免責聲明

Disclaimer (免責聲明)
繼續閱覽代表您接受以上的免責聲明.
To continue reading means you accept the above disclaimer.

2010年6月2日 星期三

asn, ber, der again

//===  BER encoding == Type(Tag) + Length + Value(Contents)
Type(Tag) : 佔掉1個byte
Length : 佔掉1~5(?)個bytes
Value(Contents): 所佔的bytes 由Length field 來決定

常用的Type :
0x03 == Bit String
0x04 == Octet String



//===  Example  of  BIT STRING with value "0101-1110-0100-1111-0111-1"
DER encoding (padding "000") :
0x 03(stands for type Bit String)  04(length in bytes)  03(3 padding bits) 5e 4f 78  
--> 0x 03 04 03 5e 4f 78


 


//=== short form / long form of  length field of BER-TLV
Short form:  the length field consists of a single byte where the bit B8 shall be set to 0 and the bits B7-B1 stands for the number of bytes in the value field. Any length from 0-127 is encoded by 1 byte.

Long form:  the length field consists of a leading byte where the bit B8 shall be set to 1 and the B7-B1 shall not be all equal(i.e 1111-1111, 1000-0000 are not allowed), B7-B1 stands for the number of subsequent bytes in the "length" field. Those subsequent bytes shall encode an integer equal to the number of bytes in the value field.
Any length within ushort  (up to 65535= 0xFFFF) can thus be encoded by 3 bytes.

Example:  if the value is  500-byte long (0x 01 F4), then the encoded length will consist of
three bytes: 82 01 F4.

Neither DER nor ISO/IEC 7816  use the indefinite lengths specified by the BER(basic encoding rules) of ASN.1





 
//===
"... DER adds the following restrictions to the rules given in Section 3:
  • When the length is between 0 and 127, the short form of length must be used
  • When the length is 128 or greater, the long form of length must be used, and the length must be encoded in the minimum number of octets.
  • For simple string types and implicitly tagged types derived from simple string types, the primitive, definite-length method must be employed.
  • For structured types, implicitly tagged types derived from structured types, and explicitly tagged types derived from anything, the constructed, definite-length method must be employed.
...
"

//=== BER encoding for BitString :

Primitive or constructed.

P/C is the primitive/constructed bit: Bit 6 of the first byte(Type byte) ,  it specifies if the value is primitive(integer, byte, bool, ..  or constructed type which holds TLV values like a SET.
If P/C bit is "on" , it indicates a constructed type.



Padding:
  • The bit string is padded with zero to seven bits of "any value" to make the length of the bit string a multiple of eight.
  • If the length of the bit string is a multiple of eight already, no padding is done.

 
"Primitive" encoding :
  • The first "contents octet" gives the number of bits by which the length of the bit string is less than the next multiple of eight (this is called the "number of unused bits").  == the number of padded bits for Bit String
  • The second and following contents octets give the value of the bit string, converted to an octet string.

  
"Constructed" encoding:
??? the contents octets give the "concatenation" of the BER encodings of consecutive substrings of the bit string, where each substring except the last has a length that is a multiple of eight bits.



Example: The BER encoding of the Bit String value "0110-1110-0101-1101-11"

 
  
DER encoding  : 03 04 06 6e 5d c0


 
padded with "100000"  : 03 04 06 6e 5d e0

   
long form of length octets : 03 81 04 06 6e 5d c0



constructed encoding: "0110111001011101" + "11"  
23 09 +
03 03 00 6e 5d +
03 02 06 c0
[ref]
http://luca.ntop.org/Teaching/Appunti/asn1.html
http://en.wikipedia.org/wiki/Basic_Encoding_Rules
http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-d.aspx#AnnexD_3
https://www.opends.org/wiki/page/DefBasicEncodingRules

沒有留言:

張貼留言