Commit 13f21186 authored by canterburym's avatar canterburym
Browse files

TS 102 232-1 v2.3.1 (2008-07-18) agreed at LI#18 (Chania, Crete, 2008-05-27)

parent ba500505
Pipeline #11446 passed with stage
in 17 seconds
LI-PS-PDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version8(8)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- Any of the IMPORTs may be commented out if they are not used (see clause A.3)
-- from TS 101 671 [4]
LawfulInterceptionIdentifier,
IRI-Parameters,
IRIsContent,
Network-Element-Identifier
FROM HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version10(10)}
-- from TS 101 671 [4]
HI1-Operation
FROM HI1NotificationOperations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)}
-- from TS 102 232-02 [5]
EmailCC,
EmailIRI
FROM EmailPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version4(4)}
-- from TS 102 232-03 [6]
IPCC,
IPIRI,
IPIRIOnly
FROM IPAccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version5(5)}
-- from TS 102 232-04 [32]
L2CC,
L2IRI,
L2IRIOnly
FROM L2AccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version4(4)}
-- from TS 102 232-05 [37]
IPMMCC,
IPMMIRI
FROM IPMultimediaPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version3(3)}
-- from TS 102 232-06 [36]
PstnIsdnCC,
PstnIsdnIRI
FROM PstnIsdnPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version2(2)}
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsIRIsContent,
CorrelationValues
FROM UmtsHI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsCS-IRIsContent
FROM UmtsCS-HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from TS 101 909-20-1 [33]
TARGETACTIVITYMONITOR-1,
TTRAFFIC,
CTTRAFFIC
FROM TS101909201
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)}
-- from TS 101 909-20-2 [34]
TARGETACTIVITYMONITOR,
TTRAFFIC,
CTTRAFFIC
FROM TS101909202
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)};
-- end of IMPORTS
-- =============================
-- Object Identifier Definitions
-- =============================
lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}
li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version8(8)}
-- ====================
-- Top-level definition
-- ====================
PS-PDU ::= SEQUENCE
{
pSHeader [1] PSHeader,
payload [2] Payload
}
PSHeader ::= SEQUENCE
{
li-psDomainId [0] OBJECT IDENTIFIER,
lawfulInterceptionIdentifier [1] LawfulInterceptionIdentifier,
authorizationCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.3
communicationIdentifier [3] CommunicationIdentifier,
sequenceNumber [4] INTEGER (0..4294967295),
timeStamp [5] GeneralizedTime OPTIONAL,
-- see clause 5.2.6
...,
interceptionPointID [6] PrintableString (SIZE (1..8)) OPTIONAL,
-- see clause 5.2.11
microSecondTimeStamp [7] MicroSecondTimeStamp OPTIONAL,
timeStampQualifier [8] TimeStampQualifier OPTIONAL
}
Payload ::= CHOICE
{
iRIPayloadSequence [0] SEQUENCE OF IRIPayload,
cCPayloadSequence [1] SEQUENCE OF CCPayload,
-- Clause 6.2.3 explains how to include more than one payload in the same PDU
tRIPayload [2] TRIPayload,
...,
hI1-Operation [3] HI1-Operation,
encryptionHeader [4] EncryptionHeader
}
TimeStampQualifier ::= ENUMERATED
{
unknown(0),
timeOfInterception(1),
timeOfMediation(2),
...
}
-- ====================================
-- Items contained within the PS-Header
-- ====================================
CommunicationIdentifier ::= SEQUENCE
{
networkIdentifier [0] NetworkIdentifier,
communicationIdentityNumber [1] INTEGER (0..4294967295) OPTIONAL,
-- in case of transport of HI1 messages not required
-- Mandatory for CC and IRI, with certain exceptions (see 5.2.4)
deliveryCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.4
...,
cINExtension [3] CorrelationValues OPTIONAL
-- To be used when a single INTEGER is not sufficient to identify
-- a particular session (see clause 5.2.4)
}
NetworkIdentifier ::= SEQUENCE
{
operatorIdentifier [0] OCTET STRING (SIZE(1..16)),
networkElementIdentifier [1] OCTET STRING (SIZE(1..16)) OPTIONAL,
...,
eTSI671NEID [2] Network-Element-Identifier OPTIONAL
-- For Network Element Identifier, use either OCTET STRING or ETSI671 definition
}
-- ==========================
-- Definitions for CC Payload
-- ==========================
CCPayload ::= SEQUENCE
{
payloadDirection [0] PayloadDirection OPTIONAL,
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
cCContents [2] CCContents,
...,
microSecondTimeStamp [3] MicroSecondTimeStamp OPTIONAL
-- For aggregated payloads (see clause 6.2.3)
}
PayloadDirection ::= ENUMERATED
{
fromTarget(0),
toTarget(1),
...,
indeterminate(2),
-- Indication whether intercepted CC was travelling to or from the target
-- or that the direction was indeterminate
combined(3),
-- Indication applicable to some services that the traffic is actually a combination
-- of To and From
notapplicable(4)
-- Indication that direction of interceptable service does not make sense
}
CCContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used, see clause A.3
{
undefinedCC [0] OCTET STRING,
emailCC [1] EmailCC,
iPCC [2] IPCC,
uMTSCC [4] OCTET STRING,
eTSI671CC [5] OCTET STRING,
...,
l2CC [6] L2CC,
tTRAFFIC-1 [7] TS101909201.TTRAFFIC,
cTTRAFFIC-1 [8] TS101909201.CTTRAFFIC,
tTRAFFIC-2 [9] TS101909202.TTRAFFIC,
cTTRAFFIC-2 [10] TS101909202.CTTRAFFIC,
pstnIsdnCC [11] PstnIsdnCC,
iPMMCC [12] IPMMCC
}
MicroSecondTimeStamp ::= SEQUENCE
{
seconds [0] INTEGER (0..18446744073709551615),
-- number of seconds since 1970-1-1 00:00Z also known as unix time epoch
microSeconds [1] INTEGER (0..999999),
...
}
-- ===========================
-- Definitions for IRI Payload
-- ===========================
IRIPayload ::= SEQUENCE
{
iRIType [0] IRIType OPTIONAL,
-- See clause 5.2.10
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
iRIContents [2] IRIContents,
...
}
IRIType ::= ENUMERATED
{
iRI-Begin(1),
iRI-End(2),
iRI-Continue(3),
iRI-Report(4)
}
IRIContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used (see clause A.3)
{
undefinedIRI [0] OCTET STRING,
emailIRI [1] EmailIRI,
iPIRI [2] IPIRI,
iPIRIOnly [3] IPIRIOnly,
uMTSIRI [4] UMTSIRI,
eTSI671IRI [5] ETSI671IRI,
...,
l2IRI [6] L2IRI,
l2IRIOnly [7] L2IRIOnly,
tARGETACTIVITYMONITOR-1 [8] TS101909201.TARGETACTIVITYMONITOR-1,
tARGETACTIVITYMONITOR-2 [9] TS101909202.TARGETACTIVITYMONITOR,
pstnIsdnIRI [10] PstnIsdnIRI,
iPMMIRI [11] IPMMIRI
}
UMTSIRI ::= CHOICE
-- This structure may be commented out if not used
{
iRI-Parameters [0] UmtsHI2Operations.IRI-Parameters,
umtsIRIsContent [1] UmtsIRIsContent,
...,
iRI-CS-Parameters [2] UmtsCS-HI2Operations.IRI-Parameters,
umtsCS-IRIsContent [3] UmtsCS-IRIsContent
}
ETSI671IRI ::= CHOICE
-- This structure may be commented out if not used
{
iRI-Parameters [0] HI2Operations.IRI-Parameters,
iRIsContent [1] IRIsContent,
...
}
-- ===========================
-- Definitions for TRI Payload
-- ===========================
TRIPayload ::= CHOICE
{
integrityCheck [0] IntegrityCheck,
testPDU [1] NULL,
paddingPDU [2] OCTET STRING,
-- Undefined contents (will be discarded)
keep-alive [3] NULL,
keep-aliveResponse [4] NULL,
firstSegmentFlag [5] NULL,
lastSegmentFlag [6] NULL,
...,
cINReset [7] NULL,
operatorLeaMessage [8] OperatorLeaMessage
}
IntegrityCheck ::= SEQUENCE
{
includedSequenceNumbers [0] SEQUENCE OF INTEGER (0..4294967295),
-- gives the order the PDUs were processed
checkType [1] CheckType,
dataType [2] DataType OPTIONAL,
-- From version5(5) the dataType is mandatory for hashes and for signatures
-- (see clause 7.2.3)
checkValue [3] OCTET STRING,
-- Network byte order
-- In case of a DSA/DSS signature, the r and s values shall be concatenated
...
}
CheckType ::= ENUMERATED
{
hash(1),
-- SHA-1 hash value
signature(2),
-- DSS/DSA signature
...
}
DataType ::= ENUMERATED
{
iRI(1),
cC(2),
...
}
-- ==================================
-- Definitions for OperatorLeaMessage
-- ==================================
OperatorLeaMessage ::= SEQUENCE
{
messagePriority [0] OperatorLeaMessagePriority,
message [1] OCTET STRING (SIZE(1..255)),
...
}
OperatorLeaMessagePriority ::= ENUMERATED
{
error(1),
-- reporting of error conditions that have impact on the quality of the
-- intercepted data
informational(2),
-- reporting of conditions that will not have direct impact on the quality of
-- the intercepted data
...
}
-- ================================
-- Definitions for EncryptionHeader
-- ================================
EncryptionHeader ::= SEQUENCE
{
encryptionType [0] EncryptionType,
encryptedPayload [1] OCTET STRING,
-- once decrypted, it can be interpreted as payload [1] EncryptedPayload
...
}
EncryptionType ::= ENUMERATED
{
none(1),
-- No encryption is applied. This option can be used for testing or to store data at the
-- LEMF after decryption
national-option(2),
-- Use this option when an encryption scheme is negotiated on a national level
aES-192-CBC(3),
-- The Advanced Encryption Standard using a 192 bit key in CBC mode
aES-256-CBC(4),
-- The Advanced Encryption Standard using a 256 bit key in CBC mode
blowfish-192-CBC(5),
-- Blowfish (www.schneier.com/blowfish.html) using a 192 bit key in CBC mode
blowfish-256-CBC(6),
-- Blowfish using a 256 bit key in CBC mode
threedes-cbc(7),
-- Triple-DES using a 192 bit key in CBC mode
...
}
EncryptedPayload ::= SEQUENCE
{
byteCounter [0] INTEGER (0..18446744073709551615),
-- The sum of the sizes of all transferred PDUs before this PDU.
-- It is initialized with the unixTime (number of seconds since 01-01-1970)
-- multiplied by 232 at first use.
-- Where N is sequencenumber of the n-th PDU in transfer, and size(PDU(N))
-- is defined to be the size of the PDU after BER encoding:
-- IF N > 0 THEN
-- PDU[N].byteCounter = PDU[N-1].byteCounter + size(PDU[N-1])
-- ELSE
-- PDU[N].byteCounter = ( unixTime(now) << 32 )
-- ENDIF
payload [1] Payload,
-- Once decrypted, it can be interpreted as payload [1] Payload
...
}
END -- end of LI-PS-PDU
LI-PS-PDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version8(8)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- Any of the IMPORTs may be commented out if they are not used (see clause A.3)
-- from TS 101 671 [4]
LawfulInterceptionIdentifier,
IRI-Parameters,
IRIsContent,
Network-Element-Identifier
FROM HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version10(10)}
-- from TS 101 671 [4]
HI1-Operation
FROM HI1NotificationOperations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)}
-- from TS 102 232-02 [5]
EmailCC,
EmailIRI
FROM EmailPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version4(4)}
-- from TS 102 232-03 [6]
IPCC,
IPIRI,
IPIRIOnly
FROM IPAccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version5(5)}
-- from TS 102 232-04 [32]
L2CC,
L2IRI,
L2IRIOnly
FROM L2AccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version4(4)}
-- from TS 102 232-05 [37]
IPMMCC,
IPMMIRI
FROM IPMultimediaPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version3(3)}
-- from TS 102 232-06 [36]
PstnIsdnCC,
PstnIsdnIRI
FROM PstnIsdnPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version2(2)}
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsIRIsContent,
CorrelationValues
FROM UmtsHI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from 3GPP TS 33.108 [9]
IRI-Parameters,
UmtsCS-IRIsContent
FROM UmtsCS-HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)}
-- The relevant module (including the UMTS release and version number) needs
-- to be chosen when compiling the application.
-- from TS 101 909-20-1 [33]
TARGETACTIVITYMONITOR-1,
TTRAFFIC,
CTTRAFFIC
FROM TS101909201
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)}
-- from TS 101 909-20-2 [34]
TARGETACTIVITYMONITOR,
TTRAFFIC,
CTTRAFFIC
FROM TS101909202
{itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)};
-- end of IMPORTS
-- =============================
-- Object Identifier Definitions
-- =============================
lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}
li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version8(8)}
-- ====================
-- Top-level definition
-- ====================
PS-PDU ::= SEQUENCE
{
pSHeader [1] PSHeader,
payload [2] Payload
}
PSHeader ::= SEQUENCE
{
li-psDomainId [0] OBJECT IDENTIFIER,
lawfulInterceptionIdentifier [1] LawfulInterceptionIdentifier,
authorizationCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.3
communicationIdentifier [3] CommunicationIdentifier,
sequenceNumber [4] INTEGER (0..4294967295),
timeStamp [5] GeneralizedTime OPTIONAL,
-- see clause 5.2.6
...,
interceptionPointID [6] PrintableString (SIZE (1..8)) OPTIONAL,
-- see clause 5.2.11
microSecondTimeStamp [7] MicroSecondTimeStamp OPTIONAL,
timeStampQualifier [8] TimeStampQualifier OPTIONAL
}
Payload ::= CHOICE
{
iRIPayloadSequence [0] SEQUENCE OF IRIPayload,
cCPayloadSequence [1] SEQUENCE OF CCPayload,
-- Clause 6.2.3 explains how to include more than one payload in the same PDU
tRIPayload [2] TRIPayload,
...,
hI1-Operation [3] HI1-Operation,
encryptionHeader [4] EncryptionHeader
}
TimeStampQualifier ::= ENUMERATED
{
unknown(0),
timeOfInterception(1),
timeOfMediation(2),
...
}
-- ====================================
-- Items contained within the PS-Header
-- ====================================
CommunicationIdentifier ::= SEQUENCE
{
networkIdentifier [0] NetworkIdentifier,
communicationIdentityNumber [1] INTEGER (0..4294967295) OPTIONAL,
-- in case of transport of HI1 messages not required
-- Mandatory for CC and IRI, with certain exceptions (see 5.2.4)
deliveryCountryCode [2] PrintableString (SIZE (2)) OPTIONAL,
-- see clause 5.2.4
...,
cINExtension [3] CorrelationValues OPTIONAL
-- To be used when a single INTEGER is not sufficient to identify
-- a particular session (see clause 5.2.4)
}
NetworkIdentifier ::= SEQUENCE
{
operatorIdentifier [0] OCTET STRING (SIZE(1..16)),
networkElementIdentifier [1] OCTET STRING (SIZE(1..16)) OPTIONAL,
...,
eTSI671NEID [2] Network-Element-Identifier OPTIONAL
-- For Network Element Identifier, use either OCTET STRING or ETSI671 definition
}
-- ==========================
-- Definitions for CC Payload
-- ==========================
CCPayload ::= SEQUENCE
{
payloadDirection [0] PayloadDirection OPTIONAL,
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
cCContents [2] CCContents,
...,
microSecondTimeStamp [3] MicroSecondTimeStamp OPTIONAL
-- For aggregated payloads (see clause 6.2.3)
}
PayloadDirection ::= ENUMERATED
{
fromTarget(0),
toTarget(1),
...,
indeterminate(2),
-- Indication whether intercepted CC was travelling to or from the target
-- or that the direction was indeterminate
combined(3),
-- Indication applicable to some services that the traffic is actually a combination
-- of To and From
notapplicable(4)
-- Indication that direction of interceptable service does not make sense
}
CCContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used, see clause A.3
{
undefinedCC [0] OCTET STRING,
emailCC [1] EmailCC,
iPCC [2] IPCC,
uMTSCC [4] OCTET STRING,
eTSI671CC [5] OCTET STRING,
...,
l2CC [6] L2CC,
tTRAFFIC-1 [7] TS101909201.TTRAFFIC,
cTTRAFFIC-1 [8] TS101909201.CTTRAFFIC,
tTRAFFIC-2 [9] TS101909202.TTRAFFIC,
cTTRAFFIC-2 [10] TS101909202.CTTRAFFIC,
pstnIsdnCC [11] PstnIsdnCC,
iPMMCC [12] IPMMCC
}
MicroSecondTimeStamp ::= SEQUENCE
{
seconds [0] INTEGER (0..18446744073709551615),
-- number of seconds since 1970-1-1 00:00Z also known as unix time epoch
microSeconds [1] INTEGER (0..999999),
...
}
-- ===========================
-- Definitions for IRI Payload
-- ===========================
IRIPayload ::= SEQUENCE
{
iRIType [0] IRIType OPTIONAL,
-- See clause 5.2.10
timeStamp [1] GeneralizedTime OPTIONAL,
-- For aggregated payloads (see clause 6.2.3)
iRIContents [2] IRIContents,
...
}
IRIType ::= ENUMERATED
{
iRI-Begin(1),
iRI-End(2),
iRI-Continue(3),
iRI-Report(4)
}
IRIContents ::= CHOICE
-- Any of these choices may be commented out if they are not being used (see clause A.3)
{