in2EPS
IETF         RFCs         Groups         SIP         Presence         Security         QoS
3GPP         Specs         Glossaries         Architecture         EPC         IMS         subsD         UICC         ETSI

Security

   Cryptography Basics  ASN.1 for PKIX  ASN.1 for CMS  IPsec: historical PDFs
PKIX examples CMS examples SSL examples

ASN.1 for PKIX (Public-Key Infrastructure – X.509)
as defined in RFC 5280

Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 Basic Certificate fields   Section 4.1 Top
Certificate         TBSCertificate         Version         CertificateSerialNumber
Validity         SubjectPublicKeyInfo         UniqueIdentifier         Extensions
 Certificate structure   Section 4.1.1 Up
Certificate::= SEQUENCE   {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier, --   Section 4.1.1.2
signatureValue BIT STRING --   Section 4.1.1.3
}
 TBSCertificate – To Be Signed Certificate   Section 4.1.2 Up
TBSCertificate::= SEQUENCE   {
version [0] EXPLICIT   Version   DEFAULT   v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier, --   Section 4.1.2.3
issuer Name, --   Section 4.1.2.4
validity Validity,
subject Name, --   Section 4.1.2.6
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [1] IMPLICIT   UniqueIdentifier   OPTIONAL,
--   If present, version MUST be v2 or v3
subjectUniqueID [2] IMPLICIT   UniqueIdentifier   OPTIONAL,
--    If present, version MUST be v2 or v3
extensions [3] EXPLICIT   Extensions   OPTIONAL
--   If present, version MUST be v3
}
 Version   Section 4.1.2.1 Up
Version::= INTEGER   {   v1(0),   v2(1),   v3(2)   }
 Serial Number   Section 4.1.2.2 Up
CertificateSerialNumber::= INTEGER
 Validity   Section 4.1.2.5 Up
Validity::= SEQUENCE   {
notBefore Time,
notAfter Time
}
Time::= CHOICE   {
utcTime UTCTime,
generalTime GeneralizedTime
}
 Subject Public Key Info   Section 4.1.2.7 Up
SubjectPublicKeyInfo::= SEQUENCE   {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING
}
 Unique Identifiers   Section 4.1.2.8 Up
UniqueIdentifier::= BIT STRING
 Extensions   Section 4.1.2.9 Up
Extensions::= SEQUENCE   SIZE   (1..MAX)   OF   Extension
Extension::= SEQUENCE   {
extnID OBJECT IDENTIFIER,
critical BOOLEAN   DEFAULT   FALSE,
extnValue OCTET STRING
--   contains the DER encoding of an ASN.1 value
--   corresponding to the extension type identified
--   by extnID
}
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 Standard Certificate Extensions   Section 4.2.1 Top
Authority Key Identifier         Subject Key Identifier         Key Usage         Certificate Policies         Policy Mappings
Subject Alternative Name         Issuer Alternative Name         Subject Directory Attributes         Basic Constraints
Name Constraints         Policy Constraints         Extended Key Usage         CRL Distribution Points         Inhibit Any-Policy
Freshest CRL
-- ISO arc for standard certificate and CRL extensions
id-ce   OBJECT IDENTIFIER   ::=   {   joint-iso-ccitt(2)   ds(5)   29     }
 Authority Key Identifier   Section 4.2.1.1 Up
id-ce-authorityKeyIdentifier   OBJECT IDENTIFIER   ::=   {   id-ce   35   }
AuthorityKeyIdentifier::= SEQUENCE   {
keyIdentifier [0]   KeyIdentifier   OPTIONAL,
authorityCertIssuer [1]   GeneralNames   OPTIONAL,
authorityCertSerialNumber [2]   CertificateSerialNumber   OPTIONAL
}
-- authorityCertIssuer and authorityCertSerialNumber MUST both
-- be present or both be absent
KeyIdentifier::= OCTET STRING
 Subject Key Identifier   Section 4.2.1.2 Up
id-ce-subjectKeyIdentifier   OBJECT IDENTIFIER   ::=   {   id-ce   14   }
SubjectKeyIdentifier::= KeyIdentifier
 Key Usage   Section 4.2.1.3 Up
id-ce-keyUsage   OBJECT IDENTIFIER   ::=   {   id-ce   15   }
KeyUsage::= BIT STRING   {
digitalSignature (0),
nonRepudiation (1),   -- recent editions of X.509 have renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8)
}
 Certificate Policies   Section 4.2.1.4 Up
id-ce-certificatePolicies   OBJECT IDENTIFIER   ::=   {   id-ce   32   }
anyPolicy   OBJECT IDENTIFIER   ::=   {   id-ce-certificatePolicies   0   }
CertificatePolicies::= SEQUENCE   SIZE (1..MAX) OF   PolicyInformation
PolicyInformation::= SEQUENCE   {
policyIdentifier CertPolicyId,
policyQualifiers SEQUENCE SIZE (1..MAX) OF   PolicyQualifierInfo   OPTIONAL
}
CertPolicyId::= OBJECT IDENTIFIER
PolicyQualifierInfo::= SEQUENCE   {
policyQualifierId PolicyQualifierId,
qualifier ANY DEFINED BY   policyQualifierId
}
-- policyQualifierIds for Internet policy qualifiers
id-qt   OBJECT IDENTIFIER   ::=   {   id-pkix   2   }
id-qt-cps   OBJECT IDENTIFIER   ::=   {   id-qt   1   }
id-qt-unotice   OBJECT IDENTIFIER   ::=   {   id-qt   2   }
PolicyQualifierId::= OBJECT IDENTIFIER   ( id-qt-cps  |  id-qt-unotice )
 Policy Mappings   Section 4.2.1.5 Up
id-ce-policyMappings   OBJECT IDENTIFIER   ::=   {   id-ce   33   }
PolicyMappings::= SEQUENCE   SIZE (1..MAX)   OF   SEQUENCE   {
issuerDomainPolicy CertPolicyId,
subjectDomainPolicy CertPolicyId
}
 Subject Alternative Name   Section 4.2.1.6 Up
id-ce-subjectAltName   OBJECT IDENTIFIER   ::=   {   id-ce   17   }
SubjectAltName::= GeneralNames
GeneralNames::= SEQUENCE   SIZE (1..MAX)   OF   GeneralName
GeneralName::= CHOICE   {
otherName [0]   AnotherName,
rfc822Name [1]   IA5String,
dNSName [2]   IA5String,
x400Address [3]   ORAddress,
directoryName [4]   Name,
ediPartyName [5]   EDIPartyName,
uniformResourceIdentifier [6]   IA5String,
iPAddress [7]   OCTET STRING,
registeredID [8]   OBJECT IDENTIFIER
}
-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
AnotherName::= SEQUENCE   {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT   ANY   DEFINED BY   type-id
}
EDIPartyName::= SEQUENCE   {
nameAssigner [0]   DirectoryString   OPTIONAL,
partyName [1]   DirectoryString
}
 Issuer Alternative Name   Section 4.2.1.7 Up
id-ce-issuerAltName   OBJECT IDENTIFIER   ::=   {   id-ce   18   }
IssuerAltName::= GeneralNames
 Subject Directory Attributes   Section 4.2.1.8 Up
id-ce-subjectDirectoryAttributes   OBJECT IDENTIFIER   ::=   {   id-ce   9   }
SubjectDirectoryAttributes::= SEQUENCE   SIZE (1..MAX)   OF   Attribute
Attribute::= SEQUENCE   {
type AttributeType,
values SET OF   AttributeValue
}
 Basic Constraints   Section 4.2.1.9 Up
id-ce-basicConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   19   }
BasicConstraints::= SEQUENCE   {
cA BOOLEAN   DEFAULT   FALSE,
pathLenConstraint INTEGER   (0..MAX)   OPTIONAL
}
 Name Constraints   Section 4.2.1.10 Up
id-ce-nameConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   30   }
NameConstraints::= SEQUENCE   {
permittedSubtrees [0]   GeneralSubtrees   OPTIONAL,
excludedSubtrees [1]   GeneralSubtrees   OPTIONAL
}
GeneralSubtrees::= SEQUENCE   SIZE (1..MAX)   OF   GeneralSubtree
GeneralSubtree::= SEQUENCE   {
base GeneralName,
minimum [0]   BaseDistance   DEFAULT   0,
maximum [1]   BaseDistance   OPTIONAL
}
BaseDistance::= INTEGER   (0..MAX)
 Policy Constraints   Section 4.2.1.11 Up
id-ce-policyConstraints   OBJECT IDENTIFIER   ::=   {   id-ce   36   }
PolicyConstraints::= SEQUENCE   {
requireExplicitPolicy [0]   SkipCerts   OPTIONAL,
inhibitPolicyMapping [1]   SkipCerts   OPTIONAL
}
SkipCerts::= INTEGER   (0..MAX)
 Extended Key Usage   Section 4.2.1.12 Up
id-ce-extKeyUsage   OBJECT IDENTIFIER   ::=   {   id-ce   37   }
ExtKeyUsageSyntax::= SEQUENCE   SIZE (1..MAX)   OF   KeyPurposeId
KeyPurposeId::= OBJECT IDENTIFIER
anyExtendedKeyUsage OBJECT IDENTIFIER   ::= {   id-ce-extKeyUsage   0   }
id-kp OBJECT IDENTIFIER   ::= {   id-pkix   3   }
id-kp-serverAuth OBJECT IDENTIFIER   ::= {   id-kp   1   }
-- TLS WWW server authentication
-- Key usage bits that may be consistent: digitalSignature,
-- keyEncipherment or keyAgreement
id-kp-clientAuth OBJECT IDENTIFIER   ::= {   id-kp   2   }
-- TLS WWW client authentication
-- Key usage bits that may be consistent: digitalSignature
-- and/or keyAgreement
id-kp-codeSigning OBJECT IDENTIFIER   ::= {   id-kp   3   }
-- Signing of downloadable executable code
-- Key usage bits that may be consistent: digitalSignature
id-kp-emailProtection OBJECT IDENTIFIER   ::= {   id-kp   4   }
-- Email protection
-- Key usage bits that may be consistent: digitalSignature,
-- nonRepudiation, and/or (keyEncipherment or keyAgreement)
id-kp-timeStamping OBJECT IDENTIFIER   ::= {   id-kp   8   }
-- Binding the hash of an object to a time
-- Key usage bits that may be consistent: digitalSignature
-- and/or nonRepudiation
id-kp-OCSPSigning OBJECT IDENTIFIER   ::= {   id-kp   9   }
-- Signing OCSP responses
-- Key usage bits that may be consistent: digitalSignature
-- and/or nonRepudiation
 CRL Distribution Points   Section 4.2.1.13 Up
id-ce-cRLDistributionPoints   OBJECT IDENTIFIER   ::=   {   id-ce   31   }
CRLDistributionPoints::= SEQUENCE   SIZE (1..MAX)   OF   DistributionPoint
DistributionPoint::= SEQUENCE   {
distributionPoint [0]   DistributionPointName   OPTIONAL,
reasons [1]   ReasonFlags   OPTIONAL,
cRLIssuer [2]   GeneralNames   OPTIONAL
}
DistributionPointName::= CHOICE   {
fullName [0]   GeneralNames,
nameRelativeToCRLIssuer [1]   RelativeDistinguishedName
}
ReasonFlags::= BIT STRING   {
unused (0),
keyCompromise (1),
cACompromise (2),
affiliationChanged (3),
superseded (4),
cessationOfOperation (5),
certificateHold (6),
privilegeWithdrawn (7),
aACompromise (8)
}
 Inhibit Any-Policy   Section 4.2.1.14 Up
id-ce-inhibitAnyPolicy   OBJECT IDENTIFIER   ::=   {   id-ce   54   }
InhibitAnyPolicy::= SkipCerts
 Freshest CRL same OID and syntax as for the CRL Extension   Section 4.2.1.15 Up
FreshestCRL::= CRLDistributionPoints
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 Private Internet Certificate Extensions   Section 4.2.2 Top
Authority Information Access         Subject Information Access
id-pkixOBJECT IDENTIFIER   ::=  
  {   iso(1)   identified-organization(3)   dod(6)   internet(1)   security(5)   mechanisms(5)   pkix(7)   }
id-peOBJECT IDENTIFIER   ::=   {   id-pkix   1   }   -- arc for private certificate extensions
 Authority Information Access   Section 4.2.2.1 Up
id-pe-authorityInfoAccess   OBJECT IDENTIFIER   ::=   {   id-pe   1   }
AuthorityInfoAccessSyntax::= SEQUENCE   SIZE (1..MAX)   OF   AccessDescription
AccessDescription::= SEQUENCE   {
accessMethod OBJECT IDENTIFIER,
accessLocation GeneralName
}
id-adOBJECT IDENTIFIER   ::=   {   id-pkix   48   }
id-ad-caIssuersOBJECT IDENTIFIER   ::=   {   id-ad   2   }
id-ad-ocspOBJECT IDENTIFIER   ::=   {   id-ad   1   }
 Subject Information Access   Section 4.2.2.2 Up
id-pe-subjectInfoAccess   OBJECT IDENTIFIER   ::=   {   id-pe   11   }
SubjectInfoAccessSyntax::= SEQUENCE   SIZE (1..MAX)   OF   AccessDescription
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 CRL – Certificate Revocation List   Section 5.1 Top
CertificateList         TBSCertList
 Certificate List   Section 5.1.1 Up
CertificateList::= SEQUENCE   {
tbsCertList TBSCertList,
signatureAlgorithm AlgorithmIdentifier, --   Section 5.1.1.2
signatureValue BIT STRING --   Section 5.1.1.3
}
 Certificate List "To Be Signed"   Section 5.1.2 Up
TBSCertList::= SEQUENCE   {
version Version   OPTIONAL,
-- if present, MUST be v2
signature AlgorithmIdentifier,
issuer Name,
thisUpdate Time,
nextUpdate Time   OPTIONAL,
revokedCertificates SEQUENCE OF   SEQUENCE   {
userCertificate CertificateSerialNumber,
revocationDate Time,
crlEntryExtensions Extensions   OPTIONAL
-- if present, version MUST be v2
}   OPTIONAL,
crlExtensions [0] EXPLICIT   Extensions   OPTIONAL
-- if present, version MUST be v2
}
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 CRL Extensions   Section 5.2 Top
Authority Key Identifier         Issuer Alternative Name         CRL Number         Delta CRL Indicator
Issuing Distribution Point         Freshest CRL         Authority Information Access
 Authority Key Identifier   same syntax as for the Certificate Extension Section 5.2.1 Up
 CRL Number   Section 5.2.3 Up
id-ce-cRLNumberOBJECT IDENTIFIER   ::=   {   id-ce   20   }
CRLNumber::= INTEGER (0..MAX)
 Delta CRL Indicator   Section 5.2.4 Up
id-ce-deltaCRLIndicatorOBJECT IDENTIFIER   ::=   {   id-ce   27   }
BaseCRLNumber::= CRLNumber
 Issuing Distribution Point   Section 5.2.5 Up
id-ce-issuingDistributionPointOBJECT IDENTIFIER   ::=   {   id-ce   29   }
issuingDistributionPoint::= SEQUENCE   {
distributionPoint [0]   DistributionPointName   OPTIONAL,
onlyContainsUserCerts [1]   BOOLEAN   DEFAULT   FALSE,
onlyContainsCACerts [2]   BOOLEAN   DEFAULT   FALSE,
onlySomeReasons [3]   ReasonFlags   OPTIONAL,
indirectCRL [4]   BOOLEAN   DEFAULT   FALSE,
onlyContainsAttributeCerts [5]   BOOLEAN   DEFAULT   FALSE
}
 Freshest CRL (a.k.a. Delta CRL Distribution Point)   Section 5.2.6 Up
id-ce-cRLNumberOBJECT IDENTIFIER   ::=   {   id-ce   46   }
FreshestCRL::= CRLDistributionPoints
 Authority Information Access   same syntax as for the Certificate Extension Section 5.2.7 Up
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 CRL Entry Extensions   Section 5.3 Top
Reason Code         Invalidity Date         Certificate Issuer
 Reason Code   Section 5.3.1 Up
id-ce-cRLReason   OBJECT IDENTIFIER   ::=   {   id-ce   21   }
CRLReason::= ENUMERATED {
unspecified (0),
keyCompromise (1),
cACompromise (2),
affiliationChanged (3),
superseded (4),
cessationOfOperation (5),
certificateHold (6),
removeFromCRL (8),
privilegeWithdrawn (9),
aACompromise (10)
}
 Invalidity Date   Section 5.3.2 Up
id-ce-id-ce-invalidityDate   OBJECT IDENTIFIER   ::=   {   id-ce   24   }
invalidityDate::= GeneralizedTime
 Certificate Issuer   Section 5.3.3 Up
id-ce-certificateIssuer   OBJECT IDENTIFIER   ::=   {   id-ce   29   }
certificateIssuer::= GeneralNames
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 Naming   Section 4.1.2.4 Top
Name         RelativeDistinguishedName         DirectoryString   
-- Arc for standard naming attributes
id-at   OBJECT IDENTIFIER   ::=   {   joint-iso-ccitt(2)   ds(5)   4     }
 Name   Up
Name::= CHOICE   { -- only one possibility for now --
rdnSequence RDNSequence
}
RDNSequence::= SEQUENCE OF   RelativeDistinguishedName
 Relative Distinguished Name   Up
RelativeDistinguishedName::= SET   SIZE (1 .. MAX)   OF   AttributeTypeAndValue
AttributeTypeAndValue::= SEQUENCE   {
type AttributeType,
value AttributeValue
}
AttributeType::= OBJECT IDENTIFIER
AttributeValue::= ANY   -- DEFINED BY AttributeType
 Directory String   Up
DirectoryString::= CHOICE   {
teletexString TeletexString   (SIZE (1..MAX)),
printableString PrintableString   (SIZE (1..MAX)),
universalString UniversalString   (SIZE (1..MAX)),
utf8String UTF8String   (SIZE (1..MAX)),
bmpString BMPString   (SIZE (1..MAX))
}
Certificate         Standard Certificate Extensions         Private Certificate Extensions
CRL         CRL Extensions         CRL Entry Extensions         Naming         Algorithm Identifiers 
 Algorithm Identifiers   Section 4.1.1.2 Top
One-way Hash Functions         DSA Keys and Signatures         RSA Keys and Signatures         Diffie-Hellman Keys
KEA Keys         Elliptic Curve Keys, Signatures, and Curves
AlgorithmIdentifier::= SEQUENCE   {
algorithm OBJECT IDENTIFIER,
parameters ANY   DEFINED BY   algorithm   OPTIONAL
   -- contains a value of the type
   -- registered for use with the
   -- algorithm object identifier value
}
 One-way Hash Functions   RFC 3279 Section 2.1
Section 2.2.1
Up
md2OBJECT IDENTIFIER   ::=   {   iso(1)   member-body(2)   us(840)   rsadsi(113549)   digestAlgorithm(2)   2   }
md5OBJECT IDENTIFIER   ::=   {   iso(1)   member-body(2)   us(840)   rsadsi(113549)   digestAlgorithm(2)   5   }
id-sha1OBJECT IDENTIFIER   ::=   {   iso(1)   identified-organization(3)   oiw(14)   secsig(3)   algorithms(2)   26   }
 DSA Keys and Signatures   Up
-- OID for DSA public key
id-dsaOBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   x9-57(10040)   x9algorithm(4)   1
}
-- encoding for DSA public key
DSAPublicKey::= INTEGER -- public key, y
Dss-Parms::= SEQUENCE   {
p INTEGER,
q INTEGER,
g INTEGER
}
-- OID for DSA signature generated with SHA-1 hash
id-dsa-with-sha1OBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   x9-57(10040)   x9algorithm(4)   3
}
-- encoding for DSA signature generated with SHA-1 hash
Dss-Sig-Value::= SEQUENCE   {
r INTEGER,
s INTEGER
}
 RSA Keys and Signatures   Up
-- arc for RSA public key and RSA signature OIDs
pkcs-1OBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   rsadsi(113549)   pkcs(1)   1
}
-- OID for RSA public keys
rsaEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   1
}
-- OID for RSA signature generated with MD2 hash
md2WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   2
}
-- OID for RSA signature generated with MD5 hash
md5WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   4
}
-- OID for RSA signature generated with SHA-1 hash
sha1WithRSAEncryptionOBJECT IDENTIFIER   ::=   {
   pkcs-1   5
}
-- encoding for RSA public key
RSAPublicKey::= SEQUENCE   {
modulus INTEGER, -- n
publicExponent INTEGER -- e
}
 Diffie-Hellman Keys   Up
dhpublicnumberOBJECT IDENTIFIER   ::=   {
   iso(1)   member-body(2)   us(840)   ansi-x942(10046)   number-type(2)   1
}
-- encoding for DH public key
DHPublicKey::= INTEGER -- public key, y = g^x mod p
DomainParameters::= SEQUENCE   {
p INTEGER, -- odd prime, p=jq +1
g INTEGER, -- generator, g
q INTEGER, -- factor of p-1
j INTEGER OPTIONAL,-- subgroup factor, j>= 2
validationParms ValidationParms OPTIONAL
}
ValidationParms::= SEQUENCE   {
seed BIT STRING,
pgenCounter INTEGER
}
 KEA Keys   Up
keyExchangeAlgorithmOBJECT IDENTIFIER   ::=   {
   2   16   840   1   101   2   1   1   22
}
KEA-Parms-Id::= OCTET STRING
 Elliptic Curve Keys, Signatures, and Curves   Up