< draft-popov-cryptopro-cpalgs-03.txt   draft-popov-cryptopro-cpalgs-04.txt >
Internet Draft Vladimir Popov, CRYPTO-PRO Internet Draft Vladimir Popov, CRYPTO-PRO
Igor Kurepkin, CRYPTO-PRO Igor Kurepkin, CRYPTO-PRO
Expires January 15, 2006 Serguei Leontiev, CRYPTO-PRO Expires March 2, 2006 Serguei Leontiev, CRYPTO-PRO
Intended Category: Informational July 15, 2005 Intended Category: Informational September 2, 2005
Additional cryptographic algorithms for use with GOST 28147-89, Additional cryptographic algorithms for use with GOST 28147-89,
GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms. GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms.
<draft-popov-cryptopro-cpalgs-03.txt> <draft-popov-cryptopro-cpalgs-04.txt>
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than a "work in progress." material or to cite them other than a "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html.
This Internet-Draft will expire on March 1, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2005).
Abstract Abstract
This document describes the cryptographic algorithms and parameters This document describes the cryptographic algorithms and parameters
supplementary to the original GOST specifications GOST 28147-89, GOST supplementary to the original GOST specifications GOST 28147-89, GOST
R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 for use in Internet R 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 for use in Internet
applications. applications.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2 1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3
2 Cipher modes and parameters. . . . . . . . . . . . . . . 3 2 Cipher modes and parameters. . . . . . . . . . . . . . . 3
2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 4 2.1 GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . . 4
2.2 GOST 28147-89 padding modes. . . . . . . . . . . . . . . 4 2.2 GOST 28147-89 padding modes. . . . . . . . . . . . . . . 4
2.3 Key Meshing Algorithms . . . . . . . . . . . . . . . . . 4 2.3 Key Meshing Algorithms . . . . . . . . . . . . . . . . . 4
2.3.1 Null Key Meshing . . . . . . . . . . . . . . . . . . . . 5 2.3.1 Null Key Meshing . . . . . . . . . . . . . . . . . . . . 5
2.3.2 CryptoPro Key Meshing. . . . . . . . . . . . . . . . . . 5 2.3.2 CryptoPro Key Meshing. . . . . . . . . . . . . . . . . . 5
3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 6 3 HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . . 6
4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 6 4 PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . . 6
5 Key Derivation Algorithms. . . . . . . . . . . . . . . . 6 5 Key Derivation Algorithms. . . . . . . . . . . . . . . . 6
5.1 VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . . 6 5.1 VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . . 7
5.2 VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . . 7 5.2 VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . . 7
6 Key Wrap algorithms. . . . . . . . . . . . . . . . . . . 7 6 Key Wrap algorithms. . . . . . . . . . . . . . . . . . . 7
6.1 GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . . 7 6.1 GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . . 8
6.2 GOST 28147-89 Key Unrap. . . . . . . . . . . . . . . . . 8 6.2 GOST 28147-89 Key Unwrap . . . . . . . . . . . . . . . . 8
6.3 CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . . 8 6.3 CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . . 8
6.4 CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . . 9 6.4 CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . . 9
6.5 CryptoPro KEK Diversification Algorithm. . . . . . . . . 9 6.5 CryptoPro KEK Diversification Algorithm. . . . . . . . . 9
7 Secret Key Diversification . . . . . . . . . . . . . . . 9 7 Secret Key Diversification . . . . . . . . . . . . . . . 10
8 Algorithm parameters . . . . . . . . . . . . . . . . . . 10 8 Algorithm parameters . . . . . . . . . . . . . . . . . . 10
8.1 Encryption algorithm parameters . . . . . . . . . . . . 10 8.1 Encryption algorithm parameters . . . . . . . . . . . . 10
8.2 Digest algorithm parameters. . . . . . . . . . . . . . . 11 8.2 Digest algorithm parameters. . . . . . . . . . . . . . . 11
8.3 GOST R 34.10-94 public key algorithm parameters . . . . 12 8.3 GOST R 34.10-94 public key algorithm parameters . . . . 12
8.4 GOST R 34.10-2001 public key algorithm parameters. . . . 13 8.4 GOST R 34.10-2001 public key algorithm parameters. . . . 13
9 Security Considerations. . . . . . . . . . . . . . . . . 14 9 Security Considerations. . . . . . . . . . . . . . . . . 14
10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14 10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14
11 References . . . . . . . . . . . . . . . . . . . . . . . 50 11 Appendix Parameters. . . . . . . . . . . . . . . . . . . 30
12 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 51 11.1 Encryption algorithm parameters. . . . . . . . . . . . . 30
Author's Addresses. . . . . . . . . . . . . . . . . . . . . . . 52 11.2 Digest algorithm parameters. . . . . . . . . . . . . . . 33
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 53 11.3 GOST R 34.10-94 public key algorithm parameters. . . . . 34
11.4 GOST R 34.10-2001 public key algorithm parameters. . . . 42
12 References . . . . . . . . . . . . . . . . . . . . . . . 46
13 Acknowledgments. . . . . . . . . . . . . . . . . . . . . 47
Author's Addresses. . . . . . . . . . . . . . . . . . . . . . . 48
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 49
1 Introduction 1 Introduction
Russian cryptographic standards that define the algorithms GOST Russian cryptographic standards that define the algorithms GOST
28147-89 [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R 28147-89 [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R
34.10-2001 [GOSTR341001] and GOST R34.11-94 [GOSTR341194] provide 34.10-2001 [GOSTR341001] and GOST R34.11-94 [GOSTR341194] provide
basic information about how the algorithms work, but need basic information about how the algorithms work, but need
supplemental specifications to effectively use the algorithms (a supplemental specifications to effectively use the algorithms (a
brief english technical description of these algorithms can be found brief english technical description of these algorithms can be found
in [Schneier95]). in [Schneier95]).
skipping to change at page 3, line 10 skipping to change at page 3, line 17
1.2 Terminology 1.2 Terminology
In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD,
SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described
in [RFC 2119]. in [RFC 2119].
The following functions and operators are also used in this document: The following functions and operators are also used in this document:
'|' stands for concatenation. '|' stands for concatenation.
'~' stands for bitwise NOT opetator.
'^' stands for the power opetator.
encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in
"prostaya zamena" (ECB) mode. "prostaya zamena" (ECB) mode.
decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in
ECB mode. ECB mode.
encryptCFB (IV, K, D) - is D, encrypted with key K using GOST encryptCFB (IV, K, D) - is D, encrypted with key K using GOST
28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and 28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and
IV as initialization vector. IV as initialization vector.
encryptCNT (IV, K, D) - is D, encrypted with key K using GOST encryptCNT (IV, K, D) - is D, encrypted with key K using GOST
28147-89 in "gammirovanie" (counter) mode, and IV as initialization 28147-89 in "gammirovanie" (counter) mode, and IV as initialization
vector. vector.
gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash
function, used with zero intitialization vector, and S-Box parameter, function, used with zero intitialization vector, and S-Box parameter,
defined by gostR3411CryptoProParamSetAI (see Appendix, defined by id-GostR3411-94-CryptoProParamSet (see chapter 11.2).
GostR3411-94-ParamSetSyntax module).
gost28147IMIT (IV, K, D) - is the 32-bit result of GOST 28147-89 in gost28147IMIT (IV, K, D) - is the 32-bit result of GOST 28147-89 in
"imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV "imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV
as initialization vector. Note, that standard specifies it's use in as initialization vector. Note, that standard specifies it's use in
this mode only with zero initialization vector. this mode only with zero initialization vector.
When keys and initialization vectors are converted to/from byte When keys and initialization vectors are converted to/from byte
arrays, little-endian byte order is assumed. arrays, little-endian byte order is assumed.
2 Cipher modes and parameters 2 Cipher modes and parameters
skipping to change at page 5, line 15 skipping to change at page 5, line 25
Gost28147-89-TestParamSet, which specifies use of null key meshing Gost28147-89-TestParamSet, which specifies use of null key meshing
algorithm. algorithm.
2.3.1 Null Key Meshing 2.3.1 Null Key Meshing
The null key meshing algorithm never changes a key. The null key meshing algorithm never changes a key.
The identifier for this algorithm is: The identifier for this algorithm is:
id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) none(0) } { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
keyMeshing(14) none(0) }
There are no meaningful parameters to this algorithm. If present, There are no meaningful parameters to this algorithm. If present,
AlgorithmIdentifier.parameters MUST contain NULL. AlgorithmIdentifier.parameters MUST contain NULL.
2.3.2 CryptoPro Key Meshing 2.3.2 CryptoPro Key Meshing
The CryptoPro key meshing algorithm transforms the key and The CryptoPro key meshing algorithm transforms the key and
initialization vector every 1024 octets (8192 bits, or 256 64-bit initialization vector every 1024 octets (8192 bits, or 256 64-bit
blocks) of plaintext data. blocks) of plaintext data.
This algorithm has the same drawback as OFB cipher mode - it is This algorithm has the same drawback as OFB cipher mode - it is
impossible to re-establish crypto synch while decrypting a impossible to re-establish crypto synch while decrypting a
ciphertext, when some parts of encrypted data are corrupted, lost or ciphertext, when some parts of encrypted data are corrupted, lost or
processed out of order. Furthermore, it is impossible to re-synch processed out of order. Furthermore, it is impossible to re-synch
even if an IV for each data packet is provided explicitly. Use of even if an IV for each data packet is provided explicitly. Use of
this algorithm in such protocols as IPsec ESP requires special care. this algorithm in such protocols as IPsec ESP requires special care.
The identifier for this algorithm is: The identifier for this algorithm is:
id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) } { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
keyMeshing(14) cryptoPro(1) }
There are no meaningful parameters to this algorithm. If present, There are no meaningful parameters to this algorithm. If present,
AlgorithmIdentifier.parameters MUST contain NULL. AlgorithmIdentifier.parameters MUST contain NULL.
Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i = Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i =
0. Let IV[0] be the value of the initialization vector after 0. Let IVn[0] be the value of the initialization vector after
processing the first 1024 octets of data. Encryption or decryption of processing the first 1024 octets of data. Encryption or decryption of
the next 1024 octets will start with K[1] and IV0[1], which are the next 1024 octets will start with K[1] and IV0[1], which are
calculated using the formula: calculated using the formula:
K[i+1] = decryptECB (K[i], C); K[i+1] = decryptECB (K[i], C);
IV0[i+1] = encryptECB (K[i+1],IV[i]) IV0[i+1] = encryptECB (K[i+1],IVn[i])
Where C = {0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, Where C = {0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B}; 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B};
After processing every 1024 octets of data: After processing every 1024 octets of data:
* the resulting initialization vector is stored as IV[i]. * the resulting initialization vector is stored as IVn[i].
* K[i+1] and IV0[i+1] are calculated * K[i+1] and IV0[i+1] are calculated
* i is incremented. * i is incremented.
* Encryption or decryption of next 1024 bytes starts, using * Encryption or decryption of next 1024 bytes starts, using
the new key and IV. the new key and IV.
The process is repeated until all the data has been processed. The process is repeated until all the data has been processed.
3 HMAC_GOSTR3411 3 HMAC_GOSTR3411
HMAC_GOSTR3411 (K,text) function is based on hash function GOST R HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
34.11-94, as defined in [HMAC], with the following parameter values: 34.11-94, as defined in [HMAC], with the following parameter values:
skipping to change at page 7, line 8 skipping to change at page 7, line 20
Exchange key KEK is a 256-bit hash of the 1024-bit shared secret that Exchange key KEK is a 256-bit hash of the 1024-bit shared secret that
is generated using Diffie-Hellman key agreement. is generated using Diffie-Hellman key agreement.
1) Let K(x,y) = a^(x*y) (mod p), where 1) Let K(x,y) = a^(x*y) (mod p), where
x - sender's private key, a^x - sender's public key x - sender's private key, a^x - sender's public key
y - recipient's private key, a^y - recipient's public key y - recipient's private key, a^y - recipient's public key
a, p - parameters a, p - parameters
2) Calculate a 256-bit hash of K(x,y): 2) Calculate a 256-bit hash of K(x,y):
KEK(x,y) = gostR3411 (K(x,y)) KEK(x,y) = gostR3411 (K(x,y))
Keypairs x and y MUST comply with [GOSTR341094]. Keypairs (x,a^x) and (y,a^y) MUST comply with [GOSTR341094].
This algorithm MUST NOT be used when a^x = a (mod p) or a^y = a (mod This algorithm MUST NOT be used when a^x = a (mod p) or a^y = a (mod
p). p).
5.2 VKO GOST R 34.10-2001 5.2 VKO GOST R 34.10-2001
This algorithm creates a key encryption key (KEK) using 64 bit UKM, This algorithm creates a key encryption key (KEK) using 64 bit UKM,
the sender's private key and the recipient's public key (or the the sender's private key and the recipient's public key (or the
reverse of the latter pair). reverse of the latter pair).
skipping to change at page 7, line 32 skipping to change at page 7, line 44
y - recipient's private key (256 bit) y - recipient's private key (256 bit)
y.P - recipient's public key (512 bit) y.P - recipient's public key (512 bit)
UKM - User Keying Material (64 bit) UKM - User Keying Material (64 bit)
P - base point on the elliptic curve (two 256-bit coordinates) P - base point on the elliptic curve (two 256-bit coordinates)
UKM*x - x multiplied by UKM as integers UKM*x - x multiplied by UKM as integers
x.P - a multiple point x.P - a multiple point
2) Calculate a 256-bit hash of K(x,y,UKM): 2) Calculate a 256-bit hash of K(x,y,UKM):
KEK(x,y,UKM) = gostR3411 (K(x,y,UKM)) KEK(x,y,UKM) = gostR3411 (K(x,y,UKM))
Keypairs x and y MUST comply with [GOSTR341001]. Keypairs (x,x.P) and (y,y.P) MUST comply with [GOSTR341001].
This algorithm MUST NOT be used when x.P = P, y.P = P This algorithm MUST NOT be used when x.P = P, y.P = P
6 Key Wrap algorithms 6 Key Wrap algorithms
This document defines two key wrap algorithms: GOST 28147-89 Key Wrap This document defines two key wrap algorithms: GOST 28147-89 Key Wrap
and CryptoPro Key Wrap. These are used to encrypt a Content and CryptoPro Key Wrap. These are used to encrypt a Content
Encryption Key (CEK) with a Key Encryption Key (KEK). Encryption Key (CEK) with a Key Encryption Key (KEK).
6.1 GOST 28147-89 Key Wrap 6.1 GOST 28147-89 Key Wrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
Note: This algorithm MUST NOT be used with a KEK produced by VKO GOST Note: This algorithm MUST NOT be used with a KEK produced by VKO GOST
R 34.10-94, because such a KEK is constant for every sender-recipient R 34.10-94, because such a KEK is constant for every sender-recipient
pair. Encrypting many different content encryption keys on the same pair. Encrypting many different content encryption keys on the same
constant KEK may reveal that KEK. constant KEK may reveal that KEK.
The identifier for this algorithm is:
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
The GOST 28147-89 key wrap algorithm is: The GOST 28147-89 key wrap algorithm is:
1) For a unique symmetric KEK, generate 8 octets at random, call the 1) For a unique symmetric KEK, generate 8 octets at random, call the
result UKM. For a KEK, produced by VKO GOST R 34.10-2001, use the result UKM. For a KEK, produced by VKO GOST R 34.10-2001, use the
UKM that was used for key derivation. UKM that was used for key derivation.
2) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK). 2) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK).
Call the result CEK_MAC. Call the result CEK_MAC.
3) Encrypt the CEK in ECB mode using the KEK. Call the ciphertext 3) Encrypt the CEK in ECB mode using the KEK. Call the ciphertext
CEK_ENC. CEK_ENC.
4) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC). 4) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC).
skipping to change at page 8, line 41 skipping to change at page 8, line 47
4) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK), 4) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK, CEK),
compare the result with CEK_MAC. If not equal, then error. compare the result with CEK_MAC. If not equal, then error.
6.3 CryptoPro Key Wrap 6.3 CryptoPro Key Wrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
It can be used with any KEK (e.g. produced by VKO GOST R 34.10-94 or It can be used with any KEK (e.g. produced by VKO GOST R 34.10-94 or
VKO GOST R 34.10-2001) because unique UKM is used to diversify the VKO GOST R 34.10-2001) because unique UKM is used to diversify the
KEK. KEK.
Identifier for this algorithm:
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
The CryptoPro key wrap algorithm is: The CryptoPro key wrap algorithm is:
1) For a unique symmetric KEK or a KEK produced by VKO GOST R 1) For a unique symmetric KEK or a KEK produced by VKO GOST R
34.10-94, generate 8 octets at random. Call the result UKM. For 34.10-94, generate 8 octets at random. Call the result UKM. For
a KEK, produced by VKO GOST R 34.10-2001, use the UKM that was a KEK, produced by VKO GOST R 34.10-2001, use the UKM that was
used for key derivation. used for key derivation.
2) Diversify KEK, using the CryptoPro KEK Diversification Algorithm, 2) Diversify KEK, using the CryptoPro KEK Diversification Algorithm,
described in section 6.5. Call the result KEK(UKM). described in section 6.5. Call the result KEK(UKM).
3) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM), 3) Compute a 4-byte checksum value, gost28147IMIT (UKM, KEK(UKM),
CEK). Call the result CEK_MAC. CEK). Call the result CEK_MAC.
4) Encrypt CEK in ECB mode using KEK(UKM). Call the ciphertext 4) Encrypt CEK in ECB mode using KEK(UKM). Call the ciphertext
CEK_ENC. CEK_ENC.
5) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC). 5) The wrapped content-encryption key is (UKM | CEK_ENC | CEK_MAC).
6.4 CryptoPro Key Unrap 6.4 CryptoPro Key Unwrap
This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK. This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
The CryptoPro key unwrap algorithm is: The CryptoPro key unwrap algorithm is:
1) If the wrapped content-encryption key is not 44 octets, then 1) If the wrapped content-encryption key is not 44 octets, then
error. error.
2) Decompose the the wrapped content-encryption key into UKM, 2) Decompose the the wrapped content-encryption key into UKM,
CEK_ENC and CEK_MAC. UKM is the most significant (first) 8 CEK_ENC and CEK_MAC. UKM is the most significant (first) 8
octets. CEK_ENC is next 32 octets, and CEK_MAC is the least octets. CEK_ENC is next 32 octets, and CEK_MAC is the least
significant (last) 4 octets. significant (last) 4 octets.
skipping to change at page 9, line 46 skipping to change at page 9, line 48
UKM = a[0]|..|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits) UKM = a[0]|..|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)
3) Let i be 0. 3) Let i be 0.
4) K[1]..K[8] are calculated by repeating the 4) K[1]..K[8] are calculated by repeating the
following algorithm eight times: following algorithm eight times:
A) K[i] is split into components k[i,j]: A) K[i] is split into components k[i,j]:
K[i] = k[i,0]|k[i,1]|..|k[i,7] (k[i,j] - 32-bit integer) K[i] = k[i,0]|k[i,1]|..|k[i,7] (k[i,j] - 32-bit integer)
B) Vector S[i] is calculated: B) Vector S[i] is calculated:
S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32) S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32) OR
| ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32); (((~a[i,0])*k[i,0] + ... + (~a[i,7])*k[i,7]) mod 2^32);
C) K[i+1] = encryptCFB (S[i], K[i], K[i]) C) K[i+1] = encryptCFB (S[i], K[i], K[i])
D) i = i + 1 D) i = i + 1
5) Let K(UKM) be K[8]. 5) Let K(UKM) be K[8].
7 Secret Key Diversification 7 Secret Key Diversification
This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94 This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94
or GOST R 34.10-2001 secret key K and diversification data D of size or GOST R 34.10-2001 secret key K and diversification data D of size
4..40 bytes. 4..40 bytes.
skipping to change at page 10, line 35 skipping to change at page 10, line 37
Kd = encryptCFB (UKM, K(UKM), SRCKEY). Kd = encryptCFB (UKM, K(UKM), SRCKEY).
8 Algorithm parameters 8 Algorithm parameters
Standards [GOST28147], [GOST341194], [GOSTR341094] and [GOSTR341001] Standards [GOST28147], [GOST341194], [GOSTR341094] and [GOSTR341001]
do not define specific values for algorithm parameters. do not define specific values for algorithm parameters.
This document introduces the use of ASN.1 object identifiers (OIDs) This document introduces the use of ASN.1 object identifiers (OIDs)
to specify algorithm parameters. to specify algorithm parameters.
Identifiers and corresponding parameter values for all of the Identifiers for all of the proposed parameter sets can be found in
proposed parameter sets can be found in the Appendix in the form of Appendix ASN.1 modules. Corresponding parameter values for proposed
ASN.1 modules [X.660]. parameter sets can be found in section 11.
8.1 Encryption algorithm parameters 8.1 Encryption algorithm parameters
GOST 28147-89 can be used in several modes, additional CBC mode is GOST 28147-89 can be used in several modes, additional CBC mode is
defined in section 2.1 this document. It also has an S-Box parameter defined in section 2.1 this document. It also has an S-Box parameter
(see Algorithm Parameters part in [GOST28147] in Russian, description (see Algorithm Parameters part in [GOST28147] in Russian, description
in English see in [Schneier95] ch. 14.1, p. 331). in English see in [Schneier95] ch. 14.1, p. 331).
This table contains the list of proposed parameter sets for GOST This table contains the list of proposed parameter sets for GOST
28147-89: 28147-89:
skipping to change at page 11, line 10 skipping to change at page 11, line 12
Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-TestParamSet } | id-Gost28147-89-TestParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-A-ParamSet } | id-Gost28147-89-CryptoPro-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-B-ParamSet } | id-Gost28147-89-CryptoPro-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-C-ParamSet } | id-Gost28147-89-CryptoPro-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-D-ParamSet } | id-Gost28147-89-CryptoPro-D-ParamSet }
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
} }
Identifier values are in the Appendix. Identifier values are in the Appendix ASN.1 modules, and
corresponding parameters are in section 11.1.
Parameters for GOST 28147-89 are presented in the following form: Parameters for GOST 28147-89 are presented in the following form:
Gost28147-89-ParamSetParameters ::= SEQUENCE { Gost28147-89-ParamSetParameters ::= SEQUENCE {
eUZ Gost28147-89-UZ, eUZ Gost28147-89-UZ,
mode INTEGER { mode INTEGER {
gost28147-89-CNT(0), gost28147-89-CNT(0),
gost28147-89-CFB(1), gost28147-89-CFB(1),
cryptoPro-CBC(2) cryptoPro-CBC(2)
}, },
shiftBits INTEGER { gost28147-89-block(64) }, shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier,
keyMeshing AlgorithmIdentifier keyMeshing AlgorithmIdentifier
} }
Gost28147-89-UZ ::= OCTET STRING (SIZE (64)) Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } | { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing } { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
} }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
}
where where
eUZ - S-box value; eUZ - S-box value;
mode - cipher mode; mode - cipher mode;
shiftBits - cipher parameter; shiftBits - cipher parameter;
keyWrap - key export algorithm identifier;
keyMeshing - key meshing algorithm identifier. keyMeshing - key meshing algorithm identifier.
8.2 Digest algorithm parameters 8.2 Digest algorithm parameters
This table contains the list of proposed parameter sets for This table contains the list of proposed parameter sets for
[GOST341194]: [GOST341194]:
GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-TestParamSet id-GostR3411-94-TestParamSet
} | } |
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
} }
} }
Identifier values are in the Appendix. Identifier values are in the Appendix ASN.1 modules, and
corresponding parameters are in section 11.2.
Parameters for [GOST341194] are presented in the following form: Parameters for [GOST341194] are presented in the following form:
GostR3411-94-ParamSetParameters ::= GostR3411-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
hUZ Gost28147-89-UZ, -- S-Box for digest hUZ Gost28147-89-UZ, -- S-Box for digest
h0 GostR3411-94-Digest -- start digest value h0 GostR3411-94-Digest -- start digest value
} }
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
skipping to change at page 13, line 5 skipping to change at page 12, line 44
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-D-ParamSet } | id-GostR3410-94-CryptoPro-D-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchA-ParamSet } | id-GostR3410-94-CryptoPro-XchA-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchB-ParamSet } | id-GostR3410-94-CryptoPro-XchB-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-XchC-ParamSet } id-GostR3410-94-CryptoPro-XchC-ParamSet }
} }
Identifier values are in the Appendix. Identifier values are in the Appendix ASN.1 modules, and
corresponding parameters are in section 11.3.
Parameters for GOST R 34.10-94 are presented in the following form: Parameters for GOST R 34.10-94 are presented in the following form:
GostR3410-94-ParamSetParameters ::= GostR3410-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER, t INTEGER,
p INTEGER, p INTEGER,
q INTEGER, q INTEGER,
a INTEGER, a INTEGER,
validationAlgorithm AlgorithmIdentifier {{ validationAlgorithm AlgorithmIdentifier {{
skipping to change at page 13, line 31 skipping to change at page 13, line 23
SEQUENCE { SEQUENCE {
x0 INTEGER, x0 INTEGER,
c INTEGER, c INTEGER,
d INTEGER OPTIONAL d INTEGER OPTIONAL
} }
Where Where
t - bit length of p (512 or 1024 bits); t - bit length of p (512 or 1024 bits);
p - modulus, prime number, 2^(t-1)<p<2^t; p - modulus, prime number, 2^(t-1)<p<2^t;
q - order of cyclic group, prime number, 2^254<q<2^256, q is a q - order of cyclic group, prime number, 2^254<q<2^256, q is a
factor factor of p-1;
of p-1;
a - generator, integer, 1<a<p-1, at that aq (mod p) = 1; a - generator, integer, 1<a<p-1, at that aq (mod p) = 1;
validationAlgorithm - constant p, q and a calculating algorithm. validationAlgorithm - constant p, q and a calculating algorithm.
x0 - seed; x0 - seed;
c - used for p and q generation; c - used for p and q generation;
d - used for a generation. d - used for a generation.
8.4 GOST R 34.10-2001 public key algorithm parameters 8.4 GOST R 34.10-2001 public key algorithm parameters
This table contains the list of proposed parameter sets for GOST R This table contains the list of proposed parameter sets for GOST R
skipping to change at page 14, line 11 skipping to change at page 13, line 51
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-B-ParamSet } | id-GostR3410-2001-CryptoPro-B-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-C-ParamSet } | id-GostR3410-2001-CryptoPro-C-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchA-ParamSet } | id-GostR3410-2001-CryptoPro-XchA-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchB-ParamSet } id-GostR3410-2001-CryptoPro-XchB-ParamSet }
} }
Identifier values are in the Appendix. Identifier values are in the Appendix ASN.1 modules, and
corresponding parameters are in section 11.4.
Parameters for GOST R 34.10-2001 are presented in the following form: Parameters for GOST R 34.10-2001 are presented in the following form:
GostR3410-2001-ParamSetParameters ::= GostR3410-2001-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
a INTEGER, a INTEGER,
b INTEGER, b INTEGER,
p INTEGER, p INTEGER,
q INTEGER, q INTEGER,
x INTEGER, x INTEGER,
y INTEGER y INTEGER
} }
a, b - coefficients a and b of the elliptic curve E; a, b - coefficients a and b of the elliptic curve E;
p - prime number - elliptic curve modulus; p - prime number - elliptic curve modulus;
q - prime number - order of cyclic group; q - prime number - order of cyclic group;
x, y - base point p coordinates. x, y - base point p coordinates.
9 Security Considerations 9 Security Considerations
It is RECCOMENDED that software applications verify signature values, It is RECOMMENDED that software applications verify signature values,
subject public keys and algorithm parameters to conform to subject public keys and algorithm parameters to conform to
[GOSTR341001], [GOSTR341094] standards prior to their use. [GOSTR341001], [GOSTR341094] standards prior to their use.
Cryptographic algorithm parameters affect rigidity of algorithms. Cryptographic algorithm parameters affect rigidity of algorithms.
The algorithm parameters proposed and described herein have been The algorithm parameters proposed and described herein except for the
analyzed by special certification laboratory of Scientific and test parameter sets (id-Gost28147-89-TestParamSet, id-
Technical Center "ATLAS" and by Center of Certificational GostR3411-94-TestParamSet, id-GostR3410-94-TestParamSet, id-
Investigations in appropriate levels of target_of_evaluation (TOE), GostR3410-2001-TestParamSet) have been analyzed by special
according to [RFDSL], [RFLLIC] and [CRYPTOLIC]. certification laboratory of Scientific and Technical Center "ATLAS"
and by Center of Certificational Investigations in appropriate levels
of target_of_evaluation (TOE), according to [RFDSL], [RFLLIC] and
[CRYPTOLIC].
Use of different parameter sets is NOT RECOMENDED. When different Use of the test parameter sets or parameter sets not described herein
parameters are used it is RECCOMENDED to subject them to examination is NOT RECOMMENDED. When different parameters are used it is
by an authorized agency with approved methods of cryptographic RECOMMENDED to subject them to examination by an authorized agency
analysis. with approved methods of cryptographic analysis.
10 Appendix ASN.1 Modules 10 Appendix ASN.1 Modules
10.1 Cryptographic-Gost-Useful-Definitions 10.1 Cryptographic-Gost-Useful-Definitions
Cryptographic-Gost-Useful-Definitions Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2)
other(1) modules(1) cryptographic-Gost-Useful-Definitions(0) cryptopro(2) other(1) modules(1)
1 } cryptographic-Gost-Useful-Definitions(0) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
skipping to change at page 17, line 4 skipping to change at page 16, line 48
gost28147-89-EncryptionSyntax OBJECT IDENTIFIER ::= gost28147-89-EncryptionSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost28147-89-EncryptionSyntax(4) 1 } { id-CryptoPro-modules gost28147-89-EncryptionSyntax(4) 1 }
gost28147-89-ParamSetSyntax OBJECT IDENTIFIER ::= gost28147-89-ParamSetSyntax OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost28147-89-ParamSetSyntax(6) 1 } { id-CryptoPro-modules gost28147-89-ParamSetSyntax(6) 1 }
-- Extended Key Usage for Crypto-Pro -- Extended Key Usage for Crypto-Pro
gost-CryptoPro-ExtendedKeyUsage OBJECT IDENTIFIER ::= gost-CryptoPro-ExtendedKeyUsage OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules { id-CryptoPro-modules
gost-CryptoPro-ExtendedKeyUsage(13) 1 } gost-CryptoPro-ExtendedKeyUsage(13) 1 }
-- Crypto-Pro Private keys -- Crypto-Pro Private keys
gost-CryptoPro-PrivateKey OBJECT IDENTIFIER ::= gost-CryptoPro-PrivateKey OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-PrivateKey(14) 1 } { id-CryptoPro-modules gost-CryptoPro-PrivateKey(14) 1 }
-- Crypto-Pro PKIXCMP structures -- Crypto-Pro PKIXCMP structures
gost-CryptoPro-PKIXCMP OBJECT IDENTIFIER ::= gost-CryptoPro-PKIXCMP OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-PKIXCMP(15) 1 } { id-CryptoPro-modules gost-CryptoPro-PKIXCMP(15) 1 }
-- Crypto-Pro Transport Layer Security structures -- Crypto-Pro Transport Layer Security structures
gost-CryptoPro-TransportLayerSecurity OBJECT IDENTIFIER ::= gost-CryptoPro-TLS OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-TransportLayerSecurit { id-CryptoPro-modules gost-CryptoPro-TLS(16) 1 }
y(16) 1 }
-- Crypto-Pro Policy -- Crypto-Pro Policy
gost-CryptoPro-Policy OBJECT IDENTIFIER ::= gost-CryptoPro-Policy OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-Policy(17) 1 } { id-CryptoPro-modules gost-CryptoPro-Policy(17) 1 }
gost-CryptoPro-Constants OBJECT IDENTIFIER ::=
{ id-CryptoPro-modules gost-CryptoPro-Constants(18) 1 }
-- Useful types -- Useful types
ALGORITHM-IDENTIFIER ::= CLASS { ALGORITHM-IDENTIFIER ::= CLASS {
&id OBJECT IDENTIFIER UNIQUE, &id OBJECT IDENTIFIER UNIQUE,
&Type OPTIONAL &Type OPTIONAL
} }
WITH SYNTAX { [&Type] IDENTIFIED BY &id } WITH SYNTAX { [&Type] IDENTIFIED BY &id }
END -- Cryptographic-Gost-Useful-Definitions END -- Cryptographic-Gost-Useful-Definitions
10.2 Gost28147-89-EncryptionSyntax 10.2 Gost28147-89-EncryptionSyntax
skipping to change at page 18, line 19 skipping to change at page 18, line 16
id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts test(0) } { id-CryptoPro-encrypts test(0) }
id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-A(1) } { id-CryptoPro-encrypts cryptopro-A(1) }
id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-B(2) } { id-CryptoPro-encrypts cryptopro-B(2) }
id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-C(3) } { id-CryptoPro-encrypts cryptopro-C(3) }
id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-D(4) } { id-CryptoPro-encrypts cryptopro-D(4) }
id-Gost28147-89-CryptoPro-Oscar-ParamSet id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Oscar(5) } { id-CryptoPro-encrypts cryptopro-Oscar-1-1(5) }
id-Gost28147-89-CryptoPro-Simple-A-ParamSet id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-A(6) } { id-CryptoPro-encrypts cryptopro-Oscar-1-0(6) }
id-Gost28147-89-CryptoPro-Simple-B-ParamSet id-Gost28147-89-CryptoPro-RIC-1-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-B(7) } { id-CryptoPro-encrypts cryptopro-RIC-1(7) }
id-Gost28147-89-CryptoPro-Simple-C-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-C(8) }
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
OBJECT IDENTIFIER ::=
{ id-CryptoPro-encrypts cryptopro-Simple-D(9) }
-- GOST 28147-89 Types -- GOST 28147-89 Types
Gost28147-89-Data ::= OCTET STRING (SIZE (0..4294967294))
Gost28147-89-EncryptedData ::=
OCTET STRING (SIZE (0..4294967294))
Gost28147-89-UZ ::= OCTET STRING (SIZE (64)) Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
Gost28147-89-IV ::= OCTET STRING (SIZE (8)) Gost28147-89-IV ::= OCTET STRING (SIZE (8))
Gost28147-89-Key ::= OCTET STRING (SIZE (32)) Gost28147-89-Key ::= OCTET STRING (SIZE (32))
Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4)) Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4))
Gost28147-89-EncryptedKey ::= Gost28147-89-EncryptedKey ::=
SEQUENCE { SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key OPTI maskKey [0] IMPLICIT Gost28147-89-Key OPTIONAL,
ONAL, macKey Gost28147-89-MAC (SIZE (4))
macKey Gost28147-89-MAC (SIZE (4))
} }
Gost28147-89-ParamSet ::=
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet |
-- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet |
id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet |
id-Gost28147-89-CryptoPro-RIC-1-ParamSet
)
Gost28147-89-BlobParameters ::= Gost28147-89-BlobParameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet encryptionParamSet Gost28147-89-ParamSet,
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet |
-- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
),
... ...
} }
-- GOST 28147-89 encryption algorithm parameters -- GOST 28147-89 encryption algorithm parameters
Gost28147-89-Parameters ::= Gost28147-89-Parameters ::=
SEQUENCE { SEQUENCE {
iv Gost28147-89-IV, iv Gost28147-89-IV,
encryptionParamSet encryptionParamSet Gost28147-89-ParamSet
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet |
-- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
)
} }
Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-Parameters IDENTIFIED BY { Gost28147-89-Parameters IDENTIFIED BY
id-Gost28147-89 } id-Gost28147-89 }
} }
END -- Gost28147-89-EncryptionSyntax END -- Gost28147-89-EncryptionSyntax
10.3 Gost28147-89-ParamSetSyntax 10.3 Gost28147-89-ParamSetSyntax
Gost28147-89-ParamSetSyntax Gost28147-89-ParamSetSyntax
skipping to change at page 20, line 19 skipping to change at page 19, line 43
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-encrypts, id-CryptoPro-algorithms, id-CryptoPro-encrypts,
gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER, gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-UZ, Gost28147-89-UZ,
Gost28147-89-ParamSet,
id-Gost28147-89-TestParamSet, id-Gost28147-89-TestParamSet,
id-Gost28147-89-CryptoPro-A-ParamSet, id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet, id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet, id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet, id-Gost28147-89-CryptoPro-D-ParamSet
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
AlgorithmIdentifier AlgorithmIdentifier
FROM PKIX1Explicit88 {iso(1) identified-organization(3) FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)} id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST 28147-89 cryptographic parameter sets: -- GOST 28147-89 cryptographic parameter sets:
-- OIDs for parameter sets are imported from -- OIDs for parameter sets are imported from
-- Gost28147-89-EncryptionSyntax -- Gost28147-89-EncryptionSyntax
Gost28147-89-ParamSetParameters ::= Gost28147-89-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
eUZ Gost28147-89-UZ, eUZ Gost28147-89-UZ,
mode INTEGER { mode INTEGER {
gost28147-89-CNT(0), gost28147-89-CNT(0),
gost28147-89-CFB(1), gost28147-89-CFB(1),
cryptoPro-CBC(2) cryptoPro-CBC(2)
}, },
shiftBits INTEGER { gost28147-89-block(64) }, shiftBits INTEGER { gost28147-89-block(64) },
keyWrap AlgorithmIdentifier,
keyMeshing AlgorithmIdentifier keyMeshing AlgorithmIdentifier
} }
Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-TestParamSet } | id-Gost28147-89-TestParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-A-ParamSet } | id-Gost28147-89-CryptoPro-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-B-ParamSet } | id-Gost28147-89-CryptoPro-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-C-ParamSet } | id-Gost28147-89-CryptoPro-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY { Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-D-ParamSet } | id-Gost28147-89-CryptoPro-D-ParamSet }
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-A-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-B-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-C-ParamSet } |
{ Gost28147-89-ParamSetParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-Simple-D-ParamSet }
}
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
} }
id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) } { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }
id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyMeshing(14) none(0) } { id-CryptoPro-algorithms keyMeshing(14) none(0) }
Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-KeyMeshingAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } | { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
{ NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing } { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
} }
-- GOST 28147-89 cryptographic parameter set: values
-- Test parameter set
gost28147-89-UZ-Test Gost28147-89-UZ ::=
'4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896003970C798AA1D55
DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB03F22165B844D8'H
gost28147-89-TestParamSetAI
AlgorithmIdentifier ::= {
algorithm
id-Gost28147-89-TestParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-Test,
mode gost28147-89-CNT,
shiftBits 64,
keyWrap { algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing { algorithm id-Gost28147-89-None-KeyMeshing
}
}
}
-- CryptoPro parameter sets
gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 9 3 E E B 3 1 B
-- 6 7 4 7 5 A D A
-- 3 E 6 A 1 D 2 F
-- 2 9 2 C 9 C 9 5
-- 8 8 B D 8 1 7 0
-- B A 3 1 D 2 A C
-- 1 F D 3 F 0 6 E
-- 7 0 8 9 0 B 0 8
-- A 5 C 0 E 7 8 6
-- 4 2 F 2 4 5 C 2
-- E 6 5 B 2 9 4 3
-- F C A 4 3 4 5 9
-- C B 0 F C 8 F 1
-- 0 4 7 8 7 F 3 7
-- D D 1 5 A E B D
-- 5 1 9 6 6 6 E 4
'93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70890B0
8A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD519666E4'H
gost28147-89-CryptoPro-A-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-A-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWr
ap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 8 0 E 7 2 8 5 0
-- 4 1 C 5 7 3 2 4
-- B 2 0 0 C 2 A B
-- 1 A A D F 6 B E
-- 3 4 9 B 9 4 9 8
-- 5 D 2 6 5 D 1 3
-- 0 5 D 1 A E C 7
-- 9 C B 2 B B 3 1
-- 2 9 7 3 1 C 7 A
-- E 7 5 A 4 1 4 2
-- A 3 8 C 0 7 D 9
-- C F F F D F 0 6
-- D B 3 4 6 A 6 F
-- 6 8 6 E 8 0 F D
-- 7 6 1 9 E 9 8 5
-- F E 4 8 3 5 E C
'80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79CB2BB3
129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE4835EC'H
gost28147-89-CryptoPro-B-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-B-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWr
ap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 1 0 8 3 8 C A 7
-- B 1 2 6 D 9 9 4
-- C 7 5 0 B B 6 0
-- 2 D 0 1 0 1 8 5
-- 9 B 4 5 4 8 D A
-- D 4 9 D 5 E E 2
-- 0 5 F A 1 2 2 F
-- F 2 A 8 2 4 0 E
-- 4 8 3 B 9 7 F C
-- 5 E 7 2 3 3 3 6
-- 8 F C 9 C 6 5 1
-- E C D 7 E 5 B B
-- A 9 6 E 6 A 4 D
-- 7 A E F F 0 1 9
-- 6 6 1 C A F C 3
-- 3 3 B 4 7 D 7 8
'10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2A8240
E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47D78'H
gost28147-89-CryptoPro-C-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-C-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWr
ap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::=
-- K1 K2 K3 K4 K5 K6 K7 K8
-- F B 1 1 0 8 3 1
-- C 6 C 5 C 0 0 A
-- 2 3 B E 8 F 6 6
-- A 4 0 C 9 3 F 8
-- 6 C F A D 2 1 F
-- 4 F E 7 2 5 E B
-- 5 E 6 0 A E 9 0
-- 0 2 5 D B B 2 4
-- 7 7 A 6 7 1 D C
-- 9 D D 2 3 A 8 3
-- E 8 4 B 6 4 C 5
-- D 0 8 4 5 7 4 9
-- 1 5 9 9 4 C B 7
-- B A 3 3 E 9 A D
-- 8 9 7 F F D 5 2
-- 3 1 2 8 1 6 7 E'H
'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE90025DBB2
477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD523128167E'H
gost28147-89-CryptoPro-D-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-D-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-CryptoPro-KeyWr
ap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-CryptoPro-Simple-A-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-A,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-CryptoPro-Simple-B-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-B,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-CryptoPro-Simple-C-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-C,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
--
gost28147-89-CryptoPro-Simple-D-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-Gost28147-89-CryptoPro-Simple-D-ParamSet,
parameters
Gost28147-89-ParamSetParameters:{
eUZ gost28147-89-UZ-CryptoPro-D,
mode gost28147-89-CFB,
shiftBits 64,
keyWrap
{ algorithm id-Gost28147-89-None-KeyWrap },
keyMeshing
{ algorithm id-Gost28147-89-CryptoPro-KeyMe
shing }
}
}
END -- Gost28147-89-ParamSetSyntax END -- Gost28147-89-ParamSetSyntax
10.4 GostR3411-94-DigestSyntax 10.4 GostR3411-94-DigestSyntax
GostR3411-94-DigestSyntax GostR3411-94-DigestSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 } other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-hashes, id-CryptoPro-algorithms, id-CryptoPro-hashes,
gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-Data, Gost28147-89-UZ
FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax
; ;
-- GOST R 34.11-94 OID -- GOST R 34.11-94 OID
id-GostR3411-94 OBJECT IDENTIFIER ::= id-GostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3411-94(9) } { id-CryptoPro-algorithms gostR3411-94(9) }
-- GOST R 34.11-94 cryptographic parameter set OIDs -- GOST R 34.11-94 cryptographic parameter set OIDs
id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes test(0) } { id-CryptoPro-hashes test(0) }
id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::= id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-hashes cryptopro(1) } { id-CryptoPro-hashes cryptopro(1) }
-- GOST R 34.11-94 data types -- GOST R 34.11-94 data types
GostR3411-94-Data ::= Gost28147-89-Data
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
-- GOST R 34.11-94 digest algorithm & parameters -- GOST R 34.11-94 digest algorithm & parameters
GostR3411-94-DigestParameters ::= GostR3411-94-DigestParameters ::=
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | id-GostR3411-94-TestParamSet |
-- Only for testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
) )
GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-GostR3411-94 } | { NULL IDENTIFIED BY id-GostR3411-94 } |
skipping to change at page 28, line 4 skipping to change at page 21, line 44
-- Only for testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
) )
GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY id-GostR3411-94 } | { NULL IDENTIFIED BY id-GostR3411-94 } |
-- Assume id-GostR3411-94-CryptoProParamSet -- Assume id-GostR3411-94-CryptoProParamSet
{ GostR3411-94-DigestParameters { GostR3411-94-DigestParameters
IDENTIFIED BY id-GostR3411-94 } IDENTIFIED BY id-GostR3411-94 }
} }
END -- GostR3411-94-DigestSyntax END -- GostR3411-94-DigestSyntax
10.5 GostR3411-94-ParamSetSyntax 10.5 GostR3411-94-ParamSetSyntax
GostR3411-94-ParamSetSyntax GostR3411-94-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 } other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-hashes,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER, gostR3411-94-DigestSyntax,
cryptographic-Gost-Useful-Definitions ALGORITHM-IDENTIFIER
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
Gost28147-89-UZ Gost28147-89-UZ
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet, id-GostR3411-94-CryptoProParamSet,
GostR3411-94-Digest GostR3411-94-Digest
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax
AlgorithmIdentifier gostR3411-94-DigestSyntax
FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST R 34.11-94 cryptographic parameter sets: -- GOST R 34.11-94 cryptographic parameter sets:
-- OIDs for parameter sets are imported from GostR3411-94-DigestS -- OIDs for parameter sets are imported from
yntax -- GostR3411-94-DigestSyntax
GostR3411-94-ParamSetParameters ::= GostR3411-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
hUZ Gost28147-89-UZ, -- S-Box for digest hUZ Gost28147-89-UZ, -- S-Box for digest
h0 GostR3411-94-Digest -- initial digest value h0 GostR3411-94-Digest -- initial digest value
} }
GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-TestParamSet id-GostR3411-94-TestParamSet
} | } |
{ GostR3411-94-ParamSetParameters IDENTIFIED BY { GostR3411-94-ParamSetParameters IDENTIFIED BY
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
} }
} }
-- GOST R 34.11-94 Tests parameter set
-- (GOST R 34.11-94 Annex A. Test vector)
gostR3411TestParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3411-94-TestParamSet,
parameters
GostR3411-94-ParamSetParameters:{
hUZ
-- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
-- 4 E 5 7 6 4 D 1
-- A B 8 D C B B F
-- 9 4 1 A 7 A 4 D
-- 2 C D 1 1 0 1 0
-- D 6 A 0 5 7 3 5
-- 8 D 3 8 F 2 F 7
-- 0 F 4 9 D 1 5 A
-- E A 2 F 8 D 9 4
-- 6 2 E E 4 3 0 9
-- B 3 F 4 A 6 A 2
-- 1 8 C 6 9 8 E 3
-- C 1 7 C E 5 7 E
-- 7 0 6 B 0 9 6 6
-- F 7 0 2 3 C 8 B
-- 5 5 9 5 B F 2 8
-- 3 9 B 3 2 E C C
'4E5764D1AB8DCBBF941A7A4D2CD11010D6A057358
D38F2F70F49D15AEA2F8D9462EE4309B3F4A6A218C698E3C17CE57E706B0966F702
3C8B5595BF2839B32ECC'H,
h0 '00000000000000000000000000000000000000000
00000000000000000000000'H
}
}
-- CryptoPro parameters
gostR3411CryptoProParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3411-94-CryptoProParamSet,
parameters
GostR3411-94-ParamSetParameters:{
hUZ
-- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
-- A 5 7 4 7 7 D 1
-- 4 F F A 6 6 E 3
-- 5 4 C 7 4 2 4 A
-- 6 0 E C B 4 1 9
-- 8 2 9 0 9 D 7 5
-- 1 D 4 F C 9 0 B
-- 3 B 1 2 2 F 5 4
-- 7 9 0 8 A 0 A F
-- D 1 3 E 1 A 3 8
-- C 7 B 1 8 1 C 6
-- E 6 5 6 0 5 8 7
-- 0 3 2 5 E B F E
-- 9 C 6 D F 8 6 D
-- 2 E A B D E 2 0
-- B A 8 9 3 C 9 2
-- F 8 D 3 5 3 B C
'A57477D14FFA66E354C7424A60ECB41982909D751
D4FC90B3B122F547908A0AFD13E1A38C7B181C6E65605870325EBFE9C6DF86D2EAB
DE20BA893C92F8D353BC'H,
h0 '00000000000000000000000000000000000000000
00000000000000000000000'H
}
}
END -- GostR3411-94-ParamSetSyntax END -- GostR3411-94-ParamSetSyntax
10.6 GostR3410-94-PKISyntax 10.6 GostR3410-94-PKISyntax
GostR3410-94-PKISyntax GostR3410-94-PKISyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-94-PKISyntax(2) 1 } other(1) modules(1) gostR3410-94-PKISyntax(2) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
skipping to change at page 31, line 8 skipping to change at page 23, line 26
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-signs, id-CryptoPro-exchanges, id-CryptoPro-signs, id-CryptoPro-exchanges,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER, gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-Gost28147-89-TestParamSet, Gost28147-89-ParamSet
id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
; ;
-- GOST R 34.10-94 OIDs -- GOST R 34.10-94 OIDs
id-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3410-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-94(20) } { id-CryptoPro-algorithms gostR3410-94(20) }
id-GostR3410-94DH OBJECT IDENTIFIER ::= id-GostR3410-94DH OBJECT IDENTIFIER ::=
skipping to change at page 31, line 42 skipping to change at page 24, line 4
id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs test(0) } { id-CryptoPro-signs test(0) }
id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-A(2) } { id-CryptoPro-signs cryptopro-A(2) }
id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-B(3) } { id-CryptoPro-signs cryptopro-B(3) }
id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-C(4) } { id-CryptoPro-signs cryptopro-C(4) }
id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-signs cryptopro-D(5) } { id-CryptoPro-signs cryptopro-D(5) }
id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchA(1) } { id-CryptoPro-exchanges cryptopro-XchA(1) }
id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchB(2) } { id-CryptoPro-exchanges cryptopro-XchB(2) }
id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::= id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::=
{ id-CryptoPro-exchanges cryptopro-XchC(3) } { id-CryptoPro-exchanges cryptopro-XchC(3) }
-- GOST R 34.10-94 data types -- GOST R 34.10-94 data types
GostR3410-94-CertificateSignature ::= GostR3410-94-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-94-PublicKeyOctetString ::= GostR3410-94-PublicKey ::=
OCTET STRING ( SIZE( OCTET STRING ( SIZE(
64 | -- Only for testing purposes 64 | -- Only for testing purposes
128 128
) ) ) )
GostR3410-94-PublicKey ::=
BIT STRING ( SIZE(16..1048) )
-- Container for GostR3410-94-PublicKeyOctetString
GostR3410-94-PublicKeyParameters ::= GostR3410-94-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-94-TestParamSet | id-GostR3410-94-TestParamSet |
-- Only for testing purposes -- Only for testing purposes
id-GostR3410-94-CryptoPro-A-ParamSet | id-GostR3410-94-CryptoPro-A-ParamSet |
id-GostR3410-94-CryptoPro-B-ParamSet | id-GostR3410-94-CryptoPro-B-ParamSet |
id-GostR3410-94-CryptoPro-C-ParamSet | id-GostR3410-94-CryptoPro-C-ParamSet |
id-GostR3410-94-CryptoPro-D-ParamSet | id-GostR3410-94-CryptoPro-D-ParamSet |
id-GostR3410-94-CryptoPro-XchA-ParamSet | id-GostR3410-94-CryptoPro-XchA-ParamSet |
id-GostR3410-94-CryptoPro-XchB-ParamSet | id-GostR3410-94-CryptoPro-XchB-ParamSet |
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchC-ParamSet
), ),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | id-GostR3411-94-TestParamSet |
-- Only for testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
), ),
encryptionParamSet encryptionParamSet Gost28147-89-ParamSet OPTIONAL
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet |
-- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL
} }
GostR3410-94-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } id-GostR3410-94 }
} }
GostR3410-94-CertificateSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY
id-GostR3411-94-with-GostR3410-94 } |
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3411-94-with-GostR3410-94 }
}
END -- GostR3410-94-PKISyntax END -- GostR3410-94-PKISyntax
10.7 GostR3410-94-ParamSetSyntax 10.7 GostR3410-94-ParamSetSyntax
GostR3410-94-ParamSetSyntax GostR3410-94-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 } other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
skipping to change at page 33, line 51 skipping to change at page 25, line 39
id-GostR3410-94-CryptoPro-XchA-ParamSet, id-GostR3410-94-CryptoPro-XchA-ParamSet,
id-GostR3410-94-CryptoPro-XchB-ParamSet, id-GostR3410-94-CryptoPro-XchB-ParamSet,
id-GostR3410-94-CryptoPro-XchC-ParamSet id-GostR3410-94-CryptoPro-XchC-ParamSet
FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax
AlgorithmIdentifier AlgorithmIdentifier
FROM PKIX1Explicit88 {iso(1) identified-organization(3) FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)} id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- GOST R 34.10-94 public key parameter sets: -- GOST R 34.10-94 public key parameter sets:
-- OIDs for parameter sets are imported from GostR3410-94-PKISynt -- OIDs for parameter sets are imported from
-- GostR3410-94-PKISyntax
ax GostR3410-94-ParamSetParameters-t ::= INTEGER (512 | 1024)
-- 512 - only for testing purposes
GostR3410-94-ParamSetParameters ::= GostR3410-94-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
t INTEGER (512 | 1024), t GostR3410-94-ParamSetParameters-t,
-- 512 - only for testing purposes p INTEGER, -- 2^1020 < p < 2^1024 or 2^509 < p < 2^512
p INTEGER ( q INTEGER, -- 2^254 < q < 2^256
1675975991242824637446753124775730765934920 a INTEGER, -- 1 < a < p-1 < 2^1024-1
7275740491722154451804652205037591933721002342872708629284612539822
73310756356719235351493321243304206125760513
..
1340780792994259709957402499820584612747936
5820592393377723561443721764030073546976801874298166903427690031858
186486050853753882811946569946433649006084095
|
1123558209288947442330815744243140458511235
6118389416079589380072358292237843810195794279832650471001320007117
4919620848536743605509010389058029644149671327736104933390540928297
6888872507788088246581768450531286055238441764640393009211956940880
1702322709406917786643639996702871154982269052209770601514008577
..
1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137215
),
-- 2^509 < p < 2^512 or 2^1020 < p < 2^1024
q INTEGER (
2894802230932904885589274625217197696331749
6166410141009864396001978282409985
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
),
-- 2^254 < q < 2^256
a INTEGER (
2
..
1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137214
),
-- 1 < a < p-1 < 2^1024-1
validationAlgorithm validationAlgorithm
AlgorithmIdentifier OPTIONAL AlgorithmIdentifier OPTIONAL
-- {{ GostR3410-94-ValidationAlgorithms }} -- {{ GostR3410-94-ValidationAlgorithms }}
} }
GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-TestParamSet } | id-GostR3410-94-TestParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-A-ParamSet } | id-GostR3410-94-CryptoPro-A-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
id-GostR3410-94-CryptoPro-B-ParamSet } | id-GostR3410-94-CryptoPro-B-ParamSet } |
{ GostR3410-94-ParamSetParameters IDENTIFIED BY { GostR3410-94-ParamSetParameters IDENTIFIED BY
skipping to change at page 35, line 33 skipping to change at page 26, line 33
} }
-- GOST R 34.10-94 validation/constructor -- GOST R 34.10-94 validation/constructor
id-GostR3410-94-a OBJECT IDENTIFIER ::= id-GostR3410-94-a OBJECT IDENTIFIER ::=
{ id-GostR3410-94 a(1) } { id-GostR3410-94 a(1) }
id-GostR3410-94-aBis OBJECT IDENTIFIER ::= id-GostR3410-94-aBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 aBis(2) } { id-GostR3410-94 aBis(2) }
id-GostR3410-94-b OBJECT IDENTIFIER ::= id-GostR3410-94-b OBJECT IDENTIFIER ::=
{ id-GostR3410-94 b(3) } { id-GostR3410-94 b(3) }
id-GostR3410-94-bBis OBJECT IDENTIFIER ::= id-GostR3410-94-bBis OBJECT IDENTIFIER ::=
{ id-GostR3410-94 bBis(4) } { id-GostR3410-94 bBis(4) }
GostR3410-94-ValidationParameters-c ::=
INTEGER (0 .. 65535)
GostR3410-94-ValidationParameters ::= GostR3410-94-ValidationParameters ::=
SEQUENCE { SEQUENCE {
x0 INTEGER (0 .. 65535), x0 GostR3410-94-ValidationParameters-c,
c INTEGER (0 .. 65535), c GostR3410-94-ValidationParameters-c,
d INTEGER ( d INTEGER OPTIONAL -- 1 < d < p-1 < 2^1024-1
2
..
1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137214
) -- 1 < d < p-1 < 2^1024-1
OPTIONAL
} }
GostR3410-94-ValidationBisParameters-c ::=
INTEGER (0 .. 4294967295)
GostR3410-94-ValidationBisParameters ::= GostR3410-94-ValidationBisParameters ::=
SEQUENCE { SEQUENCE {
x0 INTEGER (0 .. 4294967295), x0 GostR3410-94-ValidationBisParameters-c,
c INTEGER (0 .. 4294967295), c GostR3410-94-ValidationBisParameters-c,
d INTEGER ( d INTEGER OPTIONAL -- 1 < d < p-1 < 2^1024-1
2
..
1797693134862315907729305190789024733617976
9789423065727343008115773267580550096313270847732240753602112011387
9871393357658789768814416622492847430639474124377767893424865485276
3022196012460941194530829520850057688381506823424628814739131105408
27237163350510684586298239947245938479716304835356329624224137214
) -- 1 < d < p-1 < 2^1024-1
OPTIONAL
} }
GostR3410-94-ValidationAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-ValidationAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-ValidationParameters IDENTIFIED BY { GostR3410-94-ValidationParameters IDENTIFIED BY
id-GostR3410-94-a } | id-GostR3410-94-a } |
{ GostR3410-94-ValidationBisParameters IDENTIFIED BY { GostR3410-94-ValidationBisParameters IDENTIFIED BY
id-GostR3410-94-aBis } | id-GostR3410-94-aBis } |
{ GostR3410-94-ValidationParameters IDENTIFIED BY { GostR3410-94-ValidationParameters IDENTIFIED BY
id-GostR3410-94-b } | id-GostR3410-94-b } |
{ GostR3410-94-ValidationBisParameters IDENTIFIED BY { GostR3410-94-ValidationBisParameters IDENTIFIED BY
id-GostR3410-94-bBis } id-GostR3410-94-bBis }
} }
-- GOST R 34.10-94 keys parameter sets
-- GOST R 34.10-94 Tests parameter set
-- (GOST R 34.10-94 Annex A. Test vector)
gostR3410-94-TestParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-TestParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 512,
p 124915547966163973920072918453616810199
8078908472884630401364679546630263334642577236927706463888185842887
9662416202925770315709968465491470753112581700067,
q 690083979912374782185295287117535788574
64356221556536838757636132646301588781,
a 830582195677962819385275050881175724488
9982632821843521491035713173371468528798753831744267407230704527461
062321732669034432746173786958142572929772413468,
validationAlgorithm {
algorithm
id-GostR3410-94-a,
parameters
GostR3410-94-ValidationParameters: {
x0 24265,
c 29505,
d 2
}
}
}
}
-- CryptoPro parameters
gostR3410-94-CryptoPro-A-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-A-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 127021248288932417465907042777176443525
7876535089165358128175072657050312609850984974231883334834011809259
9999512098893413065920561499672425412104927434935707492031276956145
1689224110579311248812610229678534638401693520013288995000362260684
2227508135323070045173416336850045410625869714168836867788425378203
83,
q 683631961449557007844441656118272528951
02170888761442055095051287550314083023,
a 100997906755055304772081815535925224869
8410825720534578748235158755771479905292727772441528526992987964833
5669968284202797289605274717317548059048560713474685214192868091256
1502802222185647539190902656116367847270145019066794290930185446216
3997308722217328898303231940973554032134009725883228768509467406639
62,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 1376285941,
c 3996757427
}
}
}
}
--
gostR3410-94-CryptoPro-B-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-B-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 139454871199115825601409655107690713107
0417070599280317977580014543757653577229840941243685222882398330391
1468164807668823692122073732267216074074777170091113455043205380464
7694904686120113087816240740184800477047157336662926249423571248823
9685422217536601433914856808405203368594584948031873412885804895251
63,
q 798851416634109768976271189357563237473
07951916507639758300472692338873533959,
a 429418261486158041438734477379555023926
7234596860714306679811299408947123142002706038521669956384871995765
7284814898909770759462613437669456364882730370838934791080835932647
9767786019153434744009610342313166725786869204821949328786333602033
8479709268434224762105576023501613261478065276102850944540333865234
1,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 1536654555,
c 1855361757,
d 144086293861400145676554902
9392820565478578022414617829967020177130599747551043947399151406115
2847910244390627357883427448541206016603039262038677035568280058957
203818114895398976594425537561271800850306
}
}
}
}
--
gostR3410-94-CryptoPro-C-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-C-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 110624679233511963040518952417017040248
5862954819831383774196396298584395948970608956170224210628525560327
8638246716655439297654402921844747893079518669992827880792192992701
1428546551433875806377110443534293554066712653034996277099320715774
3542287621283671843703709141350171945045805050291770503634517804938
01,
q 113468861199819350564868233378875198043
267947776488510997961231672532899549103,
a 816552717970881016017893191415300348226
2544051353358162468249467681876621283478212884286545844013955142622
2087723485023722868022275009502224827866201744494021697716482008353
6398202298024892620480898699335508064332313529725332208819456895108
5155178100221003459370588291073071186553005962149936840737128710832
3,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 1132758852,
c 3037364845,
d 9175906676429839327
}
}
}
}
--
gostR3410-94-CryptoPro-D-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-D-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 905457649621929965904290958774625315611
3056083907389766971404812524422262512556054474620855996091570786713
5849550236741915584185990627801066465809510095784713989819413820871
5964648914493053407920737078890520482730623038837767710173664838239
8574828787891286471201460474326612697849693665518073864436497893214
9,
q 108988435796353506912374591498972192620
190487557619582334771735390599299211593,
a 756976611021707301782128757801610628085
5283803109571158829574281419208532589041660017017859858216341400371
4687551412794400562878935266630754392677014598582103365983119173924
4732511225464712252386803315902707727668715343476086350472025298282
7271461690125050616858238384366331089777463541013033926723743254833
7,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 333089693,
c 2699681355,
d 691588776390130148119174466
5240278894786443822142755842460366243252
}
}
}
}
--
gostR3410-94-CryptoPro-XchA-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-XchA-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 142011741597563481196368286022318089743
2761383952437387628725734419274593935127189736311660784676003608489
4662356762579528277471921224192907104613420838063639408451269182889
4000571524625445295769349356752728956831541775441763139384457191755
0968471078465956625479423122933384839245143396147277606818806097342
39,
q 917715298965546059455881490183827502172
96858393520724172743325725474374979801,
a 133531813272720673433859519948319001217
9423759678474868994823595993696425287347124615904033277318214103280
1252925387191478859899310331056774413619636480306472137782665689868
6468463277710150809401182608770201615324990468332931294920912776241
1378780302243557466062839716593764268326742697808800616315281634758
87,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 3495862036,
c 1177570399,
d 354788961024091889513964706
4772083281962391865341410582282334567466222018672580177997251216990
5264460862437764160334831107459
}
}
}
}
--
gostR3410-94-CryptoPro-XchB-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-XchB-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 102894612662499485967655207436053031521
7970499989304888248413244847492302275847016799887100360467070487737
7286176171227694098633153908956878412911010951269050334539386987129
5783467257264868341720019662986056119366675242968236739708481517975
2036423595736533689573920617698552845939650425308950460880671602694
33,
q 910967139180262691658231805060355567362
87694981825930883887968885281641595199,
a 889086472782842315169999580187575789103
1463338652579140051973659304813144068585706736982940794774449630665
6291505503608252399443790027238674914599623086783222866197754399281
6745254823298629859875357546628605173883785473616768576901778033580
4511440773337196253842353291939447787366475282450998661787899244317
7,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 2046851076,
c 3541716983,
d 573326676109894760566159697
28891533566058787317492748441827236576904274546146
}
}
}
}
--
gostR3410-94-CryptoPro-XchC-ParamSetAI
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-94-CryptoPro-XchC-ParamSet,
parameters
GostR3410-94-ParamSetParameters:{
t 1024,
p 124699636699347751360714726579406443620
3408861395055989217248455729987073769899965148066236472399285932086
8822848751165438350943327664722262594061556058045004094721182602772
9977563540237169063044807971577164944777844700059741903245772222625
3269698374446528353527293043937461065763833491510017159309241154995
49,
q 678787613733659123438029502006568252711
81294680501479431146754294748422492761,
a 443061846429758418247313503080985932686
3990650118941756995270074860997318142695023523962323911055745082691
9295792878938752101867704718162325102751695310043185596483760265782
7828194249605561893696586532551313719448313624777365346841011879674
0709840825496997937556072234510670472108602597930996876319307290833
4,
validationAlgorithm {
algorithm
id-GostR3410-94-bBis,
parameters
GostR3410-94-ValidationBisParameters: {
x0 371898640,
c 2482514131,
d 393411701713094918946116909
229454740026575590650016887148241594213466186452691964676993
}
}
}
}
END -- GostR3410-94-ParamSetSyntax END -- GostR3410-94-ParamSetSyntax
10.8 GostR3410-2001-PKISyntax 10.8 GostR3410-2001-PKISyntax
GostR3410-2001-PKISyntax GostR3410-2001-PKISyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 } other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
skipping to change at page 42, line 47 skipping to change at page 27, line 40
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges, id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER, gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-Gost28147-89-TestParamSet, Gost28147-89-ParamSet
id-Gost28147-89-CryptoPro-A-ParamSet,
id-Gost28147-89-CryptoPro-B-ParamSet,
id-Gost28147-89-CryptoPro-C-ParamSet,
id-Gost28147-89-CryptoPro-D-ParamSet,
id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
id-GostR3411-94-TestParamSet, id-GostR3411-94-TestParamSet,
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
; ;
-- GOST R 34.10-2001 OIDs -- GOST R 34.10-2001 OIDs
id-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3410-2001 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostR3410-2001(19) } { id-CryptoPro-algorithms gostR3410-2001(19) }
id-GostR3410-2001DH OBJECT IDENTIFIER ::= id-GostR3410-2001DH OBJECT IDENTIFIER ::=
skipping to change at page 43, line 40 skipping to change at page 28, line 26
{ id-CryptoPro-ecc-signs cryptopro-C(3) } { id-CryptoPro-ecc-signs cryptopro-C(3) }
id-GostR3410-2001-CryptoPro-XchA-ParamSet id-GostR3410-2001-CryptoPro-XchA-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-exchanges cryptopro-XchA(0) } { id-CryptoPro-ecc-exchanges cryptopro-XchA(0) }
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
OBJECT IDENTIFIER ::= OBJECT IDENTIFIER ::=
{ id-CryptoPro-ecc-exchanges cryptopro-XchB(1) } { id-CryptoPro-ecc-exchanges cryptopro-XchB(1) }
-- GOST R 34.10-2001 Data Types -- GOST R 34.10-2001 Data Types
GostR3410-2001-CertificateSignature ::= GostR3410-2001-CertificateSignature ::=
BIT STRING ( SIZE(256..512) ) BIT STRING ( SIZE(256..512) )
GostR3410-2001-PublicKeyOctetString ::=
OCTET STRING ( SIZE(64) )
GostR3410-2001-PublicKey ::= GostR3410-2001-PublicKey ::=
BIT STRING ( SIZE(16..524) ) OCTET STRING ( SIZE(64) )
-- Container for GostR3410-2001-PublicKeyOctetString
GostR3410-2001-PublicKeyParameters ::= GostR3410-2001-PublicKeyParameters ::=
SEQUENCE { SEQUENCE {
publicKeyParamSet publicKeyParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3410-2001-TestParamSet | id-GostR3410-2001-TestParamSet |
-- Only for testing purposes -- Only for testing purposes
id-GostR3410-2001-CryptoPro-A-ParamSet | id-GostR3410-2001-CryptoPro-A-ParamSet |
id-GostR3410-2001-CryptoPro-B-ParamSet | id-GostR3410-2001-CryptoPro-B-ParamSet |
id-GostR3410-2001-CryptoPro-C-ParamSet | id-GostR3410-2001-CryptoPro-C-ParamSet |
id-GostR3410-2001-CryptoPro-XchA-ParamSet | id-GostR3410-2001-CryptoPro-XchA-ParamSet |
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
), ),
digestParamSet digestParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-GostR3411-94-TestParamSet | id-GostR3411-94-TestParamSet |
-- Only for testing purposes -- Only for testing purposes
id-GostR3411-94-CryptoProParamSet id-GostR3411-94-CryptoProParamSet
), ),
encryptionParamSet encryptionParamSet Gost28147-89-ParamSet OPTIONAL
OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet |
-- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet
) OPTIONAL
} }
GostR3410-2001-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-2001-PublicKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
GostR3410-2001-CertificateSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= {
{ NULL IDENTIFIED BY
id-GostR3411-94-with-GostR3410-2001 } |
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3411-94-with-GostR3410-2001 }
}
END -- GostR3410-2001-PKISyntax END -- GostR3410-2001-PKISyntax
10.9 GostR3410-2001-ParamSetSyntax 10.9 GostR3410-2001-ParamSetSyntax
GostR3410-2001-ParamSetSyntax GostR3410-2001-ParamSetSyntax
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 } other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 }
DEFINITIONS ::= DEFINITIONS ::=
BEGIN BEGIN
-- EXPORTS All -- -- EXPORTS All --
-- The types and values defined in this module are exported for -- The types and values defined in this module are exported for
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms,
id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER, gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-2001, id-GostR3410-2001,
id-GostR3410-2001-TestParamSet, id-GostR3410-2001-TestParamSet,
id-GostR3410-2001-CryptoPro-A-ParamSet, id-GostR3410-2001-CryptoPro-A-ParamSet,
id-GostR3410-2001-CryptoPro-B-ParamSet, id-GostR3410-2001-CryptoPro-B-ParamSet,
id-GostR3410-2001-CryptoPro-C-ParamSet, id-GostR3410-2001-CryptoPro-C-ParamSet,
id-GostR3410-2001-CryptoPro-XchA-ParamSet, id-GostR3410-2001-CryptoPro-XchA-ParamSet,
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet
FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax
AlgorithmIdentifier
FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)}
; ;
GostR3410-2001-ParamSetParameters ::= GostR3410-2001-ParamSetParameters ::=
SEQUENCE { SEQUENCE {
a INTEGER ( a INTEGER, -- 0 < a < p < 2^256
1 b INTEGER, -- 0 < b < p < 2^256
.. p INTEGER, -- 2^254 < p < 2^256
1157920892373161954235709850086879078532699 q INTEGER, -- 2^254 < q < 2^256
84665640564039457584007913129639935 x INTEGER, -- 0 < x < p < 2^256
), -- 0 < a < p < 2^256 y INTEGER -- 0 < y < p < 2^256
b INTEGER (
1
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
), -- 0 < b < p < 2^256
p INTEGER (
2894802230932904885589274625217197696331749
6166410141009864396001978282409985
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
), -- 2^254 < p < 2^256
q INTEGER (
2894802230932904885589274625217197696331749
6166410141009864396001978282409985
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
), -- 2^254 < q < 2^256
x INTEGER (0
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
), -- 0 < x < p < 2^256
y INTEGER (0
..
1157920892373161954235709850086879078532699
84665640564039457584007913129639935
) -- 0 < y < p < 2^256
} }
-- GOST R 34.10-2001 public key parameter set: -- GOST R 34.10-2001 public key parameter set:
-- OIDs for parameter sets are imported from GostR3410-2001-PKISy -- OIDs for parameter sets are imported from
ntax -- GostR3410-2001-PKISyntax
GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= { GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-TestParamSet } | id-GostR3410-2001-TestParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-A-ParamSet } | id-GostR3410-2001-CryptoPro-A-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-B-ParamSet } | id-GostR3410-2001-CryptoPro-B-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-C-ParamSet } | id-GostR3410-2001-CryptoPro-C-ParamSet } |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchA-ParamSet id-GostR3410-2001-CryptoPro-XchA-ParamSet } |
} |
{ GostR3410-2001-ParamSetParameters IDENTIFIED BY { GostR3410-2001-ParamSetParameters IDENTIFIED BY
id-GostR3410-2001-CryptoPro-XchB-ParamSet id-GostR3410-2001-CryptoPro-XchB-ParamSet }
}
} }
gostR3410-2001-TestParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-TestParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 7,
b 4330887654676727690576590459565093199594211
1794451039583252968842033849580414,
-- 5FBFF498AA938CE739B8E022FBAFEF40
-- 563F6E6A3472FC2A514C0CE9DAE23B7E
p 5789604461865809771178549250434395392663499
2332820282019728792003956564821041,
-- 80000000000000000000000000000000
-- 00000000000000000000000000000431
q 5789604461865809771178549250434395392708293
4583725450622380973592137631069619,
-- 8000000000000000000000000000000150FE8A18
92976154C59CFC193ACCF5B3
x 2,
y 4018974056590375033354494229370597756357393
89905545080690979365213431566280
-- 8E2A8A0E65147D4BD6316030E16D19C
-- 85C97F0A9CA267122B96ABBCEA7E8FC8
}
}
gostR3410-2001-CryptoPro-A-ParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-CryptoPro-A-ParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 1157920892373161954235709850086879078532699
84665640564039457584007913129639316,
-- -3 == p - 3
b 166,
-- a6
p 1157920892373161954235709850086879078532699
84665640564039457584007913129639319,
-- ffffffffffffffffffffffffffffffff
-- fffffffffffffffffffffffffffffd97
q 1157920892373161954235709850086879078530737
62908499243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff
-- 6c611070995ad10045841b09b761b893
x 1,
y 6403388114292720268364988145043347398593176
0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b76
-- 35294f2ddf23e3b122acc99c9e9f1e14
}
}
gostR3410-2001-CryptoPro-B-ParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-CryptoPro-B-ParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 5789604461865809771178549250434395392663499
2332820282019728792003956564823190,
-- -3 == p - 3
b 2809101935305809009699697900030956075912436
8558014865957655842872397301267595,
-- 3e1af419a269a5f866a7d3c25c3df80a
-- e979259373ff2b182f49d4ce7e1bbc8b
p 5789604461865809771178549250434395392663499
2332820282019728792003956564823193,
-- 80000000000000000000000000000000
-- 00000000000000000000000000000c99
q 5789604461865809771178549250434395392710213
3160255826820068844496087732066703,
-- 80000000000000000000000000000001
-- 5f700cfff1a624e5e497161bcc8a198f
x 1,
y 2879266581485461129699234745838028413502863
6778229113005756334730996303888124
-- 3fa8124359f96680b83d1c3eb2c070e5
-- c545c9858d03ecfb744bf8d717717efc
}
}
gostR3410-2001-CryptoPro-C-ParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-CryptoPro-C-ParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 7039008535208330519954771801901843784107951
6630045180471284346843705633502616,
-- -3 == p - 3
b 32858,
-- 805a
p 7039008535208330519954771801901843784107951
6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aa
-- cf846e86789051d37998f7b9022d759b
q 7039008535208330519954771801901843784092088
2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa
-- 582ca3511eddfb74f02f3a6598980bb9
x 0,
y 2981889391773124073347127324031476992724055
0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee
-- 4d4dc440d4641a8f366e550dfdb3bb67
}
}
gostR3410-2001-CryptoPro-ExA-ParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-CryptoPro-XchA-ParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 1157920892373161954235709850086879078532699
84665640564039457584007913129639316,
-- -3 == p - 3
b 166,
-- a6
p 1157920892373161954235709850086879078532699
84665640564039457584007913129639319,
-- ffffffffffffffffffffffffffffffff
-- fffffffffffffffffffffffffffffd97
q 1157920892373161954235709850086879078530737
62908499243225378155805079068850323,
-- ffffffffffffffffffffffffffffffff
-- 6c611070995ad10045841b09b761b893
x 1,
y 6403388114292720268364988145043347398593176
0268884941288852745803908878638612
-- 8d91e471e0989cda27df505a453f2b76
-- 35294f2ddf23e3b122acc99c9e9f1e14
}
}
gostR3410-2001-CryptoPro-ExB-ParamSet
AlgorithmIdentifier ::=
{
algorithm
id-GostR3410-2001-CryptoPro-XchB-ParamSet,
parameters
GostR3410-2001-ParamSetParameters:{
a 7039008535208330519954771801901843784107951
6630045180471284346843705633502616,
-- -3 == p - 3
b 32858,
-- 805a
p 7039008535208330519954771801901843784107951
6630045180471284346843705633502619,
-- 9b9f605f5a858107ab1ec85e6b41c8aa
-- cf846e86789051d37998f7b9022d759b
q 7039008535208330519954771801901843784092088
2647164081035322601458352298396601,
-- 9b9f605f5a858107ab1ec85e6b41c8aa
-- 582ca3511eddfb74f02f3a6598980bb9
x 0,
y 2981889391773124073347127324031476992724055
0812383695689146495261604565990247
-- 41ece55743711a8c3cbf3783cd08c0ee
-- 4d4dc440d4641a8f366e550dfdb3bb67
}
}
END -- GostR3410-2001-ParamSetSyntax END -- GostR3410-2001-ParamSetSyntax
11 References 11 Appendix Parameters
Parameters here are given as SEQUENCE OF AlgorithmIdentifier in ASN.1
DER encoding [X.660], stored in the same format as the examples in
[RFC 4134], and can be extracted using the same program.
If you want to extract without the program, copy all the lines
between the "|>" and "|<" markers, remove any page breaks, and remove
the "|" in the first column of each line. The result is a valid
Base64 blob that can be processed by any Base64 decoder.
11.1 Encryption algorithm parameters
For each AlgorithmIdentifier in this sequence the parameters field
contains Gost28147-89-ParamSetParameters.
0 30 480: SEQUENCE {
4 30 94: SEQUENCE {
6 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-TestParamSet
15 30 83: SEQUENCE {
17 04 64: OCTET STRING
: 4C DE 38 9C 29 89 EF B6 FF EB 56 C5 5E C2 9B 02
: 98 75 61 3B 11 3F 89 60 03 97 0C 79 8A A1 D5 5D
: E2 10 AD 43 37 5D B3 8E B4 2C 77 E7 CD 46 CA FA
: D6 6A 20 1F 70 F4 1E A4 AB 03 F2 21 65 B8 44 D8
83 02 1: INTEGER 0
86 02 1: INTEGER 64
89 30 9: SEQUENCE {
91 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-None-KeyMeshing
: }
: }
: }
100 30 94: SEQUENCE {
102 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-A-ParamSet
111 30 83: SEQUENCE {
113 04 64: OCTET STRING
-- K1 K2 K3 K4 K5 K6 K7 K8
-- 9 3 E E B 3 1 B
-- 6 7 4 7 5 A D A
-- 3 E 6 A 1 D 2 F
-- 2 9 2 C 9 C 9 5
-- 8 8 B D 8 1 7 0
-- B A 3 1 D 2 A C
-- 1 F D 3 F 0 6 E
-- 7 0 8 9 0 B 0 8
-- A 5 C 0 E 7 8 6
-- 4 2 F 2 4 5 C 2
-- E 6 5 B 2 9 4 3
-- F C A 4 3 4 5 9
-- C B 0 F C 8 F 1
-- 0 4 7 8 7 F 3 7
-- D D 1 5 A E B D
-- 5 1 9 6 6 6 E 4
: 93 EE B3 1B 67 47 5A DA 3E 6A 1D 2F 29 2C 9C 95
: 88 BD 81 70 BA 31 D2 AC 1F D3 F0 6E 70 89 0B 08
: A5 C0 E7 86 42 F2 45 C2 E6 5B 29 43 FC A4 34 59
: CB 0F C8 F1 04 78 7F 37 DD 15 AE BD 51 96 66 E4
179 02 1: INTEGER 1
182 02 1: INTEGER 64
185 30 9: SEQUENCE {
187 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-KeyMeshing
: }
: }
: }
196 30 94: SEQUENCE {
198 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-B-ParamSet
207 30 83: SEQUENCE {
209 04 64: OCTET STRING
: 80 E7 28 50 41 C5 73 24 B2 00 C2 AB 1A AD F6 BE
: 34 9B 94 98 5D 26 5D 13 05 D1 AE C7 9C B2 BB 31
: 29 73 1C 7A E7 5A 41 42 A3 8C 07 D9 CF FF DF 06
: DB 34 6A 6F 68 6E 80 FD 76 19 E9 85 FE 48 35 EC
275 02 1: INTEGER 1
278 02 1: INTEGER 64
281 30 9: SEQUENCE {
283 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-KeyMeshing
: }
: }
: }
292 30 94: SEQUENCE {
294 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-C-ParamSet
303 30 83: SEQUENCE {
305 04 64: OCTET STRING
: 10 83 8C A7 B1 26 D9 94 C7 50 BB 60 2D 01 01 85
: 9B 45 48 DA D4 9D 5E E2 05 FA 12 2F F2 A8 24 0E
: 48 3B 97 FC 5E 72 33 36 8F C9 C6 51 EC D7 E5 BB
: A9 6E 6A 4D 7A EF F0 19 66 1C AF C3 33 B4 7D 78
371 02 1: INTEGER 1
374 02 1: INTEGER 64
377 30 9: SEQUENCE {
379 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-KeyMeshing
: }
: }
: }
388 30 94: SEQUENCE {
390 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-D-ParamSet
399 30 83: SEQUENCE {
401 04 64: OCTET STRING
: FB 11 08 31 C6 C5 C0 0A 23 BE 8F 66 A4 0C 93 F8
: 6C FA D2 1F 4F E7 25 EB 5E 60 AE 90 02 5D BB 24
: 77 A6 71 DC 9D D2 3A 83 E8 4B 64 C5 D0 84 57 49
: 15 99 4C B7 BA 33 E9 AD 89 7F FD 52 31 28 16 7E
467 02 1: INTEGER 1
470 02 1: INTEGER 64
473 30 9: SEQUENCE {
475 06 7: OBJECT IDENTIFIER
: id-Gost28147-89-CryptoPro-KeyMeshing
: }
: }
: }
: }
|>Gost28147-89-ParamSetParameters.bin
|MIIB4DBeBgcqhQMCAh8AMFMEQEzeOJwpie+2/+tWxV7CmwKYdWE7ET+JYAOXDHmK
|odVd4hCtQzdds460LHfnzUbK+tZqIB9w9B6kqwPyIWW4RNgCAQACAUAwCQYHKoUD
|AgIOADBeBgcqhQMCAh8BMFMEQJPusxtnR1raPmodLyksnJWIvYFwujHSrB/T8G5w
|iQsIpcDnhkLyRcLmWylD/KQ0WcsPyPEEeH833RWuvVGWZuQCAQECAUAwCQYHKoUD
|AgIOATBeBgcqhQMCAh8CMFMEQIDnKFBBxXMksgDCqxqt9r40m5SYXSZdEwXRrsec
|srsxKXMceudaQUKjjAfZz//fBts0am9oboD9dhnphf5INewCAQECAUAwCQYHKoUD
|AgIOATBeBgcqhQMCAh8DMFMEQBCDjKexJtmUx1C7YC0BAYWbRUja1J1e4gX6Ei/y
|qCQOSDuX/F5yMzaPycZR7Nflu6luak167/AZZhyvwzO0fXgCAQECAUAwCQYHKoUD
|AgIOATBeBgcqhQMCAh8EMFMEQPsRCDHGxcAKI76PZqQMk/hs+tIfT+cl615grpAC
|Xbskd6Zx3J3SOoPoS2TF0IRXSRWZTLe6M+mtiX/9UjEoFn4CAQECAUAwCQYHKoUD
|AgIOAQ==
|<Gost28147-89-ParamSetParameters.bin
11.2 Digest algorithm parameters
For each AlgorithmIdentifier in this sequence the parameters field
contains GostR3411-94-ParamSetParameters.
0 30 226: SEQUENCE {
3 30 111: SEQUENCE {
5 06 7: OBJECT IDENTIFIER
: id-GostR3411-94-TestParamSet
14 30 100: SEQUENCE {
16 04 64: OCTET STRING
-- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
-- 4 E 5 7 6 4 D 1
-- A B 8 D C B B F
-- 9 4 1 A 7 A 4 D
-- 2 C D 1 1 0 1 0
-- D 6 A 0 5 7 3 5
-- 8 D 3 8 F 2 F 7
-- 0 F 4 9 D 1 5 A
-- E A 2 F 8 D 9 4
-- 6 2 E E 4 3 0 9
-- B 3 F 4 A 6 A 2
-- 1 8 C 6 9 8 E 3
-- C 1 7 C E 5 7 E
-- 7 0 6 B 0 9 6 6
-- F 7 0 2 3 C 8 B
-- 5 5 9 5 B F 2 8
-- 3 9 B 3 2 E C C
: 4E 57 64 D1 AB 8D CB BF 94 1A 7A 4D 2C D1 10 10
: D6 A0 57 35 8D 38 F2 F7 0F 49 D1 5A EA 2F 8D 94
: 62 EE 43 09 B3 F4 A6 A2 18 C6 98 E3 C1 7C E5 7E
: 70 6B 09 66 F7 02 3C 8B 55 95 BF 28 39 B3 2E CC
82 04 32: OCTET STRING
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: }
: }
116 30 111: SEQUENCE {
118 06 7: OBJECT IDENTIFIER
: id-GostR3411-94-CryptoProParamSet
127 30 100: SEQUENCE {
129 04 64: OCTET STRING
: A5 74 77 D1 4F FA 66 E3 54 C7 42 4A 60 EC B4 19
: 82 90 9D 75 1D 4F C9 0B 3B 12 2F 54 79 08 A0 AF
: D1 3E 1A 38 C7 B1 81 C6 E6 56 05 87 03 25 EB FE
: 9C 6D F8 6D 2E AB DE 20 BA 89 3C 92 F8 D3 53 BC
195 04 32: OCTET STRING
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: }
: }
: }
|>GostR3411-94-ParamSetParameters.bin
|MIHiMG8GByqFAwICHgAwZARATldk0auNy7+UGnpNLNEQENagVzWNOPL3D0nRWuov
|jZRi7kMJs/SmohjGmOPBfOV+cGsJZvcCPItVlb8oObMuzAQgAAAAAAAAAAAAAAAA
|AAAAAAAAAAAAAAAAAAAAAAAAAAAwbwYHKoUDAgIeATBkBECldHfRT/pm41THQkpg
|7LQZgpCddR1PyQs7Ei9UeQigr9E+GjjHsYHG5lYFhwMl6/6cbfhtLqveILqJPJL4
|01O8BCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
|<GostR3411-94-ParamSetParameters.bin
11.3 GOST R 34.10-94 public key algorithm parameters
For each AlgorithmIdentifier in this sequence the parameters field
contains GostR3410-94-ParamSetParameters.
0 30 2882: SEQUENCE {
4 30 209: SEQUENCE {
7 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-TestParamSet
16 30 197: SEQUENCE {
19 02 2: INTEGER 512
23 02 65: INTEGER
: 00 EE 81 72 AE 89 96 60 8F B6 93 59 B8 9E B8 2A
: 69 85 45 10 E2 97 7A 4D 63 BC 97 32 2C E5 DC 33
: 86 EA 0A 12 B3 43 E9 19 0F 23 17 75 39 84 58 39
: 78 6B B0 C3 45 D1 65 97 6E F2 19 5E C9 B1 C3 79
: E3
90 02 33: INTEGER
: 00 98 91 5E 7E C8 26 5E DF CD A3 1E 88 F2 48 09
: DD B0 64 BD C7 28 5D D5 0D 72 89 F0 AC 6F 49 DD
: 2D
125 02 65: INTEGER
: 00 9E 96 03 15 00 C8 77 4A 86 95 82 D4 AF DE 21
: 27 AF AD 25 38 B4 B6 27 0A 6F 7C 88 37 B5 0D 50
: F2 06 75 59 84 A4 9E 50 93 04 D6 48 BE 2A B5 AA
: B1 8E BE 2C D4 6A C3 D8 49 5B 14 2A A6 CE 23 E2
: 1C
192 30 22: SEQUENCE {
194 06 7: OBJECT IDENTIFIER id-GostR3410-94-a
203 30 11: SEQUENCE {
205 02 2: INTEGER 24265
209 02 2: INTEGER 29505
213 02 1: INTEGER 2
: }
: }
: }
: }
216 30 342: SEQUENCE {
220 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-A-ParamSet
229 30 329: SEQUENCE {
233 02 2: INTEGER 1024
237 02 129: INTEGER
: 00 B4 E2 5E FB 01 8E 3C 8B 87 50 5E 2A 67 55 3C
: 5E DC 56 C2 91 4B 7E 4F 89 D2 3F 03 F0 33 77 E7
: 0A 29 03 48 9D D6 0E 78 41 8D 3D 85 1E DB 53 17
: C4 87 1E 40 B0 42 28 C3 B7 90 29 63 C4 B7 D8 5D
: 52 B9 AA 88 F2 AF DB EB 28 DA 88 69 D6 DF 84 6A
: 1D 98 92 4E 92 55 61 BD 69 30 0B 9D DD 05 D2 47
: B5 92 2D 96 7C BB 02 67 18 81 C5 7D 10 E5 EF 72
: D3 E6 DA D4 22 3D C8 2A A1 F7 D0 29 46 51 A4 80
: DF
369 02 33: INTEGER
: 00 97 24 32 A4 37 17 8B 30 BD 96 19 5B 77 37 89
: AB 2F FF 15 59 4B 17 6D D1 75 B6 32 56 EE 5A F2
: CF
404 02 129: INTEGER
: 00 8F D3 67 31 23 76 54 BB E4 1F 5F 1F 84 53 E7
: 1C A4 14 FF C2 2C 25 D9 15 30 9E 5D 2E 62 A2 A2
: 6C 71 11 F3 FC 79 56 8D AF A0 28 04 2F E1 A5 2A
: 04 89 80 5C 0D E9 A1 A4 69 C8 44 C7 CA BB EE 62
: 5C 30 78 88 8C 1D 85 EE A8 83 F1 AD 5B C4 E6 77
: 6E 8E 1A 07 50 91 2D F6 4F 79 95 64 99 F1 E1 82
: 47 5B 0B 60 E2 63 2A DC D8 CF 94 E9 C5 4F D1 F3
: B1 09 D8 1F 00 BF 2A B8 CB 86 2A DF 7D 40 B9 36
: 9A
536 30 24: SEQUENCE {
538 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
547 30 13: SEQUENCE {
549 02 4: INTEGER 1376285941
555 02 5: INTEGER
: 00 EE 39 AD B3
: }
: }
: }
: }
562 30 427: SEQUENCE {
566 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-B-ParamSet
575 30 414: SEQUENCE {
579 02 2: INTEGER 1024
583 02 129: INTEGER
: 00 C6 97 1F C5 75 24 B3 0C 90 18 C5 E6 21 DE 15
: 49 97 36 85 4F 56 A6 F8 AE E6 5A 7A 40 46 32 B1
: BC F0 34 9F FC AF CB 0A 10 31 77 97 1F C1 61 2A
: DC DB 8C 8C C9 38 C7 02 25 C8 FD 12 AF F0 1B 1D
: 06 4E 0A D6 FD E6 AB 91 59 16 6C B9 F2 FC 17 1D
: 92 F0 CC 7B 6A 6B 2C D7 FA 34 2A CB E2 C9 31 5A
: 42 D5 76 B1 EC CE 77 A9 63 15 7F 3D 0B D9 6A 8E
: B0 B0 F3 50 2A D2 38 10 1B 05 11 63 34 F1 E5 B7
: AB
715 02 33: INTEGER
: 00 B0 9D 63 4C 10 89 9C D7 D4 C3 A7 65 74 03 E0
: 58 10 B0 7C 61 A6 88 BA B2 C3 7F 47 5E 30 8B 06
: 07
750 02 128: INTEGER
: 3D 26 B4 67 D9 4A 3F FC 9D 71 BF 8D B8 93 40 84
: 13 72 64 F3 C2 E9 EB 16 DC A2 14 B8 BC 7C 87 24
: 85 33 67 44 93 4F D2 EF 59 43 F9 ED 0B 74 5B 90
: AA 3E C8 D7 0C DC 91 68 24 78 B6 64 A2 E1 F8 FB
: 56 CE F2 97 2F EE 7E DB 08 4A F7 46 41 9B 85 4F
: AD 02 CC 3E 36 46 FF 2E 1A 18 DD 4B EB 3C 44 F7
: F2 74 55 88 02 96 49 67 45 46 CC 91 87 C2 07 FB
: 8F 2C EC E8 E2 29 3F 68 39 5C 47 04 AF 04 BA B5
881 30 110: SEQUENCE {
883 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
892 30 99: SEQUENCE {
894 02 4: INTEGER 1536654555
900 02 4: INTEGER 1855361757
906 02 85: INTEGER
: 00 BC 3C BB DB 7E 6F 84 82 86 E1 9A D9 A2 7A 8E
: 29 7E 5B 71 C5 3D D9 74 CD F6 0F 93 73 56 DF 69
: CB C9 7A 30 0C CC 71 68 5C 55 30 46 14 7F 11 56
: 8C 4F DD F3 63 D9 D8 86 43 83 45 A6 2C 3B 75 96
: 3D 65 46 AD FA BF 31 B3 12 90 D1 2C AE 65 EC B8
: 30 9E F6 67 82
: }
: }
: }
: }
993 30 351: SEQUENCE {
997 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-C-ParamSet
1006 30 338: SEQUENCE {
1010 02 2: INTEGER 1024
1014 02 129: INTEGER
: 00 9D 88 E6 D7 FE 33 13 BD 2E 74 5C 7C DD 2A B9
: EE 4A F3 C8 89 9E 84 7D E7 4A 33 78 3E A6 8B C3
: 05 88 BA 1F 73 8C 6A AF 8A B3 50 53 1F 18 54 C3
: 83 7C C3 C8 60 FF D7 E2 E1 06 C3 F6 3B 3D 8A 4C
: 03 4C E7 39 42 A6 C3 D5 85 B5 99 CF 69 5E D7 A3
: C4 A9 3B 2B 94 7B 71 57 BB 1A 1C 04 3A B4 1E C8
: 56 6C 61 45 E9 38 A6 11 90 6D E0 D3 2E 56 24 94
: 56 9D 7E 99 9A 0D DA 5C 87 9B DD 91 FE 12 4D F1
: E9
1146 02 33: INTEGER
: 00 FA DD 19 7A BD 19 A1 B4 65 3E EC F7 EC A4 D6
: A2 2B 1F 7F 89 3B 64 1F 90 16 41 FB B5 55 35 4F
: AF
1181 02 128: INTEGER
: 74 47 ED 71 56 31 05 99 07 0B 12 60 99 47 A5 C8
: C8 A8 62 5C F1 CF 25 2B 40 7B 33 1F 93 D6 39 DD
: D1 BA 39 26 56 DE CA 99 2D D0 35 35 43 29 A1 E9
: 5A 6E 32 D6 F4 78 82 D9 60 B8 F1 0A CA FF 79 6D
: 13 CD 96 11 F8 53 DA B6 D2 62 34 83 E4 67 88 70
: 84 93 93 7A 1A 29 44 25 98 AE C2 E0 74 20 22 56
: 34 40 FE 9C 18 74 0E CE 67 65 AC 05 FA F0 24 A6
: 4B 02 6E 7E 40 88 40 81 9E 96 2E 7E 5F 40 1A E3
1312 30 34: SEQUENCE {
1314 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
1323 30 23: SEQUENCE {
1325 02 4: INTEGER 1132758852
1331 02 5: INTEGER
: 00 B5 0A 82 6D
1338 02 8: INTEGER
: 7F 57 5E 81 94 BC 5B DF
: }
: }
: }
: }
1348 30 371: SEQUENCE {
1352 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-D-ParamSet
1361 30 358: SEQUENCE {
1365 02 2: INTEGER 1024
1369 02 129: INTEGER
: 00 80 F1 02 D3 2B 0F D1 67 D0 69 C2 7A 30 7A DA
: D2 C4 66 09 19 04 DB AA 55 D5 B8 CC 70 26 F2 F7
: A1 91 9B 89 0C B6 52 C4 0E 05 4E 1E 93 06 73 5B
: 43 D7 B2 79 ED DF 91 02 00 1C D9 E1 A8 31 FE 8A
: 16 3E ED 89 AB 07 CF 2A BE 82 42 AC 9D ED DD BF
: 98 D6 2C DD D1 EA 4F 5F 15 D3 A4 2A 66 77 BD D2
: 93 B2 42 60 C0 F2 7C 0F 1D 15 94 86 14 D5 67 B6
: 6F A9 02 BA A1 1A 69 AE 3B CE AD BB 83 E3 99 C9
: B5
1501 02 33: INTEGER
: 00 F0 F5 44 C4 18 AA C2 34 F6 83 F0 33 51 1B 65
: C2 16 51 A6 07 8B DA 2D 69 BB 9F 73 28 67 50 21
: 49
1536 02 128: INTEGER
: 6B CC 0B 4F AD B3 88 9C 1E 06 AD D2 3C C0 9B 8A
: B6 EC DE DF 73 F0 46 32 59 5E E4 25 00 05 D6 AF
: 5F 5A DE 44 CB 1E 26 E6 26 3C 67 23 47 CF A2 6F
: 9E 93 93 68 1E 6B 75 97 33 78 4C DE 5D BD 9A 14
: A3 93 69 DF D9 9F A8 5C C0 D1 02 41 C4 01 03 43
: F3 4A 91 39 3A 70 6C F1 26 77 CB FA 1F 57 8D 6B
: 6C FB E8 A1 24 2C FC C9 4B 3B 65 3A 47 6E 14 5E
: 38 62 C1 8C C3 FE D8 25 7C FE F7 4C DB 20 5B F1
1667 30 54: SEQUENCE {
1669 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
1678 30 43: SEQUENCE {
1680 02 4: INTEGER 333089693
1686 02 5: INTEGER
: 00 A0 E9 DE 4B
1693 02 28: INTEGER
: 41 AB 97 85 7F 42 61 43 55 D3 2D B0 B1 06 9F 10
: 9A 4D A2 83 67 6C 7C 53 A6 81 85 B4
: }
: }
: }
: }
1723 30 396: SEQUENCE {
1727 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-XchA-ParamSet
1736 30 383: SEQUENCE {
1740 02 2: INTEGER 1024
1744 02 129: INTEGER
: 00 CA 3B 3F 2E EE 9F D4 63 17 D4 95 95 A9 E7 51
: 8E 6C 63 D8 F4 EB 4D 22 D1 0D 28 AF 0B 88 39 F0
: 79 F8 28 9E 60 3B 03 53 07 84 B9 BB 5A 1E 76 85
: 9E 48 50 C6 70 C7 B7 1C 0D F8 4C A3 E0 D6 C1 77
: FE 9F 78 A9 D8 43 32 30 A8 83 CD 82 A2 B2 B5 C7
: A3 30 69 80 27 85 70 CD B7 9B F0 10 74 A6 9C 96
: 23 34 88 24 B0 C5 37 91 D5 3C 6A 78 CA B6 9E 1C
: FB 28 36 86 11 A3 97 F5 0F 54 1E 16 DB 34 8D BE
: 5F
1876 02 33: INTEGER
: 00 CA E4 D8 5F 80 C1 47 70 4B 0C A4 8E 85 FB 00
: A9 05 7A A4 AC C4 46 68 E1 7F 19 96 D7 15 26 90
: D9
1911 02 129: INTEGER
: 00 BE 27 D6 52 F2 F1 E3 39 DA 73 42 11 B8 5B 06
: AE 4D E2 36 AA 8F BE EB 3F 1A DC C5 2C D4 38 53
: 77 7E 83 4A 6A 51 81 38 67 8A 8A DB D3 A5 5C 70
: A7 EA B1 BA 7A 07 19 54 86 77 AA F4 E6 09 FF B4
: 7F 6B 9D 7E 45 B0 D0 6D 83 D7 AD C5 33 10 AB D8
: 57 83 E7 31 7F 7E C7 32 68 B6 A9 C0 8D 26 0B 85
: D8 48 56 96 CA 39 C1 7B 17 F0 44 D1 E0 50 48 90
: 36 AB D3 81 C5 E6 BF 82 BA 35 2A 1A FF 13 66 01
: AF
2043 30 78: SEQUENCE {
2045 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
2054 30 67: SEQUENCE {
2056 02 5: INTEGER
: 00 D0 5E 9F 14
2063 02 4: INTEGER 1177570399
2069 02 52: INTEGER
: 35 AB 87 53 99 CD A3 3C 14 6C A6 29 66 0E 5A 5E
: 5C 07 71 4C A3 26 DB 03 2D D6 75 19 95 CD B9 0A
: 61 2B 92 28 93 2D 83 02 70 4E C2 4A 5D EF 77 39
: C5 81 3D 83
: }
: }
: }
: }
2123 30 375: SEQUENCE {
2127 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-XchB-ParamSet
2136 30 362: SEQUENCE {
2140 02 2: INTEGER 1024
2144 02 129: INTEGER
: 00 92 86 DB DA 91 EC CF C3 06 0A A5 59 83 18 E2
: A6 39 F5 BA 90 A4 CA 65 61 57 B2 67 3F B1 91 CD
: 05 89 EE 05 F4 CE F1 BD 13 50 84 08 27 14 58 C3
: 08 51 CE 7A 4E F5 34 74 2B FB 11 F4 74 3C 8F 78
: 7B 11 19 3B A3 04 C0 E6 BC A2 57 01 BF 88 AF 1C
: B9 B8 FD 47 11 D8 9F 88 E3 2B 37 D9 53 16 54 1B
: F1 E5 DB B4 98 9B 3D F1 36 59 B8 8C 0F 97 A3 C1
: 08 7B 9F 2D 53 17 D5 57 DC D4 AF C6 D0 A7 54 E2
: 79
2276 02 33: INTEGER
: 00 C9 66 E9 B3 B8 B7 CD D8 2F F0 F8 3A F8 70 36
: C3 8F 42 23 8E C5 0A 87 6C D3 90 E4 3D 67 B6 01
: 3F
2311 02 128: INTEGER
: 7E 9C 30 96 67 6F 51 E3 B2 F9 88 4C F0 AC 21 56
: 77 94 96 F4 10 E0 49 CE D7 E5 3D 8B 7B 5B 36 6B
: 1A 60 08 E5 19 66 05 A5 5E 89 C3 19 0D AB F8 0B
: 9F 11 63 C9 79 FC D1 83 28 DA E5 E9 04 88 11 B3
: 70 10 7B B7 71 5F 82 09 1B B9 DE 0E 33 EE 2F ED
: 62 55 47 4F 87 69 FC E5 EA FA EE F1 CB 5A 32 E0
: D5 C6 C2 F0 FC 0B 34 47 07 29 47 F5 B4 C3 87 66
: 69 93 A3 33 FC 06 56 8E 53 4A D5 6D 23 38 D7 29
2442 30 58: SEQUENCE {
2444 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
2453 30 47: SEQUENCE {
2455 02 4: INTEGER 2046851076
2461 02 5: INTEGER
: 00 D3 1A 4F F7
2468 02 32: INTEGER
: 7E C1 23 D1 61 47 77 62 83 8C 2B EA 9D BD F3 30
: 74 AF 6D 41 D1 08 A0 66 A1 E7 A0 7A B3 04 8D E2
: }
: }
: }
: }
2502 30 380: SEQUENCE {
2506 06 7: OBJECT IDENTIFIER
: id-GostR3410-94-CryptoPro-XchC-ParamSet
2515 30 367: SEQUENCE {
2519 02 2: INTEGER 1024
2523 02 129: INTEGER
: 00 B1 94 03 6A CE 14 13 9D 36 D6 42 95 AE 6C 50
: FC 4B 7D 65 D8 B3 40 71 13 66 CA 93 F3 83 65 39
: 08 EE 63 7B E4 28 05 1D 86 61 26 70 AD 7B 40 2C
: 09 B8 20 FA 77 D9 DA 29 C8 11 1A 84 96 DA 6C 26
: 1A 53 ED 25 2E 4D 8A 69 A2 03 76 E6 AD DB 3B DC
: D3 31 74 9A 49 1A 18 4B 8F DA 6D 84 C3 1C F0 5F
: 91 19 B5 ED 35 24 6E A4 56 2D 85 92 8B A1 13 6A
: 8D 0E 5A 7E 5C 76 4B A8 90 20 29 A1 33 6C 63 1A
: 1D
2655 02 33: INTEGER
: 00 96 12 04 77 DF 0F 38 96 62 8E 6F 4A 88 D8 3C
: 93 20 4C 21 0F F2 62 BC CB 7D AE 45 03 55 12 52
: 59
2690 02 128: INTEGER
: 3F 18 17 05 2B AA 75 98 FE 3E 4F 4F C5 C5 F6 16
: E1 22 CF F9 EB D8 9E F8 1D C7 CE 8B F5 6C C6 4B
: 43 58 6C 80 F1 C4 F5 6D D5 71 8F DD 76 30 0B E3
: 36 78 42 59 CA 25 AA DE 5A 48 3F 64 C0 2A 20 CF
: 4A 10 F9 C1 89 C4 33 DE FE 31 D2 63 E6 C9 76 46
: 60 A7 31 EC CA EC B7 4C 82 79 30 37 31 E8 CF 69
: 20 5B C7 3E 5A 70 BD F9 3E 5B B6 81 DA B4 EE B9
: C7 33 CA AB 2F 67 3C 47 5E 0E CA 92 1D 29 78 2E
2821 30 63: SEQUENCE {
2823 06 7: OBJECT IDENTIFIER id-GostR3410-94-bBis
2832 30 52: SEQUENCE {
2834 02 4: INTEGER 371898640
2840 02 5: INTEGER
: 00 93 F8 28 D3
2847 02 37: INTEGER
: 00 CA 82 CC E7 8A 73 8B C4 6F 10 3D 53 B9 BF 80
: 97 45 EC 84 5E 4F 6D A4 62 60 6C 51 F6 0E CF 30
: 2E 31 20 4B 81
: }
: }
: }
: }
: }
|>GostR3410-94-ParamSetParameters.bin
|MIILQjCB0QYHKoUDAgIgADCBxQICAgACQQDugXKuiZZgj7aTWbieuCpphUUQ4pd6
|TWO8lzIs5dwzhuoKErND6RkPIxd1OYRYOXhrsMNF0WWXbvIZXsmxw3njAiEAmJFe
|fsgmXt/Nox6I8kgJ3bBkvccoXdUNconwrG9J3S0CQQCelgMVAMh3SoaVgtSv3iEn
|r60lOLS2JwpvfIg3tQ1Q8gZ1WYSknlCTBNZIviq1qrGOvizUasPYSVsUKqbOI+Ic
|MBYGByqFAwICFAEwCwICXskCAnNBAgECMIIBVgYHKoUDAgIgAjCCAUkCAgQAAoGB
|ALTiXvsBjjyLh1BeKmdVPF7cVsKRS35PidI/A/Azd+cKKQNIndYOeEGNPYUe21MX
|xIceQLBCKMO3kCljxLfYXVK5qojyr9vrKNqIadbfhGodmJJOklVhvWkwC53dBdJH
|tZItlny7AmcYgcV9EOXvctPm2tQiPcgqoffQKUZRpIDfAiEAlyQypDcXizC9lhlb
|dzeJqy//FVlLF23RdbYyVu5a8s8CgYEAj9NnMSN2VLvkH18fhFPnHKQU/8IsJdkV
|MJ5dLmKiomxxEfP8eVaNr6AoBC/hpSoEiYBcDemhpGnIRMfKu+5iXDB4iIwdhe6o
|g/GtW8Tmd26OGgdQkS32T3mVZJnx4YJHWwtg4mMq3NjPlOnFT9HzsQnYHwC/KrjL
|hirffUC5NpowGAYHKoUDAgIUBDANAgRSCHT1AgUA7jmtszCCAasGByqFAwICIAMw
|ggGeAgIEAAKBgQDGlx/FdSSzDJAYxeYh3hVJlzaFT1am+K7mWnpARjKxvPA0n/yv
|ywoQMXeXH8FhKtzbjIzJOMcCJcj9Eq/wGx0GTgrW/earkVkWbLny/BcdkvDMe2pr
|LNf6NCrL4skxWkLVdrHsznepYxV/PQvZao6wsPNQKtI4EBsFEWM08eW3qwIhALCd
|Y0wQiZzX1MOnZXQD4FgQsHxhpoi6ssN/R14wiwYHAoGAPSa0Z9lKP/ydcb+NuJNA
|hBNyZPPC6esW3KIUuLx8hySFM2dEk0/S71lD+e0LdFuQqj7I1wzckWgkeLZkouH4
|+1bO8pcv7n7bCEr3RkGbhU+tAsw+Nkb/LhoY3UvrPET38nRViAKWSWdFRsyRh8IH
|+48s7OjiKT9oOVxHBK8EurUwbgYHKoUDAgIUBDBjAgRbl3zbAgRulpLdAlUAvDy7
|235vhIKG4ZrZonqOKX5bccU92XTN9g+Tc1bfacvJejAMzHFoXFUwRhR/EVaMT93z
|Y9nYhkODRaYsO3WWPWVGrfq/MbMSkNEsrmXsuDCe9meCMIIBXwYHKoUDAgIgBDCC
|AVICAgQAAoGBAJ2I5tf+MxO9LnRcfN0que5K88iJnoR950ozeD6mi8MFiLofc4xq
|r4qzUFMfGFTDg3zDyGD/1+LhBsP2Oz2KTANM5zlCpsPVhbWZz2le16PEqTsrlHtx
|V7saHAQ6tB7IVmxhRek4phGQbeDTLlYklFadfpmaDdpch5vdkf4STfHpAiEA+t0Z
|er0ZobRlPuz37KTWoisff4k7ZB+QFkH7tVU1T68CgYB0R+1xVjEFmQcLEmCZR6XI
|yKhiXPHPJStAezMfk9Y53dG6OSZW3sqZLdA1NUMpoelabjLW9HiC2WC48QrK/3lt
|E82WEfhT2rbSYjSD5GeIcISTk3oaKUQlmK7C4HQgIlY0QP6cGHQOzmdlrAX68CSm
|SwJufkCIQIGeli5+X0Aa4zAiBgcqhQMCAhQEMBcCBEOEh0QCBQC1CoJtAgh/V16B
|lLxb3zCCAXMGByqFAwICIAUwggFmAgIEAAKBgQCA8QLTKw/RZ9BpwnowetrSxGYJ
|GQTbqlXVuMxwJvL3oZGbiQy2UsQOBU4ekwZzW0PXsnnt35ECABzZ4agx/ooWPu2J
|qwfPKr6CQqyd7d2/mNYs3dHqT18V06QqZne90pOyQmDA8nwPHRWUhhTVZ7ZvqQK6
|oRpprjvOrbuD45nJtQIhAPD1RMQYqsI09oPwM1EbZcIWUaYHi9otabufcyhnUCFJ
|AoGAa8wLT62ziJweBq3SPMCbirbs3t9z8EYyWV7kJQAF1q9fWt5Eyx4m5iY8ZyNH
|z6JvnpOTaB5rdZczeEzeXb2aFKOTad/Zn6hcwNECQcQBA0PzSpE5OnBs8SZ3y/of
|V41rbPvooSQs/MlLO2U6R24UXjhiwYzD/tglfP73TNsgW/EwNgYHKoUDAgIUBDAr
|AgQT2oudAgUAoOneSwIcQauXhX9CYUNV0y2wsQafEJpNooNnbHxTpoGFtDCCAYwG
|ByqFAwICIQEwggF/AgIEAAKBgQDKOz8u7p/UYxfUlZWp51GObGPY9OtNItENKK8L
|iDnwefgonmA7A1MHhLm7Wh52hZ5IUMZwx7ccDfhMo+DWwXf+n3ip2EMyMKiDzYKi
|srXHozBpgCeFcM23m/AQdKacliM0iCSwxTeR1TxqeMq2nhz7KDaGEaOX9Q9UHhbb
|NI2+XwIhAMrk2F+AwUdwSwykjoX7AKkFeqSsxEZo4X8ZltcVJpDZAoGBAL4n1lLy
|8eM52nNCEbhbBq5N4jaqj77rPxrcxSzUOFN3foNKalGBOGeKitvTpVxwp+qxunoH
|GVSGd6r05gn/tH9rnX5FsNBtg9etxTMQq9hXg+cxf37HMmi2qcCNJguF2EhWlso5
|wXsX8ETR4FBIkDar04HF5r+CujUqGv8TZgGvME4GByqFAwICFAQwQwIFANBenxQC
|BEYwTF8CNDWrh1OZzaM8FGymKWYOWl5cB3FMoybbAy3WdRmVzbkKYSuSKJMtgwJw
|TsJKXe93OcWBPYMwggF3BgcqhQMCAiECMIIBagICBAACgYEAkobb2pHsz8MGCqVZ
|gxjipjn1upCkymVhV7JnP7GRzQWJ7gX0zvG9E1CECCcUWMMIUc56TvU0dCv7EfR0
|PI94exEZO6MEwOa8olcBv4ivHLm4/UcR2J+I4ys32VMWVBvx5du0mJs98TZZuIwP
|l6PBCHufLVMX1Vfc1K/G0KdU4nkCIQDJZumzuLfN2C/w+Dr4cDbDj0IjjsUKh2zT
|kOQ9Z7YBPwKBgH6cMJZnb1HjsvmITPCsIVZ3lJb0EOBJztflPYt7WzZrGmAI5Rlm
|BaVeicMZDav4C58RY8l5/NGDKNrl6QSIEbNwEHu3cV+CCRu53g4z7i/tYlVHT4dp
|/OXq+u7xy1oy4NXGwvD8CzRHBylH9bTDh2Zpk6Mz/AZWjlNK1W0jONcpMDoGByqF
|AwICFAQwLwIEegB4BAIFANMaT/cCIH7BI9FhR3dig4wr6p298zB0r21B0QigZqHn
|oHqzBI3iMIIBfAYHKoUDAgIhAzCCAW8CAgQAAoGBALGUA2rOFBOdNtZCla5sUPxL
|fWXYs0BxE2bKk/ODZTkI7mN75CgFHYZhJnCte0AsCbgg+nfZ2inIERqEltpsJhpT
|7SUuTYppogN25q3bO9zTMXSaSRoYS4/abYTDHPBfkRm17TUkbqRWLYWSi6ETao0O
|Wn5cdkuokCApoTNsYxodAiEAlhIEd98POJZijm9KiNg8kyBMIQ/yYrzLfa5FA1US
|UlkCgYA/GBcFK6p1mP4+T0/FxfYW4SLP+evYnvgdx86L9WzGS0NYbIDxxPVt1XGP
|3XYwC+M2eEJZyiWq3lpIP2TAKiDPShD5wYnEM97+MdJj5sl2RmCnMezK7LdMgnkw
|NzHoz2kgW8c+WnC9+T5btoHatO65xzPKqy9nPEdeDsqSHSl4LjA/BgcqhQMCAhQE
|MDQCBBYquRACBQCT+CjTAiUAyoLM54pzi8RvED1Tub+Al0XshF5PbaRiYGxR9g7P
|MC4xIEuB
|<GostR3410-94-ParamSetParameters.bin
11.4 GOST R 34.10-2001 public key algorithm parameters
For each AlgorithmIdentifier in this sequence the parameters field
contains GostR3410-2001-ParamSetParameters.
0 30 998: SEQUENCE {
4 30 156: SEQUENCE {
7 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-TestParamSet
16 30 144: SEQUENCE {
19 02 1: INTEGER 7
22 02 32: INTEGER
: 5F BF F4 98 AA 93 8C E7 39 B8 E0 22 FB AF EF 40
: 56 3F 6E 6A 34 72 FC 2A 51 4C 0C E9 DA E2 3B 7E
56 02 33: INTEGER
: 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
: 31
91 02 33: INTEGER
: 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 01 50 FE 8A 18 92 97 61 54 C5 9C FC 19 3A CC F5
: B3
126 02 1: INTEGER 2
129 02 32: INTEGER
: 00 E3 77 43 4A 47 CE B9 B6 4B 64 C4 FF 74 A5 C4
: 21 5F EE 77 CF CC 30 52 2B 96 AB BC EA 7E 8F C8
: }
: }
163 30 159: SEQUENCE {
166 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-CryptoPro-A-ParamSet
175 30 147: SEQUENCE {
178 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FD
: 94
213 02 2: INTEGER 166
217 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FD
: 97
252 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF 6C 61 10 70 99 5A D1 00 45 84 1B 09 B7 61 B8
: 93
287 02 1: INTEGER 1
290 02 33: INTEGER
: 00 8D 91 E4 71 E0 98 9C DA 27 DF 50 5A 45 3F 2B
: 76 35 29 4F 2D DF 23 E3 B1 22 AC C9 9C 9E 9F 1E
: 14
: }
: }
325 30 188: SEQUENCE {
328 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-CryptoPro-B-ParamSet
337 30 176: SEQUENCE {
340 02 33: INTEGER
: 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C
: 96
375 02 32: INTEGER
: 3E 1A F4 19 A2 69 A5 F8 66 A7 D3 C2 5C 3D F8 0A
: E9 79 25 93 73 FF 2B 18 2F 49 D4 CE 7E 1B BC 8B
409 02 33: INTEGER
: 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C
: 99
444 02 33: INTEGER
: 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00
: 01 5F 70 0C FF F1 A6 24 E5 E4 97 16 1B CC 8A 19
: 8F
479 02 1: INTEGER 1
482 02 32: INTEGER
: 3F A8 12 43 59 F9 66 80 B8 3D 1C 3E B2 C0 70 E5
: C5 45 C9 85 8D 03 EC FB 74 4B F8 D7 17 71 7E FC
: }
: }
516 30 159: SEQUENCE {
519 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-CryptoPro-C-ParamSet
528 30 147: SEQUENCE {
531 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA CF 84 6E 86 78 90 51 D3 79 98 F7 B9 02 2D 75
: 98
566 02 3: INTEGER 32858
571 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA CF 84 6E 86 78 90 51 D3 79 98 F7 B9 02 2D 75
: 9B
606 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA 58 2C A3 51 1E DD FB 74 F0 2F 3A 65 98 98 0B
: B9
641 02 1: INTEGER 0
644 02 32: INTEGER
: 41 EC E5 57 43 71 1A 8C 3C BF 37 83 CD 08 C0 EE
: 4D 4D C4 40 D4 64 1A 8F 36 6E 55 0D FD B3 BB 67
: }
: }
678 30 159: SEQUENCE {
681 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-CryptoPro-XchA-ParamSet
690 30 147: SEQUENCE {
693 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FD
: 94
728 02 2: INTEGER 166
732 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FD
: 97
767 02 33: INTEGER
: 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
: FF 6C 61 10 70 99 5A D1 00 45 84 1B 09 B7 61 B8
: 93
802 02 1: INTEGER 1
805 02 33: INTEGER
: 00 8D 91 E4 71 E0 98 9C DA 27 DF 50 5A 45 3F 2B
: 76 35 29 4F 2D DF 23 E3 B1 22 AC C9 9C 9E 9F 1E
: 14
: }
: }
840 30 159: SEQUENCE {
843 06 7: OBJECT IDENTIFIER
: id-GostR3410-2001-CryptoPro-XchB-ParamSet
852 30 147: SEQUENCE {
855 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA CF 84 6E 86 78 90 51 D3 79 98 F7 B9 02 2D 75
: 98
890 02 3: INTEGER 32858
895 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA CF 84 6E 86 78 90 51 D3 79 98 F7 B9 02 2D 75
: 9B
930 02 33: INTEGER
: 00 9B 9F 60 5F 5A 85 81 07 AB 1E C8 5E 6B 41 C8
: AA 58 2C A3 51 1E DD FB 74 F0 2F 3A 65 98 98 0B
: B9
965 02 1: INTEGER 0
968 02 32: INTEGER
: 41 EC E5 57 43 71 1A 8C 3C BF 37 83 CD 08 C0 EE
: 4D 4D C4 40 D4 64 1A 8F 36 6E 55 0D FD B3 BB 67
: }
: }
: }
|>GostR3410-2001-ParamSetParameters.bin
|MIID5jCBnAYHKoUDAgIjADCBkAIBBwIgX7/0mKqTjOc5uOAi+6/vQFY/bmo0cvwq
|UUwM6driO34CIQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEMQIhAIAA
|AAAAAAAAAAAAAAAAAAFQ/ooYkpdhVMWc/Bk6zPWzAgECAiAA43dDSkfOubZLZMT/
|dKXEIV/ud8/MMFIrlqu86n6PyDCBnwYHKoUDAgIjATCBkwIhAP//////////////
|//////////////////////////2UAgIApgIhAP//////////////////////////
|//////////////2XAiEA/////////////////////2xhEHCZWtEARYQbCbdhuJMC
|AQECIQCNkeRx4Jic2iffUFpFPyt2NSlPLd8j47EirMmcnp8eFDCBvAYHKoUDAgIj
|AjCBsAIhAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyWAiA+GvQZomml
|+Gan08JcPfgK6Xklk3P/KxgvSdTOfhu8iwIhAIAAAAAAAAAAAAAAAAAAAAAAAAAA
|AAAAAAAAAAAAAAyZAiEAgAAAAAAAAAAAAAAAAAAAAV9wDP/xpiTl5JcWG8yKGY8C
|AQECID+oEkNZ+WaAuD0cPrLAcOXFRcmFjQPs+3RL+NcXcX78MIGfBgcqhQMCAiMD
|MIGTAiEAm59gX1qFgQerHshea0HIqs+EboZ4kFHTeZj3uQItdZgCAwCAWgIhAJuf
|YF9ahYEHqx7IXmtByKrPhG6GeJBR03mY97kCLXWbAiEAm59gX1qFgQerHshea0HI
|qlgso1Ee3ft08C86ZZiYC7kCAQACIEHs5VdDcRqMPL83g80IwO5NTcRA1GQajzZu
|VQ39s7tnMIGfBgcqhQMCAiQAMIGTAiEA////////////////////////////////
|/////////ZQCAgCmAiEA/////////////////////////////////////////ZcC
|IQD/////////////////////bGEQcJla0QBFhBsJt2G4kwIBAQIhAI2R5HHgmJza
|J99QWkU/K3Y1KU8t3yPjsSKsyZyenx4UMIGfBgcqhQMCAiQBMIGTAiEAm59gX1qF
|gQerHshea0HIqs+EboZ4kFHTeZj3uQItdZgCAwCAWgIhAJufYF9ahYEHqx7IXmtB
|yKrPhG6GeJBR03mY97kCLXWbAiEAm59gX1qFgQerHshea0HIqlgso1Ee3ft08C86
|ZZiYC7kCAQACIEHs5VdDcRqMPL83g80IwO5NTcRA1GQajzZuVQ39s7tn
|<GostR3410-2001-ParamSetParameters.bin
12 References
Normative references: Normative references:
[GOST28147] "Cryptographic Protection for Data Processing System", [GOST28147] "Cryptographic Protection for Data Processing System",
GOST 28147-89, Gosudarstvennyi Standard of USSR, Gov- GOST 28147-89, Gosudarstvennyi Standard of USSR, Gov-
ernment Committee of the USSR for Standards, 1989. (In ernment Committee of the USSR for Standards, 1989. (In
Russian); Russian);
[GOSTR341094] "Information technology. Cryptographic Data Security. [GOSTR341094] "Information technology. Cryptographic Data Security.
Produce and check procedures of Electronic Digital Sig- Produce and check procedures of Electronic Digital Sig-
skipping to change at page 51, line 25 skipping to change at page 47, line 25
[CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of [CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of
Selected Activity Categories in Cryptography Area", 23 Selected Activity Categories in Cryptography Area", 23
Sep 2002 N 691 Sep 2002 N 691
[X.660] ITU-T Recommendation X.660 Information Technology - [X.660] ITU-T Recommendation X.660 Information Technology -
ASN.1 encoding rules: Specification of Basic Encoding ASN.1 encoding rules: Specification of Basic Encoding
Rules (BER), Canonical Encoding Rules (CER) and Distin- Rules (BER), Canonical Encoding Rules (CER) and Distin-
guished Encoding Rules (DER), 1997. guished Encoding Rules (DER), 1997.
[RFC 4134] P. Hoffman, Ed., "Examples of S/MIME Messages", July
2005, RFC 4134.
[TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen. [TLS] The TLS Protocol Version 1.0. T. Dierks, C. Allen.
January 1999, RFC 2246. January 1999, RFC 2246.
12 Acknowledgments 13 Acknowledgments
This document was created in accordance with "Russian Cryptographic This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas", Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI), CRYPTO-PRO, Factor-TS, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions. compatibility of the products and solutions.
The authors wish to thank: The authors wish to thank:
Microsoft Corporation Russia for providing information about Microsoft Corporation Russia for providing information about
company products and solutions, and also for technical consulting company products and solutions, and also for technical consulting
in PKI. in PKI.
RSA Security Russia and Demos Co Ltd for active collaboration and RSA Security Russia and Demos Co Ltd for active collaboration and
critical help in creation of this document. critical help in creation of this document.
Peter Gutmann for his helpful "dumpasn1" program.
Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and
Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative, Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative,
creating this document. creating this document.
Derek Atkins (IHTFP Consulting, derek@ihtfp.com) and his wife, Derek Atkins (IHTFP Consulting, derek@ihtfp.com) and his wife,
Heather Anne Harrison for making the document readable. Heather Anne Harrison for making the document readable.
Grigorij Chudov for navigating the IETF process for this document.
This document is based on a contribution of CRYPTO-PRO Company. Any This document is based on a contribution of CRYPTO-PRO Company. Any
substantial use of the text from this document must acknowledge substantial use of the text from this document must acknowledge
CRYPTO-PRO. CRYPTO-PRO requests that all material mentioning or CRYPTO-PRO. CRYPTO-PRO requests that all material mentioning or
referencing this document identify this as "CRYPTO-PRO CPALGS". referencing this document identify this as "CRYPTO-PRO CPALGS".
Author's Addresses Author's Addresses
Vladimir Popov Vladimir Popov
CRYPTO-PRO CRYPTO-PRO
38, Obraztsova, 38, Obraztsova,
skipping to change at page 52, line 37 skipping to change at page 48, line 44
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: lse@cryptopro.ru EMail: lse@cryptopro.ru
Grigorij Chudov Grigorij Chudov
CRYPTO-PRO CRYPTO-PRO
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: chudov@cryptopro.ru EMail: chudov@cryptopro.ru
Alexandr Afanasiev Alexandr Afanasiev
Factor-TC Factor-TS
office 711, 14, Presnenskij val, office 711, 14, Presnenskij val,
Moscow, 123557, Russian Federation Moscow, 123557, Russian Federation
EMail: afa@factor-ts.ru EMail: afa1@factor-ts.ru
Nikolaj Nikishin Nikolaj Nikishin
Infotecs GmbH Infotecs GmbH
p/b 35, 80-5, Leningradskij prospekt, p/b 35, 80-5, Leningradskij prospekt,
Moscow, 125315, Russian Federation Moscow, 125315, Russian Federation
EMail: nikishin@infotecs.ru EMail: nikishin@infotecs.ru
Boleslav Izotov Boleslav Izotov
FGUE STC "Atlas" FGUE STC "Atlas"
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: izotov@stcnet.ru EMail: izotov@nii.voskhod.ru
Elena Minaeva Elena Minaeva
MD PREI MD PREI
build 3, 6A, Vtoroj Troitskij per., build 3, 6A, Vtoroj Troitskij per.,
Moscow, Russian Federation Moscow, Russian Federation
EMail: evminaeva@mo.msk.ru EMail: evminaeva@mail.ru
Serguei Murugov Serguei Murugov
R-Alpha R-Alpha
4/1, Raspletina, 4/1, Raspletina,
Moscow, 123060, Russian Federation Moscow, 123060, Russian Federation
EMail: msm@office.ru EMail: msm@top-cross.ru
Igori Ustinov Igor Ustinov
Cryptocom Cryptocom
office 239, 51, Leninskij prospekt, office 239, 51, Leninskij prospekt,
Moscow, 119991, Russian Federation Moscow, 119991, Russian Federation
EMail: igus@cryptocom.ru EMail: igus@cryptocom.ru
Anatolij Erkin Anatolij Erkin
SPRCIS (SPbRCZI) SPRCIS (SPbRCZI)
1, Obrucheva, 1, Obrucheva,
St.Petersburg, 195220, Russian Federation St.Petersburg, 195220, Russian Federation
EMail: erkin@nevsky.net EMail: erkin@nevsky.net
Full Copyright Statement Disclaimer of Validity
Copyright (C) The Internet Society (2005).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Full Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
Expires January 2006
 End of changes. 111 change blocks. 
1135 lines changed or deleted 949 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/