357 lines
15 KiB
Groff
357 lines
15 KiB
Groff
-- H235-SECURITY-MESSAGES.asn
|
||
--
|
||
-- Taken from ITU ASN.1 database
|
||
-- http://www.itu.int/ITU-T/asn1/database/itu-t/h/h235.0/2005/H235-SECURITY-MESSAGES.asn
|
||
--
|
||
-- $Id$
|
||
--
|
||
|
||
-- Module H235-SECURITY-MESSAGES (H.235.0:09/2005)
|
||
H235-SECURITY-MESSAGES DEFINITIONS AUTOMATIC TAGS ::=
|
||
BEGIN
|
||
|
||
-- EXPORTS All
|
||
ChallengeString ::= OCTET STRING(SIZE (8..128))
|
||
|
||
TimeStamp ::= INTEGER(1..4294967295) -- seconds since 00:00
|
||
|
||
|
||
-- 1/1/1970 UTC
|
||
RandomVal ::= INTEGER -- 32-bit Integer
|
||
|
||
Password ::= BMPString(SIZE (1..128))
|
||
|
||
Identifier ::= BMPString(SIZE (1..128))
|
||
|
||
KeyMaterial ::= BIT STRING(SIZE (1..2048))
|
||
|
||
NonStandardParameter ::= SEQUENCE {
|
||
nonStandardIdentifier OBJECT IDENTIFIER,
|
||
data OCTET STRING
|
||
}
|
||
|
||
-- if local octet representations of these bit strings are used they shall
|
||
-- utilize standard Network Octet ordering (e.g., Big Endian)
|
||
DHset ::= SEQUENCE {
|
||
halfkey BIT STRING(SIZE (0..2048)), -- = g^x mod n
|
||
modSize BIT STRING(SIZE (0..2048)), -- n
|
||
generator BIT STRING(SIZE (0..2048)), -- g
|
||
...
|
||
}
|
||
|
||
ECpoint ::=
|
||
SEQUENCE -- uncompressed (x, y) affine coordinate representation of
|
||
|
||
-- an elliptic curve point
|
||
{
|
||
x BIT STRING(SIZE (0..511)) OPTIONAL,
|
||
y BIT STRING(SIZE (0..511)) OPTIONAL,
|
||
...
|
||
}
|
||
|
||
ECKASDH ::=
|
||
CHOICE -- parameters for elliptic curve key agreement scheme Diffie-Hellman
|
||
{
|
||
eckasdhp
|
||
SEQUENCE-- parameters for elliptic curves of prime field-- {public-key
|
||
ECpoint, -- This field contains representation of --
|
||
-- the ECKAS-DHp public key value. This field contains the
|
||
-- initiator's ECKAS-DHp public key value (aP) when this
|
||
-- information element is sent from originator to receiver. This
|
||
-- field contains the responder's ECKAS-DHp public key value (bP)
|
||
-- when this information element is sent back from receiver to
|
||
-- originator.
|
||
modulus
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511)), -- This field contains --
|
||
-- representation of the ECKAS-DHp public modulus value (p).
|
||
base
|
||
ECpoint, -- This field contains representation of the --
|
||
-- ECKAS-DHp public base (P).
|
||
weierstrassA
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511)), -- This field contains --
|
||
-- representation of the ECKAS-DHp Weierstrass coefficient (a).
|
||
weierstrassB
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511))-- This field contains --
|
||
-- representation of the ECKAS-DHp Weierstrass coefficient (b).
|
||
},
|
||
eckasdh2
|
||
SEQUENCE-- parameters for elliptic curves of characteristic 2 -- {public-key
|
||
|
||
ECpoint, -- This field contains representation of --
|
||
-- the ECKAS-DH2 public key value.
|
||
-- This field contains the initiator's ECKAS-DH2 public key value
|
||
-- (aP) when this information element is sent from originator to
|
||
-- receiver. This field contains the responder's ECKAS-DH2 public
|
||
-- key value (bP) when this information element is sent back from
|
||
-- receiver to originator.
|
||
fieldSize
|
||
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511)), -- This field contains --
|
||
-- representation of the ECKAS-DH2 field size value (m).
|
||
base
|
||
|
||
ECpoint, -- This field contains representation of the --
|
||
-- ECKAS-DH2 public base (P).
|
||
weierstrassA
|
||
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511)), -- This field contains --
|
||
-- representation of the ECKAS-DH2 Weierstrass coefficient (a).
|
||
weierstrassB
|
||
|
||
BIT STRING
|
||
(SIZE (0..
|
||
511))-- This field contains --
|
||
-- representation of the ECKAS-DH2 Weierstrass coefficient (b).
|
||
},
|
||
...
|
||
}
|
||
|
||
ECGDSASignature ::=
|
||
SEQUENCE -- parameters for elliptic curve digital signature
|
||
|
||
-- algorithm
|
||
{
|
||
r BIT STRING(SIZE (0..511)), -- This field contains the
|
||
|
||
-- representation of the r component of the ECGDSA digital
|
||
-- signature.
|
||
s BIT STRING(SIZE (0..511))-- This field contains the --
|
||
-- representation of the s component of the ECGDSA digital
|
||
-- signature.
|
||
}
|
||
|
||
TypedCertificate ::= SEQUENCE {
|
||
type OBJECT IDENTIFIER,
|
||
certificate OCTET STRING,
|
||
...
|
||
}
|
||
|
||
AuthenticationBES ::= CHOICE {
|
||
default NULL, -- encrypted ClearToken
|
||
radius NULL, -- RADIUS-challenge/response
|
||
...
|
||
}
|
||
|
||
AuthenticationMechanism ::= CHOICE {
|
||
dhExch NULL, -- Diffie-Hellman
|
||
pwdSymEnc NULL, -- password with symmetric encryption
|
||
pwdHash NULL, -- password with hashing
|
||
certSign NULL, -- Certificate with signature
|
||
ipsec NULL, -- IPSEC based connection
|
||
tls NULL,
|
||
nonStandard NonStandardParameter, -- something else.
|
||
...,
|
||
authenticationBES AuthenticationBES, -- user authentication for BES
|
||
keyExch OBJECT IDENTIFIER -- key exchange profile
|
||
}
|
||
|
||
ClearToken ::= SEQUENCE -- a "token" may contain multiple value types.
|
||
{
|
||
tokenOID OBJECT IDENTIFIER,
|
||
timeStamp TimeStamp OPTIONAL,
|
||
password Password OPTIONAL,
|
||
dhkey DHset OPTIONAL,
|
||
challenge ChallengeString OPTIONAL,
|
||
random RandomVal OPTIONAL,
|
||
certificate TypedCertificate OPTIONAL,
|
||
generalID Identifier OPTIONAL,
|
||
nonStandard NonStandardParameter OPTIONAL,
|
||
...,
|
||
eckasdhkey ECKASDH OPTIONAL, -- elliptic curve Key Agreement
|
||
|
||
-- Scheme-Diffie Hellman Analogue
|
||
-- (ECKAS-DH)
|
||
sendersID Identifier OPTIONAL,
|
||
h235Key H235Key OPTIONAL, -- central distributed key in V3
|
||
profileInfo SEQUENCE OF ProfileElement OPTIONAL -- profile-specific
|
||
}
|
||
|
||
-- An object identifier should be placed in the tokenOID field when a
|
||
-- ClearToken is included directly in a message (as opposed to being
|
||
-- encrypted). In all other cases, an application should use the
|
||
-- object identifier { 0 0 } to indicate that the tokenOID value is not
|
||
-- present.
|
||
-- Start all the cryptographic parameterized types here...
|
||
--
|
||
ProfileElement ::= SEQUENCE {
|
||
elementID INTEGER(0..255), -- element identifier, as defined by
|
||
|
||
-- profile
|
||
paramS Params OPTIONAL, -- any element-specific parameters
|
||
element Element OPTIONAL, -- value in required form
|
||
...
|
||
}
|
||
|
||
Element ::= CHOICE {
|
||
octets OCTET STRING,
|
||
integer INTEGER,
|
||
bits BIT STRING,
|
||
name BMPString,
|
||
flag BOOLEAN,
|
||
...
|
||
}
|
||
|
||
SIGNED{ToBeSigned} ::= SEQUENCE {
|
||
toBeSigned ToBeSigned,
|
||
algorithmOID OBJECT IDENTIFIER,
|
||
paramS Params, -- any "runtime" parameters
|
||
signature BIT STRING -- could be an RSA or an ASN.1 coded ECGDSA<53>Signature
|
||
}(CONSTRAINED BY { -- Verify or Sign Certificate --})
|
||
|
||
ENCRYPTED{ToBeEncrypted} ::= SEQUENCE {
|
||
algorithmOID OBJECT IDENTIFIER,
|
||
paramS Params, -- any "runtime" parameters
|
||
encryptedData OCTET STRING
|
||
}(CONSTRAINED BY { -- Encrypt or Decrypt --ToBeEncrypted})
|
||
|
||
HASHED{ToBeHashed} ::= SEQUENCE {
|
||
algorithmOID OBJECT IDENTIFIER,
|
||
paramS Params, -- any "runtime" parameters
|
||
hash BIT STRING
|
||
}(CONSTRAINED BY { -- Hash --ToBeHashed})
|
||
|
||
IV8 ::= OCTET STRING(SIZE (8)) -- initial value for 64-bit block ciphers
|
||
|
||
|
||
IV16 ::= OCTET STRING(SIZE (16)) -- initial value for 128-bit block ciphers
|
||
|
||
|
||
-- signing algorithm used must select one of these types of parameters
|
||
-- needed by receiving end of signature.
|
||
Params ::= SEQUENCE {
|
||
ranInt INTEGER OPTIONAL, -- some integer value
|
||
iv8 IV8 OPTIONAL, -- 8-octet initialization vector
|
||
...,
|
||
iv16 IV16 OPTIONAL, -- 16-octet initialization vector
|
||
iv OCTET STRING OPTIONAL, -- arbitrary length initialization vector
|
||
clearSalt OCTET STRING OPTIONAL -- unencrypted salting key for encryption
|
||
}
|
||
|
||
EncodedGeneralToken ::=
|
||
TYPE-IDENTIFIER.&Type(ClearToken -- general usage token --)
|
||
|
||
PwdCertToken ::=
|
||
ClearToken(WITH COMPONENTS {
|
||
...,
|
||
timeStamp PRESENT,
|
||
generalID PRESENT
|
||
})
|
||
|
||
EncodedPwdCertToken ::= TYPE-IDENTIFIER.&Type(PwdCertToken)
|
||
|
||
CryptoToken ::= CHOICE {
|
||
cryptoEncryptedToken
|
||
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
||
OBJECT
|
||
IDENTIFIER,
|
||
token
|
||
ENCRYPTED
|
||
{EncodedGeneralToken}
|
||
},
|
||
cryptoSignedToken
|
||
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
||
OBJECT
|
||
IDENTIFIER,
|
||
token
|
||
SIGNED
|
||
{EncodedGeneralToken}
|
||
},
|
||
cryptoHashedToken
|
||
SEQUENCE-- General purpose/application specific token-- {tokenOID
|
||
OBJECT
|
||
IDENTIFIER,
|
||
hashedVals
|
||
ClearToken,
|
||
token
|
||
HASHED
|
||
{EncodedGeneralToken}
|
||
},
|
||
cryptoPwdEncr ENCRYPTED{EncodedPwdCertToken},
|
||
...
|
||
}
|
||
|
||
-- These allow the passing of session keys within the H.245 OLC structure.
|
||
-- They are encoded as standalone ASN.1 and based as an OCTET STRING within
|
||
-- H.245
|
||
H235Key ::=
|
||
CHOICE -- This is used with the H.245 or ClearToken "h235Key" field
|
||
{
|
||
secureChannel KeyMaterial,
|
||
sharedSecret ENCRYPTED{EncodedKeySyncMaterial},
|
||
certProtectedKey SIGNED{EncodedKeySignedMaterial},
|
||
...,
|
||
secureSharedSecret V3KeySyncMaterial -- for H.235 V3 endpoints
|
||
}
|
||
|
||
KeySignedMaterial ::= SEQUENCE {
|
||
generalId Identifier, -- slave's alias
|
||
mrandom RandomVal, -- master's random value
|
||
srandom RandomVal OPTIONAL, -- slave's random value
|
||
timeStamp TimeStamp OPTIONAL, -- master's timestamp for unsolicited EU
|
||
encrptval ENCRYPTED{EncodedKeySyncMaterial}
|
||
}
|
||
|
||
EncodedKeySignedMaterial ::= TYPE-IDENTIFIER.&Type(KeySignedMaterial)
|
||
|
||
H235CertificateSignature ::= SEQUENCE {
|
||
certificate TypedCertificate,
|
||
responseRandom RandomVal,
|
||
requesterRandom RandomVal OPTIONAL,
|
||
signature SIGNED{EncodedReturnSig},
|
||
...
|
||
}
|
||
|
||
ReturnSig ::= SEQUENCE {
|
||
generalId Identifier, -- slave's alias
|
||
responseRandom RandomVal,
|
||
requestRandom RandomVal OPTIONAL,
|
||
certificate TypedCertificate OPTIONAL -- requested certificate
|
||
}
|
||
|
||
EncodedReturnSig ::= TYPE-IDENTIFIER.&Type(ReturnSig)
|
||
|
||
KeySyncMaterial ::= SEQUENCE {
|
||
generalID Identifier,
|
||
keyMaterial KeyMaterial,
|
||
...
|
||
}
|
||
|
||
EncodedKeySyncMaterial ::= TYPE-IDENTIFIER.&Type(KeySyncMaterial)
|
||
|
||
V3KeySyncMaterial ::= SEQUENCE {
|
||
generalID Identifier OPTIONAL, -- peer terminal ID
|
||
algorithmOID OBJECT IDENTIFIER OPTIONAL, -- encryption algorithm
|
||
paramS Params, -- IV
|
||
encryptedSessionKey OCTET STRING OPTIONAL, -- encrypted session key
|
||
encryptedSaltingKey OCTET STRING OPTIONAL, -- encrypted media salting
|
||
|
||
-- key
|
||
clearSaltingKey OCTET STRING OPTIONAL, -- unencrypted media salting
|
||
|
||
-- key
|
||
paramSsalt Params OPTIONAL, -- IV (and clear salt) for salting
|
||
|
||
-- key encryption
|
||
keyDerivationOID OBJECT IDENTIFIER OPTIONAL, -- key derivation
|
||
|
||
-- method
|
||
...,
|
||
genericKeyMaterial OCTET STRING OPTIONAL -- ASN.1-encoded key material--
|
||
-- form is dependent on associated media encryption tag
|
||
}
|
||
|
||
END -- End of H235-SECURITY-MESSAGES DEFINITIONS
|
||
|
||
-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
|
||
|