ASN.1: Introduction Zdeněk Říha ASN.1 lAbstract Syntax Notation 1 lnotation for describing abstract types and values lDefined in ITU-T X.680 … X.695 lUsed in many file formats, including crypto lPublic keys, private keys lCertificate requests, certificates lDigital signatures, padding, encrypted files ASN.1 lAllows format/storage/transmission of data lCompatible among many applications lNot dependent on HW platform lE.g. little/big endian lNot dependent on operating system l lSimple & Structured types lMultiple encoding rules (methods) ASN.1 – Types ASN.1 – simple types lInteger lsigned integer (there’s no unsigned integer) lBit string lThe number of bits does not have to be a multiple of 8 lOctet string lan arbitrary string of octets lNULL lNo data (used in parameters) lPringtableString, IA5String, UTF8String, … lStrings – the sets of characters are various lUTCTime lTime l ASN.1 – OID type lObject identifier (OID) lSequence of integer components that identify an object lAssigned in a hierarchical way lExample lsha-1WithRSAEncryption = 1.2.840.113549.1.1.5 liso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 5 l ASN.1 – structured types lSEQUENCE lan ordered collection of one or more types lSEQUENCE OF lan ordered collection of zero or more occurrences of a given type lSET lan unordered collection of one or more types lSET OF lan unordered collection of zero or more occurrences of a given type ASN.1 Encoding Rules lXML – oriented formats lXER (XML Encoding Rules) lByte-oriented formats lBER (Basic Encoding Rules) lCER (Canonical Encoding Rules) – subset of BER lDER (Distinguished Encoding Rules) – subset of BER lUsed for crypto files lBit-oriented formats lPER (Packed Encoding Rules) lVerbose, human readable formats lGSER (Generic String Encoding Rules) BER encoding lTLV – Tag Length Value lAll the data is encoded using a simple TLV format lTag – what kind of data it is lLength – the length of the data lValue – the data itself lExample l02 01 05 [hexadecimal values] lTag – Integer lLength of data – 1 byte lData: (positive integer) 5 Nested data lSEQUENCE is similar to struct/record l30 09 02 01 05 04 02 FF FF 05 00 l30 09 – sequence of length 9 bytes l02 01 05 – integer 5 l04 02 FF FF – octet string FF FF l05 00 – NULL (no data) BER tags lTag encoding l l lClass l l l lTag number lBits 1-5 lIf all bits are 1 then the tag continues in the following byte(s) class class Constructed? Tag # BER length llength >=0 && length <= 127 lThe length is coded directly lE.g. ’05’ lOtherwise the bit 8 is set, bits 1-7 code the number of bytes that specify the length lE.g. 255 -> ‘81’ ‘FF’ lE.g. 256 -> ’82’ ‘01’ ‘00’ or also ’83’ ‘00’ ‘01’ ‘00’ lBER x DER l‘80’ is “indefinite” length lNot allowed in DER BER value lThe data itself lDependent on data type lInteger: signed – e.g. 128 -> ’00 80’ lOctet string: directly the data lBit string: number of unused bits + padded bit string to a multiple of 8 bits (padding is at the end) lUTCTime: string of one of the forms First look at the binary DER file < CSCA_CZE.crt DER vs. PEM lPEM lPrivacy Enhanced Mail lPEM as such not used, but formats still used lTextual formats lPractical for transport channels where full 8bit data can be damaged lPEM is base64 coded DER enveloped with l-----BEGIN SOMETHING----- l-----END SOMETHING----- lWhere SOMETHING is CERTIFICATE/PKCS7/KEY… l Sample PEM file < CSCA_CZE.pem ASN.1 viewers lUnber (part of asn1c) lOpenssl asn1parse lASN.1 Editor l… l OpenSSL asn1parse < CSCA_CZE.crt unber < CSCA_CZE.crt Manual viewing/processing l30 82 04 f2 lSEQUENCE llength 1266B l30 82 03 26 lSEQUENCE llength 806B lA0 03 lCONTEXT SPECIFIC 0 lLength 3B l02 01 02 lINTEGER: 2 l < CSCA_CZE.crt ASN.1 Editor < CSCA_CZE.crt ASN.1 Grammar lTo understand the structure (what is the meaning of particular fields) we need ASN.1 grammar l ASN.1 – RSA keys Source: PKCS#1 < RSA.key