ANS'1, DER, BER

1
Lecture 8

• ANS.1, DER, BER
• Certificates
• Self-signed certificates

2
ASN.1

• Abstract syntax notation
• Globally unique identifiers for cryptgraphic
  objects
• Standard by ITU-T and ISO
• Each identifier is unique, each object has an
  unique identifier, but
• There may be several implementations of an
  algorithm with different identifiers

3
ASN.1 object identifiers

• OIDs
• Defines a unique handle for an object
• Example SHA256withRSA 1.2.840.113549.1.1.11
• iso(1) member-body(2) us(840) rsadsi(113549)
  pcks(1) pkcs-1(1) 11
• Three primary arcs (branches)
• ITU-T 0
• ISO 1
• ISO/ITU-T 2

4
ASN.1 object identifiers
ITU-T(0)
ISO(1)
ITU-T/ISO (2)

Standard(0)
Member-body (2)

Australia(36)
USA(840)

RSADSI(113549)
5
Module structure

• ModuleName ObjectIdentifier
• DEFINITIONS Tagging TAGS
• BEGIN
• EXPORTS export_list
• IMPORTS import_list
• body
• END

6
ModuleName and Tagging

• e.g.
• PKIXTSP iso(1) identified-organization (3) dod
  (6) internet(1) security (5) mechanisms(5)
  pkix(7) id-mod (0) id-mod-tsp(13)
• 1.3.6.1.5.5.7.0.13
• Tagging
• EXPLICIT
• IMPLICIT
• AUTOMATIC

7
Exports and imports

• Exports tells which definitions of this module
  can be used by others
• All, if omitted
• None if EXPORTS
• Imports tells which definitions are found
  elsewhere
• import_item FROM source
• None if omitted

8
body

• Define objects and new types
• name type value
• Eg. id-ct-TSTinfo OBJECT IDENTIFIER
• newType type
• Eg. TSAPolicyId OBJECT IDENTIFIER

9
ASN.1 types

• 3 gategories simple, string and structured
• String
• Raw bits
• Specific character encoding
• Structured types
• SET
• SEQUENCE

10
Simple types

• BOOLEAN
• ENUMERATED
• INTEGER
• NULL
• OBJECT IDENTIFIER
• UTCTime (2 digit year, 1 second resolution)
• GeneralizedTime (4 digit year, arbitrary
  resolution)

11
Charcter String types

• BMPString (Basic Multilingual Plane) 16
  bits/character
• NumericString (09)
• UniversalString (32 bit characters)

12
Structured types

• SEQUENCE and SET
• e.g. Counters SEQUENCE OF INTEGER
• e.g. DigestInfo SEQUENCE digestAlgorithm
  AlgorithmIdentifier, digest OCTET STRING
• e.g. InfoSET SET digestAlgorithm
  AlgorithmIdentifier, digest OCTET STRING

13
Annotations

• OPTIONAL
• May be missing
• DEFAULT
• If missing, the default value is used
• e.g. versionedData SEQUENCE version INTEGER
  DEFAULT 0, data OCTET STRING OPTIONAL

14
Tagging

• In case you receive a bit stream containing ASN
  object, you need to know how to parse it
• Tagging specifies how this is done
• Tag CLASS in an ASN object is specifies as
• UNIVERSAL 00 as bits 8 and 7
• CONTEXT-SPECIFIC 01
• PRIVATE 10
• APPLICATION 11
• You can ignore the two latter ones

15
Tagging

• 0x01 BOOLEAN
• 0x02 INTEGER
• 0x03 BIT STRING
• 0x04 OCTET STRING
• 0x05 NULL
• 0x06 OBJECT IDENTIFIER
• 0x0A ENUMERATED
• 0x0C UTF8String

16
Encodings

• DER Distinguished Encoding Rules
• BER Basic Encoding Rules
• CER Canonical Encoding Rules
• PER Packed Encoding Rules
• XER XML Encoding Rules
• DER and BER are common, others are here for
  reference

17
BER

• Basic encoding rules
• TLV Tag Length Value
• Three methods for encoding
• Primitive definite-lenght
• Constructed definite-length
• Constructed indefinite-length
• EXPLICIT tagging constructed methods
• IMPLICIT tagging default method for the
  specific object

18
Methods

• Primitive definite-lenght
• Known length
• Non constructe types
• Implicitly tagged objects
• Constructed definite-length
• Constructed types, length known a priori
• Initial byte with bit 6 set
• Constructed indefinite-length
• A priori knowledge on lenght not necessary
• End-of-content marker, 2 octets of value 0x00

19
DER

• Distinguished encoding rules
• Identical data within identical ASN.1 definitions
  reduce to identical binary encodings
• Use in digital signatures etc.
• Only definite-length is allowed
• Encoding lenght must be minimum possible
• Fields set to default value not included
• Objects of SET are sorted (ascending order)

20
Bouncy Castle ASN.1 API

• An API for handling ASN.1 encoded objects
• Readymade classes for encoding and handling
  objects
• org.bouncycastle.asn1
• org.bouncycastle.asn1.pkcs
• org.bouncycastle.asn1.x509
• org.bouncycastle.asn1.cms

21
Bouncy Castle ASN.1 API

• Objects starting with DER (in DER format)
• Objects starting with BER (in BER format)
• Inherit from objects starting with ASN1
• ASN1InputStream
• ASN1OutputStream
• DEROutputStream
• DERInputStream

22
Basic ASN.1 types

• BIT STRING DERBitString
• BMPString DERBMPString
• BOOLEAN DERBoolean
• ENUMERATED DEREnumerated
• GeneralizedTime DERGeneralizedTime
• GeneralString DERGeneralString
• SEQUENCE DERSequence, BERSequence, ASN1Sequence
• SET DERSet, BERSet, ASNSet

23
Defining your own ASN.1 object

• Example of using the BC ASN.1 API
• MyStructure.java
• MyStructureTest.java
• We can analyze an unknown ASN.1 object
• Example ASN1DumpExample.java

24
Some examples

• Encoding an IV IVExample.java
• A PKCS1 Singature PKCS1SigEncodingExample.java
• Encoded X509 Keys X509EncodedKeySpec.java