A.3. PBES1
A.3. PBES1
Different object identifiers identify the PBES1 encryption scheme (Section 6.1) according to the underlying hash function in the key derivation function and the underlying block cipher, as summarized in the following table:
| Hash Function | Block Cipher | OID |
|---|---|---|
| MD2 | DES | pkcs-5.1 |
| MD2 | RC2 | pkcs-5.4 |
| MD5 | DES | pkcs-5.3 |
| MD5 | RC2 | pkcs-5.6 |
| SHA-1 | DES | pkcs-5.10 |
| SHA-1 | RC2 | pkcs-5.11 |
pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1}
pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4}
pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3}
pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6}
pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10}
pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11}
For each OID, the parameters field associated with the OID in an AlgorithmIdentifier shall have type PBEParameter:
PBEParameter ::= SEQUENCE {
salt OCTET STRING (SIZE(8)),
iterationCount INTEGER }
The fields of type PBEParameter have the following meanings:
-
salt specifies the salt value, an eight-octet string.
-
iterationCount specifies the iteration count.