OpenSSL "ans1parse" - RSA Private Key in ASN.1 Structure

Q

How to view the ASN.1 structure of an RSA private key using the OpenSSL "asn1parse" command?

✍: FYIcenter.com

A

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an RSA private key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl genrsa -out rsa_pri.key 512
Generating RSA private key, 512 bit long modulus
........++++++++++++
.++++++++++++
e is 65537 (0x10001)

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in rsa_pri.key
    0:d=0  hl=4 l= 313 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=2 l=  65 prim: INTEGER           :98872AF758AD6325645AA989ED59ABF2
        AA4200F6DE59C1D5567A343B8852E32A9EA593559142A0EDD535916D03490EAF324C3E6A
        973A7161E5D28E355E5E1E03
   74:d=1  hl=2 l=   3 prim: INTEGER           :010001
   79:d=1  hl=2 l=  64 prim: INTEGER           :53D1438D350FE301F349D70CD27F8A7C
        098FC7D3E190557214D986C6883D745368308136E08B09ED1A320D3E95C69E95D444BF3A
        1D4A7C470A5464DC377C51C1
  145:d=1  hl=2 l=  33 prim: INTEGER           :C92957B5A21906C2C00F15D9342A71A8
        B9F5FD24B470D7C390103E64CDE19153
  180:d=1  hl=2 l=  33 prim: INTEGER           :C21BCA856858A0B1581DF145DA078980
        A80EEB500FB53EAD7C553B9BC2DA3A91
  215:d=1  hl=2 l=  32 prim: INTEGER           :6542B872281CECF84FF1C80FC460B142
        3C0A05D9DA330B89D81535334D28051D
  249:d=1  hl=2 l=  32 prim: INTEGER           :5FEA5BA890673B00670A64AE9F8E19E3
        F927661FA9A365D5541AC9D9ADEF2801
  283:d=1  hl=2 l=  32 prim: INTEGER           :102295BDF616C7EE47549705CA808BEC
        1C53AA5AE38CD0A781E4FE3CDEF6E42C

C:\Users\fyicenter>\local\openssl\openssl pkey -in rsa_pri.key -text -noout
Private-Key: (512 bit)
modulus:
    00:98:87:2a:f7:58:ad:63:25:64:5a:a9:89:ed:59:
    ab:f2:aa:42:00:f6:de:59:c1:d5:56:7a:34:3b:88:
    52:e3:2a:9e:a5:93:55:91:42:a0:ed:d5:35:91:6d:
    03:49:0e:af:32:4c:3e:6a:97:3a:71:61:e5:d2:8e:
    35:5e:5e:1e:03
publicExponent: 65537 (0x10001)
privateExponent:
    53:d1:43:8d:35:0f:e3:01:f3:49:d7:0c:d2:7f:8a:
    7c:09:8f:c7:d3:e1:90:55:72:14:d9:86:c6:88:3d:
    74:53:68:30:81:36:e0:8b:09:ed:1a:32:0d:3e:95:
    c6:9e:95:d4:44:bf:3a:1d:4a:7c:47:0a:54:64:dc:
    37:7c:51:c1
prime1:
    00:c9:29:57:b5:a2:19:06:c2:c0:0f:15:d9:34:2a:
    71:a8:b9:f5:fd:24:b4:70:d7:c3:90:10:3e:64:cd:
    e1:91:53
prime2:
    00:c2:1b:ca:85:68:58:a0:b1:58:1d:f1:45:da:07:
    89:80:a8:0e:eb:50:0f:b5:3e:ad:7c:55:3b:9b:c2:
    da:3a:91
exponent1:
    65:42:b8:72:28:1c:ec:f8:4f:f1:c8:0f:c4:60:b1:
    42:3c:0a:05:d9:da:33:0b:89:d8:15:35:33:4d:28:
    05:1d
exponent2:
    5f:ea:5b:a8:90:67:3b:00:67:0a:64:ae:9f:8e:19:
    e3:f9:27:66:1f:a9:a3:65:d5:54:1a:c9:d9:ad:ef:
    28:01
coefficient:
    10:22:95:bd:f6:16:c7:ee:47:54:97:05:ca:80:8b:
    ec:1c:53:aa:5a:e3:8c:d0:a7:81:e4:fe:3c:de:f6:
    e4:2c

Note about the test:

A RSA private key is stored in a single ASN.1 SEQUENCE structure with 9 INTEGER sub fields. The first INTEGER is -0x00 indicating format version 1. The second INTEGER is the modulus. And so on.
"asn1parse" command automatically removes any extra leading 0x00 bytes in INTEGER values in the output. But the "pkey" command keeps leading 0x00 bytes. For example, the modulus is displayed as "00:98:87:2a:f7..." by the "pkey" command. Note that the extra leading 0x00 byte is needed for any positive integer that starts with a byte higher than 0x7f.

⇒ OpenSSL "ans1parse" - Configuration File for RSA Private Key

⇐ OpenSSL "ans1parse" - DER (Distinguished Encoding Rules)

⇑ OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-27, ≈13🔥, 0💬

OpenSSL "ans1parse" - ASN.1 OCTET STRING Field Type
What is ASN.1 OCTET STRING field type? How to specify OCTET STRING field type in OpenSSL "asn1parse" command? ASN.1 OCTET STRING field is a primitive field that can be used to store byte strings of any size. To use ASN.1 OCTET STRING field in OpenSSL "asn1parse" command, you need to remember the fol... 2016-09-28, ≈13🔥, 0💬

OpenSSL "ans1parse" - RSA Public Key in ASN.1 Structure
How to view the ASN.1 structure of an RSA public key using the OpenSSL "asn1parse" command? You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an RSA public key as shown in the test below: C:\Users\fyicenter>\loc al\openssl\opensslpkey -in rsa_pri.key -pubout -out rsa_... 2016-09-27, ≈11🔥, 0💬

OpenSSL "ans1parse" - DER (Distinguished Encoding Rules)
What is the DER (Distinguished Encoding Rules) encoding used in the OpenSSL "asn1parse" command? DER (Distinguished Encoding Rules) is an encoding schema to convert an ASN.1 data structure into a binary string. In other words, DER is a serialization schema for the ASN.1 data structure. DER is one th... 2016-09-28, ∼9755🔥, 0💬

OpenSSL "ans1parse" - DSA Private Key in ASN.1 Structure
How to view the ASN.1 structure of an DSA private key using the OpenSSL "asn1parse" command? You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DSA private key as shown in the test below: C:\Users\fyicenter>\loc al\openssl\opensslgenpkey -genparam -algorithm dsa -ou... 2016-09-27, ∼7863🔥, 0💬

OpenSSL "ans1parse" - BITWRAP and OCTWRAP Modifiers
What are BITWRAP and OCTWRAP modifiers in the configuration file for the OpenSSL "asn1parse" command? BITWRAP and OCTWRAP modifiers in OpenSSL configuration files are used to automatically wrap a SEQUENCE structure into a BIT STRING or OCTET STRING field. The test below is a demonstration of using B... 2016-09-28, ∼7759🔥, 0💬

OpenSSL "ans1parse" - Configuration File for RSA Private Key
Can I build an RSA private key from an OpenSSL configuration file? Yes, you can build an RSA private key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_rsa_pri_key.cnf asn1 = SEQUENCE:rsa_pri_key [rsa_pri_key... 2016-09-27, ∼7207🔥, 0💬

OpenSSL "ans1parse" - Configuration File for RSA Public Key
Can I build an RSA public key from an OpenSSL configuration file? Yes, you can build an RSA public key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_rsa_pub_key.cnf asn1 = SEQUENCE:rsa_pub_key [rsa_pub_key] ... 2016-09-27, ∼6953🔥, 0💬

OpenSSL "ans1parse" - Wrap of SEQUENCE Structure
What is the wrap of an ASN.1 SEQUENCE structure? The wrap of an ASN.1 SEQUENCE structure is the binary string of ASN.1 SEQUENCE structure in DER format stored in an BIT STRING or OCTET STRING field in another ASN.1 SEQUENCE structure. The main purpose of using the SEQUENCE wrap is to make the SEQUEN... 2016-09-28, ∼6861🔥, 0💬

OpenSSL "ans1parse" - Wrap of Primitive Field
Can I wrap a primitive field into a BIT STRING or OCTET STRING field with the OpenSSL "asn1parse" command? Yes, you can wrap any ASN.1 primitive field into a BIT STRING or OCTET STRING field using the BITWRAP or OCTWRAP modifiers using the OpenSSL "asn1parse" command. The test below gives some demon... 2016-09-28, ∼6467🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.