Re: questions about ASN.1

On 24 Nov 2006 08:35:13 -0800, yawnmoth <terra1024@xxxxxxxxx> wrote:

Corrections always appreciated, but here goes...

In programming, a serialized object is one that has been turned into a
string - a string that can be saved in a database, in a *.txt file, or
whatever. Is ASN.1 basically just a serialization technique?

No. It's a way to describe data structures independent
of any programming language or serialization technique.
The notation itself is machine-readable and can be fed
into ASN.1 compilers to produce skeleton code implementing
the actual serialization.

The encoding rules (e.g. BER) are what define the
actual serialization.

Also, wikipedia.org provides an example of a ASN.1 using DER:

http://en.wikipedia.org/wiki/Asn.1#Example_encoded_in_DER

The first byte represents SEQUENCE and the second byte represents the

To be more accurate, the BER/DER encoding rules use "octet"
and not byte, an important distinction.

length of everything else. How does at ASN.1 decoder know that just
one byte is being used?

For the identifier octet, it's defined that way. (There's
also a form that uses more than one octet, but that can be
ignored for now.)

If I had 256 bytes of data, the length would
be two bytes (0x01, 0x00). How would an ASN.1 decoder know this?

In BER/DER, if the high-bit of the first length octet is set,
it tells the decoder the remaining 7 bits give the number of
following length octets. A length-of-the-length, if you will.

Section 8.1.3 of
<http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf>
suggests the length field ends when a bytes "first" digit is a 0 and
that only the last seven bits are actually used to store the number.
Does this mean that 256 would be represented as 1000 0010 0000 0000 =
0x82, 0x00? (I assume the most significant bit comes first)

Also, in section 8.1.2 of
<http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf>,
the construction of Identifier octets is described. Examples,
unfortunately, are lacking. How does the wikipedia example get, for
example, that 30 is a tag indicating SEQUENCE,

SEQUENCE is of UNIVERSAL class (there are also PRIVATE,
APPLICATION, and CONTEXT-SPECIFIC), identified by the tag
16 (decimal). It's also a constructed type. The bits
are layed out:


bit: 8 7 6 5 4 3 2 1

0 0 1 1 0 0 0 0 = 0x30

|___| | |_______________|
| | |
| | +- 16, for SEQUENCE
| |
| +- set, for constructed types
|
+- 0, for UNIVERSAL class



that 02 is a tag
indicating INTEGER,

INTEGER is of UNIVERSAL class, primitive (i.e. not constructed),
identified by the value 2.

and that 1a is a tag indicating VisibleString?

Left as an exersize to the reader.

Finally, wikipedia.org's entry on ASN.1 suggests that there are a few
encoding methods above and beyond just DER. BER,

DER (Distinct Encoding Rules) is the same as BER (Basic
Encoding Rules) but with restrictions imposed on how to
encode things, so that you only get one possible way to
encode a value(s).

CER, XER, etc. Where
might I find examples of these encoding methods in use?

I don't know about CER and XER, but one place to get
BER/DER examples (and some general basics) is from
this "layman's" guide:

http://www.columbia.edu/~ariel/ssleay/layman.html


Jeff

.