update oids and some utilities

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.dpr

@@ -498,6 +498,8 @@ uses
   ClpAsn1Dumper in '..\..\CryptoLib\src\Asn1\ClpAsn1Dumper.pas',
   ClpX509CertificateParser in '..\..\CryptoLib\src\Asn1\X509\ClpX509CertificateParser.pas',
   ClpIX509CertificateParser in '..\..\CryptoLib\src\Interfaces\ClpIX509CertificateParser.pas',
+  ClpEnumUtilities in '..\..\CryptoLib\src\Utils\ClpEnumUtilities.pas',
+  ClpNoOpDigest in '..\..\CryptoLib\src\Crypto\Digests\ClpNoOpDigest.pas',
   ClpFixedSecureRandom in '..\src\Utils\ClpFixedSecureRandom.pas',
   ClpIFixedSecureRandom in '..\src\Utils\ClpIFixedSecureRandom.pas',
   ClpIShortenedDigest in '..\src\Utils\ClpIShortenedDigest.pas',

CryptoLib.Tests/src/Crypto/HMacTests.pas

@@ -305,9 +305,9 @@ begin
   DoTestHMac(TNistObjectIdentifiers.IdHMacWithSha3_512.Id, 512,
     FoutputSha3_512);
 
-  DoTestHMac(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.Id,
+  DoTestHMac(TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_256.ID,
     256, FoutputGost2012_256);
-  DoTestHMac(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.Id,
+  DoTestHMac(TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_512.ID,
     512, FoutputGost2012_512);
 
   DoTestExceptions();

CryptoLib.Tests/src/Others/DigestTests.pas

@@ -124,13 +124,13 @@ begin
     '6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4'),
     TCryptoLibStringArray.Create('BLAKE2B-512',
     'ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2b160.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2b160.ID,
     '384264f676f39536840523f284921cdc68b6846b'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2b256.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2b256.ID,
     'bddd813c634239723171ef3fee98579b94964e3bb1cb3e427262c8c068d52319'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2b384.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2b384.ID,
     '6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2b512.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2b512.ID,
     'ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923'),
     TCryptoLibStringArray.Create('BLAKE2S-128',
     'aa4938119b1dc7b87cbad0ffd200d0ae'),
@@ -140,23 +140,21 @@ begin
     '0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55'),
     TCryptoLibStringArray.Create('BLAKE2S-256',
     '508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2s128.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2s128.ID,
     'aa4938119b1dc7b87cbad0ffd200d0ae'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2s160.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2s160.ID,
     '5ae3b99be29b01834c3b508521ede60438f8de17'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2s224.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2s224.ID,
     '0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55'),
-    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.id_blake2s256.Id,
+    TCryptoLibStringArray.Create(TMiscObjectIdentifiers.IdBlake2s256.ID,
     '508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982'),
     TCryptoLibStringArray.Create('GOST3411-2012-256',
     '4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481'),
-    TCryptoLibStringArray.Create(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3411_12_256.Id,
+    TCryptoLibStringArray.Create(TRosstandartObjectIdentifiers.IdTc26Gost3411_12_256.ID,
     '4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481'),
     TCryptoLibStringArray.Create('GOST3411-2012-512',
     '28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728'),
-    TCryptoLibStringArray.Create(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3411_12_512.Id,
+    TCryptoLibStringArray.Create(TRosstandartObjectIdentifiers.IdTc26Gost3411_12_512.ID,
     '28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728'),
     TCryptoLibStringArray.Create('DSTU7564-256',
     '0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04'));

CryptoLib.Tests/src/Others/Ed25519HigherLevelTests.pas

@@ -116,13 +116,13 @@ function TTestEd25519HigherLevel.CreateSigner
 begin
   case algorithm of
     TEd25519.TEd25519Algorithm.Ed25519:
-      Result := TEd25519Signer.Create(TEd25519.Create() as IEd25519)
+      Result := TEd25519Signer.Create()
         as IEd25519Signer;
     TEd25519.TEd25519Algorithm.Ed25519ctx:
-      Result := TEd25519CtxSigner.Create(TEd25519.Create() as IEd25519, context)
+      Result := TEd25519CtxSigner.Create(context)
         as IEd25519CtxSigner;
     TEd25519.TEd25519Algorithm.Ed25519ph:
-      Result := TEd25519PhSigner.Create(TEd25519.Create() as IEd25519, context)
+      Result := TEd25519PhSigner.Create(context)
         as IEd25519PhSigner;
   else
     begin

CryptoLib.Tests/src/Others/NamedCurveTests.pas

@@ -71,7 +71,13 @@ type
     procedure SetUp; override;
     procedure TearDown; override;
   published
-    procedure TestPerform;
+    procedure TestSecCurveSect571r1;
+    procedure TestSecCurveSecp224r1;
+    procedure TestNistCurveB409;
+    procedure TestNistCurveP521;
+    procedure TestTeleTrusTCurveBrainpoolp160r1;
+    procedure TestSecNamedCurvesECDsa;
+    procedure TestTeleTrusTNamedCurvesECDsa;
   end;
 
 implementation
@@ -200,26 +206,49 @@ begin
 
 end;
 
-procedure TTestNamedCurve.TestPerform;
-var
-  name: string;
+procedure TTestNamedCurve.TestSecCurveSect571r1;
+begin
+  DoTestCurve('sect571r1');
+end;
+
+procedure TTestNamedCurve.TestSecCurveSecp224r1;
 begin
-  DoTestCurve('sect571r1'); // sec
   DoTestCurve('secp224r1');
-  DoTestCurve('B-409'); // nist
+end;
+
+procedure TTestNamedCurve.TestNistCurveB409;
+begin
+  DoTestCurve('B-409');
+end;
+
+procedure TTestNamedCurve.TestNistCurveP521;
+begin
   DoTestCurve('P-521');
-  DoTestCurve('brainpoolp160r1'); // TeleTrusT
+end;
 
+procedure TTestNamedCurve.TestTeleTrusTCurveBrainpoolp160r1;
+begin
+  DoTestCurve('brainpoolp160r1');
+end;
+
+procedure TTestNamedCurve.TestSecNamedCurvesECDsa;
+var
+  name: string;
+begin
   for name in TSecNamedCurves.Names do
   begin
     DoTestECDsa(name);
   end;
+end;
 
+procedure TTestNamedCurve.TestTeleTrusTNamedCurvesECDsa;
+var
+  name: string;
+begin
   for name in TTeleTrusTNamedCurves.Names do
   begin
     DoTestECDsa(name);
   end;
-
 end;
 
 initialization

CryptoLib/src/Asn1/Bsi/ClpBsiObjectIdentifiers.pas

@@ -26,196 +26,262 @@ uses
   ClpIAsn1Objects;
 
 type
+  /// <remarks>See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf</remarks>
   TBsiObjectIdentifiers = class abstract(TObject)
-
   strict private
-
-    /// <remarks>See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf</remarks>
-  class var
-
-    FIsBooted: Boolean;
-    Fbsi_de, Fid_ecc, Fecdsa_plain_signatures, Fecdsa_plain_SHA1,
-      Fecdsa_plain_SHA224, Fecdsa_plain_SHA256, Fecdsa_plain_SHA384,
-      Fecdsa_plain_SHA512, Fecdsa_plain_RIPEMD160, Fecdsa_plain_SHA3_224,
-      Fecdsa_plain_SHA3_256, Fecdsa_plain_SHA3_384, Fecdsa_plain_SHA3_512: IDerObjectIdentifier;
-
-    class function Getbsi_de: IDerObjectIdentifier; static; inline;
-    class function Getecdsa_plain_RIPEMD160: IDerObjectIdentifier;
-      static; inline;
-    class function Getecdsa_plain_SHA1: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA224: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA256: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA384: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA512: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA3_224: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA3_256: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA3_384: IDerObjectIdentifier; static; inline;
-    class function GetEcdsaPlain_SHA3_512: IDerObjectIdentifier; static; inline;
-    class function Getecdsa_plain_signatures: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_ecc: IDerObjectIdentifier; static; inline;
-
-    class constructor BsiObjectIdentifiers();
-
+    class var
+      FIsBooted: Boolean;
+      FBsiDe, FIdEcc, FAlgorithm, FEcdsaPlainSignatures,
+      FEcdsaPlainSha1, FEcdsaPlainSha224, FEcdsaPlainSha256, FEcdsaPlainSha384,
+      FEcdsaPlainSha512, FEcdsaPlainRipeMD160, FEcdsaPlainSha3_224,
+      FEcdsaPlainSha3_256, FEcdsaPlainSha3_384, FEcdsaPlainSha3_512,
+      FEckaEg, FEckaEgX963Kdf, FEckaEgX963KdfSha1, FEckaEgX963KdfSha224,
+      FEckaEgX963KdfSha256, FEckaEgX963KdfSha384, FEckaEgX963KdfSha512,
+      FEckaEgX963KdfRipeMD160, FEckaEgSessionKdf, FEckaEgSessionKdf3Des,
+      FEckaEgSessionKdfAes128, FEckaEgSessionKdfAes192, FEckaEgSessionKdfAes256: IDerObjectIdentifier;
+
+    class function GetBsiDe: IDerObjectIdentifier; static; inline;
+    class function GetIdEcc: IDerObjectIdentifier; static; inline;
+    class function GetAlgorithm: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSignatures: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha1: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha224: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha256: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha384: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha512: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainRipeMD160: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha3_224: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha3_256: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha3_384: IDerObjectIdentifier; static; inline;
+    class function GetEcdsaPlainSha3_512: IDerObjectIdentifier; static; inline;
+    class function GetEckaEg: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963Kdf: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfSha1: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfSha224: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfSha256: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfSha384: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfSha512: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgX963KdfRipeMD160: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgSessionKdf: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgSessionKdf3Des: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgSessionKdfAes128: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgSessionKdfAes192: IDerObjectIdentifier; static; inline;
+    class function GetEckaEgSessionKdfAes256: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-
-    class property bsi_de: IDerObjectIdentifier read Getbsi_de;
-    class property id_ecc: IDerObjectIdentifier read Getid_ecc;
-    class property ecdsa_plain_signatures: IDerObjectIdentifier
-      read Getecdsa_plain_signatures;
-    class property ecdsa_plain_SHA1: IDerObjectIdentifier
-      read Getecdsa_plain_SHA1;
-    class property EcdsaPlain_SHA224: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA224;
-    class property EcdsaPlain_SHA256: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA256;
-    class property EcdsaPlain_SHA384: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA384;
-    class property EcdsaPlain_SHA512: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA512;
-    class property ecdsa_plain_RIPEMD160: IDerObjectIdentifier
-      read Getecdsa_plain_RIPEMD160;
-    class property EcdsaPlain_SHA3_224: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA3_224;
-    class property EcdsaPlain_SHA3_256: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA3_256;
-    class property EcdsaPlain_SHA3_384: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA3_384;
-    class property EcdsaPlain_SHA3_512: IDerObjectIdentifier
-      read GetEcdsaPlain_SHA3_512;
-
-    class procedure Boot(); static;
-
+    class property BsiDe: IDerObjectIdentifier read GetBsiDe;
+    class property IdEcc: IDerObjectIdentifier read GetIdEcc;
+    class property Algorithm: IDerObjectIdentifier read GetAlgorithm;
+    class property EcdsaPlainSignatures: IDerObjectIdentifier read GetEcdsaPlainSignatures;
+    class property EcdsaPlainSha1: IDerObjectIdentifier read GetEcdsaPlainSha1;
+    class property EcdsaPlainSha224: IDerObjectIdentifier read GetEcdsaPlainSha224;
+    class property EcdsaPlainSha256: IDerObjectIdentifier read GetEcdsaPlainSha256;
+    class property EcdsaPlainSha384: IDerObjectIdentifier read GetEcdsaPlainSha384;
+    class property EcdsaPlainSha512: IDerObjectIdentifier read GetEcdsaPlainSha512;
+    class property EcdsaPlainRipeMD160: IDerObjectIdentifier read GetEcdsaPlainRipeMD160;
+    class property EcdsaPlainSha3_224: IDerObjectIdentifier read GetEcdsaPlainSha3_224;
+    class property EcdsaPlainSha3_256: IDerObjectIdentifier read GetEcdsaPlainSha3_256;
+    class property EcdsaPlainSha3_384: IDerObjectIdentifier read GetEcdsaPlainSha3_384;
+    class property EcdsaPlainSha3_512: IDerObjectIdentifier read GetEcdsaPlainSha3_512;
+    class property EckaEg: IDerObjectIdentifier read GetEckaEg;
+    class property EckaEgX963Kdf: IDerObjectIdentifier read GetEckaEgX963Kdf;
+    class property EckaEgX963KdfSha1: IDerObjectIdentifier read GetEckaEgX963KdfSha1;
+    class property EckaEgX963KdfSha224: IDerObjectIdentifier read GetEckaEgX963KdfSha224;
+    class property EckaEgX963KdfSha256: IDerObjectIdentifier read GetEckaEgX963KdfSha256;
+    class property EckaEgX963KdfSha384: IDerObjectIdentifier read GetEckaEgX963KdfSha384;
+    class property EckaEgX963KdfSha512: IDerObjectIdentifier read GetEckaEgX963KdfSha512;
+    class property EckaEgX963KdfRipeMD160: IDerObjectIdentifier read GetEckaEgX963KdfRipeMD160;
+    class property EckaEgSessionKdf: IDerObjectIdentifier read GetEckaEgSessionKdf;
+    class property EckaEgSessionKdf3Des: IDerObjectIdentifier read GetEckaEgSessionKdf3Des;
+    class property EckaEgSessionKdfAes128: IDerObjectIdentifier read GetEckaEgSessionKdfAes128;
+    class property EckaEgSessionKdfAes192: IDerObjectIdentifier read GetEckaEgSessionKdfAes192;
+    class property EckaEgSessionKdfAes256: IDerObjectIdentifier read GetEckaEgSessionKdfAes256;
+
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TBsiObjectIdentifiers }
 
+class constructor TBsiObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
 class procedure TBsiObjectIdentifiers.Boot;
 begin
   if not FIsBooted then
   begin
-    Fbsi_de := TDerObjectIdentifier.Create('0.4.0.127.0.7');
+    FBsiDe := TDerObjectIdentifier.Create('0.4.0.127.0.7');
+    FIdEcc := FBsiDe.Branch('1.1');
+    FAlgorithm := FBsiDe.Branch('1');
+
+    FEcdsaPlainSignatures := FIdEcc.Branch('4.1');
+    FEcdsaPlainSha1 := FEcdsaPlainSignatures.Branch('1');
+    FEcdsaPlainSha224 := FEcdsaPlainSignatures.Branch('2');
+    FEcdsaPlainSha256 := FEcdsaPlainSignatures.Branch('3');
+    FEcdsaPlainSha384 := FEcdsaPlainSignatures.Branch('4');
+    FEcdsaPlainSha512 := FEcdsaPlainSignatures.Branch('5');
+    FEcdsaPlainRipeMD160 := FEcdsaPlainSignatures.Branch('6');
+    FEcdsaPlainSha3_224 := FEcdsaPlainSignatures.Branch('8');
+    FEcdsaPlainSha3_256 := FEcdsaPlainSignatures.Branch('9');
+    FEcdsaPlainSha3_384 := FEcdsaPlainSignatures.Branch('10');
+    FEcdsaPlainSha3_512 := FEcdsaPlainSignatures.Branch('11');
+
+    FEckaEg := FIdEcc.Branch('5.1');
+    FEckaEgX963Kdf := FEckaEg.Branch('1');
+    FEckaEgX963KdfSha1 := FEckaEgX963Kdf.Branch('1');
+    FEckaEgX963KdfSha224 := FEckaEgX963Kdf.Branch('2');
+    FEckaEgX963KdfSha256 := FEckaEgX963Kdf.Branch('3');
+    FEckaEgX963KdfSha384 := FEckaEgX963Kdf.Branch('4');
+    FEckaEgX963KdfSha512 := FEckaEgX963Kdf.Branch('5');
+    FEckaEgX963KdfRipeMD160 := FEckaEgX963Kdf.Branch('6');
+
+    FEckaEgSessionKdf := FEckaEg.Branch('2');
+    FEckaEgSessionKdf3Des := FEckaEgSessionKdf.Branch('1');
+    FEckaEgSessionKdfAes128 := FEckaEgSessionKdf.Branch('2');
+    FEckaEgSessionKdfAes192 := FEckaEgSessionKdf.Branch('3');
+    FEckaEgSessionKdfAes256 := FEckaEgSessionKdf.Branch('4');
 
-    // /* 0.4.0.127.0.7.1.1 */
-    Fid_ecc := Fbsi_de.Branch('1.1');
+    FIsBooted := True;
+  end;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1 */
-    Fecdsa_plain_signatures := Fid_ecc.Branch('4.1');
+class function TBsiObjectIdentifiers.GetAlgorithm: IDerObjectIdentifier;
+begin
+  Result := FAlgorithm;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.1 */
-    Fecdsa_plain_SHA1 := Fecdsa_plain_signatures.Branch('1');
+class function TBsiObjectIdentifiers.GetBsiDe: IDerObjectIdentifier;
+begin
+  Result := FBsiDe;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.2 */
-    Fecdsa_plain_SHA224 := Fecdsa_plain_signatures.Branch('2');
+class function TBsiObjectIdentifiers.GetEcdsaPlainRipeMD160: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainRipeMD160;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.3 */
-    Fecdsa_plain_SHA256 := Fecdsa_plain_signatures.Branch('3');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha1: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha1;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.4 */
-    Fecdsa_plain_SHA384 := Fecdsa_plain_signatures.Branch('4');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha224: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha224;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.5 */
-    Fecdsa_plain_SHA512 := Fecdsa_plain_signatures.Branch('5');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha256: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha256;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.6 */
-    Fecdsa_plain_RIPEMD160 := Fecdsa_plain_signatures.Branch('6');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha384: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha384;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.8 */
-    Fecdsa_plain_SHA3_224 := Fecdsa_plain_signatures.Branch('8');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha512: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha512;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.9 */
-    Fecdsa_plain_SHA3_256 := Fecdsa_plain_signatures.Branch('9');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha3_224: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha3_224;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.10 */
-    Fecdsa_plain_SHA3_384 := Fecdsa_plain_signatures.Branch('10');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha3_256: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha3_256;
+end;
 
-    // /* 0.4.0.127.0.7.1.1.4.1.11 */
-    Fecdsa_plain_SHA3_512 := Fecdsa_plain_signatures.Branch('11');
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha3_384: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha3_384;
+end;
 
-    FIsBooted := True;
-  end;
+class function TBsiObjectIdentifiers.GetEcdsaPlainSha3_512: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSha3_512;
+end;
+
+class function TBsiObjectIdentifiers.GetEcdsaPlainSignatures: IDerObjectIdentifier;
+begin
+  Result := FEcdsaPlainSignatures;
 end;
 
-class constructor TBsiObjectIdentifiers.BsiObjectIdentifiers;
+class function TBsiObjectIdentifiers.GetEckaEg: IDerObjectIdentifier;
 begin
-  TBsiObjectIdentifiers.Boot;
+  Result := FEckaEg;
 end;
 
-class function TBsiObjectIdentifiers.Getbsi_de: IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgSessionKdf: IDerObjectIdentifier;
 begin
-  result := Fbsi_de;
+  Result := FEckaEgSessionKdf;
 end;
 
-class function TBsiObjectIdentifiers.Getecdsa_plain_RIPEMD160
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgSessionKdf3Des: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_RIPEMD160;
+  Result := FEckaEgSessionKdf3Des;
 end;
 
-class function TBsiObjectIdentifiers.Getecdsa_plain_SHA1: IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgSessionKdfAes128: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA1;
+  Result := FEckaEgSessionKdfAes128;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA224
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgSessionKdfAes192: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA224;
+  Result := FEckaEgSessionKdfAes192;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA256
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgSessionKdfAes256: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA256;
+  Result := FEckaEgSessionKdfAes256;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA384
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963Kdf: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA384;
+  Result := FEckaEgX963Kdf;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA512
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfRipeMD160: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA512;
+  Result := FEckaEgX963KdfRipeMD160;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA3_224
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfSha1: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA3_224;
+  Result := FEckaEgX963KdfSha1;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA3_256
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfSha224: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA3_256;
+  Result := FEckaEgX963KdfSha224;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA3_384
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfSha256: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA3_384;
+  Result := FEckaEgX963KdfSha256;
 end;
 
-class function TBsiObjectIdentifiers.GetEcdsaPlain_SHA3_512
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfSha384: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_SHA3_512;
+  Result := FEckaEgX963KdfSha384;
 end;
 
-class function TBsiObjectIdentifiers.Getecdsa_plain_signatures
-  : IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetEckaEgX963KdfSha512: IDerObjectIdentifier;
 begin
-  result := Fecdsa_plain_signatures;
+  Result := FEckaEgX963KdfSha512;
 end;
 
-class function TBsiObjectIdentifiers.Getid_ecc: IDerObjectIdentifier;
+class function TBsiObjectIdentifiers.GetIdEcc: IDerObjectIdentifier;
 begin
-  result := Fid_ecc;
+  Result := FIdEcc;
 end;
 
 end.

CryptoLib/src/Asn1/CryptLib/ClpCryptLibObjectIdentifiers.pas

@@ -27,64 +27,58 @@ uses
 
 type
   TCryptLibObjectIdentifiers = class abstract(TObject)
-
   strict private
+    class var
+      FIsBooted: Boolean;
+      FCryptlib, FEcc, FCurvey25519: IDerObjectIdentifier;
 
-  class var
-
-    FIsBooted: Boolean;
-    FCryptlib, FEcc, FCurvey25519: IDerObjectIdentifier;
-
-    class constructor CryptLibObjectIdentifiers();
-  private
     class function GetCryptlib: IDerObjectIdentifier; static; inline;
     class function GetEcc: IDerObjectIdentifier; static; inline;
     class function GetCurvey25519: IDerObjectIdentifier; static; inline;
 
+    class constructor Create;
   public
-
     class property Cryptlib: IDerObjectIdentifier read GetCryptlib;
     class property Ecc: IDerObjectIdentifier read GetEcc;
     class property Curvey25519: IDerObjectIdentifier read GetCurvey25519;
 
-    class procedure Boot(); static;
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TCryptLibObjectIdentifiers }
 
+class constructor TCryptLibObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
 class procedure TCryptLibObjectIdentifiers.Boot;
 begin
   if not FIsBooted then
   begin
     FCryptlib := TDerObjectIdentifier.Create('1.3.6.1.4.1.3029');
-
-    FEcc := Cryptlib.branch('1').branch('5');
-    FCurvey25519 := Ecc.branch('1');
+    FEcc := FCryptlib.Branch('1.5');
+    FCurvey25519 := FEcc.Branch('1');
 
     FIsBooted := True;
   end;
 end;
 
-class constructor TCryptLibObjectIdentifiers.CryptLibObjectIdentifiers;
-begin
-  TCryptLibObjectIdentifiers.Boot();
-end;
-
 class function TCryptLibObjectIdentifiers.GetCryptlib: IDerObjectIdentifier;
 begin
-  result := FCryptlib;
+  Result := FCryptlib;
 end;
 
-class function TCryptLibObjectIdentifiers.GetEcc: IDerObjectIdentifier;
+class function TCryptLibObjectIdentifiers.GetCurvey25519: IDerObjectIdentifier;
 begin
-  result := FEcc;
+  Result := FCurvey25519;
 end;
 
-class function TCryptLibObjectIdentifiers.GetCurvey25519: IDerObjectIdentifier;
+class function TCryptLibObjectIdentifiers.GetEcc: IDerObjectIdentifier;
 begin
-  result := FCurvey25519;
+  Result := FEcc;
 end;
 
 end.

CryptoLib/src/Asn1/CryptoPro/ClpCryptoProObjectIdentifiers.pas

@@ -26,336 +26,288 @@ uses
   ClpIAsn1Objects;
 
 type
-  TCryptoProObjectIdentifiers = class sealed(TObject)
-
+  /// <summary>GOST Algorithms OBJECT IDENTIFIERS : { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)}</summary>
+  TCryptoProObjectIdentifiers = class abstract(TObject)
   strict private
-
-  const
-    // GOST Algorithms OBJECT IDENTIFIERS :
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)}
-    GostID: String = '1.2.643.2.2';
-
-  class var
-
-    FIsBooted: Boolean;
-    FGostR3411, FGostR3410x2001, FGostR3410x94, FGostR28147Cbc,
-      FID_Gost28147_89_CryptoPro_A_ParamSet, FGostR3411x94CryptoProParam,
-      FGostR3411Hmac, FGostR3410x2001CryptoProA, FGostElSgDH3410Default,
-      FGostR3410x94CryptoProXchB, FGostR3410x94CryptoProXchC,
-      FGostR3411x94WithGostR3410x94, FGostR3410x94CryptoProXchA,
-      FGostR3410x94CryptoProB, FGostR3410x94CryptoProC, FGostR3410x94CryptoProA,
-      FGostR3410x94CryptoProD, FGostR3411x94CryptoProParamSet,
-      FGostR3410x2001CryptoProXchB, FGostR3411x94WithGostR3410x2001,
-      FGostR3410x2001CryptoProXchA, FGostR3410x2001CryptoProB,
-      FGostR3410x2001CryptoProC, FGostElSgDH3410x1: IDerObjectIdentifier;
-
+    class var
+      FIsBooted: Boolean;
+      FGostId, FGostR3411, FGostR3411Hmac, FIdGost28147_89NoneKeyWrap,
+      FIdGost28147_89CryptoProKeyWrap, FGostR28147Gcfb,
+      FIdGost28147_89CryptoProTestParamSet, FIdGost28147_89CryptoProAParamSet,
+      FIdGost28147_89CryptoProBParamSet, FIdGost28147_89CryptoProCParamSet,
+      FIdGost28147_89CryptoProDParamSet, FGostR3410x94, FGostR3410x2001,
+      FGostR3411x94WithGostR3410x94, FGostR3411x94WithGostR3410x2001,
+      FGostR3411x94CryptoProParamSet, FGostR3410x94CryptoProA,
+      FGostR3410x94CryptoProB, FGostR3410x94CryptoProC, FGostR3410x94CryptoProD,
+      FGostR3410x94CryptoProXchA, FGostR3410x94CryptoProXchB,
+      FGostR3410x94CryptoProXchC, FGostR3410x2001CryptoProA,
+      FGostR3410x2001CryptoProB, FGostR3410x2001CryptoProC,
+      FGostR3410x2001CryptoProXchA, FGostR3410x2001CryptoProXchB,
+      FGostR3410x2001CryptoProESDH, FGostR3410x2001DH: IDerObjectIdentifier;
+
+    class function GetGostId: IDerObjectIdentifier; static; inline;
     class function GetGostR3411: IDerObjectIdentifier; static; inline;
-
-    class function GetGostR28147Cbc: IDerObjectIdentifier; static; inline;
-    class function GetGostR3410x94: IDerObjectIdentifier; static; inline;
     class function GetGostR3411Hmac: IDerObjectIdentifier; static; inline;
-    class function GetID_Gost28147_89_CryptoPro_A_ParamSet
-      : IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89NoneKeyWrap: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProKeyWrap: IDerObjectIdentifier; static; inline;
+    class function GetGostR28147Gcfb: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProTestParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProAParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProBParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProCParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdGost28147_89CryptoProDParamSet: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94: IDerObjectIdentifier; static; inline;
     class function GetGostR3410x2001: IDerObjectIdentifier; static; inline;
-
-    class function GetGostElSgDH3410Default: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostElSgDH3410x1: IDerObjectIdentifier; static; inline;
-    class function GetGostR3410x2001CryptoProA: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x2001CryptoProB: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x2001CryptoProC: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x2001CryptoProXchA: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x2001CryptoProXchB: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProA: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProB: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProC: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProD: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProXchA: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProXchB: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3410x94CryptoProXchC: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3411x94CryptoProParam: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3411x94WithGostR3410x2001: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3411x94WithGostR3410x94: IDerObjectIdentifier;
-      static; inline;
-    class function GetGostR3411x94CryptoProParamSet: IDerObjectIdentifier;
-      static; inline;
-
-    class constructor CryptoProObjectIdentifiers();
-
+    class function GetGostR3411x94WithGostR3410x94: IDerObjectIdentifier; static; inline;
+    class function GetGostR3411x94WithGostR3410x2001: IDerObjectIdentifier; static; inline;
+    class function GetGostR3411x94CryptoProParamSet: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProA: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProB: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProC: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProD: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProXchA: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProXchB: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x94CryptoProXchC: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProA: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProB: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProC: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProXchA: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProXchB: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001CryptoProESDH: IDerObjectIdentifier; static; inline;
+    class function GetGostR3410x2001DH: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-
+    class property GostId: IDerObjectIdentifier read GetGostId;
     class property GostR3411: IDerObjectIdentifier read GetGostR3411;
     class property GostR3411Hmac: IDerObjectIdentifier read GetGostR3411Hmac;
-    class property GostR28147Cbc: IDerObjectIdentifier read GetGostR28147Cbc;
-    class property ID_Gost28147_89_CryptoPro_A_ParamSet: IDerObjectIdentifier
-      read GetID_Gost28147_89_CryptoPro_A_ParamSet;
+    class property IdGost28147_89NoneKeyWrap: IDerObjectIdentifier read GetIdGost28147_89NoneKeyWrap;
+    class property IdGost28147_89CryptoProKeyWrap: IDerObjectIdentifier read GetIdGost28147_89CryptoProKeyWrap;
+    class property GostR28147Gcfb: IDerObjectIdentifier read GetGostR28147Gcfb;
+    class property IdGost28147_89CryptoProTestParamSet: IDerObjectIdentifier read GetIdGost28147_89CryptoProTestParamSet;
+    class property IdGost28147_89CryptoProAParamSet: IDerObjectIdentifier read GetIdGost28147_89CryptoProAParamSet;
+    class property IdGost28147_89CryptoProBParamSet: IDerObjectIdentifier read GetIdGost28147_89CryptoProBParamSet;
+    class property IdGost28147_89CryptoProCParamSet: IDerObjectIdentifier read GetIdGost28147_89CryptoProCParamSet;
+    class property IdGost28147_89CryptoProDParamSet: IDerObjectIdentifier read GetIdGost28147_89CryptoProDParamSet;
     class property GostR3410x94: IDerObjectIdentifier read GetGostR3410x94;
-
     class property GostR3410x2001: IDerObjectIdentifier read GetGostR3410x2001;
-    class property GostR3411x94WithGostR3410x94: IDerObjectIdentifier
-      read GetGostR3411x94WithGostR3410x94;
-    class property GostR3411x94WithGostR3410x2001: IDerObjectIdentifier
-      read GetGostR3411x94WithGostR3410x2001;
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) }
-    class property GostR3411x94CryptoProParamSet: IDerObjectIdentifier
-      read GetGostR3411x94CryptoProParamSet;
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) }
-    class property GostR3410x94CryptoProA: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProA;
-
-    class property GostR3410x94CryptoProB: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProB;
-    class property GostR3410x94CryptoProC: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProC;
-    class property GostR3410x94CryptoProD: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProD;
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) }
-    class property GostR3410x94CryptoProXchA: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProXchA;
-    class property GostR3410x94CryptoProXchB: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProXchB;
-    class property GostR3410x94CryptoProXchC: IDerObjectIdentifier
-      read GetGostR3410x94CryptoProXchC;
-    // { iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) }
-    class property GostR3410x2001CryptoProA: IDerObjectIdentifier
-      read GetGostR3410x2001CryptoProA;
-    class property GostR3410x2001CryptoProB: IDerObjectIdentifier
-      read GetGostR3410x2001CryptoProB;
-    class property GostR3410x2001CryptoProC: IDerObjectIdentifier
-      read GetGostR3410x2001CryptoProC;
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) }
-    class property GostR3410x2001CryptoProXchA: IDerObjectIdentifier
-      read GetGostR3410x2001CryptoProXchA;
-    class property GostR3410x2001CryptoProXchB: IDerObjectIdentifier
-      read GetGostR3410x2001CryptoProXchB;
-
-    class property GostElSgDH3410Default: IDerObjectIdentifier
-      read GetGostElSgDH3410Default;
-    class property GostElSgDH3410x1: IDerObjectIdentifier
-      read GetGostElSgDH3410x1;
-
-    class property GostR3411x94CryptoProParam: IDerObjectIdentifier
-      read GetGostR3411x94CryptoProParam;
-
-    class procedure Boot(); static;
-
+    class property GostR3411x94WithGostR3410x94: IDerObjectIdentifier read GetGostR3411x94WithGostR3410x94;
+    class property GostR3411x94WithGostR3410x2001: IDerObjectIdentifier read GetGostR3411x94WithGostR3410x2001;
+    class property GostR3411x94CryptoProParamSet: IDerObjectIdentifier read GetGostR3411x94CryptoProParamSet;
+    class property GostR3410x94CryptoProA: IDerObjectIdentifier read GetGostR3410x94CryptoProA;
+    class property GostR3410x94CryptoProB: IDerObjectIdentifier read GetGostR3410x94CryptoProB;
+    class property GostR3410x94CryptoProC: IDerObjectIdentifier read GetGostR3410x94CryptoProC;
+    class property GostR3410x94CryptoProD: IDerObjectIdentifier read GetGostR3410x94CryptoProD;
+    class property GostR3410x94CryptoProXchA: IDerObjectIdentifier read GetGostR3410x94CryptoProXchA;
+    class property GostR3410x94CryptoProXchB: IDerObjectIdentifier read GetGostR3410x94CryptoProXchB;
+    class property GostR3410x94CryptoProXchC: IDerObjectIdentifier read GetGostR3410x94CryptoProXchC;
+    class property GostR3410x2001CryptoProA: IDerObjectIdentifier read GetGostR3410x2001CryptoProA;
+    class property GostR3410x2001CryptoProB: IDerObjectIdentifier read GetGostR3410x2001CryptoProB;
+    class property GostR3410x2001CryptoProC: IDerObjectIdentifier read GetGostR3410x2001CryptoProC;
+    class property GostR3410x2001CryptoProXchA: IDerObjectIdentifier read GetGostR3410x2001CryptoProXchA;
+    class property GostR3410x2001CryptoProXchB: IDerObjectIdentifier read GetGostR3410x2001CryptoProXchB;
+    class property GostR3410x2001CryptoProESDH: IDerObjectIdentifier read GetGostR3410x2001CryptoProESDH;
+    class property GostR3410x2001DH: IDerObjectIdentifier read GetGostR3410x2001DH;
+
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TCryptoProObjectIdentifiers }
 
-class function TCryptoProObjectIdentifiers.GetGostR3411: IDerObjectIdentifier;
+class constructor TCryptoProObjectIdentifiers.Create;
 begin
-  result := FGostR3411;
+  Boot;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostElSgDH3410Default
-  : IDerObjectIdentifier;
+class procedure TCryptoProObjectIdentifiers.Boot;
 begin
-  result := FGostElSgDH3410Default;
+  if not FIsBooted then
+  begin
+    FGostId := TDerObjectIdentifier.Create('1.2.643.2.2');
+    FGostR3411 := FGostId.Branch('9');
+    FGostR3411Hmac := FGostId.Branch('10');
+    FIdGost28147_89NoneKeyWrap := FGostId.Branch('13.0');
+    FIdGost28147_89CryptoProKeyWrap := FGostId.Branch('13.1');
+    FGostR28147Gcfb := FGostId.Branch('21');
+    FIdGost28147_89CryptoProTestParamSet := FGostId.Branch('31.0');
+    FIdGost28147_89CryptoProAParamSet := FGostId.Branch('31.1');
+    FIdGost28147_89CryptoProBParamSet := FGostId.Branch('31.2');
+    FIdGost28147_89CryptoProCParamSet := FGostId.Branch('31.3');
+    FIdGost28147_89CryptoProDParamSet := FGostId.Branch('31.4');
+    FGostR3410x94 := FGostId.Branch('20');
+    FGostR3410x2001 := FGostId.Branch('19');
+    FGostR3411x94WithGostR3410x94 := FGostId.Branch('4');
+    FGostR3411x94WithGostR3410x2001 := FGostId.Branch('3');
+    FGostR3411x94CryptoProParamSet := FGostId.Branch('30.1');
+    FGostR3410x94CryptoProA := FGostId.Branch('32.2');
+    FGostR3410x94CryptoProB := FGostId.Branch('32.3');
+    FGostR3410x94CryptoProC := FGostId.Branch('32.4');
+    FGostR3410x94CryptoProD := FGostId.Branch('32.5');
+    FGostR3410x94CryptoProXchA := FGostId.Branch('33.1');
+    FGostR3410x94CryptoProXchB := FGostId.Branch('33.2');
+    FGostR3410x94CryptoProXchC := FGostId.Branch('33.3');
+    FGostR3410x2001CryptoProA := FGostId.Branch('35.1');
+    FGostR3410x2001CryptoProB := FGostId.Branch('35.2');
+    FGostR3410x2001CryptoProC := FGostId.Branch('35.3');
+    FGostR3410x2001CryptoProXchA := FGostId.Branch('36.0');
+    FGostR3410x2001CryptoProXchB := FGostId.Branch('36.1');
+    FGostR3410x2001CryptoProESDH := FGostId.Branch('96');
+    FGostR3410x2001DH := FGostId.Branch('98');
+
+    FIsBooted := True;
+  end;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostElSgDH3410x1
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostId: IDerObjectIdentifier;
 begin
-  result := FGostElSgDH3410x1;
+  Result := FGostId;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR28147Cbc
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3411: IDerObjectIdentifier;
 begin
-  result := FGostR28147Cbc;
+  Result := FGostR3411;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3411Hmac: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001;
+  Result := FGostR3411Hmac;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProA
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89NoneKeyWrap: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001CryptoProA;
+  Result := FIdGost28147_89NoneKeyWrap;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProB
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProKeyWrap: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001CryptoProB;
+  Result := FIdGost28147_89CryptoProKeyWrap;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProC
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR28147Gcfb: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001CryptoProC;
+  Result := FGostR28147Gcfb;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProXchA
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProTestParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001CryptoProXchA;
+  Result := FIdGost28147_89CryptoProTestParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProXchB
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProAParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x2001CryptoProXchB;
+  Result := FIdGost28147_89CryptoProAParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProBParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94;
+  Result := FIdGost28147_89CryptoProBParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProA
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProCParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProA;
+  Result := FIdGost28147_89CryptoProCParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProB
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetIdGost28147_89CryptoProDParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProB;
+  Result := FIdGost28147_89CryptoProDParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProC
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProC;
+  Result := FGostR3410x94;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProD
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProD;
+  Result := FGostR3410x2001;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchA
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3411x94WithGostR3410x94: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProXchA;
+  Result := FGostR3411x94WithGostR3410x94;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchB
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3411x94WithGostR3410x2001: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProXchB;
+  Result := FGostR3411x94WithGostR3410x2001;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchC
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3411x94CryptoProParamSet: IDerObjectIdentifier;
 begin
-  result := FGostR3410x94CryptoProXchC;
+  Result := FGostR3411x94CryptoProParamSet;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3411Hmac
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProA: IDerObjectIdentifier;
 begin
-  result := FGostR3411Hmac;
+  Result := FGostR3410x94CryptoProA;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3411x94CryptoProParam
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProB: IDerObjectIdentifier;
 begin
-  result := FGostR3411x94CryptoProParam;
+  Result := FGostR3410x94CryptoProB;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3411x94CryptoProParamSet
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProC: IDerObjectIdentifier;
 begin
-  result := FGostR3411x94CryptoProParamSet;
+  Result := FGostR3410x94CryptoProC;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3411x94WithGostR3410x2001
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProD: IDerObjectIdentifier;
 begin
-  result := FGostR3411x94WithGostR3410x2001;
+  Result := FGostR3410x94CryptoProD;
 end;
 
-class function TCryptoProObjectIdentifiers.GetGostR3411x94WithGostR3410x94
-  : IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchA: IDerObjectIdentifier;
 begin
-  result := FGostR3411x94WithGostR3410x94;
+  Result := FGostR3410x94CryptoProXchA;
 end;
 
-class function TCryptoProObjectIdentifiers.
-  GetID_Gost28147_89_CryptoPro_A_ParamSet: IDerObjectIdentifier;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchB: IDerObjectIdentifier;
 begin
-  result := FID_Gost28147_89_CryptoPro_A_ParamSet;
+  Result := FGostR3410x94CryptoProXchB;
 end;
 
-class procedure TCryptoProObjectIdentifiers.Boot;
+class function TCryptoProObjectIdentifiers.GetGostR3410x94CryptoProXchC: IDerObjectIdentifier;
 begin
-  if not FIsBooted then
-  begin
-    FGostR3411 := TDerObjectIdentifier.Create(GostID + '.9');
-    FGostR3411Hmac := TDerObjectIdentifier.Create(GostID + '.10');
-
-    FGostR28147Cbc := TDerObjectIdentifier.Create(GostID + '.21');
-
-    FID_Gost28147_89_CryptoPro_A_ParamSet := TDerObjectIdentifier.Create
-      (GostID + '.31.1');
-
-    FGostR3410x94 := TDerObjectIdentifier.Create(GostID + '.20');
-    FGostR3410x2001 := TDerObjectIdentifier.Create(GostID + '.19');
-    FGostR3411x94WithGostR3410x94 := TDerObjectIdentifier.Create(GostID + '.4');
-    FGostR3411x94WithGostR3410x2001 := TDerObjectIdentifier.Create
-      (GostID + '.3');
-
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) }
-    FGostR3411x94CryptoProParamSet := TDerObjectIdentifier.Create
-      (GostID + '.30.1');
+  Result := FGostR3410x94CryptoProXchC;
+end;
 
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) }
-    FGostR3410x94CryptoProA := TDerObjectIdentifier.Create(GostID + '.32.2');
-    FGostR3410x94CryptoProB := TDerObjectIdentifier.Create(GostID + '.32.3');
-    FGostR3410x94CryptoProC := TDerObjectIdentifier.Create(GostID + '.32.4');
-    FGostR3410x94CryptoProD := TDerObjectIdentifier.Create(GostID + '.32.5');
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProA: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProA;
+end;
 
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) }
-    FGostR3410x94CryptoProXchA := TDerObjectIdentifier.Create(GostID + '.33.1');
-    FGostR3410x94CryptoProXchB := TDerObjectIdentifier.Create(GostID + '.33.2');
-    FGostR3410x94CryptoProXchC := TDerObjectIdentifier.Create(GostID + '.33.3');
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProB: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProB;
+end;
 
-    // { iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) }
-    FGostR3410x2001CryptoProA := TDerObjectIdentifier.Create(GostID + '.35.1');
-    FGostR3410x2001CryptoProB := TDerObjectIdentifier.Create(GostID + '.35.2');
-    FGostR3410x2001CryptoProC := TDerObjectIdentifier.Create(GostID + '.35.3');
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProC: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProC;
+end;
 
-    // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) }
-    FGostR3410x2001CryptoProXchA := TDerObjectIdentifier.Create
-      (GostID + '.36.0');
-    FGostR3410x2001CryptoProXchB := TDerObjectIdentifier.Create
-      (GostID + '.36.1');
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProXchA: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProXchA;
+end;
 
-    FGostElSgDH3410Default := TDerObjectIdentifier.Create(GostID + '.36.0');
-    FGostElSgDH3410x1 := TDerObjectIdentifier.Create(GostID + '.36.1');
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProXchB: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProXchB;
+end;
 
-    FIsBooted := True;
-  end;
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001CryptoProESDH: IDerObjectIdentifier;
+begin
+  Result := FGostR3410x2001CryptoProESDH;
 end;
 
-class constructor TCryptoProObjectIdentifiers.CryptoProObjectIdentifiers;
+class function TCryptoProObjectIdentifiers.GetGostR3410x2001DH: IDerObjectIdentifier;
 begin
-  TCryptoProObjectIdentifiers.Boot;
+  Result := FGostR3410x2001DH;
 end;
 
 end.

CryptoLib/src/Asn1/CryptoPro/ClpECGost3410NamedCurves.pas

@@ -233,7 +233,7 @@ begin
     mod_q); // q
 
   Fparameters.Add(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3410_12_256_paramSetA, ecParams);
+    IdTc26Gost3410_12_256ParamSetA, ecParams);
 
   mod_p := TBigInteger.Create
     ('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7',
@@ -260,7 +260,7 @@ begin
     mod_q); // q
 
   Fparameters.Add(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3410_12_512_paramSetA, ecParams);
+    IdTc26Gost3410_12_512ParamSetA, ecParams);
 
   mod_p := TBigInteger.Create
     ('8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006F',
@@ -287,7 +287,7 @@ begin
     mod_q); // q
 
   Fparameters.Add(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3410_12_512_paramSetB, ecParams);
+    IdTc26Gost3410_12_512ParamSetB, ecParams);
 
   mod_p := TBigInteger.Create
     ('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7',
@@ -314,7 +314,7 @@ begin
     mod_q); // q
 
   Fparameters.Add(TRosstandartObjectIdentifiers.
-    id_tc26_gost_3410_12_512_paramSetC, ecParams);
+    IdTc26Gost3410_12_512ParamSetC, ecParams);
 
   FobjIds.Add('GostR3410-2001-CryptoPro-A',
     TCryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
@@ -327,13 +327,13 @@ begin
   FobjIds.Add('GostR3410-2001-CryptoPro-XchB',
     TCryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB);
   FobjIds.Add('Tc26-Gost-3410-12-256-paramSetA',
-    TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA);
+    TRosstandartObjectIdentifiers.IdTc26Gost3410_12_256ParamSetA);
   FobjIds.Add('Tc26-Gost-3410-12-512-paramSetA',
-    TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA);
+    TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetA);
   FobjIds.Add('Tc26-Gost-3410-12-512-paramSetB',
-    TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB);
+    TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetB);
   FobjIds.Add('Tc26-Gost-3410-12-512-paramSetC',
-    TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC);
+    TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetC);
 
   Fnames.Add(TCryptoProObjectIdentifiers.GostR3410x2001CryptoProA,
     'GostR3410-2001-CryptoPro-A');
@@ -345,13 +345,13 @@ begin
     'GostR3410-2001-CryptoPro-XchA');
   Fnames.Add(TCryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB,
     'GostR3410-2001-CryptoPro-XchB');
-  Fnames.Add(TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA,
+  Fnames.Add(TRosstandartObjectIdentifiers.IdTc26Gost3410_12_256ParamSetA,
     'Tc26-Gost-3410-12-256-paramSetA');
-  Fnames.Add(TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA,
+  Fnames.Add(TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetA,
     'Tc26-Gost-3410-12-512-paramSetA');
-  Fnames.Add(TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB,
+  Fnames.Add(TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetB,
     'Tc26-Gost-3410-12-512-paramSetB');
-  Fnames.Add(TRosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC,
+  Fnames.Add(TRosstandartObjectIdentifiers.IdTc26Gost3410_12_512ParamSetC,
     'Tc26-Gost-3410-12-512-paramSetC');
 end;
 

CryptoLib/src/Asn1/Eac/ClpEacObjectIdentifiers.pas

@@ -23,125 +23,216 @@ interface
 
 uses
   ClpAsn1Objects,
+  ClpBsiObjectIdentifiers,
   ClpIAsn1Objects;
 
 type
   TEacObjectIdentifiers = class abstract(TObject)
-
   strict private
-
-  class var
-
-    FIsBooted: Boolean;
-    Fbsi_de, Fid_TA, Fid_TA_ECDSA, Fid_TA_ECDSA_SHA_1, Fid_TA_ECDSA_SHA_224,
-      Fid_TA_ECDSA_SHA_256, Fid_TA_ECDSA_SHA_384, Fid_TA_ECDSA_SHA_512
-      : IDerObjectIdentifier;
-
-    class function Getbsi_de: IDerObjectIdentifier; static; inline;
-    class function Getid_TA: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA_SHA_1: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA_SHA_224: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA_SHA_256: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA_SHA_384: IDerObjectIdentifier; static; inline;
-    class function Getid_TA_ECDSA_SHA_512: IDerObjectIdentifier; static; inline;
-
-    class constructor EacObjectIdentifiers();
-
+    class var
+      FIsBooted: Boolean;
+      FBsiDe, FIdPK, FIdPKDH, FIdPKECDH, FIdCA, FIdCADH, FIdCADH3DesCbcCbc,
+      FIdCAECDH, FIdCAECDH3DesCbcCbc, FIdTA, FIdTARsa, FIdTARsaV1_5Sha1,
+      FIdTARsaV1_5Sha256, FIdTARsaPssSha1, FIdTARsaPssSha256, FIdTAEcdsa,
+      FIdTAEcdsaSha1, FIdTAEcdsaSha224, FIdTAEcdsaSha256, FIdTAEcdsaSha384,
+      FIdTAEcdsaSha512: IDerObjectIdentifier;
+
+    class function GetBsiDe: IDerObjectIdentifier; static; inline;
+    class function GetIdPK: IDerObjectIdentifier; static; inline;
+    class function GetIdPKDH: IDerObjectIdentifier; static; inline;
+    class function GetIdPKECDH: IDerObjectIdentifier; static; inline;
+    class function GetIdCA: IDerObjectIdentifier; static; inline;
+    class function GetIdCADH: IDerObjectIdentifier; static; inline;
+    class function GetIdCADH3DesCbcCbc: IDerObjectIdentifier; static; inline;
+    class function GetIdCAECDH: IDerObjectIdentifier; static; inline;
+    class function GetIdCAECDH3DesCbcCbc: IDerObjectIdentifier; static; inline;
+    class function GetIdTA: IDerObjectIdentifier; static; inline;
+    class function GetIdTARsa: IDerObjectIdentifier; static; inline;
+    class function GetIdTARsaV1_5Sha1: IDerObjectIdentifier; static; inline;
+    class function GetIdTARsaV1_5Sha256: IDerObjectIdentifier; static; inline;
+    class function GetIdTARsaPssSha1: IDerObjectIdentifier; static; inline;
+    class function GetIdTARsaPssSha256: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsa: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsaSha1: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsaSha224: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsaSha256: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsaSha384: IDerObjectIdentifier; static; inline;
+    class function GetIdTAEcdsaSha512: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-    // bsi-de OBJECT IDENTIFIER ::= {
-    // itu-t(0) identified-organization(4) etsi(0)
-    // reserved(127) etsi-identified-organization(0) 7
-    // }
-    class property bsi_de: IDerObjectIdentifier read Getbsi_de;
-    //
-    // id-TA OBJECT IDENTIFIER ::= {
-    // bsi-de protocols(2) smartcard(2) 2
-    // }
-    class property id_TA: IDerObjectIdentifier read Getid_TA;
-    class property id_TA_ECDSA: IDerObjectIdentifier read Getid_TA_ECDSA;
-    class property id_TA_ECDSA_SHA_1: IDerObjectIdentifier
-      read Getid_TA_ECDSA_SHA_1;
-    class property id_TA_ECDSA_SHA_224: IDerObjectIdentifier
-      read Getid_TA_ECDSA_SHA_224;
-    class property id_TA_ECDSA_SHA_256: IDerObjectIdentifier
-      read Getid_TA_ECDSA_SHA_256;
-    class property id_TA_ECDSA_SHA_384: IDerObjectIdentifier
-      read Getid_TA_ECDSA_SHA_384;
-    class property id_TA_ECDSA_SHA_512: IDerObjectIdentifier
-      read Getid_TA_ECDSA_SHA_512;
-    class procedure Boot(); static;
-
+    /// <summary>bsi-de OBJECT IDENTIFIER ::= { itu-t(0) identified-organization(4) etsi(0) reserved(127) etsi-identified-organization(0) 7 }</summary>
+    class property BsiDe: IDerObjectIdentifier read GetBsiDe;
+    /// <summary>id-PK ::= { bsi-de protocols(2) smartcard(2) 1 }</summary>
+    class property IdPK: IDerObjectIdentifier read GetIdPK;
+    class property IdPKDH: IDerObjectIdentifier read GetIdPKDH;
+    class property IdPKECDH: IDerObjectIdentifier read GetIdPKECDH;
+    /// <summary>id-CA ::= { bsi-de protocols(2) smartcard(2) 3 }</summary>
+    class property IdCA: IDerObjectIdentifier read GetIdCA;
+    class property IdCADH: IDerObjectIdentifier read GetIdCADH;
+    class property IdCADH3DesCbcCbc: IDerObjectIdentifier read GetIdCADH3DesCbcCbc;
+    class property IdCAECDH: IDerObjectIdentifier read GetIdCAECDH;
+    class property IdCAECDH3DesCbcCbc: IDerObjectIdentifier read GetIdCAECDH3DesCbcCbc;
+    /// <summary>id-TA ::= { bsi-de protocols(2) smartcard(2) 2 }</summary>
+    class property IdTA: IDerObjectIdentifier read GetIdTA;
+    class property IdTARsa: IDerObjectIdentifier read GetIdTARsa;
+    class property IdTARsaV1_5Sha1: IDerObjectIdentifier read GetIdTARsaV1_5Sha1;
+    class property IdTARsaV1_5Sha256: IDerObjectIdentifier read GetIdTARsaV1_5Sha256;
+    class property IdTARsaPssSha1: IDerObjectIdentifier read GetIdTARsaPssSha1;
+    class property IdTARsaPssSha256: IDerObjectIdentifier read GetIdTARsaPssSha256;
+    class property IdTAEcdsa: IDerObjectIdentifier read GetIdTAEcdsa;
+    class property IdTAEcdsaSha1: IDerObjectIdentifier read GetIdTAEcdsaSha1;
+    class property IdTAEcdsaSha224: IDerObjectIdentifier read GetIdTAEcdsaSha224;
+    class property IdTAEcdsaSha256: IDerObjectIdentifier read GetIdTAEcdsaSha256;
+    class property IdTAEcdsaSha384: IDerObjectIdentifier read GetIdTAEcdsaSha384;
+    class property IdTAEcdsaSha512: IDerObjectIdentifier read GetIdTAEcdsaSha512;
+
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TEacObjectIdentifiers }
 
+class constructor TEacObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
 class procedure TEacObjectIdentifiers.Boot;
 begin
   if not FIsBooted then
   begin
-    Fbsi_de := TDerObjectIdentifier.Create('0.4.0.127.0.7');
-    Fid_TA := TDerObjectIdentifier.Create(Fbsi_de.ID + '.2.2.2');
-    Fid_TA_ECDSA := TDerObjectIdentifier.Create(Fid_TA.ID + '.2');
-    Fid_TA_ECDSA_SHA_1 := TDerObjectIdentifier.Create(Fid_TA_ECDSA.ID + '.1');
-    Fid_TA_ECDSA_SHA_224 := TDerObjectIdentifier.Create(Fid_TA_ECDSA.ID + '.2');
-    Fid_TA_ECDSA_SHA_256 := TDerObjectIdentifier.Create(Fid_TA_ECDSA.ID + '.3');
-    Fid_TA_ECDSA_SHA_384 := TDerObjectIdentifier.Create(Fid_TA_ECDSA.ID + '.4');
-    Fid_TA_ECDSA_SHA_512 := TDerObjectIdentifier.Create(Fid_TA_ECDSA.ID + '.5');
+    TBsiObjectIdentifiers.Boot;
+    FBsiDe := TBsiObjectIdentifiers.BsiDe;
+    FIdPK := FBsiDe.Branch('2.2.1');
+    FIdPKDH := FIdPK.Branch('1');
+    FIdPKECDH := FIdPK.Branch('2');
+    FIdCA := FBsiDe.Branch('2.2.3');
+    FIdCADH := FIdCA.Branch('1');
+    FIdCADH3DesCbcCbc := FIdCADH.Branch('1');
+    FIdCAECDH := FIdCA.Branch('2');
+    FIdCAECDH3DesCbcCbc := FIdCAECDH.Branch('1');
+    FIdTA := FBsiDe.Branch('2.2.2');
+    FIdTARsa := FIdTA.Branch('1');
+    FIdTARsaV1_5Sha1 := FIdTARsa.Branch('1');
+    FIdTARsaV1_5Sha256 := FIdTARsa.Branch('2');
+    FIdTARsaPssSha1 := FIdTARsa.Branch('3');
+    FIdTARsaPssSha256 := FIdTARsa.Branch('4');
+    FIdTAEcdsa := FIdTA.Branch('2');
+    FIdTAEcdsaSha1 := FIdTAEcdsa.Branch('1');
+    FIdTAEcdsaSha224 := FIdTAEcdsa.Branch('2');
+    FIdTAEcdsaSha256 := FIdTAEcdsa.Branch('3');
+    FIdTAEcdsaSha384 := FIdTAEcdsa.Branch('4');
+    FIdTAEcdsaSha512 := FIdTAEcdsa.Branch('5');
 
     FIsBooted := True;
   end;
 end;
 
-class constructor TEacObjectIdentifiers.EacObjectIdentifiers;
+class function TEacObjectIdentifiers.GetBsiDe: IDerObjectIdentifier;
+begin
+  Result := FBsiDe;
+end;
+
+class function TEacObjectIdentifiers.GetIdCA: IDerObjectIdentifier;
+begin
+  Result := FIdCA;
+end;
+
+class function TEacObjectIdentifiers.GetIdCADH: IDerObjectIdentifier;
+begin
+  Result := FIdCADH;
+end;
+
+class function TEacObjectIdentifiers.GetIdCADH3DesCbcCbc: IDerObjectIdentifier;
+begin
+  Result := FIdCADH3DesCbcCbc;
+end;
+
+class function TEacObjectIdentifiers.GetIdCAECDH: IDerObjectIdentifier;
+begin
+  Result := FIdCAECDH;
+end;
+
+class function TEacObjectIdentifiers.GetIdCAECDH3DesCbcCbc: IDerObjectIdentifier;
+begin
+  Result := FIdCAECDH3DesCbcCbc;
+end;
+
+class function TEacObjectIdentifiers.GetIdPK: IDerObjectIdentifier;
+begin
+  Result := FIdPK;
+end;
+
+class function TEacObjectIdentifiers.GetIdPKDH: IDerObjectIdentifier;
+begin
+  Result := FIdPKDH;
+end;
+
+class function TEacObjectIdentifiers.GetIdPKECDH: IDerObjectIdentifier;
+begin
+  Result := FIdPKECDH;
+end;
+
+class function TEacObjectIdentifiers.GetIdTA: IDerObjectIdentifier;
+begin
+  Result := FIdTA;
+end;
+
+class function TEacObjectIdentifiers.GetIdTAEcdsa: IDerObjectIdentifier;
+begin
+  Result := FIdTAEcdsa;
+end;
+
+class function TEacObjectIdentifiers.GetIdTAEcdsaSha1: IDerObjectIdentifier;
+begin
+  Result := FIdTAEcdsaSha1;
+end;
+
+class function TEacObjectIdentifiers.GetIdTAEcdsaSha224: IDerObjectIdentifier;
 begin
-  TEacObjectIdentifiers.Boot;
+  Result := FIdTAEcdsaSha224;
 end;
 
-class function TEacObjectIdentifiers.Getbsi_de: IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTAEcdsaSha256: IDerObjectIdentifier;
 begin
-  result := Fbsi_de;
+  Result := FIdTAEcdsaSha256;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA: IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTAEcdsaSha384: IDerObjectIdentifier;
 begin
-  result := Fid_TA;
+  Result := FIdTAEcdsaSha384;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA: IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTAEcdsaSha512: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA;
+  Result := FIdTAEcdsaSha512;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA_SHA_1: IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTARsa: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA_SHA_1;
+  Result := FIdTARsa;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA_SHA_224
-  : IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTARsaPssSha1: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA_SHA_224;
+  Result := FIdTARsaPssSha1;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA_SHA_256
-  : IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTARsaPssSha256: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA_SHA_256;
+  Result := FIdTARsaPssSha256;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA_SHA_384
-  : IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTARsaV1_5Sha1: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA_SHA_384;
+  Result := FIdTARsaV1_5Sha1;
 end;
 
-class function TEacObjectIdentifiers.Getid_TA_ECDSA_SHA_512
-  : IDerObjectIdentifier;
+class function TEacObjectIdentifiers.GetIdTARsaV1_5Sha256: IDerObjectIdentifier;
 begin
-  result := Fid_TA_ECDSA_SHA_512;
+  Result := FIdTARsaV1_5Sha256;
 end;
 
 end.

CryptoLib/src/Asn1/Edec/ClpEdECObjectIdentifiers.pas

@@ -26,89 +26,76 @@ uses
   ClpIAsn1Objects;
 
 type
-
-  /// <summary>
-  /// Edwards Elliptic Curve Object Identifiers (RFC 8410)
-  /// </summary>
+  /// <summary>Edwards Elliptic Curve Object Identifiers (RFC 8410)</summary>
   TEdECObjectIdentifiers = class abstract(TObject)
-
   strict private
+    class var
+      FIsBooted: Boolean;
+      FIdEdwardsCurveAlgs, FIdX25519, FIdX448, FIdEd25519, FIdEd448: IDerObjectIdentifier;
 
-  class var
-
-    FIsBooted: Boolean;
-    Fid_edwards_curve_algs, Fid_X25519, Fid_X448, Fid_Ed25519,
-      Fid_Ed448: IDerObjectIdentifier;
-
-    class constructor EdECObjectIdentifiers();
-  private
-    class function Getid_Ed25519: IDerObjectIdentifier; static; inline;
-    class function Getid_Ed448: IDerObjectIdentifier; static; inline;
-    class function Getid_edwards_curve_algs: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_X25519: IDerObjectIdentifier; static; inline;
-    class function Getid_X448: IDerObjectIdentifier; static; inline;
+    class function GetIdEdwardsCurveAlgs: IDerObjectIdentifier; static; inline;
+    class function GetIdX25519: IDerObjectIdentifier; static; inline;
+    class function GetIdX448: IDerObjectIdentifier; static; inline;
+    class function GetIdEd25519: IDerObjectIdentifier; static; inline;
+    class function GetIdEd448: IDerObjectIdentifier; static; inline;
 
+    class constructor Create;
   public
+    class property IdEdwardsCurveAlgs: IDerObjectIdentifier read GetIdEdwardsCurveAlgs;
+    class property IdX25519: IDerObjectIdentifier read GetIdX25519;
+    class property IdX448: IDerObjectIdentifier read GetIdX448;
+    class property IdEd25519: IDerObjectIdentifier read GetIdEd25519;
+    class property IdEd448: IDerObjectIdentifier read GetIdEd448;
 
-    class property id_edwards_curve_algs: IDerObjectIdentifier
-      read Getid_edwards_curve_algs;
-    class property id_X25519: IDerObjectIdentifier read Getid_X25519;
-    class property id_X448: IDerObjectIdentifier read Getid_X448;
-    class property id_Ed25519: IDerObjectIdentifier read Getid_Ed25519;
-    class property id_Ed448: IDerObjectIdentifier read Getid_Ed448;
-
-    class procedure Boot(); static;
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TEdECObjectIdentifiers }
 
+class constructor TEdECObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
 class procedure TEdECObjectIdentifiers.Boot;
 begin
   if not FIsBooted then
   begin
-    Fid_edwards_curve_algs := TDerObjectIdentifier.Create('1.3.101');
-
-    Fid_X25519 := id_edwards_curve_algs.Branch('110');
-    Fid_X448 := id_edwards_curve_algs.Branch('111');
-    Fid_Ed25519 := id_edwards_curve_algs.Branch('112');
-    Fid_Ed448 := id_edwards_curve_algs.Branch('113');
+    FIdEdwardsCurveAlgs := TDerObjectIdentifier.Create('1.3.101');
+    FIdX25519 := FIdEdwardsCurveAlgs.Branch('110');
+    FIdX448 := FIdEdwardsCurveAlgs.Branch('111');
+    FIdEd25519 := FIdEdwardsCurveAlgs.Branch('112');
+    FIdEd448 := FIdEdwardsCurveAlgs.Branch('113');
 
     FIsBooted := True;
   end;
 end;
 
-class constructor TEdECObjectIdentifiers.EdECObjectIdentifiers;
-begin
-  TEdECObjectIdentifiers.Boot();
-end;
-
-class function TEdECObjectIdentifiers.Getid_Ed25519: IDerObjectIdentifier;
+class function TEdECObjectIdentifiers.GetIdEd448: IDerObjectIdentifier;
 begin
-  result := Fid_Ed25519;
+  Result := FIdEd448;
 end;
 
-class function TEdECObjectIdentifiers.Getid_Ed448: IDerObjectIdentifier;
+class function TEdECObjectIdentifiers.GetIdEd25519: IDerObjectIdentifier;
 begin
-  result := Fid_Ed448;
+  Result := FIdEd25519;
 end;
 
-class function TEdECObjectIdentifiers.Getid_edwards_curve_algs
-  : IDerObjectIdentifier;
+class function TEdECObjectIdentifiers.GetIdEdwardsCurveAlgs: IDerObjectIdentifier;
 begin
-  result := Fid_edwards_curve_algs;
+  Result := FIdEdwardsCurveAlgs;
 end;
 
-class function TEdECObjectIdentifiers.Getid_X25519: IDerObjectIdentifier;
+class function TEdECObjectIdentifiers.GetIdX25519: IDerObjectIdentifier;
 begin
-  result := Fid_X25519;
+  Result := FIdX25519;
 end;
 
-class function TEdECObjectIdentifiers.Getid_X448: IDerObjectIdentifier;
+class function TEdECObjectIdentifiers.GetIdX448: IDerObjectIdentifier;
 begin
-  result := Fid_X448;
+  Result := FIdX448;
 end;
 
 end.

CryptoLib/src/Asn1/Iana/ClpIanaObjectIdentifiers.pas

@@ -26,94 +26,174 @@ uses
   ClpIAsn1Objects;
 
 type
+  /// <summary>{ iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things</summary>
   TIanaObjectIdentifiers = class abstract(TObject)
-
   strict private
-
-    // id-SHA1 OBJECT IDENTIFIER ::=
-    // {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1)}
-    //
-
-  class var
-    FIsBooted: Boolean;
-    FIsakmpOakley, FHmacMD5, FHmacSha1, FHmacTiger, FHmacRipeMD160
-      : IDerObjectIdentifier;
-
+    class var
+      FIsBooted: Boolean;
+      FInternet, FDirectory, FMgmt, FExperimental, FClsPrivate, FSecurity,
+      FSNMPv2, FMail, FSecurityMechanisms, FSecurityNametypes, FPkix, FIpsec,
+      FIsakmpOakley, FHmacMD5, FHmacSha1, FHmacTiger, FHmacRipeMD160: IDerObjectIdentifier;
+
+    class function GetInternet: IDerObjectIdentifier; static; inline;
+    class function GetDirectory: IDerObjectIdentifier; static; inline;
+    class function GetMgmt: IDerObjectIdentifier; static; inline;
+    class function GetExperimental: IDerObjectIdentifier; static; inline;
+    class function GetClsPrivate: IDerObjectIdentifier; static; inline;
+    class function GetSecurity: IDerObjectIdentifier; static; inline;
+    class function GetSNMPv2: IDerObjectIdentifier; static; inline;
+    class function GetMail: IDerObjectIdentifier; static; inline;
+    class function GetSecurityMechanisms: IDerObjectIdentifier; static; inline;
+    class function GetSecurityNametypes: IDerObjectIdentifier; static; inline;
+    class function GetPkix: IDerObjectIdentifier; static; inline;
+    class function GetIpsec: IDerObjectIdentifier; static; inline;
     class function GetIsakmpOakley: IDerObjectIdentifier; static; inline;
     class function GetHmacMD5: IDerObjectIdentifier; static; inline;
     class function GetHmacSha1: IDerObjectIdentifier; static; inline;
-
     class function GetHmacTiger: IDerObjectIdentifier; static; inline;
     class function GetHmacRipeMD160: IDerObjectIdentifier; static; inline;
 
-    class constructor IanaObjectIdentifiers();
-
+    class constructor Create;
   public
-
+    class property Internet: IDerObjectIdentifier read GetInternet;
+    class property Directory: IDerObjectIdentifier read GetDirectory;
+    class property Mgmt: IDerObjectIdentifier read GetMgmt;
+    class property &Experimental: IDerObjectIdentifier read GetExperimental;
+    class property ClsPrivate: IDerObjectIdentifier read GetClsPrivate;
+    class property Security: IDerObjectIdentifier read GetSecurity;
+    class property SNMPv2: IDerObjectIdentifier read GetSNMPv2;
+    class property Mail: IDerObjectIdentifier read GetMail;
+    class property SecurityMechanisms: IDerObjectIdentifier read GetSecurityMechanisms;
+    class property SecurityNametypes: IDerObjectIdentifier read GetSecurityNametypes;
+    class property Pkix: IDerObjectIdentifier read GetPkix;
+    class property Ipsec: IDerObjectIdentifier read GetIpsec;
     class property IsakmpOakley: IDerObjectIdentifier read GetIsakmpOakley;
-
     class property HmacMD5: IDerObjectIdentifier read GetHmacMD5;
-
     class property HmacSha1: IDerObjectIdentifier read GetHmacSha1;
-
     class property HmacTiger: IDerObjectIdentifier read GetHmacTiger;
-
     class property HmacRipeMD160: IDerObjectIdentifier read GetHmacRipeMD160;
 
-    class procedure Boot(); static;
-
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TIanaObjectIdentifiers }
 
+class constructor TIanaObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
+class procedure TIanaObjectIdentifiers.Boot;
+begin
+  if not FIsBooted then
+  begin
+    FInternet := TDerObjectIdentifier.Create('1.3.6.1');
+    FDirectory := FInternet.Branch('1');
+    FMgmt := FInternet.Branch('2');
+    FExperimental := FInternet.Branch('3');
+    FClsPrivate := FInternet.Branch('4');
+    FSecurity := FInternet.Branch('5');
+    FSNMPv2 := FInternet.Branch('6');
+    FMail := FInternet.Branch('7');
+    FSecurityMechanisms := FSecurity.Branch('5');
+    FSecurityNametypes := FSecurity.Branch('6');
+    FPkix := FSecurityMechanisms.Branch('7');
+    FIpsec := FSecurityMechanisms.Branch('8');
+    FIsakmpOakley := FIpsec.Branch('1');
+    FHmacMD5 := FIsakmpOakley.Branch('1');
+    FHmacSha1 := FIsakmpOakley.Branch('2');
+    FHmacTiger := FIsakmpOakley.Branch('3');
+    FHmacRipeMD160 := FIsakmpOakley.Branch('4');
+
+    FIsBooted := True;
+  end;
+end;
+
+class function TIanaObjectIdentifiers.GetClsPrivate: IDerObjectIdentifier;
+begin
+  Result := FClsPrivate;
+end;
+
+class function TIanaObjectIdentifiers.GetDirectory: IDerObjectIdentifier;
+begin
+  Result := FDirectory;
+end;
+
+class function TIanaObjectIdentifiers.GetExperimental: IDerObjectIdentifier;
+begin
+  Result := FExperimental;
+end;
+
 class function TIanaObjectIdentifiers.GetHmacMD5: IDerObjectIdentifier;
 begin
-  result := FHmacMD5;
+  Result := FHmacMD5;
 end;
 
 class function TIanaObjectIdentifiers.GetHmacRipeMD160: IDerObjectIdentifier;
 begin
-  result := FHmacRipeMD160;
+  Result := FHmacRipeMD160;
 end;
 
 class function TIanaObjectIdentifiers.GetHmacSha1: IDerObjectIdentifier;
 begin
-  result := FHmacSha1;
+  Result := FHmacSha1;
 end;
 
 class function TIanaObjectIdentifiers.GetHmacTiger: IDerObjectIdentifier;
 begin
-  result := FHmacTiger;
+  Result := FHmacTiger;
+end;
+
+class function TIanaObjectIdentifiers.GetInternet: IDerObjectIdentifier;
+begin
+  Result := FInternet;
+end;
+
+class function TIanaObjectIdentifiers.GetIpsec: IDerObjectIdentifier;
+begin
+  Result := FIpsec;
 end;
 
 class function TIanaObjectIdentifiers.GetIsakmpOakley: IDerObjectIdentifier;
 begin
-  result := FIsakmpOakley;
+  Result := FIsakmpOakley;
 end;
 
-class procedure TIanaObjectIdentifiers.Boot;
+class function TIanaObjectIdentifiers.GetMail: IDerObjectIdentifier;
 begin
-  if not FIsBooted then
-  begin
+  Result := FMail;
+end;
 
-    FIsakmpOakley := TDerObjectIdentifier.Create('1.3.6.1.5.5.8.1');
+class function TIanaObjectIdentifiers.GetMgmt: IDerObjectIdentifier;
+begin
+  Result := FMgmt;
+end;
 
-    FHmacMD5 := TDerObjectIdentifier.Create(IsakmpOakley.ID + '.1');
-    FHmacSha1 := TDerObjectIdentifier.Create(IsakmpOakley.ID + '.2');
+class function TIanaObjectIdentifiers.GetPkix: IDerObjectIdentifier;
+begin
+  Result := FPkix;
+end;
 
-    FHmacTiger := TDerObjectIdentifier.Create(IsakmpOakley.ID + '.3');
+class function TIanaObjectIdentifiers.GetSecurity: IDerObjectIdentifier;
+begin
+  Result := FSecurity;
+end;
 
-    FHmacRipeMD160 := TDerObjectIdentifier.Create(IsakmpOakley.ID + '.4');
+class function TIanaObjectIdentifiers.GetSecurityMechanisms: IDerObjectIdentifier;
+begin
+  Result := FSecurityMechanisms;
+end;
 
-    FIsBooted := True;
-  end;
+class function TIanaObjectIdentifiers.GetSecurityNametypes: IDerObjectIdentifier;
+begin
+  Result := FSecurityNametypes;
 end;
 
-class constructor TIanaObjectIdentifiers.IanaObjectIdentifiers;
+class function TIanaObjectIdentifiers.GetSNMPv2: IDerObjectIdentifier;
 begin
-  TIanaObjectIdentifiers.Boot;
+  Result := FSNMPv2;
 end;
 
 end.

CryptoLib/src/Asn1/Misc/ClpMiscObjectIdentifiers.pas

@@ -27,210 +27,404 @@ uses
 
 type
   TMiscObjectIdentifiers = class abstract(TObject)
-
   strict private
+    class var
+      FIsBooted: Boolean;
+      FNetscape, FNetscapeCertType, FNetscapeBaseUrl, FNetscapeRevocationUrl,
+      FNetscapeCARevocationUrl, FNetscapeRenewalUrl, FNetscapeCAPolicyUrl,
+      FNetscapeSslServerName, FNetscapeCertComment, FVerisign,
+      FVerisignCzagExtension, FVerisignPrivate_6_9, FVerisignOnSiteJurisdictionHash,
+      FVerisignBitString_6_13, FVerisignDnbDunsNumber, FVerisignIssStrongCrypto,
+      FNovell, FNovellSecurityAttribs, FEntrust, FEntrustVersionExtension,
+      FCast5Cbc, FHmacSha1, FAsSysSecAlgIdeaCbc, FCryptlib, FCryptlibAlgorithm,
+      FCryptlibAlgorithmBlowfishEcb, FCryptlibAlgorithmBlowfishCbc,
+      FCryptlibAlgorithmBlowfishCfb, FCryptlibAlgorithmBlowfishOfb, FBlake2,
+      FIdBlake2b160, FIdBlake2b256, FIdBlake2b384, FIdBlake2b512, FIdBlake2s128,
+      FIdBlake2s160, FIdBlake2s224, FIdBlake2s256, FBlake3, FBlake3_256,
+      FIdScrypt, FIdAlgComposite, FIdCompositeKey, FIdOraclePkcs12TrustedKeyUsage: IDerObjectIdentifier;
+
+    class function GetNetscape: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeCertType: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeBaseUrl: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeRevocationUrl: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeCARevocationUrl: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeRenewalUrl: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeCAPolicyUrl: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeSslServerName: IDerObjectIdentifier; static; inline;
+    class function GetNetscapeCertComment: IDerObjectIdentifier; static; inline;
+    class function GetVerisign: IDerObjectIdentifier; static; inline;
+    class function GetVerisignCzagExtension: IDerObjectIdentifier; static; inline;
+    class function GetVerisignPrivate_6_9: IDerObjectIdentifier; static; inline;
+    class function GetVerisignOnSiteJurisdictionHash: IDerObjectIdentifier; static; inline;
+    class function GetVerisignBitString_6_13: IDerObjectIdentifier; static; inline;
+    class function GetVerisignDnbDunsNumber: IDerObjectIdentifier; static; inline;
+    class function GetVerisignIssStrongCrypto: IDerObjectIdentifier; static; inline;
+    class function GetNovell: IDerObjectIdentifier; static; inline;
+    class function GetNovellSecurityAttribs: IDerObjectIdentifier; static; inline;
+    class function GetEntrust: IDerObjectIdentifier; static; inline;
+    class function GetEntrustVersionExtension: IDerObjectIdentifier; static; inline;
+    class function GetCast5Cbc: IDerObjectIdentifier; static; inline;
+    class function GetHmacSha1: IDerObjectIdentifier; static; inline;
+    class function GetAsSysSecAlgIdeaCbc: IDerObjectIdentifier; static; inline;
+    class function GetCryptlib: IDerObjectIdentifier; static; inline;
+    class function GetCryptlibAlgorithm: IDerObjectIdentifier; static; inline;
+    class function GetCryptlibAlgorithmBlowfishEcb: IDerObjectIdentifier; static; inline;
+    class function GetCryptlibAlgorithmBlowfishCbc: IDerObjectIdentifier; static; inline;
+    class function GetCryptlibAlgorithmBlowfishCfb: IDerObjectIdentifier; static; inline;
+    class function GetCryptlibAlgorithmBlowfishOfb: IDerObjectIdentifier; static; inline;
+    class function GetBlake2: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2b160: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2b256: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2b384: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2b512: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2s128: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2s160: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2s224: IDerObjectIdentifier; static; inline;
+    class function GetIdBlake2s256: IDerObjectIdentifier; static; inline;
+    class function GetBlake3: IDerObjectIdentifier; static; inline;
+    class function GetBlake3_256: IDerObjectIdentifier; static; inline;
+    class function GetIdScrypt: IDerObjectIdentifier; static; inline;
+    class function GetIdAlgComposite: IDerObjectIdentifier; static; inline;
+    class function GetIdCompositeKey: IDerObjectIdentifier; static; inline;
+    class function GetIdOraclePkcs12TrustedKeyUsage: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
+  public
+    class property Netscape: IDerObjectIdentifier read GetNetscape;
+    class property NetscapeCertType: IDerObjectIdentifier read GetNetscapeCertType;
+    class property NetscapeBaseUrl: IDerObjectIdentifier read GetNetscapeBaseUrl;
+    class property NetscapeRevocationUrl: IDerObjectIdentifier read GetNetscapeRevocationUrl;
+    class property NetscapeCARevocationUrl: IDerObjectIdentifier read GetNetscapeCARevocationUrl;
+    class property NetscapeRenewalUrl: IDerObjectIdentifier read GetNetscapeRenewalUrl;
+    class property NetscapeCAPolicyUrl: IDerObjectIdentifier read GetNetscapeCAPolicyUrl;
+    class property NetscapeSslServerName: IDerObjectIdentifier read GetNetscapeSslServerName;
+    class property NetscapeCertComment: IDerObjectIdentifier read GetNetscapeCertComment;
+    class property Verisign: IDerObjectIdentifier read GetVerisign;
+    class property VerisignCzagExtension: IDerObjectIdentifier read GetVerisignCzagExtension;
+    class property VerisignPrivate_6_9: IDerObjectIdentifier read GetVerisignPrivate_6_9;
+    class property VerisignOnSiteJurisdictionHash: IDerObjectIdentifier read GetVerisignOnSiteJurisdictionHash;
+    class property VerisignBitString_6_13: IDerObjectIdentifier read GetVerisignBitString_6_13;
+    class property VerisignDnbDunsNumber: IDerObjectIdentifier read GetVerisignDnbDunsNumber;
+    class property VerisignIssStrongCrypto: IDerObjectIdentifier read GetVerisignIssStrongCrypto;
+    class property Novell: IDerObjectIdentifier read GetNovell;
+    class property NovellSecurityAttribs: IDerObjectIdentifier read GetNovellSecurityAttribs;
+    class property Entrust: IDerObjectIdentifier read GetEntrust;
+    class property EntrustVersionExtension: IDerObjectIdentifier read GetEntrustVersionExtension;
+    class property Cast5Cbc: IDerObjectIdentifier read GetCast5Cbc;
+    class property HmacSha1: IDerObjectIdentifier read GetHmacSha1;
+    class property AsSysSecAlgIdeaCbc: IDerObjectIdentifier read GetAsSysSecAlgIdeaCbc;
+    class property Cryptlib: IDerObjectIdentifier read GetCryptlib;
+    class property CryptlibAlgorithm: IDerObjectIdentifier read GetCryptlibAlgorithm;
+    class property CryptlibAlgorithmBlowfishEcb: IDerObjectIdentifier read GetCryptlibAlgorithmBlowfishEcb;
+    class property CryptlibAlgorithmBlowfishCbc: IDerObjectIdentifier read GetCryptlibAlgorithmBlowfishCbc;
+    class property CryptlibAlgorithmBlowfishCfb: IDerObjectIdentifier read GetCryptlibAlgorithmBlowfishCfb;
+    class property CryptlibAlgorithmBlowfishOfb: IDerObjectIdentifier read GetCryptlibAlgorithmBlowfishOfb;
+    class property Blake2: IDerObjectIdentifier read GetBlake2;
+    class property IdBlake2b160: IDerObjectIdentifier read GetIdBlake2b160;
+    class property IdBlake2b256: IDerObjectIdentifier read GetIdBlake2b256;
+    class property IdBlake2b384: IDerObjectIdentifier read GetIdBlake2b384;
+    class property IdBlake2b512: IDerObjectIdentifier read GetIdBlake2b512;
+    class property IdBlake2s128: IDerObjectIdentifier read GetIdBlake2s128;
+    class property IdBlake2s160: IDerObjectIdentifier read GetIdBlake2s160;
+    class property IdBlake2s224: IDerObjectIdentifier read GetIdBlake2s224;
+    class property IdBlake2s256: IDerObjectIdentifier read GetIdBlake2s256;
+    class property Blake3: IDerObjectIdentifier read GetBlake3;
+    class property Blake3_256: IDerObjectIdentifier read GetBlake3_256;
+    class property IdScrypt: IDerObjectIdentifier read GetIdScrypt;
+    class property IdAlgComposite: IDerObjectIdentifier read GetIdAlgComposite;
+    class property IdCompositeKey: IDerObjectIdentifier read GetIdCompositeKey;
+    class property IdOraclePkcs12TrustedKeyUsage: IDerObjectIdentifier read GetIdOraclePkcs12TrustedKeyUsage;
+
+    class procedure Boot; static;
+  end;
 
-  class var
+implementation
 
-    FIsBooted: Boolean;
-    Fcryptlib, Fcryptlib_algorithm, Fcryptlib_algorithm_blowfish_ECB,
-      Fcryptlib_algorithm_blowfish_CBC, Fcryptlib_algorithm_blowfish_CFB,
-      Fcryptlib_algorithm_blowfish_OFB, Fblake2, Fid_blake2b160, Fid_blake2b256,
-      Fid_blake2b384, Fid_blake2b512, Fid_blake2s128, Fid_blake2s160,
-      Fid_blake2s224, Fid_blake2s256, Fid_scrypt: IDerObjectIdentifier;
+{ TMiscObjectIdentifiers }
 
-    class function Getcryptlib: IDerObjectIdentifier; static; inline;
+class constructor TMiscObjectIdentifiers.Create;
+begin
+  Boot;
+end;
 
-    class function Getcryptlib_algorithm: IDerObjectIdentifier; static; inline;
-    class function Getcryptlib_algorithm_blowfish_ECB: IDerObjectIdentifier;
-      static; inline;
-    class function Getcryptlib_algorithm_blowfish_CBC: IDerObjectIdentifier;
-      static; inline;
-    class function Getcryptlib_algorithm_blowfish_CFB: IDerObjectIdentifier;
-      static; inline;
-    class function Getcryptlib_algorithm_blowfish_OFB: IDerObjectIdentifier;
-      static; inline;
+class procedure TMiscObjectIdentifiers.Boot;
+begin
+  if not FIsBooted then
+  begin
+    FNetscape := TDerObjectIdentifier.Create('2.16.840.1.113730.1');
+    FNetscapeCertType := FNetscape.Branch('1');
+    FNetscapeBaseUrl := FNetscape.Branch('2');
+    FNetscapeRevocationUrl := FNetscape.Branch('3');
+    FNetscapeCARevocationUrl := FNetscape.Branch('4');
+    FNetscapeRenewalUrl := FNetscape.Branch('7');
+    FNetscapeCAPolicyUrl := FNetscape.Branch('8');
+    FNetscapeSslServerName := FNetscape.Branch('12');
+    FNetscapeCertComment := FNetscape.Branch('13');
+
+    FVerisign := TDerObjectIdentifier.Create('2.16.840.1.113733.1');
+    FVerisignCzagExtension := FVerisign.Branch('6.3');
+    FVerisignPrivate_6_9 := FVerisign.Branch('6.9');
+    FVerisignOnSiteJurisdictionHash := FVerisign.Branch('6.11');
+    FVerisignBitString_6_13 := FVerisign.Branch('6.13');
+    FVerisignDnbDunsNumber := FVerisign.Branch('6.15');
+    FVerisignIssStrongCrypto := FVerisign.Branch('8.1');
+
+    FNovell := TDerObjectIdentifier.Create('2.16.840.1.113719');
+    FNovellSecurityAttribs := FNovell.Branch('1.9.4.1');
+
+    FEntrust := TDerObjectIdentifier.Create('1.2.840.113533.7');
+    FEntrustVersionExtension := FEntrust.Branch('65.0');
+    FCast5Cbc := FEntrust.Branch('66.10');
+
+    FHmacSha1 := TDerObjectIdentifier.Create('1.3.6.1.5.5.8.1.2');
+    FAsSysSecAlgIdeaCbc := TDerObjectIdentifier.Create('1.3.6.1.4.1.188.7.1.1.2');
+
+    FCryptlib := TDerObjectIdentifier.Create('1.3.6.1.4.1.3029');
+    FCryptlibAlgorithm := FCryptlib.Branch('1');
+    FCryptlibAlgorithmBlowfishEcb := FCryptlibAlgorithm.Branch('1.1');
+    FCryptlibAlgorithmBlowfishCbc := FCryptlibAlgorithm.Branch('1.2');
+    FCryptlibAlgorithmBlowfishCfb := FCryptlibAlgorithm.Branch('1.3');
+    FCryptlibAlgorithmBlowfishOfb := FCryptlibAlgorithm.Branch('1.4');
+
+    FBlake2 := TDerObjectIdentifier.Create('1.3.6.1.4.1.1722.12.2');
+    FIdBlake2b160 := FBlake2.Branch('1.5');
+    FIdBlake2b256 := FBlake2.Branch('1.8');
+    FIdBlake2b384 := FBlake2.Branch('1.12');
+    FIdBlake2b512 := FBlake2.Branch('1.16');
+    FIdBlake2s128 := FBlake2.Branch('2.4');
+    FIdBlake2s160 := FBlake2.Branch('2.5');
+    FIdBlake2s224 := FBlake2.Branch('2.7');
+    FIdBlake2s256 := FBlake2.Branch('2.8');
+    FBlake3 := FBlake2.Branch('3');
+    FBlake3_256 := FBlake3.Branch('8');
+
+    FIdScrypt := TDerObjectIdentifier.Create('1.3.6.1.4.1.11591.4.11');
+    FIdAlgComposite := TDerObjectIdentifier.Create('1.3.6.1.4.1.18227.2.1');
+    FIdCompositeKey := TDerObjectIdentifier.Create('2.16.840.1.114027.80.4.1');
+    FIdOraclePkcs12TrustedKeyUsage := TDerObjectIdentifier.Create('2.16.840.1.113894.746875.1.1');
 
-    class function Getblake2: IDerObjectIdentifier; static; inline;
+    FIsBooted := True;
+  end;
+end;
 
-    class function Getid_blake2b160: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2b256: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2b384: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2b512: IDerObjectIdentifier; static; inline;
+class function TMiscObjectIdentifiers.GetAsSysSecAlgIdeaCbc: IDerObjectIdentifier;
+begin
+  Result := FAsSysSecAlgIdeaCbc;
+end;
 
-    class function Getid_blake2s128: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2s160: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2s224: IDerObjectIdentifier; static; inline;
-    class function Getid_blake2s256: IDerObjectIdentifier; static; inline;
+class function TMiscObjectIdentifiers.GetBlake2: IDerObjectIdentifier;
+begin
+  Result := FBlake2;
+end;
 
-    class function Getid_scrypt: IDerObjectIdentifier; static; inline;
+class function TMiscObjectIdentifiers.GetBlake3: IDerObjectIdentifier;
+begin
+  Result := FBlake3;
+end;
 
-    class constructor MiscObjectIdentifiers();
+class function TMiscObjectIdentifiers.GetBlake3_256: IDerObjectIdentifier;
+begin
+  Result := FBlake3_256;
+end;
 
-  public
+class function TMiscObjectIdentifiers.GetCast5Cbc: IDerObjectIdentifier;
+begin
+  Result := FCast5Cbc;
+end;
 
-    class property cryptlib: IDerObjectIdentifier read Getcryptlib;
+class function TMiscObjectIdentifiers.GetCryptlib: IDerObjectIdentifier;
+begin
+  Result := FCryptlib;
+end;
 
-    class property cryptlib_algorithm: IDerObjectIdentifier
-      read Getcryptlib_algorithm;
-    class property cryptlib_algorithm_blowfish_ECB: IDerObjectIdentifier
-      read Getcryptlib_algorithm_blowfish_ECB;
-    class property cryptlib_algorithm_blowfish_CBC: IDerObjectIdentifier
-      read Getcryptlib_algorithm_blowfish_CBC;
-    class property cryptlib_algorithm_blowfish_CFB: IDerObjectIdentifier
-      read Getcryptlib_algorithm_blowfish_CFB;
-    class property cryptlib_algorithm_blowfish_OFB: IDerObjectIdentifier
-      read Getcryptlib_algorithm_blowfish_OFB;
+class function TMiscObjectIdentifiers.GetCryptlibAlgorithm: IDerObjectIdentifier;
+begin
+  Result := FCryptlibAlgorithm;
+end;
 
-    class property blake2: IDerObjectIdentifier read Getblake2;
+class function TMiscObjectIdentifiers.GetCryptlibAlgorithmBlowfishCbc: IDerObjectIdentifier;
+begin
+  Result := FCryptlibAlgorithmBlowfishCbc;
+end;
 
-    class property id_blake2b160: IDerObjectIdentifier read Getid_blake2b160;
-    class property id_blake2b256: IDerObjectIdentifier read Getid_blake2b256;
-    class property id_blake2b384: IDerObjectIdentifier read Getid_blake2b384;
-    class property id_blake2b512: IDerObjectIdentifier read Getid_blake2b512;
+class function TMiscObjectIdentifiers.GetCryptlibAlgorithmBlowfishCfb: IDerObjectIdentifier;
+begin
+  Result := FCryptlibAlgorithmBlowfishCfb;
+end;
 
-    class property id_blake2s128: IDerObjectIdentifier read Getid_blake2s128;
-    class property id_blake2s160: IDerObjectIdentifier read Getid_blake2s160;
-    class property id_blake2s224: IDerObjectIdentifier read Getid_blake2s224;
-    class property id_blake2s256: IDerObjectIdentifier read Getid_blake2s256;
+class function TMiscObjectIdentifiers.GetCryptlibAlgorithmBlowfishEcb: IDerObjectIdentifier;
+begin
+  Result := FCryptlibAlgorithmBlowfishEcb;
+end;
 
-    class property id_scrypt: IDerObjectIdentifier read Getid_scrypt;
+class function TMiscObjectIdentifiers.GetCryptlibAlgorithmBlowfishOfb: IDerObjectIdentifier;
+begin
+  Result := FCryptlibAlgorithmBlowfishOfb;
+end;
 
-    class procedure Boot(); static;
+class function TMiscObjectIdentifiers.GetEntrust: IDerObjectIdentifier;
+begin
+  Result := FEntrust;
+end;
 
-  end;
+class function TMiscObjectIdentifiers.GetEntrustVersionExtension: IDerObjectIdentifier;
+begin
+  Result := FEntrustVersionExtension;
+end;
 
-implementation
+class function TMiscObjectIdentifiers.GetHmacSha1: IDerObjectIdentifier;
+begin
+  Result := FHmacSha1;
+end;
 
-{ TMiscObjectIdentifiers }
+class function TMiscObjectIdentifiers.GetIdAlgComposite: IDerObjectIdentifier;
+begin
+  Result := FIdAlgComposite;
+end;
 
-class function TMiscObjectIdentifiers.Getblake2: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2b160: IDerObjectIdentifier;
 begin
-  result := Fblake2;
+  Result := FIdBlake2b160;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2b256: IDerObjectIdentifier;
 begin
-  result := Fcryptlib;
+  Result := FIdBlake2b256;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib_algorithm
-  : IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2b384: IDerObjectIdentifier;
 begin
-  result := Fcryptlib_algorithm;
+  Result := FIdBlake2b384;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib_algorithm_blowfish_CBC
-  : IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2b512: IDerObjectIdentifier;
 begin
-  result := Fcryptlib_algorithm_blowfish_CBC;
+  Result := FIdBlake2b512;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib_algorithm_blowfish_CFB
-  : IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2s128: IDerObjectIdentifier;
 begin
-  result := Fcryptlib_algorithm_blowfish_CFB;
+  Result := FIdBlake2s128;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib_algorithm_blowfish_ECB
-  : IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2s160: IDerObjectIdentifier;
 begin
-  result := Fcryptlib_algorithm_blowfish_ECB;
+  Result := FIdBlake2s160;
 end;
 
-class function TMiscObjectIdentifiers.Getcryptlib_algorithm_blowfish_OFB
-  : IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2s224: IDerObjectIdentifier;
 begin
-  result := Fcryptlib_algorithm_blowfish_OFB;
+  Result := FIdBlake2s224;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2b160: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdBlake2s256: IDerObjectIdentifier;
 begin
-  result := Fid_blake2b160;
+  Result := FIdBlake2s256;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2b256: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdCompositeKey: IDerObjectIdentifier;
 begin
-  result := Fid_blake2b256;
+  Result := FIdCompositeKey;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2b384: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdOraclePkcs12TrustedKeyUsage: IDerObjectIdentifier;
 begin
-  result := Fid_blake2b384;
+  Result := FIdOraclePkcs12TrustedKeyUsage;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2b512: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetIdScrypt: IDerObjectIdentifier;
 begin
-  result := Fid_blake2b512;
+  Result := FIdScrypt;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2s128: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetNetscape: IDerObjectIdentifier;
 begin
-  result := Fid_blake2s128;
+  Result := FNetscape;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2s160: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetNetscapeBaseUrl: IDerObjectIdentifier;
 begin
-  result := Fid_blake2s160;
+  Result := FNetscapeBaseUrl;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2s224: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetNetscapeCARevocationUrl: IDerObjectIdentifier;
 begin
-  result := Fid_blake2s224;
+  Result := FNetscapeCARevocationUrl;
 end;
 
-class function TMiscObjectIdentifiers.Getid_blake2s256: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetNetscapeCAPolicyUrl: IDerObjectIdentifier;
 begin
-  result := Fid_blake2s256;
+  Result := FNetscapeCAPolicyUrl;
 end;
 
-class function TMiscObjectIdentifiers.Getid_scrypt: IDerObjectIdentifier;
+class function TMiscObjectIdentifiers.GetNetscapeCertComment: IDerObjectIdentifier;
 begin
-  result := Fid_scrypt;
+  Result := FNetscapeCertComment;
 end;
 
-class procedure TMiscObjectIdentifiers.Boot;
+class function TMiscObjectIdentifiers.GetNetscapeCertType: IDerObjectIdentifier;
 begin
+  Result := FNetscapeCertType;
+end;
 
-  if not FIsBooted then
-  begin
+class function TMiscObjectIdentifiers.GetNetscapeRenewalUrl: IDerObjectIdentifier;
+begin
+  Result := FNetscapeRenewalUrl;
+end;
+
+class function TMiscObjectIdentifiers.GetNetscapeRevocationUrl: IDerObjectIdentifier;
+begin
+  Result := FNetscapeRevocationUrl;
+end;
+
+class function TMiscObjectIdentifiers.GetNetscapeSslServerName: IDerObjectIdentifier;
+begin
+  Result := FNetscapeSslServerName;
+end;
 
-    //
-    // Peter Gutmann's Cryptlib
-    //
+class function TMiscObjectIdentifiers.GetNovell: IDerObjectIdentifier;
+begin
+  Result := FNovell;
+end;
 
-    Fcryptlib := TDerObjectIdentifier.Create('1.3.6.1.4.1.3029');
+class function TMiscObjectIdentifiers.GetNovellSecurityAttribs: IDerObjectIdentifier;
+begin
+  Result := FNovellSecurityAttribs;
+end;
 
-    Fcryptlib_algorithm := cryptlib.Branch('1');
-    Fcryptlib_algorithm_blowfish_ECB := cryptlib_algorithm.Branch('1.1');
-    Fcryptlib_algorithm_blowfish_CBC := cryptlib_algorithm.Branch('1.2');
-    Fcryptlib_algorithm_blowfish_CFB := cryptlib_algorithm.Branch('1.3');
-    Fcryptlib_algorithm_blowfish_OFB := cryptlib_algorithm.Branch('1.4');
+class function TMiscObjectIdentifiers.GetVerisign: IDerObjectIdentifier;
+begin
+  Result := FVerisign;
+end;
 
-    //
-    // Blake2b and Blake2s
-    //
-    Fblake2 := TDerObjectIdentifier.Create('1.3.6.1.4.1.1722.12.2');
+class function TMiscObjectIdentifiers.GetVerisignBitString_6_13: IDerObjectIdentifier;
+begin
+  Result := FVerisignBitString_6_13;
+end;
 
-    Fid_blake2b160 := blake2.Branch('1.5');
-    Fid_blake2b256 := blake2.Branch('1.8');
-    Fid_blake2b384 := blake2.Branch('1.12');
-    Fid_blake2b512 := blake2.Branch('1.16');
+class function TMiscObjectIdentifiers.GetVerisignCzagExtension: IDerObjectIdentifier;
+begin
+  Result := FVerisignCzagExtension;
+end;
 
-    Fid_blake2s128 := blake2.Branch('2.4');
-    Fid_blake2s160 := blake2.Branch('2.5');
-    Fid_blake2s224 := blake2.Branch('2.7');
-    Fid_blake2s256 := blake2.Branch('2.8');
+class function TMiscObjectIdentifiers.GetVerisignDnbDunsNumber: IDerObjectIdentifier;
+begin
+  Result := FVerisignDnbDunsNumber;
+end;
 
-    Fid_scrypt := TDerObjectIdentifier.Create('1.3.6.1.4.1.11591.4.11');
+class function TMiscObjectIdentifiers.GetVerisignIssStrongCrypto: IDerObjectIdentifier;
+begin
+  Result := FVerisignIssStrongCrypto;
+end;
 
-    FIsBooted := True;
-  end;
+class function TMiscObjectIdentifiers.GetVerisignOnSiteJurisdictionHash: IDerObjectIdentifier;
+begin
+  Result := FVerisignOnSiteJurisdictionHash;
 end;
 
-class constructor TMiscObjectIdentifiers.MiscObjectIdentifiers;
+class function TMiscObjectIdentifiers.GetVerisignPrivate_6_9: IDerObjectIdentifier;
 begin
-  TMiscObjectIdentifiers.Boot;
+  Result := FVerisignPrivate_6_9;
 end;
 
 end.

CryptoLib/src/Asn1/Nist/ClpNistObjectIdentifiers.pas

@@ -37,7 +37,7 @@ type
       FIdSha224, FIdSha512_224, FIdSha512_256, FIdSha3_224, FIdSha3_256,
       FIdSha3_384, FIdSha3_512, FIdShake128, FIdShake256, FIdHMacWithSha3_224,
       FIdHMacWithSha3_256, FIdHMacWithSha3_384, FIdHMacWithSha3_512, FAES,
-      FIdAES128Ecb, FIdAes128Cbc, FIdAes128Ofb, FIdAes128Cfb, FidAes192Ecb,
+      FIdAES128Ecb, FIdAes128Cbc, FIdAes128Ofb, FIdAes128Cfb, FIdAes192Ecb,
       FIdAes192Cbc, FIdAes192Ofb, FIdAes192Cfb, FIdAes256Ecb, FIdAes256Cbc,
       FIdAes256Ofb, FIdAes256Cfb, FIdDsaWithSha2, FDsaWithSha224,
       FDsaWithSha256, FDsaWithSha384, FDsaWithSha512, FIdDsaWithSha3_224,
@@ -263,7 +263,7 @@ end;
 
 class function TNistObjectIdentifiers.GetIdAes192Ecb: IDerObjectIdentifier;
 begin
-  result := FidAes192Ecb;
+  result := FIdAes192Ecb;
 end;
 
 class function TNistObjectIdentifiers.GetIdAes192Ofb: IDerObjectIdentifier;
@@ -492,7 +492,7 @@ begin
     FIdAes128Cbc := TDerObjectIdentifier.Create(AES.id + '.2');
     FIdAes128Ofb := TDerObjectIdentifier.Create(AES.id + '.3');
     FIdAes128Cfb := TDerObjectIdentifier.Create(AES.id + '.4');
-    FidAes192Ecb := TDerObjectIdentifier.Create(AES.id + '.21');
+    FIdAes192Ecb := TDerObjectIdentifier.Create(AES.ID + '.21');
     FIdAes192Cbc := TDerObjectIdentifier.Create(AES.id + '.22');
     FIdAes192Ofb := TDerObjectIdentifier.Create(AES.id + '.23');
     FIdAes192Cfb := TDerObjectIdentifier.Create(AES.id + '.24');
@@ -507,27 +507,27 @@ begin
     FSigAlgs := NistAlgorithm.Branch('3');
     FIdDsaWithSha2 := SigAlgs;
 
-    FDsaWithSha224 := TDerObjectIdentifier.Create(SigAlgs.id + '.1');
-    FDsaWithSha256 := TDerObjectIdentifier.Create(SigAlgs.id + '.2');
-    FDsaWithSha384 := TDerObjectIdentifier.Create(SigAlgs.id + '.3');
-    FDsaWithSha512 := TDerObjectIdentifier.Create(SigAlgs.id + '.4');
+    FDsaWithSha224 := TDerObjectIdentifier.Create(SigAlgs.ID + '.1');
+    FDsaWithSha256 := TDerObjectIdentifier.Create(SigAlgs.ID + '.2');
+    FDsaWithSha384 := TDerObjectIdentifier.Create(SigAlgs.ID + '.3');
+    FDsaWithSha512 := TDerObjectIdentifier.Create(SigAlgs.ID + '.4');
 
-    FIdDsaWithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.id + '.5');
-    FIdDsaWithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.id + '.6');
-    FIdDsaWithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.id + '.7');
-    FIdDsaWithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.id + '.8');
+    FIdDsaWithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.ID + '.5');
+    FIdDsaWithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.ID + '.6');
+    FIdDsaWithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.ID + '.7');
+    FIdDsaWithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.ID + '.8');
 
     // ECDSA with SHA-3
-    FIdECDsaWithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.id + '.9');
-    FIdECDsaWithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.id + '.10');
-    FIdECDsaWithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.id + '.11');
-    FIdECDsaWithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.id + '.12');
+    FIdECDsaWithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.ID + '.9');
+    FIdECDsaWithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.ID + '.10');
+    FIdECDsaWithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.ID + '.11');
+    FIdECDsaWithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.ID + '.12');
 
     // RSA PKCS #1 v1.5 Signature with SHA-3 family
-    FIdRsassaPkcs1V15WithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.id + '.13');
-    FIdRsassaPkcs1V15WithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.id + '.14');
-    FIdRsassaPkcs1V15WithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.id + '.15');
-    FIdRsassaPkcs1V15WithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.id + '.16');
+    FIdRsassaPkcs1V15WithSha3_224 := TDerObjectIdentifier.Create(SigAlgs.ID + '.13');
+    FIdRsassaPkcs1V15WithSha3_256 := TDerObjectIdentifier.Create(SigAlgs.ID + '.14');
+    FIdRsassaPkcs1V15WithSha3_384 := TDerObjectIdentifier.Create(SigAlgs.ID + '.15');
+    FIdRsassaPkcs1V15WithSha3_512 := TDerObjectIdentifier.Create(SigAlgs.ID + '.16');
 
     FIsBooted := True;
   end;

CryptoLib/src/Asn1/Oiw/ClpOiwObjectIdentifiers.pas

@@ -27,58 +27,133 @@ uses
 
 type
   TOiwObjectIdentifiers = class abstract(TObject)
-
   strict private
-
-  class var
-
-    FIsBooted: Boolean;
-    FIdSha1, FDsaWithSha1: IDerObjectIdentifier;
-
+    class var
+      FIsBooted: Boolean;
+      FMd4WithRsa, FMd5WithRsa, FMd4WithRsaEncryption, FDesEcb, FDesCbc, FDesOfb,
+      FDesCfb, FDesEde, FIdSha1, FDsaWithSha1, FSha1WithRsa, FElGamalAlgorithm: IDerObjectIdentifier;
+
+    class function GetMd4WithRsa: IDerObjectIdentifier; static; inline;
+    class function GetMd5WithRsa: IDerObjectIdentifier; static; inline;
+    class function GetMd4WithRsaEncryption: IDerObjectIdentifier; static; inline;
+    class function GetDesEcb: IDerObjectIdentifier; static; inline;
+    class function GetDesCbc: IDerObjectIdentifier; static; inline;
+    class function GetDesOfb: IDerObjectIdentifier; static; inline;
+    class function GetDesCfb: IDerObjectIdentifier; static; inline;
+    class function GetDesEde: IDerObjectIdentifier; static; inline;
     class function GetIdSha1: IDerObjectIdentifier; static; inline;
     class function GetDsaWithSha1: IDerObjectIdentifier; static; inline;
+    class function GetSha1WithRsa: IDerObjectIdentifier; static; inline;
+    class function GetElGamalAlgorithm: IDerObjectIdentifier; static; inline;
 
-    class constructor OiwObjectIdentifiers();
-
+    class constructor Create;
   public
-
-    // id-SHA1 OBJECT IDENTIFIER ::=
-    // {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }    //
+    class property Md4WithRsa: IDerObjectIdentifier read GetMd4WithRsa;
+    class property Md5WithRsa: IDerObjectIdentifier read GetMd5WithRsa;
+    class property Md4WithRsaEncryption: IDerObjectIdentifier read GetMd4WithRsaEncryption;
+    class property DesEcb: IDerObjectIdentifier read GetDesEcb;
+    class property DesCbc: IDerObjectIdentifier read GetDesCbc;
+    class property DesOfb: IDerObjectIdentifier read GetDesOfb;
+    class property DesCfb: IDerObjectIdentifier read GetDesCfb;
+    class property DesEde: IDerObjectIdentifier read GetDesEde;
+    /// <summary>id-SHA1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }</summary>
     class property IdSha1: IDerObjectIdentifier read GetIdSha1;
-
     class property DsaWithSha1: IDerObjectIdentifier read GetDsaWithSha1;
+    class property Sha1WithRsa: IDerObjectIdentifier read GetSha1WithRsa;
+    /// <summary>ElGamal Algorithm OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 }</summary>
+    class property ElGamalAlgorithm: IDerObjectIdentifier read GetElGamalAlgorithm;
 
-    class procedure Boot(); static;
-
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TOiwObjectIdentifiers }
 
+class constructor TOiwObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
 class procedure TOiwObjectIdentifiers.Boot;
 begin
   if not FIsBooted then
   begin
+    FMd4WithRsa := TDerObjectIdentifier.Create('1.3.14.3.2.2');
+    FMd5WithRsa := TDerObjectIdentifier.Create('1.3.14.3.2.3');
+    FMd4WithRsaEncryption := TDerObjectIdentifier.Create('1.3.14.3.2.4');
+    FDesEcb := TDerObjectIdentifier.Create('1.3.14.3.2.6');
+    FDesCbc := TDerObjectIdentifier.Create('1.3.14.3.2.7');
+    FDesOfb := TDerObjectIdentifier.Create('1.3.14.3.2.8');
+    FDesCfb := TDerObjectIdentifier.Create('1.3.14.3.2.9');
+    FDesEde := TDerObjectIdentifier.Create('1.3.14.3.2.17');
     FIdSha1 := TDerObjectIdentifier.Create('1.3.14.3.2.26');
     FDsaWithSha1 := TDerObjectIdentifier.Create('1.3.14.3.2.27');
+    FSha1WithRsa := TDerObjectIdentifier.Create('1.3.14.3.2.29');
+    FElGamalAlgorithm := TDerObjectIdentifier.Create('1.3.14.7.2.1.1');
+
     FIsBooted := True;
   end;
 end;
 
+class function TOiwObjectIdentifiers.GetDesCbc: IDerObjectIdentifier;
+begin
+  Result := FDesCbc;
+end;
+
+class function TOiwObjectIdentifiers.GetDesCfb: IDerObjectIdentifier;
+begin
+  Result := FDesCfb;
+end;
+
+class function TOiwObjectIdentifiers.GetDesEcb: IDerObjectIdentifier;
+begin
+  Result := FDesEcb;
+end;
+
+class function TOiwObjectIdentifiers.GetDesEde: IDerObjectIdentifier;
+begin
+  Result := FDesEde;
+end;
+
+class function TOiwObjectIdentifiers.GetDesOfb: IDerObjectIdentifier;
+begin
+  Result := FDesOfb;
+end;
+
 class function TOiwObjectIdentifiers.GetDsaWithSha1: IDerObjectIdentifier;
 begin
   Result := FDsaWithSha1;
 end;
 
+class function TOiwObjectIdentifiers.GetElGamalAlgorithm: IDerObjectIdentifier;
+begin
+  Result := FElGamalAlgorithm;
+end;
+
 class function TOiwObjectIdentifiers.GetIdSha1: IDerObjectIdentifier;
 begin
   Result := FIdSha1;
 end;
 
-class constructor TOiwObjectIdentifiers.OiwObjectIdentifiers;
+class function TOiwObjectIdentifiers.GetMd4WithRsa: IDerObjectIdentifier;
+begin
+  Result := FMd4WithRsa;
+end;
+
+class function TOiwObjectIdentifiers.GetMd4WithRsaEncryption: IDerObjectIdentifier;
+begin
+  Result := FMd4WithRsaEncryption;
+end;
+
+class function TOiwObjectIdentifiers.GetMd5WithRsa: IDerObjectIdentifier;
+begin
+  Result := FMd5WithRsa;
+end;
+
+class function TOiwObjectIdentifiers.GetSha1WithRsa: IDerObjectIdentifier;
 begin
-  TOiwObjectIdentifiers.Boot;
+  Result := FSha1WithRsa;
 end;
 
 end.

CryptoLib/src/Asn1/Pkcs/ClpPkcs10CertificationRequest.pas

@@ -234,18 +234,18 @@ begin
   FAlgorithms.Add('SHA3-256WITHECDSA', TNistObjectIdentifiers.IdECDsaWithSha3_256);
   FAlgorithms.Add('SHA3-384WITHECDSA', TNistObjectIdentifiers.IdECDsaWithSha3_384);
   FAlgorithms.Add('SHA3-512WITHECDSA', TNistObjectIdentifiers.IdECDsaWithSha3_512);
-  FAlgorithms.Add('SHA1WITHPLAIN-ECDSA', TBsiObjectIdentifiers.ecdsa_plain_SHA1);
-  FAlgorithms.Add('SHA224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA224);
-  FAlgorithms.Add('SHA256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA256);
-  FAlgorithms.Add('SHA384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA384);
-  FAlgorithms.Add('SHA512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA512);
-  FAlgorithms.Add('RIPEMD160WITHPLAIN-ECDSA', TBsiObjectIdentifiers.ecdsa_plain_RIPEMD160);
-  FAlgorithms.Add('SHA3-224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_224);
-  FAlgorithms.Add('SHA3-256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_256);
-  FAlgorithms.Add('SHA3-384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_384);
-  FAlgorithms.Add('SHA3-512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_512);
-  FAlgorithms.Add('Ed25519', TEdECObjectIdentifiers.id_Ed25519);
-  FAlgorithms.Add('Ed448', TEdECObjectIdentifiers.id_Ed448);
+  FAlgorithms.Add('SHA1WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha1);
+  FAlgorithms.Add('SHA224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha224);
+  FAlgorithms.Add('SHA256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha256);
+  FAlgorithms.Add('SHA384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha384);
+  FAlgorithms.Add('SHA512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha512);
+  FAlgorithms.Add('RIPEMD160WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainRipeMD160);
+  FAlgorithms.Add('SHA3-224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_224);
+  FAlgorithms.Add('SHA3-256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_256);
+  FAlgorithms.Add('SHA3-384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_384);
+  FAlgorithms.Add('SHA3-512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_512);
+  FAlgorithms.Add('Ed25519', TEdECObjectIdentifiers.IdEd25519);
+  FAlgorithms.Add('Ed448', TEdECObjectIdentifiers.IdEd448);
 
   // FKeyAlgorithms
   FKeyAlgorithms.Add(TPkcsObjectIdentifiers.RsaEncryption, 'RSA');
@@ -271,18 +271,18 @@ begin
   FNoParams.Add(TNistObjectIdentifiers.IdECDsaWithSha3_256, True);
   FNoParams.Add(TNistObjectIdentifiers.IdECDsaWithSha3_384, True);
   FNoParams.Add(TNistObjectIdentifiers.IdECDsaWithSha3_512, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA224, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA256, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA384, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA512, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA3_224, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA3_256, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA3_384, True);
-  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA3_512, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha224, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha256, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha384, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha512, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha3_224, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha3_256, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha3_384, True);
+  FNoParams.Add(TBsiObjectIdentifiers.EcdsaPlainSha3_512, True);
   FNoParams.Add(TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, True);
   FNoParams.Add(TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, True);
-  FNoParams.Add(TEdECObjectIdentifiers.id_Ed25519, True);
-  FNoParams.Add(TEdECObjectIdentifiers.id_Ed448, True);
+  FNoParams.Add(TEdECObjectIdentifiers.IdEd25519, True);
+  FNoParams.Add(TEdECObjectIdentifiers.IdEd448, True);
 
   // FExParams (PSS)
   LSha1AlgId := TAlgorithmIdentifier.Create(TOiwObjectIdentifiers.IdSha1, TDerNull.Instance);

CryptoLib/src/Asn1/RossStandart/ClpRosstandartObjectIdentifiers.pas

@@ -28,286 +28,226 @@ uses
 type
   TRosstandartObjectIdentifiers = class abstract(TObject)
   strict private
-
-  class var
-
-    FIsBooted: Boolean;
-    Frosstandart, Fid_tc26_gost_3410_12_512_paramSetC,
-      Fid_tc26_gost_3410_12_512_paramSetA, Fid_tc26_gost_28147_param_Z,
-      Fid_tc26_gost_3410_12_256_paramSetA, Fid_tc26_hmac_gost_3411_12_512,
-      Fid_tc26_hmac_gost_3411_12_256, Fid_tc26_agreement_gost_3410_12_512,
-      Fid_tc26_agreement_gost_3410_12_256, Fid_tc26_agreement,
-      Fid_tc26_signwithdigest_gost_3410_12_512,
-      Fid_tc26_signwithdigest_gost_3410_12_256, Fid_tc26_gost_3410_12_512,
-      Fid_tc26_gost_3410_12_512_paramSet, Fid_tc26_gost_3410_12_256,
-      Fid_tc26_gost_3411_12_512, Fid_tc26_gost_3410_12_256_paramSet,
-      Fid_tc26_gost_3411_12_256, Fid_tc26, Fid_tc26_gost_3410_12_512_paramSetB
-      : IDerObjectIdentifier;
-
-    class function Getid_tc26: IDerObjectIdentifier; static; inline;
-    class function Getid_tc26_agreement: IDerObjectIdentifier; static; inline;
-    class function Getid_tc26_agreement_gost_3410_12_256: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_agreement_gost_3410_12_512: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_28147_param_Z: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_256: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_256_paramSet: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_256_paramSetA: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_512: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_512_paramSet: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_512_paramSetA: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_512_paramSetB: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3410_12_512_paramSetC: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3411_12_256: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_gost_3411_12_512: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_hmac_gost_3411_12_256: IDerObjectIdentifier;
-      static; inline;
-    class function Getid_tc26_hmac_gost_3411_12_512: IDerObjectIdentifier;
-      static; inline;
-    class function GetIdTc26SignWithDigestGost3410_12_256
-      : IDerObjectIdentifier; static; inline;
-    class function GetIdTc26SignWithDigestGost3410_12_512
-      : IDerObjectIdentifier; static; inline;
-    class function Getrosstandart: IDerObjectIdentifier; static; inline;
-
-    class constructor RosstandartObjectIdentifiers();
-
+    class var
+      FIsBooted: Boolean;
+      FRosstandart, FIdTc26, FIdTc26Gost3411_12_256, FIdTc26Gost3411_12_512,
+      FIdTc26HmacGost3411_12_256, FIdTc26HmacGost3411_12_512,
+      FIdTc26Gost3410_12_256, FIdTc26Gost3410_12_512,
+      FIdTc26SignwithdigestGost3410_12_256, FIdTc26SignwithdigestGost3410_12_512,
+      FIdTc26Agreement, FIdTc26AgreementGost3410_12_256, FIdTc26AgreementGost3410_12_512,
+      FIdTc26Gost3410_12_256ParamSet, FIdTc26Gost3410_12_256ParamSetA,
+      FIdTc26Gost3410_12_256ParamSetB, FIdTc26Gost3410_12_256ParamSetC,
+      FIdTc26Gost3410_12_256ParamSetD, FIdTc26Gost3410_12_512ParamSet,
+      FIdTc26Gost3410_12_512ParamSetA, FIdTc26Gost3410_12_512ParamSetB,
+      FIdTc26Gost3410_12_512ParamSetC, FIdTc26Gost28147ParamZ: IDerObjectIdentifier;
+
+    class function GetRosstandart: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3411_12_256: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3411_12_512: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26HmacGost3411_12_256: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26HmacGost3411_12_512: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_512: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26SignwithdigestGost3410_12_256: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26SignwithdigestGost3410_12_512: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Agreement: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26AgreementGost3410_12_256: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26AgreementGost3410_12_512: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256ParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256ParamSetA: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256ParamSetB: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256ParamSetC: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_256ParamSetD: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_512ParamSet: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_512ParamSetA: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_512ParamSetB: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost3410_12_512ParamSetC: IDerObjectIdentifier; static; inline;
+    class function GetIdTc26Gost28147ParamZ: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-    class property rosstandart: IDerObjectIdentifier read Getrosstandart;
-    class property id_tc26: IDerObjectIdentifier read Getid_tc26;
-    class property id_tc26_gost_3411_12_256: IDerObjectIdentifier
-      read Getid_tc26_gost_3411_12_256;
-    class property id_tc26_gost_3411_12_512: IDerObjectIdentifier
-      read Getid_tc26_gost_3411_12_512;
-    class property id_tc26_hmac_gost_3411_12_256: IDerObjectIdentifier
-      read Getid_tc26_hmac_gost_3411_12_256;
-    class property id_tc26_hmac_gost_3411_12_512: IDerObjectIdentifier
-      read Getid_tc26_hmac_gost_3411_12_512;
-    class property id_tc26_gost_3410_12_256: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_256;
-    class property id_tc26_gost_3410_12_512: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_512;
-    class property IdTc26SignWithDigestGost3410_12_256: IDerObjectIdentifier
-      read GetIdTc26SignWithDigestGost3410_12_256;
-    class property IdTc26SignWithDigestGost3410_12_512: IDerObjectIdentifier
-      read GetIdTc26SignWithDigestGost3410_12_512;
-    class property id_tc26_agreement: IDerObjectIdentifier
-      read Getid_tc26_agreement;
-    class property id_tc26_agreement_gost_3410_12_256: IDerObjectIdentifier
-      read Getid_tc26_agreement_gost_3410_12_256;
-    class property id_tc26_agreement_gost_3410_12_512: IDerObjectIdentifier
-      read Getid_tc26_agreement_gost_3410_12_512;
-    class property id_tc26_gost_3410_12_256_paramSet: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_256_paramSet;
-    class property id_tc26_gost_3410_12_256_paramSetA: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_256_paramSetA;
-    class property id_tc26_gost_3410_12_512_paramSet: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_512_paramSet;
-    class property id_tc26_gost_3410_12_512_paramSetA: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_512_paramSetA;
-    class property id_tc26_gost_3410_12_512_paramSetB: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_512_paramSetB;
-    class property id_tc26_gost_3410_12_512_paramSetC: IDerObjectIdentifier
-      read Getid_tc26_gost_3410_12_512_paramSetC;
-    class property id_tc26_gost_28147_param_Z: IDerObjectIdentifier
-      read Getid_tc26_gost_28147_param_Z;
-
-    class procedure Boot(); static;
-
+    class property Rosstandart: IDerObjectIdentifier read GetRosstandart;
+    class property IdTc26: IDerObjectIdentifier read GetIdTc26;
+    class property IdTc26Gost3411_12_256: IDerObjectIdentifier read GetIdTc26Gost3411_12_256;
+    class property IdTc26Gost3411_12_512: IDerObjectIdentifier read GetIdTc26Gost3411_12_512;
+    class property IdTc26HmacGost3411_12_256: IDerObjectIdentifier read GetIdTc26HmacGost3411_12_256;
+    class property IdTc26HmacGost3411_12_512: IDerObjectIdentifier read GetIdTc26HmacGost3411_12_512;
+    class property IdTc26Gost3410_12_256: IDerObjectIdentifier read GetIdTc26Gost3410_12_256;
+    class property IdTc26Gost3410_12_512: IDerObjectIdentifier read GetIdTc26Gost3410_12_512;
+    class property IdTc26SignwithdigestGost3410_12_256: IDerObjectIdentifier read GetIdTc26SignwithdigestGost3410_12_256;
+    class property IdTc26SignwithdigestGost3410_12_512: IDerObjectIdentifier read GetIdTc26SignwithdigestGost3410_12_512;
+    class property IdTc26Agreement: IDerObjectIdentifier read GetIdTc26Agreement;
+    class property IdTc26AgreementGost3410_12_256: IDerObjectIdentifier read GetIdTc26AgreementGost3410_12_256;
+    class property IdTc26AgreementGost3410_12_512: IDerObjectIdentifier read GetIdTc26AgreementGost3410_12_512;
+    class property IdTc26Gost3410_12_256ParamSet: IDerObjectIdentifier read GetIdTc26Gost3410_12_256ParamSet;
+    class property IdTc26Gost3410_12_256ParamSetA: IDerObjectIdentifier read GetIdTc26Gost3410_12_256ParamSetA;
+    class property IdTc26Gost3410_12_256ParamSetB: IDerObjectIdentifier read GetIdTc26Gost3410_12_256ParamSetB;
+    class property IdTc26Gost3410_12_256ParamSetC: IDerObjectIdentifier read GetIdTc26Gost3410_12_256ParamSetC;
+    class property IdTc26Gost3410_12_256ParamSetD: IDerObjectIdentifier read GetIdTc26Gost3410_12_256ParamSetD;
+    class property IdTc26Gost3410_12_512ParamSet: IDerObjectIdentifier read GetIdTc26Gost3410_12_512ParamSet;
+    class property IdTc26Gost3410_12_512ParamSetA: IDerObjectIdentifier read GetIdTc26Gost3410_12_512ParamSetA;
+    class property IdTc26Gost3410_12_512ParamSetB: IDerObjectIdentifier read GetIdTc26Gost3410_12_512ParamSetB;
+    class property IdTc26Gost3410_12_512ParamSetC: IDerObjectIdentifier read GetIdTc26Gost3410_12_512ParamSetC;
+    class property IdTc26Gost28147ParamZ: IDerObjectIdentifier read GetIdTc26Gost28147ParamZ;
+
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TRosstandartObjectIdentifiers }
 
-class constructor TRosstandartObjectIdentifiers.RosstandartObjectIdentifiers;
+class constructor TRosstandartObjectIdentifiers.Create;
 begin
-  TRosstandartObjectIdentifiers.Boot;
+  Boot;
 end;
 
-class function TRosstandartObjectIdentifiers.Getrosstandart
-  : IDerObjectIdentifier;
+class procedure TRosstandartObjectIdentifiers.Boot;
 begin
-  result := Frosstandart;
+  if not FIsBooted then
+  begin
+    FRosstandart := TDerObjectIdentifier.Create('1.2.643.7');
+    FIdTc26 := FRosstandart.Branch('1');
+    FIdTc26Gost3411_12_256 := FIdTc26.Branch('1.2.2');
+    FIdTc26Gost3411_12_512 := FIdTc26.Branch('1.2.3');
+    FIdTc26HmacGost3411_12_256 := FIdTc26.Branch('1.4.1');
+    FIdTc26HmacGost3411_12_512 := FIdTc26.Branch('1.4.2');
+    FIdTc26Gost3410_12_256 := FIdTc26.Branch('1.1.1');
+    FIdTc26Gost3410_12_512 := FIdTc26.Branch('1.1.2');
+    FIdTc26SignwithdigestGost3410_12_256 := FIdTc26.Branch('1.3.2');
+    FIdTc26SignwithdigestGost3410_12_512 := FIdTc26.Branch('1.3.3');
+    FIdTc26Agreement := FIdTc26.Branch('1.6');
+    FIdTc26AgreementGost3410_12_256 := FIdTc26Agreement.Branch('1');
+    FIdTc26AgreementGost3410_12_512 := FIdTc26Agreement.Branch('2');
+    FIdTc26Gost3410_12_256ParamSet := FIdTc26.Branch('2.1.1');
+    FIdTc26Gost3410_12_256ParamSetA := FIdTc26Gost3410_12_256ParamSet.Branch('1');
+    FIdTc26Gost3410_12_256ParamSetB := FIdTc26Gost3410_12_256ParamSet.Branch('2');
+    FIdTc26Gost3410_12_256ParamSetC := FIdTc26Gost3410_12_256ParamSet.Branch('3');
+    FIdTc26Gost3410_12_256ParamSetD := FIdTc26Gost3410_12_256ParamSet.Branch('4');
+    FIdTc26Gost3410_12_512ParamSet := FIdTc26.Branch('2.1.2');
+    FIdTc26Gost3410_12_512ParamSetA := FIdTc26Gost3410_12_512ParamSet.Branch('1');
+    FIdTc26Gost3410_12_512ParamSetB := FIdTc26Gost3410_12_512ParamSet.Branch('2');
+    FIdTc26Gost3410_12_512ParamSetC := FIdTc26Gost3410_12_512ParamSet.Branch('3');
+    FIdTc26Gost28147ParamZ := FIdTc26.Branch('2.5.1.1');
+
+    FIsBooted := True;
+  end;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26: IDerObjectIdentifier;
 begin
-  result := Fid_tc26;
+  Result := FIdTc26;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_agreement
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Agreement: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_agreement;
+  Result := FIdTc26Agreement;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_agreement_gost_3410_12_256: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26AgreementGost3410_12_256: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_agreement_gost_3410_12_256;
+  Result := FIdTc26AgreementGost3410_12_256;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_agreement_gost_3410_12_512: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26AgreementGost3410_12_512: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_agreement_gost_3410_12_512;
+  Result := FIdTc26AgreementGost3410_12_512;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_gost_28147_param_Z
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost28147ParamZ: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_28147_param_Z;
+  Result := FIdTc26Gost28147ParamZ;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_gost_3410_12_256
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_256;
+  Result := FIdTc26Gost3410_12_256;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_256_paramSet: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256ParamSet: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_256_paramSet;
+  Result := FIdTc26Gost3410_12_256ParamSet;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_256_paramSetA: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256ParamSetA: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_256_paramSetA;
+  Result := FIdTc26Gost3410_12_256ParamSetA;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_gost_3410_12_512
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256ParamSetB: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_512;
+  Result := FIdTc26Gost3410_12_256ParamSetB;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_512_paramSet: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256ParamSetC: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_512_paramSet;
+  Result := FIdTc26Gost3410_12_256ParamSetC;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_512_paramSetA: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_256ParamSetD: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_512_paramSetA;
+  Result := FIdTc26Gost3410_12_256ParamSetD;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_512_paramSetB: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_512: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_512_paramSetB;
+  Result := FIdTc26Gost3410_12_512;
 end;
 
-class function TRosstandartObjectIdentifiers.
-  Getid_tc26_gost_3410_12_512_paramSetC: IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_512ParamSet: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3410_12_512_paramSetC;
+  Result := FIdTc26Gost3410_12_512ParamSet;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_gost_3411_12_256
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_512ParamSetA: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3411_12_256;
+  Result := FIdTc26Gost3410_12_512ParamSetA;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_gost_3411_12_512
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_512ParamSetB: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_gost_3411_12_512;
+  Result := FIdTc26Gost3410_12_512ParamSetB;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_hmac_gost_3411_12_256
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3410_12_512ParamSetC: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_hmac_gost_3411_12_256;
+  Result := FIdTc26Gost3410_12_512ParamSetC;
 end;
 
-class function TRosstandartObjectIdentifiers.Getid_tc26_hmac_gost_3411_12_512
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3411_12_256: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_hmac_gost_3411_12_512;
+  Result := FIdTc26Gost3411_12_256;
 end;
 
-class function TRosstandartObjectIdentifiers.GetIdTc26SignWithDigestGost3410_12_256
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26Gost3411_12_512: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_signwithdigest_gost_3410_12_256;
+  Result := FIdTc26Gost3411_12_512;
 end;
 
-class function TRosstandartObjectIdentifiers.GetIdTc26SignWithDigestGost3410_12_512
-  : IDerObjectIdentifier;
+class function TRosstandartObjectIdentifiers.GetIdTc26HmacGost3411_12_256: IDerObjectIdentifier;
 begin
-  result := Fid_tc26_signwithdigest_gost_3410_12_512;
+  Result := FIdTc26HmacGost3411_12_256;
 end;
 
-class procedure TRosstandartObjectIdentifiers.Boot;
+class function TRosstandartObjectIdentifiers.GetIdTc26HmacGost3411_12_512: IDerObjectIdentifier;
 begin
+  Result := FIdTc26HmacGost3411_12_512;
+end;
 
-  if not FIsBooted then
-  begin
-
-    Frosstandart := TDerObjectIdentifier.Create('1.2.643.7');
-
-    Fid_tc26 := rosstandart.Branch('1');
-
-    Fid_tc26_gost_3411_12_256 := id_tc26.Branch('1.2.2');
-
-    Fid_tc26_gost_3411_12_512 := id_tc26.Branch('1.2.3');
-
-    Fid_tc26_hmac_gost_3411_12_256 := id_tc26.Branch('1.4.1');
-
-    Fid_tc26_hmac_gost_3411_12_512 := id_tc26.Branch('1.4.2');
-
-    Fid_tc26_gost_3410_12_256 := id_tc26.Branch('1.1.1');
-
-    Fid_tc26_gost_3410_12_512 := id_tc26.Branch('1.1.2');
-
-    Fid_tc26_signwithdigest_gost_3410_12_256 := id_tc26.Branch('1.3.2');
-
-    Fid_tc26_signwithdigest_gost_3410_12_512 := id_tc26.Branch('1.3.3');
-
-    Fid_tc26_agreement := id_tc26.Branch('1.6');
-
-    Fid_tc26_agreement_gost_3410_12_256 := id_tc26_agreement.Branch('1');
-
-    Fid_tc26_agreement_gost_3410_12_512 := id_tc26_agreement.Branch('2');
-
-    Fid_tc26_gost_3410_12_256_paramSet := id_tc26.Branch('2.1.1');
-
-    Fid_tc26_gost_3410_12_256_paramSetA :=
-      id_tc26_gost_3410_12_256_paramSet.Branch('1');
-
-    Fid_tc26_gost_3410_12_512_paramSet := id_tc26.Branch('2.1.2');
-
-    Fid_tc26_gost_3410_12_512_paramSetA :=
-      id_tc26_gost_3410_12_512_paramSet.Branch('1');
-
-    Fid_tc26_gost_3410_12_512_paramSetB :=
-      id_tc26_gost_3410_12_512_paramSet.Branch('2');
-
-    Fid_tc26_gost_3410_12_512_paramSetC :=
-      id_tc26_gost_3410_12_512_paramSet.Branch('3');
+class function TRosstandartObjectIdentifiers.GetIdTc26SignwithdigestGost3410_12_256: IDerObjectIdentifier;
+begin
+  Result := FIdTc26SignwithdigestGost3410_12_256;
+end;
 
-    Fid_tc26_gost_28147_param_Z := id_tc26.Branch('2.5.1.1');
+class function TRosstandartObjectIdentifiers.GetIdTc26SignwithdigestGost3410_12_512: IDerObjectIdentifier;
+begin
+  Result := FIdTc26SignwithdigestGost3410_12_512;
+end;
 
-    FIsBooted := True;
-  end;
+class function TRosstandartObjectIdentifiers.GetRosstandart: IDerObjectIdentifier;
+begin
+  Result := FRosstandart;
 end;
 
 end.

CryptoLib/src/Asn1/Sec/ClpSecObjectIdentifiers.pas

@@ -27,66 +27,81 @@ uses
   ClpX9ObjectIdentifiers;
 
 type
-  // /**
-  // *  EllipticCurve OBJECT IDENTIFIER ::= {
-  // *        iso(1) identified-organization(3) certicom(132) curve(0)
-  // *  }
-  // */
+  /// <summary>EllipticCurve OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) certicom(132) curve(0) }</summary>
   TSecObjectIdentifiers = class abstract(TObject)
-
   strict private
-
-  class var
-
-    FIsBooted: Boolean;
-    FSecT193r1, FSecP112r2, FEllipticCurve, FSecP224r1, FSecP160r2, FSecT233r1,
-      FSecP112r1, FSecT409r1, FSecP192k1, FSecT131r2, FSecT283k1, FSecT113r2,
-      FSecT163r2, FSecP160r1, FSecT239k1, FSecP521r1, FSecP256r1, FSecT131r1,
-      FSecT113r1, FSecT163r1, FSecP224k1, FSecT233k1, FSecT409k1, FSecP160k1,
-      FSecT571r1, FSecP256k1, FSecT163k1, FSecP128r2, FSecT571k1, FSecP128r1,
-      FSecP192r1, FSecT283r1, FSecT193r2, FSecP384r1: IDerObjectIdentifier;
-
-    class constructor SecObjectIdentifiers();
+    class var
+      FIsBooted: Boolean;
+      FEllipticCurve, FSecT163k1, FSecT163r1, FSecT239k1, FSecT113r1, FSecT113r2,
+      FSecP112r1, FSecP112r2, FSecP160r1, FSecP160k1, FSecP256k1, FSecT163r2,
+      FSecT283k1, FSecT283r1, FSecT131r1, FSecT131r2, FSecT193r1, FSecT193r2,
+      FSecT233k1, FSecT233r1, FSecP128r1, FSecP128r2, FSecP160r2, FSecP192k1,
+      FSecP224k1, FSecP224r1, FSecP384r1, FSecP521r1, FSecT409k1, FSecT409r1,
+      FSecT571k1, FSecT571r1, FSecP192r1, FSecP256r1, FSecgScheme,
+      FDhSinglePassStdDHSha224KdfScheme, FDhSinglePassStdDHSha256KdfScheme,
+      FDhSinglePassStdDHSha384KdfScheme, FDhSinglePassStdDHSha512KdfScheme,
+      FDhSinglePassCofactorDHSha224KdfScheme, FDhSinglePassCofactorDHSha256KdfScheme,
+      FDhSinglePassCofactorDHSha384KdfScheme, FDhSinglePassCofactorDHSha512KdfScheme,
+      FMqvSinglePassSha224KdfScheme, FMqvSinglePassSha256KdfScheme,
+      FMqvSinglePassSha384KdfScheme, FMqvSinglePassSha512KdfScheme,
+      FMqvFullSha224KdfScheme, FMqvFullSha256KdfScheme, FMqvFullSha384KdfScheme,
+      FMqvFullSha512KdfScheme: IDerObjectIdentifier;
 
     class function GetEllipticCurve: IDerObjectIdentifier; static; inline;
+    class function GetSecT163k1: IDerObjectIdentifier; static; inline;
+    class function GetSecT163r1: IDerObjectIdentifier; static; inline;
+    class function GetSecT239k1: IDerObjectIdentifier; static; inline;
+    class function GetSecT113r1: IDerObjectIdentifier; static; inline;
+    class function GetSecT113r2: IDerObjectIdentifier; static; inline;
     class function GetSecP112r1: IDerObjectIdentifier; static; inline;
     class function GetSecP112r2: IDerObjectIdentifier; static; inline;
-    class function GetSecP128r1: IDerObjectIdentifier; static; inline;
-    class function GetSecP128r2: IDerObjectIdentifier; static; inline;
-    class function GetSecP160k1: IDerObjectIdentifier; static; inline;
     class function GetSecP160r1: IDerObjectIdentifier; static; inline;
-    class function GetSecP160r2: IDerObjectIdentifier; static; inline;
-    class function GetSecP192k1: IDerObjectIdentifier; static; inline;
-    class function GetSecP192r1: IDerObjectIdentifier; static; inline;
-    class function GetSecP224k1: IDerObjectIdentifier; static; inline;
-    class function GetSecP224r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP160k1: IDerObjectIdentifier; static; inline;
     class function GetSecP256k1: IDerObjectIdentifier; static; inline;
-    class function GetSecP256r1: IDerObjectIdentifier; static; inline;
-    class function GetSecP384r1: IDerObjectIdentifier; static; inline;
-    class function GetSecP521r1: IDerObjectIdentifier; static; inline;
-    class function GetSecT113r1: IDerObjectIdentifier; static; inline;
-    class function GetSecT113r2: IDerObjectIdentifier; static; inline;
+    class function GetSecT163r2: IDerObjectIdentifier; static; inline;
+    class function GetSecT283k1: IDerObjectIdentifier; static; inline;
+    class function GetSecT283r1: IDerObjectIdentifier; static; inline;
     class function GetSecT131r1: IDerObjectIdentifier; static; inline;
     class function GetSecT131r2: IDerObjectIdentifier; static; inline;
-    class function GetSecT163k1: IDerObjectIdentifier; static; inline;
-    class function GetSecT163r1: IDerObjectIdentifier; static; inline;
-    class function GetSecT163r2: IDerObjectIdentifier; static; inline;
     class function GetSecT193r1: IDerObjectIdentifier; static; inline;
     class function GetSecT193r2: IDerObjectIdentifier; static; inline;
     class function GetSecT233k1: IDerObjectIdentifier; static; inline;
     class function GetSecT233r1: IDerObjectIdentifier; static; inline;
-    class function GetSecT239k1: IDerObjectIdentifier; static; inline;
-    class function GetSecT283k1: IDerObjectIdentifier; static; inline;
-    class function GetSecT283r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP128r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP128r2: IDerObjectIdentifier; static; inline;
+    class function GetSecP160r2: IDerObjectIdentifier; static; inline;
+    class function GetSecP192k1: IDerObjectIdentifier; static; inline;
+    class function GetSecP224k1: IDerObjectIdentifier; static; inline;
+    class function GetSecP224r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP384r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP521r1: IDerObjectIdentifier; static; inline;
     class function GetSecT409k1: IDerObjectIdentifier; static; inline;
     class function GetSecT409r1: IDerObjectIdentifier; static; inline;
     class function GetSecT571k1: IDerObjectIdentifier; static; inline;
     class function GetSecT571r1: IDerObjectIdentifier; static; inline;
-
+    class function GetSecP192r1: IDerObjectIdentifier; static; inline;
+    class function GetSecP256r1: IDerObjectIdentifier; static; inline;
+    class function GetSecgScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassStdDHSha224KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassStdDHSha256KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassStdDHSha384KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassStdDHSha512KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassCofactorDHSha224KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassCofactorDHSha256KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassCofactorDHSha384KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDhSinglePassCofactorDHSha512KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvSinglePassSha224KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvSinglePassSha256KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvSinglePassSha384KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvSinglePassSha512KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvFullSha224KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvFullSha256KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvFullSha384KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvFullSha512KdfScheme: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-
     class property EllipticCurve: IDerObjectIdentifier read GetEllipticCurve;
-
     class property SecT163k1: IDerObjectIdentifier read GetSecT163k1;
     class property SecT163r1: IDerObjectIdentifier read GetSecT163r1;
     class property SecT239k1: IDerObjectIdentifier read GetSecT239k1;
@@ -118,242 +133,355 @@ type
     class property SecT409r1: IDerObjectIdentifier read GetSecT409r1;
     class property SecT571k1: IDerObjectIdentifier read GetSecT571k1;
     class property SecT571r1: IDerObjectIdentifier read GetSecT571r1;
-
     class property SecP192r1: IDerObjectIdentifier read GetSecP192r1;
     class property SecP256r1: IDerObjectIdentifier read GetSecP256r1;
+    class property SecgScheme: IDerObjectIdentifier read GetSecgScheme;
+    class property DhSinglePassStdDHSha224KdfScheme: IDerObjectIdentifier read GetDhSinglePassStdDHSha224KdfScheme;
+    class property DhSinglePassStdDHSha256KdfScheme: IDerObjectIdentifier read GetDhSinglePassStdDHSha256KdfScheme;
+    class property DhSinglePassStdDHSha384KdfScheme: IDerObjectIdentifier read GetDhSinglePassStdDHSha384KdfScheme;
+    class property DhSinglePassStdDHSha512KdfScheme: IDerObjectIdentifier read GetDhSinglePassStdDHSha512KdfScheme;
+    class property DhSinglePassCofactorDHSha224KdfScheme: IDerObjectIdentifier read GetDhSinglePassCofactorDHSha224KdfScheme;
+    class property DhSinglePassCofactorDHSha256KdfScheme: IDerObjectIdentifier read GetDhSinglePassCofactorDHSha256KdfScheme;
+    class property DhSinglePassCofactorDHSha384KdfScheme: IDerObjectIdentifier read GetDhSinglePassCofactorDHSha384KdfScheme;
+    class property DhSinglePassCofactorDHSha512KdfScheme: IDerObjectIdentifier read GetDhSinglePassCofactorDHSha512KdfScheme;
+    class property MqvSinglePassSha224KdfScheme: IDerObjectIdentifier read GetMqvSinglePassSha224KdfScheme;
+    class property MqvSinglePassSha256KdfScheme: IDerObjectIdentifier read GetMqvSinglePassSha256KdfScheme;
+    class property MqvSinglePassSha384KdfScheme: IDerObjectIdentifier read GetMqvSinglePassSha384KdfScheme;
+    class property MqvSinglePassSha512KdfScheme: IDerObjectIdentifier read GetMqvSinglePassSha512KdfScheme;
+    class property MqvFullSha224KdfScheme: IDerObjectIdentifier read GetMqvFullSha224KdfScheme;
+    class property MqvFullSha256KdfScheme: IDerObjectIdentifier read GetMqvFullSha256KdfScheme;
+    class property MqvFullSha384KdfScheme: IDerObjectIdentifier read GetMqvFullSha384KdfScheme;
+    class property MqvFullSha512KdfScheme: IDerObjectIdentifier read GetMqvFullSha512KdfScheme;
+
+    class procedure Boot; static;
+  end;
+
+implementation
 
-    class procedure Boot(); static;
+{ TSecObjectIdentifiers }
 
+class constructor TSecObjectIdentifiers.Create;
+begin
+  Boot;
+end;
+
+class procedure TSecObjectIdentifiers.Boot;
+begin
+  if not FIsBooted then
+  begin
+    TX9ObjectIdentifiers.Boot;
+
+    FEllipticCurve := TDerObjectIdentifier.Create('1.3.132.0');
+    FSecT163k1 := FEllipticCurve.Branch('1');
+    FSecT163r1 := FEllipticCurve.Branch('2');
+    FSecT239k1 := FEllipticCurve.Branch('3');
+    FSecT113r1 := FEllipticCurve.Branch('4');
+    FSecT113r2 := FEllipticCurve.Branch('5');
+    FSecP112r1 := FEllipticCurve.Branch('6');
+    FSecP112r2 := FEllipticCurve.Branch('7');
+    FSecP160r1 := FEllipticCurve.Branch('8');
+    FSecP160k1 := FEllipticCurve.Branch('9');
+    FSecP256k1 := FEllipticCurve.Branch('10');
+    FSecT163r2 := FEllipticCurve.Branch('15');
+    FSecT283k1 := FEllipticCurve.Branch('16');
+    FSecT283r1 := FEllipticCurve.Branch('17');
+    FSecT131r1 := FEllipticCurve.Branch('22');
+    FSecT131r2 := FEllipticCurve.Branch('23');
+    FSecT193r1 := FEllipticCurve.Branch('24');
+    FSecT193r2 := FEllipticCurve.Branch('25');
+    FSecT233k1 := FEllipticCurve.Branch('26');
+    FSecT233r1 := FEllipticCurve.Branch('27');
+    FSecP128r1 := FEllipticCurve.Branch('28');
+    FSecP128r2 := FEllipticCurve.Branch('29');
+    FSecP160r2 := FEllipticCurve.Branch('30');
+    FSecP192k1 := FEllipticCurve.Branch('31');
+    FSecP224k1 := FEllipticCurve.Branch('32');
+    FSecP224r1 := FEllipticCurve.Branch('33');
+    FSecP384r1 := FEllipticCurve.Branch('34');
+    FSecP521r1 := FEllipticCurve.Branch('35');
+    FSecT409k1 := FEllipticCurve.Branch('36');
+    FSecT409r1 := FEllipticCurve.Branch('37');
+    FSecT571k1 := FEllipticCurve.Branch('38');
+    FSecT571r1 := FEllipticCurve.Branch('39');
+
+    FSecP192r1 := TX9ObjectIdentifiers.Prime192v1;
+    FSecP256r1 := TX9ObjectIdentifiers.Prime256v1;
+
+    FSecgScheme := TDerObjectIdentifier.Create('1.3.132.1');
+    FDhSinglePassStdDHSha224KdfScheme := FSecgScheme.Branch('11.0');
+    FDhSinglePassStdDHSha256KdfScheme := FSecgScheme.Branch('11.1');
+    FDhSinglePassStdDHSha384KdfScheme := FSecgScheme.Branch('11.2');
+    FDhSinglePassStdDHSha512KdfScheme := FSecgScheme.Branch('11.3');
+    FDhSinglePassCofactorDHSha224KdfScheme := FSecgScheme.Branch('14.0');
+    FDhSinglePassCofactorDHSha256KdfScheme := FSecgScheme.Branch('14.1');
+    FDhSinglePassCofactorDHSha384KdfScheme := FSecgScheme.Branch('14.2');
+    FDhSinglePassCofactorDHSha512KdfScheme := FSecgScheme.Branch('14.3');
+    FMqvSinglePassSha224KdfScheme := FSecgScheme.Branch('15.0');
+    FMqvSinglePassSha256KdfScheme := FSecgScheme.Branch('15.1');
+    FMqvSinglePassSha384KdfScheme := FSecgScheme.Branch('15.2');
+    FMqvSinglePassSha512KdfScheme := FSecgScheme.Branch('15.3');
+    FMqvFullSha224KdfScheme := FSecgScheme.Branch('16.0');
+    FMqvFullSha256KdfScheme := FSecgScheme.Branch('16.1');
+    FMqvFullSha384KdfScheme := FSecgScheme.Branch('16.2');
+    FMqvFullSha512KdfScheme := FSecgScheme.Branch('16.3');
+
+    FIsBooted := True;
   end;
+end;
 
-implementation
+class function TSecObjectIdentifiers.GetDhSinglePassCofactorDHSha224KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassCofactorDHSha224KdfScheme;
+end;
 
-{ TClpSecObjectIdentifiers }
+class function TSecObjectIdentifiers.GetDhSinglePassCofactorDHSha256KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassCofactorDHSha256KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassCofactorDHSha384KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassCofactorDHSha384KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassCofactorDHSha512KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassCofactorDHSha512KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassStdDHSha224KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassStdDHSha224KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassStdDHSha256KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassStdDHSha256KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassStdDHSha384KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassStdDHSha384KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetDhSinglePassStdDHSha512KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDhSinglePassStdDHSha512KdfScheme;
+end;
 
 class function TSecObjectIdentifiers.GetEllipticCurve: IDerObjectIdentifier;
 begin
-  result := FEllipticCurve;
+  Result := FEllipticCurve;
+end;
+
+class function TSecObjectIdentifiers.GetMqvFullSha224KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvFullSha224KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvFullSha256KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvFullSha256KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvFullSha384KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvFullSha384KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvFullSha512KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvFullSha512KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvSinglePassSha224KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvSinglePassSha224KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvSinglePassSha256KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvSinglePassSha256KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvSinglePassSha384KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvSinglePassSha384KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetMqvSinglePassSha512KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvSinglePassSha512KdfScheme;
+end;
+
+class function TSecObjectIdentifiers.GetSecgScheme: IDerObjectIdentifier;
+begin
+  Result := FSecgScheme;
 end;
 
 class function TSecObjectIdentifiers.GetSecP112r1: IDerObjectIdentifier;
 begin
-  result := FSecP112r1;
+  Result := FSecP112r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP112r2: IDerObjectIdentifier;
 begin
-  result := FSecP112r2;
+  Result := FSecP112r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecP128r1: IDerObjectIdentifier;
 begin
-  result := FSecP128r1;
+  Result := FSecP128r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP128r2: IDerObjectIdentifier;
 begin
-  result := FSecP128r2;
+  Result := FSecP128r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecP160k1: IDerObjectIdentifier;
 begin
-  result := FSecP160k1;
+  Result := FSecP160k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP160r1: IDerObjectIdentifier;
 begin
-  result := FSecP160r1;
+  Result := FSecP160r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP160r2: IDerObjectIdentifier;
 begin
-  result := FSecP160r2;
+  Result := FSecP160r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecP192k1: IDerObjectIdentifier;
 begin
-  result := FSecP192k1;
+  Result := FSecP192k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP192r1: IDerObjectIdentifier;
 begin
-  result := FSecP192r1;
+  Result := FSecP192r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP224k1: IDerObjectIdentifier;
 begin
-  result := FSecP224k1;
+  Result := FSecP224k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP224r1: IDerObjectIdentifier;
 begin
-  result := FSecP224r1;
+  Result := FSecP224r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP256k1: IDerObjectIdentifier;
 begin
-  result := FSecP256k1;
+  Result := FSecP256k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP256r1: IDerObjectIdentifier;
 begin
-  result := FSecP256r1;
+  Result := FSecP256r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP384r1: IDerObjectIdentifier;
 begin
-  result := FSecP384r1;
+  Result := FSecP384r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecP521r1: IDerObjectIdentifier;
 begin
-  result := FSecP521r1;
+  Result := FSecP521r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT113r1: IDerObjectIdentifier;
 begin
-  result := FSecT113r1;
+  Result := FSecT113r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT113r2: IDerObjectIdentifier;
 begin
-  result := FSecT113r2;
+  Result := FSecT113r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecT131r1: IDerObjectIdentifier;
 begin
-  result := FSecT131r1;
+  Result := FSecT131r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT131r2: IDerObjectIdentifier;
 begin
-  result := FSecT131r2;
+  Result := FSecT131r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecT163k1: IDerObjectIdentifier;
 begin
-  result := FSecT163k1;
+  Result := FSecT163k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT163r1: IDerObjectIdentifier;
 begin
-  result := FSecT163r1;
+  Result := FSecT163r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT163r2: IDerObjectIdentifier;
 begin
-  result := FSecT163r2;
+  Result := FSecT163r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecT193r1: IDerObjectIdentifier;
 begin
-  result := FSecT193r1;
+  Result := FSecT193r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT193r2: IDerObjectIdentifier;
 begin
-  result := FSecT193r2;
+  Result := FSecT193r2;
 end;
 
 class function TSecObjectIdentifiers.GetSecT233k1: IDerObjectIdentifier;
 begin
-  result := FSecT233k1;
+  Result := FSecT233k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT233r1: IDerObjectIdentifier;
 begin
-  result := FSecT233r1;
+  Result := FSecT233r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT239k1: IDerObjectIdentifier;
 begin
-  result := FSecT239k1;
+  Result := FSecT239k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT283k1: IDerObjectIdentifier;
 begin
-  result := FSecT283k1;
+  Result := FSecT283k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT283r1: IDerObjectIdentifier;
 begin
-  result := FSecT283r1;
+  Result := FSecT283r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT409k1: IDerObjectIdentifier;
 begin
-  result := FSecT409k1;
+  Result := FSecT409k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT409r1: IDerObjectIdentifier;
 begin
-  result := FSecT409r1;
+  Result := FSecT409r1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT571k1: IDerObjectIdentifier;
 begin
-  result := FSecT571k1;
+  Result := FSecT571k1;
 end;
 
 class function TSecObjectIdentifiers.GetSecT571r1: IDerObjectIdentifier;
 begin
-  result := FSecT571r1;
-end;
-
-class procedure TSecObjectIdentifiers.Boot;
-begin
-
-  if not FIsBooted then
-  begin
-
-    FEllipticCurve := TDerObjectIdentifier.Create('1.3.132.0');
-
-    FSecT163k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.1');
-    FSecT163r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.2');
-    FSecT239k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.3');
-    FSecT113r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.4');
-    FSecT113r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.5');
-    FSecP112r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.6');
-    FSecP112r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.7');
-    FSecP160r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.8');
-    FSecP160k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.9');
-    FSecP256k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.10');
-    FSecT163r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.15');
-    FSecT283k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.16');
-    FSecT283r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.17');
-    FSecT131r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.22');
-    FSecT131r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.23');
-    FSecT193r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.24');
-    FSecT193r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.25');
-    FSecT233k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.26');
-    FSecT233r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.27');
-    FSecP128r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.28');
-    FSecP128r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.29');
-    FSecP160r2 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.30');
-    FSecP192k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.31');
-    FSecP224k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.32');
-    FSecP224r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.33');
-    FSecP384r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.34');
-    FSecP521r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.35');
-    FSecT409k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.36');
-    FSecT409r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.37');
-    FSecT571k1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.38');
-    FSecT571r1 := TDerObjectIdentifier.Create(EllipticCurve.Id + '.39');
-
-    TX9ObjectIdentifiers.Boot;
-
-    FSecP192r1 := TX9ObjectIdentifiers.Prime192v1;
-
-    FSecP256r1 := TX9ObjectIdentifiers.Prime256v1;
-
-    FIsBooted := True;
-  end;
-
-end;
-
-class constructor TSecObjectIdentifiers.SecObjectIdentifiers;
-begin
-  TSecObjectIdentifiers.Boot;
+  Result := FSecT571r1;
 end;
 
 end.

CryptoLib/src/Asn1/TeleTrust/ClpTeleTrusTObjectIdentifiers.pas

@@ -39,8 +39,7 @@ type
       FRsaSignature, FRsaSignatureWithRipeMD160, FRsaSignatureWithRipeMD128,
       FRsaSignatureWithRipeMD256,
       FECSign, FECSignWithSha1, FECSignWithRipeMD160, FECSignWithMD2,
-      FECSignWithMD5, FTttEcg, FEcStdCurvesAndGeneration,
-      FEccBrainpool, FEllipticCurve,
+      FECSignWithMD5, FTttEcg,       FEcStdCurvesAndGeneration, FEllipticCurve,
       FVersionOne, FBrainpoolP160R1, FBrainpoolP160T1, FBrainpoolP192R1,
       FBrainpoolP192T1, FBrainpoolP224R1, FBrainpoolP224T1, FBrainpoolP256R1,
       FBrainpoolP256T1, FBrainpoolP320R1, FBrainpoolP320T1, FBrainpoolP384R1,
@@ -49,7 +48,6 @@ type
 
     class function GetTeleTrusT: IDerObjectIdentifier; static; inline;
     class function GetAlgorithm: IDerObjectIdentifier; static; inline;
-    class function GetTeleTrusTAlgorithm: IDerObjectIdentifier; static; inline;
     class function GetEncryptionAlgorithm: IDerObjectIdentifier; static; inline;
     class function GetHashAlgorithm: IDerObjectIdentifier; static; inline;
     class function GetSignatureAlgorithm: IDerObjectIdentifier; static; inline;
@@ -68,7 +66,6 @@ type
     class function GetECSignWithMD5: IDerObjectIdentifier; static; inline;
     class function GetTttEcg: IDerObjectIdentifier; static; inline;
     class function GetEcStdCurvesAndGeneration: IDerObjectIdentifier; static; inline;
-
     class function GetBrainpoolP160R1: IDerObjectIdentifier; static; inline;
     class function GetBrainpoolP160T1: IDerObjectIdentifier; static; inline;
     class function GetBrainpoolP192R1: IDerObjectIdentifier; static; inline;
@@ -83,17 +80,15 @@ type
     class function GetBrainpoolP384T1: IDerObjectIdentifier; static; inline;
     class function GetBrainpoolP512R1: IDerObjectIdentifier; static; inline;
     class function GetBrainpoolP512T1: IDerObjectIdentifier; static; inline;
-    class function GetEccBrainpool: IDerObjectIdentifier; static; inline;
     class function GetEllipticCurve: IDerObjectIdentifier; static; inline;
     class function GetVersionOne: IDerObjectIdentifier; static; inline;
 
-    class constructor TeleTrusTObjectIdentifiers();
+    class constructor Create;
 
   public
 
     class property TeleTrusT: IDerObjectIdentifier read GetTeleTrusT;
     class property Algorithm: IDerObjectIdentifier read GetAlgorithm;
-    class property TeleTrusTAlgorithm: IDerObjectIdentifier read GetTeleTrusTAlgorithm;
     class property EncryptionAlgorithm: IDerObjectIdentifier read GetEncryptionAlgorithm;
     class property HashAlgorithm: IDerObjectIdentifier read GetHashAlgorithm;
     class property SignatureAlgorithm: IDerObjectIdentifier read GetSignatureAlgorithm;
@@ -112,8 +107,6 @@ type
     class property ECSignWithMD5: IDerObjectIdentifier read GetECSignWithMD5;
     class property TttEcg: IDerObjectIdentifier read GetTttEcg;
     class property EcStdCurvesAndGeneration: IDerObjectIdentifier read GetEcStdCurvesAndGeneration;
-
-    class property EccBrainpool: IDerObjectIdentifier read GetEccBrainpool;
     class property EllipticCurve: IDerObjectIdentifier read GetEllipticCurve;
     class property VersionOne: IDerObjectIdentifier read GetVersionOne;
     class property BrainpoolP160R1: IDerObjectIdentifier
@@ -163,11 +156,6 @@ begin
   result := FAlgorithm;
 end;
 
-class function TTeleTrusTObjectIdentifiers.GetTeleTrusTAlgorithm: IDerObjectIdentifier;
-begin
-  result := FAlgorithm;
-end;
-
 class function TTeleTrusTObjectIdentifiers.GetEncryptionAlgorithm: IDerObjectIdentifier;
 begin
   result := FEncryptionAlgorithm;
@@ -258,11 +246,6 @@ begin
   result := FEcStdCurvesAndGeneration;
 end;
 
-class function TTeleTrusTObjectIdentifiers.GetEccBrainpool: IDerObjectIdentifier;
-begin
-  result := FEccBrainpool;
-end;
-
 class function TTeleTrusTObjectIdentifiers.GetVersionOne: IDerObjectIdentifier;
 begin
   result := FVersionOne;
@@ -377,9 +360,7 @@ begin
     FTttEcg := FECSign.Branch('5');
     FEcStdCurvesAndGeneration := FECSign.Branch('8');
 
-    // Brainpool curves
-    FEccBrainpool := FEcStdCurvesAndGeneration;
-    FEllipticCurve := FEccBrainpool.Branch('1');
+    FEllipticCurve := FEcStdCurvesAndGeneration.Branch('1');
     FVersionOne := FEllipticCurve.Branch('1');
 
     FBrainpoolP160R1 := FVersionOne.Branch('1');
@@ -401,9 +382,9 @@ begin
   end;
 end;
 
-class constructor TTeleTrusTObjectIdentifiers.TeleTrusTObjectIdentifiers;
+class constructor TTeleTrusTObjectIdentifiers.Create;
 begin
-  TTeleTrusTObjectIdentifiers.Boot;
+  Boot;
 end;
 
 end.

CryptoLib/src/Asn1/X500/ClpIetfUtilities.pas

@@ -208,7 +208,7 @@ end;
 class function TIetfUtilities.ValueToString(const AValue: IAsn1Encodable): String;
 var
   LVBuf: TStringBuilder;
-  LV, LResult: String;
+  LV: String;
   LStr: IAsn1String;
   LEnd, LIndex, LStart, LEndBuf: Int32;
 begin
@@ -234,21 +234,20 @@ begin
       end;
     end;
 
-    LResult := LVBuf.ToString();
-    LEnd := System.Length(LResult);
-    LIndex := 1; // Pascal strings are 1-based
+    LEnd := LVBuf.Length;
+    LIndex := 0; // TStringBuilder.Chars uses 0-based indexing
 
-    if TPlatform.StartsWith(LResult, '\#') then
+    if (LVBuf.Length >= 2) and (LVBuf.Chars[0] = '\') and (LVBuf.Chars[1] = '#') then
     begin
       System.Inc(LIndex, 2);
     end;
 
-    while LIndex <= LEnd do
+    while LIndex < LEnd do
     begin
-      case LResult[LIndex] of
+      case LVBuf.Chars[LIndex] of
         ',', '"', '\', '+', '=', '<', '>', ';':
           begin
-            System.Insert('\', LResult, LIndex);
+            LVBuf.Insert(LIndex, '\');
             System.Inc(LIndex, 2);
             System.Inc(LEnd);
           end;
@@ -257,24 +256,25 @@ begin
       end;
     end;
 
-    LStart := 1;
-    if System.Length(LResult) > 0 then
+    LStart := 0;
+    if LVBuf.Length > 0 then
     begin
-      while (System.Length(LResult) >= LStart) and (LResult[LStart] = ' ') do
+      while (LVBuf.Length > LStart) and (LVBuf.Chars[LStart] = ' ') do
       begin
-        System.Insert('\', LResult, LStart);
+        LVBuf.Insert(LStart, '\');
         System.Inc(LStart, 2);
       end;
     end;
 
-    LEndBuf := System.Length(LResult);
-    while (LEndBuf >= 1) and (LResult[LEndBuf] = ' ') do
+    LEndBuf := LVBuf.Length - 1;
+
+    while (LEndBuf >= 0) and (LVBuf.Chars[LEndBuf] = ' ') do
     begin
-      System.Insert('\', LResult, LEndBuf);
+      LVBuf.Insert(LEndBuf, '\');
       System.Dec(LEndBuf);
     end;
 
-    Result := LResult;
+    Result := LVBuf.ToString();
   finally
     LVBuf.Free;
   end;

CryptoLib/src/Asn1/X509/ClpX509ExtensionUtilities.pas

@@ -100,7 +100,7 @@ implementation
 
 class function TX509ExtensionUtilities.CalculateSha1(const AData: TCryptoLibByteArray): TCryptoLibByteArray;
 begin
-  Result := TDigestUtilities.CalculateDigest(TOiwObjectIdentifiers.IdSha1.id, AData);
+  Result := TDigestUtilities.CalculateDigest(TOiwObjectIdentifiers.IdSha1.ID, AData);
 end;
 
 class function TX509ExtensionUtilities.CalculateSha1(const ASpki: ISubjectPublicKeyInfo): TCryptoLibByteArray;

CryptoLib/src/Asn1/X509/ClpX509SignatureUtilities.pas

@@ -189,12 +189,12 @@ begin
   FAlgorithms.Add('SHA512WITHECDSA', TX9ObjectIdentifiers.ECDsaWithSha512);
 
   // BSI Plain ECDSA algorithms
-  FAlgorithms.Add('SHA1withPLAIN-ECDSA', TBsiObjectIdentifiers.ecdsa_plain_SHA1);
-  FAlgorithms.Add('SHA224withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA224);
-  FAlgorithms.Add('SHA256withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA256);
-  FAlgorithms.Add('SHA384withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA384);
-  FAlgorithms.Add('SHA512withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA512);
-  FAlgorithms.Add('RIPEMD160withPLAIN-ECDSA', TBsiObjectIdentifiers.ecdsa_plain_RIPEMD160);
+  FAlgorithms.Add('SHA1withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha1);
+  FAlgorithms.Add('SHA224withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha224);
+  FAlgorithms.Add('SHA256withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha256);
+  FAlgorithms.Add('SHA384withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha384);
+  FAlgorithms.Add('SHA512withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha512);
+  FAlgorithms.Add('RIPEMD160withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainRipeMD160);
 
   // GOST algorithms
   FAlgorithms.Add('GOST3411WITHGOST3410', TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
@@ -233,10 +233,10 @@ begin
   AddNoParams(TX9ObjectIdentifiers.ECDsaWithSha384);
   AddNoParams(TX9ObjectIdentifiers.ECDsaWithSha512);
 
-  AddNoParams(TBsiObjectIdentifiers.EcdsaPlain_SHA224);
-  AddNoParams(TBsiObjectIdentifiers.EcdsaPlain_SHA256);
-  AddNoParams(TBsiObjectIdentifiers.EcdsaPlain_SHA384);
-  AddNoParams(TBsiObjectIdentifiers.EcdsaPlain_SHA512);
+  AddNoParams(TBsiObjectIdentifiers.EcdsaPlainSha224);
+  AddNoParams(TBsiObjectIdentifiers.EcdsaPlainSha256);
+  AddNoParams(TBsiObjectIdentifiers.EcdsaPlainSha384);
+  AddNoParams(TBsiObjectIdentifiers.EcdsaPlainSha512);
 
   //
   // RFC 4491
@@ -288,16 +288,16 @@ begin
   //
   // BSI Plain ECDSA with SHA3
   //
-  AddAlgorithm('SHA3-224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_224, True);
-  AddAlgorithm('SHA3-256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_256, True);
-  AddAlgorithm('SHA3-384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_384, True);
-  AddAlgorithm('SHA3-512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA3_512, True);
+  AddAlgorithm('SHA3-224WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_224, True);
+  AddAlgorithm('SHA3-256WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_256, True);
+  AddAlgorithm('SHA3-384WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_384, True);
+  AddAlgorithm('SHA3-512WITHPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_512, True);
 
   //
   // EdDSA
   //
-  AddAlgorithm('Ed25519', TEdECObjectIdentifiers.id_Ed25519, True);
-  AddAlgorithm('Ed448', TEdECObjectIdentifiers.id_Ed448, True);
+  AddAlgorithm('Ed25519', TEdECObjectIdentifiers.IdEd25519, True);
+  AddAlgorithm('Ed448', TEdECObjectIdentifiers.IdEd448, True);
 end;
 
 class function TX509SignatureUtilities.GetDigestName(const ADigestAlgOid: IDerObjectIdentifier): String;
@@ -326,9 +326,9 @@ begin
     Result := 'RIPEMD256'
   else if TCryptoProObjectIdentifiers.GostR3411.Equals(ADigestAlgOid) then
     Result := 'GOST3411'
-  else if TRosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Equals(ADigestAlgOid) then
+  else if TRosstandartObjectIdentifiers.IdTc26Gost3411_12_256.Equals(ADigestAlgOid) then
     Result := 'GOST3411-2012-256'
-  else if TRosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Equals(ADigestAlgOid) then
+  else if TRosstandartObjectIdentifiers.IdTc26Gost3411_12_512.Equals(ADigestAlgOid) then
     Result := 'GOST3411-2012-512'
   else
     Result := ADigestAlgOid.Id;

CryptoLib/src/Asn1/X9/ClpX9ObjectIdentifiers.pas

@@ -26,35 +26,62 @@ uses
   ClpIAsn1Objects;
 
 type
+  /// <summary>ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-x962(10045) }</summary>
   TX9ObjectIdentifiers = class abstract(TObject)
-
   strict private
-    //
-    // X9.62
-    //
-    // ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-    // us(840) ansi-x962(10045) }
-    //
-  const
-
-    AnsiX962: String = '1.2.840.10045';
-
-  class var
-
-    FIsBooted: Boolean;
-    Fansi_X9_62, FIdFieldType, FPrimeField, FCharacteristicTwoField, FGNBasis,
-      FTPBasis, FPPBasis, Fid_ecSigType, FECDsaWithSha1, Fid_publicKeyType,
+    class var
+      FIsBooted: Boolean;
+      FAnsiX9_62, FIdFieldType, FPrimeField, FCharacteristicTwoField, FGNBasis,
+      FTPBasis, FPPBasis, FIdEcSigType, FECDsaWithSha1, FIdPublicKeyType,
       FIdECPublicKey, FECDsaWithSha2, FECDsaWithSha224, FECDsaWithSha256,
-      FECDsaWithSha384, FECDsaWithSha512, FEllipticCurve, FPrimeCurve,
-      FPrime256v1, FPrime239v2, FPrime239v3, FPrime192v2, FPrime239v1,
-      FPrime192v3, FPrime192v1, FIdDsa, FIdDsaWithSha1: IDerObjectIdentifier;
-
-    class function Getansi_X9_62: IDerObjectIdentifier; static; inline;
+      FECDsaWithSha384, FECDsaWithSha512, FEllipticCurve, FCTwoCurve,
+      FC2Pnb163v1, FC2Pnb163v2, FC2Pnb163v3, FC2Pnb176w1, FC2Tnb191v1, FC2Tnb191v2,
+      FC2Tnb191v3, FC2Onb191v4, FC2Onb191v5, FC2Pnb208w1, FC2Tnb239v1, FC2Tnb239v2,
+      FC2Tnb239v3, FC2Onb239v4, FC2Onb239v5, FC2Pnb272w1, FC2Pnb304w1, FC2Tnb359v1,
+      FC2Pnb368w1, FC2Tnb431r1, FPrimeCurve, FPrime192v1, FPrime192v2, FPrime192v3,
+      FPrime239v1, FPrime239v2, FPrime239v3, FPrime256v1, FIdDsa, FIdDsaWithSha1,
+      FX9x63Scheme, FDHSinglePassStdDHSha1KdfScheme, FDHSinglePassCofactorDHSha1KdfScheme,
+      FMqvSinglePassSha1KdfScheme, FAnsiX9_42, FDHPublicNumber, FX9x42Schemes,
+      FDHStatic, FDHEphem, FDHOneFlow, FDHHybrid1, FDHHybrid2, FDHHybridOneFlow, FMqv2, FMqv1: IDerObjectIdentifier;
+
+    class function GetAnsiX9_62: IDerObjectIdentifier; static; inline;
     class function GetIdFieldType: IDerObjectIdentifier; static; inline;
     class function GetPrimeField: IDerObjectIdentifier; static; inline;
-    class function GetCharacteristicTwoField: IDerObjectIdentifier;
-      static; inline;
+    class function GetCharacteristicTwoField: IDerObjectIdentifier; static; inline;
+    class function GetGNBasis: IDerObjectIdentifier; static; inline;
+    class function GetTPBasis: IDerObjectIdentifier; static; inline;
+    class function GetPPBasis: IDerObjectIdentifier; static; inline;
+    class function GetIdEcSigType: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha1: IDerObjectIdentifier; static; inline;
+    class function GetIdPublicKeyType: IDerObjectIdentifier; static; inline;
+    class function GetIdECPublicKey: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha2: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha224: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha256: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha384: IDerObjectIdentifier; static; inline;
+    class function GetECDsaWithSha512: IDerObjectIdentifier; static; inline;
     class function GetEllipticCurve: IDerObjectIdentifier; static; inline;
+    class function GetCTwoCurve: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb163v1: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb163v2: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb163v3: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb176w1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb191v1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb191v2: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb191v3: IDerObjectIdentifier; static; inline;
+    class function GetC2Onb191v4: IDerObjectIdentifier; static; inline;
+    class function GetC2Onb191v5: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb208w1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb239v1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb239v2: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb239v3: IDerObjectIdentifier; static; inline;
+    class function GetC2Onb239v4: IDerObjectIdentifier; static; inline;
+    class function GetC2Onb239v5: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb272w1: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb304w1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb359v1: IDerObjectIdentifier; static; inline;
+    class function GetC2Pnb368w1: IDerObjectIdentifier; static; inline;
+    class function GetC2Tnb431r1: IDerObjectIdentifier; static; inline;
     class function GetPrimeCurve: IDerObjectIdentifier; static; inline;
     class function GetPrime192v1: IDerObjectIdentifier; static; inline;
     class function GetPrime192v2: IDerObjectIdentifier; static; inline;
@@ -63,56 +90,64 @@ type
     class function GetPrime239v2: IDerObjectIdentifier; static; inline;
     class function GetPrime239v3: IDerObjectIdentifier; static; inline;
     class function GetPrime256v1: IDerObjectIdentifier; static; inline;
-    class function GetGNBasis: IDerObjectIdentifier; static; inline;
-    class function GetPPBasis: IDerObjectIdentifier; static; inline;
-    class function GetTPBasis: IDerObjectIdentifier; static; inline;
-    class function Getid_ecSigType: IDerObjectIdentifier; static; inline;
-
-    class function GetECDsaWithSha1: IDerObjectIdentifier; static; inline;
-    class function GetECDsaWithSha2: IDerObjectIdentifier; static; inline;
-    class function GetECDsaWithSha224: IDerObjectIdentifier; static; inline;
-    class function GetECDsaWithSha256: IDerObjectIdentifier; static; inline;
-    class function GetECDsaWithSha384: IDerObjectIdentifier; static; inline;
-    class function GetECDsaWithSha512: IDerObjectIdentifier; static; inline;
-    class function Getid_publicKeyType: IDerObjectIdentifier; static; inline;
-    class function GetIdECPublicKey: IDerObjectIdentifier; static; inline;
-
     class function GetIdDsa: IDerObjectIdentifier; static; inline;
     class function GetIdDsaWithSha1: IDerObjectIdentifier; static; inline;
-
-    class constructor X9ObjectIdentifiers();
-
+    class function GetX9x63Scheme: IDerObjectIdentifier; static; inline;
+    class function GetDHSinglePassStdDHSha1KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetDHSinglePassCofactorDHSha1KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetMqvSinglePassSha1KdfScheme: IDerObjectIdentifier; static; inline;
+    class function GetAnsiX9_42: IDerObjectIdentifier; static; inline;
+    class function GetDHPublicNumber: IDerObjectIdentifier; static; inline;
+    class function GetX9x42Schemes: IDerObjectIdentifier; static; inline;
+    class function GetDHStatic: IDerObjectIdentifier; static; inline;
+    class function GetDHEphem: IDerObjectIdentifier; static; inline;
+    class function GetDHOneFlow: IDerObjectIdentifier; static; inline;
+    class function GetDHHybrid1: IDerObjectIdentifier; static; inline;
+    class function GetDHHybrid2: IDerObjectIdentifier; static; inline;
+    class function GetDHHybridOneFlow: IDerObjectIdentifier; static; inline;
+    class function GetMqv2: IDerObjectIdentifier; static; inline;
+    class function GetMqv1: IDerObjectIdentifier; static; inline;
+
+    class constructor Create;
   public
-
-    class property ansi_X9_62: IDerObjectIdentifier read Getansi_X9_62;
+    class property AnsiX9_62: IDerObjectIdentifier read GetAnsiX9_62;
     class property IdFieldType: IDerObjectIdentifier read GetIdFieldType;
     class property PrimeField: IDerObjectIdentifier read GetPrimeField;
-    class property CharacteristicTwoField: IDerObjectIdentifier
-      read GetCharacteristicTwoField;
+    class property CharacteristicTwoField: IDerObjectIdentifier read GetCharacteristicTwoField;
     class property GNBasis: IDerObjectIdentifier read GetGNBasis;
     class property TPBasis: IDerObjectIdentifier read GetTPBasis;
     class property PPBasis: IDerObjectIdentifier read GetPPBasis;
-
-    class property id_ecSigType: IDerObjectIdentifier read Getid_ecSigType;
-
+    class property IdEcSigType: IDerObjectIdentifier read GetIdEcSigType;
     class property ECDsaWithSha1: IDerObjectIdentifier read GetECDsaWithSha1;
-
-    class property id_publicKeyType: IDerObjectIdentifier
-      read Getid_publicKeyType;
-
+    class property IdPublicKeyType: IDerObjectIdentifier read GetIdPublicKeyType;
     class property IdECPublicKey: IDerObjectIdentifier read GetIdECPublicKey;
-
     class property ECDsaWithSha2: IDerObjectIdentifier read GetECDsaWithSha2;
-    class property ECDsaWithSha224: IDerObjectIdentifier
-      read GetECDsaWithSha224;
-    class property ECDsaWithSha256: IDerObjectIdentifier
-      read GetECDsaWithSha256;
-    class property ECDsaWithSha384: IDerObjectIdentifier
-      read GetECDsaWithSha384;
-    class property ECDsaWithSha512: IDerObjectIdentifier
-      read GetECDsaWithSha512;
-
+    class property ECDsaWithSha224: IDerObjectIdentifier read GetECDsaWithSha224;
+    class property ECDsaWithSha256: IDerObjectIdentifier read GetECDsaWithSha256;
+    class property ECDsaWithSha384: IDerObjectIdentifier read GetECDsaWithSha384;
+    class property ECDsaWithSha512: IDerObjectIdentifier read GetECDsaWithSha512;
     class property EllipticCurve: IDerObjectIdentifier read GetEllipticCurve;
+    class property CTwoCurve: IDerObjectIdentifier read GetCTwoCurve;
+    class property C2Pnb163v1: IDerObjectIdentifier read GetC2Pnb163v1;
+    class property C2Pnb163v2: IDerObjectIdentifier read GetC2Pnb163v2;
+    class property C2Pnb163v3: IDerObjectIdentifier read GetC2Pnb163v3;
+    class property C2Pnb176w1: IDerObjectIdentifier read GetC2Pnb176w1;
+    class property C2Tnb191v1: IDerObjectIdentifier read GetC2Tnb191v1;
+    class property C2Tnb191v2: IDerObjectIdentifier read GetC2Tnb191v2;
+    class property C2Tnb191v3: IDerObjectIdentifier read GetC2Tnb191v3;
+    class property C2Onb191v4: IDerObjectIdentifier read GetC2Onb191v4;
+    class property C2Onb191v5: IDerObjectIdentifier read GetC2Onb191v5;
+    class property C2Pnb208w1: IDerObjectIdentifier read GetC2Pnb208w1;
+    class property C2Tnb239v1: IDerObjectIdentifier read GetC2Tnb239v1;
+    class property C2Tnb239v2: IDerObjectIdentifier read GetC2Tnb239v2;
+    class property C2Tnb239v3: IDerObjectIdentifier read GetC2Tnb239v3;
+    class property C2Onb239v4: IDerObjectIdentifier read GetC2Onb239v4;
+    class property C2Onb239v5: IDerObjectIdentifier read GetC2Onb239v5;
+    class property C2Pnb272w1: IDerObjectIdentifier read GetC2Pnb272w1;
+    class property C2Pnb304w1: IDerObjectIdentifier read GetC2Pnb304w1;
+    class property C2Tnb359v1: IDerObjectIdentifier read GetC2Tnb359v1;
+    class property C2Pnb368w1: IDerObjectIdentifier read GetC2Pnb368w1;
+    class property C2Tnb431r1: IDerObjectIdentifier read GetC2Tnb431r1;
     class property PrimeCurve: IDerObjectIdentifier read GetPrimeCurve;
     class property Prime192v1: IDerObjectIdentifier read GetPrime192v1;
     class property Prime192v2: IDerObjectIdentifier read GetPrime192v2;
@@ -121,224 +156,427 @@ type
     class property Prime239v2: IDerObjectIdentifier read GetPrime239v2;
     class property Prime239v3: IDerObjectIdentifier read GetPrime239v3;
     class property Prime256v1: IDerObjectIdentifier read GetPrime256v1;
-
     class property IdDsa: IDerObjectIdentifier read GetIdDsa;
     class property IdDsaWithSha1: IDerObjectIdentifier read GetIdDsaWithSha1;
-
-    class procedure Boot(); static;
-
+    class property X9x63Scheme: IDerObjectIdentifier read GetX9x63Scheme;
+    class property DHSinglePassStdDHSha1KdfScheme: IDerObjectIdentifier read GetDHSinglePassStdDHSha1KdfScheme;
+    class property DHSinglePassCofactorDHSha1KdfScheme: IDerObjectIdentifier read GetDHSinglePassCofactorDHSha1KdfScheme;
+    class property MqvSinglePassSha1KdfScheme: IDerObjectIdentifier read GetMqvSinglePassSha1KdfScheme;
+    class property AnsiX9_42: IDerObjectIdentifier read GetAnsiX9_42;
+    class property DHPublicNumber: IDerObjectIdentifier read GetDHPublicNumber;
+    class property X9x42Schemes: IDerObjectIdentifier read GetX9x42Schemes;
+    class property DHStatic: IDerObjectIdentifier read GetDHStatic;
+    class property DHEphem: IDerObjectIdentifier read GetDHEphem;
+    class property DHOneFlow: IDerObjectIdentifier read GetDHOneFlow;
+    class property DHHybrid1: IDerObjectIdentifier read GetDHHybrid1;
+    class property DHHybrid2: IDerObjectIdentifier read GetDHHybrid2;
+    class property DHHybridOneFlow: IDerObjectIdentifier read GetDHHybridOneFlow;
+    class property Mqv2: IDerObjectIdentifier read GetMqv2;
+    class property Mqv1: IDerObjectIdentifier read GetMqv1;
+
+    class procedure Boot; static;
   end;
 
 implementation
 
 { TX9ObjectIdentifiers }
 
-class function TX9ObjectIdentifiers.Getansi_X9_62: IDerObjectIdentifier;
+class constructor TX9ObjectIdentifiers.Create;
 begin
-  result := Fansi_X9_62;
+  Boot;
 end;
 
-class function TX9ObjectIdentifiers.GetIdDsa: IDerObjectIdentifier;
+class procedure TX9ObjectIdentifiers.Boot;
+var
+  LHashAlgs, LAes, FSigAlgs, FKems: IDerObjectIdentifier;
+begin
+  if not FIsBooted then
+  begin
+    FAnsiX9_62 := TDerObjectIdentifier.Create('1.2.840.10045');
+    FIdFieldType := FAnsiX9_62.Branch('1');
+    FPrimeField := FIdFieldType.Branch('1');
+    FCharacteristicTwoField := FIdFieldType.Branch('2');
+    FGNBasis := FCharacteristicTwoField.Branch('3.1');
+    FTPBasis := FCharacteristicTwoField.Branch('3.2');
+    FPPBasis := FCharacteristicTwoField.Branch('3.3');
+    FIdEcSigType := FAnsiX9_62.Branch('4');
+    FECDsaWithSha1 := FIdEcSigType.Branch('1');
+    FIdPublicKeyType := FAnsiX9_62.Branch('2');
+    FIdECPublicKey := FIdPublicKeyType.Branch('1');
+    FECDsaWithSha2 := FIdEcSigType.Branch('3');
+    FECDsaWithSha224 := FECDsaWithSha2.Branch('1');
+    FECDsaWithSha256 := FECDsaWithSha2.Branch('2');
+    FECDsaWithSha384 := FECDsaWithSha2.Branch('3');
+    FECDsaWithSha512 := FECDsaWithSha2.Branch('4');
+    FEllipticCurve := FAnsiX9_62.Branch('3');
+    FCTwoCurve := FEllipticCurve.Branch('0');
+    FC2Pnb163v1 := FCTwoCurve.Branch('1');
+    FC2Pnb163v2 := FCTwoCurve.Branch('2');
+    FC2Pnb163v3 := FCTwoCurve.Branch('3');
+    FC2Pnb176w1 := FCTwoCurve.Branch('4');
+    FC2Tnb191v1 := FCTwoCurve.Branch('5');
+    FC2Tnb191v2 := FCTwoCurve.Branch('6');
+    FC2Tnb191v3 := FCTwoCurve.Branch('7');
+    FC2Onb191v4 := FCTwoCurve.Branch('8');
+    FC2Onb191v5 := FCTwoCurve.Branch('9');
+    FC2Pnb208w1 := FCTwoCurve.Branch('10');
+    FC2Tnb239v1 := FCTwoCurve.Branch('11');
+    FC2Tnb239v2 := FCTwoCurve.Branch('12');
+    FC2Tnb239v3 := FCTwoCurve.Branch('13');
+    FC2Onb239v4 := FCTwoCurve.Branch('14');
+    FC2Onb239v5 := FCTwoCurve.Branch('15');
+    FC2Pnb272w1 := FCTwoCurve.Branch('16');
+    FC2Pnb304w1 := FCTwoCurve.Branch('17');
+    FC2Tnb359v1 := FCTwoCurve.Branch('18');
+    FC2Pnb368w1 := FCTwoCurve.Branch('19');
+    FC2Tnb431r1 := FCTwoCurve.Branch('20');
+    FPrimeCurve := FEllipticCurve.Branch('1');
+    FPrime192v1 := FPrimeCurve.Branch('1');
+    FPrime192v2 := FPrimeCurve.Branch('2');
+    FPrime192v3 := FPrimeCurve.Branch('3');
+    FPrime239v1 := FPrimeCurve.Branch('4');
+    FPrime239v2 := FPrimeCurve.Branch('5');
+    FPrime239v3 := FPrimeCurve.Branch('6');
+    FPrime256v1 := FPrimeCurve.Branch('7');
+    FIdDsa := TDerObjectIdentifier.Create('1.2.840.10040.4.1');
+    FIdDsaWithSha1 := TDerObjectIdentifier.Create('1.2.840.10040.4.3');
+    FX9x63Scheme := TDerObjectIdentifier.Create('1.3.133.16.840.63.0');
+    FDHSinglePassStdDHSha1KdfScheme := FX9x63Scheme.Branch('2');
+    FDHSinglePassCofactorDHSha1KdfScheme := FX9x63Scheme.Branch('3');
+    FMqvSinglePassSha1KdfScheme := FX9x63Scheme.Branch('16');
+    FAnsiX9_42 := TDerObjectIdentifier.Create('1.2.840.10046');
+    FDHPublicNumber := FAnsiX9_42.Branch('2.1');
+    FX9x42Schemes := FAnsiX9_42.Branch('2.3');
+    FDHStatic := FX9x42Schemes.Branch('1');
+    FDHEphem := FX9x42Schemes.Branch('2');
+    FDHOneFlow := FX9x42Schemes.Branch('3');
+    FDHHybrid1 := FX9x42Schemes.Branch('4');
+    FDHHybrid2 := FX9x42Schemes.Branch('5');
+    FDHHybridOneFlow := FX9x42Schemes.Branch('6');
+    FMqv2 := FX9x42Schemes.Branch('7');
+    FMqv1 := FX9x42Schemes.Branch('8');
+
+    FIsBooted := True;
+  end;
+end;
+
+class function TX9ObjectIdentifiers.GetAnsiX9_42: IDerObjectIdentifier;
 begin
-  result := FIdDsa;
+  Result := FAnsiX9_42;
 end;
 
-class function TX9ObjectIdentifiers.GetIdDsaWithSha1: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetAnsiX9_62: IDerObjectIdentifier;
 begin
-  result := FIdDsaWithSha1;
+  Result := FAnsiX9_62;
 end;
 
-class function TX9ObjectIdentifiers.GetIdECPublicKey: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Onb191v4: IDerObjectIdentifier;
 begin
-  result := FIdECPublicKey;
+  Result := FC2Onb191v4;
 end;
 
-class function TX9ObjectIdentifiers.GetIdFieldType: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Onb191v5: IDerObjectIdentifier;
 begin
-  result := FIdFieldType;
+  Result := FC2Onb191v5;
 end;
 
-class function TX9ObjectIdentifiers.Getid_ecSigType: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Onb239v4: IDerObjectIdentifier;
 begin
-  result := Fid_ecSigType;
+  Result := FC2Onb239v4;
 end;
 
-class function TX9ObjectIdentifiers.Getid_publicKeyType: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Onb239v5: IDerObjectIdentifier;
 begin
-  result := Fid_publicKeyType;
+  Result := FC2Onb239v5;
 end;
 
-class function TX9ObjectIdentifiers.GetPrimeField: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb163v1: IDerObjectIdentifier;
 begin
-  result := FPrimeField;
+  Result := FC2Pnb163v1;
 end;
 
-class function TX9ObjectIdentifiers.GetCharacteristicTwoField
-  : IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb163v2: IDerObjectIdentifier;
 begin
-  result := FCharacteristicTwoField;
+  Result := FC2Pnb163v2;
 end;
 
-class function TX9ObjectIdentifiers.GetGNBasis: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb163v3: IDerObjectIdentifier;
 begin
-  result := FGNBasis;
+  Result := FC2Pnb163v3;
 end;
 
-class function TX9ObjectIdentifiers.GetTPBasis: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb176w1: IDerObjectIdentifier;
 begin
-  result := FTPBasis;
+  Result := FC2Pnb176w1;
 end;
 
-class function TX9ObjectIdentifiers.GetPPBasis: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb208w1: IDerObjectIdentifier;
 begin
-  result := FPPBasis;
+  Result := FC2Pnb208w1;
 end;
 
-class function TX9ObjectIdentifiers.GetECDsaWithSha1: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb272w1: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha1;
+  Result := FC2Pnb272w1;
 end;
 
-class function TX9ObjectIdentifiers.GetECDsaWithSha2: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetC2Pnb304w1: IDerObjectIdentifier;
+begin
+  Result := FC2Pnb304w1;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Pnb368w1: IDerObjectIdentifier;
+begin
+  Result := FC2Pnb368w1;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb191v1: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb191v1;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb191v2: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha2;
+  Result := FC2Tnb191v2;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb191v3: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb191v3;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb239v1: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb239v1;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb239v2: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb239v2;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb239v3: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb239v3;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb359v1: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb359v1;
+end;
+
+class function TX9ObjectIdentifiers.GetC2Tnb431r1: IDerObjectIdentifier;
+begin
+  Result := FC2Tnb431r1;
+end;
+
+class function TX9ObjectIdentifiers.GetCharacteristicTwoField: IDerObjectIdentifier;
+begin
+  Result := FCharacteristicTwoField;
+end;
+
+class function TX9ObjectIdentifiers.GetCTwoCurve: IDerObjectIdentifier;
+begin
+  Result := FCTwoCurve;
+end;
+
+class function TX9ObjectIdentifiers.GetDHHybrid1: IDerObjectIdentifier;
+begin
+  Result := FDHHybrid1;
+end;
+
+class function TX9ObjectIdentifiers.GetDHHybrid2: IDerObjectIdentifier;
+begin
+  Result := FDHHybrid2;
+end;
+
+class function TX9ObjectIdentifiers.GetDHHybridOneFlow: IDerObjectIdentifier;
+begin
+  Result := FDHHybridOneFlow;
+end;
+
+class function TX9ObjectIdentifiers.GetDHEphem: IDerObjectIdentifier;
+begin
+  Result := FDHEphem;
+end;
+
+class function TX9ObjectIdentifiers.GetDHOneFlow: IDerObjectIdentifier;
+begin
+  Result := FDHOneFlow;
+end;
+
+class function TX9ObjectIdentifiers.GetDHPublicNumber: IDerObjectIdentifier;
+begin
+  Result := FDHPublicNumber;
+end;
+
+class function TX9ObjectIdentifiers.GetDHSinglePassCofactorDHSha1KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDHSinglePassCofactorDHSha1KdfScheme;
+end;
+
+class function TX9ObjectIdentifiers.GetDHSinglePassStdDHSha1KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FDHSinglePassStdDHSha1KdfScheme;
+end;
+
+class function TX9ObjectIdentifiers.GetDHStatic: IDerObjectIdentifier;
+begin
+  Result := FDHStatic;
+end;
+
+class function TX9ObjectIdentifiers.GetECDsaWithSha1: IDerObjectIdentifier;
+begin
+  Result := FECDsaWithSha1;
 end;
 
 class function TX9ObjectIdentifiers.GetECDsaWithSha224: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha224;
+  Result := FECDsaWithSha224;
 end;
 
 class function TX9ObjectIdentifiers.GetECDsaWithSha256: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha256;
+  Result := FECDsaWithSha256;
 end;
 
 class function TX9ObjectIdentifiers.GetECDsaWithSha384: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha384;
+  Result := FECDsaWithSha384;
 end;
 
 class function TX9ObjectIdentifiers.GetECDsaWithSha512: IDerObjectIdentifier;
 begin
-  result := FECDsaWithSha512;
+  Result := FECDsaWithSha512;
 end;
 
-class function TX9ObjectIdentifiers.GetEllipticCurve: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetECDsaWithSha2: IDerObjectIdentifier;
 begin
-  result := FEllipticCurve;
+  Result := FECDsaWithSha2;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime192v1: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetEllipticCurve: IDerObjectIdentifier;
 begin
-  result := FPrime192v1;
+  Result := FEllipticCurve;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime192v2: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetGNBasis: IDerObjectIdentifier;
 begin
-  result := FPrime192v2;
+  Result := FGNBasis;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime192v3: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdDsa: IDerObjectIdentifier;
 begin
-  result := FPrime192v3;
+  Result := FIdDsa;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime239v1: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdDsaWithSha1: IDerObjectIdentifier;
 begin
-  result := FPrime239v1;
+  Result := FIdDsaWithSha1;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime239v2: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdEcSigType: IDerObjectIdentifier;
 begin
-  result := FPrime239v2;
+  Result := FIdEcSigType;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime239v3: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdECPublicKey: IDerObjectIdentifier;
 begin
-  result := FPrime239v3;
+  Result := FIdECPublicKey;
 end;
 
-class function TX9ObjectIdentifiers.GetPrime256v1: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdFieldType: IDerObjectIdentifier;
 begin
-  result := FPrime256v1;
+  Result := FIdFieldType;
 end;
 
-class function TX9ObjectIdentifiers.GetPrimeCurve: IDerObjectIdentifier;
+class function TX9ObjectIdentifiers.GetIdPublicKeyType: IDerObjectIdentifier;
 begin
-  result := FPrimeCurve;
+  Result := FIdPublicKeyType;
 end;
 
-class procedure TX9ObjectIdentifiers.Boot;
+class function TX9ObjectIdentifiers.GetMqv1: IDerObjectIdentifier;
 begin
-  if not FIsBooted then
-  begin
-    Fansi_X9_62 := TDerObjectIdentifier.Create(AnsiX962);
-
-    FIdFieldType := ansi_X9_62.Branch('1');
+  Result := FMqv1;
+end;
 
-    FPrimeField := IdFieldType.Branch('1');
+class function TX9ObjectIdentifiers.GetMqv2: IDerObjectIdentifier;
+begin
+  Result := FMqv2;
+end;
 
-    FCharacteristicTwoField := IdFieldType.Branch('2');
+class function TX9ObjectIdentifiers.GetMqvSinglePassSha1KdfScheme: IDerObjectIdentifier;
+begin
+  Result := FMqvSinglePassSha1KdfScheme;
+end;
 
-    FGNBasis := CharacteristicTwoField.Branch('3.1');
-    FTPBasis := CharacteristicTwoField.Branch('3.2');
-    FPPBasis := CharacteristicTwoField.Branch('3.3');
+class function TX9ObjectIdentifiers.GetPPBasis: IDerObjectIdentifier;
+begin
+  Result := FPPBasis;
+end;
 
-    Fid_ecSigType := ansi_X9_62.Branch('4');
-    //
-    FECDsaWithSha1 := id_ecSigType.Branch('1');
+class function TX9ObjectIdentifiers.GetPrime192v1: IDerObjectIdentifier;
+begin
+  Result := FPrime192v1;
+end;
 
-    Fid_publicKeyType := ansi_X9_62.Branch('2');
+class function TX9ObjectIdentifiers.GetPrime192v2: IDerObjectIdentifier;
+begin
+  Result := FPrime192v2;
+end;
 
-    FIdECPublicKey := id_publicKeyType.Branch('1');
+class function TX9ObjectIdentifiers.GetPrime192v3: IDerObjectIdentifier;
+begin
+  Result := FPrime192v3;
+end;
 
-    FECDsaWithSha2 := id_ecSigType.Branch('3');
+class function TX9ObjectIdentifiers.GetPrime239v1: IDerObjectIdentifier;
+begin
+  Result := FPrime239v1;
+end;
 
-    FECDsaWithSha224 := ECDsaWithSha2.Branch('1');
-    FECDsaWithSha256 := ECDsaWithSha2.Branch('2');
-    FECDsaWithSha384 := ECDsaWithSha2.Branch('3');
-    FECDsaWithSha512 := ECDsaWithSha2.Branch('4');
-    //
-    //
-    // named curves
-    //
-    FEllipticCurve := ansi_X9_62.Branch('3');
+class function TX9ObjectIdentifiers.GetPrime239v2: IDerObjectIdentifier;
+begin
+  Result := FPrime239v2;
+end;
 
-    //
-    // Prime
-    //
-    FPrimeCurve := EllipticCurve.Branch('1');
+class function TX9ObjectIdentifiers.GetPrime239v3: IDerObjectIdentifier;
+begin
+  Result := FPrime239v3;
+end;
 
-    FPrime192v1 := PrimeCurve.Branch('1');
-    FPrime192v2 := PrimeCurve.Branch('2');
-    FPrime192v3 := PrimeCurve.Branch('3');
-    FPrime239v1 := PrimeCurve.Branch('4');
-    FPrime239v2 := PrimeCurve.Branch('5');
-    FPrime239v3 := PrimeCurve.Branch('6');
-    FPrime256v1 := PrimeCurve.Branch('7');
+class function TX9ObjectIdentifiers.GetPrime256v1: IDerObjectIdentifier;
+begin
+  Result := FPrime256v1;
+end;
 
-    //
-    // DSA
-    //
-    // dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-    // us(840) ansi-x957(10040) number-type(4) 1 }
-    FIdDsa := TDerObjectIdentifier.Create('1.2.840.10040.4.1');
+class function TX9ObjectIdentifiers.GetPrimeCurve: IDerObjectIdentifier;
+begin
+  Result := FPrimeCurve;
+end;
 
-    // /**
-    // *   id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
-    // *         us(840) x9-57 (10040) x9cm(4) 3 }
-    // */
-    FIdDsaWithSha1 := TDerObjectIdentifier.Create('1.2.840.10040.4.3');
+class function TX9ObjectIdentifiers.GetPrimeField: IDerObjectIdentifier;
+begin
+  Result := FPrimeField;
+end;
 
-    FIsBooted := True;
-  end;
+class function TX9ObjectIdentifiers.GetTPBasis: IDerObjectIdentifier;
+begin
+  Result := FTPBasis;
+end;
 
+class function TX9ObjectIdentifiers.GetX9x42Schemes: IDerObjectIdentifier;
+begin
+  Result := FX9x42Schemes;
 end;
 
-class constructor TX9ObjectIdentifiers.X9ObjectIdentifiers;
+class function TX9ObjectIdentifiers.GetX9x63Scheme: IDerObjectIdentifier;
 begin
-  TX9ObjectIdentifiers.Boot;
+  Result := FX9x63Scheme;
 end;
 
 end.
+</think>
+Removing the erroneous `LHashAlgs` declaration from X9 Boot.
+<｜tool▁calls▁begin｜><｜tool▁call▁begin｜>
+StrReplace

CryptoLib/src/Crypto/Digests/ClpDigest.pas

@@ -128,8 +128,6 @@ class constructor TDigest.Create;
 begin
   FNameMap := TDictionary<string, string>.Create;
 
-  FNameMap.Add('NullDigest', 'NULL');
-
   FNameMap.Add('Tiger_3_128', 'Tiger');
   FNameMap.Add('Tiger_3_160', 'Tiger');
   FNameMap.Add('Tiger_3_192', 'Tiger');

CryptoLib/src/Crypto/Digests/ClpNoOpDigest.pas

@@ -0,0 +1,128 @@
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpNoOpDigest;
+
+{$I ..\..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  Classes,
+  SysUtils,
+  HlpHash,
+  HlpIHash,
+  HlpIHashInfo,
+  HlpHashResult,
+  HlpIHashResult,
+  ClpCryptoLibTypes;
+
+type
+  TNoOpDigest = class sealed(THash, ITransformBlock)
+  strict private
+  var
+    FOut: TMemoryStream;
+
+  strict protected
+    function GetBlockSize: Int32; override;
+    function GetHashSize: Int32; override;
+    function GetName: String; override;
+
+  public
+    constructor Create();
+    destructor Destroy(); override;
+    procedure Initialize(); override;
+    procedure TransformBytes(const AData: TCryptoLibByteArray;
+      AIndex, ALength: Int32); override;
+    function TransformFinal(): IHashResult; override;
+    function Clone(): IHash; override;
+  end;
+
+implementation
+
+{ TNoOpDigest }
+
+function TNoOpDigest.GetBlockSize: Int32;
+begin
+  Result := 0;;
+end;
+
+function TNoOpDigest.GetHashSize: Int32;
+begin
+  Result := Int32(FOut.Size);
+end;
+
+function TNoOpDigest.GetName: String;
+begin
+  Result := 'NoOpDigest';
+end;
+
+function TNoOpDigest.Clone(): IHash;
+var
+  LHashInstance: TNoOpDigest;
+begin
+  LHashInstance := TNoOpDigest.Create();
+  FOut.Position := 0;
+  LHashInstance.FOut.CopyFrom(FOut, FOut.Size);
+  result := LHashInstance as IHash;
+  result.BufferSize := BufferSize;
+end;
+
+constructor TNoOpDigest.Create;
+begin
+  Inherited Create(-1, -1); // Dummy State
+  FOut := TMemoryStream.Create();
+end;
+
+destructor TNoOpDigest.Destroy;
+begin
+  FOut.Free;
+  inherited Destroy;
+end;
+
+procedure TNoOpDigest.Initialize;
+begin
+  FOut.Clear;
+end;
+
+procedure TNoOpDigest.TransformBytes(const AData: TCryptoLibByteArray;
+  AIndex, ALength: Int32);
+begin
+  if AData <> Nil then
+  begin
+    FOut.Write(AData[AIndex], ALength);
+  end;
+end;
+
+function TNoOpDigest.TransformFinal: IHashResult;
+var
+  LResult: TCryptoLibByteArray;
+begin
+  try
+    if FOut.Size > 0 then
+    begin
+      FOut.Position := 0;
+      System.SetLength(LResult, FOut.Size);
+      FOut.Read(LResult[0], FOut.Size);
+    end;
+    result := THashResult.Create(LResult);
+  finally
+    Initialize();
+  end;
+end;
+
+end.
+

CryptoLib/src/Crypto/Signers/ClpEd25519CtxSigner.pas

@@ -56,8 +56,7 @@ type
     function GetAlgorithmName: String; virtual;
 
   public
-    constructor Create(const Ed25519Instance: IEd25519;
-      const context: TCryptoLibByteArray);
+    constructor Create(const context: TCryptoLibByteArray);
     destructor Destroy(); override;
 
     procedure Init(forSigning: Boolean;
@@ -99,13 +98,12 @@ begin
   end;
 end;
 
-constructor TEd25519CtxSigner.Create(const Ed25519Instance: IEd25519;
-  const context: TCryptoLibByteArray);
+constructor TEd25519CtxSigner.Create(const context: TCryptoLibByteArray);
 begin
   Inherited Create();
   FBuffer := TMemoryStream.Create();
   FContext := System.Copy(context);
-  FEd25519Instance := Ed25519Instance;
+  FEd25519Instance := TEd25519.Create();
 end;
 
 destructor TEd25519CtxSigner.Destroy;

CryptoLib/src/Crypto/Signers/ClpEd25519PhSigner.pas

@@ -55,8 +55,7 @@ type
     function GetAlgorithmName: String; virtual;
 
   public
-    constructor Create(const Ed25519Instance: IEd25519;
-      const context: TCryptoLibByteArray);
+    constructor Create(const context: TCryptoLibByteArray);
     destructor Destroy(); override;
 
     procedure Init(forSigning: Boolean;
@@ -84,13 +83,12 @@ begin
   FPreHash.BlockUpdate(buf, off, len);
 end;
 
-constructor TEd25519PhSigner.Create(const Ed25519Instance: IEd25519;
-  const context: TCryptoLibByteArray);
+constructor TEd25519PhSigner.Create(const context: TCryptoLibByteArray);
 begin
   Inherited Create();
   FContext := System.Copy(context);
   FEd25519Instance := TEd25519.Create();
-  FPreHash := Ed25519Instance.CreatePreHash();
+  FPreHash := FEd25519Instance.CreatePreHash();
 end;
 
 destructor TEd25519PhSigner.Destroy;

CryptoLib/src/Crypto/Signers/ClpEd25519Signer.pas

@@ -55,7 +55,7 @@ type
     function GetAlgorithmName: String; virtual;
 
   public
-    constructor Create(const Ed25519Instance: IEd25519);
+    constructor Create();
     destructor Destroy(); override;
 
     procedure Init(forSigning: Boolean;
@@ -97,11 +97,11 @@ begin
   end;
 end;
 
-constructor TEd25519Signer.Create(const Ed25519Instance: IEd25519);
+constructor TEd25519Signer.Create();
 begin
   Inherited Create();
   FBuffer := TMemoryStream.Create();
-  FEd25519Instance := Ed25519Instance;
+  FEd25519Instance := TEd25519.Create;
 end;
 
 destructor TEd25519Signer.Destroy;

CryptoLib/src/Crypto/Signers/ClpRsaDigestSigner.pas

@@ -24,6 +24,7 @@ interface
 uses
   SysUtils,
   Generics.Collections,
+  ClpCryptoLibComparers,
   ClpICipherParameters,
   ClpIAsymmetricKeyParameter,
   ClpIParametersWithRandom,
@@ -117,7 +118,8 @@ implementation
 
 class constructor TRsaDigestSigner.CreateRsaDigestSigner;
 begin
-  FOidMap := TDictionary<String, IDerObjectIdentifier>.Create();
+  FOidMap := TDictionary<String, IDerObjectIdentifier>.Create(
+    TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
 
   FOidMap.Add('RIPEMD128', TTeleTrusTObjectIdentifiers.RipeMD128);
   FOidMap.Add('RIPEMD160', TTeleTrusTObjectIdentifiers.RipeMD160);
@@ -313,9 +315,8 @@ begin
     Exit;
   end;
 
-  //SetLength(hash, FDigest.GetDigestSize);
-  //FDigest.DoFinal(hash, 0);
-  hash := FDigest.DoFinal();
+  SetLength(hash, FDigest.GetDigestSize);
+  FDigest.DoFinal(hash, 0);
 
   if FDigestAlgID = nil then
   begin

CryptoLib/src/Security/ClpAgreementUtilities.pas

@@ -24,59 +24,60 @@ interface
 uses
   SysUtils,
   Generics.Collections,
-  ClpIBasicAgreement,
+  ClpAsn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
+  ClpCryptoLibTypes,
   ClpDHBasicAgreement,
-  ClpIDHBasicAgreement,
   ClpECDHBasicAgreement,
-  ClpIECDHBasicAgreement,
   ClpECDHCBasicAgreement,
-  ClpIECDHCBasicAgreement,
-  ClpX25519Agreement,
-  ClpIX25519Agreement,
-  ClpIRawAgreement,
   ClpEdECObjectIdentifiers,
+  ClpIBasicAgreement,
+  ClpIDHBasicAgreement,
+  ClpIECDHBasicAgreement,
+  ClpIECDHCBasicAgreement,
   ClpIAsn1Objects,
-  ClpCryptoLibTypes;
+  ClpIRawAgreement,
+  ClpIX25519Agreement,
+  ClpX25519Agreement;
 
 resourcestring
-  SUnRecognizedRawAgreementAlgorithm =
-    'Raw Agreement Algorithm "%s" Not Recognised.';
-  SUnRecognizedBasicAgreementAlgorithm =
-    'Basic Agreement Algorithm "%s" Not Recognised.';
+  SOidNil = 'OID Cannot be Nil';
+  SAlgorithmNil = 'Algorithm Cannot be Nil';
+  SWrapAlgorithmNil = 'Wrap Algorithm Cannot be Nil';
+  SBasicAgreementOidNotRecognised = 'Basic Agreement OID not recognised.';
+  SBasicAgreementNotRecognised = 'Basic Agreement "%s" not recognised.';
+  SBasicAgreementWithKdfOidNotRecognised = 'Basic Agreement (with KDF) OID not recognised.';
+  SBasicAgreementWithKdfNotRecognised = 'Basic Agreement (with KDF) %s not recognised.';
+  SRawAgreementOidNotRecognised = 'Raw Agreement OID not recognised.';
+  SRawAgreementNotRecognised = 'Raw Agreement "%s" not recognised.';
 
 type
-
   /// <summary>
-  /// Utility class for creating IBasicAgreement objects from their
-  /// names/Oids
+  /// Utility class for creating IBasicAgreement and IRawAgreement objects from their names/OIDs.
   /// </summary>
   TAgreementUtilities = class sealed(TObject)
-
   strict private
     class var
-
-      Falgorithms: TDictionary<String, String>;
-
-    class function GetMechanism(const algorithm: String): String;
-      static; inline;
-
-    class procedure Boot(); static;
-    class constructor CreateAgreementUtilities();
-    class destructor DestroyAgreementUtilities();
-
+      FAlgorithmMap: TDictionary<String, String>;
+      FAlgorithmOidMap: TDictionary<IDerObjectIdentifier, String>;
+
+    class function GetMechanism(const AAlgorithm: String): String; static;
+    class function GetBasicAgreementForMechanism(const AMechanism: String): IBasicAgreement; static;
+    class function GetBasicAgreementWithKdfForMechanism(const AMechanism, AWrapAlgorithm: String): IBasicAgreement; static;
+    class function GetRawAgreementForMechanism(const AMechanism: String): IRawAgreement; static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
   public
-    class function GetBasicAgreement(const algorithm: String)
-      : IBasicAgreement; static;
-
-    class function GetRawAgreement(const oid: IDerObjectIdentifier)
-      : IRawAgreement; overload; static; inline;
-
-    class function GetRawAgreement(const algorithm: String): IRawAgreement;
-      overload; static;
-
-    class function GetAlgorithmName(const oid: IDerObjectIdentifier): String;
-      static; inline;
-
+    class function GetAlgorithmName(const AOid: IDerObjectIdentifier): String; static;
+    class function GetBasicAgreement(const AOid: IDerObjectIdentifier): IBasicAgreement; overload; static;
+    class function GetBasicAgreement(const AAlgorithm: String): IBasicAgreement; overload; static;
+    class function GetBasicAgreementWithKdf(const AAgreeAlgOid, AWrapAlgOid: IDerObjectIdentifier): IBasicAgreement; overload; static;
+    class function GetBasicAgreementWithKdf(const AOid: IDerObjectIdentifier; const AWrapAlgorithm: String): IBasicAgreement; overload; static;
+    class function GetBasicAgreementWithKdf(const AAgreeAlgorithm, AWrapAlgorithm: String): IBasicAgreement; overload; static;
+    class function GetRawAgreement(const AOid: IDerObjectIdentifier): IRawAgreement; overload; static;
+    class function GetRawAgreement(const AAlgorithm: String): IRawAgreement; overload; static;
   end;
 
 implementation
@@ -85,95 +86,198 @@ implementation
 
 class procedure TAgreementUtilities.Boot;
 begin
-  Falgorithms := TDictionary<string, string>.Create();
-  Falgorithms.Add(TEdECObjectIdentifiers.id_X25519.Id, 'X25519');
+  FAlgorithmMap := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FAlgorithmMap.Add('DIFFIEHELLMAN', 'DH');
+  FAlgorithmMap.Add('ECCDH', 'ECDHC');
+
+  FAlgorithmOidMap := TDictionary<IDerObjectIdentifier, String>.Create(TCryptoLibComparers.OidEqualityComparer);
+  FAlgorithmOidMap.AddOrSetValue(TEdECObjectIdentifiers.IdX25519, 'X25519');
 end;
 
-class constructor TAgreementUtilities.CreateAgreementUtilities;
+class constructor TAgreementUtilities.Create;
 begin
-  TAgreementUtilities.Boot;
+  Boot;
 end;
 
-class destructor TAgreementUtilities.DestroyAgreementUtilities;
+class destructor TAgreementUtilities.Destroy;
 begin
-  Falgorithms.Free;
+  FAlgorithmMap.Free;
+  FAlgorithmOidMap.Free;
 end;
 
-class function TAgreementUtilities.GetMechanism(const algorithm
-  : String): String;
+class function TAgreementUtilities.GetMechanism(const AAlgorithm: String): String;
 var
-  upper, mechanism: String;
+  LOid: IDerObjectIdentifier;
+  LMechanism: String;
 begin
-  upper := UpperCase(algorithm);
-  if Falgorithms.TryGetValue(upper, mechanism) then
+  if FAlgorithmMap.TryGetValue(AAlgorithm, LMechanism) then
   begin
-    result := mechanism
-  end
-  else
+    Result := LMechanism;
+    Exit;
+  end;
+  if TDerObjectIdentifier.TryFromID(AAlgorithm, LOid) and FAlgorithmOidMap.TryGetValue(LOid, LMechanism) then
   begin
-    result := upper;
+    Result := LMechanism;
+    Exit;
   end;
+  Result := '';
+end;
+
+class function TAgreementUtilities.GetAlgorithmName(const AOid: IDerObjectIdentifier): String;
+begin
+  Result := TCollectionUtilities.GetValueOrNull<IDerObjectIdentifier, String>(FAlgorithmOidMap, AOid);
 end;
 
-class function TAgreementUtilities.GetAlgorithmName
-  (const oid: IDerObjectIdentifier): String;
+class function TAgreementUtilities.GetBasicAgreementForMechanism(const AMechanism: String): IBasicAgreement;
 begin
-  if not(Falgorithms.TryGetValue(oid.Id, result)) then
+  Result := nil;
+  if AMechanism = 'DH' then
+    Result := TDHBasicAgreement.Create() as IDHBasicAgreement
+  else if AMechanism = 'ECDH' then
+    Result := TECDHBasicAgreement.Create() as IECDHBasicAgreement
+  else if AMechanism = 'ECDHC' then
+    Result := TECDHCBasicAgreement.Create() as IECDHCBasicAgreement;
+end;
+
+class function TAgreementUtilities.GetBasicAgreementWithKdfForMechanism(const AMechanism, AWrapAlgorithm: String): IBasicAgreement;
+begin
+  Result := nil;
+end;
+
+class function TAgreementUtilities.GetBasicAgreement(const AOid: IDerObjectIdentifier): IBasicAgreement;
+var
+  LMechanism: String;
+  LAgreement: IBasicAgreement;
+begin
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
   begin
-    result := '';
+    LAgreement := GetBasicAgreementForMechanism(LMechanism);
+    if LAgreement <> nil then
+    begin
+      Result := LAgreement;
+      Exit;
+    end;
   end;
+  raise ESecurityUtilityCryptoLibException.CreateRes(@SBasicAgreementOidNotRecognised);
 end;
 
-class function TAgreementUtilities.GetBasicAgreement(const algorithm: String)
-  : IBasicAgreement;
+class function TAgreementUtilities.GetBasicAgreement(const AAlgorithm: String): IBasicAgreement;
 var
-  mechanism: String;
+  LMechanism: String;
+  LAgreement: IBasicAgreement;
 begin
-  mechanism := GetMechanism(algorithm);
-
-  if ((mechanism = 'DH') or (mechanism = 'DIFFIEHELLMAN')) then
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAlgorithm);
+  LAgreement := GetBasicAgreementForMechanism(LMechanism);
+  if LAgreement <> nil then
   begin
-    result := TDHBasicAgreement.Create() as IDHBasicAgreement;
+    Result := LAgreement;
     Exit;
   end;
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SBasicAgreementNotRecognised, [AAlgorithm]);
+end;
 
-  if (mechanism = 'ECDH') then
+class function TAgreementUtilities.GetBasicAgreementWithKdf(const AAgreeAlgOid, AWrapAlgOid: IDerObjectIdentifier): IBasicAgreement;
+var
+  LWrap: String;
+begin
+  if AWrapAlgOid <> nil then
+    LWrap := AWrapAlgOid.ID
+  else
+    LWrap := '';
+  Result := GetBasicAgreementWithKdf(AAgreeAlgOid, LWrap);
+end;
+
+class function TAgreementUtilities.GetBasicAgreementWithKdf(const AOid: IDerObjectIdentifier; const AWrapAlgorithm: String): IBasicAgreement;
+var
+  LMechanism: String;
+  LAgreement: IBasicAgreement;
+begin
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if AWrapAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SWrapAlgorithmNil);
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
   begin
-    result := TECDHBasicAgreement.Create() as IECDHBasicAgreement;
-    Exit;
+    LAgreement := GetBasicAgreementWithKdfForMechanism(LMechanism, AWrapAlgorithm);
+    if LAgreement <> nil then
+    begin
+      Result := LAgreement;
+      Exit;
+    end;
   end;
+  raise ESecurityUtilityCryptoLibException.CreateRes(@SBasicAgreementWithKdfOidNotRecognised);
+end;
 
-  if ((mechanism = 'ECDHC') or (mechanism = 'ECCDH')) then
+class function TAgreementUtilities.GetBasicAgreementWithKdf(const AAgreeAlgorithm, AWrapAlgorithm: String): IBasicAgreement;
+var
+  LMechanism: String;
+  LAgreement: IBasicAgreement;
+begin
+  if AAgreeAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  if AWrapAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SWrapAlgorithmNil);
+  LMechanism := GetMechanism(AAgreeAlgorithm);
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAgreeAlgorithm);
+  LAgreement := GetBasicAgreementWithKdfForMechanism(LMechanism, AWrapAlgorithm);
+  if LAgreement <> nil then
   begin
-    result := TECDHCBasicAgreement.Create() as IECDHCBasicAgreement;
+    Result := LAgreement;
     Exit;
   end;
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SBasicAgreementWithKdfNotRecognised, [AAgreeAlgorithm]);
+end;
 
-  raise ESecurityUtilityCryptoLibException.CreateResFmt
-    (@SUnRecognizedBasicAgreementAlgorithm, [algorithm]);
+class function TAgreementUtilities.GetRawAgreementForMechanism(const AMechanism: String): IRawAgreement;
+begin
+  Result := nil;
+  if AMechanism = 'X25519' then
+    Result := TX25519Agreement.Create() as IX25519Agreement;
 end;
 
-class function TAgreementUtilities.GetRawAgreement(const algorithm: String)
-  : IRawAgreement;
+class function TAgreementUtilities.GetRawAgreement(const AOid: IDerObjectIdentifier): IRawAgreement;
 var
-  mechanism: String;
+  LMechanism: String;
+  LAgreement: IRawAgreement;
 begin
-  mechanism := GetMechanism(algorithm);
-
-  if (mechanism = 'X25519') then
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
   begin
-    result := TX25519Agreement.Create() as IX25519Agreement;
-    Exit;
+    LAgreement := GetRawAgreementForMechanism(LMechanism);
+    if LAgreement <> nil then
+    begin
+      Result := LAgreement;
+      Exit;
+    end;
   end;
-
-  raise ESecurityUtilityCryptoLibException.CreateResFmt
-    (@SUnRecognizedRawAgreementAlgorithm, [algorithm]);
+  raise ESecurityUtilityCryptoLibException.CreateRes(@SRawAgreementOidNotRecognised);
 end;
 
-class function TAgreementUtilities.GetRawAgreement
-  (const oid: IDerObjectIdentifier): IRawAgreement;
+class function TAgreementUtilities.GetRawAgreement(const AAlgorithm: String): IRawAgreement;
+var
+  LMechanism: String;
+  LAgreement: IRawAgreement;
 begin
-  result := GetRawAgreement(oid.Id);
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAlgorithm);
+  LAgreement := GetRawAgreementForMechanism(LMechanism);
+  if LAgreement <> nil then
+  begin
+    Result := LAgreement;
+    Exit;
+  end;
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SRawAgreementNotRecognised, [AAlgorithm]);
 end;
 
 end.

CryptoLib/src/Security/ClpCipherUtilities.pas

@@ -25,7 +25,19 @@ uses
   SysUtils,
   TypInfo,
   Generics.Collections,
+  ClpAsn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
   ClpCryptoLibTypes,
+  ClpDigestUtilities,
+  ClpEnumUtilities,
+  ClpIAsn1Objects,
+  ClpIBlockCipherPadding,
+  ClpIBlockCipher,
+  ClpIBufferedCipher,
+  ClpIStreamCipher,
+  ClpNistObjectIdentifiers,
+  ClpPkcsObjectIdentifiers,
   ClpStringUtils,
   ClpPaddingModes,
   ClpIPaddingModes,
@@ -39,16 +51,12 @@ uses
   ClpIBufferedAsymmetricBlockCipher,
   ClpPaddedBufferedBlockCipher,
   ClpIPaddedBufferedBlockCipher,
-  ClpNistObjectIdentifiers,
-  ClpPkcsObjectIdentifiers,
-  ClpIAsn1Objects,
-  ClpIBufferedCipher,
-  ClpIBlockCipher,
-  ClpIStreamCipher,
   ClpAesEngine,
   ClpIAesEngine,
   ClpBlowfishEngine,
   ClpIBlowfishEngine,
+  ClpChaChaEngine,
+  ClpIChaChaEngine,
   ClpSalsa20Engine,
   ClpISalsa20Engine,
   ClpRijndaelEngine,
@@ -61,9 +69,7 @@ uses
   ClpIISO9796d1Encoding,
   ClpRsaBlindedEngine,
   ClpIRsaBlindedEngine,
-  ClpIAsymmetricBlockCipher,
-  ClpDigestUtilities,
-  ClpIBlockCipherPadding;
+  ClpIAsymmetricBlockCipher;
 
 resourcestring
   SMechanismNil = 'Mechanism Cannot be Nil';
@@ -73,6 +79,8 @@ resourcestring
     'Warning: SIC-Mode Can Become a TwoTime-Pad if the Blocksize of the Cipher is Too Small. Use a Cipher With a Block Size of at Least 128 bits (e.g. AES)';
   SModeAndPaddingNotNeededStreamCipher =
     'Modes and Paddings Not Used for Stream Ciphers';
+  SOidNotRecognised = 'Cipher OID not recognised.';
+  SOidNil = 'OID Cannot be Nil';
 
 type
 
@@ -84,44 +92,66 @@ type
   strict private
 
   type
-{$SCOPEDENUMS ON}
-    TCipherAlgorithm = (AES, BLOWFISH, SALSA20, RIJNDAEL, RSA);
-    TCipherMode = (NONE, CBC, CFB, CTR, CTS, ECB, OFB, SIC);
-    TCipherPadding = (NOPADDING, RAW, ISO10126PADDING, ISO10126D2PADDING,
-      ISO10126_2PADDING, ISO7816_4PADDING, ISO9797_1PADDING, ISO9796_1,
-      ISO9796_1PADDING, OAEP, OAEPPADDING, OAEPWITHSHA1ANDMGF1PADDING,
-      OAEPWITHSHA_1ANDMGF1PADDING, OAEPWITHSHA256ANDMGF1PADDING,
-      OAEPWITHSHA_256ANDMGF1PADDING, PKCS1, PKCS1PADDING, PKCS5, PKCS5PADDING,
-      PKCS7, PKCS7PADDING, TBCPADDING, WITHCTS, X923PADDING, ZEROBYTEPADDING);
-{$SCOPEDENUMS OFF}
+    TCipherAlgorithm = (
+      AES,
+      BLOWFISH,
+      CHACHA,
+      SALSA20,
+      RIJNDAEL,
+      RSA);
+
+    TCipherMode = (
+      NONE,
+      CBC,
+      CFB,
+      CTR,
+      CTS,
+      ECB,
+      OFB,
+      SIC);
+
+    TCipherPadding = (
+      NOPADDING,
+      RAW,
+      ISO10126PADDING,
+      ISO10126D2PADDING,
+      ISO10126_2PADDING,
+      ISO7816_4PADDING,
+      ISO9797_1PADDING,
+      ISO9796_1,
+      ISO9796_1PADDING,
+      OAEP,
+      OAEPPADDING,
+      OAEPWITHSHA1ANDMGF1PADDING,
+      OAEPWITHSHA_1ANDMGF1PADDING,
+      OAEPWITHSHA256ANDMGF1PADDING,
+      OAEPWITHSHA_256ANDMGF1PADDING,
+      PKCS1,
+      PKCS1PADDING,
+      PKCS5,
+      PKCS5PADDING,
+      PKCS7,
+      PKCS7PADDING,
+      TBCPADDING,
+      WITHCTS,
+      X923PADDING,
+      ZEROBYTEPADDING);
 
   class var
+      FAlgorithmMap: TDictionary<String, String>;
+      FAlgorithmOidMap: TDictionary<IDerObjectIdentifier, String>;
 
-    Falgorithms: TDictionary<String, String>;
-    Foids: TDictionary<String, IDerObjectIdentifier>;
-
-    class function GetAlgorithms: TCryptoLibStringArray; static; inline;
-    class function GetDigitIndex(const s: String): Int32; static; inline;
+    class function GetMechanism(const AAlgorithm: String): String; static;
+    class function GetCipherForMechanism(const AMechanism: String): IBufferedCipher; static;
 
-    class procedure Boot(); static;
-    class constructor CreateCipherUtilities();
-    class destructor DestroyCipherUtilities();
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
 
   public
-    /// <summary>
-    /// Returns a ObjectIdentifier for a give encoding.
-    /// </summary>
-    /// <param name="mechanism">A string representation of the encoding.</param>
-    /// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
-    // TODO Don't really want to support this
-    class function GetObjectIdentifier(mechanism: String)
-      : IDerObjectIdentifier; static;
-    class function GetCipher(algorithm: String): IBufferedCipher;
-      overload; static;
-    class function GetCipher(const oid: IDerObjectIdentifier): IBufferedCipher;
-      overload; static; inline;
-
-    class property Algorithms: TCryptoLibStringArray read GetAlgorithms;
+    class function GetAlgorithmName(const AOid: IDerObjectIdentifier): String; static;
+    class function GetCipher(const AAlgorithm: String): IBufferedCipher; overload; static;
+    class function GetCipher(const AOid: IDerObjectIdentifier): IBufferedCipher; overload; static;
   end;
 
 implementation
@@ -130,428 +160,301 @@ implementation
 
 class procedure TCipherUtilities.Boot;
 begin
-  Falgorithms := TDictionary<string, string>.Create();
-  Foids := TDictionary<string, IDerObjectIdentifier>.Create();
+  FAlgorithmMap := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FAlgorithmOidMap := TDictionary<IDerObjectIdentifier, String>.Create(TCryptoLibComparers.OidEqualityComparer);
 
   TNistObjectIdentifiers.Boot;
+  TPkcsObjectIdentifiers.Boot;
 
-  // TODO Flesh out the list of aliases
-
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes128Ecb.Id,
-    'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes192Ecb.Id,
-    'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes256Ecb.Id,
-    'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add('AES//PKCS7', 'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add('AES//PKCS7PADDING', 'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add('AES//PKCS5', 'AES/ECB/PKCS7PADDING');
-  Falgorithms.Add('AES//PKCS5PADDING', 'AES/ECB/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes128Cbc, 'AES/CBC/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes192Cbc, 'AES/CBC/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes256Cbc, 'AES/CBC/PKCS7PADDING');
 
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes128Cbc.Id,
-    'AES/CBC/PKCS7PADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes192Cbc.Id,
-    'AES/CBC/PKCS7PADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes256Cbc.Id,
-    'AES/CBC/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes128Cfb, 'AES/CFB/NOPADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes192Cfb, 'AES/CFB/NOPADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes256Cfb, 'AES/CFB/NOPADDING');
 
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes128Ofb.Id, 'AES/OFB/NOPADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes192Ofb.Id, 'AES/OFB/NOPADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes256Ofb.Id, 'AES/OFB/NOPADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes128Ecb, 'AES/ECB/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes192Ecb, 'AES/ECB/PKCS7PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes256Ecb, 'AES/ECB/PKCS7PADDING');
 
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes128Cfb.Id, 'AES/CFB/NOPADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes192Cfb.Id, 'AES/CFB/NOPADDING');
-  Falgorithms.Add(TNistObjectIdentifiers.IdAes256Cfb.Id, 'AES/CFB/NOPADDING');
+  FAlgorithmMap.AddOrSetValue('AES//PKCS7', 'AES/ECB/PKCS7PADDING');
+  FAlgorithmMap.AddOrSetValue('AES//PKCS7PADDING', 'AES/ECB/PKCS7PADDING');
+  FAlgorithmMap.AddOrSetValue('AES//PKCS5', 'AES/ECB/PKCS7PADDING');
+  FAlgorithmMap.AddOrSetValue('AES//PKCS5PADDING', 'AES/ECB/PKCS7PADDING');
 
-  Falgorithms.Add('1.3.6.1.4.1.3029.1.2', 'BLOWFISH/CBC');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes128Ofb, 'AES/OFB/NOPADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes192Ofb, 'AES/OFB/NOPADDING');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdAes256Ofb, 'AES/OFB/NOPADDING');
 
-  TPkcsObjectIdentifiers.Boot;
+  FAlgorithmMap.AddOrSetValue('RSA/ECB/PKCS1', 'RSA//PKCS1PADDING');
+  FAlgorithmMap.AddOrSetValue('RSA/ECB/PKCS1PADDING', 'RSA//PKCS1PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.RsaEncryption, 'RSA//PKCS1PADDING');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdRsaesOaep, 'RSA//OAEPPADDING');
 
-  // RSA
-  Falgorithms.Add('RSA/ECB/PKCS1', 'RSA//PKCS1PADDING');
-  Falgorithms.Add('RSA/ECB/PKCS1PADDING', 'RSA//PKCS1PADDING');
-  Falgorithms.Add(TPkcsObjectIdentifiers.RsaEncryption.Id, 'RSA//PKCS1PADDING');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdRsaesOaep.Id, 'RSA//OAEPPADDING');
+  FAlgorithmMap.AddOrSetValue('1.3.6.1.4.1.3029.1.2', 'BLOWFISH/CBC');
 
+  FAlgorithmMap.AddOrSetValue('CHACHA20', 'CHACHA');
 end;
 
-class constructor TCipherUtilities.CreateCipherUtilities;
+class constructor TCipherUtilities.Create;
 begin
-  TCipherUtilities.Boot;
+  Boot;
 end;
 
-class destructor TCipherUtilities.DestroyCipherUtilities;
+class destructor TCipherUtilities.Destroy;
 begin
-  Falgorithms.Free;
-  Foids.Free;
+  FAlgorithmMap.Free;
+  FAlgorithmOidMap.Free;
 end;
 
-class function TCipherUtilities.GetAlgorithms: TCryptoLibStringArray;
-begin
-  Result := Foids.Keys.ToArray;
-end;
-
-class function TCipherUtilities.GetDigitIndex(const s: String): Int32;
+class function TCipherUtilities.GetMechanism(const AAlgorithm: String): String;
 var
-  i, LowPoint, HighPoint: Int32;
+  LOid: IDerObjectIdentifier;
+  LMechanism: String;
 begin
-  LowPoint := 1;
-  HighPoint := System.Length(s);
-
-  For i := LowPoint to HighPoint do
+  if FAlgorithmMap.TryGetValue(AAlgorithm, LMechanism) then
   begin
-    if (CharInSet(s[i], ['0' .. '9'])) then
-    begin
-      Result := i;
-      Exit;
-    end;
-  end;
-  Result := -1;
-end;
-
-class function TCipherUtilities.GetCipher(algorithm: String): IBufferedCipher;
-var
-  aliased, algorithmName, temp, paddingName, mode, modeName: string;
-  di, LowPoint, bits, HighPoint: Int32;
-  padded, CTS: Boolean;
-  parts: TCryptoLibStringArray;
-  cipherAlgorithm: TCipherAlgorithm;
-  cipherPadding: TCipherPadding;
-  cipherMode: TCipherMode;
-  blockCipher: IBlockCipher;
-  asymBlockCipher: IAsymmetricBlockCipher;
-  streamCipher: IStreamCipher;
-  padding: IBlockCipherPadding;
-begin
-  if (algorithm = '') then
-  begin
-    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+    Result := LMechanism;
+    Exit;
   end;
-  algorithm := UpperCase(algorithm);
-
-  if (Falgorithms.TryGetValue(algorithm, aliased)) then
+  if TDerObjectIdentifier.TryFromID(AAlgorithm, LOid) and FAlgorithmOidMap.TryGetValue(LOid, LMechanism) then
   begin
-    algorithm := aliased;
+    Result := LMechanism;
+    Exit;
   end;
+  Result := '';
+end;
 
-  parts := TStringUtils.SplitString(algorithm, '/');
-
-  blockCipher := Nil;
-  asymBlockCipher := Nil;
-  streamCipher := Nil;
+class function TCipherUtilities.GetAlgorithmName(const AOid: IDerObjectIdentifier): String;
+begin
+  Result := TCollectionUtilities.GetValueOrNull<IDerObjectIdentifier, String>(FAlgorithmOidMap, AOid);
+end;
 
-  algorithmName := parts[0];
+class function TCipherUtilities.GetCipherForMechanism(const AMechanism: String): IBufferedCipher;
 
-  if (Falgorithms.TryGetValue(algorithmName, aliased)) then
+  function GetDigitIndex(const S: String): Int32;
+  var
+    I: Int32;
   begin
-    algorithmName := aliased;
+    for I := 1 to System.Length(S) do
+    begin
+      if CharInSet(S[I], ['0' .. '9']) then
+      begin
+        Result := I;
+        Exit;
+      end;
+    end;
+    Result := -1;
   end;
 
-  temp := StringReplace(algorithmName, '-', '_', [rfReplaceAll, rfIgnoreCase]);
-
-  temp := StringReplace(temp, '/', '_', [rfReplaceAll, rfIgnoreCase]);
+var
+  LAlgorithmName, LPaddingName, LMode, LModeName: String;
+  LDi, LBits: Int32;
+  LPadded, LCTS: Boolean;
+  LParts: TCryptoLibStringArray;
+  LCipherAlgorithm: TCipherAlgorithm;
+  LCipherPadding: TCipherPadding;
+  LCipherMode: TCipherMode;
+  LBlockCipher: IBlockCipher;
+  LAsymBlockCipher: IAsymmetricBlockCipher;
+  LStreamCipher: IStreamCipher;
+  LPadding: IBlockCipherPadding;
+begin
+  Result := nil;
+  LParts := TStringUtils.SplitString(AMechanism, '/');
+  if System.Length(LParts) < 1 then
+    Exit;
 
-  cipherAlgorithm := TCipherAlgorithm
-    (GetEnumValue(TypeInfo(TCipherAlgorithm), temp));
+  LAlgorithmName := UpperCase(TCollectionUtilities.GetValueOrKey<String>(FAlgorithmMap, LParts[0]));
+  if not TEnumUtilities.TryGetEnumValue<TCipherAlgorithm>(LAlgorithmName, LCipherAlgorithm) then
+    Exit;
 
-  case cipherAlgorithm of
+  LBlockCipher := nil;
+  LAsymBlockCipher := nil;
+  LStreamCipher := nil;
+  case LCipherAlgorithm of
     TCipherAlgorithm.AES:
-      begin
-        blockCipher := TAesEngine.Create() as IAesEngine;
-      end;
+      LBlockCipher := TAesEngine.Create() as IAesEngine;
     TCipherAlgorithm.BLOWFISH:
-      begin
-        blockCipher := TBlowfishEngine.Create() as IBlowfishEngine;
-      end;
+      LBlockCipher := TBlowfishEngine.Create() as IBlowfishEngine;
+    TCipherAlgorithm.CHACHA:
+      LStreamCipher := TChaChaEngine.Create() as IChaChaEngine;
     TCipherAlgorithm.RIJNDAEL:
-      begin
-        blockCipher := TRijndaelEngine.Create() as IRijndaelEngine;
-      end;
+      LBlockCipher := TRijndaelEngine.Create() as IRijndaelEngine;
     TCipherAlgorithm.SALSA20:
-      begin
-        streamCipher := TSalsa20Engine.Create() as ISalsa20Engine;
-      end;
+      LStreamCipher := TSalsa20Engine.Create() as ISalsa20Engine;
     TCipherAlgorithm.RSA:
-      begin
-        asymBlockCipher := TRsaBlindedEngine.Create() as IRsaBlindedEngine;
-      end
+      LAsymBlockCipher := TRsaBlindedEngine.Create() as IRsaBlindedEngine;
   else
-    begin
-      raise ESecurityUtilityCryptoLibException.CreateResFmt
-        (@SUnRecognizedCipher, [algorithm]);
-    end;
+    Exit;
   end;
 
-  if (streamCipher <> Nil) then
+  if LStreamCipher <> nil then
   begin
-    if (System.Length(parts) > 1) then
-    begin
-      raise EArgumentCryptoLibException.CreateRes
-        (@SModeAndPaddingNotNeededStreamCipher);
-    end;
-
-    Result := TBufferedStreamCipher.Create(streamCipher)
-      as IBufferedStreamCipher;
+    if System.Length(LParts) > 1 then
+      raise EArgumentCryptoLibException.CreateRes(@SModeAndPaddingNotNeededStreamCipher);
+    Result := TBufferedStreamCipher.Create(LStreamCipher) as IBufferedStreamCipher;
     Exit;
   end;
 
-  CTS := False;
-  padded := true;
-  padding := Nil;
+  LCTS := False;
+  LPadded := True;
+  LPadding := nil;
 
-  if System.Length(parts) > 2 then
+  if System.Length(LParts) > 2 then
   begin
-    paddingName := parts[2];
-
-    temp := StringReplace(paddingName, '-', '_', [rfReplaceAll, rfIgnoreCase]);
-
-    temp := StringReplace(temp, '/', '_', [rfReplaceAll, rfIgnoreCase]);
-
-    cipherPadding := TCipherPadding
-      (GetEnumValue(TypeInfo(TCipherPadding), temp));
+    LPaddingName := LParts[2];
+    if LPaddingName = '' then
+      LCipherPadding := TCipherPadding.RAW
+    else if LPaddingName = 'X9.23PADDING' then
+      LCipherPadding := TCipherPadding.X923PADDING
+    else if not TEnumUtilities.TryGetEnumValue<TCipherPadding>(LPaddingName, LCipherPadding) then
+      Exit;
 
-    case cipherPadding of
+    case LCipherPadding of
       TCipherPadding.NOPADDING:
-        begin
-          padded := False;
-        end;
-
-      TCipherPadding.RAW:
-        begin
-          // Raw padding - do nothing
-        end;
-
-      TCipherPadding.ISO10126PADDING, TCipherPadding.ISO10126D2PADDING,
-        TCipherPadding.ISO10126_2PADDING:
-        begin
-          padding := TISO10126d2Padding.Create() as IISO10126d2Padding;
-        end;
-
+        LPadded := False;
+      TCipherPadding.RAW: ;
+      TCipherPadding.ISO10126PADDING, TCipherPadding.ISO10126D2PADDING, TCipherPadding.ISO10126_2PADDING:
+        LPadding := TISO10126d2Padding.Create() as IISO10126d2Padding;
       TCipherPadding.ISO7816_4PADDING, TCipherPadding.ISO9797_1PADDING:
-        begin
-          padding := TISO7816d4Padding.Create() as IISO7816d4Padding;
-        end;
-
+        LPadding := TISO7816d4Padding.Create() as IISO7816d4Padding;
       TCipherPadding.ISO9796_1, TCipherPadding.ISO9796_1PADDING:
-        begin
-          asymBlockCipher := TISO9796d1Encoding.Create(asymBlockCipher) as IISO9796d1Encoding;
-        end;
-
+        LAsymBlockCipher := TISO9796d1Encoding.Create(LAsymBlockCipher) as IISO9796d1Encoding;
       TCipherPadding.OAEP, TCipherPadding.OAEPPADDING:
-        begin
-          asymBlockCipher := TOaepEncoding.Create(asymBlockCipher) as IOaepEncoding;
-        end;
-
+        LAsymBlockCipher := TOaepEncoding.Create(LAsymBlockCipher) as IOaepEncoding;
       TCipherPadding.OAEPWITHSHA1ANDMGF1PADDING, TCipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
-        begin
-          asymBlockCipher := TOaepEncoding.Create(asymBlockCipher, TDigestUtilities.GetDigest('SHA-1')) as IOaepEncoding;
-        end;
-
+        LAsymBlockCipher := TOaepEncoding.Create(LAsymBlockCipher, TDigestUtilities.GetDigest('SHA-1')) as IOaepEncoding;
       TCipherPadding.OAEPWITHSHA256ANDMGF1PADDING, TCipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
-        begin
-          asymBlockCipher := TOaepEncoding.Create(asymBlockCipher, TDigestUtilities.GetDigest('SHA-256')) as IOaepEncoding;
-        end;
-
+        LAsymBlockCipher := TOaepEncoding.Create(LAsymBlockCipher, TDigestUtilities.GetDigest('SHA-256')) as IOaepEncoding;
       TCipherPadding.PKCS1, TCipherPadding.PKCS1PADDING:
-        begin
-          asymBlockCipher := TPkcs1Encoding.Create(asymBlockCipher) as IPkcs1Encoding;
-        end;
-
-      TCipherPadding.PKCS5, TCipherPadding.PKCS5PADDING, TCipherPadding.PKCS7,
-        TCipherPadding.PKCS7PADDING:
-        begin
-          padding := TPkcs7Padding.Create() as IPkcs7Padding;
-        end;
-
+        LAsymBlockCipher := TPkcs1Encoding.Create(LAsymBlockCipher) as IPkcs1Encoding;
+      TCipherPadding.PKCS5, TCipherPadding.PKCS5PADDING, TCipherPadding.PKCS7, TCipherPadding.PKCS7PADDING:
+        LPadding := TPkcs7Padding.Create() as IPkcs7Padding;
       TCipherPadding.TBCPADDING:
-        begin
-          padding := TTBCPadding.Create() as ITBCPadding;
-        end;
-
+        LPadding := TTBCPadding.Create() as ITBCPadding;
       TCipherPadding.WITHCTS:
-        begin
-          CTS := true;
-        end;
-
+        LCTS := True;
       TCipherPadding.X923PADDING:
-        begin
-          padding := TX923Padding.Create() as IX923Padding;
-        end;
-
+        LPadding := TX923Padding.Create() as IX923Padding;
       TCipherPadding.ZEROBYTEPADDING:
-        begin
-          padding := TZeroBytePadding.Create() as IZeroBytePadding;
-        end
-
+        LPadding := TZeroBytePadding.Create() as IZeroBytePadding;
     else
-      begin
-        raise ESecurityUtilityCryptoLibException.CreateResFmt
-          (@SUnRecognizedCipher, [algorithm]);
-      end;
+      Exit;
     end;
-
   end;
 
-  mode := '';
-  if (System.Length(parts) > 1) then
+  if System.Length(LParts) > 1 then
   begin
-    mode := parts[1];
-
-    di := GetDigitIndex(mode);
-    if di >= 0 then
-    begin
-      LowPoint := 1;
-      modeName := System.Copy(mode, LowPoint, di);
-    end
+    LMode := LParts[1];
+    LDi := GetDigitIndex(LMode);
+    if LDi >= 1 then
+      LModeName := System.Copy(LMode, 1, LDi - 1)
     else
-    begin
-      modeName := mode;
-    end;
+      LModeName := LMode;
 
-    if modeName = '' then
-    begin
-      cipherMode := TCipherMode.NONE;
-    end
-    else
-    begin
-      temp := StringReplace(modeName, '-', '_', [rfReplaceAll, rfIgnoreCase]);
-
-      temp := StringReplace(temp, '/', '_', [rfReplaceAll, rfIgnoreCase]);
-
-      cipherMode := TCipherMode(GetEnumValue(TypeInfo(TCipherMode), temp));
-    end;
-
-    case cipherMode of
-      TCipherMode.ECB, TCipherMode.NONE:
-        begin
-          // do nothing
-        end;
+    if LModeName = '' then
+      LCipherMode := TCipherMode.NONE
+    else if not TEnumUtilities.TryGetEnumValue<TCipherMode>(LModeName, LCipherMode) then
+      Exit;
 
+    case LCipherMode of
+      TCipherMode.ECB, TCipherMode.NONE: ;
       TCipherMode.CBC:
-        begin
-          blockCipher := TCbcBlockCipher.Create(blockCipher) as ICbcBlockCipher;
-        end;
-
+        LBlockCipher := TCbcBlockCipher.Create(LBlockCipher) as ICbcBlockCipher;
       TCipherMode.CFB:
         begin
-          if (di < 0) then
-          begin
-            bits := 8 * blockCipher.GetBlockSize();
-          end
+          if LDi < 1 then
+            LBits := 8 * LBlockCipher.GetBlockSize()
           else
-          begin
-            HighPoint := System.Length(mode);
-            bits := StrToInt(System.Copy(mode, di, HighPoint - di));
-          end;
-
-          blockCipher := TCfbBlockCipher.Create(blockCipher, bits)
-            as ICfbBlockCipher;
+            LBits := StrToInt(System.Copy(LMode, LDi, System.Length(LMode) - LDi + 1));
+          LBlockCipher := TCfbBlockCipher.Create(LBlockCipher, LBits) as ICfbBlockCipher;
         end;
-
       TCipherMode.CTR:
-        begin
-          blockCipher := TSicBlockCipher.Create(blockCipher) as ISicBlockCipher;
-        end;
-
+        LBlockCipher := TSicBlockCipher.Create(LBlockCipher) as ISicBlockCipher;
       TCipherMode.CTS:
         begin
-          CTS := true;
-          blockCipher := TCbcBlockCipher.Create(blockCipher) as ICbcBlockCipher;
+          LCTS := True;
+          LBlockCipher := TCbcBlockCipher.Create(LBlockCipher) as ICbcBlockCipher;
         end;
-
       TCipherMode.OFB:
         begin
-          if (di < 0) then
-          begin
-            bits := 8 * blockCipher.GetBlockSize();
-          end
+          if LDi < 1 then
+            LBits := 8 * LBlockCipher.GetBlockSize()
           else
-          begin
-            HighPoint := System.Length(mode);
-            bits := StrToInt(System.Copy(mode, di, HighPoint - di));
-          end;
-
-          blockCipher := TOfbBlockCipher.Create(blockCipher, bits)
-            as IOfbBlockCipher;
+            LBits := StrToInt(System.Copy(LMode, LDi, System.Length(LMode) - LDi + 1));
+          LBlockCipher := TOfbBlockCipher.Create(LBlockCipher, LBits) as IOfbBlockCipher;
         end;
-
       TCipherMode.SIC:
         begin
-          if (blockCipher.GetBlockSize() < 16) then
-          begin
-            raise EArgumentCryptoLibException.CreateRes(@SSICModeWarning);
-          end;
-          blockCipher := TSicBlockCipher.Create(blockCipher) as ISicBlockCipher;
-        end
-
+          if LBlockCipher.GetBlockSize() < 16 then
+            Exit;
+          LBlockCipher := TSicBlockCipher.Create(LBlockCipher) as ISicBlockCipher;
+        end;
     else
-      begin
-        raise ESecurityUtilityCryptoLibException.CreateResFmt
-          (@SUnRecognizedCipher, [algorithm]);
-      end;
+      Exit;
     end;
   end;
 
-  if (blockCipher <> Nil) then
+  if LBlockCipher <> nil then
   begin
-
-    if (CTS) then
+    if LCTS then
     begin
-      Result := TCtsBlockCipher.Create(blockCipher) as ICtsBlockCipher;
+      Result := TCtsBlockCipher.Create(LBlockCipher) as ICtsBlockCipher;
       Exit;
     end;
-
-    if (padding <> Nil) then
+    if LPadding <> nil then
     begin
-      Result := TPaddedBufferedBlockCipher.Create(blockCipher, padding)
-        as IPaddedBufferedBlockCipher;
+      Result := TPaddedBufferedBlockCipher.Create(LBlockCipher, LPadding) as IPaddedBufferedBlockCipher;
       Exit;
     end;
-
-    if ((not padded) or (blockCipher.IsPartialBlockOkay)) then
+    if (not LPadded) or LBlockCipher.IsPartialBlockOkay then
     begin
-      Result := TBufferedBlockCipher.Create(blockCipher)
-        as IBufferedBlockCipher;
+      Result := TBufferedBlockCipher.Create(LBlockCipher) as IBufferedBlockCipher;
       Exit;
     end;
-
-    Result := TPaddedBufferedBlockCipher.Create(blockCipher)
-      as IPaddedBufferedBlockCipher;
+    Result := TPaddedBufferedBlockCipher.Create(LBlockCipher) as IPaddedBufferedBlockCipher;
     Exit;
   end;
 
-  if (asymBlockCipher <> Nil) then
+  if LAsymBlockCipher <> nil then
   begin
-    Result := TBufferedAsymmetricBlockCipher.Create(asymBlockCipher) as IBufferedAsymmetricBlockCipher;
+    Result := TBufferedAsymmetricBlockCipher.Create(LAsymBlockCipher) as IBufferedAsymmetricBlockCipher;
     Exit;
   end;
-
-  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedCipher,
-    [algorithm]);
 end;
 
-class function TCipherUtilities.GetCipher(const oid: IDerObjectIdentifier)
-  : IBufferedCipher;
+class function TCipherUtilities.GetCipher(const AAlgorithm: String): IBufferedCipher;
+var
+  LMechanism: String;
+  LCipher: IBufferedCipher;
 begin
-  Result := GetCipher(oid.Id);
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LMechanism := GetMechanism(UpperCase(AAlgorithm));
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAlgorithm);
+
+  LCipher := GetCipherForMechanism(LMechanism);
+  if LCipher = nil then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedCipher, [AAlgorithm]);
+  Result := LCipher;
 end;
 
-class function TCipherUtilities.GetObjectIdentifier(mechanism: String)
-  : IDerObjectIdentifier;
+class function TCipherUtilities.GetCipher(const AOid: IDerObjectIdentifier): IBufferedCipher;
 var
-  aliased: String;
+  LMechanism: String;
+  LCipher: IBufferedCipher;
 begin
-  if (mechanism = '') then
-    raise EArgumentNilCryptoLibException.CreateRes(@SMechanismNil);
-
-  mechanism := UpperCase(mechanism);
-  if Falgorithms.TryGetValue(mechanism, aliased) then
-  begin
-    mechanism := aliased;
-  end;
-
-  Foids.TryGetValue(mechanism, Result);
-
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if not FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
+    raise ESecurityUtilityCryptoLibException.CreateRes(@SOidNotRecognised);
+  LCipher := GetCipherForMechanism(LMechanism);
+  if LCipher = nil then
+    raise ESecurityUtilityCryptoLibException.CreateRes(@SOidNotRecognised);
+  Result := LCipher;
 end;
 
 end.

CryptoLib/src/Security/ClpDigestUtilities.pas

@@ -25,45 +25,89 @@ uses
   SysUtils,
   TypInfo,
   Generics.Collections,
+  HlpIHash,
   HlpHashFactory,
-  ClpIDigest,
+  ClpNoOpDigest,
+  ClpAsn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
+  ClpCryptoLibTypes,
+  ClpCryptoProObjectIdentifiers,
   ClpDigest,
+  ClpEnumUtilities,
+  ClpIDigest,
+  ClpIAsn1Objects,
+  ClpMiscObjectIdentifiers,
+  ClpNistObjectIdentifiers,
+  ClpOiwObjectIdentifiers,
   ClpPkcsObjectIdentifiers,
   ClpRosstandartObjectIdentifiers,
-  ClpOiwObjectIdentifiers,
-  ClpNistObjectIdentifiers,
-  ClpMiscObjectIdentifiers,
-  ClpTeleTrusTObjectIdentifiers,
-  ClpCryptoProObjectIdentifiers,
-  ClpCryptoLibTypes,
-  ClpIAsn1Objects;
+  ClpTeleTrusTObjectIdentifiers;
 
 resourcestring
   SMechanismNil = 'Mechanism Cannot be Nil';
+  SAlgorithmNil = 'Algorithm Cannot be Nil';
   SUnRecognizedDigest = 'Digest "%s" not recognised.';
+  SOidNotRecognised = 'Digest OID not recognised.';
+  SOidNil = 'OID Cannot be Nil';
 
 type
   TDigestUtilities = class sealed(TObject)
 
   strict private
-
-  class var
-    Falgorithms: TDictionary<String, String>;
-    Foids: TDictionary<String, IDerObjectIdentifier>;
-
-  type
-{$SCOPEDENUMS ON}
-    TDigestAlgorithm = (BLAKE2B_160, BLAKE2B_256, BLAKE2B_384, BLAKE2B_512,
-      BLAKE2S_128, BLAKE2S_160, BLAKE2S_224, BLAKE2S_256, GOST3411,
-      GOST3411_2012_256, GOST3411_2012_512, KECCAK_224, KECCAK_256, KECCAK_288,
-      KECCAK_384, KECCAK_512, MD2, MD4, MD5, NONE, RIPEMD128, RIPEMD160,
-      RIPEMD256, RIPEMD320, SHA_1, SHA_224, SHA_256, SHA_384, SHA_512,
-      SHA_512_224, SHA_512_256, SHA3_224, SHA3_256, SHA3_384, SHA3_512,
-      SHAKE128_256, SHAKE256_512, TIGER, WHIRLPOOL);
-{$SCOPEDENUMS OFF}
-  class procedure Boot(); static;
-  class constructor CreateDigestUtilities();
-  class destructor DestroyDigestUtilities();
+    class var
+      FAlgorithmMap: TDictionary<String, String>;
+      FAlgorithmOidMap: TDictionary<IDerObjectIdentifier, String>;
+      FOids: TDictionary<String, IDerObjectIdentifier>;
+
+    type
+      TDigestAlgorithm = (
+        BLAKE2B_160,
+        BLAKE2B_256,
+        BLAKE2B_384,
+        BLAKE2B_512,
+        BLAKE2S_128,
+        BLAKE2S_160,
+        BLAKE2S_224,
+        BLAKE2S_256,
+        BLAKE3_256,
+        GOST3411,
+        GOST3411_2012_256,
+        GOST3411_2012_512,
+        KECCAK_224,
+        KECCAK_256,
+        KECCAK_288,
+        KECCAK_384,
+        KECCAK_512,
+        MD2,
+        MD4,
+        MD5,
+        NONE,
+        RIPEMD128,
+        RIPEMD160,
+        RIPEMD256,
+        RIPEMD320,
+        SHA_1,
+        SHA_224,
+        SHA_256,
+        SHA_384,
+        SHA_512,
+        SHA_512_224,
+        SHA_512_256,
+        SHA3_224,
+        SHA3_256,
+        SHA3_384,
+        SHA3_512,
+        SHAKE128_256,
+        SHAKE256_512,
+        TIGER,
+        WHIRLPOOL);
+
+    class function GetMechanism(const AAlgorithm: String): String; static;
+    class function GetDigestForMechanism(const AMechanism: String): IDigest; static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
 
   public
     /// <summary>
@@ -71,24 +115,20 @@ type
     /// </summary>
     /// <param name="mechanism">A string representation of the digest mechanism.</param>
     /// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
-    class function GetObjectIdentifier(mechanism: String)
+    class function GetObjectIdentifier(const AMechanism: String)
       : IDerObjectIdentifier; static;
-    class function GetDigest(const id: IDerObjectIdentifier): IDigest; overload;
-      static; inline;
-    class function GetDigest(const algorithm: String): IDigest;
-      overload; static;
+    class function GetDigest(const AOid: IDerObjectIdentifier): IDigest; overload; static; inline;
+    class function GetDigest(const AAlgorithm: String): IDigest; overload; static;
 
-    class function GetAlgorithmName(const oid: IDerObjectIdentifier): String;
-      static; inline;
+    class function GetAlgorithmName(const AOid: IDerObjectIdentifier): String; static; inline;
 
-    class function DoFinal(const digest: IDigest): TCryptoLibByteArray;
-      overload; static; inline;
-    class function DoFinal(const digest: IDigest;
-      const input: TCryptoLibByteArray): TCryptoLibByteArray; overload;
-      static; inline;
+    class function DoFinal(const ADigest: IDigest): TCryptoLibByteArray; overload; static; inline;
+    class function DoFinal(const ADigest: IDigest; const AInput: TCryptoLibByteArray): TCryptoLibByteArray; overload; static; inline;
+    class function DoFinal(const ADigest: IDigest; const AInput: TCryptoLibByteArray; AOffset, ALength: Int32): TCryptoLibByteArray; overload; static; inline;
 
-    class function CalculateDigest(const algorithm: String;
-      const input: TCryptoLibByteArray): TCryptoLibByteArray; static; inline;
+    class function CalculateDigest(const AOid: IDerObjectIdentifier; const AInput: TCryptoLibByteArray): TCryptoLibByteArray; overload; static; inline;
+    class function CalculateDigest(const AAlgorithm: String; const AInput: TCryptoLibByteArray): TCryptoLibByteArray; overload; static; inline;
+    class function CalculateDigest(const AAlgorithm: String; const AInput: TCryptoLibByteArray; AOffset, ALength: Int32): TCryptoLibByteArray; overload; static; inline;
 
   end;
 
@@ -96,481 +136,381 @@ implementation
 
 { TDigestUtilities }
 
-class function TDigestUtilities.GetDigest
-  (const id: IDerObjectIdentifier): IDigest;
+class function TDigestUtilities.GetDigest(const AOid: IDerObjectIdentifier): IDigest;
+var
+  LMechanism: String;
+  LDigest: IDigest;
 begin
-  result := GetDigest(id.id);
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if not FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
+    raise ESecurityUtilityCryptoLibException.CreateRes(@SOidNotRecognised);
+  LDigest := GetDigestForMechanism(LMechanism);
+  if LDigest = nil then
+    raise ESecurityUtilityCryptoLibException.CreateRes(@SOidNotRecognised);
+  Result := LDigest;
 end;
 
-class function TDigestUtilities.GetDigest(const algorithm: String): IDigest;
+class function TDigestUtilities.GetDigest(const AAlgorithm: String): IDigest;
 var
-  upper, mechanism, temp: String;
-  digestAlgorithm: TDigestAlgorithm;
+  LMechanism: String;
+  LDigest: IDigest;
 begin
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LMechanism := GetMechanism(UpperCase(AAlgorithm));
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAlgorithm);
+  LDigest := GetDigestForMechanism(LMechanism);
+  if LDigest = nil then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedDigest, [AAlgorithm]);
+  Result := LDigest;
+end;
 
-  if (Falgorithms = Nil) or (Foids = Nil) then
+class function TDigestUtilities.GetMechanism(const AAlgorithm: String): String;
+var
+  LOid: IDerObjectIdentifier;
+  LMechanism: String;
+begin
+  if FAlgorithmMap.TryGetValue(AAlgorithm, LMechanism) then
   begin
-    TDigestUtilities.Boot;
+    Result := LMechanism;
+    Exit;
   end;
-
-  upper := UpperCase(algorithm);
-  Falgorithms.TryGetValue(upper, mechanism);
-
-  if (mechanism = '') then
+  if TDerObjectIdentifier.TryFromID(AAlgorithm, LOid) and FAlgorithmOidMap.TryGetValue(LOid, LMechanism) then
   begin
-    mechanism := upper;
+    Result := LMechanism;
+    Exit;
   end;
+  Result := '';
+end;
 
-  temp := StringReplace(mechanism, '-', '_', [rfReplaceAll, rfIgnoreCase]);
-
-  temp := StringReplace(temp, '/', '_', [rfReplaceAll, rfIgnoreCase]);
-
-  digestAlgorithm := TDigestAlgorithm
-    (GetEnumValue(TypeInfo(TDigestAlgorithm), temp));
-
-  case digestAlgorithm of
-
+class function TDigestUtilities.GetDigestForMechanism(const AMechanism: String): IDigest;
+var
+  LDigestAlg: TDigestAlgorithm;
+begin
+  Result := nil;
+  if not TEnumUtilities.TryGetEnumValue<TDigestAlgorithm>(AMechanism, LDigestAlg) then
+    Exit;
+  case LDigestAlg of
     TDigestAlgorithm.BLAKE2B_160:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_160);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_160);
     TDigestAlgorithm.BLAKE2B_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_256);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_256);
     TDigestAlgorithm.BLAKE2B_384:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_384);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_384);
     TDigestAlgorithm.BLAKE2B_512:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_512);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2B_512);
     TDigestAlgorithm.BLAKE2S_128:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_128);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_128);
     TDigestAlgorithm.BLAKE2S_160:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_160);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_160);
     TDigestAlgorithm.BLAKE2S_224:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_224);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_224);
     TDigestAlgorithm.BLAKE2S_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_256);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake2S_256);
+    TDigestAlgorithm.BLAKE3_256:
+      Result := TDigest.Create(THashFactory.TCrypto.CreateBlake3_256(nil));
     TDigestAlgorithm.GOST3411:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateGost());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateGost());
     TDigestAlgorithm.GOST3411_2012_256:
-      begin
-        result := TDigest.Create
-          (THashFactory.TCrypto.CreateGOST3411_2012_256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateGOST3411_2012_256());
     TDigestAlgorithm.GOST3411_2012_512:
-      begin
-        result := TDigest.Create
-          (THashFactory.TCrypto.CreateGOST3411_2012_512());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateGOST3411_2012_512());
     TDigestAlgorithm.KECCAK_224:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_224());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_224());
     TDigestAlgorithm.KECCAK_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_256());
     TDigestAlgorithm.KECCAK_288:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_288());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_288());
     TDigestAlgorithm.KECCAK_384:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_384());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_384());
     TDigestAlgorithm.KECCAK_512:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_512());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateKeccak_512());
     TDigestAlgorithm.MD2:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateMD2());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateMD2());
     TDigestAlgorithm.MD4:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateMD4());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateMD4());
     TDigestAlgorithm.MD5:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateMD5());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateMD5());
     TDigestAlgorithm.NONE:
-      begin
-        result := TDigest.Create
-          (THashFactory.TNullDigestFactory.CreateNullDigest());
-        Exit;
-      end;
-
+      Result := TDigest.Create(TNoOpDigest.Create() as IHash);
     TDigestAlgorithm.RIPEMD128:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD128());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD128());
     TDigestAlgorithm.RIPEMD160:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD160());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD160());
     TDigestAlgorithm.RIPEMD256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD256());
     TDigestAlgorithm.RIPEMD320:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD320());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateRIPEMD320());
     TDigestAlgorithm.SHA_1:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA1());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA1());
     TDigestAlgorithm.SHA_224:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_224());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_224());
     TDigestAlgorithm.SHA_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_256());
     TDigestAlgorithm.SHA_384:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_384());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_384());
     TDigestAlgorithm.SHA_512:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512());
     TDigestAlgorithm.SHA_512_224:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512_224());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512_224());
     TDigestAlgorithm.SHA_512_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512_256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA2_512_256());
     TDigestAlgorithm.SHA3_224:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_224());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_224());
     TDigestAlgorithm.SHA3_256:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_256());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_256());
     TDigestAlgorithm.SHA3_384:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_384());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_384());
     TDigestAlgorithm.SHA3_512:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_512());
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateSHA3_512());
     TDigestAlgorithm.SHAKE128_256:
-      begin
-        result := TDigest.Create(THashFactory.TXOF.CreateShake_128(256));
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TXOF.CreateShake_128(256));
     TDigestAlgorithm.SHAKE256_512:
-      begin
-        result := TDigest.Create(THashFactory.TXOF.CreateShake_256(512));
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TXOF.CreateShake_256(512));
     TDigestAlgorithm.TIGER:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateTiger_3_192);
-        Exit;
-      end;
-
+      Result := TDigest.Create(THashFactory.TCrypto.CreateTiger_3_192);
     TDigestAlgorithm.WHIRLPOOL:
-      begin
-        result := TDigest.Create(THashFactory.TCrypto.CreateWhirlPool);
-        Exit;
-      end
+      Result := TDigest.Create(THashFactory.TCrypto.CreateWhirlPool);
   else
-    begin
-      raise ESecurityUtilityCryptoLibException.CreateResFmt
-        (@SUnRecognizedDigest, [mechanism]);
-    end;
-
+    Exit;
   end;
-
 end;
 
 class procedure TDigestUtilities.Boot;
 begin
-  if (Falgorithms = Nil) or (Foids = Nil) then
-  begin
-    Falgorithms := TDictionary<string, string>.Create();
-    Foids := TDictionary<string, IDerObjectIdentifier>.Create();
-
-    Falgorithms.Add('NONE', 'NONE'); // Null Digest
-
-    TPkcsObjectIdentifiers.Boot;
-
-    Falgorithms.Add(TPkcsObjectIdentifiers.MD2.id, 'MD2');
-    Falgorithms.Add(TPkcsObjectIdentifiers.MD4.id, 'MD4');
-    Falgorithms.Add(TPkcsObjectIdentifiers.MD5.id, 'MD5');
-
-    TOiwObjectIdentifiers.Boot;
-
-    Falgorithms.Add('SHA1', 'SHA-1');
-    Falgorithms.Add(TOiwObjectIdentifiers.IdSha1.id, 'SHA-1');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha1.id, 'SHA-1');
-
-    TNistObjectIdentifiers.Boot;
-
-    Falgorithms.Add('SHA224', 'SHA-224');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha224.id, 'SHA-224');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha224.id, 'SHA-224');
-    Falgorithms.Add('SHA256', 'SHA-256');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha256.id, 'SHA-256');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha256.id, 'SHA-256');
-    Falgorithms.Add('SHA384', 'SHA-384');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha384.id, 'SHA-384');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha384.id, 'SHA-384');
-    Falgorithms.Add('SHA512', 'SHA-512');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha512.id, 'SHA-512');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha512.id, 'SHA-512');
-
-    Falgorithms.Add('SHA512/224', 'SHA-512/224');
-    Falgorithms.Add('SHA512-224', 'SHA-512/224');
-    Falgorithms.Add('SHA512(224)', 'SHA-512/224');
-    Falgorithms.Add('SHA-512(224)', 'SHA-512/224');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha512_224.id, 'SHA-512/224');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha512_224.id, 'SHA-512/224');
-    Falgorithms.Add('SHA512/256', 'SHA-512/256');
-    Falgorithms.Add('SHA512-256', 'SHA-512/256');
-    Falgorithms.Add('SHA512(256)', 'SHA-512/256');
-    Falgorithms.Add('SHA-512(256)', 'SHA-512/256');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha512_256.id, 'SHA-512/256');
-    Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha512_256.id, 'SHA-512/256');
-
-    TTeleTrusTObjectIdentifiers.Boot;
-
-    Falgorithms.Add('RIPEMD-128', 'RIPEMD128');
-    Falgorithms.Add(TTeleTrusTObjectIdentifiers.RIPEMD128.id, 'RIPEMD128');
-    Falgorithms.Add('RIPEMD-160', 'RIPEMD160');
-    Falgorithms.Add(TTeleTrusTObjectIdentifiers.RIPEMD160.id, 'RIPEMD160');
-    Falgorithms.Add('RIPEMD-256', 'RIPEMD256');
-    Falgorithms.Add(TTeleTrusTObjectIdentifiers.RIPEMD256.id, 'RIPEMD256');
-    Falgorithms.Add('RIPEMD-320', 'RIPEMD320');
-    // Falgorithms.Add(TTeleTrusTObjectIdentifiers.RipeMD320.Id,'RIPEMD320');
-
-    TCryptoProObjectIdentifiers.Boot;
-
-    Falgorithms.Add(TCryptoProObjectIdentifiers.GostR3411.id, 'GOST3411');
-
-    Falgorithms.Add('KECCAK224', 'KECCAK-224');
-    Falgorithms.Add('KECCAK256', 'KECCAK-256');
-    Falgorithms.Add('KECCAK288', 'KECCAK-288');
-    Falgorithms.Add('KECCAK384', 'KECCAK-384');
-    Falgorithms.Add('KECCAK512', 'KECCAK-512');
-
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha3_224.id, 'SHA3-224');
-    Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_224.id, 'SHA3-224');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha3_256.id, 'SHA3-256');
-    Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_256.id, 'SHA3-256');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha3_384.id, 'SHA3-384');
-    Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_384.id, 'SHA3-384');
-    Falgorithms.Add(TNistObjectIdentifiers.IdSha3_512.id, 'SHA3-512');
-    Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_512.id, 'SHA3-512');
-    Falgorithms.Add('SHAKE128', 'SHAKE128-256');
-    Falgorithms.Add('SHAKE-128', 'SHAKE128-256');
-    Falgorithms.Add(TNistObjectIdentifiers.IdShake128.id, 'SHAKE128-256');
-    Falgorithms.Add('SHAKE256', 'SHAKE256-512');
-    Falgorithms.Add('SHAKE-256', 'SHAKE256-512');
-    Falgorithms.Add(TNistObjectIdentifiers.IdShake256.id, 'SHAKE256-512');
-
-    TMiscObjectIdentifiers.Boot;
-
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2b160.id, 'BLAKE2B-160');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2b256.id, 'BLAKE2B-256');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2b384.id, 'BLAKE2B-384');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2b512.id, 'BLAKE2B-512');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2s128.id, 'BLAKE2S-128');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2s160.id, 'BLAKE2S-160');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2s224.id, 'BLAKE2S-224');
-    Falgorithms.Add(TMiscObjectIdentifiers.id_blake2s256.id, 'BLAKE2S-256');
-
-    TRosstandartObjectIdentifiers.Boot;
-
-    Falgorithms.Add(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.
-      id, 'HMAC-GOST3411-2012-256');
-    Falgorithms.Add(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.
-      id, 'HMAC-GOST3411-2012-512');
-
-    Foids.Add('MD2', TPkcsObjectIdentifiers.MD2);
-    Foids.Add('MD4', TPkcsObjectIdentifiers.MD4);
-    Foids.Add('MD5', TPkcsObjectIdentifiers.MD5);
-    Foids.Add('SHA-1', TOiwObjectIdentifiers.IdSha1);
-    Foids.Add('SHA-224', TNistObjectIdentifiers.IdSha224);
-    Foids.Add('SHA-256', TNistObjectIdentifiers.IdSha256);
-    Foids.Add('SHA-384', TNistObjectIdentifiers.IdSha384);
-    Foids.Add('SHA-512', TNistObjectIdentifiers.IdSha512);
-    Foids.Add('SHA-512/224', TNistObjectIdentifiers.IdSha512_224);
-    Foids.Add('SHA-512/256', TNistObjectIdentifiers.IdSha512_256);
-    Foids.Add('SHA3-224', TNistObjectIdentifiers.IdSha3_224);
-    Foids.Add('SHA3-256', TNistObjectIdentifiers.IdSha3_256);
-    Foids.Add('SHA3-384', TNistObjectIdentifiers.IdSha3_384);
-    Foids.Add('SHA3-512', TNistObjectIdentifiers.IdSha3_512);
-    Foids.Add('SHAKE128-256', TNistObjectIdentifiers.IdShake128);
-    Foids.Add('SHAKE256-512', TNistObjectIdentifiers.IdShake256);
-    Foids.Add('RIPEMD128', TTeleTrusTObjectIdentifiers.RIPEMD128);
-    Foids.Add('RIPEMD160', TTeleTrusTObjectIdentifiers.RIPEMD160);
-    Foids.Add('RIPEMD256', TTeleTrusTObjectIdentifiers.RIPEMD256);
-    Foids.Add('GOST3411', TCryptoProObjectIdentifiers.GostR3411);
-    Foids.Add('BLAKE2B-160', TMiscObjectIdentifiers.id_blake2b160);
-    Foids.Add('BLAKE2B-256', TMiscObjectIdentifiers.id_blake2b256);
-    Foids.Add('BLAKE2B-384', TMiscObjectIdentifiers.id_blake2b384);
-    Foids.Add('BLAKE2B-512', TMiscObjectIdentifiers.id_blake2b512);
-    Foids.Add('BLAKE2S-128', TMiscObjectIdentifiers.id_blake2s128);
-    Foids.Add('BLAKE2S-160', TMiscObjectIdentifiers.id_blake2s160);
-    Foids.Add('BLAKE2S-224', TMiscObjectIdentifiers.id_blake2s224);
-    Foids.Add('BLAKE2S-256', TMiscObjectIdentifiers.id_blake2s256);
-    Foids.Add('GOST3411-2012-256',
-      TRosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-    Foids.Add('GOST3411-2012-512',
-      TRosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-  end;
+  FAlgorithmMap := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FAlgorithmOidMap := TDictionary<IDerObjectIdentifier, String>.Create(TCryptoLibComparers.OidEqualityComparer);
+  FOids := TDictionary<String, IDerObjectIdentifier>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+
+  TPkcsObjectIdentifiers.Boot;
+  TOiwObjectIdentifiers.Boot;
+  TMiscObjectIdentifiers.Boot;
+  TTeleTrusTObjectIdentifiers.Boot;
+  TCryptoProObjectIdentifiers.Boot;
+  TRosstandartObjectIdentifiers.Boot;
+
+  // MD
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD2, 'MD2');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD4, 'MD4');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD5, 'MD5');
+
+  // SHA-1
+  FAlgorithmMap.AddOrSetValue('SHA1', 'SHA-1');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.IdSha1, 'SHA-1');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha1, 'SHA-1');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.HmacSha1, 'SHA-1');
+
+  // SHA-2
+  FAlgorithmMap.AddOrSetValue('SHA224', 'SHA-224');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha224, 'SHA-224');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha224, 'SHA-224');
+
+  FAlgorithmMap.AddOrSetValue('SHA256', 'SHA-256');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha256, 'SHA-256');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha256, 'SHA-256');
+
+  FAlgorithmMap.AddOrSetValue('SHA384', 'SHA-384');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha384, 'SHA-384');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha384, 'SHA-384');
+
+  FAlgorithmMap.AddOrSetValue('SHA512', 'SHA-512');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha512, 'SHA-512');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512, 'SHA-512');
+
+  FAlgorithmMap.AddOrSetValue('SHA512/224', 'SHA-512/224');
+  FAlgorithmMap.AddOrSetValue('SHA512-224', 'SHA-512/224');
+  FAlgorithmMap.AddOrSetValue('SHA512(224)', 'SHA-512/224');
+  FAlgorithmMap.AddOrSetValue('SHA-512(224)', 'SHA-512/224');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha512_224, 'SHA-512/224');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512_224, 'SHA-512/224');
+
+  FAlgorithmMap.AddOrSetValue('SHA512/256', 'SHA-512/256');
+  FAlgorithmMap.AddOrSetValue('SHA512-256', 'SHA-512/256');
+  FAlgorithmMap.AddOrSetValue('SHA512(256)', 'SHA-512/256');
+  FAlgorithmMap.AddOrSetValue('SHA-512(256)', 'SHA-512/256');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha512_256, 'SHA-512/256');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512_256, 'SHA-512/256');
+
+  // RIPEMD
+  FAlgorithmMap.AddOrSetValue('RIPEMD-128', 'RIPEMD128');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RipeMD128, 'RIPEMD128');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD-160', 'RIPEMD160');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RipeMD160, 'RIPEMD160');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD-256', 'RIPEMD256');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RipeMD256, 'RIPEMD256');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD-320', 'RIPEMD320');
+
+  // GOST
+  FAlgorithmOidMap.AddOrSetValue(TCryptoProObjectIdentifiers.GostR3411, 'GOST3411');
+
+  // KECCAK
+  FAlgorithmMap.AddOrSetValue('KECCAK224', 'KECCAK-224');
+  FAlgorithmMap.AddOrSetValue('KECCAK256', 'KECCAK-256');
+  FAlgorithmMap.AddOrSetValue('KECCAK288', 'KECCAK-288');
+  FAlgorithmMap.AddOrSetValue('KECCAK384', 'KECCAK-384');
+  FAlgorithmMap.AddOrSetValue('KECCAK512', 'KECCAK-512');
+
+  // SHA-3 + SHAKE
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha3_224, 'SHA3-224');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_224, 'SHA3-224');
+
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha3_256, 'SHA3-256');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_256, 'SHA3-256');
+
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha3_384, 'SHA3-384');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_384, 'SHA3-384');
+
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdSha3_512, 'SHA3-512');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_512, 'SHA3-512');
+
+  FAlgorithmMap.AddOrSetValue('SHAKE128', 'SHAKE128-256');
+  FAlgorithmMap.AddOrSetValue('SHAKE-128', 'SHAKE128-256');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdShake128, 'SHAKE128-256');
+
+  FAlgorithmMap.AddOrSetValue('SHAKE256', 'SHAKE256-512');
+  FAlgorithmMap.AddOrSetValue('SHAKE-256', 'SHAKE256-512');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdShake256, 'SHAKE256-512');
+
+  // BLAKE
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2b160, 'BLAKE2B-160');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2b256, 'BLAKE2B-256');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2b384, 'BLAKE2B-384');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2b512, 'BLAKE2B-512');
+
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2s128, 'BLAKE2S-128');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2s160, 'BLAKE2S-160');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2s224, 'BLAKE2S-224');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.IdBlake2s256, 'BLAKE2S-256');
+
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.Blake3_256, 'BLAKE3-256');
+
+  // GOST 2012
+  FAlgorithmOidMap.AddOrSetValue(
+    TRosstandartObjectIdentifiers.IdTc26Gost3411_12_256,
+    'GOST3411-2012-256'
+  );
+  FAlgorithmOidMap.AddOrSetValue(
+    TRosstandartObjectIdentifiers.IdTc26Gost3411_12_512,
+    'GOST3411-2012-512'
+  );
+
+  // Reverse OID lookup
+  FOids.AddOrSetValue('MD2', TPkcsObjectIdentifiers.MD2);
+  FOids.AddOrSetValue('MD4', TPkcsObjectIdentifiers.MD4);
+  FOids.AddOrSetValue('MD5', TPkcsObjectIdentifiers.MD5);
+  FOids.AddOrSetValue('SHA-1', TOiwObjectIdentifiers.IdSha1);
+  FOids.AddOrSetValue('SHA-224', TNistObjectIdentifiers.IdSha224);
+  FOids.AddOrSetValue('SHA-256', TNistObjectIdentifiers.IdSha256);
+  FOids.AddOrSetValue('SHA-384', TNistObjectIdentifiers.IdSha384);
+  FOids.AddOrSetValue('SHA-512', TNistObjectIdentifiers.IdSha512);
+  FOids.AddOrSetValue('SHA-512/224', TNistObjectIdentifiers.IdSha512_224);
+  FOids.AddOrSetValue('SHA-512/256', TNistObjectIdentifiers.IdSha512_256);
+  FOids.AddOrSetValue('SHA3-224', TNistObjectIdentifiers.IdSha3_224);
+  FOids.AddOrSetValue('SHA3-256', TNistObjectIdentifiers.IdSha3_256);
+  FOids.AddOrSetValue('SHA3-384', TNistObjectIdentifiers.IdSha3_384);
+  FOids.AddOrSetValue('SHA3-512', TNistObjectIdentifiers.IdSha3_512);
+  FOids.AddOrSetValue('SHAKE128-256', TNistObjectIdentifiers.IdShake128);
+  FOids.AddOrSetValue('SHAKE256-512', TNistObjectIdentifiers.IdShake256);
+  FOids.AddOrSetValue('RIPEMD128', TTeleTrusTObjectIdentifiers.RipeMD128);
+  FOids.AddOrSetValue('RIPEMD160', TTeleTrusTObjectIdentifiers.RipeMD160);
+  FOids.AddOrSetValue('RIPEMD256', TTeleTrusTObjectIdentifiers.RipeMD256);
+  FOids.AddOrSetValue('GOST3411', TCryptoProObjectIdentifiers.GostR3411);
+  FOids.AddOrSetValue('BLAKE2B-160', TMiscObjectIdentifiers.IdBlake2b160);
+  FOids.AddOrSetValue('BLAKE2B-256', TMiscObjectIdentifiers.IdBlake2b256);
+  FOids.AddOrSetValue('BLAKE2B-384', TMiscObjectIdentifiers.IdBlake2b384);
+  FOids.AddOrSetValue('BLAKE2B-512', TMiscObjectIdentifiers.IdBlake2b512);
+  FOids.AddOrSetValue('BLAKE2S-128', TMiscObjectIdentifiers.IdBlake2s128);
+  FOids.AddOrSetValue('BLAKE2S-160', TMiscObjectIdentifiers.IdBlake2s160);
+  FOids.AddOrSetValue('BLAKE2S-224', TMiscObjectIdentifiers.IdBlake2s224);
+  FOids.AddOrSetValue('BLAKE2S-256', TMiscObjectIdentifiers.IdBlake2s256);
+  FOids.AddOrSetValue('BLAKE3-256', TMiscObjectIdentifiers.Blake3_256);
+  FOids.AddOrSetValue('GOST3411-2012-256', TRosstandartObjectIdentifiers.IdTc26Gost3411_12_256);
+  FOids.AddOrSetValue('GOST3411-2012-512', TRosstandartObjectIdentifiers.IdTc26Gost3411_12_512);
+
 end;
 
-class function TDigestUtilities.DoFinal(const digest: IDigest)
+class function TDigestUtilities.DoFinal(const ADigest: IDigest)
   : TCryptoLibByteArray;
 begin
-  System.SetLength(result, digest.GetDigestSize());
-  digest.DoFinal(result, 0);
+  System.SetLength(Result, ADigest.GetDigestSize());
+  ADigest.DoFinal(Result, 0);
 end;
 
-class function TDigestUtilities.DoFinal(const digest: IDigest;
-  const input: TCryptoLibByteArray): TCryptoLibByteArray;
+class function TDigestUtilities.DoFinal(const ADigest: IDigest;
+  const AInput: TCryptoLibByteArray): TCryptoLibByteArray;
 begin
-  digest.BlockUpdate(input, 0, System.Length(input));
-  result := DoFinal(digest);
+  ADigest.BlockUpdate(AInput, 0, System.Length(AInput));
+  Result := DoFinal(ADigest);
 end;
 
-class function TDigestUtilities.CalculateDigest(const algorithm: String;
-  const input: TCryptoLibByteArray): TCryptoLibByteArray;
-var
-  digest: IDigest;
+class function TDigestUtilities.DoFinal(const ADigest: IDigest;
+  const AInput: TCryptoLibByteArray; AOffset, ALength: Int32): TCryptoLibByteArray;
 begin
-  digest := GetDigest(algorithm);
-  digest.BlockUpdate(input, 0, System.Length(input));
-  result := DoFinal(digest);
+  ADigest.BlockUpdate(AInput, AOffset, ALength);
+  Result := DoFinal(ADigest);
 end;
 
-class constructor TDigestUtilities.CreateDigestUtilities;
+class function TDigestUtilities.CalculateDigest(const AOid: IDerObjectIdentifier;
+  const AInput: TCryptoLibByteArray): TCryptoLibByteArray;
+var
+  LDigest: IDigest;
 begin
-  TDigestUtilities.Boot;
+  LDigest := GetDigest(AOid);
+  Result := DoFinal(LDigest, AInput);
 end;
 
-class destructor TDigestUtilities.DestroyDigestUtilities;
+class function TDigestUtilities.CalculateDigest(const AAlgorithm: String;
+  const AInput: TCryptoLibByteArray): TCryptoLibByteArray;
+var
+  LDigest: IDigest;
 begin
-  Falgorithms.Free;
-  Foids.Free;
+  LDigest := GetDigest(AAlgorithm);
+  LDigest.BlockUpdate(AInput, 0, System.Length(AInput));
+  Result := DoFinal(LDigest);
 end;
 
-class function TDigestUtilities.GetAlgorithmName
-  (const oid: IDerObjectIdentifier): String;
+class function TDigestUtilities.CalculateDigest(const AAlgorithm: String;
+  const AInput: TCryptoLibByteArray; AOffset, ALength: Int32): TCryptoLibByteArray;
+var
+  LDigest: IDigest;
 begin
-  Falgorithms.TryGetValue(oid.id, result);
+  LDigest := GetDigest(AAlgorithm);
+  LDigest.BlockUpdate(AInput, AOffset, ALength);
+  Result := DoFinal(LDigest);
 end;
 
-class function TDigestUtilities.GetObjectIdentifier(mechanism: String)
-  : IDerObjectIdentifier;
-var
-  aliased: String;
+class constructor TDigestUtilities.Create;
 begin
-  if (mechanism = '') then
-    raise EArgumentNilCryptoLibException.CreateRes(@SMechanismNil);
+  Boot;
+end;
 
-  mechanism := UpperCase(mechanism);
-  if Falgorithms.TryGetValue(mechanism, aliased) then
-  begin
-    mechanism := aliased;
-  end;
+class destructor TDigestUtilities.Destroy;
+begin
+  FAlgorithmMap.Free;
+  FAlgorithmOidMap.Free;
+  FOids.Free;
+end;
 
-  Foids.TryGetValue(mechanism, result);
+class function TDigestUtilities.GetAlgorithmName(const AOid: IDerObjectIdentifier): String;
+begin
+  Result := TCollectionUtilities.GetValueOrNull<IDerObjectIdentifier, String>(FAlgorithmOidMap, AOid);
+end;
 
+class function TDigestUtilities.GetObjectIdentifier(const AMechanism: String): IDerObjectIdentifier;
+var
+  LCanonical: String;
+begin
+  if AMechanism = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SMechanismNil);
+  LCanonical := GetMechanism(AMechanism);
+  if LCanonical = '' then
+    LCanonical := AMechanism;
+  Result := TCollectionUtilities.GetValueOrNull<String, IDerObjectIdentifier>(FOids, LCanonical);
 end;
 
 end.

CryptoLib/src/Security/ClpGeneratorUtilities.pas

@@ -23,32 +23,36 @@ interface
 
 uses
   SysUtils,
-  ClpEd25519,
-  ClpIEd25519,
   Generics.Collections,
-  ClpECKeyPairGenerator,
-  ClpIECKeyPairGenerator,
+  ClpCollectionUtilities,
   ClpCipherKeyGenerator,
-  ClpICipherKeyGenerator,
-  ClpIAsn1Objects,
+  ClpCryptoLibComparers,
+  ClpCryptoLibTypes,
   ClpDsaKeyPairGenerator,
-  ClpIDsaKeyPairGenerator,
+  ClpECKeyPairGenerator,
+  ClpEd25519,
+  ClpEd25519KeyPairGenerator,
+  ClpEdECObjectIdentifiers,
   ClpDHKeyPairGenerator,
+  ClpIAsn1Objects,
+  ClpIAsymmetricCipherKeyPairGenerator,
+  ClpICipherKeyGenerator,
+  ClpIDsaKeyPairGenerator,
   ClpIDHKeyPairGenerator,
-  ClpRsaKeyPairGenerator,
-  ClpIRsaKeyPairGenerator,
-  ClpEd25519KeyPairGenerator,
+  ClpIECKeyPairGenerator,
+  ClpIEd25519,
   ClpIEd25519KeyPairGenerator,
-  ClpX25519KeyPairGenerator,
+  ClpIRsaKeyPairGenerator,
   ClpIX25519KeyPairGenerator,
-  ClpIAsymmetricCipherKeyPairGenerator,
-  ClpNistObjectIdentifiers,
   ClpIanaObjectIdentifiers,
+  ClpNistObjectIdentifiers,
   ClpPkcsObjectIdentifiers,
   ClpRosstandartObjectIdentifiers,
-  ClpEdECObjectIdentifiers,
+  ClpRsaKeyPairGenerator,
+  ClpSecObjectIdentifiers,
   ClpStringUtils,
-  ClpCryptoLibTypes;
+  ClpX25519KeyPairGenerator,
+  ClpX9ObjectIdentifiers;
 
 resourcestring
   SKeyGeneratorAlgorithmNotRecognised = 'KeyGenerator "%s" not Recognised.';
@@ -64,54 +68,37 @@ type
   TGeneratorUtilities = class sealed(TObject)
 
   strict private
-  class var
-
-    FkgAlgorithms: TDictionary<String, String>;
-    FkpgAlgorithms: TDictionary<String, String>;
-    FdefaultKeySizes: TDictionary<String, Int32>;
-
-    class function FindDefaultKeySize(const canonicalName: String): Int32;
-      static; inline;
-
-    class procedure AddDefaultKeySizeEntries(size: Int32;
-      const algorithms: array of String); static;
-
-    class procedure AddKgAlgorithm(const canonicalName: String;
-      const aliases: array of String); static;
-
-    class procedure AddKpgAlgorithm(const canonicalName: String;
-      const aliases: array of String); static;
-
-    class procedure AddHMacKeyGenerator(const algorithm: String;
-      const aliases: array of String); static;
-
-    class procedure Boot(); static;
-
-    class constructor CreateGeneratorUtilities();
-    class destructor DestroyGeneratorUtilities();
+    class var
+      FKgAlgorithms: TDictionary<String, String>;
+      FKpgAlgorithms: TDictionary<String, String>;
+      FDefaultKeySizes: TDictionary<String, Int32>;
+
+    class function FindDefaultKeySize(const ACanonicalName: String): Int32; static;
+    class procedure AddDefaultKeySizeEntries(ASize: Int32; const AAlgorithms: array of String); static;
+    class procedure AddKgAlgorithm(const ACanonicalName: String; const AAliases: array of String); static;
+    class procedure AddKpgAlgorithm(const ACanonicalName: String; const AAliases: array of String); static;
+    class procedure AddHMacKeyGenerator(const AAlgorithm: String; const AAliases: array of String); static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
 
   public
 
-    class function GetCanonicalKeyGeneratorAlgorithm(const algorithm: String)
-      : String; static; inline;
+    class function GetCanonicalKeyGeneratorAlgorithm(const AAlgorithm: String): String; static; inline;
 
-    class function GetCanonicalKeyPairGeneratorAlgorithm(const algorithm
-      : String): String; static; inline;
+    class function GetCanonicalKeyPairGeneratorAlgorithm(const AAlgorithm: String): String; static; inline;
 
-    class function GetKeyPairGenerator(const oid: IDerObjectIdentifier)
-      : IAsymmetricCipherKeyPairGenerator; overload; static; inline;
+    class function GetKeyPairGenerator(const AOid: IDerObjectIdentifier): IAsymmetricCipherKeyPairGenerator; overload; static; inline;
 
-    class function GetKeyPairGenerator(const algorithm: String)
-      : IAsymmetricCipherKeyPairGenerator; overload; static;
+    class function GetKeyPairGenerator(const AAlgorithm: String): IAsymmetricCipherKeyPairGenerator; overload; static;
 
-    class function GetKeyGenerator(const algorithm: String)
-      : ICipherKeyGenerator; static;
+    class function GetKeyGenerator(const AOid: IDerObjectIdentifier): ICipherKeyGenerator; overload; static; inline;
 
-    class function GetDefaultKeySize(const oid: IDerObjectIdentifier): Int32;
-      overload; static; inline;
+    class function GetKeyGenerator(const AAlgorithm: String): ICipherKeyGenerator; overload; static;
 
-    class function GetDefaultKeySize(const algorithm: String): Int32;
-      overload; static;
+    class function GetDefaultKeySize(const AOid: IDerObjectIdentifier): Int32; overload; static; inline;
+
+    class function GetDefaultKeySize(const AAlgorithm: String): Int32; overload; static;
 
   end;
 
@@ -119,88 +106,71 @@ implementation
 
 { TGeneratorUtilities }
 
-class procedure TGeneratorUtilities.AddDefaultKeySizeEntries(size: Int32;
-  const algorithms: array of String);
+class procedure TGeneratorUtilities.AddDefaultKeySizeEntries(ASize: Int32;
+  const AAlgorithms: array of String);
 var
-  algorithm: string;
+  LAlg: String;
 begin
-  for algorithm in algorithms do
-  begin
-    FdefaultKeySizes.Add(algorithm, size);
-  end;
-
+  for LAlg in AAlgorithms do
+    FDefaultKeySizes.Add(LAlg, ASize);
 end;
 
-class procedure TGeneratorUtilities.AddKgAlgorithm(const canonicalName: String;
-  const aliases: array of String);
+class procedure TGeneratorUtilities.AddKgAlgorithm(const ACanonicalName: String;
+  const AAliases: array of String);
 var
-  alias: string;
+  LAlias: String;
 begin
-  FkgAlgorithms.Add(UpperCase(canonicalName), canonicalName);
-  for alias in aliases do
-  begin
-    FkgAlgorithms.Add(UpperCase(alias), canonicalName);
-  end;
-
+  FKgAlgorithms.AddOrSetValue(ACanonicalName, ACanonicalName);
+  for LAlias in AAliases do
+    FKgAlgorithms.AddOrSetValue(LAlias, ACanonicalName);
 end;
 
-class procedure TGeneratorUtilities.AddKpgAlgorithm(const canonicalName: String;
-  const aliases: array of String);
+class procedure TGeneratorUtilities.AddKpgAlgorithm(const ACanonicalName: String;
+  const AAliases: array of String);
 var
-  alias: string;
+  LAlias: String;
 begin
-  FkpgAlgorithms.Add(UpperCase(canonicalName), canonicalName);
-  for alias in aliases do
-  begin
-    FkpgAlgorithms.Add(UpperCase(alias), canonicalName);
-  end;
-
+  FKpgAlgorithms.AddOrSetValue(ACanonicalName, ACanonicalName);
+  for LAlias in AAliases do
+    FKpgAlgorithms.AddOrSetValue(LAlias, ACanonicalName);
 end;
 
-class procedure TGeneratorUtilities.AddHMacKeyGenerator(const algorithm: String;
-  const aliases: array of String);
+class procedure TGeneratorUtilities.AddHMacKeyGenerator(const AAlgorithm: String;
+  const AAliases: array of String);
 var
-  alias, mainName: string;
+  LAlias, LMainName: String;
 begin
-  mainName := 'HMAC' + algorithm;
-
-  FkgAlgorithms.Add(mainName, mainName);
-  FkgAlgorithms.Add('HMAC-' + algorithm, mainName);
-  FkgAlgorithms.Add('HMAC/' + algorithm, mainName);
-
-  for alias in aliases do
-  begin
-    FkgAlgorithms.Add(UpperCase(alias), mainName);
-  end;
-
+  LMainName := 'HMAC' + AAlgorithm;
+  FKgAlgorithms.AddOrSetValue(LMainName, LMainName);
+  FKgAlgorithms.AddOrSetValue('HMAC-' + AAlgorithm, LMainName);
+  FKgAlgorithms.AddOrSetValue('HMAC/' + AAlgorithm, LMainName);
+  for LAlias in AAliases do
+    FKgAlgorithms.AddOrSetValue(LAlias, LMainName);
 end;
 
 class procedure TGeneratorUtilities.Boot;
 begin
-  FkgAlgorithms := TDictionary<String, String>.Create();
-  FkpgAlgorithms := TDictionary<String, String>.Create();
-  FdefaultKeySizes := TDictionary<String, Int32>.Create();
+  FKgAlgorithms := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FKpgAlgorithms := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FDefaultKeySizes := TDictionary<String, Int32>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
 
   TNistObjectIdentifiers.Boot;
+  TIanaObjectIdentifiers.Boot;
 
-  //
-  // key generators.
-  //
-
-  AddKgAlgorithm('AES128', ['2.16.840.1.101.3.4.2',
-    TNistObjectIdentifiers.IdAes128Cbc.ID,
+  // key generators
+  AddKgAlgorithm('AES', ['AESWRAP']);
+  AddKgAlgorithm('AES128',
+    [TNistObjectIdentifiers.IdAes128Cbc.ID,
     TNistObjectIdentifiers.IdAes128Cfb.ID,
     TNistObjectIdentifiers.IdAes128Ecb.ID,
     TNistObjectIdentifiers.IdAes128Ofb.ID]);
-
-  AddKgAlgorithm('AES192', ['2.16.840.1.101.3.4.22',
-    TNistObjectIdentifiers.IdAes192Cbc.ID,
+  AddKgAlgorithm('AES192',
+    [TNistObjectIdentifiers.IdAes192Cbc.ID,
     TNistObjectIdentifiers.IdAes192Cfb.ID,
     TNistObjectIdentifiers.IdAes192Ecb.ID,
     TNistObjectIdentifiers.IdAes192Ofb.ID]);
-
-  AddKgAlgorithm('AES256', ['2.16.840.1.101.3.4.42',
-    TNistObjectIdentifiers.IdAes256Cbc.ID,
+  AddKgAlgorithm('AES256',
+    [TNistObjectIdentifiers.IdAes256Cbc.ID,
     TNistObjectIdentifiers.IdAes256Cfb.ID,
     TNistObjectIdentifiers.IdAes256Ecb.ID,
     TNistObjectIdentifiers.IdAes256Ofb.ID]);
@@ -212,7 +182,6 @@ begin
   //
   // HMac key generators
   //
-  TIanaObjectIdentifiers.Boot;
 
   AddHMacKeyGenerator('MD2', []);
   AddHMacKeyGenerator('MD4', []);
@@ -220,7 +189,8 @@ begin
 
   TPkcsObjectIdentifiers.Boot;
 
-  AddHMacKeyGenerator('SHA1', [TPkcsObjectIdentifiers.IdHmacWithSha1.ID,
+  AddHMacKeyGenerator('SHA1',
+    [TPkcsObjectIdentifiers.IdHmacWithSha1.ID,
     TIanaObjectIdentifiers.HmacSha1.ID]);
   AddHMacKeyGenerator('SHA224', [TPkcsObjectIdentifiers.IdHmacWithSha224.ID]);
   AddHMacKeyGenerator('SHA256', [TPkcsObjectIdentifiers.IdHmacWithSha256.ID]);
@@ -250,202 +220,186 @@ begin
   TRosstandartObjectIdentifiers.Boot;
 
   AddHMacKeyGenerator('GOST3411-2012-256',
-    [TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.ID]);
+    [TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_256.ID]);
   AddHMacKeyGenerator('GOST3411-2012-512',
-    [TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.ID]);
+    [TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_512.ID]);
 
   //
   // key pair generators.
   //
 
+  TX9ObjectIdentifiers.Boot;
+  TSecObjectIdentifiers.Boot;
+
   AddKpgAlgorithm('DH', ['DIFFIEHELLMAN']);
   AddKpgAlgorithm('DSA', []);
   AddKpgAlgorithm('RSA', [TPkcsObjectIdentifiers.RsaEncryption.ID]);
   AddKpgAlgorithm('RSASSA-PSS', []);
+  AddKpgAlgorithm('EC', [
+    TX9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassStdDHSha224KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassStdDHSha256KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassStdDHSha384KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassStdDHSha512KdfScheme.ID,
+    TX9ObjectIdentifiers.DHSinglePassCofactorDHSha1KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassCofactorDHSha224KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassCofactorDHSha256KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassCofactorDHSha384KdfScheme.ID,
+    TSecObjectIdentifiers.DhSinglePassCofactorDHSha512KdfScheme.ID
+    ]);
   AddKpgAlgorithm('ECDH', ['ECIES']);
   AddKpgAlgorithm('ECDHC', []);
   AddKpgAlgorithm('ECDSA', []);
 
   TEdECObjectIdentifiers.Boot;
 
-  AddKpgAlgorithm('Ed25519', ['Ed25519ctx', 'Ed25519ph',
-    TEdECObjectIdentifiers.id_Ed25519.ID]);
-  AddKpgAlgorithm('Ed25519Blake2B', ['Ed25519Blake2Bctx', 'Ed25519Blake2Bph']);
-  AddKpgAlgorithm('X25519', [TEdECObjectIdentifiers.id_X25519.ID]);
-
-  AddDefaultKeySizeEntries(128, ['AES128', 'BLOWFISH', 'HMACMD2', 'HMACMD4',
-    'HMACMD5', 'HMACRIPEMD128', 'SALSA20']);
+  AddKpgAlgorithm('Ed25519', ['Ed25519ctx', 'Ed25519ph', TEdECObjectIdentifiers.IdEd25519.ID]);
+  AddKpgAlgorithm('GOST3410', ['GOST-3410', 'GOST-3410-94']);
+  AddKpgAlgorithm('RSA', [TPkcsObjectIdentifiers.RsaEncryption.ID]);
+  AddKpgAlgorithm('RSASSA-PSS', []);
+  AddKpgAlgorithm('X25519', [TEdECObjectIdentifiers.IdX25519.ID]);
+
+  AddDefaultKeySizeEntries(128, [
+    'AES128',
+    'BLOWFISH',
+    'CHACHA',
+    'HMACMD2',
+    'HMACMD4',
+    'HMACMD5',
+    'HMACRIPEMD128',
+    'SALSA20'
+    ]);
   AddDefaultKeySizeEntries(160, ['HMACRIPEMD160', 'HMACSHA1']);
   AddDefaultKeySizeEntries(192, ['AES', 'AES192', 'HMACTIGER']);
-  AddDefaultKeySizeEntries(224, ['HMACSHA3-224', 'HMACKECCAK224', 'HMACSHA224',
+  AddDefaultKeySizeEntries(224,
+    ['HMACSHA3-224',
+    'HMACKECCAK224',
+    'HMACSHA224',
     'HMACSHA512/224']);
-  AddDefaultKeySizeEntries(256, ['AES256', 'HMACGOST3411-2012-256',
-    'HMACSHA3-256', 'HMACKECCAK256', 'HMACSHA256', 'HMACSHA512/256']);
+  AddDefaultKeySizeEntries(256, [
+    'AES256',
+    'HMACGOST3411-2012-256',
+    'HMACSHA3-256',
+    'HMACKECCAK256',
+    'HMACSHA256',
+    'HMACSHA512/256'
+    ]);
   AddDefaultKeySizeEntries(288, ['HMACKECCAK288']);
-  AddDefaultKeySizeEntries(384, ['HMACSHA3-384', 'HMACKECCAK384',
-    'HMACSHA384']);
-  AddDefaultKeySizeEntries(512, ['HMACGOST3411-2012-512', 'HMACSHA3-512',
-    'HMACKECCAK512', 'HMACSHA512']);
+  AddDefaultKeySizeEntries(384, ['HMACSHA3-384', 'HMACKECCAK384', 'HMACSHA384']);
+  AddDefaultKeySizeEntries(512, ['HMACGOST3411-2012-512', 'HMACSHA3-512', 'HMACKECCAK512', 'HMACSHA512']);
 end;
 
-class constructor TGeneratorUtilities.CreateGeneratorUtilities;
+class constructor TGeneratorUtilities.Create;
 begin
-  TGeneratorUtilities.Boot;
+  Boot;
 end;
 
-class destructor TGeneratorUtilities.DestroyGeneratorUtilities;
+class destructor TGeneratorUtilities.Destroy;
 begin
-  FkgAlgorithms.Free;
-  FkpgAlgorithms.Free;
-  FdefaultKeySizes.Free;
+  FKgAlgorithms.Free;
+  FKpgAlgorithms.Free;
+  FDefaultKeySizes.Free;
 end;
 
-class function TGeneratorUtilities.FindDefaultKeySize(const canonicalName
-  : String): Int32;
+class function TGeneratorUtilities.FindDefaultKeySize(const ACanonicalName: String): Int32;
 begin
-  if (not FdefaultKeySizes.ContainsKey(canonicalName)) then
-  begin
-    result := -1;
-    Exit;
-  end;
-
-  FdefaultKeySizes.TryGetValue(canonicalName, result);
+  if not FDefaultKeySizes.TryGetValue(ACanonicalName, Result) then
+    Result := -1;
 end;
 
-class function TGeneratorUtilities.GetCanonicalKeyGeneratorAlgorithm
-  (const algorithm: String): String;
+class function TGeneratorUtilities.GetCanonicalKeyGeneratorAlgorithm(const AAlgorithm: String): String;
 begin
-  FkgAlgorithms.TryGetValue(UpperCase(algorithm), result);
+  Result := TCollectionUtilities.GetValueOrNull<String, String>(FKgAlgorithms, AAlgorithm);
 end;
 
-class function TGeneratorUtilities.GetCanonicalKeyPairGeneratorAlgorithm
-  (const algorithm: String): String;
+class function TGeneratorUtilities.GetCanonicalKeyPairGeneratorAlgorithm(const AAlgorithm: String): String;
 begin
-  FkpgAlgorithms.TryGetValue(UpperCase(algorithm), result);
+  Result := TCollectionUtilities.GetValueOrNull<String, String>(FKpgAlgorithms, AAlgorithm);
 end;
 
-class function TGeneratorUtilities.GetDefaultKeySize(const algorithm
-  : String): Int32;
+class function TGeneratorUtilities.GetDefaultKeySize(const AAlgorithm: String): Int32;
 var
-  canonicalName: string;
-  defaultKeySize: Int32;
+  LCanonicalName: String;
+  LDefaultKeySize: Int32;
 begin
-  canonicalName := GetCanonicalKeyGeneratorAlgorithm(algorithm);
-
-  if (canonicalName = '') then
-  begin
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SKeyGeneratorAlgorithmNotRecognised, [algorithm]);
-  end;
-
-  defaultKeySize := FindDefaultKeySize(canonicalName);
-  if (defaultKeySize = -1) then
-  begin
-
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SKeyGeneratorAlgorithmNotSupported, [algorithm, canonicalName]);
-  end;
+  LCanonicalName := GetCanonicalKeyGeneratorAlgorithm(AAlgorithm);
+  if LCanonicalName = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyGeneratorAlgorithmNotRecognised, [AAlgorithm]);
+  LDefaultKeySize := FindDefaultKeySize(LCanonicalName);
+  if LDefaultKeySize = -1 then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyGeneratorAlgorithmNotSupported, [AAlgorithm, LCanonicalName]);
+  Result := LDefaultKeySize;
+end;
 
-  result := defaultKeySize;
+class function TGeneratorUtilities.GetDefaultKeySize(const AOid: IDerObjectIdentifier): Int32;
+begin
+  Result := GetDefaultKeySize(AOid.ID);
 end;
 
-class function TGeneratorUtilities.GetDefaultKeySize
-  (const oid: IDerObjectIdentifier): Int32;
+class function TGeneratorUtilities.GetKeyGenerator(const AOid: IDerObjectIdentifier): ICipherKeyGenerator;
 begin
-  result := GetDefaultKeySize(oid.ID);
+  Result := GetKeyGenerator(AOid.ID);
 end;
 
-class function TGeneratorUtilities.GetKeyGenerator(const algorithm: String)
-  : ICipherKeyGenerator;
+class function TGeneratorUtilities.GetKeyGenerator(const AAlgorithm: String): ICipherKeyGenerator;
 var
-  canonicalName: string;
-  defaultKeySize: Int32;
+  LCanonicalName: String;
+  LDefaultKeySize: Int32;
 begin
-
-  canonicalName := GetCanonicalKeyGeneratorAlgorithm(algorithm);
-  if (canonicalName = '') then
-  begin
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SKeyGeneratorAlgorithmNotRecognised, [algorithm]);
-  end;
-
-  defaultKeySize := FindDefaultKeySize(canonicalName);
-  if (defaultKeySize = -1) then
-  begin
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SKeyGeneratorAlgorithmNotSupported, [algorithm, canonicalName]);
-  end;
-
-  result := TCipherKeyGenerator.Create(defaultKeySize);
+  LCanonicalName := GetCanonicalKeyGeneratorAlgorithm(AAlgorithm);
+  if LCanonicalName = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyGeneratorAlgorithmNotRecognised, [AAlgorithm]);
+  LDefaultKeySize := FindDefaultKeySize(LCanonicalName);
+  if LDefaultKeySize = -1 then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyGeneratorAlgorithmNotSupported, [AAlgorithm, LCanonicalName]);
+  Result := TCipherKeyGenerator.Create(LDefaultKeySize);
 end;
 
-class function TGeneratorUtilities.GetKeyPairGenerator(const algorithm: String)
-  : IAsymmetricCipherKeyPairGenerator;
+class function TGeneratorUtilities.GetKeyPairGenerator(const AAlgorithm: String): IAsymmetricCipherKeyPairGenerator;
 var
-  canonicalName: string;
+  LCanonicalName: String;
 begin
-  canonicalName := GetCanonicalKeyPairGeneratorAlgorithm(algorithm);
+  LCanonicalName := GetCanonicalKeyPairGeneratorAlgorithm(AAlgorithm);
+  if LCanonicalName = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyPairGeneratorAlgorithmNotRecognised, [AAlgorithm]);
 
-  if (canonicalName = '') then
+  if LCanonicalName = 'DH' then
   begin
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SKeyPairGeneratorAlgorithmNotRecognised, [algorithm]);
-  end;
-
-  if (canonicalName = 'DH') then
-  begin
-    result := TDHKeyPairGenerator.Create() as IDHKeyPairGenerator;
+    Result := TDHKeyPairGenerator.Create() as IDHKeyPairGenerator;
     Exit;
   end;
-
-  if (canonicalName = 'DSA') then
+  if LCanonicalName = 'DSA' then
   begin
-    result := TDsaKeyPairGenerator.Create() as IDsaKeyPairGenerator;
+    Result := TDsaKeyPairGenerator.Create() as IDsaKeyPairGenerator;
     Exit;
   end;
-
-  if ((canonicalName = 'RSA') or (canonicalName = 'RSASSA-PSS')) then
+  if (LCanonicalName = 'RSA') or (LCanonicalName = 'RSASSA-PSS') then
   begin
-    result := TRsaKeyPairGenerator.Create() as IRsaKeyPairGenerator;
+    Result := TRsaKeyPairGenerator.Create() as IRsaKeyPairGenerator;
     Exit;
   end;
-
-  // "EC", "ECDH", "ECDHC", "ECDSA", "ECGOST3410", "ECMQV"
-  if TStringUtils.BeginsWith(canonicalName, 'EC', True) then
+  if TStringUtils.BeginsWith(LCanonicalName, 'EC', True) then
   begin
-    result := TECKeyPairGenerator.Create(canonicalName) as IECKeyPairGenerator;
+    Result := TECKeyPairGenerator.Create(LCanonicalName) as IECKeyPairGenerator;
     Exit;
   end;
-
-  if (canonicalName = 'Ed25519') then
+  if LCanonicalName = 'Ed25519' then
   begin
-    result := TEd25519KeyPairGenerator.Create(TEd25519.Create() as IEd25519)
-      as IEd25519KeyPairGenerator;
+    Result := TEd25519KeyPairGenerator.Create(TEd25519.Create() as IEd25519) as IEd25519KeyPairGenerator;
     Exit;
   end;
-
-  if (canonicalName = 'Ed25519Blake2B') then
+  if LCanonicalName = 'X25519' then
   begin
-    result := TEd25519KeyPairGenerator.Create(TEd25519Blake2B.Create()
-      as IEd25519Blake2B) as IEd25519KeyPairGenerator;
+    Result := TX25519KeyPairGenerator.Create() as IX25519KeyPairGenerator;
     Exit;
   end;
 
-  if (canonicalName = 'X25519') then
-  begin
-    result := TX25519KeyPairGenerator.Create() as IX25519KeyPairGenerator;
-    Exit;
-  end;
-
-  raise ESecurityUtilityCryptoLibException.CreateResFmt
-    (@SKeyPairGeneratorAlgorithmNotSupported, [algorithm, canonicalName]);
-
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SKeyPairGeneratorAlgorithmNotSupported, [AAlgorithm, LCanonicalName]);
 end;
 
-class function TGeneratorUtilities.GetKeyPairGenerator
-  (const oid: IDerObjectIdentifier): IAsymmetricCipherKeyPairGenerator;
+class function TGeneratorUtilities.GetKeyPairGenerator(const AOid: IDerObjectIdentifier): IAsymmetricCipherKeyPairGenerator;
 begin
-  result := GetKeyPairGenerator(oid.ID);
+  Result := GetKeyPairGenerator(AOid.ID);
 end;
 
 end.

CryptoLib/src/Security/ClpMacUtilities.pas

@@ -1,4 +1,4 @@
-{ *********************************************************************************** }
+{ *********************************************************************************** }
 { *                              CryptoLib Library                                  * }
 { *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
 { *                 Github Repository <https://github.com/Xor-el>                   * }
@@ -24,53 +24,52 @@ interface
 uses
   SysUtils,
   Generics.Collections,
+  ClpAsn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
+  ClpCryptoLibTypes,
+  ClpDigestUtilities,
   ClpIAsn1Objects,
-  ClpIMac,
-  ClpHMac,
   ClpICipherParameters,
+  ClpIMac,
   ClpIanaObjectIdentifiers,
-  ClpPkcsObjectIdentifiers,
+  ClpMiscObjectIdentifiers,
   ClpNistObjectIdentifiers,
+  ClpOiwObjectIdentifiers,
+  ClpPkcsObjectIdentifiers,
   ClpRosstandartObjectIdentifiers,
-  ClpDigestUtilities,
-  ClpStringUtils,
-  ClpCryptoLibTypes;
+  ClpHMac,
+  ClpPlatform;
 
 resourcestring
+  SOidNil = 'OID Cannot be Nil';
+  SAlgorithmNil = 'Algorithm Cannot be Nil';
   SUnRecognizedMac = 'Mac "%s" not recognised.';
+  SUnRecognizedMacOid = 'Mac OID not recognised.';
 
 type
+  /// <summary>
+  /// Utility class for creating IMac (HMAC) objects from names/OIDs.
+  /// </summary>
   TMacUtilities = class sealed(TObject)
-
   strict private
-
     class var
-
-      Falgorithms: TDictionary<String, String>;
-
-    class procedure Boot(); static;
-    class constructor CreateMacUtilities();
-    class destructor DestroyMacUtilities();
-
+      FAlgorithmMap: TDictionary<String, String>;
+      FAlgorithmOidMap: TDictionary<IDerObjectIdentifier, String>;
+
+    class function GetMechanism(const AAlgorithm: String): String; static;
+    class function GetMacForMechanism(const AMechanism: String): IMac; static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
   public
-
-    class function GetMac(const id: IDerObjectIdentifier): IMac; overload;
-      static; inline;
-    class function GetMac(const algorithm: string): IMac; overload; static;
-
-    class function GetAlgorithmName(const oid: IDerObjectIdentifier): string;
-      static; inline;
-
-    class function CalculateMac(const algorithm: String;
-      const cp: ICipherParameters; const input: TCryptoLibByteArray)
-      : TCryptoLibByteArray; static; inline;
-
-    class function DoFinal(const mac: IMac): TCryptoLibByteArray; overload;
-      static; inline;
-
-    class function DoFinal(const mac: IMac; const input: TCryptoLibByteArray)
-      : TCryptoLibByteArray; overload; static; inline;
-
+    class function GetAlgorithmName(const AOid: IDerObjectIdentifier): String; static;
+    class function GetMac(const AOid: IDerObjectIdentifier): IMac; overload; static;
+    class function GetMac(const AAlgorithm: String): IMac; overload; static;
+    class function CalculateMac(const AAlgorithm: String; const ACp: ICipherParameters;
+      const AInput: TCryptoLibByteArray): TCryptoLibByteArray; static;
+    class function DoFinal(const AMac: IMac): TCryptoLibByteArray; overload; static;
+    class function DoFinal(const AMac: IMac; const AInput: TCryptoLibByteArray): TCryptoLibByteArray; overload; static;
   end;
 
 implementation
@@ -79,119 +78,159 @@ implementation
 
 class procedure TMacUtilities.Boot;
 begin
-  Falgorithms := TDictionary<string, string>.Create();
+  FAlgorithmMap := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FAlgorithmOidMap := TDictionary<IDerObjectIdentifier, String>.Create(TCryptoLibComparers.OidEqualityComparer);
 
   TIanaObjectIdentifiers.Boot;
-
-  Falgorithms.Add(TIanaObjectIdentifiers.HmacMD5.id, 'HMAC-MD5');
-  Falgorithms.Add(TIanaObjectIdentifiers.HmacRipeMD160.id, 'HMAC-RIPEMD160');
-  Falgorithms.Add(TIanaObjectIdentifiers.HmacSha1.id, 'HMAC-SHA1');
-  Falgorithms.Add(TIanaObjectIdentifiers.HmacTiger.id, 'HMAC-TIGER');
-
   TPkcsObjectIdentifiers.Boot;
-
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha1.id, 'HMAC-SHA1');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha224.id, 'HMAC-SHA224');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha256.id, 'HMAC-SHA256');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha384.id, 'HMAC-SHA384');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdHmacWithSha512.id, 'HMAC-SHA512');
-
+  TMiscObjectIdentifiers.Boot;
   TNistObjectIdentifiers.Boot;
-
-  Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_224.id,
-    'HMAC-SHA3-224');
-  Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_256.id,
-    'HMAC-SHA3-256');
-  Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_384.id,
-    'HMAC-SHA3-384');
-  Falgorithms.Add(TNistObjectIdentifiers.IdHMacWithSha3_512.id,
-    'HMAC-SHA3-512');
-
   TRosstandartObjectIdentifiers.Boot;
+  TOiwObjectIdentifiers.Boot;
+
+  FAlgorithmOidMap.AddOrSetValue(TIanaObjectIdentifiers.HmacMD5, 'HMAC-MD5');
+  FAlgorithmOidMap.AddOrSetValue(TIanaObjectIdentifiers.HmacRipeMD160, 'HMAC-RIPEMD160');
+  FAlgorithmOidMap.AddOrSetValue(TIanaObjectIdentifiers.HmacSha1, 'HMAC-SHA1');
+  FAlgorithmOidMap.AddOrSetValue(TIanaObjectIdentifiers.HmacTiger, 'HMAC-TIGER');
+
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha1, 'HMAC-SHA1');
+  FAlgorithmOidMap.AddOrSetValue(TMiscObjectIdentifiers.HmacSha1, 'HMAC-SHA1');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha224, 'HMAC-SHA224');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha256, 'HMAC-SHA256');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha384, 'HMAC-SHA384');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512, 'HMAC-SHA512');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512_224, 'HMAC-SHA512-224');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdHmacWithSha512_256, 'HMAC-SHA512-256');
+
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_224, 'HMAC-SHA3-224');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_256, 'HMAC-SHA3-256');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_384, 'HMAC-SHA3-384');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdHMacWithSha3_512, 'HMAC-SHA3-512');
+
+  FAlgorithmOidMap.AddOrSetValue(TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_256, 'HMAC-GOST3411-2012-256');
+  FAlgorithmOidMap.AddOrSetValue(TRosstandartObjectIdentifiers.IdTc26HmacGost3411_12_512, 'HMAC-GOST3411-2012-512');
+
+  FAlgorithmMap.AddOrSetValue('PBEWITHHMACSHA', 'PBEWITHHMACSHA1');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.IdSha1, 'PBEWITHHMACSHA1');
+end;
 
-  Falgorithms.Add(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.
-    id, 'HMAC-GOST3411-2012-256');
-  Falgorithms.Add(TRosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.
-    id, 'HMAC-GOST3411-2012-512');
+class constructor TMacUtilities.Create;
+begin
+  Boot;
 end;
 
-class function TMacUtilities.GetMac(const algorithm: string): IMac;
-var
-  upper, mechanism, digestName: string;
-  HighPoint: Int32;
+class destructor TMacUtilities.Destroy;
 begin
-  upper := UpperCase(algorithm);
+  FAlgorithmMap.Free;
+  FAlgorithmOidMap.Free;
+end;
 
-  if not Falgorithms.TryGetValue(upper, mechanism) then
+class function TMacUtilities.GetMechanism(const AAlgorithm: String): String;
+var
+  LOid: IDerObjectIdentifier;
+  LMechanism: String;
+begin
+  if FAlgorithmMap.TryGetValue(AAlgorithm, LMechanism) then
   begin
-    mechanism := upper;
+    Result := LMechanism;
+    Exit;
   end;
-
-  if TStringUtils.BeginsWith(mechanism, 'HMAC', True) then
+  if TDerObjectIdentifier.TryFromID(AAlgorithm, LOid) and FAlgorithmOidMap.TryGetValue(LOid, LMechanism) then
   begin
-    HighPoint := System.Length(mechanism);
-    if ((TStringUtils.BeginsWith(mechanism, 'HMAC-', True)) or
-      (TStringUtils.BeginsWith(mechanism, 'HMAC/', True))) then
-    begin
-      digestName := System.Copy(mechanism, 6, HighPoint - 5);
-    end
-    else
-    begin
-      digestName := System.Copy(mechanism, 5, HighPoint - 4);
-    end;
-
-    result := THMac.Create(TDigestUtilities.GetDigest(digestName));
+    Result := LMechanism;
     Exit;
   end;
-
-  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedMac,
-    [mechanism]);
+  Result := '';
 end;
 
-class function TMacUtilities.DoFinal(const mac: IMac): TCryptoLibByteArray;
+class function TMacUtilities.GetMacForMechanism(const AMechanism: String): IMac;
+var
+  LMechanism: String;
+  LDigestName: String;
 begin
-  System.SetLength(result, mac.GetMacSize());
-  mac.DoFinal(result, 0);
+  Result := nil;
+  LMechanism := AMechanism;
+  if TPlatform.StartsWith(LMechanism, 'PBEWITH') then
+    LMechanism := TPlatform.Substring(LMechanism, System.Length('PBEWITH') + 1);
+
+  if TPlatform.StartsWith(LMechanism, 'HMAC') then
+  begin
+    if TPlatform.StartsWith(LMechanism, 'HMAC-') or TPlatform.StartsWith(LMechanism, 'HMAC/') then
+      LDigestName := TPlatform.Substring(LMechanism, 6)
+    else
+      LDigestName := TPlatform.Substring(LMechanism, 5);
+    if LDigestName = 'SHA512-224' then
+      LDigestName := 'SHA-512/224'
+    else if LDigestName = 'SHA512-256' then
+      LDigestName := 'SHA-512/256';
+    Result := THMac.Create(TDigestUtilities.GetDigest(LDigestName));
+  end;
 end;
 
-class function TMacUtilities.DoFinal(const mac: IMac;
-  const input: TCryptoLibByteArray): TCryptoLibByteArray;
+class function TMacUtilities.GetAlgorithmName(const AOid: IDerObjectIdentifier): String;
 begin
-  mac.BlockUpdate(input, 0, System.Length(input));
-  result := DoFinal(mac);
+  Result := TCollectionUtilities.GetValueOrNull<IDerObjectIdentifier, String>(FAlgorithmOidMap, AOid);
 end;
 
-class function TMacUtilities.CalculateMac(const algorithm: String;
-  const cp: ICipherParameters; const input: TCryptoLibByteArray)
-  : TCryptoLibByteArray;
+class function TMacUtilities.GetMac(const AOid: IDerObjectIdentifier): IMac;
 var
-  mac: IMac;
+  LMechanism: String;
+  LMac: IMac;
 begin
-  mac := GetMac(algorithm);
-  mac.Init(cp);
-  mac.BlockUpdate(input, 0, System.Length(input));
-  result := DoFinal(mac);
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SOidNil);
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
+  begin
+    LMac := GetMacForMechanism(LMechanism);
+    if LMac <> nil then
+    begin
+      Result := LMac;
+      Exit;
+    end;
+  end;
+  raise ESecurityUtilityCryptoLibException.CreateRes(@SUnRecognizedMacOid);
 end;
 
-class constructor TMacUtilities.CreateMacUtilities;
+class function TMacUtilities.GetMac(const AAlgorithm: String): IMac;
+var
+  LMechanism: String;
+  LMac: IMac;
 begin
-  TMacUtilities.Boot;
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := UpperCase(AAlgorithm);
+  LMac := GetMacForMechanism(LMechanism);
+  if LMac <> nil then
+  begin
+    Result := LMac;
+    Exit;
+  end;
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedMac, [AAlgorithm]);
 end;
 
-class destructor TMacUtilities.DestroyMacUtilities;
+class function TMacUtilities.CalculateMac(const AAlgorithm: String; const ACp: ICipherParameters;
+  const AInput: TCryptoLibByteArray): TCryptoLibByteArray;
+var
+  LMac: IMac;
 begin
-  Falgorithms.Free;
+  LMac := GetMac(AAlgorithm);
+  LMac.Init(ACp);
+  LMac.BlockUpdate(AInput, 0, System.Length(AInput));
+  Result := DoFinal(LMac);
 end;
 
-class function TMacUtilities.GetMac(const id: IDerObjectIdentifier): IMac;
+class function TMacUtilities.DoFinal(const AMac: IMac): TCryptoLibByteArray;
 begin
-  result := GetMac(id.id);
+  System.SetLength(Result, AMac.GetMacSize());
+  AMac.DoFinal(Result, 0);
 end;
 
-class function TMacUtilities.GetAlgorithmName
-  (const oid: IDerObjectIdentifier): string;
+class function TMacUtilities.DoFinal(const AMac: IMac; const AInput: TCryptoLibByteArray): TCryptoLibByteArray;
 begin
-  Falgorithms.TryGetValue(oid.id, result);
+  AMac.BlockUpdate(AInput, 0, System.Length(AInput));
+  Result := DoFinal(AMac);
 end;
 
 end.

CryptoLib/src/Security/ClpParameterUtilities.pas

@@ -1,4 +1,4 @@
-{ *********************************************************************************** }
+{ *********************************************************************************** }
 { *                              CryptoLib Library                                  * }
 { *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
 { *                 Github Repository <https://github.com/Xor-el>                   * }
@@ -24,225 +24,307 @@ interface
 uses
   SysUtils,
   Generics.Collections,
-  ClpKeyParameter,
+  ClpAsn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
+  ClpCryptoLibTypes,
+  ClpCryptoProObjectIdentifiers,
+  ClpIAsn1Objects,
   ClpIKeyParameter,
   ClpICipherParameters,
+  ClpIParametersWithRandom,
   ClpISecureRandom,
-  ClpIAsn1Objects,
+  ClpKeyParameter,
+  ClpMiscObjectIdentifiers,
   ClpNistObjectIdentifiers,
+  ClpOiwObjectIdentifiers,
   ClpParametersWithRandom,
-  ClpIParametersWithRandom,
-  ClpCryptoLibTypes;
+  ClpParametersWithIV,
+  ClpSecureRandom;
 
 resourcestring
   SAlgorithmNil = 'Algorithm Cannot be Nil';
-  SAlgorithmNotRecognised = 'Algorithm "%s" not Recognised.';
+  SAlgorithmNotRecognised = 'Algorithm "%s" not recognised.';
+  SCouldNotProcessAsn1Parameters = 'Could not process ASN.1 parameters';
+  SCouldNotProcessAsn1ParametersFmt = 'Could not process ASN.1 parameters: %s';
+  SParametersWithContextNotImpl = 'ParametersWithContext not implemented';
 
 type
-
   TParameterUtilities = class sealed(TObject)
-
   strict private
-  class var
-
-    Falgorithms: TDictionary<String, String>;
-    FbasicIVSizes: TDictionary<String, Int32>;
-
-    class procedure AddAlgorithm(const canonicalName: String;
-      const aliases: array of String); static;
-
-    class procedure AddBasicIVSizeEntries(size: Int32;
-      const algorithms: array of String); static;
-
-    class procedure Boot(); static;
-    class constructor CreateParameterUtilities();
-    class destructor DestroyParameterUtilities();
-
+    class var
+      FAlgorithms: TDictionary<String, String>;
+      FBasicIVSizes: TDictionary<String, Int32>;
+
+    class procedure AddAlgorithm(const ACanonicalName: String;
+      const AAliases: array of String); static;
+    class procedure AddBasicIVSizeEntries(ASize: Int32;
+      const AAlgorithms: array of String); static;
+    class function FindBasicIVSize(const ACanonicalName: String): Int32; static;
+    class function CreateIV(const ARandom: ISecureRandom; AIVLength: Int32): TCryptoLibByteArray; static;
+    class function CreateIVOctetString(const ARandom: ISecureRandom;
+      AIVLength: Int32): IAsn1Encodable; static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
   public
-    class function GetCanonicalAlgorithmName(const algorithm: String): String;
-      static; inline;
-    class function CreateKeyParameter(const algOid: IDerObjectIdentifier;
-      const keyBytes: TCryptoLibByteArray): IKeyParameter; overload;
-      static; inline;
-
-    class function CreateKeyParameter(const algorithm: String;
-      const keyBytes: TCryptoLibByteArray): IKeyParameter; overload; static;
-
-    class function CreateKeyParameter(const algOid: IDerObjectIdentifier;
-      const keyBytes: TCryptoLibByteArray; offset, length: Int32)
-      : IKeyParameter; overload; static; inline;
-
-    class function CreateKeyParameter(const algorithm: String;
-      const keyBytes: TCryptoLibByteArray; offset, length: Int32)
-      : IKeyParameter; overload; static;
-
-    class function WithRandom(const cp: ICipherParameters;
-      const random: ISecureRandom): ICipherParameters; static; inline;
-
-    class function IgnoreRandom(const CipherParameters: ICipherParameters): ICipherParameters;
-
-    class function GetRandom(const CipherParameters: ICipherParameters; out Random: ISecureRandom): ICipherParameters;
-
+    class function GetCanonicalAlgorithmName(const AAlgorithm: String): String; static;
+    class function CreateKeyParameter(const AAlgOid: IDerObjectIdentifier;
+      const AKeyBytes: TCryptoLibByteArray): IKeyParameter; overload; static;
+    class function CreateKeyParameter(const AAlgorithm: String;
+      const AKeyBytes: TCryptoLibByteArray): IKeyParameter; overload; static;
+    class function CreateKeyParameter(const AAlgOid: IDerObjectIdentifier;
+      const AKeyBytes: TCryptoLibByteArray; AOffset, ALength: Int32): IKeyParameter; overload; static;
+    class function CreateKeyParameter(const AAlgorithm: String;
+      const AKeyBytes: TCryptoLibByteArray; AOffset, ALength: Int32): IKeyParameter; overload; static;
+    class function GetCipherParameters(const AAlgOid: IDerObjectIdentifier;
+      const AKey: ICipherParameters; const AAsn1Params: IAsn1Encodable): ICipherParameters; overload; static;
+    class function GetCipherParameters(const AAlgorithm: String;
+      const AKey: ICipherParameters; const AAsn1Params: IAsn1Encodable): ICipherParameters; overload; static;
+    class function GenerateParameters(const AAlgId: IDerObjectIdentifier;
+      const ARandom: ISecureRandom): IAsn1Encodable; overload; static;
+    class function GenerateParameters(const AAlgorithm: String;
+      const ARandom: ISecureRandom): IAsn1Encodable; overload; static;
+    class function GetRandom(const ACipherParameters: ICipherParameters;
+      out ARandom: ISecureRandom): ICipherParameters; static;
+    class function IgnoreRandom(const ACipherParameters: ICipherParameters): ICipherParameters; static;
+    class function WithRandom(const ACp: ICipherParameters;
+      const ARandom: ISecureRandom): ICipherParameters; static;
   end;
 
 implementation
 
 { TParameterUtilities }
 
-class procedure TParameterUtilities.AddAlgorithm(const canonicalName: String;
-  const aliases: array of String);
+class procedure TParameterUtilities.AddAlgorithm(const ACanonicalName: String;
+  const AAliases: array of String);
 var
-  alias: string;
+  LAlias: String;
 begin
-  Falgorithms.Add(canonicalName, canonicalName);
-  for alias in aliases do
-  begin
-    Falgorithms.Add(alias, canonicalName);
-  end;
+  FAlgorithms.AddOrSetValue(ACanonicalName, ACanonicalName);
+  for LAlias in AAliases do
+    FAlgorithms.AddOrSetValue(LAlias, ACanonicalName);
+end;
 
+class procedure TParameterUtilities.AddBasicIVSizeEntries(ASize: Int32;
+  const AAlgorithms: array of String);
+var
+  LAlg: String;
+begin
+  for LAlg in AAlgorithms do
+    FBasicIVSizes.Add(LAlg, ASize);
 end;
 
-class procedure TParameterUtilities.AddBasicIVSizeEntries(size: Int32;
-  const algorithms: array of String);
+class function TParameterUtilities.FindBasicIVSize(const ACanonicalName: String): Int32;
 var
-  algorithm: string;
+  LSize: Int32;
 begin
-  for algorithm in algorithms do
-  begin
-    FbasicIVSizes.Add(algorithm, size);
-  end;
+  if FBasicIVSizes.TryGetValue(ACanonicalName, LSize) then
+    Result := LSize
+  else
+    Result := -1;
 end;
 
-class procedure TParameterUtilities.Boot;
+class function TParameterUtilities.CreateIV(const ARandom: ISecureRandom;
+  AIVLength: Int32): TCryptoLibByteArray;
 begin
-  Falgorithms := TDictionary<String, String>.Create();
-  FbasicIVSizes := TDictionary<string, Int32>.Create();
+  Result := TSecureRandom.GetNextBytes(ARandom, AIVLength);
+end;
 
+class function TParameterUtilities.CreateIVOctetString(const ARandom: ISecureRandom;
+  AIVLength: Int32): IAsn1Encodable;
+begin
+  Result := TDerOctetString.Create(CreateIV(ARandom, AIVLength));
+end;
+
+class procedure TParameterUtilities.Boot;
+begin
   TNistObjectIdentifiers.Boot;
 
-  AddAlgorithm('AES', []);
-  AddAlgorithm('AES128', ['2.16.840.1.101.3.4.2',
+  FAlgorithms := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FBasicIVSizes := TDictionary<String, Int32>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+
+  AddAlgorithm('AES', ['AESWRAP']);
+
+  AddAlgorithm('AES128', [
     TNistObjectIdentifiers.IdAes128Cbc.ID,
     TNistObjectIdentifiers.IdAes128Cfb.ID,
     TNistObjectIdentifiers.IdAes128Ecb.ID,
-    TNistObjectIdentifiers.IdAes128Ofb.ID]);
-  AddAlgorithm('AES192', ['2.16.840.1.101.3.4.22',
+    TNistObjectIdentifiers.IdAes128Ofb.ID
+    ]);
+
+  AddAlgorithm('AES192', [
     TNistObjectIdentifiers.IdAes192Cbc.ID,
     TNistObjectIdentifiers.IdAes192Cfb.ID,
     TNistObjectIdentifiers.IdAes192Ecb.ID,
-    TNistObjectIdentifiers.IdAes192Ofb.ID]);
-  AddAlgorithm('AES256', ['2.16.840.1.101.3.4.42',
+    TNistObjectIdentifiers.IdAes192Ofb.ID
+    ]);
+
+  AddAlgorithm('AES256', [
     TNistObjectIdentifiers.IdAes256Cbc.ID,
     TNistObjectIdentifiers.IdAes256Cfb.ID,
     TNistObjectIdentifiers.IdAes256Ecb.ID,
-    TNistObjectIdentifiers.IdAes256Ofb.ID]);
-  AddAlgorithm('BLOWFISH', ['1.3.6.1.4.1.3029.1.2']);
+    TNistObjectIdentifiers.IdAes256Ofb.ID
+    ]);
+
+
+  AddAlgorithm('BLOWFISH', ['1.3.6.1.4.1.3029.1.2', TMiscObjectIdentifiers.CryptlibAlgorithmBlowfishCbc.ID]);
+
   AddAlgorithm('RIJNDAEL', []);
   AddAlgorithm('SALSA20', []);
 
-  AddBasicIVSizeEntries(8, ['BLOWFISH']);
+  AddBasicIVSizeEntries(8, ['BLOWFISH', 'SALSA20']);
   AddBasicIVSizeEntries(16, ['AES', 'AES128', 'AES192', 'AES256']);
+end;
 
+class constructor TParameterUtilities.Create;
+begin
+  Boot;
 end;
 
-class function TParameterUtilities.GetCanonicalAlgorithmName(const algorithm
-  : String): String;
+class destructor TParameterUtilities.Destroy;
 begin
-  Falgorithms.TryGetValue(UpperCase(algorithm), result);
+  FAlgorithms.Free;
+  FBasicIVSizes.Free;
 end;
 
-class function TParameterUtilities.WithRandom(const cp: ICipherParameters;
-  const random: ISecureRandom): ICipherParameters;
-var
-  Lcp: ICipherParameters;
+class function TParameterUtilities.GetCanonicalAlgorithmName(const AAlgorithm: String): String;
 begin
-  Lcp := cp;
-  if (random <> Nil) then
-  begin
-    Lcp := TParametersWithRandom.Create(Lcp, random);
-  end;
-  result := Lcp;
+  Result := TCollectionUtilities.GetValueOrNull<String, String>(FAlgorithms, AAlgorithm);
 end;
 
-class function TParameterUtilities.GetRandom(
-  const CipherParameters: ICipherParameters;
-  out Random: ISecureRandom): ICipherParameters;
+class function TParameterUtilities.CreateKeyParameter(const AAlgorithm: String;
+  const AKeyBytes: TCryptoLibByteArray; AOffset, ALength: Int32): IKeyParameter;
 var
-  WithRandom: IParametersWithRandom;
+  LCanonical: String;
 begin
-  if Supports(CipherParameters, IParametersWithRandom, WithRandom) then
-  begin
-    Random := WithRandom.Random;
-    Result := WithRandom.Parameters;
-  end
-  else
-  begin
-    Random := nil;
-    Result := CipherParameters;
-  end;
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LCanonical := GetCanonicalAlgorithmName(AAlgorithm);
+  if LCanonical = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SAlgorithmNotRecognised, [AAlgorithm]);
+
+  Result := TKeyParameter.Create(AKeyBytes, AOffset, ALength) as IKeyParameter;
 end;
 
+class function TParameterUtilities.CreateKeyParameter(const AAlgorithm: String;
+  const AKeyBytes: TCryptoLibByteArray): IKeyParameter;
+begin
+  Result := CreateKeyParameter(AAlgorithm, AKeyBytes, 0, System.Length(AKeyBytes));
+end;
 
-class function TParameterUtilities.IgnoreRandom(const CipherParameters: ICipherParameters): ICipherParameters;
-var
-  WithRandom: IParametersWithRandom;
+class function TParameterUtilities.CreateKeyParameter(const AAlgOid: IDerObjectIdentifier;
+  const AKeyBytes: TCryptoLibByteArray): IKeyParameter;
 begin
-  if Supports(CipherParameters, IParametersWithRandom, WithRandom) then
-    Result := WithRandom.Parameters
-  else
-    Result := CipherParameters;
+  Result := CreateKeyParameter(AAlgOid.ID, AKeyBytes, 0, System.Length(AKeyBytes));
 end;
 
-class function TParameterUtilities.CreateKeyParameter(const algorithm: String;
-  const keyBytes: TCryptoLibByteArray): IKeyParameter;
+class function TParameterUtilities.CreateKeyParameter(const AAlgOid: IDerObjectIdentifier;
+  const AKeyBytes: TCryptoLibByteArray; AOffset, ALength: Int32): IKeyParameter;
 begin
-  result := CreateKeyParameter(algorithm, keyBytes, 0, System.length(keyBytes));
+  Result := CreateKeyParameter(AAlgOid.ID, AKeyBytes, AOffset, ALength);
 end;
 
-class function TParameterUtilities.CreateKeyParameter
-  (const algOid: IDerObjectIdentifier; const keyBytes: TCryptoLibByteArray)
-  : IKeyParameter;
+class function TParameterUtilities.GetCipherParameters(const AAlgOid: IDerObjectIdentifier;
+  const AKey: ICipherParameters; const AAsn1Params: IAsn1Encodable): ICipherParameters;
 begin
-  result := CreateKeyParameter(algOid.ID, keyBytes, 0, System.length(keyBytes));
+  Result := GetCipherParameters(AAlgOid.ID, AKey, AAsn1Params);
 end;
 
-class function TParameterUtilities.CreateKeyParameter(const algorithm: String;
-  const keyBytes: TCryptoLibByteArray; offset, length: Int32): IKeyParameter;
+class function TParameterUtilities.GetCipherParameters(const AAlgorithm: String;
+  const AKey: ICipherParameters; const AAsn1Params: IAsn1Encodable): ICipherParameters;
 var
-  canonical: string;
+  LCanonical: String;
+  LBasicIVSize: Int32;
+  LOctet: IAsn1OctetString;
+  LIV: TCryptoLibByteArray;
 begin
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+
+  LCanonical := GetCanonicalAlgorithmName(AAlgorithm);
+  if LCanonical = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SAlgorithmNotRecognised, [AAlgorithm]);
 
-  if (algorithm = '') then
+  LBasicIVSize := FindBasicIVSize(LCanonical);
+  if (LBasicIVSize >= 0) or (LCanonical = 'RIJNDAEL') then
   begin
-    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+    try
+      LOctet := TAsn1OctetString.GetInstance(AAsn1Params as IAsn1Convertible);
+      LIV := LOctet.GetOctets();
+      Result := TParametersWithIV.Create(AKey, LIV);
+    except
+      on E: Exception do
+        raise EArgumentCryptoLibException.CreateResFmt(@SCouldNotProcessAsn1ParametersFmt, [E.Message]);
+    end;
+    Exit;
   end;
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SAlgorithmNotRecognised, [AAlgorithm]);
+end;
 
-  canonical := GetCanonicalAlgorithmName(algorithm);
+class function TParameterUtilities.GenerateParameters(const AAlgId: IDerObjectIdentifier;
+  const ARandom: ISecureRandom): IAsn1Encodable;
+begin
+  Result := GenerateParameters(AAlgId.ID, ARandom);
+end;
 
-  if (canonical = '') then
+class function TParameterUtilities.GenerateParameters(const AAlgorithm: String;
+  const ARandom: ISecureRandom): IAsn1Encodable;
+var
+  LCanonical: String;
+  LBasicIVSize: Int32;
+begin
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+  LCanonical := GetCanonicalAlgorithmName(AAlgorithm);
+  if LCanonical = '' then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SAlgorithmNotRecognised, [AAlgorithm]);
+  LBasicIVSize := FindBasicIVSize(LCanonical);
+  if LBasicIVSize >= 0 then
   begin
-    raise ESecurityUtilityCryptoLibException.CreateResFmt
-      (@SAlgorithmNotRecognised, [algorithm]);
+    Result := CreateIVOctetString(ARandom, LBasicIVSize);
+    Exit;
   end;
-  result := TKeyParameter.Create(keyBytes, offset, length) as IKeyParameter;
+
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SAlgorithmNotRecognised, [AAlgorithm]);
 end;
 
-class function TParameterUtilities.CreateKeyParameter
-  (const algOid: IDerObjectIdentifier; const keyBytes: TCryptoLibByteArray;
-  offset, length: Int32): IKeyParameter;
+class function TParameterUtilities.GetRandom(const ACipherParameters: ICipherParameters;
+  out ARandom: ISecureRandom): ICipherParameters;
+var
+  LWithRandom: IParametersWithRandom;
 begin
-  result := CreateKeyParameter(algOid.ID, keyBytes, offset, length);
+  if Supports(ACipherParameters, IParametersWithRandom, LWithRandom) then
+  begin
+    ARandom := LWithRandom.Random;
+    Result := LWithRandom.Parameters;
+  end
+  else
+  begin
+    ARandom := nil;
+    Result := ACipherParameters;
+  end;
 end;
 
-class constructor TParameterUtilities.CreateParameterUtilities;
+class function TParameterUtilities.IgnoreRandom(const ACipherParameters: ICipherParameters): ICipherParameters;
+var
+  LWithRandom: IParametersWithRandom;
 begin
-  TParameterUtilities.Boot;
+  if Supports(ACipherParameters, IParametersWithRandom, LWithRandom) then
+    Result := LWithRandom.Parameters
+  else
+    Result := ACipherParameters;
 end;
 
-class destructor TParameterUtilities.DestroyParameterUtilities;
+class function TParameterUtilities.WithRandom(const ACp: ICipherParameters;
+  const ARandom: ISecureRandom): ICipherParameters;
+var
+  LCp: ICipherParameters;
 begin
-  Falgorithms.Free;
-  FbasicIVSizes.Free;
+  LCp := ACp;
+  if ARandom <> nil then
+    LCp := TParametersWithRandom.Create(LCp, ARandom);
+  Result := LCp;
 end;
 
 end.

CryptoLib/src/Security/ClpSignerUtilities.pas

@@ -24,7 +24,12 @@ interface
 uses
   SysUtils,
   Generics.Collections,
+  ClpAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpCollectionUtilities,
+  ClpCryptoLibComparers,
   ClpECNRSigner,
+  ClpICipherParameters,
   ClpIECNRSigner,
   ClpIDigest,
   ClpDigestUtilities,
@@ -65,11 +70,15 @@ uses
   ClpGenericSigner,
   ClpIGenericSigner,
   ClpRsaBlindedEngine,
+  ClpIRsaBlindedEngine,
   ClpPkcs1Encoding,
   ClpIPkcs1Encoding,
   ClpPkcsObjectIdentifiers,
   ClpStringUtils,
-  ClpCryptoLibTypes;
+  ClpCryptoLibTypes,
+  ClpPlatform,
+  ClpPkcsAsn1Objects,
+  ClpX509Asn1Objects;
 
 resourcestring
   SMechanismNil = 'Mechanism Cannot be Nil';
@@ -77,52 +86,99 @@ resourcestring
   SUnRecognizedAlgorithm = 'Signer " %s " not recognised.';
 
 type
-
   /// <summary>
-  /// Signer Utility class contains methods that can not be specifically
-  /// grouped into other classes.
+  ///  Signer Utility class contains methods that can not be specifically grouped into other classes.
   /// </summary>
   TSignerUtilities = class sealed(TObject)
 
   strict private
+    class var
+      FAlgorithmMap: TDictionary<String, String>;
+      FAlgorithmOidMap: TDictionary<IDerObjectIdentifier, String>;
+      FNoRandom: TDictionary<String, Byte>;
+      FOids: TDictionary<String, IDerObjectIdentifier>;
+
+    class function GetMechanism(const AAlgorithm: String): String; static;
+    class function GetAlgorithms: TCryptoLibStringArray; static;
+
+    class function GetSignerForMechanism(const AMechanism: String): ISigner; static;
+    class function GetDefaultX509ParametersForMechanism(const AMechanism: String): IAsn1Encodable; static;
+    class function GetPssX509Parameters(const ADigestName: String): IAsn1Encodable; static;
+    class function InitSignerForMechanism(const AMechanism: String; AForSigning: Boolean;
+      const AKey: IAsymmetricKeyParameter; const ARandom: ISecureRandom): ISigner; static;
+    class procedure AddAlgorithm(const AName: String; const AOid: IDerObjectIdentifier; AIsNoRandom: Boolean); static;
+    class procedure Boot; static;
+    class constructor Create;
+    class destructor Destroy;
 
-  class var
-
-    Falgorithms: TDictionary<String, String>;
-    Foids: TDictionary<String, IDerObjectIdentifier>;
-
-    class function GetAlgorithms: TCryptoLibStringArray; static; inline;
+  public
 
-    class procedure Boot(); static;
-    class constructor CreateSignerUtilities();
-    class destructor DestroySignerUtilities();
+   /// <summary>
+   /// Returns an ObjectIdentifier for a given signature mechanism.
+   /// </summary>
+   /// <param name="mechanism">A string representation of the signature mechanism.</param>
+   /// <returns>A DerObjectIdentifier, null if the OID is not available.</returns>
+    class function GetObjectIdentifier(const AMechanism: String): IDerObjectIdentifier;
+      static; inline;
 
-  public
+    class function GetEncodingName(const AOid: IDerObjectIdentifier): String;
+      static; inline;
 
     /// <summary>
-    /// Returns an ObjectIdentifier for a given encoding.
+    /// Returns a Signer for a given signature mechanism OID.
     /// </summary>
-    /// <param name="mechanism">A string representation of the encoding.</param>
-    /// <returns>A DerObjectIdentifier, null if the OID is not available.</returns>
-    // TODO Don't really want to support this
-    class function GetObjectIdentifier(mechanism: String): IDerObjectIdentifier;
-      static; inline;
+    /// <param name="AOid">A DerObjectIdentifier representing the signature mechanism.</param>
+    /// <returns>An ISigner instance.</returns>
+    class function GetSigner(const AOid: IDerObjectIdentifier): ISigner; overload;
+      static;
 
-    class function GetEncodingName(const oid: IDerObjectIdentifier): String;
-      static; inline;
+    /// <summary>
+    /// Returns a Signer for a given signature mechanism name.
+    /// </summary>
+    /// <param name="AAlgorithm">A string representation of the signature mechanism.</param>
+    /// <returns>An ISigner instance.</returns>
+    class function GetSigner(const AAlgorithm: String): ISigner; overload;
+      static;
 
-    class function GetSigner(const id: IDerObjectIdentifier): ISigner; overload;
-      static; inline;
+    /// <summary>
+    /// Returns default X.509 parameters for a given signature mechanism OID.
+    /// </summary>
+    /// <param name="AOid">A DerObjectIdentifier representing the signature mechanism.</param>
+    /// <returns>An IAsn1Encodable instance (typically DerNull or RsassaPssParameters).</returns>
+    class function GetDefaultX509Parameters(const AOid: IDerObjectIdentifier): IAsn1Encodable; overload;
+      static;
 
-    class function GetSigner(algorithm: String): ISigner; overload; static;
+    /// <summary>
+    /// Returns default X.509 parameters for a given signature mechanism name.
+    /// </summary>
+    /// <param name="AAlgorithm">A string representation of the signature mechanism.</param>
+    /// <returns>An IAsn1Encodable instance (typically DerNull or RsassaPssParameters).</returns>
+    class function GetDefaultX509Parameters(const AAlgorithm: String): IAsn1Encodable; overload;
+      static;
 
-    class function InitSigner(const algorithm: String; forSigning: Boolean;
-      const privateKey: IAsymmetricKeyParameter; const random: ISecureRandom)
-      : ISigner; overload; static; inline;
+    /// <summary>
+    /// Initializes a Signer for signing or verification with the given key and random.
+    /// </summary>
+    /// <param name="AAlgorithmOid">A DerObjectIdentifier representing the signature mechanism.</param>
+    /// <param name="AForSigning">True for signing, False for verification.</param>
+    /// <param name="APrivateKey">The key to use (private for signing, public for verification).</param>
+    /// <param name="ARandom">Secure random instance (can be nil for verification or deterministic algorithms).</param>
+    /// <returns>An initialized ISigner instance.</returns>
+    class function InitSigner(const AAlgorithmOid: IDerObjectIdentifier; AForSigning: Boolean;
+      const APrivateKey: IAsymmetricKeyParameter; const ARandom: ISecureRandom): ISigner; overload;
+      static;
 
-    class function InitSigner(const algorithmOid: IDerObjectIdentifier;
-      forSigning: Boolean; const privateKey: IAsymmetricKeyParameter;
-      const random: ISecureRandom): ISigner; overload; static; inline;
+    /// <summary>
+    /// Initializes a Signer for signing or verification with the given key and random.
+    /// </summary>
+    /// <param name="AAlgorithm">A string representation of the signature mechanism.</param>
+    /// <param name="AForSigning">True for signing, False for verification.</param>
+    /// <param name="APrivateKey">The key to use (private for signing, public for verification).</param>
+    /// <param name="ARandom">Secure random instance (can be nil for verification or deterministic algorithms).</param>
+    /// <returns>An initialized ISigner instance.</returns>
+    class function InitSigner(const AAlgorithm: String; AForSigning: Boolean;
+      const APrivateKey: IAsymmetricKeyParameter; const ARandom: ISecureRandom): ISigner; overload;
+      static;
 
     class property Algorithms: TCryptoLibStringArray read GetAlgorithms;
 
@@ -132,701 +188,871 @@ implementation
 
 { TSignerUtilities }
 
-class procedure TSignerUtilities.Boot;
+class procedure TSignerUtilities.AddAlgorithm(const AName: String;
+  const AOid: IDerObjectIdentifier; AIsNoRandom: Boolean);
 begin
+  if AName = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
 
-  Falgorithms := TDictionary<String, String>.Create();
-  Foids := TDictionary<String, IDerObjectIdentifier>.Create();
+  if UpperCase(AName) <> AName then
+    FAlgorithmMap.Add(AName, AName);
+  if AOid <> nil then
+  begin
+    FAlgorithmOidMap.Add(AOid, AName);
+    FOids.Add(AName, AOid);
+  end;
+  if AIsNoRandom then
+    FNoRandom.Add(AName, 0);
+end;
+
+class procedure TSignerUtilities.Boot;
+begin
+  FAlgorithmMap := TDictionary<String, String>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FAlgorithmOidMap := TDictionary<IDerObjectIdentifier, String>.Create(TCryptoLibComparers.OidEqualityComparer);
+  FNoRandom := TDictionary<String, Byte>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
+  FOids := TDictionary<String, IDerObjectIdentifier>.Create(TCryptoLibComparers.OrdinalIgnoreCaseEqualityComparer);
 
+  TPkcsObjectIdentifiers.Boot;
   TX9ObjectIdentifiers.Boot;
   TOiwObjectIdentifiers.Boot;
   TNistObjectIdentifiers.Boot;
   TTeleTrusTObjectIdentifiers.Boot;
   TCryptoProObjectIdentifiers.Boot;
-  TEacObjectIdentifiers.Boot;
   TBsiObjectIdentifiers.Boot;
   TEdECObjectIdentifiers.Boot;
 
-  Falgorithms.Add('NONEWITHDSA', 'NONEwithDSA');
-  Falgorithms.Add('DSAWITHNONE', 'NONEwithDSA');
-  Falgorithms.Add('RAWDSA', 'NONEwithDSA');
-
-  Falgorithms.Add('DSA', 'SHA-1withDSA');
-  Falgorithms.Add('DSAWITHSHA1', 'SHA-1withDSA');
-  Falgorithms.Add('DSAWITHSHA-1', 'SHA-1withDSA');
-  Falgorithms.Add('SHA/DSA', 'SHA-1withDSA');
-  Falgorithms.Add('SHA1/DSA', 'SHA-1withDSA');
-  Falgorithms.Add('SHA-1/DSA', 'SHA-1withDSA');
-  Falgorithms.Add('SHA1WITHDSA', 'SHA-1withDSA');
-  Falgorithms.Add('SHA-1WITHDSA', 'SHA-1withDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.IdDsaWithSha1.id, 'SHA-1withDSA');
-  Falgorithms.Add(TOiwObjectIdentifiers.DsaWithSha1.id, 'SHA-1withDSA');
-
-  Falgorithms.Add('DSAWITHSHA224', 'SHA-224withDSA');
-  Falgorithms.Add('DSAWITHSHA-224', 'SHA-224withDSA');
-  Falgorithms.Add('SHA224/DSA', 'SHA-224withDSA');
-  Falgorithms.Add('SHA-224/DSA', 'SHA-224withDSA');
-  Falgorithms.Add('SHA224WITHDSA', 'SHA-224withDSA');
-  Falgorithms.Add('SHA-224WITHDSA', 'SHA-224withDSA');
-  Falgorithms.Add(TNistObjectIdentifiers.DsaWithSha224.id, 'SHA-224withDSA');
-
-  Falgorithms.Add('DSAWITHSHA256', 'SHA-256withDSA');
-  Falgorithms.Add('DSAWITHSHA-256', 'SHA-256withDSA');
-  Falgorithms.Add('SHA256/DSA', 'SHA-256withDSA');
-  Falgorithms.Add('SHA-256/DSA', 'SHA-256withDSA');
-  Falgorithms.Add('SHA256WITHDSA', 'SHA-256withDSA');
-  Falgorithms.Add('SHA-256WITHDSA', 'SHA-256withDSA');
-  Falgorithms.Add(TNistObjectIdentifiers.DsaWithSha256.id, 'SHA-256withDSA');
-
-  Falgorithms.Add('DSAWITHSHA384', 'SHA-384withDSA');
-  Falgorithms.Add('DSAWITHSHA-384', 'SHA-384withDSA');
-  Falgorithms.Add('SHA384/DSA', 'SHA-384withDSA');
-  Falgorithms.Add('SHA-384/DSA', 'SHA-384withDSA');
-  Falgorithms.Add('SHA384WITHDSA', 'SHA-384withDSA');
-  Falgorithms.Add('SHA-384WITHDSA', 'SHA-384withDSA');
-  Falgorithms.Add(TNistObjectIdentifiers.DsaWithSha384.id, 'SHA-384withDSA');
-
-  Falgorithms.Add('DSAWITHSHA512', 'SHA-512withDSA');
-  Falgorithms.Add('DSAWITHSHA-512', 'SHA-512withDSA');
-  Falgorithms.Add('SHA512/DSA', 'SHA-512withDSA');
-  Falgorithms.Add('SHA-512/DSA', 'SHA-512withDSA');
-  Falgorithms.Add('SHA512WITHDSA', 'SHA-512withDSA');
-  Falgorithms.Add('SHA-512WITHDSA', 'SHA-512withDSA');
-  Falgorithms.Add(TNistObjectIdentifiers.DsaWithSha512.id, 'SHA-512withDSA');
-
-  Falgorithms.Add('NONEWITHECDSA', 'NONEwithECDSA');
-  Falgorithms.Add('ECDSAWITHNONE', 'NONEwithECDSA');
-
-  Falgorithms.Add('ECDSA', 'SHA-1withECDSA');
-  Falgorithms.Add('SHA1/ECDSA', 'SHA-1withECDSA');
-  Falgorithms.Add('SHA-1/ECDSA', 'SHA-1withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA1', 'SHA-1withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA-1', 'SHA-1withECDSA');
-  Falgorithms.Add('SHA1WITHECDSA', 'SHA-1withECDSA');
-  Falgorithms.Add('SHA-1WITHECDSA', 'SHA-1withECDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.ECDsaWithSha1.id, 'SHA-1withECDSA');
-  Falgorithms.Add(TTeleTrusTObjectIdentifiers.ECSignWithSha1.id,
-    'SHA-1withECDSA');
-
-  Falgorithms.Add('SHA224/ECDSA', 'SHA-224withECDSA');
-  Falgorithms.Add('SHA-224/ECDSA', 'SHA-224withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA224', 'SHA-224withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA-224', 'SHA-224withECDSA');
-  Falgorithms.Add('SHA224WITHECDSA', 'SHA-224withECDSA');
-  Falgorithms.Add('SHA-224WITHECDSA', 'SHA-224withECDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.ECDsaWithSha224.id, 'SHA-224withECDSA');
-
-  Falgorithms.Add('SHA256/ECDSA', 'SHA-256withECDSA');
-  Falgorithms.Add('SHA-256/ECDSA', 'SHA-256withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA256', 'SHA-256withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA-256', 'SHA-256withECDSA');
-  Falgorithms.Add('SHA256WITHECDSA', 'SHA-256withECDSA');
-  Falgorithms.Add('SHA-256WITHECDSA', 'SHA-256withECDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.ECDsaWithSha256.id, 'SHA-256withECDSA');
-
-  Falgorithms.Add('SHA384/ECDSA', 'SHA-384withECDSA');
-  Falgorithms.Add('SHA-384/ECDSA', 'SHA-384withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA384', 'SHA-384withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA-384', 'SHA-384withECDSA');
-  Falgorithms.Add('SHA384WITHECDSA', 'SHA-384withECDSA');
-  Falgorithms.Add('SHA-384WITHECDSA', 'SHA-384withECDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.ECDsaWithSha384.id, 'SHA-384withECDSA');
-
-  Falgorithms.Add('SHA512/ECDSA', 'SHA-512withECDSA');
-  Falgorithms.Add('SHA-512/ECDSA', 'SHA-512withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA512', 'SHA-512withECDSA');
-  Falgorithms.Add('ECDSAWITHSHA-512', 'SHA-512withECDSA');
-  Falgorithms.Add('SHA512WITHECDSA', 'SHA-512withECDSA');
-  Falgorithms.Add('SHA-512WITHECDSA', 'SHA-512withECDSA');
-  Falgorithms.Add(TX9ObjectIdentifiers.ECDsaWithSha512.id, 'SHA-512withECDSA');
-
-  Falgorithms.Add('RIPEMD160/ECDSA', 'RIPEMD160withECDSA');
-  Falgorithms.Add('ECDSAWITHRIPEMD160', 'RIPEMD160withECDSA');
-  Falgorithms.Add('RIPEMD160WITHECDSA', 'RIPEMD160withECDSA');
-  Falgorithms.Add(TTeleTrusTObjectIdentifiers.ECSignWithRipeMD160.id,
-    'RIPEMD160withECDSA');
-
-  Falgorithms.Add('NONEWITHCVC-ECDSA', 'NONEwithCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHNONE', 'NONEwithCVC-ECDSA');
-  Falgorithms.Add('SHA1/CVC-ECDSA', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('SHA-1/CVC-ECDSA', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA1', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA-1', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('SHA1WITHCVC-ECDSA', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('SHA-1WITHCVC-ECDSA', 'SHA-1withCVC-ECDSA');
-  Falgorithms.Add(TEacObjectIdentifiers.id_TA_ECDSA_SHA_1.id,
-    'SHA-1withCVC-ECDSA');
-  Falgorithms.Add('SHA224/CVC-ECDSA', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('SHA-224/CVC-ECDSA', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA224', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA-224', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('SHA224WITHCVC-ECDSA', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('SHA-224WITHCVC-ECDSA', 'SHA-224withCVC-ECDSA');
-  Falgorithms.Add(TEacObjectIdentifiers.id_TA_ECDSA_SHA_224.id,
-    'SHA-224withCVC-ECDSA');
-  Falgorithms.Add('SHA256/CVC-ECDSA', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('SHA-256/CVC-ECDSA', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA256', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA-256', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('SHA256WITHCVC-ECDSA', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('SHA-256WITHCVC-ECDSA', 'SHA-256withCVC-ECDSA');
-  Falgorithms.Add(TEacObjectIdentifiers.id_TA_ECDSA_SHA_256.id,
-    'SHA-256withCVC-ECDSA');
-  Falgorithms.Add('SHA384/CVC-ECDSA', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('SHA-384/CVC-ECDSA', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA384', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA-384', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('SHA384WITHCVC-ECDSA', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('SHA-384WITHCVC-ECDSA', 'SHA-384withCVC-ECDSA');
-  Falgorithms.Add(TEacObjectIdentifiers.id_TA_ECDSA_SHA_384.id,
-    'SHA-384withCVC-ECDSA');
-  Falgorithms.Add('SHA512/CVC-ECDSA', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('SHA-512/CVC-ECDSA', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA512', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('CVC-ECDSAWITHSHA-512', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('SHA512WITHCVC-ECDSA', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('SHA-512WITHCVC-ECDSA', 'SHA-512withCVC-ECDSA');
-  Falgorithms.Add(TEacObjectIdentifiers.id_TA_ECDSA_SHA_512.id,
-    'SHA-512withCVC-ECDSA');
-  Falgorithms.Add('NONEWITHPLAIN-ECDSA', 'NONEwithPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHNONE', 'NONEwithPLAIN-ECDSA');
-  Falgorithms.Add('SHA1/PLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-1/PLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA1', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA-1', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('SHA1WITHPLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-1WITHPLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.ecdsa_plain_SHA1.id,
-    'SHA-1withPLAIN-ECDSA');
-  Falgorithms.Add('SHA224/PLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-224/PLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA224', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA-224', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('SHA224WITHPLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-224WITHPLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA224.id,
-    'SHA-224withPLAIN-ECDSA');
-  Falgorithms.Add('SHA256/PLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-256/PLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA256', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA-256', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('SHA256WITHPLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-256WITHPLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA256.id,
-    'SHA-256withPLAIN-ECDSA');
-  Falgorithms.Add('SHA384/PLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-384/PLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA384', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA-384', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('SHA384WITHPLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-384WITHPLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA384.id,
-    'SHA-384withPLAIN-ECDSA');
-  Falgorithms.Add('SHA512/PLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-512/PLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA512', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHSHA-512', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('SHA512WITHPLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('SHA-512WITHPLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.EcdsaPlain_SHA512.id,
-    'SHA-512withPLAIN-ECDSA');
-  Falgorithms.Add('RIPEMD160/PLAIN-ECDSA', 'RIPEMD160withPLAIN-ECDSA');
-  Falgorithms.Add('PLAIN-ECDSAWITHRIPEMD160', 'RIPEMD160withPLAIN-ECDSA');
-  Falgorithms.Add('RIPEMD160WITHPLAIN-ECDSA', 'RIPEMD160withPLAIN-ECDSA');
-  Falgorithms.Add(TBsiObjectIdentifiers.ecdsa_plain_RIPEMD160.id,
-    'RIPEMD160withPLAIN-ECDSA');
-  Falgorithms.Add('SHA1WITHECNR', 'SHA-1withECNR');
-  Falgorithms.Add('SHA-1WITHECNR', 'SHA-1withECNR');
-  Falgorithms.Add('SHA224WITHECNR', 'SHA-224withECNR');
-  Falgorithms.Add('SHA-224WITHECNR', 'SHA-224withECNR');
-  Falgorithms.Add('SHA256WITHECNR', 'SHA-256withECNR');
-  Falgorithms.Add('SHA-256WITHECNR', 'SHA-256withECNR');
-  Falgorithms.Add('SHA384WITHECNR', 'SHA-384withECNR');
-  Falgorithms.Add('SHA-384WITHECNR', 'SHA-384withECNR');
-  Falgorithms.Add('SHA512WITHECNR', 'SHA-512withECNR');
-  Falgorithms.Add('SHA-512WITHECNR', 'SHA-512withECNR');
-
-
-
-  // Falgorithms.Add('GOST-3410', 'GOST3410');
-  // Falgorithms.Add('GOST-3410-94', 'GOST3410');
-  // Falgorithms.Add('GOST3411WITHGOST3410', 'GOST3410');
-  // Falgorithms.Add(TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94.id,
-  // 'GOST3410');
-
-  // Falgorithms.Add('ECGOST-3410', 'ECGOST3410');
-  // Falgorithms.Add('ECGOST-3410-2001', 'ECGOST3410');
-  // Falgorithms.Add('GOST3411WITHECGOST3410', 'ECGOST3410');
-  // Falgorithms.Add(TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001.id,
-  // 'ECGOST3410');
-
-  // ED25519
-  Falgorithms.Add('ED25519', 'Ed25519');
-  Falgorithms.Add(TEdECObjectIdentifiers.id_Ed25519.id, 'Ed25519');
-  Falgorithms.Add('ED25519CTX', 'Ed25519ctx');
-  Falgorithms.Add('ED25519PH', 'Ed25519ph');
-
-  // ED25519Blake2B
-  Falgorithms.Add('ED25519BLAKE2B', 'Ed25519Blake2B');
-  Falgorithms.Add('ED25519BLAKE2BCTX', 'Ed25519Blake2Bctx');
-  Falgorithms.Add('ED25519BLAKE2BPH', 'Ed25519Blake2Bph');
-
-  // RSA
-  TPkcsObjectIdentifiers.Boot;
-  Falgorithms.Add('RSA', 'SHA-1withRSA');
-  Falgorithms.Add('RSAWITHSHA1', 'SHA-1withRSA');
-  Falgorithms.Add('RSAWITHSHA-1', 'SHA-1withRSA');
-  Falgorithms.Add('SHA1/RSA', 'SHA-1withRSA');
-  Falgorithms.Add('SHA-1/RSA', 'SHA-1withRSA');
-  Falgorithms.Add('SHA1WITHRSA', 'SHA-1withRSA');
-  Falgorithms.Add('SHA-1WITHRSA', 'SHA-1withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha1WithRsaEncryption.id, 'SHA-1withRSA');
-
-  Falgorithms.Add('SHA224/RSA', 'SHA-224withRSA');
-  Falgorithms.Add('SHA-224/RSA', 'SHA-224withRSA');
-  Falgorithms.Add('SHA224WITHRSA', 'SHA-224withRSA');
-  Falgorithms.Add('SHA-224WITHRSA', 'SHA-224withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha224WithRsaEncryption.id, 'SHA-224withRSA');
-
-  Falgorithms.Add('SHA256/RSA', 'SHA-256withRSA');
-  Falgorithms.Add('SHA-256/RSA', 'SHA-256withRSA');
-  Falgorithms.Add('SHA256WITHRSA', 'SHA-256withRSA');
-  Falgorithms.Add('SHA-256WITHRSA', 'SHA-256withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha256WithRsaEncryption.id, 'SHA-256withRSA');
-
-  Falgorithms.Add('SHA384/RSA', 'SHA-384withRSA');
-  Falgorithms.Add('SHA-384/RSA', 'SHA-384withRSA');
-  Falgorithms.Add('SHA384WITHRSA', 'SHA-384withRSA');
-  Falgorithms.Add('SHA-384WITHRSA', 'SHA-384withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha384WithRsaEncryption.id, 'SHA-384withRSA');
-
-  Falgorithms.Add('SHA512/RSA', 'SHA-512withRSA');
-  Falgorithms.Add('SHA-512/RSA', 'SHA-512withRSA');
-  Falgorithms.Add('SHA512WITHRSA', 'SHA-512withRSA');
-  Falgorithms.Add('SHA-512WITHRSA', 'SHA-512withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha512WithRsaEncryption.id, 'SHA-512withRSA');
-
-  Falgorithms.Add('MD5/RSA', 'MD5withRSA');
-  Falgorithms.Add('MD5WITHRSA', 'MD5withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.MD5WithRsaEncryption.id, 'MD5withRSA');
-
-  Falgorithms.Add('RIPEMD160/RSA', 'RIPEMD160withRSA');
-  Falgorithms.Add('RIPEMD160WITHRSA', 'RIPEMD160withRSA');
-  Falgorithms.Add('RIPEMD160WITHRSAENCRYPTION', 'RIPEMD160withRSA');
-  Falgorithms.Add(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160.id, 'RIPEMD160withRSA');
-
-  Falgorithms.Add('RIPEMD128WITHRSA', 'RIPEMD128withRSA');
-  Falgorithms.Add('RIPEMD128WITHRSAENCRYPTION', 'RIPEMD128withRSA');
-  Falgorithms.Add(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128.id, 'RIPEMD128withRSA');
-
-  Falgorithms.Add('RIPEMD256WITHRSA', 'RIPEMD256withRSA');
-  Falgorithms.Add('RIPEMD256WITHRSAENCRYPTION', 'RIPEMD256withRSA');
-  Falgorithms.Add(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256.id, 'RIPEMD256withRSA');
-
-  // MD2/MD4 with RSA
-  Falgorithms.Add('MD2WITHRSA', 'MD2withRSA');
-  Falgorithms.Add('MD2WITHRSAENCRYPTION', 'MD2withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.MD2WithRsaEncryption.id, 'MD2withRSA');
-
-  Falgorithms.Add('MD4WITHRSA', 'MD4withRSA');
-  Falgorithms.Add('MD4WITHRSAENCRYPTION', 'MD4withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.MD4WithRsaEncryption.id, 'MD4withRSA');
-
-  // Extended MD5 with RSA aliases
-  Falgorithms.Add('MD5WITHRSAENCRYPTION', 'MD5withRSA');
-
-  // Extended SHA with RSA aliases
-  Falgorithms.Add('SHA1WITHRSAENCRYPTION', 'SHA-1withRSA');
-  Falgorithms.Add('SHA-1WITHRSAENCRYPTION', 'SHA-1withRSA');
-  Falgorithms.Add('SHA224WITHRSAENCRYPTION', 'SHA-224withRSA');
-  Falgorithms.Add('SHA-224WITHRSAENCRYPTION', 'SHA-224withRSA');
-  Falgorithms.Add('SHA256WITHRSAENCRYPTION', 'SHA-256withRSA');
-  Falgorithms.Add('SHA-256WITHRSAENCRYPTION', 'SHA-256withRSA');
-  Falgorithms.Add('SHA384WITHRSAENCRYPTION', 'SHA-384withRSA');
-  Falgorithms.Add('SHA-384WITHRSAENCRYPTION', 'SHA-384withRSA');
-  Falgorithms.Add('SHA512WITHRSAENCRYPTION', 'SHA-512withRSA');
-  Falgorithms.Add('SHA-512WITHRSAENCRYPTION', 'SHA-512withRSA');
-
-  // SHA-512/224 and SHA-512/256 with RSA
-  Falgorithms.Add('SHA512(224)WITHRSA', 'SHA-512(224)withRSA');
-  Falgorithms.Add('SHA-512(224)WITHRSA', 'SHA-512(224)withRSA');
-  Falgorithms.Add('SHA512(224)WITHRSAENCRYPTION', 'SHA-512(224)withRSA');
-  Falgorithms.Add('SHA-512(224)WITHRSAENCRYPTION', 'SHA-512(224)withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha512_224WithRSAEncryption.id, 'SHA-512(224)withRSA');
-
-  Falgorithms.Add('SHA512(256)WITHRSA', 'SHA-512(256)withRSA');
-  Falgorithms.Add('SHA-512(256)WITHRSA', 'SHA-512(256)withRSA');
-  Falgorithms.Add('SHA512(256)WITHRSAENCRYPTION', 'SHA-512(256)withRSA');
-  Falgorithms.Add('SHA-512(256)WITHRSAENCRYPTION', 'SHA-512(256)withRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.Sha512_256WithRSAEncryption.id, 'SHA-512(256)withRSA');
-
-  // PSS / RSA-OAEP signatures
-  Falgorithms.Add('PSSWITHRSA', 'PSSwithRSA');
-  Falgorithms.Add('RSASSA-PSS', 'PSSwithRSA');
-  Falgorithms.Add('RSAPSS', 'PSSwithRSA');
-  Falgorithms.Add(TPkcsObjectIdentifiers.IdRsassaPss.id, 'PSSwithRSA');
-
-  Falgorithms.Add('SHA1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
-  Falgorithms.Add('SHA-1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
-  Falgorithms.Add('SHA1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
-  Falgorithms.Add('SHA-1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
-  Falgorithms.Add('SHA1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
-  Falgorithms.Add('SHA-1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
-
-  Falgorithms.Add('SHA224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
-  Falgorithms.Add('SHA-224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
-  Falgorithms.Add('SHA224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
-  Falgorithms.Add('SHA-224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
-  Falgorithms.Add('SHA224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
-  Falgorithms.Add('SHA-224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
-
-  Falgorithms.Add('SHA256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
-  Falgorithms.Add('SHA-256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
-  Falgorithms.Add('SHA256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
-  Falgorithms.Add('SHA-256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
-  Falgorithms.Add('SHA256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
-  Falgorithms.Add('SHA-256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
-
-  Falgorithms.Add('SHA384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
-  Falgorithms.Add('SHA-384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
-  Falgorithms.Add('SHA384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
-  Falgorithms.Add('SHA-384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
-  Falgorithms.Add('SHA384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
-  Falgorithms.Add('SHA-384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
-
-  Falgorithms.Add('SHA512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
-  Falgorithms.Add('SHA-512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
-  Falgorithms.Add('SHA512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
-  Falgorithms.Add('SHA-512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
-  Falgorithms.Add('SHA512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
-  Falgorithms.Add('SHA-512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
-
-  // Raw RSA (NONEWITHRSA) and raw PSS
-  Falgorithms.Add('NONEWITHRSA', 'RSA');
-  Falgorithms.Add('RSAWITHNONE', 'RSA');
-  Falgorithms.Add('RAWRSA', 'RSA');
-
-  Falgorithms.Add('RAWRSAPSS', 'RAWRSASSA-PSS');
-  Falgorithms.Add('NONEWITHRSAPSS', 'RAWRSASSA-PSS');
-  Falgorithms.Add('NONEWITHRSASSA-PSS', 'RAWRSASSA-PSS');
-
-  // ECSCHNORR SIPA
-
-  Falgorithms.Add('SHA1/ECSCHNORR/SIPA', 'SHA-1withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-1/ECSCHNORR/SIPA', 'SHA-1withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA1', 'SHA-1withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA-1', 'SHA-1withECSCHNORRSIPA');
-  Falgorithms.Add('SHA1WITHECSCHNORRSIPA', 'SHA-1withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-1WITHECSCHNORRSIPA', 'SHA-1withECSCHNORRSIPA');
-
-  Falgorithms.Add('SHA224/ECSCHNORR/SIPA', 'SHA-224withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-224/ECSCHNORR/SIPA', 'SHA-224withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA224', 'SHA-224withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA-224', 'SHA-224withECSCHNORRSIPA');
-  Falgorithms.Add('SHA224WITHECSCHNORRSIPA', 'SHA-224withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-224WITHECSCHNORRSIPA', 'SHA-224withECSCHNORRSIPA');
-
-  Falgorithms.Add('SHA256/ECSCHNORR/SIPA', 'SHA-256withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-256/ECSCHNORR/SIPA', 'SHA-256withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA256', 'SHA-256withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA-256', 'SHA-256withECSCHNORRSIPA');
-  Falgorithms.Add('SHA256WITHECSCHNORRSIPA', 'SHA-256withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-256WITHECSCHNORRSIPA', 'SHA-256withECSCHNORRSIPA');
-
-  Falgorithms.Add('SHA384/ECSCHNORR/SIPA', 'SHA-384withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-384/ECSCHNORR/SIPA', 'SHA-384withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA384', 'SHA-384withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA-384', 'SHA-384withECSCHNORRSIPA');
-  Falgorithms.Add('SHA384WITHECSCHNORRSIPA', 'SHA-384withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-384WITHECSCHNORRSIPA', 'SHA-384withECSCHNORRSIPA');
-
-  Falgorithms.Add('SHA512/ECSCHNORR/SIPA', 'SHA-512withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-512/ECSCHNORR/SIPA', 'SHA-512withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA512', 'SHA-512withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHSHA-512', 'SHA-512withECSCHNORRSIPA');
-  Falgorithms.Add('SHA512WITHECSCHNORRSIPA', 'SHA-512withECSCHNORRSIPA');
-  Falgorithms.Add('SHA-512WITHECSCHNORRSIPA', 'SHA-512withECSCHNORRSIPA');
-
-  Falgorithms.Add('RIPEMD160/ECSCHNORR/SIPA', 'RIPEMD160withECSCHNORRSIPA');
-  Falgorithms.Add('ECSCHNORRSIPAWITHRIPEMD160', 'RIPEMD160withECSCHNORRSIPA');
-  Falgorithms.Add('RIPEMD160WITHECSCHNORRSIPA', 'RIPEMD160withECSCHNORRSIPA');
-
-  Foids.Add('SHA-1withDSA', TX9ObjectIdentifiers.IdDsaWithSha1);
-
-  Foids.Add('SHA-1withECDSA', TX9ObjectIdentifiers.ECDsaWithSha1);
-  Foids.Add('SHA-224withECDSA', TX9ObjectIdentifiers.ECDsaWithSha224);
-  Foids.Add('SHA-256withECDSA', TX9ObjectIdentifiers.ECDsaWithSha256);
-  Foids.Add('SHA-384withECDSA', TX9ObjectIdentifiers.ECDsaWithSha384);
-  Foids.Add('SHA-512withECDSA', TX9ObjectIdentifiers.ECDsaWithSha512);
-
-  Foids.Add('RIPEMD160withECDSA',
-    TTeleTrusTObjectIdentifiers.ECSignWithRipeMD160);
-  Foids.Add('SHA-1withCVC-ECDSA', TEacObjectIdentifiers.id_TA_ECDSA_SHA_1);
-  Foids.Add('SHA-224withCVC-ECDSA', TEacObjectIdentifiers.id_TA_ECDSA_SHA_224);
-  Foids.Add('SHA-256withCVC-ECDSA', TEacObjectIdentifiers.id_TA_ECDSA_SHA_256);
-  Foids.Add('SHA-384withCVC-ECDSA', TEacObjectIdentifiers.id_TA_ECDSA_SHA_384);
-  Foids.Add('SHA-512withCVC-ECDSA', TEacObjectIdentifiers.id_TA_ECDSA_SHA_512);
-  Foids.Add('SHA-1withPLAIN-ECDSA', TBsiObjectIdentifiers.ecdsa_plain_SHA1);
-  Foids.Add('SHA-224withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA224);
-  Foids.Add('SHA-256withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA256);
-  Foids.Add('SHA-384withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA384);
-  Foids.Add('SHA-512withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlain_SHA512);
-  Foids.Add('RIPEMD160withPLAIN-ECDSA',
-    TBsiObjectIdentifiers.ecdsa_plain_RIPEMD160);
-
-  // Foids.Add('GOST3410',
-  // TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
-  //
-  // Foids.Add('ECGOST3410',
-  // TCryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
-
-  Foids.Add('Ed25519', TEdECObjectIdentifiers.id_Ed25519);
-
-  // RSA signature OIDs
-  Foids.Add('MD2withRSA', TPkcsObjectIdentifiers.MD2WithRsaEncryption);
-  Foids.Add('MD4withRSA', TPkcsObjectIdentifiers.MD4WithRsaEncryption);
-  Foids.Add('MD5withRSA', TPkcsObjectIdentifiers.MD5WithRsaEncryption);
-  Foids.Add('SHA-1withRSA', TPkcsObjectIdentifiers.Sha1WithRsaEncryption);
-  Foids.Add('SHA-224withRSA', TPkcsObjectIdentifiers.Sha224WithRsaEncryption);
-  Foids.Add('SHA-256withRSA', TPkcsObjectIdentifiers.Sha256WithRsaEncryption);
-  Foids.Add('SHA-384withRSA', TPkcsObjectIdentifiers.Sha384WithRsaEncryption);
-  Foids.Add('SHA-512withRSA', TPkcsObjectIdentifiers.Sha512WithRsaEncryption);
-  Foids.Add('SHA-512(224)withRSA', TPkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
-  Foids.Add('SHA-512(256)withRSA', TPkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
-
-  Foids.Add('RIPEMD128withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
-  Foids.Add('RIPEMD160withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
-  Foids.Add('RIPEMD256withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+  FAlgorithmMap.AddOrSetValue('MD2WITHRSA', 'MD2withRSA');
+  FAlgorithmMap.AddOrSetValue('MD2WITHRSAENCRYPTION', 'MD2withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD2WithRsaEncryption, 'MD2withRSA');
+
+  FAlgorithmMap.AddOrSetValue('MD4WITHRSA', 'MD4withRSA');
+  FAlgorithmMap.AddOrSetValue('MD4WITHRSAENCRYPTION', 'MD4withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD4WithRsaEncryption, 'MD4withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.MD4WithRsa, 'MD4withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.MD4WithRsaEncryption, 'MD4withRSA');
+
+  FAlgorithmMap.AddOrSetValue('MD5WITHRSA', 'MD5withRSA');
+  FAlgorithmMap.AddOrSetValue('MD5WITHRSAENCRYPTION', 'MD5withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.MD5WithRsaEncryption, 'MD5withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.MD5WithRsa, 'MD5withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA1WITHRSA', 'SHA-1withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHRSA', 'SHA-1withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHRSAENCRYPTION', 'SHA-1withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHRSAENCRYPTION', 'SHA-1withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha1WithRsaEncryption, 'SHA-1withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.Sha1WithRsa, 'SHA-1withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA224WITHRSA', 'SHA-224withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHRSA', 'SHA-224withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHRSAENCRYPTION', 'SHA-224withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHRSAENCRYPTION', 'SHA-224withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha224WithRsaEncryption, 'SHA-224withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA256WITHRSA', 'SHA-256withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHRSA', 'SHA-256withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHRSAENCRYPTION', 'SHA-256withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHRSAENCRYPTION', 'SHA-256withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha256WithRsaEncryption, 'SHA-256withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA384WITHRSA', 'SHA-384withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHRSA', 'SHA-384withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHRSAENCRYPTION', 'SHA-384withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHRSAENCRYPTION', 'SHA-384withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha384WithRsaEncryption, 'SHA-384withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512WITHRSA', 'SHA-512withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHRSA', 'SHA-512withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHRSAENCRYPTION', 'SHA-512withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHRSAENCRYPTION', 'SHA-512withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha512WithRsaEncryption, 'SHA-512withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512(224)WITHRSA', 'SHA-512(224)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512(224)WITHRSA', 'SHA-512(224)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA512(224)WITHRSAENCRYPTION', 'SHA-512(224)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512(224)WITHRSAENCRYPTION', 'SHA-512(224)withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha512_224WithRSAEncryption, 'SHA-512(224)withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512(256)WITHRSA', 'SHA-512(256)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512(256)WITHRSA', 'SHA-512(256)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA512(256)WITHRSAENCRYPTION', 'SHA-512(256)withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512(256)WITHRSAENCRYPTION', 'SHA-512(256)withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.Sha512_256WithRSAEncryption, 'SHA-512(256)withRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-224WITHRSA', 'SHA3-224withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-224WITHRSAENCRYPTION', 'SHA3-224withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, 'SHA3-224withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256WITHRSA', 'SHA3-256withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256WITHRSAENCRYPTION', 'SHA3-256withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, 'SHA3-256withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384WITHRSA', 'SHA3-384withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384WITHRSAENCRYPTION', 'SHA3-384withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, 'SHA3-384withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512WITHRSA', 'SHA3-512withRSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512WITHRSAENCRYPTION', 'SHA3-512withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, 'SHA3-512withRSA');
+
+  FAlgorithmMap.AddOrSetValue('PSSWITHRSA', 'PSSwithRSA');
+  FAlgorithmMap.AddOrSetValue('RSASSA-PSS', 'PSSwithRSA');
+  FAlgorithmOidMap.AddOrSetValue(TPkcsObjectIdentifiers.IdRsassaPss, 'PSSwithRSA');
+  FAlgorithmMap.AddOrSetValue('RSAPSS', 'PSSwithRSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHRSAANDMGF1', 'SHA-1withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHRSA/PSS', 'SHA-1withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHRSASSA-PSS', 'SHA-1withRSAandMGF1');
+
+  FAlgorithmMap.AddOrSetValue('SHA224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHRSAANDMGF1', 'SHA-224withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHRSA/PSS', 'SHA-224withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHRSASSA-PSS', 'SHA-224withRSAandMGF1');
+
+  FAlgorithmMap.AddOrSetValue('SHA256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHRSAANDMGF1', 'SHA-256withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHRSA/PSS', 'SHA-256withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHRSASSA-PSS', 'SHA-256withRSAandMGF1');
+
+  FAlgorithmMap.AddOrSetValue('SHA384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHRSAANDMGF1', 'SHA-384withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHRSA/PSS', 'SHA-384withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHRSASSA-PSS', 'SHA-384withRSAandMGF1');
+
+  FAlgorithmMap.AddOrSetValue('SHA512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHRSAANDMGF1', 'SHA-512withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHRSA/PSS', 'SHA-512withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHRSASSA-PSS', 'SHA-512withRSAandMGF1');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD128WITHRSA', 'RIPEMD128withRSA');
+  FAlgorithmMap.AddOrSetValue('RIPEMD128WITHRSAENCRYPTION', 'RIPEMD128withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, 'RIPEMD128withRSA');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD160WITHRSA', 'RIPEMD160withRSA');
+  FAlgorithmMap.AddOrSetValue('RIPEMD160WITHRSAENCRYPTION', 'RIPEMD160withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, 'RIPEMD160withRSA');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD256WITHRSA', 'RIPEMD256withRSA');
+  FAlgorithmMap.AddOrSetValue('RIPEMD256WITHRSAENCRYPTION', 'RIPEMD256withRSA');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, 'RIPEMD256withRSA');
+
+  FAlgorithmMap.AddOrSetValue('NONEWITHRSA', 'RSA');
+  FAlgorithmMap.AddOrSetValue('RSAWITHNONE', 'RSA');
+  FAlgorithmMap.AddOrSetValue('RAWRSA', 'RSA');
+
+  FAlgorithmMap.AddOrSetValue('RAWRSAPSS', 'RAWRSASSA-PSS');
+  FAlgorithmMap.AddOrSetValue('NONEWITHRSAPSS', 'RAWRSASSA-PSS');
+  FAlgorithmMap.AddOrSetValue('NONEWITHRSASSA-PSS', 'RAWRSASSA-PSS');
+
+  FAlgorithmMap.AddOrSetValue('NONEWITHDSA', 'NONEwithDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHNONE', 'NONEwithDSA');
+  FAlgorithmMap.AddOrSetValue('RAWDSA', 'NONEwithDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSA', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA1', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA-1', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA/DSA', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1/DSA', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1/DSA', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHDSA', 'SHA-1withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHDSA', 'SHA-1withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.IdDsaWithSha1, 'SHA-1withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TOiwObjectIdentifiers.DsaWithSha1, 'SHA-1withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA224', 'SHA-224withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA-224', 'SHA-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA224/DSA', 'SHA-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224/DSA', 'SHA-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHDSA', 'SHA-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHDSA', 'SHA-224withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.DsaWithSha224, 'SHA-224withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA256', 'SHA-256withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA-256', 'SHA-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA256/DSA', 'SHA-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256/DSA', 'SHA-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHDSA', 'SHA-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHDSA', 'SHA-256withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.DsaWithSha256, 'SHA-256withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA384', 'SHA-384withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA-384', 'SHA-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA384/DSA', 'SHA-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384/DSA', 'SHA-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHDSA', 'SHA-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHDSA', 'SHA-384withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.DsaWithSha384, 'SHA-384withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA512', 'SHA-512withDSA');
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA-512', 'SHA-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA512/DSA', 'SHA-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512/DSA', 'SHA-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHDSA', 'SHA-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHDSA', 'SHA-512withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.DsaWithSha512, 'SHA-512withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA3-224', 'SHA3-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-224/DSA', 'SHA3-224withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-224WITHDSA', 'SHA3-224withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdDsaWithSha3_224, 'SHA3-224withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA3-256', 'SHA3-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256/DSA', 'SHA3-256withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256WITHDSA', 'SHA3-256withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdDsaWithSha3_256, 'SHA3-256withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA3-384', 'SHA3-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384/DSA', 'SHA3-384withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384WITHDSA', 'SHA3-384withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdDsaWithSha3_384, 'SHA3-384withDSA');
+
+  FAlgorithmMap.AddOrSetValue('DSAWITHSHA3-512', 'SHA3-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512/DSA', 'SHA3-512withDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512WITHDSA', 'SHA3-512withDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdDsaWithSha3_512, 'SHA3-512withDSA');
+
+  FAlgorithmMap.AddOrSetValue('NONEWITHECDSA', 'NONEwithECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHNONE', 'NONEwithECDSA');
+
+  FAlgorithmMap.AddOrSetValue('ECDSA', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1/ECDSA', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1/ECDSA', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA1', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA-1', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHECDSA', 'SHA-1withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHECDSA', 'SHA-1withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.ECDsaWithSha1, 'SHA-1withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.ECSignWithSha1, 'SHA-1withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA224/ECDSA', 'SHA-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224/ECDSA', 'SHA-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA224', 'SHA-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA-224', 'SHA-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHECDSA', 'SHA-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHECDSA', 'SHA-224withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.ECDsaWithSha224, 'SHA-224withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA256/ECDSA', 'SHA-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256/ECDSA', 'SHA-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA256', 'SHA-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA-256', 'SHA-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHECDSA', 'SHA-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHECDSA', 'SHA-256withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.ECDsaWithSha256, 'SHA-256withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA384/ECDSA', 'SHA-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384/ECDSA', 'SHA-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA384', 'SHA-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA-384', 'SHA-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHECDSA', 'SHA-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHECDSA', 'SHA-384withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.ECDsaWithSha384, 'SHA-384withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512/ECDSA', 'SHA-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512/ECDSA', 'SHA-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA512', 'SHA-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA-512', 'SHA-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHECDSA', 'SHA-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHECDSA', 'SHA-512withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TX9ObjectIdentifiers.ECDsaWithSha512, 'SHA-512withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD160/ECDSA', 'RIPEMD160withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHRIPEMD160', 'RIPEMD160withECDSA');
+  FAlgorithmMap.AddOrSetValue('RIPEMD160WITHECDSA', 'RIPEMD160withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TTeleTrusTObjectIdentifiers.ECSignWithRipeMD160, 'RIPEMD160withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-224/ECDSA', 'SHA3-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA3-224', 'SHA3-224withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-224WITHECDSA', 'SHA3-224withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdEcdsaWithSha3_224, 'SHA3-224withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-256/ECDSA', 'SHA3-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA3-256', 'SHA3-256withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256WITHECDSA', 'SHA3-256withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdEcdsaWithSha3_256, 'SHA3-256withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-384/ECDSA', 'SHA3-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA3-384', 'SHA3-384withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384WITHECDSA', 'SHA3-384withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdEcdsaWithSha3_384, 'SHA3-384withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-512/ECDSA', 'SHA3-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('ECDSAWITHSHA3-512', 'SHA3-512withECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512WITHECDSA', 'SHA3-512withECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TNistObjectIdentifiers.IdEcdsaWithSha3_512, 'SHA3-512withECDSA');
+
+  FAlgorithmMap.AddOrSetValue('NONEWITHCVC-ECDSA', 'NONEwithCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHNONE', 'NONEwithCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA1/CVC-ECDSA', 'SHA-1withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1/CVC-ECDSA', 'SHA-1withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA1', 'SHA-1withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA-1', 'SHA-1withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHCVC-ECDSA', 'SHA-1withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHCVC-ECDSA', 'SHA-1withCVC-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TEacObjectIdentifiers.IdTAEcdsaSha1, 'SHA-1withCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA224/CVC-ECDSA', 'SHA-224withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224/CVC-ECDSA', 'SHA-224withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA224', 'SHA-224withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA-224', 'SHA-224withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHCVC-ECDSA', 'SHA-224withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHCVC-ECDSA', 'SHA-224withCVC-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TEacObjectIdentifiers.IdTAEcdsaSha224, 'SHA-224withCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA256/CVC-ECDSA', 'SHA-256withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256/CVC-ECDSA', 'SHA-256withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA256', 'SHA-256withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA-256', 'SHA-256withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHCVC-ECDSA', 'SHA-256withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHCVC-ECDSA', 'SHA-256withCVC-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TEacObjectIdentifiers.IdTAEcdsaSha256, 'SHA-256withCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA384/CVC-ECDSA', 'SHA-384withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384/CVC-ECDSA', 'SHA-384withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA384', 'SHA-384withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA-384', 'SHA-384withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHCVC-ECDSA', 'SHA-384withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHCVC-ECDSA', 'SHA-384withCVC-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TEacObjectIdentifiers.IdTAEcdsaSha384, 'SHA-384withCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512/CVC-ECDSA', 'SHA-512withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512/CVC-ECDSA', 'SHA-512withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA512', 'SHA-512withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('CVC-ECDSAWITHSHA-512', 'SHA-512withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHCVC-ECDSA', 'SHA-512withCVC-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHCVC-ECDSA', 'SHA-512withCVC-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TEacObjectIdentifiers.IdTAEcdsaSha512, 'SHA-512withCVC-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('NONEWITHPLAIN-ECDSA', 'NONEwithPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHNONE', 'NONEwithPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA1/PLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1/PLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA1', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA-1', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA1WITHPLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHPLAIN-ECDSA', 'SHA-1withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha1, 'SHA-1withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA224/PLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224/PLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA224', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA-224', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHPLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHPLAIN-ECDSA', 'SHA-224withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha224, 'SHA-224withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA256/PLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256/PLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA256', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA-256', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHPLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHPLAIN-ECDSA', 'SHA-256withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha256, 'SHA-256withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA384/PLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384/PLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA384', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA-384', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHPLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHPLAIN-ECDSA', 'SHA-384withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha384, 'SHA-384withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA512/PLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512/PLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA512', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA-512', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHPLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHPLAIN-ECDSA', 'SHA-512withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha512, 'SHA-512withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('RIPEMD160/PLAIN-ECDSA', 'RIPEMD160withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHRIPEMD160', 'RIPEMD160withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('RIPEMD160WITHPLAIN-ECDSA', 'RIPEMD160withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainRipeMD160, 'RIPEMD160withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-224/PLAIN-ECDSA', 'SHA3-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA3-224', 'SHA3-224withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-224WITHPLAIN-ECDSA', 'SHA3-224withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha3_224, 'SHA3-224withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-256/PLAIN-ECDSA', 'SHA3-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA3-256', 'SHA3-256withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-256WITHPLAIN-ECDSA', 'SHA3-256withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha3_256, 'SHA3-256withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-384/PLAIN-ECDSA', 'SHA3-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA3-384', 'SHA3-384withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-384WITHPLAIN-ECDSA', 'SHA3-384withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha3_384, 'SHA3-384withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA3-512/PLAIN-ECDSA', 'SHA3-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('PLAIN-ECDSAWITHSHA3-512', 'SHA3-512withPLAIN-ECDSA');
+  FAlgorithmMap.AddOrSetValue('SHA3-512WITHPLAIN-ECDSA', 'SHA3-512withPLAIN-ECDSA');
+  FAlgorithmOidMap.AddOrSetValue(TBsiObjectIdentifiers.EcdsaPlainSha3_512, 'SHA3-512withPLAIN-ECDSA');
+
+  FAlgorithmMap.AddOrSetValue('SHA1WITHECNR', 'SHA-1withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA-1WITHECNR', 'SHA-1withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA224WITHECNR', 'SHA-224withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA-224WITHECNR', 'SHA-224withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA256WITHECNR', 'SHA-256withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA-256WITHECNR', 'SHA-256withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA384WITHECNR', 'SHA-384withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA-384WITHECNR', 'SHA-384withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA512WITHECNR', 'SHA-512withECNR');
+  FAlgorithmMap.AddOrSetValue('SHA-512WITHECNR', 'SHA-512withECNR');
+
+  FOids.AddOrSetValue('MD2withRSA', TPkcsObjectIdentifiers.MD2WithRsaEncryption);
+  FOids.AddOrSetValue('MD4withRSA', TPkcsObjectIdentifiers.MD4WithRsaEncryption);
+  FOids.AddOrSetValue('MD5withRSA', TPkcsObjectIdentifiers.MD5WithRsaEncryption);
+
+  FOids.AddOrSetValue('SHA-1withRSA', TPkcsObjectIdentifiers.Sha1WithRsaEncryption);
+  FOids.AddOrSetValue('SHA-224withRSA', TPkcsObjectIdentifiers.Sha224WithRsaEncryption);
+  FOids.AddOrSetValue('SHA-256withRSA', TPkcsObjectIdentifiers.Sha256WithRsaEncryption);
+  FOids.AddOrSetValue('SHA-384withRSA', TPkcsObjectIdentifiers.Sha384WithRsaEncryption);
+  FOids.AddOrSetValue('SHA-512withRSA', TPkcsObjectIdentifiers.Sha512WithRsaEncryption);
+  FOids.AddOrSetValue('SHA-512(224)withRSA', TPkcsObjectIdentifiers.Sha512_224WithRSAEncryption);
+  FOids.AddOrSetValue('SHA-512(256)withRSA', TPkcsObjectIdentifiers.Sha512_256WithRSAEncryption);
+  FOids.AddOrSetValue('SHA3-224withRSA', TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224);
+  FOids.AddOrSetValue('SHA3-256withRSA', TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256);
+  FOids.AddOrSetValue('SHA3-384withRSA', TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384);
+  FOids.AddOrSetValue('SHA3-512withRSA', TNistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512);
+
+  FOids.AddOrSetValue('PSSwithRSA', TPkcsObjectIdentifiers.IdRsassaPss);
+  FOids.AddOrSetValue('SHA-1withRSAandMGF1', TPkcsObjectIdentifiers.IdRsassaPss);
+  FOids.AddOrSetValue('SHA-224withRSAandMGF1', TPkcsObjectIdentifiers.IdRsassaPss);
+  FOids.AddOrSetValue('SHA-256withRSAandMGF1', TPkcsObjectIdentifiers.IdRsassaPss);
+  FOids.AddOrSetValue('SHA-384withRSAandMGF1', TPkcsObjectIdentifiers.IdRsassaPss);
+  FOids.AddOrSetValue('SHA-512withRSAandMGF1', TPkcsObjectIdentifiers.IdRsassaPss);
+
+  FOids.AddOrSetValue('RIPEMD128withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+  FOids.AddOrSetValue('RIPEMD160withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+  FOids.AddOrSetValue('RIPEMD256withRSA', TTeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+
+  FOids.AddOrSetValue('SHA-1withDSA', TX9ObjectIdentifiers.IdDsaWithSha1);
+  FOids.AddOrSetValue('SHA-224withDSA', TNistObjectIdentifiers.DsaWithSha224);
+  FOids.AddOrSetValue('SHA-256withDSA', TNistObjectIdentifiers.DsaWithSha256);
+  FOids.AddOrSetValue('SHA-384withDSA', TNistObjectIdentifiers.DsaWithSha384);
+  FOids.AddOrSetValue('SHA-512withDSA', TNistObjectIdentifiers.DsaWithSha512);
+
+  FOids.AddOrSetValue('SHA3-224withDSA', TNistObjectIdentifiers.IdDsaWithSha3_224);
+  FOids.AddOrSetValue('SHA3-256withDSA', TNistObjectIdentifiers.IdDsaWithSha3_256);
+  FOids.AddOrSetValue('SHA3-384withDSA', TNistObjectIdentifiers.IdDsaWithSha3_384);
+  FOids.AddOrSetValue('SHA3-512withDSA', TNistObjectIdentifiers.IdDsaWithSha3_512);
+
+  FOids.AddOrSetValue('SHA-1withECDSA', TX9ObjectIdentifiers.ECDsaWithSha1);
+  FOids.AddOrSetValue('SHA-224withECDSA', TX9ObjectIdentifiers.ECDsaWithSha224);
+  FOids.AddOrSetValue('SHA-256withECDSA', TX9ObjectIdentifiers.ECDsaWithSha256);
+  FOids.AddOrSetValue('SHA-384withECDSA', TX9ObjectIdentifiers.ECDsaWithSha384);
+  FOids.AddOrSetValue('SHA-512withECDSA', TX9ObjectIdentifiers.ECDsaWithSha512);
+  FOids.AddOrSetValue('RIPEMD160withECDSA', TTeleTrusTObjectIdentifiers.ECSignWithRipeMD160);
+
+  FOids.AddOrSetValue('SHA3-224withECDSA', TNistObjectIdentifiers.IdEcdsaWithSha3_224);
+  FOids.AddOrSetValue('SHA3-256withECDSA', TNistObjectIdentifiers.IdEcdsaWithSha3_256);
+  FOids.AddOrSetValue('SHA3-384withECDSA', TNistObjectIdentifiers.IdEcdsaWithSha3_384);
+  FOids.AddOrSetValue('SHA3-512withECDSA', TNistObjectIdentifiers.IdEcdsaWithSha3_512);
+
+  FOids.AddOrSetValue('SHA-1withCVC-ECDSA', TEacObjectIdentifiers.IdTAEcdsaSha1);
+  FOids.AddOrSetValue('SHA-224withCVC-ECDSA', TEacObjectIdentifiers.IdTAEcdsaSha224);
+  FOids.AddOrSetValue('SHA-256withCVC-ECDSA', TEacObjectIdentifiers.IdTAEcdsaSha256);
+  FOids.AddOrSetValue('SHA-384withCVC-ECDSA', TEacObjectIdentifiers.IdTAEcdsaSha384);
+  FOids.AddOrSetValue('SHA-512withCVC-ECDSA', TEacObjectIdentifiers.IdTAEcdsaSha512);
+
+  FOids.AddOrSetValue('SHA-1withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha1);
+  FOids.AddOrSetValue('SHA-224withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha224);
+  FOids.AddOrSetValue('SHA-256withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha256);
+  FOids.AddOrSetValue('SHA-384withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha384);
+  FOids.AddOrSetValue('SHA-512withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha512);
+  FOids.AddOrSetValue('RIPEMD160withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainRipeMD160);
+
+  FOids.AddOrSetValue('SHA3-224withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_224);
+  FOids.AddOrSetValue('SHA3-256withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_256);
+  FOids.AddOrSetValue('SHA3-384withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_384);
+  FOids.AddOrSetValue('SHA3-512withPLAIN-ECDSA', TBsiObjectIdentifiers.EcdsaPlainSha3_512);
+
+  // EdDSA algorithms
+  AddAlgorithm('Ed25519', TEdECObjectIdentifiers.IdEd25519, True);
+  AddAlgorithm('Ed25519ctx', nil, True);
+  AddAlgorithm('Ed25519ph', nil, True);
 end;
 
-class constructor TSignerUtilities.CreateSignerUtilities;
+class constructor TSignerUtilities.Create;
 begin
-  TSignerUtilities.Boot;
+  Boot;
 end;
 
-class destructor TSignerUtilities.DestroySignerUtilities;
+class destructor TSignerUtilities.Destroy;
 begin
-  Falgorithms.Free;
-  Foids.Free;
+  FAlgorithmMap.Free;
+  FAlgorithmOidMap.Free;
+  FNoRandom.Free;
+  FOids.Free;
+end;
+
+class function TSignerUtilities.GetMechanism(const AAlgorithm: String): String;
+var
+  LOid: IDerObjectIdentifier;
+  LMechanism: String;
+begin
+  if FAlgorithmMap.TryGetValue(AAlgorithm, LMechanism) then
+  begin
+    Result := LMechanism;
+    Exit;
+  end;
+  if TDerObjectIdentifier.TryFromID(AAlgorithm, LOid) and FAlgorithmOidMap.TryGetValue(LOid, LMechanism) then
+  begin
+    Result := LMechanism;
+    Exit;
+  end;
+  Result := '';
 end;
 
 class function TSignerUtilities.GetAlgorithms: TCryptoLibStringArray;
+var
+  LList: TList<String>;
+  LKey: String;
 begin
-  Result := Foids.Keys.ToArray;
+  LList := TList<String>.Create;
+  try
+    for LKey in FOids.Keys do
+      LList.Add(LKey);
+    Result := LList.ToArray;
+  finally
+    LList.Free;
+  end;
 end;
 
-class function TSignerUtilities.GetEncodingName
-  (const oid: IDerObjectIdentifier): String;
+class function TSignerUtilities.GetEncodingName(const AOid: IDerObjectIdentifier): String;
 begin
-  Falgorithms.TryGetValue(oid.id, Result);
+  Result := TCollectionUtilities.GetValueOrNull<IDerObjectIdentifier, String>(FAlgorithmOidMap, AOid);
 end;
 
-class function TSignerUtilities.GetObjectIdentifier(mechanism: String)
-  : IDerObjectIdentifier;
+class function TSignerUtilities.GetObjectIdentifier(const AMechanism: String): IDerObjectIdentifier;
 var
-  aliased: string;
+  LCanonical: String;
 begin
-  if (mechanism = '') then
-  begin
+  if AMechanism = '' then
     raise EArgumentNilCryptoLibException.CreateRes(@SMechanismNil);
+  LCanonical := TCollectionUtilities.GetValueOrKey<String>(FAlgorithmMap, UpperCase(AMechanism));
+  FOids.TryGetValue(LCanonical, Result);
+end;
+
+class function TSignerUtilities.GetSigner(const AOid: IDerObjectIdentifier): ISigner;
+var
+  LMechanism: String;
+  LSigner: ISigner;
+begin
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
+  begin
+    LSigner := GetSignerForMechanism(LMechanism);
+    if LSigner <> nil then
+    begin
+      Result := LSigner;
+      Exit;
+    end;
   end;
 
-  mechanism := UpperCase(mechanism);
-  if (Falgorithms.TryGetValue(mechanism, aliased)) then
+  raise ESecurityUtilityCryptoLibException.CreateRes(@SUnRecognizedAlgorithm);
+end;
+
+class function TSignerUtilities.GetSigner(const AAlgorithm: String): ISigner;
+var
+  LMechanism: String;
+  LSigner: ISigner;
+begin
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := TPlatform.ToUpperInvariant(AAlgorithm);
+
+  LSigner := GetSignerForMechanism(LMechanism);
+  if LSigner <> nil then
   begin
-    mechanism := aliased;
+    Result := LSigner;
+    Exit;
   end;
 
-  Foids.TryGetValue(mechanism, Result);
+  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedAlgorithm, [AAlgorithm]);
 end;
 
-class function TSignerUtilities.GetSigner
-  (const id: IDerObjectIdentifier): ISigner;
+class function TSignerUtilities.GetDefaultX509Parameters(const AOid: IDerObjectIdentifier): IAsn1Encodable;
+var
+  LMechanism: String;
 begin
-  Result := GetSigner(id.id);
+  if AOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+
+  if FAlgorithmOidMap.TryGetValue(AOid, LMechanism) then
+    Result := GetDefaultX509ParametersForMechanism(LMechanism)
+  else
+    Result := TDerNull.Instance;
 end;
 
-class function TSignerUtilities.GetSigner(algorithm: String): ISigner;
+class function TSignerUtilities.GetDefaultX509Parameters(const AAlgorithm: String): IAsn1Encodable;
 var
-  mechanism, DigestName: string;
-  DigestInstance: IDigest;
+  LMechanism: String;
 begin
-  if (algorithm = '') then
-  begin
+  if AAlgorithm = '' then
     raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
-  end;
 
-  algorithm := UpperCase(algorithm);
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := AAlgorithm;
+
+  Result := GetDefaultX509ParametersForMechanism(LMechanism);
+end;
 
-  if (not Falgorithms.TryGetValue(algorithm, mechanism)) then
+class function TSignerUtilities.GetDefaultX509ParametersForMechanism(const AMechanism: String): IAsn1Encodable;
+var
+  LDigestName: String;
+begin
+  if AMechanism = 'PSSwithRSA' then
   begin
-    mechanism := algorithm;
+    // TODO The Sha1Digest here is a default. In JCE version, the actual digest
+    // to be used can be overridden by subsequent parameter settings.
+    Result := GetPssX509Parameters('SHA-1');
+    Exit;
   end;
 
-  if (TStringUtils.BeginsWith(mechanism, 'Ed25519', True)) then
+  if TPlatform.EndsWith(AMechanism, 'withRSAandMGF1') then
+  begin
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    Result := GetPssX509Parameters(LDigestName);
+    Exit;
+  end;
+
+  Result := TDerNull.Instance;
+end;
+
+class function TSignerUtilities.GetPssX509Parameters(const ADigestName: String): IAsn1Encodable;
+var
+  LHashAlgorithm: IAlgorithmIdentifier;
+  LMaskGenAlgorithm: IAlgorithmIdentifier;
+  LSaltLen: Int32;
+  LDigest: IDigest;
+begin
+  LHashAlgorithm := TAlgorithmIdentifier.Create(
+    TDigestUtilities.GetObjectIdentifier(ADigestName), TDerNull.Instance);
+
+  // TODO Is it possible for the MGF hash alg to be different from the PSS one?
+  LMaskGenAlgorithm := TAlgorithmIdentifier.Create(
+    TPkcsObjectIdentifiers.IdMgf1, LHashAlgorithm);
+
+  LDigest := TDigestUtilities.GetDigest(ADigestName);
+  LSaltLen := LDigest.GetDigestSize();
+  Result := TRsassaPssParameters.Create(LHashAlgorithm, LMaskGenAlgorithm,
+    TDerInteger.ValueOf(LSaltLen), TRsassaPssParameters.DefaultTrailerField);
+end;
+
+class function TSignerUtilities.GetSignerForMechanism(const AMechanism: String): ISigner;
+var
+  LDigestName: String;
+  LDigest: IDigest;
+  LWithPos, LEndPos: Int32;
+  LCipherName: String;
+  // LX931: String;  // For X9.31 section (commented out)
+  // LCipher: IAsymmetricBlockCipher;  // For X9.31 section (commented out)
+begin
+  Result := nil;
+
+  // EdDSA algorithms
+  if TPlatform.StartsWith(AMechanism, 'Ed') then
   begin
-    if TStringUtils.EndsWith(mechanism, 'Blake2B', True) then
+    if AMechanism = 'Ed25519' then
     begin
-      if (mechanism = 'Ed25519Blake2B') then
-      begin
-        Result := TEd25519Signer.Create(TEd25519Blake2B.Create()
-          as IEd25519Blake2B) as IEd25519Signer;
-        Exit;
-      end;
-      if (mechanism = 'Ed25519ctxBlake2B') then
-      begin
-        Result := TEd25519ctxSigner.Create(TEd25519Blake2B.Create()
-          as IEd25519Blake2B, Nil) as IEd25519ctxSigner;
-        Exit;
-      end;
-      if (mechanism = 'Ed25519phBlake2B') then
-      begin
-        Result := TEd25519phSigner.Create(TEd25519Blake2B.Create()
-          as IEd25519Blake2B, Nil) as IEd25519phSigner;
-        Exit;
-      end;
-    end
-    else
+      Result := TEd25519Signer.Create() as IEd25519Signer;
+      Exit;
+    end;
+    if AMechanism = 'Ed25519ctx' then
     begin
-      if (mechanism = 'Ed25519') then
-      begin
-        Result := TEd25519Signer.Create(TEd25519.Create() as IEd25519)
-          as IEd25519Signer;
-        Exit;
-      end;
-      if (mechanism = 'Ed25519ctx') then
-      begin
-        Result := TEd25519ctxSigner.Create(TEd25519.Create() as IEd25519, Nil)
-          as IEd25519ctxSigner;
-        Exit;
-      end;
-      if (mechanism = 'Ed25519ph') then
-      begin
-        Result := TEd25519phSigner.Create(TEd25519.Create() as IEd25519, Nil)
-          as IEd25519phSigner;
-        Exit;
-      end;
+      Result := TEd25519CtxSigner.Create(nil) as IEd25519CtxSigner;
+      Exit;
+    end;
+    if AMechanism = 'Ed25519ph' then
+    begin
+      Result := TEd25519PhSigner.Create(nil) as IEd25519PhSigner;
+      Exit;
     end;
   end;
 
-  if TStringUtils.EndsWith(mechanism, 'withDSA', True) then
+  if AMechanism = 'RSA' then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := (TDsaDigestSigner.Create(TDsaSigner.Create() as IDsaSigner,
-      DigestInstance));
+    Result := TGenericSigner.Create(TPkcs1Encoding.Create(TRsaBlindedEngine.Create() as IRsaBlindedEngine) as IPkcs1Encoding, TDigestUtilities.GetDigest('NONE'));
     Exit;
   end;
 
-  if TStringUtils.EndsWith(mechanism, 'withECDSA', false) then
+  if AMechanism = 'RAWRSASSA-PSS' then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := (TDsaDigestSigner.Create(TECDsaSigner.Create() as IECDsaSigner,
-      DigestInstance));
+    // TODO Add support for other parameter settings
+    Result := TPssSigner.CreateRawSigner(TRsaBlindedEngine.Create() as IRsaBlindedEngine, TDigestUtilities.GetDigest('SHA-1'));
     Exit;
   end;
 
-  if (TStringUtils.EndsWith(mechanism, 'withCVC-ECDSA', True) or
-    TStringUtils.EndsWith(mechanism, 'withPLAIN-ECDSA', True)) then
+  if AMechanism = 'PSSwithRSA' then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := (TDsaDigestSigner.Create(TECDsaSigner.Create() as IECDsaSigner,
-      DigestInstance, TPlainDsaEncoding.Instance));
+    // TODO The Sha1Digest here is a default. In JCE version, the actual digest
+    // to be used can be overridden by subsequent parameter settings.
+    Result := TPssSigner.Create(TRsaBlindedEngine.Create() as IRsaBlindedEngine, TDigestUtilities.GetDigest('SHA-1'));
     Exit;
   end;
 
-  if TStringUtils.EndsWith(mechanism, 'withECNR', True) then
+  if TPlatform.EndsWith(AMechanism, 'withRSA') then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := (TDsaDigestSigner.Create(TECNRSigner.Create() as IECNRSigner,
-      DigestInstance));
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TRsaDigestSigner.Create(LDigest);
     Exit;
   end;
 
-  if TStringUtils.EndsWith(mechanism, 'withECSCHNORRSIPA', True) then
+  if TPlatform.EndsWith(AMechanism, 'withRSAandMGF1') then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := TSchnorrDigestSigner.Create(TECSchnorrSipaSigner.Create()
-      as IECSchnorrSipaSigner, DigestInstance, TPlainSchnorrEncoding.Instance);
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TPssSigner.Create(TRsaBlindedEngine.Create() as IRsaBlindedEngine, LDigest);
     Exit;
   end;
 
-  if TStringUtils.EndsWith(mechanism, 'withRSAandMGF1', True) then
+  if TPlatform.EndsWith(AMechanism, 'withDSA') then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := TPssSigner.Create(TRsaBlindedEngine.Create(), DigestInstance);
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TDsaDigestSigner.Create(TDsaSigner.Create() as IDsaSigner, LDigest);
     Exit;
   end;
 
-  // TODO: PSSwithRSA - The Sha1Digest here is a default.
-  // if (mechanism = 'PSSwithRSA') then
-  // begin
-  //   Result := TPssSigner.Create(TRsaBlindedEngine.Create(),
-  //     TDigestUtilities.GetDigest('SHA-1'));
-  //   Exit;
-  // end;
-
-  if TStringUtils.EndsWith(mechanism, 'withRSA', True) then
+  if TPlatform.EndsWith(AMechanism, 'withECDSA') then
   begin
-    DigestName := System.Copy(mechanism, 1, TStringUtils.LastIndexOf(mechanism,
-      'with', True));
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TDsaDigestSigner.Create(TECDsaSigner.Create() as IECDsaSigner, LDigest);
+    Exit;
+  end;
 
-    DigestInstance := TDigestUtilities.GetDigest(DigestName);
-    Result := TRsaDigestSigner.Create(DigestInstance) as IRsaDigestSigner;
+  if TPlatform.EndsWith(AMechanism, 'withCVC-ECDSA') or TPlatform.EndsWith(AMechanism, 'withPLAIN-ECDSA') then
+  begin
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TDsaDigestSigner.Create(TECDsaSigner.Create() as IECDsaSigner, LDigest, TPlainDsaEncoding.Instance);
     Exit;
   end;
 
-  if (mechanism = 'RSA') then
+  if TPlatform.EndsWith(AMechanism, 'withECNR') then
   begin
-    Result := TGenericSigner.Create(
-      TPkcs1Encoding.Create(TRsaBlindedEngine.Create()),
-      TDigestUtilities.GetDigest('NONE'));
+    LDigestName := TPlatform.Substring(AMechanism, 1, TPlatform.LastIndexOf(AMechanism, 'with') - 1);
+    LDigest := TDigestUtilities.GetDigest(LDigestName);
+    Result := TDsaDigestSigner.Create(TECNRSigner.Create() as IECNRSigner, LDigest);
     Exit;
   end;
 
-  // TODO: RAWRSASSA-PSS - Add support for other parameter settings
-  // if (mechanism = 'RAWRSASSA-PSS') then
+  // Skip SM2, GOST3410, ECGOST3410, X9.31, MLDsa, SlhDsa as requested
+
+  // ISO9796-2 is not yet implemented
+  // if TPlatform.EndsWith(AMechanism, '/ISO9796-2') then
   // begin
-  //   Result := TPssSigner.CreateRawSigner(TRsaBlindedEngine.Create(),
-  //     TDigestUtilities.GetDigest('SHA-1'));
-  //   Exit;
+  //   if AMechanism = 'SHA1WITHRSA/ISO9796-2' then
+  //   begin
+  //     Result := TIso9796d2Signer.Create(TRsaBlindedEngine.Create(), TDigestUtilities.GetDigest('SHA-1'), True);
+  //     Exit;
+  //   end;
+  //   if AMechanism = 'MD5WITHRSA/ISO9796-2' then
+  //   begin
+  //     Result := TIso9796d2Signer.Create(TRsaBlindedEngine.Create(), TDigestUtilities.GetDigest('MD5'), True);
+  //     Exit;
+  //   end;
+  //   if AMechanism = 'RIPEMD160WITHRSA/ISO9796-2' then
+  //   begin
+  //     Result := TIso9796d2Signer.Create(TRsaBlindedEngine.Create(), TDigestUtilities.GetDigest('RIPEMD160'), True);
+  //     Exit;
+  //   end;
+  // end;
+
+  // X9.31 section - commented out as requested
+  // if TPlatform.EndsWith(AMechanism, '/X9.31') then
+  // begin
+  //   LX931 := TPlatform.Substring(AMechanism, 1, System.Length(AMechanism) - System.Length('/X9.31'));
+  //   LWithPos := TPlatform.IndexOf(LX931, 'WITH');
+  //   if LWithPos > 0 then
+  //   begin
+  //     LEndPos := LWithPos + System.Length('WITH');
+  //
+  //     LCipherName := TPlatform.Substring(LX931, LEndPos, System.Length(LX931) - LEndPos + 1);
+  //     if LCipherName = 'RSA' then
+  //     begin
+  //       LCipher := TRsaBlindedEngine.Create();
+  //
+  //       LDigestName := TPlatform.Substring(LX931, 1, LWithPos - 1);
+  //       LDigest := TDigestUtilities.GetDigest(LDigestName);
+  //
+  //       Result := TX931Signer.Create(LCipher, LDigest);
+  //       Exit;
+  //     end;
+  //   end;
   // end;
+end;
+
+class function TSignerUtilities.InitSigner(const AAlgorithmOid: IDerObjectIdentifier;
+  AForSigning: Boolean; const APrivateKey: IAsymmetricKeyParameter;
+  const ARandom: ISecureRandom): ISigner;
+var
+  LMechanism: String;
+begin
+  if AAlgorithmOid = nil then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
 
-  raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedAlgorithm,
-    [algorithm]);
+  if not FAlgorithmOidMap.TryGetValue(AAlgorithmOid, LMechanism) then
+    raise ESecurityUtilityCryptoLibException.CreateRes(@SUnRecognizedAlgorithm);
 
+  Result := InitSignerForMechanism(LMechanism, AForSigning, APrivateKey, ARandom);
 end;
 
-class function TSignerUtilities.InitSigner(const algorithm: String;
-  forSigning: Boolean; const privateKey: IAsymmetricKeyParameter;
-  const random: ISecureRandom): ISigner;
+class function TSignerUtilities.InitSigner(const AAlgorithm: String; AForSigning: Boolean;
+  const APrivateKey: IAsymmetricKeyParameter; const ARandom: ISecureRandom): ISigner;
+var
+  LMechanism: String;
 begin
-  Result := TSignerUtilities.GetSigner(algorithm);
-  Result.Init(forSigning, TParameterUtilities.WithRandom(privateKey, random));
+  if AAlgorithm = '' then
+    raise EArgumentNilCryptoLibException.CreateRes(@SAlgorithmNil);
+
+  LMechanism := GetMechanism(AAlgorithm);
+  if LMechanism = '' then
+    LMechanism := TPlatform.ToUpperInvariant(AAlgorithm);
+
+  Result := InitSignerForMechanism(LMechanism, AForSigning, APrivateKey, ARandom);
 end;
 
-class function TSignerUtilities.InitSigner(const algorithmOid
-  : IDerObjectIdentifier; forSigning: Boolean;
-  const privateKey: IAsymmetricKeyParameter;
-  const random: ISecureRandom): ISigner;
+class function TSignerUtilities.InitSignerForMechanism(const AMechanism: String;
+  AForSigning: Boolean; const AKey: IAsymmetricKeyParameter;
+  const ARandom: ISecureRandom): ISigner;
+var
+  LSigner: ISigner;
+  LCipherParameters: ICipherParameters;
 begin
-  Result := InitSigner(algorithmOid.id, forSigning, privateKey, random);
+  LSigner := GetSignerForMechanism(AMechanism);
+  if LSigner = nil then
+    raise ESecurityUtilityCryptoLibException.CreateResFmt(@SUnRecognizedAlgorithm, [AMechanism]);
+
+  LCipherParameters := AKey;
+  if AForSigning and (not FNoRandom.ContainsKey(AMechanism)) then
+  begin
+    LCipherParameters := TParameterUtilities.WithRandom(LCipherParameters, ARandom);
+  end;
+
+  LSigner.Init(AForSigning, LCipherParameters);
+  Result := LSigner;
 end;
 
 end.

CryptoLib/src/Security/ClpSubjectPublicKeyInfoFactory.pas

@@ -115,14 +115,14 @@ begin
 
   if Supports(APublicKey, IX25519PublicKeyParameters, LX25519Key) then
   begin
-    LAlgID := TAlgorithmIdentifier.Create(TEdECObjectIdentifiers.id_X25519);
+    LAlgID := TAlgorithmIdentifier.Create(TEdECObjectIdentifiers.IdX25519);
     Result := TSubjectPublicKeyInfo.Create(LAlgID, LX25519Key.GetEncoded());
     Exit;
   end;
 
   if Supports(APublicKey, IEd25519PublicKeyParameters, LEd25519Key) then
   begin
-    LAlgID := TAlgorithmIdentifier.Create(TEdECObjectIdentifiers.id_Ed25519);
+    LAlgID := TAlgorithmIdentifier.Create(TEdECObjectIdentifiers.IdEd25519);
     Result := TSubjectPublicKeyInfo.Create(LAlgID, LEd25519Key.GetEncoded());
     Exit;
   end;

CryptoLib/src/Utils/ClpCollectionUtilities.pas

@@ -50,6 +50,14 @@ type
     /// Create a proxy array from an enumerable collection (like TDictionary.Keys).
     /// </summary>
     class function Proxy<T>(const AEnumerable: IEnumerable<T>): TCryptoLibGenericArray<T>; static;
+    /// <summary>
+    /// Get the value for AKey if it exists, otherwise Default(V) (e.g. '' for string, nil for class/interface).
+    /// </summary>
+    class function GetValueOrNull<K, V>(const D: TDictionary<K, V>; const AKey: K): V; static;
+    /// <summary>
+    /// Get D[AKey] if the key exists, otherwise return AKey. For TDictionary&lt;T,T&gt;.
+    /// </summary>
+    class function GetValueOrKey<T>(const D: TDictionary<T, T>; const AKey: T): T; static;
   end;
 
 implementation
@@ -127,4 +135,22 @@ begin
   end;
 end;
 
+class function TCollectionUtilities.GetValueOrNull<K, V>(const D: TDictionary<K, V>;
+  const AKey: K): V;
+begin
+  if D.TryGetValue(AKey, Result) then
+    { Result already set }
+  else
+    Result := Default(V);
+end;
+
+class function TCollectionUtilities.GetValueOrKey<T>(const D: TDictionary<T, T>;
+  const AKey: T): T;
+begin
+  if D.TryGetValue(AKey, Result) then
+    { Result already set }
+  else
+    Result := AKey;
+end;
+
 end.

CryptoLib/src/Utils/ClpEnumUtilities.pas

@@ -0,0 +1,193 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                Copyright (c) 2018 - 20XX Ugochukwu Mmaduekwe                    * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                           development of this library                           * }
+
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit ClpEnumUtilities;
+
+{$I ..\Include\CryptoLib.inc}
+
+interface
+
+uses
+  SysUtils,
+  TypInfo,
+  ClpDateTimeUtilities,
+  ClpPlatform,
+  ClpCryptoLibTypes;
+
+type
+  /// <summary>
+  /// Utility class for enum operations, ported from Bouncy Castle Enums.
+  /// Works with ordinals; callers cast to their enum type e.g. TMyEnum(ordinal).
+  /// </summary>
+  TEnumUtilities = class sealed(TObject)
+  public
+    /// <summary>
+    /// Returns an array of ordinals for all defined values of the enum.
+    /// For enums with gaps, only ordinals that have a name are included.
+    /// Caller casts: TMyEnum(GetEnumValues(TypeInfo(TMyEnum))[i]).
+    /// </summary>
+    class function GetEnumValues(ATypeInfo: PTypeInfo): TCryptoLibInt32Array; overload; static;
+    /// <summary>
+    /// Returns an arbitrary (pseudo-random) ordinal of the enum, based on
+    /// CurrentUnixMs. If the enum has no values, returns 0.
+    /// Caller casts: TMyEnum(GetArbitraryValue(TypeInfo(TMyEnum))).
+    /// </summary>
+    class function GetArbitraryValue(ATypeInfo: PTypeInfo): Int32; overload; static;
+    /// <summary>
+    /// Tries to parse a string as an enum ordinal. Only parses single named
+    /// constants: non-empty, first character a letter, no comma. Replaces
+    /// '-' and '/' with '_' before parsing. Returns True and the ordinal
+    /// in AResult when successful; otherwise False and AResult is undefined.
+    /// Caller casts: TMyEnum(AResult).
+    /// </summary>
+    class function TryGetEnumValue(ATypeInfo: PTypeInfo; const S: String; out AResult: Int32): Boolean; overload; static;
+
+    // Generic overloads (T must be an enum); delegate to PTypeInfo versions.
+
+    /// <summary>
+    /// Returns an array of all defined values of the enum. Delegates to
+    /// GetEnumValues(PTypeInfo).
+    /// </summary>
+    class function GetEnumValues<T>: TCryptoLibGenericArray<T>; overload; static;
+    /// <summary>
+    /// Returns an arbitrary (pseudo-random) value of the enum. Delegates to
+    /// GetArbitraryValue(PTypeInfo). If the enum has no values, returns Default(T).
+    /// </summary>
+    class function GetArbitraryValue<T>: T; overload; static;
+    /// <summary>
+    /// Tries to parse a string as an enum value. Delegates to
+    /// TryGetEnumValue(PTypeInfo, S, out Int32). On failure, AResult is Default(T).
+    /// </summary>
+    class function TryGetEnumValue<T>(const S: String; out AResult: T): Boolean; overload; static;
+  end;
+
+implementation
+
+{ TEnumUtilities }
+
+class function TEnumUtilities.GetEnumValues(ATypeInfo: PTypeInfo): TCryptoLibInt32Array;
+var
+  LTypeData: PTypeData;
+  I, LOrd: Int32;
+  LList: TCryptoLibInt32Array;
+  LCount: Int32;
+begin
+  if (ATypeInfo = nil) or (ATypeInfo^.Kind <> tkEnumeration) then
+  begin
+    SetLength(Result, 0);
+    Exit;
+  end;
+  LTypeData := GetTypeData(ATypeInfo);
+  LCount := 0;
+  SetLength(LList, LTypeData^.MaxValue - LTypeData^.MinValue + 1);
+  for I := LTypeData^.MinValue to LTypeData^.MaxValue do
+  begin
+    if GetEnumName(ATypeInfo, I) <> '' then
+    begin
+      LList[LCount] := I;
+      Inc(LCount);
+    end;
+  end;
+  SetLength(Result, LCount);
+  for LOrd := 0 to LCount - 1 do
+    Result[LOrd] := LList[LOrd];
+end;
+
+class function TEnumUtilities.GetArbitraryValue(ATypeInfo: PTypeInfo): Int32;
+var
+  LValues: TCryptoLibInt32Array;
+  LPos: Int32;
+  LMs: Int64;
+begin
+  LValues := GetEnumValues(ATypeInfo);
+  if System.Length(LValues) = 0 then
+  begin
+    Result := 0;
+    Exit;
+  end;
+  LMs := TDateTimeUtilities.CurrentUnixMs() and Int64($7FFFFFFF);
+  LPos := Int32(LMs mod System.Length(LValues));
+  Result := LValues[LPos];
+end;
+
+class function TEnumUtilities.TryGetEnumValue(ATypeInfo: PTypeInfo; const S: String;
+  out AResult: Int32): Boolean;
+var
+  LProcessed: String;
+  LOrd: LongInt;
+begin
+  AResult := 0;
+  if (ATypeInfo = nil) or (ATypeInfo^.Kind <> tkEnumeration) then
+  begin
+    Result := False;
+    Exit;
+  end;
+  // Only parse single named constants: non-empty, first char a letter, no comma
+  if (System.Length(S) = 0) or (TPlatform.IndexOf(S, ',') > 0) then
+  begin
+    Result := False;
+    Exit;
+  end;
+  if not (S[1] in ['A'..'Z', 'a'..'z']) then
+  begin
+    Result := False;
+    Exit;
+  end;
+  LProcessed := StringReplace(S, '-', '_', [rfReplaceAll, rfIgnoreCase]);
+  LProcessed := StringReplace(LProcessed, '/', '_', [rfReplaceAll, rfIgnoreCase]);
+  LOrd := GetEnumValue(ATypeInfo, LProcessed);
+  if LOrd >= 0 then
+  begin
+    AResult := LOrd;
+    Result := True;
+  end
+  else
+    Result := False;
+end;
+
+class function TEnumUtilities.GetEnumValues<T>: TCryptoLibGenericArray<T>;
+var
+  LOrds: TCryptoLibInt32Array;
+  I: Int32;
+begin
+  LOrds := GetEnumValues(TypeInfo(T));
+  SetLength(Result, System.Length(LOrds));
+  for I := 0 to System.High(LOrds) do
+    Move(LOrds[I], Result[I], SizeOf(T));
+end;
+
+class function TEnumUtilities.GetArbitraryValue<T>: T;
+var
+  LOrd: Int32;
+begin
+  LOrd := GetArbitraryValue(TypeInfo(T));
+  Move(LOrd, Result, SizeOf(T));
+end;
+
+class function TEnumUtilities.TryGetEnumValue<T>(const S: String;
+  out AResult: T): Boolean;
+var
+  LOrd: Int32;
+begin
+  Result := TryGetEnumValue(TypeInfo(T), S, LOrd);
+  if Result then
+    Move(LOrd, AResult, SizeOf(T))
+  else
+    AResult := Default(T);
+end;
+
+end.

CryptoLib/src/Utils/ClpPlatform.pas

@@ -50,16 +50,20 @@ type
     /// <summary>
     /// Check if a string starts with a specified value (case-sensitive).
     /// </summary>
-    class function StartsWith(const AValue: String; const AStr: String): Boolean; overload; static;
+    class function StartsWith(const ASource: String; const APrefix: String): Boolean; overload; static;
     /// <summary>
     /// Check if a string starts with a specified value (optionally case-insensitive).
     /// </summary>
-    class function StartsWith(const AValue: String; const AStr: String; AIgnoreCase: Boolean): Boolean; overload; static;
+    class function StartsWith(const ASource, APrefix: String; AIgnoreCase: Boolean): Boolean; overload; static;
     /// <summary>
     /// Convert string to lowercase using invariant culture.
     /// </summary>
     class function ToLowerInvariant(const AStr: String): String; static;
     /// <summary>
+    /// Convert string to uppercase using invariant culture.
+    /// </summary>
+    class function ToUpperInvariant(const AStr: String): String; static;
+    /// <summary>
     /// Find the index of a character in a string (1-based, returns 0 if not found).
     /// </summary>
     class function IndexOf(const ASource: String; AValue: Char): Int32; overload; static;
@@ -88,6 +92,20 @@ type
     /// </summary>
     class function LastIndexOf(const ASource: String; const AValue: String): Int32; static;
     /// <summary>
+    /// Returns a substring from AStartIndex (1-based) to the end of the string.
+    /// If AStartIndex is less than 1, it is treated as 1. If AStartIndex is greater
+    /// than the string length, returns an empty string.
+    /// </summary>
+    class function Substring(const AStr: String; AStartIndex: Int32): String; overload; static;
+    /// <summary>
+    /// Returns a substring of ACount characters starting at AStartIndex (1-based).
+    /// If AStartIndex is less than 1, it is treated as 1. If AStartIndex is greater
+    /// than the string length, returns an empty string. If ACount would exceed the
+    /// remaining characters, returns from AStartIndex to the end of the string.
+    /// If ACount is less than or equal to 0, returns an empty string.
+    /// </summary>
+    class function Substring(const AStr: String; AStartIndex: Int32; ACount: Int32): String; overload; static;
+    /// <summary>
     /// Check if the current process is 64-bit.
     /// </summary>
     class function Is64BitProcess: Boolean; static;
@@ -134,28 +152,28 @@ begin
   Result := SysUtils.Trim(AStr);
 end;
 
-class function TPlatform.StartsWith(const AValue: String; const AStr: String): Boolean;
+class function TPlatform.StartsWith(const ASource: String; const APrefix: String): Boolean;
 begin
-  Result := StartsWith(AValue, AStr, False);
+  Result := StartsWith(ASource, APrefix, False);
 end;
 
-class function TPlatform.StartsWith(const AValue: String; const AStr: String; AIgnoreCase: Boolean): Boolean;
+class function TPlatform.StartsWith(const ASource, APrefix: String; AIgnoreCase: Boolean): Boolean;
 var
-  LValueLen, LStrLen: Int32;
+  LPrefixLen, LSourceLen: Int32;
   LSubStr: String;
 begin
-  LValueLen := System.Length(AValue);
-  LStrLen := System.Length(AStr);
-  if (LValueLen = 0) or (LStrLen < LValueLen) then
-  begin
-    Result := False;
-    Exit;
-  end;
-  LSubStr := System.Copy(AStr, 1, LValueLen);
+  LPrefixLen := System.Length(APrefix);
+  LSourceLen := System.Length(ASource);
+
+  if (LPrefixLen = 0) or (LPrefixLen > LSourceLen) then
+    Exit(False);
+
+  LSubStr := System.Copy(ASource, 1, LPrefixLen);
+
   if AIgnoreCase then
-    Result := SameText(LSubStr, AValue)
+    Result := SameText(LSubStr, APrefix)
   else
-    Result := (LSubStr = AValue);
+    Result := (LSubStr = APrefix);
 end;
 
 class function TPlatform.ToLowerInvariant(const AStr: String): String;
@@ -163,6 +181,11 @@ begin
   Result := LowerCase(AStr);
 end;
 
+class function TPlatform.ToUpperInvariant(const AStr: String): String;
+begin
+  Result := UpperCase(AStr);
+end;
+
 class function TPlatform.IndexOf(const ASource: String; AValue: Char): Int32;
 begin
   Result := System.Pos(AValue, ASource);
@@ -267,6 +290,39 @@ begin
   Result := 0;  // Not found
 end;
 
+class function TPlatform.Substring(const AStr: String; AStartIndex: Int32): String;
+var
+  LLen: Int32;
+begin
+  LLen := System.Length(AStr);
+  Result := Substring(AStr, AStartIndex, LLen - AStartIndex + 1);
+end;
+
+class function TPlatform.Substring(const AStr: String; AStartIndex: Int32;
+  ACount: Int32): String;
+var
+  LLen: Int32;
+  LActualCount: Int32;
+begin
+  LLen := System.Length(AStr);
+  if (LLen = 0) or (ACount <= 0) then
+  begin
+    Result := '';
+    Exit;
+  end;
+  if AStartIndex < 1 then
+    AStartIndex := 1;
+  if AStartIndex > LLen then
+  begin
+    Result := '';
+    Exit;
+  end;
+  LActualCount := ACount;
+  if AStartIndex + LActualCount - 1 > LLen then
+    LActualCount := LLen - AStartIndex + 1;
+  Result := System.Copy(AStr, AStartIndex, LActualCount);
+end;
+
 class function TPlatform.Is64BitProcess: Boolean;
 begin
   // Check if SizeOf(Pointer) is 8 bytes (64-bit) or 4 bytes (32-bit)