What Is ASN.1 (Abstract Syntax Notation One)

This section introduces ASN.1 (Abstract Syntax Notation One), which is a language that allows you to define your own constructed data types.

What Is the ASN.1 (Abstract Syntax Notation One)? ASN.1 is a language that provides data types and systaxes for you to define your own constructed data types. It also provides encoding/decoding rules to serialize/unserialize values of constructed data types.

ASN.1 was specified in "X.208 - Specification of Abstract Syntax Notation One (ASN.1)" published by ISO and ITU-T jointly in 1988, and revided in "X.680 - Abstract Syntax Notation One (ASN.1): Specification of basic notation" in 1995 at itu.int/rec/T-REC-X.680.

Commonly used primitive data types provided in ASN.1 are listed below. Each of them is assigned with a tag ID to be used in the encoding/decoding process.

With those primitive types, you can define constructed types using the following notation syntaxes:

SEQUENCE Constructed Type - Defines a new constructed type, which contains an ordered list of values of any types.

type-name ::= SEQUENCE {
  member-id modifier type constraints,
  member-id modifier type constraints,
  ...,
  member-id modifier type constraints
}

where:
  type-name - Specifies the name of the new type
  member-id - Specifies a unique identifier of the given member value
  modifier - Optional. Specifies a tagging (type tag change) option
  type - Specifies the type of the give member value
  constraints - Optional. Adds constraints for the given member value

For example, the following notation defines 2 constructed types, Square and Point, as SEQUENCE types:

Square ::= SEQUENCE {
  size INTEGER,
  location Point
}

Point ::= SEQUENCE {
  x INTEGER,
  y INTEGER
}

SET Constructed Type Defines a new constructed type, which contains an unordered list of values of any types.

type-name ::= SET {
  member-id modifier type constraints,
  member-id modifier type constraints,
  ...,
  member-id modifier type constraints
}

where:
  type-name - Specifies the name of the new type
  member-id - Specifies a unique identifier of the given member value
  modifier - Optional. Specifies a tagging (type tag change) option
  type - Specifies the type of the give member value
  constraints - Optional. Adds constraints for the given member value

For example, the following notation redefines Square as a SET type, because the order of its members is not important:

Square ::= SET {
  size INTEGER,
  location Point
}

CHOICE Constructed Type Defines a new "virtual" type, which contains a set of values of any types. When a CHOICE value is specified, its type and value will be mapped to the selected member type and value.

type-name ::= CHOICE {
  member-id modifier type constraints,
  member-id modifier type constraints,
  ...,
  member-id modifier type constraints
}

where:
  type-name - Specifies the name of the new type
  member-id - Specifies a unique identifier of the given member value
  modifier - Optional. Specifies a tagging (type tag change) option
  type - Specifies the type of the give member value
  constraints - Optional. Adds constraints for the given member value

Table of Contents

 About This Book

 Introduction of PKI (Public Key Infrastructure)

 Introduction of PKI Certificate

PKI Certificate File Formats

What Is ASN.1 (Abstract Syntax Notation One)

 What Is BER (Basic Encoding Rules)

 BER Encoding Examples

 ASN.1 Type Modifier - Type Tagging

 What Is DER (Distinguished Encoding Rules)

 PKI Certificate Structure in ASN.1 Notations

 PKI Certificate in DER Format

 PKI Certificate in Base64 Format

 PKI Certificate in PEM Format

 PKI Certificate File Viewer and Decoder

 PKI Certificate File ASN.1 Parser

 OpenSSL - Cryptography Toolkit

 "openssl ca" - CA (Certificate Authority) Tool

 Java "keytool" Commands and KeyStore Files

 PKI Certificate Store

 PKCS12 Certificate Bundle File

 PKCS7 Certificate Chain File

 PKI Certificate Related Terminology

 References

 Full Version in PDF/EPUB