1-- From RFC 3369 -- 2-- $Id$ -- 3 4CMS DEFINITIONS ::= BEGIN 5 6IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name, 7 Attribute, Certificate, SubjectKeyIdentifier FROM rfc2459 8 heim_any, heim_any_set FROM heim; 9 10id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) 11 us(840) rsadsi(113549) pkcs(1) pkcs7(7) } 12 13id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 } 14id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 } 15id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 } 16id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 } 17id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 } 18id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 } 19 20CMSVersion ::= INTEGER { 21 CMSVersion_v0(0), 22 CMSVersion_v1(1), 23 CMSVersion_v2(2), 24 CMSVersion_v3(3), 25 CMSVersion_v4(4) 26} 27 28DigestAlgorithmIdentifier ::= AlgorithmIdentifier 29DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier 30SignatureAlgorithmIdentifier ::= AlgorithmIdentifier 31 32ContentType ::= OBJECT IDENTIFIER 33MessageDigest ::= OCTET STRING 34 35ContentInfo ::= SEQUENCE { 36 contentType ContentType, 37 content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType 38} 39 40EncapsulatedContentInfo ::= SEQUENCE { 41 eContentType ContentType, 42 eContent [0] EXPLICIT OCTET STRING OPTIONAL 43} 44 45CertificateSet ::= SET OF heim_any 46 47CertificateList ::= Certificate 48 49CertificateRevocationLists ::= SET OF CertificateList 50 51IssuerAndSerialNumber ::= SEQUENCE { 52 issuer Name, 53 serialNumber CertificateSerialNumber 54} 55 56-- RecipientIdentifier is same as SignerIdentifier, 57-- lets glue them togheter and save some bytes and share code for them 58 59CMSIdentifier ::= CHOICE { 60 issuerAndSerialNumber IssuerAndSerialNumber, 61 subjectKeyIdentifier [0] SubjectKeyIdentifier 62} 63 64SignerIdentifier ::= CMSIdentifier 65RecipientIdentifier ::= CMSIdentifier 66 67--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes 68--- to store space and share code 69 70CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) 71 72SignatureValue ::= OCTET STRING 73 74SignerInfo ::= SEQUENCE { 75 version CMSVersion, 76 sid SignerIdentifier, 77 digestAlgorithm DigestAlgorithmIdentifier, 78 signedAttrs [0] IMPLICIT -- CMSAttributes -- 79 SET OF Attribute OPTIONAL, 80 signatureAlgorithm SignatureAlgorithmIdentifier, 81 signature SignatureValue, 82 unsignedAttrs [1] IMPLICIT -- CMSAttributes -- 83 SET OF Attribute OPTIONAL 84} 85 86SignerInfos ::= SET OF SignerInfo 87 88SignedData ::= SEQUENCE { 89 version CMSVersion, 90 digestAlgorithms DigestAlgorithmIdentifiers, 91 encapContentInfo EncapsulatedContentInfo, 92 certificates [0] IMPLICIT -- CertificateSet -- 93 SET OF heim_any OPTIONAL, 94 crls [1] IMPLICIT -- CertificateRevocationLists -- 95 heim_any OPTIONAL, 96 signerInfos SignerInfos 97} 98 99OriginatorInfo ::= SEQUENCE { 100 certs [0] IMPLICIT -- CertificateSet -- 101 SET OF heim_any OPTIONAL, 102 crls [1] IMPLICIT --CertificateRevocationLists -- 103 heim_any OPTIONAL 104} 105 106KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 107ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier 108 109EncryptedKey ::= OCTET STRING 110 111KeyTransRecipientInfo ::= SEQUENCE { 112 version CMSVersion, -- always set to 0 or 2 113 rid RecipientIdentifier, 114 keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, 115 encryptedKey EncryptedKey 116} 117 118RecipientInfo ::= KeyTransRecipientInfo 119 120RecipientInfos ::= SET OF RecipientInfo 121 122EncryptedContent ::= OCTET STRING 123 124EncryptedContentInfo ::= SEQUENCE { 125 contentType ContentType, 126 contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, 127 encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL 128} 129 130UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX) 131 132CMSEncryptedData ::= SEQUENCE { 133 version CMSVersion, 134 encryptedContentInfo EncryptedContentInfo, 135 unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- 136 heim_any OPTIONAL 137} 138 139EnvelopedData ::= SEQUENCE { 140 version CMSVersion, 141 originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL, 142 recipientInfos RecipientInfos, 143 encryptedContentInfo EncryptedContentInfo, 144 unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- 145 heim_any OPTIONAL 146} 147 148-- Data ::= OCTET STRING 149 150CMSRC2CBCParameter ::= SEQUENCE { 151 rc2ParameterVersion INTEGER (0..4294967295), 152 iv OCTET STRING -- exactly 8 octets 153} 154 155CMSCBCParameter ::= OCTET STRING 156 157END 158