What is ASN.1 DER tag value 0xA0?

Question

Here is an example of a certificate encoded in ASN.1 DER

30 82 01 8F 30 81 F9 **A0** 03 02 01 02 02 01 01 30
0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 0D
31 0B 30 09 06 03 55 04 03 0C 02 43 41 30 20 17
0D 31 33 30 39 31 35 31 35 33 35 30 32 5A 18 0F
32 31 31 33 30 39 32 32 31 35 33 35 30 32 5A 30
0D 31 0B 30 09 06 03 55 04 03 0C 02 43 41 30 81
9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00
03 81 8D 00 30 81 89 02 81 81 00 8D 80 B5 8E 80
8E 94 D1 04 03 6A 45 1A 54 5E 7E EE 6D 0C CB 0B
82 03 F1 7D C9 6F ED 52 02 B2 08 C3 48 D1 24 70
C3 50 C2 1C 40 BC B5 9D F8 E8 A8 41 16 7B 0B 34
1F 27 8D 32 2D 38 BA 18 A5 31 A9 E3 15 20 3D E4
0A DC D8 CD 42 B0 E3 66 53 85 21 7C 90 13 E9 F9
C9 26 5A F3 FF 8C A8 92 25 CD 23 08 69 F4 A2 F8
7B BF CD 45 E8 19 33 F1 AA E0 2B 92 31 22 34 60
27 2E D7 56 04 8B 1B 59 64 77 5F 02 03 01 00 01
30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03
81 81 00 0A 1C ED 77 F4 79 D5 EC 73 51 32 25 09
61 F7 00 C4 64 74 29 86 5B 67 F2 3D A9 39 34 6B
3C A9 92 B8 BF 07 13 0B A0 9B DF 41 E2 8A F6 D3
17 53 E1 BA 7F C0 D0 BC 10 B7 9B 63 4F 06 D0 7B
AC C6 FB CE 95 F7 8A 72 AA 10 EA B0 D1 6D 74 69
5E 20 68 5D 1A 66 28 C5 59 33 43 DB EE DA 00 80
99 5E DD 17 AC 43 36 1E D0 5B 06 0F 8C 6C 82 D3
BB 3E 2B A5 F1 94 FB 53 7B B0 54 22 6F F6 4C 18
1B 72 1C

What does the highlighted tag 0xA0 mean? What type it encodes?

The next value is 0x03 which is the length of the 0xA0 tag. But the next byte after the length is actually INTEGER type - 0x02.

Who can explain this?

Answer 1

specific answer

To answer the specific question: 0xA0 is a 1-byte ASN.1 tag meaning constructed CONTEXT-specific item #0. "constructed" means it will contain other entries. But its meaning beyond that depends on the context it is used in.

general answer

There are four classes to ASN.1 tags, encoded in the two topmost bits of the first tag byte.

UNIVERSAL is for the predefined tag types. That means both the tree-leaves which contain actual data (INTEGER, OID, OCTET STRING and so on), and the standard "constructed" container types SEQUENCE and SET. SEQUENCE (0x30) is what you encounter a lot.

APPLICATION, CONTEXT and PRIVATE tag classes are a different beast. The constructed/primitive flag at bit 5 = 0x20 still applies, but beyond that, there are no "universal" pre-defined tag value meanings. So in most cases, the lower bits of the tag will start at 0, counting up.

There is no formal requirement I know of which of these three classes needs to be used when. But the idea is this:

• APPLICATION for wide use within an application context,
• PRIVATE for data proprietary and internals to an organisation,
• CONTEXT for use in a specific, defined context.

Cryptography standards like the X.509 and the PKCS series use CONTEXT.

The bias towards CONTEXT is also inherent in the ASN.1 specification; when defining an ASN.1 module, the CONTEXT keyword may be omitted - [0] means CONTEXT[0]. In contrast, APPLICATION and PRIVATE keywords are mandatory.

Another practical example is given with CHOICE implementations: the "outer" part of CHOICE being represented in an 0xA0 tag, the alternatives then numbered 0x80, 0x81 and so on - because their meaning applies within the CONTEXT of the outer tag.

Answer 2

0xA0 is a Context Specific tag. In your example it contains an integer as you correctly deduced. In ASN.1 you can have 4 encoding of class of the 1-byte tag (more in section 8.1.2.2 of ITU-T X.690):

• Universal (00xxxxxx)
• Application (01xxxxxx)
• Context-specific (10xxxxxx)
• Private (11xxxxxx)

Personally I've never seen anything other than Universal (i.e sequence, integer, octet string) and context-specific.

You can explore the structure of the certificate by using ASN.1 Editor. I've selected the context specific tag here: