blob: aae0cde414e2d8939c6f1c7ebc4c11117a275ec4 [file] [log] [blame]
David Howellsc26fd692012-09-24 17:11:48 +01001Certificate ::= SEQUENCE {
2 tbsCertificate TBSCertificate ({ x509_note_tbs_certificate }),
3 signatureAlgorithm AlgorithmIdentifier,
4 signature BIT STRING ({ x509_note_signature })
5 }
6
7TBSCertificate ::= SEQUENCE {
8 version [ 0 ] Version DEFAULT,
David Howells84aabd42014-07-01 16:40:19 +01009 serialNumber CertificateSerialNumber ({ x509_note_serial }),
David Howellsc26fd692012-09-24 17:11:48 +010010 signature AlgorithmIdentifier ({ x509_note_pkey_algo }),
11 issuer Name ({ x509_note_issuer }),
12 validity Validity,
13 subject Name ({ x509_note_subject }),
14 subjectPublicKeyInfo SubjectPublicKeyInfo,
15 issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
16 subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
17 extensions [ 3 ] Extensions OPTIONAL
18 }
19
20Version ::= INTEGER
21CertificateSerialNumber ::= INTEGER
22
23AlgorithmIdentifier ::= SEQUENCE {
24 algorithm OBJECT IDENTIFIER ({ x509_note_OID }),
25 parameters ANY OPTIONAL
26}
27
28Name ::= SEQUENCE OF RelativeDistinguishedName
29
30RelativeDistinguishedName ::= SET OF AttributeValueAssertion
31
32AttributeValueAssertion ::= SEQUENCE {
33 attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
34 attributeValue ANY ({ x509_extract_name_segment })
35 }
36
37Validity ::= SEQUENCE {
38 notBefore Time ({ x509_note_not_before }),
39 notAfter Time ({ x509_note_not_after })
40 }
41
42Time ::= CHOICE {
43 utcTime UTCTime,
44 generalTime GeneralizedTime
45 }
46
47SubjectPublicKeyInfo ::= SEQUENCE {
48 algorithm AlgorithmIdentifier,
49 subjectPublicKey BIT STRING ({ x509_extract_key_data })
50 }
51
52UniqueIdentifier ::= BIT STRING
53
54Extensions ::= SEQUENCE OF Extension
55
56Extension ::= SEQUENCE {
57 extnid OBJECT IDENTIFIER ({ x509_note_OID }),
58 critical BOOLEAN DEFAULT,
59 extnValue OCTET STRING ({ x509_process_extension })
60 }