From dd10ccee1e3721329cb04b67ebf94e745d37481c Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Thu, 29 Oct 2015 22:22:17 +0100 Subject: Fix naming, remove include --- asn1include/AuthenticationFramework.asn | 363 -------------------------------- 1 file changed, 363 deletions(-) delete mode 100644 asn1include/AuthenticationFramework.asn (limited to 'asn1include/AuthenticationFramework.asn') diff --git a/asn1include/AuthenticationFramework.asn b/asn1include/AuthenticationFramework.asn deleted file mode 100644 index 35b8164..0000000 --- a/asn1include/AuthenticationFramework.asn +++ /dev/null @@ -1,363 +0,0 @@ --- Module AuthenticationFramework (X.509:03/2000) -AuthenticationFramework {joint-iso-itu-t ds(5) module(1) - authenticationFramework(7) 4} DEFINITIONS ::= -BEGIN - --- EXPORTS All --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -IMPORTS - id-at, id-nf, id-oc, informationFramework, upperBounds, - selectedAttributeTypes, basicAccessControl, certificateExtensions - FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) - usefulDefinitions(0) 4} - Name, ATTRIBUTE, OBJECT-CLASS, NAME-FORM, top - FROM InformationFramework {joint-iso-itu-t ds(5) module(1) - informationFramework(1) 4} - ub-user-password, ub-content - FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4} - UniqueIdentifier, octetStringMatch, DirectoryString{}, commonName - FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) - selectedAttributeTypes(5) 4} - certificateExactMatch, certificatePairExactMatch, certificateListExactMatch, - KeyUsage, GeneralNames, CertificatePoliciesSyntax, - algorithmIdentifierMatch, CertPolicyId - FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1) - certificateExtensions(26) 4}; - --- public-key certificate definition -Certificate ::= - SIGNED - {SEQUENCE {version [0] Version DEFAULT v1, - serialNumber CertificateSerialNumber, - signature AlgorithmIdentifier, - issuer Name, - validity Validity, - subject Name, - subjectPublicKeyInfo SubjectPublicKeyInfo, - issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL, - -- if present, version shall be v2 or v3 - subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL, - -- if present, version shall be v2 or v3 - extensions [3] Extensions OPTIONAL - }} -- If present, version shall be v3 - -Version ::= INTEGER {v1(0), v2(1), v3(2)} - -CertificateSerialNumber ::= INTEGER - -AlgorithmIdentifier ::= SEQUENCE { - algorithm ALGORITHM.&id({SupportedAlgorithms}), - parameters ALGORITHM.&Type({SupportedAlgorithms}{@algorithm}) OPTIONAL -} - --- Definition of the following information object set is deferred, perhaps to standardized --- profiles or to protocol implementation conformance statements. The set is required to --- specify a table constraint on the parameters component of AlgorithmIdentifier. -SupportedAlgorithms ALGORITHM ::= - {...} - -Validity ::= SEQUENCE {notBefore Time, - notAfter Time -} - -SubjectPublicKeyInfo ::= SEQUENCE { - algorithm AlgorithmIdentifier, - subjectPublicKey BIT STRING -} - -Time ::= CHOICE {utcTime UTCTime, - generalizedTime GeneralizedTime -} - -Extensions ::= SEQUENCE OF Extension - --- For those extensions where ordering of individual extensions within the SEQUENCE is significant, the --- specification of those individual extensions shall include the rules for the significance of the order therein -Extension ::= SEQUENCE { - extnId EXTENSION.&id({ExtensionSet}), - critical BOOLEAN DEFAULT FALSE, - extnValue OCTET STRING -} - --- contains a DER encoding of a value of type &ExtnType --- for the extension object identified by extnId -ExtensionSet EXTENSION ::= - {...} - -EXTENSION ::= CLASS {&id OBJECT IDENTIFIER UNIQUE, - &ExtnType -}WITH SYNTAX {SYNTAX &ExtnType - IDENTIFIED BY &id -} - --- other PKI certificate constructs -Certificates ::= SEQUENCE { - userCertificate Certificate, - certificationPath ForwardCertificationPath OPTIONAL -} - -ForwardCertificationPath ::= SEQUENCE OF CrossCertificates - -CrossCertificates ::= SET OF Certificate - -CertificationPath ::= SEQUENCE { - userCertificate Certificate, - theCACertificates SEQUENCE OF CertificatePair OPTIONAL -} - -CertificatePair ::= SEQUENCE { - forward [0] Certificate OPTIONAL, - reverse [1] Certificate OPTIONAL -} --- at least one of the pair shall be present -(WITH COMPONENTS { - ..., - forward PRESENT - } | WITH COMPONENTS { - ..., - reverse PRESENT - }) - --- certificate revocation list (CRL) -CertificateList ::= - SIGNED - {SEQUENCE {version Version OPTIONAL, - -- if present, version shall be v2 - signature AlgorithmIdentifier, - issuer Name, - thisUpdate Time, - nextUpdate Time OPTIONAL, - revokedCertificates - SEQUENCE OF - SEQUENCE {serialNumber CertificateSerialNumber, - revocationDate Time, - crlEntryExtensions Extensions OPTIONAL} OPTIONAL, - crlExtensions [0] Extensions OPTIONAL}} - --- information object classes -ALGORITHM ::= TYPE-IDENTIFIER - --- parameterized types -HASH{ToBeHashed} ::= SEQUENCE { - algorithmIdentifier AlgorithmIdentifier, - hashValue - BIT STRING - (CONSTRAINED BY { - -- shall be the result of applying a hashing procedure to the DER-encoded octets - -- of a value of -- ToBeHashed}) -} - -ENCRYPTED-HASH{ToBeSigned} ::= - BIT STRING - (CONSTRAINED BY { - -- shall be the result of applying a hashing procedure to the DER-encoded (see 6.1) octets - -- of a value of --ToBeSigned -- and then applying an encipherment procedure to those octets --}) - -ENCRYPTED{ToBeEnciphered} ::= - BIT STRING - (CONSTRAINED BY { - -- shall be the result of applying an encipherment procedure - -- to the BER-encoded octets of a value of --ToBeEnciphered}) - -SIGNATURE{ToBeSigned} ::= SEQUENCE { - algorithmIdentifier AlgorithmIdentifier, - encrypted ENCRYPTED-HASH{ToBeSigned} -} - -SIGNED{ToBeSigned} ::= SEQUENCE { - toBeSigned ToBeSigned, - COMPONENTS OF SIGNATURE{ToBeSigned} -} - --- PKI object classes -pkiUser OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND auxiliary - MAY CONTAIN {userCertificate} - ID id-oc-pkiUser -} - -pkiCA OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND auxiliary - MAY CONTAIN - {cACertificate | certificateRevocationList | authorityRevocationList | - crossCertificatePair} - ID id-oc-pkiCA -} - -cRLDistributionPoint OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND structural - MUST CONTAIN {commonName} - MAY CONTAIN - {certificateRevocationList | authorityRevocationList | deltaRevocationList} - ID id-oc-cRLDistributionPoint -} - -cRLDistPtNameForm NAME-FORM ::= { - NAMES cRLDistributionPoint - WITH ATTRIBUTES {commonName} - ID id-nf-cRLDistPtNameForm -} - -deltaCRL OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND auxiliary - MAY CONTAIN {deltaRevocationList} - ID id-oc-deltaCRL -} - -cpCps OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND auxiliary - MAY CONTAIN {certificatePolicy | certificationPracticeStmt} - ID id-oc-cpCps -} - -pkiCertPath OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND auxiliary - MAY CONTAIN {pkiPath} - ID id-oc-pkiCertPath -} - --- PKI directory attributes -userCertificate ATTRIBUTE ::= { - WITH SYNTAX Certificate - EQUALITY MATCHING RULE certificateExactMatch - ID id-at-userCertificate -} - -cACertificate ATTRIBUTE ::= { - WITH SYNTAX Certificate - EQUALITY MATCHING RULE certificateExactMatch - ID id-at-cAcertificate -} - -crossCertificatePair ATTRIBUTE ::= { - WITH SYNTAX CertificatePair - EQUALITY MATCHING RULE certificatePairExactMatch - ID id-at-crossCertificatePair -} - -certificateRevocationList ATTRIBUTE ::= { - WITH SYNTAX CertificateList - EQUALITY MATCHING RULE certificateListExactMatch - ID id-at-certificateRevocationList -} - -authorityRevocationList ATTRIBUTE ::= { - WITH SYNTAX CertificateList - EQUALITY MATCHING RULE certificateListExactMatch - ID id-at-authorityRevocationList -} - -deltaRevocationList ATTRIBUTE ::= { - WITH SYNTAX CertificateList - EQUALITY MATCHING RULE certificateListExactMatch - ID id-at-deltaRevocationList -} - -supportedAlgorithms ATTRIBUTE ::= { - WITH SYNTAX SupportedAlgorithm - EQUALITY MATCHING RULE algorithmIdentifierMatch - ID id-at-supportedAlgorithms -} - -SupportedAlgorithm ::= SEQUENCE { - algorithmIdentifier AlgorithmIdentifier, - intendedUsage [0] KeyUsage OPTIONAL, - intendedCertificatePolicies [1] CertificatePoliciesSyntax OPTIONAL -} - -certificationPracticeStmt ATTRIBUTE ::= { - WITH SYNTAX InfoSyntax - ID id-at-certificationPracticeStmt -} - -InfoSyntax ::= CHOICE { - content DirectoryString{ub-content}, - pointer SEQUENCE {name GeneralNames, - hash HASH{HashedPolicyInfo} OPTIONAL} -} - -POLICY ::= TYPE-IDENTIFIER - -HashedPolicyInfo ::= POLICY.&Type({Policies}) - -Policies POLICY ::= - {...} -- Defined by implementors - -certificatePolicy ATTRIBUTE ::= { - WITH SYNTAX PolicySyntax - ID id-at-certificatePolicy -} - -PolicySyntax ::= SEQUENCE { - policyIdentifier PolicyID, - policySyntax InfoSyntax -} - -PolicyID ::= CertPolicyId - -pkiPath ATTRIBUTE ::= {WITH SYNTAX PkiPath - ID id-at-pkiPath -} - -PkiPath ::= SEQUENCE OF CrossCertificates - -userPassword ATTRIBUTE ::= { - WITH SYNTAX OCTET STRING(SIZE (0..ub-user-password)) - EQUALITY MATCHING RULE octetStringMatch - ID id-at-userPassword -} - --- object identifier assignments --- object classes -id-oc-cRLDistributionPoint OBJECT IDENTIFIER ::= - {id-oc 19} - -id-oc-pkiUser OBJECT IDENTIFIER ::= {id-oc 21} - -id-oc-pkiCA OBJECT IDENTIFIER ::= {id-oc 22} - -id-oc-deltaCRL OBJECT IDENTIFIER ::= {id-oc 23} - -id-oc-cpCps OBJECT IDENTIFIER ::= {id-oc 30} - -id-oc-pkiCertPath OBJECT IDENTIFIER ::= {id-oc 31} - ---name forms -id-nf-cRLDistPtNameForm OBJECT IDENTIFIER ::= {id-nf 14} - ---directory attributes -id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} - -id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} - -id-at-cAcertificate OBJECT IDENTIFIER ::= {id-at 37} - -id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} - -id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} - -id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} - -id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} - -id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} - -id-at-certificationPracticeStmt OBJECT IDENTIFIER ::= {id-at 68} - -id-at-certificatePolicy OBJECT IDENTIFIER ::= {id-at 69} - -id-at-pkiPath OBJECT IDENTIFIER ::= {id-at 70} - -END - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D - -- cgit v1.2.3