1-- Verbatim copy of Appendix A of RFC 4108 followed by Errata ID 4093 2 3CMSFirmwareWrapper 4 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 pkcs-9(9) smime(16) modules(0) cms-firmware-wrap(22) } 6 7DEFINITIONS IMPLICIT TAGS ::= BEGIN 8 9IMPORTS 10 EnvelopedData 11 FROM CryptographicMessageSyntax -- [CMS] 12 { iso(1) member-body(2) us(840) rsadsi(113549) 13 pkcs(1) pkcs-9(9) smime(16) modules(0) cms-2004(24) }; 14 15 16-- Firmware Package Content Type and Object Identifier 17 18id-ct-firmwarePackage OBJECT IDENTIFIER ::= { 19 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 20 smime(16) ct(1) 16 } 21 22FirmwarePkgData ::= OCTET STRING 23 24 25-- Firmware Package Signed Attributes and Object Identifiers 26 27id-aa-firmwarePackageID OBJECT IDENTIFIER ::= { 28 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 29 smime(16) aa(2) 35 } 30 31FirmwarePackageIdentifier ::= SEQUENCE { 32 name PreferredOrLegacyPackageIdentifier, 33 stale PreferredOrLegacyStalePackageIdentifier OPTIONAL } 34 35PreferredOrLegacyPackageIdentifier ::= CHOICE { 36 preferred PreferredPackageIdentifier, 37 legacy OCTET STRING } 38 39PreferredPackageIdentifier ::= SEQUENCE { 40 fwPkgID OBJECT IDENTIFIER, 41 verNum INTEGER (0..MAX) } 42 43PreferredOrLegacyStalePackageIdentifier ::= CHOICE { 44 preferredStaleVerNum INTEGER (0..MAX), 45 legacyStaleVersion OCTET STRING } 46 47 48id-aa-targetHardwareIDs OBJECT IDENTIFIER ::= { 49 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 50 smime(16) aa(2) 36 } 51 52TargetHardwareIdentifiers ::= SEQUENCE OF OBJECT IDENTIFIER 53 54 55id-aa-decryptKeyID OBJECT IDENTIFIER ::= { 56 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 57 smime(16) aa(2) 37 } 58 59DecryptKeyIdentifier ::= OCTET STRING 60 61 62id-aa-implCryptoAlgs OBJECT IDENTIFIER ::= { 63 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 64 smime(16) aa(2) 38 } 65 66ImplementedCryptoAlgorithms ::= SEQUENCE OF OBJECT IDENTIFIER 67 68id-aa-implCompressAlgs OBJECT IDENTIFIER ::= { 69 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 70 smime(16) aa(2) 43 } 71 72ImplementedCompressAlgorithms ::= SEQUENCE OF OBJECT IDENTIFIER 73 74 75id-aa-communityIdentifiers OBJECT IDENTIFIER ::= { 76 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 77 smime(16) aa(2) 40 } 78 79CommunityIdentifiers ::= SEQUENCE OF CommunityIdentifier 80 81CommunityIdentifier ::= CHOICE { 82 communityOID OBJECT IDENTIFIER, 83 hwModuleList HardwareModules } 84 85HardwareModules ::= SEQUENCE { 86 hwType OBJECT IDENTIFIER, 87 hwSerialEntries SEQUENCE OF HardwareSerialEntry } 88 89 90HardwareSerialEntry ::= CHOICE { 91 all NULL, 92 single OCTET STRING, 93 block SEQUENCE { 94 low OCTET STRING, 95 high OCTET STRING } } 96 97 98id-aa-firmwarePackageInfo OBJECT IDENTIFIER ::= { 99 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 100 smime(16) aa(2) 42 } 101 102FirmwarePackageInfo ::= SEQUENCE { 103 fwPkgType INTEGER OPTIONAL, 104 dependencies SEQUENCE OF 105 PreferredOrLegacyPackageIdentifier OPTIONAL } 106 107 108-- Firmware Package Unsigned Attributes and Object Identifiers 109 110id-aa-wrappedFirmwareKey OBJECT IDENTIFIER ::= { 111 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 112 smime(16) aa(2) 39 } 113 114WrappedFirmwareKey ::= EnvelopedData 115 116 117-- Firmware Package Load Receipt Content Type and Object Identifier 118 119id-ct-firmwareLoadReceipt OBJECT IDENTIFIER ::= { 120 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 121 smime(16) ct(1) 17 } 122 123FirmwarePackageLoadReceipt ::= SEQUENCE { 124 version FWReceiptVersion DEFAULT v1, 125 hwType OBJECT IDENTIFIER, 126 hwSerialNum OCTET STRING, 127 fwPkgName PreferredOrLegacyPackageIdentifier, 128 trustAnchorKeyID OCTET STRING OPTIONAL, 129 decryptKeyID [1] OCTET STRING OPTIONAL } 130 131FWReceiptVersion ::= INTEGER { v1(1) } 132 133 134-- Firmware Package Load Error Report Content Type 135-- and Object Identifier 136 137id-ct-firmwareLoadError OBJECT IDENTIFIER ::= { 138 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 139 smime(16) ct(1) 18 } 140 141FirmwarePackageLoadError ::= SEQUENCE { 142 version FWErrorVersion DEFAULT v1, 143 hwType OBJECT IDENTIFIER, 144 hwSerialNum OCTET STRING, 145 errorCode FirmwarePackageLoadErrorCode, 146 vendorErrorCode VendorLoadErrorCode OPTIONAL, 147 fwPkgName PreferredOrLegacyPackageIdentifier OPTIONAL, 148 config [1] SEQUENCE OF CurrentFWConfig OPTIONAL } 149 150FWErrorVersion ::= INTEGER { v1(1) } 151 152CurrentFWConfig ::= SEQUENCE { 153 fwPkgType INTEGER OPTIONAL, 154 fwPkgName PreferredOrLegacyPackageIdentifier } 155 156FirmwarePackageLoadErrorCode ::= ENUMERATED { 157 decodeFailure (1), 158 badContentInfo (2), 159 badSignedData (3), 160 badEncapContent (4), 161 badCertificate (5), 162 badSignerInfo (6), 163 badSignedAttrs (7), 164 badUnsignedAttrs (8), 165 missingContent (9), 166 noTrustAnchor (10), 167 notAuthorized (11), 168 badDigestAlgorithm (12), 169 badSignatureAlgorithm (13), 170 unsupportedKeySize (14), 171 signatureFailure (15), 172 contentTypeMismatch (16), 173 badEncryptedData (17), 174 unprotectedAttrsPresent (18), 175 badEncryptContent (19), 176 badEncryptAlgorithm (20), 177 missingCiphertext (21), 178 noDecryptKey (22), 179 decryptFailure (23), 180 badCompressAlgorithm (24), 181 missingCompressedContent (25), 182 decompressFailure (26), 183 wrongHardware (27), 184 stalePackage (28), 185 notInCommunity (29), 186 unsupportedPackageType (30), 187 missingDependency (31), 188 wrongDependencyVersion (32), 189 insufficientMemory (33), 190 badFirmware (34), 191 unsupportedParameters (35), 192 breaksDependency (36), 193 otherError (99) } 194 195VendorLoadErrorCode ::= INTEGER 196 197 198-- Other Name syntax for Hardware Module Name 199 200id-on-hardwareModuleName OBJECT IDENTIFIER ::= { 201 iso(1) identified-organization(3) dod(6) internet(1) security(5) 202 mechanisms(5) pkix(7) on(8) 4 } 203 204HardwareModuleName ::= SEQUENCE { 205 hwType OBJECT IDENTIFIER, 206 hwSerialNum OCTET STRING } 207 208 209 210-- From Errata ID 4093: Elements defined Section 2.2.10 and missing in the appendix 211 212id-aa-fwPkgMessageDigest OBJECT IDENTIFIER ::= { 213 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 214 smime(16) aa(2) 41 } 215 216FirmwarePackageMessageDigest ::= SEQUENCE { 217 algorithm AlgorithmIdentifier, 218 msgDigest OCTET STRING } 219 220END 221