1-- PKCS #5 v2.0 ASN.1 Module 2-- Revised March 25, 1999 3 4-- This module has been checked for conformance with the 5-- ASN.1 standard by the OSS ASN.1 Tools 6 7PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549) 8 pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)} 9 10DEFINITIONS ::= BEGIN 11 12-- Basic object identifiers 13 14rsadsi OBJECT IDENTIFIER ::= 15 {iso(1) member-body(2) us(840) 113549} 16pkcs OBJECT IDENTIFIER ::= {rsadsi 1} 17pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5} 18 19-- Basic types and classes 20 21AlgorithmIdentifier { TYPE-IDENTIFIER:InfoObjectSet } ::= 22SEQUENCE { 23 algorithm TYPE-IDENTIFIER.&id({InfoObjectSet}), 24 parameters TYPE-IDENTIFIER.&Type({InfoObjectSet} 25 {@algorithm}) OPTIONAL } 26 27--ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER 28 29-- PBKDF2 30 31-- PBKDF2Algorithms ALGORITHM-IDENTIFIER ::= 32-- { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...} 33 34id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} 35 36-- algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::= 37-- {algorithm id-hmacWithSHA1, parameters NULL : NULL} 38 39PBKDF2-params ::= SEQUENCE { 40 salt CHOICE { 41 specified OCTET STRING, 42 otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}} 43 }, 44 iterationCount INTEGER (1..MAX), 45 keyLength INTEGER (1..MAX) OPTIONAL, 46 prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT 47{algorithm id-hmacWithSHA1, parameters NULL : NULL}} 48-- algid-hmacWithSHA1 } 49 50PBKDF2-SaltSources TYPE-IDENTIFIER ::= { ... } 51 52PBKDF2-PRFs TYPE-IDENTIFIER ::= 53 { {NULL IDENTIFIED BY id-hmacWithSHA1}, ... } 54 55 -- PBES1 56 57PBES1Algorithms TYPE-IDENTIFIER ::= 58 { {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} | 59 {PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} | 60 {PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} | 61 {PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} | 62 {PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} | 63 {PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC}, ...} 64 65pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} 66pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} 67pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} 68pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} 69pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} 70pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} 71 72PBEParameter ::= SEQUENCE { 73 salt OCTET STRING (SIZE(8)), 74 iterationCount INTEGER } 75 76-- PBES2 77 78PBES2Algorithms TYPE-IDENTIFIER ::= 79 { {PBES2-params IDENTIFIED BY id-PBES2}, ...} 80 81id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} 82 83PBES2-params ::= SEQUENCE { 84 keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, 85 encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} } 86 87PBES2-KDFs TYPE-IDENTIFIER ::= 88 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... } 89 90PBES2-Encs TYPE-IDENTIFIER ::= { ... } 91 92-- PBMAC1 93 94PBMAC1Algorithms TYPE-IDENTIFIER ::= 95 { {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...} 96 97id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} 98 99PBMAC1-params ::= SEQUENCE { 100 keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}}, 101 messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}} } 102 103PBMAC1-KDFs TYPE-IDENTIFIER ::= 104 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... } 105 106PBMAC1-MACs TYPE-IDENTIFIER ::= { ... } 107 108-- Supporting techniques 109 110digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2} 111encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3} 112 113SupportingAlgorithms TYPE-IDENTIFIER ::= 114 { {NULL IDENTIFIED BY id-hmacWithSHA1} | 115 {OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} | 116 {OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} | 117 {RC2-CBC-Parameter IDENTIFIED BY rc2CBC} | 118 {RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD}, ... } 119 120id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7} 121 122desCBC OBJECT IDENTIFIER ::= 123 {iso(1) identified-organization(3) oiw(14) secsig(3) 124 algorithms(2) 7} -- from OIW 125 126des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7} 127 128rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2} 129 130RC2-CBC-Parameter ::= SEQUENCE { 131 rc2ParameterVersion INTEGER OPTIONAL, 132 iv OCTET STRING (SIZE(8)) } 133 134rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9} 135 136RC5-CBC-Parameters ::= SEQUENCE { 137 version INTEGER {v1-0(16)}, -- (v1-0), 138 rounds INTEGER (8..127), 139 blockSizeInBits INTEGER (64 | 128), 140 iv OCTET STRING OPTIONAL } 141 142END 143