]> git.saurik.com Git - apple/security.git/blob - SecurityASN1/asn/pkcs5.asn1
Security-54.1.3.tar.gz
[apple/security.git] / SecurityASN1 / asn / pkcs5.asn1
1 -- PKCS #5 v2.0 ASN.1 Module
2 -- Revised March 25, 1999
3
4 -- This module has been checked for conformance with the
5 -- ASN.1 standard by the OSS ASN.1 Tools
6
7 PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549)
8 pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)}
9
10 DEFINITIONS ::= BEGIN
11
12 -- Basic object identifiers
13
14 rsadsi OBJECT IDENTIFIER ::=
15 {iso(1) member-body(2) us(840) 113549}
16 pkcs OBJECT IDENTIFIER ::= {rsadsi 1}
17 pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}
18
19 -- Basic types and classes
20
21 AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
22 SEQUENCE {
23 algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
24 parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
25 {@algorithm}) OPTIONAL }
26
27 ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER
28
29 -- PBKDF2
30
31 PBKDF2Algorithms ALGORITHM-IDENTIFIER ::=
32 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}
33
34 id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
35
36 algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
37 {algorithm id-hmacWithSHA1, parameters NULL : NULL}
38
39 PBKDF2-params ::= SEQUENCE {
40 salt CHOICE {
41 specified OCTET STRING,
42 otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
43 },
44 iterationCount INTEGER (1..MAX),
45 keyLength INTEGER (1..MAX) OPTIONAL,
46 prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
47 algid-hmacWithSHA1 }
48
49 PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }
50
51 PBKDF2-PRFs ALGORITHM-IDENTIFIER ::=
52 { {NULL IDENTIFIED BY id-hmacWithSHA1}, ... }
53
54 -- PBES1
55
56 PBES1Algorithms ALGORITHM-IDENTIFIER ::=
57 { {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} |
58 {PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} |
59 {PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} |
60 {PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} |
61 {PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} |
62 {PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC}, ...}
63
64 pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
65 pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
66 pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
67 pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
68 pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
69 pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}
70
71 PBEParameter ::= SEQUENCE {
72 salt OCTET STRING (SIZE(8)),
73 iterationCount INTEGER }
74
75 -- PBES2
76
77 PBES2Algorithms ALGORITHM-IDENTIFIER ::=
78 { {PBES2-params IDENTIFIED BY id-PBES2}, ...}
79
80 id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
81
82 PBES2-params ::= SEQUENCE {
83 keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
84 encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
85
86 PBES2-KDFs ALGORITHM-IDENTIFIER ::=
87 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
88
89 PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }
90
91 -- PBMAC1
92
93 PBMAC1Algorithms ALGORITHM-IDENTIFIER ::=
94 { {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...}
95
96 id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}
97
98 PBMAC1-params ::= SEQUENCE {
99 keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
100 messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}} }
101
102 PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
103 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
104
105 PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }
106
107 -- Supporting techniques
108
109 digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
110 encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3}
111
112 SupportingAlgorithms ALGORITHM-IDENTIFIER ::=
113 { {NULL IDENTIFIED BY id-hmacWithSHA1} |
114 {OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} |
115 {OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} |
116 {RC2-CBC-Parameter IDENTIFIED BY rc2CBC} |
117 {RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD}, ... }
118
119 id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}
120
121 desCBC OBJECT IDENTIFIER ::=
122 {iso(1) identified-organization(3) oiw(14) secsig(3)
123 algorithms(2) 7} -- from OIW
124
125 des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}
126
127 rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2}
128
129 RC2-CBC-Parameter ::= SEQUENCE {
130 rc2ParameterVersion INTEGER OPTIONAL,
131 iv OCTET STRING (SIZE(8)) }
132
133 rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9}
134
135 RC5-CBC-Parameters ::= SEQUENCE {
136 version INTEGER {v1-0(16)} (v1-0),
137 rounds INTEGER (8..127),
138 blockSizeInBits INTEGER (64 | 128),
139 iv OCTET STRING OPTIONAL }
140
141 END