@@ -66,16 +66,19 @@ def parse!(str, ber: false)
6666 end
6767 end
6868
69+ # see: https://datatracker.ietf.org/doc/html/rfc5652#section-3
6970 class ContentInfo < RASN1 ::Model
7071 sequence :content_info ,
7172 content : [ objectid ( :content_type ) ,
7273 # In our case, expected to be SignedData
73- any ( :signed_data )
74+ any ( :content )
7475 ]
7576
76- def signed_data
77+ def content
7778 if self [ :content_type ] . value == '1.2.840.113549.1.7.2'
78- SignedData . parse ( self [ :signed_data ] . value )
79+ SignedData . parse ( self [ :content ] . value )
80+ elsif self [ :content_type ] . value == '1.2.840.113549.1.7.3'
81+ EnvelopedData . parse ( self [ :content ] . value )
7982 end
8083 end
8184 end
@@ -105,6 +108,85 @@ def econtent
105108 end
106109 end
107110
111+ class OriginatorInfo < RASN1 ::Model
112+ # todo: this one needs to be filled out
113+ sequence :content ,
114+ explicit : 1 , optional : true ,
115+ content : [ any ( :certificate_set , implicit : 0 , optional : true ) ,
116+ any ( :revocation_info_choices , implicit : 1 , optional : true )
117+ ]
118+ end
119+
120+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-10.2.7
121+ class OtherKeyAttribute < RASN1 ::Model
122+ sequence :content ,
123+ content : [ objectid ( :key_attr_id ) ,
124+ any ( :key_attr , optional : true )
125+ ]
126+ end
127+
128+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-6.2.3
129+ class KEKIdentifier < RASN1 ::Model
130+ sequence :content ,
131+ content : [ octet_string ( :key_identifier ) ,
132+ generalized_time ( :date , optional : true ) ,
133+ model ( :other , OtherKeyAttribute )
134+ ]
135+ end
136+
137+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-10.1.3
138+ class KeyEncryptionAlgorithmIdentifier < RASN1 ::Model
139+ sequence :content ,
140+ content : [ objectid ( :algorithm ) ,
141+ any ( :parameters , optional : true )
142+ ]
143+ end
144+
145+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-6.2.3
146+ class KEKRecipientInfo < RASN1 ::Model
147+ sequence :content ,
148+ implicit : 2 ,
149+ content : [ integer ( :version ) ,
150+ model ( :kekid , KEKIdentifier ) ,
151+ model ( :key_encryption_algorithm , KeyEncryptionAlgorithmIdentifier ) ,
152+ octet_string ( :encrypted_key )
153+ ]
154+ end
155+
156+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-6.2
157+ class RecipientInfo < RASN1 ::Model
158+ choice :content ,
159+ content : [ model ( :kekri , KEKRecipientInfo )
160+ ]
161+ end
162+
163+ class ContentEncryptionAlgorithmIdentifier < RASN1 ::Model
164+ sequence :content ,
165+ content : [ objectid ( :algorithm ) ,
166+ any ( :parameters , optional : true )
167+ ]
168+ end
169+
170+ class EncryptedContentInfo < RASN1 ::Model
171+ sequence :content ,
172+ content : [ objectid ( :content_type ) ,
173+ model ( :content_encryption_algorithm , ContentEncryptionAlgorithmIdentifier ) ,
174+ octet_string ( :encrypted_content , implicit : 0 , optional : true )
175+ ]
176+ end
177+
178+ # see: https://www.rfc-editor.org/rfc/rfc5652#section-6.1
179+ class EnvelopedData < RASN1 ::Model
180+ sequence :content ,
181+ explicit : 0 , constructed : true ,
182+ content : [ integer ( :version ) ,
183+ model ( :originator_info , OriginatorInfo ) ,
184+ set_of ( :recipient_infos , RecipientInfo ) ,
185+ model ( :encrypted_content_info , EncryptedContentInfo ) ,
186+ set_of ( :unprotected_attrs , Attribute , implicit : 1 , optional : true )
187+ ]
188+ end
189+
108190 class Name
109191 # Rather than specifying the entire structure of a name, we pass this off
110192 # to OpenSSL, effectively providing an interface between RASN and OpenSSL.
@@ -173,7 +255,7 @@ class SignedData < RASN1::Model
173255
174256 class SubjectPublicKeyInfo < RASN1 ::Model
175257 sequence :subject_public_key_info ,
176- explicit : 1 , constructed : true , optional : true ,
258+ explicit : 1 , constructed : true , optional : true ,
177259 content : [ model ( :algorithm , AlgorithmIdentifier ) ,
178260 bit_string ( :subject_public_key )
179261 ]
0 commit comments