[转] DER编码和ASN.1

Posted Crysaty

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了[转] DER编码和ASN.1相关的知识,希望对你有一定的参考价值。

转载地址:http://blog.csdn.net/taolinke/article/details/6220403

 

DER(Distinguished Encoding Rules,可辨别编码规则)。

ASN.1抽象语法标记(Abstract Syntax Notation One) ASN.1是一种 ISO/ITU-T 标准,描述了一种对数据进行表示、编码、传输和解码的数据格式。

 

DER是ASN.1众多编码方案中的一个。

ASN.1 defines the abstract syntax of information but does not restrict the way the information is  encoded. Various ASN.1 encoding rules provide the transfer syntax (a  concrete representation) of the data values whose abstract syntax is  described in ASN.1.

The standard ASN.1 encoding rules include:

ASN.1 together with specific ASN.1 encoding rules facilitates the  exchange of structured data especially between application programs over networks by describing data structures in a way that is independent of  machine architecture and implementation language.

 

Application layer protocols such as X.400  electronic mail , X.500 and LDAP  directory services , H.323 (VoIP ), BACnet and SNMP use ASN.1 to describe the protocol data units (PDUs) they exchange. It is also extensively used in the Access and Non-Access Strata of UMTS . There are many other application domains of ASN.1 [ 1] .

 

A particularly useful new application of ASN.1 is Fast Infoset . Fast Infoset is an international standard that specifies a binary encoding format for the XML Information Set (XML Infoset ) as an alternative to the XML document format. It aims to provide more efficient serialization than the text-based XML format.

Example

Data structures of FooProtocol defined using the ASN.1 notation:

FooProtocol DEFINITIONS ::= BEGIN 
 
    FooQuestion ::= SEQUENCE { 
        trackingNumber INTEGER, 
        question       IA5String 
    } 
 
    FooAnswer ::= SEQUENCE { 
        questionNumber INTEGER, 
        answer         BOOLEAN 
    } 
 

This could be a specification published by creators of Foo protocol.  ASN.1 does not define conversation flows. This is up to the textual  description of the protocol.

Assuming a message, which complies with Foo protocol and which will be sent to the receiving party. This particular message (PDU ) is:

 
myQuestion FooQuestion ::= { 
    trackingNumber     5, 
    question           "Anybody there?" 
} 
 

To send the above message through the network one needs to encode it to a string of bits . ASN.1 defines various algorithms to accomplish that task, called  Encoding rules. There are plenty of them; one of the simplest is Distinguished Encoding Rules (DER) .

The Foo protocol specification should explicitly name one set of  encoding rules to use, so that users of the Foo protocol know which one  they should use.

[editExample encoded in DER

Below is the data structure shown above encoded in the DER format (all numbers are in hexadecimal):

 

30 -- tag indicating SEQUENCE 
13 -- length in octets 
 
02 -- tag indicating INTEGER 
01 -- length in octets 
05 -- value 
 
16 -- tag indicating IA5String 
0e -- length in octets 
41 6e 79 62 6f 64 79 20 74 68 65 72 65 3f -- value  
 

(Note: DER uses a pattern of tag-length-value triplets)

So what one actually gets is the string of 21 octets:

 

30 13 02 01 05 16 0e 41 6e 79 62 6f 64 79 20 74 68 65 72 65 3f 

The scope of ASN.1 and DER ends here. It is possible to transmit the encoded message to the party by any means (utilizing TCP or any other protocol). The party should be able to decode the octets back using DER.

("Anybody there?" in ASCII)

以上是关于[转] DER编码和ASN.1的主要内容,如果未能解决你的问题,请参考以下文章

密码学系列 - DER编码

DER 和 PEM 中的 ASN.1 关键结构

数字证书编码ASN.1

ASN.1 SEQUENCE 标签号编码

数字证书编码ASN.1

识别证书是 der 编码还是 base 64 编码