2.3.2.4.3.1 SpcIndirectDataContent
This structure specifies data about the digital signature and contains the hash of the data that is to be signed. This structure is specified by the following ASN.1 ([ITUX680-1994]) notation.
-
SpcIndirectDataContent ::= SEQUENCE { data SpcAttributeTypeAndOptionalValue, messageDigest DigestInfo } SpcAttributeTypeAndOptionalValue ::= SEQUENCE { type OBJECT IDENTIFIER, value [0] EXPLICIT ANY OPTIONAL } DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTETSTRING } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters [0] EXPLICIT ANY OPTIONAL }
The SpcIndirectDataContent structure’s fields MUST be constrained as follows:
The data field MUST be a SpcAttributeTypeAndOptionalValue structure.
The messageDigest field MUST be a DigestInfo structure.
The SpcAttributeTypeAndOptionalValue structure fields MUST be constrained as follows:
The type field MUST be an Object Identifier ([ITUX680-1994] section 3.8.35) with the value 1.3.6.1.4.1.311.2.1.29.
The value field SHOULD be set to a zero byte OCTETSTRING ([ITUX680-1994] section 20). If the field has any data associated with it, the data MUST be ignored.
The DigestInfo structure’s fields MUST be constrained as follows:
The digestAlgorithm field MUST be an AlgorithmIdentifier structure. The algorithm field of digestAlgorithm specifies the Object Identifier ([ITUX680-1994] section 3.8.35) of the digest algorithm that was used to hash the VBA project contents, producing the value for the digest field. This Object Identifier ([ITUX680-1994] section 3.8.35) value MUST be set to the same algorithm identifier as specified in the digestAlgorithm field of the SignedData structure (section 2.3.2.4.1). The parameters field of digestAlgorithm MUST be set to the Null type ([ITUX680-1994] section 6.2) with a length of zero.
The digest field MUST be an OCTETSTRING ([ITUX680-1994] section 20). The value of the OCTETSTRING MUST be produced by means of the hash algorithm specified in [MS-OVBA] section 2.4.2.