From WikiWiki
Jump to navigation Jump to search

some x509 notes


selfsigned root

Authority Key Identifier == Subject Key Identifier subject == issuer

signature signatureValue

  The signatureValue field contains a digital signature computed upon
  the ASN.1 DER encoded tbsCertificate.  The ASN.1 DER encoded
  tbsCertificate is used as the input to the signature function

Signature = signed hash of tbsCertificate (to be signed)

Signature algorithms are always used in conjunction with a one-way hash function. The data to be signed (e.g., the one-way hash function output value) is formatted for the signature algorithm to be used. Then, a private key operation (e.g., RSA encryption) is performed to generate the signature value.