Re: DER encoding SubjectPublicKeyInfo

Marek . Marcola Mon, 21 Apr 2008 15:10:28 -0700

Hello,

[EMAIL PROTECTED] wrote on 04/21/2008 10:45:18 PM:


> 
> Hi,
> 
> I need to DER encode an RSA public key as a SubjectPublicKeyInfo. The 
ASN.1 definition 
> of SubjectPublicKeyInfo is
>    SubjectPublicKeyInfo  ::=  SEQUENCE  {
>         algorithm            AlgorithmIdentifier,
>         subjectPublicKey     BIT STRING  }
> 
> According to rfc 3279, the bit string subjectPublicKey should hold the 
DER encoding of 
> the following ASN.1 defintion:
>       RSAPublicKey ::= SEQUENCE {
>          modulus            INTEGER,    -- n
>          publicExponent     INTEGER  }  -- e
> 
> In order to achieve this encoding I tried to call i2d_X509_PUBKEY(). The 
DER output of 
> this function for an RSA test key is:
> 0x30   0x81   0x9f   0x30   0x0d   0x06   0x09   0x2a
> 0x86   0x48   0x86   0xf7   0x0d   0x01   0x01   0x01
> 0x05   0x00   0x03   0x81   0x8d   0x00   0x30   0x81
> 0x89   0x02   0x81   0x81   0x00   0xac   0xaa   0x98
> 0xf8   0xeb   0x58   0x8c   0x0d   0xec   0xf3   0xbe
> 0xd4   0xd0   0xd0   0xe8   0x0a   0x4d   0x02   0x70
> 0x30   0xa1   0x1f   0xea   0xa1   0x02   0xaa   0x9d
> 0xb0   0x16   0x91   0x8a   0x39   0xfe   0x79   0x9a
> 0xf3   0x46   0xbb   0xc9   0x49   0x23   0x9d   0x37
> 0xa5   0x13   0xe6   0x2f   0x9e   0xe3   0x94   0xfb
> 0x31   0xd9   0x8d   0x80   0x79   0x7d   0xbe   0xdf
> 0x1e   0xf4   0x88   0x6c   0x45   0xc6   0x3e   0xbf
> 0x4c   0x93   0x58   0xe9   0x5c   0x7a   0x63   0xd5
> 0x9e   0xb1   0x23   0xf0   0x43   0x50   0x23   0x0d
> 0xe8   0xc6   0x9f   0x40   0x79   0x3e   0x5a   0x15
> 0xf0   0x4a   0x1a   0x68   0xc5   0xdb   0xb1   0x69
> 0x9b   0x5d   0x5c   0x6c   0x12   0x1b   0xaa   0x24
> 0x36   0x15   0x11   0x45   0x12   0xe5   0x37   0x85
> 0xa4   0xa8   0x59   0xeb   0x2b   0x2c   0xc4   0x14
> 0xa4   0x70   0x11   0x72   0x51   0x02   0x03   0x01
> 0x00   0x01
> 
> What type encoding is 0x30? I was expecting to see 0x10 (the type value 
for SEQUENCE).
ASN.1 encodes objects as TLV (tag, length, value).
Tag is constructed with class, type, object value.
If object value is less then 31 all this information is encoded
in one byte  (class - 2bits, type - 1bit, object value - 5bits).
Because ASN.1 SEQUENCE has value of 0x10 (which is less then 31)
all this is encoded in one byte as:

ASN_CLASS_UNIVERSAL | ASN_TYPE_CONSTRUCTED | ASN_OBJECT_SEQUENCE 

where:
ASN_CLASS_UNIVERSAL = 0x00
ASN_TYPE_CONSTRUCTED = 0x20
ASN_OBJECT_SEQUENCE = 0x10

which gives you 0x30

Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Re: DER encoding SubjectPublicKeyInfo

Reply via email to