-- Network Working Group B. Kaliski
-- Request for Comments: 2898 RSA Laboratories
-- Category: Informational September 2000
-- PKCS #5: Password-Based Cryptography Specification
-- Version 2.0
-- PKCS #5 v2.0 ASN.1 Module
-- Revised March 25, 1999
-- This module has been checked for conformance with the
-- ASN.1 standard by the OSS ASN.1 Tools
PKCS5v2-0 {iso(1) member-body(2) us(840) rsadsi(113549)
pkcs(1) pkcs-5(5) modules(16) pkcs5v2-0(1)}
DEFINITIONS ::= BEGIN
-- Basic object identifiers
rsadsi OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) 113549}
pkcs OBJECT IDENTIFIER ::= {rsadsi 1}
pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}
-- Basic types and classes
--PSIM(Ignore) AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
--PSIM(Ignore) SEQUENCE {
--PSIM(Ignore) algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
--PSIM(Ignore) parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
--PSIM(Ignore) {@algorithm}) OPTIONAL
--PSIM(Ignore) }
--PSIM(Ignore) ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER
-- PBKDF2
--PSIM(Ignore) PBKDF2Algorithms ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ...}
id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
--PSIM(Ignore) algid-hmacWithSHA1 AlgorithmIdentifier {{PBKDF2-PRFs}} ::=
--PSIM(Ignore) {algorithm id-hmacWithSHA1, parameters NULL : NULL}
--PSIM(Ignore) PBKDF2-params ::= SEQUENCE {
--PSIM(Ignore) salt CHOICE {
--PSIM(Ignore) specified OCTET STRING,
--PSIM(Ignore) otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
--PSIM(Ignore) },
--PSIM(Ignore) iterationCount INTEGER (1..MAX),
--PSIM(Ignore) keyLength INTEGER (1..MAX) OPTIONAL,
--PSIM(Ignore) prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
--PSIM(Ignore) algid-hmacWithSHA1
--PSIM(Ignore) }
--PSIM(Ignore) PBKDF2-SaltSources ALGORITHM-IDENTIFIER ::= { ... }
--PSIM(Ignore) PBKDF2-PRFs ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {NULL IDENTIFIED BY id-hmacWithSHA1}, ... }
-- PBES1
--PSIM(Ignore) PBES1Algorithms ALGORITHM-IDENTIFIER ::= {
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithMD2AndDES-CBC} |
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithMD2AndRC2-CBC} |
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithMD5AndDES-CBC} |
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithMD5AndRC2-CBC} |
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithSHA1AndDES-CBC} |
--PSIM(Ignore) {PBEParameter IDENTIFIED BY pbeWithSHA1AndRC2-CBC},
--PSIM(Ignore) ...
--PSIM(Ignore) }
pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}
--PSIM(Ignore) PBEParameter ::= SEQUENCE {
--PSIM(Ignore) salt OCTET STRING (SIZE(8)),
--PSIM(Ignore) iterationCount INTEGER
--PSIM(Ignore) }
-- PBES2
--PSIM(Ignore) PBES2Algorithms ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {PBES2-params IDENTIFIED BY id-PBES2}, ...}
id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
--PSIM(Ignore) PBES2-params ::= SEQUENCE {
--PSIM(Ignore) keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
--PSIM(Ignore) encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
--PSIM(Ignore) }
--PSIM(Ignore) PBES2-KDFs ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
--PSIM(Ignore) PBES2-Encs ALGORITHM-IDENTIFIER ::= { ... }
-- PBMAC1
--PSIM(Ignore) PBMAC1Algorithms ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {PBMAC1-params IDENTIFIED BY id-PBMAC1}, ...}
id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}
--PSIM(Ignore) PBMAC1-params ::= SEQUENCE {
--PSIM(Ignore) keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
--PSIM(Ignore) messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}}
--PSIM(Ignore) }
--PSIM(Ignore) PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
--PSIM(Ignore) { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }
--PSIM(Ignore) PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }
-- Supporting techniques
digestAlgorithm OBJECT IDENTIFIER ::= {rsadsi 2}
encryptionAlgorithm OBJECT IDENTIFIER ::= {rsadsi 3}
--PSIM(Ignore) SupportingAlgorithms ALGORITHM-IDENTIFIER ::= {
--PSIM(Ignore) {NULL IDENTIFIED BY id-hmacWithSHA1} |
--PSIM(Ignore) {OCTET STRING (SIZE(8)) IDENTIFIED BY desCBC} |
--PSIM(Ignore) {OCTET STRING (SIZE(8)) IDENTIFIED BY des-EDE3-CBC} |
--PSIM(Ignore) {RC2-CBC-Parameter IDENTIFIED BY rc2CBC} |
--PSIM(Ignore) {RC5-CBC-Parameters IDENTIFIED BY rc5-CBC-PAD},
--PSIM(Ignore) ...
--PSIM(Ignore) }
id-hmacWithSHA1 OBJECT IDENTIFIER ::= {digestAlgorithm 7}
desCBC OBJECT IDENTIFIER ::=
{iso(1) identified-organization(3) oiw(14) secsig(3)
algorithms(2) 7} -- from OIW
des-EDE3-CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 7}
rc2CBC OBJECT IDENTIFIER ::= {encryptionAlgorithm 2}
--PSIM(Ignore) RC2-CBC-Parameter ::= SEQUENCE {
--PSIM(Ignore) rc2ParameterVersion INTEGER OPTIONAL,
--PSIM(Ignore) iv OCTET STRING (SIZE(8))
--PSIM(Ignore) }
rc5-CBC-PAD OBJECT IDENTIFIER ::= {encryptionAlgorithm 9}
--PSIM(Ignore) RC5-CBC-Parameters ::= SEQUENCE {
--PSIM(Ignore) version INTEGER {v1-0(16)} (v1-0),
--PSIM(Ignore) rounds INTEGER (8..127),
--PSIM(Ignore) blockSizeInBits INTEGER (64 | 128),
--PSIM(Ignore) iv OCTET STRING OPTIONAL
--PSIM(Ignore) }
END