home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.rsa.com
/
2014.05.ftp.rsa.com.tar
/
ftp.rsa.com
/
pub
/
pkcs
/
pkcs-1v2
/
pkcs-1asn.txt
< prev
next >
Wrap
Text File
|
2014-05-02
|
6KB
|
235 lines
-- History
-- July 8, 1998 Created.
-- July 9, 1998 Renamed types and enhanced RSAES-OAEP-Params.
-- Added pkcs1Algorithms.
--
-- This module defines OIDs used to define
-- PKCS #1 version 2.0
--
PKCS1OIDS
DEFINITIONS IMPLICIT TAGS ::= BEGIN
EXPORTS ALL;
-- Object Identifiers --
-- The DER for this in hexadecimal is:
-- 06 08
-- 2A 86 48 86 F7 0D 01 01
--
pkcs-1 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
--
-- When the following OIDs are used in an AlgorithmIdentifier
-- the parameters MUST be present and MUST be NULL.
--
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 }
md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 }
sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
rsaOAEPEncryptionSET OBJECT IDENTIFIER ::= { pkcs-1 6 }
--
-- When id-RSAES-OAEP is used in an AlgorithmIdentifier
-- the parameters MUST be present and MUST be RSAES-OAEP-params.
--
id-RSAES-OAEP OBJECT IDENTIFIER ::= { pkcs-1 7 }
--
-- When id-mgf1 is used in an AlgorithmIdentifier
-- the parameters MUST be present and MUST be
-- a DigestAlgorithmIdentifier, specifically sha1Identifier.
--
id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 }
--
-- When id-pSpecified is used in an AlgorithmIdentifier
-- the parameters MUST be an OCTET STRING.
--
id-pSpecified OBJECT IDENTIFIER ::= { pkcs-1 9 }
--
-- This OID really belongs in a module with the secsig OIDs.
-- There may be duplication definition errors due to putting
-- this OID here.
--
id-sha1 OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) oiw(14) secsig(3)
algorithms(2) 26 }
END -- PKCS1OIDS
--
-- This module defines primitives used to define
-- PKCS #1 version 2.0
--
PKCS1Basics
DEFINITIONS IMPLICIT TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
rsaEncryption, md2WithRSAEncryption, md4WithRSAEncryption,
md5WithRSAEncryption, sha1WithRSAEncryption,
rsaOAEPEncryptionSET, id-RSAES-OAEP, id-mgf1, id-pSpecified,
id-sha1
FROM PKCS1OIDS;
ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER
-- Note: the parameter InfoObjectSet in the following definitions
-- allows a distinct information object set to be specified for
-- sets of algorithms such as:
-- DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
-- { NULL IDENTIFIED BY id-sha1 },
-- { NULL IDENTIFIED BY id-md5 },
-- { NULL IDENTIFIED BY id-md2 }
-- }
--
AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
SEQUENCE {
algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
{@algorithm}) OPTIONAL
}
--
-- Allowed OAEP digest algorithms.
--
oaepDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-sha1 }
}
--
-- Algorithm Identifier for SHA1, which is the OAEP default.
--
sha1Identifier ::= AlgorithmIdentifier {
id-sha1, NULL }
--
-- Allowed Mask Generation Function algorithms.
-- If the identifier is id-mgf1, the parameters
-- are a single digest algorithm identifier.
--
pkcs1MGFAlgorithms ALGORITHM-IDENTIFIER ::= {
{ AlgorithmIdentifier { {oaepDigestAlgorithms} },
IDENTIFIED BY id-mgf1 }
}
--
-- Allowed algorithms for pGenFunc.
--
pkcs1PGenAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OCTET STRING IDENTIFIED BY id-pSpecified }
}
--
-- Default AlgorithmIdentifier for id-RSAES-OAEP.maskGenFunc.
--
mgf1SHA1Identifier ::= AlgorithmIdentifier {
id-mgf1, sha1Identifier }
--
-- Type identifier definitions for the PKCS #1 OIDs.
--
pkcs1Algorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY rsaEncryption },
{ NULL IDENTIFIED BY md2WithRSAEncryption },
{ NULL IDENTIFIED BY md4WithRSAEncryption }
{ NULL IDENTIFIED BY md5WithRSAEncryption },
{ NULL IDENTIFIED BY sha1WithRSAEncryption },
{ NULL IDENTIFIED BY rsaOAEPEncryptionSET }
{ RSAES-OAEP-params IDENTIFIED BY id-RSAES-OAEP },
{ AlgorithmIdentifier { {oaepDigestAlgorithms} }
IDENTIFIED BY id-mgf1 },
{ OCTET STRING IDENTIFIED BY id-pSpecified }
}
END -- PKCS1Basics
--
-- This module defines the main structures of PKCS #1.
--
PKCS1Definitions
DEFINITIONS IMPLICIT TAGS ::= BEGIN
EXPORTS ALL;
IMPORTS
AlgorithmIdentifier, oaepDigestAlgorithms,
pkcs1MGFAlgorithms, mgf1SHA1Identifier
FROM PKCS1Basics;
--
-- Representation of RSA public key
--
RSAPublicKey ::= SEQUENCE {
modulus INTEGER, -- (Usually large) n = p*q
publicExponent INTEGER -- (Usually small) e
}
--
-- Representation of RSA private key with p and q
-- information for the CRT algorithm.
--
RSAPrivateKey ::= SEQUENCE {
version INTEGER { RSAPrivateKeyVer0(0) } (RSAPrivateKeyVer0),
modulus INTEGER, -- (Usually large) n
publicExponent INTEGER, -- (Usually small) e
privateExponent INTEGER, -- (Usually large) d
prime1 INTEGER, -- (Usually large) p
prime2 INTEGER, -- (Usually large) q
exponent1 INTEGER, -- (Usually large) d mod (p-1)
exponent2 INTEGER, -- (Usually large) d mod (q-1)
coefficient INTEGER -- (Usually large) (inverse of q) mod p
}
--
-- AlgorithmIdentifier.paramters for id-RSAES-OAEP.
-- Note that the tags in this Sequence are explicit.
--
RSAES-OAEP-params ::= SEQUENCE {
hashFunc [0] AlgorithmIdentifier { {oaepDigestAlgorithms} }
DEFAULT sha1Identifier,
maskGenFunc [1] AlgorithmIdentifier { {pkcs1MGFAlgorithms} }
DEFAULT mgf1SHA1Identifier,
pSourceFunc [2] AlgorithmIdentifier { {pkcs1PGenAlgorithms} }
DEFAULT pSpecifiedEmptyIdentifier
}
--
-- This identifier means that P is an empty string, so the digest
-- of the empty string appears in the RSA block before masking.
--
pSpecifiedEmptyIdentifier ::= AlgorithmIdentifier {
id-pSpecified, OCTET STRING SIZE (0)
}
--
-- Identifier for RSAES-OAEP.
-- The DER Encoding of this is in hexadecimal:
-- 30 0D
-- 06 09
-- 2A 86 48 86 F7 0D 01 01 07
-- 30 00
-- Notice that the DER encoding of default values is "empty".
--
RSAES-OAEP-Default-Identifier ::= AlgorithmIdentifier {
id-RSAES-OAEP,
{ sha1Identifier,
mgf1SHA1Identifier,
pSpecifiedEmptyIdentifier
}
}
END -- PKCS1Definitions