如何简单地创建 ASN.1 DER 编码的 blob
您好,
我如何简单地将一些二进制数据编码到 ASN.1 DER 编码的 blob 中?我正在使用 C/C++,并且我认为应该可以简单地在二进制 blob 上添加一些适当的字节作为前缀,这些字节表示数据是八位字节字符串类型并且具有给定长度(并且在长度为 1 的序列中)猜测)。
如果您有兴趣,请了解背景:
为什么我要以这种方式滥用 ASN.1?对于一个研究项目,我需要将一些数据嵌入到具有关联 X.509 证书的数字签名中。 (如果重要的话,我正在 Peter Gutmann 的 cryptlib 库中使用 createSignatureEx 来创建 CMS / S/MIME-2/3 / PKCS-#7 兼容的签名。我没有签署我想要编码的数据,只是将其添加为元数据)根据我的理解,具有任意扩展数据的严重签名需要使用 ASN.1 DER 对扩展数据进行编码。我的数据是二进制 blob,仅对我的应用程序有用,因此对数据的每个部分进行正确的 ASN.1 编码没有实际价值。我认为通过一些工作我可以学习使用 asn1c 来做到这一点,但它看起来相当复杂,而且我已经在截止日期前了。同样重要的是,这似乎没有必要,而且这些信息对于其他想要避免正确 ASN.1 编码的痛苦的开发人员来说可能很有用。
谢谢!
Greetings,
How can I simply encode some binary data into an ASN.1 DER-encoded blob? I'm using C/C++, and I figure it should be possible to simply prefix the binary blob with some appropriate bytes that signify that the data is of type octet string and is of a given length (and in a sequence of length 1 I guess).
Background if you're interested:
Why do I want to abuse ASN.1 in this way? For a research project, I need to embed some data in a digital signature that has an associated an X.509 certificate. (I'm using createSignatureEx in Peter Gutmann's cryptlib library to create CMS / S/MIME-2/3 / PKCS-#7 compliant signatures if it matters. I'm not signing the data I want to encode, just adding it as metadata to the signature to enrich it.) According to my understanding, serious signatures with arbitrary extension data require the extension data to be encoded using ASN.1 DER. My data is a binary blob and is only useful to my application, so there's no real value in doing proper ASN.1 encoding of each part of my data. I figure with some work I could learn to use asn1c to do this, but it looks pretty complicated and I'm on deadline. Equally importantly, it seems unnecessary and it seems like this information could be useful to other developers who want to avoid the pain of proper ASN.1 encoding.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我会使用 ASN.1 编译器。
人们滥用 ASN.1 因为它是一种编码数据结构的方法。每当您的 C/C++ 程序使用攻击者控制的数据结构时,就会出现以下问题:缓冲区溢出和整数溢出开始发挥作用。 ASN.1 并不比 XML、JSON 或 Bencode 更不安全,因为这些都是可能的故障点。编码库本身可能存在问题,例如这个讨厌的 Microsoft 漏洞. 但是无论您使用什么编码方法,这个说法都是正确的。 ASN.1 是一个很好的选择,因为生成的消息非常小,而且它是我所知道的所有编码方法中空间利用率最高的。
I would use the ASN.1 Compiler.
People abuse ASN.1 because it is a way to encode data structures. Any time you have a C/C++ program working with a data structure that the attacker controls problems like; buffer overflows and integer overflows, come into play. ASN.1 is no more insecure than lets say XML or JSON or bencode, as these are all likely points of failure. There can be problems with the encoding library its self, like this nasty Microsoft vulnerability. But this statement is true regardless of the encoding method you use. ASN.1 is a great choice because the resulting message is extremely small and it is the most efficient use of space of any encoding method that I know of.
您不能只将 ASN.1 的 blob 附加到 X.509 证书并期望它成为证书的一部分。该证书是一个 ASN.1 SEQUENCE 值,因此它以一个 SEQUENCE 标记和一个长度开头,其中包含了证书的所有内容。
如果您想向证书结构添加一个字段(这可能意味着它不再是有效的证书,但它仍然可能是有效的 ASN.1 结构),那么您必须将该封闭序列的长度更改为以及附加您的数据。
是的,04 08 01 23 45 67 89 ab cd ef 是八位字节字符串的有效 DER 编码。开头的04是OCTET STRING的标签,08是字符串的长度。请注意,最大 127 的长度以一个字节进行编码,更大的长度使用更长的编码。
有关 ASN.1 的详细介绍(尤其是其在加密消息中的使用),请参阅“ASN.1、BER 和 DER 子集的外行指南”,您应该可以在 rsa.com 上找到该指南地点。
You can't just append a blob of ASN.1 to an X.509 certificate and expect it to become part of the certificate. The certificate is an ASN.1 SEQUENCE of values, and as such it starts with a SEQUENCE tag and a length, which encompasses all of the certificate.
If you want to add a field to the certificate structure (which will probably mean that it is no longer a valid certificate, but it could still be a valid ASN.1 structure) then you will have to change the length of that enclosing sequence as well as appending your data.
Yes, 04 08 01 23 45 67 89 ab cd ef is a valid DER encoding of an octet string. The 04 at the beginning is the tag for OCTET STRING and the 08 is the length of the string. Note that lengths up to 127 are encoded in one byte and that larger lengths use a longer encoding.
For a good introduction to ASN.1 -- and especially to its use in cryptographic messages -- see "A Layman's Guide to a Subset of ASN.1, BER and DER", which you should be able to find on the rsa.com site.
我建议使用 Quick DER,并提供其
der_pack()
具有结构描述的例程,您可以使用其asn2quickder
编译器进行编译。如果需要使用标准结构,您可能只需#include
并使用其预定义数据。您可以使用
der_unpack()
进行具有相同结构描述的解包。它将验证结构方面,但不会验证 ASN.1 语法可能包含的约束。当您使用放置和获取整数范围的实用函数时,会检查整数范围。抱歉要推送我的 onw 库;但它实际上是为了(开源)C/C++ 和 Python 开发人员轻松访问 ASN.1 而编写的。
I would suggest to use Quick DER, and feed its
der_pack()
routine with a structure description that you can compile with itsasn2quickder
compiler. If it's a matter of using a standard structure you can probably just#include <quick-der/rfc5280>
and use its predefined data.You can use
der_unpack()
for unpacking with the same structural description. It will validate structural aspects, though not the constraints that ASN.1 syntaxes may incorporate. Integer ranges are checked when you use the utility functions that put and get them.Sorry to be pushing my onw library; but it was actually written for the purpose of easily accessible ASN.1 for (open source) C/C++ and Python developers.