52ad892d83
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17102 ec53bebd-3082-4978-b11e-865c3cabbd6b
114 lines
2.7 KiB
Groff
114 lines
2.7 KiB
Groff
-- $Id$
|
|
PKCS10 DEFINITIONS ::=
|
|
|
|
BEGIN
|
|
|
|
IMPORTS
|
|
Time,
|
|
GeneralName,
|
|
SubjectPublicKeyInfo,
|
|
RelativeDistinguishedName,
|
|
AttributeTypeAndValue,
|
|
Extension,
|
|
AlgorithmIdentifier
|
|
FROM rfc2459
|
|
heim_any
|
|
FROM heim;
|
|
|
|
CRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName
|
|
|
|
Controls ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue
|
|
|
|
-- XXX IMPLICIT brokenness
|
|
POPOSigningKey ::= SEQUENCE {
|
|
poposkInput [0] IMPLICIT POPOSigningKeyInput OPTIONAL,
|
|
algorithmIdentifier AlgorithmIdentifier,
|
|
signature BIT STRING }
|
|
|
|
PKMACValue ::= SEQUENCE {
|
|
algId AlgorithmIdentifier,
|
|
value BIT STRING
|
|
}
|
|
|
|
-- XXX IMPLICIT brokenness
|
|
POPOSigningKeyInput ::= SEQUENCE {
|
|
authInfo CHOICE {
|
|
sender [0] IMPLICIT GeneralName,
|
|
publicKeyMAC PKMACValue
|
|
},
|
|
publicKey SubjectPublicKeyInfo
|
|
} -- from CertTemplate
|
|
|
|
|
|
PBMParameter ::= SEQUENCE {
|
|
salt OCTET STRING,
|
|
owf AlgorithmIdentifier,
|
|
iterationCount INTEGER,
|
|
mac AlgorithmIdentifier
|
|
}
|
|
|
|
SubsequentMessage ::= INTEGER {
|
|
encrCert (0),
|
|
challengeResp (1)
|
|
}
|
|
|
|
-- XXX IMPLICIT brokenness
|
|
POPOPrivKey ::= CHOICE {
|
|
thisMessage [0] BIT STRING, -- Deprecated
|
|
subsequentMessage [1] IMPLICIT SubsequentMessage,
|
|
dhMAC [2] BIT STRING, -- Deprecated
|
|
agreeMAC [3] IMPLICIT PKMACValue,
|
|
encryptedKey [4] heim_any
|
|
}
|
|
|
|
-- XXX IMPLICIT brokenness
|
|
ProofOfPossession ::= CHOICE {
|
|
raVerified [0] NULL,
|
|
signature [1] POPOSigningKey,
|
|
keyEncipherment [2] POPOPrivKey,
|
|
keyAgreement [3] POPOPrivKey
|
|
}
|
|
|
|
CertTemplate ::= SEQUENCE {
|
|
version [0] INTEGER OPTIONAL,
|
|
serialNumber [1] INTEGER OPTIONAL,
|
|
signingAlg [2] SEQUENCE {
|
|
algorithm OBJECT IDENTIFIER,
|
|
parameters heim_any OPTIONAL
|
|
} -- AlgorithmIdentifier -- OPTIONAL,
|
|
issuer [3] IMPLICIT CHOICE {
|
|
rdnSequence CRMFRDNSequence
|
|
} -- Name -- OPTIONAL,
|
|
validity [4] SEQUENCE {
|
|
notBefore [0] Time OPTIONAL,
|
|
notAfter [1] Time OPTIONAL
|
|
} -- OptionalValidity -- OPTIONAL,
|
|
subject [5] IMPLICIT CHOICE {
|
|
rdnSequence CRMFRDNSequence
|
|
} -- Name -- OPTIONAL,
|
|
publicKey [6] IMPLICIT SEQUENCE {
|
|
algorithm AlgorithmIdentifier,
|
|
subjectPublicKey BIT STRING OPTIONAL
|
|
} -- SubjectPublicKeyInfo -- OPTIONAL,
|
|
issuerUID [7] IMPLICIT BIT STRING OPTIONAL,
|
|
subjectUID [8] IMPLICIT BIT STRING OPTIONAL,
|
|
extensions [9] IMPLICIT SEQUENCE OF Extension OPTIONAL
|
|
}
|
|
|
|
CertRequest ::= SEQUENCE {
|
|
certReqId INTEGER,
|
|
certTemplate CertTemplate,
|
|
controls Controls OPTIONAL
|
|
}
|
|
|
|
CertReqMsg ::= SEQUENCE {
|
|
certReq CertRequest,
|
|
popo ProofOfPossession OPTIONAL,
|
|
regInfo SEQUENCE OF AttributeTypeAndValue OPTIONAL }
|
|
|
|
CertReqMessages ::= SEQUENCE OF CertReqMsg
|
|
|
|
|
|
END
|
|
|