92 lines
1.7 KiB
Text
92 lines
1.7 KiB
Text
AuthorityKeyIdentifier
|
|
{
|
|
keyIdentifier [0] OCTET_STRING OPTIONAL
|
|
authorityCertIssuer [1] GeneralNames OPTIONAL
|
|
authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL
|
|
}
|
|
|
|
SubjectKeyIdentifier OCTET_STRING
|
|
|
|
KeyUsage
|
|
{
|
|
BIT_STRING
|
|
digitalSignature 0
|
|
nonRepudiation 1
|
|
keyEncipherment 2
|
|
dataEncipherment 3
|
|
keyAgreement 4
|
|
keyCertSign 5
|
|
cRLSign 6
|
|
encipherOnly 7
|
|
decipherOnly 8
|
|
}
|
|
|
|
extKeyUsage
|
|
{
|
|
SEQUENCE of OBJECT_IDENTIFIER
|
|
}
|
|
|
|
privateKeyUsagePeriod
|
|
{
|
|
notBefore [0] GeneralizedTime OPTIONAL
|
|
notAfter [1] GeneralizedTime OPTIONAL
|
|
}
|
|
|
|
certificatePoliciesSyntax
|
|
SEQUENCE of PoliciesInformation
|
|
|
|
PoliciesInformation XXX
|
|
policyMappings XXX
|
|
supportedAlgorithms XXX
|
|
|
|
subjectAltName
|
|
GeneralNames sequence of GeneralName
|
|
|
|
GeneralName
|
|
{
|
|
otherName [0] INSTANCE OF OTHER-NAME
|
|
rfc882Name [1] IA5String
|
|
dNSName [2] IA5String
|
|
x400Address [3] ORAddress
|
|
directoryName [4] Name
|
|
ediPartyName [5]
|
|
{
|
|
nameAssigner [0] DirectoryString OPTIONAL
|
|
partyName [1] DirectoryString
|
|
}
|
|
uniformResourceIdentifier [6] IA5String
|
|
iPAddress [7] OCTET_STRING
|
|
registeredID [8] OBJECT_IDENTIFIER
|
|
}
|
|
|
|
issuerAltName
|
|
GeneralNames sequence of GeneralName
|
|
|
|
subjectDirectoryAttribute SEQUENCE of Attribute
|
|
|
|
basicConstraints
|
|
{
|
|
cA BOOLEAN default FALSE
|
|
pathLenConstraint INTEGER OPTIONAL
|
|
}
|
|
|
|
nameConstraints
|
|
{
|
|
permittedSubtrees [0] sequence of GeneralSubtree OPTIONAL
|
|
excludedSubtrees [1] sequence of GeneralSubtree OPTIONAL
|
|
}
|
|
|
|
GeneralSubtree
|
|
{
|
|
base GeneralName
|
|
minimum [0] BaseDistance DEFAULT 0
|
|
maximum [1] BaseDistance OPTIONAL
|
|
}
|
|
|
|
PolicyConstraints
|
|
{
|
|
requiredExplicitPolicy [0] SkipCerts OPTIONAL
|
|
inhibitPolicyMapping [1] SkipCerts OPTIONAL
|
|
}
|
|
SkipCerts == INTEGER
|
|
|