PKCS#10以及证书颁发过程具体实现

系统教程450 更新时间：2025-09-10 05:39:28

2024年5月2日发(作者：)

　　subject Name, //证书主体的专有名称

　　subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},

　　attributes [0] Attributes{{ CRIAttributes }}

}

subjectPublicKeyInfo 包含被认证的公钥

attributes 关于认证主提其他信息属性集合

SubjectPublicKeyInfo { ALGORITHM : IOSet} ::= SEQUENCE {

algorithm AlgorithmIdentifier {{IOSet}},

subjectPublicKey BIT STRING

}

PKInfoAlgorithms ALGORITHM ::= {

... -- add any locally defined algorithms here -- }

Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}

CRIAttributes ATTRIBUTE ::= {

... -- add any locally defined attributes here -- }

Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {

type ATTRIBUTE.&id({IOSet}),

values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type})

}

　　等价写法

CertificationRequest ::= SIGNED { EncodedCertificationRequestInfo }

　　(CONSTRAINED BY { -- Verify or sign encoded

　　-- CertificationRequestInfo -- })

EncodedCertificationRequestInfo ::=

　　TYPE-IDENTIFIER.&Type(CertificationRequestInfo)

SIGNED { ToBeSigned } ::= SEQUENCE {

　　toBeSigned ToBeSigned,

　　algorithm AlgorithmIdentifier { {SignatureAlgorithms} },

　　signature BIT STRING

}

本文发布于:2024-05-02，感谢您对本站的认可！