LI-PS-PDU.asn

LI-PS-PDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version21(21)}

DEFINITIONS IMPLICIT TAGS ::=

BEGIN

IMPORTS
	-- Any of the IMPORTs may be commented out if they are not used (see clause A.3)

	-- from TS 101 671 [4]
	LawfulInterceptionIdentifier,
	IRI-Parameters,
	IRIsContent,
	Network-Element-Identifier
		FROM HI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version18(18)}

	-- from TS 101 671 [4]
	HI1-Operation
		FROM HI1NotificationOperations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)}

	-- from TS 102 232-02 [5]
	EmailCC,
	EmailIRI,
	MessagingCC,
	MessagingMMCC,
	MessagingIRI
		FROM EmailPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version14(14)}

	-- from TS 102 232-03 [6]
	IPCC,
	IPIRI,
	IPIRIOnly
		FROM IPAccessPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version10(10)}

	-- from TS 102 232-04 [32]
	L2CC,
	L2IRI,
	L2IRIOnly
		FROM L2AccessPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version7(7)}

	-- from TS 102 232-05 [37]
	IPMMCC,
	IPMMIRI
		FROM IPMultimediaPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version7(7)}

	-- from TS 102 232-06 [36]
	PstnIsdnCC,
	PstnIsdnIRI
		FROM PstnIsdnPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version5(5)}

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	UmtsIRIsContent,
	CorrelationValues,
	Location
		FROM UmtsHI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	UmtsCS-IRIsContent
		FROM UmtsCS-HI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	EpsIRIsContent,
	EPSLocation
		FROM EpsHI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2eps(8)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.
	
	-- from 3GPP TS 33.108 [9]
    CC-PDU
        FROM Umts-HI3-PS
        {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi3(2)}
            -- The relevant module (including the UMTS release and version number)
            -- needs to be chosen when compiling the application.

    -- from 3GPP TS 33.108 [9]
    CC-PDU
        FROM Eps-HI3-PS
        {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi3eps(9)}
            -- The relevant module (including the UMTS release and version number)
            -- needs to be chosen when compiling the application.

	-- from 3GPP TS 33.108 [9]
	ThreeGPP-HI1-Operation
        FROM ThreeGPP-HI1NotificationOperations
        {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi1(0) notificationOperations(1)}
            -- The relevant module (including the release and version number)
            -- needs to be chosen when compiling the application. 
			-- TS 101 671 HI1 and 3GPP HI1 are related to the same functionality but are
			-- corresponding to different implementations and exclusive usage each other.
			-- The implementation depends of national regulations or LEA/CSP negotiations. 
			-- 3GPP HI1 may be used with other services/networks than 3GPPs one.


	-- from TS 101 909-20-1 [33]
	TARGETACTIVITYMONITOR-1,
	TTRAFFIC,
	CTTRAFFIC
		FROM TS101909201
		{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)}

	-- from TS 101 909-20-2 [34]
	TARGETACTIVITYMONITOR,
	TTRAFFIC,
	CTTRAFFIC
		FROM TS101909202
		{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)}

	-- from J-STD-025-B [39]
	LAESProtocol
		FROM Laesp-j-std-025-b 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) j-std-025(0) j-std-025-b(2) version-1(0)}
	CDMA2000LAESMessage
		FROM CDMA2000CIIModule 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cii(0) version-2(1)}
	CCIPPacketHeader
		FROM CDMA2000CCModule 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cc(1) version-1(0)};

-- end of IMPORTS

-- =============================
-- Object Identifier Definitions
-- =============================

lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}

li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version21(21)}

-- ====================
-- Top-level definition
-- ====================

PS-PDU ::= SEQUENCE
{
	pSHeader	[1] PSHeader,
	payload		[2] Payload
}

PSHeader ::= SEQUENCE
{
	li-psDomainId					[0] OBJECT IDENTIFIER,
	lawfulInterceptionIdentifier	[1] LawfulInterceptionIdentifier,
	authorizationCountryCode		[2] PrintableString (SIZE (2)) OPTIONAL,
		-- see clause 5.2.3
	communicationIdentifier			[3] CommunicationIdentifier, 
	sequenceNumber					[4] INTEGER (0..4294967295),
	timeStamp						[5] GeneralizedTime OPTIONAL,
		-- see clause 5.2.6
	...,
	interceptionPointID				[6] PrintableString (SIZE (1..8)) OPTIONAL,
		-- see clause 5.2.11
	microSecondTimeStamp			[7] MicroSecondTimeStamp OPTIONAL,
	timeStampQualifier				[8] TimeStampQualifier OPTIONAL
}

Payload ::= CHOICE
{
	iRIPayloadSequence		[0] SEQUENCE OF IRIPayload,
	cCPayloadSequence		[1] SEQUENCE OF CCPayload,
		-- Clause 6.2.3 explains how to include more than one payload in the same PDU
	tRIPayload				[2] TRIPayload,
	...,
	hI1-Operation			[3] HI1-Operation,
	encryptionContainer		[4] EncryptionContainer,
	threeGPP-HI1-Operation	[5] ThreeGPP-HI1-Operation
		-- This structure may be functionally redundant with hI1-Operation from TS 101 671

}

TimeStampQualifier ::= ENUMERATED
{
	unknown(0),
	timeOfInterception(1),
	timeOfMediation(2),
	...,
	timeOfAggregation(3)
}

-- ====================================
-- Items contained within the PS-Header
-- ====================================

CommunicationIdentifier ::= SEQUENCE
{
	networkIdentifier				[0] NetworkIdentifier,
	communicationIdentityNumber		[1] INTEGER (0..4294967295) OPTIONAL,
		-- in case of transport of HI1 messages not required
		-- Mandatory for CC and IRI, with certain exceptions (see 5.2.4)
	deliveryCountryCode				[2] PrintableString (SIZE (2)) OPTIONAL,
		-- see clause 5.2.4
	...,
	cINExtension					[3] CorrelationValues OPTIONAL
		-- To be used when a single INTEGER is not sufficient to identify
		-- a particular session (see clause 5.2.4)
}

NetworkIdentifier ::= SEQUENCE
{
	operatorIdentifier			[0] OCTET STRING (SIZE(1..16)),
	networkElementIdentifier	[1] OCTET STRING (SIZE(1..16)) OPTIONAL,
	...,
	eTSI671NEID					[2] Network-Element-Identifier OPTIONAL
		-- For network element identifier, use either networkElementIdentifier or eTSI671NEID
}

-- ==========================
-- Definitions for CC Payload
-- ==========================

CCPayload ::= SEQUENCE
{
	payloadDirection		[0] PayloadDirection OPTIONAL,
	timeStamp				[1] GeneralizedTime OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	cCContents				[2] CCContents,
	...,
	microSecondTimeStamp	[3] MicroSecondTimeStamp OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	timeStampQualifier		[4] TimeStampQualifier OPTIONAL
}

PayloadDirection ::= ENUMERATED
{
	fromTarget(0),
	toTarget(1),
	...,
	indeterminate(2),
		-- Indication whether intercepted CC was travelling to or from the target 
		-- or that the direction was indeterminate
	combined(3),
		-- Indication applicable to some services that the traffic is actually a combination
		-- of To and From
	notapplicable(4)
		-- Indication that direction of interceptable service does not make sense
}

CCContents ::= CHOICE
	-- Any of these choices may be commented out if they are not being used, see clause A.3
{
	emailCC				[1] EmailCC,
	iPCC				[2] IPCC,
	uMTSCC				[4] OCTET STRING,
	...,
	l2CC				[6] L2CC,
	tTRAFFIC-1			[7] TS101909201.TTRAFFIC,
	cTTRAFFIC-1			[8] TS101909201.CTTRAFFIC,
	tTRAFFIC-2			[9] TS101909202.TTRAFFIC,
	cTTRAFFIC-2			[10] TS101909202.CTTRAFFIC,
	pstnIsdnCC			[11] PstnIsdnCC,
	iPMMCC				[12] IPMMCC,
	cCIPPacketHeader	[13] CDMA2000CCModule.CCIPPacketHeader,
	messagingCC			[14] MessagingCC,
	ePSCC				[15] OCTET STRING,
	uMTSCC-CC-PDU		[16] Umts-HI3-PS.CC-PDU,
    ePSCC-CC-PDU		[17] Eps-HI3-PS.CC-PDU,
	messagingMMCC		[18] MessagingMMCC
}

MicroSecondTimeStamp ::= SEQUENCE
{
	seconds			[0] INTEGER (0..18446744073709551615),
		-- number of seconds since 1970-1-1 00:00Z also known as unix time epoch
	microSeconds	[1] INTEGER (0..999999),
	...
}

-- ===========================
-- Definitions for IRI Payload
-- ===========================

IRIPayload ::= SEQUENCE
{
	iRIType			[0] IRIType OPTIONAL,
		-- See clause 5.2.10
	timeStamp		[1] GeneralizedTime OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	iRIContents		[2] IRIContents,
	...,
	microSecondTimeStamp	[3] MicroSecondTimeStamp OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	timeStampQualifier		[4] TimeStampQualifier OPTIONAL
}

IRIType ::= ENUMERATED
{
	iRI-Begin(1),
	iRI-End(2),
	iRI-Continue(3),
	iRI-Report(4)
}

IRIContents ::= CHOICE
	-- Any of these choices may be commented out if they are not being used (see clause A.3)
{
	emailIRI				[1] EmailIRI,
	iPIRI					[2] IPIRI,
	iPIRIOnly				[3] IPIRIOnly,
	uMTSIRI					[4] UMTSIRI,
	eTSI671IRI				[5] ETSI671IRI,
	...,
	l2IRI					[6] L2IRI,
	l2IRIOnly				[7] L2IRIOnly,
	tARGETACTIVITYMONITOR-1	[8] TS101909201.TARGETACTIVITYMONITOR-1,
	tARGETACTIVITYMONITOR-2	[9] TS101909202.TARGETACTIVITYMONITOR,
	pstnIsdnIRI				[10] PstnIsdnIRI,
	iPMMIRI					[11] IPMMIRI,
	lAESProtocol			[12] Laesp-j-std-025-b.LAESProtocol,
	cDMA2000LAESMessage		[13] CDMA2000CIIModule.CDMA2000LAESMessage,
	messagingIRI			[14] MessagingIRI,
	ePSIRI					[15] EPSIRI
}

UMTSIRI ::= CHOICE
	-- This structure may be commented out if not used
{
	iRI-Parameters		[0] UmtsHI2Operations.IRI-Parameters,
	umtsIRIsContent		[1] UmtsIRIsContent,
	...,
	iRI-CS-Parameters	[2] UmtsCS-HI2Operations.IRI-Parameters,
	umtsCS-IRIsContent	[3] UmtsCS-IRIsContent
}

ETSI671IRI ::= CHOICE
	-- This structure may be commented out if not used
{
	iRI-Parameters	[0] HI2Operations.IRI-Parameters,
	iRIsContent		[1] IRIsContent,
	...
}

EPSIRI ::= CHOICE
	-- This structure may be commented out if not used
{
	iRI-EPS-Parameters	[0] EpsHI2Operations.IRI-Parameters,
	epsIRIsContent		[1] EpsIRIsContent,
	...
}

-- ===========================
-- Definitions for TRI Payload
-- ===========================

TRIPayload ::= CHOICE
{
	integrityCheck					[0] IntegrityCheck,
	testPDU							[1] NULL,
	paddingPDU						[2] OCTET STRING,
		-- Undefined contents (will be discarded)
	keep-alive						[3] NULL,
	keep-aliveResponse				[4] NULL,
	firstSegmentFlag				[5] NULL,
	lastSegmentFlag					[6] NULL,
	...,
	cINReset						[7] NULL,
	operatorLeaMessage				[8] OperatorLeaMessage,
	optionRequest					[9] OptionRequest,
	optionResponse					[10] OptionResponse,
	optionComplete					[11] NULL,
	pDUAcknowledgementRequest		[12] NULL,
	pDUAcknowledgementResponse		[13] NULL
}

IntegrityCheck ::= SEQUENCE
{
	includedSequenceNumbers	[0] SEQUENCE OF INTEGER (0..4294967295),
		-- gives the order the PDUs were processed
	checkType				[1] CheckType,
	dataType				[2] DataType OPTIONAL,
		-- From version5(5) the dataType is mandatory for hashes and for signatures
		-- (see clause 7.2.3)
	checkValue				[3] OCTET STRING,
		-- Network byte order
		-- In case of a DSA/DSS signature, the r and s values shall be concatenated
	...
}

CheckType ::= ENUMERATED
{
	hash(1),
		-- SHA-1 hash value
	signature(2),
		-- DSS/DSA signature
	...
}

DataType ::= ENUMERATED
{
	iRI(1),
	cC(2),
	...
}

Option ::= CHOICE
{
	pDUAcknowledgement	[0] NULL,
	...
}

OptionRequest ::= SEQUENCE
{
	requestedOptions	[0] SEQUENCE OF Option,
	...
}

OptionResponse ::= SEQUENCE
{
	acceptedOptions		[0] SEQUENCE OF Option,
	declinedOptions		[1] SEQUENCE OF Option,
	...
}

-- ==================================
-- Definitions for OperatorLeaMessage
-- ==================================

OperatorLeaMessage ::= SEQUENCE
{
	messagePriority		[0] OperatorLeaMessagePriority,
	message				[1] OCTET STRING (SIZE(1..255)),
	...
}

OperatorLeaMessagePriority ::= ENUMERATED
{
	error(1),
		-- reporting of error conditions that have impact on the quality of the
		-- intercepted data
	informational(2),
		-- reporting of conditions that will not have direct impact on the quality of
		-- the intercepted data
	...
}

-- ===================================
-- Definitions for EncryptionContainer
-- ===================================

EncryptionContainer ::= SEQUENCE
{
	encryptionType			[0] EncryptionType,
	encryptedPayload		[1] OCTET STRING,
		-- once decrypted, it can be interpreted as EncryptedPayload
	...,
	encryptedPayloadType	[2] EncryptedPayloadType OPTIONAL
}

EncryptionType ::= ENUMERATED
{
	none(1),
		-- No encryption is applied.
	national-option(2),
		-- Use this option when an encryption scheme is negotiated on a national level
	aES-192-CBC(3),
		-- The Advanced Encryption Standard using a 192 bit key in CBC mode
	aES-256-CBC(4),
		-- The Advanced Encryption Standard using a 256 bit key in CBC mode
	blowfish-192-CBC(5),
		-- Blowfish (www.schneier.com/blowfish.html) using a 192 bit key in CBC mode
	blowfish-256-CBC(6),
		-- Blowfish using a 256 bit key in CBC mode
	threedes-cbc(7),
		-- Triple-DES using a 192 bit key in CBC mode
	...
}

EncryptedPayload ::= SEQUENCE
{
	byteCounter			[0] INTEGER (0..18446744073709551615),
		-- The sum of the sizes of all PDUs before this PDU.
		-- It is initialized with the unixTime (number of seconds since 01-01-1970)
		-- multiplied by 2^32 at first use.
		-- Where N is sequencenumber of the n-th PDU in transfer, and size(PDU(N))
		-- as defined in annex G:
		-- 		IF N > 0 THEN
		-- 		PDU[N].byteCounter = PDU[N-1].byteCounter + size(PDU[N-1])
		-- 		ELSE
		-- 		PDU[N].byteCounter = ( unixTime(now) << 32 )
		-- 		ENDIF
	payload				[1] Payload,
	...
}

EncryptedPayloadType ::= ENUMERATED
{
	unknown(1),
	part2(2),
		-- encrypted payload is TS 102 232 part 2 [5]
	part3(3),
		-- encrypted payload is TS 102 232 part 3 [6]
	part4(4),
		-- encrypted payload is TS 102 232 part 4 [32]
	part5(5),
		-- encrypted payload is TS 102 232 part 5 [37]
	part6(6),
		-- encrypted payload is TS 102 232 part 6 [36]
	part7(7),
		-- encrypted payload is TS 102 232 part 7 [38]
	...,
	part1(8)
		-- encrypted payload is TS 102 232 part 1 (the present document)
}

-- ==================
-- Common Parameters
-- ==================

Location ::= SEQUENCE
	-- This is a common parameter, the use of this parameter is described in clause 4.5
{
	umtsHI2Location		[0] UmtsHI2Operations.Location OPTIONAL,
	epsLocation		[1] EpsHI2Operations.EPSLocation OPTIONAL,
	...
}

END --end of LI-PS-PDU