ftp.rsa.com

home *** CD-ROM | disk | FTP | other *** search

/ ftp.rsa.com / 2014.05.ftp.rsa.com.tar / ftp.rsa.com / pub / pkcs / pkcs-1 / pkcs-1v2-1d2.asn < prev next >

Wrap

Text File | 2014-05-02 | 8KB | 268 lines

PKCS-1 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) modules(0) pkcs-1(1)} -- $Revision: 1.0 $ -- This module has been checked for conformance with the ASN.1 -- standard by the OSS ASN.1 Tools DEFINITIONS EXPLICIT TAGS ::= BEGIN -- EXPORTS ALL -- -- All types and values defined in this module is exported for -- use in other ASN.1 modules. IMPORTS id-sha256, id-sha384, id-sha512 FROM NIST-SHA2 {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) modules (0) sha2 (1)}; -- Basic object identifiers -- The DER for this in hexadecimal is: -- 06 08 -- 2A 86 48 86 F7 0D 01 01 -- pkcs-1 OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1} -- -- When the following OIDs are used in an AlgorithmIdentifier -- the parameters MUST be present and MUST be NULL. -- rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 } md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 } sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 } sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 } rsaOAEPEncryptionSET OBJECT IDENTIFIER ::= { pkcs-1 6 } -- -- When id-RSAES-OAEP is used in an AlgorithmIdentifier the -- parameters MUST be present and MUST be RSAES-OAEP-params. -- id-RSAES-OAEP OBJECT IDENTIFIER ::= { pkcs-1 7 } -- -- When id-mgf1 is used in an AlgorithmIdentifier the parameters -- MUST be present and MUST be a DigestAlgorithmIdentifier, for -- example SHA1Identifier. -- id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 } -- -- When id-pSpecified is used in an AlgorithmIdentifier the -- parameters MUST be an OCTET STRING. -- id-pSpecified OBJECT IDENTIFIER ::= { pkcs-1 9 } -- -- When id-RSASSA-PSS is used in an AlgorithmIdentifier the -- parameters MUST be present and MUST be RSASSA-PSS-params. -- id-RSASSA-PSS OBJECT IDENTIFIER ::= { pkcs-1 10 } -- -- This OID really belongs in a module with the secsig OIDs. -- id-sha1 OBJECT IDENTIFIER ::= {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } -- Useful types ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER -- Note: the parameter InfoObjectSet in the following -- definitions allows a distinct information object -- set to be specified for sets of algorithms such as: -- DigestAlgorithms ALGORITHM-IDENTIFIER ::= { -- { NULL IDENTIFIED BY id-md2 }, -- { NULL IDENTIFIED BY id-md5 }, -- { NULL IDENTIFIED BY id-sha1 } -- } -- AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::= SEQUENCE { algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}), parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet} {@algorithm}) OPTIONAL } -- Algorithms -- -- Allowed OAEP digest algorithms. -- OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= { { SHAParameters IDENTIFIED BY id-sha1 } | { SHAParameters IDENTIFIED BY id-sha256 } | { SHAParameters IDENTIFIED BY id-sha384 } | { SHAParameters IDENTIFIED BY id-sha512 }, ... -- Allows for future expansion } sha1Identifier AlgorithmIdentifier {{ OAEP-PSSDigestAlgorithms }} ::= {algorithm id-sha1, parameters SHAParameters : NULL} SHAParameters ::= NULL -- -- Allowed Mask Generation Function algorithms. -- If the identifier is id-mgf1, the parameters -- are a single digest algorithm identifier. -- PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= { { MGF1Parameters IDENTIFIED BY id-mgf1 }, ...-- Allows for future expansion } MGF1Parameters ::= AlgorithmIdentifier { {OAEP-PSSDigestAlgorithms} } -- -- Allowed algorithms for pSourceFunc. -- PKCS1PSourceAlgorithms ALGORITHM-IDENTIFIER ::= { { PEmptyString IDENTIFIED BY id-pSpecified }, ...-- Allows for future expansion } PEmptyString ::= OCTET STRING (SIZE(0)) -- -- This identifier means that P is an empty string, so the digest -- of the empty string appears in the RSA block before masking. -- pSpecifiedEmptyIdentifier AlgorithmIdentifier {{ PKCS1PSourceAlgorithms }} ::= { algorithm id-pSpecified, parameters PEmptyString : ''H } -- -- Default AlgorithmIdentifier for id-RSAES-OAEP.maskGenFunc. -- mgf1SHA1Identifier AlgorithmIdentifier {{ PKCS1MGFAlgorithms }} ::= {algorithm id-mgf1, parameters AlgorithmIdentifier{{OAEP-PSSDigestAlgorithms}} : sha1Identifier} -- -- Type identifier definitions for the PKCS #1 OIDs. -- PKCS1Algorithms ALGORITHM-IDENTIFIER ::= { { NULL IDENTIFIED BY rsaEncryption } | { NULL IDENTIFIED BY md2WithRSAEncryption } | { NULL IDENTIFIED BY md4WithRSAEncryption } | { NULL IDENTIFIED BY md5WithRSAEncryption } | { NULL IDENTIFIED BY sha1WithRSAEncryption } | { NULL IDENTIFIED BY sha256WithRSAEncryption } | { NULL IDENTIFIED BY sha384WithRSAEncryption } | { NULL IDENTIFIED BY sha512WithRSAEncryption } | { NULL IDENTIFIED BY rsaOAEPEncryptionSET } | { RSAES-OAEP-params IDENTIFIED BY id-RSAES-OAEP } | PKCS1PSourceAlgorithms | { RSASSA-PSS-params IDENTIFIED BY id-RSASSA-PSS }, ... -- Allows for future expansion } -- Main structures RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- n publicExponent INTEGER -- e } -- -- Representation of RSA private key with information for the -- CRT algorithm. -- RSAPrivateKey ::= SEQUENCE { version Version, modulus INTEGER, -- (Usually large) n publicExponent INTEGER, -- (Usually small) e privateExponent INTEGER, -- (Usually large) d prime1 INTEGER, -- (Usually large) p prime2 INTEGER, -- (Usually large) q exponent1 INTEGER, -- (Usually large) d mod (p-1) exponent2 INTEGER, -- (Usually large) d mod (q-1) coefficient INTEGER, -- (Usually large) (inverse of q) mod p otherPrimeInfos OtherPrimeInfos OPTIONAL } Version ::= INTEGER { two-prime(0), multi(1) } (CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --}) OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo OtherPrimeInfo ::= SEQUENCE { prime INTEGER, -- ri exponent INTEGER, -- di coefficient INTEGER -- ti } -- -- AlgorithmIdentifier.parameters for id-RSAES-OAEP. -- Note that the tags in this Sequence are explicit. -- RSAES-OAEP-params ::= SEQUENCE { hashFunc [0] AlgorithmIdentifier { {OAEP-PSSDigestAlgorithms} } DEFAULT sha1Identifier, maskGenFunc [1] AlgorithmIdentifier { {PKCS1MGFAlgorithms} } DEFAULT mgf1SHA1Identifier, pSourceFunc [2] AlgorithmIdentifier { {PKCS1PSourceAlgorithms} } DEFAULT pSpecifiedEmptyIdentifier } -- -- Identifier for default RSAES-OAEP algorithm identifier -- The DER Encoding of this is in hexadecimal: -- 30 0D -- 06 09 -- 2A 86 48 86 F7 0D 01 01 07 -- 30 00 -- Notice that the DER encoding of default values -- is "empty". -- rSAES-OAEP-Default-Identifier AlgorithmIdentifier{ {PKCS1Algorithms} } ::= {algorithm id-RSAES-OAEP, parameters RSAES-OAEP-params : { hashFunc sha1Identifier, maskGenFunc mgf1SHA1Identifier, pSourceFunc pSpecifiedEmptyIdentifier } } -- -- AlgorithmIdentifier.parameters for id-RSASSA-PSS. -- Note that the tags in this Sequence are explicit. -- RSASSA-PSS-params ::= SEQUENCE { hashFunc [0] AlgorithmIdentifier {{OAEP-PSSDigestAlgorithms}} DEFAULT sha1Identifier, maskGenFunc [1] AlgorithmIdentifier {{PKCS1MGFAlgorithms}} DEFAULT mgf1SHA1Identifier } -- -- Identifier for default RSASSA-PSS algorithm identifier -- The DER Encoding of this is in hexadecimal: -- 30 0D -- 06 09 -- 2A 86 48 86 F7 0D 01 01 0A -- 30 00 -- Notice that the DER encoding of default values -- is "empty". -- rSASSA-PSS-Default-Identifier AlgorithmIdentifier{ {PKCS1Algorithms} } ::= {algorithm id-RSASSA-PSS, parameters RSASSA-PSS-params : { hashFunc sha1Identifier, maskGenFunc mgf1SHA1Identifier } } END -- PKCS1Definitions