163 blogs的博客：[转] Distinguished Encoding Rules (from MSDN)

[转] Distinguished Encoding Rules (from MSDN)

发布时间：2012-8-22 16:43
分类名称：PKI

今天偶尔看MSND，发现里面讲解的DER编码通俗易懂，图文并茂。

Abstract Syntax Notation One (ASN.1) defines the following rule sets that govern how data structures that are being sent between computers are encoded and decoded.

Basic Encoding Rules (BER)
Canonical Encoding Rules (CER)
Distinguished Encoding Rules (DER)
Packed Encoding Rules (PER)

The original rule set was defined by the BER specification. CER and DER were developed later as specialized subsets of BER. PER was developed in response to criticisms about the amount of bandwidth required to transmit data using BER or its variants. PER provides a significant savings.

DER was created to satisfy the requirements of the X.509 specification for secure data transfer. The Certificate Enrollment API uses DER exclusively.

DER Transfer Syntax

Applying an encoding rule to the data structures described by an abstract syntax provides a transfer syntax that governs how bytes in a stream are organized when sent between computers. The transfer syntax used by Distinguished Encoding Rules always follows a Tag, Length, Value format. The format is usually referred to as a TLV triplet in which each field (T, L, or V) contains one or more bytes.

The Tag field specifies the type of the data structure being sent, the Length field specifies the number of bytes of content being transferred, and the Value field contains the content. Note that the Value field can be a triplet if it contains a constructed data type as shown by the following illustration.

Encoded Tag Bytes

The Tag field in a TLV triplet identifies the type of the data structure being sent between computers. For example, the tag for an integer is 0x02, and the tag for an object identifier is 0x06. Although multiple bytes are permitted, none of the data types used by the Certificate Enrollment API require more than one. The following illustration shows the breakdown of a Tag value. Bits 7 and 6 identify the ASN.1 tagging class. There are four available classes, but the Certificate Enrollment API uses data types that belong only to the UNIVERSAL class. Bit 5 identifies whether the encoding form is primitive or constructed. Basic and string types are encoded by using primitive forms, constructed types by using a constructed form. For more information, see ASN.1 Type System. Bits 4 through 0 contain the tag number.

The following table lists the data types supported by the Certificate Enrollment API, the encoding form used, and the tag value.

Type	ASN.1 class	Encoding form	Tag value
BIT STRING	UNIVERSAL	Primitive	00000011 (0x03)
BOOLEAN	UNIVERSAL	Primitive	00000001 (0x01)
INTEGER	UNIVERSAL	Primitive	00000010 (0x02)
NULL	UNIVERSAL	Primitive	00000101 (0x05)
OBJECT IDENTIFIER	UNIVERSAL	Primitive	00000110 (0x06)
OCTET STRING	UNIVERSAL	Primitive	00000100 (0x04)
BMPString	UNIVERSAL	Primitive	00011110 (0x1E)
IA5String	UNIVERSAL	Primitive	00010110 (0x16)
PrintableString	UNIVERSAL	Primitive	00010011 (0x13)
TeletexString	UNIVERSAL	Primitive	00010100 (0x14)
UTF8String	UNIVERSAL	Primitive	00001100 (0x0C)
SEQUENCE	UNIVERSAL	Constructed	00110000 (0x30)
SEQUENCE OF	UNIVERSAL	Constructed	00110000 (0x30)
SET	UNIVERSAL	Constructed	00110001 (0x31)
SET OF	UNIVERSAL	Constructed	00110001 (0x31)

Encoded Length and Value Bytes

The Length field in a TLV triplet identifies the number of bytes encoded in the Value field. The Value field contains the content being sent between computers. If the Value field contains fewer than 128 bytes, the Length field requires only one byte. Bit 7 of the Length field is zero (0) and the remaining bits identify the number of bytes of content being sent. If the Value field contains more than 127 bytes, bit 7 of the Length field is one (1) and the remaining bits identify the number of bytes needed to contain the length. Examples are shown in the following illustration.

DER Encoding of ASN.1 Types

BIT STRING

The BIT STRING data type is encoded into a TLV triplet that begins with a Tag byte of 0x03. The Value field of the TLV triplet contains a leading byte that specifies the number of bits left unused in the final byte of content. In the following example, the Length field is set to 0x03 because three content bytes follow, and the leading byte of the Value field is set to 0x04 because there are four unused bits in the last content byte. Each unused bit is denoted by the letter x.

The following example, adapted from the PKCS #10 Encoded ASN.1 topic, shows the encoded signature of a sample PKCS #10 certificate request. The first byte contains the Tag value for the BIT STRING data type, 0x03. The second and third bytes contain the length of the byte array. Bit 7 of the second byte is set to 1 because there are more than 127 bytes of content. Bits 0 through 6 of the second byte specify the number of trailing Length bytes, in this case one. The third byte specifies the number of content bytes, 0x81. The fourth byte, 0x00, specifies the number of unused bits that exist in the last content byte. Note that the signature is encoded in big-endian byte order.

0299: 03 81 81 ; BIT_STRING (81 Bytes)

029c: 00

029d: 47 eb 99 5a df 9e 70 0d fb a7 31 32 c1 5f 5c 24

02ad: c2 e0 bf c6 24 af 15 66 0e b8 6a 2e ab 2b c4 97

02bd: 1f e3 cb dc 63 a5 25 ec c7 b4 28 61 66 36 a1 31

02cd: 1b bf dd d0 fc bf 17 94 90 1d e5 5e c7 11 5e c9

02dd: 55 9f eb a3 3e 14 c7 99 a6 cb ba a1 46 0f 39 d4

02ed: 44 c4 c8 4b 76 0e 20 5d 6d a9 34 9e d4 d5 87 42

02fd: eb 24 26 51 14 90 b4 0f 06 5e 52 88 32 7a 95 20

030d: a0 fd f7 e5 7d 60 dd 72 68 9b f5 7b 05 8f 6d 1e

OBJECT IDENTIFIER

3 out of 3 rated this helpful - Rate this topic

The OBJECT IDENTIFIER data type is encoded into a TLV triplet that begins with a Tag value of 0x06. Each integer of a dotted decimal object identifier (OID) is encoded according to the following rules:

The first two nodes of the OID are encoded onto a single byte. The first node is multiplied by the decimal 40 and the result is added to the value of the second node.
Node values less than or equal to 127 are encoded on one byte.
Node values greater than or equal to 128 are encoded on multiple bytes. Bit 7 of the leftmost byte is set to one. Bits 0 through 6 of each byte contains the encoded value.

These points are shown by the following illustration.

The following example shows how the ClientId attribute is encoded in a certificate request.

Copy

06 09 ; OBJECT_ID (9 Bytes)

| 2b 06 01 04 01 82 37 15 14 ; 1.3.6.1.4.1.311.21.20

31 4a ; SET (4a Bytes)

30 48 ; SEQUENCE (48 Bytes)

02 01 ; INTEGER (1 Bytes)

| 09

0c 23 ; UTF8_STRING (23 Bytes)

| 76 69 63 68 33 64 2e 6a ; vich3d.j

| 64 6f 6d 63 73 63 2e 6e ; domcsc.n

| 74 74 65 73 74 2e 6d 69 ; ttest.mi

| 63 72 6f 73 6f 66 74 2e ; crosoft.

| 63 6f 6d ; com

0c 15 ; UTF8_STRING (15 Bytes)

| 4a 44 4f 4d 43 53 43 5c ; JDOMCSC\

| 61 64 6d 69 6e 69 73 74 ; administ

| 72 61 74 6f 72 ; rator

0c 07 ; UTF8_STRING (7 Bytes)

63 65 72 74 72 65 71 ; certreq

BOOLEAN

A Boolean value can be TRUE or FALSE. FALSE is encoded as a TLV triplet in which the Value field is zero (0). TRUE is encoded as a nonzero value. The Tag for the BOOLEAN data type is 0x01.

INTEGER

Integer values are encoded into a TLV triplet that begins with a Tag value of 0x02. The Value field of the TLV triplet contains the encoded integer if it is positive, or its two's complement if it is negative. If the integer is positive but the high order bit is set to 1, a leading 0x00 is added to the content to indicate that the number is not negative. For example, the high order byte of 0x8F (10001111) is 1. Therefore a leading zero byte is added to the content as shown in the following illustration.

If the integer contains fewer than 128 bytes, the Length field requires only one byte to specify the content length. If the integer is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For more information, see Encoded Length and Value Bytes.

The following example, from PKCS #10 Encoded ASN.1, shows the encoding for a 128 byte public key. The first byte contains the Tag value for the INTEGER data type, 0x02. The second and third bytes contain the Length value. Bit 7 of the second byte is set to 1 because there are more than 127 bytes of content. Bits 0 through 6 of the second byte specify the number of trailing bytes needed, in this case one, to accurately specify the content length. The third byte specifies the number of content bytes, 0x81. The fourth byte, 0x00, is added to the content to indicate that the integer is indeed a positive value even though the sign bit of the leading content byte (0x8F) is set to 1.

02 81 81 ; INTEGER (81 Bytes)

| 00

| 8f e2 41 2a 08 e8 51 a8 8c b3 e8 53 e7 d5 49 50

| b3 27 8a 2b cb ea b5 42 73 ea 02 57 cc 65 33 ee

| 88 20 61 a1 17 56 c1 24 18 e3 a8 08 d3 be d9 31

| f3 37 0b 94 b8 cc 43 08 0b 70 24 f7 9c b1 8d 5d

| d6 6d 82 d0 54 09 84 f8 9f 97 01 75 05 9c 89 d4

| d5 c9 1e c9 13 d7 2a 6b 30 91 19 d6 d4 42 e0 c4

| 9d 7c 92 71 e1 b2 2f 5c 8d ee f0 f1 17 1e d2 5f

| 31 5b b1 9c bc 20 55 bf 3a 37 42 45 75 dc 90 65

The following example shows how the integer value 0x03 is encoded. The Tag byte contains 0x02, and the Length byte specifies that there is one byte of content.

02 01 ; INTEGER (1 Bytes)

| 03

NULL

The NULL value is encoded into a TLV triplet that begins with a Tag value of 0x05, a Length of 0x00, and no Value byte as shown by the following illustration.

The fifth line of the following example, adapted from the PKCS #10 Encoded ASN.1 topic, shows an encoded NULL value. The first byte is 0x05, and the second byte is 0x00. There is no content byte.

30 81 9f ; SEQUENCE (9f Bytes)

| 30 0d ; SEQUENCE (d Bytes)

| | 06 09 ; OBJECT_ID (9 Bytes)

| | | 2a 86 48 86 f7 0d 01 01 01 ; 1.2.840.113549.1.1.1

| | 05 00 ; NULL (0 Bytes)

| 03 81 8d ; BIT_STRING (8d Bytes)

| 00

| 30 81 89 ; SEQUENCE (89 Bytes)

| 02 81 81 ; INTEGER (81 Bytes)

| | 00

| | 8f e2 41 2a 08 e8 51 a8 8c b3 e8 53 e7 d5 49 50

| | b3 27 8a 2b cb ea b5 42 73 ea 02 57 cc 65 33 ee

| | 88 20 61 a1 17 56 c1 24 18 e3 a8 08 d3 be d9 31

| | f3 37 0b 94 b8 cc 43 08 0b 70 24 f7 9c b1 8d 5d

| | d6 6d 82 d0 54 09 84 f8 9f 97 01 75 05 9c 89 d4

| | d5 c9 1e c9 13 d7 2a 6b 30 91 19 d6 d4 42 e0 c4

| | 9d 7c 92 71 e1 b2 2f 5c 8d ee f0 f1 17 1e d2 5f

| | 31 5b b1 9c bc 20 55 bf 3a 37 42 45 75 dc 90 65

| 02 03 ; INTEGER (3 Bytes)

| 01 00 01

OCTET STRING

The ASN.1 OCTET STRING data type is encoded into a TLV triplet that begins with a Tag byte of 0x04. The OCTET STRING and BIT STRING data types are very similar. Thus, the two types are encoded in a similar manner except that, because the trailing byte of an OCTET STRING cannot have unused bits, no leading bytes must be added to the content. The following example, adapted from the CMC Encoded ASN.1 topic, shows how the name of a certificate template is encoded as a byte array.

30 17 ; SEQUENCE (17 Bytes)

| 06 09 ; OBJECT_ID (9 Bytes)

| | 2b 06 01 04 01 82 37 14 02 ; 1.3.6.1.4.1.311.20.2

| 04 0a ; OCTET_STRING (a Bytes)

| 1e 08 00 55 00 73 00 65 00 72 ; ...U.s.e.r

If the byte array contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If it is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. This is shown in the following example where the high order bit of the second byte on the first line is set to 1 and the byte indicates that there is a trailing Length byte. The third byte therefore specifies that the content is 0x80 bytes long.

04 81 80 ; OCTET_STRING (80 Bytes)

38 10 60 e2 70 69 91 4a ; 8.`.pi.J

8b b5 22 57 2a 62 ef de ; .."W*b..

15 7d 59 d6 4e 20 9a 45 ; .}Y.N .E

2b e3 fd fc 68 ba af bf ; +...h...

9c 17 b0 8e 6d c4 29 1e ; ....m.).

e3 21 ac bb 5a 8a c9 67 ; .!..Z..g

0a d4 45 93 10 c0 26 eb ; ..E...&.

0a 83 c2 b1 40 87 36 f7 ; ....@.6.

a0 26 da b9 bb 46 73 88 ; .&...Fs.

7a 67 b9 e6 b3 6f ea 59 ; zg...o.Y

28 8a d3 92 72 f6 7b 89 ; (...r.{.

a0 d8 2d 9e 40 eb 1e bb ; ..-.@...

6e ae f0 5a ed 16 c9 e3 ; n..Z....

27 59 37 8f f3 4a 98 60 ; 'Y7..J.`

f8 fb a7 0a ee 1b 6e 91 ; ......n.

95 96 cf 0d 56 ac ab 35 ; ....V..5

BMPString

1 out of 1 rated this helpful - Rate this topic

The ASN.1 BMPString data type, called a UNICODE_STRING in the Certificate Enrollment API, is encoded into a TLV triplet that begins with a Tag byte of 0x1E. The following example, adapted from the CMC Encoded ASN.1 topic, shows the encoding for a TemplateName extension. The name can be specified by using the IX509ExtensionTemplateName interface. The object identifier for the extension is 1.3.6.1.4.1.311.13.2.1.

Copy

06 0a ; OBJECT_ID (a Bytes)

| 2b 06 01 04 01 82 37 0d 02 01 ; 1.3.6.1.4.1.311.13.2.1

31 34 ; SET (34 Bytes)

30 32 ; SEQUENCE (32 Bytes)

1e 26 ; UNICODE_STRING (26 Bytes)

| 00 43 00 65 00 72 00 74 ; .C.e.r.t

| 00 69 00 66 00 69 00 63 ; .i.f.i.c

| 00 61 00 74 00 65 00 54 ; .a.t.e.T

| 00 65 00 6d 00 70 00 6c ; .e.m.p.l

| 00 61 00 74 00 65 ; .a.t.e

1e 08 ; UNICODE_STRING (8 Bytes)

00 55 00 73 00 65 00 72 ; .U.s.e.r

If the string contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If the string is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For more information, see Encoded Length and Value Bytes.

IA5String

The ASN.1 IA5tring data type is encoded into a TLV triplet that begins with a Tag byte of 0x16. The following example, adapted from the CMC Encoded ASN.1 topic, shows how the OSVersion attribute is encoded as an IA5tring type. The version number can be specified by using the IX509AttributeOSVersion interface. The object identifier for the attribute is 1.3.6.1.4.1.311.13.2.3.

06 0a ; OBJECT_ID (a Bytes)

| 2b 06 01 04 01 82 37 0d 02 03 ; 1.3.6.1.4.1.311.13.2.3

31 0c ; SET (c Bytes)

16 0a ; IA5_STRING (a Bytes)

36 2e 30 2e 35 33 36 31 2e 32 ; 6.0.5361.2

PrintableString

The ASN.1 PrintableString data type is encoded into a TLV triplet that begins with a Tag byte of 0x13. The following example, from the PKCS #10 Encoded ASN.1 topic, shows how a user common name of TestCN is encoded as a PrintableString type. The object identifier for a common name is 2.5.4.3.

06 03 ; OBJECT_ID (3 Bytes)

| 55 04 03 ; 2.5.4.3 Common Name (CN)

13 06 ; PRINTABLE_STRING (6 Bytes)

54 65 73 74 43 4e ; TestCN

UTF8String

The ASN.1 UTF8String data type is encoded into a TLV triplet that begins with a Tag byte of 0x0C. The following example, from the CMC Encoded ASN.1 topic, shows how the ClientId attribute is encoded as an integer and three UTF8String types. The object identifier for the attribute is 1.3.6.1.4.1.311.21.20. The information, which can be specified by using the IX509AttributeClientId interface, includes a client ID number, the Domain Name System (DNS) computer name, the Security Accounts Manager (SAM) user name, and the name of the application that created the certificate request.

06 09 ; OBJECT_ID (9 Bytes)

| 2b 06 01 04 01 82 37 15 14 ; 1.3.6.1.4.1.311.21.20

31 4a ; SET (4a Bytes)

30 48 ; SEQUENCE (48 Bytes)

02 01 ; INTEGER (1 Bytes)

| 09

0c 23 ; UTF8_STRING (23 Bytes)

| 76 69 63 68 33 64 2e 6a ; vich3d.j

| 64 6f 6d 63 73 63 2e 6e ; domcsc.n

| 74 74 65 73 74 2e 6d 69 ; ttest.mi

| 63 72 6f 73 6f 66 74 2e ; crosoft.

| 63 6f 6d ; com

0c 15 ; UTF8_STRING (15 Bytes)

| 4a 44 4f 4d 43 53 43 5c ; JDOMCSC\

| 61 64 6d 69 6e 69 73 74 ; administ

| 72 61 74 6f 72 ; rator

0c 07 ; UTF8_STRING (7 Bytes)

63 65 72 74 72 65 71 ; certreq

SEQUENCE

A SEQUENCE contains an ordered field of one or more types. It is encoded into a TLV triplet that begins with a Tag byte of 0x30. The following Certutil.exe output from the PKCS #10 Encoded ASN.1 topic provides multiple examples of SEQUENCE data structures. The output shows a 128 byte public key and three byte exponent.

30 81 9f ; SEQUENCE (9f Bytes)

| 30 0d ; SEQUENCE (d Bytes)

| | | 06 09 ; OBJECT_ID (9 Bytes)

| | | 2a 86 48 86 f7 0d 01 01 01 ; 1.2.840.113549.1.1.1

| | 05 00 ; NULL (0 Bytes)

| 03 81 8d ; BIT_STRING (8d Bytes)

| 00

| 30 81 89 ; SEQUENCE (89 Bytes)

| 02 81 81 ; INTEGER (81 Bytes)

| | 00

| | 8f e2 41 2a 08 e8 51 a8 8c b3 e8 53 e7 d5 49 50

| | b3 27 8a 2b cb ea b5 42 73 ea 02 57 cc 65 33 ee

| | 88 20 61 a1 17 56 c1 24 18 e3 a8 08 d3 be d9 31

| | f3 37 0b 94 b8 cc 43 08 0b 70 24 f7 9c b1 8d 5d

| | d6 6d 82 d0 54 09 84 f8 9f 97 01 75 05 9c 89 d4

| | d5 c9 1e c9 13 d7 2a 6b 30 91 19 d6 d4 42 e0 c4

| | 9d 7c 92 71 e1 b2 2f 5c 8d ee f0 f1 17 1e d2 5f

| | 31 5b b1 9c bc 20 55 bf 3a 37 42 45 75 dc 90 65

| 02 03 ; INTEGER (3 Bytes)

| 01 00 01

If the SEQUENCE contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If it is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For example, the second byte of the first line in the preceding example indicates that there is one trailing Length byte that specifies 0x9F bytes of content (most of the SEQUENCE is not shown). For more information, see Encoded Length and Value Bytes.

SET

A SET contains an unordered series of fields of one or more types. It is encoded into a TLV triplet that begins with a Tag byte of 0x31. The following example, adapted from the CMC Encoded ASN.1 topic, shows how a ClientId attribute is encoded in a SET data structure. The attribute can be specified by using the IX509AttributeClientId interface.

31 59 ; SET (59 Bytes)

30 57 ; SEQUENCE (57 Bytes)

06 09 ; OBJECT_ID (9 Bytes)

| 2b 06 01 04 01 82 37 15 14 ; 1.3.6.1.4.1.311.21.20

31 4a ; SET (4a Bytes)

30 48 ; SEQUENCE (48 Bytes)

02 01 ; INTEGER (1 Bytes)

| 09

0c 23 ; UTF8_STRING (23 Bytes)

| 76 69 63 68 33 64 2e 6a ; vich3d.j

| 64 6f 6d 63 73 63 2e 6e ; domcsc.n

| 74 74 65 73 74 2e 6d 69 ; ttest.mi

| 63 72 6f 73 6f 66 74 2e ; crosoft.

| 63 6f 6d ; com

0c 15 ; UTF8_STRING (15 Bytes)

| 4a 44 4f 4d 43 53 43 5c ; JDOMCSC\

| 61 64 6d 69 6e 69 73 74 ; administ

| 72 61 74 6f 72 ; rator

0c 07 ; UTF8_STRING

If the SET contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If it is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For more information, see Encoded Length and Value Bytes.