diff options
author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-12-05 21:47:49 +0000 |
---|---|---|
committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-12-05 21:47:49 +0000 |
commit | c20df95fd58e7ae78efaa129b4c0629e710156c0 (patch) | |
tree | 4d7a0b29c969200bde372a3c769384f0270e2a1d /asn1/pkixtsp/PKIXTSP.asn | |
parent | ba475d8c356d6a49e89e617ad72bd3e3cff5c57d (diff) |
updates to pkix1implicit (we have to think about how to rewrite both pkix1eplicit and pkix1implicit to avoid the crap with duplicate definitions from x509)
New protocol : RFC3161 PKIX TimeStamp Protocol
svn path=/trunk/; revision=12669
Diffstat (limited to 'asn1/pkixtsp/PKIXTSP.asn')
-rw-r--r-- | asn1/pkixtsp/PKIXTSP.asn | 177 |
1 files changed, 177 insertions, 0 deletions
diff --git a/asn1/pkixtsp/PKIXTSP.asn b/asn1/pkixtsp/PKIXTSP.asn new file mode 100644 index 0000000000..306f4a9893 --- /dev/null +++ b/asn1/pkixtsp/PKIXTSP.asn @@ -0,0 +1,177 @@ +-- This ASN.1 definition defined the Time-Stamp Protocol +-- as of RFC3161. +-- This definition is taken from RFC3161 and modified to pass through +-- the ASN2ETH compiler. +-- +-- Copyright statement of the original ASN.1 definition of RFC3161 as follows +-- +-- +-- Full Copyright Statement +-- +-- Copyright (C) The Internet Society (2001). All Rights Reserved. +-- +-- This document and translations of it may be copied and furnished to +-- others, and derivative works that comment on or otherwise explain it +-- or assist in its implementation may be prepared, copied, published +-- and distributed, in whole or in part, without restriction of any +-- kind, provided that the above copyright notice and this paragraph are +-- included on all such copies and derivative works. However, this +-- document itself may not be modified in any way, such as by removing +-- the copyright notice or references to the Internet Society or other +-- Internet organizations, except as needed for the purpose of +-- developing Internet standards in which case the procedures for +-- copyrights defined in the Internet Standards process must be +-- followed, or as required to translate it into languages other than +-- English. +-- +-- The limited permissions granted above are perpetual and will not be +-- revoked by the Internet Society or its successors or assigns. +-- +-- This document and the information contained herein is provided on an +-- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING +-- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING +-- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION +-- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF +-- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +PKIXTSP {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13)} + +DEFINITIONS IMPLICIT TAGS ::= + +BEGIN + +-- EXPORTS ALL -- + +IMPORTS + + Extensions, AlgorithmIdentifier + FROM PKIX1Explicit88 {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-explicit-88(1)} + + GeneralName FROM PKIX1Implicit88 {iso(1) + identified-organization(3) dod(6) internet(1) security(5) + mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)} + + ContentInfo FROM CryptographicMessageSyntax {iso(1) + member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) + smime(16) modules(0) cms(1)} + + PKIFreeText FROM PKIXCMP {iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) + id-mod-cmp(9)} ; + + -- Locally defined OIDs -- + +-- eContentType for a time-stamp token + +-- id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2) +-- us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4} + +-- 2.4.1 + +TimeStampReq ::= SEQUENCE { + version INTEGER { v1(1) }, + messageImprint MessageImprint, + --a hash algorithm OID and the hash value of the data to be + --time-stamped + reqPolicy TSAPolicyId OPTIONAL, + nonce INTEGER OPTIONAL, + certReq BOOLEAN DEFAULT FALSE, + extensions [0] IMPLICIT Extensions OPTIONAL } + +MessageImprint ::= SEQUENCE { + hashAlgorithm AlgorithmIdentifier, + hashedMessage OCTET STRING } + +TSAPolicyId ::= OBJECT IDENTIFIER + + +-- 2.4.2 + +TimeStampResp ::= SEQUENCE { + status PKIStatusInfo, + timeStampToken TimeStampToken OPTIONAL } + +-- The status is based on the definition of status +-- in section 3.2.3 of [RFC2510] + +PKIStatusInfo ::= SEQUENCE { + status PKIStatus, +--XXX dont implement PKIXCMP yet +-- statusString PKIFreeText OPTIONAL, + failInfo PKIFailureInfo OPTIONAL } + +PKIStatus ::= INTEGER { + granted (0), + -- when the PKIStatus contains the value zero a TimeStampToken, as + -- requested, is present. + grantedWithMods (1), + -- when the PKIStatus contains the value one a TimeStampToken, + -- with modifications, is present. + rejection (2), + waiting (3), + revocationWarning (4), + -- this message contains a warning that a revocation is + -- imminent + revocationNotification (5) + -- notification that a revocation has occurred +} + + -- When the TimeStampToken is not present + -- failInfo indicates the reason why the + -- time-stamp request was rejected and + -- may be one of the following values. + +PKIFailureInfo ::= BIT STRING { + badAlg (0), + -- unrecognized or unsupported Algorithm Identifier + badRequest (2), + -- transaction not permitted or supported + badDataFormat (5), + -- the data submitted has the wrong format + timeNotAvailable (14), + -- the TSA's time source is not available + unacceptedPolicy (15), + -- the requested TSA policy is not supported by the TSA. + unacceptedExtension (16), + -- the requested extension is not supported by the TSA. + addInfoNotAvailable (17), + -- the additional information requested could not be understood + -- or is not available + systemFailure (25) + -- the request cannot be handled due to system failure +} + +TimeStampToken ::= ContentInfo + + -- contentType is id-signedData as defined in [CMS] + -- content is SignedData as defined in([CMS]) + -- eContentType within SignedData is id-ct-TSTInfo + -- eContent within SignedData is TSTInfo + +TSTInfo ::= SEQUENCE { + version INTEGER { v1(1) }, + policy TSAPolicyId, + messageImprint MessageImprint, + -- MUST have the same value as the similar field in + -- TimeStampReq + serialNumber INTEGER, + -- Time-Stamping users MUST be ready to accommodate integers + -- up to 160 bits. + genTime GeneralizedTime, + accuracy Accuracy OPTIONAL, + ordering BOOLEAN DEFAULT FALSE, + nonce INTEGER OPTIONAL, + -- MUST be present if the similar field was present + -- in TimeStampReq. In that case it MUST have the same value. + tsa [0] GeneralName OPTIONAL, + extensions [1] IMPLICIT Extensions OPTIONAL } + +Accuracy ::= SEQUENCE { + seconds INTEGER OPTIONAL, + millis [0] INTEGER (1..999) OPTIONAL, + micros [1] INTEGER (1..999) OPTIONAL } + +END |