Add inital version of CRMF asn1 spec, not getting IMPLICIT quite right yet

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17102 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-04-18 13:05:21 +00:00
parent 8df33c8742
commit 52ad892d83
1 changed files with 113 additions and 0 deletions
--- a/lib/hx509/crmf.asn1
+++ b/lib/hx509/crmf.asn1
@@ -0,0 +1,113 @@
 -- $Id$
 PKCS10 DEFINITIONS ::=
 BEGIN
 IMPORTS
 	Time,
 	GeneralName,
 	SubjectPublicKeyInfo,
 	RelativeDistinguishedName,
 	AttributeTypeAndValue,
 	Extension,
 	AlgorithmIdentifier
 	FROM rfc2459
 	heim_any
 	FROM heim;
 CRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName
 Controls  ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue
 -- XXX IMPLICIT brokenness
 POPOSigningKey ::= SEQUENCE {
 	poposkInput           [0] IMPLICIT POPOSigningKeyInput OPTIONAL,
 	algorithmIdentifier   AlgorithmIdentifier,
 	signature             BIT STRING }
 PKMACValue ::= SEQUENCE {
 	algId  AlgorithmIdentifier,
 	value  BIT STRING
 }
 -- XXX IMPLICIT brokenness
 POPOSigningKeyInput ::= SEQUENCE {
 	authInfo            CHOICE {
 		sender              [0] IMPLICIT GeneralName,
 		publicKeyMAC        PKMACValue
 	},
 	publicKey           SubjectPublicKeyInfo
 }  -- from CertTemplate
 PBMParameter ::= SEQUENCE {
   salt                OCTET STRING,
   owf                 AlgorithmIdentifier,
   iterationCount      INTEGER,
   mac                 AlgorithmIdentifier
 }
 SubsequentMessage ::= INTEGER {
 	encrCert (0),
 	challengeResp (1)
 }
 -- XXX IMPLICIT brokenness
 POPOPrivKey ::= CHOICE {
 	thisMessage       [0] BIT STRING,         -- Deprecated
 	subsequentMessage [1] IMPLICIT SubsequentMessage,
 	dhMAC             [2] BIT STRING,         -- Deprecated
 	agreeMAC          [3] IMPLICIT PKMACValue,
 	encryptedKey      [4] heim_any
 }
 -- XXX IMPLICIT brokenness
 ProofOfPossession ::= CHOICE {
 	raVerified        [0] NULL,
 	signature         [1] POPOSigningKey,
 	keyEncipherment   [2] POPOPrivKey,
 	keyAgreement      [3] POPOPrivKey
 }
 CertTemplate ::= SEQUENCE {
 	version      [0] INTEGER OPTIONAL,
 	serialNumber [1] INTEGER OPTIONAL,
 	signingAlg   [2] SEQUENCE {
 		algorithm	OBJECT IDENTIFIER,
 		parameters	heim_any OPTIONAL
 	} -- AlgorithmIdentifier --   OPTIONAL,
 	issuer       [3] IMPLICIT CHOICE {
 		rdnSequence  CRMFRDNSequence
 	} -- Name --  OPTIONAL,
 	validity     [4] SEQUENCE {
 		notBefore  [0] Time OPTIONAL,
 		notAfter   [1] Time OPTIONAL
 	} -- OptionalValidity -- OPTIONAL,
 	subject      [5] IMPLICIT CHOICE {
 		rdnSequence  CRMFRDNSequence
 	} -- Name -- OPTIONAL,
 	publicKey    [6] IMPLICIT SEQUENCE  {
 		algorithm            AlgorithmIdentifier,
 		subjectPublicKey     BIT STRING OPTIONAL
 	} -- SubjectPublicKeyInfo -- OPTIONAL,
 	issuerUID    [7] IMPLICIT BIT STRING OPTIONAL,
 	subjectUID   [8] IMPLICIT BIT STRING OPTIONAL,
 	extensions   [9] IMPLICIT SEQUENCE OF Extension OPTIONAL
 }
 CertRequest ::= SEQUENCE {
 	certReqId	INTEGER,
 	certTemplate	CertTemplate,
 	controls	Controls OPTIONAL
 }
 CertReqMsg ::= SEQUENCE {
 	certReq		CertRequest,
 	popo		ProofOfPossession  OPTIONAL,
 	regInfo		SEQUENCE OF AttributeTypeAndValue OPTIONAL }
 CertReqMessages ::= SEQUENCE OF CertReqMsg
 END