Skip to main content

A.5. PBMAC1

A.5. PBMAC1

The object identifier id-PBMAC1 identifies the PBMAC1 message authentication scheme (Section 7.1).

id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14}

The parameters field associated with this OID in an AlgorithmIdentifier shall have type PBMAC1-params:

PBMAC1-params ::=  SEQUENCE {
   keyDerivationFunc AlgorithmIdentifier {{PBMAC1-KDFs}},
   messageAuthScheme AlgorithmIdentifier {{PBMAC1-MACs}} }

The keyDerivationFunc field has the same meaning as the corresponding field of PBES2-params (Appendix A.4) except that the set of OIDs is PBMAC1-KDFs.

PBMAC1-KDFs ALGORITHM-IDENTIFIER ::=
   { {PBKDF2-params IDENTIFIED BY id-PBKDF2}, ... }

The messageAuthScheme field identifies the underlying message authentication scheme. It shall be an algorithm ID with an OID in the set PBMAC1-MACs, whose definition is left to the application. Examples of underlying encryption schemes are given in Appendix B.3.

PBMAC1-MACs ALGORITHM-IDENTIFIER ::= { ... }
Last updated on