[linux-2.6-block.git] / crypto / asymmetric_keys / x509.asn1

-- SPDX-License-Identifier: BSD-3-Clause
--
-- Copyright (C) 2008 IETF Trust and the persons identified as authors
-- of the code
--
-- https://www.rfc-editor.org/rfc/rfc5280#section-4

Certificate ::= SEQUENCE {
	tbsCertificate		TBSCertificate ({ x509_note_tbs_certificate }),
	signatureAlgorithm	AlgorithmIdentifier,
	signature		BIT STRING ({ x509_note_signature })
	}

TBSCertificate ::= SEQUENCE {
	version           [ 0 ]	Version DEFAULT,
	serialNumber		CertificateSerialNumber ({ x509_note_serial }),
	signature		AlgorithmIdentifier ({ x509_note_sig_algo }),
	issuer			Name ({ x509_note_issuer }),
	validity		Validity,
	subject			Name ({ x509_note_subject }),
	subjectPublicKeyInfo	SubjectPublicKeyInfo,
	issuerUniqueID    [ 1 ]	IMPLICIT UniqueIdentifier OPTIONAL,
	subjectUniqueID   [ 2 ]	IMPLICIT UniqueIdentifier OPTIONAL,
	extensions        [ 3 ]	Extensions OPTIONAL
	}

Version ::= INTEGER
CertificateSerialNumber ::= INTEGER

AlgorithmIdentifier ::= SEQUENCE {
	algorithm		OBJECT IDENTIFIER ({ x509_note_OID }),
	parameters		ANY OPTIONAL ({ x509_note_params })
}

Name ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeValueAssertion

AttributeValueAssertion ::= SEQUENCE {
	attributeType		OBJECT IDENTIFIER ({ x509_note_OID }),
	attributeValue		ANY ({ x509_extract_name_segment })
	}

Validity ::= SEQUENCE {
	notBefore		Time ({ x509_note_not_before }),
	notAfter		Time ({ x509_note_not_after })
	}

Time ::= CHOICE {
	utcTime			UTCTime,
	generalTime		GeneralizedTime
	}

SubjectPublicKeyInfo ::= SEQUENCE {
	algorithm		AlgorithmIdentifier,
	subjectPublicKey	BIT STRING ({ x509_extract_key_data })
	}

UniqueIdentifier ::= BIT STRING

Extensions ::= SEQUENCE OF Extension

Extension ::= SEQUENCE {
	extnid			OBJECT IDENTIFIER ({ x509_note_OID }),
	critical		BOOLEAN DEFAULT,
	extnValue		OCTET STRING ({ x509_process_extension })
	}
Commit	Line	Data
201c0da4 LW	1	-- SPDX-License-Identifier: BSD-3-Clause
	2	--
	3	-- Copyright (C) 2008 IETF Trust and the persons identified as authors
	4	-- of the code
	5	--
	6	-- https://www.rfc-editor.org/rfc/rfc5280#section-4
	7
c26fd69f DH	8	Certificate ::= SEQUENCE {
	9	tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }),
	10	signatureAlgorithm AlgorithmIdentifier,
	11	signature BIT STRING ({ x509_note_signature })
	12	}
	13
	14	TBSCertificate ::= SEQUENCE {
	15	version [ 0 ] Version DEFAULT,
84aabd46	16	serialNumber CertificateSerialNumber ({ x509_note_serial }),
8f2a7b51	17	signature AlgorithmIdentifier ({ x509_note_sig_algo }),
c26fd69f DH	18	issuer Name ({ x509_note_issuer }),
	19	validity Validity,
	20	subject Name ({ x509_note_subject }),
	21	subjectPublicKeyInfo SubjectPublicKeyInfo,
	22	issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
	23	subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
	24	extensions [ 3 ] Extensions OPTIONAL
	25	}
	26
	27	Version ::= INTEGER
	28	CertificateSerialNumber ::= INTEGER
	29
	30	AlgorithmIdentifier ::= SEQUENCE {
	31	algorithm OBJECT IDENTIFIER ({ x509_note_OID }),
f1774cb8	32	parameters ANY OPTIONAL ({ x509_note_params })
c26fd69f DH	33	}
	34
	35	Name ::= SEQUENCE OF RelativeDistinguishedName
	36
	37	RelativeDistinguishedName ::= SET OF AttributeValueAssertion
	38
	39	AttributeValueAssertion ::= SEQUENCE {
	40	attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
	41	attributeValue ANY ({ x509_extract_name_segment })
	42	}
	43
	44	Validity ::= SEQUENCE {
	45	notBefore Time ({ x509_note_not_before }),
	46	notAfter Time ({ x509_note_not_after })
	47	}
	48
	49	Time ::= CHOICE {
	50	utcTime UTCTime,
	51	generalTime GeneralizedTime
	52	}
	53
	54	SubjectPublicKeyInfo ::= SEQUENCE {
	55	algorithm AlgorithmIdentifier,
	56	subjectPublicKey BIT STRING ({ x509_extract_key_data })
	57	}
	58
	59	UniqueIdentifier ::= BIT STRING
	60
	61	Extensions ::= SEQUENCE OF Extension
	62
	63	Extension ::= SEQUENCE {
	64	extnid OBJECT IDENTIFIER ({ x509_note_OID }),
	65	critical BOOLEAN DEFAULT,
	66	extnValue OCTET STRING ({ x509_process_extension })
	67	}