Профиль формата PKCS#7, которому должны удовлетворять подписи вложенных файлов

pkcs-7 OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7}

pkcs-9 OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9}

gost-r OBJECT IDENTIFIER ::= {iso(1) member-body(2) rus(643) khz(2) 2}

SignatureContentType OBJECT IDENTIFIER ::= {pkcs-7 2} -- PKCS#7 SignedData

SignedFileContentType OBJECT IDENTIFIER ::= {pkcs-7 1} -- PKCS#7 data

DigestAlgorithmIdentifier OBJECT IDENTIFIER ::= {gost-r 9} -- GOST R 34.11-2012

DigestEncryptionAlgorithmIdentifier OBJECT IDENTIFIER ::= {gost-r 19} -- GOST R 34.10-2012

Version INTEGER ::= 1 -- PKCS#7 standard version. Refers to version 1.5.

ContentInfo ::= SEQUENCE {

 contentType SignatureContentType,

 content SignedData

}

SignedData ::= SEQUENCE {

 version Version,

 digestAlgorithms DigestAlgorithmIdentifiers,

 contentInfo ExternalContentInfo,

 certificates ExtendedCertificatesAndCertificates,

 signerInfos SignerInfos

}

DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier

ExternalContentInfo ::= SEQUENCE {

 contentType SignedFileContentType

}

ExtendedCertificatesAndCertificates ::= SET OF ExtendedCertificateOrCertificate

ExtendedCertificateOrCertificate ::= CHOICE {

 certificate Certificate -- X.509

}

SignerInfos ::= SET OF SignerInfo

SignerInfo ::= SEQUENCE {

 version Version,

 issuerAndSerialNumber IssuerAndSerialNumber,

 digestAlgorithm DigestAlgorithmIdentifier,

 authenticatedAttributes [0] IMPLICIT Attributes,

 digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,

 encryptedDigest EncryptedDigest

 unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL }

}

EncryptedDigest ::= OCTET STRING