ASN.1 Type System

The concept of a data type is fundamental to the Abstract Syntax Notation One (ASN.1) standard. Every field of a certificate request structure is associated with a type. Consider, for example, the PKCS #10 ASN.1 certificate syntax shown in the following example.

--------------------------------------------------------------------
-- PKCS #10 Certificate request.
--------------------------------------------------------------------
CertificationRequestInfo ::= SEQUENCE 
{
   version                 CertificationRequestInfoVersion,
   subject                 Name,
   subjectPublicKeyInfo    SubjectPublicKeyInfo,
   attributes              [0] IMPLICIT Attributes
}

--------------------------------------------------------------------
-- Version number.
--------------------------------------------------------------------
CertificationRequestInfoVersion ::= INTEGER

--------------------------------------------------------------------
-- Subject distinguished name (DN).
--------------------------------------------------------------------
Name ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeTypeValue

AttributeTypeValue ::= SEQUENCE 
{
   type               OBJECT IDENTIFIER,
   value              ANY 
}

--------------------------------------------------------------------
-- Public key information.
--------------------------------------------------------------------
SubjectPublicKeyInfo ::= SEQUENCE 
{
   algorithm           AlgorithmIdentifier,
   subjectPublicKey    BITSTRING
}

AlgorithmIdentifier ::= SEQUENCE 
{
  algorithm           OBJECT IDENTIFIER,
  parameters          ANY OPTIONAL    
} 

--------------------------------------------------------------------
-- Attributes.
--------------------------------------------------------------------
Attributes ::= SET OF Attribute

Attribute ::= SEQUENCE 
{
   type               OBJECT IDENTIFIER,
   values             AttributeSetValue
}

AttributeSetValue ::= SET OF ANY

The high-level request structure, CertificationRequestInfo, is a type that is made up from a sequence of other types. When a type is or contains only basic types, string types, or ANY, it cannot be broken down further. For example, the version field is a CertificationRequestInfoVersion type which is, in turn, an INTEGER type, a basic ASN.1 type that is not composed from other types.

A type system enables the syntax of a request to be presented visually in a manner readily understood by developers, and it enables the request to be consistently encoded for transmission across a network. For more information about encoding, see Distinguished Encoding Rules. For more information about ASN.1 types, see the following topics.

Basic Types

Discusses the following data types:

• BIT STRING
• BOOLEAN
• INTEGER
• NULL
• OBJECT IDENTIFIER
• OCTET STRING

String Types

Discusses the following string types:

• BMPString
• IA5String
• PrintableString
• TeletexString
• UTF8String

Constructed Types

Discusses ASN.1 data types that can contain basic types, string types, or other constructed types.

Related topics

Certificate Request Encoding

DER Encoding of ASN.1 Types

Distinguished Encoding Rules

Introduction to ASN.1 Syntax and Encoding