What is ASN.1?

Crypto is full of obscure data formats. .pem files, .p8 files, .p12 files, .key files, .cert files. And lots of these are just wrappers for yet more formats. One of these data formats is ASN.1, “Abstract Syntax Notation One”. ASN.1 is a bit like JSON, XML, or protocol buffers: it can encode numbers, strings, sequences, sets and more.

For example, if I generate an RSA private key with openssl genrsa -out private_key.pem 512, the private key file is quite unreadable:

$
Generating RSA private key, 512 bit long modulus
.......................++++++++++++
.......................++++++++++++
e is 65537 (0x10001)
$ cat private_key.pem
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBAMPkSNKfzbL35Sq9F3Eqx25KvWbVTy7xgtxFYrP6JA4/92ZY5zJO
RB4sFmKMcD/53vx2AGJ4s14h2JDlwiJbzVsCAwEAAQJBAIDmElUl+kCthgpdarN4
psoYPBESg4wsNyOiNJShIGCO6BG2MLEYkd4KjZgToWwcV5pNJQmr+DbZrjsLOCsD
CYECIQDgwGC/cnKog0nOQrx8ast1iZ6B4tfQ+PjtNxMuDiE/SwIhAN8gskIQTM8F
sEai7XWOSmLCq20r30a6D/rscToF3hAxAiEAzbjJ1fOYaA7ke9wyU2AdpBS39gQB
r9J1aAzFjZ55aEkCIDqSprjY9pDR+XhRhOx7MePDHqVGAxLZ/R/tubt1ltnBAiBB
yxWk7T+RcKdYkyybGxP2CRFWHu47R0RX6fq0xywWSg==
-----END RSA PRIVATE KEY-----

But there is structure here. A .pem file can contain many blocks, and this file contains one RSA PRIVATE KEY block. Each block has some bytes of data as the body, which are encoded in base64. This masks the real structure of the body, which is a sequence of nine integers encoded in the ASN.1 format. We can reveal this structure with openssl asn1parse:

$ openssl asn1parse -i -in private_key.pem
    0:d=0  hl=4 l= 315 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim:  INTEGER           :00
    7:d=1  hl=2 l=  65 prim:  INTEGER           :C3E448D29FCDB2F7E52ABD17712AC76E4ABD66D54F2EF182DC4562B3FA240E3FF76658E7324E441E2C16628C703FF9DEFC76006278B35E21D890E5C2225BCD5B
   74:d=1  hl=2 l=   3 prim:  INTEGER           :010001
   79:d=1  hl=2 l=  65 prim:  INTEGER           :80E6125525FA40AD860A5D6AB378A6CA183C1112838C2C3723A23494A120608EE811B630B11891DE0A8D9813A16C1C579A4D2509ABF836D9AE3B0B382B030981
  146:d=1  hl=2 l=  33 prim:  INTEGER           :E0C060BF7272A88349CE42BC7C6ACB75899E81E2D7D0F8F8ED37132E0E213F4B
  181:d=1  hl=2 l=  33 prim:  INTEGER           :DF20B242104CCF05B046A2ED758E4A62C2AB6D2BDF46BA0FFAEC713A05DE1031
  216:d=1  hl=2 l=  33 prim:  INTEGER           :CDB8C9D5F398680EE47BDC3253601DA414B7F60401AFD275680CC58D9E796849
  251:d=1  hl=2 l=  32 prim:  INTEGER           :3A92A6B8D8F690D1F9785184EC7B31E3C31EA5460312D9FD1FEDB9BB7596D9C1
  285:d=1  hl=2 l=  32 prim:  INTEGER           :41CB15A4ED3F9170A758932C9B1B13F60911561EEE3B474457E9FAB4C72C164A

This integer sequence structure is an RSA private key in PKCS#1 format as described by RFC 3447:

RSAPrivateKey ::= SEQUENCE {
    version           Version,
    modulus           INTEGER,  -- n
    publicExponent    INTEGER,  -- e
    privateExponent   INTEGER,  -- d
    prime1            INTEGER,  -- p
    prime2            INTEGER,  -- q
    exponent1         INTEGER,  -- d mod (p-1)
    exponent2         INTEGER,  -- d mod (q-1)
    coefficient       INTEGER,  -- (inverse of q) mod p
    otherPrimeInfos   OtherPrimeInfos OPTIONAL
}

The above is an “ASN.1 modules”, a text file which describes a set of ASN.1 values. This is much like protocol buffer schema, XML schema, or JSON schema.

Lots of SSL files are PEM blocks containing a body encoded in ASN.1. As another example, Certificate Signing Requests, .csr files, look like this:

$ openssl asn1parse -i -in cert_request.csr
    0:d=0  hl=4 l= 392 cons: SEQUENCE
    4:d=1  hl=4 l= 306 cons:  SEQUENCE
    8:d=2  hl=2 l=   1 prim:   INTEGER           :00
   11:d=2  hl=3 l= 173 cons:   SEQUENCE
   14:d=3  hl=2 l=  11 cons:    SET
   16:d=4  hl=2 l=   9 cons:     SEQUENCE
   18:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
   23:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :GB
   27:d=3  hl=2 l=  15 cons:    SET
   29:d=4  hl=2 l=  13 cons:     SEQUENCE
   31:d=5  hl=2 l=   3 prim:      OBJECT            :stateOrProvinceName
   36:d=5  hl=2 l=   6 prim:      UTF8STRING        :London
   44:d=3  hl=2 l=  15 cons:    SET
   46:d=4  hl=2 l=  13 cons:     SEQUENCE
   48:d=5  hl=2 l=   3 prim:      OBJECT            :localityName
   53:d=5  hl=2 l=   6 prim:      UTF8STRING        :London
   61:d=3  hl=2 l=  29 cons:    SET
   63:d=4  hl=2 l=  27 cons:     SEQUENCE
   65:d=5  hl=2 l=   3 prim:      OBJECT            :organizationName
   70:d=5  hl=2 l=  20 prim:      UTF8STRING        :Jameshfisher Limited
   92:d=3  hl=2 l=  24 cons:    SET
   94:d=4  hl=2 l=  22 cons:     SEQUENCE
   96:d=5  hl=2 l=   3 prim:      OBJECT            :organizationalUnitName
  101:d=5  hl=2 l=  15 prim:      UTF8STRING        :Human Resources
  118:d=3  hl=2 l=  28 cons:    SET
  120:d=4  hl=2 l=  26 cons:     SEQUENCE
  122:d=5  hl=2 l=   3 prim:      OBJECT            :commonName
  127:d=5  hl=2 l=  19 prim:      UTF8STRING        :hr.jameshfisher.com
  148:d=3  hl=2 l=  37 cons:    SET
  150:d=4  hl=2 l=  35 cons:     SEQUENCE
  152:d=5  hl=2 l=   9 prim:      OBJECT            :emailAddress
  163:d=5  hl=2 l=  22 prim:      IA5STRING         :jameshfisher@gmail.com
  187:d=2  hl=2 l=  92 cons:   SEQUENCE
  189:d=3  hl=2 l=  13 cons:    SEQUENCE
  191:d=4  hl=2 l=   9 prim:     OBJECT            :rsaEncryption
  202:d=4  hl=2 l=   0 prim:     NULL
  204:d=3  hl=2 l=  75 prim:    BIT STRING
  281:d=2  hl=2 l=  31 cons:   cont [ 0 ]
  283:d=3  hl=2 l=  29 cons:    SEQUENCE
  285:d=4  hl=2 l=   9 prim:     OBJECT            :challengePassword
  296:d=4  hl=2 l=  16 cons:     SET
  298:d=5  hl=2 l=  14 prim:      UTF8STRING        :securepassword
  314:d=1  hl=2 l=  13 cons:  SEQUENCE
  316:d=2  hl=2 l=   9 prim:   OBJECT            :sha256WithRSAEncryption
  327:d=2  hl=2 l=   0 prim:   NULL
  329:d=1  hl=2 l=  65 prim:  BIT STRING

Tagged #programming, #openssl.

More by Jim

What does the dot do in JavaScript?

foo.bar, foo.bar(), or foo.bar = baz - what do they mean? A deep dive into prototypical inheritance and getters/setters. 2020-11-01

Smear phishing: a new Android vulnerability

Trick Android to display an SMS as coming from any contact. Convincing phishing vuln, but still unpatched. 2020-08-06

A probabilistic pub quiz for nerds

A “true or false” quiz where you respond with your confidence level, and the optimal strategy is to report your true belief. 2020-04-26

Time is running out to catch COVID-19

Simulation shows it’s rational to deliberately infect yourself with COVID-19 early on to get treatment, but after healthcare capacity is exceeded, it’s better to avoid infection. Includes interactive parameters and visualizations. 2020-03-14

The inception bar: a new phishing method

A new phishing technique that displays a fake URL bar in Chrome for mobile. A key innovation is the “scroll jail” that traps the user in a fake browser. 2019-04-27

The hacker hype cycle

I got started with simple web development, but because enamored with increasingly esoteric programming concepts, leading to a “trough of hipster technologies” before returning to more productive work. 2019-03-23

Project C-43: the lost origins of asymmetric crypto

Bob invents asymmetric cryptography by playing loud white noise to obscure Alice’s message, which he can cancel out but an eavesdropper cannot. This idea, published in 1944 by Walter Koenig Jr., is the forgotten origin of asymmetric crypto. 2019-02-16

How Hacker News stays interesting

Hacker News buried my post on conspiracy theories in my family due to overheated discussion, not censorship. Moderation keeps the site focused on interesting technical content. 2019-01-26

My parents are Flat-Earthers

For decades, my parents have been working up to Flat-Earther beliefs. From Egyptology to Jehovah’s Witnesses to theories that human built the Moon billions of years in the future. Surprisingly, it doesn’t affect their successful lives very much. For me, it’s a fun family pastime. 2019-01-20

The dots do matter: how to scam a Gmail user

Gmail’s “dots don’t matter” feature lets scammers create an account on, say, Netflix, with your email address but different dots. Results in convincing phishing emails. 2018-04-07

The sorry state of OpenSSL usability

OpenSSL’s inadequate documentation, confusing key formats, and deprecated interfaces make it difficult to use, despite its importance. 2017-12-02

I hate telephones

I hate telephones. Some rational reasons: lack of authentication, no spam filtering, forced synchronous communication. But also just a visceral fear. 2017-11-08

The Three Ts of Time, Thought and Typing: measuring cost on the web

Businesses often tout “free” services, but the real costs come in terms of time, thought, and typing required from users. Reducing these “Three Ts” is key to improving sign-up flows and increasing conversions. 2017-10-26

Granddad died today

Granddad died. The unspoken practice of death-by-dehydration in the NHS. The Liverpool Care Pathway. Assisted dying in the UK. The importance of planning in end-of-life care. 2017-05-19

How do I call a program in C, setting up standard pipes?

A C function to create a new process, set up its standard input/output/error pipes, and return a struct containing the process ID and pipe file descriptors. 2017-02-17

Your syntax highlighter is wrong

Syntax highlighters make value judgments about code. Most highlighters judge that comments are cruft, and try to hide them. Most diff viewers judge that code deletions are bad. 2014-05-11

Want to build a fantastic product using LLMs? I work at Granola where we're building the future IDE for knowledge work. Come and work with us! Read more or get in touch!

This page copyright James Fisher 2017. Content is not associated with my employer. Found an error? Edit this page.

What is ASN.1?

Similar posts

More by Jim