Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"

[wireshark-sm.git] / epan / dissectors / asn1 / pkcs12 / pkcs12.asn

PKCS-12 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
                 pkcs-12(12) modules(0)  pkcs-12(1)}

DEFINITIONS IMPLICIT TAGS ::=

BEGIN

-- EXPORTS ALL
-- All types and values defined in this module is exported for use in
-- other ASN.1 modules. 

IMPORTS

informationFramework
        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
        usefulDefinitions(0) 3}

Attribute
        FROM InformationFramework informationFramework

ContentInfo, DigestInfo, Digest, DigestAlgorithmIdentifier
        FROM PKCS-7 {iso(1) member-body(2) us(840) rsadsi(113549)
        pkcs(1) pkcs-7(7) modules(0) pkcs-7(1)}

--PrivateKeyInfo, EncryptedPrivateKeyInfo
--      FROM PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549)
--      pkcs(1) pkcs-8(8) modules(1) pkcs-8(1)}
--
--pkcs-9, friendlyName, localKeyId, certTypes, crlTypes
--      FROM PKCS-9 {iso(1) member-body(2) us(840) rsadsi(113549)
--      pkcs(1) pkcs-9(9) modules(0) pkcs-9(1) };--

-- A PKCS#8 IMPORT from below
AlgorithmIdentifier, ALGORITHM-IDENTIFIER
        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};


-- Object identifiers

--rsadsi        OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549)}
--pkcs    OBJECT IDENTIFIER ::= {rsadsi pkcs(1)}
--pkcs-12       OBJECT IDENTIFIER ::= {pkcs 12}
--pkcs-12PbeIds                         OBJECT IDENTIFIER ::= {pkcs-12 1}
--pbeWithSHAAnd128BitRC4          OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
--pbeWithSHAAnd40BitRC4           OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
--pbeWithSHAAnd3-KeyTripleDES-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
--pbeWithSHAAnd2-KeyTripleDES-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
--pbeWithSHAAnd128BitRC2-CBC      OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
--pbewithSHAAnd40BitRC2-CBC       OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}

--bagtypes                      OBJECT IDENTIFIER ::= {pkcs-12 10 1}

-- The PFX PDU

PFX ::= SEQUENCE {
        version         INTEGER {v3(3)}(v3,...),
        authSafe        ContentInfo,
        macData         MacData OPTIONAL
}

MacData ::= SEQUENCE {
        mac             DigestInfo,
        macSalt         OCTET STRING,
        iterations      INTEGER DEFAULT 1
-- Note: The default is for historical reasons and its use is
-- deprecated. A higher value, like 1024 is recommended.
}

AuthenticatedSafe ::= SEQUENCE OF ContentInfo
        -- Data if unencrypted
        -- EncryptedData if password-encrypted
        -- EnvelopedData if public key-encrypted

SafeContents ::= SEQUENCE OF SafeBag

SafeBag ::= SEQUENCE {
        bagId           -- BAG-TYPE.&id ({PKCS12BagSet}) -- OBJECT IDENTIFIER,
        bagValue        [0] EXPLICIT --BAG-TYPE.&Type({PKCS12BagSet}{@bagId}) -- ANY,
        bagAttributes   SET OF PKCS12Attribute OPTIONAL
}

-- Bag types

--keyBag          BAG-TYPE ::= 
--      {KeyBag IDENTIFIED BY {bagtypes 1}}
--pkcs8ShroudedKeyBag BAG-TYPE ::=
--      {PKCS8ShroudedKeyBag IDENTIFIED BY {bagtypes 2}}
--certBag BAG-TYPE ::= 
--      {CertBag IDENTIFIED BY {bagtypes 3}}
--crlBag BAG-TYPE ::=
--      {CRLBag IDENTIFIED BY {bagtypes 4}}
--secretBag BAG-TYPE ::=    
--      {SecretBag IDENTIFIED BY {bagtypes 5}}
--safeContentsBag BAG-TYPE ::=
--      {SafeContents IDENTIFIED BY {bagtypes 6}}

--PKCS12BagSet BAG-TYPE ::= {
--      keyBag | 
--      pkcs8ShroudedKeyBag |
--      certBag |
--      crlBag | 
--      secretBag | 
--      safeContentsBag,
--      ... - - For future extensions
--}

--BAG-TYPE ::= TYPE-IDENTIFIER

-- KeyBag

KeyBag ::= PrivateKeyInfo

-- Shrouded KeyBag

PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo

-- CertBag

CertBag ::= SEQUENCE {
        certId    --BAG-TYPE.&id   ({CertTypes}) -- OBJECT IDENTIFIER,
        certValue [0] EXPLICIT --BAG-TYPE.&Type ({CertTypes}{@certId})-- ANY
}

--x509Certificate BAG-TYPE ::=
--      {OCTET STRING IDENTIFIED BY {certTypes 1}}
        -- DER-encoded X.509 certificate stored in OCTET STRING
--sdsiCertificate BAG-TYPE ::=
--      {IA5String IDENTIFIED BY {certTypes 2}}
        -- Base64-encoded SDSI certificate stored in IA5String

--CertTypes BAG-TYPE ::= {
--      x509Certificate |
--      sdsiCertificate,
--      ... - - For future extensions
--}

-- CRLBag

CRLBag ::= SEQUENCE {
        crlId           --BAG-TYPE.&id ({CRLTypes})-- OBJECT IDENTIFIER,
        crlValue        [0] EXPLICIT --BAG-TYPE.&Type ({CRLTypes}{@crlId})-- ANY
}

--x509CRL BAG-TYPE ::=
--      {OCTET STRING IDENTIFIED BY {crlTypes 1}}
        -- DER-encoded X.509 CRL stored in OCTET STRING

--CRLTypes BAG-TYPE ::= {
--      x509CRL,
--      ... - - For future extensions
--}

-- Secret Bag

SecretBag ::= SEQUENCE {
        secretTypeId --BAG-TYPE.&id ({SecretTypes})-- OBJECT IDENTIFIER,
        secretValue  [0] EXPLICIT --BAG-TYPE.&Type ({SecretTypes}{@secretTypeId})-- ANY
}

--SecretTypes BAG-TYPE ::= {
--      ... - - For future extensions
--}

-- Attributes

PKCS12Attribute ::= SEQUENCE {
        attrId          --ATTRIBUTE.&id ({PKCS12AttrSet})-- OBJECT IDENTIFIER,
        attrValues      SET OF --ATTRIBUTE.&Type ({PKCS12AttrSet}{@attrId})-- ANY
} -- This type is compatible with the X.500 type 'Attribute'

--PKCS12AttrSet ATTRIBUTE ::= {
--      friendlyName |
--      localKeyId,
--      ... - - Other attributes are allowed
--}

--END

-- We import PKCS#8 here directly rather than creating another dissector

--PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-8(8)
--        modules(1) pkcs-8(1)} 

-- $Revision: 1.5 $

-- This module has been checked for conformance with the ASN.1
-- standard by the OSS ASN.1 Tools

--DEFINITIONS IMPLICIT TAGS ::= 

--BEGIN

-- EXPORTS All --
-- All types and values defined in this module is exported for use in other
-- ASN.1 modules.

--IMPORTS

--informationFramework
--        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
--                                usefulDefinitions(0) 3} 

--Attribute
--        FROM InformationFramework informationFramework

--AlgorithmIdentifier, ALGORITHM-IDENTIFIER
--        FROM PKCS-5 {iso(1) member-body(2) us(840) rsadsi(113549)
--        pkcs(1) pkcs-5(5) modules(16) pkcs-5(1)};

-- Private-key information syntax

PrivateKeyInfo ::= SEQUENCE {
  version Version,
  privateKeyAlgorithm AlgorithmIdentifier --{{PrivateKeyAlgorithms}}--,
  privateKey PrivateKey,
  attributes [0] Attributes OPTIONAL }

Version ::= INTEGER {v1(0)} (v1,...)

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

-- Encrypted private-key information syntax

EncryptedPrivateKeyInfo ::= SEQUENCE {
    encryptionAlgorithm AlgorithmIdentifier --{{KeyEncryptionAlgorithms}}--,
    encryptedData EncryptedData 
}

EncryptedData ::= OCTET STRING

--PrivateKeyAlgorithms ALGORITHM-IDENTIFIER ::= {
--    ... - - For local profiles
--}

--KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
--    ... - - For local profiles
--}

-- From RFC 2898
PBEParameter ::= SEQUENCE {
    salt                OCTET STRING,
    iterationCount      INTEGER
}


PBKDF2Params ::= SEQUENCE {
    salt CHOICE {
        specified OCTET STRING,
        otherSource AlgorithmIdentifier --{{PBKDF2-SaltSources}}--
        },
    iterationCount INTEGER --(1..MAX)--,
    keyLength INTEGER (1..MAX) OPTIONAL,
    prf AlgorithmIdentifier --{{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1-- OPTIONAL }

PBES2Params ::= SEQUENCE {
    keyDerivationFunc AlgorithmIdentifier --{{PBES2-KDFs}}--,
    encryptionScheme AlgorithmIdentifier --{{PBES2-Encs}}-- }

PBMAC1Params ::=  SEQUENCE {
    keyDerivationFunc AlgorithmIdentifier --{{PBMAC1-KDFs}}--,
    messageAuthScheme AlgorithmIdentifier --{{PBMAC1-MACs}}-- }


END