< draft-popov-cryptopro-cpalgs-00.txt   draft-popov-cryptopro-cpalgs-01.txt >
Internet Draft Vladimir Popov, CRYPTO-PRO Internet Draft Vladimir Popov, CRYPTO-PRO
Igor Kurepkin, CRYPTO-PRO Igor Kurepkin, CRYPTO-PRO
Expires August 15, 2004 Serguei Leontiev, CRYPTO-PRO Expires September 30, 2004 Serguei Leontiev, CRYPTO-PRO
Intended Category: Informational February 15, 2004 Intended Category: Informational March 31, 2004
Additional cryptographic algorithms for use with GOST 28147-89, Additional cryptographic algorithms for use with GOST 28147-89,
GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms. GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms.
<draft-popov-cryptopro-cpalgs-00.txt> <draft-popov-cryptopro-cpalgs-01.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026. of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 42 skipping to change at page 1, line 42
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
Abstract Abstract
This document describes cryprographic algorithms and parameters, This document describes cryprographic algorithms and parameters,
supplementary to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 supplementary to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001
and GOST R 34.11-94, for use in internet applications. and GOST R 34.11-94, for use in internet applications.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2 1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 2
2 Cipher algorithms. . . . . . . . . . . . . . . . . . . . 3 2 Cipher modes and parameters. . . . . . . . . . . . . . . 3
2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 3 2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 3
2.2 Key meshing algorithms . . . . . . . . . . . . . . . . . 3 2.2 GOST 28147-89 padding modes. . . . . . . . . . . . . . . 4
3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 4 2.3 Key Meshing Algorithms . . . . . . . . . . . . . . . . . 4
4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 4 2.3.1 Null Key Meshing . . . . . . . . . . . . . . . . . . . . 4
5 Key establishment algorithms . . . . . . . . . . . . . . 4 2.3.2 CryptoPro Key Meshing. . . . . . . . . . . . . . . . . . 4
5.1 Creating exchange key using GOST R 34.10-94 keys . . . . 4 3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 5
5.2 Creating exchange key using GOST R 34.10-2001 keys . . . 4 4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 5
5.3 Generating export key from exchange key. . . . . . . . . 4 5 Key Derivation Algorithms. . . . . . . . . . . . . . . . 5
5.4 Key export using export key. . . . . . . . . . . . . . . 4 5.1 VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . . 5
5.5 Key export using exchange key. . . . . . . . . . . . . . 4 5.2 VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . . 6
5.6 Key Diversification. . . . . . . . . . . . . . . . . . . 4 6 Key Wrap algorithms. . . . . . . . . . . . . . . . . . . 6
5.7 VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 algorithms 4 6.1 GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . . 6
5.7.1 'Simple export' mode . . . . . . . . . . . . . . . . . . 4 6.2 GOST 28147-89 Key Unrap. . . . . . . . . . . . . . . . . 7
5.7.2 'CryptoPro' mode . . . . . . . . . . . . . . . . . . . . 4 6.3 CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . . 7
6 Algorithm parameters . . . . . . . . . . . . . . . . . . 4 6.4 CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . . 8
6.1 Encryption algorithm parameters . . . . . . . . . . . . 4 6.5 CryptoPro KEK Diversification Algorithm. . . . . . . . . 8
6.2 Digest algorithm parameters. . . . . . . . . . . . . . . 4 7 Secret Key Diversification . . . . . . . . . . . . . . . 9
6.3 GOST R 34.10-94 public key algorithm parameters . . . . 4 8 Algorithm parameters . . . . . . . . . . . . . . . . . . 9
6.4 GOST R 34.10-2001 public key algorithm parameters. . . . 4 8.1 Encryption algorithm parameters . . . . . . . . . . . . 9
7 Security Considerations. . . . . . . . . . . . . . . . . 11 8.2 Digest algorithm parameters. . . . . . . . . . . . . . . 11
8 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 27 8.3 GOST R 34.10-94 public key algorithm parameters . . . . 11
9 References . . . . . . . . . . . . . . . . . . . . . . . 27 8.4 GOST R 34.10-2001 public key algorithm parameters. . . . 12
10 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 29 9 Security Considerations. . . . . . . . . . . . . . . . . 13
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 29 10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 30 11 References . . . . . . . . . . . . . . . . . . . . . . . 49
12 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 51
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 51
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 53
1 Introduction 1 Introduction
This document describes cryprographic algorithms, used in supplement Russian cryptographic standards defining algorithms GOST 28147-89
to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and GOST R [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R 34.10-2001
34.11-94, proposed by CRYPTO-PRO Company for "Russian Cryptographic [GOSTR34102001] and GOST R34.11-94 [GOSTR341194] (a brief english
Software Compatibility Agreement" community. GOST 28147-89, GOST R technical description of these algorithms can be found in
34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 are defined in [Schneier95]) provide basic information about how the algorithms
corresponding national standards - [GOST28147], [GOSTR341094], work, but need supplemental specifications to effectively use the
[GOSTR34102001] and [GOSTR341194]. Their brief technical description algorithms.
in english can be found in [Schneier95].
This document is a proposal put forward by CRYPT-PRO Company to
provide the supplemental information and specifications needed by the
"Russian Cryptographic Software Compatibility Agreement" community.
1.2 Terminology 1.2 Terminology
In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD,
SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described
in [RFC 2119]. in [RFC 2119].
The following functions and operators are also used in this document: The following functions and operators are also used in this document:
'|' stands for concatenation
encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in
"prostaya zamena" (ECB) mode "prostaya zamena" (ECB) mode
decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in
ECB mode ECB mode
encryptCFB (I, K, D) - is D, encrypted with key K using GOST 28147-89 encryptCFB (IV, K, D) - is D, encrypted with key K using GOST
in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and I as 28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and
initialization vector. IV as initialization vector.
encryptOFB (I, K, D) - is D, encrypted with key K using GOST 28147-89 encryptCNT (IV, K, D) - is D, encrypted with key K using GOST
in "gammirovanie" (64-bit OFB) mode, and I as initialization vector. 28147-89 in "gammirovanie" (counter) mode, and IV as initialization
vector.
gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash
function, used with zero intitialization vector, and UZ parameter, function, used with zero intitialization vector, and S-Box parameter,
defined by gostR3411CryptoProParamSetAI (see Appendix, defined by gostR3411CryptoProParamSetAI (see Appendix,
GostR3411-94-ParamSetSyntax module). GostR3411-94-ParamSetSyntax module).
gost28147IMIT (I, K, D) - is the 32-bit result of GOST 28147-89 in gost28147IMIT (IV, K, D) - is the 32-bit result of GOST 28147-89 in
"imitovstavka" (MAC) mode, used with D as plaintext, K as key and I "imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV
as initialization vector. Note, that standard specifies it's use in as initialization vector. Note, that standard specifies it's use in
this mode only with zero initialization vector. this mode only with zero initialization vector.
2 Cipher parameters When keys and initialization vectors are converted to/from byte
arrays, little-endian byte order is assumed.
[GOST28147] defines only the basic cryptographic operations, which 2 Cipher modes and parameters
can be used to encrypt or decrypt data. This document defines an
additional cipher mode GOST 28147-89 CBC, and key meshing algorithm, [GOST28147] defines only three cipher modes for GOST 28147-89: ECB,
which can be used to protect a symmetric key, when it is used to CFB and counter mode. This document defines an additional cipher mode
process large amounts of data. CBC.
When GOST 28147-89 is used to process large amounts of data, a
symmetric key should be protected by key meshing algorithm. This
document defines CryptoPro key meshing algorithm.
The cipher mode, key meshing algorithm, padding mode and S-box are The cipher mode, key meshing algorithm, padding mode and S-box are
specified by algorithm parameters. specified by algorithm parameters.
2.1 GOST 28147-89 CBC mode 2.1 GOST 28147-89 CBC mode
Algorithm GOST 28147-89 CBC mode is a block cipher with block This section provides the supplemental information to GOST 28147-89
chaining, based on GOST 28147-89 in ECB mode. (a block to block primitive) needed to operate in CBC mode.
Before each plaintext block is encrypted, it is combined with the Before each plaintext block is encrypted, it is combined with the
cipher text of the previous block by a bitwise exclusive OR cipher text of the previous block by a bitwise XOR operation. This
operation. This ensures that even if the plaintext contains many ensures that even if the plaintext contains many identical blocks,
identical blocks, they will each encrypt to a different cipher text they will each encrypt to a different cipher text block. The
block. The initialization vector is combined with the first initialization vector is combined with the first plaintext block by a
plaintext block by a bitwise exclusive OR operation before the block bitwise XOR operation before the block is encrypted.
is encrypted.
2.2 GOST 28147-89 padding modes
This section provides the supplemental information to GOST 28147-89,
needed to operate on plaintext, which length is not divisible by GOST
28147-89 block size (8 bytes).
Let x (0 < x < 8) be the number of bytes in the last (possibly, Let x (0 < x < 8) be the number of bytes in the last (possibly,
incomplete) block of data. There are three padding modes: incomplete) block of data. There are three padding modes:
* Zero padding: 8-x remaining bytes are filled with zero * Zero padding: 8-x remaining bytes are filled with zero
* PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x. * PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x.
If there's no incomplete block, one extra block filled with value If there's no incomplete block, one extra block filled with
8 is added. value 8 is added.
* Random padding: 8-x remaining bytes of the last block are set to * Random padding: 8-x remaining bytes of the last block are
random. set to random.
2.2 Key meshing algorithms 2.3 Key Meshing Algorithms
When there is a need to limit the amount of data, enciphered with the When there is a need to limit the amount of data, enciphered with the
same key, several key meshing algorithms can be used. same key, several key meshing algorithms can be used. Key meshing
algorithms transform the key after processing a certain amount of
data.
All encryption parameter sets, defined in this document, specify use
of CryptoPro key meshing algorithm, except for id-
Gost28147-89-TestParamSet, which specifies use of null key meshing
algorithm.
2.3.1 Null Key Meshing
A null key meshing algorithm never changes a key. It's OID is:
id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) none(0) } { id-CryptoPro-algorithms keyMeshing(14) none(0) }
This is a zero key meshing algorithm - key is never changed. This algorithm has NULL parameters.
2.3.2 CryptoPro Key Meshing
CryptoPro key meshing algorithm transforms the key and initialization
vector every 1KB of plaintext data. It's OID is:
id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) } { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }
This algorithm transforms the key and initialization vector every 1KB This algorithm has NULL parameters.
of plaintext data, using the following rule:
Let K[i] be the previous key, and S[i] be the previous initialization Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i =
vector. 0. Let IV[0] be the value of initialization vector after processing
1K of data. Encryption or decryption of next 1K data block will start
with K[1] and IV0[1], which are calculated using formula:
K[i+1] = decryptECB (K[i], C); S[i+1] = encryptECB (K[i+1],S[i]) K[i+1] = decryptECB (K[i], C);
IV0[i+1] = encryptECB (K[i+1],IV[i])
Where C = {0x22720069L, 0x2304C964L, 0x96DB3A8DL, 0xC42AE946L, Where C = {0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
0x94ACFE18L, 0x1207ED00L, 0xC2DC86C0L, 0x2BA94CEFL}; 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B};
After processing every next 1K block, current initialization vector
is stored as IV[i+1], i is incremented and the same transformation
applied.
3 HMAC_GOSTR3411 3 HMAC_GOSTR3411
HMAC_GOSTR3411 (K,text) function is based on hash function GOST R HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
34.11-94, as defined in [HMAC], with the following parameter values: 34.11-94, as defined in [HMAC], with the following parameter values:
B = 32, L = 32. B = 32, L = 32.
4 PRF_GOSTR3411 4 PRF_GOSTR3411
PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411. PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411.
It is calculated as P_hash, defined in section 5 of [TLS]. It is calculated as P_hash, defined in section 5 of [TLS].
PRF_GOSTR3411(K,D) = P_GOSTR3411 (K,D) PRF_GOSTR3411(K,D) = P_GOSTR3411 (K,D)
5 Key establishment algorithms 5 Key Derivation Algorithms
Standards [GOSTR341094] and [GOSTR34102001] do not define any key Standards [GOSTR341094] and [GOSTR34102001] do not define any key
establishment algorithms. derivation algorithms.
Section 5.7 specifies algorithms VKO GOST R 34.10-94 and VKO GOST R
34.10-2001, which can be used to export/import session key using a
one-time exchange key (symmetric key, shared by sender and
recipient), based on sender's private key and recipient public key,
or vice versa.
Sections 5.1 and 5.2 describe how to create an exchange key from
sender's private key and recipient public key, or vice versa.
Section 5.3 describes how to create an export key from an exchange Section 5.1 specifies algorithm VKO GOST R 34.10-94, which generates
key or symmetric key. GOST KEK using two GOST R 34.10-94 keypairs.
Sections 5.4 and 5.5 describe, how a session key can be exported Section 5.2 specifies algorithm VKO GOST R 34.10-2001, which
(encrypted) using export key, or using exchange key directly. generates GOST KEK using two GOST R 34.10-2001 keypairs, and
synchrovector A.
Section 5.6 describes, how to create session keys, using secret key Keypairs MUST have identical parameters.
and diversification data.
5.1 Creating exchange key using GOST R 34.10-94 keys 5.1 VKO GOST R 34.10-94
This algorithm creates an exchange key using sender's private key and This algorithm creates a a key encryption key (KEK) using sender's
recipient public key, or vice versa, using GOST R 34.10-94 public key private key and recipient public key, or vice versa.
algorithm and GOST R 34.11-94 hash function.
Exchange key EK is a 256-bit hash of 1024-bit Diffie-Hellman key Exchange key EK is a 256-bit hash of 1024-bit Diffie-Hellman key
K(x,y); K(x,y);
EK = gostR3411 (K(x,y)) 1. Let K(x,y) = a^(x*y) (mod p), where
K(x,y) = a^(x*y) (mod p), where x - sender's private key, a^x - sender's public key
y - recipient's private key, a^y - recipient's public key
a, p - parameters 2. Calculate a 256-bit hash of K(x,y):
KEK(x,y) = gostR3411 (K(x,y))
x - sender's private key, a^x - sender's public key Keypairs x and y MUST comply with [GOSTR341094].
y - recipient's private key, a^y - recipient's public key
Keys x and y MUST comply with [GOSTR341094]. This algorithm MUST NOT be used, when a^x = a (mod p) or a^y = a (mod
p).
This algorithm MUST NOT be used, when a^x = a (mod p) or a^y = a (mod 5.2 VKO GOST R 34.10-2001
p).
5.2 Creating exchange key using GOST R 34.10-2001 keys This algorithm creates a key encryption key (KEK) using synchrovector,
sender's private key and recipient public key, or vice versa.
This algorithm creates an exchange key using sender's private key and 1. Let K(x,y,IV) = ((IV*x)(mod q)) . (y.P) (512 bit), where
recipient public key, or vice versa, using GOST R 34.10-2001 public x - sender's private key (256 bit)
key algorithm and GOST R 34.11-94 hash function. x.P - sender's public key (512 bit)
y - recipient's private key (256 bit)
y.P - recipient's public key (512 bit)
IV - synchrovector (64 bit)
P - base point on the elliptic curve (two 256-bit coordinates)
IV*x - x multiplied by IV as integers
x.P - a multiple point
Exchange key EK is a 256-bit hash of K(x,y,a); 2. Calculate a 256-bit hash of K(x,y,IV):
KEK(x,y,IV) = gostR3411 (K(x,y,IV))
EK(x,y,a) = gostR3411 (K(x,y,a)) Keypairs x and y MUST comply with [GOSTR34102001].
K(x,y,a) = ((a*x)(mod q)) . (y.P) (512 bit), where
x - sender's private key (256 bit)
x.P - sender's public key (512 bit)
y - recipient's private key (256 bit)
y.P - recipient's public key (512 bit)
a - synchrovector (64 bit)
P - base point on the elliptic curve (two 256-bit coordinates)
a*x - x multiplied by a as integers
x.P - a multiple point
Keys x and y MUST comply with [GOSTR34102001]. This algorithm MUST NOT be used, when x.P = P, y.P = P
This algorithm MUST NOT be used, when x.P = P, y.P = P 6 Key Wrap algorithms
5.3 Generating export key from exchange key This document defines two key wrap algorithms: GOST 28147-89 Key Wrap
and CryptoPro Key Wrap.
Given a random 64-bit synchrovector A, and an exchange key K, 6.1 GOST 28147-89 Key Wrap
produced by algorithms from sections 5.1 and 5.2 (or other shared
symmetric key K), this algorithm creates an export key K(A), which
can be used to export (encrypt) session key.
KA = K[8]. K[0]..K[8] are calculated with following algorithm: This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
K[0] = K; Note: This algorithm MUST NOT be used with KEK produced by VKO GOST R
K[i+1] = encryptCFB (S[i], K[i], K[i]) 34.10-94, because such KEK is constant for every sender-recipient
S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32) pair. Encrypting many different content encryption keys on the same
| ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32); constant KEK may reveal this KEK.
Here a[i,j] and k[i,j] are components of A and K[i] respectively: Identifier for this algorithm:
K[i] = k[i,0]|k[i,1]|...|k[i,7] (k[i,j] - 32-bit integer)
A = a[0]|...|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)
5.4 Key export using export key id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
This algorithm exports session key SK using key K and random 64-bit The GOST 28147-89 key wrap algorithm is:
synchrovector A. Outputs of this algorithm are 32-bit SK_mac and
256-bit SK_enc.
First, export key KA is created using algorithm, specified in 5.3, 1. For unique symmetric KEK, generate 8 octets at random,
from the key K and vector A. call the result IV.
For KEK, produced by VKO GOST R 34.10-2001, use the same IV,
that was used for key derivation.
2. Compute a 4-byte checksum value, gost28147IMIT (IV, KEK, CEK),
call the result CEK_MAC.
3. Encrypt CEK in ECB mode using KEK. Use IV, generated in step 1.
Call the ciphertext CEK_ENC.
4. Let RES = IV | CEK_ENC | CEK_MAC.
Then SK_mac is calculated: SK_mac = gost28147IMIT (A, KA, SK). 6.2 GOST 28147-89 Key Unwrap
Then SK is encrypted in ECB mode, using key KA: This algorithm decrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
SK_enc = encryptECB (KA, SK); The GOST 28147-89 key unwrap algorithm is:
5.5 Key export using exchange key 1. If the wrapped content-encryption key is not 44 octets, then
error.
2. Decompose the the wrapped content-encryption key into IV, CEK_ENC
and CEK_MAC. IV is the most significant (first) 8 octets, CEK_ENC
is next 32 octets, and CEK_MAC is the least significant (last) 4
octets.
3. Decrypt CEK_ENC in ECB mode using KEK. Use IV, obrained in
step 1. Call the output CEK.
4. Compute a 4-byte checksum value, gost28147IMIT (IV, KEK, CEK),
compare the result CEK_MAC. If not equal, then error.
This algorithm exports session key SK using exchange key K and random 6.3 CryptoPro Key Wrap
64-bit synchrovector A. Outputs of this algorithm are 32-bit SK_mac
and 256-bit SK_enc.
First, SK_mac is calculated: SK_mac = gost28147IMIT (A, K, SK). This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
It can be used with any KEK, e.g. produced by VKO GOST R 34.10-94 or
VKO GOST R 34.10-2001, because unique initialization vector is used
to diversify the KEK.
Then SK is encrypted in ECB mode, using K for key: Identifier for this algorithm:
SK_enc = encryptECB (K, SK); id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
5.6 Key Diversification The CryptoPro key wrap algorithm is:
This algorithm creates a session key SK, given secret key K and 1. For unique symmetric KEK, or KEK produced by VKO GOST R 34.10-94,
diversification data D of size 4..40 bytes. generate 8 octets at random, call the result IV.
For KEK, produced by VKO GOST R 34.10-2001, use the same IV,
that was used for key derivation.
2. Diversify KEK, using CryptoPro KEK Diversification Algorithm,
described in section 7.2.1, call the result KEK(IV);
3. Compute a 4-byte checksum value,
gost28147IMIT (IV, KEK(IV), CEK), call the result CEK_MAC.
4. Encrypt CEK in ECB mode using KEK(IV). Use IV, generated in
step 1.
Call the ciphertext CEK_ENC.
5. Let RES = IV | CEK_ENC | CEK_MAC.
1) 40-byte blob B is created from D by cloning it enough to fill all 6.4 CryptoPro Key Unrap
40 bytes. For example, if D is 40-bytes long, B = D; If D is 4-bytes
long, B = D|D|D|D|D|D|D|D|D|D.
2) B is split into 8-byte SV and 32-byte SRCKEY (B = SV|SRCKEY). This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
The CryptoPro key unwrap algorithm is:
3) Algorithm from section 5.3 is used to create KA from key K and 1. If the wrapped content-encryption key is not 44 octets, then
synchrovector SV, with two differences. Instead of S[i], vector error.
(0,0,0,SV[i],ff,ff,ff,ff XOR SV[i]) is used, and during each 2. Decompose the the wrapped content-encryption key into IV, CEK_ENC
encryption step, only 8 out of 32 GOST 28147-89 steps are done. and CEK_MAC. IV is the most significant (first) 8 octets, CEK_ENC
is next 32 octets, and CEK_MAC is the least significant (last)
4 octets.
3. Diversify KEK, using CryptoPro KEK Diversification Algorithm,
described in section 6.5, call the result KEK(IV);
4. Decrypt CEK_ENC in ECB mode using KEK(IV). Use IV, obrained in
step 1. Call the output CEK.
5. Compute a 4-byte checksum value,
gost28147IMIT (IV, KEK(IV), CEK), compare the result CEK_MAC.
If not equal, then error.
4) SK is calculated: 6.5 CryptoPro KEK Diversification Algorithm
SK = encryptCFB (A, KA, SRCKEY).
5.7 VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 algorithms. VKO GOST Given a random 64-bit synchrovector IV, and a GOST 28147-89 key K,
R 34.10-94 and VKO GOST R 34.10-2001 are key establishment algorithms this algorithm creates a new GOST 28147-89 key K(IV).
for GOST R 34.10-94 and GOST R 34.10-2001 keys accordingly.
There are two modes they can be used in. 1. Let K[0] = K;
5.7.1 'Simple export' mode 2. IV is split into components a[i,j]:
IV = a[0]|...|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)
Identifier for this mode: 3. Let i be 0.
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::= 4. K[1]..K[8] are calculated by repeating the
{ id-CryptoPro-algorithms keyWrap(13) none(0) } following algorithm eight times:
The first step is calculating an exchange key, using algorithms, A) K[i] is split into components k[i,j]:
defined in sections 5.1 or 5.2, depending on key type. K[i] = k[i,0]|k[i,1]|...|k[i,7] (k[i,j] - 32-bit integer)
B) Vector S[i] is calculated:
S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32)
| ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32);
C) K[i+1] = encryptCFB (S[i], K[i], K[i])
D) i = i + 1
Then, session key can be exported on this exchange key, using 5. Let K(IV) be K[8].
algorithm from section 5.5
5.7.2 'CryptoPro' mode 7 Secret Key Diversification
Identifier for this mode: This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94
or GOST R 34.10-2001 secret key K and diversification data D of size
4..40 bytes.
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::= 1) 40-byte blob B is created from D by cloning it enough times to
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) } fill all 40 bytes. For example, if D is 40-bytes long, B = D; If D is
4-bytes long, B = D|D|D|D|D|D|D|D|D|D.
The first step is calculating an exchange key, using algorithms, 2) B is split into 8-byte SV and 32-byte SRCKEY (B = SV|SRCKEY).
defined in sections 5.1 or 5.2, depending on key type.
Then, session key is exported on the export key (computed from this 3) Algorithm from section 6.5 is used to create K(SV) from key K and
exchange key) using algorithm from section 5.4; synchrovector SV, with two differences. Instead of S[i], vector
(0,0,0,SV[i],ff,ff,ff,ff XOR SV[i]) is used, and during each
encryption step, only 8 out of 32 GOST 28147-89 steps are done.
6 Algorithm parameters 4) Kd is calculated:
Kd = encryptCFB (IV, K(IV), SRCKEY).
8 Algorithm parameters
Standards [GOST28147], [GOST341194], [GOSTR341094] and Standards [GOST28147], [GOST341194], [GOSTR341094] and
[GOSTR34102001] do not define specific values for algorithm [GOSTR34102001] do not define specific values for algorithm
parameters. parameters.
This document introduces the use of OIDs to specify algorithm This document introduces the use of OIDs to specify algorithm
parameters. parameters.
Identifiers and corresponding parameter values for all of the Identifiers and corresponding parameter values for all of the
proposed parameter sets can be found in Appendix in the form of ASN.1 proposed parameter sets can be found in Appendix in the form of ASN.1
modules [X.660]. modules [X.660].
6.1 Encryption algorithm parameters 8.1 Encryption algorithm parameters
GOST 28147-89 can be used in several modes, additional CBC mode is GOST 28147-89 can be used in several modes, additional CBC mode is
defined in section 2.1 this document. It also has an S-Box parameter defined in section 2.1 this document. It also has an S-Box parameter
(see Algorithm Parameters part in [GOST28147] in Russian, description (see Algorithm Parameters part in [GOST28147] in Russian, description
in English see in [Schneier95] ch. 14.1, p. 331). in English see in [Schneier95] ch. 14.1, p. 331).
This table contains the list of proposed parameter sets for GOST This table contains the list of proposed parameter sets for GOST
28147-89: 28147-89:
Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
skipping to change at page 9, line 10 skipping to change at page 10, line 35
id-Gost28147-89-CryptoPro-Simple-C-ParamSet } | id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-D-ParamSet } id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
} }
Identifier values can be found in Appendix. Identifier values can be found in Appendix.
Parameters for GOST 28147-89 are presented in the following form: Parameters for GOST 28147-89 are presented in the following form:
Gost28147-89-ParamSetParameters ::= SEQUENCE { Gost28147-89-ParamSetParameters ::= SEQUENCE {
eUZ Gost28147-89-UZ, eUZ Gost28147-89-UZ,
mode INTEGER { mode INTEGER {
gost28147-89-OFB(0), gost28147-89-CNT(0),
gost28147-89-CFB(1), gost28147-89-CFB(1),
cryptoPro-CBC(2) cryptoPro-CBC(2)
}, },
shiftBits INTEGER { gost28147-89-block(64) }, shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier {{ keyWrap AlgorithmIdentifier,
Gost28147-89-KeyWrapAlgorithms keyMeshing AlgorithmIdentifier
}},
keyMeshing AlgorithmIdentifier {{
Gost28147-89-KeyMixAlgorithms
}}
} }
Gost28147-89-UZ ::= OCTET STRING (SIZE (64)) Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
Gost28147-89-KeyMixAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMix } | { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMix } { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
} }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } | { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap } { NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
} }
where where
eUZ - S-box value; eUZ - S-box value;
mode - cipher mode; mode - cipher mode;
shiftBits - cipher parameter; shiftBits - cipher parameter;
keyWrap - key export algorithm identifier; keyWrap - key export algorithm identifier;
keyMeshing - key meshing algorithm identifier. keyMeshing - key meshing algorithm identifier.
6.2 Digest algorithm parameters 8.2 Digest algorithm parameters
This table contains the list of proposed parameter sets for This table contains the list of proposed parameter sets for
[GOST341194]: [GOST341194]:
GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-TestParamSet id-GostR3411-94-TestParamSet
} | } |
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
skipping to change at page 11, line 28 skipping to change at page 12, line 50
factor factor
of p-1; of p-1;
a - generator, integer, 1<a<p-1, at that aq (mod p) = 1; a - generator, integer, 1<a<p-1, at that aq (mod p) = 1;
validationAlgorithm - constant p, q and a calculating algorithm. validationAlgorithm - constant p, q and a calculating algorithm.
t - bit length of p; t - bit length of p;
x0 - seed; x0 - seed;
c - used for p and q generation; c - used for p and q generation;
d - used for a generation. d - used for a generation.
6.4 GOST R 34.10-2001 public key algorithm parameters 8.4 GOST R 34.10-2001 public key algorithm parameters
This table contains the list of proposed parameter sets for GOST R This table contains the list of proposed parameter sets for GOST R
34.10-2001: 34.10-2001:
GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-TestParamSet } | id-GostR3410-2001-TestParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-A-ParamSet } | id-GostR3410-2001-CryptoPro-A-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-B-ParamSet } | id-GostR3410-2001-CryptoPro-B-ParamSet } |
skipping to change at page 12, line 26 skipping to change at page 13, line 47
x INTEGER , x INTEGER ,
y INTEGER y INTEGER
} }
a, b - coefficients a and b of the elliptic curve E; a, b - coefficients a and b of the elliptic curve E;
j - invariant; j - invariant;
p - prime number - elliptic curve modulus; p - prime number - elliptic curve modulus;
q - prime number - order of cyclic group; q - prime number - order of cyclic group;
x, y - base point p coordinates. x, y - base point p coordinates.
7 Security Considerations 9 Security Considerations
Parameter values for using cryptographic algorithms affect rigidity It is RECCOMENDED, that software applications verify signature
of information protection system. It is RECCOMENDED, that software values, subject public keys and algorithm parameters to conform to
applications verify signature values, subject public keys and [GOSTR34102001], [GOSTR341094] standards prior to their use.
algorithm parameters to conform to [GOSTR34102001], [GOSTR341094]
standards prior to their use.
Cryptographic algorithm parameters affect rigidity of algorithms.
The algorithm parameters proposed hereby and described in this The algorithm parameters proposed hereby and described in this
document, have been analyzed by special certification laboratory of document, have been analyzed by special certification laboratory of
Scientific and Technical Centre "ATLAS" and by Centre of Scientific and Technical Center "ATLAS" and by Center of
Certificational Investigations in appropriate levels of Certificational Investigations in appropriate levels of
target_of_evaluation (TOE). target_of_evaluation (TOE), according to [RFDSL], [RFLLIC] and
[CRYPTOLIC].
In case of different parameters usage, it is RECCOMENDED that they Use of different parameter sets is NOT RECOMENDED. When different
are to be examined by authorized agency with an approved methods of parameters are used, it is RECCOMENDED to subject them to examination
cryptographic analysis. by an authorized agency with approved methods of cryptographic
analysis.
8 Appendix ASN.1 Modules 10 Appendix ASN.1 Modules
8.1 Gost28147-89-EncryptionSyntax 10.1 Cryptographic-Gost-Useful-Definitions
Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) cryptographic-Gost-Useful-Definitions(0)
1 }
DEFINITIONS ::=
BEGIN
-- EXPORTS All --
-- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian
-- Cryptography service.
-- Crypto-Pro OID branch
id-CryptoPro OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) }
id-CryptoPro-algorithms OBJECT IDENTIFIER ::=
id-CryptoPro
id-CryptoPro-modules OBJECT IDENTIFIER ::=
{ id-CryptoPro other(1) modules(1) }
id-CryptoPro-hashes OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms hashes(30) }
id-CryptoPro-encrypts OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms encrypts(31) }
id-CryptoPro-signs OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms signs(32) }
id-CryptoPro-exchanges OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms exchanges(33) }
id-CryptoPro-extensions OBJECT IDENTIFIER ::=
{ id-CryptoPro extensions(34) }
id-CryptoPro-ecc-signs OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms ecc-signs(35) }
id-CryptoPro-ecc-exchanges OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms ecc-exchanges(36) }
id-CryptoPro-private-keys OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms private-keys(37) }
id-CryptoPro-policyIds OBJECT IDENTIFIER ::=
{ id-CryptoPro policyIds(38) }
id-CryptoPro-policyQt OBJECT IDENTIFIER ::=
{ id-CryptoPro policyQt(39) }
id-CryptoPro-pkixcmp-infos OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms pkixcmp-infos(41) }
id-CryptoPro-audit-service-types OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms pkixcmp-infos(42) }
id-CryptoPro-audit-record-types OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms pkixcmp-infos(43) }
id-CryptoPro-attributes OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms attributes(44) }
-- ASN.1 modules of Russian Cryptography "GOST" & "GOST R"
-- Specifications
cryptographic-Gost-Useful-Definitions OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules
cryptographic-Gost-Useful-Definitions(0) 1 }
-- GOST R 34.11-94
gostR3411-94-DigestSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3411-94-DigestSyntax(1) 1 }
gostR3411-94-ParamSetSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3411-94-ParamSetSyntax(7) 1 }
-- GOST R 34.10-94
gostR3410-94-PKISyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3410-94-PKISyntax(2) 1 }
gostR3410-94-SignatureSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3410-94-SignatureSyntax(3) 1 }
gostR3410-EncryptionSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3410-EncryptionSyntax(5) 2 }
gostR3410-94-ParamSetSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3410-94-ParamSetSyntax(8) 1 }
-- GOST R 34.10-2001
gostR3410-2001-PKISyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gostR3410-2001-PKISyntax(9) 1 }
gostR3410-2001-SignatureSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules
gostR3410-2001-SignatureSyntax(10) 1 }
gostR3410-2001-ParamSetSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules
gostR3410-2001-ParamSetSyntax(12) 1 }
-- GOST 28147-89
gost28147-89-EncryptionSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost28147-89-EncryptionSyntax(4) 1 }
gost28147-89-ParamSetSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost28147-89-ParamSetSyntax(6) 1 }
-- Extended Key Usage for Crypto-Pro
gost-CryptoPro-ExtendedKeyUsage OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules
gost-CryptoPro-ExtendedKeyUsage(13) 1 }
-- Crypto-Pro Private keys
gost-CryptoPro-PrivateKey OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-PrivateKey(14) 1 }
-- Crypto-Pro PKIXCMP structures
gost-CryptoPro-PKIXCMP OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-PKIXCMP(15) 1 }
-- Crypto-Pro Transport Layer Security structures
gost-CryptoPro-TransportLayerSecurity OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-TransportLayerSecurit
y(16) 1 }
-- Crypto-Pro Policy
gost-CryptoPro-Policy OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-Policy(17) 1 }
-- Useful types
ALGORITHM-IDENTIFIER ::= CLASS {
&id OBJECT IDENTIFIER UNIQUE,
&Type OPTIONAL
}
WITH SYNTAX { [&Type] IDENTIFIED BY &id }
END -- Cryptographic-Gost-Useful-Definitions
10.2 Gost28147-89-EncryptionSyntax
Gost28147-89-EncryptionSyntax Gost28147-89-EncryptionSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 } other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 }
DEFINITIONS EXPLICIT TAGS ::= DEFINITIONS EXPLICIT TAGS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-encrypts, id-CryptoPro-algorithms, id-CryptoPro-encrypts,
ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions
cryptographic-Gost-Useful-Definitions
; ;
-- GOST 28147-89 OID -- GOST 28147-89 OID
id-Gost28147-89 OBJECT IDENTIFIER ::= id-Gost28147-89 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gost28147-89(21) } { id-CryptoPro-algorithms gost28147-89(21) }
-- GOST 28147-89 Cryptographic Parameter Sets OIDs id-Gost28147-89-MAC OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gost28147-89-MAC(22) }
-- GOST 28147-89 cryptographic parameter sets OIDs
id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts test(0) } { id-CryptoPro-encrypts test(0) }
id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-A(1) } { id-CryptoPro-encrypts cryptopro-A(1) }
id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-B(2) } { id-CryptoPro-encrypts cryptopro-B(2) }
id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-C(3) } { id-CryptoPro-encrypts cryptopro-C(3) }
id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-D(4) } { id-CryptoPro-encrypts cryptopro-D(4) }
id-Gost28147-89-CryptoPro-Oscar-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Oscar(5) }
id-Gost28147-89-CryptoPro-Simple-A-ParamSet id-Gost28147-89-CryptoPro-Simple-A-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-A(6) } { id-CryptoPro-encrypts cryptopro-Simple-A(6) }
id-Gost28147-89-CryptoPro-Simple-B-ParamSet id-Gost28147-89-CryptoPro-Simple-B-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-B(7) } { id-CryptoPro-encrypts cryptopro-Simple-B(7) }
id-Gost28147-89-CryptoPro-Simple-C-ParamSet id-Gost28147-89-CryptoPro-Simple-C-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-C(8) } { id-CryptoPro-encrypts cryptopro-Simple-C(8) }
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
skipping to change at page 14, line 13 skipping to change at page 18, line 12
Gost28147-89-Data ::= OCTET STRING (SIZE (0..4294967294)) Gost28147-89-Data ::= OCTET STRING (SIZE (0..4294967294))
Gost28147-89-EncryptedData ::= Gost28147-89-EncryptedData ::=
OCTET STRING (SIZE (0..4294967294)) OCTET STRING (SIZE (0..4294967294))
Gost28147-89-UZ ::= OCTET STRING (SIZE (64)) Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
Gost28147-89-IV ::= OCTET STRING (SIZE (8)) Gost28147-89-IV ::= OCTET STRING (SIZE (8))
Gost28147-89-Key ::= OCTET STRING (SIZE (32)) Gost28147-89-Key ::= OCTET STRING (SIZE (32))
Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4)) Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4))
Gost28147-89-EncryptedKey ::= Gost28147-89-EncryptedKey ::=
SEQUENCE { SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key OPTI
ONAL,
macKey Gost28147-89-MAC (SIZE (4)) macKey Gost28147-89-MAC (SIZE (4))
} }
Gost28147-89-BlobParameters ::=
SEQUENCE {
encryptionParamSet
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for
testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
)
}
-- GOST 28147-89 encryption algorithm parameters -- GOST 28147-89 encryption algorithm parameters
Gost28147-89-Parameters ::= Gost28147-89-Parameters ::=
SEQUENCE { SEQUENCE {
iv Gost28147-89-IV,
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for tests use id-Gost28147-89-TestParamSet | -- Only for test
id-Gost28147-89-CryptoPro-A-ParamSet | ing purposes
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
), id-Gost28147-89-CryptoPro-Simple-D-ParamSet
iv Gost28147-89-IV )
} }
Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-Parameters IDENTIFIED BY { Gost28147-89-Parameters IDENTIFIED BY
id-Gost28147-89 } id-Gost28147-89 }
} }
END -- Gost28147-89-EncryptionSyntax END -- Gost28147-89-EncryptionSyntax
8.2 Gost28147-89-ParamSetSyntax 10.3 Gost28147-89-ParamSetSyntax
Gost28147-89-ParamSetSyntax Gost28147-89-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gost28147-89-ParamSetSyntax(6) 1 } other(1) modules(1) gost28147-89-ParamSetSyntax(6) 1 }
DEFINITIONS EXPLICIT TAGS ::= DEFINITIONS EXPLICIT TAGS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-encrypts, id-CryptoPro-algorithms, id-CryptoPro-encrypts,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-UZ, Gost28147-89-UZ,
id-Gost28147-89-TestParamSet, id-Gost28147-89-TestParamSet,
id-Gost28147-89-CryptoPro-A-ParamSet, id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet, id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet, id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet, id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet, id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet, id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet, id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER AlgorithmIdentifier
FROM Cryptographic-Gost-Useful-Definitions FROM PKIX1Explicit88 {iso(1) identified-organization(3)
cryptographic-Gost-Useful-Definitions dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST 28147-89 Cryptographic Parameters Set: -- GOST 28147-89 cryptographic parameter sets:
-- algorithm & parameters -- OIDs for parameter sets are imported from
-- OID for Parameters Set imported from
-- Gost28147-89-EncryptionSyntax -- Gost28147-89-EncryptionSyntax
Gost28147-89-ParamSetParameters ::= Gost28147-89-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
eUZ Gost28147-89-UZ, eUZ Gost28147-89-UZ,
mode INTEGER { mode INTEGER {
gost28147-89-OFB(0), gost28147-89-CNT(0),
gost28147-89-CFB(1), gost28147-89-CFB(1),
cryptoPro-CBC(2) cryptoPro-CBC(2)
}, },
shiftBits INTEGER { gost28147-89-block(64) }, shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier {{ keyWrap AlgorithmIdentifier,
Gost28147-89-KeyWrapAlgorithms keyMeshing AlgorithmIdentifier
}},
keyMix AlgorithmIdentifier {{
Gost28147-89-KeyMixAlgorithms
}}
}
Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-TestParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-D-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
}
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
}
id-Gost28147-89-CryptoPro-KeyMix OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMix(14) cryptoPro(1) }
id-Gost28147-89-None-KeyMix OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMix(14) none(0) }
Gost28147-89-KeyMixAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMix } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMix }
} }
-- GOST 28147-89 Cryptographic Parameters Set: values Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
-- Test Parameters Set { Gost28147-89-ParamSetParameters IDENTIFIED BY
gost28147-89-TestParamSetAI id-Gost28147-89-TestParamSet } |
AlgorithmIdentifier {{ { Gost28147-89-ParamSetParameters IDENTIFIED BY
Gost28147-89-ParamSetAlgorithms id-Gost28147-89-CryptoPro-A-ParamSet } |
}} ::= { Gost28147-89-ParamSetParameters IDENTIFIED BY
{ id-Gost28147-89-CryptoPro-B-ParamSet } |
algorithm { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-TestParamSet, id-Gost28147-89-CryptoPro-C-ParamSet } |
parameters { Gost28147-89-ParamSetParameters IDENTIFIED BY
Gost28147-89-ParamSetParameters:{ id-Gost28147-89-CryptoPro-D-ParamSet } |
eUZ '4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896 { Gost28147-89-ParamSetParameters IDENTIFIED BY
003970C798AA1D55DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB id-Gost28147-89-CryptoPro-Simple-A-ParamSet } |
03F22165B844D8'H, { Gost28147-89-ParamSetParameters IDENTIFIED BY
mode gost28147-89-OFB, id-Gost28147-89-CryptoPro-Simple-B-ParamSet } |
shiftBits 64, { Gost28147-89-ParamSetParameters IDENTIFIED BY
keyWrap id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ algorithm id-Gost28147-89-None-KeyWrap }, { Gost28147-89-ParamSetParameters IDENTIFIED BY
keyMix id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
{ algorithm id-Gost28147-89-None-KeyMix } }
} id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
}
id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }
id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) none(0) }
Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
}
-- GOST 28147-89 cryptographic parameter set: values
-- Test parameter set
gost28147-89-UZ-Test Gost28147-89-UZ ::=
'4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896003970C798AA1D55
DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB03F22165B844D8'H
gost28147-89-TestParamSetAI
AlgorithmIdentifier ::= {
algorithm
id-Gost28147-89-TestParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-Test,
mode gost28147-89-CNT,
shiftBits 64,
keyWrap { algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing { algorithm id-Gost28147-89-None-KeyMeshing
}
} }
-- CryptoPro Parameters Sets }
gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::= -- CryptoPro parameter sets
-- K1 K2 K3 K4 K5 K6 K7 K8 gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::=
-- 9 3 E E B 3 1 B -- K1 K2 K3 K4 K5 K6 K7 K8
-- 6 7 4 7 5 A D A -- 9 3 E E B 3 1 B
-- 3 E 6 A 1 D 2 F -- 6 7 4 7 5 A D A
-- 2 9 2 C 9 C 9 5 -- 3 E 6 A 1 D 2 F
-- 8 8 B D 8 1 7 0 -- 2 9 2 C 9 C 9 5
-- B A 3 1 D 2 A C -- 8 8 B D 8 1 7 0
-- 1 F D 3 F 0 6 E -- B A 3 1 D 2 A C
-- 7 0 8 9 0 B 0 8 -- 1 F D 3 F 0 6 E
-- A 5 C 0 E 7 8 6 -- 7 0 8 9 0 B 0 8
-- 4 2 F 2 4 5 C 2 -- A 5 C 0 E 7 8 6
-- E 6 5 B 2 9 4 3 -- 4 2 F 2 4 5 C 2
-- F C A 4 3 4 5 9 -- E 6 5 B 2 9 4 3
-- C B 0 F C 8 F 1 -- F C A 4 3 4 5 9
-- 0 4 7 8 7 F 3 7 -- C B 0 F C 8 F 1
-- D D 1 5 A E B D -- 0 4 7 8 7 F 3 7
-- 5 1 9 6 6 6 E 4 -- D D 1 5 A E B D
'93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70 -- 5 1 9 6 6 6 E 4
890B08A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD51966 '93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70890B0
6E4'H 8A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD519666E4'H
gost28147-89-CryptoPro-A-ParamSetAI gost28147-89-CryptoPro-A-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-A-ParamSet, id-Gost28147-89-CryptoPro-A-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A, eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap }, { algorithm id-Gost28147-89-CryptoPro-KeyWr
keyMix ap },
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } keyMeshing
} { algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
} }
-- --
gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::= gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8 -- K1 K2 K3 K4 K5 K6 K7 K8
-- 8 0 E 7 2 8 5 0 -- 8 0 E 7 2 8 5 0
-- 4 1 C 5 7 3 2 4 -- 4 1 C 5 7 3 2 4
-- B 2 0 0 C 2 A B -- B 2 0 0 C 2 A B
-- 1 A A D F 6 B E -- 1 A A D F 6 B E
-- 3 4 9 B 9 4 9 8 -- 3 4 9 B 9 4 9 8
-- 5 D 2 6 5 D 1 3 -- 5 D 2 6 5 D 1 3
-- 0 5 D 1 A E C 7 -- 0 5 D 1 A E C 7
-- 9 C B 2 B B 3 1 -- 9 C B 2 B B 3 1
-- 2 9 7 3 1 C 7 A -- 2 9 7 3 1 C 7 A
-- E 7 5 A 4 1 4 2 -- E 7 5 A 4 1 4 2
-- A 3 8 C 0 7 D 9 -- A 3 8 C 0 7 D 9
-- C F F F D F 0 6 -- C F F F D F 0 6
-- D B 3 4 6 A 6 F -- D B 3 4 6 A 6 F
-- 6 8 6 E 8 0 F D -- 6 8 6 E 8 0 F D
-- 7 6 1 9 E 9 8 5 -- 7 6 1 9 E 9 8 5
-- F E 4 8 3 5 E C -- F E 4 8 3 5 E C
'80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79C '80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79CB2BB3
B2BB3129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE483 129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE4835EC'H
5EC'H
gost28147-89-CryptoPro-B-ParamSetAI gost28147-89-CryptoPro-B-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-B-ParamSet, id-Gost28147-89-CryptoPro-B-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B, eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap }, { algorithm id-Gost28147-89-CryptoPro-KeyWr
keyMix ap },
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } keyMeshing
} { algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
} }
-- --
gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::= gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8 -- K1 K2 K3 K4 K5 K6 K7 K8
-- 1 0 8 3 8 C A 7 -- 1 0 8 3 8 C A 7
-- B 1 2 6 D 9 9 4 -- B 1 2 6 D 9 9 4
-- C 7 5 0 B B 6 0 -- C 7 5 0 B B 6 0
-- 2 D 0 1 0 1 8 5 -- 2 D 0 1 0 1 8 5
-- 9 B 4 5 4 8 D A -- 9 B 4 5 4 8 D A
-- D 4 9 D 5 E E 2 -- D 4 9 D 5 E E 2
-- 0 5 F A 1 2 2 F -- 0 5 F A 1 2 2 F
-- F 2 A 8 2 4 0 E -- F 2 A 8 2 4 0 E
-- 4 8 3 B 9 7 F C -- 4 8 3 B 9 7 F C
-- 5 E 7 2 3 3 3 6 -- 5 E 7 2 3 3 3 6
-- 8 F C 9 C 6 5 1 -- 8 F C 9 C 6 5 1
-- E C D 7 E 5 B B -- E C D 7 E 5 B B
-- A 9 6 E 6 A 4 D -- A 9 6 E 6 A 4 D
-- 7 A E F F 0 1 9 -- 7 A E F F 0 1 9
-- 6 6 1 C A F C 3 -- 6 6 1 C A F C 3
-- 3 3 B 4 7 D 7 8 -- 3 3 B 4 7 D 7 8
'10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2 '10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2A8240
A8240E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47 E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47D78'H
D78'H
gost28147-89-CryptoPro-C-ParamSetAI gost28147-89-CryptoPro-C-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-C-ParamSet, id-Gost28147-89-CryptoPro-C-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C, eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap }, { algorithm id-Gost28147-89-CryptoPro-KeyWr
keyMix ap },
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } keyMeshing
} { algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
} }
-- --
gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::= gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8 -- K1 K2 K3 K4 K5 K6 K7 K8
-- F B 1 1 0 8 3 1 -- F B 1 1 0 8 3 1
-- C 6 C 5 C 0 0 A -- C 6 C 5 C 0 0 A
-- 2 3 B E 8 F 6 6 -- 2 3 B E 8 F 6 6
-- A 4 0 C 9 3 F 8 -- A 4 0 C 9 3 F 8
-- 6 C F A D 2 1 F -- 6 C F A D 2 1 F
-- 4 F E 7 2 5 E B -- 4 F E 7 2 5 E B
-- 5 E 6 0 A E 9 0 -- 5 E 6 0 A E 9 0
-- 0 2 5 D B B 2 4 -- 0 2 5 D B B 2 4
-- 7 7 A 6 7 1 D C -- 7 7 A 6 7 1 D C
-- 9 D D 2 3 A 8 3 -- 9 D D 2 3 A 8 3
-- E 8 4 B 6 4 C 5 -- E 8 4 B 6 4 C 5
-- D 0 8 4 5 7 4 9 -- D 0 8 4 5 7 4 9
-- 1 5 9 9 4 C B 7 -- 1 5 9 9 4 C B 7
-- B A 3 3 E 9 A D -- B A 3 3 E 9 A D
-- 8 9 7 F F D 5 2 -- 8 9 7 F F D 5 2
-- 3 1 2 8 1 6 7 E'H -- 3 1 2 8 1 6 7 E'H
'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE9002 'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE90025DBB2
5DBB2477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD5231281 477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD523128167E'H
67E'H
gost28147-89-CryptoPro-D-ParamSetAI gost28147-89-CryptoPro-D-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-D-ParamSet, id-Gost28147-89-CryptoPro-D-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D, eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWrap }, { algorithm id-Gost28147-89-CryptoPro-KeyWr
keyMix ap },
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } keyMeshing
} { algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
} }
-- --
gost28147-89-CryptoPro-Simple-A-ParamSetAI gost28147-89-CryptoPro-Simple-A-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-Simple-A-ParamSet, id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A, eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap }, { algorithm id-Gost28147-89-None-KeyWrap },
keyMix keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } { algorithm id-Gost28147-89-CryptoPro-KeyMe
} shing }
}
} }
-- --
gost28147-89-CryptoPro-Simple-B-ParamSetAI gost28147-89-CryptoPro-Simple-B-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-Simple-B-ParamSet, id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B, eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap }, { algorithm id-Gost28147-89-None-KeyWrap },
keyMix keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } { algorithm id-Gost28147-89-CryptoPro-KeyMe
} shing }
}
} }
-- --
gost28147-89-CryptoPro-Simple-C-ParamSetAI gost28147-89-CryptoPro-Simple-C-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-Simple-C-ParamSet, id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C, eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap }, { algorithm id-Gost28147-89-None-KeyWrap },
keyMix keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } { algorithm id-Gost28147-89-CryptoPro-KeyMe
} shing }
}
} }
-- --
gost28147-89-CryptoPro-Simple-D-ParamSetAI gost28147-89-CryptoPro-Simple-D-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
Gost28147-89-ParamSetAlgorithms
}} ::=
{ {
algorithm algorithm
id-Gost28147-89-CryptoPro-Simple-D-ParamSet, id-Gost28147-89-CryptoPro-Simple-D-ParamSet,
parameters parameters
Gost28147-89-ParamSetParameters:{ Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D, eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB, mode gost28147-89-CFB,
shiftBits 64, shiftBits 64,
keyWrap keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap }, { algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing
keyMix { algorithm id-Gost28147-89-CryptoPro-KeyMe
{ algorithm id-Gost28147-89-CryptoPro-KeyMix } shing }
} }
} }
END -- Gost28147-89-ParamSetSyntax END -- Gost28147-89-ParamSetSyntax
8.3 GostR3411-94-DigestSyntax 10.4 GostR3411-94-DigestSyntax
GostR3411-94-DigestSyntax GostR3411-94-DigestSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 } other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-hashes, id-CryptoPro-algorithms, id-CryptoPro-hashes,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-Data, Gost28147-89-UZ Gost28147-89-Data, Gost28147-89-UZ
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions
cryptographic-Gost-Useful-Definitions
; ;
-- GOST R 34.11-94 OID -- GOST R 34.11-94 OID
id-GostR3411-94 OBJECT IDENTIFIER ::= id-GostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3411-94(9) } { id-CryptoPro-algorithms gostR3411-94(9) }
-- GOST R 34.11-94 Cryptographic Parameters Set OIDs -- GOST R 34.11-94 cryptographic parameter set OIDs
id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes test(0) } { id-CryptoPro-hashes test(0) }
id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes cryptopro(1) } { id-CryptoPro-hashes cryptopro(1) }
-- GOST R 34.11-94 Data Types -- GOST R 34.11-94 data types
GostR3411-94-Data ::= Gost28147-89-Data GostR3411-94-Data ::= Gost28147-89-Data
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
-- GOST R 34.11-94 Digest Parameters & Algorithms -- GOST R 34.11-94 digest algorithm & parameters
GostR3411-94-DigestParameters ::= GostR3411-94-DigestParameters ::=
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for tests use id-GostR3411-94-TestParamSet | -- Only for testing
id-GostR3411-94-CryptoProParamSet purposes
id-GostR3411-94-CryptoProParamSet
) )
GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-GostR3411-94 } | { NULL IDENTIFIED BY id-GostR3411-94 } |
-- Assume id-GostR3411-94-CryptoProParamSet -- Assume id-GostR3411-94-CryptoProParamSet
{ GostR3411-94-DigestParameters { GostR3411-94-DigestParameters
IDENTIFIED BY id-GostR3411-94 } IDENTIFIED BY id-GostR3411-94 }
} }
END -- GostR3411-94-DigestSyntax END -- GostR3411-94-DigestSyntax
8.4 GostR3411-94-ParamSetSyntax 10.5 GostR3411-94-ParamSetSyntax
GostR3411-94-ParamSetSyntax GostR3411-94-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 } other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-hashes, id-CryptoPro-algorithms, id-CryptoPro-hashes,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-UZ Gost28147-89-UZ
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet, id-GostR3411-94-CryptoProParamSet,
GostR3411-94-Digest GostR3411-94-Digest
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER AlgorithmIdentifier
FROM Cryptographic-Gost-Useful-Definitions FROM PKIX1Explicit88 {iso(1) identified-organization(3)
cryptographic-Gost-Useful-Definitions dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST R 34.11-94 Cryptographic Parameters Set: -- GOST R 34.11-94 cryptographic parameter sets:
-- algorithm & parameters -- OIDs for parameter sets are imported from GostR3411-94-DigestS
-- OID for Parameters Set imported from GostR3411-94-DigestSyntax yntax
GostR3411-94-ParamSetParameters ::= GostR3411-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
hUZ Gost28147-89-UZ, -- S-Box for digest hUZ Gost28147-89-UZ, -- S-Box for digest
h0 GostR3411-94-Digest -- start digest value h0 GostR3411-94-Digest -- initial digest value
} }
GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-TestParamSet id-GostR3411-94-TestParamSet
} | } |
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
} }
} }
-- GOST R 34.11-94 Tests parameters set -- GOST R 34.11-94 Tests parameter set
-- (GOST R 34.11-94 Annex A. Test vector) -- (GOST R 34.11-94 Annex A. Test vector)
gostR3411TestParamSetAI AlgorithmIdentifier gostR3411TestParamSetAI
{{ GostR3411-94-ParamSetAlgorithms }} ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
parameters parameters
GostR3411-94-ParamSetParameters:{ GostR3411-94-ParamSetParameters:{
hUZ hUZ
-- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8 -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
-- 4 E 5 7 6 4 D 1 -- 4 E 5 7 6 4 D 1
-- A B 8 D C B B F -- A B 8 D C B B F
-- 9 4 1 A 7 A 4 D -- 9 4 1 A 7 A 4 D
-- 2 C D 1 1 0 1 0 -- 2 C D 1 1 0 1 0
-- D 6 A 0 5 7 3 5 -- D 6 A 0 5 7 3 5
-- 8 D 3 8 F 2 F 7 -- 8 D 3 8 F 2 F 7
-- 0 F 4 9 D 1 5 A -- 0 F 4 9 D 1 5 A
-- E A 2 F 8 D 9 4 -- E A 2 F 8 D 9 4
-- 6 2 E E 4 3 0 9 -- 6 2 E E 4 3 0 9
-- B 3 F 4 A 6 A 2 -- B 3 F 4 A 6 A 2
-- 1 8 C 6 9 8 E 3 -- 1 8 C 6 9 8 E 3
-- C 1 7 C E 5 7 E -- C 1 7 C E 5 7 E
-- 7 0 6 B 0 9 6 6 -- 7 0 6 B 0 9 6 6
-- F 7 0 2 3 C 8 B -- F 7 0 2 3 C 8 B
-- 5 5 9 5 B F 2 8 -- 5 5 9 5 B F 2 8
-- 3 9 B 3 2 E C C -- 3 9 B 3 2 E C C
'4E5764D1AB8DCBBF941A7A4D2CD11010D6A057358D38F2F7 '4E5764D1AB8DCBBF941A7A4D2CD11010D6A057358
0F49D15AEA2F8D9462EE4309B3F4A6A218C698E3C17CE57E706B0966F7023C8B559
5BF2839B32ECC'H, D38F2F70F49D15AEA2F8D9462EE4309B3F4A6A218C698E3C17CE57E706B0966F702
h0 '000000000000000000000000000000000000000000000000 3C8B5595BF2839B32ECC'H,
0000000000000000'H h0 '00000000000000000000000000000000000000000
} 00000000000000000000000'H
}
} }
-- CryptoPro parameters -- CryptoPro parameters
gostR3411CryptoProParamSetAI AlgorithmIdentifier gostR3411CryptoProParamSetAI
{{ GostR3411-94-ParamSetAlgorithms }} ::= AlgorithmIdentifier ::=
{ {
algorithm algorithm
id-GostR3411-94-CryptoProParamSet, id-GostR3411-94-CryptoProParamSet,
parameters parameters
GostR3411-94-ParamSetParameters:{ GostR3411-94-ParamSetParameters:{
hUZ hUZ
-- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8 -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
-- A 5 7 4 7 7 D 1 -- A 5 7 4 7 7 D 1
-- 4 F F A 6 6 E 3 -- 4 F F A 6 6 E 3
-- 5 4 C 7 4 2 4 A -- 5 4 C 7 4 2 4 A
-- 6 0 E C B 4 1 9 -- 6 0 E C B 4 1 9
-- 8 2 9 0 9 D 7 5 -- 8 2 9 0 9 D 7 5
-- 1 D 4 F C 9 0 B -- 1 D 4 F C 9 0 B
-- 3 B 1 2 2 F 5 4 -- 3 B 1 2 2 F 5 4
-- 7 9 0 8 A 0 A F -- 7 9 0 8 A 0 A F
-- D 1 3 E 1 A 3 8 -- D 1 3 E 1 A 3 8
-- C 7 B 1 8 1 C 6 -- C 7 B 1 8 1 C 6
-- E 6 5 6 0 5 8 7 -- E 6 5 6 0 5 8 7
-- 0 3 2 5 E B F E -- 0 3 2 5 E B F E
-- 9 C 6 D F 8 6 D -- 9 C 6 D F 8 6 D
-- 2 E A B D E 2 0 -- 2 E A B D E 2 0
-- B A 8 9 3 C 9 2 -- B A 8 9 3 C 9 2
-- F 8 D 3 5 3 B C -- F 8 D 3 5 3 B C
'A57477D14FFA66E354C7424A60ECB41982909D751D4FC90B3B122F5 'A57477D14FFA66E354C7424A60ECB41982909D751
47908A0AFD13E1A38C7B181C6E65605870325EBFE9C6DF86D2EABDE20BA893C92F8 D4FC90B3B122F547908A0AFD13E1A38C7B181C6E65605870325EBFE9C6DF86D2EAB
D353BC'H, DE20BA893C92F8D353BC'H,
h0 '000000000000000000000000000000000000000000000000 h0 '00000000000000000000000000000000000000000
0000000000000000'H 00000000000000000000000'H
} }
} }
END -- GostR3411-94-ParamSetSyntax END -- GostR3411-94-ParamSetSyntax
8.5 GostR3410-94-PKISyntax 10.6 GostR3410-94-PKISyntax
GostR3410-94-PKISyntax GostR3410-94-PKISyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-94-PKISyntax(2) 1 } other(1) modules(1) gostR3410-94-PKISyntax(2) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-signs, id-CryptoPro-exchanges, id-CryptoPro-signs, id-CryptoPro-exchanges,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-Gost28147-89-TestParamSet, id-Gost28147-89-TestParamSet,
id-Gost28147-89-CryptoPro-A-ParamSet, id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet, id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet, id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet, id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet, id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet, id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet, id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions
cryptographic-Gost-Useful-Definitions
; ;
-- GOST R 34.10-94 OIDs -- GOST R 34.10-94 OIDs
id-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3410-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-94(20) } { id-CryptoPro-algorithms gostR3410-94(20) }
id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms { id-CryptoPro-algorithms
gostR3411-94-with-gostR3410-94(4) } gostR3411-94-with-gostR3410-94(4) }
-- GOST R 34.10-94 Public Key Cryptographic Parameters Set OIDs -- GOST R 34.10-94 public key parameter set OIDs
id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs test(0) } { id-CryptoPro-signs test(0) }
id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-A(2) } { id-CryptoPro-signs cryptopro-A(2) }
id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-B(3) } { id-CryptoPro-signs cryptopro-B(3) }
id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-C(4) } { id-CryptoPro-signs cryptopro-C(4) }
id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-D(5) } { id-CryptoPro-signs cryptopro-D(5) }
id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchA(1) } { id-CryptoPro-exchanges cryptopro-XchA(1) }
id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchB(2) } { id-CryptoPro-exchanges cryptopro-XchB(2) }
id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchC(3) } { id-CryptoPro-exchanges cryptopro-XchC(3) }
-- GOST R 34.10-94 Data Types -- GOST R 34.10-94 data types
GostR3410-94-CertificateSignature ::= GostR3410-94-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-94-PublicKeyOctetString ::= GostR3410-94-PublicKeyOctetString ::=
OCTET STRING ( SIZE( OCTET STRING ( SIZE(
64 | -- Only for tests use 64 | -- Only for testing purposes
128 128
) ) ) )
GostR3410-94-PublicKey ::= GostR3410-94-PublicKey ::=
BIT STRING ( SIZE(16..1048) ) BIT STRING ( SIZE(16..1048) )
-- Container for GostR3410-94-PublicKeyOctetString -- Container for GostR3410-94-PublicKeyOcte
tString
GostR3410-94-PublicKeyParameters ::= GostR3410-94-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-94-TestParamSet | -- Only for tests use id-GostR3410-94-TestParamSet | -- Only for
id-GostR3410-94-CryptoPro-A-ParamSet | testing purposes
id-GostR3410-94-CryptoPro-B-ParamSet | id-GostR3410-94-CryptoPro-A-ParamSet |
id-GostR3410-94-CryptoPro-C-ParamSet | id-GostR3410-94-CryptoPro-B-ParamSet |
id-GostR3410-94-CryptoPro-D-ParamSet | id-GostR3410-94-CryptoPro-C-ParamSet |
id-GostR3410-94-CryptoPro-XchA-ParamSet | id-GostR3410-94-CryptoPro-D-ParamSet |
id-GostR3410-94-CryptoPro-XchB-ParamSet | id-GostR3410-94-CryptoPro-XchA-ParamSet |
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchB-ParamSet |
), id-GostR3410-94-CryptoPro-XchC-ParamSet
),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for tests use id-GostR3411-94-TestParamSet | -- Only for
id-GostR3411-94-CryptoProParamSet testing purposes
), id-GostR3411-94-CryptoProParamSet
),
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for tests use id-Gost28147-89-TestParamSet | -- Only for
id-Gost28147-89-CryptoPro-A-ParamSet | testing purposes
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
) OPTIONAL id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL
} }
GostR3410-94-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } id-GostR3410-94 }
} }
GostR3410-94-CertificateSignatureAlgorithms GostR3410-94-CertificateSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY { NULL IDENTIFIED BY
id-GostR3411-94-with-GostR3410-94 } | id-GostR3411-94-with-GostR3410-94 } |
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3411-94-with-GostR3410-94 } id-GostR3411-94-with-GostR3410-94 }
} }
END -- GostR3410-94-PKISyntax END -- GostR3410-94-PKISyntax
8.6 GostR3410-94-ParamSetSyntax 10.7 GostR3410-94-ParamSetSyntax
GostR3410-94-ParamSetSyntax GostR3410-94-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 } other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-signs, id-CryptoPro-exchanges, id-CryptoPro-signs, id-CryptoPro-exchanges,
gostR3410-94-PKISyntax, gostR3410-94-PKISyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-94, id-GostR3410-94,
id-GostR3410-94-TestParamSet, id-GostR3410-94-TestParamSet,
id-GostR3410-94-CryptoPro-A-ParamSet, id-GostR3410-94-CryptoPro-A-ParamSet,
id-GostR3410-94-CryptoPro-B-ParamSet, id-GostR3410-94-CryptoPro-B-ParamSet,
id-GostR3410-94-CryptoPro-C-ParamSet, id-GostR3410-94-CryptoPro-C-ParamSet,
id-GostR3410-94-CryptoPro-D-ParamSet, id-GostR3410-94-CryptoPro-D-ParamSet,
id-GostR3410-94-CryptoPro-XchA-ParamSet, id-GostR3410-94-CryptoPro-XchA-ParamSet,
id-GostR3410-94-CryptoPro-XchB-ParamSet, id-GostR3410-94-CryptoPro-XchB-ParamSet,
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchC-ParamSet
FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER AlgorithmIdentifier
FROM Cryptographic-Gost-Useful-Definitions FROM PKIX1Explicit88 {iso(1) identified-organization(3)
cryptographic-Gost-Useful-Definitions dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST R 34.10-94 Public Key Cryptographic Parameters Set: -- GOST R 34.10-94 public key parameter sets:
-- algorithm & parameters -- OIDs for parameter sets are imported from GostR3410-94-PKISynt
-- OID for Parameters Set imported from GostR3410-94-PKISyntax ax
GostR3410-94-ParamSetParameters ::= GostR3410-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER (512 | 1024), -- 512 - only for tests use t INTEGER (512 | 1024), -- 512 - only for testing p
urposes
p INTEGER ( p INTEGER (
167597599124282463744675312477573076593492072757404917221 1675975991242824637446753124775730765934920
5445180465220503759193372100234287270862928461253982273310756356719 7275740491722154451804652205037591933721002342872708629284612539822
235351493321243304206125760513 73310756356719235351493321243304206125760513
.. ..
134078079299425970995740249982058461274793658205923933777 1340780792994259709957402499820584612747936
2356144372176403007354697680187429816690342769003185818648605085375 5820592393377723561443721764030073546976801874298166903427690031858
3882811946569946433649006084095 186486050853753882811946569946433649006084095
| |
112355820928894744233081574424314045851123561183894160795 1123558209288947442330815744243140458511235
8938007235829223784381019579427983265047100132000711749196208485367 6118389416079589380072358292237843810195794279832650471001320007117
4360550901038905802964414967132773610493339054092829768888725077880 4919620848536743605509010389058029644149671327736104933390540928297
8824658176845053128605523844176464039300921195694088017023227094069 6888872507788088246581768450531286055238441764640393009211956940880
17786643639996702871154982269052209770601514008577 1702322709406917786643639996702871154982269052209770601514008577
.. ..
179769313486231590772930519078902473361797697894230657273 1797693134862315907729305190789024733617976
4300811577326758055009631327084773224075360211201138798713933576587 9789423065727343008115773267580550096313270847732240753602112011387
8976881441662249284743063947412437776789342486548527630221960124609 9871393357658789768814416622492847430639474124377767893424865485276
4119453082952085005768838150682342462881473913110540827237163350510 3022196012460941194530829520850057688381506823424628814739131105408
684586298239947245938479716304835356329624224137215 27237163350510684586298239947245938479716304835356329624224137215
), -- 2^509 < p < 2^512 or 2^1020 < p < 2^1024 ), -- 2^509 < p < 2^512 or 2^1020 < p
< 2^1024
q INTEGER ( q INTEGER (
289480223093290488558927462521719769633174961664101410098 2894802230932904885589274625217197696331749
64396001978282409985 6166410141009864396001978282409985
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 2^254 < q < 2^256 ), -- 2^254 < q < 2^256
a INTEGER ( a INTEGER (
2 2
.. ..
179769313486231590772930519078902473361797697894230657273 1797693134862315907729305190789024733617976
4300811577326758055009631327084773224075360211201138798713933576587 9789423065727343008115773267580550096313270847732240753602112011387
8976881441662249284743063947412437776789342486548527630221960124609 9871393357658789768814416622492847430639474124377767893424865485276
4119453082952085005768838150682342462881473913110540827237163350510 3022196012460941194530829520850057688381506823424628814739131105408
684586298239947245938479716304835356329624224137214 27237163350510684586298239947245938479716304835356329624224137214
), -- 1 < a < p-1 < 2^1024-1 ), -- 1 < a < p-1 < 2^1024-1
validationAlgorithm validationAlgorithm
AlgorithmIdentifier {{ AlgorithmIdentifier OPTIONAL
GostR3410-94-ValidationAlgorithms -- {{ GostR3410-94-ValidationAlgorithms }}
}} OPTIONAL
} }
GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-TestParamSet } | id-GostR3410-94-TestParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-A-ParamSet } | id-GostR3410-94-CryptoPro-A-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-B-ParamSet } | id-GostR3410-94-CryptoPro-B-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-C-ParamSet } | id-GostR3410-94-CryptoPro-C-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-D-ParamSet } | id-GostR3410-94-CryptoPro-D-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchA-ParamSet } | id-GostR3410-94-CryptoPro-XchA-ParamSet }
|
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchB-ParamSet } | id-GostR3410-94-CryptoPro-XchB-ParamSet }
|
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchC-ParamSet } id-GostR3410-94-CryptoPro-XchC-ParamSet }
} }
-- GOST R 34.10-94 validation/constructor -- GOST R 34.10-94 validation/constructor
id-GostR3410-94-a OBJECT IDENTIFIER ::= id-GostR3410-94-a OBJECT IDENTIFIER ::=
{ id-GostR3410-94 a(1) } { id-GostR3410-94 a(1) }
id-GostR3410-94-aBis OBJECT IDENTIFIER ::= id-GostR3410-94-aBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 aBis(2) } { id-GostR3410-94 aBis(2) }
id-GostR3410-94-b OBJECT IDENTIFIER ::= id-GostR3410-94-b OBJECT IDENTIFIER ::=
{ id-GostR3410-94 b(3) } { id-GostR3410-94 b(3) }
id-GostR3410-94-bBis OBJECT IDENTIFIER ::= id-GostR3410-94-bBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 bBis(4) } { id-GostR3410-94 bBis(4) }
GostR3410-94-ValidationParameters ::= GostR3410-94-ValidationParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER (512 | 1024), -- 512 - only for tests use t INTEGER (512 | 1024), -- 512 - only for testing p
urposes
x0 INTEGER (0 .. 65535), x0 INTEGER (0 .. 65535),
c INTEGER (0 .. 65535), c INTEGER (0 .. 65535),
d INTEGER ( d INTEGER (
2 2
.. ..
179769313486231590772930519078902473361797697894230657273 1797693134862315907729305190789024733617976
4300811577326758055009631327084773224075360211201138798713933576587 9789423065727343008115773267580550096313270847732240753602112011387
8976881441662249284743063947412437776789342486548527630221960124609 9871393357658789768814416622492847430639474124377767893424865485276
4119453082952085005768838150682342462881473913110540827237163350510 3022196012460941194530829520850057688381506823424628814739131105408
684586298239947245938479716304835356329624224137214 27237163350510684586298239947245938479716304835356329624224137214
) -- 1 < d < p-1 < 2^1024-1 ) -- 1 < d < p-1 < 2^1024-1
OPTIONAL OPTIONAL
} }
GostR3410-94-ValidationBisParameters ::= GostR3410-94-ValidationBisParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER (512 | 1024), -- 512 - only for tests use t INTEGER (512 | 1024), -- 512 - only for testing p
urposes
x0 INTEGER (0 .. 4294967295), x0 INTEGER (0 .. 4294967295),
c INTEGER (0 .. 4294967295), c INTEGER (0 .. 4294967295),
d INTEGER ( d INTEGER (
2 2
.. ..
179769313486231590772930519078902473361797697894230657273 1797693134862315907729305190789024733617976
4300811577326758055009631327084773224075360211201138798713933576587 9789423065727343008115773267580550096313270847732240753602112011387
8976881441662249284743063947412437776789342486548527630221960124609 9871393357658789768814416622492847430639474124377767893424865485276
4119453082952085005768838150682342462881473913110540827237163350510 3022196012460941194530829520850057688381506823424628814739131105408
684586298239947245938479716304835356329624224137214 27237163350510684586298239947245938479716304835356329624224137214
) -- 1 < d < p-1 < 2^1024-1 ) -- 1 < d < p-1 < 2^1024-1
OPTIONAL OPTIONAL
} }
GostR3410-94-ValidationAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-ValidationAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ValidationParameters IDENTIFIED BY { GostR3410-94-ValidationParameters IDENTIFIED BY
id-GostR3410-94-a } | id-GostR3410-94-a } |
{ GostR3410-94-ValidationBisParameters IDENTIFIED BY { GostR3410-94-ValidationBisParameters IDENTIFIED BY
id-GostR3410-94-aBis } | id-GostR3410-94-aBis } |
{ GostR3410-94-ValidationParameters IDENTIFIED BY { GostR3410-94-ValidationParameters IDENTIFIED BY
id-GostR3410-94-b } | id-GostR3410-94-b } |
{ GostR3410-94-ValidationBisParameters IDENTIFIED BY { GostR3410-94-ValidationBisParameters IDENTIFIED BY
id-GostR3410-94-bBis } id-GostR3410-94-bBis }
} }
-- GOST R 34.10-94 Keys Parameters sets -- GOST R 34.10-94 keys parameter sets
-- GOST R 34.10-94 Tests parameters set -- GOST R 34.10-94 Tests parameter set
-- (GOST R 34.10-94 Annex A. Test vector) -- (GOST R 34.10-94 Annex A. Test vector)
gostR3410-94-TestParamSetAI gostR3410-94-TestParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-TestParamSet, id-GostR3410-94-TestParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 512, t 512,
p 1249155479661639739200729184536168101998078908 p 124915547966163973920072918453616810199
4728846304013646795466302633346425772369277064638881858428879662416 8078908472884630401364679546630263334642577236927706463888185842887
202925770315709968465491470753112581700067, 9662416202925770315709968465491470753112581700067,
q 6900839799123747821852952871175357885746435622 q 690083979912374782185295287117535788574
1556536838757636132646301588781, 64356221556536838757636132646301588781,
a 8305821956779628193852750508811757244889982632 a 830582195677962819385275050881175724488
9982632821843521491035713173371468528798753831744267407230704527461
8218435214910357131733714685287987538317442674072307045274610623217 062321732669034432746173786958142572929772413468,
32669034432746173786958142572929772413468, validationAlgorithm {
validationAlgorithm { algorithm
algorithm id-GostR3410-94-a,
id-GostR3410-94-a, parameters
parameters GostR3410-94-ValidationParameters:
GostR3410-94-ValidationParameters: { {
t 512, t 512,
x0 24265, x0 24265,
c 29505, c 29505,
d 2 d 2
} }
} }
} }
} }
-- CryptoPro parameters -- CryptoPro parameters
gostR3410-94-CryptoPro-A-ParamSetAI gostR3410-94-CryptoPro-A-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-A-ParamSet, id-GostR3410-94-CryptoPro-A-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1270212482889324174659070427771764435257876535 p 127021248288932417465907042777176443525
0891653581281750726570503126098509849742318833348340118092599999512 7876535089165358128175072657050312609850984974231883334834011809259
0988934130659205614996724254121049274349357074920312769561451689224 9999512098893413065920561499672425412104927434935707492031276956145
1105793112488126102296785346384016935200132889950003622606842227508 1689224110579311248812610229678534638401693520013288995000362260684
13532307004517341633685004541062586971416883686778842537820383, 2227508135323070045173416336850045410625869714168836867788425378203
q 6836319614495570078444416561182725289510217088 83,
8761442055095051287550314083023, q 683631961449557007844441656118272528951
a 1009979067550553047720818155359252248698410825 02170888761442055095051287550314083023,
7205345787482351587557714799052927277724415285269929879648335669968 a 100997906755055304772081815535925224869
2842027972896052747173175480590485607134746852141928680912561502802 8410825720534578748235158755771479905292727772441528526992987964833
2221856475391909026561163678472701450190667942909301854462163997308 5669968284202797289605274717317548059048560713474685214192868091256
72221732889830323194097355403213400972588322876850946740663962, 1502802222185647539190902656116367847270145019066794290930185446216
validationAlgorithm { 3997308722217328898303231940973554032134009725883228768509467406639
algorithm 62,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 1376285941, GostR3410-94-ValidationBisParameter
c 3996757427 s: {
} t 1024,
} x0 1376285941,
c 3996757427
} }
}
}
} }
-- --
gostR3410-94-CryptoPro-B-ParamSetAI gostR3410-94-CryptoPro-B-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-B-ParamSet, id-GostR3410-94-CryptoPro-B-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1394548711991158256014096551076907131070417070 p 139454871199115825601409655107690713107
5992803179775800145437576535772298409412436852228823983303911468164 0417070599280317977580014543757653577229840941243685222882398330391
8076688236921220737322672160740747771700911134550432053804647694904 1468164807668823692122073732267216074074777170091113455043205380464
6861201130878162407401848004770471573366629262494235712488239685422 7694904686120113087816240740184800477047157336662926249423571248823
21753660143391485680840520336859458494803187341288580489525163, 9685422217536601433914856808405203368594584948031873412885804895251
q 7988514166341097689762711893575632374730795191 63,
6507639758300472692338873533959, q 798851416634109768976271189357563237473
a 4294182614861580414387344773795550239267234596 07951916507639758300472692338873533959,
8607143066798112994089471231420027060385216699563848719957657284814 a 429418261486158041438734477379555023926
8989097707594626134376694563648827303708389347910808359326479767786 7234596860714306679811299408947123142002706038521669956384871995765
0191534347440096103423131667257868692048219493287863336020338479709 7284814898909770759462613437669456364882730370838934791080835932647
2684342247621055760235016132614780652761028509445403338652341, 9767786019153434744009610342313166725786869204821949328786333602033
validationAlgorithm { 8479709268434224762105576023501613261478065276102850944540333865234
algorithm 1,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 1536654555, GostR3410-94-ValidationBisParameter
c 1855361757, s: {
d t 1024,
14408629386140014567655490293928205654785780 x0 1536654555,
2241461782996702017713059974755104394739915140611528479102443906273 c 1855361757,
5788342744854120601660303926203867703556828005895720381811489539897 d 14408629386140014567655
6594425537561271800850306 4902939282056547857802241461782996702017713059974755104394739915140
} 6115284791024439062735788342744854120601660303926203867703556828005
} 8957203818114895398976594425537561271800850306
} }
}
}
} }
-- --
gostR3410-94-CryptoPro-C-ParamSetAI gostR3410-94-CryptoPro-C-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-C-ParamSet, id-GostR3410-94-CryptoPro-C-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1106246792335119630405189524170170402485862954 p 110624679233511963040518952417017040248
8198313837741963962985843959489706089561702242106285255603278638246 5862954819831383774196396298584395948970608956170224210628525560327
7166554392976544029218447478930795186699928278807921929927011428546 8638246716655439297654402921844747893079518669992827880792192992701
5514338758063771104435342935540667126530349962770993207157743542287 1428546551433875806377110443534293554066712653034996277099320715774
62128367184370370914135017194504580505029177050363451780493801, 3542287621283671843703709141350171945045805050291770503634517804938
q 1134688611998193505648682333788751980432679477 01,
76488510997961231672532899549103, q 113468861199819350564868233378875198043
a 8165527179708810160178931914153003482262544051 267947776488510997961231672532899549103,
3533581624682494676818766212834782128842865458440139551426222087723 a 816552717970881016017893191415300348226
4850237228680222750095022248278662017444940216977164820083536398202 2544051353358162468249467681876621283478212884286545844013955142622
2980248926204808986993355080643323135297253322088194568951085155178 2087723485023722868022275009502224827866201744494021697716482008353
1002210034593705882910730711865530059621499368407371287108323, 6398202298024892620480898699335508064332313529725332208819456895108
validationAlgorithm { 5155178100221003459370588291073071186553005962149936840737128710832
algorithm 3,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 113275885, GostR3410-94-ValidationBisParameter
c 3037364845, s: {
d 9175906676429839327 t 1024,
} x0 113275885,
} c 3037364845,
} d 9175906676429839327
}
}
}
} }
-- --
gostR3410-94-CryptoPro-D-ParamSetAI gostR3410-94-CryptoPro-D-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-D-ParamSet, id-GostR3410-94-CryptoPro-D-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 9054576496219299659042909587746253156113056083 p 905457649621929965904290958774625315611
9073897669714048125244222625125560544746208559960915707867135849550 3056083907389766971404812524422262512556054474620855996091570786713
2367419155841859906278010664658095100957847139898194138208715964648 5849550236741915584185990627801066465809510095784713989819413820871
9144930534079207370788905204827306230388377677101736648382398574828 5964648914493053407920737078890520482730623038837767710173664838239
7878912864712014604743266126978496936655180738644364978932149, 8574828787891286471201460474326612697849693665518073864436497893214
q 1089884357963535069123745914989721926201904875 9,
57619582334771735390599299211593, q 108988435796353506912374591498972192620
a 7569766110217073017821287578016106280855283803 190487557619582334771735390599299211593,
1095711588295742814192085325890416600170178598582163414003714687551 a 756976611021707301782128757801610628085
4127944005628789352666307543926770145985821033659831191739244732511 5283803109571158829574281419208532589041660017017859858216341400371
2254647122523868033159027077276687153434760863504720252982827271461 4687551412794400562878935266630754392677014598582103365983119173924
6901250506168582383843663310897774635410130339267237432548337, 4732511225464712252386803315902707727668715343476086350472025298282
validationAlgorithm { 7271461690125050616858238384366331089777463541013033926723743254833
algorithm 7,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 333089693, GostR3410-94-ValidationBisParameter
c 2699681355, s: {
d t 1024,
69158877639013014811917446652402788947864438 x0 333089693,
22142755842460366243252 c 2699681355,
} d 69158877639013014811917
} 44665240278894786443822142755842460366243252
} }
}
}
} }
-- --
gostR3410-94-CryptoPro-XchA-ParamSetAI gostR3410-94-CryptoPro-XchA-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchA-ParamSet, id-GostR3410-94-CryptoPro-XchA-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1420117415975634811963682860223180897432761383 p 142011741597563481196368286022318089743
9524373876287257344192745939351271897363116607846760036084894662356 2761383952437387628725734419274593935127189736311660784676003608489
7625795282774719212241929071046134208380636394084512691828894000571 4662356762579528277471921224192907104613420838063639408451269182889
5246254452957693493567527289568315417754417631393844571917550968471 4000571524625445295769349356752728956831541775441763139384457191755
07846595662547942312293338483924514339614727760681880609734239, 0968471078465956625479423122933384839245143396147277606818806097342
q 9177152989655460594558814901838275021729685839 39,
3520724172743325725474374979801, q 917715298965546059455881490183827502172
a 1335318132727206734338595199483190012179423759 96858393520724172743325725474374979801,
6784748689948235959936964252873471246159040332773182141032801252925 a 133531813272720673433859519948319001217
3871914788598993103310567744136196364803064721377826656898686468463
2777101508094011826087702016153249904683329312949209127762411378780 9423759678474868994823595993696425287347124615904033277318214103280
30224355746606283971659376426832674269780880061631528163475887, 1252925387191478859899310331056774413619636480306472137782665689868
validationAlgorithm { 6468463277710150809401182608770201615324990468332931294920912776241
algorithm 1378780302243557466062839716593764268326742697808800616315281634758
id-GostR3410-94-bBis, 87,
parameters validationAlgorithm {
GostR3410-94-ValidationBisParameters: { algorithm
t 1024, id-GostR3410-94-bBis,
x0 3495862036, parameters
c 1177570399, GostR3410-94-ValidationBisParameter
d s: {
35478896102409188951396470647720832819623918 t 1024,
6534141058228233456746622201867258017799725121699052644608624377641 x0 3495862036,
60334831107459 c 1177570399,
} d 35478896102409188951396
} 4706477208328196239186534141058228233456746622201867258017799725121
} 69905264460862437764160334831107459
}
}
}
} }
-- --
gostR3410-94-CryptoPro-XchB-ParamSetAI gostR3410-94-CryptoPro-XchB-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchB-ParamSet, id-GostR3410-94-CryptoPro-XchB-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1028946126624994859676552074360530315217970499 p 102894612662499485967655207436053031521
9893048882484132448474923022758470167998871003604670704877377286176 7970499989304888248413244847492302275847016799887100360467070487737
1712276940986331539089568784129110109512690503345393869871295783467 7286176171227694098633153908956878412911010951269050334539386987129
2572648683417200196629860561193666752429682367397084815179752036423 5783467257264868341720019662986056119366675242968236739708481517975
59573653368957392061769855284593965042530895046088067160269433, 2036423595736533689573920617698552845939650425308950460880671602694
q 9109671391802626916582318050603555673628769498 33,
1825930883887968885281641595199, q 910967139180262691658231805060355567362
a 8890864727828423151699995801875757891031463338 87694981825930883887968885281641595199,
6525791400519736593048131440685857067369829407947744496306656291505 a 889086472782842315169999580187575789103
5036082523994437900272386749145996230867832228661977543992816745254 1463338652579140051973659304813144068585706736982940794774449630665
8232986298598753575466286051738837854736167685769017780335804511440 6291505503608252399443790027238674914599623086783222866197754399281
7733371962538423532919394477873664752824509986617878992443177, 6745254823298629859875357546628605173883785473616768576901778033580
validationAlgorithm { 4511440773337196253842353291939447787366475282450998661787899244317
algorithm 7,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 2046851076, GostR3410-94-ValidationBisParameter
c 3541716983, s: {
d t 1024,
57332667610989476056615969728891533566058787 x0 2046851076,
317492748441827236576904274546146 c 3541716983,
} d 57332667610989476056615
} 969728891533566058787317492748441827236576904274546146
} }
}
}
} }
-- --
gostR3410-94-CryptoPro-XchC-ParamSetAI gostR3410-94-CryptoPro-XchC-ParamSetAI
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-94-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-94-CryptoPro-XchC-ParamSet, id-GostR3410-94-CryptoPro-XchC-ParamSet,
parameters parameters
GostR3410-94-ParamSetParameters:{ GostR3410-94-ParamSetParameters:{
t 1024, t 1024,
p 1246996366993477513607147265794064436203408861 p 124699636699347751360714726579406443620
3950559892172484557299870737698999651480662364723992859320868822848 3408861395055989217248455729987073769899965148066236472399285932086
7511654383509433276647222625940615560580450040947211826027729977563 8822848751165438350943327664722262594061556058045004094721182602772
5402371690630448079715771649447778447000597419032457722226253269698 9977563540237169063044807971577164944777844700059741903245772222625
37444652835352729304393746106576383349151001715930924115499549, 3269698374446528353527293043937461065763833491510017159309241154995
q 6787876137336591234380295020065682527118129468 49,
0501479431146754294748422492761, q 678787613733659123438029502006568252711
a 4430618464297584182473135030809859326863990650 81294680501479431146754294748422492761,
1189417569952700748609973181426950235239623239110557450826919295792 a 443061846429758418247313503080985932686
8789387521018677047181623251027516953100431855964837602657827828194 3990650118941756995270074860997318142695023523962323911055745082691
2496055618936965865325513137194483136247773653468410118796740709840 9295792878938752101867704718162325102751695310043185596483760265782
8254969979375560722345106704721086025979309968763193072908334, 7828194249605561893696586532551313719448313624777365346841011879674
validationAlgorithm { 0709840825496997937556072234510670472108602597930996876319307290833
algorithm 4,
id-GostR3410-94-bBis, validationAlgorithm {
parameters algorithm
GostR3410-94-ValidationBisParameters: { id-GostR3410-94-bBis,
t 1024, parameters
x0 371898640, GostR3410-94-ValidationBisParameter
c 2482514131, s: {
d t 1024,
39341170171309491894611690922945474002657559 x0 371898640,
0650016887148241594213466186452691964676993 c 2482514131,
} d 39341170171309491894611
} 6909229454740026575590650016887148241594213466186452691964676993
} }
}
}
} }
END -- GostR3410-94-ParamSetSyntax END -- GostR3410-94-ParamSetSyntax
8.7 GostR3410-2001-PKISyntax 10.8 GostR3410-2001-PKISyntax
GostR3410-2001-PKISyntax GostR3410-2001-PKISyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 } other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges, id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-Gost28147-89-TestParamSet, id-Gost28147-89-TestParamSet,
id-Gost28147-89-CryptoPro-A-ParamSet, id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet, id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet, id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet, id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet, id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet, id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet, id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions
cryptographic-Gost-Useful-Definitions
; ;
-- GOST R 34.10-2001 OIDs -- GOST R 34.10-2001 OIDs
id-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3410-2001 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-2001(19) } { id-CryptoPro-algorithms gostR3410-2001(19) }
id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms { id-CryptoPro-algorithms
gostR3411-94-with-gostR3410-2001(3) } gostR3411-94-with-gostR3410-2001(3) }
-- GOST R 34.10-2001 Public Key Cryptographic Parameters Set OIDs -- GOST R 34.10-2001 public key parameter set OIDs
id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs test(0) } { id-CryptoPro-ecc-signs test(0) }
id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs cryptopro-A(1) } { id-CryptoPro-ecc-signs cryptopro-A(1) }
id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs cryptopro-B(2) } { id-CryptoPro-ecc-signs cryptopro-B(2) }
id-GostR3410-2001-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-2001-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-signs cryptopro-C(3) } { id-CryptoPro-ecc-signs cryptopro-C(3) }
id-GostR3410-2001-CryptoPro-XchA-ParamSet id-GostR3410-2001-CryptoPro-XchA-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-exchanges cryptopro-XchA(0) } { id-CryptoPro-ecc-exchanges cryptopro-XchA(0) }
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-exchanges cryptopro-XchB(1) } { id-CryptoPro-ecc-exchanges cryptopro-XchB(1) }
-- GOST R 34.10-2001 Data Types -- GOST R 34.10-2001 Data Types
GostR3410-2001-CertificateSignature ::= GostR3410-2001-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-2001-PublicKeyOctetString ::= GostR3410-2001-PublicKeyOctetString ::=
OCTET STRING ( SIZE(64) ) OCTET STRING ( SIZE(64) )
GostR3410-2001-PublicKey ::= GostR3410-2001-PublicKey ::=
BIT STRING ( SIZE(16..524) ) BIT STRING ( SIZE(16..524) )
-- Container for GostR3410-2001-PublicKeyOctetString -- Container for GostR3410-2001-PublicKeyOc
tetString
GostR3410-2001-PublicKeyParameters ::= GostR3410-2001-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-2001-TestParamSet | -- Only for tests use id-GostR3410-2001-TestParamSet | -- Only for
id-GostR3410-2001-CryptoPro-A-ParamSet | testing purposes
id-GostR3410-2001-CryptoPro-B-ParamSet | id-GostR3410-2001-CryptoPro-A-ParamSet |
id-GostR3410-2001-CryptoPro-C-ParamSet | id-GostR3410-2001-CryptoPro-B-ParamSet |
id-GostR3410-2001-CryptoPro-XchA-ParamSet | id-GostR3410-2001-CryptoPro-C-ParamSet |
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchA-ParamSet |
), id-GostR3410-2001-CryptoPro-XchB-ParamSet
),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | -- Only for tests use id-GostR3411-94-TestParamSet | -- Only for
id-GostR3411-94-CryptoProParamSet testing purposes
), id-GostR3411-94-CryptoProParamSet
),
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for tests use id-Gost28147-89-TestParamSet | -- Only for
id-Gost28147-89-CryptoPro-A-ParamSet | testing purposes
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
) OPTIONAL id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL
} }
GostR3410-2001-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-2001-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
GostR3410-2001-CertificateSignatureAlgorithms GostR3410-2001-CertificateSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY { NULL IDENTIFIED BY
id-GostR3411-94-with-GostR3410-2001 } | id-GostR3411-94-with-GostR3410-2001 } |
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3411-94-with-GostR3410-2001 } id-GostR3411-94-with-GostR3410-2001 }
} }
END -- GostR3410-2001-PKISyntax END -- GostR3410-2001-PKISyntax
8.8 GostR3410-2001-ParamSetSyntax 10.9 GostR3410-2001-ParamSetSyntax
GostR3410-2001-ParamSetSyntax GostR3410-2001-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 } other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges, id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
gostR3410-2001-PKISyntax, gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-2001, id-GostR3410-2001,
id-GostR3410-2001-TestParamSet, id-GostR3410-2001-TestParamSet,
id-GostR3410-2001-CryptoPro-A-ParamSet, id-GostR3410-2001-CryptoPro-A-ParamSet,
id-GostR3410-2001-CryptoPro-B-ParamSet, id-GostR3410-2001-CryptoPro-B-ParamSet,
id-GostR3410-2001-CryptoPro-C-ParamSet, id-GostR3410-2001-CryptoPro-C-ParamSet,
id-GostR3410-2001-CryptoPro-XchA-ParamSet, id-GostR3410-2001-CryptoPro-XchA-ParamSet,
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax
AlgorithmIdentifier, ALGORITHM-IDENTIFIER AlgorithmIdentifier
FROM Cryptographic-Gost-Useful-Definitions FROM PKIX1Explicit88 {iso(1) identified-organization(3)
cryptographic-Gost-Useful-Definitions dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
GostR3410-2001-ParamSetParameters ::= GostR3410-2001-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
a INTEGER ( a INTEGER (
1 1
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 0 < a < p < 2^256 ), -- 0 < a < p < 2^256
b INTEGER ( b INTEGER (
1 1
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 0 < b < p < 2^256 ), -- 0 < b < p < 2^256
p INTEGER ( p INTEGER (
289480223093290488558927462521719769633174961664101410098 2894802230932904885589274625217197696331749
64396001978282409985 6166410141009864396001978282409985
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 2^254 < p < 2^256 ), -- 2^254 < p < 2^256
q INTEGER ( q INTEGER (
289480223093290488558927462521719769633174961664101410098 2894802230932904885589274625217197696331749
64396001978282409985 6166410141009864396001978282409985
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 2^254 < q < 2^256 ), -- 2^254 < q < 2^256
x INTEGER (0 x INTEGER (0
.. ..
115792089237316195423570985008687907853269984665640564039 1157920892373161954235709850086879078532699
457584007913129639935 84665640564039457584007913129639935
), -- 0 < x < p < 2^256 ), -- 0 < x < p < 2^256
y INTEGER (0 y INTEGER (0
.. ..
115792089237316195423570985008687907853269984665640564039
457584007913129639935 1157920892373161954235709850086879078532699
) -- 0 < y < p < 2^256 84665640564039457584007913129639935
) -- 0 < y < p < 2^256
} }
-- GOST R 34.10-2001 Public Key Cryptographic Parameters Set: -- GOST R 34.10-2001 public key parameter set:
-- algorithm & parameters -- OIDs for parameter sets are imported from GostR3410-2001-PKISy
-- OID for Parameters Set imported from GostR3410-2001-PKISyntax ntax
GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-TestParamSet } | id-GostR3410-2001-TestParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-A-ParamSet } | id-GostR3410-2001-CryptoPro-A-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-B-ParamSet } | id-GostR3410-2001-CryptoPro-B-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-C-ParamSet } | id-GostR3410-2001-CryptoPro-C-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchA-ParamSet } | id-GostR3410-2001-CryptoPro-XchA-ParamSet
} |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchB-ParamSet } id-GostR3410-2001-CryptoPro-XchB-ParamSet
}
} }
gostR3410-2001-TestParamSet gostR3410-2001-TestParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-TestParamSet, id-GostR3410-2001-TestParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 7, a 7,
b 43308876546767276905765904595650931995942111794451 b 4330887654676727690576590459565093199594211
039583252968842033849580414, 1794451039583252968842033849580414,
-- 5FBFF498AA938CE739B8E022FBAFEF40563F6E6A -- 5FBFF498AA938CE739B8E022FBAFEF40563F6E6A
3472FC2A514C0CE9DAE23B7E 3472FC2A514C0CE9DAE23B7E
p 57896044618658097711785492504343953926634992332820 p 5789604461865809771178549250434395392663499
282019728792003956564821041, 2332820282019728792003956564821041,
-- 80000000000000000000000000000000000000000000000 -- 8000000000000000000000000000000000000000
00000000000000431 000000000000000000000431
q 57896044618658097711785492504343953927082934583725 q 5789604461865809771178549250434395392708293
450622380973592137631069619, 4583725450622380973592137631069619,
-- 8000000000000000000000000000000150FE8A18 -- 8000000000000000000000000000000150FE8A18
92976154C59CFC193ACCF5B3 92976154C59CFC193ACCF5B3
x 2, x 2,
y 40189740565903750333544942293705977563573938990554 y 4018974056590375033354494229370597756357393
5080690979365213431566280 89905545080690979365213431566280
-- 8E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA26712 -- 8E2A8A0E65147D4BD6316030E16D19C85C97F0A9
2B96ABBCEA7E8FC8 CA267122B96ABBCEA7E8FC8
} }
} }
gostR3410-2001-CryptoPro-A-ParamSet gostR3410-2001-CryptoPro-A-ParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-A-ParamSet, id-GostR3410-2001-CryptoPro-A-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 11579208923731619542357098500868790785326998466564 a 1157920892373161954235709850086879078532699
84665640564039457584007913129639316,
0564039457584007913129639316, -- -3 == p - 3
-- -3 == p - 3 b 166,
b 166,
-- a6 -- a6
p 11579208923731619542357098500868790785326998466564 p 1157920892373161954235709850086879078532699
0564039457584007913129639319, 84665640564039457584007913129639319,
-- fffffffffffffffffffffffffffffffffffffffffffffff -- ffffffffffffffffffffffffffffffffffffffff
ffffffffffffffd97 fffffffffffffffffffffd97
q 11579208923731619542357098500868790785307376290849 q 1157920892373161954235709850086879078530737
9243225378155805079068850323, 62908499243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff6c611070 -- ffffffffffffffffffffffffffffffff6c611070
995ad10045841b09b761b893 995ad10045841b09b761b893
x 1, x 1,
y 64033881142927202683649881450433473985931760268884 y 6403388114292720268364988145043347398593176
941288852745803908878638612 0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b -- 8d91e471e0989cda27df505a453f2b7635294f2d
122acc99c9e9f1e14 df23e3b122acc99c9e9f1e14
} }
} }
gostR3410-2001-CryptoPro-B-ParamSet gostR3410-2001-CryptoPro-B-ParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-B-ParamSet, id-GostR3410-2001-CryptoPro-B-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 57896044618658097711785492504343953926634992332820 a 5789604461865809771178549250434395392663499
282019728792003956564823190, 2332820282019728792003956564823190,
-- -3 == p - 3 -- -3 == p - 3
b 28091019353058090096996979000309560759124368558014 b 2809101935305809009699697900030956075912436
865957655842872397301267595, 8558014865957655842872397301267595,
-- 3e1af419a269a5f866a7d3c25c3df80ae979259373ff2b1 -- 3e1af419a269a5f866a7d3c25c3df80ae9792593
82f49d4ce7e1bbc8b 73ff2b182f49d4ce7e1bbc8b
p 57896044618658097711785492504343953926634992332820 p 5789604461865809771178549250434395392663499
282019728792003956564823193, 2332820282019728792003956564823193,
-- 80000000000000000000000000000000000000000000000 -- 8000000000000000000000000000000000000000
00000000000000c99 000000000000000000000c99
q 57896044618658097711785492504343953927102133160255 q 5789604461865809771178549250434395392710213
826820068844496087732066703,
3160255826820068844496087732066703,
-- 800000000000000000000000000000015f700cff -- 800000000000000000000000000000015f700cff
f1a624e5e497161bcc8a198f f1a624e5e497161bcc8a198f
x 1, x 1,
y 28792665814854611296992347458380284135028636778229 y 2879266581485461129699234745838028413502863
113005756334730996303888124 6778229113005756334730996303888124
-- 3fa8124359f96680b83d1c3eb2c070e5c545c9858d03ecf -- 3fa8124359f96680b83d1c3eb2c070e5c545c985
b744bf8d717717efc 8d03ecfb744bf8d717717efc
} }
} }
gostR3410-2001-CryptoPro-C-ParamSet gostR3410-2001-CryptoPro-C-ParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-C-ParamSet, id-GostR3410-2001-CryptoPro-C-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 70390085352083305199547718019018437841079516630045 a 7039008535208330519954771801901843784107951
180471284346843705633502616, 6630045180471284346843705633502616,
-- -3 == p - 3 -- -3 == p - 3
b 32858, b 32858,
-- 805a -- 805a
p 70390085352083305199547718019018437841079516630045 p 7039008535208330519954771801901843784107951
180471284346843705633502619, 6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86
37998f7b9022d759b 789051d37998f7b9022d759b
q 70390085352083305199547718019018437840920882647164 q 7039008535208330519954771801901843784092088
081035322601458352298396601, 2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351 -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
1eddfb74f02f3a6598980bb9 1eddfb74f02f3a6598980bb9
x 0, x 0,
y 29818893917731240733471273240314769927240550812383 y 2981889391773124073347127324031476992724055
695689146495261604565990247 0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8 -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440
f366e550dfdb3bb67 d4641a8f366e550dfdb3bb67
} }
} }
gostR3410-2001-CryptoPro-ExA-ParamSet gostR3410-2001-CryptoPro-ExA-ParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-XchA-ParamSet, id-GostR3410-2001-CryptoPro-XchA-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 11579208923731619542357098500868790785326998466564 a 1157920892373161954235709850086879078532699
0564039457584007913129639316, 84665640564039457584007913129639316,
-- -3 == p - 3 -- -3 == p - 3
b 166, b 166,
-- a6 -- a6
p 11579208923731619542357098500868790785326998466564 p 1157920892373161954235709850086879078532699
0564039457584007913129639319, 84665640564039457584007913129639319,
-- fffffffffffffffffffffffffffffffffffffffffffffff -- ffffffffffffffffffffffffffffffffffffffff
fffffffffffffffffffffd97
ffffffffffffffd97 q 1157920892373161954235709850086879078530737
q 11579208923731619542357098500868790785307376290849 62908499243225378155805079068850323,
9243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff6c611070 -- ffffffffffffffffffffffffffffffff6c611070
995ad10045841b09b761b893 995ad10045841b09b761b893
x 1, x 1,
y 64033881142927202683649881450433473985931760268884 y 6403388114292720268364988145043347398593176
941288852745803908878638612 0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b -- 8d91e471e0989cda27df505a453f2b7635294f2d
122acc99c9e9f1e14 df23e3b122acc99c9e9f1e14
} }
} }
gostR3410-2001-CryptoPro-ExB-ParamSet gostR3410-2001-CryptoPro-ExB-ParamSet
AlgorithmIdentifier {{ AlgorithmIdentifier ::=
GostR3410-2001-ParamSetAlgorithm
}} ::=
{ {
algorithm algorithm
id-GostR3410-2001-CryptoPro-XchB-ParamSet, id-GostR3410-2001-CryptoPro-XchB-ParamSet,
parameters parameters
GostR3410-2001-ParamSetParameters:{ GostR3410-2001-ParamSetParameters:{
a 70390085352083305199547718019018437841079516630045 a 7039008535208330519954771801901843784107951
180471284346843705633502616, 6630045180471284346843705633502616,
-- -3 == p - 3 -- -3 == p - 3
b 32858, b 32858,
-- 805a -- 805a
p 70390085352083305199547718019018437841079516630045 p 7039008535208330519954771801901843784107951
180471284346843705633502619, 6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86
37998f7b9022d759b 789051d37998f7b9022d759b
q 70390085352083305199547718019018437840920882647164 q 7039008535208330519954771801901843784092088
081035322601458352298396601, 2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351 -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
1eddfb74f02f3a6598980bb9 1eddfb74f02f3a6598980bb9
x 0, x 0,
y 29818893917731240733471273240314769927240550812383 y 2981889391773124073347127324031476992724055
695689146495261604565990247 0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8 -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440
f366e550dfdb3bb67 d4641a8f366e550dfdb3bb67
} }
} }
END -- GostR3410-2001-ParamSetSyntax END -- GostR3410-2001-ParamSetSyntax
9 References 11 References
[GOST28147] "Cryptographic Protection for Data Processing Sys- [GOST28147] "Cryptographic Protection for Data Processing Sys-
tem", GOST 28147-89, Gosudarstvennyi Standard of tem", GOST 28147-89, Gosudarstvennyi Standard of
USSR, Government Committee of the USSR for Standards, USSR, Government Committee of the USSR for Standards,
1989. (In Russian); 1989. (In Russian);
[GOSTR341094] "Information technology. Cryptographic Data Security. [GOSTR341094] "Information technology. Cryptographic Data Security.
Produce and check procedures of Electronic Digital Produce and check procedures of Electronic Digital
Signatures based on Asymmetric Cryptographic Algo- Signatures based on Asymmetric Cryptographic Algo-
rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of
skipping to change at page 47, line 5 skipping to change at page 51, line 8
cateRequirement Levels", BCP 14, RFC 2119, March cateRequirement Levels", BCP 14, RFC 2119, March
1997. 1997.
[HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed- [HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104 Febru- Hashing for Message Authentication", RFC 2104 Febru-
ary 1997. ary 1997.
[TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen. [TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen.
January 1999, RFC 2246. January 1999, RFC 2246.
10 Acknowledgments [RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002
N1-FZ
[RFLLIC] "Russian Federal Law on Licensing of Selected Activ-
ity Categories", 08 Aug 2001 N 128-FZ
[CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of
Selected Activity Categories in Cryptography Area",
23 Sep 2002 N 691
12 Acknowledgments
This document was created in accordance with "Russian Cryptographic This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas", Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI), CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions. compatibility of the products and solutions.
The authors wish to thank: The authors wish to thank:
Microsoft Corporation Russia for provided information about Microsoft Corporation Russia for provided information about
 End of changes. 284 change blocks. 
1174 lines changed or deleted 1378 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/