File: CryptographicMessageSyntaxAlgorithms-2009.asn1

package info (click to toggle)
erlang 1%3A27.3.4.1%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 225,000 kB
  • sloc: erlang: 1,658,966; ansic: 405,769; cpp: 177,850; xml: 82,435; makefile: 15,031; sh: 14,401; lisp: 9,812; java: 8,603; asm: 6,541; perl: 5,836; python: 5,484; sed: 72
file content (248 lines) | stat: -rw-r--r-- 7,617 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
 
   CryptographicMessageSyntaxAlgorithms-2009
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) modules(0) id-mod-cmsalg-2001-02(37) }
   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN
   IMPORTS

   ParamOptions, DIGEST-ALGORITHM, SIGNATURE-ALGORITHM,
      PUBLIC-KEY, KEY-DERIVATION, KEY-WRAP, MAC-ALGORITHM,
      KEY-AGREE, KEY-TRANSPORT, CONTENT-ENCRYPTION, ALGORITHM,
      AlgorithmIdentifier{}, SMIME-CAPS
   FROM AlgorithmInformation-2009
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0)
       id-mod-algorithmInformation-02(58)}

   pk-rsa, pk-dh, pk-dsa, rsaEncryption, DHPublicKey, dhpublicnumber
   FROM PKIXAlgs-2009
        {iso(1) identified-organization(3) dod(6)
        internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
        id-mod-pkix1-algorithms2008-02(56)}

   cap-RC2CBC
   FROM SecureMimeMessageV3dot1-2009
        {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
        smime(16) modules(0) id-mod-msg-v3dot1-02(39)};

   --  2. Hash algorithms in this document

   MessageDigestAlgs DIGEST-ALGORITHM ::= {
   --   mda-md5 | mda-sha1,
        ... }

   --  3. Signature algorithms in this document

   SignatureAlgs SIGNATURE-ALGORITHM ::= {
   --  See RFC 3279
   --  sa-dsaWithSHA1 |  sa-rsaWithMD5 | sa-rsaWithSHA1,
       ... }

   --  4.  Key Management Algorithms
   --  4.1 Key Agreement Algorithms

   KeyAgreementAlgs KEY-AGREE ::= { kaa-esdh | kaa-ssdh, ...}
   KeyAgreePublicKeys PUBLIC-KEY ::= { pk-dh, ...}

   --  4.2  Key Transport Algorithms

   KeyTransportAlgs KEY-TRANSPORT ::= { kt-rsa, ... }

   --  4.3  Symmetric Key-Encryption Key Algorithms

   KeyWrapAlgs KEY-WRAP ::= { kwa-3DESWrap | kwa-RC2Wrap, ... }

   --  4.4  Key Derivation Algorithms

   KeyDerivationAlgs KEY-DERIVATION ::= { kda-PBKDF2, ... }

   --  5.  Content Encryption Algorithms

   ContentEncryptionAlgs CONTENT-ENCRYPTION ::=
       { cea-3DES-cbc | cea-RC2-cbc, ... }

   --  6.  Message Authentication Code Algorithms

   MessageAuthAlgs MAC-ALGORITHM ::= { maca-hMAC-SHA1, ... }

   --  S/MIME Capabilities for these items

   SMimeCaps SMIME-CAPS ::= {
       kaa-esdh.&smimeCaps         |
       kaa-ssdh.&smimeCaps         |
       kt-rsa.&smimeCaps           |
       kwa-3DESWrap.&smimeCaps     |
       kwa-RC2Wrap.&smimeCaps      |
       cea-3DES-cbc.&smimeCaps     |
       cea-RC2-cbc.&smimeCaps      |
       maca-hMAC-SHA1.&smimeCaps,
       ...}

   --
   --
   --

   -- Algorithm Identifiers

   -- rsaEncryption OBJECT IDENTIFIER ::= { iso(1) member-body(2)
   --    us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 1 }

   id-alg-ESDH OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
      rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 5 }

   id-alg-SSDH OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
      rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 10 }

   id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6 }

   id-alg-CMSRC2wrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 7 }

   des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) encryptionAlgorithm(3) 7 }

   rc2-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
      rsadsi(113549) encryptionAlgorithm(3) 2 }

   hMAC-SHA1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
      dod(6) internet(1) security(5) mechanisms(5) 8 1 2 }

   id-PBKDF2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
      rsadsi(113549) pkcs(1) pkcs-5(5) 12 }

   -- Algorithm Identifier Parameter Types

   KeyWrapAlgorithm ::=
       AlgorithmIdentifier {KEY-WRAP, {KeyWrapAlgs }}

   RC2wrapParameter ::= RC2ParameterVersion
   RC2ParameterVersion ::= INTEGER

   CBCParameter ::= IV

   IV ::= OCTET STRING  -- exactly 8 octets

   RC2CBCParameter ::= SEQUENCE {
       rc2ParameterVersion INTEGER (1..256),
       iv OCTET STRING  }  -- exactly 8 octets

   maca-hMAC-SHA1 MAC-ALGORITHM ::= {
       IDENTIFIER hMAC-SHA1
       PARAMS TYPE NULL ARE preferredAbsent
       IS-KEYED-MAC TRUE
       SMIME-CAPS {IDENTIFIED BY hMAC-SHA1}
   }

   PBKDF2-PRFsAlgorithmIdentifier ::= AlgorithmIdentifier{ ALGORITHM,
                                          {PBKDF2-PRFs} }

   alg-hMAC-SHA1 ALGORITHM ::=
       { IDENTIFIER hMAC-SHA1 PARAMS TYPE NULL ARE required }

   PBKDF2-PRFs ALGORITHM ::= { alg-hMAC-SHA1, ... }

   PBKDF2-SaltSources ALGORITHM ::= { ... }

   PBKDF2-SaltSourcesAlgorithmIdentifier ::=
       AlgorithmIdentifier {ALGORITHM, {PBKDF2-SaltSources}}

   defaultPBKDF2 PBKDF2-PRFsAlgorithmIdentifier ::=
       { algorithm alg-hMAC-SHA1.&id, parameters NULL:NULL }

   PBKDF2-params ::= SEQUENCE {
       salt CHOICE {
           specified OCTET STRING,
           otherSource PBKDF2-SaltSourcesAlgorithmIdentifier },
       iterationCount INTEGER (1..MAX),
       keyLength INTEGER (1..MAX) OPTIONAL,
       prf PBKDF2-PRFsAlgorithmIdentifier DEFAULT
               defaultPBKDF2
           }

   --
   --  This object is included for completeness.  It should not be used
   --      for encoding of signatures, but was sometimes used in older
   --      versions of CMS for encoding of RSA signatures.
   --
   --
   -- sa-rsa SIGNATURE-ALGORITHM ::= {
   --         IDENTIFIER rsaEncryption
   --         - - value is not ASN.1 encoded
   --         PARAMS TYPE NULL ARE required
   --         HASHES {mda-sha1 | mda-md5, ...}
   --         PUBLIC-KEYS { pk-rsa}
   -- }
   --
   -- No ASN.1 encoding is applied to the signature value
   --    for these items

   kaa-esdh KEY-AGREE ::= {
        IDENTIFIER id-alg-ESDH
        PARAMS TYPE KeyWrapAlgorithm ARE required
        PUBLIC-KEYS { pk-dh }
        -- UKM is not ASN.1 encoded
        UKM ARE optional
        SMIME-CAPS {TYPE KeyWrapAlgorithm IDENTIFIED BY id-alg-ESDH}
   }

   kaa-ssdh KEY-AGREE ::= {
        IDENTIFIER id-alg-SSDH
        PARAMS TYPE KeyWrapAlgorithm ARE required
        PUBLIC-KEYS {pk-dh}
        -- UKM is not ASN.1 encoded
        UKM ARE optional
        SMIME-CAPS {TYPE KeyWrapAlgorithm IDENTIFIED BY id-alg-SSDH}
   }

   dh-public-number OBJECT IDENTIFIER ::= dhpublicnumber

   pk-originator-dh PUBLIC-KEY ::= {
       IDENTIFIER dh-public-number
       KEY DHPublicKey
       PARAMS ARE absent
       CERT-KEY-USAGE {keyAgreement, encipherOnly, decipherOnly}
   }

   kwa-3DESWrap KEY-WRAP ::= {
        IDENTIFIER id-alg-CMS3DESwrap
        PARAMS TYPE NULL ARE required
        SMIME-CAPS {IDENTIFIED BY id-alg-CMS3DESwrap}
   }

   kwa-RC2Wrap KEY-WRAP ::= {
        IDENTIFIER id-alg-CMSRC2wrap
        PARAMS TYPE RC2wrapParameter ARE required
        SMIME-CAPS { IDENTIFIED BY id-alg-CMSRC2wrap }
   }

   kda-PBKDF2 KEY-DERIVATION ::= {
       IDENTIFIER id-PBKDF2
       PARAMS TYPE PBKDF2-params ARE required
       -- No S/MIME caps defined
   }

   cea-3DES-cbc CONTENT-ENCRYPTION ::= {
       IDENTIFIER des-ede3-cbc
       PARAMS TYPE IV ARE required
       SMIME-CAPS { IDENTIFIED BY des-ede3-cbc }
   }

   cea-RC2-cbc CONTENT-ENCRYPTION ::= {
       IDENTIFIER rc2-cbc
       PARAMS TYPE RC2CBCParameter ARE required
       SMIME-CAPS cap-RC2CBC
   }

   kt-rsa KEY-TRANSPORT ::= {
       IDENTIFIER rsaEncryption
       PARAMS TYPE NULL ARE required
       PUBLIC-KEYS { pk-rsa }
       SMIME-CAPS {IDENTIFIED BY rsaEncryption}
   }

   --  S/MIME Capabilities - most have no label.

   cap-3DESwrap SMIME-CAPS ::= { IDENTIFIED BY id-alg-CMS3DESwrap }

   END