| # |
| # format: tab-separated values |
| # <feature> <name> <oid> <short name> <description> |
| # |
| # if <name> is "" then no constant will be written |
| # |
| |
| x509 OID_DOMAIN_COMPONENT 0.9.2342.19200300.100.1.25 domainComponent Domain component |
| |
| x962 OID_KEY_TYPE_EC_PUBLIC_KEY 1.2.840.10045.2.1 id-ecPublicKey Elliptic curve public key cryptography |
| |
| x962 OID_SIG_ECDSA_WITH_SHA224 1.2.840.10045.4.3.1 ecdsa-with-SHA224 Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure Hash Algorithm 224 (SHA224) algorithm |
| x962 OID_SIG_ECDSA_WITH_SHA256 1.2.840.10045.4.3.2 ecdsa-with-SHA256 Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure Hash Algorithm 256 (SHA256) algorithm |
| x962 OID_SIG_ECDSA_WITH_SHA384 1.2.840.10045.4.3.3 ecdsa-with-SHA384 Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure Hash Algorithm 384 (SHA384) algorithm |
| x962 OID_SIG_ECDSA_WITH_SHA512 1.2.840.10045.4.3.4 ecdsa-with-SHA512 Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure Hash Algorithm 512 (SHA512) algorithm |
| |
| x962 OID_EC_P256 1.2.840.10045.3.1.7 prime256v1 P-256 elliptic curve parameter |
| |
| pkcs1 OID_PKCS1_RSAENCRYPTION 1.2.840.113549.1.1.1 rsaEncryption RSAES-PKCS1-v1_5 encryption scheme |
| pkcs1 OID_PKCS1_MD2WITHRSAENC 1.2.840.113549.1.1.2 md2WithRSAEncryption MD2 with RSA encryption |
| pkcs1 OID_PKCS1_MD4WITHRSAENC 1.2.840.113549.1.1.3 md4WithRSAEncryption MD4 with RSA encryption |
| pkcs1 OID_PKCS1_MD5WITHRSAENC 1.2.840.113549.1.1.4 md5WithRSAEncryption MD5 with RSA encryption |
| pkcs1 OID_PKCS1_SHA1WITHRSA 1.2.840.113549.1.1.5 sha1WithRSAEncryption SHA1 with RSA encryption |
| |
| pkcs1 OID_PKCS1_RSASSAPSS 1.2.840.113549.1.1.10 rsassa-pss RSA Signature Scheme with Probabilistic Signature Scheme (RSASSA-PSS) |
| pkcs1 OID_PKCS1_SHA256WITHRSA 1.2.840.113549.1.1.11 sha256WithRSAEncryption SHA256 with RSA encryption |
| pkcs1 OID_PKCS1_SHA384WITHRSA 1.2.840.113549.1.1.12 sha384WithRSAEncryption SHA384 with RSA encryption |
| pkcs1 OID_PKCS1_SHA512WITHRSA 1.2.840.113549.1.1.13 sha512WithRSAEncryption SHA512 with RSA encryption |
| pkcs1 OID_PKCS1_SHA224WITHRSA 1.2.840.113549.1.1.14 sha224WithRSAEncryption SHA224 with RSA encryption |
| |
| pkcs7 OID_PKCS7_ID_DATA 1.2.840.113549.1.7.1 pkcs7-data pkcs7-data |
| pkcs7 OID_PKCS7_ID_SIGNED_DATA 1.2.840.113549.1.7.2 pkcs7-signedData PKCS#7 Signed Data |
| pkcs7 OID_PKCS7_ID_ENVELOPED_DATA 1.2.840.113549.1.7.3 pkcs7-envelopedData PKCS#7 Enveloped Data |
| pkcs7 OID_PKCS7_ID_SIGNED_ENVELOPED_DATA 1.2.840.113549.1.7.4 pkcs7-signedAndEnvelopedData PKCS#7 Signed and Enveloped Data |
| pkcs7 OID_PKCS7_ID_DIGESTED_DATA 1.2.840.113549.1.7.5 pkcs7-digestedData PKCS#7 Digested Data |
| pkcs7 OID_PKCS7_ID_ENCRYPTED_DATA 1.2.840.113549.1.7.6 pkcs7-encryptedData PKCS#7 Encrypted Data |
| |
| pkcs9 OID_PKCS9_EMAIL_ADDRESS 1.2.840.113549.1.9.1 emailAddress Email Address attribute for use in signatures |
| pkcs9 OID_PKCS9_UNSTRUCTURED_NAME 1.2.840.113549.1.9.2 unstructuredName PKCS#9 unstructuredName |
| pkcs9 OID_PKCS9_CONTENT_TYPE 1.2.840.113549.1.9.3 contentType id-contentType |
| pkcs9 OID_PKCS9_ID_MESSAGE_DIGEST 1.2.840.113549.1.9.4 id-messageDigest id-messageDigest |
| pkcs9 OID_PKCS9_SIGNING_TIME 1.2.840.113549.1.9.5 signing-time id-signingTime |
| |
| pkcs9 OID_PKCS9_EXTENSION_REQUEST 1.2.840.113549.1.9.14 extensionRequest Extension list for Certification Requests |
| pkcs9 OID_PKCS9_SMIME_CAPABILITIES 1.2.840.113549.1.9.15 smimeCapabilities aa-smimeCapabilities |
| |
| pkcs12 OID_PKCS12 1.2.840.113549.1.12 pkcs-12 Public-Key Cryptography Standard (PKCS) #12 |
| pkcs12 OID_PKCS12_PBEIDS 1.2.840.113549.1.12.1 pkcs-12PbeIds PKCS #12 Password Based Encryption IDs |
| pkcs12 OID_PKCS12_PBE_SHA1_128RC4 1.2.840.113549.1.12.1.1 pbeWithSHAAnd128BitRC4 PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4 |
| pkcs12 OID_PKCS12_PBE_SHA1_40RC4 1.2.840.113549.1.12.1.2 pbeWithSHAAnd40BitRC4 PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4 |
| pkcs12 OID_PKCS12_PBE_SHA1_3K_3DES_CBC 1.2.840.113549.1.12.1.3 pbeWithSHAAnd3-KeyTripleDES-CBC PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES in CBC mode |
| pkcs12 OID_PKCS12_PBE_SHA1_2K_3DES_CBC 1.2.840.113549.1.12.1.4 pbeWithSHAAnd2-KeyTripleDES-CBC PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES in CBC mode |
| pkcs12 OID_PKCS12_PBE_SHA1_128RC2_CBC 1.2.840.113549.1.12.1.5 pbeWithSHAAnd128BitRC2-CBC PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC |
| pkcs12 OID_PKCS12_PBE_SHA1_40RC2_CBC 1.2.840.113549.1.12.1.6 pbeWithSHAAnd40BitRC2-CBC PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC |
| |
| x509 OID_SIG_ED25519 1.3.101.112 ed25519 Edwards-curve Digital Signature Algorithm (EdDSA) Ed25519 |
| x509 OID_SIG_ED448 1.3.101.113 ed448 Edwards-curve Digital Signature Algorithm (EdDSA) Ed448 |
| |
| nist-algs OID_NIST_EC_P384 1.3.132.0.34 secp384r1 P-384 elliptic curve parameter |
| nist-algs OID_NIST_EC_P521 1.3.132.0.35 secp521r1 P-521 elliptic curve parameter |
| |
| kdf OID_KDF_SHA1_SINGLE 1.3.133.16.840.63.0.2 dhSinglePass-stdDH-sha1kdf-scheme Single pass Secure Hash Algorithm 1 (SHA1) key derivation |
| |
| ms-spc SPC_INDIRECT_DATA_OBJID 1.3.6.1.4.1.311.2.1.4 spcIndirectData The SPC_INDIRECT_DATA_CONTENT structure is used in Authenticode signatures to store the digest and other attributes of the signed file |
| ms-spc SPC_STATEMENT_TYPE_OBJID 1.3.6.1.4.1.311.2.1.11 spcStatementType spcStatementType |
| ms-spc SPC_SP_OPUS_INFO_OBJID 1.3.6.1.4.1.311.2.1.12 spcSpOpusInfo SpcSpOpusInfo |
| ms-spc SPC_PE_IMAGE_DATA 1.3.6.1.4.1.311.2.1.15 spcPEImageData spcPEImageData |
| ms-spc SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID 1.3.6.1.4.1.311.2.1.21 msCodeInd MsCodeInd (SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID) is a ExtendedKeyUsage for Certificate Extensions which indicates Microsoft Individual Code Signing (authenticode) |
| |
| ms-spc MS_CTL 1.3.6.1.4.1.311.10.1 szOID_CTL MS_CTL |
| |
| # Certificate Transparency: https://tools.ietf.org/html/rfc6962#section-3.3 |
| x509 OID_CT_LIST_SCT 1.3.6.1.4.1.11129.2.4.2 ctSCTList Certificate Transparency Signed Certificate Timestamp List |
| |
| # PKIX Certificate Extension |
| # https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#smi-numbers-1.3.6.1.5.5.7.1 |
| x509 OID_PKIX_AUTHORITY_INFO_ACCESS 1.3.6.1.5.5.7.1.1 authorityInfoAccess Certificate Authority Information Access |
| |
| # PKIX Access Descriptor |
| # https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#smi-numbers-1.3.6.1.5.5.7.48 |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_OCSP 1.3.6.1.5.5.7.48.1 id-ad-ocsp PKIX Access Descriptor OCSP |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_CA_ISSUERS 1.3.6.1.5.5.7.48.2 id-ad-caIssuers PKIX Access Descriptor CA Issuers |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_TIMESTAMPING 1.3.6.1.5.5.7.48.3 id-ad-timestamping PKIX Access Descriptor Timestamping |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_DVCS 1.3.6.1.5.5.7.48.4 id-ad-dvcs PKIX Access Descriptor DVCS |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_CA_REPOSITORY 1.3.6.1.5.5.7.48.5 id-ad-caRepository PKIX Access Descriptor CA Repository |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_HTTP_CERTS 1.3.6.1.5.5.7.48.6 id-ad-http-certs PKIX Access Descriptor HTTP Certificates |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_HTTP_CRLS 1.3.6.1.5.5.7.48.7 id-ad-http-crls PKIX Access Descriptor HTTP Certificate Revocation Lists |
| # |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_RPKI_MANIFEST 1.3.6.1.5.5.7.48.10 id-ad-rpki-manifest PKIX Access Descriptor RPKI Manifest |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_SIGNED_OBJECT 1.3.6.1.5.5.7.48.11 id-ad-signed-object PKIX Access Descriptor Signed Object |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_CMC 1.3.6.1.5.5.7.48.12 id-ad-cmc PKIX Access Descriptor CMC |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_RPKI_NOTIFY 1.3.6.1.5.5.7.48.13 id-ad-rpki-notify PKIX Access Descriptor RPKI Notify |
| x509 OID_PKIX_ACCESS_DESCRIPTOR_STIRTNLIST 1.3.6.1.5.5.7.48.14 id-ad-stirTNList PKIX Access Descriptor STIRTNLIST |
| |
| nist-algs OID_HASH_SHA1 1.3.14.3.2.26 id-SHA1 SHA-1 hash algorithm |
| |
| x500 OID_X500 2.5 x500 X.500 |
| x509 OID_X509 2.5.4 x509 X.509 |
| x509 OID_X509_OBJECT_CLASS 2.5.4.0 objectClass Object classes |
| x509 OID_X509_ALIASED_ENTRY_NAME 2.5.4.1 aliasedEntryName Aliased entry/object name |
| x509 OID_X509_KNOWLEDGE_INFORMATION 2.5.4.2 knowledgeInformation 'knowledgeInformation' attribute type |
| x509 OID_X509_COMMON_NAME 2.5.4.3 commonName Common Name |
| x509 OID_X509_SURNAME 2.5.4.4 surname Surname |
| x509 OID_X509_SERIALNUMBER 2.5.4.5 serialNumber Serial Number |
| x509 OID_X509_COUNTRY_NAME 2.5.4.6 countryName Country Name |
| x509 OID_X509_LOCALITY_NAME 2.5.4.7 localityName Locality Name |
| x509 OID_X509_STATE_OR_PROVINCE_NAME 2.5.4.8 stateOrProvinceName State or Province name |
| x509 OID_X509_STREET_ADDRESS 2.5.4.9 streetAddress Street Address |
| x509 OID_X509_ORGANIZATION_NAME 2.5.4.10 organizationName Organization Name |
| x509 OID_X509_ORGANIZATIONAL_UNIT 2.5.4.11 organizationalUnit Organizational Unit |
| x509 OID_X509_TITLE 2.5.4.12 title Title |
| x509 OID_X509_DESCRIPTION 2.5.4.13 description Description |
| x509 OID_X509_SEARCH_GUIDE 2.5.4.14 searchGuide Search Guide |
| x509 OID_X509_BUSINESS_CATEGORY 2.5.4.15 businessCategory Business Category |
| x509 OID_X509_POSTAL_ADDRESS 2.5.4.16 postalAddress Postal Address |
| x509 OID_X509_POSTAL_CODE 2.5.4.17 postalCode Postal Code |
| # |
| x509 OID_X509_NAME 2.5.4.41 name Name |
| x509 OID_X509_GIVEN_NAME 2.5.4.42 givenName Given Name |
| # |
| x509 OID_X509_UNIQUE_IDENTIFIER 2.5.4.45 uniqueIdentifier Bit String Unique Identifier |
| |
| # https://www.alvestrand.no/objectid/2.5.29.html |
| x509 OID_X509_EXT_SUBJECT_KEY_IDENTIFIER 2.5.29.14 subjectKeyIdentifier X509v3 Subject Key Identifier |
| x509 OID_X509_EXT_KEY_USAGE 2.5.29.15 keyUsage X509v3 Key Usage |
| x509 OID_X509_EXT_PRIVATE_KEY_USAGE_PERIOD 2.5.29.16 privateKeyUsagePeriod X509v3 Private Key Usage Period |
| x509 OID_X509_EXT_SUBJECT_ALT_NAME 2.5.29.17 subjectAltName X509v3 Subject Alternative Name |
| x509 OID_X509_EXT_ISSUER_ALT_NAME 2.5.29.18 issuerAltName X509v3 Issuer Alternative Name |
| x509 OID_X509_EXT_BASIC_CONSTRAINTS 2.5.29.19 basicConstraints X509v3 Basic Constraints |
| x509 OID_X509_EXT_CRL_NUMBER 2.5.29.20 crlNumber X509v3 CRL Number |
| x509 OID_X509_EXT_REASON_CODE 2.5.29.21 reasonCode X509v3 Reason Code |
| # no 2.5.29.22 |
| x509 OID_X509_EXT_HOLD_INSTRUCTION_CODE 2.5.29.23 holdInstructionCode X509v3 Hold Instruction Code |
| x509 OID_X509_EXT_INVALIDITY_DATE 2.5.29.24 invalidityDate X509v3 Invalidity Date |
| # no 2.5.29.25 2.5.29.26 |
| x509 OID_X509_EXT_DELTA_CRL_INDICATOR 2.5.29.27 deltaCRLIndicator X509v3 Delta CRL Indicator |
| x509 OID_X509_EXT_ISSUER_DISTRIBUTION_POINT 2.5.29.28 issuerDistributionPoint X509v3 Issuer Distribution Point |
| x509 OID_X509_EXT_ISSUER 2.5.29.29 issuer X509v3 Issuer |
| x509 OID_X509_EXT_NAME_CONSTRAINTS 2.5.29.30 nameConstraints X509v3 Name Constraints |
| x509 OID_X509_EXT_CRL_DISTRIBUTION_POINTS 2.5.29.31 crlDistributionPoints X509v3 CRL Distribution Points |
| x509 OID_X509_EXT_CERTIFICATE_POLICIES 2.5.29.32 certificatePolicies X509v3 Certificate Policies |
| x509 OID_X509_EXT_POLICY_MAPPINGS 2.5.29.33 policyMappings X509v3 Policy Mappings |
| # no 2.5.29.34 |
| x509 OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER 2.5.29.35 authorityKeyIdentifier X509v3 Authority Key Identifier |
| x509 OID_X509_EXT_POLICY_CONSTRAINTS 2.5.29.36 policyConstraints X509v3 Policy Constraints |
| x509 OID_X509_EXT_EXTENDED_KEY_USAGE 2.5.29.37 extendedKeyUsage X509v3 Extended Key Usage |
| # |
| x509 OID_X509_EXT_FRESHEST_CRL 2.5.29.46 freshestCRL X509v3 Freshest CRL |
| # |
| x509 OID_X509_EXT_INHIBITANT_ANY_POLICY 2.5.29.54 inhibitantAnyPolicy X509v3 Inhibit Any-policy |
| |
| nist-algs OID_NIST_ENC_AES256_CBC 2.16.840.1.101.3.4.1.42 aes-256-cbc 256-bit Advanced Encryption Standard (AES) algorithm with Cipher-Block Chaining (CBC) mode of operation |
| |
| nist-algs OID_NIST_HASH_SHA256 2.16.840.1.101.3.4.2.1 sha256 Secure Hash Algorithm that uses a 256 bit key (SHA256) |
| nist-algs OID_NIST_HASH_SHA384 2.16.840.1.101.3.4.2.2 sha384 Secure Hash Algorithm that uses a 384 bit key (SHA384) |
| nist-algs OID_NIST_HASH_SHA512 2.16.840.1.101.3.4.2.3 sha512 Secure Hash Algorithm that uses a 512 bit key (SHA512) |
| |
| x509 OID_X509_EXT_CERT_TYPE 2.16.840.1.113730.1.1 nsCertType X.509 v3 Certificate Type |