### KEY-DERIVATION Example: kda-pbkdf2 Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5911.txt An example illustrating the definition of a specific key derivation algorithm (kda-pbkdf2) using the KEY-DERIVATION structure. ```ASN.1 kda-pbkdf2 KEY-DERIVATION ::= { IDENTIFIER id-PBKDF2 PARAMS TYPE PBKDF2-params ARE required } ``` -------------------------------- ### Example of CMS3DESwrap Key Wrap Algorithm Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Provides an example of a key wrap algorithm using CMS3DESwrap, specifying required parameters. ```ASN.1 -- Example: -- kwa-cms3DESwrap KEY-WRAP ::= { -- IDENTIFIER id-alg-CMS3DESwrap -- PARAMS TYPE NULL ARE required -- } ``` -------------------------------- ### KEY-WRAP Example: kwa-cms3DESwrap Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5911.txt An example illustrating the definition of a specific key wrap algorithm (kwa-cms3DESwrap) using the KEY-WRAP structure. ```ASN.1 kwa-cms3DESwrap KEY-WRAP ::= { IDENTIFIER id-alg-CMS3DESwrap PARAMS TYPE NULL ARE required } ``` -------------------------------- ### BLAKE2b-512 Computation Example (Initial State) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Shows the initial state of the message block (m) for a BLAKE2b-512 computation with the input 'abc'. ```Text m[16] = 0000000000636261 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ``` -------------------------------- ### Example Signature Algorithm Identifier Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5911.txt Shows an example of how to define a SignatureAlgorithmIdentifier using the generic AlgorithmIdentifier parameterized type. ```ASN.1 SignatureAlgorithmIdentifier ::= AlgorithmIdentifier{SIGNATURE-ALGORITHM, {SignatureAlgSet}} ``` -------------------------------- ### Example of RSA Transport Key Algorithm Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Provides an example of a key transport algorithm using RSA, specifying required parameters and supported public keys. ```ASN.1 -- Example: -- kta-rsaTransport KEY-TRANSPORT ::= { -- IDENTIFIER &id -- PARAMS TYPE NULL ARE required -- PUBLIC-KEYS { pk-rsa | pk-rsa-pss } -- } ``` -------------------------------- ### Example SHA-crypt w/ SHA-512 Hash Source: https://github.com/rustcrypto/formats/blob/master/mcf/README.md This is an example of a SHA-crypt hash using SHA-512, a common format within MCF. ```text $6$rounds=100000$exn6tVc2j/MZD8uG$BI1Xh8qQSK9J4m14uwy7abn.ctj/TIAzlaVCto0MQrOFIeTXsc1iwzH16XEWo/a7c7Y9eVJvufVzYAs4EsPOy0 ``` -------------------------------- ### KEY-AGREE Example: kaa-dh-static-ephemeral Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5911.txt An example illustrating the definition of a specific key agreement algorithm (kaa-dh-static-ephemeral) using the KEY-AGREE structure. ```ASN.1 kaa-dh-static-ephemeral KEY-AGREE ::= { IDENTIFIER id-alg-ESDH PARAMS TYPE KeyWrapAlgorithm ARE required PUBLIC-KEYS { {IDENTIFIER dh-public-number KEY DHPublicKey PARAMS TYPE DHDomainParameters ARE inheritable } } - - UKM should be present but is not separately ASN.1-encoded UKM ARE preferredPresent } ``` -------------------------------- ### Example of RSASSA-PSS Public Key Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Illustrates the definition of an RSASSA-PSS public key with specific parameters. ```ASN.1 -- IDENTIFIER id-RSASSA-PSS -- KEY RSAPublicKey -- PARAMS TYPE RSASSA-PSS-params ARE optional -- CERT-KEY-USAGE { .... } -- } ``` -------------------------------- ### BLAKE2b-512 Computation Example (v[16] after i=3) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Displays the internal state vector v after the fourth round (i=3) of a BLAKE2b-512 computation. ```Text (i= 3) v[16] = 60ED96AA7AD41725 E46A743C71800B9D 1A04B543A01F156B A2F8716E775C4877 DA0A61BCDE4267EA B1DD230754D7BDEE 25A1422779E06D14 E6823AE4C3FF58A5 A1677E19F37FD5DA 22BDCE6976B08C51 F1DE8696BEC11BF1 A0EBD586A4A1D2C8 ``` -------------------------------- ### Example OID Source: https://github.com/rustcrypto/formats/blob/master/const-oid/README.md An example of an Object Identifier (OID) used to identify the rsaEncryption algorithm. ```text 1.2.840.113549.1.1.1 ``` -------------------------------- ### HMAC-SHA1 MAC Algorithm Example Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Example of defining the HMAC-SHA1 MAC algorithm using the MAC-ALGORITHM class. ```ASN.1 maca-hmac-sha1 MAC-ALGORITHM ::= { IDENTIFIER hMAC-SHA1 PARAMS TYPE NULL ARE preferredAbsent IS KEYED MAC TRUE SMIME-CAPS {IDENTIFIED BY hMAC-SHA1} } ``` -------------------------------- ### BLAKE2b Initialization Vector (IV) Example Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Illustrates the mathematical definition of the Initialization Vector (IV) for BLAKE2b, which is derived from the square roots of prime numbers. This IV is crucial for the initial state of the compression function. ```text IV[i] = floor(2**w * frac(sqrt(prime(i+1)))), where prime(i) is the i:th prime number ( 2, 3, 5, 7, 11, 13, 17, 19 ) and sqrt(x) is the square root of x. ``` -------------------------------- ### DES-EDE3-CBC Content Encryption Example Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Example of defining the DES-EDE3-CBC content encryption algorithm using the CONTENT-ENCRYPTION class. ```ASN.1 cea-3DES-cbc CONTENT-ENCRYPTION ::= { IDENTIFIER des-ede3-cbc PARAMS TYPE IV ARE required SMIME-CAPS { IDENTIFIED BY des-ede3-cbc } } ``` -------------------------------- ### MAC-ALGORITHM Example: maca-hmac-sha1 Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5911.txt An example illustrating the definition of a specific MAC algorithm (maca-hmac-sha1) using the MAC-ALGORITHM structure. ```ASN.1 maca-hmac-sha1 MAC-ALGORITHM ::= { IDENTIFIER hMAC-SHA1 PARAMS TYPE NULL ARE preferredAbsent IS KEYED MAC TRUE SMIME-CAPS {IDENTIFIED BY hMAC-SHA1} } ``` -------------------------------- ### Create PKCS12 Bundle Source: https://github.com/rustcrypto/formats/blob/master/cms/tests/examples/examples_notes.txt Exports a private key and certificate into a PKCS12 file (example.pfx) with password protection. ```bash openssl pkcs12 -export -out example.pfx \ -name "example.org" \ -inkey rsa_sk.pkcs1.pem -in cert.pem \ -keypbe 'PBE-SHA1-RC2-40' -passout pass:hunter42 ``` -------------------------------- ### Example of Diffie-Hellman Static Ephemeral Key Agreement Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt Illustrates a key agreement algorithm using Diffie-Hellman, specifying parameters, public keys, and user keying material presence. ```ASN.1 -- Example: -- kaa-dh-static-ephemeral KEY-AGREE ::= { -- IDENTIFIER id-alg-ESDH -- PARAMS TYPE KeyWrapAlgorithm ARE required -- PUBLIC-KEYS { -- {IDENTIFIER dh-public-number KEY DHPublicKey -- PARAMS TYPE DHDomainParameters ARE inheritable } -- } -- - - UKM should be present but is not separately ASN.1-encoded -- UKM ARE preferredPresent -- } ``` -------------------------------- ### GeneralizedTime Example with Fraction of Second Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc3161.txt An example of a GeneralizedTime value that includes fraction-of-second details, as per RFC 3161. ```text 19990609001326.34352Z ``` -------------------------------- ### Example PUBLIC-KEY: RSA-PSS Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc5912.txt An example of defining an RSA-PSS public key using the PUBLIC-KEY class. This snippet is incomplete in the source. ```ASN.1 pk-rsa-pss PUBLIC-KEY ::= { ``` -------------------------------- ### BLAKE2b Context Initialization in C Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Initializes the BLAKE2b hashing context, setting up the internal state, output length, and handling optional key parameters. It performs parameter validation and sets initial counter values. ```C int blake2b_init(blake2b_ctx *ctx, size_t outlen, const void *key, size_t keylen) // (keylen=0: no key) { size_t i; if (outlen == 0 || outlen > 64 || keylen > 64) return -1; // illegal parameters for (i = 0; i < 8; i++) // state, "param block" ctx->h[i] = blake2b_iv[i]; ctx->h[0] ^= 0x01010000 ^ (keylen << 8) ^ outlen; ctx->t[0] = 0; // input count low word ctx->t[1] = 0; // input count high word ctx->c = 0; // pointer within buffer ctx->outlen = outlen; ``` -------------------------------- ### BLAKE2s-256 Computation Example (i=0) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt This snippet displays the initial state of the internal working variable 'v' after the first round (i=0) of BLAKE2s-256 computation for the input 'abc'. ```text v[16] = 6B08E647 BB67AE85 3C6EF372 A54FF53A 510E527F 9B05688C 1F83D9AB 5BE0CD19 6A09E667 BB67AE85 3C6EF372 A54FF53A 510E527C 9B05688C E07C2654 5BE0CD19 ``` -------------------------------- ### BLAKE2s Implementation C Source Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt This C source file provides a reference implementation for the BLAKE2s hashing algorithm. It includes helper macros for rotation and byte access, the initialization vector, and the compression function. ```c // blake2s.c // A simple blake2s Reference Implementation. #include "blake2s.h" // Cyclic right rotation. #ifndef ROTR32 #define ROTR32(x, y) (((x) >> (y)) ^ ((x) << (32 - (y)))) #endif // Little-endian byte access. #define B2S_GET32(p) \ (((uint32_t) ((uint8_t *) (p))[0]) ^ \ (((uint32_t) ((uint8_t *) (p))[1]) << 8) ^ \ (((uint32_t) ((uint8_t *) (p))[2]) << 16) ^ \ (((uint32_t) ((uint8_t *) (p))[3]) << 24)) Saarinen & Aumasson Informational [Page 22] RFC 7693 BLAKE2 Crypto Hash and MAC November 2015 // Mixing function G. #define B2S_G(a, b, c, d, x, y) { \ v[a] = v[a] + v[b] + x; \ v[d] = ROTR32(v[d] ^ v[a], 16); \ v[c] = v[c] + v[d]; \ v[b] = ROTR32(v[b] ^ v[c], 12); \ v[a] = v[a] + v[b] + y; \ v[d] = ROTR32(v[d] ^ v[a], 8); \ v[c] = v[c] + v[d]; \ v[b] = ROTR32(v[b] ^ v[c], 7); } // Initialization Vector. static const uint32_t blake2s_iv[8] = { 0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19 }; // Compression function. "last" flag indicates last block. static void blake2s_compress(blake2s_ctx *ctx, int last) { const uint8_t sigma[10][16] = { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 } }; int i; uint32_t v[16], m[16]; ``` -------------------------------- ### BLAKE2b-512 Computation Example (v[16] after i=0) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Displays the internal state vector v after the first round (i=0) of a BLAKE2b-512 computation. ```Text (i= 0) v[16] = 6A09E667F2BDC948 BB67AE8584CAA73B 3C6EF372FE94F82B A54FF53A5F1D36F1 510E527FADE682D1 9B05688C2B3E6C1F 1F83D9ABFB41BD6B 5BE0CD19137E2179 6A09E667F3BCC908 BB67AE8584CAA73B 3C6EF372FE94F82B A54FF53A5F1D36F1 510E527FADE682D2 9B05688C2B3E6C1F E07C265404BE4294 5BE0CD19137E2179 ``` -------------------------------- ### BLAKE2b-512 Computation Example (v[16] after i=1) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc7693.txt Displays the internal state vector v after the second round (i=1) of a BLAKE2b-512 computation. ```Text (i= 1) v[16] = 86B7C1568029BB79 C12CBCC809FF59F3 C6A5214CC0EACA8E 0C87CD524C14CC5D 44EE6039BD86A9F7 A447C850AA694A7E DE080F1BB1C0F84B 595CB8A9A1ACA66C BEC3AE837EAC4887 6267FC79DF9D6AD1 FA87B01273FA6DBE 521A715C63E08D8A E02D0975B8D37A83 1C7B754F08B7D193 8F885A76B6E578FE 2318A24E2140FC64 ``` -------------------------------- ### Argon2 Example Hash Source: https://github.com/rustcrypto/formats/blob/master/phc/README.md This is an example of a password hash string formatted according to the PHC string format specification, specifically for the Argon2 algorithm. ```text $argon2d$v=19$m=512,t=3,p=2$5VtWOO3cGWYQHEMaYGbsfQ$AcmqasQgW/wI6wAHAMk4aQ ``` -------------------------------- ### Private Key Encoding Example (RFC 7468) Source: https://github.com/rustcrypto/formats/blob/master/const-oid/oiddbgen/rfc8410.txt Example of a private key encoded using the textual encoding defined in RFC 7468. ```text -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC -----END PRIVATE KEY----- ```