Certificate Request Message Format ASN.1 Module

The following section contains the complete ASN.1 module from RFC 2511, the Certificate
Request Message Format. Only a small subset of the structures defined in RFC2511 are
required to implement this specification. The entire module is provided for completeness.
Information about structures defined by this ASN.1 module but not used in the MISPC may be
found in RFC2511.
CRMF DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
– Directory Authentication Framework (X.509)
Version, AlgorithmIdentifier, Name, Time,
SubjectPublicKeyInfo, Extensions, UniqueIdentifier
FROM AuthenticationFramework { joint-iso-itu-t ds(5)
module(1) authenticationFramework(7) 3 }
– Certificate Extensions (X.509)
GeneralName
FROM CertificateExtensions {joint-iso-ccitt ds(5)
module(1) certificateExtensions(26) 0}
– Cryptographic Message Syntax
EnvelopedData
FROM CryptographicMessageSyntax { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
modules(0) cms(1) };
CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
CertReqMsg ::= SEQUENCE {
CertReq CertRequest,
Pop ProofOfPossession OPTIONAL,
– content depends upon key type
regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
CertRequest ::= SEQUENCE {
CertReqId INTEGER, – ID for matching request and reply
CertTemplate CertTemplate, – Selected fields of cert to be issued
Controls Controls OPTIONAL } – Attributes affecting issuance
CertTemplate ::= SEQUENCE {
Version [0] Version OPTIONAL,
serialNumber [1] INTEGER OPTIONAL,
signingAlg [2] AlgorithmIdentifier OPTIONAL,
issuer [3] Name OPTIONAL,
validity [4] OptionalValidity OPTIONAL,
subject [5] Name OPTIONAL,
publicKey [6] SubjectPublicKeyInfo OPTIONAL,
issuerUID [7] UniqueIdentifier OPTIONAL,
subjectUID [8] UniqueIdentifier OPTIONAL,
extensions [9] Extensions OPTIONAL }
OptionalValidity ::= SEQUENCE {
notBefore [0] Time OPTIONAL,
notAfter [1] Time OPTIONAL } –at least one MUST be present
Controls ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type OBJECT IDENTIFIER,
value ANY DEFINED BY type }
ProofOfPossession ::= CHOICE {
raVerified [0] NULL,
– used if the RA has already verified that the requester is in
– possession of the private key
signature [1] POPOSigningKey,
keyEncipherment [2] POPOPrivKey,
keyAgreement [3] POPOPrivKey }
POPOSigningKey ::= SEQUENCE {
poposkInput [0] POPOSKInput OPTIONAL,
algorithmIdentifier AlgorithmIdentifier,
signature BIT STRING }
– The signature (using “algorithmIdentifier”) is on the
– DER-encoded value of popInput. NOTE: If poposkInput is present
– in the pop field, popInput is constructed
– with otherinput. If poposkInput is not present, subject is the name
– from CertTemplate. Note that the encoding of PopInput is
intentionally ambiguous.
PoposkInput ::= CHOICE {
Subject name,
Sender [0] generalName,
publicKeyMAC [1] PKMACValue
}
– The pop is calculated upon the structure popInput, which is defined
– as follows:
PopInput ::= SEQUENCE {
CHOICE {
otherinput popskInput,
subject name },
publicKey subjectpublicKey
}
– If poposkInput is present
– in the pop field, popInput is constructed
– with otherinput. If poposkInput is not present, subject is the name
– from CertTemplate. Note that the encoding of PopInput is
– intentionally ambiguous.
PKMACValue ::= SEQUENCE {
algId AlgorithmIdentifier,
– algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13}
– parameter value is PBMParameter
value BIT STRING }
PBMParameter ::= SEQUENCE {
salt OCTET STRING,
owf AlgorithmIdentifier,
– AlgId for a One-Way Function (SHA-1 recommended)
iterationCount INTEGER,
– number of times the OWF is applied
mac AlgorithmIdentifier
– the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
} – or HMAC [RFC2104, RFC2202])
POPOPrivKey ::= CHOICE {
thisMessage [0] BIT STRING,
– posession is proven in this message (which contains the private
– key itself (encrypted for the CA))
subsequentMessage [1] SubsequentMessage,
– possession will be proven in a subsequent message
dhMAC [2] BIT STRING }
– for keyAgreement (only), possession is proven in this message
– (which contains a MAC (over the DER-encoded value of the
– certReq parameter in CertReqMsg, which MUST include both subject
– and publicKey) based on a key derived from the end entity’s
– private DH key and the CA’s public DH key);
– the dhMAC value MUST be calculated as per the directions given
– in Appendix A.
SubsequentMessage ::= INTEGER {
encrCert (0),
– requests that resulting certificate be encrypted for the
– end entity (following which, POP will be proven in a
– confirmation message)
challengeResp (1) }
– requests that CA engage in challenge-response exchange with
– end entity in order to prove private key possession
– Object identifier assignments –
id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) 7 }
– arc for Internet X.509 PKI protocols and their components
id-pkip OBJECT IDENTIFIER ::= { id-pkix 5 }
– Registration Controls in CRMF
id-regCtrl OBJECT IDENTIFIER ::= { id-pkip 1 }
– The following definition may be uncommented for use with
– ASN.1 compilers which do not understand UTF8String.
– UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING
id-regCtrl-regToken OBJECT IDENTIFIER ::= { id-regCtrl 1 }
–with syntax:
RegToken ::= UTF8String
id-regCtrl-authenticator OBJECT IDENTIFIER ::= { id-regCtrl 2 }
–with syntax:
Authenticator ::= UTF8String
id-regCtrl-pkiPublicationInfo OBJECT IDENTIFIER ::= { id-regCtrl 3 }
–with syntax:
PKIPublicationInfo ::= SEQUENCE {
action INTEGER {
dontPublish (0),
pleasePublish (1) },
pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
– pubInfos MUST NOT be present if action is “dontPublish”
– (if action is “pleasePublish” and pubInfos is omitted,
– “dontCare” is assumed)
SinglePubInfo ::= SEQUENCE {
pubMethod INTEGER {
dontCare (0),
x500 (1),
web (2),
ldap (3) },
pubLocation GeneralName OPTIONAL }
id-regCtrl-pkiArchiveOptions OBJECT IDENTIFIER ::= { id-regCtrl 4 }
–with syntax:
PKIArchiveOptions ::= CHOICE {
encryptedPrivKey [0] EncryptedKey,
– the actual value of the private key
keyGenParameters [1] KeyGenParameters,
– parameters which allow the private key to be re-generated
archiveRemGenPrivKey [2] BOOLEAN }
– set to TRUE if sender wishes receiver to archive the private
– key of a key pair which the receiver generates in response to
– this request; set to FALSE if no archival is desired.
EncryptedKey ::= CHOICE {
encryptedValue EncryptedValue,
envelopedData [0] EnvelopedData }
– The encrypted private key MUST be placed in the envelopedData
– encryptedContentInfo encryptedContent OCTET STRING.
EncryptedValue ::= SEQUENCE {
intendedAlg [0] AlgorithmIdentifier OPTIONAL,
– the intended algorithm for which the value will be used
symmAlg [1] AlgorithmIdentifier OPTIONAL,
– the symmetric algorithm used to encrypt the value
encSymmKey [2] BIT STRING OPTIONAL,
– the (encrypted) symmetric key used to encrypt the value
keyAlg [3] AlgorithmIdentifier OPTIONAL,
– algorithm used to encrypt the symmetric key
valueHint [4] OCTET STRING OPTIONAL,
– a brief description or identifier of the encValue content
– (may be meaningful only to the sending entity, and used only
– if EncryptedValue might be re-examined by the sending entity
– in the future)
encValue BIT STRING }
– the encrypted value itself
KeyGenParameters ::= OCTET STRING
id-regCtrl-oldCertId OBJECT IDENTIFIER ::= { id-regCtrl 5 }
–with syntax:
OldCertId ::= CertId
CertId ::= SEQUENCE {
issuer GeneralName,
serialNumber INTEGER }
id-regCtrl-protocolEncrKey OBJECT IDENTIFIER ::= { id-regCtrl 6 }
–with syntax:
ProtocolEncrKey ::= SubjectPublicKeyInfo
– Registration Info in CRMF
id-regInfo OBJECT IDENTIFIER ::= { id-pkip 2 }
id-regInfo-utf8Pairs OBJECT IDENTIFIER ::= { id-regInfo 1 }
–with syntax
UTF8Pairs ::= UTF8String
id-regInfo-certReq OBJECT IDENTIFIER ::= { id-regInfo 2 }
–with syntax
CertReq ::= CertRequest
END