10
RelativeDistinguishedName,
11
AttributeTypeAndValue,
18
CRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName
20
Controls ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue
22
-- XXX IMPLICIT brokenness
23
POPOSigningKey ::= SEQUENCE {
24
poposkInput [0] IMPLICIT POPOSigningKeyInput OPTIONAL,
25
algorithmIdentifier AlgorithmIdentifier,
26
signature BIT STRING }
28
PKMACValue ::= SEQUENCE {
29
algId AlgorithmIdentifier,
33
-- XXX IMPLICIT brokenness
34
POPOSigningKeyInput ::= SEQUENCE {
36
sender [0] IMPLICIT GeneralName,
37
publicKeyMAC PKMACValue
39
publicKey SubjectPublicKeyInfo
40
} -- from CertTemplate
43
PBMParameter ::= SEQUENCE {
45
owf AlgorithmIdentifier,
46
iterationCount INTEGER,
47
mac AlgorithmIdentifier
50
SubsequentMessage ::= INTEGER {
55
-- XXX IMPLICIT brokenness
56
POPOPrivKey ::= CHOICE {
57
thisMessage [0] BIT STRING, -- Deprecated
58
subsequentMessage [1] IMPLICIT SubsequentMessage,
59
dhMAC [2] BIT STRING, -- Deprecated
60
agreeMAC [3] IMPLICIT PKMACValue,
61
encryptedKey [4] heim_any
64
-- XXX IMPLICIT brokenness
65
ProofOfPossession ::= CHOICE {
67
signature [1] POPOSigningKey,
68
keyEncipherment [2] POPOPrivKey,
69
keyAgreement [3] POPOPrivKey
72
CertTemplate ::= SEQUENCE {
73
version [0] INTEGER OPTIONAL,
74
serialNumber [1] INTEGER OPTIONAL,
75
signingAlg [2] SEQUENCE {
76
algorithm OBJECT IDENTIFIER,
77
parameters heim_any OPTIONAL
78
} -- AlgorithmIdentifier -- OPTIONAL,
79
issuer [3] IMPLICIT CHOICE {
80
rdnSequence CRMFRDNSequence
81
} -- Name -- OPTIONAL,
82
validity [4] SEQUENCE {
83
notBefore [0] Time OPTIONAL,
84
notAfter [1] Time OPTIONAL
85
} -- OptionalValidity -- OPTIONAL,
86
subject [5] IMPLICIT CHOICE {
87
rdnSequence CRMFRDNSequence
88
} -- Name -- OPTIONAL,
89
publicKey [6] IMPLICIT SEQUENCE {
90
algorithm AlgorithmIdentifier,
91
subjectPublicKey BIT STRING OPTIONAL
92
} -- SubjectPublicKeyInfo -- OPTIONAL,
93
issuerUID [7] IMPLICIT BIT STRING OPTIONAL,
94
subjectUID [8] IMPLICIT BIT STRING OPTIONAL,
95
extensions [9] IMPLICIT SEQUENCE OF Extension OPTIONAL
98
CertRequest ::= SEQUENCE {
100
certTemplate CertTemplate,
101
controls Controls OPTIONAL
104
CertReqMsg ::= SEQUENCE {
106
popo ProofOfPossession OPTIONAL,
107
regInfo SEQUENCE OF AttributeTypeAndValue OPTIONAL }
109
CertReqMessages ::= SEQUENCE OF CertReqMsg