| ASN.1 structure DER En/DeCoder.
POPOPrivKey ::= CHOICE {
thisMessage [0] BIT STRING, -- posession is proven in this message (which contains the private key itself (encrypted for the CA))
subsequentMessage [1] SubsequentMessage, -- possession will be proven in a subsequent message (INTEGER)
dhMAC [2] BIT STRING } -- for keyAgreement (only), possession is proven in this message (which contains a MAC (over the DER-encoded value of the
-- certReq parameter in CertReqMsg, which MUST include both subject and publicKey) based on a key derived from the end entity's
-- private DH key and the CA's public DH key); the dhMAC value MUST be calculated as per the directions given in Appendix A.
SubsequentMessage ::= INTEGER {
encrCert (0), -- requests that resulting certificate be encrypted for the end entity (following which, POP will be proven in a confirmation message)
challengeResp (1) } -- requests that CA engage in challenge-response exchange with end entity in order to prove private key possession
|