-- -- GlobalDirectives.ASN -- --#comment "Copyright (C) Microsoft Corporation, 1996-1999. All rights reserved."-- --#comment "ASN.1 definitions for GlobalDirectives"-- --#oid array-- -- object identifier is 16-node fixed array --#SS.basic lenptr-- -- set of and sequence of w/o size constraint --#SS.sized lenptr-- -- set of and sequence of w/ size constraint PKCS DEFINITIONS EXPLICIT TAGS ::= BEGIN ObjectID ::= OBJECT IDENTIFIER --#public-- --#oid array-- Any ::= ANY ObjectIdentifierType ::= ObjectID --#public-- OctetStringType ::= OCTET STRING --#public-- IntegerType ::= INTEGER --#public-- HugeIntegerType ::= INTEGER --#intx-- --#public-- BitStringType ::= BIT STRING --#lenptr-- ------------------------------------------------------------------------------ AlgorithmIdentifier ::= SEQUENCE { algorithm ObjectID, parameters ANY --#field "parameters"-- OPTIONAL } --#public-- AlgorithmIdentifierNC2 ::= SEQUENCE { algorithm ObjectID, parameters ANY --#nomemcpy-- --#field "parameters"-- OPTIONAL } --#public-- DigestInfo ::= SEQUENCE { digestAlgorithm DigestAlgorithmIdentifier, digest Digest } --#public-- DigestAlgorithmIdentifier ::= AlgorithmIdentifier Digest ::= OCTET STRING CertificateRevocationList ::= ANY -- hacked from X.509 CertificateRevocationListNC ::= ANY --#nomemcpy-- CertificateSerialNumber ::= HugeIntegerType -- copied from X.509 Name ::= ANY -- hacked from X.509 Certificate ::= ANY -- hacked from PKCS-6 CertificateNC ::= ANY --#nomemcpy-- AlgorithmIdentifiers ::= SET --#public-- OF AlgorithmIdentifier AttributeSetValue ::= SET --#public-- OF ANY AttributeSetValueNC ::= SET --#public-- OF ANY --#nomemcpy-- AlgorithmIdentifierNC ::= ANY --#nomemcpy-- DigestAlgorithmIdentifierNC ::= AlgorithmIdentifierNC SetOfAny ::= SET --#public-- OF ANY Attribute ::= SEQUENCE { -- hacked from X.509 attributeType ObjectID, attributeValue AttributeSetValue } AttributeNC2 ::= SEQUENCE { attributeType ObjectID, attributeValue AttributeSetValueNC } --#public-- AttributeNC ::= ANY --#nomemcpy-- Attributes ::= SET --#public-- OF Attribute -- hacked from X.509 AttributesNC ::= SET --#public-- --#type "AttributesNC"-- OF AttributeNC AttributesNC2 ::= SET --#public-- --#type "AttributesNC2"-- OF AttributeNC2 CertificateRevocationLists ::= SET --#type "Crls"-- OF CertificateRevocationList CertificateRevocationListsNC ::= SET --#public-- --#type "CrlsNC"-- OF CertificateRevocationListNC ContentEncryptionAlgId ::= AlgorithmIdentifier ContentEncryptionAlgIdNC ::= AlgorithmIdentifierNC DigestEncryptionAlgId ::= AlgorithmIdentifier -- X.509 DigestEncryptionAlgIdNC ::= AlgorithmIdentifierNC2 Certificates ::= SET --#type "Certificates"-- OF Certificate CertificatesNC ::= SET --#public-- --#type "CertificatesNC"-- OF CertificateNC IssuerAndSerialNumber ::= SEQUENCE { issuer Name, -- X.509 serialNumber CertificateSerialNumber -- X.509 } --#public-- KeyEncryptionAlgId ::= AlgorithmIdentifier ContentType ::= ObjectID ContentInfo ::= SEQUENCE { contentType ContentType, content [0] EXPLICIT ANY --#field "content"-- --#value "content"-- OPTIONAL } --#public-- ContentInfoNC ::= SEQUENCE { contentType ContentType, content [0] EXPLICIT ANY --#nomemcpy-- --#field "content"-- --#value "content"-- OPTIONAL } --#public-- Data ::= OCTET STRING SignedData ::= SEQUENCE { version INTEGER, digestAlgorithms DigestAlgorithmIdentifiers, contentInfo ContentInfo, certificates [0] IMPLICIT Certificates OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, signerInfos SignerInfos } --#public-- DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier -- PKCS-1 DigestAlgorithmIdentifiersNC ::= SET --#public-- --#type "DigestAlgorithmIdentifiersNC"-- OF DigestAlgorithmIdentifierNC SignerInfos ::= SET --#public-- OF SignerInfo SignerInfo ::= SEQUENCE { version INTEGER, -- sid may only be issuerAndSerialNumber or subjectKeyIdentifier sid CertIdentifier, digestAlgorithm DigestAlgorithmIdentifier, -- PKCS-1 authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, digestEncryptionAlgorithm DigestEncryptionAlgId, encryptedDigest EncryptedDigest, unauthenticatedAttributes [1] IMPLICIT Attributes --#field "unauthAttributes"-- OPTIONAL } --#public-- DigestAlgorithmBlobs ::= SET --#public-- OF DigestAlgorithmBlob DigestAlgorithmBlob ::= ANY --#nomemcpy-- SignedDataWithBlobs ::= SEQUENCE { version INTEGER, digestAlgorithms DigestAlgorithmIdentifiersNC, contentInfo ContentInfoNC, certificates [0] IMPLICIT CertificatesNC OPTIONAL, crls [1] IMPLICIT CertificateRevocationListsNC OPTIONAL, signerInfos SignerInfosNC } --#public-- SignerInfosNC ::= SET --#public-- OF ANY --#nomemcpy-- SignerInfoWithAABlobs ::= SET OF SignerInfoWithAABlob SignerInfoWithAABlob ::= SEQUENCE { version ANY --#nomemcpy--, sid ANY --#nomemcpy--, digestAlgorithm ANY --#nomemcpy--, authenticatedAttributes ANY --#nomemcpy--, digestEncryptionAlgorithm ANY --#nomemcpy--, encryptedDigest ANY --#nomemcpy--, unauthenticatedAttributes [1] IMPLICIT AttributesNC --#field "dummyUAAs"-- OPTIONAL } --#public-- SignerInfoWithAttrBlobs ::= SEQUENCE { version ANY --#nomemcpy--, sid ANY --#nomemcpy--, digestAlgorithm ANY --#nomemcpy--, authenticatedAttributes [0] IMPLICIT AttributesNC --#field "authAttributes"-- OPTIONAL, digestEncryptionAlgorithm DigestEncryptionAlgIdNC, encryptedDigest ANY --#nomemcpy--, unauthenticatedAttributes [1] IMPLICIT AttributesNC --#field "unauthAttributes"-- OPTIONAL } --#public-- SignerInfoWithBlobs ::= SEQUENCE { version INTEGER, sid CertIdentifierNC, digestAlgorithm DigestAlgorithmIdentifierNC, authenticatedAttributes [0] IMPLICIT AttributesNC2 --#field "authAttributes"-- OPTIONAL, digestEncryptionAlgorithm DigestEncryptionAlgIdNC, encryptedDigest EncryptedDigestNC, unauthenticatedAttributes [1] IMPLICIT AttributesNC2 --#field "unauthAttributes"-- OPTIONAL } --#public-- EncryptedDigest ::= OCTET STRING EncryptedDigestNC ::= OCTET STRING --#nomemcpy-- EnvelopedData ::= SEQUENCE { version INTEGER, recipientInfos RecipientInfos, encryptedContentInfo EncryptedContentInfo } --#public-- RecipientInfos ::= SET --#public-- OF RecipientInfo EncryptedContentInfo ::= SEQUENCE { contentType ContentType, contentEncryptionAlgorithm ContentEncryptionAlgId, encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } --#public-- EncryptedContent ::= OCTET STRING RecipientInfo ::= SEQUENCE { version INTEGER, issuerAndSerialNumber IssuerAndSerialNumber, keyEncryptionAlgorithm KeyEncryptionAlgId, encryptedKey EncryptedKey } --#public-- EncryptedKey ::= OctetStringType SignedAndEnvelopedData ::= SEQUENCE { version INTEGER, recipientInfos RecipientInfos, digestAlgorithms DigestAlgorithmIdentifiers, encryptedContentInfo EncryptedContentInfo, certificates [0] IMPLICIT Certificates OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, signerInfos SignerInfos } --#public-- DigestedData ::= SEQUENCE { version INTEGER, digestAlgorithm DigestAlgorithmIdentifier, contentInfo ContentInfo, digest Digest } --#public-- EncryptedData ::= SEQUENCE { version INTEGER, encryptedContentInfo EncryptedContentInfo } --#public-- -------------------------------------------- -- CMS Changes -------------------------------------------- -------------------------------------------- -- New Cert Identifier -------------------------------------------- CertIdentifier ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber --#field "issuerAndSerialNumber"--, subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier --#field "subjectKeyIdentifier"-- } --#public-- CertIdentifierNC ::= ANY --#nomemcpy-- SubjectKeyIdentifier ::= OctetStringType -------------------------------------------- -- New CMS version of EnvelopedData -------------------------------------------- CmsEnvelopedData ::= SEQUENCE { version INTEGER, originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, recipientInfos CmsRecipientInfos, encryptedContentInfo EncryptedContentInfo, unprotectedAttrs [1] IMPLICIT Attributes OPTIONAL } --#public-- OriginatorInfo ::= SEQUENCE { certificates [0] IMPLICIT Certificates OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL } --#public-- OriginatorInfoNC ::= SEQUENCE { certificates [0] IMPLICIT CertificatesNC OPTIONAL, crls [1] IMPLICIT CertificateRevocationListsNC OPTIONAL } --#public-- -------------------------------------------- -- New CMS version of RecipientInfos -------------------------------------------- CmsRecipientInfos ::= SET --#public-- OF CmsRecipientInfo CmsRecipientInfo ::= CHOICE { keyTransRecipientInfo KeyTransRecipientInfo, keyAgreeRecipientInfo [1] IMPLICIT KeyAgreeRecipientInfo, mailListRecipientInfo [2] IMPLICIT MailListRecipientInfo } --#public-- -------------------------------------------- -- Key Transport RecipientInfo -------------------------------------------- KeyTransRecipientInfo ::= SEQUENCE { version INTEGER, -- always set to 0 or 2 -- rid may only be issuerAndSerialNumber or subjectKeyIdentifier rid CertIdentifier, keyEncryptionAlgorithm KeyEncryptionAlgId, encryptedKey EncryptedKey } --#public-- -------------------------------------------- -- Key Agreement RecipientInfo -------------------------------------------- KeyAgreeRecipientInfo ::= SEQUENCE { version INTEGER, -- always set to 3 -- originatorCert may only be issuerAndSerialNumber or subjectKeyIdentifier originator [0] EXPLICIT OriginatorIdentifierOrKey, ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, keyEncryptionAlgorithm KeyEncryptionAlgId, recipientEncryptedKeys RecipientEncryptedKeys } --#public-- OriginatorIdentifierOrKey ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber --#field "issuerAndSerialNumber"--, subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier --#field "subjectKeyIdentifier"--, originatorKey [1] IMPLICIT OriginatorPublicKey } OriginatorPublicKey ::= SEQUENCE { algorithm AlgorithmIdentifier, publicKey BitStringType } RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey UserKeyingMaterial ::= OctetStringType RecipientEncryptedKey ::= SEQUENCE { rid RecipientIdentifier, encryptedKey EncryptedKey } RecipientIdentifier ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber --#field "issuerAndSerialNumber"--, rKeyId [0] IMPLICIT RecipientKeyIdentifier } RecipientKeyIdentifier ::= SEQUENCE { subjectKeyIdentifier SubjectKeyIdentifier, date GeneralizedTime --#field "date"-- OPTIONAL, other OtherKeyAttribute --#field "other"-- OPTIONAL } OtherKeyAttribute ::= SEQUENCE { keyAttrId ObjectID, keyAttr ANY OPTIONAL } -------------------------------------------- -- Mail List RecipientInfo -------------------------------------------- MailListRecipientInfo ::= SEQUENCE { version INTEGER, -- always set to 4 mlid MailListKeyIdentifier, keyEncryptionAlgorithm KeyEncryptionAlgId, encryptedKey EncryptedKey } --#public-- MailListKeyIdentifier ::= SEQUENCE { kekIdentifier OctetStringType, date GeneralizedTime --#field "date"-- OPTIONAL, other OtherKeyAttribute --#field "other"-- OPTIONAL } END