Lines Matching +full:00 +full:- +full:40 +full:bit
9 NIST/OSI Implementors' Workshop document SEC-SIG-91-17.
13 Copyright (C) 1991-1993 RSA Laboratories, a division of RSA
16 Public-Key Cryptography Standards (PKCS)" in all material
18 003-903015-110-000-000
39 in another, higher-level part. Abstraction is the hallmark
63 as integers and bit strings to structured types such as sets
66 each ASN.1 type as a string of eight-bit octets. There is
67 generally more than one way to BER-encode a given value.
73 BER and DER sufficient to understand and implement one OSI-
74 based application, RSA Data Security, Inc.'s Public-Key
77 ASN.1 types and their BER and DER encodings. Sections 2-4
90 Terminology and notation. In this note, an octet is an eight-
91 bit unsigned integer. Bit 8 of the octet is the most
92 significant and bit 1 is the least significant.
94 The following meta-syntax is used for in describing ASN.1
97 BIT monospace denotes literal characters in the type
146 same application-specific tag and different
152 Context-specific, for types whose meaning is specific
153 to a given structured type; context-specific tags
164 Table 1 lists some ASN.1 types and their universal-class
170 BIT STRING 3 03
181 Table 1. Some types and their universal-class tags.
184 programming-language-like notation, with the following
190 o Comments are delimited by pairs of hyphens (--),
194 references (names of types) consist of upper- and
195 lower-case letters, digits, hyphens, and spaces;
196 identifiers begin with lower-case letters; type
197 references begin with upper-case letters.
211 BIT STRING, an arbitrary string of bits (ones and
225 OCTET STRING, an arbitrary string of octets (eight-bit
231 T61String, an arbitrary string of T.61 (eight-bit)
237 Simple types fall into two categories: string types and non-
238 string types. BIT STRING, IA5String, OCTET STRING,
245 input from a file stream) with a constructed, indefinite-
278 given distinct context-specific tags to avoid ambiguity.
329 primitive, definite-length encoding; constructed, definite-
330 length encoding; and constructed, indefinite-length
331 encoding. Simple non-string types employ the primitive,
332 definite-length method; structured types employ either of
345 Length octets. For the definite-length methods, these
347 constructed, indefinite-length method, these
350 Contents octets. For the primitive, definite-length
356 End-of-contents octets. For the constructed, indefinite-
364 3.1 Primitive, definite-length method
375 Low-tag-number form. One octet. Bits 8 and 7 specify
376 the class (see Table 2), bit 6 has value "0,"
378 bits 5-1 give the tag number.
380 Class Bit Bit
384 context-specific 1 0
389 High-tag-number form. Two or more octets. First octet
390 is as in low-tag-number form, except that bits 5-1
394 with the bit 8 of each octet except the last set
399 and 21008-1).
401 Short form. One octet. Bit 8 has value "0" and bits 7-1
404 Long form. Two to 127 octets. Bit 8 of first octet has
405 value "1" and bits 7-1 give the number of
416 3.2 Constructed, definite-length method
426 bit 6 has value "1," indicating that the encoding is
450 3.3 Constructed, indefinite-length method
465 End-of-contents octets. Two octets, 00 00.
467 Since the end-of-contents octets appear where an ordinary
469 of a sequence value), the 00 and 00 appear as identifier and
470 length octets, respectively. Thus the end-of-contents octets
471 is really the primitive, definite-length encoding of a value
496 primitive, definite-length method must be
502 constructed, definite-length method must be
506 BIT STRING, SEQUENCE, SET, and SET OF), and can be found in
555 If the class name is absent, then the tag is context-
556 specific. Context-specific tags can only appear in a
560 attributes component with an implicit, context-specific tag:
569 (i.e., context-specific), and the tag number within the
612 If the class name is absent, then the tag is context-
613 specific. Context-specific tags can only appear in a
624 content component with an explicit, context-specific tag:
632 class is absent (i.e., context-specific), and the tag number
636 with an explicit, context-specific tag, where the EXPLICIT
720 5.4 BIT STRING
722 The BIT STRING type denotes an arbitrary string of bits
723 (ones and zeroes). A BIT STRING value can have any length,
726 The BIT STRING type is used for digital signatures on
734 BIT STRING
737 of type BIT STRING:
741 publicKey BIT STRING }
745 by which the length of the bit string is less than the next
748 value of the bit string, converted to an octet string. The
751 1. The bit string is padded after the last bit with
753 of the bit string a multiple of eight. If the
754 length of the bit string is a multiple of eight
757 2. The padded bit string is divided into octets. The
758 first eight bits of the padded bit string become
759 the first octet, bit 8 to bit 1, and so on through
760 the last eight bits of the padded bit string.
764 of the bit string, where each substring except the last has
767 Example: The BER encoding of the BIT STRING value
780 03 03 00 6e 5d
784 primitive BER encoding, except that the bit string is padded
785 with zero-valued bits.
787 Example: The DER encoding of the BIT STRING value
822 certificate Certificate, -- X.509
847 is the same as ASCII. The character set includes non-
851 The IA5String type is used in PKCS #9's electronic-mail
852 address, unstructured-name, and unstructured-address
870 16 0d 74 65 73 74 31 40 72 73 61 2e 63 6f 6d DER encoding
873 74 65 73 74 31 40 72 73 61 2e 63 6f 6d
877 16 01 40
886 16 0d 74 65 73 74 31 40 72 73 61 2e 63 6f 6d
898 PKCS #3's DHParameter type, a message-digest iteration count
927 The value 0 is encoded as a single 00 octet.
934 0 02 01 00
936 128 02 02 00 80
937 256 02 02 01 00
938 -128 02 01 80
939 -129 02 02 FF 7F
964 05 00
966 05 81 00
969 encoding of a NULL value is always 05 00.
980 nonnegative value. This type is a non-string type.
1026 { iso(1) member-body(2) 840 113549 }
1040 { 2 5 8 } directory services-algorithms
1048 1. The first octet has value 40 * value1 + value2.
1057 possible, and the most significant bit of each
1062 Security, Inc.'s object identifier is 40 * 1 + 2 = 42 =
1076 (eight-bit values). An OCTET STRING value can have any
1140 (space) ' ( ) + , - . / : = ?
1144 The PrintableString type is used in PKCS #9's challenge-
1145 password and unstructuerd-address attributes, and in several
1340 #7, #8, #9 and #10, for sets of message-digest algorithm
1368 until a difference is found. The smaller-valued BER encoding
1369 is the one with the smaller-valued octet at the point of
1376 characters. T.61 is an eight-bit extension to the ASCII
1380 character set includes non-printing control characters. The
1387 The T61String type is used in PKCS #9's unstructured-address
1388 and challenge-password attributes, and in several X.521
1417 The eight-bit character c2 is a T.61 prefix that adds an
1439 YYMMDDhhmm-hh'mm'
1442 YYMMDDhhmmss-hh'mm'
1452 hh is the hour (00 to 23)
1454 mm are the minutes (00 to 59)
1456 ss are the seconds (00 to 59)
1459 local time is later than GMT, and - indicates that
1471 signing-time attribute and for certificate validity periods
1488 4:45:40 p.m. Pacific Daylight Time on May 6, 1991, which can
1492 "910506164540-0700"
1589 { joint-iso-ccitt(2) ds(5) 4 }
1601 their DER encoding follows the primitive, definite-length
1610 The identifier octets follow the low-tag form, since the tag
1612 indicating universal class, and bit 6 has value "0,"
1616 subidentifiers (in decimal): 40 * 2 + 5 = 85 = 5516; 4; and
1623 so their encodings follow the primitive, definite-length
1635 The identifier octets follow the low-tag-number form, since
1638 the universal class. Bit 6 has value "0" since the encoding
1648 definite-length method:
1662 The identifier octets follow the low-tag-number form, since
1665 universal class. Bit 6 has value "1" since the encoding is
1676 definite-length method:
1687 The identifier octets follow the low-tag-number form, since
1690 class Bit 6 has value "1" since the encoding is constructed.
1700 encoding follows the constructed, definite-length method:
1707 The identifier octets follow the low-tag-number form, since
1710 universal class. Bit 6 has value "1" since the encoding is
1746 PKCS #3 RSA Laboratories. PKCS #3: Diffie-Hellman Key-
1749 PKCS #5 RSA Laboratories. PKCS #5: Password-Based
1752 PKCS #6 RSA Laboratories. PKCS #6: Extended-Certificate
1758 PKCS #8 RSA Laboratories. PKCS #8: Private-Key Information
1779 Directory--Overview of Concepts, Models and
1782 X.501 CCITT. Recommendation X.501: The Directory--
1785 X.509 CCITT. Recommendation X.509: The Directory--
1788 X.520 CCITT. Recommendation X.520: The Directory--
1794 [NIST92] NIST. Special Publication 500-202: Stable
1807 Workshop document SEC-SIG-91-17.
1820 PKCS #3: Diffie-Hellman Key-Agreement Standard. Version
1823 PKCS #5: Password-Based Encryption Standard. Version
1826 PKCS #6: Extended-Certificate Syntax Standard. Version
1832 PKCS #8: Private-Key Information Syntax Standard.
1853 RSA Laboratories (415) 595-7703
1854 100 Marine Parkway (415) 595-4126 (fax)