Saturday, 21 April 2012

Fiddling with ASN.1/DER and X.509 Certificates

   So it turns out that one of the most popular formats, if not THE most popular format, for storing X.509 certificates is base64 encoded DER; DER being an acronym for Distinguished Encoding Rules which is a concrete derivative of ASN.1 ( Abstract Syntax Notation One ). Well after a few days of reading about these two things and how they are related, I'm surprised at how little I'm actually able to understand. There is a fair amount of documentation about ASN.1 and a fair amount about X.509 certificates but there seems to be very little about how they relate. It also doesn't help that what little does exist is extremely vague...

  Luckily for me, I seemed to have stumbled upon ( literally stumbled, not the service ), two articles which seem to discuss both and how they intertwine. It is unfortunate that both articles are extremely long but maybe their density will prove to be a time saver in the long run.


  Now I can truly appreciate the value of .NET. They've simplified the entire process down to a single function call. I don't like the fact that I don't understand exactly what's going on but I have deadlines so it'll have to do for now. I hope to start my own   decoder implementation soon and hopefully finish it within the month.

1 comment:

  1. Wow! I have NO idea how to read dat post, but it looks awesome!

    ReplyDelete