
   DEFINITIONS ::=
   BEGIN

      IMPORTS

      ECParameters
      FROM  PKIX1Algorithms2008
           { iso(1) identified-organization(3) dod(6)
             internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
             45 }

      id-mgf1
      FROM   PKIX1-PSS-OAEP-Algorithms
           { iso(1) identified-organization(3) dod(6)
             internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
             id-mod-pkix1-rsa-pkalgs(33) }

      AlgorithmIdentifier
      FROM PKIX1Explicit88
           { iso(1) identified-organization(3) dod(6) internet(1)
           security(5) mechanisms(5) pkix(7) id-mod(0)
           id-pkix1-explicit(18) }

      ;

      --
      --  We define RSA keys from the modules in RFC 3279 and RFC 4055.
      --

      RSAKeyCapabilities ::= SEQUENCE {
         minKeySize        RSAKeySize,
         maxKeySize        RSAKeySize OPTIONAL
      }

      RSAKeySize ::= INTEGER (1024 | 2048 | 3072 | 4096 | 7680 |
                              8192 | 15360, ...)


      RsaSsa-Pss-sig-caps ::= SEQUENCE {





         hashAlg  AlgorithmIdentifier,
         maskAlg  AlgorithmIdentifier OPTIONAL,
         trailerField INTEGER DEFAULT 1
      }

      --
      --  We define DH/DSA keys from the module in RFC 3279.
      --

      DSAKeyCapabilities ::= CHOICE {
          keySizes         [0] SEQUENCE {
             minKeySize            DSAKeySize,
             maxKeySize            DSAKeySize OPTIONAL,
             maxSizeP              [1] INTEGER OPTIONAL,
             maxSizeQ              [2] INTEGER OPTIONAL,
             maxSizeG              [3] INTEGER OPTIONAL
          },
          keyParams        [1] pk-dsa.&Params
      }

      DSAKeySize ::= INTEGER (1024 | 2048 | 3072 | 7680 | 15360 )

      --
      --  We define Elliptic Curve keys from the module in RFC 3279.
      --

      EC-SMimeCaps ::= SEQUENCE (SIZE (1..MAX)) OF ECParameters

   END


