ANNEX I CU.K.Requirements for construction, testing, installation, and inspection
Appendix 11
COMMON SECURITY MECHANISMS U.K.
PART BU.K. SECOND-GENERATION TACHOGRAPH SYSTEM
9.KEYS AND CERTIFICATESU.K.
9.3. Certificates U.K.
9.3.1 General U.K.
CSM_134All certificates in the European Smart Tachograph system shall be self-descriptive, card-verifiable (CV) certificates according to [ISO 7816-4] and [ISO 7816-8].U.K.
CSM_135 [F1The Distinguished Encoding Rules (DER) according to [ISO 8825-1] shall be used to encode the data objects within certificates. Table 4 shows the full certificate encoding, including all tag and length bytes.] U.K.
Note: this encoding results in a Tag-Length-Value (TLV) structure as follows:U.K.
:
The tag is encoded in one or two octets and indicates the content.
:
The length is encoded as an unsigned integer in one, two, or three octets, resulting in a maximum length of 65 535 octets. The minimum number of octets shall be used.
:
The value is encoded in zero or more octets
Textual Amendments
9.3.2 Certificate Content U.K.
CSM_136All certificates shall have the structure shown in the certificate profile in Table 4.U.K.
| Table 4 | ||||
| Certificate Profile version 1 | ||||
| Field | Field ID | Tag | Length (bytes) | ASN.1 data type(see Appendix 1) |
|---|---|---|---|---|
| ECC Certificate | C | ‘7F 21’ | var | |
| ECC Certificate Body | B | ‘7F 4E’ | var | |
| Certificate Profile Identifier | CPI | ‘5F 29’ | ‘01’ |  |
| Certificate Authority Reference | CAR | ‘42’ | ‘08’ |  |
| Certificate Holder Authorisation | CHA | ‘5F 4C’ | ‘07’ |   |
| Public Key | PK | ‘7F 49’ | var | |
| Domain Parameters | DP | ‘06’ | var |  |
| Public Point | PP | ‘86’ | var |  |
| Certificate Holder Reference | CHR | ‘5F 20’ | ‘08’ |  |
| Certificate Effective Date | CEfD | ‘5F 25’ | ‘04’ |  |
| Certificate Expiration Date | CExD | ‘5F 24’ | ‘04’ |  |
| ECC Certificate Signature | S | ‘5F 37’ | var |  |
Note: the Field ID will be used in later sections of this Appendix to indicate individual fields of a certificate, e.g. X.CAR is the Certificate Authority Reference mentioned in the certificate of user X.U.K.
9.3.2.1Certificate Profile IdentifierU.K.
CSM_137Certificates shall use a Certificate Profile Identifier to indicate the certificate profile used. Version 1, as specified in Table 4, shall be identified by a value of ‘00’.U.K.
9.3.2.2Certificate Authority ReferenceU.K.
CSM_138The Certificate Authority Reference shall be used to identify the public key to be used to verify the certificate signature. The Certificate Authority Reference shall therefore be equal to the Certificate Holder Reference in the certificate of the corresponding certificate authority.U.K.
CSM_139An ERCA root certificate shall be self-signed, i.e., the Certificate Authority Reference and the Certificate Holder Reference in the certificate shall be equal.U.K.
CSM_140For an ERCA link certificate, the Certificate Holder Reference shall be equal to the CHR of the new ERCA root certificate. The Certificate Authority Reference for a link certificate shall be equal to the CHR of the previous ERCA root certificate.U.K.
9.3.2.3Certificate Holder AuthorisationU.K.
[F1CSM_141 The Certificate Holder Authorisation shall be used to identify the type of certificate. It consists of the six most significant bytes of the Tachograph Application ID, concatenated with the equipment type, which indicates the type of equipment for which the certificate is intended. In the case of a VU certificate, a driver card certificate or a workshop card certificate, the equipment type is also used to differentiate between a certificate for Mutual Authentication and a certificate for creating digital signatures (see section 9.1 and Appendix 1, data type EquipmentType).] U.K.
9.3.2.4Public KeyU.K.
The Public Key nests two data elements: the standardized domain parameters to be used with the public key in the certificate and the value of the public point.
CSM_142The data element Domain Parameters shall contain one of the object identifiers specified in Table 1 to reference a set of standardized domain parameters.U.K.
CSM_143The data element Public Point shall contain the public point. Elliptic curve public points shall be converted to octet strings as specified in [TR-03111]. The uncompressed encoding format shall be used. When recovering an elliptic curve point from its encoded format, the validations described in [TR-03111] shall always be carried out.U.K.
9.3.2.5Certificate Holder ReferenceU.K.
CSM_144The Certificate Holder Reference is an identifier for the public key provided in the certificate. It shall be used to reference this public key in other certificates.U.K.
CSM_145For card certificates and external GNSS facility certificates, the Certificate Holder Reference shall have the 
data type specified in Appendix 1.U.K.
CSM_146For vehicle units, the manufacturer, when requesting a certificate, may or may not know the manufacturer-specific serial number of the VU for which that certificate and the associated private key is intended. In the first case, the Certificate Holder Reference shall have the 
data type specified in Appendix 1. In the latter case, the Certificate Holder Reference shall have the 
data type specified in Appendix 1.U.K.
[F2Note: For a card certificate, the value of the CHR shall be equal to the value of the cardExtendedSerialNumber in EF_ICC; see Appendix 2. For an EGF certificate, the value of the CHR shall be equal to the value of the sensorGNSSSerialNumber in EF_ICC; see Appendix 14. For a VU certificate, the value of the CHR shall be equal to the vuSerialNumber element of VuIdentification, see Appendix 1, unless the manufacturer does not know the manufacturer-specific serial number at the time the certificate is requested.] U.K.
CSM_147For ERCA and MSCA certificates, the Certificate Holder Reference shall have the 
data type specified in Appendix 1.U.K.
9.3.2.6Certificate Effective DateU.K.
[F1CSM_148 The Certificate Effective Date shall indicate the starting date and time of the validity period of the certificate.] U.K.
9.3.2.7Certificate Expiration DateU.K.
CSM_149The Certificate Expiration Date shall indicate the end date and time of the validity period of the certificate.U.K.
9.3.2.8Certificate SignatureU.K.
CSM_150The signature on the certificate shall be created over the encoded certificate body, including the certificate body tag and length. The signature algorithm shall be ECDSA, as specified in [DSS], using the hashing algorithm linked to the key size of the signing authority, as specified in CSM_50. The signature format shall be plain, as specified in [TR-03111].U.K.
9.3.3 Requesting Certificates U.K.
CSM_151 [F1When requesting a certificate, an MSCA shall send the following data to the ERCA:] U.K.
The Certificate Profile Identifier of the requested certificate
The Certificate Authority Reference expected to be used for signing the certificate.
The Public Key to be signed
CSM_152In addition to the data in CSM_151, an MSCA shall send the following data in a certificate request to the ERCA, allowing the ERCA to create the Certificate Holder Reference of the new MSCA certificate:U.K.
The numerical nation code of the Certification Authority (data type
defined in Appendix 1)
The alphanumerical nation code of the Certification Authority (data type
defined in Appendix 1)
The 1-byte serial number to distinguish the different keys of the Certification Authority in the case keys are changed
The two-byte field containing Certification Authority specific additional info
[F1CSM_153 An equipment manufacturer shall send the following data in a certificate request to an MSCA, allowing the MSCA to create the Certificate Holder Reference of the new equipment certificate: U.K.
If known (see CSM_154), a serial number for the equipment, unique for the manufacturer, the equipment's type and the month of manufacturing. Otherwise, a unique certificate request identifier.
The month and the year of equipment manufacturing or of the certificate request.
The manufacturer shall ensure that this data is correct and that the certificate returned by the MSCA is inserted in the intended equipment.]