[openssl-users] openssl asn1parse -length
Christian Böhme
christian.boehme at cloudandheat.com
Mon Jul 23 14:56:55 UTC 2018
Hello all,
I have been trying to find a way to ascertain that the contents of a file
is a DER-encoded ASN.1 structure such as
$ openssl version
OpenSSL 1.0.2g 1 Mar 2016
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -i
0:d=0 hl=4 l= 978 cons: SEQUENCE
4:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-envelopedData
15:d=1 hl=4 l= 963 cons: cont [ 0 ]
19:d=2 hl=4 l= 959 cons: SEQUENCE
23:d=3 hl=2 l= 1 prim: INTEGER :03
26:d=3 hl=3 l= 133 cons: SET
29:d=4 hl=3 l= 130 cons: cont [ 3 ]
32:d=5 hl=2 l= 1 prim: INTEGER :00
35:d=5 hl=2 l= 27 cons: cont [ 0 ]
37:d=6 hl=2 l= 9 prim: OBJECT :PBKDF2
48:d=6 hl=2 l= 14 cons: SEQUENCE
50:d=7 hl=2 l= 8 prim: OCTET STRING [HEX DUMP]:64C8DCE92BE6CF80
60:d=7 hl=2 l= 2 prim: INTEGER :0800
64:d=5 hl=2 l= 46 cons: SEQUENCE
66:d=6 hl=2 l= 11 prim: OBJECT :id-alg-PWRI-KEK
79:d=6 hl=2 l= 31 cons: SEQUENCE
81:d=7 hl=2 l= 11 prim: OBJECT :camellia-256-cbc
94:d=7 hl=2 l= 16 prim: OCTET STRING [HEX DUMP]:DC131C842F099909DF465439C1B06038
112:d=5 hl=2 l= 48 prim: OCTET STRING [HEX DUMP]:7BEFFB307D05C8242A040B371EEA3C6F59F082C415057BF5A71F67437B92668CEED9C46B0F57B4E4A077B1651892D9D5
162:d=3 hl=4 l= 816 cons: SEQUENCE
166:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
177:d=4 hl=2 l= 31 cons: SEQUENCE
179:d=5 hl=2 l= 11 prim: OBJECT :camellia-256-cbc
192:d=5 hl=2 l= 16 prim: OCTET STRING [HEX DUMP]:995169EEF15C876E5F1A92DAF6A129D7
210:d=4 hl=4 l= 768 prim: cont [ 0 ]
Since the files to test are rather large, I'd be content with being able
to have only the first couple of bytes inspected. It would appear that the
-length option allows to do just that. However, whatever argument specified,
I get this:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 4
Error in encoding
140548547200664:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:157:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 16
Error in encoding
140076397213336:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 32
Error in encoding
139879438956184:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 64
Error in encoding
139887577974424:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 128
Error in encoding
140008118994584:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 256
Error in encoding
140518349809304:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
$ openssl asn1parse -in ciphertext.der -inform DER -offset 0 -length 512
Error in encoding
140042967262872:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:147:
etcpp. The files to test are expected to be at least 512 bytes in size.
What's the expected behaviour of the -length option, BTW?
Thanks,
Christian
--
*Christian Böhme*
Developer System Integration
CLOUD&HEAT
*CLOUD & HEAT Technologies GmbH*
Königsbrücker Str. 96 (Halle 15) | 01099 Dresden
Tel: +49 351 479 3670 - 100
Fax: +49 351 479 3670 - 110
E-Mail: christian.boehme at cloudandheat.com <mailto:christian.boehme at cloudandheat.com>
Web: https://www.cloudandheat.com <https://www.cloudandheat.com>
Handelsregister: Amtsgericht Dresden
Registernummer: HRB 30549
USt.-Ident.-Nr.: DE281093504
Geschäftsführer: Nicolas Röhrs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 533 bytes
Desc: OpenPGP digital signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180723/c18538ef/attachment-0001.sig>
More information about the openssl-users
mailing list