Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (69)
EC Keys (577)
Firefox (31)
General (12)
Google Chrome (25)
Intermediate CA (152)
Java VM (33)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (22)
OpenSSL (237)
Other (7)
Portecle (38)
Publishers (2704)
Revoked Certificates (30)
Root CA (89)
RSA Keys (2229)
Tools (46)
Tutorial (3)
What Is (22)
Windows (129)
Collections:
Other Resources:
OpenSSL "ans1parse" - DER (Distinguished Encoding Rules)
What is the DER (Distinguished Encoding Rules) encoding used in the OpenSSL "asn1parse" command?
✍: FYIcenter.com
DER (Distinguished Encoding Rules) is an encoding schema to convert
an ASN.1 data structure into a binary string. In other words,
DER is a serialization schema for the ASN.1 data structure.
DER is one the three encodings defined in the X.690 standard: Basic Encoding Rules (BER), Canonical Encoding Rules (CER), and Distinguished Encoding Rules (DER)
DER encoding schema can summarized at a high level as below:
1. Each ASN.1 field is encoded with a triplets of 3 byte sequences: TLV (Tag Length Value).
2. If the ASN.1 field is a constructed field, the Value byte sequence is the concatenation of DER encodings of it members: TL(TLV...).
3. The Tag byte sequence uses 1 byte for the 30 (ox1E) universal field types
4. For non-universal (custom) field types, multiple bytes are used for the Tag byte sequence in the format of of 0bxxx11111-1yyyyyyy-...-0yyyyyyy,
5. The Length byte sequence uses 1 type for values with 127 bytes or less.
6. For values with 128 bytes or more, multiple bytes are used for the Length byte sequence in the format of 0b1xxxxxxx-yyyyyyyy-yyyyyyyy-.... "xxxxxxx" stores the number of "yyyyyyyy" bytes, which stores the actual length.
6. The Value byte sequence encodes the field value depending on the filed type.
See X.690 standard for more details.
⇒ OpenSSL "ans1parse" - RSA Private Key in ASN.1 Structure
2016-09-28, 7254👍, 0💬
Popular Posts:
Certificate Summary: Subject: Entrust Certification Authority - L1K Issuer: Entrust Root Certificati...
Certificate summary - Owner: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, L=Sal...
Certificate summary - Owner: dynamic.12306.cn, ????????, Sinorail Certification Authority, CN Issuer...
How to import a root CA certificate into Google Chrome? I delete it from earlier, but I have a copy ...
Certificate summary - Owner: reg.163.com, Terms of use at www.verisign.com/rpa (c)05, Technical Gene...