Merge pull request #142 from zk-passport/dev

better registry and new sig algs

registry/.gitignore

@@ -1,3 +1,10 @@
 node_modules/
 certificates
-csca_certificates
+cscas
+masterlists
+unique_cscas
+outputs/plain_text/*
+outputs/plain_text_master/*
+outputs/plain_text_unique/*
+src/csca/python scripts/__pycache__
+dsc_plain_text

registry/README.md

@@ -32,21 +32,26 @@ Build the merkle tree used in the app, serialize it and place it in `common/pubk
 ts-node src/dsc/build_merkle_tree.ts
 ```
 
-Visualize the signature algorithms of each countries, run:
+Visualize the signature algorithms of each country:
 ```
 ts-node src/dsc/extract_sig_algs.ts
 ```
 
 ### CSCAs (WIP)
 
-Extract pem certificates from ldif file:
+Extract pem certificates from all the masterlists from the ldif file:
 ```
-ts-node src/csca/extract_certificates.ts
+ts-node src/csca/extract_masterlists.ts
 ```
 
-Extract readable public keys from pem certicates:
+Visualize the content of a PEM file:
 ```
-ts-node src/csca/extract_pubkeys.ts
+openssl x509 -text -in outputs/unique_cscas/unique_cert_0.pem
+```
+
+Visualize the signature algorithms of each country:
+```
+ts-node src/csca/extract_sig_algs.ts
 ```
 
 More info: [ICAO website](https://www.icao.int/Security/FAL/PKD/Pages/icao-master-list.aspx)

registry/outputs/csca_bits_country.json

@@ -0,0 +1,461 @@
+{
+    "rsassaPss 4096 bit 65537": {
+        "C=CN, O=Macao SAR, OU=Identification Services Bureau, CN=China Passport Country Signing Certificate (Macao)": 2,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2020, CN=CSCA_Estonia": 2,
+        "C=NO, O=Ministry of Justice and Public Security, OU=National Police Directorate, CN=CSCA_NO": 3,
+        "CN=EU Laissez Passer CSCA, O=European Union, OU=European Commission, C=EU": 3,
+        "C=SI, O=state-institutions, OU=e-passport, CN=CSCA-Slovenia": 1,
+        "CN=Grand-Duchy of Luxembourg Country Signing CA eIdentity card, O=Grand-Duchy of Luxembourg Ministry of the Interior, C=LU": 3,
+        "C=LU, O=INCERT public agency, CN=Grand Duchy of Luxembourg CSCA": 2,
+        "CN=Grand-Duchy of Luxembourg CSCA eTravel Documents, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, C=LU": 2,
+        "C=LU, O=Grand-Duchy of Luxembourg Ministry Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA ePassport": 3,
+        "CN=CSCA01005, O=DFA, C=PH": 2,
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 10,
+        "CN=CSCA01001, O=Immigration, C=TZ": 2,
+        "C=HR, O=MUP RH, CN=CSCA-Croatia": 7,
+        "C=KN, O=Government of St. Christopher (St. Kitts) and Nevis, OU=Passport Office, CN=CSCA1": 1,
+        "C=DM, O=Commonwealth of Dominica, OU=Passport and Immigration Division, CN=csca-dominica": 1,
+        "C=PH, O=DFA, CN=CSCA01006": 2,
+        "CN=CSCA MKD, OU=MOI, O=GOV, C=MK": 1,
+        "C=CA, O=gc, OU=pptc, CN=csca-canada": 5,
+        "C=LU, O=Grand-Duchy of Luxembourg Ministry Foreign Affairs, CN=Grand-Duchy of Luxembourg Country Signing CA": 2,
+        "C=GH, O=Ghana Government, OU=NITA, serialNumber=2, CN=CSCA Ghana": 1,
+        "CN=Italian Country Signer CA, OU=National Electronic Center of Italian National Police, O=Ministry of Interior, C=IT": 1,
+        "C=AG, O=gov, OU=pcd, CN=csca-antigua": 2,
+        "CN=csca-montenegro-2, OU=Ministry of Interior, O=Montenegro, C=ME": 1,
+        "CN=CSCA NL eDL, serialNumber=02, OU=RDW, O=State of the Netherlands, C=NL": 1,
+        "C=VC, O=gov, OU=mns, CN=csca-svg": 4,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 5": 1,
+        "CN=CSCA Macedonia, OU=MOI, O=GOV, C=MK": 1,
+        "C=BS, O=gov, OU=mofa, CN=csca-bahamas": 1,
+        "C=EC, O=DIRECCION GENERAL DE REGISTRO CIVIL IDENTIFICACION Y CEDULACION, OU=DIGERCIC CSCA, serialNumber=1, CN=CSCA": 1,
+        "CN=Swedish Country Signing CA, O=Rikspolisstyrelsen, C=SE": 5,
+        "CN=Swedish Country Signing CA v2, O=Polismyndigheten, C=SE": 3,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 4": 2,
+        "C=TZ, O=Immigration, CN=csca-tanzania": 3,
+        "C=MN, O=General Authority for State Registration, CN=Mongolia CSCA": 1,
+        "C=BZ, O=gov, OU=moi, CN=csca-belize": 1,
+        "CN=Italian Country Signer CA, OU=National Electronic Center of State Police, O=Ministry of Interior, C=IT": 1,
+        "CN=Grand-Duchy of Luxembourg Country Signing CA, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, C=LU": 1,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2023, CN=CSCA_Estonia": 1,
+        "C=PH, O=DFA, CN=CSCA01007": 1,
+        "C=AM, O=GovRA, CN=CSCA": 1,
+        "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=53": 1,
+        "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 1,
+        "CN=CSCA01004, O=DFA, C=PH": 1,
+        "C=ca, O=gc, OU=pptc, CN=csca-canada": 1,
+        "CN=CSCA, OU=Passport and Consular Services, O=Ministry of Foreign Affairs, C=PY": 1,
+        "C=BH, O=KINGDOM OF BAHRAIN, CN=csca-bahrain": 1,
+        "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=51": 1,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2019, CN=CSCA Estonia": 2,
+        "CN=CSCA NL eDL, serialNumber=03, OU=RDW, O=State of the Netherlands, C=NL": 1,
+        "C=LU, O=INCERT public agency, serialNumber=2, CN=Grand Duchy of Luxembourg CSCA": 1
+    },
+    "ecdsa-with-SHA384 384 bit brainpoolP512r1": {
+        "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 3,
+        "C=DE, O=bund, OU=bsi, serialNumber=102, CN=csca-germany": 1,
+        "C=DE, O=bund, OU=bsi, serialNumber=101, CN=csca-germany": 3,
+        "C=UZ, O=GOV, OU=GCP, CN=CSCA-UZBEKISTAN": 5,
+        "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-2": 9,
+        "C=LB, O=GOV, OU=GDGS, CN=LEBANON CSCA": 3,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=006": 3,
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 3,
+        "C=CY, O=Republic of Cyprus, OU=Civil Registry and Migration Department, CN=CSCA-CYPRUS": 3,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=008": 2,
+        "CN=ePassCSCA, O=SUPERINTENDENCIA NACIONAL DE MIGRACIONES, OU=GERENCIA DE REGISTRO MIGRATORIO, C=PE": 1,
+        "C=DE, O=bund, OU=bsi, serialNumber=103, CN=csca-germany": 1,
+        "C=CR, O=Junta Adm. de la Direcci\u00f3n General de Migraci\u00f3n y Extranjer\u00eda, OU=DGTI, CN=Costa Rica CSCA": 1,
+        "C=BD, O=GOV, OU=DIP, CN=CSCA-BGD": 1,
+        "C=LV, O=OCMA, CN=CSCA Latvia, serialNumber=009": 1,
+        "C=DE, O=bund, OU=bsi, serialNumber=100, CN=csca-germany": 2,
+        "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 1,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=007": 1
+    },
+    "ecdsa-with-SHA256 256 bit unidentified": {
+        "C=CY, O=Republic of Cyprus, OU=Civil Registry and Migration Department, CN=CSCA-CYPRUS": 13,
+        "C=OM, O=GOV, OU=Royal Oman Police, CN=OMAN CSCA": 3,
+        "C=AE, O=MOI OU=EPASS, CN=UAE CSCA 01": 1,
+        "C=DE, O=bund, OU=bsi, serialNumber=013, CN=csca-germany": 1,
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 01": 7
+    },
+    "ecdsa-with-SHA256 384 bit secp384r1": {
+        "C=NZ, O=Government of New Zealand, OU=Identity and Passport Services, CN=Passport CSCA": 7,
+        "CN=CSCA HUNGARY, OU=Ministry of Interior, O=GOV, C=HU": 3,
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 1,
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 02": 1,
+        "C=SC, O=Department of Information Communication and Technology (DICT), CN=CSCA": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 65537": {
+        "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 3,
+        "serialNumber=7, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+        "C=ID, O=Direktorat Jenderal Imigrasi, OU=Direktorat Sistem dan Teknologi Informasi Keimigrasian, CN=CSCAProd": 3,
+        "C=KW, O=Ministry of Interior, OU=General Department of Nationality and Travel Documents, serialNumber=2016040101, CN=CSCA Kuwait": 2,
+        "CN=CSCA Turkey, O=Turkey Gov, C=TR": 5,
+        "OU=SMST, O=GOV, C=TM, CN=CSCA-Turkmenistan": 1,
+        "CN=AZ-CSCA, OU=e-passport, O=MIA, C=AZ": 3,
+        "CN=Kenya Country Signing CA, OU=KenyaGovernmentCertificationAuthority, O=ICTA, C=KE": 4,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2012, CN=CSCA Estonia": 2,
+        "C=NZ, O=Government of New Zealand, OU=Passports, OU=Identity Services Passport CA": 5,
+        "serialNumber=2, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panam\u00e1, O=Rep\u00fablica de Panam\u00e1, C=PA": 1,
+        "C=UA, L=Kyiv, street=38-44, Dehtiarivska str., postalCode=04119, O=SE \"Polygraph combine \"UKRAINA\" for securities` production\", CN=Polygraph combine \"UKRAINA\", serialNumber=UA-16286441-0001": 2,
+        "C=GR, O=Hellenic Republic, serialNumber=001, CN=CSCAeRP-HELLAS": 3,
+        "C=FI, O=Suomi Finland, OU=VRK, CN=Finland Country CA": 1,
+        "C=QA, O=Gov, CN=CSCA-QATAR": 5,
+        "serialNumber=3, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 1,
+        "C=UA, serialNumber=UA-16286441-0001, O=Polygraph combine UKRAINA for securities production, OU=SCPD PCU, CN=CSCA-UKRAINE": 3,
+        "C=UG, O=GO, OU=MIA, CN=CSCA-UGA": 3,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2020": 1,
+        "serialNumber=1, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panam\u00e1, O=Rep\u00fablica de Panam\u00e1, C=PA": 1,
+        "serialNumber=3, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=3, CN=CSCA SPAIN": 3,
+        "CN=CSCA-UZBEKISTAN, OU=GCP, O=GOV, C=UZ": 3,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2009, CN=CSCA Estonia": 2,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2019, CN=CSCA Estonia": 1,
+        "C=FR, O=Gouv, CN=CSCA-FRANCE": 5,
+        "serialNumber=1, O=Hellenic Republic, CN=CSCAeRP-HELLAS, C=GR, emailAddress=csca-erp@passport.gov.gr": 2,
+        "CN=GEO Country Signing CA, OU=Public Service Development Agency, O=Ministry of Justice of Georgia, C=GE": 3,
+        "serialNumber=5, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+        "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 5,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA": 2,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=PASAPORTE, CN=AC RAIZ PASAPORTE": 1,
+        "C=RO, O=DGP, CN=CSCA Romania": 3,
+        "C=TW, O=Taiwan Government, OU=Ministry of Foreign Affairs, OU=Bureau of Consular Affairs, CN=CSCA": 6,
+        "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 10,
+        "C=IE, O=Department of Foreign Affairs, OU=Passport Office, CN=CSCA Ireland": 6,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 4": 1,
+        "C=AU, O=GOV, OU=DFAT, OU=APO, CN=Passport Country Signing Authority": 3,
+        "C=SK, L=Bratislava, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=The Slovak CSCA": 1,
+        "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2011001 COTE D'IVOIRE - IVORY COAST, serialNumber=2011001": 1,
+        "OU=MLHA-DIC, O=GOV, C=BW, CN=CSCA-BWA": 1,
+        "serialNumber=2, CN=CSCA ALB, OU=Ministry of Interior, O=gov, C=al": 1,
+        "C=MA, O=Gov, CN=CSCA-MAROC": 6,
+        "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 6,
+        "serialNumber=4, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panam\u00e1, O=Rep\u00fablica de Panam\u00e1, C=PA": 1,
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 2,
+        "C=BW, O=GOV, OU=MNIGA-DIC, CN=CSCA-BWA": 3,
+        "CN=CSCA-KOSOVO, OU=MIA, O=GV, C=KS": 3,
+        "C=AD, O=GOV, OU=MJI, CN=CSCA-AND": 4,
+        "C=gb, O=UKKPA, CN=Country Signing Authority": 3,
+        "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 04": 2,
+        "C=ro, O=DGP, CN=CSCA Romania": 2,
+        "C=si, O=state-institutions, OU=e-passport, CN=CSCA-Slovenia": 6,
+        "C=MC, O=Principality of Monaco, OU=Foreign Office of Monaco, CN=CSCAPKI_MC": 6,
+        "C=NP, O=Ministry of Foreign Affairs, OU=Department of Passports, CN=Nepal CSCA": 1,
+        "CN=CSCA NL eDL, serialNumber=01, OU=RDW, O=State of the Netherlands, C=NL": 1,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA": 1,
+        "C=gb, O=UKKPA, CN=Domestic Use Only Country Signing Authority": 2,
+        "C=HU, O=GOV, OU=KEKKH, CN=ID-CSCA-HUNGARY 01": 2,
+        "C=KS, O=GV, OU=MIA, CN=CSCA-KOSOVO": 2,
+        "C=FI, O=Suomi Finland, OU=VRK, CN=Finland Country CA 2": 2,
+        "C=GA, O=GOUV, CN=CSCA-GABON": 1,
+        "C=TM, OU=SMST, O=GOV, CN=CSCA-Turkmenistan": 3,
+        "CN=CSCA, OU=Electronic Passports, O=Ministry of Interior, C=BG": 7,
+        "C=NO, O=The Ministry of Justice, OU=PDMT, CN=CSCA_NO": 2,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Trial Passport CA": 1,
+        "C=MV, O=Department of Immigration and Emigration, OU=Travel Document Section, CN=CSCA-Maldives": 1,
+        "CN=ECN Documentos de Viagem 006, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+        "serialNumber=2, CN=Norwegian Passport Certificate Authority, OU=National Police Computing and Material Service, O=The Norwegian Police, C=NO": 1,
+        "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2008001 COTE D'IVOIRE - IVORY COAST, serialNumber=2008001": 1,
+        "C=US, O=U.S. Government, OU=Department of State, OU=MRTD, OU=Certification Authorities, OU=U.S. Department of State MRTD CA": 9,
+        "C=NO, O=The Ministry of Justice and the Police, OU=PDMT, CN=CSCA_NO": 1,
+        "C=BB, O=Government of Barbados, OU=Immigration Department, CN=Barbados Passport CSCA": 3,
+        "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 02": 2,
+        "C=SK, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=CSCA Slovakia, serialNumber=2": 1,
+        "serialNumber=4, CN=CSCA ALB, OU=Ministry of Internal Affairs, O=gov, C=al": 1,
+        "C=UZ, O=GOV, OU=GCP, CN=CSCA-UZBEKISTAN": 1,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 2,
+        "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2015001 COTE D'IVOIRE - IVORY COAST, serialNumber=2015001": 2,
+        "C=SK, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=CSCA Slovakia, serialNumber=3": 1,
+        "serialNumber=1, O=Hellenic Republic, CN=CSCA-HELLAS, OU=Hellenic Police, C=GR, emailAddress=csca@passport.gov.gr": 1,
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 4,
+        "C=PT, O=Republica Portuguesa - Portuguese Republic, OU=ICAO MRTD PKI - CSCA, CN=ECN Documentos de Viagem 005": 2,
+        "C=SK, O=Ministry of Interior of the Slovak Republic, OU=SITB, CN=CSCA Slovakia, serialNumber=4": 2,
+        "C=LT, O=Consular department of Ministry of Foreign Affairs, OU=Certification Center of MFA CD, CN=CSCA LTU": 1,
+        "serialNumber=5, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+        "C=HU, O=GOV, OU=OIF, CN=OIFCA-HUNGARY 2": 1,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2017": 2,
+        "C=HU, O=GOV, OU=KEKKH, CN=ID-CSCA-HUNGARY 02": 1,
+        "C=CM, O=Government of the Republic of Cameroon, OU=DGSN, CN=Cameroon Passport CSCA": 1,
+        "C=ME, O=Montenegro, OU=Ministry of Interior, CN=csca-montenegro-2": 3,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA2": 2,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2016, CN=CSCA Estonia": 2,
+        "CN=CSCA NL, OU=Kingdom of the Netherlands, O=Kingdom of the Netherlands, C=NL": 2,
+        "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2015, CN=CSCA Estonia": 2,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=4, CN=CSCA SPAIN": 1,
+        "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=51": 1,
+        "C=CN, O=Chinese Government, OU=Ministry of Public Security, OU=Passport, CN=Passport CSCA": 1,
+        "serialNumber=4, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+        "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA COTE D'IVOIRE - IVORY COAST": 1,
+        "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 03": 2,
+        "CN=GEO Country Signing CA, OU=Civil Registry Agency, O=Ministry of Justice of Georgia, C=GE": 1,
+        "serialNumber=4, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+        "C=GR, O=Hellenic Republic, serialNumber=002, CN=CSCAeRP-HELLAS": 1,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2": 1,
+        "C=EE, O=Estonia, OU=Citizenship and Migration Board, serialNumber=01-2007, CN=CSCA Estonia": 1,
+        "CN=CSCA ALB, OU=Ministry of Interior, O=gov, C=al": 1,
+        "C=SK, L=Bratislava, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=The Slovak eTP eID CSCA, serialNumber=3": 1,
+        "serialNumber=5, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panam\u00e1, O=Rep\u00fablica de Panam\u00e1, C=PA": 1,
+        "C=KW, O=Ministry of Interior, OU=General Department of Nationality and Travel Documents, CN=CSCA Kuwait, serialNumber=2021050101": 1,
+        "serialNumber=3, CN=CSCA ALB, OU=Ministry of Internal Affairs, O=gov, C=al": 1,
+        "serialNumber=8, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+        "serialNumber=6, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+        "C=SK, O=Ministry of Interior of the Slovak Republic, OU=SITB, CN=CSCA Slovakia, serialNumber=5": 1,
+        "CN=Norwegian Passport Certificate Authority, OU=National Police Computing and Material Service, O=The Norwegian Police, C=NO": 1,
+        "C=MA, O=Gov, CN=CSCA-MAROC, serialNumber=2": 1,
+        "serialNumber=9, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+        "serialNumber=6, CN=CSCA NL, OU=Kingdom of the Netherlands, O=Kingdom of the Netherlands, C=NL": 1,
+        "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 05": 1
+    },
+    "rsassaPss 3072 bit 3": {
+        "C=KR, O=Government, OU=MOFAT, CN=CSCA": 1,
+        "C=KR, O=Government, OU=MOFA, CN=CSCA-KOREA": 1,
+        "C=KR, O=Government, OU=MOFA, CN=CSCA": 1,
+        "C=KR, O=Government, OU=MOFA, CN=CSCA003": 2
+    },
+    "sha512WithRSAEncryption 4096 bit 65537": {
+        "C=IS, L=REYKJAVIK, O=Thjodskra Islands, OU=Kt. 6503760649, OU=Country Signing CA, OU=Vottunarstefna http://www.vegabref.is/skilriki, CN=Ferdaskilriki - Island - G2": 1,
+        "O=LIECHTENSTEIN, CN=CSCA-LIECHTENSTEIN, OU=Auslaender- und Passamt, C=LI": 3,
+        "CN=Cameroon Passport CSCA, serialNumber=001, OU=DGSN, O=Republic of Cameroon, C=CM": 2,
+        "CN=ECN Documentos de Viagem 008, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 1,
+        "CN=ECN Documentos de Viagem 007, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+        "C=MX, O=SECRETARIA DE RELACIONES EXTERIORES, CN=CSCA MEXICO": 1,
+        "CN=CSCA, C=KP": 1,
+        "CN=Cameroon Passport CSCA, serialNumber=002, OU=DGSN, O=Republic of Cameroon, C=CM": 1,
+        "C=IS, O=Thjodskra Islands, OU=Country Signing CA, SN=6503760649, CN=Ferdaskilriki - Island - G3": 1
+    },
+    "sha1WithRSAEncryption 4096 bit 65537": {
+        "CN=Italian Country Signer CA, OU=National Electronic Center of State Police, O=Ministry of Interior, C=IT": 3,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 3": 3,
+        "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 01": 2,
+        "CN=Certificate Authority Offline-1, OU=eDocuments and eID, O=Republic of Kazakhstan, C=KZ": 3,
+        "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 11,
+        "CN=ECN Documentos de Viagem 003, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+        "CN=CERTIFICATION AUTHORITY, OU=SEGSTAT, O=HSVATICAN, C=VA": 3,
+        "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 4,
+        "CN=ECN Documentos de Viagem 004, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+        "C=ro, O=DGP, CN=CSCA Romania": 6,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2": 2,
+        "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 5,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 1,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY": 2,
+        "C=LU, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, CN=Grand-Duchy of Luxembourg Country Signing CA": 2,
+        "C=IT, O=MINISTERO DELL'INTERNO, OU=PE, CN=CERTIFICATION AUTHORITY 01": 2,
+        "CN=CSCA01002, O=DFA, C=PH": 1,
+        "CN=ECN Documentos de Viagem 002, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 1,
+        "CN=CSCAPKI_MC4, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+        "C=FR, O=Gouv, CN=CSCA-FRANCE": 1,
+        "CN=CSCA01003, O=DFA, C=PH": 1,
+        "C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=CSCAPKI_BE": 2,
+        "CN=CSCAPKI_MC1, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+        "C=HU, O=GOV, OU=BMH, CN=BMHCA-HUNGARY 1": 2,
+        "C=IT, O=MINISTERO DELL'INTERNO, OU=PE, CN=CERTIFICATION AUTHORITY": 3,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 4": 2,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=PASAPORTE, CN=AC RAIZ PASAPORTE": 1,
+        "C=LU, O=Ministry of Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA , serialNumber=100": 2,
+        "CN=CSCAPKI_MC2, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+        "C=HU, O=GOV, OU=BAH, CN=BAHCA-HUNGARY": 1,
+        "C=HU, O=GOV, OU=BAH, CN=BAHCA-HUNGARY 2": 1,
+        "OU=SEGSTAT, CN=CERTIFICATION AUTHORITY, O=HSVATICAN, C=VA": 1,
+        "C=HU, O=GOV, OU=OIF, CN=OIFCA-HUNGARY 1": 1,
+        "CN=CSCAPKI_MC3, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1
+    },
+    "sha256WithRSAEncryption 6144 bit 65537": {
+        "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA 07": 3,
+        "C=MD, O=State Enterprise REGISTRU, OU=MRTD Department, CN=ePassport CSCA": 3,
+        "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA": 1
+    },
+    "ecdsa-with-SHA1 256 bit secp256r1": {
+        "C=RU, ST=Russia, L=Moscow, O=FSUE STC Atlas, OU=UZIS, CN=CSCA-Russia, emailAddress=camail@stcnet.ru": 3,
+        "C=RU, ST=Russian Federation, L=Moscow, O=STC Atlas, OU=SZD, CN=CSCA-Russia, emailAddress=camail@stcnet.ru": 1,
+        "C=RU, L=Moscow, O=STC Atlas, OU=SZD, CN=Ilya Leoshkevich, emailAddress=szd@stcnet.ru": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 107903": {
+        "C=NG, ST=Abuja, L=Abuja, O=Nigeria Immigration Service, OU=Ministry of Interior, CN=Country Signer": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 65537": {
+        "serialNumber=3, CN=CSCA, OU=Servicio de Registro Civil e Identificacion, O=Ministerio de Justicia y Derechos Humanos, C=CL": 1,
+        "C=PL, O=ICAO CSCA, OU=MSWiA, CN=System Wydawania Paszport\u00f3w z Danymi Biometrycznymi": 8,
+        "serialNumber=1, CN=CSCA, OU=Servicio de Registro Civil e Identificaci\u00f3n, O=Ministerio de Justicia, C=CL": 2,
+        "serialNumber=2, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+        "C=DK, O=Kingdom of Denmark, CN=Country Signing CA": 6,
+        "C=UN, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 4,
+        "C=DK, O=Danish National Police, OU=Danish National Police, CN=Passport CSCA-Denmark, serialNumber=2": 1,
+        "CN=AC Pasaporte, C=VE, L=Caracas, ST=Distrito Capital, O=Sistema Nacional de Certificacion Electronica, OU=SUSCERTE, emailAddress=acpass@suscerte.gob.ve": 1,
+        "CN=CSCA Macedonia, OU=MOI, O=GOV, C=MK": 3,
+        "C=ar, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 1,
+        "C=CO, O=Colombia, OU=Certification Authorities, CN=Government of Colombia CSCA": 1,
+        "CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+        "C=LI, O=LIECHTENSTEIN, OU=Auslaender- und Passamt, CN=CSCA-LIECHTENSTEIN": 1,
+        "C=TL, O=REP\u00daBLICA DEMOCR\u00c1TICA DE TIMOR-LESTE, serialNumber=001, CN=CSCAePassportTimorLeste": 1,
+        "serialNumber=2, CN=CSCA, OU=Servicio de Registro Civil e Identificacion, O=Ministerio de Justicia y Derechos Humanos, C=CL": 2,
+        "C=PL, O=Minister ds informatyzacji, OU=Centrum Certyfikacji, CN=CSCA Poland": 3,
+        "serialNumber=3, CN=CSCA NL, OU=Ministry of Security and Justice, O=Kingdom of the Netherlands, C=NL": 1,
+        "C=NG, ST=FCT, L=Abuja, O=MSC Trustgate.com, OU=Federal Government of Nigeria, CN=Nigeria Country Signer 0705, emailAddress=ffatusin@imagetech.com.ng": 1,
+        "serialNumber=4, CN=CSCA NL, OU=Ministry of Security and Justice, O=Kingdom of the Netherlands, C=NL": 1,
+        "C=ZZ, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 1,
+        "serialNumber=3, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 1,
+        "C=DK, O=Danish National Police, OU=Danish National Police, CN=Passport CSCA-Denmark, serialNumber=1": 1,
+        "C=AR, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 1
+    },
+    "sha1WithRSAEncryption 2048 bit 65537": {
+        "C=IS, L=Reykjavik, O=Fjarmalaraduneyti, OU=Kt. 5501692829, OU=Country Signing CA, OU=Vottunarstefna https://www.thjodskra.is/repository/cps, CN=Ferdaskilriki - Island": 1,
+        "C=SM, O=RSM, OU=COUNTRY SIGNER CA, CN=RSM CSCA": 1,
+        "C=GE, L=Tbilisi, O=Ministry of Justice of Georgia, OU=Civil Registry Agency, CN=GEO CSCA": 1,
+        "CN=RSM-CSCA": 1
+    },
+    "ecdsa-with-SHA256 256 bit secp256r1": {
+        "CN=CSCA_FA_BE, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 2,
+        "CN=CSCAEC_BE_3, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 2,
+        "CN=CSCAEC_BE_2, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 1,
+        "C=BE, O=KINGDOM OF BELGIUM, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, CN=CSCA_FA_BE": 1,
+        "C=BJ, O=GOUV, OU=ANIP, OU=Certification Authorities, CN=CSCA-Benin": 1,
+        "C=RW, O=Republic of Rwanda, OU=ePassport, OU=Certification Authorities, CN=Republic of Rwanda CSCA": 1,
+        "CN=CSCAEC_BE, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 1
+    },
+    "rsassaPss 384 bit NOT RSA": {
+        "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=53": 1,
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 1,
+        "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 1
+    },
+    "rsassaPss 3072 bit 65537": {
+        "C=CZ, O=Czech Republic, OU=Ministry of Interior, CN=CSCA_CZ": 9,
+        "C=MY, O=Jabatan Imigresen Malaysia, ST=WP, L=Putrajaya, OU=Bahagian Keselamatan dan Pasport, CN=Malaysia Country Signer": 4,
+        "C=MY, ST=WP, L=Putrajaya, O=Jabatan Imigresen Malaysia, OU=Bahagian Keselamatan dan Pasport, CN=Malaysia Country Signer": 3,
+        "CN=CSCA Serbia, OU=Ministry of Interior, O=Republic of Serbia, C=RS": 4,
+        "CN=CSCA Tajikistan, OU=Ministry of Foreign Affairs, O=Republic of Tajikistan, C=TJ": 2
+    },
+    "sha1WithRSAEncryption 3072 bit 3": {
+        "C=TH, OU=Department of Consular Affairs, O=Ministry of Foreign Affairs, CN=Country Signing CA": 2,
+        "C=TH, OU=Country Signing CA, O=Country Signing CA, CN=Country Signing CA": 1
+    },
+    "sha256WithRSAEncryption 384 bit NOT RSA": {
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 1,
+        "C=NZ, O=Government of New Zealand, OU=Passports, OU=Identity Services Passport CA": 1,
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2020": 1,
+        "C=HU, O=GOV, OU=KEKKH, CN=ID-CSCA-HUNGARY 02": 1,
+        "C=HU, O=GOV, OU=OIF, CN=OIFCA-HUNGARY 2": 1
+    },
+    "ecdsa-with-SHA1 384 bit secp384r1": {
+        "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-1": 1
+    },
+    "rsassaPss 4096 bit 3": {
+        "C=CN, O=Macao SAR, OU=Identification Services Bureau, CN=China Passport Country Signing Certificate (Macao)": 6,
+        "CN=Hong Kong China Country Signing Certificate Authority, O=Hong Kong China, OU=Immigration Department, C=CN": 1,
+        "CN=China Passport Country Signing Certificate (Macao), O=Macao SAR, OU=Identification Services Bureau, C=CN": 2,
+        "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 2
+    },
+    "ecdsa-with-SHA1 256 bit unidentified": {
+        "C=BA, O=mcp, OU=iddeea, serialNumber=001, CN=csca-iddeea-ba": 2,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=005": 1,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=003": 2,
+        "C=DE, O=bund, OU=bsi, serialNumber=001, CN=csca-germany": 2,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=001": 2,
+        "CN=Country Signing CA Lithuania, C=LTU, serialNumber=001": 1,
+        "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=005": 1,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=002": 2,
+        "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=004": 1,
+        "C=LT, O=ADIC under MOI, CN=CSCA, serialNumber=006": 1,
+        "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=002": 3,
+        "C=LT, O=ADIC under MOI, CN=CSCA, serialNumber=001": 2,
+        "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=004": 2,
+        "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=003": 1
+    },
+    "ecdsa-with-SHA512 512 bit brainpoolP512t1": {
+        "C=VN, O=Vietnam Government Information Security Commission, CN=CSCA ePassport Vietnam": 1,
+        "C=CH, O=FDJP, OU=fedpol, OU=eDoc-PKI, CN=CSCA-CHE": 1,
+        "C=DE, O=bund, OU=bsi, CN=csca-germany": 3,
+        "CN=Autoridade Certificadora Ministerio das Relacoes Exteriores, OU=Autoridade Certificadora Raiz Brasileira v4, O=ICP-Brasil, C=BR": 1,
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 1
+    },
+    "sha384WithRSAEncryption 4096 bit 65537": {
+        "C=LI, O=LIECHTENSTEIN, OU=Auslaender- und Passamt, CN=CSCA-LIECHTENSTEIN": 1,
+        "O=GOV, CN=CSCA-AND, OU=MJI, C=AD": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 65537": {
+        "C=IS, L=REYKJAVIK, O=Thjodskra Islands, OU=Kt. 6503760649, OU=Country Signing CA, OU=Vottunarstefna http://www.vegabref.is/skilriki, CN=Ferdaskilriki - Island - G2": 1,
+        "C=IN, O=National Informatics Centre, OU=Sub-CA, CN=NIC sub-CA for ePassport-India 2011": 1,
+        "C=IS, L=Reykjavik, O=Fjarmalaraduneyti, OU=Kt. 5501692829, OU=Country Signing CA, OU=Vottunarstefna https://www.thjodskra.is/repository/cps, CN=Ferdaskilriki - Island": 1
+    },
+    "rsassaPss 2048 bit 65537": {
+        "CN=Swedish Country Signing CA, O=Rikspolisstyrelsen, C=SE": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 56611": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1,
+        "CN=CSCA-Islamic Republic of IRAN, OU=Police CA Center, O=Ministry of Interior, C=IR": 1
+    },
+    "ecdsa-with-SHA256 384 bit brainpoolP512r1": {
+        "CN=CSCA-UY, O=MI, OU=DNIC, C=UY": 1,
+        "C=CY, O=Republic of Cyprus, OU=Civil Registry and Migration Department, CN=CSCA-CYPRUS": 1,
+        "C=DE, O=bund, OU=bsi, serialNumber=013, CN=csca-germany": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 43459": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "ecdsa-with-SHA384 384 bit secp384r1": {
+        "C=BY, O=Republic of Belarus, OU=NCES, CN=CSCA Belarus": 1,
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 2,
+        "CN=EPPCSCA, OU=PIBA, O=State of Israel, C=IL": 1,
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 1
+    },
+    "ecdsa-with-SHA512 384 bit probably_secp384r1": {
+        "C=DZ, O=Gov, OU=MICL, CN=CSCA-ALGERIA": 3
+    },
+    "sha256WithRSAEncryption 521 bit NOT RSA": {
+        "CN=CSCA Turkey, O=Turkey Gov, C=TR": 2
+    },
+    "sha512WithRSAEncryption 512 bit NOT RSA": {
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 1
+    },
+    "ecdsa-with-SHA512 521 bit ed448": {
+        "C=TR, O=Republic of Turkey Ministry of Interior, OU=General Directorate of Civil Registration and Nationality, CN=Passport CSCA Turkey": 4,
+        "CN=CSCA, serialNumber=001, O=Department of the Registrar General, C=ZW": 1,
+        "C=IQ, CN=Iraqi Ministry of Interior CSCA, OU=General Directorate of Civil Status, Passports, and Residency, O=Iraqi Ministry of Interior": 1,
+        "C=IS, O=Thjodskra Islands, OU=Country Signing CA, SN=6503760649, CN=Ferdaskilriki - Island - G3": 1
+    },
+    "sha1WithRSAEncryption 4096 bit 3": {
+        "OU=SEGSTAT, CN=CERTIFICATION AUTHORITY, O=HSVATICAN, C=VA": 1
+    },
+    "sha384WithRSAEncryption 3072 bit 65537": {
+        "C=TJ, O=Republic of Tajikistan, OU=Ministry of Foreign Affairs, CN=CSCA Tajikistan, serialNumber=3": 1
+    },
+    "ecdsa-with-SHA384 4096 bit probably_secp384r1": {
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 1
+    },
+    "ecdsa-with-SHA512 384 bit secp384r1": {
+        "C=DZ, O=Gov, OU=MICL, CN=CSCA-ALGERIA": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 58097": {
+        "C=ME, O=Montenegro, OU=Ministry of Interior and Public Administration, CN=csca-montenegro-1": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 38129": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 2
+    },
+    "sha256WithRSAEncryption 4096 bit 109729": {
+        "C=SN, ST=Dakar, L=Dakar, O=Ministry of Interior, OU=Passport Office, CN=Country Signer": 1
+    },
+    "sha1WithRSAEncryption 4096 bit 50633": {
+        "CN=CSCA-Islamic Republic of IRAN, OU=Police CA Center, O=Ministry of Interior, C=IR": 1
+    },
+    "ecdsa-with-SHA384 512 bit brainpoolP512t1": {
+        "C=DE, O=bund, OU=bsi, serialNumber=103, CN=csca-germany": 1,
+        "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-2": 1
+    },
+    "sha1WithRSAEncryption 6144 bit 65537": {
+        "C=MD, ST=Moldova Republic of, L=Chisinau, O=IS Centrul de telecomunicatii speciale, OU=Centrul de certificare a cheilor publice, CN=Moldova ePassport CSCA": 1,
+        "C=MD, ST=Republic of Moldova, L=Kisinau, O=SE Center of spetial telecommunications 1003600096694, OU=Certification Authority, street=166 Stefan cel Mare bd, CN=Moldova ePassport CSCA, telephoneNumber=+373 22 250541, emailAddress=admin1-cert@biopass.gov.md": 1,
+        "CN=ePassport CSCA, OU=MRTD Department, O=REGISTRU, C=MD": 1
+    },
+    "ecdsa-with-SHA512 256 bit unidentified": {
+        "C=BA, O=mcp, OU=iddeea, serialNumber=2, CN=csca-iddeea-ba": 1
+    },
+    "sha256WithRSAEncryption 4096 bit 127485": {
+        "C=SN, ST=Dakar, L=Dakar, O=Ministry of Interior, OU=Passport Office, CN=Country Signer": 1
+    },
+    "ecdsa-with-SHA512 521 bit probably_secp384r1": {
+        "C=TR, O=Republic of Turkey Ministry of Interior, OU=General Directorate of Civil Registration and Nationality, CN=Passport CSCA Turkey": 1
+    },
+    "sha512WithRSAEncryption 521 bit NOT RSA": {
+        "C=IS, O=Thjodskra Islands, OU=Country Signing CA, SN=6503760649, CN=Ferdaskilriki - Island - G3": 1
+    }
+}

registry/outputs/csca_signature_algorithms.json

@@ -0,0 +1,343 @@
+{
+  "ecdsa-with-SHA384": {
+    "CN=ePassCSCA, O=SUPERINTENDENCIA NACIONAL DE MIGRACIONES, OU=GERENCIA DE REGISTRO MIGRATORIO, C=PE": 1,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=006": 3,
+    "C=GB, O=UKKPA, CN=Country Signing Authority": 2,
+    "C=LB, O=GOV, OU=GDGS, CN=LEBANON CSCA": 3,
+    "C=DE, O=bund, OU=bsi, serialNumber=103, CN=csca-germany": 2,
+    "C=DE, O=bund, OU=bsi, serialNumber=101, CN=csca-germany": 3,
+    "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 3,
+    "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-2": 10,
+    "C=DE, O=bund, OU=bsi, serialNumber=100, CN=csca-germany": 2,
+    "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 1,
+    "C=CY, O=Republic of Cyprus, OU=Civil Registry and Migration Department, CN=CSCA-CYPRUS": 1,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=008": 2,
+    "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 2,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=007": 1,
+    "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 3,
+    "C=DE, O=bund, OU=bsi, serialNumber=102, CN=csca-germany": 1,
+    "C=UZ, O=GOV, OU=GCP, CN=CSCA-UZBEKISTAN": 5,
+    "C=LV, O=OCMA, CN=CSCA Latvia, serialNumber=009": 1,
+    "CN=EPPCSCA, OU=PIBA, O=State of Israel, C=IL": 1,
+    "C=CR, O=Junta Adm. de la Dirección General de Migración y Extranjería, OU=DGTI, CN=Costa Rica CSCA": 1,
+    "C=BY, O=Republic of Belarus, OU=NCES, CN=CSCA Belarus": 1
+  },
+  "sha256WithRSAEncryption": {
+    "serialNumber=4, CN=CSCA NL, OU=Ministry of Security and Justice, O=Kingdom of the Netherlands, C=NL": 1,
+    "C=HU, O=GOV, OU=KEKKH, CN=ID-CSCA-HUNGARY 01": 2,
+    "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 4,
+    "CN=CSCA-UZBEKISTAN, OU=GCP, O=GOV, C=UZ": 3,
+    "C=KS, O=GV, OU=MIA, CN=CSCA-KOSOVO": 2,
+    "OU=SMST, O=GOV, C=TM, CN=CSCA-Turkmenistan": 1,
+    "CN=CSCA-KOSOVO, OU=MIA, O=GV, C=KS": 3,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=3, CN=CSCA SPAIN": 3,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 4": 1,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2017": 2,
+    "C=GR, O=Hellenic Republic, serialNumber=001, CN=CSCAeRP-HELLAS": 3,
+    "C=ro, O=DGP, CN=CSCA Romania": 2,
+    "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA2": 2,
+    "serialNumber=4, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+    "serialNumber=5, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2016, CN=CSCA Estonia": 2,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2015, CN=CSCA Estonia": 2,
+    "C=MV, O=Department of Immigration and Emigration, OU=Travel Document Section, CN=CSCA-Maldives": 1,
+    "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 02": 2,
+    "C=AR, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 1,
+    "C=GB, O=UKKPA, CN=Country Signing Authority": 3,
+    "CN=CSCA Turkey, O=Turkey Gov, C=TR": 7,
+    "C=MC, O=Principality of Monaco, OU=Foreign Office of Monaco, CN=CSCAPKI_MC": 4,
+    "C=IE, O=Department of Foreign Affairs, OU=Passport Office, CN=CSCA Ireland": 6,
+    "C=DK, O=Kingdom of Denmark, CN=Country Signing CA": 5,
+    "CN=GEO Country Signing CA, OU=Civil Registry Agency, O=Ministry of Justice of Georgia, C=GE": 1,
+    "CN=CSCA ALB, OU=Ministry of Interior, O=gov, C=al": 1,
+    "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 4,
+    "C=FR, O=Gouv, CN=CSCA-FRANCE": 5,
+    "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 10,
+    "C=UA, serialNumber=UA-16286441-0001, O=Polygraph combine UKRAINA for securities production, OU=SCPD PCU, CN=CSCA-UKRAINE": 3,
+    "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 3,
+    "C=UG, O=GO, OU=MIA, CN=CSCA-UGA": 3,
+    "C=BW, O=GOV, OU=MNIGA-DIC, CN=CSCA-BWA": 3,
+    "OU=MLHA-DIC, O=GOV, C=BW, CN=CSCA-BWA": 1,
+    "serialNumber=2, CN=Norwegian Passport Certificate Authority, OU=National Police Computing and Material Service, O=The Norwegian Police, C=NO": 1,
+    "CN=AZ-CSCA, OU=e-passport, O=MIA, C=AZ": 3,
+    "CN=Norwegian Passport Certificate Authority, OU=National Police Computing and Material Service, O=The Norwegian Police, C=NO": 1,
+    "C=PT, O=Republica Portuguesa - Portuguese Republic, OU=ICAO MRTD PKI - CSCA, CN=ECN Documentos de Viagem 005": 2,
+    "C=US, O=U.S. Government, OU=Department of State, OU=MRTD, OU=Certification Authorities, OU=U.S. Department of State MRTD CA": 9,
+    "C=gb, O=UKKPA, CN=Country Signing Authority": 3,
+    "C=TW, O=Taiwan Government, OU=Ministry of Foreign Affairs, OU=Bureau of Consular Affairs, CN=CSCA": 6,
+    "C=SK, L=Bratislava, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=The Slovak CSCA": 1,
+    "C=NZ, O=Government of New Zealand, OU=Passports, OU=Identity Services Passport CA": 6,
+    "C=NO, O=The Ministry of Justice and the Police, OU=PDMT, CN=CSCA_NO": 1,
+    "C=EE, O=Estonia, OU=Citizenship and Migration Board, serialNumber=01-2007, CN=CSCA Estonia": 1,
+    "C=si, O=state-institutions, OU=e-passport, CN=CSCA-Slovenia": 6,
+    "C=NO, O=The Ministry of Justice, OU=PDMT, CN=CSCA_NO": 2,
+    "CN=CSCA, OU=Electronic Passports, O=Ministry of Interior, C=BG": 5,
+    "C=FI, O=Suomi Finland, OU=VRK, CN=Finland Country CA": 1,
+    "CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+    "serialNumber=1, CN=CSCA, OU=Servicio de Registro Civil e Identificación, O=Ministerio de Justicia, C=CL": 2,
+    "C=PL, O=ICAO CSCA, OU=MSWiA, CN=System Wydawania Paszportów z Danymi Biometrycznymi": 8,
+    "C=IS, L=REYKJAVIK, O=Thjodskra Islands, OU=Kt. 6503760649, OU=Country Signing CA, OU=Vottunarstefna http://www.vegabref.is/skilriki, CN=Ferdaskilriki - Island - G2": 1,
+    "C=UZ, O=GOV, OU=GCP, CN=CSCA-UZBEKISTAN": 1,
+    "serialNumber=1, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panamá, O=República de Panamá, C=PA": 1,
+    "C=SK, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=CSCA Slovakia, serialNumber=3": 1,
+    "CN=GEO Country Signing CA, OU=Public Service Development Agency, O=Ministry of Justice of Georgia, C=GE": 3,
+    "C=MD, O=State Enterprise REGISTRU, OU=MRTD Department, CN=ePassport CSCA": 3,
+    "C=KW, O=Ministry of Interior, OU=General Department of Nationality and Travel Documents, serialNumber=2016040101, CN=CSCA Kuwait": 1,
+    "serialNumber=1, O=Hellenic Republic, CN=CSCAeRP-HELLAS, C=GR, emailAddress=csca-erp@passport.gov.gr": 2,
+    "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 6,
+    "C=AU, O=GOV, OU=DFAT, OU=APO, CN=Passport Country Signing Authority": 3,
+    "serialNumber=5, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+    "serialNumber=3, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+    "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA": 1,
+    "serialNumber=4, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panamá, O=República de Panamá, C=PA": 1,
+    "serialNumber=2, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panamá, O=República de Panamá, C=PA": 1,
+    "C=GR, O=Hellenic Republic, serialNumber=002, CN=CSCAeRP-HELLAS": 1,
+    "C=TM, OU=SMST, O=GOV, CN=CSCA-Turkmenistan": 3,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 2,
+    "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA COTE D'IVOIRE - IVORY COAST": 1,
+    "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2015001 COTE D'IVOIRE - IVORY COAST, serialNumber=2015001": 3,
+    "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2011001 COTE D'IVOIRE - IVORY COAST, serialNumber=2011001": 1,
+    "CN=CSCA NL, OU=Kingdom of the Netherlands, O=Kingdom of the Netherlands, C=NL": 2,
+    "serialNumber=6, CN=CSCA NL, OU=Kingdom of the Netherlands, O=Kingdom of the Netherlands, C=NL": 1,
+    "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 5,
+    "C=HU, O=GOV, OU=KEKKH, CN=ID-CSCA-HUNGARY 02": 2,
+    "C=HU, O=GOV, OU=OIF, CN=OIFCA-HUNGARY 2": 2,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2020": 2,
+    "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 05": 1,
+    "C=BB, O=Government of Barbados, OU=Immigration Department, CN=Barbados Passport CSCA": 3,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2019, CN=CSCA Estonia": 1,
+    "C=RO, O=DGP, CN=CSCA Romania": 3,
+    "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 03": 2,
+    "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 04": 2,
+    "CN=ECN Documentos de Viagem 006, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+    "C=ME, O=Montenegro, OU=Ministry of Interior, CN=csca-montenegro-2": 3,
+    "C=ME, O=Montenegro, OU=Ministry of Interior and Public Administration, CN=csca-montenegro-1": 1,
+    "C=PL, O=Minister ds informatyzacji, OU=Centrum Certyfikacji, CN=CSCA Poland": 3,
+    "C=QA, O=Gov, CN=CSCA-QATAR": 5,
+    "C=TL, O=REPÚBLICA DEMOCRÁTICA DE TIMOR-LESTE, serialNumber=001, CN=CSCAePassportTimorLeste": 1,
+    "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=51": 1,
+    "C=UN, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 4,
+    "C=MA, O=Gov, CN=CSCA-MAROC": 4,
+    "C=MA, O=Gov, CN=CSCA-MAROC, serialNumber=2": 1,
+    "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA": 1,
+    "serialNumber=7, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 3,
+    "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA 07": 1,
+    "serialNumber=2, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+    "C=ZZ, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 1,
+    "serialNumber=2, CN=CSCA, OU=Servicio de Registro Civil e Identificacion, O=Ministerio de Justicia y Derechos Humanos, C=CL": 2,
+    "serialNumber=3, CN=CSCA NL, OU=Ministry of the Interior and Kingdom Relations, O=State of the Netherlands, C=NL": 2,
+    "serialNumber=3, CN=CSCA NL, OU=Ministry of Security and Justice, O=Kingdom of the Netherlands, C=NL": 1,
+    "C=IS, L=Reykjavik, O=Fjarmalaraduneyti, OU=Kt. 5501692829, OU=Country Signing CA, OU=Vottunarstefna https://www.thjodskra.is/repository/cps, CN=Ferdaskilriki - Island": 1,
+    "C=FI, O=Suomi Finland, OU=VRK, CN=Finland Country CA 2": 2,
+    "C=UA, L=Kyiv, street=38-44, Dehtiarivska str., postalCode=04119, O=SE \"Polygraph combine \"UKRAINA\" for securities` production\", CN=Polygraph combine \"UKRAINA\", serialNumber=UA-16286441-0001": 2,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2012, CN=CSCA Estonia": 2,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2009, CN=CSCA Estonia": 2,
+    "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA": 2,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2": 1,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=PASAPORTE, CN=AC RAIZ PASAPORTE": 1,
+    "C=LI, O=LIECHTENSTEIN, OU=Auslaender- und Passamt, CN=CSCA-LIECHTENSTEIN": 1,
+    "C=gb, O=UKKPA, CN=Domestic Use Only Country Signing Authority": 2,
+    "C=DK, O=Danish National Police, OU=Danish National Police, CN=Passport CSCA-Denmark, serialNumber=2": 1,
+    "C=SK, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=CSCA Slovakia, serialNumber=2": 1,
+    "C=AD, O=GOV, OU=MJI, CN=CSCA-AND": 3,
+    "C=SK, O=Ministry of Interior of the Slovak Republic, OU=SITB, CN=CSCA Slovakia, serialNumber=4": 1,
+    "C=NP, O=Ministry of Foreign Affairs, OU=Department of Passports, CN=Nepal CSCA": 1,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=4, CN=CSCA SPAIN": 1,
+    "CN=CSCA Macedonia, OU=MOI, O=GOV, C=MK": 3,
+    "serialNumber=5, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panamá, O=República de Panamá, C=PA": 1,
+    "serialNumber=3, CN=CSCA, OU=Servicio de Registro Civil e Identificacion, O=Ministerio de Justicia y Derechos Humanos, C=CL": 1,
+    "serialNumber=1, O=Hellenic Republic, CN=CSCA-HELLAS, OU=Hellenic Police, C=GR, emailAddress=csca@passport.gov.gr": 1,
+    "serialNumber=6, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+    "serialNumber=4, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+    "serialNumber=9, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+    "CN=AC Pasaporte, C=VE, L=Caracas, ST=Distrito Capital, O=Sistema Nacional de Certificacion Electronica, OU=SUSCERTE, emailAddress=acpass@suscerte.gob.ve": 1,
+    "C=GA, O=GOUV, CN=CSCA-GABON": 1,
+    "C=LT, O=Consular department of Ministry of Foreign Affairs, OU=Certification Center of MFA CD, CN=CSCA LTU": 1,
+    "C=CN, O=Chinese Government, OU=Ministry of Public Security, OU=Passport, CN=Passport CSCA": 1,
+    "C=SN, ST=Dakar, L=Dakar, O=Ministry of Interior, OU=Passport Office, CN=Country Signer": 2,
+    "C=ar, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 1,
+    "C=ID, O=Direktorat Jenderal Imigrasi, OU=Direktorat Sistem dan Teknologi Informasi Keimigrasian, CN=CSCAProd": 3,
+    "CN=CSCA-Islamic Republic of IRAN, OU=Police CA Center, O=Ministry of Interior, C=IR": 1,
+    "C=IN, O=National Informatics Centre, OU=Sub-CA, CN=NIC sub-CA for ePassport-India 2011": 1,
+    "C=CI, O=COTE D'IVOIRE - MINISTERE DE L'INTERIEUR, CN=CSCA 2008001 COTE D'IVOIRE - IVORY COAST, serialNumber=2008001": 1,
+    "C=CO, O=Colombia, OU=Certification Authorities, CN=Government of Colombia CSCA": 1,
+    "C=SG, O=Ministry of Home Affairs, OU=Singapore Trial Passport CA": 1,
+    "C=NG, ST=FCT, L=Abuja, O=MSC Trustgate.com, OU=Federal Government of Nigeria, CN=Nigeria Country Signer 0705, emailAddress=ffatusin@imagetech.com.ng": 1,
+    "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1,
+    "C=NG, ST=Abuja, L=Abuja, O=Nigeria Immigration Service, OU=Ministry of Interior, CN=Country Signer": 1,
+    "C=SK, L=Bratislava, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=The Slovak eTP eID CSCA, serialNumber=3": 1,
+    "serialNumber=8, O=Hellenic Republic, CN=CSCA-HELLAS, C=GR, emailAddress=csca@passport.gov.gr": 1,
+    "C=KW, O=Ministry of Interior, OU=General Department of Nationality and Travel Documents, CN=CSCA Kuwait, serialNumber=2021050101": 1,
+    "C=DK, O=Danish National Police, OU=Danish National Police, CN=Passport CSCA-Denmark, serialNumber=1": 1
+  },
+  "ecdsa-with-SHA256": {
+    "CN=CSCA_FA_BE, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 2,
+    "CN=CSCAEC_BE_3, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 2,
+    "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 01": 7,
+    "CN=CSCA-UY, O=MI, OU=DNIC, C=UY": 1,
+    "C=CY, O=Republic of Cyprus, OU=Civil Registry and Migration Department, CN=CSCA-CYPRUS": 14,
+    "C=DE, O=bund, OU=bsi, serialNumber=013, CN=csca-germany": 2,
+    "CN=CSCAEC_BE_2, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 1,
+    "C=NZ, O=Government of New Zealand, OU=Identity and Passport Services, CN=Passport CSCA": 5,
+    "C=RW, O=Republic of Rwanda, OU=ePassport, OU=Certification Authorities, CN=Republic of Rwanda CSCA": 1,
+    "CN=CSCA HUNGARY, OU=Ministry of Interior, O=GOV, C=HU": 3,
+    "C=OM, O=GOV, OU=Royal Oman Police, CN=OMAN CSCA": 3,
+    "C=GB, O=UKKPA, CN=Country Signing Authority": 1,
+    "CN=CSCAEC_BE, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, O=KINGDOM OF BELGIUM, C=BE": 1,
+    "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 02": 1,
+    "C=BJ, O=GOUV, OU=ANIP, OU=Certification Authorities, CN=CSCA-Benin": 1,
+    "C=BE, O=KINGDOM OF BELGIUM, OU=FEDERAL PUBLIC SERVICE FOREIGN AFFAIRS BELGIUM, CN=CSCA_FA_BE": 1,
+    "C=SC, O=Department of Information Communication and Technology (DICT), CN=CSCA": 1,
+    "C=AE, O=MOI OU=EPASS, CN=UAE CSCA 01": 1
+  },
+  "ecdsa-with-SHA512": {
+    "C=DZ, O=Gov, OU=MICL, CN=CSCA-ALGERIA": 4,
+    "CN=Autoridade Certificadora Ministerio das Relacoes Exteriores, OU=Autoridade Certificadora Raiz Brasileira v4, O=ICP-Brasil, C=BR": 1,
+    "C=TR, O=Republic of Turkey Ministry of Interior, OU=General Directorate of Civil Registration and Nationality, CN=Passport CSCA Turkey": 5,
+    "C=DE, O=bund, OU=bsi, CN=csca-germany": 3,
+    "C=BA, O=mcp, OU=iddeea, serialNumber=2, CN=csca-iddeea-ba": 1,
+    "CN=CSCA, serialNumber=001, O=Department of the Registrar General, C=ZW": 1,
+    "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 1,
+    "C=CH, O=FDJP, OU=fedpol, OU=eDoc-PKI, CN=CSCA-CHE": 1,
+    "C=VN, O=Vietnam Government Information Security Commission, CN=CSCA ePassport Vietnam": 1,
+    "C=IQ, CN=Iraqi Ministry of Interior CSCA, OU=General Directorate of Civil Status, Passports, and Residency, O=Iraqi Ministry of Interior": 1
+  },
+  "rsassaPss        ": {
+    "C=CZ, O=Czech Republic, OU=Ministry of Interior, CN=CSCA_CZ": 9,
+    "CN=CSCA Serbia, OU=Ministry of Interior, O=Republic of Serbia, C=RS": 4,
+    "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 3,
+    "C=KN, O=Government of St. Christopher (St. Kitts) and Nevis, OU=Passport Office, CN=CSCA1": 1,
+    "CN=China Passport Country Signing Certificate (Macao), O=Macao SAR, OU=Identification Services Bureau, C=CN": 2,
+    "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 11,
+    "CN=Swedish Country Signing CA, O=Rikspolisstyrelsen, C=SE": 6,
+    "C=ca, O=gc, OU=pptc, CN=csca-canada": 1,
+    "C=HR, O=MUP RH, CN=CSCA-Croatia": 7,
+    "C=KR, O=Government, OU=MOFAT, CN=CSCA": 1,
+    "C=CA, O=gc, OU=pptc, CN=csca-canada": 5,
+    "CN=CSCA01004, O=DFA, C=PH": 1,
+    "C=NO, O=Ministry of Justice and Public Security, OU=National Police Directorate, CN=CSCA_NO": 3,
+    "CN=EU Laissez Passer CSCA, O=European Union, OU=European Commission, C=EU": 3,
+    "C=LU, O=Grand-Duchy of Luxembourg Ministry Foreign Affairs, CN=Grand-Duchy of Luxembourg Country Signing CA": 2,
+    "CN=Grand-Duchy of Luxembourg Country Signing CA eIdentity card, O=Grand-Duchy of Luxembourg Ministry of the Interior, C=LU": 3,
+    "C=LU, O=Grand-Duchy of Luxembourg Ministry Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA ePassport": 3,
+    "C=MN, O=General Authority for State Registration, CN=Mongolia CSCA": 1,
+    "C=KR, O=Government, OU=MOFA, CN=CSCA003": 2,
+    "C=KR, O=Government, OU=MOFA, CN=CSCA-KOREA": 1,
+    "C=MY, O=Jabatan Imigresen Malaysia, ST=WP, L=Putrajaya, OU=Bahagian Keselamatan dan Pasport, CN=Malaysia Country Signer": 4,
+    "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=53": 2,
+    "C=BS, O=gov, OU=mofa, CN=csca-bahamas": 1,
+    "CN=CSCA, OU=Passport and Consular Services, O=Ministry of Foreign Affairs, C=PY": 1,
+    "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 4": 2,
+    "CN=Italian Country Signer CA, OU=National Electronic Center of State Police, O=Ministry of Interior, C=IT": 1,
+    "CN=Italian Country Signer CA, OU=National Electronic Center of Italian National Police, O=Ministry of Interior, C=IT": 1,
+    "C=PH, O=DFA, CN=CSCA01006": 2,
+    "C=SI, O=state-institutions, OU=e-passport, CN=CSCA-Slovenia": 1,
+    "C=LU, O=INCERT public agency, CN=Grand Duchy of Luxembourg CSCA": 2,
+    "CN=Grand-Duchy of Luxembourg CSCA eTravel Documents, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, C=LU": 2,
+    "CN=CSCA01005, O=DFA, C=PH": 2,
+    "C=CN, O=Macao SAR, OU=Identification Services Bureau, CN=China Passport Country Signing Certificate (Macao)": 8,
+    "CN=Swedish Country Signing CA v2, O=Polismyndigheten, C=SE": 3,
+    "CN=CSCA01001, O=Immigration, C=TZ": 2,
+    "C=TZ, O=Immigration, CN=csca-tanzania": 3,
+    "C=EC, O=DIRECCION GENERAL DE REGISTRO CIVIL IDENTIFICACION Y CEDULACION, OU=DIGERCIC CSCA, serialNumber=1, CN=CSCA": 1,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2019, CN=CSCA Estonia": 2,
+    "C=EE, O=Estonia, OU=Police and Border Guard Board, serialNumber=01-2020, CN=CSCA_Estonia": 1,
+    "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 5": 1,
+    "CN=CSCA Tajikistan, OU=Ministry of Foreign Affairs, O=Republic of Tajikistan, C=TJ": 1,
+    "O=State of Israel, OU=PIBA, C=IL, CN=EPPCSCA, emailAddress=crypto@piba.gov.il, serialNumber=51": 1,
+    "C=KR, O=Government, OU=MOFA, CN=CSCA": 1,
+    "C=MY, ST=WP, L=Putrajaya, O=Jabatan Imigresen Malaysia, OU=Bahagian Keselamatan dan Pasport, CN=Malaysia Country Signer": 3,
+    "CN=CSCA Macedonia, OU=MOI, O=GOV, C=MK": 1,
+    "C=VC, O=gov, OU=mns, CN=csca-svg": 4,
+    "C=PH, O=DFA, CN=CSCA01007": 1,
+    "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 1,
+    "CN=CSCA MKD, OU=MOI, O=GOV, C=MK": 1,
+    "C=AM, O=GovRA, CN=CSCA": 1,
+    "C=AG, O=gov, OU=pcd, CN=csca-antigua": 2,
+    "CN=Hong Kong China Country Signing Certificate Authority, O=Hong Kong China, OU=Immigration Department, C=CN": 1,
+    "CN=Grand-Duchy of Luxembourg Country Signing CA, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, C=LU": 1,
+    "C=GH, O=Ghana Government, OU=NITA, serialNumber=2, CN=CSCA Ghana": 1,
+    "C=BZ, O=gov, OU=moi, CN=csca-belize": 1,
+    "C=BH, O=KINGDOM OF BAHRAIN, CN=csca-bahrain": 1,
+    "C=LU, O=INCERT public agency, serialNumber=2, CN=Grand Duchy of Luxembourg CSCA": 1
+  },
+  "sha1WithRSAEncryption": {
+    "C=MT, O=Government of Malta, CN=Malta Country Signing CA": 11,
+    "C=ro, O=DGP, CN=CSCA Romania": 6,
+    "C=BE, O=FEDERAL, CN=Belgium Country Signing CA 01": 2,
+    "CN=Italian Country Signer CA, OU=National Electronic Center of State Police, O=Ministry of Interior, C=IT": 3,
+    "C=IT, O=MINISTERO DELL'INTERNO, OU=PE, CN=CERTIFICATION AUTHORITY 01": 2,
+    "CN=ECN Documentos de Viagem 004, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+    "CN=ECN Documentos de Viagem 003, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 2,
+    "CN=ECN Documentos de Viagem 002, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 1,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 4": 2,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 3": 3,
+    "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 5,
+    "C=LU, O=Grand-Duchy of Luxembourg Ministry of Foreign Affairs, CN=Grand-Duchy of Luxembourg Country Signing CA": 2,
+    "C=FR, O=Gouv, CN=CSCA-FRANCE": 1,
+    "C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=CSCAPKI_BE": 2,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2": 2,
+    "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY": 2,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=PASAPORTE, CN=AC RAIZ PASAPORTE": 1,
+    "C=IT, O=MINISTERO DELL'INTERNO, OU=PE, CN=CERTIFICATION AUTHORITY": 3,
+    "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 1,
+    "C=IS, L=Reykjavik, O=Fjarmalaraduneyti, OU=Kt. 5501692829, OU=Country Signing CA, OU=Vottunarstefna https://www.thjodskra.is/repository/cps, CN=Ferdaskilriki - Island": 1,
+    "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 4,
+    "OU=SEGSTAT, CN=CERTIFICATION AUTHORITY, O=HSVATICAN, C=VA": 2,
+    "C=HU, O=GOV, OU=BMH, CN=BMHCA-HUNGARY 1": 2,
+    "C=HU, O=GOV, OU=OIF, CN=OIFCA-HUNGARY 1": 1,
+    "CN=CERTIFICATION AUTHORITY, OU=SEGSTAT, O=HSVATICAN, C=VA": 2,
+    "C=SM, O=RSM, OU=COUNTRY SIGNER CA, CN=RSM CSCA": 1,
+    "CN=CSCAPKI_MC3, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+    "CN=RSM-CSCA": 1,
+    "CN=CSCAPKI_MC4, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+    "CN=CSCAPKI_MC2, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+    "CN=CSCAPKI_MC1, OU=Foreign Office of Monaco, O=Principality of Monaco, C=MC": 1,
+    "C=HU, O=GOV, OU=BAH, CN=BAHCA-HUNGARY 2": 1,
+    "C=HU, O=GOV, OU=BAH, CN=BAHCA-HUNGARY": 1,
+    "C=MD, ST=Republic of Moldova, L=Kisinau, O=SE Center of spetial telecommunications 1003600096694, OU=Certification Authority, street=166 Stefan cel Mare bd, CN=Moldova ePassport CSCA, telephoneNumber=+373 22 250541, emailAddress=admin1-cert@biopass.gov.md": 1,
+    "CN=ePassport CSCA, OU=MRTD Department, O=REGISTRU, C=MD": 1,
+    "C=MD, ST=Moldova Republic of, L=Chisinau, O=IS Centrul de telecomunicatii speciale, OU=Centrul de certificare a cheilor publice, CN=Moldova ePassport CSCA": 1,
+    "C=TH, OU=Department of Consular Affairs, O=Ministry of Foreign Affairs, CN=Country Signing CA": 2,
+    "C=TH, OU=Country Signing CA, O=Country Signing CA, CN=Country Signing CA": 1,
+    "CN=Certificate Authority Offline-1, OU=eDocuments and eID, O=Republic of Kazakhstan, C=KZ": 3,
+    "C=GE, L=Tbilisi, O=Ministry of Justice of Georgia, OU=Civil Registry Agency, CN=GEO CSCA": 1,
+    "CN=CSCA-Islamic Republic of IRAN, OU=Police CA Center, O=Ministry of Interior, C=IR": 1,
+    "C=LU, O=Ministry of Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA , serialNumber=100": 2,
+    "CN=CSCA01003, O=DFA, C=PH": 1,
+    "CN=CSCA01002, O=DFA, C=PH": 1
+  },
+  "sha384WithRSAEncryption": {
+    "C=LI, O=LIECHTENSTEIN, OU=Auslaender- und Passamt, CN=CSCA-LIECHTENSTEIN": 1
+  },
+  "ecdsa-with-SHA1": {
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=004": 2,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=005": 1,
+    "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=004": 1,
+    "C=RU, ST=Russia, L=Moscow, O=FSUE STC Atlas, OU=UZIS, CN=CSCA-Russia, emailAddress=camail@stcnet.ru": 3,
+    "C=BA, O=mcp, OU=iddeea, serialNumber=001, CN=csca-iddeea-ba": 2,
+    "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-1": 1,
+    "C=DE, O=bund, OU=bsi, serialNumber=001, CN=csca-germany": 2,
+    "C=LT, O=ADIC under MOI, CN=CSCA, serialNumber=001": 2,
+    "C=LT, O=ADIC under MOI, CN=CSCA, serialNumber=006": 1,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=002": 2,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=003": 2,
+    "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=002": 3,
+    "C=RU, ST=Russian Federation, L=Moscow, O=STC Atlas, OU=SZD, CN=CSCA-Russia, emailAddress=camail@stcnet.ru": 1,
+    "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=005": 1,
+    "C=RU, L=Moscow, O=STC Atlas, OU=SZD, CN=Ilya Leoshkevich, emailAddress=szd@stcnet.ru": 1,
+    "CN=Country Signing CA Lithuania, C=LTU, serialNumber=001": 1,
+    "C=LV, O=National Security Authority, CN=CSCA Latvia, serialNumber=001": 2,
+    "C=LT, O=ADIC under MoI, CN=CSCA, serialNumber=003": 1
+  },
+  "sha512WithRSAEncryption": {
+    "C=IS, L=REYKJAVIK, O=Thjodskra Islands, OU=Kt. 6503760649, OU=Country Signing CA, OU=Vottunarstefna http://www.vegabref.is/skilriki, CN=Ferdaskilriki - Island - G2": 1,
+    "O=LIECHTENSTEIN, CN=CSCA-LIECHTENSTEIN, OU=Auslaender- und Passamt, C=LI": 3,
+    "C=IS, O=Thjodskra Islands, OU=Country Signing CA, SN=6503760649, CN=Ferdaskilriki - Island - G3": 1,
+    "CN=CSCA, C=KP": 1,
+    "CN=ECN Documentos de Viagem 007, OU=ICAO MRTD PKI - CSCA, O=Republica Portuguesa - Portuguese Republic, C=PT": 1,
+    "C=MX, O=SECRETARIA DE RELACIONES EXTERIORES, CN=CSCA MEXICO": 1,
+    "CN=Cameroon Passport CSCA, serialNumber=001, OU=DGSN, O=Republic of Cameroon, C=CM": 1,
+    "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 1
+  }
+}

registry/outputs/dsc_bits_country.json

@@ -0,0 +1,320 @@
+{
+    "sha256WithRSAEncryption 2048 bit 65537": {
+        "C=gb, O=UKKPA, CN=Country Signing Authority": 1979,
+        "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 6961,
+        "C=US, O=U.S. Government, OU=Department of State, OU=MRTD, OU=Certification Authorities, OU=U.S. Department of State MRTD CA": 1458,
+        "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA": 18,
+        "C=FR, O=Gouv, CN=CSCA-FRANCE": 2016,
+        "C=AU, O=GOV, OU=DFAT, OU=APO, CN=Passport Country Signing Authority": 446,
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 475,
+        "OU=SMST, O=GOV, C=TM, CN=CSCA-Turkmenistan": 205,
+        "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 281,
+        "CN=CSCA-UZBEKISTAN, OU=GCP, O=GOV, C=UZ": 10,
+        "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 78,
+        "C=NZ, O=Government of New Zealand, OU=Passports, OU=Identity Services Passport CA": 182,
+        "C=TM, OU=SMST, O=GOV, CN=CSCA-Turkmenistan": 151,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=3, CN=CSCA SPAIN": 55,
+        "C=MD, O=Public Service Agency, OU=MRTD Department, CN=ePassport CSCA 07": 19,
+        "C=UN, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 37,
+        "serialNumber=5, CN=Panama ID CSCA, OU=Autoridad de Pasaportes de Panam\u00e1, O=Rep\u00fablica de Panam\u00e1, C=PA": 43,
+        "C=RO, O=DGP, CN=CSCA Romania": 8,
+        "C=IS, L=REYKJAVIK, O=Thjodskra Islands, OU=Kt. 6503760649, OU=Country Signing CA, OU=Vottunarstefna http://www.vegabref.is/skilriki, CN=Ferdaskilriki - Island - G2": 36,
+        "C=IE, O=Department of Foreign Affairs, OU=Passport Office, CN=CSCA Ireland": 85,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=4, CN=CSCA SPAIN": 13,
+        "C=AR, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 10,
+        "C=MD, O=State Enterprise REGISTRU, OU=MRTD Department, CN=ePassport CSCA": 30,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2017": 10,
+        "C=MA, O=Gov, CN=CSCA-MAROC": 3,
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 36,
+        "C=ar, O=gob, OU=mininterior, OU=renaper, CN=capasaporte": 6,
+        "C=ID, O=Direktorat Jenderal Imigrasi, OU=Direktorat Sistem dan Teknologi Informasi Keimigrasian, CN=CSCAProd": 14,
+        "C=CO, O=Colombia, OU=Certification Authorities, CN=Government of Colombia CSCA": 2,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA": 6,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 15,
+        "C=SK, O=NSA of the Slovak Republic, OU=Department of CAs Operation, CN=CSCA Slovakia, serialNumber=3": 42,
+        "C=NG, ST=FCT, L=Abuja, O=MSC Trustgate.com, OU=Federal Government of Nigeria, CN=Nigeria Country Signer 0705, emailAddress=ffatusin@imagetech.com.ng": 1,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA": 19,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Passport CA2": 19,
+        "C=SG, O=Ministry of Home Affairs, OU=Singapore Trial Passport CA": 1,
+        "C=QA, O=Gov, CN=CSCA-QATAR": 3,
+        "C=NO, O=The Ministry of Justice, OU=PDMT, CN=CSCA_NO": 1,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2020": 2
+    },
+    "rsassaPss 2048 bit 65537": {
+        "C=CA, O=gc, OU=pptc, CN=csca-canada": 594,
+        "C=CZ, O=Czech Republic, OU=Ministry of Interior, CN=CSCA_CZ": 152,
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 51,
+        "CN=Swedish Country Signing CA v2, O=Polismyndigheten, C=SE": 128,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 4": 14,
+        "C=LU, O=Grand-Duchy of Luxembourg Ministry Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA ePassport": 51,
+        "C=MY, O=Jabatan Imigresen Malaysia, ST=WP, L=Putrajaya, OU=Bahagian Keselamatan dan Pasport, CN=Malaysia Country Signer": 189,
+        "C=SG, O=Ministry of Home Affairs, OU=ICA, CN=Singapore Passport CA 5": 10,
+        "C=CN, O=Macao SAR, OU=Identification Services Bureau, CN=China Passport Country Signing Certificate (Macao)": 57,
+        "C=ca, O=gc, OU=pptc, CN=csca-canada": 28,
+        "C=TZ, O=Immigration, CN=csca-tanzania": 57,
+        "CN=Swedish Country Signing CA, O=Rikspolisstyrelsen, C=SE": 59,
+        "CN=CSCA01001, O=Immigration, C=TZ": 32,
+        "CN=Italian Country Signer CA, OU=National Electronic Center of Italian National Police, O=Ministry of Interior, C=IT": 36,
+        "C=LU, O=INCERT public agency, CN=Grand Duchy of Luxembourg CSCA": 52,
+        "CN=EU Laissez Passer CSCA, O=European Union, OU=European Commission, C=EU": 11,
+        "C=LU, O=INCERT public agency, serialNumber=2, CN=Grand Duchy of Luxembourg CSCA": 6,
+        "C=BH, O=KINGDOM OF BAHRAIN, CN=csca-bahrain": 5,
+        "C=MN, O=General Authority for State Registration, CN=Mongolia CSCA": 5
+    },
+    "sha1WithRSAEncryption 2048 bit 65537": {
+        "C=CN, O=Chinese Government, OU=Ministry of Foreign Affairs, OU=China Passport CA, CN=China Passport Country Signing Certificate": 90,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 4": 13,
+        "C=FR, O=Gouv, CN=CSCA-FRANCE": 32,
+        "C=AU, O=GOV, OU=DFAT, OU=PTB, CN=Passport Country Signing Authority": 68,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, serialNumber=2, CN=CSCA SPAIN": 51,
+        "C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=PASAPORTE, CN=AC RAIZ PASAPORTE": 33,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 2": 18,
+        "C=LU, O=Ministry of Foreign Affairs, CN=Grand-Duchy of Luxembourg CSCA , serialNumber=100": 2,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY": 19,
+        "C=IT, O=MINISTERO DELL'INTERNO, OU=PE, CN=CERTIFICATION AUTHORITY 01": 21,
+        "C=HU, O=GOV, OU=CRO, CN=CSCA-HUNGARY 3": 18
+    },
+    "ecdsa-with-SHA384 256 bit unidentified": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 48,
+        "C=CH, O=Admin, OU=Services, OU=Certification Authorities, CN=csca-switzerland-2": 195,
+        "C=DE, O=bund, OU=bsi, serialNumber=103, CN=csca-germany": 11,
+        "C=DE, O=bund, OU=bsi, serialNumber=100, CN=csca-germany": 11,
+        "C=DE, O=bund, OU=bsi, serialNumber=101, CN=csca-germany": 9
+    },
+    "ecdsa-with-SHA256 256 bit secp256r1": {
+        "C=GB, O=UKKPA, CN=Country Signing Authority": 1572,
+        "C=NZ, O=Government of New Zealand, OU=Identity and Passport Services, CN=Passport CSCA": 52,
+        "CN=CSCA HUNGARY, OU=Ministry of Interior, O=GOV, C=HU": 19,
+        "C=BJ, O=GOUV, OU=ANIP, OU=Certification Authorities, CN=CSCA-Benin": 1,
+        "C=RW, O=Republic of Rwanda, OU=ePassport, OU=Certification Authorities, CN=Republic of Rwanda CSCA": 5
+    },
+    "rsassaPss 3072 bit 65537": {
+        "CN=Swedish Country Signing CA v2, O=Polismyndigheten, C=SE": 109,
+        "C=CA, O=gc, OU=pptc, CN=csca-canada": 133,
+        "C=BZ, O=gov, OU=moi, CN=csca-belize": 14
+    },
+    "rsassaPss 2048 bit 3": {
+        "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 20,
+        "C=KR, O=Government, OU=MOFAT, CN=CSCA": 78,
+        "C=KR, O=Government, OU=MOFA, CN=CSCA": 72,
+        "C=CN, O=Macao SAR, OU=Identification Services Bureau, CN=China Passport Country Signing Certificate (Macao)": 27,
+        "C=KR, O=Government, OU=MOFA, CN=CSCA-KOREA": 44,
+        "CN=China Passport Country Signing Certificate (Macao), O=Macao SAR, OU=Identification Services Bureau, C=CN": 19,
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 76,
+        "CN=Hong Kong China Country Signing Certificate Authority, O=Hong Kong China, OU=Immigration Department, C=CN": 20
+    },
+    "sha256WithRSAEncryption 4096 bit 65537": {
+        "CN=CSCA, OU=Electronic Passports, O=Ministry of Interior, C=BG": 90,
+        "C=IS, O=Thjodskra Islands, OU=Country Signing CA, SN=6503760649, CN=Ferdaskilriki - Island - G3": 38,
+        "C=UA, serialNumber=UA-16286441-0001, O=Polygraph combine UKRAINA for securities production, OU=SCPD PCU, CN=CSCA-UKRAINE": 43,
+        "C=UA, L=Kyiv, street=38-44, Dehtiarivska str., postalCode=04119, O=SE \"Polygraph combine \"UKRAINA\" for securities` production\", CN=Polygraph combine \"UKRAINA\", serialNumber=UA-16286441-0001": 1
+    },
+    "sha512WithRSAEncryption 2048 bit 65537": {
+        "C=MX, O=SECRETARIA DE RELACIONES EXTERIORES, CN=CSCA MEXICO": 12
+    },
+    "ecdsa-with-SHA256 224 bit probably_secp384r1": {
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 01": 41,
+        "C=DE, O=bund, OU=bsi, serialNumber=013, CN=csca-germany": 12,
+        "C=AE, O=MOI OU=EPASS, CN=UAE CSCA 01": 1
+    },
+    "ecdsa-with-SHA384 384 bit secp384r1": {
+        "C=JP, O=Japanese Government, OU=The Ministry of Foreign Affairs, CN=e-passportCSCA": 56
+    },
+    "sha256WithRSAEncryption 2048 bit 3": {
+        "C=IE, O=Department of Foreign Affairs, OU=Passport Office, CN=CSCA Ireland": 469
+    },
+    "sha256WithRSAEncryption 3072 bit 65537": {
+        "C=NP, O=Ministry of Foreign Affairs, OU=Department of Passports, CN=Nepal CSCA": 104,
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 8
+    },
+    "ecdsa-with-SHA512 512 bit brainpoolP512t1": {
+        "C=FI, O=Finland, OU=VRK, CN=CSCA Finland": 24,
+        "CN=Autoridade Certificadora Ministerio das Relacoes Exteriores, OU=Autoridade Certificadora Raiz Brasileira v4, O=ICP-Brasil, C=BR": 2
+    },
+    "sha256WithRSAEncryption 2048 bit 48081": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 62785": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 34779": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 53037": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 36515": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 61181": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "ecdsa-with-SHA256 256 bit unidentified": {
+        "C=TH, O=Ministry Of Foreign Affairs, OU=Department of Consular Affairs, CN=Thailand CSCA": 15,
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 01": 45,
+        "C=CN, O=Hong Kong China, OU=Immigration Department, CN=Hong Kong China Country Signing Certificate Authority": 23,
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 02": 5
+    },
+    "sha256WithRSAEncryption 1024 bit 65537": {
+        "C=ZZ, O=United Nations, OU=Certification Authorities, CN=United Nations CSCA": 43
+    },
+    "sha256WithRSAEncryption 2048 bit 61735": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 59793": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 64113": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 36291": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 60353": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 58127": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 61957": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 44459": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "ecdsa-with-SHA512 256 bit unidentified": {
+        "C=CH, O=FDJP, OU=fedpol, OU=eDoc-PKI, CN=CSCA-CHE": 5
+    },
+    "sha256WithRSAEncryption 3072 bit 65123": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 62765": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "ecdsa-with-SHA256 2048 bit probably_secp384r1": {
+        "C=BJ, O=GOUV, OU=ANIP, OU=Certification Authorities, CN=CSCA-Benin": 2
+    },
+    "sha256WithRSAEncryption 2048 bit 64721": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 47415": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 44591": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 42743": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "ecdsa-with-SHA512 384 bit secp384r1": {
+        "C=IQ, CN=Iraqi Ministry of Interior CSCA, OU=General Directorate of Civil Status, Passports, and Residency, O=Iraqi Ministry of Interior": 5
+    },
+    "sha256WithRSAEncryption 3072 bit 45347": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 55443": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "ecdsa-with-SHA1 224 bit probably_secp384r1": {
+        "C=DE, O=bund, OU=bsi, serialNumber=001, CN=csca-germany": 19
+    },
+    "sha256WithRSAEncryption 3072 bit 42239": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 62391": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 34389": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 54007": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 49861": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha512WithRSAEncryption 4096 bit 65537": {
+        "CN=Cameroon Passport CSCA, serialNumber=001, OU=DGSN, O=Republic of Cameroon, C=CM": 1
+    },
+    "ecdsa-with-SHA256 384 bit secp384r1": {
+        "C=AE, O=MOI, OU=EPASS, CN=UAE CSCA 02": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 64999": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 49371": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 63701": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "ecdsa-with-SHA384 384 bit brainpoolP512r1": {
+        "C=VN, O=Vietnam Government Information Security Commission, CN=CSCA ePassport Vietnam": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 35033": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 33579": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 53873": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 33225": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 58333": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 256 bit NOT RSA": {
+        "C=UA, serialNumber=UA-16286441-0001, O=Polygraph combine UKRAINA for securities production, OU=SCPD PCU, CN=CSCA-UKRAINE": 2
+    },
+    "sha256WithRSAEncryption 3072 bit 41817": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 44681": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 35221": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 52355": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 59575": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 51925": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 37121": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 65427": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 65223": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 49729": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 53741": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 45279": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 33769": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 63289": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    },
+    "sha256WithRSAEncryption 2048 bit 38105": {
+        "C=AT, O=GV, OU=BMI, CN=CSCA-AUSTRIA": 1
+    },
+    "sha256WithRSAEncryption 3072 bit 37399": {
+        "C=IR, O=Ministry of Interior, OU=Police CA Center, serialNumber=02, CN=CSCA-Islamic Republic of IRAN": 1
+    }
+}

registry/src/csca/extract_certificates.ts

@@ -1,27 +0,0 @@
-import * as fs from 'fs';
-import * as path from 'path';
-
-// extract certificates from ldif file
-const fileContent = fs.readFileSync("inputs/icao_download_section/icaopkd-002-complete-000243.ldif", "utf-8");
-const regex = /pkdMasterListContent::\s*([\s\S]*?)(?=\w+:|\n\n|$)/g;
-let match: RegExpExecArray | null;
-
-const certificates: string[] = [];
-
-while ((match = regex.exec(fileContent)) !== null) {
-  const certificate = match[1].replace(/\s+/g, "");
-  certificates.push(certificate);
-}
-
-if (!fs.existsSync("outputs/csca_certificates/")) {
-  fs.mkdirSync("outputs/csca_certificates/");
-}
-
-for (let i = 0; i < certificates.length; i++) {
-  fs.writeFileSync(
-    path.join("outputs/csca_certificates/", `certificate_${i}.pem`),
-    `-----BEGIN CERTIFICATE-----\n${certificates[i]}\n-----END CERTIFICATE-----\n`
-  );
-}
-
-console.log(`Extracted ${certificates.length} certificates.`);

registry/src/csca/extract_masterlists.ts

@@ -0,0 +1,109 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import { execSync } from 'child_process';
+
+// extract masterlists from ICAO ldif file
+const fileContent = fs.readFileSync("inputs/icao_download_section/icaopkd-002-complete-000243.ldif", "utf-8");
+const regex = /pkdMasterListContent::\s*([\s\S]*?)(?=\w+:|\n\n|$)/g;
+let match: RegExpExecArray | null;
+
+const masterlists: string[] = [];
+
+while ((match = regex.exec(fileContent)) !== null) {
+  const masterlist = match[1].replace(/\s+/g, "");
+  masterlists.push(masterlist);
+}
+
+if (!fs.existsSync("outputs/masterlists/")) {
+  fs.mkdirSync("outputs/masterlists/");
+}
+
+for (let i = 0; i < masterlists.length; i++) {
+  fs.writeFileSync(
+    path.join("outputs/masterlists/", `masterlist_${i}.pem`),
+    `-----BEGIN CERTIFICATE-----\n${masterlists[i]}\n-----END CERTIFICATE-----\n`
+  );
+}
+
+console.log(`Extracted ${masterlists.length} masterlists.`);
+
+for (let i = 0; i < masterlists.length; i++) {
+  execSync(`openssl asn1parse -in outputs/masterlists/masterlist_${i}.pem -inform PEM -i > outputs/masterlists/masterlist_${i}_structure.txt`);
+}
+
+console.log(`Extracted ${masterlists.length} masterlist structures.`);
+
+for (let i = 0; i < masterlists.length; i++) {
+  const asn1Output = fs.readFileSync(`outputs/masterlists/masterlist_${i}_structure.txt`, 'utf8');
+
+  // Extract the first hex dump using a regex
+  const hexDumpMatch = asn1Output.match(/\[HEX DUMP\]:([A-Fa-f0-9]+)/);
+  if (!hexDumpMatch) {
+    console.error('No hex dump found');
+    process.exit(1);
+  }
+  const hexDump = hexDumpMatch[1];
+
+  // Convert hex dump to binary
+  const binaryDump = Buffer.from(hexDump, 'hex');
+  fs.writeFileSync(`outputs/masterlists/masterlist_${i}_binary_dump.bin`, binaryDump);
+
+  // Parse binary data using OpenSSL and extract individual certificates
+  const asn1ParseOutput = execSync(`openssl asn1parse -inform DER -in outputs/masterlists/masterlist_${i}_binary_dump.bin`, { maxBuffer: 10485770 }).toString();
+  fs.writeFileSync(`outputs/masterlists/masterlist_${i}_asn1_parse_output.txt`, asn1ParseOutput);
+
+  const certificateMatches = asn1ParseOutput.matchAll(/(\d+):d=2\s+hl=4\s+l=\s*(\d+)\s+cons:\s+SEQUENCE/g);
+  
+  if (!fs.existsSync(`outputs/cscas/`)) {
+    fs.mkdirSync(`outputs/cscas/`);
+  }
+
+  if (!fs.existsSync(`outputs/cscas/masterlist_${i}`)) {
+    fs.mkdirSync(`outputs/cscas/masterlist_${i}`);
+  }
+
+  let count = 0;
+  for (const match of certificateMatches) {
+    const startOffset = parseInt(match[1]);
+    const certificateOutput = execSync(`openssl asn1parse -inform DER -in outputs/masterlists/masterlist_${i}_binary_dump.bin -strparse ${startOffset} -out outputs/cscas/masterlist_${i}/cert_${count}.pem`).toString();
+    console.log(`Extracted certificate ${count} to cert_${count}.pem`);
+    count++;
+  }
+}
+
+console.log('Deduplicating certificates...');
+
+// Deduplicate certificates
+const uniqueCertificates = new Set<string>();
+
+const masterlistDirectories = fs.readdirSync('outputs/cscas/');
+
+masterlistDirectories.forEach((directory) => {
+  const files = fs.readdirSync(`outputs/cscas/${directory}`);
+  
+  files.forEach((file) => {
+    const filePath = path.join(`outputs/cscas/${directory}`, file);
+    const certContent = fs.readFileSync(filePath);  // Read as binary
+    
+    const certBase64 = certContent.toString('base64');  // Convert to base64 for comparison
+    
+    if (!uniqueCertificates.has(certBase64)) {
+      uniqueCertificates.add(certBase64);
+    }
+  });
+});
+
+// Write unique certificates to new files
+const uniqueCertsDir = 'outputs/unique_cscas/';
+if (!fs.existsSync(uniqueCertsDir)) {
+  fs.mkdirSync(uniqueCertsDir);
+}
+
+let uniqueCertCount = 0;
+uniqueCertificates.forEach((certBase64) => {
+  const certBuffer = Buffer.from(certBase64, 'base64');  // Convert back to binary
+  fs.writeFileSync(path.join(uniqueCertsDir, `unique_cert_${uniqueCertCount}.pem`), certBuffer);
+  uniqueCertCount++;
+});
+
+console.log(`Deduplicated and saved ${uniqueCertCount} unique certificates.`);

registry/src/csca/extract_pubkeys.ts

@@ -1,154 +0,0 @@
-import * as fs from 'fs';
-import * as util from 'util';
-import { exec } from 'child_process';
-const execAsync = util.promisify(exec);
-
-// Count the number of files in certificates/
-const numCertificates = fs.readdirSync('outputs/csca_certificates/').length;
-const concurrencyLimit = 1; // Number of tasks to run at once
-
-const publicKeysParsed: {
-  signatureAlgorithm: string,
-  modulus?: string,
-  exponent?: string,
-  publicKeyAlgorithm?: string
-  publicKeyBit?: string
-  pub?: string
-  fieldType?: string
-  prime?: string
-  a?: string
-  b?: string
-  generator?: string
-  order?: string
-  cofactor?: string
-}[] = [];
-
-async function main() {
-  for (let i = 0; i < numCertificates; i += concurrencyLimit) {
-    const tasks: any = [];
-    for (let j = 0; j < concurrencyLimit && i + j < numCertificates; j++) {
-      tasks.push(extractModulus(i + j));
-    }
-    await Promise.all(tasks);
-  }
-
-  // console.log('publicKeysParsed 0', publicKeysParsed[0]);
-  // const filteredPublicKeysParsed = publicKeysParsed.filter(item => item !== null);
-  // fs.writeFileSync('public_keys_parsed.json', JSON.stringify(filteredPublicKeysParsed, null, 2));
-  // console.log("public_keys_parsed.json written!")
-}
-
-async function extractModulus(i: number): Promise<void> {
-  try {
-    const certTextres = await execAsync(`openssl x509 -text -in outputs/certificates/certificate_${i}.pem`);
-    const certText = certTextres.stdout as string;
-    // const signatureAlgorithm = (certText.match(/Signature Algorithm: (.*)/) as RegExpExecArray)[1].trim();
-
-    console.log('certText', certText)
-    
-    // const issuerRegex = /Issuer: ([^\n]+)/;
-    // const issuer = extractData(issuerRegex, certText);
-
-    // // console.log('issuer', issuer)
-
-    // const pubkey = parsePubkey(certText, signatureAlgorithm);
-
-    // if (!pubkey) {
-    //   console.error(`Failed to extract data from certificate ${i}`);
-    //   return;
-    // }
-
-    // publicKeysParsed[i] = {
-    //   signatureAlgorithm,
-    //   issuer,
-    //   ...pubkey,
-    // }
-  } catch (error) {
-    console.error(`Failed to extract data from certificate ${i}: ${error}`);
-  }
-}
-
-function parsePubkey(certText: string, signatureAlgorithm: string): any {
-  if (
-    signatureAlgorithm.includes("sha256WithRSAEncryption")
-    || signatureAlgorithm.includes("rsassaPss")
-    || signatureAlgorithm.includes("sha1WithRSAEncryption")
-    || signatureAlgorithm.includes("sha512WithRSAEncryption")
-    ) {
-    const modulusRegex = /Modulus:\s+([0-9a-f:\s]+?)\s+Exponent:/;
-    const exponentRegex = /Exponent:\s+(\d+)/;
-    
-    const modulusMatch = certText.match(modulusRegex);
-    const exponentMatch = certText.match(exponentRegex);
-    
-    const modulusHex = modulusMatch ? modulusMatch[1].replace(/[\s:]/g, '') : '';
-    const exponent = exponentMatch ? exponentMatch[1] : '';
-    
-    if (!modulusHex) {
-      console.error(`Modulus not found`);
-      return null;
-    }
-    return {
-      modulus: BigInt('0x' + modulusHex).toString(),
-      exponent: exponent
-    };
-  } else if (
-    signatureAlgorithm.includes("ecdsa-with-SHA1")
-    || signatureAlgorithm.includes("ecdsa-with-SHA384")
-    || signatureAlgorithm.includes("ecdsa-with-SHA256")
-    || signatureAlgorithm.includes("ecdsa-with-SHA512")
-    ) {
-
-    const publicKeyAlgorithmRegex = /Public Key Algorithm: ([^\n]+)/;
-    const publicKeyBitRegex = /Public-Key: \((\d+) bit\)/;
-    const pubRegex = /pub:\n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const fieldTypeRegex = /Field Type: ([^\n]+)/;
-    const primeRegex = /Prime:\n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const aRegex = /A:\s+\n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const bRegex = /B:\s+\n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const generatorRegex = /Generator \(uncompressed\):\n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const orderRegex = /Order: \n([0-9A-Fa-f:\n ]+?)\n\s{4}/;
-    const cofactorRegex = /Cofactor:\s+(\d+)/;
-
-    // Extracting fields
-    const publicKeyAlgorithm = extractData(publicKeyAlgorithmRegex, certText);
-    const publicKeyBit = extractData(publicKeyBitRegex, certText);
-    const pub = extractData(pubRegex, certText);
-    const fieldType = extractData(fieldTypeRegex, certText);
-    const prime = extractData(primeRegex, certText);
-    const a = extractData(aRegex, certText);
-    const b = extractData(bRegex, certText);
-    const generator = extractData(generatorRegex, certText);
-    const order = extractData(orderRegex, certText);
-    const cofactor = extractData(cofactorRegex, certText);
-
-    if (!prime) {
-      console.error(`Prime not found`);
-      return null;
-    }
-    
-    return {
-      publicKeyAlgorithm: publicKeyAlgorithm,
-      publicKeyBit: publicKeyBit,
-      pub: hexToDecimal(pub as string),
-      fieldType: fieldType,
-      prime: hexToDecimal(prime as string),
-      a: hexToDecimal(a as string),
-      b: hexToDecimal(b as string),
-      generator: hexToDecimal(generator as string),
-      order: hexToDecimal(order as string),
-      cofactor: cofactor,
-    };
-  };
-}
-
-function extractData(regex: RegExp, text: string): string | null {
-  const match = text.match(regex);
-  return match ? match[1].trim().replace(/\n/g, '') : null;
-}
-
-function hexToDecimal(hexString: string): string {
-  return BigInt("0x" + hexString.replace(/[\n: ]/g, '')).toString();
-}
-
-main();

registry/src/csca/extract_sig_algs.ts

@@ -0,0 +1,43 @@
+import * as fs from 'fs';
+import * as util from 'util';
+import { exec } from 'child_process';
+const execAsync = util.promisify(exec);
+
+const numCertificates = fs.readdirSync('outputs/unique_cscas/').length;
+const concurrencyLimit = 200;  // Number of tasks to run at once
+
+const obj: {[key: string]: {[key: string]: number}} = {}
+
+async function extractSigAlg(i: number): Promise<void> {
+  try {
+    const { stdout } = await execAsync(`openssl x509 -text -in outputs/unique_cscas/unique_cert_${i}.pem`);
+    const sigAlg = (stdout.match(/Signature Algorithm: (.*)/) as RegExpExecArray)[1];
+    const issuer = (stdout.match(/Issuer: (.*)/) as RegExpExecArray)[1];
+    if (obj[sigAlg]) {
+      if (obj[sigAlg][issuer]) {
+        obj[sigAlg][issuer] = obj[sigAlg][issuer] + 1
+      } else {
+        obj[sigAlg][issuer] = 1
+      }
+    } else {
+      obj[sigAlg] = {}
+      obj[sigAlg][issuer] = 1
+    }
+  } catch (error) {
+    console.error(`Failed to extract data from certif ${i}: ${error}`);
+  }
+}
+
+async function main() {
+  for (let i = 0; i < numCertificates; i += concurrencyLimit) {
+    const tasks: Promise<void>[] = [];
+    for (let j = 0; j < concurrencyLimit && i + j < numCertificates; j++) {
+      tasks.push(extractSigAlg(i + j));
+    }
+    await Promise.all(tasks);
+  }
+  console.log("Finished scanning");
+  fs.writeFileSync("outputs/csca_signature_algorithms.json", JSON.stringify(obj));
+}
+
+main()

registry/src/csca/python scripts/extractToJsonBitsCountry.py

@@ -0,0 +1,134 @@
+import os
+import json
+import re
+
+def normalize_hex(hex_string):
+    """Normalize hexadecimal string by removing all non-hexadecimal characters and formatting correctly."""
+    cleaned_hex = re.sub(r'[^a-fA-F0-9]', '', hex_string)
+    return cleaned_hex.lower()
+
+def extract_field(content, field_name):
+    pattern = re.compile(r'{}\s*:\s*([\da-fA-F:\s]+?)(?=\n\s*[A-Z])'.format(re.escape(field_name)), re.MULTILINE | re.DOTALL)
+    match = pattern.search(content)
+    if match:
+        field_value = match.group(1)
+        return normalize_hex(field_value)
+    else:
+        print(f"Debug: No match found for {field_name}.")
+    return None
+
+def extract_country(content):
+    pattern = re.compile(r'Issuer:\s*(.*)')
+    match = pattern.search(content)
+    if match:
+        issuer = match.group(1)
+        return issuer.strip()
+    return "Unknown"
+
+def ecdsa_curve(content, filename):
+    secp256r1_params = {
+        'prime': '00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff',
+        'a': '00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc',
+        'b': '5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'
+    }
+    unidentified_params = {
+        'prime': '00a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377',
+        'a': '7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9',
+        'b': '26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6'
+    }
+    ed448_goldilocks = {
+        'prime': '01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff',
+        'a': '01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc',
+        'b': '51953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'
+    }
+    brainpoolP512t1_params = {
+        'prime': '00aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3',
+        'a': '7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca',
+        'b': '3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723'
+    }
+    secp384r1_params = {
+        'prime': '00fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff',
+        'a': '00fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc',
+        'b': '00b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'
+    }
+    brainpoolP512r1_params = {
+        'prime': '008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53',
+        'a': '7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826',
+        'b': '04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11'
+    }
+
+    prime = extract_field(content, 'Prime')
+    a = extract_field(content, 'A')
+    b = extract_field(content, 'B')
+
+    if (prime == secp256r1_params['prime'] and a == secp256r1_params['a'] and b == secp256r1_params['b']):
+        return 'secp256r1'
+    elif (prime == brainpoolP512r1_params['prime'] and a == brainpoolP512r1_params['a'] and b == brainpoolP512r1_params['b']):
+        return 'brainpoolP512r1'
+    elif (prime == unidentified_params['prime'] and a == unidentified_params['a'] and b == unidentified_params['b']):
+        return 'unidentified'
+    elif (prime == secp384r1_params['prime'] and a == secp384r1_params['a'] and b == secp384r1_params['b']):
+        return 'secp384r1'
+    elif (prime == brainpoolP512t1_params['prime'] and a == brainpoolP512t1_params['a'] and b == brainpoolP512t1_params['b']):
+        return 'brainpoolP512t1'
+    elif (prime == ed448_goldilocks['prime'] and a == ed448_goldilocks['a'] and b == ed448_goldilocks['b']):
+        return 'ed448'
+    else:
+        print("Extracted - Prime:", prime, "A:", a, "B:", b)
+    # print("File processed:", filename)
+
+    return 'probably_secp384r1'
+
+def count_signature_algorithms(directory):
+    signature_counts = {}
+    for filename in os.listdir(directory):
+        if filename.endswith('.txt'):
+            with open(os.path.join(directory, filename), 'r') as file:
+                content = file.read()
+                country = extract_country(content)
+                start = content.find("Signature Algorithm:")
+                if start != -1:
+                    end = content.find('\n', start)
+                    signature_algorithm = content[start:end].split(':')[-1].strip()
+                    
+                    key_start = content.find("Public-Key: (")
+                    if key_start != -1:
+                        key_end = content.find(" bit)", key_start)
+                        key_size = content[key_start:key_end].split('(')[-1].strip()
+                        signature_algorithm += " " + key_size + " bit"
+                    
+                    if "ecdsa" in signature_algorithm.lower():
+                        curve_name = ecdsa_curve(content, filename)
+                        signature_algorithm += " " + curve_name
+                    elif "rsa" in signature_algorithm.lower():
+                        exp_start = content.find("Exponent:")
+                        if exp_start != -1:
+                            exp_end = content.find(')', exp_start)
+                            exponent = content[exp_start:exp_end].split(':')[-1].strip()
+                            signature_algorithm += " " + exponent.split()[0]
+                        else:
+                            print("NOT RSA", filename)
+                            signature_algorithm += " " + "NOT RSA"
+
+                    
+                    if signature_algorithm not in signature_counts:
+                        signature_counts[signature_algorithm] = {}
+                    
+                    if country in signature_counts[signature_algorithm]:
+                        signature_counts[signature_algorithm][country] += 1
+                    else:
+                        signature_counts[signature_algorithm][country] = 1
+
+    return signature_counts
+
+def total_signature_count(signature_counts):
+    total_count = sum(sum(country_counts.values()) for country_counts in signature_counts.values())
+    print("Total signature count:", total_count)
+
+plain_text_directory = '../../../outputs/plain_text_unique'
+signature_counts = count_signature_algorithms(plain_text_directory)
+
+with open('../../../outputs/csca_bits_country.json', 'w') as json_file:
+    json.dump(signature_counts, json_file, indent=4)
+
+total_signature_count(signature_counts)

registry/src/csca/python scripts/extractToJsonNewFormat.py

@@ -0,0 +1,81 @@
+import os
+import json
+import re
+from utils import extract_country, ecdsa_curve
+
+def count_signature_algorithms(directory):
+    signature_counts = {}
+    for filename in os.listdir(directory):
+        if filename.endswith('.txt'):
+            with open(os.path.join(directory, filename), 'r') as file:
+                content = file.read()
+                country = extract_country(content)
+                # Extract only the value of C from the country
+                country_code = re.search(r"C=([^,]+)", country)
+                if country_code:
+                    country = country_code.group(1).upper()
+
+                # Extract the signature algorithm base name
+                if "pss" in content.lower():
+                    signature_algorithm = "rsapss"
+                elif "rsa" in content.lower():
+                    signature_algorithm = "rsa"
+                elif "ecdsa" in content.lower():
+                    signature_algorithm = "ecdsa"
+                else:
+                    signature_algorithm = "unknown"
+
+                # Improved hash algorithm extraction
+                hash_algorithm_match = re.search(r"sha(\d+)", content, re.IGNORECASE)
+                hash_algorithm = "sha" + hash_algorithm_match.group(1) if hash_algorithm_match else "unknown"
+
+                # Extract the public key bit length
+                key_size_match = re.search(r"Public-Key:\s*\((\d+) bit\)", content, re.IGNORECASE)
+                bit_length = int(key_size_match.group(1)) if key_size_match else 0
+
+                # Determine curve exponent or RSA exponent based on the algorithm
+                if "ecdsa" in signature_algorithm:
+                    curve_name = ecdsa_curve(content, filename)
+                    curve_exponent = curve_name
+                elif "rsa" in signature_algorithm or "rsapss" in signature_algorithm:
+                    exp_match = re.search(r"Exponent:\s*(\d+)", content, re.IGNORECASE)
+                    curve_exponent = exp_match.group(1) if exp_match else "NOT RSA"
+                else:
+                    curve_exponent = "N/A"
+
+                entry = {
+                    "signature_algorithm": signature_algorithm,
+                    "hash_algorithm": hash_algorithm,
+                    "curve_exponent": curve_exponent,
+                    "bit_length": bit_length,
+                    "amount": 1
+                }
+
+                if country not in signature_counts:
+                    signature_counts[country] = [entry]
+                else:
+                    found = False
+                    for item in signature_counts[country]:
+                        if (item["signature_algorithm"] == entry["signature_algorithm"] and
+                            item["hash_algorithm"] == entry["hash_algorithm"] and
+                            item["curve_exponent"] == entry["curve_exponent"] and
+                            item["bit_length"] == entry["bit_length"]):
+                            item["amount"] += 1
+                            found = True
+                            break
+                    if not found:
+                        signature_counts[country].append(entry)
+
+    return signature_counts
+
+def total_signature_count(signature_counts):
+    total_count = sum(sum(item['amount'] for item in country_list) for country_list in signature_counts.values())
+    print("Total signature count:", total_count)
+
+plain_text_directory = '../../../outputs/plain_text_unique'
+signature_counts = count_signature_algorithms(plain_text_directory)
+
+with open('../../../outputs/csca_formatted.json', 'w') as json_file:
+    json.dump(signature_counts, json_file, indent=4)
+
+total_signature_count(signature_counts)

registry/src/csca/python scripts/extractUniqueCerts.py

@@ -0,0 +1,37 @@
+import hashlib
+import os
+import shutil
+
+def hash_file(filepath):
+    """Generate a SHA-256 hash for the contents of a file."""
+    hasher = hashlib.sha256()
+    with open(filepath, 'rb') as f:
+        buf = f.read()
+        hasher.update(buf)
+    return hasher.hexdigest()
+
+def find_unique_files(folder1, folder2, output_folder):
+    """Find unique files in two folders and copy them to a new folder."""
+    # Ensure output folder exists
+    os.makedirs(output_folder, exist_ok=True)
+
+    # Store hashes to identify unique files
+    seen_hashes = set()
+
+    # Check all .txt files in both folders
+    for folder in [folder1, folder2]:
+        for filename in os.listdir(folder):
+            if filename.endswith('.txt'):
+                print(filename)
+                filepath = os.path.join(folder, filename)
+                file_hash = hash_file(filepath)
+                # If hash is unique, copy file to output folder with hash as the filename
+                if file_hash not in seen_hashes:
+                    shutil.copy(filepath, os.path.join(output_folder, file_hash[:16] + '.txt'))
+                    seen_hashes.add(file_hash)
+
+# Usage
+folder1 = 'plain_text'
+folder2 = 'plain_text_master'
+output_folder = 'plain_text_unique'
+find_unique_files(folder1, folder2, output_folder)

registry/src/csca/python scripts/pemToPlainText.py

@@ -0,0 +1,12 @@
+import os
+import subprocess
+
+pem_directory = 'path/to/pem/directory'
+output_directory = 'path/to/plain/text/directory'
+os.makedirs(output_directory, exist_ok=True)
+
+for pem_file in os.listdir(pem_directory):
+    if pem_file.endswith('.pem'):
+        input_path = os.path.join(pem_directory, pem_file)
+        output_path = os.path.join(output_directory, pem_file.replace('.pem', '.txt'))
+        subprocess.run(['openssl', 'x509', '-in', input_path, '-text', '-noout'], stdout=open(output_path, 'w'))

registry/src/csca/python scripts/utils.py

@@ -0,0 +1,82 @@
+import os
+import json
+import re
+
+
+def normalize_hex(hex_string):
+    """Normalize hexadecimal string by removing all non-hexadecimal characters and formatting correctly."""
+    cleaned_hex = re.sub(r'[^a-fA-F0-9]', '', hex_string)
+    return cleaned_hex.lower()
+
+def extract_field(content, field_name):
+    pattern = re.compile(r'{}\s*:\s*([\da-fA-F:\s]+?)(?=\n\s*[A-Z])'.format(re.escape(field_name)), re.MULTILINE | re.DOTALL)
+    match = pattern.search(content)
+    if match:
+        field_value = match.group(1)
+        return normalize_hex(field_value)
+    else:
+        print(f"Debug: No match found for {field_name}.")
+    return None
+
+
+def extract_country(content):
+    pattern = re.compile(r'Issuer:\s*(.*)')
+    match = pattern.search(content)
+    if match:
+        issuer = match.group(1)
+        return issuer.strip()
+    return "Unknown"
+
+def ecdsa_curve(content, filename):
+    secp256r1_params = {
+        'prime': '00ffffffff00000001000000000000000000000000ffffffffffffffffffffffff',
+        'a': '00ffffffff00000001000000000000000000000000fffffffffffffffffffffffc',
+        'b': '5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b'
+    }
+    unidentified_params = {
+        'prime': '00a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377',
+        'a': '7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9',
+        'b': '26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6'
+    }
+    ed448_goldilocks = {
+        'prime': '01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff',
+        'a': '01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc',
+        'b': '51953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'
+    }
+    brainpoolP512t1_params = {
+        'prime': '00aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3',
+        'a': '7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca',
+        'b': '3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723'
+    }
+    secp384r1_params = {
+        'prime': '00fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff',
+        'a': '00fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc',
+        'b': '00b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef'
+    }
+    brainpoolP512r1_params = {
+        'prime': '008cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53',
+        'a': '7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826',
+        'b': '04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11'
+    }
+
+    prime = extract_field(content, 'Prime')
+    a = extract_field(content, 'A')
+    b = extract_field(content, 'B')
+
+    if (prime == secp256r1_params['prime'] and a == secp256r1_params['a'] and b == secp256r1_params['b']):
+        return 'secp256r1'
+    elif (prime == brainpoolP512r1_params['prime'] and a == brainpoolP512r1_params['a'] and b == brainpoolP512r1_params['b']):
+        return 'brainpoolP512r1'
+    elif (prime == unidentified_params['prime'] and a == unidentified_params['a'] and b == unidentified_params['b']):
+        return 'unidentified'
+    elif (prime == secp384r1_params['prime'] and a == secp384r1_params['a'] and b == secp384r1_params['b']):
+        return 'secp384r1'
+    elif (prime == brainpoolP512t1_params['prime'] and a == brainpoolP512t1_params['a'] and b == brainpoolP512t1_params['b']):
+        return 'brainpoolP512t1'
+    elif (prime == ed448_goldilocks['prime'] and a == ed448_goldilocks['a'] and b == ed448_goldilocks['b']):
+        return 'ed448'
+    else:
+        print("Extracted - Prime:", prime, "A:", a, "B:", b)
+    # print("File processed:", filename)
+
+    return 'probably_secp384r1'

registry/src/dsc/extract_pubkeys.ts

@@ -27,7 +27,7 @@ async function main() {
   for (let i = 0; i < numCertificates; i += concurrencyLimit) {
     const tasks: any = [];
     for (let j = 0; j < concurrencyLimit && i + j < numCertificates; j++) {
-      tasks.push(extractModulus(i + j));
+      tasks.push(extractPubkey(i + j));
     }
     await Promise.all(tasks);
   }
@@ -39,7 +39,7 @@ async function main() {
   console.log("public_keys_parsed.json written!")
 }
 
-async function extractModulus(i: number): Promise<void> {
+async function extractPubkey(i: number): Promise<void> {
   try {
     const certTextres = await execAsync(`openssl x509 -text -in outputs/certificates/certificate_${i}.pem`);
     const certText = certTextres.stdout as string;
@@ -89,6 +89,11 @@ function parsePubkey(certText: string, signatureAlgorithm: string): any {
       console.error(`Modulus not found`);
       return null;
     }
+
+    if (Number(exponent) !== 65537) {
+      console.error(`signatureAlgorithm`, signatureAlgorithm, `exponent`, exponent);
+      return null;
+    }
     return {
       modulus: BigInt('0x' + modulusHex).toString(),
       exponent: exponent
@@ -174,5 +179,5 @@ main();
 // Errors:
 // Certificate 11445: Ukraine put sha256WithRSAEncryption instead of ecdsa something
 // Certificate 11680: Ukraine put sha256WithRSAEncryption instead of ecdsa something
-// Certificate 17767: Benin put ecdsa-with-SHA256 instead of ecdsa something
-// Certificate 17765: Benin put ecdsa-with-SHA256 instead of ecdsa something
+// Certificate 17767: Benin put ecdsa-with-SHA256 instead of rsa something
+// Certificate 17765: Benin put ecdsa-with-SHA256 instead of rsa something