On Tue, Jun 21, 2022 at 1:59 PM Aaron Gable <[email protected]> wrote: > > I just had to do a bunch of digging to fully understand what's going on here, > so I figured I'd share for the benefit of everyone else. > > The keyUsage extension bitstring in these certificates is encoded as 03 03 07 > 06 00. Those bytes are interpreted as follows: > 03: This item is a BIT STRING > 03: This item has a length of 3 bytes > 07: The least significant 7 bits of the remaining bytes should be ignored > 06 00: The bits 0000 0110 0XXX XXXX (with Xs representing ignored bits as > indicated by the 07 byte) > This means that the final keyUsage bitstring is 000001100. This has a length > of 9 bits, which makes some sense given that there are 9 possible bits > (indexed 0 through 8) that can be set in the keyUsage extension > specification. This bit string indicates the keyCertSign (5) and crlSign (6) > key usages. > > However, there is another (shorter!) way to encode the exact same value. > There are two zero-bits at the end of that nine-bit string, so it could > instead be encoded as 03 02 01 06: > 03: This item is a BIT STRING > 02: This item has a length of 2 bytes > 01: The least significant 1 bit of the remaining byte should be ignored > 06: The bits 0000 011X > This results in a keyUsage bit string of 0000011, which also equivalently > indicates the keyCertSign (5) and crlSign (6) key usages.
A small nit about this... The ITU standards says (from X.690, Section 6.2): For the purposes of this Recommendation | International Standard only, the bits of an octet are numbered from 8 to 1, where bit 8 is the "most significant bit", and bit 1 is the "least significant bit" RFC 5280, Section 4.2.1.3, calls out bits but does not specify where the msb is located, or where the lsb is located. I think that means according to X.690, 0000011 would assert digitalSignature (bit 0) and nonRepudiation (bit 1). It would be helpful if RFC 5280 said what the bit positions are when they say "bit 0", "bit 1", etc. Jeff -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAH8yC8nkRf8KygzGFZMUPeqYFmZKhV8kJ9NA5e1xArag8%2B-ceg%40mail.gmail.com.
