diff options
author | Graeme Lunt <graeme.lunt@smhs.co.uk> | 2006-03-25 16:48:28 +0000 |
---|---|---|
committer | Graeme Lunt <graeme.lunt@smhs.co.uk> | 2006-03-25 16:48:28 +0000 |
commit | c51f4fa88754bd12d437e4c9a30e2460bdbd9912 (patch) | |
tree | 1e497f3e230b7a242cbcfd78135e2f81ea2591c1 /asn1/x411/x411.asn | |
parent | 011ced394ca3be235d0c60275053a816c8731ec2 (diff) |
Support for P1 Strong Authentication
svn path=/trunk/; revision=17727
Diffstat (limited to 'asn1/x411/x411.asn')
-rw-r--r-- | asn1/x411/x411.asn | 68 |
1 files changed, 40 insertions, 28 deletions
diff --git a/asn1/x411/x411.asn b/asn1/x411/x411.asn index b4c642d48c..017d65364f 100644 --- a/asn1/x411/x411.asn +++ b/asn1/x411/x411.asn @@ -764,7 +764,7 @@ ResponderCredentials ::= Credentials Credentials ::= CHOICE { simple Password, --- strong [0] StrongCredentials, + strong [0] StrongCredentials, -- ..., protected [1] ProtectedPassword } @@ -774,12 +774,12 @@ Password ::= CHOICE { octet-string OCTET STRING --(SIZE (0..ub-password-length)) } ---StrongCredentials ::= SET { --- bind-token [0] Token OPTIONAL, --- certificate [1] Certificates OPTIONAL, +StrongCredentials ::= SET { + bind-token [0] Token OPTIONAL, + certificate [1] Certificates OPTIONAL, -- ..., --- certificate-selector [2] CertificateAssertion OPTIONAL ---} + certificate-selector [2] CertificateAssertion OPTIONAL +} ProtectedPassword ::= SET { signature @@ -2810,13 +2810,15 @@ TeletexNonBasicParameters ::= SET { -- as defined in CCITT Recommendation T.62 -- Token ---Token ::= SEQUENCE { --- token-type-identifier [0] TOKEN.&id({TokensTable}), --- token --- [1] TOKEN.&Type({TokensTable}{@token-type-identifier}) ---} +Token ::= SEQUENCE { + token-type-identifier [0] -- TOKEN.&id({TokensTable})-- TokenTypeIdentifier, + token + [1] --TOKEN.&Type({TokensTable}{@token-type-identifier})-- TokenTypeData +} --TOKEN ::= TYPE-IDENTIFIER +TokenTypeIdentifier ::= OBJECT IDENTIFIER +TokenTypeData ::= ANY --TokensTable TOKEN ::= {asymmetric-token, ...} @@ -2825,22 +2827,29 @@ TeletexNonBasicParameters ::= SET { -- IDENTIFIED BY id-tok-asymmetricToken --} ---AsymmetricToken ::= +AsymmetricTokenData ::= -- SIGNED --- {SEQUENCE {signature-algorithm-identifier AlgorithmIdentifier, --- name --- CHOICE {recipient-name RecipientName, --- mta --- [3] SEQUENCE {global-domain-identifier --- GlobalDomainIdentifier OPTIONAL, --- mta-name MTAName --- }}, --- time Time, --- signed-data [0] TokenData OPTIONAL, --- encryption-algorithm-identifier --- [1] AlgorithmIdentifier OPTIONAL, --- encrypted-data --- [2] ENCRYPTED{TokenData} OPTIONAL}} +-- {--SEQUENCE {signature-algorithm-identifier AlgorithmIdentifier, + name + CHOICE {recipient-name MTSRecipientName, + mta [3] MTANameAndOptionalGDI }, + time Time, + signed-data [0] TokenData OPTIONAL, + encryption-algorithm-identifier + [1] AlgorithmIdentifier OPTIONAL, + encrypted-data + [2] -- ENCRYPTED{TokenData}-- BIT STRING OPTIONAL} --} + +MTANameAndOptionalGDI ::= SEQUENCE { + global-domain-identifier GlobalDomainIdentifier OPTIONAL, + mta-name MTAName +} + +AsymmetricToken ::= SEQUENCE { + asymmetric-token-data AsymmetricTokenData, + algorithm-identifier AlgorithmIdentifier, + encrypted BIT STRING +} --TokenData ::= SEQUENCE { -- type [0] TOKEN-DATA.&id({TokenDataTable}), @@ -2861,9 +2870,12 @@ TeletexNonBasicParameters ::= SET { -- IDENTIFIED BY 1 --} ---BindTokenSignedData ::= RandomNumber +-- This is the only Token Data we know +TokenData ::= BindTokenSignedData + +BindTokenSignedData ::= RandomNumber ---RandomNumber ::= BIT STRING +RandomNumber ::= BIT STRING --message-token-signed-data TOKEN-DATA ::= { -- MessageTokenSignedData |