verify PKCS #7 signed data

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2015-06-01 10:43:46 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2015-06-02 08:50:15 +0200
commit: 07afd47766dccc8356fac66a863bd2b6ee752974 (patch)
tree: 03b27ae0dfeae3a8edfb59589d624c8dcd0dfe68 /lib/pkix.asn
parent: dff62f3313f2a317b67bb53f8a609a8ac3c6482a (diff)
download: gnutls-07afd47766dccc8356fac66a863bd2b6ee752974.tar.gz
1 files changed, 27 insertions, 2 deletions
diff --git a/lib/pkix.asn b/lib/pkix.asn
index eb64138249..123609cdf5 100644
--- a/lib/pkix.asn
+++ b/lib/pkix.asn
@@ -366,8 +366,33 @@ pkcs-7-CertificateChoices ::= CHOICE {
 
 pkcs-7-CertificateSet ::= SET OF pkcs-7-CertificateChoices
 
-pkcs-7-SignerInfos ::= SET OF ANY -- this is not correct but we don't use it
- -- anyway
+IssuerAndSerialNumber ::= SEQUENCE {
+	issuer Name,
+	serialNumber CertificateSerialNumber
+}
+
+pkcs-7-SignerInfo ::= SEQUENCE {
+     version INTEGER,
+     sid SignerIdentifier,
+     digestAlgorithm AlgorithmIdentifier,
+     signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
+     signatureAlgorithm AlgorithmIdentifier,
+     signature OCTET STRING,
+     unsignedAttrs [1] IMPLICIT ANY OPTIONAL }
+
+SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
+
+Attribute ::= SEQUENCE {
+	attrType OBJECT IDENTIFIER,
+	attrValues SET OF ANY
+}
+
+SignerIdentifier ::= CHOICE {
+	issuerAndSerialNumber IssuerAndSerialNumber,
+	subjectKeyIdentifier [0] SubjectKeyIdentifier
+}
+
+pkcs-7-SignerInfos ::= SET OF pkcs-7-SignerInfo
 
 
 -- BEGIN of RFC2986
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2015-06-01 10:43:46 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2015-06-02 08:50:15 +0200
commit	07afd47766dccc8356fac66a863bd2b6ee752974 (patch)
tree	03b27ae0dfeae3a8edfb59589d624c8dcd0dfe68 /lib/pkix.asn
parent	dff62f3313f2a317b67bb53f8a609a8ac3c6482a (diff)
download	gnutls-07afd47766dccc8356fac66a863bd2b6ee752974.tar.gz