Oject Identifiers for various ASN.1 Objects -- January 1999

For more OIDs, see the unofficial OID tree.

these were veried against pkcs's, x509, x500*, rfcs, drafts, and
the occasional other weird document published someplace or other.

1	iso
2       joint-iso-ccitt

1 3 6   dod
1 3 6 1 internet
1 3 6 1 5 security
1 3 6 1 5 mechanisms
1 3 6 1 5 7 pkix

1 2	member-body
1 3	identified-organization

1 2 840	us
1 2 840 113549		 rsadsi	
1 2 840 113549 1	 pkcs

1 2 840 113549 1 11	 pkcs-11
1 2 840 113549 1 12	 pkcs-12

1 2 840 113549 1 1	 pkcs-1
1 2 840 113549 1 1 1	 rsaEncryption
1 2 840 113549 1 1 2	 md2withRSAEncryption
1 2 840 113549 1 1 4	 md5withRSAEncryption
1 2 840 113549 1 1 5	 sha1WithRSAEncryption

1 2 840 113549 1 9	pkcs-9
1 2 840 113549 1 9 1    emailAddress
1 2 840 113549 1 9 2    unstructuredName
1 2 840 113549 1 9 3    contentType
1 2 840 113549 1 9 4    messageDigest
1 2 840 113549 1 9 5    signingTime
1 2 840 113549 1 9 6    countersignature
1 2 840 113549 1 9 7    challengePassword
1 2 840 113549 1 9 8    unstructuredAddress
1 2 840 113549 1 9 9    extendedCertificateAttributes

1 2 840 113549 1 3       pkcs-3
1 2 840 113549 1 3 1     dhKeyAgreement

1 2 840 113549 1 7	 pkcs-7
1 2 840 113549 1 7 1	 data
1 2 840 113549 1 7 2	 signedData
1 2 840 113549 1 7 3	 envelopedData
1 2 840 113549 1 7 4	 signedAndEnvelopedData
1 2 840 113549 1 7 5	 digestData
1 2 840 113549 1 7 6	 encryptedData

pkcs-1
1 2 840 113549 2 	 digestAlgorithm
1 2 840 113549 2 2	 md2
1 2 840 113549 2 4       md4
1 2 840 113549 2 5	 md5

rfc2040
1 2 840 113549 3  	 encryptionAlgorithm
1 2 840 113549 3 8  	 RC5CBC
1 2 840 113549 3 9  	 RC5CBCPAD

rfc2144
1 2 840 113533           nt 
1 2 840 113533 7         nsn
1 2 840 113533 7 66      algorithms
1 2 840 113533 7 66  10  cast5CBC
1 2 840 113533 7 66  11  cast5MAC
1 2 840 113533 7 66  12  pbeWithMD5AndCAST5-CBC

pkcs-5
1 2 840 113549 1 5       pkcs-5
1 2 840 113549 1 5 1     pbeWithMD2AndDES-CBC
1 2 840 113549 1 5 3     pbeWithMD5AndDES-CBC

pkcs-12
1 2 840 113549 1 12      pkcs-12
1 2 840 113549 1 12 1    pkcs-12PbeIds
1 2 840 113549 1 12 1 1  pbeWithSHA1And128BitRC4   
1 2 840 113549 1 12 1 2  pbeWithSHA1And40BitRC4   
1 2 840 113549 1 12 1 3  pbeWithSHA1And3-KeyTripleDES-CBC     
1 2 840 113549 1 12 1 4  pbeWithSHA1And2-KeyTripleDES-CBC     
1 2 840 113549 1 12 1 5  pbeWithSHA1And128BitRC2-CBC     
1 2 840 113549 1 12 1 6  pbeWithSHA1And40BitRC2-CBC     

rfc2268
1 2 840 113549 3 2       rc2CBC

x509
2 5                      ds
2 5 4                    at
2 5 8                    algorithm
2 5 8 1                  encryptionAlgorithm
2 5 8 2                  hashAlgorithm
2 5 8 3                  signatureAlgorithm
2 5 8 1 1                rsa

draft-ietf-pkix-ipki-part1 (11)
2 5 4 3                  commonName
2 5 4 4                  surname
2 5 4 6                  countryName
2 5 4 7                  localityName
2 5 4 8                  stateOrProvinceName
2 5 4 10                 organizationName
2 5 4 11                 organizationalUnitName
2 5 4 12                 title
2 5 4 41                 name
2 5 4 42                 givenName
2 5 4 43                 initials
2 5 4 44                 generationQualifier
2 5 4 46                 dnQualifier

set secure xaction specs book 3 may 31 19997
1 3                        identified-organization
1 3 14                     oiw
1 3 14 3                   secsig
1 3 14 3 2                 algorithm
1 3 14 3 2 26              sha1
1 3 14 3 2 7               desCBC
1 2 840 113549 3 10        desCDMF

deprecated ?
stable implementation agreements... (1991)
1 3 14 7 2 3 1             md2WithRsa
1 3 14 7 2 1 1             elGamal
1 3 14 7 2 3 2             md2WithElGamal

rfc 2311
1 2 840 113549 3 2       RC2-CBC
1 2 840 113549 3 7       DES-EDE3-CBC
1 2 840 113549 2 5       md5
1 3 14 3 2 26            sha-1 
1 2 840 113549 1 1 1     rsaEncryption
2 5 8                    algorithm
2 5 8 1                  encryptionAlgorithm
2 5 8 1 1                rsa

draft-ietf-smime-msg-06.txt
1 2 40 10040             x9-57
1 2 40 10040 4           x9cm
1 2 40 10040 4 1         dsa

netscape cert extensions communicator 4.0, draft 8/13/97
2 16 840 1 113730       netscape
2 16 840 1 113730 1     netscape-cert-extension
2 16 840 1 113730 1 1   netscape-cert-extension-type
2 16 840 1 113730 1 2   netscape-base-url
2 16 840 1 113730 1 3   netscape-revocation-url
2 16 840 1 113730 1 4   netscape-ca-revocation-url
2 16 840 1 113730 1 7   netcape-cert-renewal-url
2 16 840 1 113730 1 8   netscape-policy-url
2 16 840 1 113730 1 12  netscape-ssl-server-name
2 16 840 1 11330  1 13  netscape-comment
2 16 840 1 113730 2     netscape-data-type
2 16 840 1 113730 2 5   netscape-cert-sequence

x509 1997 (!) draft
2 5 4 35            userPassword
2 5 4 36            userCertificate
2 5 4 37            cAcertificate
2 5 4 38            authorityRecovationList
2 5 4 39            certificateRevocationList
2 5 4 40            crossCertificatePair
2 5 4 58            attributeCertificate

2 5 29              ce
2 5 29 9            subjectDirectoryAttributes
2 5 29 14           subjectKeyIdentifier
2 5 29 15           keyUsage
2 5 29 16           privateKeyUsagePeriod
2 5 29 17           subjectAltName
2 5 29 18           issuerAltName
2 5 29 19           basicConstraints
2 5 29 20           cRLNumber
2 5 29 21           reasonCode
2 5 29 23           instructionCode
2 5 29 24           invalidityDate
2 5 29 27           deltaCRLIndicator
2 5 29 28           issuingDistributionPoint
2 5 29 29           certificateIssuer
2 5 29 30           nameConstraints
2 5 29 31           cRLDistributionPoints
2 5 29 32           certificatePolicies
2 5 29 33           policyMappings
2 5 29 35           authorityKeyIdentifier
2 5 29 36           policyConstraints
2 5 29 37           extKeyUsage

bosselae's page on ripemd-160
1 3 36              teletrust
1 3 36 3            algorithm
1 3 36 3 2          hashAlgorithm
1 3 36 3 2 1        ripemd160
1 3 36 3 2 2        ripemd128
1 3 36 3 2 3        ripemd256
1 3 36 3 3          signatureAlgorithm
1 3 36 3 3 1        rsaSignature    
1 3 36 3 3 1 2      rsaSignatureWithripemd160
1 3 36 3 3 1 3      rsaSignatureWithripemd128
1 3 36 3 3 1 4      rsaSignatureWithripemd256

a teletrust document 'crypto algs: overview and object identifiers (11/27/96)
because I can't get to the stupid one at nemo.ncls.nist.gov

1 3 14 3 2 2        md4WithRSA
1 3 14 3 2 3        md5WithRSA
1 3 14 3 2 4        md5WithRSAEncryption
1 3 14 3 2 6        desECB
1 3 14 3 2 7        desCBC
1 3 14 3 2 8        desOFB
1 3 14 3 2 9        desCFB
1 3 14 3 2 10        desMAC
1 3 14 3 2 11        RSASignature
1 3 14 3 2 12        DSA
1 3 14 3 2 13        DSAWithSHA
1 3 14 3 2 14        RSAWithmdc2
1 3 14 3 2 15        RSAWithSHA
1 3 14 3 2 16        dhWithCommonModulus
1 3 14 3 2 17        desEDE
1 3 14 3 2 18        SHA
1 3 14 3 2 19        mdc-2
1 3 14 3 2 20        DSACommon
1 3 14 3 2 21        DSACommonWithSHA
1 3 14 3 2 22        RSAKeyTransport
1 3 14 3 2 23        Keyed-hash-seal
1 3 14 3 2 24        md2WithRSASignature
1 3 14 3 2 25        md5WithRSASignature
1 3 14 3 2 26        SHA1
1 3 14 3 2 27        DSAWithSHA1
1 3 14 3 2 28        DSACommonWithSHA1
1 3 14 3 2 29        RSASignatureWithSHA1

1 2 840 113549 3 4	 rc4

these haven't been verified yet
1 2 840 113549 3 2	 bf-cbc   ??

1 2 840 113549 3 17      des-ede3

/* proposed by microsoft to RSA */
1 2 840 113549 5 11      pbeWithSHA1AndRC2-CBC
1 2 840 113549 5 12  	 pbeWithSHA1AndRC4

1 3 14 3 2 17            desEDE2  ??

actually in use in this library:

#define OBJ_algorithm			1L,3L,14L,3L,2L
#define OBJ_rsadsi			1L,2L,840L,113549L
#define OBJ_pkcs			OBJ_rsadsi,1L
#define OBJ_md2				OBJ_rsadsi,2L,2L
#define OBJ_md5				OBJ_rsadsi,2L,5L
#define OBJ_rc4				OBJ_rsadsi,3L,4L
#define OBJ_rsaEncryption		OBJ_pkcs,1L,1L
#define OBJ_md2WithRSAEncryption	OBJ_pkcs,1L,2L
#define OBJ_md5WithRSAEncryption	OBJ_pkcs,1L,4L
#define OBJ_pbeWithMD2AndDES_CBC	OBJ_pkcs,5L,1L
#define OBJ_pbeWithMD5AndDES_CBC	OBJ_pkcs,5L,3L
#define OBJ_X500			2L,5L
#define OBJ_X509			OBJ_X500,4L
#define OBJ_commonName			OBJ_X509,3L
#define OBJ_countryName			OBJ_X509,6L
#define OBJ_localityName		OBJ_X509,7L
#define OBJ_stateOrProvinceName		OBJ_X509,8L
#define OBJ_organizationName		OBJ_X509,10L
#define OBJ_organizationalUnitName	OBJ_X509,11L
#define OBJ_rsa				OBJ_X500,8L,1L,1L
#define OBJ_pkcs7			OBJ_pkcs,7L
#define OBJ_pkcs7_data			OBJ_pkcs7,1L
#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
#define OBJ_pkcs7_signedAndEnveloped	OBJ_pkcs7,4L
#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
#define OBJ_pkcs3			OBJ_pkcs,3L
#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
#define OBJ_des_ecb			OBJ_algorithm,6L
#define OBJ_des_cfb64			OBJ_algorithm,9L
#define OBJ_des_cbc			OBJ_algorithm,7L
#define OBJ_des_ede			OBJ_algorithm,17L
#define OBJ_rc2_cbc			OBJ_rsadsi,3L,2L
#define OBJ_sha				OBJ_algorithm,18L
#define OBJ_shaWithRSAEncryption	OBJ_algorithm,15L
#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
#define OBJ_des_ofb64			OBJ_algorithm,8L
#define OBJ_pkcs9			OBJ_pkcs,9L
#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
#define OBJ_pkcs9_unstructuredName	OBJ_pkcs9,2L
#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
#define OBJ_pkcs9_countersignature	OBJ_pkcs9,6L
#define OBJ_pkcs9_challengePassword	OBJ_pkcs9,7L
#define OBJ_pkcs9_unstructuredAddress	OBJ_pkcs9,8L
#define OBJ_pkcs9_extCertAttributes	OBJ_pkcs9,9L
#define OBJ_netscape			2L,16L,840L,1L,113730L
#define OBJ_netscape_cert_extension	OBJ_netscape,1L
#define OBJ_netscape_data_type		OBJ_netscape,2L
#define OBJ_sha1			OBJ_algorithm,26L
/* #define OBJ_sha1			1L,3L,14L,2L,26L,05L <- wrong */
#define OBJ_sha1WithRSAEncryption	OBJ_pkcs,1L,5L
#define OBJ_dsaWithSHA			OBJ_algorithm,13L
#define OBJ_dsa_2			OBJ_algorithm,12L
#define OBJ_pbeWithSHA1AndRC2_CBC	OBJ_pkcs,5L,11L 
#define OBJ_pbeWithSHA1AndRC4		OBJ_pkcs,5L,12L 
#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
#define OBJ_netscape_revocation_url	OBJ_netscape_cert_extension,3L
#define OBJ_netscape_ca_revocation_url	OBJ_netscape_cert_extension,4L
#define OBJ_netscape_renewal_url	OBJ_netscape_cert_extension,7L
#define OBJ_netscape_ca_policy_url	OBJ_netscape_cert_extension,8L
#define OBJ_netscape_ssl_server_name	OBJ_netscape_cert_extension,12L
#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
#define OBJ_netscape_cert_sequence	OBJ_netscape_data_type,5L
#define OBJ_ld_ce			2L,5L,29L
#define OBJ_subject_key_identifier	OBJ_ld_ce,14L
#define OBJ_key_usage			OBJ_ld_ce,15L
#define OBJ_private_key_usage_period	OBJ_ld_ce,16L
#define OBJ_subject_alt_name		OBJ_ld_ce,17L
#define OBJ_issuer_alt_name		OBJ_ld_ce,18L
#define OBJ_basic_constraints		OBJ_ld_ce,19L
#define OBJ_crl_number			OBJ_ld_ce,20L
#define OBJ_certificate_policies	OBJ_ld_ce,32L
#define OBJ_authority_key_identifier	OBJ_ld_ce,35L
#define OBJ_mdc2			2L,5L,8L,3L,101L
#define OBJ_mdc2WithRSA			2L,5L,8L,3L,100L
#define OBJ_givenName			OBJ_X509,42L
#define OBJ_surname			OBJ_X509,4L
#define OBJ_initials			OBJ_X509,43L
#define OBJ_uniqueIdentifier		OBJ_X509,45L
#define OBJ_crl_distribution_points	OBJ_ld_ce,31L
#define OBJ_md5WithRSA			OBJ_algorithm,3L
#define OBJ_serialNumber		OBJ_X509,5L
#define OBJ_title			OBJ_X509,12L
#define OBJ_description			OBJ_X509,13L
#define OBJ_cast5_cbc			1L,2L,840L,113533L,7L,66L,10L
#define OBJ_pbeWithMD5AndCast5_CBC	1L,2L,840L,113533L,7L,66L,12L
#define OBJ_dsaWithSHA1			1L,2L,840L,10040L,4L,3L
#define OBJ_sha1WithRSA			OBJ_algorithm,29L
#define OBJ_dsa				1L,2L,840L,10040L,4L,1L
#define OBJ_ripemd160			1L,3L,36L,3L,2L,1L
#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
#define OBJ_rc5_cbc			OBJ_rsadsi,3L,8L