1-- $Id: crmf.asn1 17102 2006-04-18 13:05:21Z lha $ 2PKCS10 DEFINITIONS ::= 3 4BEGIN 5 6IMPORTS 7 Time, 8 GeneralName, 9 SubjectPublicKeyInfo, 10 RelativeDistinguishedName, 11 AttributeTypeAndValue, 12 Extension, 13 AlgorithmIdentifier 14 FROM rfc2459 15 heim_any 16 FROM heim; 17 18CRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName 19 20Controls ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue 21 22-- XXX IMPLICIT brokenness 23POPOSigningKey ::= SEQUENCE { 24 poposkInput [0] IMPLICIT POPOSigningKeyInput OPTIONAL, 25 algorithmIdentifier AlgorithmIdentifier, 26 signature BIT STRING } 27 28PKMACValue ::= SEQUENCE { 29 algId AlgorithmIdentifier, 30 value BIT STRING 31} 32 33-- XXX IMPLICIT brokenness 34POPOSigningKeyInput ::= SEQUENCE { 35 authInfo CHOICE { 36 sender [0] IMPLICIT GeneralName, 37 publicKeyMAC PKMACValue 38 }, 39 publicKey SubjectPublicKeyInfo 40} -- from CertTemplate 41 42 43PBMParameter ::= SEQUENCE { 44 salt OCTET STRING, 45 owf AlgorithmIdentifier, 46 iterationCount INTEGER, 47 mac AlgorithmIdentifier 48} 49 50SubsequentMessage ::= INTEGER { 51 encrCert (0), 52 challengeResp (1) 53} 54 55-- XXX IMPLICIT brokenness 56POPOPrivKey ::= CHOICE { 57 thisMessage [0] BIT STRING, -- Deprecated 58 subsequentMessage [1] IMPLICIT SubsequentMessage, 59 dhMAC [2] BIT STRING, -- Deprecated 60 agreeMAC [3] IMPLICIT PKMACValue, 61 encryptedKey [4] heim_any 62} 63 64-- XXX IMPLICIT brokenness 65ProofOfPossession ::= CHOICE { 66 raVerified [0] NULL, 67 signature [1] POPOSigningKey, 68 keyEncipherment [2] POPOPrivKey, 69 keyAgreement [3] POPOPrivKey 70} 71 72CertTemplate ::= SEQUENCE { 73 version [0] INTEGER OPTIONAL, 74 serialNumber [1] INTEGER OPTIONAL, 75 signingAlg [2] SEQUENCE { 76 algorithm OBJECT IDENTIFIER, 77 parameters heim_any OPTIONAL 78 } -- AlgorithmIdentifier -- OPTIONAL, 79 issuer [3] IMPLICIT CHOICE { 80 rdnSequence CRMFRDNSequence 81 } -- Name -- OPTIONAL, 82 validity [4] SEQUENCE { 83 notBefore [0] Time OPTIONAL, 84 notAfter [1] Time OPTIONAL 85 } -- OptionalValidity -- OPTIONAL, 86 subject [5] IMPLICIT CHOICE { 87 rdnSequence CRMFRDNSequence 88 } -- Name -- OPTIONAL, 89 publicKey [6] IMPLICIT SEQUENCE { 90 algorithm AlgorithmIdentifier, 91 subjectPublicKey BIT STRING OPTIONAL 92 } -- SubjectPublicKeyInfo -- OPTIONAL, 93 issuerUID [7] IMPLICIT BIT STRING OPTIONAL, 94 subjectUID [8] IMPLICIT BIT STRING OPTIONAL, 95 extensions [9] IMPLICIT SEQUENCE OF Extension OPTIONAL 96} 97 98CertRequest ::= SEQUENCE { 99 certReqId INTEGER, 100 certTemplate CertTemplate, 101 controls Controls OPTIONAL 102} 103 104CertReqMsg ::= SEQUENCE { 105 certReq CertRequest, 106 popo ProofOfPossession OPTIONAL, 107 regInfo SEQUENCE OF AttributeTypeAndValue OPTIONAL } 108 109CertReqMessages ::= SEQUENCE OF CertReqMsg 110 111 112END 113 114