In Cybersecurity, What Are OIDs, PEMs, DERs and ASN.1?

One of the most fundamental things for the protection of data is the usage of encryption keys. But, what do they look like, and how can we…
Photo by Alex Motoc on Unsplash

In Cybersecurity, What Are OIDs, PEMs, DERs and ASN.1?

One of the most fundamental things for the protection of data is the usage of encryption keys. But, what do they look like, and how can we generate them? In this case, we will generate and view encryption keys within the browser and use JavaScript.

We need ways to distribute our public keys, private keys and digital certificates in a portable format. One of the most common forms is Distinguished Encoding Rules (DER) encoding of ASN.1 (Abstract Syntax Notation One). Overall, these encode the binary data into a format which can be ported from one system to another.

The other common format is PEM, and which converts the binary encoding into a text readable format. This is commonly used to send keys over email or text-based communication channels. With PEM we can encode cryptographic information in a Base64 ASCII format and use plain-text headers of:

-----BEGIN PRIVATE KEY-----

and a footer of:

-----END PRIVATE KEY-----

With DER we represent the binary data for the keys as a hex string.

This article will look at the DER format and has code to decode a hex string and into its contents. Overall ASN.1 is used to define abstract types and values. One of the most basic types is SEQUENCE and is an ordered collection of one or more types. In DER, SEQUENCE is identified with a tag of “30”, and followed by a byte value for the length of the object defined. The other common types are OBJECT IDENTIFIER (and which has a tag of “06”) and BIT STRING (and which has a tag of “03”).

The object identifier tag is used to define the cryptography methods used. An example identifier for ECC encryption is “1.2.840.10045.2.1”, and where 1 is OSI, 2 is member body, 840 is US (ANSI), and 10045 is “ansi-X9–62”, and “2” is key type [1]. Other common algorithms are: “1.2.840.113549.1.1.1” (X509 RSA), “1.2.840.10040.4.1” (X509 Digital Signature Standard -DSS), and “1.2.840.10046.2.1” (Diffie-Hellman — DH). The following is an example of the hex sequence for an object ID, and where we have the “06” tag, followed by an identifier for seven bytes (“07”), and then the Object ID of seven bytes (“2a8648ce3d0201”):

06 07 2a8648ce3d0201  # Object ID -  7 bytes long: 1.2.840.10045.2.1 (ECC)

We can also define the curve type in the object identifier, and where we have the form of iso(1), member-body(2), us(840), ansi-X9–62(10045), curves(3), prime(1). For example, 1.2.840.10045.3.1.7 defines ECDSA P-256. Other examples are SECP192R1 (“1.2.840.10045.3.1.1”), SECP224R1 (“1.3.132.0.33”), SECP256K1 (“1.3.132.0.10”), SECP256R1 (“1.2.840.10045.3.1.7”), SECP384R1 (“1.3.132.0.34”), SECP521R1 (“1.3.132.0.35”), and BRAINPOOLP256R1 (“1.3.36.3.3.2.8.1.1.7”). An example where we have an identifier (“06”), followed by the number of bytes identifier (“08”) and Object ID of eight bytes (“2a8648ce3d030107”):

06 08 2a8648ce3d030107  # Object ID -  8 bytes long: 1.2.840.10045.3.1.7 (ECDSA P256)

For the “03” tag, we define a bitstream for keys. In the following, we have “03”, followed by the number of bytes (66 bytes) for the keys, and then the keys are defined after this (64 bytes):

03 42 # Bit stream - 0x42 (66 bytes long)
0004 # Identifies public key
2927b10512bae3eddcfe467828128bad2903269919f7086069c8c4df6c732838 # Identifies public key x co-ordinate
c7787964eaac00e5921fb1498a60f4606766b3d9685001558d1a974e7341513e # Identifies public key y co-ordinate

An example hex string for a DER format for ECC public keys is:

3059301306072a8648ce3d020106082a8648ce3d030107034200042927b10512bae3eddcfe467828128bad2903269919f7086069c8c4df6c732838c7787964eaac00e5921fb1498a60f4606766b3d9685001558d1a974e7341513

We can then break it down with:

30 59 # Sequence length 0x59 -  91 bytes long
30 13 # Sequence length 0x13 -  21 bytes long
06 07 2a8648ce3d0201  # Object ID -  7 bytes long - 1.2.840.10045.2.1 (ECC)
06 08 2a8648ce3d030107  # Object ID -  8 bytes long - 1.2.840.10045.3.1.7 (ECDSA P256)
03 42 # Bit stream - 0x42 (66 bytes long)
0004 # Identifies public key
2927b10512bae3eddcfe467828128bad2903269919f7086069c8c4df6c732838 # Identifies public key x co-ordinate
c7787964eaac00e5921fb1498a60f4606766b3d9685001558d1a974e7341513e # Identifies public key y co-ordinate

In OpenSSL, we can convert from DER to PEM with:

openssl x509 -inform der -in mycert.der -out mycert.pem

and:

openssl x509 -outform der -in mycert.pem -out mycert.der

An example of a public key is:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw51PMBm2psyIjHPU1efH
Ulyh22zy3hEhlsNPH6/Cqg0HJorX1WbNKLfiU2aAt24jn4CC+y8PusrmMMCIca5x
0L4XZxm14QvKKImIOMOMblS1Te29n64HuuQ9owKLHuSMww4wiLiY/nAvjK/5/kKT
HL6x7nK/Pq72eoQ/etFBkaX5nYGUD/+G+5BgAPx1mBgU5/y9+/+QZ9xbYU6zogOW
Tfa6rDMSAbmJOtkk1ghnuaq4dSoHWbW+zpHMVtjtHgzDGhX9KjOmvSDQIGn4wevD
p2yDLULUbsdO4ylacTkxyIc92ZHdZeP6Hh+KhNC04Z65zwXLEA3M4bucX+u6nszW
xwIDAQAB
-----END PUBLIC KEY-----

RSA key generation

We will use JavaScript to generate the keys and then display them in PEM, DER and ASN.1 format. The code used is [here]:

A sample run for a 512-bit RSA private key is [here]:

-----BEGIN PRIVATE KEY-----
MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAoqlgDMmARJv5JOQp
OnNIdrIhIsH9DGzM6WQdLkfKaHv/kcNjqCBE2Zfs5sZiHKpmq4JyuU3iNztOEqLz
wsk3SQIDAQABAkEAodo9K5wY2KwGdZHeAD4T3Z+TXx19qK5eGuG2M4XVvq4DBNSA
5YPgWdnQnEvP8TwWa7pLh5opZ/QabpOuD3QtbQIhAOM7IgENd1B6b6ErSIwObNuo
wWaR5RGSM1vq5fHSBmCDAiEAt0F1/MhgOCp/RrH8WGyzbwVnsnalt/SSao/rJ+PO
J0MCIQC+ThzpcsS1gwUQnvZwTfh/cvMemxuUvrQCzFTuVO6ATwIgD3OvlS74HgRH
Uxiy5GnV/2h/Q+cJNiejKOUVuPlWaq0CIQC7iQvHEQZT7iWiC1IQh5aVLqBUaYPR
ukh54UoFLrGrkw==
-----END PRIVATE KEY-----
Hex:
30820156020100300d06092a864886f70d0101010500048201403082013c020100024100a2a9600cc980449bf924e4293a734876b22122c1fd0c6ccce9641d2e47ca687bff91c363a82044d997ece6c6621caa66ab8272b94de2373b4e12a2f3c2c937490203010001024100a1da3d2b9c18d8ac067591de003e13dd9f935f1d7da8ae5e1ae1b63385d5beae0304d480e583e059d9d09c4bcff13c166bba4b879a2967f41a6e93ae0f742d6d022100e33b22010d77507a6fa12b488c0e6cdba8c16691e51192335beae5f1d2066083022100b74175fcc860382a7f46b1fc586cb36f0567b276a5b7f4926a8feb27e3ce2743022100be4e1ce972c4b58305109ef6704df87f72f31e9b1b94beb402cc54ee54ee804f02200f73af952ef81e04475318b2e469d5ff687f43e7093627a328e515b8f9566aad022100bb890bc7110653ee25a20b52108796952ea0546983d1ba4879e14a052eb1ab93
ASN1:
SEQUENCE
  INTEGER 00
  SEQUENCE
    ObjectIdentifier rsaEncryption (1 2 840 113549 1 1 1)
    NULL
  OCTETSTRING, encapsulates
    SEQUENCE
      INTEGER 00
      INTEGER 00a2a9600cc980449bf924e4293a7348..(total 65bytes)..ab8272b94de2373b4e12a2f3c2c93749
      INTEGER 010001
      INTEGER 00a1da3d2b9c18d8ac067591de003e13..(total 65bytes)..6bba4b879a2967f41a6e93ae0f742d6d
      INTEGER 00e33b22010d77507a6fa12b488c0e6c..(total 33bytes)..a8c16691e51192335beae5f1d2066083
      INTEGER 00b74175fcc860382a7f46b1fc586cb3..(total 33bytes)..0567b276a5b7f4926a8feb27e3ce2743
      INTEGER 00be4e1ce972c4b58305109ef6704df8..(total 33bytes)..72f31e9b1b94beb402cc54ee54ee804f
      INTEGER 0f73af952ef81e04475318b2e469d5ff687f43e7093627a328e515b8f9566aad
      INTEGER 00bb890bc7110653ee25a20b52108796..(total 33bytes)..2ea0546983d1ba4879e14a052eb1ab93

The OID is then “1.2.840.113549.1.1.1” and identifies RSA encryption (see the table at the end of this article for other OIDs). Overall the private key will contain p, q, N (=p.q), e (public exponent) and d (private exponent). The public key is (e, N) and the private key is (d, N). Then, the associated RSA public key is:

-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKKpYAzJgESb+STkKTpzSHayISLB/Qxs
zOlkHS5Hymh7/5HDY6ggRNmX7ObGYhyqZquCcrlN4jc7ThKi88LJN0kCAwEAAQ==
-----END PUBLIC KEY-----
Hex:
305c300d06092a864886f70d0101010500034b003048024100a2a9600cc980449bf924e4293a734876b22122c1fd0c6ccce9641d2e47ca687bff91c363a82044d997ece6c6621caa66ab8272b94de2373b4e12a2f3c2c937490203010001
ASN1:
SEQUENCE
  SEQUENCE
    ObjectIdentifier rsaEncryption (1 2 840 113549 1 1 1)
    NULL
  BITSTRING 003048024100a2a9600cc980449bf924..(total 75bytes)..e2373b4e12a2f3c2c937490203010001

Note that the public key basically contains the public exponent and the modulus (N), whereas the private key will contain p, q, N, e and d.

ECC Key Generation

With ECC, we use a given curve type, such as secp256k1 for Ethereum or secp256r1 (P-256) for a NIST standard curve. Now we have a private key of:

-----BEGIN PRIVATE KEY-----
MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQg2dqIuzesyDVibsycpz2A
bsAlmRiaLsXhPdFs3fa0+MGhRANCAAR2Lxm+VzKuXtDw3uiRfv+o/xS/D7d6vmae
M7jplhPMAh/dOV0RzDGNDL3cl1S4IT7ZDky+h1X/2No01FSuwJF1
-----END PRIVATE KEY-----
Hex:
308184020100301006072a8648ce3d020106052b8104000a046d306b0201010420d9da88bb37acc835626ecc9ca73d806ec02599189a2ec5e13dd16cddf6b4f8c1a14403420004762f19be5732ae5ed0f0dee8917effa8ff14bf0fb77abe669e33b8e99613cc021fdd395d11cc318d0cbddc9754b8213ed90e4cbe8755ffd8da34d454aec09175
ASN1:
SEQUENCE
  INTEGER 00
  SEQUENCE
    ObjectIdentifier ecPublicKey (1 2 840 10045 2 1)
    ObjectIdentifier secp256k1 (1 3 132 0 10)
  OCTETSTRING, encapsulates
    SEQUENCE
      INTEGER 01
      OCTETSTRING d9da88bb37acc835626ecc9ca73d806ec02599189a2ec5e13dd16cddf6b4f8c1
      [1]
        BITSTRING 0004762f19be5732ae5ed0f0dee8917e..(total 66bytes)..d90e4cbe8755ffd8da34d454aec09175

We can see that the OID is 1.2.840.10045.2.1, and which represents EC methods. The curve is identified with an OID of 1.3.132.0.10, and which identifies secp256k1. The private key just contains the private key value (n). The associated public key is then:

-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEdi8Zvlcyrl7Q8N7okX7/qP8Uvw+3er5m
njO46ZYTzAIf3TldEcwxjQy93JdUuCE+2Q5MvodV/9jaNNRUrsCRdQ==
-----END PUBLIC KEY-----
Hex:
3056301006072a8648ce3d020106052b8104000a03420004762f19be5732ae5ed0f0dee8917effa8ff14bf0fb77abe669e33b8e99613cc021fdd395d11cc318d0cbddc9754b8213ed90e4cbe8755ffd8da34d454aec09175
ASN1:
SEQUENCE
  SEQUENCE
    ObjectIdentifier ecPublicKey (1 2 840 10045 2 1)
    ObjectIdentifier secp256k1 (1 3 132 0 10)
  BITSTRING 0004762f19be5732ae5ed0f0dee8917e..(total 66bytes)..d90e4cbe8755ffd8da34d454aec09175

In this case the public key just contains a single value, and which is n.G, and where n is the private key, and G is the base point.

Conclusions

In you are into cybersecurity, you should know your DER from your PEM, and your ASN.1 from your OID, as your encryption keys are one of the most important assets that any organisation can have, and so they need your private keys to be protected, and your public keys need to be trusted. You can try it here:

https://asecuritysite.com/javascript/keys

References

[1] RFC 3279, Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile [here]

A list of object IDs:

Hashing:
MD2	1.2.840.113549.2.2
MD5	1.2.840.113549.2.5
SHA-1	1.3.14.3.2.26
SHA-224	2.16.840.1.101.3.4.2.4
SHA-256	2.16.840.1.101.3.4.2.1
SHA-394	2.16.840.1.101.3.4.2.2
SHA-512	2.16.840.1.101.3.4.2.3
Public key:
RSA Encryption	1.2.840.113549.1.1.1
DSA	1.2.840.10040.4.1
Diffie-Hellman (dhPublicNumber)	1.2.840.10046.2.1
ECC (ecPublicKey)  	1.2.840.10045.2.1  
md2WithRsaEncryption	1.2.840.113549.1.1.2Signatures:
md5WithRsaEncryption	1.2.840.113549.1.1.4
sha1WithRsaEncryption	1.2.840.113549.1.1.5
sha224WithRsaEncryption  	1.2.840.113549.1.1.14
sha256WithRsaEncryption	1.2.840.113549.1.1.11
sha384WithRsaEncryption	1.2.840.113549.1.1.12
sha512WithRsaEncryption	1.2.840.113549.1.1.13
dsaWithSha1	1.2.840.10040.4.3
dsaWithSha224	2.16.840.1.101.3.4.3.1
dsaWithSha256	2.16.840.1.101.3.4.3.2
ecdsaWithSha1  	1.2.840.10045.4.1  
ecdsaWithSha224	1.2.840.10045.4.3.1
ecdsaWithSha256	1.2.840.10045.4.3.2
ecdsaWithSha384	1.2.840.10045.4.3.3
ecdsaWithSha512	1.2.840.10045.4.3.4
Password Base Encryption Algorithms:
pbeWithMd2AndDesCbc	1.2.840.113549.1.5.1
pbeWithMd5AndDesCbc	1.2.840.113549.1.5.3
pbeWithSha1AndDesCbc	1.2.840.113549.1.5.10
pbeWithMd2AndRc2Cbc	1.2.840.113549.1.5.4
pbeWithMd5AndRc2Cbc	1.2.840.113549.1.5.6
pbeWithSha1AndRc2Cbc	1.2.840.113549.1.5.11
pbeWithSha1And40BitRc2Cbc	1.2.840.113549.1.12.1.6
pbeWithSha1And128BitRc2Cbc	1.2.840.113549.1.12.1.5
pbeWithSha1And40BitRc4	1.2.840.113549.1.12.1.2
pbeWithSha1And128BitRc4	1.2.840.113549.1.12.1.1
pbeWithSha1And3DesCbc	1.2.840.113549.1.12.1.3Symmetric Encryption 
Algorithms:
DES CBC	1.3.14.3.2.7
3DES CBC	1.2.840.113549.3.7
RC2	1.2.840.113549.3.2
ArcFour	1.2.840.113549.3.4
AES CBC 128  	2.16.840.1.101.3.4.1.2
AES CBC 256	2.16.840.1.101.3.4.1.42x.500 Distinguished Name Attributes:
name	2.5.4.41
surname	2.5.4.4
given name	2.5.4.42
initials	2.5.4.43
generation qualifier	2.5.4.44
common name	2.5.4.3
locality name	2.5.4.7
state or province name	2.5.4.8
organization name	2.5.4.10
organizational unit name	2.5.4.11
title	2.5.4.12
dnQualifier	2.5.4.46
country name	2.5.4.6
email address	1.2.840.113549.1.9.1
domain component	0.9.2342.19200300.100.1.25
street address	2.5.4.9
postal code	2.5.4.17
mail	0.9.2342.19200300.100.1.3
serial number              	2.5.4.5ECC names:
secp192r1	1.2.840.10045.3.1.1
secp224r1	1.3.132.0.33
secp256r1	1.2.840.10045.3.1.7
secp384r1	1.3.132.0.34
secp521r1	1.3.132.0.35
brainpoolP160r1	1.3.36.3.3.2.8.1.1.1
brainpoolP192r1	1.3.36.3.3.2.8.1.1.3
brainpoolP224r1	1.3.36.3.3.2.8.1.1.5
brainpoolP256r1	1.3.36.3.3.2.8.1.1.7
brainpoolP320r1	1.3.36.3.3.2.8.1.1.9
brainpoolP384r1	1.3.36.3.3.2.8.1.1.11
brainpoolP512r1	1.3.36.3.3.2.8.1.1.13