mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
158 lines
4.2 KiB
Groff
158 lines
4.2 KiB
Groff
-- From RFC 3369 --
|
|
-- $Id$ --
|
|
|
|
CMS DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name,
|
|
Attribute, Certificate, SubjectKeyIdentifier FROM rfc2459
|
|
heim_any, heim_any_set FROM heim;
|
|
|
|
id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
|
|
us(840) rsadsi(113549) pkcs(1) pkcs7(7) }
|
|
|
|
id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 }
|
|
id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 }
|
|
id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 }
|
|
id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 }
|
|
id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 }
|
|
id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 }
|
|
|
|
CMSVersion ::= INTEGER {
|
|
CMSVersion_v0(0),
|
|
CMSVersion_v1(1),
|
|
CMSVersion_v2(2),
|
|
CMSVersion_v3(3),
|
|
CMSVersion_v4(4)
|
|
}
|
|
|
|
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
|
|
DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
|
|
SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
|
|
|
|
ContentType ::= OBJECT IDENTIFIER
|
|
MessageDigest ::= OCTET STRING
|
|
|
|
ContentInfo ::= SEQUENCE {
|
|
contentType ContentType,
|
|
content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType
|
|
}
|
|
|
|
EncapsulatedContentInfo ::= SEQUENCE {
|
|
eContentType ContentType,
|
|
eContent [0] EXPLICIT OCTET STRING OPTIONAL
|
|
}
|
|
|
|
CertificateSet ::= SET OF heim_any
|
|
|
|
CertificateList ::= Certificate
|
|
|
|
CertificateRevocationLists ::= SET OF CertificateList
|
|
|
|
IssuerAndSerialNumber ::= SEQUENCE {
|
|
issuer Name,
|
|
serialNumber CertificateSerialNumber
|
|
}
|
|
|
|
-- RecipientIdentifier is same as SignerIdentifier,
|
|
-- lets glue them togheter and save some bytes and share code for them
|
|
|
|
CMSIdentifier ::= CHOICE {
|
|
issuerAndSerialNumber IssuerAndSerialNumber,
|
|
subjectKeyIdentifier [0] SubjectKeyIdentifier
|
|
}
|
|
|
|
SignerIdentifier ::= CMSIdentifier
|
|
RecipientIdentifier ::= CMSIdentifier
|
|
|
|
--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes
|
|
--- to store space and share code
|
|
|
|
CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX)
|
|
|
|
SignatureValue ::= OCTET STRING
|
|
|
|
SignerInfo ::= SEQUENCE {
|
|
version CMSVersion,
|
|
sid SignerIdentifier,
|
|
digestAlgorithm DigestAlgorithmIdentifier,
|
|
signedAttrs [0] IMPLICIT -- CMSAttributes --
|
|
SET OF Attribute OPTIONAL,
|
|
signatureAlgorithm SignatureAlgorithmIdentifier,
|
|
signature SignatureValue,
|
|
unsignedAttrs [1] IMPLICIT -- CMSAttributes --
|
|
SET OF Attribute OPTIONAL
|
|
}
|
|
|
|
SignerInfos ::= SET OF SignerInfo
|
|
|
|
SignedData ::= SEQUENCE {
|
|
version CMSVersion,
|
|
digestAlgorithms DigestAlgorithmIdentifiers,
|
|
encapContentInfo EncapsulatedContentInfo,
|
|
certificates [0] IMPLICIT -- CertificateSet --
|
|
SET OF heim_any OPTIONAL,
|
|
crls [1] IMPLICIT -- CertificateRevocationLists --
|
|
heim_any OPTIONAL,
|
|
signerInfos SignerInfos
|
|
}
|
|
|
|
OriginatorInfo ::= SEQUENCE {
|
|
certs [0] IMPLICIT -- CertificateSet --
|
|
SET OF heim_any OPTIONAL,
|
|
crls [1] IMPLICIT --CertificateRevocationLists --
|
|
heim_any OPTIONAL
|
|
}
|
|
|
|
KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
|
|
ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
|
|
|
|
EncryptedKey ::= OCTET STRING
|
|
|
|
KeyTransRecipientInfo ::= SEQUENCE {
|
|
version CMSVersion, -- always set to 0 or 2
|
|
rid RecipientIdentifier,
|
|
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
|
|
encryptedKey EncryptedKey
|
|
}
|
|
|
|
RecipientInfo ::= KeyTransRecipientInfo
|
|
|
|
RecipientInfos ::= SET OF RecipientInfo
|
|
|
|
EncryptedContent ::= OCTET STRING
|
|
|
|
EncryptedContentInfo ::= SEQUENCE {
|
|
contentType ContentType,
|
|
contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
|
|
encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL
|
|
}
|
|
|
|
UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX)
|
|
|
|
CMSEncryptedData ::= SEQUENCE {
|
|
version CMSVersion,
|
|
encryptedContentInfo EncryptedContentInfo,
|
|
unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
|
|
heim_any OPTIONAL
|
|
}
|
|
|
|
EnvelopedData ::= SEQUENCE {
|
|
version CMSVersion,
|
|
originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL,
|
|
recipientInfos RecipientInfos,
|
|
encryptedContentInfo EncryptedContentInfo,
|
|
unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
|
|
heim_any OPTIONAL
|
|
}
|
|
|
|
-- Data ::= OCTET STRING
|
|
|
|
CMSRC2CBCParameter ::= SEQUENCE {
|
|
rc2ParameterVersion INTEGER (0..4294967295),
|
|
iv OCTET STRING -- exactly 8 octets
|
|
}
|
|
|
|
CMSCBCParameter ::= OCTET STRING
|
|
|
|
END
|