📄 rfc3279.txt
字号:
seed BIT STRING OPTIONAL } FieldElement ::= OCTET STRING ECPoint ::= OCTET STRING The value of FieldElement SHALL be the octet string representation of a field element following the conversion routine in [X9.62], Section 4.3.3. The value of ECPoint SHALL be the octet string representation of an elliptic curve point following the conversion routine in [X9.62], Section 4.3.6. Note that this octet string may represent an elliptic curve point in compressed or uncompressed form. Implementations that support elliptic curve according to this specification MUST support the uncompressed form and MAY support the compressed form. The components of type ECParameters have the following meanings: version specifies the version number of the elliptic curve parameters. It MUST have the value 1 (ecpVer1).Polk, et al. Standards Track [Page 14]
RFC 3279 Algorithms and Identifiers April 2002 fieldID identifies the finite field over which the elliptic curve is defined. Finite fields are represented by values of the parameterized type FieldID, constrained to the values of the objects defined in the information object set FieldTypes. Additional detail regarding fieldID is provided below. curve specifies the coefficients a and b of the elliptic curve E. Each coefficient is represented as a value of type FieldElement, an OCTET STRING. seed is an optional parameter used to derive the coefficients of a randomly generated elliptic curve. base specifies the base point P on the elliptic curve. The base point is represented as a value of type ECPoint, an OCTET STRING. order specifies the order n of the base point. cofactor is the integer h = #E(Fq)/n. This parameter is specified as OPTIONAL. However, the cofactor MUST be included in ECDH public key parameters. The cofactor is not required to support ECDSA, except in parameter validation. The cofactor MAY be included to support parameter validation for ECDSA keys. Parameter validation is not required by this specification. The AlgorithmIdentifier within SubjectPublicKeyInfo is the only place within a certificate where the parameters may be used. If the elliptic curve parameters are specified as implicitlyCA in the SubjectPublicKeyInfo AlgorithmIdentifier and the CA signed the subject certificate using ECDSA, then the certificate issuer's ECDSA parameters apply to the subject's ECDSA key. If the elliptic curve parameters are specified as implicitlyCA in the SubjectPublicKeyInfo AlgorithmIdentifier and the CA signed the certificate using a signature algorithm other than ECDSA, then clients MUST not make use of the elliptic curve public key. FieldID ::= SEQUENCE { fieldType OBJECT IDENTIFIER, parameters ANY DEFINED BY fieldType } FieldID is a SEQUENCE of two components, fieldType and parameters. The fieldType contains an object identifier value that uniquely identifies the type contained in the parameters. The object identifier id-fieldType specifies an arc containing the object identifiers of each field type. It has the following value: id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1) }Polk, et al. Standards Track [Page 15]
RFC 3279 Algorithms and Identifiers April 2002 The object identifiers prime-field and characteristic-two-field name the two kinds of fields defined in this Standard. They have the following values: prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } Prime-p ::= INTEGER -- Field size p (p in bits) characteristic-two-field OBJECT IDENTIFIER ::= { id-fieldType 2 } Characteristic-two ::= SEQUENCE { m INTEGER, -- Field size 2^m basis OBJECT IDENTIFIER, parameters ANY DEFINED BY basis } The object identifier id-characteristic-two-basis specifies an arc containing the object identifiers for each type of basis for the characteristic-two finite fields. It has the following value: id-characteristic-two-basis OBJECT IDENTIFIER ::= { characteristic-two-field basisType(1) } The object identifiers gnBasis, tpBasis and ppBasis name the three kinds of basis for characteristic-two finite fields defined by [X9.62]. They have the following values: gnBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 1 } -- for gnBasis, the value of the parameters field is NULL tpBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 2 } -- type of parameters field for tpBasis is Trinomial Trinomial ::= INTEGER ppBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 3 } -- type of parameters field for ppBasis is Pentanomial Pentanomial ::= SEQUENCE { k1 INTEGER, k2 INTEGER, k3 INTEGER }Polk, et al. Standards Track [Page 16]
RFC 3279 Algorithms and Identifiers April 2002 The elliptic curve public key (an ECPoint which is an OCTET STRING) is mapped to a subjectPublicKey (a BIT STRING) as follows: the most significant bit of the OCTET STRING becomes the most significant bit of the BIT STRING, and the least significant bit of the OCTET STRING becomes the least significant bit of the BIT STRING. Note that this octet string may represent an elliptic curve point in compressed or uncompressed form. Implementations that support elliptic curve according to this specification MUST support the uncompressed form and MAY support the compressed form. If the keyUsage extension is present in a CA or CRL issuer certificate which conveys an elliptic curve public key, any combination of the following values MAY be present: digitalSignature; nonRepudiation; and keyAgreement. If the keyAgreement value is present, either of the following values MAY be present: encipherOnly; and decipherOnly. The keyUsage extension MUST NOT assert both encipherOnly and decipherOnly. If the keyUsage extension is present in a CA certificate which conveys an elliptic curve public key, any combination of the following values MAY be present: digitalSignature; nonRepudiation; keyAgreement; keyCertSign; and cRLSign. As above, if the keyUsage extension asserts keyAgreement then it MAY assert either encipherOnly and decipherOnly. However, this specification RECOMMENDS that if keyCertSign or cRLSign is present, keyAgreement, encipherOnly, and decipherOnly SHOULD NOT be present.Polk, et al. Standards Track [Page 17]
RFC 3279 Algorithms and Identifiers April 20023 ASN.1 Module PKIX1Algorithms88 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-algorithms(17) } DEFINITIONS EXPLICIT TAGS ::= BEGIN -- EXPORTS All; -- IMPORTS NONE; -- -- One-way Hash Functions -- md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } -- -- DSA Keys and Signatures -- -- OID for DSA public key id-dsa OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 } -- encoding for DSA public key DSAPublicKey ::= INTEGER -- public key, y Dss-Parms ::= SEQUENCE { p INTEGER, q INTEGER, g INTEGER }Polk, et al. Standards Track [Page 18]
RFC 3279 Algorithms and Identifiers April 2002 -- OID for DSA signature generated with SHA-1 hash id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 } -- encoding for DSA signature generated with SHA-1 hash Dss-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER } -- -- RSA Keys and Signatures -- -- arc for RSA public key and RSA signature OIDs pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } -- OID for RSA public keys rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } -- OID for RSA signature generated with MD2 hash md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } -- OID for RSA signature generated with MD5 hash md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } -- OID for RSA signature generated with SHA-1 hash sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } -- encoding for RSA public key RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- n publicExponent INTEGER } -- ePolk, et al. Standards Track [Page 19]
RFC 3279 Algorithms and Identifiers April 2002 -- -- Diffie-Hellman Keys -- dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 } -- encoding for DSA public key DHPublicKey ::= INTEGER -- public key, y = g^x mod p DomainParameters ::= SEQUENCE { p INTEGER, -- odd prime, p=jq +1 g INTEGER, -- generator, g q INTEGER, -- factor of p-1 j INTEGER OPTIONAL, -- subgroup factor, j>= 2 validationParms ValidationParms OPTIONAL } ValidationParms ::= SEQUENCE { seed BIT STRING, pgenCounter INTEGER } -- -- KEA Keys -- id-keyExchangeAlgorithm OBJECT IDENTIFIER ::= { 2 16 840 1 101 2 1 1 22 } KEA-Parms-Id ::= OCTET STRING -- -- Elliptic Curve Keys, Signatures, and Curves -- ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) 10045 } FieldID ::= SEQUENCE { -- Finite field fieldType OBJECT IDENTIFIER, parameters ANY DEFINED BY fieldType } -- Arc for ECDSA signature OIDS id-ecSigType OBJECT IDENTIFIER ::= { ansi-X9-62 signatures(4) }Polk, et al. Standards Track [Page 20]
RFC 3279 Algorithms and Identifiers April 2002 -- OID for ECDSA signatures with SHA-1 ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { id-ecSigType 1 } -- OID for an elliptic curve signature -- format for the value of an ECDSA signature value ECDSA-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -