Linux Audio

Check our new training course

Open Menu / crypto / asymmetric_keys / pkcs7.asn1
Loading...
v6.2
 
 
 
 
 
 
 
  1PKCS7ContentInfo ::= SEQUENCE {
  2	contentType	ContentType ({ pkcs7_check_content_type }),
  3	content		[0] EXPLICIT SignedData OPTIONAL
  4}
  5
  6ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
  7
  8SignedData ::= SEQUENCE {
  9	version			INTEGER ({ pkcs7_note_signeddata_version }),
 10	digestAlgorithms	DigestAlgorithmIdentifiers,
 11	contentInfo		ContentInfo ({ pkcs7_note_content }),
 12	certificates		CHOICE {
 13		certSet		[0] IMPLICIT ExtendedCertificatesAndCertificates,
 14		certSequence	[2] IMPLICIT Certificates
 15	} OPTIONAL ({ pkcs7_note_certificate_list }),
 16	crls CHOICE {
 17		crlSet		[1] IMPLICIT CertificateRevocationLists,
 18		crlSequence	[3] IMPLICIT CRLSequence
 19	} OPTIONAL,
 20	signerInfos		SignerInfos
 21}
 22
 23ContentInfo ::= SEQUENCE {
 24	contentType	ContentType ({ pkcs7_note_OID }),
 25	content		[0] EXPLICIT Data OPTIONAL
 26}
 27
 28Data ::= ANY ({ pkcs7_note_data })
 29
 30DigestAlgorithmIdentifiers ::= CHOICE {
 31	daSet			SET OF DigestAlgorithmIdentifier,
 32	daSequence		SEQUENCE OF DigestAlgorithmIdentifier
 33}
 34
 35DigestAlgorithmIdentifier ::= SEQUENCE {
 36	algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 37	parameters  ANY OPTIONAL
 38}
 39
 40--
 41-- Certificates and certificate lists
 42--
 43ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
 44
 45ExtendedCertificateOrCertificate ::= CHOICE {
 46  certificate		Certificate,				-- X.509
 47  extendedCertificate	[0] IMPLICIT ExtendedCertificate	-- PKCS#6
 48}
 49
 50ExtendedCertificate ::= Certificate -- cheating
 51
 52Certificates ::= SEQUENCE OF Certificate
 53
 54CertificateRevocationLists ::= SET OF CertificateList
 55
 56CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
 57
 58CRLSequence ::= SEQUENCE OF CertificateList
 59
 60Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
 61
 62--
 63-- Signer information
 64--
 65SignerInfos ::= CHOICE {
 66	siSet		SET OF SignerInfo,
 67	siSequence	SEQUENCE OF SignerInfo
 68}
 69
 70SignerInfo ::= SEQUENCE {
 71	version			INTEGER ({ pkcs7_note_signerinfo_version }),
 72	sid			SignerIdentifier, -- CMS variant, not PKCS#7
 73	digestAlgorithm		DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
 74	authenticatedAttributes	CHOICE {
 75		aaSet		[0] IMPLICIT SetOfAuthenticatedAttribute
 76					({ pkcs7_sig_note_set_of_authattrs }),
 77		aaSequence	[2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
 78			-- Explicit because easier to compute digest on
 79			-- sequence of attributes and then reuse encoded
 80			-- sequence in aaSequence.
 81	} OPTIONAL,
 82	digestEncryptionAlgorithm
 83				DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
 84	encryptedDigest		EncryptedDigest,
 85	unauthenticatedAttributes CHOICE {
 86		uaSet		[1] IMPLICIT SET OF UnauthenticatedAttribute,
 87		uaSequence	[3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
 88	} OPTIONAL
 89} ({ pkcs7_note_signed_info })
 90
 91SignerIdentifier ::= CHOICE {
 92	-- RFC5652 sec 5.3
 93	issuerAndSerialNumber IssuerAndSerialNumber,
 94        subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
 95}
 96
 97IssuerAndSerialNumber ::= SEQUENCE {
 98	issuer			Name ({ pkcs7_sig_note_issuer }),
 99	serialNumber		CertificateSerialNumber ({ pkcs7_sig_note_serial })
100}
101
102CertificateSerialNumber ::= INTEGER
103
104SubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid })
105
106SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
107
108AuthenticatedAttribute ::= SEQUENCE {
109	type			OBJECT IDENTIFIER ({ pkcs7_note_OID }),
110	values			SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
111}
112
113UnauthenticatedAttribute ::= SEQUENCE {
114	type			OBJECT IDENTIFIER,
115	values			SET OF ANY
116}
117
118DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
119	algorithm		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
120	parameters		ANY OPTIONAL
121}
122
123EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
124
125---
126--- X.500 Name
127---
128Name ::= SEQUENCE OF RelativeDistinguishedName
129
130RelativeDistinguishedName ::= SET OF AttributeValueAssertion
131
132AttributeValueAssertion ::= SEQUENCE {
133	attributeType		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
134	attributeValue		ANY
135}
v6.8
  1-- SPDX-License-Identifier: BSD-3-Clause
  2--
  3-- Copyright (C) 2009 IETF Trust and the persons identified as authors
  4-- of the code
  5--
  6-- https://www.rfc-editor.org/rfc/rfc5652#section-3
  7
  8PKCS7ContentInfo ::= SEQUENCE {
  9	contentType	ContentType ({ pkcs7_check_content_type }),
 10	content		[0] EXPLICIT SignedData OPTIONAL
 11}
 12
 13ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
 14
 15SignedData ::= SEQUENCE {
 16	version			INTEGER ({ pkcs7_note_signeddata_version }),
 17	digestAlgorithms	DigestAlgorithmIdentifiers,
 18	contentInfo		ContentInfo ({ pkcs7_note_content }),
 19	certificates		CHOICE {
 20		certSet		[0] IMPLICIT ExtendedCertificatesAndCertificates,
 21		certSequence	[2] IMPLICIT Certificates
 22	} OPTIONAL ({ pkcs7_note_certificate_list }),
 23	crls CHOICE {
 24		crlSet		[1] IMPLICIT CertificateRevocationLists,
 25		crlSequence	[3] IMPLICIT CRLSequence
 26	} OPTIONAL,
 27	signerInfos		SignerInfos
 28}
 29
 30ContentInfo ::= SEQUENCE {
 31	contentType	ContentType ({ pkcs7_note_OID }),
 32	content		[0] EXPLICIT Data OPTIONAL
 33}
 34
 35Data ::= ANY ({ pkcs7_note_data })
 36
 37DigestAlgorithmIdentifiers ::= CHOICE {
 38	daSet			SET OF DigestAlgorithmIdentifier,
 39	daSequence		SEQUENCE OF DigestAlgorithmIdentifier
 40}
 41
 42DigestAlgorithmIdentifier ::= SEQUENCE {
 43	algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 44	parameters  ANY OPTIONAL
 45}
 46
 47--
 48-- Certificates and certificate lists
 49--
 50ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
 51
 52ExtendedCertificateOrCertificate ::= CHOICE {
 53  certificate		Certificate,				-- X.509
 54  extendedCertificate	[0] IMPLICIT ExtendedCertificate	-- PKCS#6
 55}
 56
 57ExtendedCertificate ::= Certificate -- cheating
 58
 59Certificates ::= SEQUENCE OF Certificate
 60
 61CertificateRevocationLists ::= SET OF CertificateList
 62
 63CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
 64
 65CRLSequence ::= SEQUENCE OF CertificateList
 66
 67Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
 68
 69--
 70-- Signer information
 71--
 72SignerInfos ::= CHOICE {
 73	siSet		SET OF SignerInfo,
 74	siSequence	SEQUENCE OF SignerInfo
 75}
 76
 77SignerInfo ::= SEQUENCE {
 78	version			INTEGER ({ pkcs7_note_signerinfo_version }),
 79	sid			SignerIdentifier, -- CMS variant, not PKCS#7
 80	digestAlgorithm		DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
 81	authenticatedAttributes	CHOICE {
 82		aaSet		[0] IMPLICIT SetOfAuthenticatedAttribute
 83					({ pkcs7_sig_note_set_of_authattrs }),
 84		aaSequence	[2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
 85			-- Explicit because easier to compute digest on
 86			-- sequence of attributes and then reuse encoded
 87			-- sequence in aaSequence.
 88	} OPTIONAL,
 89	digestEncryptionAlgorithm
 90				DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
 91	encryptedDigest		EncryptedDigest,
 92	unauthenticatedAttributes CHOICE {
 93		uaSet		[1] IMPLICIT SET OF UnauthenticatedAttribute,
 94		uaSequence	[3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
 95	} OPTIONAL
 96} ({ pkcs7_note_signed_info })
 97
 98SignerIdentifier ::= CHOICE {
 99	-- RFC5652 sec 5.3
100	issuerAndSerialNumber IssuerAndSerialNumber,
101        subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
102}
103
104IssuerAndSerialNumber ::= SEQUENCE {
105	issuer			Name ({ pkcs7_sig_note_issuer }),
106	serialNumber		CertificateSerialNumber ({ pkcs7_sig_note_serial })
107}
108
109CertificateSerialNumber ::= INTEGER
110
111SubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid })
112
113SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
114
115AuthenticatedAttribute ::= SEQUENCE {
116	type			OBJECT IDENTIFIER ({ pkcs7_note_OID }),
117	values			SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
118}
119
120UnauthenticatedAttribute ::= SEQUENCE {
121	type			OBJECT IDENTIFIER,
122	values			SET OF ANY
123}
124
125DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
126	algorithm		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
127	parameters		ANY OPTIONAL
128}
129
130EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
131
132---
133--- X.500 Name
134---
135Name ::= SEQUENCE OF RelativeDistinguishedName
136
137RelativeDistinguishedName ::= SET OF AttributeValueAssertion
138
139AttributeValueAssertion ::= SEQUENCE {
140	attributeType		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
141	attributeValue		ANY
142}