xref: /OK3568_Linux_fs/kernel/crypto/asymmetric_keys/pkcs7.asn1 (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593SmuzhiyunPKCS7ContentInfo ::= SEQUENCE {
2*4882a593Smuzhiyun	contentType	ContentType ({ pkcs7_check_content_type }),
3*4882a593Smuzhiyun	content		[0] EXPLICIT SignedData OPTIONAL
4*4882a593Smuzhiyun}
5*4882a593Smuzhiyun
6*4882a593SmuzhiyunContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
7*4882a593Smuzhiyun
8*4882a593SmuzhiyunSignedData ::= SEQUENCE {
9*4882a593Smuzhiyun	version			INTEGER ({ pkcs7_note_signeddata_version }),
10*4882a593Smuzhiyun	digestAlgorithms	DigestAlgorithmIdentifiers,
11*4882a593Smuzhiyun	contentInfo		ContentInfo ({ pkcs7_note_content }),
12*4882a593Smuzhiyun	certificates		CHOICE {
13*4882a593Smuzhiyun		certSet		[0] IMPLICIT ExtendedCertificatesAndCertificates,
14*4882a593Smuzhiyun		certSequence	[2] IMPLICIT Certificates
15*4882a593Smuzhiyun	} OPTIONAL ({ pkcs7_note_certificate_list }),
16*4882a593Smuzhiyun	crls CHOICE {
17*4882a593Smuzhiyun		crlSet		[1] IMPLICIT CertificateRevocationLists,
18*4882a593Smuzhiyun		crlSequence	[3] IMPLICIT CRLSequence
19*4882a593Smuzhiyun	} OPTIONAL,
20*4882a593Smuzhiyun	signerInfos		SignerInfos
21*4882a593Smuzhiyun}
22*4882a593Smuzhiyun
23*4882a593SmuzhiyunContentInfo ::= SEQUENCE {
24*4882a593Smuzhiyun	contentType	ContentType ({ pkcs7_note_OID }),
25*4882a593Smuzhiyun	content		[0] EXPLICIT Data OPTIONAL
26*4882a593Smuzhiyun}
27*4882a593Smuzhiyun
28*4882a593SmuzhiyunData ::= ANY ({ pkcs7_note_data })
29*4882a593Smuzhiyun
30*4882a593SmuzhiyunDigestAlgorithmIdentifiers ::= CHOICE {
31*4882a593Smuzhiyun	daSet			SET OF DigestAlgorithmIdentifier,
32*4882a593Smuzhiyun	daSequence		SEQUENCE OF DigestAlgorithmIdentifier
33*4882a593Smuzhiyun}
34*4882a593Smuzhiyun
35*4882a593SmuzhiyunDigestAlgorithmIdentifier ::= SEQUENCE {
36*4882a593Smuzhiyun	algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
37*4882a593Smuzhiyun	parameters  ANY OPTIONAL
38*4882a593Smuzhiyun}
39*4882a593Smuzhiyun
40*4882a593Smuzhiyun--
41*4882a593Smuzhiyun-- Certificates and certificate lists
42*4882a593Smuzhiyun--
43*4882a593SmuzhiyunExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
44*4882a593Smuzhiyun
45*4882a593SmuzhiyunExtendedCertificateOrCertificate ::= CHOICE {
46*4882a593Smuzhiyun  certificate		Certificate,				-- X.509
47*4882a593Smuzhiyun  extendedCertificate	[0] IMPLICIT ExtendedCertificate	-- PKCS#6
48*4882a593Smuzhiyun}
49*4882a593Smuzhiyun
50*4882a593SmuzhiyunExtendedCertificate ::= Certificate -- cheating
51*4882a593Smuzhiyun
52*4882a593SmuzhiyunCertificates ::= SEQUENCE OF Certificate
53*4882a593Smuzhiyun
54*4882a593SmuzhiyunCertificateRevocationLists ::= SET OF CertificateList
55*4882a593Smuzhiyun
56*4882a593SmuzhiyunCertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
57*4882a593Smuzhiyun
58*4882a593SmuzhiyunCRLSequence ::= SEQUENCE OF CertificateList
59*4882a593Smuzhiyun
60*4882a593SmuzhiyunCertificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
61*4882a593Smuzhiyun
62*4882a593Smuzhiyun--
63*4882a593Smuzhiyun-- Signer information
64*4882a593Smuzhiyun--
65*4882a593SmuzhiyunSignerInfos ::= CHOICE {
66*4882a593Smuzhiyun	siSet		SET OF SignerInfo,
67*4882a593Smuzhiyun	siSequence	SEQUENCE OF SignerInfo
68*4882a593Smuzhiyun}
69*4882a593Smuzhiyun
70*4882a593SmuzhiyunSignerInfo ::= SEQUENCE {
71*4882a593Smuzhiyun	version			INTEGER ({ pkcs7_note_signerinfo_version }),
72*4882a593Smuzhiyun	sid			SignerIdentifier, -- CMS variant, not PKCS#7
73*4882a593Smuzhiyun	digestAlgorithm		DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
74*4882a593Smuzhiyun	authenticatedAttributes	CHOICE {
75*4882a593Smuzhiyun		aaSet		[0] IMPLICIT SetOfAuthenticatedAttribute
76*4882a593Smuzhiyun					({ pkcs7_sig_note_set_of_authattrs }),
77*4882a593Smuzhiyun		aaSequence	[2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
78*4882a593Smuzhiyun			-- Explicit because easier to compute digest on
79*4882a593Smuzhiyun			-- sequence of attributes and then reuse encoded
80*4882a593Smuzhiyun			-- sequence in aaSequence.
81*4882a593Smuzhiyun	} OPTIONAL,
82*4882a593Smuzhiyun	digestEncryptionAlgorithm
83*4882a593Smuzhiyun				DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
84*4882a593Smuzhiyun	encryptedDigest		EncryptedDigest,
85*4882a593Smuzhiyun	unauthenticatedAttributes CHOICE {
86*4882a593Smuzhiyun		uaSet		[1] IMPLICIT SET OF UnauthenticatedAttribute,
87*4882a593Smuzhiyun		uaSequence	[3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
88*4882a593Smuzhiyun	} OPTIONAL
89*4882a593Smuzhiyun} ({ pkcs7_note_signed_info })
90*4882a593Smuzhiyun
91*4882a593SmuzhiyunSignerIdentifier ::= CHOICE {
92*4882a593Smuzhiyun	-- RFC5652 sec 5.3
93*4882a593Smuzhiyun	issuerAndSerialNumber IssuerAndSerialNumber,
94*4882a593Smuzhiyun        subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
95*4882a593Smuzhiyun}
96*4882a593Smuzhiyun
97*4882a593SmuzhiyunIssuerAndSerialNumber ::= SEQUENCE {
98*4882a593Smuzhiyun	issuer			Name ({ pkcs7_sig_note_issuer }),
99*4882a593Smuzhiyun	serialNumber		CertificateSerialNumber ({ pkcs7_sig_note_serial })
100*4882a593Smuzhiyun}
101*4882a593Smuzhiyun
102*4882a593SmuzhiyunCertificateSerialNumber ::= INTEGER
103*4882a593Smuzhiyun
104*4882a593SmuzhiyunSubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid })
105*4882a593Smuzhiyun
106*4882a593SmuzhiyunSetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
107*4882a593Smuzhiyun
108*4882a593SmuzhiyunAuthenticatedAttribute ::= SEQUENCE {
109*4882a593Smuzhiyun	type			OBJECT IDENTIFIER ({ pkcs7_note_OID }),
110*4882a593Smuzhiyun	values			SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
111*4882a593Smuzhiyun}
112*4882a593Smuzhiyun
113*4882a593SmuzhiyunUnauthenticatedAttribute ::= SEQUENCE {
114*4882a593Smuzhiyun	type			OBJECT IDENTIFIER,
115*4882a593Smuzhiyun	values			SET OF ANY
116*4882a593Smuzhiyun}
117*4882a593Smuzhiyun
118*4882a593SmuzhiyunDigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
119*4882a593Smuzhiyun	algorithm		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
120*4882a593Smuzhiyun	parameters		ANY OPTIONAL
121*4882a593Smuzhiyun}
122*4882a593Smuzhiyun
123*4882a593SmuzhiyunEncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
124*4882a593Smuzhiyun
125*4882a593Smuzhiyun---
126*4882a593Smuzhiyun--- X.500 Name
127*4882a593Smuzhiyun---
128*4882a593SmuzhiyunName ::= SEQUENCE OF RelativeDistinguishedName
129*4882a593Smuzhiyun
130*4882a593SmuzhiyunRelativeDistinguishedName ::= SET OF AttributeValueAssertion
131*4882a593Smuzhiyun
132*4882a593SmuzhiyunAttributeValueAssertion ::= SEQUENCE {
133*4882a593Smuzhiyun	attributeType		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
134*4882a593Smuzhiyun	attributeValue		ANY
135*4882a593Smuzhiyun}
136