Sorry, my English is bad, but I try formulate a question.
BouncyCastle project contains the implementation of the protocol DVCS (RFC-3029). The response(answer) to the DVCS request has the following structure
DVCSResponse ::= CHOICE {
dvCertInfo DVCSCertInfo ,
dvErrorNote [0] DVCSErrorNotice
}
DVCSCertInfo::= SEQUENCE {
version Integer DEFAULT 1 ,
dvReqInfo DVCSRequestInformation,
messageImprint DigestInfo,
serialNumber Integer,
responseTime DVCSTime,
dvStatus [0] PKIStatusInfo OPTIONAL,
policy [1] PolicyInformation OPTIONAL,
reqSignature [2] SignerInfos OPTIONAL,
certs [3] SEQUENCE SIZE (1..MAX) OF TargetEtcChain OPTIONAL,
extensions Extensions OPTIONAL
}
I am interested in the field dvStatus, here's the code from BouncyCastle in which the coding:
private static final int TAG_DV_STATUS = 0;
...
public DVCSCertInfo build()
{
ASN1EncodableVector v = new ASN1EncodableVector();
...
if (dvStatus != null)
{
// DERTaggedObject(bool explicitly, int tagNo, Org.BouncyCastle.Asn1.Asn1Encodable obj)
v.add(new DERTaggedObject(false, TAG_DV_STATUS, dvStatus)); //Why FALSE?
}
...
return DVCSCertInfo.getInstance(new DERSequence(v));
}
The field PkiStatusInfo in ASN1 as follows:
PkiStatusInfo ::= SEQUENCE {
status PKIStatus,
statusString PkiFreeText OPTIONAL,
failInfo PkiFailureInfo OPTIONAL
}
Dump of real dvcs responce:
SEQUENCE : dvCertInfo DVCSCertInfo
SEQUENCE : dvReqInfo DVCSRequestInformation
ENUMERATED : service ServiceType
INTEGER : nonce INTEGER
GENERALIZED TIME : requestTime DVCSTime
SEQUENCE : messageImprint DigestInfo
INTEGER : serialNumber Integer
GENERALIZED TIME : responseTime DVCSTime
CONTEXT SPECIFIC (0) : dvStatus [0] PKIStatusInfo
INTEGER : 0 status PKIStatus //Where SEQUENCE?
But I can not understand why it is encoded without Sequence.
If you look at RFC 3029 Appendix E, which contains the complete ASN.1 module, the third line includes "IMPLICIT TAGS". This indicates that BER or DER encodings of components with tags (such as [0]) should have the built-in UNIVERSAL tags replaced by the tag in the specification. This means that the context specific 0 is used instead of the UNIVERSAL 16 for the dvStatus component.
There are two excellent ASN.1 Books you can download free from http://www.oss.com/asn1/resources/books-whitepapers-pubs/asn1-books.html which will explain EXPLICIT vs. IMPLICIT tags clearly. You can also try your example in the free online ASN.1 compiler and encoder/decoder at http://asn1-playground.oss.com to see the effects of IMPLICIT vs. EXPLICIT tags on encodings.
Most new specifications created today use AUTOMATIC TAGS (implying implicit tagging). Many older specifications use IMPLICIT TAGS, while fewer, or more ancient specifications, tend to use EXPLICIT TAGS.