projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| bac41a7b A |
1 | PKCS-1 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) |
| 2 | modules(0) pkcs-1(1)} | |
| 3 | ||
| 4 | -- $Revision: 1.1.1.1 $ | |
| 5 | ||
| 6 | -- This module has been checked for conformance with the ASN.1 | |
| 7 | -- standard by the OSS ASN.1 Tools | |
| 8 | ||
| 9 | DEFINITIONS EXPLICIT TAGS ::= | |
| 10 | ||
| 11 | BEGIN | |
| 12 | ||
| 13 | -- EXPORTS ALL -- | |
| 14 | -- All types and values defined in this module is exported for use in other | |
| 15 | -- ASN.1 modules. | |
| 16 | ||
| 17 | -- IMPORTS None -- | |
| 18 | ||
| 19 | -- Basic object identifiers | |
| 20 | ||
| 21 | -- The DER for this in hexadecimal is: | |
| 22 | -- 06 08 | |
| 23 | -- 2A 86 48 86 F7 0D 01 01 | |
| 24 | -- | |
| 25 | pkcs-1 OBJECT IDENTIFIER ::= { | |
| 26 | iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } | |
| 27 | ||
| 28 | -- | |
| 29 | -- When the following OIDs are used in an AlgorithmIdentifier | |
| 30 | -- the parameters MUST be present and MUST be NULL. | |
| 31 | -- | |
| 32 | rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } | |
| 33 | md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } | |
| 34 | md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 } | |
| 35 | md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } | |
| 36 | sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } | |
| 37 | rsaOAEPEncryptionSET OBJECT IDENTIFIER ::= { pkcs-1 6 } | |
| 38 | ||
| 39 | -- | |
| 40 | -- When id-RSAES-OAEP is used in an AlgorithmIdentifier | |
| 41 | -- the parameters MUST be present and MUST be RSAES-OAEP-params. | |
| 42 | -- | |
| 43 | id-RSAES-OAEP OBJECT IDENTIFIER ::= { pkcs-1 7 } | |
| 44 | ||
| 45 | -- | |
| 46 | -- When id-mgf1 is used in an AlgorithmIdentifier | |
| 47 | -- the parameters MUST be present and MUST be | |
| 48 | -- a DigestAlgorithmIdentifier, specifically SHA1Identifier. | |
| 49 | -- | |
| 50 | id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 } | |
| 51 | ||
| 52 | -- | |
| 53 | -- When id-pSpecified is used in an AlgorithmIdentifier | |
| 54 | -- the parameters MUST be an OCTET STRING. | |
| 55 | -- | |
| 56 | id-pSpecified OBJECT IDENTIFIER ::= { pkcs-1 9 } | |
| 57 | ||
| 58 | -- | |
| 59 | -- This OID really belongs in a module with the secsig OIDs. | |
| 60 | -- | |
| 61 | id-sha1 OBJECT IDENTIFIER ::= { | |
| 62 | iso(1) identified-organization(3) oiw(14) secsig(3) | |
| 63 | algorithms(2) 26 } | |
| 64 | ||
| 65 | ||
| 66 | -- Useful types | |
| 67 | ||
| 68 | ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER | |
| 69 | ||
| 70 | -- Note: the parameter InfoObjectSet in the following definitions | |
| 71 | -- allows a distinct information object set to be specified for | |
| 72 | -- sets of algorithms such as: | |
| 73 | -- DigestAlgorithms ALGORITHM-IDENTIFIER ::= { | |
| 74 | -- { NULL IDENTIFIED BY id-sha1 }, | |
| 75 | -- { NULL IDENTIFIED BY id-md5 }, | |
| 76 | -- { NULL IDENTIFIED BY id-md2 } | |
| 77 | -- } | |
| 78 | -- | |
| 79 | AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::= | |
| 80 | SEQUENCE { | |
| 81 | algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}), | |
| 82 | parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet} | |
| 83 | {@algorithm}) OPTIONAL | |
| 84 | } | |
| 85 | ||
| 86 | -- Algorithms | |
| 87 | ||
| 88 | -- | |
| 89 | -- Allowed OAEP digest algorithms. | |
| 90 | -- | |
| 91 | OAEPDigestAlgorithms ALGORITHM-IDENTIFIER ::= { | |
| 92 | { SHA1Parameters IDENTIFIED BY id-sha1 }, | |
| 93 | ... --Allows for future expansion | |
| 94 | } | |
| 95 | ||
| 96 | sha1Identifier AlgorithmIdentifier {{ OAEPDigestAlgorithms }} ::= | |
| 97 | {algorithm id-sha1, parameters SHA1Parameters : NULL} | |
| 98 | ||
| 99 | SHA1Parameters ::= NULL | |
| 100 | ||
| 101 | -- | |
| 102 | -- Allowed Mask Generation Function algorithms. | |
| 103 | -- If the identifier is id-mgf1, the parameters | |
| 104 | -- are a single digest algorithm identifier. | |
| 105 | -- | |
| 106 | PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= { | |
| 107 | { MGF1Parameters IDENTIFIED BY id-mgf1 }, | |
| 108 | ...--Allows for future expansion | |
| 109 | } | |
| 110 | ||
| 111 | MGF1Parameters ::= | |
| 112 | AlgorithmIdentifier { {OAEPDigestAlgorithms} } | |
| 113 | ||
| 114 | -- | |
| 115 | -- Allowed algorithms for pSourceFunc. | |
| 116 | -- | |
| 117 | PKCS1PSourceAlgorithms ALGORITHM-IDENTIFIER ::= { | |
| 118 | { PEmptyString IDENTIFIED BY id-pSpecified }, | |
| 119 | ...--Allows for future expansion | |
| 120 | } | |
| 121 | ||
| 122 | PEmptyString ::= OCTET STRING (SIZE(0)) | |
| 123 | ||
| 124 | -- | |
| 125 | -- This identifier means that P is an empty string, so the digest | |
| 126 | -- of the empty string appears in the RSA block before masking. | |
| 127 | -- | |
| 128 | pSpecifiedEmptyIdentifier AlgorithmIdentifier {{ PKCS1PSourceAlgorithms }} ::= | |
| 129 | { algorithm id-pSpecified, parameters PEmptyString : ''H } | |
| 130 | ||
| 131 | -- | |
| 132 | -- Default AlgorithmIdentifier for id-RSAES-OAEP.maskGenFunc. | |
| 133 | -- | |
| 134 | mgf1SHA1Identifier AlgorithmIdentifier {{ PKCS1MGFAlgorithms }} ::= | |
| 135 | { algorithm id-mgf1, | |
| 136 | parameters AlgorithmIdentifier{{OAEPDigestAlgorithms}} : sha1Identifier} | |
| 137 | ||
| 138 | -- | |
| 139 | -- Type identifier definitions for the PKCS #1 OIDs. | |
| 140 | -- | |
| 141 | PKCS1Algorithms ALGORITHM-IDENTIFIER ::= { | |
| 142 | { NULL IDENTIFIED BY rsaEncryption } | | |
| 143 | { NULL IDENTIFIED BY md2WithRSAEncryption } | | |
| 144 | { NULL IDENTIFIED BY md4WithRSAEncryption } | | |
| 145 | { NULL IDENTIFIED BY md5WithRSAEncryption } | | |
| 146 | { NULL IDENTIFIED BY sha1WithRSAEncryption } | | |
| 147 | { NULL IDENTIFIED BY rsaOAEPEncryptionSET } | | |
| 148 | { RSAES-OAEP-params IDENTIFIED BY id-RSAES-OAEP } | | |
| 149 | PKCS1PSourceAlgorithms, | |
| 150 | ... -- Allows for future expansion | |
| 151 | } | |
| 152 | ||
| 153 | -- Main structures | |
| 154 | ||
| 155 | RSAPublicKey ::= SEQUENCE { | |
| 156 | modulus INTEGER, -- (Usually large) n = p*q | |
| 157 | publicExponent INTEGER -- (Usually small) e | |
| 158 | } | |
| 159 | ||
| 160 | -- | |
| 161 | -- Representation of RSA private key with p and q | |
| 162 | -- information for the CRT algorithm. | |
| 163 | -- | |
| 164 | RSAPrivateKey ::= SEQUENCE { | |
| 165 | version INTEGER { rsaPrivateKeyVer0(0) }(rsaPrivateKeyVer0), | |
| 166 | modulus INTEGER, -- (Usually large) n | |
| 167 | publicExponent INTEGER, -- (Usually small) e | |
| 168 | privateExponent INTEGER, -- (Usually large) d | |
| 169 | prime1 INTEGER, -- (Usually large) p | |
| 170 | prime2 INTEGER, -- (Usually large) q | |
| 171 | exponent1 INTEGER, -- (Usually large) d mod (p-1) | |
| 172 | exponent2 INTEGER, -- (Usually large) d mod (q-1) | |
| 173 | coefficient INTEGER -- (Usually large) (inverse of q) mod p | |
| 174 | } | |
| 175 | ||
| 176 | -- | |
| 177 | -- AlgorithmIdentifier.parameters for id-RSAES-OAEP. | |
| 178 | -- Note that the tags in this Sequence are explicit. | |
| 179 | -- | |
| 180 | ||
| 181 | RSAES-OAEP-params ::= SEQUENCE { | |
| 182 | hashFunc [0] AlgorithmIdentifier { {OAEPDigestAlgorithms} } | |
| 183 | DEFAULT sha1Identifier, | |
| 184 | maskGenFunc [1] AlgorithmIdentifier { {PKCS1MGFAlgorithms} } | |
| 185 | DEFAULT mgf1SHA1Identifier, | |
| 186 | pSourceFunc [2] AlgorithmIdentifier { {PKCS1PSourceAlgorithms} } | |
| 187 | DEFAULT pSpecifiedEmptyIdentifier | |
| 188 | } | |
| 189 | ||
| 190 | -- | |
| 191 | -- Identifier for default RSAES-OAEP algorithm identifier | |
| 192 | -- The DER Encoding of this is in hexadecimal: | |
| 193 | -- 30 0D | |
| 194 | -- 06 09 | |
| 195 | -- 2A 86 48 86 F7 0D 01 01 07 | |
| 196 | -- 30 00 | |
| 197 | -- Notice that the DER encoding of default values is "empty". | |
| 198 | -- | |
| 199 | rSAES-OAEP-Default-Identifier AlgorithmIdentifier{ {PKCS1Algorithms} } ::= | |
| 200 | {algorithm id-RSAES-OAEP, | |
| 201 | parameters RSAES-OAEP-params : {hashFunc sha1Identifier, | |
| 202 | maskGenFunc mgf1SHA1Identifier, | |
| 203 | pSourceFunc pSpecifiedEmptyIdentifier}} | |
| 204 | ||
| 205 | END -- PKCS1Definitions |