"Fossies" - the Fresh Open Source Software Archive

Member "libksba-1.6.0/src/cms.asn" (2 Jun 2021, 15076 Bytes) of package /linux/privat/libksba-1.6.0.tar.bz2:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "cms.asn": 1.5.1_vs_1.6.0.

    1 -- cms.asn - CryptographicMessageSyntax ASN.1 Module
    2 --      Copyright (C) 2001 g10 Code GmbH
    3 --
    4 -- This file is part of KSBA.
    5 --
    6 -- KSBA is free software; you can redistribute it and/or modify
    7 -- it under the terms of either
    8 --
    9 --   - the GNU Lesser General Public License as published by the Free
   10 --     Software Foundation; either version 3 of the License, or (at
   11 --     your option) any later version.
   12 --
   13 -- or
   14 --
   15 --   - the GNU General Public License as published by the Free
   16 --     Software Foundation; either version 2 of the License, or (at
   17 --     your option) any later version.
   18 --
   19 -- or both in parallel, as here.
   20 --
   21 -- KSBA is distributed in the hope that it will be useful, but WITHOUT
   22 -- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
   23 -- or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
   24 -- License for more details.
   25 --
   26 -- You should have received a copies of the GNU General Public License
   27 -- and the GNU Lesser General Public License along with this program;
   28 -- if not, see <http://www.gnu.org/licenses/>.
   29 --
   30 -----------------------------------------------------------------------
   31 -- This module is based on the one given in appendix A of RFC2630 which
   32 -- exhibits this copyright notice:
   33 --
   34 -- Copyright (C) The Internet Society (1999).  All Rights Reserved.
   35 --
   36 -- This document and translations of it may be copied and furnished to
   37 -- others, and derivative works that comment on or otherwise explain it
   38 -- or assist in its implementation may be prepared, copied, published
   39 -- and distributed, in whole or in part, without restriction of any
   40 -- kind, provided that the above copyright notice and this paragraph are
   41 -- included on all such copies and derivative works.  However, this
   42 -- document itself may not be modified in any way, such as by removing
   43 -- the copyright notice or references to the Internet Society or other
   44 -- Internet organizations, except as needed for the purpose of
   45 -- developing Internet standards in which case the procedures for
   46 -- copyrights defined in the Internet Standards process must be
   47 -- followed, or as required to translate it into languages other than
   48 -- English.
   49 --
   50 -- The limited permissions granted above are perpetual and will not be
   51 -- revoked by the Internet Society or its successors or assigns.
   52 --
   53 -- This document and the information contained herein is provided on an
   54 -- "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   55 -- TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   56 -- BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   57 -- HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   58 -- MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
   59 ------------------------------------------------------------------------
   60 
   61 
   62 CryptographicMessageSyntax
   63     { iso(1) member-body(2) us(840) rsadsi(113549)
   64       pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) }
   65 
   66 DEFINITIONS IMPLICIT TAGS ::=
   67 BEGIN
   68 
   69 -- EXPORTS All
   70 -- The types and values defined in this module are exported for use in
   71 -- the other ASN.1 modules.  Other applications may use them for their
   72 -- own purposes.
   73 
   74 -- Out parser does not support IMPORTS, instead we copy them verbatim
   75 -- at the end of this file
   76 --IMPORTS
   77 
   78   -- Directory Information Framework (X.501)
   79 --        Name
   80 --           FROM InformationFramework { joint-iso-itu-t ds(5) modules(1)
   81 --                informationFramework(1) 3 }
   82 
   83   -- Directory Authentication Framework (X.509)
   84 --        AlgorithmIdentifier, AttributeCertificate, Certificate,
   85 --        CertificateList, CertificateSerialNumber
   86 --           FROM AuthenticationFramework { joint-iso-itu-t ds(5)
   87 --                module(1) authenticationFramework(7) 3 } ;
   88 
   89 
   90 -- Cryptographic Message Syntax
   91 
   92 ContentInfo ::= SEQUENCE {
   93   contentType ContentType,
   94   content [0] EXPLICIT ANY DEFINED BY contentType }
   95 
   96 ContentType ::= OBJECT IDENTIFIER
   97 
   98 SignedData ::= SEQUENCE {
   99   version CMSVersion,
  100   digestAlgorithms DigestAlgorithmIdentifiers,
  101   encapContentInfo EncapsulatedContentInfo,
  102   certificates [0] IMPLICIT CertificateSet OPTIONAL,
  103   crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
  104   signerInfos SignerInfos }
  105 
  106 DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
  107 
  108 SignerInfos ::= SET OF SignerInfo
  109 
  110 
  111 EncapsulatedContentInfo ::= SEQUENCE {
  112   eContentType ContentType,
  113   eContent [0] EXPLICIT OCTET STRING OPTIONAL }
  114 
  115 SignerInfo ::= SEQUENCE {
  116   version CMSVersion,
  117   sid SignerIdentifier,
  118   digestAlgorithm DigestAlgorithmIdentifier,
  119   signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
  120   signatureAlgorithm SignatureAlgorithmIdentifier,
  121   signature SignatureValue,
  122   unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
  123 
  124 SignerIdentifier ::= CHOICE {
  125   issuerAndSerialNumber IssuerAndSerialNumber,
  126   subjectKeyIdentifier [0] SubjectKeyIdentifier }
  127 
  128 SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
  129 
  130 UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute
  131 
  132 Attribute ::= SEQUENCE {
  133   attrType OBJECT IDENTIFIER,
  134   attrValues SET OF AttributeValue }
  135 
  136 AttributeValue ::= ANY
  137 
  138 SignatureValue ::= OCTET STRING
  139 
  140 EnvelopedData ::= SEQUENCE {
  141   version CMSVersion,
  142   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
  143   recipientInfos RecipientInfos,
  144   encryptedContentInfo EncryptedContentInfo,
  145   unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
  146 
  147 AuthEnvelopedData ::= SEQUENCE {
  148   version CMSVersion,
  149   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
  150   recipientInfos RecipientInfos,
  151   authEncryptedContentInfo EncryptedContentInfo,
  152   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
  153   mac MessageAuthenticationCode,
  154   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
  155 
  156 OriginatorInfo ::= SEQUENCE {
  157   certs [0] IMPLICIT CertificateSet OPTIONAL,
  158   crls [1] IMPLICIT CertificateRevocationLists OPTIONAL }
  159 
  160 RecipientInfos ::= SET OF RecipientInfo
  161 
  162 EncryptedContentInfo ::= SEQUENCE {
  163   contentType ContentType,
  164   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
  165   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
  166 
  167 EncryptedContent ::= OCTET STRING
  168 
  169 
  170 UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute
  171 
  172 RecipientInfo ::= CHOICE {
  173    ktri KeyTransRecipientInfo,
  174    kari [1] KeyAgreeRecipientInfo,
  175    kekri [2] KEKRecipientInfo,
  176    pwri [3] PasswordRecipientInfo }
  177 
  178 EncryptedKey ::= OCTET STRING
  179 
  180 KeyTransRecipientInfo ::= SEQUENCE {
  181   version CMSVersion,  -- always set to 0 or 2
  182   rid RecipientIdentifier,
  183   keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
  184   encryptedKey EncryptedKey }
  185 
  186 RecipientIdentifier ::= CHOICE {
  187   issuerAndSerialNumber IssuerAndSerialNumber,
  188   subjectKeyIdentifier [0] SubjectKeyIdentifier }
  189 
  190 KeyAgreeRecipientInfo ::= SEQUENCE {
  191   version CMSVersion,  -- always set to 3
  192   originator [0] EXPLICIT OriginatorIdentifierOrKey,
  193   ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
  194   keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
  195   recipientEncryptedKeys RecipientEncryptedKeys }
  196 
  197 OriginatorIdentifierOrKey ::= CHOICE {
  198   issuerAndSerialNumber IssuerAndSerialNumber,
  199   subjectKeyIdentifier [0] SubjectKeyIdentifier,
  200   originatorKey [1] OriginatorPublicKey }
  201 
  202 OriginatorPublicKey ::= SEQUENCE {
  203   algorithm AlgorithmIdentifier,
  204   publicKey BIT STRING }
  205 
  206 RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
  207 
  208 RecipientEncryptedKey ::= SEQUENCE {
  209   rid KeyAgreeRecipientIdentifier,
  210   encryptedKey EncryptedKey }
  211 
  212 KeyAgreeRecipientIdentifier ::= CHOICE {
  213   issuerAndSerialNumber IssuerAndSerialNumber,
  214   rKeyId [0] IMPLICIT RecipientKeyIdentifier }
  215 
  216 
  217 RecipientKeyIdentifier ::= SEQUENCE {
  218   subjectKeyIdentifier SubjectKeyIdentifier,
  219   date GeneralizedTime OPTIONAL,
  220   other OtherKeyAttribute OPTIONAL }
  221 
  222 SubjectKeyIdentifier ::= OCTET STRING
  223 
  224 KEKRecipientInfo ::= SEQUENCE {
  225   version CMSVersion,  -- always set to 4
  226   kekid KEKIdentifier,
  227   keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
  228   encryptedKey EncryptedKey }
  229 
  230 KEKIdentifier ::= SEQUENCE {
  231   keyIdentifier OCTET STRING,
  232   date GeneralizedTime OPTIONAL,
  233   other OtherKeyAttribute OPTIONAL }
  234 
  235 PasswordRecipientInfo ::= SEQUENCE {
  236   version CMSVersion,   -- Always set to 0
  237   keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier OPTIONAL,
  238   keyEncryptionAlgorithm     KeyEncryptionAlgorithmIdentifier,
  239   encryptedKey EncryptedKey }
  240 
  241 
  242 DigestedData ::= SEQUENCE {
  243   version CMSVersion,
  244   digestAlgorithm DigestAlgorithmIdentifier,
  245   encapContentInfo EncapsulatedContentInfo,
  246   digest Digest }
  247 
  248 Digest ::= OCTET STRING
  249 
  250 EncryptedData ::= SEQUENCE {
  251   version CMSVersion,
  252   encryptedContentInfo EncryptedContentInfo,
  253   unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
  254 
  255 AuthenticatedData ::= SEQUENCE {
  256   version CMSVersion,
  257   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
  258   recipientInfos RecipientInfos,
  259   macAlgorithm MessageAuthenticationCodeAlgorithm,
  260   digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
  261   encapContentInfo EncapsulatedContentInfo,
  262   authenticatedAttributes [2] IMPLICIT AuthAttributes OPTIONAL,
  263   mac MessageAuthenticationCode,
  264   unauthenticatedAttributes [3] IMPLICIT UnauthAttributes OPTIONAL }
  265 
  266 AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
  267 
  268 UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
  269 
  270 MessageAuthenticationCode ::= OCTET STRING
  271 
  272 
  273 DigestAlgorithmIdentifier ::= AlgorithmIdentifier
  274 
  275 SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
  276 
  277 KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
  278 
  279 KeyDerivationAlgorithmIdentifier ::= AlgorithmIdentifier
  280 
  281 ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
  282 
  283 MessageAuthenticationCodeAlgorithm ::= AlgorithmIdentifier
  284 
  285 CertificateRevocationLists ::= SET OF CertificateList
  286 
  287 CertificateChoices ::= CHOICE {
  288   certificate Certificate,  -- See X.509
  289   extendedCertificate [0] IMPLICIT ExtendedCertificate  -- Obsolete
  290 -- FIXME  attrCert [1] IMPLICIT AttributeCertificate  -- See X.509 & X9.57
  291 }
  292 
  293 CertificateSet ::= SET OF CertificateChoices
  294 
  295 IssuerAndSerialNumber ::= SEQUENCE {
  296   issuer Name,
  297   serialNumber CertificateSerialNumber }
  298 
  299 CMSVersion ::= INTEGER  { v0(0), v1(1), v2(2), v3(3), v4(4) }
  300 
  301 UserKeyingMaterial ::= OCTET STRING
  302 
  303 OtherKeyAttribute ::= SEQUENCE {
  304   keyAttrId OBJECT IDENTIFIER,
  305   keyAttr ANY DEFINED BY keyAttrId OPTIONAL }
  306 
  307 
  308 -- CMS Attributes
  309 
  310 MessageDigest ::= OCTET STRING
  311 
  312 SigningTime  ::= Time
  313 
  314 Time ::= CHOICE {
  315   utcTime UTCTime,
  316   generalTime GeneralizedTime }
  317 
  318 Countersignature ::= SignerInfo
  319 
  320 
  321 -- Algorithm Identifiers
  322 
  323 sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
  324     oiw(14) secsig(3) algorithm(2) 26 }
  325 
  326 md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
  327     rsadsi(113549) digestAlgorithm(2) 5 }
  328 
  329 id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
  330     us(840) x9-57 (10040) x9cm(4) 3 }
  331 
  332 rsaEncryption OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  333     us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 1 }
  334 
  335 dh-public-number OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  336     us(840) ansi-x942(10046) number-type(2) 1 }
  337 
  338 id-alg-ESDH OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
  339     rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 5 }
  340 
  341 id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  342     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6 }
  343 
  344 id-alg-CMSRC2wrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  345     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 7 }
  346 
  347 des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  348     us(840) rsadsi(113549) encryptionAlgorithm(3) 7 }
  349 
  350 rc2-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
  351     rsadsi(113549) encryptionAlgorithm(3) 2 }
  352 
  353 hMAC-SHA1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
  354     dod(6) internet(1) security(5) mechanisms(5) 8 1 2 }
  355 
  356 
  357 -- Algorithm Parameters
  358 
  359 KeyWrapAlgorithm ::= AlgorithmIdentifier
  360 
  361 RC2wrapParameter ::= RC2ParameterVersion
  362 
  363 RC2ParameterVersion ::= INTEGER
  364 
  365 CBCParameter ::= IV
  366 
  367 IV ::= OCTET STRING  -- exactly 8 octets
  368 
  369 
  370 RC2CBCParameter ::= SEQUENCE {
  371   rc2ParameterVersion INTEGER,
  372   iv OCTET STRING  }  -- exactly 8 octets
  373 
  374 
  375 -- Content Type Object Identifiers
  376 
  377 id-ct-contentInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  378     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
  379     ct(1) 6 }
  380 
  381 id-data OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  382     us(840) rsadsi(113549) pkcs(1) pkcs7(7) 1 }
  383 
  384 id-signedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  385     us(840) rsadsi(113549) pkcs(1) pkcs7(7) 2 }
  386 
  387 id-envelopedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  388     us(840) rsadsi(113549) pkcs(1) pkcs7(7) 3 }
  389 
  390 id-digestedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  391     us(840) rsadsi(113549) pkcs(1) pkcs7(7) 5 }
  392 
  393 id-encryptedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  394     us(840) rsadsi(113549) pkcs(1) pkcs7(7) 6 }
  395 
  396 id-ct-authData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  397     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)  ct(1) 2 }
  398 
  399 id-authEnvelopedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  400     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 23 }
  401 
  402 
  403 -- Attribute Object Identifiers
  404 
  405 id-contentType OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  406     us(840) rsadsi(113549) pkcs(1) pkcs9(9) 3 }
  407 
  408 id-messageDigest OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  409     us(840) rsadsi(113549) pkcs(1) pkcs9(9) 4 }
  410 
  411 id-signingTime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  412     us(840) rsadsi(113549) pkcs(1) pkcs9(9) 5 }
  413 
  414 id-countersignature OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  415     us(840) rsadsi(113549) pkcs(1) pkcs9(9) 6 }
  416 
  417 
  418 -- Obsolete Extended Certificate syntax from PKCS#6
  419 
  420 ExtendedCertificate ::= SEQUENCE {
  421   extendedCertificateInfo ExtendedCertificateInfo,
  422   signatureAlgorithm SignatureAlgorithmIdentifier,
  423   signature Signature }
  424 
  425 ExtendedCertificateInfo ::= SEQUENCE {
  426   version CMSVersion,
  427   certificate Certificate,
  428   attributes UnauthAttributes }
  429 
  430 Signature ::= BIT STRING
  431 
  432 --*******************************************
  433 --***********  Included imports  ************
  434 --*******************************************
  435 
  436 -- Directory Information Framework (X.501)
  437 --        Name
  438 --           FROM InformationFramework { joint-iso-itu-t ds(5) modules(1)
  439 --                informationFramework(1) 3 }
  440 
  441 Name ::= CHOICE {
  442   rdnSequence RDNSequence
  443 }
  444 
  445 RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
  446 
  447 RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
  448 
  449 AttributeTypeAndValue ::= SEQUENCE {
  450   type    AttributeType,
  451   value   AttributeValue
  452 }
  453 
  454 AttributeType ::= OBJECT IDENTIFIER
  455 
  456 AttributeValue ::= ANY
  457 
  458 
  459 -- Directory Authentication Framework (X.509)
  460 --        AlgorithmIdentifier, AttributeCertificate, Certificate,
  461 --        CertificateList, CertificateSerialNumber
  462 --           FROM AuthenticationFramework { joint-iso-itu-t ds(5)
  463 --                module(1) authenticationFramework(7) 3 } ;
  464 
  465 AlgorithmIdentifier ::= SEQUENCE {
  466   algorithm    OBJECT IDENTIFIER,
  467   parameters   ANY DEFINED BY algorithm OPTIONAL
  468 }
  469 
  470 -- Note: AttributeCertificate is not needed
  471 
  472 -- We handle a certificate by utilizing our ksba_cert_ functions
  473 Certificate ::= ANY
  474 
  475 -- Likewise
  476 CertificateList ::= ANY
  477 
  478 CertificateSerialNumber ::= INTEGER
  479 
  480 
  481 
  482 
  483 END -- of CryptographicMessageSyntax