aboutsummaryrefslogtreecommitdiffstats
path: root/lib/asn1/test/asn1_SUITE_data/rfcs/Notation.asn1
blob: 96dfc39b6aa7bb8776f765f5f1ff8a9f818ceb55 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
-- Module Notation (X.830:04/1995)

Notation {joint-iso-itu-t genericULS(20) modules(1) notation(1)} DEFINITIONS
AUTOMATIC TAGS ::=
BEGIN

-- EXPORTS All 
IMPORTS
  -- From Directory Standards: 
  informationFramework, selectedAttributeTypes, authenticationFramework
    FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
      usefulDefinitions(0) 3}
  Name
    FROM InformationFramework informationFramework
  UniqueIdentifier
    FROM SelectedAttributeTypes selectedAttributeTypes
  AlgorithmIdentifier
    FROM AuthenticationFramework authenticationFramework
  -- From Other GULS Modules: 
  genericProtectingTransferSyntax
    FROM ObjectIdentifiers {joint-iso-itu-t genericULS(20) modules(1)
      objectIdentifiers(0)}
  SyntaxStructure{}
    FROM GenericProtectingTransferSyntax genericProtectingTransferSyntax;

-- ************************************************* 
-- Notation for security identity and SA-identifiers 
-- ************************************************* 
-- Values of the SecurityIdentity type are used to identify entities
-- which assign externally-established security association identifiers,
-- and for other security-related purposes requiring globally-unique
-- identifiers.
SecurityIdentity ::= CHOICE {
  directoryName     Name,
  objectIdentifier  OBJECT IDENTIFIER
}

ExternalSAID ::= SEQUENCE {
  localSAID         INTEGER,
  assignerIdentity  SecurityIdentity OPTIONAL
  -- Identity of the system which assigned the integer value
}

-- ****************************************** 
-- Notation for specifying security exchanges 
-- ****************************************** 
SECURITY-EXCHANGE ::=
  CLASS
   -- This information object class definition is for use when
  -- specifying a particular instance of a security exchange.
  {
  &SE-Items       SEC-EXCHG-ITEM,
  -- This is an ASN.1 information object set, comprising a set
  -- of security exchange items
  &sE-Identifier  Identifier UNIQUE
  -- A local or global identifier for the particular security
  -- exchange
}
WITH SYNTAX
 -- The following syntax is used to specify a particular security
-- exchange.
{SE-ITEMS &SE-Items
 IDENTIFIER &sE-Identifier
}

Identifier ::= CHOICE {local   INTEGER,
                       global  OBJECT IDENTIFIER
}

SEC-EXCHG-ITEM ::= CLASS {
  &ItemType  ,
  --  ASN.1 type for this exchange item
  &itemId    INTEGER,
  --  Identifier for this item, e.g. 1, 2, 3, ..
  &Errors    SE-ERROR OPTIONAL
  --  Optional list of errors which may result from
  --  transfer of this item
}WITH SYNTAX {ITEM-TYPE &ItemType
              ITEM-ID &itemId
              [ERRORS &Errors]
}

SE-ERROR ::= CLASS {
  &ParameterType  OPTIONAL,
  -- ASN.1 type of a parameter to accompany the signalling
  -- of the error condition back to the sender of the SEI
  &errorCode      Identifier UNIQUE
  -- An identifier used in signalling the error condition
  -- back to the sender of the SEI
}WITH SYNTAX {[PARAMETER &ParameterType]
              ERROR-CODE &errorCode
}

-- ************************************************ 
-- Notation for specifying security transformations 
-- ************************************************ 
SECURITY-TRANSFORMATION ::=
  CLASS
   -- This information object class definition is for use when
  -- specifying a particular instance of a security transformation.
  {
  &sT-Identifier           OBJECT IDENTIFIER UNIQUE,
  -- Identifier to be used in signalling the application
  -- of the particular security transformation
  &initialEncodingRules    OBJECT IDENTIFIER DEFAULT {joint-iso-ccitt 
                                                      asn1(1) ber-derived(2)
                                                      canonical-encoding(0)},
  -- Default initial encoding rules to generate a bit
  -- string prior to applying the encoding process of a
  -- security transformation.
  &StaticUnprotectedParm   OPTIONAL,
  -- ASN.1 type for conveying static unprotected parameters
  &DynamicUnprotectedParm  OPTIONAL,
  -- ASN.1 type for conveying dynamic unprotected parameters
  &XformedDataType         ,
  -- ASN.1 type of the ASN.1 value produced by the security
  -- transformations encoding process
  &QualifierType           OPTIONAL
  -- &QualifierType specifies the ASN.1 type of the qualifier
  -- parameter used with the PROTECTED-Q notation.
}
WITH SYNTAX
 -- The following syntax is used to specify a particular security
-- transformation.
{
  IDENTIFIER &sT-Identifier
  [INITIAL-ENCODING-RULES &initialEncodingRules]
  [STATIC-UNPROT-PARM &StaticUnprotectedParm]
  [DYNAMIC-UNPROT-PARM &DynamicUnprotectedParm]
  XFORMED-DATA-TYPE &XformedDataType
  [QUALIFIER-TYPE &QualifierType]
}

-- ************************************************** 
-- Notation for specifying selective field protection 
-- ************************************************** 
PROTECTED{BaseType, PROTECTION-MAPPING:protectionReqd} ::= CHOICE {
  dirEncrypt
    BIT STRING
      (CONSTRAINED BY {
         BaseType-- dirEncrypt is for use only with the
         -- dirEncryptedTransformation,
         -- and generates the same encoding as the
         -- X.509/9594-8 ENCRYPTED type-- }),
  dirSign
    SEQUENCE {baseType        BaseType OPTIONAL,
              -- must be present for dirSignedTransformation
              -- and must be omitted for
              -- dirSignatureTransformation
              algorithmId     AlgorithmIdentifier,
              encipheredHash
                BIT STRING
                  (CONSTRAINED BY {
                     BaseType-- contains enciphered hash--
                     -- of a value of BaseType -- })}-- dirSign is for use only with the
  -- dirSignedTransformation or
  -- dirSignatureTransformation, and generates
  -- the same encoding as the corresponding
  -- X.509/9594-8 SIGNED or SIGNATURE type--,
  noTransform  [0]  BaseType,
  -- noTransform invokes no security transformation.
  -- Subject to security policy, noTransform may be used
  -- if adequate protection is provided by lower layers
  -- and any application relays through which the data
  -- may pass are trusted to maintain the required
  -- protection. This alternative may only be used
  -- if protectionReqd.&bypassPermitted is TRUE,
  direct       [1]  SyntaxStructure{{protectionReqd.&SecurityTransformation}},
  -- direct generates a protecting transfer syntax
  -- value, which is encoded using the same encoding
  -- rules as the surrounding ASN.1  (The type
  -- SyntaxStructure is imported from Rec. X.833 |
  -- ISO/IEC 11586-3)
  embedded
    [2]  EMBEDDED PDV
           (WITH COMPONENTS {
              identification  (WITH COMPONENTS {
                                 presentation-context-id  ,
                                 context-negotiation      (WITH COMPONENTS {
                                                             transfer-syntax  (CONSTRAINED BY {
                                                                    OBJECT
                                                                    IDENTIFIER:
                                                                    protectionReqd.
                                                                    &protTransferSyntax})
                                                           }),
                                 transfer-syntax          (CONSTRAINED BY {
                                                             OBJECT IDENTIFIER:
                                                             protectionReqd.
                                                               &protTransferSyntax})
                               }),
              data-value (CONTAINING BaseType )      
            
            -- The data value encoded is a value of type BaseType
            })
}

PROTECTED-Q{BaseType, PROTECTION-MAPPING:protectionReqd,
            PROTECTION-MAPPING.&SecurityTransformation.&QualifierType:qualifier}
  ::=
  PROTECTED{BaseType, protectionReqd}
    (CONSTRAINED BY {
       protectionReqd.&SecurityTransformation.&QualifierType:qualifier
       -- The value of qualifier must be made available to
       -- the security transformation used
       })

-- BaseType is the type to be protected, and protectionReqd is an
-- object of class PROTECTION-MAPPING. The use of PROTECTED requires
-- the importation into the user's module of the PROTECTED parameterized
-- type, together with the necessary PROTECTION-MAPPING object
-- definition.
-- ******************************************* 
-- Notation for specifying protection mappings 
-- ******************************************* 
PROTECTION-MAPPING ::= CLASS {
  &SecurityTransformation  SECURITY-TRANSFORMATION,
  -- &SecurityTransformation specifies an ASN.1 object set of the
  -- SECURITY-TRANSFORMATION class. Use of the particular
  -- protection mapping implies use of one of the specified
  -- transformations, with the choice being left to the
  -- encoding system. Rules for selecting between these security
  -- transformations may be specified in comments.
  &protTransferSyntax      OBJECT IDENTIFIER DEFAULT {joint-iso-itu-t
                                                      genericULS(20)
                                                      generalTransferSyntax(2)},
  -- Identifies the particular protecting transfer syntax to
  -- be used in an EMDEDDED PDV encoding for the embedded
  -- option.
  &bypassPermitted         BOOLEAN DEFAULT FALSE
  -- Indicates if bypassing of protection is permitted
}
WITH SYNTAX {
  SECURITY-TRANSFORMATION &SecurityTransformation
  [PROTECTING-TRANSFER-SYNTAX &protTransferSyntax]
  [BYPASS-PERMITTED &bypassPermitted]
}

END

-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D


-- content of stack:
--