diff options
author | Dan Gudmundsson <[email protected]> | 2014-10-17 10:26:02 +0200 |
---|---|---|
committer | Björn Gustavsson <[email protected]> | 2015-01-12 11:40:27 +0100 |
commit | 8a39672af4d9becac56ca069ecc107d68b202dcb (patch) | |
tree | f5c7b3fc50a8355fea1b0844247ba3031710857e /lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1 | |
parent | 7339da14195d1eeac133be8b9b7287ac8b577114 (diff) | |
download | otp-8a39672af4d9becac56ca069ecc107d68b202dcb.tar.gz otp-8a39672af4d9becac56ca069ecc107d68b202dcb.tar.bz2 otp-8a39672af4d9becac56ca069ecc107d68b202dcb.zip |
Add the other PKCS files to the rfcs test case
Changed the following from the original copies:
PKCS-5 (renamed from PKCS-v21)
PKCS-9 Import from CryptographicMessageSyntax-2009 instead
of CryptographicMessageSyntax
Since most of the files from the x420 directory are needed,
copy all of them into the rfcs directory and remove the
x420 directory and test case. Copy the test of OTP-7759 to
the testRfcs test case.
Diffstat (limited to 'lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1')
-rw-r--r-- | lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1 | 342 |
1 files changed, 342 insertions, 0 deletions
diff --git a/lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1 b/lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1 new file mode 100644 index 0000000000..ab555200bb --- /dev/null +++ b/lib/asn1/test/asn1_SUITE_data/rfcs/OLD-PKCS7.asn1 @@ -0,0 +1,342 @@ +-- Module PKCS7 (X.420:06/1999) +-- The ASN.1 in version 1.5 of the PKCS#7 document is not defined in an ASN.1 module. This prevents an IMPORT of it into other ASN.1 modules. +-- This Annex contains a module of PKCS#7 ASN.1 definitions conforming to current ASN.1 standards rather than the obsolescent (and now deprecated) 1988/90 version of ASN.1 used in version 1.5 of PKCS#7. +-- Extensions to PKCS#7 defined in RFC 2630 are included. +-- If differences are found between the ASN.1 in the following module and that in PKCS#7, the latter is definitive. +OLD-PKCS7 {iso member-body usa(840) rsadsi(113549) pkcs(1) 7 + module(0) -- module not currently defined in PKCS#7 --} DEFINITIONS IMPLICIT +TAGS ::= +BEGIN + +IMPORTS + -- Directory Information Framework + Attribute, Name + --== + FROM InformationFramework {joint-iso-itu-t ds(5) module(1) + informationFramework(1) 3} + -- Directory Authentication Framework + AlgorithmIdentifier, AttributeCertificate, Certificate, CertificateList, + CertificateSerialNumber, HASH{}, SIGNED{} + --== + FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) + authenticationFramework(7) 3}; + +-- In PKCS#7 the HASHED parameterised type applies the hash function to the +-- contents octets component of a DER encoding of a value of the parameter. +-- The ENCRYPTED parameterised type is redefined here because PKCS#7 encrypted values are +-- defined as OCTET STRING, instead of BIT STRING as in the Directory Authentication Framework +ENCRYPTED{ToBeEnciphered} ::= + OCTET STRING + (CONSTRAINED BY { + -- must be the result of applying an encipherment procedure to the contents octets component + -- of a definite-length BER-encoding of a value of --ToBeEnciphered}) + +ContentInfo ::= SEQUENCE { + content-type PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}), + pkcs7-content [0] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}) +} + +PKCS7-CONTENT-TYPE ::= TYPE-IDENTIFIER + +PKCS7ContentTable PKCS7-CONTENT-TYPE ::= + {data | signed-data | enveloped-data | signed-and-enveloped-data | + digested-data | encrypted-data | authenticated-data, ...} + +-- Data +data PKCS7-CONTENT-TYPE ::= {Data + IDENTIFIED BY id-data +} + +Data ::= OCTET STRING + +-- Signed Data +signed-data PKCS7-CONTENT-TYPE ::= {SignedData + IDENTIFIED BY id-signed-data +} + +SignedData ::= SEQUENCE { + version Version, + digestAlgorithms DigestAlgorithmIdentifiers, + contentInfo ContentInfo, + certificates [0] CertificateSet OPTIONAL, + crls [1] CertificateRevocationLists OPTIONAL, + signerInfos SignerInfos +} + +Version ::= INTEGER + +DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier + +DigestAlgorithmIdentifier ::= AlgorithmIdentifier + +CertificateSet ::= SET OF CertificateChoice + +CertificateChoice ::= CHOICE { + certificate Certificate, + extendedCertificate [0] ExtendedCertificate, -- Obsolete + attributeCertificate [1] AttributeCertificate +} + +CertificateRevocationLists ::= SET OF CertificateList + +SignerInfos ::= SET OF SignerInfo + +SignerInfo ::= SEQUENCE { + version Version, + signerIdentifier SignerIdentifier, + digestAlgorithm DigestAlgorithmIdentifier, + authenticatedAttributes [0] Attributes OPTIONAL, + digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, + encryptedDigest EncryptedDigest, + unauthenticatedAttributes [1] Attributes OPTIONAL +} + +SignerIdentifier ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [2] SubjectKeyIdentifier +} + +IssuerAndSerialNumber ::= SEQUENCE { + issuer Name, + serialNumber CertificateSerialNumber +} + +SubjectKeyIdentifier ::= OCTET STRING + +DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + +EncryptedDigest ::= ENCRYPTED{DigestInfo} + +DigestInfo ::= SEQUENCE { + digestAlgorithm DigestAlgorithmIdentifier, + digest Digest +} + +Digest ::= + HASH + {CHOICE {content + [1] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}), + authenticated-attributes [0] EXPLICIT Attributes}} + +-- Enveloped Data +enveloped-data PKCS7-CONTENT-TYPE ::= { + EnvelopedData + IDENTIFIED BY id-enveloped-data +} + +EnvelopedData ::= SEQUENCE { + version Version, + originatorInfo [0] OriginatorInfo OPTIONAL, + recipientInfos RecipientInfos, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttributes [1] Attributes OPTIONAL +} + +OriginatorInfo ::= SEQUENCE { + certificates [0] CertificateSet OPTIONAL, + crls [1] CertificateRevocationLists OPTIONAL +} + +RecipientInfos ::= SET SIZE (1..MAX) OF RecipientInfo + +RecipientInfo ::= CHOICE { + keyTransportRecipientInfo KeyTransportRecipientInfo, + keyAgreementRecipientInfo [1] KeyAgreementRecipientInfo, + keyEncryptionKeyRecipientInfo [2] KeyEncryptionKeyRecipientInfo +} + +KeyTransportRecipientInfo ::= SEQUENCE { + version Version, + recipientIdentifier RecipientIdentifier, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey +} + +RecipientIdentifier ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [0] SubjectKeyIdentifier +} + +KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + +EncryptedKey ::= OCTET STRING + +KeyAgreementRecipientInfo ::= SEQUENCE { + version Version, + originator [0] OriginatorIdentifierOrKey, + userKeyingMaterial [1] EXPLICIT OCTET STRING OPTIONAL, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + recipientEncryptedKeys RecipientEncryptedKeys +} + +OriginatorIdentifierOrKey ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [0] SubjectKeyIdentifier, + originatorPublicKey [1] OriginatorPublicKey +} + +OriginatorPublicKey ::= SEQUENCE { + algorithm AlgorithmIdentifier, + publicKey BIT STRING +} + +RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey + +RecipientEncryptedKey ::= SEQUENCE { + recipientIdentifier KeyAgreementRecipientIdentifier, + encryptedKey EncryptedKey +} + +KeyAgreementRecipientIdentifier ::= CHOICE { + issuerAndSerialNumber IssuerAndSerialNumber, + recipientKeyIdentifier [0] RecipientKeyIdentifier +} + +RecipientKeyIdentifier ::= SEQUENCE { + subjectKeyIdentifier SubjectKeyIdentifier, + date GeneralizedTime OPTIONAL, + otherKeyAttribute OtherKeyAttribute OPTIONAL +} + +OtherKeyAttribute ::= SEQUENCE { + keyAttributeIdentifier OTHER-KEY-ATTRIBUTE.&id({OtherKeyAttributeTable}), + keyAttribute + OTHER-KEY-ATTRIBUTE.&Type + ({OtherKeyAttributeTable}{@keyAttributeIdentifier}) OPTIONAL +} + +OTHER-KEY-ATTRIBUTE ::= TYPE-IDENTIFIER + +OtherKeyAttributeTable OTHER-KEY-ATTRIBUTE ::= + {...} + +KeyEncryptionKeyRecipientInfo ::= SEQUENCE { + version Version, + keyEncryptionKeyIdentifier KeyEncryptionKeyIdentifier, + keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, + encryptedKey EncryptedKey +} + +KeyEncryptionKeyIdentifier ::= SEQUENCE { + keyIdentifier OCTET STRING, + date GeneralizedTime OPTIONAL, + otherKeyAttribute OtherKeyAttribute OPTIONAL +} + +EncryptedContentInfo ::= SEQUENCE { + contentType PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}), + contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, + encryptedContent + [0] ENCRYPTED{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}{@.contentType})} + OPTIONAL +} + +ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + +-- Signed and Enveloped Data +signed-and-enveloped-data PKCS7-CONTENT-TYPE ::= { + SignedAndEnvelopedData + IDENTIFIED BY id-signed-and-enveloped-data +} + +SignedAndEnvelopedData ::= SEQUENCE { + version Version, + recipientInfos SET SIZE (1..MAX) OF KeyTransportRecipientInfo, + digestAlgorithms DigestAlgorithmIdentifiers, + encryptedContentInfo EncryptedContentInfo, + certificates [0] CertificateSet OPTIONAL, + crls [1] CertificateRevocationLists OPTIONAL, + signerInfos + SET SIZE (1..MAX) OF + SignerInfo + (WITH COMPONENTS { + ..., + signerIdentifier (WITH COMPONENTS { + issuerAndSerialNumber PRESENT + }), + authenticatedAttributes ABSENT, + unauthenticatedAttributes ABSENT + }) +} + +-- Digested Data +digested-data PKCS7-CONTENT-TYPE ::= { + DigestedData + IDENTIFIED BY id-digested-data +} + +DigestedData ::= SEQUENCE { + version Version, + digestAlgorithm DigestAlgorithmIdentifier, + contentInfo ContentInfo, + digest HASH{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable})} +} + +-- Encrypted Data +encrypted-data PKCS7-CONTENT-TYPE ::= { + EncryptedData + IDENTIFIED BY id-encrypted-data +} + +EncryptedData ::= SEQUENCE { + version Version, + encryptedContentInfo EncryptedContentInfo, + unprotectedAttributes [1] Attributes OPTIONAL +} + +-- Authenticated Data +authenticated-data PKCS7-CONTENT-TYPE ::= { + AuthenticatedData + IDENTIFIED BY id-authenticated-data +} + +AuthenticatedData ::= SEQUENCE { + version Version, + originatorInfo [0] OriginatorInfo OPTIONAL, + recipientInfos RecipientInfos, + macAlgorithm MessageAuthenticationCodeAlgorithmIdentifier, + digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL, + contentInfo ContentInfo, + authenticatedAttributes [2] Attributes OPTIONAL, + messageAuthenticationCode MessageAuthenticationCode, + unauthenticatedAttributes [3] Attributes OPTIONAL +} + +MessageAuthenticationCodeAlgorithmIdentifier ::= AlgorithmIdentifier + +MessageAuthenticationCode ::= OCTET STRING + +-- Object Identifiers +id-pkcs OBJECT IDENTIFIER ::= + {iso member-body usa(840) rsadsi(113549) pkcs(1)} + +id-data OBJECT IDENTIFIER ::= {id-pkcs 7 1} + +id-signed-data OBJECT IDENTIFIER ::= {id-pkcs 7 2} + +id-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 3} + +id-signed-and-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 4} + +id-digested-data OBJECT IDENTIFIER ::= {id-pkcs 7 5} + +id-encrypted-data OBJECT IDENTIFIER ::= {id-pkcs 7 6} + +id-authenticated-data OBJECT IDENTIFIER ::= {id-pkcs 9 16 1 2} + +-- Definitions from PKCS#6 +ExtendedCertificate ::= + SIGNED{ExtendedCertificateInfo} + +ExtendedCertificateInfo ::= SEQUENCE { + version Version, + certificate Certificate, + attributes Attributes +} + +Attributes ::= SET OF Attribute + +END -- of PKCS#7 + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D + |