1 files changed, 127 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/pkcs7.asn1 b/crypto/asymmetric_keys/pkcs7.asn1
new file mode 100644
index 000000000000..a5a14ef28c86
--- /dev/null
+++ b/crypto/asymmetric_keys/pkcs7.asn1
@@ -0,0 +1,127 @@
+PKCS7ContentInfo ::= SEQUENCE {
+        contentType     ContentType,
+        content         [0] EXPLICIT SignedData OPTIONAL
+}
+ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
+SignedData ::= SEQUENCE {
+        version                 INTEGER,
+        digestAlgorithms        DigestAlgorithmIdentifiers,
+        contentInfo             ContentInfo,
+        certificates            CHOICE {
+                certSet         [0] IMPLICIT ExtendedCertificatesAndCertificates,
+                certSequence    [2] IMPLICIT Certificates
+        } OPTIONAL ({ pkcs7_note_certificate_list }),
+        crls CHOICE {
+                crlSet          [1] IMPLICIT CertificateRevocationLists,
+                crlSequence     [3] IMPLICIT CRLSequence
+        } OPTIONAL,
+        signerInfos             SignerInfos
+}
+ContentInfo ::= SEQUENCE {
+        contentType     ContentType,
+        content         [0] EXPLICIT Data OPTIONAL
+}
+Data ::= ANY ({ pkcs7_note_data })
+DigestAlgorithmIdentifiers ::= CHOICE {
+        daSet                   SET OF DigestAlgorithmIdentifier,
+        daSequence              SEQUENCE OF DigestAlgorithmIdentifier
+}
+DigestAlgorithmIdentifier ::= SEQUENCE {
+        algorithm   OBJECT IDENTIFIER ({ pkcs7_note_OID }),
+        parameters  ANY OPTIONAL
+}
+--
+-- Certificates and certificate lists
+--
+ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
+ExtendedCertificateOrCertificate ::= CHOICE {
+  certificate           Certificate,                            -- X.509
+  extendedCertificate   [0] IMPLICIT ExtendedCertificate        -- PKCS#6
+}
+ExtendedCertificate ::= Certificate -- cheating
+Certificates ::= SEQUENCE OF Certificate
+CertificateRevocationLists ::= SET OF CertificateList
+CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
+CRLSequence ::= SEQUENCE OF CertificateList
+Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
+--
+-- Signer information
+--
+SignerInfos ::= CHOICE {
+        siSet           SET OF SignerInfo,
+        siSequence      SEQUENCE OF SignerInfo
+}
+SignerInfo ::= SEQUENCE {
+        version                 INTEGER,
+        issuerAndSerialNumber   IssuerAndSerialNumber,
+        digestAlgorithm         DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
+        authenticatedAttributes CHOICE {
+                aaSet           [0] IMPLICIT SetOfAuthenticatedAttribute
+                                        ({ pkcs7_sig_note_set_of_authattrs }),
+                aaSequence      [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
+                        -- Explicit because easier to compute digest on
+                        -- sequence of attributes and then reuse encoded
+                        -- sequence in aaSequence.
+        } OPTIONAL,
+        digestEncryptionAlgorithm
+                                DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
+        encryptedDigest         EncryptedDigest,
+        unauthenticatedAttributes CHOICE {
+                uaSet           [1] IMPLICIT SET OF UnauthenticatedAttribute,
+                uaSequence      [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
+        } OPTIONAL
+} ({ pkcs7_note_signed_info })
+IssuerAndSerialNumber ::= SEQUENCE {
+        issuer                  Name ({ pkcs7_sig_note_issuer }),
+        serialNumber            CertificateSerialNumber ({ pkcs7_sig_note_serial })
+}
+CertificateSerialNumber ::= INTEGER
+SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
+AuthenticatedAttribute ::= SEQUENCE {
+        type                    OBJECT IDENTIFIER ({ pkcs7_note_OID }),
+        values                  SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
+}
+UnauthenticatedAttribute ::= SEQUENCE {
+        type                    OBJECT IDENTIFIER ({ pkcs7_note_OID }),
+        values                  SET OF ANY
+}
+DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
+        algorithm               OBJECT IDENTIFIER ({ pkcs7_note_OID }),
+        parameters              ANY OPTIONAL
+}
+EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
+---
+--- X.500 Name
+---
+Name ::= SEQUENCE OF RelativeDistinguishedName
+RelativeDistinguishedName ::= SET OF AttributeValueAssertion
+AttributeValueAssertion ::= SEQUENCE {
+        attributeType           OBJECT IDENTIFIER ({ pkcs7_note_OID }),
+        attributeValue          ANY
+}

diff --git a/crypto/asymmetric_keys/pkcs7.asn1 b/crypto/asymmetric_keys/pkcs7.asn1 new file mode 100644 index 000000000000..a5a14ef28c86 --- /dev/null +++ b/crypto/asymmetric_keys/pkcs7.asn1
@@ -0,0 +1,127 @@
	1	PKCS7ContentInfo ::= SEQUENCE {
	2	contentType ContentType,
	3	content [0] EXPLICIT SignedData OPTIONAL
	4	}
	5
	6	ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID })
	7
	8	SignedData ::= SEQUENCE {
	9	version INTEGER,
	10	digestAlgorithms DigestAlgorithmIdentifiers,
	11	contentInfo ContentInfo,
	12	certificates CHOICE {
	13	certSet [0] IMPLICIT ExtendedCertificatesAndCertificates,
	14	certSequence [2] IMPLICIT Certificates
	15	} OPTIONAL ({ pkcs7_note_certificate_list }),
	16	crls CHOICE {
	17	crlSet [1] IMPLICIT CertificateRevocationLists,
	18	crlSequence [3] IMPLICIT CRLSequence
	19	} OPTIONAL,
	20	signerInfos SignerInfos
	21	}
	22
	23	ContentInfo ::= SEQUENCE {
	24	contentType ContentType,
	25	content [0] EXPLICIT Data OPTIONAL
	26	}
	27
	28	Data ::= ANY ({ pkcs7_note_data })
	29
	30	DigestAlgorithmIdentifiers ::= CHOICE {
	31	daSet SET OF DigestAlgorithmIdentifier,
	32	daSequence SEQUENCE OF DigestAlgorithmIdentifier
	33	}
	34
	35	DigestAlgorithmIdentifier ::= SEQUENCE {
	36	algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }),
	37	parameters ANY OPTIONAL
	38	}
	39
	40	--
	41	-- Certificates and certificate lists
	42	--
	43	ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate
	44
	45	ExtendedCertificateOrCertificate ::= CHOICE {
	46	certificate Certificate, -- X.509
	47	extendedCertificate [0] IMPLICIT ExtendedCertificate -- PKCS#6
	48	}
	49
	50	ExtendedCertificate ::= Certificate -- cheating
	51
	52	Certificates ::= SEQUENCE OF Certificate
	53
	54	CertificateRevocationLists ::= SET OF CertificateList
	55
	56	CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly
	57
	58	CRLSequence ::= SEQUENCE OF CertificateList
	59
	60	Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509
	61
	62	--
	63	-- Signer information
	64	--
	65	SignerInfos ::= CHOICE {
	66	siSet SET OF SignerInfo,
	67	siSequence SEQUENCE OF SignerInfo
	68	}
	69
	70	SignerInfo ::= SEQUENCE {
	71	version INTEGER,
	72	issuerAndSerialNumber IssuerAndSerialNumber,
	73	digestAlgorithm DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }),
	74	authenticatedAttributes CHOICE {
	75	aaSet [0] IMPLICIT SetOfAuthenticatedAttribute
	76	({ pkcs7_sig_note_set_of_authattrs }),
	77	aaSequence [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute
	78	-- Explicit because easier to compute digest on
	79	-- sequence of attributes and then reuse encoded
	80	-- sequence in aaSequence.
	81	} OPTIONAL,
	82	digestEncryptionAlgorithm
	83	DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }),
	84	encryptedDigest EncryptedDigest,
	85	unauthenticatedAttributes CHOICE {
	86	uaSet [1] IMPLICIT SET OF UnauthenticatedAttribute,
	87	uaSequence [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute
	88	} OPTIONAL
	89	} ({ pkcs7_note_signed_info })
	90
	91	IssuerAndSerialNumber ::= SEQUENCE {
	92	issuer Name ({ pkcs7_sig_note_issuer }),
	93	serialNumber CertificateSerialNumber ({ pkcs7_sig_note_serial })
	94	}
	95
	96	CertificateSerialNumber ::= INTEGER
	97
	98	SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute
	99
	100	AuthenticatedAttribute ::= SEQUENCE {
	101	type OBJECT IDENTIFIER ({ pkcs7_note_OID }),
	102	values SET OF ANY ({ pkcs7_sig_note_authenticated_attr })
	103	}
	104
	105	UnauthenticatedAttribute ::= SEQUENCE {
	106	type OBJECT IDENTIFIER ({ pkcs7_note_OID }),
	107	values SET OF ANY
	108	}
	109
	110	DigestEncryptionAlgorithmIdentifier ::= SEQUENCE {
	111	algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }),
	112	parameters ANY OPTIONAL
	113	}
	114
	115	EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature })
	116
	117	---
	118	--- X.500 Name
	119	---
	120	Name ::= SEQUENCE OF RelativeDistinguishedName
	121
	122	RelativeDistinguishedName ::= SET OF AttributeValueAssertion
	123
	124	AttributeValueAssertion ::= SEQUENCE {
	125	attributeType OBJECT IDENTIFIER ({ pkcs7_note_OID }),
	126	attributeValue ANY
	127	}