blob: 3c65e00243cbe291eb3b2df779f7d49529674450 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
|
namespace Org.BouncyCastle.Asn1.IsisMtt
{
// TODO[api] Make static
public abstract class IsisMttObjectIdentifiers
{
public static readonly DerObjectIdentifier IdIsisMtt = new DerObjectIdentifier("1.3.36.8");
public static readonly DerObjectIdentifier IdIsisMttCP = new DerObjectIdentifier(IdIsisMtt + ".1");
/**
* The id-isismtt-cp-accredited OID indicates that the certificate is a
* qualified certificate according to Directive 1999/93/EC of the European
* Parliament and of the Council of 13 December 1999 on a Community
* Framework for Electronic Signatures, which additionally conforms the
* special requirements of the SigG and has been issued by an accredited CA.
*/
public static readonly DerObjectIdentifier IdIsisMttCPAccredited = new DerObjectIdentifier(IdIsisMttCP + ".1");
public static readonly DerObjectIdentifier IdIsisMttAT = new DerObjectIdentifier(IdIsisMtt + ".3");
/**
* Certificate extensionDate of certificate generation
*
* <pre>
* DateOfCertGenSyntax ::= GeneralizedTime
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATDateOfCertGen = new DerObjectIdentifier(IdIsisMttAT + ".1");
/**
* Attribute to indicate that the certificate holder may sign in the name of
* a third person. May also be used as extension in a certificate.
*/
public static readonly DerObjectIdentifier IdIsisMttATProcuration = new DerObjectIdentifier(IdIsisMttAT + ".2");
/**
* Attribute to indicate admissions to certain professions. May be used as
* attribute in attribute certificate or as extension in a certificate
*/
public static readonly DerObjectIdentifier IdIsisMttATAdmission = new DerObjectIdentifier(IdIsisMttAT + ".3");
/**
* Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST
* be used in new certificates in place of the extension/attribute
* MonetaryLimit since January 1, 2004. For the sake of backward
* compatibility with certificates already in use, SigG conforming
* components MUST support MonetaryLimit (as well as QcEuLimitValue).
*/
public static readonly DerObjectIdentifier IdIsisMttATMonetaryLimit = new DerObjectIdentifier(IdIsisMttAT + ".4");
/**
* A declaration of majority. May be used as attribute in attribute
* certificate or as extension in a certificate
*/
public static readonly DerObjectIdentifier IdIsisMttATDeclarationOfMajority = new DerObjectIdentifier(IdIsisMttAT + ".5");
/**
*
* Serial number of the smart card containing the corresponding private key
*
* <pre>
* ICCSNSyntax ::= OCTET STRING (SIZE(8..20))
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATIccsn = new DerObjectIdentifier(IdIsisMttAT + ".6");
/**
*
* Reference for a file of a smartcard that stores the public key of this
* certificate and that is used as �security anchor�.
*
* <pre>
* PKReferenceSyntax ::= OCTET STRING (SIZE(20))
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATPKReference = new DerObjectIdentifier(IdIsisMttAT + ".7");
/**
* Some other restriction regarding the usage of this certificate. May be
* used as attribute in attribute certificate or as extension in a
* certificate.
*
* <pre>
* RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
* </pre>
*
* @see Org.BouncyCastle.Asn1.IsisMtt.X509.Restriction
*/
public static readonly DerObjectIdentifier IdIsisMttATRestriction = new DerObjectIdentifier(IdIsisMttAT + ".8");
/**
*
* (Single)Request extension: Clients may include this extension in a
* (single) Request to request the responder to send the certificate in the
* response message along with the status information. Besides the LDAP
* service, this extension provides another mechanism for the distribution
* of certificates, which MAY optionally be provided by certificate
* repositories.
*
* <pre>
* RetrieveIfAllowed ::= BOOLEAN
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATRetrieveIfAllowed = new DerObjectIdentifier(IdIsisMttAT + ".9");
/**
* SingleOCSPResponse extension: The certificate requested by the client by
* inserting the RetrieveIfAllowed extension in the request, will be
* returned in this extension.
*
* @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.RequestedCertificate
*/
public static readonly DerObjectIdentifier IdIsisMttATRequestedCertificate = new DerObjectIdentifier(IdIsisMttAT + ".10");
/**
* Base ObjectIdentifier for naming authorities
*/
public static readonly DerObjectIdentifier IdIsisMttATNamingAuthorities = new DerObjectIdentifier(IdIsisMttAT + ".11");
/**
* SingleOCSPResponse extension: Date, when certificate has been published
* in the directory and status information has become available. Currently,
* accrediting authorities enforce that SigG-conforming OCSP servers include
* this extension in the responses.
*
* <pre>
* CertInDirSince ::= GeneralizedTime
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATCertInDirSince = new DerObjectIdentifier(IdIsisMttAT + ".12");
/**
* Hash of a certificate in OCSP.
*
* @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.CertHash
*/
public static readonly DerObjectIdentifier IdIsisMttATCertHash = new DerObjectIdentifier(IdIsisMttAT + ".13");
/**
* <pre>
* NameAtBirth ::= DirectoryString(SIZE(1..64)
* </pre>
*
* Used in
* {@link Org.BouncyCastle.Asn1.X509.SubjectDirectoryAttributes SubjectDirectoryAttributes}
*/
public static readonly DerObjectIdentifier IdIsisMttATNameAtBirth = new DerObjectIdentifier(IdIsisMttAT + ".14");
/**
* Some other information of non-restrictive nature regarding the usage of
* this certificate. May be used as attribute in atribute certificate or as
* extension in a certificate.
*
* <pre>
* AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
* </pre>
*
* @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdditionalInformationSyntax
*/
public static readonly DerObjectIdentifier IdIsisMttATAdditionalInformation = new DerObjectIdentifier(IdIsisMttAT + ".15");
/**
* Indicates that an attribute certificate exists, which limits the
* usability of this public key certificate. Whenever verifying a signature
* with the help of this certificate, the content of the corresponding
* attribute certificate should be concerned. This extension MUST be
* included in a PKC, if a corresponding attribute certificate (having the
* PKC as base certificate) contains some attribute that restricts the
* usability of the PKC too. Attribute certificates with restricting content
* MUST always be included in the signed document.
*
* <pre>
* LiabilityLimitationFlagSyntax ::= BOOLEAN
* </pre>
*/
public static readonly DerObjectIdentifier IdIsisMttATLiabilityLimitationFlag = new DerObjectIdentifier("0.2.262.1.10.12.0");
}
}
|