Table 2 – GTA API Enrollment Profile org.opcfoundation.ECC-nistP256
|
Property |
Description |
|
Profile Dependencies |
org.opcfoundation.ECC-nistP256 for creation |
|
Enrollment Attributes |
org.opcfoundation.csr.subject (optional) |
CertificateRequestInfo.subject (according to IETF RFC 2986) in ASN.1 DER coding (binary). |
org.opcfoundation.csr.subjectAltName (optional) |
CertificateRequestInfo.subjectAltName GeneralNames structure to appear as subjectAltName inside an extensionRequest (IETF RFC 2985, IETF RFC 2986). The value shall be specified as ASN.1 DER encoded GeneralNames structure according to IETF RFC 5280. |
|
Enrollment Artifact |
PKCS#10 according to RFC 2986 in ASN.1 DER coding (binary). CertificateRequestInfo.subjectPKInfo contains the information on the personality’s EC public key. CertificationRequest.signatureAlgorithm and CertificationRequest.signature are providing the proof-of-possession calculated with the personality’s EC private key. CertificateRequestInfo.subject is provided via gta_context_set_attribute(). The subject alternative name is set according to the context attribute type org.opcfoundation.csr.subjectAltName,or in case org.opcfoundation.csr.subjectAltName is not set, the value is set according to the identifier that relates to the personality (personality attribute type ch.iec.30168.identifier) if the identifier type is org.opcfoundation.application_instance_urior the function fails if none of the information described above is available. |