Eric Lee / smarc-fsl-linux-kernel

Blame view

crypto/asymmetric_keys/pkcs7.asn1 3.78 KB
edit raw normal view history
2e3fadbf7   David Howells   PKCS#7: Implement... 
1
 
  PKCS7ContentInfo ::= SEQUENCE {
2c7fd3675   David Howells   PKCS#7: Check con... 
2
 
  	contentType	ContentType ({ pkcs7_check_content_type }),
2e3fadbf7   David Howells   PKCS#7: Implement... 
3
4
5
6
7
8
 
  	content		[0] EXPLICIT SignedData OPTIONAL
  }
  
  ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
  
  SignedData ::= SEQUENCE {
2c7fd3675   David Howells   PKCS#7: Check con... 
9
 
  	version			INTEGER ({ pkcs7_note_signeddata_version }),
2e3fadbf7   David Howells   PKCS#7: Implement... 
10
 
  	digestAlgorithms	DigestAlgorithmIdentifiers,
99db44350   David Howells   PKCS#7: Appropria... 
11
 
  	contentInfo		ContentInfo ({ pkcs7_note_content }),
2e3fadbf7   David Howells   PKCS#7: Implement... 
12
13
14
15
16
17
18
19
20
21
22
23
 
  	certificates		CHOICE {
  		certSet		[0] IMPLICIT ExtendedCertificatesAndCertificates,
  		certSequence	[2] IMPLICIT Certificates
  	} OPTIONAL ({ pkcs7_note_certificate_list }),
  	crls CHOICE {
  		crlSet		[1] IMPLICIT CertificateRevocationLists,
  		crlSequence	[3] IMPLICIT CRLSequence
  	} OPTIONAL,
  	signerInfos		SignerInfos
  }
  
  ContentInfo ::= SEQUENCE {
99db44350   David Howells   PKCS#7: Appropria... 
24
 
  	contentType	ContentType ({ pkcs7_note_OID }),
2e3fadbf7   David Howells   PKCS#7: Implement... 
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
  	content		[0] EXPLICIT Data OPTIONAL
  }
  
  Data ::= ANY ({ pkcs7_note_data })
  
  DigestAlgorithmIdentifiers ::= CHOICE {
  	daSet			SET OF DigestAlgorithmIdentifier,
  	daSequence		SEQUENCE OF DigestAlgorithmIdentifier
  }
  
  DigestAlgorithmIdentifier ::= SEQUENCE {
  	algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
  	parameters  ANY OPTIONAL
  }
  
  --
  -- Certificates and certificate lists
  --
  ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
  
  ExtendedCertificateOrCertificate ::= CHOICE {
    certificate		Certificate,				-- X.509
    extendedCertificate	[0] IMPLICIT ExtendedCertificate	-- PKCS#6
  }
  
  ExtendedCertificate ::= Certificate -- cheating
  
  Certificates ::= SEQUENCE OF Certificate
  
  CertificateRevocationLists ::= SET OF CertificateList
  
  CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
  
  CRLSequence ::= SEQUENCE OF CertificateList
  
  Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
  
  --
  -- Signer information
  --
  SignerInfos ::= CHOICE {
  	siSet		SET OF SignerInfo,
  	siSequence	SEQUENCE OF SignerInfo
  }
  
  SignerInfo ::= SEQUENCE {
2c7fd3675   David Howells   PKCS#7: Check con... 
71
 
  	version			INTEGER ({ pkcs7_note_signerinfo_version }),
60d65cacd   David Howells   PKCS#7: Support C... 
72
 
  	sid			SignerIdentifier, -- CMS variant, not PKCS#7
2e3fadbf7   David Howells   PKCS#7: Implement... 
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
  	digestAlgorithm		DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
  	authenticatedAttributes	CHOICE {
  		aaSet		[0] IMPLICIT SetOfAuthenticatedAttribute
  					({ pkcs7_sig_note_set_of_authattrs }),
  		aaSequence	[2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
  			-- Explicit because easier to compute digest on
  			-- sequence of attributes and then reuse encoded
  			-- sequence in aaSequence.
  	} OPTIONAL,
  	digestEncryptionAlgorithm
  				DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
  	encryptedDigest		EncryptedDigest,
  	unauthenticatedAttributes CHOICE {
  		uaSet		[1] IMPLICIT SET OF UnauthenticatedAttribute,
  		uaSequence	[3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
  	} OPTIONAL
  } ({ pkcs7_note_signed_info })
60d65cacd   David Howells   PKCS#7: Support C... 
90
91
92
93
94
 
  SignerIdentifier ::= CHOICE {
  	-- RFC5652 sec 5.3
  	issuerAndSerialNumber IssuerAndSerialNumber,
          subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
  }
2e3fadbf7   David Howells   PKCS#7: Implement... 
95
96
97
98
99
100
 
  IssuerAndSerialNumber ::= SEQUENCE {
  	issuer			Name ({ pkcs7_sig_note_issuer }),
  	serialNumber		CertificateSerialNumber ({ pkcs7_sig_note_serial })
  }
  
  CertificateSerialNumber ::= INTEGER
60d65cacd   David Howells   PKCS#7: Support C... 
101
 
  SubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid })
2e3fadbf7   David Howells   PKCS#7: Implement... 
102
103
104
105
106
107
108
109
 
  SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
  
  AuthenticatedAttribute ::= SEQUENCE {
  	type			OBJECT IDENTIFIER ({ pkcs7_note_OID }),
  	values			SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
  }
  
  UnauthenticatedAttribute ::= SEQUENCE {
99db44350   David Howells   PKCS#7: Appropria... 
110
 
  	type			OBJECT IDENTIFIER,
2e3fadbf7   David Howells   PKCS#7: Implement... 
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
  	values			SET OF ANY
  }
  
  DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
  	algorithm		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
  	parameters		ANY OPTIONAL
  }
  
  EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
  
  ---
  --- X.500 Name
  ---
  Name ::= SEQUENCE OF RelativeDistinguishedName
  
  RelativeDistinguishedName ::= SET OF AttributeValueAssertion
  
  AttributeValueAssertion ::= SEQUENCE {
  	attributeType		OBJECT IDENTIFIER ({ pkcs7_note_OID }),
  	attributeValue		ANY
  }