You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

170 lines
6.3 KiB

4 years ago
  1. /**
  2. * Object IDs for ASN.1.
  3. *
  4. * @author Dave Longley
  5. *
  6. * Copyright (c) 2010-2013 Digital Bazaar, Inc.
  7. */
  8. var forge = require('./forge');
  9. forge.pki = forge.pki || {};
  10. var oids = module.exports = forge.pki.oids = forge.oids = forge.oids || {};
  11. // set id to name mapping and name to id mapping
  12. function _IN(id, name) {
  13. oids[id] = name;
  14. oids[name] = id;
  15. }
  16. // set id to name mapping only
  17. function _I_(id, name) {
  18. oids[id] = name;
  19. }
  20. // algorithm OIDs
  21. _IN('1.2.840.113549.1.1.1', 'rsaEncryption');
  22. // Note: md2 & md4 not implemented
  23. //_IN('1.2.840.113549.1.1.2', 'md2WithRSAEncryption');
  24. //_IN('1.2.840.113549.1.1.3', 'md4WithRSAEncryption');
  25. _IN('1.2.840.113549.1.1.4', 'md5WithRSAEncryption');
  26. _IN('1.2.840.113549.1.1.5', 'sha1WithRSAEncryption');
  27. _IN('1.2.840.113549.1.1.7', 'RSAES-OAEP');
  28. _IN('1.2.840.113549.1.1.8', 'mgf1');
  29. _IN('1.2.840.113549.1.1.9', 'pSpecified');
  30. _IN('1.2.840.113549.1.1.10', 'RSASSA-PSS');
  31. _IN('1.2.840.113549.1.1.11', 'sha256WithRSAEncryption');
  32. _IN('1.2.840.113549.1.1.12', 'sha384WithRSAEncryption');
  33. _IN('1.2.840.113549.1.1.13', 'sha512WithRSAEncryption');
  34. // Edwards-curve Digital Signature Algorithm (EdDSA) Ed25519
  35. _IN('1.3.101.112', 'EdDSA25519');
  36. _IN('1.2.840.10040.4.3', 'dsa-with-sha1');
  37. _IN('1.3.14.3.2.7', 'desCBC');
  38. _IN('1.3.14.3.2.26', 'sha1');
  39. _IN('2.16.840.1.101.3.4.2.1', 'sha256');
  40. _IN('2.16.840.1.101.3.4.2.2', 'sha384');
  41. _IN('2.16.840.1.101.3.4.2.3', 'sha512');
  42. _IN('1.2.840.113549.2.5', 'md5');
  43. // pkcs#7 content types
  44. _IN('1.2.840.113549.1.7.1', 'data');
  45. _IN('1.2.840.113549.1.7.2', 'signedData');
  46. _IN('1.2.840.113549.1.7.3', 'envelopedData');
  47. _IN('1.2.840.113549.1.7.4', 'signedAndEnvelopedData');
  48. _IN('1.2.840.113549.1.7.5', 'digestedData');
  49. _IN('1.2.840.113549.1.7.6', 'encryptedData');
  50. // pkcs#9 oids
  51. _IN('1.2.840.113549.1.9.1', 'emailAddress');
  52. _IN('1.2.840.113549.1.9.2', 'unstructuredName');
  53. _IN('1.2.840.113549.1.9.3', 'contentType');
  54. _IN('1.2.840.113549.1.9.4', 'messageDigest');
  55. _IN('1.2.840.113549.1.9.5', 'signingTime');
  56. _IN('1.2.840.113549.1.9.6', 'counterSignature');
  57. _IN('1.2.840.113549.1.9.7', 'challengePassword');
  58. _IN('1.2.840.113549.1.9.8', 'unstructuredAddress');
  59. _IN('1.2.840.113549.1.9.14', 'extensionRequest');
  60. _IN('1.2.840.113549.1.9.20', 'friendlyName');
  61. _IN('1.2.840.113549.1.9.21', 'localKeyId');
  62. _IN('1.2.840.113549.1.9.22.1', 'x509Certificate');
  63. // pkcs#12 safe bags
  64. _IN('1.2.840.113549.1.12.10.1.1', 'keyBag');
  65. _IN('1.2.840.113549.1.12.10.1.2', 'pkcs8ShroudedKeyBag');
  66. _IN('1.2.840.113549.1.12.10.1.3', 'certBag');
  67. _IN('1.2.840.113549.1.12.10.1.4', 'crlBag');
  68. _IN('1.2.840.113549.1.12.10.1.5', 'secretBag');
  69. _IN('1.2.840.113549.1.12.10.1.6', 'safeContentsBag');
  70. // password-based-encryption for pkcs#12
  71. _IN('1.2.840.113549.1.5.13', 'pkcs5PBES2');
  72. _IN('1.2.840.113549.1.5.12', 'pkcs5PBKDF2');
  73. _IN('1.2.840.113549.1.12.1.1', 'pbeWithSHAAnd128BitRC4');
  74. _IN('1.2.840.113549.1.12.1.2', 'pbeWithSHAAnd40BitRC4');
  75. _IN('1.2.840.113549.1.12.1.3', 'pbeWithSHAAnd3-KeyTripleDES-CBC');
  76. _IN('1.2.840.113549.1.12.1.4', 'pbeWithSHAAnd2-KeyTripleDES-CBC');
  77. _IN('1.2.840.113549.1.12.1.5', 'pbeWithSHAAnd128BitRC2-CBC');
  78. _IN('1.2.840.113549.1.12.1.6', 'pbewithSHAAnd40BitRC2-CBC');
  79. // hmac OIDs
  80. _IN('1.2.840.113549.2.7', 'hmacWithSHA1');
  81. _IN('1.2.840.113549.2.8', 'hmacWithSHA224');
  82. _IN('1.2.840.113549.2.9', 'hmacWithSHA256');
  83. _IN('1.2.840.113549.2.10', 'hmacWithSHA384');
  84. _IN('1.2.840.113549.2.11', 'hmacWithSHA512');
  85. // symmetric key algorithm oids
  86. _IN('1.2.840.113549.3.7', 'des-EDE3-CBC');
  87. _IN('2.16.840.1.101.3.4.1.2', 'aes128-CBC');
  88. _IN('2.16.840.1.101.3.4.1.22', 'aes192-CBC');
  89. _IN('2.16.840.1.101.3.4.1.42', 'aes256-CBC');
  90. // certificate issuer/subject OIDs
  91. _IN('2.5.4.3', 'commonName');
  92. _IN('2.5.4.5', 'serialName');
  93. _IN('2.5.4.6', 'countryName');
  94. _IN('2.5.4.7', 'localityName');
  95. _IN('2.5.4.8', 'stateOrProvinceName');
  96. _IN('2.5.4.9', 'streetAddress');
  97. _IN('2.5.4.10', 'organizationName');
  98. _IN('2.5.4.11', 'organizationalUnitName');
  99. _IN('2.5.4.13', 'description');
  100. _IN('2.5.4.15', 'businessCategory');
  101. _IN('2.5.4.17', 'postalCode');
  102. _IN('1.3.6.1.4.1.311.60.2.1.2', 'jurisdictionOfIncorporationStateOrProvinceName');
  103. _IN('1.3.6.1.4.1.311.60.2.1.3', 'jurisdictionOfIncorporationCountryName');
  104. // X.509 extension OIDs
  105. _IN('2.16.840.1.113730.1.1', 'nsCertType');
  106. _IN('2.16.840.1.113730.1.13', 'nsComment'); // deprecated in theory; still widely used
  107. _I_('2.5.29.1', 'authorityKeyIdentifier'); // deprecated, use .35
  108. _I_('2.5.29.2', 'keyAttributes'); // obsolete use .37 or .15
  109. _I_('2.5.29.3', 'certificatePolicies'); // deprecated, use .32
  110. _I_('2.5.29.4', 'keyUsageRestriction'); // obsolete use .37 or .15
  111. _I_('2.5.29.5', 'policyMapping'); // deprecated use .33
  112. _I_('2.5.29.6', 'subtreesConstraint'); // obsolete use .30
  113. _I_('2.5.29.7', 'subjectAltName'); // deprecated use .17
  114. _I_('2.5.29.8', 'issuerAltName'); // deprecated use .18
  115. _I_('2.5.29.9', 'subjectDirectoryAttributes');
  116. _I_('2.5.29.10', 'basicConstraints'); // deprecated use .19
  117. _I_('2.5.29.11', 'nameConstraints'); // deprecated use .30
  118. _I_('2.5.29.12', 'policyConstraints'); // deprecated use .36
  119. _I_('2.5.29.13', 'basicConstraints'); // deprecated use .19
  120. _IN('2.5.29.14', 'subjectKeyIdentifier');
  121. _IN('2.5.29.15', 'keyUsage');
  122. _I_('2.5.29.16', 'privateKeyUsagePeriod');
  123. _IN('2.5.29.17', 'subjectAltName');
  124. _IN('2.5.29.18', 'issuerAltName');
  125. _IN('2.5.29.19', 'basicConstraints');
  126. _I_('2.5.29.20', 'cRLNumber');
  127. _I_('2.5.29.21', 'cRLReason');
  128. _I_('2.5.29.22', 'expirationDate');
  129. _I_('2.5.29.23', 'instructionCode');
  130. _I_('2.5.29.24', 'invalidityDate');
  131. _I_('2.5.29.25', 'cRLDistributionPoints'); // deprecated use .31
  132. _I_('2.5.29.26', 'issuingDistributionPoint'); // deprecated use .28
  133. _I_('2.5.29.27', 'deltaCRLIndicator');
  134. _I_('2.5.29.28', 'issuingDistributionPoint');
  135. _I_('2.5.29.29', 'certificateIssuer');
  136. _I_('2.5.29.30', 'nameConstraints');
  137. _IN('2.5.29.31', 'cRLDistributionPoints');
  138. _IN('2.5.29.32', 'certificatePolicies');
  139. _I_('2.5.29.33', 'policyMappings');
  140. _I_('2.5.29.34', 'policyConstraints'); // deprecated use .36
  141. _IN('2.5.29.35', 'authorityKeyIdentifier');
  142. _I_('2.5.29.36', 'policyConstraints');
  143. _IN('2.5.29.37', 'extKeyUsage');
  144. _I_('2.5.29.46', 'freshestCRL');
  145. _I_('2.5.29.54', 'inhibitAnyPolicy');
  146. // extKeyUsage purposes
  147. _IN('1.3.6.1.4.1.11129.2.4.2', 'timestampList');
  148. _IN('1.3.6.1.5.5.7.1.1', 'authorityInfoAccess');
  149. _IN('1.3.6.1.5.5.7.3.1', 'serverAuth');
  150. _IN('1.3.6.1.5.5.7.3.2', 'clientAuth');
  151. _IN('1.3.6.1.5.5.7.3.3', 'codeSigning');
  152. _IN('1.3.6.1.5.5.7.3.4', 'emailProtection');
  153. _IN('1.3.6.1.5.5.7.3.8', 'timeStamping');