Modifier and Type | Class and Description |
---|---|
class |
ASN1ApplicationSpecific
Base class for an ASN.1 ApplicationSpecific object
|
class |
ASN1BitString
Base class for BIT STRING objects
|
class |
ASN1Boolean
Public facade of ASN.1 Boolean data.
|
class |
ASN1Enumerated
Class representing the ASN.1 ENUMERATED type.
|
class |
ASN1External
Class representing the DER-type External
|
class |
ASN1GeneralizedTime
Base class representing the ASN.1 GeneralizedTime type.
|
class |
ASN1Integer
Class representing the ASN.1 INTEGER type.
|
class |
ASN1Null
A NULL object - use DERNull.INSTANCE for populating structures.
|
class |
ASN1Object
Base class for defining an ASN.1 object.
|
class |
ASN1ObjectIdentifier
Class representing the ASN.1 OBJECT IDENTIFIER type.
|
class |
ASN1OctetString
Abstract base for the ASN.1 OCTET STRING data type
|
class |
ASN1Primitive
Base class for ASN.1 primitive objects.
|
class |
ASN1Sequence
ASN.1
SEQUENCE and SEQUENCE OF constructs. |
class |
ASN1Set
ASN.1
SET and SET OF constructs. |
class |
ASN1TaggedObject
ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
|
class |
ASN1UTCTime
- * UTC time object.
|
class |
BERApplicationSpecific
An indefinite-length encoding version of an ASN.1 ApplicationSpecific object.
|
class |
BEROctetString
ASN.1 OctetStrings, with indefinite length rules, and constructed form support.
|
class |
BERSequence
Indefinite length SEQUENCE of objects.
|
class |
BERSet
Indefinite length
SET and SET OF constructs. |
class |
BERTaggedObject
BER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
|
class |
DERApplicationSpecific
A DER encoding version of an application specific object.
|
class |
DERBitString
A BIT STRING with DER encoding - the first byte contains the count of padding bits included in the byte array's last byte.
|
class |
DERBMPString
DER BMPString object encodes BMP (Basic Multilingual Plane) subset
(aka UCS-2) of UNICODE (ISO 10646) characters in codepoints 0 to 65535.
|
class |
DERExternal
Class representing the DER-type External
|
class |
DERGeneralizedTime
DER Generalized time object.
|
class |
DERGeneralString
ASN.1 GENERAL-STRING data type.
|
class |
DERGraphicString |
class |
DERIA5String
DER IA5String object - this is a ISO 646 (ASCII) string encoding code points 0 to 127.
|
class |
DERNull
An ASN.1 DER NULL object.
|
class |
DERNumericString
DER NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
|
class |
DEROctetString
Carrier class for a DER encoding OCTET STRING
|
class |
DERPrintableString
DER PrintableString object.
|
class |
DERSequence
Definite length SEQUENCE, encoding tells explicit number of bytes
that the content of this sequence occupies.
|
class |
DERSet
A DER encoded SET object
|
class |
DERT61String
DER T61String (also the teletex string), try not to use this if you don't need to.
|
class |
DERTaggedObject
DER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
|
class |
DERUniversalString
DER UniversalString object - encodes UNICODE (ISO 10646) characters using 32-bit format.
|
class |
DERUTCTime
DER UTC time object.
|
class |
DERUTF8String
DER UTF8String object.
|
class |
DERVideotexString |
class |
DERVisibleString
DER VisibleString object encoding ISO 646 (ASCII) character code points 32 to 126.
|
class |
DLApplicationSpecific
A DER encoding version of an application specific object.
|
class |
DLBitString
A Definite length BIT STRING
|
class |
DLExternal
Class representing the Definite-Length-type External
|
class |
DLSequence
The DLSequence encodes a SEQUENCE using definite length form.
|
class |
DLSet
The DLSet encodes ASN.1 SET value without element ordering,
and always using definite length form.
|
class |
DLTaggedObject
Definite Length TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
|
Modifier and Type | Class and Description |
---|---|
class |
EncryptedObjectStoreData
EncryptedObjectStoreData ::= SEQUENCE {
encryptionAlgorithm AlgorithmIdentifier
encryptedContent OCTET STRING
}
|
class |
EncryptedPrivateKeyData
EncryptedPrivateKeyObjectData ::= SEQUENCE {
encryptedPrivateKeyInfo EncryptedPrivateKeyInfo,
certificates SEQUENCE OF Certificate
}
|
class |
EncryptedSecretKeyData
EncryptedSecretKeyData ::= SEQUENCE {
keyEncryptionAlgorithm AlgorithmIdentifier,
encryptedKeyData OCTET STRING
}
|
class |
LinkedCertificate
Extension to tie an alternate certificate to the containing certificate.
|
class |
ObjectData
ObjectData ::= SEQUENCE {
type INTEGER,
identifier UTF8String,
creationDate GeneralizedTime,
lastModifiedDate GeneralizedTime,
data OCTET STRING,
comment UTF8String OPTIONAL
}
|
class |
ObjectDataSequence
ObjectDataSequence ::= SEQUENCE OF ObjectData
|
class |
ObjectStore
ObjectStore ::= SEQUENCE {
CHOICE {
encryptedObjectStoreData EncryptedObjectStoreData,
objectStoreData ObjectStoreData
}
integrityCheck ObjectStoreIntegrityCheck
}
|
class |
ObjectStoreData
ObjectStoreData ::= SEQUENCE {
version INTEGER.
|
class |
ObjectStoreIntegrityCheck
ObjectStoreIntegrityCheck ::= CHOICE {
PbkdMacIntegrityCheck
[0] EXPLICIT SignatureCheck
}
|
class |
PbkdMacIntegrityCheck
PbkdMacIntegrityCheck ::= SEQUENCE {
macAlgorithm AlgorithmIdentifier,
pbkdAlgorithm KeyDerivationFunc,
mac OCTET STRING
}
|
class |
SecretKeyData
SecretKeyData ::= SEQUENCE {
keyAlgorithm OBJECT IDENTIFIER,
keyBytes OCTET STRING
}
|
class |
SignatureCheck
SignatureCheck ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
certificates [0] EXPLICIT Certificates OPTIONAL,
signatureValue BIT STRING
}
Certificates ::= SEQUENCE OF Certificate
|
Modifier and Type | Class and Description |
---|---|
class |
BodyPartID
bodyIdMax INTEGER ::= 4294967295
BodyPartID ::= INTEGER(0..bodyIdMax)
|
class |
BodyPartList
BodyPartList ::= SEQUENCE SIZE (1..MAX) OF BodyPartID
|
class |
BodyPartPath
BodyPartPath ::= SEQUENCE SIZE (1..MAX) OF BodyPartID
|
class |
BodyPartReference
BodyPartReference ::= CHOICE {
bodyPartID BodyPartID,
bodyPartPath BodyPartPath
}
|
class |
CMCFailInfo
CMCFailInfo ::= INTEGER {
badAlg (0),
badMessageCheck (1),
badRequest (2),
badTime (3),
badCertId (4),
unsupportedExt (5),
mustArchiveKeys (6),
badIdentity (7),
popRequired (8),
popFailed (9),
noKeyReuse (10),
internalCAError (11),
tryLater (12),
authDataFail (13)
}
|
class |
CMCPublicationInfo
CMCPublicationInfo ::= SEQUENCE {
hashAlg AlgorithmIdentifier,
certHashes SEQUENCE OF OCTET STRING,
pubInfo PKIPublicationInfo
}
|
class |
CMCStatus
CMCStatus ::= INTEGER {
success (0),
failed (2),
pending (3),
noSupport (4),
confirmRequired (5),
popRequired (6),
partial (7)
}
|
class |
CMCStatusInfo
-- Used to return status state in a response
id-cmc-statusInfo OBJECT IDENTIFIER ::= {id-cmc 1}
CMCStatusInfo ::= SEQUENCE {
cMCStatus CMCStatus,
bodyList SEQUENCE SIZE (1..MAX) OF BodyPartID,
statusString UTF8String OPTIONAL,
otherInfo CHOICE {
failInfo CMCFailInfo,
pendInfo PendInfo } OPTIONAL
}
|
static class |
CMCStatusInfo.OtherInfo
Other info implements the choice component of CMCStatusInfo.
|
class |
CMCStatusInfoV2
-- Replaces CMC Status Info
--
id-cmc-statusInfoV2 OBJECT IDENTIFIER ::= {id-cmc 25}
CMCStatusInfoV2 ::= SEQUENCE {
cMCStatus CMCStatus,
bodyList SEQUENCE SIZE (1..MAX) OF BodyPartReference,
statusString UTF8String OPTIONAL,
otherStatusInfo OtherStatusInfo OPTIONAL
}
OtherStatusInfo ::= CHOICE {
failInfo CMCFailInfo,
pendInfo PendInfo,
extendedFailInfo ExtendedFailInfo
}
PendInfo ::= SEQUENCE {
pendToken OCTET STRING,
pendTime GeneralizedTime
}
ExtendedFailInfo ::= SEQUENCE {
failInfoOID OBJECT IDENTIFIER,
failInfoValue ANY DEFINED BY failInfoOID
}
|
class |
CMCUnsignedData
id-aa-cmc-unsignedData OBJECT IDENTIFIER ::= {id-aa 34}
CMCUnsignedData ::= SEQUENCE {
bodyPartPath BodyPartPath,
identifier OBJECT IDENTIFIER,
content ANY DEFINED BY identifier
}
|
class |
ControlsProcessed
-- Inform follow on servers that one or more controls have already been
-- processed
id-cmc-controlProcessed OBJECT IDENTIFIER ::= {id-cmc 32}
ControlsProcessed ::= SEQUENCE {
bodyList SEQUENCE SIZE(1..MAX) OF BodyPartReference
}
|
class |
DecryptedPOP
id-cmc-decryptedPOP OBJECT IDENTIFIER ::= {id-cmc 10}
DecryptedPOP ::= SEQUENCE {
bodyPartID BodyPartID,
thePOPAlgID AlgorithmIdentifier,
thePOP OCTET STRING
}
|
class |
EncryptedPOP
id-cmc-encryptedPOP OBJECT IDENTIFIER ::= {id-cmc 9}
EncryptedPOP ::= SEQUENCE {
request TaggedRequest,
cms ContentInfo,
thePOPAlgID AlgorithmIdentifier,
witnessAlgID AlgorithmIdentifier,
witness OCTET STRING
}
|
class |
ExtendedFailInfo
ExtendedFailInfo ::= SEQUENCE {
failInfoOID OBJECT IDENTIFIER,
failInfoValue ANY DEFINED BY failInfoOID
}
|
class |
ExtensionReq
ExtensionReq ::= SEQUENCE SIZE (1..MAX) OF Extension
|
class |
GetCert
id-cmc-getCert OBJECT IDENTIFIER ::= {id-cmc 15}
GetCert ::= SEQUENCE {
issuerName GeneralName,
serialNumber INTEGER }
|
class |
GetCRL
id-cmc-getCRL OBJECT IDENTIFIER ::= {id-cmc 16}
GetCRL ::= SEQUENCE {
issuerName Name,
cRLName GeneralName OPTIONAL,
time GeneralizedTime OPTIONAL,
reasons ReasonFlags OPTIONAL }
|
class |
IdentityProofV2
id-cmc-identityProofV2 OBJECT IDENTIFIER ::= { id-cmc 34 }
identityProofV2 ::= SEQUENCE {
proofAlgID AlgorithmIdentifier,
macAlgId AlgorithmIdentifier,
witness OCTET STRING
}
|
class |
LraPopWitness
id-cmc-lraPOPWitness OBJECT IDENTIFIER ::= {id-cmc 11}
LraPopWitness ::= SEQUENCE {
pkiDataBodyid BodyPartID,
bodyIds SEQUENCE OF BodyPartID
}
|
class |
ModCertTemplate
id-cmc-modCertTemplate OBJECT IDENTIFIER ::= {id-cmc 31}
ModCertTemplate ::= SEQUENCE {
pkiDataReference BodyPartPath,
certReferences BodyPartList,
replace BOOLEAN DEFAULT TRUE,
certTemplate CertTemplate
}
|
class |
OtherMsg
OtherMsg ::= SEQUENCE {
bodyPartID BodyPartID,
otherMsgType OBJECT IDENTIFIER,
otherMsgValue ANY DEFINED BY otherMsgType }
|
class |
OtherStatusInfo
Other info implements the choice component of CMCStatusInfoV2.
|
class |
PendInfo
PendInfo ::= SEQUENCE {
pendToken OCTET STRING,
pendTime GeneralizedTime
}
|
class |
PKIData
PKIData ::= SEQUENCE {
controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute,
reqSequence SEQUENCE SIZE(0..MAX) OF TaggedRequest,
cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo,
otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg
}
|
class |
PKIResponse
-- This defines the response message in the protocol
id-cct-PKIResponse OBJECT IDENTIFIER ::= { id-cct 3 }
ResponseBody ::= PKIResponse
PKIResponse ::= SEQUENCE {
controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute,
cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo,
otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg
}
|
class |
PopLinkWitnessV2
id-cmc-popLinkWitnessV2 OBJECT IDENTIFIER ::= { id-cmc 33 }
PopLinkWitnessV2 ::= SEQUENCE {
keyGenAlgorithm AlgorithmIdentifier,
macAlgorithm AlgorithmIdentifier,
witness OCTET STRING
}
|
class |
PublishTrustAnchors
PublishTrustAnchors ::= SEQUENCE {
seqNumber INTEGER,
hashAlgorithm AlgorithmIdentifier,
anchorHashes SEQUENCE OF OCTET STRING
}
|
class |
RevokeRequest
RevokeRequest ::= SEQUENCE {
issuerName Name,
serialNumber INTEGER,
reason CRLReason,
invalidityDate GeneralizedTime OPTIONAL,
passphrase OCTET STRING OPTIONAL,
comment UTF8String OPTIONAL }
|
class |
TaggedAttribute
TaggedAttribute from RFC5272
|
class |
TaggedCertificationRequest
TaggedCertificationRequest ::= SEQUENCE {
bodyPartID BodyPartID,
certificationRequest CertificationRequest
}
|
class |
TaggedContentInfo
TaggedContentInfo ::= SEQUENCE {
bodyPartID BodyPartID,
contentInfo ContentInfo
}
|
class |
TaggedRequest
TaggedRequest ::= CHOICE {
tcr [0] TaggedCertificationRequest,
crm [1] CertReqMsg,
orm [2] SEQUENCE {
bodyPartID BodyPartID,
requestMessageType OBJECT IDENTIFIER,
requestMessageValue ANY DEFINED BY requestMessageType
}
}
|
Modifier and Type | Class and Description |
---|---|
class |
CAKeyUpdAnnContent |
class |
CertConfirmContent |
class |
CertifiedKeyPair
CertifiedKeyPair ::= SEQUENCE {
certOrEncCert CertOrEncCert,
privateKey [0] EncryptedKey OPTIONAL,
-- see [CRMF] for comment on encoding
publicationInfo [1] PKIPublicationInfo OPTIONAL
}
|
class |
CertOrEncCert |
class |
CertRepMessage |
class |
CertResponse |
class |
Challenge |
class |
CMPCertificate |
class |
CRLAnnContent |
class |
ErrorMsgContent |
class |
GenMsgContent |
class |
GenRepContent |
class |
InfoTypeAndValue
Example InfoTypeAndValue contents include, but are not limited
to, the following (un-comment in this ASN.1 module and use as
appropriate for a given environment):
|
class |
KeyRecRepContent |
class |
OOBCertHash |
class |
PBMParameter |
class |
PKIBody |
class |
PKIConfirmContent |
class |
PKIFailureInfo
PKIFailureInfo ::= BIT STRING {
badAlg (0),
-- unrecognized or unsupported Algorithm Identifier
badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
badRequest (2),
-- transaction not permitted or supported
badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
badCertId (4), -- no certificate could be found matching the provided criteria
badDataFormat (5),
-- the data submitted has the wrong format
wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
incorrectData (7), -- the requester's data is incorrect (for notary services)
missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
badPOP (9) -- the proof-of-possession failed
certRevoked (10),
certConfirmed (11),
wrongIntegrity (12),
badRecipientNonce (13),
timeNotAvailable (14),
-- the TSA's time source is not available
unacceptedPolicy (15),
-- the requested TSA policy is not supported by the TSA
unacceptedExtension (16),
-- the requested extension is not supported by the TSA
addInfoNotAvailable (17)
-- the additional information requested could not be understood
-- or is not available
badSenderNonce (18),
badCertTemplate (19),
signerNotTrusted (20),
transactionIdInUse (21),
unsupportedVersion (22),
notAuthorized (23),
systemUnavail (24),
systemFailure (25),
-- the request cannot be handled due to system failure
duplicateCertReq (26)
|
class |
PKIFreeText |
class |
PKIHeader |
class |
PKIMessage |
class |
PKIMessages |
class |
PKIStatus |
class |
PKIStatusInfo |
class |
PollRepContent |
class |
PollReqContent |
class |
POPODecKeyChallContent |
class |
POPODecKeyRespContent |
class |
ProtectedPart |
class |
RevAnnContent |
class |
RevDetails |
class |
RevRepContent |
class |
RevReqContent |
Modifier and Type | Class and Description |
---|---|
class |
Attribute
RFC 5652:
Attribute is a pair of OID (as type identifier) + set of values.
|
class |
Attributes
RFC 5652 defines
5 "SET OF Attribute" entities with 5 different names.
|
class |
AuthenticatedData
RFC 5652 section 9.1:
The AuthenticatedData carries AuthAttributes and other data
which define what really is being signed.
|
class |
AuthEnvelopedData
RFC 5083:
CMS AuthEnveloped Data object.
|
class |
CCMParameters
RFC 5084: CCMParameters object.
|
class |
CMSAlgorithmProtection
From RFC 6211
|
class |
CompressedData
RFC 3274: CMS Compressed Data.
|
class |
DigestedData
RFC 5652 DigestedData object.
|
class |
EncryptedContentInfo
RFC 5652 EncryptedContentInfo object.
|
class |
EnvelopedData
RFC 5652 EnvelopedData object.
|
class |
Evidence
RFC 5544:
Binding Documents with Time-Stamps; Evidence object.
|
class |
GCMParameters
RFC 5084: GCMParameters object.
|
class |
GenericHybridParameters
RFC 5990 GenericHybridParameters class.
|
class |
KEKIdentifier
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
KEKRecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
KeyAgreeRecipientIdentifier
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
KeyAgreeRecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
KeyTransRecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
MetaData
RFC 5544:
Binding Documents with Time-Stamps; MetaData object.
|
class |
OriginatorIdentifierOrKey
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
OriginatorInfo
RFC 5652: OriginatorInfo object.
|
class |
OriginatorPublicKey
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
OtherKeyAttribute
RFC 5652: OtherKeyAttribute object.
|
class |
OtherRecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
OtherRevocationInfoFormat
RFC 5652: OtherRevocationInfoFormat object.
|
class |
PasswordRecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
RecipientEncryptedKey
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
RecipientIdentifier
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
RecipientInfo
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
RecipientKeyIdentifier
RFC 5652:
Content encryption key delivery mechanisms.
|
class |
RsaKemParameters
RFC 5990 RSA KEM parameters class.
|
class |
SCVPReqRes
RFC 5940:
Additional Cryptographic Message Syntax (CMS) Revocation Information Choices.
|
class |
SignerIdentifier
RFC 5652:
Identify who signed the containing
SignerInfo object. |
class |
TimeStampAndCRL
RFC 5544
Binding Documents with Time-Stamps; TimeStampAndCRL object.
|
class |
TimeStampedData
RFC 5544:
Binding Documents with Time-Stamps; TimeStampedData object.
|
class |
TimeStampTokenEvidence
RFC 5544
Binding Documents with Time-Stamps; TimeStampTokenEvidence object.
|
Modifier and Type | Class and Description |
---|---|
class |
ECCCMSSharedInfo
ECC-CMS-SharedInfo ::= SEQUENCE {
keyInfo AlgorithmIdentifier,
entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL,
suppPubInfo [2] EXPLICIT OCTET STRING }
|
class |
MQVuserKeyingMaterial
RFC 5753/3278: MQVuserKeyingMaterial object.
|
Modifier and Type | Class and Description |
---|---|
class |
CertId |
class |
CertReqMessages |
class |
CertReqMsg |
class |
CertRequest |
class |
CertTemplate |
class |
Controls |
class |
DhSigStatic
From RFC 2875 for Diffie-Hellman POP.
|
class |
EncKeyWithID |
class |
EncryptedKey |
class |
EncryptedValue |
class |
OptionalValidity |
class |
PKIArchiveOptions |
class |
PKIPublicationInfo
PKIPublicationInfo ::= SEQUENCE {
action INTEGER {
dontPublish (0),
pleasePublish (1) },
pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
-- pubInfos MUST NOT be present if action is "dontPublish"
-- (if action is "pleasePublish" and pubInfos is omitted,
-- "dontCare" is assumed)
|
class |
PKMACValue
Password-based MAC value for use with POPOSigningKeyInput.
|
class |
POPOPrivKey |
class |
POPOSigningKey |
class |
POPOSigningKeyInput |
class |
ProofOfPossession |
class |
SinglePubInfo
SinglePubInfo ::= SEQUENCE {
pubMethod INTEGER {
dontCare (0),
x500 (1),
web (2),
ldap (3) },
pubLocation GeneralName OPTIONAL }
|
class |
SubsequentMessage |
Modifier and Type | Class and Description |
---|---|
class |
ECGOST3410ParamSetParameters |
class |
Gost2814789EncryptedKey
Gost28147-89-EncryptedKey ::= SEQUENCE {
encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key
OPTIONAL,
macKey Gost28147-89-MAC
}
|
class |
Gost2814789KeyWrapParameters |
class |
GOST28147Parameters
ASN.1 algorithm identifier parameters for GOST-28147
|
class |
GOST3410ParamSetParameters |
class |
GOST3410PublicKeyAlgParameters |
class |
GostR3410KeyTransport
GostR3410-KeyTransport ::= SEQUENCE {
sessionEncryptedKey Gost28147-89-EncryptedKey,
transportParameters
[0] IMPLICIT GostR3410-TransportParameters OPTIONAL
}
|
class |
GostR3410TransportParameters
GostR3410-TransportParameters ::= SEQUENCE {
encryptionParamSet OBJECT IDENTIFIER,
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING
}
|
Modifier and Type | Class and Description |
---|---|
class |
CertEtcToken
CertEtcToken ::= CHOICE {
certificate [0] IMPLICIT Certificate ,
esscertid [1] ESSCertId ,
pkistatus [2] IMPLICIT PKIStatusInfo ,
assertion [3] ContentInfo ,
crl [4] IMPLICIT CertificateList,
ocspcertstatus [5] CertStatus,
oscpcertid [6] IMPLICIT CertId ,
oscpresponse [7] IMPLICIT OCSPResponse,
capabilities [8] SMIMECapabilities,
extension Extension
}
|
class |
Data
Data ::= CHOICE {
message OCTET STRING ,
messageImprint DigestInfo,
certs [0] SEQUENCE SIZE (1..MAX) OF
TargetEtcChain
}
|
class |
DVCSCertInfo
DVCSCertInfo::= SEQUENCE {
version Integer DEFAULT 1 ,
dvReqInfo DVCSRequestInformation,
messageImprint DigestInfo,
serialNumber Integer,
responseTime DVCSTime,
dvStatus [0] PKIStatusInfo OPTIONAL,
policy [1] PolicyInformation OPTIONAL,
reqSignature [2] SignerInfos OPTIONAL,
certs [3] SEQUENCE SIZE (1..MAX) OF
TargetEtcChain OPTIONAL,
extensions Extensions OPTIONAL
}
|
class |
DVCSErrorNotice
DVCSErrorNotice ::= SEQUENCE {
transactionStatus PKIStatusInfo ,
transactionIdentifier GeneralName OPTIONAL
}
|
class |
DVCSRequest
DVCSRequest ::= SEQUENCE {
requestInformation DVCSRequestInformation,
data Data,
transactionIdentifier GeneralName OPTIONAL
}
|
class |
DVCSRequestInformation
DVCSRequestInformation ::= SEQUENCE {
version INTEGER DEFAULT 1 ,
service ServiceType,
nonce Nonce OPTIONAL,
requestTime DVCSTime OPTIONAL,
requester [0] GeneralNames OPTIONAL,
requestPolicy [1] PolicyInformation OPTIONAL,
dvcs [2] GeneralNames OPTIONAL,
dataLocations [3] GeneralNames OPTIONAL,
extensions [4] IMPLICIT Extensions OPTIONAL
}
|
class |
DVCSResponse
DVCSResponse ::= CHOICE
{
dvCertInfo DVCSCertInfo ,
dvErrorNote [0] DVCSErrorNotice
}
|
class |
DVCSTime
DVCSTime ::= CHOICE {
genTime GeneralizedTime,
timeStampToken ContentInfo
}
|
class |
PathProcInput
PathProcInput ::= SEQUENCE {
acceptablePolicySet SEQUENCE SIZE (1..MAX) OF
PolicyInformation,
inhibitPolicyMapping BOOLEAN DEFAULT FALSE,
explicitPolicyReqd [0] BOOLEAN DEFAULT FALSE ,
inhibitAnyPolicy [1] BOOLEAN DEFAULT FALSE
}
|
class |
ServiceType
ServiceType ::= ENUMERATED { cpd(1), vsd(2), cpkc(3), ccpd(4) }
|
class |
TargetEtcChain
TargetEtcChain ::= SEQUENCE {
target CertEtcToken,
chain SEQUENCE SIZE (1..MAX) OF
CertEtcToken OPTIONAL,
pathProcInput [0] PathProcInput OPTIONAL
}
|
Modifier and Type | Class and Description |
---|---|
class |
CertificateBody
an Iso7816CertificateBody structure.
|
class |
CertificateHolderAuthorization
an Iso7816CertificateHolderAuthorization structure.
|
class |
CVCertificate
an iso7816Certificate structure.
|
class |
CVCertificateRequest |
class |
ECDSAPublicKey
an Iso7816ECDSAPublicKeyStructure structure.
|
class |
PublicKeyDataObject |
class |
RSAPublicKey
an Iso7816RSAPublicKeyStructure structure.
|
class |
UnsignedInteger |
Modifier and Type | Class and Description |
---|---|
class |
CommitmentTypeIndication |
class |
CommitmentTypeQualifier
Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126).
|
class |
CompleteRevocationRefs
CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRef
|
class |
CrlIdentifier
CrlIdentifier ::= SEQUENCE
{
crlissuer Name,
crlIssuedTime UTCTime,
crlNumber INTEGER OPTIONAL
}
|
class |
CrlListID
CRLListID ::= SEQUENCE {
crls SEQUENCE OF CrlValidatedID }
|
class |
CrlOcspRef
CrlOcspRef ::= SEQUENCE {
crlids [0] CRLListID OPTIONAL,
ocspids [1] OcspListID OPTIONAL,
otherRev [2] OtherRevRefs OPTIONAL
}
|
class |
CrlValidatedID
CrlValidatedID ::= SEQUENCE {
crlHash OtherHash,
crlIdentifier CrlIdentifier OPTIONAL }
|
class |
OcspIdentifier
OcspIdentifier ::= SEQUENCE {
ocspResponderID ResponderID, -- As in OCSP response data
producedAt GeneralizedTime -- As in OCSP response data
}
|
class |
OcspListID
OcspListID ::= SEQUENCE {
ocspResponses SEQUENCE OF OcspResponsesID
}
|
class |
OcspResponsesID
OcspResponsesID ::= SEQUENCE {
ocspIdentifier OcspIdentifier,
ocspRepHash OtherHash OPTIONAL
}
|
class |
OtherHash
OtherHash ::= CHOICE {
sha1Hash OtherHashValue, -- This contains a SHA-1 hash
otherHash OtherHashAlgAndValue
}
|
class |
OtherHashAlgAndValue |
class |
OtherRevRefs
OtherRevRefs ::= SEQUENCE {
otherRevRefType OtherRevRefType,
otherRevRefs ANY DEFINED BY otherRevRefType
}
OtherRevRefType ::= OBJECT IDENTIFIER
|
class |
OtherRevVals
OtherRevVals ::= SEQUENCE {
otherRevValType OtherRevValType,
otherRevVals ANY DEFINED BY OtherRevValType
}
OtherRevValType ::= OBJECT IDENTIFIER
|
class |
RevocationValues
RevocationValues ::= SEQUENCE {
crlVals [0] SEQUENCE OF CertificateList OPTIONAL,
ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
otherRevVals [2] OtherRevVals OPTIONAL}
|
class |
SignaturePolicyId |
class |
SignaturePolicyIdentifier |
class |
SignerAttribute |
class |
SignerLocation
Signer-Location attribute (RFC3126).
|
class |
SigPolicyQualifierInfo |
class |
SigPolicyQualifiers |
class |
SPUserNotice |
Modifier and Type | Class and Description |
---|---|
class |
ContentHints |
class |
ContentIdentifier |
class |
ESSCertID |
class |
ESSCertIDv2 |
class |
OtherCertID |
class |
OtherSigningCertificate |
class |
SigningCertificate |
class |
SigningCertificateV2 |
Modifier and Type | Class and Description |
---|---|
class |
AttrOrOID
AttrOrOID ::= CHOICE (oid OBJECT IDENTIFIER, attribute Attribute }
|
class |
CsrAttrs
CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID
|
Modifier and Type | Class and Description |
---|---|
class |
CscaMasterList
The CscaMasterList object.
|
class |
DataGroupHash
The DataGroupHash object.
|
class |
LDSSecurityObject
The LDSSecurityObject object (V1.8).
|
class |
LDSVersionInfo |
Modifier and Type | Class and Description |
---|---|
class |
CertHash
ISIS-MTT PROFILE: The responder may include this extension in a response to
send the hash of the requested certificate to the responder.
|
class |
RequestedCertificate
ISIS-MTT-Optional: The certificate requested by the client by inserting the
RetrieveIfAllowed extension in the request, will be returned in this
extension.
|
Modifier and Type | Class and Description |
---|---|
class |
AdditionalInformationSyntax
Some other information of non-restrictive nature regarding the usage of this
certificate.
|
class |
Admissions
An Admissions structure.
|
class |
AdmissionSyntax
Attribute to indicate admissions to certain professions.
|
class |
DeclarationOfMajority
A declaration of majority.
|
class |
MonetaryLimit
Monetary limit for transactions.
|
class |
NamingAuthority
Names of authorities which are responsible for the administration of title
registers.
|
class |
ProcurationSyntax
Attribute to indicate that the certificate holder may sign in the name of a
third person.
|
class |
ProfessionInfo
Professions, specializations, disciplines, fields of activity, etc.
|
class |
Restriction
Some other restriction regarding the usage of this certificate.
|
Modifier and Type | Class and Description |
---|---|
class |
CAST5CBCParameters |
class |
IDEACBCPar |
class |
NetscapeCertType
The NetscapeCertType object.
|
class |
NetscapeRevocationURL |
class |
ScryptParams
RFC 7914 scrypt parameters.
|
class |
VerisignCzagExtension |
Modifier and Type | Class and Description |
---|---|
class |
PublicKeyAndChallenge
This is designed to parse
the PublicKeyAndChallenge created by the KEYGEN tag included by
Mozilla based browsers.
|
class |
SignedPublicKeyAndChallenge
SignedPublicKeyAndChallenge ::= SEQUENCE {
publicKeyAndChallenge PublicKeyAndChallenge,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING
}
|
Modifier and Type | Class and Description |
---|---|
class |
KMACwithSHAKE128_params
KMACwithSHAKE128-params ::= SEQUENCE {
kMACOutputLength INTEGER DEFAULT 256, -- Output length in bits
customizationString OCTET STRING DEFAULT ''H
}
|
class |
KMACwithSHAKE256_params
KMACwithSHAKE256-params ::= SEQUENCE {
kMACOutputLength INTEGER DEFAULT 512, -- Output length in bits
customizationString OCTET STRING DEFAULT ''H
}
|
Modifier and Type | Class and Description |
---|---|
class |
BasicOCSPResponse
OCSP RFC 2560, RFC 6960
|
class |
CertID |
class |
CertStatus |
class |
CrlID |
class |
OCSPRequest |
class |
OCSPResponse
OCSP RFC 2560, RFC 6960
|
class |
OCSPResponseStatus
OCSP RFC 2560, RFC 6960
|
class |
Request |
class |
ResponderID |
class |
ResponseBytes
OCSP RFC 2560, RFC 6960
|
class |
ResponseData
OCSP RFC 2560, RFC 6960
|
class |
RevokedInfo |
class |
ServiceLocator |
class |
Signature |
class |
SingleResponse |
class |
TBSRequest |
Modifier and Type | Class and Description |
---|---|
class |
ElGamalParameter |
Modifier and Type | Class and Description |
---|---|
class |
AuthenticatedSafe |
class |
CertBag |
class |
CertificationRequest
PKCS10 Certification request object.
|
class |
CertificationRequestInfo
PKCS10 CertificationRequestInfo object.
|
class |
ContentInfo |
class |
CRLBag
CRL Bag for PKCS#12
|
class |
DHParameter |
class |
EncryptedData
The EncryptedData object.
|
class |
EncryptedPrivateKeyInfo |
class |
EncryptionScheme |
class |
IssuerAndSerialNumber |
class |
KeyDerivationFunc |
class |
MacData |
class |
PBEParameter |
class |
PBES2Parameters |
class |
PBKDF2Params
PBKDF2-params ::= SEQUENCE {
salt CHOICE {
specified OCTET STRING,
otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
},
iterationCount INTEGER (1..MAX),
keyLength INTEGER (1..MAX) OPTIONAL,
prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
|
class |
Pfx
the infamous Pfx from PKCS12
|
class |
PKCS12PBEParams |
class |
PrivateKeyInfo
RFC 5958
|
class |
RC2CBCParameter |
class |
RSAESOAEPparams |
class |
RSAPrivateKey |
class |
RSAPrivateKeyStructure
Deprecated.
use RSAPrivateKey
|
class |
RSASSAPSSparams |
class |
SafeBag |
class |
SignedData
a PKCS#7 signed data object.
|
class |
SignerInfo
a PKCS#7 signer info object.
|
Modifier and Type | Class and Description |
---|---|
class |
ECPrivateKey
the elliptic curve private key object from SEC 1
|
class |
ECPrivateKeyStructure
Deprecated.
use ECPrivateKey
|
Modifier and Type | Class and Description |
---|---|
class |
SMIMECapabilities
Handler class for dealing with S/MIME Capabilities
|
class |
SMIMECapabilitiesAttribute |
class |
SMIMECapability |
class |
SMIMEEncryptionKeyPreferenceAttribute
The SMIMEEncryptionKeyPreference object.
|
Modifier and Type | Class and Description |
---|---|
class |
Accuracy |
class |
ArchiveTimeStamp
Implementation of the Archive Timestamp type defined in RFC4998.
|
class |
ArchiveTimeStampChain
Implementation of ArchiveTimeStampChain type, as defined in RFC4998 and RFC6283.
|
class |
ArchiveTimeStampSequence
Implementation of ArchiveTimeStampSequence type, as defined in RFC4998.
|
class |
CryptoInfos
Implementation of the CryptoInfos element defined in RFC 4998:
|
class |
EncryptionInfo
Implementation of the EncryptionInfo element defined in RFC 4998:
|
class |
EvidenceRecord
RFC 4998:
Evidence Record Syntax (ERS)
|
class |
MessageImprint |
class |
PartialHashtree
Implementation of PartialHashtree, as defined in RFC 4998.
|
class |
TimeStampReq |
class |
TimeStampResp |
class |
TSTInfo |
Modifier and Type | Class and Description |
---|---|
class |
DSTU4145BinaryField |
class |
DSTU4145ECBinary |
class |
DSTU4145Params |
class |
DSTU4145PublicKey |
Modifier and Type | Class and Description |
---|---|
class |
AttributeTypeAndValue
Holding class for the AttributeTypeAndValue structures that make up an RDN.
|
class |
DirectoryString
The DirectoryString CHOICE object.
|
class |
RDN
Holding class for a single Relative Distinguished Name (RDN).
|
class |
X500Name
The X.500 Name object.
|
Modifier and Type | Class and Description |
---|---|
class |
AccessDescription
The AccessDescription object.
|
class |
AlgorithmIdentifier |
class |
AttCertIssuer |
class |
AttCertValidityPeriod |
class |
AttributeCertificate |
class |
AttributeCertificateInfo |
class |
AuthorityInformationAccess
The AuthorityInformationAccess object.
|
class |
AuthorityKeyIdentifier
The AuthorityKeyIdentifier object.
|
class |
BasicConstraints |
class |
Certificate
an X509Certificate structure.
|
class |
CertificateList
PKIX RFC-2459
The X.509 v2 CRL syntax is as follows.
|
class |
CertificatePair
This class helps to support crossCerfificatePairs in a LDAP directory
according RFC 2587
|
class |
CertificatePolicies |
class |
CertPolicyId
CertPolicyId, used in the CertificatePolicies and PolicyMappings
X509V3 Extensions.
|
class |
CRLDistPoint |
class |
CRLNumber
The CRLNumber object.
|
class |
CRLReason
The CRLReason enumeration.
|
class |
DigestInfo
The DigestInfo object.
|
class |
DisplayText
DisplayText class, used in
CertificatePolicies X509 V3 extensions (in policy qualifiers). |
class |
DistributionPoint
The DistributionPoint object.
|
class |
DistributionPointName
The DistributionPointName object.
|
class |
DSAParameter |
class |
ExtendedKeyUsage
The extendedKeyUsage object.
|
class |
Extension
an object for the elements in the X.509 V3 extension block.
|
class |
Extensions
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE {
extnId EXTENSION.&id ({ExtensionSet}),
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING }
|
class |
GeneralName
The GeneralName object.
|
class |
GeneralNames |
class |
GeneralSubtree
Class for containing a restriction object subtrees in NameConstraints.
|
class |
Holder
The Holder object.
|
class |
IetfAttrSyntax
Implementation of
IetfAttrSyntax as specified by RFC3281. |
class |
IssuerSerial |
class |
IssuingDistributionPoint
IssuingDistributionPoint ::= SEQUENCE {
distributionPoint [0] DistributionPointName OPTIONAL,
onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
onlySomeReasons [3] ReasonFlags OPTIONAL,
indirectCRL [4] BOOLEAN DEFAULT FALSE,
onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
|
class |
KeyPurposeId
The KeyPurposeId object.
|
class |
KeyUsage
The KeyUsage object.
|
class |
NameConstraints |
class |
NoticeReference
NoticeReference class, used in
CertificatePolicies X509 V3 extensions
(in policy qualifiers). |
class |
ObjectDigestInfo
ObjectDigestInfo ASN.1 structure used in v2 attribute certificates.
|
class |
OtherName
The OtherName object.
|
class |
PolicyConstraints
PKIX RFC 5280
|
class |
PolicyInformation |
class |
PolicyMappings
PolicyMappings V3 extension, described in RFC3280.
|
class |
PolicyQualifierId
PolicyQualifierId, used in the CertificatePolicies
X509V3 extension.
|
class |
PolicyQualifierInfo
Policy qualifiers, used in the X509V3 CertificatePolicies
extension.
|
class |
PrivateKeyUsagePeriod
PrivateKeyUsagePeriod ::= SEQUENCE {
notBefore [0] GeneralizedTime OPTIONAL,
notAfter [1] GeneralizedTime OPTIONAL }
|
class |
ReasonFlags
The ReasonFlags object.
|
class |
RoleSyntax
Implementation of the RoleSyntax object as specified by the RFC3281.
|
class |
RSAPublicKeyStructure
Deprecated.
use org.bouncycastle.asn1.pkcs.RSAPublicKey
|
class |
SubjectDirectoryAttributes
This extension may contain further X.500 attributes of the subject.
|
class |
SubjectKeyIdentifier
The SubjectKeyIdentifier object.
|
class |
SubjectPublicKeyInfo
The object that contains the public key stored in a certificate.
|
class |
Target
Target structure used in target information extension for attribute
certificates from RFC 3281.
|
class |
TargetInformation
Target information extension for attributes certificates according to RFC
3281.
|
class |
Targets
Targets structure used in target information extension for attribute
certificates from RFC 3281.
|
class |
TBSCertificate
The TBSCertificate object.
|
class |
TBSCertificateStructure
Deprecated.
use TBSCertificate
|
class |
TBSCertList
PKIX RFC-2459 - TBSCertList object.
|
static class |
TBSCertList.CRLEntry |
class |
Time |
class |
UserNotice
UserNotice class, used in
CertificatePolicies X509 extensions (in policy
qualifiers). |
class |
V2Form |
class |
X509CertificateStructure
Deprecated.
use org.bouncycastle.asn1.x509.Certificate
|
class |
X509Extensions
Deprecated.
use
Extensions |
class |
X509Name
Deprecated.
use org.bouncycastle.asn1.x500.X500Name.
|
Modifier and Type | Class and Description |
---|---|
class |
BiometricData
The BiometricData object.
|
class |
Iso4217CurrencyCode
The Iso4217CurrencyCode object.
|
class |
MonetaryValue
The MonetaryValue object.
|
class |
QCStatement
The QCStatement object.
|
class |
SemanticsInformation
The SemanticsInformation object.
|
class |
TypeOfBiometricData
The TypeOfBiometricData object.
|
Modifier and Type | Class and Description |
---|---|
class |
NameOrPseudonym
Structure for a name or pseudonym.
|
class |
PersonalData
Contains personal data for the otherName field in the subjectAltNames
extension.
|
Modifier and Type | Class and Description |
---|---|
class |
DHDomainParameters
Deprecated.
use DomainParameters
|
class |
DHPublicKey
X9.42 definition of a DHPublicKey
|
class |
DHValidationParms
Deprecated.
use ValidationParams
|
class |
DomainParameters
X9.44 Diffie-Hellman domain parameters.
|
class |
KeySpecificInfo
ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure.
|
class |
OtherInfo
ASN.1 def for Diffie-Hellman key exchange OtherInfo structure.
|
class |
ValidationParams
Diffie-Hellman domain validation parameters.
|
class |
X962Parameters
The Parameters ASN.1 CHOICE from X9.62.
|
class |
X9Curve
ASN.1 def for Elliptic-Curve Curve structure.
|
class |
X9ECParameters
ASN.1 def for Elliptic-Curve ECParameters structure.
|
class |
X9ECPoint
Class for describing an ECPoint as a DER object.
|
class |
X9FieldElement
class for processing an FieldElement as a DER object.
|
class |
X9FieldID
ASN.1 def for Elliptic-Curve Field ID structure.
|
Modifier and Type | Class and Description |
---|---|
class |
JournaledAlgorithm
JournaledAlgorithm keeps state of the JournalingSecureRandom and the
AlgorithmIdentifier necessary to fully resume an encryption session.
|
Modifier and Type | Class and Description |
---|---|
class |
PKCS10CertificationRequest
Deprecated.
use classes in org.bouncycastle.pkcs.
|
class |
X509KeyUsage
A holding class for constructing an X509 Key Usage extension.
|
class |
X509Principal
Deprecated.
use the X500Name class.
|
Modifier and Type | Class and Description |
---|---|
class |
NetscapeCertRequest
Handles NetScape certificate request (KEYGEN), these are constructed as:
|
Modifier and Type | Class and Description |
---|---|
class |
GMSSPrivateKey |
class |
GMSSPublicKey
This class implements an ASN.1 encoded GMSS public key.
|
class |
McElieceCCA2PrivateKey
Return the keyData to encode in the PrivateKeyInfo structure.
|
class |
McElieceCCA2PublicKey |
class |
McEliecePrivateKey |
class |
McEliecePublicKey |
class |
ParSet
ParSet ::= SEQUENCE {
T INTEGER
h SEQUENCE OF INTEGER
w SEQUENCE OF INTEGER
K SEQUENCE OF INTEGER
}
|
class |
RainbowPrivateKey
Return the key data to encode in the PrivateKeyInfo structure.
|
class |
RainbowPublicKey
This class implements an ASN.1 encoded Rainbow public key.
|
class |
SPHINCS256KeyParams |
class |
XMSSKeyParams
XMSSKeyParams
|
class |
XMSSMTKeyParams
XMMSMTKeyParams
|
class |
XMSSMTPrivateKey
XMMSMTPrivateKey
|
class |
XMSSMTPublicKey
XMSSMTPublicKey
|
class |
XMSSPrivateKey
XMMSPrivateKey
|
class |
XMSSPublicKey
XMSSPublicKey
|
Modifier and Type | Class and Description |
---|---|
class |
HSSPrivateKeyParameters |
class |
HSSPublicKeyParameters |
class |
HSSSignature |
class |
LMSKeyParameters |
class |
LMSPrivateKeyParameters |
class |
LMSPublicKeyParameters |
Modifier and Type | Method and Description |
---|---|
Composer |
Composer.bytes(Encodable encodable) |
Composer |
Composer.bytes(Encodable[] encodable) |
Modifier and Type | Class and Description |
---|---|
class |
XMSSMTPrivateKeyParameters
XMSS^MT Private Key.
|
class |
XMSSMTPublicKeyParameters
XMSS^MT Public Key.
|
class |
XMSSMTSignature
XMSS^MT Signature.
|
class |
XMSSPrivateKeyParameters
XMSS Private Key.
|
class |
XMSSPublicKeyParameters
XMSS Public Key.
|
class |
XMSSSignature
XMSS Signature.
|
Modifier and Type | Class and Description |
---|---|
class |
X509Attribute
Deprecated.
see X509CertificateHolder class in the PKIX package.
|
Modifier and Type | Class and Description |
---|---|
class |
AuthorityKeyIdentifierStructure
Deprecated.
use JcaX509ExtensionUtils and AuthorityKeyIdentifier.getInstance()
|
Copyright © 2021 BouncyCastle.org. All rights reserved.