├── .gitignore ├── examples ├── convertPEMtoDER.js ├── OpenSSLCertInfo.js ├── dn.js ├── certInfo.js ├── parse_csr.js ├── custom_eku.js ├── createHugeCSR.js ├── ocsp_status.js ├── casign.js └── scepRequest.js ├── package.json ├── compile_name_mappings.js ├── ca_example.js ├── example.js ├── README.md └── name_mappings.js /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules -------------------------------------------------------------------------------- /examples/convertPEMtoDER.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | } 7 | 8 | var openssl = new node_openssl(options); 9 | 10 | fs.readFile('./ca.crt', function(err, contents) { 11 | openssl.convertPEMtoDER(contents, function(err, data) { 12 | if(err) { 13 | console.log(err); 14 | } else { 15 | console.log(data.toString()); 16 | } 17 | }); 18 | }); -------------------------------------------------------------------------------- /examples/OpenSSLCertInfo.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | //binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | fs.readFile('./twitter2.crt', function(err, contents) { 12 | openssl.getOpenSSLCertInfo(contents, function(err, out, cmd) { 13 | if(err) { 14 | console.log(err); 15 | } else { 16 | console.log(out); 17 | } 18 | }); 19 | }); -------------------------------------------------------------------------------- /examples/dn.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | //binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | fs.readFile('./ca.crt', function(err, contents) { 12 | //console.log(contents.toString()); 13 | openssl.getCertInfo(contents.toString(), function(err, certinfo) { 14 | console.log(openssl.getDistinguishedName(certinfo.subject)); 15 | }); 16 | }); -------------------------------------------------------------------------------- /examples/certInfo.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | //binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl({}); 10 | 11 | fs.readFile('./cert.csr', function(err, contents) { 12 | //console.log(contents) 13 | openssl.getCSRInfo(contents.toString(), function(err, attrs, cmd) { 14 | if(err) { 15 | console.log(err); 16 | } else { 17 | console.log(JSON.stringify(attrs, null, 2)); 18 | } 19 | }); 20 | }); -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "node-openssl-cert", 3 | "version": "0.1.44", 4 | "description": "Node.JS OpenSSL wrapper", 5 | "main": "index.js", 6 | "directories": { 7 | "test": "test" 8 | }, 9 | "dependencies": { 10 | "crypto-random-string": "^4.0.0", 11 | "moment": "^2.29.4", 12 | "tmp": "^0.2.1" 13 | }, 14 | "scripts": { 15 | "test": "echo \"Error: no test specified\" && exit 1" 16 | }, 17 | "repository": { 18 | "type": "git", 19 | "url": "git+https://github.com/lspiehler/node-openssl-cert.git" 20 | }, 21 | "keywords": [ 22 | "node.js", 23 | "openssl" 24 | ], 25 | "author": "Lyas Spiehler", 26 | "license": "MIT", 27 | "bugs": { 28 | "url": "https://github.com/lspiehler/node-openssl-cert/issues" 29 | }, 30 | "homepage": "https://github.com/lspiehler/node-openssl-cert#readme" 31 | } 32 | -------------------------------------------------------------------------------- /examples/parse_csr.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | //binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | var rsakeyoptions = { 12 | encryption: { 13 | password: 'test', 14 | cipher: 'des3' 15 | }, 16 | rsa_keygen_bits: 2048, 17 | //rsa_keygen_pubexp: 65537, 18 | format: 'PKCS8' 19 | } 20 | 21 | fs.readFile('./example.csr', function(err, contents) { 22 | openssl.getCSRInfo(contents, function(err, attrs, cmd) { 23 | if(err) { 24 | console.log(err); 25 | } else { 26 | console.log(attrs); 27 | openssl.generateConfig(attrs, false, false, function(err, config) { 28 | //console.log(config); 29 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 30 | //console.log(cmd); 31 | //console.log(key); 32 | openssl.generateCSR(attrs, key, 'test', function(err, csr, cmd) { 33 | if(err) { 34 | console.log(err); 35 | } else { 36 | //console.log(cmd.command); 37 | //console.log(csr); 38 | //console.log(cmd.files.config); 39 | openssl.selfSignCSR(csr, attrs, key, 'test', function(err, crt, cmd) { 40 | if(err) { 41 | console.log(err); 42 | console.log(cmd.files.config); 43 | } else { 44 | //console.log(cmd.command); 45 | console.log(crt); 46 | //console.log(cmd.files.config); 47 | } 48 | }); 49 | } 50 | 51 | }); 52 | }); 53 | }); 54 | //console.log(openssl.getDistinguishedName(attrs.subject)); 55 | } 56 | }); 57 | }); -------------------------------------------------------------------------------- /compile_name_mappings.js: -------------------------------------------------------------------------------- 1 | const https = require('https'); 2 | 3 | var httpRequest = function(params, callback) { 4 | const req = https.request(params.options, res => { 5 | var resp = []; 6 | 7 | res.on('data', function(data) { 8 | resp.push(data); 9 | }); 10 | 11 | res.on('end', function() { 12 | callback(false, {statusCode: res.statusCode, options: params.options, headers: res.headers, body: Buffer.concat(resp).toString()}); 13 | }); 14 | }) 15 | 16 | req.on('error', function(err) { 17 | //console.log(err); 18 | callback(false, {statusCode: false, options: params.options, headers: false, body: JSON.stringify(err)}); 19 | }) 20 | 21 | if(params.options.method=='POST') { 22 | req.write(JSON.stringify(params.body)); 23 | } 24 | 25 | req.end() 26 | } 27 | 28 | let options = { 29 | host: 'raw.githubusercontent.com', 30 | path: '/openssl/openssl/OpenSSL_1_1_1-stable/crypto/objects/objects.txt', 31 | method: 'GET' 32 | } 33 | 34 | //stage old names 35 | var oids = { 36 | "Microsoft Universal Principal Name": "msUPN", 37 | "Microsoft Smartcardlogin": "msSmartcardLogin" 38 | } 39 | 40 | httpRequest({options: options}, function(err, resp) { 41 | if(err) { 42 | console.error(err); 43 | } else { 44 | let lines = resp.body.split('\n'); 45 | for(let i = 0; i <= lines.length - 1; i++) { 46 | if(lines[i] != '' && lines[i].charAt(0)!='#' && lines[i].charAt(0)!='!') { 47 | //console.log(lines[i].charAt(0); 48 | let line = lines[i].split(':'); 49 | let key; 50 | let value; 51 | //console.log(lines[i]); 52 | //console.log(line); 53 | if(line.length == 3) { 54 | key = line[2].trim(); 55 | value = line[1].trim(); 56 | } else { 57 | key = line[1].trim(); 58 | value = line[1].trim(); 59 | } 60 | if(value != '') { 61 | oids[key] = value; 62 | } else { 63 | oids[key] = key; 64 | } 65 | } 66 | } 67 | console.log('module.exports = ' + JSON.stringify(oids, null, 2)); 68 | let keys = Object.keys(oids); 69 | console.error('Returned ' + keys.length + ' name mappings'); 70 | } 71 | }); -------------------------------------------------------------------------------- /examples/custom_eku.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | var tmp = require('tmp'); 4 | 5 | var options = { 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | var rsakeyoptions = { 12 | rsa_keygen_bits: 2048, 13 | //rsa_keygen_pubexp: 65537, 14 | format: 'PKCS8' 15 | } 16 | 17 | var csroptions = { 18 | hash: 'sha512', 19 | string_mask: 'default', 20 | startdate: new Date('1984-02-04 00:00:00'), 21 | enddate: new Date('2143-06-04 04:16:23'), 22 | //days: 600, 23 | requestAttributes: { 24 | challengePassword: 'CHALLENGEPASSPHRASE', 25 | unstructuredName: 'Optional Company Name' 26 | }, 27 | subject: { 28 | countryName: 'US', 29 | stateOrProvinceName: 'Louisiana', 30 | localityName: 'Slidell', 31 | postalCode: '70458', 32 | streetAddress: '1001 Gause Blvd.', 33 | organizationName: 'SMH', 34 | organizationalUnitName: [ 35 | 'IT' 36 | ], 37 | commonName: [ 38 | 'certificatetools.com', 39 | 'www.certificatetools.com' 40 | ], 41 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 42 | }, 43 | extensions: { 44 | customOIDs: [{ 45 | OID: '1.3.6.1.4.1.11129.2.4.3', 46 | value: 'critical,ASN1:NULL' 47 | }], 48 | basicConstraints: { 49 | critical: true, 50 | CA: true, 51 | pathlen: 1 52 | }, 53 | keyUsage: { 54 | critical: true, 55 | usages: [ 56 | 'digitalSignature', 57 | 'keyEncipherment' 58 | ] 59 | }, 60 | extendedKeyUsage: { 61 | critical: true, 62 | usages: [ 63 | 'serverAuth', 64 | 'clientAuth', 65 | '1.3.6.1.4.1.311.10.3.1', 66 | '1.3.6.1.4.1.311.10.3.3', 67 | '1.3.6.1.4.1.311.10.3.4', 68 | '2.16.840.1.113730.4.1', 69 | '1.3.6.1.4.1.311.20.2.2', 70 | '1.2.3.4' 71 | ] 72 | }, 73 | SANs: { 74 | DNS: [ 75 | 'google.com', 76 | 'www.google.com' 77 | ] 78 | } 79 | } 80 | } 81 | 82 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 83 | if(err) { 84 | console.log(err); 85 | } else { 86 | openssl.generateCSR(csroptions, key, false, function(err, csr, cmd) { 87 | if(err) { 88 | console.log(err); 89 | //console.log(cmd.files.config); 90 | } else { 91 | console.log(csr); 92 | console.log(cmd.files.config); 93 | openssl.selfSignCSR(csr, csroptions, key, false, function(err, crt, cmd) { 94 | if(err) { 95 | console.log(err); 96 | console.log(cmd.files.config); 97 | } else { 98 | console.log(crt); 99 | console.log(cmd.files.config); 100 | openssl.getCertInfo(crt, function(err, certinfo, cmd) { 101 | if(err) { 102 | console.log(err); 103 | } else { 104 | console.log(certinfo.extensions); 105 | } 106 | }) 107 | } 108 | }); 109 | } 110 | }); 111 | } 112 | }); -------------------------------------------------------------------------------- /examples/createHugeCSR.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | const name_mappings = require('../name_mappings'); 3 | 4 | var openssl = new node_openssl({}); 5 | 6 | var rsakeyoptions = { 7 | rsa_keygen_bits: 2048, 8 | //rsa_keygen_pubexp: 65537, 9 | format: 'PKCS8' 10 | } 11 | 12 | var csroptions = { 13 | hash: 'sha512', 14 | startdate: new Date('1984-02-04 00:00:00'), 15 | enddate: new Date('2143-06-04 04:16:23'), 16 | //days: 600, 17 | subject: { 18 | countryName: 'US', 19 | stateOrProvinceName: 'Louisiana', 20 | localityName: 'Slidell', 21 | postalCode: '70458', 22 | streetAddress: '1001 Gause Blvd.', 23 | organizationName: 'SMH', 24 | organizationalUnitName: [ 25 | 'IT' 26 | ], 27 | commonName: [ 28 | 'أقسام الشروحات', 29 | 'www.certificatetools.com' 30 | ], 31 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 32 | }, 33 | extensions: { 34 | basicConstraints: { 35 | critical: true, 36 | CA: true, 37 | pathlen: 1 38 | }, 39 | keyUsage: { 40 | critical: true, 41 | usages: [ 42 | 'digitalSignature', 43 | 'keyEncipherment' 44 | ] 45 | }, 46 | extendedKeyUsage: { 47 | critical: true, 48 | usages: [ 49 | 'serverAuth', 50 | 'clientAuth' 51 | ] 52 | }, 53 | SANs: { 54 | DNS: [ 55 | 'google.com', 56 | 'www.google.com' 57 | ] 58 | } 59 | } 60 | } 61 | 62 | let keys = Object.keys(name_mappings); 63 | csroptions.extensions.SANs.otherName = []; 64 | csroptions.extensions.SANs.otherName.push('nsSGC;UTF8:example othername'); 65 | csroptions.extensions.SANs.otherName.push('msEFS;UTF8:example othername'); 66 | csroptions.extensions.SANs.otherName.push('nsSGC;UTF8:example othername'); 67 | csroptions.extensions.SANs.otherName.push('msCTLSign;UTF8:example othername'); 68 | csroptions.extensions.SANs.otherName.push('msCodeInd;UTF8:example othername'); 69 | csroptions.extensions.SANs.otherName.push('msCodeCom;UTF8:example othername'); 70 | csroptions.extensions.SANs.otherName.push('secureShellServer;UTF8:example othername'); 71 | //csroptions.extensions.SANs.otherName = []; 72 | //for (let i = 0; i < keys.length; i++) { 73 | for (let i = 0; i < keys.length; i++) { 74 | //csroptions.extensions.SANs.otherName.push(name_mappings[keys[i]] + ';UTF8:huge csr test'); 75 | } 76 | 77 | console.log(csroptions.extensions.SANs.otherName); 78 | 79 | //var path = 'C:/Users/Lyas/Desktop/nodetest/cadir'; 80 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 81 | openssl.generateCSR(csroptions, key, false, function(err, csr, cmd) { 82 | if(err) { 83 | console.log(err); 84 | //console.log(cmd); 85 | } else { 86 | //console.log(cmd); 87 | console.log(csr); 88 | openssl.getCSRInfo(csr, function(err, attrs, cmd) { 89 | if(err) { 90 | console.log(err); 91 | } else { 92 | console.log(attrs); 93 | } 94 | }); 95 | } 96 | }); 97 | }); -------------------------------------------------------------------------------- /examples/ocsp_status.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | } 7 | 8 | var openssl = new node_openssl(options); 9 | 10 | var netcertoptions = { 11 | hostname: 'www.aol.com', 12 | port: 443, 13 | starttls: false, 14 | protocol: 'https' 15 | } 16 | 17 | function parseOCSPResponse(resp) { 18 | //console.log(resp); 19 | var ocspresp = {} 20 | let body = resp.split('OCSP Response Data:')[1].split('Signature Algorithm:')[0]; 21 | let splitbody = body.split('\n'); 22 | for(let i = 0; i <= splitbody.length - 1; i++) { 23 | if(splitbody[i].indexOf(':') >= 0) { 24 | let values = splitbody[i].split(':'); 25 | if(values.length == 2) { 26 | ocspresp[values[0].trim(' ')] = values[1].trim(' ').replace('\r', ''); 27 | } else if(values.length >= 3) { 28 | ocspresp[values[0].trim(' ')] = new Date(values.slice(1).join(':').trim(' ').replace('\r','')); 29 | } else { 30 | 31 | } 32 | } 33 | } 34 | return ocspresp; 35 | 36 | } 37 | 38 | openssl.getCertFromNetwork(netcertoptions, function(err, cert, cmd) { 39 | if(err) { 40 | console.log(err); 41 | } else { 42 | //console.log(cmd); 43 | openssl.getOCSPURI(cert[0], function(err, uri, cmd) { 44 | //console.log(err); 45 | // console.log(cmd); 46 | //console.log(uri); 47 | // console.log(cert); 48 | // process.exit(); 49 | let leaf = cert[0]; 50 | let ca = cert.splice(1).join('\r\n') + '\r\n'; 51 | openssl.queryOCSPServer(ca, leaf, uri, 'sha1', true, function(err, resp, cmd) { 52 | if(err) { 53 | console.log(err); 54 | } else { 55 | //console.log(cmd); 56 | console.log(parseOCSPResponse(resp)); 57 | //console.log(cmd.ca); 58 | //console.log(cmd.cert); 59 | //console.log(cmd.command); 60 | } 61 | }); 62 | }); 63 | } 64 | }); 65 | 66 | /*openssl.tcpCheck('vfgdsdf.com', 443, function(err, result) { 67 | if(err) { 68 | console.log(err); 69 | } else { 70 | console.log(result); 71 | } 72 | });*/ 73 | 74 | var chain = []; 75 | var maxlength = 4 76 | 77 | var getChain = function(cert, callback) { 78 | openssl.getIssuerURI(cert, function(err, uri, cmd) { 79 | if(uri) { 80 | //console.log(uri); 81 | openssl.downloadIssuer(uri, function(err, ca) { 82 | //console.log(ca); 83 | if(err) { 84 | callback('Failed to download CA.', false, false); 85 | } else { 86 | //console.log(chain.length); 87 | if(chain.length <= maxlength) { 88 | chain.push(ca); 89 | getChain(ca, callback); 90 | } else { 91 | callback('Too many iterations getting certificate chain', false, false); 92 | } 93 | } 94 | }); 95 | //callback(false, uri); 96 | } else { 97 | if(chain.length >= 1) { 98 | callback(false, chain, false); 99 | } else { 100 | callback('Cannot get issuer from certificate', false, false); 101 | } 102 | } 103 | }); 104 | } 105 | 106 | /*fs.readFile('./cert.cer', function(err, contents) { 107 | openssl.getOCSPURI(contents.toString(), function(err, uri, cmd) { 108 | //console.log(uri); 109 | if(err) { 110 | //console.log(uri); 111 | callback('Failed to get OCSP URI from certificate.', false, false); 112 | } else { 113 | getChain(contents.toString(), function(err, chain) { 114 | if(err) { 115 | callback(err, false, false); 116 | } else { 117 | openssl.queryOCSPServer(chain, contents.toString(), uri, function(err, resp, cmd) { 118 | if(err) { 119 | console.log(resp); 120 | callback(err, false, false); 121 | } else { 122 | console.log(resp); 123 | } 124 | }); 125 | } 126 | }); 127 | } 128 | }); 129 | });*/ 130 | 131 | /*fs.readFile('./GTSGIAG3.cer', function(err, contents) { 132 | openssl.convertDERtoPEM(contents, function(err, cert){ 133 | console.log(cert); 134 | }); 135 | });*/ 136 | -------------------------------------------------------------------------------- /examples/casign.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | var fs = require('fs'); 3 | var tmp = require('tmp'); 4 | 5 | var options = { 6 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | var rsakeyoptions = { 12 | rsa_keygen_bits: 2048, 13 | //rsa_keygen_pubexp: 65537, 14 | format: 'PKCS8' 15 | } 16 | 17 | var csroptions = { 18 | hash: 'sha512', 19 | startdate: new Date('1984-02-04 00:00:00'), 20 | enddate: new Date('2143-06-04 04:16:23'), 21 | //days: 600, 22 | subject: { 23 | countryName: 'US', 24 | stateOrProvinceName: 'Louisiana', 25 | localityName: 'Slidell', 26 | postalCode: '70458', 27 | streetAddress: '1001 Gause Blvd.', 28 | organizationName: 'SMH', 29 | organizationalUnitName: [ 30 | 'IT' 31 | ], 32 | commonName: [ 33 | 'certificatetools.com', 34 | 'www.certificatetools.com' 35 | ], 36 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 37 | }, 38 | extensions: { 39 | basicConstraints: { 40 | critical: true, 41 | CA: true, 42 | pathlen: 1 43 | }, 44 | keyUsage: { 45 | critical: true, 46 | usages: [ 47 | 'digitalSignature', 48 | 'keyEncipherment' 49 | ] 50 | }, 51 | extendedKeyUsage: { 52 | critical: true, 53 | usages: [ 54 | 'serverAuth', 55 | 'clientAuth' 56 | ] 57 | }, 58 | SANs: { 59 | DNS: [ 60 | 'certificatetools.com', 61 | 'www.certificatetools.com' 62 | ] 63 | } 64 | } 65 | } 66 | 67 | //var path = 'C:/Users/Lyas/Desktop/nodetest/cadir'; 68 | 69 | fs.readFile('./ca.key', function(err, cakey) { 70 | fs.readFile('./ca.crt', function(err, cacrt) { 71 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 72 | openssl.generateCSR(csroptions, key, false, function(err, csr, cmd) { 73 | //console.log(cakey); 74 | //console.log(crt); 75 | tmp.dir({unsafeCleanup: true}, function _tempDirCreated(err, path, cleanupCallback) { 76 | fs.writeFile(path + '/ca.key', cakey, function(err) { 77 | if(err) { 78 | cleanupCallback() 79 | } else { 80 | fs.writeFile(path + '/ca.crt', cacrt, function(err) { 81 | if(err) { 82 | cleanupCallback() 83 | } else { 84 | fs.writeFile(path + '/index.txt', '', function(err) { 85 | if(err) { 86 | cleanupCallback() 87 | } else { 88 | fs.mkdir(path + '/certs', function(err) { 89 | if(err) { 90 | cleanupCallback() 91 | } else { 92 | //console.log(path); 93 | let osslpath; 94 | if(path.indexOf('\\') >= 0) { 95 | osslpath = path.split('\\').join('\\\\') 96 | } else { 97 | osslpath = path; 98 | } 99 | console.log(osslpath); 100 | openssl.CASignCSR(csr, csroptions, osslpath, false, false, false, function(err, crt, cmd) { 101 | cleanupCallback() 102 | if(err) { 103 | console.log(err); 104 | } else { 105 | console.log(crt); 106 | console.log(cmd); 107 | } 108 | }); 109 | } 110 | }); 111 | } 112 | }); 113 | } 114 | }); 115 | } 116 | }); 117 | }); 118 | }); 119 | }); 120 | }); 121 | }); 122 | 123 | /*fs.readFile('./ca.key', function(err, cakey) { 124 | fs.readFile('./ca.crt', function(err, cacrt) { 125 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 126 | openssl.generateCSR(csroptions, key, false, function(err, csr, cmd) { 127 | openssl.CASignCSR(csr, csroptions, false, cacrt, cakey, false, function(err, crt, cmd) { 128 | if(err) { 129 | console.log(err); 130 | console.log(cmd); 131 | } else { 132 | console.log(crt); 133 | console.log(cmd); 134 | } 135 | }); 136 | }); 137 | }); 138 | }); 139 | });*/ -------------------------------------------------------------------------------- /examples/scepRequest.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('../index.js'); 2 | const cryptoRandomString = require('crypto-random-string'); 3 | 4 | var options = { 5 | //binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | binpath: 'openssl' 7 | } 8 | 9 | var openssl = new node_openssl(options); 10 | 11 | var rsakeyoptions = { 12 | rsa_keygen_bits: 2048, 13 | format: 'PKCS8' 14 | } 15 | 16 | var randomizeCSR = function() { 17 | let randomstring = cryptoRandomString({length: 10, characters: 'abcdefghijklmnopqrstuvwxyz'}); 18 | return csroptions = { 19 | hash: 'sha256', 20 | string_mask: 'nombstr', 21 | requestAttributes: { 22 | challengePassword: challenge, 23 | //unstructuredName: 'Optional Company Name' 24 | }, 25 | subject: { 26 | countryName: 'US', 27 | stateOrProvinceName: 'Louisiana', 28 | localityName: 'Slidell', 29 | commonName: [ 30 | randomstring + '.scep.test' 31 | ], 32 | }, 33 | extensions: { 34 | SANs: { 35 | DNS: [ 36 | randomstring + '.scep.test' 37 | ] 38 | } 39 | } 40 | } 41 | } 42 | 43 | //let scepurl = 'http://pkiaas.io/scep/w7Gxq4zZH9' 44 | //let scepurl = 'http://cyopki.com/scep/f5IK8ghmT0' 45 | //var challenge = '0UZCT2UZSF6S1HFO'; 46 | //yubikey 47 | //let scepurl = 'http://cyopki.com/scep/qHMRSEatVs' 48 | //var challenge = '0RK6E40H1FM29MBD'; 49 | //double yubikey cyopki 50 | var scepurl = 'http://cyopki.com/scep/UdZOhBULg3'; 51 | var challenge = '0W70LPBEIZXN911L'; 52 | //double yubikey pkiaas 53 | //var scepurl = 'http://pkiaas.io/scep/lGEd3QUkut'; 54 | //var challenge = '0EDV4H214NOSVKHO'; 55 | 56 | //var count = 0; 57 | 58 | /*for(let i = 0; i <= 75; i++) { 59 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 60 | if(err) { 61 | console.log('key'); 62 | console.log(err); 63 | } else { 64 | //console.log(key); 65 | openssl.generateCSRv2({options: randomizeCSR(), key: key}, function(err, csr, cmd) { 66 | if(err) { 67 | console.log('csr'); 68 | console.log(err); 69 | } else { 70 | //count++; 71 | console.log(csr); 72 | } 73 | }); 74 | } 75 | }) 76 | }*/ 77 | 78 | //console.log(count); 79 | 80 | function sendSCEPRequests(count) { 81 | for(let i = 0; i <= count; i++) { 82 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 83 | if(err) { 84 | console.log(err); 85 | } else { 86 | openssl.generateCSRv2({options: randomizeCSR(), key: key}, function(err, csr, cmd) { 87 | if(err) { 88 | console.log(err); 89 | console.log(key); 90 | } else { 91 | //console.log(csr); 92 | openssl.SCEPRequest({csr: csr, key: key, scepurl: scepurl}, function(err, out) { 93 | if(err) { 94 | console.log(err); 95 | console.log(out); 96 | } else { 97 | openssl.createPKCS12(out, key, false, false, false, function(err, pfx, command) { 98 | if(err) { 99 | console.log(err); 100 | } else { 101 | console.log('success'); 102 | } 103 | }); 104 | //console.log(openssl.getDistinguishedName(attrs.subject)); 105 | } 106 | }); 107 | } 108 | }); 109 | } 110 | }); 111 | } 112 | } 113 | 114 | sendSCEPRequests(2); 115 | 116 | setTimeout(function() {sendSCEPRequests(2)}, 2000); -------------------------------------------------------------------------------- /ca_example.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('./index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | binpath: 'C:/Program Files/OpenSSL-Win64/bin/openssl.exe' 6 | } 7 | 8 | var openssl = new node_openssl(options); 9 | 10 | var rsakeyoptions = { 11 | encryption: { 12 | password: 'test', 13 | cipher: 'des3' 14 | }, 15 | rsa_keygen_bits: 2048, 16 | //rsa_keygen_pubexp: 65537, 17 | format: 'PKCS8' 18 | } 19 | 20 | var csroptions = { 21 | hash: 'sha512', 22 | startdate: new Date('1984-02-04 00:00:00'), 23 | enddate: new Date('2143-06-04 04:16:23'), 24 | //days: 600, 25 | subject: { 26 | countryName: 'US', 27 | stateOrProvinceName: 'Louisiana', 28 | localityName: 'Slidell', 29 | postalCode: '70458', 30 | streetAddress: '1001 Gause Blvd.', 31 | organizationName: 'SMH', 32 | emailAddress: 'lyas.spiehler@slidellmemorial.org', 33 | organizationalUnitName: [ 34 | 'IT' 35 | ], 36 | commonName: [ 37 | 'certificatetools.com', 38 | 'www.certificatetools.com' 39 | ] 40 | }, 41 | extensions: { 42 | basicConstraints: { 43 | critical: true, 44 | CA: true, 45 | pathlen: 1 46 | }, 47 | keyUsage: { 48 | critical: true, 49 | usages: [ 50 | 'digitalSignature', 51 | 'keyEncipherment' 52 | ] 53 | }, 54 | extendedKeyUsage: { 55 | critical: true, 56 | usages: [ 57 | 'serverAuth', 58 | 'clientAuth', 59 | '1.3.6.1.4.1.311.20.2.1' 60 | ] 61 | }, 62 | SANs: { 63 | DNS: [ 64 | 'certificatetools.com', 65 | 'www.certificatetools.com' 66 | ] 67 | }, 68 | policies: [ 69 | 70 | { 71 | policyIdentifier: '2.5.29.32.0', 72 | CPS: [ 73 | 'https://www.slidellmemorial.org/' 74 | ], 75 | userNotice: [{ 76 | explicitText: 'We\'re super secure. I promise!!!!!', 77 | organization: 'Slidell Memorial Hospital', 78 | //noticeNumbers: [1, 2] 79 | }] 80 | } 81 | ] 82 | } 83 | } 84 | 85 | var cacsroptions = { 86 | hash: 'sha256', 87 | days: 240, 88 | subject: { 89 | countryName: 'US', 90 | stateOrProvinceName: 'Louisiana', 91 | localityName: 'Slidell', 92 | postalCode: '70458', 93 | streetAddress: '1001 Gause Blvd.', 94 | organizationName: 'SMH', 95 | organizationalUnitName: [ 96 | 'IT' 97 | ], 98 | commonName: [ 99 | 'SMH Root Certificate Authority' 100 | ] 101 | }, 102 | extensions: { 103 | basicConstraints: { 104 | critical: true, 105 | CA: true, 106 | pathlen: 1 107 | }, 108 | keyUsage: { 109 | critical: true, 110 | usages: [ 111 | 'digitalSignature', 112 | 'keyEncipherment', 113 | 'keyCertSign' 114 | ] 115 | }, 116 | extendedKeyUsage: { 117 | critical: true, 118 | usages: [ 119 | 'serverAuth', 120 | 'clientAuth' 121 | ] 122 | } 123 | } 124 | } 125 | 126 | /*openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 127 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 128 | openssl.CASignCSR(csr, csroptions, '/var/www/node/node-openssl-rest/ca/global/GeoTrustGlobalCA/', false, false, '', function(err, crt, cmd) { 129 | if(err) { 130 | console.log(err); 131 | console.log(cmd); 132 | } else { 133 | console.log(crt); 134 | console.log(cmd); 135 | } 136 | }); 137 | }); 138 | }); 139 | return;*/ 140 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, cakey, cmd) { 141 | openssl.generateCSR(cacsroptions, cakey, 'test', function(err, csr, cmd) { 142 | if(err) { 143 | console.log(err); 144 | } else { 145 | openssl.selfSignCSR(csr, cacsroptions, cakey, 'test', function(err, cacrt, cmd) { 146 | if(err) { 147 | console.log(err); 148 | } else { 149 | // console.log(crt); 150 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 151 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 152 | //console.log(cakey); 153 | //console.log(crt); 154 | openssl.CASignCSR(csr, csroptions, false, cacrt ,cakey, 'test', function(err, crt, cmd) { 155 | //console.log(cmd); 156 | if(err) console.log(err); 157 | console.log(cmd.files.config); 158 | console.log(crt); 159 | /*openssl.createPKCS7(new Array(crt, cacrt), 'pem', function(err, pkcs7, command) { 160 | console.log(command); 161 | console.log(pkcs7); 162 | fs.writeFileSync('./download.p7b', pkcs7); 163 | });*/ 164 | openssl.getCertInfo(crt, function(err, attrs, cmd) { 165 | if(err) { 166 | console.log(err); 167 | } else { 168 | console.log(attrs); 169 | //console.log(openssl.getDistinguishedName(attrs.subject)); 170 | } 171 | }); 172 | 173 | //console.log(cmd); 174 | /*return; 175 | openssl.createPKCS12(crt, key, 'test', false, cacrt, function(err, pfx, command) { 176 | if(err) { 177 | //console.log(err); 178 | //console.log(command); 179 | } else { 180 | console.log(pfx); 181 | console.log(command); 182 | } 183 | 184 | });*/ 185 | }); 186 | }); 187 | }); 188 | } 189 | }); 190 | } 191 | 192 | }); 193 | }); 194 | -------------------------------------------------------------------------------- /example.js: -------------------------------------------------------------------------------- 1 | const node_openssl = require('./index.js'); 2 | var fs = require('fs'); 3 | 4 | var options = { 5 | binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 6 | } 7 | 8 | var openssl = new node_openssl(options); 9 | 10 | var rsakeyoptions = { 11 | encryption: { 12 | password: 'test', 13 | cipher: 'des3' 14 | }, 15 | rsa_keygen_bits: 2048, 16 | //rsa_keygen_pubexp: 65537, 17 | format: 'PKCS8' 18 | } 19 | 20 | var ecckeyoptions = { 21 | encryption: { 22 | password: 'test', 23 | cipher: 'des3' 24 | }, 25 | curve: 'prime256v1', 26 | //rsa_keygen_pubexp: 65537, 27 | format: 'PKCS8' 28 | } 29 | 30 | var csroptions = { 31 | hash: 'sha512', 32 | days: 240, 33 | extensions: { 34 | customOIDs: [ 35 | { 36 | OID: '1.3.6.1.4.1.311.20.2', 37 | value: 'ASN1:PRINTABLESTRING:Test Template' 38 | } 39 | ], 40 | tlsfeature: ['status_request'], 41 | basicConstraints: { 42 | critical: true, 43 | CA: true, 44 | pathlen: 1 45 | }, 46 | keyUsage: { 47 | critical: true, 48 | usages: [ 49 | 'digitalSignature', 50 | 'keyEncipherment' 51 | ] 52 | }, 53 | extendedKeyUsage: { 54 | critical: true, 55 | usages: [ 56 | 'serverAuth', 57 | 'clientAuth', 58 | 'ipsecIKE', 59 | 'ipsecUser', 60 | 'ipsecTunnel', 61 | 'ipsecEndSystem' 62 | ] 63 | }, 64 | SANs: { 65 | DNS: [ 66 | 'certificatetools.com', 67 | 'www.certificatetools.com' 68 | ] 69 | } 70 | }, 71 | subject: { 72 | countryName: 'US', 73 | stateOrProvinceName: 'Louisiana', 74 | localityName: 'Slidell', 75 | postalCode: '70458', 76 | streetAddress: '1001 Gause Blvd.', 77 | organizationName: 'SMH', 78 | organizationalUnitName: [ 79 | 'IT' 80 | ], 81 | commonName: [ 82 | 'certificatetools.com', 83 | 'www.certificatetools.com' 84 | ], 85 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 86 | } 87 | 88 | } 89 | 90 | /*var csroptions = { 91 | hash: 'sha256', 92 | subject: { 93 | countryName: 'US' 94 | } 95 | 96 | }*/ 97 | 98 | var netcertoptions = { 99 | hostname: 'barracuda1.smhplus.org', 100 | port: 25, 101 | starttls: true, 102 | protocol: 'smtp' 103 | } 104 | 105 | var netcertoptions = { 106 | hostname: '47.91.46.102', 107 | port: 443, 108 | starttls: false, 109 | //protocol: 'https' 110 | } 111 | 112 | /*openssl.generateConfig(csroptions, false, false, function(err, config) { 113 | console.log(config); 114 | });*/ 115 | 116 | /*var netcertoptions = { 117 | hostname: 'barracuda1.smhplus.org', 118 | port: 25, 119 | starttls: true, 120 | protocol: 'smtp' 121 | })*/ 122 | 123 | /*openssl.getCertFromNetwork(netcertoptions, function(err, cert, cmd) { 124 | if(err) console.log(err); 125 | console.log(cmd); 126 | console.log(cert); 127 | });*/ 128 | 129 | /*fs.readFile('./googletest.crt', function(err, contents) { 130 | openssl.convertCertToCSR(contents, function(err,csroptions,cmd) { 131 | console.log(csroptions); 132 | }); 133 | });*/ 134 | 135 | //openssl.generateECCPrivateKey(ecckeyoptions, function(err, key, cmd) { 136 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 137 | console.log(cmd); 138 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 139 | if(err) { 140 | console.log(err); 141 | console.log(cmd.files.config); 142 | } else { 143 | console.log(cmd); 144 | //console.log(csr); 145 | //console.log(cmd.files.config); 146 | csroptions.days = 240; 147 | openssl.selfSignCSR(csr, csroptions, key, 'test', function(err, crt, cmd) { 148 | if(err) { 149 | console.log(err); 150 | console.log(cmd.files.config); 151 | } else { 152 | //console.log(cmd.command); 153 | console.log(crt); 154 | console.log(cmd.files.config); 155 | } 156 | }); 157 | } 158 | 159 | }); 160 | }); 161 | 162 | /*openssl.getCertFromNetwork(netcertoptions, function(err, cert, cmd) { 163 | console.log(cert); 164 | //console.log(cmd); 165 | if(err) console.log(err); 166 | //console.log(cert); 167 | openssl.convertCertToCSR(cert[0], function(err,csroptions,cmd) { 168 | console.log(csroptions); 169 | //console.log(cmd); 170 | return; 171 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 172 | console.log(cmd); 173 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 174 | if(err) { 175 | console.log(err); 176 | console.log(cmd.files.config); 177 | } else { 178 | console.log(cmd); 179 | //console.log(csr); 180 | //console.log(cmd.files.config); 181 | csroptions.days = 240; 182 | openssl.selfSignCSR(csr, csroptions, key, 'test', function(err, crt, cmd) { 183 | if(err) { 184 | console.log(err); 185 | console.log(cmd.files.config); 186 | } else { 187 | console.log(cmd.command); 188 | console.log(crt); 189 | console.log(cmd.files.config); 190 | } 191 | }); 192 | } 193 | 194 | }); 195 | }); 196 | }); 197 | });*/ 198 | 199 | /*openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 200 | console.log(cmd); 201 | console.log(key); 202 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 203 | if(err) { 204 | console.log(err); 205 | } else { 206 | console.log(cmd.command); 207 | console.log(csr); 208 | console.log(cmd.files.config); 209 | } 210 | 211 | }); 212 | });*/ 213 | 214 | /*fs.readFile('./test/ecc.key', function(err, contents) { 215 | openssl.importECCPrivateKey(contents, 'test test', function(err, key, cmd) { 216 | //console.log(cmd); 217 | if(err) { 218 | console.log(err); 219 | } else { 220 | console.log(key); 221 | } 222 | //return; 223 | openssl.generateCSR(csroptions, key, 'test test', function(err, csr, cmd) { 224 | if(err) { 225 | console.log(err); 226 | } else { 227 | console.log(csr); 228 | } 229 | 230 | }); 231 | }); 232 | });*/ 233 | 234 | /*openssl.getCertFromURL('yahoo.com',function(err, cert) { 235 | if(err) console.log(err); 236 | console.log(cert.pemEncoded); 237 | openssl.convertCertToCSR(cert.pemEncoded, function(err,csroptions,cmd) { 238 | //console.log(csroptions.subject); 239 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 240 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 241 | if(err) { 242 | console.log(err); 243 | console.log(cmd.files.config); 244 | } else { 245 | //console.log(cmd.command); 246 | console.log(csr); 247 | //console.log(cmd.files.config); 248 | } 249 | 250 | }); 251 | }); 252 | }); 253 | });*/ 254 | 255 | /*openssl.getCertFromURL('yahoo.com',function(err, cert) { 256 | openssl.convertCertToCSR(cert.pemEncoded, function(err,csroptions,cmd) { 257 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 258 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 259 | console.log(csr); 260 | }); 261 | }); 262 | }); 263 | });*/ 264 | 265 | /*fs.readFile('./test/test.crt', function(err, contents) { 266 | //console.log(contents.toString()); 267 | openssl.convertCertToCSR(contents.toString(), function(err,csroptions,cmd) { 268 | console.log(csroptions); 269 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 270 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 271 | if(err) { 272 | console.log(err); 273 | } else { 274 | //console.log(cmd.command); 275 | console.log(csr); 276 | //console.log(cmd.files.config); 277 | } 278 | 279 | }); 280 | }); 281 | }); 282 | });*/ 283 | 284 | 285 | //ca only keyusage keyCertSign, cRLSign 286 | //all explanations https://superuser.com/questions/738612/openssl-ca-keyusage-extension 287 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # node-openssl-cert 2 | Node.JS OpenSSL wrapper for creating and converting private keys, generating CSRs, etc. 3 | 4 | ### Requirements 5 | 6 | Make sure the OpenSSL binary is installed and located in the system path 7 | 8 | #### Windows 9 | 10 | Download installer from https://slproweb.com/products/Win32OpenSSL.html (Light version is sufficient) 11 | 12 | #### Debian/Ubuntu Linux 13 | ``` 14 | apt install openssl 15 | ``` 16 | 17 | #### RedHat/CentOS Linux 18 | ``` 19 | yum install openssl 20 | ``` 21 | 22 | ### Installation 23 | 24 | ``` 25 | npm install node-openssl-cert 26 | ``` 27 | 28 | ### Build SSCEP on Ubuntu 20.04 29 | 30 | ``` 31 | apt -y install libtool m4 automake make git pkg-config 32 | 33 | cd /usr/src 34 | git clone https://github.com/certnanny/sscep.git 35 | cd sscep 36 | libtoolize && aclocal && autoheader && automake --add-missing && autoreconf 37 | ./configure 38 | make 39 | make install 40 | ``` 41 | 42 | ### Usage 43 | Load and instantiate node-openssl-cert 44 | ``` 45 | const node_openssl = require('node-openssl-cert'); 46 | const openssl = new node_openssl(); 47 | ``` 48 | 49 | If the openssl executable is not in your system path, provide it in an options object and pass it as an argument 50 | ``` 51 | const node_openssl = require('node-openssl-cert'); 52 | 53 | var options = { 54 | binpath: 'C:/Program Files/OpenVPN/bin/openssl.exe' 55 | } 56 | 57 | const openssl = new node_openssl(options); 58 | ``` 59 | 60 | Generate an RSA privatekey with the default options and show the openssl command used to create it. 61 | ``` 62 | openssl.generateRSAPrivateKey({}, function(err, key, cmd) { 63 | console.log(cmd); 64 | console.log(key); 65 | }); 66 | ``` 67 | Will return like this: 68 | ``` 69 | [ 'openssl genpkey -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out rsa.key' ] 70 | -----BEGIN PRIVATE KEY----- 71 | MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDjnDud8ysybn1Y 72 | CJd6iYORtt9zya6w/vaeRRQzmSgkOcA2xqaN0PxwgYk+pUSLBgmgTVXaaSZtleX1 73 | 7safXdze1a4lCtoTOxWG5awOgfmZL9ZMqY4PumM4VsN6K1oIWxHthRudisOldYUx 74 | Sn6iDWtZBem1pGAm/IiTRQbgrs/okw7HEO0j18ZqsTpWXyq/hRMDRYajgWemkeLD 75 | FVMvWdroY9RDalXTy1qec+Ic8NBpE9I3FZlHdFd0hJB4V/OpoC+5OaCdQiIoPkeO 76 | ZJMjs/2DYGr0Lh0UWBfgpxT2eDpXKFuQUDiFwAa2vuXkrqWMjcR7naU2QaaymvAm 77 | hV3IWmQ7AgMBAAECggEANOvwmKsfkhxKnJtyzRUIOGsyzXNJYPIHWYlqRw0HXlTn 78 | MlVCCJtc9rPHu38lzsVam6EfoybrvnMqAuK/3/ItFsrMMOSzC+GjAbiJJt5lsI6E 79 | 31JVK6cExua1kMRfrK2wH2/hmeHX17LZgzp08yz3lr1fN9K+YJI7FzLnhHpg8QxA 80 | ENCfib29NS0poIGg0sX3VSI1RPhicQyBm2hgjllawIhnA8fkz+K76tDvbgU8uZWQ 81 | z23MGmg2qbejzIDR8GckKBeTCVTOxktLDWHWxdGl94/K0Q4NYMVb/XSDR/CTKvmB 82 | 6Ll5abYrOF8sf/2mPsYlNirBb6EvniRk6lo70KK/4QKBgQD1ePMGbF5YqlySaJWC 83 | gF2vRJgdDhyETzt3d6D/vivvIfsy0zDgUR8qqnzNH0wL1IZ7JYwFcqPmJJjRdiea 84 | fzlY6LLs1snOuhIx1jw1Z8pfJALO39nuN/3h/Hpw3f+2PG9ozBjww26zjPqrmQnN 85 | TeH/oFT7DTupzJY8N+bndd9nqQKBgQDtXyyUHwrVoLToNizSnBzFKr5Oe2SyQsIh 86 | YC+dN0moAVuRVz6Fz2xRDodS1S2CGvK0j6mSnkaYufVDW3zh1KtfyCoMKYar4ZZ5 87 | XcIVojwk9GL6t4tHtgknbfXcO+NHZXi5NJXc0sFVEbxZwmJyXKLDrOHsApufTLNO 88 | LZme9r4LQwKBgCc6KdQH81fF+b8n2WSecNo2YvyZqbL3GnCv/FmCIXE4g/UOTMw8 89 | Cnf+AK2i57soPkllqaehN1Hq3UTz1cZZuGdd4GH6vQs9LvUp4DtEl9F2ZsB6g1AP 90 | QJIhj8uDnn6Xz9H2c7Hd+U3WJKTRcwCNBqWcEJiB99vdptB+unaYnpfpAoGAShZF 91 | jKmvsQOq0zttfAK7vBJeOZKr2DOb8dzan6BM/gIGeXOYkR0vepElTYY54PzWOeMJ 92 | EzkRYcPQuEhKzxWYs5l+/jLL1MPhOlo4JJZxXTtl1UkKUMSRUNwyO535jyQtrOir 93 | ybOCIjIZ7o4MOhONvbMtBIO/3NWMtV7oLsRmho8CgYB5qx6eVB44rn9T4pzE1UEK 94 | k/KrtzLRBjCJfqWhYfbTDOzItqQEjzmVmTZxLHl3TIR9xYgcqKTD91y+cwl3j35g 95 | 7fpidBDjqZmP2vUNav8l95yq94iC95e80QSBHgpMHkaRqSpj3P5NaOG8zGxwOZ1x 96 | Ke97vdVom/vmhxgbok9skQ== 97 | -----END PRIVATE KEY----- 98 | ``` 99 | Generate an RSA private key with custom options and show the openssl command used to create it. 100 | ``` 101 | var rsakeyoptions = { 102 | encryption: { 103 | password: 'test', 104 | cipher: 'des3' 105 | }, 106 | rsa_keygen_bits: 2048, 107 | rsa_keygen_pubexp: 65537, 108 | format: 'PKCS8' 109 | } 110 | 111 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 112 | console.log(cmd); 113 | console.log(key); 114 | }); 115 | ``` 116 | Will return like this: 117 | ``` 118 | [ 'openssl genpkey -outform PEM -algorithm RSA -pass pass:test -des3 -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 -out rsa.key' ] 119 | -----BEGIN ENCRYPTED PRIVATE KEY----- 120 | MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIS10INHjYe7ECAggA 121 | MBQGCCqGSIb3DQMHBAjL6y04rNxnowSCBMgs4NLlXMJsI2c/ZYNpKg3aLXCdyr3T 122 | 2kIZRURTzBziP4gBGRNwjJqb/4xbp2H1XXB9l8BMdlDFDaqi0xnPxJdu7lJAHi71 123 | TJ7RCb7RxsuLVqjUbq6TYEPuAaS+KCHfEy/aCJx6oyGWkyJaoLl97lxIZ+TnVKxs 124 | LWN4PwclYJbX0LbXNJblanHqBAw/5ggl95PlpxidLL8K9Gvm2SfFCMoGpBCT8vJl 125 | YtUECFlV/gBW467nhcLdODNNk06D34AxUWvcP4ELAAx7aj7NMNx3xRjbWW5cHpfy 126 | RMsaL+26vEhX2RKDgqsUZ6vhk0qLTxlpI+gaqyvTZsShtEU1CbESn0vSKb8tuJSq 127 | Rw1kDxCXkNHG1tJimeMVGt27sUvhIP1HqEwPBTF1iGAaulruPGmlchGAMpIvW+4I 128 | ++Kmf2ezaFCASi9ggn9Xm2jupJOaxJQ1cTdPZzJx9zqUMC/cVrps7QSPLM+4mIzB 129 | XCNl9JU6tAsKI49tWn9QSbvE8fiEPOnPLbGnQL21VNHFOCaVVPKL849QLS37rKXd 130 | gf16eO80UD51CZU4ZibUhL+IgVONFZj4Pbh+GJh5Mr7E/pghvJUNKvnBnhLsRwYx 131 | BEHN8mEQmju1kZLlT+N4dAOBOKH+Fu9TqTAaC8FM5+FDLFRlfBKF8prwvjvKGmYF 132 | edy+co0fd6Q8VpWTHNAmQIV4MDqRLj7vncB8GyX5C8ety6MMLdKLG5ZgqVP28BHy 133 | +QyMhpAUmBPWpblvZ/GdTynatuZe1Cra7SKqDdDOJEbPXeNuuo2bVYwFQszC+682 134 | 3lOI3ghQeB3ghRlCtRipkO04y3+L6ytX2tZsoBvV1EhpXWP6rrkD1PuZc4sWNpDy 135 | cN88ga20Ee+WcNkNSPjseULnCEAy1H/waewhL040q3hbpDgla8bWbZHvs17yvlPx 136 | JOKlhan2sXuahbi0vua6B6bJ0qJktpKNqIjuQRrqNISTsKdKiYAHgcz58r3tmXIP 137 | wHB4KmfSW+2xMm5sYrrCmZ8+1TYBMx1egMBYhmV6X3jQGDZp3KpKPA5hb+J8kJfa 138 | PyZXJW85h368XNU3G7CE6Vo7p8F7in3gEa78ZMNko5JNFrV2LWd/lyl8xEZKklF6 139 | RcBFRCta/08eLcOmGJssbVsa4tuxIKFceyVG7axhy4VIYLbjLKERUrDsjcE303Fh 140 | f+UVI/UH2k3CgfyXUOXdNP2EZyHFrH2E36nTb4nLzaB7tKoYeg+YKQFMQnNtTmck 141 | 7fuzXUiWuEmxkkw9D4WoFExc4BPXX40Oa2bzUzwWML3sBREY0UJK0+J02bumJ5wf 142 | Nyr0NHUKw6ZZOI5V1nrLgjcWGD0jxpHcyDFR6nqlXo9VfjXdIGfSQ9HfzOVc/uJn 143 | lciM8BvkDUO1sDzEt4njHsk9OdVZw2nbgZa6vZHK5aulNJ19CUdXtiwitNRkLbuB 144 | HpnCrdkLKAFGJhx0PqsUPRIMDTDgn/cmBgYwIIOcFy+tYKh89XT14xEvSj2XH6qD 145 | /GUVBs2sFzId5fbrRwkTUIS/oadQFTBJbWHXs2bKLRMg5PbblDvvTTFHuq10CiwT 146 | alHa+0pTuWFxNCyACxt6ZzpB4n0K9tV5HUC1Fri+JNgkBslzZelHNDm6P7aldxtg 147 | LSo= 148 | -----END ENCRYPTED PRIVATE KEY----- 149 | ``` 150 | Generating a private key with custom options and using it to generate a CSR showing the commands for both and the openssl config for the CSR. 151 | ``` 152 | var rsakeyoptions = { 153 | encryption: { 154 | password: 'test', 155 | cipher: 'des3' 156 | }, 157 | rsa_keygen_bits: 2048, 158 | rsa_keygen_pubexp: 65537, 159 | format: 'PKCS8'*/ 160 | } 161 | 162 | var csroptions = { 163 | hash: 'sha512', 164 | subject: { 165 | countryName: 'US', 166 | stateOrProvinceName: 'Louisiana', 167 | localityName: 'Slidell', 168 | postalCode: '70458', 169 | streetAddress: '1001 Gause Blvd.', 170 | organizationName: 'SMH', 171 | organizationalUnitName: 'IT', 172 | commonName: [ 173 | 'certificatetools.com', 174 | 'www.certificatetools.com' 175 | ], 176 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 177 | }, 178 | extensions: { 179 | basicConstraints: { 180 | critical: true, 181 | CA: true, 182 | pathlen: 1 183 | }, 184 | keyUsage: { 185 | //critical: false, 186 | usages: [ 187 | 'digitalSignature', 188 | 'keyEncipherment' 189 | ] 190 | }, 191 | extendedKeyUsage: { 192 | critical: true, 193 | usages: [ 194 | 'serverAuth', 195 | 'clientAuth' 196 | ] 197 | }, 198 | SANs: { 199 | DNS: [ 200 | 'certificatetools.com', 201 | 'www.certificatetools.com' 202 | ] 203 | } 204 | } 205 | } 206 | 207 | openssl.generateRSAPrivateKey(rsakeyoptions, function(err, key, cmd) { 208 | console.log(cmd); 209 | console.log(key); 210 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 211 | if(err) { 212 | console.log(err); 213 | } else { 214 | console.log(cmd.command); 215 | console.log(csr); 216 | console.log(cmd.files.config); 217 | } 218 | 219 | }); 220 | }); 221 | ``` 222 | Will return like this: 223 | ``` 224 | [ 'openssl genpkey -outform PEM -algorithm RSA -pass pass:test -des3 -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 -out rsa.key' ] 225 | -----BEGIN ENCRYPTED PRIVATE KEY----- 226 | MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIGygSM8eJHg8CAggA 227 | MBQGCCqGSIb3DQMHBAjR9LqF/JED0ASCBMjbgofGddW4epbJN4xfHjkhTmr+S7dA 228 | PPkZsMmj/7oXVox7pxpQ3w4zJJdg2PQdCf7aMjE5aE2N7bKHTw8CYuofQqmpiJOp 229 | svtD33qxPwLJ3g3jqf0ptIVn+TpPbCWG04E0kwblwgkI+3jyIPit4D+GhQp05khs 230 | Iy7DBK3KqnrBGDebJKIBdYKGF20vLCO8PY0h/DTA1uUHHwT5A1OTSVkl2DCJ/NVF 231 | 5e31kDsg2weGTULQGkVBUgybkAWJNvQSyeD6NlGBMHYKNU93NQuszab9U5rAO3z2 232 | TpP6FSLXeEKPs2RSa7Bbc5QLjB/B0rqoHrnDTIXD9zFiA5aRdIELiZY4gQD5vc5F 233 | AfMNE5CM5VM2+SBuvn2a7y2WuM+AynfOPL5RQFFe4ldEgoQQeWhFrhEqPn3rud8s 234 | b4rmEWOj9cemq08UatV2pKIrrcgIuMULwCT3rFt0FOMIr6bVUpItrNvcjPi17Pdw 235 | kZjNg7O0NCU0mYdMXsi2Jj0uRI6TxjuVWoQ2fQyoJc520auYn0C0diREWljBl1NG 236 | MQ3nR71WEGxDGdfcw3tKm/g1GN7dkH4YvpbjPWjN6AyLkv/u7gGtyshyb8NgvlJb 237 | xdteAKuAFjop7MftLF7MKshu4ODj7gdrjJVA329CSdjn4tCteX2Q6iKVUfcXpUMA 238 | OjblRST9/callgQmbpj5pXrB4XLYZk+TDvhFpuTtEzTcKYCfem5CQ/vn3sXJ+iEH 239 | EraATKvpQLlCqzKB14WqaOfISQhg/viie4ieRZHDdHLxuPRzisK8BipxWdQppQqW 240 | g8pc2hZv6RgiW7FeEm/pNlpQaw48ifE3uvscqntmm7nP3GiE+xYEPdy/RgVrPe5W 241 | YkaZdSY4Tb/bRKEAHUGX12CFSdifTgJxBVEQpwmFXHNRDEj6E48blDV6Mni/MioY 242 | LJVWvXxEQyRuiIkCVhugs/nGk6TQOvGDnXq+bAXGcHZD43bZkypSLdVvMnkaHZ0H 243 | dqqM5yfz7tRpNaPvwwPKPI6cnAWPq5IWBKHgo/FZ97imWzFLlRJRxquuKm94fScR 244 | gaBHGD7XxTqSD2nhqEkGxBUmdHoKbEaMDLxRK4dvKP7ut0e40HzlCE5ofiUuCh9B 245 | 4RODmkZSr0jdtkgEeFqSor05oUaxpu51aYcMVishZq6F07wLS0Uzdn+EbcwfYGv0 246 | T9hJaA9UZRj/cBOo81hfoqvxN8CkH8aQ9Nv3Xbr8+LR+mQmcMvluxlqtC9FciIyf 247 | pxFixTlQtSPS6DH3taDfxD2aHggI/IY9TsEuIqp/VNRTiHLJ7VfTlL03/QaQZ1T/ 248 | N5u9zavvpoozoWnXcgM9GoyuE8Z149qgNi4gqcVjEh2EPJur+4QEaZm+mS+ows/4 249 | AuOsDYJ6AJw6Qtw2G0qqDsbcz8EEkIZuxu6Tfb1rbI0tFyys4We3fGdePgdaEJCW 250 | xufczFA8cgC7CBSJfSJx9Op05hMGSEtOgRLRrZJL7u4kAsQ9Zqamz8/2mM5YCO3E 251 | zNN89k6b13fmcuXcN2bFacoQbrXJgA72EAinKEq1lyiB4q0LD5Kp4mM3Fia7gZqs 252 | NGoP5pM61eXypNFU0Wlsq28odu86FxzXia05ataIehyidfGeWEzkDrZc4uwffymF 253 | 8Fc= 254 | -----END ENCRYPTED PRIVATE KEY----- 255 | 256 | [ 'openssl req -new -new -nodes -key rsa.key -config config.txt -passin pass:test' ] 257 | -----BEGIN CERTIFICATE REQUEST----- 258 | MIIDxTCCAq0CAQAwge0xCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb3Vpc2lhbmEx 259 | EDAOBgNVBAcMB1NsaWRlbGwxDjAMBgNVBBEMBTcwNDU4MRkwFwYDVQQJDBAxMDAx 260 | IEdhdXNlIEJsdmQuMQwwCgYDVQQKDANTTUgxCzAJBgNVBAsMAklUMR0wGwYDVQQD 261 | DBRjZXJ0aWZpY2F0ZXRvb2xzLmNvbTEhMB8GA1UEAwwYd3d3LmNlcnRpZmljYXRl 262 | dG9vbHMuY29tMTAwLgYJKoZIhvcNAQkBFiFseWFzLnNwaWVobGVyQHNsaWRlbGxt 263 | ZW1vcmlhbC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe+OU/ 264 | TpicMHwfwUo185seGmmUprWQHTXsJ4a4AWSvmBTses8ObWdFEn/zqZhRchFMlp1a 265 | 3guyGmM/eSAO1Ie/tr2DVAPUH+w6OttucrSLtpyMcops3me6xW61xiZ8DpciP0EU 266 | kjGWoxdC+ZOAV6o0sRpYIIv2OUfBb82W2PV2U8YBhvM65Ybw7xl+Wz2ufcxBABGb 267 | fhQMqwtYtcCV93uaQ4KCZlQuk6leKq8DfI6VQ/vxuzV7KvLL9wYfX2u0++TvmyMC 268 | MWVUlsYuyjJ8KlSx2BroyvzyzppKlDOdhUNdM3i2ln1X4W68PlFZxopjFoR9HL0i 269 | ZbbnCv40JQMP83ArAgMBAAGggZEwgY4GCSqGSIb3DQEJDjGBgDB+MBIGA1UdEwEB 270 | /wQIMAYBAf8CAQEwCwYDVR0PBAQDAgWgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB 271 | BggrBgEFBQcDAjA5BgNVHREEMjAwghRjZXJ0aWZpY2F0ZXRvb2xzLmNvbYIYd3d3 272 | LmNlcnRpZmljYXRldG9vbHMuY29tMA0GCSqGSIb3DQEBDQUAA4IBAQA6NHqm+zh4 273 | H0whrVcAJ/udn5wY70L8sZgjsVBhWPdV4ZyMm2ZdfrHvkav64DsLW3K/5TjgB3oc 274 | gvKI0ruCWCgsKSM9gmWyTxUuVPT6M/cL/qLQNr2h+UoSvvqcD/spwlMtY1FDgfHy 275 | Q3FnUY7BBLFffbxgiJ/LTrvsE7RAvGtRRgYhR/pAl7P1XsD7Iqip1XfFHYRL++/o 276 | 6A0z+kkcZBT4QME2Bm9UmTbI7zDaNcfUJ1QI1oBfLosZ/Uj5d2cAHDc/gD5/u/Ep 277 | vHPMCq0pwYXN/MTFWw7IKGuZ3L+zSgEg/kuvL3qOvpiacFfUvo5BcxXMkSupiBqc 278 | JX0LCXd6RpV8 279 | -----END CERTIFICATE REQUEST----- 280 | 281 | [ req ] 282 | default_md = sha512 283 | prompt = no 284 | req_extensions = req_ext 285 | distinguished_name = req_distinguished_name 286 | [ req_distinguished_name ] 287 | countryName = US 288 | stateOrProvinceName = Louisiana 289 | localityName = Slidell 290 | postalCode = 70458 291 | streetAddress = 1001 Gause Blvd. 292 | organizationName = SMH 293 | organizationalUnitName = IT 294 | 0.commonName = certificatetools.com 295 | 1.commonName = www.certificatetools.com 296 | emailAddress = lyas.spiehler@slidellmemorial.org 297 | [ req_ext ] 298 | basicConstraints=critical,CA:true,pathlen:1 299 | keyUsage=digitalSignature,keyEncipherment 300 | extendedKeyUsage=critical,serverAuth,clientAuth 301 | subjectAltName = @alt_names 302 | [ alt_names ] 303 | DNS.0 = certificatetools.com 304 | DNS.1 = www.certificatetools.com 305 | ``` 306 | Import an existing RSA private key with password test and generate a CSR using it. 307 | ``` 308 | const fs = require('fs'); 309 | 310 | var csroptions = { 311 | hash: 'sha512', 312 | subject: { 313 | countryName: 'US', 314 | stateOrProvinceName: 'Louisiana', 315 | localityName: 'Slidell', 316 | postalCode: '70458', 317 | streetAddress: '1001 Gause Blvd.', 318 | organizationName: 'SMH', 319 | organizationalUnitName: 'IT', 320 | commonName: [ 321 | 'certificatetools.com', 322 | 'www.certificatetools.com' 323 | ], 324 | emailAddress: 'lyas.spiehler@slidellmemorial.org' 325 | }, 326 | extensions: { 327 | basicConstraints: { 328 | critical: true, 329 | CA: true, 330 | pathlen: 1 331 | }, 332 | keyUsage: { 333 | //critical: false, 334 | usages: [ 335 | 'digitalSignature', 336 | 'keyEncipherment' 337 | ] 338 | }, 339 | extendedKeyUsage: { 340 | critical: true, 341 | usages: [ 342 | 'serverAuth', 343 | 'clientAuth' 344 | ] 345 | }, 346 | SANs: { 347 | DNS: [ 348 | 'certificatetools.com', 349 | 'www.certificatetools.com' 350 | ] 351 | } 352 | } 353 | } 354 | 355 | fs.readFile('./test/rsa.key', function(err, contents) { 356 | openssl.importRSAPrivateKey(contents, 'test', function(err, key, cmd) { 357 | openssl.generateCSR(csroptions, key, 'test', function(err, csr, cmd) { 358 | if(err) { 359 | console.log(err); 360 | } else { 361 | console.log(csr); 362 | } 363 | 364 | }); 365 | }); 366 | }); 367 | ``` 368 | Will return like this: 369 | ``` 370 | -----BEGIN CERTIFICATE REQUEST----- 371 | MIIDxTCCAq0CAQAwge0xCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb3Vpc2lhbmEx 372 | EDAOBgNVBAcMB1NsaWRlbGwxDjAMBgNVBBEMBTcwNDU4MRkwFwYDVQQJDBAxMDAx 373 | IEdhdXNlIEJsdmQuMQwwCgYDVQQKDANTTUgxCzAJBgNVBAsMAklUMR0wGwYDVQQD 374 | DBRjZXJ0aWZpY2F0ZXRvb2xzLmNvbTEhMB8GA1UEAwwYd3d3LmNlcnRpZmljYXRl 375 | dG9vbHMuY29tMTAwLgYJKoZIhvcNAQkBFiFseWFzLnNwaWVobGVyQHNsaWRlbGxt 376 | ZW1vcmlhbC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv69qN 377 | xSN/piKKS44mVwgxAOCeSMS1qzmV+73O00zI9lzT5kGiKSmg3pDnzUoXTiLFJRWw 378 | 7IQBpRisLMwTZTH+xGNb9A4ViCLosgEC2skGe5pbF6rigTSQrJSl69mDjg/8Xm/I 379 | Dnh2bCS1pjw+jhCSVfqSEFhxny8QXxnyTQWCakn1lfrDbbHHsh55hPN4aQ9vF9vC 380 | V9RTVUfKoTrc8T5rsgyxZZq4rYxWuVatarS1L/v+YY2LObv8w/lidhxt8VkUGZOu 381 | oZDEKLPPRVzh/8zcaYQlAXQLtwLiSK+npUrJbou9PLsSW0Rj7U5eTRatuQf9Z+Zm 382 | vXS/Avf7y+0RZj4ZAgMBAAGggZEwgY4GCSqGSIb3DQEJDjGBgDB+MBIGA1UdEwEB 383 | /wQIMAYBAf8CAQEwCwYDVR0PBAQDAgWgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMB 384 | BggrBgEFBQcDAjA5BgNVHREEMjAwghRjZXJ0aWZpY2F0ZXRvb2xzLmNvbYIYd3d3 385 | LmNlcnRpZmljYXRldG9vbHMuY29tMA0GCSqGSIb3DQEBDQUAA4IBAQBW7oYzsYBI 386 | yQKrGLj5qtJHqZutzflJYVwmevzdDBDtTJZsIiFENIlGqkzRxEQTLqISnC/jPR86 387 | 2N5m3cn7JGjwEQMGwKMJPxKmBbJu0WTl2n84dTnoJr16mTKaK/03w8uqLArW1pZH 388 | ImKhA3S2GTyEpLbhX1eoQF35Wt1+G8JGf6JCH7a/Mj9KhlaPLFl8BImApyY9zR2l 389 | DrJfTYMaUqzC77FnAecLvglXKPMEv9oKuABbab/RsCsSTV2/ikgXheGdcF7KIA3t 390 | 9qnu5s757nIDgIkJkpOFiI+Z5PFQlJJTOTU909cAFy9HapWTA8DN3t24vlSe1vXc 391 | nI6qB6XsphQP 392 | -----END CERTIFICATE REQUEST----- 393 | ``` 394 | 395 | ### Update name mappings 396 | ``` 397 | node compile_name_mappings.js > name_mappings.js 398 | ``` -------------------------------------------------------------------------------- /name_mappings.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | "Microsoft Universal Principal Name": "msUPN", 3 | "Microsoft Smartcardlogin": "msSmartcardLogin", 4 | "itu-t": "ITU-T", 5 | "iso": "ISO", 6 | "joint-iso-itu-t": "JOINT-ISO-ITU-T", 7 | "ISO Member Body": "member-body", 8 | "identified-organization": "identified-organization", 9 | "hmac-md5": "HMAC-MD5", 10 | "hmac-sha1": "HMAC-SHA1", 11 | "Professional Information or basis for Admission": "x509ExtAdmission", 12 | "certicom-arc": "certicom-arc", 13 | "ieee": "ieee", 14 | "IEEE Security in Storage Working Group": "ieee-siswg", 15 | "International Organizations": "international-organizations", 16 | "wap": "wap", 17 | "wap-wsg": "wap-wsg", 18 | "Selected Attribute Types": "selected-attribute-types", 19 | "clearance": "clearance", 20 | "ISO US Member Body": "ISO-US", 21 | "X9.57": "X9-57", 22 | "X9.57 CM ?": "X9cm", 23 | "ISO CN Member Body": "ISO-CN", 24 | "oscca": "oscca", 25 | "sm-scheme": "sm-scheme", 26 | "dsaEncryption": "DSA", 27 | "dsaWithSHA1": "DSA-SHA1", 28 | "ANSI X9.62": "ansi-X9-62", 29 | "prime-field": "prime-field", 30 | "characteristic-two-field": "characteristic-two-field", 31 | "id-characteristic-two-basis": "id-characteristic-two-basis", 32 | "onBasis": "onBasis", 33 | "tpBasis": "tpBasis", 34 | "ppBasis": "ppBasis", 35 | "id-ecPublicKey": "id-ecPublicKey", 36 | "c2pnb163v1": "c2pnb163v1", 37 | "c2pnb163v2": "c2pnb163v2", 38 | "c2pnb163v3": "c2pnb163v3", 39 | "c2pnb176v1": "c2pnb176v1", 40 | "c2tnb191v1": "c2tnb191v1", 41 | "c2tnb191v2": "c2tnb191v2", 42 | "c2tnb191v3": "c2tnb191v3", 43 | "c2onb191v4": "c2onb191v4", 44 | "c2onb191v5": "c2onb191v5", 45 | "c2pnb208w1": "c2pnb208w1", 46 | "c2tnb239v1": "c2tnb239v1", 47 | "c2tnb239v2": "c2tnb239v2", 48 | "c2tnb239v3": "c2tnb239v3", 49 | "c2onb239v4": "c2onb239v4", 50 | "c2onb239v5": "c2onb239v5", 51 | "c2pnb272w1": "c2pnb272w1", 52 | "c2pnb304w1": "c2pnb304w1", 53 | "c2tnb359v1": "c2tnb359v1", 54 | "c2pnb368w1": "c2pnb368w1", 55 | "c2tnb431r1": "c2tnb431r1", 56 | "prime192v1": "prime192v1", 57 | "prime192v2": "prime192v2", 58 | "prime192v3": "prime192v3", 59 | "prime239v1": "prime239v1", 60 | "prime239v2": "prime239v2", 61 | "prime239v3": "prime239v3", 62 | "prime256v1": "prime256v1", 63 | "ecdsa-with-SHA1": "ecdsa-with-SHA1", 64 | "ecdsa-with-Recommended": "ecdsa-with-Recommended", 65 | "ecdsa-with-Specified": "ecdsa-with-Specified", 66 | "ecdsa-with-SHA224": "ecdsa-with-SHA224", 67 | "ecdsa-with-SHA256": "ecdsa-with-SHA256", 68 | "ecdsa-with-SHA384": "ecdsa-with-SHA384", 69 | "ecdsa-with-SHA512": "ecdsa-with-SHA512", 70 | "secp112r1": "secp112r1", 71 | "secp112r2": "secp112r2", 72 | "secp128r1": "secp128r1", 73 | "secp128r2": "secp128r2", 74 | "secp160k1": "secp160k1", 75 | "secp160r1": "secp160r1", 76 | "secp160r2": "secp160r2", 77 | "secp192k1": "secp192k1", 78 | "secp224k1": "secp224k1", 79 | "secp224r1": "secp224r1", 80 | "secp256k1": "secp256k1", 81 | "secp384r1": "secp384r1", 82 | "secp521r1": "secp521r1", 83 | "sect113r1": "sect113r1", 84 | "sect113r2": "sect113r2", 85 | "sect131r1": "sect131r1", 86 | "sect131r2": "sect131r2", 87 | "sect163k1": "sect163k1", 88 | "sect163r1": "sect163r1", 89 | "sect163r2": "sect163r2", 90 | "sect193r1": "sect193r1", 91 | "sect193r2": "sect193r2", 92 | "sect233k1": "sect233k1", 93 | "sect233r1": "sect233r1", 94 | "sect239k1": "sect239k1", 95 | "sect283k1": "sect283k1", 96 | "sect283r1": "sect283r1", 97 | "sect409k1": "sect409k1", 98 | "sect409r1": "sect409r1", 99 | "sect571k1": "sect571k1", 100 | "sect571r1": "sect571r1", 101 | "wap-wsg-idm-ecid-wtls1": "wap-wsg-idm-ecid-wtls1", 102 | "wap-wsg-idm-ecid-wtls3": "wap-wsg-idm-ecid-wtls3", 103 | "wap-wsg-idm-ecid-wtls4": "wap-wsg-idm-ecid-wtls4", 104 | "wap-wsg-idm-ecid-wtls5": "wap-wsg-idm-ecid-wtls5", 105 | "wap-wsg-idm-ecid-wtls6": "wap-wsg-idm-ecid-wtls6", 106 | "wap-wsg-idm-ecid-wtls7": "wap-wsg-idm-ecid-wtls7", 107 | "wap-wsg-idm-ecid-wtls8": "wap-wsg-idm-ecid-wtls8", 108 | "wap-wsg-idm-ecid-wtls9": "wap-wsg-idm-ecid-wtls9", 109 | "wap-wsg-idm-ecid-wtls10": "wap-wsg-idm-ecid-wtls10", 110 | "wap-wsg-idm-ecid-wtls11": "wap-wsg-idm-ecid-wtls11", 111 | "wap-wsg-idm-ecid-wtls12": "wap-wsg-idm-ecid-wtls12", 112 | "cast5-cbc": "CAST5-CBC", 113 | "cast5-ecb": "CAST5-ECB", 114 | "cast5-cfb": "CAST5-CFB", 115 | "cast5-ofb": "CAST5-OFB", 116 | "pbeWithMD5AndCast5CBC": "pbeWithMD5AndCast5CBC", 117 | "password based MAC": "id-PasswordBasedMAC", 118 | "Diffie-Hellman based MAC": "id-DHBasedMac", 119 | "RSA Data Security, Inc.": "rsadsi", 120 | "RSA Data Security, Inc. PKCS": "pkcs", 121 | "pkcs1": "pkcs1", 122 | "rsaEncryption": "rsaEncryption", 123 | "md2WithRSAEncryption": "RSA-MD2", 124 | "md4WithRSAEncryption": "RSA-MD4", 125 | "md5WithRSAEncryption": "RSA-MD5", 126 | "sha1WithRSAEncryption": "RSA-SHA1", 127 | "rsaesOaep": "RSAES-OAEP", 128 | "mgf1": "MGF1", 129 | "pSpecified": "PSPECIFIED", 130 | "rsassaPss": "RSASSA-PSS", 131 | "sha256WithRSAEncryption": "RSA-SHA256", 132 | "sha384WithRSAEncryption": "RSA-SHA384", 133 | "sha512WithRSAEncryption": "RSA-SHA512", 134 | "sha224WithRSAEncryption": "RSA-SHA224", 135 | "sha512-224WithRSAEncryption": "RSA-SHA512/224", 136 | "sha512-256WithRSAEncryption": "RSA-SHA512/256", 137 | "pkcs3": "pkcs3", 138 | "dhKeyAgreement": "dhKeyAgreement", 139 | "pkcs5": "pkcs5", 140 | "pbeWithMD2AndDES-CBC": "PBE-MD2-DES", 141 | "pbeWithMD5AndDES-CBC": "PBE-MD5-DES", 142 | "pbeWithMD2AndRC2-CBC": "PBE-MD2-RC2-64", 143 | "pbeWithMD5AndRC2-CBC": "PBE-MD5-RC2-64", 144 | "pbeWithSHA1AndDES-CBC": "PBE-SHA1-DES", 145 | "pbeWithSHA1AndRC2-CBC": "PBE-SHA1-RC2-64", 146 | "PBKDF2": "PBKDF2", 147 | "PBES2": "PBES2", 148 | "PBMAC1": "PBMAC1", 149 | "pkcs7": "pkcs7", 150 | "pkcs7-data": "pkcs7-data", 151 | "pkcs7-signedData": "pkcs7-signedData", 152 | "pkcs7-envelopedData": "pkcs7-envelopedData", 153 | "pkcs7-signedAndEnvelopedData": "pkcs7-signedAndEnvelopedData", 154 | "pkcs7-digestData": "pkcs7-digestData", 155 | "pkcs7-encryptedData": "pkcs7-encryptedData", 156 | "pkcs9": "pkcs9", 157 | "emailAddress": "emailAddress", 158 | "unstructuredName": "unstructuredName", 159 | "contentType": "contentType", 160 | "messageDigest": "messageDigest", 161 | "signingTime": "signingTime", 162 | "countersignature": "countersignature", 163 | "challengePassword": "challengePassword", 164 | "unstructuredAddress": "unstructuredAddress", 165 | "extendedCertificateAttributes": "extendedCertificateAttributes", 166 | "Extension Request": "extReq", 167 | "S/MIME Capabilities": "SMIME-CAPS", 168 | "S/MIME": "SMIME", 169 | "id-smime-mod": "id-smime-mod", 170 | "id-smime-ct": "id-smime-ct", 171 | "id-smime-aa": "id-smime-aa", 172 | "id-smime-alg": "id-smime-alg", 173 | "id-smime-cd": "id-smime-cd", 174 | "id-smime-spq": "id-smime-spq", 175 | "id-smime-cti": "id-smime-cti", 176 | "id-smime-mod-cms": "id-smime-mod-cms", 177 | "id-smime-mod-ess": "id-smime-mod-ess", 178 | "id-smime-mod-oid": "id-smime-mod-oid", 179 | "id-smime-mod-msg-v3": "id-smime-mod-msg-v3", 180 | "id-smime-mod-ets-eSignature-88": "id-smime-mod-ets-eSignature-88", 181 | "id-smime-mod-ets-eSignature-97": "id-smime-mod-ets-eSignature-97", 182 | "id-smime-mod-ets-eSigPolicy-88": "id-smime-mod-ets-eSigPolicy-88", 183 | "id-smime-mod-ets-eSigPolicy-97": "id-smime-mod-ets-eSigPolicy-97", 184 | "id-smime-ct-receipt": "id-smime-ct-receipt", 185 | "id-smime-ct-authData": "id-smime-ct-authData", 186 | "id-smime-ct-publishCert": "id-smime-ct-publishCert", 187 | "id-smime-ct-TSTInfo": "id-smime-ct-TSTInfo", 188 | "id-smime-ct-TDTInfo": "id-smime-ct-TDTInfo", 189 | "id-smime-ct-contentInfo": "id-smime-ct-contentInfo", 190 | "id-smime-ct-DVCSRequestData": "id-smime-ct-DVCSRequestData", 191 | "id-smime-ct-DVCSResponseData": "id-smime-ct-DVCSResponseData", 192 | "id-smime-ct-compressedData": "id-smime-ct-compressedData", 193 | "id-smime-ct-contentCollection": "id-smime-ct-contentCollection", 194 | "id-smime-ct-authEnvelopedData": "id-smime-ct-authEnvelopedData", 195 | "id-ct-asciiTextWithCRLF": "id-ct-asciiTextWithCRLF", 196 | "id-ct-xml": "id-ct-xml", 197 | "id-smime-aa-receiptRequest": "id-smime-aa-receiptRequest", 198 | "id-smime-aa-securityLabel": "id-smime-aa-securityLabel", 199 | "id-smime-aa-mlExpandHistory": "id-smime-aa-mlExpandHistory", 200 | "id-smime-aa-contentHint": "id-smime-aa-contentHint", 201 | "id-smime-aa-msgSigDigest": "id-smime-aa-msgSigDigest", 202 | "id-smime-aa-encapContentType": "id-smime-aa-encapContentType", 203 | "id-smime-aa-contentIdentifier": "id-smime-aa-contentIdentifier", 204 | "id-smime-aa-macValue": "id-smime-aa-macValue", 205 | "id-smime-aa-equivalentLabels": "id-smime-aa-equivalentLabels", 206 | "id-smime-aa-contentReference": "id-smime-aa-contentReference", 207 | "id-smime-aa-encrypKeyPref": "id-smime-aa-encrypKeyPref", 208 | "id-smime-aa-signingCertificate": "id-smime-aa-signingCertificate", 209 | "id-smime-aa-smimeEncryptCerts": "id-smime-aa-smimeEncryptCerts", 210 | "id-smime-aa-timeStampToken": "id-smime-aa-timeStampToken", 211 | "id-smime-aa-ets-sigPolicyId": "id-smime-aa-ets-sigPolicyId", 212 | "id-smime-aa-ets-commitmentType": "id-smime-aa-ets-commitmentType", 213 | "id-smime-aa-ets-signerLocation": "id-smime-aa-ets-signerLocation", 214 | "id-smime-aa-ets-signerAttr": "id-smime-aa-ets-signerAttr", 215 | "id-smime-aa-ets-otherSigCert": "id-smime-aa-ets-otherSigCert", 216 | "id-smime-aa-ets-contentTimestamp": "id-smime-aa-ets-contentTimestamp", 217 | "id-smime-aa-ets-CertificateRefs": "id-smime-aa-ets-CertificateRefs", 218 | "id-smime-aa-ets-RevocationRefs": "id-smime-aa-ets-RevocationRefs", 219 | "id-smime-aa-ets-certValues": "id-smime-aa-ets-certValues", 220 | "id-smime-aa-ets-revocationValues": "id-smime-aa-ets-revocationValues", 221 | "id-smime-aa-ets-escTimeStamp": "id-smime-aa-ets-escTimeStamp", 222 | "id-smime-aa-ets-certCRLTimestamp": "id-smime-aa-ets-certCRLTimestamp", 223 | "id-smime-aa-ets-archiveTimeStamp": "id-smime-aa-ets-archiveTimeStamp", 224 | "id-smime-aa-signatureType": "id-smime-aa-signatureType", 225 | "id-smime-aa-dvcs-dvc": "id-smime-aa-dvcs-dvc", 226 | "id-smime-aa-signingCertificateV2": "id-smime-aa-signingCertificateV2", 227 | "id-smime-alg-ESDHwith3DES": "id-smime-alg-ESDHwith3DES", 228 | "id-smime-alg-ESDHwithRC2": "id-smime-alg-ESDHwithRC2", 229 | "id-smime-alg-3DESwrap": "id-smime-alg-3DESwrap", 230 | "id-smime-alg-RC2wrap": "id-smime-alg-RC2wrap", 231 | "id-smime-alg-ESDH": "id-smime-alg-ESDH", 232 | "id-smime-alg-CMS3DESwrap": "id-smime-alg-CMS3DESwrap", 233 | "id-smime-alg-CMSRC2wrap": "id-smime-alg-CMSRC2wrap", 234 | "id-alg-PWRI-KEK": "id-alg-PWRI-KEK", 235 | "id-smime-cd-ldap": "id-smime-cd-ldap", 236 | "id-smime-spq-ets-sqt-uri": "id-smime-spq-ets-sqt-uri", 237 | "id-smime-spq-ets-sqt-unotice": "id-smime-spq-ets-sqt-unotice", 238 | "id-smime-cti-ets-proofOfOrigin": "id-smime-cti-ets-proofOfOrigin", 239 | "id-smime-cti-ets-proofOfReceipt": "id-smime-cti-ets-proofOfReceipt", 240 | "id-smime-cti-ets-proofOfDelivery": "id-smime-cti-ets-proofOfDelivery", 241 | "id-smime-cti-ets-proofOfSender": "id-smime-cti-ets-proofOfSender", 242 | "id-smime-cti-ets-proofOfApproval": "id-smime-cti-ets-proofOfApproval", 243 | "id-smime-cti-ets-proofOfCreation": "id-smime-cti-ets-proofOfCreation", 244 | "friendlyName": "friendlyName", 245 | "localKeyID": "localKeyID", 246 | "Microsoft CSP Name": "CSPName", 247 | "Microsoft Local Key set": "LocalKeySet", 248 | "x509Certificate": "x509Certificate", 249 | "sdsiCertificate": "sdsiCertificate", 250 | "x509Crl": "x509Crl", 251 | "pbeWithSHA1And128BitRC4": "PBE-SHA1-RC4-128", 252 | "pbeWithSHA1And40BitRC4": "PBE-SHA1-RC4-40", 253 | "pbeWithSHA1And3-KeyTripleDES-CBC": "PBE-SHA1-3DES", 254 | "pbeWithSHA1And2-KeyTripleDES-CBC": "PBE-SHA1-2DES", 255 | "pbeWithSHA1And128BitRC2-CBC": "PBE-SHA1-RC2-128", 256 | "pbeWithSHA1And40BitRC2-CBC": "PBE-SHA1-RC2-40", 257 | "keyBag": "keyBag", 258 | "pkcs8ShroudedKeyBag": "pkcs8ShroudedKeyBag", 259 | "certBag": "certBag", 260 | "crlBag": "crlBag", 261 | "secretBag": "secretBag", 262 | "safeContentsBag": "safeContentsBag", 263 | "md2": "MD2", 264 | "md4": "MD4", 265 | "md5": "MD5", 266 | "md5-sha1": "MD5-SHA1", 267 | "hmacWithMD5": "hmacWithMD5", 268 | "hmacWithSHA1": "hmacWithSHA1", 269 | "sm2": "SM2", 270 | "sm3": "SM3", 271 | "sm3WithRSAEncryption": "RSA-SM3", 272 | "hmacWithSHA224": "hmacWithSHA224", 273 | "hmacWithSHA256": "hmacWithSHA256", 274 | "hmacWithSHA384": "hmacWithSHA384", 275 | "hmacWithSHA512": "hmacWithSHA512", 276 | "hmacWithSHA512-224": "hmacWithSHA512-224", 277 | "hmacWithSHA512-256": "hmacWithSHA512-256", 278 | "rc2-cbc": "RC2-CBC", 279 | "rc2-ecb": "RC2-ECB", 280 | "rc2-cfb": "RC2-CFB", 281 | "rc2-ofb": "RC2-OFB", 282 | "rc2-40-cbc": "RC2-40-CBC", 283 | "rc2-64-cbc": "RC2-64-CBC", 284 | "rc4": "RC4", 285 | "rc4-40": "RC4-40", 286 | "des-ede3-cbc": "DES-EDE3-CBC", 287 | "rc5-cbc": "RC5-CBC", 288 | "rc5-ecb": "RC5-ECB", 289 | "rc5-cfb": "RC5-CFB", 290 | "rc5-ofb": "RC5-OFB", 291 | "Microsoft Extension Request": "msExtReq", 292 | "Microsoft Individual Code Signing": "msCodeInd", 293 | "Microsoft Commercial Code Signing": "msCodeCom", 294 | "Microsoft Trust List Signing": "msCTLSign", 295 | "Microsoft Server Gated Crypto": "msSGC", 296 | "Microsoft Encrypted File System": "msEFS", 297 | "Microsoft Smartcard Login": "msSmartcardLogin", 298 | "Microsoft User Principal Name": "msUPN", 299 | "idea-cbc": "IDEA-CBC", 300 | "idea-ecb": "IDEA-ECB", 301 | "idea-cfb": "IDEA-CFB", 302 | "idea-ofb": "IDEA-OFB", 303 | "bf-cbc": "BF-CBC", 304 | "bf-ecb": "BF-ECB", 305 | "bf-cfb": "BF-CFB", 306 | "bf-ofb": "BF-OFB", 307 | "PKIX": "PKIX", 308 | "id-pkix-mod": "id-pkix-mod", 309 | "id-pe": "id-pe", 310 | "id-qt": "id-qt", 311 | "id-kp": "id-kp", 312 | "id-it": "id-it", 313 | "id-pkip": "id-pkip", 314 | "id-alg": "id-alg", 315 | "id-cmc": "id-cmc", 316 | "id-on": "id-on", 317 | "id-pda": "id-pda", 318 | "id-aca": "id-aca", 319 | "id-qcs": "id-qcs", 320 | "id-cct": "id-cct", 321 | "id-ppl": "id-ppl", 322 | "id-ad": "id-ad", 323 | "id-pkix1-explicit-88": "id-pkix1-explicit-88", 324 | "id-pkix1-implicit-88": "id-pkix1-implicit-88", 325 | "id-pkix1-explicit-93": "id-pkix1-explicit-93", 326 | "id-pkix1-implicit-93": "id-pkix1-implicit-93", 327 | "id-mod-crmf": "id-mod-crmf", 328 | "id-mod-cmc": "id-mod-cmc", 329 | "id-mod-kea-profile-88": "id-mod-kea-profile-88", 330 | "id-mod-kea-profile-93": "id-mod-kea-profile-93", 331 | "id-mod-cmp": "id-mod-cmp", 332 | "id-mod-qualified-cert-88": "id-mod-qualified-cert-88", 333 | "id-mod-qualified-cert-93": "id-mod-qualified-cert-93", 334 | "id-mod-attribute-cert": "id-mod-attribute-cert", 335 | "id-mod-timestamp-protocol": "id-mod-timestamp-protocol", 336 | "id-mod-ocsp": "id-mod-ocsp", 337 | "id-mod-dvcs": "id-mod-dvcs", 338 | "id-mod-cmp2000": "id-mod-cmp2000", 339 | "Authority Information Access": "authorityInfoAccess", 340 | "Biometric Info": "biometricInfo", 341 | "qcStatements": "qcStatements", 342 | "ac-auditEntity": "ac-auditEntity", 343 | "ac-targeting": "ac-targeting", 344 | "aaControls": "aaControls", 345 | "sbgp-ipAddrBlock": "sbgp-ipAddrBlock", 346 | "sbgp-autonomousSysNum": "sbgp-autonomousSysNum", 347 | "sbgp-routerIdentifier": "sbgp-routerIdentifier", 348 | "ac-proxying": "ac-proxying", 349 | "Subject Information Access": "subjectInfoAccess", 350 | "Proxy Certificate Information": "proxyCertInfo", 351 | "TLS Feature": "tlsfeature", 352 | "Policy Qualifier CPS": "id-qt-cps", 353 | "Policy Qualifier User Notice": "id-qt-unotice", 354 | "textNotice": "textNotice", 355 | "TLS Web Server Authentication": "serverAuth", 356 | "TLS Web Client Authentication": "clientAuth", 357 | "Code Signing": "codeSigning", 358 | "E-mail Protection": "emailProtection", 359 | "IPSec End System": "ipsecEndSystem", 360 | "IPSec Tunnel": "ipsecTunnel", 361 | "IPSec User": "ipsecUser", 362 | "Time Stamping": "timeStamping", 363 | "OCSP Signing": "OCSPSigning", 364 | "dvcs": "DVCS", 365 | "ipsec Internet Key Exchange": "ipsecIKE", 366 | "Ctrl/provision WAP Access": "capwapAC", 367 | "Ctrl/Provision WAP Termination": "capwapWTP", 368 | "SSH Client": "secureShellClient", 369 | "SSH Server": "secureShellServer", 370 | "Send Router": "sendRouter", 371 | "Send Proxied Router": "sendProxiedRouter", 372 | "Send Owner": "sendOwner", 373 | "Send Proxied Owner": "sendProxiedOwner", 374 | "CMC Certificate Authority": "cmcCA", 375 | "CMC Registration Authority": "cmcRA", 376 | "id-it-caProtEncCert": "id-it-caProtEncCert", 377 | "id-it-signKeyPairTypes": "id-it-signKeyPairTypes", 378 | "id-it-encKeyPairTypes": "id-it-encKeyPairTypes", 379 | "id-it-preferredSymmAlg": "id-it-preferredSymmAlg", 380 | "id-it-caKeyUpdateInfo": "id-it-caKeyUpdateInfo", 381 | "id-it-currentCRL": "id-it-currentCRL", 382 | "id-it-unsupportedOIDs": "id-it-unsupportedOIDs", 383 | "id-it-subscriptionRequest": "id-it-subscriptionRequest", 384 | "id-it-subscriptionResponse": "id-it-subscriptionResponse", 385 | "id-it-keyPairParamReq": "id-it-keyPairParamReq", 386 | "id-it-keyPairParamRep": "id-it-keyPairParamRep", 387 | "id-it-revPassphrase": "id-it-revPassphrase", 388 | "id-it-implicitConfirm": "id-it-implicitConfirm", 389 | "id-it-confirmWaitTime": "id-it-confirmWaitTime", 390 | "id-it-origPKIMessage": "id-it-origPKIMessage", 391 | "id-it-suppLangTags": "id-it-suppLangTags", 392 | "id-regCtrl": "id-regCtrl", 393 | "id-regInfo": "id-regInfo", 394 | "id-regCtrl-regToken": "id-regCtrl-regToken", 395 | "id-regCtrl-authenticator": "id-regCtrl-authenticator", 396 | "id-regCtrl-pkiPublicationInfo": "id-regCtrl-pkiPublicationInfo", 397 | "id-regCtrl-pkiArchiveOptions": "id-regCtrl-pkiArchiveOptions", 398 | "id-regCtrl-oldCertID": "id-regCtrl-oldCertID", 399 | "id-regCtrl-protocolEncrKey": "id-regCtrl-protocolEncrKey", 400 | "id-regInfo-utf8Pairs": "id-regInfo-utf8Pairs", 401 | "id-regInfo-certReq": "id-regInfo-certReq", 402 | "id-alg-des40": "id-alg-des40", 403 | "id-alg-noSignature": "id-alg-noSignature", 404 | "id-alg-dh-sig-hmac-sha1": "id-alg-dh-sig-hmac-sha1", 405 | "id-alg-dh-pop": "id-alg-dh-pop", 406 | "id-cmc-statusInfo": "id-cmc-statusInfo", 407 | "id-cmc-identification": "id-cmc-identification", 408 | "id-cmc-identityProof": "id-cmc-identityProof", 409 | "id-cmc-dataReturn": "id-cmc-dataReturn", 410 | "id-cmc-transactionId": "id-cmc-transactionId", 411 | "id-cmc-senderNonce": "id-cmc-senderNonce", 412 | "id-cmc-recipientNonce": "id-cmc-recipientNonce", 413 | "id-cmc-addExtensions": "id-cmc-addExtensions", 414 | "id-cmc-encryptedPOP": "id-cmc-encryptedPOP", 415 | "id-cmc-decryptedPOP": "id-cmc-decryptedPOP", 416 | "id-cmc-lraPOPWitness": "id-cmc-lraPOPWitness", 417 | "id-cmc-getCert": "id-cmc-getCert", 418 | "id-cmc-getCRL": "id-cmc-getCRL", 419 | "id-cmc-revokeRequest": "id-cmc-revokeRequest", 420 | "id-cmc-regInfo": "id-cmc-regInfo", 421 | "id-cmc-responseInfo": "id-cmc-responseInfo", 422 | "id-cmc-queryPending": "id-cmc-queryPending", 423 | "id-cmc-popLinkRandom": "id-cmc-popLinkRandom", 424 | "id-cmc-popLinkWitness": "id-cmc-popLinkWitness", 425 | "id-cmc-confirmCertAcceptance": "id-cmc-confirmCertAcceptance", 426 | "id-on-personalData": "id-on-personalData", 427 | "Permanent Identifier": "id-on-permanentIdentifier", 428 | "id-pda-dateOfBirth": "id-pda-dateOfBirth", 429 | "id-pda-placeOfBirth": "id-pda-placeOfBirth", 430 | "id-pda-gender": "id-pda-gender", 431 | "id-pda-countryOfCitizenship": "id-pda-countryOfCitizenship", 432 | "id-pda-countryOfResidence": "id-pda-countryOfResidence", 433 | "id-aca-authenticationInfo": "id-aca-authenticationInfo", 434 | "id-aca-accessIdentity": "id-aca-accessIdentity", 435 | "id-aca-chargingIdentity": "id-aca-chargingIdentity", 436 | "id-aca-group": "id-aca-group", 437 | "id-aca-role": "id-aca-role", 438 | "id-aca-encAttrs": "id-aca-encAttrs", 439 | "id-qcs-pkixQCSyntax-v1": "id-qcs-pkixQCSyntax-v1", 440 | "id-cct-crs": "id-cct-crs", 441 | "id-cct-PKIData": "id-cct-PKIData", 442 | "id-cct-PKIResponse": "id-cct-PKIResponse", 443 | "Any language": "id-ppl-anyLanguage", 444 | "Inherit all": "id-ppl-inheritAll", 445 | "Independent": "id-ppl-independent", 446 | "OCSP": "OCSP", 447 | "CA Issuers": "caIssuers", 448 | "AD Time Stamping": "ad_timestamping", 449 | "ad dvcs": "AD_DVCS", 450 | "CA Repository": "caRepository", 451 | "Basic OCSP Response": "basicOCSPResponse", 452 | "OCSP Nonce": "Nonce", 453 | "OCSP CRL ID": "CrlID", 454 | "Acceptable OCSP Responses": "acceptableResponses", 455 | "OCSP No Check": "noCheck", 456 | "OCSP Archive Cutoff": "archiveCutoff", 457 | "OCSP Service Locator": "serviceLocator", 458 | "Extended OCSP Status": "extendedStatus", 459 | "valid": "valid", 460 | "path": "path", 461 | "Trust Root": "trustRoot", 462 | "algorithm": "algorithm", 463 | "md5WithRSA": "RSA-NP-MD5", 464 | "des-ecb": "DES-ECB", 465 | "des-cbc": "DES-CBC", 466 | "des-ofb": "DES-OFB", 467 | "des-cfb": "DES-CFB", 468 | "rsaSignature": "rsaSignature", 469 | "dsaEncryption-old": "DSA-old", 470 | "dsaWithSHA": "DSA-SHA", 471 | "shaWithRSAEncryption": "RSA-SHA", 472 | "des-ede": "DES-EDE", 473 | "des-ede3": "DES-EDE3", 474 | "des-ede-cbc": "DES-EDE-CBC", 475 | "des-ede-cfb": "DES-EDE-CFB", 476 | "des-ede3-cfb": "DES-EDE3-CFB", 477 | "des-ede-ofb": "DES-EDE-OFB", 478 | "des-ede3-ofb": "DES-EDE3-OFB", 479 | "desx-cbc": "DESX-CBC", 480 | "sha": "SHA", 481 | "sha1": "SHA1", 482 | "dsaWithSHA1-old": "DSA-SHA1-old", 483 | "sha1WithRSA": "RSA-SHA1-2", 484 | "ripemd160": "RIPEMD160", 485 | "ripemd160WithRSA": "RSA-RIPEMD160", 486 | "blake2b512": "BLAKE2b512", 487 | "blake2s256": "BLAKE2s256", 488 | "Strong Extranet ID": "SXNetID", 489 | "directory services (X.500)": "X500", 490 | "X509": "X509", 491 | "commonName": "CN", 492 | "surname": "SN", 493 | "serialNumber": "serialNumber", 494 | "countryName": "C", 495 | "localityName": "L", 496 | "stateOrProvinceName": "ST", 497 | "streetAddress": "street", 498 | "organizationName": "O", 499 | "organizationalUnitName": "OU", 500 | "title": "title", 501 | "description": "description", 502 | "searchGuide": "searchGuide", 503 | "businessCategory": "businessCategory", 504 | "postalAddress": "postalAddress", 505 | "postalCode": "postalCode", 506 | "postOfficeBox": "postOfficeBox", 507 | "physicalDeliveryOfficeName": "physicalDeliveryOfficeName", 508 | "telephoneNumber": "telephoneNumber", 509 | "telexNumber": "telexNumber", 510 | "teletexTerminalIdentifier": "teletexTerminalIdentifier", 511 | "facsimileTelephoneNumber": "facsimileTelephoneNumber", 512 | "x121Address": "x121Address", 513 | "internationaliSDNNumber": "internationaliSDNNumber", 514 | "registeredAddress": "registeredAddress", 515 | "destinationIndicator": "destinationIndicator", 516 | "preferredDeliveryMethod": "preferredDeliveryMethod", 517 | "presentationAddress": "presentationAddress", 518 | "supportedApplicationContext": "supportedApplicationContext", 519 | "": "dmdName", 520 | "roleOccupant": "roleOccupant", 521 | "userPassword": "userPassword", 522 | "userCertificate": "userCertificate", 523 | "cACertificate": "cACertificate", 524 | "authorityRevocationList": "authorityRevocationList", 525 | "certificateRevocationList": "certificateRevocationList", 526 | "crossCertificatePair": "crossCertificatePair", 527 | "name": "name", 528 | "givenName": "GN", 529 | "initials": "initials", 530 | "generationQualifier": "generationQualifier", 531 | "x500UniqueIdentifier": "x500UniqueIdentifier", 532 | "dnQualifier": "dnQualifier", 533 | "enhancedSearchGuide": "enhancedSearchGuide", 534 | "protocolInformation": "protocolInformation", 535 | "distinguishedName": "distinguishedName", 536 | "uniqueMember": "uniqueMember", 537 | "houseIdentifier": "houseIdentifier", 538 | "supportedAlgorithms": "supportedAlgorithms", 539 | "deltaRevocationList": "deltaRevocationList", 540 | "pseudonym": "pseudonym", 541 | "role": "role", 542 | "organizationIdentifier": "organizationIdentifier", 543 | "countryCode3c": "c3", 544 | "countryCode3n": "n3", 545 | "dnsName": "dnsName", 546 | "directory services - algorithms": "X500algorithms", 547 | "rsa": "RSA", 548 | "mdc2WithRSA": "RSA-MDC2", 549 | "mdc2": "MDC2", 550 | "id-ce": "id-ce", 551 | "X509v3 Subject Directory Attributes": "subjectDirectoryAttributes", 552 | "X509v3 Subject Key Identifier": "subjectKeyIdentifier", 553 | "X509v3 Key Usage": "keyUsage", 554 | "X509v3 Private Key Usage Period": "privateKeyUsagePeriod", 555 | "X509v3 Subject Alternative Name": "subjectAltName", 556 | "X509v3 Issuer Alternative Name": "issuerAltName", 557 | "X509v3 Basic Constraints": "basicConstraints", 558 | "X509v3 CRL Number": "crlNumber", 559 | "X509v3 CRL Reason Code": "CRLReason", 560 | "Invalidity Date": "invalidityDate", 561 | "X509v3 Delta CRL Indicator": "deltaCRL", 562 | "X509v3 Issuing Distribution Point": "issuingDistributionPoint", 563 | "X509v3 Certificate Issuer": "certificateIssuer", 564 | "X509v3 Name Constraints": "nameConstraints", 565 | "X509v3 CRL Distribution Points": "crlDistributionPoints", 566 | "X509v3 Certificate Policies": "certificatePolicies", 567 | "X509v3 Any Policy": "anyPolicy", 568 | "X509v3 Policy Mappings": "policyMappings", 569 | "X509v3 Authority Key Identifier": "authorityKeyIdentifier", 570 | "X509v3 Policy Constraints": "policyConstraints", 571 | "X509v3 Extended Key Usage": "extendedKeyUsage", 572 | "X509v3 Freshest CRL": "freshestCRL", 573 | "X509v3 Inhibit Any Policy": "inhibitAnyPolicy", 574 | "X509v3 AC Targeting": "targetInformation", 575 | "X509v3 No Revocation Available": "noRevAvail", 576 | "Any Extended Key Usage": "anyExtendedKeyUsage", 577 | "Netscape Communications Corp.": "Netscape", 578 | "Netscape Certificate Extension": "nsCertExt", 579 | "Netscape Data Type": "nsDataType", 580 | "Netscape Cert Type": "nsCertType", 581 | "Netscape Base Url": "nsBaseUrl", 582 | "Netscape Revocation Url": "nsRevocationUrl", 583 | "Netscape CA Revocation Url": "nsCaRevocationUrl", 584 | "Netscape Renewal Url": "nsRenewalUrl", 585 | "Netscape CA Policy Url": "nsCaPolicyUrl", 586 | "Netscape SSL Server Name": "nsSslServerName", 587 | "Netscape Comment": "nsComment", 588 | "Netscape Certificate Sequence": "nsCertSequence", 589 | "Netscape Server Gated Crypto": "nsSGC", 590 | "org": "ORG", 591 | "dod": "DOD", 592 | "iana": "IANA", 593 | "Directory": "directory", 594 | "Management": "mgmt", 595 | "Experimental": "experimental", 596 | "Private": "private", 597 | "Security": "security", 598 | "SNMPv2": "snmpv2", 599 | "Mail": "Mail", 600 | "Enterprises": "enterprises", 601 | "dcObject": "dcobject", 602 | "MIME MHS": "mime-mhs", 603 | "mime-mhs-headings": "mime-mhs-headings", 604 | "mime-mhs-bodies": "mime-mhs-bodies", 605 | "id-hex-partial-message": "id-hex-partial-message", 606 | "id-hex-multipart-message": "id-hex-multipart-message", 607 | "zlib compression": "ZLIB", 608 | "aes-128-ecb": "AES-128-ECB", 609 | "aes-128-cbc": "AES-128-CBC", 610 | "aes-128-ofb": "AES-128-OFB", 611 | "aes-128-cfb": "AES-128-CFB", 612 | "id-aes128-wrap": "id-aes128-wrap", 613 | "aes-128-gcm": "id-aes128-GCM", 614 | "aes-128-ccm": "id-aes128-CCM", 615 | "id-aes128-wrap-pad": "id-aes128-wrap-pad", 616 | "aes-192-ecb": "AES-192-ECB", 617 | "aes-192-cbc": "AES-192-CBC", 618 | "aes-192-ofb": "AES-192-OFB", 619 | "aes-192-cfb": "AES-192-CFB", 620 | "id-aes192-wrap": "id-aes192-wrap", 621 | "aes-192-gcm": "id-aes192-GCM", 622 | "aes-192-ccm": "id-aes192-CCM", 623 | "id-aes192-wrap-pad": "id-aes192-wrap-pad", 624 | "aes-256-ecb": "AES-256-ECB", 625 | "aes-256-cbc": "AES-256-CBC", 626 | "aes-256-ofb": "AES-256-OFB", 627 | "aes-256-cfb": "AES-256-CFB", 628 | "id-aes256-wrap": "id-aes256-wrap", 629 | "aes-256-gcm": "id-aes256-GCM", 630 | "aes-256-ccm": "id-aes256-CCM", 631 | "id-aes256-wrap-pad": "id-aes256-wrap-pad", 632 | "aes-128-xts": "AES-128-XTS", 633 | "aes-256-xts": "AES-256-XTS", 634 | "aes-128-cfb1": "AES-128-CFB1", 635 | "aes-192-cfb1": "AES-192-CFB1", 636 | "aes-256-cfb1": "AES-256-CFB1", 637 | "aes-128-cfb8": "AES-128-CFB8", 638 | "aes-192-cfb8": "AES-192-CFB8", 639 | "aes-256-cfb8": "AES-256-CFB8", 640 | "aes-128-ctr": "AES-128-CTR", 641 | "aes-192-ctr": "AES-192-CTR", 642 | "aes-256-ctr": "AES-256-CTR", 643 | "aes-128-ocb": "AES-128-OCB", 644 | "aes-192-ocb": "AES-192-OCB", 645 | "aes-256-ocb": "AES-256-OCB", 646 | "des-cfb1": "DES-CFB1", 647 | "des-cfb8": "DES-CFB8", 648 | "des-ede3-cfb1": "DES-EDE3-CFB1", 649 | "des-ede3-cfb8": "DES-EDE3-CFB8", 650 | "sha256": "SHA256", 651 | "sha384": "SHA384", 652 | "sha512": "SHA512", 653 | "sha224": "SHA224", 654 | "sha512-224": "SHA512-224", 655 | "sha512-256": "SHA512-256", 656 | "sha3-224": "SHA3-224", 657 | "sha3-256": "SHA3-256", 658 | "sha3-384": "SHA3-384", 659 | "sha3-512": "SHA3-512", 660 | "shake128": "SHAKE128", 661 | "shake256": "SHAKE256", 662 | "hmac-sha3-224": "id-hmacWithSHA3-224", 663 | "hmac-sha3-256": "id-hmacWithSHA3-256", 664 | "hmac-sha3-384": "id-hmacWithSHA3-384", 665 | "hmac-sha3-512": "id-hmacWithSHA3-512", 666 | "dsa_with_SHA224": "dsa_with_SHA224", 667 | "dsa_with_SHA256": "dsa_with_SHA256", 668 | "dsa_with_SHA384": "id-dsa-with-sha384", 669 | "dsa_with_SHA512": "id-dsa-with-sha512", 670 | "dsa_with_SHA3-224": "id-dsa-with-sha3-224", 671 | "dsa_with_SHA3-256": "id-dsa-with-sha3-256", 672 | "dsa_with_SHA3-384": "id-dsa-with-sha3-384", 673 | "dsa_with_SHA3-512": "id-dsa-with-sha3-512", 674 | "ecdsa_with_SHA3-224": "id-ecdsa-with-sha3-224", 675 | "ecdsa_with_SHA3-256": "id-ecdsa-with-sha3-256", 676 | "ecdsa_with_SHA3-384": "id-ecdsa-with-sha3-384", 677 | "ecdsa_with_SHA3-512": "id-ecdsa-with-sha3-512", 678 | "RSA-SHA3-224": "id-rsassa-pkcs1-v1_5-with-sha3-224", 679 | "RSA-SHA3-256": "id-rsassa-pkcs1-v1_5-with-sha3-256", 680 | "RSA-SHA3-384": "id-rsassa-pkcs1-v1_5-with-sha3-384", 681 | "RSA-SHA3-512": "id-rsassa-pkcs1-v1_5-with-sha3-512", 682 | "Hold Instruction Code": "holdInstructionCode", 683 | "Hold Instruction None": "holdInstructionNone", 684 | "Hold Instruction Call Issuer": "holdInstructionCallIssuer", 685 | "Hold Instruction Reject": "holdInstructionReject", 686 | "data": "data", 687 | "pss": "pss", 688 | "ucl": "ucl", 689 | "pilot": "pilot", 690 | "pilotAttributeType": "pilotAttributeType", 691 | "pilotAttributeSyntax": "pilotAttributeSyntax", 692 | "pilotObjectClass": "pilotObjectClass", 693 | "pilotGroups": "pilotGroups", 694 | "iA5StringSyntax": "iA5StringSyntax", 695 | "caseIgnoreIA5StringSyntax": "caseIgnoreIA5StringSyntax", 696 | "pilotObject": "pilotObject", 697 | "pilotPerson": "pilotPerson", 698 | "account": "account", 699 | "document": "document", 700 | "room": "room", 701 | "documentSeries": "documentSeries", 702 | "Domain": "domain", 703 | "rFC822localPart": "rFC822localPart", 704 | "dNSDomain": "dNSDomain", 705 | "domainRelatedObject": "domainRelatedObject", 706 | "friendlyCountry": "friendlyCountry", 707 | "simpleSecurityObject": "simpleSecurityObject", 708 | "pilotOrganization": "pilotOrganization", 709 | "pilotDSA": "pilotDSA", 710 | "qualityLabelledData": "qualityLabelledData", 711 | "userId": "UID", 712 | "textEncodedORAddress": "textEncodedORAddress", 713 | "rfc822Mailbox": "mail", 714 | "info": "info", 715 | "favouriteDrink": "favouriteDrink", 716 | "roomNumber": "roomNumber", 717 | "photo": "photo", 718 | "userClass": "userClass", 719 | "host": "host", 720 | "manager": "manager", 721 | "documentIdentifier": "documentIdentifier", 722 | "documentTitle": "documentTitle", 723 | "documentVersion": "documentVersion", 724 | "documentAuthor": "documentAuthor", 725 | "documentLocation": "documentLocation", 726 | "homeTelephoneNumber": "homeTelephoneNumber", 727 | "secretary": "secretary", 728 | "otherMailbox": "otherMailbox", 729 | "lastModifiedTime": "lastModifiedTime", 730 | "lastModifiedBy": "lastModifiedBy", 731 | "domainComponent": "DC", 732 | "aRecord": "aRecord", 733 | "pilotAttributeType27": "pilotAttributeType27", 734 | "mXRecord": "mXRecord", 735 | "nSRecord": "nSRecord", 736 | "sOARecord": "sOARecord", 737 | "cNAMERecord": "cNAMERecord", 738 | "associatedDomain": "associatedDomain", 739 | "associatedName": "associatedName", 740 | "homePostalAddress": "homePostalAddress", 741 | "personalTitle": "personalTitle", 742 | "mobileTelephoneNumber": "mobileTelephoneNumber", 743 | "pagerTelephoneNumber": "pagerTelephoneNumber", 744 | "friendlyCountryName": "friendlyCountryName", 745 | "uniqueIdentifier": "uid", 746 | "organizationalStatus": "organizationalStatus", 747 | "janetMailbox": "janetMailbox", 748 | "mailPreferenceOption": "mailPreferenceOption", 749 | "buildingName": "buildingName", 750 | "dSAQuality": "dSAQuality", 751 | "singleLevelQuality": "singleLevelQuality", 752 | "subtreeMinimumQuality": "subtreeMinimumQuality", 753 | "subtreeMaximumQuality": "subtreeMaximumQuality", 754 | "personalSignature": "personalSignature", 755 | "dITRedirect": "dITRedirect", 756 | "audio": "audio", 757 | "documentPublisher": "documentPublisher", 758 | "Secure Electronic Transactions": "id-set", 759 | "content types": "set-ctype", 760 | "message extensions": "set-msgExt", 761 | "set-attr": "set-attr", 762 | "set-policy": "set-policy", 763 | "certificate extensions": "set-certExt", 764 | "set-brand": "set-brand", 765 | "setct-PANData": "setct-PANData", 766 | "setct-PANToken": "setct-PANToken", 767 | "setct-PANOnly": "setct-PANOnly", 768 | "setct-OIData": "setct-OIData", 769 | "setct-PI": "setct-PI", 770 | "setct-PIData": "setct-PIData", 771 | "setct-PIDataUnsigned": "setct-PIDataUnsigned", 772 | "setct-HODInput": "setct-HODInput", 773 | "setct-AuthResBaggage": "setct-AuthResBaggage", 774 | "setct-AuthRevReqBaggage": "setct-AuthRevReqBaggage", 775 | "setct-AuthRevResBaggage": "setct-AuthRevResBaggage", 776 | "setct-CapTokenSeq": "setct-CapTokenSeq", 777 | "setct-PInitResData": "setct-PInitResData", 778 | "setct-PI-TBS": "setct-PI-TBS", 779 | "setct-PResData": "setct-PResData", 780 | "setct-AuthReqTBS": "setct-AuthReqTBS", 781 | "setct-AuthResTBS": "setct-AuthResTBS", 782 | "setct-AuthResTBSX": "setct-AuthResTBSX", 783 | "setct-AuthTokenTBS": "setct-AuthTokenTBS", 784 | "setct-CapTokenData": "setct-CapTokenData", 785 | "setct-CapTokenTBS": "setct-CapTokenTBS", 786 | "setct-AcqCardCodeMsg": "setct-AcqCardCodeMsg", 787 | "setct-AuthRevReqTBS": "setct-AuthRevReqTBS", 788 | "setct-AuthRevResData": "setct-AuthRevResData", 789 | "setct-AuthRevResTBS": "setct-AuthRevResTBS", 790 | "setct-CapReqTBS": "setct-CapReqTBS", 791 | "setct-CapReqTBSX": "setct-CapReqTBSX", 792 | "setct-CapResData": "setct-CapResData", 793 | "setct-CapRevReqTBS": "setct-CapRevReqTBS", 794 | "setct-CapRevReqTBSX": "setct-CapRevReqTBSX", 795 | "setct-CapRevResData": "setct-CapRevResData", 796 | "setct-CredReqTBS": "setct-CredReqTBS", 797 | "setct-CredReqTBSX": "setct-CredReqTBSX", 798 | "setct-CredResData": "setct-CredResData", 799 | "setct-CredRevReqTBS": "setct-CredRevReqTBS", 800 | "setct-CredRevReqTBSX": "setct-CredRevReqTBSX", 801 | "setct-CredRevResData": "setct-CredRevResData", 802 | "setct-PCertReqData": "setct-PCertReqData", 803 | "setct-PCertResTBS": "setct-PCertResTBS", 804 | "setct-BatchAdminReqData": "setct-BatchAdminReqData", 805 | "setct-BatchAdminResData": "setct-BatchAdminResData", 806 | "setct-CardCInitResTBS": "setct-CardCInitResTBS", 807 | "setct-MeAqCInitResTBS": "setct-MeAqCInitResTBS", 808 | "setct-RegFormResTBS": "setct-RegFormResTBS", 809 | "setct-CertReqData": "setct-CertReqData", 810 | "setct-CertReqTBS": "setct-CertReqTBS", 811 | "setct-CertResData": "setct-CertResData", 812 | "setct-CertInqReqTBS": "setct-CertInqReqTBS", 813 | "setct-ErrorTBS": "setct-ErrorTBS", 814 | "setct-PIDualSignedTBE": "setct-PIDualSignedTBE", 815 | "setct-PIUnsignedTBE": "setct-PIUnsignedTBE", 816 | "setct-AuthReqTBE": "setct-AuthReqTBE", 817 | "setct-AuthResTBE": "setct-AuthResTBE", 818 | "setct-AuthResTBEX": "setct-AuthResTBEX", 819 | "setct-AuthTokenTBE": "setct-AuthTokenTBE", 820 | "setct-CapTokenTBE": "setct-CapTokenTBE", 821 | "setct-CapTokenTBEX": "setct-CapTokenTBEX", 822 | "setct-AcqCardCodeMsgTBE": "setct-AcqCardCodeMsgTBE", 823 | "setct-AuthRevReqTBE": "setct-AuthRevReqTBE", 824 | "setct-AuthRevResTBE": "setct-AuthRevResTBE", 825 | "setct-AuthRevResTBEB": "setct-AuthRevResTBEB", 826 | "setct-CapReqTBE": "setct-CapReqTBE", 827 | "setct-CapReqTBEX": "setct-CapReqTBEX", 828 | "setct-CapResTBE": "setct-CapResTBE", 829 | "setct-CapRevReqTBE": "setct-CapRevReqTBE", 830 | "setct-CapRevReqTBEX": "setct-CapRevReqTBEX", 831 | "setct-CapRevResTBE": "setct-CapRevResTBE", 832 | "setct-CredReqTBE": "setct-CredReqTBE", 833 | "setct-CredReqTBEX": "setct-CredReqTBEX", 834 | "setct-CredResTBE": "setct-CredResTBE", 835 | "setct-CredRevReqTBE": "setct-CredRevReqTBE", 836 | "setct-CredRevReqTBEX": "setct-CredRevReqTBEX", 837 | "setct-CredRevResTBE": "setct-CredRevResTBE", 838 | "setct-BatchAdminReqTBE": "setct-BatchAdminReqTBE", 839 | "setct-BatchAdminResTBE": "setct-BatchAdminResTBE", 840 | "setct-RegFormReqTBE": "setct-RegFormReqTBE", 841 | "setct-CertReqTBE": "setct-CertReqTBE", 842 | "setct-CertReqTBEX": "setct-CertReqTBEX", 843 | "setct-CertResTBE": "setct-CertResTBE", 844 | "setct-CRLNotificationTBS": "setct-CRLNotificationTBS", 845 | "setct-CRLNotificationResTBS": "setct-CRLNotificationResTBS", 846 | "setct-BCIDistributionTBS": "setct-BCIDistributionTBS", 847 | "generic cryptogram": "setext-genCrypt", 848 | "merchant initiated auth": "setext-miAuth", 849 | "setext-pinSecure": "setext-pinSecure", 850 | "setext-pinAny": "setext-pinAny", 851 | "setext-track2": "setext-track2", 852 | "additional verification": "setext-cv", 853 | "set-policy-root": "set-policy-root", 854 | "setCext-hashedRoot": "setCext-hashedRoot", 855 | "setCext-certType": "setCext-certType", 856 | "setCext-merchData": "setCext-merchData", 857 | "setCext-cCertRequired": "setCext-cCertRequired", 858 | "setCext-tunneling": "setCext-tunneling", 859 | "setCext-setExt": "setCext-setExt", 860 | "setCext-setQualf": "setCext-setQualf", 861 | "setCext-PGWYcapabilities": "setCext-PGWYcapabilities", 862 | "setCext-TokenIdentifier": "setCext-TokenIdentifier", 863 | "setCext-Track2Data": "setCext-Track2Data", 864 | "setCext-TokenType": "setCext-TokenType", 865 | "setCext-IssuerCapabilities": "setCext-IssuerCapabilities", 866 | "setAttr-Cert": "setAttr-Cert", 867 | "payment gateway capabilities": "setAttr-PGWYcap", 868 | "setAttr-TokenType": "setAttr-TokenType", 869 | "issuer capabilities": "setAttr-IssCap", 870 | "set-rootKeyThumb": "set-rootKeyThumb", 871 | "set-addPolicy": "set-addPolicy", 872 | "setAttr-Token-EMV": "setAttr-Token-EMV", 873 | "setAttr-Token-B0Prime": "setAttr-Token-B0Prime", 874 | "setAttr-IssCap-CVM": "setAttr-IssCap-CVM", 875 | "setAttr-IssCap-T2": "setAttr-IssCap-T2", 876 | "setAttr-IssCap-Sig": "setAttr-IssCap-Sig", 877 | "generate cryptogram": "setAttr-GenCryptgrm", 878 | "encrypted track 2": "setAttr-T2Enc", 879 | "cleartext track 2": "setAttr-T2cleartxt", 880 | "ICC or token signature": "setAttr-TokICCsig", 881 | "secure device signature": "setAttr-SecDevSig", 882 | "set-brand-IATA-ATA": "set-brand-IATA-ATA", 883 | "set-brand-Diners": "set-brand-Diners", 884 | "set-brand-AmericanExpress": "set-brand-AmericanExpress", 885 | "set-brand-JCB": "set-brand-JCB", 886 | "set-brand-Visa": "set-brand-Visa", 887 | "set-brand-MasterCard": "set-brand-MasterCard", 888 | "set-brand-Novus": "set-brand-Novus", 889 | "des-cdmf": "DES-CDMF", 890 | "rsaOAEPEncryptionSET": "rsaOAEPEncryptionSET", 891 | "ipsec3": "Oakley-EC2N-3", 892 | "ipsec4": "Oakley-EC2N-4", 893 | "whirlpool": "whirlpool", 894 | "cryptopro": "cryptopro", 895 | "cryptocom": "cryptocom", 896 | "id-tc26": "id-tc26", 897 | "GOST R 34.11-94 with GOST R 34.10-2001": "id-GostR3411-94-with-GostR3410-2001", 898 | "GOST R 34.11-94 with GOST R 34.10-94": "id-GostR3411-94-with-GostR3410-94", 899 | "GOST R 34.11-94": "md_gost94", 900 | "HMAC GOST 34.11-94": "id-HMACGostR3411-94", 901 | "GOST R 34.10-2001": "gost2001", 902 | "GOST R 34.10-94": "gost94", 903 | "GOST 28147-89": "gost89", 904 | "gost89-cnt": "gost89-cnt", 905 | "gost89-cnt-12": "gost89-cnt-12", 906 | "gost89-cbc": "gost89-cbc", 907 | "gost89-ecb": "gost89-ecb", 908 | "gost89-ctr": "gost89-ctr", 909 | "GOST 28147-89 MAC": "gost-mac", 910 | "gost-mac-12": "gost-mac-12", 911 | "GOST R 34.11-94 PRF": "prf-gostr3411-94", 912 | "GOST R 34.10-2001 DH": "id-GostR3410-2001DH", 913 | "GOST R 34.10-94 DH": "id-GostR3410-94DH", 914 | "id-Gost28147-89-CryptoPro-KeyMeshing": "id-Gost28147-89-CryptoPro-KeyMeshing", 915 | "id-Gost28147-89-None-KeyMeshing": "id-Gost28147-89-None-KeyMeshing", 916 | "id-GostR3411-94-TestParamSet": "id-GostR3411-94-TestParamSet", 917 | "id-GostR3411-94-CryptoProParamSet": "id-GostR3411-94-CryptoProParamSet", 918 | "id-Gost28147-89-TestParamSet": "id-Gost28147-89-TestParamSet", 919 | "id-Gost28147-89-CryptoPro-A-ParamSet": "id-Gost28147-89-CryptoPro-A-ParamSet", 920 | "id-Gost28147-89-CryptoPro-B-ParamSet": "id-Gost28147-89-CryptoPro-B-ParamSet", 921 | "id-Gost28147-89-CryptoPro-C-ParamSet": "id-Gost28147-89-CryptoPro-C-ParamSet", 922 | "id-Gost28147-89-CryptoPro-D-ParamSet": "id-Gost28147-89-CryptoPro-D-ParamSet", 923 | "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet": "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", 924 | "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet": "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", 925 | "id-Gost28147-89-CryptoPro-RIC-1-ParamSet": "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", 926 | "id-GostR3410-94-TestParamSet": "id-GostR3410-94-TestParamSet", 927 | "id-GostR3410-94-CryptoPro-A-ParamSet": "id-GostR3410-94-CryptoPro-A-ParamSet", 928 | "id-GostR3410-94-CryptoPro-B-ParamSet": "id-GostR3410-94-CryptoPro-B-ParamSet", 929 | "id-GostR3410-94-CryptoPro-C-ParamSet": "id-GostR3410-94-CryptoPro-C-ParamSet", 930 | "id-GostR3410-94-CryptoPro-D-ParamSet": "id-GostR3410-94-CryptoPro-D-ParamSet", 931 | "id-GostR3410-94-CryptoPro-XchA-ParamSet": "id-GostR3410-94-CryptoPro-XchA-ParamSet", 932 | "id-GostR3410-94-CryptoPro-XchB-ParamSet": "id-GostR3410-94-CryptoPro-XchB-ParamSet", 933 | "id-GostR3410-94-CryptoPro-XchC-ParamSet": "id-GostR3410-94-CryptoPro-XchC-ParamSet", 934 | "id-GostR3410-2001-TestParamSet": "id-GostR3410-2001-TestParamSet", 935 | "id-GostR3410-2001-CryptoPro-A-ParamSet": "id-GostR3410-2001-CryptoPro-A-ParamSet", 936 | "id-GostR3410-2001-CryptoPro-B-ParamSet": "id-GostR3410-2001-CryptoPro-B-ParamSet", 937 | "id-GostR3410-2001-CryptoPro-C-ParamSet": "id-GostR3410-2001-CryptoPro-C-ParamSet", 938 | "id-GostR3410-2001-CryptoPro-XchA-ParamSet": "id-GostR3410-2001-CryptoPro-XchA-ParamSet", 939 | "id-GostR3410-2001-CryptoPro-XchB-ParamSet": "id-GostR3410-2001-CryptoPro-XchB-ParamSet", 940 | "id-GostR3410-94-a": "id-GostR3410-94-a", 941 | "id-GostR3410-94-aBis": "id-GostR3410-94-aBis", 942 | "id-GostR3410-94-b": "id-GostR3410-94-b", 943 | "id-GostR3410-94-bBis": "id-GostR3410-94-bBis", 944 | "GOST 28147-89 Cryptocom ParamSet": "id-Gost28147-89-cc", 945 | "GOST 34.10-94 Cryptocom": "gost94cc", 946 | "GOST 34.10-2001 Cryptocom": "gost2001cc", 947 | "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom": "id-GostR3411-94-with-GostR3410-94-cc", 948 | "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom": "id-GostR3411-94-with-GostR3410-2001-cc", 949 | "GOST R 3410-2001 Parameter Set Cryptocom": "id-GostR3410-2001-ParamSet-cc", 950 | "id-tc26-algorithms": "id-tc26-algorithms", 951 | "id-tc26-sign": "id-tc26-sign", 952 | "GOST R 34.10-2012 with 256 bit modulus": "gost2012_256", 953 | "GOST R 34.10-2012 with 512 bit modulus": "gost2012_512", 954 | "id-tc26-digest": "id-tc26-digest", 955 | "GOST R 34.11-2012 with 256 bit hash": "md_gost12_256", 956 | "GOST R 34.11-2012 with 512 bit hash": "md_gost12_512", 957 | "id-tc26-signwithdigest": "id-tc26-signwithdigest", 958 | "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)": "id-tc26-signwithdigest-gost3410-2012-256", 959 | "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)": "id-tc26-signwithdigest-gost3410-2012-512", 960 | "id-tc26-mac": "id-tc26-mac", 961 | "HMAC GOST 34.11-2012 256 bit": "id-tc26-hmac-gost-3411-2012-256", 962 | "HMAC GOST 34.11-2012 512 bit": "id-tc26-hmac-gost-3411-2012-512", 963 | "id-tc26-cipher": "id-tc26-cipher", 964 | "id-tc26-cipher-gostr3412-2015-magma": "id-tc26-cipher-gostr3412-2015-magma", 965 | "id-tc26-cipher-gostr3412-2015-magma-ctracpkm": "id-tc26-cipher-gostr3412-2015-magma-ctracpkm", 966 | "id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac": "id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac", 967 | "id-tc26-cipher-gostr3412-2015-kuznyechik": "id-tc26-cipher-gostr3412-2015-kuznyechik", 968 | "id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm": "id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm", 969 | "id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac": "id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac", 970 | "id-tc26-agreement": "id-tc26-agreement", 971 | "id-tc26-agreement-gost-3410-2012-256": "id-tc26-agreement-gost-3410-2012-256", 972 | "id-tc26-agreement-gost-3410-2012-512": "id-tc26-agreement-gost-3410-2012-512", 973 | "id-tc26-wrap": "id-tc26-wrap", 974 | "id-tc26-wrap-gostr3412-2015-magma": "id-tc26-wrap-gostr3412-2015-magma", 975 | "id-tc26-wrap-gostr3412-2015-magma-kexp15": "id-tc26-wrap-gostr3412-2015-magma-kexp15", 976 | "id-tc26-wrap-gostr3412-2015-kuznyechik": "id-tc26-wrap-gostr3412-2015-kuznyechik", 977 | "id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15": "id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15", 978 | "id-tc26-constants": "id-tc26-constants", 979 | "id-tc26-sign-constants": "id-tc26-sign-constants", 980 | "id-tc26-gost-3410-2012-256-constants": "id-tc26-gost-3410-2012-256-constants", 981 | "GOST R 34.10-2012 (256 bit) ParamSet A": "id-tc26-gost-3410-2012-256-paramSetA", 982 | "GOST R 34.10-2012 (256 bit) ParamSet B": "id-tc26-gost-3410-2012-256-paramSetB", 983 | "GOST R 34.10-2012 (256 bit) ParamSet C": "id-tc26-gost-3410-2012-256-paramSetC", 984 | "GOST R 34.10-2012 (256 bit) ParamSet D": "id-tc26-gost-3410-2012-256-paramSetD", 985 | "id-tc26-gost-3410-2012-512-constants": "id-tc26-gost-3410-2012-512-constants", 986 | "GOST R 34.10-2012 (512 bit) testing parameter set": "id-tc26-gost-3410-2012-512-paramSetTest", 987 | "GOST R 34.10-2012 (512 bit) ParamSet A": "id-tc26-gost-3410-2012-512-paramSetA", 988 | "GOST R 34.10-2012 (512 bit) ParamSet B": "id-tc26-gost-3410-2012-512-paramSetB", 989 | "GOST R 34.10-2012 (512 bit) ParamSet C": "id-tc26-gost-3410-2012-512-paramSetC", 990 | "id-tc26-digest-constants": "id-tc26-digest-constants", 991 | "id-tc26-cipher-constants": "id-tc26-cipher-constants", 992 | "id-tc26-gost-28147-constants": "id-tc26-gost-28147-constants", 993 | "GOST 28147-89 TC26 parameter set": "id-tc26-gost-28147-param-Z", 994 | "INN": "INN", 995 | "OGRN": "OGRN", 996 | "SNILS": "SNILS", 997 | "Signing Tool of Subject": "subjectSignTool", 998 | "Signing Tool of Issuer": "issuerSignTool", 999 | "grasshopper-ecb": "grasshopper-ecb", 1000 | "grasshopper-ctr": "grasshopper-ctr", 1001 | "grasshopper-ofb": "grasshopper-ofb", 1002 | "grasshopper-cbc": "grasshopper-cbc", 1003 | "grasshopper-cfb": "grasshopper-cfb", 1004 | "grasshopper-mac": "grasshopper-mac", 1005 | "magma-ecb": "magma-ecb", 1006 | "magma-ctr": "magma-ctr", 1007 | "magma-ofb": "magma-ofb", 1008 | "magma-cbc": "magma-cbc", 1009 | "magma-cfb": "magma-cfb", 1010 | "magma-mac": "magma-mac", 1011 | "camellia-128-cbc": "CAMELLIA-128-CBC", 1012 | "camellia-192-cbc": "CAMELLIA-192-CBC", 1013 | "camellia-256-cbc": "CAMELLIA-256-CBC", 1014 | "id-camellia128-wrap": "id-camellia128-wrap", 1015 | "id-camellia192-wrap": "id-camellia192-wrap", 1016 | "id-camellia256-wrap": "id-camellia256-wrap", 1017 | "camellia-128-ecb": "CAMELLIA-128-ECB", 1018 | "camellia-128-ofb": "CAMELLIA-128-OFB", 1019 | "camellia-128-cfb": "CAMELLIA-128-CFB", 1020 | "camellia-128-gcm": "CAMELLIA-128-GCM", 1021 | "camellia-128-ccm": "CAMELLIA-128-CCM", 1022 | "camellia-128-ctr": "CAMELLIA-128-CTR", 1023 | "camellia-128-cmac": "CAMELLIA-128-CMAC", 1024 | "camellia-192-ecb": "CAMELLIA-192-ECB", 1025 | "camellia-192-ofb": "CAMELLIA-192-OFB", 1026 | "camellia-192-cfb": "CAMELLIA-192-CFB", 1027 | "camellia-192-gcm": "CAMELLIA-192-GCM", 1028 | "camellia-192-ccm": "CAMELLIA-192-CCM", 1029 | "camellia-192-ctr": "CAMELLIA-192-CTR", 1030 | "camellia-192-cmac": "CAMELLIA-192-CMAC", 1031 | "camellia-256-ecb": "CAMELLIA-256-ECB", 1032 | "camellia-256-ofb": "CAMELLIA-256-OFB", 1033 | "camellia-256-cfb": "CAMELLIA-256-CFB", 1034 | "camellia-256-gcm": "CAMELLIA-256-GCM", 1035 | "camellia-256-ccm": "CAMELLIA-256-CCM", 1036 | "camellia-256-ctr": "CAMELLIA-256-CTR", 1037 | "camellia-256-cmac": "CAMELLIA-256-CMAC", 1038 | "camellia-128-cfb1": "CAMELLIA-128-CFB1", 1039 | "camellia-192-cfb1": "CAMELLIA-192-CFB1", 1040 | "camellia-256-cfb1": "CAMELLIA-256-CFB1", 1041 | "camellia-128-cfb8": "CAMELLIA-128-CFB8", 1042 | "camellia-192-cfb8": "CAMELLIA-192-CFB8", 1043 | "camellia-256-cfb8": "CAMELLIA-256-CFB8", 1044 | "aria-128-ecb": "ARIA-128-ECB", 1045 | "aria-128-cbc": "ARIA-128-CBC", 1046 | "aria-128-cfb": "ARIA-128-CFB", 1047 | "aria-128-ofb": "ARIA-128-OFB", 1048 | "aria-128-ctr": "ARIA-128-CTR", 1049 | "aria-192-ecb": "ARIA-192-ECB", 1050 | "aria-192-cbc": "ARIA-192-CBC", 1051 | "aria-192-cfb": "ARIA-192-CFB", 1052 | "aria-192-ofb": "ARIA-192-OFB", 1053 | "aria-192-ctr": "ARIA-192-CTR", 1054 | "aria-256-ecb": "ARIA-256-ECB", 1055 | "aria-256-cbc": "ARIA-256-CBC", 1056 | "aria-256-cfb": "ARIA-256-CFB", 1057 | "aria-256-ofb": "ARIA-256-OFB", 1058 | "aria-256-ctr": "ARIA-256-CTR", 1059 | "aria-128-cfb1": "ARIA-128-CFB1", 1060 | "aria-192-cfb1": "ARIA-192-CFB1", 1061 | "aria-256-cfb1": "ARIA-256-CFB1", 1062 | "aria-128-cfb8": "ARIA-128-CFB8", 1063 | "aria-192-cfb8": "ARIA-192-CFB8", 1064 | "aria-256-cfb8": "ARIA-256-CFB8", 1065 | "aria-128-ccm": "ARIA-128-CCM", 1066 | "aria-192-ccm": "ARIA-192-CCM", 1067 | "aria-256-ccm": "ARIA-256-CCM", 1068 | "aria-128-gcm": "ARIA-128-GCM", 1069 | "aria-192-gcm": "ARIA-192-GCM", 1070 | "aria-256-gcm": "ARIA-256-GCM", 1071 | "kisa": "KISA", 1072 | "seed-ecb": "SEED-ECB", 1073 | "seed-cbc": "SEED-CBC", 1074 | "seed-cfb": "SEED-CFB", 1075 | "seed-ofb": "SEED-OFB", 1076 | "sm4-ecb": "SM4-ECB", 1077 | "sm4-cbc": "SM4-CBC", 1078 | "sm4-ofb": "SM4-OFB", 1079 | "sm4-cfb": "SM4-CFB", 1080 | "sm4-cfb1": "SM4-CFB1", 1081 | "sm4-cfb8": "SM4-CFB8", 1082 | "sm4-ctr": "SM4-CTR", 1083 | "hmac": "HMAC", 1084 | "cmac": "CMAC", 1085 | "rc4-hmac-md5": "RC4-HMAC-MD5", 1086 | "aes-128-cbc-hmac-sha1": "AES-128-CBC-HMAC-SHA1", 1087 | "aes-192-cbc-hmac-sha1": "AES-192-CBC-HMAC-SHA1", 1088 | "aes-256-cbc-hmac-sha1": "AES-256-CBC-HMAC-SHA1", 1089 | "aes-128-cbc-hmac-sha256": "AES-128-CBC-HMAC-SHA256", 1090 | "aes-192-cbc-hmac-sha256": "AES-192-CBC-HMAC-SHA256", 1091 | "aes-256-cbc-hmac-sha256": "AES-256-CBC-HMAC-SHA256", 1092 | "chacha20-poly1305": "ChaCha20-Poly1305", 1093 | "chacha20": "ChaCha20", 1094 | "X9.42 DH": "dhpublicnumber", 1095 | "brainpoolP160r1": "brainpoolP160r1", 1096 | "brainpoolP160t1": "brainpoolP160t1", 1097 | "brainpoolP192r1": "brainpoolP192r1", 1098 | "brainpoolP192t1": "brainpoolP192t1", 1099 | "brainpoolP224r1": "brainpoolP224r1", 1100 | "brainpoolP224t1": "brainpoolP224t1", 1101 | "brainpoolP256r1": "brainpoolP256r1", 1102 | "brainpoolP256t1": "brainpoolP256t1", 1103 | "brainpoolP320r1": "brainpoolP320r1", 1104 | "brainpoolP320t1": "brainpoolP320t1", 1105 | "brainpoolP384r1": "brainpoolP384r1", 1106 | "brainpoolP384t1": "brainpoolP384t1", 1107 | "brainpoolP512r1": "brainpoolP512r1", 1108 | "brainpoolP512t1": "brainpoolP512t1", 1109 | "dhSinglePass-stdDH-sha1kdf-scheme": "dhSinglePass-stdDH-sha1kdf-scheme", 1110 | "dhSinglePass-stdDH-sha224kdf-scheme": "dhSinglePass-stdDH-sha224kdf-scheme", 1111 | "dhSinglePass-stdDH-sha256kdf-scheme": "dhSinglePass-stdDH-sha256kdf-scheme", 1112 | "dhSinglePass-stdDH-sha384kdf-scheme": "dhSinglePass-stdDH-sha384kdf-scheme", 1113 | "dhSinglePass-stdDH-sha512kdf-scheme": "dhSinglePass-stdDH-sha512kdf-scheme", 1114 | "dhSinglePass-cofactorDH-sha1kdf-scheme": "dhSinglePass-cofactorDH-sha1kdf-scheme", 1115 | "dhSinglePass-cofactorDH-sha224kdf-scheme": "dhSinglePass-cofactorDH-sha224kdf-scheme", 1116 | "dhSinglePass-cofactorDH-sha256kdf-scheme": "dhSinglePass-cofactorDH-sha256kdf-scheme", 1117 | "dhSinglePass-cofactorDH-sha384kdf-scheme": "dhSinglePass-cofactorDH-sha384kdf-scheme", 1118 | "dhSinglePass-cofactorDH-sha512kdf-scheme": "dhSinglePass-cofactorDH-sha512kdf-scheme", 1119 | "dh-std-kdf": "dh-std-kdf", 1120 | "dh-cofactor-kdf": "dh-cofactor-kdf", 1121 | "CT Precertificate SCTs": "ct_precert_scts", 1122 | "CT Precertificate Poison": "ct_precert_poison", 1123 | "CT Precertificate Signer": "ct_precert_signer", 1124 | "CT Certificate SCTs": "ct_cert_scts", 1125 | "jurisdictionLocalityName": "jurisdictionL", 1126 | "jurisdictionStateOrProvinceName": "jurisdictionST", 1127 | "jurisdictionCountryName": "jurisdictionC", 1128 | "scrypt": "id-scrypt", 1129 | "tls1-prf": "TLS1-PRF", 1130 | "hkdf": "HKDF", 1131 | "id-pkinit": "id-pkinit", 1132 | "PKINIT Client Auth": "pkInitClientAuth", 1133 | "Signing KDC Response": "pkInitKDC", 1134 | "X25519": "X25519", 1135 | "X448": "X448", 1136 | "ED25519": "ED25519", 1137 | "ED448": "ED448", 1138 | "kx-rsa": "KxRSA", 1139 | "kx-ecdhe": "KxECDHE", 1140 | "kx-dhe": "KxDHE", 1141 | "kx-ecdhe-psk": "KxECDHE-PSK", 1142 | "kx-dhe-psk": "KxDHE-PSK", 1143 | "kx-rsa-psk": "KxRSA_PSK", 1144 | "kx-psk": "KxPSK", 1145 | "kx-srp": "KxSRP", 1146 | "kx-gost": "KxGOST", 1147 | "kx-any": "KxANY", 1148 | "auth-rsa": "AuthRSA", 1149 | "auth-ecdsa": "AuthECDSA", 1150 | "auth-psk": "AuthPSK", 1151 | "auth-dss": "AuthDSS", 1152 | "auth-gost01": "AuthGOST01", 1153 | "auth-gost12": "AuthGOST12", 1154 | "auth-srp": "AuthSRP", 1155 | "auth-null": "AuthNULL", 1156 | "auth-any": "AuthANY", 1157 | "poly1305": "Poly1305", 1158 | "siphash": "SipHash", 1159 | "ffdhe2048": "ffdhe2048", 1160 | "ffdhe3072": "ffdhe3072", 1161 | "ffdhe4096": "ffdhe4096", 1162 | "ffdhe6144": "ffdhe6144", 1163 | "ffdhe8192": "ffdhe8192", 1164 | "ISO-UA": "ISO-UA", 1165 | "ua-pki": "ua-pki", 1166 | "DSTU Gost 28147-2009": "dstu28147", 1167 | "DSTU Gost 28147-2009 OFB mode": "dstu28147-ofb", 1168 | "DSTU Gost 28147-2009 CFB mode": "dstu28147-cfb", 1169 | "DSTU Gost 28147-2009 key wrap": "dstu28147-wrap", 1170 | "HMAC DSTU Gost 34311-95": "hmacWithDstu34311", 1171 | "DSTU Gost 34311-95": "dstu34311", 1172 | "DSTU 4145-2002 little endian": "dstu4145le", 1173 | "DSTU 4145-2002 big endian": "dstu4145be", 1174 | "DSTU curve 0": "uacurve0", 1175 | "DSTU curve 1": "uacurve1", 1176 | "DSTU curve 2": "uacurve2", 1177 | "DSTU curve 3": "uacurve3", 1178 | "DSTU curve 4": "uacurve4", 1179 | "DSTU curve 5": "uacurve5", 1180 | "DSTU curve 6": "uacurve6", 1181 | "DSTU curve 7": "uacurve7", 1182 | "DSTU curve 8": "uacurve8", 1183 | "DSTU curve 9": "uacurve9" 1184 | } 1185 | --------------------------------------------------------------------------------