Newer
Older
LI-PS-PDU
canterburym
committed
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version21(21)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- Any of the IMPORTs may be commented out if they are not used (see clause A.3)
-- from TS 101 671 [4]
LawfulInterceptionIdentifier,
IRI-Parameters,
IRIsContent,
Network-Element-Identifier
FROM HI2Operations
canterburym
committed
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version18(18)}
-- from TS 101 671 [4]
HI1-Operation
FROM HI1NotificationOperations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)}
-- from TS 102 232-02 [5]
EmailCC,
EmailIRI,
MessagingCC,
MessagingMMCC,
MessagingIRI
FROM EmailPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version14(14)}
-- from TS 102 232-03 [6]
IPCC,
IPIRI,
IPIRIOnly
FROM IPAccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version10(10)}
-- from TS 102 232-04 [32]
L2CC,
L2IRI,
L2IRIOnly
FROM L2AccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version7(7)}
-- from TS 102 232-05 [37]
IPMMCC,
IPMMIRI
FROM IPMultimediaPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version7(7)}
-- from TS 102 232-06 [36]
PstnIsdnCC,
PstnIsdnIRI
FROM PstnIsdnPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version5(5)}
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsIRIsContent,
CorrelationValues,
Location
FROM UmtsHI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsCS-IRIsContent
FROM UmtsCS-HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
EpsIRIsContent,
EPSLocation
FROM EpsHI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2eps(8)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
CC-PDU
FROM Umts-HI3-PS
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi3(2)}
-- The relevant module (including the UMTS release and version number)
-- needs to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
CC-PDU
FROM Eps-HI3-PS
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi3eps(9)}
-- The relevant module (including the UMTS release and version number)
-- needs to be chosen when compiling the application.
canterburym
committed
-- from 3GPP TS 33.108 [9]
ThreeGPP-HI1-Operation
FROM ThreeGPP-HI1NotificationOperations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi1(0) notificationOperations(1)}
-- The relevant module (including the release and version number)
-- needs to be chosen when compiling the application.
-- TS 101 671 HI1 and 3GPP HI1 are related to the same functionality but are
-- corresponding to different implementations and exclusive usage each other.
-- The implementation depends of national regulations or LEA/CSP negotiations.
-- 3GPP HI1 may be used with other services/networks than 3GPPs one.
-- from TS 101 909-20-1 [33]
TARGETACTIVITYMONITOR-1,
TTRAFFIC,
CTTRAFFIC
FROM TS101909201
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)}
-- from TS 101 909-20-2 [34]
TARGETACTIVITYMONITOR,
TTRAFFIC,
CTTRAFFIC
FROM TS101909202
canterburym
committed
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)}
-- from J-STD-025-B [39]
LAESProtocol
FROM Laesp-j-std-025-b
{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) j-std-025(0) j-std-025-b(2) version-1(0)}
CDMA2000LAESMessage
FROM CDMA2000CIIModule
{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cii(0) version-2(1)}
CCIPPacketHeader
FROM CDMA2000CCModule
{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cc(1) version-1(0)};
-- end of IMPORTS
-- =============================
-- Object Identifier Definitions
-- =============================
lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}
canterburym
committed
li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version21(21)}
-- ====================
-- Top-level definition
-- ====================
PS-PDU ::= SEQUENCE
{
pSHeader [1] PSHeader,
payload [2] Payload
}
PSHeader ::= SEQUENCE
{
li-psDomainId [0] OBJECT IDENTIFIER,
lawfulInterceptionIdentifier [1] LawfulInterceptionIdentifier,
authorizationCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.3
communicationIdentifier [3] CommunicationIdentifier,
sequenceNumber [4] INTEGER (0..4294967295),
timeStamp [5] GeneralizedTime OPTIONAL,
-- see clause 5.2.6
...,
interceptionPointID [6] PrintableString (SIZE (1..8)) OPTIONAL,
-- see clause 5.2.11
microSecondTimeStamp [7] MicroSecondTimeStamp OPTIONAL,
timeStampQualifier [8] TimeStampQualifier OPTIONAL
}
Payload ::= CHOICE
{
iRIPayloadSequence [0] SEQUENCE OF IRIPayload,
cCPayloadSequence [1] SEQUENCE OF CCPayload,
-- Clause 6.2.3 explains how to include more than one payload in the same PDU
tRIPayload [2] TRIPayload,
...,
hI1-Operation [3] HI1-Operation,
canterburym
committed
encryptionContainer [4] EncryptionContainer,
threeGPP-HI1-Operation [5] ThreeGPP-HI1-Operation
-- This structure may be functionally redundant with hI1-Operation from TS 101 671
}
TimeStampQualifier ::= ENUMERATED
{
unknown(0),
timeOfInterception(1),
timeOfMediation(2),
...,
timeOfAggregation(3)
}
-- ====================================
-- Items contained within the PS-Header
-- ====================================
CommunicationIdentifier ::= SEQUENCE
{
networkIdentifier [0] NetworkIdentifier,
communicationIdentityNumber [1] INTEGER (0..4294967295) OPTIONAL,
-- in case of transport of HI1 messages not required
-- Mandatory for CC and IRI, with certain exceptions (see 5.2.4)
deliveryCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.4
...,
cINExtension [3] CorrelationValues OPTIONAL
-- To be used when a single INTEGER is not sufficient to identify
-- a particular session (see clause 5.2.4)
}
NetworkIdentifier ::= SEQUENCE
{
operatorIdentifier [0] OCTET STRING (SIZE(1..16)),
networkElementIdentifier [1] OCTET STRING (SIZE(1..16)) OPTIONAL,
...,
eTSI671NEID [2] Network-Element-Identifier OPTIONAL
canterburym
committed
-- For network element identifier, use either networkElementIdentifier or eTSI671NEID
}
-- ==========================
-- Definitions for CC Payload
-- ==========================
CCPayload ::= SEQUENCE
{
payloadDirection [0] PayloadDirection OPTIONAL,
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
cCContents [2] CCContents,
...,
microSecondTimeStamp [3] MicroSecondTimeStamp OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
timeStampQualifier [4] TimeStampQualifier OPTIONAL
}
PayloadDirection ::= ENUMERATED
{
fromTarget(0),
toTarget(1),
...,
indeterminate(2),
-- Indication whether intercepted CC was travelling to or from the target
-- or that the direction was indeterminate
combined(3),
-- Indication applicable to some services that the traffic is actually a combination
-- of To and From
notapplicable(4)
-- Indication that direction of interceptable service does not make sense
}
CCContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used, see clause A.3
{
canterburym
committed
emailCC [1] EmailCC,
iPCC [2] IPCC,
uMTSCC [4] OCTET STRING,
...,
canterburym
committed
l2CC [6] L2CC,
tTRAFFIC-1 [7] TS101909201.TTRAFFIC,
cTTRAFFIC-1 [8] TS101909201.CTTRAFFIC,
tTRAFFIC-2 [9] TS101909202.TTRAFFIC,
cTTRAFFIC-2 [10] TS101909202.CTTRAFFIC,
pstnIsdnCC [11] PstnIsdnCC,
iPMMCC [12] IPMMCC,
cCIPPacketHeader [13] CDMA2000CCModule.CCIPPacketHeader,
messagingCC [14] MessagingCC,
ePSCC [15] OCTET STRING,
uMTSCC-CC-PDU [16] Umts-HI3-PS.CC-PDU,
ePSCC-CC-PDU [17] Eps-HI3-PS.CC-PDU,
messagingMMCC [18] MessagingMMCC
}
MicroSecondTimeStamp ::= SEQUENCE
{
seconds [0] INTEGER (0..18446744073709551615),
-- number of seconds since 1970-1-1 00:00Z also known as unix time epoch
microSeconds [1] INTEGER (0..999999),
...
}
-- ===========================
-- Definitions for IRI Payload
-- ===========================
IRIPayload ::= SEQUENCE
{
iRIType [0] IRIType OPTIONAL,
-- See clause 5.2.10
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
iRIContents [2] IRIContents,
...,
microSecondTimeStamp [3] MicroSecondTimeStamp OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
timeStampQualifier [4] TimeStampQualifier OPTIONAL
}
IRIType ::= ENUMERATED
{
iRI-Begin(1),
iRI-End(2),
iRI-Continue(3),
iRI-Report(4)
}
IRIContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used (see clause A.3)
{
emailIRI [1] EmailIRI,
iPIRI [2] IPIRI,
iPIRIOnly [3] IPIRIOnly,
uMTSIRI [4] UMTSIRI,
eTSI671IRI [5] ETSI671IRI,
...,
l2IRI [6] L2IRI,
l2IRIOnly [7] L2IRIOnly,
tARGETACTIVITYMONITOR-1 [8] TS101909201.TARGETACTIVITYMONITOR-1,
tARGETACTIVITYMONITOR-2 [9] TS101909202.TARGETACTIVITYMONITOR,
pstnIsdnIRI [10] PstnIsdnIRI,
canterburym
committed
iPMMIRI [11] IPMMIRI,
lAESProtocol [12] Laesp-j-std-025-b.LAESProtocol,
cDMA2000LAESMessage [13] CDMA2000CIIModule.CDMA2000LAESMessage,
messagingIRI [14] MessagingIRI,
ePSIRI [15] EPSIRI
}
UMTSIRI ::= CHOICE
-- This structure may be commented out if not used
{
iRI-Parameters [0] UmtsHI2Operations.IRI-Parameters,
umtsIRIsContent [1] UmtsIRIsContent,
...,
iRI-CS-Parameters [2] UmtsCS-HI2Operations.IRI-Parameters,
umtsCS-IRIsContent [3] UmtsCS-IRIsContent
}
ETSI671IRI ::= CHOICE
-- This structure may be commented out if not used
{
iRI-Parameters [0] HI2Operations.IRI-Parameters,
iRIsContent [1] IRIsContent,
...
}
EPSIRI ::= CHOICE
-- This structure may be commented out if not used
{
iRI-EPS-Parameters [0] EpsHI2Operations.IRI-Parameters,
epsIRIsContent [1] EpsIRIsContent,
...
}
-- ===========================
-- Definitions for TRI Payload
-- ===========================
TRIPayload ::= CHOICE
{
integrityCheck [0] IntegrityCheck,
testPDU [1] NULL,
paddingPDU [2] OCTET STRING,
-- Undefined contents (will be discarded)
keep-alive [3] NULL,
keep-aliveResponse [4] NULL,
firstSegmentFlag [5] NULL,
lastSegmentFlag [6] NULL,
...,
cINReset [7] NULL,
operatorLeaMessage [8] OperatorLeaMessage,
optionRequest [9] OptionRequest,
optionResponse [10] OptionResponse,
optionComplete [11] NULL,
pDUAcknowledgementRequest [12] NULL,
pDUAcknowledgementResponse [13] NULL
}
IntegrityCheck ::= SEQUENCE
{
includedSequenceNumbers [0] SEQUENCE OF INTEGER (0..4294967295),
-- gives the order the PDUs were processed
checkType [1] CheckType,
dataType [2] DataType OPTIONAL,
-- From version5(5) the dataType is mandatory for hashes and for signatures
-- (see clause 7.2.3)
checkValue [3] OCTET STRING,
-- Network byte order
-- In case of a DSA/DSS signature, the r and s values shall be concatenated
...
}
CheckType ::= ENUMERATED
{
hash(1),
-- SHA-1 hash value
signature(2),
-- DSS/DSA signature
...
}
DataType ::= ENUMERATED
{
iRI(1),
cC(2),
...
}
Option ::= CHOICE
{
pDUAcknowledgement [0] NULL,
...
}
OptionRequest ::= SEQUENCE
{
requestedOptions [0] SEQUENCE OF Option,
...
}
OptionResponse ::= SEQUENCE
{
acceptedOptions [0] SEQUENCE OF Option,
declinedOptions [1] SEQUENCE OF Option,
...
}
-- ==================================
-- Definitions for OperatorLeaMessage
-- ==================================
OperatorLeaMessage ::= SEQUENCE
{
messagePriority [0] OperatorLeaMessagePriority,
message [1] OCTET STRING (SIZE(1..255)),
...
}
OperatorLeaMessagePriority ::= ENUMERATED
{
error(1),
-- reporting of error conditions that have impact on the quality of the
-- intercepted data
informational(2),
-- reporting of conditions that will not have direct impact on the quality of
-- the intercepted data
...
}
-- ===================================
-- Definitions for EncryptionContainer
-- ===================================
EncryptionContainer ::= SEQUENCE
{
encryptionType [0] EncryptionType,
encryptedPayload [1] OCTET STRING,
-- once decrypted, it can be interpreted as EncryptedPayload
...,
encryptedPayloadType [2] EncryptedPayloadType OPTIONAL
}
EncryptionType ::= ENUMERATED
{
none(1),
-- No encryption is applied.
national-option(2),
-- Use this option when an encryption scheme is negotiated on a national level
aES-192-CBC(3),
-- The Advanced Encryption Standard using a 192 bit key in CBC mode
aES-256-CBC(4),
-- The Advanced Encryption Standard using a 256 bit key in CBC mode
blowfish-192-CBC(5),
-- Blowfish (www.schneier.com/blowfish.html) using a 192 bit key in CBC mode
blowfish-256-CBC(6),
-- Blowfish using a 256 bit key in CBC mode
threedes-cbc(7),
-- Triple-DES using a 192 bit key in CBC mode
...
}
EncryptedPayload ::= SEQUENCE
{
byteCounter [0] INTEGER (0..18446744073709551615),
-- The sum of the sizes of all PDUs before this PDU.
-- It is initialized with the unixTime (number of seconds since 01-01-1970)
canterburym
committed
-- multiplied by 2^32 at first use.
-- Where N is sequencenumber of the n-th PDU in transfer, and size(PDU(N))
-- as defined in annex G:
-- IF N > 0 THEN
-- PDU[N].byteCounter = PDU[N-1].byteCounter + size(PDU[N-1])
-- ELSE
-- PDU[N].byteCounter = ( unixTime(now) << 32 )
-- ENDIF
payload [1] Payload,
...
}
EncryptedPayloadType ::= ENUMERATED
unknown(1),
part2(2),
-- encrypted payload is TS 102 232 part 2 [5]
part3(3),
-- encrypted payload is TS 102 232 part 3 [6]
part4(4),
-- encrypted payload is TS 102 232 part 4 [32]
part5(5),
-- encrypted payload is TS 102 232 part 5 [37]
part6(6),
-- encrypted payload is TS 102 232 part 6 [36]
part7(7),
-- encrypted payload is TS 102 232 part 7 [38]
...,
part1(8)
-- encrypted payload is TS 102 232 part 1 (the present document)
}
-- ==================
-- Common Parameters
-- ==================
Location ::= SEQUENCE
-- This is a common parameter, the use of this parameter is described in clause 4.5
{
umtsHI2Location [0] UmtsHI2Operations.Location OPTIONAL,
epsLocation [1] EpsHI2Operations.EPSLocation OPTIONAL,
...
}
canterburym
committed
END --end of LI-PS-PDU