WebCrypto GOST Class: TBSCertificate

GostASN1. TBSCertificate


new TBSCertificate()

The sequence TBSCertificate contains information associated with the subject of the certificate and the CA who issued it. Every TBSCertificate contains the names of the subject and issuer, a public key associated with the subject, a validity period, a version number, and a serial number; some MAY contain optional unique identifier fields. The remainder of this section describes the syntax and semantics of these fields. A TBSCertificate usually includes extensions.
 TBSCertificate  ::=  SEQUENCE  {
      version         [0]  EXPLICIT Version DEFAULT v1,
      serialNumber         CertificateSerialNumber,
      signature            AlgorithmIdentifier,
      issuer               Name,
      validity             Validity,
      subject              Name,
      subjectPublicKeyInfo SubjectPublicKeyInfo,
      issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
                           -- If present, version MUST be v2 or v3
      subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
                           -- If present, version MUST be v2 or v3
      extensions      [3]  EXPLICIT Extensions OPTIONAL
                           -- If present, version MUST be v3

 Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }

 CertificateSerialNumber  ::=  INTEGER

 Validity ::= SEQUENCE {
      notBefore      Time,
      notAfter       Time }

 Time ::= CHOICE {
      utcTime        UTCTime,
      generalTime    GeneralizedTime }

 UniqueIdentifier  ::=  BIT STRING

 SubjectPublicKeyInfo  ::=  SEQUENCE  {
      algorithm            AlgorithmIdentifier,
      subjectPublicKey     BIT STRING  }

 Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension

 Extension  ::=  SEQUENCE  {
      extnID      OBJECT IDENTIFIER,
      critical    BOOLEAN DEFAULT FALSE,
      extnValue   OCTET STRING  }
See GostASN1.Certificate and GostASN1.SubjectPublicKeyInfo

RFC 5280 references http://tools.ietf.org/html/rfc5280
Name Type Description
version number The version of the encoded certificate
serialNumber number | string The serial number MUST be a positive integer assigned by the CA to each certificate.
signature AlgorithmIdentifier The algorithm identifier for the algorithm used by the CA to sign the certificate.
issuer GostASN1.Name The issuer field identifies the entity that has signed and issued the certificate.
validity GostASN1.Validity The certificate validity period
subject GostASN1.Name The subject field identifies the entity associated with the public key stored in the subject public key field.
subject GostASN1.SubjectPublicKeyInfo The public key and identify the algorithm with which the key is used
issuerUniqueID CryptoOperationData The issuer unique identifier
subjectUniqueID CryptoOperationData The subject unique identifier
extensions GostASN1.Extensions The extensions defined for X.509 v3 certificates




Check the object structure
Inherited From:


Decode the source to self object
Name Type Description
source FormatedData Encoded data
Inherited From:

encode(format) → {FormatedData}

Encode the object
Name Type Description
format string Encoding format 'DER', 'CER' or 'PEM'
Inherited From: