How do the following relate: ASN.1, pkcs1, pkcs8, pem, der.
BIG_NUM big_num = BN_set_word(key_bytes_num)
asn1_obj = ASN.1: (language that defines data structures)
pkcs1: defines the RSA format
pkcs8: defines the key format (RSA, EC, ..)
der = asn1_obj.to_bytes()
pem = der.to_base64() // contains labels
-
Assuming we want to encode a private key, we start out with a secret which is possibly a large integer:
key_bytes_num
-
We can define that using the ASN.1, which is an interface description language (IDL).
-
The key format, used for ASN.1 encoding can either be a pkcs1 or pkcs8.
-
Finally, the raw bytes of the asn1_obj is the
der
representation, while the base64 representation is thepem
format:pem = cat key.der | base64
Warm Welcome to ASN.1 and DER
There are some other languages that do the same things as ASN.1. For instance, Protocol Buffers offer both a language for defining types and a serialization format for encoding objects of the types you’ve defined.
Resources:
- https://letsencrypt.org/docs/a-warm-welcome-to-asn1-and-der/
- http://luca.ntop.org/Teaching/Appunti/asn1.html
- https://lapo.it/asn1js/
- Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- ASN.1 lang
- ASN.1 serialization format
- oid