-- History -- July 8, 1998 Created. -- July 9, 1998 Renamed types and enhanced RSAES-OAEP-Params. -- Added pkcs1Algorithms. -- -- This module defines OIDs used to define -- PKCS #1 version 2.0 -- PKCS1OIDS DEFINITIONS IMPLICIT TAGS ::= BEGIN EXPORTS ALL; -- Object Identifiers -- -- The DER for this in hexadecimal is: -- 06 08 -- 2A 86 48 86 F7 0D 01 01 -- pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } -- -- When the following OIDs are used in an AlgorithmIdentifier -- the parameters MUST be present and MUST be NULL. -- rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 } md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } rsaOAEPEncryptionSET OBJECT IDENTIFIER ::= { pkcs-1 6 } -- -- When id-RSAES-OAEP is used in an AlgorithmIdentifier -- the parameters MUST be present and MUST be RSAES-OAEP-params. -- id-RSAES-OAEP OBJECT IDENTIFIER ::= { pkcs-1 7 } -- -- When id-mgf1 is used in an AlgorithmIdentifier -- the parameters MUST be present and MUST be -- a DigestAlgorithmIdentifier, specifically sha1Identifier. -- id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 } -- -- When id-pSpecified is used in an AlgorithmIdentifier -- the parameters MUST be an OCTET STRING. -- id-pSpecified OBJECT IDENTIFIER ::= { pkcs-1 9 } -- -- This OID really belongs in a module with the secsig OIDs. -- There may be duplication definition errors due to putting -- this OID here. -- id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } END -- PKCS1OIDS -- -- This module defines primitives used to define -- PKCS #1 version 2.0 -- PKCS1Basics DEFINITIONS IMPLICIT TAGS ::= BEGIN EXPORTS ALL; IMPORTS rsaEncryption, md2WithRSAEncryption, md4WithRSAEncryption, md5WithRSAEncryption, sha1WithRSAEncryption, rsaOAEPEncryptionSET, id-RSAES-OAEP, id-mgf1, id-pSpecified, id-sha1 FROM PKCS1OIDS; ALGORITHM-IDENTIFIER ::= TYPE-IDENTIFIER -- Note: the parameter InfoObjectSet in the following definitions -- allows a distinct information object set to be specified for -- sets of algorithms such as: -- DigestAlgorithms ALGORITHM-IDENTIFIER ::= { -- { NULL IDENTIFIED BY id-sha1 }, -- { NULL IDENTIFIED BY id-md5 }, -- { NULL IDENTIFIED BY id-md2 } -- } -- AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::= SEQUENCE { algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}), parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet} {@algorithm}) OPTIONAL } -- -- Allowed OAEP digest algorithms. -- oaepDigestAlgorithms ALGORITHM-IDENTIFIER ::= { { NULL IDENTIFIED BY id-sha1 } } -- -- Algorithm Identifier for SHA1, which is the OAEP default. -- sha1Identifier ::= AlgorithmIdentifier { id-sha1, NULL } -- -- Allowed Mask Generation Function algorithms. -- If the identifier is id-mgf1, the parameters -- are a single digest algorithm identifier. -- pkcs1MGFAlgorithms ALGORITHM-IDENTIFIER ::= { { AlgorithmIdentifier { {oaepDigestAlgorithms} }, IDENTIFIED BY id-mgf1 } } -- -- Allowed algorithms for pGenFunc. -- pkcs1PGenAlgorithms ALGORITHM-IDENTIFIER ::= { { OCTET STRING IDENTIFIED BY id-pSpecified } } -- -- Default AlgorithmIdentifier for id-RSAES-OAEP.maskGenFunc. -- mgf1SHA1Identifier ::= AlgorithmIdentifier { id-mgf1, sha1Identifier } -- -- Type identifier definitions for the PKCS #1 OIDs. -- pkcs1Algorithms ALGORITHM-IDENTIFIER ::= { { NULL IDENTIFIED BY rsaEncryption }, { NULL IDENTIFIED BY md2WithRSAEncryption }, { NULL IDENTIFIED BY md4WithRSAEncryption } { NULL IDENTIFIED BY md5WithRSAEncryption }, { NULL IDENTIFIED BY sha1WithRSAEncryption }, { NULL IDENTIFIED BY rsaOAEPEncryptionSET } { RSAES-OAEP-params IDENTIFIED BY id-RSAES-OAEP }, { AlgorithmIdentifier { {oaepDigestAlgorithms} } IDENTIFIED BY id-mgf1 }, { OCTET STRING IDENTIFIED BY id-pSpecified } } END -- PKCS1Basics -- -- This module defines the main structures of PKCS #1. -- PKCS1Definitions DEFINITIONS IMPLICIT TAGS ::= BEGIN EXPORTS ALL; IMPORTS AlgorithmIdentifier, oaepDigestAlgorithms, pkcs1MGFAlgorithms, mgf1SHA1Identifier FROM PKCS1Basics; -- -- Representation of RSA public key -- RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- (Usually large) n = p*q publicExponent INTEGER -- (Usually small) e } -- -- Representation of RSA private key with p and q -- information for the CRT algorithm. -- RSAPrivateKey ::= SEQUENCE { version INTEGER { RSAPrivateKeyVer0(0) } (RSAPrivateKeyVer0), modulus INTEGER, -- (Usually large) n publicExponent INTEGER, -- (Usually small) e privateExponent INTEGER, -- (Usually large) d prime1 INTEGER, -- (Usually large) p prime2 INTEGER, -- (Usually large) q exponent1 INTEGER, -- (Usually large) d mod (p-1) exponent2 INTEGER, -- (Usually large) d mod (q-1) coefficient INTEGER -- (Usually large) (inverse of q) mod p } -- -- AlgorithmIdentifier.paramters for id-RSAES-OAEP. -- Note that the tags in this Sequence are explicit. -- RSAES-OAEP-params ::= SEQUENCE { hashFunc [0] AlgorithmIdentifier { {oaepDigestAlgorithms} } DEFAULT sha1Identifier, maskGenFunc [1] AlgorithmIdentifier { {pkcs1MGFAlgorithms} } DEFAULT mgf1SHA1Identifier, pSourceFunc [2] AlgorithmIdentifier { {pkcs1PGenAlgorithms} } DEFAULT pSpecifiedEmptyIdentifier } -- -- This identifier means that P is an empty string, so the digest -- of the empty string appears in the RSA block before masking. -- pSpecifiedEmptyIdentifier ::= AlgorithmIdentifier { id-pSpecified, OCTET STRING SIZE (0) } -- -- Identifier for RSAES-OAEP. -- The DER Encoding of this is in hexadecimal: -- 30 0D -- 06 09 -- 2A 86 48 86 F7 0D 01 01 07 -- 30 00 -- Notice that the DER encoding of default values is "empty". -- RSAES-OAEP-Default-Identifier ::= AlgorithmIdentifier { id-RSAES-OAEP, { sha1Identifier, mgf1SHA1Identifier, pSpecifiedEmptyIdentifier } } END -- PKCS1Definitions