OpenSSL "ans1parse" - DH Public Key in ASN.1 Structure

Q

How to view the ASN.1 structure of an DH public key using the OpenSSL "asn1parse" command?

✍: FYIcenter.com

A

You can use the OpenSSL "asn1parse" command to view the ASN.1 structure of an DH public key as shown in the test below:

C:\Users\fyicenter>\local\openssl\openssl 
   pkey -in dh_pri.key -pubout -out dh_pub.key

C:\Users\fyicenter>\local\openssl\openssl asn1parse -in dh_pub.key -i
    0:d=0  hl=2 l=  90 cons: SEQUENCE
    2:d=1  hl=2 l=  51 cons:  SEQUENCE
    4:d=2  hl=2 l=   9 prim:   OBJECT            :dhKeyAgreement
   15:d=2  hl=2 l=  38 cons:   SEQUENCE
   17:d=3  hl=2 l=  33 prim:    INTEGER           :8B58E1395DF5CF48DA87B088C6525
EFF4AECBDA5C269EF2378A31A4A62B1647B
   52:d=3  hl=2 l=   1 prim:    INTEGER           :02
   55:d=1  hl=2 l=  35 prim:  BIT STRING
   
C:\Users\fyicenter>\local\openssl\openssl 
   asn1parse -in dh_pub.key -strparse 55
    0:d=0  hl=2 l=  32 prim: INTEGER           :4CC9C94CEB5B13F2B4B3ABB9F20CB830
FFC3BB5DC6428C08B18CF3E5301908AD

C:\Users\fyicenter>\local\openssl\openssl pkey -pubin -in dh_pub.key -text -noout
DH Public-Key: (256 bit)
    public-key:
        4c:c9:c9:4c:eb:5b:13:f2:b4:b3:ab:b9:f2:0c:b8:
        30:ff:c3:bb:5d:c6:42:8c:08:b1:8c:f3:e5:30:19:
        08:ad
    prime:
        00:8b:58:e1:39:5d:f5:cf:48:da:87:b0:88:c6:52:
        5e:ff:4a:ec:bd:a5:c2:69:ef:23:78:a3:1a:4a:62:
        b1:64:7b
    generator: 2 (0x2)

Note about the test:

  • The ASN.1 structure of a DH public key is identical to the DH private key, except that the public integer is wrapped in an BIT STRING instead of an OCTET STRING.
  • The ASN.1 structure of a DH public key has no version field.

 

OpenSSL "ans1parse" - Configuration File for DH Public Key

OpenSSL "ans1parse" - Configuration File for DH Private Key

OpenSSL "ans1parse" Command

⇑⇑ OpenSSL Tutorials

2016-09-26, 4936👍, 0💬