Expand description
Simple enrollment per RFC 7030 §4.2.
The /simpleenroll operation accepts a PKCS#10 CSR and returns a PKCS#7
certificate chain. Supports ML-DSA and ML-KEM CSRs with proof-of-possession.
CSR wire format follows RFC 2986 (PKCS#10 Certification Request Syntax
Specification v1.7). The CertificationRequest struct formalizes the
three-part ASN.1 structure: CertificationRequestInfo, signatureAlgorithm,
and signature.
Modules§
- ml_
dsa_ oids - ML-DSA algorithm OIDs per FIPS 204.
- ml_
kem_ oids - ML-KEM algorithm OIDs per FIPS 203.
- named_
curve_ oids - Named curve OIDs for ECDSA.
- traditional_
oids - Traditional key algorithm OIDs.
Structs§
- Certification
Request - Parsed PKCS#10 Certification Request per RFC 2986 §4.
- Enroll
Request - Enrollment request containing a PKCS#10 CSR (RFC 7030 §4.2.1).
- Enroll
Response - Enrollment response containing a PKCS#7 certificate chain (RFC 7030 §4.2.3).
Enums§
- KeyAlgorithm
- Key algorithm detected from SubjectPublicKeyInfo in a CSR.
Constants§
- COMPOSITE_
ML_ DSA_ BASE - Composite ML-DSA OID base arc (2.16.840.1.114027.80.5.2).