diff options
author | David Howells <dhowells@redhat.com> | 2015-07-20 21:16:33 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2015-08-12 17:01:01 +0100 |
commit | 24b3c9497d30c2275622568c15ae6903f59cc488 (patch) | |
tree | 9bdc3f49a7919184aa941c12d14e1c05fa1099a4 /crypto/asymmetric_keys/pkcs7.asn1 | |
parent | 6b08987f55ebf3e020e9acc6270c434f847bc065 (diff) | |
download | linux-crypto-24b3c9497d30c2275622568c15ae6903f59cc488.tar.gz linux-crypto-24b3c9497d30c2275622568c15ae6903f59cc488.zip |
PKCS#7: Support CMS messages also [RFC5652]
Since CMS is an evolution of PKCS#7, with much of the ASN.1 being
compatible, add support for CMS signed-data messages also [RFC5652 sec 5].
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-By: David Woodhouse <David.Woodhouse@intel.com>
Diffstat (limited to '')
-rw-r--r-- | crypto/asymmetric_keys/pkcs7.asn1 | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/asymmetric_keys/pkcs7.asn1 b/crypto/asymmetric_keys/pkcs7.asn1 index 05504431..6bf8ff4f 100644 --- a/crypto/asymmetric_keys/pkcs7.asn1 +++ b/crypto/asymmetric_keys/pkcs7.asn1 @@ -69,7 +69,7 @@ SignerInfos ::= CHOICE { SignerInfo ::= SEQUENCE { version INTEGER ({ pkcs7_note_signerinfo_version }), - issuerAndSerialNumber IssuerAndSerialNumber, + sid SignerIdentifier, -- CMS variant, not PKCS#7 digestAlgorithm DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }), authenticatedAttributes CHOICE { aaSet [0] IMPLICIT SetOfAuthenticatedAttribute @@ -88,6 +88,12 @@ SignerInfo ::= SEQUENCE { } OPTIONAL } ({ pkcs7_note_signed_info }) +SignerIdentifier ::= CHOICE { + -- RFC5652 sec 5.3 + issuerAndSerialNumber IssuerAndSerialNumber, + subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier +} + IssuerAndSerialNumber ::= SEQUENCE { issuer Name ({ pkcs7_sig_note_issuer }), serialNumber CertificateSerialNumber ({ pkcs7_sig_note_serial }) @@ -95,6 +101,8 @@ IssuerAndSerialNumber ::= SEQUENCE { CertificateSerialNumber ::= INTEGER +SubjectKeyIdentifier ::= OCTET STRING ({ pkcs7_sig_note_skid }) + SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute AuthenticatedAttribute ::= SEQUENCE { |