1226031Sstas-- From RFC 3369 -- 2226031Sstas-- $Id$ -- 3226031Sstas 4226031SstasCMS DEFINITIONS ::= BEGIN 5226031Sstas 6226031SstasIMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name, 7226031Sstas Attribute, Certificate, SubjectKeyIdentifier FROM rfc2459 8226031Sstas heim_any, heim_any_set FROM heim; 9226031Sstas 10226031Sstasid-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) 11226031Sstas us(840) rsadsi(113549) pkcs(1) pkcs7(7) } 12226031Sstas 13226031Sstasid-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 } 14226031Sstasid-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 } 15226031Sstasid-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 } 16226031Sstasid-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 } 17226031Sstasid-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 } 18226031Sstasid-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 } 19226031Sstas 20226031SstasCMSVersion ::= INTEGER { 21226031Sstas CMSVersion_v0(0), 22226031Sstas CMSVersion_v1(1), 23226031Sstas CMSVersion_v2(2), 24226031Sstas CMSVersion_v3(3), 25226031Sstas CMSVersion_v4(4) 26226031Sstas} 27226031Sstas 28226031SstasDigestAlgorithmIdentifier ::= AlgorithmIdentifier 29226031SstasDigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier 30226031SstasSignatureAlgorithmIdentifier ::= AlgorithmIdentifier 31226031Sstas 32226031SstasContentType ::= OBJECT IDENTIFIER 33226031SstasMessageDigest ::= OCTET STRING 34226031Sstas 35226031SstasContentInfo ::= SEQUENCE { 36226031Sstas contentType ContentType, 37226031Sstas content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType 38226031Sstas} 39226031Sstas 40226031SstasEncapsulatedContentInfo ::= SEQUENCE { 41226031Sstas eContentType ContentType, 42226031Sstas eContent [0] EXPLICIT OCTET STRING OPTIONAL 43226031Sstas} 44226031Sstas 45226031SstasCertificateSet ::= SET OF heim_any 46226031Sstas 47226031SstasCertificateList ::= Certificate 48226031Sstas 49226031SstasCertificateRevocationLists ::= SET OF CertificateList 50226031Sstas 51226031SstasIssuerAndSerialNumber ::= SEQUENCE { 52226031Sstas issuer Name, 53226031Sstas serialNumber CertificateSerialNumber 54226031Sstas} 55226031Sstas 56226031Sstas-- RecipientIdentifier is same as SignerIdentifier, 57226031Sstas-- lets glue them togheter and save some bytes and share code for them 58226031Sstas 59226031SstasCMSIdentifier ::= CHOICE { 60226031Sstas issuerAndSerialNumber IssuerAndSerialNumber, 61226031Sstas subjectKeyIdentifier [0] SubjectKeyIdentifier 62226031Sstas} 63226031Sstas 64226031SstasSignerIdentifier ::= CMSIdentifier 65226031SstasRecipientIdentifier ::= CMSIdentifier 66226031Sstas 67226031Sstas--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes 68226031Sstas--- to store space and share code 69226031Sstas 70226031SstasCMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) 71226031Sstas 72226031SstasSignatureValue ::= OCTET STRING 73226031Sstas 74226031SstasSignerInfo ::= SEQUENCE { 75226031Sstas version CMSVersion, 76226031Sstas sid SignerIdentifier, 77226031Sstas digestAlgorithm DigestAlgorithmIdentifier, 78226031Sstas signedAttrs [0] IMPLICIT -- CMSAttributes -- 79226031Sstas SET OF Attribute OPTIONAL, 80226031Sstas signatureAlgorithm SignatureAlgorithmIdentifier, 81226031Sstas signature SignatureValue, 82226031Sstas unsignedAttrs [1] IMPLICIT -- CMSAttributes -- 83226031Sstas SET OF Attribute OPTIONAL 84226031Sstas} 85226031Sstas 86226031SstasSignerInfos ::= SET OF SignerInfo 87226031Sstas 88226031SstasSignedData ::= SEQUENCE { 89226031Sstas version CMSVersion, 90226031Sstas digestAlgorithms DigestAlgorithmIdentifiers, 91226031Sstas encapContentInfo EncapsulatedContentInfo, 92226031Sstas certificates [0] IMPLICIT -- CertificateSet -- 93226031Sstas SET OF heim_any OPTIONAL, 94226031Sstas crls [1] IMPLICIT -- CertificateRevocationLists -- 95226031Sstas heim_any OPTIONAL, 96226031Sstas signerInfos SignerInfos 97226031Sstas} 98226031Sstas 99226031SstasOriginatorInfo ::= SEQUENCE { 100226031Sstas certs [0] IMPLICIT -- CertificateSet -- 101226031Sstas SET OF heim_any OPTIONAL, 102226031Sstas crls [1] IMPLICIT --CertificateRevocationLists -- 103226031Sstas heim_any OPTIONAL 104226031Sstas} 105226031Sstas 106226031SstasKeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 107226031SstasContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 108226031Sstas 109226031SstasEncryptedKey ::= OCTET STRING 110226031Sstas 111226031SstasKeyTransRecipientInfo ::= SEQUENCE { 112226031Sstas version CMSVersion, -- always set to 0 or 2 113226031Sstas rid RecipientIdentifier, 114226031Sstas keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, 115226031Sstas encryptedKey EncryptedKey 116226031Sstas} 117226031Sstas 118226031SstasRecipientInfo ::= KeyTransRecipientInfo 119226031Sstas 120226031SstasRecipientInfos ::= SET OF RecipientInfo 121226031Sstas 122226031SstasEncryptedContent ::= OCTET STRING 123226031Sstas 124226031SstasEncryptedContentInfo ::= SEQUENCE { 125226031Sstas contentType ContentType, 126226031Sstas contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, 127226031Sstas encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL 128226031Sstas} 129226031Sstas 130226031SstasUnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX) 131226031Sstas 132226031SstasCMSEncryptedData ::= SEQUENCE { 133226031Sstas version CMSVersion, 134226031Sstas encryptedContentInfo EncryptedContentInfo, 135226031Sstas unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- 136226031Sstas heim_any OPTIONAL 137226031Sstas} 138226031Sstas 139226031SstasEnvelopedData ::= SEQUENCE { 140226031Sstas version CMSVersion, 141226031Sstas originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL, 142226031Sstas recipientInfos RecipientInfos, 143226031Sstas encryptedContentInfo EncryptedContentInfo, 144226031Sstas unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- 145226031Sstas heim_any OPTIONAL 146226031Sstas} 147226031Sstas 148226031Sstas-- Data ::= OCTET STRING 149226031Sstas 150226031SstasCMSRC2CBCParameter ::= SEQUENCE { 151226031Sstas rc2ParameterVersion INTEGER (0..4294967295), 152226031Sstas iv OCTET STRING -- exactly 8 octets 153226031Sstas} 154226031Sstas 155226031SstasCMSCBCParameter ::= OCTET STRING 156226031Sstas 157226031SstasEND 158