1 H235-SECURITY-MESSAGES DEFINITIONS AUTOMATIC TAGS ::=
6 ChallengeString ::= OCTET STRING (SIZE(8..128))
7 TimeStamp ::= INTEGER(1..4294967295) -- seconds since 00:00 1/1/1970 UTC
8 RandomVal ::= INTEGER -- 32-bit Integer
9 Password ::= BMPString (SIZE (1..128))
10 Identifier ::= BMPString (SIZE (1..128))
11 KeyMaterial ::= BIT STRING(SIZE(1..2048))
13 NonStandardParameter ::= SEQUENCE
15 nonStandardIdentifier OBJECT IDENTIFIER,
19 -- if local octet representations of these bit strings are used they shall
20 -- utilize standard Network Octet ordering (e.g. Big Endian)
23 halfkey BIT STRING (SIZE(0..2048)), -- = g^x mod n
24 modSize BIT STRING (SIZE(0..2048)), -- n
25 generator BIT STRING (SIZE(0..2048)), -- g
29 ECpoint ::= SEQUENCE -- uncompressed (x, y) affine coordinate representation of an elliptic curve point
31 x BIT STRING (SIZE(0..511)) OPTIONAL,
32 y BIT STRING (SIZE(0..511)) OPTIONAL,
36 ECKASDH::= CHOICE -- parameters for elliptic curve key agreement scheme Diffie-Hellman
38 eckasdhp SEQUENCE -- parameters for elliptic curves of prime field
40 public-key ECpoint, -- This field contains representation of the ECKAS-DHp public key value.
41 --This field contains the initiator's ECKAS-DHp public key value (aP) when this information
42 -- element is sent from originator to receiver. This field contains the responder's ECKAS-DHp
43 -- public key value (bP) when this information element is sent back from receiver
45 modulus BIT STRING (SIZE(0..511)), -- This field contains representation of the
46 -- ECKAS-DHp public modulus value (p).
47 base ECpoint, -- This field contains representation of the ECKAS-DHp public base (P).
48 weierstrassA BIT STRING (SIZE(0..511)), --This field contains representation of the
49 -- ECKAS-DHp Weierstrass coefficient (a).
50 weierstrassB BIT STRING (SIZE(0..511)) --This field contains representation of the
51 -- ECKAS-DHp Weierstrass coefficient (b).
54 eckasdh2 SEQUENCE -- parameters for elliptic curves of characteristic 2
56 public-key ECpoint, -- This field contains representation of the ECKAS-DH2 public key value.
57 -- This field contains the initiator's ECKAS-DH2 public key value (aP) when this information
58 -- element is sent from originator to receiver. This field contains the responder's ECKAS-DH2
59 -- public key value (bP) when this information element is sent back from receiver to originator.
60 fieldSize BIT STRING (SIZE(0..511)), -- This field contains representation of the
61 -- ECKAS-DH2 field size value (m).
62 base ECpoint, -- This field contains representation of the ECKAS-DH2 public base (P).
63 weierstrassA BIT STRING (SIZE(0..511)), --This field contains representation of the
64 -- ECKAS-DH2 Weierstrass coefficient (a).
65 weierstrassB BIT STRING (SIZE(0..511)) --This field contains representation of the
66 -- ECKAS-DH2 Weierstrass coefficient (b).
71 ECGDSASignature::= SEQUENCE -- parameters for elliptic curve digital signature algorithm
73 r BIT STRING (SIZE(0..511)), -- This field contains the representation of the r component of the
74 -- ECGDSA digital signature.
75 s BIT STRING (SIZE(0..511)) -- This field contains the representation of the s component of the
76 -- ECGDSA digital signature.
79 TypedCertificate ::= SEQUENCE
81 type OBJECT IDENTIFIER,
82 certificate OCTET STRING,
86 AuthenticationBES ::= CHOICE
88 default NULL, -- encrypted ClearToken
89 radius NULL, -- RADIUS-challenge/response
93 AuthenticationMechanism ::= CHOICE
95 dhExch NULL, -- Diffie-Hellman
96 pwdSymEnc NULL, -- password with symmetric encryption
97 pwdHash NULL, -- password with hashing
98 certSign NULL, -- Certificate with signature
99 ipsec NULL, -- IPSEC based connection
101 nonStandard NonStandardParameter, -- something else.
103 authenticationBES AuthenticationBES -- user authentication for BES
106 ClearToken ::= SEQUENCE -- a "token" may contain multiple value types.
108 tokenOID OBJECT IDENTIFIER,
109 timeStamp TimeStamp OPTIONAL,
110 password Password OPTIONAL,
111 dhkey DHset OPTIONAL,
112 challenge ChallengeString OPTIONAL,
113 random RandomVal OPTIONAL,
114 certificate TypedCertificate OPTIONAL,
115 generalID Identifier OPTIONAL,
116 nonStandard NonStandardParameter OPTIONAL,
118 eckasdhkey ECKASDH OPTIONAL, -- elliptic curve Key Agreement Scheme-Diffie
119 -- Hellman Analogue (ECKAS-DH)
120 sendersID Identifier OPTIONAL,
121 h235Key H235Key OPTIONAL -- central distributed key in V3
124 -- An object identifier should be placed in the tokenOID field when a
125 -- ClearToken is included directly in a message (as opposed to being
126 -- encrypted). In all other cases, an application should use the
127 -- object identifier { 0 0 } to indicate that the tokenOID value is not present.
129 -- Start all the cryptographic parameterized types here...
132 SIGNED { ToBeSigned } ::= SEQUENCE {
133 toBeSigned ToBeSigned,
134 algorithmOID OBJECT IDENTIFIER,
135 paramS Params, -- any "runtime" parameters
136 signature BIT STRING -- could be an RSA or an ASN.1 coded ECGDSASignature
137 } ( CONSTRAINED BY { -- Verify or Sign Certificate -- } )
140 ENCRYPTED { ToBeEncrypted } ::= SEQUENCE {
141 algorithmOID OBJECT IDENTIFIER,
142 paramS Params, -- any "runtime" parameters
143 encryptedData OCTET STRING
144 } ( CONSTRAINED BY { -- Encrypt or Decrypt -- ToBeEncrypted } )
146 HASHED { ToBeHashed } ::= SEQUENCE {
147 algorithmOID OBJECT IDENTIFIER,
148 paramS Params, -- any "runtime" parameters
150 } ( CONSTRAINED BY { -- Hash -- ToBeHashed } )
152 IV8 ::= OCTET STRING (SIZE(8)) -- initial value for 64-bit block ciphers
153 IV16 ::= OCTET STRING (SIZE(16)) -- initial value for 128-bit block ciphers
155 -- signing algorithm used must select one of these types of parameters
156 -- needed by receiving end of signature.
158 Params ::= SEQUENCE {
159 ranInt INTEGER OPTIONAL, -- some integer value
160 iv8 IV8 OPTIONAL, -- 8 octet initialization vector
162 iv16 IV16 OPTIONAL, -- 16 octet initialization vector
163 iv OCTET STRING OPTIONAL, -- arbitrary length initialization vector
164 clearSalt OCTET STRING OPTIONAL -- unencrypted salting key for encryption
167 EncodedGeneralToken ::= TYPE-IDENTIFIER.&Type (ClearToken -- general usage token -- )
168 PwdCertToken ::= ClearToken (WITH COMPONENTS {..., timeStamp PRESENT, generalID PRESENT})
169 EncodedPwdCertToken ::= TYPE-IDENTIFIER.&Type (PwdCertToken)
171 CryptoToken::= CHOICE
174 cryptoEncryptedToken SEQUENCE -- General purpose/application specific token
176 tokenOID OBJECT IDENTIFIER,
177 token ENCRYPTED { EncodedGeneralToken }
179 cryptoSignedToken SEQUENCE -- General purpose/application specific token
181 tokenOID OBJECT IDENTIFIER,
182 token SIGNED { EncodedGeneralToken }
184 cryptoHashedToken SEQUENCE -- General purpose/application specific token
186 tokenOID OBJECT IDENTIFIER,
187 hashedVals ClearToken,
188 token HASHED { EncodedGeneralToken }
190 cryptoPwdEncr ENCRYPTED { EncodedPwdCertToken },
194 -- These allow the passing of session keys within the H.245 OLC structure.
195 -- They are encoded as standalone ASN.1 and based as an OCTET STRING within H.245
196 H235Key ::= CHOICE -- this is used with the H.245 or ClearToken "h235Key" field
198 secureChannel KeyMaterial,
199 sharedSecret ENCRYPTED {EncodedKeySyncMaterial},
200 certProtectedKey SIGNED { EncodedKeySignedMaterial },
202 secureSharedSecret V3KeySyncMaterial -- for H.235 V3 end points
205 KeySignedMaterial ::= SEQUENCE {
206 generalId Identifier, -- slave's alias
207 mrandom RandomVal, -- master's random value
208 srandom RandomVal OPTIONAL, -- slave's random value
209 timeStamp TimeStamp OPTIONAL, -- master's timestamp for unsolicited EU
210 encrptval ENCRYPTED {EncodedKeySyncMaterial }
212 EncodedKeySignedMaterial ::= TYPE-IDENTIFIER.&Type (KeySignedMaterial)
214 H235CertificateSignature ::= SEQUENCE
216 certificate TypedCertificate,
217 responseRandom RandomVal,
218 requesterRandom RandomVal OPTIONAL,
219 signature SIGNED { EncodedReturnSig },
223 ReturnSig ::= SEQUENCE {
224 generalId Identifier, -- slave's alias
225 responseRandom RandomVal,
226 requestRandom RandomVal OPTIONAL,
227 certificate TypedCertificate OPTIONAL -- requested certificate
230 EncodedReturnSig ::= TYPE-IDENTIFIER.&Type (ReturnSig)
231 KeySyncMaterial ::= SEQUENCE
233 generalID Identifier,
234 keyMaterial KeyMaterial,
237 EncodedKeySyncMaterial ::=TYPE-IDENTIFIER.&Type (KeySyncMaterial)
241 V3KeySyncMaterial ::= SEQUENCE
243 generalID Identifier OPTIONAL, -- peer terminal ID
244 algorithmOID OBJECT IDENTIFIER OPTIONAL, -- encryption algorithm
246 encryptedSessionKey OCTET STRING OPTIONAL, -- encrypted session key
247 encryptedSaltingKey OCTET STRING OPTIONAL, -- encrypted media salting key
248 clearSaltingKey OCTET STRING OPTIONAL, -- unencrypted media salting key
249 paramSsalt Params OPTIONAL, -- IV (and clear salt) for salting key encryption
250 keyDerivationOID OBJECT IDENTIFIER OPTIONAL, -- key derivation method
255 END -- End of H235-SECURITY-MESSAGES DEFINITIONS