PBKDF2 KEM schema

diff --git a/spec/cm/encrypted.texi b/spec/cm/encrypted.texi
index e0d5dc233f3c26aa638a3775ae9a7a78e7954648cbd71763aae7b2b575ed0c6f..a43c3547cbe7be386e92716bd02ce86aa0791248d546d80cabec903e85727c0e 100644 (file)
--- a/spec/cm/encrypted.texi
+++ b/spec/cm/encrypted.texi
@@ -76,3 +76,4 @@ in KDF.
 @include cm/kem-gost3410-hkdf.texi
 @include cm/kem-sntrup4591761-x25519-hkdf-blake2b.texi
 @include cm/kem-mceliece6960119-x25519-hkdf-shake256.texi
+@include cm/kem-pbkdf2.texi

diff --git a/spec/cm/kem-pbkdf2.texi b/spec/cm/kem-pbkdf2.texi
new file mode 100644 (file)
index 0000000..5457058
--- /dev/null
+++ b/spec/cm/kem-pbkdf2.texi
@@ -0,0 +1,13 @@
+@node kem-pbkdf2
+@cindex kem-pbkdf2
+@nodedescription PBKDF2 KEM
+@subsubsection PBKDF2 KEM
+
+@verbatiminclude ../tcl/schemas/kem-pbkdf2.tcl
+
+PBKDF2 is @url{https://datatracker.ietf.org/doc/html/rfc2898, RFC 2898}
+algorithm. Key length equal to key wrapping algorithm requirements.
+
+Key wrapping algorithm may be one of:
+@ref{keywrap-xchapoly, @code{xchapoly}},
+@ref{keywrap-kexp15, @code{kexp15}}.

diff --git a/tcl/schemas/encrypted.tcl b/tcl/schemas/encrypted.tcl
index 7917c39edabea76ab1f8f84b99e3ea6a3372d3500d28bd880f51828546408493..ca28407a87300e6867125563e6df179ed024b703c9b351c621523df067e2cc88 100644 (file)
--- a/tcl/schemas/encrypted.tcl
+++ b/tcl/schemas/encrypted.tcl
@@ -21,3 +21,4 @@ schema-include fpr.tcl
 schema-include kem-with-encap.tcl
 schema-include kem-gost3410-hkdf-kexp15.tcl
 schema-include kem-balloon-blake2b-hkdf.tcl
+schema-include kem-pbkdf2.tcl

diff --git a/tcl/schemas/kem-pbkdf2.tcl b/tcl/schemas/kem-pbkdf2.tcl
new file mode 100644 (file)
index 0000000..bf8392f
--- /dev/null
+++ b/tcl/schemas/kem-pbkdf2.tcl
@@ -0,0 +1,8 @@
+kem-pbkdf2 {
+    {field a {str} =pbkdf2}
+    {field cek {bin} >0} {# wrapped CEK}
+    {field hash {str} >0} {# hash algorithm identifier}
+    {field iter {int} >0} {# number of iterations}
+    {field salt {bin} >0}
+    {field wrap {str} >0} {# key wrapping algorithm identifier}
+}