summaryrefslogtreecommitdiff
path: root/crypto/asymmetric_keys/x509.asn1
blob: aae0cde414e2d8939c6f1c7ebc4c11117a275ec4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Certificate ::= SEQUENCE {
	tbsCertificate		TBSCertificate ({ x509_note_tbs_certificate }),
	signatureAlgorithm	AlgorithmIdentifier,
	signature		BIT STRING ({ x509_note_signature })
	}

TBSCertificate ::= SEQUENCE {
	version           [ 0 ]	Version DEFAULT,
	serialNumber		CertificateSerialNumber ({ x509_note_serial }),
	signature		AlgorithmIdentifier ({ x509_note_pkey_algo }),
	issuer			Name ({ x509_note_issuer }),
	validity		Validity,
	subject			Name ({ x509_note_subject }),
	subjectPublicKeyInfo	SubjectPublicKeyInfo,
	issuerUniqueID    [ 1 ]	IMPLICIT UniqueIdentifier OPTIONAL,
	subjectUniqueID   [ 2 ]	IMPLICIT UniqueIdentifier OPTIONAL,
	extensions        [ 3 ]	Extensions OPTIONAL
	}

Version ::= INTEGER
CertificateSerialNumber ::= INTEGER

AlgorithmIdentifier ::= SEQUENCE {
	algorithm		OBJECT IDENTIFIER ({ x509_note_OID }),
	parameters		ANY OPTIONAL
}

Name ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeValueAssertion

AttributeValueAssertion ::= SEQUENCE {
	attributeType		OBJECT IDENTIFIER ({ x509_note_OID }),
	attributeValue		ANY ({ x509_extract_name_segment })
	}

Validity ::= SEQUENCE {
	notBefore		Time ({ x509_note_not_before }),
	notAfter		Time ({ x509_note_not_after })
	}

Time ::= CHOICE {
	utcTime			UTCTime,
	generalTime		GeneralizedTime
	}

SubjectPublicKeyInfo ::= SEQUENCE {
	algorithm		AlgorithmIdentifier,
	subjectPublicKey	BIT STRING ({ x509_extract_key_data })
	}

UniqueIdentifier ::= BIT STRING

Extensions ::= SEQUENCE OF Extension

Extension ::= SEQUENCE {
	extnid			OBJECT IDENTIFIER ({ x509_note_OID }),
	critical		BOOLEAN DEFAULT,
	extnValue		OCTET STRING ({ x509_process_extension })
	}