2006-06-05 06:52:50 +00:00
|
|
|
-- H235-SECURITY-MESSAGES.asn
|
2004-05-24 08:42:29 +00:00
|
|
|
--
|
|
|
|
-- Taken from ITU ASN.1 database
|
2006-05-15 06:32:01 +00:00
|
|
|
-- http://www.itu.int/ITU-T/asn1/database/itu-t/h/h235.0/2005/H235-SECURITY-MESSAGES.asn
|
2004-05-24 08:42:29 +00:00
|
|
|
--
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- Module H235-SECURITY-MESSAGES (H.235.0:09/2005)
|
2004-05-24 08:42:29 +00:00
|
|
|
H235-SECURITY-MESSAGES DEFINITIONS AUTOMATIC TAGS ::=
|
|
|
|
BEGIN
|
|
|
|
|
|
|
|
-- EXPORTS All
|
|
|
|
ChallengeString ::= OCTET STRING(SIZE (8..128))
|
|
|
|
|
2013-09-18 02:48:29 +00:00
|
|
|
TimeStamp ::= INTEGER(1..4294967295) -- seconds since 00:00
|
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- 1/1/1970 UTC
|
2004-05-24 08:42:29 +00:00
|
|
|
RandomVal ::= INTEGER -- 32-bit Integer
|
|
|
|
|
|
|
|
Password ::= BMPString(SIZE (1..128))
|
|
|
|
|
|
|
|
Identifier ::= BMPString(SIZE (1..128))
|
|
|
|
|
|
|
|
KeyMaterial ::= BIT STRING(SIZE (1..2048))
|
|
|
|
|
|
|
|
NonStandardParameter ::= SEQUENCE {
|
|
|
|
nonStandardIdentifier OBJECT IDENTIFIER,
|
|
|
|
data OCTET STRING
|
|
|
|
}
|
|
|
|
|
2013-09-18 02:48:29 +00:00
|
|
|
-- if local octet representations of these bit strings are used they shall
|
2006-05-15 06:32:01 +00:00
|
|
|
-- utilize standard Network Octet ordering (e.g., Big Endian)
|
2004-05-24 08:42:29 +00:00
|
|
|
DHset ::= SEQUENCE {
|
|
|
|
halfkey BIT STRING(SIZE (0..2048)), -- = g^x mod n
|
|
|
|
modSize BIT STRING(SIZE (0..2048)), -- n
|
|
|
|
generator BIT STRING(SIZE (0..2048)), -- g
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
ECpoint ::=
|
2013-09-18 02:48:29 +00:00
|
|
|
SEQUENCE -- uncompressed (x, y) affine coordinate representation of
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- an elliptic curve point
|
|
|
|
{
|
2004-05-24 08:42:29 +00:00
|
|
|
x BIT STRING(SIZE (0..511)) OPTIONAL,
|
|
|
|
y BIT STRING(SIZE (0..511)) OPTIONAL,
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
ECKASDH ::=
|
|
|
|
CHOICE -- parameters for elliptic curve key agreement scheme Diffie-Hellman
|
|
|
|
{
|
|
|
|
eckasdhp
|
|
|
|
SEQUENCE-- parameters for elliptic curves of prime field-- {public-key
|
2006-05-15 06:32:01 +00:00
|
|
|
ECpoint, -- This field contains representation of --
|
2013-09-18 02:48:29 +00:00
|
|
|
-- the ECKAS-DHp public key value. This field contains the
|
|
|
|
-- initiator's ECKAS-DHp public key value (aP) when this
|
|
|
|
-- information element is sent from originator to receiver. This
|
|
|
|
-- field contains the responder's ECKAS-DHp public key value (bP)
|
|
|
|
-- when this information element is sent back from receiver to
|
2006-05-15 06:32:01 +00:00
|
|
|
-- originator.
|
2004-05-24 08:42:29 +00:00
|
|
|
modulus
|
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511)), -- This field contains --
|
|
|
|
-- representation of the ECKAS-DHp public modulus value (p).
|
2004-05-24 08:42:29 +00:00
|
|
|
base
|
2006-05-15 06:32:01 +00:00
|
|
|
ECpoint, -- This field contains representation of the --
|
|
|
|
-- ECKAS-DHp public base (P).
|
2004-05-24 08:42:29 +00:00
|
|
|
weierstrassA
|
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511)), -- This field contains --
|
|
|
|
-- representation of the ECKAS-DHp Weierstrass coefficient (a).
|
2004-05-24 08:42:29 +00:00
|
|
|
weierstrassB
|
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511))-- This field contains --
|
|
|
|
-- representation of the ECKAS-DHp Weierstrass coefficient (b).
|
2004-05-24 08:42:29 +00:00
|
|
|
},
|
|
|
|
eckasdh2
|
|
|
|
SEQUENCE-- parameters for elliptic curves of characteristic 2 -- {public-key
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
ECpoint, -- This field contains representation of --
|
|
|
|
-- the ECKAS-DH2 public key value.
|
2013-09-18 02:48:29 +00:00
|
|
|
-- This field contains the initiator's ECKAS-DH2 public key value
|
|
|
|
-- (aP) when this information element is sent from originator to
|
|
|
|
-- receiver. This field contains the responder's ECKAS-DH2 public
|
|
|
|
-- key value (bP) when this information element is sent back from
|
2006-05-15 06:32:01 +00:00
|
|
|
-- receiver to originator.
|
2004-05-24 08:42:29 +00:00
|
|
|
fieldSize
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511)), -- This field contains --
|
|
|
|
-- representation of the ECKAS-DH2 field size value (m).
|
2004-05-24 08:42:29 +00:00
|
|
|
base
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
ECpoint, -- This field contains representation of the --
|
|
|
|
-- ECKAS-DH2 public base (P).
|
2004-05-24 08:42:29 +00:00
|
|
|
weierstrassA
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511)), -- This field contains --
|
|
|
|
-- representation of the ECKAS-DH2 Weierstrass coefficient (a).
|
2004-05-24 08:42:29 +00:00
|
|
|
weierstrassB
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
BIT STRING
|
|
|
|
(SIZE (0..
|
2006-05-15 06:32:01 +00:00
|
|
|
511))-- This field contains --
|
|
|
|
-- representation of the ECKAS-DH2 Weierstrass coefficient (b).
|
2004-05-24 08:42:29 +00:00
|
|
|
},
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
ECGDSASignature ::=
|
2013-09-18 02:48:29 +00:00
|
|
|
SEQUENCE -- parameters for elliptic curve digital signature
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- algorithm
|
|
|
|
{
|
2013-09-18 02:48:29 +00:00
|
|
|
r BIT STRING(SIZE (0..511)), -- This field contains the
|
|
|
|
|
|
|
|
-- representation of the r component of the ECGDSA digital
|
2006-05-15 06:32:01 +00:00
|
|
|
-- signature.
|
|
|
|
s BIT STRING(SIZE (0..511))-- This field contains the --
|
2013-09-18 02:48:29 +00:00
|
|
|
-- representation of the s component of the ECGDSA digital
|
2006-05-15 06:32:01 +00:00
|
|
|
-- signature.
|
2004-05-24 08:42:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
TypedCertificate ::= SEQUENCE {
|
|
|
|
type OBJECT IDENTIFIER,
|
|
|
|
certificate OCTET STRING,
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
AuthenticationBES ::= CHOICE {
|
|
|
|
default NULL, -- encrypted ClearToken
|
|
|
|
radius NULL, -- RADIUS-challenge/response
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
AuthenticationMechanism ::= CHOICE {
|
|
|
|
dhExch NULL, -- Diffie-Hellman
|
|
|
|
pwdSymEnc NULL, -- password with symmetric encryption
|
|
|
|
pwdHash NULL, -- password with hashing
|
|
|
|
certSign NULL, -- Certificate with signature
|
|
|
|
ipsec NULL, -- IPSEC based connection
|
|
|
|
tls NULL,
|
|
|
|
nonStandard NonStandardParameter, -- something else.
|
|
|
|
...,
|
2006-05-15 06:32:01 +00:00
|
|
|
authenticationBES AuthenticationBES, -- user authentication for BES
|
|
|
|
keyExch OBJECT IDENTIFIER -- key exchange profile
|
2004-05-24 08:42:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
ClearToken ::= SEQUENCE -- a "token" may contain multiple value types.
|
|
|
|
{
|
2006-05-15 06:32:01 +00:00
|
|
|
tokenOID OBJECT IDENTIFIER,
|
|
|
|
timeStamp TimeStamp OPTIONAL,
|
|
|
|
password Password OPTIONAL,
|
|
|
|
dhkey DHset OPTIONAL,
|
|
|
|
challenge ChallengeString OPTIONAL,
|
|
|
|
random RandomVal OPTIONAL,
|
|
|
|
certificate TypedCertificate OPTIONAL,
|
|
|
|
generalID Identifier OPTIONAL,
|
|
|
|
nonStandard NonStandardParameter OPTIONAL,
|
2004-05-24 08:42:29 +00:00
|
|
|
...,
|
2013-09-18 02:48:29 +00:00
|
|
|
eckasdhkey ECKASDH OPTIONAL, -- elliptic curve Key Agreement
|
|
|
|
|
|
|
|
-- Scheme-Diffie Hellman Analogue
|
2006-05-15 06:32:01 +00:00
|
|
|
-- (ECKAS-DH)
|
|
|
|
sendersID Identifier OPTIONAL,
|
|
|
|
h235Key H235Key OPTIONAL, -- central distributed key in V3
|
|
|
|
profileInfo SEQUENCE OF ProfileElement OPTIONAL -- profile-specific
|
2004-05-24 08:42:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
-- An object identifier should be placed in the tokenOID field when a
|
|
|
|
-- ClearToken is included directly in a message (as opposed to being
|
2006-05-15 06:32:01 +00:00
|
|
|
-- encrypted). In all other cases, an application should use the
|
2013-09-18 02:48:29 +00:00
|
|
|
-- object identifier { 0 0 } to indicate that the tokenOID value is not
|
2006-05-15 06:32:01 +00:00
|
|
|
-- present.
|
|
|
|
-- Start all the cryptographic parameterized types here...
|
2004-05-24 08:42:29 +00:00
|
|
|
--
|
2006-05-15 06:32:01 +00:00
|
|
|
ProfileElement ::= SEQUENCE {
|
2013-09-18 02:48:29 +00:00
|
|
|
elementID INTEGER(0..255), -- element identifier, as defined by
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- profile
|
|
|
|
paramS Params OPTIONAL, -- any element-specific parameters
|
|
|
|
element Element OPTIONAL, -- value in required form
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
Element ::= CHOICE {
|
|
|
|
octets OCTET STRING,
|
|
|
|
integer INTEGER,
|
|
|
|
bits BIT STRING,
|
|
|
|
name BMPString,
|
|
|
|
flag BOOLEAN,
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
SIGNED{ToBeSigned} ::= SEQUENCE {
|
|
|
|
toBeSigned ToBeSigned,
|
|
|
|
algorithmOID OBJECT IDENTIFIER,
|
|
|
|
paramS Params, -- any "runtime" parameters
|
2013-09-18 02:48:29 +00:00
|
|
|
signature BIT STRING -- could be an RSA or an ASN.1 coded ECGDSA Signature
|
2004-05-24 08:42:29 +00:00
|
|
|
}(CONSTRAINED BY { -- Verify or Sign Certificate --})
|
|
|
|
|
|
|
|
ENCRYPTED{ToBeEncrypted} ::= SEQUENCE {
|
|
|
|
algorithmOID OBJECT IDENTIFIER,
|
|
|
|
paramS Params, -- any "runtime" parameters
|
|
|
|
encryptedData OCTET STRING
|
|
|
|
}(CONSTRAINED BY { -- Encrypt or Decrypt --ToBeEncrypted})
|
|
|
|
|
|
|
|
HASHED{ToBeHashed} ::= SEQUENCE {
|
|
|
|
algorithmOID OBJECT IDENTIFIER,
|
|
|
|
paramS Params, -- any "runtime" parameters
|
|
|
|
hash BIT STRING
|
|
|
|
}(CONSTRAINED BY { -- Hash --ToBeHashed})
|
|
|
|
|
|
|
|
IV8 ::= OCTET STRING(SIZE (8)) -- initial value for 64-bit block ciphers
|
2013-09-18 02:48:29 +00:00
|
|
|
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
IV16 ::= OCTET STRING(SIZE (16)) -- initial value for 128-bit block ciphers
|
|
|
|
|
2013-09-18 02:48:29 +00:00
|
|
|
|
|
|
|
-- signing algorithm used must select one of these types of parameters
|
2004-05-24 08:42:29 +00:00
|
|
|
-- needed by receiving end of signature.
|
|
|
|
Params ::= SEQUENCE {
|
|
|
|
ranInt INTEGER OPTIONAL, -- some integer value
|
2006-05-15 06:32:01 +00:00
|
|
|
iv8 IV8 OPTIONAL, -- 8-octet initialization vector
|
2004-05-24 08:42:29 +00:00
|
|
|
...,
|
2006-05-15 06:32:01 +00:00
|
|
|
iv16 IV16 OPTIONAL, -- 16-octet initialization vector
|
2004-05-24 08:42:29 +00:00
|
|
|
iv OCTET STRING OPTIONAL, -- arbitrary length initialization vector
|
|
|
|
clearSalt OCTET STRING OPTIONAL -- unencrypted salting key for encryption
|
|
|
|
}
|
|
|
|
|
2006-06-05 06:52:50 +00:00
|
|
|
EncodedGeneralToken ::=
|
|
|
|
TYPE-IDENTIFIER.&Type(ClearToken -- general usage token --)
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
PwdCertToken ::=
|
|
|
|
ClearToken(WITH COMPONENTS {
|
|
|
|
...,
|
|
|
|
timeStamp PRESENT,
|
|
|
|
generalID PRESENT
|
|
|
|
})
|
|
|
|
|
2006-06-05 06:52:50 +00:00
|
|
|
EncodedPwdCertToken ::= TYPE-IDENTIFIER.&Type(PwdCertToken)
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
CryptoToken ::= CHOICE {
|
|
|
|
cryptoEncryptedToken
|
|
|
|
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
|
|
|
OBJECT
|
|
|
|
IDENTIFIER,
|
|
|
|
token
|
|
|
|
ENCRYPTED
|
|
|
|
{EncodedGeneralToken}
|
|
|
|
},
|
|
|
|
cryptoSignedToken
|
|
|
|
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
|
|
|
OBJECT
|
|
|
|
IDENTIFIER,
|
|
|
|
token
|
|
|
|
SIGNED
|
|
|
|
{EncodedGeneralToken}
|
|
|
|
},
|
|
|
|
cryptoHashedToken
|
|
|
|
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
|
|
|
OBJECT
|
|
|
|
IDENTIFIER,
|
|
|
|
hashedVals
|
|
|
|
ClearToken,
|
|
|
|
token
|
|
|
|
HASHED
|
|
|
|
{EncodedGeneralToken}
|
|
|
|
},
|
|
|
|
cryptoPwdEncr ENCRYPTED{EncodedPwdCertToken},
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
-- These allow the passing of session keys within the H.245 OLC structure.
|
2013-09-18 02:48:29 +00:00
|
|
|
-- They are encoded as standalone ASN.1 and based as an OCTET STRING within
|
2006-05-15 06:32:01 +00:00
|
|
|
-- H.245
|
2004-05-24 08:42:29 +00:00
|
|
|
H235Key ::=
|
2006-05-15 06:32:01 +00:00
|
|
|
CHOICE -- This is used with the H.245 or ClearToken "h235Key" field
|
2004-05-24 08:42:29 +00:00
|
|
|
{
|
|
|
|
secureChannel KeyMaterial,
|
|
|
|
sharedSecret ENCRYPTED{EncodedKeySyncMaterial},
|
|
|
|
certProtectedKey SIGNED{EncodedKeySignedMaterial},
|
|
|
|
...,
|
2006-05-15 06:32:01 +00:00
|
|
|
secureSharedSecret V3KeySyncMaterial -- for H.235 V3 endpoints
|
2004-05-24 08:42:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
KeySignedMaterial ::= SEQUENCE {
|
|
|
|
generalId Identifier, -- slave's alias
|
|
|
|
mrandom RandomVal, -- master's random value
|
|
|
|
srandom RandomVal OPTIONAL, -- slave's random value
|
|
|
|
timeStamp TimeStamp OPTIONAL, -- master's timestamp for unsolicited EU
|
|
|
|
encrptval ENCRYPTED{EncodedKeySyncMaterial}
|
|
|
|
}
|
|
|
|
|
2006-06-05 06:52:50 +00:00
|
|
|
EncodedKeySignedMaterial ::= TYPE-IDENTIFIER.&Type(KeySignedMaterial)
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
H235CertificateSignature ::= SEQUENCE {
|
|
|
|
certificate TypedCertificate,
|
|
|
|
responseRandom RandomVal,
|
|
|
|
requesterRandom RandomVal OPTIONAL,
|
|
|
|
signature SIGNED{EncodedReturnSig},
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
|
|
|
ReturnSig ::= SEQUENCE {
|
|
|
|
generalId Identifier, -- slave's alias
|
|
|
|
responseRandom RandomVal,
|
|
|
|
requestRandom RandomVal OPTIONAL,
|
|
|
|
certificate TypedCertificate OPTIONAL -- requested certificate
|
|
|
|
}
|
|
|
|
|
2006-06-05 06:52:50 +00:00
|
|
|
EncodedReturnSig ::= TYPE-IDENTIFIER.&Type(ReturnSig)
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
KeySyncMaterial ::= SEQUENCE {
|
|
|
|
generalID Identifier,
|
|
|
|
keyMaterial KeyMaterial,
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
2006-06-05 06:52:50 +00:00
|
|
|
EncodedKeySyncMaterial ::= TYPE-IDENTIFIER.&Type(KeySyncMaterial)
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
V3KeySyncMaterial ::= SEQUENCE {
|
2006-05-15 06:32:01 +00:00
|
|
|
generalID Identifier OPTIONAL, -- peer terminal ID
|
|
|
|
algorithmOID OBJECT IDENTIFIER OPTIONAL, -- encryption algorithm
|
|
|
|
paramS Params, -- IV
|
|
|
|
encryptedSessionKey OCTET STRING OPTIONAL, -- encrypted session key
|
2013-09-18 02:48:29 +00:00
|
|
|
encryptedSaltingKey OCTET STRING OPTIONAL, -- encrypted media salting
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- key
|
2013-09-18 02:48:29 +00:00
|
|
|
clearSaltingKey OCTET STRING OPTIONAL, -- unencrypted media salting
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- key
|
2013-09-18 02:48:29 +00:00
|
|
|
paramSsalt Params OPTIONAL, -- IV (and clear salt) for salting
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- key encryption
|
2013-09-18 02:48:29 +00:00
|
|
|
keyDerivationOID OBJECT IDENTIFIER OPTIONAL, -- key derivation
|
|
|
|
|
2006-05-15 06:32:01 +00:00
|
|
|
-- method
|
|
|
|
...,
|
|
|
|
genericKeyMaterial OCTET STRING OPTIONAL -- ASN.1-encoded key material--
|
|
|
|
-- form is dependent on associated media encryption tag
|
2004-05-24 08:42:29 +00:00
|
|
|
}
|
|
|
|
|
2013-09-18 02:48:29 +00:00
|
|
|
END -- End of H235-SECURITY-MESSAGES DEFINITIONS
|
2004-05-24 08:42:29 +00:00
|
|
|
|
|
|
|
-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
|
|
|
|
|