certedef.c
来自「提供了很多种加密算法和CA认证及相关服务如CMP、OCSP等的开发」· C语言 代码 · 共 1,651 行 · 第 1/5 页
C
1,651 行
/* ocspNoCheck:
OID = 1 3 6 1 5 5 7 48 1 5
critical = FALSE
NULL
This value is treated as a pseudo-numeric value which must be
CRYPT_UNUSED when written and is explicitly set to CRYPT_UNUSED when
read */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x05" ), CRYPT_CERTINFO_OCSP_NOCHECK,
MKDESC( "ocspNoCheck" )
BER_NULL, 0,
FL_VALID_CERT | FL_VALID_CERTREQ | FL_NONENCODING, CRYPT_UNUSED, CRYPT_UNUSED, 0, NULL },
/* ocspArchiveCutoff:
OID = 1 3 6 1 5 5 7 48 1 6
critical = FALSE
archiveCutoff GeneralizedTime */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x06" ), CRYPT_CERTINFO_OCSP_ARCHIVECUTOFF,
MKDESC( "ocspArchiveCutoff" )
BER_TIME_GENERALIZED, 0,
FL_VALID_OCSPRESP, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* dateOfCertGen
OID = 1 3 36 8 3 1
critical = FALSE
dateOfCertGen GeneralizedTime */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x01" ), CRYPT_CERTINFO_SIGG_DATEOFCERTGEN,
MKDESC( "dateOfCertGen" )
BER_TIME_GENERALIZED, 0,
FL_VALID_CERT, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* procuration
OID = 1 3 36 8 3 2
critical = FALSE
SEQUENCE OF { -- SIZE (1)
country PrintableString SIZE(2) OPTIONAL,
typeOfSubstitution [0] PrintableString OPTIONAL,
signingFor GeneralName
} */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x02" ), CRYPT_CERTINFO_SIGG_PROCURATION,
MKDESC( "procuration" )
BER_SEQUENCE, 0,
FL_MORE | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_COUNTRY,
MKDESC( "procuration.country" )
BER_STRING_PRINTABLE, 0,
FL_MORE | FL_OPTIONAL, 2, 2, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION,
MKDESC( "procuration.typeOfSubstitution" )
BER_STRING_PRINTABLE, CTAG( 0 ),
FL_MORE | FL_OPTIONAL, 1, 128, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_SIGNINGFOR,
MKDESC( "procuration.signingFor.thirdPerson" )
FIELDTYPE_SUBTYPED, 0,
0, 0, 0, 0, ( void * ) generalNameInfo },
/* monetaryLimit
OID = 1 3 36 8 3 4
critical = FALSE
SEQUENCE {
currency PrintableString SIZE(3),
amount INTEGER,
exponent INTEGER
} */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x04" ), CRYPT_CERTINFO_SIGG_MONETARYLIMIT,
MKDESC( "monetaryLimit" )
BER_SEQUENCE, 0,
FL_MORE | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_CURRENCY,
MKDESC( "monetaryLimit.currency" )
BER_STRING_PRINTABLE, 0,
FL_MORE, 3, 3, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_AMOUNT,
MKDESC( "monetaryLimit.amount" )
BER_INTEGER, 0,
FL_MORE, 1, 255, 0, NULL }, /* That's what the spec says */
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_EXPONENT,
MKDESC( "monetaryLimit.exponent" )
BER_INTEGER, 0,
0, 0, 255, 0, NULL },
/* restriction
OID = 1 3 36 8 3 8
critical = FALSE
restriction PrintableString */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x08" ), CRYPT_CERTINFO_SIGG_RESTRICTION,
MKDESC( "restriction" )
BER_STRING_PRINTABLE, 0,
FL_VALID_CERT, 1, 128, 0, NULL },
/* strongExtranet:
OID = 1 3 101 1 4 1
critical = FALSE
SEQUENCE {
version INTEGER (0),
SEQUENCE OF { -- SIZE (1)
SEQUENCE {
zone INTEGER,
id OCTET STRING (SIZE(1..64))
}
}
} */
{ MKOID( "\x06\x05\x2B\x65\x01\x04\x01" ), CRYPT_CERTINFO_STRONGEXTRANET,
MKDESC( "strongExtranet" )
BER_SEQUENCE, 0,
FL_MORE | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "strongExtranet.version" )
FIELDTYPE_BLOB, 0, /* Always 0 */
FL_MORE | FL_NONENCODING, 0, 0, 3, "\x02\x01\x00" },
{ NULL, 0,
MKDESC( "strongExtranet.sxNetIDList" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "strongExtranet.sxNetIDList.sxNetID" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_STRONGEXTRANET_ZONE,
MKDESC( "strongExtranet.sxNetIDList.sxNetID.zone" )
BER_INTEGER, 0,
FL_MORE, 0, INT_MAX, 0, NULL },
{ NULL, CRYPT_CERTINFO_STRONGEXTRANET_ID,
MKDESC( "strongExtranet.sxNetIDList.sxnetID.id" )
BER_OCTETSTRING, 0,
0, 1, 64, 0, NULL },
/* subjectDirectoryAttributes:
OID = 2 5 29 9
critical = FALSE
SEQUENCE SIZE (1..MAX) OF {
SEQUENCE {
type OBJECT IDENTIFIER,
values SET OF ANY -- SIZE (1)
} */
{ MKOID( "\x06\x03\x55\x1D\x09" ), CRYPT_CERTINFO_SUBJECTDIRECTORYATTRIBUTES,
MKDESC( "subjectDirectoryAttributes" )
BER_SEQUENCE, 0,
FL_MORE | FL_RO | FL_SETOF_VARIABLE | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "subjectDirectoryAttributes.attribute" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTDIR_TYPE,
MKDESC( "subjectDirectoryAttributes.attribute.type" )
BER_OBJECT_IDENTIFIER, 0,
FL_MORE | FL_RO | FL_MULTIVALUED, 3, 32, 0, NULL },
{ NULL, 0,
MKDESC( "subjectDirectoryAttributes.attribute.values" )
BER_SET, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTDIR_VALUES,
MKDESC( "subjectDirectoryAttributes.attribute.values.value" )
FIELDTYPE_BLOB, 0,
FL_RO | FL_MULTIVALUED, 1, 1024, 0, NULL },
/* subjectKeyIdentifier:
OID = 2 5 29 14
critical = FALSE
OCTET STRING */
{ MKOID( "\x06\x03\x55\x1D\x0E" ), CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER,
MKDESC( "subjectKeyIdentifier" )
BER_OCTETSTRING, 0,
FL_RO | FL_VALID_CERT, 1, 64, 0, NULL },
/* keyUsage:
OID = 2 5 29 15
critical = TRUE
BITSTRING */
{ MKOID( "\x06\x03\x55\x1D\x0F" ), CRYPT_CERTINFO_KEYUSAGE,
MKDESC( "keyUsage" )
BER_BITSTRING, 0,
FL_CRITICAL | FL_VALID_CERTREQ | FL_VALID_CERT, 0, CRYPT_KEYUSAGE_LAST, 0, NULL },
/* privateKeyUsagePeriod:
OID = 2 5 29 16
critical = FALSE
SEQUENCE {
notBefore [ 0 ] GeneralizedTime OPTIONAL,
notAfter [ 1 ] GeneralizedTime OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x10" ), CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD,
MKDESC( "privateKeyUsagePeriod" )
BER_SEQUENCE, 0,
FL_MORE | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE,
MKDESC( "privateKeyUsagePeriod.notBefore" )
BER_TIME_GENERALIZED, CTAG( 0 ),
FL_MORE | FL_OPTIONAL, sizeof( time_t ), sizeof( time_t ), 0, NULL },
{ NULL, CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER,
MKDESC( "privateKeyUsagePeriod.notAfter" )
BER_TIME_GENERALIZED, CTAG( 1 ),
FL_OPTIONAL, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* subjectAltName:
OID = 2 5 29 17
SEQUENCE OF GeneralName -- SIZE (1) */
{ MKOID( "\x06\x03\x55\x1D\x11" ), FIELDID_FOLLOWS,
MKDESC( "subjectAltName" )
BER_SEQUENCE, 0,
FL_MORE | FL_SETOF_VARIABLE | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTALTNAME,
MKDESC( "subjectAltName.generalName" )
FIELDTYPE_SUBTYPED, 0,
FL_MULTIVALUED, 0, 0, 0, ( void * ) generalNameInfo },
/* issuerAltName:
OID = 2 5 29 18
SEQUENCE OF GeneralName -- SIZE (1) */
{ MKOID( "\x06\x03\x55\x1D\x12" ), FIELDID_FOLLOWS,
MKDESC( "issuerAltName" )
BER_SEQUENCE, 0,
FL_MORE | FL_SETOF_VARIABLE | FL_VALID_CERT | FL_VALID_CRL | FL_RO, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_ISSUERALTNAME,
MKDESC( "issuerAltName.generalName" )
FIELDTYPE_SUBTYPED, 0,
FL_MULTIVALUED, 0, 0, 0, ( void * ) generalNameInfo },
/* basicConstraints:
OID = 2 5 29 19
critical = TRUE
SEQUENCE {
cA BOOLEAN DEFAULT FALSE,
pathLenConstraint INTEGER (0..64) OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x13" ), CRYPT_CERTINFO_BASICCONSTRAINTS,
MKDESC( "basicConstraints" )
BER_SEQUENCE, 0,
FL_MORE | FL_CRITICAL | FL_VALID_CERTREQ | FL_VALID_CERT | FL_VALID_ATTRCERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_CA,
MKDESC( "basicConstraints.cA" )
BER_BOOLEAN, 0,
FL_MORE | FL_OPTIONAL | FL_DEFAULT, FALSE, TRUE, FALSE, NULL },
{ NULL, CRYPT_CERTINFO_PATHLENCONSTRAINT,
MKDESC( "basicConstraints.pathLenConstraint" )
BER_INTEGER, 0,
FL_OPTIONAL, 0, 64, 0, NULL },
/* cRLNumber:
OID = 2 5 29 20
INTEGER */
{ MKOID( "\x06\x03\x55\x1D\x14" ), CRYPT_CERTINFO_CRLNUMBER,
MKDESC( "cRLNumber" )
BER_INTEGER, 0,
FL_VALID_CRL, 0, INT_MAX, 0, NULL },
/* cRLReason:
OID = 2 5 29 21
ENUMERATED */
{ MKOID( "\x06\x03\x55\x1D\x15" ), CRYPT_CERTINFO_CRLREASON,
MKDESC( "cRLReason" )
BER_ENUMERATED, 0,
FL_VALID_CRL | FL_VALID_REVREQ /*Per-entry*/, 0, CRYPT_CRLREASON_LAST, 0, NULL },
/* holdInstructionCode:
OID = 2 5 29 23
OBJECT IDENTIFIER */
{ MKOID( "\x06\x03\x55\x1D\x17" ), CRYPT_CERTINFO_HOLDINSTRUCTIONCODE,
MKDESC( "holdInstructionCode" )
FIELDTYPE_CHOICE, 0,
FL_VALID_CRL | FL_VALID_REVREQ /*Per-entry*/, CRYPT_HOLDINSTRUCTION_NONE, CRYPT_HOLDINSTRUCTION_LAST, 0, ( void * ) holdInstructionInfo },
/* invalidityDate:
OID = 2 5 29 24
GeneralizedTime */
{ MKOID( "\x06\x03\x55\x1D\x18" ), CRYPT_CERTINFO_INVALIDITYDATE,
MKDESC( "invalidityDate" )
BER_TIME_GENERALIZED, 0,
FL_VALID_CRL | FL_VALID_REVREQ /*Per-entry*/, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* deltaCRLIndicator:
OID = 2 5 29 27
critical = TRUE
INTEGER */
{ MKOID( "\x06\x03\x55\x1D\x1B" ), CRYPT_CERTINFO_DELTACRLINDICATOR,
MKDESC( "deltaCRLIndicator" )
BER_INTEGER, 0,
FL_CRITICAL | FL_VALID_CRL, 0, INT_MAX, 0, NULL },
/* issuingDistributionPoint:
OID = 2 5 29 28
critical = TRUE
SEQUENCE {
distributionPoint [ 0 ] {
fullName [ 0 ] { -- CHOICE { ... }
SEQUENCE OF GeneralName -- GeneralNames
}
} OPTIONAL,
onlyContainsUserCerts
[ 1 ] BOOLEAN DEFAULT FALSE,
onlyContainsCACerts
[ 2 ] BOOLEAN DEFAULT FALSE,
onlySomeReasons [ 3 ] BITSTRING OPTIONAL,
indirectCRL [ 4 ] BOOLEAN DEFAULT FALSE
} */
{ MKOID( "\x06\x03\x55\x1D\x1C" ), CRYPT_CERTINFO_ISSUINGDISTRIBUTIONPOINT,
MKDESC( "issuingDistributionPoint" )
BER_SEQUENCE, 0,
FL_MORE | FL_CRITICAL | FL_VALID_CRL, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "issuingDistributionPoint.distributionPoint" )
BER_SEQUENCE, CTAG( 0 ),
FL_MORE | FL_OPTIONAL, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "issuingDistributionPoint.distributionPoint.fullName" )
BER_SEQUENCE, CTAG( 0 ),
FL_MORE, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "issuingDistributionPoint.distributionPoint.fullName.generalNames" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_ISSUINGDIST_FULLNAME,
MKDESC( "issuingDistributionPoint.distributionPoint.fullName.generalNames.generalName" )
FIELDTYPE_SUBTYPED, 0,
FL_MORE | FL_OPTIONAL | FL_SEQEND_3, 0, 0, 0, ( void * ) generalNameInfo },
{ NULL, CRYPT_CERTINFO_ISSUINGDIST_USERCERTSONLY,
MKDESC( "issuingDistributionPoint.onlyContainsUserCerts" )
BER_BOOLEAN, CTAG( 1 ),
FL_MORE | FL_OPTIONAL | FL_DEFAULT, FALSE, TRUE, FALSE, NULL },
{ NULL, CRYPT_CERTINFO_ISSUINGDIST_CACERTSONLY,
MKDESC( "issuingDistributionPoint.onlyContainsCACerts" )
BER_BOOLEAN, CTAG( 2 ),
FL_MORE | FL_OPTIONAL | FL_DEFAULT, FALSE, TRUE, FALSE, NULL },
{ NULL, CRYPT_CERTINFO_ISSUINGDIST_SOMEREASONSONLY,
MKDESC( "issuingDistributionPoint.onlySomeReasons" )
BER_BITSTRING, CTAG( 3 ),
FL_MORE | FL_OPTIONAL, 0, CRYPT_CRLREASONFLAG_LAST, 0, NULL },
{ NULL, CRYPT_CERTINFO_ISSUINGDIST_INDIRECTCRL,
MKDESC( "issuingDistributionPoint.indirectCRL" )
BER_BOOLEAN, CTAG( 4 ),
FL_OPTIONAL | FL_DEFAULT, FALSE, TRUE, FALSE, NULL },
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?