Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
5from __future__ import annotations
7from cryptography.hazmat.bindings._rust import (
8 ObjectIdentifier as ObjectIdentifier,
9)
10from cryptography.hazmat.primitives import hashes
13class ExtensionOID:
14 SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
15 SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
16 KEY_USAGE = ObjectIdentifier("2.5.29.15")
17 PRIVATE_KEY_USAGE_PERIOD = ObjectIdentifier("2.5.29.16")
18 SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
19 ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
20 BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
21 NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
22 CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
23 CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
24 POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
25 AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
26 POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
27 EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
28 FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
29 INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
30 ISSUING_DISTRIBUTION_POINT = ObjectIdentifier("2.5.29.28")
31 AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
32 SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
33 OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
34 TLS_FEATURE = ObjectIdentifier("1.3.6.1.5.5.7.1.24")
35 CRL_NUMBER = ObjectIdentifier("2.5.29.20")
36 DELTA_CRL_INDICATOR = ObjectIdentifier("2.5.29.27")
37 PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS = ObjectIdentifier(
38 "1.3.6.1.4.1.11129.2.4.2"
39 )
40 PRECERT_POISON = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.3")
41 SIGNED_CERTIFICATE_TIMESTAMPS = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.5")
42 MS_CERTIFICATE_TEMPLATE = ObjectIdentifier("1.3.6.1.4.1.311.21.7")
43 ADMISSIONS = ObjectIdentifier("1.3.36.8.3.3")
46class OCSPExtensionOID:
47 NONCE = ObjectIdentifier("1.3.6.1.5.5.7.48.1.2")
48 ACCEPTABLE_RESPONSES = ObjectIdentifier("1.3.6.1.5.5.7.48.1.4")
51class CRLEntryExtensionOID:
52 CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
53 CRL_REASON = ObjectIdentifier("2.5.29.21")
54 INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
57class NameOID:
58 COMMON_NAME = ObjectIdentifier("2.5.4.3")
59 COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
60 LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
61 STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
62 STREET_ADDRESS = ObjectIdentifier("2.5.4.9")
63 ORGANIZATION_IDENTIFIER = ObjectIdentifier("2.5.4.97")
64 ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
65 ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
66 SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
67 SURNAME = ObjectIdentifier("2.5.4.4")
68 GIVEN_NAME = ObjectIdentifier("2.5.4.42")
69 TITLE = ObjectIdentifier("2.5.4.12")
70 INITIALS = ObjectIdentifier("2.5.4.43")
71 GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
72 X500_UNIQUE_IDENTIFIER = ObjectIdentifier("2.5.4.45")
73 DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
74 PSEUDONYM = ObjectIdentifier("2.5.4.65")
75 USER_ID = ObjectIdentifier("0.9.2342.19200300.100.1.1")
76 DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
77 EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
78 JURISDICTION_COUNTRY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.3")
79 JURISDICTION_LOCALITY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.1")
80 JURISDICTION_STATE_OR_PROVINCE_NAME = ObjectIdentifier(
81 "1.3.6.1.4.1.311.60.2.1.2"
82 )
83 BUSINESS_CATEGORY = ObjectIdentifier("2.5.4.15")
84 POSTAL_ADDRESS = ObjectIdentifier("2.5.4.16")
85 POSTAL_CODE = ObjectIdentifier("2.5.4.17")
86 INN = ObjectIdentifier("1.2.643.3.131.1.1")
87 OGRN = ObjectIdentifier("1.2.643.100.1")
88 SNILS = ObjectIdentifier("1.2.643.100.3")
89 UNSTRUCTURED_NAME = ObjectIdentifier("1.2.840.113549.1.9.2")
92class SignatureAlgorithmOID:
93 RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
94 RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
95 # This is an alternate OID for RSA with SHA1 that is occasionally seen
96 _RSA_WITH_SHA1 = ObjectIdentifier("1.3.14.3.2.29")
97 RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
98 RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
99 RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
100 RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
101 RSA_WITH_SHA3_224 = ObjectIdentifier("2.16.840.1.101.3.4.3.13")
102 RSA_WITH_SHA3_256 = ObjectIdentifier("2.16.840.1.101.3.4.3.14")
103 RSA_WITH_SHA3_384 = ObjectIdentifier("2.16.840.1.101.3.4.3.15")
104 RSA_WITH_SHA3_512 = ObjectIdentifier("2.16.840.1.101.3.4.3.16")
105 RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10")
106 ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1")
107 ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
108 ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
109 ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
110 ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
111 ECDSA_WITH_SHA3_224 = ObjectIdentifier("2.16.840.1.101.3.4.3.9")
112 ECDSA_WITH_SHA3_256 = ObjectIdentifier("2.16.840.1.101.3.4.3.10")
113 ECDSA_WITH_SHA3_384 = ObjectIdentifier("2.16.840.1.101.3.4.3.11")
114 ECDSA_WITH_SHA3_512 = ObjectIdentifier("2.16.840.1.101.3.4.3.12")
115 DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
116 DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
117 DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
118 DSA_WITH_SHA384 = ObjectIdentifier("2.16.840.1.101.3.4.3.3")
119 DSA_WITH_SHA512 = ObjectIdentifier("2.16.840.1.101.3.4.3.4")
120 ED25519 = ObjectIdentifier("1.3.101.112")
121 ED448 = ObjectIdentifier("1.3.101.113")
122 ML_DSA_44 = ObjectIdentifier("2.16.840.1.101.3.4.3.17")
123 ML_DSA_65 = ObjectIdentifier("2.16.840.1.101.3.4.3.18")
124 ML_DSA_87 = ObjectIdentifier("2.16.840.1.101.3.4.3.19")
125 GOSTR3411_94_WITH_3410_2001 = ObjectIdentifier("1.2.643.2.2.3")
126 GOSTR3410_2012_WITH_3411_2012_256 = ObjectIdentifier("1.2.643.7.1.1.3.2")
127 GOSTR3410_2012_WITH_3411_2012_512 = ObjectIdentifier("1.2.643.7.1.1.3.3")
130_SIG_OIDS_TO_HASH: dict[ObjectIdentifier, hashes.HashAlgorithm | None] = {
131 SignatureAlgorithmOID.RSA_WITH_MD5: hashes.MD5(),
132 SignatureAlgorithmOID.RSA_WITH_SHA1: hashes.SHA1(),
133 SignatureAlgorithmOID._RSA_WITH_SHA1: hashes.SHA1(),
134 SignatureAlgorithmOID.RSA_WITH_SHA224: hashes.SHA224(),
135 SignatureAlgorithmOID.RSA_WITH_SHA256: hashes.SHA256(),
136 SignatureAlgorithmOID.RSA_WITH_SHA384: hashes.SHA384(),
137 SignatureAlgorithmOID.RSA_WITH_SHA512: hashes.SHA512(),
138 SignatureAlgorithmOID.RSA_WITH_SHA3_224: hashes.SHA3_224(),
139 SignatureAlgorithmOID.RSA_WITH_SHA3_256: hashes.SHA3_256(),
140 SignatureAlgorithmOID.RSA_WITH_SHA3_384: hashes.SHA3_384(),
141 SignatureAlgorithmOID.RSA_WITH_SHA3_512: hashes.SHA3_512(),
142 SignatureAlgorithmOID.ECDSA_WITH_SHA1: hashes.SHA1(),
143 SignatureAlgorithmOID.ECDSA_WITH_SHA224: hashes.SHA224(),
144 SignatureAlgorithmOID.ECDSA_WITH_SHA256: hashes.SHA256(),
145 SignatureAlgorithmOID.ECDSA_WITH_SHA384: hashes.SHA384(),
146 SignatureAlgorithmOID.ECDSA_WITH_SHA512: hashes.SHA512(),
147 SignatureAlgorithmOID.ECDSA_WITH_SHA3_224: hashes.SHA3_224(),
148 SignatureAlgorithmOID.ECDSA_WITH_SHA3_256: hashes.SHA3_256(),
149 SignatureAlgorithmOID.ECDSA_WITH_SHA3_384: hashes.SHA3_384(),
150 SignatureAlgorithmOID.ECDSA_WITH_SHA3_512: hashes.SHA3_512(),
151 SignatureAlgorithmOID.DSA_WITH_SHA1: hashes.SHA1(),
152 SignatureAlgorithmOID.DSA_WITH_SHA224: hashes.SHA224(),
153 SignatureAlgorithmOID.DSA_WITH_SHA256: hashes.SHA256(),
154 SignatureAlgorithmOID.ED25519: None,
155 SignatureAlgorithmOID.ED448: None,
156 SignatureAlgorithmOID.ML_DSA_44: None,
157 SignatureAlgorithmOID.ML_DSA_65: None,
158 SignatureAlgorithmOID.ML_DSA_87: None,
159 SignatureAlgorithmOID.GOSTR3411_94_WITH_3410_2001: None,
160 SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_256: None,
161 SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_512: None,
162}
165class HashAlgorithmOID:
166 SHA1 = ObjectIdentifier("1.3.14.3.2.26")
167 SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.2.4")
168 SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.2.1")
169 SHA384 = ObjectIdentifier("2.16.840.1.101.3.4.2.2")
170 SHA512 = ObjectIdentifier("2.16.840.1.101.3.4.2.3")
171 SHA3_224 = ObjectIdentifier("1.3.6.1.4.1.37476.3.2.1.99.7.224")
172 SHA3_256 = ObjectIdentifier("1.3.6.1.4.1.37476.3.2.1.99.7.256")
173 SHA3_384 = ObjectIdentifier("1.3.6.1.4.1.37476.3.2.1.99.7.384")
174 SHA3_512 = ObjectIdentifier("1.3.6.1.4.1.37476.3.2.1.99.7.512")
175 SHA3_224_NIST = ObjectIdentifier("2.16.840.1.101.3.4.2.7")
176 SHA3_256_NIST = ObjectIdentifier("2.16.840.1.101.3.4.2.8")
177 SHA3_384_NIST = ObjectIdentifier("2.16.840.1.101.3.4.2.9")
178 SHA3_512_NIST = ObjectIdentifier("2.16.840.1.101.3.4.2.10")
181class PublicKeyAlgorithmOID:
182 DSA = ObjectIdentifier("1.2.840.10040.4.1")
183 EC_PUBLIC_KEY = ObjectIdentifier("1.2.840.10045.2.1")
184 RSAES_PKCS1_v1_5 = ObjectIdentifier("1.2.840.113549.1.1.1")
185 RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10")
186 X25519 = ObjectIdentifier("1.3.101.110")
187 X448 = ObjectIdentifier("1.3.101.111")
188 ED25519 = ObjectIdentifier("1.3.101.112")
189 ED448 = ObjectIdentifier("1.3.101.113")
190 ML_DSA_44 = ObjectIdentifier("2.16.840.1.101.3.4.3.17")
191 ML_DSA_65 = ObjectIdentifier("2.16.840.1.101.3.4.3.18")
192 ML_DSA_87 = ObjectIdentifier("2.16.840.1.101.3.4.3.19")
195class ExtendedKeyUsageOID:
196 SERVER_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.1")
197 CLIENT_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.2")
198 CODE_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.3")
199 EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4")
200 TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8")
201 OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9")
202 ANY_EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37.0")
203 SMARTCARD_LOGON = ObjectIdentifier("1.3.6.1.4.1.311.20.2.2")
204 KERBEROS_PKINIT_KDC = ObjectIdentifier("1.3.6.1.5.2.3.5")
205 IPSEC_IKE = ObjectIdentifier("1.3.6.1.5.5.7.3.17")
206 BUNDLE_SECURITY = ObjectIdentifier("1.3.6.1.5.5.7.3.35")
207 CERTIFICATE_TRANSPARENCY = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.4")
210class OtherNameFormOID:
211 PERMANENT_IDENTIFIER = ObjectIdentifier("1.3.6.1.5.5.7.8.3")
212 HW_MODULE_NAME = ObjectIdentifier("1.3.6.1.5.5.7.8.4")
213 DNS_SRV = ObjectIdentifier("1.3.6.1.5.5.7.8.7")
214 NAI_REALM = ObjectIdentifier("1.3.6.1.5.5.7.8.8")
215 SMTP_UTF8_MAILBOX = ObjectIdentifier("1.3.6.1.5.5.7.8.9")
216 ACP_NODE_NAME = ObjectIdentifier("1.3.6.1.5.5.7.8.10")
217 BUNDLE_EID = ObjectIdentifier("1.3.6.1.5.5.7.8.11")
220class AuthorityInformationAccessOID:
221 CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2")
222 OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1")
225class SubjectInformationAccessOID:
226 CA_REPOSITORY = ObjectIdentifier("1.3.6.1.5.5.7.48.5")
229class CertificatePoliciesOID:
230 CPS_QUALIFIER = ObjectIdentifier("1.3.6.1.5.5.7.2.1")
231 CPS_USER_NOTICE = ObjectIdentifier("1.3.6.1.5.5.7.2.2")
232 ANY_POLICY = ObjectIdentifier("2.5.29.32.0")
235class AttributeOID:
236 CHALLENGE_PASSWORD = ObjectIdentifier("1.2.840.113549.1.9.7")
237 UNSTRUCTURED_NAME = ObjectIdentifier("1.2.840.113549.1.9.2")
240_OID_NAMES = {
241 NameOID.COMMON_NAME: "commonName",
242 NameOID.COUNTRY_NAME: "countryName",
243 NameOID.LOCALITY_NAME: "localityName",
244 NameOID.STATE_OR_PROVINCE_NAME: "stateOrProvinceName",
245 NameOID.STREET_ADDRESS: "streetAddress",
246 NameOID.ORGANIZATION_NAME: "organizationName",
247 NameOID.ORGANIZATIONAL_UNIT_NAME: "organizationalUnitName",
248 NameOID.SERIAL_NUMBER: "serialNumber",
249 NameOID.SURNAME: "surname",
250 NameOID.GIVEN_NAME: "givenName",
251 NameOID.TITLE: "title",
252 NameOID.GENERATION_QUALIFIER: "generationQualifier",
253 NameOID.X500_UNIQUE_IDENTIFIER: "x500UniqueIdentifier",
254 NameOID.DN_QUALIFIER: "dnQualifier",
255 NameOID.PSEUDONYM: "pseudonym",
256 NameOID.USER_ID: "userID",
257 NameOID.DOMAIN_COMPONENT: "domainComponent",
258 NameOID.EMAIL_ADDRESS: "emailAddress",
259 NameOID.JURISDICTION_COUNTRY_NAME: "jurisdictionCountryName",
260 NameOID.JURISDICTION_LOCALITY_NAME: "jurisdictionLocalityName",
261 NameOID.JURISDICTION_STATE_OR_PROVINCE_NAME: (
262 "jurisdictionStateOrProvinceName"
263 ),
264 NameOID.BUSINESS_CATEGORY: "businessCategory",
265 NameOID.POSTAL_ADDRESS: "postalAddress",
266 NameOID.POSTAL_CODE: "postalCode",
267 NameOID.INN: "INN",
268 NameOID.OGRN: "OGRN",
269 NameOID.SNILS: "SNILS",
270 NameOID.UNSTRUCTURED_NAME: "unstructuredName",
271 SignatureAlgorithmOID.RSA_WITH_MD5: "md5WithRSAEncryption",
272 SignatureAlgorithmOID.RSA_WITH_SHA1: "sha1WithRSAEncryption",
273 SignatureAlgorithmOID.RSA_WITH_SHA224: "sha224WithRSAEncryption",
274 SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption",
275 SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption",
276 SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption",
277 SignatureAlgorithmOID.RSASSA_PSS: "rsassaPss",
278 SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1",
279 SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224",
280 SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256",
281 SignatureAlgorithmOID.ECDSA_WITH_SHA384: "ecdsa-with-SHA384",
282 SignatureAlgorithmOID.ECDSA_WITH_SHA512: "ecdsa-with-SHA512",
283 SignatureAlgorithmOID.DSA_WITH_SHA1: "dsa-with-sha1",
284 SignatureAlgorithmOID.DSA_WITH_SHA224: "dsa-with-sha224",
285 SignatureAlgorithmOID.DSA_WITH_SHA256: "dsa-with-sha256",
286 SignatureAlgorithmOID.ED25519: "ed25519",
287 SignatureAlgorithmOID.ED448: "ed448",
288 SignatureAlgorithmOID.ML_DSA_44: "ML-DSA-44",
289 SignatureAlgorithmOID.ML_DSA_65: "ML-DSA-65",
290 SignatureAlgorithmOID.ML_DSA_87: "ML-DSA-87",
291 SignatureAlgorithmOID.GOSTR3411_94_WITH_3410_2001: (
292 "GOST R 34.11-94 with GOST R 34.10-2001"
293 ),
294 SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_256: (
295 "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)"
296 ),
297 SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_512: (
298 "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)"
299 ),
300 HashAlgorithmOID.SHA1: "sha1",
301 HashAlgorithmOID.SHA224: "sha224",
302 HashAlgorithmOID.SHA256: "sha256",
303 HashAlgorithmOID.SHA384: "sha384",
304 HashAlgorithmOID.SHA512: "sha512",
305 HashAlgorithmOID.SHA3_224: "sha3_224",
306 HashAlgorithmOID.SHA3_256: "sha3_256",
307 HashAlgorithmOID.SHA3_384: "sha3_384",
308 HashAlgorithmOID.SHA3_512: "sha3_512",
309 HashAlgorithmOID.SHA3_224_NIST: "sha3_224",
310 HashAlgorithmOID.SHA3_256_NIST: "sha3_256",
311 HashAlgorithmOID.SHA3_384_NIST: "sha3_384",
312 HashAlgorithmOID.SHA3_512_NIST: "sha3_512",
313 PublicKeyAlgorithmOID.DSA: "dsaEncryption",
314 PublicKeyAlgorithmOID.EC_PUBLIC_KEY: "id-ecPublicKey",
315 PublicKeyAlgorithmOID.RSAES_PKCS1_v1_5: "rsaEncryption",
316 PublicKeyAlgorithmOID.X25519: "X25519",
317 PublicKeyAlgorithmOID.X448: "X448",
318 ExtendedKeyUsageOID.SERVER_AUTH: "serverAuth",
319 ExtendedKeyUsageOID.CLIENT_AUTH: "clientAuth",
320 ExtendedKeyUsageOID.CODE_SIGNING: "codeSigning",
321 ExtendedKeyUsageOID.EMAIL_PROTECTION: "emailProtection",
322 ExtendedKeyUsageOID.TIME_STAMPING: "timeStamping",
323 ExtendedKeyUsageOID.OCSP_SIGNING: "OCSPSigning",
324 ExtendedKeyUsageOID.SMARTCARD_LOGON: "msSmartcardLogin",
325 ExtendedKeyUsageOID.KERBEROS_PKINIT_KDC: "pkInitKDC",
326 ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
327 ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
328 ExtensionOID.KEY_USAGE: "keyUsage",
329 ExtensionOID.PRIVATE_KEY_USAGE_PERIOD: "privateKeyUsagePeriod",
330 ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
331 ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
332 ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
333 ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS: (
334 "signedCertificateTimestampList"
335 ),
336 ExtensionOID.SIGNED_CERTIFICATE_TIMESTAMPS: (
337 "signedCertificateTimestampList"
338 ),
339 ExtensionOID.PRECERT_POISON: "ctPoison",
340 ExtensionOID.MS_CERTIFICATE_TEMPLATE: "msCertificateTemplate",
341 ExtensionOID.ADMISSIONS: "Admissions",
342 CRLEntryExtensionOID.CRL_REASON: "cRLReason",
343 CRLEntryExtensionOID.INVALIDITY_DATE: "invalidityDate",
344 CRLEntryExtensionOID.CERTIFICATE_ISSUER: "certificateIssuer",
345 ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
346 ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
347 ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
348 ExtensionOID.POLICY_MAPPINGS: "policyMappings",
349 ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
350 ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
351 ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
352 ExtensionOID.FRESHEST_CRL: "freshestCRL",
353 ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
354 ExtensionOID.ISSUING_DISTRIBUTION_POINT: "issuingDistributionPoint",
355 ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
356 ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
357 ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
358 ExtensionOID.CRL_NUMBER: "cRLNumber",
359 ExtensionOID.DELTA_CRL_INDICATOR: "deltaCRLIndicator",
360 ExtensionOID.TLS_FEATURE: "TLSFeature",
361 AuthorityInformationAccessOID.OCSP: "OCSP",
362 AuthorityInformationAccessOID.CA_ISSUERS: "caIssuers",
363 SubjectInformationAccessOID.CA_REPOSITORY: "caRepository",
364 CertificatePoliciesOID.CPS_QUALIFIER: "id-qt-cps",
365 CertificatePoliciesOID.CPS_USER_NOTICE: "id-qt-unotice",
366 OCSPExtensionOID.NONCE: "OCSPNonce",
367 AttributeOID.CHALLENGE_PASSWORD: "challengePassword",
368}