<?xmlversion="1.0" encoding="US-ASCII"?>version='1.0' encoding='utf-8'?> <!DOCTYPE rfcSYSTEM "rfc2629.dtd"> <?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?> <?rfc comments="yes" ?> <?rfc inline="yes" ?> <?rfc strict="yes" ?> <?rfc toc="yes"?> <?rfc symrefs="yes"?> <?rfc sortrefs="yes" ?> <?rfc compact="yes" ?> <?rfc subcompact="no" ?>[ <!ENTITY nbsp " "> <!ENTITY zwsp "​"> <!ENTITY nbhy "‑"> <!ENTITY wj "⁠"> ]> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info" docName="draft-deremin-rfc4491-bis-11"ipr="trust200902">number="9215" ipr="trust200902" obsoletes="" updates="" submissionType="independent" xml:lang="en" tocInclude="true" symRefs="true" sortRefs="true" version="3"> <!-- xml2rfc v2v3 conversion 3.12.0 --> <front> <title abbrev="PKIX: GOST R 34.10-2012, 34.11-2012">Using GOST R 34.10-2012 and GOST R 34.11-2012algorithmsAlgorithms with the Internet X.509 Public Key Infrastructure</title> <seriesInfo name="RFC" value="9215"/> <author fullname="Dmitry Baryshkov" initials="D." surname="Baryshkov"role="editor" >role="editor"> <organization>Linaro Ltd.</organization> <address> <postal> <street>Harston Mill Royston Rd</street> <city>Harston, Cambridge</city> <code>CB22 7GG</code> <country>United Kingdom</country> </postal> <email>dbaryshkov@gmail.com</email> </address> </author> <author fullname="Vasily Nikolaev" initials="V." surname="Nikolaev"> <organization>CryptoPro</organization> <address> <postal> <street>18, Suschevskyval </street>val</street> <city>Moscow</city> <code>127018</code> <country>Russian Federation</country> </postal> <phone>+7 (495) 995-48-20</phone> <email>nikolaev@cryptopro.ru</email> </address> </author> <author fullname="Aleksandr Chelpanov" initials="A." surname="Chelpanov"> <organization>InfoTeCS JSC</organization> <address><postal> <street>Bldg. 1, 1/23, Stary Petrovsko-Razumovskiy Proezd</street> <city>Moscow</city> <code>127287</code> <country>Russian Federation</country> </postal> <phone>+7 (495) 737-61-92</phone><email>Aleksandr.Chelpanov@infotecs.ru</email> </address> </author> <datemonth=""month="March" year="2022"/><area>Security</area> <workgroup>Internet Engineering Task Force</workgroup><keyword>GOST</keyword> <keyword>PKI</keyword> <abstract> <t>This document describes encoding formats, identifiers, and parameter formats for thealgorithmsGOST R 34.10-2012 and GOST R 34.11-2012 algorithms for use in the Internet X.509 Public Key Infrastructure (PKI).</t> <t>This specification is developed to facilitate implementations that wish to support the GOST algorithms. This document does not imply IETF endorsement of the cryptographic algorithms used in this document.</t> </abstract> </front> <middle> <sectiontitle="Introduction">numbered="true" toc="default"> <name>Introduction</name> <t>This document describes the conventions for using the <xreftarget="GOSTR3410-2012">GOSTtarget="GOSTR3410-2012" format="default">GOST R34.10-2012</xref> (see34.10-2012 signature algorithm</xref> <xref target="RFC7091"/>) signature algorithmformat="default"/> and the <xreftarget="GOSTR3411-2012">target="GOSTR3411-2012" format="default"> GOST R34.11-2012</xref> (see34.11-2012 hash function</xref> <xref target="RFC6986"/>) hash functionformat="default"/> in the Internet X.509 Public Key Infrastructure (PKI) <xref target="RFC5280"/>.</t>format="default"/>.</t> <t>This specification defines the contents of the signatureAlgorithm, signatureValue, signature, and subjectPublicKeyInfo fields within X.509 Certificates and Certificate Revocation Lists (CRLs). For each algorithm, the appropriate alternatives for the keyUsage certificate extension are provided.</t> <t>This specification is developed to facilitate implementations that wish to support the GOST algorithms. This document does not imply IETF endorsement of the cryptographic algorithms used in this document.</t> <sectiontitle="Requirements Language">numbered="true" toc="default"> <name>Requirements Language</name> <t>The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t> </section> </section> <sectiontitle="Signaturenumbered="true" toc="default"> <name>Signature AlgorithmSupport">Support</name> <t>Conforming Certificate Authorities (CAs)MAY<bcp14>MAY</bcp14> use the GOST R 34.10-2012 signature algorithm to sign certificates and CRLs. This signature algorithmMUST<bcp14>MUST</bcp14> always be used with the GOST R 34.11-2012 hash function. It may usekeysa key length of either 256 bits or 512 bits.</t> <t>The ASN.1 object identifier (OID) used to identify the GOST R 34.10-2012 signature algorithm with a 256-bit key length and the GOST R 34.11-2012 hash function with a 256-bit hash code is:</t><t><figure><artwork><![CDATA[id-tc26-signwithdigest-gost3410-12-256<sourcecode name="" type="asn.1"><![CDATA[id-tc26-signwithdigest-gost3410-12-256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) signwithdigest(3)gost3410-12-256(2)}]]></artwork></figure></t> <t>GOSTgost3410-12-256(2)} ]]></sourcecode> <t>The GOST R 34.10-2012 signature algorithm with a 256-bit key length generates a digital signature in the form of two 256-bitintegers,integers: r and s. Its octet string representation consists of 64 octets, where the first 32 octets contain the big-endian representation of s and the second 32 octets contain the big-endian representation of r.</t> <t>The ASN.1object identifierOID used to identify the GOST R 34.10-2012 signature algorithm with a 512-bit key length and the GOST R 34.11-2012 hash function with a 512-bit hash code is:</t><t><figure><artwork><![CDATA[id-tc26-signwithdigest-gost3410-12-512<sourcecode name="" type="asn.1"><![CDATA[id-tc26-signwithdigest-gost3410-12-512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) signwithdigest(3)gost3410-12-512(3)}]]></artwork></figure></t> <t>GOSTgost3410-12-512(3)} ]]></sourcecode> <t>The GOST R 34.10-2012 signature algorithm with a 512-bit key length generates a digital signature in the form of two 512-bitintegers,integers: r and s. Its octet string representation consists of 128 octets, where the first 64 octets contain the big-endian representation of s and the second 64 octets contain the big-endian representation of r.</t> <t>When either of theseOIDOIDs is used as the algorithm field in an AlgorithmIdentifier structure, the encodingMUST<bcp14>MUST</bcp14> omit the parameters field.</t> <t>The described definition of a signature value is directly usable inCMSthe Cryptographic Message Syntax (CMS) <xreftarget="RFC5652"/>,target="RFC5652" format="default"/>, where such values are represented as octet strings. However, signature values in certificates and CRLs <xreftarget="RFC5280"/>target="RFC5280" format="default"/> are represented as bit strings, and thus the octet string representation must be converted.</t> <t>To convert an octet string signature value to a bit string, the most significant bit of the first octet of the signature valueSHALL<bcp14>SHALL</bcp14> become the first bit of the bit string, and so on through the least significant bit of the last octet of the signature value, whichSHALL<bcp14>SHALL</bcp14> become the last bit of the bit string.</t> </section> <sectiontitle="Hash Functions Support" anchor="streebog">anchor="streebog" numbered="true" toc="default"> <name>Hash Function Support</name> <t>The ASN.1object identifierOID used to identify the GOST R 34.11-2012 hash function with a 256-bit hash code is:</t><t><figure><artwork><![CDATA[id-tc26-gost3411-12-256<sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost3411-12-256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) digest(2)gost3411-12-256(2)}]]></artwork></figure></t>gost3411-12-256(2)} ]]></sourcecode> <t>The ASN.1object identifierOID used to identify the GOST R 34.11-2012 hash function with a 512-bit hash code is:</t><t><figure><artwork><![CDATA[id-tc26-gost3411-12-512<sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost3411-12-512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) digest(2)gost3411-12-512(3)}]]></artwork></figure></t>gost3411-12-512(3)} ]]></sourcecode> <t>When either of theseOIDOIDs is used as the algorithm field in an AlgorithmIdentifier structure, the encodingMUST<bcp14>MUST</bcp14> omit the parameters field.</t> </section> <sectiontitle="Subjectnumbered="true" toc="default"> <name>Subject Public Keys InformationFields">Fields</name> <sectiontitle="Publicnumbered="true" toc="default"> <name>Public KeyIdentifiers">Identifiers</name> <t>GOST R 34.10-2012 public keys with256 bitsa 256-bit private key length are identified by the following OID:</t><t><figure><artwork><![CDATA[id-tc26-gost3410-12-256<sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost3410-12-256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) sign(1)gost3410-12-256(1)}]]></artwork></figure></t>gost3410-12-256(1)} ]]></sourcecode> <t>GOST R 34.10-2012 public keys with512 bitsa 512-bit private key length are identified by the following OID:</t><t><figure><artwork><![CDATA[id-tc26-gost3410-12-512<sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost3410-12-512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) algorithms(1) sign(1)gost3410-12-512(2)}]]></artwork></figure></t>gost3410-12-512(2)} ]]></sourcecode> </section> <sectiontitle="Publicnumbered="true" toc="default"> <name>Public KeyParameters">Parameters</name> <t>When either of these identifiers appears as the algorithm field in the SubjectPublicKeyInfo.algorithm.algorithm field, the parameters fieldMUST<bcp14>MUST</bcp14> have the following structure: </t><t><figure><artwork><![CDATA[GostR3410-2012-PublicKeyParameters<sourcecode name="" type="asn.1"><![CDATA[GostR3410-2012-PublicKeyParameters ::= SEQUENCE { publicKeyParamSet OBJECT IDENTIFIER, digestParamSet OBJECT IDENTIFIER OPTIONAL}]]></artwork></figure></t>} ]]></sourcecode> <t>where:<list style="symbols"> <t><spanx style="verb">publicKeyParamSet</spanx> -</t> <ul spacing="normal"> <li> <tt>publicKeyParamSet</tt> is the public key parameters identifier for GOST R 34.10-2012 parameters (seeSections 5.1.1Sections <xref target="RFC7836" section="5.1.1" sectionFormat="bare"/> and5.2.1<xref target="RFC7836" section="5.2.1" sectionFormat="bare"/> of <xref target="RFC7836"/> or <xref target="pkparamsBCD"/>)format="default"/>) or GOST R 34.10-2001 parameters (seeSection 8.4 of<xreftarget="RFC4357"/>) parameters.</t> <t><spanx style="verb">digestParamSet</spanx> - parametertarget="RFC4357" sectionFormat="of" section="8.4"/>).</li> <li> <tt>digestParamSet</tt> is the parameters identifier for the corresponding GOST R 34.11-2012(Seeparameters (see <xref target="streebog"/>).</t> </list> </t>format="default"/>).</li> </ul> <t>The followingvaluesvalues, when used as<spanx style="verb">publicKeyParamSet</spanx><tt>publicKeyParamSet</tt>, define test public key parameter sets andMUST NOT<bcp14>MUST NOT</bcp14> be used outside of testing scenarios:<list style="symbols"> <t><spanx style="verb">id-GostR3410-2001-TestParamSet</spanx>,</t> <t><spanx style="verb">id-tc26-gost-3410-2012-512-paramSetTest</spanx></t> </list></t> <ul spacing="normal"> <li> <tt>id-GostR3410-2001-TestParamSet</tt></li> <li> <tt>id-tc26-gost-3410-2012-512-paramSetTest</tt></li> </ul> <t>Thefield <spanx style="verb">digestParamSet</spanx>: <list style="symbols"> <t>SHOULD<tt>digestParamSet</tt> field: </t> <ul spacing="normal"> <li><bcp14>SHOULD</bcp14> be omitted if the GOST R 34.10-2012 signature algorithm is used with a 512-bit keylength;</t> <t>MUSTlength</li> <li> <t><bcp14>MUST</bcp14> be present and must be equal to<spanx style="verb">id-tc26-digest-gost3411-12-256</spanx><tt>id-tc26-digest-gost3411-12-256</tt> if one of the following values is used as<spanx style="verb">publicKeyParamSet</spanx>: <list style="symbols"> <t><spanx style="verb">id-GostR3410-2001-TestParamSet</spanx>,</t> <t><spanx style="verb">id-GostR3410-2001-CryptoPro-A-ParamSet</spanx>,</t> <t><spanx style="verb">id-GostR3410-2001-CryptoPro-B-ParamSet</spanx>,</t> <t><spanx style="verb">id-GostR3410-2001-CryptoPro-C-ParamSet</spanx>,</t> <t><spanx style="verb">id-GostR3410-2001-CryptoPro-XchA-ParamSet</spanx>,</t> <t><spanx style="verb">id-GostR3410-2001-CryptoPro-XchB-ParamSet</spanx>;</t> </list></t> <t>SHOULD<tt>publicKeyParamSet</tt>: </t> <ul spacing="normal"> <li> <tt>id-GostR3410-2001-TestParamSet</tt></li> <li> <tt>id-GostR3410-2001-CryptoPro-A-ParamSet</tt></li> <li> <tt>id-GostR3410-2001-CryptoPro-B-ParamSet</tt></li> <li> <tt>id-GostR3410-2001-CryptoPro-C-ParamSet</tt></li> <li> <tt>id-GostR3410-2001-CryptoPro-XchA-ParamSet</tt></li> <li> <tt>id-GostR3410-2001-CryptoPro-XchB-ParamSet</tt></li> </ul> </li> <li> <t><bcp14>SHOULD</bcp14> be omitted if publicKeyParamSet is equal to:<list style="symbols"> <t><spanx style="verb">id-tc26-gost-3410-2012-256-paramSetA</spanx>;</t> </list></t> <t>MUST</t> <ul spacing="normal"> <li> <tt>id-tc26-gost-3410-2012-256-paramSetA</tt></li> </ul> </li> <li> <t><bcp14>MUST</bcp14> be omitted if one of the following values is used as publicKeyParamSet:<list style="symbols"> <t><spanx style="verb">id-tc26-gost-3410-2012-256-paramSetB</spanx>,</t> <t><spanx style="verb">id-tc26-gost-3410-2012-256-paramSetC</spanx>,</t> <t><spanx style="verb">id-tc26-gost-3410-2012-256-paramSetD</spanx>.</t> </list></t> </list></t></t> <ul spacing="normal"> <li> <tt>id-tc26-gost-3410-2012-256-paramSetB</tt></li> <li> <tt>id-tc26-gost-3410-2012-256-paramSetC</tt></li> <li> <tt>id-tc26-gost-3410-2012-256-paramSetD</tt></li> </ul> </li> </ul> </section> <sectiontitle="Publicnumbered="true" toc="default"> <name>Public KeyEncoding">Encoding</name> <t>The GOST R 34.10-2012 public keyMUST<bcp14>MUST</bcp14> be ASN.1 DER encoded as an OCTET STRING. This encodingSHALL<bcp14>SHALL</bcp14> be used as the content (i.e., the value) of the subjectPublicKey field (a BIT STRING) of the SubjectPublicKeyInfo structure.</t><t><figure><artwork>GostR3410-2012-256-PublicKey<sourcecode name="" type="asn.1"><![CDATA[GostR3410-2012-256-PublicKey ::= OCTET STRING (SIZE(64)) GostR3410-2012-512-PublicKey ::= OCTET STRING (SIZE(128))</artwork></figure></t> <t><spanx style="verb">GostR3410-2012-256-PublicKey</spanx> MUST(128)) ]]></sourcecode> <t><tt>GostR3410-2012-256-PublicKey</tt> <bcp14>MUST</bcp14> contain 64 octets, where the first 32 octets contain the little-endian representation of<spanx style="verb">x</spanx>the <tt>x</tt> coordinate of the public key and the second 32 octetscontainscontain the little-endian representation of<spanx style="verb">y</spanx> coordinatesthe <tt>y</tt> coordinate of the public key.</t><t><spanx style="verb">GostR3410-2012-512-PublicKey</spanx> MUST<t><tt>GostR3410-2012-512-PublicKey</tt> <bcp14>MUST</bcp14> contain 128 octets, where the first 64 octets contain the little-endian representation of<spanx style="verb">x</spanx>the <tt>x</tt> coordinate of the public key and the second 64 octetscontainscontain the little-endian representation of<spanx style="verb">y</spanx> coordinatesthe <tt>y</tt> coordinate of the public key.</t> </section> <sectiontitle="Keynumbered="true" toc="default"> <name>Key UsageExtension">Extension</name> <t>If the KeyUsage extension is present in a certificate with the GOST R 34.10-2012 public key, the following valuesMAY<bcp14>MAY</bcp14> be present:<list style="symbols"> <t><spanx style="verb">digitalSignature</spanx> (0),</t> <t><spanx style="verb">contentCommitment</spanx> (1),</t> <t><spanx style="verb">keyEncipherment</spanx> (2),</t> <t><spanx style="verb">dataEncipherment</spanx> (3),</t> <t><spanx style="verb">keyAgreement</spanx> (4),</t> <t><spanx style="verb">keyCertSign</spanx> (5),</t> <t><spanx style="verb">cRLSign</spanx> (6),</t> <t><spanx style="verb">encipherOnly</spanx> (7),</t> <t><spanx style="verb">decipherOnly</spanx> (8).</t> </list></t></t> <ul spacing="normal"> <li> <tt>digitalSignature</tt> (0)</li> <li> <tt>contentCommitment</tt> (1)</li> <li> <tt>keyEncipherment</tt> (2)</li> <li> <tt>dataEncipherment</tt> (3)</li> <li> <tt>keyAgreement</tt> (4)</li> <li> <tt>keyCertSign</tt> (5)</li> <li> <tt>cRLSign</tt> (6)</li> <li> <tt>encipherOnly</tt> (7)</li> <li> <tt>decipherOnly</tt> (8)</li> </ul> <t>Note that<spanx style="verb">contentCommitment</spanx><tt>contentCommitment</tt> was named<spanx style="verb">nonRepudiation</spanx><tt>nonRepudiation</tt> in previous versions of X.509.</t> <t>If the key is going to be used for key agreement, the <tt>keyAgreement</tt> flag<spanx style="verb">keyAgreement</spanx> MUST<bcp14>MUST</bcp14> be present in<spanx style="verb">KeyUsage</spanx> extensionthe <tt>KeyUsage</tt> extension, with<spanx style="verb">encipherOnly</spanx>the <tt>encipherOnly</tt> and<spanx style="verb">decipherOnly</spanx><tt>decipherOnly</tt> flags being optional.HoweverHowever, the<spanx style="verb">encipherOnly</spanx><tt>encipherOnly</tt> and<spanx style="verb">decipherOnly</spanx><tt>decipherOnly</tt> flagsMUST NOT<bcp14>MUST NOT</bcp14> be present simultaneously.</t> </section> </section> <sectiontitle="Qualified Certificates Extensions">numbered="true" toc="default"> <name>Qualified Certificate Extensions</name> <t>This section defines additionalobject identifiers (OIDs)OIDs for use in qualified certificates for checking digital signatures.</t> <sectiontitle="Distinguishednumbered="true" toc="default"> <name>Distinguished NameAdditions"> <t><figure> <preamble>OGRNAdditions</name> <t keepWithNext="true">OGRN is the main state registration number of juridicalentities.</preamble> <artwork>OGRNentities.</t> <sourcecode name="" type="asn.1"><![CDATA[OGRN ::= NUMERIC STRING(SIZE(13))</artwork> <postamble>Corresponding(SIZE(13)) ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.100.1</spanx>.</postamble> </figure></t> <t><figure> <preamble>SNILS<tt>1.2.643.100.1</tt>.</t> <t keepWithNext="true">SNILS is the individual insurance accountnumber.</preamble> <artwork>SNILSnumber.</t> <sourcecode name="" type="asn.1"><![CDATA[SNILS ::= NUMERIC STRING(SIZE(11))</artwork> <postamble>Corresponding(SIZE(11)) ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.100.3</spanx>.</postamble> </figure></t> <t><figure> <preamble>INNLE<tt>1.2.643.100.3</tt>.</t> <t keepWithNext="true">INNLE is the individual taxpayer number (ITN) of theLegal Entity.</preamble> <artwork>INNLElegal entity.</t> <sourcecode name="" type="asn.1"><![CDATA[INNLE ::= NUMERIC STRING(SIZE(10))</artwork> <postamble>Corresponding(SIZE(10)) ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.100.4</spanx>.</postamble> </figure></t> <t><figure> <preamble>OGRNIP<tt>1.2.643.100.4</tt>.</t> <t keepWithNext="true">OGRNIP is the main state registration number of individualenterpreneursentrepreneurs (soletraders).</preamble> <artwork>OGRNIPtraders).</t> <sourcecode name="" type="asn.1"><![CDATA[OGRNIP ::= NUMERIC STRING(SIZE(15))</artwork> <postamble>Corresponding(SIZE(15)) ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.100.5</spanx>.</postamble> </figure></t> <t><figure> <preamble>IdentificationKind<tt>1.2.643.100.5</tt>.</t> <t keepWithNext="true">IdentificationKind represents the way the receiver of the certificate was identified by theCA.</preamble> <artwork>IdentificationKindCA.</t> <sourcecode name="" type="asn.1"><![CDATA[IdentificationKind ::= INTEGER { personal(0), remote-cert(1), remote-passport(2), remote-system(3)}</artwork> <postamble>Corresponding} ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.100.114</spanx>.</postamble> </figure></t> <t><figure> <preamble>INN<tt>1.2.643.100.114</tt>.</t> <t keepWithNext="true">INN is the individual taxpayer number(ITN).</preamble> <artwork>INN(ITN).</t> <sourcecode name="" type="asn.1"><![CDATA[INN ::= NUMERIC STRING(SIZE(12))</artwork> <postamble>Corresponding(SIZE(12)) ]]></sourcecode> <t keepWithPrevious="true">The corresponding OID is<spanx style="verb">1.2.643.3.131.1.1</spanx>.</postamble> </figure></t><tt>1.2.643.3.131.1.1</tt>.</t> </section> <sectiontitle="Certificate Policies"> <t>Russiannumbered="true" toc="default"> <name>Certificate Policies</name> <t>The Russian national regulation body for cryptography defines several security levels of cryptographic tools. Depending on the class of cryptographic token used by the certificateownerowner, the following OIDs must be includedintoin certificate policies.CertificateCertificates should includeOIDsOIDs, starting from the lowestone(KC1) up to the strongest applicable.<list style="symbols"> <t><spanx style="verb">1.2.643.100.113.1</spanx></t> <ul spacing="normal"> <li> <tt>1.2.643.100.113.1</tt> - classKC1,</t> <t><spanx style="verb">1.2.643.100.113.2</spanx>KC1</li> <li> <tt>1.2.643.100.113.2</tt> - classKC2,</t> <t><spanx style="verb">1.2.643.100.113.3</spanx>KC2</li> <li> <tt>1.2.643.100.113.3</tt> - classKC3,</t> <t><spanx style="verb">1.2.643.100.113.4</spanx>KC3</li> <li> <tt>1.2.643.100.113.4</tt> - classKB1,</t> <t><spanx style="verb">1.2.643.100.113.5</spanx>KB1</li> <li> <tt>1.2.643.100.113.5</tt> - classKB2,</t> <t><spanx style="verb">1.2.643.100.113.6</spanx>KB2</li> <li> <tt>1.2.643.100.113.6</tt> - classKA1.</t> </list></t>KA1</li> </ul> </section> <sectiontitle="Subjectnumbered="true" toc="default"> <name>Subject SignTool"> <t><figure><preamble>ToTool</name> <t keepWithNext="true">To denote the token or software type used by the certificateownerowner, the following non-critical<spanx style="verb">SubjectSignTool</spanx><tt>SubjectSignTool</tt> extension with OID<spanx style="verb">1.2.643.100.111</spanx><tt>1.2.643.100.111</tt> should be included. It is definedas</preamble> <artwork>SubjectSignToolas</t> <sourcecode name="" type="asn.1"><![CDATA[SubjectSignTool ::= UTF8String(SIZE(1..200)).</artwork> </figure></t>]]></sourcecode> </section> <sectiontitle="Issuernumbered="true" toc="default"> <name>Issuer SignTool"> <t><figure><preamble>ToTool</name> <t keepWithNext="true">To denote the tools used to generate keypairpairs and tools used by the CA to signcertificatecertificates, the following non-critical<spanx style="verb">IssuerSignTool</spanx><tt>IssuerSignTool</tt> extension with OID<spanx style="verb">1.2.643.100.112</spanx><tt>1.2.643.100.112</tt> should be included. It is definedas</preamble> <artwork>IssuerSignToolas</t> <sourcecode name="" type="asn.1"><![CDATA[IssuerSignTool ::= SEQUENCE { signTool UTF8String(SIZE(1..200)), cATool UTF8String(SIZE(1..200)), signToolCert UTF8String(SIZE(1..100)), cAToolCert UTF8String(SIZE(1..100))}</artwork> </figure></t> <t>where:<list style="symbols"> <t><spanx style="verb">signTool</spanx>} ]]></sourcecode> <t>where:</t> <ul spacing="normal"> <li> <tt>signTool</tt> identifies tools used to create keypair,</t> <t><spanx style="verb">cATool</spanx>pairs.</li> <li> <tt>cATool</tt> identifies tools used bycertificate authority,</t> <t><spanx style="verb">signToolCert</spanx>the CA.</li> <li> <tt>signToolCert</tt> and<spanx style="verb">cAToolCert</spanx><tt>cAToolCert</tt> contain the notice of the conformance of respective toolsconformanceto Russian federal law on digitalsignature.</t> </list></t>signatures.</li> </ul> </section> </section> <sectiontitle="Historical Considerations">numbered="true" toc="default"> <name>Historical Considerations</name> <t>Notethatthat, forthea significant period oftimetime, there were no documents describing<spanx style="verb">GostR3410-2012-PublicKeyParameters</spanx>.<tt>GostR3410-2012-PublicKeyParameters</tt>. Several old implementations have used<spanx style="verb">GostR3410-2001-PublicKeyParameters</spanx><tt>GostR3410-2001-PublicKeyParameters</tt> instead. These implementations will return an error if<spanx style="verb">digestParamSet</spanx>the <tt>digestParamSet</tt> field is not includedintoin public key parameters.ThusThus, an implementation wishing to collaborate with old implementations might want to include<spanx style="verb">digestParamSet</spanx><tt>digestParamSet</tt> equal to<spanx style="verb">id-tc26-digest-gost3411-12-512</spanx><tt>id-tc26-digest-gost3411-12-512</tt> if one of the following values is used as<spanx style="verb">publicKeyParamSet</spanx>: <list style="symbols"> <t><spanx style="verb">id-tc26-gost-3410-12-512-paramSetA</spanx>,</t> <t><spanx style="verb">id-tc26-gost-3410-12-512-paramSetB</spanx>.</t> </list></t> <t>Note,<tt>publicKeyParamSet</tt>: </t> <ul spacing="normal"> <li> <tt>id-tc26-gost-3410-12-512-paramSetA</tt></li> <li> <tt>id-tc26-gost-3410-12-512-paramSetB</tt></li> </ul> <t>Note that the usage of<spanx style="verb">keyEncipherment</spanx><tt>keyEncipherment</tt> and<spanx style="verb">dataEncipherment</spanx><tt>dataEncipherment</tt> values for the<spanx style="verb">KeyUsage</spanx><tt>KeyUsage</tt> extension is not fully defined for the GOST R 34.10-2012 public keys, so theySHOULD<bcp14>SHOULD</bcp14> be used with additional care.</t> </section> <section anchor="IANA"title="IANA Considerations">numbered="true" toc="default"> <name>IANA Considerations</name> <t>Thismemo includesdocument has norequest to IANA.</t>IANA actions.</t> </section> <sectiontitle="Security Considerations">numbered="true" toc="default"> <name>Security Considerations</name> <t>It isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that applications verify signature values and subject public keys to conform to the GOST R 34.10-2012 standard <xref target="GOSTR3410-2012"/> standard (<xrefformat="default"/> <xref target="RFC7091"/>)format="default"/> prior to their use.</t> <t>It isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that CAs and applications make sure that the private key for creating signatures is not used for more than its allowed validity period (typically 15 months for the GOST R 34.10-2012 algorithm).</t> <t>Test parameter sets(<spanx style="verb">id-GostR3410-2001-TestParamSet</spanx>(<tt>id-GostR3410-2001-TestParamSet</tt> and<spanx style="verb">id-tc26-gost-3410-2012-512-paramSetTest</spanx>) MUST NOT<tt>id-tc26-gost-3410-2012-512-paramSetTest</tt>) <bcp14>MUST NOT</bcp14> be used outside of testing scenarios.Use orThe use of parameter sets not described herein isNOT RECOMMENDED.<bcp14>NOT RECOMMENDED</bcp14>. When different parameters are used, it isRECOMMENDED<bcp14>RECOMMENDED</bcp14> that they be subjected to examination by an authorized agency with approved methods of cryptographic analysis.</t> <t>For securitydiscussiondiscussions concerning the use of algorithm parameters, see <xref target="ANS17"/>format="default"/> and the Security Considerations sections in <xref target="RFC4357"/>,format="default"/> and <xref target="RFC7836"/>.</t>format="default"/>.</t> </section> </middle> <back><references title="Normative References"> <?rfc include='reference.RFC.7091.xml'?> <?rfc include='reference.RFC.6986.xml'?> <?rfc include='reference.RFC.5280.xml'?> <?rfc include='reference.RFC.5652.xml'?> <?rfc include='reference.RFC.2119.xml'?> <?rfc include='reference.RFC.4357.xml'?> <?rfc include='reference.RFC.7836.xml'?> <?rfc include='reference.RFC.8174.xml'?><references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7091.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6986.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5280.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5652.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4357.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7836.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> </references><references title="Informative References"><references> <name>Informative References</name> <reference anchor="GOSTR3410-2012"> <front> <title> Information technology. Cryptographic data security. Signature and verification processes of [electronic] digital signature </title> <author> <organization> </organization> </author> <date year="2012"/> </front> <refcontent>GOST R 34.10-2012, Federal Agency on Technical Regulating andMetrology </organization> </author> <date year="2012"/> </front> <seriesInfo name="GOST R" value="34.10-2012"/>Metrology</refcontent> </reference> <reference anchor="GOSTR3411-2012"> <front> <title> Information technology. Cryptographic Data Security. Hashing function </title> <author> <organization> </organization> </author> <date year="2012"/> </front> <refcontent>GOST R 34.11-2012, Federal Agency on Technical Regulating andMetrology </organization> </author> <date year="2012"/> </front> <seriesInfo name="GOST R" value="34.11-2012"/>Metrology</refcontent> </reference> <reference anchor="ANS17"> <front> <title> On the security properties of Russian standardized ellipticcurves.curves </title> <author fullname="E.K. Alekseev" initials="E.K."surname="Alekseev" />surname="Alekseev"/> <author fullname="V.D. Nikolaev" initials="V.D."surname="Nikolaev" />surname="Nikolaev"/> <author fullname="S.V. Smyshlyaev" initials="S.V."surname="Smyshlyaev" />surname="Smyshlyaev"/> <date year="2018"/> </front><seriesInfo name="Mathematical<refcontent>Mathematical Aspects ofCryptography" value="9:3.Cryptography, 9:3, P.5-32."/>5-32</refcontent> <seriesInfo name="DOI"value="10.4213/mvk260" />value="10.4213/mvk260"/> </reference> </references> </references> <sectiontitle="GostR3410-2012-PKISyntax"> <t><figure><artwork><![CDATA[GostR3410-2012-PKISyntaxnumbered="true" toc="default"> <name>GostR3410-2012-PKISyntax</name> <sourcecode name="" type="asn.1"><![CDATA[GostR3410-2012-PKISyntax { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) modules(0)gostR3411-2012-PKISyntax(2)gostR3410-2012-PKISyntax(2) } DEFINITIONS ::= BEGIN -- EXPORTS All -- -- ASN.1 TC 26 root id-tc26 OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) } -- Signature algorithm id-tc26-sign OBJECT IDENTIFIER ::= { id-tc26 algorithms(1) sign(1) } -- Hash algorithm id-tc26-digest OBJECT IDENTIFIER ::= { id-tc26 algorithms(1) digest(2) } -- Public key identifiers id-tc26-sign-constants OBJECT IDENTIFIER ::= { id-tc26 constants(2) sign(1) } -- Public key algorithm GOST R 34.10-2012 /256 bits256-bit identifiers id-tc26-gost-3410-2012-256-constants OBJECT IDENTIFIER ::= { id-tc26-sign-constants gost-3410-2012-256(1) } -- Public key algorithm GOST R 34.10-2012 /512 bits512-bit identifiers id-tc26-gost-3410-2012-512-constants OBJECT IDENTIFIER ::= { id-tc26-sign-constants gost-3410-2012-512(2) } -- GOST R 34.10-2012 /256 bits256-bit signature algorithm id-tc26-gost3410-12-256 OBJECT IDENTIFIER ::= { id-tc26-sign gost3410-12-256(1) } -- GOST R 34.10-2012 /512 bits512-bit signature algorithm id-tc26-gost3410-12-512 OBJECT IDENTIFIER ::= { id-tc26-sign gost3410-12-512(2) } -- GOST R 34.11-2012 /256 bits256-bit hash algorithm id-tc26-gost3411-12-256 OBJECT IDENTIFIER ::= { id-tc26-digest gost3411-12-256(2)} -- GOST R 34.11-2012 /512 bits512-bit hash algorithm id-tc26-gost3411-12-512 OBJECT IDENTIFIER ::= { id-tc26-digest gost3411-12-512(3)} -- GOST R 34.10-2012 / GOST R 34.11-2012 sign/hash algorithm id-tc26-signwithdigest OBJECT IDENTIFIER ::= { id-tc26 algorithms(1) signwithdigest(3) } -- Signature & hash algorithm GOST R 34.10-2012 / 256 bits -- with GOST R 34.11-2012 id-tc26-signwithdigest-gost3410-12-256 OBJECT IDENTIFIER ::= { id-tc26-signwithdigest gost3410-12-256(2) } -- Signature & hash algorithm GOST R 34.10-2012 / 512 bits -- with GOST R 34.11-2012 id-tc26-signwithdigest-gost3410-12-512 OBJECT IDENTIFIER ::= { id-tc26-signwithdigest gost3410-12-512(3) } -- GOST R 34.10-2012 /256 bits Signature256-bit signature algorithmparameters ID:-- parameters identifier: "Set A" id-tc26-gost-3410-2012-256-paramSetA OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-256-constants paramSetA(1) } -- GOST R 34.10-2012 /256 bits256-bit signature algorithmparameters ID:-- parameters identifier: "Set B" id-tc26-gost-3410-2012-256-paramSetB OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-256-constants paramSetB(2) } -- GOST R 34.10-2012 /256 bits256-bit signature algorithmparameters ID:-- parameters identifier: "Set C" id-tc26-gost-3410-2012-256-paramSetC OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-256-constants paramSetC(3) } -- GOST R 34.10-2012 /256 bits256-bit signature algorithmparameters ID:-- parameters identifier: "Set D" id-tc26-gost-3410-2012-256-paramSetD OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-256-constants paramSetD(4) } -- GOST R 34.10-2012 /512 bits512-bit signature algorithmparameters ID:-- parameters identifier: "Test set" id-tc26-gost-3410-2012-512-paramSetTest OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-512-constants paramSetTest(0) } -- GOST R 34.10-2012 /512 bits512-bit signature algorithmparameters ID:-- parameters identifier: "Set A" id-tc26-gost-3410-2012-512-paramSetA OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-512-constants paramSetA(1) } -- GOST R 34.10-2012 /512 bits512-bit signature algorithmparameters ID:-- parameters identifier: "Set B" id-tc26-gost-3410-2012-512-paramSetB OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-512-constants paramSetB(2) } -- GOST R 34.10-2012 /512 bits512-bit signature algorithmparameters ID:-- parameters identifier: "Set C" id-tc26-gost-3410-2012-512-paramSetC OBJECT IDENTIFIER ::= { id-tc26-gost-3410-2012-512-constants paramSetC(3) } -- Public key GOST R 34.10-2012 / 256 bits GostR3410-2012-256-PublicKey ::= OCTET STRING (SIZE (64)) -- Public key GOST R 34.10-2012 / 512 bits GostR3410-2012-512-PublicKey ::= OCTET STRING (SIZE (128)) -- Public key GOST R 34.10-2012 GostR3410-2012-PublicKey ::= OCTET STRING (SIZE (64 | 128)) -- Public key parameters GOST R 34.10-2012 GostR3410-2012-PublicKeyParameters ::= SEQUENCE { publicKeyParamSet OBJECT IDENTIFIER, digestParamSet OBJECT IDENTIFIER OPTIONAL } END -- GostR3410-2012-PKISyntax]]></artwork></figure></t>]]></sourcecode> </section> <sectiontitle="GostR3410-2012-RuCertsSyntax"> <t><figure><artwork><![CDATA[RuStrongCertsSyntaxnumbered="true" toc="default"> <name>GostR3410-2012-RuStrongCertsSyntax</name> <sourcecode name="" type="asn.1"><![CDATA[RuStrongCertsSyntax { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) modules(0) ruStrongCertsSyntax(6) } DEFINITIONS ::= BEGIN -- EXPORTS All -- id-ca OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) ca(3) } id-fss OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) fss(100) } id-fns OBJECT IDENTIFIER ::= { id-ca fns(131) } -- The main state registration number of juridical entities. OGRN ::= NumericString(SIZE (13)) id-OGRN OBJECT IDENTIFIER ::= { id-fss ogrn(1) } -- The individual insurance accountnumbernumber. SNILS ::= NumericString(SIZE (11)) id-SNILS OBJECT IDENTIFIER ::= { id-fss snils(3) } -- The main state registration number of -- individualenterpreneursentrepreneurs (sole traders). OGRNIP ::= NumericString(SIZE (15)) id-OGRNIP OBJECT IDENTIFIER ::= { id-fss ogrnip(5) } id-class OBJECT IDENTIFIER ::= { id-fss class(113) } id-class-kc1 OBJECT IDENTIFIER ::= { id-class kc1(1) } id-class-kc2 OBJECT IDENTIFIER ::= { id-class kc2(2) } id-class-kc3 OBJECT IDENTIFIER ::= { id-class kc3(3) } id-class-kb1 OBJECT IDENTIFIER ::= { id-class kb1(4) } id-class-kb2 OBJECT IDENTIFIER ::= { id-class kb2(5) } id-class-ka OBJECT IDENTIFIER ::= { id-class ka(6) } -- The individual taxpayer number (ITN). INN ::= NumericString(SIZE (12)) id-INN OBJECT IDENTIFIER ::= { id-fns ids(1) inn(1) } -- The organization taxpayer number (OTN). INNLE ::= NumericString(SIZE (10)) id-INNLE OBJECT IDENTIFIER ::= { id-fss innle(4) } -- The token or software type used by the certificateownerowner. SubjectSignTool ::= UTF8String(SIZE(1..200)) id-SubjectSignTool OBJECT IDENTIFIER ::= { id-fss subjectSignTool(111) } --theThe tools used to generate keypairpairs and tools used byCA-- the CA to signcertificatecertificates. IssuerSignTool ::= SEQUENCE { signTool UTF8String(SIZE(1..200)), cATool UTF8String(SIZE(1..200)), signToolCert UTF8String(SIZE(1..100)), cAToolCert UTF8String(SIZE(1..100)) } id-IssuerSignTool OBJECT IDENTIFIER ::= { id-fss issuerSignTool(112) } -- The method of identifying the owner, when it applies/receives -- the certificate in theCACA. IdentificationKind ::= INTEGER { personal(0), remote-cert(1), remote-passport(2), remote-system(3) } id-IdentificationKind OBJECT IDENTIFIER ::= { id-fss identificationKind(114) } END -- RuStrongCertsSyntax]]></artwork></figure></t>]]></sourcecode> </section> <sectiontitle="Public key Parameters" anchor="pkparamsBCD">anchor="pkparamsBCD" numbered="true" toc="default"> <name>Public Key Parameters</name> <t>Here we define three newobject identifiersOIDs for three existing public key parameter sets defined in <xref target="RFC4357"/>.format="default"/>. Theseobject identifiers MUSTOIDs <bcp14>MUST</bcp14> be used with GOST R 34.10-2012 public keys only.</t><t><figure><artwork><![CDATA[id-tc26-gost-3410-2012-256-paramSetB<sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost-3410-2012-256-paramSetB OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) constants(2) sign-constants(1) gost-3410-12-256-constants(1)paramSetB(2)}]]></artwork></figure></t>paramSetB(2)} ]]></sourcecode> <t>The elliptic curve of this parameter set is the same as that ofid-GostR3410-2001-CryptoPro-A-ParamSet<tt>id-GostR3410-2001-CryptoPro-A-ParamSet</tt> (andid-GostR3410-2001-CryptoPro-XchA-ParamSet)<tt>id-GostR3410-2001-CryptoPro-XchA-ParamSet</tt>), which can be found in <xref target="RFC4357"/>.</t> <t><figure><artwork><![CDATA[id-tc26-gost-3410-2012-256-paramSetCformat="default"/>. </t> <sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost-3410-2012-256-paramSetC OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) constants(2) sign-constants(1) gost-3410-12-256-constants(1)paramSetC(3)}]]></artwork></figure></t>paramSetC(3)} ]]></sourcecode> <t>The elliptic curve of this parameter set is the same as that ofid-GostR3410-2001-CryptoPro-B-ParamSet<tt>id-GostR3410-2001-CryptoPro-B-ParamSet</tt>, which can be found in <xref target="RFC4357"/>.</t> <t><figure><artwork><![CDATA[id-tc26-gost-3410-2012-256-paramSetDformat="default"/>.</t> <sourcecode name="" type="asn.1"><![CDATA[id-tc26-gost-3410-2012-256-paramSetD OBJECT IDENTIFIER ::= { iso(1) member-body(2) ru(643) rosstandart(7) tc26(1) constants(2) sign-constants(1) gost-3410-12-256-constants(1)paramSetD(4)}]]></artwork></figure></t>paramSetD(4)} ]]></sourcecode> <t>The elliptic curve of this parameter set is the same as that ofid-GostR3410-2001-CryptoPro-C-ParamSet<tt>id-GostR3410-2001-CryptoPro-C-ParamSet</tt> (andid-GostR3410-2001-CryptoPro-XchB-ParamSet)<tt>id-GostR3410-2001-CryptoPro-XchB-ParamSet</tt>), which can be found in <xref target="RFC4357"/>.</t>format="default"/>.</t> </section> <sectiontitle="Test Examples">numbered="true" toc="default"> <name>Test Examples</name> <sectiontitle="GOSTnumbered="true" toc="default"> <name>GOST R 34.10-2001 Test Parameters(256 Bit(256-Bit Private KeyLength)">Length)</name> <t>This example uses the curve defined inSection 7.1 of<xref target="RFC7091"/>.</t> <t><figure><preamble>PrivatesectionFormat="of" section="7.1"/>.</t> <t keepWithNext="true">The private keyis</preamble> <artwork>dis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[d =0x7A929ADE789BB9BE10ED359DD39A72C11B60961F49397EEE1D19CE9891EC3B28</artwork> </figure></t> <t><figure><preamble>Public0x7A929ADE789BB9BE10ED359DD39A72C1\\ 1B60961F49397EEE1D19CE9891EC3B28 ]]></artwork> <t keepWithNext="true">The public keyis</preamble> <artwork>Xis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[X =0x7F2B49E270DB6D90D8595BEC458B50C58585BA1D4E9B788F6689DBD8E56FD80B0x7F2B49E270DB6D90D8595BEC458B50C5\\ 8585BA1D4E9B788F6689DBD8E56FD80B Y =0x26F1B489D6701DD185C8413A977B3CBBAF64D1C593D26627DFFB101A87FF77DA</artwork> </figure></t>0x26F1B489D6701DD185C8413A977B3CBB\\ AF64D1C593D26627DFFB101A87FF77DA ]]></artwork> <sectiontitle="Certificate Request"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate Request</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE REQUEST----- MIHTMIGBAgEAMBIxEDAOBgNVBAMTB0V4YW1wbGUwZjAfBggqhQMHAQEBATATBgcq hQMCAiMABggqhQMHAQECAgNDAARAC9hv5djbiWaPeJtOHbqFhcVQi0XsW1nYkG3b cOJJK3/ad/+HGhD73ydm0pPF0WSvuzx7lzpByIXRHXDWibTxJqAAMAoGCCqFAwcB AQMCA0EAaqqzjjXUqqUXlAMBeZEi2FVIT1efTLuW1jzf3zrMQypBqijS8asUgoDN ntVv7aQZdAU1VKQnZ7g60EP9OdwEkw== -----END CERTIFICATE REQUEST----- 0 211: SEQUENCE { 3 129: SEQUENCE { 6 1: INTEGER 0 9 18: SEQUENCE { 11 16: SET { 13 14: SEQUENCE { 15 3: OBJECT IDENTIFIER commonName (2 5 4 3) 20 7: PrintableString 'Example' : } : } : } 29 102: SEQUENCE { 31 31: SEQUENCE { 33 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 1' 43 19: SEQUENCE { 45 7: OBJECT IDENTIFIERtestSignParams (1'1 2 643 2 2 350)0' 54 8: OBJECT IDENTIFIER '1 2 643 7 1 1 2 2' : } : } 64 67: BIT STRING, encapsulates { 67 64: OCTET STRING : 0B D8 6F E5 D8 DB 89 66 8F 78 9B 4E 1D BA 85 85 : C5 50 8B 45 EC 5B 59 D8 90 6D DB 70 E2 49 2B 7F : DA 77 FF 87 1A 10 FB DF 27 66 D2 93 C5 D1 64 AF : BB 3C 7B 97 3A 41 C8 85 D1 1D 70 D6 89 B4 F1 26 : } : } 133 0: [0] {} : } 135 10: SEQUENCE { 137 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 147 65: BIT STRING : 6A AA B3 8E 35 D4 AA A5 17 94 03 01 79 91 22 D8 : 55 48 4F 57 9F 4C BB 96 D6 3C DF DF 3A CC 43 2A : 41 AA 28 D2 F1 AB 14 82 80 CD 9E D5 6F ED A4 19 : 74 05 35 54 A4 27 67 B8 3A D0 43 FD 39 DC 04 93 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificate"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE----- MIIBLTCB26ADAgECAgEKMAoGCCqFAwcBAQMCMBIxEDAOBgNVBAMTB0V4YW1wbGUw IBcNMDEwMTAxMDAwMDAwWhgPMjA1MDEyMzEwMDAwMDBaMBIxEDAOBgNVBAMTB0V4 YW1wbGUwZjAfBggqhQMHAQEBATATBgcqhQMCAiMABggqhQMHAQECAgNDAARAC9hv 5djbiWaPeJtOHbqFhcVQi0XsW1nYkG3bcOJJK3/ad/+HGhD73ydm0pPF0WSvuzx7 lzpByIXRHXDWibTxJqMTMBEwDwYDVR0TAQH/BAUwAwEB/zAKBggqhQMHAQEDAgNB AE1T8BL+CBd2UH1Nm7gfAO/bTu/Uq4O6xLrPc1Fzz6gcQaoo0vGrFIKAzZ7Vb+2k GXQFNVSkJ2e4OtBD/TncBJM= -----END CERTIFICATE----- 0 301: SEQUENCE { 4 219: SEQUENCE { 7 3: [0] { 9 1: INTEGER 2 : } 12 1: INTEGER 10 15 10: SEQUENCE { 17 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 27 18: SEQUENCE { 29 16: SET { 31 14: SEQUENCE { 33 3: OBJECT IDENTIFIER commonName (2 5 4 3) 38 7: PrintableString 'Example' : } : } : } 47 32: SEQUENCE { 49 13: UTCTime 01/01/2001 00:00:00 GMT 64 15: GeneralizedTime 31/12/2050 00:00:00 GMT : } 81 18: SEQUENCE { 83 16: SET { 85 14: SEQUENCE { 87 3: OBJECT IDENTIFIER commonName (2 5 4 3) 92 7: PrintableString 'Example' : } : } : } 101 102: SEQUENCE { 103 31: SEQUENCE { 105 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 1' 115 19: SEQUENCE { 117 7: OBJECT IDENTIFIERtestSignParams (1'1 2 643 2 2 350)0' 126 8: OBJECT IDENTIFIER '1 2 643 7 1 1 2 2' : } : } 136 67: BIT STRING, encapsulates { 139 64: OCTET STRING : 0B D8 6F E5 D8 DB 89 66 8F 78 9B 4E 1D BA 85 85 : C5 50 8B 45 EC 5B 59 D8 90 6D DB 70 E2 49 2B 7F : DA 77 FF 87 1A 10 FB DF 27 66 D2 93 C5 D1 64 AF : BB 3C 7B 97 3A 41 C8 85 D1 1D 70 D6 89 B4 F1 26 : } : } 205 19: [3] { 207 17: SEQUENCE { 209 15: SEQUENCE { 211 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 216 1: BOOLEAN TRUE 219 5: OCTET STRING, encapsulates { 221 3: SEQUENCE { 223 1: BOOLEAN TRUE : } : } : } : } : } : } 226 10: SEQUENCE { 228 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 238 65: BIT STRING : 4D 53 F0 12 FE 08 17 76 50 7D 4D 9B B8 1F 00 EF : DB 4E EF D4 AB 83 BA C4 BA CF 73 51 73 CF A8 1C : 41 AA 28 D2 F1 AB 14 82 80 CD 9E D5 6F ED A4 19 : 74 05 35 54 A4 27 67 B8 3A D0 43 FD 39 DC 04 93 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificatenumbered="true" toc="default"> <name>Certificate RevocationList"> <t><figure><artwork><![CDATA[List</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN X509 CRL----- MIGSMEECAQEwCgYIKoUDBwEBAwIwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAgNBAEK/OSoU0+vpV68+ RstQv19CIaADrT0XJ1PJSpw3ox0gQaoo0vGrFIKAzZ7Vb+2kGXQFNVSkJ2e4OtBD /TncBJM= -----END X509 CRL----- 0 146: SEQUENCE { 3 65: SEQUENCE { 5 1: INTEGER 1 8 10: SEQUENCE { 10 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 20 18: SEQUENCE { 22 16: SET { 24 14: SEQUENCE { 26 3: OBJECT IDENTIFIER commonName (2 5 4 3) 31 7: PrintableString 'Example' : } : } : } 40 13: UTCTime 01/01/2014 00:00:00 GMT 55 13: UTCTime 02/01/2014 00:00:00 GMT : } 70 10: SEQUENCE { 72 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 82 65: BIT STRING : 42 BF 39 2A 14 D3 EB E9 57 AF 3E 46 CB 50 BF 5F : 42 21 A0 03 AD 3D 17 27 53 C9 4A 9C 37 A3 1D 20 : 41 AA 28 D2 F1 AB 14 82 80 CD 9E D5 6F ED A4 19 : 74 05 35 54 A4 27 67 B8 3A D0 43 FD 39 DC 04 93 :}]]></artwork></figure></t>} ]]></sourcecode> </section> </section> <sectiontitle="GOSTnumbered="true" toc="default"> <name>GOST R 34.10-2012 TC26-256-A Parameters(256 Bit(256-Bit Private KeyLength)">Length)</name> <t>This example uses the curve defined inSection A.2 of<xref target="RFC7836"/>.</t> <t><figure><preamble>PrivatesectionFormat="of" section="A.2"/>.</t> <t keepWithNext="true">The private keyis</preamble> <artwork>dis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[d =0x3A929ADE789BB9BE10ED359DD39A72C10B87C83F80BE18B85C041F4325B62EC1</artwork> </figure></t> <t><figure><preamble>Public0x3A929ADE789BB9BE10ED359DD39A72C1\\ 0B87C83F80BE18B85C041F4325B62EC1 ]]></artwork> <t keepWithNext="true">The public keyis</preamble> <artwork>Xis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[X =0x99C3DF265EA59350640BA69D1DE04418AF3FEA03EC0F85F2DD84E8BED49527740x99C3DF265EA59350640BA69D1DE04418\\ AF3FEA03EC0F85F2DD84E8BED4952774 Y =0xE218631A69C47C122E2D516DA1C09E6BD19344D94389D1F16C0C4D4DCF96F578</artwork> </figure></t>0xE218631A69C47C122E2D516DA1C09E6B\\ D19344D94389D1F16C0C4D4DCF96F578 ]]></artwork> <sectiontitle="Certificate Request"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate Request</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE REQUEST----- MIHKMHkCAQAwEjEQMA4GA1UEAxMHRXhhbXBsZTBeMBcGCCqFAwcBAQEBMAsGCSqF AwcBAgEBAQNDAARAdCeV1L7ohN3yhQ/sA+o/rxhE4B2dpgtkUJOlXibfw5l49ZbP TU0MbPHRiUPZRJPRa57AoW1RLS4SfMRpGmMY4qAAMAoGCCqFAwcBAQMCA0EAG9wq Exdnm2YjL2PqFv98ZMyqua2FX8bhgJFmHbedSBIdDh2lvjR8bxtSVseurCAK1krH em9bOg4Jcxjnrm7naQ== -----END CERTIFICATE REQUEST----- 0 202: SEQUENCE { 3 121: SEQUENCE { 5 1: INTEGER 0 8 18: SEQUENCE { 10 16: SET { 12 14: SEQUENCE { 14 3: OBJECT IDENTIFIER commonName (2 5 4 3) 19 7: PrintableString 'Example' : } : } : } 28 94: SEQUENCE { 30 23: SEQUENCE { 32 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 1' 42 11: SEQUENCE { 44 9: OBJECT IDENTIFIER '1 2 643 7 1 2 1 1 1' : } : } 55 67: BIT STRING, encapsulates { 58 64: OCTET STRING : 74 27 95 D4 BE E8 84 DD F2 85 0F EC 03 EA 3F AF : 18 44 E0 1D 9D A6 0B 64 50 93 A5 5E 26 DF C3 99 : 78 F5 96 CF 4D 4D 0C 6C F1 D1 89 43 D9 44 93 D1 : 6B 9E C0 A1 6D 51 2D 2E 12 7C C4 69 1A 63 18 E2 : } : } 124 0: [0] {} : } 126 10: SEQUENCE { 128 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 138 65: BIT STRING : 1B DC 2A 13 17 67 9B 66 23 2F 63 EA 16 FF 7C 64 : CC AA B9 AD 85 5F C6 E1 80 91 66 1D B7 9D 48 12 : 1D 0E 1D A5 BE 34 7C 6F 1B 52 56 C7 AE AC 20 0A : D6 4A C7 7A 6F 5B 3A 0E 09 73 18 E7 AE 6E E7 69 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificate"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE----- MIIBJTCB06ADAgECAgEKMAoGCCqFAwcBAQMCMBIxEDAOBgNVBAMTB0V4YW1wbGUw IBcNMDEwMTAxMDAwMDAwWhgPMjA1MDEyMzEwMDAwMDBaMBIxEDAOBgNVBAMTB0V4 YW1wbGUwXjAXBggqhQMHAQEBATALBgkqhQMHAQIBAQEDQwAEQHQnldS+6ITd8oUP 7APqP68YROAdnaYLZFCTpV4m38OZePWWz01NDGzx0YlD2UST0WuewKFtUS0uEnzE aRpjGOKjEzARMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoUDBwEBAwIDQQAUC02pEksJ yw1c6Sjuh0JzoxASlJLsDik2njt5EkhXjB0OHaW+NHxvG1JWx66sIArWSsd6b1s6 DglzGOeubudp -----END CERTIFICATE----- 0 293: SEQUENCE { 4 211: SEQUENCE { 7 3: [0] { 9 1: INTEGER 2 : } 12 1: INTEGER 10 15 10: SEQUENCE { 17 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 27 18: SEQUENCE { 29 16: SET { 31 14: SEQUENCE { 33 3: OBJECT IDENTIFIER commonName (2 5 4 3) 38 7: PrintableString 'Example' : } : } : } 47 32: SEQUENCE { 49 13: UTCTime 01/01/2001 00:00:00 GMT 64 15: GeneralizedTime 31/12/2050 00:00:00 GMT : } 81 18: SEQUENCE { 83 16: SET { 85 14: SEQUENCE { 87 3: OBJECT IDENTIFIER commonName (2 5 4 3) 92 7: PrintableString 'Example' : } : } : } 101 94: SEQUENCE { 103 23: SEQUENCE { 105 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 1' 115 11: SEQUENCE { 117 9: OBJECT IDENTIFIER '1 2 643 7 1 2 1 1 1' : } : } 128 67: BIT STRING, encapsulates { 131 64: OCTET STRING : 74 27 95 D4 BE E8 84 DD F2 85 0F EC 03 EA 3F AF : 18 44 E0 1D 9D A6 0B 64 50 93 A5 5E 26 DF C3 99 : 78 F5 96 CF 4D 4D 0C 6C F1 D1 89 43 D9 44 93 D1 : 6B 9E C0 A1 6D 51 2D 2E 12 7C C4 69 1A 63 18 E2 : } : } 197 19: [3] { 199 17: SEQUENCE { 201 15: SEQUENCE { 203 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 208 1: BOOLEAN TRUE 211 5: OCTET STRING, encapsulates { 213 3: SEQUENCE { 215 1: BOOLEAN TRUE : } : } : } : } : } : } 218 10: SEQUENCE { 220 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 230 65: BIT STRING : 14 0B 4D A9 12 4B 09 CB 0D 5C E9 28 EE 87 42 73 : A3 10 12 94 92 EC 0E 29 36 9E 3B 79 12 48 57 8C : 1D 0E 1D A5 BE 34 7C 6F 1B 52 56 C7 AE AC 20 0A : D6 4A C7 7A 6F 5B 3A 0E 09 73 18 E7 AE 6E E7 69 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificatenumbered="true" toc="default"> <name>Certificate RevocationList"> <t><figure><artwork><![CDATA[List</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN X509 CRL----- MIGSMEECAQEwCgYIKoUDBwEBAwIwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAgNBABS9aAh8O5A8eqKL B/6y571v4JY/VjJnNZ9c2Oq0UFmtHQ4dpb40fG8bUlbHrqwgCtZKx3pvWzoOCXMY 565u52k= -----END X509 CRL----- 0 146: SEQUENCE { 3 65: SEQUENCE { 5 1: INTEGER 1 8 10: SEQUENCE { 10 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 20 18: SEQUENCE { 22 16: SET { 24 14: SEQUENCE { 26 3: OBJECT IDENTIFIER commonName (2 5 4 3) 31 7: PrintableString 'Example' : } : } : } 40 13: UTCTime 01/01/2014 00:00:00 GMT 55 13: UTCTime 02/01/2014 00:00:00 GMT : } 70 10: SEQUENCE { 72 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 2' : } 82 65: BIT STRING : 14 BD 68 08 7C 3B 90 3C 7A A2 8B 07 FE B2 E7 BD : 6F E0 96 3F 56 32 67 35 9F 5C D8 EA B4 50 59 AD : 1D 0E 1D A5 BE 34 7C 6F 1B 52 56 C7 AE AC 20 0A : D6 4A C7 7A 6F 5B 3A 0E 09 73 18 E7 AE 6E E7 69 :}]]></artwork></figure></t>} ]]></sourcecode> </section> </section> <sectiontitle="GOSTnumbered="true" toc="default"> <name>GOST R 34.10-2012 Test Parameters(512 Bit(512-Bit Private KeyLength)">Length)</name> <t>This example uses the curve defined in <xref target="curve512test"/>.</t> <t><figure><preamble>Privateformat="default"/>.</t> <t keepWithNext="true">The private keyis</preamble> <artwork>dis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[d =0x0BA6048AADAE241BA40936D47756D7C93091A0E8514669700EE7508E508B1020\\ 72E8123B2200A0563322DAD2827E2714A2636B7BFD18AADFC62967821FA18DD4</artwork> </figure></t> <t><figure><preamble>Public0x0BA6048AADAE241BA40936D47756D7C9\\ 3091A0E8514669700EE7508E508B1020\\ 72E8123B2200A0563322DAD2827E2714\\ A2636B7BFD18AADFC62967821FA18DD4 ]]></artwork> <t keepWithNext="true">The public keyis</preamble> <artwork>Xis</t> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[X =0x115DC5BC96760C7B48598D8AB9E740D4C4A85A65BE33C1815B5C320C854621DD\\ 5A515856D13314AF69BC5B924C8B4DDFF75C45415C1D9DD9DD33612CD530EFE10x115DC5BC96760C7B48598D8AB9E740D4\\ C4A85A65BE33C1815B5C320C854621DD\\ 5A515856D13314AF69BC5B924C8B4DDF\\ F75C45415C1D9DD9DD33612CD530EFE1 Y =0x37C7C90CD40B0F5621DC3AC1B751CFA0E2634FA0503B3D52639F5D7FB72AFD61\\ EA199441D943FFE7F0C70A2759A3CDB84C114E1F9339FDF27F35ECA93677BEEC</artwork> </figure></t>0x37C7C90CD40B0F5621DC3AC1B751CFA0\\ E2634FA0503B3D52639F5D7FB72AFD61\\ EA199441D943FFE7F0C70A2759A3CDB8\\ 4C114E1F9339FDF27F35ECA93677BEEC ]]></artwork> <sectiontitle="Certificate Request"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate Request</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE REQUEST----- MIIBTzCBvAIBADASMRAwDgYDVQQDEwdFeGFtcGxlMIGgMBcGCCqFAwcBAQECMAsG CSqFAwcBAgECAAOBhAAEgYDh7zDVLGEz3dmdHVxBRVz3302LTJJbvGmvFDPRVlhR Wt0hRoUMMlxbgcEzvmVaqMTUQOe5io1ZSHsMdpa8xV0R7L53NqnsNX/y/TmTH04R TLjNo1knCsfw5/9D2UGUGeph/Sq3f12fY1I9O1CgT2PioM9Rt8E63CFWDwvUDMnH N6AAMAoGCCqFAwcBAQMDA4GBAEM7HWzkClHx5XN+sWqixoOCmkBbnZEn4hJg/J1q wF2HvyTibEUnilwhkqdbqUmTq9YHTn/xvwP9L1OXr6HZRVgvhvpgoIEJGiPdeV4e PGie5RKjyC7g3MJkPHjuqPys01SSVYSGsg8cnsGXyQaZhQJgyTvLzZxcMxfhk0Th c642 -----END CERTIFICATE REQUEST----- 0 335: SEQUENCE { 4 188: SEQUENCE { 7 1: INTEGER 0 10 18: SEQUENCE { 12 16: SET { 14 14: SEQUENCE { 16 3: OBJECT IDENTIFIER commonName (2 5 4 3) 21 7: PrintableString 'Example' : } : } : } 30 160: SEQUENCE { 33 23: SEQUENCE { 35 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 2' 45 11: SEQUENCE { 47 9: OBJECT IDENTIFIER '1 2 643 7 1 2 1 2 0' : } : } 58 132: BIT STRING, encapsulates { 62 128: OCTET STRING : E1 EF 30 D5 2C 61 33 DD D9 9D 1D 5C 41 45 5C F7 : DF 4D 8B 4C 92 5B BC 69 AF 14 33 D1 56 58 51 5A : DD 21 46 85 0C 32 5C 5B 81 C1 33 BE 65 5A A8 C4 : D4 40 E7 B9 8A 8D 59 48 7B 0C 76 96 BC C5 5D 11 : EC BE 77 36 A9 EC 35 7F F2 FD 39 93 1F 4E 11 4C : B8 CD A3 59 27 0A C7 F0 E7 FF 43 D9 41 94 19 EA : 61 FD 2A B7 7F 5D 9F 63 52 3D 3B 50 A0 4F 63 E2 : A0 CF 51 B7 C1 3A DC 21 56 0F 0B D4 0C C9 C7 37 : } : } 193 0: [0] {} : } 195 10: SEQUENCE { 197 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 3' : } 207 129: BIT STRING : 43 3B 1D 6C E4 0A 51 F1 E5 73 7E B1 6A A2 C6 83 : 82 9A 40 5B 9D 91 27 E2 12 60 FC 9D 6A C0 5D 87 : BF 24 E2 6C 45 27 8A 5C 21 92 A7 5B A9 49 93 AB : D6 07 4E 7F F1 BF 03 FD 2F 53 97 AF A1 D9 45 58 : 2F 86 FA 60 A0 81 09 1A 23 DD 79 5E 1E 3C 68 9E : E5 12 A3 C8 2E E0 DC C2 64 3C 78 EE A8 FC AC D3 : 54 92 55 84 86 B2 0F 1C 9E C1 97 C9 06 99 85 02 : 60 C9 3B CB CD 9C 5C 33 17 E1 93 44 E1 73 AE 36 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificate"> <t><figure><artwork><![CDATA[numbered="true" toc="default"> <name>Certificate</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN CERTIFICATE----- MIIBqjCCARagAwIBAgIBCzAKBggqhQMHAQEDAzASMRAwDgYDVQQDEwdFeGFtcGxl MCAXDTAxMDEwMTAwMDAwMFoYDzIwNTAxMjMxMDAwMDAwWjASMRAwDgYDVQQDEwdF eGFtcGxlMIGgMBcGCCqFAwcBAQECMAsGCSqFAwcBAgECAAOBhAAEgYDh7zDVLGEz 3dmdHVxBRVz3302LTJJbvGmvFDPRVlhRWt0hRoUMMlxbgcEzvmVaqMTUQOe5io1Z SHsMdpa8xV0R7L53NqnsNX/y/TmTH04RTLjNo1knCsfw5/9D2UGUGeph/Sq3f12f Y1I9O1CgT2PioM9Rt8E63CFWDwvUDMnHN6MTMBEwDwYDVR0TAQH/BAUwAwEB/zAK BggqhQMHAQEDAwOBgQBBVwPYkvGl8/aMQ1MYmn7iB7gLVjHvnUlSmk1rVCws+hWq LqzxH0cP3n2VSFaQPDX9j5Ve8wDZXHdTSnJKDu5wL4b6YKCBCRoj3XleHjxonuUS o8gu4NzCZDx47qj8rNNUklWEhrIPHJ7Bl8kGmYUCYMk7y82cXDMX4ZNE4XOuNg== -----END CERTIFICATE----- 0 426: SEQUENCE { 4 278: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 1: INTEGER 11 16 10: SEQUENCE { 18 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 3' : } 28 18: SEQUENCE { 30 16: SET { 32 14: SEQUENCE { 34 3: OBJECT IDENTIFIER commonName (2 5 4 3) 39 7: PrintableString 'Example' : } : } : } 48 32: SEQUENCE { 50 13: UTCTime 01/01/2001 00:00:00 GMT 65 15: GeneralizedTime 31/12/2050 00:00:00 GMT : } 82 18: SEQUENCE { 84 16: SET { 86 14: SEQUENCE { 88 3: OBJECT IDENTIFIER commonName (2 5 4 3) 93 7: PrintableString 'Example' : } : } : } 102 160: SEQUENCE { 105 23: SEQUENCE { 107 8: OBJECT IDENTIFIER '1 2 643 7 1 1 1 2' 117 11: SEQUENCE { 119 9: OBJECT IDENTIFIER '1 2 643 7 1 2 1 2 0' : } : } 130 132: BIT STRING, encapsulates { 134 128: OCTET STRING : E1 EF 30 D5 2C 61 33 DD D9 9D 1D 5C 41 45 5C F7 : DF 4D 8B 4C 92 5B BC 69 AF 14 33 D1 56 58 51 5A : DD 21 46 85 0C 32 5C 5B 81 C1 33 BE 65 5A A8 C4 : D4 40 E7 B9 8A 8D 59 48 7B 0C 76 96 BC C5 5D 11 : EC BE 77 36 A9 EC 35 7F F2 FD 39 93 1F 4E 11 4C : B8 CD A3 59 27 0A C7 F0 E7 FF 43 D9 41 94 19 EA : 61 FD 2A B7 7F 5D 9F 63 52 3D 3B 50 A0 4F 63 E2 : A0 CF 51 B7 C1 3A DC 21 56 0F 0B D4 0C C9 C7 37 : } : } 265 19: [3] { 267 17: SEQUENCE { 269 15: SEQUENCE { 271 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 276 1: BOOLEAN TRUE 279 5: OCTET STRING, encapsulates { 281 3: SEQUENCE { 283 1: BOOLEAN TRUE : } : } : } : } : } : } 286 10: SEQUENCE { 288 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 3' : } 298 129: BIT STRING : 41 57 03 D8 92 F1 A5 F3 F6 8C 43 53 18 9A 7E E2 : 07 B8 0B 56 31 EF 9D 49 52 9A 4D 6B 54 2C 2C FA : 15 AA 2E AC F1 1F 47 0F DE 7D 95 48 56 90 3C 35 : FD 8F 95 5E F3 00 D9 5C 77 53 4A 72 4A 0E EE 70 : 2F 86 FA 60 A0 81 09 1A 23 DD 79 5E 1E 3C 68 9E : E5 12 A3 C8 2E E0 DC C2 64 3C 78 EE A8 FC AC D3 : 54 92 55 84 86 B2 0F 1C 9E C1 97 C9 06 99 85 02 : 60 C9 3B CB CD 9C 5C 33 17 E1 93 44 E1 73 AE 36 :}]]></artwork></figure></t>} ]]></sourcecode> </section> <sectiontitle="Certificatenumbered="true" toc="default"> <name>Certificate RevocationList"> <t><figure><artwork><![CDATA[List</name> <sourcecode name="" type="asn.1"><![CDATA[ -----BEGIN X509 CRL----- MIHTMEECAQEwCgYIKoUDBwEBAwMwEjEQMA4GA1UEAxMHRXhhbXBsZRcNMTQwMTAx MDAwMDAwWhcNMTQwMTAyMDAwMDAwWjAKBggqhQMHAQEDAwOBgQA6E/t67NtVYO72 E3z8XdZGkXMuv7NpCh/Ax+ik7uoIMH1kjU3AmGxGqHs/vkx69C6jQ1nHlZVMo5/z q77ZBR9NL4b6YKCBCRoj3XleHjxonuUSo8gu4NzCZDx47qj8rNNUklWEhrIPHJ7B l8kGmYUCYMk7y82cXDMX4ZNE4XOuNg== -----END X509 CRL----- 0 211: SEQUENCE { 3 65: SEQUENCE { 5 1: INTEGER 1 8 10: SEQUENCE { 10 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 3' : } 20 18: SEQUENCE { 22 16: SET { 24 14: SEQUENCE { 26 3: OBJECT IDENTIFIER commonName (2 5 4 3) 31 7: PrintableString 'Example' : } : } : } 40 13: UTCTime 01/01/2014 00:00:00 GMT 55 13: UTCTime 02/01/2014 00:00:00 GMT : } 70 10: SEQUENCE { 72 8: OBJECT IDENTIFIER '1 2 643 7 1 1 3 3' : } 82 129: BIT STRING : 3A 13 FB 7A EC DB 55 60 EE F6 13 7C FC 5D D6 46 : 91 73 2E BF B3 69 0A 1F C0 C7 E8 A4 EE EA 08 30 : 7D 64 8D 4D C0 98 6C 46 A8 7B 3F BE 4C 7A F4 2E : A3 43 59 C7 95 95 4C A3 9F F3 AB BE D9 05 1F 4D : 2F 86 FA 60 A0 81 09 1A 23 DD 79 5E 1E 3C 68 9E : E5 12 A3 C8 2E E0 DC C2 64 3C 78 EE A8 FC AC D3 : 54 92 55 84 86 B2 0F 1C 9E C1 97 C9 06 99 85 02 : 60 C9 3B CB CD 9C 5C 33 17 E1 93 44 E1 73 AE 36 :}]]></artwork></figure></t>} ]]></sourcecode> </section> </section> </section> <section anchor="curve512test"title="GOSTnumbered="true" toc="default"> <name>GOST R 34.10-2012 Test Parameters (CurveDefinition)">Definition)</name> <t>The following parameters must be used for digital signature generation and verification.</t> <sectiontitle="Ellipticnumbered="true" toc="default"> <name>Elliptic CurveModulus">Modulus</name> <t>The following value is assigned to parameter p in this example:</t><t><figure><artwork>p<artwork name="" type="ascii-art" align="left" alt=""><![CDATA[p = 36239861022290036359077887536838743060213209255346786050\\8654615045085616662400248258848202227149685402509082360305\\ 8735163734263822371964987228582907372403,</artwork></figure></t> <t><figure><artwork>p86546150450856166624002482588482022271496854025090823603\\ 058735163734263822371964987228582907372403 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[p =0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C09B5D2D15D\\ F1D852741AF4704A0458047E80E4546D35B8336FAC224DD81664BBF528BE6373.</artwork></figure> </t>0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C\\ 09B5D2D15DF1D852741AF4704A0458047E80E4546D35B8336FAC22\\ 4DD81664BBF528BE6373 ]]></artwork> </section> <sectiontitle="Ellipticnumbered="true" toc="default"> <name>Elliptic CurveCoefficients">Coefficients</name> <t>Parameters a and b take the following values in this example:</t><t><figure><artwork>a<artwork name="" type="ascii-art" align="left" alt=""><![CDATA[a =7,</artwork></figure></t> <t><figure><artwork>a7 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[a =0x7,</artwork></figure></t> <t><figure><artwork>b0x7 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[b =1518655069210828534508950034714043154928747527740206436\\ 1940188233528099824437937328297569147859746748660416053978836775\\ 96626326413990136959047435811826396,</artwork></figure></t> <t><figure><artwork>b15186550692108285345089500347140431549287475277402064361\\ 94018823352809982443793732829756914785974674866041605397\\ 883677596626326413990136959047435811826396 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[b =0x1CFF0806A31116DA29D8CFA54E57EB748BC5F377E49400FDD788B649ECA1AC4\\ 361834013B2AD7322480A89CA58E0CF74BC9E540C2ADD6897FAD0A3084F302ADC.</artwork></figure></t>0x1CFF0806A31116DA29D8CFA54E57EB748BC5F377E49400FDD788B6\\ 49ECA1AC4361834013B2AD7322480A89CA58E0CF74BC9E540C2ADD\\ 6897FAD0A3084F302ADC ]]></artwork> </section> <sectiontitle="Ellipticnumbered="true" toc="default"> <name>Elliptic Curve Points GroupOrder">Order</name> <t>Parameter m takes the following value in this example:</t><t><figure><artwork>m<artwork name="" type="ascii-art" align="left" alt=""><![CDATA[m =36239861022290036359077887536838743060213209255346786050865461\\ 504508561666239691648983050328630684999614040794379365854558651922\\ 12970734808812618120619743,</artwork></figure></t> <t><figure><artwork>m36239861022290036359077887536838743060213209255346786050\\ 86546150450856166623969164898305032863068499961404079437\\ 936585455865192212970734808812618120619743 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[m =0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C09B5D2D15D\\ A82F2D7ECB1DBAC719905C5EECC423F1D86E25EDBE23C595D644AAF187E6E6DF.</artwork></figure></t>0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C\\ 09B5D2D15DA82F2D7ECB1DBAC719905C5EECC423F1D86E25EDBE23\\ C595D644AAF187E6E6DF ]]></artwork> </section> <sectiontitle="Ordernumbered="true" toc="default"> <name>Order of Cyclic Subgroup of Elliptic Curve PointsGroup">Group</name> <t>Parameter q takes the following value in this example:</t><t><figure><artwork>q<artwork name="" type="ascii-art" align="left" alt=""><![CDATA[q =36239861022290036359077887536838743060213209255346786050865461\\ 504508561666239691648983050328630684999614040794379365854558651922\\ 12970734808812618120619743,</artwork></figure></t> <t><figure><artwork>q36239861022290036359077887536838743060213209255346786050\\ 86546150450856166623969164898305032863068499961404079437\\ 936585455865192212970734808812618120619743 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[q =0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C09B5D2D15D\\ A82F2D7ECB1DBAC719905C5EECC423F1D86E25EDBE23C595D644AAF187E6E6DF.</artwork></figure></t>0x4531ACD1FE0023C7550D267B6B2FEE80922B14B2FFB90F04D4EB7C\\ 09B5D2D15DA82F2D7ECB1DBAC719905C5EECC423F1D86E25EDBE23\\ C595D644AAF187E6E6DF ]]></artwork> </section> <sectiontitle="Ellipticnumbered="true" toc="default"> <name>Elliptic Curve PointCoordinates">Coordinates</name> <t>Point P coordinates take the following values in this example:</t><t><figure><artwork>x<artwork name="" type="ascii-art" align="left" alt=""><![CDATA[x =1928356944067022849399309401243137598997786635459507974357075491\\ 307766592685835441065557681003184874819658004903212332884252335830\\ 250729527632383493573274,</artwork></figure></t> <t><figure><artwork>x19283569440670228493993094012431375989977866354595079743\\ 57075491307766592685835441065557681003184874819658004903\\ 212332884252335830250729527632383493573274 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[x =0x24D19CC64572EE30F396BF6EBBFD7A6C5213B3B3D7057CC825F91093A68CD762\\ FD60611262CD838DC6B60AA7EEE804E28BC849977FAC33B4B530F1B120248A9A,</artwork></figure></t> <t><figure><artwork>y0x24D19CC64572EE30F396BF6EBBFD7A6C5213B3B3D7057CC825F910\\ 93A68CD762FD60611262CD838DC6B60AA7EEE804E28BC849977FAC\\ 33B4B530F1B120248A9A ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[y = 22887286933719728599700121555294784163535623273295061803\\144974259311028603015728141419970722717088070665938506503341523818\\ 57347798885864807605098724013854,</artwork></figure></t> <t><figure><artwork>y14497425931102860301572814141997072271708807066593850650\\ 334152381857347798885864807605098724013854 ]]></artwork> <artwork name="" type="ascii-art" align="left" alt=""><![CDATA[y =0x2BB312A43BD2CE6E0D020613C857ACDDCFBF061E91E5F2C3F32447C259F39B2\\ C83AB156D77F1496BF7EB3351E1EE4E43DC1A18B91B24640B6DBB92CB1ADD371E.</artwork></figure></t>0x2BB312A43BD2CE6E0D020613C857ACDDCFBF061E91E5F2C3F32447\\ C259F39B2C83AB156D77F1496BF7EB3351E1EE4E43DC1A18B91B24\\ 640B6DBB92CB1ADD371E ]]></artwork> </section> </section> <section anchor="contributors"title="Contributors"> <t> <list style="symbols"> <t>Semen Pianov <vspace/> InfoTeCS JSC <vspace /> Semen.Pianov@infotecs.ru </t> <t>Ekaterina Karelina<vspace/> InfoTeCS JSC <vspace /> Ekaterina.Karelina@infotecs.ru </t> <t>Dmitry Belyavsky<vspace /> Cryptocom <vspace /> beldmit@gmail.com </t> </list> </t>numbered="false" toc="default"> <name>Contributors</name> <contact fullname="Semen Pianov"> <organization>InfoTeCS JSC</organization> <address> <email>Semen.Pianov@infotecs.ru</email> </address> </contact> <contact fullname="Ekaterina Karelina"> <organization>InfoTeCS JSC</organization> <address> <email>Ekaterina.Karelina@infotecs.ru</email> </address> </contact> <contact fullname="Dmitry Belyavsky"> <organization>Cryptocom</organization> <address> <email>beldmit@gmail.com</email> </address> </contact> </section> </back> </rfc>