CyberChef/src/core/operations/PublicKey.js

import Utils from "../Utils.js";
import * as r from "jsrsasign";


/**
 * Public Key operations.
 *
 * @author n1474335 [n1474335@gmail.com]
 * @copyright Crown Copyright 2016
 * @license Apache-2.0
 *
 * @namespace
 */
const PublicKey = {

    /**
     * @constant
     * @default
     */
    X509_INPUT_FORMAT: ["PEM", "DER Hex", "Base64", "Raw"],

    /**
     * Parse X.509 certificate operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runParseX509: function (input, args) {
        let cert = new r.X509(),
            inputFormat = args[0];

        if (!input.length) {
            return "No input";
        }

        switch (inputFormat) {
            case "DER Hex":
                input = input.replace(/\s/g, "");
                cert.hex = input;
                cert.pem = r.KJUR.asn1.ASN1Util.getPEMStringFromHex(input, "CERTIFICATE");
                break;
            case "PEM":
                cert.hex = r.X509.pemToHex(input);
                cert.pem = input;
                break;
            case "Base64":
                cert.hex = Utils.toHex(Utils.fromBase64(input, null, "byteArray"), "");
                cert.pem = r.KJUR.asn1.ASN1Util.getPEMStringFromHex(cert.hex, "CERTIFICATE");
                break;
            case "Raw":
                cert.hex = Utils.toHex(Utils.strToByteArray(input), "");
                cert.pem = r.KJUR.asn1.ASN1Util.getPEMStringFromHex(cert.hex, "CERTIFICATE");
                break;
            default:
                throw "Undefined input format";
        }

        let version = r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [0, 0, 0]),
            sn = cert.getSerialNumberHex(),
            algorithm = r.KJUR.asn1.x509.OID.oid2name(r.KJUR.asn1.ASN1Util.oidHexToInt(r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [0, 2, 0]))),
            issuer = cert.getIssuerString(),
            notBefore = cert.getNotBefore(),
            notAfter = cert.getNotAfter(),
            subject = cert.getSubjectString(),
            pkAlgorithm = r.KJUR.asn1.x509.OID.oid2name(r.KJUR.asn1.ASN1Util.oidHexToInt(r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [0, 6, 0, 0]))),
            pk = r.X509.getPublicKeyFromCertPEM(cert.pem),
            pkFields = [],
            pkStr = "",
            certSigAlg = r.KJUR.asn1.x509.OID.oid2name(r.KJUR.asn1.ASN1Util.oidHexToInt(r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [1, 0]))),
            certSig = r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [2]).substr(2),
            sigStr = "",
            extensions = r.ASN1HEX.dump(r.ASN1HEX.getDecendantHexVByNthList(cert.hex, 0, [0, 7]));

        // Public Key fields
        if (pk.type === "EC") { // ECDSA
            pkFields.push({
                key: "Curve Name",
                value: pk.curveName
            });
            pkFields.push({
                key: "Length",
                value: (((new r.BigInteger(pk.pubKeyHex, 16)).bitLength()-3) /2) + " bits"
            });
            pkFields.push({
                key: "pub",
                value: PublicKey._formatByteStr(pk.pubKeyHex, 16, 18)
            });
        } else if (pk.type === "DSA") { // DSA
            pkFields.push({
                key: "pub",
                value: PublicKey._formatByteStr(pk.y.toString(16), 16, 18)
            });
            pkFields.push({
                key: "P",
                value: PublicKey._formatByteStr(pk.p.toString(16), 16, 18)
            });
            pkFields.push({
                key: "Q",
                value: PublicKey._formatByteStr(pk.q.toString(16), 16, 18)
            });
            pkFields.push({
                key: "G",
                value: PublicKey._formatByteStr(pk.g.toString(16), 16, 18)
            });
        } else if (pk.e) { // RSA
            pkFields.push({
                key: "Length",
                value: pk.n.bitLength() + " bits"
            });
            pkFields.push({
                key: "Modulus",
                value: PublicKey._formatByteStr(pk.n.toString(16), 16, 18)
            });
            pkFields.push({
                key: "Exponent",
                value: pk.e + " (0x" + pk.e.toString(16) + ")"
            });
        } else {
            pkFields.push({
                key: "Error",
                value: "Unknown Public Key type"
            });
        }

        // Signature fields
        var breakoutSig = false;
        try {
            breakoutSig = r.ASN1HEX.dump(certSig).indexOf("SEQUENCE") === 0;
        } catch(err) {
            // Error processing signature, output without further breakout
        }

        if (breakoutSig) { // DSA or ECDSA
            sigStr = "  r:              " + PublicKey._formatByteStr(r.ASN1HEX.getDecendantHexVByNthList(certSig, 0, [0]), 16, 18) + "\n" +
                "  s:              " + PublicKey._formatByteStr(r.ASN1HEX.getDecendantHexVByNthList(certSig, 0, [1]), 16, 18) + "\n";
        } else { // RSA or unknown
            sigStr = "  Signature:      " + PublicKey._formatByteStr(certSig, 16, 18) + "\n";
        }

        // Format Public Key fields
        for (let i = 0; i < pkFields.length; i++) {
            pkStr += "  " + pkFields[i].key + ":" +
                Utils.padLeft(
                    pkFields[i].value + "\n",
                    18 - (pkFields[i].key.length + 3) + pkFields[i].value.length + 1,
                    " "
                );
        }

        let issuerStr = PublicKey._formatDnStr(issuer, 2),
            nbDate = PublicKey._formatDate(notBefore),
            naDate = PublicKey._formatDate(notAfter),
            subjectStr = PublicKey._formatDnStr(subject, 2);

        const output = "Version:          " + (parseInt(version, 16) + 1) + " (0x" + version + ")\n" +
            "Serial number:    " + new r.BigInteger(sn, 16).toString() + " (0x" + sn + ")\n" +
            "Algorithm ID:     " + algorithm + "\n" +
            "Validity\n" +
            "  Not Before:     " + nbDate + " (dd-mm-yy hh:mm:ss) (" + notBefore + ")\n" +
            "  Not After:      " + naDate + " (dd-mm-yy hh:mm:ss) (" + notAfter + ")\n" +
            "Issuer\n" +
            issuerStr +
            "Subject\n" +
            subjectStr +
            "Public Key\n" +
            "  Algorithm:      " + pkAlgorithm + "\n" +
            pkStr +
            "Certificate Signature\n" +
            "  Algorithm:      " + certSigAlg + "\n" +
            sigStr +
            "\nExtensions (parsed ASN.1)\n" +
            extensions;

        return output;
    },


    /**
     * PEM to Hex operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runPemToHex: function(input, args) {
        if (input.indexOf("-----BEGIN") < 0) {
            // Add header so that the KEYUTIL function works
            input = "-----BEGIN CERTIFICATE-----" + input;
        }
        if (input.indexOf("-----END") < 0) {
            // Add footer so that the KEYUTIL function works
            input = input + "-----END CERTIFICATE-----";
        }
        return r.KEYUTIL.getHexFromPEM(input);
    },


    /**
     * @constant
     * @default
     */
    PEM_HEADER_STRING: "CERTIFICATE",

    /**
     * Hex to PEM operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runHexToPem: function(input, args) {
        return r.KJUR.asn1.ASN1Util.getPEMStringFromHex(input.replace(/\s/g, ""), args[0]);
    },


    /**
     * Hex to Object Identifier operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runHexToObjectIdentifier: function(input, args) {
        return r.KJUR.asn1.ASN1Util.oidHexToInt(input.replace(/\s/g, ""));
    },


    /**
     * Object Identifier to Hex operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runObjectIdentifierToHex: function(input, args) {
        return r.KJUR.asn1.ASN1Util.oidIntToHex(input);
    },


    /**
     * @constant
     * @default
     */
    ASN1_TRUNCATE_LENGTH: 32,

    /**
     * Parse ASN.1 hex string operation.
     *
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    runParseAsn1HexString: function(input, args) {
        let truncateLen = args[1],
            index = args[0];
        return r.ASN1HEX.dump(input.replace(/\s/g, ""), {
            "ommitLongOctet": truncateLen
        }, index);
    },


    /**
     * Formats Distinguished Name (DN) strings.
     *
     * @private
     * @param {string} dnStr
     * @param {number} indent
     * @returns {string}
     */
    _formatDnStr: function(dnStr, indent) {
        let output = "",
            fields = dnStr.split(",/|"),
            maxKeyLen = 0,
            key,
            value,
            i,
            str;

        for (i = 0; i < fields.length; i++) {
            if (!fields[i].length) continue;

            key = fields[i].split("=")[0];

            maxKeyLen = key.length > maxKeyLen ? key.length : maxKeyLen;
        }

        for (i = 0; i < fields.length; i++) {
            if (!fields[i].length) continue;

            key = fields[i].split("=")[0];
            value = fields[i].split("=")[1];
            str = Utils.padRight(key, maxKeyLen) + " = " + value + "\n";

            output += Utils.padLeft(str, indent + str.length, " ");
        }

        return output;
    },


    /**
     * Formats byte strings by adding line breaks and delimiters.
     *
     * @private
     * @param {string} byteStr
     * @param {number} length - Line width
     * @param {number} indent
     * @returns {string}
     */
    _formatByteStr: function(byteStr, length, indent) {
        byteStr = Utils.toHex(Utils.fromHex(byteStr), ":");
        length = length * 3;
        let output = "";

        for (let i = 0; i < byteStr.length; i += length) {
            const str = byteStr.slice(i, i + length) + "\n";
            if (i === 0) {
                output += str;
            } else {
                output += Utils.padLeft(str, indent + str.length, " ");
            }
        }

        return output.slice(0, output.length-1);
    },


    /**
     * Formats dates.
     *
     * @private
     * @param {string} dateStr
     * @returns {string}
     */
    _formatDate: function(dateStr) {
        return dateStr[4] + dateStr[5] + "/" +
            dateStr[2] + dateStr[3] + "/" +
            dateStr[0] + dateStr[1] + " " +
            dateStr[6] + dateStr[7] + ":" +
            dateStr[8] + dateStr[9] + ":" +
            dateStr[10] + dateStr[11];
    },

};

export default PublicKey;


/**
 * Overwrite X509.hex2dn function so as to join RDNs with a string which can be split on without
 * causing problems later (I hope).
 *
 * @param {string} hDN - Hex DN string
 * @returns {string}
 */
r.X509.hex2dn = function(hDN) {
    let s = "";
    const a = r.ASN1HEX.getPosArrayOfChildren_AtObj(hDN, 0);
    for (let i = 0; i < a.length; i++) {
        const hRDN = r.ASN1HEX.getHexOfTLV_AtObj(hDN, a[i]);
        s = s + ",/|" + r.X509.hex2rdn(hRDN);
    }
    return s;
};


/**
 * Overwrite DN attribute lookup in jsrasign library with a much more complete version from
 * https://github.com/nfephp-org/nfephp/blob/master/libs/Common/Certificate/Oids.php
 *
 * Various duplicates commented out.
 *
 * @constant
 */
r.X509.DN_ATTRHEX = {
    "0603550403" : "commonName",
    "0603550404" : "surname",
    "0603550406" : "countryName",
    "0603550407" : "localityName",
    "0603550408" : "stateOrProvinceName",
    "0603550409" : "streetAddress",
    "060355040a" : "organizationName",
    "060355040b" : "organizationalUnitName",
    "060355040c" : "title",
    "0603550414" : "telephoneNumber",
    "060355042a" : "givenName",
    // "0603551d0e" : "id-ce-subjectKeyIdentifier",
    // "0603551d0f" : "id-ce-keyUsage",
    // "0603551d11" : "id-ce-subjectAltName",
    // "0603551d13" : "id-ce-basicConstraints",
    // "0603551d14" : "id-ce-cRLNumber",
    // "0603551d1f" : "id-ce-CRLDistributionPoints",
    // "0603551d20" : "id-ce-certificatePolicies",
    // "0603551d23" : "id-ce-authorityKeyIdentifier",
    // "0603551d25" : "id-ce-extKeyUsage",
    // "06032a864886f70d010901" : "Email",
    // "06032a864886f70d010101" : "RSAEncryption",
    // "06032a864886f70d010102" : "md2WithRSAEncryption",
    // "06032a864886f70d010104" : "md5withRSAEncryption",
    // "06032a864886f70d010105" : "SHA-1WithRSAEncryption",
    // "06032a8648ce380403" : "id-dsa-with-sha-1",
    // "06032b06010505070302" : "idKpClientAuth",
    // "06032b06010505070304" : "idKpSecurityemail",
    "06032b06010505070201" : "idCertificatePolicies",
    "06036086480186f8420101" : "netscape-cert-type",
    "06036086480186f8420102" : "netscape-base-url",
    "06036086480186f8420103" : "netscape-revocation-url",
    "06036086480186f8420104" : "netscape-ca-revocation-url",
    "06036086480186f8420107" : "netscape-cert-renewal-url",
    "06036086480186f8420108" : "netscape-ca-policy-url",
    "06036086480186f842010c" : "netscape-ssl-server-name",
    "06036086480186f842010d" : "netscape-comment",
    "0603604c010201" : "A1",
    "0603604c010203" : "A3",
    "0603604c01020110" : "Certification Practice Statement pointer",
    "0603604c010301" : "Dados do cert parte 1",
    "0603604c010305" : "Dados do cert parte 2",
    "0603604c010306" : "Dados do cert parte 3",
    "06030992268993f22c640119" : "domainComponent",
    "06032a24a0f2a07d01010a" : "Signet pilot",
    "06032a24a0f2a07d01010b" : "Signet intraNet",
    "06032a24a0f2a07d010102" : "Signet personal",
    "06032a24a0f2a07d010114" : "Signet securityPolicy",
    "06032a24a0f2a07d010103" : "Signet business",
    "06032a24a0f2a07d010104" : "Signet legal",
    "06032a24a497a35301640101" : "Certificates Australia policyIdentifier",
    "06032a85702201" : "seis-cp",
    "06032a8570220101" : "SEIS certificatePolicy-s10",
    "06032a85702202" : "SEIS pe",
    "06032a85702203" : "SEIS at",
    "06032a8570220301" : "SEIS at-personalIdentifier",
    "06032a8648ce380201" : "holdinstruction-none",
    "06032a8648ce380202" : "holdinstruction-callissuer",
    "06032a8648ce380203" : "holdinstruction-reject",
    "06032a8648ce380401" : "dsa",
    "06032a8648ce380403" : "dsaWithSha1",
    "06032a8648ce3d01" : "fieldType",
    "06032a8648ce3d0101" : "prime-field",
    "06032a8648ce3d0102" : "characteristic-two-field",
    "06032a8648ce3d010201" : "ecPublicKey",
    "06032a8648ce3d010203" : "characteristic-two-basis",
    "06032a8648ce3d01020301" : "onBasis",
    "06032a8648ce3d01020302" : "tpBasis",
    "06032a8648ce3d01020303" : "ppBasis",
    "06032a8648ce3d02" : "publicKeyType",
    "06032a8648ce3d0201" : "ecPublicKey",
    "06032a8648ce3e0201" : "dhPublicNumber",
    "06032a864886f67d07" : "nsn",
    "06032a864886f67d0741" : "nsn-ce",
    "06032a864886f67d074100" : "entrustVersInfo",
    "06032a864886f67d0742" : "nsn-alg",
    "06032a864886f67d07420a" : "cast5CBC",
    "06032a864886f67d07420b" : "cast5MAC",
    "06032a864886f67d07420c" : "pbeWithMD5AndCAST5-CBC",
    "06032a864886f67d07420d" : "passwordBasedMac",
    "06032a864886f67d074203" : "cast3CBC",
    "06032a864886f67d0743" : "nsn-oc",
    "06032a864886f67d074300" : "entrustUser",
    "06032a864886f67d0744" : "nsn-at",
    "06032a864886f67d074400" : "entrustCAInfo",
    "06032a864886f67d07440a" : "attributeCertificate",
    "06032a864886f70d0101" : "pkcs-1",
    "06032a864886f70d010101" : "rsaEncryption",
    "06032a864886f70d010102" : "md2withRSAEncryption",
    "06032a864886f70d010103" : "md4withRSAEncryption",
    "06032a864886f70d010104" : "md5withRSAEncryption",
    "06032a864886f70d010105" : "sha1withRSAEncryption",
    "06032a864886f70d010106" : "rsaOAEPEncryptionSET",
    "06032a864886f70d010910020b" : "SMIMEEncryptionKeyPreference",
    "06032a864886f70d010c" : "pkcs-12",
    "06032a864886f70d010c01" : "pkcs-12-PbeIds",
    "06032a864886f70d010c0101" : "pbeWithSHAAnd128BitRC4",
    "06032a864886f70d010c0102" : "pbeWithSHAAnd40BitRC4",
    "06032a864886f70d010c0103" : "pbeWithSHAAnd3-KeyTripleDES-CBC",
    "06032a864886f70d010c0104" : "pbeWithSHAAnd2-KeyTripleDES-CBC",
    "06032a864886f70d010c0105" : "pbeWithSHAAnd128BitRC2-CBC",
    "06032a864886f70d010c0106" : "pbeWithSHAAnd40BitRC2-CBC",
    "06032a864886f70d010c0a" : "pkcs-12Version1",
    "06032a864886f70d010c0a01" : "pkcs-12BadIds",
    "06032a864886f70d010c0a0101" : "pkcs-12-keyBag",
    "06032a864886f70d010c0a0102" : "pkcs-12-pkcs-8ShroudedKeyBag",
    "06032a864886f70d010c0a0103" : "pkcs-12-certBag",
    "06032a864886f70d010c0a0104" : "pkcs-12-crlBag",
    "06032a864886f70d010c0a0105" : "pkcs-12-secretBag",
    "06032a864886f70d010c0a0106" : "pkcs-12-safeContentsBag",
    "06032a864886f70d010c02" : "pkcs-12-ESPVKID",
    "06032a864886f70d010c0201" : "pkcs-12-PKCS8KeyShrouding",
    "06032a864886f70d010c03" : "pkcs-12-BagIds",
    "06032a864886f70d010c0301" : "pkcs-12-keyBagId",
    "06032a864886f70d010c0302" : "pkcs-12-certAndCRLBagId",
    "06032a864886f70d010c0303" : "pkcs-12-secretBagId",
    "06032a864886f70d010c0304" : "pkcs-12-safeContentsId",
    "06032a864886f70d010c0305" : "pkcs-12-pkcs-8ShroudedKeyBagId",
    "06032a864886f70d010c04" : "pkcs-12-CertBagID",
    "06032a864886f70d010c0401" : "pkcs-12-X509CertCRLBagID",
    "06032a864886f70d010c0402" : "pkcs-12-SDSICertBagID",
    "06032a864886f70d010c05" : "pkcs-12-OID",
    "06032a864886f70d010c0501" : "pkcs-12-PBEID",
    "06032a864886f70d010c050101" : "pkcs-12-PBEWithSha1And128BitRC4",
    "06032a864886f70d010c050102" : "pkcs-12-PBEWithSha1And40BitRC4",
    "06032a864886f70d010c050103" : "pkcs-12-PBEWithSha1AndTripleDESCBC",
    "06032a864886f70d010c050104" : "pkcs-12-PBEWithSha1And128BitRC2CBC",
    "06032a864886f70d010c050105" : "pkcs-12-PBEWithSha1And40BitRC2CBC",
    "06032a864886f70d010c050106" : "pkcs-12-PBEWithSha1AndRC4",
    "06032a864886f70d010c050107" : "pkcs-12-PBEWithSha1AndRC2CBC",
    "06032a864886f70d010c0502" : "pkcs-12-EnvelopingID",
    "06032a864886f70d010c050201" : "pkcs-12-RSAEncryptionWith128BitRC4",
    "06032a864886f70d010c050202" : "pkcs-12-RSAEncryptionWith40BitRC4",
    "06032a864886f70d010c050203" : "pkcs-12-RSAEncryptionWithTripleDES",
    "06032a864886f70d010c0503" : "pkcs-12-SignatureID",
    "06032a864886f70d010c050301" : "pkcs-12-RSASignatureWithSHA1Digest",
    "06032a864886f70d0103" : "pkcs-3",
    "06032a864886f70d010301" : "dhKeyAgreement",
    "06032a864886f70d0105" : "pkcs-5",
    "06032a864886f70d010501" : "pbeWithMD2AndDES-CBC",
    "06032a864886f70d01050a" : "pbeWithSHAAndDES-CBC",
    "06032a864886f70d010503" : "pbeWithMD5AndDES-CBC",
    "06032a864886f70d010504" : "pbeWithMD2AndRC2-CBC",
    "06032a864886f70d010506" : "pbeWithMD5AndRC2-CBC",
    "06032a864886f70d010509" : "pbeWithMD5AndXOR",
    "06032a864886f70d0107" : "pkcs-7",
    "06032a864886f70d010701" : "data",
    "06032a864886f70d010702" : "signedData",
    "06032a864886f70d010703" : "envelopedData",
    "06032a864886f70d010704" : "signedAndEnvelopedData",
    "06032a864886f70d010705" : "digestData",
    "06032a864886f70d010706" : "encryptedData",
    "06032a864886f70d010707" : "dataWithAttributes",
    "06032a864886f70d010708" : "encryptedPrivateKeyInfo",
    "06032a864886f70d0109" : "pkcs-9",
    "06032a864886f70d010901" : "emailAddress",
    "06032a864886f70d01090a" : "issuerAndSerialNumber",
    "06032a864886f70d01090b" : "passwordCheck",
    "06032a864886f70d01090c" : "publicKey",
    "06032a864886f70d01090d" : "signingDescription",
    "06032a864886f70d01090e" : "extensionReq",
    "06032a864886f70d01090f" : "sMIMECapabilities",
    "06032a864886f70d01090f01" : "preferSignedData",
    "06032a864886f70d01090f02" : "canNotDecryptAny",
    "06032a864886f70d01090f03" : "receiptRequest",
    "06032a864886f70d01090f04" : "receipt",
    "06032a864886f70d01090f05" : "contentHints",
    "06032a864886f70d01090f06" : "mlExpansionHistory",
    "06032a864886f70d010910" : "id-sMIME",
    "06032a864886f70d01091000" : "id-mod",
    "06032a864886f70d0109100001" : "id-mod-cms",
    "06032a864886f70d0109100002" : "id-mod-ess",
    "06032a864886f70d01091001" : "id-ct",
    "06032a864886f70d0109100101" : "id-ct-receipt",
    "06032a864886f70d01091002" : "id-aa",
    "06032a864886f70d0109100201" : "id-aa-receiptRequest",
    "06032a864886f70d0109100202" : "id-aa-securityLabel",
    "06032a864886f70d0109100203" : "id-aa-mlExpandHistory",
    "06032a864886f70d0109100204" : "id-aa-contentHint",
    "06032a864886f70d010902" : "unstructuredName",
    "06032a864886f70d010914" : "friendlyName",
    "06032a864886f70d010915" : "localKeyID",
    "06032a864886f70d010916" : "certTypes",
    "06032a864886f70d01091601" : "x509Certificate",
    "06032a864886f70d01091602" : "sdsiCertificate",
    "06032a864886f70d010917" : "crlTypes",
    "06032a864886f70d01091701" : "x509Crl",
    "06032a864886f70d010903" : "contentType",
    "06032a864886f70d010904" : "messageDigest",
    "06032a864886f70d010905" : "signingTime",
    "06032a864886f70d010906" : "countersignature",
    "06032a864886f70d010907" : "challengePassword",
    "06032a864886f70d010908" : "unstructuredAddress",
    "06032a864886f70d010909" : "extendedCertificateAttributes",
    "06032a864886f70d02" : "digestAlgorithm",
    "06032a864886f70d0202" : "md2",
    "06032a864886f70d0204" : "md4",
    "06032a864886f70d0205" : "md5",
    "06032a864886f70d03" : "encryptionAlgorithm",
    "06032a864886f70d030a" : "desCDMF",
    "06032a864886f70d0302" : "rc2CBC",
    "06032a864886f70d0303" : "rc2ECB",
    "06032a864886f70d0304" : "rc4",
    "06032a864886f70d0305" : "rc4WithMAC",
    "06032a864886f70d0306" : "DESX-CBC",
    "06032a864886f70d0307" : "DES-EDE3-CBC",
    "06032a864886f70d0308" : "RC5CBC",
    "06032a864886f70d0309" : "RC5-CBCPad",
    "06032a864886f7140403" : "microsoftExcel",
    "06032a864886f7140404" : "titledWithOID",
    "06032a864886f7140405" : "microsoftPowerPoint",
    "06032b81051086480954" : "x9-84",
    "06032b8105108648095400" : "x9-84-Module",
    "06032b810510864809540001" : "x9-84-Biometrics",
    "06032b810510864809540002" : "x9-84-CMS",
    "06032b810510864809540003" : "x9-84-Identifiers",
    "06032b8105108648095401" : "biometric",
    "06032b810510864809540100" : "id-unknown-Type",
    "06032b810510864809540101" : "id-body-Odor",
    "06032b81051086480954010a" : "id-palm",
    "06032b81051086480954010b" : "id-retina",
    "06032b81051086480954010c" : "id-signature",
    "06032b81051086480954010d" : "id-speech-Pattern",
    "06032b81051086480954010e" : "id-thermal-Image",
    "06032b81051086480954010f" : "id-vein-Pattern",
    "06032b810510864809540110" : "id-thermal-Face-Image",
    "06032b810510864809540111" : "id-thermal-Hand-Image",
    "06032b810510864809540112" : "id-lip-Movement",
    "06032b810510864809540113" : "id-gait",
    "06032b810510864809540102" : "id-dna",
    "06032b810510864809540103" : "id-ear-Shape",
    "06032b810510864809540104" : "id-facial-Features",
    "06032b810510864809540105" : "id-finger-Image",
    "06032b810510864809540106" : "id-finger-Geometry",
    "06032b810510864809540107" : "id-hand-Geometry",
    "06032b810510864809540108" : "id-iris-Features",
    "06032b810510864809540109" : "id-keystroke-Dynamics",
    "06032b8105108648095402" : "processing-algorithm",
    "06032b8105108648095403" : "matching-method",
    "06032b8105108648095404" : "format-Owner",
    "06032b810510864809540400" : "cbeff-Owner",
    "06032b810510864809540401" : "ibia-Owner",
    "06032b81051086480954040101" : "id-ibia-SAFLINK",
    "06032b8105108648095404010a" : "id-ibia-SecuGen",
    "06032b8105108648095404010b" : "id-ibia-PreciseBiometric",
    "06032b8105108648095404010c" : "id-ibia-Identix",
    "06032b8105108648095404010d" : "id-ibia-DERMALOG",
    "06032b8105108648095404010e" : "id-ibia-LOGICO",
    "06032b8105108648095404010f" : "id-ibia-NIST",
    "06032b81051086480954040110" : "id-ibia-A3Vision",
    "06032b81051086480954040111" : "id-ibia-NEC",
    "06032b81051086480954040112" : "id-ibia-STMicroelectronics",
    "06032b81051086480954040102" : "id-ibia-Bioscrypt",
    "06032b81051086480954040103" : "id-ibia-Visionics",
    "06032b81051086480954040104" : "id-ibia-InfineonTechnologiesAG",
    "06032b81051086480954040105" : "id-ibia-IridianTechnologies",
    "06032b81051086480954040106" : "id-ibia-Veridicom",
    "06032b81051086480954040107" : "id-ibia-CyberSIGN",
    "06032b81051086480954040108" : "id-ibia-eCryp.",
    "06032b81051086480954040109" : "id-ibia-FingerprintCardsAB",
    "06032b810510864809540402" : "x9-Owner",
    "06032b0e021a05" : "sha",
    "06032b0e03020101" : "rsa",
    "06032b0e03020a" : "desMAC",
    "06032b0e03020b" : "rsaSignature",
    "06032b0e03020c" : "dsa",
    "06032b0e03020d" : "dsaWithSHA",
    "06032b0e03020e" : "mdc2WithRSASignature",
    "06032b0e03020f" : "shaWithRSASignature",
    "06032b0e030210" : "dhWithCommonModulus",
    "06032b0e030211" : "desEDE",
    "06032b0e030212" : "sha",
    "06032b0e030213" : "mdc-2",
    "06032b0e030202" : "md4WitRSA",
    "06032b0e03020201" : "sqmod-N",
    "06032b0e030214" : "dsaCommon",
    "06032b0e030215" : "dsaCommonWithSHA",
    "06032b0e030216" : "rsaKeyTransport",
    "06032b0e030217" : "keyed-hash-seal",
    "06032b0e030218" : "md2WithRSASignature",
    "06032b0e030219" : "md5WithRSASignature",
    "06032b0e03021a" : "sha1",
    "06032b0e03021b" : "dsaWithSHA1",
    "06032b0e03021c" : "dsaWithCommonSHA1",
    "06032b0e03021d" : "sha-1WithRSAEncryption",
    "06032b0e030203" : "md5WithRSA",
    "06032b0e03020301" : "sqmod-NwithRSA",
    "06032b0e030204" : "md4WithRSAEncryption",
    "06032b0e030206" : "desECB",
    "06032b0e030207" : "desCBC",
    "06032b0e030208" : "desOFB",
    "06032b0e030209" : "desCFB",
    "06032b0e030301" : "simple-strong-auth-mechanism",
    "06032b0e07020101" : "ElGamal",
    "06032b0e07020301" : "md2WithRSA",
    "06032b0e07020302" : "md2WithElGamal",
    "06032b2403" : "algorithm",
    "06032b240301" : "encryptionAlgorithm",
    "06032b24030101" : "des",
    "06032b240301010101" : "desECBPad",
    "06032b24030101010101" : "desECBPadISO",
    "06032b240301010201" : "desCBCPad",
    "06032b24030101020101" : "desCBCPadISO",
    "06032b24030102" : "idea",
    "06032b2403010201" : "ideaECB",
    "06032b240301020101" : "ideaECBPad",
    "06032b24030102010101" : "ideaECBPadISO",
    "06032b2403010202" : "ideaCBC",
    "06032b240301020201" : "ideaCBCPad",
    "06032b24030102020101" : "ideaCBCPadISO",
    "06032b2403010203" : "ideaOFB",
    "06032b2403010204" : "ideaCFB",
    "06032b24030103" : "des-3",
    "06032b240301030101" : "des-3ECBPad",
    "06032b24030103010101" : "des-3ECBPadISO",
    "06032b240301030201" : "des-3CBCPad",
    "06032b24030103020101" : "des-3CBCPadISO",
    "06032b240302" : "hashAlgorithm",
    "06032b24030201" : "ripemd160",
    "06032b24030202" : "ripemd128",
    "06032b24030203" : "ripemd256",
    "06032b24030204" : "mdc2singleLength",
    "06032b24030205" : "mdc2doubleLength",
    "06032b240303" : "signatureAlgorithm",
    "06032b24030301" : "rsa",
    "06032b2403030101" : "rsaMitSHA-1",
    "06032b2403030102" : "rsaMitRIPEMD160",
    "06032b24030302" : "ellipticCurve",
    "06032b240304" : "signatureScheme",
    "06032b24030401" : "iso9796-1",
    "06032b2403040201" : "iso9796-2",
    "06032b2403040202" : "iso9796-2rsa",
    "06032b2404" : "attribute",
    "06032b2405" : "policy",
    "06032b2406" : "api",
    "06032b240601" : "manufacturerSpecific",
    "06032b240602" : "functionalitySpecific",
    "06032b2407" : "api",
    "06032b240701" : "keyAgreement",
    "06032b240702" : "keyTransport",
    "06032b06010401927c0a0101" : "UNINETT policyIdentifier",
    "06032b0601040195180a" : "ICE-TEL policyIdentifier",
    "06032b0601040197552001" : "cryptlibEnvelope",
    "06032b0601040197552002" : "cryptlibPrivateKey",
    "060a2b060104018237" : "Microsoft OID",
    "060a2b0601040182370a" : "Crypto 2.0",
    "060a2b0601040182370a01" : "certTrustList",
    "060a2b0601040182370a0101" : "szOID_SORTED_CTL",
    "060a2b0601040182370a0a" : "Microsoft CMC OIDs",
    "060a2b0601040182370a0a01" : "szOID_CMC_ADD_ATTRIBUTES",
    "060a2b0601040182370a0b" : "Microsoft certificate property OIDs",
    "060a2b0601040182370a0b01" : "szOID_CERT_PROP_ID_PREFIX",
    "060a2b0601040182370a0c" : "CryptUI",
    "060a2b0601040182370a0c01" : "szOID_ANY_APPLICATION_POLICY",
    "060a2b0601040182370a02" : "nextUpdateLocation",
    "060a2b0601040182370a0301" : "certTrustListSigning",
    "060a2b0601040182370a030a" : "szOID_KP_QUALIFIED_SUBORDINATION",
    "060a2b0601040182370a030b" : "szOID_KP_KEY_RECOVERY",
    "060a2b0601040182370a030c" : "szOID_KP_DOCUMENT_SIGNING",
    "060a2b0601040182370a0302" : "timeStampSigning",
    "060a2b0601040182370a0303" : "serverGatedCrypto",
    "060a2b0601040182370a030301" : "szOID_SERIALIZED",
    "060a2b0601040182370a0304" : "encryptedFileSystem",
    "060a2b0601040182370a030401" : "szOID_EFS_RECOVERY",
    "060a2b0601040182370a0305" : "szOID_WHQL_CRYPTO",
    "060a2b0601040182370a0306" : "szOID_NT5_CRYPTO",
    "060a2b0601040182370a0307" : "szOID_OEM_WHQL_CRYPTO",
    "060a2b0601040182370a0308" : "szOID_EMBEDDED_NT_CRYPTO",
    "060a2b0601040182370a0309" : "szOID_ROOT_LIST_SIGNER",
    "060a2b0601040182370a0401" : "yesnoTrustAttr",
    "060a2b0601040182370a0501" : "szOID_DRM",
    "060a2b0601040182370a0502" : "szOID_DRM_INDIVIDUALIZATION",
    "060a2b0601040182370a0601" : "szOID_LICENSES",
    "060a2b0601040182370a0602" : "szOID_LICENSE_SERVER",
    "060a2b0601040182370a07" : "szOID_MICROSOFT_RDN_PREFIX",
    "060a2b0601040182370a0701" : "szOID_KEYID_RDN",
    "060a2b0601040182370a0801" : "szOID_REMOVE_CERTIFICATE",
    "060a2b0601040182370a0901" : "szOID_CROSS_CERT_DIST_POINTS",
    "060a2b0601040182370c" : "Catalog",
    "060a2b0601040182370c0101" : "szOID_CATALOG_LIST",
    "060a2b0601040182370c0102" : "szOID_CATALOG_LIST_MEMBER",
    "060a2b0601040182370c0201" : "CAT_NAMEVALUE_OBJID",
    "060a2b0601040182370c0202" : "CAT_MEMBERINFO_OBJID",
    "060a2b0601040182370d" : "Microsoft PKCS10 OIDs",
    "060a2b0601040182370d01" : "szOID_RENEWAL_CERTIFICATE",
    "060a2b0601040182370d0201" : "szOID_ENROLLMENT_NAME_VALUE_PAIR",
    "060a2b0601040182370d0202" : "szOID_ENROLLMENT_CSP_PROVIDER",
    "060a2b0601040182370d0203" : "OS Version",
    "060a2b0601040182370f" : "Microsoft Java",
    "060a2b06010401823710" : "Microsoft Outlook/Exchange",
    "060a2b0601040182371004" : "Outlook Express",
    "060a2b06010401823711" : "Microsoft PKCS12 attributes",
    "060a2b0601040182371101" : "szOID_LOCAL_MACHINE_KEYSET",
    "060a2b06010401823712" : "Microsoft Hydra",
    "060a2b06010401823713" : "Microsoft ISPU Test",
    "060a2b06010401823702" : "Authenticode",
    "060a2b06010401823702010a" : "spcAgencyInfo",
    "060a2b06010401823702010b" : "spcStatementType",
    "060a2b06010401823702010c" : "spcSpOpusInfo",
    "060a2b06010401823702010e" : "certExtensions",
    "060a2b06010401823702010f" : "spcPelmageData",
    "060a2b060104018237020112" : "SPC_RAW_FILE_DATA_OBJID",
    "060a2b060104018237020113" : "SPC_STRUCTURED_STORAGE_DATA_OBJID",
    "060a2b060104018237020114" : "spcLink",
    "060a2b060104018237020115" : "individualCodeSigning",
    "060a2b060104018237020116" : "commercialCodeSigning",
    "060a2b060104018237020119" : "spcLink",
    "060a2b06010401823702011a" : "spcMinimalCriteriaInfo",
    "060a2b06010401823702011b" : "spcFinancialCriteriaInfo",
    "060a2b06010401823702011c" : "spcLink",
    "060a2b06010401823702011d" : "SPC_HASH_INFO_OBJID",
    "060a2b06010401823702011e" : "SPC_SIPINFO_OBJID",
    "060a2b060104018237020104" : "spcIndirectDataContext",
    "060a2b0601040182370202" : "CTL for Software Publishers Trusted CAs",
    "060a2b060104018237020201" : "szOID_TRUSTED_CODESIGNING_CA_LIST",
    "060a2b060104018237020202" : "szOID_TRUSTED_CLIENT_AUTH_CA_LIST",
    "060a2b060104018237020203" : "szOID_TRUSTED_SERVER_AUTH_CA_LIST",
    "060a2b06010401823714" : "Microsoft Enrollment Infrastructure",
    "060a2b0601040182371401" : "szOID_AUTO_ENROLL_CTL_USAGE",
    "060a2b0601040182371402" : "szOID_ENROLL_CERTTYPE_EXTENSION",
    "060a2b060104018237140201" : "szOID_ENROLLMENT_AGENT",
    "060a2b060104018237140202" : "szOID_KP_SMARTCARD_LOGON",
    "060a2b060104018237140203" : "szOID_NT_PRINCIPAL_NAME",
    "060a2b0601040182371403" : "szOID_CERT_MANIFOLD",
    "06092b06010401823715" : "Microsoft CertSrv Infrastructure",
    "06092b0601040182371501" : "szOID_CERTSRV_CA_VERSION",
    "06092b0601040182371514" : "Client Information",
    "060a2b06010401823719" : "Microsoft Directory Service",
    "060a2b0601040182371901" : "szOID_NTDS_REPLICATION",
    "060a2b06010401823703" : "Time Stamping",
    "060a2b060104018237030201" : "SPC_TIME_STAMP_REQUEST_OBJID",
    "060a2b0601040182371e" : "IIS",
    "060a2b0601040182371f" : "Windows updates and service packs",
    "060a2b0601040182371f01" : "szOID_PRODUCT_UPDATE",
    "060a2b06010401823704" : "Permissions",
    "060a2b06010401823728" : "Fonts",
    "060a2b06010401823729" : "Microsoft Licensing and Registration",
    "060a2b0601040182372a" : "Microsoft Corporate PKI (ITG)",
    "060a2b06010401823758" : "CAPICOM",
    "060a2b0601040182375801" : "szOID_CAPICOM_VERSION",
    "060a2b0601040182375802" : "szOID_CAPICOM_ATTRIBUTE",
    "060a2b060104018237580201" : "szOID_CAPICOM_DOCUMENT_NAME",
    "060a2b060104018237580202" : "szOID_CAPICOM_DOCUMENT_DESCRIPTION",
    "060a2b0601040182375803" : "szOID_CAPICOM_ENCRYPTED_DATA",
    "060a2b060104018237580301" : "szOID_CAPICOM_ENCRYPTED_CONTENT",
    "06032b0601050507" : "pkix",
    "06032b060105050701" : "privateExtension",
    "06032b06010505070101" : "authorityInfoAccess",
    "06032b06010505070c02" : "CMC Data",
    "06032b060105050702" : "policyQualifierIds",
    // "06032b06010505070201" : "cps",
    "06032b06010505070202" : "unotice",
    "06032b060105050703" : "keyPurpose",
    "06032b06010505070301" : "serverAuth",
    "06032b06010505070302" : "clientAuth",
    "06032b06010505070303" : "codeSigning",
    "06032b06010505070304" : "emailProtection",
    "06032b06010505070305" : "ipsecEndSystem",
    "06032b06010505070306" : "ipsecTunnel",
    "06032b06010505070307" : "ipsecUser",
    "06032b06010505070308" : "timeStamping",
    "06032b060105050704" : "cmpInformationTypes",
    "06032b06010505070401" : "caProtEncCert",
    "06032b06010505070402" : "signKeyPairTypes",
    "06032b06010505070403" : "encKeyPairTypes",
    "06032b06010505070404" : "preferredSymmAlg",
    "06032b06010505070405" : "caKeyUpdateInfo",
    "06032b06010505070406" : "currentCRL",
    "06032b06010505073001" : "ocsp",
    "06032b06010505073002" : "caIssuers",
    "06032b06010505080101" : "HMAC-MD5",
    "06032b06010505080102" : "HMAC-SHA",
    "060360864801650201010a" : "mosaicKeyManagementAlgorithm",
    "060360864801650201010b" : "sdnsKMandSigAlgorithm",
    "060360864801650201010c" : "mosaicKMandSigAlgorithm",
    "060360864801650201010d" : "SuiteASignatureAlgorithm",
    "060360864801650201010e" : "SuiteAConfidentialityAlgorithm",
    "060360864801650201010f" : "SuiteAIntegrityAlgorithm",
    "06036086480186f84201" : "cert-extension",
    // "06036086480186f8420101" : "netscape-cert-type",
    "06036086480186f842010a" : "EntityLogo",
    "06036086480186f842010b" : "UserPicture",
    // "06036086480186f842010c" : "netscape-ssl-server-name",
    // "06036086480186f842010d" : "netscape-comment",
    // "06036086480186f8420102" : "netscape-base-url",
    // "06036086480186f8420103" : "netscape-revocation-url",
    // "06036086480186f8420104" : "netscape-ca-revocation-url",
    // "06036086480186f8420107" : "netscape-cert-renewal-url",
    // "06036086480186f8420108" : "netscape-ca-policy-url",
    "06036086480186f8420109" : "HomePage-url",
    "06036086480186f84202" : "data-type",
    "06036086480186f8420201" : "GIF",
    "06036086480186f8420202" : "JPEG",
    "06036086480186f8420203" : "URL",
    "06036086480186f8420204" : "HTML",
    "06036086480186f8420205" : "netscape-cert-sequence",
    "06036086480186f8420206" : "netscape-cert-url",
    "06036086480186f84203" : "directory",
    "06036086480186f8420401" : "serverGatedCrypto",
    "06036086480186f845010603" : "Unknown Verisign extension",
    "06036086480186f845010606" : "Unknown Verisign extension",
    "06036086480186f84501070101" : "Verisign certificatePolicy",
    "06036086480186f8450107010101" : "Unknown Verisign policy qualifier",
    "06036086480186f8450107010102" : "Unknown Verisign policy qualifier",
    "0603678105" : "TCPA",
    "060367810501" : "tcpaSpecVersion",
    "060367810502" : "tcpaAttribute",
    "06036781050201" : "tcpaAtTpmManufacturer",
    "0603678105020a" : "tcpaAtSecurityQualities",
    "0603678105020b" : "tcpaAtTpmProtectionProfile",
    "0603678105020c" : "tcpaAtTpmSecurityTarget",
    "0603678105020d" : "tcpaAtFoundationProtectionProfile",
    "0603678105020e" : "tcpaAtFoundationSecurityTarget",
    "0603678105020f" : "tcpaAtTpmIdLabel",
    "06036781050202" : "tcpaAtTpmModel",
    "06036781050203" : "tcpaAtTpmVersion",
    "06036781050204" : "tcpaAtPlatformManufacturer",
    "06036781050205" : "tcpaAtPlatformModel",
    "06036781050206" : "tcpaAtPlatformVersion",
    "06036781050207" : "tcpaAtComponentManufacturer",
    "06036781050208" : "tcpaAtComponentModel",
    "06036781050209" : "tcpaAtComponentVersion",
    "060367810503" : "tcpaProtocol",
    "06036781050301" : "tcpaPrttTpmIdProtocol",
    "0603672a00" : "contentType",
    "0603672a0000" : "PANData",
    "0603672a0001" : "PANToken",
    "0603672a0002" : "PANOnly",
    "0603672a01" : "msgExt",
    "0603672a0a" : "national",
    "0603672a0a8140" : "Japan",
    "0603672a02" : "field",
    "0603672a0200" : "fullName",
    "0603672a0201" : "givenName",
    "0603672a020a" : "amount",
    "0603672a0202" : "familyName",
    "0603672a0203" : "birthFamilyName",
    "0603672a0204" : "placeName",
    "0603672a0205" : "identificationNumber",
    "0603672a0206" : "month",
    "0603672a0207" : "date",
    "0603672a02070b" : "accountNumber",
    "0603672a02070c" : "passPhrase",
    "0603672a0208" : "address",
    "0603672a0209" : "telephone",
    "0603672a03" : "attribute",
    "0603672a0300" : "cert",
    "0603672a030000" : "rootKeyThumb",
    "0603672a030001" : "additionalPolicy",
    "0603672a04" : "algorithm",
    "0603672a05" : "policy",
    "0603672a0500" : "root",
    "0603672a06" : "module",
    "0603672a07" : "certExt",
    "0603672a0700" : "hashedRootKey",
    "0603672a0701" : "certificateType",
    "0603672a0702" : "merchantData",
    "0603672a0703" : "cardCertRequired",
    "0603672a0704" : "tunneling",
    "0603672a0705" : "setExtensions",
    "0603672a0706" : "setQualifier",
    "0603672a08" : "brand",
    "0603672a0801" : "IATA-ATA",
    "0603672a081e" : "Diners",
    "0603672a0822" : "AmericanExpress",
    "0603672a0804" : "VISA",
    "0603672a0805" : "MasterCard",
    "0603672a08ae7b" : "Novus",
    "0603672a09" : "vendor",
    "0603672a0900" : "GlobeSet",
    "0603672a0901" : "IBM",
    "0603672a090a" : "Griffin",
    "0603672a090b" : "Certicom",
    "0603672a090c" : "OSS",
    "0603672a090d" : "TenthMountain",
    "0603672a090e" : "Antares",
    "0603672a090f" : "ECC",
    "0603672a0910" : "Maithean",
    "0603672a0911" : "Netscape",
    "0603672a0912" : "Verisign",
    "0603672a0913" : "BlueMoney",
    "0603672a0902" : "CyberCash",
    "0603672a0914" : "Lacerte",
    "0603672a0915" : "Fujitsu",
    "0603672a0916" : "eLab",
    "0603672a0917" : "Entrust",
    "0603672a0918" : "VIAnet",
    "0603672a0919" : "III",
    "0603672a091a" : "OpenMarket",
    "0603672a091b" : "Lexem",
    "0603672a091c" : "Intertrader",
    "0603672a091d" : "Persimmon",
    "0603672a0903" : "Terisa",
    "0603672a091e" : "NABLE",
    "0603672a091f" : "espace-net",
    "0603672a0920" : "Hitachi",
    "0603672a0921" : "Microsoft",
    "0603672a0922" : "NEC",
    "0603672a0923" : "Mitsubishi",
    "0603672a0924" : "NCR",
    "0603672a0925" : "e-COMM",
    "0603672a0926" : "Gemplus",
    "0603672a0904" : "RSADSI",
    "0603672a0905" : "VeriFone",
    "0603672a0906" : "TrinTech",
    "0603672a0907" : "BankGate",
    "0603672a0908" : "GTE",
    "0603672a0909" : "CompuSource",
    "0603551d01" : "authorityKeyIdentifier",
    "0603551d0a" : "basicConstraints",
    "0603551d0b" : "nameConstraints",
    "0603551d0c" : "policyConstraints",
    "0603551d0d" : "basicConstraints",
    "0603551d0e" : "subjectKeyIdentifier",
    "0603551d0f" : "keyUsage",
    "0603551d10" : "privateKeyUsagePeriod",
    "0603551d11" : "subjectAltName",
    "0603551d12" : "issuerAltName",
    "0603551d13" : "basicConstraints",
    "0603551d02" : "keyAttributes",
    "0603551d14" : "cRLNumber",
    "0603551d15" : "cRLReason",
    "0603551d16" : "expirationDate",
    "0603551d17" : "instructionCode",
    "0603551d18" : "invalidityDate",
    "0603551d1a" : "issuingDistributionPoint",
    "0603551d1b" : "deltaCRLIndicator",
    "0603551d1c" : "issuingDistributionPoint",
    "0603551d1d" : "certificateIssuer",
    "0603551d03" : "certificatePolicies",
    "0603551d1e" : "nameConstraints",
    "0603551d1f" : "cRLDistributionPoints",
    "0603551d20" : "certificatePolicies",
    "0603551d21" : "policyMappings",
    "0603551d22" : "policyConstraints",
    "0603551d23" : "authorityKeyIdentifier",
    "0603551d24" : "policyConstraints",
    "0603551d25" : "extKeyUsage",
    "0603551d04" : "keyUsageRestriction",
    "0603551d05" : "policyMapping",
    "0603551d06" : "subtreesConstraint",
    "0603551d07" : "subjectAltName",
    "0603551d08" : "issuerAltName",
    "0603551d09" : "subjectDirectoryAttributes",
    "0603550400" : "objectClass",
    "0603550401" : "aliasObjectName",
    // "060355040c" : "title",
    "060355040d" : "description",
    "060355040e" : "searchGuide",
    "060355040f" : "businessCategory",
    "0603550410" : "postalAddress",
    "0603550411" : "postalCode",
    "0603550412" : "postOfficeBox",
    "0603550413" : "physicalDeliveryOfficeName",
    "0603550402" : "knowledgeInformation",
    // "0603550414" : "telephoneNumber",
    "0603550415" : "telexNumber",
    "0603550416" : "teletexTerminalIdentifier",
    "0603550417" : "facsimileTelephoneNumber",
    "0603550418" : "x121Address",
    "0603550419" : "internationalISDNNumber",
    "060355041a" : "registeredAddress",
    "060355041b" : "destinationIndicator",
    "060355041c" : "preferredDeliveryMehtod",
    "060355041d" : "presentationAddress",
    "060355041e" : "supportedApplicationContext",
    "060355041f" : "member",
    "0603550420" : "owner",
    "0603550421" : "roleOccupant",
    "0603550422" : "seeAlso",
    "0603550423" : "userPassword",
    "0603550424" : "userCertificate",
    "0603550425" : "caCertificate",
    "0603550426" : "authorityRevocationList",
    "0603550427" : "certificateRevocationList",
    "0603550428" : "crossCertificatePair",
    "0603550429" : "givenName",
    // "060355042a" : "givenName",
    "0603550405" : "serialNumber",
    "0603550434" : "supportedAlgorithms",
    "0603550435" : "deltaRevocationList",
    "060355043a" : "crossCertificatePair",
    // "0603550409" : "streetAddress",
    "06035508" : "X.500-Algorithms",
    "0603550801" : "X.500-Alg-Encryption",
    "060355080101" : "rsa",
    "0603604c0101" : "DPC"
};