ASN.1入门

ASN.1可以分为一组语法规则和一组编码规则

应用：

• X.509 Certificates, used in SSL/TLS
• Lightweight Directory Access Protocol (LDAP)
• X.400, the messaging system used by the U.S. Military
• X.500
• The magnetic stripes on credit cards and debit cards
• Microsoft’s Remote Desktop Protocol (RDP)
• Simple Network Management Protocol (SNMP)
• Common Management Information Protocol (CMIP)
• Signalling System Number 7 (SS7), used to make most phone calls on the Public Switched Telephone Network (PSTN).
• Kerberos 5
• H.323 Video conferencing
• Biometrics Protocols:
  • BioAPI Interworking Protocol (BIP)
  • Common Biometric Exchange Formats Framework (CBEFF)
  • Authentication Contexts for Biometrics (ACBio)
• Computer Supported Telecommunications Applications (CSTA)
• Dedicated Short Range Communications (SAE J2735)
• Cellular telephony
  • Global System for Mobile Communications (GSM)
  • Global Packet Radio Service (GPRS) / Enhanced Data Rates for Global Evolution (EDGE)
  • Universal Mobile Telecommunications System (UTMS)
  • Long-Term Evolution (LTE)

环境

python asn1tools库：https://asn1tools.readthedocs.io/en/latest/

pip install asn1tools

其它asn1转c开源工具：

• https://github.com/vlm/asn1c
• https://github.com/ttsiodras/asn1scc

Python asn1tools支持的编码：

• Basic Encoding Rules (BER) defaut
• Distinguished Encoding Rules (DER)
• Generic String Encoding Rules (GSER)
• JSON Encoding Rules (JER)
• Basic Octet Encoding Rules (OER)
• Aligned Packed Encoding Rules (PER)
• Unaligned Packed Encoding Rules (UPER)
• XML Encoding Rules (XER)

这个库还带着一个asn1tools可执行文件，可以转换编码、生成c代码、基于libFuzzer生成模糊测试代码等。

types

一些String：

• PrintableString, 可视字符串
• T61String, 8位字符串
• IA5String , ASCII字符串
• …

结构类型：

每个类型都有tag value，openssl /include/openssl/asn1.h宏定义如下：

/* ASN.1 tag values */
# define V_ASN1_EOC                      0
# define V_ASN1_BOOLEAN                  1 /**/
# define V_ASN1_INTEGER                  2
# define V_ASN1_BIT_STRING               3
# define V_ASN1_OCTET_STRING             4
# define V_ASN1_NULL                     5
# define V_ASN1_OBJECT                   6
# define V_ASN1_OBJECT_DESCRIPTOR        7
# define V_ASN1_EXTERNAL                 8
# define V_ASN1_REAL                     9
# define V_ASN1_ENUMERATED               10
# define V_ASN1_UTF8STRING               12
# define V_ASN1_SEQUENCE                 16
# define V_ASN1_SET                      17
# define V_ASN1_NUMERICSTRING            18 /**/
# define V_ASN1_PRINTABLESTRING          19
# define V_ASN1_T61STRING                20
# define V_ASN1_TELETEXSTRING            20/* alias */
# define V_ASN1_VIDEOTEXSTRING           21 /**/
# define V_ASN1_IA5STRING                22
# define V_ASN1_UTCTIME                  23
# define V_ASN1_GENERALIZEDTIME          24 /**/
# define V_ASN1_GRAPHICSTRING            25 /**/
# define V_ASN1_ISO64STRING              26 /**/
# define V_ASN1_VISIBLESTRING            26/* alias */
# define V_ASN1_GENERALSTRING            27 /**/
# define V_ASN1_UNIVERSALSTRING          28 /**/
# define V_ASN1_BMPSTRING                30

examples

https://github.com/eerimoq/asn1tools/tree/master/tests/files

以foo.asn为例

Foo DEFINITIONS ::= BEGIN
    Question ::= SEQUENCE {
        id        INTEGER,
        question  IA5String
    }
    Answer ::= SEQUENCE {
        id        INTEGER,
        answer    BOOLEAN
    }
END

编解码：

import asn1tools
foo = asn1tools.compile_files('./foo.asn') # default ber encoded
encoded = foo.encode('Question', {'id': 1, 'question': 'Is 1+1=3?'})
print(encoded)
# b'0\x0e\x02\x01\x01\x16\tIs 1+1=3?'
print(foo.decode('Question', encoded))
# {'id': 1, 'question': 'Is 1+1=3?'}

c_source.asn可用来生成c头文件和.c，辅助理解asn.1：

asn1tools generate_c_source --namespace oer c_source.asn 
Successfully generated oer.h and oer.c.

参考资料

ASN.1 Project (itu.int)

13.1 ASN1简介_OpenSSL 中文手册

证书请求编码 - Win32 apps | Microsoft Learn

ASN.1 tools — asn1tools 0.165.0 documentation