密码算法的OID查阅

鳄鱼儿
86 阅读5分钟

一、OID 命名结构

1. 纯模式(Pure Mode)

直接对原始消息签名,OID 格式为:

id-slh-dsa-<hash-family>-<security-level><variant>

其中:

  • <hash-family>sha2shake
  • <security-level>128192256
  • <variant>s(small,优化签名长度)或 f(fast,优化签名/密钥生成速度)

示例:

  • id-slh-dsa-sha2-128s
  • id-slh-dsa-shake-256f

这些 OID 隶属于 nistAlgorithms(2.16.840.1.101.3.4.3) 下的 sigAlgs(20–31) 范围。

2. 预哈希模式(Hashed Mode)

先对消息进行指定哈希,再对摘要签名,OID 格式为:

id-hash-slh-dsa-<hash-family>-<security-level><variant>-with-<prehash-alg>

其中 <prehash-alg> 必须与安全级别匹配:

  • 128 位安全 → SHA-256 或 SHAKE128
  • 192 位安全 → SHA-384 或 SHAKE192
  • 256 位安全 → SHA-512 或 SHAKE256

示例:

  • id-hash-slh-dsa-sha2-128s-with-sha256
  • id-hash-slh-dsa-shake-256f-with-shake256

这些 OID 隶属于 nistAlgorithms.sigAlgs(2.16.840.1.101.3.4.3)35–46 范围。

二、完整 OID 列表

算法类型OID 名称完整 OID 字符串OID 层级拆解(对应原始定义)
ML-KEM(KEM)id-alg-ml-kem-5122.16.840.1.101.3.4.4.1joint-iso-ccitt(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithm(4) → kems(4) → 1
id-alg-ml-kem-7682.16.840.1.101.3.4.4.2joint-iso-ccitt(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithm(4) → kems(4) → 2
id-alg-ml-kem-10242.16.840.1.101.3.4.4.3joint-iso-ccitt(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithm(4) → kems(4) → 3
辅助算法id-alg-hkdf-with-sha2561.2.840.113549.1.9.16.3.28iso(1) → member-body(2) → us(840) → rsadsi(113549) → pkcs(1) → pkcs-9(9) → smime(16) → alg(3) → 28
id-aes128-wrap2.16.840.1.101.3.4.1.5joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → aes(1) → 5
id-aes256-wrap2.16.840.1.101.3.4.1.45joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → aes(1) → 45
ML-DSA(签名)id-ml-dsa-442.16.840.1.101.3.4.3.17joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 17
id-ml-dsa-652.16.840.1.101.3.4.3.18joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 18
id-ml-dsa-872.16.840.1.101.3.4.3.19joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 19
SLH-DSA(签名)id-slh-dsa-sha2-128s2.16.840.1.101.3.4.3.20joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 20
id-slh-dsa-sha2-128f2.16.840.1.101.3.4.3.21joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 21
id-slh-dsa-sha2-192s2.16.840.1.101.3.4.3.22joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 22
id-slh-dsa-sha2-192f2.16.840.1.101.3.4.3.23joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 23
id-slh-dsa-sha2-256s2.16.840.1.101.3.4.3.24joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 24
id-slh-dsa-sha2-256f2.16.840.1.101.3.4.3.25joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 25
id-slh-dsa-shake-128s2.16.840.1.101.3.4.3.26joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 26
id-slh-dsa-shake-128f2.16.840.1.101.3.4.3.27joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 27
id-slh-dsa-shake-192s2.16.840.1.101.3.4.3.28joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 28
id-slh-dsa-shake-192f2.16.840.1.101.3.4.3.29joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 29
id-slh-dsa-shake-256s2.16.840.1.101.3.4.3.30joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 30
id-slh-dsa-shake-256f2.16.840.1.101.3.4.3.31joint-iso-itu-t(2) → country(16) → us(840) → organization(1) → gov(101) → csor(3) → nistAlgorithms(4) → sigAlgs(3) → 31
nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
  country(16) us(840) organization(1) gov(101) csor(3)
  nistAlgorithm(4) }
  kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
    id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
    id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
    id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }

id-alg-hkdf-with-sha256 OBJECT IDENTIFIER ::= { iso(1)
  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
  smime(16) alg(3) 28 }

aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
  organization(1) gov(101) csor(3) nistAlgorithms(4) 1 }
    id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
    id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }
 
sigAlgs OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16)
  us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) 3 }
    id-ml-dsa-44 OBJECT IDENTIFIER ::= { sigAlgs 17 }
    id-ml-dsa-65 OBJECT IDENTIFIER ::= { sigAlgs 18 }
    id-ml-dsa-87 OBJECT IDENTIFIER ::= { sigAlgs 19 }

nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
  country(16) us(840) organization(1) gov(101) csor(3) 4 }
  sigAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 3 }
    id-slh-dsa-sha2-128s OBJECT IDENTIFIER ::= { sigAlgs 20 }
    id-slh-dsa-sha2-128f OBJECT IDENTIFIER ::= { sigAlgs 21 }
    id-slh-dsa-sha2-192s OBJECT IDENTIFIER ::= { sigAlgs 22 }
    id-slh-dsa-sha2-192f OBJECT IDENTIFIER ::= { sigAlgs 23 }
    id-slh-dsa-sha2-256s OBJECT IDENTIFIER ::= { sigAlgs 24 }
    id-slh-dsa-sha2-256f OBJECT IDENTIFIER ::= { sigAlgs 25 }
    id-slh-dsa-shake-128s OBJECT IDENTIFIER ::= { sigAlgs 26 }
    id-slh-dsa-shake-128f OBJECT IDENTIFIER ::= { sigAlgs 27 }
    id-slh-dsa-shake-192s OBJECT IDENTIFIER ::= { sigAlgs 28 }
    id-slh-dsa-shake-192f OBJECT IDENTIFIER ::= { sigAlgs 29 }
    id-slh-dsa-shake-256s OBJECT IDENTIFIER ::= { sigAlgs 30 }
    id-slh-dsa-shake-256f OBJECT IDENTIFIER ::= { sigAlgs 31 }

三、参考资料

avatar
文章
阅读
粉丝