[apple/security.git] / OSX / libsecurity_asn1 / asn1 / pkcs5.asn1

-- PKCS #5 v2.0 ASN.1 Module
-- Revised March 25, 1999

-- This module has been checked for conformance with the
-- ASN.1 standard by the OSS ASN.1 Tools

PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549)
  pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)}

DEFINITIONS ::= BEGIN

-- Basic object identifiers

rsadsi OBJECT IDENTIFIER ::= 
  {iso(1) member-body(2) us(840) 113549}
pkcs OBJECT IDENTIFIER ::= {rsadsi 1}
pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}

-- Basic types and classes

AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::= 
SEQUENCE {
  algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
  parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
    {@algorithm}) OPTIONAL }

ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER

-- PBKDF2

PBKDF2Algorithms ALGORITHM-IDENTIFIER ::= 
  { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}

id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}

algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
  {algorithm id-hmacWithSHA1, parameters NULL : NULL}

PBKDF2-params ::= SEQUENCE {
  salt CHOICE {
    specified OCTET STRING,
    otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
  },
  iterationCount INTEGER (1..MAX),
  keyLength INTEGER (1..MAX) OPTIONAL,
  prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
    algid-hmacWithSHA1 }

PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }

PBKDF2-PRFs ALGORITHM-IDENTIFIER ::=
  { {NULL IDENTIFIED BY id-hmacWithSHA1}, ... }

 -- PBES1

PBES1Algorithms ALGORITHM-IDENTIFIER ::= 
  { {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} |
    {PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} |
    {PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} |
    {PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} |
    {PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} |
    {PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC}, ...}

pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}

PBEParameter ::= SEQUENCE {
  salt OCTET STRING (SIZE(8)),
  iterationCount INTEGER }

-- PBES2

PBES2Algorithms ALGORITHM-IDENTIFIER ::= 
  { {PBES2-params IDENTIFIED BY id-PBES2}, ...}

id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}

PBES2-params ::= SEQUENCE {
  keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
  encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }

PBES2-KDFs ALGORITHM-IDENTIFIER ::=
  { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }

PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }

-- PBMAC1

PBMAC1Algorithms ALGORITHM-IDENTIFIER ::= 
  { {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...}

id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}

PBMAC1-params ::=  SEQUENCE {
  keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
  messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}} }

PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
  { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }

PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }

-- Supporting techniques

digestAlgorithm OBJECT IDENTIFIER     ::= {rsadsi 2}
encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3}

SupportingAlgorithms ALGORITHM-IDENTIFIER ::=
  { {NULL IDENTIFIED BY id-hmacWithSHA1} |
    {OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} |
    {OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} |
    {RC2-CBC-Parameter IDENTIFIED BY rc2CBC} |
    {RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD}, ... }

id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}

desCBC OBJECT IDENTIFIER ::=
  {iso(1) identified-organization(3) oiw(14) secsig(3)
    algorithms(2) 7} -- from OIW

des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}

rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2}

RC2-CBC-Parameter ::= SEQUENCE {
  rc2ParameterVersion INTEGER OPTIONAL,
  iv OCTET STRING (SIZE(8)) }

rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9} 

RC5-CBC-Parameters ::= SEQUENCE {
  version INTEGER {v1-0(16)} (v1-0),
  rounds INTEGER (8..127),
  blockSizeInBits INTEGER (64 | 128),
  iv OCTET STRING OPTIONAL }

END
Commit	Line	Data
b1ab9ed8 A	1	-- PKCS #5 v2.0 ASN.1 Module
	2	-- Revised March 25, 1999
	3
	4	-- This module has been checked for conformance with the
	5	-- ASN.1 standard by the OSS ASN.1 Tools
	6
	7	PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549)
	8	pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)}
	9
	10	DEFINITIONS ::= BEGIN
	11
	12	-- Basic object identifiers
	13
	14	rsadsi OBJECT IDENTIFIER ::=
	15	{iso(1) member-body(2) us(840) 113549}
	16	pkcs OBJECT IDENTIFIER ::= {rsadsi 1}
	17	pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}
	18
	19	-- Basic types and classes
	20
	21	AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
	22	SEQUENCE {
	23	algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
	24	parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
	25	{@algorithm}) OPTIONAL }
	26
	27	ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER
	28
	29	-- PBKDF2
	30
	31	PBKDF2Algorithms ALGORITHM-IDENTIFIER ::=
	32	{ {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}
	33
	34	id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
	35
	36	algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
	37	{algorithm id-hmacWithSHA1, parameters NULL : NULL}
	38
	39	PBKDF2-params ::= SEQUENCE {
	40	salt CHOICE {
	41	specified OCTET STRING,
	42	otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
	43	},
	44	iterationCount INTEGER (1..MAX),
	45	keyLength INTEGER (1..MAX) OPTIONAL,
	46	prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
	47	algid-hmacWithSHA1 }
	48
	49	PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }
	50
	51	PBKDF2-PRFs ALGORITHM-IDENTIFIER ::=
	52	{ {NULL IDENTIFIED BY id-hmacWithSHA1}, ... }
	53
	54	-- PBES1
	55
	56	PBES1Algorithms ALGORITHM-IDENTIFIER ::=
	57	{ {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} \|
	58	{PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} \|
	59	{PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} \|
	60	{PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} \|
	61	{PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} \|
	62	{PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC}, ...}
	63
	64	pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
65	pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
66	pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
67	pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
68	pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
69	pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}
70
71	PBEParameter ::= SEQUENCE {
72	salt OCTET STRING (SIZE(8)),
73	iterationCount INTEGER }
74
75	-- PBES2
76
77	PBES2Algorithms ALGORITHM-IDENTIFIER ::=
78	{ {PBES2-params IDENTIFIED BY id-PBES2}, ...}
79
80	id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
81
82	PBES2-params ::= SEQUENCE {
83	keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
84	encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
85
86	PBES2-KDFs ALGORITHM-IDENTIFIER ::=
87	{ {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
88
89	PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }
90
91	-- PBMAC1
92
93	PBMAC1Algorithms ALGORITHM-IDENTIFIER ::=
94	{ {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...}
95
96	id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}
97
98	PBMAC1-params ::= SEQUENCE {
99	keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
100	messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}} }
101
102	PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
103	{ {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
104
105	PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }
106
107	-- Supporting techniques
108
109	digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
110	encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3}
111
112	SupportingAlgorithms ALGORITHM-IDENTIFIER ::=
113	{ {NULL IDENTIFIED BY id-hmacWithSHA1} \|
114	{OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} \|
115	{OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} \|
116	{RC2-CBC-Parameter IDENTIFIED BY rc2CBC} \|
117	{RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD}, ... }
118
119	id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}
120
121	desCBC OBJECT IDENTIFIER ::=
122	{iso(1) identified-organization(3) oiw(14) secsig(3)
123	algorithms(2) 7} -- from OIW
124
125	des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}
126
127	rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2}
128
129	RC2-CBC-Parameter ::= SEQUENCE {
130	rc2ParameterVersion INTEGER OPTIONAL,
131	iv OCTET STRING (SIZE(8)) }
132
133	rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9}
134
135	RC5-CBC-Parameters ::= SEQUENCE {
136	version INTEGER {v1-0(16)} (v1-0),
137	rounds INTEGER (8..127),
138	blockSizeInBits INTEGER (64 \| 128),
139	iv OCTET STRING OPTIONAL }
140
141	END