4
CMS DEFINITIONS ::= BEGIN
6
IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name,
7
Attribute, Certificate, Name, SubjectKeyIdentifier FROM rfc2459
8
heim_any, heim_any_set FROM heim;
10
id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
11
us(840) rsadsi(113549) pkcs(1) pkcs7(7) }
13
id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 }
14
id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 }
15
id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 }
16
id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 }
17
id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 }
18
id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 }
20
CMSVersion ::= INTEGER {
28
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
29
DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
30
SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
32
ContentType ::= OBJECT IDENTIFIER
33
MessageDigest ::= OCTET STRING
35
ContentInfo ::= SEQUENCE {
36
contentType ContentType,
37
content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType
40
EncapsulatedContentInfo ::= SEQUENCE {
41
eContentType ContentType,
42
eContent [0] EXPLICIT OCTET STRING OPTIONAL
45
CertificateSet ::= SET OF heim_any
47
CertificateList ::= Certificate
49
CertificateRevocationLists ::= SET OF CertificateList
51
IssuerAndSerialNumber ::= SEQUENCE {
53
serialNumber CertificateSerialNumber
56
-- RecipientIdentifier is same as SignerIdentifier,
57
-- lets glue them togheter and save some bytes and share code for them
59
CMSIdentifier ::= CHOICE {
60
issuerAndSerialNumber IssuerAndSerialNumber,
61
subjectKeyIdentifier [0] SubjectKeyIdentifier
64
SignerIdentifier ::= CMSIdentifier
65
RecipientIdentifier ::= CMSIdentifier
67
--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes
68
--- to store space and share code
70
CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX)
72
SignatureValue ::= OCTET STRING
74
SignerInfo ::= SEQUENCE {
77
digestAlgorithm DigestAlgorithmIdentifier,
78
signedAttrs [0] IMPLICIT -- CMSAttributes --
79
SET OF Attribute OPTIONAL,
80
signatureAlgorithm SignatureAlgorithmIdentifier,
81
signature SignatureValue,
82
unsignedAttrs [1] IMPLICIT -- CMSAttributes --
83
SET OF Attribute OPTIONAL
86
SignerInfos ::= SET OF SignerInfo
88
SignedData ::= SEQUENCE {
90
digestAlgorithms DigestAlgorithmIdentifiers,
91
encapContentInfo EncapsulatedContentInfo,
92
certificates [0] IMPLICIT -- CertificateSet --
93
SET OF heim_any OPTIONAL,
94
crls [1] IMPLICIT -- CertificateRevocationLists --
96
signerInfos SignerInfos
99
OriginatorInfo ::= SEQUENCE {
100
certs [0] IMPLICIT -- CertificateSet --
101
SET OF heim_any OPTIONAL,
102
crls [1] IMPLICIT --CertificateRevocationLists --
106
KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
107
ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
109
EncryptedKey ::= OCTET STRING
111
KeyTransRecipientInfo ::= SEQUENCE {
112
version CMSVersion, -- always set to 0 or 2
113
rid RecipientIdentifier,
114
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
115
encryptedKey EncryptedKey
118
RecipientInfo ::= KeyTransRecipientInfo
120
RecipientInfos ::= SET OF RecipientInfo
122
EncryptedContent ::= OCTET STRING
124
EncryptedContentInfo ::= SEQUENCE {
125
contentType ContentType,
126
contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
127
encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL
130
UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX)
132
CMSEncryptedData ::= SEQUENCE {
134
encryptedContentInfo EncryptedContentInfo,
135
unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
139
EnvelopedData ::= SEQUENCE {
141
originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL,
142
recipientInfos RecipientInfos,
143
encryptedContentInfo EncryptedContentInfo,
144
unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
148
-- Data ::= OCTET STRING
150
CMSRC2CBCParameter ::= SEQUENCE {
151
rc2ParameterVersion INTEGER (0..4294967295),
152
iv OCTET STRING -- exactly 8 octets
155
CMSCBCParameter ::= OCTET STRING