1PKCS7ContentInfo ::= SEQUENCE { 2 contentType ContentType, 3 content [0] EXPLICIT SignedData OPTIONAL 4} 5 6ContentType ::= OBJECT IDENTIFIER ({ pkcs7_note_OID }) 7 8SignedData ::= SEQUENCE { 9 version INTEGER, 10 digestAlgorithms DigestAlgorithmIdentifiers, 11 contentInfo ContentInfo, 12 certificates CHOICE { 13 certSet [0] IMPLICIT ExtendedCertificatesAndCertificates, 14 certSequence [2] IMPLICIT Certificates 15 } OPTIONAL ({ pkcs7_note_certificate_list }), 16 crls CHOICE { 17 crlSet [1] IMPLICIT CertificateRevocationLists, 18 crlSequence [3] IMPLICIT CRLSequence 19 } OPTIONAL, 20 signerInfos SignerInfos 21} 22 23ContentInfo ::= SEQUENCE { 24 contentType ContentType, 25 content [0] EXPLICIT Data OPTIONAL 26} 27 28Data ::= ANY ({ pkcs7_note_data }) 29 30DigestAlgorithmIdentifiers ::= CHOICE { 31 daSet SET OF DigestAlgorithmIdentifier, 32 daSequence SEQUENCE OF DigestAlgorithmIdentifier 33} 34 35DigestAlgorithmIdentifier ::= SEQUENCE { 36 algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), 37 parameters ANY OPTIONAL 38} 39 40-- 41-- Certificates and certificate lists 42-- 43ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate 44 45ExtendedCertificateOrCertificate ::= CHOICE { 46 certificate Certificate, -- X.509 47 extendedCertificate [0] IMPLICIT ExtendedCertificate -- PKCS#6 48} 49 50ExtendedCertificate ::= Certificate -- cheating 51 52Certificates ::= SEQUENCE OF Certificate 53 54CertificateRevocationLists ::= SET OF CertificateList 55 56CertificateList ::= SEQUENCE OF Certificate -- This may be defined incorrectly 57 58CRLSequence ::= SEQUENCE OF CertificateList 59 60Certificate ::= ANY ({ pkcs7_extract_cert }) -- X.509 61 62-- 63-- Signer information 64-- 65SignerInfos ::= CHOICE { 66 siSet SET OF SignerInfo, 67 siSequence SEQUENCE OF SignerInfo 68} 69 70SignerInfo ::= SEQUENCE { 71 version INTEGER, 72 issuerAndSerialNumber IssuerAndSerialNumber, 73 digestAlgorithm DigestAlgorithmIdentifier ({ pkcs7_sig_note_digest_algo }), 74 authenticatedAttributes CHOICE { 75 aaSet [0] IMPLICIT SetOfAuthenticatedAttribute 76 ({ pkcs7_sig_note_set_of_authattrs }), 77 aaSequence [2] EXPLICIT SEQUENCE OF AuthenticatedAttribute 78 -- Explicit because easier to compute digest on 79 -- sequence of attributes and then reuse encoded 80 -- sequence in aaSequence. 81 } OPTIONAL, 82 digestEncryptionAlgorithm 83 DigestEncryptionAlgorithmIdentifier ({ pkcs7_sig_note_pkey_algo }), 84 encryptedDigest EncryptedDigest, 85 unauthenticatedAttributes CHOICE { 86 uaSet [1] IMPLICIT SET OF UnauthenticatedAttribute, 87 uaSequence [3] IMPLICIT SEQUENCE OF UnauthenticatedAttribute 88 } OPTIONAL 89} ({ pkcs7_note_signed_info }) 90 91IssuerAndSerialNumber ::= SEQUENCE { 92 issuer Name ({ pkcs7_sig_note_issuer }), 93 serialNumber CertificateSerialNumber ({ pkcs7_sig_note_serial }) 94} 95 96CertificateSerialNumber ::= INTEGER 97 98SetOfAuthenticatedAttribute ::= SET OF AuthenticatedAttribute 99 100AuthenticatedAttribute ::= SEQUENCE { 101 type OBJECT IDENTIFIER ({ pkcs7_note_OID }), 102 values SET OF ANY ({ pkcs7_sig_note_authenticated_attr }) 103} 104 105UnauthenticatedAttribute ::= SEQUENCE { 106 type OBJECT IDENTIFIER ({ pkcs7_note_OID }), 107 values SET OF ANY 108} 109 110DigestEncryptionAlgorithmIdentifier ::= SEQUENCE { 111 algorithm OBJECT IDENTIFIER ({ pkcs7_note_OID }), 112 parameters ANY OPTIONAL 113} 114 115EncryptedDigest ::= OCTET STRING ({ pkcs7_sig_note_signature }) 116 117--- 118--- X.500 Name 119--- 120Name ::= SEQUENCE OF RelativeDistinguishedName 121 122RelativeDistinguishedName ::= SET OF AttributeValueAssertion 123 124AttributeValueAssertion ::= SEQUENCE { 125 attributeType OBJECT IDENTIFIER ({ pkcs7_note_OID }), 126 attributeValue ANY 127} 128