithm can vary and depends on the included
-# AlgorithmIdentifier. The digest "undef" indicates the public key
-# method should handle this explicitly.
-rsassaPss undef rsaEncryption
-
-# Alternative deprecated OIDs. By using the older "rsa" OID this
-# type will be recognized by not normally used.
-
-md5WithRSA md5 rsa
-sha1WithRSA sha1 rsa
-
-dsaWithSHA sha dsa
-dsaWithSHA1 sha1 dsa
-
-dsaWithSHA1_2 sha1 dsa_2
-
-ecdsa_with_SHA1 sha1 X9_62_id_ecPublicKey
-ecdsa_with_SHA224 sha224 X9_62_id_ecPublicKey
-ecdsa_with_SHA256 sha256 X9_62_id_ecPublicKey
-ecdsa_with_SHA384 sha384 X9_62_id_ecPublicKey
-ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey
-ecdsa_with_Recommended undef X9_62_id_ecPublicKey
-ecdsa_with_Specified undef X9_62_id_ecPublicKey
-
-dsa_with_SHA224 sha224 dsa
-dsa_with_SHA256 sha256 dsa
-
-id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001
-id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94
-id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc
-id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
-# ECDH KDFs and their corresponding message digests and schemes
-dhSinglePass_stdDH_sha1kdf_scheme sha1 dh_std_kdf
-dhSinglePass_stdDH_sha224kdf_scheme sha224 dh_std_kdf
-dhSinglePass_stdDH_sha256kdf_scheme sha256 dh_std_kdf
-dhSinglePass_stdDH_sha384kdf_scheme sha384 dh_std_kdf
-dhSinglePass_stdDH_sha512kdf_scheme sha512 dh_std_kdf
-
-dhSinglePass_cofactorDH_sha1kdf_scheme sha1 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha224kdf_scheme sha224 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha256kdf_scheme sha256 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha384kdf_scheme sha384 dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha512kdf_scheme sha512 dh_cofactor_kdf
diff --git a/src/crypto/obj/objects.go b/src/crypto/obj/objects.go
new file mode 100644
index 0000000..28887c0
--- /dev/null
+++ b/src/crypto/obj/objects.go
@@ -0,0 +1,732 @@
+// Copyright (c) 2016, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+package main
+
+import (
+ "bufio"
+ "bytes"
+ "errors"
+ "fmt"
+ "io/ioutil"
+ "os"
+ "os/exec"
+ "sort"
+ "strconv"
+ "strings"
+)
+
+func sanitizeName(in string) string {
+ in = strings.Replace(in, "-", "_", -1)
+ in = strings.Replace(in, ".", "_", -1)
+ in = strings.Replace(in, " ", "_", -1)
+ return in
+}
+
+type object struct {
+ name string
+ // shortName and longName are the short and long names, respectively. If
+ // one is missing, it takes the value of the other, but the
+ // corresponding SN_foo or LN_foo macro is not defined.
+ shortName, longName string
+ hasShortName, hasLongName bool
+ oid []int
+ encoded []byte
+}
+
+type objects struct {
+ // byNID is the list of all objects, indexed by nid.
+ byNID []object
+ // nameToNID is a map from object name to nid.
+ nameToNID map[string]int
+}
+
+func readNumbers(path string) (nameToNID map[string]int, numNIDs int, err error) {
+ in, err := os.Open(path)
+ if err != nil {
+ return nil, 0, err
+ }
+ defer in.Close()
+
+ nameToNID = make(map[string]int)
+ nidsSeen := make(map[int]struct{})
+
+ // Reserve NID 0 for NID_undef.
+ numNIDs = 1
+ nameToNID["undef"] = 0
+ nidsSeen[0] = struct{}{}
+
+ var lineNo int
+ scanner := bufio.NewScanner(in)
+ for scanner.Scan() {
+ line := scanner.Text()
+ lineNo++
+ withLine := func(err error) error {
+ return fmt.Errorf("%s:%d: %s", path, lineNo, err)
+ }
+
+ fields := strings.Fields(line)
+ if len(fields) == 0 {
+ // Skip blank lines.
+ continue
+ }
+
+ // Each line is a name and a nid, separated by space.
+ if len(fields) != 2 {
+ return nil, 0, withLine(errors.New("syntax error"))
+ }
+ name := fields[0]
+ nid, err := strconv.Atoi(fields[1])
+ if err != nil {
+ return nil, 0, withLine(err)
+ }
+ if nid < 0 {
+ return nil, 0, withLine(errors.New("invalid NID"))
+ }
+
+ // NID_undef is implicitly defined.
+ if name == "undef" && nid == 0 {
+ continue
+ }
+
+ // Forbid duplicates.
+ if _, ok := nameToNID[name]; ok {
+ return nil, 0, withLine(fmt.Errorf("duplicate name %q", name))
+ }
+ if _, ok := nidsSeen[nid]; ok {
+ return nil, 0, withLine(fmt.Errorf("duplicate NID %d", nid))
+ }
+
+ nameToNID[name] = nid
+ nidsSeen[nid] = struct{}{}
+
+ if nid >= numNIDs {
+ numNIDs = nid + 1
+ }
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, 0, fmt.Errorf("error reading %s: %s", path, err)
+ }
+
+ return nameToNID, numNIDs, nil
+}
+
+func parseOID(aliases map[string][]int, in []string) (oid []int, err error) {
+ if len(in) == 0 {
+ return
+ }
+
+ // The first entry may be a reference to a previous alias.
+ if alias, ok := aliases[sanitizeName(in[0])]; ok {
+ in = in[1:]
+ oid = append(oid, alias...)
+ }
+
+ for _, c := range in {
+ val, err := strconv.Atoi(c)
+ if err != nil {
+ return nil, err
+ }
+ if val < 0 {
+ return nil, fmt.Errorf("negative component")
+ }
+ oid = append(oid, val)
+ }
+ return
+}
+
+func appendBase128(dst []byte, value int) []byte {
+ // Zero is encoded with one, not zero bytes.
+ if value == 0 {
+ return append(dst, 0)
+ }
+
+ // Count how many bytes are needed.
+ var l int
+ for n := value; n != 0; n >>= 7 {
+ l++
+ }
+ for ; l > 0; l-- {
+ b := byte(value>>uint(7*(l-1))) & 0x7f
+ if l > 1 {
+ b |= 0x80
+ }
+ dst = append(dst, b)
+ }
+ return dst
+}
+
+func encodeOID(oid []int) []byte {
+ if len(oid) < 2 {
+ return nil
+ }
+
+ var der []byte
+ der = appendBase128(der, 40*oid[0]+oid[1])
+ for _, value := range oid[2:] {
+ der = appendBase128(der, value)
+ }
+ return der
+}
+
+func readObjects(numPath, objectsPath string) (*objects, error) {
+ nameToNID, numNIDs, err := readNumbers(numPath)
+ if err != nil {
+ return nil, err
+ }
+
+ in, err := os.Open(objectsPath)
+ if err != nil {
+ return nil, err
+ }
+ defer in.Close()
+
+ // Implicitly define NID_undef.
+ objs := &objects{
+ byNID: make([]object, numNIDs),
+ nameToNID: make(map[string]int),
+ }
+
+ objs.byNID[0] = object{
+ name: "undef",
+ shortName: "UNDEF",
+ longName: "undefined",
+ hasShortName: true,
+ hasLongName: true,
+ }
+ objs.nameToNID["undef"] = 0
+
+ var module, nextName string
+ var lineNo int
+ longNamesSeen := make(map[string]struct{})
+ shortNamesSeen := make(map[string]struct{})
+ aliases := make(map[string][]int)
+ scanner := bufio.NewScanner(in)
+ for scanner.Scan() {
+ line := scanner.Text()
+ lineNo++
+ withLine := func(err error) error {
+ return fmt.Errorf("%s:%d: %s", objectsPath, lineNo, err)
+ }
+
+ // Remove comments.
+ idx := strings.IndexRune(line, '#')
+ if idx >= 0 {
+ line = line[:idx]
+ }
+
+ // Skip empty lines.
+ line = strings.TrimSpace(line)
+ if len(line) == 0 {
+ continue
+ }
+
+ if line[0] == '!' {
+ args := strings.Fields(line)
+ switch args[0] {
+ case "!module":
+ if len(args) != 2 {
+ return nil, withLine(errors.New("too many arguments"))
+ }
+ module = sanitizeName(args[1]) + "_"
+ case "!global":
+ module = ""
+ case "!Cname":
+ // !Cname directives override the name for the
+ // next object.
+ if len(args) != 2 {
+ return nil, withLine(errors.New("too many arguments"))
+ }
+ nextName = sanitizeName(args[1])
+ case "!Alias":
+ // !Alias directives define an alias for an OID
+ // without emitting an object.
+ if len(nextName) != 0 {
+ return nil, withLine(errors.New("!Cname directives may not modify !Alias directives."))
+ }
+ if len(args) < 3 {
+ return nil, withLine(errors.New("not enough arguments"))
+ }
+ aliasName := module + sanitizeName(args[1])
+ oid, err := parseOID(aliases, args[2:])
+ if err != nil {
+ return nil, withLine(err)
+ }
+ if _, ok := aliases[aliasName]; ok {
+ return nil, withLine(fmt.Errorf("duplicate name '%s'", aliasName))
+ }
+ aliases[aliasName] = oid
+ default:
+ return nil, withLine(fmt.Errorf("unknown directive '%s'", args[0]))
+ }
+ continue
+ }
+
+ fields := strings.Split(line, ":")
+ if len(fields) < 2 || len(fields) > 3 {
+ return nil, withLine(errors.New("invalid field count"))
+ }
+
+ obj := object{name: nextName}
+ nextName = ""
+
+ var err error
+ obj.oid, err = parseOID(aliases, strings.Fields(fields[0]))
+ if err != nil {
+ return nil, withLine(err)
+ }
+ obj.encoded = encodeOID(obj.oid)
+
+ obj.shortName = strings.TrimSpace(fields[1])
+ if len(fields) == 3 {
+ obj.longName = strings.TrimSpace(fields[2])
+ }
+
+ // Long and short names default to each other if missing.
+ if len(obj.shortName) == 0 {
+ obj.shortName = obj.longName
+ } else {
+ obj.hasShortName = true
+ }
+ if len(obj.longName) == 0 {
+ obj.longName = obj.shortName
+ } else {
+ obj.hasLongName = true
+ }
+ if len(obj.shortName) == 0 || len(obj.longName) == 0 {
+ return nil, withLine(errors.New("object with no name"))
+ }
+
+ // If not already specified, prefer the long name if it has no
+ // spaces, otherwise the short name.
+ if len(obj.name) == 0 && strings.IndexRune(obj.longName, ' ') < 0 {
+ obj.name = sanitizeName(obj.longName)
+ }
+ if len(obj.name) == 0 {
+ obj.name = sanitizeName(obj.shortName)
+ }
+ obj.name = module + obj.name
+
+ // Check for duplicate names.
+ if _, ok := aliases[obj.name]; ok {
+ return nil, withLine(fmt.Errorf("duplicate name '%s'", obj.name))
+ }
+ if _, ok := shortNamesSeen[obj.shortName]; ok && len(obj.shortName) > 0 {
+ return nil, withLine(fmt.Errorf("duplicate short name '%s'", obj.shortName))
+ }
+ if _, ok := longNamesSeen[obj.longName]; ok && len(obj.longName) > 0 {
+ return nil, withLine(fmt.Errorf("duplicate long name '%s'", obj.longName))
+ }
+
+ // Allocate a NID.
+ nid, ok := nameToNID[obj.name]
+ if !ok {
+ nid = len(objs.byNID)
+ objs.byNID = append(objs.byNID, object{})
+ }
+
+ objs.byNID[nid] = obj
+ objs.nameToNID[obj.name] = nid
+
+ longNamesSeen[obj.longName] = struct{}{}
+ shortNamesSeen[obj.shortName] = struct{}{}
+ aliases[obj.name] = obj.oid
+ }
+ if err := scanner.Err(); err != nil {
+ return nil, err
+ }
+
+ return objs, nil
+}
+
+func writeNumbers(path string, objs *objects) error {
+ out, err := os.Create(path)
+ if err != nil {
+ return err
+ }
+ defer out.Close()
+
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ continue
+ }
+ if _, err := fmt.Fprintf(out, "%s\t\t%d\n", obj.name, nid); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func clangFormat(input string) (string, error) {
+ var b bytes.Buffer
+ cmd := exec.Command("clang-format")
+ cmd.Stdin = strings.NewReader(input)
+ cmd.Stdout = &b
+ cmd.Stderr = os.Stderr
+ if err := cmd.Run(); err != nil {
+ return "", err
+ }
+ return b.String(), nil
+}
+
+func writeHeader(path string, objs *objects) error {
+ var b bytes.Buffer
+ fmt.Fprintf(&b, `/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG `+"``"+`AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+/* This file is generated by crypto/obj/objects.go. */
+
+#ifndef OPENSSL_HEADER_NID_H
+#define OPENSSL_HEADER_NID_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+/* The nid library provides numbered values for ASN.1 object identifiers and
+ * other symbols. These values are used by other libraries to identify
+ * cryptographic primitives.
+ *
+ * A separate objects library, obj.h, provides functions for converting between
+ * nids and object identifiers. However it depends on large internal tables with
+ * the encodings of every nid defined. Consumers concerned with binary size
+ * should instead embed the encodings of the few consumed OIDs and compare
+ * against those.
+ *
+ * These values should not be used outside of a single process; they are not
+ * stable identifiers. */
+
+
+`)
+
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ continue
+ }
+
+ if obj.hasShortName {
+ fmt.Fprintf(&b, "#define SN_%s \"%s\"\n", obj.name, obj.shortName)
+ }
+ if obj.hasLongName {
+ fmt.Fprintf(&b, "#define LN_%s \"%s\"\n", obj.name, obj.longName)
+ }
+ fmt.Fprintf(&b, "#define NID_%s %d\n", obj.name, nid)
+
+ // Although NID_undef does not have an OID, OpenSSL emits
+ // OBJ_undef as if it were zero.
+ oid := obj.oid
+ if nid == 0 {
+ oid = []int{0}
+ }
+ if len(oid) != 0 {
+ var oidStr string
+ for _, val := range oid {
+ if len(oidStr) != 0 {
+ oidStr += ","
+ }
+ oidStr += fmt.Sprintf("%dL", val)
+ }
+
+ fmt.Fprintf(&b, "#define OBJ_%s %s\n", obj.name, oidStr)
+ }
+
+ fmt.Fprintf(&b, "\n")
+ }
+
+ fmt.Fprintf(&b, `
+#if defined(__cplusplus)
+} /* extern C */
+#endif
+
+#endif /* OPENSSL_HEADER_NID_H */
+`)
+
+ formatted, err := clangFormat(b.String())
+ if err != nil {
+ return err
+ }
+
+ return ioutil.WriteFile(path, []byte(formatted), 0666)
+}
+
+// TODO(davidben): Replace this with sort.Slice once Go 1.8 is sufficiently
+// common.
+type nidSorter struct {
+ nids []int
+ objs *objects
+ cmp func(a, b object) bool
+}
+
+func (a nidSorter) obj(i int) object { return a.objs.byNID[a.nids[i]] }
+func (a nidSorter) Len() int { return len(a.nids) }
+func (a nidSorter) Swap(i, j int) { a.nids[i], a.nids[j] = a.nids[j], a.nids[i] }
+func (a nidSorter) Less(i, j int) bool { return a.cmp(a.obj(i), a.obj(j)) }
+
+func sortNIDs(nids []int, objs *objects, cmp func(a, b object) bool) {
+ sort.Sort(&nidSorter{nids, objs, cmp})
+}
+
+func writeData(path string, objs *objects) error {
+ var b bytes.Buffer
+ fmt.Fprintf(&b, `/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG `+"``"+`AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.] */
+
+/* This file is generated by crypto/obj/objects.go. */
+
+
+`)
+
+ fmt.Fprintf(&b, "#define NUM_NID %d\n", len(objs.byNID))
+
+ // Emit each object's DER encoding, concatenated, and save the offsets.
+ fmt.Fprintf(&b, "\nstatic const uint8_t kObjectData[] = {\n")
+ offsets := make([]int, len(objs.byNID))
+ var nextOffset int
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.encoded) == 0 {
+ offsets[nid] = -1
+ continue
+ }
+
+ offsets[nid] = nextOffset
+ nextOffset += len(obj.encoded)
+ fmt.Fprintf(&b, "/* NID_%s */\n", obj.name)
+ for _, val := range obj.encoded {
+ fmt.Fprintf(&b, "0x%02x, ", val)
+ }
+ fmt.Fprintf(&b, "\n")
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit an ASN1_OBJECT for each object.
+ fmt.Fprintf(&b, "\nstatic const ASN1_OBJECT kObjects[NUM_NID] = {\n")
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 {
+ fmt.Fprintf(&b, "{NULL, NULL, NID_undef, 0, NULL, 0},\n")
+ continue
+ }
+
+ fmt.Fprintf(&b, "{\"%s\", \"%s\", NID_%s, ", obj.shortName, obj.longName, obj.name)
+ if offset := offsets[nid]; offset >= 0 {
+ fmt.Fprintf(&b, "%d, &kObjectData[%d], 0},\n", len(obj.encoded), offset)
+ } else {
+ fmt.Fprintf(&b, "0, NULL, 0},\n")
+ }
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by short name.
+ var nids []int
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.shortName) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool { return a.shortName < b.shortName })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInShortNameOrder[] = {\n")
+ for _, nid := range nids {
+ fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].shortName)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by long name.
+ nids = nil
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.longName) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool { return a.longName < b.longName })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInLongNameOrder[] = {\n")
+ for _, nid := range nids {
+ fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].longName)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ // Emit a list of NIDs sorted by OID.
+ nids = nil
+ for nid, obj := range objs.byNID {
+ if len(obj.name) == 0 || len(obj.encoded) == 0 {
+ continue
+ }
+ nids = append(nids, nid)
+ }
+ sortNIDs(nids, objs, func(a, b object) bool {
+ // This comparison must match the definition of |obj_cmp|.
+ if len(a.encoded) < len(b.encoded) {
+ return true
+ }
+ if len(a.encoded) > len(b.encoded) {
+ return false
+ }
+ return bytes.Compare(a.encoded, b.encoded) < 0
+ })
+
+ fmt.Fprintf(&b, "\nstatic const unsigned kNIDsInOIDOrder[] = {\n")
+ for _, nid := range nids {
+ obj := objs.byNID[nid]
+ fmt.Fprintf(&b, "%d /* ", nid)
+ for i, c := range obj.oid {
+ if i > 0 {
+ fmt.Fprintf(&b, ".")
+ }
+ fmt.Fprintf(&b, "%d", c)
+ }
+ fmt.Fprintf(&b, " (OBJ_%s) */,\n", obj.name)
+ }
+ fmt.Fprintf(&b, "};\n")
+
+ formatted, err := clangFormat(b.String())
+ if err != nil {
+ return err
+ }
+
+ return ioutil.WriteFile(path, []byte(formatted), 0666)
+}
+
+func main() {
+ objs, err := readObjects("obj_mac.num", "objects.txt")
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error reading objects: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeNumbers("obj_mac.num", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing numbers: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeHeader("../../include/openssl/nid.h", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing header: %s\n", err)
+ os.Exit(1)
+ }
+
+ if err := writeData("obj_dat.h", objs); err != nil {
+ fmt.Fprintf(os.Stderr, "Error writing data: %s\n", err)
+ os.Exit(1)
+ }
+}
diff --git a/src/crypto/obj/objects.pl b/src/crypto/obj/objects.pl
deleted file mode 100644
index 165429b..0000000
--- a/src/crypto/obj/objects.pl
+++ /dev/null
@@ -1,255 +0,0 @@
-#!/usr/bin/env perl
-
-if (scalar @ARGV != 3)
- {
- print "Usage: perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h\n";
- exit 1;
- }
-
-open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
-$max_nid=0;
-$o=0;
-while(<NUMIN>)
- {
- chop;
- $o++;
- s/#.*$//;
- next if /^\s*$/;
- $_ = 'X'.$_;
- ($Cname,$mynum) = split;
- $Cname =~ s/^X//;
- if (defined($nidn{$mynum}))
- { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
- if (defined($nid{$Cname}))
- { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
- $nid{$Cname} = $mynum;
- $nidn{$mynum} = $Cname;
- $order{$mynum} = $o;
- $max_nid = $mynum if $mynum > $max_nid;
- }
-close NUMIN;
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-$Cname="";
-$o=0;
-while (<IN>)
- {
- chop;
- $o++;
- if (/^!module\s+(.*)$/)
- {
- $module = $1."-";
- $module =~ s/\./_/g;
- $module =~ s/-/_/g;
- }
- if (/^!global$/)
- { $module = ""; }
- if (/^!Cname\s+(.*)$/)
- { $Cname = $1; }
- if (/^!Alias\s+(.+?)\s+(.*)$/)
- {
- $Cname = $module.$1;
- $myoid = $2;
- $myoid = &process_oid($myoid);
- $Cname =~ s/-/_/g;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $obj{$Cname} = $myoid;
- $_ = "";
- $Cname = "";
- }
- s/!.*$//;
- s/#.*$//;
- next if /^\s*$/;
- ($myoid,$mysn,$myln) = split ':';
- $mysn =~ s/^\s*//;
- $mysn =~ s/\s*$//;
- $myln =~ s/^\s*//;
- $myln =~ s/\s*$//;
- $myoid =~ s/^\s*//;
- $myoid =~ s/\s*$//;
- if ($myoid ne "")
- {
- $myoid = &process_oid($myoid);
- }
-
- if ($Cname eq "" && !($myln =~ / /))
- {
- $Cname = $myln;
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $mysn;
- $Cname =~ s/-/_/g;
- if ($Cname ne "" && defined($sn{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- if ($Cname eq "")
- {
- $Cname = $myln;
- $Cname =~ s/-/_/g;
- $Cname =~ s/\./_/g;
- $Cname =~ s/ /_/g;
- if ($Cname ne "" && defined($ln{$module.$Cname}))
- { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
- }
- $Cname =~ s/\./_/g;
- $Cname =~ s/-/_/g;
- $Cname = $module.$Cname;
- $ordern{$o} = $Cname;
- $order{$Cname} = $o;
- $sn{$Cname} = $mysn;
- $ln{$Cname} = $myln;
- $obj{$Cname} = $myoid;
- if (!defined($nid{$Cname}))
- {
- $max_nid++;
- $nid{$Cname} = $max_nid;
- $nidn{$max_nid} = $Cname;
-print STDERR "Added OID $Cname\n";
- }
- $Cname="";
- }
-close IN;
-
-open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-foreach (sort { $a <=> $b } keys %nidn)
- {
- print NUMOUT $nidn{$_},"\t\t",$_,"\n";
- }
-close NUMOUT;
-
-open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
-print OUT <<'EOF';
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num ../../include/openssl/nid.h */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef OPENSSL_HEADER_NID_H
-#define OPENSSL_HEADER_NID_H
-
-
-/* The nid library provides numbered values for ASN.1 object identifiers and
- * other symbols. These values are used by other libraries to identify
- * cryptographic primitives.
- *
- * A separate objects library, obj.h, provides functions for converting between
- * nids and object identifiers. However it depends on large internal tables with
- * the encodings of every nid defind. Consumers concerned with binary size
- * should instead embed the encodings of the few consumed OIDs and compare
- * against those.
- *
- * These values should not be used outside of a single process; they are not
- * stable identifiers. */
-
-
-#define SN_undef "UNDEF"
-#define LN_undef "undefined"
-#define NID_undef 0
-#define OBJ_undef 0L
-
-EOF
-
-foreach (sort { $a <=> $b } keys %ordern)
- {
- $Cname=$ordern{$_};
- print OUT "#define SN_",$Cname," \"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
- print OUT "#define LN_",$Cname," \"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
- print OUT "#define NID_",$Cname," ",$nid{$Cname},"\n" if $nid{$Cname} ne "";
- print OUT "#define OBJ_",$Cname," ",$obj{$Cname},"\n" if $obj{$Cname} ne "";
- print OUT "\n";
- }
-
-print OUT "\n#endif /* OPENSSL_HEADER_NID_H */\n";
-
-close OUT;
-
-sub process_oid
- {
- local($oid)=@_;
- local(@a,$oid_pref);
-
- @a = split(/\s+/,$myoid);
- $pref_oid = "";
- $pref_sep = "";
- if (!($a[0] =~ /^[0-9]+$/))
- {
- $a[0] =~ s/-/_/g;
- if (!defined($obj{$a[0]}))
- { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
- $pref_oid = "OBJ_" . $a[0];
- $pref_sep = ",";
- shift @a;
- }
- $oids = join('L,',@a) . "L";
- if ($oids ne "L")
- {
- $oids = $pref_oid . $pref_sep . $oids;
- }
- else
- {
- $oids = $pref_oid;
- }
- return($oids);
- }
diff --git a/src/crypto/pem/pem_lib.c b/src/crypto/pem/pem_lib.c
index e53abf8..8b7932e 100644
--- a/src/crypto/pem/pem_lib.c
+++ b/src/crypto/pem/pem_lib.c
@@ -71,6 +71,9 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
#define MIN_LENGTH 4
static int load_iv(char **fromp, unsigned char *to, int num);
@@ -638,7 +641,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(nameB->data, &(buf[11]), i - 6);
+ OPENSSL_memcpy(nameB->data, &(buf[11]), i - 6);
nameB->data[i - 6] = '\0';
break;
}
@@ -669,7 +672,7 @@
nohead = 1;
break;
}
- memcpy(&(headerB->data[hl]), buf, i);
+ OPENSSL_memcpy(&(headerB->data[hl]), buf, i);
headerB->data[hl + i] = '\0';
hl += i;
}
@@ -701,7 +704,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(&(dataB->data[bl]), buf, i);
+ OPENSSL_memcpy(&(dataB->data[bl]), buf, i);
dataB->data[bl + i] = '\0';
bl += i;
if (end) {
diff --git a/src/crypto/pkcs8/p5_pbe.c b/src/crypto/pkcs8/p5_pbe.c
index 8e56d41..eee2e00 100644
--- a/src/crypto/pkcs8/p5_pbe.c
+++ b/src/crypto/pkcs8/p5_pbe.c
@@ -62,6 +62,7 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "internal.h"
@@ -106,7 +107,7 @@
}
sstr = ASN1_STRING_data(pbe->salt);
if (salt)
- memcpy(sstr, salt, saltlen);
+ OPENSSL_memcpy(sstr, salt, saltlen);
else if (!RAND_bytes(sstr, saltlen))
goto err;
diff --git a/src/crypto/pkcs8/p5_pbev2.c b/src/crypto/pkcs8/p5_pbev2.c
index 050a4d6..c16b83f 100644
--- a/src/crypto/pkcs8/p5_pbev2.c
+++ b/src/crypto/pkcs8/p5_pbev2.c
@@ -67,6 +67,7 @@
#include <openssl/x509.h>
#include "internal.h"
+#include "../internal.h"
/* PKCS#5 v2.0 password based encryption structures */
@@ -144,7 +145,7 @@
if (EVP_CIPHER_iv_length(cipher))
{
if (aiv)
- memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+ OPENSSL_memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (!RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)))
goto err;
}
@@ -246,7 +247,7 @@
osalt->length = saltlen;
if (salt)
- memcpy (osalt->data, salt, saltlen);
+ OPENSSL_memcpy (osalt->data, salt, saltlen);
else if (!RAND_bytes(osalt->data, saltlen))
goto merr;
diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c
index 7b34705..e965bc9 100644
--- a/src/crypto/pkcs8/pkcs8.c
+++ b/src/crypto/pkcs8/pkcs8.c
@@ -124,7 +124,7 @@
/* 1. Construct a string, D (the "diversifier"), by concatenating v/8 copies
* of ID. */
uint8_t D[EVP_MAX_MD_BLOCK_SIZE];
- memset(D, id, block_size);
+ OPENSSL_memset(D, id, block_size);
/* 2. Concatenate copies of the salt together to create a string S of length
* v(ceiling(s/v)) bits (the final copy of the salt may be truncated to
@@ -186,7 +186,7 @@
}
size_t todo = out_len < A_len ? out_len : A_len;
- memcpy(out, A, todo);
+ OPENSSL_memcpy(out, A, todo);
out += todo;
out_len -= todo;
if (out_len == 0) {
@@ -911,7 +911,7 @@
}
*out_key = NULL;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
/* See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section
* four. */
@@ -1068,7 +1068,7 @@
return NULL;
}
- memcpy(p12->ber_bytes, *ber_bytes, ber_len);
+ OPENSSL_memcpy(p12->ber_bytes, *ber_bytes, ber_len);
p12->ber_len = ber_len;
*ber_bytes += ber_len;
@@ -1193,7 +1193,7 @@
}
} else if (password_len != -1 &&
(password[password_len] != 0 ||
- memchr(password, 0, password_len) != NULL)) {
+ OPENSSL_memchr(password, 0, password_len) != NULL)) {
return 0;
}
diff --git a/src/crypto/poly1305/poly1305.c b/src/crypto/poly1305/poly1305.c
index 4c5d11f..77e8046 100644
--- a/src/crypto/poly1305/poly1305.c
+++ b/src/crypto/poly1305/poly1305.c
@@ -23,6 +23,7 @@
#include <openssl/cpu.h>
#include "internal.h"
+#include "../internal.h"
#if defined(OPENSSL_WINDOWS) || !defined(OPENSSL_X86_64)
@@ -30,11 +31,13 @@
/* We can assume little-endian. */
static uint32_t U8TO32_LE(const uint8_t *m) {
uint32_t r;
- memcpy(&r, m, sizeof(r));
+ OPENSSL_memcpy(&r, m, sizeof(r));
return r;
}
-static void U32TO8_LE(uint8_t *m, uint32_t v) { memcpy(m, &v, sizeof(v)); }
+static void U32TO8_LE(uint8_t *m, uint32_t v) {
+ OPENSSL_memcpy(m, &v, sizeof(v));
+}
static uint64_t mul32x32_64(uint32_t a, uint32_t b) { return (uint64_t)a * b; }
@@ -192,7 +195,7 @@
state->h4 = 0;
state->buf_used = 0;
- memcpy(state->key, key + 16, sizeof(state->key));
+ OPENSSL_memcpy(state->key, key + 16, sizeof(state->key));
}
void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
diff --git a/src/crypto/poly1305/poly1305_arm.c b/src/crypto/poly1305/poly1305_arm.c
index de31d6b..444413b 100644
--- a/src/crypto/poly1305/poly1305_arm.c
+++ b/src/crypto/poly1305/poly1305_arm.c
@@ -129,7 +129,7 @@
* fe1305x2_frombytearray. */
static uint32_t load32(uint8_t *t) {
uint32_t tmp;
- memcpy(&tmp, t, sizeof(tmp));
+ OPENSSL_memcpy(&tmp, t, sizeof(tmp));
return tmp;
}
@@ -203,7 +203,7 @@
addmulmod(precomp, r, r, &zero); /* precompute r^2 */
addmulmod(precomp + 1, precomp, precomp, &zero); /* precompute r^4 */
- memcpy(st->key, key + 16, 16);
+ OPENSSL_memcpy(st->key, key + 16, 16);
st->buf_used = 0;
}
diff --git a/src/crypto/pool/pool.c b/src/crypto/pool/pool.c
index ca058fc..44d10af 100644
--- a/src/crypto/pool/pool.c
+++ b/src/crypto/pool/pool.c
@@ -34,7 +34,7 @@
if (a->len != b->len) {
return 1;
}
- return memcmp(a->data, b->data, a->len);
+ return OPENSSL_memcmp(a->data, b->data, a->len);
}
CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void) {
@@ -43,7 +43,7 @@
return NULL;
}
- memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
+ OPENSSL_memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
pool->bufs = lh_CRYPTO_BUFFER_new(CRYPTO_BUFFER_hash, CRYPTO_BUFFER_cmp);
if (pool->bufs == NULL) {
OPENSSL_free(pool);
@@ -95,7 +95,7 @@
if (buf == NULL) {
return NULL;
}
- memset(buf, 0, sizeof(CRYPTO_BUFFER));
+ OPENSSL_memset(buf, 0, sizeof(CRYPTO_BUFFER));
buf->data = BUF_memdup(data, len);
if (len != 0 && buf->data == NULL) {
diff --git a/src/crypto/pool/pool_test.cc b/src/crypto/pool/pool_test.cc
index 0b5338f..72b8ce0 100644
--- a/src/crypto/pool/pool_test.cc
+++ b/src/crypto/pool/pool_test.cc
@@ -17,6 +17,8 @@
#include <openssl/pool.h>
+#include "../internal.h"
+
static bool TestUnpooled() {
static const uint8_t kData[4] = {1, 2, 3, 4};
@@ -27,7 +29,8 @@
}
if (CRYPTO_BUFFER_len(buf.get()) != sizeof(kData) ||
- memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) != 0) {
+ OPENSSL_memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) !=
+ 0) {
fprintf(stderr, "CRYPTO_BUFFER corrupted data.\n");
return false;
}
diff --git a/src/crypto/rand/deterministic.c b/src/crypto/rand/deterministic.c
index c0a347c..d96a505 100644
--- a/src/crypto/rand/deterministic.c
+++ b/src/crypto/rand/deterministic.c
@@ -21,6 +21,7 @@
#include <openssl/chacha.h>
#include "internal.h"
+#include "../internal.h"
/* g_num_calls is the number of calls to |CRYPTO_sysrand| that have occured.
@@ -36,10 +37,10 @@
static const uint8_t kZeroKey[32];
uint8_t nonce[12];
- memset(nonce, 0, sizeof(nonce));
- memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
+ OPENSSL_memset(nonce, 0, sizeof(nonce));
+ OPENSSL_memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
- memset(out, 0, requested);
+ OPENSSL_memset(out, 0, requested);
CRYPTO_chacha_20(out, out, requested, kZeroKey, nonce, 0);
g_num_calls++;
}
diff --git a/src/crypto/rand/rand.c b/src/crypto/rand/rand.c
index ec78a2e..51da6ba 100644
--- a/src/crypto/rand/rand.c
+++ b/src/crypto/rand/rand.c
@@ -101,7 +101,7 @@
if (!CRYPTO_rdrand(rand_buf)) {
return 0;
}
- memcpy(buf + len_multiple8, rand_buf, len);
+ OPENSSL_memcpy(buf + len_multiple8, rand_buf, len);
}
return 1;
@@ -138,7 +138,7 @@
return 1;
}
- memset(state->partial_block, 0, sizeof(state->partial_block));
+ OPENSSL_memset(state->partial_block, 0, sizeof(state->partial_block));
state->calls_used = kMaxCallsPerRefresh;
}
@@ -161,8 +161,8 @@
todo = kMaxBytesPerCall;
}
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(buf, buf, todo, state->key, nonce, 0);
buf += todo;
remaining -= todo;
@@ -171,8 +171,8 @@
} else {
if (sizeof(state->partial_block) - state->partial_block_used < len) {
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(state->partial_block, state->partial_block,
sizeof(state->partial_block), state->key, nonce, 0);
state->partial_block_used = 0;
diff --git a/src/crypto/rand/urandom.c b/src/crypto/rand/urandom.c
index 17d194c..2233203 100644
--- a/src/crypto/rand/urandom.c
+++ b/src/crypto/rand/urandom.c
@@ -207,12 +207,12 @@
abort(); // Already initialized
}
- if (urandom_fd == kHaveGetrandom) {
- if (fd >= 0) {
+ if (fd >= 0) {
+ if (urandom_fd == kHaveGetrandom) {
close(fd);
+ } else if (urandom_fd != fd) {
+ abort(); // Already initialized.
}
- } else if (urandom_fd != fd) {
- abort(); // Already initialized.
}
}
@@ -237,18 +237,35 @@
return buf;
}
+#if defined(USE_SYS_getrandom) && defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+void __msan_unpoison(void *, size_t);
+#endif
+#endif
+
/* fill_with_entropy writes |len| bytes of entropy into |out|. It returns one
* on success and zero on error. */
static char fill_with_entropy(uint8_t *out, size_t len) {
- ssize_t r;
-
while (len > 0) {
+ ssize_t r;
+
if (urandom_fd == kHaveGetrandom) {
#if defined(USE_SYS_getrandom)
do {
r = syscall(SYS_getrandom, out, len, 0 /* no flags */);
} while (r == -1 && errno == EINTR);
-#else
+
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+ if (r > 0) {
+ /* MSAN doesn't recognise |syscall| and thus doesn't notice that we
+ * have initialised the output buffer. */
+ __msan_unpoison(out, r);
+ }
+#endif /* memory_sanitizer */
+#endif /*__has_feature */
+
+#else /* USE_SYS_getrandom */
abort();
#endif
} else {
@@ -274,7 +291,7 @@
size_t remaining = BUF_SIZE - buf->used;
while (requested > remaining) {
- memcpy(out, &buf->rand[buf->used], remaining);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], remaining);
buf->used += remaining;
out += remaining;
requested -= remaining;
@@ -287,7 +304,7 @@
remaining = BUF_SIZE;
}
- memcpy(out, &buf->rand[buf->used], requested);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], requested);
buf->used += requested;
}
diff --git a/src/crypto/refcount_test.c b/src/crypto/refcount_test.cc
similarity index 100%
rename from src/crypto/refcount_test.c
rename to src/crypto/refcount_test.cc
diff --git a/src/crypto/rsa/blinding.c b/src/crypto/rsa/blinding.c
index 0a485ee..693dced 100644
--- a/src/crypto/rsa/blinding.c
+++ b/src/crypto/rsa/blinding.c
@@ -115,6 +115,7 @@
#include <openssl/err.h>
#include "internal.h"
+#include "../internal.h"
#define BN_BLINDING_COUNTER 32
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(BN_BLINDING));
+ OPENSSL_memset(ret, 0, sizeof(BN_BLINDING));
ret->A = BN_new();
if (ret->A == NULL) {
diff --git a/src/crypto/rsa/padding.c b/src/crypto/rsa/padding.c
index 987349b..3ed19ad 100644
--- a/src/crypto/rsa/padding.c
+++ b/src/crypto/rsa/padding.c
@@ -92,10 +92,10 @@
/* pad out with 0xff data */
j = to_len - 3 - from_len;
- memset(p, 0xff, j);
+ OPENSSL_memset(p, 0xff, j);
p += j;
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -146,7 +146,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
return -1;
}
- memcpy(to, p, j);
+ OPENSSL_memcpy(to, p, j);
return j;
}
@@ -188,7 +188,7 @@
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -254,7 +254,7 @@
return -1;
}
- memcpy(to, &from[zero_index], msg_len);
+ OPENSSL_memcpy(to, &from[zero_index], msg_len);
return (int)msg_len;
}
@@ -270,7 +270,7 @@
return 0;
}
- memcpy(to, from, from_len);
+ OPENSSL_memcpy(to, from, from_len);
return 1;
}
@@ -305,7 +305,7 @@
if (!EVP_DigestFinal_ex(&ctx, digest, NULL)) {
goto err;
}
- memcpy(out, digest, len);
+ OPENSSL_memcpy(out, digest, len);
len = 0;
}
}
@@ -358,9 +358,9 @@
if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) {
return 0;
}
- memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
+ OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
db[emlen - from_len - mdlen - 1] = 0x01;
- memcpy(db + emlen - from_len - mdlen, from, from_len);
+ OPENSSL_memcpy(db + emlen - from_len - mdlen, from, from_len);
if (!RAND_bytes(seed, mdlen)) {
return 0;
}
@@ -471,7 +471,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
mlen = -1;
} else {
- memcpy(to, db + one_index, mlen);
+ OPENSSL_memcpy(to, db + one_index, mlen);
}
OPENSSL_free(db);
@@ -579,7 +579,7 @@
if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) {
goto err;
}
- if (memcmp(H_, H, hLen)) {
+ if (OPENSSL_memcmp(H_, H, hLen)) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
ret = 0;
} else {
diff --git a/src/crypto/rsa/rsa.c b/src/crypto/rsa/rsa.c
index 17f0a8a..731293f 100644
--- a/src/crypto/rsa/rsa.c
+++ b/src/crypto/rsa/rsa.c
@@ -82,7 +82,7 @@
return NULL;
}
- memset(rsa, 0, sizeof(RSA));
+ OPENSSL_memset(rsa, 0, sizeof(RSA));
if (engine) {
rsa->meth = ENGINE_get_RSA_method(engine);
@@ -446,8 +446,8 @@
return 0;
}
- memcpy(signed_msg, prefix, prefix_len);
- memcpy(signed_msg + prefix_len, msg, msg_len);
+ OPENSSL_memcpy(signed_msg, prefix, prefix_len);
+ OPENSSL_memcpy(signed_msg + prefix_len, msg, msg_len);
*out_msg = signed_msg;
*out_msg_len = signed_msg_len;
@@ -532,7 +532,7 @@
goto out;
}
- if (len != signed_msg_len || memcmp(buf, signed_msg, len) != 0) {
+ if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
goto out;
}
diff --git a/src/crypto/rsa/rsa_asn1.c b/src/crypto/rsa/rsa_asn1.c
index 509f1aa..88b1dfb 100644
--- a/src/crypto/rsa/rsa_asn1.c
+++ b/src/crypto/rsa/rsa_asn1.c
@@ -66,6 +66,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) {
@@ -183,7 +184,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(ret, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ret, 0, sizeof(RSA_additional_prime));
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
@@ -280,6 +281,11 @@
goto err;
}
+ if (!RSA_check_key(ret)) {
+ OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
+ goto err;
+ }
+
BN_CTX_free(ctx);
BN_free(product_of_primes_so_far);
return ret;
diff --git a/src/crypto/rsa/rsa_impl.c b/src/crypto/rsa/rsa_impl.c
index fb7a368..3834be5 100644
--- a/src/crypto/rsa/rsa_impl.c
+++ b/src/crypto/rsa/rsa_impl.c
@@ -65,6 +65,7 @@
#include <openssl/thread.h>
#include "internal.h"
+#include "../bn/internal.h"
#include "../internal.h"
@@ -263,7 +264,7 @@
if (new_blindings == NULL) {
goto err1;
}
- memcpy(new_blindings, rsa->blindings,
+ OPENSSL_memcpy(new_blindings, rsa->blindings,
sizeof(BN_BLINDING *) * rsa->num_blindings);
new_blindings[rsa->num_blindings] = ret;
@@ -271,7 +272,7 @@
if (new_blindings_inuse == NULL) {
goto err2;
}
- memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
+ OPENSSL_memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
new_blindings_inuse[rsa->num_blindings] = 1;
*index_used = rsa->num_blindings;
@@ -590,17 +591,9 @@
if (!mod_exp(result, f, rsa, ctx)) {
goto err;
}
- } else {
- BIGNUM local_d;
- BIGNUM *d = NULL;
-
- BN_init(&local_d);
- d = &local_d;
- BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-
- if (!BN_mod_exp_mont_consttime(result, f, d, rsa->n, ctx, rsa->mont_n)) {
- goto err;
- }
+ } else if (!BN_mod_exp_mont_consttime(result, f, rsa->d, rsa->n, ctx,
+ rsa->mont_n)) {
+ goto err;
}
/* Verify the result to protect against fault attacks as described in the
@@ -658,8 +651,6 @@
assert(rsa->iqmp != NULL);
BIGNUM *r1, *m1, *vrfy;
- BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
- BIGNUM *dmp1, *dmq1, *c, *pr1;
int ret = 0;
size_t i, num_additional_primes = 0;
@@ -677,23 +668,9 @@
goto err;
}
- {
- BIGNUM local_p, local_q;
- BIGNUM *p = NULL, *q = NULL;
-
- /* Make sure BN_mod in Montgomery initialization uses BN_FLG_CONSTTIME. */
- BN_init(&local_p);
- p = &local_p;
- BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
- BN_init(&local_q);
- q = &local_q;
- BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
-
- if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, p, ctx) ||
- !BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, q, ctx)) {
- goto err;
- }
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
+ !BN_MONT_CTX_set_locked(&rsa->mont_q, &rsa->lock, rsa->q, ctx)) {
+ goto err;
}
if (!BN_MONT_CTX_set_locked(&rsa->mont_n, &rsa->lock, rsa->n, ctx)) {
@@ -701,30 +678,22 @@
}
/* compute I mod q */
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->q, ctx)) {
+ if (!BN_mod(r1, I, rsa->q, ctx)) {
goto err;
}
/* compute r1^dmq1 mod q */
- dmq1 = &local_dmq1;
- BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
- if (!BN_mod_exp_mont_consttime(m1, r1, dmq1, rsa->q, ctx, rsa->mont_q)) {
+ if (!BN_mod_exp_mont_consttime(m1, r1, rsa->dmq1, rsa->q, ctx, rsa->mont_q)) {
goto err;
}
/* compute I mod p */
- c = &local_c;
- BN_with_flags(c, I, BN_FLG_CONSTTIME);
- if (!BN_mod(r1, c, rsa->p, ctx)) {
+ if (!BN_mod(r1, I, rsa->p, ctx)) {
goto err;
}
/* compute r1^dmp1 mod p */
- dmp1 = &local_dmp1;
- BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
- if (!BN_mod_exp_mont_consttime(r0, r1, dmp1, rsa->p, ctx, rsa->mont_p)) {
+ if (!BN_mod_exp_mont_consttime(r0, r1, rsa->dmp1, rsa->p, ctx, rsa->mont_p)) {
goto err;
}
@@ -743,11 +712,7 @@
goto err;
}
- /* Turn BN_FLG_CONSTTIME flag on before division operation */
- pr1 = &local_r1;
- BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
-
- if (!BN_mod(r0, pr1, rsa->p, ctx)) {
+ if (!BN_mod(r0, r1, rsa->p, ctx)) {
goto err;
}
@@ -771,30 +736,23 @@
for (i = 0; i < num_additional_primes; i++) {
/* multi-prime RSA. */
- BIGNUM local_exp, local_prime;
- BIGNUM *exp = &local_exp, *prime = &local_prime;
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
- BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME);
- BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME);
-
/* c will already point to a BIGNUM with the correct flags. */
- if (!BN_mod(r1, c, prime, ctx)) {
+ if (!BN_mod(r1, I, ap->prime, ctx)) {
goto err;
}
- if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, prime, ctx) ||
- !BN_mod_exp_mont_consttime(m1, r1, exp, prime, ctx, ap->mont)) {
+ if (!BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
+ !BN_mod_exp_mont_consttime(m1, r1, ap->exp, ap->prime, ctx, ap->mont)) {
goto err;
}
- BN_set_flags(m1, BN_FLG_CONSTTIME);
-
if (!BN_sub(m1, m1, r0) ||
!BN_mul(m1, m1, ap->coeff, ctx) ||
- !BN_mod(m1, m1, prime, ctx) ||
- (BN_is_negative(m1) && !BN_add(m1, m1, prime)) ||
+ !BN_mod(m1, m1, ap->prime, ctx) ||
+ (BN_is_negative(m1) && !BN_add(m1, m1, ap->prime)) ||
!BN_mul(m1, m1, ap->r, ctx) ||
!BN_add(r0, r0, m1)) {
goto err;
@@ -811,8 +769,8 @@
int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
BIGNUM *e_value, BN_GENCB *cb) {
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
- BIGNUM local_r0, local_d, local_p;
- BIGNUM *pr0, *d, *p;
+ BIGNUM local_r0, local_p;
+ BIGNUM *pr0, *p;
int prime_bits, ok = -1, n = 0, i, j;
BN_CTX *ctx = NULL;
STACK_OF(RSA_additional_prime) *additional_primes = NULL;
@@ -848,7 +806,7 @@
if (ap == NULL) {
goto err;
}
- memset(ap, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ap, 0, sizeof(RSA_additional_prime));
ap->prime = BN_new();
ap->exp = BN_new();
ap->coeff = BN_new();
@@ -1047,25 +1005,24 @@
goto err; /* d */
}
- /* set up d for correct BN_FLG_CONSTTIME flag */
- d = &local_d;
- BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-
/* calculate d mod (p-1) */
- if (!BN_mod(rsa->dmp1, d, r1, ctx)) {
+ if (!BN_mod(rsa->dmp1, rsa->d, r1, ctx)) {
goto err;
}
/* calculate d mod (q-1) */
- if (!BN_mod(rsa->dmq1, d, r2, ctx)) {
+ if (!BN_mod(rsa->dmq1, rsa->d, r2, ctx)) {
goto err;
}
- /* calculate inverse of q mod p */
+ /* Calculate inverse of q mod p. Note that although RSA key generation is far
+ * from constant-time, |bn_mod_inverse_secret_prime| uses the same modular
+ * exponentation logic as in RSA private key operations and, if the RSAZ-1024
+ * code is enabled, will be optimized for common RSA prime sizes. */
p = &local_p;
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
- if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) {
+ if (!BN_MONT_CTX_set_locked(&rsa->mont_p, &rsa->lock, rsa->p, ctx) ||
+ !bn_mod_inverse_secret_prime(rsa->iqmp, rsa->q, p, ctx, rsa->mont_p)) {
goto err;
}
@@ -1074,15 +1031,24 @@
sk_RSA_additional_prime_value(additional_primes, i - 2);
if (!BN_sub(ap->exp, ap->prime, BN_value_one()) ||
!BN_mod(ap->exp, rsa->d, ap->exp, ctx) ||
- !BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) {
+ !BN_MONT_CTX_set_locked(&ap->mont, &rsa->lock, ap->prime, ctx) ||
+ !bn_mod_inverse_secret_prime(ap->coeff, ap->r, ap->prime, ctx,
+ ap->mont)) {
goto err;
}
}
- ok = 1;
rsa->additional_primes = additional_primes;
additional_primes = NULL;
+ /* The key generation process is complex and thus error-prone. It could be
+ * disastrous to generate and then use a bad key so double-check that the key
+ * makes sense. */
+ ok = RSA_check_key(rsa);
+ if (!ok) {
+ OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR);
+ }
+
err:
if (ok == -1) {
OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
diff --git a/src/crypto/rsa/rsa_test.cc b/src/crypto/rsa/rsa_test.cc
index 8c4a787..306df7e 100644
--- a/src/crypto/rsa/rsa_test.cc
+++ b/src/crypto/rsa/rsa_test.cc
@@ -65,6 +65,8 @@
#include <openssl/err.h>
#include <openssl/nid.h>
+#include "../internal.h"
+
// kPlaintext is a sample plaintext.
static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
@@ -549,7 +551,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n");
return false;
}
@@ -566,7 +568,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (encrypted data) failed!\n");
return false;
}
@@ -577,13 +579,13 @@
oaep_ciphertext, oaep_ciphertext_len,
RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (test vector data) failed!\n");
return false;
}
// Try decrypting corrupted ciphertexts.
- memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
+ OPENSSL_memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
for (size_t i = 0; i < oaep_ciphertext_len; i++) {
ciphertext[i] ^= 1;
if (RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
@@ -628,7 +630,7 @@
if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size,
RSA_PKCS1_PADDING) ||
out_len != 11 ||
- memcmp(out, "hello world", 11) != 0) {
+ OPENSSL_memcmp(out, "hello world", 11) != 0) {
fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes);
ERR_print_errors_fp(stderr);
return false;
@@ -655,7 +657,7 @@
!RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted),
encrypted, encrypted_len, RSA_PKCS1_PADDING) ||
decrypted_len != sizeof(kMessage) ||
- memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
+ OPENSSL_memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
ERR_print_errors_fp(stderr);
return false;
}
@@ -688,6 +690,19 @@
return false;
}
+ uint8_t *der;
+ size_t der_len;
+ if (!RSA_private_key_to_bytes(&der, &der_len, key.get())) {
+ fprintf(stderr, "RSA_private_key_to_bytes failed to serialize bad key\n.");
+ return false;
+ }
+ bssl::UniquePtr<uint8_t> delete_der(der);
+
+ key.reset(RSA_private_key_from_bytes(der, der_len));
+ if (key) {
+ fprintf(stderr, "RSA_private_key_from_bytes accepted bad key\n.");
+ }
+
ERR_clear_error();
return true;
}
@@ -854,7 +869,8 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der(der);
- if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) {
+ if (der_len != sizeof(kKey1) - 1 ||
+ OPENSSL_memcmp(der, kKey1, der_len) != 0) {
return false;
}
@@ -877,7 +893,7 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der2(der2);
- if (der_len != der2_len || memcmp(der, der2, der_len) != 0) {
+ if (der_len != der2_len || OPENSSL_memcmp(der, der2, der_len) != 0) {
return false;
}
diff --git a/src/crypto/sha/sha1.c b/src/crypto/sha/sha1.c
index 12fb457..7c72713 100644
--- a/src/crypto/sha/sha1.c
+++ b/src/crypto/sha/sha1.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -69,7 +71,7 @@
#endif
int SHA1_Init(SHA_CTX *sha) {
- memset(sha, 0, sizeof(SHA_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA_CTX));
sha->h[0] = 0x67452301UL;
sha->h[1] = 0xefcdab89UL;
sha->h[2] = 0x98badcfeUL;
diff --git a/src/crypto/sha/sha256.c b/src/crypto/sha/sha256.c
index 58f7c42..fb950d7 100644
--- a/src/crypto/sha/sha256.c
+++ b/src/crypto/sha/sha256.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -68,7 +70,7 @@
#endif
int SHA224_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0xc1059ed8UL;
sha->h[1] = 0x367cd507UL;
sha->h[2] = 0x3070dd17UL;
@@ -82,7 +84,7 @@
}
int SHA256_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0x6a09e667UL;
sha->h[1] = 0xbb67ae85UL;
sha->h[2] = 0x3c6ef372UL;
diff --git a/src/crypto/sha/sha512.c b/src/crypto/sha/sha512.c
index 355011f..8761150 100644
--- a/src/crypto/sha/sha512.c
+++ b/src/crypto/sha/sha512.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* IMPLEMENTATION NOTES.
*
@@ -167,7 +169,7 @@
void SHA512_Transform(SHA512_CTX *c, const uint8_t *block) {
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)block % sizeof(c->u.d[0]) != 0) {
- memcpy(c->u.p, block, sizeof(c->u.p));
+ OPENSSL_memcpy(c->u.p, block, sizeof(c->u.p));
block = c->u.p;
}
#endif
@@ -196,11 +198,11 @@
size_t n = sizeof(c->u) - c->num;
if (len < n) {
- memcpy(p + c->num, data, len);
+ OPENSSL_memcpy(p + c->num, data, len);
c->num += (unsigned int)len;
return 1;
} else {
- memcpy(p + c->num, data, n), c->num = 0;
+ OPENSSL_memcpy(p + c->num, data, n), c->num = 0;
len -= n;
data += n;
sha512_block_data_order(c->h, (uint64_t *)p, 1);
@@ -211,7 +213,7 @@
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)data % sizeof(c->u.d[0]) != 0) {
while (len >= sizeof(c->u)) {
- memcpy(p, data, sizeof(c->u));
+ OPENSSL_memcpy(p, data, sizeof(c->u));
sha512_block_data_order(c->h, (uint64_t *)p, 1);
len -= sizeof(c->u);
data += sizeof(c->u);
@@ -227,7 +229,7 @@
}
if (len != 0) {
- memcpy(p, data, len);
+ OPENSSL_memcpy(p, data, len);
c->num = (int)len;
}
@@ -241,12 +243,12 @@
p[n] = 0x80; /* There always is a room for one */
n++;
if (n > (sizeof(sha->u) - 16)) {
- memset(p + n, 0, sizeof(sha->u) - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - n);
n = 0;
sha512_block_data_order(sha->h, (uint64_t *)p, 1);
}
- memset(p + n, 0, sizeof(sha->u) - 16 - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - 16 - n);
p[sizeof(sha->u) - 1] = (uint8_t)(sha->Nl);
p[sizeof(sha->u) - 2] = (uint8_t)(sha->Nl >> 8);
p[sizeof(sha->u) - 3] = (uint8_t)(sha->Nl >> 16);
diff --git a/src/crypto/stack/stack.c b/src/crypto/stack/stack.c
index 2d5744a..f78209d 100644
--- a/src/crypto/stack/stack.c
+++ b/src/crypto/stack/stack.c
@@ -60,6 +60,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinSize is the number of pointers that will be initially allocated in a new
* stack. */
static const size_t kMinSize = 4;
@@ -71,14 +74,14 @@
if (ret == NULL) {
goto err;
}
- memset(ret, 0, sizeof(_STACK));
+ OPENSSL_memset(ret, 0, sizeof(_STACK));
ret->data = OPENSSL_malloc(sizeof(void *) * kMinSize);
if (ret->data == NULL) {
goto err;
}
- memset(ret->data, 0, sizeof(void *) * kMinSize);
+ OPENSSL_memset(ret->data, 0, sizeof(void *) * kMinSize);
ret->comp = comp;
ret->num_alloc = kMinSize;
@@ -103,7 +106,7 @@
if (sk == NULL || sk->num == 0) {
return;
}
- memset(sk->data, 0, sizeof(void*) * sk->num);
+ OPENSSL_memset(sk->data, 0, sizeof(void*) * sk->num);
sk->num = 0;
sk->sorted = 0;
}
@@ -177,8 +180,8 @@
if (where >= sk->num) {
sk->data[sk->num] = p;
} else {
- memmove(&sk->data[where + 1], &sk->data[where],
- sizeof(void *) * (sk->num - where));
+ OPENSSL_memmove(&sk->data[where + 1], &sk->data[where],
+ sizeof(void *) * (sk->num - where));
sk->data[where] = p;
}
@@ -198,7 +201,7 @@
ret = sk->data[where];
if (where != sk->num - 1) {
- memmove(&sk->data[where], &sk->data[where + 1],
+ OPENSSL_memmove(&sk->data[where], &sk->data[where + 1],
sizeof(void *) * (sk->num - where - 1));
}
@@ -308,7 +311,7 @@
ret->data = s;
ret->num = sk->num;
- memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
+ OPENSSL_memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
ret->sorted = sk->sorted;
ret->num_alloc = sk->num_alloc;
ret->comp = sk->comp;
diff --git a/src/crypto/test/file_test.cc b/src/crypto/test/file_test.cc
index d684aa0..715907e 100644
--- a/src/crypto/test/file_test.cc
+++ b/src/crypto/test/file_test.cc
@@ -24,6 +24,8 @@
#include <openssl/err.h>
+#include "../internal.h"
+
FileTest::FileTest(const char *path) {
file_ = fopen(path, "r");
@@ -227,7 +229,7 @@
bool FileTest::ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
const uint8_t *actual, size_t actual_len) {
if (expected_len == actual_len &&
- memcmp(expected, actual, expected_len) == 0) {
+ OPENSSL_memcmp(expected, actual, expected_len) == 0) {
return true;
}
diff --git a/src/crypto/thread_pthread.c b/src/crypto/thread_pthread.c
index 90ff861..d9e87f2 100644
--- a/src/crypto/thread_pthread.c
+++ b/src/crypto/thread_pthread.c
@@ -103,7 +103,7 @@
if (pthread_mutex_lock(&g_destructors_lock) != 0) {
return;
}
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
pthread_mutex_unlock(&g_destructors_lock);
unsigned i;
@@ -154,7 +154,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (pthread_setspecific(g_thread_local_key, pointers) != 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/src/crypto/thread_test.c b/src/crypto/thread_test.c
index 12ca2ec..c702ace 100644
--- a/src/crypto/thread_test.c
+++ b/src/crypto/thread_test.c
@@ -30,7 +30,7 @@
static DWORD WINAPI thread_run(LPVOID arg) {
void (*thread_func)(void);
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&thread_func, &arg, sizeof(thread_func));
+ OPENSSL_memcpy(&thread_func, &arg, sizeof(thread_func));
thread_func();
return 0;
}
@@ -38,7 +38,7 @@
static int run_thread(thread_t *out_thread, void (*thread_func)(void)) {
void *arg;
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&arg, &thread_func, sizeof(arg));
+ OPENSSL_memcpy(&arg, &thread_func, sizeof(arg));
*out_thread = CreateThread(NULL /* security attributes */,
0 /* default stack size */, thread_run, arg,
@@ -86,7 +86,7 @@
Sleep(1 /* milliseconds */);
#else
struct timespec req;
- memset(&req, 0, sizeof(req));
+ OPENSSL_memset(&req, 0, sizeof(req));
req.tv_nsec = 1000000;
nanosleep(&req, NULL);
#endif
diff --git a/src/crypto/thread_win.c b/src/crypto/thread_win.c
index 836cf0f..62119b4 100644
--- a/src/crypto/thread_win.c
+++ b/src/crypto/thread_win.c
@@ -122,7 +122,7 @@
thread_local_destructor_t destructors[NUM_OPENSSL_THREAD_LOCALS];
EnterCriticalSection(&g_destructors_lock);
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
LeaveCriticalSection(&g_destructors_lock);
unsigned i;
@@ -218,7 +218,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (TlsSetValue(g_thread_local_key, pointers) == 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/src/crypto/x509/a_verify.c b/src/crypto/x509/a_verify.c
index 5a9adb6..0af4197 100644
--- a/src/crypto/x509/a_verify.c
+++ b/src/crypto/x509/a_verify.c
@@ -119,7 +119,7 @@
* we don't need to zero the 'ctx' because we just checked public
* information
*/
- /* memset(&ctx,0,sizeof(ctx)); */
+ /* OPENSSL_memset(&ctx,0,sizeof(ctx)); */
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
diff --git a/src/crypto/x509/asn1_gen.c b/src/crypto/x509/asn1_gen.c
index 03a0ab9..c52a1ac 100644
--- a/src/crypto/x509/asn1_gen.c
+++ b/src/crypto/x509/asn1_gen.c
@@ -261,7 +261,7 @@
}
/* Copy across original encoding */
- memcpy(p, cpy_start, cpy_len);
+ OPENSSL_memcpy(p, cpy_start, cpy_len);
cp = new_der;
diff --git a/src/crypto/x509/by_dir.c b/src/crypto/x509/by_dir.c
index 434e5ab..e68ca5a 100644
--- a/src/crypto/x509/by_dir.c
+++ b/src/crypto/x509/by_dir.c
@@ -433,7 +433,7 @@
if (tmp != NULL) {
ok = 1;
ret->type = tmp->type;
- memcpy(&ret->data, &tmp->data, sizeof(ret->data));
+ OPENSSL_memcpy(&ret->data, &tmp->data, sizeof(ret->data));
/*
* If we were going to up the reference count, we would need
* to do it on a perl 'type' basis
diff --git a/src/crypto/x509/pkcs7_test.c b/src/crypto/x509/pkcs7_test.c
index bebcbd9..7bf4b81 100644
--- a/src/crypto/x509/pkcs7_test.c
+++ b/src/crypto/x509/pkcs7_test.c
@@ -22,6 +22,7 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "../test/test_util.h"
@@ -520,7 +521,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
@@ -584,7 +585,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
diff --git a/src/crypto/x509/x509_cmp.c b/src/crypto/x509/x509_cmp.c
index 32862eb..98236d9 100644
--- a/src/crypto/x509/x509_cmp.c
+++ b/src/crypto/x509/x509_cmp.c
@@ -67,6 +67,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
{
int i;
@@ -125,7 +128,7 @@
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
{
- return memcmp(a->sha1_hash, b->sha1_hash, 20);
+ return OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, 20);
}
X509_NAME *X509_get_issuer_name(X509 *a)
@@ -178,7 +181,7 @@
X509_check_purpose((X509 *)a, -1, 0);
X509_check_purpose((X509 *)b, -1, 0);
- rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
+ rv = OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
if (rv)
return rv;
/* Check for match against stored encoding too */
@@ -186,8 +189,8 @@
rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);
if (rv)
return rv;
- return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
- a->cert_info->enc.len);
+ return OPENSSL_memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
+ a->cert_info->enc.len);
}
return rv;
}
@@ -215,7 +218,7 @@
if (ret)
return ret;
- return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
+ return OPENSSL_memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
}
diff --git a/src/crypto/x509/x509_lu.c b/src/crypto/x509/x509_lu.c
index 7aee3bb..9e45964 100644
--- a/src/crypto/x509/x509_lu.c
+++ b/src/crypto/x509/x509_lu.c
@@ -188,7 +188,7 @@
if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
return NULL;
- memset(ret, 0, sizeof(*ret));
+ OPENSSL_memset(ret, 0, sizeof(*ret));
CRYPTO_MUTEX_init(&ret->objs_lock);
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
if (ret->objs == NULL)
@@ -396,6 +396,11 @@
return ret;
}
+void X509_STORE_set0_additional_untrusted(X509_STORE *ctx,
+ STACK_OF(X509) *untrusted) {
+ ctx->additional_untrusted = untrusted;
+}
+
int X509_OBJECT_up_ref_count(X509_OBJECT *a)
{
switch (a->type) {
diff --git a/src/crypto/x509/x509_obj.c b/src/crypto/x509/x509_obj.c
index a7f31e0..33eafc4 100644
--- a/src/crypto/x509/x509_obj.c
+++ b/src/crypto/x509/x509_obj.c
@@ -64,6 +64,9 @@
#include <openssl/obj.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
/*
* Limit to ensure we don't overflow: much greater than
* anything enountered in practice.
@@ -161,7 +164,7 @@
} else
p = &(buf[lold]);
*(p++) = '/';
- memcpy(p, s, (unsigned int)l1);
+ OPENSSL_memcpy(p, s, (unsigned int)l1);
p += l1;
*(p++) = '=';
diff --git a/src/crypto/x509/x509_test.cc b/src/crypto/x509/x509_test.cc
index 0c25754..3629c13 100644
--- a/src/crypto/x509/x509_test.cc
+++ b/src/crypto/x509/x509_test.cc
@@ -25,6 +25,8 @@
#include <openssl/pool.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
static const char kCrossSigningRootPEM[] =
"-----BEGIN CERTIFICATE-----\n"
@@ -450,7 +452,8 @@
static int Verify(X509 *leaf, const std::vector<X509 *> &roots,
const std::vector<X509 *> &intermediates,
const std::vector<X509_CRL *> &crls,
- unsigned long flags = 0) {
+ unsigned long flags,
+ bool use_additional_untrusted) {
bssl::UniquePtr<STACK_OF(X509)> roots_stack(CertsToStack(roots));
bssl::UniquePtr<STACK_OF(X509)> intermediates_stack(
CertsToStack(intermediates));
@@ -469,8 +472,14 @@
return X509_V_ERR_UNSPECIFIED;
}
- if (!X509_STORE_CTX_init(ctx.get(), store.get(), leaf,
- intermediates_stack.get())) {
+ if (use_additional_untrusted) {
+ X509_STORE_set0_additional_untrusted(store.get(),
+ intermediates_stack.get());
+ }
+
+ if (!X509_STORE_CTX_init(
+ ctx.get(), store.get(), leaf,
+ use_additional_untrusted ? nullptr : intermediates_stack.get())) {
return X509_V_ERR_UNSPECIFIED;
}
@@ -496,6 +505,24 @@
return X509_V_OK;
}
+static int Verify(X509 *leaf, const std::vector<X509 *> &roots,
+ const std::vector<X509 *> &intermediates,
+ const std::vector<X509_CRL *> &crls,
+ unsigned long flags = 0) {
+ const int r1 = Verify(leaf, roots, intermediates, crls, flags, false);
+ const int r2 = Verify(leaf, roots, intermediates, crls, flags, true);
+
+ if (r1 != r2) {
+ fprintf(stderr,
+ "Verify with, and without, use_additional_untrusted gave different "
+ "results: %d vs %d.\n",
+ r1, r2);
+ return false;
+ }
+
+ return r1;
+}
+
static bool TestVerify() {
bssl::UniquePtr<X509> cross_signing_root(CertFromPEM(kCrossSigningRootPEM));
bssl::UniquePtr<X509> root(CertFromPEM(kRootCAPEM));
@@ -814,7 +841,7 @@
}
std::unique_ptr<uint8_t[]> trailing_data(new uint8_t[data_len + 1]);
- memcpy(trailing_data.get(), data.get(), data_len);
+ OPENSSL_memcpy(trailing_data.get(), data.get(), data_len);
bssl::UniquePtr<CRYPTO_BUFFER> buf_trailing_data(
CRYPTO_BUFFER_new(trailing_data.get(), data_len + 1, nullptr));
@@ -927,7 +954,7 @@
return false;
}
if (i2d_len != static_cast<long>(data2_len) ||
- memcmp(data2.get(), i2d, i2d_len) != 0) {
+ OPENSSL_memcmp(data2.get(), i2d, i2d_len) != 0) {
fprintf(stderr, "TestFromBufferReused: i2d gave wrong result.\n");
return false;
}
@@ -964,7 +991,7 @@
}
std::unique_ptr<uint8_t[]> data_with_trailing_byte(new uint8_t[data_len + 1]);
- memcpy(data_with_trailing_byte.get(), data.get(), data_len);
+ OPENSSL_memcpy(data_with_trailing_byte.get(), data.get(), data_len);
data_with_trailing_byte[data_len] = 0;
bssl::UniquePtr<CRYPTO_BUFFER> buf_with_trailing_byte(
diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c
index fa6a5c5..27b58f4 100644
--- a/src/crypto/x509/x509_vfy.c
+++ b/src/crypto/x509/x509_vfy.c
@@ -226,7 +226,8 @@
X509_up_ref(ctx->cert);
ctx->last_untrusted = 1;
- /* We use a temporary STACK so we can chop and hack at it */
+ /* We use a temporary STACK so we can chop and hack at it.
+ * sktmp = ctx->untrusted ++ ctx->ctx->additional_untrusted */
if (ctx->untrusted != NULL
&& (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
@@ -234,6 +235,28 @@
goto end;
}
+ if (ctx->ctx->additional_untrusted != NULL) {
+ if (sktmp == NULL) {
+ sktmp = sk_X509_new_null();
+ if (sktmp == NULL) {
+ OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ goto end;
+ }
+ }
+
+ for (size_t k = 0; k < sk_X509_num(ctx->ctx->additional_untrusted);
+ k++) {
+ if (!sk_X509_push(sktmp,
+ sk_X509_value(ctx->ctx->additional_untrusted,
+ k))) {
+ OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ goto end;
+ }
+ }
+ }
+
num = sk_X509_num(ctx->chain);
x = sk_X509_value(ctx->chain, num - 1);
depth = param->depth;
@@ -269,7 +292,7 @@
}
/* If we were passed a cert chain, use it first */
- if (ctx->untrusted != NULL) {
+ if (sktmp != NULL) {
xtmp = find_issuer(ctx, sktmp, x);
if (xtmp != NULL) {
if (!sk_X509_push(ctx->chain, xtmp)) {
@@ -1258,6 +1281,17 @@
return;
}
}
+
+ for (i = 0; i < sk_X509_num(ctx->ctx->additional_untrusted); i++) {
+ crl_issuer = sk_X509_value(ctx->ctx->additional_untrusted, i);
+ if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+ continue;
+ if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+ *pissuer = crl_issuer;
+ *pcrl_score |= CRL_SCORE_AKID;
+ return;
+ }
+ }
}
/*
@@ -1829,7 +1863,7 @@
int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 10);
+ OPENSSL_memcpy(p, str, 10);
p += 10;
str += 10;
remaining -= 10;
@@ -1841,7 +1875,7 @@
int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 12);
+ OPENSSL_memcpy(p, str, 12);
p += 12;
str += 12;
remaining -= 12;
@@ -2226,7 +2260,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
return ctx;
}
@@ -2244,7 +2278,7 @@
{
int ret = 1;
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
ctx->ctx = store;
ctx->cert = x509;
ctx->untrusted = chain;
@@ -2337,7 +2371,7 @@
X509_VERIFY_PARAM_free(ctx->param);
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -2375,7 +2409,7 @@
ctx->chain = NULL;
}
CRYPTO_free_ex_data(&g_ex_data_class, ctx, &(ctx->ex_data));
- memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
+ OPENSSL_memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
diff --git a/src/crypto/x509/x509_vpm.c b/src/crypto/x509/x509_vpm.c
index 924cfa7..2317214 100644
--- a/src/crypto/x509/x509_vpm.c
+++ b/src/crypto/x509/x509_vpm.c
@@ -65,6 +65,8 @@
#include <openssl/x509v3.h>
#include "vpm_int.h"
+#include "../internal.h"
+
/* X509_VERIFY_PARAM functions */
@@ -92,7 +94,7 @@
* Refuse names with embedded NUL bytes.
* XXX: Do we need to push an error onto the error stack?
*/
- if (name && memchr(name, '\0', namelen))
+ if (name && OPENSSL_memchr(name, '\0', namelen))
return 0;
if (mode == SET_HOST && id->hosts) {
@@ -176,8 +178,8 @@
OPENSSL_free(param);
return NULL;
}
- memset(param, 0, sizeof(X509_VERIFY_PARAM));
- memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
+ OPENSSL_memset(param, 0, sizeof(X509_VERIFY_PARAM));
+ OPENSSL_memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
param->id = paramid;
x509_verify_param_zero(param);
return param;
diff --git a/src/crypto/x509/x509name.c b/src/crypto/x509/x509name.c
index 050e16a..610de5f 100644
--- a/src/crypto/x509/x509name.c
+++ b/src/crypto/x509/x509name.c
@@ -63,6 +63,9 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
{
const ASN1_OBJECT *obj;
@@ -86,7 +89,7 @@
i = (data->length > (len - 1)) ? (len - 1) : data->length;
if (buf == NULL)
return (data->length);
- memcpy(buf, data->data, i);
+ OPENSSL_memcpy(buf, data->data, i);
buf[i] = '\0';
return (i);
}
diff --git a/src/crypto/x509/x_name.c b/src/crypto/x509/x_name.c
index 19f536c..f97081d 100644
--- a/src/crypto/x509/x_name.c
+++ b/src/crypto/x509/x_name.c
@@ -67,6 +67,8 @@
#include <openssl/x509.h>
#include "../asn1/asn1_locl.h"
+#include "../internal.h"
+
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
@@ -233,7 +235,7 @@
local_sk_X509_NAME_ENTRY_pop_free);
goto err;
}
- memcpy(nm.x->bytes->data, q, p - q);
+ OPENSSL_memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
@@ -276,7 +278,7 @@
}
ret = a->bytes->length;
if (out != NULL) {
- memcpy(*out, a->bytes->data, ret);
+ OPENSSL_memcpy(*out, a->bytes->data, ret);
*out += ret;
}
return ret;
@@ -336,8 +338,8 @@
* spaces collapsed, converted to lower case and the leading SEQUENCE header
* removed. In future we could also normalize the UTF8 too. By doing this
* comparison of Name structures can be rapidly perfomed by just using
- * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
- * constraints of type dirName can also be checked with a simple memcmp().
+ * OPENSSL_memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple OPENSSL_memcmp().
*/
static int x509_name_canon(X509_NAME *a)
diff --git a/src/crypto/x509/x_pkey.c b/src/crypto/x509/x_pkey.c
index fc44595..8231a24 100644
--- a/src/crypto/x509/x_pkey.c
+++ b/src/crypto/x509/x_pkey.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
+
X509_PKEY *X509_PKEY_new(void)
{
X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY));
@@ -70,7 +73,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(ret, 0, sizeof(X509_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(X509_PKEY));
ret->enc_algor = X509_ALGOR_new();
if (ret->enc_algor == NULL)
diff --git a/src/crypto/x509v3/pcy_tree.c b/src/crypto/x509v3/pcy_tree.c
index a13a4fa..a588107 100644
--- a/src/crypto/x509v3/pcy_tree.c
+++ b/src/crypto/x509v3/pcy_tree.c
@@ -66,6 +66,7 @@
#include <openssl/x509v3.h>
#include "pcy_int.h"
+#include "../internal.h"
/*
* Enable this to print out the complete policy tree at various point during
@@ -238,7 +239,7 @@
return 0;
}
- memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
+ OPENSSL_memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
tree->nlevel = n;
diff --git a/src/crypto/x509v3/v3_ia5.c b/src/crypto/x509v3/v3_ia5.c
index 6fc6b59..6b2056d 100644
--- a/src/crypto/x509v3/v3_ia5.c
+++ b/src/crypto/x509v3/v3_ia5.c
@@ -67,6 +67,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
ASN1_IA5STRING *ia5);
static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
@@ -92,7 +95,7 @@
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memcpy(tmp, ia5->data, ia5->length);
+ OPENSSL_memcpy(tmp, ia5->data, ia5->length);
tmp[ia5->length] = 0;
return tmp;
}
diff --git a/src/crypto/x509v3/v3_ncons.c b/src/crypto/x509v3/v3_ncons.c
index 368ad27..fc2843e 100644
--- a/src/crypto/x509v3/v3_ncons.c
+++ b/src/crypto/x509v3/v3_ncons.c
@@ -65,6 +65,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
@@ -365,7 +368,7 @@
return X509_V_ERR_OUT_OF_MEM;
if (base->canon_enclen > nm->canon_enclen)
return X509_V_ERR_PERMITTED_VIOLATION;
- if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+ if (OPENSSL_memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
return X509_V_ERR_PERMITTED_VIOLATION;
return X509_V_OK;
}
diff --git a/src/crypto/x509v3/v3_pci.c b/src/crypto/x509v3/v3_pci.c
index 220f65e..68dca5e 100644
--- a/src/crypto/x509v3/v3_pci.c
+++ b/src/crypto/x509v3/v3_pci.c
@@ -44,6 +44,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
BIO *out, int indent);
static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
@@ -133,7 +136,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
tmp_data2, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
@@ -171,7 +174,7 @@
break;
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length], buf, n);
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length], buf, n);
(*policy)->length += n;
(*policy)->data[(*policy)->length] = '\0';
}
@@ -188,7 +191,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
val->value + 5, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c
index a238a20..b603274 100644
--- a/src/crypto/x509v3/v3_utl.c
+++ b/src/crypto/x509v3/v3_utl.c
@@ -71,6 +71,8 @@
#include <openssl/x509v3.h>
#include "../conf/internal.h"
+#include "../internal.h"
+
static char *strip_spaces(char *name);
static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b);
@@ -690,7 +692,7 @@
return 1;
}
-/* Compare using memcmp. */
+/* Compare using OPENSSL_memcmp. */
static int equal_case(const unsigned char *pattern, size_t pattern_len,
const unsigned char *subject, size_t subject_len,
unsigned int flags)
@@ -698,7 +700,7 @@
skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
if (pattern_len != subject_len)
return 0;
- return !memcmp(pattern, subject, pattern_len);
+ return !OPENSSL_memcmp(pattern, subject, pattern_len);
}
/*
@@ -909,7 +911,7 @@
return 0;
if (cmp_type == V_ASN1_IA5STRING)
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
- else if (a->length == (int)blen && !memcmp(a->data, b, blen))
+ else if (a->length == (int)blen && !OPENSSL_memcmp(a->data, b, blen))
rv = 1;
if (rv > 0 && peername)
*peername = BUF_strndup((char *)a->data, a->length);
@@ -1014,7 +1016,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
}
@@ -1024,7 +1026,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
}
@@ -1213,16 +1215,16 @@
if (v6stat.zero_pos >= 0) {
/* Copy initial part */
- memcpy(v6, v6stat.tmp, v6stat.zero_pos);
+ OPENSSL_memcpy(v6, v6stat.tmp, v6stat.zero_pos);
/* Zero middle */
- memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
+ OPENSSL_memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
/* Copy final part */
if (v6stat.total != v6stat.zero_pos)
- memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
- v6stat.tmp + v6stat.zero_pos,
- v6stat.total - v6stat.zero_pos);
+ OPENSSL_memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+ v6stat.tmp + v6stat.zero_pos,
+ v6stat.total - v6stat.zero_pos);
} else
- memcpy(v6, v6stat.tmp, 16);
+ OPENSSL_memcpy(v6, v6stat.tmp, 16);
return 1;
}
diff --git a/src/crypto/x509v3/v3name_test.c b/src/crypto/x509v3/v3name_test.c
index dadf488..959b924 100644
--- a/src/crypto/x509v3/v3name_test.c
+++ b/src/crypto/x509v3/v3name_test.c
@@ -62,6 +62,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static const char *const names[] = {
"a", "b", ".", "*", "@",
".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
@@ -334,7 +337,7 @@
size_t namelen = strlen(*pname);
char *name = malloc(namelen);
int match, ret;
- memcpy(name, *pname, namelen);
+ OPENSSL_memcpy(name, *pname, namelen);
ret = X509_check_host(crt, name, namelen, 0, NULL);
match = -1;