1 files changed, 65 insertions, 5 deletions
diff --git a/lib/public_key/asn1/PKCS-8.asn1 b/lib/public_key/asn1/PKCS-8.asn1
index 7413519b57..8412345b68 100644
--- a/lib/public_key/asn1/PKCS-8.asn1
+++ b/lib/public_key/asn1/PKCS-8.asn1
@@ -14,15 +14,15 @@ BEGIN
 -- All types and values defined in this module is exported for use in other
 -- ASN.1 modules.
 
-IMPORTS
+--IMPORTS
 
 -- informationFramework
 --        FROM UsefulDefinitions {joint-iso-itu-t(2) ds(5) module(1)
 --                                usefulDefinitions(0) 3} 
 
-Attribute
+--Attribute
 --        FROM InformationFramework informationFramework
-        FROM InformationFramework;
+--        FROM InformationFramework;
 
 -- This import is really unnecessary since ALGORITHM-IDENTIFIER is defined as a 
 -- TYPE-IDENTIFIER
@@ -55,8 +55,8 @@ Version ::= INTEGER {v1(0)} (v1,...)
 
 PrivateKey ::= OCTET STRING
 
--- Attributes ::= SET OF Attribute
-Attributes ::= SET OF Attribute {{...}}
+-- Attributes ::= SET OF PKAttribute
+Attributes ::= SET OF PKAttribute {{...}}
 
 -- Encrypted private-key information syntax
 
@@ -78,6 +78,66 @@ KeyEncryptionAlgorithms TYPE-IDENTIFIER ::= {
     ... -- For local profiles
 }
 
+-- From InformationFramework
+PKAttribute{ATTRIBUTE:SupportedAttributes} ::= SEQUENCE {
+  type               ATTRIBUTE.&id({SupportedAttributes}),
+  values
+    SET SIZE (0..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}{@type}),
+  valuesWithContext
+    SET SIZE (1..MAX) OF
+      SEQUENCE {value        ATTRIBUTE.&Type({SupportedAttributes}{@type}),
+                contextList  SET SIZE (1..MAX) OF Context} OPTIONAL
+}
+
+Context ::= SEQUENCE {
+  contextType    CONTEXT.&id({SupportedContexts}),
+  contextValues
+    SET SIZE (1..MAX) OF CONTEXT.&Type({SupportedContexts}{@contextType}),
+  fallback       BOOLEAN DEFAULT FALSE
+}
+-- Definition of the following information object set is deferred, perhaps to standardized
+-- profiles or to protocol implementation conformance statements. The set is required to
+-- specify a table constraint on the context specifications
+SupportedContexts CONTEXT ::=
+  {...}
+
+
+CONTEXT ::= CLASS {
+  &Type          ,
+  &DefaultValue  OPTIONAL,
+  &Assertion     OPTIONAL,
+  &absentMatch   BOOLEAN DEFAULT TRUE,
+  &id            OBJECT IDENTIFIER UNIQUE
+}
+  
+-- ATTRIBUTE information object class specification 
+ATTRIBUTE ::= CLASS {
+  &derivation            ATTRIBUTE OPTIONAL,
+  &Type                  OPTIONAL, -- either &Type or &derivation required 
+  &equality-match        MATCHING-RULE OPTIONAL,
+  &ordering-match        MATCHING-RULE OPTIONAL,
+  &substrings-match      MATCHING-RULE OPTIONAL,
+  &single-valued         BOOLEAN DEFAULT FALSE,
+  &collective            BOOLEAN DEFAULT FALSE,
+  &dummy                 BOOLEAN DEFAULT FALSE,
+  -- operational extensions 
+  &no-user-modification  BOOLEAN DEFAULT FALSE,
+  &usage                 AttributeUsage DEFAULT userApplications,
+  &id                    OBJECT IDENTIFIER UNIQUE
+}
+
+-- MATCHING-RULE information object class specification 
+MATCHING-RULE ::= CLASS {
+  &ParentMatchingRules   MATCHING-RULE OPTIONAL,
+  &AssertionType         OPTIONAL,
+  &uniqueMatchIndicator  ATTRIBUTE OPTIONAL,
+  &id                    OBJECT IDENTIFIER UNIQUE
+}
+
+AttributeUsage ::= ENUMERATED {
+  userApplications(0), directoryOperation(1), distributedOperation(2),
+  dSAOperation(3)}
+
 END