Structuring Data 157 Listing A simple example of data type definition using ASN

SC Controller ::= SEQUENCE { Definition of a new data type for SC Controller.

Name IA5String, The name of the microcontroller is an ASCII string.

CPUType CPUPower, CPUType refers to the definition of CPUPower.

NPU BOOLEAN, Boolean value as a yes/no assertion regarding whether a coprocessor (NPU) is present.

EEPROMSize INTEGER, The size of the EEPROM is an integer value.

RAMSize INTEGER, The size of the RAM is an integer value.

ROMSize INTEGER} The size of the ROM is an integer value.

CPUPower ::= ENUMERATED { Definition of a new data type for CPUPower as an enumerated type.

8Bit (8), Possible selection value for the 8-bit CPU type.

16Bit (16), Possible selection value for the 16-bit CPU type.

32Bit (32)} Possible selection value for the 32-bit CPU type.

Listing 4.2 The data definitions from Listing 4.1, filled with data for a particular microcontroller

SuperXS SC Controller ::= { Specific instance of the SC-Controller data type with the data for SuperXS.

Name ''XS 8 Bit'', The name of the microcontroller is ‘XS 8 Bit’.

CPUType 8, This is an 8-bit CPU.

NPU true, No coprocessor (NPU) is present.

EEPROMSize 1024, The size of the EEPROM is 1024 bytes.

RAMSize 256, The size of the RAM is 256 bytes.

ROMSize 8192} The size of the ROM is 8192 bytes.

Listing 4.3 The data for a particular microcontroller from Listing 4.2, coded using the ASN.1 BER '30 1C' Tag'30'for a string with a length of 28 bytes

('1C'). '16 08 58 53 20 38 20 42

69 74'

Tag'16'for an IA5 string with a length of 8 bytes ('08') and a content of'58 53 20 38 20 42 69 74' (=''XS 8 Bit'').

'0A 01 08' Tag'0A'for an enumerated data type with a length of 1 byte ('01') and a content of'08'.

'01 01 FF' Tag'01'for a Boolean data type with a length of 1 byte ('01') and a content of'FF', which corresponds to the value'true'.

'02 02 04 00' Tag'02'for an integer data type with a length of 2 bytes ('02') and a content of'04 00'(1024). '02 02 01 00' Tag'02'for an integer data type with a length of

2 bytes ('02') and a content of'01 00'(256). '02 02 20 00' Tag'02'for an integer data type with a length of

The Basic Encoding Rules (BER) for ASN.1 are defined in the ISO/IEC 8825 standard. Data objects created according to these rules are called BER-TLV-coded data objects. A BER-coded data object has a label (called a ‘tag’), a length field and the actual data part, with an optional end marker. Certain bits in the tag are predefined by the coding rules. The actual structure is shown in Figure 4.1. The Distinguished Encoding Rules (DER) form a subset of the BER. These coding rules specify, among other things, the coding of the length information, which may be one, two or three bytes long. A basic summary of the BER and DER can be found in Burton Kaliski [Kaliski 93].

ASN.1 objects are coded using the classic TLV structure, in which ‘T’ (tag) denotes the object’s label, ‘L’ (length) refers to its length and ‘V’ (value) is the actual data. The first field of a TLV structure is the tag for the data object in the following V field. To avoid the need for each user to define his or her own tags, which would open the door to incompatibility, there are standards that define tags for various, frequently used data structures. ISO/IEC 7816-6, for example, defines tags for objects used in general industrial applications, ISO/IEC 7816-4 defines tags for secure messaging, and EMV also defines several other tags. It is by no means the case that a given tag is universally used for the same type of data element, but a process of standardization is essentially taking place.

1 ... 2 bytes 1 ... 3 bytes n bytes tag T TLV object length L value V

Figure 4.1 The principle of BER-based TLV coding according to ANS.1

The two most significant bits of the tag encode the class of the following data object. The class indicates the general type of the data object. Theuniversalclass indicates general data objects, such as an integers and character strings. Theapplicationclass indicates that the data object belongs to a particular application or standard (e.g. ISO/IEC 7816-6). The other two classes,context-specificandprivate, fall under the heading of non-standardized applications. The bit following the two class bits indicates whether the tagged object is constructed from other data objects. The five least-significant bits are the actual label. Since this can have a value of only 0 through 30, due to its limited address space, it is possible to point to the following byte by setting all five bits to 1. All values from 31 to 127 are allowed in the second byte. Bit 8 of the second byte is a pointer that is reserved for future use, so it cannot presently be used. The required number of length bytes is shown in Table 4.3.

The standard also defines the term ‘template’. A template is a data object that serves as a container for other data objects. ISO/IEC 7816-6 defines the tags for possible data objects in the domain of industry-wide applications of smart cards. ISO 9992-2 covers the domain of smart card financial transactions.

This method of data encoding has several characteristics that are particularly useful in the field of smart cards. Since the available memory space is generally never enough, using data objects based on ASN.1 can produce considerable space savings. TLV encoding makes it possible to transfer and store variable-length data without a lot of complications. This allows

4.1 Structuring Data 159