1233294Sstas-- $Id$ 2178825SdfrPKCS10 DEFINITIONS ::= 3178825Sdfr 4178825SdfrBEGIN 5178825Sdfr 6178825SdfrIMPORTS 7178825Sdfr Time, 8178825Sdfr GeneralName, 9178825Sdfr SubjectPublicKeyInfo, 10178825Sdfr RelativeDistinguishedName, 11178825Sdfr AttributeTypeAndValue, 12178825Sdfr Extension, 13178825Sdfr AlgorithmIdentifier 14178825Sdfr FROM rfc2459 15178825Sdfr heim_any 16178825Sdfr FROM heim; 17178825Sdfr 18178825SdfrCRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName 19178825Sdfr 20178825SdfrControls ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue 21178825Sdfr 22178825Sdfr-- XXX IMPLICIT brokenness 23178825SdfrPOPOSigningKey ::= SEQUENCE { 24178825Sdfr poposkInput [0] IMPLICIT POPOSigningKeyInput OPTIONAL, 25178825Sdfr algorithmIdentifier AlgorithmIdentifier, 26178825Sdfr signature BIT STRING } 27178825Sdfr 28178825SdfrPKMACValue ::= SEQUENCE { 29178825Sdfr algId AlgorithmIdentifier, 30178825Sdfr value BIT STRING 31178825Sdfr} 32178825Sdfr 33178825Sdfr-- XXX IMPLICIT brokenness 34178825SdfrPOPOSigningKeyInput ::= SEQUENCE { 35178825Sdfr authInfo CHOICE { 36178825Sdfr sender [0] IMPLICIT GeneralName, 37178825Sdfr publicKeyMAC PKMACValue 38178825Sdfr }, 39178825Sdfr publicKey SubjectPublicKeyInfo 40178825Sdfr} -- from CertTemplate 41178825Sdfr 42178825Sdfr 43178825SdfrPBMParameter ::= SEQUENCE { 44178825Sdfr salt OCTET STRING, 45178825Sdfr owf AlgorithmIdentifier, 46178825Sdfr iterationCount INTEGER, 47178825Sdfr mac AlgorithmIdentifier 48178825Sdfr} 49178825Sdfr 50178825SdfrSubsequentMessage ::= INTEGER { 51178825Sdfr encrCert (0), 52178825Sdfr challengeResp (1) 53178825Sdfr} 54178825Sdfr 55178825Sdfr-- XXX IMPLICIT brokenness 56178825SdfrPOPOPrivKey ::= CHOICE { 57178825Sdfr thisMessage [0] BIT STRING, -- Deprecated 58178825Sdfr subsequentMessage [1] IMPLICIT SubsequentMessage, 59178825Sdfr dhMAC [2] BIT STRING, -- Deprecated 60178825Sdfr agreeMAC [3] IMPLICIT PKMACValue, 61178825Sdfr encryptedKey [4] heim_any 62178825Sdfr} 63178825Sdfr 64178825Sdfr-- XXX IMPLICIT brokenness 65178825SdfrProofOfPossession ::= CHOICE { 66178825Sdfr raVerified [0] NULL, 67178825Sdfr signature [1] POPOSigningKey, 68178825Sdfr keyEncipherment [2] POPOPrivKey, 69178825Sdfr keyAgreement [3] POPOPrivKey 70178825Sdfr} 71178825Sdfr 72178825SdfrCertTemplate ::= SEQUENCE { 73178825Sdfr version [0] INTEGER OPTIONAL, 74178825Sdfr serialNumber [1] INTEGER OPTIONAL, 75178825Sdfr signingAlg [2] SEQUENCE { 76178825Sdfr algorithm OBJECT IDENTIFIER, 77178825Sdfr parameters heim_any OPTIONAL 78178825Sdfr } -- AlgorithmIdentifier -- OPTIONAL, 79178825Sdfr issuer [3] IMPLICIT CHOICE { 80178825Sdfr rdnSequence CRMFRDNSequence 81178825Sdfr } -- Name -- OPTIONAL, 82178825Sdfr validity [4] SEQUENCE { 83178825Sdfr notBefore [0] Time OPTIONAL, 84178825Sdfr notAfter [1] Time OPTIONAL 85178825Sdfr } -- OptionalValidity -- OPTIONAL, 86178825Sdfr subject [5] IMPLICIT CHOICE { 87178825Sdfr rdnSequence CRMFRDNSequence 88178825Sdfr } -- Name -- OPTIONAL, 89178825Sdfr publicKey [6] IMPLICIT SEQUENCE { 90178825Sdfr algorithm AlgorithmIdentifier, 91178825Sdfr subjectPublicKey BIT STRING OPTIONAL 92178825Sdfr } -- SubjectPublicKeyInfo -- OPTIONAL, 93178825Sdfr issuerUID [7] IMPLICIT BIT STRING OPTIONAL, 94178825Sdfr subjectUID [8] IMPLICIT BIT STRING OPTIONAL, 95178825Sdfr extensions [9] IMPLICIT SEQUENCE OF Extension OPTIONAL 96178825Sdfr} 97178825Sdfr 98178825SdfrCertRequest ::= SEQUENCE { 99178825Sdfr certReqId INTEGER, 100178825Sdfr certTemplate CertTemplate, 101178825Sdfr controls Controls OPTIONAL 102178825Sdfr} 103178825Sdfr 104178825SdfrCertReqMsg ::= SEQUENCE { 105178825Sdfr certReq CertRequest, 106178825Sdfr popo ProofOfPossession OPTIONAL, 107178825Sdfr regInfo SEQUENCE OF AttributeTypeAndValue OPTIONAL } 108178825Sdfr 109178825SdfrCertReqMessages ::= SEQUENCE OF CertReqMsg 110178825Sdfr 111178825Sdfr 112178825SdfrEND 113178825Sdfr 114