From c0e8144c5d1e402b36ebe04b843eba62e7ab9958 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 9 Aug 2005 03:04:47 +0000 Subject: r9221: Try to merge Heimdal across from lorikeet-heimdal to samba4. This is my first attempt at this, so there may be a few rough edges. Andrew Bartlett (This used to be commit 9a1d2f2fec67930975da856a2d365345cec46216) --- source4/heimdal/lib/asn1/CMS.asn1 | 151 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 151 insertions(+) create mode 100644 source4/heimdal/lib/asn1/CMS.asn1 (limited to 'source4/heimdal/lib/asn1/CMS.asn1') diff --git a/source4/heimdal/lib/asn1/CMS.asn1 b/source4/heimdal/lib/asn1/CMS.asn1 new file mode 100644 index 0000000000..5c8b71da1a --- /dev/null +++ b/source4/heimdal/lib/asn1/CMS.asn1 @@ -0,0 +1,151 @@ +-- From RFC 3369 -- +-- $Id: CMS.asn1,v 1.3 2005/07/23 10:37:13 lha Exp $ -- + +CMS DEFINITIONS ::= BEGIN + +IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name, + Attribute, Certificate, Name, SubjectKeyIdentifier FROM rfc2459 + heim_any, heim_any_set FROM heim; + +id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) + us(840) rsadsi(113549) pkcs(1) pkcs7(7) } + +id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 } +id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 } +id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 } +id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 } +id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 } +id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 } + +CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4) } + +DigestAlgorithmIdentifier ::= AlgorithmIdentifier +DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier +SignatureAlgorithmIdentifier ::= AlgorithmIdentifier + +ContentType ::= OBJECT IDENTIFIER +MessageDigest ::= OCTET STRING + +ContentInfo ::= SEQUENCE { + contentType ContentType, + content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType +} + +EncapsulatedContentInfo ::= SEQUENCE { + eContentType ContentType, + eContent [0] EXPLICIT OCTET STRING OPTIONAL +} + +CertificateSet ::= SET OF heim_any + +CertificateList ::= Certificate + +CertificateRevocationLists ::= SET OF CertificateList + +IssuerAndSerialNumber ::= SEQUENCE { + issuer Name, + serialNumber CertificateSerialNumber +} + +-- RecipientIdentifier is same as SignerIdentifier, +-- lets glue them togheter and save some bytes and share code for them + +CMSIdentifier ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [0] SubjectKeyIdentifier +} + +SignerIdentifier ::= CMSIdentifier +RecipientIdentifier ::= CMSIdentifier + +--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes +--- to store space and share code + +CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) + +SignatureValue ::= OCTET STRING + +SignerInfo ::= SEQUENCE { + version CMSVersion, + sid SignerIdentifier, + digestAlgorithm DigestAlgorithmIdentifier, + signedAttrs [0] IMPLICIT -- CMSAttributes -- + SET OF Attribute OPTIONAL, + signatureAlgorithm SignatureAlgorithmIdentifier, + signature SignatureValue, + unsignedAttrs [1] IMPLICIT -- CMSAttributes -- + SET OF Attribute OPTIONAL +} + +SignerInfos ::= SET OF SignerInfo + +SignedData ::= SEQUENCE { + version CMSVersion, + digestAlgorithms DigestAlgorithmIdentifiers, + encapContentInfo EncapsulatedContentInfo, + certificates [0] IMPLICIT -- CertificateSet -- + SET OF heim_any OPTIONAL, + crls [1] IMPLICIT -- CertificateRevocationLists -- + heim_any OPTIONAL, + signerInfos SignerInfos +} + +OriginatorInfo ::= SEQUENCE { + certs [0] IMPLICIT -- CertificateSet -- + SET OF heim_any OPTIONAL, + crls [1] IMPLICIT --CertificateRevocationLists -- + heim_any OPTIONAL +} + +KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier +ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + +EncryptedKey ::= OCTET STRING + +KeyTransRecipientInfo ::= SEQUENCE { + version CMSVersion, -- always set to 0 or 2 + rid RecipientIdentifier, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey +} + +RecipientInfo ::= KeyTransRecipientInfo + +RecipientInfos ::= SET OF RecipientInfo + +EncryptedContent ::= OCTET STRING + +EncryptedContentInfo ::= SEQUENCE { + contentType ContentType, + contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, + encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL +} + +UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX) + +CMSEncryptedData ::= SEQUENCE { + version CMSVersion, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- + heim_any OPTIONAL +} + +EnvelopedData ::= SEQUENCE { + version CMSVersion, + originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL, + recipientInfos RecipientInfos, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- + heim_any OPTIONAL +} + +-- Data ::= OCTET STRING + +CMSRC2CBCParameter ::= SEQUENCE { + rc2ParameterVersion INTEGER, + iv OCTET STRING -- exactly 8 octets +} + +CMSCBCParameter ::= OCTET STRING + +END -- cgit