aboutsummaryrefslogtreecommitdiffstats
path: root/lib/asn1/test/asn1_SUITE_data/x420/IPMSSecurityExtensions.asn
blob: 8c692ccb310852d41b1984abed207aa3bda08e64 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
-- Module IPMSSecurityExtensions (X.420:06/1999)
IPMSSecurityExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
  ipm-security-extensions(14) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
BEGIN

-- Prologue
-- Exports everything
IMPORTS
  -- MTS Abstract Service
  Certificates, Content, ContentIntegrityCheck, ExtendedCertificates,
    EXTENSION, MessageOriginAuthenticationCheck, MessageToken, EncryptionKey
    --==
    FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
      mts-abstract-service(1) version-1999(1)}
  -- IPMS Information Objects
  IPMS-EXTENSION
    --==
    FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
      information-objects(2) version-1999(1)}
  -- IPMS Heading Extensions
  BodyPartNumber
    --==
    FROM IPMSHeadingExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
      heading-extensions(6) version-1999(1)}
  -- Directory Authentication Framework
  AlgorithmIdentifier, ENCRYPTED{}
    --==
    FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
      authenticationFramework(7) 3}
  -- Directory Certificate Extensions
  CertificateAssertion
    --==
    FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
      certificateExtensions(26) 0}
  -- IPMS Object Identifiers
  id-sec-ipm-security-request, id-sec-security-common-fields
    --==
    FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
      object-identifiers(0) version-1999(1)};

-- Recipient Security Request
recipient-security-request IPMS-EXTENSION ::= {
  VALUE          RecipientSecurityRequest,
  IDENTIFIED BY  id-sec-ipm-security-request
}

RecipientSecurityRequest ::= BIT STRING {
  content-non-repudiation(0), content-proof(1), ipn-non-repudiation(2),
  ipn-proof(3)}

-- IPN Security Response
ipn-security-response IPMS-EXTENSION ::= {
  VALUE          IpnSecurityResponse,
  IDENTIFIED BY  id-sec-security-common-fields
}

IpnSecurityResponse ::= SET {
  content-or-arguments
    CHOICE {original-content             OriginalContent,
            original-security-arguments
              SET {original-content-integrity-check
                     [0]  OriginalContentIntegrityCheck OPTIONAL,
                   original-message-origin-authentication-check
                     [1]  OriginalMessageOriginAuthenticationCheck OPTIONAL,
                   original-message-token
                     [2]  OriginalMessageToken OPTIONAL}},
  security-diagnostic-code  SecurityDiagnosticCode OPTIONAL
}

-- MTS security fields
OriginalContent ::= Content

OriginalContentIntegrityCheck ::= ContentIntegrityCheck

OriginalMessageOriginAuthenticationCheck ::= MessageOriginAuthenticationCheck

OriginalMessageToken ::= MessageToken

-- Security Diagnostic Codes
SecurityDiagnosticCode ::= INTEGER {
  integrity-failure-on-subject-message(0),
  integrity-failure-on-forwarded-message(1),
  moac-failure-on-subject-message(2), unsupported-security-policy(3),
  unsupported-algorithm-identifier(4), decryption-failed(5), token-error(6),
  unable-to-sign-notification(7), unable-to-sign-message-receipt(8),
  authentication-failure-on-subject-message(9),
  security-context-failure-message(10), message-sequence-failure(11),
  message-security-labelling-failure(12), repudiation-failure-of-message(13),
  failure-of-proof-of-message(14), signature-key-unobtainable(15),
  decryption-key-unobtainable(16), key-failure(17),
  unsupported-request-for-security-service(18),
  inconsistent-request-for-security-service(19),
  ipn-non-repudiation-provided-instead-of-content-proof(20),
  token-decryption-failed(21), double-enveloping-message-restoring-failure(22),
  unauthorised-dl-member(23), reception-security-failure(24),
  unsuitable-alternate-recipient(25), security-services-refusal(26),
  unauthorised-recipient(27), unknown-certification-authority-name(28),
  unknown-dl-name(29), unknown-originator-name(30), unknown-recipient-name(31),
  security-policy-violation(32)}

-- Security Envelope Extensions
body-part-encryption-token EXTENSION ::= {
  BodyPartTokens,
  RECOMMENDED CRITICALITY  {for-delivery},
  IDENTIFIED BY            standard-extension:43
}

BodyPartTokens ::=
  SET OF
    SET {body-part-number  BodyPartNumber,
         body-part-choice
           CHOICE {encryption-token              EncryptionToken,
                   message-or-content-body-part  [0]  BodyPartTokens}
    }

EncryptionToken ::= SET {
  encryption-algorithm-identifier  AlgorithmIdentifier,
  encrypted-key                    ENCRYPTED{EncryptionKey},
  recipient-certificate-selector   [0]  CertificateAssertion OPTIONAL,
  recipient-certificate            [1]  Certificates OPTIONAL,
  originator-certificate-selector  [2]  CertificateAssertion OPTIONAL,
  originator-certificates          [3]  ExtendedCertificates OPTIONAL,
  ...
}

forwarded-content-token EXTENSION ::= {
  ForwardedContentToken,
  RECOMMENDED CRITICALITY  {for-delivery},
  IDENTIFIED BY            standard-extension:44
}

ForwardedContentToken ::=
  SET OF
    SET {body-part-number  BodyPartNumber,
         body-part-choice
           CHOICE {forwarding-token              MessageToken,
                   message-or-content-body-part  ForwardedContentToken
         }}

END -- of IPMSSecurityExtensions

-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D