Openssl asn1parse命令

一、简介

asn1parse命令是一种用来诊断ASN.1结构的工具，也能用于从ASN1.1数据中提取数据

二、语法

openssl asn1parse [-inform PEM|DER] [-in filename] [-out filename] [-noout] [-offset number] [-length number] [-i] [- structure filename] [-strparse offset]

选项

-inform arg   input format - one of DER PEM
 -in arg       input file
 -out arg      output file (output format is always DER
 -noout arg    don‘t produce any output
 -offset arg   offset into file
 -length arg   length of section in file
 -i            indent entries
 -dump         dump unknown data in hex form
 -dlimit arg   dump the first arg bytes of unknown data in hex form
 -oid file     file of extra oid definitions
 -strparse offset
               a series of these can be used to ‘dig‘ into multiple
               ASN1 blob wrappings
 -genstr str   string to generate ASN1 structure from
 -genconf file file to generate ASN1 structure from

三、ASN.1结构

0:d=0  hl=4 l= 710 cons: SEQUENCE

0 表示节点在整个文件中的偏移长度

d=0 表示节点深度

hl=4 表示节点头字节长度

l=710 表示节点数据字节长度

cons 表示该节点为结构节点，表示包含子节点或者子结构数据

prim 表示该节点为原始节点，包含数据

SEQUENCE、OCTETSTRING等都是ASN.1中定义的数据类型，具体可以参考ASN.1格式说明。

最后一个节点OCTET STRING      [HEX DUMP]，就是加密后的私钥数据。

四、实例

1、分析一个文件

openssl asn1parse -in ec_pubkey.pem

2、分析一个DER文件

openssl asn1parse -inform DER -in file.der

参考：http://blog.csdn.net/lucien_cc/article/details/18407451     http://m.blog.csdn.net/blog/as3luyuan123/13339803

时间： 2024-11-12 05:50:07

Openssl asn1parse命令的相关文章

OpenSSL之命令总结

OpenSSL从基础到应用系列: 1) OpenSSL之安全通讯基础 2) OpenSSL之PKI 3) OpenSSL之SSL协议的Web安全实现 4) OpenSSL之编译安装透过上面几个方面的学习,我们应该对OpenSSL有了一个基本的了解.OpenSSL功能之强大,命令组合用法之多,往往让我们的学习不知所措.在此,我们来对openssl命令的使用做一个总结. 语法格式: openssl command [ command_opts ] [ command_args ] 常用comma

熟练掌握 openssl 证书命令说明

熟练掌握 openssl 证书命令说明2.在我电脑建立好一个目录,并启动 terminal ,进入该目录cd /Users/dhbm/Desktop/ssl/sign2018072913.生成Self Signed证书1).生成一个key(我的私钥)openssl genrsa -des3 -out selfsign.key 4096 结果 (过程中密码: 123456)Generating RSA private key, 4096 bit long modulus...........++

Openssl pkeyutl命令

一.简介 pkeyutl命令能够测试所支持的密钥算法的性能二.语法 openssl rsautl [-in file] [-out file] [-sigfile file] [-inkey file] [-passin arg] [-keyform PEM|DER] [-peerkey file] [-peerform PEM|DER] [-pubin] [-certin] [-rev] [-sign] [-verify] [-verifyrecover ] [-encrypt] [-dec

Openssl pkcs7命令

一.简介 pkcs7命令用于处理DER或者PEM格式的pkcs#7文件. 二.语法 openssl pkcs7 [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-print] [-print_certs] [-text] [-noout] [-engine id] 选项 -inform arg input format - DER or PEM -outform arg output format -

Openssl ca命令

一.简介 ca命令能够签发证书请求文件以及生成CRL列表二.语法 openssl ca [-verbose] [-config filename] [-name section] [-gencrl] [-revoke file][-crl_reason reason] [-crl_hold instruction] [-crl_compromise time] [-crl_CA_compromise time ] [ -subj subj] [-crldays days] [-crlhours

Openssl crl2pkcs7命令

一.简介 crl2pkcs7命令根据CRL或证书来生成pkcs#7消息二.语法 openssl crl2pkcs7 [-inform PEM|DER ] [-outform PEM|DER ] [-in filename ] [-out filename ] [-certfile filename ] [-nocrl ] 选项 -inform arg input format - DER or PEM -outform arg output format - DER or PEM -in ar

Openssl crl命令

一.简介 crl命令用于处里PME或DER格式的CRL文件二.语法 openssl crl [-inform PEM|DER] [-outform PEM|DER] [-text] [-in filename] [-out filename] [-hash] [-fingerprint] [-issuer ] [-lastupdate ] [-nextupdate ] [-crlnumber] [-noout ] [-CAfile file ] [-CApath dir ] [-nameopt

Openssl rsa命令

一.简介 Rsa命令用于处理RSA密钥.格式转换和打印信息二.语法 openssl rsa [-inform PEM|NET|DER] [-outform PEM|NET|DER] [-in filename] [-passin arg] [-out filename] [-passout arg] [-sgckey] [-text] [-noout] [-modulus] [-check] [-pubin] [-pubout] [-engine id] [-des] [-des3] [-id

Openssl speed命令

一.简介 speed命令用于测试库的性能二.语法 openssl speed [md2] [mdc2] [md5] [hmac] [sha1] [sha256] [sha512] [whirlpool] [rmd160] [idea-cbc] [seed-cbc] [rc2-cbc] [rc5-cbc] [bf-cbc] [des-cbc] [des-ede3] [aes-128-cbc] [aes-192-cbc] [aes-256-cbc] [aes-128-ige] [aes-192-i