projects / linux-2.6-block.git / blame
| Commit | Line | Data |
|---|---|---|
| 201c0da4 LW |
1 | -- SPDX-License-Identifier: BSD-3-Clause |
| 2 | -- | |
| 3 | -- Copyright (C) 2009 IETF Trust and the persons identified as authors | |
| 4 | -- of the code | |
| 5 | -- | |
| 6 | -- https://www.rfc-editor.org/rfc/rfc5652#section-3 | |
| 7 | ||
| 2e3fadbf | 8 | PKCS7ContentInfo ::= SEQUENCE { |
| 2c7fd367 | 9 | contentType ContentType ({ pkcs7_check_content_type }), |
| 2e3fadbf DH |
10 | content [0] EXPLICIT SignedData OPTIONAL |
| 11 | } | |
| 12 | ||
| 13 | ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID }) | |
| 14 | ||
| 15 | SignedData ::= SEQUENCE { | |
| 2c7fd367 | 16 | version INTEGER ({ pkcs7_note_signeddata_version }), |
| 2e3fadbf | 17 | digestAlgorithms DigestAlgorithmIdentifiers, |
| 99db4435 | 18 | contentInfo ContentInfo ({ pkcs7_note_content }), |
| 2e3fadbf DH |
19 | certificates CHOICE { |
| 20 | certSet [0] IMPLICIT ExtendedCertificatesAndCertificates, | |
| 21 | certSequence [2] IMPLICIT Certificates | |
| 22 | } OPTIONAL ({ pkcs7_note_certificate_list }), | |
| 23 | crls CHOICE { | |
| 24 | crlSet [1] IMPLICIT CertificateRevocationLists, | |
| 25 | crlSequence [3] IMPLICIT CRLSequence | |
| 26 | } OPTIONAL, | |
| 27 | signerInfos SignerInfos | |
| 28 | } | |
| 29 | ||
| 30 | ContentInfo ::= SEQUENCE { | |
| 99db4435 | 31 | contentType ContentType ({ pkcs7_note_OID }), |
| 2e3fadbf DH |
32 | content [0] EXPLICIT Data OPTIONAL |
| 33 | } | |
| 34 | ||
| 35 | Data ::= ANY ({ pkcs7_note_data }) | |
| 36 | ||
| 37 | DigestAlgorithmIdentifiers ::= CHOICE { | |
| 38 | daSet SET OF DigestAlgorithmIdentifier, | |
| 39 | daSequence SEQUENCE OF DigestAlgorithmIdentifier | |
| 40 | } | |
| 41 | ||
| 42 | DigestAlgorithmIdentifier ::= SEQUENCE { | |
| 43 | algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), | |
| 44 | parameters ANY OPTIONAL | |
| 45 | } | |
| 46 | ||
| 47 | -- | |
| 48 | -- Certificates and certificate lists | |
| 49 | -- | |
| 50 | ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate | |
| 51 | ||
| 52 | ExtendedCertificateOrCertificate ::= CHOICE { | |
| 53 | certificate Certificate, -- X.509 | |
| 54 | extendedCertificate [0] IMPLICIT ExtendedCertificate -- PKCS#6 | |
| 55 | } | |
| 56 | ||
| 57 | ExtendedCertificate ::= Certificate -- cheating | |
| 58 | ||
| 59 | Certificates ::= SEQUENCE OF Certificate | |
| 60 | ||
| 61 | CertificateRevocationLists ::= SET OF CertificateList | |
| 62 | ||
| 63 | CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly | |
| 64 | ||
| 65 | CRLSequence ::= SEQUENCE OF CertificateList | |
| 66 | ||
| 67 | Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509 | |
| 68 | ||
| 69 | -- | |
| 70 | -- Signer information | |
| 71 | -- | |
| 72 | SignerInfos ::= CHOICE { | |
| 73 | siSet SET OF SignerInfo, | |
| 74 | siSequence SEQUENCE OF SignerInfo | |
| 75 | } | |
| 76 | ||
| 77 | SignerInfo ::= SEQUENCE { | |
| 2c7fd367 | 78 | version INTEGER ({ pkcs7_note_signerinfo_version }), |
| 60d65cac | 79 | sid SignerIdentifier, -- CMS variant, not PKCS#7 |
| 2e3fadbf DH |
80 | digestAlgorithm DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }), |
| 81 | authenticatedAttributes CHOICE { | |
| 82 | aaSet [0] IMPLICIT SetOfAuthenticatedAttribute | |
| 83 | ({ pkcs7_sig_note_set_of_authattrs }), | |
| 84 | aaSequence [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute | |
| 85 | -- Explicit because easier to compute digest on | |
| 86 | -- sequence of attributes and then reuse encoded | |
| 87 | -- sequence in aaSequence. | |
| 88 | } OPTIONAL, | |
| 89 | digestEncryptionAlgorithm | |
| 90 | DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }), | |
| 91 | encryptedDigest EncryptedDigest, | |
| 92 | unauthenticatedAttributes CHOICE { | |
| 93 | uaSet [1] IMPLICIT SET OF UnauthenticatedAttribute, | |
| 94 | uaSequence [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute | |
| 95 | } OPTIONAL | |
| 96 | } ({ pkcs7_note_signed_info }) | |
| 97 | ||
| 60d65cac DH |
98 | SignerIdentifier ::= CHOICE { |
| 99 | -- RFC5652 sec 5.3 | |
| 100 | issuerAndSerialNumber IssuerAndSerialNumber, | |
| 101 | subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier | |
| 102 | } | |
| 103 | ||
| 2e3fadbf DH |
104 | IssuerAndSerialNumber ::= SEQUENCE { |
| 105 | issuer Name ({ pkcs7_sig_note_issuer }), | |
| 106 | serialNumber CertificateSerialNumber ({ pkcs7_sig_note_serial }) | |
| 107 | } | |
| 108 | ||
| 109 | CertificateSerialNumber ::= INTEGER | |
| 110 | ||
| 60d65cac DH |
111 | SubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid }) |
| 112 | ||
| 2e3fadbf DH |
113 | SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute |
| 114 | ||
| 115 | AuthenticatedAttribute ::= SEQUENCE { | |
| 116 | type OBJECT IDENTIFIER ({ pkcs7_note_OID }), | |
| 117 | values SET OF ANY ({ pkcs7_sig_note_authenticated_attr }) | |
| 118 | } | |
| 119 | ||
| 120 | UnauthenticatedAttribute ::= SEQUENCE { | |
| 99db4435 | 121 | type OBJECT IDENTIFIER, |
| 2e3fadbf DH |
122 | values SET OF ANY |
| 123 | } | |
| 124 | ||
| 125 | DigestEncryptionAlgorithmIdentifier ::= SEQUENCE { | |
| 126 | algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), | |
| 127 | parameters ANY OPTIONAL | |
| 128 | } | |
| 129 | ||
| 130 | EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature }) | |
| 131 | ||
| 132 | --- | |
| 133 | --- X.500 Name | |
| 134 | --- | |
| 135 | Name ::= SEQUENCE OF RelativeDistinguishedName | |
| 136 | ||
| 137 | RelativeDistinguishedName ::= SET OF AttributeValueAssertion | |
| 138 | ||
| 139 | AttributeValueAssertion ::= SEQUENCE { | |
| 140 | attributeType OBJECT IDENTIFIER ({ pkcs7_note_OID }), | |
| 141 | attributeValue ANY | |
| 142 | } |