mirror of
https://github.com/openssl/openssl.git
synced 2025-01-30 14:01:55 +08:00
36a2a551d7
We separate out the NIST arc OIDs to a separate file, so it can be re-used, and also the DIGEST OIDs. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11710)
98 lines
3.3 KiB
Groff
98 lines
3.3 KiB
Groff
-- -------------------------------------------------------------------
|
|
-- Taken from RFC 8017, Appendix C
|
|
-- (https://www.rfc-editor.org/rfc/rfc8017.html#appendix-C)
|
|
|
|
-- ============================
|
|
-- Basic object identifiers
|
|
-- ============================
|
|
|
|
-- The DER encoding of this in hexadecimal is:
|
|
-- (0x)06 08
|
|
-- 2A 86 48 86 F7 0D 01 01
|
|
--
|
|
pkcs-1 OBJECT IDENTIFIER ::= {
|
|
iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1
|
|
}
|
|
|
|
--
|
|
-- When rsaEncryption is used in an AlgorithmIdentifier,
|
|
-- the parameters MUST be present and MUST be NULL.
|
|
--
|
|
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
|
|
|
|
--
|
|
-- When id-RSAES-OAEP is used in an AlgorithmIdentifier, the
|
|
-- parameters MUST be present and MUST be RSAES-OAEP-params.
|
|
--
|
|
id-RSAES-OAEP OBJECT IDENTIFIER ::= { pkcs-1 7 }
|
|
|
|
--
|
|
-- When id-pSpecified is used in an AlgorithmIdentifier, the
|
|
-- parameters MUST be an OCTET STRING.
|
|
--
|
|
id-pSpecified OBJECT IDENTIFIER ::= { pkcs-1 9 }
|
|
|
|
--
|
|
-- When id-RSASSA-PSS is used in an AlgorithmIdentifier, the
|
|
-- parameters MUST be present and MUST be RSASSA-PSS-params.
|
|
--
|
|
id-RSASSA-PSS OBJECT IDENTIFIER ::= { pkcs-1 10 }
|
|
|
|
--
|
|
-- When the following OIDs are used in an AlgorithmIdentifier,
|
|
-- the parameters MUST be present and MUST be NULL.
|
|
--
|
|
md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
|
|
md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 }
|
|
sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
|
|
sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 }
|
|
sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 }
|
|
sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 }
|
|
sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 }
|
|
sha512-224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 15 }
|
|
sha512-256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 16 }
|
|
|
|
--
|
|
-- This OID really belongs in a module with the secsig OIDs.
|
|
--
|
|
id-sha1 OBJECT IDENTIFIER ::= {
|
|
iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2)
|
|
26
|
|
}
|
|
|
|
--
|
|
-- OIDs for MD2 and MD5, allowed only in EMSA-PKCS1-v1_5.
|
|
--
|
|
id-md2 OBJECT IDENTIFIER ::= {
|
|
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2
|
|
}
|
|
|
|
id-md5 OBJECT IDENTIFIER ::= {
|
|
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5
|
|
}
|
|
|
|
--
|
|
-- When id-mgf1 is used in an AlgorithmIdentifier, the parameters
|
|
-- MUST be present and MUST be a HashAlgorithm, for example, sha1.
|
|
--
|
|
id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 }
|
|
|
|
-- -------------------------------------------------------------------
|
|
-- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
|
|
|
|
id-rsassa-pkcs1-v1_5-with-sha3-224 OBJECT IDENTIFIER ::= { sigAlgs 13 }
|
|
id-rsassa-pkcs1-v1_5-with-sha3-256 OBJECT IDENTIFIER ::= { sigAlgs 14 }
|
|
id-rsassa-pkcs1-v1_5-with-sha3-384 OBJECT IDENTIFIER ::= { sigAlgs 15 }
|
|
id-rsassa-pkcs1-v1_5-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 16 }
|
|
|
|
|
|
-- -------------------------------------------------------------------
|
|
-- These OID's exist in the codebase but may need to be deprecated at some point.
|
|
-- mdc2 and md5_sha1 have been omitted as they do not look like valid entries.
|
|
|
|
md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 }
|
|
|
|
ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= {
|
|
iso(1) identified-organization(3) teletrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) 2
|
|
}
|