All Classes
-
All Classes Interface Summary Class Summary Class Description Accuracy AdditionalInformationSyntax Some other information of non-restrictive nature regarding the usage of this certificate.Admissions An Admissions structure.AdmissionSyntax Attribute to indicate admissions to certain professions.AesCcmCiphertext AesCcmCiphertext ::= SEQUENCE { nonce OCTET STRING (SIZE (12)) ccmCiphertext Opaque -- 16 bytes longer than plaintext }ArchiveTimeStamp Implementation of the Archive Timestamp type defined in RFC4998.ArchiveTimeStampChain Implementation of ArchiveTimeStampChain type, as defined in RFC4998 and RFC6283.ArchiveTimeStampSequence Implementation of ArchiveTimeStampSequence type, as defined in RFC4998.Attribute RFC 5652: Attribute is a pair of OID (as type identifier) + set of values.Attributes RFC 5652 defines 5 "SET OF Attribute" entities with 5 different names.AttributeTable This is helper tool to constructAttributes
sets.AttributeTypeAndValue AttrOrOID AttrOrOID ::= CHOICE (oid OBJECT IDENTIFIER, attribute Attribute }AuthenticatedData RFC 5652 section 9.1: The AuthenticatedData carries AuthAttributes and other data which define what really is being signed.AuthenticatedDataParser ParseAuthenticatedData
stream.AuthEnvelopedData RFC 5083: CMS AuthEnveloped Data object.AuthEnvelopedDataParser ParseAuthEnvelopedData
input stream.BidirectionalMap BitmapSspRange BitmapSspRange ::= SEQUENCE { sspValue OCTET STRING (SIZE(1..32)), sspBitmask OCTET STRING (SIZE(1..32)) }BodyPartID bodyIdMax INTEGER ::= 4294967295 BodyPartID ::= INTEGER(0..bodyIdMax)BodyPartList BodyPartList ::= SEQUENCE SIZE (1..MAX) OF BodyPartIDBodyPartPath BodyPartPath ::= SEQUENCE SIZE (1..MAX) OF BodyPartIDBodyPartReference BodyPartReference ::= CHOICE { bodyPartID BodyPartID, bodyPartPath BodyPartPath }BSIObjectIdentifiers See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdfCAKeyUpdAnnContent CCMParameters RFC 5084: CCMParameters object.CertConfirmContent CertEtcToken CertEtcToken ::= CHOICE { certificate [0] IMPLICIT Certificate , esscertid [1] ESSCertId , pkistatus [2] IMPLICIT PKIStatusInfo , assertion [3] ContentInfo , crl [4] IMPLICIT CertificateList, ocspcertstatus [5] CertStatus, oscpcertid [6] IMPLICIT CertId , oscpresponse [7] IMPLICIT OCSPResponse, capabilities [8] SMIMECapabilities, extension Extension }CertHash ISIS-MTT PROFILE: The responder may include this extension in a response to send the hash of the requested certificate to the responder.CertId CertificateBase CertificateBase ::= SEQUENCE { version Uint8(3), type CertificateType, issuer IssuerIdentifier, toBeSigned ToBeSignedCertificate, signature Signature OPTIONAL }CertificateBody an Iso7816CertificateBody structure.CertificateHolderAuthorization an Iso7816CertificateHolderAuthorization structure.CertificateHolderReference CertificateType CertificateType ::= ENUMERATED { explicit, implicit, ...CertificationAuthorityReference CertificationRequest CertificationRequest ::= SEQUENCE { certificationRequestInfo SEQUENCE { version INTEGER, subject Name, subjectPublicKeyInfo SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING }, attributes [0] IMPLICIT SET OF Attribute }, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING }CertifiedKeyPair CertifiedKeyPair ::= SEQUENCE { certOrEncCert CertOrEncCert, privateKey [0] EncryptedKey OPTIONAL, -- see [CRMF] for comment on encoding publicationInfo [1] PKIPublicationInfo OPTIONAL }CertOrEncCert CertRepMessage CertReqMessages CertReqMsg CertRequest CertResponse CertStatus CertTemplate CertTemplateBuilder Challenge CircularRegion CircularRegion ::= SEQUENCE { center TwoDLocation, radius Uint16 }CMCFailInfo CMCFailInfo ::= INTEGER { badAlg (0), badMessageCheck (1), badRequest (2), badTime (3), badCertId (4), unsupportedExt (5), mustArchiveKeys (6), badIdentity (7), popRequired (8), popFailed (9), noKeyReuse (10), internalCAError (11), tryLater (12), authDataFail (13) }CMCObjectIdentifiers Object Identifiers from RFC 5272CMCPublicationInfo CMCPublicationInfo ::= SEQUENCE { hashAlg AlgorithmIdentifier, certHashes SEQUENCE OF OCTET STRING, pubInfo PKIPublicationInfo }CMCStatus CMCStatus ::= INTEGER { success (0), failed (2), pending (3), noSupport (4), confirmRequired (5), popRequired (6), partial (7) }CMCStatusInfo -- Used to return status state in a response id-cmc-statusInfo OBJECT IDENTIFIER ::= {id-cmc 1} CMCStatusInfo ::= SEQUENCE { cMCStatus CMCStatus, bodyList SEQUENCE SIZE (1..MAX) OF BodyPartID, statusString UTF8String OPTIONAL, otherInfo CHOICE { failInfo CMCFailInfo, pendInfo PendInfo } OPTIONAL }CMCStatusInfo.OtherInfo Other info implements the choice component of CMCStatusInfo.CMCStatusInfoBuilder CMCStatusInfoV2 -- Replaces CMC Status Info -- id-cmc-statusInfoV2 OBJECT IDENTIFIER ::= {id-cmc 25} CMCStatusInfoV2 ::= SEQUENCE { cMCStatus CMCStatus, bodyList SEQUENCE SIZE (1..MAX) OF BodyPartReference, statusString UTF8String OPTIONAL, otherStatusInfo OtherStatusInfo OPTIONAL } OtherStatusInfo ::= CHOICE { failInfo CMCFailInfo, pendInfo PendInfo, extendedFailInfo ExtendedFailInfo } PendInfo ::= SEQUENCE { pendToken OCTET STRING, pendTime GeneralizedTime } ExtendedFailInfo ::= SEQUENCE { failInfoOID OBJECT IDENTIFIER, failInfoValue ANY DEFINED BY failInfoOID }CMCStatusInfoV2Builder CMCUnsignedData id-aa-cmc-unsignedData OBJECT IDENTIFIER ::= {id-aa 34} CMCUnsignedData ::= SEQUENCE { bodyPartPath BodyPartPath, identifier OBJECT IDENTIFIER, content ANY DEFINED BY identifier }CMPCertificate CMPObjectIdentifiers CMSAlgorithmProtection From RFC 6211CMSAttributes CMSObjectIdentifiers CommitmentTypeIdentifier CommitmentTypeIndication CommitmentTypeQualifier Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126).CompleteRevocationRefs CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRefCompressedData RFC 3274: CMS Compressed Data.CompressedDataParser Parser of RFC 3274CompressedData
object.ContentHints ContentIdentifier ContentInfo ContentInfoParser RFC 5652ContentInfo
object parser.Controls ControlsProcessed -- Inform follow on servers that one or more controls have already been -- processed id-cmc-controlProcessed OBJECT IDENTIFIER ::= {id-cmc 32} ControlsProcessed ::= SEQUENCE { bodyList SEQUENCE SIZE(1..MAX) OF BodyPartReference }CRLAnnContent CrlIdentifier CrlIdentifier ::= SEQUENCE { crlissuer Name, crlIssuedTime UTCTime, crlNumber INTEGER OPTIONAL }CrlListID CRLListID ::= SEQUENCE { crls SEQUENCE OF CrlValidatedID }CrlOcspRef CrlOcspRef ::= SEQUENCE { crlids [0] CRLListID OPTIONAL, ocspids [1] OcspListID OPTIONAL, otherRev [2] OtherRevRefs OPTIONAL }CrlValidatedID CrlValidatedID ::= SEQUENCE { crlHash OtherHash, crlIdentifier CrlIdentifier OPTIONAL }CRMFObjectIdentifiers CryptoInfos Implementation of the CryptoInfos element defined in RFC 4998:CscaMasterList The CscaMasterList object.CsrAttrs CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOIDCVCertificate an iso7816Certificate structure.CVCertificateRequest Data Data ::= CHOICE { message OCTET STRING , messageImprint DigestInfo, certs [0] SEQUENCE SIZE (1..MAX) OF TargetEtcChain }DataGroupHash The DataGroupHash object.DeclarationOfMajority A declaration of majority.DecryptedPOP id-cmc-decryptedPOP OBJECT IDENTIFIER ::= {id-cmc 10} DecryptedPOP ::= SEQUENCE { bodyPartID BodyPartID, thePOPAlgID AlgorithmIdentifier, thePOP OCTET STRING }DhSigStatic From RFC 2875 for Diffie-Hellman POP.DigestedData RFC 5652 DigestedData object.Duration Duration ::= CHOICE { microseconds Uint16, milliseconds Uint16, seconds Uint16, minutes Uint16, hours Uint16, sixtyHours Uint16, years Uint16 }DVCSCertInfo DVCSCertInfo::= SEQUENCE { version Integer DEFAULT 1 , dvReqInfo DVCSRequestInformation, messageImprint DigestInfo, serialNumber Integer, responseTime DVCSTime, dvStatus [0] PKIStatusInfo OPTIONAL, policy [1] PolicyInformation OPTIONAL, reqSignature [2] SignerInfos OPTIONAL, certs [3] SEQUENCE SIZE (1..MAX) OF TargetEtcChain OPTIONAL, extensions Extensions OPTIONAL }DVCSCertInfoBuilder DVCSCertInfo::= SEQUENCE { version Integer DEFAULT 1 , dvReqInfo DVCSRequestInformation, messageImprint DigestInfo, serialNumber Integer, responseTime DVCSTime, dvStatus [0] PKIStatusInfo OPTIONAL, policy [1] PolicyInformation OPTIONAL, reqSignature [2] SignerInfos OPTIONAL, certs [3] SEQUENCE SIZE (1..MAX) OF TargetEtcChain OPTIONAL, extensions Extensions OPTIONAL }DVCSErrorNotice DVCSErrorNotice ::= SEQUENCE { transactionStatus PKIStatusInfo , transactionIdentifier GeneralName OPTIONAL }DVCSObjectIdentifiers OIDs for RFC 3029 Data Validation and Certification Server ProtocolsDVCSRequest DVCSRequest ::= SEQUENCE { requestInformation DVCSRequestInformation, data Data, transactionIdentifier GeneralName OPTIONAL }DVCSRequestInformation DVCSRequestInformation ::= SEQUENCE { version INTEGER DEFAULT 1 , service ServiceType, nonce Nonce OPTIONAL, requestTime DVCSTime OPTIONAL, requester [0] GeneralNames OPTIONAL, requestPolicy [1] PolicyInformation OPTIONAL, dvcs [2] GeneralNames OPTIONAL, dataLocations [3] GeneralNames OPTIONAL, extensions [4] IMPLICIT Extensions OPTIONAL }DVCSRequestInformationBuilder DVCSRequestInformation ::= SEQUENCE { version INTEGER DEFAULT 1 , service ServiceType, nonce Nonce OPTIONAL, requestTime DVCSTime OPTIONAL, requester [0] GeneralNames OPTIONAL, requestPolicy [1] PolicyInformation OPTIONAL, dvcs [2] GeneralNames OPTIONAL, dataLocations [3] GeneralNames OPTIONAL, extensions [4] IMPLICIT Extensions OPTIONAL }DVCSResponse DVCSResponse ::= CHOICE { dvCertInfo DVCSCertInfo , dvErrorNote [0] DVCSErrorNotice }DVCSTime DVCSTime ::= CHOICE { genTime GeneralizedTime, timeStampToken ContentInfo }EACObjectIdentifiers German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) https://www.bsi.bund.de/EACTags ECCCMSSharedInfo ECC-CMS-SharedInfo ::= SEQUENCE { keyInfo AlgorithmIdentifier, entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, suppPubInfo [2] EXPLICIT OCTET STRING }ECDSAPublicKey an Iso7816ECDSAPublicKeyStructure structure.EncKeyWithID EncryptedContentInfo RFC 5652 EncryptedContentInfo object.EncryptedContentInfoParser Parser for RFC 5652 EncryptedContentInfo object.EncryptedData RFC 5652 EncryptedData object.EncryptedData EncryptedData ::= SEQUENCE { recipients SequenceOfRecipientInfo, ciphertext SymmetricCiphertext }EncryptedKey EncryptedPOP id-cmc-encryptedPOP OBJECT IDENTIFIER ::= {id-cmc 9} EncryptedPOP ::= SEQUENCE { request TaggedRequest, cms ContentInfo, thePOPAlgID AlgorithmIdentifier, witnessAlgID AlgorithmIdentifier, witness OCTET STRING }EncryptedValue EncryptionInfo Implementation of the EncryptionInfo element defined in RFC 4998:EndEntityType EndEntityType ::= BIT STRING { app(0), enrol(1) } (SIZE (8)) (ALL EXCEPT ())EnvelopedData RFC 5652 EnvelopedData object.EnvelopedDataParser Parser of RFC 5652EnvelopedData
object.ErrorMsgContent ESFAttributes ESSCertID ESSCertIDv2 EtsiTs103097Module Evidence RFC 5544: Binding Documents with Time-Stamps; Evidence object.EvidenceRecord RFC 4998: Evidence Record Syntax (ERS)ExplicitCertificate ExtendedFailInfo ExtendedFailInfo ::= SEQUENCE { failInfoOID OBJECT IDENTIFIER, failInfoValue ANY DEFINED BY failInfoOID }ExtensionReq ExtensionReq ::= SEQUENCE SIZE (1..MAX) OF ExtensionFlags GCMParameters RFC 5084: GCMParameters object.GenericHybridParameters RFC 5990 GenericHybridParameters class.GenMsgContent GenRepContent GeographicRegion GeographicRegion ::= CHOICE { circularRegion CircularRegion, rectangularRegion SequenceOfRectangularRegion, polygonalRegion PolygonalRegion, identifiedRegion SequenceOfIdentifiedRegion, ...GetCert id-cmc-getCert OBJECT IDENTIFIER ::= {id-cmc 15} GetCert ::= SEQUENCE { issuerName GeneralName, serialNumber INTEGER }GetCRL id-cmc-getCRL OBJECT IDENTIFIER ::= {id-cmc 16} GetCRL ::= SEQUENCE { issuerName Name, cRLName GeneralName OPTIONAL, time GeneralizedTime OPTIONAL, reasons ReasonFlags OPTIONAL }GroupLinkageValue GroupLinkageValue ::= SEQUENCE { jValue OCTET STRING (SIZE(4)) value OCTET STRING (SIZE(9)) }HashAlgorithm CertificateType ::= ENUMERATED { explicit, implicit, ...HashedData HashedData ::= CHOICE { sha256HashedData OCTET STRING (SIZE(32)) }HeaderInfo HeaderInfo ::= SEQUENCE { psid Psid, generationTime Time64 OPTIONAL, expiryTime Time64 OPTIONAL, generationLocation ThreeDLocation OPTIONAL, p2pcdLearningRequest HashedId3 OPTIONAL, missingCrlIdentifier MissingCrlIdentifier OPTIONAL, ..., inlineP2pcdRequest SequenceOfHashedId3 OPTIONAL, requestedCertificate Certificate OPTIONAL }ICAOObjectIdentifiers { ISOITU(2) intorgs(23) icao(136) }IdentityProofV2 id-cmc-identityProofV2 OBJECT IDENTIFIER ::= { id-cmc 34 } identityProofV2 ::= SEQUENCE { proofAlgID AlgorithmIdentifier, macAlgId AlgorithmIdentifier, witness OCTET STRING }Ieee1609Dot2Content Ieee1609Dot2Content ::= CHOICE { unsecuredData Opaque, signedData SignedData, encryptedData EncryptedData, signedCertificateRequest Opaque, ...Ieee1609Dot2Data Ieee1609Dot2Data ::= SEQUENCE { protocolVersion Uint8(3), content Ieee1609Dot2Content }ImplicitCertificate InfoTypeAndValue Example InfoTypeAndValue contents include, but are not limited to, the following (un-comment in this ASN.1 module and use as appropriate for a given environment):ISISMTTObjectIdentifiers ISISMT -- Industrial Signature Interoperability SpecificationIssuerAndSerialNumber RFC 5652: IssuerAndSerialNumber object.IssuerIdentifier IssuerIdentifier ::= CHOICE { sha256AndDigest HashedId8, self HashAlgorithm, ..., sha384AndDigest HashedId8 }IValue Uint16 ::= INTEGER (0..65535) IValue ::= Uint16KEKIdentifier RFC 5652: Content encryption key delivery mechanisms.KEKRecipientInfo RFC 5652: Content encryption key delivery mechanisms.KeyAgreeRecipientIdentifier RFC 5652: Content encryption key delivery mechanisms.KeyAgreeRecipientInfo RFC 5652: Content encryption key delivery mechanisms.KeyRecRepContent KeyTransRecipientInfo RFC 5652: Content encryption key delivery mechanisms.Latitude Latitude ::= NinetyDegreeInt NinetyDegreeInt ::= INTEGER { min (-900000000), max (900000000), unknown (900000001) }LDSSecurityObject The LDSSecurityObject object (V1.8).LDSVersionInfo LinkageData LinkageData ::= SEQUENCE { iCert IValue, linkage-value LinkageValue, group-linkage-value GroupLinkageValue OPTIONAL }LinkageValue LinkageValue ::= OCTET STRING (SIZE(9))Longitude Latitude ::= OneEightyDegreeInt NinetyDegreeInt ::= INTEGER { min (-17999999999), max (1800000000), unknown (1800000001) }LraPopWitness id-cmc-lraPOPWitness OBJECT IDENTIFIER ::= {id-cmc 11} LraPopWitness ::= SEQUENCE { pkiDataBodyid BodyPartID, bodyIds SEQUENCE OF BodyPartID }MessageImprint MetaData RFC 5544: Binding Documents with Time-Stamps; MetaData object.ModCertTemplate id-cmc-modCertTemplate OBJECT IDENTIFIER ::= {id-cmc 31} ModCertTemplate ::= SEQUENCE { pkiDataReference BodyPartPath, certReferences BodyPartList, replace BOOLEAN DEFAULT TRUE, certTemplate CertTemplate }MonetaryLimit Monetary limit for transactions.MQVuserKeyingMaterial RFC 5753/3278: MQVuserKeyingMaterial object.NamingAuthority Names of authorities which are responsible for the administration of title registers.OcspIdentifier OcspIdentifier ::= SEQUENCE { ocspResponderID ResponderID, -- As in OCSP response data producedAt GeneralizedTime -- As in OCSP response data }OcspListID OcspListID ::= SEQUENCE { ocspResponses SEQUENCE OF OcspResponsesID }OcspResponsesID OcspResponsesID ::= SEQUENCE { ocspIdentifier OcspIdentifier, ocspRepHash OtherHash OPTIONAL }OOBCertHash OptionalValidity OriginatorIdentifierOrKey RFC 5652: Content encryption key delivery mechanisms.OriginatorInfo RFC 5652: OriginatorInfo object.OriginatorPublicKey RFC 5652: Content encryption key delivery mechanisms.OtherCertID OtherHash OtherHash ::= CHOICE { sha1Hash OtherHashValue, -- This contains a SHA-1 hash otherHash OtherHashAlgAndValue }OtherHashAlgAndValue OtherKeyAttribute RFC 5652: OtherKeyAttribute object.OtherMsg OtherMsg ::= SEQUENCE { bodyPartID BodyPartID, otherMsgType OBJECT IDENTIFIER, otherMsgValue ANY DEFINED BY otherMsgType }OtherRecipientInfo RFC 5652: Content encryption key delivery mechanisms.OtherRevocationInfoFormat RFC 5652: OtherRevocationInfoFormat object.OtherRevRefs OtherRevRefs ::= SEQUENCE { otherRevRefType OtherRevRefType, otherRevRefs ANY DEFINED BY otherRevRefType } OtherRevRefType ::= OBJECT IDENTIFIEROtherRevVals OtherRevVals ::= SEQUENCE { otherRevValType OtherRevValType, otherRevVals ANY DEFINED BY OtherRevValType } OtherRevValType ::= OBJECT IDENTIFIEROtherSigningCertificate OtherStatusInfo Other info implements the choice component of CMCStatusInfoV2.PackedDate EAC encoding date objectPartialHashtree Implementation of PartialHashtree, as defined in RFC 4998.PasswordRecipientInfo RFC 5652: Content encryption key delivery mechanisms.PathProcInput PathProcInput ::= SEQUENCE { acceptablePolicySet SEQUENCE SIZE (1..MAX) OF PolicyInformation, inhibitPolicyMapping BOOLEAN DEFAULT FALSE, explicitPolicyReqd [0] BOOLEAN DEFAULT FALSE , inhibitAnyPolicy [1] BOOLEAN DEFAULT FALSE }PBMParameter PendInfo PendInfo ::= SEQUENCE { pendToken OCTET STRING, pendTime GeneralizedTime }PKIArchiveOptions PKIBody PKIConfirmContent PKIData PKIData ::= SEQUENCE { controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute, reqSequence SEQUENCE SIZE(0..MAX) OF TaggedRequest, cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo, otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg }PKIFailureInfo PKIFailureInfo ::= BIT STRING { badAlg (0), -- unrecognized or unsupported Algorithm Identifier badMessageCheck (1), -- integrity check failed (e.g., signature did not verify) badRequest (2), -- transaction not permitted or supported badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy badCertId (4), -- no certificate could be found matching the provided criteria badDataFormat (5), -- the data submitted has the wrong format wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token incorrectData (7), -- the requester's data is incorrect (for notary services) missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy) badPOP (9) -- the proof-of-possession failed certRevoked (10), certConfirmed (11), wrongIntegrity (12), badRecipientNonce (13), timeNotAvailable (14), -- the TSA's time source is not available unacceptedPolicy (15), -- the requested TSA policy is not supported by the TSA unacceptedExtension (16), -- the requested extension is not supported by the TSA addInfoNotAvailable (17) -- the additional information requested could not be understood -- or is not available badSenderNonce (18), badCertTemplate (19), signerNotTrusted (20), transactionIdInUse (21), unsupportedVersion (22), notAuthorized (23), systemUnavail (24), systemFailure (25), -- the request cannot be handled due to system failure duplicateCertReq (26)PKIFreeText PKIHeader PKIHeaderBuilder PKIMessage PKIMessages PKIPublicationInfo PKIPublicationInfo ::= SEQUENCE { action INTEGER { dontPublish (0), pleasePublish (1) }, pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL } -- pubInfos MUST NOT be present if action is "dontPublish" -- (if action is "pleasePublish" and pubInfos is omitted, -- "dontCare" is assumed)PKIResponse -- This defines the response message in the protocol id-cct-PKIResponse OBJECT IDENTIFIER ::= { id-cct 3 } ResponseBody ::= PKIResponse PKIResponse ::= SEQUENCE { controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute, cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo, otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg }PKIStatus PKIStatusInfo PKMACValue Password-based MAC value for use with POPOSigningKeyInput.PKRecipientInfo PKRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey EncryptedDataEncryptionKey }PollRepContent PollReqContent PolygonalRegion SEQUENCE SIZE(3..MAX) OF TwoDLocationPopLinkWitnessV2 id-cmc-popLinkWitnessV2 OBJECT IDENTIFIER ::= { id-cmc 33 } PopLinkWitnessV2 ::= SEQUENCE { keyGenAlgorithm AlgorithmIdentifier, macAlgorithm AlgorithmIdentifier, witness OCTET STRING }POPODecKeyChallContent POPODecKeyRespContent POPOPrivKey POPOSigningKey POPOSigningKeyInput ProcurationSyntax Attribute to indicate that the certificate holder may sign in the name of a third person.ProfessionInfo Professions, specializations, disciplines, fields of activity, etc.ProofOfPossession ProtectedPart PsidGroupPermissions PsidGroupPermissions ::= SEQUENCE { subjectPermissions SubjectPermissions, minChainLength INTEGER DEFAULT 1, chainLengthRange INTEGER DEFAULT 0, eeType EndEntityType DEFAULT (app) }PsidSspRange PsidSspRange ::= SEQUENCE { psid Psid, sspRange SspRange OPTIONAL }PublicKeyDataObject PublishTrustAnchors PublishTrustAnchors ::= SEQUENCE { seqNumber INTEGER, hashAlgorithm AlgorithmIdentifier, anchorHashes SEQUENCE OF OCTET STRING }RecipientEncryptedKey RFC 5652: Content encryption key delivery mechanisms.RecipientIdentifier RFC 5652: Content encryption key delivery mechanisms.RecipientInfo RFC 5652: Content encryption key delivery mechanisms.RecipientInfo RecipientInfo ::= CHOICE { pskRecipInfo PreSharedKeyReicpientInfo, symmRecipInfo SymmRecipientInfo, certRecipInfo PKRecipientInfo, signedDataRecipInfo PKRecipientInfo, rekRecipInfo PKRecipientInfo }RecipientKeyIdentifier RFC 5652: Content encryption key delivery mechanisms.RectangularRegion RectangularRegion ::= SEQUENCE { northWest TwoDLocation, southEast TwoDLocation }RequestedCertificate ISIS-MTT-Optional: The certificate requested by the client by inserting the RetrieveIfAllowed extension in the request, will be returned in this extension.Restriction Some other restriction regarding the usage of this certificate.RevAnnContent RevDetails RevocationValues RevocationValues ::= SEQUENCE { crlVals [0] SEQUENCE OF CertificateList OPTIONAL, ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL, otherRevVals [2] OtherRevVals OPTIONAL}RevokeRequest RevokeRequest ::= SEQUENCE { issuerName Name, serialNumber INTEGER, reason CRLReason, invalidityDate GeneralizedTime OPTIONAL, passphrase OCTET STRING OPTIONAL, comment UTF8String OPTIONAL }RevRepContent RevRepContentBuilder RevReqContent RsaKemParameters RFC 5990 RSA KEM parameters class.RSAPublicKey an Iso7816RSAPublicKeyStructure structure.SCVPReqRes RFC 5940: Additional Cryptographic Message Syntax (CMS) Revocation Information Choices.SequenceOfCertificate SequenceOfCertificate ::= SEQUENCE OF CertificateSequenceOfOctetString SequenceOfOctetString ::= SEQUENCE (SIZE(0..MAX)) OF OCTET STRING (SIZE(0..MAX))SequenceOfPsidGroupPermissions SEQUENCE OF PsidGroupPermissionsSequenceOfRecipientInfo SequenceOfRecipientInfo ::= SEQUENCE OF RecipientInfoSequenceOfRectangularRegion SequenceOfRectangularRegion ::= SEQUENCE OF RectangularRegionServiceSpecificPermissions ServiceType ServiceType ::= ENUMERATED { cpd(1), vsd(2), cpkc(3), ccpd(4) }Signature Signature ::= CHOICE { ecdsaNistP256Signature EcdsaP256Signature, ecdsaBrainpoolP256r1Signature EcdsaP256Signature, ...SignaturePolicyId SignaturePolicyIdentifier SignedData SignedData SignedData ::= SEQUENCE { hashId HashAlgorithm, tbsData ToBeSignedData, signer SignerIdentifier, signature Signature }SignedDataParser Parser for RFC 5652:SignedData
object.SignedDataPayload SignedDataPayload ::= SEQUENCE { data Ieee1609Dot2Data OPTIONAL, extDataHash HashedData OPTIONAL, ...SignerAttribute SignerIdentifier RFC 5652: Identify who signed the containingSignerInfo
object.SignerIdentifier SignerIdentifier ::= CHOICE { digest HashedId8, certificate SequenceOfCertificate, self NULL, ...SignerInfo RFC 5652: Signature container per Signer, seeSignerIdentifier
.SignerLocation Signer-Location attribute (RFC3126).SigningCertificate SigningCertificateV2 SigPolicyQualifierInfo SigPolicyQualifiers SinglePubInfo SinglePubInfo ::= SEQUENCE { pubMethod INTEGER { dontCare (0), x500 (1), web (2), ldap (3) }, pubLocation GeneralName OPTIONAL }SMIMEAttributes SMIMECapabilities Handler class for dealing with S/MIME CapabilitiesSMIMECapabilitiesAttribute SMIMECapability SMIMECapabilityVector Handler for creating a vector S/MIME CapabilitiesSMIMEEncryptionKeyPreferenceAttribute The SMIMEEncryptionKeyPreference object.SPuri SPUserNotice SspRange SspRange ::= CHOICE { opaque SequenceOfOctetString, all NULL, ...SubjectPermissions SubjectPermissions ::= CHOICE { explicit SequenceOfPsidSspRange, all NULL, ...SubsequentMessage SymmAlgorithm SymmRecipientInfo SymmRecipientInfo ::= SEQUENCE { recipientId HashedId8, encKey SymmetricCiphertext }TaggedAttribute TaggedAttribute from RFC5272TaggedCertificationRequest TaggedCertificationRequest ::= SEQUENCE { bodyPartID BodyPartID, certificationRequest CertificationRequest }TaggedContentInfo TaggedContentInfo ::= SEQUENCE { bodyPartID BodyPartID, contentInfo ContentInfo }TaggedRequest TaggedRequest ::= CHOICE { tcr [0] TaggedCertificationRequest, crm [1] CertReqMsg, orm [2] SEQUENCE { bodyPartID BodyPartID, requestMessageType OBJECT IDENTIFIER, requestMessageValue ANY DEFINED BY requestMessageType } }TargetEtcChain TargetEtcChain ::= SEQUENCE { target CertEtcToken, chain SEQUENCE SIZE (1..MAX) OF CertEtcToken OPTIONAL, pathProcInput [0] PathProcInput OPTIONAL }Time RFC 5652: Dual-mode timestamp format producing either UTCTIme or GeneralizedTime.TimeStampAndCRL RFC 5544 Binding Documents with Time-Stamps; TimeStampAndCRL object.TimeStampedData RFC 5544: Binding Documents with Time-Stamps; TimeStampedData object.TimeStampedDataParser Parser for RFC 5544:TimeStampedData
object.TimeStampReq TimeStampResp TimeStampTokenEvidence RFC 5544 Binding Documents with Time-Stamps; TimeStampTokenEvidence object.ToBeSignedCertificate ToBeSignedCertificate ::= SEQUENCE { id CertificateId, cracaId HashedId3, crlSeries CrlSeries, validityPeriod ValidityPeriod, region GeographicRegion OPTIONAL, assuranceLevel SubjectAssurance OPTIONAL, appPermissions SequenceOfPsidSep OPTIONAL, certIssuePermissions SequenceOfPsidGroupPermissions OPTIONAL, certRequestPermissions NULL OPTIONAL, encryptionKey PublicEncryptionKey OPTIONAL, verifyKeyIndicator VerificationKeyIndicator, ...ToBeSignedData ToBeSignedData ::= SEQUENCE { payload SignedDataPayload, headerInfo HeaderInfo }TSTInfo TwoDLocation TwoDLocation ::= SEQUENCE { latitude Latitude, longitude Longitude }UnsignedInteger ValidityPeriod ValidityPeriod ::= SEQUENCE { start Time32, duration Duration }VerificationKeyIndicator VerificationKeyIndicator ::= CHOICE { verificationKey PublicVerificationKey, reconstructionValue EccP256CurvePoint, ...