OpenSSL "ans1parse" - ASN.1 OCTET STRING Field Type
What is ASN.1 OCTET STRING field type? How to specify OCTET STRING field type in OpenSSL "asn1parse" command?
ASN.1 OCTET STRING field is a primitive field that can be used to store byte strings of any size. To use ASN.1 OCTET STRING field in OpenSSL "asn1parse" command, you need to remember the following rules:
1. ASN.1 OCTET STRING type tag is 0x04.
2. ASN.1 OCTET STRING type code for "asn1parse" command is OCTETSTRING or OCT
3. ASN.1 OCTET STRING value literal can be an ASCII string quoted or not quoted of any size. Double quote (") is reserved as the string quotation. (\") can be used to include (") inside the string. For example, (Hello), ("Hello World!") and ("I heard \"Help!\"") are all valid OCTET STRING values.
4. ASN.1 OCTET STRING value literal can also be a HEX string of any size. To use a HEX string as OCTET STRING value, the field entry must prefix with "FORMAT:HEX," modifier. For example, (FORMAT:HEX,OCTETSTRING:41424344) is a valid OCTET STRING field entry that represents (ABCD) in ASCII format.
5. ASN.1 OCTET STRING value is stored with DER encoding as the value itself. For example, "ABCD" is stored in DER format as 0x41424344.
Here are examples of using BIT STRING with the OpenSSL "asn1parse" command:
C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> asn1parse -genstr OCTETSTRING:"ABCD" 0:d=0 hl=2 l= 4 prim: OCTET STRING :ABCD OpenSSL> asn1parse -genstr FORMAT:HEX,OCTETSTRING:41424244 0:d=0 hl=2 l= 4 prim: OCTET STRING :ABBD OpenSSL> asn1parse -genstr FORMAT:HEX,OCTETSTRING:020101 0:d=0 hl=2 l= 3 prim: OCTET STRING [HEX DUMP]:020101
â‡‘â‡‘ OpenSSL Tutorials
2016-09-28, 8807👍, 0💬
How to show all certificates in the server certificate chain using the OpenSSL "s_client -connect" c...
Certificate Summary: Subject: thawte Primary Root CA - G2 Issuer: thawte Primary Root CA - G2 Expira...
Certificate Summary: Subject: Entrust Certification Authority - L1K Issuer: Entrust Root Certificati...
Certificate summary - Owner: *.dailymotion.com, Dailymotion SA, L=paris, ST=france, FR Issuer: DigiC...
Can I sign my own CSR with a given serial number using the OpenSSL "req -x509" command? Yes, you can...