2.2.2.6.5 Null Signature

In CMS and CMC certificate request formats, the PKCS #10 request specified in the TaggedRequest field (see section 3.2.1.4.2.1.4.1.3) can contain only a null signature with the following signature field values:

signatureAlgorithm (see section 4.2, [RFC2986]) would be set to a hashing algorithm such as "Sha256" (OID 2.16.840.1.101.3.4.2.1).

signature (see section 4.2, [RFC2986]) contains only the unencrypted hash octets computed over the DER encoded certificationRequestInfo component (see section 4.2 of RFC2986) using the hash algorithm specified in the signatureAlgorithm field.

Clients can send a PKCS #10 request with a null signature when the PKCS #10 request is specified in the TaggedRequest field in the CMS and CMC request formats as specified in sections 3.1.1.4.3.1.3,  3.1.1.4.3.2.2, 3.1.1.4.3.3.3, 3.1.1.4.3.6.1, and 3.2.1.4.2.1.4.1.1.

If the signature validation fails in section 3.2.1.4.2.1.4.1.1, then the CA MUST also check for a null signature and return a nonzero error to the client only when null signature validation fails as well. CA MUST check for a null signature only when the PKCS#10 request is specified in the CMS and CMC request formats as specified in sections 3.2.1.4.2.1.4.1.3, 3.2.1.4.2.1.4.2.2, 3.2.2.6.2.1.2.1.2, and 3.2.2.6.2.1.2.2.