Search code examples
taggingasn.1pkcs#15

PKCS15 PKCS15Object tagging misunderstanding

While doing with ASN.1 and decoding the PKCS #15 token, I've found that I do not understand why tags [0] and [1] of the PKCS15Object are EXPLICIT and not implicit, as it declared whit DEFINITIONS IMPLICIT TAGS clause.

PKCS-15 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
         pkcs-15(15) modules(1) pkcs-15(1)} 

-- $Revision: 1.7 $ --

DEFINITIONS IMPLICIT TAGS ::=

...

PKCS15Object {ClassAttributes, SubClassAttributes, TypeAttributes}
    ::= SEQUENCE {
    commonObjectAttributes  CommonObjectAttributes,
    classAttributes         ClassAttributes,
    subClassAttributes      [0] SubClassAttributes OPTIONAL <<--- explicit?,
    typeAttributes          [1] TypeAttributes              <<--- explicit?
}

PrivateKeyObject {KeyAttributes} ::= PKCS15Object { 
    CommonKeyAttributes, CommonPrivateKeyAttributes, KeyAttributes}

PrivateKeys  ::= PathOrObjects {PrivateKeyType}

PrivateKeyType ::= CHOICE {
    privateRSAKey   PrivateKeyObject {PrivateRSAKeyAttributes},
    privateECKey    [0] PrivateKeyObject {PrivateECKeyAttributes},
    ... -- For future extensions
}

PrivateRSAKeyAttributes ::= SEQUENCE {
    value           ObjectValue {RSAPrivateKeyObject},
    modulusLength   INTEGER, -- modulus length in bits, e.g. 1024
    keyInfo         KeyInfo {NULL, PublicKeyOperations} OPTIONAL,
    ... -- For future extensions
}

Please, someone, explain it to me.

Solution

  • It is due to rule 31.2.7 (c) in X.680. You have an untagged DummyReference that you are tagging, so your tag is made explicit.