DER格式解析
------------------------------------1------------------------------------
A SEQUENCE contains an ordered field of one or more types. It is encoded into a TLV triplet that begins with a Tag byte of 0x30. The following Certutil.exe output from the PKCS #10 Encoded ASN.1 topic provides multiple examples of SEQUENCE data structures. The output shows a 128 byte public key and three byte exponent.
30 81 9f ; SEQUENCE (9f Bytes) | 30 0d ; SEQUENCE (d Bytes) | | | 06 09 ; OBJECT_ID (9 Bytes) | | | 2a 86 48 86 f7 0d 01 01 01 ; 1.2.840.113549.1.1.1 | | 05 00 ; NULL (0 Bytes) | 03 81 8d ; BIT_STRING (8d Bytes) | 00 | 30 81 89 ; SEQUENCE (89 Bytes) | 02 81 81 ; INTEGER (81 Bytes) | | 00 | | 8f e2 41 2a 08 e8 51 a8 8c b3 e8 53 e7 d5 49 50 | | b3 27 8a 2b cb ea b5 42 73 ea 02 57 cc 65 33 ee | | 88 20 61 a1 17 56 c1 24 18 e3 a8 08 d3 be d9 31 | | f3 37 0b 94 b8 cc 43 08 0b 70 24 f7 9c b1 8d 5d | | d6 6d 82 d0 54 09 84 f8 9f 97 01 75 05 9c 89 d4 | | d5 c9 1e c9 13 d7 2a 6b 30 91 19 d6 d4 42 e0 c4 | | 9d 7c 92 71 e1 b2 2f 5c 8d ee f0 f1 17 1e d2 5f | | 31 5b b1 9c bc 20 55 bf 3a 37 42 45 75 dc 90 65 | 02 03 ; INTEGER (3 Bytes) | 01 00 01
If the SEQUENCE contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If it is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For example, the second byte of the first line in the preceding example indicates that there is one trailing Length byte that specifies 0x9F bytes of content (most of the SEQUENCE is not shown). For more information, see Encoded Length and Value Bytes.
reference:
-----------------------------------2-------------------------------------
A SET contains an unordered series of fields of one or more types. It is encoded into a TLV triplet that begins with a Tag byte of 0x31. The following example, adapted from the CMC Encoded ASN.1 topic, shows how a ClientId attribute is encoded in a SET data structure. The attribute can be specified by using the IX509AttributeClientId interface.
31 59 ; SET (59 Bytes)
30 57 ; SEQUENCE (57 Bytes)
06 09 ; OBJECT_ID (9 Bytes)
| 2b 06 01 04 01 82 37 15 14 ; 1.3.6.1.4.1.311.21.20
31 4a ; SET (4a Bytes)
30 48 ; SEQUENCE (48 Bytes)
02 01 ; INTEGER (1 Bytes)
| 09
0c 23 ; UTF8_STRING (23 Bytes)
| 76 69 63 68 33 64 2e 6a ; vich3d.j
| 64 6f 6d 63 73 63 2e 6e ; domcsc.n
| 74 74 65 73 74 2e 6d 69 ; ttest.mi
| 63 72 6f 73 6f 66 74 2e ; crosoft.
| 63 6f 6d ; com
0c 15 ; UTF8_STRING (15 Bytes)
| 4a 44 4f 4d 43 53 43 5c ; JDOMCSC\
| 61 64 6d 69 6e 69 73 74 ; administ
| 72 61 74 6f 72 ; rator
0c 07 ; UTF8_STRING
If the SET contains fewer than 128 bytes, the Length field of the TLV triplet requires only one byte to specify the content length. If it is more than 127 bytes, bit 7 of the Length field is set to 1 and bits 6 through 0 specify the number of additional bytes used to identify the content length. For more information, see Encoded Length and Value Bytes.
------------------------------------------------------------------------
https://msdn.microsoft.com/en-us/library/windows/desktop/bb648640(v=vs.85).aspx
=================================================================================
DER private key format:
DER public key format:
相关区域的值的验证:
