LI-PS-PDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version9(9)} DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS -- Any of the IMPORTs may be commented out if they are not used (see clause A.3) -- from TS 101 671 [4] LawfulInterceptionIdentifier, IRI-Parameters, IRIsContent, Network-Element-Identifier FROM HI2Operations {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version10(10)} -- from TS 101 671 [4] HI1-Operation FROM HI1NotificationOperations {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi1(0) notificationOperations(1) version6(6)} -- from TS 102 232-02 [5] EmailCC, EmailIRI FROM EmailPDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) email(2) version4(4)} -- from TS 102 232-03 [6] IPCC, IPIRI, IPIRIOnly FROM IPAccessPDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version5(5)} -- from TS 102 232-04 [32] L2CC, L2IRI, L2IRIOnly FROM L2AccessPDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) l2Access(4) version4(4)} -- from TS 102 232-05 [37] IPMMCC, IPMMIRI FROM IPMultimediaPDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version3(3)} -- from TS 102 232-06 [36] PstnIsdnCC, PstnIsdnIRI FROM PstnIsdnPDU {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) pstnIsdn(6) version3(3)} -- from 3GPP TS 33.108 [9] IRI-Parameters, UmtsIRIsContent, CorrelationValues FROM UmtsHI2Operations {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2(1)} -- The relevant module (including the UMTS release and version number) needs -- to be chosen when compiling the application. -- from 3GPP TS 33.108 [9] IRI-Parameters, UmtsCS-IRIsContent FROM UmtsCS-HI2Operations {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) threeGPP(4) hi2CS(3)} -- The relevant module (including the UMTS release and version number) needs -- to be chosen when compiling the application. -- from TS 101 909-20-1 [33] TARGETACTIVITYMONITOR-1, TTRAFFIC, CTTRAFFIC FROM TS101909201 {itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart1(1) interceptVersion(0)} -- from TS 101 909-20-2 [34] TARGETACTIVITYMONITOR, TTRAFFIC, CTTRAFFIC FROM TS101909202 {itu-t(0) identified-organization(4) etsi(0) ts101909(1909) part20(20) subpart2(2) interceptVersion(0)}; -- end of IMPORTS -- ============================= -- Object Identifier Definitions -- ============================= lawfulInterceptDomainId OBJECT IDENTIFIER ::= {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)} li-psDomainId OBJECT IDENTIFIER ::= {lawfulInterceptDomainId li-ps(5) genHeader(1) version9(9)} -- ==================== -- Top-level definition -- ==================== PS-PDU ::= SEQUENCE { pSHeader [1] PSHeader, payload [2] Payload } PSHeader ::= SEQUENCE { li-psDomainId [0] OBJECT IDENTIFIER, lawfulInterceptionIdentifier [1] LawfulInterceptionIdentifier, authorizationCountryCode [2] PrintableString (SIZE (2)) OPTIONAL, -- see clause 5.2.3 communicationIdentifier [3] CommunicationIdentifier, sequenceNumber [4] INTEGER (0..4294967295), timeStamp [5] GeneralizedTime OPTIONAL, -- see clause 5.2.6 ..., interceptionPointID [6] PrintableString (SIZE (1..8)) OPTIONAL, -- see clause 5.2.11 microSecondTimeStamp [7] MicroSecondTimeStamp OPTIONAL, timeStampQualifier [8] TimeStampQualifier OPTIONAL } Payload ::= CHOICE { iRIPayloadSequence [0] SEQUENCE OF IRIPayload, cCPayloadSequence [1] SEQUENCE OF CCPayload, -- Clause 6.2.3 explains how to include more than one payload in the same PDU tRIPayload [2] TRIPayload, ..., hI1-Operation [3] HI1-Operation, encryptionHeader [4] EncryptionHeader } TimeStampQualifier ::= ENUMERATED { unknown(0), timeOfInterception(1), timeOfMediation(2), ... } -- ==================================== -- Items contained within the PS-Header -- ==================================== CommunicationIdentifier ::= SEQUENCE { networkIdentifier [0] NetworkIdentifier, communicationIdentityNumber [1] INTEGER (0..4294967295) OPTIONAL, -- in case of transport of HI1 messages not required -- Mandatory for CC and IRI, with certain exceptions (see 5.2.4) deliveryCountryCode [2] PrintableString (SIZE (2)) OPTIONAL, -- see clause 5.2.4 ..., cINExtension [3] CorrelationValues OPTIONAL -- To be used when a single INTEGER is not sufficient to identify -- a particular session (see clause 5.2.4) } NetworkIdentifier ::= SEQUENCE { operatorIdentifier [0] OCTET STRING (SIZE(1..16)), networkElementIdentifier [1] OCTET STRING (SIZE(1..16)) OPTIONAL, ..., eTSI671NEID [2] Network-Element-Identifier OPTIONAL -- For Network Element Identifier, use either OCTET STRING or ETSI671 definition } -- ========================== -- Definitions for CC Payload -- ========================== CCPayload ::= SEQUENCE { payloadDirection [0] PayloadDirection OPTIONAL, timeStamp [1] GeneralizedTime OPTIONAL, -- For aggregated payloads (see clause 6.2.3) cCContents [2] CCContents, ..., microSecondTimeStamp [3] MicroSecondTimeStamp OPTIONAL -- For aggregated payloads (see clause 6.2.3) } PayloadDirection ::= ENUMERATED { fromTarget(0), toTarget(1), ..., indeterminate(2), -- Indication whether intercepted CC was travelling to or from the target -- or that the direction was indeterminate combined(3), -- Indication applicable to some services that the traffic is actually a combination -- of To and From notapplicable(4) -- Indication that direction of interceptable service does not make sense } CCContents ::= CHOICE -- Any of these choices may be commented out if they are not being used, see clause A.3 { undefinedCC [0] OCTET STRING, emailCC [1] EmailCC, iPCC [2] IPCC, uMTSCC [4] OCTET STRING, eTSI671CC [5] OCTET STRING, ..., l2CC [6] L2CC, tTRAFFIC-1 [7] TS101909201.TTRAFFIC, cTTRAFFIC-1 [8] TS101909201.CTTRAFFIC, tTRAFFIC-2 [9] TS101909202.TTRAFFIC, cTTRAFFIC-2 [10] TS101909202.CTTRAFFIC, pstnIsdnCC [11] PstnIsdnCC, iPMMCC [12] IPMMCC } MicroSecondTimeStamp ::= SEQUENCE { seconds [0] INTEGER (0..18446744073709551615), -- number of seconds since 1970-1-1 00:00Z also known as unix time epoch microSeconds [1] INTEGER (0..999999), ... } -- =========================== -- Definitions for IRI Payload -- =========================== IRIPayload ::= SEQUENCE { iRIType [0] IRIType OPTIONAL, -- See clause 5.2.10 timeStamp [1] GeneralizedTime OPTIONAL, -- For aggregated payloads (see clause 6.2.3) iRIContents [2] IRIContents, ... } IRIType ::= ENUMERATED { iRI-Begin(1), iRI-End(2), iRI-Continue(3), iRI-Report(4) } IRIContents ::= CHOICE -- Any of these choices may be commented out if they are not being used (see clause A.3) { undefinedIRI [0] OCTET STRING, emailIRI [1] EmailIRI, iPIRI [2] IPIRI, iPIRIOnly [3] IPIRIOnly, uMTSIRI [4] UMTSIRI, eTSI671IRI [5] ETSI671IRI, ..., l2IRI [6] L2IRI, l2IRIOnly [7] L2IRIOnly, tARGETACTIVITYMONITOR-1 [8] TS101909201.TARGETACTIVITYMONITOR-1, tARGETACTIVITYMONITOR-2 [9] TS101909202.TARGETACTIVITYMONITOR, pstnIsdnIRI [10] PstnIsdnIRI, iPMMIRI [11] IPMMIRI } UMTSIRI ::= CHOICE -- This structure may be commented out if not used { iRI-Parameters [0] UmtsHI2Operations.IRI-Parameters, umtsIRIsContent [1] UmtsIRIsContent, ..., iRI-CS-Parameters [2] UmtsCS-HI2Operations.IRI-Parameters, umtsCS-IRIsContent [3] UmtsCS-IRIsContent } ETSI671IRI ::= CHOICE -- This structure may be commented out if not used { iRI-Parameters [0] HI2Operations.IRI-Parameters, iRIsContent [1] IRIsContent, ... } -- =========================== -- Definitions for TRI Payload -- =========================== TRIPayload ::= CHOICE { integrityCheck [0] IntegrityCheck, testPDU [1] NULL, paddingPDU [2] OCTET STRING, -- Undefined contents (will be discarded) keep-alive [3] NULL, keep-aliveResponse [4] NULL, firstSegmentFlag [5] NULL, lastSegmentFlag [6] NULL, ..., cINReset [7] NULL, operatorLeaMessage [8] OperatorLeaMessage } IntegrityCheck ::= SEQUENCE { includedSequenceNumbers [0] SEQUENCE OF INTEGER (0..4294967295), -- gives the order the PDUs were processed checkType [1] CheckType, dataType [2] DataType OPTIONAL, -- From version5(5) the dataType is mandatory for hashes and for signatures -- (see clause 7.2.3) checkValue [3] OCTET STRING, -- Network byte order -- In case of a DSA/DSS signature, the r and s values shall be concatenated ... } CheckType ::= ENUMERATED { hash(1), -- SHA-1 hash value signature(2), -- DSS/DSA signature ... } DataType ::= ENUMERATED { iRI(1), cC(2), ... } -- ================================== -- Definitions for OperatorLeaMessage -- ================================== OperatorLeaMessage ::= SEQUENCE { messagePriority [0] OperatorLeaMessagePriority, message [1] OCTET STRING (SIZE(1..255)), ... } OperatorLeaMessagePriority ::= ENUMERATED { error(1), -- reporting of error conditions that have impact on the quality of the -- intercepted data informational(2), -- reporting of conditions that will not have direct impact on the quality of -- the intercepted data ... } -- ================================ -- Definitions for EncryptionHeader -- ================================ EncryptionHeader ::= SEQUENCE { encryptionType [0] EncryptionType, encryptedPayload [1] OCTET STRING, -- once decrypted, it can be interpreted as payload [1] EncryptedPayload ... } EncryptionType ::= ENUMERATED { none(1), -- No encryption is applied. This option can be used for testing or to store data at the -- LEMF after decryption national-option(2), -- Use this option when an encryption scheme is negotiated on a national level aES-192-CBC(3), -- The Advanced Encryption Standard using a 192 bit key in CBC mode aES-256-CBC(4), -- The Advanced Encryption Standard using a 256 bit key in CBC mode blowfish-192-CBC(5), -- Blowfish (www.schneier.com/blowfish.html) using a 192 bit key in CBC mode blowfish-256-CBC(6), -- Blowfish using a 256 bit key in CBC mode threedes-cbc(7), -- Triple-DES using a 192 bit key in CBC mode ... } EncryptedPayload ::= SEQUENCE { byteCounter [0] INTEGER (0..18446744073709551615), -- The sum of the sizes of all transferred PDUs before this PDU. -- It is initialized with the unixTime (number of seconds since 01-01-1970) -- multiplied by 232 at first use. -- Where N is sequencenumber of the n-th PDU in transfer, and size(PDU(N)) -- is defined to be the size of the PDU after BER encoding: -- IF N > 0 THEN -- PDU[N].byteCounter = PDU[N-1].byteCounter + size(PDU[N-1]) -- ELSE -- PDU[N].byteCounter = ( unixTime(now) << 32 ) -- ENDIF payload [1] Payload, -- Once decrypted, it can be interpreted as payload [1] Payload ... } END -- end of LI-PS-PDU