OpenSSL "ans1parse" - ASN.1 BIT STRING Field Type
What is ASN.1 BIT STRING field type? How to specify BIT STRING field type in OpenSSL "asn1parse" command?
ASN.1 BIT STRING field is a primitive field that can be used to store bit strings of any size. To use ASN.1 BIT STRING field in OpenSSL "asn1parse" command, you need to remember the following rules:
1. ASN.1 BIT STRING type tag is 0x03.
2. ASN.1 BIT STRING type code for "asn1parse" command is BITSTRING or BITSTR
3. ASN.1 BIT STRING value literal can be an ASCII string quoted or not quoted of any size. Double quote (") is reserved as the string quotation. (\") can be used to include (") inside the string. For example, (Hello), ("Hello World!") and ("I heard \"Help!\"") are all valid BIT STRING values.
4. ASN.1 BIT STRING value literal can also be a HEX string of any size. To use a HEX string as BIT STRING value, the field entry must prefix with "FORMAT:HEX," modifier. For example, (FORMAT:HEX,BITSTRING:41424344) is a valid BIT STRING field entry that represents (ABCD) in ASCII format.
5. ASN.1 BIT STRING value is stored with DER encoding as the value itself with an extra leading byte of 0x00. For example, "ABCD" is stored in DER format as 0x0041424344.
6. You can use the "asn1parse -dump" command option to dump the BIT STRING value in HEX format.
Here are examples of using BIT STRING with the OpenSSL "asn1parse" command:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> asn1parse -genstr BITSTRING:ABCD -dump 0:d=0 hl=2 l= 5 prim: BIT STRING 0000 - 00 41 42 43 44 .ABCD OpenSSL> asn1parse -genstr BITSTRING:"ABCD" -dump 0:d=0 hl=2 l= 5 prim: BIT STRING 0000 - 00 41 42 43 44 .ABCD OpenSSL> asn1parse -gens tr FORMAT:HEX,BITSTRING:41424344 -dump 0:d=0 hl=2 l= 5 prim: BIT STRING 0000 - 00 41 42 43 44 .ABCD
2016-09-30, 6458👍, 0💬
Certificate Summary: Subject: Equifax Secure Certificate Authority Issuer: Equifax Secure Certificat...
Certificate summary - Owner: MSIT Machine Auth CA 2, Dredmond, Dcorp, Dmicrosoft, Dcom Issuer: Micro...
What certificates are included in the Java default trusted certificate keystore file: "cacerts"? For...
How to show all certificates in the server certificate chain using the OpenSSL "s_client -connect" c...
Why I am getting the "unable to open './demoCA/index.txt'" error when running OpenSSL "ca" command? ...