diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-21 16:46:01 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-21 16:46:01 +0000 |
commit | 90e79a4ffdcb4833c91bc9312c5b7f7ec9abc00b (patch) | |
tree | 56cf459d1b4099c4a19cfb3dc33c3618ed5f73da /lib/pkix.asn | |
parent | 25613dd4ca6985ef0a8a403cad311b5ec644ae14 (diff) | |
download | gnutls-90e79a4ffdcb4833c91bc9312c5b7f7ec9abc00b.tar.gz |
Added ability to import PKCS8 encrypted keys.
Diffstat (limited to 'lib/pkix.asn')
-rw-r--r-- | lib/pkix.asn | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/lib/pkix.asn b/lib/pkix.asn index a37f03edd1..626224ca3b 100644 --- a/lib/pkix.asn +++ b/lib/pkix.asn @@ -484,6 +484,7 @@ X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } + emailAddress AttributeType ::= { pkcs-9 1 } Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length)) @@ -1010,4 +1011,64 @@ Pkcs9challengePassword ::= CHOICE { utf8String UTF8String (SIZE (1..pkcs-9-ub-challengePassword)) } +-- PKCS #8 stuff + +-- Private-key information syntax + +PrivateKeyInfo ::= SEQUENCE { + version Version, + privateKeyAlgorithm AlgorithmIdentifier, + privateKey PrivateKey, + attributes [0] Attributes OPTIONAL } + +Version ::= INTEGER {v1(0)} + +PrivateKey ::= OCTET STRING + +Attributes ::= SET OF Attribute + +-- Encrypted private-key information syntax + +EncryptedPrivateKeyInfo ::= SEQUENCE { + encryptionAlgorithm AlgorithmIdentifier, + encryptedData EncryptedData +} + +EncryptedData ::= OCTET STRING + +-- PKCS #5 stuff + +pkcs-5 OBJECT IDENTIFIER ::= + { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } + +pkcs-5-encryptionAlgorithm OBJECT IDENTIFIER ::= + { iso(1) member-body(2) us(840) rsadsi(113549) 3 } + +pkcs-5-des-EDE3-CBC OBJECT IDENTIFIER ::= {pkcs-5-encryptionAlgorithm 7} + +pkcs-5-des-EDE3-CBC-params ::= OCTET STRING (SIZE(8)) + +pkcs-5-id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} + +pkcs-5-PBES2-params ::= SEQUENCE { + keyDerivationFunc AlgorithmIdentifier, + encryptionScheme AlgorithmIdentifier } + +-- PBKDF2 + +pkcs-5-id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} + +-- pkcs-5-algid-hmacWithSHA1 AlgorithmIdentifier ::= +-- {algorithm pkcs-5-id-hmacWithSHA1, parameters NULL : NULL} + +pkcs-5-PBKDF2-params ::= SEQUENCE { + salt CHOICE { + specified OCTET STRING, + otherSource AlgorithmIdentifier + }, + iterationCount INTEGER (1..MAX), + keyLength INTEGER (1..MAX) OPTIONAL, + prf AlgorithmIdentifier OPTIONAL -- DEFAULT pkcs-5-algid-hmacWithSHA1 +} + END |