osmocom/wireshark
14
0
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
wireshark/asn1/x420/IPMSSecurityExtensions.asn
Graeme Lunt 0c7876ca39 Revised X.420 dissector using separate ASN.1 modules and making the bare minimum changes to those modules that asn2wrs requires. 
Also supports the X.420 message store attributes, used over P7.


svn path=/trunk/; revision=23981
2008-01-02 09:34:34 +00:00

151 lines
5.5 KiB
Groff
Raw Blame History

-- $Id$
-- http://www.itu.int/ITU-T/asn1/database/itu-t/x/x420/1999/index.html
-- Module IPMSSecurityExtensions (X.420:06/1999)
IPMSSecurityExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
ipm-security-extensions(14) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
BEGIN
-- Prologue
-- Exports everything
IMPORTS
-- MTS Abstract Service
--Certificates,-- Content, ContentIntegrityCheck, ExtendedCertificates,
EXTENSION, MessageOriginAuthenticationCheck, MessageToken, EncryptionKey
--==
FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
mts-abstract-service(1) version-1999(1)}
--WS: asn2wrs can't import a type through a intermediate module - so we import directly
Certificates
--==
FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
authenticationFramework(7) 3}
-- IPMS Information Objects
IPMS-EXTENSION, BodyPartNumber
--==
FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
information-objects(2) version-1999(1)}
-- IPMS Heading Extensions
-- BodyPartNumber
--==
-- FROM IPMSHeadingExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
-- heading-extensions(6) version-1999(1)}
-- Directory Authentication Framework
AlgorithmIdentifier, ENCRYPTED{}
--==
FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
authenticationFramework(7) 3}
-- Directory Certificate Extensions
CertificateAssertion
--==
FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
certificateExtensions(26) 0}
-- IPMS Object Identifiers
id-sec-ipm-security-request, id-sec-security-common-fields
--==
FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
object-identifiers(0) version-1999(1)};
-- Recipient Security Request
recipient-security-request IPMS-EXTENSION ::= {
VALUE RecipientSecurityRequest,
IDENTIFIED BY id-sec-ipm-security-request
}
RecipientSecurityRequest ::= BIT STRING {
content-non-repudiation(0), content-proof(1), ipn-non-repudiation(2),
ipn-proof(3)}
-- IPN Security Response
ipn-security-response IPMS-EXTENSION ::= {
VALUE IpnSecurityResponse,
IDENTIFIED BY id-sec-security-common-fields
}
IpnSecurityResponse ::= SET {
content-or-arguments
CHOICE {original-content OriginalContent,
original-security-arguments
SET {original-content-integrity-check
[0] OriginalContentIntegrityCheck OPTIONAL,
original-message-origin-authentication-check
[1] OriginalMessageOriginAuthenticationCheck OPTIONAL,
original-message-token
[2] OriginalMessageToken OPTIONAL}},
security-diagnostic-code SecurityDiagnosticCode OPTIONAL
}
-- MTS security fields
OriginalContent ::= Content
OriginalContentIntegrityCheck ::= ContentIntegrityCheck
OriginalMessageOriginAuthenticationCheck ::= MessageOriginAuthenticationCheck
OriginalMessageToken ::= MessageToken
-- Security Diagnostic Codes
SecurityDiagnosticCode ::= INTEGER {
integrity-failure-on-subject-message(0),
integrity-failure-on-forwarded-message(1),
moac-failure-on-subject-message(2), unsupported-security-policy(3),
unsupported-algorithm-identifier(4), decryption-failed(5), token-error(6),
unable-to-sign-notification(7), unable-to-sign-message-receipt(8),
authentication-failure-on-subject-message(9),
security-context-failure-message(10), message-sequence-failure(11),
message-security-labelling-failure(12), repudiation-failure-of-message(13),
failure-of-proof-of-message(14), signature-key-unobtainable(15),
decryption-key-unobtainable(16), key-failure(17),
unsupported-request-for-security-service(18),
inconsistent-request-for-security-service(19),
ipn-non-repudiation-provided-instead-of-content-proof(20),
token-decryption-failed(21), double-enveloping-message-restoring-failure(22),
unauthorised-dl-member(23), reception-security-failure(24),
unsuitable-alternate-recipient(25), security-services-refusal(26),
unauthorised-recipient(27), unknown-certification-authority-name(28),
unknown-dl-name(29), unknown-originator-name(30), unknown-recipient-name(31),
security-policy-violation(32)}
-- Security Envelope Extensions
body-part-encryption-token EXTENSION ::= {
BodyPartTokens,
RECOMMENDED CRITICALITY {for-delivery},
IDENTIFIED BY standard-extension:43
}
BodyPartTokens ::=
SET OF
SET {body-part-number BodyPartNumber,
body-part-choice
CHOICE {encryption-token EncryptionToken,
message-or-content-body-part [0] BodyPartTokens}
}
EncryptionToken ::= SET {
encryption-algorithm-identifier AlgorithmIdentifier,
encrypted-key --ENCRYPTED{EncryptionKey}-- BIT STRING,
recipient-certificate-selector [0] CertificateAssertion OPTIONAL,
recipient-certificate [1] Certificates OPTIONAL,
originator-certificate-selector [2] CertificateAssertion OPTIONAL,
originator-certificates [3] ExtendedCertificates OPTIONAL,
...
}
forwarded-content-token EXTENSION ::= {
ForwardedContentToken,
RECOMMENDED CRITICALITY {for-delivery},
IDENTIFIED BY standard-extension:44
}
ForwardedContentToken ::=
SET OF
SET {body-part-number BodyPartNumber,
body-part-choice
CHOICE {forwarding-token MessageToken,
message-or-content-body-part ForwardedContentToken
}}
END -- of IPMSSecurityExtensions
-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Reference in a new issue View git blame Copy permalink