4. Guide (指南)
为方便起见, 这些图表总结了以下各节中的结构、编码和参考:
| 章节 | 标签 | ASN.1 类型 | 参考 | 模块 |
|---|---|---|---|---|
| 5 | CERTIFICATE | Certificate | [RFC5280] | id-pkix1-e |
| 6 | X509 CRL | CertificateList | [RFC5280] | id-pkix1-e |
| 7 | CERTIFICATE REQUEST | CertificationRequest | [RFC2986] | id-pkcs10 |
| 8 | PKCS7 | ContentInfo | [RFC2315] | id-pkcs7* |
| 9 | CMS | ContentInfo | [RFC5652] | id-cms2004 |
| 10 | PRIVATE KEY | PrivateKeyInfo ::= OneAsymmetricKey | [RFC5208] [RFC5958] | id-pkcs8 id-aKPV1 |
| 11 | ENCRYPTED PRIVATE KEY | EncryptedPrivateKeyInfo | [RFC5958] | id-aKPV1 |
| 12 | ATTRIBUTE CERTIFICATE | AttributeCertificate | [RFC5755] | id-acv2 |
| 13 | PUBLIC KEY | SubjectPublicKeyInfo | [RFC5280] | id-pkix1-e |
图 4: 便利指南
-----------------------------------------------------------------------
id-pkixmod OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) mod(0)}
id-pkix1-e OBJECT IDENTIFIER ::= {id-pkixmod pkix1-explicit(18)}
id-acv2 OBJECT IDENTIFIER ::= {id-pkixmod mod-attribute-cert-v2(61)}
id-pkcs OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840)
rsadsi(113549) pkcs(1)}
id-pkcs10 OBJECT IDENTIFIER ::= {id-pkcs 10 modules(1) pkcs-10(1)}
id-pkcs7 OBJECT IDENTIFIER ::= {id-pkcs 7 modules(0) pkcs-7(1)}
id-pkcs8 OBJECT IDENTIFIER ::= {id-pkcs 8 modules(1) pkcs-8(1)}
id-sm-mod OBJECT IDENTIFIER ::= {id-pkcs 9 smime(16) modules(0)}
id-aKPV1 OBJECT IDENTIFIER ::= {id-sm-mod mod-asymmetricKeyPkgV1(50)}
id-cms2004 OBJECT IDENTIFIER ::= {id-sm-mod cms-2004(24)}
* 这个 OID 实际上并未出现在 PKCS #7 v1.5 [RFC2315] 中。它在 PKCS #7 v1.6 [P7v1.6] 的 ASN.1 模块中定义, 并通过 PKCS #12 [RFC7292] 继续使用。
图 5: ASN.1 模块对象标识符值分配