How to view the ASN.1 structure of an DH private key using the OpenSSL "asn1parse" command?

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DH private key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl 
   genpkey -genparam -algorithm dh -out dh_test.prm -pkeyopt dh_paramgen_prime_len:256
............+....+...................+.+............+.....+.......+..++*++*++*++
*++*++*++*++*++*++*++*++*

C:\Users\fyicenter>\local\openssl\openssl 
  genpkey -paramfile dh_test.prm -out dh_pri.key

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in dh_pri.key -i
    0:d=0  hl=2 l=  92 cons: SEQUENCE
    2:d=1  hl=2 l=   1 prim:  INTEGER           :00
    5:d=1  hl=2 l=  51 cons:  SEQUENCE
    7:d=2  hl=2 l=   9 prim:   OBJECT            :dhKeyAgreement
   18:d=2  hl=2 l=  38 cons:   SEQUENCE
   20:d=3  hl=2 l=  33 prim:    INTEGER           :8B58E1395DF5CF48DA87B088C6525
EFF4AECBDA5C269EF2378A31A4A62B1647B
   55:d=3  hl=2 l=   1 prim:    INTEGER           :02
   58:d=1  hl=2 l=  34 prim:  OCTET STRING      [HEX DUMP]:02204233D0A221A766BA2
CE0492F2B8F6A822BE38CF33E3A6850C806C6031D78457E

C:\Users\fyicenter>\local\openssl\openssl 
   asn1parse -in dh_pri.key -strparse 58
    0:d=0  hl=2 l=  32 prim: INTEGER           :4233D0A221A766BA2CE0492F2B8F6A82
2BE38CF33E3A6850C806C6031D78457E

C:\Users\fyicenter>\local\openssl\openssl pkey -in dh_pri.key -text -noout
DH Private-Key: (256 bit)
    private-key:
        42:33:d0:a2:21:a7:66:ba:2c:e0:49:2f:2b:8f:6a:
        82:2b:e3:8c:f3:3e:3a:68:50:c8:06:c6:03:1d:78:
        45:7e
    public-key:
        4c:c9:c9:4c:eb:5b:13:f2:b4:b3:ab:b9:f2:0c:b8:
        30:ff:c3:bb:5d:c6:42:8c:08:b1:8c:f3:e5:30:19:
        08:ad
    prime:
        00:8b:58:e1:39:5d:f5:cf:48:da:87:b0:88:c6:52:
        5e:ff:4a:ec:bd:a5:c2:69:ef:23:78:a3:1a:4a:62:
        b1:64:7b
    generator: 2 (0x2)

Note about the test:

• A DH private key is stored in an ASN.1 3-level SEQUENCE structure
• The top level SEQUENCE contains an INTEGER indicating the format version 0x00, the middle level SEQUENCE and an OCTET STRING,
• The middle level SEQUENCE contains an OID indicating the DH algorithm and lower level SEQUENCE.
• The lower level SEQUENCE contains 2 INTEGER fields for the DH parameters.
• The OCTET STRING wraps a hidden INTEGER to store the private integer.
• The public integer is not stored. It will be calculated using the private integer.

⇒ OpenSSL "ans1parse" - Configuration File for DH Private Key

⇐ OpenSSL "ans1parse" - Configuration File for DSA Public Key

⇑ OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials