draft-ietf-smime-gost-00.txt   draft-ietf-smime-gost-01.txt 
S/MIME Working Group Serguei Leontiev, CRYPTO-PRO S/MIME Working Group Serguei Leontiev, CRYPTO-PRO
Internet Draft Vladimir Popov, CRYPTO-PRO Internet Draft Gregory Chudov, CRYPTO-PRO
Expires April 19, 2004 October 19, 2003 Expires August 15, 2004 February 15, 2004
Intended Category: Informational Intended Category: Informational
Cryptographic Message Syntax (CMS) algorithms for Using the GOST 28147-89, GOST R 34.11-94,
GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, GOST R 34.11-94. GOST R 34.10-94 and GOST R 34.10-2001 algorithms with the
Cryptographic Message Syntax (CMS)
<draft-ietf-smime-gost-00.txt> <draft-ietf-smime-gost-01.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026. of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 2, line 12 skipping to change at page 2, line 13
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3
2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3 2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3
2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3 2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3
3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4 3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4
3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4 3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4
3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4 3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4
4 Key Management Algorithms. . . . . . . . . . . . . . . . 5 4 Key Management Algorithms. . . . . . . . . . . . . . . . 5
4.1 Key Agreement Algorithms . . . . . . . . . . . . . . . . 5 4.1 Key Agreement Algorithms . . . . . . . . . . . . . . . . 5
4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001 4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001
Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.2 Key Transport Algorithms. .. . . . . . . . . . . . . . . 7 4.2 Key Transport Algorithms. .. . . . . . . . . . . . . . . 6
4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001 4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001
Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5 Content Encryption Algorithms. . . . . . . . . . . . . . 8 5 Content Encryption Algorithms. . . . . . . . . . . . . . 8
5.1 Key-Encryption Key Algorithm GOST 28147-89 . . . . . . . 9 5.1 Key-Encryption Key Algorithm GOST 28147-89 . . . . . . . 8
6 MAC Algorithms . . . . . . . . . . . . . . . . . . . . . 11 6 MAC Algorithms . . . . . . . . . . . . . . . . . . . . . 8
6.1 HMAC with GOST R 34.11-94. . . . . . . . . . . . . . . . 11 6.1 HMAC with GOST R 34.11-94. . . . . . . . . . . . . . . . 9
7 Using with S/MIME. . . . . . . . . . . . . . . . . . . . 11 7 Using with S/MIME. . . . . . . . . . . . . . . . . . . . 9
7.1 Parameter micalg . . . . . . . . . . . . . . . . . . . . 11 7.1 Parameter micalg . . . . . . . . . . . . . . . . . . . . 9
7.2 Atribute SMIMECapabilities . . . . . . . . . . . . . . . 11 7.2 Atribute SMIMECapabilities . . . . . . . . . . . . . . . 9
8 Security Considerations. . . . . . . . . . . . . . . . . 11 8 Security Considerations. . . . . . . . . . . . . . . . . 10
9 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 12 9 Appendix Examples. . . . . . . . . . . . . . . . . . . . 11
9.1 Gost28147-89-EncryptionSyntax. . . . . . . . . . . . . . 12 9.1 Signed message . . . . . . . . . . . . . . . . . . . . . 11
9.2 Gost28147-89-ParamSetSyntax. . . . . . . . . . . . . . . 14 9.2 Enveloped message using Key Agreement. . . . . . . . . . 12
9.3 GostR3410-EncryptionSyntax . . . . . . . . . . . . . . . 21 9.2 Enveloped message using Key Transport. . . . . . . . . . 15
9.4 GostR3410-94-SignatureSyntax . . . . . . . . . . . . . . 23 10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 17
9.5 GostR3410-2001-SignatureSyntax . . . . . . . . . . . . . 26 10.1 Gost28147-89-EncryptionSyntax. . . . . . . . . . . . . . 17
10 References . . . . . . . . . . . . . . . . . . . . . . . 27 10.2 GostR3410-EncryptionSyntax . . . . . . . . . . . . . . . 19
11 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 29 10.3 GostR3410-94-SignatureSyntax . . . . . . . . . . . . . . 21
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 29 10.4 GostR3410-2001-SignatureSyntax . . . . . . . . . . . . . 22
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 30 10 References . . . . . . . . . . . . . . . . . . . . . . . 23
11 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 25
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 25
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 27
1 Introduction 1 Introduction
The Cryptographic Message Syntax [CMS] is used for digital signature, The Cryptographic Message Syntax [CMS] is used for digital signature,
digest, authentication and encryption arbitrary message contents. digest, authentication and encryption arbitrary message contents.
This companion specification describes the usage of cryptographic This companion specification describes the usage of cryptographic
algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and hash algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and hash
algorithm GOST R 34.11-94 in CMS, proposed by CRYPTO-PRO Company for algorithm GOST R 34.11-94 in CMS, proposed by CRYPTO-PRO Company for
"Russian Cryptographic Software Compatibility Agreement" community. "Russian Cryptographic Software Compatibility Agreement" community.
This document does not describe those cryptographic algorithms; they This document does not describe those cryptographic algorithms; they
skipping to change at page 3, line 28 skipping to change at page 3, line 32
Message Digest authenticated attribute. In addition, digest values Message Digest authenticated attribute. In addition, digest values
are input to signature algorithms. are input to signature algorithms.
2.1 Message Digest Algorithm GOST R 34.11-94 2.1 Message Digest Algorithm GOST R 34.11-94
Hash function GOST R 34.11-94 has been developed by "GUBS of Federal Hash function GOST R 34.11-94 has been developed by "GUBS of Federal
Agency Government Communication and Information" and "All-Russian Agency Government Communication and Information" and "All-Russian
Scientific and Research Institute of Standardization". The algorithm Scientific and Research Institute of Standardization". The algorithm
GOST R 34.11-94 produces a 256-bit hash value of the arbitrary finite GOST R 34.11-94 produces a 256-bit hash value of the arbitrary finite
bit length input. This document does not contain GOST R 34.11-94 full bit length input. This document does not contain GOST R 34.11-94 full
specification, which could be found in [GOSTR3411] in Russian, specification, which can be found in [GOSTR3411] in Russian.
[Schneier95] ch. 18.11, p. 454. contain the brief technical [Schneier95] ch. 18.11, p. 454. contain the brief technical
description in English. description in English.
The initial value (IV) and S-box are optional for algorithm
parameters (Algorithm Parameters part in [GOST28147] in Russian,
description in English see in [Schneier95] ch. 14.1, p. 331). The
Standard [GOST3411] does not define hash function algorithm
parameters, which ought to be set by object identifiers (OID) in
software code.
id-CryptoPro OBJECT IDENTIFIER ::= id-CryptoPro OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) } { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) }
id-CryptoPro-algorithms OBJECT IDENTIFIER ::= id-CryptoPro-algorithms OBJECT IDENTIFIER ::=
{ id-CryptoPro } id-CryptoPro
The hash algorithm GOST R 34.11-94 has the following identifier: The hash algorithm GOST R 34.11-94 has the following identifier:
id-GostR3411-94 OBJECT IDENTIFIER ::= id-GostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostr3411(9) } { id-CryptoPro-algorithms gostr3411(9) }
The following structure contains digest in little-endian The AlgorithmIdentifier parameters field MUST be present, and the
representation: parameters field MUST contain NULL. Implementations MAY accept the
GOST R 34.11-94 AlgorithmIdentifiers with absent parameters as well
as NULL parameters.
When Message Digest authenticated attribute is present, DigestedData
digest contains 32-byte digest in little-endian representation:
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
3 Signature Algorithms 3 Signature Algorithms
This section specifies the CMS procedures for GOST R 34.10-94 and This section specifies the CMS procedures for GOST R 34.10-94 and
GOST R 34.10-2001 signature algorithms. GOST R 34.10-2001 signature algorithms.
Signature algorithm identifiers are located in the SignerInfo Signature algorithm identifiers are located in the SignerInfo
signatureAlgorithm field of SignedData. Also, signature algorithm signatureAlgorithm field of SignedData. Also, signature algorithm
skipping to change at page 4, line 27 skipping to change at page 4, line 29
Signature values are located in the SignerInfo signature field of Signature values are located in the SignerInfo signature field of
SignedData. Also, signature values are located in the SignerInfo SignedData. Also, signature values are located in the SignerInfo
signature field of countersignature attributes. signature field of countersignature attributes.
3.1 Signature Algorithm GOST R 34.10-94 3.1 Signature Algorithm GOST R 34.10-94
GOST R 34.10-94 has been developed by "GUBS of Federal Agency GOST R 34.10-94 has been developed by "GUBS of Federal Agency
Government Communication and Information" and "All-Russian Scientific Government Communication and Information" and "All-Russian Scientific
and Research Institute of Standardization". This signature algorithm and Research Institute of Standardization". This signature algorithm
MUST be used conjointly with GOST R 34.11-94. This document does not MUST be used conjointly with GOST R 34.11-94 message digest
contain GOST R 34.10-94 standard description, which is fully algorithm. This document does not contain GOST R 34.10-94 standard
described in [GOSTR341094] in Russian, and brief description in description, which is fully described in [GOSTR341094] in Russian,
English could be found in [Schneier95] ch. 20.3, p. 495. and brief description in English could be found in [Schneier95] ch.
20.3, p. 495.
For a signature algorithm identifier, GOST R 34.10-94 public key For a signature algorithm identifier, GOST R 34.10-94 public key
algorithm OID [CPPK] is used: algorithm OID [CPPK] is used:
id-GostR3410-94-signatute OBJECT IDENTIFIER ::= id-GostR3410-94 id-GostR3410-94-signatute OBJECT IDENTIFIER ::= id-GostR3410-94
Signature algorithm GOST R 34.10-94 generates digital signature in Signature algorithm GOST R 34.10-94 generates digital signature in
the form of a binary 512-bit vector (<r'>256||<s>256). the form of a binary 512-bit vector (<r'>256||<s>256).
signatureValue contains its little endian representation. signatureValue contains its little endian representation.
GostR3410-94-Signature ::= OCTET STRING GostR3410-94-Signature ::= OCTET STRING (SIZE (64))
3.2 Signature Algorithm GOST R 34.10-2001 3.2 Signature Algorithm GOST R 34.10-2001
GOST R 34.10-2001 has been developed by "GUBS of Federal Agency GOST R 34.10-2001 has been developed by "GUBS of Federal Agency
Government Communication and Information" and "All-Russian Scientific Government Communication and Information" and "All-Russian Scientific
and Research Institute of Standardization". This signature algorithm and Research Institute of Standardization". This signature algorithm
MUST be used conjointly with GOST R 34.11-94. This document does not MUST be used conjointly with GOST R 34.11-94. This document does not
contain GOST R 34.10-2001 standard description, which is fully contain GOST R 34.10-2001 standard description, which is fully
described in [GOSTR34102001]. described in [GOSTR34102001].
For a signature algorithm identifier, GOST R 34.10-2001 public key For a signature algorithm identifier, GOST R 34.10-2001 public key
algorithm OID [CPPK] is used: algorithm OID [CPPK] is used:
id-GostR3410-2001-signatute OBJECT IDENTIFIER ::= id-GostR3410-2001 id-GostR3410-2001-signatute OBJECT IDENTIFIER ::= id-GostR3410-2001
Signature algorithm GOST R 34.10-2001 generates digital signature in Signature algorithm GOST R 34.10-2001 generates digital signature in
the form of a binary 512-bit vector (<r'>256||<s>256). the form of a binary 512-bit vector (<r'>256||<s>256).
signatureValue contains its little endian representation. signatureValue contains its little endian representation.
GostR3410-2001-Signature ::= OCTET STRING GostR3410-2001-Signature ::= OCTET STRING (SIZE (64))
4 Key Management Algorithms 4 Key Management Algorithms
This chapter describes the key agreement and key transport This chapter describes the key agreement and key transport
algorithms, always supposing that key enciphering usage is GOST algorithms, based on key establishment algorithms VKO GOST R 34.10-94
28147-89 algorithm only. and VKO GOST R 34.10-2001, described in [CPALGS]. They can be used
only with content encryption algorithm GOST 28147-89, defined in
section 5 of this document.
4.1 Key Agreement Algorithms 4.1 Key Agreement Algorithms
This part describes the key agreement algorithms based on both GOST R This section specifies the conventions employed by CMS
34.10-94 and GOST R 34.10-2001 public keys. implementations that support key agreement using both VKO GOST R
34.10-94 and VKO GOST R 34.10-2001 algorithms, described in section 5
of [CPALGS].
Key agreement algorithm identifiers are located in the EnvelopedData Key agreement algorithm identifiers are located in the EnvelopedData
RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm and RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm and
AuthenticatedData RecipientInfos KeyAgreeRecipientInfo AuthenticatedData RecipientInfos KeyAgreeRecipientInfo
keyEncryptionAlgorithm fields. keyEncryptionAlgorithm fields.
Key wrap algorithm identifiers are located in the KeyWrapAlgorithm
parameters within the EnvelopedData RecipientInfos
KeyAgreeRecipientInfo keyEncryptionAlgorithm and AuthenticatedData
RecipientInfos KeyAgreeRecipientInfo keyEncryptionAlgorithm fields.
Wrapped content-encryption keys are located in the EnvelopedData Wrapped content-encryption keys are located in the EnvelopedData
RecipientInfos KeyAgreeRecipientInfo RecipientEncryptedKeys RecipientInfos KeyAgreeRecipientInfo RecipientEncryptedKeys
encryptedKey field. Wrapped message-authentication keys are located encryptedKey field. Wrapped message-authentication keys are located
in the AuthenticatedData RecipientInfos KeyAgreeRecipientInfo in the AuthenticatedData RecipientInfos KeyAgreeRecipientInfo
RecipientEncryptedKeys encryptedKey field. RecipientEncryptedKeys encryptedKey field.
4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001 Public Keys 4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001 Public Keys
Key agreement algorithms based on GOST R 34.10-94 and GOST R The EnvelopedData RecipientInfos KeyAgreeRecipientInfo field is used
34.10-2001 public keys are described in [CPALGS]. When using those as follows:
algorithms, the EnvelopedData RecipientInfos KeyAgreeRecipientInfo
field is used as follows:
version MUST be 3. version MUST be 3.
originator MUST be the originatorKey alternative. The originator MUST be the originatorKey alternative. The
originatorKey algorithm field MUST contain the object identifier originatorKey algorithm field MUST contain the object identifier
id-GostR3410-94 or id-GostR3410-2001 with necessary parameters id-GostR3410-94 or id-GostR3410-2001 and corresponding parameters
(see [CPALGS]). The originatorKey publicKey field MUST contain (defined in sections 2.3.1, 2.3.2 of [CPPK]).
the sender's public key.
keyEncryptionAlgorithm algorithm MUST be the same, as The originatorKey publicKey field MUST contain the sender's public
originatorKey algorithm algorithm. keyEncryptionAlgorithm key.
parameters MUST encapsulate GostR3410-TransportParameters,
containing encryptionParamSet (GOST 28147-89 algorithm parameters keyEncryptionAlgorithm algorithm field MUST be identical to the
used for key encryption), and UKM. ephemeralPublicKey MUST NOT be recipient public key algorithm identifier.
keyEncryptionAlgorithm parameters MUST encapsulate
GostR3410-TransportParameters, containing encryptionParamSet (GOST
28147-89 algorithm parameters used for key encryption), and UKM.
GostR3410-TransportParameters ephemeralPublicKey MUST NOT be
present. present.
GostR3410-TransportParameters ::= SEQUENCE { GostR3410-TransportParameters ::= SEQUENCE {
encryptionParamSet OBJECT IDENTIFIER, encryptionParamSet OBJECT IDENTIFIER,
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL, ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING ukm OCTET STRING
} }
KeyAgreeRecipientInfo ukm MUST be absent, KeyAgreeRecipientInfo ukm MUST be absent,
GostR3410-TransportParameters ukm is used instead and is not GostR3410-TransportParameters ukm is used instead and is not
optional. optional.
encryptedKey MUST encapsulate Gost28147-89-EncryptedKey, which encryptedKey MUST encapsulate Gost28147-89-EncryptedKey.
contains encrypted session key and it's MAC.
Gost28147-89-EncryptedKey ::= SEQUENCE { Gost28147-89-EncryptedKey ::= SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
macKey Gost28147-89-MAC macKey Gost28147-89-MAC
} }
Using the secret key, corresponding to originatorKey publicKey, and
sender's public key are used to produce an exchange key, algorithm
VKO GOST R 34.10-94 or VKO GOST R 34.10-2001 (described in section 5
of [CPALGS]) is applied as follows: GostR3410-TransportParameters
encryptionParamSet is used for all encryption operations, and
GostR3410-TransportParameters ukm is used as synchrovector. Keywrap
mode is selected based on encryptionParamSet. The resulting encoded
key (SK_enc) is placed in Gost28147-89-EncryptedKey encryptedKey
field, and it's mac (SK_mac) is placed in Gost28147-89-EncryptedKey
macKey field.
4.2 Key Transport Algorithms 4.2 Key Transport Algorithms
This part describes the key transport algorithms based on both GOST R This section specifies the conventions employed by CMS
34.10-94 and GOST R 34.10-2001 public keys. implementations that support key transport using both VKO GOST R
34.10-94 and VKO GOST R 34.10-2001 algorithms, described in section 5
of [CPALGS].
Key transport algorithm identifiers are located in the EnvelopedData Key transport algorithm identifiers are located in the EnvelopedData
RecipientInfos KeyTransRecipientInfo keyEncryptionAlgorithm field. RecipientInfos KeyTransRecipientInfo keyEncryptionAlgorithm field.
Key transport encrypted content-encryption keys are located in the Key transport encrypted content-encryption keys are located in the
EnvelopedData RecipientInfos KeyTransRecipientInfo encryptedKey EnvelopedData RecipientInfos KeyTransRecipientInfo encryptedKey
field. field.
4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001 Public Keys 4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001 Public Keys
Key transport algorithms based on GOST R 34.10-94 and GOST R The EnvelopedData RecipientInfos KeyTransRecipientInfo field is used
34.10-2001 public keys are described in [CPALGS]. When using those as follows:
algorithms, the EnvelopedData RecipientInfos KeyTransRecipientInfo
field is used as follows:
version MUST be 0 or 3. version MUST be 0 or 3.
keyEncryptionAlgorithm MUST be identical to the recipient public keyEncryptionAlgorithm and parameters MUST be identical to the
key algorithm identifier. recipient public key algorithm and parameters.
encryptedKey encapsulates encryptedKey encapsulates
GostR3410-KeyTransportEncryptedKeyOctetString, which contains GostR3410-KeyTransportEncryptedKeyOctetString, which contains
encrypted session key, it's MAC, GOST 28147-89 algorithm encrypted content-encryption key, it's MAC, GOST 28147-89
parameters used for key encryption, sender's ephemeral public key, algorithm parameters used for key encryption, sender's ephemeral
and UKM (UserKeyingMaterial, see [CMS], 10.2.6). public key, and UKM (UserKeyingMaterial, see [CMS], 10.2.6).
transportParameters MUST be present. transportParameters MUST be present.
ephemeralPublicKey MUST be present, and its parameters, if ephemeralPublicKey MUST be present, and its parameters, if
present, MUST be equal to the recipient public key parameters; present, MUST be equal to the recipient public key parameters;
GostR3410-KeyTransportEncryptedKeyOctetString ::= SEQUENCE { GostR3410-KeyTransportEncryptedKeyOctetString ::= SEQUENCE {
sessionEncryptedKey Gost28147-89-EncryptedKey, sessionEncryptedKey Gost28147-89-EncryptedKey,
transportParameters transportParameters
[0] IMPLICIT GostR3410-TransportParameters OPTIONAL [0] IMPLICIT GostR3410-TransportParameters OPTIONAL
} }
GostR3410-TransportParameters ::= SEQUENCE { GostR3410-TransportParameters ::= SEQUENCE {
encryptionParamSet OBJECT IDENTIFIER, encryptionParamSet OBJECT IDENTIFIER,
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL, ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING ukm OCTET STRING
} }
Using the secret key, corresponding to GostR3410-TransportParameters
ephemeralPublicKey, and sender's public key are used to produce an
exchange key, algorithm VKO GOST R 34.10-94 or VKO GOST R 34.10-2001
(described in section 5 of [CPALGS]) is applied as follows:
GostR3410-TransportParameters encryptionParamSet is used for all
encryption operations, and GostR3410-TransportParameters ukm is used
as synchrovector. Keywrap mode is selected based on
encryptionParamSet. The resulting encoded key (SK_enc) is placed in
Gost28147-89-EncryptedKey encryptedKey field, and it's mac (SK_mac)
is placed in Gost28147-89-EncryptedKey macKey field.
5 Content Encryption Algorithms 5 Content Encryption Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support content encryption using GOST 28147-89. implementations that support content encryption using GOST 28147-89.
Content encryption algorithm identifiers are located in the Content encryption algorithm identifiers are located in the
EnvelopedData EncryptedContentInfo contentEncryptionAlgorithm and the EnvelopedData EncryptedContentInfo contentEncryptionAlgorithm and the
EncryptedData EncryptedContentInfo contentEncryptionAlgorithm fields. EncryptedData EncryptedContentInfo contentEncryptionAlgorithm fields.
Content encryption algorithms are used to encipher the content Content encryption algorithms are used to encipher the content
skipping to change at page 8, line 15 skipping to change at page 8, line 40
This document specifies the following OID for this algorithm: This document specifies the following OID for this algorithm:
id-Gost28147-89 OBJECT IDENTIFIER ::= id-Gost28147-89 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gost28147-89(21) } { id-CryptoPro-algorithms gost28147-89(21) }
Algorithm parameters MUST be present and have the following Algorithm parameters MUST be present and have the following
structure: structure:
Gost28147-89-Parameters ::= Gost28147-89-Parameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet iv Gost28147-89-IV,
OBJECT IDENTIFIER ( encryptionParamSet OBJECT IDENTIFIER
id-Gost28147-89-TestParamSet | -- Only for tests use
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
),
iv Gost28147-89-IV
}
encryptionParamSet specify the set of corresponding
Gost28147-89-ParamSetParameters.
Gost28147-89-ParamSetParameters ::= SEQUENCE {
eUZ Gost28147-89-UZ,
mode INTEGER {
gost28147-89-OFB(0),
gost28147-89-CFB(1),
cryptoPro-CBC(2)
},
shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier {{
Gost28147-89-KeyWrapAlgorithms
}},
keyMix AlgorithmIdentifier {{
Gost28147-89-KeyMixAlgorithms
}}
} }
where Gost28147-89-IV ::= OCTET STRING (SIZE (8))
iv - initializsation vector;
eUZ - S-box;
mode - cipher mode;
shiftBits - cipher parameter;
keyWrap - key export algorithm identifier;
keyMix - key meshing algorithm.
The following values for encryptionParamSet are already defined:
id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts test(0) }
id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-A(1) }
id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-B(2) }
id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-C(3) }
id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-D(4) }
id-Gost28147-89-CryptoPro-Simple-A-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-A(6) }
id-Gost28147-89-CryptoPro-Simple-B-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-B(7) }
id-Gost28147-89-CryptoPro-Simple-C-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-C(8) }
id-Gost28147-89-CryptoPro-Simple-D-ParamSet encryptionParamSet specifies the set of corresponding
OBJECT IDENTIFIER ::= Gost28147-89-ParamSetParameters (see section 6.1 of [CPALGS])
{ id-CryptoPro-encrypts cryptopro-Simple-D(9) }
6 MAC Algorithms 6 MAC Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support the message authentication code (MAC) implementations that support the message authentication code (MAC)
based on GOST R 34.11-94 HMAC. This MAC can also be used as a based on GOST R 34.11-94 HMAC. This MAC can also be used as a
pseudo-random function with 256 bits (32 bytes) internal state size, pseudo-random function with 256 bits (32 bytes) internal state size,
which can be used to derive keys. which can be used to derive keys.
MAC algorithm identifiers are located in the AuthenticatedData MAC algorithm identifiers are located in the AuthenticatedData
macAlgorithm field. macAlgorithm field.
MAC values are located in the AuthenticatedData mac field MAC values are located in the AuthenticatedData mac field
6.1 HMAC with GOST R 34.11-94 6.1 HMAC with GOST R 34.11-94
GOSTR3411_HMAC (K,text) function is based on hash function GOST R HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
34.11-94, as defined in [HMAC], with the following parameter values: 34.11-94, as defined in [HMAC]. See [CPALGS], section 3 for details.
B = 32, L = 32.
OID for GOSTR3411_HMAC, defined by this document: OID for HMAC_GOSTR3411, defined by this document:
id-HMACGostR3411-94 OBJECT IDENTIFIER ::= id-HMACGostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms hmacgostr3411(10) } { id-CryptoPro-algorithms hmacgostr3411(10) }
This algorithm has the same parameters, as GOST R 34.11-94 digest This algorithm has the same parameters, as GOST R 34.11-94 digest
algorithm, and uses the same OIDs for their identification (see algorithm, and uses the same OIDs for their identification (see
[CPPK]). [CPPK]).
7 Using with S/MIME 7 Using with S/MIME
This section defines use of the algorithms defined in this document This section defines use of the algorithms defined in this document
together with S/MIME [RFC 2633]. together with S/MIME [RFC 2633].
7.1 Parameter micalg 7.1 Parameter micalg
When using the algorithms defined in this document, micalg parameter When using the algorithms defined in this document, micalg parameter
should be set to 'unknown', according to [RFC 2633]. SHOULD be set to "gostr3411-94" or MAY be set to "unknown".
7.2 Attribute SMIMECapabilities 7.2 Attribute SMIMECapabilities
S/MIME message, which uses the algorithms defined in this document, S/MIME message, which uses the algorithms defined in this document,
should contain the list of algorithm identifiers for digest and should contain the list of algorithm identifiers for digest and
encryption algorithms, defined in this document, with their encryption algorithms, defined in this document, with their
parameters, in it's SMIMECapabilities attribute. parameters, in it's SMIMECapabilities attribute.
The SMIMECapability value to indicate support for the GOST R 34.11-94
digest algorithm is the SEQUENCE with the capabilityID field
containing the object identifier id-GostR3411-94 and no parameters.
The DER encoding is:
30 08 06 06 2A 85 03 02 02 09
The SMIMECapability value to indicate support for the GOST 28147-89
encryption algorithm is the SEQUENCE with the capabilityID field
containing the object identifier id-Gost28147-89 and no parameters.
The DER encoding is:
30 08 06 06 2A 85 03 02 02 09
If the sender wishes to indicate support for specific parameter set,
SMIMECapability parameters MUST contain Gost28147-89-Parameters
structure. Recipient MUST ignore the Gost28147-89-Parameters iv
field, and assume that the sender supports parameters, specified in
Gost28147-89-Parameters encryptionParamSet field.
The DER encoding for the SMIMECapability, indicating support for GOST
28147-89 with id-Gost28147-89-CryptoPro-A-ParamSet (see [CPALGS]) is:
30 1D 06 06 2A 85 03 02 02 15 30 13 04 08 00 00
00 00 00 00 00 00 06 07 2A 85 03 02 02 1F 01
8 Security Considerations 8 Security Considerations
Parameter values for using cryptographic algorithms affect rigidity Conforming applications MUST use unique values for ukm and iv.
of information protection system. It is RECCOMENDED, that software Recipients MAY verify that ukm and iv, specified by the sender, are
applications verify signature values, subject public keys and unique.
algorithm parameters to conform to [GOSTR34102001], [GOSTR341094]
standards prior to their use.
The algorithm parameters proposed hereby and described in this It is RECCOMENDED, that applications verify signature values and
document, have been analyzed by special certification laboratory of subject public keys to conform to [GOSTR34102001], [GOSTR341094]
Scientific and Technical Center "ATLAS" and by Center of standards prior to their use.
Certificational Investigations in appropriate levels of
target_of_evaluation (TOE).
In case of different parameters usage, it is RECCOMENDED that they Cryptographic algorithm parameters affect rigidity of algorithms.
are to be examined by authorized agency with approved methods of The use of parameters, which are not listed in [CPALGS], is NOT
cryptographic analysis. RECOMENDED (see Security Considerations section of [CPALGS]).
When signed CMS document is used as analogue to a manual signing, in When signed CMS document is used as analogue to a manual signing, in
the context of Russian Federal Digital Signature Law [RFDSL], signer the context of Russian Federal Digital Signature Law [RFDSL], signer
certificate MUST contain keyUsage extension, it MUST be critical, and certificate MUST contain keyUsage extension, it MUST be critical, and
keyUsage MUST NOT include keyEncipherment and keyAgreement. keyUsage MUST NOT include keyEncipherment and keyAgreement. It SHOULD
be submited for examination by an authorized agency in appropriate
levels of target_of_evaluation (TOE), according to [RFDSL], [RFLLIC]
and [CRYPTOLIC].
It is RECOMENDED to use unique value for ukm. Recipients MAY verify, 9 Appendix Examples
that ukm, specified by the sender is unique.
9 Appendix ASN.1 Modules 9.1 Signed message
9.1 Gost28147-89-EncryptionSyntax 0 30 272: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
15 A0 257: [0] {
19 30 254: SEQUENCE {
22 02 1: INTEGER 1
25 31 12: SET {
27 30 10: SEQUENCE {
29 06 6: OBJECT IDENTIFIER GOST R 34.11-94 (1 2 643 2 2 9)
37 05 0: NULL
: }
: }
39 30 18: SEQUENCE {
41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
52 A0 5: [0] {
54 04 3: OCTET STRING
: 2A 0D 0A
: }
: }
59 31 214: SET {
62 30 211: SEQUENCE {
65 02 1: INTEGER 1
68 30 116: SEQUENCE {
70 30 102: SEQUENCE {
72 31 11: SET {
74 30 9: SEQUENCE {
76 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
81 13 2: PrintableString 'RU'
: }
: }
85 31 15: SET {
87 30 13: SEQUENCE {
89 06 3: OBJECT IDENTIFIER localityName (2 5 4 7)
94 13 6: PrintableString 'Moscow'
: }
: }
102 31 23: SET {
104 30 21: SEQUENCE {
106 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
111 13 14: PrintableString 'OOO Crypto-Pro'
: }
: }
127 31 20: SET {
129 30 18: SEQUENCE {
131 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
136 13 11: PrintableString 'Development'
: }
: }
149 31 23: SET {
151 30 21: SEQUENCE {
153 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
158 13 14: PrintableString 'CP CSP Test CA'
: }
: }
: }
174 02 10: INTEGER
: 1A 02 A9 9D 00 03 00 00 0F 60
: }
186 30 10: SEQUENCE {
188 06 6: OBJECT IDENTIFIER GOST R 34.11-94 (1 2 643 2 2 9)
196 05 0: NULL
: }
198 30 10: SEQUENCE {
200 06 6: OBJECT IDENTIFIER GOST R 34.10-94 (1 2 643 2 2 20)
208 05 0: NULL
: }
210 04 64: OCTET STRING
: 6E 7B 56 7C 86 F4 0A 08 30 7E 8F 9D DD 9E 55 B1
: F4 7D 9A B3 B8 8D 52 8D 34 46 28 AF 66 48 42 71
: 8A 11 5D 45 EE 52 1F FF 81 61 AA 64 A0 D2 DE 80
: 96 C4 33 9D BD 87 3E F7 98 1E A8 91 25 FC CF 5A
: }
: }
: }
: }
: }
9.2 Enveloped message using Key Agreement
0 30 452: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
15 A0 437: [0] {
19 30 433: SEQUENCE {
23 02 1: INTEGER 2
26 31 377: SET {
30 A1 373: [1] {
34 02 1: INTEGER 3
37 A0 168: [0] {
40 A1 165: [1] {
43 30 28: SEQUENCE {
45 06 6: OBJECT IDENTIFIER
: GOST R 34.10-94 (1 2 643 2 2 20)
53 30 18: SEQUENCE {
55 06 7: OBJECT IDENTIFIER '1 2 643 2 2 32 2'
64 06 7: OBJECT IDENTIFIER '1 2 643 2 2 30 1'
: }
: }
73 03 132: BIT STRING 0 unused bits, encapsulates {
77 04 128: OCTET STRING
: 4D FC D3 19 15 65 E6 A8 CD 2E F4 94 1D E9 1D 8E
: 38 74 EF 67 CD 39 59 DB B3 F4 07 63 A0 A1 0D 72
: 1B 88 9A DB FC 0A C6 D6 27 1D 0A 40 8A 4E C7 E8
: FE 5B 36 C9 B9 A2 71 13 89 29 09 C7 73 AD 7E 07
: CD AB FA 4B FA FC 0D 1B 66 D2 60 49 87 B0 B2 ED
: 13 EE BA D2 2F BB 4B E5 DD 84 B7 65 85 10 49 8A
: 01 A5 F5 4C 24 FB 49 AB 1D 5D D8 A6 F4 F4 27 9B
: F7 F7 97 7A F9 D9 7B DB F5 A0 29 F6 8D C9 AB 46
: }
: }
: }
208 30 29: SEQUENCE {
210 06 6: OBJECT IDENTIFIER GOST R 34.10-94 (1 2 643 2 2 20)
218 30 19: SEQUENCE {
220 06 7: OBJECT IDENTIFIER '1 2 643 2 2 31 1'
229 04 8: OCTET STRING
: 97 27 17 E0 05 B0 D0 5A
: }
: }
239 30 165: SEQUENCE {
242 30 162: SEQUENCE {
245 30 116: SEQUENCE {
247 30 102: SEQUENCE {
249 31 11: SET {
251 30 9: SEQUENCE {
253 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
258 13 2: PrintableString 'RU'
: }
: }
262 31 15: SET {
264 30 13: SEQUENCE {
266 06 3: OBJECT IDENTIFIER localityName (2 5 4 7)
271 13 6: PrintableString 'Moscow'
: }
: }
279 31 23: SET {
281 30 21: SEQUENCE {
283 06 3: OBJECT IDENTIFIER
: organizationName (2 5 4 10)
288 13 14: PrintableString 'OOO Crypto-Pro'
: }
: }
304 31 20: SET {
306 30 18: SEQUENCE {
308 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
313 13 11: PrintableString 'Development'
: }
: }
326 31 23: SET {
328 30 21: SEQUENCE {
330 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
335 13 14: PrintableString 'CP CSP Test CA'
: }
: }
: }
351 02 10: INTEGER
: 32 C7 ED 5B 00 03 00 00 12 82
: }
363 04 42: OCTET STRING, encapsulates {
365 30 40: SEQUENCE {
367 04 32: OCTET STRING
: 57 22 EF 5F 03 7C AF AD 74 7E 0C C4 52 9F 0D 96
: F2 5B 42 23 0D 6A EC 7A 98 90 7F CC D8 2F E5 72
401 04 4: OCTET STRING
: C6 E0 DE 69
: }
: }
: }
: }
: }
: }
407 30 47: SEQUENCE {
409 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
420 30 29: SEQUENCE {
422 06 6: OBJECT IDENTIFIER GOST 28147-89 (1 2 643 2 2 21)
430 30 19: SEQUENCE {
432 04 8: OCTET STRING
: BF 68 D1 74 95 19 F0 13
442 06 7: OBJECT IDENTIFIER '1 2 643 2 2 31 1'
: }
: }
451 80 3: [0]
: B1 7F 12
: }
: }
: }
: }
9.3 Enveloped message using Key Transport
0 30 468: SEQUENCE {
4 06 9: OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
15 A0 453: [0] {
19 30 449: SEQUENCE {
23 02 1: INTEGER 0
26 31 393: SET {
30 30 389: SEQUENCE {
34 02 1: INTEGER 0
37 30 116: SEQUENCE {
39 30 102: SEQUENCE {
41 31 11: SET {
43 30 9: SEQUENCE {
45 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
50 13 2: PrintableString 'RU'
: }
: }
54 31 15: SET {
56 30 13: SEQUENCE {
58 06 3: OBJECT IDENTIFIER localityName (2 5 4 7)
63 13 6: PrintableString 'Moscow'
: }
: }
71 31 23: SET {
73 30 21: SEQUENCE {
75 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
80 13 14: PrintableString 'OOO Crypto-Pro'
: }
: }
96 31 20: SET {
98 30 18: SEQUENCE {
100 06 3: OBJECT IDENTIFIER
: organizationalUnitName (2 5 4 11)
105 13 11: PrintableString 'Development'
: }
: }
118 31 23: SET {
120 30 21: SEQUENCE {
122 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
127 13 14: PrintableString 'CP CSP Test CA'
: }
: }
: }
143 02 10: INTEGER
: 1A 04 13 2F 00 03 00 00 0F 61
: }
155 30 28: SEQUENCE {
157 06 6: OBJECT IDENTIFIER GOST R 34.10-94 (1 2 643 2 2 20)
165 30 18: SEQUENCE {
167 06 7: OBJECT IDENTIFIER '1 2 643 2 2 32 2'
176 06 7: OBJECT IDENTIFIER '1 2 643 2 2 30 1'
: }
: }
185 04 235: OCTET STRING, encapsulates {
188 30 232: SEQUENCE {
191 30 40: SEQUENCE {
193 04 32: OCTET STRING
: 6B B6 75 7D 48 FD FC 6C B1 51 48 4F 0D 92 1F B0
: 5D 3A 93 11 DC 8A 13 0D 42 77 6C DC 1A 5E 87 F7
227 04 4: OCTET STRING
: 0A A3 26 A0
: }
233 A0 187: [0] {
236 06 7: OBJECT IDENTIFIER '1 2 643 2 2 31 1'
245 A0 165: [0] {
248 30 28: SEQUENCE {
250 06 6: OBJECT IDENTIFIER
: GOST R 34.10-94 (1 2 643 2 2 20)
258 30 18: SEQUENCE {
260 06 7: OBJECT IDENTIFIER '1 2 643 2 2 32 2'
269 06 7: OBJECT IDENTIFIER '1 2 643 2 2 30 1'
: }
: }
278 03 132: BIT STRING 0 unused bits, encapsulates {
282 04 128: OCTET STRING
: 47 A6 19 5E D6 FF E2 6A 6C 32 94 9D 6D 8C 1A 82
: C2 C4 0D 73 09 4E 01 3B B0 32 FE EE 79 1F C7 CC
: DB 27 B0 52 4F E1 10 B1 26 B9 22 51 37 64 F2 06
: 33 13 00 D0 31 3F E4 B6 D2 D6 F7 31 B9 63 4F 02
: 05 DD 16 E1 AD 0E E4 B7 CC B8 89 D1 20 D3 EA 45
: 53 02 8C 03 21 7C F2 0C BE BB 0D 7F 4E 04 E5 A5
: 3D F6 7F 2A 1E 17 40 59 4D 9D C5 4A ED 03 15 93
: B9 76 E6 41 BC 3B 70 18 90 B7 4A 7C 8F 4B 06 7D
: }
: }
413 04 8: OCTET STRING
: CA CD 7B 87 B9 60 17 68
: }
: }
: }
: }
: }
423 30 47: SEQUENCE {
425 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
436 30 29: SEQUENCE {
438 06 6: OBJECT IDENTIFIER GOST 28147-89 (1 2 643 2 2 21)
446 30 19: SEQUENCE {
448 04 8: OCTET STRING
: 56 9C 94 5C 37 0F B2 59
458 06 7: OBJECT IDENTIFIER '1 2 643 2 2 31 1'
: }
: }
467 80 3: [0]
: E5 CE CA
: }
: }
: }
: }
10 Appendix ASN.1 Modules
10.1 Gost28147-89-EncryptionSyntax
Gost28147-89-EncryptionSyntax Gost28147-89-EncryptionSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 } other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 }
DEFINITIONS EXPLICIT TAGS ::= DEFINITIONS EXPLICIT TAGS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
skipping to change at page 13, line 12 skipping to change at page 19, line 13
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
), ),
iv Gost28147-89-IV iv Gost28147-89-IV
} }
Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-Parameters IDENTIFIED BY { Gost28147-89-Parameters IDENTIFIED BY
id-Gost28147-89 } id-Gost28147-89 }
} }
END -- Gost28147-89-EncryptionSyntax END -- Gost28147-89-EncryptionSyntax
9.2 Gost28147-89-ParamSetSyntax 10.2 GostR3410-EncryptionSyntax
Gost28147-89-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gost28147-89-ParamSetSyntax(6) 1 }
DEFINITIONS EXPLICIT TAGS ::=
BEGIN
IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-encrypts,
gost28147-89-EncryptionSyntax,
cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-UZ,
id-Gost28147-89-TestParamSet,
id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions
cryptographic-Gost-Useful-Definitions
;
-- GOST 28147-89 Cryptographic Parameters Set:
-- algorithm & parameters
-- OID for Parameters Set imported from
-- Gost28147-89-EncryptionSyntax
Gost28147-89-ParamSetParameters ::=
SEQUENCE {
eUZ Gost28147-89-UZ,
mode INTEGER {
gost28147-89-OFB(0),
gost28147-89-CFB(1),
cryptoPro-CBC(2)
},
shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier {{
Gost28147-89-KeyWrapAlgorithms
}},
keyMix AlgorithmIdentifier {{
Gost28147-89-KeyMixAlgorithms
}}
}
Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-TestParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-D-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
}
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
}
id-Gost28147-89-CryptoPro-KeyMix OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMix(14) cryptoPro(1) }
id-Gost28147-89-None-KeyMix OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMix(14) none(0) }
Gost28147-89-KeyMixAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMix } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMix }
}
-- GOST 28147-89 Cryptographic Parameters Set: values
-- Test Parameters Set
gost28147-89-TestParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-TestParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ '4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896
003970C798AA1D55DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB
03F22165B844D8'H,
mode gost28147-89-OFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-None-KeyMix }
}
}
-- CryptoPro Parameters Sets
gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 9 3 E E B 3 1 B
-- 6 7 4 7 5 A D A
-- 3 E 6 A 1 D 2 F
-- 2 9 2 C 9 C 9 5
-- 8 8 B D 8 1 7 0
-- B A 3 1 D 2 A C
-- 1 F D 3 F 0 6 E
-- 7 0 8 9 0 B 0 8
-- A 5 C 0 E 7 8 6
-- 4 2 F 2 4 5 C 2
-- E 6 5 B 2 9 4 3
-- F C A 4 3 4 5 9
-- C B 0 F C 8 F 1
-- 0 4 7 8 7 F 3 7
-- D D 1 5 A E B D
-- 5 1 9 6 6 6 E 4
'93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70
890B08A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD51966
6E4'H
gost28147-89-CryptoPro-A-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-A-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 8 0 E 7 2 8 5 0
-- 4 1 C 5 7 3 2 4
-- B 2 0 0 C 2 A B
-- 1 A A D F 6 B E
-- 3 4 9 B 9 4 9 8
-- 5 D 2 6 5 D 1 3
-- 0 5 D 1 A E C 7
-- 9 C B 2 B B 3 1
-- 2 9 7 3 1 C 7 A
-- E 7 5 A 4 1 4 2
-- A 3 8 C 0 7 D 9
-- C F F F D F 0 6
-- D B 3 4 6 A 6 F
-- 6 8 6 E 8 0 F D
-- 7 6 1 9 E 9 8 5
-- F E 4 8 3 5 E C
'80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79C
B2BB3129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE483
5EC'H
gost28147-89-CryptoPro-B-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-B-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 1 0 8 3 8 C A 7
-- B 1 2 6 D 9 9 4
-- C 7 5 0 B B 6 0
-- 2 D 0 1 0 1 8 5
-- 9 B 4 5 4 8 D A
-- D 4 9 D 5 E E 2
-- 0 5 F A 1 2 2 F
-- F 2 A 8 2 4 0 E
-- 4 8 3 B 9 7 F C
-- 5 E 7 2 3 3 3 6
-- 8 F C 9 C 6 5 1
-- E C D 7 E 5 B B
-- A 9 6 E 6 A 4 D
-- 7 A E F F 0 1 9
-- 6 6 1 C A F C 3
-- 3 3 B 4 7 D 7 8
'10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2
A8240E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47
D78'H
gost28147-89-CryptoPro-C-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-C-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- F B 1 1 0 8 3 1
-- C 6 C 5 C 0 0 A
-- 2 3 B E 8 F 6 6
-- A 4 0 C 9 3 F 8
-- 6 C F A D 2 1 F
-- 4 F E 7 2 5 E B
-- 5 E 6 0 A E 9 0
-- 0 2 5 D B B 2 4
-- 7 7 A 6 7 1 D C
-- 9 D D 2 3 A 8 3
-- E 8 4 B 6 4 C 5
-- D 0 8 4 5 7 4 9
-- 1 5 9 9 4 C B 7
-- B A 3 3 E 9 A D
-- 8 9 7 F F D 5 2
-- 3 1 2 8 1 6 7 E'H
'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE9002
5DBB2477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD5231281
67E'H
gost28147-89-CryptoPro-D-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-D-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-CryptoPro-Simple-A-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-CryptoPro-Simple-B-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-CryptoPro-Simple-C-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
--
gost28147-89-CryptoPro-Simple-D-ParamSetAI
AlgorithmIdentifier {{
Gost28147-89-ParamSetAlgorithms
}} ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-D-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMix
{ algorithm id-Gost28147-89-CryptoPro-KeyMix }
}
}
END -- Gost28147-89-ParamSetSyntax
9.3 GostR3410-EncryptionSyntax
GostR3410-EncryptionSyntax GostR3410-EncryptionSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-EncryptionSyntax(5) 2 } other(1) modules(1) gostR3410-EncryptionSyntax(5) 2 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
skipping to change at page 22, line 45 skipping to change at page 21, line 24
} }
GostR3410-KeyEncryptionAlgorithms GostR3410-KeyEncryptionAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } | id-GostR3410-94 } |
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
END -- GostR3410-94-EncryptionSyntax END -- GostR3410-94-EncryptionSyntax
9.4 GostR3410-94-SignatureSyntax 10.3 GostR3410-94-SignatureSyntax
GostR3410-94-SignatureSyntax GostR3410-94-SignatureSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-94-SignatureSyntax(3) 1 } other(1) modules(1) gostR3410-94-SignatureSyntax(3) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
skipping to change at page 24, line 5 skipping to change at page 22, line 31
GostR3410-94-Signature ::= GostR3410-94-Signature ::=
OCTET STRING (SIZE (64)) OCTET STRING (SIZE (64))
-- GOST R 34.10-94 Signature Parameters & Algorithm -- GOST R 34.10-94 Signature Parameters & Algorithm
GostR3410-94-CMSSignatureAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-CMSSignatureAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } id-GostR3410-94 }
} }
END -- GostR3410-94-SignatureSyntax END -- GostR3410-94-SignatureSyntax
9.6 GostR3410-2001-SignatureSyntax 10.4 GostR3410-2001-SignatureSyntax
GostR3410-2001-SignatureSyntax GostR3410-2001-SignatureSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-SignatureSyntax(10) 1 } other(1) modules(1) gostR3410-2001-SignatureSyntax(10) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
skipping to change at page 24, line 47 skipping to change at page 23, line 24
GostR3410-2001-Signature ::= GostR3410-2001-Signature ::=
OCTET STRING (SIZE (64)) OCTET STRING (SIZE (64))
-- GOST R 34.10-2001 Signature Parameters & Algorithm -- GOST R 34.10-2001 Signature Parameters & Algorithm
GostR3410-2001-CMSSignatureAlgorithms GostR3410-2001-CMSSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
END -- GostR3410-2001-SignatureSyntax END -- GostR3410-2001-SignatureSyntax
10 References 11 References
[GOST28147] "Cryptographic Protection for Data Processing Sys- [GOST28147] "Cryptographic Protection for Data Processing Sys-
tem", GOST 28147-89, Gosudarstvennyi Standard of tem", GOST 28147-89, Gosudarstvennyi Standard of
USSR, Government Committee of the USSR for Standards, USSR, Government Committee of the USSR for Standards,
1989. (In Russian); 1989. (In Russian);
[GOSTR341094] "Information technology. Cryptographic Data Security. [GOSTR341094] "Information technology. Cryptographic Data Security.
Produce and check procedures of Electronic Digital Produce and check procedures of Electronic Digital
Signatures based on Asymmetric Cryptographic Algo- Signatures based on Asymmetric Cryptographic Algo-
rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of
skipping to change at page 25, line 25 skipping to change at page 24, line 6
digital signature.", GOST R 34.10-2001, Gosudarstven- digital signature.", GOST R 34.10-2001, Gosudarstven-
nyi Standard of Russian Federation, Government Com- nyi Standard of Russian Federation, Government Com-
mittee of the Russia for Standards, 2001. (In Rus- mittee of the Russia for Standards, 2001. (In Rus-
sian); sian);
[GOSTR341194] "Information technology. Cryptographic Data Security. [GOSTR341194] "Information technology. Cryptographic Data Security.
Hashing function.", GOST R 34.10-94, Gosudarstvennyi Hashing function.", GOST R 34.10-94, Gosudarstvennyi
Standard of Russian Federation, Government Committee Standard of Russian Federation, Government Committee
of the Russia for Standards, 1994. (In Russian); of the Russia for Standards, 1994. (In Russian);
[CPALGS] Cryptographic Algorithm "CryptoPro CSP"
[Schneier95] B. Schneier, Applied cryptography, second edition, [Schneier95] B. Schneier, Applied cryptography, second edition,
John Wiley & Sons, Inc., 1995; John Wiley & Sons, Inc., 1995;
[RFC 3280] Housley, R., Polk, W., Ford, W. and D. Solo, [RFC 3280] Housley, R., Polk, W., Ford, W. and D. Solo,
"Internet X.509 Public Key Infrastructure Certificate "Internet X.509 Public Key Infrastructure Certificate
and Certificate Revocation List (CRL) Profile", RFC and Certificate Revocation List (CRL) Profile", RFC
3280, April 2002. 3280, April 2002.
[RFC 3279] Algorithms and Identifiers for the Internet X.509 [RFC 3279] Algorithms and Identifiers for the Internet X.509
Public Key Infrastructure Certificate and Certificate Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile. L. Bassham, W. Revocation List (CRL) Profile. L. Bassham, W.
Polk, R. Housley. April 2002. Polk, R. Housley. April 2002.
[RFC 2219] Bradner, S., "Key Words for Use in RFCs to Indi- [RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indi-
cateRequirement Levels", BCP 14, RFC 2119, March cateRequirement Levels", BCP 14, RFC 2119, March
1997. 1997.
[CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369, [CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369,
August 2002 August 2002
[X.208-88] CCITT. Recommendation X.208: Specification of [X.208-88] CCITT. Recommendation X.208: Specification of
Abstract Syntax Notation One (ASN.1). 1988. Abstract Syntax Notation One (ASN.1). 1988.
[X.209-88] CCITT. Recommendation X.209: Specification of Basic [X.209-88] CCITT. Recommendation X.209: Specification of Basic
Encoding Rules for Abstract Syntax Notation One Encoding Rules for Abstract Syntax Notation One
(ASN.1). 1988.. (ASN.1). 1988..
[CPPK] Serguei Leontiev, Dennis Shefanovskij, "Algorithms [CPPK] S. Leontiev, D. Shefanovskij, "Algorithms and Identi-
and Identifiers for the Internet X.509 Public Key fiers for the Internet X.509 Public Key Infrastruc-
Infrastructure Certificates and Certificate Revoca- ture Certificates and Certificate Revocation List
tion List (CRL), corresponding to the algorithms GOST (CRL), corresponding to the algorithms GOST R
R 34.10-94, GOST R 34.10-2001, GOST R 34.11-94", 34.10-94, GOST R 34.10-2001, GOST R 34.11-94", draft-
draft-leontiev-cryptopro-cppk-00.txt leontiev-cryptopro-cppk-00.txt
[RFDSL] Russian Federal Digital Signature Law, 10 Jan 2002 [CPALGS] V. Popov, I. Kurepkin, S. Leontiev "Additional cryp-
tographic algorithms for use with GOST 28147-89, GOST
R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94
algorithms.", draft-popov-cryptopro-cpalgs-00.txt
[HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104 Febru-
ary 1997.
[RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002
N1-FZ N1-FZ
[RFLLIC] "Russian Federal Law on Licensing of Selected Activ-
ity Categories", 08 Aug 2001 N 128-FZ
[CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of
Selected Activity Categories in Cryptography Area",
23 Sep 2002 N 691
Acknowledgments Acknowledgments
This document was created in accordance with "Russian Cryptographic This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas", Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI), CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions. compatibility of the products and solutions.
The authors wish to thank: The authors wish to thank:
skipping to change at page 27, line 21 skipping to change at page 26, line 16
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: lse@cryptopro.ru EMail: lse@cryptopro.ru
Vladimir Popov Vladimir Popov
CRYPTO-PRO CRYPTO-PRO
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: vpopov@cryptopro.ru EMail: vpopov@cryptopro.ru
Gregory Chudov
CRYPTO-PRO
38, Obraztsova,
Moscow, 127018, Russian Federation
EMail: chudov@cryptopro.ru
Alexandr Afanasiev Alexandr Afanasiev
Factor-TC Factor-TC
office 711, 14, Presnenskij val, office 711, 14, Presnenskij val,
Moscow, 123557, Russian Federation Moscow, 123557, Russian Federation
EMail: aaaf@factor-ts.ru EMail: aaaf@factor-ts.ru
Nikolaj Nikishin Nikolaj Nikishin
Infotecs GmbH Infotecs GmbH
p/b 35, 80-5, Leningradskij prospekt, p/b 35, 80-5, Leningradskij prospekt,
Moscow, 125315, Russian Federation Moscow, 125315, Russian Federation
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/