diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100755
index 0000000000000000000000000000000000000000..c81c1af3830321168990707c5e2f727ba747b4be
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,19 @@
+include:
+ - project: 'forge-tools/asn2md'
+ file: '/gitlab-ci/base.yml'
+
+variables:
+ ASN1_SRC: '*.asn ieee1609dot2/*.asn'
+
+#validate:
+# extends: .validate
+# only:
+# changes:
+# - '*.asn'
+
+
+documentation:
+ extends: .documentation
+ only:
+ changes:
+ - '*.asn'
diff --git a/.gitmodules b/.gitmodules
index d04d31976de6c46bbfe437db12e726c1d0794921..3e4be2da9a16ca1e8eda07678e30be9b7625f163 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,4 @@
[submodule "ieee1609dot2"]
path = ieee1609dot2
url = https://forge.etsi.org/rep/ITS/asn1/ieee1609.2.git
+ branch = ieee
diff --git a/Ieee1609Dot2Crl.asn b/Ieee1609Dot2Crl.asn
deleted file mode 100755
index 0b80569700e4ddb8b2083d66e95f4e26a58fe37f..0000000000000000000000000000000000000000
--- a/Ieee1609Dot2Crl.asn
+++ /dev/null
@@ -1,57 +0,0 @@
-Ieee1609Dot2Crl {iso(1) identified-organization(3) ieee(111)
-standards-association-numbered-series-standards(2) wave-stds(1609)
-dot2(2) crl(3) protocol(1) major-version-2(2) minor-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
-
- Ieee1609Dot2Data
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base (1) schema (1) major-version-2 (2) minor-version-4(4)}
-
- Opaque,
- Psid
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2 (2) minor-version-3(3)}
-
- CrlContents
-FROM Ieee1609Dot2CrlBaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) crl(3) base-types(2) major-version-2 (2) minor-version-2(2)}
-
-;
-
-CrlPsid ::= Psid(256) -- PSID = 0x100, 0p8080
-
-SecuredCrl ::= Ieee1609Dot2Data (WITH COMPONENTS {...,
- content (WITH COMPONENTS {
- signedData (WITH COMPONENTS {...,
- tbsData (WITH COMPONENTS {
- payload (WITH COMPONENTS {...,
- data (WITH COMPONENTS {...,
- content (WITH COMPONENTS {
- unsecuredData (CONTAINING CrlContents)
- })
- })
- }),
- headerInfo (WITH COMPONENTS {...,
- psid (CrlPsid),
- generationTime ABSENT,
- expiryTime ABSENT,
- generationLocation ABSENT,
- p2pcdLearningRequest ABSENT,
- missingCrlIdentifier ABSENT,
- encryptionKey ABSENT
- })
- })
- })
- })
-})
-
-
-END
diff --git a/Ieee1609Dot2CrlBaseTypes.asn b/Ieee1609Dot2CrlBaseTypes.asn
deleted file mode 100755
index 9d2208dd82835ab4936a52f6d82941114a1c193e..0000000000000000000000000000000000000000
--- a/Ieee1609Dot2CrlBaseTypes.asn
+++ /dev/null
@@ -1,130 +0,0 @@
-Ieee1609Dot2CrlBaseTypes {iso(1) identified-organization(3) ieee(111)
-standards-association-numbered-series-standards(2) wave-stds(1609)
-dot2(2) crl(3) base-types(2) major-version-2(2) minor-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- CrlSeries,
- GeographicRegion,
- HashedId8,
- HashedId10,
- IValue,
- LaId,
- LinkageSeed,
- Opaque,
- Psid,
- Signature,
- Time32,
- Uint3,
- Uint8,
- Uint16,
- Uint32,
- ValidityPeriod
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2 (2) minor-version-3(3)}
-;
-
---
---
--- CRL contents
---
---
-
-CrlContents ::= SEQUENCE {
- version Uint8 (1),
- crlSeries CrlSeries,
- cracaId HashedId8,
- issueDate Time32,
- nextCrl Time32,
- priorityInfo CrlPriorityInfo,
- typeSpecific CHOICE {
- fullHashCrl ToBeSignedHashIdCrl,
- deltaHashCrl ToBeSignedHashIdCrl,
- fullLinkedCrl ToBeSignedLinkageValueCrl,
- deltaLinkedCrl ToBeSignedLinkageValueCrl,
- ...
- }
-}
-
-CrlPriorityInfo ::= SEQUENCE {
- priority Uint8 OPTIONAL,
- ...
-}
-
-
-ToBeSignedHashIdCrl ::= SEQUENCE {
- crlSerial Uint32,
- entries SequenceOfHashBasedRevocationInfo,
- ...
-}
-
-HashBasedRevocationInfo ::= SEQUENCE {
- id HashedId10,
- expiry Time32
-}
-
-SequenceOfHashBasedRevocationInfo ::=
- SEQUENCE OF HashBasedRevocationInfo
-
-
-ToBeSignedLinkageValueCrl ::= SEQUENCE {
- iRev IValue,
- indexWithinI Uint8,
- individual SequenceOfJMaxGroup OPTIONAL,
- groups SequenceOfGroupCrlEntry OPTIONAL,
- ...
-}
-(WITH COMPONENTS {..., individual PRESENT} |
- WITH COMPONENTS {..., groups PRESENT})
-
-
-JMaxGroup ::= SEQUENCE {
- jmax Uint8,
- contents SequenceOfLAGroup,
- ...
-}
-
-
-SequenceOfJMaxGroup ::= SEQUENCE OF JMaxGroup
-
-LAGroup ::= SEQUENCE {
- la1Id LaId,
- la2Id LaId,
- contents SequenceOfIMaxGroup,
- ...
-}
-
-SequenceOfLAGroup ::= SEQUENCE OF LAGroup
-
-IMaxGroup ::= SEQUENCE {
- iMax Uint16,
- contents SequenceOfIndividualRevocation,
- ...
-}
-
-SequenceOfIMaxGroup ::= SEQUENCE OF IMaxGroup
-
-IndividualRevocation ::= SEQUENCE {
- linkage-seed1 LinkageSeed,
- linkage-seed2 LinkageSeed,
- ...
-}
-
-SequenceOfIndividualRevocation ::= SEQUENCE OF IndividualRevocation
-
-GroupCrlEntry ::= SEQUENCE {
- iMax Uint16,
- la1Id LaId,
- linkageSeed1 LinkageSeed,
- la2Id LaId,
- linkageSeed2 LinkageSeed,
- ...
-}
-
-SequenceOfGroupCrlEntry ::= SEQUENCE OF GroupCrlEntry
-
-END
diff --git a/Ieee1609Dot2Dot1AcaEeInterface.asn b/Ieee1609Dot2Dot1AcaEeInterface.asn
index 19c226aeda3b925449e39c386960e4c277d69fca..c83e0e3cb9de96163e44a9fb90d0540941b88e30 100755
--- a/Ieee1609Dot2Dot1AcaEeInterface.asn
+++ b/Ieee1609Dot2Dot1AcaEeInterface.asn
@@ -1,100 +1,92 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ACA - EE Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- Certificate
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) schema(1) major-version-2(2) minor-version-4(4)}
-;
-
-/**
- * @class AcaEeInterfacePdu
- *
- * @brief This is the parent structure for all structures exchanged between
- * the ACA and the EE. The ACA – EE interface is a logical interface rather
- * than a direct communications interface in that there is no direct message
- * flow between the ACA and the EE: Messages from the ACA are stored
- * by the RA and subsequently forwarded to the EE. The PDUs are identified as
- * ACA-EE PDUs even though the RA acts as a forwarder for them because those
- * PDUs are created by the ACA and encrypted for the EE, and not modified and
- * frequently not read by the RA. An overview of this structure is as follows:
- *
- * @param acaEeCertResponse contains the ACA's response to
- * RaAcaCertRequestSPDU, which is meant for the EE and sent via the RA.
- */
- AcaEeInterfacePdu ::= CHOICE {
- acaEeCertResponse AcaEeCertResponse,
- ...
- }
-
-/**
- * @class AcaEeCertResponse
- *
- * @brief This structure contains a certificate and associated data as
- * generated by the ACA for the EE that will be the holder of that
- * certificate. An overview of this structure is as follows:
- *
- *
NOTE: In the case where the butterfly expansion function is used
- * to set certEncKey in RaAcaCertRequest, the value j is not communicated to
- * the ACA. However, the EE that receives the certificate response can only
- * decrypt the response if it knows j. The RA is therefore anticipated to
- * store j so that it can be associated with the appropriate certificate
- * response. The RA encodes j in the filename.
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of AcaEeCertResponse.
- *
- * @param certificate contains an authorization certificate generated by the
- * ACA. It is of the type indicated by the type field in the corresponding
- * request (if the requester requested an incorrect type, the response would
- * be an error not an instance of this structure).
- *
- * @param privateKeyInfo is an optional field that is as follows:
- *
- * - Present and contains the private key randomization value, if the
- * field certificate.type is explicit and the butterfly key mechanism was used
- * to generate the certificate. This is used by the EE in deriving the
- * butterfly private key for explicit certificates as specified in 9.3.
- *
- * - Present and contains the private key reconstruction value, if the
- * field certificate.type is implicit. This is used by the EE as specified in
- * 5.3.2 of IEEE Std 1609.2a-2017 (also 9.3 if the butterfly key mechanism is
- * used).
- *
- * - Absent otherwise.
- *
- */
- AcaEeCertResponse ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- certificate Certificate,
- privateKeyInfo OCTET STRING (SIZE (32)) OPTIONAL,
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ACA - EE Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2)
+ minor-version-3(3)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ Certificate
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all structures exchanged between
+ * the ACA and the EE. The ACA - EE interface is a logical interface rather
+ * than a direct communications interface in that there is no direct message
+ * flow between the ACA and the EE: Messages from the ACA are stored
+ * by the RA and subsequently forwarded to the EE. The PDUs are identified as
+ * ACA-EE PDUs even though the RA acts as a forwarder for them because those
+ * PDUs are created by the ACA and encrypted for the EE, and not modified and
+ * frequently not read by the RA. An overview of this structure is as follows:
+ *
+ * @param acaEeCertResponse: contains the ACA's response to
+ * RaAcaCertRequestSPDU, which is meant for the EE and sent via the RA.
+ */
+AcaEeInterfacePdu ::= CHOICE {
+ acaEeCertResponse AcaEeCertResponse,
+ ...
+}
+
+/**
+ * @brief This structure contains a certificate and associated data as
+ * generated by the ACA for the EE that will be the holder of that
+ * certificate. An overview of this structure is as follows:
+ *
+ * @note In the case where the butterfly expansion function is used
+ * to set certEncKey in RaAcaCertRequest, the value j is not communicated to
+ * the ACA. However, the EE that receives the certificate response can only
+ * decrypt the response if it knows j. The RA is therefore anticipated to
+ * store j so that it can be associated with the appropriate certificate
+ * response. The RA encodes j in the filename.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of AcaEeCertResponse.
+ *
+ * @param certificate: contains an authorization certificate generated by the
+ * ACA. It is of the type indicated by the type field in the corresponding
+ * request (if the requester requested an incorrect type, the response would
+ * be an error not an instance of this structure).
+ *
+ * @param privateKeyInfo: shall be:
+ * - Present and contain the private key randomization value, if the field
+ * certificate.type is explicit and the butterfly key mechanism was used to
+ * generate the certificate. This is used by the EE in deriving the butterfly
+ * private key for explicit certificates as specified in 9.3.
+ * - Present and contain the private key reconstruction value, if the field
+ * certificate.type is implicit. This is used by the EE as specified in 5.3.2
+ * of IEEE Std 1609.2a-2017 (also 9.3 if the butterfly key mechanism is used).
+ * - Absent otherwise.
+ */
+AcaEeCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ certificate Certificate,
+ privateKeyInfo OCTET STRING (SIZE (32)) OPTIONAL,
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1AcaLaInterface.asn b/Ieee1609Dot2Dot1AcaLaInterface.asn
index 09672dcb88fa99b9b8018341d7aa3aa6652ff5d8..26dee6134d5a4545d2e6e0e61cfad02859592c8c 100755
--- a/Ieee1609Dot2Dot1AcaLaInterface.asn
+++ b/Ieee1609Dot2Dot1AcaLaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ACA - LA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1AcaLaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) aca-la(2) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class AcaLaInterfacePdu
- *
- * @brief This structure is not used by EEs, so it is defined as NULL for
- * purposes of this document.
- */
- AcaLaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ACA - LA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1AcaLaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-la(2) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is not used by EEs, so it is defined as NULL for
+ * purposes of this document.
+ */
+AcaLaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1AcaMaInterface.asn b/Ieee1609Dot2Dot1AcaMaInterface.asn
index efb2b919274a4446d95f3dba5c275306a6f463fe..5a1c9fe45e6196da4bb307bd4089597fcb8368c1 100755
--- a/Ieee1609Dot2Dot1AcaMaInterface.asn
+++ b/Ieee1609Dot2Dot1AcaMaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ACA - MA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1AcaMaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) aca-ma(3) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class AcaMaInterfacePdu
- *
- * @brief This structure is not used by EEs, so it is defined as NULL for
- * purposes of this document.
- */
- AcaMaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ACA - MA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1AcaMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ma(3) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is not used by EEs, so it is defined as NULL for
+ * purposes of this document.
+ */
+AcaMaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1AcaRaInterface.asn b/Ieee1609Dot2Dot1AcaRaInterface.asn
index d4c99ab86668fd68435a79742d6d21267ef27925..1235651a5a66c51472c0e7080154d6cea223449d 100755
--- a/Ieee1609Dot2Dot1AcaRaInterface.asn
+++ b/Ieee1609Dot2Dot1AcaRaInterface.asn
@@ -1,284 +1,261 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ACA - RA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-2(2)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- HashAlgorithm,
- HashedId8,
- LaId,
- PublicEncryptionKey,
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- CertificateType,
- ToBeSignedCertificate
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) schema(1) major-version-2(2) minor-version-4(4)}
-
- AcaEeCertResponsePlainSpdu,
- AcaEeCertResponsePrivateSpdu,
- AcaEeCertResponseCubkSpdu,
- Ieee1609Dot2Data-SymmEncryptedSingleRecipient
-FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-;
-
-/**
- * @class AcaRaInterfacePDU
- *
- * @brief This is the parent structure for all structures exchanged between
- * the ACA and the RA. An overview of this structure is as follows:
- *
- * @param raAcaCertRequest contains the request for an authorization
- * certificate from the RA to the ACA on behalf of the EE.
- *
- * @param acaRaCertResponse contains the ACA's response to RaAcaCertRequest.
- */
- AcaRaInterfacePdu ::= CHOICE {
- raAcaCertRequest RaAcaCertRequest,
- acaRaCertResponse AcaRaCertResponse,
- ...
- }
-
-/**
- * @class RaAcaCertRequest
- *
- * @brief This structure contains parameters needed to request an individual
- * authorization certificate. An overview of this structure is as follows:
- *
- *
NOTE 1: In the case where the butterfly key mechanism is used to set
- * certEncKey, the value of j is not communicated to the ACA. However, the EE
- * that receives the certificate response can only decrypt the response if it
- * knows j. The RA is therefore anticipated to store j so that it can be
- * associated with the appropriate certificate response.
- *
- *
NOTE 2: The cracaId and crlSeries are set to the indicated values
- * in the request. The ACA replaces these values with the appropriate values
- * in the response.
- *
- *
NOTE 3: The ACA is not bound by the contents of the request and can
- * issue certificates that are different from those requested, if so directed
- * by policy.
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of RaAcaCertRequest.
- *
- * @param type indicates whether the request is for an explicit or implicit
- * certificate (see 4.1.1, 4.1.3.3.1).
- *
- * @param flags contains the flags related to the use of the butterfly key
- * mechanism, and provides the following instructions to the ACA as to how
- * to generate the response:
- *
- * - If the flag butterflyExplicit is set, the request is valid only if
- * the type field is set to explicit. In this case, the ACA uses the
- * butterfly key derivation for explicit certificates as specified in 9.3.
- * The field tbsCert.verifyKeyIndicator.verificationKey is used by the ACA as
- * the cocoon public key for signing. The field privateKeyInfo in the
- * corresponding AcaEeCertResponse is used by the EE as the random integer to
- * recover the butterfly private key for signing.
- *
- * - If the flag cubk is set, the request is valid only if the certEncKey
- * field is absent. In this case, the ACA uses the compact unified variation
- * of the butterfly key mechanism as specified in 9.3. This means that the
- * ACA generates an AcaEeCertResponseCubkSpdu instead of an
- * AcaEeCertResponsePrivateSpdu, and the response is valid only if the ACA
- * certificate has the flag cubk set.
- *
- *
- * @param linkageInfo contains the encrypted prelinkage values needed to
- * generate the linkage value for the certificate. If linkageInfo is present,
- * the field tbsCert.id is of type LinkageData, where the iCert field is set
- * to the actual i-period value and the linkage-value field is set to a dummy
- * value to be replaced by the ACA with the actual linkage value. The
- * encrypted prelinkage values are encrypted for the ACA by the LAs.
- *
- * @param certEncKey is used in combination with flags.cubk to indicate
- * the type of response that is expected from the ACA. It is as follows:
- *
- * - Absent and flags.cubk is not set if the ACA's response doesn't need
- * to be encrypted. In this case, the ACA responds with
- * AcaEeCertResponsePlainSpdu.
- *
- * - Absent and flags.cubk is set if the ACA's response is to be encrypted
- * with the verification key from the request and not signed. In this case,
- * the ACA responds with AcaEeCertResponseCubkSpdu.
- *
- * - Present and flags.cubk is not set if the ACA's response is to be
- * encrypted with certEncKey and then signed by the ACA. In this case, the
- * ACA responds with AcaEeCertResponsePrivateSpdu.
- *
- *
- * @param tbsCert contains parameters of the requested certificate. The
- * certificate type depends on the field type, as follows:
- *
- * - If type is explicit, the request is valid only if
- * tbsCert.verifyKeyIndicator is a verificationKey.
- *
- * - If type is implicit, the request is valid only if
- * tbsCert.verifyKeyIndicator is a reconstructionValue.
- *
- */
- RaAcaCertRequest ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- type CertificateType,
- flags RaAcaCertRequestFlags,
- linkageInfo LinkageInfo OPTIONAL,
- certEncKey PublicEncryptionKey OPTIONAL,
- tbsCert ToBeSignedCertificate (WITH COMPONENTS {
- ...,
- cracaId ('000000'H),
- crlSeries (0),
- appPermissions PRESENT,
- certIssuePermissions ABSENT,
- certRequestPermissions ABSENT
- }),
- ...
- }
-
-/**
- * @class RaAcaCertRequestFlags
- *
- * @brief This structure is used to convey information from the RA to the ACA
- * about operations to be carried out when generating the certificate. For
- * more details see the specification of RaAcaCertRequest. An overview of
- * this structure is as follows:
- */
- RaAcaCertRequestFlags ::=
- BIT STRING {butterflyExplicit (0), cubk (1)} (SIZE (8))
-
-/**
- * @class LinkageInfo
- *
- * @brief This structure contains parameters needed to generate a linkage
- * value for a given (EE, i, j). An overview of this structure is as follows:
- *
- *
NOTE: See Annex D for further discussion of LAs.
- *
- * @param encPlv1 contains the EncryptedIndividualPLV from one of the LAs.
- *
- * @param encPlv2 contains the EncryptedIndividualPLV from the other LA.
- */
- LinkageInfo ::= SEQUENCE {
- encPlv1 EncryptedIndividualPLV,
- encPlv2 EncryptedIndividualPLV,
- ...
- }
-
-/**
- * @class EncryptedIndividualPLV
- *
- * @brief This structure contains an individual prelinkage value encrypted by
- * the LA for the ACA using the shared secret key. An overview of this
- * structure is as follows:
- *
- *
NOTE: How the ACA obtains the shared symmetric key and how the RA
- * associates the encPlv1 and encPlv2 with the correct certificate request are
- * outside the scope of this document.
- *
- * @param version contains the current version of the structure.
- *
- * @param laId contains the ID of the LA that created the prelinkage value.
- * See Annex D for further discussion of LA IDs.
- *
- * @param encPlv contains the encrypted individual prelinkage value, that is,
- * the ciphertext field decrypts to a PreLinkageValue. It contains a pointer
- * (hash of the shared symmetric key) to the used shared secret encryption key.
- */
- EncryptedIndividualPLV ::= SEQUENCE {
- version Uint8 (2),
- laId LaId,
- encPlv Ieee1609Dot2Data-SymmEncryptedSingleRecipient {
- PreLinkageValue
- }
- }
-
-/**
- * @class PreLinkageValue
- *
- * @brief This structure contains an individual prelinkage value. It is an
- * octet string of length 9 octets.
- */
- PreLinkageValue ::= OCTET STRING (SIZE(9))
-
-/**
- * @class AcaRaCertResponse
- *
- * @brief This structure contains a certificate response by the ACA,
- * encapsulated for consumption by the EE, as well as associated data for
- * consumption by the RA. The response is of form AcaEeCertResponsePlainSpdu,
- * AcaEeCertResponsePrivateSpdu, or AcaEeCertResponseCubkSpdu, and is
- * generated in response to a successful RaAcaCertRequestSpdu. In this
- * structure:
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of AcaRaCertResponse.
- *
- * @param requestHash contains the hash of the corresponding
- * RaAcaCertRequestSPDU.
- *
- * @param acaResponse contains the certificate for the EE in a suitable form
- * as determined from the corresponding RaAcaCertRequestSPDU.
- */
- AcaRaCertResponse ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- requestHash HashedId8,
- acaResponse AcaResponse,
- ...
- }
-
-/**
- * @class AcaResponse
- *
- * @brief This structure contains the certificate for the EE in a suitable
- * form as determined from the corresponding RaAcaCertRequestSPDU. In this
- * structure:
- *
- * @param plain contains the certificate for the EE in plain, that is, without
- * encryption or signature. This choice is used only when the field
- * certEncKey is absent and flags.cubk is not set in the corresponding
- * RaAcaCertRequest.
- *
- * @param private contains the certificate for the EE in an encrypted then
- * signed form to protect the EE's privacy from the RA. This choice is used
- * only when the field certEncKey is present and flags.cubk is not set in the
- * corresponding RaAcaCertRequest.
- *
- * @param cubk contains the certificate for the EE in an encrypted form. This
- * choice is used only when the field certEncKey is absent and flags.cubk is
- * set in the corresponding RaAcaCertRequest.
- */
- AcaResponse ::= CHOICE {
- plain AcaEeCertResponsePlainSpdu,
- private AcaEeCertResponsePrivateSpdu,
- cubk AcaEeCertResponseCubkSpdu,
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ACA - RA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-3(3)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ CertificateType,
+ ToBeSignedCertificate
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ HashAlgorithm,
+ HashedId8,
+ LaId,
+ PublicEncryptionKey,
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ AcaEeCertResponsePlainSpdu,
+ AcaEeCertResponsePrivateSpdu,
+ AcaEeCertResponseCubkSpdu,
+ Ieee1609Dot2Data-SymmEncryptedSingleRecipient
+FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all structures exchanged between
+ * the ACA and the RA. An overview of this structure is as follows:
+ *
+ * @param raAcaCertRequest: contains the request for an authorization
+ * certificate from the RA to the ACA on behalf of the EE.
+ *
+ * @param acaRaCertResponse: contains the ACA's response to RaAcaCertRequest.
+ */
+AcaRaInterfacePdu ::= CHOICE {
+ raAcaCertRequest RaAcaCertRequest,
+ acaRaCertResponse AcaRaCertResponse,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters needed to request an individual
+ * authorization certificate. An overview of this structure is as follows:
+ *
+ * @note:
+ * - In the case where the butterfly key mechanism is used to set
+ * certEncKey, the value of j is not communicated to the ACA. However, the EE
+ * that receives the certificate response can only decrypt the response if it
+ * knows j. The RA is therefore anticipated to store j so that it can be
+ * associated with the appropriate certificate response.
+ *
+ * - The cracaId and crlSeries are set to the indicated values
+ * in the request. The ACA replaces these values with the appropriate values
+ * in the response.
+ *
+ * - The ACA is not bound by the contents of the request and can
+ * issue certificates that are different from those requested, if so directed
+ * by policy.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of RaAcaCertRequest.
+ *
+ * @param type: indicates whether the request is for an explicit or implicit
+ * certificate (see 4.1.1, 4.1.3.3.1).
+ *
+ * @param flags: contains the flags related to the use of the butterfly key
+ * mechanism, and provides the following instructions to the ACA as to how
+ * to generate the response:
+ * - If the flag butterflyExplicit is set, the request is valid only if
+ * the type field is set to explicit. In this case, the ACA uses the
+ * butterfly key derivation for explicit certificates as specified in 9.3.
+ * The field tbsCert.verifyKeyIndicator.verificationKey is used by the ACA as
+ * the cocoon public key for signing. The field privateKeyInfo in the
+ * corresponding AcaEeCertResponse is used by the EE as the random integer to
+ * recover the butterfly private key for signing.
+ * - If the flag cubk is set, the request is valid only if the certEncKey
+ * field is absent. In this case, the ACA uses the compact unified variation
+ * of the butterfly key mechanism as specified in 9.3. This means that the
+ * ACA generates an AcaEeCertResponseCubkSpdu instead of an
+ * AcaEeCertResponsePrivateSpdu, and the response is valid only if the ACA
+ * certificate has the flag cubk set.
+ *
+ * @param linkageInfo: contains the encrypted prelinkage values needed to
+ * generate the linkage value for the certificate. If linkageInfo is present,
+ * the field tbsCert.id is of type LinkageData, where the iCert field is set
+ * to the actual i-period value and the linkage-value field is set to a dummy
+ * value to be replaced by the ACA with the actual linkage value. The
+ * encrypted prelinkage values are encrypted for the ACA by the LAs.
+ *
+ * @param certEncKey: is used in combination with flags.cubk to indicate
+ * the type of response that is expected from the ACA. It is as follows:
+ * - Absent and flags.cubk is not set if the ACA's response doesn't need
+ * to be encrypted. In this case, the ACA responds with
+ * AcaEeCertResponsePlainSpdu.
+ * - Absent and flags.cubk is set if the ACA's response is to be encrypted
+ * with the verification key from the request and not signed. In this case,
+ * the ACA responds with AcaEeCertResponseCubkSpdu.
+ * - Present and flags.cubk is not set if the ACA's response is to be
+ * encrypted with certEncKey and then signed by the ACA. In this case, the
+ * ACA responds with AcaEeCertResponsePrivateSpdu.
+ *
+ * @param tbsCert: contains parameters of the requested certificate. The
+ * certificate type depends on the field type, as follows:
+ * - If type is explicit, the request is valid only if
+ * tbsCert.verifyKeyIndicator is a verificationKey.
+ * - If type is implicit, the request is valid only if
+ * tbsCert.verifyKeyIndicator is a reconstructionValue.
+ */
+RaAcaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ flags RaAcaCertRequestFlags,
+ linkageInfo LinkageInfo OPTIONAL,
+ certEncKey PublicEncryptionKey OPTIONAL,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions PRESENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions ABSENT
+ }),
+ ...
+}
+
+/**
+ * @brief This structure is used to convey information from the RA to the ACA
+ * about operations to be carried out when generating the certificate. For
+ * more details see the specification of RaAcaCertRequest. An overview of
+ * this structure is as follows:
+ */
+RaAcaCertRequestFlags ::=
+ BIT STRING {butterflyExplicit (0), cubk (1)} (SIZE (8))
+
+/**
+ * @brief This structure contains parameters needed to generate a linkage
+ * value for a given (EE, i, j). An overview of this structure is as follows:
+ *
+ * @note See Annex D for further discussion of LAs.
+ *
+ * @param encPlv1: contains the EncryptedIndividualPLV from one of the LAs.
+ *
+ * @param encPlv2: contains the EncryptedIndividualPLV from the other LA.
+ */
+LinkageInfo ::= SEQUENCE {
+ encPlv1 EncryptedIndividualPLV,
+ encPlv2 EncryptedIndividualPLV,
+ ...
+}
+
+/**
+ * @brief This structure contains an individual prelinkage value encrypted by
+ * the LA for the ACA using the shared secret key. An overview of this
+ * structure is as follows:
+ *
+ * @note How the ACA obtains the shared symmetric key and how the RA
+ * associates the encPlv1 and encPlv2 with the correct certificate request are
+ * outside the scope of this document.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param laId: contains the ID of the LA that created the prelinkage value.
+ * See Annex D for further discussion of LA IDs.
+ *
+ * @param encPlv: contains the encrypted individual prelinkage value, that is,
+ * the ciphertext field decrypts to a PreLinkageValue. It contains a pointer
+ * (hash of the shared symmetric key) to the used shared secret encryption key.
+ */
+EncryptedIndividualPLV ::= SEQUENCE {
+ version Uint8 (2),
+ laId LaId,
+ encPlv Ieee1609Dot2Data-SymmEncryptedSingleRecipient {
+ PreLinkageValue
+ }
+}
+
+/**
+ * @brief This structure contains an individual prelinkage value. It is an
+ * octet string of length 9 octets.
+ */
+PreLinkageValue ::= OCTET STRING (SIZE(9))
+
+/**
+ * @brief This structure contains a certificate response by the ACA,
+ * encapsulated for consumption by the EE, as well as associated data for
+ * consumption by the RA. The response is of form AcaEeCertResponsePlainSpdu,
+ * AcaEeCertResponsePrivateSpdu, or AcaEeCertResponseCubkSpdu, and is
+ * generated in response to a successful RaAcaCertRequestSpdu. In this
+ * structure:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of AcaRaCertResponse.
+ *
+ * @param requestHash: contains the hash of the corresponding
+ * RaAcaCertRequestSPDU.
+ *
+ * @param acaResponse: contains the certificate for the EE in a suitable form
+ * as determined from the corresponding RaAcaCertRequestSPDU.
+ */
+AcaRaCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ acaResponse AcaResponse,
+ ...
+}
+
+/**
+ * @brief This structure contains the certificate for the EE in a suitable
+ * form as determined from the corresponding RaAcaCertRequestSPDU. In this
+ * structure:
+ *
+ * @param plain: contains the certificate for the EE in plain, that is, without
+ * encryption or signature. This choice is used only when the field
+ * certEncKey is absent and flags.cubk is not set in the corresponding
+ * RaAcaCertRequest.
+ *
+ * @param private: contains the certificate for the EE in an encrypted then
+ * signed form to protect the EE's privacy from the RA. This choice is used
+ * only when the field certEncKey is present and flags.cubk is not set in the
+ * corresponding RaAcaCertRequest.
+ *
+ * @param cubk: contains the certificate for the EE in an encrypted form. This
+ * choice is used only when the field certEncKey is absent and flags.cubk is
+ * set in the corresponding RaAcaCertRequest.
+ */
+AcaResponse ::= CHOICE {
+ plain AcaEeCertResponsePlainSpdu,
+ private AcaEeCertResponsePrivateSpdu,
+ cubk AcaEeCertResponseCubkSpdu,
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1Acpc.asn b/Ieee1609Dot2Dot1Acpc.asn
index 50444addefeb344b13b29250b8f31868e634308e..a658f225d2cfdb107cd696a813bf2feca107498f 100755
--- a/Ieee1609Dot2Dot1Acpc.asn
+++ b/Ieee1609Dot2Dot1Acpc.asn
@@ -1,216 +1,205 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ACPC --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-1(1)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- HashAlgorithm,
- IValue,
- Psid,
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- Ieee1609Dot2Data-Unsecured,
- Ieee1609Dot2Data-Signed
-FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-;
-
-/**
- * @class AcpcPdu
- *
- * @brief This structure contains an APrV structure produced by the CAM. An
- * overview of this structure is as follows:
- *
- * @param tree contains an AprvBinaryTree.
- *
- * @param aprv contains a single IndividualAprv.
- */
- AcpcPdu ::= CHOICE {
- tree AprvBinaryTree,
- aprv IndividualAprv,
- ...
- }
-
-/**
- * @class AprvBinaryTree
- *
- * @brief This structure encodes a binary tree. An overview of this structure
- * is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of AprvBinaryTree.
- *
- * @param currentI contains the i-value associated with the batch of
- * certificates.
- *
- * @param acpcTreeId contains an identifier for the CAM creating this binary
- * tree.
- *
- * @param hashAlgorithmId contains the identifier of the hash algorithm used
- * inside the binary tree.
- *
- * @param tree contains a bit string indicating which nodes of the tree are
- * present. It is calculated as specified in 9.5.4.2, and can be used by the
- * EE to determine which entry in nodeValueList to use to derive that EE's
- * APrV as specified in 9.5.2.
- *
- * @param nodeValueList contains the values of the nodes that are present in
- * the order indicated by tree.
- */
- AprvBinaryTree ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- currentI IValue,
- acpcTreeId AcpcTreeId,
- hashAlgorithmId HashAlgorithm,
- tree BIT STRING,
- nodeValueList SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue,
- ...
- }
-
-/**
- * @class AcpcPsid
- *
- * @brief This is the PSID used to indicate activities in ACPC as specified in
- * this document.
- */
- AcpcPsid ::= Psid(2113696)
-
-/**
- * @class UnsecuredAprvBinaryTree
- *
- * @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
- * transmission if the policy is that the AprvBinaryTree need not be signed.
- * See 9.5.6 for discussion.
- */
- UnsecuredAprvBinaryTree ::= Ieee1609Dot2Data-Unsecured {
- AcpcPdu (WITH COMPONENTS {tree})
- }
-
-/**
- * @class SignedAprvBinaryTree
- *
- * @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
- * transmission if the policy is that the AprvBinaryTree be signed. See 9.5.6
- * for discussion.
- */
- SignedAprvBinaryTree ::= Ieee1609Dot2Data-Signed {
- AcpcPdu (WITH COMPONENTS {tree}), AcpcPsid
- }
-
-/**
- * @class IndividualAprv
- *
- * @brief This structure contains an individual APrV. An overview of this
- * structure is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of IndividualAprv.
- *
- * @param currentI contains the i-value associated with the batch of
- * certificates.
- *
- * @param acpcTreeId contains an identifier for the CAM creating this binary
- * tree.
- *
- * @param nodeId contains the identifier of the node.
- *
- * @param nodeValue contains the value of the node.
- */
- IndividualAprv ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- currentI IValue,
- acpcTreeId AcpcTreeId,
- nodeId BIT STRING,
- nodeValue AcpcNodeValue,
- ...
- }
-
-/**
- * @class SignedIndividualAprv
- *
- * @brief This is used to wrap an IndividualAprv in an Ieee1609Dot2Data for
- * transmission if the policy is that the IndividualAprv be signed. See 9.5.6
- * for discussion.
- */
- SignedIndividualAprv ::= Ieee1609Dot2Data-Signed {
- AcpcPdu (WITH COMPONENTS {aprv}), AcpcPsid
- }
-
-/**
- * @class AcpcTreeId
- *
- * @brief This is an 8 byte string that identifies an ACPC tree series. It is
- * required to be globally unique within the system and is the same for all
- * ACPC tree instances within the ACPC tree series. Registration of AcpcTreeId
- * values is managed by the IEEE RA; see http://standards.ieee.org/regauth. A
- * list of assigned AcpcTreeId values is provided in L.2.
- */
- AcpcTreeId ::= OCTET STRING (SIZE(8))
-
-/**
- * @class AcpcNodeValue
- *
- * @brief This is a 16 byte string that represents the value of a node in the
- * ACPC tree.
- */
- AcpcNodeValue ::= OCTET STRING (SIZE(16))
-
-/**
- * @class AprvHashCalculationInput
- *
- * @brief This structure, C-OER encoded, is the input to the hash function to
- * calculate child node values from a parent node. By including the ID fields
- * it "firewalls" the hash function so that an attacker who inverts the hash
- * has only found the hash preimage for a specific node, in a specific tree,
- * for a specific time period. An overview of this structure is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param acpcTreeId contains an identifier for this ACPC tree series.
- *
- * @param acpcPeriod contains an identifier for the time period for this tree.
- * If the certificates for which this set of APrVs are intended have an IValue
- * field, acpcPeriod in this structure shall be equal to the IValue field in
- * the certificates. How the RA and the CAM synchronize on this value is
- * outside the scope of this document.
- *
- * @param childNodeId contains a bit string of length l encoding the node
- * location within the l'th level.
- *
- * @param parentNodeValue contains the value of the parent node.
- */
- AprvHashCalculationInput ::= SEQUENCE {
- version Uint8 (2),
- acpcTreeId AcpcTreeId,
- acpcPeriod IValue,
- childNodeId BIT STRING,
- parentNodeValue OCTET STRING (SIZE(16)),
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ACPC --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ HashAlgorithm,
+ IValue,
+ Psid,
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ Ieee1609Dot2Data-Unsecured,
+ Ieee1609Dot2Data-Signed
+FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This structure contains an APrV structure produced by the CAM. An
+ * overview of this structure is as follows:
+ *
+ * @param tree: contains an AprvBinaryTree.
+ *
+ * @param aprv: contains a single IndividualAprv.
+ */
+AcpcPdu ::= CHOICE {
+ tree AprvBinaryTree,
+ aprv IndividualAprv,
+ ...
+}
+
+/**
+ * @brief This structure encodes a binary tree. An overview of this structure
+ * is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of AprvBinaryTree.
+ *
+ * @param currentI: contains the i-value associated with the batch of
+ * certificates.
+ *
+ * @param acpcTreeId: contains an identifier for the CAM creating this binary
+ * tree.
+ *
+ * @param hashAlgorithmId: contains the identifier of the hash algorithm used
+ * inside the binary tree.
+ *
+ * @param tree: contains a bit string indicating which nodes of the tree are
+ * present. It is calculated as specified in 9.5.4.2, and can be used by the
+ * EE to determine which entry in nodeValueList to use to derive that EE's
+ * APrV as specified in 9.5.2.
+ *
+ * @param nodeValueList: contains the values of the nodes that are present in
+ * the order indicated by tree.
+ */
+AprvBinaryTree ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ acpcTreeId AcpcTreeId,
+ hashAlgorithmId HashAlgorithm,
+ tree BIT STRING,
+ nodeValueList SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue,
+ ...
+}
+
+/**
+ * @brief This is the PSID used to indicate activities in ACPC as specified in
+ * this document.
+ */
+AcpcPsid ::= Psid(2113696)
+
+/**
+ * @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
+ * transmission if the policy is that the AprvBinaryTree need not be signed.
+ * See 9.5.6 for discussion.
+ */
+UnsecuredAprvBinaryTree ::= Ieee1609Dot2Data-Unsecured {
+ AcpcPdu (WITH COMPONENTS {
+ tree
+ })
+}
+
+/**
+ * @brief This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
+ * transmission if the policy is that the AprvBinaryTree be signed. See 9.5.6
+ * for discussion.
+ */
+SignedAprvBinaryTree ::= Ieee1609Dot2Data-Signed {
+ AcpcPdu (WITH COMPONENTS {
+ tree
+ }),
+ AcpcPsid
+}
+
+/**
+ * @brief This structure contains an individual APrV. An overview of this
+ * structure is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of IndividualAprv.
+ *
+ * @param currentI: contains the i-value associated with the batch of
+ * certificates.
+ *
+ * @param acpcTreeId: contains an identifier for the CAM creating this binary
+ * tree.
+ *
+ * @param nodeId: contains the identifier of the node.
+ *
+ * @param nodeValue: contains the value of the node.
+ */
+IndividualAprv ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ acpcTreeId AcpcTreeId,
+ nodeId BIT STRING,
+ nodeValue AcpcNodeValue,
+ ...
+}
+
+/**
+ * @brief This is used to wrap an IndividualAprv in an Ieee1609Dot2Data for
+ * transmission if the policy is that the IndividualAprv be signed. See 9.5.6
+ * for discussion.
+ */
+SignedIndividualAprv ::= Ieee1609Dot2Data-Signed {
+ AcpcPdu (WITH COMPONENTS {
+ aprv
+ }),
+ AcpcPsid
+}
+
+/**
+ * @brief This is an 8 byte string that identifies an ACPC tree series. It is
+ * required to be globally unique within the system and is the same for all
+ * ACPC tree instances within the ACPC tree series. Registration of AcpcTreeId
+ * values is managed by the IEEE RA; see http://standards.ieee.org/regauth. A
+ * list of assigned AcpcTreeId values is provided in L.2.
+ */
+AcpcTreeId ::= OCTET STRING (SIZE(8))
+
+/**
+ * @brief This is a 16 byte string that represents the value of a node in the
+ * ACPC tree.
+ */
+AcpcNodeValue ::= OCTET STRING (SIZE(16))
+
+/**
+ * @brief This structure, C-OER encoded, is the input to the hash function to
+ * calculate child node values from a parent node. By including the ID fields
+ * it "firewalls" the hash function so that an attacker who inverts the hash
+ * has only found the hash preimage for a specific node, in a specific tree,
+ * for a specific time period. An overview of this structure is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param acpcTreeId: contains an identifier for this ACPC tree series.
+ *
+ * @param acpcPeriod: contains an identifier for the time period for this tree.
+ * If the certificates for which this set of APrVs are intended have an IValue
+ * field, acpcPeriod in this structure shall be the IValue field in the
+ * certificates. How the RA and the CAM synchronize on this value is outside
+ * the scope of this document.
+ *
+ * @param childNodeId: contains a bit string of length l encoding the node
+ * location within the l'th level.
+ *
+ * @param parentNodeValue: contains the value of the parent node.
+ */
+AprvHashCalculationInput ::= SEQUENCE {
+ version Uint8 (2),
+ acpcTreeId AcpcTreeId,
+ acpcPeriod IValue,
+ childNodeId BIT STRING,
+ parentNodeValue OCTET STRING (SIZE(16)),
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1CamRaInterface.asn b/Ieee1609Dot2Dot1CamRaInterface.asn
index 290be9c1abaf55383e4c564d98481e123983dc94..f49c3bc668ecdfecc59eb8a524493cdffe605ac2 100755
--- a/Ieee1609Dot2Dot1CamRaInterface.asn
+++ b/Ieee1609Dot2Dot1CamRaInterface.asn
@@ -1,98 +1,90 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: CAM - RA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1CamRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) cam-ra(19) major-version-2(2)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- EccP256CurvePoint,
- HashedId8,
- IValue,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-;
-
-/**
- * @class CamRaInterfacePDU
- *
- * @brief This is the parent structure for all structures exchanged between
- * the CAM and the RA during ACPC enrollment. An overview of this structure
- * is as follows:
- *
- * @param raCamBatchRequest contains the ACPC blinded key batch request sent
- * by the RA to the CAM.
- *
- * @param camRaBatchResponse contains the CAM's response to RaCamBatchRequest.
- */
- CamRaInterfacePdu ::= CHOICE {
- raCamBatchRequest RaCamBatchRequest,
- camRaBatchResponse CamRaBatchResponse,
- ...
- }
-
-/**
- * @class RaCamBatchRequest
- *
- * @brief This structure contains parameters needed to request a blinded batch
- * of keys for the EE during ACPC enrollment. An overview of this structure
- * is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param eeId contains the EE's ID generated by the RA for the production of
- * ACPC batch keys by the CAM.
- *
- * @param periodList contains the list of i-periods covered by the batch.
- */
- RaCamBatchRequest ::= SEQUENCE {
- version Uint8 (2),
- eeId OCTET STRING (SIZE(5)),
- periodList SEQUENCE OF IValue,
- ...
- }
-
-/**
- * @class CamRaBatchResponse
- *
- * @brief This structure contains a blinded batch of keys for the EE during
- * ACPC enrollment. An overview of this structure is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param requestHash contains the hash of the corresponding request
- * RaCamBatchRequest.
- *
- * @param batch contains a sequence of blinded keys, each mapped to one
- * IValue from the periodList field of the request.
- */
- CamRaBatchResponse ::= SEQUENCE {
- version Uint8 (2),
- requestHash HashedId8,
- batch SEQUENCE OF BlindedKey,
- ...
- }
-
-/**
- * @class BlindedKey
- *
- * @brief This is a blinded ACPC encryption key produced by the CAM.
- */
- BlindedKey ::= EccP256CurvePoint
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: CAM - RA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1CamRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) cam-ra(19) major-version-2(2)
+ minor-version-2(2)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ EccP256CurvePoint,
+ HashedId8,
+ IValue,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all structures exchanged between
+ * the CAM and the RA during ACPC enrollment. An overview of this structure
+ * is as follows:
+ *
+ * @param raCamBatchRequest: contains the ACPC blinded key batch request sent
+ * by the RA to the CAM.
+ *
+ * @param camRaBatchResponse: contains the CAM's response to RaCamBatchRequest.
+ */
+CamRaInterfacePdu ::= CHOICE {
+ raCamBatchRequest RaCamBatchRequest,
+ camRaBatchResponse CamRaBatchResponse,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters needed to request a blinded batch
+ * of keys for the EE during ACPC enrollment. An overview of this structure
+ * is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param eeId: contains the EE's ID generated by the RA for the production of
+ * ACPC batch keys by the CAM.
+ *
+ * @param periodList: contains the list of i-periods covered by the batch.
+ */
+RaCamBatchRequest ::= SEQUENCE {
+ version Uint8 (2),
+ eeId OCTET STRING (SIZE(5)),
+ periodList SEQUENCE OF IValue,
+ ...
+}
+
+/**
+ * @brief This structure contains a blinded batch of keys for the EE during
+ * ACPC enrollment. An overview of this structure is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param requestHash: contains the hash of the corresponding request
+ * RaCamBatchRequest.
+ *
+ * @param batch: contains a sequence of blinded keys, each mapped to one
+ * IValue from the periodList field of the request.
+ */
+CamRaBatchResponse ::= SEQUENCE {
+ version Uint8 (2),
+ requestHash HashedId8,
+ batch SEQUENCE OF BlindedKey,
+ ...
+}
+
+/**
+ * @brief This is a blinded ACPC encryption key produced by the CAM.
+ */
+BlindedKey ::= EccP256CurvePoint
+
+END
diff --git a/Ieee1609Dot2Dot1CertManagement.asn b/Ieee1609Dot2Dot1CertManagement.asn
index d7a58d32615f33974341d452ff475b6e20c04069..5115efebcb7251e024461bb33db57634706f37e2 100755
--- a/Ieee1609Dot2Dot1CertManagement.asn
+++ b/Ieee1609Dot2Dot1CertManagement.asn
@@ -1,451 +1,412 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: Certificate Management --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1CertManagement {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) cert-management(7)
- major-version-2(2) minor-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- HashedId8,
- HashedId32,
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- Certificate,
- SequenceOfCertificate
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) schema(1) major-version-2(2) minor-version-4(4)}
-
- CrlSeries
-FROM Ieee1609Dot2CrlBaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- crl(3) base-types(2) major-version-2(2) minor-version-2(2)}
-
- SecuredCrl
-FROM Ieee1609Dot2Crl {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- crl(3) protocol(1) major-version-2(2) minor-version-2(2)}
-
-
- CtlSignatureSpdu,
- MultiSignedCtlSpdu,
- SequenceOfPsid
-FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-;
-
-/**
- * @class HashedId48
- *
- * @brief This data structure contains the hash of another data structure,
- * calculated with a hash function with at least 48 bytes of output length.
- * The HashedId48 for a given data structure is calculated by calculating the
- * hash of the encoded data structure and taking the low-order 48 bytes of
- * the hash output if necessary. If the data structure is subject to
- * canonicalization it is canonicalized before hashing.
- */
- HashedId48 ::= OCTET STRING(SIZE(48))
-
-/**
- * @class CertManagementPdu
- *
- * @brief This is the parent structure for all SCMS component certificate
- * management structures. An overview of this structure is as follows:
- *
- * @param compositeCrl contains zero or more SecuredCrl as defined in IEEE
- * Std 1609.2, and the CTL.
- *
- * @param certificateChain contains a collection of certificates and the CTL.
- *
- * @param multiSignedCtl contains the CTL signed by multiple
- * signers, the electors.
- *
- * @param tbsCtlSignature contains the CTL-instance-specific information used
- * to generate a signature on the CTL.
- */
- CertManagementPdu ::= CHOICE {
- compositeCrl CompositeCrl,
- certificateChain CertificateChain,
- multiSignedCtl MultiSignedCtl,
- tbsCtlSignature ToBeSignedCtlSignature,
- infoStatus CertificateManagementInfoStatus,
- ...
- }
-
-/**
- * @class CompositeCrl
- *
- * @brief This structure is used to encapsulate CRLs and a CTL. An overview
- * of this structure is as follows:
- *
- * @param crl contains a list of signed CRLs for different (CRACA ID, CRL
- * series) pairs. The CRLs are signed individually, and this document does not
- * specify the order in which they should appear.
- *
- * @param homeCtl contains a CTL. If the composite CRL was requested via the
- * mechanisms given in 6.3.5.8, the ElectorGroupId in this CTL is the same as
- * the ElectorGroupId provided in the request. The intent is that this is the
- * “home” CTL of the requester, but this field can in practice be used to
- * provide any CTL with any ElectorGroupId value.
- */
- CompositeCrl ::= SEQUENCE {
- crl SEQUENCE SIZE(0..MAX) OF SecuredCrl,
- homeCtl MultiSignedCtlSpdu,
- ...
- }
-
-/**
- * @class CertificateChain
- *
- * @brief This structure is used to encapsulate certificates and a CTL. An
- * overview of this structure is as follows:
- *
- * @param homeCtl contains a CTL. If the certificate chain was requested via
- * the mechanisms given in 6.3.5.7, the ElectorGroupId in this CTL is the
- * same as the ElectorGroupId provided in the request. The intent is that
- * this is the “home” CTL of the requester, but this field can in practice be
- * used to provide any CTL.
- *
- * @param others contains additional valid certificates of the CAs and the
- * MAs chosen by means outside the scope of this document.
- */
- CertificateChain ::= SEQUENCE {
- homeCtl MultiSignedCtlSpdu,
- others SEQUENCE SIZE(0..MAX) OF Certificate,
- ...
- }
-
-/**
- * @class MultiSignedCtl
- *
- * @brief This structure a certificate trust list (CTL) signed by multiple
- * signers, the electors. An overview of this structure is as follows:
- *
- * @param type contains the type of the multi-signed CTL. Only one type of
- * multi-signed CTL is supported in this version of this document.
- *
- * @param tbsCtl contains the CTL contents.
- *
- * @param unsigned contains data that are associated with the CTL and that
- * are not included directly in tbsCtl. For example, if the type is
- * fullIeeeCtlType, the FullIeeeTbsCtl contains the hashes of the
- * certificates, and the certificates themselves are contained in unsigned.
- *
- * @param signatures contains the signatures. How the signatures are
- * calculated is specified in the definition of ToBeSignedCtlSignature. The
- * number of signatures shall be no more than the number of electors. Each
- * signature shall have been generated by a distinct elector.
- */
- MultiSignedCtl ::= SEQUENCE {
- type IEEE-1609-2-1-MSCTL.&type({Ieee1609dot2dot1Ctls}),
- tbsCtl IEEE-1609-2-1-MSCTL.&TbsCtl({Ieee1609dot2dot1Ctls}{@.type}),
- unsigned IEEE-1609-2-1-MSCTL.&UnsignedCtlMaterial({
- Ieee1609dot2dot1Ctls}{@.type}),
- signatures SEQUENCE (SIZE(1..MAX)) OF CtlSignatureSpdu
- }
-
-/**
- * @class IEEE-1609-2-1-MSCTL
- *
- * @brief This is the ASN.1 Information Object Class used to associate
- * multisigned CTL type identifiers, CTL contents, and unsigned material. In
- * this structure:
- *
- * @param type contains the type, an Ieee1609dot2dot1MsctlType.
- *
- * @param TbsCtl contains the CTL contents.
- *
- * @param UnsignedCtlMaterial contains unsigned material associated with the
- * CTL, as specified in 7.3.11.
- */
- IEEE-1609-2-1-MSCTL ::= CLASS {
- &type Ieee1609dot2dot1MsctlType,
- &TbsCtl,
- &UnsignedCtlMaterial
- } WITH SYNTAX {&TbsCtl IDENTIFIED BY &type USING &UnsignedCtlMaterial}
-
-/**
- * @class Ieee1609dot2dot1Ctls
- *
- * @brief This is the Information Object Set containing the instances of the
- * IEEE-1609-2-1-MSCTL class that are specified for use. Only one instance is
- * specified for use in this version of this document.
- */
- Ieee1609dot2dot1Ctls IEEE-1609-2-1-MSCTL ::= {
- {FullIeeeTbsCtl IDENTIFIED BY fullIeeeCtl USING SequenceOfCertificate}
- , ...
- }
-
-/**
- * @class Ieee1609dot2dot1MsctlType
- *
- * @brief This is the integer used to identify the type of the CTL.
- */
- Ieee1609dot2dot1MsctlType ::= INTEGER (0..255)
- fullIeeeCtl Ieee1609dot2dot1MsctlType ::= 1
-
-/**
- * @class FullIeeeTbsCtl
- *
- * @brief This structure specifies a CTL that contains information about the
- * complete set of certificates trusted by the electors that sign the CTL. An
- * overview of this structure is as follows:
- *
- *
NOTE 1: If in future CTL types are defined that contain the same
- * information as, or a subset of the information in, the fullIeeeCtl, those
- * types are anticipated to contain the same sequence number as the
- * corresponding fullIeeeCtl.
- *
- *
NOTE 2: Any root CA or elector certificate that is not on the CTL is
- * not trusted. The electorRemove and rootCaRemove are intended to be used
- * only if the SCMS manager wants to explicitly indicate that a previously
- * trusted entity (elector or root CA) is now not trusted even though that
- * entity's certificate is still within its validity period. In practice, it
- * is anticipated that the remove fields (electorRemove and rootCaRemove)
- * will almost always be sequences of length 0.
- *
- * @param type contains the type of the CTL. It is identical to the type
- * field that appears in the enclosing MultiSignedCtl. The field is included
- * here as well to provide the simplest mechanism to help ensure that the
- * type is included in the calculated CTL hash.
- *
- * @param electorGroupId contains the group of electors that have signed the
- * CTL. It plays a role similar to CrlSeries in a CRL. This field is intended
- * to be globally unique in the universe of all systems that use the
- * MultiSignedCtl. See the specification of ElectorGroupId for discussion of
- * a convention that can be followed to enable uniqueness.
- *
- * @param sequenceNumber contains the sequence number of the CTL. This is
- * incremented by 1 every time a new FullIeeeTbsCtl is issued.
- *
- * @param effectiveDate contains the time when the CTL is to take effect.
- * This is to be greater than or equal to the effectiveDate field in the CTL
- * with the same electorGroupId and the previous sequence number.
- *
- * @param electorApprove contains the list of hashes of the elector
- * certificates that are approved as of the effective date. The hash is
- * calculated with the same hash algorithm that is used to hash the elector
- * certificate for signing.
- *
- * @param electorRemove contains the list of hashes of the elector
- * certificates that are valid (that is, not expired) on the effective date and
- * are not approved, as of the effective date, to sign a CTL. The hash is
- * calculated with the same hash algorithm that is used to hash the elector
- * certificate for signing. This field is to be considered informational as a
- * certificate that is not included in electorApprove is not valid even if it
- * does not appear in electorRemove.
- *
- * @param rootCaApprove contains the list of root CA certificates that are
- * approved as of the effective date. The hash is calculated with the same
- * hash algorithm that is used to hash the root certificate for signing. If
- * the root certificate is signed with a hash function with a 48 octet
- * output, this is truncated to the low-order 32 bytes for inclusion in the
- * CTL.
- *
- * @param rootCaRemove contains the list of root CA certificates that are
- * valid (that is, not expired) on the effective date and are not approved, as
- * of the effective date, to issue certificates or carry out other
- * activities. If the root certificate is signed with a hash function
- * with a 48 octet output, this is truncated to the low-order 32 bytes for
- * inclusion in the CTL. This field is to be considered informational as a
- * certificate that is not included in rootCaApprove is not valid even if it
- * does not appear in rootCaRemove.
- *
- * @param quorum contains the quorum, that is, the number of the electors
- * required to sign the next CTL with the same ElectorGroupId value for that
- * CTL to be trusted. If this field is absent, the quorum for the next CTL is
- * equal to the quorum for the current CTL.
- */
- FullIeeeTbsCtl ::= SEQUENCE {
- type Ieee1609dot2dot1MsctlType(fullIeeeCtl),
- electorGroupId ElectorGroupId,
- sequenceNumber CtlSequenceNumber,
- effectiveDate Time32,
- electorApprove SEQUENCE OF CtlElectorEntry,
- electorRemove SEQUENCE OF CtlElectorEntry,
- rootCaApprove SEQUENCE OF CtlRootCaEntry,
- rootCaRemove SEQUENCE OF CtlRootCaEntry,
- ...,
- quorum INTEGER
- }
-
-/**
- * @class ElectorGroupId
- *
- * @brief This structure identifies a group of electors that sign a series of
- * CTLs for a specific purpose. Registration of ElectorGroupId values is
- * managed by the IEEE RA; see http://standards.ieee.org/regauth. A list of
- * assigned ElectorGroupId values is provided in K.1.
- */
- ElectorGroupId ::= OCTET STRING (SIZE(8))
-
-/**
- * @class CtlSequenceNumber
- *
- * @brief This structure is used to encode the CTL sequence number. This
- * document does not specify semantics of this type once it reaches its
- * maximum value.
- */
- CtlSequenceNumber ::= INTEGER(0..65535)
-
-/**
- * @class CtlElectorEntry
- *
- * @brief This structure contains the hash of an elector certificate.
- */
- CtlElectorEntry ::= HashedId48
-
-/**
- * @class CtlRootCaEntry
- *
- * @brief This structure contains the hash of a root CA certificate.
- */
- CtlRootCaEntry ::= HashedId32
-
-/**
- * @class ToBeSignedCtlSignature
- *
- * @brief This structure contains the CTL-instance-specific information used
- * to generate a signature on the CTL. An overview of this structure is as
- * follows:
- *
- * @param electorGroupId contains the ElectorGroupId that appears in the CTL.
- *
- * @param ctlType identifies the type of the CTL.
- *
- * @param sequenceNumber contains the sequence number of the CTL being signed.
- *
- * @param tbsCtlHash contains the hash of the C-OER encoded tbsCtl field
- * in the MultiSignedCtl. The hash is calculated using the same hash
- * algorithm that is used to generate the signature on this structure when it
- * is contained in a CtlSignatureSpdu. This algorithm can be determined from
- * the headers of the CtlSignatureSpdu.
- */
- ToBeSignedCtlSignature ::= SEQUENCE {
- electorGroupId ElectorGroupId,
- ctlType Ieee1609dot2dot1MsctlType,
- sequenceNumber CtlSequenceNumber,
- tbsCtlHash HashedId48
- }
-
-/**
- * @class CertificateManagementInfoStatus
- *
- * @brief This structure contains the status of different certificate
- * management information, including CRLs, CTLs, and individual certificates
- * of CAs, MAs, and the RA.
- *
- * @param crl contains the status information for CRLs.
- *
- * @param ctl contains the status information for CTLs.
- *
- * @param caCcf contains the time of the last update of any of the CA
- * certificates in the CCF.
- *
- * @param ma contains the status information for MA certificates.
- *
- * @param ra contains the time of the last update of the RA's certificate.
- * It is omitted if this structure is not sent by an RA.
- */
- CertificateManagementInfoStatus ::= SEQUENCE {
- crl SequenceOfCrlInfoStatus,
- ctl SequenceOfCtlInfoStatus,
- caCcf Time32,
- ma SequenceOfMaInfoStatus,
- ra Time32 OPTIONAL,
- ...
- }
-
-/**
- * @class SequenceOfCtlInfoStatus
- *
- * @brief This type is used for clarity of definitions.
- */
- SequenceOfCtlInfoStatus ::= SEQUENCE OF CtlInfoStatus
-
-/**
- * @class CtlInfoStatus
- *
- * @brief This structure contains the status information for a CTL.
- *
- * @param electorGroupId contains the elector group ID of the CTL.
- *
- * @param sequenceNumber contains the sequence number of the CTL.
- *
- * @param lastUpdate contains the time of the last update of the CTL.
- */
- CtlInfoStatus ::= SEQUENCE {
- electorGroupId ElectorGroupId,
- sequenceNumber CtlSequenceNumber,
- lastUpdate Time32,
- ...
-}
-
-/**
- * @class SequenceOfCrlInfoStatus
- *
- * @brief This type is used for clarity of definitions.
- */
- SequenceOfCrlInfoStatus ::= SEQUENCE OF CrlInfoStatus
-
-/**
- * @class SequenceOfCrlInfoStatus
- *
- * @brief This structure contains the status information for a CRL.
- *
- * @param cracaId contains the CRACA ID of the CRL.
- *
- * @param series contains the CRL series of the CRL.
- *
- * @param issueDate contains the time of the last update of the CRL.
- */
- CrlInfoStatus ::= SEQUENCE {
- cracaId HashedId8,
- series CrlSeries,
- issueDate Time32,
- ...
-}
-
-/**
- * @class SequenceOfMaInfoStatus
- *
- * @brief This type is used for clarity of definitions.
- */
- SequenceOfMaInfoStatus ::= SEQUENCE OF MaInfoStatus
-
-/**
- * @class MaInfoStatus
- *
- * @brief This structure contains the status information for an MA's
- * certificate.
- *
- * @param psids contains the PSIDs associated with the misbehavior that is to
- * be reported to that MA.
- *
- * @param updated contains the time of the last update of the MA's certificate.
- */
- MaInfoStatus ::= SEQUENCE {
- psids SequenceOfPsid,
- updated Time32,
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: Certificate Management --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1CertManagement {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) cert-management(7)
+ major-version-3(3) minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ Certificate,
+ SequenceOfCertificate
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ HashedId8,
+ HashedId32,
+ HashedId48,
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ CrlSeries
+FROM Ieee1609Dot2CrlBaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ crl(3) base-types(2) major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+
+ SecuredCrl
+FROM Ieee1609Dot2Crl {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ crl(3) major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+
+ CtlSignatureSpdu,
+ MultiSignedCtlSpdu,
+ SequenceOfPsid
+FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all SCMS component certificate
+ * management structures. An overview of this structure is as follows:
+ *
+ * @param compositeCrl: contains zero or more SecuredCrl as defined in IEEE
+ * Std 1609.2, and the CTL.
+ *
+ * @param certificateChain: contains a collection of certificates and the CTL.
+ *
+ * @param multiSignedCtl: contains the CTL signed by multiple
+ * signers, the electors.
+ *
+ * @param tbsCtlSignature: contains the CTL-instance-specific information used
+ * to generate a signature on the CTL.
+ */
+CertManagementPdu ::= CHOICE {
+ compositeCrl CompositeCrl,
+ certificateChain CertificateChain,
+ multiSignedCtl MultiSignedCtl,
+ tbsCtlSignature ToBeSignedCtlSignature,
+ infoStatus CertificateManagementInfoStatus,
+ ...
+}
+
+/**
+ * @brief This structure is used to encapsulate CRLs and a CTL. An overview
+ * of this structure is as follows:
+ *
+ * @param crl: contains a list of signed CRLs for different (CRACA ID, CRL
+ * series) pairs. The CRLs are signed individually, and this document does not
+ * specify the order in which they should appear.
+ *
+ * @param homeCtl: contains a CTL. If the composite CRL was requested via the
+ * mechanisms given in 6.3.5.8, the CtlSeriesId in this CTL is the same as
+ * the CtlSeriesId provided in the request. The intent is that this is the
+ * "home" CTL of the requester, but this field can in practice be used to
+ * provide any CTL with any CtlSeriesId value.
+ */
+CompositeCrl ::= SEQUENCE {
+ crl SEQUENCE SIZE(0..MAX) OF SecuredCrl,
+ homeCtl MultiSignedCtlSpdu,
+ ...
+}
+
+/**
+ * @brief This structure is used to encapsulate certificates and a CTL. An
+ * overview of this structure is as follows:
+ *
+ * @param homeCtl: contains a CTL. If the certificate chain was requested via
+ * the mechanisms given in 6.3.5.7, the CtlSeriesId in this CTL is the
+ * same as the CtlSeriesId provided in the request. The intent is that
+ * this is the "home" CTL of the requester, but this field can in practice be
+ * used to provide any CTL.
+ *
+ * @param others: contains additional valid certificates of the CAs and the
+ * MAs chosen by means outside the scope of this document.
+ */
+CertificateChain ::= SEQUENCE {
+ homeCtl MultiSignedCtlSpdu,
+ others SEQUENCE SIZE(0..MAX) OF Certificate,
+ ...
+}
+
+/**
+ * @brief This structure a certificate trust list (CTL) signed by multiple
+ * signers, the electors. An overview of this structure is as follows:
+ *
+ * @param type: contains the type of the multi-signed CTL. Only one type of
+ * multi-signed CTL is supported in this version of this document.
+ *
+ * @param tbsCtl: contains the CTL contents.
+ *
+ * @param unsigned: contains data that are associated with the CTL and that
+ * are not included directly in tbsCtl. For example, if the type is
+ * fullIeeeCtlType, the FullIeeeTbsCtl contains the hashes of the
+ * certificates, and the certificates themselves are contained in unsigned.
+ *
+ * @param signatures: contains the signatures. How the signatures are
+ * calculated is specified in the definition of ToBeSignedCtlSignature. The
+ * number of signatures shall be no more than the number of electors. Each
+ * signature shall have been generated by a distinct elector.
+ */
+MultiSignedCtl ::= SEQUENCE {
+ type IEEE-1609-2-1-MSCTL.&type({
+ Ieee1609dot2dot1Ctls
+ }),
+ tbsCtl IEEE-1609-2-1-MSCTL.&TbsCtl({
+ Ieee1609dot2dot1Ctls
+ }{@.type}),
+ unsigned IEEE-1609-2-1-MSCTL.&UnsignedCtlMaterial({
+ Ieee1609dot2dot1Ctls
+ }{@.type}),
+ signatures SEQUENCE (SIZE(1..MAX)) OF CtlSignatureSpdu
+}
+
+/**
+ * @brief This is the ASN.1 Information Object Class used to associate
+ * multisigned CTL type identifiers, CTL contents, and unsigned material. In
+ * this structure:
+ *
+ * @param type: contains the type, an Ieee1609dot2dot1MsctlType.
+ *
+ * @param TbsCtl: contains the CTL contents.
+ *
+ * @param UnsignedCtlMaterial: contains unsigned material associated with the
+ * CTL, as specified in 7.3.11.
+ */
+IEEE-1609-2-1-MSCTL ::= CLASS {
+ &type Ieee1609dot2dot1MsctlType,
+ &TbsCtl,
+ &UnsignedCtlMaterial
+} WITH SYNTAX {&TbsCtl IDENTIFIED BY &type USING &UnsignedCtlMaterial}
+
+/**
+ * @brief This is the Information Object Set containing the instances of the
+ * IEEE-1609-2-1-MSCTL class that are specified for use. Only one instance is
+ * specified for use in this version of this document.
+ */
+Ieee1609dot2dot1Ctls IEEE-1609-2-1-MSCTL ::= {
+ {FullIeeeTbsCtl IDENTIFIED BY
+ fullIeeeCtl USING SequenceOfCertificate},
+ ...
+}
+
+/**
+ * @brief This is the integer used to identify the type of the CTL.
+ */
+Ieee1609dot2dot1MsctlType ::= INTEGER (0..255)
+
+fullIeeeCtl Ieee1609dot2dot1MsctlType ::= 1
+
+/**
+ * @brief This structure specifies a CTL that contains information about the
+ * complete set of certificates trusted by the electors that sign the CTL. An
+ * overview of this structure is as follows:
+ *
+ * @note:
+ * - If in future CTL types are defined that contain the same
+ * information as, or a subset of the information in, the fullIeeeCtl, those
+ * types are anticipated to contain the same sequence number as the
+ * corresponding fullIeeeCtl.
+ *
+ * - Any root CA or elector certificate that is not on the CTL is
+ * not trusted. The electorRemove and rootCaRemove are intended to be used
+ * only if the SCMS manager wants to explicitly indicate that a previously
+ * trusted entity (elector or root CA) is now not trusted even though that
+ * entity's certificate is still within its validity period. In practice, it
+ * is anticipated that the remove fields (electorRemove and rootCaRemove)
+ * will almost always be sequences of length 0.
+ *
+ * @param type: contains the type of the CTL. It is identical to the type
+ * field that appears in the enclosing MultiSignedCtl. The field is included
+ * here as well to provide the simplest mechanism to help ensure that the
+ * type is included in the calculated CTL hash.
+ *
+ * @param CtlSeriesId: contains the group of electors that have signed the
+ * CTL. It plays a role similar to CrlSeries in a CRL. This field is intended
+ * to be globally unique in the universe of all systems that use the
+ * MultiSignedCtl. See the specification of CtlSeriesId for discussion of
+ * a convention that can be followed to enable uniqueness.
+ *
+ * @param sequenceNumber: contains the sequence number of the CTL. This is
+ * incremented by 1 every time a new FullIeeeTbsCtl is issued.
+ *
+ * @param effectiveDate: contains the time when the CTL is to take effect.
+ * This is to be greater than or equal to the effectiveDate field in the CTL
+ * with the same CtlSeriesId and the previous sequence number.
+ *
+ * @param electorApprove: contains the list of hashes of the elector
+ * certificates that are approved as of the effective date. The hash is
+ * calculated with the same hash algorithm that is used to hash the elector
+ * certificate for signing.
+ *
+ * @param electorRemove: contains the list of hashes of the elector
+ * certificates that are valid (that is, not expired) on the effective date and
+ * are not approved, as of the effective date, to sign a CTL. The hash is
+ * calculated with the same hash algorithm that is used to hash the elector
+ * certificate for signing. This field is to be considered informational as a
+ * certificate that is not included in electorApprove is not valid even if it
+ * does not appear in electorRemove.
+ *
+ * @param rootCaApprove: contains the list of root CA certificates that are
+ * approved as of the effective date. The hash is calculated with the same
+ * hash algorithm that is used to hash the root certificate for signing. If
+ * the root certificate is signed with a hash function with a 48 octet
+ * output, this is truncated to the low-order 32 bytes for inclusion in the
+ * CTL.
+ *
+ * @param rootCaRemove: contains the list of root CA certificates that are
+ * valid (that is, not expired) on the effective date and are not approved, as
+ * of the effective date, to issue certificates or carry out other
+ * activities. If the root certificate is signed with a hash function
+ * with a 48 octet output, this is truncated to the low-order 32 bytes for
+ * inclusion in the CTL. This field is to be considered informational as a
+ * certificate that is not included in rootCaApprove is not valid even if it
+ * does not appear in rootCaRemove.
+ *
+ * @param quorum: contains the quorum, that is, the number of the electors
+ * required to sign the next CTL with the same CtlSeriesId value for that
+ * CTL to be trusted. If this field is absent, the quorum for the next CTL
+ * shall be the quorum for the current CTL.
+ */
+FullIeeeTbsCtl ::= SEQUENCE {
+ type Ieee1609dot2dot1MsctlType(fullIeeeCtl),
+ ctlSeriesId CtlSeriesId,
+ sequenceNumber CtlSequenceNumber,
+ effectiveDate Time32,
+ electorApprove SEQUENCE OF CtlElectorEntry,
+ electorRemove SEQUENCE OF CtlElectorEntry,
+ rootCaApprove SEQUENCE OF CtlRootCaEntry,
+ rootCaRemove SEQUENCE OF CtlRootCaEntry,
+ ...,
+ quorum INTEGER
+}
+
+/**
+ * @brief This structure identifies a group of electors that sign a series of
+ * CTLs for a specific purpose. Registration of CtlSeriesId values is
+ * managed by the IEEE RA; see http://standards.ieee.org/regauth. A list of
+ * assigned CtlSeriesId values is provided in K.1.
+ */
+CtlSeriesId ::= OCTET STRING (SIZE(8))
+
+/**
+ * @brief This structure is used to encode the CTL sequence number. This
+ * document does not specify semantics of this type once it reaches its
+ * maximum value.
+ */
+CtlSequenceNumber ::= INTEGER(0..65535)
+
+/**
+ * @brief This structure contains the hash of an elector certificate.
+ */
+CtlElectorEntry ::= HashedId48
+
+/**
+ * @brief This structure contains the hash of a root CA certificate.
+ */
+CtlRootCaEntry ::= HashedId32
+
+/**
+ * @brief This structure contains the CTL-instance-specific information used
+ * to generate a signature on the CTL. An overview of this structure is as
+ * follows:
+ *
+ * @param ctlSeriesId: contains the CtlSeriesId that appears in the CTL.
+ *
+ * @param ctlType: identifies the type of the CTL.
+ *
+ * @param sequenceNumber: contains the sequence number of the CTL being signed.
+ *
+ * @param tbsCtlHash: contains the hash of the C-OER encoded tbsCtl field
+ * in the MultiSignedCtl. The hash is calculated using the same hash
+ * algorithm that is used to generate the signature on this structure when it
+ * is contained in a CtlSignatureSpdu. This algorithm can be determined from
+ * the headers of the CtlSignatureSpdu.
+ */
+ToBeSignedCtlSignature ::= SEQUENCE {
+ ctlSeriesId CtlSeriesId,
+ ctlType Ieee1609dot2dot1MsctlType,
+ sequenceNumber CtlSequenceNumber,
+ tbsCtlHash HashedId48
+}
+
+/**
+ * @brief This structure contains the status of different certificate
+ * management information, including CRLs, CTLs, and individual certificates
+ * of CAs, MAs, and the RA.
+ *
+ * @param crl: contains the status information for CRLs.
+ *
+ * @param ctl: contains the status information for CTLs.
+ *
+ * @param caCcf: contains the time of the last update of any of the CA
+ * certificates in the CCF.
+ *
+ * @param ma: contains the status information for MA certificates.
+ *
+ * @param ra: shall be present and contain the time of last update of the RA's
+ * certificate, if this structure is sent by an RA.
+ */
+CertificateManagementInfoStatus ::= SEQUENCE {
+ crl SequenceOfCrlInfoStatus,
+ ctl SequenceOfCtlInfoStatus,
+ caCcf Time32,
+ ma SequenceOfMaInfoStatus,
+ ra Time32 OPTIONAL,
+ ...
+}
+
+/**
+ * @brief This type is used for clarity of definitions.
+ */
+SequenceOfCtlInfoStatus ::= SEQUENCE OF CtlInfoStatus
+
+/**
+ * @brief This structure contains the status information for a CTL.
+ *
+ * @param ctlSeriesId: contains the elector group ID of the CTL.
+ *
+ * @param sequenceNumber: contains the sequence number of the CTL.
+ *
+ * @param lastUpdate: contains the time of the last update of the CTL.
+ */
+CtlInfoStatus ::= SEQUENCE {
+ ctlSeriesId CtlSeriesId,
+ sequenceNumber CtlSequenceNumber,
+ lastUpdate Time32,
+ ...
+}
+
+/**
+ * @brief This type is used for clarity of definitions.
+ */
+SequenceOfCrlInfoStatus ::= SEQUENCE OF CrlInfoStatus
+
+/**
+ * @brief This structure contains the status information for a CRL.
+ *
+ * @param cracaId: contains the CRACA ID of the CRL.
+ *
+ * @param series: contains the CRL series of the CRL.
+ *
+ * @param issueDate: contains the time of the last update of the CRL.
+ */
+CrlInfoStatus ::= SEQUENCE {
+ cracaId HashedId8,
+ series CrlSeries,
+ issueDate Time32,
+ ...
+}
+
+/**
+ * @brief This type is used for clarity of definitions.
+ */
+SequenceOfMaInfoStatus ::= SEQUENCE OF MaInfoStatus
+
+/**
+ * @brief This structure contains the status information for an MA's
+ * certificate.
+ *
+ * @param psids: contains the PSIDs associated with the misbehavior that is to
+ * be reported to that MA.
+ *
+ * @param updated: contains the time of the last update of the MA's certificate.
+ */
+MaInfoStatus ::= SEQUENCE {
+ psids SequenceOfPsid,
+ updated Time32,
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1EcaEeInterface.asn b/Ieee1609Dot2Dot1EcaEeInterface.asn
index e82fc0c85ea965f9dc5dc455a4e26fe0ea71871c..c325a77b569e5b7de7aa38c14e12486ffe51259f 100755
--- a/Ieee1609Dot2Dot1EcaEeInterface.asn
+++ b/Ieee1609Dot2Dot1EcaEeInterface.asn
@@ -1,177 +1,172 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: ECA - EE Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1EcaEeInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) eca-ee(9) major-version-2(2)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- EccP256CurvePoint,
- HashedId8,
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- Certificate,
- CertificateType,
- SequenceOfCertificate
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base (1) schema (1) major-version-2(2) minor-version-4(4)}
-
- PublicVerificationKey,
- ToBeSignedCertificate
-FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-;
-
-/**
- * @class EcaEeInterfacePDU
- *
- * @brief This is the parent structure for all structures exchanged between
- * the ECA and the EE. An overview of this structure is as follows:
- *
- * @param eeEcaCertRequest contains the enrollment certificate request sent
- * by the EE to the ECA.
- *
- * @param ecaEeCertResponse contains the enrollment certificate response sent
- * by the ECA to the EE.
- */
- EcaEeInterfacePdu::= CHOICE {
- eeEcaCertRequest EeEcaCertRequest,
- ecaEeCertResponse EcaEeCertResponse,
- ...
- }
-
-/**
- * @class EeEcaCertRequest
- *
- * @brief This structure contains parameters needed to request an enrollment
- * certificate from the ECA. The ECA may, subject to policy, issue an
- * enrollment certificate with different contents than the contents requested.
- * An overview of this structure is as follows:
- *
- *
NOTE 1: The tbsCert.cracaId and tbsCert.crlSeries are set to the
- * indicated values in the corresponding EeEcaCertRequest. In the issued
- * enrollment certificate, they may have different values, set by the ECA.
- *
- *
NOTE 2: The EE uses the type field to indicate whether it is
- * requesting an explicit or an implicit enrollment certificate. A policy is
- * anticipated that determines what type of certificate is appropriate for a
- * given set of circumstances (such as PSIDs, other end entity information,
- * and locality) and that if the EE has requested a kind of certificate that
- * is not allowed by policy, the ECA returns an error to the EE.
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of EeEcaCertRequest.
- *
- * @param type indicates whether the request is for an explicit or implicit
- * certificate (see 4.1.1, 4.1.4.3.1).
- *
- * @param tbsCert contains the parameters used by the ECA to generate the
- * enrollment certificate. tbsCert.verifyKeyIndicator.verificationKey
- * contains the public key information sent by the requester. The
- * verifyKeyIndicator field indicates the choice verificationKey even if type
- * is implicit, as this allows the requester to indicate which signature
- * algorithm and curve they are requesting. The value in this field is used
- * as the verification key in the certificate if the certificate issued in
- * response to this request is explicit, and as the input public key value
- * for implicit certificate generation if the certificate issued in response
- * to this request is implicit.
- *
- * @param canonicalId is the canonical identifier for the device per 4.1.4.2.
- * If it is present, it indicates that the enclosing EeEcaCertRequestSpdu has
- * been signed by the canonical private key. The receiver is intended to use
- * the canonicalId to look up the canonical public key to verify the
- * certificate request.
- */
- EeEcaCertRequest ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- type CertificateType,
- tbsCert ToBeSignedCertificate (WITH COMPONENTS {
- ...,
- id (WITH COMPONENTS {
- ...,
- linkageData ABSENT
- }),
- cracaId ('000000'H),
- crlSeries (0),
- appPermissions ABSENT,
- certIssuePermissions ABSENT,
- certRequestPermissions PRESENT,
- verifyKeyIndicator (WITH COMPONENTS {
- verificationKey
- })
- }),
- canonicalId IA5String OPTIONAL,
- ...
- }
-
-/**
- * @class EcaEeCertResponse
- *
- * @brief This structure is used by the ECA to respond to an EE's enrollment
- * certificate request. Additional bootstrapping information including the
- * RA's certificate are provided by the DCM. The specification of the DCM is
- * outside the scope of this document. An overview of this structure is as
- * follows:
- *
- *
NOTE: The ECA uses the tbsCert.verifyKeyIndicator field in the
- * EeEcaCertRequest to determine whether the EE is requesting an explicit or
- * an implicit enrollment certificate. A policy is anticipated that
- * determines what type of certificate is appropriate for a given set of
- * circumstances (such as PSIDs, other end entity information, and locality)
- * and that if the EE has requested a kind of certificate that is not
- * allowed by policy, the ECA returns an error to the EE.
- *
- * @param version contains the current version of the structure.
- *
- * @param requestHash contains the following hash:
- *
- * - EeEcaCertRequestSPDU, if the corresponding request was
- * EeEcaCertRequestSPDU.
- *
- * - EeRaSuccessorEnrollmentCertRequestSpd, if the corresponding request
- * was EeRaSuccessorEnrollmentCertRequestSpd.
- *
- *
- * @param ecaCertChain contains the ECA's currently valid certificate and the
- * certificate chain, up to and including the root CA.
- *
- * @param certificate contains the enrollment certificate generated by the
- * ECA, which shall be of the type indicated by the type field in the
- * corresponding request.
- *
- * @param privateKeyInfo contains the private key reconstruction value, if
- * certificate.type is implicit. This is used by the EE as specified in
- * 9.3.5.1.
- */
- EcaEeCertResponse ::= SEQUENCE {
- version Uint8 (2),
- requestHash HashedId8,
- ecaCertChain SequenceOfCertificate,
- certificate Certificate,
- privateKeyInfo OCTET STRING (SIZE(32)) OPTIONAL,
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: ECA - EE Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1EcaEeInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) eca-ee(9) major-version-3(3)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ Certificate,
+ CertificateType,
+ SequenceOfCertificate
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ EccP256CurvePoint,
+ HashedId8,
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ PublicVerificationKey,
+ ToBeSignedCertificate
+FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all structures exchanged between
+ * the ECA and the EE. An overview of this structure is as follows:
+ *
+ * @param eeEcaCertRequest: contains the enrollment certificate request sent
+ * by the EE to the ECA.
+ *
+ * @param ecaEeCertResponse: contains the enrollment certificate response sent
+ * by the ECA to the EE.
+ */
+EcaEeInterfacePdu::= CHOICE {
+ eeEcaCertRequest EeEcaCertRequest,
+ ecaEeCertResponse EcaEeCertResponse,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters needed to request an enrollment
+ * certificate from the ECA. The ECA may, subject to policy, issue an
+ * enrollment certificate with different contents than the contents requested.
+ * An overview of this structure is as follows:
+ *
+ * @note:
+ * - The tbsCert.cracaId and tbsCert.crlSeries are set to the
+ * indicated values in the corresponding EeEcaCertRequest. In the issued
+ * enrollment certificate, they may have different values, set by the ECA.
+ * - The EE uses the type field to indicate whether it is
+ * requesting an explicit or an implicit enrollment certificate. A policy is
+ * anticipated that determines what type of certificate is appropriate for a
+ * given set of circumstances (such as PSIDs, other end entity information,
+ * and locality) and that if the EE has requested a kind of certificate that
+ * is not allowed by policy, the ECA returns an error to the EE.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of EeEcaCertRequest.
+ *
+ * @param type: indicates whether the request is for an explicit or implicit
+ * certificate (see 4.1.1, 4.1.4.3.1).
+ *
+ * @param tbsCert: contains the parameters used by the ECA to generate the
+ * enrollment certificate. tbsCert.verifyKeyIndicator.verificationKey
+ * contains the public key information sent by the requester. The
+ * verifyKeyIndicator field indicates the choice verificationKey even if type
+ * is implicit, as this allows the requester to indicate which signature
+ * algorithm and curve they are requesting. The value in this field is used
+ * as the verification key in the certificate if the certificate issued in
+ * response to this request is explicit, and as the input public key value
+ * for implicit certificate generation if the certificate issued in response
+ * to this request is implicit.
+ *
+ * @param canonicalId: shall be present and contain the canonical identifier
+ * for the device per 4.1.4.2, if the enclosing EeEcaCertRequestSpdu was
+ * signed by the canonical private key. The receiver is intended to use the
+ * canonicalId to look up the canonical public key to verify the certificate
+ * request.
+ */
+EeEcaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ id (WITH COMPONENTS {
+ ...,
+ linkageData ABSENT
+ }),
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions ABSENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions PRESENT,
+ verifyKeyIndicator (WITH COMPONENTS {
+ verificationKey
+ })
+ }),
+ canonicalId IA5String OPTIONAL,
+ ...
+}
+
+/**
+ * @brief This structure is used by the ECA to respond to an EE's enrollment
+ * certificate request. Additional bootstrapping information including the
+ * RA's certificate are provided by the DCM. The specification of the DCM is
+ * outside the scope of this document. An overview of this structure is as
+ * follows:
+ *
+ * The definition of validity for a certificate request, including
+ * constraints on the fields in this structure, is specified in 10.1.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of EcaEeCertResponse.
+ *
+ * @param requestHash: contains the following hash:
+ * - EeEcaCertRequestSPDU, if the corresponding request was
+ * EeEcaCertRequestSPDU. This is calculated without "canonicalizing" the
+ * signature, i.e., it is calculated over the signature as given in the
+ * EeEcaCertRequestSpdu without re-encoding the signature's r component in
+ * x-coordinate-only form. See IEEE Std 1609.2 for further details on
+ * canonicalization.
+ * - EeRaSuccessorEnrollmentCertRequestSpd, if the corresponding request
+ * was EeRaSuccessorEnrollmentCertRequestSpd.
+ *
+ * @param ecaCertChain: contains the ECA's currently valid certificate and the
+ * certificate chain, up to and including the root CA.
+ *
+ * @param certificate: contains the enrollment certificate generated by the
+ * ECA, which shall be of the type indicated by the type field in the
+ * corresponding request.
+ *
+ * @param privateKeyInfo: shall be present and contain the private key
+ * reconstruction value, if certificate.type is implicit. This is used by the
+ * EE as specified in 9.3.5.1.
+ */
+EcaEeCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ ecaCertChain SequenceOfCertificate,
+ certificate Certificate,
+ privateKeyInfo OCTET STRING (SIZE(32)) OPTIONAL,
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1EeMaInterface.asn b/Ieee1609Dot2Dot1EeMaInterface.asn
index 24d81bf872d205d2efa95f324533f9a0092bdb85..e0eebae73342f24b79a629d46911533b3195957f 100755
--- a/Ieee1609Dot2Dot1EeMaInterface.asn
+++ b/Ieee1609Dot2Dot1EeMaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: EE - MA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1EeMaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class EeMaInterfacePdu
- *
- * @brief This structure is currently being defined outside of this document,
- * so it is defined as NULL for purposes of this document.
- */
- EeMaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: EE - MA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1EeMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is currently being defined outside of this document,
+ * so it is defined as NULL for purposes of this document.
+ */
+EeMaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1EeRaInterface.asn b/Ieee1609Dot2Dot1EeRaInterface.asn
index 0d6586a2767c6191b102db1f0de922d886b19cc7..6384ae6d5685cf1ee48e5a0b1a179b4b13c7e6d1 100755
--- a/Ieee1609Dot2Dot1EeRaInterface.asn
+++ b/Ieee1609Dot2Dot1EeRaInterface.asn
@@ -1,325 +1,305 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: EE - RA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1EeRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-2(2)
- minor-version-2(2)
-}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- HashedId8,
- IValue,
- PublicEncryptionKey,
- Time32,
- Uint8
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- CertificateType
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- base(1) schema(1) major-version-2(2) minor-version-4(4)}
-
- EeEcaCertRequestSpdu,
- PublicVerificationKey,
- ToBeSignedCertificate
-FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-
- AcpcTreeId
-FROM Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-1(1)
- minor-version-2(2)}
-;
-
-/**
- * @class EeRaInterfacePDU
- *
- * @brief This is the parent structure for all structures exchanged between
- * the EE and the RA. An overview of this structure is as follows:
- *
- *
NOTE: This CHOICE does not include a PDU type for encrypted
- * misbehavior report upload; see 4.1.5.
- *
- * @param eeRaCertRequest contains the certificate generation request sent by
- * the EE to the RA.
- *
- * @param raEeCertAck contains the RA's acknowledgement of the receipt of
- * EeRaCertRequestSpdu.
- *
- * @param raEeCertInfo contains the information about certificate download.
- *
- * @param eeRaDownloadRequest contains the download request sent by the EE to
- * the RA.
- *
- * @param eeRaSuccessorEnrollmentCertRequest contains a self-signed request
- * for an enrollment certificate, identical in format to the one submitted
- * for an initial enrollment certificate. (This becomes a request for a
- * successor enrollment certificate by virtue of being signed by the current
- * enrollment certificate.)
- */
- EeRaInterfacePdu ::= CHOICE {
- eeRaCertRequest EeRaCertRequest,
- raEeCertAck RaEeCertAck,
- raEeCertInfo RaEeCertInfo,
- eeRaDownloadRequest EeRaDownloadRequest,
- eeRaSuccessorEnrollmentCertRequest EeEcaCertRequestSpdu,
- ...
- }
-
-/**
- * @class EeRaCertRequest
- *
- * @brief This structure contains parameters needed to request different types
- * of authorization certificates. An overview of this structure is as follows:
- *
- *
NOTE 1: In the case where the butterfly key mechanism is used to
- * derive the certificate encryption key, the value j is not communicated to
- * the ACA. However, the EE that receives the certificate response can only
- * decrypt the response if it knows j. The RA is therefore anticipated to
- * store j so that it can be associated with the appropriate certificate
- * response.
- *
- *
NOTE 2: The EE uses the type field to indicate whether it is
- * requesting an explicit or an implicit authorization certificate. A policy
- * is anticipated that determines what type of certificate is appropriate for
- * a given set of circumstances (such as PSIDs, other end entity information,
- * locality, ...) and that if the EE has requested a kind of certificate that
- * is not allowed by policy, the ACA returns an error to the EE. This implies
- * that the certificate issued by the ACA is always of type indicated in the
- * EeRaCertRequest.
- *
- *
NOTE 3 This document does not specify a method to include an
- * encryptionKey in the requested certificates, if the butterfly key
- * mechanism is used. The EE using such a certificate to sign a message can
- * request an encrypted response using the tbsData.headerInfo.encryptionKey
- * field of the SignedData; see 6.3.9, 6.3.33, 6.3.34, and 6.3.36 of
- * IEEE Std 1609.2 for more details.
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of EeRaCertRequest.
- *
- * @param type indicates whether the request is for an explicit or implicit
- * certificate (see 4.1.1 and 4.1.4.3.1).
- *
- * @param tbsCert contains the parameters to be used by the ACA to generate
- * authorization certificate(s).
- *
- * - id contains the identity information sent by the requester. If the
- * type is LinkageData, the RA replaces that in the certificates with the
- * linkage values generated with the help of the LAs and the ACA; see Annex
- * D.
- *
- * - validityPeriod contains the requested validity period of the first
- * batch of certificates.
- *
- * - region, assuranceLevel, canRequestRollover, and encryptionKey, if
- * present, contain the information sent by the requester for the requested
- * certificates.
- *
- * - verifyKeyIndicator.verificationKey contains the public key
- * information sent by the requester. The verifyKeyIndicator field indicates
- * the choice verificationKey even if type is implicit, as this allows the
- * requester to indicate which signature algorithm and curve they are
- * requesting.
- *
- *
- * - If the certificate issued in response to this request is explicit and
- * butterfly expansion is not used, the value in this field is the
- * verification key that appears in that certificate.
- *
- * - If the certificate issued in response to this request is implicit and
- * butterfly expansion is not used, the value in this field is the input
- * public key value for implicit certificate generation.
- *
- * - If butterfly expansion is used, that is, if one of (original, unified,
- * compactUnified) options is present in the field additionalParams, the
- * value in this field is combined with the values in the additionalParams
- * field as specified in 9.3.
- *
- *
- *
- * @param additionalParams contains relevant parameters for generating the
- * requested certificates using the butterfly key mechanism as specified in
- * 9.3, or for encrypting the certificates without using the butterfly key
- * mechanism. If present, the field tbsCert.verifyKeyIndicator shall be used
- * as the caterpillar public key for signing in the butterfly key mechanism.
- */
- EeRaCertRequest ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- type CertificateType,
- tbsCert ToBeSignedCertificate (WITH COMPONENTS {
- ...,
- cracaId ('000000'H),
- crlSeries (0),
- appPermissions PRESENT,
- certIssuePermissions ABSENT,
- certRequestPermissions ABSENT,
- verifyKeyIndicator (WITH COMPONENTS {
- verificationKey
- })
- }),
- additionalParams AdditionalParams OPTIONAL,
- ...
- }
-
-/**
- * @class AdditionalParams
- *
- * @brief This structure contains parameters for the butterfly key mechanism.
- * An overview of this structure is as follows:
- *
- * @param original contains the parameters for the original variant.
- *
- * @param unified contains the expansion function for signing to be used for
- * the unified variant. The caterpillar public key and expansion function for
- * encryption are the same as those for signing.
- *
- * @param compactUnified contains the expansion function for signing to be
- * used for the compact unified variant. The caterpillar public key and
- * expansion function for encryption are the same as those for signing.
- *
- * @param encryptionKey contains the public key for encrypting the
- * certificate if the butterfly key mechanism is not used.
- */
- AdditionalParams ::= CHOICE {
- original ButterflyParamsOriginal,
- unified ButterflyExpansion,
- compactUnified ButterflyExpansion,
- encryptionKey PublicEncryptionKey,
- ...
- }
-
-/**
- * @class ButterflyParamsOriginal
- *
- * @brief This structure contains parameters for the original variation of the
- * butterfly key mechanism. An overview of this structure is as follows:
- *
- * @param signingExpansion contains the expansion function for signing.
- *
- * @param encryptionKey contains the caterpillar public key for encryption.
- *
- * @param encryptionExpansion contains the expansion function for encryption.
- */
- ButterflyParamsOriginal ::= SEQUENCE {
- signingExpansion ButterflyExpansion,
- encryptionKey PublicEncryptionKey,
- encryptionExpansion ButterflyExpansion
- }
-
-/**
- * @class ButterflyExpansion
- *
- * @brief This structure contains material used in the butterfly key
- * calculations as specified in 9.3.5.1 and 9.3.5.2. An overview of this
- * structure is as follows:
- *
- * @param aes128 indicates that the symmetric algorithm used in the expansion
- * function is AES-128 with the indicated 16 byte string used as the key.
- */
- ButterflyExpansion ::= CHOICE {
- aes128 OCTET STRING (SIZE(16)),
- ...
- }
-
-/**
- * @class RaEeCertAck
- *
- * @brief This structure is used to create the acknowledgement for certificate
- * requests. An overview of this structure is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of RaEeCertAck.
- *
- * @param requestHash contains the hash of the corresponding
- * EeRaCertRequestSpdu.
- *
- * @param firstI contains the i-value that will be associated with the first
- * certificate or certificate batch that will be made available to the EE. The
- * EE uses this to form the download filename for the download request as
- * specified in 8.2.2.
- *
- * @param nextDlTime contains the time after which the EE should connect to
- * the RA to download the certificates.
- */
- RaEeCertAck ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- requestHash HashedId8,
- firstI IValue OPTIONAL,
- nextDlTime Time32,
- ...
- }
-
-/**
- * @class RaEeCertInfo
- *
- * @brief This structure is used to create the info file that accompanies a
- * batch of certificates for download as specified in 8.2.3. It is used when
- * certificates were generated using the butterfly key expansion mechanism
- * specified in 9.3. An overview of this structure is as follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param generationTime contains the generation time of RaEeCertInfo.
- *
- * @param currentI contains the i-value associated with the batch of
- * certificates.
- *
- * @param requestHash contains the hash of the corresponding
- * EeRaCertRequestSpdu.
- *
- * @param nextDlTime contains the time after which the EE should connect to
- * the RA to download the certificates.
- *
- * @param acpcTreeId contains the ACPC Tree Id if the certificates were
- * generated using ACPC as specified in 9.5.
- */
- RaEeCertInfo ::= SEQUENCE {
- version Uint8 (2),
- generationTime Time32,
- currentI IValue,
- requestHash HashedId8,
- nextDlTime Time32,
- acpcTreeId AcpcTreeId OPTIONAL,
- ...
- }
-
-/**
- * @class EeRaDownloadRequest
- *
- * @brief This structure contains parameters needed to request the download of
- * certificates from the RA. An overview of this structure is as follows:
- *
- * @param generationTime contains the generation time of EeRaDownloadRequest.
- *
- * @param filename contains the name of the file requested for download,
- * formed as specified in 8.2.2.
- */
- EeRaDownloadRequest ::= SEQUENCE {
- generationTime Time32,
- filename UTF8String (SIZE (0..255)),
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: EE - RA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1EeRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-3(3)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ CertificateType
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ HashedId8,
+ IValue,
+ PublicEncryptionKey,
+ Time32,
+ Uint8
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ AcpcTreeId
+FROM Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ EeEcaCertRequestSpdu,
+ PublicVerificationKey,
+ ToBeSignedCertificate
+FROM Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This is the parent structure for all structures exchanged between
+ * the EE and the RA. An overview of this structure is as follows:
+ *
+ * @note This CHOICE does not include a PDU type for encrypted
+ * misbehavior report upload; see 4.1.5.
+ *
+ * @param eeRaCertRequest: contains the certificate generation request sent by
+ * the EE to the RA.
+ *
+ * @param raEeCertAck: contains the RA's acknowledgement of the receipt of
+ * EeRaCertRequestSpdu.
+ *
+ * @param raEeCertInfo: contains the information about certificate download.
+ *
+ * @param eeRaDownloadRequest: contains the download request sent by the EE to
+ * the RA.
+ *
+ * @param eeRaSuccessorEnrollmentCertRequest: contains a self-signed request
+ * for an enrollment certificate, identical in format to the one submitted
+ * for an initial enrollment certificate. (This becomes a request for a
+ * successor enrollment certificate by virtue of being signed by the current
+ * enrollment certificate.)
+ */
+EeRaInterfacePdu ::= CHOICE {
+ eeRaCertRequest EeRaCertRequest,
+ raEeCertAck RaEeCertAck,
+ raEeCertInfo RaEeCertInfo,
+ eeRaDownloadRequest EeRaDownloadRequest,
+ eeRaSuccessorEnrollmentCertRequest EeEcaCertRequestSpdu,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters needed to request different types
+ * of authorization certificates. An overview of this structure is as follows:
+ *
+ * The definition of validity for a certificate request, including
+ * constraints on the fields in this structure, is specified in 10.1.
+ *
+ * @note:
+ * - In the case where the butterfly key mechanism is used to
+ * derive the certificate encryption key, the value j is not communicated to
+ * the ACA. However, the EE that receives the certificate response can only
+ * decrypt the response if it knows j. The RA is therefore anticipated to
+ * store j so that it can be associated with the appropriate certificate
+ * response.
+ * - If the type of id is LinkageData, the contents of the
+ * field in the request are replaced by random data by the RA when it sends
+ * the individual certificate requests to the ACA. The ACA then in turn
+ * replaces that data with the linkage values generated with the help of the
+ * LAs; see Annex D.
+ * - This document does not specify a method to include an
+ * encryptionKey in the requested certificates, if the butterfly key
+ * mechanism is used. The EE using such a certificate to sign a message
+ * cannot request that the response is encrypted to the certificate. Instead,
+ * it can request an encrypted response using the
+ * tbsData.headerInfo.encryptionKey field of the SignedData; see 6.3.9,
+ * 6.3.33, 6.3.34, and 6.3.36 of IEEE Std 1609.2 for more details.
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of EeRaCertRequest.
+ *
+ * @param type: indicates whether the request is for an explicit or implicit
+ * certificate (see 4.1.1 and 4.1.4.3.1).
+ *
+ * @param tbsCert: contains the parameters to be used by the ACA to generate
+ * authorization certificate(s).
+ * - id contains the identity information sent by the requester. If the
+ * type is LinkageData, the contents of the field are chosen by the EE using
+ * any appropriate means. RA replaces that in the certificates with the
+ * linkage values generated with the help of the LAs and the ACA; see Annex D.
+ * - validityPeriod contains the requested validity period of the first
+ * batch of certificates.
+ * - region, assuranceLevel, canRequestRollover, and encryptionKey, if
+ * present, contain the information sent by the requester for the requested
+ * certificates.
+ * - verifyKeyIndicator.verificationKey contains the public key
+ * information sent by the requester. The verifyKeyIndicator field indicates
+ * the choice verificationKey even if type is implicit, as this allows the
+ * requester to indicate which signature algorithm and curve they are
+ * requesting.
+ * - If the certificate issued in response to this request is explicit and
+ * butterfly expansion is not used, the value in this field is the
+ * verification key that appears in that certificate.
+ * - If the certificate issued in response to this request is implicit and
+ * butterfly expansion is not used, the value in this field is the input
+ * public key value for implicit certificate generation.
+ * - If butterfly expansion is used, that is, if one of (original, unified,
+ * compactUnified) options is present in the field additionalParams, the
+ * value in this field is combined with the values in the additionalParams
+ * field as specified in 9.3.
+ *
+ * @param additionalParams: shall be present and contain relevant parameters if
+ * the requested certificates are to be generated using the butterfly key
+ * mechanism as specified in 9.3, or if the requested certificates are to be
+ * encrypted without using the butterfly key mechanism. If present, the field
+ * tbsCert.verifyKeyIndicator shall be used as the caterpillar public key for
+ * signing in the butterfly key mechanism.
+ */
+EeRaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions PRESENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions ABSENT,
+ verifyKeyIndicator (WITH COMPONENTS {
+ verificationKey
+ })
+ }),
+ additionalParams AdditionalParams OPTIONAL,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters for the butterfly key mechanism.
+ * An overview of this structure is as follows:
+ *
+ * @param original: contains the parameters for the original variant.
+ *
+ * @param unified: contains the expansion function for signing to be used for
+ * the unified variant. The caterpillar public key and expansion function for
+ * encryption are the same as those for signing.
+ *
+ * @param compactUnified: contains the expansion function for signing to be
+ * used for the compact unified variant. The caterpillar public key and
+ * expansion function for encryption are the same as those for signing.
+ *
+ * @param encryptionKey: contains the public key for encrypting the
+ * certificate if the butterfly key mechanism is not used.
+ */
+AdditionalParams ::= CHOICE {
+ original ButterflyParamsOriginal,
+ unified ButterflyExpansion,
+ compactUnified ButterflyExpansion,
+ encryptionKey PublicEncryptionKey,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters for the original variation of the
+ * butterfly key mechanism. An overview of this structure is as follows:
+ *
+ * @param signingExpansion: contains the expansion function for signing.
+ *
+ * @param encryptionKey: contains the caterpillar public key for encryption.
+ *
+ * @param encryptionExpansion: contains the expansion function for encryption.
+ */
+ButterflyParamsOriginal ::= SEQUENCE {
+ signingExpansion ButterflyExpansion,
+ encryptionKey PublicEncryptionKey,
+ encryptionExpansion ButterflyExpansion
+}
+
+/**
+ * @brief This structure contains material used in the butterfly key
+ * calculations as specified in 9.3.5.1 and 9.3.5.2. An overview of this
+ * structure is as follows:
+ *
+ * @param aes128: indicates that the symmetric algorithm used in the expansion
+ * function is AES-128 with the indicated 16 byte string used as the key.
+ */
+ButterflyExpansion ::= CHOICE {
+ aes128 OCTET STRING (SIZE(16)),
+ ...
+}
+
+/**
+ * @brief This structure is used to create the acknowledgement for certificate
+ * requests. An overview of this structure is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of RaEeCertAck.
+ *
+ * @param requestHash: contains the hash of the corresponding
+ * EeRaCertRequestSpdu.
+ *
+ * @param firstI: shall be present and contain the i-value that will be
+ * associated with the first certificate or the certificate batch that will be
+ * made available to the EE, if the corresponding EeRaCertRequest uses the
+ * butterfly key mechanism as indicated in the field additionalParams. The EE
+ * uses this to form the download filename for the download request as
+ * specified in 8.2.2.
+ *
+ * @param nextDlTime: contains the time after which the EE should connect to
+ * the RA to download the certificates.
+ */
+RaEeCertAck ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ firstI IValue OPTIONAL,
+ nextDlTime Time32,
+ ...
+}
+
+/**
+ * @brief This structure is used to create the info file that accompanies a
+ * batch of certificates for download as specified in 8.2.3. It is used when
+ * certificates were generated using the butterfly key expansion mechanism
+ * specified in 9.3. An overview of this structure is as follows:
+ *
+ * @param version: contains the current version of the structure.
+ *
+ * @param generationTime: contains the generation time of RaEeCertInfo.
+ *
+ * @param currentI: contains the i-value associated with the batch of
+ * certificates.
+ *
+ * @param requestHash: contains the hash of the corresponding
+ * EeRaCertRequestSpdu.
+ *
+ * @param nextDlTime: contains the time after which the EE should connect to
+ * the RA to download the certificates.
+ *
+ * @param acpcTreeId: shall be present and contain the ACPC Tree Id, if the
+ * certificates were generated using ACPC as specified in 9.5.
+ */
+RaEeCertInfo ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ requestHash HashedId8,
+ nextDlTime Time32,
+ acpcTreeId AcpcTreeId OPTIONAL,
+ ...
+}
+
+/**
+ * @brief This structure contains parameters needed to request the download of
+ * certificates from the RA. An overview of this structure is as follows:
+ *
+ * @param generationTime: contains the generation time of EeRaDownloadRequest.
+ *
+ * @param filename: contains the name of the file requested for download,
+ * formed as specified in 8.2.2.
+ */
+EeRaDownloadRequest ::= SEQUENCE {
+ generationTime Time32,
+ filename UTF8String (SIZE (0..255)),
+ ...
+}
+
+END
diff --git a/Ieee1609Dot2Dot1LaMaInterface.asn b/Ieee1609Dot2Dot1LaMaInterface.asn
index 7f5a74eaf0f5913242f9ed0fb0dc445c117c4169..74959cbe316d321911a48ea6f8741694dee27f5b 100755
--- a/Ieee1609Dot2Dot1LaMaInterface.asn
+++ b/Ieee1609Dot2Dot1LaMaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: LA - MA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1LaMaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class LaMaInterfacePdu
- *
- * @brief This structure is not used by EEs, so it is defined as NULL for
- * purposes of this document.
- */
- LaMaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: LA - MA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1LaMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is not used by EEs, so it is defined as NULL for
+ * purposes of this document.
+ */
+LaMaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1LaRaInterface.asn b/Ieee1609Dot2Dot1LaRaInterface.asn
index 0418193e1e8e601139d3d0c5bfaf63f9530b22eb..c5f819a04e9d3df1f771ff6e1f2290b99eae3497 100755
--- a/Ieee1609Dot2Dot1LaRaInterface.asn
+++ b/Ieee1609Dot2Dot1LaRaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: LA - RA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1LaRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class LaRaInterfacePdu
- *
- * @brief This structure is not used by EEs, so it is defined as NULL for
- * purposes of this document.
- */
- LaRaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: LA - RA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1LaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is not used by EEs, so it is defined as NULL for
+ * purposes of this document.
+ */
+LaRaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1MaRaInterface.asn b/Ieee1609Dot2Dot1MaRaInterface.asn
index 3f048bcf14e5bb44ba5cbc772a9da8737af06eb9..b74c2486a8bdbf1e99b7001aaeea93cc755f9ffc 100755
--- a/Ieee1609Dot2Dot1MaRaInterface.asn
+++ b/Ieee1609Dot2Dot1MaRaInterface.asn
@@ -1,27 +1,26 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: MA - RA Interface --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1MaRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-/**
- * @class MaRaInterfacePdu
- *
- * @brief This structure is not used by EEs, so it is defined as NULL for
- * purposes of this document.
- */
- MaRaInterfacePdu ::= NULL
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1: MA - RA Interface --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1MaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2)
+ minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+/**
+ * @brief This structure is not used by EEs, so it is defined as NULL for
+ * purposes of this document.
+ */
+MaRaInterfacePdu ::= NULL
+
+END
diff --git a/Ieee1609Dot2Dot1Protocol.asn b/Ieee1609Dot2Dot1Protocol.asn
index b12d2c847e1b20d46fb41d433d8f0d9d459b5bb8..78c04891f050b66d50cae5737e502a1824f10003 100755
--- a/Ieee1609Dot2Dot1Protocol.asn
+++ b/Ieee1609Dot2Dot1Protocol.asn
@@ -1,1413 +1,1273 @@
---***************************************************************************--
--- IEEE Std 1609.2.1: Protocol --
---***************************************************************************--
-
-/**
- * @brief NOTE: Section references in this file are to clauses in IEEE Std
- * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
- * abbreviations used in this file are specified in 3.2.
- */
-
-Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) protocol(17)
- major-version-2(2) minor-version-2(2)}
-
-DEFINITIONS AUTOMATIC TAGS ::= BEGIN
-
-EXPORTS ALL;
-
-IMPORTS
- CrlSeries,
- EccP256CurvePoint,
- EccP384CurvePoint,
- EcdsaP256Signature,
- EcdsaP384Signature,
- GeographicRegion,
- HashAlgorithm,
- HashedId3,
- Psid,
- PublicEncryptionKey,
- PublicVerificationKey,
- SequenceOfPsid,
- SequenceOfPsidSsp,
- SubjectAssurance,
- Uint8,
- Uint16,
- ValidityPeriod
-FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)}
-
- Certificate,
- CertificateId,
- Ieee1609Dot2Data,
- SequenceOfCertificate,
- SequenceOfPsidGroupPermissions,
- SignerIdentifier,
- VerificationKeyIndicator,
- Signature,
- ToBeSignedCertificate
-FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609)
- dot2(2) base(1) schema(1) major-version-2(2) minor-version-4(4)}
-
- AcaEeInterfacePdu
-FROM Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3)
- ieee(111) standards-association-numbered-series-standards(2)
- wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
- aca-ee(1) major-version-2(2) minor-version-2(2)}
-
- AcaLaInterfacePdu
-FROM Ieee1609Dot2Dot1AcaLaInterface {iso(1) identified-organization(3)
- ieee(111) standards-association-numbered-series-standards(2)
- wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
- aca-la(2) major-version-2(2)}
-
- AcaMaInterfacePdu
-FROM Ieee1609Dot2Dot1AcaMaInterface {iso(1) identified-organization(3)
- ieee(111) standards-association-numbered-series-standards(2)
- wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
- aca-ma(3) major-version-2(2)}
-
- AcaRaInterfacePdu
-FROM Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3)
- ieee(111) standards-association-numbered-series-standards(2)
- wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
- aca-ra(4) major-version-2(2) minor-version-2(2)}
-
- AcpcTreeId
-FROM Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-1(1) minor-version-2(2)}
-
- CertManagementPdu
-FROM Ieee1609Dot2Dot1CertManagement{iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) cert-management(7)
- major-version-2(2) minor-version-2(2)}
-
- EcaEeInterfacePdu
-FROM Ieee1609Dot2Dot1EcaEeInterface {iso(1) identified-organization(3)
- ieee(111) standards-association-numbered-series-standards(2)
- wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1)
- eca-ee(9) major-version-2(2) minor-version-2(2)}
-
- EeMaInterfacePdu
-FROM Ieee1609Dot2Dot1EeMaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2)}
-
- EeRaInterfacePdu
-FROM Ieee1609Dot2Dot1EeRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-2(2) minor-version-2(2)}
-
- LaMaInterfacePdu
-FROM Ieee1609Dot2Dot1LaMaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2)}
-
- LaRaInterfacePdu
-FROM Ieee1609Dot2Dot1LaRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2)}
-
- MaRaInterfacePdu
-FROM Ieee1609Dot2Dot1MaRaInterface {iso(1) identified-organization(3) ieee(111)
- standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
- extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2)}
-;
-
-/**
- * @class SecurityMgmtPsid
- *
- * @brief This PSID, 0x23, identifies security management activities as
- * defined in this document.
- */
- SecurityMgmtPsid ::= Psid (35)
-
-/**
- * @class ScmsPdu
- *
- * @brief This is the parent structure that encompasses all parent structures
- * of interfaces defined in the SCMS. An overview of this structure is as
- * follows:
- *
- * @param version contains the current version of the structure.
- *
- * @param aca-ee contains the interface structures defined for interaction
- * between the ACA and the EE.
- *
- * @param aca-la contains the interface structures defined for interaction
- * between the ACA and the LA.
- *
- * @param aca-ma contains the interface structures defined for interaction
- * between the ACA and the MA.
- *
- * @param aca-ra contains the interface structures defined for interaction
- * between the ACA and the RA.
- *
- * @param cert contains the interface structures defined for certificate
- * management.
- *
- * @param eca-ee contains the interface structures defined for interaction
- * between the ECA and the EE.
- *
- * @param ee-ma contains the interface structures defined for interaction
- * between the EE and the MA.
- *
- * @param ee-ra contains the interface structures defined for interaction
- * between the EE and the RA.
- *
- * @param la-ma contains the interface structures defined for interaction
- * between the LA and the MA.
- *
- * @param la-ra contains the interface structures defined for interaction
- * between the LA and the RA.
- *
- * @param ma-ra contains the interface structures defined for interactions
- * between the MA and the RA.
- */
- ScmsPdu ::= SEQUENCE {
- version Uint8 (2),
- content CHOICE {
- aca-ee AcaEeInterfacePdu,
- aca-la AcaLaInterfacePdu,
- aca-ma AcaMaInterfacePdu,
- aca-ra AcaRaInterfacePdu,
- cert CertManagementPdu,
- eca-ee EcaEeInterfacePdu,
- ee-ma EeMaInterfacePdu,
- ee-ra EeRaInterfacePdu,
- la-ma LaMaInterfacePdu,
- la-ra LaRaInterfacePdu,
- ma-ra MaRaInterfacePdu,
- ...
- }
- }
-
---***************************************************************************--
--- Parameterized Types --
---***************************************************************************--
-
-/**
- * @class ScmsPdu-Scoped
- *
- * @brief This structure defines a parameterized type for creating a scoped
- * data as a subtype of ScmsPdu.
- */
- ScmsPdu-Scoped {Pdu} ::= ScmsPdu (WITH COMPONENTS {
- ...,
- content (CONSTRAINED BY {
- Pdu
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-Unsecured
- *
- * @brief This structure defines a parameterized type for creating an
- * unsecured data as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-Unsecured {Tbu} ::= Ieee1609Dot2Data (WITH COMPONENTS {
- content (WITH COMPONENTS {
- ...,
- unsecuredData (CONTAINING Tbu)
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-Signed
- *
- * @brief This structure defines a parameterized type for creating a signed
- * data as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-Signed {Tbs, Psid} ::=
- Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- ...,
- signedData (WITH COMPONENTS {
- ...,
- tbsData (WITH COMPONENTS {
- ...,
- payload (WITH COMPONENTS {
- ...,
- data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- unsecuredData (CONTAINING Tbs)
- })
- })
- }),
- headerInfo (WITH COMPONENTS {
- ...,
- psid (Psid),
- generationTime PRESENT,
- expiryTime ABSENT,
- generationLocation ABSENT,
- p2pcdLearningRequest ABSENT,
- missingCrlIdentifier ABSENT,
- encryptionKey ABSENT
- })
- }),
- signer (SignerSingleCert)
- })
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-Encrypted
- *
- * @brief This structure defines a parameterized type for creating an
- * encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
- * structure is as follows:
- *
- * @param Tbe is first encrypted and the resulting ciphertext is used as
- * input to the encryptedData field.
- */
- Ieee1609Dot2Data-Encrypted {Tbe} ::=
- Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- encryptedData (CONSTRAINED BY {
- --encryption of-- Tbe
- })
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-EncryptedOpen
- *
- * @brief This structure defines a parameterized type for creating an
- * encrypted data as a subtype of Ieee1609Dot2Data. This structure differs
- * from Ieee1609Dot2Data-Encrypted in that it does not specify the contents
- * of the encrypted data.
- */
- Ieee1609Dot2Data-EncryptedOpen ::=
- Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- encryptedData
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-SignedCertRequest
- *
- * @brief This structure defines a parameterized type for creating a signed
- * certificate request as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-SignedCertRequest {Tbscr, Signer} ::=
- Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- ...,
- signedCertificateRequest (CONTAINING
- SignedCertificateRequest (WITH COMPONENTS {
- ...,
- tbsRequest (Tbscr),
- signer (Signer)
- }))
- })
- })
-
-/**
- * @class X509Certificate
- *
- * @brief This structure is a wrapper for an ITU-T X.509 certificate.
- *
- *
NOTE: ITU-T X.509 certificates are encoded with the ASN.1 DER
- * rather than the OER used in this document and so cannot be "directly"
- * imported into these structures.
- */
- X509Certificate ::= OCTET STRING
-
-/**
- * @class SequenceOfX509Certificate
- *
- * @brief This type is used for clarity of definitions.
- */
- SequenceOfX509Certificate ::= SEQUENCE OF X509Certificate
-
-/**
- * @class X509SignerIdentifier
- *
- * @brief This structure identifies an ITU-T X.509 certificate used to sign a
- * signed data structure. The only data structure currently defined that can
- * be signed by an ITU-T X.509 certificate is SignedX509CertificateRequest.
- */
- X509SignerIdentifier ::= CHOICE {
- certificate SequenceOfX509Certificate,
- ...
- }
-
-/**
- * @class Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest
- *
- * @brief This structure defines a parameterized type for creating a
- * certificate request, signed with an ITU-T X.509 certificate, as a subtype of
- * Ieee1609Dot2Data. It makes use of the extension of Ieee1609Dot2Content
- * defined in 11.2.3.
- */
- Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {Tbscr, Signer}
- ::= Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- ...,
- signedX509CertificateRequest (CONTAINING
- SignedX509CertificateRequest (WITH COMPONENTS {
- ...,
- tbsRequest (Tbscr),
- signer (Signer)
- }))
- })
- })
-
-/**
- * @class Ieee1609Dot2Data-SignedEncrypted
- *
- * @brief This structure defines a parameterized type for creating a signed
- * then encrypted data as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-SignedEncrypted {Tbse, Psid} ::=
- Ieee1609Dot2Data-Encrypted {
- Ieee1609Dot2Data-Signed {
- Tbse,
- Psid
- }
- }
-
-/**
- * @class Ieee1609Dot2Data-EncryptedSigned
- *
- * @brief This structure defines a parameterized type for creating an
- * encrypted then signed data as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-EncryptedSigned {Tbes, Psid} ::= Ieee1609Dot2Data-Signed {
- Ieee1609Dot2Data-Encrypted {
- Tbes
- },
- Psid
- }
-
-/**
- * @class Ieee1609Dot2Data-EncryptedOpenSigned
- *
- * @brief This structure defines a parameterized type for creating an
- * encrypted then signed data as a subtype of Ieee1609Dot2Data. Unlike
- * Ieee1609Dot2Data-EncryptedSigned, this structure does not specify the
- * contents to be encrypted. This structure is intended for use in
- * misbehavior report upload where the encrypted data is received by the RA
- * that does not know the contents.
- */
- Ieee1609Dot2Data-EncryptedOpenSigned{Psid} ::=
- Ieee1609Dot2Data-Signed {
- Ieee1609Dot2Data-EncryptedOpen,
- Psid
- }
-
-/**
- * @class Ieee1609Dot2Data-SignedEncryptedCertRequest
- *
- * @brief This structure defines a parameterized type for creating a signed
- * then encrypted certificate request as a subtype of Ieee1609Dot2Data.
- */
- Ieee1609Dot2Data-SignedEncryptedCertRequest {Tbstecr, Signer} ::=
- Ieee1609Dot2Data-Encrypted {
- Ieee1609Dot2Data-SignedCertRequest {
- Tbstecr,
- Signer
- }
- }
-
-/**
- * @class Ieee1609Dot2Data-SymmEncryptedSingleRecipient
- *
- * @brief This structure defines a parameterized type for creating an
- * encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
- * structure is as follows:
- *
- * @param Tbe is first encrypted and the resulting ciphertext is used as
- * input to the encryptedData field.
- */
- Ieee1609Dot2Data-SymmEncryptedSingleRecipient {Tbe} ::=
- Ieee1609Dot2Data (WITH COMPONENTS {
- ...,
- content (WITH COMPONENTS {
- encryptedData (CONSTRAINED BY {
- --contains only one RecipientInfo, of form symmRecipinfo
- --symmetric encryption of-- Tbe
- })
- })
- })
-
---***************************************************************************--
--- Signer Types --
---***************************************************************************--
-
-/**
- * @class SignerSingleCert
- *
- * @brief This structure is used to indicate a SignerIdentifier with a
- * certificate chain of size 1.
- */
- SignerSingleCert ::= SignerIdentifier(WITH COMPONENTS {
- certificate (SequenceOfCertificate (SIZE (1)))
- })
-
-/**
- * @class SignerSingleX509Cert
- *
- * @brief This structure is used to indicate an X509SignerIdentifier with a
- * certificate chain of size 1.
- */
- SignerSingleX509Cert ::= X509SignerIdentifier(WITH COMPONENTS {
- certificate (SequenceOfX509Certificate (SIZE (1)))
- })
-
-/**
- * @class SignerSelf
- *
- * @brief This structure is used to indicate a SignerIdentifier of type self.
- */
- SignerSelf ::= SignerIdentifier(WITH COMPONENTS {
- self
- })
-
---***************************************************************************--
--- Certificate Requests --
---***************************************************************************--
-
- ScmsPdu-RaAcaCertRequest ::= ScmsPdu-Scoped {
- AcaRaInterfacePdu (WITH COMPONENTS {
- raAcaCertRequest
- })
- }
- ScmsPdu-EeEcaCertRequest ::= ScmsPdu-Scoped {
- EcaEeInterfacePdu (WITH COMPONENTS {
- eeEcaCertRequest
- })
- }
- ScmsPdu-EeRaCertRequest ::= ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaCertRequest
- })
- }
- ScmsPdu-EeRaSuccessorEnrollmentCertRequest ::= ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaSuccessorEnrollmentCertRequest
- })
- }
-
-/**
- * @class ScopedCertificateRequest
- *
- * @brief This structure defines the all certificate request structures as a
- * scoped version of the ScmsPdu.
- */
- ScopedCertificateRequest ::= ScmsPdu (
- ScmsPdu-RaAcaCertRequest | ScmsPdu-EeEcaCertRequest | ScmsPdu-EeRaCertRequest | ScmsPdu-EeRaSuccessorEnrollmentCertRequest
- )
-
-/**
- * @class SignedCertificateRequest
- *
- * @brief This structure defines the format of a signed certificate request.
- * An overview of this structure is as follows:
- *
- *
The signature is generated on the hash of this structure, obtained
- * per the rules specified for hashing data objects in 5.3.1 of IEEE Std
- * 1609.2a-2017, with the parameter Data Input equal to the C-OER
- * encoding of tbsRequest, and the parameter Signer Identifier Input
- * equal to the signer's enrollment certificate.
- *
- * @param hashAlgorithmId contains the identifier of the hash algorithm used
- * inside the binary tree.
- *
- * @param tbsRequest contains the certificate request information that is
- * signed by the recipient.
- *
- * @param signer denotes the signing entity's identifier.
- *
- * @param signature contains the request sender's signature.
- */
- SignedCertificateRequest ::= SEQUENCE {
- hashAlgorithmId HashAlgorithm,
- tbsRequest ScopedCertificateRequest,
- signer SignerIdentifier,
- signature Signature
- }
-
-/**
- * @class SignedX509CertificateRequest
- *
- * @brief This structure contains a certificate request signed with an ITU-T
- * X.509 certificate. The only type of certificate request signed with an
- * ITU-T X.509 certificate supported in this document is an authorization
- * certificate request. An overview of this structure is as follows:
- *
- *
The signature is generated on the hash of this structure, obtained
- * per the rules specified for hashing data objects in 5.3.1 of IEEE
- * Std 1609.2a-2017, with the parameter Data Input equal to the C-OER
- * encoding of tbsRequest, and the parameter Signer Identifier Input
- * equal to the signer's certificate, that is, the ITU-T X.509 certificate
- * contained in the OCTET STRING indicated by the first X509Certificate in
- * signer.
- *
- * @param hashAlgorithmId contains the identifier of the hash algorithm used
- * inside the binary tree.
- *
- * @param tbsRequest contains the certificate request information that is
- * signed by the recipient.
- *
- * @param signer denotes the signing entity's identifier.
- *
- * @param signature contains the request sender's signature.
- */
- SignedX509CertificateRequest ::= SEQUENCE {
- hashAlgorithmId HashAlgorithm,
- tbsRequest ScopedCertificateRequest,
- signer X509SignerIdentifier,
- signature Signature
- }
-
---***************************************************************************--
--- ACA - EE Interface --
---***************************************************************************--
-
-/**
- * @class AcaEeCertResponsePlainSpdu
- *
- * @brief This structure contains a certificate response for consumption by
- * the EE. In the architecture of this document, although it is created by the
- * ACA, it is made available to the EE via the RA as described in 8.2.
- *
- *
The ACA creates this response when 1) the compact unified
- * butterfly key mechanism is not being used (that is, some other flavor of
- * butterfly key is being used, or butterfly keys are not being used) and 2)
- * it is not necessary to protect the EE's privacy from the RA, for example,
- * when the certificate being returned is not a pseudonym certificate.
- */
- AcaEeCertResponsePlainSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- AcaEeInterfacePdu (WITH COMPONENTS {
- acaEeCertResponse
- })
- }
- }
-
-/**
- * @class AcaEeCertResponsePrivateSpdu
- *
- * @brief This structure contains a certificate response for consumption by
- * the EE. In the architecture of this document, although it is created by the
- * ACA, it is made available to the EE via the RA as described in 8.2.
- *
- *
The ACA creates this response when 1) the compact unified
- * butterfly key mechanism is not being used (that is, some other flavor of
- * butterfly key is being used, or butterfly keys are not being used) and 2)
- * it is necessary to protect the EE's privacy from the RA, for example when
- * the certificate being returned is a pseudonym certificate.
- *
- *
The structure consists of a signed SPDU containing an encrypted
- * SPDU.
- *
- *
The encrypted SPDU is encrypted with the response
- * encryption key that was provided to the ACA for that purpose. This key is
- * determined as follows:
- *
- * - If the original EeRaCertRequest from the end entity indicated a single
- * response encryption key, that is, if the additionalParams.encryptionKey
- * field was present in the request, then the response is encrypted with that
- * key.
- *
- *
- * - If the original EeRaCertRequest from the end entity indicated a
- * response encryption key generated with the “original” butterfly key
- * mechanism, that is, the additionalParams.original field was provided in the
- * request, then the response is encrypted with the cocoon encryption key
- * derived from additionalParams.original.encryptionKey and
- * additionalParams.original.encryptionExpansion as specified in 9.3.4.2
- * and the corresponding decryption private key is derived as specified in
- * 9.3.4.1.
- *
- * - If the original EeRaCertRequest from the end entity indicated a
- * response encryption key generated with the “unified” butterfly key
- * mechanism, that is, the additionalParams.unified field was provided in the
- * request, then the response is encrypted with the cocoon encryption key
- * derived from tbsCert.verifyKeyIndicator and additionalParams.unified as
- * specified in 9.3.4.2 and the corresponding decryption private key is
- * derived as specified in 9.3.4.1.
- *
- *
- * See 9.3 for more material about butterfly keys.
- *
- *
The resulting Ieee1609Dot2Data of content type encryptedData is
- * signed by the same ACA certificate that was used to issue the certificate
- * field in the AcaEeCertResponse. If this structure is signed by a different
- * ACA certificate, it is invalid. The ACA certificate shall follow the ACA
- * certificate profile given in 7.7.3.2.
- *
- *
NOTE 1: Other potential responses to an authorization certificate
- * request. If the original request indicated the use of “compact unified”
- * butterfly key mechanism by including the additionalParams.compactUnified
- * field, the response shall be a AcaEeCertResponseCubkSpdu, not a
- * AcaEeCertResponsePrivateSpdu.
- *
- *
NOTE 2: How the ACA obtains the response encryption key. This
- * document provides the RaAcaCertRequest structure to allow the RA to
- * indicate whether the original or unified butterfly key mechanism is to be
- * used via the flags field. The encryption key for encrypting
- * AcaEeCertResponse is calculated by the indicated method even if the RA
- * does not use an RaAcaCertRequest as defined in this document to
- * communicate the certificate request to the ACA.
- *
- *
NOTE 3: Consistency between inner and outer signers, and the IEEE
- * Std 1609.2 model. This SPDU introduces a new type of validity condition
- * by requiring that the ACA that signs the outer signed SPDU is also the ACA
- * that issued the certificate inside the encrypted SPDU. This requires that
- * to verify the inner “SPDU”, that is, the certificate, the verifier
- * needs to store the information from the outer SPDU. This is not a violation
- * of the IEEE 1609.2 model: Subclause 4.2.2.3 of IEEE Std 1609.2 considers all
- * operations carried out on received data to be atomic and does not put any
- * restrictions on the information that is stored between operations. However,
- * it should be noted that because the IEEE 1609.2 approach enables SPDUs to
- * be nested within one another as Ieee1609Dot2Data, in principle an
- * implementation could be built that iterated through the layers of a nested
- * SPDU within a single call from the invoking application instance. (And it
- * should also be noted that IEEE Std 1609.2 was consciously designed to
- * enable this approach: Although the primitives provided in IEEE Std 1609.2
- * only support the series-of-single-operations approach, an implementation
- * could layer this “one-invocation processing” on top of the IEEE 1609.2
- * interface as an optimization.) A “one-invocation processing” implementation
- * of that type would have to anticipate situations of coupling between inner
- * and outer SPDUs like the one created by this AcaEeCertResponsePrivateSpdu,
- * and allow the invoking certificate management service to check consistency
- * at the application layer, perhaps by (for example) returning the signing
- * certificates for all nested signed SPDUs. How this is to be implemented is
- * implementation specific; this note is intended as a notification of this
- * potential issue to implementers planning to implement one-invocation
- * processing.
- */
- AcaEeCertResponsePrivateSpdu ::= Ieee1609Dot2Data-EncryptedSigned {
- ScmsPdu-Scoped {
- AcaEeInterfacePdu (WITH COMPONENTS {
- acaEeCertResponse
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class AcaEeCertResponseCubkSpdu
- *
- * @brief This structure contains a certificate response for consumption by
- * the EE. In the architecture of this document, although it is created by
- * the ACA, it is made available to the EE via the RA as described in 8.2.
- *
- *
The ACA creates a certificate response in this form when the
- * compact unified butterfly key mechanism is being used. If the
- * RaAcaCertRequest structure was used to communicate between the RA and the
- * ACA, the RA indicated use of compact unified butterfly keys by setting the
- * cubk (1) bit in the bkType field in the corresponding RaAcaCertRequest.
- *
- *
The AcaEeCertResponse is encrypted by the ACA using the cocoon
- * public key for encryption. See 9.3.4.2 for how the ACA derives the cocoon
- * public key for encryption, using the tbsCert.verifyKeyIndicator field in the
- * corresponding RaAcaCertRequest as the input cocoon public key for signing
- * Bt. See 9.3.4.1 for how the EE derives the corresponding cocoon private
- * key for encryption.
- */
- AcaEeCertResponseCubkSpdu ::= Ieee1609Dot2Data-Encrypted {
- ScmsPdu-Scoped {
- AcaEeInterfacePdu (WITH COMPONENTS {
- acaEeCertResponse
- })
- }
- }
-
---***************************************************************************--
--- ACA - LA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- ACA - MA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- ACA - RA Interface --
---***************************************************************************--
-
-/**
- * @class RaAcaCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed RaAcaCertRequest.
- * For the signature to be valid the signing certificate shall conform to the
- * RA certificate profile given in 7.7.3.9, contain a PSID equal to
- * SecurityMgmtPsid (0x23) and a corresponding SSP containing the C-OER
- * encoding of an ScmsSsp indicating RaSsp. The
- * toBeSigned.certRequestPermissions field of the RA certificate shall permit
- * the requested permissions in the raAcaCertRequest.tbsCert.appPermissions
- * field.
- */
- RaAcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
- ScmsPdu-Scoped {
- AcaRaInterfacePdu (WITH COMPONENTS {
- raAcaCertRequest
- })
- },
- SignerSingleCert
- }
-
-/**
- * @class AcaRaCertResponseSpdu
- *
- * @brief This structure is the SPDU used to send a signed AcaRaCertResponse.
- * For the signature to be valid the signing certificate shall contain a PSID
- * equal to SecurityMgmtPsid (0x23) and a corresponding SSP containing the
- * C-OER encoding of an ScmsSsp indicating AcaSsp.
- */
- AcaRaCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- AcaRaInterfacePdu (WITH COMPONENTS {
- acaRaCertResponse
- })
- },
- SecurityMgmtPsid
- }
-
---***************************************************************************--
--- Certificate Management --
---***************************************************************************--
-
-/**
- * @class CompositeCrlSpdu
- *
- * @brief This structure is the SPDU used to send an unsecured CompositeCrl.
- * It is used to create composite CRL files as specified in 8.5.
- */
- CompositeCrlSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- CertManagementPdu (WITH COMPONENTS {
- compositeCrl
- })
- }
- }
-
-/**
- * @class CertificateChainSpdu
- *
- * @brief This structure is the SPDU used to send an unsecured
- * CertificateChain. It is used to create certificate chain files as
- * specified in 8.4.
- */
- CertificateChainSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- CertManagementPdu (WITH COMPONENTS {
- certificateChain
- })
- }
- }
-
-/**
- * @class MultiSignedCtlSpdu
- *
- * @brief This structure is the SPDU used to send an unsecured MultiSignedCtl.
- */
- MultiSignedCtlSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- CertManagementPdu (WITH COMPONENTS {
- multiSignedCtl
- })
- }
- }
-
-/**
- * @class CtlSignatureSpdu
- *
- * @brief This structure is the SPDU used to send a signed
- * ToBeSignedCtlSignature. For the signature to be valid, the signing
- * certificate shall match the elector certificate profile in 7.7.3.7. This
- * means that the signature is calculated as specified in IEEE Std 1609.2,
- * with the data input to the hash process consisting of the C-OER encoding
- * of the tbsData that includes the ToBeSignedCtlSignature.
- */
- CtlSignatureSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- CertManagementPdu (WITH COMPONENTS {
- tbsCtlSignature
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class CertificateManagementInformationStatusSpdu
- *
- * @brief This structure is the SPDU used to send a signed
- * CertManagementInfoStatus. For the signature to be valid the signing
- * certificate shall conform to the RA certificate profile given in 7.7.3.9 or
- * the DC certificate profile given in 7.7.3.10.
- */
- CertificateManagementInformationStatusSpdu ::=
- Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- CertManagementPdu (WITH COMPONENTS {
- infoStatus
- })
- },
- SecurityMgmtPsid
- }
-
-
---***************************************************************************--
--- ECA - EE Interface --
---***************************************************************************--
-
-/**
- * @class EeEcaCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed EeEcaCertRequest,
- * as follows:
- *
- * - If eeEcaCertRequest.canonicalId is not present, the EE signs this
- * structure using the private key corresponding to the
- * tbsCert.verifyKeyIndicator field of the EeEcaCertRequest.
- *
- * - If eeEcaCertRequest.canonicalId is present, the EE signs this
- * structure using the canonical private key as specified in 4.1.4.2.
- *
- */
- EeEcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
- ScmsPdu-Scoped {
- EcaEeInterfacePdu (WITH COMPONENTS {
- eeEcaCertRequest
- })
- },
- SignerSelf
- }
-
-/**
- * @class EcaEeCertResponseSpdu
- *
- * @brief This structure is the SPDU used to send a signed EcaEeCertResponse.
- * For the signature to be valid, the signing certificate shall contain a PSID
- * equal to SecurityMgmtPsid (0x23) and a corresponding SSP containing the
- * C-OER encoding of an ScmsSsp indicating EcaSsp.
- */
- EcaEeCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- EcaEeInterfacePdu (WITH COMPONENTS {
- ecaEeCertResponse
- })
- },
- SecurityMgmtPsid
- }
-
---***************************************************************************--
--- EE - MA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- EE - RA Interface --
---***************************************************************************--
-
-/**
- * @class EeRaCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed then encrypted
- * EeRaCertRequest. It is a choice of the IEEE 1609.2 authenticated
- * certificate request, which may be any kind of EE-RA certificate request,
- * and the ITU-T X.509 certificate request, which is required to be an
- * authorization certificate request.
- */
- EeRaCertRequestSpdu ::= Ieee1609Dot2Data (
- EeRa1609Dot2AuthenticatedCertRequestSpdu |
- EeRaX509AuthenticatedCertRequestSpdu
- )
-
-/**
- * @class EeRa1609Dot2AuthenticatedCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed then encrypted IEEE
- * 1609.2 authenticated certificate request. The EE signs this structure
- * using its enrollment certificate. The enrollment certificate shall conform
- * to the enrollment certificate profile given in 7.7.3.5. The EE encrypts
- * the signed structure using the encryptionKey from the RA's certificate.
- */
- EeRa1609Dot2AuthenticatedCertRequestSpdu ::=
- Ieee1609Dot2Data-SignedEncryptedCertRequest {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaCertRequest
- })
- },
- SignerSingleCert
- }
-
-/**
- * @class EeRaX509AuthenticatedCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed then encrypted ITU-T
- * X.509authenticated certificate request. The EE signs this structure
- * using its enrollment certificate. The enrollment certificate shall conform
- * to the enrollment certificate profile given in 7.7.3.6. The EE encrypts
- * the signed structure using the encryptionKey from the RA's certificate.
- */
- EeRaX509AuthenticatedCertRequestSpdu ::= Ieee1609Dot2Data-Encrypted {
- Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaCertRequest
- })
- },
- SignerSingleX509Cert
- }
- }
-
-/**
- * @class RaEeCertAckSpdu
- *
- * @brief This structure is the SPDU used to send a signed RaEeCertAck to
- * acknowledge the receipt of an EeRaCertRequestSpdu. For the signature to be
- * valid the signing certificate shall conform to the RA certificate profile
- * given in 7.7.3.9.
- */
- RaEeCertAckSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- raEeCertAck
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class RaEeCertInfoSpdu
- *
- * @brief This structure is the SPDU used to create an unsigned .info file
- * to be included in a certificate batch zip file as specified in 8.2. This
- * SPDU is used if the RaEeCertInfo does not contain an acpcTreeId field.
- */
- RaEeCertInfoSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- raEeCertInfo (WITH COMPONENTS {
- acpcTreeId ABSENT
- })
- })
- }
- }
-
-/**
- * @class RaEeCertAndAcpcInfoSpdu
- *
- * @brief This structure is the SPDU used to create a signed .info file to
- * be included in a certificate batch zip file as specified in 8.2. This
- * SPDU is used if the RaEeCertInfo contains an acpcTreeId field. For the
- * signature to be valid the signing certificate shall conform to the RA
- * certificate profile given in 7.7.3.9.
- */
- RaEeCertAndAcpcInfoSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- raEeCertInfo (WITH COMPONENTS {
- acpcTreeId PRESENT
- })
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class EeRaDownloadRequestPlainSpdu
- *
- * @brief This structure is the SPDU used to send an unsecured
- * EeRaDownloadRequest.
- */
- EeRaDownloadRequestPlainSpdu ::= Ieee1609Dot2Data-Unsecured {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaDownloadRequest
- })
- }
- }
-
-/**
- * @class EeRaDownloadRequestSpdu
- *
- * @brief This structure is the SPDU used to send an signed then encrypted
- * EeRaDownloadRequest. The EE signs this structure using its enrollment
- * certificate. The enrollment certificate shall conform to the enrollment
- * certificate profile given in 7.7.3.5. The EE encrypts the signed
- * structure using the encryptionKey from the RA's certificate.
- */
- EeRaDownloadRequestSpdu ::= Ieee1609Dot2Data-SignedEncrypted {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaDownloadRequest
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class EeRaSuccessorEnrollmentCertRequestSpdu
- *
- * @brief This structure is the SPDU used to send a signed then encrypted
- * EeEcaCertRequestSpdu. The EE signs this structure using its enrollment
- * certificate. The enrollment certificate shall conform to the enrollment
- * certificate profile given in 7.7.3.5. The EE encrypts the signed
- * structure using the encryptionKey from the RA's certificate.
- */
- EeRaSuccessorEnrollmentCertRequestSpdu ::=
- Ieee1609Dot2Data-SignedEncryptedCertRequest {ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- eeRaSuccessorEnrollmentCertRequest
- })
- },
- SignerSingleCert
- }
-
-/**
- * @class RaEeEnrollmentCertAckSpdu
- *
- * @brief This structure is the SPDU used to send a signed RaEeCertInfo. For
- * the signature to be valid the signing certificate shall conform to the RA
- * certificate profile given in 7.7.3.9.
- */
- RaEeEnrollmentCertAckSpdu ::= Ieee1609Dot2Data-Signed {
- ScmsPdu-Scoped {
- EeRaInterfacePdu (WITH COMPONENTS {
- raEeCertInfo (WITH COMPONENTS {
- acpcTreeId ABSENT
- })
- })
- },
- SecurityMgmtPsid
- }
-
-/**
- * @class EeRaEncryptedSignedMisbehaviorReportSpdu
- *
- * @brief This structure is used for misbehavior report upload when EE
- * authentication is done at the SCMS REST API v2 level (see 6.3.5.6). The
- * contents of the encrypted data are misbehavior report specific and
- * outside the scope of this document. The contents are encrypted for the MA
- * certificate.
- */
- EeRaEncryptedSignedMisbehaviorReportSpdu ::=
- Ieee1609Dot2Data-EncryptedOpenSigned {AnyMbrPsid}
-
-/**
- * @class EeRaEncryptedMisbehaviorReportSpdu
- *
- * @brief This structure is used for misbehavior report upload when EE
- * authentication is done at the Web API level (see 6.3.5.6). The contents of
- * the encrypted data are misbehavior report specific and outside the scope
- * of this document. The contents are encrypted for the MA certificate.
- */
- EeRaEncryptedMisbehaviorReportSpdu ::= Ieee1609Dot2Data-EncryptedOpen
-
-/**
- * @class AnyMbrPsid
- *
- * @brief This structure is a list of the PSIDs entitled to authorize
- * misbehavior report upload. It currently only lists one PSID. It is
- * intended to be extensible as additional misbehavior reporting PSIDs are
- * defined and to take the form AnyMbrPsid = Psid (BaseMbrPsid | MbrPsid2 |
- * MbrPsid3 | etc.).
- */
- AnyMbrPsid ::= Psid(BaseMbrPsid)
-
-/**
- * @class BaseMbrPsid
- *
- * @brief This PSID identifies misbehavior reporting for a baseline set of
- * applications. It is owned by CAMP.
- */
- BaseMbrPsid ::= Psid(38)
-
---***************************************************************************--
--- LA - MA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- LA - RA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- MA - RA Interface --
---***************************************************************************--
-
---***************************************************************************--
--- Service Specific Permissions --
---***************************************************************************--
-
-/**
- * @class ScmsSsp
- *
- * @brief This parent structure defines the SSP for PSID 0x23 and encompasses
- * all SSP structures defined in this document. An overview of this structure
- * is as follows:
- *
- *
NOTE: The LOP is in the SSP for backward compatibility reasons,
- * and in practice, in this design the LOP does not have a certificate.
- *
- * @param elector contains the SSP defined for an elector.
- *
- * @param root contains the SSP defined for a root CA.
- *
- * @param pg contains the SSP defined for a policy generator.
- *
- * @param ica contains the SSP defined for an intermediate CA.
- *
- * @param eca contains the SSP defined for an enrollment CA.
- *
- * @param aca contains the SSP defined for an authorization CA.
- *
- * @param crl contains the SSP defined for a CRL signer.
- *
- * @param dcm contains the SSP defined for a device configuration manager.
- *
- * @param la contains the SSP defined for a linkage authority.
- *
- * @param lop contains the SSP defined for a location obscurer proxy.
- *
- * @param ma contains the SSP defined for a misbehavior authority.
- *
- * @param ra contains the SSP defined for a registration authority.
- *
- * @param ee contains the SSP defined for an end entity.
- *
- * @param dc contains the SSP defined for a distribution center.
- */
- ScmsSsp ::= CHOICE {
- elector ElectorSsp,
- root RootCaSsp,
- pg PgSsp,
- ica IcaSsp,
- eca EcaSsp,
- aca AcaSsp,
- crl CrlSignerSsp,
- dcm DcmSsp,
- la LaSsp,
- lop LopSsp,
- ma MaSsp,
- ra RaSsp,
- ee EeSsp,
- ...,
- dc DcSsp
- }
-
-/**
- * @class ElectorSsp
- *
- * @brief This structure defines the SSP for an elector when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- ElectorSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class RootCaSsp
- *
- * @brief This structure defines the SSP for a root CA when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- RootCaSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class PgSsp
- *
- * @brief This structure defines the SSP for a policy generator when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- PgSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class IcaSsp
- *
- * @brief This structure defines the SSP for an intermediate CA when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- IcaSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class EcaSsp
- *
- * @brief This structure defines the SSP for an enrollment CA when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- EcaSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class AcaSsp
- *
- * @brief This structure defines the SSP for an ACA when it is authorizing
- * Security Management messages (PSID 0x23). It has no parameters other than
- * the version number.
- */
- AcaSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class CrlSignerSsp
- *
- * @brief This structure defines the SSP for a CRL signer when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- *
- *
NOTE: The SSP for a CRL signer when signing CRLs is associated with
- * PSID 0x0100 and is defined in IEEE Std 1609.2.
- */
- CrlSignerSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class DcmSsp
- *
- * @brief This structure defines the SSP for a device configuration manager
- * when it is authorizing Security Management messages (PSID 0x23). It has
- * no parameters other than the version number.
- */
- DcmSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class LaSsp
- *
- * @brief This structure defines the SSP for a linkage authority when it is
- * authorizing Security Management messages (PSID 0x23). The SSP contains
- * the 16 bit LA ID for that linkage authority.
- */
- LaSsp ::= SEQUENCE {
- version Uint8 (2),
- laId Uint16,
- ...
- }
-
-/**
- * @class LopSsp
- *
- * @brief This structure defines the SSP for a location obscurer proxy (LOP)
- * when it is authorizing Security Management messages (PSID 0x23). It has
- * no parameters other than the version number.
- *
- *
NOTE: The LOP is in the SSP for backward compatibility reasons, and
- * in practice, in this design the LOP does not have a certificate.
- */
- LopSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class MaSsp
- *
- * @brief This structure defines the SSP for a misbehavior authority when it
- * is authorizing Security Management messages (PSID 0x23). Its parameters
- * indicate the PSIDs associated with the misbehavior that is to be reported
- * to that MA (see 4.1.5 for further details). The certificate containing
- * this SSP is the MA Certificate to which an end entity should encrypt
- * misbehavior reports related to the indicated PSIDs.
- */
- MaSsp ::= SEQUENCE {
- version Uint8 (2),
- relevantPsids SequenceOfPsid,
- ...
- }
-
-/**
- * @class RaSsp
- *
- * @brief This structure defines the SSP for an RA when it is authorizing
- * Security Management messages (PSID 0x23). It has no parameters other than
- * the version number.
- */
- RaSsp ::= SEQUENCE {
- version Uint8 (2),
- ...
- }
-
-/**
- * @class EeSsp
- *
- * @brief This structure defines the SSP for an end entity when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- EeSsp ::= SEQUENCE {
- version Uint8(2),
- ...
- }
-
-/**
- * @class AcpcSsp
- *
- * @brief This is a container for ACPC-related SSPs, specifying one SSP for
- * each role. The only SSP defined in this document is the CamSsp, used in
- * the CAM certificate that signs a SignedAprvBinaryTree or a
- * SignedIndividualAprv. The SSP shall be C-OER encoded for inclusion in the
- * CAM certificate. New versions of the CAM SSP should be handled by
- * extending this structure rather than by use of a version number in the
- * CamSsp structure.
- *
- *
The AcpcSsp is associated with the AcpcPsid in the CAM certificate's
- * appPermissions field.
- */
- AcpcSsp ::= CHOICE {
- cam CamSsp,
- ...
- }
-
-/**
- * @class CamSsp
- *
- * @brief This is a list of the ACPC Tree IDs for which the containing CAM
- * certificate is entitled to sign a SignedAprvBinaryTree or a
- * SignedIndividualAprv. The SSP entitles the certificate holder to sign
- * either of these structures.
- */
- CamSsp ::= SEQUENCE (SIZE(1..MAX)) OF AcpcTreeId
-
-/**
- * @class DcSsp
- *
- * @brief This structure defines the SSP for a distribution center when it is
- * authorizing Security Management messages (PSID 0x23). It has no
- * parameters other than the version number.
- */
- DcSsp ::= SEQUENCE {
- version Uint8(2),
- ...
- }
-
-END
\ No newline at end of file
+--***************************************************************************--
+-- IEEE Std 1609.2.1 --
+--***************************************************************************--
+
+/**
+ * @note Section references in this file are to clauses in IEEE Std
+ * 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ * abbreviations used in this file are specified in 3.2.
+ */
+
+Ieee1609Dot2Dot1Protocol {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) protocol(17)
+ major-version-3(3) minor-version-1(1)}
+
+DEFINITIONS AUTOMATIC TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+ Certificate,
+ CertificateId,
+ Ieee1609Dot2Data,
+ SequenceOfCertificate,
+ SequenceOfPsidGroupPermissions,
+ SignerIdentifier,
+ ToBeSignedCertificate,
+ VerificationKeyIndicator
+FROM Ieee1609Dot2 {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609)
+ dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)}
+WITH SUCCESSORS
+
+ CrlSeries,
+ EccP256CurvePoint,
+ EccP384CurvePoint,
+ EcdsaP256Signature,
+ EcdsaP384Signature,
+ GeographicRegion,
+ HashAlgorithm,
+ HashedId3,
+ Psid,
+ PublicEncryptionKey,
+ PublicVerificationKey,
+ SequenceOfPsid,
+ SequenceOfPsidSsp,
+ Signature,
+ SubjectAssurance,
+ Uint8,
+ Uint16,
+ ValidityPeriod
+FROM Ieee1609Dot2BaseTypes {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ base(1) base-types(2) major-version-2(2) minor-version-3(3)}
+WITH SUCCESSORS
+
+ AcaEeInterfacePdu
+FROM Ieee1609Dot2Dot1AcaEeInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2)
+ minor-version-3(3)}
+WITH SUCCESSORS
+
+ AcaLaInterfacePdu
+FROM Ieee1609Dot2Dot1AcaLaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-la(2) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ AcaMaInterfacePdu
+FROM Ieee1609Dot2Dot1AcaMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ma(3) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ AcaRaInterfacePdu
+FROM Ieee1609Dot2Dot1AcaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-3(3)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ AcpcTreeId
+FROM Ieee1609Dot2Dot1Acpc {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ CertManagementPdu
+FROM Ieee1609Dot2Dot1CertManagement {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) cert-management(7)
+ major-version-3(3) minor-version-1(1)}
+WITH SUCCESSORS
+
+ EcaEeInterfacePdu
+FROM Ieee1609Dot2Dot1EcaEeInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) eca-ee(9) major-version-3(3)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ EeMaInterfacePdu
+FROM Ieee1609Dot2Dot1EeMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ EeRaInterfacePdu
+FROM Ieee1609Dot2Dot1EeRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-3(3)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ LaMaInterfacePdu
+FROM Ieee1609Dot2Dot1LaMaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ LaRaInterfacePdu
+FROM Ieee1609Dot2Dot1LaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+
+ MaRaInterfacePdu
+FROM Ieee1609Dot2Dot1MaRaInterface {iso(1) identified-organization(3) ieee(111)
+ standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2)
+ extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2)
+ minor-version-1(1)}
+WITH SUCCESSORS
+;
+
+/**
+ * @brief This PSID, 0x23, identifies security management activities as
+ * defined in this document.
+ */
+SecurityMgmtPsid ::= Psid (35)
+
+/**
+ * @brief This is the parent structure that encompasses all parent structures
+ * of interfaces defined in the SCMS. An overview of this structure is as
+ * follows:
+ * - aca-ee contains the interface structures defined for interaction
+ * between the ACA and the EE.
+ * - aca-la contains the interface structures defined for interaction
+ * between the ACA and the LA.
+ * - aca-ma contains the interface structures defined for interaction
+ * between the ACA and the MA.
+ * - aca-ra contains the interface structures defined for interaction
+ * between the ACA and the RA.
+ * - cert contains the interface structures defined for certificate
+ * management.
+ * - eca-ee contains the interface structures defined for interaction
+ * between the ECA and the EE.
+ * - ee-ma contains the interface structures defined for interaction
+ * between the EE and the MA.
+ * - ee-ra contains the interface structures defined for interaction
+ * between the EE and the RA.
+ * - la-ma contains the interface structures defined for interaction
+ * between the LA and the MA.
+ * - la-ra contains the interface structures defined for interaction
+ * between the LA and the RA.
+ * - ma-ra contains the interface structures defined for interactions
+ * between the MA and the RA.
+ *
+ * @param version: contains the current version of the structure.
+ */
+ScmsPdu ::= SEQUENCE {
+ version Uint8 (2),
+ content CHOICE {
+ aca-ee AcaEeInterfacePdu,
+ aca-la AcaLaInterfacePdu,
+ aca-ma AcaMaInterfacePdu,
+ aca-ra AcaRaInterfacePdu,
+ cert CertManagementPdu,
+ eca-ee EcaEeInterfacePdu,
+ ee-ma EeMaInterfacePdu,
+ ee-ra EeRaInterfacePdu,
+ la-ma LaMaInterfacePdu,
+ la-ra LaRaInterfacePdu,
+ ma-ra MaRaInterfacePdu,
+ ...
+ }
+}
+
+
+--***************************************************************************--
+-- Parameterized Types --
+--***************************************************************************--
+
+/**
+ * @brief This structure defines a parameterized type for creating a scoped
+ * data as a subtype of ScmsPdu.
+ */
+ScmsPdu-Scoped {Pdu} ::= ScmsPdu (WITH COMPONENTS {
+ ...,
+ content (CONSTRAINED BY {
+ Pdu
+ })
+})
+
+/**
+ * @brief This structure defines a parameterized type for creating an
+ * unsecured data as a subtype of Ieee1609Dot2Data.
+ */
+Ieee1609Dot2Data-Unsecured {Tbu} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ content (WITH COMPONENTS {
+ ...,
+ unsecuredData (CONTAINING Tbu)
+ })
+})
+
+/**
+ * @brief This structure defines a parameterized type for creating a signed
+ * data as a subtype of Ieee1609Dot2Data.
+ */
+Ieee1609Dot2Data-Signed {Tbs, Psid} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ ...,
+ signedData (WITH COMPONENTS {
+ ...,
+ tbsData (WITH COMPONENTS {
+ ...,
+ payload (WITH COMPONENTS {
+ ...,
+ data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ unsecuredData (CONTAINING Tbs)
+ })
+ })
+ }),
+ headerInfo (WITH COMPONENTS {
+ ...,
+ psid (Psid),
+ generationTime ABSENT,
+ expiryTime ABSENT,
+ generationLocation ABSENT,
+ p2pcdLearningRequest ABSENT,
+ missingCrlIdentifier ABSENT,
+ encryptionKey ABSENT
+ })
+ }),
+ signer (SignerSingleCert)
+ })
+ })
+})
+
+/**
+ * @brief This structure defines a parameterized type for creating an
+ * encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
+ * structure is as follows:
+ *
+ * @param Tbe: is first encrypted per IEEE 1609.2. Per IEEE 1609.2, this
+ * includes encapsulating Tbe in an Ieee1609Dot2Data of type unsecured if
+ * Tbe is not already an Ieee1609Dot2Data. The ciphertext output from the
+ * encryption of Tbe is used to set the encryptedData.ciphertext field. The
+ * encryptedData.recipients field is set to reflect the recipients. This
+ * parameterized type does not provide parameters to set the recipients; that
+ * information is set directly by the entity that creates an instance of this
+ * type.
+ */
+Ieee1609Dot2Data-Encrypted {Tbe} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ encryptedData (CONSTRAINED BY {
+ --encryption of-- Tbe
+ })
+ })
+})
+
+/**
+ * @brief This structure defines a parameterized type for creating a signed
+ * certificate request as a subtype of Ieee1609Dot2Data.
+ */
+Ieee1609Dot2Data-SignedCertRequest {Tbscr, Signer} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ ...,
+ signedCertificateRequest (CONTAINING
+ SignedCertificateRequest (WITH COMPONENTS {
+ ...,
+ tbsRequest (Tbscr),
+ signer (Signer)
+ }))
+ })
+})
+
+/**
+ * @brief This structure is a wrapper for an ITU-T X.509 certificate.
+ *
+ * @note ITU-T X.509 certificates are encoded with the ASN.1 DER
+ * rather than the OER used in this document and so cannot be "directly"
+ * imported into these structures.
+ */
+X509Certificate ::= OCTET STRING
+
+/**
+ * @brief This type is used for clarity of definitions.
+ */
+SequenceOfX509Certificate ::=
+ SEQUENCE (SIZE(1..MAX)) OF X509Certificate
+
+/**
+ * @brief This structure identifies an ITU-T X.509 certificate used to sign a
+ * signed data structure. The only data structure currently defined that can
+ * be signed by an ITU-T X.509 certificate is SignedX509CertificateRequest.
+ */
+X509SignerIdentifier ::= CHOICE {
+ certificate SequenceOfX509Certificate,
+ ...
+}
+
+/**
+ * @brief This structure defines a parameterized type for creating a
+ * certificate request, signed with an ITU-T X.509 certificate, as a subtype of
+ * Ieee1609Dot2Data. It makes use of the extension of Ieee1609Dot2Content
+ * defined in 11.2.3.
+ */
+Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {Tbscr, Signer} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ ...,
+ signedX509CertificateRequest (CONTAINING
+ SignedX509CertificateRequest (WITH COMPONENTS {
+ ...,
+ tbsRequest (Tbscr),
+ signer (Signer)
+ }))
+ })
+})
+
+/**
+ * @brief This structure defines a parameterized type for creating a signed
+ * then encrypted data as a subtype of Ieee1609Dot2Data.
+ */
+Ieee1609Dot2Data-SignedEncrypted {Tbse, Psid} ::=
+ Ieee1609Dot2Data-Encrypted {
+ Ieee1609Dot2Data-Signed {
+ Tbse,
+ Psid
+ }
+}
+
+/**
+ * @brief This structure defines a parameterized type for creating an
+ * encrypted then signed data as a subtype of Ieee1609Dot2Data.
+ *
+ * @note This parameterized type inadvertently adds some overhead.
+ * The Ieee1609Dot2Data-EncryptedSigned {Tbes, Psid} structure, because it
+ * puts Ieee1609Dot2Data-Encrypted inside Ieee1609Dot2Data-Signed {Tbs, Psid},
+ * and because Ieee1609Dot2Data-Signed {Tbs, Psid} puts Tbs inside
+ * unsecuredData, Tbes is "Signed (Unsecured (Encrypted))" instead of
+ * "Signed (Encrypted))", which was the intent and also in the original CAMP
+ * design. Other documents that use this document may be better off defining
+ * this structure on their own, if they want avoid this overhead.
+ */
+Ieee1609Dot2Data-EncryptedSigned {Tbes, Psid} ::=
+ Ieee1609Dot2Data-Signed {
+ Ieee1609Dot2Data-Encrypted {
+ Tbes
+ },
+ Psid
+}
+
+/**
+ * @brief This structure defines a parameterized type for creating a signed
+ * then encrypted certificate request as a subtype of Ieee1609Dot2Data.
+ */
+Ieee1609Dot2Data-SignedEncryptedCertRequest {Tbstecr, Signer} ::=
+ Ieee1609Dot2Data-Encrypted {
+ Ieee1609Dot2Data-SignedCertRequest {
+ Tbstecr,
+ Signer
+ }
+}
+
+/**
+ * @brief This structure defines a parameterized type for creating an
+ * encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
+ * structure is as follows:
+ *
+ * @param Tbe: is first encrypted and the resulting ciphertext is used as
+ * input to the encryptedData field.
+ */
+Ieee1609Dot2Data-SymmEncryptedSingleRecipient {Tbe} ::=
+ Ieee1609Dot2Data (WITH COMPONENTS {
+ ...,
+ content (WITH COMPONENTS {
+ encryptedData (CONSTRAINED BY {
+ --contains only one RecipientInfo, of form symmRecipinfo
+ --symmetric encryption of-- Tbe
+ })
+ })
+})
+
+--***************************************************************************--
+-- Signer Types --
+--***************************************************************************--
+
+/**
+ * @brief This structure is used to indicate a SignerIdentifier with a
+ * certificate chain of size 1.
+ */
+SignerSingleCert ::= SignerIdentifier (WITH COMPONENTS {
+ certificate (SequenceOfCertificate (SIZE (1)))
+})
+
+/**
+ * @brief This structure is used to indicate an X509SignerIdentifier with a
+ * certificate chain of size 1.
+ */
+SignerSingleX509Cert ::= X509SignerIdentifier (WITH COMPONENTS {
+ certificate (SequenceOfX509Certificate (SIZE (1)))
+})
+
+/**
+ * @brief This structure is used to indicate a SignerIdentifier of type self.
+ */
+SignerSelf ::= SignerIdentifier (WITH COMPONENTS {
+ self
+})
+
+--***************************************************************************--
+-- Certificate Requests --
+--***************************************************************************--
+
+/**
+ * @brief This structure defines the all certificate request structures as a
+ * scoped version of the ScmsPdu.
+ */
+ScopedCertificateRequest ::= ScmsPdu (
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ raAcaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ eeEcaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaSuccessorEnrollmentCertRequest
+ })
+ }
+)
+
+/**
+ * @brief This structure defines the format of a signed certificate request.
+ * An overview of this structure is as follows:
+ *
+ * The signature is generated on the hash of this structure, obtained
+ * per the rules specified for hashing data objects in 5.3.1 of IEEE Std
+ * 1609.2a-2017, where the parameter Data Input shall be the C-OER
+ * encoding of tbsRequest, and the parameter Signer Identifier Input
+ * depending on whether the request is self-signed or signed using an
+ * enrollment certificate:
+ * - If the request is self-signed, the parameter Signer Identifier
+ * Input shall be the empty string, i.e., a string of length 0.
+ * - If the request is signed using an enrollment certificate, the
+ * parameter Signer Identifier Input shall be the signer's enrollment
+ * certificate.
+ *
+ * @param hashAlgorithmId: contains the identifier of the hash algorithm used
+ * to calculate the hash of tbsRequest.
+ *
+ * @param tbsRequest: contains the certificate request information that is
+ * signed by the recipient.
+ *
+ * @param signer: denotes the signing entity's identifier.
+ *
+ * @param signature: contains the request sender's signature.
+ */
+SignedCertificateRequest ::= SEQUENCE {
+ hashAlgorithmId HashAlgorithm,
+ tbsRequest ScopedCertificateRequest,
+ signer SignerIdentifier,
+ signature Signature
+}
+
+/**
+ * @brief This structure contains a certificate request signed with an ITU-T
+ * X.509 certificate. The only type of certificate request signed with an
+ * ITU-T X.509 certificate supported in this document is an authorization
+ * certificate request. An overview of this structure is as follows:
+ *
+ * The signature is generated on the hash of this structure, obtained
+ * per the rules specified for hashing data objects in 5.3.1 of IEEE Std
+ * 1609.2a-2017, where the parameter Data Input shall be the C-OER
+ * encoding of tbsRequest, and the parameter Signer Identifier Input
+ * shall be the signer's certificate, that is, the ITU-T X.509 certificate
+ * contained in the OCTET STRING indicated by the first X509Certificate in
+ * signer. For example, if the signer is as below, the first 6 bytes are the
+ * ASN.1 encoding overhead, where 80 01 01 is the overhead for signer, and
+ * then 82 01 AC is the overhead introduced by the OCTET STRING encoding for
+ * the first (in this case, the only) X509Certificate; and the first
+ * X509Certificate is contained in the next 428 bytes (30 82 01 ... 00 00 00),
+ * so the parameter Signer Identifier Input shall be '30 82 01 ... 00 00 00'.
+ *
+ * An example X509SignerIdentifier with one X509Certificate:
+ *
+ * 80 01 01 82 01 AC 30 82 01 A8 30 82 01 4D A0 03 02 01 02 02 04 90
+ * C5 9D 21 30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 24 31 0A 30 08 06 03 55 04
+ * 06 13 01 00 31 0A 30 08 06 03 55 04 0A 13 01 00 31 0A 30 08 06 03 55 04 03
+ * 13 01 00 30 1E 17 0D 30 30 30 31 30 31 30 30 30 30 30 30 5A 17 0D 30 30 30
+ * 31 30 31 30 30 30 30 30 30 5A 30 24 31 0A 30 08 06 03 55 04 06 13 01 00 31
+ * 0A 30 08 06 03 55 04 0A 13 01 00 31 0A 30 08 06 03 55 04 03 13 01 00 30 59
+ * 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A3 6D 30 6B 30 0A 06 03 55 1D 0E
+ * 04 03 04 01 00 30 0A 06 03 55 1D 23 04 03 04 01 00 30 0C 06 03 55 1D 13 01
+ * 01 FF 04 02 30 00 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 03 C8 30 0A 06
+ * 03 55 1D 25 04 03 04 01 00 30 0A 06 03 55 1D 1F 04 03 04 01 00 30 0F 06 08
+ * 2B 06 01 05 05 07 01 01 04 03 04 01 00 30 0A 06 03 55 1D 20 04 03 04 01 00
+ * 30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 49 00 00 00 00 00 00 00 00 00 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ * 00 00 00 00 00 00 00 00 00 00 00 00
+ *
+ * @param hashAlgorithmId: contains the identifier of the hash algorithm used
+ * inside the binary tree.
+ *
+ * @param tbsRequest: contains the certificate request information that is
+ * signed by the recipient.
+ *
+ * @param signer: denotes the signing entity's identifier.
+ *
+ * @param signature: contains the request sender's signature.
+ */
+SignedX509CertificateRequest ::= SEQUENCE {
+ hashAlgorithmId HashAlgorithm,
+ tbsRequest ScopedCertificateRequest,
+ signer X509SignerIdentifier,
+ signature Signature
+}
+
+--***************************************************************************--
+-- ACA - EE Interface --
+--***************************************************************************--
+
+/**
+ * @brief This structure contains a certificate response for consumption by
+ * the EE. In the architecture of this document, although it is created by the
+ * ACA, it is made available to the EE via the RA as described in 8.2.
+ *
+ * The ACA creates this response when 1) the compact unified
+ * butterfly key mechanism is not being used (that is, some other flavor of
+ * butterfly key is being used, or butterfly keys are not being used) and 2)
+ * it is not necessary to protect the EE's privacy from the RA, for example,
+ * when the certificate being returned is not a pseudonym certificate.
+ */
+AcaEeCertResponsePlainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ }
+}
+
+/**
+ * @brief This structure contains a certificate response for consumption by
+ * the EE. In the architecture of this document, although it is created by the
+ * ACA, it is made available to the EE via the RA as described in 8.2.
+ *
+ * The ACA creates this response when 1) the compact unified
+ * butterfly key mechanism is not being used (that is, some other flavor of
+ * butterfly key is being used, or butterfly keys are not being used) and 2)
+ * it is necessary to protect the EE's privacy from the RA, for example when
+ * the certificate being returned is a pseudonym certificate.
+ *
+ * The structure consists of a signed SPDU containing an encrypted
+ * SPDU.
+ *
+ * The encrypted SPDU is encrypted with the response
+ * encryption key that was provided to the ACA for that purpose. This key is
+ * determined as follows:
+ * - If the original EeRaCertRequest from the end entity indicated a single
+ * response encryption key, that is, if the additionalParams.encryptionKey
+ * field was present in the request, then the response is encrypted with that
+ * key.
+ * - If the original EeRaCertRequest from the end entity indicated a
+ * response encryption key generated with the "original" butterfly key
+ * mechanism, that is, the additionalParams.original field was provided in the
+ * request, then the response is encrypted with the cocoon encryption key
+ * derived from additionalParams.original.encryptionKey and
+ * additionalParams.original.encryptionExpansion as specified in 9.3.4.2
+ * and the corresponding decryption private key is derived as specified in
+ * 9.3.4.1.
+ * - If the original EeRaCertRequest from the end entity indicated a
+ * response encryption key generated with the "unified" butterfly key
+ * mechanism, that is, the additionalParams.unified field was provided in the
+ * request, then the response is encrypted with the cocoon encryption key
+ * derived from tbsCert.verifyKeyIndicator and additionalParams.unified as
+ * specified in 9.3.4.2 and the corresponding decryption private key is
+ * derived as specified in 9.3.4.1.
+ *
+ * See 9.3 for more material about butterfly keys.
+ *
+ * The resulting Ieee1609Dot2Data of content type encryptedData is
+ * signed by the same ACA certificate that was used to issue the certificate
+ * field in the AcaEeCertResponse. If this structure is signed by a different
+ * ACA certificate, it is invalid. The ACA certificate shall follow the ACA
+ * certificate profile given in 7.7.3.2.
+ *
+ * @note:
+ * - Other potential responses to an authorization certificate
+ * request: If the original request indicated the use of "compact unified"
+ * butterfly key mechanism by including the additionalParams.compactUnified
+ * field, the response shall be a AcaEeCertResponseCubkSpdu, not a
+ * AcaEeCertResponsePrivateSpdu.
+ *
+ * - How the ACA obtains the response encryption key: This
+ * document provides the RaAcaCertRequest structure to allow the RA to
+ * indicate whether the original or unified butterfly key mechanism is to be
+ * used via the flags field. The encryption key for encrypting
+ * AcaEeCertResponse is calculated by the indicated method even if the RA
+ * does not use an RaAcaCertRequest as defined in this document to
+ * communicate the certificate request to the ACA.
+ *
+ * - Consistency between inner and outer signers, and the IEEE
+ * Std 1609.2 model. This SPDU introduces a new type of validity condition
+ * by requiring that the ACA that signs the outer signed SPDU is also the ACA
+ * that issued the certificate inside the encrypted SPDU. This requires that
+ * to verify the inner "SPDU", that is, the certificate, the verifier
+ * needs to store the information from the outer SPDU. This is not a violation
+ * of the IEEE 1609.2 model: Subclause 4.2.2.3 of IEEE Std 1609.2 considers all
+ * operations carried out on received data to be atomic and does not put any
+ * restrictions on the information that is stored between operations. However,
+ * it should be noted that because the IEEE 1609.2 approach enables SPDUs to
+ * be nested within one another as Ieee1609Dot2Data, in principle an
+ * implementation could be built that iterated through the layers of a nested
+ * SPDU within a single call from the invoking application instance. (And it
+ * should also be noted that IEEE Std 1609.2 was consciously designed to
+ * enable this approach: Although the primitives provided in IEEE Std 1609.2
+ * only support the series-of-single-operations approach, an implementation
+ * could layer this "one-invocation processing" on top of the IEEE 1609.2
+ * interface as an optimization.) A "one-invocation processing" implementation
+ * of that type would have to anticipate situations of coupling between inner
+ * and outer SPDUs like the one created by this AcaEeCertResponsePrivateSpdu,
+ * and allow the invoking certificate management service to check consistency
+ * at the application layer, perhaps by (for example) returning the signing
+ * certificates for all nested signed SPDUs. How this is to be implemented is
+ * implementation specific; this note is intended as a notification of this
+ * potential issue to implementers planning to implement one-invocation
+ * processing.
+ */
+AcaEeCertResponsePrivateSpdu ::= Ieee1609Dot2Data-EncryptedSigned {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+
+/**
+ * @brief This structure contains a certificate response for consumption by
+ * the EE. In the architecture of this document, although it is created by
+ * the ACA, it is made available to the EE via the RA as described in 8.2.
+ *
+ * The ACA creates a certificate response in this form when the
+ * compact unified butterfly key mechanism is being used. If the
+ * RaAcaCertRequest structure was used to communicate between the RA and the
+ * ACA, the RA indicated use of compact unified butterfly keys by setting the
+ * cubk (1) bit in the bkType field in the corresponding RaAcaCertRequest.
+ *
+ * The AcaEeCertResponse is encrypted by the ACA using the cocoon
+ * public key for encryption. See 9.3.4.2 for how the ACA derives the cocoon
+ * public key for encryption, using the tbsCert.verifyKeyIndicator field in the
+ * corresponding RaAcaCertRequest as the input cocoon public key for signing
+ * Bt. See 9.3.4.1 for how the EE derives the corresponding cocoon private
+ * key for encryption.
+ */
+AcaEeCertResponseCubkSpdu ::= Ieee1609Dot2Data-Encrypted {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ }
+}
+
+--***************************************************************************--
+-- ACA - LA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- ACA - MA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- ACA - RA Interface --
+--***************************************************************************--
+
+/**
+ * @brief This structure is the SPDU used to send a signed RaAcaCertRequest.
+ * For the signature to be valid the signing certificate shall conform to the
+ * RA certificate profile given in 7.7.3.9, contain a PSID equal to
+ * SecurityMgmtPsid and a corresponding SSP containing the C-OER encoding of a
+ * SecurityMgmtSsp indicating RaSsp. The toBeSigned.certRequestPermissions
+ * field of the RA certificate shall permit the requested permissions in the
+ * raAcaCertRequest.tbsCert.appPermissions field.
+ */
+RaAcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ raAcaCertRequest
+ })
+ },
+ SignerSingleCert
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed AcaRaCertResponse.
+ * For the signature to be valid the signing certificate shall contain a PSID
+ * equal to SecurityMgmtPsid and a corresponding SSP containing the C-OER
+ * encoding of a SecurityMgmtSsp indicating AcaSsp.
+ */
+AcaRaCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ acaRaCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+
+--***************************************************************************--
+-- Certificate Management --
+--***************************************************************************--
+
+/**
+ * @brief This structure is the SPDU used to send an unsecured CompositeCrl.
+ * It is used to create composite CRL files as specified in 8.5.
+ */
+CompositeCrlSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ compositeCrl
+ })
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to send an unsecured
+ * CertificateChain. It is used to create certificate chain files as
+ * specified in 8.4.
+ */
+CertificateChainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ certificateChain
+ })
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to send an unsecured MultiSignedCtl.
+ */
+MultiSignedCtlSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ multiSignedCtl
+ })
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed
+ * ToBeSignedCtlSignature. For the signature to be valid, the signing
+ * certificate shall match the elector certificate profile in 7.7.3.7. This
+ * means that the signature is calculated as specified in IEEE Std 1609.2,
+ * with the data input to the hash process consisting of the C-OER encoding
+ * of the tbsData that includes the ToBeSignedCtlSignature.
+ */
+CtlSignatureSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ tbsCtlSignature
+ })
+ },
+ SecurityMgmtPsid
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed
+ * CertManagementInfoStatus. For the signature to be valid the signing
+ * certificate shall conform to the RA certificate profile given in 7.7.3.9 or
+ * the DC certificate profile given in 7.7.3.10.
+ */
+CertificateManagementInformationStatusSpdu ::=
+ Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ infoStatus
+ })
+ },
+ SecurityMgmtPsid
+}
+
+
+--***************************************************************************--
+-- ECA - EE Interface --
+--***************************************************************************--
+
+/**
+ * @brief This structure is the SPDU used to send a signed EeEcaCertRequest,
+ * as follows:
+ * - If eeEcaCertRequest.canonicalId is not present, the EE signs this
+ * structure using the private key corresponding to the
+ * tbsCert.verifyKeyIndicator field of the EeEcaCertRequest.
+ * - If eeEcaCertRequest.canonicalId is present, the EE signs this
+ * structure using the canonical private key as specified in 4.1.4.2.
+ */
+EeEcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ eeEcaCertRequest
+ })
+ },
+ SignerSelf
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed EcaEeCertResponse.
+ * For the signature to be valid, the signing certificate shall contain a PSID
+ * equal to SecurityMgmtPsid and a corresponding SSP containing the C-OER
+ * encoding of a SecurityMgmtSsp indicating EcaSsp.
+ */
+EcaEeCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ ecaEeCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+
+--***************************************************************************--
+-- EE - MA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- EE - RA Interface --
+--***************************************************************************--
+
+/**
+ * @brief This structure is the SPDU used to send a signed then encrypted
+ * EeRaCertRequest. It is a choice of the IEEE 1609.2 authenticated
+ * certificate request, which may be any kind of EE-RA certificate request,
+ * and the ITU-T X.509 certificate request, which is required to be an
+ * authorization certificate request.
+ */
+EeRaCertRequestSpdu ::= Ieee1609Dot2Data (
+ EeRa1609Dot2AuthenticatedCertRequestSpdu |
+ EeRaX509AuthenticatedCertRequestSpdu
+)
+
+/**
+ * @brief This structure is the SPDU used to send a signed then encrypted IEEE
+ * 1609.2 authenticated certificate request. The EE signs this structure
+ * using its enrollment certificate. The enrollment certificate shall conform
+ * to the enrollment certificate profile given in 7.7.3.5. The EE encrypts
+ * the signed structure using the encryptionKey from the RA's certificate.
+ */
+EeRa1609Dot2AuthenticatedCertRequestSpdu ::=
+ Ieee1609Dot2Data-SignedEncryptedCertRequest {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaCertRequest
+ })
+ },
+ SignerSingleCert
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed then encrypted ITU-T
+ * X.509authenticated certificate request. The EE signs this structure
+ * using its enrollment certificate. The enrollment certificate shall conform
+ * to the enrollment certificate profile given in 7.7.3.6. The EE encrypts
+ * the signed structure using the encryptionKey from the RA's certificate.
+ */
+EeRaX509AuthenticatedCertRequestSpdu ::= Ieee1609Dot2Data-Encrypted {
+ Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaCertRequest
+ })
+ },
+ SignerSingleX509Cert
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed RaEeCertAck to
+ * acknowledge the receipt of an EeRaCertRequestSpdu. For the signature to be
+ * valid the signing certificate shall conform to the RA certificate profile
+ * given in 7.7.3.9.
+ */
+RaEeCertAckSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertAck
+ })
+ },
+ SecurityMgmtPsid
+}
+
+/**
+ * @brief This structure is the SPDU used to create an unsigned .info file
+ * to be included in a certificate batch zip file as specified in 8.2. This
+ * SPDU is used if the RaEeCertInfo does not contain an acpcTreeId field.
+ */
+RaEeCertInfoSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId ABSENT
+ })
+ })
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to create a signed .info file to
+ * be included in a certificate batch zip file as specified in 8.2. This
+ * SPDU is used if the RaEeCertInfo contains an acpcTreeId field. For the
+ * signature to be valid the signing certificate shall conform to the RA
+ * certificate profile given in 7.7.3.9.
+ */
+RaEeCertAndAcpcInfoSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId PRESENT
+ })
+ })
+ },
+ SecurityMgmtPsid
+}
+
+/**
+ * @brief This structure is the SPDU used to send an unsecured
+ * EeRaDownloadRequest.
+ */
+EeRaDownloadRequestPlainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaDownloadRequest
+ })
+ }
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed then encrypted
+ * EeRaDownloadRequest. The EE signs this structure using its enrollment
+ * certificate. The enrollment certificate shall conform to the enrollment
+ * certificate profile given in 7.7.3.5. The EE encrypts the signed
+ * structure using the encryptionKey from the RA's certificate.
+ */
+EeRaDownloadRequestSpdu ::= Ieee1609Dot2Data-SignedEncrypted {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaDownloadRequest
+ })
+ },
+ SecurityMgmtPsid
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed then encrypted
+ * EeEcaCertRequestSpdu. The EE signs this structure using its enrollment
+ * certificate. The enrollment certificate shall conform to the enrollment
+ * certificate profile given in 7.7.3.5. The EE encrypts the signed
+ * structure using the encryptionKey from the RA's certificate.
+ */
+EeRaSuccessorEnrollmentCertRequestSpdu ::=
+ Ieee1609Dot2Data-SignedEncryptedCertRequest {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaSuccessorEnrollmentCertRequest
+ })
+ },
+ SignerSingleCert
+}
+
+/**
+ * @brief This structure is the SPDU used to send a signed RaEeCertInfo. For
+ * the signature to be valid the signing certificate shall conform to the RA
+ * certificate profile given in 7.7.3.9.
+ */
+RaEeEnrollmentCertAckSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId ABSENT
+ })
+ })
+ },
+ SecurityMgmtPsid
+}
+
+--***************************************************************************--
+-- LA - MA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- LA - RA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- MA - RA Interface --
+--***************************************************************************--
+
+--***************************************************************************--
+-- Service Specific Permissions --
+--***************************************************************************--
+
+/**
+ * @brief This parent structure defines the SSP for SecurityMgmtPsid and
+ * encompasses all SSP structures defined in this document. An overview of
+ * this structure is as follows:
+ *
+ * @note The LOP is in the SSP for backward compatibility reasons,
+ * and in practice, in this design the LOP does not have a certificate.
+ *
+ * @param elector: contains the SSP defined for an elector.
+ *
+ * @param root: contains the SSP defined for a root CA.
+ *
+ * @param pg: contains the SSP defined for a policy generator.
+ *
+ * @param ica: contains the SSP defined for an intermediate CA.
+ *
+ * @param eca: contains the SSP defined for an enrollment CA.
+ *
+ * @param aca: contains the SSP defined for an authorization CA.
+ *
+ * @param crl: contains the SSP defined for a CRL signer.
+ *
+ * @param dcm: contains the SSP defined for a device configuration manager.
+ *
+ * @param la: contains the SSP defined for a linkage authority.
+ *
+ * @param lop: contains the SSP defined for a location obscurer proxy.
+ *
+ * @param ma: contains the SSP defined for a misbehavior authority.
+ *
+ * @param ra: contains the SSP defined for a registration authority.
+ *
+ * @param ee: contains the SSP defined for an end entity.
+ *
+ * @param dc: contains the SSP defined for a distribution center.
+ */
+SecurityMgmtSsp ::= CHOICE {
+ elector ElectorSsp,
+ root RootCaSsp,
+ pg PgSsp,
+ ica IcaSsp,
+ eca EcaSsp,
+ aca AcaSsp,
+ crl CrlSignerSsp,
+ dcm DcmSsp,
+ la LaSsp,
+ lop LopSsp,
+ ma MaSsp,
+ ra RaSsp,
+ ee EeSsp,
+ ...,
+ dc DcSsp
+ }
+
+TestSecurityMgmtSsp ::= SecurityMgmtSsp
+
+/**
+ * @brief This structure defines the SSP for an elector when it is authorizing
+ * SecurityMgmtPsid messages. It has no parameters other than the version
+ * number.
+ */
+ElectorSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a root CA when it is authorizing
+ * SecurityMgmtPsid messages. It has no parameters other than the version
+ * number.
+ */
+RootCaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a policy generator when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+PgSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for an intermediate CA when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+IcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for an enrollment CA when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+EcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for an authorization CA when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+AcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a CRL signer when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ *
+ * @note The SSP for a CRL signer when signing CRLs is associated with
+ * PSID 0x0100 and is defined in IEEE Std 1609.2.
+ */
+CrlSignerSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a device configuration manager
+ * when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ * other than the version number.
+ */
+DcmSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a linkage authority when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+LaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ laId Uint16,
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a location obscurer proxy (LOP)
+ * when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ * other than the version number.
+ *
+ * @note The LOP is in the SSP for backward compatibility reasons, and
+ * in practice, in this design the LOP does not have a certificate.
+ */
+LopSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for a misbehavior authority when it
+ * is authorizing SecurityMgmtPsid messages. Its parameters
+ * indicate the PSIDs associated with the misbehavior that is to be reported
+ * to that MA (see 4.1.5 for further details). The certificate containing
+ * this SSP is the MA Certificate to which an end entity should encrypt
+ * misbehavior reports related to the indicated PSIDs.
+ */
+MaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ relevantPsids SequenceOfPsid,
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for an RA when it is authorizing
+ * SecurityMgmtPsid messages. It has no parameters other than the version
+ * number.
+ */
+RaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+
+/**
+ * @brief This structure defines the SSP for an end entity when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+EeSsp ::= SEQUENCE {
+ version Uint8(2),
+ ...
+}
+
+/**
+ * @brief This is a container for ACPC-related SSPs, specifying one SSP for
+ * each role. The only SSP defined in this document is the CamSsp, used in
+ * the CAM certificate that signs a SignedAprvBinaryTree or a
+ * SignedIndividualAprv. The SSP shall be C-OER encoded for inclusion in the
+ * CAM certificate. New versions of the CAM SSP should be handled by
+ * extending this structure rather than by use of a version number in the
+ * CamSsp structure.
+ *
+ * The AcpcSsp is associated with the AcpcPsid in the CAM certificate's
+ * appPermissions field.
+ */
+AcpcSsp ::= CHOICE {
+ cam CamSsp,
+ ...
+}
+
+/**
+ * @brief This is a list of the ACPC Tree IDs for which the containing CAM
+ * certificate is entitled to sign a SignedAprvBinaryTree or a
+ * SignedIndividualAprv. The SSP entitles the certificate holder to sign
+ * either of these structures.
+ */
+CamSsp ::= SEQUENCE (SIZE(1..MAX)) OF AcpcTreeId
+
+/**
+ * @brief This structure defines the SSP for a distribution center when it is
+ * authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ * version number.
+ */
+DcSsp ::= SEQUENCE {
+ version Uint8(2),
+ ...
+}
+
+END
diff --git a/asn2md.py b/asn2md.py
new file mode 100755
index 0000000000000000000000000000000000000000..b6dfc686d27856accc038724f8a044cb843affca
--- /dev/null
+++ b/asn2md.py
@@ -0,0 +1,363 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import argparse # parse arguments
+import os.path # getting extension from file
+import sys # output and stuff
+import re # for regular expressions
+import copy # for copy
+if (sys.version_info > (3, 0)):
+ import urllib.parse #
+else:
+ import urllib #
+
+## extract doxygen-tag namespace
+RE_MODULE = re.compile( r'^\s*([A-Z][\w-]*)\s*({.*?})?\s*DEFINITIONS.*?::=\s*?BEGIN(.*)END', re.VERBOSE | re.MULTILINE | re.DOTALL)
+
+RE_SPACES = re.compile(r'\s+')
+
+RE_COMMENTS = re.compile(r'^\s*--.*?\n|--.*?(?:--|$)|/\*.*?\*/[\t ]*\n?', re.MULTILINE|re.DOTALL)
+
+RE_BASIC_TYPES = re.compile(r'^OCTET\s+STRING|BIT\s+STRING|BOOLEAN|INTEGER|FLOAT|SEQUENCE|SET|NULL')
+
+#RE_TYPE_BODY_1 = re.compile(r'.*?{(.*)}\s*WITH', re.MULTILINE|re.DOTALL)
+#RE_TYPE_BODY_2 = re.compile(r'.*?{(.*)}\s*(?:WITH.*|\(.*?\)|\s*$)', re.MULTILINE|re.DOTALL)
+RE_TYPE_BODY = re.compile(r'.*?{(.*)}\s*(?:WITH.*|\(.*?\)|\s*$)', re.MULTILINE|re.DOTALL)
+
+#RE_FIELDS = re.compile(r'^\s*(?:/\*\*.*?\*/)|^\s*([\w-]+?)\s+(OCTET\s+STRING|BIT\s+STRING|[A-Z][.\w-]+)?(.*?)(?:,((?:\s*--!?<.*?\n)*)|((?:--!?<.*?\n)*)$)', re.MULTILINE | re.DOTALL| re.VERBOSE)
+RE_FIELDS = re.compile(r'^\s*/\*.*?\*/|^\s*--\!.*?\n|^[\s&]*([\w-]+)\s+(OCTET\s+STRING|BIT\s+STRING|[A-Z][\w-]+)?((?:{[^}]*}|\([^)]*\)|.)*?)(?:,|(--)|$)', re.MULTILINE | re.DOTALL)
+
+RE_EXPORTS = re.compile(r'^\s*EXPORTS.*?;', re.DOTALL | re.MULTILINE)
+
+RE_IMPORTS = re.compile(r'^\s*IMPORTS\s*(.*?);', re.DOTALL | re.MULTILINE)
+
+RE_IMPORT_ELEMENTS = re.compile(r'^([,\s\w-]*?)FROM\s*([\w-]+)\s*({[^}]*}(?:\s+WITH\s+SUCCESSORS)?)?', re.MULTILINE)
+
+RE_IMPORT_ELEMENT_TYPE = re.compile(r'[^,\s]+')
+
+RE_DOXY_ASN_COMMENTS = re.compile(r'^\s*--[-!#](:?$|\s(.*))', re.MULTILINE)
+
+RE_DOXY_C_COMMENTS = re.compile(r'^\s*/\*\*\s(.*?)\*/', re.MULTILINE | re.DOTALL)
+
+RE_DOXY_C_COMMENTS_I = re.compile(r'\s*\*+')
+RE_STRIPSTAR = re.compile(r'^\s*\*', re.MULTILINE)
+RE_POWER_SIGN = re.compile('\^(-?\w+|\(.*?\))')
+RE_GREATEQ_SIGN = re.compile(r'(?<=\s)>=(?=\s)')
+RE_LESSEQ_SIGN = re.compile(r'(?<=\s)<=(?=\s)')
+RE_REFERENCE_NUMBER = re.compile(r'\[(?:i\.)?\d+\]')
+
+
+RE_DOXY_REF = re.compile(r'@ref\s+([\w-]+)')
+RE_DOXY_CLASS = re.compile(r'@(?:class|struct|details):?\s+([\w-]+)')
+RE_DOXY_DETAILS = re.compile(r'@details:?\s+[\w-]+')
+RE_DOXY_STRIP_SINGLE_TAG = re.compile(r'@(?:brief|url)\s+')
+RE_DOXY_STRIP_TAG = re.compile(r'\s*@(?:class|struct|details):?\s+[\w-]+')
+RE_DOXY_UNIT = re.compile(r'^\s*@unit:?\s+(.+)\n', re.MULTILINE)
+RE_DOXY_REVISION = re.compile(r'^\s*@revision:?\s+(.+)\n', re.MULTILINE)
+RE_DOXY_BRIEF = re.compile(r'^\s*@brief[\s:]+(.+)\n', re.MULTILINE)
+RE_DOXY_CATEGORY = re.compile(r'^\s*@category[\s:]+(.+)\n', re.MULTILINE)
+RE_DOXY_PARAM = re.compile(r'^\s*@(?:param|field):?\s+([\w-]+)\s*(.*?)\n\s*$', re.MULTILINE | re.DOTALL)
+
+RE_DOXY_SECTION = re.compile(r"^\s*@(brief|note|(class|struct|param|field|details)\s+([-\w]+)):?(.*?)(?=\n\s*@|\n\s*\n|\Z)", re.MULTILINE | re.DOTALL)
+RE_NOTE_SECTION = re.compile(r"^\s*@(note):?(.*?)(?=\n\s*@|\n\s*\n|\Z)", re.MULTILINE | re.DOTALL)
+
+# RE_TYPE = re.compile(r'(([A-Z][\w-]*)\s*::=[\w \t]+(?:{+(.*?)}+)?.*?)\n\s*\n', re.MULTILINE | re.DOTALL)
+RE_TYPE = re.compile(r'^\s*([A-Z][\w-]*)?\s*([{} \t:\w-]*?)?::=([\w \t]+.*?)\n\s*\n', re.MULTILINE | re.DOTALL)
+RE_OPTIONS = re.compile(r'^\s*@options[\s:]+(.+)', re.MULTILINE)
+
+extTypes = {}
+cpos = 0
+o_args = []
+m_options = []
+
+def urlquote(s):
+ if (sys.version_info > (3, 0)):
+ return urllib.parse.quote_plus(s)
+ else:
+ return urllib.quote_plus(s)
+
+def indentLines(content:str, indent):
+ ret=''
+ lines = content.splitlines()
+ for l in lines:
+ ret += ''.ljust(indent or 0) + l +'\n'
+ return ret
+
+def parseText(content, indent=None):
+
+ def repl_ref(m):
+ return '[**{0}**]({1}#{0})'.format(m.group(1), extTypes.get(m.group(1),''))
+ content = RE_DOXY_REF.sub(repl_ref, content)
+
+ content = RE_DOXY_STRIP_TAG.sub('', content)
+
+ content = RE_DOXY_STRIP_SINGLE_TAG.sub('', content)
+
+ content = RE_POWER_SIGN.sub('\\1', content)
+
+ content = RE_LESSEQ_SIGN.sub('≤', content)
+
+ content = RE_GREATEQ_SIGN.sub('≥', content)
+
+ content = RE_REFERENCE_NUMBER.sub('[\\g<0>](#references)', content)
+
+ return indentLines(content, indent)
+
+def parseInlineComments(content:str, indent=None):
+ # keep into account only '--<' comments
+ lines = content.splitlines()
+ content = ''
+ for l in lines:
+ l = l.lstrip()
+ if l.startswith('--< '):
+ content += l[4:] + '\n'
+ elif l.startswith('--!< '):
+ content += l[5:] + '\n'
+ else:
+ continue
+ return parseText(content, indent)
+
+def parseDoxyComments(content:str):
+ # keep only '--! ' and /** */ comments
+ # convert '--! ' comments to C-style
+ content = RE_DOXY_ASN_COMMENTS.sub('/** *\g<1>*/', content)
+ ret = ''
+ for m in RE_DOXY_C_COMMENTS.finditer(content):
+ ret += RE_STRIPSTAR.sub('', m.group(1))
+ return ret
+
+def parseOptions(doc, opts):
+ def repl_options(m):
+ if m.group(1) is not None:
+ for o in m.group(1).split(','):
+ setattr(opts, o.strip(), True)
+ return ''
+ return RE_OPTIONS.sub(repl_options, doc)
+
+def parseModule(mname, content):
+ global cpos
+ cpos = 0
+ ret = ''
+ m = RE_IMPORTS.search(content)
+ if m is not None:
+ pos = 0
+ if m.group(1) is not None:
+ ret += '## Imports:\n'
+ s = m.group(1)
+ for fm in RE_IMPORT_ELEMENTS.finditer(s):
+ imName = fm.group(2)
+ for im in RE_IMPORT_ELEMENT_TYPE.finditer(fm.group(1)):
+ extTypes[im.group(0)] = imName+'.md'
+ ret += ' * **[{0}]({0}.md)** *{1}*
\n'.format(imName, RE_SPACES.sub(' ', fm.group(3) or ''))
+ ret += parseText(parseDoxyComments(s[pos:fm.start()])+'\n', 2)
+ pos = fm.end()
+ ret += parseText(parseDoxyComments(s[pos:]))
+ cpos = m.end()
+
+ m = RE_EXPORTS.search(content)
+ if m is not None:
+ if cpos < m.end():
+ cpos = m.end()
+
+ # parse types
+ def repl_type (m, doc):
+ global m_options
+ title = t = m.group(1) # type name
+ f_params = {}
+ s_unit = ''
+ s_category = ''
+ s_note = ''
+ s_revision = ''
+ options = copy.copy(m_options)
+ if doc : # doc is the prepending comment. Check if not None and not Empty
+ doc = parseDoxyComments(doc)
+
+ # parse options
+ doc = parseOptions(doc, options)
+
+ def repl_section (m):
+ nonlocal title
+ nonlocal t
+ nonlocal f_params
+ nonlocal s_note
+ ret = ''
+ l = m.group(4).lstrip(":, \t").lstrip('\n')
+ if m.group(2) is not None:
+ # this can be class|struct|details|param|field
+ if m.group(3) == t:
+ ret = parseText(l)
+ else:
+ if len(l):
+ if len(f_params) == 0:
+ ret = '--((FIELDS))--'
+ f_params[m.group(3)] = parseText(l, 2)
+
+ elif m.group(1) == 'brief':
+ if options.brief_as_title:
+ title = parseText(l)
+ else:
+ ret = parseText(l)
+ elif m.group(1) == 'note':
+ s_note = '\n>>>\n' + 'NOTE: ' + parseText(l).rstrip() + '\n>>>\n'
+ else:
+ ret = m.string[m.start():m.end()]
+ return ret
+ doc = RE_DOXY_SECTION.sub(repl_section, doc)
+
+ def repl_category(m):
+ nonlocal s_category
+ s_category = '\n **Categories:** '
+ for l in m.group(1).split(','):
+# s_category += '[{0}](#{1}) '.format(l.strip(), urlquote(l.strip()))
+ s_category += parseText(l).strip() + ' '
+ s_category += '\n'
+ return ''
+ doc = RE_DOXY_CATEGORY.sub(repl_category, doc)
+
+ def repl_unit(m):
+ nonlocal s_unit
+ s_unit = '\n **Unit:** _' + parseText(m.group(1)).strip() + '_\n'
+ return ''
+ doc = RE_DOXY_UNIT.sub(repl_unit, doc)
+
+ def repl_revision(m):
+ nonlocal s_revision
+ s_revision = '\n **Revision:** _' + parseText(m.group(1)).strip() + '_\n'
+ return ''
+ doc = RE_DOXY_REVISION.sub(repl_revision, doc)
+ else:
+ doc = ''
+
+ doc = [x.strip() for x in doc.split('--((FIELDS))--')]
+
+ ret = ''
+ if t is not None:
+ fields = ''
+ ret = '\n### {1}\n'.format(t, title) + parseText(doc[0])
+
+ # parse fields and get out fields descriptions
+ if m.group(3) is not None:
+ # check if contain fields
+ fm = RE_TYPE_BODY.search(m.group(3))
+ if fm is not None and fm.group(1) is not None:
+ typeBody = fm.group(1).strip()
+ if typeBody is not None:
+ fTitle = ''
+ field = ''
+ pos = 0
+ for fm in RE_FIELDS.finditer(typeBody):
+ if fm.group(1) is not None:
+ # add description to the previous type
+ if len(field):
+ fields += parseInlineComments(fm.string[pos:fm.start()], 3)
+ field = ''
+ f = fm.group(1).strip()
+ ext = fm.group(3) or ''
+ if f in f_params:
+ field = f_params.pop(f) + '\n\n'
+ if fm.group(2) is not None:
+ fTitle = 'Fields:\n'
+ if len(field) or not options.no_auto_fields:
+ t = fm.group(2).strip()
+ if RE_BASIC_TYPES.match(t) is not None:
+ field = '* {0} of type **{1}** {2}
\n'.format(f, t, ext) + field
+ else:
+ field = '* {0} of type [**{1}**]({2}#{1}) {3}
\n'.format(f, t, extTypes.get(t,''), ext) + field
+ else:
+ fTitle = 'Values:\n'
+ if len(field) or not options.no_auto_values:
+ field = '* **{0}** {1}
\n'.format(f, ext) + field
+ if len(field):
+ field += parseText(fm.string[pos:fm.start()], 3)
+ pos = fm.end()
+ if fm.group(4) is not None:
+ # keep '--' for the next round
+ pos -= 2
+ if len(field):
+ fields += field
+ if len(field):
+ fields += parseInlineComments(typeBody[pos:], 3)
+ # add all other fields defined as @params
+ if 'force-all-fields' in options:
+ for f in f_params:
+ fields += '* {}
\n{}\n\n'.format(f, f_params[f])
+ if 'no-fields-header' in options:
+ fTitle = ''
+ if len(fields):
+ ret = ret.strip() + '\n\n' + fTitle + fields
+ else:
+ if title:
+ ret = '### {}\n\n'.format(title)
+ l = parseText(parseDoxyComments(doc[0]))
+ if len(l):
+ ret += l + '\n\n'
+ for p in f_params:
+ ret += '* `{0}` {1}\n'.format(p, f_params[p])
+
+ try:
+ if len(doc[1]):
+ ret += doc[1] + '\n'
+ except:
+ pass
+
+ return ret + s_unit + s_category + s_revision + s_note + '```asn1\n' + RE_COMMENTS.sub('', m.group(0).strip()) +'\n```\n\n'
+
+ pos = 0
+ ret += '## Data Elements:\n'
+ for m in RE_TYPE.finditer(content[cpos:]):
+ ret += repl_type (m, m.string[pos:m.start()])
+ pos = m.end()
+
+ v = parseText(parseOptions(parseDoxyComments(content[pos:]), m_options))
+ if len(v):
+ def repl_note (m):
+ return '\n>>>\n' + 'NOTE: ' + m.group(2).lstrip(":, \t").lstrip('\n').rstrip() + '\n>>>\n'
+ ret += '\n\n' + RE_NOTE_SECTION.sub(repl_note, v).strip() +'\n'
+
+ return ret
+
+
+def parseAsn(outDir, content) :
+ # iterate modules in the file
+ global m_options
+ pos= 0
+ cnt = 0
+ m_options = copy.copy(o_args)
+ for m in RE_MODULE.finditer(content):
+ ret = '# ASN.1 module {}\n OID: _{}_\n'.format(m.group(1), RE_SPACES.sub(' ', m.group(2)))
+ ret += parseText(parseOptions(parseDoxyComments(content[pos:m.start()]), m_options)) + '\n'
+ if m.group(3) is not None:
+ ret += parseModule(m.group(1), m.group(3))
+ ret += '\n\n'
+ open(outDir + '/' + m.group(1) + '.md', "w",encoding='utf-8').write(ret)
+ pos = m.end()
+ cnt += 1
+ return cnt
+
+def main():
+ global o_args
+ ap = argparse.ArgumentParser(description='ASN.1 to markdown converter')
+ ap.add_argument('--out', '-o', type=str, default='.', help='output directory')
+ ap.add_argument('--brief-as-title', '-B', default=False, action='store_true', help='Do not treat @brief line as type header')
+ ap.add_argument('--force-all-fields', '-f', default=False,action='store_true', help='Add all fields in the list even if empty')
+ ap.add_argument('--no-auto-fields', '-F', default=False,action='store_true', help='Add fields only if @param or @field is defined')
+ ap.add_argument('--no-auto-values', '-V', default=False,action='store_true', help='Do not add named values or enums')
+ ap.add_argument('--no-fields-header', '-H', default=False,action='store_true', help='Do not add fields and values header')
+ ap.add_argument('modules', action='store', nargs='+', help='ASN.1 files')
+ o_args = ap.parse_args()
+
+ if not o_args.modules:
+ ap.print_help()
+ exit(1)
+
+ cnt = 0
+ for a in o_args.modules:
+ try:
+ content = open(a, mode="r", encoding='latin-1').read()
+ cnt += parseAsn(o_args.out, content)
+ except IOError as e:
+ sys.stderr.write(e[1]+"\n")
+ print("{} modules porcessed\n".format(cnt))
+
+if __name__ == '__main__':
+ main()
diff --git a/docs/Ieee1609Dot2.md b/docs/Ieee1609Dot2.md
new file mode 100644
index 0000000000000000000000000000000000000000..d1f4d2b2cc6e72b81da45a1b92dbc7765014f87f
--- /dev/null
+++ b/docs/Ieee1609Dot2.md
@@ -0,0 +1,1787 @@
+# ASN.1 module Ieee1609Dot2
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-6(6)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-4(4)} WITH SUCCESSORS*
+
+ * **[EtsiTs103097ExtensionModule](EtsiTs103097ExtensionModule.md)** *{itu-t(0) identified-organization(4) etsi(0) itsDomain(5) wg5(5) secHeaders(103097) extension(2) major-version-1(1) minor-version-0(0)} WITH SUCCESSORS*
+
+## Data Elements:
+### Ieee1609Dot2Data
+This data type is used to contain the other data types in this
+ clause. The fields in the Ieee1609Dot2Data have the following meanings:
+
+Fields:
+* protocolVersion of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (3)
+ contains the current version of the protocol. The
+ version specified in this standard is version 3, represented by the
+ integer 3. There are no major or minor version numbers.
+
+
+* content of type [**Ieee1609Dot2Content**](#Ieee1609Dot2Content)
+ contains the content in the form of an Ieee1609Dot2Content.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the Ieee1609Dot2Content.
+>>>
+```asn1
+Ieee1609Dot2Data ::= SEQUENCE {
+ protocolVersion Uint8(3),
+ content Ieee1609Dot2Content
+}
+```
+
+### Ieee1609Dot2Content
+In this structure:
+
+Fields:
+* unsecuredData of type [**Opaque**](Ieee1609Dot2BaseTypes.md#Opaque)
+ indicates that the content is an OCTET STRING to be
+ consumed outside the SDS.
+
+
+* signedData of type [**SignedData**](#SignedData)
+ indicates that the content has been signed according to
+ this standard.
+
+
+
+* encryptedData of type [**EncryptedData**](#EncryptedData)
+ indicates that the content has been encrypted
+ according to this standard.
+
+
+
+* signedCertificateRequest of type [**Opaque**](Ieee1609Dot2BaseTypes.md#Opaque)
+ indicates that the content is a
+ certificate request signed by an IEEE 1609.2 certificate or self-signed.
+
+
+
+* signedX509CertificateRequest of type [**Opaque**](Ieee1609Dot2BaseTypes.md#Opaque)
+ indicates that the content is a
+ certificate request signed by an ITU-T X.509 certificate.
+
+
+
+ ...,
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it is of type signedData.
+ The canonicalization applies to the SignedData.
+>>>
+```asn1
+Ieee1609Dot2Content ::= CHOICE {
+ unsecuredData Opaque,
+ signedData SignedData,
+ encryptedData EncryptedData,
+ signedCertificateRequest Opaque,
+ ...,
+ signedX509CertificateRequest Opaque
+}
+```
+
+### SignedData
+In this structure:
+
+Fields:
+* hashId of type [**HashAlgorithm**](Ieee1609Dot2BaseTypes.md#HashAlgorithm)
+ indicates the hash algorithm to be used to generate the hash
+ of the message for signing and verification.
+
+
+* tbsData of type [**ToBeSignedData**](#ToBeSignedData)
+ contains the data that is hashed as input to the signature.
+
+
+
+* signer of type [**SignerIdentifier**](Ieee1609Dot2.md#SignerIdentifier)
+ determines the keying material and hash algorithm used to
+ sign the data.
+
+
+
+* signature of type [**Signature**](Ieee1609Dot2BaseTypes.md#Signature)
+ contains the digital signature itself, calculated as
+ specified in 5.3.1.
+ - If signer indicates the choice self, then the signature calculation
+ is parameterized as follows:
+ - Data input is equal to the COER encoding of the tbsData field
+ canonicalized according to the encoding considerations given in 6.3.6.
+ - Verification type is equal to self.
+ - Signer identifier input is equal to the empty string.
+ - If signer indicates certificate or digest, then the signature
+ calculation is parameterized as follows:
+ - Data input is equal to the COER encoding of the tbsData field
+ canonicalized according to the encoding considerations given in 6.3.6.
+ - Verification type is equal to certificate.
+ - Signer identifier input equal to the COER-encoding of the
+ Certificate that is to be used to verify the SPDU, canonicalized according
+ to the encoding considerations given in 6.4.3.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the ToBeSignedData and the Signature.
+>>>
+```asn1
+SignedData ::= SEQUENCE {
+ hashId HashAlgorithm,
+ tbsData ToBeSignedData,
+ signer SignerIdentifier,
+ signature Signature
+}
+```
+
+### ToBeSignedData
+This structure contains the data to be hashed when generating or
+ verifying a signature. See 6.3.4 for the specification of the input to the
+ hash.
+
+Fields:
+* payload of type [**SignedDataPayload**](#SignedDataPayload)
+ contains data that is provided by the entity that invokes
+ the SDS.
+
+
+* headerInfo of type [**HeaderInfo**](#HeaderInfo)
+ contains additional data that is inserted by the SDS.
+ This structure is used as follows to determine the "data input" to the
+ hash operation for signing or verification as specified in 5.3.1.2.2 or
+ 5.3.1.3.
+ - If payload does not contain the field omitted, the data input to the
+ hash operation is the COER encoding of the ToBeSignedData.
+ - If payload field in this ToBeSignedData instance contains the field
+ omitted, the data input to the hash operation is the COER encoding of the
+ ToBeSignedData, concatenated with the hash of the omitted payload. The hash
+ of the omitted payload is calculated with the same hash algorithm that is
+ used to calculate the hash of the data input for signing or verification.
+ The data input to the hash operation is simply the COER enocding of the
+ ToBeSignedData, concatenated with the hash of the omitted payload: there is
+ no additional wrapping or length indication. As noted in 5.2.4.3.4, the
+ means by which the signer and verifier establish the contents of the
+ omitted payload are out of scope for this standard.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the SignedDataPayload if it is of type data, and to the
+ HeaderInfo.
+>>>
+```asn1
+ToBeSignedData ::= SEQUENCE {
+ payload SignedDataPayload,
+ headerInfo HeaderInfo
+}
+```
+
+### SignedDataPayload
+This structure contains the data payload of a ToBeSignedData. This
+ structure contains at least one of the optional elements, and may contain
+ more than one. See 5.2.4.3.4 for more details.
+ The security profile in Annex C allows an implementation of this standard
+ to state which forms of Signed¬Data¬Payload are supported by that
+ implementation, and also how the signer and verifier are intended to obtain
+ the external data for hashing. The specification of an SDEE that uses
+ external data is expected to be explicit and unambiguous about how this
+ data is obtained and how it is formatted prior to processing by the hash
+ function.
+
+Fields:
+* data of type [**Ieee1609Dot2Data**](Ieee1609Dot2.md#Ieee1609Dot2Data) OPTIONAL
+ contains data that is explicitly transported within the
+ structure.
+
+
+* extDataHash of type [**HashedData**](#HashedData) OPTIONAL
+ contains the hash of data that is not explicitly
+ transported within the structure, and which the creator of the structure
+ wishes to cryptographically bind to the signature.
+
+
+
+* omitted of type **NULL** OPTIONAL
+ indicates that there is external data to be included in the
+ hash calculation for the signature.The mechanism for including the external
+ data in the hash calculation is specified in 6.3.6.
+
+
+
+ ...,
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the Ieee1609Dot2Data.
+>>>
+```asn1
+SignedDataPayload ::= SEQUENCE {
+ data Ieee1609Dot2Data OPTIONAL,
+ extDataHash HashedData OPTIONAL,
+ ...,
+ omitted NULL OPTIONAL
+} (WITH COMPONENTS {..., data PRESENT} |
+ WITH COMPONENTS {..., extDataHash PRESENT} |
+ WITH COMPONENTS {..., omitted PRESENT})
+```
+
+### HashedData
+This structure contains the hash of some data with a specified hash
+ algorithm. See 5.3.3 for specification of the permitted hash algorithms.
+
+Fields:
+* sha256HashedData of type [**HashedId32**](Ieee1609Dot2BaseTypes.md#HashedId32)
+ indicates data hashed with SHA-256.
+
+
+* sha384HashedData of type [**HashedId48**](Ieee1609Dot2BaseTypes.md#HashedId48)
+ indicates data hashed with SHA-384.
+
+
+
+ ...,
+* sm3HashedData of type [**HashedId32**](Ieee1609Dot2BaseTypes.md#HashedId32)
+ indicates data hashed with SM3.
+
+
+
+
+>>>
+NOTE: Critical information fields: If present, this is a critical
+ information field as defined in 5.2.6. An implementation that does not
+ recognize the indicated CHOICE for this type when verifying a signed SPDU
+ shall indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2,
+ that is, it is invalid in the sense that its validity cannot be established.
+>>>
+```asn1
+HashedData::= CHOICE {
+ sha256HashedData HashedId32,
+ ...,
+ sha384HashedData HashedId48,
+ sm3HashedData HashedId32
+}
+```
+
+### HeaderInfo
+This structure contains information that is used to establish
+ validity by the criteria of 5.2.
+
+Fields:
+* psid of type [**Psid**](Ieee1609Dot2BaseTypes.md#Psid)
+ indicates the application area with which the sender is
+ claiming the payload is to be associated.
+
+
+* generationTime of type [**Time64**](Ieee1609Dot2BaseTypes.md#Time64) OPTIONAL
+ indicates the time at which the structure was
+ generated. See 5.2.5.2.2 and 5.2.5.2.3 for discussion of the use of this
+ field.
+
+
+
+* expiryTime of type [**Time64**](Ieee1609Dot2BaseTypes.md#Time64) OPTIONAL
+ if present, contains the time after which the data
+ is no longer considered relevant. If both generationTime and
+ expiryTime are present, the signed SPDU is invalid if generationTime is
+ not strictly earlier than expiryTime.
+
+
+
+* generationLocation of type [**ThreeDLocation**](Ieee1609Dot2BaseTypes.md#ThreeDLocation) OPTIONAL
+ if present, contains the location at which the
+ signature was generated.
+
+
+
+* p2pcdLearningRequest of type [**HashedId3**](Ieee1609Dot2BaseTypes.md#HashedId3) OPTIONAL
+ if present, is used by the SDS to request
+ certificates for which it has seen identifiers and does not know the
+ entire certificate. A specification of this peer-to-peer certificate
+ distribution (P2PCD) mechanism is given in Clause 8. This field is used
+ for the separate-certificate-pdu flavor of P2PCD and shall only be present
+ if inlineP2pcdRequest is not present. The HashedId3 is calculated with the
+ whole-certificate hash algorithm, determined as described in 6.4.3,
+ applied to the COER-encoded certificate, canonicalized as defined in the
+ definition of Certificate.
+
+
+
+* missingCrlIdentifier of type [**MissingCrlIdentifier**](#MissingCrlIdentifier) OPTIONAL
+ if present, is used by the SDS to request
+ CRLs which it knows to have been issued and have not received. This is
+ provided for future use and the associated mechanism is not defined in
+ this version of this standard.
+
+
+
+* encryptionKey of type [**EncryptionKey**](Ieee1609Dot2BaseTypes.md#EncryptionKey) OPTIONAL
+ if present, is used to provide a key that is to
+ be used to encrypt at least one response to this SPDU. The SDEE
+ specification is expected to specify which response SPDUs are to be
+ encrypted with this key. One possible use of this key to encrypt a
+ response is specified in 6.3.35, 6.3.37, and 6.3.34. An encryptionKey
+ field of type symmetric should only be used if the SignedData containing
+ this field is securely encrypted by some means.
+
+
+
+* inlineP2pcdRequest of type [**SequenceOfHashedId3**](Ieee1609Dot2BaseTypes.md#SequenceOfHashedId3) OPTIONAL
+ if present, is used by the SDS to request
+ unknown certificates per the inline peer-to-peer certificate distribution
+ mechanism is given in Clause 8. This field shall only be present if
+ p2pcdLearningRequest is not present. The HashedId3 is calculated with the
+ whole-certificate hash algorithm, determined as described in 6.4.3, applied
+ to the COER-encoded certificate, canonicalized as defined in the definition
+ of Certificate.
+
+
+
+ ...,
+* requestedCertificate of type [**Certificate**](Ieee1609Dot2.md#Certificate) OPTIONAL
+ if present, is used by the SDS to provide
+ certificates per the "inline" version of the peer-to-peer certificate
+ distribution mechanism given in Clause 8.
+
+
+
+* pduFunctionalType of type [**PduFunctionalType**](#PduFunctionalType) OPTIONAL
+ if present, is used to indicate that the SPDU is
+ to be consumed by a process other than an application process as defined
+ in ISO 21177 [B14a]. See 6.3.23b for more details.
+
+
+
+* contributedExtensions of type [**ContributedExtensionBlocks**](#ContributedExtensionBlocks) OPTIONAL
+ if present, is used to contain additional
+ extensions defined using the ContributedExtensionBlocks structure.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the EncryptionKey. If encryptionKey is present, and indicates
+ the choice public, and contains a BasePublicEncryptionKey that is an
+ elliptic curve point (i.e., of type EccP256CurvePoint or
+ EccP384CurvePoint), then the elliptic curve point is encoded in compressed
+ form, i.e., such that the choice indicated within the Ecc*CurvePoint is
+ compressed-y-0 or compressed-y-1.
+ The canonicalization does not apply to any fields after the extension
+ marker, including any fields in contributedExtensions.
+>>>
+```asn1
+HeaderInfo ::= SEQUENCE {
+ psid Psid,
+ generationTime Time64 OPTIONAL,
+ expiryTime Time64 OPTIONAL,
+ generationLocation ThreeDLocation OPTIONAL,
+ p2pcdLearningRequest HashedId3 OPTIONAL,
+ missingCrlIdentifier MissingCrlIdentifier OPTIONAL,
+ encryptionKey EncryptionKey OPTIONAL,
+ ...,
+ inlineP2pcdRequest SequenceOfHashedId3 OPTIONAL,
+ requestedCertificate Certificate OPTIONAL,
+ pduFunctionalType PduFunctionalType OPTIONAL,
+ contributedExtensions ContributedExtensionBlocks OPTIONAL
+}
+```
+
+### MissingCrlIdentifier
+This structure may be used to request a CRL that the SSME knows to
+ have been issued and has not yet received. It is provided for future use
+ and its use is not defined in this version of this standard.
+
+Fields:
+* cracaId of type [**HashedId3**](Ieee1609Dot2BaseTypes.md#HashedId3)
+ is the HashedId3 of the CRACA, as defined in 5.1.3. The
+ HashedId3 is calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3, applied to the COER-encoded certificate,
+ canonicalized as defined in the definition of Certificate.
+
+
+* crlSeries of type [**CrlSeries**](Ieee1609Dot2BaseTypes.md#CrlSeries)
+ is the requested CRL Series value. See 5.1.3 for more
+ information.
+
+
+
+
+```asn1
+MissingCrlIdentifier ::= SEQUENCE {
+ cracaId HashedId3,
+ crlSeries CrlSeries,
+ ...
+}
+```
+
+
+### PduFunctionalType
+This data structure identifies the functional entity that is
+ intended to consume an SPDU, for the case where that functional entity is
+ not an application process, and are instead security support services for an
+ application process. Further details and the intended use of this field are
+ defined in ISO 21177 [B20].
+```asn1
+PduFunctionalType ::= INTEGER (0..255)
+```
+
+```asn1
+tlsHandshake PduFunctionalType ::= 1
+iso21177ExtendedAuth PduFunctionalType ::= 2
+iso21177SessionExtension PduFunctionalType ::= 3
+```
+
+
+### ContributedExtensionBlocks
+This type is used for clarity of definitions.
+```asn1
+ContributedExtensionBlocks ::= SEQUENCE (SIZE(1..MAX)) OF
+ ContributedExtensionBlock
+```
+
+### ContributedExtensionBlock
+This data structure defines the format of an extension block
+ provided by an identified contributor by using the temnplate provided
+ in the class IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION constraint
+ to the objects in the set Ieee1609Dot2HeaderInfoContributedExtensions.
+
+Fields:
+* contributorId of type [**IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION**](#IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION) .&id({
+ Ieee1609Dot2HeaderInfoContributedExtensions
+ })
+ uniquely identifies the contributor.
+
+
+* extns of type **SEQUENCE** (SIZE(1..MAX)) OF
+ contains a list of extensions from that contributor.
+ Extensions are expected and not required to follow the format specified
+ in 6.5.
+
+
+
+
+```asn1
+ContributedExtensionBlock ::= SEQUENCE {
+ contributorId IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION.&id({
+ Ieee1609Dot2HeaderInfoContributedExtensions
+ }),
+ extns SEQUENCE (SIZE(1..MAX)) OF
+ IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION.&Extn({
+ Ieee1609Dot2HeaderInfoContributedExtensions
+ }{@.contributorId})
+}
+```
+
+### IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION
+This Information Object Class defines the class that provides a
+ template for defining extension blocks.
+
+Fields:
+* id of type [**HeaderInfoContributorId**](#HeaderInfoContributorId) UNIQUE
+```asn1
+IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION ::= CLASS {
+ &id HeaderInfoContributorId UNIQUE,
+ &Extn
+} WITH SYNTAX {&Extn IDENTIFIED BY &id}
+```
+
+
+### Ieee1609Dot2HeaderInfoContributedExtensions
+This structure is an ASN.1 Information Object Set listing the
+ defined contributed extension types and the associated
+ HeaderInfoContributorId values. In this version of this standard two
+ extension types are defined: Ieee1609ContributedHeaderInfoExtension and
+ EtsiOriginatingHeaderInfoExtension.
+```asn1
+Ieee1609Dot2HeaderInfoContributedExtensions
+ IEEE1609DOT2-HEADERINFO-CONTRIBUTED-EXTENSION ::= {
+ {Ieee1609ContributedHeaderInfoExtension IDENTIFIED BY
+ ieee1609HeaderInfoContributorId} |
+ {EtsiOriginatingHeaderInfoExtension IDENTIFIED BY
+ etsiHeaderInfoContributorId},
+ ...
+}
+```
+
+
+### HeaderInfoContributorId
+This is an integer used to identify a HeaderInfo extension
+ contributing organization. In this version of this standard two values are
+ defined:
+ - ieee1609OriginatingExtensionId indicating extensions originating with
+ IEEE 1609.
+ - etsiOriginatingExtensionId indicating extensions originating with
+ ETSI TC ITS.
+```asn1
+HeaderInfoContributorId ::= INTEGER (0..255)
+```
+
+```asn1
+ieee1609HeaderInfoContributorId HeaderInfoContributorId ::= 1
+etsiHeaderInfoContributorId HeaderInfoContributorId ::= 2
+```
+
+### SignerIdentifier
+This structure allows the recipient of data to determine which
+ keying material to use to authenticate the data. It also indicates the
+ verification type to be used to generate the hash for verification, as
+ specified in 5.3.1.
+
+Fields:
+* digest of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ If the choice indicated is digest:
+ - The structure contains the HashedId8 of the relevant certificate. The
+ HashedId8 is calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3.
+ - The verification type is certificate and the certificate data
+ passed to the hash function as specified in 5.3.1 is the authorization
+ certificate.
+
+
+* certificate of type [**SequenceOfCertificate**](Ieee1609Dot2.md#SequenceOfCertificate)
+ If the choice indicated is certificate:
+ - The structure contains one or more Certificate structures, in order
+ such that the first certificate is the authorization certificate and each
+ subsequent certificate is the issuer of the one before it.
+ - The verification type is certificate and the certificate data
+ passed to the hash function as specified in 5.3.1 is the authorization
+ certificate.
+
+
+
+* self of type **NULL**
+ If the choice indicated is self:
+ - The structure does not contain any data beyond the indication that
+ the choice value is self.
+ - The verification type is self-signed.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to every Certificate in the certificate field.
+>>>
+```asn1
+SignerIdentifier ::= CHOICE {
+ digest HashedId8,
+ certificate SequenceOfCertificate,
+ self NULL,
+ ...
+}
+```
+
+
+### Countersignature
+This data structure is used to perform a countersignature over an
+ already-signed SPDU. This is the profile of an Ieee1609Dot2Data containing
+ a signedData. The tbsData within content is composed of a payload
+ containing the hash (extDataHash) of the externally generated, pre-signed
+ SPDU over which the countersignature is performed.
+```asn1
+Countersignature ::= Ieee1609Dot2Data (WITH COMPONENTS {...,
+ content (WITH COMPONENTS {...,
+ signedData (WITH COMPONENTS {...,
+ tbsData (WITH COMPONENTS {...,
+ payload (WITH COMPONENTS {...,
+ data ABSENT,
+ extDataHash PRESENT
+ }),
+ headerInfo(WITH COMPONENTS {...,
+ generationTime PRESENT,
+ expiryTime ABSENT,
+ generationLocation ABSENT,
+ p2pcdLearningRequest ABSENT,
+ missingCrlIdentifier ABSENT,
+ encryptionKey ABSENT
+ })
+ })
+ })
+ })
+})
+```
+
+### EncryptedData
+This data structure encodes data that has been encrypted to one or
+ more recipients using the recipientsÂ’ public or symmetric keys as
+ specified in 5.3.4.
+
+Fields:
+* recipients of type [**SequenceOfRecipientInfo**](#SequenceOfRecipientInfo)
+ contains one or more RecipientInfos. These entries may
+ be more than one RecipientInfo, and more than one type of RecipientInfo,
+ as long as all entries are indicating or containing the same data encryption
+ key.
+
+
+* ciphertext of type [**SymmetricCiphertext**](#SymmetricCiphertext)
+ contains the encrypted data. This is the encryption of
+ an encoded Ieee1609Dot2Data structure as specified in 5.3.4.2.
+
+
+
+
+>>>
+NOTE: If the plaintext is raw data, i.e., it has not been output from a
+ previous operation of the SDS, then it is trivial to encapsulate it in an
+ Ieee1609Dot2Data of type unsecuredData as noted in 4.2.2.2.2. For example,
+ '03 80 08 01 23 45 67 89 AB CD EF' is the C-OER encoding of '01 23 45 67
+ 89 AB CD EF' encapsulated in an Ieee1609Dot2Data of type unsecuredData.
+ The first byte of the encoding 03 is the protocolVersion, the second byte
+ 80 indicates the choice unsecuredData, and the third byte 08 is the length
+ of the raw data '01 23 45 67 89 AB CD EF'.
+>>>
+```asn1
+EncryptedData ::= SEQUENCE {
+ recipients SequenceOfRecipientInfo,
+ ciphertext SymmetricCiphertext
+}
+```
+
+### RecipientInfo
+This data structure is used to transfer the data encryption key to
+ an individual recipient of an EncryptedData. The option pskRecipInfo is
+ selected if the EncryptedData was encrypted using the static encryption
+ key approach specified in 5.3.4. The other options are selected if the
+ EncryptedData was encrypted using the ephemeral encryption key approach
+ specified in 5.3.4. The meanings of the choices are:
+
+
+ See Annex C.7 for guidance on when it may be appropriate to use
+ each of these approaches.
+
+Fields:
+* pskRecipInfo of type [**PreSharedKeyRecipientInfo**](#PreSharedKeyRecipientInfo)
+ The data was encrypted directly using a pre-shared
+ symmetric key.
+
+
+* symmRecipInfo of type [**SymmRecipientInfo**](#SymmRecipientInfo)
+ The data was encrypted with a data encryption key,
+ and the data encryption key was encrypted using a symmetric key.
+
+
+
+* certRecipInfo of type [**PKRecipientInfo**](#PKRecipientInfo)
+ The data was encrypted with a data encryption key,
+ the data encryption key was encrypted using a public key encryption scheme,
+ where the public encryption key was obtained from a certificate. In this
+ case, the parameter P1 to ECIES as defined in 5.3.5 is the hash of the
+ certificate, calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3, applied to the COER-encoded certificate,
+ canonicalized as defined in the definition of Certificate.
+
+
+
+* signedDataRecipInfo of type [**PKRecipientInfo**](#PKRecipientInfo)
+ The data was encrypted with a data encryption
+ key, the data encryption key was encrypted using a public key encryption
+ scheme, where the public encryption key was obtained as the public response
+ encryption key from a SignedData. In this case, if ECIES is the encryption
+ algorithm, then the parameter P1 to ECIES as defined in 5.3.5 is the
+ SHA-256 hash of the Ieee1609Dot2Data of type signedData containing the
+ response encryption key, canonicalized as defined in the definition of
+ Ieee1609Dot2Data.
+
+
+
+* rekRecipInfo of type [**PKRecipientInfo**](#PKRecipientInfo)
+ The data was encrypted with a data encryption key,
+ the data encryption key was encrypted using a public key encryption scheme,
+ where the public encryption key was not obtained from a Signed-Data or a
+ certificate. In this case, the SDEE specification is expected to specify
+ how the public key is obtained, and if ECIES is the encryption algorithm,
+ then the parameter P1 to ECIES as defined in 5.3.5 is the hash of the
+ empty string.
+
+
+
+
+>>>
+NOTE: The material input to encryption is the bytes of the encryption key
+ with no headers, encapsulation, or length indication. Contrast this to
+ encryption of data, where the data is encapsulated in an Ieee1609Dot2Data.
+>>>
+```asn1
+RecipientInfo ::= CHOICE {
+ pskRecipInfo PreSharedKeyRecipientInfo,
+ symmRecipInfo SymmRecipientInfo,
+ certRecipInfo PKRecipientInfo,
+ signedDataRecipInfo PKRecipientInfo,
+ rekRecipInfo PKRecipientInfo
+}
+```
+
+
+### SequenceOfRecipientInfo
+This type is used for clarity of definitions.
+```asn1
+SequenceOfRecipientInfo ::= SEQUENCE OF RecipientInfo
+```
+
+
+### PreSharedKeyRecipientInfo
+This data structure is used to indicate a symmetric key that may
+ be used directly to decrypt a SymmetricCiphertext. It consists of the
+ low-order 8 bytes of the hash of the COER encoding of a
+ SymmetricEncryptionKey structure containing the symmetric key in question.
+ The HashedId8 is calculated with the hash algorithm determined as
+ specified in 5.3.9.3. The symmetric key may be established by any
+ appropriate means agreed by the two parties to the exchange.
+```asn1
+PreSharedKeyRecipientInfo ::= HashedId8
+```
+
+### SymmRecipientInfo
+This data structure contains the following fields:
+
+Fields:
+* recipientId of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the symmetric key encryption key
+ that may be used to decrypt the data encryption key. It consists of the
+ low-order 8 bytes of the hash of the COER encoding of a
+ SymmetricEncryptionKey structure containing the symmetric key in question.
+ The HashedId8 is calculated with the hash algorithm determined as
+ specified in 5.3.9.4. The symmetric key may be established by any
+ appropriate means agreed by the two parties to the exchange.
+
+
+* encKey of type [**SymmetricCiphertext**](#SymmetricCiphertext)
+ contains the encrypted data encryption key within a
+ SymmetricCiphertext, where the data encryption key is input to the data
+ encryption key encryption process with no headers, encapsulation, or
+ length indication.
+
+
+
+
+```asn1
+SymmRecipientInfo ::= SEQUENCE {
+ recipientId HashedId8,
+ encKey SymmetricCiphertext
+}
+```
+
+### PKRecipientInfo
+This data structure contains the following fields:
+
+Fields:
+* recipientId of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the container for the encryption
+ public key as specified in the definition of RecipientInfo. Specifically,
+ depending on the choice indicated by the containing RecipientInfo structure:
+ - If the containing RecipientInfo structure indicates certRecipInfo,
+ this field contains the HashedId8 of the certificate. The HashedId8 is
+ calculated with the whole-certificate hash algorithm, determined as
+ described in 6.4.3, applied to the COER-encoded certificate, canonicalized
+ as defined in the definition of Certificate.
+ - If the containing RecipientInfo structure indicates
+ signedDataRecipInfo, this field contains the HashedId8 of the
+ Ieee1609Dot2Data of type signedData that contained the encryption key,
+ with that Ieee¬¬1609¬Dot2¬¬Data canonicalized per 6.3.4. The HashedId8 is
+ calculated with the hash algorithm determined as specified in 5.3.9.5.
+ - If the containing RecipientInfo structure indicates rekRecipInfo, this
+ field contains the HashedId8 of the COER encoding of a PublicEncryptionKey
+ structure containing the response encryption key. The HashedId8 is
+ calculated with the hash algorithm determined as specified in 5.3.9.5.
+
+
+* encKey of type [**EncryptedDataEncryptionKey**](#EncryptedDataEncryptionKey)
+ contains the encrypted data encryption key, where the data
+ encryption key is input to the data encryption key encryption process with
+ no headers, encapsulation, or length indication.
+
+
+
+
+```asn1
+PKRecipientInfo ::= SEQUENCE {
+ recipientId HashedId8,
+ encKey EncryptedDataEncryptionKey
+}
+```
+
+### EncryptedDataEncryptionKey
+This data structure contains an encrypted data encryption key,
+ where the data encryption key is input to the data encryption key
+ encryption process with no headers, encapsulation, or length indication.
+
+
+ Critical information fields: If present and applicable to
+ the receiving SDEE, this is a critical information field as defined in
+ 5.2.6. If an implementation receives an encrypted SPDU and determines that
+ one or more RecipientInfo fields are relevant to it, and if all of those
+ RecipientInfos contain an EncryptedDataEncryptionKey such that the
+ implementation does not recognize the indicated CHOICE, the implementation
+ shall indicate that the encrypted SPDU is not decryptable.
+
+Fields:
+* eciesNistP256 of type [**EciesP256EncryptedKey**](Ieee1609Dot2BaseTypes.md#EciesP256EncryptedKey)
+* eciesBrainpoolP256r1 of type [**EciesP256EncryptedKey**](Ieee1609Dot2BaseTypes.md#EciesP256EncryptedKey)
+
+* ecencSm2256 of type [**EcencP256EncryptedKey**](Ieee1609Dot2BaseTypes.md#EcencP256EncryptedKey)
+
+ ...,
+```asn1
+EncryptedDataEncryptionKey ::= CHOICE {
+ eciesNistP256 EciesP256EncryptedKey,
+ eciesBrainpoolP256r1 EciesP256EncryptedKey,
+ ...,
+ ecencSm2256 EcencP256EncryptedKey
+}
+```
+
+### SymmetricCiphertext
+This data structure encapsulates a ciphertext generated with an
+ approved symmetric algorithm.
+
+Fields:
+* aes128ccm of type [**One28BitCcmCiphertext**](#One28BitCcmCiphertext)
+* sm4Ccm of type [**One28BitCcmCiphertext**](#One28BitCcmCiphertext)
+
+ ...,
+
+>>>
+NOTE: Critical information fields: If present, this is a critical
+ information field as defined in 5.2.6. An implementation that does not
+ recognize the indicated CHOICE value for this type in an encrypted SPDU
+ shall indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2,
+ that is, it is invalid in the sense that its validity cannot be established.
+>>>
+```asn1
+SymmetricCiphertext ::= CHOICE {
+ aes128ccm One28BitCcmCiphertext,
+ ...,
+ sm4Ccm One28BitCcmCiphertext
+}
+```
+
+### One28BitCcmCiphertext
+This data structure encapsulates an encrypted ciphertext for any
+ symmetric algorithm with 128-bit blocks in CCM mode. The ciphertext is
+ 16 bytes longer than the corresponding plaintext due to the inclusion of
+ the message authentication code (MAC). The plaintext resulting from a
+ correct decryption of the ciphertext is either a COER-encoded
+ Ieee1609Dot2Data structure (see 6.3.41), or a 16-byte symmetric key
+ (see 6.3.44).
+
+
+ The ciphertext is 16 bytes longer than the corresponding plaintext.
+
+ The plaintext resulting from a correct decryption of the
+ ciphertext is a COER-encoded Ieee1609Dot2Data structure.
+
+Fields:
+* nonce of type **OCTET STRING** (SIZE (12))
+ contains the nonce N as specified in 5.3.8.
+
+
+* ccmCiphertext of type [**Opaque**](Ieee1609Dot2BaseTypes.md#Opaque)
+ contains the ciphertext C as specified in 5.3.8.
+
+
+
+
+>>>
+NOTE: In the name of this structure, "One28" indicates that the
+ symmetric cipher block size is 128 bits. It happens to also be the case
+ that the keys used for both AES-128-CCM and SM4-CCM are also 128 bits long.
+ This is, however, not what “One28” refers to. Since the cipher is used in
+ counter mode, i.e., as a stream cipher, the fact that that block size is 128
+ bits affects only the size of the MAC and does not affect the size of the
+ raw ciphertext.
+>>>
+```asn1
+One28BitCcmCiphertext ::= SEQUENCE {
+ nonce OCTET STRING (SIZE (12)),
+ ccmCiphertext Opaque
+}
+```
+
+
+### Aes128CcmCiphertext
+This type is defined only for backwards compatibility.
+```asn1
+Aes128CcmCiphertext ::= One28BitCcmCiphertext
+```
+
+
+### TestCertificate
+This structure is a profile of the structure CertificateBase which
+ specifies the valid combinations of fields to transmit implicit and
+ explicit certificates.
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the CertificateBase.
+>>>
+```asn1
+TestCertificate ::= Certificate
+```
+
+
+### SequenceOfCertificate
+This type is used for clarity of definitions.
+```asn1
+SequenceOfCertificate ::= SEQUENCE OF Certificate
+```
+
+### CertificateBase
+The fields in this structure have the following meaning:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (3)
+ contains the version of the certificate format. In this
+ version of the data structures, this field is set to 3.
+
+
+* type of type [**CertificateType**](Ieee1609Dot2.md#CertificateType)
+ states whether the certificate is implicit or explicit. This
+ field is set to explicit for explicit certificates and to implicit for
+ implicit certificates. See ExplicitCertificate and ImplicitCertificate for
+ more details.
+
+
+
+* issuer of type [**IssuerIdentifier**](#IssuerIdentifier)
+ identifies the issuer of the certificate.
+
+
+
+* toBeSigned of type [**ToBeSignedCertificate**](Ieee1609Dot2.md#ToBeSignedCertificate)
+ is the certificate contents. This field is an input to
+ the hash when generating or verifying signatures for an explicit
+ certificate, or generating or verifying the public key from the
+ reconstruction value for an implicit certificate. The details of how this
+ field are encoded are given in the description of the
+ ToBeSignedCertificate type.
+
+
+
+* signature of type [**Signature**](Ieee1609Dot2BaseTypes.md#Signature) OPTIONAL
+ is included in an ExplicitCertificate. It is the
+ signature, calculated by the signer identified in the issuer field, over
+ the hash of toBeSigned. The hash is calculated as specified in 5.3.1, where:
+ - Data input is the encoding of toBeSigned following the COER.
+ - Signer identifier input depends on the verification type, which in
+ turn depends on the choice indicated by issuer. If the choice indicated by
+ issuer is self, the verification type is self-signed and the signer
+ identifier input is the empty string. If the choice indicated by issuer is
+ not self, the verification type is certificate and the signer identifier
+ input is the canonicalized COER encoding of the certificate indicated by
+ issuer. The canonicalization is carried out as specified in the
+ Canonicalization section of this subclause.
+
+
+
+
+>>>
+NOTE: Whole-certificate hash: If the entirety of a certificate is hashed
+ to calculate a HashedId3, HashedId8, or HashedId10, the algorithm used for
+ this purpose is known as the whole-certificate hash. The method used to
+ determine the whole-certificate hash algorithm is specified in 5.3.9.2.
+>>>
+```asn1
+CertificateBase ::= SEQUENCE {
+ version Uint8(3),
+ type CertificateType,
+ issuer IssuerIdentifier,
+ toBeSigned ToBeSignedCertificate,
+ signature Signature OPTIONAL
+}
+```
+
+
+### CertificateType
+This enumerated type indicates whether a certificate is explicit or
+ implicit.
+
+>>>
+NOTE: Critical information fields: If present, this is a critical
+ information field as defined in 5.2.5. An implementation that does not
+ recognize the indicated CHOICE for this type when verifying a signed SPDU
+ shall indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2,
+ that is, it is invalid in the sense that its validity cannot be
+ established.
+>>>
+```asn1
+CertificateType ::= ENUMERATED {
+ explicit,
+ implicit,
+ ...
+}
+```
+
+
+### ImplicitCertificate
+This is a profile of the CertificateBase structure providing all
+ the fields necessary for an implicit certificate, and no others.
+```asn1
+ImplicitCertificate ::= CertificateBase (WITH COMPONENTS {...,
+ type(implicit),
+ toBeSigned(WITH COMPONENTS {...,
+ verifyKeyIndicator(WITH COMPONENTS {reconstructionValue})
+ }),
+ signature ABSENT
+})
+```
+
+
+### ExplicitCertificate
+This is a profile of the CertificateBase structure providing all
+ the fields necessary for an explicit certificate, and no others.
+```asn1
+ExplicitCertificate ::= CertificateBase (WITH COMPONENTS {...,
+ type(explicit),
+ toBeSigned (WITH COMPONENTS {...,
+ verifyKeyIndicator(WITH COMPONENTS {verificationKey})
+ }),
+ signature PRESENT
+})
+```
+
+### IssuerIdentifier
+This structure allows the recipient of a certificate to determine
+ which keying material to use to authenticate the certificate.
+
+
+ If the choice indicated is sha256AndDigest, sha384AndDigest, or
+ sm3AndDigest:
+ - The structure contains the HashedId8 of the issuing certificate. The
+ HashedId8 is calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3, applied to the COER-encoded certificate,
+ canonicalized as defined in the definition of Certificate.
+ - The hash algorithm to be used to generate the hash of the certificate
+ for verification is SHA-256 (in the case of sha256AndDigest), SM3 (in the
+ case of sm3AndDigest) or SHA-384 (in the case of sha384AndDigest).
+ - The certificate is to be verified with the public key of the
+ indicated issuing certificate.
+
+ If the choice indicated is self:
+ - The structure indicates what hash algorithm is to be used to generate
+ the hash of the certificate for verification.
+ - The certificate is to be verified with the public key indicated by
+ the verifyKeyIndicator field in theToBeSignedCertificate.
+
+Fields:
+* sha256AndDigest of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+* self of type [**HashAlgorithm**](Ieee1609Dot2BaseTypes.md#HashAlgorithm)
+
+* sha384AndDigest of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+
+ ...,
+* sm3AndDigest of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+
+
+>>>
+NOTE: Critical information fields: If present, this is a critical
+ information field as defined in 5.2.5. An implementation that does not
+ recognize the indicated CHOICE for this type when verifying a signed SPDU
+ shall indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2,
+ that is, it is invalid in the sense that its validity cannot be
+ established.
+>>>
+```asn1
+IssuerIdentifier ::= CHOICE {
+ sha256AndDigest HashedId8,
+ self HashAlgorithm,
+ ...,
+ sha384AndDigest HashedId8,
+ sm3AndDigest HashedId8
+}
+```
+
+### ToBeSignedCertificate
+The fields in the ToBeSignedCertificate structure have the
+ following meaning:
+
+
+ For both implicit and explicit certificates, when the certificate
+ is hashed to create or recover the public key (in the case of an implicit
+ certificate) or to generate or verify the signature (in the case of an
+ explicit certificate), the hash is Hash (Data input) || Hash (
+ Signer identifier input), where:
+ - Data input is the COER encoding of toBeSigned, canonicalized
+ as described above.
+ - Signer identifier input depends on the verification type,
+ which in turn depends on the choice indicated by issuer. If the choice
+ indicated by issuer is self, the verification type is self-signed and the
+ signer identifier input is the empty string. If the choice indicated by
+ issuer is not self, the verification type is certificate and the signer
+ identifier input is the COER encoding of the canonicalization per 6.4.3 of
+ the certificate indicated by issuer.
+
+ In other words, for implicit certificates, the value H (CertU) in SEC 4,
+ section 3, is for purposes of this standard taken to be H [H
+ (canonicalized ToBeSignedCertificate from the subordinate certificate) ||
+ H (entirety of issuer Certificate)]. See 5.3.2 for further discussion,
+ including material differences between this standard and SEC 4 regarding
+ how the hash function output is converted from a bit string to an integer.
+
+Fields:
+* id of type [**CertificateId**](Ieee1609Dot2.md#CertificateId)
+ contains information that is used to identify the certificate
+ holder if necessary.
+
+
+* cracaId of type [**HashedId3**](Ieee1609Dot2BaseTypes.md#HashedId3)
+ identifies the Certificate Revocation Authorization CA
+ (CRACA) responsible for certificate revocation lists (CRLs) on which this
+ certificate might appear. Use of the cracaId is specified in 5.1.3. The
+ HashedId3 is calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3, applied to the COER-encoded certificate,
+ canonicalized as defined in the definition of Certificate.
+
+
+
+* crlSeries of type [**CrlSeries**](Ieee1609Dot2BaseTypes.md#CrlSeries)
+ represents the CRL series relevant to a particular
+ Certificate Revocation Authorization CA (CRACA) on which the certificate
+ might appear. Use of this field is specified in 5.1.3.
+
+
+
+* validityPeriod of type [**ValidityPeriod**](Ieee1609Dot2BaseTypes.md#ValidityPeriod)
+ contains the validity period of the certificate.
+
+
+
+* region of type [**GeographicRegion**](Ieee1609Dot2BaseTypes.md#GeographicRegion) OPTIONAL
+ if present, indicates the validity region of the
+ certificate. If it is omitted the validity region is indicated as follows:
+ - If enclosing certificate is self-signed, i.e., the choice indicated
+ by the issuer field in the enclosing certificate structure is self, the
+ certificate is valid worldwide.
+ - Otherwise, the certificate has the same validity region as the
+ certificate that issued it.
+
+
+
+* assuranceLevel of type [**SubjectAssurance**](Ieee1609Dot2BaseTypes.md#SubjectAssurance) OPTIONAL
+ indicates the assurance level of the certificate
+ holder.
+
+
+
+* appPermissions of type [**SequenceOfPsidSsp**](Ieee1609Dot2BaseTypes.md#SequenceOfPsidSsp) OPTIONAL
+ indicates the permissions that the certificate
+ holder has to sign application data with this certificate. A valid
+ instance of appPermissions contains any particular Psid value in at most
+ one entry.
+
+
+
+* certIssuePermissions of type [**SequenceOfPsidGroupPermissions**](Ieee1609Dot2.md#SequenceOfPsidGroupPermissions) OPTIONAL
+ indicates the permissions that the certificate
+ holder has to sign certificates with this certificate. A valid instance of
+ this array contains no more than one entry whose psidSspRange field
+ indicates all. If the array has multiple entries and one entry has its
+ psidSspRange field indicate all, then the entry indicating all specifies
+ the permissions for all PSIDs other than the ones explicitly specified in
+ the other entries. See the description of PsidGroupPermissions for further
+ discussion.
+
+
+
+* certRequestPermissions of type [**SequenceOfPsidGroupPermissions**](Ieee1609Dot2.md#SequenceOfPsidGroupPermissions) OPTIONAL
+ indicates the permissions that the
+ certificate holder can request in its certificate. A valid instance of this
+ array contains no more than one entry whose psidSspRange field indicates
+ all. If the array has multiple entries and one entry has its psidSspRange
+ field indicate all, then the entry indicating all specifies the permissions
+ for all PSIDs other than the ones explicitly specified in the other entries.
+ See the description of PsidGroupPermissions for further discussion.
+
+
+
+* canRequestRollover of type **NULL** OPTIONAL
+ indicates that the certificate may be used to
+ sign a request for another certificate with the same permissions. This
+ field is provided for future use and its use is not defined in this
+ version of this standard.
+
+
+
+* encryptionKey of type [**PublicEncryptionKey**](Ieee1609Dot2BaseTypes.md#PublicEncryptionKey) OPTIONAL
+ contains a public key for encryption for which the
+ certificate holder holds the corresponding private key.
+
+
+
+* verifyKeyIndicator of type [**VerificationKeyIndicator**](Ieee1609Dot2.md#VerificationKeyIndicator)
+ contains material that may be used to recover
+ the public key that may be used to verify data signed by this certificate.
+
+
+
+* flags of type **BIT STRING** {usesCubk (0)} (SIZE (8)) OPTIONAL
+ indicates additional yes/no properties of the certificate
+ holder. The only bit with defined semantics in this string in this version
+ of this standard is usesCubk. If set, the usesCubk bit indicates that the
+ certificate holder supports the compact unified butterfly key response.
+ Further material about the compact unified butterfly key response can be
+ found in IEEE Std 1609.2.1.
+
+
+
+ ...,
+* appExtensions of type [**SequenceOfAppExtensions**](#SequenceOfAppExtensions)
+ indicates additional permissions that may be applied
+ to application activities that the certificate holder is carrying out.
+
+
+
+* certIssueExtensions of type [**SequenceOfCertIssueExtensions**](#SequenceOfCertIssueExtensions)
+ indicates additional permissions to issue
+ certificates containing endEntityExtensions.
+
+
+
+* certRequestExtension of type [**SequenceOfCertRequestExtensions**](#SequenceOfCertRequestExtensions)
+
+If the PublicEncryptionKey contains a BasePublicEncryptionKey that is an
+ elliptic curve point (i.e., of type EccP256CurvePoint or EccP384CurvePoint),
+ then the elliptic curve point is encoded in compressed form, i.e., such
+ that the choice indicated within the Ecc*CurvePoint is compressed-y-0 or
+ compressed-y-1.
+
+>>>
+NOTE: Critical information fields:
+ - If present, appPermissions is a critical information field as defined
+ in 5.2.6. If an implementation of verification does not support the number
+ of PsidSsp in the appPermissions field of a certificate that signed a
+ signed SPDU, that implementation shall indicate that the signed SPDU is
+ invalid in the sense of 4.2.2.3.2, that is, it is invalid in the sense
+ that its validity cannot be established.. A conformant implementation
+ shall support appPermissions fields containing at least eight entries.
+ It may be the case that an implementation of verification does not support
+ the number of entries in the appPermissions field and the appPermissions
+ field is not relevant to the verification: this will occur, for example,
+ if the certificate in question is a CA certificate and so the
+ certIssuePermissions field is relevant to the verification and the
+ appPermissions field is not. In this case, whether the implementation
+ indicates that the signed SPDU is valid (because it could validate all
+ relevant fields) or invalid (because it could not parse the entire
+ certificate) is implementation-specific.
+ - If present, certIssuePermissions is a critical information field as
+ defined in 5.2.6. If an implementation of verification does not support
+ the number of PsidGroupPermissions in the certIssuePermissions field of a
+ CA certificate in the chain of a signed SPDU, the implementation shall
+ indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2, that
+ is, it is invalid in the sense that its validity cannot be established.
+ A conformant implementation shall support certIssuePermissions fields
+ containing at least eight entries.
+ It may be the case that an implementation of verification does not support
+ the number of entries in the certIssuePermissions field and the
+ certIssuePermissions field is not relevant to the verification: this will
+ occur, for example, if the certificate in question is the signing
+ certificate for the SPDU and so the appPermissions field is relevant to
+ the verification and the certIssuePermissions field is not. In this case,
+ whether the implementation indicates that the signed SPDU is valid
+ (because it could validate all relevant fields) or invalid (because it
+ could not parse the entire certificate) is implementation-specific.
+ - If present, certRequestPermissions is a critical information field as
+ defined in 5.2.6. If an implementaiton of verification of a certificate
+ request does not support the number of PsidGroupPermissions in
+ certRequestPermissions, the implementation shall indicate that the signed
+ SPDU is invalid in the sense of 4.2.2.3.2, that is, it is invalid in the
+ sense that its validity cannot be established. A conformant implementation
+ shall support certRequestPermissions fields containing at least eight
+ entries.
+ It may be the case that an implementation of verification does not support
+ the number of entries in the certRequestPermissions field and the
+ certRequestPermissions field is not relevant to the verification: this will
+ occur, for example, if the certificate in question is the signing
+ certificate for the SPDU and so the appPermissions field is relevant to
+ the verification and the certRequestPermissions field is not. In this
+ case, whether the implementation indicates that the signed SPDU is valid
+ (because it could validate all relevant fields) or invalid (because it
+ could not parse the entire certificate) is implementation-specific.
+>>>
+```asn1
+ToBeSignedCertificate ::= SEQUENCE {
+ id CertificateId,
+ cracaId HashedId3,
+ crlSeries CrlSeries,
+ validityPeriod ValidityPeriod,
+ region GeographicRegion OPTIONAL,
+ assuranceLevel SubjectAssurance OPTIONAL,
+ appPermissions SequenceOfPsidSsp OPTIONAL,
+ certIssuePermissions SequenceOfPsidGroupPermissions OPTIONAL,
+ certRequestPermissions SequenceOfPsidGroupPermissions OPTIONAL,
+ canRequestRollover NULL OPTIONAL,
+ encryptionKey PublicEncryptionKey OPTIONAL,
+ verifyKeyIndicator VerificationKeyIndicator,
+ ...,
+ flags BIT STRING {usesCubk (0)} (SIZE (8)) OPTIONAL,
+ appExtensions SequenceOfAppExtensions,
+ certIssueExtensions SequenceOfCertIssueExtensions,
+ certRequestExtension SequenceOfCertRequestExtensions
+}
+(WITH COMPONENTS { ..., appPermissions PRESENT} |
+ WITH COMPONENTS { ..., certIssuePermissions PRESENT} |
+ WITH COMPONENTS { ..., certRequestPermissions PRESENT})
+```
+
+### CertificateId
+This structure contains information that is used to identify the
+ certificate holder if necessary.
+
+Fields:
+* linkageData of type [**LinkageData**](#LinkageData)
+ is used to identify the certificate for revocation
+ purposes in the case of certificates that appear on linked certificate
+ CRLs. See 5.1.3 and 7.3 for further discussion.
+
+
+* name of type [**Hostname**](Ieee1609Dot2BaseTypes.md#Hostname)
+ is used to identify the certificate holder in the case of
+ non-anonymous certificates. The contents of this field are a matter of
+ policy and are expected to be human-readable.
+
+
+
+* binaryId of type **OCTET STRING** (SIZE(1..64))
+ supports identifiers that are not human-readable.
+
+
+
+* none of type **NULL**
+ indicates that the certificate does not include an identifier.
+
+
+
+
+>>>
+NOTE: Critical information fields:
+ - If present, this is a critical information field as defined in 5.2.6.
+ An implementation that does not recognize the choice indicated in this
+ field shall reject a signed SPDU as invalid.
+>>>
+```asn1
+CertificateId ::= CHOICE {
+ linkageData LinkageData,
+ name Hostname,
+ binaryId OCTET STRING(SIZE(1..64)),
+ none NULL,
+ ...
+}
+```
+
+### LinkageData
+This structure contains information that is matched against
+ information obtained from a linkage ID-based CRL to determine whether the
+ containing certificate has been revoked. See 5.1.3.4 and 7.3 for details
+ of use.
+
+Fields:
+* iCert of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+* linkage-value of type [**LinkageValue**](Ieee1609Dot2BaseTypes.md#LinkageValue)
+
+* group-linkage-value of type [**GroupLinkageValue**](Ieee1609Dot2BaseTypes.md#GroupLinkageValue) OPTIONAL
+
+```asn1
+LinkageData ::= SEQUENCE {
+ iCert IValue,
+ linkage-value LinkageValue,
+ group-linkage-value GroupLinkageValue OPTIONAL
+}
+```
+
+### PsidGroupPermissions
+This type indicates which type of permissions may appear in
+ end-entity certificates the chain of whose permissions passes through the
+ PsidGroupPermissions field containing this value. If app is indicated, the
+ end-entity certificate may contain an appPermissions field. If enroll is
+ indicated, the end-entity certificate may contain a certRequestPermissions
+ field.
+
+This structure states the permissions that a certificate holder has
+ with respect to issuing and requesting certificates for a particular set
+ of PSIDs. For examples, see D.5.3 and D.5.4.
+
+Fields:
+* subjectPermissions of type [**SubjectPermissions**](#SubjectPermissions)
+ indicates PSIDs and SSP Ranges covered by this
+ field.
+
+
+* minChainLength of type **INTEGER** DEFAULT 1
+ and chainLengthRange indicate how long the
+ certificate chain from this certificate to the end-entity certificate is
+ permitted to be. As specified in 5.1.2.1, the length of the certificate
+ chain is the number of certificates "below" this certificate in the chain,
+ down to and including the end-entity certificate. The length is permitted
+ to be (a) greater than or equal to minChainLength certificates and (b)
+ less than or equal to minChainLength + chainLengthRange certificates. A
+ value of 0 for minChainLength is not permitted when this type appears in
+ the certIssuePermissions field of a ToBeSignedCertificate; a certificate
+ that has a value of 0 for this field is invalid. The value -1 for
+ chainLengthRange is a special case: if the value of chainLengthRange is -1
+ it indicates that the certificate chain may be any length equal to or
+ greater than minChainLength. See the examples below for further discussion.
+
+
+
+* chainLengthRange of type **INTEGER** DEFAULT 0
+
+* eeType of type [**EndEntityType**](#EndEntityType) DEFAULT {app}
+ takes one or more of the values app and enroll and indicates
+ the type of certificates or requests that this instance of
+ PsidGroupPermissions in the certificate is entitled to authorize.
+ Different instances of PsidGroupPermissions within a ToBeSignedCertificate
+ may have different values for eeType.
+ - If this field indicates app, the chain is allowed to end in an
+ authorization certificate, i.e., a certficate in which these permissions
+ appear in an appPermissions field (in other words, if the field does not
+ indicate app and the chain ends in an authorization certificate, the
+ chain shall be considered invalid).
+ - If this field indicates enroll, the chain is allowed to end in an
+ enrollment certificate, i.e., a certificate in which these permissions
+ appear in a certReqPermissions permissions field (in other words, if the
+ field does not indicate enroll and the chain ends in an enrollment
+ certificate, the chain shall be considered invalid).
+
+
+
+
+```asn1
+PsidGroupPermissions ::= SEQUENCE {
+ subjectPermissions SubjectPermissions,
+ minChainLength INTEGER DEFAULT 1,
+ chainLengthRange INTEGER DEFAULT 0,
+ eeType EndEntityType DEFAULT {app}
+}
+```
+
+
+### SequenceOfPsidGroupPermissions
+This type is used for clarity of definitions.
+```asn1
+SequenceOfPsidGroupPermissions ::= SEQUENCE OF PsidGroupPermissions
+```
+
+### SubjectPermissions
+This indicates the PSIDs and associated SSPs for which certificate
+ issuance or request permissions are granted by a PsidGroupPermissions
+ structure. If this takes the value explicit, the enclosing
+ PsidGroupPermissions structure grants certificate issuance or request
+ permissions for the indicated PSIDs and SSP Ranges. If this takes the
+ value all, the enclosing PsidGroupPermissions structure grants certificate
+ issuance or request permissions for all PSIDs not indicated by other
+ PsidGroupPermissions in the same certIssuePermissions or
+ certRequestPermissions field.
+
+Fields:
+* explicit of type [**SequenceOfPsidSspRange**](Ieee1609Dot2BaseTypes.md#SequenceOfPsidSspRange)
+* all of type **NULL**
+
+
+>>>
+NOTE: Critical information fields:
+ - If present, this is a critical information field as defined in 5.2.6.
+ An implementation that does not recognize the indicated CHOICE when
+ verifying a signed SPDU shall indicate that the signed SPDU is
+ invalidin the sense of 4.2.2.3.2, that is, it is invalid in the sense that
+ its validity cannot be established.
+ - If present, explicit is a critical information field as defined in
+ 5.2.6. An implementation that does not support the number of PsidSspRange
+ in explicit when verifying a signed SPDU shall indicate that the signed
+ SPDU is invalid in the sense of 4.2.2.3.2, that is, it is invalid in the
+ sense that its validity cannot be established. A conformant implementation
+ shall support explicit fields containing at least eight entries.
+>>>
+```asn1
+SubjectPermissions ::= CHOICE {
+ explicit SequenceOfPsidSspRange,
+ all NULL,
+ ...
+}
+```
+
+### VerificationKeyIndicator
+The contents of this field depend on whether the certificate is an
+ implicit or an explicit certificate.
+
+Fields:
+* verificationKey of type [**PublicVerificationKey**](Ieee1609Dot2BaseTypes.md#PublicVerificationKey)
+ is included in explicit certificates. It contains
+ the public key to be used to verify signatures generated by the holder of
+ the Certificate.
+
+
+* reconstructionValue of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+ is included in implicit certificates. It
+ contains the reconstruction value, which is used to recover the public key
+ as specified in SEC 4 and 5.3.2.
+
+
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the PublicVerificationKey and to the EccP256CurvePoint. The
+ EccP256CurvePoint is encoded in compressed form, i.e., such that the
+ choice indicated within the EccP256CurvePoint is compressed-y-0 or
+ compressed-y-1.
+>>>
+```asn1
+VerificationKeyIndicator ::= CHOICE {
+ verificationKey PublicVerificationKey,
+ reconstructionValue EccP256CurvePoint,
+ ...
+}
+```
+
+
+### Ieee1609HeaderInfoExtensionId
+This structure uses the parameterized type Extension to define an
+ Ieee1609ContributedHeaderInfoExtension as an open Extension Content field
+ identified by an extension identifier. The extension identifier value is
+ unique to extensions defined by ETSI and need not be unique among all
+ extension identifier values defined by all contributing organizations.
+
+This is an integer used to identify an
+ Ieee1609ContributedHeaderInfoExtension.
+```asn1
+Ieee1609HeaderInfoExtensionId ::= ExtId
+```
+
+```asn1
+p2pcd8ByteLearningRequestId Ieee1609HeaderInfoExtensionId ::= 1
+```
+
+
+### Ieee1609HeaderInfoExtensions
+This is the ASN.1 Information Object Class that associates IEEE
+ 1609 HeaderInfo contributed extensions with the appropriate
+ Ieee1609HeaderInfoExtensionId value.
+```asn1
+Ieee1609HeaderInfoExtensions EXT-TYPE ::= {
+ {HashedId8 IDENTIFIED BY p2pcd8ByteLearningRequestId},
+ ...
+}
+```
+
+
+### SequenceOfAppExtensions
+This structure contains any AppExtensions that apply to the
+ certificate holder. As specified in 5.2.4.2.3, each individual
+ AppExtension type is associated with consistency conditions, specific to
+ that extension, that govern its consistency with SPDUs signed by the
+ certificate holder and with the CertIssueExtensions in the CA certificates
+ in that certificate holderÂ’s chain. Those consistency conditions are
+ specified for each individual AppExtension below.
+```asn1
+SequenceOfAppExtensions ::= SEQUENCE (SIZE(1..MAX)) OF AppExtension
+```
+
+### AppExtension
+This structure contains an individual AppExtension. AppExtensions
+ specified in this standard are drawn from the ASN.1 Information Object Set
+ SetCertExtensions. This set, and its use in the AppExtension type, is
+ structured so that each AppExtension is associated with a
+ CertIssueExtension and a CertRequestExtension and all are identified by
+ the same id value. In this structure:
+
+Fields:
+* id of type [**CERT-EXT-TYPE**](Ieee1609Dot2BaseTypes.md#CERT-EXT-TYPE) .&id({SetCertExtensions})
+ identifies the extension type.
+
+
+* content of type [**CERT-EXT-TYPE**](Ieee1609Dot2BaseTypes.md#CERT-EXT-TYPE) .&App({SetCertExtensions}{@.id})
+ provides the content of the extension.
+
+
+
+
+```asn1
+AppExtension ::= SEQUENCE {
+ id CERT-EXT-TYPE.&id({SetCertExtensions}),
+ content CERT-EXT-TYPE.&App({SetCertExtensions}{@.id})
+}
+```
+
+
+### SequenceOfCertIssueExtensions
+This field contains any CertIssueExtensions that apply to the
+ certificate holder. As specified in 5.2.4.2.3, each individual
+ CertIssueExtension type is associated with consistency conditions,
+ specific to that extension, that govern its consistency with
+ AppExtensions in certificates issued by the certificate holder and with
+ the CertIssueExtensions in the CA certificates in that certificate
+ holderÂ’s chain. Those consistency conditions are specified for each
+ individual CertIssueExtension below.
+```asn1
+SequenceOfCertIssueExtensions ::=
+ SEQUENCE (SIZE(1..MAX)) OF CertIssueExtension
+```
+
+### CertIssueExtension
+This field contains an individual CertIssueExtension.
+ CertIssueExtensions specified in this standard are drawn from the ASN.1
+ Information Object Set SetCertExtensions. This set, and its use in the
+ CertIssueExtension type, is structured so that each CertIssueExtension
+ is associated with a AppExtension and a CertRequestExtension and all are
+ identified by the same id value. In this structure:
+
+Fields:
+* id of type [**CERT-EXT-TYPE**](Ieee1609Dot2BaseTypes.md#CERT-EXT-TYPE) .&id({SetCertExtensions})
+ identifies the extension type.
+
+
+* permissions of type [**CHOICE**](#CHOICE) {
+ specific CERT-EXT-TYPE.&Issue({SetCertExtensions}{@.id})
+ indicates the permissions. Within this field.
+ - all indicates that the certificate is entitled to issue all values of
+ the extension.
+ - specific is used to specify which values of the extension may be
+ issued in the case where all does not apply.
+
+
+
+
+* all of type **NULL**
+
+```asn1
+CertIssueExtension ::= SEQUENCE {
+ id CERT-EXT-TYPE.&id({SetCertExtensions}),
+ permissions CHOICE {
+ specific CERT-EXT-TYPE.&Issue({SetCertExtensions}{@.id}),
+ all NULL
+ }
+}
+```
+
+
+### SequenceOfCertRequestExtensions
+This field contains any CertRequestExtensions that apply to the
+ certificate holder. As specified in 5.2.4.2.3, each individual
+ CertRequestExtension type is associated with consistency conditions,
+ specific to that extension, that govern its consistency with
+ AppExtensions in certificates issued by the certificate holder and with
+ the CertRequestExtensions in the CA certificates in that certificate
+ holderÂ’s chain. Those consistency conditions are specified for each
+ individual CertRequestExtension below.
+```asn1
+SequenceOfCertRequestExtensions ::= SEQUENCE (SIZE(1..MAX)) OF CertRequestExtension
+```
+
+### CertRequestExtension
+This field contains an individual CertRequestExtension.
+ CertRequestExtensions specified in this standard are drawn from the
+ ASN.1 Information Object Set SetCertExtensions. This set, and its use in
+ the CertRequestExtension type, is structured so that each
+ CertRequestExtension is associated with a AppExtension and a
+ CertRequestExtension and all are identified by the same id value. In this
+ structure:
+
+Fields:
+* id of type [**CERT-EXT-TYPE**](Ieee1609Dot2BaseTypes.md#CERT-EXT-TYPE) .&id({SetCertExtensions})
+ identifies the extension type.
+
+
+* permissions of type [**CHOICE**](#CHOICE) {
+ content CERT-EXT-TYPE.&Req({SetCertExtensions}{@.id})
+ indicates the permissions. Within this field.
+ - all indicates that the certificate is entitled to issue all values of
+ the extension.
+ - specific is used to specify which values of the extension may be
+ issued in the case where all does not apply.
+
+
+
+
+* all of type **NULL**
+
+```asn1
+CertRequestExtension ::= SEQUENCE {
+ id CERT-EXT-TYPE.&id({SetCertExtensions}),
+ permissions CHOICE {
+ content CERT-EXT-TYPE.&Req({SetCertExtensions}{@.id}),
+ all NULL
+ }
+}
+```
+
+
+### OperatingOrganizationId
+This type is the AppExtension used to identify an operating
+ organization. The associated CertIssueExtension and CertRequestExtension
+ are both of type OperatingOrganizationId.
+ To determine consistency between this type and an SPDU, the SDEE
+ specification for that SPDU is required to specify how the SPDU can be
+ used to determine an OBJECT IDENTIFIER (for example, by including the
+ full OBJECT IDENTIFIER in the SPDU, or by including a RELATIVE-OID with
+ clear instructions about how a full OBJECT IDENTIFIER can be obtained from
+ the RELATIVE-OID). The SPDU is then consistent with this type if the
+ OBJECT IDENTIFIER determined from the SPDU is identical to the OBJECT
+ IDENTIFIER contained in this field.
+ This AppExtension does not have consistency conditions with a
+ corresponding CertIssueExtension. It can appear in a certificate issued
+ by any CA.
+```asn1
+OperatingOrganizationId ::= OBJECT IDENTIFIER
+```
+
+```asn1
+certExtId-OperatingOrganization ExtId ::= 1
+```
+
+```asn1
+instanceOperatingOrganizationCertExtensions CERT-EXT-TYPE ::= {
+ ID certExtId-OperatingOrganization
+ APP OperatingOrganizationId
+ ISSUE NULL
+ REQUEST NULL
+}
+```
+
+
+### SetCertExtensions
+This Information Object Set is a collection of Information Objects
+ used to contain the AppExtension, CertIssueExtension, and
+ CertRequestExtension types associated with a specific use of certificate
+ extensions. In this version of this standard it only has a single entry
+ instanceOperatingOrganizationCertExtensions.
+```asn1
+SetCertExtensions CERT-EXT-TYPE ::= {
+ instanceOperatingOrganizationCertExtensions,
+ ...
+}
+```
+
+
+
+This Information Object is an instance of the Information Object
+ Class CERT-EXT-TYPE. It is defined to bind together the AppExtension,
+ CertIssueExtension, and CertRequestExtension types associated with the
+ use of an operating organization identifier, and to assocaute them all
+ with the extension identifier value certExtId-OperatingOrganization.
+ This Information Object Set is a collection of Information Objects
+ used to contain the AppExtension, CertIssueExtension, and
+ CertRequestExtension types associated with a specific use of certificate
+ extensions. In this version of this standard it only has a single entry
+ instanceOperatingOrganizationCertExtensions.
+
+
diff --git a/docs/Ieee1609Dot2BaseTypes.md b/docs/Ieee1609Dot2BaseTypes.md
new file mode 100644
index 0000000000000000000000000000000000000000..92ddc6ca68d7441dd44fbaedeb906a9936fde18e
--- /dev/null
+++ b/docs/Ieee1609Dot2BaseTypes.md
@@ -0,0 +1,1726 @@
+# ASN.1 module Ieee1609Dot2BaseTypes
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-4(4)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### Uint3
+This atomic type is used in the definition of other data structures.
+ It is for non-negative integers up to 7, i.e., (hex)07.
+```asn1
+Uint3 ::= INTEGER (0..7)
+```
+
+
+### Uint8
+This atomic type is used in the definition of other data structures.
+ It is for non-negative integers up to 255, i.e., (hex)ff.
+```asn1
+Uint8 ::= INTEGER (0..255)
+```
+
+
+### Uint16
+This atomic type is used in the definition of other data structures.
+ It is for non-negative integers up to 65,535, i.e., (hex)ff ff.
+```asn1
+Uint16 ::= INTEGER (0..65535)
+```
+
+
+### Uint32
+This atomic type is used in the definition of other data structures.
+ It is for non-negative integers up to 4,294,967,295, i.e.,
+ (hex)ff ff ff ff.
+```asn1
+Uint32 ::= INTEGER (0..4294967295)
+```
+
+
+### Uint64
+This atomic type is used in the definition of other data structures.
+ It is for non-negative integers up to 18,446,744,073,709,551,615, i.e.,
+ (hex)ff ff ff ff ff ff ff ff.
+```asn1
+Uint64 ::= INTEGER (0..18446744073709551615)
+```
+
+
+### SequenceOfUint8
+This type is used for clarity of definitions.
+```asn1
+SequenceOfUint8 ::= SEQUENCE OF Uint8
+```
+
+
+### SequenceOfUint16
+This type is used for clarity of definitions.
+```asn1
+SequenceOfUint16 ::= SEQUENCE OF Uint16
+```
+
+
+### Opaque
+This is a synonym for ASN.1 OCTET STRING, and is used in the
+ definition of other data structures.
+```asn1
+Opaque ::= OCTET STRING
+```
+
+
+### HashedId3
+This type contains the truncated hash of another data structure.
+ The HashedId3 for a given data structure is calculated by calculating the
+ hash of the encoded data structure and taking the low-order three bytes of
+ the hash output. The low-order three bytes are the last three bytes of the
+ 32-byte hash when represented in network byte order. If the data structure
+ is subject to canonicalization it is canonicalized before hashing. See
+ Example below.
+
+
+ The hash algorithm to be used to calculate a HashedId3 within a
+ structure depends on the context. In this standard, for each structure
+ that includes a HashedId3 field, the corresponding text indicates how the
+ hash algorithm is determined. See also the discussion in 5.3.9.
+
+ Example: Consider the SHA-256 hash of the empty string:
+
+ SHA-256("") =
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+ The HashedId3 derived from this hash corresponds to the following:
+
+ HashedId3 = 52b855.
+```asn1
+HashedId3 ::= OCTET STRING (SIZE(3))
+```
+
+
+### SequenceOfHashedId3
+This type is used for clarity of definitions.
+```asn1
+SequenceOfHashedId3 ::= SEQUENCE OF HashedId3
+```
+
+
+### HashedId8
+This type contains the truncated hash of another data structure.
+ The HashedId8 for a given data structure is calculated by calculating the
+ hash of the encoded data structure and taking the low-order eight bytes of
+ the hash output. The low-order eight bytes are the last eight bytes of the
+ hash when represented in network byte order. If the data structure
+ is subject to canonicalization it is canonicalized before hashing. See
+ Example below.
+
+
+ The hash algorithm to be used to calculate a HashedId8 within a
+ structure depends on the context. In this standard, for each structure
+ that includes a HashedId8 field, the corresponding text indicates how the
+ hash algorithm is determined. See also the discussion in 5.3.9.
+
+ Example: Consider the SHA-256 hash of the empty string:
+
+ SHA-256("") =
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+ The HashedId8 derived from this hash corresponds to the following:
+
+ HashedId8 = a495991b7852b855.
+```asn1
+HashedId8 ::= OCTET STRING (SIZE(8))
+```
+
+
+### HashedId10
+This type contains the truncated hash of another data structure.
+ The HashedId10 for a given data structure is calculated by calculating the
+ hash of the encoded data structure and taking the low-order ten bytes of
+ the hash output. The low-order ten bytes are the last ten bytes of the
+ hash when represented in network byte order. If the data structure
+ is subject to canonicalization it is canonicalized before hashing. See
+ Example below.
+
+
+ The hash algorithm to be used to calculate a HashedId10 within a
+ structure depends on the context. In this standard, for each structure
+ that includes a HashedId10 field, the corresponding text indicates how the
+ hash algorithm is determined. See also the discussion in 5.3.9.
+
+ Example: Consider the SHA-256 hash of the empty string:
+
+ SHA-256("") =
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+ The HashedId10 derived from this hash corresponds to the following:
+
+ HashedId10 = 934ca495991b7852b855.
+```asn1
+HashedId10 ::= OCTET STRING (SIZE(10))
+```
+
+
+### HashedId32
+This data structure contains the truncated hash of another data
+ structure. The HashedId32 for a given data structure is calculated by
+ calculating the hash of the encoded data structure and taking the
+ low-order 32 bytes of the hash output. The low-order 32 bytes are the last
+ 32 bytes of the hash when represented in network byte order. If the data
+ structure is subject to canonicalization it is canonicalized before
+ hashing. See Example below.
+
+
+ The hash algorithm to be used to calculate a HashedId32 within a
+ structure depends on the context. In this standard, for each structure
+ that includes a HashedId32 field, the corresponding text indicates how the
+ hash algorithm is determined. See also the discussion in 5.3.9.
+
+ Example: Consider the SHA-256 hash of the empty string:
+
+ SHA-256("") =
+ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
+
+ The HashedId32 derived from this hash corresponds to the following:
+
+ HashedId32 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8
+ 55.
+```asn1
+HashedId32 ::= OCTET STRING (SIZE(32))
+```
+
+
+### HashedId48
+This data structure contains the truncated hash of another data
+ structure. The HashedId48 for a given data structure is calculated by
+ calculating the hash of the encoded data structure and taking the
+ low-order 48 bytes of the hash output. The low-order 48 bytes are the last
+ 48 bytes of the hash when represented in network byte order. If the data
+ structure is subject to canonicalization it is canonicalized before
+ hashing. See Example below.
+
+
+ The hash algorithm to be used to calculate a HashedId48 within a
+ structure depends on the context. In this standard, for each structure
+ that includes a HashedId48 field, the corresponding text indicates how the
+ hash algorithm is determined. See also the discussion in 5.3.9.
+
+ Example: Consider the SHA-384 hash of the empty string:
+
+ SHA-384("") = 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6
+ e1da274edebfe76f65fbd51ad2f14898b95b
+
+ The HashedId48 derived from this hash corresponds to the following:
+
+ HashedId48 = 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e
+ 1da274edebfe76f65fbd51ad2f14898b95b.
+```asn1
+HashedId48 ::= OCTET STRING(SIZE(48))
+```
+
+
+### Time32
+This type gives the number of (TAI) seconds since 00:00:00 UTC, 1
+ January, 2004.
+```asn1
+Time32 ::= Uint32
+```
+
+
+### Time64
+This data structure is a 64-bit integer giving an estimate of the
+ number of (TAI) microseconds since 00:00:00 UTC, 1 January, 2004.
+```asn1
+Time64 ::= Uint64
+```
+
+### ValidityPeriod
+This type gives the validity period of a certificate. The start of
+ the validity period is given by start and the end is given by
+ start + duration.
+
+Fields:
+* start of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+* duration of type [**Duration**](#Duration)
+
+```asn1
+ValidityPeriod ::= SEQUENCE {
+ start Time32,
+ duration Duration
+}
+```
+
+### Duration
+This structure represents the duration of validity of a
+ certificate. The Uint16 value is the duration, given in the units denoted
+ by the indicated choice. A year is considered to be 31556952 seconds,
+ which is the average number of seconds in a year.
+
+Fields:
+* microseconds of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+* milliseconds of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+* seconds of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+* minutes of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+* hours of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+* sixtyHours of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+* years of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+
+>>>
+NOTE: Years can be mapped more closely to wall-clock days using the hours
+ choice for up to 7 years and the sixtyHours choice for up to 448 years.
+>>>
+```asn1
+Duration ::= CHOICE {
+ microseconds Uint16,
+ milliseconds Uint16,
+ seconds Uint16,
+ minutes Uint16,
+ hours Uint16,
+ sixtyHours Uint16,
+ years Uint16
+}
+```
+
+### GeographicRegion
+This structure represents a geographic region of a specified form.
+ A certificate is not valid if any part of the region indicated in its
+ scope field lies outside the region indicated in the scope of its issuer.
+
+Fields:
+* circularRegion of type [**CircularRegion**](#CircularRegion)
+ contains a single instance of the CircularRegion
+ structure.
+
+
+* rectangularRegion of type [**SequenceOfRectangularRegion**](#SequenceOfRectangularRegion)
+ is an array of RectangularRegion structures
+ containing at least one entry. This field is interpreted as a series of
+ rectangles, which may overlap or be disjoint. The permitted region is any
+ point within any of the rectangles.
+
+
+
+* polygonalRegion of type [**PolygonalRegion**](#PolygonalRegion)
+ contains a single instance of the PolygonalRegion
+ structure.
+
+
+
+* identifiedRegion of type [**SequenceOfIdentifiedRegion**](#SequenceOfIdentifiedRegion)
+ is an array of IdentifiedRegion structures
+ containing at least one entry. The permitted region is any point within
+ any of the identified regions.
+
+
+
+
+>>>
+NOTE: Critical information fields:
+ - If present, this is a critical information field as defined in 5.2.6.
+ An implementation that does not recognize the indicated CHOICE when
+ verifying a signed SPDU shall indicate that the signed SPDU is invalid in
+ the sense of 4.2.2.3.2, that is, it is invalid in the sense that its
+ validity cannot be established.
+ - If selected, rectangularRegion is a critical information field as
+ defined in 5.2.6. An implementation that does not support the number of
+ RectangularRegion in rectangularRegions when verifying a signed SPDU shall
+ indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2, that
+ is, it is invalid in the sense that its validity cannot be established.
+ A conformant implementation shall support rectangularRegions fields
+ containing at least eight entries.
+ - If selected, identifiedRegion is a critical information field as
+ defined in 5.2.6. An implementation that does not support the number of
+ IdentifiedRegion in identifiedRegion shall reject the signed SPDU as
+ invalid in the sense of 4.2.2.3.2, that is, it is invalid in the sense
+ that its validity cannot be established. A conformant implementation shall
+ support identifiedRegion fields containing at least eight entries.
+>>>
+```asn1
+GeographicRegion ::= CHOICE {
+ circularRegion CircularRegion,
+ rectangularRegion SequenceOfRectangularRegion,
+ polygonalRegion PolygonalRegion,
+ identifiedRegion SequenceOfIdentifiedRegion,
+ ...
+}
+```
+
+### CircularRegion
+This structure specifies a circle with its center at center, its
+ radius given in meters, and located tangential to the reference ellipsoid.
+ The indicated region is all the points on the surface of the reference
+ ellipsoid whose distance to the center point over the reference ellipsoid
+ is less than or equal to the radius. A point which contains an elevation
+ component is considered to be within the circular region if its horizontal
+ projection onto the reference ellipsoid lies within the region.
+
+Fields:
+* center of type [**TwoDLocation**](#TwoDLocation)
+* radius of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+```asn1
+CircularRegion ::= SEQUENCE {
+ center TwoDLocation,
+ radius Uint16
+}
+```
+
+### RectangularRegion
+This structure specifies a “rectangle” on the surface of the WGS84 ellipsoid where the
+ sides are given by lines of constant latitude or longitude.
+ A point which contains an elevation component is considered to be within the rectangular region
+ if its horizontal projection onto the reference ellipsoid lies within the region.
+ A RectangularRegion is invalid if the northWest value is south of the southEast value, or if the
+ latitude values in the two points are equal, or if the longitude values in the two points are
+ equal; otherwise it is valid. A certificate that contains an invalid RectangularRegion is invalid.
+
+Fields:
+* northWest of type [**TwoDLocation**](#TwoDLocation)
+ is the north-west corner of the rectangle.
+
+
+* southEast of type [**TwoDLocation**](#TwoDLocation)
+ is the south-east corner of the rectangle.
+
+
+
+
+```asn1
+RectangularRegion ::= SEQUENCE {
+ northWest TwoDLocation,
+ southEast TwoDLocation
+}
+```
+
+
+### SequenceOfRectangularRegion
+This type is used for clarity of definitions.
+```asn1
+SequenceOfRectangularRegion ::= SEQUENCE OF RectangularRegion
+```
+
+
+### PolygonalRegion
+This structure defines a region using a series of distinct
+ geographic points, defined on the surface of the reference ellipsoid. The
+ region is specified by connecting the points in the order they appear,
+ with each pair of points connected by the geodesic on the reference
+ ellipsoid. The polygon is completed by connecting the final point to the
+ first point. The allowed region is the interior of the polygon and its
+ boundary.
+
+
+ A point which contains an elevation component is considered to be
+ within the polygonal region if its horizontal projection onto the
+ reference ellipsoid lies within the region.
+
+ A valid PolygonalRegion contains at least three points. In a valid
+ PolygonalRegion, the implied lines that make up the sides of the polygon
+ do not intersect.
+
+>>>
+NOTE: Critical information fields: If present, this is a critical
+ information field as defined in 5.2.6. An implementation that does not
+ support the number of TwoDLocation in the PolygonalRegion when verifying a
+ signed SPDU shall indicate that the signed SPDU is invalid. A compliant
+ implementation shall support PolygonalRegions containing at least eight
+ TwoDLocation entries.
+>>>
+```asn1
+PolygonalRegion ::= SEQUENCE SIZE (3..MAX) OF TwoDLocation
+```
+
+### TwoDLocation
+This structure is used to define validity regions for use in
+ certificates. The latitude and longitude fields contain the latitude and
+ longitude as defined above.
+
+Fields:
+* latitude of type [**Latitude**](#Latitude)
+* longitude of type [**Longitude**](#Longitude)
+
+
+>>>
+NOTE: This data structure is consistent with the location encoding
+ used in SAE J2735, except that values 900 000 001 for latitude (used to
+ indicate that the latitude was not available) and 1 800 000 001 for
+ longitude (used to indicate that the longitude was not available) are not
+ valid.
+>>>
+```asn1
+TwoDLocation ::= SEQUENCE {
+ latitude Latitude,
+ longitude Longitude
+}
+```
+
+### IdentifiedRegion
+This structure indicates the region of validity of a certificate
+ using region identifiers.
+ A conformant implementation that supports this type shall support at least
+ one of the possible CHOICE values. The Protocol Implementation Conformance
+ Statement (PICS) provided in Annex A allows an implementation to state
+ which CountryOnly values it recognizes.
+
+Fields:
+* countryOnly of type [**UnCountryId**](#UnCountryId)
+ indicates that only a country (or a geographic entity
+ included in a country list) is given.
+
+
+* countryAndRegions of type [**CountryAndRegions**](#CountryAndRegions)
+ indicates that one or more top-level regions
+ within a country (as defined by the region listing associated with that
+ country) is given.
+
+
+
+* countryAndSubregions of type [**CountryAndSubregions**](#CountryAndSubregions)
+ indicates that one or more regions smaller
+ than the top-level regions within a country (as defined by the region
+ listing associated with that country) is given.
+
+
+
+Critical information fields: If present, this is a critical
+ information field as defined in 5.2.6. An implementation that does not
+ recognize the indicated CHOICE when verifying a signed SPDU shall indicate
+ that the signed SPDU is invalid in the sense of 4.2.2.3.2, that is, it is
+ invalid in the sense that its validity cannot be established.
+```asn1
+IdentifiedRegion ::= CHOICE {
+ countryOnly UnCountryId,
+ countryAndRegions CountryAndRegions,
+ countryAndSubregions CountryAndSubregions,
+ ...
+}
+```
+
+
+### SequenceOfIdentifiedRegion
+This type is used for clarity of definitions.
+```asn1
+SequenceOfIdentifiedRegion ::= SEQUENCE OF IdentifiedRegion
+```
+
+
+### UnCountryId
+This type contains the integer representation of the country or
+ area identifier as defined by the United Nations Statistics Division in
+ October 2013 (see normative references in Clause 0).
+ A conformant implementation that implements IdentifiedRegion shall
+ recognize (in the sense of “be able to determine whether a two dimensional
+ location lies inside or outside the borders identified by”) at least one
+ value of UnCountryId. The Protocol Implementation Conformance Statement
+ (PICS) provided in Annex A allows an implementation to state which
+ UnCountryId values it recognizes.
+ Since 2013 and before the publication of this version of this standard,
+ three changes have been made to the country code list, to define the
+ region "sub-Saharan Africa" and remove the "developed regions", and
+ "developing regions". A conformant implementation may recognize these
+ region identifiers in the sense defined in the previous paragraph.
+ If a verifying implementation is required to check that relevant
+ geographic information in a signed SPDU is consistent with a certificate
+ containing one or more instances of this type, then the SDS is permitted
+ to indicate that the signed SPDU is valid even if some instances of this
+ type are unrecognized in the sense defined above, so long as the
+ recognized instances of this type completely contain the relevant
+ geographic information. Informally, if the recognized values in the
+ certificate allow the SDS to determine that the SPDU is valid, then it
+ can make that determination even if there are also unrecognized values in
+ the certificate. This field is therefore not a "critical information
+ field" as defined in 5.2.6, because unrecognized values are permitted so
+ long as the validity of the SPDU can be established with the recognized
+ values. However, as discussed in 5.2.6, the presence of an unrecognized
+ value in a certificate can make it impossible to determine whether the
+ certificate and the SPDU are valid.
+```asn1
+UnCountryId ::= Uint16
+```
+
+
+### CountryOnly
+This type is defined only for backwards compatibility.
+```asn1
+CountryOnly ::= UnCountryId
+```
+
+### CountryAndRegions
+A conformant implementation that supports CountryAndRegions shall
+ support a regions field containing at least eight entries.
+ A conformant implementation that implements this type shall recognize
+ (in the sense of "be able to determine whether a two dimensional location
+ lies inside or outside the borders identified by") at least one value of
+ UnCountryId and at least one value for a region within the country
+ indicated by that recognized UnCountryId value. In this version of this
+ standard, the only means to satisfy this is for a conformant
+ implementation to recognize the value of UnCountryId indicating USA and
+ at least one of the FIPS state codes for US states. The Protocol
+ Implementation Conformance Statement (PICS) provided in Annex A allows
+ an implementation to state which UnCountryId values it recognizes and
+ which region values are recognized within that country.
+ If a verifying implementation is required to check that an relevant
+ geographic information in a signed SPDU is consistent with a certificate
+ containing one or more instances of this type, then the SDS is permitted
+ to indicate that the signed SPDU is valid even if some values of country
+ or within regions are unrecognized in the sense defined above, so long
+ as the recognized instances of this type completely contain the relevant
+ geographic information. Informally, if the recognized values in the
+ certificate allow the SDS to determine that the SPDU is valid, then it
+ can make that determination even if there are also unrecognized values
+ in the certificate. This field is therefore not a "critical information
+ field" as defined in 5.2.6, because unrecognized values are permitted so
+ long as the validity of the SPDU can be established with the recognized
+ values. However, as discussed in 5.2.6, the presence of an unrecognized
+ value in a certificate can make it impossible to determine whether the
+ certificate is valid and so whether the SPDU is valid.
+ In this type:
+
+Fields:
+* countryOnly of type [**UnCountryId**](#UnCountryId)
+ is a UnCountryId as defined above.
+
+
+* regions of type [**SequenceOfUint8**](#SequenceOfUint8)
+ identifies one or more regions within the country. If
+ country indicates the United States of America, the values in this field
+ identify the state or statistically equivalent entity using the integer
+ version of the 2010 FIPS codes as provided by the U.S. Census Bureau
+ (see normative references in Clause 0). For other values of country, the
+ meaning of region is not defined in this version of this standard.
+
+
+
+
+```asn1
+CountryAndRegions ::= SEQUENCE {
+ countryOnly UnCountryId,
+ regions SequenceOfUint8
+}
+```
+
+### CountryAndSubregions
+A conformant implementation that supports CountryAndSubregions
+ shall support a regionAndSubregions field containing at least eight
+ entries.
+ A conformant implementation that implements this type shall recognize
+ (in the sense of “be able to determine whether a two dimensional location
+ lies inside or outside the borders identified by”) at least one value of
+ country and at least one value for a region within the country indicated
+ by that recognized country value. In this version of this standard, the
+ only means to satisfy this is for a conformant implementation to recognize
+ the value of UnCountryId indicating USA and at least one of the FIPS state
+ codes for US states. The Protocol Implementation Conformance Statement
+ (PICS) provided in Annex A allows an implementation to state which
+ UnCountryId values it recognizes and which region values are recognized
+ within that country.
+ If a verifying implementation is required to check that an relevant
+ geographic information in a signed SPDU is consistent with a certificate
+ containing one or more instances of this type, then the SDS is permitted
+ to indicate that the signed SPDU is valid even if some values of country
+ or within regionAndSubregions are unrecognized in the sense defined above,
+ so long as the recognized instances of this type completely contain the
+ relevant geographic information. Informally, if the recognized values in
+ the certificate allow the SDS to determine that the SPDU is valid, then
+ it can make that determination even if there are also unrecognized values
+ in the certificate. This field is therefore not a "critical information
+ field" as defined in 5.2.6, because unrecognized values are permitted so
+ long as the validity of the SPDU can be established with the recognized
+ values. However, as discussed in 5.2.6, the presence of an unrecognized
+ value in a certificate can make it impossible to determine whether the
+ certificate is valid and so whether the SPDU is valid.
+ In this structure:
+
+Fields:
+* countryOnly of type [**UnCountryId**](#UnCountryId)
+ is a UnCountryId as defined above.
+
+
+* regionAndSubregions of type [**SequenceOfRegionAndSubregions**](#SequenceOfRegionAndSubregions)
+ identifies one or more subregions within
+ country.
+
+
+
+
+```asn1
+CountryAndSubregions ::= SEQUENCE {
+ countryOnly UnCountryId,
+ regionAndSubregions SequenceOfRegionAndSubregions
+}
+```
+
+### RegionAndSubregions
+The meanings of the fields in this structure are to be interpreted
+ in the context of a country within which the region is located, referred
+ to as the "enclosing country". If this structure is used in a
+ CountryAndSubregions structure, the enclosing country is the one indicated
+ by the country field in the CountryAndSubregions structure. If other uses
+ are defined for this structure in future, it is expected that that
+ definition will include a specification of how the enclosing country can
+ be determined.
+ If the enclosing country is the United States of America:
+ - The region field identifies the state or statistically equivalent
+ entity using the integer version of the 2010 FIPS codes as provided by the
+ U.S. Census Bureau (see normative references in Clause 0).
+ - The values in the subregions field identify the county or county
+ equivalent entity using the integer version of the 2010 FIPS codes as
+ provided by the U.S. Census Bureau.
+ If the enclosing country is a different country from the USA, the meaning
+ of regionAndSubregions is not defined in this version of this standard.
+ A conformant implementation that implements this type shall recognize (in
+ the sense of "be able to determine whether a two-dimensional location lies
+ inside or outside the borders identified by"), for at least one enclosing
+ country, at least one value for a region within that country and at least
+ one subregion for the indicated region. In this version of this standard,
+ the only means to satisfy this is for a conformant implementation to
+ recognize, for the USA, at least one of the FIPS state codes for US
+ states, and at least one of the county codes in at least one of the
+ recognized states. The Protocol Implementation Conformance Statement
+ (PICS) provided in Annex A allows an implementation to state which
+ UnCountryId values it recognizes and which region values are recognized
+ within that country.
+ If a verifying implementation is required to check that an relevant
+ geographic information in a signed SPDU is consistent with a certificate
+ containing one or more instances of this type, then the SDS is permitted
+ to indicate that the signed SPDU is valid even if some values within
+ subregions are unrecognized in the sense defined above, so long as the
+ recognized instances of this type completely contain the relevant
+ geographic information. Informally, if the recognized values in the
+ certificate allow the SDS to determine that the SPDU is valid, then it
+ can make that determination even if there are also unrecognized values
+ in the certificate. This field is therefore not not a "critical
+ information field" as defined in 5.2.6, because unrecognized values are
+ permitted so long as the validity of the SPDU can be established with the
+ recognized values. However, as discussed in 5.2.6, the presence of an
+ unrecognized value in a certificate can make it impossible to determine
+ whether the certificate is valid and so whether the SPDU is valid.
+ In this structure:
+
+Fields:
+* region of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8)
+ identifies a region within a country.
+
+
+* subregions of type [**SequenceOfUint16**](#SequenceOfUint16)
+ identifies one or more subregions within region. A
+ conformant implementation that supports RegionAndSubregions shall support
+ a subregions field containing at least eight entries.
+
+
+
+
+```asn1
+RegionAndSubregions ::= SEQUENCE {
+ region Uint8,
+ subregions SequenceOfUint16
+}
+```
+
+
+### SequenceOfRegionAndSubregions
+This type is used for clarity of definitions.
+```asn1
+SequenceOfRegionAndSubregions ::= SEQUENCE OF RegionAndSubregions
+```
+
+### ThreeDLocation
+This structure contains an estimate of 3D location. The details of
+ the structure are given in the definitions of the individual fields below.
+
+Fields:
+* latitude of type [**Latitude**](#Latitude)
+* longitude of type [**Longitude**](#Longitude)
+
+* elevation of type [**Elevation**](#Elevation)
+
+
+>>>
+NOTE: The units used in this data structure are consistent with the
+ location data structures used in SAE J2735 [B26], though the encoding is
+ incompatible.
+>>>
+```asn1
+ThreeDLocation ::= SEQUENCE {
+ latitude Latitude,
+ longitude Longitude,
+ elevation Elevation
+}
+```
+
+
+### Latitude
+This type contains an INTEGER encoding an estimate of the latitude
+ with precision 1/10th microdegree relative to the World Geodetic System
+ (WGS)-84 datum as defined in NIMA Technical Report TR8350.2.
+ The integer in the latitude field is no more than 900 000 000 and no less
+ than ?900 000 000, except that the value 900 000 001 is used to indicate
+ the latitude was not available to the sender.
+```asn1
+Latitude ::= NinetyDegreeInt
+```
+
+
+### Longitude
+This type contains an INTEGER encoding an estimate of the longitude
+ with precision 1/10th microdegree relative to the World Geodetic System
+ (WGS)-84 datum as defined in NIMA Technical Report TR8350.2.
+ The integer in the longitude field is no more than 1 800 000 000 and no
+ less than ?1 799 999 999, except that the value 1 800 000 001 is used to
+ indicate that the longitude was not available to the sender.
+```asn1
+Longitude ::= OneEightyDegreeInt
+```
+
+
+### Elevation
+This structure contains an estimate of the geodetic altitude above
+ or below the WGS84 ellipsoid. The 16-bit value is interpreted as an
+ integer number of decimeters representing the height above a minimum
+ height of -409.5 m, with the maximum height being 6143.9 m.
+```asn1
+Elevation ::= Uint16
+```
+
+
+### NinetyDegreeInt
+The integer in the latitude field is no more than 900,000,000 and
+ no less than -900,000,000, except that the value 900,000,001 is used to
+ indicate the latitude was not available to the sender.
+```asn1
+NinetyDegreeInt ::= INTEGER {
+ min (-900000000),
+ max (900000000),
+ unknown (900000001)
+} (-900000000..900000001)
+```
+
+
+### KnownLatitude
+The known latitudes are from -900,000,000 to +900,000,000 in 0.1
+ microdegree intervals.
+```asn1
+KnownLatitude ::= NinetyDegreeInt (min..max)
+```
+
+
+### UnknownLatitude
+The value 900,000,001 indicates that the latitude was not
+ available to the sender.
+```asn1
+UnknownLatitude ::= NinetyDegreeInt (unknown)
+```
+
+
+### OneEightyDegreeInt
+The integer in the longitude field is no more than 1,800,000,000
+ and no less than -1,799,999,999, except that the value 1,800,000,001 is
+ used to indicate that the longitude was not available to the sender.
+```asn1
+OneEightyDegreeInt ::= INTEGER {
+ min (-1799999999),
+ max (1800000000),
+ unknown (1800000001)
+} (-1799999999..1800000001)
+```
+
+
+### KnownLongitude
+The known longitudes are from -1,799,999,999 to +1,800,000,000 in
+ 0.1 microdegree intervals.
+```asn1
+KnownLongitude ::= OneEightyDegreeInt (min..max)
+```
+
+
+### UnknownLongitude
+The value 1,800,000,001 indicates that the longitude was not
+ available to the sender.
+```asn1
+UnknownLongitude ::= OneEightyDegreeInt (unknown)
+```
+
+### Signature
+This structure represents a signature for a supported public key
+ algorithm. It may be contained within SignedData or Certificate.
+
+Fields:
+* ecdsaNistP256Signature of type [**EcdsaP256Signature**](Ieee1609Dot2BaseTypes.md#EcdsaP256Signature)
+* ecdsaBrainpoolP256r1Signature of type [**EcdsaP256Signature**](Ieee1609Dot2BaseTypes.md#EcdsaP256Signature)
+
+* ecdsaBrainpoolP384r1Signature of type [**EcdsaP384Signature**](Ieee1609Dot2BaseTypes.md#EcdsaP384Signature)
+
+ ...,
+* ecdsaNistP384Signature of type [**EcdsaP384Signature**](Ieee1609Dot2BaseTypes.md#EcdsaP384Signature)
+
+* sm2Signature of type [**EcsigP256Signature**](#EcsigP256Signature)
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to instances of this data structure of form EcdsaP256Signature
+ and EcdsaP384Signature.
+>>>
+```asn1
+Signature ::= CHOICE {
+ ecdsaNistP256Signature EcdsaP256Signature,
+ ecdsaBrainpoolP256r1Signature EcdsaP256Signature,
+ ...,
+ ecdsaBrainpoolP384r1Signature EcdsaP384Signature,
+ ecdsaNistP384Signature EcdsaP384Signature,
+ sm2Signature EcsigP256Signature
+}
+```
+
+### EcdsaP256Signature
+This structure represents an ECDSA signature. The signature is
+ generated as specified in 5.3.1.
+
+
+ If the signature process followed the specification of FIPS 186-4
+ and output the integer r, r is represented as an EccP256CurvePoint
+ indicating the selection x-only.
+
+ If the signature process followed the specification of SEC 1 and
+ output the elliptic curve point R to allow for fast verification, R is
+ represented as an EccP256CurvePoint indicating the choice compressed-y-0,
+ compressed-y-1, or uncompressed at the sender's discretion.
+
+
+
+ NISTp256:
+ - p = FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF
+ - n = FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551
+
+ Brainpoolp256:
+ - p = A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377
+ - n = A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7
+
+Fields:
+* rSig of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+* sSig of type **OCTET STRING** (SIZE (32))
+
+
+>>>
+NOTE: When the signature is of form x-only, the x-value in rSig is
+ an integer mod n, the order of the group; when the signature is of form
+ compressed-y-\*, the x-value in rSig is an integer mod p, the underlying
+ prime defining the finite field. In principle this means that to convert a
+ signature from form compressed-y-\* to form x-only, the converter checks
+ the x-value to see if it lies between n and p and reduces it mod n if so.
+ In practice this check is unnecessary: Haase's Theorem states that
+ difference between n and p is always less than 2*square-root(p), and so the
+ chance that an integer lies between n and p, for a 256-bit curve, is
+ bounded above by approximately square-root(p)/p or 2(-128). For the
+ 256-bit curves in this standard, the exact values of n and p in hexadecimal
+ are:
+>>>
+```asn1
+EcdsaP256Signature ::= SEQUENCE {
+ rSig EccP256CurvePoint,
+ sSig OCTET STRING (SIZE (32))
+}
+```
+
+### EcdsaP384Signature
+This structure represents an ECDSA signature. The signature is
+ generated as specified in 5.3.1.
+
+
+ If the signature process followed the specification of FIPS 186-4
+ and output the integer r, r is represented as an EccP384CurvePoint
+ indicating the selection x-only.
+
+ If the signature process followed the specification of SEC 1 and
+ output the elliptic curve point R to allow for fast verification, R is
+ represented as an EccP384CurvePoint indicating the choice compressed-y-0,
+ compressed-y-1, or uncompressed at the sender's discretion.
+
+Fields:
+* rSig of type [**EccP384CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP384CurvePoint)
+* sSig of type **OCTET STRING** (SIZE (48))
+
+
+>>>
+NOTE: When the signature is of form x-only, the x-value in rSig is
+ an integer mod n, the order of the group; when the signature is of form
+ compressed-y-\*, the x-value in rSig is an integer mod p, the underlying
+ prime defining the finite field. In principle this means that to convert a
+ signature from form compressed-y-* to form x-only, the converter checks the
+ x-value to see if it lies between n and p and reduces it mod n if so. In
+ practice this check is unnecessary: Haase's Theorem states that difference
+ between n and p is always less than 2*square-root(p), and so the chance
+ that an integer lies between n and p, for a 384-bit curve, is bounded
+ above by approximately square-root(p)/p or 2(-192). For the 384-bit curve
+ in this standard, the exact values of n and p in hexadecimal are:
+ - p = 8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123
+ ACD3A729901D1A71874700133107EC53
+ - n = 8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7
+ CF3AB6AF6B7FC3103B883202E9046565
+>>>
+```asn1
+EcdsaP384Signature ::= SEQUENCE {
+ rSig EccP384CurvePoint,
+ sSig OCTET STRING (SIZE (48))
+}
+```
+
+### EcsigP256Signature
+This structure represents a elliptic curve signature where the
+ component r is constrained to be an integer. This structure supports SM2
+ signatures as specified in 5.3.1.3.
+
+Fields:
+* rSig of type **OCTET STRING** (SIZE (32))
+* sSig of type **OCTET STRING** (SIZE (32))
+
+```asn1
+EcsigP256Signature ::= SEQUENCE {
+ rSig OCTET STRING (SIZE (32)),
+ sSig OCTET STRING (SIZE (32))
+}
+```
+
+### EccP256CurvePoint
+This structure specifies a point on an elliptic curve in Weierstrass
+ form defined over a 256-bit prime number. The curves supported in this
+ standard are NIST p256 as defined in FIPS 186-4, Brainpool p256r1 as
+ defined in RFC 5639, and the SM2 curve as defined in GB/T 32918.5-2017.
+ The fields in this structure are OCTET STRINGS produced with the elliptic
+ curve point encoding and decoding methods defined in subclause 5.5.6 of
+ IEEE Std 1363-2000. The x-coordinate is encoded as an unsigned integer of
+ length 32 octets in network byte order for all values of the CHOICE; the
+ encoding of the y-coordinate y depends on whether the point is x-only,
+ compressed, or uncompressed. If the point is x-only, y is omitted. If the
+ point is compressed, the value of type depends on the least significant
+ bit of y: if the least significant bit of y is 0, type takes the value
+ compressed-y-0, and if the least significant bit of y is 1, type takes the
+ value compressed-y-1. If the point is uncompressed, y is encoded explicitly
+ as an unsigned integer of length 32 octets in network byte order.
+
+Fields:
+* x-only of type **OCTET STRING** (SIZE (32))
+* fill of type **NULL**
+
+* compressed-y-0 of type **OCTET STRING** (SIZE (32))
+
+* compressed-y-1 of type **OCTET STRING** (SIZE (32))
+
+* uncompressedP256 of type **SEQUENCE** {
+ x OCTET STRING (SIZE (32)),
+ y OCTET STRING (SIZE (32))
+ }
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it appears in a
+ HeaderInfo or in a ToBeSignedCertificate. See the definitions of HeaderInfo
+ and ToBeSignedCertificate for a specification of the canonicalization
+ operations.
+>>>
+```asn1
+EccP256CurvePoint::= CHOICE {
+ x-only OCTET STRING (SIZE (32)),
+ fill NULL,
+ compressed-y-0 OCTET STRING (SIZE (32)),
+ compressed-y-1 OCTET STRING (SIZE (32)),
+ uncompressedP256 SEQUENCE {
+ x OCTET STRING (SIZE (32)),
+ y OCTET STRING (SIZE (32))
+ }
+}
+```
+
+### EccP384CurvePoint
+This structure specifies a point on an elliptic curve in
+ Weierstrass form defined over a 384-bit prime number. The only supported
+ such curve in this standard is Brainpool p384r1 as defined in RFC 5639.
+ The fields in this structure are octet strings produced with the elliptic
+ curve point encoding and decoding methods defined in subclause 5.5.6 of
+ IEEE Std 1363-2000. The x-coordinate is encoded as an unsigned integer of
+ length 48 octets in network byte order for all values of the CHOICE; the
+ encoding of the y-coordinate y depends on whether the point is x-only,
+ compressed, or uncompressed. If the point is x-only, y is omitted. If the
+ point is compressed, the value of type depends on the least significant
+ bit of y: if the least significant bit of y is 0, type takes the value
+ compressed-y-0, and if the least significant bit of y is 1, type takes the
+ value compressed-y-1. If the point is uncompressed, y is encoded
+ explicitly as an unsigned integer of length 48 octets in network byte order.
+
+Fields:
+* x-only of type **OCTET STRING** (SIZE (48))
+* fill of type **NULL**
+
+* compressed-y-0 of type **OCTET STRING** (SIZE (48))
+
+* compressed-y-1 of type **OCTET STRING** (SIZE (48))
+
+* uncompressedP384 of type **SEQUENCE** {
+ x OCTET STRING (SIZE (48)),
+ y OCTET STRING (SIZE (48))
+ }
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it appears in a
+ HeaderInfo or in a ToBeSignedCertificate. See the definitions of HeaderInfo
+ and ToBeSignedCertificate for a specification of the canonicalization
+ operations.
+>>>
+```asn1
+EccP384CurvePoint::= CHOICE {
+ x-only OCTET STRING (SIZE (48)),
+ fill NULL,
+ compressed-y-0 OCTET STRING (SIZE (48)),
+ compressed-y-1 OCTET STRING (SIZE (48)),
+ uncompressedP384 SEQUENCE {
+ x OCTET STRING (SIZE (48)),
+ y OCTET STRING (SIZE (48))
+ }
+}
+```
+
+
+### SymmAlgorithm
+This enumerated value indicates supported symmetric algorithms. The
+ algorithm identifier identifies both the algorithm itself and a specific
+ mode of operation. The symmetric algorithms supported in this version of
+ this standard are AES-128 and SM4. The only mode of operation supported is
+ Counter Mode Encryption With Cipher Block Chaining Message Authentication
+ Code (CCM). Full details are given in 5.3.8.
+```asn1
+SymmAlgorithm ::= ENUMERATED {
+ aes128Ccm,
+ ...,
+ sm4Ccm
+}
+```
+
+
+### HashAlgorithm
+This structure identifies a hash algorithm. The value sha256,
+ indicates SHA-256. The value sha384 indicates SHA-384. The value sm3
+ indicates SM3. See 5.3.3 for more details.
+
+>>>
+NOTE: Critical information fields: This is a critical information field as
+ defined in 5.2.6. An implementation that does not recognize the enumerated
+ value of this type in a signed SPDU when verifying a signed SPDU shall
+ indicate that the signed SPDU is invalid in the sense of 4.2.2.3.2, that
+ is, it is invalid in the sense that its validity cannot be established.
+>>>
+```asn1
+HashAlgorithm ::= ENUMERATED {
+ sha256,
+ ...,
+ sha384,
+ sm3
+}
+```
+
+### EciesP256EncryptedKey
+This data structure is used to transfer a 16-byte symmetric key
+ encrypted using ECIES as specified in IEEE Std 1363a-2004. The symmetric
+ key is input to the key encryption process with no headers, encapsulation,
+ or length indication. Encryption and decryption are carried out as
+ specified in 5.3.5.1.
+
+Fields:
+* v of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+ is the sender's ephemeral public key, which is the output V from
+ encryption as specified in 5.3.5.1.
+
+
+* c of type **OCTET STRING** (SIZE (16))
+ is the encrypted symmetric key, which is the output C from
+ encryption as specified in 5.3.5.1. The algorithm for the symmetric key
+ is identified by the CHOICE indicated in the following SymmetricCiphertext.
+ For ECIES this shall be AES-128.
+
+
+
+* t of type **OCTET STRING** (SIZE (16))
+ is the authentication tag, which is the output tag from
+ encryption as specified in 5.3.5.1.
+
+
+
+
+```asn1
+EciesP256EncryptedKey ::= SEQUENCE {
+ v EccP256CurvePoint,
+ c OCTET STRING (SIZE (16)),
+ t OCTET STRING (SIZE (16))
+}
+```
+
+### EcencP256EncryptedKey
+This data structure is used to transfer a 16-byte symmetric key
+ encrypted using SM2 encryption as specified in 5.3.3. The symmetric key is
+ input to the key encryption process with no headers, encapsulation, or
+ length indication. Encryption and decryption are carried out as specified
+ in 5.3.5.2.
+
+Fields:
+* v of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+ is the sender's ephemeral public key, which is the output V from
+ encryption as specified in 5.3.5.2.
+
+
+* c of type **OCTET STRING** (SIZE (16))
+ is the encrypted symmetric key, which is the output C from
+ encryption as specified in 5.3.5.2. The algorithm for the symmetric key
+ is identified by the CHOICE indicated in the following SymmetricCiphertext.
+ For SM2 this algorithm shall be SM4.
+
+
+
+* t of type **OCTET STRING** (SIZE (32))
+ is the authentication tag, which is the output tag from
+ encryption as specified in 5.3.5.2.
+
+
+
+
+```asn1
+EcencP256EncryptedKey ::= SEQUENCE {
+ v EccP256CurvePoint,
+ c OCTET STRING (SIZE (16)),
+ t OCTET STRING (SIZE (32))
+}
+```
+
+### EncryptionKey
+This structure contains an encryption key, which may be a public or
+ a symmetric key.
+
+Fields:
+* public of type [**PublicEncryptionKey**](Ieee1609Dot2BaseTypes.md#PublicEncryptionKey)
+* symmetric of type [**SymmetricEncryptionKey**](Ieee1609Dot2BaseTypes.md#SymmetricEncryptionKey)
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it appears in a
+ HeaderInfo or in a ToBeSignedCertificate. The canonicalization applies to
+ the PublicEncryptionKey. See the definitions of HeaderInfo and
+ ToBeSignedCertificate for a specification of the canonicalization
+ operations.
+>>>
+```asn1
+EncryptionKey ::= CHOICE {
+ public PublicEncryptionKey,
+ symmetric SymmetricEncryptionKey
+}
+```
+
+### PublicEncryptionKey
+This structure specifies a public encryption key and the associated
+ symmetric algorithm which is used for bulk data encryption when encrypting
+ for that public key.
+
+Fields:
+* supportedSymmAlg of type [**SymmAlgorithm**](#SymmAlgorithm)
+* publicKey of type [**BasePublicEncryptionKey**](#BasePublicEncryptionKey)
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it appears in a
+ HeaderInfo or in a ToBeSignedCertificate. The canonicalization applies to
+ the BasePublicEncryptionKey. See the definitions of HeaderInfo and
+ ToBeSignedCertificate for a specification of the canonicalization
+ operations.
+>>>
+```asn1
+PublicEncryptionKey ::= SEQUENCE {
+ supportedSymmAlg SymmAlgorithm,
+ publicKey BasePublicEncryptionKey
+}
+```
+
+### BasePublicEncryptionKey
+This structure specifies the bytes of a public encryption key for
+ a particular algorithm. Supported public key encryption algorithms are
+ defined in 5.3.5.
+
+Fields:
+* eciesNistP256 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+* eciesBrainpoolP256r1 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+
+* ecencSm2 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+
+ ...,
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2 if it appears in a
+ HeaderInfo or in a ToBeSignedCertificate. See the definitions of HeaderInfo
+ and ToBeSignedCertificate for a specification of the canonicalization
+ operations.
+>>>
+```asn1
+BasePublicEncryptionKey ::= CHOICE {
+ eciesNistP256 EccP256CurvePoint,
+ eciesBrainpoolP256r1 EccP256CurvePoint,
+ ...,
+ ecencSm2 EccP256CurvePoint
+}
+```
+
+### PublicVerificationKey
+This structure represents a public key and states with what
+ algorithm the public key is to be used. Cryptographic mechanisms are
+ defined in 5.3.
+ An EccP256CurvePoint or EccP384CurvePoint within a PublicVerificationKey
+ structure is invalid if it indicates the choice x-only.
+
+Fields:
+* ecdsaNistP256 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+* ecdsaBrainpoolP256r1 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+
+* ecdsaBrainpoolP384r1 of type [**EccP384CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP384CurvePoint)
+
+ ... ,
+* ecdsaNistP384 of type [**EccP384CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP384CurvePoint)
+
+* ecsigSm2 of type [**EccP256CurvePoint**](Ieee1609Dot2BaseTypes.md#EccP256CurvePoint)
+
+
+>>>
+NOTE: Canonicalization: This data structure is subject to canonicalization
+ for the relevant operations specified in 6.1.2. The canonicalization
+ applies to the EccP256CurvePoint and the Ecc384CurvePoint. Both forms of
+ point are encoded in compressed form, i.e., such that the choice indicated
+ within the Ecc*CurvePoint is compressed-y-0 or compressed-y-1.
+>>>
+```asn1
+PublicVerificationKey ::= CHOICE {
+ ecdsaNistP256 EccP256CurvePoint,
+ ecdsaBrainpoolP256r1 EccP256CurvePoint,
+ ... ,
+ ecdsaBrainpoolP384r1 EccP384CurvePoint,
+ ecdsaNistP384 EccP384CurvePoint,
+ ecsigSm2 EccP256CurvePoint
+}
+```
+
+### SymmetricEncryptionKey
+This structure provides the key bytes for use with an identified
+ symmetric algorithm. The supported symmetric algorithms are AES-128 and
+ SM4 in CCM mode as specified in 5.3.8.
+
+Fields:
+* aes128Ccm of type **OCTET STRING** (SIZE(16))
+* sm4Ccm of type **OCTET STRING** (SIZE(16))
+
+ ...,
+```asn1
+SymmetricEncryptionKey ::= CHOICE {
+ aes128Ccm OCTET STRING(SIZE(16)),
+ ...,
+ sm4Ccm OCTET STRING(SIZE(16))
+}
+```
+
+### PsidSsp
+This structure represents the permissions that the certificate
+ holder has with respect to activities for a single application area,
+ identified by a Psid.
+
+
+
+
+
+
+ For consistency rules for other forms of the ssp field, see the
+ following subclauses.
+
+Fields:
+* psid of type [**Psid**](Ieee1609Dot2BaseTypes.md#Psid)
+* ssp of type [**ServiceSpecificPermissions**](Ieee1609Dot2BaseTypes.md#ServiceSpecificPermissions) OPTIONAL
+
+
+>>>
+NOTE: Consistency with issuing certificate: If a certificate has an
+ appPermissions entry A for which the ssp field is omitted, A is consistent
+ with the issuing certificate if the issuing certificate contains a
+ PsidSspRange P for which the following holds:
+ - The psid field in P is equal to the psid field in A and one of the
+ following is true:
+ - The sspRange field in P indicates all.
+ - The sspRange field in P indicates opaque and one of the entries in
+ opaque is an OCTET STRING of length 0.
+>>>
+```asn1
+PsidSsp ::= SEQUENCE {
+ psid Psid,
+ ssp ServiceSpecificPermissions OPTIONAL
+}
+```
+
+
+### SequenceOfPsidSsp
+This type is used for clarity of definitions.
+```asn1
+SequenceOfPsidSsp ::= SEQUENCE OF PsidSsp
+```
+
+
+### Psid
+This type represents the PSID defined in IEEE Std 1609.12.
+```asn1
+Psid ::= INTEGER (0..MAX)
+```
+
+
+### SequenceOfPsid
+This type is used for clarity of definitions.
+```asn1
+SequenceOfPsid ::= SEQUENCE OF Psid
+```
+
+### ServiceSpecificPermissions
+This structure represents the Service Specific Permissions (SSP)
+ relevant to a given entry in a PsidSsp. The meaning of the SSP is specific
+ to the associated Psid. SSPs may be PSID-specific octet strings or
+ bitmap-based. See Annex C for further discussion of how application
+ specifiers may choose which SSP form to use.
+
+
+
+ For consistency rules for other types of ServiceSpecificPermissions,
+ see the following subclauses.
+
+Fields:
+* opaque of type **OCTET STRING** (SIZE(0..MAX))
+* bitmapSsp of type [**BitmapSsp**](#BitmapSsp)
+
+ ...,
+
+>>>
+NOTE: Consistency with issuing certificate: If a certificate has an
+ appPermissions entry A for which the ssp field is opaque, A is consistent
+ with the issuing certificate if the issuing certificate contains one of
+ the following:
+ - (OPTION 1) A SubjectPermissions field indicating the choice all and
+ no PsidSspRange field containing the psid field in A;
+ - (OPTION 2) A PsidSspRange P for which the following holds:
+ - The psid field in P is equal to the psid field in A and one of the
+ following is true:
+ - The sspRange field in P indicates all.
+ - The sspRange field in P indicates opaque and one of the entries in
+ the opaque field in P is an OCTET STRING identical to the opaque field in
+ A.
+>>>
+```asn1
+ServiceSpecificPermissions ::= CHOICE {
+ opaque OCTET STRING (SIZE(0..MAX)),
+ ...,
+ bitmapSsp BitmapSsp
+}
+```
+
+
+### BitmapSsp
+This structure represents a bitmap representation of a SSP. The
+ mapping of the bits of the bitmap to constraints on the signed SPDU is
+ PSID-specific.
+
+>>>
+NOTE: A BitmapSsp B is consistent with a BitmapSspRange R if for every
+ bit set to 1 in the sspBitmask in R, the bit in the identical position in
+ B is set equal to the bit in that position in the sspValue in R. For each
+ bit set to 0 in the sspBitmask in R, the corresponding bit in the
+ identical position in B may be freely set to 0 or 1, i.e., if a bit is
+ set to 0 in the sspBitmask in R, the value of corresponding bit in the
+ identical position in B has no bearing on whether B and R are consistent.
+>>>
+```asn1
+BitmapSsp ::= OCTET STRING (SIZE(0..31))
+```
+
+### PsidSspRange
+This structure represents the certificate issuing or requesting
+ permissions of the certificate holder with respect to one particular set
+ of application permissions.
+
+Fields:
+* psid of type [**Psid**](Ieee1609Dot2BaseTypes.md#Psid)
+ identifies the application area.
+
+
+* sspRange of type [**SspRange**](#SspRange) OPTIONAL
+ identifies the SSPs associated with that PSID for which
+ the holder may issue or request certificates. If sspRange is omitted, the
+ holder may issue or request certificates for any SSP for that PSID.
+
+
+
+
+```asn1
+PsidSspRange ::= SEQUENCE {
+ psid Psid,
+ sspRange SspRange OPTIONAL
+}
+```
+
+
+### SequenceOfPsidSspRange
+This type is used for clarity of definitions.
+```asn1
+SequenceOfPsidSspRange ::= SEQUENCE OF PsidSspRange
+```
+
+### SspRange
+This structure identifies the SSPs associated with a PSID for
+ which the holder may issue or request certificates.
+
+
+
+ If a certificate has a PsidSspRange A for which the ssp field is all,
+ A is consistent with the issuing certificate if the issuing certificate
+ contains a PsidSspRange P for which the following holds:
+ - (OPTION 1) A SubjectPermissions field indicating the choice all and
+ no PsidSspRange field containing the psid field in A;
+ - (OPTION 2) A PsidSspRange P for which the psid field in P is equal to
+ the psid field in A and the sspRange field in P indicates all.
+
+ For consistency rules for other types of SspRange, see the following
+ subclauses.
+
+Fields:
+* opaque of type [**SequenceOfOctetString**](#SequenceOfOctetString)
+* all of type **NULL**
+
+* bitmapSspRange of type [**BitmapSspRange**](#BitmapSspRange)
+
+ ...,
+
+>>>
+NOTE: The choice "all" may also be indicated by omitting the
+ SspRange in the enclosing PsidSspRange structure. Omitting the SspRange is
+ preferred to explicitly indicating "all".
+>>>
+```asn1
+SspRange ::= CHOICE {
+ opaque SequenceOfOctetString,
+ all NULL,
+ ...,
+ bitmapSspRange BitmapSspRange
+}
+```
+
+### BitmapSspRange
+This structure represents a bitmap representation of a SSP. The
+ sspValue indicates permissions. The sspBitmask contains an octet string
+ used to permit or constrain sspValue fields in issued certificates. The
+ sspValue and sspBitmask fields shall be of the same length.
+
+
+
+ Reference ETSI TS 103 097 for more information on bitmask SSPs.
+
+Fields:
+* sspValue of type **OCTET STRING** (SIZE(1..32))
+* sspBitmask of type **OCTET STRING** (SIZE(1..32))
+
+
+>>>
+NOTE: Consistency with issuing certificate: If a certificate has an
+ PsidSspRange value P for which the sspRange field is bitmapSspRange,
+ P is consistent with the issuing certificate if the issuing certificate
+ contains one of the following:
+ - (OPTION 1) A SubjectPermissions field indicating the choice all and
+ no PsidSspRange field containing the psid field in P;
+ - (OPTION 2) A PsidSspRange R for which the following holds:
+ - The psid field in R is equal to the psid field in P and one of the
+ following is true:
+ - EITHER The sspRange field in R indicates all
+ - OR The sspRange field in R indicates bitmapSspRange and for every
+ bit set to 1 in the sspBitmask in R:
+ - The bit in the identical position in the sspBitmask in P is set
+ equal to 1, AND
+ - The bit in the identical position in the sspValue in P is set equal
+ to the bit in that position in the sspValue in R.
+>>>
+```asn1
+BitmapSspRange ::= SEQUENCE {
+ sspValue OCTET STRING (SIZE(1..32)),
+ sspBitmask OCTET STRING (SIZE(1..32))
+}
+```
+
+
+### SubjectAssurance
+This type is used for clarity of definitions.
+
+This field contains the certificate holder's assurance level, which
+ indicates the security of both the platform and storage of secret keys as
+ well as the confidence in this assessment.
+
+
+ This field is encoded as defined in Table 1, where "A" denotes bit
+ fields specifying an assurance level, "R" reserved bit fields, and "C" bit
+ fields specifying the confidence.
+
+ Table 1: Bitwise encoding of subject assurance
+
+ | Bit number | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
+ | -------------- | --- | --- | --- | --- | --- | --- | --- | --- |
+ | Interpretation | A | A | A | R | R | R | C | C |
+
+ In Table 1, bit number 0 denotes the least significant bit. Bit 7
+ to bit 5 denote the device's assurance levels, bit 4 to bit 2 are reserved
+ for future use, and bit 1 and bit 0 denote the confidence.
+
+ The specification of these assurance levels as well as the
+ encoding of the confidence levels is outside the scope of the present
+ standard. It can be assumed that a higher assurance value indicates that
+ the holder is more trusted than the holder of a certificate with lower
+ assurance value and the same confidence value.
+
+>>>
+NOTE: This field was originally specified in ETSI TS 103 097 and
+ future uses of this field are anticipated to be consistent with future
+ versions of that standard.
+>>>
+```asn1
+SubjectAssurance ::= OCTET STRING (SIZE(1))
+```
+
+
+### CrlSeries
+This integer identifies a series of CRLs issued under the authority
+ of a particular CRACA.
+```asn1
+CrlSeries ::= Uint16
+```
+
+
+### IValue
+This atomic type is used in the definition of other data structures.
+```asn1
+IValue ::= Uint16
+```
+
+
+### Hostname
+This is a UTF-8 string as defined in IETF RFC 3629. The contents
+ are determined by policy.
+```asn1
+Hostname ::= UTF8String (SIZE(0..255))
+```
+
+
+### LinkageValue
+This is the individual linkage value. See 5.1.3 and 7.3 for details
+ of use.
+```asn1
+LinkageValue ::= OCTET STRING (SIZE(9))
+```
+
+### GroupLinkageValue
+This is the group linkage value. See 5.1.3 and 7.3 for details of
+ use.
+
+Fields:
+* jValue of type **OCTET STRING** (SIZE(4))
+* value of type **OCTET STRING** (SIZE(9))
+
+```asn1
+GroupLinkageValue ::= SEQUENCE {
+ jValue OCTET STRING (SIZE(4)),
+ value OCTET STRING (SIZE(9))
+}
+```
+
+
+### LaId
+This structure contains a LA Identifier for use in the algorithms
+ specified in 5.1.3.4.
+```asn1
+LaId ::= OCTET STRING (SIZE(2))
+```
+
+
+### SequenceOfLinkageSeed
+This type is used for clarity of definitions.
+```asn1
+SequenceOfLinkageSeed ::= SEQUENCE OF LinkageSeed
+```
+
+
+### LinkageSeed
+This structure contains a linkage seed value for use in the
+ algorithms specified in 5.1.3.4.
+```asn1
+LinkageSeed ::= OCTET STRING (SIZE(16))
+```
+
+### CERT-EXT-TYPE
+This structure is the Information Object Class used to contain
+ information about a set of certificate extensions that are associated with
+ each other: an AppExtension, a CertIssueExtension, and a
+ CertRequestExtension.
+
+Fields:
+* id of type [**ExtId**](Ieee1609Dot2BaseTypes.md#ExtId)
+```asn1
+CERT-EXT-TYPE ::= CLASS {
+ &id ExtId,
+ &App,
+ &Issue,
+ &Req
+} WITH SYNTAX {ID &id APP &App ISSUE &Issue REQUEST &Req}
+```
+
+### Extension
+This parameterized type represents a (id, content) pair drawn from
+ the set ExtensionTypes, which is constrained to contain objects defined by
+ the class EXT-TYPE.
+
+Fields:
+* id of type [**EXT-TYPE**](Ieee1609Dot2BaseTypes.md#EXT-TYPE) .&extId({ExtensionTypes})
+* content of type [**EXT-TYPE**](Ieee1609Dot2BaseTypes.md#EXT-TYPE) .&ExtContent({ExtensionTypes}{@.id})
+
+```asn1
+Extension {EXT-TYPE : ExtensionTypes} ::= SEQUENCE {
+ id EXT-TYPE.&extId({ExtensionTypes}),
+ content EXT-TYPE.&ExtContent({ExtensionTypes}{@.id})
+}
+```
+
+### EXT-TYPE
+This class defines objects in a form suitable for import into the
+ definition of HeaderInfo.
+
+Fields:
+* extId of type [**ExtId**](Ieee1609Dot2BaseTypes.md#ExtId)
+```asn1
+EXT-TYPE ::= CLASS {
+ &extId ExtId,
+ &ExtContent
+} WITH SYNTAX {&ExtContent IDENTIFIED BY &extId}
+```
+
+
+### ExtId
+This type is used as an identifier for instances of ExtContent
+ within an EXT-TYPE.
+```asn1
+ExtId ::= INTEGER(0..255)
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Crl.md b/docs/Ieee1609Dot2Crl.md
new file mode 100644
index 0000000000000000000000000000000000000000..49fecde2860f08ceb1a1dc5a8d0115199c114f0f
--- /dev/null
+++ b/docs/Ieee1609Dot2Crl.md
@@ -0,0 +1,55 @@
+# ASN.1 module Ieee1609Dot2Crl
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) crl(3) major-version-3(3) minor-version-2(2)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-6(6)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-4(4)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2CrlBaseTypes](Ieee1609Dot2CrlBaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) crl(3) base-types(2) major-version-3(3) minor-version-2(2)} WITH SUCCESSORS*
+
+## Data Elements:
+
+### CrlPsid
+This is the PSID for the CRL application.
+```asn1
+CrlPsid ::= Psid(256)
+```
+
+
+### SecuredCrl
+This structure is the SPDU used to contain a signed CRL. A valid
+ signed CRL meets the validity criteria of 7.4.
+```asn1
+SecuredCrl ::= Ieee1609Dot2Data (WITH COMPONENTS {...,
+ content (WITH COMPONENTS {
+ signedData (WITH COMPONENTS {...,
+ tbsData (WITH COMPONENTS {
+ payload (WITH COMPONENTS {...,
+ data (WITH COMPONENTS {...,
+ content (WITH COMPONENTS {
+ unsecuredData (CONTAINING CrlContents)
+ })
+ })
+ }),
+ headerInfo (WITH COMPONENTS {...,
+ psid (CrlPsid),
+ generationTime ABSENT,
+ expiryTime ABSENT,
+ generationLocation ABSENT,
+ p2pcdLearningRequest ABSENT,
+ missingCrlIdentifier ABSENT,
+ encryptionKey ABSENT
+ })
+ })
+ })
+ })
+})
+```
+
+
+
diff --git a/docs/Ieee1609Dot2CrlBaseTypes.md b/docs/Ieee1609Dot2CrlBaseTypes.md
new file mode 100644
index 0000000000000000000000000000000000000000..017c37b65f51936bd866900d491ab7ce2a09894d
--- /dev/null
+++ b/docs/Ieee1609Dot2CrlBaseTypes.md
@@ -0,0 +1,635 @@
+# ASN.1 module Ieee1609Dot2CrlBaseTypes
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) crl(3) base-types(2) major-version-3(3) minor-version-2(2)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-4(4)} WITH SUCCESSORS*
+
+## Data Elements:
+### CrlContents
+The fields in this structure have the following meaning:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (1)
+ is the version number of the CRL. For this version of this
+ standard it is 1.
+
+
+* crlSeries of type [**CrlSeries**](Ieee1609Dot2BaseTypes.md#CrlSeries)
+ represents the CRL series to which this CRL belongs. This
+ is used to determine whether the revocation information in a CRL is relevant
+ to a particular certificate as specified in 5.1.3.2.
+
+
+
+* crlCraca of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the low-order eight octets of the hash of the
+ certificate of the Certificate Revocation Authorization CA (CRACA) that
+ ultimately authorized the issuance of this CRL. This is used to determine
+ whether the revocation information in a CRL is relevant to a particular
+ certificate as specified in 5.1.3.2. In a valid signed CRL as specified in
+ 7.4 the crlCraca is consistent with the associatedCraca field in the
+ Service Specific Permissions as defined in 7.4.3.3. The HashedId8 is
+ calculated with the whole-certificate hash algorithm, determined as
+ described in 6.4.3, applied to the COER-encoded certificate, canonicalized
+ as defined in the definition of Certificate.
+
+
+
+* issueDate of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ specifies the time when the CRL was issued.
+
+
+
+* nextCrl of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time when the next CRL with the same crlSeries
+ and cracaId is expected to be issued. The CRL is invalid unless nextCrl is
+ strictly after issueDate. This field is used to set the expected update time
+ for revocation information associated with the (crlCraca, crlSeries) pair as
+ specified in 5.1.3.6.
+
+
+
+* priorityInfo of type [**CrlPriorityInfo**](#CrlPriorityInfo)
+ contains information that assists devices with limited
+ storage space in determining which revocation information to retain and
+ which to discard.
+
+
+
+* typeSpecific of type [**TypeSpecificCrlContents**](#TypeSpecificCrlContents)
+ contains the CRL body.
+
+
+
+
+```asn1
+CrlContents ::= SEQUENCE {
+ version Uint8 (1),
+ crlSeries CrlSeries,
+ crlCraca HashedId8,
+ issueDate Time32,
+ nextCrl Time32,
+ priorityInfo CrlPriorityInfo,
+ typeSpecific TypeSpecificCrlContents
+}
+```
+
+### CrlPriorityInfo
+This data structure contains information that assists devices with
+ limited storage space in determining which revocation information to retain
+ and which to discard.
+
+Fields:
+* priority of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) OPTIONAL
+ indicates the priority of the revocation information
+ relative to other CRLs issued for certificates with the same cracaId and
+ crlSeries values. A higher value for this field indicates higher importance
+ of this revocation information.
+
+
+
+>>>
+NOTE: This mechanism is for future use; details are not specified in this
+ version of the standard.
+>>>
+```asn1
+CrlPriorityInfo ::= SEQUENCE {
+ priority Uint8 OPTIONAL,
+ ...
+}
+```
+
+### TypeSpecificCrlContents
+This structure contains type-specific CRL contents.
+
+Fields:
+* fullHashCrl of type [**ToBeSignedHashIdCrl**](#ToBeSignedHashIdCrl)
+ contains a full hash-based CRL, i.e., a listing of the
+ hashes of all certificates that:
+ - contain the indicated cracaId and crlSeries values, and
+ - are revoked by hash, and
+ - have been revoked, and
+ - have not expired.
+
+
+* deltaHashCrl of type [**ToBeSignedHashIdCrl**](#ToBeSignedHashIdCrl)
+ contains a delta hash-based CRL, i.e., a listing of
+ the hashes of all certificates that:
+ - contain the indicated cracaId and crlSeries values, and
+ - are revoked by hash, and
+ - have been revoked since the previous CRL that contained the indicated
+ cracaId and crlSeries values.
+
+
+
+* fullLinkedCrl of type [**ToBeSignedLinkageValueCrl**](#ToBeSignedLinkageValueCrl)
+ and fullLinkedCrlWithAlg: contain a full linkage
+ ID-based CRL, i.e., a listing of the individual and/or group linkage data
+ for all certificates that:
+ - contain the indicated cracaId and crlSeries values, and
+ - are revoked by linkage value, and
+ - have been revoked, and
+ - have not expired.
+ The difference between fullLinkedCrl and fullLinkedCrlWithAlg is in how
+ the cryptographic algorithms to be used in the seed evolution function and
+ linkage value generation function of 5.1.3.4 are communicated to the
+ receiver of the CRL. See below in this subclause for details.
+
+
+
+* deltaLinkedCrl of type [**ToBeSignedLinkageValueCrl**](#ToBeSignedLinkageValueCrl)
+ and deltaLinkedCrlWithAlg: contain a delta linkage
+ ID-based CRL, i.e., a listing of the individual and/or group linkage data
+ for all certificates that:
+ - contain the specified cracaId and crlSeries values, and
+ - are revoked by linkage data, and
+ - have been revoked since the previous CRL that contained the indicated
+ cracaId and crlSeries values.
+ The difference between deltaLinkedCrl and deltaLinkedCrlWithAlg is in how
+ the cryptographic algorithms to be used in the seed evolution function
+ and linkage value generation function of 5.1.3.4 are communicated to the
+ receiver of the CRL. See below in this subclause for details.
+
+
+
+* fullLinkedCrlWithAlg of type [**ToBeSignedLinkageValueCrlWithAlgIdentifier**](#ToBeSignedLinkageValueCrlWithAlgIdentifier)
+
+ ...,
+* deltaLinkedCrlWithAlg of type [**ToBeSignedLinkageValueCrlWithAlgIdentifier**](#ToBeSignedLinkageValueCrlWithAlgIdentifier)
+
+If the contents of this structure is a
+ ToBeSignedLinkageValueCrlWithAlgIdentifier, then the seed evolution function
+ and linkage value generation function are given explicitly as specified in
+ the specification of ToBeSignedLinkageValueCrlWithAlgIdentifier.
+
+ If the contents of this structure is a ToBeSignedLinkageValueCrl, then the
+ seed evolution function and linkage value generation function are obtained
+ based on the crlCraca field in the CrlContents:
+ - If crlCraca was obtained with SHA-256 or SHA-384, then
+ seedEvolutionFunctionIdentifier is seedEvoFn1-sha256 and
+ linkageValueGenerationFunctionIdentifier is lvGenFn1-aes128.
+ - If crlCraca was obtained with SM3, then seedEvolutionFunctionIdentifier
+ is seedEvoFn1-sm3 and linkageValueGenerationFunctionIdentifier is
+ lvGenFn1-sm4.
+
+>>>
+NOTE: Seed evolution function and linkage value generation function
+ identification. In order to derive linkage values per the mechanisms given
+ in 5.1.3.4, a receiver needs to know the seed evolution function and the
+ linkage value generation function.
+>>>
+```asn1
+TypeSpecificCrlContents ::= CHOICE {
+ fullHashCrl ToBeSignedHashIdCrl,
+ deltaHashCrl ToBeSignedHashIdCrl,
+ fullLinkedCrl ToBeSignedLinkageValueCrl,
+ deltaLinkedCrl ToBeSignedLinkageValueCrl,
+ ...,
+ fullLinkedCrlWithAlg ToBeSignedLinkageValueCrlWithAlgIdentifier,
+ deltaLinkedCrlWithAlg ToBeSignedLinkageValueCrlWithAlgIdentifier
+}
+```
+
+### ToBeSignedHashIdCrl
+This data structure represents information about a revoked
+ certificate.
+
+Fields:
+* crlSerial of type [**Uint32**](Ieee1609Dot2BaseTypes.md#Uint32)
+ is a counter that increments by 1 every time a new full
+ or delta CRL is issued for the indicated crlCraca and crlSeries values.
+
+
+* entries of type [**SequenceOfHashBasedRevocationInfo**](#SequenceOfHashBasedRevocationInfo)
+ contains the individual revocation information items.
+
+
+
+
+>>>
+NOTE: To indicate that a hash-based CRL contains no individual revocation
+ information items, the recommended approach is for the SEQUENCE OF in the
+ SequenceOfHashBasedRevocationInfo in this field to indicate zero entries.
+>>>
+```asn1
+ToBeSignedHashIdCrl ::= SEQUENCE {
+ crlSerial Uint32,
+ entries SequenceOfHashBasedRevocationInfo,
+ ...
+}
+```
+
+
+### SequenceOfHashBasedRevocationInfo
+This type is used for clarity of definitions.
+```asn1
+SequenceOfHashBasedRevocationInfo ::=
+ SEQUENCE OF HashBasedRevocationInfo
+```
+
+### HashBasedRevocationInfo
+In this structure:
+
+Fields:
+* id of type [**HashedId10**](Ieee1609Dot2BaseTypes.md#HashedId10)
+ is the HashedId10 identifying the revoked certificate. The
+ HashedId10 is calculated with the whole-certificate hash algorithm,
+ determined as described in 6.4.3, applied to the COER-encoded certificate,
+ canonicalized as defined in the definition of Certificate.
+
+
+* expiry of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ is the value computed from the validity period's start and
+ duration values in that certificate.
+
+
+
+
+```asn1
+HashBasedRevocationInfo ::= SEQUENCE {
+ id HashedId10,
+ expiry Time32,
+ ...
+}
+```
+
+### ToBeSignedLinkageValueCrl
+In this structure:
+
+Fields:
+* iRev of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ is the value iRev used in the algorithm given in 5.1.3.4. This
+ value applies to all linkage-based revocation information included within
+ either indvidual or groups.
+
+
+* indexWithinI of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8)
+ is a counter that is set to 0 for the first CRL issued
+ for the indicated combination of crlCraca, crlSeries, and iRev, and
+ increments by 1 every time a new full or delta CRL is issued for the
+ indicated crlCraca and crlSeries values without changing iRev.
+
+
+
+* individual of type [**SequenceOfJMaxGroup**](#SequenceOfJMaxGroup) OPTIONAL
+ contains individual linkage data.
+
+
+
+* groups of type [**SequenceOfGroupCrlEntry**](#SequenceOfGroupCrlEntry) OPTIONAL
+ contains group linkage data.
+
+
+
+* groupsSingleSeed of type [**SequenceOfGroupSingleSeedCrlEntry**](#SequenceOfGroupSingleSeedCrlEntry) OPTIONAL
+ contains group linkage data generated with a single
+ seed.
+
+
+
+
+ ...,
+
+>>>
+NOTE: To indicate that a linkage ID-based CRL contains no group linkage
+ data, the recommended approach is for the SEQUENCE OF in the
+ SequenceOfGroupCrlEntry in this field to indicate zero entries.
+>>>
+```asn1
+ToBeSignedLinkageValueCrl ::= SEQUENCE {
+ iRev IValue,
+ indexWithinI Uint8,
+ individual SequenceOfJMaxGroup OPTIONAL,
+ groups SequenceOfGroupCrlEntry OPTIONAL,
+ ...,
+ groupsSingleSeed SequenceOfGroupSingleSeedCrlEntry OPTIONAL
+} (WITH COMPONENTS {..., individual PRESENT} |
+ WITH COMPONENTS {..., groups PRESENT} |
+ WITH COMPONENTS {..., groupsSingleSeed PRESENT})
+```
+
+
+### SequenceOfJMaxGroup
+This type is used for clarity of definitions.
+```asn1
+SequenceOfJMaxGroup ::= SEQUENCE OF JMaxGroup
+```
+
+### JMaxGroup
+In this structure:
+
+Fields:
+* jmax of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8)
+* contents of type [**SequenceOfLAGroup**](#SequenceOfLAGroup)
+ contains individual linkage data.
+
+
+
+
+```asn1
+JMaxGroup ::= SEQUENCE {
+ jmax Uint8,
+ contents SequenceOfLAGroup,
+ ...
+}
+```
+
+
+### SequenceOfLAGroup
+This type is used for clarity of definitions.
+```asn1
+SequenceOfLAGroup ::= SEQUENCE OF LAGroup
+```
+
+### LAGroup
+In this structure:
+
+Fields:
+* la1Id of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+ is the value LinkageAuthorityIdentifier1 used in the
+ algorithm given in 5.1.3.4. This value applies to all linkage-based
+ revocation information included within contents.
+
+
+* la2Id of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+ is the value LinkageAuthorityIdentifier2 used in the
+ algorithm given in 5.1.3.4. This value applies to all linkage-based
+ revocation information included within contents.
+
+
+
+* contents of type [**SequenceOfIMaxGroup**](#SequenceOfIMaxGroup)
+ contains individual linkage data.
+
+
+
+
+```asn1
+LAGroup ::= SEQUENCE {
+ la1Id LaId,
+ la2Id LaId,
+ contents SequenceOfIMaxGroup,
+ ...
+}
+```
+
+
+### SequenceOfIMaxGroup
+This type is used for clarity of definitions.
+```asn1
+SequenceOfIMaxGroup ::= SEQUENCE OF IMaxGroup
+```
+
+### IMaxGroup
+In this structure:
+
+Fields:
+* iMax of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+ indicates that for the entries in contents, revocation
+ information need no longer be calculated once iCert > iMax as the holder
+ is known to have no more valid certs at that point. iMax is not directly
+ used in the calculation of the linkage values, it is used to determine
+ when revocation information can safely be deleted.
+
+
+* contents of type [**SequenceOfIndividualRevocation**](#SequenceOfIndividualRevocation)
+ contains individual linkage data for certificates that are
+ revoked using two seeds, per the algorithm given in per the mechanisms
+ given in 5.1.3.4 and with seedEvolutionFunctionIdentifier and
+ linkageValueGenerationFunctionIdentifier obtained as specified in 7.3.3.
+
+
+
+* singleSeed of type [**SequenceOfLinkageSeed**](Ieee1609Dot2BaseTypes.md#SequenceOfLinkageSeed) OPTIONAL
+ contains individual linkage data for certificates that
+ are revoked using a single seed, per the algorithm given in per the
+ mechanisms given in 5.1.3.4 and with seedEvolutionFunctionIdentifier and
+ linkageValueGenerationFunctionIdentifier obtained as specified in 7.3.3.
+
+
+
+
+ ...,
+```asn1
+IMaxGroup ::= SEQUENCE {
+ iMax Uint16,
+ contents SequenceOfIndividualRevocation,
+ ...,
+ singleSeed SequenceOfLinkageSeed OPTIONAL
+}
+```
+
+
+### SequenceOfIndividualRevocation
+This type is used for clarity of definitions.
+```asn1
+SequenceOfIndividualRevocation ::=
+ SEQUENCE (SIZE(0..MAX)) OF IndividualRevocation
+```
+
+### IndividualRevocation
+In this structure:
+
+Fields:
+* linkageSeed1 of type [**LinkageSeed**](Ieee1609Dot2BaseTypes.md#LinkageSeed)
+ is the value LinkageSeed1 used in the algorithm given
+ in 5.1.3.4.
+
+
+* linkageSeed2 of type [**LinkageSeed**](Ieee1609Dot2BaseTypes.md#LinkageSeed)
+ is the value LinkageSeed2 used in the algorithm given
+ in 5.1.3.4.
+
+
+
+
+```asn1
+IndividualRevocation ::= SEQUENCE {
+ linkageSeed1 LinkageSeed,
+ linkageSeed2 LinkageSeed,
+ ...
+}
+```
+
+
+### SequenceOfGroupCrlEntry
+This type is used for clarity of definitions.
+```asn1
+SequenceOfGroupCrlEntry ::= SEQUENCE OF GroupCrlEntry
+```
+
+### GroupCrlEntry
+In this structure:
+
+Fields:
+* iMax of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+ indicates that for these certificates, revocation information
+ need no longer be calculated once iCert > iMax as the holders are known
+ to have no more valid certs for that (crlCraca, crlSeries) at that point.
+
+
+* la1Id of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+ is the value LinkageAuthorityIdentifier1 used in the
+ algorithm given in 5.1.3.4. This value applies to all linkage-based
+ revocation information included within contents.
+
+
+
+* linkageSeed1 of type [**LinkageSeed**](Ieee1609Dot2BaseTypes.md#LinkageSeed)
+ is the value LinkageSeed1 used in the algorithm given
+ in 5.1.3.4.
+
+
+
+* la2Id of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+ is the value LinkageAuthorityIdentifier2 used in the
+ algorithm given in 5.1.3.4. This value applies to all linkage-based
+ revocation information included within contents.
+
+
+
+* linkageSeed2 of type [**LinkageSeed**](Ieee1609Dot2BaseTypes.md#LinkageSeed)
+ is the value LinkageSeed2 used in the algorithm given
+ in 5.1.3.4.
+
+
+
+
+```asn1
+GroupCrlEntry ::= SEQUENCE {
+ iMax Uint16,
+ la1Id LaId,
+ linkageSeed1 LinkageSeed,
+ la2Id LaId,
+ linkageSeed2 LinkageSeed,
+ ...
+}
+```
+
+### ToBeSignedLinkageValueCrlWithAlgIdentifier
+In this structure:
+
+Fields:
+* iRev of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ is the value iRev used in the algorithm given in 5.1.3.4. This
+ value applies to all linkage-based revocation information included within
+ either indvidual or groups.
+
+
+* indexWithinI of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8)
+ is a counter that is set to 0 for the first CRL issued
+ for the indicated combination of crlCraca, crlSeries, and iRev, and increments by 1 every time a new full or delta CRL is issued for the indicated crlCraca and crlSeries values without changing iRev.
+
+
+
+* seedEvolution of type [**SeedEvolutionFunctionIdentifier**](#SeedEvolutionFunctionIdentifier)
+ contains an identifier for the seed evolution
+ function, used as specified in 5.1.3.4.
+
+
+
+* lvGeneration of type [**LvGenerationFunctionIdentifier**](#LvGenerationFunctionIdentifier)
+ contains an identifier for the linkage value
+ generation function, used as specified in 5.1.3.4.
+
+
+
+* individual of type [**SequenceOfJMaxGroup**](#SequenceOfJMaxGroup) OPTIONAL
+ contains individual linkage data.
+
+
+
+* groups of type [**SequenceOfGroupCrlEntry**](#SequenceOfGroupCrlEntry) OPTIONAL
+ contains group linkage data for linkage value generation
+ with two seeds.
+
+
+
+* groupsSingleSeed of type [**SequenceOfGroupSingleSeedCrlEntry**](#SequenceOfGroupSingleSeedCrlEntry) OPTIONAL
+ contains group linkage data for linkage value
+ generation with one seed.
+
+
+
+
+```asn1
+ToBeSignedLinkageValueCrlWithAlgIdentifier ::= SEQUENCE {
+ iRev IValue,
+ indexWithinI Uint8,
+ seedEvolution SeedEvolutionFunctionIdentifier,
+ lvGeneration LvGenerationFunctionIdentifier,
+ individual SequenceOfJMaxGroup OPTIONAL,
+ groups SequenceOfGroupCrlEntry OPTIONAL,
+ groupsSingleSeed SequenceOfGroupSingleSeedCrlEntry OPTIONAL,
+ ...
+} (WITH COMPONENTS {..., individual PRESENT} |
+ WITH COMPONENTS {..., groups PRESENT} |
+ WITH COMPONENTS {..., groupsSingleSeed PRESENT})
+```
+
+
+### SequenceOfGroupSingleSeedCrlEntry
+This type is used for clarity of definitions.
+```asn1
+SequenceOfGroupSingleSeedCrlEntry ::=
+ SEQUENCE OF GroupSingleSeedCrlEntry
+```
+
+### GroupSingleSeedCrlEntry
+This structure contains the linkage seed for group revocation with
+ a single seed. The seed is used as specified in the algorithms in 5.1.3.4.
+
+Fields:
+* iMax of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+* laId of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+
+* linkageSeed of type [**LinkageSeed**](Ieee1609Dot2BaseTypes.md#LinkageSeed)
+
+```asn1
+GroupSingleSeedCrlEntry ::= SEQUENCE {
+ iMax Uint16,
+ laId LaId,
+ linkageSeed LinkageSeed
+}
+```
+
+
+### ExpansionAlgorithmIdentifier
+This structure contains an identifier for the algorithms specified
+ in 5.1.3.4.
+```asn1
+ExpansionAlgorithmIdentifier ::= ENUMERATED {
+ sha256ForI-aesForJ,
+ sm3ForI-sm4ForJ,
+ ...
+}
+```
+
+
+### SeedEvolutionFunctionIdentifier
+This is the identifier for the seed evolution function. See 5.1.3
+ for details of use.
+```asn1
+SeedEvolutionFunctionIdentifier ::= NULL
+```
+
+
+### LvGenerationFunctionIdentifier
+This is the identifier for the linkage value generation function.
+ See 5.1.3 for details of use.
+```asn1
+LvGenerationFunctionIdentifier ::= NULL
+```
+
+
+
+This is the identifier for the seed evolution function. See 5.1.3
+ for details of use.
+ This is the identifier for the linkage value generation function.
+ See 5.1.3 for details of use.
+
+
diff --git a/docs/Ieee1609Dot2Dot1AcaEeInterface.md b/docs/Ieee1609Dot2Dot1AcaEeInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..4135d5ce49bca49d1a632ccb2dc73a2ef7bce5c6
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1AcaEeInterface.md
@@ -0,0 +1,95 @@
+# ASN.1 module Ieee1609Dot2Dot1AcaEeInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2) minor-version-3(3)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+## Data Elements:
+### AcaEeInterfacePdu
+This is the parent structure for all structures exchanged between
+ the ACA and the EE. The ACA - EE interface is a logical interface rather
+ than a direct communications interface in that there is no direct message
+ flow between the ACA and the EE: Messages from the ACA are stored
+ by the RA and subsequently forwarded to the EE. The PDUs are identified as
+ ACA-EE PDUs even though the RA acts as a forwarder for them because those
+ PDUs are created by the ACA and encrypted for the EE, and not modified and
+ frequently not read by the RA. An overview of this structure is as follows:
+
+Fields:
+* acaEeCertResponse of type [**AcaEeCertResponse**](#AcaEeCertResponse)
+ contains the ACA's response to
+ RaAcaCertRequestSPDU, which is meant for the EE and sent via the RA.
+
+
+
+```asn1
+AcaEeInterfacePdu ::= CHOICE {
+ acaEeCertResponse AcaEeCertResponse,
+ ...
+}
+```
+
+### AcaEeCertResponse
+This structure contains a certificate and associated data as
+ generated by the ACA for the EE that will be the holder of that
+ certificate. An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of AcaEeCertResponse.
+
+
+
+* certificate of type [**Certificate**](Ieee1609Dot2.md#Certificate)
+ contains an authorization certificate generated by the
+ ACA. It is of the type indicated by the type field in the corresponding
+ request (if the requester requested an incorrect type, the response would
+ be an error not an instance of this structure).
+
+
+
+* privateKeyInfo of type **OCTET STRING** (SIZE (32)) OPTIONAL
+ shall be:
+ - Present and contain the private key randomization value, if the field
+ certificate.type is explicit and the butterfly key mechanism was used to
+ generate the certificate. This is used by the EE in deriving the butterfly
+ private key for explicit certificates as specified in 9.3.
+ - Present and contain the private key reconstruction value, if the field
+ certificate.type is implicit. This is used by the EE as specified in 5.3.2
+ of IEEE Std 1609.2a-2017 (also 9.3 if the butterfly key mechanism is used).
+ - Absent otherwise.
+
+
+
+
+
+>>>
+NOTE: In the case where the butterfly expansion function is used
+ to set certEncKey in RaAcaCertRequest, the value j is not communicated to
+ the ACA. However, the EE that receives the certificate response can only
+ decrypt the response if it knows j. The RA is therefore anticipated to
+ store j so that it can be associated with the appropriate certificate
+ response. The RA encodes j in the filename.
+>>>
+```asn1
+AcaEeCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ certificate Certificate,
+ privateKeyInfo OCTET STRING (SIZE (32)) OPTIONAL,
+ ...
+}
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1AcaLaInterface.md b/docs/Ieee1609Dot2Dot1AcaLaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..4534146b8740728f60a94a959e1c8a12f99d0af6
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1AcaLaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1AcaLaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-la(2) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### AcaLaInterfacePdu
+This structure is not used by EEs, so it is defined as NULL for
+ purposes of this document.
+```asn1
+AcaLaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1AcaMaInterface.md b/docs/Ieee1609Dot2Dot1AcaMaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..455185aae0a5cbc9bb65647edf04f60a08174de4
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1AcaMaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1AcaMaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ma(3) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### AcaMaInterfacePdu
+This structure is not used by EEs, so it is defined as NULL for
+ purposes of this document.
+```asn1
+AcaMaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1AcaRaInterface.md b/docs/Ieee1609Dot2Dot1AcaRaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..06e2c6cf53f5157d9a21b16c7339ef3b9452af87
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1AcaRaInterface.md
@@ -0,0 +1,324 @@
+# ASN.1 module Ieee1609Dot2Dot1AcaRaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Protocol](Ieee1609Dot2Dot1Protocol.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+### AcaRaInterfacePdu
+This is the parent structure for all structures exchanged between
+ the ACA and the RA. An overview of this structure is as follows:
+
+Fields:
+* raAcaCertRequest of type [**RaAcaCertRequest**](#RaAcaCertRequest)
+ contains the request for an authorization
+ certificate from the RA to the ACA on behalf of the EE.
+
+
+* acaRaCertResponse of type [**AcaRaCertResponse**](#AcaRaCertResponse)
+ contains the ACA's response to RaAcaCertRequest.
+
+
+
+
+```asn1
+AcaRaInterfacePdu ::= CHOICE {
+ raAcaCertRequest RaAcaCertRequest,
+ acaRaCertResponse AcaRaCertResponse,
+ ...
+}
+```
+
+### RaAcaCertRequest
+This structure contains parameters needed to request an individual
+ authorization certificate. An overview of this structure is as follows:
+
+
+
+ - The cracaId and crlSeries are set to the indicated values
+ in the request. The ACA replaces these values with the appropriate values
+ in the response.
+
+ - The ACA is not bound by the contents of the request and can
+ issue certificates that are different from those requested, if so directed
+ by policy.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of RaAcaCertRequest.
+
+
+
+* type of type [**CertificateType**](Ieee1609Dot2.md#CertificateType)
+ indicates whether the request is for an explicit or implicit
+ certificate (see 4.1.1, 4.1.3.3.1).
+
+
+
+* flags of type [**RaAcaCertRequestFlags**](#RaAcaCertRequestFlags)
+ contains the flags related to the use of the butterfly key
+ mechanism, and provides the following instructions to the ACA as to how
+ to generate the response:
+ - If the flag butterflyExplicit is set, the request is valid only if
+ the type field is set to explicit. In this case, the ACA uses the
+ butterfly key derivation for explicit certificates as specified in 9.3.
+ The field tbsCert.verifyKeyIndicator.verificationKey is used by the ACA as
+ the cocoon public key for signing. The field privateKeyInfo in the
+ corresponding AcaEeCertResponse is used by the EE as the random integer to
+ recover the butterfly private key for signing.
+ - If the flag cubk is set, the request is valid only if the certEncKey
+ field is absent. In this case, the ACA uses the compact unified variation
+ of the butterfly key mechanism as specified in 9.3. This means that the
+ ACA generates an AcaEeCertResponseCubkSpdu instead of an
+ AcaEeCertResponsePrivateSpdu, and the response is valid only if the ACA
+ certificate has the flag cubk set.
+
+
+
+* linkageInfo of type [**LinkageInfo**](#LinkageInfo) OPTIONAL
+ contains the encrypted prelinkage values needed to
+ generate the linkage value for the certificate. If linkageInfo is present,
+ the field tbsCert.id is of type LinkageData, where the iCert field is set
+ to the actual i-period value and the linkage-value field is set to a dummy
+ value to be replaced by the ACA with the actual linkage value. The
+ encrypted prelinkage values are encrypted for the ACA by the LAs.
+
+
+
+* certEncKey of type [**PublicEncryptionKey**](Ieee1609Dot2BaseTypes.md#PublicEncryptionKey) OPTIONAL
+ is used in combination with flags.cubk to indicate
+ the type of response that is expected from the ACA. It is as follows:
+ - Absent and flags.cubk is not set if the ACA's response doesn't need
+ to be encrypted. In this case, the ACA responds with
+ AcaEeCertResponsePlainSpdu.
+ - Absent and flags.cubk is set if the ACA's response is to be encrypted
+ with the verification key from the request and not signed. In this case,
+ the ACA responds with AcaEeCertResponseCubkSpdu.
+ - Present and flags.cubk is not set if the ACA's response is to be
+ encrypted with certEncKey and then signed by the ACA. In this case, the
+ ACA responds with AcaEeCertResponsePrivateSpdu.
+
+
+
+* tbsCert of type [**ToBeSignedCertificate**](Ieee1609Dot2.md#ToBeSignedCertificate) (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H)
+ contains parameters of the requested certificate. The
+ certificate type depends on the field type, as follows:
+ - If type is explicit, the request is valid only if
+ tbsCert.verifyKeyIndicator is a verificationKey.
+ - If type is implicit, the request is valid only if
+ tbsCert.verifyKeyIndicator is a reconstructionValue.
+
+
+
+
+* appPermissions of type [**PRESENT**](#PRESENT)
+
+* certIssuePermissions of type [**ABSENT**](#ABSENT)
+
+* certRequestPermissions of type [**ABSENT**](#ABSENT)
+
+
+>>>
+NOTE: - In the case where the butterfly key mechanism is used to set
+ certEncKey, the value of j is not communicated to the ACA. However, the EE
+ that receives the certificate response can only decrypt the response if it
+ knows j. The RA is therefore anticipated to store j so that it can be
+ associated with the appropriate certificate response.
+>>>
+```asn1
+RaAcaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ flags RaAcaCertRequestFlags,
+ linkageInfo LinkageInfo OPTIONAL,
+ certEncKey PublicEncryptionKey OPTIONAL,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions PRESENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions ABSENT
+ }),
+ ...
+}
+```
+
+### LinkageInfo
+This structure is used to convey information from the RA to the ACA
+ about operations to be carried out when generating the certificate. For
+ more details see the specification of RaAcaCertRequest. An overview of
+ this structure is as follows:
+
+This structure contains parameters needed to generate a linkage
+ value for a given (EE, i, j). An overview of this structure is as follows:
+
+Fields:
+* encPlv1 of type [**EncryptedIndividualPLV**](#EncryptedIndividualPLV)
+ contains the EncryptedIndividualPLV from one of the LAs.
+
+
+* encPlv2 of type [**EncryptedIndividualPLV**](#EncryptedIndividualPLV)
+ contains the EncryptedIndividualPLV from the other LA.
+
+
+
+
+
+>>>
+NOTE: See Annex D for further discussion of LAs.
+>>>
+```asn1
+LinkageInfo ::= SEQUENCE {
+ encPlv1 EncryptedIndividualPLV,
+ encPlv2 EncryptedIndividualPLV,
+ ...
+}
+```
+
+### EncryptedIndividualPLV
+This structure contains an individual prelinkage value encrypted by
+ the LA for the ACA using the shared secret key. An overview of this
+ structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* laId of type [**LaId**](Ieee1609Dot2BaseTypes.md#LaId)
+ contains the ID of the LA that created the prelinkage value.
+ See Annex D for further discussion of LA IDs.
+
+
+
+* encPlv of type [**Ieee1609Dot2Data-SymmEncryptedSingleRecipient**](Ieee1609Dot2Dot1Protocol.md#Ieee1609Dot2Data-SymmEncryptedSingleRecipient) {
+ PreLinkageValue
+ }
+ contains the encrypted individual prelinkage value, that is,
+ the ciphertext field decrypts to a PreLinkageValue. It contains a pointer
+ (hash of the shared symmetric key) to the used shared secret encryption key.
+
+
+
+
+
+>>>
+NOTE: How the ACA obtains the shared symmetric key and how the RA
+ associates the encPlv1 and encPlv2 with the correct certificate request are
+ outside the scope of this document.
+>>>
+```asn1
+EncryptedIndividualPLV ::= SEQUENCE {
+ version Uint8 (2),
+ laId LaId,
+ encPlv Ieee1609Dot2Data-SymmEncryptedSingleRecipient {
+ PreLinkageValue
+ }
+}
+```
+
+
+### PreLinkageValue
+This structure contains an individual prelinkage value. It is an
+ octet string of length 9 octets.
+```asn1
+PreLinkageValue ::= OCTET STRING (SIZE(9))
+```
+
+### AcaRaCertResponse
+This structure contains a certificate response by the ACA,
+ encapsulated for consumption by the EE, as well as associated data for
+ consumption by the RA. The response is of form AcaEeCertResponsePlainSpdu,
+ AcaEeCertResponsePrivateSpdu, or AcaEeCertResponseCubkSpdu, and is
+ generated in response to a successful RaAcaCertRequestSpdu. In this
+ structure:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of AcaRaCertResponse.
+
+
+
+* requestHash of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the corresponding
+ RaAcaCertRequestSPDU.
+
+
+
+* acaResponse of type [**AcaResponse**](#AcaResponse)
+ contains the certificate for the EE in a suitable form
+ as determined from the corresponding RaAcaCertRequestSPDU.
+
+
+
+
+```asn1
+AcaRaCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ acaResponse AcaResponse,
+ ...
+}
+```
+
+### AcaResponse
+This structure contains the certificate for the EE in a suitable
+ form as determined from the corresponding RaAcaCertRequestSPDU. In this
+ structure:
+
+Fields:
+* plain of type [**AcaEeCertResponsePlainSpdu**](Ieee1609Dot2Dot1Protocol.md#AcaEeCertResponsePlainSpdu)
+ contains the certificate for the EE in plain, that is, without
+ encryption or signature. This choice is used only when the field
+ certEncKey is absent and flags.cubk is not set in the corresponding
+ RaAcaCertRequest.
+
+
+* private of type [**AcaEeCertResponsePrivateSpdu**](Ieee1609Dot2Dot1Protocol.md#AcaEeCertResponsePrivateSpdu)
+ contains the certificate for the EE in an encrypted then
+ signed form to protect the EE's privacy from the RA. This choice is used
+ only when the field certEncKey is present and flags.cubk is not set in the
+ corresponding RaAcaCertRequest.
+
+
+
+* cubk of type [**AcaEeCertResponseCubkSpdu**](Ieee1609Dot2Dot1Protocol.md#AcaEeCertResponseCubkSpdu)
+ contains the certificate for the EE in an encrypted form. This
+ choice is used only when the field certEncKey is absent and flags.cubk is
+ set in the corresponding RaAcaCertRequest.
+
+
+
+
+```asn1
+AcaResponse ::= CHOICE {
+ plain AcaEeCertResponsePlainSpdu,
+ private AcaEeCertResponsePrivateSpdu,
+ cubk AcaEeCertResponseCubkSpdu,
+ ...
+}
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1Acpc.md b/docs/Ieee1609Dot2Dot1Acpc.md
new file mode 100644
index 0000000000000000000000000000000000000000..1f2b9a7aee384d0e3908d1d670453dc7bc000952
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1Acpc.md
@@ -0,0 +1,264 @@
+# ASN.1 module Ieee1609Dot2Dot1Acpc
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Protocol](Ieee1609Dot2Dot1Protocol.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+### AcpcPdu
+This structure contains an APrV structure produced by the CAM. An
+ overview of this structure is as follows:
+
+Fields:
+* tree of type [**AprvBinaryTree**](#AprvBinaryTree)
+ contains an AprvBinaryTree.
+
+
+* aprv of type [**IndividualAprv**](#IndividualAprv)
+ contains a single IndividualAprv.
+
+
+
+
+```asn1
+AcpcPdu ::= CHOICE {
+ tree AprvBinaryTree,
+ aprv IndividualAprv,
+ ...
+}
+```
+
+### AprvBinaryTree
+This structure encodes a binary tree. An overview of this structure
+ is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of AprvBinaryTree.
+
+
+
+* currentI of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ contains the i-value associated with the batch of
+ certificates.
+
+
+
+* acpcTreeId of type [**AcpcTreeId**](#AcpcTreeId)
+ contains an identifier for the CAM creating this binary
+ tree.
+
+
+
+* hashAlgorithmId of type [**HashAlgorithm**](Ieee1609Dot2BaseTypes.md#HashAlgorithm)
+ contains the identifier of the hash algorithm used
+ inside the binary tree.
+
+
+
+* tree of type **BIT STRING**
+ contains a bit string indicating which nodes of the tree are
+ present. It is calculated as specified in 9.5.4.2, and can be used by the
+ EE to determine which entry in nodeValueList to use to derive that EE's
+ APrV as specified in 9.5.2.
+
+
+
+* nodeValueList of type **SEQUENCE** (SIZE (1..MAX)) OF AcpcNodeValue
+ contains the values of the nodes that are present in
+ the order indicated by tree.
+
+
+
+
+```asn1
+AprvBinaryTree ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ acpcTreeId AcpcTreeId,
+ hashAlgorithmId HashAlgorithm,
+ tree BIT STRING,
+ nodeValueList SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue,
+ ...
+}
+```
+
+
+### AcpcPsid
+This is the PSID used to indicate activities in ACPC as specified in
+ this document.
+```asn1
+AcpcPsid ::= Psid(2113696)
+```
+
+
+### UnsecuredAprvBinaryTree
+This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
+ transmission if the policy is that the AprvBinaryTree need not be signed.
+ See 9.5.6 for discussion.
+```asn1
+UnsecuredAprvBinaryTree ::= Ieee1609Dot2Data-Unsecured {
+ AcpcPdu (WITH COMPONENTS {
+ tree
+ })
+}
+```
+
+
+### SignedAprvBinaryTree
+This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for
+ transmission if the policy is that the AprvBinaryTree be signed. See 9.5.6
+ for discussion.
+```asn1
+SignedAprvBinaryTree ::= Ieee1609Dot2Data-Signed {
+ AcpcPdu (WITH COMPONENTS {
+ tree
+ }),
+ AcpcPsid
+}
+```
+
+### IndividualAprv
+This structure contains an individual APrV. An overview of this
+ structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of IndividualAprv.
+
+
+
+* currentI of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ contains the i-value associated with the batch of
+ certificates.
+
+
+
+* acpcTreeId of type [**AcpcTreeId**](#AcpcTreeId)
+ contains an identifier for the CAM creating this binary
+ tree.
+
+
+
+* nodeId of type **BIT STRING**
+ contains the identifier of the node.
+
+
+
+* nodeValue of type [**AcpcNodeValue**](#AcpcNodeValue)
+ contains the value of the node.
+
+
+
+
+```asn1
+IndividualAprv ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ acpcTreeId AcpcTreeId,
+ nodeId BIT STRING,
+ nodeValue AcpcNodeValue,
+ ...
+}
+```
+
+
+### SignedIndividualAprv
+This is used to wrap an IndividualAprv in an Ieee1609Dot2Data for
+ transmission if the policy is that the IndividualAprv be signed. See 9.5.6
+ for discussion.
+```asn1
+SignedIndividualAprv ::= Ieee1609Dot2Data-Signed {
+ AcpcPdu (WITH COMPONENTS {
+ aprv
+ }),
+ AcpcPsid
+}
+```
+
+
+### AcpcTreeId
+This is an 8 byte string that identifies an ACPC tree series. It is
+ required to be globally unique within the system and is the same for all
+ ACPC tree instances within the ACPC tree series. Registration of AcpcTreeId
+ values is managed by the IEEE RA; see http://standards.ieee.org/regauth. A
+ list of assigned AcpcTreeId values is provided in L.2.
+```asn1
+AcpcTreeId ::= OCTET STRING (SIZE(8))
+```
+
+
+### AcpcNodeValue
+This is a 16 byte string that represents the value of a node in the
+ ACPC tree.
+```asn1
+AcpcNodeValue ::= OCTET STRING (SIZE(16))
+```
+
+### AprvHashCalculationInput
+This structure, C-OER encoded, is the input to the hash function to
+ calculate child node values from a parent node. By including the ID fields
+ it "firewalls" the hash function so that an attacker who inverts the hash
+ has only found the hash preimage for a specific node, in a specific tree,
+ for a specific time period. An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* acpcTreeId of type [**AcpcTreeId**](#AcpcTreeId)
+ contains an identifier for this ACPC tree series.
+
+
+
+* acpcPeriod of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ contains an identifier for the time period for this tree.
+ If the certificates for which this set of APrVs are intended have an IValue
+ field, acpcPeriod in this structure shall be the IValue field in the
+ certificates. How the RA and the CAM synchronize on this value is outside
+ the scope of this document.
+
+
+
+* childNodeId of type **BIT STRING**
+ contains a bit string of length l encoding the node
+ location within the l'th level.
+
+
+
+* parentNodeValue of type **OCTET STRING** (SIZE(16))
+ contains the value of the parent node.
+
+
+
+
+```asn1
+AprvHashCalculationInput ::= SEQUENCE {
+ version Uint8 (2),
+ acpcTreeId AcpcTreeId,
+ acpcPeriod IValue,
+ childNodeId BIT STRING,
+ parentNodeValue OCTET STRING (SIZE(16)),
+ ...
+}
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1CamRaInterface.md b/docs/Ieee1609Dot2Dot1CamRaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..c60c5f0b889459900b7cdfbb9a9b156e243835cf
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1CamRaInterface.md
@@ -0,0 +1,110 @@
+# ASN.1 module Ieee1609Dot2Dot1CamRaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) cam-ra(19) major-version-2(2) minor-version-2(2)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+## Data Elements:
+### CamRaInterfacePdu
+This is the parent structure for all structures exchanged between
+ the CAM and the RA during ACPC enrollment. An overview of this structure
+ is as follows:
+
+Fields:
+* raCamBatchRequest of type [**RaCamBatchRequest**](#RaCamBatchRequest)
+ contains the ACPC blinded key batch request sent
+ by the RA to the CAM.
+
+
+* camRaBatchResponse of type [**CamRaBatchResponse**](#CamRaBatchResponse)
+ contains the CAM's response to RaCamBatchRequest.
+
+
+
+
+```asn1
+CamRaInterfacePdu ::= CHOICE {
+ raCamBatchRequest RaCamBatchRequest,
+ camRaBatchResponse CamRaBatchResponse,
+ ...
+}
+```
+
+### RaCamBatchRequest
+This structure contains parameters needed to request a blinded batch
+ of keys for the EE during ACPC enrollment. An overview of this structure
+ is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* eeId of type **OCTET STRING** (SIZE(5))
+ contains the EE's ID generated by the RA for the production of
+ ACPC batch keys by the CAM.
+
+
+
+* periodList of type **SEQUENCE** OF IValue
+ contains the list of i-periods covered by the batch.
+
+
+
+
+```asn1
+RaCamBatchRequest ::= SEQUENCE {
+ version Uint8 (2),
+ eeId OCTET STRING (SIZE(5)),
+ periodList SEQUENCE OF IValue,
+ ...
+}
+```
+
+### CamRaBatchResponse
+This structure contains a blinded batch of keys for the EE during
+ ACPC enrollment. An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* requestHash of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the corresponding request
+ RaCamBatchRequest.
+
+
+
+* batch of type **SEQUENCE** OF BlindedKey
+ contains a sequence of blinded keys, each mapped to one
+ IValue from the periodList field of the request.
+
+
+
+
+```asn1
+CamRaBatchResponse ::= SEQUENCE {
+ version Uint8 (2),
+ requestHash HashedId8,
+ batch SEQUENCE OF BlindedKey,
+ ...
+}
+```
+
+
+### BlindedKey
+This is a blinded ACPC encryption key produced by the CAM.
+```asn1
+BlindedKey ::= EccP256CurvePoint
+```
+
+
+
+This is a blinded ACPC encryption key produced by the CAM.
+
+
diff --git a/docs/Ieee1609Dot2Dot1CertManagement.md b/docs/Ieee1609Dot2Dot1CertManagement.md
new file mode 100644
index 0000000000000000000000000000000000000000..979c13434eb94714b1679bce282222be960ef062
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1CertManagement.md
@@ -0,0 +1,570 @@
+# ASN.1 module Ieee1609Dot2Dot1CertManagement
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) cert-management(7) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2CrlBaseTypes](Ieee1609Dot2CrlBaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) crl(3) base-types(2) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Crl](Ieee1609Dot2Crl.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) crl(3) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Protocol](Ieee1609Dot2Dot1Protocol.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+### CertManagementPdu
+This is the parent structure for all SCMS component certificate
+ management structures. An overview of this structure is as follows:
+
+Fields:
+* compositeCrl of type [**CompositeCrl**](#CompositeCrl)
+ contains zero or more SecuredCrl as defined in IEEE
+ Std 1609.2, and the CTL.
+
+
+* certificateChain of type [**CertificateChain**](#CertificateChain)
+ contains a collection of certificates and the CTL.
+
+
+
+* multiSignedCtl of type [**MultiSignedCtl**](#MultiSignedCtl)
+ contains the CTL signed by multiple
+ signers, the electors.
+
+
+
+* tbsCtlSignature of type [**ToBeSignedCtlSignature**](#ToBeSignedCtlSignature)
+ contains the CTL-instance-specific information used
+ to generate a signature on the CTL.
+
+
+
+
+* infoStatus of type [**CertificateManagementInfoStatus**](#CertificateManagementInfoStatus)
+
+```asn1
+CertManagementPdu ::= CHOICE {
+ compositeCrl CompositeCrl,
+ certificateChain CertificateChain,
+ multiSignedCtl MultiSignedCtl,
+ tbsCtlSignature ToBeSignedCtlSignature,
+ infoStatus CertificateManagementInfoStatus,
+ ...
+}
+```
+
+### CompositeCrl
+This structure is used to encapsulate CRLs and a CTL. An overview
+ of this structure is as follows:
+
+Fields:
+* crl of type **SEQUENCE** SIZE(0..MAX) OF SecuredCrl
+ contains a list of signed CRLs for different (CRACA ID, CRL
+ series) pairs. The CRLs are signed individually, and this document does not
+ specify the order in which they should appear.
+
+
+* homeCtl of type [**MultiSignedCtlSpdu**](Ieee1609Dot2Dot1Protocol.md#MultiSignedCtlSpdu)
+ contains a CTL. If the composite CRL was requested via the
+ mechanisms given in 6.3.5.8, the CtlSeriesId in this CTL is the same as
+ the CtlSeriesId provided in the request. The intent is that this is the
+ "home" CTL of the requester, but this field can in practice be used to
+ provide any CTL with any CtlSeriesId value.
+
+
+
+
+```asn1
+CompositeCrl ::= SEQUENCE {
+ crl SEQUENCE SIZE(0..MAX) OF SecuredCrl,
+ homeCtl MultiSignedCtlSpdu,
+ ...
+}
+```
+
+### CertificateChain
+This structure is used to encapsulate certificates and a CTL. An
+ overview of this structure is as follows:
+
+Fields:
+* homeCtl of type [**MultiSignedCtlSpdu**](Ieee1609Dot2Dot1Protocol.md#MultiSignedCtlSpdu)
+ contains a CTL. If the certificate chain was requested via
+ the mechanisms given in 6.3.5.7, the CtlSeriesId in this CTL is the
+ same as the CtlSeriesId provided in the request. The intent is that
+ this is the "home" CTL of the requester, but this field can in practice be
+ used to provide any CTL.
+
+
+* others of type **SEQUENCE** SIZE(0..MAX) OF Certificate
+ contains additional valid certificates of the CAs and the
+ MAs chosen by means outside the scope of this document.
+
+
+
+
+```asn1
+CertificateChain ::= SEQUENCE {
+ homeCtl MultiSignedCtlSpdu,
+ others SEQUENCE SIZE(0..MAX) OF Certificate,
+ ...
+}
+```
+
+### MultiSignedCtl
+This structure a certificate trust list (CTL) signed by multiple
+ signers, the electors. An overview of this structure is as follows:
+
+Fields:
+* type of type [**IEEE-1609-2-1-MSCTL**](#IEEE-1609-2-1-MSCTL) .&type({
+ Ieee1609dot2dot1Ctls
+ })
+ contains the type of the multi-signed CTL. Only one type of
+ multi-signed CTL is supported in this version of this document.
+
+
+* tbsCtl of type [**IEEE-1609-2-1-MSCTL**](#IEEE-1609-2-1-MSCTL) .&TbsCtl({
+ Ieee1609dot2dot1Ctls
+ }{@.type})
+ contains the CTL contents.
+
+
+
+* unsigned of type [**IEEE-1609-2-1-MSCTL**](#IEEE-1609-2-1-MSCTL) .&UnsignedCtlMaterial({
+ Ieee1609dot2dot1Ctls
+ }{@.type})
+ contains data that are associated with the CTL and that
+ are not included directly in tbsCtl. For example, if the type is
+ fullIeeeCtlType, the FullIeeeTbsCtl contains the hashes of the
+ certificates, and the certificates themselves are contained in unsigned.
+
+
+
+* signatures of type **SEQUENCE** (SIZE(1..MAX)) OF CtlSignatureSpdu
+ contains the signatures. How the signatures are
+ calculated is specified in the definition of ToBeSignedCtlSignature. The
+ number of signatures shall be no more than the number of electors. Each
+ signature shall have been generated by a distinct elector.
+
+
+
+
+```asn1
+MultiSignedCtl ::= SEQUENCE {
+ type IEEE-1609-2-1-MSCTL.&type({
+ Ieee1609dot2dot1Ctls
+ }),
+ tbsCtl IEEE-1609-2-1-MSCTL.&TbsCtl({
+ Ieee1609dot2dot1Ctls
+ }{@.type}),
+ unsigned IEEE-1609-2-1-MSCTL.&UnsignedCtlMaterial({
+ Ieee1609dot2dot1Ctls
+ }{@.type}),
+ signatures SEQUENCE (SIZE(1..MAX)) OF CtlSignatureSpdu
+}
+```
+
+### IEEE-1609-2-1-MSCTL
+This is the ASN.1 Information Object Class used to associate
+ multisigned CTL type identifiers, CTL contents, and unsigned material. In
+ this structure:
+
+Fields:
+* type of type [**Ieee1609dot2dot1MsctlType**](#Ieee1609dot2dot1MsctlType)
+ contains the type, an Ieee1609dot2dot1MsctlType.
+
+
+ contains unsigned material associated with the
+ CTL, as specified in 7.3.11.
+
+
+
+
+ &TbsCtl,
+```asn1
+IEEE-1609-2-1-MSCTL ::= CLASS {
+ &type Ieee1609dot2dot1MsctlType,
+ &TbsCtl,
+ &UnsignedCtlMaterial
+} WITH SYNTAX {&TbsCtl IDENTIFIED BY &type USING &UnsignedCtlMaterial}
+```
+
+### Ieee1609dot2dot1Ctls
+This is the Information Object Set containing the instances of the
+ IEEE-1609-2-1-MSCTL class that are specified for use. Only one instance is
+ specified for use in this version of this document.
+
+Fields:
+* fullIeeeCtl of type [**USING**](#USING) SequenceOfCertificate}
+ {FullIeeeTbsCtl IDENTIFIED BY
+```asn1
+Ieee1609dot2dot1Ctls IEEE-1609-2-1-MSCTL ::= {
+ {FullIeeeTbsCtl IDENTIFIED BY
+ fullIeeeCtl USING SequenceOfCertificate},
+ ...
+}
+```
+
+
+### Ieee1609dot2dot1MsctlType
+This is the integer used to identify the type of the CTL.
+```asn1
+Ieee1609dot2dot1MsctlType ::= INTEGER (0..255)
+```
+
+```asn1
+fullIeeeCtl Ieee1609dot2dot1MsctlType ::= 1
+```
+
+### FullIeeeTbsCtl
+This structure specifies a CTL that contains information about the
+ complete set of certificates trusted by the electors that sign the CTL. An
+ overview of this structure is as follows:
+
+
+
+ - Any root CA or elector certificate that is not on the CTL is
+ not trusted. The electorRemove and rootCaRemove are intended to be used
+ only if the SCMS manager wants to explicitly indicate that a previously
+ trusted entity (elector or root CA) is now not trusted even though that
+ entity's certificate is still within its validity period. In practice, it
+ is anticipated that the remove fields (electorRemove and rootCaRemove)
+ will almost always be sequences of length 0.
+
+Fields:
+* type of type [**Ieee1609dot2dot1MsctlType**](#Ieee1609dot2dot1MsctlType) (fullIeeeCtl)
+ contains the type of the CTL. It is identical to the type
+ field that appears in the enclosing MultiSignedCtl. The field is included
+ here as well to provide the simplest mechanism to help ensure that the
+ type is included in the calculated CTL hash.
+
+
+* ctlSeriesId of type [**CtlSeriesId**](#CtlSeriesId)
+
+* sequenceNumber of type [**CtlSequenceNumber**](#CtlSequenceNumber)
+ contains the sequence number of the CTL. This is
+ incremented by 1 every time a new FullIeeeTbsCtl is issued.
+
+
+
+* effectiveDate of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time when the CTL is to take effect.
+ This is to be greater than or equal to the effectiveDate field in the CTL
+ with the same CtlSeriesId and the previous sequence number.
+
+
+
+* electorApprove of type **SEQUENCE** OF CtlElectorEntry
+ contains the list of hashes of the elector
+ certificates that are approved as of the effective date. The hash is
+ calculated with the same hash algorithm that is used to hash the elector
+ certificate for signing.
+
+
+
+* electorRemove of type **SEQUENCE** OF CtlElectorEntry
+ contains the list of hashes of the elector
+ certificates that are valid (that is, not expired) on the effective date and
+ are not approved, as of the effective date, to sign a CTL. The hash is
+ calculated with the same hash algorithm that is used to hash the elector
+ certificate for signing. This field is to be considered informational as a
+ certificate that is not included in electorApprove is not valid even if it
+ does not appear in electorRemove.
+
+
+
+* rootCaApprove of type **SEQUENCE** OF CtlRootCaEntry
+ contains the list of root CA certificates that are
+ approved as of the effective date. The hash is calculated with the same
+ hash algorithm that is used to hash the root certificate for signing. If
+ the root certificate is signed with a hash function with a 48 octet
+ output, this is truncated to the low-order 32 bytes for inclusion in the
+ CTL.
+
+
+
+* rootCaRemove of type **SEQUENCE** OF CtlRootCaEntry
+ contains the list of root CA certificates that are
+ valid (that is, not expired) on the effective date and are not approved, as
+ of the effective date, to issue certificates or carry out other
+ activities. If the root certificate is signed with a hash function
+ with a 48 octet output, this is truncated to the low-order 32 bytes for
+ inclusion in the CTL. This field is to be considered informational as a
+ certificate that is not included in rootCaApprove is not valid even if it
+ does not appear in rootCaRemove.
+
+
+
+* quorum of type **INTEGER**
+ contains the quorum, that is, the number of the electors
+ required to sign the next CTL with the same CtlSeriesId value for that
+ CTL to be trusted. If this field is absent, the quorum for the next CTL
+ shall be the quorum for the current CTL.
+
+
+
+
+ ...,
+
+>>>
+NOTE: - If in future CTL types are defined that contain the same
+ information as, or a subset of the information in, the fullIeeeCtl, those
+ types are anticipated to contain the same sequence number as the
+ corresponding fullIeeeCtl.
+>>>
+```asn1
+FullIeeeTbsCtl ::= SEQUENCE {
+ type Ieee1609dot2dot1MsctlType(fullIeeeCtl),
+ ctlSeriesId CtlSeriesId,
+ sequenceNumber CtlSequenceNumber,
+ effectiveDate Time32,
+ electorApprove SEQUENCE OF CtlElectorEntry,
+ electorRemove SEQUENCE OF CtlElectorEntry,
+ rootCaApprove SEQUENCE OF CtlRootCaEntry,
+ rootCaRemove SEQUENCE OF CtlRootCaEntry,
+ ...,
+ quorum INTEGER
+}
+```
+
+
+### CtlSeriesId
+This structure identifies a group of electors that sign a series of
+ CTLs for a specific purpose. Registration of CtlSeriesId values is
+ managed by the IEEE RA; see http://standards.ieee.org/regauth. A list of
+ assigned CtlSeriesId values is provided in K.1.
+```asn1
+CtlSeriesId ::= OCTET STRING (SIZE(8))
+```
+
+
+### CtlSequenceNumber
+This structure is used to encode the CTL sequence number. This
+ document does not specify semantics of this type once it reaches its
+ maximum value.
+```asn1
+CtlSequenceNumber ::= INTEGER(0..65535)
+```
+
+
+### CtlElectorEntry
+This structure contains the hash of an elector certificate.
+```asn1
+CtlElectorEntry ::= HashedId48
+```
+
+
+### CtlRootCaEntry
+This structure contains the hash of a root CA certificate.
+```asn1
+CtlRootCaEntry ::= HashedId32
+```
+
+### ToBeSignedCtlSignature
+This structure contains the CTL-instance-specific information used
+ to generate a signature on the CTL. An overview of this structure is as
+ follows:
+
+Fields:
+* ctlSeriesId of type [**CtlSeriesId**](#CtlSeriesId)
+ contains the CtlSeriesId that appears in the CTL.
+
+
+* ctlType of type [**Ieee1609dot2dot1MsctlType**](#Ieee1609dot2dot1MsctlType)
+ identifies the type of the CTL.
+
+
+
+* sequenceNumber of type [**CtlSequenceNumber**](#CtlSequenceNumber)
+ contains the sequence number of the CTL being signed.
+
+
+
+* tbsCtlHash of type [**HashedId48**](Ieee1609Dot2BaseTypes.md#HashedId48)
+ contains the hash of the C-OER encoded tbsCtl field
+ in the MultiSignedCtl. The hash is calculated using the same hash
+ algorithm that is used to generate the signature on this structure when it
+ is contained in a CtlSignatureSpdu. This algorithm can be determined from
+ the headers of the CtlSignatureSpdu.
+
+
+
+
+```asn1
+ToBeSignedCtlSignature ::= SEQUENCE {
+ ctlSeriesId CtlSeriesId,
+ ctlType Ieee1609dot2dot1MsctlType,
+ sequenceNumber CtlSequenceNumber,
+ tbsCtlHash HashedId48
+}
+```
+
+### CertificateManagementInfoStatus
+This structure contains the status of different certificate
+ management information, including CRLs, CTLs, and individual certificates
+ of CAs, MAs, and the RA.
+
+Fields:
+* crl of type [**SequenceOfCrlInfoStatus**](#SequenceOfCrlInfoStatus)
+ contains the status information for CRLs.
+
+
+* ctl of type [**SequenceOfCtlInfoStatus**](#SequenceOfCtlInfoStatus)
+ contains the status information for CTLs.
+
+
+
+* caCcf of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time of the last update of any of the CA
+ certificates in the CCF.
+
+
+
+* ma of type [**SequenceOfMaInfoStatus**](#SequenceOfMaInfoStatus)
+ contains the status information for MA certificates.
+
+
+
+* ra of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32) OPTIONAL
+ shall be present and contain the time of last update of the RA's
+ certificate, if this structure is sent by an RA.
+
+
+
+
+```asn1
+CertificateManagementInfoStatus ::= SEQUENCE {
+ crl SequenceOfCrlInfoStatus,
+ ctl SequenceOfCtlInfoStatus,
+ caCcf Time32,
+ ma SequenceOfMaInfoStatus,
+ ra Time32 OPTIONAL,
+ ...
+}
+```
+
+
+### SequenceOfCtlInfoStatus
+This type is used for clarity of definitions.
+```asn1
+SequenceOfCtlInfoStatus ::= SEQUENCE OF CtlInfoStatus
+```
+
+### CtlInfoStatus
+This structure contains the status information for a CTL.
+
+Fields:
+* ctlSeriesId of type [**CtlSeriesId**](#CtlSeriesId)
+ contains the elector group ID of the CTL.
+
+
+* sequenceNumber of type [**CtlSequenceNumber**](#CtlSequenceNumber)
+ contains the sequence number of the CTL.
+
+
+
+* lastUpdate of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time of the last update of the CTL.
+
+
+
+
+```asn1
+CtlInfoStatus ::= SEQUENCE {
+ ctlSeriesId CtlSeriesId,
+ sequenceNumber CtlSequenceNumber,
+ lastUpdate Time32,
+ ...
+}
+```
+
+
+### SequenceOfCrlInfoStatus
+This type is used for clarity of definitions.
+```asn1
+SequenceOfCrlInfoStatus ::= SEQUENCE OF CrlInfoStatus
+```
+
+### CrlInfoStatus
+This structure contains the status information for a CRL.
+
+Fields:
+* cracaId of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the CRACA ID of the CRL.
+
+
+* series of type [**CrlSeries**](Ieee1609Dot2CrlBaseTypes.md#CrlSeries)
+ contains the CRL series of the CRL.
+
+
+
+* issueDate of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time of the last update of the CRL.
+
+
+
+
+```asn1
+CrlInfoStatus ::= SEQUENCE {
+ cracaId HashedId8,
+ series CrlSeries,
+ issueDate Time32,
+ ...
+}
+```
+
+
+### SequenceOfMaInfoStatus
+This type is used for clarity of definitions.
+```asn1
+SequenceOfMaInfoStatus ::= SEQUENCE OF MaInfoStatus
+```
+
+### MaInfoStatus
+This structure contains the status information for an MA's
+ certificate.
+
+Fields:
+* psids of type [**SequenceOfPsid**](Ieee1609Dot2Dot1Protocol.md#SequenceOfPsid)
+ contains the PSIDs associated with the misbehavior that is to
+ be reported to that MA.
+
+
+* updated of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time of the last update of the MA's certificate.
+
+
+
+
+```asn1
+MaInfoStatus ::= SEQUENCE {
+ psids SequenceOfPsid,
+ updated Time32,
+ ...
+}
+```
+
+
+
+This type is used for clarity of definitions.
+ This structure contains the status information for a CRL.
+
+ @param cracaId: contains the CRACA ID of the CRL.
+
+ @param series: contains the CRL series of the CRL.
+
+ @param issueDate: contains the time of the last update of the CRL.
+ This type is used for clarity of definitions.
+ This structure contains the status information for an MA's
+ certificate.
+
+ @param psids: contains the PSIDs associated with the misbehavior that is to
+ be reported to that MA.
+
+ @param updated: contains the time of the last update of the MA's certificate.
+
+
diff --git a/docs/Ieee1609Dot2Dot1EcaEeInterface.md b/docs/Ieee1609Dot2Dot1EcaEeInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..276703ece81f9df26f199e43fee7275c1e6b4df3
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1EcaEeInterface.md
@@ -0,0 +1,204 @@
+# ASN.1 module Ieee1609Dot2Dot1EcaEeInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) eca-ee(9) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Protocol](Ieee1609Dot2Dot1Protocol.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+### EcaEeInterfacePdu
+This is the parent structure for all structures exchanged between
+ the ECA and the EE. An overview of this structure is as follows:
+
+Fields:
+* eeEcaCertRequest of type [**EeEcaCertRequest**](#EeEcaCertRequest)
+ contains the enrollment certificate request sent
+ by the EE to the ECA.
+
+
+* ecaEeCertResponse of type [**EcaEeCertResponse**](#EcaEeCertResponse)
+ contains the enrollment certificate response sent
+ by the ECA to the EE.
+
+
+
+
+```asn1
+EcaEeInterfacePdu::= CHOICE {
+ eeEcaCertRequest EeEcaCertRequest,
+ ecaEeCertResponse EcaEeCertResponse,
+ ...
+}
+```
+
+### EeEcaCertRequest
+This structure contains parameters needed to request an enrollment
+ certificate from the ECA. The ECA may, subject to policy, issue an
+ enrollment certificate with different contents than the contents requested.
+ An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of EeEcaCertRequest.
+
+
+
+* type of type [**CertificateType**](Ieee1609Dot2.md#CertificateType)
+ indicates whether the request is for an explicit or implicit
+ certificate (see 4.1.1, 4.1.4.3.1).
+
+
+
+* tbsCert of type [**ToBeSignedCertificate**](Ieee1609Dot2Dot1Protocol.md#ToBeSignedCertificate) (WITH COMPONENTS {
+ ...,
+ id (WITH COMPONENTS {
+ ...,
+ linkageData ABSENT
+ })
+ contains the parameters used by the ECA to generate the
+ enrollment certificate. tbsCert.verifyKeyIndicator.verificationKey
+ contains the public key information sent by the requester. The
+ verifyKeyIndicator field indicates the choice verificationKey even if type
+ is implicit, as this allows the requester to indicate which signature
+ algorithm and curve they are requesting. The value in this field is used
+ as the verification key in the certificate if the certificate issued in
+ response to this request is explicit, and as the input public key value
+ for implicit certificate generation if the certificate issued in response
+ to this request is implicit.
+
+
+
+* appPermissions of type [**ABSENT**](#ABSENT)
+
+* certIssuePermissions of type [**ABSENT**](#ABSENT)
+
+* certRequestPermissions of type [**PRESENT**](#PRESENT)
+
+* canonicalId of type [**IA5String**](#IA5String) OPTIONAL
+ shall be present and contain the canonical identifier
+ for the device per 4.1.4.2, if the enclosing EeEcaCertRequestSpdu was
+ signed by the canonical private key. The receiver is intended to use the
+ canonicalId to look up the canonical public key to verify the certificate
+ request.
+
+
+
+
+ }),
+
+>>>
+NOTE: - The tbsCert.cracaId and tbsCert.crlSeries are set to the
+ indicated values in the corresponding EeEcaCertRequest. In the issued
+ enrollment certificate, they may have different values, set by the ECA.
+ - The EE uses the type field to indicate whether it is
+ requesting an explicit or an implicit enrollment certificate. A policy is
+ anticipated that determines what type of certificate is appropriate for a
+ given set of circumstances (such as PSIDs, other end entity information,
+ and locality) and that if the EE has requested a kind of certificate that
+ is not allowed by policy, the ECA returns an error to the EE.
+>>>
+```asn1
+EeEcaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ id (WITH COMPONENTS {
+ ...,
+ linkageData ABSENT
+ }),
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions ABSENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions PRESENT,
+ verifyKeyIndicator (WITH COMPONENTS {
+ verificationKey
+ })
+ }),
+ canonicalId IA5String OPTIONAL,
+ ...
+}
+```
+
+### EcaEeCertResponse
+This structure is used by the ECA to respond to an EE's enrollment
+ certificate request. Additional bootstrapping information including the
+ RA's certificate are provided by the DCM. The specification of the DCM is
+ outside the scope of this document. An overview of this structure is as
+ follows:
+
+
+ The definition of validity for a certificate request, including
+ constraints on the fields in this structure, is specified in 10.1.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of EcaEeCertResponse.
+
+
+
+* requestHash of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the following hash:
+ - EeEcaCertRequestSPDU, if the corresponding request was
+ EeEcaCertRequestSPDU. This is calculated without "canonicalizing" the
+ signature, i.e., it is calculated over the signature as given in the
+ EeEcaCertRequestSpdu without re-encoding the signature's r component in
+ x-coordinate-only form. See IEEE Std 1609.2 for further details on
+ canonicalization.
+ - EeRaSuccessorEnrollmentCertRequestSpd, if the corresponding request
+ was EeRaSuccessorEnrollmentCertRequestSpd.
+
+
+
+* ecaCertChain of type [**SequenceOfCertificate**](Ieee1609Dot2.md#SequenceOfCertificate)
+ contains the ECA's currently valid certificate and the
+ certificate chain, up to and including the root CA.
+
+
+
+* certificate of type [**Certificate**](Ieee1609Dot2.md#Certificate)
+ contains the enrollment certificate generated by the
+ ECA, which shall be of the type indicated by the type field in the
+ corresponding request.
+
+
+
+* privateKeyInfo of type **OCTET STRING** (SIZE(32)) OPTIONAL
+ shall be present and contain the private key
+ reconstruction value, if certificate.type is implicit. This is used by the
+ EE as specified in 9.3.5.1.
+
+
+
+
+```asn1
+EcaEeCertResponse ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ ecaCertChain SequenceOfCertificate,
+ certificate Certificate,
+ privateKeyInfo OCTET STRING (SIZE(32)) OPTIONAL,
+ ...
+}
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1EeMaInterface.md b/docs/Ieee1609Dot2Dot1EeMaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..45a02d445f8f87f02ab4f4f60bee1e3f10fdf542
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1EeMaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1EeMaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### EeMaInterfacePdu
+This structure is currently being defined outside of this document,
+ so it is defined as NULL for purposes of this document.
+```asn1
+EeMaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1EeRaInterface.md b/docs/Ieee1609Dot2Dot1EeRaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..e5ed670731c19e0bc7d5794683092c00b06af878
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1EeRaInterface.md
@@ -0,0 +1,409 @@
+# ASN.1 module Ieee1609Dot2Dot1EeRaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Acpc](Ieee1609Dot2Dot1Acpc.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Protocol](Ieee1609Dot2Dot1Protocol.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+### EeRaInterfacePdu
+This is the parent structure for all structures exchanged between
+ the EE and the RA. An overview of this structure is as follows:
+
+Fields:
+* eeRaCertRequest of type [**EeRaCertRequest**](#EeRaCertRequest)
+ contains the certificate generation request sent by
+ the EE to the RA.
+
+
+* raEeCertAck of type [**RaEeCertAck**](#RaEeCertAck)
+ contains the RA's acknowledgement of the receipt of
+ EeRaCertRequestSpdu.
+
+
+
+* raEeCertInfo of type [**RaEeCertInfo**](#RaEeCertInfo)
+ contains the information about certificate download.
+
+
+
+* eeRaDownloadRequest of type [**EeRaDownloadRequest**](#EeRaDownloadRequest)
+ contains the download request sent by the EE to
+ the RA.
+
+
+
+* eeRaSuccessorEnrollmentCertRequest of type [**EeEcaCertRequestSpdu**](Ieee1609Dot2Dot1Protocol.md#EeEcaCertRequestSpdu)
+ contains a self-signed request
+ for an enrollment certificate, identical in format to the one submitted
+ for an initial enrollment certificate. (This becomes a request for a
+ successor enrollment certificate by virtue of being signed by the current
+ enrollment certificate.)
+
+
+
+
+
+>>>
+NOTE: This CHOICE does not include a PDU type for encrypted
+ misbehavior report upload; see 4.1.5.
+>>>
+```asn1
+EeRaInterfacePdu ::= CHOICE {
+ eeRaCertRequest EeRaCertRequest,
+ raEeCertAck RaEeCertAck,
+ raEeCertInfo RaEeCertInfo,
+ eeRaDownloadRequest EeRaDownloadRequest,
+ eeRaSuccessorEnrollmentCertRequest EeEcaCertRequestSpdu,
+ ...
+}
+```
+
+### EeRaCertRequest
+This structure contains parameters needed to request different types
+ of authorization certificates. An overview of this structure is as follows:
+
+
+ The definition of validity for a certificate request, including
+ constraints on the fields in this structure, is specified in 10.1.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of EeRaCertRequest.
+
+
+
+* type of type [**CertificateType**](Ieee1609Dot2.md#CertificateType)
+ indicates whether the request is for an explicit or implicit
+ certificate (see 4.1.1 and 4.1.4.3.1).
+
+
+
+* tbsCert of type [**ToBeSignedCertificate**](Ieee1609Dot2Dot1Protocol.md#ToBeSignedCertificate) (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H)
+ contains the parameters to be used by the ACA to generate
+ authorization certificate(s).
+ - id contains the identity information sent by the requester. If the
+ type is LinkageData, the contents of the field are chosen by the EE using
+ any appropriate means. RA replaces that in the certificates with the
+ linkage values generated with the help of the LAs and the ACA; see Annex D.
+ - validityPeriod contains the requested validity period of the first
+ batch of certificates.
+ - region, assuranceLevel, canRequestRollover, and encryptionKey, if
+ present, contain the information sent by the requester for the requested
+ certificates.
+ - verifyKeyIndicator.verificationKey contains the public key
+ information sent by the requester. The verifyKeyIndicator field indicates
+ the choice verificationKey even if type is implicit, as this allows the
+ requester to indicate which signature algorithm and curve they are
+ requesting.
+ - If the certificate issued in response to this request is explicit and
+ butterfly expansion is not used, the value in this field is the
+ verification key that appears in that certificate.
+ - If the certificate issued in response to this request is implicit and
+ butterfly expansion is not used, the value in this field is the input
+ public key value for implicit certificate generation.
+ - If butterfly expansion is used, that is, if one of (original, unified,
+ compactUnified) options is present in the field additionalParams, the
+ value in this field is combined with the values in the additionalParams
+ field as specified in 9.3.
+
+
+
+* appPermissions of type [**PRESENT**](#PRESENT)
+
+* certIssuePermissions of type [**ABSENT**](#ABSENT)
+
+* certRequestPermissions of type [**ABSENT**](#ABSENT)
+
+* additionalParams of type [**AdditionalParams**](#AdditionalParams) OPTIONAL
+ shall be present and contain relevant parameters if
+ the requested certificates are to be generated using the butterfly key
+ mechanism as specified in 9.3, or if the requested certificates are to be
+ encrypted without using the butterfly key mechanism. If present, the field
+ tbsCert.verifyKeyIndicator shall be used as the caterpillar public key for
+ signing in the butterfly key mechanism.
+
+
+
+
+ }),
+
+>>>
+NOTE: - In the case where the butterfly key mechanism is used to
+ derive the certificate encryption key, the value j is not communicated to
+ the ACA. However, the EE that receives the certificate response can only
+ decrypt the response if it knows j. The RA is therefore anticipated to
+ store j so that it can be associated with the appropriate certificate
+ response.
+ - If the type of id is LinkageData, the contents of the
+ field in the request are replaced by random data by the RA when it sends
+ the individual certificate requests to the ACA. The ACA then in turn
+ replaces that data with the linkage values generated with the help of the
+ LAs; see Annex D.
+ - This document does not specify a method to include an
+ encryptionKey in the requested certificates, if the butterfly key
+ mechanism is used. The EE using such a certificate to sign a message
+ cannot request that the response is encrypted to the certificate. Instead,
+ it can request an encrypted response using the
+ tbsData.headerInfo.encryptionKey field of the SignedData; see 6.3.9,
+ 6.3.33, 6.3.34, and 6.3.36 of IEEE Std 1609.2 for more details.
+>>>
+```asn1
+EeRaCertRequest ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ type CertificateType,
+ tbsCert ToBeSignedCertificate (WITH COMPONENTS {
+ ...,
+ cracaId ('000000'H),
+ crlSeries (0),
+ appPermissions PRESENT,
+ certIssuePermissions ABSENT,
+ certRequestPermissions ABSENT,
+ verifyKeyIndicator (WITH COMPONENTS {
+ verificationKey
+ })
+ }),
+ additionalParams AdditionalParams OPTIONAL,
+ ...
+}
+```
+
+### AdditionalParams
+This structure contains parameters for the butterfly key mechanism.
+ An overview of this structure is as follows:
+
+Fields:
+* original of type [**ButterflyParamsOriginal**](#ButterflyParamsOriginal)
+ contains the parameters for the original variant.
+
+
+* unified of type [**ButterflyExpansion**](#ButterflyExpansion)
+ contains the expansion function for signing to be used for
+ the unified variant. The caterpillar public key and expansion function for
+ encryption are the same as those for signing.
+
+
+
+* compactUnified of type [**ButterflyExpansion**](#ButterflyExpansion)
+ contains the expansion function for signing to be
+ used for the compact unified variant. The caterpillar public key and
+ expansion function for encryption are the same as those for signing.
+
+
+
+* encryptionKey of type [**PublicEncryptionKey**](Ieee1609Dot2BaseTypes.md#PublicEncryptionKey)
+ contains the public key for encrypting the
+ certificate if the butterfly key mechanism is not used.
+
+
+
+
+```asn1
+AdditionalParams ::= CHOICE {
+ original ButterflyParamsOriginal,
+ unified ButterflyExpansion,
+ compactUnified ButterflyExpansion,
+ encryptionKey PublicEncryptionKey,
+ ...
+}
+```
+
+### ButterflyParamsOriginal
+This structure contains parameters for the original variation of the
+ butterfly key mechanism. An overview of this structure is as follows:
+
+Fields:
+* signingExpansion of type [**ButterflyExpansion**](#ButterflyExpansion)
+ contains the expansion function for signing.
+
+
+* encryptionKey of type [**PublicEncryptionKey**](Ieee1609Dot2BaseTypes.md#PublicEncryptionKey)
+ contains the caterpillar public key for encryption.
+
+
+
+* encryptionExpansion of type [**ButterflyExpansion**](#ButterflyExpansion)
+ contains the expansion function for encryption.
+
+
+
+
+```asn1
+ButterflyParamsOriginal ::= SEQUENCE {
+ signingExpansion ButterflyExpansion,
+ encryptionKey PublicEncryptionKey,
+ encryptionExpansion ButterflyExpansion
+}
+```
+
+### ButterflyExpansion
+This structure contains material used in the butterfly key
+ calculations as specified in 9.3.5.1 and 9.3.5.2. An overview of this
+ structure is as follows:
+
+Fields:
+* aes128 of type **OCTET STRING** (SIZE(16))
+ indicates that the symmetric algorithm used in the expansion
+ function is AES-128 with the indicated 16 byte string used as the key.
+
+
+
+```asn1
+ButterflyExpansion ::= CHOICE {
+ aes128 OCTET STRING (SIZE(16)),
+ ...
+}
+```
+
+### RaEeCertAck
+This structure is used to create the acknowledgement for certificate
+ requests. An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of RaEeCertAck.
+
+
+
+* requestHash of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the corresponding
+ EeRaCertRequestSpdu.
+
+
+
+* firstI of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue) OPTIONAL
+ shall be present and contain the i-value that will be
+ associated with the first certificate or the certificate batch that will be
+ made available to the EE, if the corresponding EeRaCertRequest uses the
+ butterfly key mechanism as indicated in the field additionalParams. The EE
+ uses this to form the download filename for the download request as
+ specified in 8.2.2.
+
+
+
+* nextDlTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time after which the EE should connect to
+ the RA to download the certificates.
+
+
+
+
+```asn1
+RaEeCertAck ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ requestHash HashedId8,
+ firstI IValue OPTIONAL,
+ nextDlTime Time32,
+ ...
+}
+```
+
+### RaEeCertInfo
+This structure is used to create the info file that accompanies a
+ batch of certificates for download as specified in 8.2.3. It is used when
+ certificates were generated using the butterfly key expansion mechanism
+ specified in 9.3. An overview of this structure is as follows:
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of RaEeCertInfo.
+
+
+
+* currentI of type [**IValue**](Ieee1609Dot2BaseTypes.md#IValue)
+ contains the i-value associated with the batch of
+ certificates.
+
+
+
+* requestHash of type [**HashedId8**](Ieee1609Dot2BaseTypes.md#HashedId8)
+ contains the hash of the corresponding
+ EeRaCertRequestSpdu.
+
+
+
+* nextDlTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the time after which the EE should connect to
+ the RA to download the certificates.
+
+
+
+* acpcTreeId of type [**AcpcTreeId**](Ieee1609Dot2Dot1Acpc.md#AcpcTreeId) OPTIONAL
+ shall be present and contain the ACPC Tree Id, if the
+ certificates were generated using ACPC as specified in 9.5.
+
+
+
+
+```asn1
+RaEeCertInfo ::= SEQUENCE {
+ version Uint8 (2),
+ generationTime Time32,
+ currentI IValue,
+ requestHash HashedId8,
+ nextDlTime Time32,
+ acpcTreeId AcpcTreeId OPTIONAL,
+ ...
+}
+```
+
+### EeRaDownloadRequest
+This structure contains parameters needed to request the download of
+ certificates from the RA. An overview of this structure is as follows:
+
+Fields:
+* generationTime of type [**Time32**](Ieee1609Dot2BaseTypes.md#Time32)
+ contains the generation time of EeRaDownloadRequest.
+
+
+* filename of type [**UTF8String**](#UTF8String) (SIZE (0..255))
+ contains the name of the file requested for download,
+ formed as specified in 8.2.2.
+
+
+
+
+```asn1
+EeRaDownloadRequest ::= SEQUENCE {
+ generationTime Time32,
+ filename UTF8String (SIZE (0..255)),
+ ...
+}
+```
+
+
+
+This structure contains parameters needed to request the download of
+ certificates from the RA. An overview of this structure is as follows:
+
+ @param generationTime: contains the generation time of EeRaDownloadRequest.
+
+ @param filename: contains the name of the file requested for download,
+ formed as specified in 8.2.2.
+
+
diff --git a/docs/Ieee1609Dot2Dot1LaMaInterface.md b/docs/Ieee1609Dot2Dot1LaMaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..cdae5bc03deef23e9f1eb3c9a23b7e2bbee39f3c
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1LaMaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1LaMaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### LaMaInterfacePdu
+This structure is not used by EEs, so it is defined as NULL for
+ purposes of this document.
+```asn1
+LaMaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1LaRaInterface.md b/docs/Ieee1609Dot2Dot1LaRaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..b854989d750489d4bcfca4f5e3f3c80407a44305
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1LaRaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1LaRaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### LaRaInterfacePdu
+This structure is not used by EEs, so it is defined as NULL for
+ purposes of this document.
+```asn1
+LaRaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1MaRaInterface.md b/docs/Ieee1609Dot2Dot1MaRaInterface.md
new file mode 100644
index 0000000000000000000000000000000000000000..30812a99f5db5200099dabf7c6fa92b480ec04e9
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1MaRaInterface.md
@@ -0,0 +1,18 @@
+# ASN.1 module Ieee1609Dot2Dot1MaRaInterface
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Data Elements:
+
+### MaRaInterfacePdu
+This structure is not used by EEs, so it is defined as NULL for
+ purposes of this document.
+```asn1
+MaRaInterfacePdu ::= NULL
+```
+
+
+
diff --git a/docs/Ieee1609Dot2Dot1Protocol.md b/docs/Ieee1609Dot2Dot1Protocol.md
new file mode 100644
index 0000000000000000000000000000000000000000..188e5de73715cb87b3f16a1dec6429a9753c389e
--- /dev/null
+++ b/docs/Ieee1609Dot2Dot1Protocol.md
@@ -0,0 +1,1242 @@
+# ASN.1 module Ieee1609Dot2Dot1Protocol
+ OID: _{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) protocol(17) major-version-3(3) minor-version-1(1)}_
+ @note Section references in this file are to clauses in IEEE Std
+ 1609.2.1 unless indicated otherwise. Full forms of acronyms and
+ abbreviations used in this file are specified in 3.2.
+
+
+## Imports:
+ * **[Ieee1609Dot2](Ieee1609Dot2.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) schema(1) major-version-2(2) minor-version-5(5)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2BaseTypes](Ieee1609Dot2BaseTypes.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1AcaEeInterface](Ieee1609Dot2Dot1AcaEeInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ee(1) major-version-2(2) minor-version-3(3)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1AcaLaInterface](Ieee1609Dot2Dot1AcaLaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-la(2) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1AcaMaInterface](Ieee1609Dot2Dot1AcaMaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ma(3) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1AcaRaInterface](Ieee1609Dot2Dot1AcaRaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) aca-ra(4) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1Acpc](Ieee1609Dot2Dot1Acpc.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1CertManagement](Ieee1609Dot2Dot1CertManagement.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) cert-management(7) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1EcaEeInterface](Ieee1609Dot2Dot1EcaEeInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) eca-ee(9) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1EeMaInterface](Ieee1609Dot2Dot1EeMaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ee-ma(10) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1EeRaInterface](Ieee1609Dot2Dot1EeRaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ee-ra(11) major-version-3(3) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1LaMaInterface](Ieee1609Dot2Dot1LaMaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) la-ma(12) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1LaRaInterface](Ieee1609Dot2Dot1LaRaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) la-ra(13) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+ * **[Ieee1609Dot2Dot1MaRaInterface](Ieee1609Dot2Dot1MaRaInterface.md)** *{iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) ma-ra(14) major-version-2(2) minor-version-1(1)} WITH SUCCESSORS*
+
+## Data Elements:
+
+### SecurityMgmtPsid
+This PSID, 0x23, identifies security management activities as
+ defined in this document.
+```asn1
+SecurityMgmtPsid ::= Psid (35)
+```
+
+### ScmsPdu
+This is the parent structure that encompasses all parent structures
+ of interfaces defined in the SCMS. An overview of this structure is as
+ follows:
+ - aca-ee contains the interface structures defined for interaction
+ between the ACA and the EE.
+ - aca-la contains the interface structures defined for interaction
+ between the ACA and the LA.
+ - aca-ma contains the interface structures defined for interaction
+ between the ACA and the MA.
+ - aca-ra contains the interface structures defined for interaction
+ between the ACA and the RA.
+ - cert contains the interface structures defined for certificate
+ management.
+ - eca-ee contains the interface structures defined for interaction
+ between the ECA and the EE.
+ - ee-ma contains the interface structures defined for interaction
+ between the EE and the MA.
+ - ee-ra contains the interface structures defined for interaction
+ between the EE and the RA.
+ - la-ma contains the interface structures defined for interaction
+ between the LA and the MA.
+ - la-ra contains the interface structures defined for interaction
+ between the LA and the RA.
+ - ma-ra contains the interface structures defined for interactions
+ between the MA and the RA.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+ contains the current version of the structure.
+
+
+
+* content of type [**CHOICE**](#CHOICE) {
+ aca-ee AcaEeInterfacePdu,
+ aca-la AcaLaInterfacePdu,
+ aca-ma AcaMaInterfacePdu,
+ aca-ra AcaRaInterfacePdu,
+ cert CertManagementPdu,
+ eca-ee EcaEeInterfacePdu,
+ ee-ma EeMaInterfacePdu,
+ ee-ra EeRaInterfacePdu,
+ la-ma LaMaInterfacePdu,
+ la-ra LaRaInterfacePdu,
+ ma-ra MaRaInterfacePdu,
+ ...
+ }
+
+```asn1
+ScmsPdu ::= SEQUENCE {
+ version Uint8 (2),
+ content CHOICE {
+ aca-ee AcaEeInterfacePdu,
+ aca-la AcaLaInterfacePdu,
+ aca-ma AcaMaInterfacePdu,
+ aca-ra AcaRaInterfacePdu,
+ cert CertManagementPdu,
+ eca-ee EcaEeInterfacePdu,
+ ee-ma EeMaInterfacePdu,
+ ee-ra EeRaInterfacePdu,
+ la-ma LaMaInterfacePdu,
+ la-ra LaRaInterfacePdu,
+ ma-ra MaRaInterfacePdu,
+ ...
+ }
+}
+```
+
+
+### ScmsPdu-Scoped
+This structure defines a parameterized type for creating a scoped
+ data as a subtype of ScmsPdu.
+```asn1
+ScmsPdu-Scoped {Pdu} ::= ScmsPdu (WITH COMPONENTS {
+ ...,
+ content (CONSTRAINED BY {
+ Pdu
+ })
+})
+```
+
+
+### X509Certificate
+This structure defines a parameterized type for creating an
+ unsecured data as a subtype of Ieee1609Dot2Data.
+
+This structure defines a parameterized type for creating a signed
+ data as a subtype of Ieee1609Dot2Data.
+
+This structure defines a parameterized type for creating an
+ encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
+ structure is as follows:
+This structure defines a parameterized type for creating a signed
+ certificate request as a subtype of Ieee1609Dot2Data.
+
+This structure is a wrapper for an ITU-T X.509 certificate.
+
+>>>
+NOTE: ITU-T X.509 certificates are encoded with the ASN.1 DER
+ rather than the OER used in this document and so cannot be "directly"
+ imported into these structures.
+>>>
+```asn1
+X509Certificate ::= OCTET STRING
+```
+
+### X509SignerIdentifier
+This type is used for clarity of definitions.
+
+This structure identifies an ITU-T X.509 certificate used to sign a
+ signed data structure. The only data structure currently defined that can
+ be signed by an ITU-T X.509 certificate is SignedX509CertificateRequest.
+
+Fields:
+* certificate of type [**SequenceOfX509Certificate**](#SequenceOfX509Certificate)
+```asn1
+X509SignerIdentifier ::= CHOICE {
+ certificate SequenceOfX509Certificate,
+ ...
+}
+```
+
+
+### SignerSingleCert
+This structure defines a parameterized type for creating a
+ certificate request, signed with an ITU-T X.509 certificate, as a subtype of
+ Ieee1609Dot2Data. It makes use of the extension of Ieee1609Dot2Content
+ defined in 11.2.3.
+
+This structure defines a parameterized type for creating a signed
+ then encrypted data as a subtype of Ieee1609Dot2Data.
+
+This structure defines a parameterized type for creating an
+ encrypted then signed data as a subtype of Ieee1609Dot2Data.
+
+
+This structure defines a parameterized type for creating a signed
+ then encrypted certificate request as a subtype of Ieee1609Dot2Data.
+
+This structure defines a parameterized type for creating an
+ encrypted data as a subtype of Ieee1609Dot2Data. An overview of this
+ structure is as follows:
+This structure is used to indicate a SignerIdentifier with a
+ certificate chain of size 1.
+
+>>>
+NOTE: This parameterized type inadvertently adds some overhead.
+ The Ieee1609Dot2Data-EncryptedSigned {Tbes, Psid} structure, because it
+ puts Ieee1609Dot2Data-Encrypted inside Ieee1609Dot2Data-Signed {Tbs, Psid},
+ and because Ieee1609Dot2Data-Signed {Tbs, Psid} puts Tbs inside
+ unsecuredData, Tbes is "Signed (Unsecured (Encrypted))" instead of
+ "Signed (Encrypted))", which was the intent and also in the original CAMP
+ design. Other documents that use this document may be better off defining
+ this structure on their own, if they want avoid this overhead.
+>>>
+```asn1
+SignerSingleCert ::= SignerIdentifier (WITH COMPONENTS {
+ certificate (SequenceOfCertificate (SIZE (1)))
+})
+```
+
+
+### SignerSingleX509Cert
+This structure is used to indicate an X509SignerIdentifier with a
+ certificate chain of size 1.
+```asn1
+SignerSingleX509Cert ::= X509SignerIdentifier (WITH COMPONENTS {
+ certificate (SequenceOfX509Certificate (SIZE (1)))
+})
+```
+
+
+### SignerSelf
+This structure is used to indicate a SignerIdentifier of type self.
+```asn1
+SignerSelf ::= SignerIdentifier (WITH COMPONENTS {
+ self
+})
+```
+
+
+### ScopedCertificateRequest
+This structure defines the all certificate request structures as a
+ scoped version of the ScmsPdu.
+```asn1
+ScopedCertificateRequest ::= ScmsPdu (
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ raAcaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ eeEcaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaCertRequest
+ })
+ } |
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaSuccessorEnrollmentCertRequest
+ })
+ }
+)
+```
+
+### SignedCertificateRequest
+This structure defines the format of a signed certificate request.
+ An overview of this structure is as follows:
+
+
+ The signature is generated on the hash of this structure, obtained
+ per the rules specified for hashing data objects in 5.3.1 of IEEE Std
+ 1609.2a-2017, where the parameter Data Input shall be the C-OER
+ encoding of tbsRequest, and the parameter Signer Identifier Input
+ depending on whether the request is self-signed or signed using an
+ enrollment certificate:
+ - If the request is self-signed, the parameter Signer Identifier
+ Input shall be the empty string, i.e., a string of length 0.
+ - If the request is signed using an enrollment certificate, the
+ parameter Signer Identifier Input shall be the signer's enrollment
+ certificate.
+
+Fields:
+* hashAlgorithmId of type [**HashAlgorithm**](Ieee1609Dot2BaseTypes.md#HashAlgorithm)
+ contains the identifier of the hash algorithm used
+ to calculate the hash of tbsRequest.
+
+
+* tbsRequest of type [**ScopedCertificateRequest**](#ScopedCertificateRequest)
+ contains the certificate request information that is
+ signed by the recipient.
+
+
+
+* signer of type [**SignerIdentifier**](Ieee1609Dot2.md#SignerIdentifier)
+ denotes the signing entity's identifier.
+
+
+
+* signature of type [**Signature**](Ieee1609Dot2BaseTypes.md#Signature)
+ contains the request sender's signature.
+
+
+
+
+```asn1
+SignedCertificateRequest ::= SEQUENCE {
+ hashAlgorithmId HashAlgorithm,
+ tbsRequest ScopedCertificateRequest,
+ signer SignerIdentifier,
+ signature Signature
+}
+```
+
+### SignedX509CertificateRequest
+This structure contains a certificate request signed with an ITU-T
+ X.509 certificate. The only type of certificate request signed with an
+ ITU-T X.509 certificate supported in this document is an authorization
+ certificate request. An overview of this structure is as follows:
+
+
+ The signature is generated on the hash of this structure, obtained
+ per the rules specified for hashing data objects in 5.3.1 of IEEE Std
+ 1609.2a-2017, where the parameter Data Input shall be the C-OER
+ encoding of tbsRequest, and the parameter Signer Identifier Input
+ shall be the signer's certificate, that is, the ITU-T X.509 certificate
+ contained in the OCTET STRING indicated by the first X509Certificate in
+ signer. For example, if the signer is as below, the first 6 bytes are the
+ ASN.1 encoding overhead, where 80 01 01 is the overhead for signer, and
+ then 82 01 AC is the overhead introduced by the OCTET STRING encoding for
+ the first (in this case, the only) X509Certificate; and the first
+ X509Certificate is contained in the next 428 bytes (30 82 01 ... 00 00 00),
+ so the parameter Signer Identifier Input shall be '30 82 01 ... 00 00 00'.
+
+ An example X509SignerIdentifier with one X509Certificate:
+
+ 80 01 01 82 01 AC 30 82 01 A8 30 82 01 4D A0 03 02 01 02 02 04 90
+ C5 9D 21 30 0A 06 08 2A 86 48 CE 3D 04 03 02 30 24 31 0A 30 08 06 03 55 04
+ 06 13 01 00 31 0A 30 08 06 03 55 04 0A 13 01 00 31 0A 30 08 06 03 55 04 03
+ 13 01 00 30 1E 17 0D 30 30 30 31 30 31 30 30 30 30 30 30 5A 17 0D 30 30 30
+ 31 30 31 30 30 30 30 30 30 5A 30 24 31 0A 30 08 06 03 55 04 06 13 01 00 31
+ 0A 30 08 06 03 55 04 0A 13 01 00 31 0A 30 08 06 03 55 04 03 13 01 00 30 59
+ 30 13 06 07 2A 86 48 CE 3D 02 01 06 08 2A 86 48 CE 3D 03 01 07 03 42 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A3 6D 30 6B 30 0A 06 03 55 1D 0E
+ 04 03 04 01 00 30 0A 06 03 55 1D 23 04 03 04 01 00 30 0C 06 03 55 1D 13 01
+ 01 FF 04 02 30 00 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 03 C8 30 0A 06
+ 03 55 1D 25 04 03 04 01 00 30 0A 06 03 55 1D 1F 04 03 04 01 00 30 0F 06 08
+ 2B 06 01 05 05 07 01 01 04 03 04 01 00 30 0A 06 03 55 1D 20 04 03 04 01 00
+ 30 0A 06 08 2A 86 48 CE 3D 04 03 02 03 49 00 00 00 00 00 00 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00
+
+Fields:
+* hashAlgorithmId of type [**HashAlgorithm**](Ieee1609Dot2BaseTypes.md#HashAlgorithm)
+ contains the identifier of the hash algorithm used
+ inside the binary tree.
+
+
+* tbsRequest of type [**ScopedCertificateRequest**](#ScopedCertificateRequest)
+ contains the certificate request information that is
+ signed by the recipient.
+
+
+
+* signer of type [**X509SignerIdentifier**](#X509SignerIdentifier)
+ denotes the signing entity's identifier.
+
+
+
+* signature of type [**Signature**](Ieee1609Dot2BaseTypes.md#Signature)
+ contains the request sender's signature.
+
+
+
+
+```asn1
+SignedX509CertificateRequest ::= SEQUENCE {
+ hashAlgorithmId HashAlgorithm,
+ tbsRequest ScopedCertificateRequest,
+ signer X509SignerIdentifier,
+ signature Signature
+}
+```
+
+
+### AcaEeCertResponsePlainSpdu
+This structure contains a certificate response for consumption by
+ the EE. In the architecture of this document, although it is created by the
+ ACA, it is made available to the EE via the RA as described in 8.2.
+
+
+ The ACA creates this response when 1) the compact unified
+ butterfly key mechanism is not being used (that is, some other flavor of
+ butterfly key is being used, or butterfly keys are not being used) and 2)
+ it is not necessary to protect the EE's privacy from the RA, for example,
+ when the certificate being returned is not a pseudonym certificate.
+```asn1
+AcaEeCertResponsePlainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ }
+}
+```
+
+
+### AcaEeCertResponsePrivateSpdu
+This structure contains a certificate response for consumption by
+ the EE. In the architecture of this document, although it is created by the
+ ACA, it is made available to the EE via the RA as described in 8.2.
+
+
+ The ACA creates this response when 1) the compact unified
+ butterfly key mechanism is not being used (that is, some other flavor of
+ butterfly key is being used, or butterfly keys are not being used) and 2)
+ it is necessary to protect the EE's privacy from the RA, for example when
+ the certificate being returned is a pseudonym certificate.
+
+ The structure consists of a signed SPDU containing an encrypted
+ SPDU.
+
+ The encrypted SPDU is encrypted with the response
+ encryption key that was provided to the ACA for that purpose. This key is
+ determined as follows:
+ - If the original EeRaCertRequest from the end entity indicated a single
+ response encryption key, that is, if the additionalParams.encryptionKey
+ field was present in the request, then the response is encrypted with that
+ key.
+ - If the original EeRaCertRequest from the end entity indicated a
+ response encryption key generated with the "original" butterfly key
+ mechanism, that is, the additionalParams.original field was provided in the
+ request, then the response is encrypted with the cocoon encryption key
+ derived from additionalParams.original.encryptionKey and
+ additionalParams.original.encryptionExpansion as specified in 9.3.4.2
+ and the corresponding decryption private key is derived as specified in
+ 9.3.4.1.
+ - If the original EeRaCertRequest from the end entity indicated a
+ response encryption key generated with the "unified" butterfly key
+ mechanism, that is, the additionalParams.unified field was provided in the
+ request, then the response is encrypted with the cocoon encryption key
+ derived from tbsCert.verifyKeyIndicator and additionalParams.unified as
+ specified in 9.3.4.2 and the corresponding decryption private key is
+ derived as specified in 9.3.4.1.
+
+ See 9.3 for more material about butterfly keys.
+
+ The resulting Ieee1609Dot2Data of content type encryptedData is
+ signed by the same ACA certificate that was used to issue the certificate
+ field in the AcaEeCertResponse. If this structure is signed by a different
+ ACA certificate, it is invalid. The ACA certificate shall follow the ACA
+ certificate profile given in 7.7.3.2.
+
+
+ - How the ACA obtains the response encryption key: This
+ document provides the RaAcaCertRequest structure to allow the RA to
+ indicate whether the original or unified butterfly key mechanism is to be
+ used via the flags field. The encryption key for encrypting
+ AcaEeCertResponse is calculated by the indicated method even if the RA
+ does not use an RaAcaCertRequest as defined in this document to
+ communicate the certificate request to the ACA.
+
+ - Consistency between inner and outer signers, and the IEEE
+ Std 1609.2 model. This SPDU introduces a new type of validity condition
+ by requiring that the ACA that signs the outer signed SPDU is also the ACA
+ that issued the certificate inside the encrypted SPDU. This requires that
+ to verify the inner "SPDU", that is, the certificate, the verifier
+ needs to store the information from the outer SPDU. This is not a violation
+ of the IEEE 1609.2 model: Subclause 4.2.2.3 of IEEE Std 1609.2 considers all
+ operations carried out on received data to be atomic and does not put any
+ restrictions on the information that is stored between operations. However,
+ it should be noted that because the IEEE 1609.2 approach enables SPDUs to
+ be nested within one another as Ieee1609Dot2Data, in principle an
+ implementation could be built that iterated through the layers of a nested
+ SPDU within a single call from the invoking application instance. (And it
+ should also be noted that IEEE Std 1609.2 was consciously designed to
+ enable this approach: Although the primitives provided in IEEE Std 1609.2
+ only support the series-of-single-operations approach, an implementation
+ could layer this "one-invocation processing" on top of the IEEE 1609.2
+ interface as an optimization.) A "one-invocation processing" implementation
+ of that type would have to anticipate situations of coupling between inner
+ and outer SPDUs like the one created by this AcaEeCertResponsePrivateSpdu,
+ and allow the invoking certificate management service to check consistency
+ at the application layer, perhaps by (for example) returning the signing
+ certificates for all nested signed SPDUs. How this is to be implemented is
+ implementation specific; this note is intended as a notification of this
+ potential issue to implementers planning to implement one-invocation
+ processing.
+
+>>>
+NOTE: - Other potential responses to an authorization certificate
+ request: If the original request indicated the use of "compact unified"
+ butterfly key mechanism by including the additionalParams.compactUnified
+ field, the response shall be a AcaEeCertResponseCubkSpdu, not a
+ AcaEeCertResponsePrivateSpdu.
+>>>
+```asn1
+AcaEeCertResponsePrivateSpdu ::= Ieee1609Dot2Data-EncryptedSigned {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### AcaEeCertResponseCubkSpdu
+This structure contains a certificate response for consumption by
+ the EE. In the architecture of this document, although it is created by
+ the ACA, it is made available to the EE via the RA as described in 8.2.
+
+
+ The ACA creates a certificate response in this form when the
+ compact unified butterfly key mechanism is being used. If the
+ RaAcaCertRequest structure was used to communicate between the RA and the
+ ACA, the RA indicated use of compact unified butterfly keys by setting the
+ cubk (1) bit in the bkType field in the corresponding RaAcaCertRequest.
+
+ The AcaEeCertResponse is encrypted by the ACA using the cocoon
+ public key for encryption. See 9.3.4.2 for how the ACA derives the cocoon
+ public key for encryption, using the tbsCert.verifyKeyIndicator field in the
+ corresponding RaAcaCertRequest as the input cocoon public key for signing
+ Bt. See 9.3.4.1 for how the EE derives the corresponding cocoon private
+ key for encryption.
+```asn1
+AcaEeCertResponseCubkSpdu ::= Ieee1609Dot2Data-Encrypted {
+ ScmsPdu-Scoped {
+ AcaEeInterfacePdu (WITH COMPONENTS {
+ acaEeCertResponse
+ })
+ }
+}
+```
+
+
+### RaAcaCertRequestSpdu
+This structure is the SPDU used to send a signed RaAcaCertRequest.
+ For the signature to be valid the signing certificate shall conform to the
+ RA certificate profile given in 7.7.3.9, contain a PSID equal to
+ SecurityMgmtPsid and a corresponding SSP containing the C-OER encoding of a
+ SecurityMgmtSsp indicating RaSsp. The toBeSigned.certRequestPermissions
+ field of the RA certificate shall permit the requested permissions in the
+ raAcaCertRequest.tbsCert.appPermissions field.
+```asn1
+RaAcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ raAcaCertRequest
+ })
+ },
+ SignerSingleCert
+}
+```
+
+
+### AcaRaCertResponseSpdu
+This structure is the SPDU used to send a signed AcaRaCertResponse.
+ For the signature to be valid the signing certificate shall contain a PSID
+ equal to SecurityMgmtPsid and a corresponding SSP containing the C-OER
+ encoding of a SecurityMgmtSsp indicating AcaSsp.
+```asn1
+AcaRaCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ AcaRaInterfacePdu (WITH COMPONENTS {
+ acaRaCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### CompositeCrlSpdu
+This structure is the SPDU used to send an unsecured CompositeCrl.
+ It is used to create composite CRL files as specified in 8.5.
+```asn1
+CompositeCrlSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ compositeCrl
+ })
+ }
+}
+```
+
+
+### CertificateChainSpdu
+This structure is the SPDU used to send an unsecured
+ CertificateChain. It is used to create certificate chain files as
+ specified in 8.4.
+```asn1
+CertificateChainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ certificateChain
+ })
+ }
+}
+```
+
+
+### MultiSignedCtlSpdu
+This structure is the SPDU used to send an unsecured MultiSignedCtl.
+```asn1
+MultiSignedCtlSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ multiSignedCtl
+ })
+ }
+}
+```
+
+
+### CtlSignatureSpdu
+This structure is the SPDU used to send a signed
+ ToBeSignedCtlSignature. For the signature to be valid, the signing
+ certificate shall match the elector certificate profile in 7.7.3.7. This
+ means that the signature is calculated as specified in IEEE Std 1609.2,
+ with the data input to the hash process consisting of the C-OER encoding
+ of the tbsData that includes the ToBeSignedCtlSignature.
+```asn1
+CtlSignatureSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ CertManagementPdu (WITH COMPONENTS {
+ tbsCtlSignature
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### EeEcaCertRequestSpdu
+This structure is the SPDU used to send a signed
+ CertManagementInfoStatus. For the signature to be valid the signing
+ certificate shall conform to the RA certificate profile given in 7.7.3.9 or
+ the DC certificate profile given in 7.7.3.10.
+
+This structure is the SPDU used to send a signed EeEcaCertRequest,
+ as follows:
+ - If eeEcaCertRequest.canonicalId is not present, the EE signs this
+ structure using the private key corresponding to the
+ tbsCert.verifyKeyIndicator field of the EeEcaCertRequest.
+ - If eeEcaCertRequest.canonicalId is present, the EE signs this
+ structure using the canonical private key as specified in 4.1.4.2.
+```asn1
+EeEcaCertRequestSpdu ::= Ieee1609Dot2Data-SignedCertRequest {
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ eeEcaCertRequest
+ })
+ },
+ SignerSelf
+}
+```
+
+
+### EcaEeCertResponseSpdu
+This structure is the SPDU used to send a signed EcaEeCertResponse.
+ For the signature to be valid, the signing certificate shall contain a PSID
+ equal to SecurityMgmtPsid and a corresponding SSP containing the C-OER
+ encoding of a SecurityMgmtSsp indicating EcaSsp.
+```asn1
+EcaEeCertResponseSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EcaEeInterfacePdu (WITH COMPONENTS {
+ ecaEeCertResponse
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### EeRaCertRequestSpdu
+This structure is the SPDU used to send a signed then encrypted
+ EeRaCertRequest. It is a choice of the IEEE 1609.2 authenticated
+ certificate request, which may be any kind of EE-RA certificate request,
+ and the ITU-T X.509 certificate request, which is required to be an
+ authorization certificate request.
+```asn1
+EeRaCertRequestSpdu ::= Ieee1609Dot2Data (
+ EeRa1609Dot2AuthenticatedCertRequestSpdu |
+ EeRaX509AuthenticatedCertRequestSpdu
+)
+```
+
+
+### EeRaX509AuthenticatedCertRequestSpdu
+This structure is the SPDU used to send a signed then encrypted IEEE
+ 1609.2 authenticated certificate request. The EE signs this structure
+ using its enrollment certificate. The enrollment certificate shall conform
+ to the enrollment certificate profile given in 7.7.3.5. The EE encrypts
+ the signed structure using the encryptionKey from the RA's certificate.
+
+This structure is the SPDU used to send a signed then encrypted ITU-T
+ X.509authenticated certificate request. The EE signs this structure
+ using its enrollment certificate. The enrollment certificate shall conform
+ to the enrollment certificate profile given in 7.7.3.6. The EE encrypts
+ the signed structure using the encryptionKey from the RA's certificate.
+```asn1
+EeRaX509AuthenticatedCertRequestSpdu ::= Ieee1609Dot2Data-Encrypted {
+ Ieee1609Dot2Data-SignedX509AuthenticatedCertRequest {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaCertRequest
+ })
+ },
+ SignerSingleX509Cert
+ }
+}
+```
+
+
+### RaEeCertAckSpdu
+This structure is the SPDU used to send a signed RaEeCertAck to
+ acknowledge the receipt of an EeRaCertRequestSpdu. For the signature to be
+ valid the signing certificate shall conform to the RA certificate profile
+ given in 7.7.3.9.
+```asn1
+RaEeCertAckSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertAck
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### RaEeCertInfoSpdu
+This structure is the SPDU used to create an unsigned .info file
+ to be included in a certificate batch zip file as specified in 8.2. This
+ SPDU is used if the RaEeCertInfo does not contain an acpcTreeId field.
+```asn1
+RaEeCertInfoSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId ABSENT
+ })
+ })
+ }
+}
+```
+
+
+### RaEeCertAndAcpcInfoSpdu
+This structure is the SPDU used to create a signed .info file to
+ be included in a certificate batch zip file as specified in 8.2. This
+ SPDU is used if the RaEeCertInfo contains an acpcTreeId field. For the
+ signature to be valid the signing certificate shall conform to the RA
+ certificate profile given in 7.7.3.9.
+```asn1
+RaEeCertAndAcpcInfoSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId PRESENT
+ })
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### EeRaDownloadRequestPlainSpdu
+This structure is the SPDU used to send an unsecured
+ EeRaDownloadRequest.
+```asn1
+EeRaDownloadRequestPlainSpdu ::= Ieee1609Dot2Data-Unsecured {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaDownloadRequest
+ })
+ }
+}
+```
+
+
+### EeRaDownloadRequestSpdu
+This structure is the SPDU used to send a signed then encrypted
+ EeRaDownloadRequest. The EE signs this structure using its enrollment
+ certificate. The enrollment certificate shall conform to the enrollment
+ certificate profile given in 7.7.3.5. The EE encrypts the signed
+ structure using the encryptionKey from the RA's certificate.
+```asn1
+EeRaDownloadRequestSpdu ::= Ieee1609Dot2Data-SignedEncrypted {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ eeRaDownloadRequest
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+
+### RaEeEnrollmentCertAckSpdu
+This structure is the SPDU used to send a signed then encrypted
+ EeEcaCertRequestSpdu. The EE signs this structure using its enrollment
+ certificate. The enrollment certificate shall conform to the enrollment
+ certificate profile given in 7.7.3.5. The EE encrypts the signed
+ structure using the encryptionKey from the RA's certificate.
+
+This structure is the SPDU used to send a signed RaEeCertInfo. For
+ the signature to be valid the signing certificate shall conform to the RA
+ certificate profile given in 7.7.3.9.
+```asn1
+RaEeEnrollmentCertAckSpdu ::= Ieee1609Dot2Data-Signed {
+ ScmsPdu-Scoped {
+ EeRaInterfacePdu (WITH COMPONENTS {
+ raEeCertInfo (WITH COMPONENTS {
+ acpcTreeId ABSENT
+ })
+ })
+ },
+ SecurityMgmtPsid
+}
+```
+
+### SecurityMgmtSsp
+This parent structure defines the SSP for SecurityMgmtPsid and
+ encompasses all SSP structures defined in this document. An overview of
+ this structure is as follows:
+
+Fields:
+* elector of type [**ElectorSsp**](#ElectorSsp)
+ contains the SSP defined for an elector.
+
+
+* root of type [**RootCaSsp**](#RootCaSsp)
+ contains the SSP defined for a root CA.
+
+
+
+* pg of type [**PgSsp**](#PgSsp)
+ contains the SSP defined for a policy generator.
+
+
+
+* ica of type [**IcaSsp**](#IcaSsp)
+ contains the SSP defined for an intermediate CA.
+
+
+
+* eca of type [**EcaSsp**](#EcaSsp)
+ contains the SSP defined for an enrollment CA.
+
+
+
+* aca of type [**AcaSsp**](#AcaSsp)
+ contains the SSP defined for an authorization CA.
+
+
+
+* crl of type [**CrlSignerSsp**](#CrlSignerSsp)
+ contains the SSP defined for a CRL signer.
+
+
+
+* dcm of type [**DcmSsp**](#DcmSsp)
+ contains the SSP defined for a device configuration manager.
+
+
+
+* la of type [**LaSsp**](#LaSsp)
+ contains the SSP defined for a linkage authority.
+
+
+
+* lop of type [**LopSsp**](#LopSsp)
+ contains the SSP defined for a location obscurer proxy.
+
+
+
+* ma of type [**MaSsp**](#MaSsp)
+ contains the SSP defined for a misbehavior authority.
+
+
+
+* ra of type [**RaSsp**](#RaSsp)
+ contains the SSP defined for a registration authority.
+
+
+
+* ee of type [**EeSsp**](#EeSsp)
+ contains the SSP defined for an end entity.
+
+
+
+* dc of type [**DcSsp**](#DcSsp)
+ contains the SSP defined for a distribution center.
+
+
+
+
+ ...,
+
+>>>
+NOTE: The LOP is in the SSP for backward compatibility reasons,
+ and in practice, in this design the LOP does not have a certificate.
+>>>
+```asn1
+SecurityMgmtSsp ::= CHOICE {
+ elector ElectorSsp,
+ root RootCaSsp,
+ pg PgSsp,
+ ica IcaSsp,
+ eca EcaSsp,
+ aca AcaSsp,
+ crl CrlSignerSsp,
+ dcm DcmSsp,
+ la LaSsp,
+ lop LopSsp,
+ ma MaSsp,
+ ra RaSsp,
+ ee EeSsp,
+ ...,
+ dc DcSsp
+ }
+```
+
+
+### TestSecurityMgmtSsp
+```asn1
+TestSecurityMgmtSsp ::= SecurityMgmtSsp
+```
+
+### ElectorSsp
+This structure defines the SSP for an elector when it is authorizing
+ SecurityMgmtPsid messages. It has no parameters other than the version
+ number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+ElectorSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### RootCaSsp
+This structure defines the SSP for a root CA when it is authorizing
+ SecurityMgmtPsid messages. It has no parameters other than the version
+ number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+RootCaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### PgSsp
+This structure defines the SSP for a policy generator when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+PgSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### IcaSsp
+This structure defines the SSP for an intermediate CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+IcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### EcaSsp
+This structure defines the SSP for an enrollment CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+EcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### AcaSsp
+This structure defines the SSP for an authorization CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+AcaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### CrlSignerSsp
+This structure defines the SSP for a CRL signer when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+
+>>>
+NOTE: The SSP for a CRL signer when signing CRLs is associated with
+ PSID 0x0100 and is defined in IEEE Std 1609.2.
+>>>
+```asn1
+CrlSignerSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### DcmSsp
+This structure defines the SSP for a device configuration manager
+ when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ other than the version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+DcmSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### LaSsp
+This structure defines the SSP for a linkage authority when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+* laId of type [**Uint16**](Ieee1609Dot2BaseTypes.md#Uint16)
+
+```asn1
+LaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ laId Uint16,
+ ...
+}
+```
+
+### LopSsp
+This structure defines the SSP for a location obscurer proxy (LOP)
+ when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ other than the version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+
+>>>
+NOTE: The LOP is in the SSP for backward compatibility reasons, and
+ in practice, in this design the LOP does not have a certificate.
+>>>
+```asn1
+LopSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### MaSsp
+This structure defines the SSP for a misbehavior authority when it
+ is authorizing SecurityMgmtPsid messages. Its parameters
+ indicate the PSIDs associated with the misbehavior that is to be reported
+ to that MA (see 4.1.5 for further details). The certificate containing
+ this SSP is the MA Certificate to which an end entity should encrypt
+ misbehavior reports related to the indicated PSIDs.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+* relevantPsids of type [**SequenceOfPsid**](Ieee1609Dot2BaseTypes.md#SequenceOfPsid)
+
+```asn1
+MaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ relevantPsids SequenceOfPsid,
+ ...
+}
+```
+
+### RaSsp
+This structure defines the SSP for an RA when it is authorizing
+ SecurityMgmtPsid messages. It has no parameters other than the version
+ number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+RaSsp ::= SEQUENCE {
+ version Uint8 (2),
+ ...
+}
+```
+
+### EeSsp
+This structure defines the SSP for an end entity when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+EeSsp ::= SEQUENCE {
+ version Uint8(2),
+ ...
+}
+```
+
+### AcpcSsp
+This is a container for ACPC-related SSPs, specifying one SSP for
+ each role. The only SSP defined in this document is the CamSsp, used in
+ the CAM certificate that signs a SignedAprvBinaryTree or a
+ SignedIndividualAprv. The SSP shall be C-OER encoded for inclusion in the
+ CAM certificate. New versions of the CAM SSP should be handled by
+ extending this structure rather than by use of a version number in the
+ CamSsp structure.
+
+
+ The AcpcSsp is associated with the AcpcPsid in the CAM certificate's
+ appPermissions field.
+
+Fields:
+* cam of type [**CamSsp**](#CamSsp)
+```asn1
+AcpcSsp ::= CHOICE {
+ cam CamSsp,
+ ...
+}
+```
+
+
+### CamSsp
+This is a list of the ACPC Tree IDs for which the containing CAM
+ certificate is entitled to sign a SignedAprvBinaryTree or a
+ SignedIndividualAprv. The SSP entitles the certificate holder to sign
+ either of these structures.
+```asn1
+CamSsp ::= SEQUENCE (SIZE(1..MAX)) OF AcpcTreeId
+```
+
+### DcSsp
+This structure defines the SSP for a distribution center when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+Fields:
+* version of type [**Uint8**](Ieee1609Dot2BaseTypes.md#Uint8) (2)
+```asn1
+DcSsp ::= SEQUENCE {
+ version Uint8(2),
+ ...
+}
+```
+
+
+
+This structure defines the SSP for a policy generator when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This structure defines the SSP for an intermediate CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This structure defines the SSP for an enrollment CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This structure defines the SSP for an authorization CA when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This structure defines the SSP for a CRL signer when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+>>>
+NOTE: The SSP for a CRL signer when signing CRLs is associated with
+ PSID 0x0100 and is defined in IEEE Std 1609.2.
+ This structure defines the SSP for a device configuration manager
+ when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ other than the version number.
+ This structure defines the SSP for a linkage authority when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This structure defines the SSP for a location obscurer proxy (LOP)
+ when it is authorizing SecurityMgmtPsid messages. It has no parameters
+ other than the version number.
+>>>
+
+
+>>>
+NOTE: The LOP is in the SSP for backward compatibility reasons, and
+ in practice, in this design the LOP does not have a certificate.
+ This structure defines the SSP for a misbehavior authority when it
+ is authorizing SecurityMgmtPsid messages. Its parameters
+ indicate the PSIDs associated with the misbehavior that is to be reported
+ to that MA (see 4.1.5 for further details). The certificate containing
+ this SSP is the MA Certificate to which an end entity should encrypt
+ misbehavior reports related to the indicated PSIDs.
+ This structure defines the SSP for an RA when it is authorizing
+ SecurityMgmtPsid messages. It has no parameters other than the version
+ number.
+ This structure defines the SSP for an end entity when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+ This is a container for ACPC-related SSPs, specifying one SSP for
+ each role. The only SSP defined in this document is the CamSsp, used in
+ the CAM certificate that signs a SignedAprvBinaryTree or a
+ SignedIndividualAprv. The SSP shall be C-OER encoded for inclusion in the
+ CAM certificate. New versions of the CAM SSP should be handled by
+ extending this structure rather than by use of a version number in the
+ CamSsp structure.
+>>>
+
+
+ The AcpcSsp is associated with the AcpcPsid in the CAM certificate's
+ appPermissions field.
+ This is a list of the ACPC Tree IDs for which the containing CAM
+ certificate is entitled to sign a SignedAprvBinaryTree or a
+ SignedIndividualAprv. The SSP entitles the certificate holder to sign
+ either of these structures.
+ This structure defines the SSP for a distribution center when it is
+ authorizing SecurityMgmtPsid messages. It has no parameters other than the
+ version number.
+
+
diff --git a/ieee1609dot2 b/ieee1609dot2
index 2baf229cc00512fdd806e4c5de38b9a245896aac..880216d33d08b424764a319ae1d8ee825a793a47 160000
--- a/ieee1609dot2
+++ b/ieee1609dot2
@@ -1 +1 @@
-Subproject commit 2baf229cc00512fdd806e4c5de38b9a245896aac
+Subproject commit 880216d33d08b424764a319ae1d8ee825a793a47