OpenSSL "ans1parse -strparse" - Extract ASN.1 Sub Structure

Q

How to how extra an ASN.1 child structure using the OpenSSL "ans1parse" command?

✍: FYIcenter.com

A

You can use the OpenSSL "ans1parse -strparse offset" command to extract an ASN.1 child structure from a nested ASN.1 structure. as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> asn1parse -inform DER -in asn1_question.der -i
    0:d=0  hl=2 l= 105 cons: SEQUENCE
    2:d=1  hl=2 l=   1 prim:  INTEGER           :05
    5:d=1  hl=2 l=  53 prim:  IA5STRING         :In asymmetric encryption, 
                                                 which key can be given out?
   60:d=1  hl=2 l=  45 cons:  SEQUENCE
   62:d=2  hl=2 l=  14 prim:   IA5STRING         :A) Private key
   78:d=2  hl=2 l=  13 prim:   IA5STRING         :B) Public key
   93:d=2  hl=2 l=  12 prim:   IA5STRING         :C) Both keys

OpenSSL> asn1parse -inform DER -in asn1_question.der -i -strparse 60
    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=  14 prim:  IA5STRING         :A) Private key
   18:d=1  hl=2 l=  13 prim:  IA5STRING         :B) Public key
   33:d=1  hl=2 l=  12 prim:  IA5STRING         :C) Both keys

OpenSSL> asn1parse -inform DER -in asn1_question.der -i -strparse 60 
   -noout -out asn1_question_option.der

OpenSSL> asn1parse -inform DER -in asn1_question_option.der
    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=  14 prim: IA5STRING         :A) Private key
   18:d=1  hl=2 l=  13 prim: IA5STRING         :B) Public key
   33:d=1  hl=2 l=  12 prim: IA5STRING         :C) Both keys

OpenSSL> asn1parse -inform DER -in asn1_question_option.der -strparse 33
Error in encoding
12608:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:
.\crypto\asn1\asn1_lib.c:147:

Note about the test:

"asn1parse -inform DER -in asn1_question.der -i" command parses a nested SEQUENCE ASN.1 structure.
"asn1parse -inform DER -in asn1_question.der -i -strparse 60" command extracts the child SEQUENCE ASN.1 structure at offset of 0x60.
"asn1parse -inform DER -in asn1_question.der -i -strparse 60 -noout -out asn1_question_option.der" command extracts the child SEQUENCE ASN.1 structure at offset of 0x60 and saves the child structure to the output DER file.
"asn1parse -inform DER -in asn1_question_option.der" command parses the child SEQUENCE structure from the DER file.
"asn1parse -inform DER -in asn1_question_option.der -strparse 33" command tries to extract a primitive field. But this is not supported.

⇒ OpenSSL "ans1parse" - ASN.1 INTEGER Field Type

⇐ OpenSSL "ans1parse -genconf" - Nested SEQUENCE ASN.1 Structure

⇑ OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-30, ≈14🔥, 0💬

OpenSSL "ans1parse" - ASN.1 BIT STRING Field Type
What is ASN.1 BIT STRING field type? How to specify BIT STRING field type in OpenSSL "asn1parse" command? ASN.1 BIT STRING field is a primitive field that can be used to store bit strings of any size. To use ASN.1 BIT STRING field in OpenSSL "asn1parse" command, you need to remember the following ru... 2016-09-30, ≈13🔥, 0💬

OpenSSL "ans1parse" - ASN.1 OCTET STRING Field Type
What is ASN.1 OCTET STRING field type? How to specify OCTET STRING field type in OpenSSL "asn1parse" command? ASN.1 OCTET STRING field is a primitive field that can be used to store byte strings of any size. To use ASN.1 OCTET STRING field in OpenSSL "asn1parse" command, you need to remember the fol... 2016-09-28, ≈13🔥, 0💬

OpenSSL "ans1parse -genconf" - Nested SEQUENCE ASN.1 Structure
How to how generate a DER with a nested SEQUENCE ASN.1 structure using the OpenSSL "ans1parse" command? You can define a nested SEQUENCE ASN.1 structure in an OpenSSL configuration file and use the "ans1parse -genconf" command to generate a DER with the structure as shown in the test below: C:\Users... 2016-10-15, ≈10🔥, 0💬

OpenSSL "ans1parse" - ASN.1 OBJECT IDENTIFIER Field Type
What is ASN.1 OBJECT IDENTIFIER field type? How to specify OBJECT IDENTIFIER field type in OpenSSL "asn1parse" command? ASN.1 OBJECT IDENTIFIER field is a primitive field that can be used to store an Object Identifier (OID) defined in the ASN.1 standard. An OID has 3 equivalent values: short name, l... 2016-09-30, ∼9733🔥, 0💬

OpenSSL "ans1parse -genconf" - Configuration File
How to generate a DER file with a configuration file using the OpenSSL "ans1parse" command? You can use the OpenSSL configuration file to define an ASN.1 structure and call OpenSSL "ans1parse -genconf config_file" command to generate a DER file by respecting the following rules: 1. Use "ans1parse -g... 2016-10-15, ∼9678🔥, 0💬

OpenSSL "ans1parse" - ASN.1 INTEGER Field Type
What is ASN.1 INTEGER field type? How to specify INTEGER field type in OpenSSL "asn1parse" command? ASN.1 INTEGER field is a primitive field that can be used to store signed integers of any size. To use ASN.1 INTEGER field in OpenSSL "asn1parse" command, you need to remember the following rules: ASN... 2016-09-30, ∼9412🔥, 0💬

OpenSSL "ans1parse" - ASN.1 IA5STRING Field Type
What is ASN.1 IA5STRING field type? How to specify IA5STRING field type in OpenSSL "asn1parse" command? ASN.1 IA5STRING field is a primitive field that can be used to store IA5 (ISO 646) character strings. IA5 character set is generally equivalent to ASCII character set. To use ASN.1 IA5STRING field... 2016-09-30, ∼8905🔥, 0💬

OpenSSL "ans1parse -genstr" - Single Primitive Field DER File
How to generate a DER file with a single data field using the OpenSSL "ans1parse" command? You can use the OpenSSL "ans1parse -genstr" command to generate a DER file with a single data field. You just need to specify the field type and field value separated by ":". Here are some examples of using "a... 2016-10-15, ∼8901🔥, 0💬

ASN.1 Field Types Supported by OpenSSL
What are ASN.1 field types supported by the OpenSSL "ans1parse" command? OpenSSL "ans1parse" command supports the following ASN.1 field types: BOOLEAN, BOOL - This encodes a boolean type. The value string is mandatory and should be TRUE or FALSE. Additionally TRUE, true, Y, y, YES, yes, FALSE, false... 2016-10-15, ∼8867🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.