OpenSSL "ans1parse" - DH Private Key in ASN.1 Structure

Q

How to view the ASN.1 structure of an DH private key using the OpenSSL "asn1parse" command?

✍: FYIcenter.com

A

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DH private key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl 
   genpkey -genparam -algorithm dh -out dh_test.prm -pkeyopt dh_paramgen_prime_len:256
............+....+...................+.+............+.....+.......+..++*++*++*++
*++*++*++*++*++*++*++*++*

C:\Users\fyicenter>\local\openssl\openssl 
  genpkey -paramfile dh_test.prm -out dh_pri.key

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in dh_pri.key -i
    0:d=0  hl=2 l=  92 cons: SEQUENCE
    2:d=1  hl=2 l=   1 prim:  INTEGER           :00
    5:d=1  hl=2 l=  51 cons:  SEQUENCE
    7:d=2  hl=2 l=   9 prim:   OBJECT            :dhKeyAgreement
   18:d=2  hl=2 l=  38 cons:   SEQUENCE
   20:d=3  hl=2 l=  33 prim:    INTEGER           :8B58E1395DF5CF48DA87B088C6525
EFF4AECBDA5C269EF2378A31A4A62B1647B
   55:d=3  hl=2 l=   1 prim:    INTEGER           :02
   58:d=1  hl=2 l=  34 prim:  OCTET STRING      [HEX DUMP]:02204233D0A221A766BA2
CE0492F2B8F6A822BE38CF33E3A6850C806C6031D78457E

C:\Users\fyicenter>\local\openssl\openssl 
   asn1parse -in dh_pri.key -strparse 58
    0:d=0  hl=2 l=  32 prim: INTEGER           :4233D0A221A766BA2CE0492F2B8F6A82
2BE38CF33E3A6850C806C6031D78457E

C:\Users\fyicenter>\local\openssl\openssl pkey -in dh_pri.key -text -noout
DH Private-Key: (256 bit)
    private-key:
        42:33:d0:a2:21:a7:66:ba:2c:e0:49:2f:2b:8f:6a:
        82:2b:e3:8c:f3:3e:3a:68:50:c8:06:c6:03:1d:78:
        45:7e
    public-key:
        4c:c9:c9:4c:eb:5b:13:f2:b4:b3:ab:b9:f2:0c:b8:
        30:ff:c3:bb:5d:c6:42:8c:08:b1:8c:f3:e5:30:19:
        08:ad
    prime:
        00:8b:58:e1:39:5d:f5:cf:48:da:87:b0:88:c6:52:
        5e:ff:4a:ec:bd:a5:c2:69:ef:23:78:a3:1a:4a:62:
        b1:64:7b
    generator: 2 (0x2)

Note about the test:

A DH private key is stored in an ASN.1 3-level SEQUENCE structure
The top level SEQUENCE contains an INTEGER indicating the format version 0x00, the middle level SEQUENCE and an OCTET STRING,
The middle level SEQUENCE contains an OID indicating the DH algorithm and lower level SEQUENCE.
The lower level SEQUENCE contains 2 INTEGER fields for the DH parameters.
The OCTET STRING wraps a hidden INTEGER to store the private integer.
The public integer is not stored. It will be calculated using the private integer.

⇒ OpenSSL "ans1parse" - Configuration File for DH Private Key

⇐ OpenSSL "ans1parse" - Configuration File for DSA Public Key

⇑ OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-26, 6724👍, 0💬

OpenSSL "ans1parse" - DH Private Key in ASN.1 Structure
How to view the ASN.1 structure of an DH private key using the OpenSSL "asn1parse" command? You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DH private key as shown in the test below: C:\Users\fyicenter>\loc al\openssl\opensslgenpkey -genparam -algorithm dh -out d... 2016-09-26, 6725👍, 0💬

OpenSSL "ans1parse" - DSA Private Key in ASN.1 Structure
How to view the ASN.1 structure of an DSA private key using the OpenSSL "asn1parse" command? You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DSA private key as shown in the test below: C:\Users\fyicenter>\loc al\openssl\opensslgenpkey -genparam -algorithm dsa -ou... 2016-09-27, 6719👍, 0💬

OpenSSL "ans1parse" - DH Public Key in ASN.1 Structure
How to view the ASN.1 structure of an DH public key using the OpenSSL "asn1parse" command? You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DH public key as shown in the test below: C:\Users\fyicenter>\loc al\openssl\opensslpkey -in dh_pri.key -pubout -out dh_pub.... 2016-09-26, 6255👍, 0💬

OpenSSL "ans1parse" - Configuration File for RSA Public Key
Can I build an RSA public key from an OpenSSL configuration file? Yes, you can build an RSA public key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_rsa_pub_key.cnf asn1 = SEQUENCE:rsa_pub_key [rsa_pub_key] ... 2016-09-27, 5923👍, 0💬

OpenSSL "ans1parse" - Configuration File for DH Private Key
Can I build a DH private key from an OpenSSL configuration file? Yes, you can build a DH private key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_dh_pri_key.cnf asn1 = SEQUENCE:dh_pri_key [dh_pri_key] versi... 2016-09-26, 5825👍, 0💬

OpenSSL "ans1parse" - Configuration File for DH Public Key
Can I build a DH public key from an OpenSSL configuration file? Yes, you can build a DH public key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_dh_pub_key.cnf asn1 = SEQUENCE:dh_pri_key [dh_pri_key] algorit... 2016-09-26, 5618👍, 0💬

OpenSSL "ans1parse" - Configuration File for DSA Public Key
Can I build a DSA public key from an OpenSSL configuration file? Yes, you can build a DSA public key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_dsa_pub_key.cnf asn1 = SEQUENCE:dsa_pub_key [dsa_pub_key] al... 2016-09-26, 5569👍, 0💬

OpenSSL "ans1parse" - Configuration File for DSA Private Key
Can I build a DSA private key from an OpenSSL configuration file? Yes, you can build a DSA private key from an OpenSSL configuration file, if you know the components of the key, as shown in the test below: C:\Users\fyicenter>type asn1_dsa_pri_key.cnf asn1 = SEQUENCE:dsa_pri_key [dsa_pri_key] ... 2016-09-26, 5556👍, 0💬

DigiCert Global Root CA Certificate - 03DE503556D14CBB66F0A3E21B1BC397B23DD155
Certificate Summary: Subject: DigiCert Global Root CA Issuer: DigiCert Global Root CA Expiration: 2031-11-10 00:00:00 UTC Key Identifier: 03:DE:50:35:56:D1:4C:BB:66:F0: A3:E2:1B:1B:C3:97:B2:3D:D1:55Received at FYIcenter.com on: 2016-09-26 2016-09-27, 4841👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.