Loading asn1/Security/1609Dot2/IEEE1609dot2.asn 0 → 100755 +310 −0 Original line number Diff line number Diff line IEEE1609dot2 {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base (1) schema (1) major-version-2(2)} --****************************************************************************** -- -- IEEE P1609.2 Data Types -- --****************************************************************************** DEFINITIONS AUTOMATIC TAGS ::= BEGIN EXPORTS ALL; IMPORTS CrlSeries, EccP256CurvePoint, EciesP256EncryptedKey, EncryptionKey, GeographicRegion, GroupLinkageValue, HashAlgorithm, HashedId3, HashedId8, Hostname, IValue, LinkageValue, Opaque, Psid, PsidSsp, PsidSspRange, PublicEncryptionKey, PublicVerificationKey, SequenceOfHashedId3, SequenceOfPsidSsp, SequenceOfPsidSspRange, ServiceSpecificPermissions, Signature, SubjectAssurance, SymmetricEncryptionKey, ThreeDLocation, Time64, Uint3, Uint8, Uint16, Uint32, ValidityPeriod FROM IEEE1609dot2BaseTypes {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2 (2)} ; -- --********************************************************************* -- -- Structures for describing secured data -- --********************************************************************* -- Necessary to get certain tools to generate sample PDUs -- TestIeee1609Dot2Data ::= Ieee1609Dot2Data -- TestCertificate ::= Certificate -- this structure belongs later in the file but putting it here avoids -- compiler errors with certain tools SignedDataPayload ::= SEQUENCE { data Ieee1609Dot2Data OPTIONAL, extDataHash HashedData OPTIONAL, ... } (WITH COMPONENTS {..., data PRESENT} | WITH COMPONENTS {..., extDataHash PRESENT}) Ieee1609Dot2Data ::= SEQUENCE { protocolVersion Uint8(3), content Ieee1609Dot2Content } Ieee1609Dot2Content ::= CHOICE { unsecuredData Opaque, signedData SignedData, encryptedData EncryptedData, signedCertificateRequest Opaque, ... } SignedData ::= SEQUENCE { hashId HashAlgorithm, tbsData ToBeSignedData, signer SignerIdentifier, signature Signature } SignerIdentifier ::= CHOICE { digest HashedId8, certificate SequenceOfCertificate, self NULL, ... } ToBeSignedData ::= SEQUENCE { payload SignedDataPayload, headerInfo HeaderInfo } HashedData::= CHOICE { sha256HashedData OCTET STRING (SIZE(32)), ... } HeaderInfo ::= SEQUENCE { psid Psid, generationTime Time64 OPTIONAL, expiryTime Time64 OPTIONAL, generationLocation ThreeDLocation OPTIONAL, p2pcdLearningRequest HashedId3 OPTIONAL, missingCrlIdentifier MissingCrlIdentifier OPTIONAL, encryptionKey EncryptionKey OPTIONAL, ..., inlineP2pcdRequest SequenceOfHashedId3 OPTIONAL, requestedCertificate Certificate OPTIONAL } MissingCrlIdentifier ::= SEQUENCE { cracaId HashedId3, crlSeries CrlSeries, ... } Countersignature ::= Ieee1609Dot2Data (WITH COMPONENTS {..., content (WITH COMPONENTS {..., signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS {..., payload (WITH COMPONENTS {..., data ABSENT, extDataHash PRESENT }), headerInfo(WITH COMPONENTS {..., generationTime PRESENT, expiryTime ABSENT, generationLocation ABSENT, p2pcdLearningRequest ABSENT, missingCrlIdentifier ABSENT, encryptionKey ABSENT }) }) }) }) }) --********************************************************************** -- -- Structures for describing encrypted data -- --********************************************************************** EncryptedData ::= SEQUENCE { recipients SequenceOfRecipientInfo, ciphertext SymmetricCiphertext } RecipientInfo ::= CHOICE { pskRecipInfo PreSharedKeyRecipientInfo, symmRecipInfo SymmRecipientInfo, certRecipInfo PKRecipientInfo, signedDataRecipInfo PKRecipientInfo, rekRecipInfo PKRecipientInfo } SequenceOfRecipientInfo ::= SEQUENCE OF RecipientInfo PreSharedKeyRecipientInfo ::= HashedId8 SymmRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey SymmetricCiphertext } PKRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey EncryptedDataEncryptionKey } EncryptedDataEncryptionKey ::= CHOICE { eciesNistP256 EciesP256EncryptedKey, eciesBrainpoolP256r1 EciesP256EncryptedKey, ... } SymmetricCiphertext ::= CHOICE { aes128ccm AesCcmCiphertext, ... } AesCcmCiphertext ::= SEQUENCE { nonce OCTET STRING (SIZE (12)), ccmCiphertext Opaque -- 16 bytes longer than plaintext } --********************************************************************** -- -- Certificates and other security management data structures -- --********************************************************************** -- Certificates are implicit (type = implicit, toBeSigned includes -- reconstruction value, signature absent) or explicit (type = explicit, -- toBeSigned includes verification key, signature present). Certificate ::= CertificateBase (ImplicitCertificate | ExplicitCertificate) SequenceOfCertificate ::= SEQUENCE OF Certificate CertificateBase ::= SEQUENCE { version Uint8(3), type CertificateType, issuer IssuerIdentifier, toBeSigned ToBeSignedCertificate, signature Signature OPTIONAL } CertificateType ::= ENUMERATED { explicit, implicit, ... } ImplicitCertificate ::= CertificateBase (WITH COMPONENTS {..., type(implicit), toBeSigned(WITH COMPONENTS {..., verifyKeyIndicator(WITH COMPONENTS {reconstructionValue}) }), signature ABSENT }) ExplicitCertificate ::= CertificateBase (WITH COMPONENTS {..., type(explicit), toBeSigned(WITH COMPONENTS {..., verifyKeyIndicator(WITH COMPONENTS {verificationKey}) }), signature PRESENT }) IssuerIdentifier ::= CHOICE { sha256AndDigest HashedId8, self HashAlgorithm, ..., sha384AndDigest HashedId8 } ToBeSignedCertificate ::= SEQUENCE { id CertificateId, cracaId HashedId3, crlSeries CrlSeries, validityPeriod ValidityPeriod, region GeographicRegion OPTIONAL, assuranceLevel SubjectAssurance OPTIONAL, appPermissions SequenceOfPsidSsp OPTIONAL, certIssuePermissions SequenceOfPsidGroupPermissions OPTIONAL, certRequestPermissions SequenceOfPsidGroupPermissions OPTIONAL, canRequestRollover NULL OPTIONAL, encryptionKey PublicEncryptionKey OPTIONAL, verifyKeyIndicator VerificationKeyIndicator, ... } (WITH COMPONENTS { ..., appPermissions PRESENT} | WITH COMPONENTS { ..., certIssuePermissions PRESENT} | WITH COMPONENTS { ..., certRequestPermissions PRESENT}) CertificateId ::= CHOICE { linkageData LinkageData, name Hostname, binaryId OCTET STRING(SIZE(1..64)), none NULL, ... } LinkageData ::= SEQUENCE { iCert IValue, linkage-value LinkageValue, group-linkage-value GroupLinkageValue OPTIONAL } --EndEntityType ::= BIT STRING {app (0), enrol (1) } (SIZE (8)) (ALL EXCEPT {}) EndEntityType ::= BIT STRING {app (0), enrol (1) } (SIZE (8)) PsidGroupPermissions ::= SEQUENCE { subjectPermissions SubjectPermissions, minChainLength INTEGER DEFAULT 1, chainLengthRange INTEGER DEFAULT 0, eeType EndEntityType DEFAULT '00'H } SequenceOfPsidGroupPermissions ::= SEQUENCE OF PsidGroupPermissions SubjectPermissions ::= CHOICE { explicit SequenceOfPsidSspRange, all NULL, ... } VerificationKeyIndicator ::= CHOICE { verificationKey PublicVerificationKey, reconstructionValue EccP256CurvePoint, ... } END asn1/Security/1609Dot2/IEEE1609dot2BaseTypes.asn 0 → 100755 +334 −0 Original line number Diff line number Diff line IEEE1609dot2BaseTypes {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2)} -- --******************************************************************** -- IEEE P1609.2 Base Data Types -- --******************************************************************** DEFINITIONS AUTOMATIC TAGS ::= BEGIN EXPORTS ALL; -- ------------------------------------------------------------------ -- -- Integers -- -- ------------------------------------------------------------------ Uint3 ::= INTEGER (0..7) -- (hex) 07 Uint8 ::= INTEGER (0..255) -- (hex) ff Uint16 ::= INTEGER (0..65535) -- (hex) ff ff Uint32 ::= INTEGER (0..4294967295)--<LONGLONG>-- -- (hex) ff ff ff ff Uint64 ::= INTEGER (0..18446744073709551615) -- (hex) ff ff ff ff ff ff ff ff -- Uint64 ::= INTEGER -- -- (hex) ff ff ff ff ff ff ff ff SequenceOfUint8 ::= SEQUENCE OF Uint8 SequenceOfUint16 ::= SEQUENCE OF Uint16 -- ------------------------------------------------------------------ -- -- OCTET STRING types -- -- ------------------------------------------------------------------ Opaque ::= OCTET STRING HashedId10 ::= OCTET STRING (SIZE(10)) HashedId8 ::= OCTET STRING (SIZE(8)) HashedId3 ::= OCTET STRING (SIZE(3)) SequenceOfHashedId3 ::= SEQUENCE OF HashedId3 -- ------------------------------------------------------------------ -- -- Time -- -- ------------------------------------------------------------------ Time32 ::= Uint32 Time64 ::= Uint64 ValidityPeriod ::= SEQUENCE { start Time32, duration Duration } Duration ::= CHOICE { microseconds Uint16, milliseconds Uint16, seconds Uint16, minutes Uint16, hours Uint16, sixtyHours Uint16, years Uint16 } -- ------------------------------------------------------------------ -- -- Location -- -- ------------------------------------------------------------------ GeographicRegion ::= CHOICE { circularRegion CircularRegion, rectangularRegion SequenceOfRectangularRegion, polygonalRegion PolygonalRegion, identifiedRegion SequenceOfIdentifiedRegion, ... } CircularRegion ::= SEQUENCE { center TwoDLocation, radius Uint16 } RectangularRegion ::= SEQUENCE { northWest TwoDLocation, southEast TwoDLocation } SequenceOfRectangularRegion ::= SEQUENCE OF RectangularRegion PolygonalRegion ::= SEQUENCE SIZE(3..MAX) OF TwoDLocation TwoDLocation ::= SEQUENCE { latitude Latitude, longitude Longitude } IdentifiedRegion ::= CHOICE { countryOnly CountryOnly, countryAndRegions CountryAndRegions, countryAndSubregions CountryAndSubregions, ... } SequenceOfIdentifiedRegion ::= SEQUENCE OF IdentifiedRegion CountryOnly ::= Uint16 CountryAndRegions ::= SEQUENCE { countryOnly CountryOnly, regions SequenceOfUint8 } CountryAndSubregions ::= SEQUENCE { country CountryOnly, regionAndSubregions SequenceOfRegionAndSubregions } RegionAndSubregions ::= SEQUENCE { region Uint8, subregions SequenceOfUint16 } SequenceOfRegionAndSubregions ::= SEQUENCE OF RegionAndSubregions ThreeDLocation ::= SEQUENCE { latitude Latitude, longitude Longitude, elevation Elevation } Latitude ::= NinetyDegreeInt Longitude ::= OneEightyDegreeInt Elevation ::= ElevInt NinetyDegreeInt ::= INTEGER { min (-900000000), max (900000000), unknown (900000001) } (-900000000..900000001) KnownLatitude ::= NinetyDegreeInt (min..max) -- Minus 90deg to +90deg in microdegree intervals UnknownLatitude ::= NinetyDegreeInt (unknown) OneEightyDegreeInt ::= INTEGER { min (-1799999999), max (1800000000), unknown (1800000001) } (-1799999999..1800000001) KnownLongitude ::= OneEightyDegreeInt (min..max) UnknownLongitude ::= OneEightyDegreeInt (unknown) ElevInt ::= Uint16 -- Range is from -4096 to 61439 in units of one-tenth of a meter -- ------------------------------------------------------------------ -- -- Crypto -- -- ------------------------------------------------------------------ Signature ::= CHOICE { ecdsaNistP256Signature EcdsaP256Signature, ecdsaBrainpoolP256r1Signature EcdsaP256Signature, ..., ecdsaBrainpoolP384r1Signature EcdsaP384Signature } EcdsaP256Signature ::= SEQUENCE { rSig EccP256CurvePoint, sSig OCTET STRING (SIZE (32)) } EcdsaP384Signature ::= SEQUENCE { rSig EccP384CurvePoint, sSig OCTET STRING (SIZE (48)) } EccP256CurvePoint ::= CHOICE { x-only OCTET STRING (SIZE (32)), fill NULL, -- consistency with 1363 / X9.62 compressed-y-0 OCTET STRING (SIZE (32)), compressed-y-1 OCTET STRING (SIZE (32)), uncompressedP256 SEQUENCE { x OCTET STRING (SIZE (32)), y OCTET STRING (SIZE (32)) } } EccP384CurvePoint::= CHOICE { x-only OCTET STRING (SIZE (48)), fill NULL, -- consistency w 1363 / X9.62 compressed-y-0 OCTET STRING (SIZE (48)), compressed-y-1 OCTET STRING (SIZE (48)), uncompressedP384 SEQUENCE { x OCTET STRING (SIZE (48)), y OCTET STRING (SIZE (48)) } } SymmAlgorithm ::= ENUMERATED { aes128Ccm, ... } HashAlgorithm ::= ENUMERATED { sha256, ..., sha384 } EciesP256EncryptedKey ::= SEQUENCE { v EccP256CurvePoint, c OCTET STRING (SIZE (16)), t OCTET STRING (SIZE (16)) } EncryptionKey ::= CHOICE { public PublicEncryptionKey, symmetric SymmetricEncryptionKey } PublicEncryptionKey ::= SEQUENCE { supportedSymmAlg SymmAlgorithm, publicKey BasePublicEncryptionKey } BasePublicEncryptionKey ::= CHOICE { eciesNistP256 EccP256CurvePoint, eciesBrainpoolP256r1 EccP256CurvePoint, ... } PublicVerificationKey ::= CHOICE { ecdsaNistP256 EccP256CurvePoint, ecdsaBrainpoolP256r1 EccP256CurvePoint, ..., ecdsaBrainpoolP384r1 EccP384CurvePoint } SymmetricEncryptionKey ::= CHOICE { aes128Ccm OCTET STRING(SIZE(16)), ... } -- ------------------------------------------------------------------ -- -- PSID / ITS-AID -- -- ------------------------------------------------------------------ PsidSsp ::= SEQUENCE { psid Psid, ssp ServiceSpecificPermissions OPTIONAL } SequenceOfPsidSsp ::= SEQUENCE OF PsidSsp Psid ::= INTEGER (0..MAX) SequenceOfPsid ::= SEQUENCE OF Psid ServiceSpecificPermissions ::= CHOICE { opaque OCTET STRING (SIZE(0..MAX)), ..., bitmapSsp BitmapSsp } BitmapSsp ::= OCTET STRING (SIZE(0..31)) PsidSspRange ::= SEQUENCE { psid Psid, sspRange SspRange OPTIONAL } SequenceOfPsidSspRange ::= SEQUENCE OF PsidSspRange SspRange ::= CHOICE { opaque SequenceOfOctetString, all NULL, ... , bitmapSspRange BitmapSspRange } BitmapSspRange ::= SEQUENCE { sspValue OCTET STRING (SIZE(1..32)), sspBitmask OCTET STRING (SIZE(1..32)) } SequenceOfOctetString ::= SEQUENCE (SIZE (0..MAX)) OF OCTET STRING (SIZE(0..MAX)) -- ------------------------------------------------------------------ -- -- Goes in certs -- -- ------------------------------------------------------------------ SubjectAssurance ::= OCTET STRING (SIZE(1)) CrlSeries ::= Uint16 -- ------------------------------------------------------------------ -- -- Pseudonym Linkage -- -- ------------------------------------------------------------------ IValue ::= Uint16 Hostname ::= UTF8String (SIZE(0..255)) LinkageValue ::= OCTET STRING (SIZE(9)) GroupLinkageValue ::= SEQUENCE { jValue OCTET STRING (SIZE(4)), value OCTET STRING (SIZE(9)) } LaId ::= OCTET STRING (SIZE(2)) LinkageSeed ::= OCTET STRING (SIZE(16)) END asn1/Security/EtsiTs103097Module.asn 0 → 100755 +105 −0 Original line number Diff line number Diff line EtsiTs103097Module { itu-t(0) identified-organization(4) etsi(0) itsDomain(5) wg5(5) ts(103097) v1(0) } DEFINITIONS AUTOMATIC TAGS ::= BEGIN IMPORTS Ieee1609Dot2Data, ExplicitCertificate FROM IEEE1609dot2 {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base (1) schema (1) major-version-2(2)}; EtsiTs103097Certificate::= ExplicitCertificate (WITH COMPONENTS{..., toBeSigned (WITH COMPONENTS{..., id (WITH COMPONENTS{..., linkageData ABSENT, binaryId ABSENT }), certRequestPermissions ABSENT, canRequestRollover ABSENT }) }) SingleEtsiTs103097Certificate ::= SEQUENCE { only EtsiTs103097Certificate } EtsiTs103097Data::=Ieee1609Dot2Data (WITH COMPONENTS {..., content (WITH COMPONENTS {..., signedData (WITH COMPONENTS {..., -- constraints on signed data headers tbsData (WITH COMPONENTS { headerInfo (WITH COMPONENTS {..., generationTime PRESENT, p2pcdLearningRequest ABSENT, missingCrlIdentifier ABSENT }) }), signer (WITH COMPONENTS {..., --constraints on the certificate certificate (SIZE(1)) }) }), encryptedData (WITH COMPONENTS {..., -- constraints on encrypted data headers recipients (WITH COMPONENT ( (WITH COMPONENTS {..., pskRecipInfo ABSENT, symmRecipInfo ABSENT, rekRecipInfo ABSENT }) )) }), signedCertificateRequest ABSENT }) }) EtsiTs103097Data-Signed {ToBeSignedDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS { payload (WITH COMPONENTS { data (WITH COMPONENTS {..., content (WITH COMPONENTS { unsecuredData (CONTAINING ToBeSignedDataContent) }) }) PRESENT }) }) }) }) }) EtsiTs103097Data-SignedExternalPayload ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS { payload (WITH COMPONENTS { extDataHash (WITH COMPONENTS { sha256HashedData PRESENT }) PRESENT }) }) }) }) }) EtsiTs103097Data-Encrypted {ToBeEncryptedDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { encryptedData (WITH COMPONENTS {..., ciphertext (WITH COMPONENTS {..., aes128ccm (WITH COMPONENTS {..., ccmCiphertext (CONSTRAINED BY {-- ccm encryption of -- ToBeEncryptedDataContent}) }) }) }) }) }) EtsiTs103097Data-SignedAndEncrypted {ToBesignedAndEncryptedDataContent} ::= EtsiTs103097Data-Encrypted {EtsiTs103097Data-Signed {ToBesignedAndEncryptedDataContent}} END Loading
asn1/Security/1609Dot2/IEEE1609dot2.asn 0 → 100755 +310 −0 Original line number Diff line number Diff line IEEE1609dot2 {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base (1) schema (1) major-version-2(2)} --****************************************************************************** -- -- IEEE P1609.2 Data Types -- --****************************************************************************** DEFINITIONS AUTOMATIC TAGS ::= BEGIN EXPORTS ALL; IMPORTS CrlSeries, EccP256CurvePoint, EciesP256EncryptedKey, EncryptionKey, GeographicRegion, GroupLinkageValue, HashAlgorithm, HashedId3, HashedId8, Hostname, IValue, LinkageValue, Opaque, Psid, PsidSsp, PsidSspRange, PublicEncryptionKey, PublicVerificationKey, SequenceOfHashedId3, SequenceOfPsidSsp, SequenceOfPsidSspRange, ServiceSpecificPermissions, Signature, SubjectAssurance, SymmetricEncryptionKey, ThreeDLocation, Time64, Uint3, Uint8, Uint16, Uint32, ValidityPeriod FROM IEEE1609dot2BaseTypes {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2 (2)} ; -- --********************************************************************* -- -- Structures for describing secured data -- --********************************************************************* -- Necessary to get certain tools to generate sample PDUs -- TestIeee1609Dot2Data ::= Ieee1609Dot2Data -- TestCertificate ::= Certificate -- this structure belongs later in the file but putting it here avoids -- compiler errors with certain tools SignedDataPayload ::= SEQUENCE { data Ieee1609Dot2Data OPTIONAL, extDataHash HashedData OPTIONAL, ... } (WITH COMPONENTS {..., data PRESENT} | WITH COMPONENTS {..., extDataHash PRESENT}) Ieee1609Dot2Data ::= SEQUENCE { protocolVersion Uint8(3), content Ieee1609Dot2Content } Ieee1609Dot2Content ::= CHOICE { unsecuredData Opaque, signedData SignedData, encryptedData EncryptedData, signedCertificateRequest Opaque, ... } SignedData ::= SEQUENCE { hashId HashAlgorithm, tbsData ToBeSignedData, signer SignerIdentifier, signature Signature } SignerIdentifier ::= CHOICE { digest HashedId8, certificate SequenceOfCertificate, self NULL, ... } ToBeSignedData ::= SEQUENCE { payload SignedDataPayload, headerInfo HeaderInfo } HashedData::= CHOICE { sha256HashedData OCTET STRING (SIZE(32)), ... } HeaderInfo ::= SEQUENCE { psid Psid, generationTime Time64 OPTIONAL, expiryTime Time64 OPTIONAL, generationLocation ThreeDLocation OPTIONAL, p2pcdLearningRequest HashedId3 OPTIONAL, missingCrlIdentifier MissingCrlIdentifier OPTIONAL, encryptionKey EncryptionKey OPTIONAL, ..., inlineP2pcdRequest SequenceOfHashedId3 OPTIONAL, requestedCertificate Certificate OPTIONAL } MissingCrlIdentifier ::= SEQUENCE { cracaId HashedId3, crlSeries CrlSeries, ... } Countersignature ::= Ieee1609Dot2Data (WITH COMPONENTS {..., content (WITH COMPONENTS {..., signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS {..., payload (WITH COMPONENTS {..., data ABSENT, extDataHash PRESENT }), headerInfo(WITH COMPONENTS {..., generationTime PRESENT, expiryTime ABSENT, generationLocation ABSENT, p2pcdLearningRequest ABSENT, missingCrlIdentifier ABSENT, encryptionKey ABSENT }) }) }) }) }) --********************************************************************** -- -- Structures for describing encrypted data -- --********************************************************************** EncryptedData ::= SEQUENCE { recipients SequenceOfRecipientInfo, ciphertext SymmetricCiphertext } RecipientInfo ::= CHOICE { pskRecipInfo PreSharedKeyRecipientInfo, symmRecipInfo SymmRecipientInfo, certRecipInfo PKRecipientInfo, signedDataRecipInfo PKRecipientInfo, rekRecipInfo PKRecipientInfo } SequenceOfRecipientInfo ::= SEQUENCE OF RecipientInfo PreSharedKeyRecipientInfo ::= HashedId8 SymmRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey SymmetricCiphertext } PKRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey EncryptedDataEncryptionKey } EncryptedDataEncryptionKey ::= CHOICE { eciesNistP256 EciesP256EncryptedKey, eciesBrainpoolP256r1 EciesP256EncryptedKey, ... } SymmetricCiphertext ::= CHOICE { aes128ccm AesCcmCiphertext, ... } AesCcmCiphertext ::= SEQUENCE { nonce OCTET STRING (SIZE (12)), ccmCiphertext Opaque -- 16 bytes longer than plaintext } --********************************************************************** -- -- Certificates and other security management data structures -- --********************************************************************** -- Certificates are implicit (type = implicit, toBeSigned includes -- reconstruction value, signature absent) or explicit (type = explicit, -- toBeSigned includes verification key, signature present). Certificate ::= CertificateBase (ImplicitCertificate | ExplicitCertificate) SequenceOfCertificate ::= SEQUENCE OF Certificate CertificateBase ::= SEQUENCE { version Uint8(3), type CertificateType, issuer IssuerIdentifier, toBeSigned ToBeSignedCertificate, signature Signature OPTIONAL } CertificateType ::= ENUMERATED { explicit, implicit, ... } ImplicitCertificate ::= CertificateBase (WITH COMPONENTS {..., type(implicit), toBeSigned(WITH COMPONENTS {..., verifyKeyIndicator(WITH COMPONENTS {reconstructionValue}) }), signature ABSENT }) ExplicitCertificate ::= CertificateBase (WITH COMPONENTS {..., type(explicit), toBeSigned(WITH COMPONENTS {..., verifyKeyIndicator(WITH COMPONENTS {verificationKey}) }), signature PRESENT }) IssuerIdentifier ::= CHOICE { sha256AndDigest HashedId8, self HashAlgorithm, ..., sha384AndDigest HashedId8 } ToBeSignedCertificate ::= SEQUENCE { id CertificateId, cracaId HashedId3, crlSeries CrlSeries, validityPeriod ValidityPeriod, region GeographicRegion OPTIONAL, assuranceLevel SubjectAssurance OPTIONAL, appPermissions SequenceOfPsidSsp OPTIONAL, certIssuePermissions SequenceOfPsidGroupPermissions OPTIONAL, certRequestPermissions SequenceOfPsidGroupPermissions OPTIONAL, canRequestRollover NULL OPTIONAL, encryptionKey PublicEncryptionKey OPTIONAL, verifyKeyIndicator VerificationKeyIndicator, ... } (WITH COMPONENTS { ..., appPermissions PRESENT} | WITH COMPONENTS { ..., certIssuePermissions PRESENT} | WITH COMPONENTS { ..., certRequestPermissions PRESENT}) CertificateId ::= CHOICE { linkageData LinkageData, name Hostname, binaryId OCTET STRING(SIZE(1..64)), none NULL, ... } LinkageData ::= SEQUENCE { iCert IValue, linkage-value LinkageValue, group-linkage-value GroupLinkageValue OPTIONAL } --EndEntityType ::= BIT STRING {app (0), enrol (1) } (SIZE (8)) (ALL EXCEPT {}) EndEntityType ::= BIT STRING {app (0), enrol (1) } (SIZE (8)) PsidGroupPermissions ::= SEQUENCE { subjectPermissions SubjectPermissions, minChainLength INTEGER DEFAULT 1, chainLengthRange INTEGER DEFAULT 0, eeType EndEntityType DEFAULT '00'H } SequenceOfPsidGroupPermissions ::= SEQUENCE OF PsidGroupPermissions SubjectPermissions ::= CHOICE { explicit SequenceOfPsidSspRange, all NULL, ... } VerificationKeyIndicator ::= CHOICE { verificationKey PublicVerificationKey, reconstructionValue EccP256CurvePoint, ... } END
asn1/Security/1609Dot2/IEEE1609dot2BaseTypes.asn 0 → 100755 +334 −0 Original line number Diff line number Diff line IEEE1609dot2BaseTypes {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base(1) base-types(2) major-version-2(2)} -- --******************************************************************** -- IEEE P1609.2 Base Data Types -- --******************************************************************** DEFINITIONS AUTOMATIC TAGS ::= BEGIN EXPORTS ALL; -- ------------------------------------------------------------------ -- -- Integers -- -- ------------------------------------------------------------------ Uint3 ::= INTEGER (0..7) -- (hex) 07 Uint8 ::= INTEGER (0..255) -- (hex) ff Uint16 ::= INTEGER (0..65535) -- (hex) ff ff Uint32 ::= INTEGER (0..4294967295)--<LONGLONG>-- -- (hex) ff ff ff ff Uint64 ::= INTEGER (0..18446744073709551615) -- (hex) ff ff ff ff ff ff ff ff -- Uint64 ::= INTEGER -- -- (hex) ff ff ff ff ff ff ff ff SequenceOfUint8 ::= SEQUENCE OF Uint8 SequenceOfUint16 ::= SEQUENCE OF Uint16 -- ------------------------------------------------------------------ -- -- OCTET STRING types -- -- ------------------------------------------------------------------ Opaque ::= OCTET STRING HashedId10 ::= OCTET STRING (SIZE(10)) HashedId8 ::= OCTET STRING (SIZE(8)) HashedId3 ::= OCTET STRING (SIZE(3)) SequenceOfHashedId3 ::= SEQUENCE OF HashedId3 -- ------------------------------------------------------------------ -- -- Time -- -- ------------------------------------------------------------------ Time32 ::= Uint32 Time64 ::= Uint64 ValidityPeriod ::= SEQUENCE { start Time32, duration Duration } Duration ::= CHOICE { microseconds Uint16, milliseconds Uint16, seconds Uint16, minutes Uint16, hours Uint16, sixtyHours Uint16, years Uint16 } -- ------------------------------------------------------------------ -- -- Location -- -- ------------------------------------------------------------------ GeographicRegion ::= CHOICE { circularRegion CircularRegion, rectangularRegion SequenceOfRectangularRegion, polygonalRegion PolygonalRegion, identifiedRegion SequenceOfIdentifiedRegion, ... } CircularRegion ::= SEQUENCE { center TwoDLocation, radius Uint16 } RectangularRegion ::= SEQUENCE { northWest TwoDLocation, southEast TwoDLocation } SequenceOfRectangularRegion ::= SEQUENCE OF RectangularRegion PolygonalRegion ::= SEQUENCE SIZE(3..MAX) OF TwoDLocation TwoDLocation ::= SEQUENCE { latitude Latitude, longitude Longitude } IdentifiedRegion ::= CHOICE { countryOnly CountryOnly, countryAndRegions CountryAndRegions, countryAndSubregions CountryAndSubregions, ... } SequenceOfIdentifiedRegion ::= SEQUENCE OF IdentifiedRegion CountryOnly ::= Uint16 CountryAndRegions ::= SEQUENCE { countryOnly CountryOnly, regions SequenceOfUint8 } CountryAndSubregions ::= SEQUENCE { country CountryOnly, regionAndSubregions SequenceOfRegionAndSubregions } RegionAndSubregions ::= SEQUENCE { region Uint8, subregions SequenceOfUint16 } SequenceOfRegionAndSubregions ::= SEQUENCE OF RegionAndSubregions ThreeDLocation ::= SEQUENCE { latitude Latitude, longitude Longitude, elevation Elevation } Latitude ::= NinetyDegreeInt Longitude ::= OneEightyDegreeInt Elevation ::= ElevInt NinetyDegreeInt ::= INTEGER { min (-900000000), max (900000000), unknown (900000001) } (-900000000..900000001) KnownLatitude ::= NinetyDegreeInt (min..max) -- Minus 90deg to +90deg in microdegree intervals UnknownLatitude ::= NinetyDegreeInt (unknown) OneEightyDegreeInt ::= INTEGER { min (-1799999999), max (1800000000), unknown (1800000001) } (-1799999999..1800000001) KnownLongitude ::= OneEightyDegreeInt (min..max) UnknownLongitude ::= OneEightyDegreeInt (unknown) ElevInt ::= Uint16 -- Range is from -4096 to 61439 in units of one-tenth of a meter -- ------------------------------------------------------------------ -- -- Crypto -- -- ------------------------------------------------------------------ Signature ::= CHOICE { ecdsaNistP256Signature EcdsaP256Signature, ecdsaBrainpoolP256r1Signature EcdsaP256Signature, ..., ecdsaBrainpoolP384r1Signature EcdsaP384Signature } EcdsaP256Signature ::= SEQUENCE { rSig EccP256CurvePoint, sSig OCTET STRING (SIZE (32)) } EcdsaP384Signature ::= SEQUENCE { rSig EccP384CurvePoint, sSig OCTET STRING (SIZE (48)) } EccP256CurvePoint ::= CHOICE { x-only OCTET STRING (SIZE (32)), fill NULL, -- consistency with 1363 / X9.62 compressed-y-0 OCTET STRING (SIZE (32)), compressed-y-1 OCTET STRING (SIZE (32)), uncompressedP256 SEQUENCE { x OCTET STRING (SIZE (32)), y OCTET STRING (SIZE (32)) } } EccP384CurvePoint::= CHOICE { x-only OCTET STRING (SIZE (48)), fill NULL, -- consistency w 1363 / X9.62 compressed-y-0 OCTET STRING (SIZE (48)), compressed-y-1 OCTET STRING (SIZE (48)), uncompressedP384 SEQUENCE { x OCTET STRING (SIZE (48)), y OCTET STRING (SIZE (48)) } } SymmAlgorithm ::= ENUMERATED { aes128Ccm, ... } HashAlgorithm ::= ENUMERATED { sha256, ..., sha384 } EciesP256EncryptedKey ::= SEQUENCE { v EccP256CurvePoint, c OCTET STRING (SIZE (16)), t OCTET STRING (SIZE (16)) } EncryptionKey ::= CHOICE { public PublicEncryptionKey, symmetric SymmetricEncryptionKey } PublicEncryptionKey ::= SEQUENCE { supportedSymmAlg SymmAlgorithm, publicKey BasePublicEncryptionKey } BasePublicEncryptionKey ::= CHOICE { eciesNistP256 EccP256CurvePoint, eciesBrainpoolP256r1 EccP256CurvePoint, ... } PublicVerificationKey ::= CHOICE { ecdsaNistP256 EccP256CurvePoint, ecdsaBrainpoolP256r1 EccP256CurvePoint, ..., ecdsaBrainpoolP384r1 EccP384CurvePoint } SymmetricEncryptionKey ::= CHOICE { aes128Ccm OCTET STRING(SIZE(16)), ... } -- ------------------------------------------------------------------ -- -- PSID / ITS-AID -- -- ------------------------------------------------------------------ PsidSsp ::= SEQUENCE { psid Psid, ssp ServiceSpecificPermissions OPTIONAL } SequenceOfPsidSsp ::= SEQUENCE OF PsidSsp Psid ::= INTEGER (0..MAX) SequenceOfPsid ::= SEQUENCE OF Psid ServiceSpecificPermissions ::= CHOICE { opaque OCTET STRING (SIZE(0..MAX)), ..., bitmapSsp BitmapSsp } BitmapSsp ::= OCTET STRING (SIZE(0..31)) PsidSspRange ::= SEQUENCE { psid Psid, sspRange SspRange OPTIONAL } SequenceOfPsidSspRange ::= SEQUENCE OF PsidSspRange SspRange ::= CHOICE { opaque SequenceOfOctetString, all NULL, ... , bitmapSspRange BitmapSspRange } BitmapSspRange ::= SEQUENCE { sspValue OCTET STRING (SIZE(1..32)), sspBitmask OCTET STRING (SIZE(1..32)) } SequenceOfOctetString ::= SEQUENCE (SIZE (0..MAX)) OF OCTET STRING (SIZE(0..MAX)) -- ------------------------------------------------------------------ -- -- Goes in certs -- -- ------------------------------------------------------------------ SubjectAssurance ::= OCTET STRING (SIZE(1)) CrlSeries ::= Uint16 -- ------------------------------------------------------------------ -- -- Pseudonym Linkage -- -- ------------------------------------------------------------------ IValue ::= Uint16 Hostname ::= UTF8String (SIZE(0..255)) LinkageValue ::= OCTET STRING (SIZE(9)) GroupLinkageValue ::= SEQUENCE { jValue OCTET STRING (SIZE(4)), value OCTET STRING (SIZE(9)) } LaId ::= OCTET STRING (SIZE(2)) LinkageSeed ::= OCTET STRING (SIZE(16)) END
asn1/Security/EtsiTs103097Module.asn 0 → 100755 +105 −0 Original line number Diff line number Diff line EtsiTs103097Module { itu-t(0) identified-organization(4) etsi(0) itsDomain(5) wg5(5) ts(103097) v1(0) } DEFINITIONS AUTOMATIC TAGS ::= BEGIN IMPORTS Ieee1609Dot2Data, ExplicitCertificate FROM IEEE1609dot2 {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) base (1) schema (1) major-version-2(2)}; EtsiTs103097Certificate::= ExplicitCertificate (WITH COMPONENTS{..., toBeSigned (WITH COMPONENTS{..., id (WITH COMPONENTS{..., linkageData ABSENT, binaryId ABSENT }), certRequestPermissions ABSENT, canRequestRollover ABSENT }) }) SingleEtsiTs103097Certificate ::= SEQUENCE { only EtsiTs103097Certificate } EtsiTs103097Data::=Ieee1609Dot2Data (WITH COMPONENTS {..., content (WITH COMPONENTS {..., signedData (WITH COMPONENTS {..., -- constraints on signed data headers tbsData (WITH COMPONENTS { headerInfo (WITH COMPONENTS {..., generationTime PRESENT, p2pcdLearningRequest ABSENT, missingCrlIdentifier ABSENT }) }), signer (WITH COMPONENTS {..., --constraints on the certificate certificate (SIZE(1)) }) }), encryptedData (WITH COMPONENTS {..., -- constraints on encrypted data headers recipients (WITH COMPONENT ( (WITH COMPONENTS {..., pskRecipInfo ABSENT, symmRecipInfo ABSENT, rekRecipInfo ABSENT }) )) }), signedCertificateRequest ABSENT }) }) EtsiTs103097Data-Signed {ToBeSignedDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS { payload (WITH COMPONENTS { data (WITH COMPONENTS {..., content (WITH COMPONENTS { unsecuredData (CONTAINING ToBeSignedDataContent) }) }) PRESENT }) }) }) }) }) EtsiTs103097Data-SignedExternalPayload ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { signedData (WITH COMPONENTS {..., tbsData (WITH COMPONENTS { payload (WITH COMPONENTS { extDataHash (WITH COMPONENTS { sha256HashedData PRESENT }) PRESENT }) }) }) }) }) EtsiTs103097Data-Encrypted {ToBeEncryptedDataContent} ::= EtsiTs103097Data (WITH COMPONENTS {..., content (WITH COMPONENTS { encryptedData (WITH COMPONENTS {..., ciphertext (WITH COMPONENTS {..., aes128ccm (WITH COMPONENTS {..., ccmCiphertext (CONSTRAINED BY {-- ccm encryption of -- ToBeEncryptedDataContent}) }) }) }) }) }) EtsiTs103097Data-SignedAndEncrypted {ToBesignedAndEncryptedDataContent} ::= EtsiTs103097Data-Encrypted {EtsiTs103097Data-Signed {ToBesignedAndEncryptedDataContent}} END
