|
|
------------------------------------------------------------------------------ X509.ASN---- ASN.1 definitions for X509 v3 certificates----------------------------------------------------------------------------
--#comment "Copyright (C) Microsoft Corporation, 1996-1999. All rights reserved."----#comment "ASN.1 definitions for X509 v3 certificates"--
--#SS.basic lenptr-- -- set of and sequence of w/o size constraint--#SS.sized lenptr-- -- set of and sequence of w/ size constraint
X509DEFINITIONS EXPLICIT TAGS ::=BEGIN
HUGEINTEGER ::= INTEGER --#intx-- -- tag 0x02 BITSTRING ::= BIT STRING --#lenptr-- --#nomemcpy-- -- tag 0x03 OCTETSTRING ::= OCTET STRING --#lenptr-- --#nomemcpy-- -- tag 0x04 NOCOPYANY ::= ANY --#nomemcpy--
NUMERICSTRING ::= NumericString --#lenptr-- -- tag 0x12 (18) PRINTABLESTRING ::= PrintableString --#lenptr-- -- tag 0x13 (19) TELETEXSTRING ::= TeletexString --#lenptr-- -- tag 0x14 (20) T61STRING ::= T61String --#lenptr-- -- tag 0x14 (20) VIDEOTEXSTRING ::= VideotexString --#lenptr-- -- tag 0x15 (21) IA5STRING ::= IA5String --#lenptr-- -- tag 0x16 (22) GRAPHICSTRING ::= GraphicString --#lenptr-- -- tag 0x19 (25) VISIBLESTRING ::= VisibleString --#lenptr-- -- tag 0x1A (26) ISO646STRING ::= ISO646String --#lenptr-- -- tag 0x1A (26) GENERALSTRING ::= GeneralString --#lenptr-- -- tag 0x1B (27) UNIVERSALSTRING ::= UniversalString --#lenptr-- -- tag 0x1C (28) BMPSTRING ::= BMPString --#lenptr-- -- tag 0x1E (30) UTF8STRING ::= UTF8String --#lenptr-- -- tag 0x0C (12)
EncodedObjectID ::= OBJECT IDENTIFIER --#public-- --#oid packed--
-------------------------------------------- -- Choice of Any string -------------------------------------------- AnyString ::= CHOICE { octetString OCTETSTRING, -- tag 0x04 (04) numericString NUMERICSTRING, -- tag 0x12 (18) printableString PRINTABLESTRING, -- tag 0x13 (19) teletexString TELETEXSTRING, -- tag 0x14 (20) (t61String) videotexString VIDEOTEXSTRING, -- tag 0x15 (21) ia5String IA5STRING, -- tag 0x16 (22) graphicString GRAPHICSTRING, -- tag 0x19 (25) visibleString VISIBLESTRING, -- tag 0x1A (26) (iso646String) generalString GENERALSTRING, -- tag 0x1B (27) universalString UNIVERSALSTRING, -- tag 0x1C (28) bmpString BMPSTRING, -- tag 0x1E (30) utf8String UTF8STRING -- tag 0x0C (12) } --#public--
-------------------------------------------- -- Encoded Bits -------------------------------------------- Bits ::= BITSTRING --#public--
-------------------------------------------- -- Algorithm Identifier -------------------------------------------- AlgorithmIdentifier ::= SEQUENCE { algorithm EncodedObjectID, parameters NOCOPYANY OPTIONAL }
-------------------------------------------- -- Name, Attributes -------------------------------------------- Name ::= SEQUENCE --#public-- OF RelativeDistinguishedName RelativeDistinguishedName ::= SET OF AttributeTypeValue AttributeTypeValue ::= SEQUENCE { type EncodedObjectID, value NOCOPYANY }
Attribute ::= SEQUENCE { type EncodedObjectID, values AttributeSetValue } --#public--
AttributeSetValue ::= SET OF NOCOPYANY Attributes ::= SET --#public-- OF Attribute
-------------------------------------------- -- From PKCS #1: ASN.1 representation for public key -------------------------------------------- RSAPublicKey ::= SEQUENCE { modulus HUGEINTEGER, -- n publicExponent INTEGER (0..4294967295) -- e } --#public--
-------------------------------------------- -- DSS Public Key Parameters -------------------------------------------- DSSParameters ::= SEQUENCE { p HUGEINTEGER, q HUGEINTEGER, g HUGEINTEGER } --#public--
-------------------------------------------- -- DSS Signature -------------------------------------------- DSSSignature ::= SEQUENCE { r HUGEINTEGER, s HUGEINTEGER } --#public--
-------------------------------------------- -- DH Public Key Parameters -------------------------------------------- DHParameters ::= SEQUENCE { p HUGEINTEGER, g HUGEINTEGER, privateValueLength HUGEINTEGER OPTIONAL } --#public--
-------------------------------------------- -- X942 DH Public Key Parameters -------------------------------------------- X942DhParameters ::= SEQUENCE { p HUGEINTEGER, g HUGEINTEGER, q HUGEINTEGER, j HUGEINTEGER OPTIONAL, validationParams X942DhValidationParams OPTIONAL } --#public--
X942DhValidationParams ::= SEQUENCE { seed BITSTRING, pgenCounter INTEGER (0..4294967295) }
-------------------------------------------- -- X942 DH OtherInfo -------------------------------------------- X942DhOtherInfo ::= SEQUENCE { keyInfo X942DhKeySpecificInfo, pubInfo [0] EXPLICIT OCTETSTRING OPTIONAL, keyLength [2] EXPLICIT OCTETSTRING -- SIZE (4..4) } --<PDU>--
X942DhKeySpecificInfo ::= SEQUENCE { algorithm EncodedObjectID, counter OCTETSTRING -- SIZE (4..4) }
-------------------------------------------- -- RC2 CBC Parameters -------------------------------------------- RC2CBCParameters ::= SEQUENCE { version INTEGER, iv OCTETSTRING OPTIONAL } --#public--
-------------------------------------------- -- SMIME Capabilities -------------------------------------------- SMIMECapability ::= SEQUENCE { capabilityID EncodedObjectID, smimeParameters NOCOPYANY OPTIONAL } SMIMECapabilities ::= SEQUENCE --#public-- OF SMIMECapability
-------------------------------------------- -- Subject Public Key Info -------------------------------------------- SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BITSTRING } --#public--
-------------------------------------------- -- Choice of Time: UTCTime before 2005, GeneralizedTime -- starting in 2005. -------------------------------------------- ChoiceOfTime ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime } --#public--
-------------------------------------------- -- X509 Certificate -------------------------------------------- CertificateToBeSigned ::= SEQUENCE { version [0] CertificateVersion DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer NOCOPYANY, -- really Name validity Validity, subject NOCOPYANY, -- really Name subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL, extensions [3] Extensions OPTIONAL } --#public--
CertificateVersion ::= INTEGER {v1(0), v2(1), v3(2)}
CertificateSerialNumber ::= HUGEINTEGER
Validity ::= SEQUENCE { notBefore ChoiceOfTime, notAfter ChoiceOfTime }
UniqueIdentifier ::= BITSTRING
Extensions ::= SEQUENCE --#public-- OF Extension
Extension ::= SEQUENCE { extnId EncodedObjectID, critical BOOLEAN DEFAULT FALSE, extnValue OCTETSTRING }
-------------------------------------------- -- Signed Content: Cert, CRL or Cert Request -------------------------------------------- SignedContent ::= SEQUENCE { toBeSigned NOCOPYANY, algorithm AlgorithmIdentifier, signature BITSTRING } --#public--
-------------------------------------------- -- CRLs -------------------------------------------- CertificateRevocationListToBeSigned ::= SEQUENCE { version CRLVersion OPTIONAL, -- if present, must be v2 signature AlgorithmIdentifier, issuer NOCOPYANY, -- really Name thisUpdate ChoiceOfTime, nextUpdate ChoiceOfTime OPTIONAL, revokedCertificates RevokedCertificates OPTIONAL, crlExtensions [0] Extensions OPTIONAL } --#public--
CRLVersion ::= INTEGER {v1(0), v2(1)}
RevokedCertificates ::= SEQUENCE OF CRLEntry
CRLEntry ::= SEQUENCE{ userCertificate CertificateSerialNumber, revocationDate ChoiceOfTime, crlEntryExtensions Extensions OPTIONAL }
-------------------------------------------- -- Certificate Request -------------------------------------------- CertificationRequestInfo ::= SEQUENCE { version CertificationRequestInfoVersion, subject NOCOPYANY, -- really Name subjectPublicKeyInfo SubjectPublicKeyInfo, attributes [0] IMPLICIT Attributes } --#public--
-------------------------------------------- -- Certificate Request (some have interpretted attributes -- as being optional) -------------------------------------------- CertificationRequestInfoDecode ::= SEQUENCE { version CertificationRequestInfoVersion, subject NOCOPYANY, -- really Name subjectPublicKeyInfo SubjectPublicKeyInfo, attributes [0] IMPLICIT Attributes OPTIONAL } --#public--
CertificationRequestInfoVersion ::= INTEGER
-------------------------------------------- -- Netscape's Keygen Request -------------------------------------------- KeygenRequestInfo ::= SEQUENCE { subjectPublicKeyInfo SubjectPublicKeyInfo, challenge IA5STRING } --#public--
-------------------------------------------- -- X509 Extensions --------------------------------------------
-------------------------------------------- -- Authority Key Identifier -- -- A CA may have more than one certificate. -- This extension is used to identify which -- CA certificate must be used. Non-Critical -- -- Because Name has a CHOICE, [1] needs to be EXPLICIT. -------------------------------------------- AuthorityKeyId ::= SEQUENCE { keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL, certIssuer [1] EXPLICIT NOCOPYANY OPTIONAL, -- really Name certSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL } --#public--
KeyIdentifier ::= OCTETSTRING
-------------------------------------------- -- Key Attributes -- -- Certificates are either used for Signature verification -- or date encryption. One certificate cannot be used to do both -- The primary use if this extension is to provide an identifier -- for the intended use of that key. -------------------------------------------- KeyAttributes ::= SEQUENCE { keyIdentifier KeyIdentifier OPTIONAL, intendedKeyUsage KeyUsage OPTIONAL, privateKeyUsagePeriod PrivateKeyValidity OPTIONAL } --#public--
KeyUsage ::= BITSTRING
PrivateKeyValidity ::= SEQUENCE { notBefore [0] IMPLICIT GeneralizedTime OPTIONAL, notAfter [1] IMPLICIT GeneralizedTime OPTIONAL }
-------------------------------------------- -- Key Usage Restriction -- -- This extension indicates a restriction imposed as to the purposes -- for which, and the policies under which the certified public key may -- be used -------------------------------------------- KeyUsageRestriction ::= SEQUENCE { certPolicySet CertPolicySet OPTIONAL, restrictedKeyUsage KeyUsage OPTIONAL } --#public--
CertPolicySet ::= SEQUENCE OF CertPolicyId CertPolicyId ::= SEQUENCE OF CertPolicyElementId CertPolicyElementId ::= EncodedObjectID
-------------------------------------------- -- AltNames -- -- This extension contains one or more alternative names -- using any variety of name forms that are bound by the -- CA to the certified public key. -- -- Because Name has a CHOICE, [4] needs to be EXPLICIT. -------------------------------------------- AltNames ::= SEQUENCE --#public-- OF GeneralName GeneralNames ::= AltNames
GeneralName ::= CHOICE { otherName [0] IMPLICIT OtherName, rfc822Name [1] IMPLICIT IA5STRING, dNSName [2] IMPLICIT IA5STRING, x400Address [3] IMPLICIT SeqOfAny, directoryName [4] EXPLICIT NOCOPYANY, -- really Name ediPartyName [5] IMPLICIT SeqOfAny, uniformResourceLocator [6] IMPLICIT IA5STRING, iPAddress [7] IMPLICIT OCTETSTRING, registeredID [8] IMPLICIT EncodedObjectID }
OtherName ::= SEQUENCE { type EncodedObjectID, value [0] EXPLICIT NOCOPYANY }
-- Because AnyString has a CHOICE, [0], [1] need to be EXPLICIT. EDIPartyName ::= SEQUENCE { nameAssigner [0] EXPLICIT NOCOPYANY OPTIONAL, partyName [1] EXPLICIT NOCOPYANY }
-------------------------------------------- -- Basic Constraints Extension -- -- This extension indicates whether the certified subject may act -- as a CA, an end entity or both -------------------------------------------- BasicConstraints ::= SEQUENCE { subjectType SubjectType, pathLenConstraint INTEGER OPTIONAL, subtreesConstraint SubtreesConstraint OPTIONAL } --#public--
SubjectType ::= BITSTRING SubtreesConstraint ::= SEQUENCE OF NOCOPYANY -- really OF Name
-------------------------------------------- -- Basic Constraints #2 Extension (Added for S/MIME) (2.5.29.19) -- -- This extension serves to delimit the role and position of an -- issuing authority or end-user certificate plays in a chain of -- certificates. -------------------------------------------- BasicConstraints2 ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER OPTIONAL } --#public--
-------------------------------------------- -- Key Usage Extension (Added for S/MIME) (2.5.29.15) -- -- This extension serves to limit the technical purposes for which a -- public key listed in a valid certificate may be used. ---------------------------------------------- KeyUsageExtension ::= Bits
-------------------------------------------- -- Certificate Policies Extension (Added for S/MIME) (2.5.29.32) -- -- This extension limits a certificate to the practices required by -- relying parties. -------------------------------------------- CertificatePolicies ::= SEQUENCE --#public-- OF PolicyInformation
PolicyInformation ::= SEQUENCE { policyIdentifier EncodedObjectID, policyQualifiers PolicyQualifiers OPTIONAL }
PolicyQualifiers ::= SEQUENCE OF PolicyQualifierInfo
PolicyQualifierInfo ::= SEQUENCE { policyQualifierId EncodedObjectID, qualifier NOCOPYANY OPTIONAL }
UserNotice ::= SEQUENCE { noticeRef NoticeReference OPTIONAL, explicitText DisplayText OPTIONAL } --#public--
NoticeReference ::= SEQUENCE { organization IA5String, noticeNumbers SEQUENCE OF INTEGER }
DisplayText ::= CHOICE { theVisibleString VisibleString, theBMPString BMPString } -- This is to support the old definition of policies and qualifiers CertificatePolicies95 ::= SEQUENCE --#public-- OF PolicyQualifiers VerisignQualifier1 ::= SEQUENCE { practicesReference IA5String OPTIONAL, noticeId [0] EXPLICIT EncodedObjectID OPTIONAL, nsiNoticeId [1] EXPLICIT EncodedObjectID OPTIONAL, cpsURLs CpsURLs OPTIONAL } --#public--
CpsURLs ::= SEQUENCE OF SEQUENCE { url IA5String, digestAlgorithmId AlgorithmIdentifier OPTIONAL, digest OCTETSTRING OPTIONAL }
-------------------------------------------- -- Authority Key Identifier #2 (2.5.29.35) -- -- A CA may have more than one certificate. -- This extension is used to identify which -- CA certificate must be used. Non-Critical -------------------------------------------- AuthorityKeyId2 ::= SEQUENCE { keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL, authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL, authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL } --#public--
-------------------------------------------- -- Authority Information Access certificate Extension -- -- The authority information access extension indicates how to access CA -- information and services for the issuer of the certificate in which -- the extension appears. This extension may be -- included in subject or CA certificates and may be critical or non- -- critical. -------------------------------------------- AccessDescription ::= SEQUENCE { accessMethod EncodedObjectID, accessLocation GeneralName }
AuthorityInfoAccess ::= SEQUENCE --#public-- OF AccessDescription
-------------------------------------------- -- CRL Distribution Points Extension -------------------------------------------- CRLDistributionPoints ::= SEQUENCE --#public-- OF DistributionPoint
DistributionPoint ::= SEQUENCE { distributionPoint [0] EXPLICIT DistributionPointName OPTIONAL, reasons [1] IMPLICIT ReasonFlags OPTIONAL, cRLIssuer [2] IMPLICIT GeneralNames OPTIONAL }
DistributionPointName ::= CHOICE { fullName [0] IMPLICIT GeneralNames, nameRelativeToCRLIssuer [1] IMPLICIT RelativeDistinguishedName }
ReasonFlags ::= BITSTRING
-------------------------------------------- -- Some predefined basic types used as extensions -------------------------------------------- IntegerType ::= INTEGER --#public-- HugeIntegerType ::= HUGEINTEGER --#public-- OctetStringType ::= OCTETSTRING --#public--
-- with -noconstraints OSS encode/decode allows any enumerated value EnumeratedType ::= ENUMERATED { dummyEnumerated0 (0) } --#public--
UtcTime ::= UTCTime --#public--
ContentInfo ::= SEQUENCE { contentType ContentType, content [0] EXPLICIT NOCOPYANY OPTIONAL } --#public--
ContentType ::= EncodedObjectID
ContentInfoSeqOfAny ::= SEQUENCE { contentType ContentType, contentSeqOfAny [0] EXPLICIT SeqOfAny OPTIONAL } --#public--
SeqOfAny ::= SEQUENCE --#public-- OF NOCOPYANY
TimeStampRequest ::= SEQUENCE { timeStampAlgorithm EncodedObjectID, attributesTS Attributes OPTIONAL, content ContentInfo } --#public--
ContentInfoOTS ::= SEQUENCE { contentTypeOTS ContentType, contentOTS [0] EXPLICIT OCTETSTRING OPTIONAL } --#public--
TimeStampRequestOTS ::= SEQUENCE { timeStampAlgorithmOTS EncodedObjectID, attributesOTS Attributes OPTIONAL, contentOTS ContentInfoOTS } --#public--
-------------------------------------------- -- Enhanced Key Usage Extension (2.5.29.32) -------------------------------------------- EnhancedKeyUsage ::= SEQUENCE --#public-- OF UsageIdentifier
UsageIdentifier ::= EncodedObjectID
-------------------------------------------- -- Certificate Trust List (CTL) -------------------------------------------- CertificateTrustList ::= SEQUENCE { version CTLVersion DEFAULT v1, subjectUsage SubjectUsage, listIdentifier ListIdentifier OPTIONAL, sequenceNumber HUGEINTEGER OPTIONAL, ctlThisUpdate ChoiceOfTime, ctlNextUpdate ChoiceOfTime OPTIONAL, subjectAlgorithm AlgorithmIdentifier, trustedSubjects TrustedSubjects OPTIONAL, ctlExtensions [0] EXPLICIT Extensions OPTIONAL } --#public--
CTLVersion ::= INTEGER {v1(0)}
SubjectUsage ::= EnhancedKeyUsage
ListIdentifier ::= OCTETSTRING
TrustedSubjects ::= SEQUENCE OF TrustedSubject
TrustedSubject ::= SEQUENCE{ subjectIdentifier SubjectIdentifier, subjectAttributes Attributes OPTIONAL }
SubjectIdentifier ::= OCTETSTRING
----------------------------------------------------------------------- -- Enrollment Name Value Pair Authenticated Attributes in RA PKCS7s ----------------------------------------------------------------------- EnrollmentNameValuePair ::= SEQUENCE { name BMPSTRING, value BMPSTRING } --#public--
----------------------------------------------------------------------- -- PKCS10 Attribute to decribe the CSP Provider used ----------------------------------------------------------------------- CSPProvider ::= SEQUENCE { keySpec INTEGER, cspName BMPSTRING, signature BITSTRING } --#public--
----------------------------------------------------------------------- -- CertificatePair Attribute ----------------------------------------------------------------------- CertificatePair ::= SEQUENCE { forward [0] EXPLICIT NOCOPYANY OPTIONAL, reverse [1] EXPLICIT NOCOPYANY OPTIONAL } --#public--
-------------------------------------------- -- Name Constraints Extension -------------------------------------------- NameConstraints ::= SEQUENCE { permittedSubtrees [0] IMPLICIT GeneralSubtrees OPTIONAL, excludedSubtrees [1] IMPLICIT GeneralSubtrees OPTIONAL } --#public--
GeneralSubtrees ::= SEQUENCE OF GeneralSubtree
GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] IMPLICIT BaseDistance DEFAULT 0, maximum [1] IMPLICIT BaseDistance OPTIONAL }
BaseDistance ::= INTEGER (0..4294967295)
-------------------------------------------- -- CRL Issuing Distribution Point Extension -------------------------------------------- IssuingDistributionPoint ::= SEQUENCE { issuingDistributionPoint [0] EXPLICIT DistributionPointName OPTIONAL, onlyContainsUserCerts [1] IMPLICIT BOOLEAN DEFAULT FALSE, onlyContainsCACerts [2] IMPLICIT BOOLEAN DEFAULT FALSE, onlySomeReasons [3] IMPLICIT ReasonFlags OPTIONAL, indirectCRL [4] IMPLICIT BOOLEAN DEFAULT FALSE } --#public--
-------------------------------------------- -- Cross Cert Distribution Points Extension -------------------------------------------- CrossCertDistPoints ::= SEQUENCE { syncDeltaTime INTEGER (0..4294967295) OPTIONAL, crossCertDistPointNames CrossCertDistPointNames } --#public--
CrossCertDistPointNames ::= SEQUENCE OF GeneralNames
-------------------------------------------- -- Policy Mappings Extension -------------------------------------------- PolicyMappings ::= SEQUENCE --#public-- OF PolicyMapping
PolicyMapping ::= SEQUENCE { issuerDomainPolicy EncodedObjectID, subjectDomainPolicy EncodedObjectID }
-------------------------------------------- -- Policy Constraints Extension -------------------------------------------- PolicyConstraints ::= SEQUENCE { requireExplicitPolicy [0] IMPLICIT SkipCerts OPTIONAL, inhibitPolicyMapping [1] IMPLICIT SkipCerts OPTIONAL } --#public--
SkipCerts ::= INTEGER (0..4294967295)
-------------------------------------------- -- CMC Data Structures -------------------------------------------- CmcData ::= SEQUENCE { controlSequence ControlSequence, reqSequence ReqSequence, cmsSequence CmsSequence, otherMsgSequence OtherMsgSequence } --#public--
CmcResponseBody ::= SEQUENCE { controlSequence ControlSequence, cmsSequence CmsSequence, otherMsgSequence OtherMsgSequence } --#public--
ControlSequence ::= SEQUENCE OF TaggedAttribute ReqSequence ::= SEQUENCE OF TaggedRequest CmsSequence ::= SEQUENCE OF TaggedContentInfo OtherMsgSequence ::= SEQUENCE OF TaggedOtherMsg
BodyPartID ::= INTEGER (0..4294967295) BodyPartIDSequence ::= SEQUENCE OF BodyPartID
TaggedAttribute ::= SEQUENCE { bodyPartID BodyPartID, type EncodedObjectID, values AttributeSetValue }
TaggedRequest ::= CHOICE { tcr [0] IMPLICIT TaggedCertificationRequest }
TaggedCertificationRequest ::= SEQUENCE { bodyPartID BodyPartID, certificationRequest NOCOPYANY }
TaggedContentInfo ::= SEQUENCE { bodyPartID BodyPartID, contentInfo NOCOPYANY }
TaggedOtherMsg ::= SEQUENCE { bodyPartID BodyPartID, otherMsgType EncodedObjectID, otherMsgValue NOCOPYANY }
CmcStatusInfo ::= SEQUENCE { cmcStatus INTEGER (0..4294967295), bodyList BodyPartIDSequence, statusString UTF8STRING OPTIONAL, otherInfo CHOICE { failInfo INTEGER (0..4294967295), pendInfo PendInfo } OPTIONAL } --#public--
PendInfo ::= SEQUENCE { pendToken OCTETSTRING, pendTime GeneralizedTime }
CmcAddExtensions ::= SEQUENCE { pkiDataReference BodyPartID, certReferences BodyPartIDSequence, extensions Extensions } --#public--
CmcAddAttributes ::= SEQUENCE { pkiDataReference BodyPartID, certReferences BodyPartIDSequence, attributes Attributes } --#public--
-------------------------------------------- -- Certificate Template -------------------------------------------- CertificateTemplate ::= SEQUENCE { templateID EncodedObjectID, templateMajorVersion TemplateVersion, templateMinorVersion TemplateVersion OPTIONAL } --#public--
TemplateVersion ::= INTEGER (0..4294967295)
END
|
