summaryrefslogtreecommitdiff
path: root/asn1include/PKCS7.asn
diff options
context:
space:
mode:
authorDimitri Sokolyuk <quax@moccu.com>2015-10-29 22:22:17 +0100
committerDimitri Sokolyuk <quax@moccu.com>2015-10-29 22:22:17 +0100
commitdd10ccee1e3721329cb04b67ebf94e745d37481c (patch)
tree1f5393cc6745a8602c9bacff1f9b0b0be1c354b7 /asn1include/PKCS7.asn
parent9654cf5d6fe794d8abc4164d2460e08775e7b2e1 (diff)
Fix naming, remove include
Diffstat (limited to 'asn1include/PKCS7.asn')
-rw-r--r--asn1include/PKCS7.asn342
1 files changed, 0 insertions, 342 deletions
diff --git a/asn1include/PKCS7.asn b/asn1include/PKCS7.asn
deleted file mode 100644
index ac449b5..0000000
--- a/asn1include/PKCS7.asn
+++ /dev/null
@@ -1,342 +0,0 @@
--- Module PKCS7 (X.420:06/1999)
--- The ASN.1 in version 1.5 of the PKCS#7 document is not defined in an ASN.1 module. This prevents an IMPORT of it into other ASN.1 modules.
--- This Annex contains a module of PKCS#7 ASN.1 definitions conforming to current ASN.1 standards rather than the obsolescent (and now deprecated) 1988/90 version of ASN.1 used in version 1.5 of PKCS#7.
--- Extensions to PKCS#7 defined in RFC 2630 are included.
--- If differences are found between the ASN.1 in the following module and that in PKCS#7, the latter is definitive.
-PKCS7 {iso member-body usa(840) rsadsi(113549) pkcs(1) 7
- module(0) -- module not currently defined in PKCS#7 --} DEFINITIONS IMPLICIT
-TAGS ::=
-BEGIN
-
-IMPORTS
- -- Directory Information Framework
- Attribute, Name
- --==
- FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
- informationFramework(1) 3}
- -- Directory Authentication Framework
- AlgorithmIdentifier, AttributeCertificate, Certificate, CertificateList,
- CertificateSerialNumber, HASH{}, SIGNED{}
- --==
- FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
- authenticationFramework(7) 3};
-
--- In PKCS#7 the HASHED parameterised type applies the hash function to the
--- contents octets component of a DER encoding of a value of the parameter.
--- The ENCRYPTED parameterised type is redefined here because PKCS#7 encrypted values are
--- defined as OCTET STRING, instead of BIT STRING as in the Directory Authentication Framework
-ENCRYPTED{ToBeEnciphered} ::=
- OCTET STRING
- (CONSTRAINED BY {
- -- must be the result of applying an encipherment procedure to the contents octets component
- -- of a definite-length BER-encoding of a value of --ToBeEnciphered})
-
-ContentInfo ::= SEQUENCE {
- content-type PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}),
- pkcs7-content [0] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable})
-}
-
-PKCS7-CONTENT-TYPE ::= TYPE-IDENTIFIER
-
-PKCS7ContentTable PKCS7-CONTENT-TYPE ::=
- {data | signed-data | enveloped-data | signed-and-enveloped-data |
- digested-data | encrypted-data | authenticated-data, ...}
-
--- Data
-data PKCS7-CONTENT-TYPE ::= {Data
- IDENTIFIED BY id-data
-}
-
-Data ::= OCTET STRING
-
--- Signed Data
-signed-data PKCS7-CONTENT-TYPE ::= {SignedData
- IDENTIFIED BY id-signed-data
-}
-
-SignedData ::= SEQUENCE {
- version Version,
- digestAlgorithms DigestAlgorithmIdentifiers,
- contentInfo ContentInfo,
- certificates [0] CertificateSet OPTIONAL,
- crls [1] CertificateRevocationLists OPTIONAL,
- signerInfos SignerInfos
-}
-
-Version ::= INTEGER
-
-DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
-
-DigestAlgorithmIdentifier ::= AlgorithmIdentifier
-
-CertificateSet ::= SET OF CertificateChoice
-
-CertificateChoice ::= CHOICE {
- certificate Certificate,
- extendedCertificate [0] ExtendedCertificate, -- Obsolete
- attributeCertificate [1] AttributeCertificate
-}
-
-CertificateRevocationLists ::= SET OF CertificateList
-
-SignerInfos ::= SET OF SignerInfo
-
-SignerInfo ::= SEQUENCE {
- version Version,
- signerIdentifier SignerIdentifier,
- digestAlgorithm DigestAlgorithmIdentifier,
- authenticatedAttributes [0] Attributes OPTIONAL,
- digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
- encryptedDigest EncryptedDigest,
- unauthenticatedAttributes [1] Attributes OPTIONAL
-}
-
-SignerIdentifier ::= CHOICE {
- issuerAndSerialNumber IssuerAndSerialNumber,
- subjectKeyIdentifier [2] SubjectKeyIdentifier
-}
-
-IssuerAndSerialNumber ::= SEQUENCE {
- issuer Name,
- serialNumber CertificateSerialNumber
-}
-
-SubjectKeyIdentifier ::= OCTET STRING
-
-DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-
-EncryptedDigest ::= ENCRYPTED{DigestInfo}
-
-DigestInfo ::= SEQUENCE {
- digestAlgorithm DigestAlgorithmIdentifier,
- digest Digest
-}
-
-Digest ::=
- HASH
- {CHOICE {content
- [1] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}),
- authenticated-attributes [0] EXPLICIT Attributes}}
-
--- Enveloped Data
-enveloped-data PKCS7-CONTENT-TYPE ::= {
- EnvelopedData
- IDENTIFIED BY id-enveloped-data
-}
-
-EnvelopedData ::= SEQUENCE {
- version Version,
- originatorInfo [0] OriginatorInfo OPTIONAL,
- recipientInfos RecipientInfos,
- encryptedContentInfo EncryptedContentInfo,
- unprotectedAttributes [1] Attributes OPTIONAL
-}
-
-OriginatorInfo ::= SEQUENCE {
- certificates [0] CertificateSet OPTIONAL,
- crls [1] CertificateRevocationLists OPTIONAL
-}
-
-RecipientInfos ::= SET SIZE (1..MAX) OF RecipientInfo
-
-RecipientInfo ::= CHOICE {
- keyTransportRecipientInfo KeyTransportRecipientInfo,
- keyAgreementRecipientInfo [1] KeyAgreementRecipientInfo,
- keyEncryptionKeyRecipientInfo [2] KeyEncryptionKeyRecipientInfo
-}
-
-KeyTransportRecipientInfo ::= SEQUENCE {
- version Version,
- recipientIdentifier RecipientIdentifier,
- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- encryptedKey EncryptedKey
-}
-
-RecipientIdentifier ::= CHOICE {
- issuerAndSerialNumber IssuerAndSerialNumber,
- subjectKeyIdentifier [0] SubjectKeyIdentifier
-}
-
-KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-
-EncryptedKey ::= OCTET STRING
-
-KeyAgreementRecipientInfo ::= SEQUENCE {
- version Version,
- originator [0] OriginatorIdentifierOrKey,
- userKeyingMaterial [1] EXPLICIT OCTET STRING OPTIONAL,
- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- recipientEncryptedKeys RecipientEncryptedKeys
-}
-
-OriginatorIdentifierOrKey ::= CHOICE {
- issuerAndSerialNumber IssuerAndSerialNumber,
- subjectKeyIdentifier [0] SubjectKeyIdentifier,
- originatorPublicKey [1] OriginatorPublicKey
-}
-
-OriginatorPublicKey ::= SEQUENCE {
- algorithm AlgorithmIdentifier,
- publicKey BIT STRING
-}
-
-RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
-
-RecipientEncryptedKey ::= SEQUENCE {
- recipientIdentifier KeyAgreementRecipientIdentifier,
- encryptedKey EncryptedKey
-}
-
-KeyAgreementRecipientIdentifier ::= CHOICE {
- issuerAndSerialNumber IssuerAndSerialNumber,
- recipientKeyIdentifier [0] RecipientKeyIdentifier
-}
-
-RecipientKeyIdentifier ::= SEQUENCE {
- subjectKeyIdentifier SubjectKeyIdentifier,
- date GeneralizedTime OPTIONAL,
- otherKeyAttribute OtherKeyAttribute OPTIONAL
-}
-
-OtherKeyAttribute ::= SEQUENCE {
- keyAttributeIdentifier OTHER-KEY-ATTRIBUTE.&id({OtherKeyAttributeTable}),
- keyAttribute
- OTHER-KEY-ATTRIBUTE.&Type
- ({OtherKeyAttributeTable}{@keyAttributeIdentifier}) OPTIONAL
-}
-
-OTHER-KEY-ATTRIBUTE ::= TYPE-IDENTIFIER
-
-OtherKeyAttributeTable OTHER-KEY-ATTRIBUTE ::=
- {...}
-
-KeyEncryptionKeyRecipientInfo ::= SEQUENCE {
- version Version,
- keyEncryptionKeyIdentifier KeyEncryptionKeyIdentifier,
- keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- encryptedKey EncryptedKey
-}
-
-KeyEncryptionKeyIdentifier ::= SEQUENCE {
- keyIdentifier OCTET STRING,
- date GeneralizedTime OPTIONAL,
- otherKeyAttribute OtherKeyAttribute OPTIONAL
-}
-
-EncryptedContentInfo ::= SEQUENCE {
- contentType PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}),
- contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
- encryptedContent
- [0] ENCRYPTED{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}{@.contentType})}
- OPTIONAL
-}
-
-ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-
--- Signed and Enveloped Data
-signed-and-enveloped-data PKCS7-CONTENT-TYPE ::= {
- SignedAndEnvelopedData
- IDENTIFIED BY id-signed-and-enveloped-data
-}
-
-SignedAndEnvelopedData ::= SEQUENCE {
- version Version,
- recipientInfos SET SIZE (1..MAX) OF KeyTransportRecipientInfo,
- digestAlgorithms DigestAlgorithmIdentifiers,
- encryptedContentInfo EncryptedContentInfo,
- certificates [0] CertificateSet OPTIONAL,
- crls [1] CertificateRevocationLists OPTIONAL,
- signerInfos
- SET SIZE (1..MAX) OF
- SignerInfo
- (WITH COMPONENTS {
- ...,
- signerIdentifier (WITH COMPONENTS {
- issuerAndSerialNumber PRESENT
- }),
- authenticatedAttributes ABSENT,
- unauthenticatedAttributes ABSENT
- })
-}
-
--- Digested Data
-digested-data PKCS7-CONTENT-TYPE ::= {
- DigestedData
- IDENTIFIED BY id-digested-data
-}
-
-DigestedData ::= SEQUENCE {
- version Version,
- digestAlgorithm DigestAlgorithmIdentifier,
- contentInfo ContentInfo,
- digest HASH{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable})}
-}
-
--- Encrypted Data
-encrypted-data PKCS7-CONTENT-TYPE ::= {
- EncryptedData
- IDENTIFIED BY id-encrypted-data
-}
-
-EncryptedData ::= SEQUENCE {
- version Version,
- encryptedContentInfo EncryptedContentInfo,
- unprotectedAttributes [1] Attributes OPTIONAL
-}
-
--- Authenticated Data
-authenticated-data PKCS7-CONTENT-TYPE ::= {
- AuthenticatedData
- IDENTIFIED BY id-authenticated-data
-}
-
-AuthenticatedData ::= SEQUENCE {
- version Version,
- originatorInfo [0] OriginatorInfo OPTIONAL,
- recipientInfos RecipientInfos,
- macAlgorithm MessageAuthenticationCodeAlgorithmIdentifier,
- digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
- contentInfo ContentInfo,
- authenticatedAttributes [2] Attributes OPTIONAL,
- messageAuthenticationCode MessageAuthenticationCode,
- unauthenticatedAttributes [3] Attributes OPTIONAL
-}
-
-MessageAuthenticationCodeAlgorithmIdentifier ::= AlgorithmIdentifier
-
-MessageAuthenticationCode ::= OCTET STRING
-
--- Object Identifiers
-id-pkcs OBJECT IDENTIFIER ::=
- {iso member-body usa(840) rsadsi(113549) pkcs(1)}
-
-id-data OBJECT IDENTIFIER ::= {id-pkcs 7 1}
-
-id-signed-data OBJECT IDENTIFIER ::= {id-pkcs 7 2}
-
-id-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 3}
-
-id-signed-and-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 4}
-
-id-digested-data OBJECT IDENTIFIER ::= {id-pkcs 7 5}
-
-id-encrypted-data OBJECT IDENTIFIER ::= {id-pkcs 7 6}
-
-id-authenticated-data OBJECT IDENTIFIER ::= {id-pkcs 9 16 1 2}
-
--- Definitions from PKCS#6
-ExtendedCertificate ::=
- SIGNED{ExtendedCertificateInfo}
-
-ExtendedCertificateInfo ::= SEQUENCE {
- version Version,
- certificate Certificate,
- attributes Attributes
-}
-
-Attributes ::= SET OF Attribute
-
-END -- of PKCS#7
-
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
-