This article introduces some basic knowledge about digital certificates and keys. For example, what is a digital certificate? What is ASN.1? What does the common X.509 stand for? What are the PKI and PKCS standards?

I. Digital certificates

Distribution of public keys is an important step for asymmetric encryption algorithms and digital signatures. Theoretically, anyone can obtain a public public key, but the public key file may be forged and may be tampered with in the transmission process, so once the public key itself goes wrong, the security built on it will not be established.

Digital certificate mechanism can solve the problem of public key distribution and ensure the validity of recorded information. Such as proving that a public key is owned by an entity (individual or organization), and ensuring that any tampering can be detected, thus achieving secure distribution of users’ public keys.

Digital certificates can be divided into Encryption Certificate and Signature Certificate according to the purpose of the public key protected.

  • Cryptographic digital certificates are used to protect public keys for encryption purposes
  • Signature verification A public key used by a digital certificate to protect signature purposes
  • Both types of public keys can be placed in the same certificate

Generally, certificates need to be issued and endorsed by a Certification Authority (CA).

  • Authoritative commercial certification bodies include DigiCert, GlobalSign, VeriSign, etc
  • Users can also set up a local CA system to issue and endorse their own certificates on a private network

Second, the ASN. 1

Common digital certificates and keys use asN.1 Syntax to describe the structure. Asn.1 (Abstract Syntax Notation One) is a set of standards that describe the data representation, encoding, transmission, and decoding. It provides a formal, unambiguous, and precise set of rules for describing object structures independent of specific computer hardware.

Asn.1 itself only defines the abstract syntax to represent the information, but there is no method to limit its encoding. The various ASN.1 encoding rules provide a transmission syntax (concrete expression) for the values of data described by ASN.1 in its abstract syntax. Asn.1’s standard encoding rules are:

  • BERBasic Encoding Rules
    • BasicEncoding Rules (BER) are the earliest encoding Rules defined in ASN.1. Other encoding Rules are formed by adding new Rules to BER
    • The syntax transfer format for BER is TLV triplet<Type, Length, Value>
  • DER Unique Encoding Rules
  • CER Canonical Encoding Rules
  • Packed Encoding Rules PER
  • XER XML Encoding Rules

X.509 Certificate specification

X.509 is the standard format for public key certificates in cryptography.

The contents of a digital certificate may include the certificate domain (certificate version, serial number, signature algorithm type, issuer information, validity period, issued subject, issued public key), CA’s signature algorithm and signature value for the certificate, etc. They are generally written in X.509 specification.

Certificate format: Privacy Enhanced Mail (PEM) format is recommended for storing certification-related files in x. 509.

  • The file name suffix of a certificate file is.crt.cer
  • The file name suffix of the corresponding private key file is.key
  • The file name suffix of the certificate request file is.csr
  • Sometimes they are used uniformly.pemAs a filename suffix

The PEM format is stored in text format, including the beginning and end tags and content blocks. The content blocks are encoded in Base64 format, as shown in the following example:

-----BEGIN CERTIFICATE-----
BASE64 CONTENT
-----END CERTIFICATE-----
Copy the code

The most widely used standard currently is the V3 version of the ITU/ISO specification x.509 (RFC 5280), which defines the following certificate information domains:

  • Version Number: Version number of the specification (currently version 3, value is0x2)
  • Serial Number: A unique Serial Number maintained by a CA that is assigned to each certificate it issues and used to track and revoke certificates
  • Signature Algorithm ID: indicates the Algorithm used for Signature
  • Issuer Name: Information about the certificate issuing unit, such asC=CN, ST=Shanghai, L=Shanghai, O=org.aurthur.cn, CN=ca.org.aurthur.aurthur
  • Period of validity: Validity period of the certificate, such asNot Before 2020-08-08-00-00UTC, Not After 20230-08-08-00-00UTC
  • Subject Name: Distinguished Name of the certificate owner, for exampleC=CN, ST=Shanghai, L=Shanghai, CN=p1.org.aurthur.cn
  • Subject Public Key Info: Indicates information about the protected public key
    • Public Key Algorithm: Algorithm adopted by the Public Key
    • Subject Public Key: indicates the content of the Public Key
  • Issuer Unique Identifier (optional) : The Unique information about the Issuer. Only versions 2 and 3 are supported. (Optional)
  • Subject Unique Identifier (optional) : Indicates the Unique information of the entity that owns the certificate. Only versions 2 and 3 support this (optional).
  • Extensions (optional): Optional extensions, which may include:
    • Subject Key Identifier: Key Identifier of an entity that identifies multiple pairs of keys
    • Basic Constraints: Generally indicates whether the certificate belongs to a CA
    • Authority Key Identifier: The public Key Identifier of the issuer that issues this certificate
    • Authority Information Access: specifies the address for issuing related services, such as the address for obtaining the issuer certificate and the address for querying the certificate revocation list
    • CRL Distribution Points: indicates the Distribution address of the certificate deregistration list
    • Key Usage: Indicates the Usage or function of the certificate, such as Digital Signature and Key CertSign
    • Subject Alternative Name: alias of the certificate identity entity
  • Certificate Signature Algorithm: indicates the Algorithm used to sign the Certificate
  • Certificate Signature: Indicates the Signature of a Certificate

X.509 Standard Diagram:

PKI system

According to X.509, public keys can be protected by the certificate mechanism, but the generation, distribution, and revocation of certificates are not involved.

The Public Key Infrastructure (PKI) resolves the authentication and management issues related to the certificate life cycle and defines the standards for securely managing and distributing certificates.

PKI is a general framework for secure and reliable message transfer and identity confirmation based on public and private keys. It does not represent a specific cryptography technology or process. The platform that implements PKI can manage users’ keys and certificates in the network safely and reliably.

A complete PKI architecture should include the following components:

  • Digital certificate: Electronic certificate that contains the public key used to sign and encrypt data. It is the core element of PKI
  • Certification Authority (CA) : the authority that applies for and issues digital certificates
  • Certificate database: stores issued digital certificates and public keys, as well as a directory of related certificates, from which users can obtain required certificates and public keys of other users
  • Certificate Revocation List (CRL) /OCSP: List of certificates that are revoked within the validity period. OCSP (Online Certificate Status Protocol) is the international protocol for obtaining certificate status
  • Key backup and restoration: PKI provides a key backup and restoration mechanism to avoid the failure to decrypt legitimate data due to the loss of the decryption key
  • PKI Application interface (API) : Provides a secure, consistent, and trusted way for applications to interact with PKI

Five, PKCS standards

Public Key Cryptography Standards (PKCS) is a set of Standards developed by RSA LABS and other security system developers to promote the development of Public Key Cryptography. PKCS has published 15 Standards.

The commonly used RSA cryptography algorithm is the PKCS#1 standard implementation algorithm, generally using version 1.5.

The name of the version use instructions
PKCS#1 2.1 RSA Cryptography Standard Defines the mathematical basis of RSA, the public (private) key format, and the process of adding (unencrypting) and signing (verifying) (version 1.5 was attacked).
PKCS#2 undo Originally designed to standardize the conversion of RSA encryption digest (now included in PKCS#1)
PKCS#3 1.4 Diffie-hellman Key Agreement Standard Specification Key protocol standards based on DH key protocol
PKCS#4 undo Originally used to standardize the process for converting RSA keys (now included in PKCS#1)
PKCS#5 2.0 Password-based Encryption Standard See RFC 2898 and PBKDF2
PKCS#6 1.5 Extended-certificate Syntax Standard The original X.509 certificate format standard has been expanded
PKCS#7 1.5 Cryptographic Message Syntax Standard See RFC 2315, which regulates the format of signatures (ciphertext) generated by public key infrastructure (PKI)
PKCS#8 1.2 Private-key Information Syntax Standard (PRIVATE-Key Information Syntax Standard) Apache standard for reading certificate private keys
PKCS#9 2.0 Select Attribute Types Define the selection attribute format for PKCS#6, PKCS#7, PKCS#8, PKCS#10
PKCS#10 1.7 Certification Request Standard See RFC 2986, which regulates the format of a CSR for a certificate to a certification center
PKCS#11 2.20 Standard Cryptographic Token Interface (Cryptoki) Defines the application program interface (API) specification for cryptographic devices
PKCS#12 1.0 Personal Information Exchange Syntax Standard Defines the file format that contains the private Key and Public Key Certificate (the common PFX does PKCS#12)
PKCS#13 Elliptic Curve Cryptography Standard Specification for applications of cryptography based on elliptic curve cryptography (under development)
PKCS#14 Pseudo-random Number Generation Standard Specification of the Use and design of quasi-random number generators (under development)
PKCS#15 1.1 Cryptographic Token Information Format Standard Defines the organization structure of data within a cryptographic device