cmp

type AdministrationDomainName ¶

type AdministrationDomainName string

AdministrationDomainName ::= [APPLICATION 2] CHOICE {
   numeric   NumericString   (SIZE (0..ub-domain-name-length)),
   printable PrintableString (SIZE (0..ub-domain-name-length)) }

type AnotherName ¶

type AnotherName struct {
	Value asn1.RawValue `asn1:"tag:0,explicit,optional"`
	// contains filtered or unexported fields
}

AnotherName ::= SEQUENCE {
     type-id    OBJECT IDENTIFIER,
	 value      [0] EXPLICIT ANY DEFINED BY type-id }

type Attribute ¶

type Attribute struct {
	Type   asn1.ObjectIdentifier
	Values asn1.RawValue `asn1:"set"`
}

Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
      type   ATTRIBUTE.&id({IOSet}),
      values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})
}

type AuthInfo ¶

type AuthInfo struct {
	Sender       *GeneralName `asn1:"tag:0,omitempty"`
	PublicKeyMac *PKMACValue  `asn1:"omitempty"`
}

AuthInfo ignore pop

type BuiltInDomainDefinedAttribute ¶

type BuiltInDomainDefinedAttribute struct {
	Type  string
	Value string
}

BuiltInDomainDefinedAttribute ::= SEQUENCE {
   type PrintableString (SIZE
                   (1..ub-domain-defined-attribute-type-length)),
   value PrintableString (SIZE
				   (1..ub-domain-defined-attribute-value-length)) }

type BuiltInDomainDefinedAttributes ¶

type BuiltInDomainDefinedAttributes []BuiltInDomainDefinedAttribute

type BuiltInStandardAttributes ¶

type BuiltInStandardAttributes struct {
	CountryName             *CountryName              `asn1:"optional,omitempty"`
	AdminitrationDomainName *AdministrationDomainName `asn1:"optional,omitempty,application,tag:2"`
	NetworkAddress          *NetworkAddress           `asn1:"tag:0,optional,omitempty"`
	TerminalIdentifier      *TerminalIdentifier       `asn1:"tag:1,optional,omitempty,printable"`
	PrivateDomainName       *PrivateDomainName        `asn1:"tag:2,explicit,optional,omitempty"`
	OrganizationName        *OrganizationName         `asn1:"tag:3,optional,omitempty,printable"`
	NumericUserIdentifier   *NumericUserIdentifier    `asn1:"tag:4,optional,omitempty"`
	PersonalName            *PersonalName             `asn1:"tag:5,optional,omitempty,set"`
	OrganizationalUnitNames *OrganizationalUnitNames  `asn1:"tag:6,optional,omitempty,printable"`
}

BuiltInStandardAttributes ::= SEQUENCE {
   country-name                  CountryName OPTIONAL,
   administration-domain-name    AdministrationDomainName OPTIONAL,
   network-address           [0] IMPLICIT NetworkAddress OPTIONAL,
     -- see also extended-network-address
   terminal-identifier       [1] IMPLICIT TerminalIdentifier OPTIONAL,
   private-domain-name       [2] PrivateDomainName OPTIONAL,
   organization-name         [3] IMPLICIT OrganizationName OPTIONAL,
     -- see also teletex-organization-name
   numeric-user-identifier   [4] IMPLICIT NumericUserIdentifier
                                 OPTIONAL,
   personal-name             [5] IMPLICIT PersonalName OPTIONAL,
     -- see also teletex-personal-name
   organizational-unit-names [6] IMPLICIT OrganizationalUnitNames
                                 OPTIONAL }
     -- see also teletex-organizational-unit-names

type CertOrEncCert ¶

type CertOrEncCert struct {
	Certificate   certificate    `asn1:"tag:0,omitempty"`
	EncryptedCert EncryptedValue `asn1:"tag:1,omitempty"`
}

CertOrEncCert ::= CHOICE {
	certificate     [0] CMPCertificate,
	encryptedCert   [1] EncryptedValue }

type CertRepMessage ¶

type CertRepMessage struct {
	Raw       asn1.RawContent
	CAPubs    []Certificate `asn1:"tag:1,optional,omitempty"`
	Responses []CertResponse
}

CertRepMessage ::= SEQUENCE {
    caPubs       [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
                  OPTIONAL,
    response         SEQUENCE OF CertResponse }

type CertReqMessage ¶

type CertReqMessage struct {
	CertReq CertRequest
	RegInfo []pkix.AttributeTypeAndValue `asn1:"optional,omitempty"`
}

CertReqMessage . https://www.ietf.org/rfc/rfc4211.txt

CertReqMsg ::= SEQUENCE {
   certReq   CertRequest,
   popo       ProofOfPossession  OPTIONAL,
   -- content depends upon key type
   regInfo   SEQUENCE SIZE(1..MAX) of AttributeTypeAndValue OPTIONAL
}

type CertReqMessages ¶

type CertReqMessages []CertReqMessage

type CertRequest ¶

type CertRequest struct {
	CertReqID    int
	CertTemplate CertTemplate
	Controls     Controls `asn1:"optional,omitempty"`
}

CertRequest ::= SEQUENCE {
    certReqId     INTEGER,        -- ID for matching request and reply
    certTemplate  CertTemplate, --Selected fields of cert to be issued
    controls      Controls OPTIONAL } -- Attributes affecting issuance

type CertResponse ¶

type CertResponse struct {
	Raw              asn1.RawContent
	CertReqID        int
	Status           PKIStatusInfo
	CertifiedKeyPair CertifiedKeyPair
	RespInfo         []byte
}

func (resp CertResponse) GetCertWithEncValue() (*CertWithEncValue, error)

func (resp CertResponse) OK() bool

type CertTemplate ¶

type CertTemplate struct {
	Version      Version  `asn1:"explicit,optional,tag:0"`
	SerialNumber *big.Int `asn1:"explicit,optional,tag:1"`
	//SigningAlg   pkix.AlgorithmIdentifier `asn1:"optional,tag:2"`
	Issuer     Name                 `asn1:"optional,tag:3"`
	Validity   OptionalValidity     `asn1:"optional,explicit,tag:4"`
	Subject    Name                 `asn1:"optional,tag:5"`
	PublicKey  SubjectPublicKeyInfo `asn1:"optional,explicit,tag:6"`
	IssuerUID  UniqueIdentifier     `asn1:"optional,tag:7"`
	SubjectUID UniqueIdentifier     `asn1:"optional,explicit,tag:8"`
	Extensions Extensions           `asn1:"explicit,optional,tag:9"`
}

func NewCertTemplate(serialNumber *big.Int) *CertTemplate

func (tmpl *CertTemplate) SetExtension(ext []pkix.Extension)

func (tmpl *CertTemplate) SetPublicKeyWithCSR(der []byte) error

func (tmpl *CertTemplate) SetPublicKeyWithRawPubichKeyInfo(der []byte) error

func (tmpl *CertTemplate) SetSubject(seq pkix.RDNSequence)

func (tmpl *CertTemplate) SetSubjectUID(uid []byte)

func (tmpl *CertTemplate) SetVaidity(notBefore, notAfter time.Time)

func (tmpl *CertTemplate) SetVersion(version int)

type CertWithEncValue ¶

type CertWithEncValue struct {
	EncPriv *EncryptedValue
	Cert    *x509.Certificate
}

type Certificate ¶

type Certificate struct {
	Raw asn1.RawContent
}

func (cert Certificate) ToX590Certificate() (*x509.Certificate, error)

type CertificationRequest ¶

type CertificationRequest struct {
	CertificationRequestInfo CertificationRequestInfo
	SignatureAlgorithm       pkix.AlgorithmIdentifier
	Signature                asn1.BitString
}

CertificationRequest ::= SEQUENCE {
     certificationRequestInfo CertificationRequestInfo,
     signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
     signature          BIT STRING
}

type CertificationRequestInfo ¶

type CertificationRequestInfo struct {
	Version       int `asn1:"default:0"`
	Subject       Name
	SubjectPKInfo SubjectPublicKeyInfo
	Attributes    []Attribute `asn1:"tag:0,set"`
}

CertificationRequestInfo ::= SEQUENCE {
     version       INTEGER { v1(0) } (v1,...),
     subject       Name,
     subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
     attributes    [0] Attributes{{ CRIAttributes }}
}

type CertifiedKeyPair ¶

type CertifiedKeyPair struct {
	Cert Certificate
	//EncCert         Certificate
	PrivateKey      EncryptedValue
	PublicationInfo PKIPublicationInfo
}

CertifiedKeyPair ::= SEQUENCE {
     certOrEncCert       CertOrEncCert,
     privateKey      [0] EncryptedValue      OPTIONAL,
     -- see [RFC4211] for comment on encoding
     publicationInfo [1] PKIPublicationInfo  OPTIONAL }

type Controls ¶

type Controls []pkix.AttributeTypeAndValue

type CountryName ¶

type CountryName struct {
	X121DccCode       string `asn1:"optional,omitempty"`
	Iso3166Alpha2Code string `asn1:"optional,omitempty"`
}

type DN ¶

type DN struct {
	OID      asn1.ObjectIdentifier
	Name     string
	Code     string
	Critical bool
	Value    []byte
}

DN .

type DirectoryName ¶

type DirectoryName struct {
	Id    asn1.ObjectIdentifier
	Value string
}

type DirectoryNameSET ¶

type DirectoryNameSET struct {
	DirectoryNames []DirectoryName `asn1:"set"`
}

type DirectoryString ¶

type DirectoryString string

DirectoryString ::= CHOICE {
      teletexString           TeletexString (SIZE (1N..MAX)),
      printableString         PrintableString (SIZE (1..MAX)),
      universalString         UniversalString (SIZE (1..MAX)),
      utf8String              UTF8String (SIZE (1..MAX)),
      bmpString               BMPString (SIZE (1..MAX)) }

type EDIPartyName ¶

type EDIPartyName struct {
	Assigner  *DirectoryString `asn1:"tag:0,optonal,omitempty"`
	PartyName *DirectoryString `asn1:"tag:1"`
}

EDIPartyName ::= SEQUENCE {
	nameAssigner            [0]     DirectoryString OPTIONAL,
	partyName               [1]     DirectoryString }

type EdiPartyName ¶

type EdiPartyName struct {
	NameAssigner string `asn1:"optional,tag:0"`
	PartyName    DirectoryString
}

EDIPartyName ::= SEQUENCE {
     nameAssigner            [0]     DirectoryString OPTIONAL,
     partyName               [1]     DirectoryString }

type EncryptedValue ¶

type EncryptedValue struct {
	Raw         asn1.RawContent
	IntendedAlg pkix.AlgorithmIdentifier `asn1:"explicit,tag:0,optional,omitempty"`
	SymmAlg     pkix.AlgorithmIdentifier `asn1:"explicit,tag:1,optional,omitempty"`
	EncSymmKey  asn1.BitString           `asn1:"explicit,tag:2,optional,omitempty"`
	KeyAlg      pkix.AlgorithmIdentifier `asn1:"explicit,tag:3,optional,omitempty"`
	ValueHint   []byte                   `asn1:"explicit,tag:4,optional,omitempty"`
	EncValue    asn1.BitString
}

EncryptedValue ::= SEQUENCE {
     intendedAlg   [0] AlgorithmIdentifier{ALGORITHM, {...}}  OPTIONAL,
     -- the intended algorithm for which the value will be used
     symmAlg       [1] AlgorithmIdentifier{ALGORITHM, {...}}  OPTIONAL,
     -- the symmetric algorithm used to encrypt the value
     encSymmKey    [2] BIT STRING           OPTIONAL,
     -- the (encrypted) symmetric key used to encrypt the value
     keyAlg        [3] AlgorithmIdentifier{ALGORITHM, {...}}  OPTIONAL,
     -- algorithm used to encrypt the symmetric key
     valueHint     [4] OCTET STRING         OPTIONAL,
     -- a brief description or identifier of the encValue content
     -- (may be meaningful only to the sending entity, and used only
  -- if EncryptedValue might be re-examined by the sending entity

     -- in the future)
     encValue       BIT STRING }
     -- the encrypted value itself
 -- When EncryptedValue is used to carry a private key (as opposed to
 -- a certificate), implementations MUST support the encValue field
 -- containing an encrypted PrivateKeyInfo as defined in [PKCS11],
 -- section 12.11.  If encValue contains some other format/encoding
 -- for the private key, the first octet of valueHint MAY be used
 -- to indicate the format/encoding (but note that the possible values
 -- of this octet are not specified at this time).  In all cases, the
 -- intendedAlg field MUST be used to indicate at least the OID of
 -- the intended algorithm of the private key, unless this information
 -- is known a priori to both sender and receiver by some other means.

type ErrorMsgContent ¶

type ErrorMsgContent struct {
	PKIStatusInfo PKIStatusInfo
	ErrorCode     int         `asn1:"optional"`
	ErrporDetail  PKIFreeText `asn1:"optional"`
}

ErrorMsgContent .

type ExtensionAttribute ¶

type ExtensionAttribute struct {
	Type  int           `asn1:"tag:0"`
	Value asn1.RawValue `asn1:"tag:1"`
}

ExtensionAttribute ::=  SEQUENCE {
   extension-attribute-type [0] IMPLICIT INTEGER
                   (0..ub-extension-attributes),
   extension-attribute-value [1]
				   ANY DEFINED BY extension-attribute-type }

type ExtensionAttributes ¶

type ExtensionAttributes []ExtensionAttribute

type Extensions ¶

type Extensions []pkix.Extension

Extension  ::=  SEQUENCE  {
     extnID      OBJECT IDENTIFIER,
     critical    BOOLEAN DEFAULT FALSE,
     extnValue   OCTET STRING  }

type Extension struct {
	ExtnID    asn1.ObjectIdentifier
	Critical  bool
	ExtnValue []byte
}

type GeneralName ¶

type GeneralName struct {
	Raw                       asn1.RawContent
	OtherName                 *AnotherName          `asn1:"tag:0,optional,omitempty"`
	RFC822Name                *string               `asn1:"tag:1,ia5,optional,omitempty"`
	DNSName                   *string               `asn1:"tag:2,ia5,optional,omitempty"`
	X400Address               *ORAddress            `asn1:"tag:3,optional,omitempty"`
	DirectoryName             Name                  `asn1:"tag:4,optional,omitempty"`
	EdiPartyName              *EdiPartyName         `asn1:"tag:5,optional,omitempty"`
	UniformResourceIdentifier string                `asn1:"tag:6,ia5,optional,omitempty"`
	IPAddress                 []byte                `asn1:"tag:7,optional,omitempty"`
	RegisteredID              asn1.ObjectIdentifier `asn1:"tag:8,optional,omitempty"`
}

GeneralName ::= CHOICE {
     otherName                       [0]     AnotherName,
     rfc822Name                      [1]     IA5String,
     dNSName                         [2]     IA5String,
     x400Address                     [3]     ORAddress,
     directoryName                   [4]     Name,
     ediPartyName                    [5]     EDIPartyName,
     uniformResourceIdentifier       [6]     IA5String,
     iPAddress                       [7]     OCTET STRING,
	 registeredID                    [8]     OBJECT IDENTIFIER }

type InterDirectoryName ¶

type InterDirectoryName struct {
	InterDirectoryNameSET DirectoryNameSET
}

type InterRevRepContent ¶

type InterRevRepContent struct {
	RevRepContent RevRepContent
}

type InterState ¶

type InterState struct {
	PKIStatusInfo PKIStatusInfo
}

type KeyIdentifier ¶

type KeyIdentifier []byte

KeyIdentifier .

type KeyRecRepContent ¶

type KeyRecRepContent struct {
	Raw         asn1.RawContent
	Status      PKIStatusInfo
	NewSigCert  Certificate
	CACerts     []Certificate
	KeyPairHist []CertifiedKeyPair
}

KeyRecRepContent shall come from keyRecRepContent lower, raw

type Name ¶

type Name struct {
	RDNSequence pkix.RDNSequence
}

type NetworkAddress ¶

type NetworkAddress string

type NumericUserIdentifier ¶

type NumericUserIdentifier string

type ORAddress ¶

type ORAddress struct {
	StandardAttrs      *BuiltInStandardAttributes
	DomainDefinedAttrs *BuiltInDomainDefinedAttributes `asn1:"optional,omitempty"`
	ExtensionAttris    *ExtensionAttributes            `asn1:"optional,omitempty,set"`
}

ORAddress ::= SEQUENCE {
   built-in-standard-attributes BuiltInStandardAttributes,
   built-in-domain-defined-attributes
                   BuiltInDomainDefinedAttributes OPTIONAL,
   -- see also teletex-domain-defined-attributes
   extension-attributes ExtensionAttributes OPTIONAL }

type OptionalValidity ¶

type OptionalValidity struct {
	NotBefore time.Time `asn1:"generalized,explicit,tag:0"`
	NotAfter  time.Time `asn1:"generalized,explicit,tag:1"`
}

OptionalValidity ::= SEQUENCE {
      notBefore  [0] Time OPTIONAL,
	  notAfter   [1] Time OPTIONAL }

type OrganizationName ¶

type OrganizationName string

type OrganizationalUnitNames ¶

type OrganizationalUnitNames []string

type PKIFailureInfo ¶

type PKIFailureInfo asn1.BitString

PKIFailureInfo .

type PKIFreeText ¶

type PKIFreeText []asn1.RawValue

PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String

-- text encoded as UTF-8 String [RFC3629] (note: each
-- UTF8String MAY include an [RFC3066] language tag
-- to indicate the language of the contained text
-- see [RFC2482] for details)

type PKIHeader ¶

type PKIHeader struct {
	Raw           asn1.RawContent
	PVNO          int                      `asn1:"default:1"`
	Sender        interface{}              //GeneralName
	Recipient     interface{}              //GeneralName
	MessageTime   time.Time                `asn1:"generalized,explicit,optional,tag:0,omitempty"`
	ProtectionAlg pkix.AlgorithmIdentifier `asn1:"explicit,optional,tag:1,omitempty"`
	//SendKID       *KeyIdentifier               `asn1:"optional,tag:2,omitempty"`
	//RecipKID      *KeyIdentifier               `asn1:"optional,tag:3,omitempty"`
	TransactionID []byte                       `asn1:"optional,explicit,tag:4,omitempty"`
	SenderNonce   []byte                       `asn1:"optional,tag:5,omitempty"`
	RecipNonce    []byte                       `asn1:"optional,tag:6,omitempty"`
	FreeText      []string                     `asn1:"explicit,tag:7"`
	GeneralInfo   []pkix.AttributeTypeAndValue `asn1:"optional,tag:8,omitempty"`
}

PKIHeader .

func NewPKIHeader() *PKIHeader

func (h *PKIHeader) SetProtectionAlg(alg pkix.AlgorithmIdentifier)

type PKIMessage ¶

type PKIMessage struct {
	Raw        asn1.RawContent
	Header     PKIHeader
	Body       interface{}   // PKIBody
	Protection PKIProtection `asn1:"explicit,optional,tag:0,omitempty"`
	ExtraCerts []Certificate `asn1:"tag:1,omitempty"`
}

PKIMessage .

func (msg *PKIMessage) SerializeAsn1() ([]byte, error)

func (msg *PKIMessage) SerializeB64() (string, error)

func (msg *PKIMessage) SetBody(body interface{})

func (msg *PKIMessage) SetProtection(b []byte)

func (msg *PKIMessage) SignBy(priv crypto.Signer) error

type PKIMessageCP ¶

type PKIMessageCP struct {
	PKIMessageHead
	Body CertRepMessage `asn1:"explicit,tag:3"`
	PKIMessageFoot
}

func ParsePKIBodyCP(raw []byte) (*PKIMessageCP, error)

func (cp *PKIMessageCP) GetCertWithEncValueLst() ([]*CertWithEncValue, error)

type PKIMessageFoot ¶

type PKIMessageFoot struct {
	Protection PKIProtection       `asn1:"explicit,optional,tag:0,omitempty"`
	ExtraCerts []*x509.Certificate `asn1:"tag:1"`
}

func (msg *PKIMessageFoot) VerifyByRoot(pool *x509.CertPool) error

type PKIMessageHead ¶

type PKIMessageHead struct {
	Raw    asn1.RawContent
	Header PKIHeader
}

type PKIMessageKRP ¶

type PKIMessageKRP struct {
	PKIMessageHead
	Body KeyRecRepContent
	PKIMessageFoot
}

func ParsePKIBodyKRP(raw []byte) (*PKIMessageKRP, error)

func (krp *PKIMessageKRP) FailInfo() string

func (krp *PKIMessageKRP) GetCertWithEncValueLst() ([]*CertWithEncValue, error)

func (krp *PKIMessageKRP) StatusOK() bool

type PKIMessageKUP ¶

type PKIMessageKUP struct {
	PKIMessageHead
	Body CertRepMessage `asn1:"explicit,tag:8"`
	PKIMessageFoot
}

func ParsePKIBodyKUP(raw []byte) (*PKIMessageKUP, error)

func (kup *PKIMessageKUP) GetCertWithEncValueLst() ([]*CertWithEncValue, error)

type PKIMessageRP ¶

type PKIMessageRP struct {
	PKIMessageHead
	Body RevRepContent `asn1:"explicit,optional,tag:12"`
	PKIMessageFoot
}

func ParsePKIBodyRP(raw []byte) (*PKIMessageRP, error)

func (rp *PKIMessageRP) FailInfo() string

func (rp *PKIMessageRP) StatusOK() bool

type PKIProtection ¶

type PKIProtection = asn1.BitString

type PKIPublicationInfo ¶

type PKIPublicationInfo struct {
	Action   int
	PubInfos []SinglePubInfo `asn1:"optional,omitempty"`
}

PKIPublicationInfo ::= SEQUENCE {
    action     INTEGER {
                   dontPublish (0),
                   pleasePublish (1) },
    pubInfos  SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
    -- pubInfos MUST NOT be present if action is "dontPublish"
    -- (if action is "pleasePublish" and pubInfos is omitted,
    -- "dontCare" is assumed)

type PKIStatus ¶

type PKIStatus int

PKIStatus ::= INTEGER {
	accepted                (0),
	-- you got exactly what you asked for
	grantedWithMods        (1),
	-- you got something like what you asked for; the
	-- requester is responsible for ascertaining the differences
	rejection              (2),
	-- you don't get it, more information elsewhere in the message
	waiting                (3),
	-- the request body part has not yet been processed; expect to
	-- hear more later (note: proper handling of this status
	-- response MAY use the polling req/rep PKIMessages specified
	-- in Section 5.3.22; alternatively, polling in the underlying
	-- transport layer MAY have some utility in this regard)
	revocationWarning      (4),
	-- this message contains a warning that a revocation is
	-- imminent
	revocationNotification (5),
	-- notification that a revocation has occurred
	keyUpdateWarning       (6)
	-- update already done for the oldCertId specified in
	-- CertReqMsg
}

type PKIStatusInfo ¶

type PKIStatusInfo struct {
	Raw          asn1.RawContent
	Status       PKIStatus
	StatusString PKIFreeText    `asn1:"optional,omitempty"`
	FailInfo     asn1.BitString `asn1:"optional,omitempty"`
}

PKIStatusInfo .

type PKMACValue ¶

type PKMACValue struct {
	AlgID pkix.AlgorithmIdentifier
	Value []byte
}

PKMACValue ::= SEQUENCE { algId AlgorithmIdentifier, -- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13} -- parameter value is PBMParameter value BIT STRING }

type PersonalName ¶

type PersonalName struct {
	SurName             string `asn1:"tag:0"`
	GivenName           string `asn1:"optional,tag:1"`
	Initials            string `asn1:"optional,tag:2"`
	GenerationQualifier string `asn1:"optional,tag:3"`
}

PersonalName ::= SET {
   surname     [0] IMPLICIT PrintableString
                    (SIZE (1..ub-surname-length)),
   given-name  [1] IMPLICIT PrintableString
                    (SIZE (1..ub-given-name-length)) OPTIONAL,
   initials    [2] IMPLICIT PrintableString
                    (SIZE (1..ub-initials-length)) OPTIONAL,
   generation-qualifier [3] IMPLICIT PrintableString
                    (SIZE (1..ub-generation-qualifier-length))
					OPTIONAL }

type PrivateDomainName ¶

type PrivateDomainName string

type ProofOfPossession ¶

type ProofOfPossession struct {
}

type RevCert ¶

type RevCert struct {
	DirectoryName InterDirectoryName `asn1:"optional,tag:4"`
	SerialNumber  *big.Int
}

type RevDetails ¶

type RevDetails struct {
	CertDetails      CertTemplate
	CRLEntryDetails  *Extensions `asn1:"optional,omitempty"`
	RevocationReason asn1.BitString
}

RevDetails ::= SEQUENCE {
     certDetails         CertTemplate,
     -- allows requester to specify as much as they can about
     -- the cert. for which revocation is requested
     -- (e.g., for cases in which serialNumber is not available)
     crlEntryDetails     Extensions       OPTIONAL
     -- requested crlEntryExtensions
 }

type RevRepContent ¶

type RevRepContent struct {
	Raw      asn1.RawContent
	RevCerts RevCert `asn1:"explicit,optional,tag:0"`
	Status   InterState
}

type RevReqContent ¶

type RevReqContent []RevDetails

RevReqContent ::= SEQUENCE OF RevDetails

type SinglePubInfo ¶

type SinglePubInfo struct {
	PubMethod   int
	PubLocation GeneralName `asn1:"optional,omitempty"`
}

SinglePubInfo ::= SEQUENCE {
    pubMethod    INTEGER {
        dontCare    (0),
		x500        (1),
		web         (2),
        ldap        (3) },
    pubLocation  GeneralName OPTIONAL }

type SubjectPublicKeyInfo ¶

type SubjectPublicKeyInfo struct {
	Algorithm        pkix.AlgorithmIdentifier
	SubjectPublicKey asn1.BitString
}

SubjectPublicKeyInfo  ::=  SEQUENCE  {
     algorithm            AlgorithmIdentifier,
     subjectPublicKey     BIT STRING  }

type TerminalIdentifier ¶

type TerminalIdentifier string

type UniqueIdentifier ¶

type UniqueIdentifier = asn1.BitString

type Version ¶

type Version int