picky_asn1_x509/
oids.rs

1//! OIDs commonly used with X.509 certificates
2
3macro_rules! define_oid {
4    ($uppercase:ident => $lowercase:ident => $str_value:literal) => {
5        pub const $uppercase: &'static str = $str_value;
6
7        pub fn $lowercase() -> ::oid::ObjectIdentifier {
8            use ::std::sync::OnceLock;
9
10            static OID: OnceLock<::oid::ObjectIdentifier> = OnceLock::new();
11            OID.get_or_init(|| {
12               $uppercase.try_into().unwrap()
13            }).clone()
14        }
15    };
16    ( $( $uppercase:ident => $lowercase:ident => $str_value:literal, )+ ) => {
17        $( define_oid! { $uppercase => $lowercase => $str_value } )+
18    };
19}
20
21define_oid! {
22    // x9-57
23    DSA_WITH_SHA1 => dsa_with_sha1 => "1.2.840.10040.4.3",
24    // x9-42
25    DIFFIE_HELLMAN => diffie_hellman => "1.2.840.10046.2.1",
26    // ANSI-X962
27    EC_PUBLIC_KEY => ec_public_key => "1.2.840.10045.2.1",
28    ECDSA_WITH_SHA256 => ecdsa_with_sha256 => "1.2.840.10045.4.3.2",
29    ECDSA_WITH_SHA384 => ecdsa_with_sha384 => "1.2.840.10045.4.3.3",
30    ECDSA_WITH_SHA512 => ecdsa_with_sha512 => "1.2.840.10045.4.3.4",
31    SECP192R1 => secp192r1 => "1.2.840.10045.3.1.1",
32    SECP256R1 => secp256r1 => "1.2.840.10045.3.1.7",
33
34    // RSADSI
35    RSA_ENCRYPTION => rsa_encryption => "1.2.840.113549.1.1.1",
36    MD5_WITH_RSA_ENCRYPTHION => md5_with_rsa_encryption => "1.2.840.113549.1.1.4",
37    SHA1_WITH_RSA_ENCRYPTION => sha1_with_rsa_encryption => "1.2.840.113549.1.1.5",
38    SHA256_WITH_RSA_ENCRYPTION => sha256_with_rsa_encryption => "1.2.840.113549.1.1.11",
39    SHA384_WITH_RSA_ENCRYPTION => sha384_with_rsa_encryption => "1.2.840.113549.1.1.12",
40    SHA512_WITH_RSA_ENCRYPTION => sha512_with_rsa_encryption => "1.2.840.113549.1.1.13",
41    SHA224_WITH_RSA_ENCRYPTION => sha224_with_rsa_encryption => "1.2.840.113549.1.1.14",
42    RSASSA_PSS => rsassa_pss => "1.2.840.113549.1.1.10",
43    EMAIL_ADDRESS => email_address => "1.2.840.113549.1.9.1", // deprecated
44    EXTENSION_REQ => extension_request => "1.2.840.113549.1.9.14",
45
46    // PKCS#7
47    CONTENT_INFO_TYPE_DATA => content_info_type_data => "1.2.840.113549.1.7.1",
48    CONTENT_INFO_TYPE_ENCRYPTED_DATA => content_info_type_encrypted_data => "1.2.840.113549.1.7.6",
49    SIGNED_DATA => signed_data => "1.2.840.113549.1.7.2",
50    CONTENT_TYPE => content_type => "1.2.840.113549.1.9.3",
51    MESSAGE_DIGEST => message_digest => "1.2.840.113549.1.9.4",
52    ENVELOPED_DATA => enveloped_data => "1.2.840.113549.1.7.3",
53
54    // NIST
55    DSA_WITH_SHA224 => dsa_with_sha224 => "2.16.840.1.101.3.4.3.1",
56    DSA_WITH_SHA256 => dsa_with_sha256 => "2.16.840.1.101.3.4.3.2",
57    DSA_WITH_SHA384 => dsa_with_sha384 => "2.16.840.1.101.3.4.3.3",
58    DSA_WITH_SHA512 => dsa_with_sha512 => "2.16.840.1.101.3.4.3.4",
59    ID_ECDSA_WITH_SHA3_256 => id_ecdsa_with_sha3_256 => "2.16.840.1.101.3.4.3.10",
60    ID_RSASSA_PKCS1_V1_5_WITH_SHA3_224 => id_rsassa_pkcs1_v1_5_with_sha3_224 => "2.16.840.1.101.3.4.3.13",
61    ID_RSASSA_PKCS1_V1_5_WITH_SHA3_256 => id_rsassa_pkcs1_v1_5_with_sha3_256 => "2.16.840.1.101.3.4.3.14",
62    ID_RSASSA_PKCS1_V1_5_WITH_SHA3_384 => id_rsassa_pkcs1_v1_5_with_sha3_384 => "2.16.840.1.101.3.4.3.15",
63    ID_RSASSA_PKCS1_V1_5_WITH_SHA3_512 => id_rsassa_pkcs1_v1_5_with_sha3_512 => "2.16.840.1.101.3.4.3.16",
64
65    // Certicom Object Identifiers
66    SECP384R1 => secp384r1 => "1.3.132.0.34",
67    SECT163K1 => sect163k1 => "1.3.132.0.1",
68    SECT163R2 => sect163r2 => "1.3.132.0.15",
69    SECP224R1 => secp224r1 => "1.3.132.0.33",
70    SECT233K1 => sect233k1 => "1.3.132.0.26",
71    SECT233R1 => sect233r1 => "1.3.132.0.27",
72    SECT283K1 => sect283k1 => "1.3.132.0.16",
73    SECT283R1 => sect283r1 => "1.3.132.0.17",
74    SECT409K1 => sect409k1 => "1.3.132.0.36",
75    SECT409R1 => sect409r1 => "1.3.132.0.37",
76    SECP521R1 => secp521r1 => "1.3.132.0.35",
77    SECT571K1 => sect571k1 => "1.3.132.0.38",
78    SECT571R1 => sect571r1 => "1.3.132.0.39",
79
80    // RFC 8410
81    X25519 => x25519 => "1.3.101.110",
82    X448 => x448 => "1.3.101.111",
83    ED25519 => ed25519 => "1.3.101.112",
84    ED448 => ed448 => "1.3.101.113",
85
86    // Extended key purpose OIDS
87    KP_SERVER_AUTH => kp_server_auth => "1.3.6.1.5.5.7.3.1",
88    KP_CLIENT_AUTH => kp_client_auth => "1.3.6.1.5.5.7.3.2",
89    KP_CODE_SIGNING => kp_code_signing => "1.3.6.1.5.5.7.3.3",
90    KP_EMAIL_PROTECTION => kp_email_protection => "1.3.6.1.5.5.7.3.4",
91    KP_IPSEC_END_SYSTEM => kp_ipsec_end_system => "1.3.6.1.5.5.7.3.5",
92    KP_IPSPEC_TUNNEL => kp_ipsec_tunnel => "1.3.6.1.5.5.7.3.6",
93    KP_IPSEC_USER => kp_ipsec_user => "1.3.6.1.5.5.7.3.7",
94    KP_TIME_STAMPING => kp_time_stamping => "1.3.6.1.5.5.7.3.8",
95    KP_OCSP_SIGNING => kp_ocsp_signing => "1.3.6.1.5.5.7.3.9",
96    KP_ANY_EXTENDED_KEY_USAGE => kp_any_extended_key_usage => "2.5.29.37.0",
97    KP_LIFETIME_SIGNING  => kp_lifetime_signing => "1.3.6.1.4.1.311.10.3.13",
98
99    // attribute types
100    AT_COMMON_NAME => at_common_name => "2.5.4.3",
101    AT_SURNAME => at_surname => "2.5.4.4",
102    AT_SERIAL_NUMBER => at_serial_number => "2.5.4.5",
103    AT_COUNTRY_NAME => at_country_name => "2.5.4.6",
104    AT_LOCALITY_NAME => at_locality_name => "2.5.4.7",
105    AT_STATE_OR_PROVINCE_NAME => at_state_or_province_name => "2.5.4.8",
106    AT_STREET_NAME => at_street_name => "2.5.4.9",
107    AT_ORGANIZATION_NAME => at_organization_name => "2.5.4.10",
108    AT_ORGANIZATIONAL_UNIT_NAME => at_organizational_unit_name => "2.5.4.11",
109    AT_GIVENNAME => at_given_name => "2.5.4.42",
110    AT_PHONE => at_phone => "2.5.4.20",
111
112    // certificate extensions
113    SUBJECT_KEY_IDENTIFIER => subject_key_identifier => "2.5.29.14",
114    KEY_USAGE => key_usage => "2.5.29.15",
115    SUBJECT_ALTERNATIVE_NAME => subject_alternative_name => "2.5.29.17",
116    ISSUER_ALTERNATIVE_NAME => issuer_alternative_name => "2.5.29.18",
117    BASIC_CONSTRAINTS => basic_constraints => "2.5.29.19",
118    CRL_NUMBER => crl_number => "2.5.29.20",
119    AUTHORITY_KEY_IDENTIFIER => authority_key_identifier => "2.5.29.35",
120    EXTENDED_KEY_USAGE => extended_key_usage => "2.5.29.37",
121
122    // aes
123    // aes-128
124    AES128_ECB => aes128_ecb => "2.16.840.1.101.3.4.1.1",
125    AES128_CBC => aes128_cbc => "2.16.840.1.101.3.4.1.2",
126    AES128_OFB => aes128_ofb => "2.16.840.1.101.3.4.1.3",
127    AES128_CFB => aes128_cfb => "2.16.840.1.101.3.4.1.4",
128    AES128_WRAP => aes128_wrap => "2.16.840.1.101.3.4.1.5",
129    AES128_GCM => aes128_gcm => "2.16.840.1.101.3.4.1.6",
130    AES128_CCM => aes128_ccm => "2.16.840.1.101.3.4.1.7",
131    AES128_WRAP_PAD => aes128_wrap_pad => "2.16.840.1.101.3.4.1.8",
132    // aes-192
133    AES192_ECB => aes192_ecb => "2.16.840.1.101.3.4.1.21",
134    AES192_CBC => aes192_cbc => "2.16.840.1.101.3.4.1.22",
135    AES192_OFB => aes192_ofb => "2.16.840.1.101.3.4.1.23",
136    AES192_CFB => aes192_cfb => "2.16.840.1.101.3.4.1.24",
137    AES192_WRAP => aes192_wrap => "2.16.840.1.101.3.4.1.25",
138    AES192_GCM => aes192_gcm => "2.16.840.1.101.3.4.1.26",
139    AES192_CCM => aes192_ccm => "2.16.840.1.101.3.4.1.27",
140    AES192_WRAP_PAD => aes192_wrap_pad => "2.16.840.1.101.3.4.1.28",
141    // aes-256
142    AES256_ECB => aes256_ecb => "2.16.840.1.101.3.4.1.41",
143    AES256_CBC => aes256_cbc => "2.16.840.1.101.3.4.1.42",
144    AES256_OFB => aes256_ofb => "2.16.840.1.101.3.4.1.43",
145    AES256_CFB => aes256_cfb => "2.16.840.1.101.3.4.1.44",
146    AES256_WRAP => aes256_wrap => "2.16.840.1.101.3.4.1.45",
147    AES256_GCM => aes256_gcm => "2.16.840.1.101.3.4.1.46",
148    AES256_CCM => aes256_ccm => "2.16.840.1.101.3.4.1.47",
149    AES256_WRAP_PAD => aes256_wrap_pad => "2.16.840.1.101.3.4.1.48",
150
151    // hash algorithm
152    DIGEST_ALGORITHM => digest_algorithm => "1.2.840.113549.2",
153    MD5 => md5 => "1.2.840.113549.2.5",
154    HMAC_WITH_SHA1 => hmac_with_sha1 => "1.2.840.113549.2.7",
155    HMAC_WITH_SHA224 => hmac_with_sha224 => "1.2.840.113549.2.8",
156    HMAC_WITH_SHA256 => hmac_with_sha256 => "1.2.840.113549.2.9",
157    HMAC_WITH_SHA384 => hmac_with_sha384 => "1.2.840.113549.2.10",
158    HMAC_WITH_SHA512 => hmac_with_sha512 => "1.2.840.113549.2.11",
159    SHA1 => sha1 => "1.3.14.3.2.26",
160    SHA256 => sha256 => "2.16.840.1.101.3.4.2.1",
161    SHA384 => sha384 => "2.16.840.1.101.3.4.2.2",
162    SHA512 => sha512 => "2.16.840.1.101.3.4.2.3",
163    SHA224 => sha224 => "2.16.840.1.101.3.4.2.4",
164    SHA512_224 => sha512_224 => "2.16.840.1.101.3.4.2.5",
165    SHA512_256 => sha512_256 => "2.16.840.1.101.3.4.2.6",
166    SHA3_224 => sha3_224 => "2.16.840.1.101.3.4.2.7",
167    SHA3_256 => sha3_256 => "2.16.840.1.101.3.4.2.8",
168    SHA3_384 => sha3_384 => "2.16.840.1.101.3.4.2.9",
169    SHA3_512 => sha3_512 => "2.16.840.1.101.3.4.2.10",
170    SHAKE128 => shake128 => "2.16.840.1.101.3.4.2.11",
171    SHAKE256 => shake256 => "2.16.840.1.101.3.4.2.12",
172
173    // authenticode
174    SIGNING_TIME => signing_time => "1.2.840.113549.1.9.5",
175    COUNTER_SIGN => counter_sign => "1.2.840.113549.1.9.6",
176    SPC_INDIRECT_DATA_OBJID => spc_indirect_data_objid => "1.3.6.1.4.1.311.2.1.4",
177    SPC_STATEMENT_TYPE => spc_statement_type => "1.3.6.1.4.1.311.2.1.11",
178    SPC_SP_OPUS_INFO_OBJID => spc_sp_opus_info_objid => "1.3.6.1.4.1.311.2.1.12",
179    SPC_PE_IMAGE_DATAOBJ => spc_pe_image_dataobj => "1.3.6.1.4.1.311.2.1.15",
180    SPC_SIPINFO_OBJID => spc_sip_info_objid => "1.3.6.1.4.1.311.2.1.30",
181    TIMESTAMP_REQUEST => timestamp_request => "1.3.6.1.4.1.311.3.2.1",
182    MS_COUNTER_SIGN => ms_counter_signature => "1.3.6.1.4.1.311.3.3.1",
183
184    // CTL
185    CERT_TRUST_LIST => cert_trust_list => "1.3.6.1.4.1.311.10.1",
186    ROOT_LIST_SIGNER => root_list_signer => "1.3.6.1.4.1.311.10.3.9",
187
188    CERT_ENHKEY_USAGE_PROP_ID => cert_enhkey_usage_prop_id => "1.3.6.1.4.1.311.10.11.9",
189    CERT_FRIENDLY_NAME_PROP_ID => cert_friendly_name_prop_id => "1.3.6.1.4.1.311.10.11.11",
190    CERT_KEY_IDENTIFIER_PROP_ID => cert_key_identifier_prop_id => "1.3.6.1.4.1.311.10.11.20",
191    CERT_SUBJECT_NAME_MD5_HASH_PROP_ID => cert_subject_name_md5_hash_prop_id => "1.3.6.1.4.1.311.10.11.29",
192    CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID => cert_root_program_cert_policies_prop_id => "1.3.6.1.4.1.311.10.11.83",
193    CERT_AUTH_ROOT_SHA256_HASH_PROP_ID => cert_auto_root_sha256_hash_prop_id => "1.3.6.1.4.1.311.10.11.98",
194    CERT_DISALLOWED_FILETIME_PROP_ID => cert_disallowed_filetime_prop_id => "1.3.6.1.4.1.311.10.11.104",
195    CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID => cert_root_program_chain_policies_prop_id => "1.3.6.1.4.1.311.10.11.105",
196    DISALLOWED_ENHKEY_USAGE => disallowed_enhkey_usage => "1.3.6.1.4.1.311.10.11.122",
197    UNKNOWN_RESERVED_PROP_ID_126 => unknown_reserved_prop_id_126 => "1.3.6.1.4.1.311.10.11.126",
198    UNKNOWN_RESERVED_PROP_ID_127 => unknown_reserved_prop_id_127 => "1.3.6.1.4.1.311.10.11.127",
199
200    AUTO_UPDATE_END_REVOCATION => auto_update_end_revocation => "1.3.6.1.4.1.311.60.3.2",
201
202    // RSA  Mask Generator Function 1
203    ID_MGF1 => id_mgf1 => "1.2.840.113549.1.1.8",
204
205    // NLA protocols
206    KRB5 => krb5 => "1.2.840.113554.1.2.2",
207    MS_KRB5 => ms_krb5 => "1.2.840.48018.1.2.2",
208    KRB5_USER_TO_USER => krb5_user_to_user => "1.2.840.113554.1.2.2.3",
209    NTLM_SSP => ntlm_ssp => "1.3.6.1.4.1.311.2.2.10",
210    NEGOEX => negoex => "1.3.6.1.4.1.311.2.2.30",
211    SPNEGO => spnego => "1.3.6.1.5.5.2",
212
213    // [SPNEGO](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-spng/211417c4-11ef-46c0-a8fb-f178a51c2088)
214    //  The OID assigned for PKU2U is (1.3.6.1.5.2.7)
215    GSS_PKU2U => gss_pku2u => "1.3.6.1.5.2.7",
216
217    // http://oid-info.com/get/1.3.6.1.5.2.3.1
218    // id-pkinit-authData
219    PKINIT_AUTH_DATA => pkinit_auth_data => "1.3.6.1.5.2.3.1",
220
221    // http://oid-info.com/get/1.3.6.1.5.2.3.2
222    // id-pkinit-DHKeyData
223    PKINIT_DH_KEY_DATA => kpinit_dh_key_data => "1.3.6.1.5.2.3.2",
224
225    // PKCS#12
226    PKCS12_PBE_WITH_SHA_AND_3_KEY_TRIPLE_DES_CBC => pkcs12_pbe_with_sha_and_3_key_triple_des_cbc => "1.2.840.113549.1.12.1.3",
227    PKCS12_PBE_WITH_SHA_AND_40_BIT_RC2_CBC => pkcs12_pbe_with_sha_and_40_bit_rc2_cbc => "1.2.840.113549.1.12.1.6",
228    // Defined in PKCS#12 but starts with pkcs#9 prefix (crlTypes)
229    CRL_SAFE_BAG_TYPE_X509 => crl_safe_bag_type_x509 => "1.2.840.113549.1.9.23.1",
230    // Defined in PKCS#12 but starts with pkcs#9 prefix (certTypes)
231    CERT_SAFE_BAG_TYPE_X509 => cert_safe_bag_type_x509 => "1.2.840.113549.1.9.22.1",
232    // SafeBag types
233    SAFE_BAG_TYPE_KEY => safe_bag_type_key => "1.2.840.113549.1.12.10.1.1",
234    SAFE_BAG_TYPE_SHROUDED_KEY => safe_bag_type_shrouded_key => "1.2.840.113549.1.12.10.1.2",
235    SAFE_BAG_TYPE_CERT => safe_bag_type_cert => "1.2.840.113549.1.12.10.1.3",
236    SAFE_BAG_TYPE_CRL => safe_bag_type_crl => "1.2.840.113549.1.12.10.1.4",
237    SAFE_BAG_TYPE_SECRET => safe_bag_type_secret => "1.2.840.113549.1.12.10.1.5",
238    SAFE_BAG_TYPE_SAFE_CONTENTS => safe_bag_type_safe_contents => "1.2.840.113549.1.12.10.1.6",
239
240    // PKCS#5
241    PBKDF2 => pbkdf2 => "1.2.840.113549.1.5.12",
242    PBES2 => pbes2 => "1.2.840.113549.1.5.13",
243
244    // PKCS#9
245    ATTRIBUTE_PKCS12_FRIENDLY_NAME => attribute_pkcs12_friendly_name => "1.2.840.113549.1.9.20",
246    ATTRIBUTE_PKCS12_LOCAL_KEY_ID => attribute_pkcs12_local_key_id => "1.2.840.113549.1.9.21",
247
248    USER_PRINCIPAL_NAME => user_principal_name => "1.3.6.1.4.1.311.20.2.3",
249
250    // Protection descriptor and its types
251    PROTECTION_DESCRIPTOR_TYPE => protection_descriptor_type => "1.3.6.1.4.1.311.74.1",
252    SID_PROTECTION_DESCRIPTOR => sid_protection_descriptor => "1.3.6.1.4.1.311.74.1.1",
253    KEY_FILE_PROTECTION_DESCRIPTOR => key_file_protection_descriptor => "1.3.6.1.4.1.311.74.1.2",
254    SSDL_PROTECTION_DESCRIPTOR => ssdl_protection_descriptor => "1.3.6.1.4.1.311.74.1.5",
255    LOCAL_PROTECTION_DESCRIPTOR => local_protection_descriptor => "1.3.6.1.4.1.311.74.1.8",
256}