summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/asn1/CMS.asn1
blob: ce43c2cd02f944f1941c93e4f4a2c2f5c303276e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
-- From RFC 3369 --
-- $Id: CMS.asn1,v 1.5 2006/09/07 12:20:42 lha Exp $ --

CMS DEFINITIONS ::= BEGIN

IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name,
	Attribute, Certificate, Name, SubjectKeyIdentifier FROM rfc2459
	heim_any, heim_any_set FROM heim;

id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
         us(840) rsadsi(113549) pkcs(1) pkcs7(7) }

id-pkcs7-data OBJECT IDENTIFIER ::= 			{ id-pkcs7 1 }
id-pkcs7-signedData OBJECT IDENTIFIER ::= 		{ id-pkcs7 2 }
id-pkcs7-envelopedData OBJECT IDENTIFIER ::= 		{ id-pkcs7 3 }
id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= 	{ id-pkcs7 4 }
id-pkcs7-digestedData OBJECT IDENTIFIER ::= 		{ id-pkcs7 5 }
id-pkcs7-encryptedData OBJECT IDENTIFIER ::= 		{ id-pkcs7 6 }

CMSVersion ::= INTEGER {
	   CMSVersion_v0(0), 
	   CMSVersion_v1(1), 
	   CMSVersion_v2(2),
	   CMSVersion_v3(3),
	   CMSVersion_v4(4)
}

DigestAlgorithmIdentifier ::= AlgorithmIdentifier
DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
SignatureAlgorithmIdentifier ::= AlgorithmIdentifier

ContentType ::= OBJECT IDENTIFIER
MessageDigest ::= OCTET STRING

ContentInfo ::= SEQUENCE {
	contentType ContentType,
	content [0] EXPLICIT heim_any OPTIONAL --  DEFINED BY contentType 
}

EncapsulatedContentInfo ::= SEQUENCE {
	eContentType ContentType,
	eContent [0] EXPLICIT OCTET STRING OPTIONAL
}

CertificateSet ::= SET OF heim_any

CertificateList ::= Certificate

CertificateRevocationLists ::= SET OF CertificateList

IssuerAndSerialNumber ::= SEQUENCE {
	issuer Name,
	serialNumber CertificateSerialNumber
}

-- RecipientIdentifier is same as SignerIdentifier, 
-- lets glue them togheter and save some bytes and share code for them

CMSIdentifier ::= CHOICE {
	issuerAndSerialNumber IssuerAndSerialNumber,
	subjectKeyIdentifier [0] SubjectKeyIdentifier
}

SignerIdentifier ::= CMSIdentifier
RecipientIdentifier ::= CMSIdentifier

--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes
--- to store space and share code

CMSAttributes ::= SET OF Attribute		-- SIZE (1..MAX) 

SignatureValue ::= OCTET STRING

SignerInfo ::= SEQUENCE {
	version CMSVersion,
	sid SignerIdentifier,
	digestAlgorithm DigestAlgorithmIdentifier,
	signedAttrs [0] IMPLICIT -- CMSAttributes --
		SET OF Attribute OPTIONAL,
	signatureAlgorithm SignatureAlgorithmIdentifier,
	signature SignatureValue,
	unsignedAttrs [1] IMPLICIT -- CMSAttributes -- 
		SET OF Attribute OPTIONAL
}

SignerInfos ::= SET OF SignerInfo

SignedData ::= SEQUENCE {
	version CMSVersion,
	digestAlgorithms DigestAlgorithmIdentifiers,
	encapContentInfo EncapsulatedContentInfo,
	certificates [0] IMPLICIT -- CertificateSet --
		SET OF heim_any OPTIONAL,
	crls [1] IMPLICIT -- CertificateRevocationLists --
		heim_any OPTIONAL,
	signerInfos SignerInfos
}

OriginatorInfo ::= SEQUENCE {
	certs [0] IMPLICIT -- CertificateSet --
		SET OF heim_any OPTIONAL,
	crls [1] IMPLICIT --CertificateRevocationLists --
		heim_any OPTIONAL
}

KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier

EncryptedKey ::= OCTET STRING

KeyTransRecipientInfo ::= SEQUENCE {
	version CMSVersion,  -- always set to 0 or 2
	rid RecipientIdentifier,
	keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
	encryptedKey EncryptedKey
}

RecipientInfo ::= KeyTransRecipientInfo

RecipientInfos ::= SET OF RecipientInfo

EncryptedContent ::= OCTET STRING

EncryptedContentInfo ::= SEQUENCE {
	contentType ContentType,
	contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
	encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL
}

UnprotectedAttributes ::= SET OF Attribute	-- SIZE (1..MAX)

CMSEncryptedData ::= SEQUENCE {
	version CMSVersion,
	encryptedContentInfo EncryptedContentInfo,
        unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
		heim_any OPTIONAL
}

EnvelopedData ::= SEQUENCE {
	version CMSVersion,
	originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL,
	recipientInfos RecipientInfos,
	encryptedContentInfo EncryptedContentInfo,
	unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
		heim_any OPTIONAL
}

-- Data ::= OCTET STRING

CMSRC2CBCParameter ::= SEQUENCE {
	rc2ParameterVersion	INTEGER (0..4294967295),
	iv			OCTET STRING -- exactly 8 octets
}

CMSCBCParameter ::= OCTET STRING

END