OSX/libsecurity_asn1/asn1/rfc3161.asn1

   1 PKIXTSP {iso(1) identified-organization(3) dod(6) internet(1)
   2    security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13)}
   3
   4 DEFINITIONS IMPLICIT TAGS ::=
   5
   6 BEGIN
   7
   8 -- EXPORTS ALL --
   9
  10 IMPORTS
  11
  12      Extensions, AlgorithmIdentifier
  13      FROM PKIX1Explicit88 {iso(1) identified-organization(3)
  14      dod(6) internet(1) security(5) mechanisms(5) pkix(7)
  15      id-mod(0) id-pkix1-explicit-88(1)}
  16
  17      GeneralName FROM PKIX1Implicit88 {iso(1)
  18      identified-organization(3) dod(6) internet(1) security(5)
  19      mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
  20
  21      ContentInfo FROM CryptographicMessageSyntax {iso(1)
  22      member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
  23      smime(16) modules(0) cms(1)}
  24
  25      PKIFreeText FROM PKIXCMP {iso(1) identified-organization(3)
  26      dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
  27      id-mod-cmp(9)} ;
  28
  29                      --  Locally defined OIDs  --
  30
  31 -- eContentType for a time-stamp token
  32
  33 id-ct-TSTInfo  OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  34 us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 4}
  35
  36 -- 2.4.1
  37
  38 TimeStampReq ::= SEQUENCE  {
  39    version                  INTEGER  { v1(1) },
  40    messageImprint           MessageImprint,
  41      --a hash algorithm OID and the hash value of the data to be
  42      --time-stamped
  43    reqPolicy                TSAPolicyId                OPTIONAL,
  44    nonce                    INTEGER                    OPTIONAL,
  45    certReq                  BOOLEAN                    DEFAULT FALSE,
  46    extensions               [0] IMPLICIT Extensions    OPTIONAL  }
  47
  48 MessageImprint ::= SEQUENCE  {
  49      hashAlgorithm                AlgorithmIdentifier,
  50      hashedMessage                OCTET STRING  }
  51
  52 TSAPolicyId ::= OBJECT IDENTIFIER
  53
  54 -- 2.4.2
  55
  56 TimeStampResp ::= SEQUENCE  {
  57      status                  PKIStatusInfo,
  58      timeStampToken          TimeStampToken     OPTIONAL  }
  59
  60 -- The status is based on the definition of status
  61 -- in section 3.2.3 of [RFC2510]
  62
  63 PKIStatusInfo ::= SEQUENCE {
  64     status        PKIStatus,
  65     statusString  PKIFreeText     OPTIONAL,
  66     failInfo      PKIFailureInfo  OPTIONAL  }
  67
  68 PKIStatus ::= INTEGER {
  69     granted                (0),
  70     -- when the PKIStatus contains the value zero a TimeStampToken, as
  71        requested, is present.
  72     grantedWithMods        (1),
  73      -- when the PKIStatus contains the value one a TimeStampToken,
  74        with modifications, is present.
  75     rejection              (2),
  76     waiting                (3),
  77     revocationWarning      (4),
  78      -- this message contains a warning that a revocation is
  79      -- imminent
  80     revocationNotification (5)
  81      -- notification that a revocation has occurred   }
  82
  83     -- When the TimeStampToken is not present
  84     -- failInfo indicates the reason why the
  85     -- time-stamp request was rejected and
  86     -- may be one of the following values.
  87
  88 PKIFailureInfo ::= BIT STRING {
  89     badAlg               (0),
  90       -- unrecognized or unsupported Algorithm Identifier
  91     badRequest           (2),
  92       -- transaction not permitted or supported
  93     badDataFormat        (5),
  94       -- the data submitted has the wrong format
  95     timeNotAvailable    (14),
  96       -- the TSA's time source is not available
  97     unacceptedPolicy    (15),
  98       -- the requested TSA policy is not supported by the TSA.
  99     unacceptedExtension (16),
 100       -- the requested extension is not supported by the TSA.
 101     addInfoNotAvailable (17)
 102       -- the additional information requested could not be understood
 103       -- or is not available
 104     systemFailure       (25)
 105       -- the request cannot be handled due to system failure  }
 106
 107 TimeStampToken ::= ContentInfo
 108
 109      -- contentType is id-signedData as defined in [CMS]
 110      -- content is SignedData as defined in([CMS])
 111      -- eContentType within SignedData is id-ct-TSTInfo
 112      -- eContent within SignedData is TSTInfo
 113
 114 TSTInfo ::= SEQUENCE  {
 115     version                      INTEGER  { v1(1) },
 116     policy                       TSAPolicyId,
 117     messageImprint               MessageImprint,
 118       -- MUST have the same value as the similar field in
 119       -- TimeStampReq
 120     serialNumber                 INTEGER,
 121      -- Time-Stamping users MUST be ready to accommodate integers
 122      -- up to 160 bits.
 123     genTime                      GeneralizedTime,
 124     accuracy                     Accuracy                 OPTIONAL,
 125     ordering                     BOOLEAN             DEFAULT FALSE,
 126     nonce                        INTEGER                  OPTIONAL,
 127       -- MUST be present if the similar field was present
 128       -- in TimeStampReq.  In that case it MUST have the same value.
 129     tsa                          [0] GeneralName          OPTIONAL,
 130     extensions                   [1] IMPLICIT Extensions  OPTIONAL   }
 131
 132 Accuracy ::= SEQUENCE {
 133                 seconds        INTEGER           OPTIONAL,
 134                 millis     [0] INTEGER  (1..999) OPTIONAL,
 135                 micros     [1] INTEGER  (1..999) OPTIONAL  }
 136
 137