ocsp.asn1 revision 1.1
1 1.1 elric -- From rfc2560 2 1.1 elric -- $Id: ocsp.asn1,v 1.1 2011/04/13 18:15:11 elric Exp $ 3 1.1 elric OCSP DEFINITIONS EXPLICIT TAGS::= 4 1.1 elric 5 1.1 elric BEGIN 6 1.1 elric 7 1.1 elric IMPORTS 8 1.1 elric Certificate, AlgorithmIdentifier, CRLReason, 9 1.1 elric Name, GeneralName, CertificateSerialNumber, Extensions 10 1.1 elric FROM rfc2459; 11 1.1 elric 12 1.1 elric OCSPVersion ::= INTEGER { ocsp-v1(0) } 13 1.1 elric 14 1.1 elric OCSPCertStatus ::= CHOICE { 15 1.1 elric good [0] IMPLICIT NULL, 16 1.1 elric revoked [1] IMPLICIT -- OCSPRevokedInfo -- SEQUENCE { 17 1.1 elric revocationTime GeneralizedTime, 18 1.1 elric revocationReason[0] EXPLICIT CRLReason OPTIONAL 19 1.1 elric }, 20 1.1 elric unknown [2] IMPLICIT NULL } 21 1.1 elric 22 1.1 elric OCSPCertID ::= SEQUENCE { 23 1.1 elric hashAlgorithm AlgorithmIdentifier, 24 1.1 elric issuerNameHash OCTET STRING, -- Hash of Issuer's DN 25 1.1 elric issuerKeyHash OCTET STRING, -- Hash of Issuers public key 26 1.1 elric serialNumber CertificateSerialNumber } 27 1.1 elric 28 1.1 elric OCSPSingleResponse ::= SEQUENCE { 29 1.1 elric certID OCSPCertID, 30 1.1 elric certStatus OCSPCertStatus, 31 1.1 elric thisUpdate GeneralizedTime, 32 1.1 elric nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, 33 1.1 elric singleExtensions [1] EXPLICIT Extensions OPTIONAL } 34 1.1 elric 35 1.1 elric OCSPInnerRequest ::= SEQUENCE { 36 1.1 elric reqCert OCSPCertID, 37 1.1 elric singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } 38 1.1 elric 39 1.1 elric OCSPTBSRequest ::= SEQUENCE { 40 1.1 elric version [0] EXPLICIT OCSPVersion -- DEFAULT v1 -- OPTIONAL, 41 1.1 elric requestorName [1] EXPLICIT GeneralName OPTIONAL, 42 1.1 elric requestList SEQUENCE OF OCSPInnerRequest, 43 1.1 elric requestExtensions [2] EXPLICIT Extensions OPTIONAL } 44 1.1 elric 45 1.1 elric OCSPSignature ::= SEQUENCE { 46 1.1 elric signatureAlgorithm AlgorithmIdentifier, 47 1.1 elric signature BIT STRING, 48 1.1 elric certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 49 1.1 elric 50 1.1 elric OCSPRequest ::= SEQUENCE { 51 1.1 elric tbsRequest OCSPTBSRequest, 52 1.1 elric optionalSignature [0] EXPLICIT OCSPSignature OPTIONAL } 53 1.1 elric 54 1.1 elric OCSPResponseBytes ::= SEQUENCE { 55 1.1 elric responseType OBJECT IDENTIFIER, 56 1.1 elric response OCTET STRING } 57 1.1 elric 58 1.1 elric OCSPResponseStatus ::= ENUMERATED { 59 1.1 elric successful (0), --Response has valid confirmations 60 1.1 elric malformedRequest (1), --Illegal confirmation request 61 1.1 elric internalError (2), --Internal error in issuer 62 1.1 elric tryLater (3), --Try again later 63 1.1 elric --(4) is not used 64 1.1 elric sigRequired (5), --Must sign the request 65 1.1 elric unauthorized (6) --Request unauthorized 66 1.1 elric } 67 1.1 elric 68 1.1 elric OCSPResponse ::= SEQUENCE { 69 1.1 elric responseStatus OCSPResponseStatus, 70 1.1 elric responseBytes [0] EXPLICIT OCSPResponseBytes OPTIONAL } 71 1.1 elric 72 1.1 elric OCSPKeyHash ::= OCTET STRING --SHA-1 hash of responder's public key 73 1.1 elric --(excluding the tag and length fields) 74 1.1 elric 75 1.1 elric OCSPResponderID ::= CHOICE { 76 1.1 elric byName [1] Name, 77 1.1 elric byKey [2] OCSPKeyHash } 78 1.1 elric 79 1.1 elric OCSPResponseData ::= SEQUENCE { 80 1.1 elric version [0] EXPLICIT OCSPVersion -- DEFAULT v1 -- OPTIONAL, 81 1.1 elric responderID OCSPResponderID, 82 1.1 elric producedAt GeneralizedTime, 83 1.1 elric responses SEQUENCE OF OCSPSingleResponse, 84 1.1 elric responseExtensions [1] EXPLICIT Extensions OPTIONAL } 85 1.1 elric 86 1.1 elric OCSPBasicOCSPResponse ::= SEQUENCE { 87 1.1 elric tbsResponseData OCSPResponseData, 88 1.1 elric signatureAlgorithm AlgorithmIdentifier, 89 1.1 elric signature BIT STRING, 90 1.1 elric certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } 91 1.1 elric 92 1.1 elric -- ArchiveCutoff ::= GeneralizedTime 93 1.1 elric 94 1.1 elric -- AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER 95 1.1 elric 96 1.1 elric -- Object Identifiers 97 1.1 elric 98 1.1 elric id-pkix-ocsp OBJECT IDENTIFIER ::= { 99 1.1 elric iso(1) identified-organization(3) dod(6) internet(1) 100 1.1 elric security(5) mechanisms(5) pkix(7) pkix-ad(48) 1 101 1.1 elric } 102 1.1 elric 103 1.1 elric id-pkix-ocsp-basic OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 } 104 1.1 elric id-pkix-ocsp-nonce OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 } 105 1.1 elric -- id-pkix-ocsp-crl OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 } 106 1.1 elric -- id-pkix-ocsp-response OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 } 107 1.1 elric -- id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 } 108 1.1 elric -- id-pkix-ocsp-archive-cutoff OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 } 109 1.1 elric -- id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 } 110 1.1 elric 111 1.1 elric 112 1.1 elric END 113 1.1 elric 114
Indexes created Wed May 06 00:24:28 UTC 2026