crypto/asymmetric_keys/pkcs7.asn1

   1 PKCS7ContentInfo ::= SEQUENCE {
   2         contentType     ContentType,
   3         content         [0] EXPLICIT SignedData OPTIONAL
   4 }
   5
   6 ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
   7
   8 SignedData ::= SEQUENCE {
   9         version                 INTEGER,
  10         digestAlgorithms        DigestAlgorithmIdentifiers,
  11         contentInfo             ContentInfo,
  12         certificates            CHOICE {
  13                 certSet         [0] IMPLICIT ExtendedCertificatesAndCertificates,
  14                 certSequence    [2] IMPLICIT Certificates
  15         } OPTIONAL ({ pkcs7_note_certificate_list }),
  16         crls CHOICE {
  17                 crlSet          [1] IMPLICIT CertificateRevocationLists,
  18                 crlSequence     [3] IMPLICIT CRLSequence
  19         } OPTIONAL,
  20         signerInfos             SignerInfos
  21 }
  22
  23 ContentInfo ::= SEQUENCE {
  24         contentType     ContentType,
  25         content         [0] EXPLICIT Data OPTIONAL
  26 }
  27
  28 Data ::= ANY ({ pkcs7_note_data })
  29
  30 DigestAlgorithmIdentifiers ::= CHOICE {
  31         daSet                   SET OF DigestAlgorithmIdentifier,
  32         daSequence              SEQUENCE OF DigestAlgorithmIdentifier
  33 }
  34
  35 DigestAlgorithmIdentifier ::= SEQUENCE {
  36         algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
  37         parameters  ANY OPTIONAL
  38 }
  39
  40 --
  41 -- Certificates and certificate lists
  42 --
  43 ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
  44
  45 ExtendedCertificateOrCertificate ::= CHOICE {
  46   certificate           Certificate,                            -- X.509
  47   extendedCertificate   [0] IMPLICIT ExtendedCertificate        -- PKCS#6
  48 }
  49
  50 ExtendedCertificate ::= Certificate -- cheating
  51
  52 Certificates ::= SEQUENCE OF Certificate
  53
  54 CertificateRevocationLists ::= SET OF CertificateList
  55
  56 CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
  57
  58 CRLSequence ::= SEQUENCE OF CertificateList
  59
  60 Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
  61
  62 --
  63 -- Signer information
  64 --
  65 SignerInfos ::= CHOICE {
  66         siSet           SET OF SignerInfo,
  67         siSequence      SEQUENCE OF SignerInfo
  68 }
  69
  70 SignerInfo ::= SEQUENCE {
  71         version                 INTEGER,
  72         issuerAndSerialNumber   IssuerAndSerialNumber,
  73         digestAlgorithm         DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
  74         authenticatedAttributes CHOICE {
  75                 aaSet           [0] IMPLICIT SetOfAuthenticatedAttribute
  76                                         ({ pkcs7_sig_note_set_of_authattrs }),
  77                 aaSequence      [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
  78                         -- Explicit because easier to compute digest on
  79                         -- sequence of attributes and then reuse encoded
  80                         -- sequence in aaSequence.
  81         } OPTIONAL,
  82         digestEncryptionAlgorithm
  83                                 DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
  84         encryptedDigest         EncryptedDigest,
  85         unauthenticatedAttributes CHOICE {
  86                 uaSet           [1] IMPLICIT SET OF UnauthenticatedAttribute,
  87                 uaSequence      [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
  88         } OPTIONAL
  89 } ({ pkcs7_note_signed_info })
  90
  91 IssuerAndSerialNumber ::= SEQUENCE {
  92         issuer                  Name ({ pkcs7_sig_note_issuer }),
  93         serialNumber            CertificateSerialNumber ({ pkcs7_sig_note_serial })
  94 }
  95
  96 CertificateSerialNumber ::= INTEGER
  97
  98 SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
  99
 100 AuthenticatedAttribute ::= SEQUENCE {
 101         type                    OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 102         values                  SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
 103 }
 104
 105 UnauthenticatedAttribute ::= SEQUENCE {
 106         type                    OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 107         values                  SET OF ANY
 108 }
 109
 110 DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
 111         algorithm               OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 112         parameters              ANY OPTIONAL
 113 }
 114
 115 EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
 116
 117 ---
 118 --- X.500 Name
 119 ---
 120 Name ::= SEQUENCE OF RelativeDistinguishedName
 121
 122 RelativeDistinguishedName ::= SET OF AttributeValueAssertion
 123
 124 AttributeValueAssertion ::= SEQUENCE {
 125         attributeType           OBJECT IDENTIFIER ({ pkcs7_note_OID }),
 126         attributeValue          ANY
 127 }