OpenSSL "ans1parse" - RSA Private Key in ASN.1 Structure

Q

How to view the ASN.1 structure of an RSA private key using the OpenSSL "asn1parse" command?

✍: FYIcenter.com

A

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an RSA private key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl genrsa -out rsa_pri.key 512
Generating RSA private key, 512 bit long modulus
........++++++++++++
.++++++++++++
e is 65537 (0x10001)

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in rsa_pri.key
    0:d=0  hl=4 l= 313 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=2 l=  65 prim: INTEGER           :98872AF758AD6325645AA989ED59ABF2
        AA4200F6DE59C1D5567A343B8852E32A9EA593559142A0EDD535916D03490EAF324C3E6A
        973A7161E5D28E355E5E1E03
   74:d=1  hl=2 l=   3 prim: INTEGER           :010001
   79:d=1  hl=2 l=  64 prim: INTEGER           :53D1438D350FE301F349D70CD27F8A7C
        098FC7D3E190557214D986C6883D745368308136E08B09ED1A320D3E95C69E95D444BF3A
        1D4A7C470A5464DC377C51C1
  145:d=1  hl=2 l=  33 prim: INTEGER           :C92957B5A21906C2C00F15D9342A71A8
        B9F5FD24B470D7C390103E64CDE19153
  180:d=1  hl=2 l=  33 prim: INTEGER           :C21BCA856858A0B1581DF145DA078980
        A80EEB500FB53EAD7C553B9BC2DA3A91
  215:d=1  hl=2 l=  32 prim: INTEGER           :6542B872281CECF84FF1C80FC460B142
        3C0A05D9DA330B89D81535334D28051D
  249:d=1  hl=2 l=  32 prim: INTEGER           :5FEA5BA890673B00670A64AE9F8E19E3
        F927661FA9A365D5541AC9D9ADEF2801
  283:d=1  hl=2 l=  32 prim: INTEGER           :102295BDF616C7EE47549705CA808BEC
        1C53AA5AE38CD0A781E4FE3CDEF6E42C

C:\Users\fyicenter>\local\openssl\openssl pkey -in rsa_pri.key -text -noout
Private-Key: (512 bit)
modulus:
    00:98:87:2a:f7:58:ad:63:25:64:5a:a9:89:ed:59:
    ab:f2:aa:42:00:f6:de:59:c1:d5:56:7a:34:3b:88:
    52:e3:2a:9e:a5:93:55:91:42:a0:ed:d5:35:91:6d:
    03:49:0e:af:32:4c:3e:6a:97:3a:71:61:e5:d2:8e:
    35:5e:5e:1e:03
publicExponent: 65537 (0x10001)
privateExponent:
    53:d1:43:8d:35:0f:e3:01:f3:49:d7:0c:d2:7f:8a:
    7c:09:8f:c7:d3:e1:90:55:72:14:d9:86:c6:88:3d:
    74:53:68:30:81:36:e0:8b:09:ed:1a:32:0d:3e:95:
    c6:9e:95:d4:44:bf:3a:1d:4a:7c:47:0a:54:64:dc:
    37:7c:51:c1
prime1:
    00:c9:29:57:b5:a2:19:06:c2:c0:0f:15:d9:34:2a:
    71:a8:b9:f5:fd:24:b4:70:d7:c3:90:10:3e:64:cd:
    e1:91:53
prime2:
    00:c2:1b:ca:85:68:58:a0:b1:58:1d:f1:45:da:07:
    89:80:a8:0e:eb:50:0f:b5:3e:ad:7c:55:3b:9b:c2:
    da:3a:91
exponent1:
    65:42:b8:72:28:1c:ec:f8:4f:f1:c8:0f:c4:60:b1:
    42:3c:0a:05:d9:da:33:0b:89:d8:15:35:33:4d:28:
    05:1d
exponent2:
    5f:ea:5b:a8:90:67:3b:00:67:0a:64:ae:9f:8e:19:
    e3:f9:27:66:1f:a9:a3:65:d5:54:1a:c9:d9:ad:ef:
    28:01
coefficient:
    10:22:95:bd:f6:16:c7:ee:47:54:97:05:ca:80:8b:
    ec:1c:53:aa:5a:e3:8c:d0:a7:81:e4:fe:3c:de:f6:
    e4:2c

Note about the test:

  • A RSA private key is stored in a single ASN.1 SEQUENCE structure with 9 INTEGER sub fields. The first INTEGER is -0x00 indicating format version 1. The second INTEGER is the modulus. And so on.
  • "asn1parse" command automatically removes any extra leading 0x00 bytes in INTEGER values in the output. But the "pkey" command keeps leading 0x00 bytes. For example, the modulus is displayed as "00:98:87:2a:f7..." by the "pkey" command. Note that the extra leading 0x00 byte is needed for any positive integer that starts with a byte higher than 0x7f.

 

OpenSSL "ans1parse" - Configuration File for RSA Private Key

OpenSSL "ans1parse" - DER (Distinguished Encoding Rules)

OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-27, 5171👍, 0💬