📄 certedef.c
字号:
}
} */
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x01\x0B" ), CRYPT_CERTINFO_SUBJECTINFOACCESS,
MKDESC( "subjectInfoAccess" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_STANDARD | FL_VALID_CERT | FL_SETOF, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "subjectInfoAccess.accessDescription (timeStamping)" )
BER_SEQUENCE, 0,
FL_MORE | FL_IDENTIFIER, 0, 0, 0, NULL },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x30\x03" ), 0,
MKDESC( "subjectInfoAccess.timeStamping (1 3 6 1 5 5 7 48 3)" )
FIELDTYPE_IDENTIFIER, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_AUTHORITYINFO_TIMESTAMPING,
MKDESC( "subjectInfoAccess.accessDescription.accessLocation (timeStamping)" )
FIELDTYPE_SUBTYPED, 0,
FL_MORE | FL_MULTIVALUED | FL_OPTIONAL | FL_SEQEND, 0, 0, 0, ( void * ) generalNameInfo },
{ NULL, 0,
MKDESC( "subjectInfoAccess.accessDescription (caRepository)" )
BER_SEQUENCE, 0,
FL_MORE | FL_IDENTIFIER, 0, 0, 0, NULL },
{ MKOID( "\x06\x08\x2B\x06\x01\x05\x05\x07\x30\x05" ), 0,
MKDESC( "subjectInfoAccess.caRepository (1 3 6 1 5 5 7 48 5)" )
FIELDTYPE_IDENTIFIER, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_AUTHORITYINFO_TIMESTAMPING,
MKDESC( "subjectInfoAccess.accessDescription.accessLocation (timeStamping)" )
FIELDTYPE_SUBTYPED, 0,
FL_MORE | FL_MULTIVALUED | FL_OPTIONAL | FL_SEQEND, 0, 0, 0, ( void * ) generalNameInfo },
{ NULL, 0,
MKDESC( "subjectInfoAccess.accessDescription (catchAll)" )
BER_SEQUENCE, 0,
FL_MORE | FL_IDENTIFIER, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "subjectInfoAccess.catchAll" )
FIELDTYPE_BLOB, 0, /* Match anything and ignore it */
FL_OPTIONAL | FL_NONENCODING | FL_SEQEND, 0, 0, 0, NULL },
/* ocspNonce:
OID = 1 3 6 1 5 5 7 48 1 2
nonce INTEGER
Although the nonce should be an integer, it's really an integer
equivalent of an octet string hole so we call it an octet string to
make sure it gets handled appropriately */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02" ), CRYPT_CERTINFO_OCSP_NONCE,
MKDESC( "ocspNonce" )
BER_OCTETSTRING, BER_INTEGER, /* Actually an INTEGER hole */
FL_LEVEL_STANDARD | FL_VALID_OCSPREQ | FL_VALID_OCSPRESP, 1, 64, 0, NULL },
/* ocspAcceptableResponses:
OID = 1 3 6 1 5 5 7 48 1 4
SEQUENCE {
oidInstance1 OPTIONAL,
oidInstance2 OPTIONAL,
...
oidInstanceN OPTIONAL
} */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x04" ), CRYPT_CERTINFO_OCSP_RESPONSE,
MKDESC( "ocspAcceptableResponses" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_STANDARD | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01" ), CRYPT_CERTINFO_OCSP_RESPONSE_OCSP,
MKDESC( "ocspAcceptableResponses.ocsp (1 3 6 1 5 5 7 48 1 1)" )
FIELDTYPE_IDENTIFIER, 0,
FL_OPTIONAL, 0, 0, 0, NULL },
/* ocspNoCheck:
OID = 1 3 6 1 5 5 7 48 1 5
critical = FALSE
NULL
This value is treated as a pseudo-numeric value that must be
CRYPT_UNUSED when written and is explicitly set to CRYPT_UNUSED when
read */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x05" ), CRYPT_CERTINFO_OCSP_NOCHECK,
MKDESC( "ocspNoCheck" )
BER_NULL, 0,
FL_LEVEL_PKIX_PARTIAL | FL_VALID_CERT | FL_VALID_CERTREQ | FL_NONENCODING, CRYPT_UNUSED, CRYPT_UNUSED, 0, NULL },
/* ocspArchiveCutoff:
OID = 1 3 6 1 5 5 7 48 1 6
archiveCutoff GeneralizedTime */
{ MKOID( "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x06" ), CRYPT_CERTINFO_OCSP_ARCHIVECUTOFF,
MKDESC( "ocspArchiveCutoff" )
BER_TIME_GENERALIZED, 0,
FL_LEVEL_PKIX_PARTIAL | FL_VALID_OCSPRESP, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* dateOfCertGen
OID = 1 3 36 8 3 1
dateOfCertGen GeneralizedTime */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x01" ), CRYPT_CERTINFO_SIGG_DATEOFCERTGEN,
MKDESC( "dateOfCertGen" )
BER_TIME_GENERALIZED, 0,
FL_LEVEL_PKIX_FULL | FL_VALID_CERT, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* procuration
OID = 1 3 36 8 3 2
SEQUENCE OF {
country PrintableString SIZE(2) OPTIONAL,
typeOfSubstitution [0] PrintableString OPTIONAL,
signingFor GeneralName
} */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x02" ), CRYPT_CERTINFO_SIGG_PROCURATION,
MKDESC( "procuration" )
BER_SEQUENCE, 0,
FL_MORE | FL_VALID_CERTREQ | FL_VALID_CERT | FL_SETOF, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_COUNTRY,
MKDESC( "procuration.country" )
BER_STRING_PRINTABLE, 0,
FL_MORE | FL_MULTIVALUED | FL_OPTIONAL, 2, 2, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_TYPEOFSUBSTITUTION,
MKDESC( "procuration.typeOfSubstitution" )
BER_STRING_PRINTABLE, CTAG( 0 ),
FL_MORE | FL_MULTIVALUED | FL_OPTIONAL, 1, 128, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_PROCURE_SIGNINGFOR,
MKDESC( "procuration.signingFor.thirdPerson" )
FIELDTYPE_SUBTYPED, 0,
FL_MULTIVALUED, 0, 0, 0, ( void * ) generalNameInfo },
/* monetaryLimit
OID = 1 3 36 8 3 4
SEQUENCE {
currency PrintableString SIZE(3),
amount INTEGER,
exponent INTEGER
} */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x04" ), CRYPT_CERTINFO_SIGG_MONETARYLIMIT,
MKDESC( "monetaryLimit" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_PKIX_FULL | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_CURRENCY,
MKDESC( "monetaryLimit.currency" )
BER_STRING_PRINTABLE, 0,
FL_MORE, 3, 3, 0, NULL },
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_AMOUNT,
MKDESC( "monetaryLimit.amount" )
BER_INTEGER, 0,
FL_MORE, 1, 255, 0, NULL }, /* That's what the spec says */
{ NULL, CRYPT_CERTINFO_SIGG_MONETARY_EXPONENT,
MKDESC( "monetaryLimit.exponent" )
BER_INTEGER, 0,
0, 0, 255, 0, NULL },
/* restriction
OID = 1 3 36 8 3 8
restriction PrintableString */
{ MKOID( "\x06\x05\x2B\x24\x08\x03\x08" ), CRYPT_CERTINFO_SIGG_RESTRICTION,
MKDESC( "restriction" )
BER_STRING_PRINTABLE, 0,
FL_LEVEL_PKIX_FULL | FL_VALID_CERT, 1, 128, 0, NULL },
/* strongExtranet:
OID = 1 3 101 1 4 1
SEQUENCE {
version INTEGER (0),
SEQUENCE OF {
SEQUENCE {
zone INTEGER,
id OCTET STRING (SIZE(1..64))
}
}
} */
{ MKOID( "\x06\x05\x2B\x65\x01\x04\x01" ), CRYPT_CERTINFO_STRONGEXTRANET,
MKDESC( "strongExtranet" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_PKIX_PARTIAL | FL_VALID_CERTREQ | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "strongExtranet.version" )
FIELDTYPE_BLOB, 0, /* Always 0 */
FL_MORE | FL_NONENCODING, 0, 0, 3, "\x02\x01\x00" },
{ NULL, 0,
MKDESC( "strongExtranet.sxNetIDList" )
BER_SEQUENCE, 0,
FL_MORE | FL_SETOF, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "strongExtranet.sxNetIDList.sxNetID" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_STRONGEXTRANET_ZONE,
MKDESC( "strongExtranet.sxNetIDList.sxNetID.zone" )
BER_INTEGER, 0,
FL_MORE, 0, INT_MAX, 0, NULL },
{ NULL, CRYPT_CERTINFO_STRONGEXTRANET_ID,
MKDESC( "strongExtranet.sxNetIDList.sxnetID.id" )
BER_OCTETSTRING, 0,
FL_SEQEND_2, 1, 64, 0, NULL },
/* subjectDirectoryAttributes:
OID = 2 5 29 9
SEQUENCE SIZE (1..MAX) OF {
SEQUENCE {
type OBJECT IDENTIFIER,
values SET OF ANY -- SIZE (1)
} */
{ MKOID( "\x06\x03\x55\x1D\x09" ), CRYPT_CERTINFO_SUBJECTDIRECTORYATTRIBUTES,
MKDESC( "subjectDirectoryAttributes" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_PKIX_PARTIAL | FL_VALID_CERT | FL_SETOF, 0, 0, 0, NULL },
{ NULL, 0,
MKDESC( "subjectDirectoryAttributes.attribute" )
BER_SEQUENCE, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTDIR_TYPE,
MKDESC( "subjectDirectoryAttributes.attribute.type" )
BER_OBJECT_IDENTIFIER, 0,
FL_MORE | FL_MULTIVALUED, 3, 32, 0, NULL },
{ NULL, 0,
MKDESC( "subjectDirectoryAttributes.attribute.values" )
BER_SET, 0,
FL_MORE, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTDIR_VALUES,
MKDESC( "subjectDirectoryAttributes.attribute.values.value" )
FIELDTYPE_BLOB, 0,
FL_MULTIVALUED | FL_SEQEND, 1, 1024, 0, NULL },
/* subjectKeyIdentifier:
OID = 2 5 29 14
OCTET STRING */
{ MKOID( "\x06\x03\x55\x1D\x0E" ), CRYPT_CERTINFO_SUBJECTKEYIDENTIFIER,
MKDESC( "subjectKeyIdentifier" )
BER_OCTETSTRING, 0,
FL_LEVEL_STANDARD | FL_VALID_CERT, 1, 64, 0, NULL },
/* keyUsage:
OID = 2 5 29 15
critical = TRUE
BITSTRING */
{ MKOID( "\x06\x03\x55\x1D\x0F" ), CRYPT_CERTINFO_KEYUSAGE,
MKDESC( "keyUsage" )
BER_BITSTRING, 0,
FL_CRITICAL | FL_LEVEL_REDUCED | FL_VALID_CERTREQ | FL_VALID_CERT, 0, CRYPT_KEYUSAGE_LAST, 0, NULL },
/* privateKeyUsagePeriod:
OID = 2 5 29 16
SEQUENCE {
notBefore [ 0 ] GeneralizedTime OPTIONAL,
notAfter [ 1 ] GeneralizedTime OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x10" ), CRYPT_CERTINFO_PRIVATEKEYUSAGEPERIOD,
MKDESC( "privateKeyUsagePeriod" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_PKIX_PARTIAL | FL_VALID_CERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_PRIVATEKEY_NOTBEFORE,
MKDESC( "privateKeyUsagePeriod.notBefore" )
BER_TIME_GENERALIZED, CTAG( 0 ),
FL_MORE | FL_OPTIONAL, sizeof( time_t ), sizeof( time_t ), 0, NULL },
{ NULL, CRYPT_CERTINFO_PRIVATEKEY_NOTAFTER,
MKDESC( "privateKeyUsagePeriod.notAfter" )
BER_TIME_GENERALIZED, CTAG( 1 ),
FL_OPTIONAL, sizeof( time_t ), sizeof( time_t ), 0, NULL },
/* subjectAltName:
OID = 2 5 29 17
SEQUENCE OF GeneralName */
{ MKOID( "\x06\x03\x55\x1D\x11" ), FIELDID_FOLLOWS,
MKDESC( "subjectAltName" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_STANDARD | FL_VALID_CERTREQ | FL_VALID_CERT | FL_SETOF, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_SUBJECTALTNAME,
MKDESC( "subjectAltName.generalName" )
FIELDTYPE_SUBTYPED, 0,
FL_MULTIVALUED, 0, 0, 0, ( void * ) generalNameInfo },
/* issuerAltName:
OID = 2 5 29 18
SEQUENCE OF GeneralName */
{ MKOID( "\x06\x03\x55\x1D\x12" ), FIELDID_FOLLOWS,
MKDESC( "issuerAltName" )
BER_SEQUENCE, 0,
FL_MORE | FL_LEVEL_STANDARD | FL_VALID_CERT | FL_VALID_CRL | FL_SETOF, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_ISSUERALTNAME,
MKDESC( "issuerAltName.generalName" )
FIELDTYPE_SUBTYPED, 0,
FL_MULTIVALUED, 0, 0, 0, ( void * ) generalNameInfo },
/* basicConstraints:
OID = 2 5 29 19
critical = TRUE
SEQUENCE {
cA BOOLEAN DEFAULT FALSE,
pathLenConstraint INTEGER (0..64) OPTIONAL
} */
{ MKOID( "\x06\x03\x55\x1D\x13" ), CRYPT_CERTINFO_BASICCONSTRAINTS,
MKDESC( "basicConstraints" )
BER_SEQUENCE, 0,
FL_MORE | FL_CRITICAL | FL_LEVEL_REDUCED | FL_VALID_CERTREQ | FL_VALID_CERT | FL_VALID_ATTRCERT, 0, 0, 0, NULL },
{ NULL, CRYPT_CERTINFO_CA,
MKDESC( "basicConstraints.cA" )
BER_BOOLEAN, 0,
FL_MORE | FL_OPTIONAL | FL_DEFAULT, FALSE, TRUE, FALSE, NULL },
{ NULL, CRYPT_CERTINFO_PATHLENCONSTRAINT,
MKDESC( "basicConstraints.pathLenConstraint" )
BER_INTEGER, 0,
FL_OPTIONAL, 0, 64, 0, NULL },
/* cRLNumber:
OID = 2 5 29 20
INTEGER */
{ MKOID( "\x06\x03\x55\x1D\x14" ), CRYPT_CERTINFO_CRLNUMBER,
MKDESC( "cRLNumber" )
BER_INTEGER, 0,
FL_LEVEL_PKIX_PARTIAL | FL_VALID_CRL, 0, INT_MAX, 0, NULL },
/* cRLReason:
OID = 2 5 29 21
ENUMERATED */
{ MKOID( "\x06\x03\x55\x1D\x15" ), CRYPT_CERTINFO_CRLREASON,
MKDESC( "cRLReason" )
BER_ENUMERATED, 0,
FL_LEVEL_REDUCED | FL_VALID_CRL | FL_VALID_REVREQ /*Per-entry*/, 0, CRYPT_CRLREASON_LAST, 0, NULL },
/* holdInstructionCode:
OID = 2 5 29 23
OBJECT IDENTIFIER */
{ MKOID( "\x06\x03\x55\x1D\x17" ), CRYPT_CERTINFO_HOLDINSTRUCTIONCODE,
MKDESC( "holdInstructionCode" )
FIELDTYPE_CHOICE, 0,
FL_LEVEL_PKIX_PARTIAL | FL_VALID_CRL | FL_VALID_REVREQ /*Per-entry*/, CRYPT_HOLDINSTRUCTION_NONE, CRYPT_HOLDINSTRUCTION_LAST, 0, ( void * ) holdInstructionInfo },
/* invalidityDate:
OID = 2 5 29 24
GeneralizedTime */
{ MKOID( "\x06\x03\x55\x1D\x18" ), CRYPT_CERTINFO_INVALIDITYDATE,
MKDESC( "invalidityDate" )
BER_TIME_GENERALIZED, 0,
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -