archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
 
 
 
 
 
 
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/cryptoapi/pki/certstor/x509.asn

777 lines
28 KiB
Raw Blame History

----------------------------------------------------------------------------
-- X509.ASN
--
-- ASN.1 definitions for X509 v3 certificates
----------------------------------------------------------------------------
--#comment "Copyright (C) Microsoft Corporation, 1996-1999. All rights reserved."--
--#comment "ASN.1 definitions for X509 v3 certificates"--
--#SS.basic lenptr-- -- set of and sequence of w/o size constraint
--#SS.sized lenptr-- -- set of and sequence of w/ size constraint
X509
DEFINITIONS EXPLICIT TAGS ::=
BEGIN
HUGEINTEGER ::= INTEGER --#intx-- -- tag 0x02
BITSTRING ::= BIT STRING --#lenptr-- --#nomemcpy-- -- tag 0x03
OCTETSTRING ::= OCTET STRING --#lenptr-- --#nomemcpy-- -- tag 0x04
NOCOPYANY ::= ANY --#nomemcpy--
NUMERICSTRING ::= NumericString --#lenptr-- -- tag 0x12 (18)
PRINTABLESTRING ::= PrintableString --#lenptr-- -- tag 0x13 (19)
TELETEXSTRING ::= TeletexString --#lenptr-- -- tag 0x14 (20)
T61STRING ::= T61String --#lenptr-- -- tag 0x14 (20)
VIDEOTEXSTRING ::= VideotexString --#lenptr-- -- tag 0x15 (21)
IA5STRING ::= IA5String --#lenptr-- -- tag 0x16 (22)
GRAPHICSTRING ::= GraphicString --#lenptr-- -- tag 0x19 (25)
VISIBLESTRING ::= VisibleString --#lenptr-- -- tag 0x1A (26)
ISO646STRING ::= ISO646String --#lenptr-- -- tag 0x1A (26)
GENERALSTRING ::= GeneralString --#lenptr-- -- tag 0x1B (27)
UNIVERSALSTRING ::= UniversalString --#lenptr-- -- tag 0x1C (28)
BMPSTRING ::= BMPString --#lenptr-- -- tag 0x1E (30)
UTF8STRING ::= UTF8String --#lenptr-- -- tag 0x0C (12)
EncodedObjectID ::= OBJECT IDENTIFIER --#public-- --#oid packed--
--------------------------------------------
-- Choice of Any string
--------------------------------------------
AnyString ::= CHOICE {
octetString OCTETSTRING, -- tag 0x04 (04)
numericString NUMERICSTRING, -- tag 0x12 (18)
printableString PRINTABLESTRING, -- tag 0x13 (19)
teletexString TELETEXSTRING, -- tag 0x14 (20) (t61String)
videotexString VIDEOTEXSTRING, -- tag 0x15 (21)
ia5String IA5STRING, -- tag 0x16 (22)
graphicString GRAPHICSTRING, -- tag 0x19 (25)
visibleString VISIBLESTRING, -- tag 0x1A (26) (iso646String)
generalString GENERALSTRING, -- tag 0x1B (27)
universalString UNIVERSALSTRING, -- tag 0x1C (28)
bmpString BMPSTRING, -- tag 0x1E (30)
utf8String UTF8STRING -- tag 0x0C (12)
} --#public--
--------------------------------------------
-- Encoded Bits
--------------------------------------------
Bits ::= BITSTRING --#public--
--------------------------------------------
-- Algorithm Identifier
--------------------------------------------
AlgorithmIdentifier ::= SEQUENCE {
algorithm EncodedObjectID,
parameters NOCOPYANY OPTIONAL
}
--------------------------------------------
-- Name, Attributes
--------------------------------------------
Name ::= SEQUENCE --#public-- OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET OF AttributeTypeValue
AttributeTypeValue ::= SEQUENCE {
type EncodedObjectID,
value NOCOPYANY
}
Attribute ::= SEQUENCE {
type EncodedObjectID,
values AttributeSetValue
} --#public--
AttributeSetValue ::= SET OF NOCOPYANY
Attributes ::= SET --#public-- OF Attribute
--------------------------------------------
-- From PKCS #1: ASN.1 representation for public key
--------------------------------------------
RSAPublicKey ::= SEQUENCE {
modulus HUGEINTEGER, -- n
publicExponent INTEGER (0..4294967295) -- e
} --#public--
--------------------------------------------
-- DSS Public Key Parameters
--------------------------------------------
DSSParameters ::= SEQUENCE {
p HUGEINTEGER,
q HUGEINTEGER,
g HUGEINTEGER
} --#public--
--------------------------------------------
-- DSS Signature
--------------------------------------------
DSSSignature ::= SEQUENCE {
r HUGEINTEGER,
s HUGEINTEGER
} --#public--
--------------------------------------------
-- DH Public Key Parameters
--------------------------------------------
DHParameters ::= SEQUENCE {
p HUGEINTEGER,
g HUGEINTEGER,
privateValueLength HUGEINTEGER OPTIONAL
} --#public--
--------------------------------------------
-- X942 DH Public Key Parameters
--------------------------------------------
X942DhParameters ::= SEQUENCE {
p HUGEINTEGER,
g HUGEINTEGER,
q HUGEINTEGER,
j HUGEINTEGER OPTIONAL,
validationParams X942DhValidationParams OPTIONAL
} --#public--
X942DhValidationParams ::= SEQUENCE {
seed BITSTRING,
pgenCounter INTEGER (0..4294967295)
}
--------------------------------------------
-- X942 DH OtherInfo
--------------------------------------------
X942DhOtherInfo ::= SEQUENCE {
keyInfo X942DhKeySpecificInfo,
pubInfo [0] EXPLICIT OCTETSTRING OPTIONAL,
keyLength [2] EXPLICIT OCTETSTRING -- SIZE (4..4)
} --<PDU>--
X942DhKeySpecificInfo ::= SEQUENCE {
algorithm EncodedObjectID,
counter OCTETSTRING -- SIZE (4..4)
}
--------------------------------------------
-- RC2 CBC Parameters
--------------------------------------------
RC2CBCParameters ::= SEQUENCE {
version INTEGER,
iv OCTETSTRING OPTIONAL
} --#public--
--------------------------------------------
-- SMIME Capabilities
--------------------------------------------
SMIMECapability ::= SEQUENCE {
capabilityID EncodedObjectID,
smimeParameters NOCOPYANY OPTIONAL
}
SMIMECapabilities ::= SEQUENCE --#public-- OF SMIMECapability
--------------------------------------------
-- Subject Public Key Info
--------------------------------------------
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BITSTRING
} --#public--
--------------------------------------------
-- Choice of Time: UTCTime before 2005, GeneralizedTime
-- starting in 2005.
--------------------------------------------
ChoiceOfTime ::= CHOICE {
utcTime UTCTime,
generalTime GeneralizedTime
} --#public--
--------------------------------------------
-- X509 Certificate
--------------------------------------------
CertificateToBeSigned ::= SEQUENCE {
version [0] CertificateVersion DEFAULT v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer NOCOPYANY, -- really Name
validity Validity,
subject NOCOPYANY, -- really Name
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL,
extensions [3] Extensions OPTIONAL
} --#public--
CertificateVersion ::= INTEGER {v1(0), v2(1), v3(2)}
CertificateSerialNumber ::= HUGEINTEGER
Validity ::= SEQUENCE {
notBefore ChoiceOfTime,
notAfter ChoiceOfTime
}
UniqueIdentifier ::= BITSTRING
Extensions ::= SEQUENCE --#public-- OF Extension
Extension ::= SEQUENCE {
extnId EncodedObjectID,
critical BOOLEAN DEFAULT FALSE,
extnValue OCTETSTRING
}
--------------------------------------------
-- Signed Content: Cert, CRL or Cert Request
--------------------------------------------
SignedContent ::= SEQUENCE {
toBeSigned NOCOPYANY,
algorithm AlgorithmIdentifier,
signature BITSTRING
} --#public--
--------------------------------------------
-- CRLs
--------------------------------------------
CertificateRevocationListToBeSigned ::= SEQUENCE {
version CRLVersion OPTIONAL, -- if present, must be v2
signature AlgorithmIdentifier,
issuer NOCOPYANY, -- really Name
thisUpdate ChoiceOfTime,
nextUpdate ChoiceOfTime OPTIONAL,
revokedCertificates RevokedCertificates OPTIONAL,
crlExtensions [0] Extensions OPTIONAL
} --#public--
CRLVersion ::= INTEGER {v1(0), v2(1)}
RevokedCertificates ::= SEQUENCE OF CRLEntry
CRLEntry ::= SEQUENCE{
userCertificate CertificateSerialNumber,
revocationDate ChoiceOfTime,
crlEntryExtensions Extensions OPTIONAL
}
--------------------------------------------
-- Certificate Request
--------------------------------------------
CertificationRequestInfo ::= SEQUENCE {
version CertificationRequestInfoVersion,
subject NOCOPYANY, -- really Name
subjectPublicKeyInfo SubjectPublicKeyInfo,
attributes [0] IMPLICIT Attributes
} --#public--
--------------------------------------------
-- Certificate Request (some have interpretted attributes
-- as being optional)
--------------------------------------------
CertificationRequestInfoDecode ::= SEQUENCE {
version CertificationRequestInfoVersion,
subject NOCOPYANY, -- really Name
subjectPublicKeyInfo SubjectPublicKeyInfo,
attributes [0] IMPLICIT Attributes OPTIONAL
} --#public--
CertificationRequestInfoVersion ::= INTEGER
--------------------------------------------
-- Netscape's Keygen Request
--------------------------------------------
KeygenRequestInfo ::= SEQUENCE {
subjectPublicKeyInfo SubjectPublicKeyInfo,
challenge IA5STRING
} --#public--
--------------------------------------------
-- X509 Extensions
--------------------------------------------
--------------------------------------------
-- Authority Key Identifier
--
-- A CA may have more than one certificate.
-- This extension is used to identify which
-- CA certificate must be used. Non-Critical
--
-- Because Name has a CHOICE, [1] needs to be EXPLICIT.
--------------------------------------------
AuthorityKeyId ::= SEQUENCE {
keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL,
certIssuer [1] EXPLICIT NOCOPYANY OPTIONAL, -- really Name
certSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL
} --#public--
KeyIdentifier ::= OCTETSTRING
--------------------------------------------
-- Key Attributes
--
-- Certificates are either used for Signature verification
-- or date encryption. One certificate cannot be used to do both
-- The primary use if this extension is to provide an identifier
-- for the intended use of that key.
--------------------------------------------
KeyAttributes ::= SEQUENCE {
keyIdentifier KeyIdentifier OPTIONAL,
intendedKeyUsage KeyUsage OPTIONAL,
privateKeyUsagePeriod PrivateKeyValidity OPTIONAL
} --#public--
KeyUsage ::= BITSTRING
PrivateKeyValidity ::= SEQUENCE {
notBefore [0] IMPLICIT GeneralizedTime OPTIONAL,
notAfter [1] IMPLICIT GeneralizedTime OPTIONAL
}
--------------------------------------------
-- Key Usage Restriction
--
-- This extension indicates a restriction imposed as to the purposes
-- for which, and the policies under which the certified public key may
-- be used
--------------------------------------------
KeyUsageRestriction ::= SEQUENCE {
certPolicySet CertPolicySet OPTIONAL,
restrictedKeyUsage KeyUsage OPTIONAL
} --#public--
CertPolicySet ::= SEQUENCE OF CertPolicyId
CertPolicyId ::= SEQUENCE OF CertPolicyElementId
CertPolicyElementId ::= EncodedObjectID
--------------------------------------------
-- AltNames
--
-- This extension contains one or more alternative names
-- using any variety of name forms that are bound by the
-- CA to the certified public key.
--
-- Because Name has a CHOICE, [4] needs to be EXPLICIT.
--------------------------------------------
AltNames ::= SEQUENCE --#public-- OF GeneralName
GeneralNames ::= AltNames
GeneralName ::= CHOICE {
otherName [0] IMPLICIT OtherName,
rfc822Name [1] IMPLICIT IA5STRING,
dNSName [2] IMPLICIT IA5STRING,
x400Address [3] IMPLICIT SeqOfAny,
directoryName [4] EXPLICIT NOCOPYANY, -- really Name
ediPartyName [5] IMPLICIT SeqOfAny,
uniformResourceLocator [6] IMPLICIT IA5STRING,
iPAddress [7] IMPLICIT OCTETSTRING,
registeredID [8] IMPLICIT EncodedObjectID
}
OtherName ::= SEQUENCE {
type EncodedObjectID,
value [0] EXPLICIT NOCOPYANY
}
-- Because AnyString has a CHOICE, [0], [1] need to be EXPLICIT.
EDIPartyName ::= SEQUENCE {
nameAssigner [0] EXPLICIT NOCOPYANY OPTIONAL,
partyName [1] EXPLICIT NOCOPYANY
}
--------------------------------------------
-- Basic Constraints Extension
--
-- This extension indicates whether the certified subject may act
-- as a CA, an end entity or both
--------------------------------------------
BasicConstraints ::= SEQUENCE {
subjectType SubjectType,
pathLenConstraint INTEGER OPTIONAL,
subtreesConstraint SubtreesConstraint OPTIONAL
} --#public--
SubjectType ::= BITSTRING
SubtreesConstraint ::= SEQUENCE OF NOCOPYANY -- really OF Name
--------------------------------------------
-- Basic Constraints #2 Extension (Added for S/MIME) (2.5.29.19)
--
-- This extension serves to delimit the role and position of an
-- issuing authority or end-user certificate plays in a chain of
-- certificates.
--------------------------------------------
BasicConstraints2 ::= SEQUENCE {
cA BOOLEAN DEFAULT FALSE,
pathLenConstraint INTEGER OPTIONAL
} --#public--
--------------------------------------------
-- Key Usage Extension (Added for S/MIME) (2.5.29.15)
--
-- This extension serves to limit the technical purposes for which a
-- public key listed in a valid certificate may be used.
--------------------------------------------
-- KeyUsageExtension ::= Bits
--------------------------------------------
-- Certificate Policies Extension (Added for S/MIME) (2.5.29.32)
--
-- This extension limits a certificate to the practices required by
-- relying parties.
--------------------------------------------
CertificatePolicies ::= SEQUENCE --#public-- OF PolicyInformation
PolicyInformation ::= SEQUENCE {
policyIdentifier EncodedObjectID,
policyQualifiers PolicyQualifiers OPTIONAL
}
PolicyQualifiers ::= SEQUENCE OF PolicyQualifierInfo
PolicyQualifierInfo ::= SEQUENCE {
policyQualifierId EncodedObjectID,
qualifier NOCOPYANY OPTIONAL
}
UserNotice ::= SEQUENCE {
noticeRef NoticeReference OPTIONAL,
explicitText DisplayText OPTIONAL
} --#public--
NoticeReference ::= SEQUENCE {
organization IA5String,
noticeNumbers SEQUENCE OF INTEGER
}
DisplayText ::= CHOICE {
theVisibleString VisibleString,
theBMPString BMPString
}
-- This is to support the old definition of policies and qualifiers
CertificatePolicies95 ::= SEQUENCE --#public-- OF PolicyQualifiers
VerisignQualifier1 ::= SEQUENCE {
practicesReference IA5String OPTIONAL,
noticeId [0] EXPLICIT EncodedObjectID OPTIONAL,
nsiNoticeId [1] EXPLICIT EncodedObjectID OPTIONAL,
cpsURLs CpsURLs OPTIONAL
} --#public--
CpsURLs ::= SEQUENCE OF SEQUENCE {
url IA5String,
digestAlgorithmId AlgorithmIdentifier OPTIONAL,
digest OCTETSTRING OPTIONAL
}
--------------------------------------------
-- Authority Key Identifier #2 (2.5.29.35)
--
-- A CA may have more than one certificate.
-- This extension is used to identify which
-- CA certificate must be used. Non-Critical
--------------------------------------------
AuthorityKeyId2 ::= SEQUENCE {
keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL,
authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL,
authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL
} --#public--
--------------------------------------------
-- Authority Information Access certificate Extension
--
-- The authority information access extension indicates how to access CA
-- information and services for the issuer of the certificate in which
-- the extension appears. This extension may be
-- included in subject or CA certificates and may be critical or non-
-- critical.
--------------------------------------------
AccessDescription ::= SEQUENCE {
accessMethod EncodedObjectID,
accessLocation GeneralName
}
AuthorityInfoAccess ::= SEQUENCE --#public-- OF AccessDescription
--------------------------------------------
-- CRL Distribution Points Extension
--------------------------------------------
CRLDistributionPoints ::= SEQUENCE --#public-- OF DistributionPoint
DistributionPoint ::= SEQUENCE {
distributionPoint [0] EXPLICIT DistributionPointName OPTIONAL,
reasons [1] IMPLICIT ReasonFlags OPTIONAL,
cRLIssuer [2] IMPLICIT GeneralNames OPTIONAL
}
DistributionPointName ::= CHOICE {
fullName [0] IMPLICIT GeneralNames,
nameRelativeToCRLIssuer [1] IMPLICIT RelativeDistinguishedName
}
ReasonFlags ::= BITSTRING
--------------------------------------------
-- Some predefined basic types used as extensions
--------------------------------------------
IntegerType ::= INTEGER --#public--
HugeIntegerType ::= HUGEINTEGER --#public--
OctetStringType ::= OCTETSTRING --#public--
-- with -noconstraints OSS encode/decode allows any enumerated value
EnumeratedType ::= ENUMERATED {
dummyEnumerated0 (0)
} --#public--
UtcTime ::= UTCTime --#public--
ContentInfo ::= SEQUENCE {
contentType ContentType,
content [0] EXPLICIT NOCOPYANY OPTIONAL
} --#public--
ContentType ::= EncodedObjectID
ContentInfoSeqOfAny ::= SEQUENCE {
contentType ContentType,
contentSeqOfAny [0] EXPLICIT SeqOfAny OPTIONAL
} --#public--
SeqOfAny ::= SEQUENCE --#public-- OF NOCOPYANY
TimeStampRequest ::= SEQUENCE {
timeStampAlgorithm EncodedObjectID,
attributesTS Attributes OPTIONAL,
content ContentInfo
} --#public--
ContentInfoOTS ::= SEQUENCE {
contentTypeOTS ContentType,
contentOTS [0] EXPLICIT OCTETSTRING OPTIONAL
} --#public--
TimeStampRequestOTS ::= SEQUENCE {
timeStampAlgorithmOTS EncodedObjectID,
attributesOTS Attributes OPTIONAL,
contentOTS ContentInfoOTS
} --#public--
--------------------------------------------
-- Enhanced Key Usage Extension (2.5.29.32)
--------------------------------------------
EnhancedKeyUsage ::= SEQUENCE --#public-- OF UsageIdentifier
UsageIdentifier ::= EncodedObjectID
--------------------------------------------
-- Certificate Trust List (CTL)
--------------------------------------------
CertificateTrustList ::= SEQUENCE {
version CTLVersion DEFAULT v1,
subjectUsage SubjectUsage,
listIdentifier ListIdentifier OPTIONAL,
sequenceNumber HUGEINTEGER OPTIONAL,
ctlThisUpdate ChoiceOfTime,
ctlNextUpdate ChoiceOfTime OPTIONAL,
subjectAlgorithm AlgorithmIdentifier,
trustedSubjects TrustedSubjects OPTIONAL,
ctlExtensions [0] EXPLICIT Extensions OPTIONAL
} --#public--
CTLVersion ::= INTEGER {v1(0)}
SubjectUsage ::= EnhancedKeyUsage
ListIdentifier ::= OCTETSTRING
TrustedSubjects ::= SEQUENCE OF TrustedSubject
TrustedSubject ::= SEQUENCE{
subjectIdentifier SubjectIdentifier,
subjectAttributes Attributes OPTIONAL
}
SubjectIdentifier ::= OCTETSTRING
-----------------------------------------------------------------------
-- Enrollment Name Value Pair Authenticated Attributes in RA PKCS7s
-----------------------------------------------------------------------
EnrollmentNameValuePair ::= SEQUENCE {
name BMPSTRING,
value BMPSTRING
} --#public--
-----------------------------------------------------------------------
-- PKCS10 Attribute to decribe the CSP Provider used
-----------------------------------------------------------------------
CSPProvider ::= SEQUENCE {
keySpec INTEGER,
cspName BMPSTRING,
signature BITSTRING
} --#public--
-----------------------------------------------------------------------
-- CertificatePair Attribute
-----------------------------------------------------------------------
CertificatePair ::= SEQUENCE {
forward [0] EXPLICIT NOCOPYANY OPTIONAL,
reverse [1] EXPLICIT NOCOPYANY OPTIONAL
} --#public--
--------------------------------------------
-- Name Constraints Extension
--------------------------------------------
NameConstraints ::= SEQUENCE {
permittedSubtrees [0] IMPLICIT GeneralSubtrees OPTIONAL,
excludedSubtrees [1] IMPLICIT GeneralSubtrees OPTIONAL
} --#public--
GeneralSubtrees ::= SEQUENCE OF GeneralSubtree
GeneralSubtree ::= SEQUENCE {
base GeneralName,
minimum [0] IMPLICIT BaseDistance DEFAULT 0,
maximum [1] IMPLICIT BaseDistance OPTIONAL
}
BaseDistance ::= INTEGER (0..4294967295)
--------------------------------------------
-- CRL Issuing Distribution Point Extension
--------------------------------------------
IssuingDistributionPoint ::= SEQUENCE {
issuingDistributionPoint [0] EXPLICIT DistributionPointName OPTIONAL,
onlyContainsUserCerts [1] IMPLICIT BOOLEAN DEFAULT FALSE,
onlyContainsCACerts [2] IMPLICIT BOOLEAN DEFAULT FALSE,
onlySomeReasons [3] IMPLICIT ReasonFlags OPTIONAL,
indirectCRL [4] IMPLICIT BOOLEAN DEFAULT FALSE
} --#public--
--------------------------------------------
-- Cross Cert Distribution Points Extension
--------------------------------------------
CrossCertDistPoints ::= SEQUENCE {
syncDeltaTime INTEGER (0..4294967295) OPTIONAL,
crossCertDistPointNames CrossCertDistPointNames
} --#public--
CrossCertDistPointNames ::= SEQUENCE OF GeneralNames
--------------------------------------------
-- Policy Mappings Extension
--------------------------------------------
PolicyMappings ::= SEQUENCE --#public-- OF PolicyMapping
PolicyMapping ::= SEQUENCE {
issuerDomainPolicy EncodedObjectID,
subjectDomainPolicy EncodedObjectID
}
--------------------------------------------
-- Policy Constraints Extension
--------------------------------------------
PolicyConstraints ::= SEQUENCE {
requireExplicitPolicy [0] IMPLICIT SkipCerts OPTIONAL,
inhibitPolicyMapping [1] IMPLICIT SkipCerts OPTIONAL
} --#public--
SkipCerts ::= INTEGER (0..4294967295)
--------------------------------------------
-- CMC Data Structures
--------------------------------------------
CmcData ::= SEQUENCE {
controlSequence ControlSequence,
reqSequence ReqSequence,
cmsSequence CmsSequence,
otherMsgSequence OtherMsgSequence
} --#public--
CmcResponseBody ::= SEQUENCE {
controlSequence ControlSequence,
cmsSequence CmsSequence,
otherMsgSequence OtherMsgSequence
} --#public--
ControlSequence ::= SEQUENCE OF TaggedAttribute
ReqSequence ::= SEQUENCE OF TaggedRequest
CmsSequence ::= SEQUENCE OF TaggedContentInfo
OtherMsgSequence ::= SEQUENCE OF TaggedOtherMsg
BodyPartID ::= INTEGER (0..4294967295)
BodyPartIDSequence ::= SEQUENCE OF BodyPartID
TaggedAttribute ::= SEQUENCE {
bodyPartID BodyPartID,
type EncodedObjectID,
values AttributeSetValue
}
TaggedRequest ::= CHOICE {
tcr [0] IMPLICIT TaggedCertificationRequest
}
TaggedCertificationRequest ::= SEQUENCE {
bodyPartID BodyPartID,
certificationRequest NOCOPYANY
}
TaggedContentInfo ::= SEQUENCE {
bodyPartID BodyPartID,
contentInfo NOCOPYANY
}
TaggedOtherMsg ::= SEQUENCE {
bodyPartID BodyPartID,
otherMsgType EncodedObjectID,
otherMsgValue NOCOPYANY
}
CmcStatusInfo ::= SEQUENCE {
cmcStatus INTEGER (0..4294967295),
bodyList BodyPartIDSequence,
statusString UTF8STRING OPTIONAL,
otherInfo CHOICE {
failInfo INTEGER (0..4294967295),
pendInfo PendInfo
} OPTIONAL
} --#public--
PendInfo ::= SEQUENCE {
pendToken OCTETSTRING,
pendTime GeneralizedTime
}
CmcAddExtensions ::= SEQUENCE {
pkiDataReference BodyPartID,
certReferences BodyPartIDSequence,
extensions Extensions
} --#public--
CmcAddAttributes ::= SEQUENCE {
pkiDataReference BodyPartID,
certReferences BodyPartIDSequence,
attributes Attributes
} --#public--
--------------------------------------------
-- Certificate Template
--------------------------------------------
CertificateTemplate ::= SEQUENCE {
templateID EncodedObjectID,
templateMajorVersion TemplateVersion,
templateMinorVersion TemplateVersion OPTIONAL
} --#public--
TemplateVersion ::= INTEGER (0..4294967295)
END