1 PKIXCMP-2009 2 { iso(1) identified-organization(3) dod(6) internet(1) security(5) 3 mechanisms(5) pkix(7) id-mod(0) id-mod-cmp2000-02(50) } 4 DEFINITIONS EXPLICIT TAGS ::= 5 BEGIN 6 IMPORTS 7 8 AttributeSet{}, Extensions{}, EXTENSION, ATTRIBUTE 9 FROM PKIX-CommonTypes-2009 10 {iso(1) identified-organization(3) dod(6) internet(1) security(5) 11 mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon-02(57)} 12 13 AlgorithmIdentifier{}, SIGNATURE-ALGORITHM, ALGORITHM, 14 DIGEST-ALGORITHM, MAC-ALGORITHM 15 FROM AlgorithmInformation-2009 16 {iso(1) identified-organization(3) dod(6) internet(1) security(5) 17 mechanisms(5) pkix(7) id-mod(0) 18 id-mod-algorithmInformation-02(58)} 19 20 Certificate, CertificateList 21 FROM PKIX1Explicit-2009 22 {iso(1) identified-organization(3) dod(6) internet(1) security(5) 23 mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51)} 24 25 GeneralName, KeyIdentifier 26 FROM PKIX1Implicit-2009 27 {iso(1) identified-organization(3) dod(6) internet(1) security(5) 28 mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-implicit-02(59)} 29 30 CertTemplate, PKIPublicationInfo, EncryptedValue, CertId, 31 CertReqMessages 32 FROM PKIXCRMF-2009 33 { iso(1) identified-organization(3) dod(6) internet(1) security(5) 34 mechanisms(5) pkix(7) id-mod(0) id-mod-crmf2005-02(55) } 35 -- see also the behavioral clarifications to CRMF codified in 36 -- Appendix C of this specification 37 38 CertificationRequest 39 FROM PKCS-10 40 {iso(1) identified-organization(3) dod(6) internet(1) security(5) 41 mechanisms(5) pkix(7) id-mod(0) id-mod-pkcs10-2009(69)} 42 -- (specified in RFC 2986 with 1993 ASN.1 syntax and IMPLICIT 43 -- tags). Alternatively, implementers may directly include 44 -- the [PKCS10] syntax in this module 45 ; 46 47 -- the rest of the module contains locally defined OIDs and 48 -- constructs 49 50 CMPCertificate ::= CHOICE { x509v3PKCert Certificate, ... } 51 -- This syntax, while bits-on-the-wire compatible with the 52 -- standard X.509 definition of "Certificate", allows the 53 -- possibility of future certificate types (such as X.509 54 -- attribute certificates, WAP WTLS certificates, or other kinds 55 -- of certificates) within this certificate management protocol, 56 -- should a need ever arise to support such generality. Those 57 -- implementations that do not foresee a need to ever support 58 -- other certificate types MAY, if they wish, comment out the 59 -- above structure and "uncomment" the following one prior to 60 -- compiling this ASN.1 module. (Note that interoperability 61 -- with implementations that don't do this will be unaffected by 62 -- this change.) 63 64 -- CMPCertificate ::= Certificate 65 66 PKIMessage ::= SEQUENCE { 67 header PKIHeader, 68 body PKIBody, 69 protection [0] PKIProtection OPTIONAL, 70 extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate 71 OPTIONAL } 72 73 PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage 74 75 PKIHeader ::= SEQUENCE { 76 pvno INTEGER { cmp1999(1), cmp2000(2) }, 77 sender GeneralName, 78 -- identifies the sender 79 recipient GeneralName, 80 -- identifies the intended recipient 81 messageTime [0] GeneralizedTime OPTIONAL, 82 -- time of production of this message (used when sender 83 -- believes that the transport will be "suitable"; i.e., 84 -- that the time will still be meaningful upon receipt) 85 protectionAlg [1] AlgorithmIdentifier{ALGORITHM, {...}} 86 OPTIONAL, 87 -- algorithm used for calculation of protection bits 88 senderKID [2] KeyIdentifier OPTIONAL, 89 recipKID [3] KeyIdentifier OPTIONAL, 90 -- to identify specific keys used for protection 91 transactionID [4] OCTET STRING OPTIONAL, 92 -- identifies the transaction; i.e., this will be the same in 93 -- corresponding request, response, certConf, and PKIConf 94 -- messages 95 senderNonce [5] OCTET STRING OPTIONAL, 96 recipNonce [6] OCTET STRING OPTIONAL, 97 -- nonces used to provide replay protection, senderNonce 98 -- is inserted by the creator of this message; recipNonce 99 -- is a nonce previously inserted in a related message by 100 -- the intended recipient of this message 101 freeText [7] PKIFreeText OPTIONAL, 102 -- this may be used to indicate context-specific instructions 103 -- (this field is intended for human consumption) 104 generalInfo [8] SEQUENCE SIZE (1..MAX) OF 105 InfoTypeAndValue OPTIONAL 106 -- this may be used to convey context-specific information 107 -- (this field not primarily intended for human consumption) 108 } 109 110 PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String 111 -- text encoded as UTF-8 String [RFC3629] (note: each 112 -- UTF8String MAY include an [RFC3066] language tag 113 -- to indicate the language of the contained text; 114 -- see [RFC2482] for details) 115 116 PKIBody ::= CHOICE { -- message-specific body elements 117 ir [0] CertReqMessages, --Initialization Request 118 ip [1] CertRepMessage, --Initialization Response 119 cr [2] CertReqMessages, --Certification Request 120 cp [3] CertRepMessage, --Certification Response 121 p10cr [4] CertificationRequest, --imported from [PKCS10] 122 popdecc [5] POPODecKeyChallContent, --pop Challenge 123 popdecr [6] POPODecKeyRespContent, --pop Response 124 kur [7] CertReqMessages, --Key Update Request 125 kup [8] CertRepMessage, --Key Update Response 126 krr [9] CertReqMessages, --Key Recovery Request 127 krp [10] KeyRecRepContent, --Key Recovery Response 128 rr [11] RevReqContent, --Revocation Request 129 rp [12] RevRepContent, --Revocation Response 130 ccr [13] CertReqMessages, --Cross-Cert. Request 131 ccp [14] CertRepMessage, --Cross-Cert. Response 132 ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. 133 cann [16] CertAnnContent, --Certificate Ann. 134 rann [17] RevAnnContent, --Revocation Ann. 135 crlann [18] CRLAnnContent, --CRL Announcement 136 pkiconf [19] PKIConfirmContent, --Confirmation 137 nested [20] NestedMessageContent, --Nested Message 138 genm [21] GenMsgContent, --General Message 139 genp [22] GenRepContent, --General Response 140 error [23] ErrorMsgContent, --Error Message 141 certConf [24] CertConfirmContent, --Certificate confirm 142 pollReq [25] PollReqContent, --Polling request 143 pollRep [26] PollRepContent --Polling response 144 } 145 146 PKIProtection ::= BIT STRING 147 148 ProtectedPart ::= SEQUENCE { 149 header PKIHeader, 150 body PKIBody } 151 152 id-PasswordBasedMac OBJECT IDENTIFIER ::= { iso(1) member-body(2) 153 usa(840) nt(113533) nsn(7) algorithms(66) 13 } 154 PBMParameter ::= SEQUENCE { 155 salt OCTET STRING, 156 -- note: implementations MAY wish to limit acceptable sizes 157 -- of this string to values appropriate for their environment 158 -- in order to reduce the risk of denial-of-service attacks 159 owf AlgorithmIdentifier{DIGEST-ALGORITHM, {...}}, 160 -- AlgId for a One-Way Function (SHA-1 recommended) 161 iterationCount INTEGER, 162 -- number of times the OWF is applied 163 -- note: implementations MAY wish to limit acceptable sizes 164 -- of this integer to values appropriate for their environment 165 -- in order to reduce the risk of denial-of-service attacks 166 mac AlgorithmIdentifier{MAC-ALGORITHM, {...}} 167 -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], 168 -- or HMAC [RFC2104, RFC2202]) 169 } 170 171 id-DHBasedMac OBJECT IDENTIFIER ::= { iso(1) member-body(2) 172 usa(840) nt(113533) nsn(7) algorithms(66) 30 } 173 DHBMParameter ::= SEQUENCE { 174 owf AlgorithmIdentifier{DIGEST-ALGORITHM, {...}}, 175 -- AlgId for a One-Way Function (SHA-1 recommended) 176 mac AlgorithmIdentifier{MAC-ALGORITHM, {...}} 177 -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], 178 -- or HMAC [RFC2104, RFC2202]) 179 } 180 181 PKIStatus ::= INTEGER { 182 accepted (0), 183 -- you got exactly what you asked for 184 grantedWithMods (1), 185 -- you got something like what you asked for; the 186 -- requester is responsible for ascertaining the differences 187 rejection (2), 188 -- you don't get it, more information elsewhere in the message 189 waiting (3), 190 -- the request body part has not yet been processed; expect to 191 -- hear more later (note: proper handling of this status 192 -- response MAY use the polling req/rep PKIMessages specified 193 -- in Section 5.3.22; alternatively, polling in the underlying 194 -- transport layer MAY have some utility in this regard) 195 revocationWarning (4), 196 -- this message contains a warning that a revocation is 197 -- imminent 198 revocationNotification (5), 199 -- notification that a revocation has occurred 200 keyUpdateWarning (6) 201 -- update already done for the oldCertId specified in 202 -- CertReqMsg 203 } 204 205 PKIFailureInfo ::= BIT STRING { 206 -- since we can fail in more than one way! 207 -- More codes may be added in the future if/when required. 208 badAlg (0), 209 -- unrecognized or unsupported Algorithm Identifier 210 badMessageCheck (1), 211 -- integrity check failed (e.g., signature did not verify) 212 badRequest (2), 213 -- transaction not permitted or supported 214 badTime (3), 215 -- messageTime was not sufficiently close to the system time, 216 -- as defined by local policy 217 badCertId (4), 218 -- no certificate could be found matching the provided criteria 219 badDataFormat (5), 220 -- the data submitted has the wrong format 221 wrongAuthority (6), 222 -- the authority indicated in the request is different from the 223 -- one creating the response token 224 incorrectData (7), 225 -- the requester's data is incorrect (for notary services) 226 missingTimeStamp (8), 227 -- when the timestamp is missing but should be there 228 -- (by policy) 229 badPOP (9), 230 -- the proof-of-possession failed 231 certRevoked (10), 232 -- the certificate has already been revoked 233 certConfirmed (11), 234 -- the certificate has already been confirmed 235 wrongIntegrity (12), 236 -- invalid integrity, password based instead of signature or 237 -- vice versa 238 badRecipientNonce (13), 239 -- invalid recipient nonce, either missing or wrong value 240 timeNotAvailable (14), 241 -- the TSA's time source is not available 242 unacceptedPolicy (15), 243 -- the requested TSA policy is not supported by the TSA 244 unacceptedExtension (16), 245 -- the requested extension is not supported by the TSA 246 addInfoNotAvailable (17), 247 -- the additional information requested could not be 248 -- understood or is not available 249 badSenderNonce (18), 250 -- invalid sender nonce, either missing or wrong size 251 badCertTemplate (19), 252 -- invalid cert. template or missing mandatory information 253 signerNotTrusted (20), 254 -- signer of the message unknown or not trusted 255 transactionIdInUse (21), 256 -- the transaction identifier is already in use 257 unsupportedVersion (22), 258 -- the version of the message is not supported 259 notAuthorized (23), 260 -- the sender was not authorized to make the preceding 261 -- request or perform the preceding action 262 systemUnavail (24), 263 -- the request cannot be handled due to system unavailability 264 systemFailure (25), 265 -- the request cannot be handled due to system failure 266 duplicateCertReq (26) 267 -- certificate cannot be issued because a duplicate 268 -- certificate already exists 269 } 270 271 PKIStatusInfo ::= SEQUENCE { 272 status PKIStatus, 273 statusString PKIFreeText OPTIONAL, 274 failInfo PKIFailureInfo OPTIONAL } 275 276 OOBCert ::= CMPCertificate 277 278 OOBCertHash ::= SEQUENCE { 279 hashAlg [0] AlgorithmIdentifier{DIGEST-ALGORITHM, {...}} 280 OPTIONAL, 281 certId [1] CertId OPTIONAL, 282 hashVal BIT STRING 283 -- hashVal is calculated over the DER encoding of the 284 -- self-signed certificate with the identifier certID. 285 } 286 287 POPODecKeyChallContent ::= SEQUENCE OF Challenge 288 -- One Challenge per encryption key certification request (in the 289 -- same order as these requests appear in CertReqMessages). 290 291 Challenge ::= SEQUENCE { 292 owf AlgorithmIdentifier{DIGEST-ALGORITHM, {...}} 293 OPTIONAL, 294 -- MUST be present in the first Challenge; MAY be omitted in 295 -- any subsequent Challenge in POPODecKeyChallContent (if 296 -- omitted, then the owf used in the immediately preceding 297 -- Challenge is to be used). 298 witness OCTET STRING, 299 -- the result of applying the one-way function (owf) to a 300 -- randomly-generated INTEGER, A. [Note that a different 301 -- INTEGER MUST be used for each Challenge.] 302 challenge OCTET STRING 303 -- the encryption (under the public key for which the cert. 304 -- request is being made) of Rand, where Rand is specified as 305 -- Rand ::= SEQUENCE { 306 -- int INTEGER, 307 -- - the randomly-generated INTEGER A (above) 308 -- sender GeneralName 309 -- - the sender's name (as included in PKIHeader) 310 -- } 311 } 312 313 POPODecKeyRespContent ::= SEQUENCE OF INTEGER 314 -- One INTEGER per encryption key certification request (in the 315 -- same order as these requests appear in CertReqMessages). The 316 -- retrieved INTEGER A (above) is returned to the sender of the 317 -- corresponding Challenge. 318 319 CertRepMessage ::= SEQUENCE { 320 caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate 321 OPTIONAL, 322 response SEQUENCE OF CertResponse } 323 324 CertResponse ::= SEQUENCE { 325 certReqId INTEGER, 326 -- to match this response with the corresponding request (a value 327 -- of -1 is to be used if certReqId is not specified in the 328 -- corresponding request) 329 status PKIStatusInfo, 330 certifiedKeyPair CertifiedKeyPair OPTIONAL, 331 rspInfo OCTET STRING OPTIONAL 332 -- analogous to the id-regInfo-utf8Pairs string defined 333 -- for regInfo in CertReqMsg [RFC4211] 334 } 335 336 CertifiedKeyPair ::= SEQUENCE { 337 certOrEncCert CertOrEncCert, 338 privateKey [0] EncryptedValue OPTIONAL, 339 -- see [RFC4211] for comment on encoding 340 publicationInfo [1] PKIPublicationInfo OPTIONAL } 341 342 CertOrEncCert ::= CHOICE { 343 certificate [0] CMPCertificate, 344 encryptedCert [1] EncryptedValue } 345 KeyRecRepContent ::= SEQUENCE { 346 status PKIStatusInfo, 347 newSigCert [0] CMPCertificate OPTIONAL, 348 caCerts [1] SEQUENCE SIZE (1..MAX) OF 349 CMPCertificate OPTIONAL, 350 keyPairHist [2] SEQUENCE SIZE (1..MAX) OF 351 CertifiedKeyPair OPTIONAL } 352 353 RevReqContent ::= SEQUENCE OF RevDetails 354 355 RevDetails ::= SEQUENCE { 356 certDetails CertTemplate, 357 -- allows requester to specify as much as they can about 358 -- the cert. for which revocation is requested 359 -- (e.g., for cases in which serialNumber is not available) 360 crlEntryDetails Extensions{{...}} OPTIONAL 361 -- requested crlEntryExtensions 362 } 363 364 RevRepContent ::= SEQUENCE { 365 status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, 366 -- in same order as was sent in RevReqContent 367 revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL, 368 -- IDs for which revocation was requested 369 -- (same order as status) 370 crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL 371 -- the resulting CRLs (there may be more than one) 372 } 373 374 CAKeyUpdAnnContent ::= SEQUENCE { 375 oldWithNew CMPCertificate, -- old pub signed with new priv 376 newWithOld CMPCertificate, -- new pub signed with old priv 377 newWithNew CMPCertificate -- new pub signed with new priv 378 } 379 380 CertAnnContent ::= CMPCertificate 381 382 RevAnnContent ::= SEQUENCE { 383 status PKIStatus, 384 certId CertId, 385 willBeRevokedAt GeneralizedTime, 386 badSinceDate GeneralizedTime, 387 crlDetails Extensions{{...}} OPTIONAL 388 -- extra CRL details (e.g., crl number, reason, location, etc.) 389 } 390 391 CRLAnnContent ::= SEQUENCE OF CertificateList 392 PKIConfirmContent ::= NULL 393 394 NestedMessageContent ::= PKIMessages 395 396 INFO-TYPE-AND-VALUE ::= TYPE-IDENTIFIER 397 398 InfoTypeAndValue ::= SEQUENCE { 399 infoType INFO-TYPE-AND-VALUE. 400 &id({SupportedInfoSet}), 401 infoValue INFO-TYPE-AND-VALUE. 402 &Type({SupportedInfoSet}{@infoType}) } 403 404 SupportedInfoSet INFO-TYPE-AND-VALUE ::= { ... } 405 406 -- Example InfoTypeAndValue contents include, but are not limited 407 -- to, the following (uncomment in this ASN.1 module and use as 408 -- appropriate for a given environment): 409 -- 410 -- id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1} 411 -- CAProtEncCertValue ::= CMPCertificate 412 -- id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2} 413 -- SignKeyPairTypesValue ::= SEQUENCE OF 414 -- AlgorithmIdentifier{{...}} 415 -- id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3} 416 -- EncKeyPairTypesValue ::= SEQUENCE OF 417 -- AlgorithmIdentifier{{...}} 418 -- id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4} 419 -- PreferredSymmAlgValue ::= AlgorithmIdentifier{{...}} 420 -- id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5} 421 -- CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent 422 -- id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6} 423 -- CurrentCRLValue ::= CertificateList 424 -- id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7} 425 -- UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER 426 -- id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10} 427 -- KeyPairParamReqValue ::= OBJECT IDENTIFIER 428 -- id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11} 429 -- KeyPairParamRepValue ::= AlgorithmIdentifer 430 -- id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12} 431 -- RevPassphraseValue ::= EncryptedValue 432 -- id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13} 433 -- ImplicitConfirmValue ::= NULL 434 -- id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14} 435 -- ConfirmWaitTimeValue ::= GeneralizedTime 436 -- id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15} 437 -- OrigPKIMessageValue ::= PKIMessages 438 -- id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16} 439 -- SuppLangTagsValue ::= SEQUENCE OF UTF8String 440 -- 441 -- where 442 -- 443 -- id-pkix OBJECT IDENTIFIER ::= { 444 -- iso(1) identified-organization(3) 445 -- dod(6) internet(1) security(5) mechanisms(5) pkix(7)} 446 -- and 447 -- id-it OBJECT IDENTIFIER ::= {id-pkix 4} 448 -- 449 -- 450 -- This construct MAY also be used to define new PKIX Certificate 451 -- Management Protocol request and response messages, or general- 452 -- purpose (e.g., announcement) messages for future needs or for 453 -- specific environments. 454 455 GenMsgContent ::= SEQUENCE OF InfoTypeAndValue 456 457 -- May be sent by EE, RA, or CA (depending on message content). 458 -- The OPTIONAL infoValue parameter of InfoTypeAndValue will 459 -- typically be omitted for some of the examples given above. 460 -- The receiver is free to ignore any contained OBJECT IDs that it 461 -- does not recognize. If sent from EE to CA, the empty set 462 -- indicates that the CA may send 463 -- any/all information that it wishes. 464 465 GenRepContent ::= SEQUENCE OF InfoTypeAndValue 466 -- Receiver MAY ignore any contained OIDs that it does not 467 -- recognize. 468 469 ErrorMsgContent ::= SEQUENCE { 470 pKIStatusInfo PKIStatusInfo, 471 errorCode INTEGER OPTIONAL, 472 -- implementation-specific error codes 473 errorDetails PKIFreeText OPTIONAL 474 -- implementation-specific error details 475 } 476 477 CertConfirmContent ::= SEQUENCE OF CertStatus 478 479 CertStatus ::= SEQUENCE { 480 certHash OCTET STRING, 481 -- the hash of the certificate, using the same hash algorithm 482 -- as is used to create and verify the certificate signature 483 certReqId INTEGER, 484 -- to match this confirmation with the corresponding req/rep 485 statusInfo PKIStatusInfo OPTIONAL } 486 487 PollReqContent ::= SEQUENCE OF SEQUENCE { 488 certReqId INTEGER } 489 490 PollRepContent ::= SEQUENCE OF SEQUENCE { 491 certReqId INTEGER, 492 checkAfter INTEGER, -- time in seconds 493 reason PKIFreeText OPTIONAL } 494 495 END 496