idnits 2.17.1 

draft-popov-cryptopro-cpalgs-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  == Line 770 has weird spacing: '...   mode  gost2...'

  == Line 810 has weird spacing: '...   mode  gost2...'

  == Line 851 has weird spacing: '...   mode  gost2...'

  == Line 891 has weird spacing: '...   mode  gost2...'

  == Line 931 has weird spacing: '...   mode  gost2...'

  == (4 more instances...)

  == The document seems to lack the recommended RFC 2119 boilerplate, even if
     it appears to use RFC 2119 keywords. 

     (The document does seem to have the reference to RFC 2119 which the
     ID-Checklist requires).
  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (February 15, 2004) is 7377 days in the past.  Is this
     intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

  -- Looks like a reference, but probably isn't: '8' on line 253

  -- Looks like a reference, but probably isn't: '0' on line 262

  -- Looks like a reference, but probably isn't: '7' on line 262

  == Missing Reference: 'GOST341194' is mentioned on line 438, but not defined

  ** Obsolete normative reference: RFC 2246 (ref. 'TLS') (Obsoleted by RFC
     4346)


     Summary: 5 errors (**), 0 flaws (~~), 9 warnings (==), 5 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Internet Draft                               Vladimir Popov, CRYPTO-PRO
3	                                              Igor Kurepkin, CRYPTO-PRO
4	Expires August 15, 2004                    Serguei Leontiev, CRYPTO-PRO
5	Intended Category: Informational                      February 15, 2004

7	      Additional cryptographic algorithms for use with GOST 28147-89,
8	    GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms.

10	                   <draft-popov-cryptopro-cpalgs-00.txt>

12	Status of this Memo

14	   This document is an Internet-Draft and is subject to all provisions
15	   of Section 10 of RFC2026.

17	   Internet-Drafts are working documents of the Internet Engineering
18	   Task Force (IETF), its areas, and its working groups.  Note that
19	   other groups may also distribute working documents as Internet-
20	   Drafts.

22	   Internet-Drafts are draft documents valid for a maximum of six months
23	   and may be updated, replaced, or made obsolete by other documents at
24	   any time.  It is inappropriate to use Internet-Drafts as reference
25	   material or to cite them other than as "work in progress."

27	   The list of current Internet-Drafts can be accessed at
28	   http://www.ietf.org/1id-abstracts.html

30	   The list of Internet-Draft Shadow Directories can be accessed at
31	   http://www.ietf.org/shadow.html

33	Abstract

35	   This document describes cryprographic algorithms and parameters,
36	   supplementary to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001
37	   and GOST R 34.11-94, for use in internet applications.

39	Table of Contents
40	   1      Introduction . . . . . . . . . . . . . . . . . . . . . .  2
41	   1.2    Terminology. . . . . . . . . . . . . . . . . . . . . . .  3
42	   2      Cipher algorithms. . . . . . . . . . . . . . . . . . . .  3
43	   2.1    GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . .  3
44	   2.2    Key meshing algorithms . . . . . . . . . . . . . . . . .  3
45	   3      HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . .  4
46	   4      PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . .  4
47	   5      Key establishment algorithms . . . . . . . . . . . . . .  4
48	   5.1    Creating exchange key using GOST R 34.10-94 keys . . . .  4
49	   5.2    Creating exchange key using GOST R 34.10-2001 keys . . .  4
50	   5.3    Generating export key from exchange key. . . . . . . . .  4
51	   5.4    Key export using export key. . . . . . . . . . . . . . .  4
52	   5.5    Key export using exchange key. . . . . . . . . . . . . .  4
53	   5.6    Key Diversification. . . . . . . . . . . . . . . . . . .  4
54	   5.7    VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 algorithms  4
55	   5.7.1  'Simple export' mode . . . . . . . . . . . . . . . . . .  4
56	   5.7.2  'CryptoPro' mode . . . . . . . . . . . . . . . . . . . .  4
57	   6      Algorithm parameters . . . . . . . . . . . . . . . . . .  4
58	   6.1    Encryption algorithm parameters  . . . . . . . . . . . .  4
59	   6.2    Digest algorithm parameters. . . . . . . . . . . . . . .  4
60	   6.3    GOST R 34.10-94 public key algorithm parameters  . . . .  4
61	   6.4    GOST R 34.10-2001 public key algorithm parameters. . . .  4
62	   7      Security Considerations. . . . . . . . . . . . . . . . . 11
63	   8      Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 27
64	   9      References . . . . . . . . . . . . . . . . . . . . . . . 27
65	   10     Acknowledgments. . . . . . . . . . . . . . . . . . . . . 29
66	   Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 29
67	   Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 30

69	1  Introduction

71	   This document describes cryprographic algorithms, used in supplement
72	   to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and GOST R
73	   34.11-94, proposed by CRYPTO-PRO Company for "Russian Cryptographic
74	   Software Compatibility Agreement" community.  GOST 28147-89, GOST R
75	   34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 are defined in
76	   corresponding national standards - [GOST28147], [GOSTR341094],
77	   [GOSTR34102001] and [GOSTR341194]. Their brief technical description
78	   in english can be found in [Schneier95].

80	1.2   Terminology

82	   In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD,
83	   SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described
84	   in [RFC 2119].

86	   The following functions and operators are also used in this document:

88	   encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in
89	   "prostaya zamena" (ECB) mode

91	   decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in
92	   ECB mode

94	   encryptCFB (I, K, D) - is D, encrypted with key K using GOST 28147-89
95	   in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and I as
96	   initialization vector.

98	   encryptOFB (I, K, D) - is D, encrypted with key K using GOST 28147-89
99	   in "gammirovanie" (64-bit OFB) mode, and I as initialization vector.

101	   gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash
102	   function, used with zero intitialization vector, and UZ parameter,
103	   defined by gostR3411CryptoProParamSetAI (see Appendix,
104	   GostR3411-94-ParamSetSyntax module).

106	   gost28147IMIT (I, K, D) - is the 32-bit result of GOST 28147-89 in
107	   "imitovstavka" (MAC) mode, used with D as plaintext, K as key and I
108	   as initialization vector.  Note, that standard specifies it's use in
109	   this mode only with zero initialization vector.

111	2  Cipher parameters

113	   [GOST28147] defines only the basic cryptographic operations, which
114	   can be used to encrypt or decrypt data. This document defines an
115	   additional cipher mode GOST 28147-89 CBC, and key meshing algorithm,
116	   which can be used to protect a symmetric key, when it is used to
117	   process large amounts of data.

119	   The cipher mode, key meshing algorithm, padding mode and S-box are
120	   specified by algorithm parameters.

122	2.1   GOST 28147-89 CBC mode

124	   Algorithm GOST 28147-89 CBC mode is a block cipher with block
125	   chaining, based on GOST 28147-89 in ECB mode.

127	   Before each plaintext block is encrypted, it is combined with the
128	   cipher text of the previous block by a bitwise exclusive OR
129	   operation.  This ensures that even if the plaintext contains many
130	   identical blocks, they will each encrypt to a different cipher text
131	   block.  The initialization vector is combined with the first
132	   plaintext block by a bitwise exclusive OR operation before the block
133	   is encrypted.

135	   Let x (0 < x < 8) be the number of bytes in the last (possibly,
136	   incomplete) block of data.  There are three padding modes:
137	    * Zero padding: 8-x remaining bytes are filled with zero
138	    * PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x.
139	      If there's no incomplete block, one extra block filled with value
140	   8 is added.
141	    * Random padding: 8-x remaining bytes of the last block are set to
142	   random.

144	2.2   Key meshing algorithms

146	   When there is a need to limit the amount of data, enciphered with the
147	   same key, several key meshing algorithms can be used.

149	       id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
150	           { id-CryptoPro-algorithms keyMeshing(14) none(0) }

152	   This is a zero key meshing algorithm - key is never changed.

154	       id-Gost28147-89-CryptoPro-KeyMeshing  OBJECT IDENTIFIER ::=
155	           { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }

157	   This algorithm transforms the key and initialization vector every 1KB
158	   of plaintext data, using the following rule:

160	   Let K[i] be the previous key, and S[i] be the previous initialization
161	   vector.

163	   K[i+1] = decryptECB (K[i], C); S[i+1] = encryptECB (K[i+1],S[i])

165	   Where C = {0x22720069L, 0x2304C964L, 0x96DB3A8DL, 0xC42AE946L,
166	              0x94ACFE18L, 0x1207ED00L, 0xC2DC86C0L, 0x2BA94CEFL};

168	3  HMAC_GOSTR3411

170	   HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
171	   34.11-94, as defined in [HMAC], with the following parameter values:
172	   B = 32, L = 32.

174	4  PRF_GOSTR3411

176	   PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411.
177	   It is calculated as P_hash, defined in section 5 of [TLS].
178	   PRF_GOSTR3411(K,D) = P_GOSTR3411 (K,D)

180	5  Key establishment algorithms

182	   Standards [GOSTR341094] and [GOSTR34102001] do not define any key
183	   establishment algorithms.

185	   Section 5.7 specifies algorithms VKO GOST R 34.10-94 and VKO GOST R
186	   34.10-2001, which can be used to export/import session key using a
187	   one-time exchange key (symmetric key, shared by sender and
188	   recipient), based on sender's private key and recipient public key,
189	   or vice versa.

191	   Sections 5.1 and 5.2 describe how to create an exchange key from
192	   sender's private key and recipient public key, or vice versa.

194	   Section 5.3 describes how to create an export key from an exchange
195	   key or symmetric key.

197	   Sections 5.4 and 5.5 describe, how a session key can be exported
198	   (encrypted) using export key, or using exchange key directly.

200	   Section 5.6 describes, how to create session keys, using secret key
201	   and diversification data.

203	5.1  Creating exchange key using GOST R 34.10-94 keys

205	   This algorithm creates an exchange key using sender's private key and
206	   recipient public key, or vice versa, using GOST R 34.10-94 public key
207	   algorithm and GOST R 34.11-94 hash function.

209	  Exchange key EK is a 256-bit hash of 1024-bit Diffie-Hellman key
210	  K(x,y);

212	   EK = gostR3411 (K(x,y))
213	   K(x,y) = a^(x*y) (mod p), where

215	   x - sender's private key, a^x - sender's public key
216	   y - recipient's private key, a^y - recipient's public key

218	   Keys x and y MUST comply with [GOSTR341094].

220	   This algorithm MUST NOT be used, when a^x = a (mod p) or a^y = a (mod
221	   p).

223	5.2  Creating exchange key using GOST R 34.10-2001 keys

225	   This algorithm creates an exchange key using sender's private key and
226	   recipient public key, or vice versa, using GOST R 34.10-2001 public
227	   key algorithm and GOST R 34.11-94 hash function.

229	   Exchange key EK is a 256-bit hash of K(x,y,a);

231	   EK(x,y,a) = gostR3411 (K(x,y,a))
232	   K(x,y,a) = ((a*x)(mod q)) . (y.P) (512 bit), where
233	   x - sender's private key (256 bit)
234	   x.P - sender's public key (512 bit)
235	   y - recipient's private key (256 bit)
236	   y.P - recipient's public key (512 bit)
237	   a - synchrovector (64 bit)
238	   P - base point on the elliptic curve (two 256-bit coordinates)
239	   a*x - x multiplied by a as integers
240	   x.P - a multiple point

242	   Keys x and y MUST comply with [GOSTR34102001].

244	   This algorithm MUST NOT be used, when x.P = P, y.P = P

246	5.3  Generating export key from exchange key

248	   Given a random 64-bit synchrovector A, and an exchange key K,
249	   produced by algorithms from sections 5.1 and 5.2 (or other shared
250	   symmetric key K), this algorithm creates an export key K(A), which
251	   can be used to export (encrypt) session key.

253	   KA = K[8].  K[0]..K[8] are calculated with following algorithm:

255	   K[0] = K;
256	   K[i+1]  = encryptCFB (S[i], K[i], K[i])
257	   S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32)
258	        | ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32);

260	   Here a[i,j] and k[i,j] are components of A and K[i] respectively:
261	   K[i] = k[i,0]|k[i,1]|...|k[i,7] (k[i,j] - 32-bit integer)
262	   A = a[0]|...|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)

264	5.4  Key export using export key

266	   This algorithm exports session key SK using key K and random 64-bit
267	   synchrovector A. Outputs of this algorithm are 32-bit SK_mac and
268	   256-bit SK_enc.

270	   First, export key KA is created using algorithm, specified in 5.3,
271	   from the key K and vector A.

273	   Then SK_mac is calculated: SK_mac = gost28147IMIT (A, KA, SK).

275	   Then SK is encrypted in ECB mode, using key KA:
276	    SK_enc = encryptECB (KA, SK);

278	5.5  Key export using exchange key

280	   This algorithm exports session key SK using exchange key K and random
281	   64-bit synchrovector A. Outputs of this algorithm are 32-bit SK_mac
282	   and 256-bit SK_enc.

284	   First, SK_mac is calculated: SK_mac = gost28147IMIT (A, K, SK).

286	   Then SK is encrypted in ECB mode, using K for key:

288	    SK_enc = encryptECB (K, SK);

290	5.6  Key Diversification

292	   This algorithm creates a session key SK, given secret key K and
293	   diversification data D of size 4..40 bytes.

295	   1) 40-byte blob B is created from D by cloning it enough to fill all
296	   40 bytes. For example, if D is 40-bytes long, B = D; If D is 4-bytes
297	   long, B = D|D|D|D|D|D|D|D|D|D.

299	   2) B is split into 8-byte SV and 32-byte SRCKEY (B = SV|SRCKEY).

301	   3) Algorithm from section 5.3 is used to create KA from key K and
302	   synchrovector SV, with two differences. Instead of S[i], vector
303	   (0,0,0,SV[i],ff,ff,ff,ff XOR SV[i]) is used, and during each
304	   encryption step, only 8 out of 32 GOST 28147-89 steps are done.

306	   4) SK is calculated:
307	    SK = encryptCFB (A, KA, SRCKEY).

309	5.7  VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 algorithms.  VKO GOST
310	   R 34.10-94 and VKO GOST R 34.10-2001 are key establishment algorithms
311	   for GOST R 34.10-94 and GOST R 34.10-2001 keys accordingly.

313	   There are two modes they can be used in.

315	5.7.1 'Simple export' mode

317	   Identifier for this mode:

319	       id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
320	           { id-CryptoPro-algorithms keyWrap(13) none(0) }

322	   The first step is calculating an exchange key, using algorithms,
323	   defined in sections 5.1 or 5.2, depending on key type.

325	   Then, session key can be exported on this exchange key, using
326	   algorithm from section 5.5

328	5.7.2 'CryptoPro' mode

330	   Identifier for this mode:

332	       id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
333	           { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }

335	   The first step is calculating an exchange key, using algorithms,
336	   defined in sections 5.1 or 5.2, depending on key type.

338	   Then, session key is exported on the export key (computed from this
339	   exchange key) using algorithm from section 5.4;

341	6  Algorithm parameters

343	   Standards [GOST28147], [GOST341194], [GOSTR341094] and
344	   [GOSTR34102001] do not define specific values for algorithm
345	   parameters.

347	   This document introduces the use of OIDs to specify algorithm
348	   parameters.

350	   Identifiers and corresponding parameter values for all of the
351	   proposed parameter sets can be found in Appendix in the form of ASN.1
352	   modules [X.660].

354	6.1 Encryption algorithm parameters

356	   GOST 28147-89 can be used in several modes, additional CBC mode is
357	   defined in section 2.1 this document. It also has an S-Box parameter
358	   (see Algorithm Parameters part in [GOST28147] in Russian, description
359	   in English see in [Schneier95] ch. 14.1, p. 331).

361	   This table contains the list of proposed parameter sets for GOST
362	   28147-89:

364	    Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
365	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
366	               id-Gost28147-89-TestParamSet  } |
367	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
368	               id-Gost28147-89-CryptoPro-A-ParamSet  } |
369	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
370	               id-Gost28147-89-CryptoPro-B-ParamSet  } |
371	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
372	               id-Gost28147-89-CryptoPro-C-ParamSet  } |
373	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
374	               id-Gost28147-89-CryptoPro-D-ParamSet  } |
375	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
376	               id-Gost28147-89-CryptoPro-Simple-A-ParamSet  } |
377	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
378	               id-Gost28147-89-CryptoPro-Simple-B-ParamSet  } |
379	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
380	               id-Gost28147-89-CryptoPro-Simple-C-ParamSet  } |
381	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
382	               id-Gost28147-89-CryptoPro-Simple-D-ParamSet  }
383	    }

385	   Identifier values can be found in Appendix.

387	   Parameters for GOST 28147-89 are presented in the following form:

389	    Gost28147-89-ParamSetParameters ::= SEQUENCE {
390	      eUZ   Gost28147-89-UZ,
391	      mode  INTEGER {
392	              gost28147-89-OFB(0),
393	              gost28147-89-CFB(1),
394	              cryptoPro-CBC(2)
395	           },
396	      shiftBits   INTEGER { gost28147-89-block(64) },
397	      keyWrap  AlgorithmIdentifier {{
398	                 Gost28147-89-KeyWrapAlgorithms
399	              }},
400	      keyMeshing   AlgorithmIdentifier {{
401	                 Gost28147-89-KeyMixAlgorithms
402	               }}
403	    }
404	    Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
405	    Gost28147-89-KeyMixAlgorithms  ALGORITHM-IDENTIFIER ::= {
406	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMix } |
407	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMix }
408	    }
409	    Gost28147-89-KeyWrapAlgorithms  ALGORITHM-IDENTIFIER ::= {
410	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
411	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
412	    }

414	   where
415	      eUZ        - S-box value;
416	      mode       - cipher mode;
417	      shiftBits  - cipher parameter;
418	      keyWrap    - key export algorithm identifier;
419	      keyMeshing - key meshing algorithm identifier.

421	6.2 Digest algorithm parameters

423	   This table contains the list of proposed parameter sets for
424	   [GOST341194]:

426	    GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
427	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
428	          id-GostR3411-94-TestParamSet
429	        } |
430	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
431	          id-GostR3411-94-CryptoProParamSet
432	        }

434	    }

436	   Identifier values can be found in Appendix.

438	   Parameters for [GOST341194] are presented in the following form:

440	    GostR3411-94-ParamSetParameters ::=
441	        SEQUENCE {
442	            hUZ Gost28147-89-UZ,    -- S-Box for digest
443	            h0  GostR3411-94-Digest -- start digest value
444	        }
445	    GostR3411-94-Digest ::= OCTET STRING (SIZE (32))

447	6.3 GOST R 34.10-94 public key algorithm parameters

449	   This table contains the list of proposed parameter sets for GOST R
450	   34.10-94:

452	    GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
453	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
454	               id-GostR3410-94-TestParamSet } |
455	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
456	               id-GostR3410-94-CryptoPro-A-ParamSet  } |
457	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
458	               id-GostR3410-94-CryptoPro-B-ParamSet  } |
459	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
460	               id-GostR3410-94-CryptoPro-C-ParamSet  } |
461	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
462	               id-GostR3410-94-CryptoPro-D-ParamSet  } |
463	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
464	               id-GostR3410-94-CryptoPro-XchA-ParamSet  } |
465	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
466	               id-GostR3410-94-CryptoPro-XchB-ParamSet  } |
467	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
468	               id-GostR3410-94-CryptoPro-XchC-ParamSet  }
469	    }

471	   Identifier values can be found in Appendix.

473	   Parameters for GOST R 34.10-94 are presented in the following form:

475	    GostR3410-94-ParamSetParameters ::=
476	       SEQUENCE {
477	           p       INTEGER,
478	           q       INTEGER,
479	           a       INTEGER,
480	           validationAlgorithm   AlgorithmIdentifier {{
481	             GostR3410-94-ValidationAlgorithms
482	             }} OPTIONAL
483	       }

485	    GostR3410-94-ValidationParameters ::=
486	         SEQUENCE {
487	             t       INTEGER,
488	             x0      INTEGER,
489	             c       INTEGER,
490	             d       INTEGER OPTIONAL
491	         }

493	   Where
494	    p - modulus, prime number, 2^1023<p<2^1024;
495	    q - order of cyclic group, prime number, 2^254<q<2^256, q is a
496	   factor
497	    of p-1;
498	    a - generator, integer, 1<a<p-1, at that aq (mod p) = 1;
499	    validationAlgorithm - constant p, q and a calculating algorithm.

501	    t  - bit length of p;
502	    x0 - seed;
503	    c  - used for p and q generation;
504	    d  - used for a generation.

506	6.4 GOST R 34.10-2001 public key algorithm parameters

508	   This table contains the list of proposed parameter sets for GOST R
509	   34.10-2001:

511	    GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
512	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
513	               id-GostR3410-2001-TestParamSet } |
514	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
515	               id-GostR3410-2001-CryptoPro-A-ParamSet  } |
516	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
517	               id-GostR3410-2001-CryptoPro-B-ParamSet  } |
518	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
519	               id-GostR3410-2001-CryptoPro-C-ParamSet  } |
520	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
521	               id-GostR3410-2001-CryptoPro-XchA-ParamSet  } |
522	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
523	               id-GostR3410-2001-CryptoPro-XchB-ParamSet  }
524	    }

526	   Identifier values can be found in Appendix.

528	   Parameters for GOST R 34.10-2001 are presented in the following form:

530	    GostR3410-2001-ParamSetParameters ::=
531	       SEQUENCE {
532	           abj CHOICE {
533	               ab SEQUENCE {
534	                   a       INTEGER,
535	                   b       INTEGER,
536	               },
537	               j       INTEGER,
538	           },
539	           p       INTEGER ,
540	           q       INTEGER ,
541	           x       INTEGER ,
542	           y       INTEGER
543	       }

545	    a, b - coefficients a and b of the elliptic curve E;
546	    j    - invariant;
547	    p    - prime number - elliptic curve modulus;
548	    q    - prime number - order of cyclic group;
549	    x, y - base point p coordinates.

551	7  Security Considerations

553	   Parameter values for using cryptographic algorithms affect rigidity
554	   of information protection system. It is RECCOMENDED, that software
555	   applications verify signature values, subject public keys and
556	   algorithm parameters to conform to [GOSTR34102001], [GOSTR341094]
557	   standards prior to their use.

559	   The algorithm parameters proposed hereby and described in this
560	   document, have been analyzed by special certification laboratory of
561	   Scientific and Technical Centre "ATLAS" and by Centre of
562	   Certificational Investigations in appropriate levels of
563	   target_of_evaluation (TOE).

565	   In case of different parameters usage, it is RECCOMENDED that they
566	   are to be examined by authorized agency with an approved methods of
567	   cryptographic analysis.

569	8  Appendix ASN.1 Modules

571	8.1  Gost28147-89-EncryptionSyntax

573	Gost28147-89-EncryptionSyntax
574	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
575	      other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 }
576	DEFINITIONS EXPLICIT TAGS ::=
577	BEGIN
578	-- EXPORTS All --
579	-- The types and values defined in this module are exported for
580	-- use in the other ASN.1 modules contained within the Russian
581	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
582	-- of other applications which will use them to access Russian
583	-- Cryptography services. Other applications may use them for
584	-- their own purposes, but this will not constrain extensions and
585	-- modifications needed to maintain or improve the Russian
586	-- Cryptography service.
587	    IMPORTS
588	        id-CryptoPro-algorithms, id-CryptoPro-encrypts,
589	        cryptographic-Gost-Useful-Definitions
590	        FROM Cryptographic-Gost-Useful-Definitions
591	            { iso(1) member-body(2) ru(643) rans(2)
592	              cryptopro(2) other(1) modules(1)
593	              cryptographic-Gost-Useful-Definitions(0) 1 }
594	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
595	        FROM Cryptographic-Gost-Useful-Definitions
596	             cryptographic-Gost-Useful-Definitions
597	    ;
598	  -- GOST 28147-89 OID
599	    id-Gost28147-89 OBJECT IDENTIFIER ::=
600	        { id-CryptoPro-algorithms gost28147-89(21) }
601	  -- GOST 28147-89 Cryptographic Parameter Sets OIDs
602	    id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::=
603	        { id-CryptoPro-encrypts test(0) }
604	    id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
605	        { id-CryptoPro-encrypts cryptopro-A(1) }
606	    id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
607	        { id-CryptoPro-encrypts cryptopro-B(2) }
608	    id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
609	        { id-CryptoPro-encrypts cryptopro-C(3) }
610	    id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
611	        { id-CryptoPro-encrypts cryptopro-D(4) }
612	    id-Gost28147-89-CryptoPro-Simple-A-ParamSet
613	        OBJECT IDENTIFIER ::=
614	           { id-CryptoPro-encrypts cryptopro-Simple-A(6) }
615	    id-Gost28147-89-CryptoPro-Simple-B-ParamSet
616	        OBJECT IDENTIFIER ::=
617	           { id-CryptoPro-encrypts cryptopro-Simple-B(7) }
618	    id-Gost28147-89-CryptoPro-Simple-C-ParamSet
619	        OBJECT IDENTIFIER ::=
620	           { id-CryptoPro-encrypts cryptopro-Simple-C(8) }
621	    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
622	        OBJECT IDENTIFIER ::=
623	           { id-CryptoPro-encrypts cryptopro-Simple-D(9) }
624	  -- GOST 28147-89 Types
625	    Gost28147-89-Data ::= OCTET STRING (SIZE (0..4294967294))
626	    Gost28147-89-EncryptedData ::=
627	        OCTET STRING (SIZE (0..4294967294))
628	    Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
629	    Gost28147-89-IV ::= OCTET STRING (SIZE (8))
630	    Gost28147-89-Key ::= OCTET STRING (SIZE (32))
631	    Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4))
632	    Gost28147-89-EncryptedKey ::=
633	        SEQUENCE {
634	            encryptedKey         Gost28147-89-Key,
635	            macKey               Gost28147-89-MAC (SIZE (4))
636	        }
637	  -- GOST 28147-89 encryption algorithm parameters
638	    Gost28147-89-Parameters ::=
639	        SEQUENCE {
640	            encryptionParamSet
641	          OBJECT IDENTIFIER (
642	              id-Gost28147-89-TestParamSet | -- Only for tests use
643	              id-Gost28147-89-CryptoPro-A-ParamSet |
644	              id-Gost28147-89-CryptoPro-B-ParamSet |
645	              id-Gost28147-89-CryptoPro-C-ParamSet |
646	              id-Gost28147-89-CryptoPro-D-ParamSet |
647	              id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
648	              id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
649	              id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
650	              id-Gost28147-89-CryptoPro-Simple-D-ParamSet
651	          ),
652	            iv                   Gost28147-89-IV
653	        }
654	    Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= {
655	        { Gost28147-89-Parameters IDENTIFIED BY
656	               id-Gost28147-89 }
657	    }
658	END -- Gost28147-89-EncryptionSyntax

660	8.2  Gost28147-89-ParamSetSyntax

662	Gost28147-89-ParamSetSyntax
663	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
664	      other(1) modules(1) gost28147-89-ParamSetSyntax(6) 1 }
665	DEFINITIONS EXPLICIT TAGS ::=
666	BEGIN
667	-- EXPORTS All --
668	-- The types and values defined in this module are exported for
669	-- use in the other ASN.1 modules contained within the Russian
670	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
671	-- of other applications which will use them to access Russian
672	-- Cryptography services. Other applications may use them for
673	-- their own purposes, but this will not constrain extensions and
674	-- modifications needed to maintain or improve the Russian
675	-- Cryptography service.
676	    IMPORTS
677	        id-CryptoPro-algorithms, id-CryptoPro-encrypts,
678	        gost28147-89-EncryptionSyntax,
679	        cryptographic-Gost-Useful-Definitions
680	        FROM Cryptographic-Gost-Useful-Definitions
681	            { iso(1) member-body(2) ru(643) rans(2)
682	              cryptopro(2) other(1) modules(1)
683	              cryptographic-Gost-Useful-Definitions(0) 1 }
684	        Gost28147-89-UZ,
685	        id-Gost28147-89-TestParamSet,
686	        id-Gost28147-89-CryptoPro-A-ParamSet,
687	        id-Gost28147-89-CryptoPro-B-ParamSet,
688	        id-Gost28147-89-CryptoPro-C-ParamSet,
689	        id-Gost28147-89-CryptoPro-D-ParamSet,
690	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
691	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
692	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
693	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
694	        FROM Gost28147-89-EncryptionSyntax
695	             gost28147-89-EncryptionSyntax
696	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
697	        FROM Cryptographic-Gost-Useful-Definitions
698	             cryptographic-Gost-Useful-Definitions
699	    ;
700	  -- GOST 28147-89 Cryptographic Parameters Set:
701	  -- algorithm & parameters
702	  -- OID for Parameters Set imported from
703	  -- Gost28147-89-EncryptionSyntax
704	    Gost28147-89-ParamSetParameters ::=
705	            SEQUENCE {
706	            eUZ          Gost28147-89-UZ,
707	            mode         INTEGER {
708	                   gost28147-89-OFB(0),
709	                   gost28147-89-CFB(1),
710	                        cryptoPro-CBC(2)
711	               },
712	            shiftBits    INTEGER { gost28147-89-block(64) },
713	            keyWrap      AlgorithmIdentifier {{
714	                   Gost28147-89-KeyWrapAlgorithms
715	               }},
716	            keyMix       AlgorithmIdentifier {{
717	                   Gost28147-89-KeyMixAlgorithms
718	               }}
719	        }
720	    Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
721	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
722	               id-Gost28147-89-TestParamSet  } |
723	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
724	               id-Gost28147-89-CryptoPro-A-ParamSet  } |
725	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
726	               id-Gost28147-89-CryptoPro-B-ParamSet  } |
727	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
728	               id-Gost28147-89-CryptoPro-C-ParamSet  } |
729	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
730	               id-Gost28147-89-CryptoPro-D-ParamSet  } |
731	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
732	               id-Gost28147-89-CryptoPro-Simple-A-ParamSet  } |
733	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
734	               id-Gost28147-89-CryptoPro-Simple-B-ParamSet  } |
735	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
736	               id-Gost28147-89-CryptoPro-Simple-C-ParamSet  } |
737	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
738	               id-Gost28147-89-CryptoPro-Simple-D-ParamSet  }
739	    }
740	    id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
741	        { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
742	    id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
743	        { id-CryptoPro-algorithms keyWrap(13) none(0) }
744	    Gost28147-89-KeyWrapAlgorithms  ALGORITHM-IDENTIFIER ::= {
745	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
746	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
747	    }
748	    id-Gost28147-89-CryptoPro-KeyMix  OBJECT IDENTIFIER ::=
749	        { id-CryptoPro-algorithms keyMix(14) cryptoPro(1) }
750	    id-Gost28147-89-None-KeyMix OBJECT IDENTIFIER ::=
751	        { id-CryptoPro-algorithms keyMix(14) none(0) }
752	    Gost28147-89-KeyMixAlgorithms  ALGORITHM-IDENTIFIER ::= {
753	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMix } |
754	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMix }
755	    }
756	  -- GOST 28147-89 Cryptographic Parameters Set: values
757	    -- Test Parameters Set
758	    gost28147-89-TestParamSetAI
759	        AlgorithmIdentifier {{
760	            Gost28147-89-ParamSetAlgorithms
761	        }} ::=
762	        {
763	            algorithm
764	          id-Gost28147-89-TestParamSet,
765	            parameters
766	          Gost28147-89-ParamSetParameters:{
767	              eUZ   '4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896
768	003970C798AA1D55DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB
769	03F22165B844D8'H,
770	                   mode  gost28147-89-OFB,
771	              shiftBits  64,
772	                   keyWrap
773	               { algorithm id-Gost28147-89-None-KeyWrap },
774	              keyMix
775	               { algorithm id-Gost28147-89-None-KeyMix }
776	          }
777	        }
778	    -- CryptoPro Parameters Sets
779	    gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::=
780	      -- K1 K2 K3 K4 K5 K6 K7 K8
781	      -- 9  3  E  E  B  3  1  B
782	      -- 6  7  4  7  5  A  D  A
783	      -- 3  E  6  A  1  D  2  F
784	      -- 2  9  2  C  9  C  9  5
785	      -- 8  8  B  D  8  1  7  0
786	      -- B  A  3  1  D  2  A  C
787	      -- 1  F  D  3  F  0  6  E
788	      -- 7  0  8  9  0  B  0  8
789	      -- A  5  C  0  E  7  8  6
790	      -- 4  2  F  2  4  5  C  2
791	      -- E  6  5  B  2  9  4  3
792	      -- F  C  A  4  3  4  5  9
793	      -- C  B  0  F  C  8  F  1
794	      -- 0  4  7  8  7  F  3  7
795	      -- D  D  1  5  A  E  B  D
796	      -- 5  1  9  6  6  6  E  4
797	        '93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70
798	890B08A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD51966
799	6E4'H
800	    gost28147-89-CryptoPro-A-ParamSetAI
801	        AlgorithmIdentifier {{
802	            Gost28147-89-ParamSetAlgorithms
803	        }} ::=
804	        {
805	            algorithm
806	          id-Gost28147-89-CryptoPro-A-ParamSet,
807	            parameters
808	          Gost28147-89-ParamSetParameters:{
809	              eUZ   gost28147-89-UZ-CryptoPro-A,
810	                   mode  gost28147-89-CFB,
811	                   shiftBits  64,
812	                   keyWrap
813	               { algorithm id-Gost28147-89-CryptoPro-KeyWrap },
814	              keyMix
815	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
816	          }
817	        }

819	    --
820	    gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::=
821	      -- K1 K2 K3 K4 K5 K6 K7 K8
822	      -- 8  0  E  7  2  8  5  0
823	      -- 4  1  C  5  7  3  2  4
824	      -- B  2  0  0  C  2  A  B
825	      -- 1  A  A  D  F  6  B  E
826	      -- 3  4  9  B  9  4  9  8
827	      -- 5  D  2  6  5  D  1  3
828	      -- 0  5  D  1  A  E  C  7
829	      -- 9  C  B  2  B  B  3  1
830	      -- 2  9  7  3  1  C  7  A
831	      -- E  7  5  A  4  1  4  2
832	      -- A  3  8  C  0  7  D  9
833	      -- C  F  F  F  D  F  0  6
834	      -- D  B  3  4  6  A  6  F
835	      -- 6  8  6  E  8  0  F  D
836	      -- 7  6  1  9  E  9  8  5
837	      -- F  E  4  8  3  5  E  C
838	        '80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79C
839	B2BB3129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE483
840	5EC'H
841	    gost28147-89-CryptoPro-B-ParamSetAI
842	        AlgorithmIdentifier {{
843	            Gost28147-89-ParamSetAlgorithms
844	        }} ::=
845	        {
846	            algorithm
847	          id-Gost28147-89-CryptoPro-B-ParamSet,
848	            parameters
849	          Gost28147-89-ParamSetParameters:{
850	              eUZ   gost28147-89-UZ-CryptoPro-B,
851	                   mode  gost28147-89-CFB,
852	                   shiftBits  64,
853	                   keyWrap
854	               { algorithm id-Gost28147-89-CryptoPro-KeyWrap },
855	              keyMix
856	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
857	          }
858	        }
859	    --
860	    gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::=
861	      -- K1 K2 K3 K4 K5 K6 K7 K8
862	      -- 1  0  8  3  8  C  A  7
863	      -- B  1  2  6  D  9  9  4
864	      -- C  7  5  0  B  B  6  0
865	      -- 2  D  0  1  0  1  8  5
866	      -- 9  B  4  5  4  8  D  A
867	      -- D  4  9  D  5  E  E  2
868	      -- 0  5  F  A  1  2  2  F
869	      -- F  2  A  8  2  4  0  E
870	      -- 4  8  3  B  9  7  F  C
871	      -- 5  E  7  2  3  3  3  6
872	      -- 8  F  C  9  C  6  5  1
873	      -- E  C  D  7  E  5  B  B
874	      -- A  9  6  E  6  A  4  D
875	      -- 7  A  E  F  F  0  1  9
876	      -- 6  6  1  C  A  F  C  3
877	      -- 3  3  B  4  7  D  7  8
878	        '10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2
879	A8240E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47
880	D78'H
881	    gost28147-89-CryptoPro-C-ParamSetAI
882	        AlgorithmIdentifier {{
883	            Gost28147-89-ParamSetAlgorithms
884	        }} ::=
885	        {
886	            algorithm
887	          id-Gost28147-89-CryptoPro-C-ParamSet,
888	            parameters
889	          Gost28147-89-ParamSetParameters:{
890	              eUZ   gost28147-89-UZ-CryptoPro-C,
891	                   mode  gost28147-89-CFB,
892	                   shiftBits  64,
893	                   keyWrap
894	               { algorithm id-Gost28147-89-CryptoPro-KeyWrap },
895	              keyMix
896	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
897	          }
898	        }
899	    --
900	    gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::=
901	      -- K1 K2 K3 K4 K5 K6 K7 K8
902	      -- F  B  1  1  0  8  3  1
903	      -- C  6  C  5  C  0  0  A
904	      -- 2  3  B  E  8  F  6  6
905	      -- A  4  0  C  9  3  F  8
906	      -- 6  C  F  A  D  2  1  F
907	      -- 4  F  E  7  2  5  E  B
908	      -- 5  E  6  0  A  E  9  0
909	      -- 0  2  5  D  B  B  2  4
910	      -- 7  7  A  6  7  1  D  C
911	      -- 9  D  D  2  3  A  8  3
912	      -- E  8  4  B  6  4  C  5
913	      -- D  0  8  4  5  7  4  9
914	      -- 1  5  9  9  4  C  B  7
915	      -- B  A  3  3  E  9  A  D
916	      -- 8  9  7  F  F  D  5  2
917	      -- 3  1  2  8  1  6  7  E'H
918	        'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE9002
919	5DBB2477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD5231281
920	67E'H
921	    gost28147-89-CryptoPro-D-ParamSetAI
922	        AlgorithmIdentifier {{
923	            Gost28147-89-ParamSetAlgorithms
924	        }} ::=
925	        {
926	            algorithm
927	          id-Gost28147-89-CryptoPro-D-ParamSet,
928	            parameters
929	          Gost28147-89-ParamSetParameters:{
930	              eUZ   gost28147-89-UZ-CryptoPro-D,
931	                   mode  gost28147-89-CFB,
932	                   shiftBits  64,
933	                   keyWrap
934	               { algorithm id-Gost28147-89-CryptoPro-KeyWrap },
935	              keyMix
936	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
937	          }
938	        }
939	    --
940	    gost28147-89-CryptoPro-Simple-A-ParamSetAI
941	        AlgorithmIdentifier {{
942	            Gost28147-89-ParamSetAlgorithms
943	        }} ::=
944	        {
945	            algorithm
946	          id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
947	            parameters
948	          Gost28147-89-ParamSetParameters:{
949	              eUZ   gost28147-89-UZ-CryptoPro-A,
950	                   mode  gost28147-89-CFB,
951	                   shiftBits  64,
952	                   keyWrap
953	               { algorithm id-Gost28147-89-None-KeyWrap },
954	              keyMix
955	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
956	          }
957	        }
958	    --
959	    gost28147-89-CryptoPro-Simple-B-ParamSetAI
960	        AlgorithmIdentifier {{
961	            Gost28147-89-ParamSetAlgorithms
962	        }} ::=
963	        {
964	            algorithm
965	          id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
966	            parameters
967	          Gost28147-89-ParamSetParameters:{
968	              eUZ   gost28147-89-UZ-CryptoPro-B,
969	                   mode  gost28147-89-CFB,
970	                   shiftBits  64,
971	                   keyWrap
972	               { algorithm id-Gost28147-89-None-KeyWrap },
973	              keyMix
974	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
975	          }
976	        }
977	    --
978	    gost28147-89-CryptoPro-Simple-C-ParamSetAI
979	        AlgorithmIdentifier {{
980	            Gost28147-89-ParamSetAlgorithms
981	        }} ::=
982	        {
983	            algorithm
984	          id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
985	            parameters
986	          Gost28147-89-ParamSetParameters:{
987	              eUZ   gost28147-89-UZ-CryptoPro-C,
988	                   mode  gost28147-89-CFB,
989	                   shiftBits  64,
990	                   keyWrap
991	               { algorithm id-Gost28147-89-None-KeyWrap },
992	              keyMix
993	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
994	          }
995	        }
996	    --
997	    gost28147-89-CryptoPro-Simple-D-ParamSetAI
998	        AlgorithmIdentifier {{
999	            Gost28147-89-ParamSetAlgorithms
1000	        }} ::=
1001	        {
1002	            algorithm
1003	          id-Gost28147-89-CryptoPro-Simple-D-ParamSet,
1004	            parameters
1005	          Gost28147-89-ParamSetParameters:{
1006	              eUZ   gost28147-89-UZ-CryptoPro-D,
1007	                   mode  gost28147-89-CFB,
1008	                   shiftBits  64,
1009	                   keyWrap
1010	               { algorithm id-Gost28147-89-None-KeyWrap },

1012	              keyMix
1013	               { algorithm id-Gost28147-89-CryptoPro-KeyMix }
1014	          }
1015	        }
1016	END -- Gost28147-89-ParamSetSyntax

1018	8.3  GostR3411-94-DigestSyntax

1020	GostR3411-94-DigestSyntax
1021	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1022	      other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 }
1023	DEFINITIONS ::=
1024	BEGIN
1025	-- EXPORTS All --
1026	-- The types and values defined in this module are exported for
1027	-- use in the other ASN.1 modules contained within the Russian
1028	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1029	-- of other applications which will use them to access Russian
1030	-- Cryptography services. Other applications may use them for
1031	-- their own purposes, but this will not constrain extensions and
1032	-- modifications needed to maintain or improve the Russian
1033	-- Cryptography service.
1034	    IMPORTS
1035	        id-CryptoPro-algorithms, id-CryptoPro-hashes,
1036	        gost28147-89-EncryptionSyntax,
1037	        cryptographic-Gost-Useful-Definitions
1038	        FROM Cryptographic-Gost-Useful-Definitions
1039	            { iso(1) member-body(2) ru(643) rans(2)
1040	              cryptopro(2) other(1) modules(1)
1041	              cryptographic-Gost-Useful-Definitions(0) 1 }
1042	        Gost28147-89-Data, Gost28147-89-UZ
1043	        FROM Gost28147-89-EncryptionSyntax
1044	             gost28147-89-EncryptionSyntax
1045	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1046	        FROM Cryptographic-Gost-Useful-Definitions
1047	             cryptographic-Gost-Useful-Definitions
1048	    ;
1049	  -- GOST R 34.11-94 OID
1050	    id-GostR3411-94 OBJECT IDENTIFIER ::=
1051	        { id-CryptoPro-algorithms gostR3411-94(9) }
1052	  -- GOST R 34.11-94 Cryptographic Parameters Set OIDs
1053	    id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::=
1054	        { id-CryptoPro-hashes test(0) }
1055	    id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::=
1056	        { id-CryptoPro-hashes cryptopro(1) }
1057	  -- GOST R 34.11-94 Data Types
1058	    GostR3411-94-Data ::= Gost28147-89-Data
1059	    GostR3411-94-Digest ::= OCTET STRING (SIZE (32))

1061	  -- GOST R 34.11-94 Digest Parameters & Algorithms
1062	    GostR3411-94-DigestParameters ::=
1063	        OBJECT IDENTIFIER (
1064	          id-GostR3411-94-TestParamSet |     -- Only for tests use
1065	          id-GostR3411-94-CryptoProParamSet
1066	        )
1067	    GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
1068	        { NULL IDENTIFIED BY id-GostR3411-94 } |
1069	          -- Assume id-GostR3411-94-CryptoProParamSet
1070	        { GostR3411-94-DigestParameters
1071	          IDENTIFIED BY id-GostR3411-94 }
1072	    }
1073	END -- GostR3411-94-DigestSyntax

1075	8.4  GostR3411-94-ParamSetSyntax

1077	GostR3411-94-ParamSetSyntax
1078	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1079	      other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 }
1080	DEFINITIONS ::=
1081	BEGIN
1082	-- EXPORTS All --
1083	-- The types and values defined in this module are exported for
1084	-- use in the other ASN.1 modules contained within the Russian
1085	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1086	-- of other applications which will use them to access Russian
1087	-- Cryptography services. Other applications may use them for
1088	-- their own purposes, but this will not constrain extensions and
1089	-- modifications needed to maintain or improve the Russian
1090	-- Cryptography service.
1091	    IMPORTS
1092	        id-CryptoPro-algorithms, id-CryptoPro-hashes,
1093	        gost28147-89-EncryptionSyntax,
1094	        gostR3411-94-DigestSyntax,
1095	        cryptographic-Gost-Useful-Definitions
1096	        FROM Cryptographic-Gost-Useful-Definitions
1097	            { iso(1) member-body(2) ru(643) rans(2)
1098	              cryptopro(2) other(1) modules(1)
1099	              cryptographic-Gost-Useful-Definitions(0) 1 }
1100	        Gost28147-89-UZ
1101	        FROM Gost28147-89-EncryptionSyntax
1102	             gost28147-89-EncryptionSyntax
1103	        id-GostR3411-94-TestParamSet,
1104	        id-GostR3411-94-CryptoProParamSet,
1105	        GostR3411-94-Digest
1106	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
1107	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1108	        FROM Cryptographic-Gost-Useful-Definitions
1109	             cryptographic-Gost-Useful-Definitions
1110	    ;
1111	  -- GOST R 34.11-94 Cryptographic Parameters Set:
1112	  -- algorithm & parameters
1113	  -- OID for Parameters Set imported from GostR3411-94-DigestSyntax
1114	    GostR3411-94-ParamSetParameters ::=
1115	        SEQUENCE {
1116	            hUZ Gost28147-89-UZ,    -- S-Box for digest
1117	            h0  GostR3411-94-Digest -- start digest value
1118	        }
1119	    GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
1120	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
1121	          id-GostR3411-94-TestParamSet
1122	        } |
1123	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
1124	          id-GostR3411-94-CryptoProParamSet
1125	        }
1126	    }
1127	    -- GOST R 34.11-94 Tests parameters set
1128	    -- (GOST R 34.11-94 Annex A. Test vector)
1129	    gostR3411TestParamSetAI AlgorithmIdentifier
1130	     {{ GostR3411-94-ParamSetAlgorithms }} ::=
1131	        {
1132	            algorithm
1133	          id-GostR3411-94-TestParamSet,
1134	            parameters
1135	          GostR3411-94-ParamSetParameters:{
1136	              hUZ
1137	                 -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
1138	                 -- 4   E   5   7   6   4   D   1
1139	                 -- A   B   8   D   C   B   B   F
1140	                 -- 9   4   1   A   7   A   4   D
1141	                 -- 2   C   D   1   1   0   1   0
1142	                 -- D   6   A   0   5   7   3   5
1143	                 -- 8   D   3   8   F   2   F   7
1144	                 -- 0   F   4   9   D   1   5   A
1145	                 -- E   A   2   F   8   D   9   4
1146	                 -- 6   2   E   E   4   3   0   9
1147	                 -- B   3   F   4   A   6   A   2
1148	                 -- 1   8   C   6   9   8   E   3
1149	                 -- C   1   7   C   E   5   7   E
1150	                 -- 7   0   6   B   0   9   6   6
1151	                 -- F   7   0   2   3   C   8   B
1152	                 -- 5   5   9   5   B   F   2   8
1153	                 -- 3   9   B   3   2   E   C   C
1154	                   '4E5764D1AB8DCBBF941A7A4D2CD11010D6A057358D38F2F7
1155	0F49D15AEA2F8D9462EE4309B3F4A6A218C698E3C17CE57E706B0966F7023C8B559
1156	5BF2839B32ECC'H,
1157	              h0   '000000000000000000000000000000000000000000000000
1158	0000000000000000'H
1159	          }
1160	        }
1161	    -- CryptoPro parameters
1162	    gostR3411CryptoProParamSetAI AlgorithmIdentifier
1163	    {{ GostR3411-94-ParamSetAlgorithms }} ::=
1164	        {
1165	            algorithm
1166	          id-GostR3411-94-CryptoProParamSet,
1167	            parameters
1168	          GostR3411-94-ParamSetParameters:{
1169	              hUZ
1170	                 -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
1171	                 -- A   5   7   4   7   7   D   1
1172	                 -- 4   F   F   A   6   6   E   3
1173	                 -- 5   4   C   7   4   2   4   A
1174	                 -- 6   0   E   C   B   4   1   9
1175	                 -- 8   2   9   0   9   D   7   5
1176	                 -- 1   D   4   F   C   9   0   B
1177	                 -- 3   B   1   2   2   F   5   4
1178	                 -- 7   9   0   8   A   0   A   F
1179	                 -- D   1   3   E   1   A   3   8
1180	                 -- C   7   B   1   8   1   C   6
1181	                 -- E   6   5   6   0   5   8   7
1182	                 -- 0   3   2   5   E   B   F   E
1183	                 -- 9   C   6   D   F   8   6   D
1184	                 -- 2   E   A   B   D   E   2   0
1185	                 -- B   A   8   9   3   C   9   2
1186	                 -- F   8   D   3   5   3   B   C
1187	                'A57477D14FFA66E354C7424A60ECB41982909D751D4FC90B3B122F5
1188	47908A0AFD13E1A38C7B181C6E65605870325EBFE9C6DF86D2EABDE20BA893C92F8
1189	D353BC'H,
1190	              h0   '000000000000000000000000000000000000000000000000
1191	0000000000000000'H
1192	          }
1193	        }
1194	END -- GostR3411-94-ParamSetSyntax

1196	8.5  GostR3410-94-PKISyntax

1198	GostR3410-94-PKISyntax
1199	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1200	      other(1) modules(1) gostR3410-94-PKISyntax(2) 1 }
1201	DEFINITIONS ::=
1202	BEGIN
1203	-- EXPORTS All --
1204	-- The types and values defined in this module are exported for
1205	-- use in the other ASN.1 modules contained within the Russian
1206	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1207	-- of other applications which will use them to access Russian
1208	-- Cryptography services. Other applications may use them for
1209	-- their own purposes, but this will not constrain extensions and
1210	-- modifications needed to maintain or improve the Russian
1211	-- Cryptography service.
1212	    IMPORTS
1213	        id-CryptoPro-algorithms,
1214	        id-CryptoPro-signs, id-CryptoPro-exchanges,
1215	        gost28147-89-EncryptionSyntax,
1216	        gostR3411-94-DigestSyntax,
1217	        cryptographic-Gost-Useful-Definitions
1218	        FROM Cryptographic-Gost-Useful-Definitions
1219	            { iso(1) member-body(2) ru(643) rans(2)
1220	              cryptopro(2) other(1) modules(1)
1221	              cryptographic-Gost-Useful-Definitions(0) 1 }
1222	        id-Gost28147-89-TestParamSet,
1223	        id-Gost28147-89-CryptoPro-A-ParamSet,
1224	        id-Gost28147-89-CryptoPro-B-ParamSet,
1225	        id-Gost28147-89-CryptoPro-C-ParamSet,
1226	        id-Gost28147-89-CryptoPro-D-ParamSet,
1227	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
1228	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
1229	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
1230	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1231	        FROM Gost28147-89-EncryptionSyntax
1232	             gost28147-89-EncryptionSyntax
1233	        id-GostR3411-94-TestParamSet,
1234	        id-GostR3411-94-CryptoProParamSet
1235	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
1236	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1237	        FROM Cryptographic-Gost-Useful-Definitions
1238	             cryptographic-Gost-Useful-Definitions
1239	    ;
1240	  -- GOST R 34.10-94 OIDs
1241	    id-GostR3410-94 OBJECT IDENTIFIER ::=
1242	        { id-CryptoPro-algorithms gostR3410-94(20) }
1243	    id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::=
1244	        { id-CryptoPro-algorithms
1245	          gostR3411-94-with-gostR3410-94(4) }
1246	  -- GOST R 34.10-94 Public Key Cryptographic Parameters Set OIDs
1247	    id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::=
1248	        { id-CryptoPro-signs test(0) }
1249	    id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
1250	        { id-CryptoPro-signs cryptopro-A(2) }
1251	    id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
1252	        { id-CryptoPro-signs cryptopro-B(3) }

1254	    id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
1255	        { id-CryptoPro-signs cryptopro-C(4) }
1256	    id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
1257	        { id-CryptoPro-signs cryptopro-D(5) }
1258	    id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::=
1259	        { id-CryptoPro-exchanges cryptopro-XchA(1) }
1260	    id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::=
1261	        { id-CryptoPro-exchanges cryptopro-XchB(2) }
1262	    id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::=
1263	        { id-CryptoPro-exchanges cryptopro-XchC(3) }
1264	  -- GOST R 34.10-94 Data Types
1265	    GostR3410-94-CertificateSignature ::=
1266	        BIT STRING ( SIZE(256..512) )
1267	    GostR3410-94-PublicKeyOctetString ::=
1268	        OCTET STRING ( SIZE(
1269	               64 | -- Only for tests use
1270	               128
1271	               ) )
1272	    GostR3410-94-PublicKey ::=
1273	        BIT STRING ( SIZE(16..1048) )
1274	               -- Container for GostR3410-94-PublicKeyOctetString
1275	    GostR3410-94-PublicKeyParameters ::=
1276	            SEQUENCE {
1277	            publicKeyParamSet
1278	          OBJECT IDENTIFIER (
1279	              id-GostR3410-94-TestParamSet | -- Only for tests use
1280	              id-GostR3410-94-CryptoPro-A-ParamSet |
1281	              id-GostR3410-94-CryptoPro-B-ParamSet |
1282	              id-GostR3410-94-CryptoPro-C-ParamSet |
1283	              id-GostR3410-94-CryptoPro-D-ParamSet |
1284	              id-GostR3410-94-CryptoPro-XchA-ParamSet |
1285	              id-GostR3410-94-CryptoPro-XchB-ParamSet |
1286	              id-GostR3410-94-CryptoPro-XchC-ParamSet
1287	          ),
1288	            digestParamSet
1289	          OBJECT IDENTIFIER (
1290	              id-GostR3411-94-TestParamSet | -- Only for tests use
1291	              id-GostR3411-94-CryptoProParamSet
1292	          ),
1293	            encryptionParamSet
1294	          OBJECT IDENTIFIER (
1295	              id-Gost28147-89-TestParamSet | -- Only for tests use
1296	              id-Gost28147-89-CryptoPro-A-ParamSet |
1297	              id-Gost28147-89-CryptoPro-B-ParamSet |
1298	              id-Gost28147-89-CryptoPro-C-ParamSet |
1299	              id-Gost28147-89-CryptoPro-D-ParamSet |
1300	              id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
1301	              id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
1302	              id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
1303	              id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1304	          ) OPTIONAL
1305	        }
1306	    GostR3410-94-PublicKeyAlgorithms  ALGORITHM-IDENTIFIER ::= {
1307	        { GostR3410-94-PublicKeyParameters IDENTIFIED BY
1308	               id-GostR3410-94 }
1309	    }
1310	    GostR3410-94-CertificateSignatureAlgorithms
1311	        ALGORITHM-IDENTIFIER ::= {
1312	          { NULL IDENTIFIED BY
1313	               id-GostR3411-94-with-GostR3410-94 } |
1314	          { GostR3410-94-PublicKeyParameters IDENTIFIED BY
1315	               id-GostR3411-94-with-GostR3410-94 }
1316	        }
1317	END -- GostR3410-94-PKISyntax

1319	8.6  GostR3410-94-ParamSetSyntax

1321	GostR3410-94-ParamSetSyntax
1322	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1323	      other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 }
1324	DEFINITIONS ::=
1325	BEGIN
1326	-- EXPORTS All --
1327	-- The types and values defined in this module are exported for
1328	-- use in the other ASN.1 modules contained within the Russian
1329	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1330	-- of other applications which will use them to access Russian
1331	-- Cryptography services. Other applications may use them for
1332	-- their own purposes, but this will not constrain extensions and
1333	-- modifications needed to maintain or improve the Russian
1334	-- Cryptography service.
1335	    IMPORTS
1336	        id-CryptoPro-algorithms,
1337	        id-CryptoPro-signs, id-CryptoPro-exchanges,
1338	        gostR3410-94-PKISyntax,
1339	        cryptographic-Gost-Useful-Definitions
1340	        FROM Cryptographic-Gost-Useful-Definitions
1341	            { iso(1) member-body(2) ru(643) rans(2)
1342	              cryptopro(2) other(1) modules(1)
1343	              cryptographic-Gost-Useful-Definitions(0) 1 }
1344	        id-GostR3410-94,
1345	        id-GostR3410-94-TestParamSet,
1346	        id-GostR3410-94-CryptoPro-A-ParamSet,
1347	        id-GostR3410-94-CryptoPro-B-ParamSet,
1348	        id-GostR3410-94-CryptoPro-C-ParamSet,
1349	        id-GostR3410-94-CryptoPro-D-ParamSet,
1350	        id-GostR3410-94-CryptoPro-XchA-ParamSet,
1351	        id-GostR3410-94-CryptoPro-XchB-ParamSet,
1352	        id-GostR3410-94-CryptoPro-XchC-ParamSet
1353	        FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax
1354	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1355	        FROM Cryptographic-Gost-Useful-Definitions
1356	             cryptographic-Gost-Useful-Definitions
1357	    ;
1358	  -- GOST R 34.10-94 Public Key Cryptographic Parameters Set:
1359	  -- algorithm & parameters
1360	  -- OID for Parameters Set imported from GostR3410-94-PKISyntax
1361	    GostR3410-94-ParamSetParameters ::=
1362	        SEQUENCE {
1363	            t    INTEGER (512 | 1024),  -- 512 - only for tests use
1364	            p    INTEGER (
1365	               167597599124282463744675312477573076593492072757404917221
1366	5445180465220503759193372100234287270862928461253982273310756356719
1367	235351493321243304206125760513
1368	               ..
1369	               134078079299425970995740249982058461274793658205923933777
1370	2356144372176403007354697680187429816690342769003185818648605085375
1371	3882811946569946433649006084095
1372	               |
1373	               112355820928894744233081574424314045851123561183894160795
1374	8938007235829223784381019579427983265047100132000711749196208485367
1375	4360550901038905802964414967132773610493339054092829768888725077880
1376	8824658176845053128605523844176464039300921195694088017023227094069
1377	17786643639996702871154982269052209770601514008577
1378	               ..
1379	               179769313486231590772930519078902473361797697894230657273
1380	4300811577326758055009631327084773224075360211201138798713933576587
1381	8976881441662249284743063947412437776789342486548527630221960124609
1382	4119453082952085005768838150682342462881473913110540827237163350510
1383	684586298239947245938479716304835356329624224137215
1384	               ),   -- 2^509 < p < 2^512 or 2^1020 < p < 2^1024
1385	            q       INTEGER (
1386	               289480223093290488558927462521719769633174961664101410098
1387	64396001978282409985
1388	               ..
1389	               115792089237316195423570985008687907853269984665640564039
1390	457584007913129639935
1391	               ),   -- 2^254 < q < 2^256
1392	            a       INTEGER (
1393	               2
1394	               ..
1395	               179769313486231590772930519078902473361797697894230657273
1396	4300811577326758055009631327084773224075360211201138798713933576587
1397	8976881441662249284743063947412437776789342486548527630221960124609
1398	4119453082952085005768838150682342462881473913110540827237163350510
1399	684586298239947245938479716304835356329624224137214
1400	               ),   -- 1 < a < p-1 < 2^1024-1
1401	            validationAlgorithm
1402	          AlgorithmIdentifier {{
1403	                    GostR3410-94-ValidationAlgorithms
1404	               }} OPTIONAL
1405	        }
1406	    GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
1407	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1408	               id-GostR3410-94-TestParamSet } |
1409	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1410	               id-GostR3410-94-CryptoPro-A-ParamSet  } |
1411	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1412	               id-GostR3410-94-CryptoPro-B-ParamSet  } |
1413	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1414	               id-GostR3410-94-CryptoPro-C-ParamSet  } |
1415	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1416	               id-GostR3410-94-CryptoPro-D-ParamSet  } |
1417	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1418	               id-GostR3410-94-CryptoPro-XchA-ParamSet  } |
1419	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1420	               id-GostR3410-94-CryptoPro-XchB-ParamSet  } |
1421	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1422	               id-GostR3410-94-CryptoPro-XchC-ParamSet  }
1423	    }
1424	  -- GOST R 34.10-94 validation/constructor
1425	    id-GostR3410-94-a         OBJECT IDENTIFIER ::=
1426	        { id-GostR3410-94 a(1) }
1427	    id-GostR3410-94-aBis OBJECT IDENTIFIER ::=
1428	        { id-GostR3410-94 aBis(2) }
1429	    id-GostR3410-94-b         OBJECT IDENTIFIER ::=
1430	        { id-GostR3410-94 b(3) }
1431	    id-GostR3410-94-bBis OBJECT IDENTIFIER ::=
1432	        { id-GostR3410-94 bBis(4) }
1433	    GostR3410-94-ValidationParameters ::=
1434	        SEQUENCE {
1435	            t    INTEGER (512 | 1024),  -- 512 - only for tests use
1436	            x0   INTEGER (0 .. 65535),
1437	            c    INTEGER (0 .. 65535),
1438	            d    INTEGER (
1439	               2
1440	               ..
1441	               179769313486231590772930519078902473361797697894230657273
1442	4300811577326758055009631327084773224075360211201138798713933576587
1443	8976881441662249284743063947412437776789342486548527630221960124609
1444	4119453082952085005768838150682342462881473913110540827237163350510
1445	684586298239947245938479716304835356329624224137214
1446	               )    -- 1 < d < p-1 < 2^1024-1
1447	               OPTIONAL
1448	        }
1449	    GostR3410-94-ValidationBisParameters ::=
1450	        SEQUENCE {
1451	            t    INTEGER (512 | 1024),  -- 512 - only for tests use
1452	            x0   INTEGER (0 .. 4294967295),
1453	            c    INTEGER (0 .. 4294967295),
1454	            d    INTEGER (
1455	               2
1456	               ..
1457	               179769313486231590772930519078902473361797697894230657273
1458	4300811577326758055009631327084773224075360211201138798713933576587
1459	8976881441662249284743063947412437776789342486548527630221960124609
1460	4119453082952085005768838150682342462881473913110540827237163350510
1461	684586298239947245938479716304835356329624224137214
1462	               )    -- 1 < d < p-1 < 2^1024-1
1463	               OPTIONAL
1464	        }
1465	    GostR3410-94-ValidationAlgorithms  ALGORITHM-IDENTIFIER ::= {
1466	        { GostR3410-94-ValidationParameters IDENTIFIED BY
1467	               id-GostR3410-94-a } |
1468	        { GostR3410-94-ValidationBisParameters IDENTIFIED BY
1469	               id-GostR3410-94-aBis } |
1470	        { GostR3410-94-ValidationParameters IDENTIFIED BY
1471	               id-GostR3410-94-b } |
1472	        { GostR3410-94-ValidationBisParameters IDENTIFIED BY
1473	               id-GostR3410-94-bBis }
1474	    }
1475	  -- GOST R 34.10-94 Keys Parameters sets
1476	    -- GOST R 34.10-94 Tests parameters set
1477	    -- (GOST R 34.10-94 Annex A. Test vector)
1478	    gostR3410-94-TestParamSetAI
1479	        AlgorithmIdentifier {{
1480	            GostR3410-94-ParamSetAlgorithm
1481	        }} ::=
1482	        {
1483	            algorithm
1484	          id-GostR3410-94-TestParamSet,
1485	            parameters
1486	          GostR3410-94-ParamSetParameters:{
1487	              t       512,
1488	              p       1249155479661639739200729184536168101998078908
1489	4728846304013646795466302633346425772369277064638881858428879662416
1490	202925770315709968465491470753112581700067,
1491	              q       6900839799123747821852952871175357885746435622
1492	1556536838757636132646301588781,
1493	              a       8305821956779628193852750508811757244889982632

1495	8218435214910357131733714685287987538317442674072307045274610623217
1496	32669034432746173786958142572929772413468,
1497	              validationAlgorithm {
1498	                   algorithm
1499	                    id-GostR3410-94-a,
1500	                   parameters
1501	                    GostR3410-94-ValidationParameters: {
1502	                        t       512,
1503	                        x0      24265,
1504	                        c       29505,
1505	                        d       2
1506	                       }
1507	                  }
1508	          }
1509	        }
1510	    -- CryptoPro parameters
1511	    gostR3410-94-CryptoPro-A-ParamSetAI
1512	        AlgorithmIdentifier {{
1513	            GostR3410-94-ParamSetAlgorithm
1514	        }} ::=
1515	        {
1516	            algorithm
1517	          id-GostR3410-94-CryptoPro-A-ParamSet,
1518	            parameters
1519	          GostR3410-94-ParamSetParameters:{
1520	              t       1024,
1521	              p       1270212482889324174659070427771764435257876535
1522	0891653581281750726570503126098509849742318833348340118092599999512
1523	0988934130659205614996724254121049274349357074920312769561451689224
1524	1105793112488126102296785346384016935200132889950003622606842227508
1525	13532307004517341633685004541062586971416883686778842537820383,
1526	              q       6836319614495570078444416561182725289510217088
1527	8761442055095051287550314083023,
1528	              a       1009979067550553047720818155359252248698410825
1529	7205345787482351587557714799052927277724415285269929879648335669968
1530	2842027972896052747173175480590485607134746852141928680912561502802
1531	2221856475391909026561163678472701450190667942909301854462163997308
1532	72221732889830323194097355403213400972588322876850946740663962,
1533	              validationAlgorithm {
1534	                   algorithm
1535	                    id-GostR3410-94-bBis,
1536	                   parameters
1537	                    GostR3410-94-ValidationBisParameters: {
1538	                        t       1024,
1539	                        x0      1376285941,
1540	                        c       3996757427
1541	                       }
1542	               }

1544	          }
1545	        }
1546	    --
1547	    gostR3410-94-CryptoPro-B-ParamSetAI
1548	        AlgorithmIdentifier {{
1549	            GostR3410-94-ParamSetAlgorithm
1550	        }} ::=
1551	        {
1552	            algorithm
1553	          id-GostR3410-94-CryptoPro-B-ParamSet,
1554	            parameters
1555	          GostR3410-94-ParamSetParameters:{
1556	              t       1024,
1557	              p       1394548711991158256014096551076907131070417070
1558	5992803179775800145437576535772298409412436852228823983303911468164
1559	8076688236921220737322672160740747771700911134550432053804647694904
1560	6861201130878162407401848004770471573366629262494235712488239685422
1561	21753660143391485680840520336859458494803187341288580489525163,
1562	              q       7988514166341097689762711893575632374730795191
1563	6507639758300472692338873533959,
1564	              a       4294182614861580414387344773795550239267234596
1565	8607143066798112994089471231420027060385216699563848719957657284814
1566	8989097707594626134376694563648827303708389347910808359326479767786
1567	0191534347440096103423131667257868692048219493287863336020338479709
1568	2684342247621055760235016132614780652761028509445403338652341,
1569	              validationAlgorithm {
1570	                   algorithm
1571	                    id-GostR3410-94-bBis,
1572	                   parameters
1573	                    GostR3410-94-ValidationBisParameters: {
1574	                        t       1024,
1575	                        x0      1536654555,
1576	                        c       1855361757,
1577	                        d
1578	   14408629386140014567655490293928205654785780
1579	2241461782996702017713059974755104394739915140611528479102443906273
1580	5788342744854120601660303926203867703556828005895720381811489539897
1581	6594425537561271800850306
1582	                       }
1583	                  }
1584	          }
1585	        }
1586	    --
1587	    gostR3410-94-CryptoPro-C-ParamSetAI
1588	        AlgorithmIdentifier {{
1589	            GostR3410-94-ParamSetAlgorithm
1590	        }} ::=
1591	        {
1592	            algorithm
1593	          id-GostR3410-94-CryptoPro-C-ParamSet,
1594	            parameters
1595	          GostR3410-94-ParamSetParameters:{
1596	              t       1024,
1597	              p       1106246792335119630405189524170170402485862954
1598	8198313837741963962985843959489706089561702242106285255603278638246
1599	7166554392976544029218447478930795186699928278807921929927011428546
1600	5514338758063771104435342935540667126530349962770993207157743542287
1601	62128367184370370914135017194504580505029177050363451780493801,
1602	              q       1134688611998193505648682333788751980432679477
1603	76488510997961231672532899549103,
1604	              a       8165527179708810160178931914153003482262544051
1605	3533581624682494676818766212834782128842865458440139551426222087723
1606	4850237228680222750095022248278662017444940216977164820083536398202
1607	2980248926204808986993355080643323135297253322088194568951085155178
1608	1002210034593705882910730711865530059621499368407371287108323,
1609	              validationAlgorithm {
1610	                   algorithm
1611	                    id-GostR3410-94-bBis,
1612	                   parameters
1613	                    GostR3410-94-ValidationBisParameters: {
1614	                        t       1024,
1615	                        x0      113275885,
1616	                        c       3037364845,
1617	                        d       9175906676429839327
1618	                       }
1619	                  }
1620	          }
1621	        }
1622	    --
1623	    gostR3410-94-CryptoPro-D-ParamSetAI
1624	        AlgorithmIdentifier {{
1625	            GostR3410-94-ParamSetAlgorithm
1626	        }} ::=
1627	        {
1628	            algorithm
1629	          id-GostR3410-94-CryptoPro-D-ParamSet,
1630	            parameters
1631	          GostR3410-94-ParamSetParameters:{
1632	              t       1024,
1633	              p       9054576496219299659042909587746253156113056083
1634	9073897669714048125244222625125560544746208559960915707867135849550
1635	2367419155841859906278010664658095100957847139898194138208715964648
1636	9144930534079207370788905204827306230388377677101736648382398574828
1637	7878912864712014604743266126978496936655180738644364978932149,
1638	              q       1089884357963535069123745914989721926201904875
1639	57619582334771735390599299211593,
1640	              a       7569766110217073017821287578016106280855283803
1641	1095711588295742814192085325890416600170178598582163414003714687551
1642	4127944005628789352666307543926770145985821033659831191739244732511
1643	2254647122523868033159027077276687153434760863504720252982827271461
1644	6901250506168582383843663310897774635410130339267237432548337,
1645	              validationAlgorithm {
1646	                   algorithm
1647	                    id-GostR3410-94-bBis,
1648	                   parameters
1649	                    GostR3410-94-ValidationBisParameters: {
1650	                        t       1024,
1651	                        x0      333089693,
1652	                        c       2699681355,
1653	                        d
1654	   69158877639013014811917446652402788947864438
1655	22142755842460366243252
1656	                       }
1657	                  }
1658	          }
1659	        }
1660	    --
1661	    gostR3410-94-CryptoPro-XchA-ParamSetAI
1662	        AlgorithmIdentifier {{
1663	            GostR3410-94-ParamSetAlgorithm
1664	        }} ::=
1665	        {
1666	            algorithm
1667	          id-GostR3410-94-CryptoPro-XchA-ParamSet,
1668	            parameters
1669	          GostR3410-94-ParamSetParameters:{
1670	              t       1024,
1671	              p       1420117415975634811963682860223180897432761383
1672	9524373876287257344192745939351271897363116607846760036084894662356
1673	7625795282774719212241929071046134208380636394084512691828894000571
1674	5246254452957693493567527289568315417754417631393844571917550968471
1675	07846595662547942312293338483924514339614727760681880609734239,
1676	              q       9177152989655460594558814901838275021729685839
1677	3520724172743325725474374979801,
1678	              a       1335318132727206734338595199483190012179423759
1679	6784748689948235959936964252873471246159040332773182141032801252925
1680	3871914788598993103310567744136196364803064721377826656898686468463
1681	2777101508094011826087702016153249904683329312949209127762411378780
1682	30224355746606283971659376426832674269780880061631528163475887,
1683	              validationAlgorithm {
1684	                   algorithm
1685	                    id-GostR3410-94-bBis,
1686	                   parameters
1687	                    GostR3410-94-ValidationBisParameters: {
1688	                        t       1024,
1689	                        x0      3495862036,
1690	                        c       1177570399,
1691	                        d
1692	   35478896102409188951396470647720832819623918
1693	6534141058228233456746622201867258017799725121699052644608624377641
1694	60334831107459
1695	                       }
1696	                  }
1697	          }
1698	        }
1699	    --
1700	    gostR3410-94-CryptoPro-XchB-ParamSetAI
1701	        AlgorithmIdentifier {{
1702	            GostR3410-94-ParamSetAlgorithm
1703	        }} ::=
1704	        {
1705	            algorithm
1706	          id-GostR3410-94-CryptoPro-XchB-ParamSet,
1707	            parameters
1708	          GostR3410-94-ParamSetParameters:{
1709	              t       1024,
1710	              p       1028946126624994859676552074360530315217970499
1711	9893048882484132448474923022758470167998871003604670704877377286176
1712	1712276940986331539089568784129110109512690503345393869871295783467
1713	2572648683417200196629860561193666752429682367397084815179752036423
1714	59573653368957392061769855284593965042530895046088067160269433,
1715	              q       9109671391802626916582318050603555673628769498
1716	1825930883887968885281641595199,
1717	              a       8890864727828423151699995801875757891031463338
1718	6525791400519736593048131440685857067369829407947744496306656291505
1719	5036082523994437900272386749145996230867832228661977543992816745254
1720	8232986298598753575466286051738837854736167685769017780335804511440
1721	7733371962538423532919394477873664752824509986617878992443177,
1722	              validationAlgorithm {
1723	                   algorithm
1724	                    id-GostR3410-94-bBis,
1725	                   parameters
1726	                    GostR3410-94-ValidationBisParameters: {
1727	                        t       1024,
1728	                        x0      2046851076,
1729	                        c       3541716983,
1730	                        d
1731	   57332667610989476056615969728891533566058787
1732	317492748441827236576904274546146
1733	                       }
1734	                  }
1735	          }

1737	        }
1738	    --
1739	    gostR3410-94-CryptoPro-XchC-ParamSetAI
1740	        AlgorithmIdentifier {{
1741	            GostR3410-94-ParamSetAlgorithm
1742	        }} ::=
1743	        {
1744	            algorithm
1745	          id-GostR3410-94-CryptoPro-XchC-ParamSet,
1746	            parameters
1747	          GostR3410-94-ParamSetParameters:{
1748	              t       1024,
1749	              p       1246996366993477513607147265794064436203408861
1750	3950559892172484557299870737698999651480662364723992859320868822848
1751	7511654383509433276647222625940615560580450040947211826027729977563
1752	5402371690630448079715771649447778447000597419032457722226253269698
1753	37444652835352729304393746106576383349151001715930924115499549,
1754	              q       6787876137336591234380295020065682527118129468
1755	0501479431146754294748422492761,
1756	              a       4430618464297584182473135030809859326863990650
1757	1189417569952700748609973181426950235239623239110557450826919295792
1758	8789387521018677047181623251027516953100431855964837602657827828194
1759	2496055618936965865325513137194483136247773653468410118796740709840
1760	8254969979375560722345106704721086025979309968763193072908334,
1761	              validationAlgorithm {
1762	                   algorithm
1763	                    id-GostR3410-94-bBis,
1764	                   parameters
1765	                    GostR3410-94-ValidationBisParameters: {
1766	                        t       1024,
1767	                        x0      371898640,
1768	                        c       2482514131,
1769	                        d
1770	   39341170171309491894611690922945474002657559
1771	0650016887148241594213466186452691964676993
1772	                       }
1773	                  }
1774	          }
1775	        }
1776	END -- GostR3410-94-ParamSetSyntax

1778	8.7  GostR3410-2001-PKISyntax

1780	GostR3410-2001-PKISyntax
1781	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1782	      other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 }
1783	DEFINITIONS ::=
1784	BEGIN
1785	-- EXPORTS All --
1786	-- The types and values defined in this module are exported for
1787	-- use in the other ASN.1 modules contained within the Russian
1788	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1789	-- of other applications which will use them to access Russian
1790	-- Cryptography services. Other applications may use them for
1791	-- their own purposes, but this will not constrain extensions and
1792	-- modifications needed to maintain or improve the Russian
1793	-- Cryptography service.
1794	    IMPORTS
1795	        id-CryptoPro-algorithms,
1796	        id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
1797	        gost28147-89-EncryptionSyntax,
1798	        gostR3411-94-DigestSyntax,
1799	        cryptographic-Gost-Useful-Definitions
1800	        FROM Cryptographic-Gost-Useful-Definitions
1801	            { iso(1) member-body(2) ru(643) rans(2)
1802	              cryptopro(2) other(1) modules(1)
1803	              cryptographic-Gost-Useful-Definitions(0) 1 }
1804	        id-Gost28147-89-TestParamSet,
1805	        id-Gost28147-89-CryptoPro-A-ParamSet,
1806	        id-Gost28147-89-CryptoPro-B-ParamSet,
1807	        id-Gost28147-89-CryptoPro-C-ParamSet,
1808	        id-Gost28147-89-CryptoPro-D-ParamSet,
1809	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
1810	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
1811	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
1812	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1813	        FROM Gost28147-89-EncryptionSyntax
1814	             gost28147-89-EncryptionSyntax
1815	        id-GostR3411-94-TestParamSet,
1816	        id-GostR3411-94-CryptoProParamSet
1817	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
1818	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1819	        FROM Cryptographic-Gost-Useful-Definitions
1820	             cryptographic-Gost-Useful-Definitions
1821	    ;
1822	  -- GOST R 34.10-2001 OIDs
1823	    id-GostR3410-2001 OBJECT IDENTIFIER ::=
1824	        { id-CryptoPro-algorithms gostR3410-2001(19) }
1825	    id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::=
1826	        { id-CryptoPro-algorithms
1827	          gostR3411-94-with-gostR3410-2001(3) }
1828	  -- GOST R 34.10-2001 Public Key Cryptographic Parameters Set OIDs
1829	    id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::=
1830	        { id-CryptoPro-ecc-signs test(0) }
1831	    id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
1832	        { id-CryptoPro-ecc-signs cryptopro-A(1) }

1834	    id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
1835	        { id-CryptoPro-ecc-signs cryptopro-B(2) }
1836	    id-GostR3410-2001-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
1837	        { id-CryptoPro-ecc-signs cryptopro-C(3) }
1838	    id-GostR3410-2001-CryptoPro-XchA-ParamSet
1839	        OBJECT IDENTIFIER ::=
1840	          { id-CryptoPro-ecc-exchanges cryptopro-XchA(0) }
1841	    id-GostR3410-2001-CryptoPro-XchB-ParamSet
1842	        OBJECT IDENTIFIER ::=
1843	          { id-CryptoPro-ecc-exchanges cryptopro-XchB(1) }
1844	  -- GOST R 34.10-2001 Data Types
1845	    GostR3410-2001-CertificateSignature ::=
1846	        BIT STRING ( SIZE(256..512) )
1847	    GostR3410-2001-PublicKeyOctetString ::=
1848	        OCTET STRING ( SIZE(64) )
1849	    GostR3410-2001-PublicKey ::=
1850	        BIT STRING ( SIZE(16..524) )
1851	               -- Container for GostR3410-2001-PublicKeyOctetString
1852	    GostR3410-2001-PublicKeyParameters ::=
1853	            SEQUENCE {
1854	            publicKeyParamSet
1855	          OBJECT IDENTIFIER (
1856	              id-GostR3410-2001-TestParamSet |    -- Only for tests use
1857	              id-GostR3410-2001-CryptoPro-A-ParamSet |
1858	              id-GostR3410-2001-CryptoPro-B-ParamSet |
1859	              id-GostR3410-2001-CryptoPro-C-ParamSet |
1860	              id-GostR3410-2001-CryptoPro-XchA-ParamSet |
1861	              id-GostR3410-2001-CryptoPro-XchB-ParamSet
1862	          ),
1863	            digestParamSet
1864	          OBJECT IDENTIFIER (
1865	              id-GostR3411-94-TestParamSet | -- Only for tests use
1866	              id-GostR3411-94-CryptoProParamSet
1867	          ),
1868	            encryptionParamSet
1869	          OBJECT IDENTIFIER (
1870	              id-Gost28147-89-TestParamSet | -- Only for tests use
1871	              id-Gost28147-89-CryptoPro-A-ParamSet |
1872	              id-Gost28147-89-CryptoPro-B-ParamSet |
1873	              id-Gost28147-89-CryptoPro-C-ParamSet |
1874	              id-Gost28147-89-CryptoPro-D-ParamSet |
1875	              id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
1876	              id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
1877	              id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
1878	              id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1879	          ) OPTIONAL
1880	        }
1881	    GostR3410-2001-PublicKeyAlgorithms  ALGORITHM-IDENTIFIER ::= {
1882	        { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
1883	               id-GostR3410-2001 }
1884	    }
1885	    GostR3410-2001-CertificateSignatureAlgorithms
1886	        ALGORITHM-IDENTIFIER ::= {
1887	          { NULL IDENTIFIED BY
1888	               id-GostR3411-94-with-GostR3410-2001 } |
1889	          { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
1890	               id-GostR3411-94-with-GostR3410-2001 }
1891	      }
1892	END -- GostR3410-2001-PKISyntax

1894	8.8  GostR3410-2001-ParamSetSyntax

1896	GostR3410-2001-ParamSetSyntax
1897	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1898	      other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 }
1899	DEFINITIONS ::=
1900	BEGIN
1901	-- EXPORTS All --
1902	-- The types and values defined in this module are exported for
1903	-- use in the other ASN.1 modules contained within the Russian
1904	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1905	-- of other applications which will use them to access Russian
1906	-- Cryptography services. Other applications may use them for
1907	-- their own purposes, but this will not constrain extensions and
1908	-- modifications needed to maintain or improve the Russian
1909	-- Cryptography service.
1910	    IMPORTS
1911	        id-CryptoPro-algorithms,
1912	        id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
1913	        gostR3410-2001-PKISyntax,
1914	        cryptographic-Gost-Useful-Definitions
1915	        FROM Cryptographic-Gost-Useful-Definitions
1916	            { iso(1) member-body(2) ru(643) rans(2)
1917	              cryptopro(2) other(1) modules(1)
1918	              cryptographic-Gost-Useful-Definitions(0) 1 }
1919	        id-GostR3410-2001,
1920	        id-GostR3410-2001-TestParamSet,
1921	        id-GostR3410-2001-CryptoPro-A-ParamSet,
1922	        id-GostR3410-2001-CryptoPro-B-ParamSet,
1923	        id-GostR3410-2001-CryptoPro-C-ParamSet,
1924	        id-GostR3410-2001-CryptoPro-XchA-ParamSet,
1925	        id-GostR3410-2001-CryptoPro-XchB-ParamSet
1926	        FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax
1927	        AlgorithmIdentifier, ALGORITHM-IDENTIFIER
1928	        FROM Cryptographic-Gost-Useful-Definitions
1929	             cryptographic-Gost-Useful-Definitions

1931	    ;
1932	    GostR3410-2001-ParamSetParameters ::=
1933	        SEQUENCE {
1934	            a       INTEGER (
1935	               1
1936	                  ..
1937	               115792089237316195423570985008687907853269984665640564039
1938	457584007913129639935
1939	               ),   -- 0 < a < p < 2^256
1940	            b       INTEGER (
1941	               1
1942	                  ..
1943	               115792089237316195423570985008687907853269984665640564039
1944	457584007913129639935
1945	               ),   -- 0 < b < p < 2^256
1946	            p       INTEGER (
1947	               289480223093290488558927462521719769633174961664101410098
1948	64396001978282409985
1949	               ..
1950	               115792089237316195423570985008687907853269984665640564039
1951	457584007913129639935
1952	               ),   -- 2^254 < p < 2^256
1953	            q       INTEGER (
1954	               289480223093290488558927462521719769633174961664101410098
1955	64396001978282409985
1956	               ..
1957	               115792089237316195423570985008687907853269984665640564039
1958	457584007913129639935
1959	               ),   -- 2^254 < q < 2^256
1960	            x       INTEGER (0
1961	                  ..
1962	               115792089237316195423570985008687907853269984665640564039
1963	457584007913129639935
1964	               ),   -- 0 < x < p < 2^256
1965	            y       INTEGER (0
1966	                  ..
1967	               115792089237316195423570985008687907853269984665640564039
1968	457584007913129639935
1969	               )    -- 0 < y < p < 2^256
1970	        }
1971	  -- GOST R 34.10-2001 Public Key Cryptographic Parameters Set:
1972	  -- algorithm & parameters
1973	  -- OID for Parameters Set imported from GostR3410-2001-PKISyntax
1974	    GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
1975	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1976	               id-GostR3410-2001-TestParamSet } |
1977	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1978	               id-GostR3410-2001-CryptoPro-A-ParamSet  } |

1980	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1981	               id-GostR3410-2001-CryptoPro-B-ParamSet  } |
1982	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1983	               id-GostR3410-2001-CryptoPro-C-ParamSet  } |
1984	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1985	               id-GostR3410-2001-CryptoPro-XchA-ParamSet  } |
1986	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
1987	               id-GostR3410-2001-CryptoPro-XchB-ParamSet  }
1988	    }
1989	    gostR3410-2001-TestParamSet
1990	        AlgorithmIdentifier {{
1991	            GostR3410-2001-ParamSetAlgorithm
1992	        }} ::=
1993	        {
1994	            algorithm
1995	          id-GostR3410-2001-TestParamSet,
1996	            parameters
1997	          GostR3410-2001-ParamSetParameters:{
1998	              a   7,
1999	              b   43308876546767276905765904595650931995942111794451
2000	039583252968842033849580414,
2001	                        -- 5FBFF498AA938CE739B8E022FBAFEF40563F6E6A
2002	3472FC2A514C0CE9DAE23B7E
2003	              p   57896044618658097711785492504343953926634992332820
2004	282019728792003956564821041,
2005	                  -- 80000000000000000000000000000000000000000000000
2006	00000000000000431
2007	              q   57896044618658097711785492504343953927082934583725
2008	450622380973592137631069619,
2009	                        -- 8000000000000000000000000000000150FE8A18
2010	92976154C59CFC193ACCF5B3
2011	              x   2,
2012	              y   40189740565903750333544942293705977563573938990554
2013	5080690979365213431566280
2014	                  -- 8E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA26712
2015	2B96ABBCEA7E8FC8
2016	          }
2017	        }
2018	    gostR3410-2001-CryptoPro-A-ParamSet
2019	        AlgorithmIdentifier {{
2020	            GostR3410-2001-ParamSetAlgorithm
2021	        }} ::=
2022	        {
2023	            algorithm
2024	          id-GostR3410-2001-CryptoPro-A-ParamSet,
2025	            parameters
2026	          GostR3410-2001-ParamSetParameters:{
2027	              a   11579208923731619542357098500868790785326998466564

2029	0564039457584007913129639316,
2030	               -- -3 == p - 3
2031	              b   166,
2032	                        -- a6
2033	              p   11579208923731619542357098500868790785326998466564
2034	0564039457584007913129639319,
2035	                  -- fffffffffffffffffffffffffffffffffffffffffffffff
2036	ffffffffffffffd97
2037	              q   11579208923731619542357098500868790785307376290849
2038	9243225378155805079068850323,
2039	                        -- ffffffffffffffffffffffffffffffff6c611070
2040	995ad10045841b09b761b893
2041	              x   1,
2042	              y   64033881142927202683649881450433473985931760268884
2043	941288852745803908878638612
2044	                  -- 8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b
2045	122acc99c9e9f1e14
2046	          }
2047	        }
2048	    gostR3410-2001-CryptoPro-B-ParamSet
2049	        AlgorithmIdentifier {{
2050	            GostR3410-2001-ParamSetAlgorithm
2051	        }} ::=
2052	        {
2053	            algorithm
2054	          id-GostR3410-2001-CryptoPro-B-ParamSet,
2055	            parameters
2056	          GostR3410-2001-ParamSetParameters:{
2057	              a   57896044618658097711785492504343953926634992332820
2058	282019728792003956564823190,
2059	               -- -3 == p - 3
2060	              b   28091019353058090096996979000309560759124368558014
2061	865957655842872397301267595,
2062	                  -- 3e1af419a269a5f866a7d3c25c3df80ae979259373ff2b1
2063	82f49d4ce7e1bbc8b
2064	              p   57896044618658097711785492504343953926634992332820
2065	282019728792003956564823193,
2066	                  -- 80000000000000000000000000000000000000000000000
2067	00000000000000c99
2068	              q   57896044618658097711785492504343953927102133160255
2069	826820068844496087732066703,
2070	                        -- 800000000000000000000000000000015f700cff
2071	f1a624e5e497161bcc8a198f
2072	              x   1,
2073	              y   28792665814854611296992347458380284135028636778229
2074	113005756334730996303888124
2075	                  -- 3fa8124359f96680b83d1c3eb2c070e5c545c9858d03ecf
2076	b744bf8d717717efc
2077	          }
2078	        }
2079	    gostR3410-2001-CryptoPro-C-ParamSet
2080	        AlgorithmIdentifier {{
2081	            GostR3410-2001-ParamSetAlgorithm
2082	        }} ::=
2083	        {
2084	            algorithm
2085	          id-GostR3410-2001-CryptoPro-C-ParamSet,
2086	            parameters
2087	          GostR3410-2001-ParamSetParameters:{
2088	              a   70390085352083305199547718019018437841079516630045
2089	180471284346843705633502616,
2090	               -- -3 == p - 3
2091	              b   32858,
2092	                        -- 805a
2093	              p   70390085352083305199547718019018437841079516630045
2094	180471284346843705633502619,
2095	                  -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d
2096	37998f7b9022d759b
2097	              q   70390085352083305199547718019018437840920882647164
2098	081035322601458352298396601,
2099	                        -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
2100	1eddfb74f02f3a6598980bb9
2101	              x   0,
2102	              y   29818893917731240733471273240314769927240550812383
2103	695689146495261604565990247
2104	                  -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8
2105	f366e550dfdb3bb67
2106	          }
2107	        }
2108	    gostR3410-2001-CryptoPro-ExA-ParamSet
2109	        AlgorithmIdentifier {{
2110	            GostR3410-2001-ParamSetAlgorithm
2111	        }} ::=
2112	        {
2113	            algorithm
2114	          id-GostR3410-2001-CryptoPro-XchA-ParamSet,
2115	            parameters
2116	          GostR3410-2001-ParamSetParameters:{
2117	              a   11579208923731619542357098500868790785326998466564
2118	0564039457584007913129639316,
2119	               -- -3 == p - 3
2120	              b   166,
2121	                        -- a6
2122	              p   11579208923731619542357098500868790785326998466564
2123	0564039457584007913129639319,
2124	                  -- fffffffffffffffffffffffffffffffffffffffffffffff

2126	ffffffffffffffd97
2127	              q   11579208923731619542357098500868790785307376290849
2128	9243225378155805079068850323,
2129	                        -- ffffffffffffffffffffffffffffffff6c611070
2130	995ad10045841b09b761b893
2131	              x   1,
2132	              y   64033881142927202683649881450433473985931760268884
2133	941288852745803908878638612
2134	                  -- 8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b
2135	122acc99c9e9f1e14
2136	          }
2137	        }
2138	    gostR3410-2001-CryptoPro-ExB-ParamSet
2139	        AlgorithmIdentifier {{
2140	            GostR3410-2001-ParamSetAlgorithm
2141	        }} ::=
2142	        {
2143	            algorithm
2144	          id-GostR3410-2001-CryptoPro-XchB-ParamSet,
2145	            parameters
2146	          GostR3410-2001-ParamSetParameters:{
2147	              a   70390085352083305199547718019018437841079516630045
2148	180471284346843705633502616,
2149	               -- -3 == p - 3
2150	              b   32858,
2151	                  -- 805a
2152	              p   70390085352083305199547718019018437841079516630045
2153	180471284346843705633502619,
2154	                  -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d
2155	37998f7b9022d759b
2156	              q   70390085352083305199547718019018437840920882647164
2157	081035322601458352298396601,
2158	                        -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
2159	1eddfb74f02f3a6598980bb9
2160	              x   0,
2161	              y   29818893917731240733471273240314769927240550812383
2162	695689146495261604565990247
2163	                  -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8
2164	f366e550dfdb3bb67
2165	          }
2166	        }
2167	END -- GostR3410-2001-ParamSetSyntax

2169	9  References

2171	   [GOST28147]     "Cryptographic Protection for Data Processing Sys-
2172	                   tem", GOST 28147-89, Gosudarstvennyi Standard of
2173	                   USSR, Government Committee of the USSR for Standards,
2174	                   1989. (In Russian);

2176	   [GOSTR341094]   "Information technology. Cryptographic Data Security.
2177	                   Produce and check procedures of Electronic Digital
2178	                   Signatures based on Asymmetric Cryptographic Algo-
2179	                   rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of
2180	                   Russian Federation, Government Committee of the Rus-
2181	                   sia for Standards, 1994. (In Russian);

2183	   [GOSTR34102001] "Information technology. Cryptographic data security.
2184	                   Signature and verification processes of [electronic]
2185	                   digital signature.", GOST R 34.10-2001, Gosudarstven-
2186	                   nyi Standard of Russian Federation, Government Com-
2187	                   mittee of the Russia for Standards, 2001. (In Rus-
2188	                   sian);

2190	   [GOSTR341194]   "Information technology. Cryptographic Data Security.
2191	                   Hashing function.", GOST R 34.11-94, Gosudarstvennyi
2192	                   Standard of Russian Federation, Government Committee
2193	                   of the Russia for Standards, 1994. (In Russian);

2195	   [Schneier95]    B.   Schneier, Applied cryptography, second edition,
2196	                   John Wiley & Sons, Inc., 1995;

2198	   [X.660]         ITU-T Recommendation X.660 Information Technology -
2199	                   ASN.1 encoding rules: Specification of Basic Encoding
2200	                   Rules (BER), Canonical Encoding Rules (CER) and Dis-
2201	                   tinguished Encoding Rules (DER), 1997.

2203	   [RFC 2119]      Bradner, S., "Key Words for Use in RFCs to Indi-
2204	                   cateRequirement Levels", BCP 14, RFC 2119, March
2205	                   1997.

2207	   [HMAC]          H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-
2208	                   Hashing for Message Authentication", RFC 2104  Febru-
2209	                   ary 1997.

2211	   [TLS]           The TLS Protocol Version 1.0.  T.  Dierks, C.  Allen.
2212	                   January 1999, RFC 2246.

2214	10 Acknowledgments

2216	   This document was created in accordance with "Russian Cryptographic
2217	   Software Compatibility Agreement", signed by FGUE STC "Atlas",
2218	   CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
2219	   Cryptocom, R-Alpha.  The aim of this agreement is to achieve mutual
2220	   compatibility of the products and solutions.

2222	   The authors wish to thank:

2224	      Microsoft Corporation Russia for provided information about
2225	      company products and solutions, and also for technical consulting
2226	      in PKI.

2228	      RSA Security Russia and Demos Co Ltd for active collaboration and
2229	      critical help in creation of this document.

2231	      Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and
2232	      Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative,
2233	      creating this document.

2235	   This document is based on a contribution of CRYPTO-PRO Company.  Any
2236	   substantial use of the text from this document must acknowledge
2237	   CRYPTO-PRO.  CRYPTO-PRO requests that all material mentioning or
2238	   referencing this document identify this as "CRYPTO-PRO CPALGS".

2240	Author's Addresses

2242	   Vladimir Popov
2243	   CRYPTO-PRO
2244	   38, Obraztsova,
2245	   Moscow, 127018, Russian Federation
2246	   EMail: vpopov@cryptopro.ru

2248	   Igor Kurepkin
2249	   CRYPTO-PRO
2250	   38, Obraztsova,
2251	   Moscow, 127018, Russian Federation
2252	   EMail: kure@cryptopro.ru

2254	   Serguei Leontiev
2255	   CRYPTO-PRO
2256	   38, Obraztsova,
2257	   Moscow, 127018, Russian Federation
2258	   EMail: lse@cryptopro.ru

2260	   Grigorij Chudov
2261	   CRYPTO-PRO
2262	   38, Obraztsova,
2263	   Moscow, 127018, Russian Federation
2264	   EMail: chudov@cryptopro.ru

2266	   Alexandr Afanasiev
2267	   Factor-TC
2268	   office 711, 14, Presnenskij val,
2269	   Moscow, 123557, Russian Federation
2270	   EMail: aaaf@factor-ts.ru

2272	   Nikolaj Nikishin
2273	   Infotecs GmbH
2274	   p/b 35, 80-5, Leningradskij prospekt,
2275	   Moscow, 125315, Russian Federation
2276	   EMail: nikishin@infotecs.ru

2278	   Boleslav Izotov
2279	   FGUE STC "Atlas"
2280	   38, Obraztsova,
2281	   Moscow, 127018, Russian Federation
2282	   EMail: izotov@stcnet.ru

2284	   Elena Minaeva
2285	   MD PREI
2286	   build 3, 6A, Vtoroj Troitskij per.,
2287	   Moscow, Russian Federation
2288	   EMail: evminaeva@mo.msk.ru

2290	   Serguei Murugov
2291	   R-Alpha
2292	   4/1, Raspletina,
2293	   Moscow, 123060, Russian Federation
2294	   EMail: msm@office.ru

2296	   Igori Ustinov
2297	   Cryptocom
2298	   office 239, 51, Leninskij prospekt,
2299	   Moscow, 119991, Russian Federation
2300	   EMail: igus@cryptocom.ru

2302	   Anatolij Erkin
2303	   SPRCIS (SPbRCZI)
2304	   1, Obrucheva,
2305	   St.Petersburg, 195220, Russian Federation
2306	   EMail: erkin@nevsky.net

2308	Full Copyright Statement
2309	   Copyright (C) The Internet Society (2004).  All Rights Reserved.

2311	   This document and translations of it may be copied and furnished to
2312	   others, and derivative works that comment on or otherwise explain it
2313	   or assist in its implementation may be prepared, copied, published
2314	   and distributed, in whole or in part, without restriction of any
2315	   kind, provided that the above copyright notice and this paragraph are
2316	   included on all such copies and derivative works.  However, this
2317	   document itself may not be modified in any way, such as by removing
2318	   the copyright notice or references to the Internet Society or other
2319	   Internet organizations, except as needed for the purpose of
2320	   developing Internet standards in which case the procedures for
2321	   copyrights defined in the Internet Standards process must be
2322	   followed, or as required to translate it into languages other than
2323	   English.

2325	   The limited permissions granted above are perpetual and will not be
2326	   revoked by the Internet Society or its successors or assigns.

2328	   This document and the information contained herein is provided on an
2329	   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
2330	   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
2331	   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
2332	   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
2333	   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.