// This list contains the oids defined for Microsoft. The OID's can // be used to represent components like X509 extensions, PKCS #7 // extensions and PKCS #7 contents. // // Each subtree within the microsoft OID is assigned to a specific // area. Do not create new oid's outside of the subtree assigned to // you! // Microsoft OID // 1.3.6.1.4.1.311 subtree is Microsoft // Authenticode // 1.3.6.1.4.1.311.2 subtree is defined for authenticode // Time Stamping (with Associated encoder/decoders) // 1.3.6.1.4.1.311.3 subtree is defined for Time stamping // Permissions // 1.3.6.1.4.1.311.4 subtree is defined for permissions // Crypto 2.0 // 1.3.6.1.4.1.311.10 subtree is defined for Crypt 2.0 // Catalog // 1.3.6.1.4.1.311.12 subtree is defined for Catalog Files // Microsoft Java // 1.3.6.1.4.1.311.15 subtree is defined for Java // Microsoft Outlook/Exchange // 1.3.6.1.4.1.311.16 subtree is defined for Microsoft Outlook/Exchange // PKCS12 attributes specific to Microsoft // 1.3.6.1.4.1.311.17 subtree is defined for Microsoft PKCS12 // Microsoft Hydra // 1.3.6.1.4.1.311.18 subtree is defined for Microsoft Hydra // Microsoft ISPU Test // 1.3.6.1.4.1.311.19 subtree is defined for Microsoft ISPU test // Microsoft Enrollment Infastructure // 1.3.6.1.4.1.311.20 subtree is defined for Microsoft Enrollment Infastructure // Microsoft CertSrv Infastructure // 1.3.6.1.4.1.311.21 subtree is defined for Microsoft CertSrv Infastructure // // 1.3.6.1.4.1.311.25 subtree is defined for Microsoft Directory Service // // 1.3.6.1.4.1.311.30 subtree is defined for IIS // 1.3.6.1.4.1.311.31 subtree is defined for Windows updates and service packs // // 1.3.6.1.4.1.311.40 subtree is defined for fonts // // 1.3.6.1.4.1.311.41 subtree is defined for Microsoft Licensing and Registration // // 1.3.6.1.4.1.311.42 subtree is defined for Microsoft Corporate PKI (ITG) // Software Publishing (with associated encoders/decoders) // 1.3.6.1.4.1.311.2 subtree is defined for Software publishing #define SPC_INDIRECT_DATA_OBJID "1.3.6.1.4.1.311.2.1.4" #define SPC_STATEMENT_TYPE_OBJID "1.3.6.1.4.1.311.2.1.11" #define SPC_SP_OPUS_INFO_OBJID "1.3.6.1.4.1.311.2.1.12" #define SPC_PE_IMAGE_DATA_OBJID "1.3.6.1.4.1.311.2.1.15" #define SPC_SP_AGENCY_INFO_OBJID "1.3.6.1.4.1.311.2.1.10" #define SPC_MINIMAL_CRITERIA_OBJID "1.3.6.1.4.1.311.2.1.26" #define SPC_FINANCIAL_CRITERIA_OBJID "1.3.6.1.4.1.311.2.1.27" #define SPC_LINK_OBJID "1.3.6.1.4.1.311.2.1.28" #define SPC_HASH_INFO_OBJID "1.3.6.1.4.1.311.2.1.29" #define SPC_SIPINFO_OBJID "1.3.6.1.4.1.311.2.1.30" // Software Publishing (with NO associated encoders/decoders) #define SPC_CERT_EXTENSIONS_OBJID "1.3.6.1.4.1.311.2.1.14" #define SPC_RAW_FILE_DATA_OBJID "1.3.6.1.4.1.311.2.1.18" #define SPC_STRUCTURED_STORAGE_DATA_OBJID "1.3.6.1.4.1.311.2.1.19" #define SPC_JAVA_CLASS_DATA_OBJID "1.3.6.1.4.1.311.2.1.20" #define SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID "1.3.6.1.4.1.311.2.1.21" #define SPC_COMMERCIAL_SP_KEY_PURPOSE_OBJID "1.3.6.1.4.1.311.2.1.22" #define SPC_CAB_DATA_OBJID "1.3.6.1.4.1.311.2.1.25" #define SPC_GLUE_RDN_OBJID "1.3.6.1.4.1.311.2.1.25" // Duplicate number?? // CTL for Software Publishers Trusted CAs // 1.3.6.1.4.1.311.2.2 sub-subtree is defined for Software Publishing trusted CAs #define szOID_TRUSTED_CODESIGNING_CA_LIST "1.3.6.1.4.1.311.2.2.1" #define szOID_TRUSTED_CLIENT_AUTH_CA_LIST "1.3.6.1.4.1.311.2.2.2" #define szOID_TRUSTED_SERVER_AUTH_CA_LIST "1.3.6.1.4.1.311.2.2.3" // Time Stamping (with Associated encoder/decoders) // 1.3.6.1.4.1.311.3 subtree is defined for Time stamping #define SPC_TIME_STAMP_REQUEST_OBJID "1.3.6.1.4.1.311.3.2.1" // Permissions // 1.3.6.1.4.1.311.4 subtree is defined for permissions // Crypto 2.0 // 1.3.6.1.4.1.311.10 subtree is defined for Crypt 2.0 // PKCS #7 ContentType Object Identifier for Certificate Trust List (CTL) #define szOID_CTL "1.3.6.1.4.1.311.10.1" // Sorted CTL Extension #define szOID_SORTED_CTL "1.3.6.1.4.1.311.10.1.1" // Next Update Location extension or attribute. Value is an encoded // GeneralNames #define szOID_NEXT_UPDATE_LOCATION "1.3.6.1.4.1.311.10.2" // Enhanced Key Usage (Purpose) // Signer of CTLs #define szOID_KP_CTL_USAGE_SIGNING "1.3.6.1.4.1.311.10.3.1" // Signer of TimeStamps #define szOID_KP_TIME_STAMP_SIGNING "1.3.6.1.4.1.311.10.3.2" // Can use strong encryption in export environment #define szOID_SERVER_GATED_CRYPTO "1.3.6.1.4.1.311.10.3.3" #define szOID_SERIALIZED "1.3.6.1.4.1.311.10.3.3.1" // Can use encryptd file systems (EFS) #define szOID_EFS_CRYPTO "1.3.6.1.4.1.311.10.3.4" #define szOID_EFS_RECOVERY "1.3.6.1.4.1.311.10.3.4.1" // Can use Windows Hardware Compatible (WHQL) #define szOID_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.5" // Signed by the NT5 build lab #define szOID_NT5_CRYPTO "1.3.6.1.4.1.311.10.3.6" // Signed by and OEM of WHQL #define szOID_OEM_WHQL_CRYPTO "1.3.6.1.4.1.311.10.3.7" // Signed by the Embedded NT #define szOID_EMBEDDED_NT_CRYPTO "1.3.6.1.4.1.311.10.3.8" // Signer of a CTL containing trusted roots #define szOID_ROOT_LIST_SIGNER "1.3.6.1.4.1.311.10.3.9" // Can sign cross-cert and subordinate CA requests with qualified // subordination (name constraints, policy mapping, etc.) #define szOID_KP_QUALIFIED_SUBORDINATION "1.3.6.1.4.1.311.10.3.10" // Can be used to encrypt/recover escrowed keys #define szOID_KP_KEY_RECOVERY "1.3.6.1.4.1.311.10.3.11" // Signer of documents #define szOID_KP_DOCUMENT_SIGNING "1.3.6.1.4.1.311.10.3.12" // The default WinVerifyTrust Authenticode policy is to treat all time stamped // signatures as being valid forever. This OID limits the valid lifetime of the // signature to the lifetime of the certificate. This allows timestamped // signatures to expire. Normally this OID will be used in conjunction with // szOID_PKIX_KP_CODE_SIGNING to indicate new time stamp semantics should be // used. Support for this OID was added in WXP. #define szOID_KP_LIFETIME_SIGNING "1.3.6.1.4.1.311.10.3.13" // Microsoft Attribute Object Identifiers #define szOID_YESNO_TRUST_ATTR "1.3.6.1.4.1.311.10.4.1" // Microsoft Music #define szOID_DRM "1.3.6.1.4.1.311.10.5.1" // Microsoft DRM EKU #define szOID_DRM_INDIVIDUALIZATION "1.3.6.1.4.1.311.10.5.2" // Microsoft Licenses #define szOID_LICENSES "1.3.6.1.4.1.311.10.6.1" #define szOID_LICENSE_SERVER "1.3.6.1.4.1.311.10.6.2" // Microsoft CERT_RDN attribute Object Identifiers #define szOID_MICROSOFT_RDN_PREFIX "1.3.6.1.4.1.311.10.7" // Special RDN containing the KEY_ID. Its value type is CERT_RDN_OCTET_STRING. #define szOID_KEYID_RDN "1.3.6.1.4.1.311.10.7.1" // Microsoft extension in a CTL to add or remove the certificates. The // extension type is an INTEGER. 0 => add certificate, 1 => remove certificate #define szOID_REMOVE_CERTIFICATE "1.3.6.1.4.1.311.10.8.1" // Microsoft certificate extension containing cross certificate distribution // points. ASN.1 encoded as follows: // CrossCertDistPoints ::= SEQUENCE { // syncDeltaTime INTEGER (0..4294967295) OPTIONAL, // crossCertDistPointNames CrossCertDistPointNames // } --#public-- // // CrossCertDistPointNames ::= SEQUENCE OF GeneralNames #define szOID_CROSS_CERT_DIST_POINTS "1.3.6.1.4.1.311.10.9.1" // 1.3.6.1.4.1.311.10.10 subtree is defined for Microsoft CMC OIDs // Similar to szOID_CMC_ADD_EXTENSIONS. Attributes replaces Extensions. #define szOID_CMC_ADD_ATTRIBUTES "1.3.6.1.4.1.311.10.10.1" // 1.3.6.1.4.1.311.10.11 subtree is defined for Microsoft certificate // property OIDs // The OID component following the prefix contains the PROP_ID (decimal) #define szOID_CERT_PROP_ID_PREFIX "1.3.6.1.4.1.311.10.11." // 1.3.6.1.4.1.311.10.12 subtree is defined for CryptUI #define szOID_ANY_APPLICATION_POLICY "1.3.6.1.4.1.311.10.12.1" // Catalog // 1.3.6.1.4.1.311.12 subtree for Catalog #define szOID_CATALOG_LIST "1.3.6.1.4.1.311.12.1.1" #define szOID_CATALOG_LIST_MEMBER "1.3.6.1.4.1.311.12.1.2" #define CAT_NAMEVALUE_OBJID "1.3.6.1.4.1.311.12.2.1" #define CAT_MEMBERINFO_OBJID "1.3.6.1.4.1.311.12.2.2" // Microsoft PKCS10 OIDs #define szOID_RENEWAL_CERTIFICATE "1.3.6.1.4.1.311.13.1" #define szOID_ENROLLMENT_NAME_VALUE_PAIR "1.3.6.1.4.1.311.13.2.1" #define szOID_ENROLLMENT_CSP_PROVIDER "1.3.6.1.4.1.311.13.2.2" // Java // 1.3.6.1.4.1.311.15 subtree is defined for java // Microsoft Outlook/Exchange // 1.3.6.1.4.1.311.16 subtree is defined for Microsoft Outlook/Exchange // PKCS12 attributes specific to Microsoft // 1.3.6.1.4.1.311.17 subtree is defined for Microsoft PKCS12 #define szOID_LOCAL_MACHINE_KEYSET "1.3.6.1.4.1.311.17.1" // Enrollment Infastructure OIDs specific to Microsoft // 1.3.6.1.4.1.311.20 subtree is defined for Microsoft Enrollment Infastructure #define szOID_AUTO_ENROLL_CTL_USAGE "1.3.6.1.4.1.311.20.1" // // Extension contain certificate type #define szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2" #define szOID_ENROLLMENT_AGENT "1.3.6.1.4.1.311.20.2.1" #define szOID_KP_SMARTCARD_LOGON "1.3.6.1.4.1.311.20.2.2" #define szOID_NT_PRINCIPAL_NAME "1.3.6.1.4.1.311.20.2.3" #define szOID_CERT_MANIFOLD "1.3.6.1.4.1.311.20.3" // // 1.3.6.1.4.1.311.25 subtree is defined for Microsoft Directory Service #define szOID_NTDS_REPLICATION "1.3.6.1.4.1.311.25.1" // // 1.3.6.1.4.1.311.30 subtree is defined for IIS #define szOID_IIS_VIRTUAL_SERVER "1.3.6.1.4.1.311.30.1" // 1.3.6.1.4.1.311.31 subtree is defined for Windows updates and service packs #define szOID_PRODUCT_UPDATE "1.3.6.1.4.1.311.31.1" // // 1.3.6.1.4.1.311.40 subtree is defined for fonts // Definitions for OIDs can be found in // \nt\private\ntos\w32\ntgdi\fondrv\tt\mssipotf\sip\authattr.h // Microsoft CertSrv Infastructure // 1.3.6.1.4.1.311.21 subtree is defined for Microsoft CertSrv Infastructure // CerSrv (with associated encoders/decoders) #define szOID_CERTSRV_CA_VERSION "1.3.6.1.4.1.311.21.1" // // CAPICOM // 1.3.6.1.4.1.311.88 subtree is defined for Microsoft CAPICOM. #define szOID_CAPICOM "1.3.6.1.4.1.311.88" // Reserved for CAPICOM. #define szOID_CAPICOM_VERSION "1.3.6.1.4.1.311.88.1" // CAPICOM version #define szOID_CAPICOM_ATTRIBUTE "1.3.6.1.4.1.311.88.2" // CAPICOM attribute #define szOID_CAPICOM_DOCUMENT_NAME "1.3.6.1.4.1.311.88.2.1" // Document type attribute #define szOID_CAPICOM_DOCUMENT_DESCRIPTION "1.3.6.1.4.1.311.88.2.2" // Document description attribute #define szOID_CAPICOM_ENCRYPTED_DATA "1.3.6.1.4.1.311.88.3" // CAPICOM encrypted data message. #define szOID_CAPICOM_ENCRYPTED_CONTENT "1.3.6.1.4.1.311.88.3.1" // CAPICOM content of encrypted data.