draft-ietf-smime-3278bis-08.txt   draft-ietf-smime-3278bis-09.txt 
S/MIME WG Sean Turner, IECA S/MIME WG Sean Turner, IECA
Internet Draft Dan Brown, Certicom Internet Draft Dan Brown, Certicom
Intended Status: Informational May 29, 2009 Intended Status: Informational June 5, 2009
Obsoletes: 3278 (once approved) Obsoletes: 3278 (once approved)
Expires: November 29, 2009 Expires: December 5, 2009
Use of Elliptic Curve Cryptography (ECC) Algorithms Use of Elliptic Curve Cryptography (ECC) Algorithms
in Cryptographic Message Syntax (CMS) in Cryptographic Message Syntax (CMS)
draft-ietf-smime-3278bis-08.txt draft-ietf-smime-3278bis-09.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. This document may contain material provisions of BCP 78 and BCP 79. This document may contain material
from IETF Documents or IETF Contributions published or made publicly from IETF Documents or IETF Contributions published or made publicly
available before November 10, 2008. The person(s) controlling the available before November 10, 2008. The person(s) controlling the
copyright in some of this material may not have granted the IETF copyright in some of this material may not have granted the IETF
Trust the right to allow modifications of such material outside the Trust the right to allow modifications of such material outside the
IETF Standards Process. Without obtaining an adequate license from IETF Standards Process. Without obtaining an adequate license from
skipping to change at page 1, line 42 skipping to change at page 2, line 4
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on December 5, 2009.
This Internet-Draft will expire on November 29, 2009.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info). publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 43 skipping to change at page 2, line 44
single word subscribe in the body of the message. There is a Web site single word subscribe in the body of the message. There is a Web site
for the mailing list at <http://www.imc.org/ietf-smime/>. for the mailing list at <http://www.imc.org/ietf-smime/>.
Table of Contents Table of Contents
1. Introduction...................................................3 1. Introduction...................................................3
1.1. Requirements Terminology..................................4 1.1. Requirements Terminology..................................4
2. SignedData using ECC...........................................4 2. SignedData using ECC...........................................4
2.1. SignedData using ECDSA....................................4 2.1. SignedData using ECDSA....................................4
3. EnvelopedData using ECC Algorithms.............................5 3. EnvelopedData using ECC Algorithms.............................5
3.1. EnvelopedData using (ephemeral-static) ECDH...............5 3.1. EnvelopedData using (ephemeral-static) ECDH...............6
3.2. EnvelopedData using 1-Pass ECMQV..........................8 3.2. EnvelopedData using 1-Pass ECMQV..........................8
4. AuthenticatedData and AuthEnvelopedData using ECC.............10 4. AuthenticatedData and AuthEnvelopedData using ECC.............11
4.1. AuthenticatedData using 1-pass ECMQV.....................11 4.1. AuthenticatedData using 1-pass ECMQV.....................11
4.2. AuthEnvelopedData using 1-pass ECMQV.....................12 4.2. AuthEnvelopedData using 1-pass ECMQV.....................12
5. Certificates using ECC........................................13 5. Certificates using ECC........................................13
6. SMIMECapabilities Attribute and ECC...........................13 6. SMIMECapabilities Attribute and ECC...........................13
7. ASN.1 Syntax..................................................21 7. ASN.1 Syntax..................................................21
7.1. Algorithm Identifiers....................................21 7.1. Algorithm Identifiers....................................21
7.2. Other Syntax.............................................24 7.2. Other Syntax.............................................25
8. Recommended Algorithms and Elliptic Curves....................26 8. Recommended Algorithms and Elliptic Curves....................27
9. Security Considerations.......................................28 9. Security Considerations.......................................29
10. IANA Considerations..........................................33 10. IANA Considerations..........................................34
11. References...................................................33 11. References...................................................34
11.1. Normative...............................................33 11.1. Normative...............................................34
11.2. Informative.............................................35 11.2. Informative.............................................36
Appendix A ASN.1 Modules.........................................36 Appendix A ASN.1 Modules.........................................37
Appendix A.1 1988 ASN.1 Module................................36 Appendix A.1 1988 ASN.1 Module................................37
Appendix A.2 2004 ASN.1 Module................................43 Appendix A.2 2004 ASN.1 Module................................46
Appendix B Changes since RFC 3278................................57 Appendix B Changes since RFC 3278................................61
Acknowledgements.................................................59 Acknowledgements.................................................63
Author's Addresses...............................................59 Author's Addresses...............................................63
1. Introduction 1. Introduction
The Cryptographic Message Syntax (CMS) is cryptographic algorithm The Cryptographic Message Syntax (CMS) is cryptographic algorithm
independent. This specification defines a profile for the use of independent. This specification defines a profile for the use of
Elliptic Curve Cryptography (ECC) public key algorithms in the CMS. Elliptic Curve Cryptography (ECC) public key algorithms in the CMS.
The ECC algorithms are incorporated into the following CMS content The ECC algorithms are incorporated into the following CMS content
types: types:
- 'SignedData' to support ECC-based digital signature methods - 'SignedData' to support ECC-based digital signature methods
skipping to change at page 29, line 26 skipping to change at page 30, line 26
AuthEnvelopedData, there are five algorithm related choices that need AuthEnvelopedData, there are five algorithm related choices that need
to be made: to be made:
1) What is the public key size? 1) What is the public key size?
2) What is the KDF? 2) What is the KDF?
3) What is the key wrap algorithm? 3) What is the key wrap algorithm?
4) What is the content encryption algorithm? 4) What is the content encryption algorithm?
5) What is the curve? 5) What is the curve?
Consideration must be given to the strength of the security provided Consideration must be given to the strength of the security provided
by each of these choices. Security is measured in bits, where a by each of these choices. Security algorithm strength is measured in
strong symmetric cipher with a key of X bits is said to provide X bits, where bits is measured in equivalence to a symmetric cipher
bits of security. It is recommended that the bits of security algorithm. Thus a strong symmetric cipher algorithm with a key of X
provided by each are roughly equivalent. The following table provides bits is said to provide X bits of security. For other algorithms, the
comparable minimum bits of security [SP800-57] for the ECDH/ECMQV key key size is mapped to an equivalent symmetric cipher strength. It is
sizes, KDFs, key wrapping algorithms, and content encryption recommended that the bits of security provided by each are roughly
algorithms. It also lists curves [PKI-ALG] for the key sizes. equivalent. The following table provides comparable minimum bits of
security [SP800-57] for the ECDH/ECMQV key sizes, KDFs, key wrapping
algorithms, and content encryption algorithms. It also lists curves
[PKI-ALG] for the key sizes.
Minimum | ECDH or | Key | Key | Content | Curves Minimum | ECDH or | Key | Key | Content | Curves
Bits of | ECQMV | Derivation | Wrap | Encryption | Bits of | ECQMV | Derivation | Wrap | Encryption |
Security | Key Size | Function | Alg. | Alg. | Security | Key Size | Function | Alg. | Alg. |
---------+----------+------------+----------+-------------+---------- ---------+----------+------------+----------+-------------+----------
80 | 160-223 | SHA-1 | 3DES | 3DES CBC | sect163k1 80 | 160-223 | SHA-1 | 3DES | 3DES CBC | sect163k1
| | SHA-224 | AES-128 | AES-128 CBC | secp163r2 | | SHA-224 | AES-128 | AES-128 CBC | secp163r2
| | SHA-256 | AES-192 | AES-192 CBC | secp192r1 | | SHA-256 | AES-192 | AES-192 CBC | secp192r1
| | SHA-384 | AES-256 | AES-256 CBC | | | SHA-384 | AES-256 | AES-256 CBC |
| | SHA-512 | | | | | SHA-512 | | |
skipping to change at page 35, line 38 skipping to change at page 36, line 42
[K] B. Kaliski, "MQV Vulnerability", Posting to ANSI X9F1 [K] B. Kaliski, "MQV Vulnerability", Posting to ANSI X9F1
and IEEE P1363 newsgroups, 1998. and IEEE P1363 newsgroups, 1998.
[PKI-ASN] Hoffman, P., and J. Schaad, "New ASN.1 Modules for [PKI-ASN] Hoffman, P., and J. Schaad, "New ASN.1 Modules for
PKIX", draft-ietf-pkix-new-asn1, work-in-progress. PKIX", draft-ietf-pkix-new-asn1, work-in-progress.
[SP800-57] National Institute of Standards and Technology [SP800-57] National Institute of Standards and Technology
(NIST), Special Publication 800-57: Recommendation (NIST), Special Publication 800-57: Recommendation
for Key Management - Part 1 (Revised), March 2007. for Key Management - Part 1 (Revised), March 2007.
[X.680] ITU-T Recommendation X.680 (2002) | ISO/IEC 8824-
1:2002. Information Technology - Abstract Syntax
Notation One.
[X.681] ITU-T Recommendation X.681 (2002) | ISO/IEC 8824- [X.681] ITU-T Recommendation X.681 (2002) | ISO/IEC 8824-
2:2002. Information Technology - Abstract Syntax 2:2002. Information Technology - Abstract Syntax
Notation One: Information Object Specification. Notation One: Information Object Specification.
[X.682] ITU-T Recommendation X.682 (2002) | ISO/IEC 8824- [X.682] ITU-T Recommendation X.682 (2002) | ISO/IEC 8824-
3:2002. Information Technology - Abstract Syntax 3:2002. Information Technology - Abstract Syntax
Notation One: Constraint Specification. Notation One: Constraint Specification.
[X.683] ITU-T Recommendation X.683 (2002) | ISO/IEC 8824- [X.683] ITU-T Recommendation X.683 (2002) | ISO/IEC 8824-
4:2002. Information Technology - Abstract Syntax 4:2002. Information Technology - Abstract Syntax
skipping to change at page 36, line 29 skipping to change at page 37, line 29
2002 ASN.1. This appendix contains the same information as Appendix 2002 ASN.1. This appendix contains the same information as Appendix
A.1 in a more recent (and precise) ASN.1 notation, however Appendix A.1 in a more recent (and precise) ASN.1 notation, however Appendix
A.1 takes precedence in case of conflict. A.1 takes precedence in case of conflict.
NOTE: The values for the TBAs will be included during AUTH48. NOTE: The values for the TBAs will be included during AUTH48.
//** RFC Editor: Remove this note prior to publication **// //** RFC Editor: Remove this note prior to publication **//
Appendix A.1 1988 ASN.1 Module Appendix A.1 1988 ASN.1 Module
SMIMEECCAlgs-1988 CMSECCAlgs-2009-88
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) TBA1 } smime(16) modules(0) id-mod-cms-ecc-alg-2009-88(45) }
DEFINITIONS IMPLICIT TAGS ::= DEFINITIONS IMPLICIT TAGS ::=
BEGIN BEGIN
--
-- Copyright (c) 2009 IETF Trust and the persons identified as
-- authors of the code. All rights reserved.
--
-- Redistribution and use in source and binary forms, with or
-- without modification, are permitted provided that the following
-- conditions are met:
--
-- - Redistributions of source code must retain the above copyright
-- notice, this list of conditions and the following disclaimer.
--
-- - Redistributions in binary form must reproduce the above
-- copyright notice, this list of conditions and the following
-- disclaimer in the documentation and/or other materials provided
-- with the distribution.
--
-- - Neither the name of Internet Society, IETF or IETF Trust, nor
-- the names of specific contributors, may be used to endorse or
-- promote products derived from this software without specific
-- prior written permission.
--
--
--
-- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
-- CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
-- CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-- OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-- CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-- STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-- ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--
-- This version of the ASN.1 module is part of RFC XXXX;
-- see the RFC itself for full legal notices.
--
-- EXPORTS ALL -- EXPORTS ALL
IMPORTS IMPORTS
-- From [PKI] -- From [PKI]
AlgorithmIdentifier AlgorithmIdentifier
FROM PKIX1Explicit88 FROM PKIX1Explicit88
{ iso(1) identified-organization(3) dod(6) { iso(1) identified-organization(3) dod(6)
internet(1) security(5) mechanisms(5) pkix(7) mod(0) internet(1) security(5) mechanisms(5) pkix(7) mod(0)
skipping to change at page 37, line 42 skipping to change at page 40, line 4
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) cmsalg-2001(16) } smime(16) modules(0) cmsalg-2001(16) }
-- From [CMS-AES] -- From [CMS-AES]
id-aes128-CBC, id-aes192-CBC, id-aes256-CBC, AES-IV, id-aes128-CBC, id-aes192-CBC, id-aes256-CBC, AES-IV,
id-aes128-wrap, id-aes192-wrap, id-aes256-wrap id-aes128-wrap, id-aes192-wrap, id-aes256-wrap
FROM CMSAesRsaesOaep FROM CMSAesRsaesOaep
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cms-aes(19) } smime(16) modules(0) id-mod-cms-aes(19) }
-- From [CMS-AESCG] -- From [CMS-AESCG]
id-aes128-CCM, id-aes192-CCM, id-aes256-CCM, CCMParameters id-aes128-CCM, id-aes192-CCM, id-aes256-CCM, CCMParameters
id-aes128-GCM, id-aes192-GCM, id-aes256-GCM, GCMParameters id-aes128-GCM, id-aes192-GCM, id-aes256-GCM, GCMParameters
FROM CMS-AES-CCM-and-AES-GCM FROM CMS-AES-CCM-and-AES-GCM
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cms-aes(32) } smime(16) modules(0) id-mod-cms-aes(32) }
; ;
-- --
-- Message Digest Algorithms -- Message Digest Algorithms: Imported from [PKI-ALG] and [RSAOAEP]
-- --
-- id-sha1 Parameters are preferred absent -- id-sha1 Parameters are preferred absent
-- id-sha224 Parameters are preferred absent -- id-sha224 Parameters are preferred absent
-- id-sha256 Parameters are preferred absent -- id-sha256 Parameters are preferred absent
-- id-sha384 Parameters are preferred absent -- id-sha384 Parameters are preferred absent
-- id-sha512 Parameters are preferred absent -- id-sha512 Parameters are preferred absent
-- --
-- Signature Algorithms -- Signature Algorithms: Imported from [PKI-ALG]
-- --
-- ecdsa-with-SHA1 Parameters are NULL -- ecdsa-with-SHA1 Parameters are NULL
-- ecdsa-with-SHA224 Parameters are absent -- ecdsa-with-SHA224 Parameters are absent
-- ecdsa-with-SHA256 Parameters are absent -- ecdsa-with-SHA256 Parameters are absent
-- ecdsa-with-SHA384 Parameters are absent -- ecdsa-with-SHA384 Parameters are absent
-- ecdsa-with-SHA512 Parameters are absent -- ecdsa-with-SHA512 Parameters are absent
-- ECDSA Signature Value -- ECDSA Signature Value
-- Contents of SignatureValue OCTET STRING -- Contents of SignatureValue OCTET STRING
skipping to change at page 40, line 17 skipping to change at page 42, line 24
mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 1 } secg-scheme 15 1 }
mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 2 } secg-scheme 15 2 }
mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 3 } secg-scheme 15 3 }
-- --
-- Key Wrap Algorithms -- Key Wrap Algorithms: Imported from [CMS-ALG] and [CMS-AES]
-- --
KeyWrapAlgorithm ::= AlgorithmIdentifier KeyWrapAlgorithm ::= AlgorithmIdentifier
-- id-alg-CMS3DESwrap Parameters are NULL -- id-alg-CMS3DESwrap Parameters are NULL
-- id-aes128-wrap Parameters are absent -- id-aes128-wrap Parameters are absent
-- id-aes192-wrap Parameters are absent -- id-aes192-wrap Parameters are absent
-- id-aes256-wrap Parameters are absent -- id-aes256-wrap Parameters are absent
-- --
-- Content Encryption Algorithms -- Content Encryption Algorithms: Imported from [CMS-ALG]
-- and [CMS-AES]
-- --
-- des-ede3-cbc Parameters are CBCParameter -- des-ede3-cbc Parameters are CBCParameter
-- id-aes128-CBC Parameters are AES-IV -- id-aes128-CBC Parameters are AES-IV
-- id-aes192-CBC Parameters are AES-IV -- id-aes192-CBC Parameters are AES-IV
-- id-aes256-CBC Parameters are AES-IV -- id-aes256-CBC Parameters are AES-IV
-- id-aes128-CCM Parameters are CCMParameters -- id-aes128-CCM Parameters are CCMParameters
-- id-aes192-CCM Parameters are CCMParameters -- id-aes192-CCM Parameters are CCMParameters
-- id-aes256-CCM Parameters are CCMParameters -- id-aes256-CCM Parameters are CCMParameters
-- id-aes128-GCM Parameters are GCMParameters -- id-aes128-GCM Parameters are GCMParameters
skipping to change at page 40, line 41 skipping to change at page 43, line 4
-- des-ede3-cbc Parameters are CBCParameter -- des-ede3-cbc Parameters are CBCParameter
-- id-aes128-CBC Parameters are AES-IV -- id-aes128-CBC Parameters are AES-IV
-- id-aes192-CBC Parameters are AES-IV -- id-aes192-CBC Parameters are AES-IV
-- id-aes256-CBC Parameters are AES-IV -- id-aes256-CBC Parameters are AES-IV
-- id-aes128-CCM Parameters are CCMParameters -- id-aes128-CCM Parameters are CCMParameters
-- id-aes192-CCM Parameters are CCMParameters -- id-aes192-CCM Parameters are CCMParameters
-- id-aes256-CCM Parameters are CCMParameters -- id-aes256-CCM Parameters are CCMParameters
-- id-aes128-GCM Parameters are GCMParameters -- id-aes128-GCM Parameters are GCMParameters
-- id-aes192-GCM Parameters are GCMParameters -- id-aes192-GCM Parameters are GCMParameters
-- id-aes256-GCM Parameters are GCMParameters -- id-aes256-GCM Parameters are GCMParameters
-- --
-- Message Authentication Code Algorithms -- Message Authentication Code Algorithms
-- --
-- hMAC-SHA1 Parameters are preferred absent -- hMAC-SHA1 Parameters are preferred absent
-- HMAC with SHA-224, SHA-256, SHA_384, and SHA-512 Parameters are -- HMAC with SHA-224, SHA-256, SHA_384, and SHA-512 Parameters are
-- absent -- absent
id-hmacWithSHA224 OBJECT IDENTIFIER ::= { id-hmacWithSHA224 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 8 }
id-hmacWithSHA256 OBJECT IDENTIFIER ::= { id-hmacWithSHA256 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 9 } iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 9 }
id-hmacWithSHA384 OBJECT IDENTIFIER ::= { id-hmacWithSHA384 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 10 iso(1) member-body(2) us(840) rsadsi(113549)
} digestAlgorithm(2) 10 }
id-hmacWithSHA512 OBJECT IDENTIFIER ::= { id-hmacWithSHA512 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 iso(1) member-body(2) us(840) rsadsi(113549)
} digestAlgorithm(2) 11 }
-- --
-- Originator Public Key Algorithms -- Originator Public Key Algorithms: Imported from [PKI-ALG]
-- --
-- id-ecPublicKey Parameters are absent, NULL, or ECParameters -- id-ecPublicKey Parameters are absent, NULL, or ECParameters
-- Format for both ephemeral and static public keys -- Format for both ephemeral and static public keys: Imported from
-- [PKI-ALG]
-- ECPoint ::= OCTET STRING -- ECPoint ::= OCTET STRING
-- ECParameters ::= CHOICE { -- ECParameters ::= CHOICE {
-- namedCurve OBJECT IDENTIFIER -- namedCurve OBJECT IDENTIFIER
-- commented out in [PKI-ALG] implicitCurve NULL -- commented out in [PKI-ALG] implicitCurve NULL
-- commented out in [PKI-ALG] specifiedCurve SpecifiedECDomain -- commented out in [PKI-ALG] specifiedCurve SpecifiedECDomain
-- commented out in [PKI-ALG] Extensible -- commented out in [PKI-ALG] ...
-- } -- }
-- implicitCurve and specifiedCurve MUST NOT be used in PKIX. -- implicitCurve and specifiedCurve MUST NOT be used in PKIX.
-- Details for SpecifiedECDomain can be found in [X9.62]. -- Details for SpecifiedECDomain can be found in [X9.62].
-- Any future additions to this CHOICE should be coordinated -- Any future additions to this CHOICE should be coordinated
-- with ANSI X9. -- with ANSI X9.
-- Format of KeyAgreeRecipientInfo ukm field when used with -- Format of KeyAgreeRecipientInfo ukm field when used with
-- ECMQV -- ECMQV
MQVuserKeyingMaterial ::= SEQUENCE { MQVuserKeyingMaterial ::= SEQUENCE {
skipping to change at page 43, line 32 skipping to change at page 46, line 18
-- hMACSHA1 Type is preferred absent -- hMACSHA1 Type is preferred absent
-- id-hmacWithSHA224 Type is absent -- id-hmacWithSHA224 Type is absent
-- if-hmacWithSHA256 Type is absent -- if-hmacWithSHA256 Type is absent
-- id-hmacWithSHA384 Type is absent -- id-hmacWithSHA384 Type is absent
-- id-hmacWithSHA512 Type is absent -- id-hmacWithSHA512 Type is absent
END END
Appendix A.2 2004 ASN.1 Module Appendix A.2 2004 ASN.1 Module
SMIMEECCAlgs-2008 CMSECCAlgs-2009-02
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) TBA2 } smime(16) modules(0) id-mod-cms-ecc-alg-2009-02(46) }
DEFINITIONS IMPLICIT TAGS ::= DEFINITIONS IMPLICIT TAGS ::=
BEGIN BEGIN
--
-- Copyright (c) 2009 IETF Trust and the persons identified as
-- authors of the code. All rights reserved.
--
-- Redistribution and use in source and binary forms, with or
-- without modification, are permitted provided that the following
-- conditions are met:
--
-- - Redistributions of source code must retain the above copyright
-- notice, this list of conditions and the following disclaimer.
--
-- - Redistributions in binary form must reproduce the above
-- copyright notice, this list of conditions and the following
-- disclaimer in the documentation and/or other materials provided
-- with the distribution.
--
-- - Neither the name of Internet Society, IETF or IETF Trust, nor
-- the names of specific contributors, may be used to endorse or
-- promote products derived from this software without specific
-- prior written permission.
--
--
--
-- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
-- CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-- DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
-- CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
-- OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-- CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-- STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-- ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--
-- This version of the ASN.1 module is part of RFC XXXX;
-- see the RFC itself for full legal notices.
--
-- EXPORTS ALL -- EXPORTS ALL
IMPORTS IMPORTS
-- From [PKI-ASN] -- From [PKI-ASN]
mda-sha1, sa-ecdsaWithSHA1, sa-ecdsaWithSHA224, sa-ecdsaWithSHA256, mda-sha1, sa-ecdsaWithSHA1, sa-ecdsaWithSHA224, sa-ecdsaWithSHA256,
sa-ecdsaWithSHA384, sa-ecdsaWithSHA512, id-ecPublicKey, sa-ecdsaWithSHA384, sa-ecdsaWithSHA512, id-ecPublicKey,
ECDSA-Sig-Value, ECPoint, ECParameters ECDSA-Sig-Value, ECPoint, ECParameters
FROM PKIXAlgs-2009 FROM PKIXAlgs-2009
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkix1-algorithms2008-02(56) } id-mod-pkix1-algorithms2008-02(56) }
skipping to change at page 44, line 21 skipping to change at page 48, line 4
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkix1-algorithms2008-02(56) } id-mod-pkix1-algorithms2008-02(56) }
-- From [PKI-ASN] -- From [PKI-ASN]
mda-sha224, mda-sha256, mda-sha384, mda-sha512 mda-sha224, mda-sha256, mda-sha384, mda-sha512
FROM PKIX1-PSS-OAEP-Algorithms-2009 FROM PKIX1-PSS-OAEP-Algorithms-2009
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkix1-rsa-pkalgs-02(54) } id-mod-pkix1-rsa-pkalgs-02(54) }
-- FROM [CMS-ASN] -- FROM [CMS-ASN]
KEY-WRAP, SIGNATURE-ALGORITHM, DIGEST-ALGORITHM, ALGORITHM, KEY-WRAP, SIGNATURE-ALGORITHM, DIGEST-ALGORITHM, ALGORITHM,
PUBLIC-KEY, MAC-ALGORITHM, CONTENT-ENCRYPTION, KEY-AGREE, SMIME-CAPS PUBLIC-KEY, MAC-ALGORITHM, CONTENT-ENCRYPTION, KEY-AGREE, SMIME-CAPS,
AlgorithmIdentifier{}
FROM AlgorithmInformation-2009 FROM AlgorithmInformation-2009
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-algorithmInformation-02(58) } id-mod-algorithmInformation-02(58) }
-- From [CMS-ASN] -- From [CMS-ASN]
OriginatorPublicKey, UserKeyingMaterial OriginatorPublicKey, UserKeyingMaterial
FROM CryptographicMessageSyntax-2009 FROM CryptographicMessageSyntax-2009
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cms-2004-02(41) } smime(16) modules(0) id-mod-cms-2004-02(41) }
-- From [CMS-ASN] -- From [CMS-ASN]
maca-hMAC-SHA1, cea-des-ede3-cbc, kwa-3DESWrap, CBCParameter maca-hMAC-SHA1, cea-3DES-cbc, kwa-3DESWrap, CBCParameter
FROM CryptographicMessageSyntaxAlgorithms-2009 FROM CryptographicMessageSyntaxAlgorithms-2009
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cmsalg-2001-02(37) } smime(16) modules(0) id-mod-cmsalg-2001-02(37) }
-- From [CMS-ASN] -- From [CMS-ASN]
cea-aes128-CBC, cea-aes192-CBC, cea-aes256-CBC, kwa-aes128-wrap, cea-aes128-cbc, cea-aes192-cbc, cea-aes256-cbc, kwa-aes128-wrap,
kwa-aes192-wrap, kwa-aes256-wrap kwa-aes192-wrap, kwa-aes256-wrap
FROM CMSAesRsaesOaep-2009 FROM CMSAesRsaesOaep-2009
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cms-aes-02(38) } smime(16) modules(0) id-mod-cms-aes-02(38) }
-- From [CMS-ASN] -- From [CMS-ASN]
cea-aes128-ccm, cea-aes192-ccm, cea-aes256-ccm, cea-aes128-gcm, cea-aes128-CCM, cea-aes192-CCM, cea-aes256-CCM, cea-aes128-GCM,
cea-aes192-gcm, cea-aes256-gcm cea-aes192-GCM, cea-aes256-GCM
FROM CMS-AES-CCM-and-AES-GCM-2009 FROM CMS-AES-CCM-and-AES-GCM-2009
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) id-mod-cms-aes-ccm-gcm-02(44) } smime(16) modules(0) id-mod-cms-aes-ccm-gcm-02(44) }
; ;
-- Constrains the SignedData digestAlgorithms field -- Constrains the SignedData digestAlgorithms field
-- Constrains the SignedData SignerInfo digestAlgorithm field -- Constrains the SignedData SignerInfo digestAlgorithm field
-- Constrains the AuthenticatedData digestAlgorithm field -- Constrains the AuthenticatedData digestAlgorithm field
-- Message Digest Algorithms: Imported from [PKI-ASN]
-- MessageDigestAlgs DIGEST-ALGORITHM ::= { -- MessageDigestAlgs DIGEST-ALGORITHM ::= {
-- mda-sha1 | -- mda-sha1 |
-- mda-sha224 | -- mda-sha224 |
-- mda-sha256 | -- mda-sha256 |
-- mda-sha384 | -- mda-sha384 |
-- mda-sha512, -- mda-sha512,
-- ... -- Extensible -- ...
-- } -- }
-- Constrains the SignedData SignerInfo signatureAlgorithm field -- Constrains the SignedData SignerInfo signatureAlgorithm field
-- Signature Algorithms: Imported from [PKI-ASN]
-- SignatureAlgs SIGNATURE-ALGORITHM ::= { -- SignatureAlgs SIGNATURE-ALGORITHM ::= {
-- sa-ecdsaWithSHA1 | -- sa-ecdsaWithSHA1 |
-- sa-ecdsaWithSHA224 | -- sa-ecdsaWithSHA224 |
-- sa-ecdsaWithSHA256 | -- sa-ecdsaWithSHA256 |
-- sa-ecdsaWithSHA384 | -- sa-ecdsaWithSHA384 |
-- sa-ecdsaWithSHA512, -- sa-ecdsaWithSHA512,
-- ... -- Extensible -- ...
-- } -- }
-- ECDSA Signature Value
-- ECDSA Signature Value: Imported from [PKI-ALG]
-- Contents of SignatureValue OCTET STRING -- Contents of SignatureValue OCTET STRING
-- ECDSA-Sig-Value ::= SEQUENCE { -- ECDSA-Sig-Value ::= SEQUENCE {
-- r INTEGER, -- r INTEGER,
-- s INTEGER -- s INTEGER
-- } -- }
-- --
-- Key Agreement Algorithms -- Key Agreement Algorithms
-- --
skipping to change at page 46, line 42 skipping to change at page 50, line 26
kaa-dhSinglePass-cofactorDH-sha1kdf-scheme | kaa-dhSinglePass-cofactorDH-sha1kdf-scheme |
kaa-dhSinglePass-cofactorDH-sha224kdf-scheme | kaa-dhSinglePass-cofactorDH-sha224kdf-scheme |
kaa-dhSinglePass-cofactorDH-sha256kdf-scheme | kaa-dhSinglePass-cofactorDH-sha256kdf-scheme |
kaa-dhSinglePass-cofactorDH-sha384kdf-scheme | kaa-dhSinglePass-cofactorDH-sha384kdf-scheme |
kaa-dhSinglePass-cofactorDH-sha512kdf-scheme | kaa-dhSinglePass-cofactorDH-sha512kdf-scheme |
kaa-mqvSinglePass-sha1kdf-scheme | kaa-mqvSinglePass-sha1kdf-scheme |
kaa-mqvSinglePass-sha224kdf-scheme | kaa-mqvSinglePass-sha224kdf-scheme |
kaa-mqvSinglePass-sha256kdf-scheme | kaa-mqvSinglePass-sha256kdf-scheme |
kaa-mqvSinglePass-sha384kdf-scheme | kaa-mqvSinglePass-sha384kdf-scheme |
kaa-mqvSinglePass-sha512kdf-scheme, kaa-mqvSinglePass-sha512kdf-scheme,
... -- Extensible ...
} }
x9-63-scheme OBJECT IDENTIFIER ::= { x9-63-scheme OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) tc68(133) country(16) x9(840) iso(1) identified-organization(3) tc68(133) country(16) x9(840)
x9-63(63) schemes(0) } x9-63(63) schemes(0) }
secg-scheme OBJECT IDENTIFIER ::= { secg-scheme OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) certicom(132) schemes(1) } iso(1) identified-organization(3) certicom(132) schemes(1) }
-- --
-- Diffie-Hellman Single Pass, Standard, with KDFs -- Diffie-Hellman Single Pass, Standard, with KDFs
-- --
-- Parameters are always present and indicate the Key Wrap Algorithm -- Parameters are always present and indicate the Key Wrap Algorithm
kaa-dhSinglePass-stdDH-sha1kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-stdDH-sha1kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-stdDH-sha1kdf-scheme IDENTIFIER dhSinglePass-stdDH-sha1kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha1kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha1kdf-scheme
} }
dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= {
x9-63-scheme 2 } x9-63-scheme 2 }
kaa-dhSinglePass-stdDH-sha224kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-stdDH-sha224kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-stdDH-sha224kdf-scheme IDENTIFIER dhSinglePass-stdDH-sha224kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha224kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha224kdf-scheme
} }
dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 11 0 } secg-scheme 11 0 }
kaa-dhSinglePass-stdDH-sha256kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-stdDH-sha256kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-stdDH-sha256kdf-scheme IDENTIFIER dhSinglePass-stdDH-sha256kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha256kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha256kdf-scheme
} }
dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 11 1 } secg-scheme 11 1 }
kaa-dhSinglePass-stdDH-sha384kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-stdDH-sha384kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-stdDH-sha384kdf-scheme IDENTIFIER dhSinglePass-stdDH-sha384kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha384kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha384kdf-scheme
} }
dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 11 2 } secg-scheme 11 2 }
kaa-dhSinglePass-stdDH-sha512kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-stdDH-sha512kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-stdDH-sha512kdf-scheme IDENTIFIER dhSinglePass-stdDH-sha512kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha512kdf-scheme } SMIME-CAPS cap-kaa-dhSinglePass-stdDH-sha512kdf-scheme
} }
dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 11 3 } secg-scheme 11 3 }
-- --
-- Diffie-Hellman Single Pass, Cofactor, with KDFs -- Diffie-Hellman Single Pass, Cofactor, with KDFs
-- --
kaa-dhSinglePass-cofactorDH-sha1kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-cofactorDH-sha1kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-cofactorDH-sha1kdf-scheme IDENTIFIER dhSinglePass-cofactorDH-sha1kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha1kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha1kdf-scheme
} }
dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= {
x9-63-scheme 3 } x9-63-scheme 3 }
kaa-dhSinglePass-cofactorDH-sha224kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-cofactorDH-sha224kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-cofactorDH-sha224kdf-scheme IDENTIFIER dhSinglePass-cofactorDH-sha224kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha224kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha224kdf-scheme
} }
dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 14 0 } secg-scheme 14 0 }
kaa-dhSinglePass-cofactorDH-sha256kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-cofactorDH-sha256kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-cofactorDH-sha256kdf-scheme IDENTIFIER dhSinglePass-cofactorDH-sha256kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha256kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha256kdf-scheme
} }
dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 14 1 } secg-scheme 14 1 }
kaa-dhSinglePass-cofactorDH-sha384kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-cofactorDH-sha384kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-cofactorDH-sha384kdf-scheme IDENTIFIER dhSinglePass-cofactorDH-sha384kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha384kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha384kdf-scheme
} }
dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 14 2 } secg-scheme 14 2 }
kaa-dhSinglePass-cofactorDH-sha512kdf-scheme KEY-AGREE ::= { kaa-dhSinglePass-cofactorDH-sha512kdf-scheme KEY-AGREE ::= {
IDENTIFIER dhSinglePass-cofactorDH-sha512kdf-scheme IDENTIFIER dhSinglePass-cofactorDH-sha512kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha512kdf-scheme SMIME-CAPS cap-kaa-dhSinglePass-cofactorDH-sha512kdf-scheme
} }
dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 14 3 } secg-scheme 14 3 }
-- --
-- MQV Single Pass, Cofactor, with KDFs -- MQV Single Pass, Cofactor, with KDFs
-- --
kaa-mqvSinglePass-sha1kdf-scheme KEY-AGREE ::= { kaa-mqvSinglePass-sha1kdf-scheme KEY-AGREE ::= {
IDENTIFIER mqvSinglePass-sha1kdf-scheme IDENTIFIER mqvSinglePass-sha1kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-mqvSinglePass-sha1kdf-scheme SMIME-CAPS cap-kaa-mqvSinglePass-sha1kdf-scheme
} }
mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= {
x9-63-scheme 16 } x9-63-scheme 16 }
kaa-mqvSinglePass-sha224kdf-scheme KEY-AGREE ::= { kaa-mqvSinglePass-sha224kdf-scheme KEY-AGREE ::= {
IDENTIFIER mqvSinglePass-sha224kdf-scheme IDENTIFIER mqvSinglePass-sha224kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-mqvSinglePass-sha224kdf-scheme SMIME-CAPS cap-kaa-mqvSinglePass-sha224kdf-scheme
} }
mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 0 } secg-scheme 15 0 }
kaa-mqvSinglePass-sha256kdf-scheme KEY-AGREE ::= { kaa-mqvSinglePass-sha256kdf-scheme KEY-AGREE ::= {
IDENTIFIER mqvSinglePass-sha256kdf-scheme IDENTIFIER mqvSinglePass-sha256kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-mqvSinglePass-sha256kdf-scheme SMIME-CAPS cap-kaa-mqvSinglePass-sha256kdf-scheme
} }
mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 1 } secg-scheme 15 1 }
kaa-mqvSinglePass-sha384kdf-scheme KEY-AGREE ::= { kaa-mqvSinglePass-sha384kdf-scheme KEY-AGREE ::= {
IDENTIFIER mqvSinglePass-sha384kdf-scheme IDENTIFIER mqvSinglePass-sha384kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-mqvSinglePass-sha384kdf-scheme SMIME-CAPS cap-kaa-mqvSinglePass-sha384kdf-scheme
} }
mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 2 } secg-scheme 15 2 }
kaa-mqvSinglePass-sha512kdf-scheme KEY-AGREE ::= { kaa-mqvSinglePass-sha512kdf-scheme KEY-AGREE ::= {
IDENTIFIER mqvSinglePass-sha512kdf-scheme IDENTIFIER mqvSinglePass-sha512kdf-scheme
PARAMS TYPE KeyWrapAlgorithm ARE required PARAMS TYPE KeyWrapAlgorithm ARE required
UKM -- TYPE unencoded data -- IS preferredPresent UKM -- TYPE unencoded data -- ARE preferredPresent
SMIME-CAPS cap-kaa-mqvSinglePass-sha512kdf-scheme SMIME-CAPS cap-kaa-mqvSinglePass-sha512kdf-scheme
} }
mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= {
secg-scheme 15 3 } secg-scheme 15 3 }
-- --
-- Key Wrap Algorithms -- Key Wrap Algorithms: Imported from [CMS-ASN]
-- --
KeyWrapAlgorithm ::= KeyWrapAlgs KeyWrapAlgorithm ::= AlgorithmIdentifier {KEY-WRAP, { KeyWrapAlgs } }
KeyWrapAlgs KEY-WRAP ::= { KeyWrapAlgs KEY-WRAP ::= {
kwa-3des | kwa-3DESWrap |
kwa-aes128 | kwa-aes128-wrap |
kwa-aes192 | kwa-aes192-wrap |
kwa-aes256, kwa-aes256-wrap,
... -- Extensible ...
} }
-- --
-- Content Encryption Algorithms -- Content Encryption Algorithms: Imported from [CMS-ASN]
-- --
-- Constrains the EnvelopedData EncryptedContentInfo encryptedContent -- Constrains the EnvelopedData EncryptedContentInfo encryptedContent
-- field and the AuthEnvelopedData EncryptedContentInfo -- field and the AuthEnvelopedData EncryptedContentInfo
-- contentEncryptionAlgorithm field -- contentEncryptionAlgorithm field
-- ContentEncryptionAlgs CONTENT-ENCRYPTION ::= { -- ContentEncryptionAlgs CONTENT-ENCRYPTION ::= {
-- cea-des-ede3-cbc | -- cea-3DES-cbc |
-- cea-aes128-cbc | -- cea-aes128-cbc |
-- cea-aes192-cbc | -- cea-aes192-cbc |
-- cea-aes256-cbc | -- cea-aes256-cbc |
-- cea-aes128-ccm | -- cea-aes128-ccm |
-- cea-aes192-ccm | -- cea-aes192-ccm |
-- cea-aes256-ccm | -- cea-aes256-ccm |
-- cea-aes128-gcm | -- cea-aes128-gcm |
-- cea-aes192-gcm | -- cea-aes192-gcm |
-- cea-aes256-gcm, -- cea-aes256-gcm,
-- ... -- Extensible -- ...
-- } -- }
-- des-ede3-cbc and aes*-cbc are used with EnvelopedData and -- des-ede3-cbc and aes*-cbc are used with EnvelopedData and
-- EncryptedData -- EncryptedData
-- aes*-ccm are used with AuthEnvelopedData -- aes*-ccm are used with AuthEnvelopedData
-- aes*-gcm are used with AuthEnvelopedData -- aes*-gcm are used with AuthEnvelopedData
-- (where * is 128, 192, and 256) -- (where * is 128, 192, and 256)
-- --
-- Message Authentication Code Algorithms -- Message Authentication Code Algorithms
skipping to change at page 51, line 46 skipping to change at page 55, line 46
-- Constrains the AuthenticatedData -- Constrains the AuthenticatedData
-- MessageAuthenticationCodeAlgorithm field -- MessageAuthenticationCodeAlgorithm field
-- --
MessageAuthAlgs MAC-ALGORITHM ::= { MessageAuthAlgs MAC-ALGORITHM ::= {
-- maca-hMAC-SHA1 | -- maca-hMAC-SHA1 |
maca-hMAC-SHA224 | maca-hMAC-SHA224 |
maca-hMAC-SHA256 | maca-hMAC-SHA256 |
maca-hMAC-SHA384 | maca-hMAC-SHA384 |
maca-hMAC-SHA512, maca-hMAC-SHA512,
... -- Extensible ...
} }
maca-hMAC-SHA224 MAC-ALGORITHM ::= { maca-hMAC-SHA224 MAC-ALGORITHM ::= {
IDENTIFIER hMAC-SHA1 IDENTIFIER id-hmacWithSHA224
PARAMS TYPE ARE absent PARAMS ARE absent
IS-KEYED-MAC TRUE IS-KEYED-MAC TRUE
SMIME-CAPS cap-hMAC-SHA224 SMIME-CAPS cap-hMAC-SHA224
} }
id-hmacWithSHA224 OBJECT IDENTIFIER ::= { id-hmacWithSHA224 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 8 } digestAlgorithm(2) 8 }
maca-hMAC-SHA256 MAC-ALGORITHM ::= { maca-hMAC-SHA256 MAC-ALGORITHM ::= {
IDENTIFIER id-hmacWithSHA256 IDENTIFIER id-hmacWithSHA256
PARAMS TYPE ARE absent PARAMS ARE absent
IS-KEYED-MAC TRUE IS-KEYED-MAC TRUE
SMIME-CAPS cap-hMAC-SHA256 SMIME-CAPS cap-hMAC-SHA256
} }
id-hmacWithSHA256 OBJECT IDENTIFIER ::= { id-hmacWithSHA256 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 9 } digestAlgorithm(2) 9 }
maca-hMAC-SHA384 MAC-ALGORITHM ::= { maca-hMAC-SHA384 MAC-ALGORITHM ::= {
IDENTIFIER id-hmacWithSHA384 IDENTIFIER id-hmacWithSHA384
PARAMS TYPE ARE absent PARAMS ARE absent
IS-KEYED-MAC TRUE IS-KEYED-MAC TRUE
SMIME-CAPS cap-hMAC-SHA384 SMIME-CAPS cap-hMAC-SHA384
} }
id-hmacWithSHA384 OBJECT IDENTIFIER ::= { id-hmacWithSHA384 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 10 } digestAlgorithm(2) 10 }
maca-hMAC-SHA512 MAC-ALGORITHM ::= { maca-hMAC-SHA512 MAC-ALGORITHM ::= {
IDENTIFIER id-hmacWithSHA512 IDENTIFIER id-hmacWithSHA512
PARAMS TYPE ARE absent PARAMS ARE absent
IS-KEYED-MAC TRUE IS-KEYED-MAC TRUE
SMIME-CAPS cap-hMAC-SHA512 SMIME-CAPS cap-hMAC-SHA512
} }
id-hmacWithSHA512 OBJECT IDENTIFIER ::= { id-hmacWithSHA512 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) iso(1) member-body(2) us(840) rsadsi(113549)
digestAlgorithm(2) 11 } digestAlgorithm(2) 11 }
-- --
-- Originator Public Key Algorithms -- Originator Public Key Algorithms
-- --
-- Constraints on KeyAgreeRecipientInfo OriginatorIdentifierOrKey -- Constraints on KeyAgreeRecipientInfo OriginatorIdentifierOrKey
-- OriginatorPublicKey algorithm field -- OriginatorPublicKey algorithm field
-- PARAMS are NULL
OriginatorPKAlgorithms PUBLIC-KEY ::= { OriginatorPKAlgorithms PUBLIC-KEY ::= {
opka-ec, opka-ec,
... -- Extensible ...
} }
opka-ec PUBLIC-KEY ::={ opka-ec PUBLIC-KEY ::={
IDENTIFIER id-ecPublicKey IDENTIFIER id-ecPublicKey
KEY ECPoint KEY ECPoint
PARAMS TYPE CHOICE { n NULL, p ECParameters } ARE preferredAbsent PARAMS TYPE CHOICE { n NULL, p ECParameters } ARE preferredAbsent
} }
-- Format for both ephemeral and static public keys -- Format for both ephemeral and static public keys: Imported from
-- [PKI-ALG]
-- ECPoint ::= OCTET STRING -- ECPoint ::= OCTET STRING
-- ECParameters ::= CHOICE { -- ECParameters ::= CHOICE {
-- namedCurve CURVE.&id({NamedCurve}) -- namedCurve CURVE.&id({NamedCurve})
-- commented out in [PKI-ALG] implicitCurve NULL -- commented out in [PKI-ALG] implicitCurve NULL
-- commented out in [PKI-ALG] specifiedCurve SpecifiedECDomain -- commented out in [PKI-ALG] specifiedCurve SpecifiedECDomain
-- commented out in [PKI-ALG] ... Extensible -- commented out in [PKI-ALG] ...
-- } -- }
-- implicitCurve and specifiedCurve MUST NOT be used in PKIX. -- implicitCurve and specifiedCurve MUST NOT be used in PKIX.
-- Details for SpecifiedECDomain can be found in [X9.62]. -- Details for SpecifiedECDomain can be found in [X9.62].
-- Any future additions to this CHOICE should be coordinated -- Any future additions to this CHOICE should be coordinated
-- with ANSI X.9. -- with ANSI X.9.
-- Format of KeyAgreeRecipientInfo ukm field when used with -- Format of KeyAgreeRecipientInfo ukm field when used with
-- ECMQV -- ECMQV
MQVuserKeyingMaterial ::= SEQUENCE { MQVuserKeyingMaterial ::= SEQUENCE {
ephemeralPublicKey OriginatorPublicKey, ephemeralPublicKey OriginatorPublicKey,
addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL
} }
-- 'SharedInfo' for input to KDF when using ECDH and ECMQV with -- 'SharedInfo' for input to KDF when using ECDH and ECMQV with
-- EnvelopedData, AuthenticatedData, or AuthEnvelopedData -- EnvelopedData, AuthenticatedData, or AuthEnvelopedData
ECC-CMS-SharedInfo ::= SEQUENCE { ECC-CMS-SharedInfo ::= SEQUENCE {
keyInfo AlgorithmIdentifier { KeyWrapAlgorithm }, keyInfo KeyWrapAlgorithm,
entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL,
suppPubInfo [2] EXPLICIT OCTET STRING suppPubInfo [2] EXPLICIT OCTET STRING
} }
-- --
-- S/MIME CAPS for algorithms in this document -- S/MIME CAPS for algorithms in this document
-- --
SMimeCAPS SMIME-CAPS ::= { SMimeCAPS SMIME-CAPS ::= {
-- mda-sha1.&smimeCaps | -- mda-sha1.&smimeCaps |
skipping to change at page 54, line 47 skipping to change at page 58, line 47
kaa-dhSinglePass-cofactorDH-sha512kdf-scheme.&smimeCaps | kaa-dhSinglePass-cofactorDH-sha512kdf-scheme.&smimeCaps |
kaa-mqvSinglePass-sha1kdf-scheme.&smimeCaps | kaa-mqvSinglePass-sha1kdf-scheme.&smimeCaps |
kaa-mqvSinglePass-sha224kdf-scheme.&smimeCaps | kaa-mqvSinglePass-sha224kdf-scheme.&smimeCaps |
kaa-mqvSinglePass-sha256kdf-scheme.&smimeCaps | kaa-mqvSinglePass-sha256kdf-scheme.&smimeCaps |
kaa-mqvSinglePass-sha384kdf-scheme.&smimeCaps | kaa-mqvSinglePass-sha384kdf-scheme.&smimeCaps |
kaa-mqvSinglePass-sha512kdf-scheme.&smimeCaps | kaa-mqvSinglePass-sha512kdf-scheme.&smimeCaps |
-- kwa-3des.&smimeCaps | -- kwa-3des.&smimeCaps |
-- kwa-aes128.&smimeCaps | -- kwa-aes128.&smimeCaps |
-- kwa-aes192.&smimeCaps | -- kwa-aes192.&smimeCaps |
-- kwa-aes256.&smimeCaps | -- kwa-aes256.&smimeCaps |
-- cea-des-ede3-cbc.&smimeCaps | -- cea-3DES-cbc.&smimeCaps |
-- cea-aes128-cbc.&smimeCaps | -- cea-aes128-cbc.&smimeCaps |
-- cea-aes192-cbc.&smimeCaps | -- cea-aes192-cbc.&smimeCaps |
-- cea-aes256-cbc.&smimeCaps | -- cea-aes256-cbc.&smimeCaps |
-- cea-aes128-ccm.&smimeCaps | -- cea-aes128-ccm.&smimeCaps |
-- cea-aes192-ccm.&smimeCaps | -- cea-aes192-ccm.&smimeCaps |
-- cea-aes256-ccm.&smimeCaps | -- cea-aes256-ccm.&smimeCaps |
-- cea-aes128-gcm.&smimeCaps | -- cea-aes128-gcm.&smimeCaps |
-- cea-aes192-gcm.&smimeCaps | -- cea-aes192-gcm.&smimeCaps |
-- cea-aes256-gcm.&smimeCaps | -- cea-aes256-gcm.&smimeCaps |
-- maca-hMAC-SHA1.&smimeCaps | -- maca-hMAC-SHA1.&smimeCaps |
maca-hMAC-SHA224.&smimeCaps | maca-hMAC-SHA224.&smimeCaps |
maca-hMAC-SHA256.&smimeCaps | maca-hMAC-SHA256.&smimeCaps |
maca-hMAC-SHA384.&smimeCaps | maca-hMAC-SHA384.&smimeCaps |
maca-hMAC-SHA512.&smimeCaps, maca-hMAC-SHA512.&smimeCaps,
... - Extensible ...
} }
cap-kaa-dhSinglePass-stdDH-sha1kdf-scheme SMIME-CAPS ::= { cap-kaa-dhSinglePass-stdDH-sha1kdf-scheme SMIME-CAPS ::= {
TYPE KeyWrapAlgorithm TYPE KeyWrapAlgorithm
IDENTIFIED BY dhSinglePass-stdDH-sha1kdf-scheme IDENTIFIED BY dhSinglePass-stdDH-sha1kdf-scheme
} }
cap-kaa-dhSinglePass-stdDH-sha224kdf-scheme SMIME-CAPS ::= { cap-kaa-dhSinglePass-stdDH-sha224kdf-scheme SMIME-CAPS ::= {
TYPE KeyWrapAlgorithm TYPE KeyWrapAlgorithm
IDENTIFIED BY dhSinglePass-stdDH-sha224kdf-scheme } IDENTIFIED BY dhSinglePass-stdDH-sha224kdf-scheme
}
cap-kaa-dhSinglePass-stdDH-sha256kdf-scheme SMIME-CAPS ::= { cap-kaa-dhSinglePass-stdDH-sha256kdf-scheme SMIME-CAPS ::= {
TYPE KeyWrapAlgorithm TYPE KeyWrapAlgorithm
IDENTIFIED BY dhSinglePass-stdDH-sha256kdf-scheme } IDENTIFIED BY dhSinglePass-stdDH-sha256kdf-scheme
}
cap-kaa-dhSinglePass-stdDH-sha384kdf-scheme SMIME-CAPS ::= { cap-kaa-dhSinglePass-stdDH-sha384kdf-scheme SMIME-CAPS ::= {
TYPE KeyWrapAlgorithm TYPE KeyWrapAlgorithm
IDENTIFIED BY dhSinglePass-stdDH-sha384kdf-scheme IDENTIFIED BY dhSinglePass-stdDH-sha384kdf-scheme
} }
cap-kaa-dhSinglePass-stdDH-sha512kdf-scheme SMIME-CAPS ::= { cap-kaa-dhSinglePass-stdDH-sha512kdf-scheme SMIME-CAPS ::= {
TYPE KeyWrapAlgorithm TYPE KeyWrapAlgorithm
IDENTIFIED BY dhSinglePass-stdDH-sha512kdf-scheme IDENTIFIED BY dhSinglePass-stdDH-sha512kdf-scheme
} }
 End of changes. 89 change blocks. 
109 lines changed or deleted 198 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/