diff options
author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-07-25 10:34:07 +0000 |
---|---|---|
committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2004-07-25 10:34:07 +0000 |
commit | 2d069de8b482de3c111cf68c7c50bc257e53ac8e (patch) | |
tree | c7208543db966fff00229a1b7c02d573bcf3bbdd /asn1/cms/CryptographicMessageSyntax.asn | |
parent | a4ab30088af7b247b2646e3559d9e336a98a75a6 (diff) |
large CMS update.
most of cms is now implemented
svn path=/trunk/; revision=11518
Diffstat (limited to 'asn1/cms/CryptographicMessageSyntax.asn')
-rwxr-xr-x | asn1/cms/CryptographicMessageSyntax.asn | 205 |
1 files changed, 103 insertions, 102 deletions
diff --git a/asn1/cms/CryptographicMessageSyntax.asn b/asn1/cms/CryptographicMessageSyntax.asn index 7456f7a08e..2825067810 100755 --- a/asn1/cms/CryptographicMessageSyntax.asn +++ b/asn1/cms/CryptographicMessageSyntax.asn @@ -74,115 +74,115 @@ Attribute ::= SEQUENCE { SignatureValue ::= OCTET STRING --- EnvelopedData ::= SEQUENCE { --- version CMSVersion, --- originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, --- recipientInfos RecipientInfos, --- encryptedContentInfo EncryptedContentInfo, --- unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } --- --- OriginatorInfo ::= SEQUENCE { --- certs [0] IMPLICIT CertificateSet OPTIONAL, ---OK crls [1] IMPLICIT CertificateRevocationLists OPTIONAL } --- --- RecipientInfos ::= SET OF RecipientInfo --- --- EncryptedContentInfo ::= SEQUENCE { --- contentType ContentType, --- contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, --- encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } --- --- EncryptedContent ::= OCTET STRING --- --- UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute --- --- RecipientInfo ::= CHOICE { --- ktri KeyTransRecipientInfo, --- kari [1] KeyAgreeRecipientInfo, --- kekri [2] KEKRecipientInfo } --- --- EncryptedKey ::= OCTET STRING --- --- KeyTransRecipientInfo ::= SEQUENCE { --- version CMSVersion, +EnvelopedData ::= SEQUENCE { + version CMSVersion, + originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, + recipientInfos RecipientInfos, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } + +OriginatorInfo ::= SEQUENCE { + certs [0] IMPLICIT CertificateSet OPTIONAL, + crls [1] IMPLICIT CertificateRevocationLists OPTIONAL } + +RecipientInfos ::= SET OF RecipientInfo + +EncryptedContentInfo ::= SEQUENCE { + contentType ContentType, + contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, + encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } + +EncryptedContent ::= OCTET STRING + +UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute + +RecipientInfo ::= CHOICE { + ktri KeyTransRecipientInfo, + kari [1] KeyAgreeRecipientInfo, + kekri [2] KEKRecipientInfo } + +EncryptedKey ::= OCTET STRING + +KeyTransRecipientInfo ::= SEQUENCE { + version CMSVersion, -- always set to 0 or 2 ---OK rid RecipientIdentifier, --- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, --- encryptedKey EncryptedKey } + rid RecipientIdentifier, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey } RecipientIdentifier ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber, subjectKeyIdentifier [0] SubjectKeyIdentifier } --- KeyAgreeRecipientInfo ::= SEQUENCE { --- version CMSVersion, +KeyAgreeRecipientInfo ::= SEQUENCE { + version CMSVersion, -- always set to 3 --- originator [0] EXPLICIT OriginatorIdentifierOrKey, --- ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, --- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, --- recipientEncryptedKeys RecipientEncryptedKeys } --- --- OriginatorIdentifierOrKey ::= CHOICE { ---OK issuerAndSerialNumber IssuerAndSerialNumber, ---OK subjectKeyIdentifier [0] SubjectKeyIdentifier, --- originatorKey [1] OriginatorPublicKey } --- --- OriginatorPublicKey ::= SEQUENCE { --- algorithm AlgorithmIdentifier, --- publicKey BIT STRING } --- --- RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey --- --- RecipientEncryptedKey ::= SEQUENCE { ---OK rid KeyAgreeRecipientIdentifier, --- encryptedKey EncryptedKey } --- --- KeyAgreeRecipientIdentifier ::= CHOICE { ---OK issuerAndSerialNumber IssuerAndSerialNumber, --- rKeyId [0] IMPLICIT RecipientKeyIdentifier } --- --- RecipientKeyIdentifier ::= SEQUENCE { ---OK subjectKeyIdentifier SubjectKeyIdentifier, --- date GeneralizedTime OPTIONAL, --- other OtherKeyAttribute OPTIONAL } + originator [0] EXPLICIT OriginatorIdentifierOrKey, + ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + recipientEncryptedKeys RecipientEncryptedKeys } + +OriginatorIdentifierOrKey ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [0] SubjectKeyIdentifier, + originatorKey [1] OriginatorPublicKey } + +OriginatorPublicKey ::= SEQUENCE { + algorithm AlgorithmIdentifier, + publicKey BIT STRING } + +RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey + +RecipientEncryptedKey ::= SEQUENCE { + rid KeyAgreeRecipientIdentifier, + encryptedKey EncryptedKey } + +KeyAgreeRecipientIdentifier ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + rKeyId [0] IMPLICIT RecipientKeyIdentifier } + +RecipientKeyIdentifier ::= SEQUENCE { + subjectKeyIdentifier SubjectKeyIdentifier, + date GeneralizedTime OPTIONAL, + other OtherKeyAttribute OPTIONAL } SubjectKeyIdentifier ::= OCTET STRING --- KEKRecipientInfo ::= SEQUENCE { --- version CMSVersion, +KEKRecipientInfo ::= SEQUENCE { + version CMSVersion, -- always set to 4 --- kekid KEKIdentifier, --- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, --- encryptedKey EncryptedKey } --- --- KEKIdentifier ::= SEQUENCE { --- keyIdentifier OCTET STRING, --- date GeneralizedTime OPTIONAL, --- other OtherKeyAttribute OPTIONAL } --- --- DigestedData ::= SEQUENCE { ---OK version CMSVersion, ---OK digestAlgorithm DigestAlgorithmIdentifier, ---OK encapContentInfo EncapsulatedContentInfo, ---OK digest Digest } + kekid KEKIdentifier, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey } + +KEKIdentifier ::= SEQUENCE { + keyIdentifier OCTET STRING, + date GeneralizedTime OPTIONAL, + other OtherKeyAttribute OPTIONAL } + +DigestedData ::= SEQUENCE { + version CMSVersion, + digestAlgorithm DigestAlgorithmIdentifier, + encapContentInfo EncapsulatedContentInfo, + digest Digest } Digest ::= OCTET STRING --- EncryptedData ::= SEQUENCE { --- version CMSVersion, --- encryptedContentInfo EncryptedContentInfo, --- unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } --- --- AuthenticatedData ::= SEQUENCE { --- version CMSVersion, --- originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, --- recipientInfos RecipientInfos, --- macAlgorithm MessageAuthenticationCodeAlgorithm, ---OK digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, ---OK encapContentInfo EncapsulatedContentInfo, --- authenticatedAttributes [2] IMPLICIT AuthAttributes OPTIONAL, --- mac MessageAuthenticationCode, --- unauthenticatedAttributes [3] IMPLICIT UnauthAttributes OPTIONAL } +EncryptedData ::= SEQUENCE { + version CMSVersion, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } + +AuthenticatedData ::= SEQUENCE { + version CMSVersion, + originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, + recipientInfos RecipientInfos, + macAlgorithm MessageAuthenticationCodeAlgorithm, + digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, + encapContentInfo EncapsulatedContentInfo, + authenticatedAttributes [2] IMPLICIT AuthAttributes OPTIONAL, + mac MessageAuthenticationCode, + unauthenticatedAttributes [3] IMPLICIT UnauthAttributes OPTIONAL } AuthAttributes ::= SET SIZE (1..MAX) OF Attribute @@ -215,13 +215,14 @@ IssuerAndSerialNumber ::= SEQUENCE { CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4) } --- UserKeyingMaterial ::= OCTET STRING --- --- OtherKeyAttribute ::= SEQUENCE { --- keyAttrId OBJECT IDENTIFIER, --- keyAttr ANY DEFINED BY keyAttrId OPTIONAL } --- --- +UserKeyingMaterial ::= OCTET STRING + +-- Implemented by hand in the template +OtherKeyAttribute ::= SEQUENCE { +-- keyAttrId OBJECT IDENTIFIER, +-- keyAttr ANY DEFINED BY keyAttrId OPTIONAL } +} + -- CMS Attributes -- -- MessageDigest ::= OCTET STRING |