34
34
<p>Certificates were originally defined by ITU (CCITT) and the latest
35
35
definitions are described in <cite id="X.509"></cite>, but those definitions
36
36
are (as always) not working.
38
38
<p>Working certificate definitions for the Internet Community are found
39
in the the PKIX RFCs <cite id="rfc3279"></cite>and <cite id="rfc3280"></cite>.
39
in the the PKIX RFCs <cite id="rfc3279"></cite> and <cite id="rfc3280"></cite>.
40
40
The parsing of certificates in the Erlang/OTP SSL application is
41
41
based on those RFCS.
43
43
<p>Certificates are defined in terms of ASN.1 (<cite id="X.680"></cite>).
44
44
For an introduction to ASN.1 see <url href="http://asn1.elibel.tm.fr/">ASN.1 Information Site</url>.
49
49
<title>PKIX Certificates</title>
50
<p>Here we base the PKIX certificate definitions in RFCs <cite id="rfc3279"></cite>and <cite id="rfc3280"></cite>. We however present the
51
definitions according to <c>SSL-PKIX.asn1</c> module,
52
which is an amelioration of the <c>PKIX1Explicit88.asn1</c>,
53
<c>PKIX1Implicit88.asn1</c>, and <c>PKIX1Algorithms88.asn1</c>
54
modules. You find all these modules in the <c>pkix</c> subdirectory
57
<p>The Erlang terms that are returned by the functions
58
<c>ssl:peercert/1/2</c>, <c>ssl_pkix:decode_cert/1/2</c>, and
59
<c>ssl_pkix:decode_cert_file/1/2</c> when the option <c>ssl</c>
60
is used in those functions, correspond the ASN.1 structures
61
described in the sequel.
65
<title>Certificate and TBSCertificate</title>
67
Certificate ::= SEQUENCE {
68
tbsCertificate TBSCertificate,
69
signatureAlgorithm SignatureAlgorithm,
70
signature BIT STRING }
72
TBSCertificate ::= SEQUENCE {
73
version [0] Version DEFAULT v1,
74
serialNumber CertificateSerialNumber,
75
signature SignatureAlgorithm,
79
subjectPublicKeyInfo SubjectPublicKeyInfo,
80
issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
81
-- If present, version MUST be v2 or v3
82
subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
83
-- If present, version MUST be v2 or v3
84
extensions [3] Extensions OPTIONAL
85
-- If present, version MUST be v3 -- }
87
Version ::= INTEGER { v1(0), v2(1), v3(2) }
89
CertificateSerialNumber ::= INTEGER
91
Validity ::= SEQUENCE {
97
generalTime GeneralizedTime }
99
<p>The meaning of the fields <c>version</c>, <c>serialNumber</c>,
100
and <c>validity</c> are quite obvious given the type definitions
101
above, so we do not go further into their details.
103
<p>The <c>signatureAlgorithm</c> field of <c>Certificate</c> and
104
the <c>signature</c> field of <c>TBSCertificate</c> contain
105
the name and parameters of the algorithm used for signing the
106
certificate. The values of these two fields must be equal.
108
<p>The <c>signature</c> field of <c>Certificate</c> contains the
109
value of the signature that the issuer computed by using the
110
prescribed algorithm.
112
<p>The <c><![CDATA[issuer<c> and <c>subject]]></c> fields can contain many
113
different types av data, and is therefore considered in a
114
separate section. The same holds for the <c>extensions</c>
116
The <c>issuerUniqueID</c> and the <c>subjectUniqueID</c> fields
117
are not considered further.</p>
121
<title>TBSCertificate issuer and subject</title>
123
<code type="none"><![CDATA[
124
Name ::= CHOICE { -- only one possibility for now --
125
rdnSequence RDNSequence }
127
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
129
DistinguishedName ::= RDNSequence
131
RelativeDistinguishedName ::=
132
SET SIZE (1 .. MAX) OF AttributeTypeAndValue
134
AttributeTypeAndValue ::= SEQUENCE {
135
type ATTRIBUTE-TYPE-AND-VALUE-CLASS.&id
136
\011\011({SupportedAttributeTypeAndValues}),
137
value ATTRIBUTE-TYPE-AND-VALUE-CLASS.&Type
138
\011\011({SupportedAttributeTypeAndValues}{@type}) }
140
SupportedAttributeTypeAndValues ATTRIBUTE-TYPE-AND-VALUE-CLASS ::=
141
\011{ name | surname | givenName | initials | generationQualifier |
142
\011 commonName | localityName | stateOrProvinceName | organizationName |
143
\011 organizationalUnitName | title | dnQualifier | countryName |
144
\011 serialNumber | pseudonym | domainComponent | emailAddress } ]]></code>
148
<title>TBSCertificate extensions</title>
149
<p>The <c>extensions</c> field of a <c>TBScertificate</c> is a
150
sequence of type <c>Extension</c>, defined as follows,</p>
152
Extension ::= SEQUENCE {
153
extnID OBJECT IDENTIFIER,
154
critical BOOLEAN DEFAULT FALSE,
155
extnValue ANY } </code>
156
<p>Each extension has a unique object identifier. An extension
157
with a <c>critical</c> value set to <c>TRUE</c><em>must</em>
158
be recognised by the reader of a certificate, or else the
159
certificate must be rejected.
161
<p>Extensions are divided into two groups: standard extensions
162
and internet certificate extensions. All extensions listed in
163
the table that follows are standard extensions, except for
164
<c>authorityInfoAccess</c> and <c>subjectInfoAccess</c>, which
165
are internet extensions.
167
<p>Depending on the object identifier the <c>extnValue</c> is
168
parsed into an appropriate welldefined structure.
170
<p>The following table shows the purpose of each extension, but
171
does not specify the structure. To see the structure consult
172
the <c>PKIX1Implicit88.asn1</c> module.
176
<cell align="left" valign="middle">authorityKeyIdentifier</cell>
177
<cell align="left" valign="middle">Used by to identify a certificate signed that has multiple signing keys. </cell>
180
<cell align="left" valign="middle">subjectKeyIdentifier</cell>
181
<cell align="left" valign="middle">Used to identify certificates that contain a public key. Must appear i CA certificates.</cell>
184
<cell align="left" valign="middle">keyUsage </cell>
185
<cell align="left" valign="middle">Defines the purpose of the certificate. Can be one or several of<c>digitalSignature</c>, <c>nonRepudiation</c>,<c>keyEncipherment</c>, <c>dataEncipherment</c>,<c>keyAgreement</c>, <c>keyCertSign</c>, <c>cRLSign</c>,<c>encipherOnly</c>, <c>decipherOnly</c>.</cell>
188
<cell align="left" valign="middle">privateKeyUsagePeriod </cell>
189
<cell align="left" valign="middle">Allows certificate issuer to provide a private key usage period to be short than the certificate usage period.</cell>
192
<cell align="left" valign="middle">certificatePolicies</cell>
193
<cell align="left" valign="middle">Contains one or more policy information terms indicating the policies under which the certificate has been issued.</cell>
196
<cell align="left" valign="middle">policyMappings</cell>
197
<cell align="left" valign="middle">Used i CA certificates. </cell>
200
<cell align="left" valign="middle">subjectAltName</cell>
201
<cell align="left" valign="middle">Allows additional identities to be bound the the subject. </cell>
204
<cell align="left" valign="middle">issuerAltName</cell>
205
<cell align="left" valign="middle">Allows additional identities to be bound the the issuer.</cell>
208
<cell align="left" valign="middle">subjectDirectoryAttributes</cell>
209
<cell align="left" valign="middle">Conveys identity attributes of the subject.</cell>
212
<cell align="left" valign="middle">basicConstraints</cell>
213
<cell align="left" valign="middle">Tells if the certificate holder is a CA or not.</cell>
216
<cell align="left" valign="middle">nameConstraints</cell>
217
<cell align="left" valign="middle">Used in CA certificates.</cell>
220
<cell align="left" valign="middle">policyConstraints</cell>
221
<cell align="left" valign="middle">Used in CA certificates.</cell>
224
<cell align="left" valign="middle">extKeyUsage</cell>
225
<cell align="left" valign="middle">Indicates for which purposed the public key may be used. </cell>
228
<cell align="left" valign="middle">cRLDistributionPoints</cell>
229
<cell align="left" valign="middle">Indicates how CRL (Certificate Revokation List) information is obtained.</cell>
232
<cell align="left" valign="middle">inhibitAnyPolicy</cell>
233
<cell align="left" valign="middle">Used i CA certificates.</cell>
236
<cell align="left" valign="middle">freshestCRL</cell>
237
<cell align="left" valign="middle">For CRLs.</cell>
240
<cell align="left" valign="middle">authorityInfoAccess</cell>
241
<cell align="left" valign="middle">How to access CA information of the issuer of the certificate.</cell>
244
<cell align="left" valign="middle">subjectInfoAccess</cell>
245
<cell align="left" valign="middle">How to access CA information of the subject of the certificate.</cell>
247
<tcaption>PKIX Extensions</tcaption>
50
<p>Certificate handling is now handled by the <c>public_key</c> application.</p>
52
DER encoded certificates returned by <c>ssl:peercert/1</c> can for example
53
be decoded by the <c>public_key:pkix_decode_cert/2</c> function.