Loading 33128/r19/TS33128Payloads.asn +35 −37 Original line number Diff line number Diff line Loading @@ -1413,7 +1413,7 @@ TLS13OfferedPSK ::= SEQUENCE binder [2] OCTET STRING (SIZE(32..255)) } -- Actual PSK, either explicitly provisioned or derived from -- Actual TLS PSK, either explicitly provisioned or derived from -- an earlier issued TLS ticket and a resumptionMasterSectret. -- For AKMA, the PSK is the AKMA key K_AF. TLS13PSKInfo ::= SEQUENCE Loading @@ -1426,7 +1426,7 @@ TLS13PSKInfo ::= SEQUENCE -- RFC 8446, clause 4.6.1: Tickets and resumption info. -- RFC 8446, clause 4.6.1: Tickets/resumption info. TLS13NewSessionTicket ::= SEQUENCE { Loading @@ -1438,12 +1438,6 @@ TLS13NewSessionTicket ::= SEQUENCE } TLS13ResumptionInfo ::= SEQUENCE { listOfTickets [1] SEQUENCE OF TLS13NewSessionTicket, resumptionMasterSectret [2] OCTET STRING (SIZE(1..65535)) } -- RFC8446, clause 7.1 and 4.2.8: TLS-internal leys -- These keys/secrets are never directly used to encrypt Loading @@ -1462,7 +1456,7 @@ TLS13EstablishedSecrets ::= SEQUENCE -- RFC8446, clause 7.1 -- The actual traffic encryption keys are derived from the respective -- The actual encryption keys are derived from the respective -- secret values below and a provided hashed handshake-message-transcript. TLS13EarlySecretInfo ::= SEQUENCE { Loading @@ -1478,7 +1472,6 @@ TLS13HandshakeSecretInfo ::= SEQUENCE -- Hash(ClientHello..ServerHello) } -- RFC8446, clause 7.1 TLS13MasterSecretInfo ::= SEQUENCE { masterSecretValue [1] OCTET STRING (SIZE(1..65535)), Loading @@ -1502,49 +1495,51 @@ TLS13UAStarParams ::= SEQUENCE -- PSKs and key exchange modes offered by the client -- clause 4.2.9, 4.2.11. When AKMA (or other CSP-provided) -- keys are used, at least one offered PSK and key exchange mode -- will always be present -- will always be present in the client extensions offeredPSKs [1] SEQUENCE OF TLS13OfferedPSK, offeredPSKKeyExchangeModes [2] SEQUENCE OF TLS13PSKeyExchangeMode, -- The server-selected PSK, clause 4.2.11 -- selectedPSKIdentity = j means the server selects j:th offered PSK. selectedPSKIdentity [3] INTEGER (0..65535), -- The actual TLS PSK. When AKMA is used, this key will typically also -- be provided as an associated AFKeyInfo IRI, see below. selectedPSK [4] TLS13PSKInfo, -- Cryptographic state: transforms and sequence numbers. kDFAlgorithm [4] TLS13KDFAlgorithm, -- clause 7.1. clientSupportedCipherSuites [5] SEQUENCE OF TLS13CipherSuite OPTIONAL, selectedCipherSuite [6] TLS13CipherSuite, -- clause 4.2 and B.4. clientSequenceNumber [7] INTEGER, -- clause 5.3 serverSequenceNumber [8] INTEGER, -- clause 5.3 kDFAlgorithm [5] TLS13KDFAlgorithm, -- clause 7.1. clientSupportedCipherSuites [6] SEQUENCE OF TLS13CipherSuite OPTIONAL, selectedCipherSuite [7] TLS13CipherSuite, -- clause 4.2 and B.4. clientSequenceNumber [8] INTEGER, -- clause 5.3 serverSequenceNumber [9] INTEGER, -- clause 5.3 -- Handshake parameters, clause 4.1.2 and 4.1.3. clientRandom [9] OCTET STRING (SIZE(32)), serverRandom [10] OCTET STRING (SIZE(32)), legacySessionID [11] OCTET STRING (SIZE(0..32)), clientRandom [10] OCTET STRING (SIZE(32)), serverRandom [11] OCTET STRING (SIZE(32)), legacySessionID [12] OCTET STRING (SIZE(0..32)), -- Complete contents of handshake extensions, clause 4.2. tLSClientHelloExtensions [12] SEQUENCE OF TLS13Extension, tLSServerHelloExtensions [13] SEQUENCE OF TLS13Extension, -- Encrypted server extensions, clause 4.3.1 (provided in plaintext). tLSPlaintextEncryptedExtensions [14] SEQUENCE OF TLS13Extension OPTIONAL, tLSClientHelloExtensions [13] SEQUENCE OF TLS13Extension, tLSServerHelloExtensions [14] SEQUENCE OF TLS13Extension, -- Encrypted server extensions, clause 4.3.1 (here provided in plaintext). tLSPlaintextEncryptedExtensions [15] SEQUENCE OF TLS13Extension OPTIONAL, -- Authentication related parameters, clause 4.4 -- Certifcates are encrypted between client and server, -- these are the unencrypted certificate(s). tLSPlaintextClientCertificate [15] TLS13Certificate OPTIONAL, tLSPlaintextServerCertificate [16] TLS13Certificate OPTIONAL, tLSPlaintextClientCertificate [16] TLS13Certificate OPTIONAL, tLSPlaintextServerCertificate [17] TLS13Certificate OPTIONAL, -- Session key information fields, clause 7.1 earlySecret [17] TLS13EarlySecretInfo OPTIONAL, binderKey [18] OCTET STRING (SIZE(1..65535)) OPTIONAL, earlySecret [18] TLS13EarlySecretInfo OPTIONAL, binderKey [19] OCTET STRING (SIZE(1..65535)) OPTIONAL, -- The key used by the cipher suite to encrypt early data is -- derived from clientEarlyTrafficSecret as described in clause 7.3. clientEarlyTrafficSecret [19] OCTET STRING (SIZE(1..65535)), earlyExporterMasterSecret [20] OCTET STRING (SIZE(1..65535)), clientEarlyTrafficSecret [20] OCTET STRING (SIZE(1..65535)), earlyExporterMasterSecret [21] OCTET STRING (SIZE(1..65535)), -- Establised shared key (from Diffie-Hellman or similar). sharedKey [21] TLS13EstablishedSecrets OPTIONAL, handshakeSecret [22] TLS13HandshakeSecretInfo OPTIONAL, sharedKey [22] TLS13EstablishedSecrets OPTIONAL, handshakeSecret [23] TLS13HandshakeSecretInfo OPTIONAL, -- The keys used by the cipher suite to encrypt the handshake are -- derived from client- and serverHandshakeTrafficSecret as -- described in clause 7.3. clientHandshakeTrafficSecret [23] OCTET STRING (SIZE(1..65535)), serverHandshakeTrafficSecret [24] OCTET STRING (SIZE(1..65535)), masterSecret [25] TLS13MasterSecretInfo OPTIONAL, exporterMasterSectret [26] OCTET STRING (SIZE(1..65535)), clientHandshakeTrafficSecret [24] OCTET STRING (SIZE(1..65535)), serverHandshakeTrafficSecret [25] OCTET STRING (SIZE(1..65535)), masterSecret [26] TLS13MasterSecretInfo OPTIONAL, -- The client and server application traffic secrets -- can change value during an ongoing session due to -- KeyUdpateRequest messages. The values to be provided below Loading @@ -1555,8 +1550,11 @@ TLS13UAStarParams ::= SEQUENCE -- as described in clause 7.3. clientApplicationTrafficSecret [27] OCTET STRING (SIZE(1..65535)), serverApplicationTrafficSecret [28] OCTET STRING (SIZE(1..65535)), -- Tickets for resumption, issued during current session, clause 4.6.2. tLSResumptionInfo [29] TLS13ResumptionInfo OPTIONAL -- Other session-specific keys. exporterMasterSecret [29] OCTET STRING (SIZE(1..65535)), resumptionMasterSecret [30] OCTET STRING (SIZE(1..65535)), -- Tickets for resumption (issued during current session), clause 4.6.2. tLSResumptionTickets [31] SEQUENCE OF TLS13NewSessionTicket OPTIONAL } Loading Loading
33128/r19/TS33128Payloads.asn +35 −37 Original line number Diff line number Diff line Loading @@ -1413,7 +1413,7 @@ TLS13OfferedPSK ::= SEQUENCE binder [2] OCTET STRING (SIZE(32..255)) } -- Actual PSK, either explicitly provisioned or derived from -- Actual TLS PSK, either explicitly provisioned or derived from -- an earlier issued TLS ticket and a resumptionMasterSectret. -- For AKMA, the PSK is the AKMA key K_AF. TLS13PSKInfo ::= SEQUENCE Loading @@ -1426,7 +1426,7 @@ TLS13PSKInfo ::= SEQUENCE -- RFC 8446, clause 4.6.1: Tickets and resumption info. -- RFC 8446, clause 4.6.1: Tickets/resumption info. TLS13NewSessionTicket ::= SEQUENCE { Loading @@ -1438,12 +1438,6 @@ TLS13NewSessionTicket ::= SEQUENCE } TLS13ResumptionInfo ::= SEQUENCE { listOfTickets [1] SEQUENCE OF TLS13NewSessionTicket, resumptionMasterSectret [2] OCTET STRING (SIZE(1..65535)) } -- RFC8446, clause 7.1 and 4.2.8: TLS-internal leys -- These keys/secrets are never directly used to encrypt Loading @@ -1462,7 +1456,7 @@ TLS13EstablishedSecrets ::= SEQUENCE -- RFC8446, clause 7.1 -- The actual traffic encryption keys are derived from the respective -- The actual encryption keys are derived from the respective -- secret values below and a provided hashed handshake-message-transcript. TLS13EarlySecretInfo ::= SEQUENCE { Loading @@ -1478,7 +1472,6 @@ TLS13HandshakeSecretInfo ::= SEQUENCE -- Hash(ClientHello..ServerHello) } -- RFC8446, clause 7.1 TLS13MasterSecretInfo ::= SEQUENCE { masterSecretValue [1] OCTET STRING (SIZE(1..65535)), Loading @@ -1502,49 +1495,51 @@ TLS13UAStarParams ::= SEQUENCE -- PSKs and key exchange modes offered by the client -- clause 4.2.9, 4.2.11. When AKMA (or other CSP-provided) -- keys are used, at least one offered PSK and key exchange mode -- will always be present -- will always be present in the client extensions offeredPSKs [1] SEQUENCE OF TLS13OfferedPSK, offeredPSKKeyExchangeModes [2] SEQUENCE OF TLS13PSKeyExchangeMode, -- The server-selected PSK, clause 4.2.11 -- selectedPSKIdentity = j means the server selects j:th offered PSK. selectedPSKIdentity [3] INTEGER (0..65535), -- The actual TLS PSK. When AKMA is used, this key will typically also -- be provided as an associated AFKeyInfo IRI, see below. selectedPSK [4] TLS13PSKInfo, -- Cryptographic state: transforms and sequence numbers. kDFAlgorithm [4] TLS13KDFAlgorithm, -- clause 7.1. clientSupportedCipherSuites [5] SEQUENCE OF TLS13CipherSuite OPTIONAL, selectedCipherSuite [6] TLS13CipherSuite, -- clause 4.2 and B.4. clientSequenceNumber [7] INTEGER, -- clause 5.3 serverSequenceNumber [8] INTEGER, -- clause 5.3 kDFAlgorithm [5] TLS13KDFAlgorithm, -- clause 7.1. clientSupportedCipherSuites [6] SEQUENCE OF TLS13CipherSuite OPTIONAL, selectedCipherSuite [7] TLS13CipherSuite, -- clause 4.2 and B.4. clientSequenceNumber [8] INTEGER, -- clause 5.3 serverSequenceNumber [9] INTEGER, -- clause 5.3 -- Handshake parameters, clause 4.1.2 and 4.1.3. clientRandom [9] OCTET STRING (SIZE(32)), serverRandom [10] OCTET STRING (SIZE(32)), legacySessionID [11] OCTET STRING (SIZE(0..32)), clientRandom [10] OCTET STRING (SIZE(32)), serverRandom [11] OCTET STRING (SIZE(32)), legacySessionID [12] OCTET STRING (SIZE(0..32)), -- Complete contents of handshake extensions, clause 4.2. tLSClientHelloExtensions [12] SEQUENCE OF TLS13Extension, tLSServerHelloExtensions [13] SEQUENCE OF TLS13Extension, -- Encrypted server extensions, clause 4.3.1 (provided in plaintext). tLSPlaintextEncryptedExtensions [14] SEQUENCE OF TLS13Extension OPTIONAL, tLSClientHelloExtensions [13] SEQUENCE OF TLS13Extension, tLSServerHelloExtensions [14] SEQUENCE OF TLS13Extension, -- Encrypted server extensions, clause 4.3.1 (here provided in plaintext). tLSPlaintextEncryptedExtensions [15] SEQUENCE OF TLS13Extension OPTIONAL, -- Authentication related parameters, clause 4.4 -- Certifcates are encrypted between client and server, -- these are the unencrypted certificate(s). tLSPlaintextClientCertificate [15] TLS13Certificate OPTIONAL, tLSPlaintextServerCertificate [16] TLS13Certificate OPTIONAL, tLSPlaintextClientCertificate [16] TLS13Certificate OPTIONAL, tLSPlaintextServerCertificate [17] TLS13Certificate OPTIONAL, -- Session key information fields, clause 7.1 earlySecret [17] TLS13EarlySecretInfo OPTIONAL, binderKey [18] OCTET STRING (SIZE(1..65535)) OPTIONAL, earlySecret [18] TLS13EarlySecretInfo OPTIONAL, binderKey [19] OCTET STRING (SIZE(1..65535)) OPTIONAL, -- The key used by the cipher suite to encrypt early data is -- derived from clientEarlyTrafficSecret as described in clause 7.3. clientEarlyTrafficSecret [19] OCTET STRING (SIZE(1..65535)), earlyExporterMasterSecret [20] OCTET STRING (SIZE(1..65535)), clientEarlyTrafficSecret [20] OCTET STRING (SIZE(1..65535)), earlyExporterMasterSecret [21] OCTET STRING (SIZE(1..65535)), -- Establised shared key (from Diffie-Hellman or similar). sharedKey [21] TLS13EstablishedSecrets OPTIONAL, handshakeSecret [22] TLS13HandshakeSecretInfo OPTIONAL, sharedKey [22] TLS13EstablishedSecrets OPTIONAL, handshakeSecret [23] TLS13HandshakeSecretInfo OPTIONAL, -- The keys used by the cipher suite to encrypt the handshake are -- derived from client- and serverHandshakeTrafficSecret as -- described in clause 7.3. clientHandshakeTrafficSecret [23] OCTET STRING (SIZE(1..65535)), serverHandshakeTrafficSecret [24] OCTET STRING (SIZE(1..65535)), masterSecret [25] TLS13MasterSecretInfo OPTIONAL, exporterMasterSectret [26] OCTET STRING (SIZE(1..65535)), clientHandshakeTrafficSecret [24] OCTET STRING (SIZE(1..65535)), serverHandshakeTrafficSecret [25] OCTET STRING (SIZE(1..65535)), masterSecret [26] TLS13MasterSecretInfo OPTIONAL, -- The client and server application traffic secrets -- can change value during an ongoing session due to -- KeyUdpateRequest messages. The values to be provided below Loading @@ -1555,8 +1550,11 @@ TLS13UAStarParams ::= SEQUENCE -- as described in clause 7.3. clientApplicationTrafficSecret [27] OCTET STRING (SIZE(1..65535)), serverApplicationTrafficSecret [28] OCTET STRING (SIZE(1..65535)), -- Tickets for resumption, issued during current session, clause 4.6.2. tLSResumptionInfo [29] TLS13ResumptionInfo OPTIONAL -- Other session-specific keys. exporterMasterSecret [29] OCTET STRING (SIZE(1..65535)), resumptionMasterSecret [30] OCTET STRING (SIZE(1..65535)), -- Tickets for resumption (issued during current session), clause 4.6.2. tLSResumptionTickets [31] SEQUENCE OF TLS13NewSessionTicket OPTIONAL } Loading
