1 -- PKCS #5 v2.0 ASN.1 Module
2 -- Revised March 25, 1999
4 -- This module has been checked for conformance with the
5 -- ASN.1 standard by the OSS ASN.1 Tools
7 PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549)
8 pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)}
12 -- Basic object identifiers
14 rsadsi OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) 113549}
15 pkcs OBJECT IDENTIFIER ::= {rsadsi 1}
17 pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}
19 -- Basic types and classes
21 AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
23 algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
24 parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
25 {@algorithm}) OPTIONAL
28 ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER
32 PBKDF2Algorithms ALGORITHM-IDENTIFIER ::=
33 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}
35 id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
37 algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
38 {algorithm id-hmacWithSHA1, parameters NULL : NULL}
40 PBKDF2-params ::= SEQUENCE {
42 specified OCTET STRING,
43 otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
45 iterationCount INTEGER (1..MAX),
46 keyLength INTEGER (1..MAX) OPTIONAL,
47 prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
51 PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }
53 PBKDF2-PRFs ALGORITHM-IDENTIFIER ::=
54 { {NULL IDENTIFIED BY id-hmacWithSHA1}, ... }
59 PBES1Algorithms ALGORITHM-IDENTIFIER ::= {
60 {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} |
61 {PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} |
62 {PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} |
63 {PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} |
64 {PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} |
65 {PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC},
69 pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
70 pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
71 pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
72 pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
73 pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
74 pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}
76 PBEParameter ::= SEQUENCE {
77 salt OCTET STRING (SIZE(8)),
78 iterationCount INTEGER
83 PBES2Algorithms ALGORITHM-IDENTIFIER ::=
84 { {PBES2-params IDENTIFIED BY id-PBES2}, ...}
86 id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
88 PBES2-params ::= SEQUENCE {
89 keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
90 encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
93 PBES2-KDFs ALGORITHM-IDENTIFIER ::=
94 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
96 PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }
100 PBMAC1Algorithms ALGORITHM-IDENTIFIER ::=
101 { {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...}
103 id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}
105 PBMAC1-params ::= SEQUENCE {
106 keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
107 messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}}
110 PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
111 { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
113 PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }
115 -- Supporting techniques
117 digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
118 encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3}
120 SupportingAlgorithms ALGORITHM-IDENTIFIER ::= {
121 {NULL IDENTIFIED BY id-hmacWithSHA1} |
122 {OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} |
123 {OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} |
124 {RC2-CBC-Parameter IDENTIFIED BY rc2CBC} |
125 {RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD},
129 id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}
131 desCBC OBJECT IDENTIFIER ::=
132 {iso(1) identified-organization(3) oiw(14) secsig(3)
133 algorithms(2) 7} -- from OIW
135 des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}
137 rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2}
139 RC2-CBC-Parameter ::= SEQUENCE {
140 rc2ParameterVersion INTEGER OPTIONAL,
141 iv OCTET STRING (SIZE(8))
144 rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9}
146 RC5-CBC-Parameters ::= SEQUENCE {
147 version INTEGER {v1-0(16)} (v1-0),
148 rounds INTEGER (8..127),
149 blockSizeInBits INTEGER (64 | 128),
150 iv OCTET STRING OPTIONAL