OpenSSL "ans1parse" - BITWRAP and OCTWRAP Modifiers

Q

What are BITWRAP and OCTWRAP modifiers in the configuration file for the OpenSSL "asn1parse" command?

✍: FYIcenter.com

A

BITWRAP and OCTWRAP modifiers in OpenSSL configuration files are used to automatically wrap a SEQUENCE structure into a BIT STRING or OCTET STRING field.

The test below is a demonstration of using BITWRAP and OCTWRAP modifiers to wrap SEQUENCE structures into BIT STRING or OCTET STRING fields.

C:\Users\fyicenter>type asn1_question_wrap_modifier.cnf
asn1 = SEQUENCE:questionSection

[questionSection]
trackingNumber  = INTEGER:5
questionText    = IA5STRING:"In asymmetric encryption, which key can be given out?"
answerOptionBit = BITWRAP,SEQUENCE:optionSection
answerOptionOct = OCTWRAP,SEQUENCE:optionSection

[optionSection]
optionA = IA5STRING:"A) Private key"
optionB = IA5STRING:"B) Public key"
optionC = IA5STRING:"C) Both keys"

C:\Users\fyicenter>\local\openssl\openssl 
   asn1parse -genconf asn1_question_wrap_modifier.cnf
    0:d=0  hl=3 l= 157 cons: SEQUENCE
    3:d=1  hl=2 l=   1 prim: INTEGER           :05
    6:d=1  hl=2 l=  53 prim: IA5STRING         :In asymmetric encryption, 
                                                which key can be given out?
   61:d=1  hl=2 l=  48 prim: BIT STRING
  111:d=1  hl=2 l=  47 prim: OCTET STRING      [HEX DUMP]:302D160E41292050726976
        617465206B6579160D4229205075626C6963206B6579160C432920426F7468206B657973

C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl 
   asn1parse -genconf asn1_question_wrap_modifier.cnf -strparse 61
    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=  14 prim: IA5STRING         :A) Private key
   18:d=1  hl=2 l=  13 prim: IA5STRING         :B) Public key
   33:d=1  hl=2 l=  12 prim: IA5STRING         :C) Both keys

C:\Users\fyicenter>\local\OpenSSL-Win32\bin\openssl 
   asn1parse -genconf asn1_question_wrap_modifier.cnf -strparse 111
    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=  14 prim: IA5STRING         :A) Private key
   18:d=1  hl=2 l=  13 prim: IA5STRING         :B) Public key
   33:d=1  hl=2 l=  12 prim: IA5STRING         :C) Both keys

Note that an extra leading 0x00 byte is added to the BIT STRING value, This is why the value length of the same wrap in BIT STRING is higher than OCTET STRING: 48 comparing to 47.

 

OpenSSL "ans1parse" - Wrap of Primitive Field

OpenSSL "ans1parse" - Wrap of SEQUENCE Structure

OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-28, 4854👍, 0💬