summaryrefslogtreecommitdiff
path: root/lib/pkix.asn
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2012-09-13 21:31:10 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2012-09-13 21:31:10 +0200
commitb953eba6e308e59471dffc675499873b462faeb7 (patch)
tree3f1082f9ab897fd26f158d31a0569037a77dcf10 /lib/pkix.asn
parent769ef368f67cd4bf04ea3208b23ae8a6c76e344b (diff)
downloadgnutls-b953eba6e308e59471dffc675499873b462faeb7.tar.gz
small optimizations in ASN.1 to save memory
Diffstat (limited to 'lib/pkix.asn')
-rw-r--r--lib/pkix.asn55
1 files changed, 14 insertions, 41 deletions
diff --git a/lib/pkix.asn b/lib/pkix.asn
index 59919aecba..d892c260e6 100644
--- a/lib/pkix.asn
+++ b/lib/pkix.asn
@@ -214,7 +214,7 @@ Certificate ::= SEQUENCE {
signature BIT STRING }
TBSCertificate ::= SEQUENCE {
- version [0] EXPLICIT Version DEFAULT v1,
+ version [0] EXPLICIT INTEGER DEFAULT 0,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
@@ -229,8 +229,6 @@ TBSCertificate ::= SEQUENCE {
-- If present, version shall be v3 --
}
-Version ::= INTEGER { v1(0), v2(1), v3(2) }
-
CertificateSerialNumber ::= INTEGER
Validity ::= SEQUENCE {
@@ -265,7 +263,7 @@ CertificateList ::= SEQUENCE {
signature BIT STRING }
TBSCertList ::= SEQUENCE {
- version Version OPTIONAL,
+ version INTEGER OPTIONAL,
-- if present, shall be v2
signature AlgorithmIdentifier,
issuer Name,
@@ -356,16 +354,14 @@ pkcs-7-ContentInfo ::= SEQUENCE {
content [0] EXPLICIT ANY DEFINED BY contentType }
pkcs-7-DigestInfo ::= SEQUENCE {
- digestAlgorithm pkcs-7-DigestAlgorithmIdentifier,
- digest pkcs-7-Digest
+ digestAlgorithm AlgorithmIdentifier,
+ digest OCTET STRING
}
-pkcs-7-Digest ::= OCTET STRING
-
pkcs-7-ContentType ::= OBJECT IDENTIFIER
pkcs-7-SignedData ::= SEQUENCE {
- version pkcs-7-CMSVersion,
+ version INTEGER,
digestAlgorithms pkcs-7-DigestAlgorithmIdentifiers,
encapContentInfo pkcs-7-EncapsulatedContentInfo,
certificates [0] IMPLICIT pkcs-7-CertificateSet OPTIONAL,
@@ -373,11 +369,7 @@ pkcs-7-SignedData ::= SEQUENCE {
signerInfos pkcs-7-SignerInfos
}
-pkcs-7-CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4) }
-
-pkcs-7-DigestAlgorithmIdentifiers ::= SET OF pkcs-7-DigestAlgorithmIdentifier
-
-pkcs-7-DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+pkcs-7-DigestAlgorithmIdentifiers ::= SET OF AlgorithmIdentifier
pkcs-7-EncapsulatedContentInfo ::= SEQUENCE {
eContentType pkcs-7-ContentType,
@@ -404,7 +396,7 @@ pkcs-7-SignerInfos ::= SET OF ANY -- this is not correct but we don't use it
-- Certificate requests
pkcs-10-CertificationRequestInfo ::= SEQUENCE {
- version INTEGER { v1(0) },
+ version INTEGER,
subject Name,
subjectPKInfo SubjectPublicKeyInfo,
attributes [0] Attributes
@@ -433,15 +425,11 @@ pkcs-9-localKeyId ::= OCTET STRING
-- Private-key information syntax
pkcs-8-PrivateKeyInfo ::= SEQUENCE {
- version pkcs-8-Version,
+ version INTEGER,
privateKeyAlgorithm AlgorithmIdentifier,
- privateKey pkcs-8-PrivateKey,
+ privateKey OCTET STRING,
attributes [0] Attributes OPTIONAL }
-pkcs-8-Version ::= INTEGER {v1(0)}
-
-pkcs-8-PrivateKey ::= OCTET STRING
-
pkcs-8-Attributes ::= SET OF Attribute
-- Encrypted private-key information syntax
@@ -510,17 +498,9 @@ pkcs-12-SafeContents ::= SEQUENCE OF pkcs-12-SafeBag
pkcs-12-SafeBag ::= SEQUENCE {
bagId OBJECT IDENTIFIER,
bagValue [0] EXPLICIT ANY DEFINED BY badId,
- bagAttributes SET OF pkcs-12-PKCS12Attribute OPTIONAL
+ bagAttributes SET OF Attribute OPTIONAL
}
--- Bag types
-
-pkcs-12-KeyBag ::= pkcs-8-PrivateKeyInfo
-
--- Shrouded KeyBag
-
-pkcs-12-PKCS8ShroudedKeyBag ::= pkcs-8-EncryptedPrivateKeyInfo
-
-- CertBag
pkcs-12-CertBag ::= SEQUENCE {
@@ -544,26 +524,22 @@ pkcs-12-SecretBag ::= SEQUENCE {
-- x509CRL BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {pkcs-9-crlTypes 1}}
-- DER-encoded X.509 CRL stored in OCTET STRING
-pkcs-12-PKCS12Attribute ::= Attribute
-
-- PKCS #7 stuff (needed in PKCS 12)
pkcs-7-Data ::= OCTET STRING
pkcs-7-EncryptedData ::= SEQUENCE {
- version pkcs-7-CMSVersion,
+ version INTEGER,
encryptedContentInfo pkcs-7-EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT pkcs-7-UnprotectedAttributes OPTIONAL }
pkcs-7-EncryptedContentInfo ::= SEQUENCE {
contentType pkcs-7-ContentType,
contentEncryptionAlgorithm pkcs-7-ContentEncryptionAlgorithmIdentifier,
- encryptedContent [0] IMPLICIT pkcs-7-EncryptedContent OPTIONAL }
+ encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL }
pkcs-7-ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-pkcs-7-EncryptedContent ::= OCTET STRING
-
pkcs-7-UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute
-- rfc3820
@@ -583,7 +559,7 @@ OCSPRequest ::= SEQUENCE {
optionalSignature [0] EXPLICIT Signature OPTIONAL }
TBSRequest ::= SEQUENCE {
- version [0] EXPLICIT Version DEFAULT v1,
+ version [0] EXPLICIT INTEGER DEFAULT 0,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestList SEQUENCE OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL }
@@ -593,9 +569,6 @@ Signature ::= SEQUENCE {
signature BIT STRING,
certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
--- comment out, already used above, fortunately with same values and names
--- Version ::= INTEGER { v1(0) }
-
Request ::= SEQUENCE {
reqCert CertID,
singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
@@ -631,7 +604,7 @@ BasicOCSPResponse ::= SEQUENCE {
certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
ResponseData ::= SEQUENCE {
- version [0] EXPLICIT Version DEFAULT v1,
+ version [0] EXPLICIT INTEGER DEFAULT 0,
responderID ResponderID,
producedAt GeneralizedTime,
responses SEQUENCE OF SingleResponse,
View Lorry Controller Status