--#comment "Copyright (C) Microsoft Corporation, 1996-1999. All rights reserved."--
--#comment "ASN.1 definitions for PFXPKCS"--

--#SS.basic lenptr--   -- set of and sequence of w/o size constraint
--#SS.sized lenptr--   -- set of and sequence of w/  size constraint
--#oid array--         -- object identifier is 16-node fixed array

PFXPKCS
DEFINITIONS IMPLICIT TAGS ::=
BEGIN

ObjectID ::= OBJECT IDENTIFIER --#oid array--
ObjID ::= ObjectID

Any ::= ANY

ObjectIdentifierType ::= ObjectID --#public--
OctetStringType ::= OCTET STRING --#public--
IntegerType ::= INTEGER --#intx-- --#public--
HugeInteger ::= INTEGER --#intx-- (0..MAX)

------------------------------------------------------------------------------
-- from PKCS #1

RSAPublicKey ::= SEQUENCE {
    modulus         HugeInteger,              -- n
    publicExponent  HugeInteger } --#public--   -- e

RSAPrivateKey ::= SEQUENCE {
    version         Version,
    modulus         HugeInteger,              -- n
    publicExponent  INTEGER,                  -- e
    privateExponent HugeInteger,              -- d
    prime1          HugeInteger,              -- p
    prime2          HugeInteger,              -- q
    exponent1       HugeInteger,              -- d mod (p-1)
    exponent2       HugeInteger,              -- d mod (q-1)
    coefficient     HugeInteger } --#public--   -- (inverse of q) mod p

------------------------------------------------------------------------------
-- from PKCS #8

PrivateKeyInfo ::= SEQUENCE {
  version             Version,
  privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
  privateKey          PrivateKey,
  attributes          [0] IMPLICIT Attributes OPTIONAL 
} --#public--

Version ::= INTEGER
PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
PrivateKey ::= OCTET STRING


EncryptedPrivateKeyInfo ::= SEQUENCE {
    encryptionAlgorithm     EncryptionAlgorithmIdentifier,
    encryptedData           EncryptedData
} --#public--

EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
EncryptedData ::= SEQUENCE {
    version             Version,
    encryptedContentInfo    EncryptedContentInfo
} --#public--

EncryptedContentInfo ::= SEQUENCE {
    contentType             ContentType,
    contentEncryptionAlg    ContentEncryptionAlgorithmIdentifier,
    encryptedContent        [0] IMPLICIT EncryptedContent OPTIONAL 
} 
ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
EncryptedContent ::= OCTET STRING

------------------------------------------------------------------------------
AlgorithmIdentifier     ::=     SEQUENCE {
	algorithm                               ObjectID,
	parameters                              ANY OPTIONAL
}

PBEParameter ::= SEQUENCE {
    salt                    OCTET STRING,
    iterationCount          INTEGER 
} --#public--

DigestInfo ::= SEQUENCE {
	digestAlgorithm                 DigestAlgorithmIdentifier,
	digest                                  Digest
} --#public--

DigestAlgorithmIdentifier ::= AlgorithmIdentifier

Digest ::= OCTET STRING


-- attributes, hacked from X.509

AttributeSetValue   ::= SET --#public-- OF ANY

Attribute ::= SEQUENCE {                            -- hacked from X.509
	attributeType       ObjectID,
	attributeValue      AttributeSetValue }

Attributes    ::= SET --#public-- OF Attribute           -- hacked from X.509



-------------------------------
-- from PKCS #7
ContentType ::= ObjectID

ContentInfo ::= SEQUENCE {
    contentType ContentType,
    content     [0] EXPLICIT ANY OPTIONAL
}



------------------------------------------------------------------------------
PFX ::= SEQUENCE {
    version         Version (3),
    authSafes       ContentInfo,
	-- signedData in public-key integrity mode, and
	-- data in password integrity mode. See PKCS #7

    macData         MacData     OPTIONAL
	-- present only in password integrity mode
} --#public--


MacData ::= SEQUENCE {
    safeMac                             DigestInfo,     -- see PKCS #7
    macSalt                             OCTET STRING,
	macIterationCount       INTEGER DEFAULT 1 
} --#public--

AuthenticatedSafes ::= SEQUENCE --#public-- OF ContentInfo
	    -- data if unencrypted
	    -- encryptedData if password encrypted
	    -- envelopedData if public key encrypted

SafeContents ::= SEQUENCE --#public-- OF SafeBag 

SafeBag ::= SEQUENCE {
    safeBagType     ObjectID,
    safeBagContent [0]  EXPLICIT ANY DEFINED BY safeBagType,
    safeBagAttribs  Attributes  OPTIONAL
} --#public--


CertBag ::= SEQUENCE {
    certType    ObjectID,
    value       [0]  EXPLICIT ANY DEFINED BY certType
} --#public--
X509Cert ::= OCTET STRING
SDSICert ::= IA5String

CRLBag ::= SEQUENCE {
    crlType     ObjectID,
    value       [0]  EXPLICIT ANY DEFINED BY crlType
} --#public--
X509CRL ::= OCTET STRING

KeyBag ::= PrivateKeyInfo              -- see PKCS #8

Pkcs-8ShroudedKeyBag ::= EncryptedPrivateKeyInfo     -- see PKCS #8


SecretBag ::= SEQUENCE {
    secretType      ObjectID,
    secretContent [0]   EXPLICIT ANY DEFINED BY secretType
} --#public--


END