Reputation: 783
What is the need of ASN1 in openssl/TLS
I know it is a kind of noob question but still not able to understand, what is the need of ASN1? I do know that it is used to describe digital objects like x509 certificates. Why should we describe it instead of directly encrypt it using AES and send it to the receiver.and on top of it they encode it using DER??? totally confused and not knowing the exact business cause for its usage...
Upvotes: 1
Views: 632
Answers (1)
Reputation: 5102
ASN.1 is both
- A data especification language, describing Types and Data values.
- Multiple ways of encoding/decoding those data values in a format suitable to be sent/stored/read/received. (Note that encoding/decoding doesn't mean encrypting/decrypting). One of those formats is DER.
For anything you need to send/store you need to define a format (even if they are raw bytes, more so if the data to send has a complex structure).
Think of the problem of sending a character string. There multiple things you need to decide: - What character sets you support? Do you support a way of specifying them? - Will you use null-terminated strings (ala C)? - or will you use length+value encoding? - or will you assume fixed length strings?
ASN.1's DER (or BER or PER or XER...) are ways of deciding all that for the data values that can be described using ASN.1 syntax.
Upvotes: 3
Related Questions
- How to specify the Syntax for Values of Private OIDs while configuring in OpenSSL?
- How does [0] and [3] wơrk in ASN1?
- how to convert a ASN1_object to readable format using openssl library .?
- Building an ASN1 set using the openssl C API
- OpenSSL how ASN1_TYPE and ASN1_ITEM are related
- ASN1 to proper example text
- Where is my interpretation of ASN1 der wrong?
- About TLS 1.2 support in openssl
- ASN1. Sequence vs Set
- ASN1 object identifier name