RE: DER encoding SubjectPublicKeyInfo

Tue, 22 Apr 2008 09:24:27 -0700 

Right, I had missed that algorithm identifier is a sequence. Now it makes 
sence. Thanks!

--
R
----------------------------------------
> From: [EMAIL PROTECTED]
> To: openssl-users@openssl.org
> Subject: Re: DER encoding SubjectPublicKeyInfo
> Date: Tue, 22 Apr 2008 14:39:34 +0200
> 
> you can see using the lengths the second sequence contains only
> algoritm oid and parameters (in this case NULL parameters). This is
> AlgorithmIdentifier.
> Below the bit string contains the der encoding of subjectPublicKey
> (encoded).
> 
> 
> Francesco Petruzzi
> 
> [EMAIL PROTECTED]
> 
> 
> ----- Original Message ----- 
> From: "Roger Boden" 
> To: 
> Sent: Tuesday, April 22, 2008 11:43 AM
> Subject: RE: DER encoding SubjectPublicKeyInfo
> 
> 
> 
> Thanks, that explains the 0x30 tag value. What about the DER encoding? Is
> that correct?
> The 'openssl asn1parse' output of the DER encoding is:
>     0:d=0  hl=3 l= 159 cons: SEQUENCE
>     3:d=1  hl=2 l=  13 cons: SEQUENCE
>     5:d=2  hl=2 l=   9 prim: OBJECT            :rsaEncryption
>    16:d=2  hl=2 l=   0 prim: NULL
>    18:d=1  hl=3 l= 141 prim: BIT STRING
> 
> To me this does not look correct. There is a NULL object that should not be
> there. Also the algorithm identifier and the bit string should be in the
> same sequence.
> 
> What ASN.1 type is  i2d_X509_PUBKEY() supposed to encode? Is this a bug in
> this function, or am I using the wrong API?
> 
> Regards Roger
> 
> ----------------------------------------
>> To: openssl-users@openssl.org
>> Subject: Re: DER encoding SubjectPublicKeyInfo
>> From: [EMAIL PROTECTED]
>> Date: Tue, 22 Apr 2008 00:09:21 +0200
>>
>> Hello,
>>
>> [EMAIL PROTECTED] wrote on 04/21/2008 10:45:18 PM:
>>
>>>
>>> Hi,
>>>
>>> I need to DER encode an RSA public key as a SubjectPublicKeyInfo. The
>> ASN.1 definition
>>> of SubjectPublicKeyInfo is
>>>    SubjectPublicKeyInfo  ::=  SEQUENCE  {
>>>         algorithm            AlgorithmIdentifier,
>>>         subjectPublicKey     BIT STRING  }
>>>
>>> According to rfc 3279, the bit string subjectPublicKey should hold the
>> DER encoding of
>>> the following ASN.1 defintion:
>>>       RSAPublicKey ::= SEQUENCE {
>>>          modulus            INTEGER,    -- n
>>>          publicExponent     INTEGER  }  -- e
>>>
>>> In order to achieve this encoding I tried to call i2d_X509_PUBKEY(). The
>> DER output of
>>> this function for an RSA test key is:
>>> 0x30   0x81   0x9f   0x30   0x0d   0x06   0x09   0x2a
>>> 0x86   0x48   0x86   0xf7   0x0d   0x01   0x01   0x01
>>> 0x05   0x00   0x03   0x81   0x8d   0x00   0x30   0x81
>>> 0x89   0x02   0x81   0x81   0x00   0xac   0xaa   0x98
>>> 0xf8   0xeb   0x58   0x8c   0x0d   0xec   0xf3   0xbe
>>> 0xd4   0xd0   0xd0   0xe8   0x0a   0x4d   0x02   0x70
>>> 0x30   0xa1   0x1f   0xea   0xa1   0x02   0xaa   0x9d
>>> 0xb0   0x16   0x91   0x8a   0x39   0xfe   0x79   0x9a
>>> 0xf3   0x46   0xbb   0xc9   0x49   0x23   0x9d   0x37
>>> 0xa5   0x13   0xe6   0x2f   0x9e   0xe3   0x94   0xfb
>>> 0x31   0xd9   0x8d   0x80   0x79   0x7d   0xbe   0xdf
>>> 0x1e   0xf4   0x88   0x6c   0x45   0xc6   0x3e   0xbf
>>> 0x4c   0x93   0x58   0xe9   0x5c   0x7a   0x63   0xd5
>>> 0x9e   0xb1   0x23   0xf0   0x43   0x50   0x23   0x0d
>>> 0xe8   0xc6   0x9f   0x40   0x79   0x3e   0x5a   0x15
>>> 0xf0   0x4a   0x1a   0x68   0xc5   0xdb   0xb1   0x69
>>> 0x9b   0x5d   0x5c   0x6c   0x12   0x1b   0xaa   0x24
>>> 0x36   0x15   0x11   0x45   0x12   0xe5   0x37   0x85
>>> 0xa4   0xa8   0x59   0xeb   0x2b   0x2c   0xc4   0x14
>>> 0xa4   0x70   0x11   0x72   0x51   0x02   0x03   0x01
>>> 0x00   0x01
>>>
>>> What type encoding is 0x30? I was expecting to see 0x10 (the type value
>> for SEQUENCE).
>> ASN.1 encodes objects as TLV (tag, length, value).
>> Tag is constructed with class, type, object value.
>> If object value is less then 31 all this information is encoded
>> in one byte  (class - 2bits, type - 1bit, object value - 5bits).
>> Because ASN.1 SEQUENCE has value of 0x10 (which is less then 31)
>> all this is encoded in one byte as:
>>
>> ASN_CLASS_UNIVERSAL | ASN_TYPE_CONSTRUCTED | ASN_OBJECT_SEQUENCE
>>
>> where:
>> ASN_CLASS_UNIVERSAL = 0x00
>> ASN_TYPE_CONSTRUCTED = 0x20
>> ASN_OBJECT_SEQUENCE = 0x10
>>
>> which gives you 0x30
>>
>> Best regards,
>> --
>> Marek Marcola
>>
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    openssl-users@openssl.org
>> Automated List Manager                           [EMAIL PROTECTED]
> 
> _________________________________________________________________
> Ladda ner hela Windows Live gratis och upptäck fördelarna!
> http://get.live.com/
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           [EMAIL PROTECTED]
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           [EMAIL PROTECTED]

_________________________________________________________________
Spara, redigera och organisera dina foton enkelt med Photo Gallery!
http://get.live.com/photogallery/overview______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to