Distinguished Encoding Rules

The Distinguished Encoding Rules (DER) are a subset of BER; they eliminate some of the flexibility provided by BER, however, they also guarantee that there is one and only one way to encode a message. That is, if we were to encode, decode, re-encode, re-decode, and re-re-encode, all three encodings must be the same. DER is commonly used in security-related applications such as X.509 digital certificates.

DER uses the definite length form encoding.


Age ::= INTEGER (0..7)
firstGrade Age ::= 6
        -- 02 01 06

Encoding Types

The restrictions imposed by DER on BER are listed below:

  • The length field must be encoded in the minimum number of octets.
  • For BOOLEAN types, in DER, FALSE is always encoded as 00 and TRUE is always encoded as FF.
  • For BIT STRING types:
    • Unused bits in last octet are set to 0.
    • Trailing 0s are not encoded for a named bit list.
    • If no bits are on, set length to 1 and use one octet of 00.
  • For BIT STRING and OCTET STRING types, DER does not allow the constructed form (breaking a string into multiple TLVs) or the indefinite length form.
  • For REAL types, base 10 uses the NR3 form:
    • No spaces.
    • No plus sign in mantissa or exponent.
    • The period is used as decimal separator.
    • Mantissa must not begin nor end with 0s.
    • Mantissa is followed by ".E".
    • Exponent cannot begin with 0.
  • REAL base 2:
    • Mantissa is 0 or an odd number.
    • Mantissa and exponent must be encoded in the minimum number of octets.
    • Scale factor F = 0.
  • For time types:
    • There are no meaningless trailing zeroes.
    • No decimal point is allowed if there is no fractional part in UTCTime.
    • Always use Z form.
    • Always use decimal point in GeneralizedTime.
    • Never encode a default value.
  • For SET types:
    • Elements are sorted into tag order.
  • For SET OF types:
    • Elements are sorted into ascending order of encoding.

Related Topics