ID | S2K Type |
---|---|
0 | Simple S2K |
1 | Salted S2K |
2 | Reserved value |
3 | Iterated and Salted S2K |
100 to 110 | Private/Experimental S2K |
Tag | Packet Type |
---|---|
0 | Reserved - a packet tag MUST NOT have this value |
1 | Public-Key Encrypted Session Key Packet |
2 | Signature Packet |
3 | Symmetric-Key Encrypted Session Key Packet |
4 | One-Pass Signature Packet |
5 | Secret-Key Packet |
6 | Public-Key Packet |
7 | Secret-Subkey Packet |
8 | Compressed Data Packet |
9 | Symmetrically Encrypted Data Packet |
10 | Marker Packet |
11 | Literal Data Packet |
12 | Trust Packet |
13 | User ID Packet |
14 | Public-Subkey Packet |
17 | User Attribute Packet |
18 | Sym. Encrypted and Integrity Protected Data Packet |
19 | Modification Detection Code Packet |
20 | OCB Encrypted Data Packet |
21 | Reserved |
26 | Reserved (CMS Encrypted Session Key Packet) |
60 to 63 | Private or Experimental Values |
Type | Description |
---|---|
0 | Reserved |
1 | Reserved |
2 | Signature Creation Time |
3 | Signature Expiration Time |
4 | Exportable Certification |
5 | Trust Signature |
6 | Regular Expression |
7 | Revocable |
8 | Reserved |
9 | Key Expiration Time |
10 | Placeholder for backward compatibility |
11 | Preferred Symmetric Algorithms |
12 | Revocation Key |
13 to 15 | Reserved |
16 | Issuer |
17 to 19 | Reserved |
20 | Notation Data |
21 | Preferred Hash Algorithms |
22 | Preferred Compression Algorithms |
23 | Key Server Preferences |
24 | Preferred Key Server |
25 | Primary User ID |
26 | Policy URI |
27 | Key Flags |
28 | Signer's User ID |
29 | Reason for Revocation |
30 | Features |
31 | Signature Target |
32 | Embedded Signature |
33 | Issuer Fingerprint |
34 | Preferred Encryption Modes |
35 | Intended Recipient Fingerprint |
37 | Attested Certifications |
38 | Key Block |
39 | Reserved |
40 | Literal Data Meta Hash |
41 | Trust Alias |
100 to 110 | Private or experimental |
Code | Reason |
---|---|
0 | No reason specified (key revocations or cert revocations) |
1 | Key is superseded (key revocations) |
2 | Key material has been compromised (key revocations) |
3 | Key is retired and no longer used (key revocations) |
32 | User ID information is no longer valid (cert revocations) |
100-110 | Private Use |
Type | Attribute Subpacket |
---|---|
1 | Image Attribute Subpacket |
[TBD1] | User ID Attribute Subpacket |
100-110 | Private/Experimental Use |
ID | Algorithm |
---|---|
1 | RSA (Encrypt or Sign) |
2 | RSA Encrypt-Only |
3 | RSA Sign-Only |
16 | Elgamal (Encrypt-Only) |
17 | DSA (Digital Signature Algorithm) |
18 | ECDH public key algorithm |
19 | ECDSA public key algorithm |
20 | Reserved (formerly Elgamal Encrypt or Sign) |
21 | Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) |
22 | EdDSA |
23 | Reserved for AEDH |
24 | Reserved for AEDSA |
29 | Kyber |
100--110 | Private/Experimental algorithm |
ASN.1 Object Identifier | OID len | Curve OID bytes in hexadecimal representation | Curve name |
---|---|---|---|
1.2.840.10045.3.1.7 | 8 | 2A 86 48 CE 3D 03 01 07 | NIST P-256 |
1.3.132.0.34 | 5 | 2B 81 04 00 22 | NIST P-384 |
1.3.132.0.35 | 5 | 2B 81 04 00 23 | NIST P-521 |
1.3.36.3.3.2.8.1.1.7 | 9 | 2B 24 03 03 02 08 01 01 07 | brainpoolP256r1 |
1.3.36.3.3.2.8.1.1.11 | 9 | 2B 24 03 03 02 08 01 01 0B | brainpoolP384r1 |
1.3.36.3.3.2.8.1.1.13 | 9 | 2B 24 03 03 02 08 01 01 0D | brainpoolP512r1 |
1.3.6.1.4.1.11591.15.1 | 9 | 2B 06 01 04 01 DA 47 0F 01 | Ed25519 |
1.3.6.1.4.1.3029.1.5.1 | 10 | 2B 06 01 04 01 97 55 01 05 01 | Curve25519 |
1.3.101.112 | 3 | 2B 65 70 | Ed25519(1) |
1.3.101.110 | 3 | 2B 65 6E | Curve25519(1) |
1.3.101.113 | 3 | 2B 65 71 | Ed448 |
1.3.101.111 | 3 | 2B 65 6F | X448 |
ID | Algorithm |
---|---|
0 | Plaintext or unencrypted data |
1 | IDEA |
2 | TripleDES (DES-EDE, |
3 | CAST5 (128 bit key, as per |
4 | Blowfish (128 bit key, 16 rounds) |
5 | Reserved |
6 | Reserved |
7 | AES with 128-bit key |
8 | AES with 192-bit key |
9 | AES with 256-bit key |
10 | Twofish with 256-bit key |
11 | Camellia with 128-bit key |
12 | Camellia with 192-bit key |
13 | Camellia with 256-bit key |
100--110 | Private/Experimental algorithm |
ID | Algorithm |
---|---|
0 | Uncompressed |
1 | ZIP |
2 | ZLIB |
3 | BZip2 |
100--110 | Private/Experimental algorithm |
ID | Algorithm | Text Name |
---|---|---|
1 | MD5 |
"MD5" |
2 | SHA-1 |
"SHA1" |
3 | RIPE-MD/160 |
"RIPEMD160" |
4 | Reserved | Â |
5 | Reserved | Â |
6 | Reserved | Â |
7 | Reserved | Â |
8 | SHA2-256 |
"SHA256" |
9 | SHA2-384 |
"SHA384" |
10 | SHA2-512 |
"SHA512" |
11 | SHA2-224 |
"SHA224" |
12 | SHA3-256 |
"SHA3-256" |
13 | Reserved | Â |
14 | SHA3-512 |
"SHA3-512" |
100--110 | Private/Experimental algorithm | Â |
ID | Mode |
---|---|
1 | EAX |
2 | OCB |
Value | Attribute | Reference |
---|---|---|
1 | Image | This Document |
Allowed Values | Name | Type | Reference |
---|---|---|---|
A String | charset | Character Set | This Doc |
Any String | manu | Manufacturer Name | This Doc |
Any String | make | Product Make | This Doc |
Any String | model | Product Model | This Doc |
Any String | prodid | Product ID | This Doc |
Any String | pvers | Product Version | This Doc |
Any String | lot | Product Lot Number | This Doc |
Decimal Integer String | qty | Package Quantity | This Doc |
A geo: URI without the "geo:" | loc | Current Geolocation Latitude/Longitude | This Doc |
A geo: URI without the "geo:" | dest | Destination Geolocation Latitude/Longitude | This Doc |
Hash Notation data | hash | The Hash of external data | This Doc |
ID | Algorithm | Reference |
---|---|---|
22 | EdDSA public key algorithm | This doc, |
23 | Reserved for AEDH | This doc |
24 | Reserved for AEDSA | This doc |
ID | Algorithm | Reference |
---|---|---|
12 | SHA3-256 | This doc |
13 | Reserved | Â |
14 | SHA3-512 | This doc |
Curve | Hash algorithm | Symmetric algorithm |
---|---|---|
NIST P-256 | SHA2-256 | AES-128 |
NIST P-384 | SHA2-384 | AES-192 |
NIST P-521 | SHA2-512 | AES-256 |
brainpoolP256r1 | SHA2-256 | AES-128 |
brainpoolP384r1 | SHA2-384 | AES-192 |
brainpoolP512r1 | SHA2-512 | AES-256 |
Curve25519 | SHA2-256 | AES-128 |
X448 | SHA2-512 | AES-256 |
Curve | ML-KEM | ECC-KEM | SHAFunc | Requirement |
---|---|---|---|---|
X25519 | 768 | XKem | SHA3-256 | SHOULD |
X448 | 768 | XKem | SHA3-512 | MAY |
X25519 | 1024 | XKem | SHA3-256 | MAY |
X448 | 1024 | XKem | SHA3-512 | SHOULD |
brainpoolP256r1 | 768 | ecdhKem | SHA3-256 | SHOULD |
brainpoolP384r1 | 768 | ecdhKem | SHA3-512 | MAY |
brainpoolP512r1 | 768 | ecdhKem | SHA3-512 | MAY |
brainpoolP256r1 | 1024 | ecdhKem | SHA3-256 | MAY |
brainpoolP384r1 | 1024 | ecdhKem | SHA3-512 | SHOULD |
brainpoolP512r1 | 1024 | ecdhKem | SHA3-512 | MAY |
NIST P-256 | 768 | ecdhKem | SHA3-256 | MAY |
NIST P-384 | 768 | ecdhKem | SHA3-512 | MAY |
NIST P-521 | 768 | ecdhKem | SHA3-512 | MAY |
NIST P-256 | 1024 | ecdhKem | SHA3-256 | MAY |
NIST P-384 | 1024 | ecdhKem | SHA3-512 | MAY |
NIST P-521 | 1024 | ecdhKem | SHA3-512 | MAY |
ML-KEM | Public Key | Secret Key | Ciphertext |
---|---|---|---|
ML-KEM-768 | 1184 | 2400 | 1088 |
ML-KEM-1024 | 1568 | 3168 | 1568 |