Network Working Group                                         P. Hoffman
Internet-Draft                                            VPN Consortium
Updates: 3370, 3565, 3851, 3852,                               J. Schaad
4108, 4998, 5035, 5083, 5084                     Soaring Hawk Consulting
(if approved)                                              July 10, 2008                                            January 9, 2009
Intended status: Standards Track
Expires: January 11, July 13, 2009

                  New ASN.1 Modules for CMS and S/MIME
                    draft-ietf-smime-new-asn1-01.txt
                    draft-ietf-smime-new-asn1-02.txt

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she

   This Internet-Draft is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, submitted to IETF in accordance full conformance with Section 6 the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on January 11, July 13, 2009.

Copyright Notice

   Copyright (C) The (c) 2009 IETF Trust (2008). and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Abstract

   The Cryptographic Message Syntax (CMS) format, and many associated
   formats, are expressed using ASN.1.  The current ASN.1 modules
   conform to the 1988 version of ASN.1.  This document updates those
   ASN.1 modules to conform to the 2002 version of ASN.1.  There are no
   bits-on-the-wire changes to any of the formats; this is simply a
   change to the syntax.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.1.  Issues . . .  Design Notes . . . . . . . . . . . . . . . . . . . . . . .  4
       1.1.1.  More Modules To Be Added . . . . . .
     1.2.  Issues . . . . . . . . .  4
       1.1.2.  Algorithm Structure . . . . . . . . . . . . . . . . .  4
       1.1.3.
       1.2.1.  Module OIDs Changing . . . . . . . . . . . . . . . . .  4
   2.  ASN.1 Module AlgorithmInformation  . . . . . . . . . . . . . .  4  5
   3.  ASN.1 Module for RFC 3370  . . . . . . . . . . . . . . . . . . 12 14
   4.  ASN.1 Module for RFC 3565  . . . . . . . . . . . . . . . . . . 19
   5.  ASN.1 Module for RFC 3851  . . . . . . . . . . . . . . . . . . 19 21
   6.  ASN.1 Module for RFC 3852  . . . . . . . . . . . . . . . . . . 22 24
   7.  ASN.1 Module for RFC 4108  . . . . . . . . . . . . . . . . . . 32 34
   8.  ASN.1 Module for RFC 4998  . . . . . . . . . . . . . . . . . . 37 40
   9.  ASN.1 Module for RFC 5035  . . . . . . . . . . . . . . . . . . 39 41
   10. ASN.1 Module for RFC 5083  . . . . . . . . . . . . . . . . . . 45 48
   11. ASN.1 Module for RFC 5084  . . . . . . . . . . . . . . . . . . 46 48
   12. ASN.1 Module for RFC 5275  . . . . . . . . . . . . . . . . . . 46 51
   13. Security Considerations  . . . . . . . . . . . . . . . . . . . 53 58
   14. Normative References . . . . . . . . . . . . . . . . . . . . . 53 58
   Appendix A.  Change History  . . . . . . . . . . . . . . . . . . . 54 59
     A.1.  Changes between draft-hoffman-cms-new-asn1-00 and
           draft-ietf-smime-new-asn1-00 . . . . . . . . . . . . . . . 55 59
     A.2.  Changes between draft-ietf-smime-new-asn1-00 and -01 . . . 55
   Authors' Addresses . . . . . . . 60
     A.3.  Changes between draft-ietf-smime-new-asn1-01 and -02 . . . 60
   Authors' Addresses . . . . . . . . . . . . . . 55
   Intellectual Property and Copyright Statements . . . . . . . . . . 56 60

1.  Introduction

   Some developers would like the IETF to use the latest version of
   ASN.1 in its standards.  Most of the RFCs that relate to security
   protocols still use ASN.1 from the 1988 standard, which has been
   deprecated.  This is particularly true for the standards that relate
   to PKIX, CMS, and S/MIME.

   This document updates the following RFCs to use ASN.1 modules that
   conform to the 2002 version of ASN.1 [ASN1-2002].  Note that not all
   the modules are updated; some are included to simply make the set
   complete.

   o  RFC 3370, CMS Algorithms [RFC3370]

   o  RFC 3565, Use of AES in CMS [RFC3565]

   o  RFC 3851, S/MIME Version 3.1 Message Specification [RFC3851]

   o  RFC 3852, CMS main [RFC3852]

   o  RFC 4108, Using CMS to Protect Firmware Packages [RFC4108]

   o  RFC 4998, Evidence Record Syntax (ERS) [RFC4998]

   o  RFC 5035, Enhanced Security Services (ESS) [RFC5035]

   o  RFC 5083, CMS Authenticated-Enveloped-Data Content Type [RFC5083]

   o  RFC 5084, Using AES-CCM and AES-GCM Authenticated Encryption in
      CMS [RFC5084]

   o  RFC 5275, CMS Symmetric Key Management and Distribution [RFC5275]

   Note that some of the modules in this document get some of their
   definitions from places different than the modules in the original
   RFCs.  The idea is that these modules, when combined with the modules
   in [NEW-PKIX] can stand on their own and do not need to import
   definitions from anywhere else.

   The document also includes a module of common defintions called
   "AlgorithmInformation".  These definitions are used here and in
   [NEW-PKIX].

   Note that some of the modules here import definitions from the common
   definitions module, "PKIX-CommonTypes", in [NEW-PKIX].

1.1.  Issues

   This section will be removed before final publication.

1.1.1.  More Modules To Be Added

   There are many  Design Notes

   The modules from standards-track RFCs that are not listed in this document or the companion document on PKIX.  We will discuss
   with use the two communities which modules are appropriate for object model available in the two
   documents.  We will also consider making "super-modules", individual
   modules which might update multiple RFCs at one time.  We may also
   add objects
   2002 ASN.1 documents to some a great extent.  Objects for each of the modules.

1.1.2.  Algorithm Structure

   Algorithms
   different algorithm types are currently not defined here.  We need defined.  Also, all of the places where
   in the 1988 ASN.1 syntax had ANY holes to discuss what
   structure we want allow for algorithm variable syntax
   now have objects.  Currently, we just do
   "parameter, OID", but we could add more.  Because we don't know what
   the final structure is,

   Much like the object sets in way that the various modules are
   commented out.  We will fix this before finishing this project.

1.1.3.  Module OIDs Changing

   The OIDs given in PKIX and S/MIME working groups use the modules in this version
   prefix of id- for object identifiers, this document has also adopted
   a set of two, three, and four letter prefixes to allow for quick
   identification of the type of an object based on its name.  This
   allows, for example, the same back half of the name to be used for
   the different objects.  Thus, "id-sha1" is the object identifier,
   while "mda-sha1" is the message digest object for "sha1".

   One or more object sets for the different type of algorithms are
   defined.  A single consistent name for each of the different
   algorithm types is used.  For example, an object set named PublicKeys
   might contain the public keys defined in that module.  If no public
   keys are defined, then the object set is not created.  When
   referencing these objects sets when imported, one needs to be able to
   disambiguate between the different modules.  This is done by using
   both the module name (as specified in the IMPORT statement) and the
   object set name.  For example, in the module for RFC 5280:

   PublicKeys FROM PKIXAlgs-2008 { 1 3 6 1 5 5 7 0 995 }
   PublicKeys FROM PKIX1-PSS-OAEP-Algorithms { 1 3 6 1 5 5 7  33 }

   PublicKeyAlgorithms PUBLIC-KEY ::= { PKIXAlgs-2008.PublicKeys, ...,
       PKIX1-PSS-OAEP-Algorithms.PublicKeys }

1.2.  Issues

   This section will be removed before final publication.

1.2.1.  Module OIDs Changing

   The OIDs given in the modules in this version of the document are the
   same as the OIDs from the original modules, even though some of the
   modules have changed syntax.  That is clearly incorrect.  In a later
   version of this document, we will change the OIDs for every changed
   module.  The WG (hopefully in coordination with the PKIX WG) needs to
   determine how to do this and what the result will be.

2.  ASN.1 Module AlgorithmInformation

   This section contains a module that is imported by many other modules
   in this document and in [NEW-PKIX].  This module does not come from
   any existing RFC.

   AlgorithmInformation
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

   DEFINITIONS EXPLICIT TAGS ::=
   BEGIN

   EXPORTS ALL;
   IMPORTS

   KeyUsage
   FROM PKIX1Implicit88
       { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-pkix1-implicit(19) }
   ;

   --  Suggested prefixes for algorithm objects are:
   --
   --  mda-   Message Digest Algorithms
   --  sa-    Signature Algorithms
   --  kta-   Key Transport Algorithms (Asymetric)
   --  kaa-   Key Agreement Algorithms  (Asymetric)
   --  kwa-   Key Wrap Algorithms (Symetric)
   --  kda-   Key Derivation Algorithms
   --  maca-  Message Authentication Code Algorithms
   --  pk-    Public Key
   --  sea-   Symmetric  cea-   Content (symetric) Encryption Algorithm
   --  cap-   S/MIME Capabilities

   ParamOptions ::= ENUMERATED {
      required,         -- Parameters MUST be encoded in structure
       preferedPresent,
      preferredPresent, -- Parameters SHOULD be encoded in structure
       preferedAbsent,
      preferredAbsent,  -- Parameters SHOULD NOT be encoded in structure
      absent,           -- Parameters MUST NOT be encoded in structure
       notPresent,
       inheritable
      inheritable,      -- Parameters are inheritied if not present
      optional,         -- Parameters MAY be encoded in the structure
       ...
   }

   --  DIGEST-ALGORITHM
   --
   --  Describes the basic information for ASN.1 and a digest
   --      algorithm.
   --
   --  &id - contains the OID identifying the digest algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --
   --  Additional information such as the length of the hash could also
   --      be encoded.
   --
   --  Example:
   --  sha1 DIGEST-ALGORITHM ::= {
   --      IDENTIFIER id-sha1
   --      PARAM TYPE NULL
   --      PARMS ARE preferedAbsent preferredAbsent
   --  }

   DIGEST-ALGORITHM ::= CLASS {
       &id                 OBJECT IDENTIFIER,
       &Params             OPTIONAL,
       &paramPresence      ParamOptions DEFAULT required absent
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [&Params] [TYPE &Params] [ARE &paramPresence] ]
   }

   --  SIGNATURE-ALGORITHM
   --
   --  Describes the basic properities of a signature algorithm
   --
   --  &id - contains the OID identifying the signature algoithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --  &HashSet - The set of hash algorithms used with this
   --                  signature algoirthm
   --  &PublicKeySet - the set of public key algorithms for this
   --                  signature algorithm
   --  Example:
   --  sig-RSA-PSS SIGNATURE-ALGORITHM ::= {
   --     IDENTIFIER id-RSASSA-PSS
   --      PARAMS TYPE RSASSA-PSS-params
   -- ARE required
   --      HASH SET      HASHES {sha1 | md5, ... }
   --      PUBLIC KEY SET KEYS { pk-rsa | pk-rsa-pss }
   -- }

   SIGNATURE-ALGORITHM ::= CLASS {
       &id             OBJECT IDENTIFIER,
       &Params         OPTIONAL,
       &Value          OPTIONAL,
       &paramPresence  ParamOptions DEFAULT required, absent,
       &HashSet        DIGEST-ALGORITHM OPTIONAL,
       &PublicKeySet   PUBLIC-KEY OPTIONAL,
       &smimeCaps      SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [VALUE &Value]
       [PARAMS [&Params] [TYPE &Params] ARE &paramPresence ]
       [USES
       [HASHES &HashSet]
       [PUBKEYS
       [PUBLIC KEYS &PublicKeySet]
       [SMIME CAPS &smimeCaps]
   }

   --  PUBLIC-KEY
   --
   --  Describes the basic properities of a public key
   --
   --  &id - contains the OID identifying the public key
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --  &KeyValue - contains the type for the key value
   --
   --  Could add information about the keyUsage bits
   --
   --  Example:
   --  pk-rsa-pss PUBLIC-KEY ::= {
   --      IDENTIFIER id-RSASSA-PSS
   --      KEY RSAPublicKey
   --      HAS      PARAMS TYPE RSASSA-PSS-params
   --      PARAMS ARE optional
   --      KEY USAGE BITS { .... }
   --  }

   PUBLIC-KEY ::= CLASS {
       &id             OBJECT IDENTIFIER,
       &Params         OPTIONAL,
       &paramPresence  ParamOptions DEFAULT required,
       &KeyValue, absent,
       &KeyValue       OPTIONAL,
       &PrivateKey     OPTIONAL,
       &keyUsage       KeyUsage OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       KEY &KeyValue
       [KEY &KeyValue]
       [PARAMS [&Params] [TYPE &Params] ARE &paramPresence]
       [CERT KEY USAGE &keyUsage]
       [PRIVATE KEY &PrivateKey]
   }

   --  KEY-TRANSPORT
   --
   --  Describes the basic properities of a key transport algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --  &PublicKeySet - specify which public keys are used with
   --                       this algorithm
   --
   --  Example:
   --  rsaTransport KEY-TRANSPORT ::= {
   --      &id rsaEncryption
   --      &Params NULL
   --      &paramPresence required
   --      &PublicKeySet { pk-rsa | pk-rsa-pss }
   --  }

   KEY-TRANSPORT ::= CLASS {
       &id OBJECT IDENTIFIER UNIQUE,
       &Params,
       &paramPresnce   ParamOptions,
       &PublicKeySet   PUBLIC-KEY OPTIONAL
   }
       &Params             OPTIONAL,
       &paramPresence      ParamOptions DEFAULT absent,
       &PublicKeySet       PUBLIC-KEY OPTIONAL,
       &smimeCaps          SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [TYPE &Params] ARE &paramPresence]
       [PUBLIC KEYS &PublicKeySet]
       [SMIME CAPS &smimeCaps]
   }

   --  KEY-AGREE
   --
   --  Describes the basic properities of a key agreement algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --  &Ukm - type of user keying material used
   --  &PublicKeySet - specify which public keys are used with
   --                        this algorithm
   --
   --  Additional items could be a restricted set of key wrap algoithms
   --
   --  Example:
   --  dh-static-ephemerial KEY-TRANSPORT KEY-AGREE ::= {
   --      &id      IDENTIFIER id-alg-ESDH
   --      &Params      PARAMS TYPE KeyWrapAlgorithm
   --      &paramPresence ARE required
   --      - - user key material is not ASN.1 encoded.
   --      &PublicKeySet      PUBLIC KEYS {
   --         {IDENTIFIER dh-public-number KEY DHPublicKey
   --            HASH PARAMS DHDomainParamters PARAMS ARE inheritable }
   --      }
   --      - - UKM should be present, but is not separately
   --      - -     ASN.1 encoded
   --      UKM ARE preferredPresent
   --  }

   KEY-AGREE ::= CLASS {
       &id            OBJECT IDENTIFIER UNIQUE,
       &Params         OPTIONAL,
       &paramPresence  ParamOptions DEFAULT required, absent,
       &Ukm            OPTIONAL,
       &ukmPresence    ParamOptions DEFAULT absent,
       &PublicKeySet   PUBLIC-KEY OPTIONAL,
       &smimeCaps      SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [&Params] [TYPE &Params] ARE &paramPresence]
       [PUBLIC KEY KEYS &PublicKeySet]
       [UKM [TYPE &Ukm] ARE &ukmPresence]
       [SMIME CAPS &smimeCaps]
   }

   --  KEY-WRAP
   --
   --  Describes the basic properities of a key wrap algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --
   --  Example:
   --  cms3DESwrap KEY-WRAP ::= {
   --      &id      IDENTIFIER id-alg-CMS3DESwrap
   --      &Params      PARAMS TYPE NULL
   --      &paramPresence ARE required
   --  }

   KEY-WRAP ::= CLASS {
       &id                OBJECT IDENTIFIER UNIQUE,
       &Params            OPTIONAL,
       &paramPresence     ParamOptions DEFAULT required absent,
       &smimeCaps         SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [&Params] [TYPE &Params] ARE &paramPresence]
       [SMIME CAPS &smimeCaps]
   }

   --  KEY-DERIVATION
   --
   --  Describes the basic properities of a key transport algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --
   --  Could add information about defaults for the derivation algorithm
   --      such as PRFs
   --
   --  Example:
   --  pbkdf2 KEY-DERIVATION ::= {
   --      &id      IDENTIFIER id-PBKF2
   --      &Params      PARAMS TYPE PBKDF2-params
   --      &paramPresence ARE required
   --  }

   KEY-DERIVATION ::= CLASS {
       &id                OBJECT IDENTIFIER UNIQUE,
       &Params            OPTIONAL,
       &paramPresence     ParamOptions DEFAULT required absent,
       &smimeCaps         SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
        PARAMS [&Params]
       [PARAMS [TYPE &Params] ARE &paramPresence
   }

   --  BULK-ENCRYPTION
   --
   --  Describes the basic properities of a bulk encryption algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --
   --  Example:
   --  aes128 BULK-ENCRYPTION ::= {
   --      &id id-aes128-CBC
   --      &Params AES-IV
   --      &paramPresence required
   --  }

   BULK-ENCRYPTION ::= CLASS {
       &id    OBJECT IDENTIFIER UNIQUE,
       &Params,
       &paramPresence      ParamOptions DEFAULT required
   } WITH SYNTAX {
       OID &id
       PARAMS &Params [ARE &paramPresence]
       [SMIME CAPS &smimeCaps]
   }

   -- MAC-ALGORITHM
   --
   --  Describes the basic properities of a key transport algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --  &keyed - MAC algorithm is a keyed MAC algorithm
   --
   --  It would make sense to also add minimum and maximum MAC lengths
   --
   --  Example:
   --  hmac-sha1  maca-hmac-sha1 MAC-ALGORITHM ::= {
   --      &id      IDENTIFIER hMAC-SHA1
   --      &Params      PARAMS TYPE NULL
   --      &paramPresence ARE perferedAbsent
   --  }

   MAC-ALGORITHM ::= CLASS {
       &id                 OBJECT IDENTIFIER UNIQUE,
       &Params             OPTIONAL,
       &paramPresence      ParamOptions DEFAULT required absent,
       &keyed              BOOLEAN,
       &smimeCaps          SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       OID
       IDENTIFIER &id
       [PARAMS [&Params] [TYPE &Params] [ARE &paramPresence]]
       IS KEYED MAC &keyed
       [SMIME CAPS &smimeCaps]
   }

   --  CONTENT-ENCRYPTION
   --
   --  Describes the basic properities of a symetric encryption
   --      algorithm
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --  &paramPresence - parameter presence requirement
   --
   --  Example:
   --  cms3DESwrap KEY-WRAP ::= {
   --      &id      IDENTIFIER id-alg-CMS3DESwrap
   --      &Params      PARAMS TYPE NULL
   --      &paramPresence ARE required
   --  }

   CONTENT-ENCRYPTION ::= CLASS {
       &id                OBJECT IDENTIFIER UNIQUE,
       &Params            OPTIONAL,
       &paramPresence     ParamOptions DEFAULT required absent,
       &smimeCaps         SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [&Params] [TYPE &Params] ARE &paramPresence]
   }

   AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
   SEQUENCE {
       algorithm   ALGORITHM-TYPE.&id({AlgorithmSet}),
       parameters  ALGORITHM-TYPE.
              &Params({AlgorithmSet}{@algorithm}) OPTIONAL
       [SMIME CAPS &smimeCaps]
   }

   -- ALGORITHM
   --
   -- Describes a generic algorithm identifier
   --
   --  &id - contains the OID identifying the key transport algorithm
   --  &Params - contains the type for the algoithm parameters,
   --               if present; absent implies no paameters
   --
   --  This would be used for cases where an unknown algorithm is
   --  used.  One should consider using TYPE-IDENTIFIER in these cases.

   ALGORITHM ::= CLASS {
       &id OBJECT   IDENTIFIER UNIQUE,
       &Params      OPTIONAL,
       &paramPresence ParamOptions DEFAULT absent,
       &smimeCaps   SMIME-CAPS OPTIONAL
   } WITH SYNTAX {
       IDENTIFIER &id
       [PARAMS [TYPE &Params] ARE &paramPresence]
       [SMIME CAPS &smimeCaps]
   }

   END

3.  ASN.1 Module for RFC 3370

  CryptographicMessageSyntaxAlgorithms
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cmsalg-2001(16) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  IMPORTS

  ParamOptions, DIGEST-ALGORITHM, SIGNATURE-ALGORITHM,
     PUBLIC-KEY, KEY-DERIVATION, KEY-WRAP, MAC-ALGORITHM,
     KEY-AGREE, KEY-TRANSPORT, CONTENT-ENCRYPTION, ALGORITHM,

   -- AlgorithmIdentifier
  FROM AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

  --FROM PKIX-CommonTypes
   --    {iso(1) identified-organization(3) dod(6) internet(1)
   --    security(5) mechanisms(5) pkix(7) id-mod(0) Provides the generic structure that is used to encode algorithm
   --    id-mod-pkixCommon(43) }
      ;    identification and the parameters associated with the
   --    algorithm.
   --
   --  Create The first parameter represents the object sets for each type of the different type algorithm being
   --    used.
   -- The second parameter represents a object set containing the set of signature
   --    algorithms defined by that may occur in this module. situation.
   --    The first set of required algorithms should occur to the left
   --      of an extension marker, all other algorithms should occur to
   --  Philosophy:  Sean Turner raised      the question about wheither theses right of an extension marker.
   --
   -- The object sets should class ALGORITHM can be defined as being extensible.  My response is
  --  as follows: used for generic unspecified
   --     items.
   -- If new ALGORITHM objects are defined, the working group believes that this document would be updated fields &id and &Params
   --     need to be present as field in the future for object.
   --

   AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::=
           SEQUENCE {
               algorithm   ALGORITHM-TYPE.&id({AlgorithmSet}),
               parameters  ALGORITHM-TYPE.
                      &Params({AlgorithmSet}{@algorithm}) OPTIONAL
           }
   --  S/MIME Capabilities
   --
   --  We have moved the definition SMIME-CAPS out of new algorithms, or that
  --    this document would be updated rfc3851.asn to reference (and thus include) here since it
   --    new algorithms defined  is used in the PKIX document RFC 4262 - Use of S/MIME Caps in other documents, then these object
   --    sets need  certificate extension
   --
   --
   --  This class is used to be marked as extensible. represent an S/MIME capability.  S/MIME
   --  If  capabilities are used to represent what algorithm capabilities
   --  an individual has. The classic example was the working group believes that new algorithms will content encryption
   --  algorithm RC2 where the algorithm id and the RC2 key lengths
   --  supported needed to be defined advertised, but the IV used is not fixed.
   --     by  Thus for RC2 we used
   --
   --  cap-RC2CBC SMIME-CAPS ::= {
   --      TYPE INTEGER ( 40 | 128 ) IDENTIFIED BY rc2-cbc }
   --
   --  where 40 and 128 represent the creation RC2 key length in number of new documents, then these object sets do not bits.
   --     need
   --  Another example where infomation needs to be extensible. shown is for
   --  RSA-OAEP where only specific hash functions or mask generation
   --  functions are suppoted, but the saltLength is specified by the
   --  sender and not the recipient.  In this case one can either case, documents that
   --  generate a number of different capability items are referencing these objects sets generated,
   --  or a new S/MIME capability type could  be generated where
   --  multiple hash functions could be specified.
   --
   --
   --  SMIME-CAP
   --
   --  This class is used to associate the type descibing capabilities
   --  with the object identifier.
   --

   SMIME-CAPS ::= CLASS {
       &id         OBJECT IDENTIFIER UNIQUE,
       &Type       OPTIONAL
   }
   WITH SYNTAX { [TYPE &Type] IDENTIFIED BY &id }

   --
   --  Generic type - this is used for defining values.
   --     should probably be marked as being extensible in the location

   --     they are being used. Thus  Parameterized Type - this is used in the main PKIX document you would
  --     have structures to allow for
   --      automatic decoding to occur on capaiblity parameters for a
   --  SIGNED{ToBeSigned}      specific set of values.

   SMIMECapability{SMIME-CAPS:CapabilitySet} ::= SEQUENCE {
  --      toBeSigned  ToBeSigned,
  --      algorithm   AlgorithmIdentifier
  --         {SIGNATURE-ALGORITHM, {Sa-PKIXAlgorithms, ...}},
  --      signature   BIT STRING
  --
       capabilityID        SMIME-CAPS.&id({CapabilitySet}),
       parameters          SMIME-CAPS.&Type({CapabilitySet}
                               {@capabilityID}) OPTIONAL
   }

   --  Parameterized Type - this is used in structures to all for
   --  Future versions might include additional algorithm drafts and
  --      use the line
  --      algorithm   AlgorithmIdentifier
  --          {SIGNATURE-ALGORITHM,
  --             {Sa-PKIXAlgorithms, ..., Sa-NewPKIXAlgorithms}},
  --      automatic decoding to occur on capability parametes for a
   --  Signature algorithms in this document

  Sa-CMSAlgorithms SIGNATURE-ALGORITHM      specific set of values.

   SMIMECapabilities { SMIME-CAPS : CapabilitySet } ::=
           SEQUENCE SIZE (1..MAX) OF SMIMECapability{{CapabilitySet} }

   END

3.  ASN.1 Module for RFC 3370

  CryptographicMessageSyntaxAlgorithms
      {
          sa-dsa-with-sha1 |
          sa-md5WithRSAEncryption |
          sa-sha1WithRSAEncryption iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cmsalg-2001(16) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  IMPORTS

  ParamOptions, DIGEST-ALGORITHM, SIGNATURE-ALGORITHM,
     PUBLIC-KEY, KEY-DERIVATION, KEY-WRAP, MAC-ALGORITHM,
     KEY-AGREE, KEY-TRANSPORT, CONTENT-ENCRYPTION, ALGORITHM,
     AlgorithmIdentifier{}, SMIME-CAPS
  FROM AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

  pk-rsa, pk-dh, pk-dsa,
  rsaEncryption, DHPublicKey, dhpublicnumber
  FROM
     PKIXAlgs-2008 { iso(1) identified-organization(3) dod(6)
       internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) 995 }

  cap-RC2CBC
  FROM SecureMimeMessageV3dot1
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
        smime(16) modules(0) msg-v3dot1(21) }

      ;
  --  2. Hash algorthms in this document

  Mda-CMSAlgorithms

  MessageDigestAlgs DIGEST-ALGORITHM ::= {
          -- mda-md5 |
          mda-sha1
          -- mda-sha1,
          ... }

  --  Public Key Algorithms  3. Signature algorithms in this document

  Pk-CMSAlgorithms PUBLIC-KEY

  SignatureAlgs SIGNATURE-ALGORITHM ::= { pk-dsa
  --      See rfc3279.asn
  --        sa-dsaWithSHA1 | pk-rsa
  --        sa-rsaWithMD5 | pk-dh
  --        sa-rsaWithSHA1,
            ... }

  --

  Kta-CMSAlgorithms KEY-TRANSPORT ::= {...}  4.  Key Managment Algorithms
  --  4.1 Key Agreement Algorithms

  Kaa-CMSAlgorithms

  KeyAgreementAlgs KEY-AGREE ::= {kaa-esdh { kaa-esdh | kaa-ssdh} kaa-ssdh, ...}
  KeyAgreePublicKeys PUBLIC-KEY ::= { pk-dh, ...}

  --  4.2  Key Wrap Transport Algorithms

  Kwa-CMSAlgorithms KEY-WRAP

  KeyTransportAlgs KEY-TRANSPORT ::= { kt-rsa, ... }

  -- Message Authenticaiton Code  4.3  Symmetric Key-Encryption Key Algorithms
  Mac-CMSAlgorithms MAC-ALGORITHM ::= {...}

  --

  Cea-CMSAlgorithms CONTENT-ENCRYPTION ::= {...}

  -- Algorithm Identifiers

  sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
     oiw(14) secsig(3) algorithm(2) 26 }

  md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
     rsadsi(113549) digestAlgorithm(2) 5 }

  id-dsa OBJECT IDENTIFIER

  KeyWrapAlgs KEY-WRAP ::= { iso(1) member-body(2) us(840)
     x9-57(10040) x9cm(4) 1 kwa-3DESWrap | kwa-RC2Wrap, ... }

  id-dsa-with-sha1 OBJECT IDENTIFIER

  --  4.4  Key Derivation Algorithms

  KeyDerivationAlgs KEY-DERIVATION ::= { iso(1) member-body(2)
     us(840) x9-57(10040) x9cm(4) 3 kda-PBKDF2, ... }

  rsaEncryption OBJECT IDENTIFIER

  --  5.  Content Encryption Algorithms

  ContentEncryptionAlgs CONTENT-ENCRYPTION ::=
      { iso(1) member-body(2)
     us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 1 cea-3DES-cbc | cea-RC2-cbc, ... }

  md5WithRSAEncryption OBJECT IDENTIFIER

  --  6.  Message Authenticaiton Code Algorithms

  MessageAuthAlgs MAC-ALGORITHM ::= { iso(1)
     member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 4 maca-hMAC-SHA1, ... }

  sha1WithRSAEncryption

  --  SMIME Capabilities for these items

  SMimeCaps SMIME-CAPS ::= {
      kaa-esdh.&smimeCaps         |
      kaa-ssdh.&smimeCaps         |
      kt-rsa.&smimeCaps           |
      kwa-3DESWrap.&smimeCaps     |
      kwa-RC2Wrap.&smimeCaps      |
      cea-3DES-cbc.&smimeCaps     |
      cea-RC2-cbc.&smimeCaps      |
      maca-hMAC-SHA1.&smimeCaps,
      ...}

  --
  --
  --

  -- Algorithm Identifiers

  -- rsaEncryption OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  --    us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 5 }

  dh-public-number OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) ansi-x942(10046) number-type(2) 1 }

  id-alg-ESDH OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
     rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 5 }

  id-alg-SSDH OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
     rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 10 }

  id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6 }

  id-alg-CMSRC2wrap OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 7 }

  des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) rsadsi(113549) encryptionAlgorithm(3) 7 }

  rc2-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
     rsadsi(113549) encryptionAlgorithm(3) 2 }

  hMAC-SHA1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
     dod(6) internet(1) security(5) mechanisms(5) 8 1 2 }

  id-PBKDF2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
     rsadsi(113549) pkcs(1) pkcs-5(5) 12 }

  -- Public Key Types

  Dss-Pub-Key ::= INTEGER  -- Y

  RSAPublicKey ::= SEQUENCE {
      modulus INTEGER,  -- n
      publicExponent INTEGER }  -- e

  DHPublicKey ::= INTEGER  -- y = g^x mod p

  -- Signature Value Types

  Dss-Sig-Value ::= SEQUENCE {
      r INTEGER,
      s INTEGER }

  -- Algorithm Identifier Parameter Types

  Dss-Parms ::= SEQUENCE {
      p INTEGER,
      q INTEGER,
      g INTEGER }

  DHDomainParameters ::= SEQUENCE {
      p INTEGER,  -- odd prime, p=jq +1
      g INTEGER,  -- generator, g
      q INTEGER,  -- factor of p-1
      j INTEGER OPTIONAL,  -- subgroup factor
      validationParms ValidationParms OPTIONAL }

  ValidationParms ::= SEQUENCE {
      seed BIT STRING,
      pgenCounter INTEGER }

  KeyWrapAlgorithm ::=
      AlgorithmIdentifier {KEY-WRAP, {Kwa-CMSAlgorithms {KeyWrapAlgs }}

  RC2wrapParameter ::= RC2ParameterVersion
  RC2ParameterVersion ::= INTEGER

  CBCParameter ::= IV

  IV ::= OCTET STRING  -- exactly 8 octets

  RC2CBCParameter ::= SEQUENCE {
      rc2ParameterVersion INTEGER (1..256),
      iv OCTET STRING  }  -- exactly 8 octets

  maca-hMAC-SHA1 MAC-ALGORITHM ::= {
      OID
      IDENTIFIER hMAC-SHA1
      PARAMS TYPE NULL ARE required preferredAbsent
      IS KEYED MAC TRUE
      SMIME CAPS {IDENTIFIED BY hMAC-SHA1}
  }

  -- Another way to do the following would be:
  -- alg-hMAC-SHA1 AlgorithmIdentifier{{PBKDF2-PRFs}} ::=
  --  { algorithm hMAC-SHA1, parameters NULL:NULL }

  PBKDF2-PRFsAlgorithmIdentifier ::= AlgorithmIdentifier{ ALGORITHM,
                                         {PBKDF2-PRFs} }

  alg-hMAC-SHA1 -- PBKDF2-PRFsAlgorithmIdentifier ::=
  ALGORITHM ::=
      { IDENTIFIER hMAC-SHA1 PARAMS TYPE NULL ARE required }

  PBKDF2-SaltSources ALGORITHM ::= { ... }

  PBKDF2-PRFs ALGORITHM ::= { alg-hMAC-SHA1, ... }

  PBKDF2-SaltSourcesAlgorithmIdentifier ::=
      AlgorithmIdentifier {ALGORITHM, {PBKDF2-SaltSources}}

  defaultPBKDF2 PBKDF2-PRFsAlgorithmIdentifier ::=
      { algorithm alg-hMAC-SHA1.&id, parameters NULL:NULL }

  PBKDF2-params ::= SEQUENCE {
      salt CHOICE {
          specified OCTET STRING,
          otherSource PBKDF2-SaltSourcesAlgorithmIdentifier },
      iterationCount INTEGER (1..MAX),
      keyLength INTEGER (1..MAX) OPTIONAL,
      prf PBKDF2-PRFsAlgorithmIdentifier DEFAULT
              defaultPBKDF2
          }

  mda-sha1 DIGEST-ALGORITHM ::= {
          IDENTIFIER sha-1 PARAMS NULL ARE preferedAbsent }
  mda-md5 DIGEST-ALGORITHM ::= {
          IDENTIFIER md5 PARAMS NULL ARE preferedAbsent }

  pk-dsa PUBLIC-KEY ::= {
          IDENTIFIER id-dsa
          KEY Dss-Pub-Key
          PARAMS Dss-Parms ARE inheritable
  }

  sa-dsa-with-sha1 SIGNATURE-ALGORITHM ::= {
          IDENTIFIER id-dsa-with-sha1
          VALUE Dss-Sig-Value
          PARAMS Dss-Parms ARE inheritable
          USES {mda-sha1}
          PUBKEYS {pk-dsa}
          }

  pk-rsa PUBLIC-KEY ::= {
          IDENTIFIER rsaEncryption
          KEY RSAPublicKey
          PARAMS NULL ARE required
  }
  --
  --  This object is included for completeness.  It should not be used
  --      for encoding of signtures, but was sometimes used in older
  --      versions of CMS for encoding of RSA signatures.
  --
  --
  -- sa-rsa SIGNATURE-ALGORITHM ::= {
  --         IDENTIFIER rsaEncryption
  --         - - value is not ASN.1 encoded
  --         PARAMS TYPE NULL ARE required
          USES
  --         HASHES {mda-sha1 | mda-md5, ...}
          PUBKEYS { pk-rsa}
  }

  sa-sha1WithRSAEncryption SIGNATURE-ALGORITHM ::= {
          IDENTIFIER sha1WithRSAEncryption
          -- value is not ASN.1 encoded
          PARAMS NULL ARE required
          USES {mda-sha1}
          PUBKEYS {pk-rsa}
  }

  sa-md5WithRSAEncryption SIGNATURE-ALGORITHM ::= {
          IDENTIFIER md5WithRSAEncryption
          -- value is not ASN.1 encoded
          PARAMS NULL ARE required
          USES {mda-md5}
          PUBKEYS {pk-rsa}
  --         PUBLIC KEYS { pk-rsa}
  -- }
  --
  -- No ASN.1 encoding is applied to the signature value
  --    for these items

  pk-dh PUBLIC-KEY ::= {
       IDENTIFIER dh-public-number
       KEY DHPublicKey
       PARAMS DHDomainParameters ARE inheritable
  }

  kaa-esdh KEY-AGREE ::= {
       IDENTIFIER id-alg-ESDH
       PARAMS TYPE KeyWrapAlgorithm ARE required
       PUBLIC KEY KEYS { pk-dh }
       -- UKM is not ASN.1 encoded
       UKM ARE optional
       SMIME CAPS {TYPE KeyWrapAlgorithm IDENTIFIED BY id-alg-ESDH}
  }

  kaa-ssdh KEY-AGREE ::= {
       IDENTIFIER id-alg-SSDH
       PARAMS TYPE KeyWrapAlgorithm ARE required
       PUBLIC KEY KEYS {pk-dh}
       -- UKM is not ASN.1 encoded
       UKM ARE optional
       SMIME CAPS {TYPE KeyWrapAlgorithm IDENTIFIED BY id-alg-SSDH}
  }

  KeyTransportAlgorithms ALGORITHM

  dh-public-number OBJECT IDENTIFIER ::= {...}

  SymmetricKeyEncryptionAlgorthms KEY-WRAP dhpublicnumber

  pk-originator-dh PUBLIC-KEY ::= { kwa-3DESWrap | kwa-RC2Wrap
      IDENTIFIER dh-public-number
      KEY DHPublicKey
      PARAMS ARE absent
      CERT KEY USAGE {keyAgreement, encipherOnly, decipherOnly}
  }

  kwa-3DESWrap KEY-WRAP ::= {
       IDENTIFIER id-alg-CMS3DESwrap
       PARAMS TYPE NULL ARE required
       SMIME CAPS {IDENTIFIED BY id-alg-CMSRC2wrap}
  }

  kwa-RC2Wrap KEY-WRAP ::= {
       IDENTIFIER id-alg-CMSRC2wrap
       PARAMS TYPE RC2wrapParameter ARE required
  }

  KeyDerivationAlgorithms KEY-DERIVATION ::=
       SMIME CAPS {
          kda-PBKDF2} IDENTIFIED BY id-alg-CMSRC2wrap }
  }

  kda-PBKDF2 KEY-DERIVATION ::= {
      IDENTIFIER id-PBKDF2
      PARAMS TYPE PBKDF2-params ARE required
      -- No s/mime caps defined
  }

  ContentEncryptionAlgorthms ALGORITHM

  cea-3DES-cbc CONTENT-ENCRYPTION ::= {...} {
      IDENTIFIER des-ede3-cbc
      PARAMS TYPE IV ARE required
      SMIME CAPS { IDENTIFIED BY des-ede3-cbc }
  }

  cea-RC2-cbc CONTENT-ENCRYPTION ::= {
      IDENTIFIER rc2-cbc
      PARAMS TYPE RC2CBCParameter ARE required
      SMIME CAPS cap-RC2CBC
  }

  kt-rsa KEY-TRANSPORT ::= {
      IDENTIFIER rsaEncryption
      PARAMS TYPE NULL ARE required
      PUBLIC KEYS { pk-rsa }
      SMIME CAPS {IDENTIFIED BY rsaEncryption}
  }

  --  S/MIME Capabilities - most have no label.

  cap-3DESwrap SMIME-CAPS ::= { IDENTIFIED BY id-alg-CMS3DESwrap }

  END

4.  ASN.1 Module for RFC 3565

   CMSAesRsaesOaep {iso(1) member-body(2) us(840) rsadsi(113549)
       pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-cms-aes(19) }
   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN
   IMPORTS

   CONTENT-ENCRYPTION, KEY-WRAP, SMIME-CAPS
   FROM AlgorithmInformation
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}
   ;

   AES-ContentEncryption CONTENT-ENCRYPTION ::= {
       cea-aes128-cbc | cea-aes192-cbc | cea-aes256-cbc, ...
   }

   AES-KeyWrap KEY-WRAP ::= {
       kwa-aes128-wrap | kwa-aes192-wrap | kwa-aes256-wrap, ...
   }

   SMimeCaps SMIME-CAPS ::= {
      cea-aes128-cbc.&smimeCaps |
      cea-aes192-cbc.&smimeCaps |
      cea-aes256-cbc.&smimeCaps |
      kwa-aes128-wrap.&smimeCaps |
      kwa-aes192-wrap.&smimeCaps |
      kwa-aes256-wrap.&smimeCaps, ...
   }

   -- AES information object identifiers --

   aes OBJECT IDENTIFIER ::=
       { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
       csor(3) nistAlgorithms(4)  1 }

   -- AES using CBC-chaining mode for key sizes of 128, 192, 256

   id-aes128-CBC OBJECT IDENTIFIER ::= { aes 2 }
   id-aes192-CBC OBJECT IDENTIFIER ::= { aes 22 }
   id-aes256-CBC OBJECT IDENTIFIER ::= { aes 42 }

   cea-aes128-cbc CONTENT-ENCRYPTION ::= {
       IDENTIFIER id-aes128-CBC
       PARAMS TYPE AES-IV ARE required
       SMIME CAPS { IDENTIFIED BY id-aes128-CBC }
   }

   cea-aes192-cbc CONTENT-ENCRYPTION ::= {
       IDENTIFIER id-aes192-CBC
       PARAMS TYPE AES-IV ARE required
       SMIME CAPS { IDENTIFIED BY id-aes192-CBC }
   }

   cea-aes256-cbc CONTENT-ENCRYPTION ::= {
       IDENTIFIER id-aes256-CBC
       PARAMS TYPE AES-IV ARE required
       SMIME CAPS { IDENTIFIED BY id-aes256-CBC }
   }

   -- AES-IV is a the parameter for all the above object identifiers.

   AES-IV ::= OCTET STRING (SIZE(16))

   -- AES Key Wrap Algorithm Identifiers  - Parameter is absent

   id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
   id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 }
   id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 aes 45 }

   kwa-aes128-wrap KEY-WRAP ::= {
       IDENTIFIER id-aes128-wrap
       PARAMS ARE absent
       SMIME CAPS { IDENTIFIED BY id-aes128-wrap }
   }

   kwa-aes192-wrap KEY-WRAP ::= {
       IDENTIFIER id-aes192-wrap
       PARAMS ARE absent
       SMIME CAPS { IDENTIFIED BY id-aes192-wrap }
   }

   kwa-aes256-wrap KEY-WRAP ::= {
       IDENTIFIER id-aes256-wrap
       PARAMS ARE absent
       SMIME CAPS { IDENTIFIED BY id-aes256-wrap }
   }

   END

5.  ASN.1 Module for RFC 3851

  SecureMimeMessageV3dot1
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
        smime(16) modules(0) msg-v3dot1(21) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  IMPORTS

  SMIME-CAPS, SMIMECapabilities{}
  FROM AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

  ATTRIBUTE
  FROM PKIX-CommonTypes
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon(43) }

  SubjectKeyIdentifier, IssuerAndSerialNumber, RecipientKeyIdentifier,
  CMS-ATTRIBUTE RecipientKeyIdentifier
  FROM CryptographicMessageSyntax2004
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-2004(24) }

  rc2-cbc

  rc2-cbc, SMimeCaps
  FROM CryptographicMessageSyntaxAlgorithms
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cmsalg-2001(16) }; }

  SMimeCaps
  FROM PKIXAlgs-2008 { iso(1) identified-organization(3) dod(6)
    internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) 995 }

  SMimeCaps
  FROM PKIX1-PSS-OAEP-Algorithms
       { iso(1) identified-organization(3) dod(6)
         internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
         id-mod-pkix1-rsa-pkalgs(33) }
  ;

  SMimeAttributeSet CMS-ATTRIBUTE ATTRIBUTE ::=
      { attr-smimeCapabilities aa-smimeCapabilities | attr-encrypKeyPref aa-encrypKeyPref, ... }

  --  id-aa is the arc with all new authenticated and unauthenticated
  --  attributes produced the by S/MIME Working Group

  id-aa OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) usa(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) attributes(2)}

  -- S/MIME Capabilities provides a method of broadcasting the symmetric
  -- capabilities understood.  Algorithms SHOULD be ordered by
  -- preference and grouped by type

  attr-smimeCapabilities CMS-ATTRIBUTE

  aa-smimeCapabilities ATTRIBUTE ::=
      { TYPE SMIMECapabilities SMIMECapabilities{{SMimeCapsSet}} IDENTIFIED BY
            smimeCapabilities }

  smimeCapabilities OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      15 }

  SMIME-CAPS ::= CLASS {
      &Type   OPTIONAL,
      &id     OBJECT IDENTIFIER UNIQUE
  }
  WITH SYNTAX {TYPE &Type IDENTIFIED BY &id }

  SMIMECapability ::= SEQUENCE {
     capabilityID   SMIME-CAPS.
                        &id({SMimeCapsSet}),
     parameters     SMIME-CAPS.
                         &Type({SMimeCapsSet}{@capabilityID}) OPTIONAL
  }

  SMimeCapsSet SMIME-CAPS ::=
      { cap-preferBinaryInside | cap-RC2CBC, cap-RC2CBC |
      PKIXAlgs-2008.SMimeCaps |
      CryptographicMessageSyntaxAlgorithms.SMimeCaps |
      PKIX1-PSS-OAEP-Algorithms.SMimeCaps, ... }

  SMIMECapabilities ::= SEQUENCE OF SMIMECapability
  --

  --- Encryption Key Preference provides a method of broadcasting the
  -- preferred encryption certificate.

  attr-encrypKeyPref CMS-ATTRIBUTE

  aa-encrypKeyPref ATTRIBUTE ::=
      { TYPE SMIMEEncryptionKeyPreference
          IDENTIFIED BY id-aa-encrypKeyPref }

  id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11}

  SMIMEEncryptionKeyPreference ::= CHOICE {
     issuerAndSerialNumber   [0] IssuerAndSerialNumber,
     receipentKeyId          [1] RecipientKeyIdentifier,
     subjectAltKeyIdentifier [2] SubjectKeyIdentifier
  }

  id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
     us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 }

  id-cap  OBJECT IDENTIFIER ::= { id-smime 11 }

  -- The preferBinaryInside indicates an ability to receive messages
  -- with binary encoding inside the CMS wrapper

  cap-preferBinaryInside SMIME-CAPS ::=
      { TYPE NULL -- No value -- IDENTIFIED BY id-cap-preferBinaryInside }

  id-cap-preferBinaryInside  OBJECT IDENTIFIER ::= { id-cap 1 }

  --  The following list the OIDs to be used with S/MIME V3

  -- Signature Algorithms Not Found in [CMSALG]
  --
  -- md2WithRSAEncryption OBJECT IDENTIFIER ::=
  --    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1)
  --     2}
  --
  -- Other Signed Attributes
  --
  -- signingTime OBJECT IDENTIFIER ::=
  --    {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
  --     5}
  --    See [CMS] for a description of how to encode the attribute
  --    value.

  cap-RC2CBC SMIME-CAPS ::=
      { TYPE SMIMECapabilitiesParametersForRC2CBC
          IDENTIFIED BY rc2-cbc}

  SMIMECapabilitiesParametersForRC2CBC ::= INTEGER (40 | 128, ...)
  --    (RC2 Key Length (number of bits))

  END

6.  ASN.1 Module for RFC 3852

   This module has an ASN.1 idiom for noting in which version of CMS
   changes were made from the original PKCS #10; #7; that idiom is "[[v:",
   where "v" is an integer.  For example:

   RevocationInfoChoice ::= CHOICE {
       crl CertificateList,
       ...,
       [[5: other [1] IMPLICIT OtherRevocationInfoFormat ]] }

   Similarly, this module adds the ASN.1 idiom for extensiblity (the
   "...,") in all places that have been extended in the past.  See the
   example above.

   CryptographicMessageSyntax2004
       { iso(1) member-body(2) us(840) rsadsi(113549)
       pkcs(1) pkcs-9(9) smime(16) modules(0) cms-2004(24) }
   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   -- Set MAX and MIN for attributes

   IMPORTS
   ParamOptions, DIGEST-ALGORITHM, SIGNATURE-ALGORITHM,
      PUBLIC-KEY, KEY-DERIVATION, KEY-WRAP, MAC-ALGORITHM,
      KEY-AGREE, KEY-TRANSPORT, CONTENT-ENCRYPTION, ALGORITHM,
      AlgorithmIdentifier
   FROM AlgorithmInformation
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

   Sa-CMSAlgorithms, Mda-CMSAlgorithms, Kaa-CMSAlgorithms,
   Mac-CMSAlgorithms, Kwa-CMSAlgorithms, Cea-CMSAlgorithms,
   Kta-CMSAlgorithms

   SignatureAlgs, MessageDigestAlgs, KeyAgreementAlgs,
   MessageAuthAlgs, KeyWrapAlgs, ContentEncryptionAlgs,
   KeyTransportAlgs, KeyDerivationAlgs, KeyAgreePublicKeys
   FROM CryptographicMessageSyntaxAlgorithms
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) modules(0) cmsalg-2001(16) }

   Certificate, CertificateList, CertificateSerialNumber,
       Name, ATTRIBUTE
   FROM PKIX1Explicit88
       { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-pkix1-explicit(18) }

   AttributeCertificate
   FROM PKIXAttributeCertificate
       { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-mod-attribute-cert(12) }

   AttributeCertificateV1
   FROM AttributeCertificateVersion1
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) modules(0) v1AttrCert(15) } ;

   -- Cryptographic Message Syntax

   -- The following are used for version numbers using the ASN.1
   --   idiom "[[n:"
   --   Version 1 = PKCS #7
   --   Version 2 = S/MIME V2
   --   Version 3 = RFC 2630
   --   Version 4 = RFC 3369
   --   Version 5 = RFC 3852

   CONTENT-TYPE ::= TYPE-IDENTIFIER
   ContentType ::= CONTENT-TYPE.&id

   ContentInfo ::= SEQUENCE {
       contentType        CONTENT-TYPE.
                       &id({ContentSet}),
       content            [0] EXPLICIT CONTENT-TYPE.
                       &Type({ContentSet}{@contentType})}

   ContentSet CONTENT-TYPE ::= {
       --  Define the set of content types to be recognized.
       ct-Data | ct-SignedData | ct-EncryptedData | ct-EnvelopedData |
       ct-AuthenticatedData | ct-DigestedData, ... }

   SignedData ::= SEQUENCE {
       version CMSVersion,
       digestAlgorithms SET OF DigestAlgorithmIdentifier,
       encapContentInfo EncapsulatedContentInfo,
       certificates [0] IMPLICIT CertificateSet OPTIONAL,
       crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
       signerInfos SignerInfos }

   SignerInfos ::= SET OF SignerInfo

   EncapsulatedContentInfo ::= SEQUENCE {
       eContentType       CONTENT-TYPE.&id({ContentSet}),
       eContent           [0] EXPLICIT OCTET STRING
               ( CONTAINING CONTENT-TYPE.
                   &Type({ContentSet}{@eContentType})) OPTIONAL }

   SignerInfo ::= SEQUENCE {
       version CMSVersion,
       sid SignerIdentifier,
       digestAlgorithm DigestAlgorithmIdentifier,
       signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
       signatureAlgorithm SignatureAlgorithmIdentifier,
       signature SignatureValue,
       unsignedAttrs [1] IMPLICIT Attributes
           {{UnsignedAttributes}} OPTIONAL }

   SignedAttributes ::= Attributes {{ SignedAttributesSet }}

   SignerIdentifier ::= CHOICE {
       issuerAndSerialNumber IssuerAndSerialNumber,
       ...,
       [[3: subjectKeyIdentifier [0] SubjectKeyIdentifier ]] }

   -- M00QUEST - should we add in the ESS & S/MIME attributes or
   --    leave them out

   SignedAttributesSet CMS-ATTRIBUTE ATTRIBUTE ::=
       { attr-signingTime aa-signingTime | attr-messageDigest aa-messageDigest | attr-contentType, aa-contentType, ... }
   UnsignedAttributes CMS-ATTRIBUTE ATTRIBUTE ::= { attr-countersignature, aa-countersignature, ... }

   SignatureValue ::= OCTET STRING

   EnvelopedData ::= SEQUENCE {
       version CMSVersion,
       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
       recipientInfos RecipientInfos,
       encryptedContentInfo EncryptedContentInfo,
       ...,
       [[2: unprotectedAttrs [1] IMPLICIT Attributes
           {{ UnprotectedAttributes }} OPTIONAL ]] }

   OriginatorInfo ::= SEQUENCE {
       certs [0] IMPLICIT CertificateSet OPTIONAL,
       crls [1] IMPLICIT RevocationInfoChoices OPTIONAL }

   RecipientInfos ::= SET SIZE (1..MAX) OF RecipientInfo

   EncryptedContentInfo ::= SEQUENCE {
       contentType        CONTENT-TYPE.&id({ContentSet}),
       contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
       encryptedContent   [0] IMPLICIT OCTET STRING OPTIONAL }

   -- If you want to do constraints, you might use:
   -- EncryptedContentInfo ::= SEQUENCE {
   --  contentType        CONTENT-TYPE.&id({ContentSet}),
   --  contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
   --  encryptedContent   [0] IMPLICIT ENCRYPTED {CONTENT-TYPE.
   --      &Type({ContentSet}{@contentType}) OPTIONAL }
   -- ENCRYPTED {ToBeEncrypted} ::= OCTET STRING ( CONSTRAINED BY
   --        { ToBeEncrypted } )

   UnprotectedAttributes CMS-ATTRIBUTE ATTRIBUTE ::=  { ... }

   RecipientInfo ::= CHOICE {
       ktri       KeyTransRecipientInfo,
       ...,
       [[3: kari [1] KeyAgreeRecipientInfo ]],
       [[4: kekri [2] KEKRecipientInfo]],
       [[5: pwri [3] PasswordRecipientInfo,
            ori  [4] OtherRecipientInfo ]] }

   EncryptedKey ::= OCTET STRING

   KeyTransRecipientInfo ::= SEQUENCE {
       version CMSVersion,  -- always set to 0 or 2
       rid RecipientIdentifier,
       keyEncryptionAlgorithm AlgorithmIdentifier
           {KEY-TRANSPORT, {KeyTransportAlgorithmSet}},
       encryptedKey EncryptedKey }

   KeyTransportAlgorithmSet KEY-TRANSPORT ::= { Kta-CMSAlgorithms, KeyTransportAlgs, ... }

   RecipientIdentifier ::= CHOICE {
       issuerAndSerialNumber IssuerAndSerialNumber,
       ...,
       [[2: subjectKeyIdentifier [0] SubjectKeyIdentifier ]] }

   KeyAgreeRecipientInfo ::= SEQUENCE {
       version CMSVersion,  -- always set to 3
       originator [0] EXPLICIT OriginatorIdentifierOrKey,
       ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
       keyEncryptionAlgorithm AlgorithmIdentifier
           {KEY-AGREE, {KeyAgreementAlgorithmSet}},
       recipientEncryptedKeys RecipientEncryptedKeys }

   KeyAgreementAlgorithmSet KEY-AGREE ::= { Kaa-CMSAlgorithms, KeyAgreementAlgs, ... }

   OriginatorIdentifierOrKey ::= CHOICE {
       issuerAndSerialNumber IssuerAndSerialNumber,
       subjectKeyIdentifier [0] SubjectKeyIdentifier,
       originatorKey [1] OriginatorPublicKey }

   OriginatorPublicKey ::= SEQUENCE {
       algorithm AlgorithmIdentifier {PUBLIC-KEY, {...}}, {OriginatorKeySet}},
       publicKey BIT STRING }

   OriginatorKeySet PUBLIC-KEY ::= {
       KeyAgreePublicKeys, ...
   }

   RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey

   RecipientEncryptedKey ::= SEQUENCE {
       rid KeyAgreeRecipientIdentifier,
       encryptedKey EncryptedKey }

   KeyAgreeRecipientIdentifier ::= CHOICE {
       issuerAndSerialNumber IssuerAndSerialNumber,
       rKeyId [0] IMPLICIT RecipientKeyIdentifier }

   RecipientKeyIdentifier ::= SEQUENCE {
       subjectKeyIdentifier SubjectKeyIdentifier,
       date GeneralizedTime OPTIONAL,
       other OtherKeyAttribute OPTIONAL }
   SubjectKeyIdentifier ::= OCTET STRING

   KEKRecipientInfo ::= SEQUENCE {
       version CMSVersion,  -- always set to 4
       kekid KEKIdentifier,
       keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
       encryptedKey EncryptedKey }

   KEKIdentifier ::= SEQUENCE {
       keyIdentifier OCTET STRING,
       date GeneralizedTime OPTIONAL,
       other OtherKeyAttribute OPTIONAL }

   PasswordRecipientInfo ::= SEQUENCE {
       version CMSVersion,   -- always set to 0
       keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier
                               OPTIONAL,
       keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
       encryptedKey EncryptedKey }

   OTHER-RECIPIENT ::= TYPE-IDENTIFIER

   OtherRecipientInfo ::= SEQUENCE {
       oriType    OTHER-RECIPIENT.
               &id({SupportedOtherRecipInfo}),
       oriValue   OTHER-RECIPIENT.
               &Type({SupportedOtherRecipInfo}{@oriType})}

   SupportedOtherRecipInfo OTHER-RECIPIENT ::= { ... }

   DigestedData ::= SEQUENCE {
       version CMSVersion,
       digestAlgorithm DigestAlgorithmIdentifier,
       encapContentInfo EncapsulatedContentInfo,
       digest Digest Digest, ... }

   Digest ::= OCTET STRING

   EncryptedData ::= SEQUENCE {
       version CMSVersion,
       encryptedContentInfo EncryptedContentInfo,
       ...,
       [[2: unprotectedAttrs [1] IMPLICIT Attributes
           {{UnprotectedAttributes}} OPTIONAL ]] }

   AuthenticatedData ::= SEQUENCE {
       version CMSVersion,
       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
       recipientInfos RecipientInfos,
       macAlgorithm MessageAuthenticationCodeAlgorithm,
       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
       encapContentInfo EncapsulatedContentInfo,
       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
       mac MessageAuthenticationCode,
       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }

   AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
       {{SupportedAttributes}}
       {{AuthAttributeSet}}

   UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
       {{SupportedAttributes}}
       {{UnauthAttributeSet}}

   AuthAttributeSet ATTRIBUTE ::= { aa-contentType | aa-messageDigest
                                        | aa-signingTime, ...}

   UnauthAttributeSet ATTRIBUTE ::= {...}

   MessageAuthenticationCode ::= OCTET STRING

   DigestAlgorithmIdentifier ::= AlgorithmIdentifier
       {DIGEST-ALGORITHM, {DigestAlgorithmSet}}

   DigestAlgorithmSet DIGEST-ALGORITHM ::= { Mda-CMSAlgorithms,
       CryptographicMessageSyntaxAlgorithms.MessageDigestAlgs, ... }

   SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
       {SIGNATURE-ALGORITHM, {SignatureAlgorithmSet}}

   SignatureAlgorithmSet SIGNATURE-ALGORITHM ::=
       { Sa-CMSAlgorithms, SignatureAlgs, ... }

   KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
       {KEY-WRAP, {KeyEncryptionAlgorithmSet}}

   KeyEncryptionAlgorithmSet KEY-WRAP ::= { Kwa-CMSAlgorithms, KeyWrapAlgs, ... }

   ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
       {CONTENT-ENCRYPTION, {ContentEncryptionAlgorithmSet}}

   ContentEncryptionAlgorithmSet CONTENT-ENCRYPTION ::=
       { Cea-CMSAlgorithms, ContentEncryptionAlgs, ... }

   MessageAuthenticationCodeAlgorithm ::= AlgorithmIdentifier
       {MAC-ALGORITHM, {MessageAuthenticationCodeAlgorithmSet}}

   MessageAuthenticationCodeAlgorithmSet MAC-ALGORITHM ::=
       { Mac-CMSAlgorithms, MessageAuthAlgs, ... }

   KeyDerivationAlgorithmIdentifier ::= AlgorithmIdentifier
       {KEY-DERIVATION, {...}} {KeyDerivationAlgs, ...}}

   RevocationInfoChoices ::= SET OF RevocationInfoChoice

   RevocationInfoChoice ::= CHOICE {
       crl CertificateList,
       ...,
       [[5: other [1] IMPLICIT OtherRevocationInfoFormat ]] }

   OTHER-REVOK-INFO ::= TYPE-IDENTIFIER

   OtherRevocationInfoFormat ::= SEQUENCE {
       otherRevInfoFormat    OTHER-REVOK-INFO.
               &id({SupportedOtherRevokInfo}),
       otherRevInfo          OTHER-REVOK-INFO.
               &Type({SupportedOtherRevokInfo}{@otherRevInfoFormat})}

   SupportedOtherRevokInfo OTHER-REVOK-INFO ::= { ... }

   CertificateChoices ::= CHOICE {
       certificate Certificate,
       extendedCertificate [0] IMPLICIT ExtendedCertificate,
            -- Obsolete
       ...,
       [[3: v1AttrCert [1] IMPLICIT AttributeCertificateV1]],
            -- Obsolete
       [[4: v2AttrCert [2] IMPLICIT AttributeCertificateV2]],
       [[5: other      [3] IMPLICIT OtherCertificateFormat]] }

   AttributeCertificateV2 ::= AttributeCertificate

   OTHER-CERT-FMT ::= TYPE-IDENTIFIER

   OtherCertificateFormat ::= SEQUENCE {
       otherCertFormat OTHER-CERT-FMT.
               &id({SupportedCertFormats}),
       otherCert       OTHER-CERT-FMT.
               &Type({SupportedCertFormats}{@otherCertFormat})}

   SupportedCertFormats OTHER-CERT-FMT ::= { ... }

   CertificateSet ::= SET OF CertificateChoices

   IssuerAndSerialNumber ::= SEQUENCE {
       issuer Name,
       serialNumber CertificateSerialNumber }

   CMSVersion ::= INTEGER  { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) }

   UserKeyingMaterial ::= OCTET STRING

   KEY-ATTRIBUTE ::= TYPE-IDENTIFIER

   OtherKeyAttribute ::= SEQUENCE {
       keyAttrId  KEY-ATTRIBUTE.
               &id({SupportedKeyAttributes}),
       keyAttr    KEY-ATTRIBUTE.
               &Type({SupportedKeyAttributes}{@keyAttrId})}

   SupportedKeyAttributes KEY-ATTRIBUTE ::= { ... }

   -- Content Type Object Identifiers

   id-ct-contentInfo OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) ct(1) 6 }

   ct-Data CONTENT-TYPE ::= {OCTET STRING IDENTIFIED BY id-data}

   id-data OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs7(7) 1 }

   ct-SignedData CONTENT-TYPE ::=
       { SignedData IDENTIFIED BY id-signedData}

   id-signedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs7(7) 2 }

   ct-EnvelopedData CONTENT-TYPE ::=
       { EnvelopedData IDENTIFIED BY id-envelopedData}

   id-envelopedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs7(7) 3 }

   ct-DigestedData CONTENT-TYPE ::=
       { DigestedData IDENTIFIED BY id-digestedData}

   id-digestedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs7(7) 5 }

   ct-EncryptedData CONTENT-TYPE ::=
       { EncryptedData IDENTIFIED BY id-encryptedData}

   id-encryptedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs7(7) 6 }

   ct-AuthenticatedData CONTENT-TYPE ::=
       { AuthenticatedData IDENTIFIED BY id-ct-authData}

   id-ct-authData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 2 }

   -- The CMS Attributes

   MessageDigest ::= OCTET STRING

   SigningTime  ::= Time

   Time ::= CHOICE {
       utcTime UTCTime,
       generalTime GeneralizedTime }

   Countersignature ::= SignerInfo

   -- Attribute Object Identifiers

   attr-contentType CMS-ATTRIBUTE

   aa-contentType ATTRIBUTE ::=
       { TYPE ContentType IDENTIFIED BY id-contentType }

   id-contentType OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs9(9) 3 }

   attr-messageDigest CMS-ATTRIBUTE

   aa-messageDigest ATTRIBUTE ::=
       { TYPE MessageDigest IDENTIFIED BY id-messageDigest}

   id-messageDigest OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs9(9) 4 }

   attr-signingTime CMS-ATTRIBUTE

   aa-signingTime ATTRIBUTE ::=
       { TYPE SigningTime IDENTIFIED BY id-signingTime }

   id-signingTime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs9(9) 5 }

   attr-countersignature CMS-ATTRIBUTE

   aa-countersignature ATTRIBUTE ::=
       { TYPE Countersignature IDENTIFIED BY id-countersignature }

   id-countersignature OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs9(9) 6 }

   -- Obsolete Extended Certificate syntax from PKCS#6
   ExtendedCertificateOrCertificate ::= CHOICE {
       certificate Certificate,
       extendedCertificate [0] IMPLICIT ExtendedCertificate }

   ExtendedCertificate ::= SEQUENCE {
       extendedCertificateInfo ExtendedCertificateInfo,
       signatureAlgorithm SignatureAlgorithmIdentifier,
       signature Signature }

   ExtendedCertificateInfo ::= SEQUENCE {
       version CMSVersion,
       certificate Certificate,
       attributes UnauthAttributes }

   Signature ::= BIT STRING

   --  Class definitions used in the module

   CMS-ATTRIBUTE ::= ATTRIBUTE

   Attribute{ CMS-ATTRIBUTE:AttrList ATTRIBUTE:AttrList } ::= SEQUENCE {
       attrType           CMS-ATTRIBUTE.           ATTRIBUTE.
               &id({AttrList}),
       attrValues         SET OF CMS-ATTRIBUTE. ATTRIBUTE.
               &Type({AttrList}{@attrType})  }

   SupportedAttributes CMS-ATTRIBUTE ::= { ... }

   Attributes { CMS-ATTRIBUTE:AttrList ATTRIBUTE:AttrList } ::=
       SET SIZE (1..MAX) OF Attribute {{ AttrList }}

   END

7.  ASN.1 Module for RFC 4108

  CMSFirmwareWrapper
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-firmware-wrap(22) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  IMPORTS

  OTHER-NAME
  FROM PKIX1Implicit88
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit(19) }

  EnvelopedData, CONTENT-TYPE, CMS-ATTRIBUTE ATTRIBUTE
  FROM CryptographicMessageSyntax
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-2004(24) };
  FirmwareContentTypes CONTENT-TYPE ::= {
          ct-firmwarePackage | ct-firmwareLoadReceipt |
          ct-firmwareLoadError
          ct-firmwareLoadError,... }

  FirmwareSignedAttrs CMS-ATTRIBUTE ATTRIBUTE ::= {
          aa-firmwarePackageID | aa-targetHardwareIDs |
          aa-decryptKeyID | aa-implCryptoAlgs | aa-implCompressAlgs |
          aa-communityIdentifiers | aa-firmwarePackageInfo aa-firmwarePackageInfo,... }

  FirmwareUnsignedAttrs CMS-ATTRIBUTE ATTRIBUTE ::= {
          aa-wrappedFirmwareKey
          aa-wrappedFirmwareKey, ... }

  FirmwareOtherNames OTHER-NAME ::= {
          on-hardwareModuleName
          on-hardwareModuleName, ... }

  -- Firmware Package Content Type and Object Identifier

  ct-firmwarePackage CONTENT-TYPE ::=
          { FirmwarePkgData IDENTIFIED BY id-ct-firmwarePackage }

  id-ct-firmwarePackage OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) ct(1) 16 }

  FirmwarePkgData ::= OCTET STRING

  -- Firmware Package Signed Attributes and Object Identifiers

  aa-firmwarePackageID CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE FirmwarePackageIdentifier IDENTIFIED BY
          id-aa-firmwarePackageID }

  id-aa-firmwarePackageID OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 35 }

  FirmwarePackageIdentifier ::= SEQUENCE {
      name PreferredOrLegacyPackageIdentifier,
      stale PreferredOrLegacyStalePackageIdentifier OPTIONAL }

  PreferredOrLegacyPackageIdentifier ::= CHOICE {
      preferred PreferredPackageIdentifier,
      legacy OCTET STRING }

  PreferredPackageIdentifier ::= SEQUENCE {
      fwPkgID OBJECT IDENTIFIER,
      verNum INTEGER (0..MAX) }
  PreferredOrLegacyStalePackageIdentifier ::= CHOICE {
      preferredStaleVerNum INTEGER (0..MAX),
      legacyStaleVersion OCTET STRING }

  aa-targetHardwareIDs CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE TargetHardwareIdentifiers IDENTIFIED BY
          id-aa-targetHardwareIDs }

  id-aa-targetHardwareIDs OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 36 }

  TargetHardwareIdentifiers ::= SEQUENCE OF OBJECT IDENTIFIER

  aa-decryptKeyID CMS-ATTRIBUTE ATTRIBUTE ::=
          { TYPE DecryptKeyIdentifier IDENTIFIED BY id-aa-decryptKeyID}

  id-aa-decryptKeyID OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 37 }

  DecryptKeyIdentifier ::= OCTET STRING

  aa-implCryptoAlgs CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ImplementedCryptoAlgorithms IDENTIFIED BY
          id-aa-implCryptoAlgs }

  id-aa-implCryptoAlgs OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 38 }

  ImplementedCryptoAlgorithms ::= SEQUENCE OF OBJECT IDENTIFIER

  aa-implCompressAlgs CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ImplementedCompressAlgorithms IDENTIFIED BY
          id-aa-implCompressAlgs }

  id-aa-implCompressAlgs OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 43 }

  ImplementedCompressAlgorithms ::= SEQUENCE OF OBJECT IDENTIFIER

  aa-communityIdentifiers CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE CommunityIdentifiers IDENTIFIED BY
          id-aa-communityIdentifiers }

  id-aa-communityIdentifiers OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 40 }

  CommunityIdentifiers ::= SEQUENCE OF CommunityIdentifier

  CommunityIdentifier ::= CHOICE {
      communityOID OBJECT IDENTIFIER,
      hwModuleList HardwareModules }

  HardwareModules ::= SEQUENCE {
      hwType OBJECT IDENTIFIER,
      hwSerialEntries SEQUENCE OF HardwareSerialEntry }

  HardwareSerialEntry ::= CHOICE {
      all NULL,
      single OCTET STRING,
      block SEQUENCE {
      low OCTET STRING,
      high OCTET STRING } }

  aa-firmwarePackageInfo CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE FirmwarePackageInfo IDENTIFIED BY
          id-aa-firmwarePackageInfo }

  id-aa-firmwarePackageInfo OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 42 }

  FirmwarePackageInfo ::= SEQUENCE {
      fwPkgType INTEGER OPTIONAL,
      dependencies SEQUENCE OF
      PreferredOrLegacyPackageIdentifier OPTIONAL }

  -- Firmware Package Unsigned Attributes and Object Identifiers

  aa-wrappedFirmwareKey CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE WrappedFirmwareKey IDENTIFIED BY
          id-aa-wrappedFirmwareKey }

  id-aa-wrappedFirmwareKey OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) aa(2) 39 }

  WrappedFirmwareKey ::= EnvelopedData

  -- Firmware Package Load Receipt Content Type and Object Identifier
  ct-firmwareLoadReceipt CONTENT-TYPE ::=
      { FirmwarePackageLoadReceipt IDENTIFIED BY
          id-ct-firmwareLoadReceipt }

  id-ct-firmwareLoadReceipt OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) ct(1) 17 }

  FirmwarePackageLoadReceipt ::= SEQUENCE {
      version FWReceiptVersion DEFAULT v1,
      hwType OBJECT IDENTIFIER,
      hwSerialNum OCTET STRING,
      fwPkgName PreferredOrLegacyPackageIdentifier,
      trustAnchorKeyID OCTET STRING OPTIONAL,
      decryptKeyID [1] OCTET STRING OPTIONAL }

  FWReceiptVersion ::= INTEGER { v1(1) }

  -- Firmware Package Load Error Report Content Type
  -- and Object Identifier

  ct-firmwareLoadError CONTENT-TYPE ::=
      { FirmwarePackageLoadError
          IDENTIFIED BY id-ct-firmwareLoadError }

  id-ct-firmwareLoadError OBJECT IDENTIFIER ::= {
      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) ct(1) 18 }

  FirmwarePackageLoadError ::= SEQUENCE {
      version FWErrorVersion DEFAULT v1,
      hwType OBJECT IDENTIFIER,
      hwSerialNum OCTET STRING,
      errorCode FirmwarePackageLoadErrorCode,
      vendorErrorCode VendorLoadErrorCode OPTIONAL,
      fwPkgName PreferredOrLegacyPackageIdentifier OPTIONAL,
      config [1] SEQUENCE OF CurrentFWConfig OPTIONAL }

  FWErrorVersion ::= INTEGER { v1(1) }

  CurrentFWConfig ::= SEQUENCE {
      fwPkgType INTEGER OPTIONAL,
      fwPkgName PreferredOrLegacyPackageIdentifier }

  FirmwarePackageLoadErrorCode ::= ENUMERATED {
      decodeFailure                (1),
      badContentInfo               (2),
      badSignedData                (3),
      badEncapContent              (4),
      badCertificate               (5),
      badSignerInfo                (6),
      badSignedAttrs               (7),
      badUnsignedAttrs             (8),
      missingContent               (9),
      noTrustAnchor               (10),
      notAuthorized               (11),
      badDigestAlgorithm          (12),
      badSignatureAlgorithm       (13),
      unsupportedKeySize          (14),
      signatureFailure            (15),
      contentTypeMismatch         (16),
      badEncryptedData            (17),
      unprotectedAttrsPresent     (18),
      badEncryptContent           (19),
      badEncryptAlgorithm         (20),
      missingCiphertext           (21),
      noDecryptKey                (22),
      decryptFailure              (23),
      badCompressAlgorithm        (24),
      missingCompressedContent    (25),
      decompressFailure           (26),
      wrongHardware               (27),
      stalePackage                (28),
      notInCommunity              (29),
      unsupportedPackageType      (30),
      missingDependency           (31),
      wrongDependencyVersion      (32),
      insufficientMemory          (33),
      badFirmware                 (34),
      unsupportedParameters       (35),
      breaksDependency            (36),
      otherError                  (99) }

  VendorLoadErrorCode ::= INTEGER

  -- Other Name syntax for Hardware Module Name

  on-hardwareModuleName OTHER-NAME ::=
          { HardwareModuleName IDENTIFIED BY id-on-hardwareModuleName }

  id-on-hardwareModuleName OBJECT IDENTIFIER ::= {
      iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) on(8) 4 }

  HardwareModuleName ::= SEQUENCE {
      hwType OBJECT IDENTIFIER,
      hwSerialNum OCTET STRING }

  END

8.  ASN.1 Module for RFC 4998

   ERS {iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) ltans(11) id-mod(0) id-mod-ers(1)
       id-mod-ers-v1(1) }
   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS

   Attribute{}, AlgorithmIdentifier{}, ATTRIBUTE, ALGORITHM

   AttributeSet{}, ATTRIBUTE
   FROM PKIX-CommonTypes
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon(43) }

   ContentInfo, CMS-ATTRIBUTE

   AlgorithmIdentifier{}, ALGORITHM, DIGEST-ALGORITHM
   FROM AlgorithmInformation
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

   ContentInfo
   FROM CryptographicMessageSyntax2004
       { iso(1) member-body(2) us(840) rsadsi(113549)
       pkcs(1) pkcs-9(9) smime(16) modules(0) cms-2004(24) } ;

   ltans OBJECT IDENTIFIER ::=
       {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) ltans(11) }

   EvidenceRecord ::= SEQUENCE {
       version                   INTEGER { v1(1) } ,
       digestAlgorithms          SEQUENCE OF AlgorithmIdentifier{{...}}, AlgorithmIdentifier
                                     {DIGEST-ALGORITHM, {...}},
       cryptoInfos               [0] CryptoInfos OPTIONAL,
       encryptionInfo            [1] EncryptionInfo OPTIONAL,
       archiveTimeStampSequence  ArchiveTimeStampSequence
   }

   CryptoInfos ::= SEQUENCE SIZE (1..MAX) OF Attribute{{...}} AttributeSet{{...}}

   ArchiveTimeStamp ::= SEQUENCE {
      digestAlgorithm [0] AlgorithmIdentifier{{...}} AlgorithmIdentifier{DIGEST-ALGORITHM, {...}}
                              OPTIONAL,
      attributes      [1] Attributes OPTIONAL,
      reducedHashtree [2] SEQUENCE OF PartialHashtree OPTIONAL,
      timeStamp       ContentInfo
   }

   PartialHashtree ::= SEQUENCE OF OCTET STRING

   Attributes ::= SET SIZE (1..MAX) OF Attribute{{...}} AttributeSet{{...}}

   ArchiveTimeStampChain    ::= SEQUENCE OF ArchiveTimeStamp

   ArchiveTimeStampSequence ::= SEQUENCE OF ArchiveTimeStampChain

   EncryptionInfo       ::=     SEQUENCE {
       encryptionInfoType   ENCINFO-TYPE.
                                &id({SupportedEncryptionAlgorithms}),
       encryptionInfoValue  ENCINFO-TYPE.
                                &Type({SupportedEncryptionAlgorithms}
                                    {@encryptionInfoType})
   }

   ENCINFO-TYPE ::= TYPE-IDENTIFIER

   SupportedEncryptionAlgorithms ENCINFO-TYPE ::= {...}

   er-Internal CMS-ATTRIBUTE

   aa-er-Internal ATTRIBUTE ::=
       { TYPE EvidenceRecord IDENTIFIED BY id-aa-er-internal }

   id-aa-er-internal OBJECT IDENTIFIER ::=
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
       smime(16) id-aa(2) 49 }

   er-External CMS-ATTRIBUTE

   aa-er-External ATTRIBUTE ::=
       { TYPE EvidenceRecord IDENTIFIED BY id-aa-er-external }

   id-aa-er-external OBJECT IDENTIFIER ::=
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
       smime(16) id-aa(2) 50 }

   END

9.  ASN.1 Module for RFC 5035

  ExtendedSecurityServices-2006
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) id-mod-ess-2006(30) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  IMPORTS

  Attribute{}, AlgorithmIdentifier{},

  AttributeSet{}, ATTRIBUTE, ALGORITHM SECURITY-CATEGORY, SecurityCategory{}
  FROM PKIX-CommonTypes
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon(43) }

  AlgorithmIdentifier{}, ALGORITHM, DIGEST-ALGORITHM
  FROM AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)}

  ContentType, IssuerAndSerialNumber, SubjectKeyIdentifier,
      CMS-ATTRIBUTE,
      CONTENT-TYPE
  FROM CryptographicMessageSyntax2004
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-2004(24) }

  CertificateSerialNumber
  FROM PKIX1Explicit88
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18) }

  PolicyInformation, GeneralNames
  FROM PKIX1Implicit88
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit(19)}; id-pkix1-implicit(19)}

  mda-sha256
  FROM PKIX1-PSS-OAEP-Algorithms
       { iso(1) identified-organization(3) dod(6)
         internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
         id-mod-pkix1-rsa-pkalgs(33) }
  ;

  EssSignedAttributes CMS-ATTRIBUTE ATTRIBUTE ::= {
      aa-receiptRequest | aa-contentIdentifier | aa-contentHint |
      aa-msgSigDigest | aa-contentReference | aa-securityLabel |
      aa-equivalentLabels | aa-mlExpandHistory | aa-signingCertificate |
      aa-signingCertificateV2
      aa-signingCertificateV2, ... }

  EssContentTypes CONTENT-TYPE ::= { ct-receipt ct-receipt, ... }
  -- Extended Security Services
  -- The construct "SEQUENCE SIZE (1..MAX) OF" appears in several ASN.1
  -- constructs in this module.  A valid ASN.1 SEQUENCE can have zero or
  -- more entries.  The SIZE (1..MAX) construct constrains the SEQUENCE
  -- tp have at least one entry.  MAX indicates the upper bound is
  -- unspecified.  Implementations are free to choose an upper bound
  -- that suits their environment.

  -- Section 2.7

  aa-receiptRequest CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ReceiptRequest IDENTIFIED BY id-aa-receiptRequest}

  ReceiptRequest ::= SEQUENCE {
      signedContentIdentifier ContentIdentifier,
      receiptsFrom ReceiptsFrom,
      receiptsTo SEQUENCE SIZE (1..ub-receiptsTo) OF GeneralNames
  }

  ub-receiptsTo INTEGER ::= 16

  id-aa-receiptRequest OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 1}

  aa-contentIdentifier CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ContentIdentifier IDENTIFIED BY id-aa-contentIdentifier}

  ContentIdentifier ::= OCTET STRING

  id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 7}

  ct-receipt CONTENT-TYPE ::=
      { Receipt IDENTIFIED BY id-ct-receipt }

  ReceiptsFrom ::= CHOICE {
      allOrFirstTier [0] AllOrFirstTier,
          -- formerly "allOrNone [0]AllOrNone"
      receiptList [1] SEQUENCE OF GeneralNames }

  AllOrFirstTier ::= INTEGER { -- Formerly AllOrNone
      allReceipts (0),
      firstTierRecipients (1) }

  -- Section 2.8
  Receipt ::= SEQUENCE {
      version ESSVersion,
      contentType ContentType,
      signedContentIdentifier ContentIdentifier,
      originatorSignatureValue OCTET STRING }

  id-ct-receipt OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-ct(1) 1}

  ESSVersion ::= INTEGER  { v1(1) }

  -- Section 2.9

  aa-contentHint CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ContentHints IDENTIFIED BY id-aa-contentHint }

  ContentHints ::= SEQUENCE {
      contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
      contentType ContentType }

  id-aa-contentHint OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 4}

  -- Section 2.10

  aa-msgSigDigest CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE MsgSigDigest IDENTIFIED BY id-aa-msgSigDigest }

  MsgSigDigest ::= OCTET STRING

  id-aa-msgSigDigest OBJECT IDENTIFIER ::= { iso(1) member-body(2)
      us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 5}

  -- Section 2.11

  aa-contentReference CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ContentReference IDENTIFIED BY id-aa-contentReference }

  ContentReference ::= SEQUENCE {
      contentType ContentType,
      signedContentIdentifier ContentIdentifier,
      originatorSignatureValue OCTET STRING }

  id-aa-contentReference OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 10 }
  -- Section 3.2

  aa-securityLabel CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE ESSSecurityLabel IDENTIFIED BY id-aa-securityLabel }

  ESSSecurityLabel ::= SET {
      security-policy-identifier SecurityPolicyIdentifier,
      security-classification SecurityClassification OPTIONAL,
      privacy-mark ESSPrivacyMark OPTIONAL,
      security-categories SecurityCategories OPTIONAL }

  id-aa-securityLabel OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 2}
  SecurityPolicyIdentifier ::= OBJECT IDENTIFIER

  SecurityClassification ::= INTEGER {
      unmarked (0),
      unclassified (1),
      restricted (2),
      confidential (3),
      secret (4),
      top-secret (5)
  } (0..ub-integer-options)

  ub-integer-options INTEGER ::= 256

  ESSPrivacyMark ::= CHOICE {
      pString      PrintableString (SIZE (1..ub-privacy-mark-length)),
      utf8String   UTF8String (SIZE (1..MAX))
  }

  ub-privacy-mark-length INTEGER ::= 128

  SecurityCategories ::=
      SET SIZE (1..ub-security-categories) OF SecurityCategory

  ub-security-categories INTEGER ::= 64

  SECURITY-CATEGORY ::= TYPE-IDENTIFIER

  SecurityCategory
          {{SupportedSecurityCategories}}

  ub-security-categories INTEGER ::= SEQUENCE {
      type  [0] SECURITY-CATEGORY.
              &id({SupportedSecurityCategories}),
      value [1] SECURITY-CATEGORY.
              &Type({SupportedSecurityCategories}{@type})
  } 64

  SupportedSecurityCategories SECURITY-CATEGORY ::= { ... }

  --Note: The aforementioned SecurityCategory syntax produces identical
  --hex encodings as the following SecurityCategory syntax that is
  --documented in the X.411 specification:
  --
  --SecurityCategory ::= SEQUENCE {
  --     type  [0]  SECURITY-CATEGORY,
  --     value [1]  ANY DEFINED BY type }
  --
  --SECURITY-CATEGORY MACRO ::=
  --BEGIN
  --TYPE NOTATION ::= type | empty
  --VALUE NOTATION ::= value (VALUE OBJECT IDENTIFIER)
  --END

  -- Section 3.4

  aa-equivalentLabels CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE EquivalentLabels IDENTIFIED BY id-aa-equivalentLabels }

  EquivalentLabels ::= SEQUENCE OF ESSSecurityLabel
  id-aa-equivalentLabels OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 9}

  -- Section 4.4

  aa-mlExpandHistory CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE MLExpansionHistory IDENTIFIED BY id-aa-mlExpandHistory }

  MLExpansionHistory ::= SEQUENCE
      SIZE (1..ub-ml-expansion-history) OF MLData

  id-aa-mlExpandHistory OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) id-aa(2) 3 }

  ub-ml-expansion-history INTEGER ::= 64

  MLData ::= SEQUENCE {
      mailListIdentifier EntityIdentifier,
      expansionTime GeneralizedTime,
      mlReceiptPolicy MLReceiptPolicy OPTIONAL }

  EntityIdentifier ::= CHOICE {
      issuerAndSerialNumber IssuerAndSerialNumber,
      subjectKeyIdentifier SubjectKeyIdentifier }

  MLReceiptPolicy ::= CHOICE {
      none         [0] NULL,
      insteadOf    [1] SEQUENCE SIZE (1..MAX) OF GeneralNames,
      inAdditionTo [2] SEQUENCE SIZE (1..MAX) OF GeneralNames }

  -- Section 5.4

  aa-signingCertificate CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE SigningCertificate IDENTIFIED BY
          id-aa-signingCertificate }

  SigningCertificate ::=  SEQUENCE {
      certs        SEQUENCE OF ESSCertID,
      policies     SEQUENCE OF PolicyInformation OPTIONAL
  }

  id-aa-signingCertificate OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) id-aa(2) 12 }

  aa-signingCertificateV2 CMS-ATTRIBUTE ATTRIBUTE ::=
      { TYPE SigningCertificateV2 IDENTIFIED BY
          id-aa-signingCertificateV2 }

  SigningCertificateV2 ::=  SEQUENCE {
      certs        SEQUENCE OF ESSCertIDv2,
      policies     SEQUENCE OF PolicyInformation OPTIONAL
  }

  id-aa-signingCertificateV2 OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      smime(16) id-aa(2) 47 }

  id-sha256  OBJECT IDENTIFIER  ::=
      { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
      csor(3) nistalgorithm(4) hashalgs(2) 1 }

  HashAlgorithm ::= AlgorithmIdentifier{{...}} AlgorithmIdentifier{DIGEST-ALGORITHM,
                        {mda-sha256, ...}}

  ESSCertIDv2 ::= SEQUENCE {
      hashAlgorithm    HashAlgorithm
                          DEFAULT { algorithm id-sha256 mda-sha256.&id },
      certHash        Hash,
      issuerSerial    IssuerSerial OPTIONAL
  }

  ESSCertID ::=  SEQUENCE {
      certHash        Hash,
      issuerSerial    IssuerSerial OPTIONAL
  }

  Hash ::= OCTET STRING

  IssuerSerial ::= SEQUENCE {
      issuer          GeneralNames,
      serialNumber    CertificateSerialNumber
  }

  END

10.  ASN.1 Module for RFC 5083

   CMS-AuthEnvelopedData-2007
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
       pkcs-9(9) smime(16) modules(0) cms-authEnvelopedData(31) }
   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS

   AuthAttributes, CMSVersion, EncryptedContentInfo,
       MessageAuthenticationCode, OriginatorInfo, RecipientInfos,
       UnauthAttributes
       UnauthAttributes, CONTENT-TYPE
   FROM CryptographicMessageSyntax2004
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) modules(0) cms-2004(24) } ;

   --

   ContentTypes CONTENT-TYPE ::= {ct-authEnvelopedData, ... }

   --

   ct-authEnvelopedData CONTENT-TYPE ::= {
      AuthEnvelopedData IDENTIFIED BY id-ct-authEnvelopedData
   }

   id-ct-authEnvelopedData OBJECT IDENTIFIER ::=
       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) ct(1) 23 }

   AuthEnvelopedData ::= SEQUENCE {
       version CMSVersion,
       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
       recipientInfos RecipientInfos,
       authEncryptedContentInfo EncryptedContentInfo,
       authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
       mac MessageAuthenticationCode,
       unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }

   END

11.  ASN.1 Module for RFC 5084

  CMS-AES-CCM-and-AES-GCM
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
      pkcs-9(9) smime(16) modules(0) cms-aes-ccm-and-gcm(32) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  EXPORTS ALL;

  IMPORTS

  CONTENT-ENCRYPTION, SMIME-CAPS
  FROM AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-algorithInformation(99)};

  --  Add this algorithm set to include all of the algorithms defined in
  --      this document

  ContentEncryptionAlgs CONTENT-ENCRYPTION ::= {
     cea-aes128-CCM | cea-aes192-CCM | cea-aes256-CCM |
     cea-aes128-GCM | cea-aes192-GCM | cea-aes256-GCM, ... }

  SMimeCaps SMIME-CAPS ::= {
     cea-aes128-CCM.&smimeCaps |
     cea-aes192-CCM.&smimeCaps |
     cea-aes256-CCM.&smimeCaps |
     cea-aes128-GCM.&smimeCaps |
     cea-aes192-GCM.&smimeCaps |
     cea-aes256-GCM.&smimeCaps,
     ...
  }

  -- Object Identifiers

  aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
      organization(1) gov(101) csor(3) nistAlgorithm(4) 1 }

  id-aes128-CCM OBJECT IDENTIFIER ::= { aes 7 }

  id-aes192-CCM OBJECT IDENTIFIER ::= { aes 27 }

  id-aes256-CCM OBJECT IDENTIFIER ::= { aes 47 }

  id-aes128-GCM OBJECT IDENTIFIER ::= { aes 6 }

  id-aes192-GCM OBJECT IDENTIFIER ::= { aes 26 }

  id-aes256-GCM OBJECT IDENTIFIER ::= { aes 46 }

  -- Parameters for AigorithmIdentifier
  CCMParameters ::= SEQUENCE {
      aes-nonce         OCTET STRING (SIZE(7..13)),
      aes-ICVlen        AES-CCM-ICVlen DEFAULT 12 }

  AES-CCM-ICVlen ::= INTEGER (4 | 6 | 8 | 10 | 12 | 14 | 16)

  GCMParameters ::= SEQUENCE {
      aes-nonce        OCTET STRING, -- recommended size is 12 octets
      aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }

  AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)

  --  Defining objects

  cea-aes128-CCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes128-CCM
          PARAMS TYPE CCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes128-CCM }
  }

  cea-aes192-CCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes192-CCM
          PARAMS TYPE CCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes192-CCM }
  }

  cea-aes256-CCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes256-CCM
          PARAMS TYPE CCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes256-CCM }
  }

  cea-aes128-GCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes128-GCM
          PARAMS TYPE GCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes128-GCM }
  }

  cea-aes192-GCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes128-GCM
          PARAMS TYPE GCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes192-GCM }
  }

  cea-aes256-GCM CONTENT-ENCRYPTION ::= {
          IDENTIFIER id-aes128-GCM
          PARAMS TYPE GCMParameters ARE required
          SMIME CAPS { IDENTIFIED BY id-aes256-GCM }
  }

  END

12.  ASN.1 Module for RFC 5275

  SMIMESymmetricKeyDistribution
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) symkeydist(12) }
  DEFINITIONS IMPLICIT TAGS ::=
  BEGIN

  EXPORTS ALL;

  IMPORTS

  Attribute{},

  AlgorithmIdentifier{}, Extensions{}, EXTENSION,
      ATTRIBUTE, ALGORITHM ALGORITHM, DIGEST-ALGORITHM, KEY-WRAP,
          SMIMECapability{}, SMIMECapabilities{}, SMIME-CAPS
  FROM PKIX-CommonTypes AlgorithmInformation
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon(43) } id-mod-algorithInformation(99)}

  GeneralName
  FROM PKIX1Implicit88
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit(19) }

  Certificate
  FROM PKIX1Explicit88
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18) }

  RecipientInfos, KEKIdentifier,CertificateSet
  FROM CryptographicMessageSyntax2004
      {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-2004(24) }

  id-alg-CMS3DESwrap

  cap-3DESwrap
  FROM CryptographicMessageSyntaxAlgorithms
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cmsalg-2001(16) }

  AttributeCertificate
  FROM PKIXAttributeCertificate
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-attribute-cert(12) }

  CMC-CONTROL
  CMC-CONTROL, EXTENDED-FAILURE-INFO
  FROM EnrollmentMessageSyntax
      { iso(1) identified-organization(3) dod(4) internet(1) security(5)
      mechansims(5) pkix(7) id-mod(0) id-mod-cmc2002(23) }; }

  cea-aes128-cbc, cea-aes192-cbc, cea-aes256-cbc
  FROM CMSAesRsaesOaep {iso(1) member-body(2) us(840) rsadsi(113549)
      pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-cms-aes(19) }
  ;

  -- This defines the GL symmetric key distribution object identifier
  -- arc.

  id-skd OBJECT IDENTIFIER ::=
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) skd(8) }
  ControlSet

  SKD-ControlSet CMC-CONTROL ::= {
      skd-glUseKEK | skd-glDelete | skd-glAddMember |
      skd-glDeleteMember | skd-glRekey | skd-glAddOwner |
      skd-glRemoveOwner | skd-glKeyCompromise |
      skd-glkRefresh | skd-glaQueryRequest | skd-glProvideCert |
      skd-glManageCert | skd-glKey, ... }

  -- This defines the GL Use KEK control attribute

  skd-glUseKEK CMC-CONTROL ::=
      { GLUseKEK IDENTIFIED BY id-skd-glUseKEK }

  id-skd-glUseKEK OBJECT IDENTIFIER ::= { id-skd 1}

  GLUseKEK ::= SEQUENCE {
      glInfo            GLInfo,
      glOwnerInfo       SEQUENCE SIZE (1..MAX) OF GLOwnerInfo,
      glAdministration  GLAdministration DEFAULT 1, managed,
      glKeyAttributes   GLKeyAttributes OPTIONAL
  }

  GLInfo ::= SEQUENCE {
      glName     GeneralName,
      glAddress  GeneralName
  }

  GLOwnerInfo ::= SEQUENCE {
      glOwnerName     GeneralName,
      glOwnerAddress  GeneralName,
      certificates    Certificates OPTIONAL
  }

  GLAdministration ::= INTEGER {
      unmanaged  (0),
      managed    (1),
      closed     (2)
  }

  --
  --  The set of key wrap algorithms supported by this specification
  --

  SKD-Caps SMIME-CAPS ::= {
      cap-3DESwrap | cea-aes128-cbc.&smimeCaps |
      cea-aes192-cbc.&smimeCaps | cea-aes256-cbc.&smimeCaps,  ...
  }

  KeyWrapAlgorithm ::= AlgorithmIdentifier {{...}} SMIMECapability{{SKD-Caps}}
  cap-aes128-cbc KeyWrapAlgorithm ::=
      { capabilityID cea-aes128-cbc.&smimeCaps.&id }

  GLKeyAttributes ::= SEQUENCE {
      rekeyControlledByGLO       [0] BOOLEAN DEFAULT FALSE,
      recipientsNotMutuallyAware [1] BOOLEAN DEFAULT TRUE,
      duration                   [2] INTEGER DEFAULT 0,
      generationCounter          [3] INTEGER DEFAULT 2,
      requestedAlgorithm         [4] KeyWrapAlgorithm
                         DEFAULT {algorithm id-alg-CMS3DESwrap} cap-aes128-cbc
  }

  -- This defines the Delete GL control attribute.
  -- It has the simple type GeneralName.

  skd-glDelete CMC-CONTROL ::=
      { DeleteGL IDENTIFIED BY id-skd-glDelete }

  id-skd-glDelete OBJECT IDENTIFIER ::= { id-skd 2}
  DeleteGL ::= GeneralName

  -- This defines the Add GL Member control attribute

  skd-glAddMember CMC-CONTROL ::=
      { GLAddMember IDENTIFIED BY id-skd-glAddMember }

  id-skd-glAddMember OBJECT IDENTIFIER ::= { id-skd 3}
  GLAddMember ::= SEQUENCE {
      glName    GeneralName,
      glMember  GLMember
  }

  GLMember ::= SEQUENCE {
      glMemberName     GeneralName,
      glMemberAddress  GeneralName OPTIONAL,
      certificates     Certificates OPTIONAL
  }

  Certificates ::= SEQUENCE {
      pKC       [0] Certificate OPTIONAL,
                    -- See [PROFILE]
      aC        [1] SEQUENCE SIZE (1.. MAX) OF
                      AttributeCertificate OPTIONAL,
                    -- See [ACPROF]
      certPath  [2] CertificateSet OPTIONAL
                    -- From [CMS]
  }

  -- This defines the Delete GL Member control attribute

  skd-glDeleteMember CMC-CONTROL ::=
      { GLDeleteMember IDENTIFIED BY id-skd-glDeleteMember }

  id-skd-glDeleteMember OBJECT IDENTIFIER ::= { id-skd 4}

  GLDeleteMember ::= SEQUENCE {
      glName            GeneralName,
      glMemberToDelete  GeneralName
  }

  -- This defines the Delete GL Member control attribute

  skd-glRekey CMC-CONTROL ::=
      { GLRekey IDENTIFIED BY id-skd-glRekey }

  id-skd-glRekey OBJECT IDENTIFIER ::= { id-skd 5}

  GLRekey ::= SEQUENCE {
      glName              GeneralName,
      glAdministration    GLAdministration OPTIONAL,
      glNewKeyAttributes  GLNewKeyAttributes OPTIONAL,
      glRekeyAllGLKeys    BOOLEAN OPTIONAL
  }

  GLNewKeyAttributes ::= SEQUENCE {
      rekeyControlledByGLO       [0] BOOLEAN OPTIONAL,
      recipientsNotMutuallyAware [1] BOOLEAN OPTIONAL,
      duration                   [2] INTEGER OPTIONAL,
      generationCounter          [3] INTEGER OPTIONAL,
      requestedAlgorithm         [4] AlgorithmIdentifier{{...}} KeyWrapAlgorithm OPTIONAL
  }

  -- This defines the Add and Delete GL Owner control attributes

  skd-glAddOwner CMC-CONTROL ::=
      { GLOwnerAdministration IDENTIFIED BY id-skd-glAddOwner }

  id-skd-glAddOwner OBJECT IDENTIFIER ::= { id-skd 6}

  skd-glRemoveOwner CMC-CONTROL ::=
      { GLOwnerAdministration IDENTIFIED BY id-skd-glRemoveOwner }

  id-skd-glRemoveOwner OBJECT IDENTIFIER ::= { id-skd 7}

  GLOwnerAdministration ::= SEQUENCE {
      glName       GeneralName,
      glOwnerInfo  GLOwnerInfo
  }

  -- This defines the GL Key Compromise control attribute.
  -- It has the simple type GeneralName.

  skd-glKeyCompromise CMC-CONTROL ::=
      { GLKCompromise IDENTIFIED BY id-skd-glKeyCompromise }

  id-skd-glKeyCompromise OBJECT IDENTIFIER ::= { id-skd 8}
  GLKCompromise ::= GeneralName

  -- This defines the GL Key Refresh control attribute.

  skd-glkRefresh CMC-CONTROL ::=
      { GLKRefresh IDENTIFIED BY id-skd-glkRefresh }

  id-skd-glkRefresh OBJECT IDENTIFIER ::= { id-skd 9}

  GLKRefresh ::= SEQUENCE {
      glName  GeneralName,
      dates   SEQUENCE SIZE (1..MAX) OF Date
  }

  Date ::= SEQUENCE {
      start GeneralizedTime,
      end   GeneralizedTime OPTIONAL
  }

  -- This defines the GLA Query Request control attribute.

  skd-glaQueryRequest CMC-CONTROL ::=
      { GLAQueryRequest IDENTIFIED BY id-skd-glaQueryRequest }

  id-skd-glaQueryRequest OBJECT IDENTIFIER ::= { id-skd 11}

  SKD-QUERY ::= TYPE-IDENTIFIER

  SkdQuerySet SKD-QUERY ::= {...} {skd-AlgRequest, ...}

  GLAQueryRequest ::= SEQUENCE {
      glaRequestType   SKD-QUERY.&id ({SkdQuerySet}),
      glaRequestValue  SKD-QUERY.
                           &Type ({SkdQuerySet}{@glaRequestType})
  }

  -- This defines the GLA Query Response control attribute.

  skd-glaQueryResponse CMC-CONTROL ::=
      { GLAQueryResponse IDENTIFIED BY id-skd-glaQueryResponse }

  id-skd-glaQueryResponse OBJECT IDENTIFIER ::= { id-skd 12}

  SKD-RESPONSE ::= TYPE-IDENTIFIER

  SkdResponseSet SKD-RESPONSE ::= {...} {skd-AlgResponse, ...}

  GLAQueryResponse ::= SEQUENCE {
      glaResponseType   SKD-RESPONSE.
                            &id({SkdResponseSet}),
      glaResponseValue  SKD-RESPONSE.
                            &Type({SkdResponseSet}{@glaResponseType})}

  -- This defines the GLA Request/Response (glaRR) arc for
  -- glaRequestType/glaResponseType.

  id-cmc-glaRR OBJECT IDENTIFIER ::=
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) cmc(7) glaRR(99) }

  -- This defines the Algorithm Request

  skd-AlgRequest SKD-QUERY ::= {
     SKDAlgRequest IDENTIFIED BY id-cmc-gla-skdAlgRequest
  }

  id-cmc-gla-skdAlgRequest OBJECT IDENTIFIER ::= { id-cmc-glaRR 1 }
  SKDAlgRequest ::= NULL
  -- This defines the Algorithm Response

  skd-AlgResponse SKD-RESPONSE ::= {
      SMIMECapability{{SKD-Caps}} IDENTIFIED BY
          id-cmc-gla-skdAlgResponse
  }

  id-cmc-gla-skdAlgResponse OBJECT IDENTIFIER ::= { id-cmc-glaRR 2 }

  -- Note that the response for algorithmSupported request is the
  -- smimeCapabilities attribute as defined in MsgSpec [MSG].
  -- This defines the control attribute to request an updated
  -- certificate to the GLA.

  skd-glProvideCert CMC-CONTROL ::=
      { GLManageCert IDENTIFIED BY id-skd-glProvideCert }

  id-skd-glProvideCert OBJECT IDENTIFIER ::= { id-skd 13}

  GLManageCert ::= SEQUENCE {
      glName    GeneralName,
      glMember  GLMember
  }

  -- This defines the control attribute to return an updated
  -- certificate to the GLA. It has the type GLManageCert.

  skd-glManageCert CMC-CONTROL ::=
      { GLManageCert IDENTIFIED BY id-skd-glManageCert }

  id-skd-glManageCert OBJECT IDENTIFIER ::= { id-skd 14}

  -- This defines the control attribute to distribute the GL shared
  -- KEK.

  skd-glKey CMC-CONTROL ::=
      { GLKey IDENTIFIED BY id-skd-glKey }

  id-skd-glKey OBJECT IDENTIFIER ::= { id-skd 15}

  GLKey ::= SEQUENCE {
      glName        GeneralName,
      glIdentifier  KEKIdentifier,   -- See [CMS]
      glkWrapped    RecipientInfos,  -- See [CMS]
      glkAlgorithm  AlgorithmIdentifier{{...}},  KeyWrapAlgorithm,
      glkNotBefore  GeneralizedTime,
      glkNotAfter   GeneralizedTime
  }
  -- This defines the CMC error types

  skd-ExtendedFailures EXTENDED-FAILURE-INFO ::= {
     SKDFailInfo IDENTIFIED BY id-cet-skdFailInfo
  }

  id-cet-skdFailInfo  OBJECT IDENTIFIER ::=
      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) cet(15) skdFailInfo(1) }

  SKDFailInfo ::= INTEGER {
      unspecified           (0),
      closedGL              (1),
      unsupportedDuration   (2),
      noGLACertificate      (3),
      invalidCert           (4),
      unsupportedAlgorithm  (5),
      noGLONameMatch        (6),
      invalidGLName         (7),
      nameAlreadyInUse      (8),
      noSpam                (9),
      deniedAccess          (10),
      alreadyAMember        (11),
      notAMember            (12),
      alreadyAnOwner        (13),
      notAnOwner            (14) }

  END

13.  Security Considerations

   Even though all the RFCs in this document are security-related, the
   document itself does not have any security considerations.  The ASN.1
   modules keep the same bits-on-the-wire as the modules that they
   replace.

14.  Normative References

   [ASN1-2002]
              ITU-T, "ITU-T Recommendation X.680 Information technology
              [ETH] Abstract Syntax Notation One (ASN.1): Specification
              of basic notation", ITU-T X.680, 2002.

   [NEW-PKIX]
              Hoffman, P. and J. Schaad, "New ASN.1 Modules for PKIX",
              draft-ietf-pkix-new-asn1 (work in progress),
              December 2007.

   [RFC3370]  Housley, R., "Cryptographic Message Syntax (CMS)
              Algorithms", RFC 3370, August 2002.

   [RFC3565]  Schaad, J., "Use of the Advanced Encryption Standard (AES)
              Encryption Algorithm in Cryptographic Message Syntax
              (CMS)", RFC 3565, July 2003.

   [RFC3851]  Ramsdell, B., "Secure/Multipurpose Internet Mail
              Extensions (S/MIME) Version 3.1 Message Specification",
              RFC 3851, July 2004.

   [RFC3852]  Housley, R., "Cryptographic Message Syntax (CMS)",
              RFC 3852, July 2004.

   [RFC4108]  Housley, R., "Using Cryptographic Message Syntax (CMS) to
              Protect Firmware Packages", RFC 4108, August 2005.

   [RFC4998]  Gondrom, T., Brandner, R., and U. Pordesch, "Evidence
              Record Syntax (ERS)", RFC 4998, August 2007.

   [RFC5035]  Schaad, J., "Enhanced Security Services (ESS) Update:
              Adding CertID Algorithm Agility", RFC 5035, August 2007.

   [RFC5083]  Housley, R., "Cryptographic Message Syntax (CMS)
              Authenticated-Enveloped-Data Content Type", RFC 5083,
              November 2007.

   [RFC5084]  Housley, R., "Using AES-CCM and AES-GCM Authenticated
              Encryption in the Cryptographic Message Syntax (CMS)",
              RFC 5084, November 2007.

   [RFC5275]  Turner, S., "CMS Symmetric Key Management and
              Distribution", RFC 5275, June 2008.

Appendix A.  Change History

   [[ This entire section is to be removed upon publication. ]]

A.1.  Changes between draft-hoffman-cms-new-asn1-00 and
      draft-ietf-smime-new-asn1-00

   Changed the draft name.

   Added RFC 3565,
   Added RFC 4998.

   Made RFCs-to-be 5083 and 5084 into RFCs.

   In RFC 3370, a line in the comment staring with "Another way to
   do..." was not commented out when it should have been.

   In RFC 3851, the name of the module from which we are importing was
   wrong, although the OID was right.

   In RFC 3852, added the "...," and "[[v:" ASN.1 idioms to indicate
   which version of CMS added the various extensions.

A.2.  Changes between draft-ietf-smime-new-asn1-00 and -01

   Added RFC 5275.

   Added module for algorithm classes, and modified RFC 3370 and RFC
   3852 to uses the classes defined.

A.3.  Changes between draft-ietf-smime-new-asn1-01 and -02

   Added design notes.

   Removed issue on "Algorithm Structure" and issue on "More Modules To
   Be Added".

   Updated all modules to use objects more deeply.

   In section 6, changed "PKCS #10" to "PKCS #7" to reflect the actual
   module where the changes were made.

Authors' Addresses

   Paul Hoffman
   VPN Consortium
   127 Segre Place
   Santa Cruz, CA  95060
   US

   Phone: 1-831-426-9827
   Email: paul.hoffman@vpnc.org
   Jim Schaad
   Soaring Hawk Consulting

   Email: jimsch@exmsft.com

Full Copyright Statement

   Copyright (C) The IETF Trust (2008).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgment

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).