1、 KSKSKSKSKSKSKSK KSKSKS KSKSK KSKS KSK KS KS X ISO/IEC 18014 1 1: KS X ISO/IEC 18014 1:2008 2008 11 24 http:/www.kats.go.krKS X ISO/IEC 18014 1:2008 : e- ( ) ( ) () () ( ) : (http:/www.standard.go.kr) : : 2003 12 29 : 2008 11 24 2008-0798 : e- : ( 025097262) (http:/www.kats.go.kr). 10 5 , . KS X ISO
2、/IEC 18014 1:2008 i ii .1 1 1 2 1 3 2 4 .3 5 .6 6 .7 A( ) ASN.1 .12 B( ) 16 24 KS X ISO/IEC 18014 1:2008 .25 KS X ISO/IEC 18014 1:2008 ii e- . KS X ISO/IEC 18014 1: 2008 . A( ) ASN.1 B( ) KS X ISO/IEC 18014: 2008 “ ” . 1: 2: 3: . KS X ISO/IEC 18014 1:2008 1: Information technology Security technique
3、s Time-stamping services Part 1: Framework 2002 1 ISO/IEC 18014 1, Information technology Security techniques Time-stamping services Part 1: Framework . 1 a) (identify) b) c) d) e) f) 2 . . ( .) . KS X 1601 1: 1998, ASN.1 : (BER), (CER) (DER) KS X 4110 1: 1998, 1 (ASN.1): KS X ISO 8601, KS X ISO/IEC
4、 8824 1, 1(ASN.1): 1: KS X ISO/IEC 9798 1, 1: KS X ISO/IEC 10118 1, 1: KS X ISO/IEC 10118 2, 2: n-bit block cipher KS X ISO/IEC 11770 1, 1: KS X ISO/IEC 11770 3, 3: KS X ISO/IEC 18014 1:2008 2 KS X ISO/IEC 14888 2: 2001, 2: KS X ISO/IEC 14888 3: 2001, 3: KS X ISO/IEC 15946 2, 3: 3 KS X ISO/IEC 9798
5、1 . KS X ISO/IEC 10118 1 . 2 . 2 . . . KS X ISO/IEC 11770 1 . (CA) (center). . . KS X ISO/IEC 18014 1:2008 3 , KS X ISO/IEC 11770 3 . , 3 , 3 (TTP) (Authority) ( ) . 3.1 3.2 (TSA) 3 3.3 . 3.4 3 . 3.5 . . 3.6 . 3 . 4 KS X ISO/IEC 18014 1:2008 4 . . . . . . . TSA . . . . . TSA . . . 4.1 . , . . . (TSA
6、) . . . TSA . . TSA ( 5.1 5.2 ). . 4.2 . . . , . a) ( TSA ). b) TSA TSA . KS X ISO/IEC 18014 1:2008 5 c) . TSA . . , . , . . . ( ) . (transport) . 4.3 , . TSA , TSA . . . . , . . 1 . 1 1 t1 S TSA 2 S t2 TSA . 3 t1 S t2TSA TSA . 1( ) . . 2 . 3 . 4.4 , . KS X ISO/IEC 18014 1:2008 6 . 3 (TTP) . 4.5 . (
7、TSA) , . . TSA . 5 TSA, TSA . . 5.1 ( ) TSA . . KS X ISO/IEC 10118 2, 3, 4 . 1. TSA . (nonce) 2 . 2. TSA . 3. TSA (Time-Stamp Token) . . , , (nonce) TSA TSA KS X ISO/IEC 14888 3 KS X ISO/IEC 15946 2 . 4. TSA . 5. (eventually) (relying) . 1 TSA . . KS X ISO/IEC 18014 1:2008 7 1 TSA 5.2 . . TTP . TSA
8、. . TTP . KS X ISO/IEC 18014 2, 3 . 6 5. / , TSA TSA / . ASN.1 . ASN.1 A . . 6.1 TimeStampReq . TimeStampReq . TimeStampReq := SEQUENCE version Version, messageImprint MessageImprint, reqPolicy TSAPolicyId OPTIONAL, nonce INTEGER OPTIONAL, certReq BOOLEAN DEFAULT FALSE, extensions 0 Extensions OPTIO
9、NAL . version messageImprint reqPolicy TSA nonce . . CertReq TSA KS X ISO/IEC 18014 1:2008 8 Extensions . MessageImprint . MessageImprint := SEQUENCE hashAlgorithm DigestAlgorithmIdentifier, hashedMessage OCTET STRING hashAlgorithm hashedMessage hashAlgorithm . TSAPolicyId . TSAPolicyId := POLICY. -
10、 IMPORTS - ISO/IEC 9594-8 | ITU-T Rec. X.509 AuthenticationFramework - EXTENSION, Extensions FROM AuthenticationFramework joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 4 - ISO/IEC 9594-8 | ITU-T Rec. X.509 CertificateExtensions - GeneralName FROM CertificateExtensions joint-iso-itu-t ds
11、(5) module(1) certificateExtensions(26) 4 AuthenticatedData, SignedData FROM CryptographicMessageSyntax iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) ; TimeStampReq := SEQUENCE version Version, messageImprint MessageImprint, reqPolicy TSAPolicyId OPTIONAL
12、, nonce Nonce OPTIONAL, certReq BOOLEAN DEFAULT FALSE, extensions 0 Extensions OPTIONAL MessageImprint := SEQUENCE hashAlgorithm DigestAlgorithmIdentifier, hashedMessage OCTET STRING DigestAlgorithmIdentifier := AlgorithmIdentifier DigestAlgorithms DigestAlgorithms ALGORITHM := OID sha1 PARMS NULL ,
13、 - - Expect additional digest algorithms - TSAPolicyId := POLICY.&id(TSAPolicies) TSAPolicies POLICY := - . - Any supported TSA policy - TimeStampResp := SEQUENCE status PKIStatusInfo, timeStampToken TimeStampToken OPTIONAL KS X ISO/IEC 18014 1:2008 13 PKIStatusInfo := SEQUENCE status PKIStatus, sta
14、tusString PKIFreeText OPTIONAL, failInfo PKIFailureInfo OPTIONAL PKIStatus := INTEGER granted (0), - . grantWithMods (1), - . . rejection (2), - . . waiting (3), - . . revocationWarning (4), - . revocationNotification (5), - . PKIFreeText := SEQUENCE SIZE(1MAX) OF UTF8String PKIFailureInfo := BIT ST
15、RING badAlg (0), - badRequest (2), - badDataFormat (5), - . timeNotAvailable (14), - TSA . unacceptedPolicy (15), - TSA . unacceptedExtension (16) TSA . addInfoNotAvailable (17) . systemFailure (25) TimeStampToken := SEQUENCE contentType CONTENT.&id(Contents), content 0 EXPLICIT CONTENT.&Type(Conten
16、tscontentType) Contents CONTENT := time-stamp-mechanism-signature | time-stamp-mechanism-MAC | time-stamp-mechanism-archival, - - - - time-stamp-mechanism-signature CONTENT := SignedData IDENTIFIED BY id-signedData time-stamp-mechanism-MAC CONTENT := AuthenticatedData IDENTIFIED BY id-ct-authData ti
17、me-stamp-mechanism-archival CONTENT := ETSTInfo IDENTIFIED BY id-data ETSTInfo := OCTET STRING (CONTAINING TSTInfo ENCODED BY der) TSTInfo := SEQUENCE version Version, policy TSAPolicyId, messageImprint MessageImprint, serialNumber SerialNumber, genTime GeneralizedTime, accuracy Accuracy OPTIONAL, K
18、S X ISO/IEC 18014 1:2008 14 ordering BOOLEAN DEFAULT FALSE, nonce Nonce OPTIONAL, tsa 0 EXPLICIT GeneralName OPTIONAL, extensions 1 Extensions OPTIONAL Version := INTEGER v1(1) SerialNumber := INTEGER Accuracy := SEQUENCE seconds INTEGER OPTIONAL, millis 0 INTEGER(1999) OPTIONAL, micros 1 INTEGER(19
19、99) OPTIONAL (ALL EXCEPT( - no components present - ) Ordering := BOOLEAN Nonce := INTEGER - - - TSExtensions EXTENSION := extHash | extMethod, - - extHash EXTENSION := SYNTAX ExtHash IDENTIFIED BY tsp-ext-hash ExtHash := SEQUENCE SIZE(1MAX) OF MessageImprint extMethod EXTENSION := SYNTAX ExtMethod
20、IDENTIFIED BY tsp-ext-meth ExtMethod := SEQUENCE SIZE(1MAX) OF Method Method := METHOD.&id(Methods) Methods METHOD := - - - EncapsulatedContentInfo:= SEQUENCE eContentType CONTENT.&id(EContents), eContent 0 EXPLICIT CONTENT.&Type(EContents eContentType) EContents CONTENT := ETSTInfo IDENTIFIED BY id
21、-ct-TSTInfo , - - - - Supporting definitions AlgorithmIdentifier ALGORITHM:IOSet := SEQUENCE algorithm ALGORITHM.&id(IOSet), parameters ALGORITHM.&Type(IOSetalgorithm) OPTIONAL ALGORITHM := CLASS &id OBJECT IDENTIFIER UNIQUE, &Type OPTIONAL WITH SYNTAX OID &id PARMS &Type CONTENT := TYPE-IDENTIFIER - ISO/IEC 8824-2, Annex A KS X ISO/IEC 18014
copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1