How to view the ASN.1 structure of an DSA private key using the OpenSSL "asn1parse" command?

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DSA private key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl 
   genpkey -genparam -algorithm dsa -out dsa_key.prm -pkeyopt dsa_paramgen_bits:256
.....+.........................+.........+..............+.................+.....
.+............+......+...................+....................++++++++++++++++++
+++++++++++++++++++++++++++++++++*
.......+......+..........+.......................................+.+............

C:\Users\fyicenter>\local\openssl\openssl 
   genpkey -paramfile dsa_test.prm -out dsa_pri.key

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in dsa_pri.key
    0:d=0  hl=3 l= 198 cons: SEQUENCE
    3:d=1  hl=2 l=   1 prim:  INTEGER           :00
    6:d=1  hl=3 l= 168 cons:  SEQUENCE
    9:d=2  hl=2 l=   7 prim:   OBJECT            :dsaEncryption
   18:d=2  hl=3 l= 156 cons:   SEQUENCE
   21:d=3  hl=2 l=  65 prim:    INTEGER           :B2A22FE456DD10930CEED27DE2E58
E69E27CB52E14BE655C5D0F4EDC4A627A800A211DABD9B07D974EF3C997DD198E31C2B238696CBF5
E9984B1EE3D11B2D9E3
   88:d=3  hl=2 l=  21 prim:    INTEGER           :A17145E13E0034692FC1BD85BDF88
E1AA578818D
  111:d=3  hl=2 l=  64 prim:    INTEGER           :79F4E4FB123458BFDD388E0CC90D7
76C3CBB9C82E10668C71318D322AF5968EE8FB9F64F9AC09A9AAA24AD8DED795B7CE4BB81E02047A
AC4D3E95513AA8FD5DD
  177:d=1  hl=2 l=  22 prim:  OCTET STRING      [HEX DUMP]:02146A9C8BEFEB21DDD3F
16FB3A0A202E718A70D19F8

C:\Users\fyicenter>\local\openssl\openssl 
   asn1parse -in dsa_pri.key -strparse 177
    0:d=0  hl=2 l=  20 prim: INTEGER           :6A9C8BEFEB21DDD3F16FB3A0A202E718
A70D19F8

C:\Users\fyicenter>\local\openssl\openssl pkey -in dsa_pri.key -text -noout
Private-Key: (512 bit)
priv:
    6a:9c:8b:ef:eb:21:dd:d3:f1:6f:b3:a0:a2:02:e7:
    18:a7:0d:19:f8
pub:
    42:4a:04:37:87:03:b5:1f:ad:65:ce:c2:c5:9b:f6:
    fa:2c:d4:0a:a6:4c:43:97:5b:56:40:04:51:97:98:
    e5:b2:fc:c7:4d:4d:e4:07:b7:38:12:34:1a:bb:ce:
    08:78:cd:2c:a2:3a:45:01:99:2e:63:84:25:31:bc:
    aa:7a:97:02
P:
    00:b2:a2:2f:e4:56:dd:10:93:0c:ee:d2:7d:e2:e5:
    8e:69:e2:7c:b5:2e:14:be:65:5c:5d:0f:4e:dc:4a:
    62:7a:80:0a:21:1d:ab:d9:b0:7d:97:4e:f3:c9:97:
    dd:19:8e:31:c2:b2:38:69:6c:bf:5e:99:84:b1:ee:
    3d:11:b2:d9:e3
Q:
    00:a1:71:45:e1:3e:00:34:69:2f:c1:bd:85:bd:f8:
    8e:1a:a5:78:81:8d
G:
    79:f4:e4:fb:12:34:58:bf:dd:38:8e:0c:c9:0d:77:
    6c:3c:bb:9c:82:e1:06:68:c7:13:18:d3:22:af:59:
    68:ee:8f:b9:f6:4f:9a:c0:9a:9a:aa:24:ad:8d:ed:
    79:5b:7c:e4:bb:81:e0:20:47:aa:c4:d3:e9:55:13:
    aa:8f:d5:dd

Note about the test:

• A DSA private key is stored in an ASN.1 3-level SEQUENCE structure
• The top level SEQUENCE contains an INTEGER indicating the format version 0x00, the middle level SEQUENCE and an OCTET STRING,
• The middle level SEQUENCE contains an OID indicating the DSA algorithm and lower level SEQUENCE.
• The lower level SEQUENCE contains 3 INTEGER fields for the DSA parameters.
• The OCTET STRING wraps a hidden INTEGER to store the private integer.
• The public integer is not stored. It will be calculated using the private integer.

⇒ OpenSSL "ans1parse" - Configuration File for DSA Private Key

⇐ OpenSSL "ans1parse" - Configuration File for RSA Public Key

⇑ OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials