

# BSI Extensions TR 3110 Version 2.01
!Alias bsi-de           0 4 0 127 0 7
bsi-de 1 2 :            standardizedDomainParameters

!Alias id-PK            bsi-de 2 2 1
id-PK 1 :               id-PK-DH
id-PK 2 :               id-PK-ECDH

bsi-de 2 2 2 :          id-TA
id-TA 1 :               id-TA-RSA
id-TA-RSA 1 :           id-TA-RSA-v1-5-SHA-1
id-TA-RSA 2 :           id-TA-RSA-v1-5-SHA-256
id-TA-RSA 3 :           id-TA-RSA-PSS-SHA-1
id-TA-RSA 4 :           id-TA-RSA-PSS-SHA-256
id-TA-RSA 5 :           id-TA-RSA-v1-5-SHA-512
id-TA-RSA 6 :           id-TA-RSA-PSS-SHA-512
id-TA 2 :               id-TA-ECDSA
id-TA-ECDSA 1 :         id-TA-ECDSA-SHA-1
id-TA-ECDSA 2 :         id-TA-ECDSA-SHA-224
id-TA-ECDSA 3 :         id-TA-ECDSA-SHA-256
id-TA-ECDSA 4 :         id-TA-ECDSA-SHA-384
id-TA-ECDSA 5 :         id-TA-ECDSA-SHA-512

!Alias id-CA            bsi-de 2 2 3
id-CA 1 :               id-CA-DH
id-CA-DH 1 :            id-CA-DH-3DES-CBC-CBC
id-CA-DH 2 :            id-CA-DH-AES-CBC-CMAC-128
id-CA-DH 3 :            id-CA-DH-AES-CBC-CMAC-192
id-CA-DH 4 :            id-CA-DH-AES-CBC-CMAC-256
id-CA 2 :               id-CA-ECDH
id-CA-ECDH 1 :          id-CA-ECDH-3DES-CBC-CBC
id-CA-ECDH 2 :          id-CA-ECDH-AES-CBC-CMAC-128
id-CA-ECDH 3 :          id-CA-ECDH-AES-CBC-CMAC-192
id-CA-ECDH 4 :          id-CA-ECDH-AES-CBC-CMAC-256

!Alias id-PACE          bsi-de 2 2 4
id-PACE 1 :             id-PACE-DH-GM
id-PACE-DH-GM 1 :       id-PACE-DH-GM-3DES-CBC-CBC
id-PACE-DH-GM 2 :       id-PACE-DH-GM-AES-CBC-CMAC-128
id-PACE-DH-GM 3 :       id-PACE-DH-GM-AES-CBC-CMAC-192
id-PACE-DH-GM 4 :       id-PACE-DH-GM-AES-CBC-CMAC-256
id-PACE 2 :             id-PACE-ECDH-GM
id-PACE-ECDH-GM 1 :     id-PACE-ECDH-GM-3DES-CBC-CBC
id-PACE-ECDH-GM 2 :     id-PACE-ECDH-GM-AES-CBC-CMAC-128
id-PACE-ECDH-GM 3 :     id-PACE-ECDH-GM-AES-CBC-CMAC-192
id-PACE-ECDH-GM 4 :     id-PACE-ECDH-GM-AES-CBC-CMAC-256
id-PACE 3 :             id-PACE-DH-IM
id-PACE-DH-IM 1 :       id-PACE-DH-IM-3DES-CBC-CBC
id-PACE-DH-IM 2 :       id-PACE-DH-IM-AES-CBC-CMAC-128
id-PACE-DH-IM 3 :       id-PACE-DH-IM-AES-CBC-CMAC-192
id-PACE-DH-IM 4 :       id-PACE-DH-IM-AES-CBC-CMAC-256
id-PACE 4 :             id-PACE-ECDH-IM
id-PACE-ECDH-IM 1 :     id-PACE-ECDH-IM-3DES-CBC-CBC
id-PACE-ECDH-IM 2 :     id-PACE-ECDH-IM-AES-CBC-CMAC-128
id-PACE-ECDH-IM 3 :     id-PACE-ECDH-IM-AES-CBC-CMAC-192
id-PACE-ECDH-IM 4 :     id-PACE-ECDH-IM-AES-CBC-CMAC-256

!Alias id-RI            bsi-de 2 2 5
id-RI 1 :               id-RI-DH
id-RI-DH 1 :            id-RI-DH-SHA-1
id-RI-DH 2 :            id-RI-DH-SHA-224
id-RI-DH 3 :            id-RI-DH-SHA-256
id-RI-DH 4 :            id-RI-DH-SHA-384
id-RI-DH 5 :            id-RI-DH-SHA-512
id-RI 2 :               id-RI-ECDH
id-RI-ECDH 1 :          id-RI-ECDH-SHA-1
id-RI-ECDH 2 :          id-RI-ECDH-SHA-224
id-RI-ECDH 3 :          id-RI-ECDH-SHA-256
id-RI-ECDH 4 :          id-RI-ECDH-SHA-384
id-RI-ECDH 5 :          id-RI-ECDH-SHA-512

bsi-de 2 2 6 :          id-CI
bsi-de 2 2 7 :          id-eIDSecurity
bsi-de 2 2 8 :          id-PT

# BSI extensions TR-03111
!Alias id-ecc   bsi-de 1 1
!Alias ecka-dh  id-ecc 5 2
ecka-dh 2 :          ecka-dh-SessionKDF
ecka-dh 2 1 :        ecka-dh-SessionKDF-DES3
ecka-dh 2 2 :        ecka-dh-SessionKDF-AES128
ecka-dh 2 3 :        ecka-dh-SessionKDF-AES192
ecka-dh 2 4 :        ecka-dh-SessionKDF-AES256

# Role OIDs for CV certificates according to 03110
!Alias id-roles bsi-de 3 1 2
id-roles 1 :    id-IS
id-roles 2 :    id-AT
id-roles 3 :    id-ST

# Description and extension OIDs from TR-03110
!Alias id-extensions bsi-de 3 1 3
id-extensions 1 :   id-description
id-description 1 :  id-plainFormat
id-description 2 :  id-htmlFormat
id-description 3 :  id-pdfFormat
id-extensions 2 :   id-sector

!Alias id-eID bsi-de 3 2
id-eID 1 :  id-SecurityObject

#Auxiliary Data OIDS
!Alias id-AuxiliaryData bsi-de 3 1 4
id-AuxiliaryData 1 :    id-DateOfBirth
id-AuxiliaryData 2 :    id-DateOfExpiry
id-AuxiliaryData 3 :    id-CommunityID
