asn.1

I'm decoding ASN1 (as used in X.509 for HTTPS certificates). I'm doing pretty well, but there is a thing that I just cannot find and understandable documentation for. In this JS ASN1 parser you see a [0] and a [3] under a SEQUENCE element, the first looking like this in data: A0 03 02 01 02 ... . I want to know what this means and how to decode it. Another example is Anatomy of an X.509 v3 Certificate , there is a [0] right after the first two SEQUENCE elements. What I don't understand is how A0 fits with the scheme where the first 2 bits of the tag byte are a class, the next a primitive

I have been going through the following tutorial http://www.obj-sys.com/asn1tutorial/node12.html Can you help me understand implicit tagging with an example? In ASN.1 tagging, in fact, serves two purposes: typing and naming. Typing means it tells an en-/decoder what kind of data type that is (is it a string, an integer, a boolean, a set, etc.), naming means that if there are multiple fields of the same type and some (or all of them) are optional, it tells the en-/decoder for which field that value is. If you compare ASN.1 to, let's say, JSON, and you look at the following JSON data: "Image": {

Why is the modulus padded with leading zeros? I was reading PKCS#1 and PKCS#8 but didn't find anything about it. In c# the leading zeros must be removed, does anybody know why? At http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html , you can see that the modulus and exponent have leading zeros. The question is why they have it, I haven't found an explanation anywhere yet. The private key values are encoded as ASN.1 INTEGERs, which are signed values in two's complement format. The leading zero byte is necessary when the MSB of the (unsigned) RSA key value is set. Having the MSB set

How can I convert ASN1_TIME to time_t format? I wanted to convert the return value of X509_get_notAfter() to seconds. Jan Vidar Krey Times are stored as a string internally, on the format YYmmddHHMMSS or YYYYmmddHHMMSS . At the end of the string there is room for fractions of seconds and timezone, but let's ignore that for now, and have some (untested) code. Note : also see Bryan Olson's answer below, which discusses the undefined behavior due to the i++ 's. Also see Seak's answer which removes the undefined behavior. static time_t ASN1_GetTimeT(ASN1_TIME* time) { struct tm t; const char* str

I am looking for a solution to parse asn.1 spec files and generate a decoder from those. Ideally I would like to work with Python modules, but if nothing is available I would use C/C++ libraries and interface them with Python with the plethora of solutions out there. In the past I have been using pyasn1 and building everything by hand but that has become too unwieldly. I have also looked superficially to libtasn1 and asn1c. The first one had problems parsing even the simplest of files. The second has a good parser but generating C code for decoding seems too complex; the solution worked well

In the common name field of the DN of a X509 certificate, as defined in ASN.1 notation for OID "2.5.4.3", what are the allowed values? I know that the limit is up to 64 characters, but are all characters allowed? Digits? E.g. are . s allowed? Is an IP address (x.x.x.x) a valid sequence per the ASN definition? Is a domain name allowed? The common name attribute in a Distinguished Name is encoded as: X520CommonName ::= CHOICE { teletexString TeletexString (SIZE (1..ub-common-name)), printableString PrintableString (SIZE (1..ub-common-name)), universalString UniversalString (SIZE (1..ub-common

I have tried the advice on several of the questions posted here, but to no avail. I have the following files: (NOTE, I generated these on the fly and they are throwaway keys) cert file: -----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIJAMLMeL/HH75vMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD VQQGEwJVUzENMAsGA1UECBMEVXRhaDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkx HjAcBgNVBAoTFU5pY2hvbGFzIFRlcnJ5IGRvdGNvbTEUMBIGA1UECxMLZGV2ZWxv cG1lbnQxFjAUBgNVBAMTDW5pY2hvbGFzdGVycnkxKTAnBgkqhkiG9w0BCQEWGm5p Y2hvbGFzQG5pY2hvbGFzdGVycnkuY29tMB4XDTE0MTIyNTA3MTkxNFoXDTE1MTIy