DER编码 - 如何将隐式标记转换为显式标记 [英] DER encoding - How to convert implicit tag to explicit tag
问题描述
我有一个X.509证书,包含一组带有以下IMPLICIT [0]标签的数据:
A0 81 C6(value)...
我有一个标准文档的摘录:
IMPLICIT [0]标签不用于
DER编码,而是使用EXPLICIT
SET OF标签。也就是说,EXPLICIT SET OF标签的DER
编码,
而不是IMPLICIT [0]标签
必须与长度
和内容字节一起被包括值。
我已经做了很多搜索,但我无法确定标准是什么。我正在寻找一些澄清。
编辑:
这是我所遵循的标准: http://tools.ietf.org/html/rfc3852
我在尝试验证X.509签名,我需要计算消息摘要来做这个。此证书在SignerInfo类型中包括可选的SignedAttributes。我已经散列了签名的内容,并验证了SignedAttributes中的消息摘要是否正确。标准说如果SignedAttributes存在,它应该被散列和加密以创建证书的签名。该标准还说明SignedAttributes的标签应该如原始问题中所讨论的那样改变。
这里是SignerInfo的Asn.1语法:
SignerInfo :: = SEQUENCE {
version CMSVersion,
sid SignerIdentifier,
digestAlgorithm DigestAlgorithmIdentifier,
SignedAttributes可选,
signatureAlgorithm SignatureAlgorithmIdentifier,
签名SignatureValue,
unsignedAttrs [1] IMPLICIT UnsignedAttributes可选}
SignerIdentifier :: = CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier}
SignedAttributes :: = SET SIZE(1..MAX)OF属性
UnsignedAttributes :: = SET SIZE(1..MAX)OF属性
Attribute :: = SEQUENCE {
attrType OBJECT IDENTIFIER,
attrValues SET OF AttributeValue}
AttributeValue :: = ANY
SignatureValue :: = OCTET STRING
我不知道如何解释这个评论。你在读什么标准?你有结构的ASN.1语法吗?
一个显式的标签就像一个底层类型的包装器。例如,底层类型可能是SEQUENCE。它使用通用SEQUENCE标记0x30编码。但是为了避免在闭包结构中如何解释SEQUENCE的歧义,它被包装在具有上下文特定标签的EXPLICIT结构中。
我猜它们的意思是一个像 [0] EXPLICIT SET OF的语法foo ,其中(使用原始问题的示例作为值)将编码为(十六进制) A0 81 C9 31 81 C6(值)... A0 )的原始值具有已重新标记为通用SET OF( 31 )。
Okay,在这种情况下,我认为它们的意思是,当你签署属性,而不是使用隐式标签,签名计算在SET OF标签。如果这就是他们的意思,投入EXPLICIT真的混浊的水域,但无论如何。如果是这种情况,则编码将简单地 31 81 C6(value)... (用通用SET OF 0x31替换上下文特定的0xA0) p>
I have an X.509 certificate that contains a set of data with the following IMPLICIT [0] tag:
A0 81 C6 (value)...
And I have this excerpt from a standards document:
The IMPLICIT [0] tag is not used for the DER encoding, rather an EXPLICIT SET OF tag is used. That is, the DER encoding of the EXPLICIT SET OF tag, rather than of the IMPLICIT [0] tag, MUST be included along with the length and content octets of the value.
I've done a lot of searching around, but I can't figure out exactly what the standard is calling for. I'm looking for a bit of clarification.
EDIT: Here is the standard I am following: http://tools.ietf.org/html/rfc3852
I am trying to verify the X.509 signature and I need to calculate the message digest to do this. This certificate includes the optional SignedAttributes in the SignerInfo type. I have hashed the signed content and verified that the message digest in the SignedAttributes is correct. The standard says that if the SignedAttributes is present, it should be hashed and encrypted to create the cert's signature. The standard also says that the tag of the SignedAttributes should be changed as discussed in the original question.
Here is the Asn.1 Grammar for the SignerInfo:
SignerInfo ::= SEQUENCE {
version CMSVersion,
sid SignerIdentifier,
digestAlgorithm DigestAlgorithmIdentifier,
signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
signatureAlgorithm SignatureAlgorithmIdentifier,
signature SignatureValue,
unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
SignerIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier }
SignedAttributes ::= SET SIZE (1..MAX) OF Attribute
UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute
Attribute ::= SEQUENCE {
attrType OBJECT IDENTIFIER,
attrValues SET OF AttributeValue }
AttributeValue ::= ANY
SignatureValue ::= OCTET STRING
I'm not sure how to interpret that comment. What standard are you reading? Do you have the ASN.1 grammar for the structure?
An explicit tag is like a wrapper around some underlying type. For example, the underlying type might be a SEQUENCE. It is encoded with the universal SEQUENCE tag, 0x30. But to avoid ambiguity in how the SEQUENCE should be interpreted in the enclosing structure, it is wrapped in an EXPLICIT structure with a context-specific tag. It's not clear from the snippet above what that tag is.
I'm guessing what they mean is a syntax like [0] EXPLICIT SET OF foo, which (using the example from the original question as a value) would be encoded as (hex) A0 81 C9 31 81 C6 (value) ...
Note that the original value that was tagged with a context-specific zero (A0) has been re-tagged with a universal SET OF (31).
Okay, in this case, I think what they mean is that when you sign the attributes, instead of using the implicit tag, the signature is computed over the SET OF tag. If that's what they mean, throwing in "EXPLICIT" really muddied the waters, but whatever. If that's the case, then the encoding would be simply 31 81 C6 (value) ... (replace the context-specific 0xA0 with a universal SET OF 0x31).
这篇关于DER编码 - 如何将隐式标记转换为显式标记的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
