[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: DN Handling (for BER to DN converter)
> I need some help with the encoding of the Object Identifier Value.
>
> I get the 06 for OBJECT ID, the length 3 octets and
> I get the "formula": (X*40) + Y but from there on I don't see
> where the 813403 comes from...
>
> Example From X690E [1]:
> An OBJECT IDENTIFIER value of:
> {joint-iso-itu-t 100 3}
> which is the same as:
> {2 100 3}
> has a first subidentifier of 180 and a second subidentifier of 3. The
> resulting encoding is:
>
> OBJECT
> IDENTIFIER Length Contents
> 06(base16) 03(base16) 813403(base16)
>
>
> Another ex is the one in A Layman's Guide to a Subset of ASN.1 [2] in
> section
> 6.2.1 I don's see how they get the content octets for country name. I
> mean
> sure 40*2 + 5 = 85 but the 5516; 4; and 6, 10, or 3 part?
>
6.2.1 AttributeType
The three AttributeType values are OCTET STRING values, so
their DER encoding follows the primitive, definite-length
method:
06 03 55 04 06 countryName
06 03 55 04 0a organizationName
06 03 55 04 03 commonName
The identifier octets follow the low-tag form, since the tag
is 6 for OBJECT IDENTIFIER. Bits 8 and 7 have value "0,"
indicating universal class, and bit 6 has value "0,"
indicating that the encoding is primitive. The length octets
follow the short form. The contents octets are the
concatenation of three octet strings derived from
subidentifiers (in decimal): 40 * 2 + 5 = 85 = 5516; 4; and
6, 10, or 3.
> I'm assuming it's something to do with the eigth bit (?)
>
> Thanks,
> Tomas
>
>
> REFs:
>
> 1- From X690E:
>
> Encoding of an object identifier value
> 8.19.1 The encoding of an object identifier value shall be
> primitive.
> 8.19.2 The contents octets shall be an (ordered) list of encodings
> of subidentifiers (see 8.19.3 and 8.19.4) concatenated together.
> Each subidentifier is represented as a series of (one or more) octets. Bit
> 8 of each octet indicates whether it is the last in the series: bit 8 of
> the last octet is zero; bit 8 of each preceding octet is one. Bits 7 to 1
> of the octets in the series collectively encode the subidentifier.
> Conceptually, these groups of bits are concatenated to form an unsigned
> binary number whose most significant bit is bit 7 of the first octet and
> whose least significant bit is bit 1 of the last octet. The subidentifier
> shall be encoded in the fewest possible octets, that is, the leading octet
> of the subidentifier shall not have the value 8016.
>
> 8.19.3 The number of subidentifiers (N) shall be one less than the
> number of object identifier components in the object identifier value
> being encoded.
>
> 8.19.4 The numerical value of the first subidentifier is derived
> from the values of the first two object identifier components in the
> object identifier value being encoded, using the formula:
> (X*40) + Y
> where X is the value of the first object identifier component and Y is the
> value of the second object identifier component.
> NOTE - This packing of the first two object identifier components
> recognizes that only three values are allocated from the root node, and at
> most 39 subsequent values from nodes reached by X = 0 and X = 1.
>
> 8.19.5 The numerical value of the ith subidentifier, (2 £ i £ N) is
> that of the (i + 1)th object identifier component.
>
> Example
> An OBJECT IDENTIFIER value of:
> {joint-iso-itu-t 100 3}
> which is the same as:
> {2 100 3}
> has a first subidentifier of 180 and a second subidentifier of 3. The
> resulting encoding is:
>
> OBJECT
> IDENTIFIER Length Contents
> 0616 0316 81340316
>
>
2- A Layman's ...: ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc