PKI Certificate Tutorials - Herong's Tutorial Examples - v1.12, by Herong Yang
BER Encoding Examples
This section provides BER encoding examples of some simple ASN.1 structured values.
After the main encoding rules, let's look at some examples of BER (Basic Encoding Rules) encoded output of ASN.1 data values.
First we need to learn the ASN.1 notation syntax to specify values of constructed types:
value-id type-name ::= SEQUENCE | SET { member-id value, member-id value, ..., member-id value } where: value-id - Specifies a unique identifier for given constructed value type-name - Specifies the name of a given constructed type member-id - Specifies the identifier of the given member value value - Specifies a literial value or a value ID for given member
Follow the above notation syntax, we can specify few examples of ANS.1 data values:
screenCenter Point ::= { x 320, y 240 } smallSquare Square ::= { size 10, location screenCenter, } largeSquare Square ::= { size 200, location screenCenter, }
Obvously, we are using our constructed types, "Square" and "Point", in those examples:
Square ::= SEQUENCE { size INTEGER, location Point } Point ::= SEQUENCE { x INTEGER, y INTEGER }
Now, we are ready to encoding those examples using the BER rules with type tags in the UNIVERSAL type class:
screenCenter Point ::= { x 320, y 240 } - BER encoding of screenCenter: 00110000 00000111 # SEQUENCE with 7-byte data 00100010 00000010 00000001 01000000 # INTEGER 320 in 2 bytes 00100010 00000001 11110000 # INTEGER 240 in 1 bytes smallSquare Square ::= { size 10, location screenCenter, } - BER encoding of smallSquare: 00110000 00001010 # SEQUENCE with 10-byte data 00100010 00000001 00001010 # INTEGER 10 in 1 bytes 00110000 00000111 # Encoding of screenCenter 00100010 00000010 00000001 01000000 00100010 00000001 11110000 largeSquare Square ::= { size 200, location screenCenter, } - BER encoding of largeSquare: 00110000 00001010 # SEQUENCE with 10-byte data 00100010 00000001 01100100 # INTEGER 100 in 1 bytes 00110000 00000111 # Encoding of screenCenter 00100010 00000010 00000001 01000000 00100010 00000001 11110000
Cool, BER encoding is not that difficult.
Table of Contents
Introduction of PKI (Public Key Infrastructure)
Introduction of PKI Certificate
What Is ASN.1 (Abstract Syntax Notation One)
What Is BER (Basic Encoding Rules)
ASN.1 Type Modifier - Type Tagging
What Is DER (Distinguished Encoding Rules)
PKI Certificate Structure in ASN.1 Notations
PKI Certificate in Base64 Format
PKI Certificate File Viewer and Decoder
PKI Certificate File ASN.1 Parser
Certificate Wrapped in PKCS7 Formats
Certificate Wrapped in PKCS12 Formats
Certificate File Format Summary
OpenSSL - Cryptography Toolkit
"openssl ca" - CA (Certificate Authority) Tool
Java "keytool" Commands and KeyStore Files
PKCS12 Certificate Bundle File