diff options
Diffstat (limited to 'crypto/x509v3/format')
-rw-r--r-- | crypto/x509v3/format | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/crypto/x509v3/format b/crypto/x509v3/format new file mode 100644 index 0000000000..3307978121 --- /dev/null +++ b/crypto/x509v3/format @@ -0,0 +1,92 @@ +AuthorityKeyIdentifier + { + keyIdentifier [0] OCTET_STRING OPTIONAL + authorityCertIssuer [1] GeneralNames OPTIONAL + authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL + } + +SubjectKeyIdentifier OCTET_STRING + +KeyUsage + { + BIT_STRING + digitalSignature 0 + nonRepudiation 1 + keyEncipherment 2 + dataEncipherment 3 + keyAgreement 4 + keyCertSign 5 + cRLSign 6 + encipherOnly 7 + decipherOnly 8 + } + +extKeyUsage + { + SEQUENCE of OBJECT_IDENTIFIER + } + +privateKeyUsagePeriod + { + notBefore [0] GeneralizedTime OPTIONAL + notAfter [1] GeneralizedTime OPTIONAL + } + +certificatePoliciesSyntax + SEQUENCE of PoliciesInformation + +PoliciesInformation XXX +policyMappings XXX +supportedAlgorithms XXX + +subjectAltName + GeneralNames sequence of GeneralName + +GeneralName + { + otherName [0] INSTANCE OF OTHER-NAME + rfc882Name [1] IA5String + dNSName [2] IA5String + x400Address [3] ORAddress + directoryName [4] Name + ediPartyName [5] + { + nameAssigner [0] DirectoryString OPTIONAL + partyName [1] DirectoryString + } + uniformResourceIdentifier [6] IA5String + iPAddress [7] OCTET_STRING + registeredID [8] OBJECT_IDENTIFIER + } + +issuerAltName + GeneralNames sequence of GeneralName + +subjectDirectoryAttribute SEQUENCE of Attribute + +basicConstraints + { + cA BOOLEAN default FALSE + pathLenConstraint INTEGER OPTIONAL + } + +nameConstraints + { + permittedSubtrees [0] sequence of GeneralSubtree OPTIONAL + excludedSubtrees [1] sequence of GeneralSubtree OPTIONAL + } + +GeneralSubtree + { + base GeneralName + minimum [0] BaseDistance DEFAULT 0 + maximum [1] BaseDistance OPTIONAL + } + +PolicyConstraints + { + requiredExplicitPolicy [0] SkipCerts OPTIONAL + inhibitPolicyMapping [1] SkipCerts OPTIONAL + } +SkipCerts == INTEGER + |