Introduction
Before we talked about the excellent data description language ASN.1, many protocol standards are described using ASN.1. For ASN.1, it is not enough to define the description of the data, it also specifies how the message is encoded so that it can be communicated between different machines.
ASN.1 supports a series of encoding rules, such as BER, DER, CER, etc. And X.690 is an ITU-T standard, which contains some rules for encoding ASN.1.
Some people want to ask, then what is ITU-T?
The full name of ITU-T is International Telecommunication Union Telecommunication Standardization Sector, which is the ITU Telecommunication Standardization Sector, which is mainly used to coordinate telecommunication and information and communication technology standards.
X.690 mainly includes three encoding rules: Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER).
Next, let's look at the implementation details of these encoding rules.
BER encoding
The full name of BER is Basic Encoding Rules, which is the earliest encoding rule, using the Tag-Length-Value (TLV) format to encode all information.
In BER, each data element is encoded as a type identifier, a length description, the actual data element, and an optional end-of-content tag, as follows:
| type identifier | length | The actual data | end of content tag |
|---|---|---|---|
| Type | Length | Value | Only used in the case of indeterminate length |
All encodings are in bytes.
type identifier
The types of ASN.1 are as follows. The following table lists the relationship between the types in ASN.1 and the corresponding decimal:
| type name | Basic type or composite type | Number (decimal) |
|---|---|---|
| End-of-Content (EOC) | base type | 0 |
| BOOLEAN | base type | 1 |
| INTEGER | base type | 2 |
| BIT STRING | Both are possible | 3 |
| OCTET STRING | Both are possible | 4 |
| NULL | base type | 5 |
| OBJECT IDENTIFIER | base type | 6 |
| Object Descriptor | Both are possible | 7 |
| EXTERNAL | Combination type | 8 |
| REAL (float) | base type | 9 |
| ENUMERATED | base type | 10 |
| EMBEDDED PDV | Combination type | 11 |
| UTF8String | Both are possible | 12 |
| RELATIVE-OID | base type | 13 |
| TIME | base type | 14 |
| Reserved | 15 | |
| SEQUENCE and SEQUENCE OF | Combination type | 16 |
| SET and SET OF | Combination type | 17 |
| NumericString | Both are possible | 18 |
| PrintableString | Both are possible | 19 |
| T61String | Both are possible | 20 |
| VideotexString | Both are possible | twenty one |
| IA5String | Both are possible | twenty two |
| UTCTime | Both are possible | twenty three |
| GeneralizedTime | Both are possible | twenty four |
| GraphicString | Both are possible | 25 |
| VisibleString | Both are possible | 26 |
| GeneralString | Both are possible | 27 |
| UniversalString | Both are possible | 28 |
| CHARACTER STRING | Combination type | 29 |
| BMPString | Combination type | 30 |
| DATE | base type | 31 |
| TIME-OF-DAY | base type | 32 |
| DATE-TIME | base type | 33 |
| DURATION | base type | 34 |
| OID-IRI | base type | 35 |
| RELATIVE-OID-IRI | base type | 36 |
The above are the types and corresponding values in ASN.1. Next we look at how these types are encoded.
ASN.1 is in bytes, and a byte is 8bits, of which 7-8bits represent Tag class. 2 bits can represent 4 classes, as follows:
| class | value | describe |
|---|---|---|
| Universal | 0 | ASN.1 native type |
| Application | 1 | This type is only valid for one specific application |
| Context-specific | 2 | This type depends on the context |
| Private | 3 |
6bit indicates whether this type is a simple type or a combined type, 0 is used for simple type, and 1 is used for combined type.
There are 5 bits left, which can represent 32 different values, but for ASN.1, its type is beyond the range of 32, so these 5 bits are only used to represent the range of values from 0-30. As follows:
If you want to represent values beyond the 30 range, you can use two bytes, as follows:
The 1-5 bits of the previous byte are all represented by 1, the 8th bit of the next byte is represented by 1, and the remaining 7 bits are used to represent the real value.
length
Type encoding is followed by length encoding. There are two formats for length encoding, one is length with a certain length, and the other is length with an indeterminate length.
If the length of the data is predictable, then we can use a definite-length encoding form, and if the length is indeterminate, then an indeterminate-length encoding form can be used.
Let's look at the different types of length encodings:
First of all, if the length is determined and the length is relatively short, then when the 8bit bit is set to 0, the remaining 7 bits can represent the length in the range of 0-127.
If the length exceeds 127, it can be set to 1 in 8bit, and the remaining 7 bits represent the number of bytes to store the length later, and the range of the number of bytes is (1-126).
If it is a non-fixed length, then the 8bits are set to 1, and the remaining 7bits are set to 0.
All bits set to 1 are reserved values.
In the case of non-fixed length, if the content ends, an additional End-of-Contents represented by byte needs to be attached to indicate that the non-fixed-length encoding has ended.
content
Contents is the byte field following the length. The length of Contents can be 0, indicating that there is no Contents content.
Overall, BER encoding is composed of type + length + specific content fields.
CER encoding and DER encoding
The full name of CER is Canonical Encoding Rules, and the full name of DER is Distinguished Encoding Rules. These two codes are derived from BER, and they are all variants of BER.
Why are there two variants? First consider the definition of BER. BER is Basic Encoding Rules, which is a very basic encoding rule. In many cases, no specific encoding implementation rules are provided, so specific implementers need to extend the basic protocol by themselves.
Correspondingly, if an implementer declares that it supports the BER encoding protocol, it means that the implementer needs to support all possible variant encoding rules of BER.
BER provides us with a basic standard that is highly scalable. Although we often refer to scalability in architecture or system applications, in some cases, variability and scalability are not what we want. of. For example, in cryptography, we want the encoding rules to be fixed. In this case, CER and DER encodings are required.
Both CER and DER encodings are extensions of BER. Compared with BER, they only specify a specific encoding rule, so they are more deterministic.
Compared with DER, CER uses an indeterminate-length format, while DER uses a definite-length format. This means that DER always contains the leading length information, while CER uses a byte content terminator to indicate the end of the encoding.
In addition, in DER, Bit string, octet string and restricted string must use the basic type, can not use the composite type.
DER is widely used in digital certificates, such as X.509.
Summarize
The above is the detailed explanation of X.690 and the corresponding BER CER DER encoding. After reading this article, you have learned another language, oh yeah!
For more information, please refer to http://www.flydean.com/47-x690-ber-cer-der/
The most popular interpretation, the most profound dry goods, the most concise tutorials, and many tricks you don't know are waiting for you to discover!
Welcome to pay attention to my official account: "Program those things", understand technology, understand you better!
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。