idnits 2.17.00 (12 Aug 2021)

/tmp/idnits24421/draft-popov-cryptopro-cpalgs-01.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  == Line 706 has weird spacing: '...modules  gostR...'

  == Line 712 has weird spacing: '...modules  gostR...'

  == Line 716 has weird spacing: '...modules  gostR...'

  == The document seems to lack the recommended RFC 2119 boilerplate, even if
     it appears to use RFC 2119 keywords. 

     (The document does seem to have the reference to RFC 2119 which the
     ID-Checklist requires).
  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (March 31, 2004) is 6624 days in the past.  Is this
     intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

  -- Looks like a reference, but probably isn't: '0' on line 825

  -- Looks like a reference, but probably isn't: '1' on line 382

  -- Looks like a reference, but probably isn't: '7' on line 378

  -- Looks like a reference, but probably isn't: '8' on line 393

  == Missing Reference: 'GOST341194' is mentioned on line 507, but not defined

  ** Obsolete normative reference: RFC 2246 (ref. 'TLS') (Obsoleted by RFC
     4346)


     Summary: 5 errors (**), 0 flaws (~~), 6 warnings (==), 6 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------

1	Internet Draft                               Vladimir Popov, CRYPTO-PRO
2	                                              Igor Kurepkin, CRYPTO-PRO
3	Expires September 30, 2004                 Serguei Leontiev, CRYPTO-PRO
4	Intended Category: Informational                         March 31, 2004

6	      Additional cryptographic algorithms for use with GOST 28147-89,
7	    GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algorithms.

9	                   <draft-popov-cryptopro-cpalgs-01.txt>

11	Status of this Memo

13	   This document is an Internet-Draft and is subject to all provisions
14	   of Section 10 of RFC2026.

16	   Internet-Drafts are working documents of the Internet Engineering
17	   Task Force (IETF), its areas, and its working groups.  Note that
18	   other groups may also distribute working documents as Internet-
19	   Drafts.

21	   Internet-Drafts are draft documents valid for a maximum of six months
22	   and may be updated, replaced, or made obsolete by other documents at
23	   any time.  It is inappropriate to use Internet-Drafts as reference
24	   material or to cite them other than as "work in progress."

26	   The list of current Internet-Drafts can be accessed at
27	   http://www.ietf.org/1id-abstracts.html

29	   The list of Internet-Draft Shadow Directories can be accessed at
30	   http://www.ietf.org/shadow.html

32	Abstract

34	   This document describes cryprographic algorithms and parameters,
35	   supplementary to GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001
36	   and GOST R 34.11-94, for use in internet applications.

38	Table of Contents
39	   1      Introduction . . . . . . . . . . . . . . . . . . . . . .  2
40	   1.2    Terminology. . . . . . . . . . . . . . . . . . . . . . .  2
41	   2      Cipher modes and parameters. . . . . . . . . . . . . . .  3
42	   2.1    GOST 28147-89 CBC mode . . . . . . . . . . . . . . . . .  3
43	   2.2    GOST 28147-89 padding modes. . . . . . . . . . . . . . .  4
44	   2.3    Key Meshing Algorithms . . . . . . . . . . . . . . . . .  4
45	   2.3.1  Null Key Meshing . . . . . . . . . . . . . . . . . . . .  4
46	   2.3.2  CryptoPro Key Meshing. . . . . . . . . . . . . . . . . .  4
47	   3      HMAC_GOSTR3411 . . . . . . . . . . . . . . . . . . . . .  5
48	   4      PRF_GOSTR3411. . . . . . . . . . . . . . . . . . . . . .  5
49	   5      Key Derivation Algorithms. . . . . . . . . . . . . . . .  5
50	   5.1    VKO GOST R 34.10-94. . . . . . . . . . . . . . . . . . .  5
51	   5.2    VKO GOST R 34.10-2001. . . . . . . . . . . . . . . . . .  6
52	   6      Key Wrap algorithms. . . . . . . . . . . . . . . . . . .  6
53	   6.1    GOST 28147-89 Key Wrap . . . . . . . . . . . . . . . . .  6
54	   6.2    GOST 28147-89 Key Unrap. . . . . . . . . . . . . . . . .  7
55	   6.3    CryptoPro Key Wrap . . . . . . . . . . . . . . . . . . .  7
56	   6.4    CryptoPro Key Unwrap . . . . . . . . . . . . . . . . . .  8
57	   6.5    CryptoPro KEK Diversification Algorithm. . . . . . . . .  8
58	   7      Secret Key Diversification . . . . . . . . . . . . . . .  9
59	   8      Algorithm parameters . . . . . . . . . . . . . . . . . .  9
60	   8.1    Encryption algorithm parameters  . . . . . . . . . . . .  9
61	   8.2    Digest algorithm parameters. . . . . . . . . . . . . . . 11
62	   8.3    GOST R 34.10-94 public key algorithm parameters  . . . . 11
63	   8.4    GOST R 34.10-2001 public key algorithm parameters. . . . 12
64	   9      Security Considerations. . . . . . . . . . . . . . . . . 13
65	   10     Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 14
66	   11     References . . . . . . . . . . . . . . . . . . . . . . . 49
67	   12     Acknowledgments. . . . . . . . . . . . . . . . . . . . . 51
68	   Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 51
69	   Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 53

71	1  Introduction

73	   Russian cryptographic standards defining algorithms GOST 28147-89
74	   [GOST28147], GOST R 34.10-94 [GOSTR341094], GOST R 34.10-2001
75	   [GOSTR34102001] and GOST R34.11-94 [GOSTR341194] (a brief english
76	   technical description of these algorithms can be found in
77	   [Schneier95]) provide basic information about how the algorithms
78	   work, but need supplemental specifications to effectively use the
79	   algorithms.

81	   This document is a proposal put forward by CRYPT-PRO Company to
82	   provide the supplemental information and specifications needed by the
83	   "Russian Cryptographic Software Compatibility Agreement" community.

85	1.2   Terminology

87	   In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD,
88	   SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described
89	   in [RFC 2119].

91	   The following functions and operators are also used in this document:

93	   '|' stands for concatenation

95	   encryptECB (K, D) - is D, encrypted with key K using GOST 28147-89 in
96	   "prostaya zamena" (ECB) mode

98	   decryptECB (K, D) - is D, decrypted with key K using GOST 28147-89 in
99	   ECB mode

101	   encryptCFB (IV, K, D) - is D, encrypted with key K using GOST
102	   28147-89 in "gammirovanie s obratnoj svyaziyu" (64-bit CFB) mode, and
103	   IV as initialization vector.

105	   encryptCNT (IV, K, D) - is D, encrypted with key K using GOST
106	   28147-89 in "gammirovanie" (counter) mode, and IV as initialization
107	   vector.

109	   gostR3411 (D) - is the 256-bit result of GOST R 34.11-94 hash
110	   function, used with zero intitialization vector, and S-Box parameter,
111	   defined by gostR3411CryptoProParamSetAI (see Appendix,
112	   GostR3411-94-ParamSetSyntax module).

114	   gost28147IMIT (IV, K, D) - is the 32-bit result of GOST 28147-89 in
115	   "imitovstavka" (MAC) mode, used with D as plaintext, K as key and IV
116	   as initialization vector.  Note, that standard specifies it's use in
117	   this mode only with zero initialization vector.

119	   When keys and initialization vectors are converted to/from byte
120	   arrays, little-endian byte order is assumed.

122	2  Cipher modes and parameters

124	   [GOST28147] defines only three cipher modes for GOST 28147-89: ECB,
125	   CFB and counter mode. This document defines an additional cipher mode
126	   CBC.

128	   When GOST 28147-89 is used to process large amounts of data, a
129	   symmetric key should be protected by key meshing algorithm.  This
130	   document defines CryptoPro key meshing algorithm.

132	   The cipher mode, key meshing algorithm, padding mode and S-box are
133	   specified by algorithm parameters.

135	2.1   GOST 28147-89 CBC mode

137	   This section provides the supplemental information to GOST 28147-89
138	   (a block to block primitive) needed to operate in CBC mode.

140	   Before each plaintext block is encrypted, it is combined with the
141	   cipher text of the previous block by a bitwise XOR operation.  This
142	   ensures that even if the plaintext contains many identical blocks,
143	   they will each encrypt to a different cipher text block.  The
144	   initialization vector is combined with the first plaintext block by a
145	   bitwise XOR operation before the block is encrypted.

147	2.2   GOST 28147-89 padding modes

149	   This section provides the supplemental information to GOST 28147-89,
150	   needed to operate on plaintext, which length is not divisible by GOST
151	   28147-89 block size (8 bytes).

153	   Let x (0 < x < 8) be the number of bytes in the last (possibly,
154	   incomplete) block of data.  There are three padding modes:
155	    * Zero padding: 8-x remaining bytes are filled with zero
156	    * PKCS#5 padding: 8-x remaining bytes are filled with value of 8-x.
157	      If there's no incomplete block, one extra block filled with
158	      value 8 is added.
159	    * Random padding: 8-x remaining bytes of the last block are
160	      set to random.

162	2.3   Key Meshing Algorithms

164	   When there is a need to limit the amount of data, enciphered with the
165	   same key, several key meshing algorithms can be used.  Key meshing
166	   algorithms transform the key after processing a certain amount of
167	   data.

169	   All encryption parameter sets, defined in this document, specify use
170	   of CryptoPro key meshing algorithm, except for id-
171	   Gost28147-89-TestParamSet, which specifies use of null key meshing
172	   algorithm.

174	2.3.1   Null Key Meshing

176	   A null key meshing algorithm never changes a key. It's OID is:

178	       id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
179	           { id-CryptoPro-algorithms keyMeshing(14) none(0) }

181	   This algorithm has NULL parameters.

183	2.3.2   CryptoPro Key Meshing

185	   CryptoPro key meshing algorithm transforms the key and initialization
186	   vector every 1KB of plaintext data. It's OID is:

188	       id-Gost28147-89-CryptoPro-KeyMeshing  OBJECT IDENTIFIER ::=
189	           { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }

191	   This algorithm has NULL parameters.

193	   Encryption or decryption starts with key K[0] = K, IV0[0] = IV, i =
194	   0.  Let IV[0] be the value of initialization vector after processing
195	   1K of data. Encryption or decryption of next 1K data block will start
196	   with K[1] and IV0[1], which are calculated using formula:

198	       K[i+1] = decryptECB (K[i], C);
199	       IV0[i+1] = encryptECB (K[i+1],IV[i])

201	   Where C = {0x69, 0x00, 0x72, 0x22,   0x64, 0xC9, 0x04, 0x23,
202	              0x8D, 0x3A, 0xDB, 0x96,   0x46, 0xE9, 0x2A, 0xC4,
203	              0x18, 0xFE, 0xAC, 0x94,   0x00, 0xED, 0x07, 0x12,
204	              0xC0, 0x86, 0xDC, 0xC2,   0xEF, 0x4C, 0xA9, 0x2B};

206	   After processing every next 1K block, current initialization vector
207	   is stored as IV[i+1], i is incremented and the same transformation
208	   applied.

210	3  HMAC_GOSTR3411

212	   HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
213	   34.11-94, as defined in [HMAC], with the following parameter values:
214	   B = 32, L = 32.

216	4  PRF_GOSTR3411

218	   PRF_GOSTR3411 is a pseudorandom function, based on HMAC_GOSTR3411.
219	   It is calculated as P_hash, defined in section 5 of [TLS].
220	   PRF_GOSTR3411(K,D) = P_GOSTR3411 (K,D)

222	5  Key Derivation Algorithms

224	   Standards [GOSTR341094] and [GOSTR34102001] do not define any key
225	   derivation algorithms.

227	   Section 5.1 specifies algorithm VKO GOST R 34.10-94, which generates
228	   GOST KEK using two GOST R 34.10-94 keypairs.

230	   Section 5.2 specifies algorithm VKO GOST R 34.10-2001, which
231	   generates GOST KEK using two GOST R 34.10-2001 keypairs, and
232	   synchrovector A.

234	   Keypairs MUST have identical parameters.

236	5.1  VKO GOST R 34.10-94

238	   This algorithm creates a a key encryption key (KEK) using sender's
239	   private key and recipient public key, or vice versa.

241	  Exchange key EK is a 256-bit hash of 1024-bit Diffie-Hellman key
242	  K(x,y);

244	  1. Let K(x,y) = a^(x*y) (mod p), where
245	     x - sender's private key, a^x - sender's public key
246	     y - recipient's private key, a^y - recipient's public key
247	     a, p - parameters 2. Calculate a 256-bit hash of K(x,y):
248	     KEK(x,y) = gostR3411 (K(x,y))

250	  Keypairs x and y MUST comply with [GOSTR341094].

252	  This algorithm MUST NOT be used, when a^x = a (mod p) or a^y = a (mod
253	  p).

255	5.2  VKO GOST R 34.10-2001

257	  This algorithm creates a key encryption key (KEK) using synchrovector,
258	  sender's private key and recipient public key, or vice versa.

260	  1. Let K(x,y,IV) = ((IV*x)(mod q)) . (y.P) (512 bit), where
261	     x - sender's private key (256 bit)
262	     x.P - sender's public key (512 bit)
263	     y - recipient's private key (256 bit)
264	     y.P - recipient's public key (512 bit)
265	     IV - synchrovector (64 bit)
266	     P - base point on the elliptic curve (two 256-bit coordinates)
267	     IV*x - x multiplied by IV as integers
268	     x.P - a multiple point

270	  2. Calculate a 256-bit hash of K(x,y,IV):
271	     KEK(x,y,IV) = gostR3411 (K(x,y,IV))

273	  Keypairs x and y MUST comply with [GOSTR34102001].

275	  This algorithm MUST NOT be used, when x.P = P, y.P = P

277	6  Key Wrap algorithms

279	  This document defines two key wrap algorithms: GOST 28147-89 Key Wrap
280	  and CryptoPro Key Wrap.

282	6.1 GOST 28147-89 Key Wrap

284	  This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.

286	  Note: This algorithm MUST NOT be used with KEK produced by VKO GOST R
287	  34.10-94, because such KEK is constant for every sender-recipient
288	  pair. Encrypting many different content encryption keys on the same
289	  constant KEK may reveal this KEK.

291	  Identifier for this algorithm:

293	       id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
294	           { id-CryptoPro-algorithms keyWrap(13) none(0) }

296	   The GOST 28147-89 key wrap algorithm is:

298	    1. For unique symmetric KEK, generate 8 octets at random,
299	       call the result IV.
300	       For KEK, produced by VKO GOST R 34.10-2001, use the same IV,
301	       that was used for key derivation.
302	    2. Compute a 4-byte checksum value, gost28147IMIT (IV, KEK, CEK),
303	       call the result CEK_MAC.
304	    3. Encrypt CEK in ECB mode using KEK. Use IV, generated in step 1.
305	       Call the ciphertext CEK_ENC.
306	    4. Let RES = IV | CEK_ENC | CEK_MAC.

308	6.2 GOST 28147-89 Key Unwrap

310	   This algorithm decrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
311	   The GOST 28147-89 key unwrap algorithm is:

313	    1. If the wrapped content-encryption key is not 44 octets, then
314	       error.
315	    2. Decompose the the wrapped content-encryption key into IV, CEK_ENC
316	       and CEK_MAC. IV is the most significant (first) 8 octets, CEK_ENC
317	       is next 32 octets, and CEK_MAC is the least significant (last) 4
318	       octets.
319	    3. Decrypt CEK_ENC in ECB mode using KEK. Use IV, obrained in
320	       step 1. Call the output CEK.
321	    4. Compute a 4-byte checksum value, gost28147IMIT (IV, KEK, CEK),
322	       compare the result CEK_MAC. If not equal, then error.

324	6.3 CryptoPro Key Wrap

326	   This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
327	   It can be used with any KEK, e.g. produced by VKO GOST R 34.10-94 or
328	   VKO GOST R 34.10-2001, because unique initialization vector is used
329	   to diversify the KEK.

331	   Identifier for this algorithm:

333	       id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
334	           { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }

336	   The CryptoPro key wrap algorithm is:

338	    1. For unique symmetric KEK, or KEK produced by VKO GOST R 34.10-94,
339	       generate 8 octets at random, call the result IV.
340	       For KEK, produced by VKO GOST R 34.10-2001, use the same IV,
341	       that was used for key derivation.
342	    2. Diversify KEK, using CryptoPro KEK Diversification Algorithm,
343	       described in section 7.2.1, call the result KEK(IV);
344	    3. Compute a 4-byte checksum value,
345	       gost28147IMIT (IV, KEK(IV), CEK), call the result CEK_MAC.
346	    4. Encrypt CEK in ECB mode using KEK(IV). Use IV, generated in
347	       step 1.
348	       Call the ciphertext CEK_ENC.
349	    5. Let RES = IV | CEK_ENC | CEK_MAC.

351	6.4 CryptoPro Key Unrap

353	   This algorithm encrypts GOST 28147-89 CEK with a GOST 28147-89 KEK.
354	   The CryptoPro key unwrap algorithm is:

356	    1. If the wrapped content-encryption key is not 44 octets, then
357	       error.
358	    2. Decompose the the wrapped content-encryption key into IV, CEK_ENC
359	       and CEK_MAC. IV is the most significant (first) 8 octets, CEK_ENC
360	       is next 32 octets, and CEK_MAC is the least significant (last)
361	       4 octets.
362	    3. Diversify KEK, using CryptoPro KEK Diversification Algorithm,
363	       described in section 6.5, call the result KEK(IV);
364	    4. Decrypt CEK_ENC in ECB mode using KEK(IV). Use IV, obrained in
365	       step 1.  Call the output CEK.
366	    5. Compute a 4-byte checksum value,
367	       gost28147IMIT (IV, KEK(IV), CEK), compare the result CEK_MAC.
368	       If not equal, then error.

370	6.5  CryptoPro KEK Diversification Algorithm

372	   Given a random 64-bit synchrovector IV, and a GOST 28147-89 key K,
373	   this algorithm creates a new GOST 28147-89 key K(IV).

375	    1. Let K[0] = K;

377	    2. IV is split into components a[i,j]:
378	       IV = a[0]|...|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)

380	    3. Let i be 0.

382	    4. K[1]..K[8] are calculated by repeating the
383	       following algorithm eight times:

385	     A) K[i] is split into components k[i,j]:
386	        K[i] = k[i,0]|k[i,1]|...|k[i,7] (k[i,j] - 32-bit integer)
387	     B) Vector S[i] is calculated:
388	        S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32)
389	           | ((~a[i,0]*k[i,0] + ... + ~a[i,7]*k[i,7]) mod 2^32);
390	     C) K[i+1] = encryptCFB (S[i], K[i], K[i])
391	     D) i = i + 1

393	   5. Let K(IV) be K[8].

395	7  Secret Key Diversification

397	   This algorithm creates a GOST 28147-89 key Kd, given GOST R 34.10-94
398	   or GOST R 34.10-2001 secret key K and diversification data D of size
399	   4..40 bytes.

401	   1) 40-byte blob B is created from D by cloning it enough times to
402	   fill all 40 bytes. For example, if D is 40-bytes long, B = D; If D is
403	   4-bytes long, B = D|D|D|D|D|D|D|D|D|D.

405	   2) B is split into 8-byte SV and 32-byte SRCKEY (B = SV|SRCKEY).

407	   3) Algorithm from section 6.5 is used to create K(SV) from key K and
408	   synchrovector SV, with two differences. Instead of S[i], vector
409	   (0,0,0,SV[i],ff,ff,ff,ff XOR SV[i]) is used, and during each
410	   encryption step, only 8 out of 32 GOST 28147-89 steps are done.

412	   4) Kd is calculated:
413	    Kd = encryptCFB (IV, K(IV), SRCKEY).

415	8  Algorithm parameters

417	   Standards [GOST28147], [GOST341194], [GOSTR341094] and
418	   [GOSTR34102001] do not define specific values for algorithm
419	   parameters.

421	   This document introduces the use of OIDs to specify algorithm
422	   parameters.

424	   Identifiers and corresponding parameter values for all of the
425	   proposed parameter sets can be found in Appendix in the form of ASN.1
426	   modules [X.660].

428	8.1 Encryption algorithm parameters

430	   GOST 28147-89 can be used in several modes, additional CBC mode is
431	   defined in section 2.1 this document. It also has an S-Box parameter
432	   (see Algorithm Parameters part in [GOST28147] in Russian, description
433	   in English see in [Schneier95] ch. 14.1, p. 331).

435	   This table contains the list of proposed parameter sets for GOST
436	   28147-89:

438	    Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
439	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
440	               id-Gost28147-89-TestParamSet  } |
441	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
442	               id-Gost28147-89-CryptoPro-A-ParamSet  } |
443	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
444	               id-Gost28147-89-CryptoPro-B-ParamSet  } |
445	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
446	               id-Gost28147-89-CryptoPro-C-ParamSet  } |
447	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
448	               id-Gost28147-89-CryptoPro-D-ParamSet  } |
449	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
450	               id-Gost28147-89-CryptoPro-Simple-A-ParamSet  } |
451	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
452	               id-Gost28147-89-CryptoPro-Simple-B-ParamSet  } |
453	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
454	               id-Gost28147-89-CryptoPro-Simple-C-ParamSet  } |
455	        { Gost28147-89-ParamSetParameters IDENTIFIED BY
456	               id-Gost28147-89-CryptoPro-Simple-D-ParamSet  }
457	    }

459	   Identifier values can be found in Appendix.

461	   Parameters for GOST 28147-89 are presented in the following form:

463	    Gost28147-89-ParamSetParameters ::= SEQUENCE {
464	        eUZ          Gost28147-89-UZ,
465	        mode         INTEGER {
466	                         gost28147-89-CNT(0),
467	                         gost28147-89-CFB(1),
468	                         cryptoPro-CBC(2)
469	                     },
470	        shiftBits    INTEGER { gost28147-89-block(64) },
471	        keyWrap      AlgorithmIdentifier,
472	        keyMeshing   AlgorithmIdentifier
473	    }
474	    Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
475	    Gost28147-89-KeyMeshingAlgorithms  ALGORITHM-IDENTIFIER ::= {
476	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
477	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
478	    }
479	    Gost28147-89-KeyWrapAlgorithms  ALGORITHM-IDENTIFIER ::= {
480	        { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
481	        { NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
482	    }

484	   where
485	      eUZ        - S-box value;
486	      mode       - cipher mode;
487	      shiftBits  - cipher parameter;
488	      keyWrap    - key export algorithm identifier;
489	      keyMeshing - key meshing algorithm identifier.

491	8.2 Digest algorithm parameters

493	   This table contains the list of proposed parameter sets for
494	   [GOST341194]:

496	    GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
497	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
498	          id-GostR3411-94-TestParamSet
499	        } |
500	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
501	          id-GostR3411-94-CryptoProParamSet
502	        }
503	    }

505	   Identifier values can be found in Appendix.

507	   Parameters for [GOST341194] are presented in the following form:

509	    GostR3411-94-ParamSetParameters ::=
510	        SEQUENCE {
511	            hUZ Gost28147-89-UZ,    -- S-Box for digest
512	            h0  GostR3411-94-Digest -- start digest value
513	        }
514	    GostR3411-94-Digest ::= OCTET STRING (SIZE (32))

516	6.3 GOST R 34.10-94 public key algorithm parameters

518	   This table contains the list of proposed parameter sets for GOST R
519	   34.10-94:

521	    GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
522	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
523	               id-GostR3410-94-TestParamSet } |
524	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
525	               id-GostR3410-94-CryptoPro-A-ParamSet  } |
526	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
527	               id-GostR3410-94-CryptoPro-B-ParamSet  } |
528	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
529	               id-GostR3410-94-CryptoPro-C-ParamSet  } |
530	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
531	               id-GostR3410-94-CryptoPro-D-ParamSet  } |
532	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
533	               id-GostR3410-94-CryptoPro-XchA-ParamSet  } |
534	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
535	               id-GostR3410-94-CryptoPro-XchB-ParamSet  } |
536	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
537	               id-GostR3410-94-CryptoPro-XchC-ParamSet  }
538	    }

540	   Identifier values can be found in Appendix.

542	   Parameters for GOST R 34.10-94 are presented in the following form:

544	    GostR3410-94-ParamSetParameters ::=
545	       SEQUENCE {
546	           p       INTEGER,
547	           q       INTEGER,
548	           a       INTEGER,
549	           validationAlgorithm   AlgorithmIdentifier {{
550	             GostR3410-94-ValidationAlgorithms
551	             }} OPTIONAL
552	       }

554	    GostR3410-94-ValidationParameters ::=
555	         SEQUENCE {
556	             t       INTEGER,
557	             x0      INTEGER,
558	             c       INTEGER,
559	             d       INTEGER OPTIONAL
560	         }

562	   Where
563	    p - modulus, prime number, 2^1023<p<2^1024;
564	    q - order of cyclic group, prime number, 2^254<q<2^256, q is a
565	   factor
566	    of p-1;
567	    a - generator, integer, 1<a<p-1, at that aq (mod p) = 1;
568	    validationAlgorithm - constant p, q and a calculating algorithm.

570	    t  - bit length of p;
571	    x0 - seed;
572	    c  - used for p and q generation;
573	    d  - used for a generation.

575	8.4 GOST R 34.10-2001 public key algorithm parameters
576	   This table contains the list of proposed parameter sets for GOST R
577	   34.10-2001:

579	    GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
580	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
581	               id-GostR3410-2001-TestParamSet } |
582	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
583	               id-GostR3410-2001-CryptoPro-A-ParamSet  } |
584	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
585	               id-GostR3410-2001-CryptoPro-B-ParamSet  } |
586	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
587	               id-GostR3410-2001-CryptoPro-C-ParamSet  } |
588	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
589	               id-GostR3410-2001-CryptoPro-XchA-ParamSet  } |
590	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
591	               id-GostR3410-2001-CryptoPro-XchB-ParamSet  }
592	    }

594	   Identifier values can be found in Appendix.

596	   Parameters for GOST R 34.10-2001 are presented in the following form:

598	    GostR3410-2001-ParamSetParameters ::=
599	       SEQUENCE {
600	           abj CHOICE {
601	               ab SEQUENCE {
602	                   a       INTEGER,
603	                   b       INTEGER,
604	               },
605	               j       INTEGER,
606	           },
607	           p       INTEGER ,
608	           q       INTEGER ,
609	           x       INTEGER ,
610	           y       INTEGER
611	       }

613	    a, b - coefficients a and b of the elliptic curve E;
614	    j    - invariant;
615	    p    - prime number - elliptic curve modulus;
616	    q    - prime number - order of cyclic group;
617	    x, y - base point p coordinates.

619	9  Security Considerations

621	   It is RECCOMENDED, that software applications verify signature
622	   values, subject public keys and algorithm parameters to conform to
623	   [GOSTR34102001], [GOSTR341094] standards prior to their use.

625	   Cryptographic algorithm parameters affect rigidity of algorithms.
626	   The algorithm parameters proposed hereby and described in this
627	   document, have been analyzed by special certification laboratory of
628	   Scientific and Technical Center "ATLAS" and by Center of
629	   Certificational Investigations in appropriate levels of
630	   target_of_evaluation (TOE), according to [RFDSL], [RFLLIC] and
631	   [CRYPTOLIC].

633	   Use of different parameter sets is NOT RECOMENDED. When different
634	   parameters are used, it is RECCOMENDED to subject them to examination
635	   by an authorized agency with approved methods of cryptographic
636	   analysis.

638	10 Appendix ASN.1 Modules

640	10.1  Cryptographic-Gost-Useful-Definitions

642	Cryptographic-Gost-Useful-Definitions
643	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
644	      other(1) modules(1) cryptographic-Gost-Useful-Definitions(0)
645	1 }
646	DEFINITIONS ::=
647	BEGIN
648	-- EXPORTS All --
649	-- The types and values defined in this module are exported for
650	-- use in the other ASN.1 modules contained within the Russian
651	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
652	-- of other applications which will use them to access Russian
653	-- Cryptography services. Other applications may use them for
654	-- their own purposes, but this will not constrain extensions and
655	-- modifications needed to maintain or improve the Russian
656	-- Cryptography service.
657	  -- Crypto-Pro OID branch
658	    id-CryptoPro OBJECT IDENTIFIER ::=
659	        { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) }
660	    id-CryptoPro-algorithms OBJECT IDENTIFIER ::=
661	        id-CryptoPro
662	    id-CryptoPro-modules OBJECT IDENTIFIER ::=
663	        { id-CryptoPro other(1) modules(1) }
664	    id-CryptoPro-hashes OBJECT IDENTIFIER ::=
665	        { id-CryptoPro-algorithms hashes(30) }
666	    id-CryptoPro-encrypts OBJECT IDENTIFIER ::=
667	        { id-CryptoPro-algorithms encrypts(31) }
668	    id-CryptoPro-signs OBJECT IDENTIFIER ::=
669	        { id-CryptoPro-algorithms signs(32) }
670	    id-CryptoPro-exchanges OBJECT IDENTIFIER ::=
671	        { id-CryptoPro-algorithms exchanges(33) }
672	    id-CryptoPro-extensions OBJECT IDENTIFIER ::=
673	        { id-CryptoPro extensions(34) }
674	    id-CryptoPro-ecc-signs OBJECT IDENTIFIER ::=
675	        { id-CryptoPro-algorithms ecc-signs(35) }
676	    id-CryptoPro-ecc-exchanges OBJECT IDENTIFIER ::=
677	        { id-CryptoPro-algorithms ecc-exchanges(36) }
678	    id-CryptoPro-private-keys OBJECT IDENTIFIER ::=
679	        { id-CryptoPro-algorithms private-keys(37) }
680	    id-CryptoPro-policyIds OBJECT IDENTIFIER ::=
681	      { id-CryptoPro policyIds(38) }
682	    id-CryptoPro-policyQt OBJECT IDENTIFIER ::=
683	        { id-CryptoPro policyQt(39) }
684	    id-CryptoPro-pkixcmp-infos OBJECT IDENTIFIER ::=
685	        { id-CryptoPro-algorithms pkixcmp-infos(41) }
686	    id-CryptoPro-audit-service-types OBJECT IDENTIFIER ::=
687	        { id-CryptoPro-algorithms pkixcmp-infos(42) }
688	    id-CryptoPro-audit-record-types OBJECT IDENTIFIER ::=
689	        { id-CryptoPro-algorithms pkixcmp-infos(43) }
690	    id-CryptoPro-attributes OBJECT IDENTIFIER ::=
691	        { id-CryptoPro-algorithms attributes(44) }
692	  -- ASN.1 modules of Russian Cryptography "GOST" & "GOST R"
693	  -- Specifications
694	    cryptographic-Gost-Useful-Definitions OBJECT IDENTIFIER ::=
695	        { id-CryptoPro-modules
696	          cryptographic-Gost-Useful-Definitions(0) 1 }
697	  -- GOST R 34.11-94

699	    gostR3411-94-DigestSyntax OBJECT IDENTIFIER ::=
700	        { id-CryptoPro-modules gostR3411-94-DigestSyntax(1) 1 }
701	    gostR3411-94-ParamSetSyntax OBJECT IDENTIFIER ::=
702	        { id-CryptoPro-modules gostR3411-94-ParamSetSyntax(7) 1 }
703	  -- GOST R 34.10-94

705	    gostR3410-94-PKISyntax OBJECT IDENTIFIER ::=
706	        { id-CryptoPro-modules  gostR3410-94-PKISyntax(2) 1 }
707	    gostR3410-94-SignatureSyntax OBJECT IDENTIFIER ::=
708	        { id-CryptoPro-modules gostR3410-94-SignatureSyntax(3) 1 }
709	    gostR3410-EncryptionSyntax OBJECT IDENTIFIER ::=
710	        { id-CryptoPro-modules gostR3410-EncryptionSyntax(5) 2 }
711	    gostR3410-94-ParamSetSyntax OBJECT IDENTIFIER ::=
712	        { id-CryptoPro-modules  gostR3410-94-ParamSetSyntax(8) 1 }
713	  -- GOST R 34.10-2001

715	    gostR3410-2001-PKISyntax OBJECT IDENTIFIER ::=
716	        { id-CryptoPro-modules  gostR3410-2001-PKISyntax(9) 1 }
717	    gostR3410-2001-SignatureSyntax OBJECT IDENTIFIER ::=
718	        { id-CryptoPro-modules
719	          gostR3410-2001-SignatureSyntax(10) 1 }
720	    gostR3410-2001-ParamSetSyntax OBJECT IDENTIFIER ::=
721	        { id-CryptoPro-modules
722	          gostR3410-2001-ParamSetSyntax(12) 1 }
723	  -- GOST 28147-89

725	    gost28147-89-EncryptionSyntax OBJECT IDENTIFIER ::=
726	        { id-CryptoPro-modules gost28147-89-EncryptionSyntax(4) 1 }
727	    gost28147-89-ParamSetSyntax OBJECT IDENTIFIER ::=
728	        { id-CryptoPro-modules gost28147-89-ParamSetSyntax(6) 1 }
729	  -- Extended Key Usage for Crypto-Pro

731	    gost-CryptoPro-ExtendedKeyUsage OBJECT IDENTIFIER ::=
732	        { id-CryptoPro-modules
733	          gost-CryptoPro-ExtendedKeyUsage(13) 1 }
734	  -- Crypto-Pro Private keys

736	    gost-CryptoPro-PrivateKey OBJECT IDENTIFIER ::=
737	        { id-CryptoPro-modules gost-CryptoPro-PrivateKey(14) 1 }
738	  -- Crypto-Pro PKIXCMP structures

740	    gost-CryptoPro-PKIXCMP OBJECT IDENTIFIER ::=
741	        { id-CryptoPro-modules gost-CryptoPro-PKIXCMP(15) 1 }
742	  -- Crypto-Pro Transport Layer Security structures
743	    gost-CryptoPro-TransportLayerSecurity OBJECT IDENTIFIER ::=
744	        { id-CryptoPro-modules gost-CryptoPro-TransportLayerSecurit
745	y(16) 1 }

747	  -- Crypto-Pro Policy
748	    gost-CryptoPro-Policy OBJECT IDENTIFIER ::=
749	        { id-CryptoPro-modules gost-CryptoPro-Policy(17) 1 }
750	  -- Useful types
751	    ALGORITHM-IDENTIFIER ::= CLASS {
752	        &id    OBJECT IDENTIFIER UNIQUE,
753	        &Type  OPTIONAL
754	    }
755	    WITH SYNTAX { [&Type] IDENTIFIED BY &id }
756	END -- Cryptographic-Gost-Useful-Definitions

758	10.2  Gost28147-89-EncryptionSyntax

760	Gost28147-89-EncryptionSyntax
761	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
762	      other(1) modules(1) gost28147-89-EncryptionSyntax(4) 1 }
763	DEFINITIONS EXPLICIT TAGS ::=
764	BEGIN
765	-- EXPORTS All --
766	-- The types and values defined in this module are exported for
767	-- use in the other ASN.1 modules contained within the Russian
768	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
769	-- of other applications which will use them to access Russian
770	-- Cryptography services. Other applications may use them for
771	-- their own purposes, but this will not constrain extensions and
772	-- modifications needed to maintain or improve the Russian
773	-- Cryptography service.
774	    IMPORTS
775	        id-CryptoPro-algorithms, id-CryptoPro-encrypts,
776	        ALGORITHM-IDENTIFIER,
777	        cryptographic-Gost-Useful-Definitions
778	        FROM Cryptographic-Gost-Useful-Definitions
779	            { iso(1) member-body(2) ru(643) rans(2)
780	              cryptopro(2) other(1) modules(1)
781	              cryptographic-Gost-Useful-Definitions(0) 1 }
782	    ;
783	  -- GOST 28147-89 OID
784	    id-Gost28147-89 OBJECT IDENTIFIER ::=
785	        { id-CryptoPro-algorithms gost28147-89(21) }
786	    id-Gost28147-89-MAC OBJECT IDENTIFIER ::=
787	        { id-CryptoPro-algorithms gost28147-89-MAC(22) }
788	  -- GOST 28147-89 cryptographic parameter sets OIDs
789	    id-Gost28147-89-TestParamSet OBJECT IDENTIFIER ::=
790	        { id-CryptoPro-encrypts test(0) }
791	    id-Gost28147-89-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
792	        { id-CryptoPro-encrypts cryptopro-A(1) }
793	    id-Gost28147-89-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
794	        { id-CryptoPro-encrypts cryptopro-B(2) }
795	    id-Gost28147-89-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
796	        { id-CryptoPro-encrypts cryptopro-C(3) }
797	    id-Gost28147-89-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
798	        { id-CryptoPro-encrypts cryptopro-D(4) }
799	    id-Gost28147-89-CryptoPro-Oscar-ParamSet
800	        OBJECT IDENTIFIER ::=
801	           { id-CryptoPro-encrypts cryptopro-Oscar(5) }
802	    id-Gost28147-89-CryptoPro-Simple-A-ParamSet
803	        OBJECT IDENTIFIER ::=
804	           { id-CryptoPro-encrypts cryptopro-Simple-A(6) }
805	    id-Gost28147-89-CryptoPro-Simple-B-ParamSet
806	        OBJECT IDENTIFIER ::=
807	           { id-CryptoPro-encrypts cryptopro-Simple-B(7) }
808	    id-Gost28147-89-CryptoPro-Simple-C-ParamSet
809	        OBJECT IDENTIFIER ::=
810	           { id-CryptoPro-encrypts cryptopro-Simple-C(8) }
811	    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
812	        OBJECT IDENTIFIER ::=
813	           { id-CryptoPro-encrypts cryptopro-Simple-D(9) }
814	  -- GOST 28147-89 Types
815	    Gost28147-89-Data ::= OCTET STRING (SIZE (0..4294967294))
816	    Gost28147-89-EncryptedData ::=
817	        OCTET STRING (SIZE (0..4294967294))
818	    Gost28147-89-UZ ::= OCTET STRING (SIZE (64))
819	    Gost28147-89-IV ::= OCTET STRING (SIZE (8))
820	    Gost28147-89-Key ::= OCTET STRING (SIZE (32))
821	    Gost28147-89-MAC ::= OCTET STRING (SIZE (1..4))
822	    Gost28147-89-EncryptedKey ::=
823	        SEQUENCE {
824	            encryptedKey         Gost28147-89-Key,
825	            maskKey              [0] IMPLICIT Gost28147-89-Key OPTI
826	ONAL,
827	            macKey               Gost28147-89-MAC (SIZE (4))
828	        }
829	    Gost28147-89-BlobParameters ::=
830	        SEQUENCE {
831	            encryptionParamSet
832	                OBJECT IDENTIFIER (
833	                    id-Gost28147-89-TestParamSet |      -- Only for
834	 testing purposes
835	                    id-Gost28147-89-CryptoPro-A-ParamSet |
836	                    id-Gost28147-89-CryptoPro-B-ParamSet |
837	                    id-Gost28147-89-CryptoPro-C-ParamSet |
838	                    id-Gost28147-89-CryptoPro-D-ParamSet |
839	                    id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
840	                    id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
841	                    id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
842	                    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
843	                )
844	        }
845	  -- GOST 28147-89 encryption algorithm parameters
846	    Gost28147-89-Parameters ::=
847	        SEQUENCE {
848	            iv                   Gost28147-89-IV,
849	            encryptionParamSet
850	                OBJECT IDENTIFIER (
851	                    id-Gost28147-89-TestParamSet | -- Only for test
852	ing purposes
853	                    id-Gost28147-89-CryptoPro-A-ParamSet |
854	                    id-Gost28147-89-CryptoPro-B-ParamSet |
855	                    id-Gost28147-89-CryptoPro-C-ParamSet |
856	                    id-Gost28147-89-CryptoPro-D-ParamSet |
857	                    id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
858	                    id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
859	                    id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
860	                    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
861	                )
862	        }
863	    Gost28147-89-Algorithms ALGORITHM-IDENTIFIER ::= {
864	        { Gost28147-89-Parameters IDENTIFIED BY
865	                        id-Gost28147-89 }
866	    }
867	END -- Gost28147-89-EncryptionSyntax

869	10.3  Gost28147-89-ParamSetSyntax

871	Gost28147-89-ParamSetSyntax
872	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
873	      other(1) modules(1) gost28147-89-ParamSetSyntax(6) 1 }
874	DEFINITIONS EXPLICIT TAGS ::=
875	BEGIN
876	-- EXPORTS All --
877	-- The types and values defined in this module are exported for
878	-- use in the other ASN.1 modules contained within the Russian
879	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
880	-- of other applications which will use them to access Russian
881	-- Cryptography services. Other applications may use them for
882	-- their own purposes, but this will not constrain extensions and
883	-- modifications needed to maintain or improve the Russian
884	-- Cryptography service.
885	    IMPORTS
886	        id-CryptoPro-algorithms, id-CryptoPro-encrypts,
887	        gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER,
888	        cryptographic-Gost-Useful-Definitions
889	        FROM Cryptographic-Gost-Useful-Definitions
890	            { iso(1) member-body(2) ru(643) rans(2)
891	              cryptopro(2) other(1) modules(1)
892	              cryptographic-Gost-Useful-Definitions(0) 1 }
893	        Gost28147-89-UZ,
894	        id-Gost28147-89-TestParamSet,
895	        id-Gost28147-89-CryptoPro-A-ParamSet,
896	        id-Gost28147-89-CryptoPro-B-ParamSet,
897	        id-Gost28147-89-CryptoPro-C-ParamSet,
898	        id-Gost28147-89-CryptoPro-D-ParamSet,
899	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
900	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
901	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
902	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
903	        FROM Gost28147-89-EncryptionSyntax
904	             gost28147-89-EncryptionSyntax
905	        AlgorithmIdentifier
906	        FROM PKIX1Explicit88 {iso(1) identified-organization(3)
907	        dod(6) internet(1) security(5) mechanisms(5) pkix(7)
908	        id-mod(0) id-pkix1-explicit-88(1)}
909	    ;
910	  -- GOST 28147-89 cryptographic parameter sets:
911	  -- OIDs for parameter sets are imported from
912	  -- Gost28147-89-EncryptionSyntax
913	  Gost28147-89-ParamSetParameters ::=
914	    SEQUENCE {
915	        eUZ             Gost28147-89-UZ,
916	        mode            INTEGER {
917	                            gost28147-89-CNT(0),
918	                            gost28147-89-CFB(1),
919	                            cryptoPro-CBC(2)
920	                        },
921	        shiftBits       INTEGER { gost28147-89-block(64) },
922	        keyWrap         AlgorithmIdentifier,
923	        keyMeshing      AlgorithmIdentifier
924	    }
925	  Gost28147-89-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
926	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
927	                id-Gost28147-89-TestParamSet  } |
928	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
929	                id-Gost28147-89-CryptoPro-A-ParamSet  } |
930	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
931	                id-Gost28147-89-CryptoPro-B-ParamSet  } |
932	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
933	                id-Gost28147-89-CryptoPro-C-ParamSet  } |
934	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
935	                id-Gost28147-89-CryptoPro-D-ParamSet  } |
936	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
937	                id-Gost28147-89-CryptoPro-Simple-A-ParamSet  } |
938	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
939	                id-Gost28147-89-CryptoPro-Simple-B-ParamSet  } |
940	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
941	                id-Gost28147-89-CryptoPro-Simple-C-ParamSet  } |
942	    { Gost28147-89-ParamSetParameters IDENTIFIED BY
943	                id-Gost28147-89-CryptoPro-Simple-D-ParamSet  }
944	  }
945	  id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
946	    { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
947	  id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
948	    { id-CryptoPro-algorithms keyWrap(13) none(0) }
949	  Gost28147-89-KeyWrapAlgorithms  ALGORITHM-IDENTIFIER ::= {
950	    { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyWrap } |
951	    { NULL IDENTIFIED BY id-Gost28147-89-None-KeyWrap }
952	  }
953	  id-Gost28147-89-CryptoPro-KeyMeshing  OBJECT IDENTIFIER ::=
954	    { id-CryptoPro-algorithms keyMeshing(14) cryptoPro(1) }
955	  id-Gost28147-89-None-KeyMeshing OBJECT IDENTIFIER ::=
956	    { id-CryptoPro-algorithms keyMeshing(14) none(0) }
957	  Gost28147-89-KeyMeshingAlgorithms  ALGORITHM-IDENTIFIER ::= {
958	    { NULL IDENTIFIED BY id-Gost28147-89-CryptoPro-KeyMeshing } |
959	    { NULL IDENTIFIED BY id-Gost28147-89-None-KeyMeshing }
960	  }
961	  -- GOST 28147-89 cryptographic parameter set: values
962	    -- Test parameter set
963	  gost28147-89-UZ-Test Gost28147-89-UZ ::=
964	   '4CDE389C2989EFB6FFEB56C55EC29B029875613B113F896003970C798AA1D55
965	DE210AD43375DB38EB42C77E7CD46CAFAD66A201F70F41EA4AB03F22165B844D8'H
966	  gost28147-89-TestParamSetAI
967	    AlgorithmIdentifier ::= {
968	      algorithm
969	        id-Gost28147-89-TestParamSet,
970	      parameters
971	        Gost28147-89-ParamSetParameters:{
972	          eUZ           gost28147-89-UZ-Test,
973	          mode          gost28147-89-CNT,
974	          shiftBits     64,
975	          keyWrap       { algorithm id-Gost28147-89-None-KeyWrap },
976	          keyMeshing    { algorithm id-Gost28147-89-None-KeyMeshing
977	 }
978	        }
979	    }
980	  -- CryptoPro parameter sets
981	  gost28147-89-UZ-CryptoPro-A Gost28147-89-UZ ::=
982	   -- K1 K2 K3 K4 K5 K6 K7 K8
983	   -- 9  3  E  E  B  3  1  B
984	   -- 6  7  4  7  5  A  D  A
985	   -- 3  E  6  A  1  D  2  F
986	   -- 2  9  2  C  9  C  9  5
987	   -- 8  8  B  D  8  1  7  0
988	   -- B  A  3  1  D  2  A  C
989	   -- 1  F  D  3  F  0  6  E
990	   -- 7  0  8  9  0  B  0  8
991	   -- A  5  C  0  E  7  8  6
992	   -- 4  2  F  2  4  5  C  2
993	   -- E  6  5  B  2  9  4  3
994	   -- F  C  A  4  3  4  5  9
995	   -- C  B  0  F  C  8  F  1
996	   -- 0  4  7  8  7  F  3  7
997	   -- D  D  1  5  A  E  B  D
998	   -- 5  1  9  6  6  6  E  4
999	   '93EEB31B67475ADA3E6A1D2F292C9C9588BD8170BA31D2AC1FD3F06E70890B0
1000	8A5C0E78642F245C2E65B2943FCA43459CB0FC8F104787F37DD15AEBD519666E4'H
1001	    gost28147-89-CryptoPro-A-ParamSetAI
1002	        AlgorithmIdentifier  ::=
1003	        {
1004	            algorithm
1005	                id-Gost28147-89-CryptoPro-A-ParamSet,
1006	            parameters
1007	                Gost28147-89-ParamSetParameters:{
1008	                    eUZ         gost28147-89-UZ-CryptoPro-A,
1009	                    mode        gost28147-89-CFB,
1010	                    shiftBits   64,
1011	                    keyWrap
1012	                        { algorithm id-Gost28147-89-CryptoPro-KeyWr
1013	ap },
1014	                    keyMeshing
1015	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1016	shing }
1017	                }
1018	        }
1019	    --
1020	  gost28147-89-UZ-CryptoPro-B Gost28147-89-UZ ::=
1021	   -- K1 K2 K3 K4 K5 K6 K7 K8
1022	   -- 8  0  E  7  2  8  5  0
1023	   -- 4  1  C  5  7  3  2  4
1024	   -- B  2  0  0  C  2  A  B
1025	   -- 1  A  A  D  F  6  B  E
1026	   -- 3  4  9  B  9  4  9  8
1027	   -- 5  D  2  6  5  D  1  3
1028	   -- 0  5  D  1  A  E  C  7
1029	   -- 9  C  B  2  B  B  3  1
1030	   -- 2  9  7  3  1  C  7  A
1031	   -- E  7  5  A  4  1  4  2
1032	   -- A  3  8  C  0  7  D  9
1033	   -- C  F  F  F  D  F  0  6
1034	   -- D  B  3  4  6  A  6  F
1035	   -- 6  8  6  E  8  0  F  D
1036	   -- 7  6  1  9  E  9  8  5
1037	   -- F  E  4  8  3  5  E  C
1038	   '80E7285041C57324B200C2AB1AADF6BE349B94985D265D1305D1AEC79CB2BB3
1039	129731C7AE75A4142A38C07D9CFFFDF06DB346A6F686E80FD7619E985FE4835EC'H
1040	    gost28147-89-CryptoPro-B-ParamSetAI
1041	        AlgorithmIdentifier ::=
1042	        {
1043	            algorithm
1044	                id-Gost28147-89-CryptoPro-B-ParamSet,
1045	            parameters
1046	                Gost28147-89-ParamSetParameters:{
1047	                    eUZ         gost28147-89-UZ-CryptoPro-B,
1048	                    mode        gost28147-89-CFB,
1049	                    shiftBits   64,
1050	                    keyWrap
1051	                        { algorithm id-Gost28147-89-CryptoPro-KeyWr
1052	ap },
1053	                    keyMeshing
1054	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1055	shing }
1056	                }

1058	        }
1059	    --
1060	  gost28147-89-UZ-CryptoPro-C Gost28147-89-UZ ::=
1061	   -- K1 K2 K3 K4 K5 K6 K7 K8
1062	   -- 1  0  8  3  8  C  A  7
1063	   -- B  1  2  6  D  9  9  4
1064	   -- C  7  5  0  B  B  6  0
1065	   -- 2  D  0  1  0  1  8  5
1066	   -- 9  B  4  5  4  8  D  A
1067	   -- D  4  9  D  5  E  E  2
1068	   -- 0  5  F  A  1  2  2  F
1069	   -- F  2  A  8  2  4  0  E
1070	   -- 4  8  3  B  9  7  F  C
1071	   -- 5  E  7  2  3  3  3  6
1072	   -- 8  F  C  9  C  6  5  1
1073	   -- E  C  D  7  E  5  B  B
1074	   -- A  9  6  E  6  A  4  D
1075	   -- 7  A  E  F  F  0  1  9
1076	   -- 6  6  1  C  A  F  C  3
1077	   -- 3  3  B  4  7  D  7  8
1078	   '10838CA7B126D994C750BB602D0101859B4548DAD49D5EE205FA122FF2A8240
1079	E483B97FC5E7233368FC9C651ECD7E5BBA96E6A4D7AEFF019661CAFC333B47D78'H
1080	    gost28147-89-CryptoPro-C-ParamSetAI
1081	        AlgorithmIdentifier ::=
1082	        {
1083	            algorithm
1084	                id-Gost28147-89-CryptoPro-C-ParamSet,
1085	            parameters
1086	                Gost28147-89-ParamSetParameters:{
1087	                    eUZ         gost28147-89-UZ-CryptoPro-C,
1088	                    mode        gost28147-89-CFB,
1089	                    shiftBits   64,
1090	                    keyWrap
1091	                        { algorithm id-Gost28147-89-CryptoPro-KeyWr
1092	ap },
1093	                    keyMeshing
1094	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1095	shing }
1096	                }
1097	        }
1098	    --
1099	  gost28147-89-UZ-CryptoPro-D Gost28147-89-UZ ::=
1100	   -- K1 K2 K3 K4 K5 K6 K7 K8
1101	   -- F  B  1  1  0  8  3  1
1102	   -- C  6  C  5  C  0  0  A
1103	   -- 2  3  B  E  8  F  6  6
1104	   -- A  4  0  C  9  3  F  8
1105	   -- 6  C  F  A  D  2  1  F
1106	   -- 4  F  E  7  2  5  E  B
1107	   -- 5  E  6  0  A  E  9  0
1108	   -- 0  2  5  D  B  B  2  4
1109	   -- 7  7  A  6  7  1  D  C
1110	   -- 9  D  D  2  3  A  8  3
1111	   -- E  8  4  B  6  4  C  5
1112	   -- D  0  8  4  5  7  4  9
1113	   -- 1  5  9  9  4  C  B  7
1114	   -- B  A  3  3  E  9  A  D
1115	   -- 8  9  7  F  F  D  5  2
1116	   -- 3  1  2  8  1  6  7  E'H
1117	   'FB110831C6C5C00A23BE8F66A40C93F86CFAD21F4FE725EB5E60AE90025DBB2
1118	477A671DC9DD23A83E84B64C5D084574915994CB7BA33E9AD897FFD523128167E'H
1119	    gost28147-89-CryptoPro-D-ParamSetAI
1120	        AlgorithmIdentifier ::=
1121	        {
1122	            algorithm
1123	                id-Gost28147-89-CryptoPro-D-ParamSet,
1124	            parameters
1125	                Gost28147-89-ParamSetParameters:{
1126	                    eUZ         gost28147-89-UZ-CryptoPro-D,
1127	                    mode        gost28147-89-CFB,
1128	                    shiftBits   64,
1129	                    keyWrap
1130	                        { algorithm id-Gost28147-89-CryptoPro-KeyWr
1131	ap },
1132	                    keyMeshing
1133	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1134	shing }
1135	                }
1136	        }
1137	    --
1138	    gost28147-89-CryptoPro-Simple-A-ParamSetAI
1139	        AlgorithmIdentifier ::=
1140	        {
1141	            algorithm
1142	                id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
1143	            parameters
1144	                Gost28147-89-ParamSetParameters:{
1145	                    eUZ         gost28147-89-UZ-CryptoPro-A,
1146	                    mode        gost28147-89-CFB,
1147	                    shiftBits   64,
1148	                    keyWrap
1149	                        { algorithm id-Gost28147-89-None-KeyWrap },
1150	                    keyMeshing
1151	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1152	shing }
1153	                }

1155	        }
1156	    --
1157	    gost28147-89-CryptoPro-Simple-B-ParamSetAI
1158	        AlgorithmIdentifier ::=
1159	        {
1160	            algorithm
1161	                id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
1162	            parameters
1163	                Gost28147-89-ParamSetParameters:{
1164	                    eUZ         gost28147-89-UZ-CryptoPro-B,
1165	                    mode        gost28147-89-CFB,
1166	                    shiftBits   64,
1167	                    keyWrap
1168	                        { algorithm id-Gost28147-89-None-KeyWrap },
1169	                    keyMeshing
1170	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1171	shing }
1172	                }
1173	        }
1174	    --
1175	    gost28147-89-CryptoPro-Simple-C-ParamSetAI
1176	        AlgorithmIdentifier ::=
1177	        {
1178	            algorithm
1179	                id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
1180	            parameters
1181	                Gost28147-89-ParamSetParameters:{
1182	                    eUZ         gost28147-89-UZ-CryptoPro-C,
1183	                    mode        gost28147-89-CFB,
1184	                    shiftBits   64,
1185	                    keyWrap
1186	                        { algorithm id-Gost28147-89-None-KeyWrap },
1187	                    keyMeshing
1188	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1189	shing }
1190	                }
1191	        }
1192	    --
1193	    gost28147-89-CryptoPro-Simple-D-ParamSetAI
1194	        AlgorithmIdentifier ::=
1195	        {
1196	            algorithm
1197	                id-Gost28147-89-CryptoPro-Simple-D-ParamSet,
1198	            parameters
1199	                Gost28147-89-ParamSetParameters:{
1200	                    eUZ         gost28147-89-UZ-CryptoPro-D,
1201	                    mode        gost28147-89-CFB,
1202	                    shiftBits   64,
1203	                    keyWrap
1204	                        { algorithm id-Gost28147-89-None-KeyWrap },
1205	                    keyMeshing
1206	                        { algorithm id-Gost28147-89-CryptoPro-KeyMe
1207	shing }
1208	                }
1209	        }
1210	END -- Gost28147-89-ParamSetSyntax

1212	10.4  GostR3411-94-DigestSyntax

1214	GostR3411-94-DigestSyntax
1215	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1216	      other(1) modules(1) gostR3411-94-DigestSyntax(1) 1 }
1217	DEFINITIONS ::=
1218	BEGIN
1219	-- EXPORTS All --
1220	-- The types and values defined in this module are exported for
1221	-- use in the other ASN.1 modules contained within the Russian
1222	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1223	-- of other applications which will use them to access Russian
1224	-- Cryptography services. Other applications may use them for
1225	-- their own purposes, but this will not constrain extensions and
1226	-- modifications needed to maintain or improve the Russian
1227	-- Cryptography service.
1228	    IMPORTS
1229	        id-CryptoPro-algorithms, id-CryptoPro-hashes,
1230	        gost28147-89-EncryptionSyntax, ALGORITHM-IDENTIFIER,
1231	        cryptographic-Gost-Useful-Definitions
1232	        FROM Cryptographic-Gost-Useful-Definitions
1233	            { iso(1) member-body(2) ru(643) rans(2)
1234	              cryptopro(2) other(1) modules(1)
1235	              cryptographic-Gost-Useful-Definitions(0) 1 }
1236	        Gost28147-89-Data, Gost28147-89-UZ
1237	        FROM Gost28147-89-EncryptionSyntax
1238	             gost28147-89-EncryptionSyntax
1239	    ;
1240	  -- GOST R 34.11-94 OID
1241	    id-GostR3411-94 OBJECT IDENTIFIER ::=
1242	        { id-CryptoPro-algorithms gostR3411-94(9) }
1243	  -- GOST R 34.11-94 cryptographic parameter set OIDs
1244	    id-GostR3411-94-TestParamSet OBJECT IDENTIFIER ::=
1245	        { id-CryptoPro-hashes test(0) }
1246	    id-GostR3411-94-CryptoProParamSet OBJECT IDENTIFIER ::=
1247	        { id-CryptoPro-hashes cryptopro(1) }
1248	  -- GOST R 34.11-94 data types
1249	    GostR3411-94-Data ::= Gost28147-89-Data
1250	    GostR3411-94-Digest ::= OCTET STRING (SIZE (32))

1252	  -- GOST R 34.11-94 digest algorithm & parameters
1253	    GostR3411-94-DigestParameters ::=
1254	        OBJECT IDENTIFIER (
1255	                id-GostR3411-94-TestParamSet |  -- Only for testing
1256	 purposes
1257	                id-GostR3411-94-CryptoProParamSet
1258	        )
1259	    GostR3411-94-DigestAlgorithms ALGORITHM-IDENTIFIER ::= {
1260	        { NULL IDENTIFIED BY id-GostR3411-94 } |
1261	                -- Assume id-GostR3411-94-CryptoProParamSet
1262	        { GostR3411-94-DigestParameters
1263	                IDENTIFIED BY id-GostR3411-94 }
1264	    }
1265	END -- GostR3411-94-DigestSyntax

1267	10.5  GostR3411-94-ParamSetSyntax

1269	GostR3411-94-ParamSetSyntax
1270	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1271	      other(1) modules(1) gostR3411-94-ParamSetSyntax(7) 1 }
1272	DEFINITIONS ::=
1273	BEGIN
1274	-- EXPORTS All --
1275	-- The types and values defined in this module are exported for
1276	-- use in the other ASN.1 modules contained within the Russian
1277	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1278	-- of other applications which will use them to access Russian
1279	-- Cryptography services. Other applications may use them for
1280	-- their own purposes, but this will not constrain extensions and
1281	-- modifications needed to maintain or improve the Russian
1282	-- Cryptography service.
1283	    IMPORTS
1284	        id-CryptoPro-algorithms, id-CryptoPro-hashes,
1285	        gost28147-89-EncryptionSyntax,
1286	        gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
1287	        cryptographic-Gost-Useful-Definitions
1288	        FROM Cryptographic-Gost-Useful-Definitions
1289	            { iso(1) member-body(2) ru(643) rans(2)
1290	              cryptopro(2) other(1) modules(1)
1291	              cryptographic-Gost-Useful-Definitions(0) 1 }
1292	        Gost28147-89-UZ
1293	        FROM Gost28147-89-EncryptionSyntax
1294	             gost28147-89-EncryptionSyntax
1295	        id-GostR3411-94-TestParamSet,
1296	        id-GostR3411-94-CryptoProParamSet,
1297	        GostR3411-94-Digest
1298	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
1299	        AlgorithmIdentifier
1300	        FROM PKIX1Explicit88 {iso(1) identified-organization(3)
1301	        dod(6) internet(1) security(5) mechanisms(5) pkix(7)
1302	        id-mod(0) id-pkix1-explicit-88(1)}
1303	    ;
1304	  -- GOST R 34.11-94 cryptographic parameter sets:
1305	  -- OIDs for parameter sets are imported from GostR3411-94-DigestS
1306	yntax
1307	    GostR3411-94-ParamSetParameters ::=
1308	        SEQUENCE {
1309	            hUZ Gost28147-89-UZ,    -- S-Box for digest
1310	            h0  GostR3411-94-Digest -- initial digest value
1311	        }
1312	    GostR3411-94-ParamSetAlgorithms ALGORITHM-IDENTIFIER ::= {
1313	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
1314	                id-GostR3411-94-TestParamSet
1315	        } |
1316	        { GostR3411-94-ParamSetParameters IDENTIFIED BY
1317	                id-GostR3411-94-CryptoProParamSet
1318	        }
1319	    }
1320	    -- GOST R 34.11-94 Tests parameter set
1321	    -- (GOST R 34.11-94 Annex A. Test vector)
1322	    gostR3411TestParamSetAI
1323	        AlgorithmIdentifier ::=
1324	        {
1325	            algorithm
1326	                id-GostR3411-94-TestParamSet,
1327	            parameters
1328	                GostR3411-94-ParamSetParameters:{
1329	                    hUZ
1330	                       -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
1331	                       -- 4   E   5   7   6   4   D   1
1332	                       -- A   B   8   D   C   B   B   F
1333	                       -- 9   4   1   A   7   A   4   D
1334	                       -- 2   C   D   1   1   0   1   0
1335	                       -- D   6   A   0   5   7   3   5
1336	                       -- 8   D   3   8   F   2   F   7
1337	                       -- 0   F   4   9   D   1   5   A
1338	                       -- E   A   2   F   8   D   9   4
1339	                       -- 6   2   E   E   4   3   0   9
1340	                       -- B   3   F   4   A   6   A   2
1341	                       -- 1   8   C   6   9   8   E   3
1342	                       -- C   1   7   C   E   5   7   E
1343	                       -- 7   0   6   B   0   9   6   6
1344	                       -- F   7   0   2   3   C   8   B
1345	                       -- 5   5   9   5   B   F   2   8
1346	                       -- 3   9   B   3   2   E   C   C
1347	                         '4E5764D1AB8DCBBF941A7A4D2CD11010D6A057358

1349	D38F2F70F49D15AEA2F8D9462EE4309B3F4A6A218C698E3C17CE57E706B0966F702
1350	3C8B5595BF2839B32ECC'H,
1351	                    h0   '00000000000000000000000000000000000000000
1352	00000000000000000000000'H
1353	                }
1354	        }
1355	    -- CryptoPro parameters
1356	    gostR3411CryptoProParamSetAI
1357	        AlgorithmIdentifier ::=
1358	        {
1359	            algorithm
1360	                id-GostR3411-94-CryptoProParamSet,
1361	            parameters
1362	                GostR3411-94-ParamSetParameters:{
1363	                    hUZ
1364	                       -- pi1 pi2 pi3 pi4 pi5 pi6 pi7 pi8
1365	                       -- A   5   7   4   7   7   D   1
1366	                       -- 4   F   F   A   6   6   E   3
1367	                       -- 5   4   C   7   4   2   4   A
1368	                       -- 6   0   E   C   B   4   1   9
1369	                       -- 8   2   9   0   9   D   7   5
1370	                       -- 1   D   4   F   C   9   0   B
1371	                       -- 3   B   1   2   2   F   5   4
1372	                       -- 7   9   0   8   A   0   A   F
1373	                       -- D   1   3   E   1   A   3   8
1374	                       -- C   7   B   1   8   1   C   6
1375	                       -- E   6   5   6   0   5   8   7
1376	                       -- 0   3   2   5   E   B   F   E
1377	                       -- 9   C   6   D   F   8   6   D
1378	                       -- 2   E   A   B   D   E   2   0
1379	                       -- B   A   8   9   3   C   9   2
1380	                       -- F   8   D   3   5   3   B   C
1381	                         'A57477D14FFA66E354C7424A60ECB41982909D751
1382	D4FC90B3B122F547908A0AFD13E1A38C7B181C6E65605870325EBFE9C6DF86D2EAB
1383	DE20BA893C92F8D353BC'H,
1384	                    h0   '00000000000000000000000000000000000000000
1385	00000000000000000000000'H
1386	                }
1387	        }
1388	END -- GostR3411-94-ParamSetSyntax

1390	10.6  GostR3410-94-PKISyntax

1392	GostR3410-94-PKISyntax
1393	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1394	      other(1) modules(1) gostR3410-94-PKISyntax(2) 1 }
1395	DEFINITIONS ::=
1396	BEGIN
1397	-- EXPORTS All --
1398	-- The types and values defined in this module are exported for
1399	-- use in the other ASN.1 modules contained within the Russian
1400	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1401	-- of other applications which will use them to access Russian
1402	-- Cryptography services. Other applications may use them for
1403	-- their own purposes, but this will not constrain extensions and
1404	-- modifications needed to maintain or improve the Russian
1405	-- Cryptography service.
1406	    IMPORTS
1407	        id-CryptoPro-algorithms,
1408	        id-CryptoPro-signs, id-CryptoPro-exchanges,
1409	        gost28147-89-EncryptionSyntax,
1410	        gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
1411	        cryptographic-Gost-Useful-Definitions
1412	        FROM Cryptographic-Gost-Useful-Definitions
1413	            { iso(1) member-body(2) ru(643) rans(2)
1414	              cryptopro(2) other(1) modules(1)
1415	              cryptographic-Gost-Useful-Definitions(0) 1 }
1416	        id-Gost28147-89-TestParamSet,
1417	        id-Gost28147-89-CryptoPro-A-ParamSet,
1418	        id-Gost28147-89-CryptoPro-B-ParamSet,
1419	        id-Gost28147-89-CryptoPro-C-ParamSet,
1420	        id-Gost28147-89-CryptoPro-D-ParamSet,
1421	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
1422	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
1423	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
1424	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1425	        FROM Gost28147-89-EncryptionSyntax
1426	             gost28147-89-EncryptionSyntax
1427	        id-GostR3411-94-TestParamSet,
1428	        id-GostR3411-94-CryptoProParamSet
1429	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
1430	    ;
1431	  -- GOST R 34.10-94 OIDs
1432	    id-GostR3410-94 OBJECT IDENTIFIER ::=
1433	        { id-CryptoPro-algorithms gostR3410-94(20) }
1434	    id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::=
1435	        { id-CryptoPro-algorithms
1436	          gostR3411-94-with-gostR3410-94(4) }
1437	  -- GOST R 34.10-94 public key parameter set OIDs
1438	    id-GostR3410-94-TestParamSet OBJECT IDENTIFIER ::=
1439	        { id-CryptoPro-signs test(0) }
1440	    id-GostR3410-94-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
1441	        { id-CryptoPro-signs cryptopro-A(2) }
1442	    id-GostR3410-94-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
1443	        { id-CryptoPro-signs cryptopro-B(3) }
1444	    id-GostR3410-94-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
1445	        { id-CryptoPro-signs cryptopro-C(4) }
1446	    id-GostR3410-94-CryptoPro-D-ParamSet OBJECT IDENTIFIER ::=
1447	        { id-CryptoPro-signs cryptopro-D(5) }
1448	    id-GostR3410-94-CryptoPro-XchA-ParamSet OBJECT IDENTIFIER ::=
1449	        { id-CryptoPro-exchanges cryptopro-XchA(1) }
1450	    id-GostR3410-94-CryptoPro-XchB-ParamSet OBJECT IDENTIFIER ::=
1451	        { id-CryptoPro-exchanges cryptopro-XchB(2) }
1452	    id-GostR3410-94-CryptoPro-XchC-ParamSet OBJECT IDENTIFIER ::=
1453	        { id-CryptoPro-exchanges cryptopro-XchC(3) }
1454	  -- GOST R 34.10-94 data types
1455	    GostR3410-94-CertificateSignature ::=
1456	        BIT STRING ( SIZE(256..512) )
1457	    GostR3410-94-PublicKeyOctetString ::=
1458	        OCTET STRING ( SIZE(
1459	                        64 |    -- Only for testing purposes
1460	                        128
1461	                        ) )
1462	    GostR3410-94-PublicKey ::=
1463	        BIT STRING ( SIZE(16..1048) )
1464	                        -- Container for GostR3410-94-PublicKeyOcte
1465	tString
1466	    GostR3410-94-PublicKeyParameters ::=
1467	        SEQUENCE {
1468	            publicKeyParamSet
1469	                OBJECT IDENTIFIER (
1470	                    id-GostR3410-94-TestParamSet |      -- Only for
1471	 testing purposes
1472	                    id-GostR3410-94-CryptoPro-A-ParamSet |
1473	                    id-GostR3410-94-CryptoPro-B-ParamSet |
1474	                    id-GostR3410-94-CryptoPro-C-ParamSet |
1475	                    id-GostR3410-94-CryptoPro-D-ParamSet |
1476	                    id-GostR3410-94-CryptoPro-XchA-ParamSet |
1477	                    id-GostR3410-94-CryptoPro-XchB-ParamSet |
1478	                    id-GostR3410-94-CryptoPro-XchC-ParamSet
1479	                ),
1480	            digestParamSet
1481	                OBJECT IDENTIFIER (
1482	                    id-GostR3411-94-TestParamSet |      -- Only for
1483	 testing purposes
1484	                    id-GostR3411-94-CryptoProParamSet
1485	                ),
1486	            encryptionParamSet
1487	                OBJECT IDENTIFIER (
1488	                    id-Gost28147-89-TestParamSet |      -- Only for
1489	 testing purposes
1490	                    id-Gost28147-89-CryptoPro-A-ParamSet |
1491	                    id-Gost28147-89-CryptoPro-B-ParamSet |
1492	                    id-Gost28147-89-CryptoPro-C-ParamSet |
1493	                    id-Gost28147-89-CryptoPro-D-ParamSet |
1494	                    id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
1495	                    id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
1496	                    id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
1497	                    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
1498	                ) OPTIONAL
1499	        }
1500	    GostR3410-94-PublicKeyAlgorithms  ALGORITHM-IDENTIFIER ::= {
1501	        { GostR3410-94-PublicKeyParameters IDENTIFIED BY
1502	                        id-GostR3410-94 }
1503	    }
1504	    GostR3410-94-CertificateSignatureAlgorithms
1505	        ALGORITHM-IDENTIFIER ::= {
1506	                { NULL IDENTIFIED BY
1507	                        id-GostR3411-94-with-GostR3410-94 } |
1508	                { GostR3410-94-PublicKeyParameters IDENTIFIED BY
1509	                        id-GostR3411-94-with-GostR3410-94 }
1510	        }
1511	END -- GostR3410-94-PKISyntax

1513	10.7  GostR3410-94-ParamSetSyntax

1515	GostR3410-94-ParamSetSyntax
1516	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1517	      other(1) modules(1) gostR3410-94-ParamSetSyntax(8) 1 }
1518	DEFINITIONS ::=
1519	BEGIN
1520	-- EXPORTS All --
1521	-- The types and values defined in this module are exported for
1522	-- use in the other ASN.1 modules contained within the Russian
1523	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1524	-- of other applications which will use them to access Russian
1525	-- Cryptography services. Other applications may use them for
1526	-- their own purposes, but this will not constrain extensions and
1527	-- modifications needed to maintain or improve the Russian
1528	-- Cryptography service.
1529	    IMPORTS
1530	        id-CryptoPro-algorithms,
1531	        id-CryptoPro-signs, id-CryptoPro-exchanges,
1532	        gostR3410-94-PKISyntax, ALGORITHM-IDENTIFIER,
1533	        cryptographic-Gost-Useful-Definitions
1534	        FROM Cryptographic-Gost-Useful-Definitions
1535	            { iso(1) member-body(2) ru(643) rans(2)
1536	              cryptopro(2) other(1) modules(1)
1537	              cryptographic-Gost-Useful-Definitions(0) 1 }
1538	        id-GostR3410-94,
1539	        id-GostR3410-94-TestParamSet,
1540	        id-GostR3410-94-CryptoPro-A-ParamSet,
1541	        id-GostR3410-94-CryptoPro-B-ParamSet,
1542	        id-GostR3410-94-CryptoPro-C-ParamSet,
1543	        id-GostR3410-94-CryptoPro-D-ParamSet,
1544	        id-GostR3410-94-CryptoPro-XchA-ParamSet,
1545	        id-GostR3410-94-CryptoPro-XchB-ParamSet,
1546	        id-GostR3410-94-CryptoPro-XchC-ParamSet
1547	        FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax
1548	        AlgorithmIdentifier
1549	        FROM PKIX1Explicit88 {iso(1) identified-organization(3)
1550	        dod(6) internet(1) security(5) mechanisms(5) pkix(7)
1551	        id-mod(0) id-pkix1-explicit-88(1)}
1552	    ;
1553	  -- GOST R 34.10-94 public key parameter sets:
1554	  -- OIDs for parameter sets are imported from GostR3410-94-PKISynt
1555	ax
1556	    GostR3410-94-ParamSetParameters ::=
1557	        SEQUENCE {
1558	            t    INTEGER (512 | 1024),  -- 512 - only for testing p
1559	urposes
1560	            p    INTEGER (
1561	                        1675975991242824637446753124775730765934920
1562	7275740491722154451804652205037591933721002342872708629284612539822
1563	73310756356719235351493321243304206125760513
1564	                        ..
1565	                        1340780792994259709957402499820584612747936
1566	5820592393377723561443721764030073546976801874298166903427690031858
1567	186486050853753882811946569946433649006084095
1568	                        |
1569	                        1123558209288947442330815744243140458511235
1570	6118389416079589380072358292237843810195794279832650471001320007117
1571	4919620848536743605509010389058029644149671327736104933390540928297
1572	6888872507788088246581768450531286055238441764640393009211956940880
1573	1702322709406917786643639996702871154982269052209770601514008577
1574	                        ..
1575	                        1797693134862315907729305190789024733617976
1576	9789423065727343008115773267580550096313270847732240753602112011387
1577	9871393357658789768814416622492847430639474124377767893424865485276
1578	3022196012460941194530829520850057688381506823424628814739131105408
1579	27237163350510684586298239947245938479716304835356329624224137215
1580	                        ),      -- 2^509 < p < 2^512 or 2^1020 < p
1581	< 2^1024
1582	            q       INTEGER (
1583	                        2894802230932904885589274625217197696331749
1584	6166410141009864396001978282409985
1585	                        ..
1586	                        1157920892373161954235709850086879078532699
1587	84665640564039457584007913129639935
1588	                        ),      -- 2^254 < q < 2^256

1590	            a       INTEGER (
1591	                        2
1592	                        ..
1593	                        1797693134862315907729305190789024733617976
1594	9789423065727343008115773267580550096313270847732240753602112011387
1595	9871393357658789768814416622492847430639474124377767893424865485276
1596	3022196012460941194530829520850057688381506823424628814739131105408
1597	27237163350510684586298239947245938479716304835356329624224137214
1598	                        ),      -- 1 < a < p-1 < 2^1024-1
1599	            validationAlgorithm
1600	                AlgorithmIdentifier OPTIONAL
1601	                        -- {{ GostR3410-94-ValidationAlgorithms }}
1602	        }
1603	    GostR3410-94-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
1604	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1605	                        id-GostR3410-94-TestParamSet } |
1606	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1607	                        id-GostR3410-94-CryptoPro-A-ParamSet  } |
1608	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1609	                        id-GostR3410-94-CryptoPro-B-ParamSet  } |
1610	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1611	                        id-GostR3410-94-CryptoPro-C-ParamSet  } |
1612	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1613	                        id-GostR3410-94-CryptoPro-D-ParamSet  } |
1614	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1615	                        id-GostR3410-94-CryptoPro-XchA-ParamSet  }
1616	|
1617	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1618	                        id-GostR3410-94-CryptoPro-XchB-ParamSet  }
1619	|
1620	        { GostR3410-94-ParamSetParameters IDENTIFIED BY
1621	                        id-GostR3410-94-CryptoPro-XchC-ParamSet  }
1622	    }
1623	  -- GOST R 34.10-94 validation/constructor
1624	    id-GostR3410-94-a           OBJECT IDENTIFIER ::=
1625	        { id-GostR3410-94 a(1) }
1626	    id-GostR3410-94-aBis        OBJECT IDENTIFIER ::=
1627	        { id-GostR3410-94 aBis(2) }
1628	    id-GostR3410-94-b           OBJECT IDENTIFIER ::=
1629	        { id-GostR3410-94 b(3) }
1630	    id-GostR3410-94-bBis        OBJECT IDENTIFIER ::=
1631	        { id-GostR3410-94 bBis(4) }
1632	    GostR3410-94-ValidationParameters ::=
1633	        SEQUENCE {
1634	            t    INTEGER (512 | 1024),  -- 512 - only for testing p
1635	urposes
1636	            x0   INTEGER (0 .. 65535),
1637	            c    INTEGER (0 .. 65535),
1638	            d    INTEGER (
1639	                        2
1640	                        ..
1641	                        1797693134862315907729305190789024733617976
1642	9789423065727343008115773267580550096313270847732240753602112011387
1643	9871393357658789768814416622492847430639474124377767893424865485276
1644	3022196012460941194530829520850057688381506823424628814739131105408
1645	27237163350510684586298239947245938479716304835356329624224137214
1646	                        )       -- 1 < d < p-1 < 2^1024-1
1647	                        OPTIONAL
1648	        }
1649	    GostR3410-94-ValidationBisParameters ::=
1650	        SEQUENCE {
1651	            t    INTEGER (512 | 1024),  -- 512 - only for testing p
1652	urposes
1653	            x0   INTEGER (0 .. 4294967295),
1654	            c    INTEGER (0 .. 4294967295),
1655	            d    INTEGER (
1656	                        2
1657	                        ..
1658	                        1797693134862315907729305190789024733617976
1659	9789423065727343008115773267580550096313270847732240753602112011387
1660	9871393357658789768814416622492847430639474124377767893424865485276
1661	3022196012460941194530829520850057688381506823424628814739131105408
1662	27237163350510684586298239947245938479716304835356329624224137214
1663	                        )       -- 1 < d < p-1 < 2^1024-1
1664	                        OPTIONAL
1665	        }
1666	    GostR3410-94-ValidationAlgorithms  ALGORITHM-IDENTIFIER ::= {
1667	        { GostR3410-94-ValidationParameters IDENTIFIED BY
1668	                        id-GostR3410-94-a } |
1669	        { GostR3410-94-ValidationBisParameters IDENTIFIED BY
1670	                        id-GostR3410-94-aBis } |
1671	        { GostR3410-94-ValidationParameters IDENTIFIED BY
1672	                        id-GostR3410-94-b } |
1673	        { GostR3410-94-ValidationBisParameters IDENTIFIED BY
1674	                        id-GostR3410-94-bBis }
1675	    }
1676	  -- GOST R 34.10-94 keys parameter sets
1677	    -- GOST R 34.10-94 Tests parameter set
1678	    -- (GOST R 34.10-94 Annex A. Test vector)
1679	    gostR3410-94-TestParamSetAI
1680	        AlgorithmIdentifier ::=
1681	        {
1682	            algorithm
1683	                id-GostR3410-94-TestParamSet,
1684	            parameters
1685	                GostR3410-94-ParamSetParameters:{
1686	                    t       512,
1687	                    p       124915547966163973920072918453616810199
1688	8078908472884630401364679546630263334642577236927706463888185842887
1689	9662416202925770315709968465491470753112581700067,
1690	                    q       690083979912374782185295287117535788574
1691	64356221556536838757636132646301588781,
1692	                    a       830582195677962819385275050881175724488
1693	9982632821843521491035713173371468528798753831744267407230704527461
1694	062321732669034432746173786958142572929772413468,
1695	                    validationAlgorithm {
1696	                            algorithm
1697	                                id-GostR3410-94-a,
1698	                            parameters
1699	                                GostR3410-94-ValidationParameters:
1700	{
1701	                                    t       512,
1702	                                    x0      24265,
1703	                                    c       29505,
1704	                                    d       2
1705	                                }
1706	                        }
1707	                }
1708	        }
1709	    -- CryptoPro parameters
1710	    gostR3410-94-CryptoPro-A-ParamSetAI
1711	        AlgorithmIdentifier ::=
1712	        {
1713	            algorithm
1714	                id-GostR3410-94-CryptoPro-A-ParamSet,
1715	            parameters
1716	                GostR3410-94-ParamSetParameters:{
1717	                    t       1024,
1718	                    p       127021248288932417465907042777176443525
1719	7876535089165358128175072657050312609850984974231883334834011809259
1720	9999512098893413065920561499672425412104927434935707492031276956145
1721	1689224110579311248812610229678534638401693520013288995000362260684
1722	2227508135323070045173416336850045410625869714168836867788425378203
1723	83,
1724	                    q       683631961449557007844441656118272528951
1725	02170888761442055095051287550314083023,
1726	                    a       100997906755055304772081815535925224869
1727	8410825720534578748235158755771479905292727772441528526992987964833
1728	5669968284202797289605274717317548059048560713474685214192868091256
1729	1502802222185647539190902656116367847270145019066794290930185446216
1730	3997308722217328898303231940973554032134009725883228768509467406639
1731	62,
1732	                    validationAlgorithm {
1733	                            algorithm
1734	                                id-GostR3410-94-bBis,
1735	                            parameters
1736	                                GostR3410-94-ValidationBisParameter
1737	s: {
1738	                                    t       1024,
1739	                                    x0      1376285941,
1740	                                    c       3996757427
1741	                                }
1742	                        }
1743	                }
1744	        }
1745	    --
1746	    gostR3410-94-CryptoPro-B-ParamSetAI
1747	        AlgorithmIdentifier ::=
1748	        {
1749	            algorithm
1750	                id-GostR3410-94-CryptoPro-B-ParamSet,
1751	            parameters
1752	                GostR3410-94-ParamSetParameters:{
1753	                    t       1024,
1754	                    p       139454871199115825601409655107690713107
1755	0417070599280317977580014543757653577229840941243685222882398330391
1756	1468164807668823692122073732267216074074777170091113455043205380464
1757	7694904686120113087816240740184800477047157336662926249423571248823
1758	9685422217536601433914856808405203368594584948031873412885804895251
1759	63,
1760	                    q       798851416634109768976271189357563237473
1761	07951916507639758300472692338873533959,
1762	                    a       429418261486158041438734477379555023926
1763	7234596860714306679811299408947123142002706038521669956384871995765
1764	7284814898909770759462613437669456364882730370838934791080835932647
1765	9767786019153434744009610342313166725786869204821949328786333602033
1766	8479709268434224762105576023501613261478065276102850944540333865234
1767	1,
1768	                    validationAlgorithm {
1769	                            algorithm
1770	                                id-GostR3410-94-bBis,
1771	                            parameters
1772	                                GostR3410-94-ValidationBisParameter
1773	s: {
1774	                                    t       1024,
1775	                                    x0      1536654555,
1776	                                    c       1855361757,
1777	                                    d       14408629386140014567655
1778	4902939282056547857802241461782996702017713059974755104394739915140
1779	6115284791024439062735788342744854120601660303926203867703556828005
1780	8957203818114895398976594425537561271800850306
1781	                                }

1783	                        }
1784	                }
1785	        }
1786	    --
1787	    gostR3410-94-CryptoPro-C-ParamSetAI
1788	        AlgorithmIdentifier ::=
1789	        {
1790	            algorithm
1791	                id-GostR3410-94-CryptoPro-C-ParamSet,
1792	            parameters
1793	                GostR3410-94-ParamSetParameters:{
1794	                    t       1024,
1795	                    p       110624679233511963040518952417017040248
1796	5862954819831383774196396298584395948970608956170224210628525560327
1797	8638246716655439297654402921844747893079518669992827880792192992701
1798	1428546551433875806377110443534293554066712653034996277099320715774
1799	3542287621283671843703709141350171945045805050291770503634517804938
1800	01,
1801	                    q       113468861199819350564868233378875198043
1802	267947776488510997961231672532899549103,
1803	                    a       816552717970881016017893191415300348226
1804	2544051353358162468249467681876621283478212884286545844013955142622
1805	2087723485023722868022275009502224827866201744494021697716482008353
1806	6398202298024892620480898699335508064332313529725332208819456895108
1807	5155178100221003459370588291073071186553005962149936840737128710832
1808	3,
1809	                    validationAlgorithm {
1810	                            algorithm
1811	                                id-GostR3410-94-bBis,
1812	                            parameters
1813	                                GostR3410-94-ValidationBisParameter
1814	s: {
1815	                                    t       1024,
1816	                                    x0      113275885,
1817	                                    c       3037364845,
1818	                                    d       9175906676429839327
1819	                                }
1820	                        }
1821	                }
1822	        }
1823	    --
1824	    gostR3410-94-CryptoPro-D-ParamSetAI
1825	        AlgorithmIdentifier ::=
1826	        {
1827	            algorithm
1828	                id-GostR3410-94-CryptoPro-D-ParamSet,
1829	            parameters
1830	                GostR3410-94-ParamSetParameters:{
1831	                    t       1024,
1832	                    p       905457649621929965904290958774625315611
1833	3056083907389766971404812524422262512556054474620855996091570786713
1834	5849550236741915584185990627801066465809510095784713989819413820871
1835	5964648914493053407920737078890520482730623038837767710173664838239
1836	8574828787891286471201460474326612697849693665518073864436497893214
1837	9,
1838	                    q       108988435796353506912374591498972192620
1839	190487557619582334771735390599299211593,
1840	                    a       756976611021707301782128757801610628085
1841	5283803109571158829574281419208532589041660017017859858216341400371
1842	4687551412794400562878935266630754392677014598582103365983119173924
1843	4732511225464712252386803315902707727668715343476086350472025298282
1844	7271461690125050616858238384366331089777463541013033926723743254833
1845	7,
1846	                    validationAlgorithm {
1847	                            algorithm
1848	                                id-GostR3410-94-bBis,
1849	                            parameters
1850	                                GostR3410-94-ValidationBisParameter
1851	s: {
1852	                                    t       1024,
1853	                                    x0      333089693,
1854	                                    c       2699681355,
1855	                                    d       69158877639013014811917
1856	44665240278894786443822142755842460366243252
1857	                                }
1858	                        }
1859	                }
1860	        }
1861	    --
1862	    gostR3410-94-CryptoPro-XchA-ParamSetAI
1863	        AlgorithmIdentifier ::=
1864	        {
1865	            algorithm
1866	                id-GostR3410-94-CryptoPro-XchA-ParamSet,
1867	            parameters
1868	                GostR3410-94-ParamSetParameters:{
1869	                    t       1024,
1870	                    p       142011741597563481196368286022318089743
1871	2761383952437387628725734419274593935127189736311660784676003608489
1872	4662356762579528277471921224192907104613420838063639408451269182889
1873	4000571524625445295769349356752728956831541775441763139384457191755
1874	0968471078465956625479423122933384839245143396147277606818806097342
1875	39,
1876	                    q       917715298965546059455881490183827502172
1877	96858393520724172743325725474374979801,
1878	                    a       133531813272720673433859519948319001217

1880	9423759678474868994823595993696425287347124615904033277318214103280
1881	1252925387191478859899310331056774413619636480306472137782665689868
1882	6468463277710150809401182608770201615324990468332931294920912776241
1883	1378780302243557466062839716593764268326742697808800616315281634758
1884	87,
1885	                    validationAlgorithm {
1886	                            algorithm
1887	                                id-GostR3410-94-bBis,
1888	                            parameters
1889	                                GostR3410-94-ValidationBisParameter
1890	s: {
1891	                                    t       1024,
1892	                                    x0      3495862036,
1893	                                    c       1177570399,
1894	                                    d       35478896102409188951396
1895	4706477208328196239186534141058228233456746622201867258017799725121
1896	69905264460862437764160334831107459
1897	                                }
1898	                        }
1899	                }
1900	        }
1901	    --
1902	    gostR3410-94-CryptoPro-XchB-ParamSetAI
1903	        AlgorithmIdentifier ::=
1904	        {
1905	            algorithm
1906	                id-GostR3410-94-CryptoPro-XchB-ParamSet,
1907	            parameters
1908	                GostR3410-94-ParamSetParameters:{
1909	                    t       1024,
1910	                    p       102894612662499485967655207436053031521
1911	7970499989304888248413244847492302275847016799887100360467070487737
1912	7286176171227694098633153908956878412911010951269050334539386987129
1913	5783467257264868341720019662986056119366675242968236739708481517975
1914	2036423595736533689573920617698552845939650425308950460880671602694
1915	33,
1916	                    q       910967139180262691658231805060355567362
1917	87694981825930883887968885281641595199,
1918	                    a       889086472782842315169999580187575789103
1919	1463338652579140051973659304813144068585706736982940794774449630665
1920	6291505503608252399443790027238674914599623086783222866197754399281
1921	6745254823298629859875357546628605173883785473616768576901778033580
1922	4511440773337196253842353291939447787366475282450998661787899244317
1923	7,
1924	                    validationAlgorithm {
1925	                            algorithm
1926	                                id-GostR3410-94-bBis,
1927	                            parameters
1928	                                GostR3410-94-ValidationBisParameter
1929	s: {
1930	                                    t       1024,
1931	                                    x0      2046851076,
1932	                                    c       3541716983,
1933	                                    d       57332667610989476056615
1934	969728891533566058787317492748441827236576904274546146
1935	                                }
1936	                        }
1937	                }
1938	        }
1939	    --
1940	    gostR3410-94-CryptoPro-XchC-ParamSetAI
1941	        AlgorithmIdentifier ::=
1942	        {
1943	            algorithm
1944	                id-GostR3410-94-CryptoPro-XchC-ParamSet,
1945	            parameters
1946	                GostR3410-94-ParamSetParameters:{
1947	                    t       1024,
1948	                    p       124699636699347751360714726579406443620
1949	3408861395055989217248455729987073769899965148066236472399285932086
1950	8822848751165438350943327664722262594061556058045004094721182602772
1951	9977563540237169063044807971577164944777844700059741903245772222625
1952	3269698374446528353527293043937461065763833491510017159309241154995
1953	49,
1954	                    q       678787613733659123438029502006568252711
1955	81294680501479431146754294748422492761,
1956	                    a       443061846429758418247313503080985932686
1957	3990650118941756995270074860997318142695023523962323911055745082691
1958	9295792878938752101867704718162325102751695310043185596483760265782
1959	7828194249605561893696586532551313719448313624777365346841011879674
1960	0709840825496997937556072234510670472108602597930996876319307290833
1961	4,
1962	                    validationAlgorithm {
1963	                            algorithm
1964	                                id-GostR3410-94-bBis,
1965	                            parameters
1966	                                GostR3410-94-ValidationBisParameter
1967	s: {
1968	                                    t       1024,
1969	                                    x0      371898640,
1970	                                    c       2482514131,
1971	                                    d       39341170171309491894611
1972	6909229454740026575590650016887148241594213466186452691964676993
1973	                                }
1974	                        }
1975	                }

1977	        }
1978	END -- GostR3410-94-ParamSetSyntax

1980	10.8  GostR3410-2001-PKISyntax

1982	GostR3410-2001-PKISyntax
1983	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
1984	      other(1) modules(1) gostR3410-2001-PKISyntax(9) 1 }
1985	DEFINITIONS ::=
1986	BEGIN
1987	-- EXPORTS All --
1988	-- The types and values defined in this module are exported for
1989	-- use in the other ASN.1 modules contained within the Russian
1990	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
1991	-- of other applications which will use them to access Russian
1992	-- Cryptography services. Other applications may use them for
1993	-- their own purposes, but this will not constrain extensions and
1994	-- modifications needed to maintain or improve the Russian
1995	-- Cryptography service.
1996	    IMPORTS
1997	        id-CryptoPro-algorithms,
1998	        id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
1999	        gost28147-89-EncryptionSyntax,
2000	        gostR3411-94-DigestSyntax, ALGORITHM-IDENTIFIER,
2001	        cryptographic-Gost-Useful-Definitions
2002	        FROM Cryptographic-Gost-Useful-Definitions
2003	            { iso(1) member-body(2) ru(643) rans(2)
2004	              cryptopro(2) other(1) modules(1)
2005	              cryptographic-Gost-Useful-Definitions(0) 1 }
2006	        id-Gost28147-89-TestParamSet,
2007	        id-Gost28147-89-CryptoPro-A-ParamSet,
2008	        id-Gost28147-89-CryptoPro-B-ParamSet,
2009	        id-Gost28147-89-CryptoPro-C-ParamSet,
2010	        id-Gost28147-89-CryptoPro-D-ParamSet,
2011	        id-Gost28147-89-CryptoPro-Simple-A-ParamSet,
2012	        id-Gost28147-89-CryptoPro-Simple-B-ParamSet,
2013	        id-Gost28147-89-CryptoPro-Simple-C-ParamSet,
2014	        id-Gost28147-89-CryptoPro-Simple-D-ParamSet
2015	        FROM Gost28147-89-EncryptionSyntax
2016	             gost28147-89-EncryptionSyntax
2017	        id-GostR3411-94-TestParamSet,
2018	        id-GostR3411-94-CryptoProParamSet
2019	        FROM GostR3411-94-DigestSyntax gostR3411-94-DigestSyntax
2020	    ;
2021	  -- GOST R 34.10-2001 OIDs
2022	    id-GostR3410-2001 OBJECT IDENTIFIER ::=
2023	        { id-CryptoPro-algorithms gostR3410-2001(19) }
2024	    id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::=
2025	        { id-CryptoPro-algorithms
2026	          gostR3411-94-with-gostR3410-2001(3) }
2027	  -- GOST R 34.10-2001 public key parameter set OIDs
2028	    id-GostR3410-2001-TestParamSet OBJECT IDENTIFIER ::=
2029	        { id-CryptoPro-ecc-signs test(0) }
2030	    id-GostR3410-2001-CryptoPro-A-ParamSet OBJECT IDENTIFIER ::=
2031	        { id-CryptoPro-ecc-signs cryptopro-A(1) }
2032	    id-GostR3410-2001-CryptoPro-B-ParamSet OBJECT IDENTIFIER ::=
2033	        { id-CryptoPro-ecc-signs cryptopro-B(2) }
2034	    id-GostR3410-2001-CryptoPro-C-ParamSet OBJECT IDENTIFIER ::=
2035	        { id-CryptoPro-ecc-signs cryptopro-C(3) }
2036	    id-GostR3410-2001-CryptoPro-XchA-ParamSet
2037	        OBJECT IDENTIFIER ::=
2038	                { id-CryptoPro-ecc-exchanges cryptopro-XchA(0) }
2039	    id-GostR3410-2001-CryptoPro-XchB-ParamSet
2040	        OBJECT IDENTIFIER ::=
2041	                { id-CryptoPro-ecc-exchanges cryptopro-XchB(1) }
2042	  -- GOST R 34.10-2001 Data Types
2043	    GostR3410-2001-CertificateSignature ::=
2044	        BIT STRING ( SIZE(256..512) )
2045	    GostR3410-2001-PublicKeyOctetString ::=
2046	        OCTET STRING ( SIZE(64) )
2047	    GostR3410-2001-PublicKey ::=
2048	        BIT STRING ( SIZE(16..524) )
2049	                        -- Container for GostR3410-2001-PublicKeyOc
2050	tetString
2051	    GostR3410-2001-PublicKeyParameters ::=
2052	        SEQUENCE {
2053	            publicKeyParamSet
2054	                OBJECT IDENTIFIER (
2055	                    id-GostR3410-2001-TestParamSet |    -- Only for
2056	 testing purposes
2057	                    id-GostR3410-2001-CryptoPro-A-ParamSet |
2058	                    id-GostR3410-2001-CryptoPro-B-ParamSet |
2059	                    id-GostR3410-2001-CryptoPro-C-ParamSet |
2060	                    id-GostR3410-2001-CryptoPro-XchA-ParamSet |
2061	                    id-GostR3410-2001-CryptoPro-XchB-ParamSet
2062	                ),
2063	            digestParamSet
2064	                OBJECT IDENTIFIER (
2065	                    id-GostR3411-94-TestParamSet |      -- Only for
2066	 testing purposes
2067	                    id-GostR3411-94-CryptoProParamSet
2068	                ),
2069	            encryptionParamSet
2070	                OBJECT IDENTIFIER (
2071	                    id-Gost28147-89-TestParamSet |      -- Only for
2072	 testing purposes
2073	                    id-Gost28147-89-CryptoPro-A-ParamSet |
2074	                    id-Gost28147-89-CryptoPro-B-ParamSet |
2075	                    id-Gost28147-89-CryptoPro-C-ParamSet |
2076	                    id-Gost28147-89-CryptoPro-D-ParamSet |
2077	                    id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
2078	                    id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
2079	                    id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
2080	                    id-Gost28147-89-CryptoPro-Simple-D-ParamSet
2081	                ) OPTIONAL
2082	        }
2083	    GostR3410-2001-PublicKeyAlgorithms  ALGORITHM-IDENTIFIER ::= {
2084	        { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
2085	                        id-GostR3410-2001 }
2086	    }
2087	    GostR3410-2001-CertificateSignatureAlgorithms
2088	        ALGORITHM-IDENTIFIER ::= {
2089	                { NULL IDENTIFIED BY
2090	                        id-GostR3411-94-with-GostR3410-2001 } |
2091	                { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
2092	                        id-GostR3411-94-with-GostR3410-2001 }
2093	      }
2094	END -- GostR3410-2001-PKISyntax

2096	10.9  GostR3410-2001-ParamSetSyntax

2098	GostR3410-2001-ParamSetSyntax
2099	    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)
2100	      other(1) modules(1) gostR3410-2001-ParamSetSyntax(12) 1 }
2101	DEFINITIONS ::=
2102	BEGIN
2103	-- EXPORTS All --
2104	-- The types and values defined in this module are exported for
2105	-- use in the other ASN.1 modules contained within the Russian
2106	-- Cryptography "GOST" & "GOST R" Specifications, and for the use
2107	-- of other applications which will use them to access Russian
2108	-- Cryptography services. Other applications may use them for
2109	-- their own purposes, but this will not constrain extensions and
2110	-- modifications needed to maintain or improve the Russian
2111	-- Cryptography service.
2112	    IMPORTS
2113	        id-CryptoPro-algorithms,
2114	        id-CryptoPro-ecc-signs, id-CryptoPro-ecc-exchanges,
2115	        gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER,
2116	        cryptographic-Gost-Useful-Definitions
2117	        FROM Cryptographic-Gost-Useful-Definitions
2118	            { iso(1) member-body(2) ru(643) rans(2)
2119	              cryptopro(2) other(1) modules(1)
2120	              cryptographic-Gost-Useful-Definitions(0) 1 }

2122	        id-GostR3410-2001,
2123	        id-GostR3410-2001-TestParamSet,
2124	        id-GostR3410-2001-CryptoPro-A-ParamSet,
2125	        id-GostR3410-2001-CryptoPro-B-ParamSet,
2126	        id-GostR3410-2001-CryptoPro-C-ParamSet,
2127	        id-GostR3410-2001-CryptoPro-XchA-ParamSet,
2128	        id-GostR3410-2001-CryptoPro-XchB-ParamSet
2129	        FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax
2130	        AlgorithmIdentifier
2131	        FROM PKIX1Explicit88 {iso(1) identified-organization(3)
2132	        dod(6) internet(1) security(5) mechanisms(5) pkix(7)
2133	        id-mod(0) id-pkix1-explicit-88(1)}
2134	    ;
2135	    GostR3410-2001-ParamSetParameters ::=
2136	        SEQUENCE {
2137	            a       INTEGER (
2138	                        1
2139	                  ..
2140	                        1157920892373161954235709850086879078532699
2141	84665640564039457584007913129639935
2142	                        ),      -- 0 < a < p < 2^256
2143	            b       INTEGER (
2144	                        1
2145	                  ..
2146	                        1157920892373161954235709850086879078532699
2147	84665640564039457584007913129639935
2148	                        ),      -- 0 < b < p < 2^256
2149	            p       INTEGER (
2150	                        2894802230932904885589274625217197696331749
2151	6166410141009864396001978282409985
2152	                        ..
2153	                        1157920892373161954235709850086879078532699
2154	84665640564039457584007913129639935
2155	                        ),      -- 2^254 < p < 2^256
2156	            q       INTEGER (
2157	                        2894802230932904885589274625217197696331749
2158	6166410141009864396001978282409985
2159	                        ..
2160	                        1157920892373161954235709850086879078532699
2161	84665640564039457584007913129639935
2162	                        ),      -- 2^254 < q < 2^256
2163	            x       INTEGER (0
2164	                  ..
2165	                        1157920892373161954235709850086879078532699
2166	84665640564039457584007913129639935
2167	                        ),      -- 0 < x < p < 2^256
2168	            y       INTEGER (0
2169	                  ..

2171	                        1157920892373161954235709850086879078532699
2172	84665640564039457584007913129639935
2173	                        )       -- 0 < y < p < 2^256
2174	        }
2175	  -- GOST R 34.10-2001 public key parameter set:
2176	  -- OIDs for parameter sets are imported from GostR3410-2001-PKISy
2177	ntax
2178	    GostR3410-2001-ParamSetAlgorithm ALGORITHM-IDENTIFIER ::= {
2179	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2180	                        id-GostR3410-2001-TestParamSet } |
2181	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2182	                        id-GostR3410-2001-CryptoPro-A-ParamSet  } |
2183	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2184	                        id-GostR3410-2001-CryptoPro-B-ParamSet  } |
2185	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2186	                        id-GostR3410-2001-CryptoPro-C-ParamSet  } |
2187	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2188	                        id-GostR3410-2001-CryptoPro-XchA-ParamSet
2189	} |
2190	        { GostR3410-2001-ParamSetParameters IDENTIFIED BY
2191	                        id-GostR3410-2001-CryptoPro-XchB-ParamSet
2192	}
2193	    }
2194	    gostR3410-2001-TestParamSet
2195	        AlgorithmIdentifier ::=
2196	        {
2197	            algorithm
2198	                id-GostR3410-2001-TestParamSet,
2199	            parameters
2200	                GostR3410-2001-ParamSetParameters:{
2201	                    a   7,
2202	                    b   4330887654676727690576590459565093199594211
2203	1794451039583252968842033849580414,
2204	                        -- 5FBFF498AA938CE739B8E022FBAFEF40563F6E6A
2205	3472FC2A514C0CE9DAE23B7E
2206	                    p   5789604461865809771178549250434395392663499
2207	2332820282019728792003956564821041,
2208	                        -- 8000000000000000000000000000000000000000
2209	000000000000000000000431
2210	                    q   5789604461865809771178549250434395392708293
2211	4583725450622380973592137631069619,
2212	                        -- 8000000000000000000000000000000150FE8A18
2213	92976154C59CFC193ACCF5B3
2214	                    x   2,
2215	                    y   4018974056590375033354494229370597756357393
2216	89905545080690979365213431566280
2217	                        -- 8E2A8A0E65147D4BD6316030E16D19C85C97F0A9
2218	CA267122B96ABBCEA7E8FC8
2219	                }
2220	        }
2221	    gostR3410-2001-CryptoPro-A-ParamSet
2222	        AlgorithmIdentifier ::=
2223	        {
2224	            algorithm
2225	                id-GostR3410-2001-CryptoPro-A-ParamSet,
2226	            parameters
2227	                GostR3410-2001-ParamSetParameters:{
2228	                    a   1157920892373161954235709850086879078532699
2229	84665640564039457584007913129639316,
2230	                        -- -3 == p - 3
2231	                    b   166,
2232	                        -- a6
2233	                    p   1157920892373161954235709850086879078532699
2234	84665640564039457584007913129639319,
2235	                        -- ffffffffffffffffffffffffffffffffffffffff
2236	fffffffffffffffffffffd97
2237	                    q   1157920892373161954235709850086879078530737
2238	62908499243225378155805079068850323,
2239	                        -- ffffffffffffffffffffffffffffffff6c611070
2240	995ad10045841b09b761b893
2241	                    x   1,
2242	                    y   6403388114292720268364988145043347398593176
2243	0268884941288852745803908878638612
2244	                        -- 8d91e471e0989cda27df505a453f2b7635294f2d
2245	df23e3b122acc99c9e9f1e14
2246	                }
2247	        }
2248	    gostR3410-2001-CryptoPro-B-ParamSet
2249	        AlgorithmIdentifier ::=
2250	        {
2251	            algorithm
2252	                id-GostR3410-2001-CryptoPro-B-ParamSet,
2253	            parameters
2254	                GostR3410-2001-ParamSetParameters:{
2255	                    a   5789604461865809771178549250434395392663499
2256	2332820282019728792003956564823190,
2257	                        -- -3 == p - 3
2258	                    b   2809101935305809009699697900030956075912436
2259	8558014865957655842872397301267595,
2260	                        -- 3e1af419a269a5f866a7d3c25c3df80ae9792593
2261	73ff2b182f49d4ce7e1bbc8b
2262	                    p   5789604461865809771178549250434395392663499
2263	2332820282019728792003956564823193,
2264	                        -- 8000000000000000000000000000000000000000
2265	000000000000000000000c99
2266	                    q   5789604461865809771178549250434395392710213

2268	3160255826820068844496087732066703,
2269	                        -- 800000000000000000000000000000015f700cff
2270	f1a624e5e497161bcc8a198f
2271	                    x   1,
2272	                    y   2879266581485461129699234745838028413502863
2273	6778229113005756334730996303888124
2274	                        -- 3fa8124359f96680b83d1c3eb2c070e5c545c985
2275	8d03ecfb744bf8d717717efc
2276	                }
2277	        }
2278	    gostR3410-2001-CryptoPro-C-ParamSet
2279	        AlgorithmIdentifier ::=
2280	        {
2281	            algorithm
2282	                id-GostR3410-2001-CryptoPro-C-ParamSet,
2283	            parameters
2284	                GostR3410-2001-ParamSetParameters:{
2285	                    a   7039008535208330519954771801901843784107951
2286	6630045180471284346843705633502616,
2287	                        -- -3 == p - 3
2288	                    b   32858,
2289	                        -- 805a
2290	                    p   7039008535208330519954771801901843784107951
2291	6630045180471284346843705633502619,
2292	                        -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86
2293	789051d37998f7b9022d759b
2294	                    q   7039008535208330519954771801901843784092088
2295	2647164081035322601458352298396601,
2296	                        -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
2297	1eddfb74f02f3a6598980bb9
2298	                    x   0,
2299	                    y   2981889391773124073347127324031476992724055
2300	0812383695689146495261604565990247
2301	                        -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440
2302	d4641a8f366e550dfdb3bb67
2303	                }
2304	        }
2305	    gostR3410-2001-CryptoPro-ExA-ParamSet
2306	        AlgorithmIdentifier ::=
2307	        {
2308	            algorithm
2309	                id-GostR3410-2001-CryptoPro-XchA-ParamSet,
2310	            parameters
2311	                GostR3410-2001-ParamSetParameters:{
2312	                    a   1157920892373161954235709850086879078532699
2313	84665640564039457584007913129639316,
2314	                        -- -3 == p - 3
2315	                    b   166,
2316	                        -- a6
2317	                    p   1157920892373161954235709850086879078532699
2318	84665640564039457584007913129639319,
2319	                        -- ffffffffffffffffffffffffffffffffffffffff
2320	fffffffffffffffffffffd97
2321	                    q   1157920892373161954235709850086879078530737
2322	62908499243225378155805079068850323,
2323	                        -- ffffffffffffffffffffffffffffffff6c611070
2324	995ad10045841b09b761b893
2325	                    x   1,
2326	                    y   6403388114292720268364988145043347398593176
2327	0268884941288852745803908878638612
2328	                        -- 8d91e471e0989cda27df505a453f2b7635294f2d
2329	df23e3b122acc99c9e9f1e14
2330	                }
2331	        }
2332	    gostR3410-2001-CryptoPro-ExB-ParamSet
2333	        AlgorithmIdentifier ::=
2334	        {
2335	            algorithm
2336	                id-GostR3410-2001-CryptoPro-XchB-ParamSet,
2337	            parameters
2338	                GostR3410-2001-ParamSetParameters:{
2339	                    a   7039008535208330519954771801901843784107951
2340	6630045180471284346843705633502616,
2341	                        -- -3 == p - 3
2342	                    b   32858,
2343	                        -- 805a
2344	                    p   7039008535208330519954771801901843784107951
2345	6630045180471284346843705633502619,
2346	                        -- 9b9f605f5a858107ab1ec85e6b41c8aacf846e86
2347	789051d37998f7b9022d759b
2348	                    q   7039008535208330519954771801901843784092088
2349	2647164081035322601458352298396601,
2350	                        -- 9b9f605f5a858107ab1ec85e6b41c8aa582ca351
2351	1eddfb74f02f3a6598980bb9
2352	                    x   0,
2353	                    y   2981889391773124073347127324031476992724055
2354	0812383695689146495261604565990247
2355	                        -- 41ece55743711a8c3cbf3783cd08c0ee4d4dc440
2356	d4641a8f366e550dfdb3bb67
2357	                }
2358	        }
2359	END -- GostR3410-2001-ParamSetSyntax

2361	11  References

2363	   [GOST28147]     "Cryptographic Protection for Data Processing Sys-
2364	                   tem", GOST 28147-89, Gosudarstvennyi Standard of
2365	                   USSR, Government Committee of the USSR for Standards,
2366	                   1989. (In Russian);

2368	   [GOSTR341094]   "Information technology. Cryptographic Data Security.
2369	                   Produce and check procedures of Electronic Digital
2370	                   Signatures based on Asymmetric Cryptographic Algo-
2371	                   rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of
2372	                   Russian Federation, Government Committee of the Rus-
2373	                   sia for Standards, 1994. (In Russian);

2375	   [GOSTR34102001] "Information technology. Cryptographic data security.
2376	                   Signature and verification processes of [electronic]
2377	                   digital signature.", GOST R 34.10-2001, Gosudarstven-
2378	                   nyi Standard of Russian Federation, Government Com-
2379	                   mittee of the Russia for Standards, 2001. (In Rus-
2380	                   sian);

2382	   [GOSTR341194]   "Information technology. Cryptographic Data Security.
2383	                   Hashing function.", GOST R 34.11-94, Gosudarstvennyi
2384	                   Standard of Russian Federation, Government Committee
2385	                   of the Russia for Standards, 1994. (In Russian);

2387	   [Schneier95]    B.   Schneier, Applied cryptography, second edition,
2388	                   John Wiley & Sons, Inc., 1995;

2390	   [X.660]         ITU-T Recommendation X.660 Information Technology -
2391	                   ASN.1 encoding rules: Specification of Basic Encoding
2392	                   Rules (BER), Canonical Encoding Rules (CER) and Dis-
2393	                   tinguished Encoding Rules (DER), 1997.

2395	   [RFC 2119]      Bradner, S., "Key Words for Use in RFCs to Indi-
2396	                   cateRequirement Levels", BCP 14, RFC 2119, March
2397	                   1997.

2399	   [HMAC]          H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed-
2400	                   Hashing for Message Authentication", RFC 2104  Febru-
2401	                   ary 1997.

2403	   [TLS]           The TLS Protocol Version 1.0.  T.  Dierks, C.  Allen.
2404	                   January 1999, RFC 2246.

2406	   [RFDSL]         "Russian Federal Digital Signature Law", 10 Jan 2002
2407	                   N1-FZ

2409	   [RFLLIC]        "Russian Federal Law on Licensing of Selected Activ-
2410	                   ity Categories", 08 Aug 2001 N 128-FZ

2412	   [CRYPTOLIC]     "Russian Federal Goverment Regulation on Licensing of
2413	                   Selected Activity Categories in Cryptography Area",
2414	                   23 Sep 2002 N 691

2416	12 Acknowledgments

2418	   This document was created in accordance with "Russian Cryptographic
2419	   Software Compatibility Agreement", signed by FGUE STC "Atlas",
2420	   CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
2421	   Cryptocom, R-Alpha.  The aim of this agreement is to achieve mutual
2422	   compatibility of the products and solutions.

2424	   The authors wish to thank:

2426	      Microsoft Corporation Russia for provided information about
2427	      company products and solutions, and also for technical consulting
2428	      in PKI.

2430	      RSA Security Russia and Demos Co Ltd for active collaboration and
2431	      critical help in creation of this document.

2433	      Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and
2434	      Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative,
2435	      creating this document.

2437	   This document is based on a contribution of CRYPTO-PRO Company.  Any
2438	   substantial use of the text from this document must acknowledge
2439	   CRYPTO-PRO.  CRYPTO-PRO requests that all material mentioning or
2440	   referencing this document identify this as "CRYPTO-PRO CPALGS".

2442	Author's Addresses

2444	   Vladimir Popov
2445	   CRYPTO-PRO
2446	   38, Obraztsova,
2447	   Moscow, 127018, Russian Federation
2448	   EMail: vpopov@cryptopro.ru

2450	   Igor Kurepkin
2451	   CRYPTO-PRO
2452	   38, Obraztsova,
2453	   Moscow, 127018, Russian Federation
2454	   EMail: kure@cryptopro.ru

2456	   Serguei Leontiev
2457	   CRYPTO-PRO
2458	   38, Obraztsova,
2459	   Moscow, 127018, Russian Federation
2460	   EMail: lse@cryptopro.ru

2462	   Grigorij Chudov
2463	   CRYPTO-PRO
2464	   38, Obraztsova,
2465	   Moscow, 127018, Russian Federation
2466	   EMail: chudov@cryptopro.ru

2468	   Alexandr Afanasiev
2469	   Factor-TC
2470	   office 711, 14, Presnenskij val,
2471	   Moscow, 123557, Russian Federation
2472	   EMail: aaaf@factor-ts.ru

2474	   Nikolaj Nikishin
2475	   Infotecs GmbH
2476	   p/b 35, 80-5, Leningradskij prospekt,
2477	   Moscow, 125315, Russian Federation
2478	   EMail: nikishin@infotecs.ru

2480	   Boleslav Izotov
2481	   FGUE STC "Atlas"
2482	   38, Obraztsova,
2483	   Moscow, 127018, Russian Federation
2484	   EMail: izotov@stcnet.ru

2486	   Elena Minaeva
2487	   MD PREI
2488	   build 3, 6A, Vtoroj Troitskij per.,
2489	   Moscow, Russian Federation
2490	   EMail: evminaeva@mo.msk.ru

2492	   Serguei Murugov
2493	   R-Alpha
2494	   4/1, Raspletina,
2495	   Moscow, 123060, Russian Federation
2496	   EMail: msm@office.ru

2498	   Igori Ustinov
2499	   Cryptocom
2500	   office 239, 51, Leninskij prospekt,
2501	   Moscow, 119991, Russian Federation
2502	   EMail: igus@cryptocom.ru

2504	   Anatolij Erkin
2505	   SPRCIS (SPbRCZI)
2506	   1, Obrucheva,
2507	   St.Petersburg, 195220, Russian Federation
2508	   EMail: erkin@nevsky.net

2510	Full Copyright Statement

2512	   Copyright (C) The Internet Society (2004).  All Rights Reserved.

2514	   This document and translations of it may be copied and furnished to
2515	   others, and derivative works that comment on or otherwise explain it
2516	   or assist in its implementation may be prepared, copied, published
2517	   and distributed, in whole or in part, without restriction of any
2518	   kind, provided that the above copyright notice and this paragraph are
2519	   included on all such copies and derivative works.  However, this
2520	   document itself may not be modified in any way, such as by removing
2521	   the copyright notice or references to the Internet Society or other
2522	   Internet organizations, except as needed for the purpose of
2523	   developing Internet standards in which case the procedures for
2524	   copyrights defined in the Internet Standards process must be
2525	   followed, or as required to translate it into languages other than
2526	   English.

2528	   The limited permissions granted above are perpetual and will not be
2529	   revoked by the Internet Society or its successors or assigns.

2531	   This document and the information contained herein is provided on an
2532	   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
2533	   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
2534	   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
2535	   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
2536	   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.