Package org.bouncycastle.asn1.cmc
Support classes for Certificate Management over CMS (CMC) - RFC 5272 and RFC 6402.
-
Interface Summary Interface Description CMCObjectIdentifiers Object Identifiers from RFC 5272 -
Class Summary Class Description BodyPartID bodyIdMax INTEGER ::= 4294967295 BodyPartID ::= INTEGER(0..bodyIdMax)BodyPartList BodyPartList ::= SEQUENCE SIZE (1..MAX) OF BodyPartIDBodyPartPath BodyPartPath ::= SEQUENCE SIZE (1..MAX) OF BodyPartIDBodyPartReference BodyPartReference ::= CHOICE { bodyPartID BodyPartID, bodyPartPath BodyPartPath }CertificationRequest CertificationRequest ::= SEQUENCE { certificationRequestInfo SEQUENCE { version INTEGER, subject Name, subjectPublicKeyInfo SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING }, attributes [0] IMPLICIT SET OF Attribute }, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING }CMCFailInfo CMCFailInfo ::= INTEGER { badAlg (0), badMessageCheck (1), badRequest (2), badTime (3), badCertId (4), unsupportedExt (5), mustArchiveKeys (6), badIdentity (7), popRequired (8), popFailed (9), noKeyReuse (10), internalCAError (11), tryLater (12), authDataFail (13) }CMCPublicationInfo CMCPublicationInfo ::= SEQUENCE { hashAlg AlgorithmIdentifier, certHashes SEQUENCE OF OCTET STRING, pubInfo PKIPublicationInfo }CMCStatus CMCStatus ::= INTEGER { success (0), failed (2), pending (3), noSupport (4), confirmRequired (5), popRequired (6), partial (7) }CMCStatusInfo -- Used to return status state in a response id-cmc-statusInfo OBJECT IDENTIFIER ::= {id-cmc 1} CMCStatusInfo ::= SEQUENCE { cMCStatus CMCStatus, bodyList SEQUENCE SIZE (1..MAX) OF BodyPartID, statusString UTF8String OPTIONAL, otherInfo CHOICE { failInfo CMCFailInfo, pendInfo PendInfo } OPTIONAL }CMCStatusInfo.OtherInfo Other info implements the choice component of CMCStatusInfo.CMCStatusInfoBuilder CMCStatusInfoV2 -- Replaces CMC Status Info -- id-cmc-statusInfoV2 OBJECT IDENTIFIER ::= {id-cmc 25} CMCStatusInfoV2 ::= SEQUENCE { cMCStatus CMCStatus, bodyList SEQUENCE SIZE (1..MAX) OF BodyPartReference, statusString UTF8String OPTIONAL, otherStatusInfo OtherStatusInfo OPTIONAL } OtherStatusInfo ::= CHOICE { failInfo CMCFailInfo, pendInfo PendInfo, extendedFailInfo ExtendedFailInfo } PendInfo ::= SEQUENCE { pendToken OCTET STRING, pendTime GeneralizedTime } ExtendedFailInfo ::= SEQUENCE { failInfoOID OBJECT IDENTIFIER, failInfoValue ANY DEFINED BY failInfoOID }CMCStatusInfoV2Builder CMCUnsignedData id-aa-cmc-unsignedData OBJECT IDENTIFIER ::= {id-aa 34} CMCUnsignedData ::= SEQUENCE { bodyPartPath BodyPartPath, identifier OBJECT IDENTIFIER, content ANY DEFINED BY identifier }ControlsProcessed -- Inform follow on servers that one or more controls have already been -- processed id-cmc-controlProcessed OBJECT IDENTIFIER ::= {id-cmc 32} ControlsProcessed ::= SEQUENCE { bodyList SEQUENCE SIZE(1..MAX) OF BodyPartReference }DecryptedPOP id-cmc-decryptedPOP OBJECT IDENTIFIER ::= {id-cmc 10} DecryptedPOP ::= SEQUENCE { bodyPartID BodyPartID, thePOPAlgID AlgorithmIdentifier, thePOP OCTET STRING }EncryptedPOP id-cmc-encryptedPOP OBJECT IDENTIFIER ::= {id-cmc 9} EncryptedPOP ::= SEQUENCE { request TaggedRequest, cms ContentInfo, thePOPAlgID AlgorithmIdentifier, witnessAlgID AlgorithmIdentifier, witness OCTET STRING }ExtendedFailInfo ExtendedFailInfo ::= SEQUENCE { failInfoOID OBJECT IDENTIFIER, failInfoValue ANY DEFINED BY failInfoOID }ExtensionReq ExtensionReq ::= SEQUENCE SIZE (1..MAX) OF ExtensionGetCert id-cmc-getCert OBJECT IDENTIFIER ::= {id-cmc 15} GetCert ::= SEQUENCE { issuerName GeneralName, serialNumber INTEGER }GetCRL id-cmc-getCRL OBJECT IDENTIFIER ::= {id-cmc 16} GetCRL ::= SEQUENCE { issuerName Name, cRLName GeneralName OPTIONAL, time GeneralizedTime OPTIONAL, reasons ReasonFlags OPTIONAL }IdentityProofV2 id-cmc-identityProofV2 OBJECT IDENTIFIER ::= { id-cmc 34 } identityProofV2 ::= SEQUENCE { proofAlgID AlgorithmIdentifier, macAlgId AlgorithmIdentifier, witness OCTET STRING }LraPopWitness id-cmc-lraPOPWitness OBJECT IDENTIFIER ::= {id-cmc 11} LraPopWitness ::= SEQUENCE { pkiDataBodyid BodyPartID, bodyIds SEQUENCE OF BodyPartID }ModCertTemplate id-cmc-modCertTemplate OBJECT IDENTIFIER ::= {id-cmc 31} ModCertTemplate ::= SEQUENCE { pkiDataReference BodyPartPath, certReferences BodyPartList, replace BOOLEAN DEFAULT TRUE, certTemplate CertTemplate }OtherMsg OtherMsg ::= SEQUENCE { bodyPartID BodyPartID, otherMsgType OBJECT IDENTIFIER, otherMsgValue ANY DEFINED BY otherMsgType }OtherStatusInfo Other info implements the choice component of CMCStatusInfoV2.PendInfo PendInfo ::= SEQUENCE { pendToken OCTET STRING, pendTime GeneralizedTime }PKIData PKIData ::= SEQUENCE { controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute, reqSequence SEQUENCE SIZE(0..MAX) OF TaggedRequest, cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo, otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg }PKIResponse -- This defines the response message in the protocol id-cct-PKIResponse OBJECT IDENTIFIER ::= { id-cct 3 } ResponseBody ::= PKIResponse PKIResponse ::= SEQUENCE { controlSequence SEQUENCE SIZE(0..MAX) OF TaggedAttribute, cmsSequence SEQUENCE SIZE(0..MAX) OF TaggedContentInfo, otherMsgSequence SEQUENCE SIZE(0..MAX) OF OtherMsg }PopLinkWitnessV2 id-cmc-popLinkWitnessV2 OBJECT IDENTIFIER ::= { id-cmc 33 } PopLinkWitnessV2 ::= SEQUENCE { keyGenAlgorithm AlgorithmIdentifier, macAlgorithm AlgorithmIdentifier, witness OCTET STRING }PublishTrustAnchors PublishTrustAnchors ::= SEQUENCE { seqNumber INTEGER, hashAlgorithm AlgorithmIdentifier, anchorHashes SEQUENCE OF OCTET STRING }RevokeRequest RevokeRequest ::= SEQUENCE { issuerName Name, serialNumber INTEGER, reason CRLReason, invalidityDate GeneralizedTime OPTIONAL, passphrase OCTET STRING OPTIONAL, comment UTF8String OPTIONAL }TaggedAttribute TaggedAttribute from RFC5272TaggedCertificationRequest TaggedCertificationRequest ::= SEQUENCE { bodyPartID BodyPartID, certificationRequest CertificationRequest }TaggedContentInfo TaggedContentInfo ::= SEQUENCE { bodyPartID BodyPartID, contentInfo ContentInfo }TaggedRequest TaggedRequest ::= CHOICE { tcr [0] TaggedCertificationRequest, crm [1] CertReqMsg, orm [2] SEQUENCE { bodyPartID BodyPartID, requestMessageType OBJECT IDENTIFIER, requestMessageValue ANY DEFINED BY requestMessageType } }