logo标签列表

ASN.1中的双括号语法是什么?

parsingsyntaxasn.1
3
我在阅读 PKCS #7 ASN.1 定义时,遇到了这种类型。我无法确定此代码中的 {{Authenticated}} 是做什么用的,或者应该称其为哪个产生物。我也在 PKCS #8 标准中看到了类似的 {{...}}
-- ATTRIBUTE information object class specification
ATTRIBUTE ::= CLASS {
  &derivation            ATTRIBUTE OPTIONAL,
  &Type                  OPTIONAL, -- either &Type or &derivation required
  &equality-match        MATCHING-RULE OPTIONAL,
  &ordering-match        MATCHING-RULE OPTIONAL,
  &substrings-match      MATCHING-RULE OPTIONAL,
  &single-valued         BOOLEAN DEFAULT FALSE,
  &collective            BOOLEAN DEFAULT FALSE,
  &dummy                 BOOLEAN DEFAULT FALSE,
  -- operational extensions
  &no-user-modification  BOOLEAN DEFAULT FALSE,
  &usage                 AttributeUsage DEFAULT userApplications,
  &id                    OBJECT IDENTIFIER UNIQUE
}
WITH SYNTAX {
  [SUBTYPE OF &derivation]
  [WITH SYNTAX &Type]
  [EQUALITY MATCHING RULE &equality-match]
  [ORDERING MATCHING RULE &ordering-match]
  [SUBSTRINGS MATCHING RULE &substrings-match]
  [SINGLE VALUE &single-valued]
  [COLLECTIVE &collective]
  [DUMMY &dummy]
  [NO USER MODIFICATION &no-user-modification]
  [USAGE &usage]
  ID &id
}


Authenticated ATTRIBUTE ::= {
  contentType |
  messageDigest |
-- begin added for VCE SCEP-support
  transactionID |
  messageType |
  pkiStatus |
  failInfo |
  senderNonce |
  recipientNonce,
-- end added for VCE SCEP-support
  ...,  -- add application-specific attributes here
  signingTime
}

SignerInfoAuthenticatedAttributes ::= CHOICE {
    aaSet         [0] IMPLICIT SET OF AttributePKCS-7 {{Authenticated}},
    aaSequence    [2] EXPLICIT SEQUENCE OF AttributePKCS-7 {{Authenticated}}
    -- Explicit because easier to compute digest on sequence of attributes and then reuse
    -- encoded sequence in aaSequence.
}

-- Also defined in X.501
-- Redeclared here as a parameterized type
AttributePKCS-7 { ATTRIBUTE:IOSet } ::= SEQUENCE {
   type    ATTRIBUTE.&id({IOSet}),
   values  SET SIZE (1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
}

-- Inlined from PKCS5v2-0 since it is the only thing imported from that module
-- AlgorithmIdentifier { ALGORITHM-IDENTIFIER:InfoObjectSet } ::=
AlgorithmIdentifier { TYPE-IDENTIFIER:InfoObjectSet } ::=
SEQUENCE {
--  algorithm ALGORITHM-IDENTIFIER.&id({InfoObjectSet}),
  algorithm TYPE-IDENTIFIER.&id({InfoObjectSet}),
--  parameters ALGORITHM-IDENTIFIER.&Type({InfoObjectSet}
  parameters TYPE-IDENTIFIER.&Type({InfoObjectSet}
    {@algorithm}) OPTIONAL }

-- Private-key information syntax

PrivateKeyInfo ::= SEQUENCE {
  version Version,
--  privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
  privateKeyAlgorithm AlgorithmIdentifier {{...}},
  privateKey PrivateKey,
  attributes [0] Attributes OPTIONAL }
1个回答
2
没有名为双括号的ASN.1项。每个单独的括号(即使是嵌套的)都是一个单独的标记。由于此处未给出AttributePKCS-7的定义,我猜测它可能是一个带有信息对象集作为参数的参数化定义。外层一对括号表示参数替换,而内部一对括号表示Authenticated是一个信息对象集(用作参数)。信息对象集的目的是将某些字段的可能值限制为包含在对象集中的值。您需要查看AttributePKCS-7的定义,以了解哪些组件受到对象集的限制。
至于{{...}},这与上述类似,只是对象集是一个空的可扩展对象集(由{...}表示),它被用作参数(由外层一对括号表示)。
我已经更新了问题并添加了所有这些定义,请告诉我是否改变了您的答案。 - XAMPPRocky
2
更新后的问题证实了我的答案。在这两种情况下,外层大括号用于参数化类型中的参数替换,而内层大括号表示正在使用对象集。在这两种情况下,都使用了对象集作为参数。 - Paul Thorpe
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接