一、簡介

asn1parse命令是一種用來診斷ASN.1結構的工具，也能用于從ASN1.1數據中提取數據

?

二、語法

openssl asn1parse [-inform PEM|DER] [-in filename] [-out filename] [-noout] [-offset number] [-length number] [-i] [- structure filename] [-strparse offset]

選項

-inform arg input format - one of DER PEM-in arg input file-out arg output file (output format is always DER-noout arg don't produce any output-offset arg offset into file-length arg length of section in file-i indent entries-dump dump unknown data in hex form-dlimit arg dump the first arg bytes of unknown data in hex form-oid file file of extra oid definitions-strparse offseta series of these can be used to 'dig' into multipleASN1 blob wrappings-genstr str string to generate ASN1 structure from-genconf file file to generate ASN1 structure from

?

三、ASN.1結構

0:d=0 hl=4 l= 710 cons: SEQUENCE0 表示節點在整個文件中的偏移長度d=0 表示節點深度hl=4 表示節點頭字節長度l=710 表示節點數據字節長度cons 表示該節點為結構節點，表示包含子節點或者子結構數據prim 表示該節點為原始節點，包含數據SEQUENCE、OCTETSTRING等都是ASN.1中定義的數據類型，具體可以參考ASN.1格式說明。最后一個節點OCTET STRING [HEX DUMP]，就是加密后的私鑰數據。

?

四、實例

1）分析一個文件

openssl asn1parse -in ec_pubkey.pem

2）分析一個DER文件

openssl asn1parse -inform DER -in file.der

3）解析公鑰文件

openssl x509 -in cert.pem -pubkey -noout > pubkey.key

移除pem頭尾后進行base64解碼: openssl base64 x -in pubkey.key -out pubkey.bin

openssl asn1parse -in pubkey.key

? ? 0:d=0 ?hl=3 l= 159 cons: SEQUENCE ? ? ? ? ?

? ? 3:d=1 ?hl=2 l= ?13 cons: SEQUENCE ? ? ? ? ?

? ? 5:d=2 ?hl=2 l= ? 9 prim: OBJECT ? ? ? ? ? ?:rsaEncryption

? ?16:d=2 ?hl=2 l= ? 0 prim: NULL ? ? ? ? ? ? ?

? ?18:d=1 ?hl=3 l= 141 prim: BIT STRING?

openssl asn1parse -strparse 18 -in pubkey.key

? ? 0:d=0 ?hl=3 l= 137 cons: SEQUENCE ? ? ? ? ?

? ? 3:d=1 ?hl=3 l= 129 prim: INTEGER ? ? ? ? ? :BD08016AC47043B12704EF63B82AA311204A627C550CB5E0B44FBF70731F5A19C3E1FAA36F8E52F6C8A673F3704B0A3F1888F665EBFB257D5689F36F805F2C7442A0E0F90B1E3542A08C5E347FA21

DE6CE84A572BAAC892DE8AF611B5B2F81E8DA3EEA6E6C92A488876DF0B9DD9CEECC2A22D0C985904F40740FFF49836DE2B7

? 135:d=1 ?hl=2 l= ? 3 prim: INTEGER ? ? ? ? ? :010001

4）解析私鑰文件
移除pem頭尾后進行base64解碼: openssl base64 -d -in cert.key -out prikey.keyopenssl asn1parse -in prikey.key0:d=0 ?hl=4 l= 606 cons: SEQUENCE ? ? ? ? ?4:d=1 ?hl=2 l= ? 1 prim: INTEGER ? ? ? ? ? :007:d=1 ?hl=3 l= 129 prim: INTEGER ? ? ? ? ? :BD08016AC47043B12704EF63B82AA311204A627C550CB5E0B44FBF70731F5A19C3E1FAA36F8E52F6C8A673F3704B0A3F1888F665EBFB257D5689F36F805F2C7442A0E0F90B1E3542A08C5E347FA21DE6CE84A572BAAC892DE8AF611B5B2F81E8DA3EEA6E6C92A488876DF0B9DD9CEECC2A22D0C985904F40740FFF49836DE2B7139:d=1 ?hl=2 l= ? 3 prim: INTEGER ? ? ? ? ? :010001144:d=1 ?hl=3 l= 129 prim: INTEGER ? ? ? ? ?:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX276:d=1 ?hl=2 l= ?65 prim: INTEGER ? ? ? ? ? :XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX343:d=1 ?hl=2 l= ?65 prim: INTEGER ? ? ? ? ? :XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX410:d=1 ?hl=2 l= ?64 prim: INTEGER ? ? ? ? ? :XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX476:d=1 ?hl=2 l= ?65 prim: INTEGER ? ? ? ? ? :XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX543:d=1 ?hl=2 l= ?65 prim: INTEGER ? ? ? ? ? :XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

?

參考：ASN.1 key structures in DER and PEM

總結

以上是生活随笔為你收集整理的Openssl asn1parse命令的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。