in2EPS
IETF         RFCs         Groups         SIP         Presence         Security         QoS
3GPP         Specs         Glossaries         Architecture         EPC         IMS         subsD         UICC         ETSI

Security

   Cryptography Basics ASN.1 for PKIX ASN.1 for CMS IPsec: historical PDFs
PKIX examplesCMS examplesSSL examples

ASN.1 for PKIX (Public-Key Infrastructure – X.509)
as defined in RFC 5280

# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 Basic Certificate fields Section 4.1Top 
Certificate    # TBSCertificate    # Version    # CertificateSerialNumber    # Validity    # SubjectPublicKeyInfo    # UniqueIdentifier    # Extensions
 Certificate structure Section 4.1.1Up 
Certificate::=SEQUENCE   {
tbsCertificateTBSCertificate,
signatureAlgorithmAlgorithmIdentifier,--   Section 4.1.1.2
signatureValueBIT STRING--   Section 4.1.1.3
}
 TBSCertificate – To Be Signed Certificate Section 4.1.2Up 
TBSCertificate::=SEQUENCE   {
version[0] EXPLICIT   Version   DEFAULT   v1,
serialNumberCertificateSerialNumber,
signatureAlgorithmIdentifier,--   Section 4.1.2.3
issuerName,--   Section 4.1.2.4
validityValidity,
subjectName,--   Section 4.1.2.6
subjectPublicKeyInfoSubjectPublicKeyInfo,
issuerUniqueID[1] IMPLICIT   UniqueIdentifier   OPTIONAL,
--   If present, version MUST be v2 or v3
subjectUniqueID[2] IMPLICIT   UniqueIdentifier   OPTIONAL,
--    If present, version MUST be v2 or v3
extensions[3] EXPLICIT   Extensions   OPTIONAL
--   If present, version MUST be v3
}
 Version Section 4.1.2.1Up 
Version::=INTEGER   {   v1(0),   v2(1),   v3(2)   }
 Serial Number Section 4.1.2.2Up 
CertificateSerialNumber::=INTEGER
 Validity Section 4.1.2.5Up 
Validity::=SEQUENCE   {
notBeforeTime,
notAfterTime
}
Time::=CHOICE   {
utcTimeUTCTime,
generalTimeGeneralizedTime
}
 Subject Public Key Info Section 4.1.2.7Up 
SubjectPublicKeyInfo::=SEQUENCE   {
algorithmAlgorithmIdentifier,
subjectPublicKeyBIT STRING
}
 Unique Identifiers Section 4.1.2.8Up 
UniqueIdentifier::=BIT STRING
 Extensions Section 4.1.2.9Up 
Extensions::=SEQUENCE   SIZE   (1..MAX)   OF   Extension
Extension::=SEQUENCE   {
extnIDOBJECT IDENTIFIER,
criticalBOOLEAN   DEFAULT   FALSE,
extnValueOCTET STRING
--   contains the DER encoding of an ASN.1 value
--   corresponding to the extension type identified
--   by extnID
}
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 Standard Certificate Extensions Section 4.2.1Top 
Authority Key Identifier    # Subject Key Identifier    # Key Usage    # Certificate Policies    # Policy Mappings    # Subject Alternative Name   
Issuer Alternative Name    # Subject Directory Attributes    # Basic Constraints    # Name Constraints    # Policy Constraints    # Extended Key Usage   
CRL Distribution Points    # Inhibit Any-Policy    # Freshest CRL
-- ISO arc for standard certificate and CRL extensions
id-ce   OBJECT IDENTIFIER   ::=   {   joint-iso-ccitt(2)   ds(5)   29     }
 Authority Key Identifier Section 4.2.1.1Up 
id-ce-authorityKeyIdentifier   OBJECT IDENTIFIER   ::=   {   id-ce   35   }
AuthorityKeyIdentifier::=SEQUENCE   {
keyIdentifier[0]   KeyIdentifier   OPTIONAL,
authorityCertIssuer[1]   GeneralNames   OPTIONAL,
authorityCertSerialNumber[2]   CertificateSerialNumber   OPTIONAL
}
-- authorityCertIssuer and authorityCertSerialNumber MUST both
-- be present or both be absent
KeyIdentifier::=OCTET STRING
 Subject Key Identifier Section 4.2.1.2Up 
id-ce-subjectKeyIdentifier   OBJECT IDENTIFIER   ::=   {   id-ce   14   }
SubjectKeyIdentifier::=KeyIdentifier
 Key Usage Section 4.2.1.3Up 
id-ce-keyUsage   OBJECT IDENTIFIER   ::=   {   id-ce   15   }
KeyUsage::=BIT STRING   {
digitalSignature(0),
nonRepudiation(1),   -- recent editions of X.509 have renamed this bit to contentCommitment
keyEncipherment(2),
dataEncipherment(3),
keyAgreement(4),
keyCertSign(5),
cRLSign(6),
encipherOnly(7),
decipherOnly(8)
}
 Certificate Policies Section 4.2.1.4Up 
id-ce-certificatePolicies   OBJECT IDENTIFIER   ::=   {   id-ce   32   }
anyPolicy   OBJECT IDENTIFIER   ::=   {   id-ce-certificatePolicies   0   }
CertificatePolicies::=SEQUENCE   SIZE (1..MAX) OF   PolicyInformation
PolicyInformation::=SEQUENCE   {
policyIdentifierCertPolicyId,
policyQualifiersSEQUENCE SIZE (1..MAX) OF   PolicyQualifierInfo   OPTIONAL
}
CertPolicyId::=OBJECT IDENTIFIER
PolicyQualifierInfo::=SEQUENCE   {
policyQualifierIdPolicyQualifierId,
qualifierANY DEFINED BY   policyQualifierId
}
-- policyQualifierIds for Internet policy qualifiers
id-qt   OBJECT IDENTIFIER   ::=   {   id-pkix   2   }
id-qt-cps   OBJECT IDENTIFIER   ::=   {   id-qt   1   }
id-qt-unotice   OBJECT IDENTIFIER   ::=   {   id-qt   2   }
PolicyQualifierId::=OBJECT IDENTIFIER   ( id-qt-cps  |  id-qt-unotice )
 Policy Mappings Section 4.2.1.5Up 
id-ce-policyMappings   OBJECT IDENTIFIER   ::=   {   id-ce   33   }
PolicyMappings::=SEQUENCE   SIZE (1..MAX)   OF   SEQUENCE   {
issuerDomainPolicyCertPolicyId,
subjectDomainPolicyCertPolicyId
}
 Subject Alternative Name Section 4.2.1.6Up 
id-ce-subjectAltName   OBJECT IDENTIFIER   ::=   {   id-ce   17   }
SubjectAltName::=GeneralNames
GeneralNames::=SEQUENCE   SIZE (1..MAX)   OF   GeneralName
GeneralName::=CHOICE   {
otherName[0]   AnotherName,
rfc822Name[1]   IA5String,
dNSName[2]   IA5String,
x400Address[3]   ORAddress,
directoryName[4]   Name,
ediPartyName[5]   EDIPartyName,
uniformResourceIdentifier[6]   IA5String,
iPAddress[7]   OCTET STRING,
registeredID[8]   OBJECT IDENTIFIER
}
-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
AnotherName::=SEQUENCE   {
type-idOBJECT IDENTIFIER,
value[0] EXPLICIT   ANY   DEFINED BY   type-id
}
EDIPartyName::=SEQUENCE   {
nameAssigner[0]   DirectoryString   OPTIONAL,
partyName[1]   DirectoryString
}
 Issuer Alternative Name Section 4.2.1.7Up 
id-ce-issuerAltName   OBJECT IDENTIFIER   ::=   {   id-ce   18   }
IssuerAltName::=GeneralNames
 Subject Directory Attributes Section 4.2.1.8Up 
id-ce-subjectDirectoryAttributes   OBJECT IDENTIFIER   ::=   {   id-ce   9   }
SubjectDirectoryAttributes::=SEQUENCE   SIZE (1..MAX)   OF   Attribute
Attribute::=SEQUENCE   {
typeAttributeType,
valuesSET OF   AttributeValue
}
 Basic Constraints Section 4.2.1.9Up 
id-ce-basicConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   19   }
BasicConstraints::=SEQUENCE   {
cABOOLEAN   DEFAULT   FALSE,
pathLenConstraintINTEGER   (0..MAX)   OPTIONAL
}
 Name Constraints Section 4.2.1.10Up 
id-ce-nameConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   30   }
NameConstraints::=SEQUENCE   {
permittedSubtrees[0]   GeneralSubtrees   OPTIONAL,
excludedSubtrees[1]   GeneralSubtrees   OPTIONAL
}
GeneralSubtrees::=SEQUENCE   SIZE (1..MAX)   OF   GeneralSubtree
GeneralSubtree::=SEQUENCE   {
baseGeneralName,
minimum[0]   BaseDistance   DEFAULT   0,
maximum[1]   BaseDistance   OPTIONAL
}
BaseDistance::=INTEGER   (0..MAX)
 Policy Constraints Section 4.2.1.11Up 
id-ce-policyConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   36   }
PolicyConstraints::=SEQUENCE   {
requireExplicitPolicy[0]   SkipCerts   OPTIONAL,
inhibitPolicyMapping[1]   SkipCerts   OPTIONAL
}
SkipCerts::=INTEGER   (0..MAX)
 Extended Key Usage Section 4.2.1.12Up 
id-ce-extKeyUsage   OBJECT IDENTIFIER   ::=   {   id-ce   37   }
ExtKeyUsageSyntax::=SEQUENCE   SIZE (1..MAX)   OF   KeyPurposeId
KeyPurposeId::=OBJECT IDENTIFIER
anyExtendedKeyUsageOBJECT IDENTIFIER   ::={   id-ce-extKeyUsage   0   }
id-kpOBJECT IDENTIFIER   ::={   id-pkix   3   }
id-kp-serverAuthOBJECT IDENTIFIER   ::={   id-kp   1   }
-- TLS WWW server authentication
-- Key usage bits that may be consistent: digitalSignature,
-- keyEncipherment or keyAgreement
id-kp-clientAuthOBJECT IDENTIFIER   ::={   id-kp   2   }
-- TLS WWW client authentication
-- Key usage bits that may be consistent: digitalSignature
-- and/or keyAgreement
id-kp-codeSigningOBJECT IDENTIFIER   ::={   id-kp   3   }
-- Signing of downloadable executable code
-- Key usage bits that may be consistent: digitalSignature
id-kp-emailProtectionOBJECT IDENTIFIER   ::={   id-kp   4   }
-- Email protection
-- Key usage bits that may be consistent: digitalSignature,
-- nonRepudiation, and/or (keyEncipherment or keyAgreement)
id-kp-timeStampingOBJECT IDENTIFIER   ::={   id-kp   8   }
-- Binding the hash of an object to a time
-- Key usage bits that may be consistent: digitalSignature
-- and/or nonRepudiation
id-kp-OCSPSigningOBJECT IDENTIFIER   ::={   id-kp   9   }
-- Signing OCSP responses
-- Key usage bits that may be consistent: digitalSignature
-- and/or nonRepudiation
 CRL Distribution Points Section 4.2.1.13Up 
id-ce-cRLDistributionPoints   OBJECT IDENTIFIER   ::=   {   id-ce   31   }
CRLDistributionPoints::=SEQUENCE   SIZE (1..MAX)   OF   DistributionPoint
DistributionPoint::=SEQUENCE   {
distributionPoint[0]   DistributionPointName   OPTIONAL,
reasons[1]   ReasonFlags   OPTIONAL,
cRLIssuer[2]   GeneralNames   OPTIONAL
}
DistributionPointName::=CHOICE   {
fullName[0]   GeneralNames,
nameRelativeToCRLIssuer[1]   RelativeDistinguishedName
}
ReasonFlags::=BIT STRING   {
unused(0),
keyCompromise(1),
cACompromise(2),
affiliationChanged(3),
superseded(4),
cessationOfOperation(5),
certificateHold(6),
privilegeWithdrawn(7),
aACompromise(8)
}
 Inhibit Any-Policy Section 4.2.1.14Up 
id-ce-inhibitAnyPolicy   OBJECT IDENTIFIER   ::=   {   id-ce   54   }
InhibitAnyPolicy::=SkipCerts
 Freshest CRLsame OID and syntax as for the CRL Extension Section 4.2.1.15Up 
FreshestCRL::=CRLDistributionPoints
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 Private Internet Certificate Extensions Section 4.2.2Top 
Authority Information Access    # Subject Information Access
id-pkixOBJECT IDENTIFIER   ::=  
  {   iso(1)   identified-organization(3)   dod(6)   internet(1)   security(5)   mechanisms(5)   pkix(7)   }
id-peOBJECT IDENTIFIER   ::=   {   id-pkix   1   }   -- arc for private certificate extensions
 Authority Information Access Section 4.2.2.1Up 
id-pe-authorityInfoAccess   OBJECT IDENTIFIER   ::=   {   id-pe   1   }
AuthorityInfoAccessSyntax::=SEQUENCE   SIZE (1..MAX)   OF   AccessDescription
AccessDescription::=SEQUENCE   {
accessMethodOBJECT IDENTIFIER,
accessLocationGeneralName
}
id-adOBJECT IDENTIFIER   ::=   {   id-pkix   48   }
id-ad-caIssuersOBJECT IDENTIFIER   ::=   {   id-ad   2   }
id-ad-ocspOBJECT IDENTIFIER   ::=   {   id-ad   1   }
 Subject Information Access Section 4.2.2.2Up 
id-pe-subjectInfoAccess   OBJECT IDENTIFIER   ::=   {   id-pe   11   }
SubjectInfoAccessSyntax::=SEQUENCE   SIZE (1..MAX)   OF   AccessDescription
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 CRL – Certificate Revocation List Section 5.1Top 
CertificateList    # TBSCertList
 Certificate List Section 5.1.1Up 
CertificateList::=SEQUENCE   {
tbsCertListTBSCertList,
signatureAlgorithmAlgorithmIdentifier,--   Section 5.1.1.2
signatureValueBIT STRING--   Section 5.1.1.3
}
 Certificate List "To Be Signed" Section 5.1.2Up 
TBSCertList::=SEQUENCE   {
versionVersion   OPTIONAL,
-- if present, MUST be v2
signatureAlgorithmIdentifier,
issuerName,
thisUpdateTime,
nextUpdateTime   OPTIONAL,
revokedCertificatesSEQUENCE OF   SEQUENCE   {
userCertificateCertificateSerialNumber,
revocationDateTime,
crlEntryExtensionsExtensions   OPTIONAL
-- if present, version MUST be v2
}   OPTIONAL,
crlExtensions[0] EXPLICIT   Extensions   OPTIONAL
-- if present, version MUST be v2
}
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 CRL Extensions Section 5.2Top 
Authority Key Identifier    # Issuer Alternative Name    # CRL Number    # Delta CRL Indicator   
Issuing Distribution Point    # Freshest CRL    # Authority Information Access
 Authority Key Identifier same syntax as for the Certificate ExtensionSection 5.2.1Up 
 CRL Number Section 5.2.3Up 
id-ce-cRLNumberOBJECT IDENTIFIER   ::=   {   id-ce   20   }
CRLNumber::=INTEGER (0..MAX)
 Delta CRL Indicator Section 5.2.4Up 
id-ce-deltaCRLIndicatorOBJECT IDENTIFIER   ::=   {   id-ce   27   }
BaseCRLNumber::=CRLNumber
 Issuing Distribution Point Section 5.2.5Up 
id-ce-issuingDistributionPointOBJECT IDENTIFIER   ::=   {   id-ce   29   }
issuingDistributionPoint::=SEQUENCE   {
distributionPoint[0]   DistributionPointName   OPTIONAL,
onlyContainsUserCerts[1]   BOOLEAN   DEFAULT   FALSE,
onlyContainsCACerts[2]   BOOLEAN   DEFAULT   FALSE,
onlySomeReasons[3]   ReasonFlags   OPTIONAL,
indirectCRL[4]   BOOLEAN   DEFAULT   FALSE,
onlyContainsAttributeCerts[5]   BOOLEAN   DEFAULT   FALSE
}
 Freshest CRL (a.k.a. Delta CRL Distribution Point) Section 5.2.6Up 
id-ce-cRLNumberOBJECT IDENTIFIER   ::=   {   id-ce   46   }
FreshestCRL::=CRLDistributionPoints
 Authority Information Access same syntax as for the Certificate ExtensionSection 5.2.7Up 
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 CRL Entry Extensions Section 5.3Top 
Reason Code    # Invalidity Date    # Certificate Issuer
 Reason Code Section 5.3.1Up 
id-ce-cRLReason   OBJECT IDENTIFIER   ::=   {   id-ce   21   }
CRLReason::=ENUMERATED {
unspecified(0),
keyCompromise(1),
cACompromise(2),
affiliationChanged(3),
superseded(4),
cessationOfOperation(5),
certificateHold(6),
removeFromCRL(8),
privilegeWithdrawn(9),
aACompromise(10)
}
 Invalidity Date Section 5.3.2Up 
id-ce-id-ce-invalidityDate   OBJECT IDENTIFIER   ::=   {   id-ce   24   }
invalidityDate::=GeneralizedTime
 Certificate Issuer Section 5.3.3Up 
id-ce-certificateIssuer   OBJECT IDENTIFIER   ::=   {   id-ce   29   }
certificateIssuer::=GeneralNames
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 Naming Section 4.1.2.4Top 
Name    # RelativeDistinguishedName    # DirectoryString   
-- Arc for standard naming attributes
id-at   OBJECT IDENTIFIER   ::=   {   joint-iso-ccitt(2)   ds(5)   4     }
 Name Up 
Name::=CHOICE   { -- only one possibility for now --
rdnSequenceRDNSequence
}
RDNSequence::=SEQUENCE OF   RelativeDistinguishedName
 Relative Distinguished Name Up 
RelativeDistinguishedName::=SET   SIZE (1 .. MAX)   OF   AttributeTypeAndValue
AttributeTypeAndValue::=SEQUENCE   {
typeAttributeType,
valueAttributeValue
}
AttributeType::=OBJECT IDENTIFIER
AttributeValue::=ANY   -- DEFINED BY AttributeType
 Directory String Up 
DirectoryString::=CHOICE   {
teletexStringTeletexString   (SIZE (1..MAX)),
printableStringPrintableString   (SIZE (1..MAX)),
universalStringUniversalString   (SIZE (1..MAX)),
utf8StringUTF8String   (SIZE (1..MAX)),
bmpStringBMPString   (SIZE (1..MAX))
}
# Certificate     # Standard Certificate Extensions     # Private Certificate Extensions
# CRL     # CRL Extensions     # CRL Entry Extensions     # Naming     # Algorithm Identifiers 
 Algorithm Identifiers Section 4.1.1.2Top 
One-way Hash Functions    # DSA Keys and Signatures    # RSA Keys and Signatures    #  Diffie-Hellman Keys    # KEA Keys   
Elliptic Curve Keys, Signatures, and Curves
AlgorithmIdentifier::=SEQUENCE   {
algorithmOBJECT IDENTIFIER,
parametersANY   DEFINED BY   algorithm   OPTIONAL
   -- contains a value of the type
   -- registered for use with the
   -- algorithm object identifier value
}
 One-way Hash Functions RFC 3279Section 2.1
Section 2.2.1
Up 
md2OBJECT IDENTIFIER   ::=   {   iso(1)   member-body(2)   us(840)   rsadsi(113549)   digestAlgorithm(2)   2   }
md5OBJECT IDENTIFIER   ::=   {   iso(1)   member-body(2)   us(840)   rsadsi(113549)   digestAlgorithm(2)   5   }
id-sha1OBJECT IDENTIFIER   ::=   {   iso(1)   identified-organization(3)   oiw(14)   secsig(3)   algorithms(2)   26   }
 DSA Keys and Signatures Up 
-- OID for DSA public key
id-dsaOBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   x9-57(10040)   x9algorithm(4)   1
}
-- encoding for DSA public key
DSAPublicKey::=INTEGER -- public key, y
Dss-Parms::=SEQUENCE   {
pINTEGER,
qINTEGER,
gINTEGER
}
-- OID for DSA signature generated with SHA-1 hash
id-dsa-with-sha1OBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   x9-57(10040)   x9algorithm(4)   3
}
-- encoding for DSA signature generated with SHA-1 hash
Dss-Sig-Value::=SEQUENCE   {
rINTEGER,
sINTEGER
}
 RSA Keys and Signatures Up 
-- arc for RSA public key and RSA signature OIDs
pkcs-1OBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   rsadsi(113549)   pkcs(1)   1
}
-- OID for RSA public keys
rsaEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   1
}
-- OID for RSA signature generated with MD2 hash
md2WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   2
}
-- OID for RSA signature generated with MD5 hash
md5WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   4
}
-- OID for RSA signature generated with SHA-1 hash
sha1WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   5
}
-- encoding for RSA public key
RSAPublicKey::=SEQUENCE   {
modulusINTEGER,-- n
publicExponentINTEGER-- e
}
 Diffie-Hellman Keys Up 
dhpublicnumberOBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   ansi-x942(10046)   number-type(2)   1
}
-- encoding for DH public key
DHPublicKey::=INTEGER -- public key, y = g^x mod p
DomainParameters::=SEQUENCE   {
pINTEGER,-- odd prime, p=jq +1
gINTEGER,-- generator, g
qINTEGER,-- factor of p-1
jINTEGER OPTIONAL,-- subgroup factor, j>= 2
validationParmsValidationParms OPTIONAL
}
ValidationParms::=SEQUENCE   {
seedBIT STRING,
pgenCounterINTEGER
}
 KEA Keys Up 
keyExchangeAlgorithmOBJECT IDENTIFIER   ::=   {
   2   16   840   1   101   2   1   1   22
}
KEA-Parms-Id::=OCTET STRING
 Elliptic Curve Keys, Signatures, and Curves Up