LI-PS-PDU.asn

LI-PS-PDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version13(13)}

DEFINITIONS IMPLICIT TAGS ::=

BEGIN

IMPORTS
	-- Any of the IMPORTs may be commented out if they are not used (see clause A.3)

	-- from TS 101 671 [4]
	LawfulInterceptionIdentifier, 
	IRI-Parameters, 
	IRIsContent,
	Network-Element-Identifier
		FROM HI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version14(14)}

	-- from TS 101 671 [4]
	HI1-Operation
		FROM HI1NotificationOperations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)}

	-- from TS 102 232-02 [5]
	EmailCC,
	EmailIRI,
	MessagingCC,
	MessagingIRI
		FROM EmailPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version8(8)}

	-- from TS 102 232-03 [6]
	IPCC,
	IPIRI,
	IPIRIOnly
		FROM IPAccessPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version9(9)}

	-- from TS 102 232-04 [32]
	L2CC,
	L2IRI,
	L2IRIOnly
		FROM L2AccessPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version6(6)}

	-- from TS 102 232-05 [37]
	IPMMCC,
	IPMMIRI
		FROM IPMultimediaPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version6(6)}

	-- from TS 102 232-06 [36]
	PstnIsdnCC,
	PstnIsdnIRI
		FROM PstnIsdnPDU
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version4(4)}

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	UmtsIRIsContent,
	CorrelationValues
		FROM UmtsHI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	UmtsCS-IRIsContent
		FROM UmtsCS-HI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.

	-- from 3GPP TS 33.108 [9]
	IRI-Parameters,
	EpsIRIsContent
		FROM EpsHI2Operations
		{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2eps(8)}
			-- The relevant module (including the UMTS release and version number) needs
			-- to be chosen when compiling the application.

	-- from TS 101 909-20-1 [33]
	TARGETACTIVITYMONITOR-1,
	TTRAFFIC,
	CTTRAFFIC
		FROM TS101909201
		{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)}

	-- from TS 101 909-20-2 [34]
	TARGETACTIVITYMONITOR,
	TTRAFFIC,
	CTTRAFFIC
		FROM TS101909202
		{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)}

	-- from J-STD-025-B [39]
	LAESProtocol
		FROM Laesp-j-std-025-b 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) j-std-025(0) j-std-025-b(2) version-1(0)}
	CDMA2000LAESMessage
		FROM CDMA2000CIIModule 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cii(0) version-2(1)}
	CCIPPacketHeader
		FROM CDMA2000CCModule 
		{iso(1) member-body(2) us(840) tia(113737) laes(2) tr45(0) cdma2000(1) cc(1) version-1(0)};

-- end of IMPORTS

-- =============================
-- Object Identifier Definitions
-- =============================

lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}

li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version13(13)}

-- ====================
-- Top-level definition
-- ====================

PS-PDU			::= SEQUENCE
{
	pSHeader	[1] PSHeader,
	payload		[2] Payload
}

PSHeader		::= SEQUENCE
{
	li-psDomainId					[0] OBJECT IDENTIFIER,
	lawfulInterceptionIdentifier	[1] LawfulInterceptionIdentifier,
	authorizationCountryCode		[2] PrintableString (SIZE (2)) OPTIONAL,
		-- see clause 5.2.3
	communicationIdentifier			[3] CommunicationIdentifier, 
	sequenceNumber					[4] INTEGER (0..4294967295),
	timeStamp						[5] GeneralizedTime OPTIONAL,
		-- see clause 5.2.6
	...,
	interceptionPointID				[6] PrintableString (SIZE (1..8)) OPTIONAL,
		-- see clause 5.2.11
	microSecondTimeStamp			[7] MicroSecondTimeStamp OPTIONAL,
	timeStampQualifier				[8] TimeStampQualifier OPTIONAL
}

Payload ::= CHOICE
{
	iRIPayloadSequence		[0] SEQUENCE OF IRIPayload,
	cCPayloadSequence		[1] SEQUENCE OF CCPayload,
		-- Clause 6.2.3 explains how to include more than one payload in the same PDU
	tRIPayload				[2] TRIPayload,
	...,
	hI1-Operation			[3] HI1-Operation,
	encryptionContainer		[4] EncryptionContainer
}

TimeStampQualifier	::= ENUMERATED
{
	unknown(0),
	timeOfInterception(1),
	timeOfMediation(2),
	...
}

-- ====================================
-- Items contained within the PS-Header
-- ====================================

CommunicationIdentifier		::= SEQUENCE 
{
	networkIdentifier				[0] NetworkIdentifier,
	communicationIdentityNumber		[1] INTEGER (0..4294967295) OPTIONAL,
		-- in case of transport of HI1 messages not required
		-- Mandatory for CC and IRI, with certain exceptions (see 5.2.4)
	deliveryCountryCode				[2] PrintableString (SIZE (2)) OPTIONAL,
		-- see clause 5.2.4
	...,
	cINExtension					[3] CorrelationValues OPTIONAL
		-- To be used when a single INTEGER is not sufficient to identify
		-- a particular session (see clause 5.2.4)
}

NetworkIdentifier	::= SEQUENCE 
{
	operatorIdentifier			[0] OCTET STRING (SIZE(1..16)),
	networkElementIdentifier	[1] OCTET STRING (SIZE(1..16)) OPTIONAL,
	...,
	eTSI671NEID					[2] Network-Element-Identifier OPTIONAL
		-- For Network Element Identifier, use either OCTET STRING or ETSI671 definition
}

-- ==========================
-- Definitions for CC Payload
-- ==========================

CCPayload	::= SEQUENCE
{
	payloadDirection		[0] PayloadDirection OPTIONAL,
	timeStamp				[1] GeneralizedTime OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	cCContents				[2] CCContents,
	...,
	microSecondTimeStamp	[3] MicroSecondTimeStamp OPTIONAL
		-- For aggregated payloads (see clause 6.2.3)
}

PayloadDirection ::= ENUMERATED
{
	fromTarget(0),
	toTarget(1),
	...,
	indeterminate(2),
		-- Indication whether intercepted CC was travelling to or from the target 
		-- or that the direction was indeterminate
	combined(3),
		-- Indication applicable to some services that the traffic is actually a combination
		-- of To and From
	notapplicable(4)
		-- Indication that direction of interceptable service does not make sense
}

CCContents ::= CHOICE
	-- Any of these choices may be commented out if they are not being used, see clause A.3
{
	undefinedCC			[0] OCTET STRING,
	emailCC				[1] EmailCC,
	iPCC				[2] IPCC,
	uMTSCC				[4] OCTET STRING,
	eTSI671CC			[5] OCTET STRING,
	...,
	l2CC				[6] L2CC,
	tTRAFFIC-1			[7] TS101909201.TTRAFFIC,
	cTTRAFFIC-1			[8] TS101909201.CTTRAFFIC,
	tTRAFFIC-2			[9] TS101909202.TTRAFFIC,
	cTTRAFFIC-2			[10] TS101909202.CTTRAFFIC,
	pstnIsdnCC			[11] PstnIsdnCC,
	iPMMCC				[12] IPMMCC,
	cCIPPacketHeader	[13] CDMA2000CCModule.CCIPPacketHeader,
	messagingCC         [14] MessagingCC,
	ePSCC               [15] OCTET STRING
}

MicroSecondTimeStamp ::= SEQUENCE
{
	seconds			[0] INTEGER (0..18446744073709551615),
		-- number of seconds since 1970-1-1 00:00Z also known as unix time epoch
	microSeconds	[1] INTEGER (0..999999),
	...
}

-- ===========================
-- Definitions for IRI Payload
-- ===========================

IRIPayload ::= SEQUENCE
{
	iRIType			[0] IRIType OPTIONAL,
		-- See clause 5.2.10
	timeStamp		[1] GeneralizedTime OPTIONAL,
		-- For aggregated payloads (see clause 6.2.3)
	iRIContents		[2] IRIContents,
	...
}

IRIType		::= ENUMERATED
{
	iRI-Begin(1),
	iRI-End(2),
	iRI-Continue(3),
	iRI-Report(4)
}

IRIContents		::= CHOICE
	-- Any of these choices may be commented out if they are not being used (see clause A.3)
{
	undefinedIRI			[0] OCTET STRING,
	emailIRI				[1] EmailIRI,
	iPIRI					[2] IPIRI,
	iPIRIOnly				[3] IPIRIOnly,
	uMTSIRI					[4] UMTSIRI,
	eTSI671IRI				[5] ETSI671IRI,
	...,
	l2IRI					[6] L2IRI,
	l2IRIOnly				[7] L2IRIOnly,
	tARGETACTIVITYMONITOR-1	[8] TS101909201.TARGETACTIVITYMONITOR-1,
	tARGETACTIVITYMONITOR-2	[9] TS101909202.TARGETACTIVITYMONITOR,
	pstnIsdnIRI				[10] PstnIsdnIRI,
	iPMMIRI					[11] IPMMIRI,
	lAESProtocol			[12] Laesp-j-std-025-b.LAESProtocol,
	cDMA2000LAESMessage		[13] CDMA2000CIIModule.CDMA2000LAESMessage,
	messagingIRI            [14] MessagingIRI,
	ePSIRI                  [15] EPSIRI
}

UMTSIRI			::= CHOICE
	-- This structure may be commented out if not used
{
	iRI-Parameters		[0] UmtsHI2Operations.IRI-Parameters,
	umtsIRIsContent		[1] UmtsIRIsContent,
	...,
	iRI-CS-Parameters	[2] UmtsCS-HI2Operations.IRI-Parameters,
	umtsCS-IRIsContent	[3] UmtsCS-IRIsContent
}

ETSI671IRI		::= CHOICE
	-- This structure may be commented out if not used
{
	iRI-Parameters	[0] HI2Operations.IRI-Parameters,
	iRIsContent		[1] IRIsContent,
	...
}

EPSIRI          ::= CHOICE
    -- This structure may be commented out if not used
{
    iRI-EPS-Parameters [0] EpsHI2Operations.IRI-Parameters,
	epsIRIsContent     [1] EpsIRIsContent,
	...
}

-- ===========================
-- Definitions for TRI Payload
-- ===========================

TRIPayload		::= CHOICE
{
	integrityCheck		[0] IntegrityCheck,
	testPDU				[1] NULL,
	paddingPDU			[2] OCTET STRING,
		-- Undefined contents (will be discarded)
	keep-alive			[3] NULL,
	keep-aliveResponse	[4] NULL,
	firstSegmentFlag	[5] NULL,
	lastSegmentFlag		[6] NULL,
	...,
	cINReset			[7] NULL,
	operatorLeaMessage	[8] OperatorLeaMessage
}

IntegrityCheck		::= SEQUENCE
{
	includedSequenceNumbers	[0] SEQUENCE OF INTEGER (0..4294967295),
		-- gives the order the PDUs were processed
	checkType				[1] CheckType,
	dataType				[2] DataType OPTIONAL,
		-- From version5(5) the dataType is mandatory for hashes and for signatures
		-- (see clause 7.2.3)
	checkValue				[3] OCTET STRING,
		-- Network byte order
		-- In case of a DSA/DSS signature, the r and s values shall be concatenated
	...
}

CheckType	::= ENUMERATED 
{
	hash(1),
		-- SHA-1 hash value
	signature(2),
		-- DSS/DSA signature
	...
}

DataType	::= ENUMERATED
{
	iRI(1),
	cC(2),
	...
}

-- ==================================
-- Definitions for OperatorLeaMessage
-- ==================================

OperatorLeaMessage		::= SEQUENCE
{
	messagePriority		[0] OperatorLeaMessagePriority,
	message				[1] OCTET STRING (SIZE(1..255)),
	...
}

OperatorLeaMessagePriority		::= ENUMERATED
{
	error(1),
		-- reporting of error conditions that have impact on the quality of the
		-- intercepted data
	informational(2),
		-- reporting of conditions that will not have direct impact on the quality of
		-- the intercepted data
	...
}

-- ================================
-- Definitions for EncryptionContainer
-- ================================

EncryptionContainer		::= SEQUENCE 
{
	encryptionType			[0] EncryptionType,
	encryptedPayload		[1] OCTET STRING,
		-- once decrypted, it can be interpreted as EncryptedPayload
	...,
	encryptedPayloadType	[2] EncryptedPayloadType OPTIONAL
}

EncryptionType			::= ENUMERATED
{
	none(1),
		-- No encryption is applied.
	national-option(2),
		-- Use this option when an encryption scheme is negotiated on a national level
	aES-192-CBC(3),
		-- The Advanced Encryption Standard using a 192 bit key in CBC mode
	aES-256-CBC(4),
		-- The Advanced Encryption Standard using a 256 bit key in CBC mode
	blowfish-192-CBC(5),
		-- Blowfish (www.schneier.com/blowfish.html) using a 192 bit key in CBC mode
	blowfish-256-CBC(6),
		-- Blowfish using a 256 bit key in CBC mode
	threedes-cbc(7),
		-- Triple-DES using a 192 bit key in CBC mode
	...
}

EncryptedPayload		::= SEQUENCE 
{
	byteCounter			[0] INTEGER (0..18446744073709551615),
		-- The sum of the sizes of all PDUs before this PDU.
		-- It is initialized with the unixTime (number of seconds since 01-01-1970)
		-- multiplied by 2^32 at first use.
		-- Where N is sequencenumber of the n-th PDU in transfer, and size(PDU(N))
		-- as defined in Annex I:
		-- 		IF N > 0 THEN
		-- 		PDU[N].byteCounter = PDU[N-1].byteCounter + size(PDU[N-1])
		-- 		ELSE
		-- 		PDU[N].byteCounter = ( unixTime(now) << 32 )
		-- 		ENDIF
	payload				[1] Payload,
	...
}

EncryptedPayloadType	::= ENUMERATED 
{
	unknown(0),
	part1(1),
		-- encrypted payload is TS 102 232 part 1
	part2(2),
		-- encrypted payload is TS 102 232 part 2 [5]
	part3(3),
		-- encrypted payload is TS 102 232 part 3 [6]
	part4(4),
		-- encrypted payload is TS 102 232 part 4 [32]
	part5(5),
		-- encrypted payload is TS 102 232 part 5 [37]
	part6(6),
		-- encrypted payload is TS 102 232 part 6 [36]
	part7(7),
		-- encrypted payload is TS 102 232 part 7 [38]
	...
}

END --end of LI-PS-PDU