]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_asn1/asn1/rfc3161.asn1
Security-59754.80.3.tar.gz
[apple/security.git] / OSX / libsecurity_asn1 / asn1 / rfc3161.asn1
1 PKIXTSP {iso(1) identified-organization(3) dod(6) internet(1)
2 security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13)}
3
4 DEFINITIONS IMPLICIT TAGS ::=
5
6 BEGIN
7
8 -- EXPORTS ALL --
9
10 IMPORTS
11
12 Extensions, AlgorithmIdentifier
13 FROM PKIX1Explicit88 {iso(1) identified-organization(3)
14 dod(6) internet(1) security(5) mechanisms(5) pkix(7)
15 id-mod(0) id-pkix1-explicit-88(1)}
16
17 GeneralName FROM PKIX1Implicit88 {iso(1)
18 identified-organization(3) dod(6) internet(1) security(5)
19 mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
20
21 ContentInfo FROM CryptographicMessageSyntax {iso(1)
22 member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
23 smime(16) modules(0) cms(1)}
24
25 PKIFreeText FROM PKIXCMP {iso(1) identified-organization(3)
26 dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
27 id-mod-cmp(9)} ;
28
29 -- Locally defined OIDs --
30
31 -- eContentType for a time-stamp token
32
33 id-ct-TSTInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
34 us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4}
35
36 -- 2.4.1
37
38 TimeStampReq ::= SEQUENCE {
39 version INTEGER { v1(1) },
40 messageImprint MessageImprint,
41 --a hash algorithm OID and the hash value of the data to be
42 --time-stamped
43 reqPolicy TSAPolicyId OPTIONAL,
44 nonce INTEGER OPTIONAL,
45 certReq BOOLEAN DEFAULT FALSE,
46 extensions [0] IMPLICIT Extensions OPTIONAL }
47
48 MessageImprint ::= SEQUENCE {
49 hashAlgorithm AlgorithmIdentifier,
50 hashedMessage OCTET STRING }
51
52 TSAPolicyId ::= OBJECT IDENTIFIER
53
54 -- 2.4.2
55
56 TimeStampResp ::= SEQUENCE {
57 status PKIStatusInfo,
58 timeStampToken TimeStampToken OPTIONAL }
59
60 -- The status is based on the definition of status
61 -- in section 3.2.3 of [RFC2510]
62
63 PKIStatusInfo ::= SEQUENCE {
64 status PKIStatus,
65 statusString PKIFreeText OPTIONAL,
66 failInfo PKIFailureInfo OPTIONAL }
67
68 PKIStatus ::= INTEGER {
69 granted (0),
70 -- when the PKIStatus contains the value zero a TimeStampToken, as
71 requested, is present.
72 grantedWithMods (1),
73 -- when the PKIStatus contains the value one a TimeStampToken,
74 with modifications, is present.
75 rejection (2),
76 waiting (3),
77 revocationWarning (4),
78 -- this message contains a warning that a revocation is
79 -- imminent
80 revocationNotification (5)
81 -- notification that a revocation has occurred }
82
83 -- When the TimeStampToken is not present
84 -- failInfo indicates the reason why the
85 -- time-stamp request was rejected and
86 -- may be one of the following values.
87
88 PKIFailureInfo ::= BIT STRING {
89 badAlg (0),
90 -- unrecognized or unsupported Algorithm Identifier
91 badRequest (2),
92 -- transaction not permitted or supported
93 badDataFormat (5),
94 -- the data submitted has the wrong format
95 timeNotAvailable (14),
96 -- the TSA's time source is not available
97 unacceptedPolicy (15),
98 -- the requested TSA policy is not supported by the TSA.
99 unacceptedExtension (16),
100 -- the requested extension is not supported by the TSA.
101 addInfoNotAvailable (17)
102 -- the additional information requested could not be understood
103 -- or is not available
104 systemFailure (25)
105 -- the request cannot be handled due to system failure }
106
107 TimeStampToken ::= ContentInfo
108
109 -- contentType is id-signedData as defined in [CMS]
110 -- content is SignedData as defined in([CMS])
111 -- eContentType within SignedData is id-ct-TSTInfo
112 -- eContent within SignedData is TSTInfo
113
114 TSTInfo ::= SEQUENCE {
115 version INTEGER { v1(1) },
116 policy TSAPolicyId,
117 messageImprint MessageImprint,
118 -- MUST have the same value as the similar field in
119 -- TimeStampReq
120 serialNumber INTEGER,
121 -- Time-Stamping users MUST be ready to accommodate integers
122 -- up to 160 bits.
123 genTime GeneralizedTime,
124 accuracy Accuracy OPTIONAL,
125 ordering BOOLEAN DEFAULT FALSE,
126 nonce INTEGER OPTIONAL,
127 -- MUST be present if the similar field was present
128 -- in TimeStampReq. In that case it MUST have the same value.
129 tsa [0] GeneralName OPTIONAL,
130 extensions [1] IMPLICIT Extensions OPTIONAL }
131
132 Accuracy ::= SEQUENCE {
133 seconds INTEGER OPTIONAL,
134 millis [0] INTEGER (1..999) OPTIONAL,
135 micros [1] INTEGER (1..999) OPTIONAL }
136
137