Loading doc/apps/asn1parse.pod +42 −0 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ B<openssl> B<asn1parse> [B<-i>] [B<-oid filename>] [B<-strparse offset>] [B<-genstr string>] [B<-genconf file>] =head1 DESCRIPTION Loading Loading @@ -67,6 +69,14 @@ file is described in the NOTES section below. parse the contents octets of the ASN.1 object starting at B<offset>. This option can be used multiple times to "drill down" into a nested structure. =item B<-genstr string>, B<-genconf file> generate encoded data based on B<string>, B<file> or both using ASN1_generate_nconf() format. If B<file> only is present then the string is obtained from the default section using the name B<asn1>. The encoded data is passed through the ASN1 parser and printed out as though it came from a file, the contents can thus be examined and written to a file using the B<out> option. =back Loading Loading @@ -121,6 +131,38 @@ by white space. The final column is the rest of the line and is the C<1.2.3.4 shortName A long name> =head1 EXAMPLES Parse a file: openssl asn1parse -in file.pem Parse a DER file: openssl asn1parse -inform DER -in file.der Generate a simple UTF8String: openssl asn1parse -genstr 'UTF8:Hello World' Generate and write out a UTF8String, don't print parsed output: openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der Generate using a config file: openssl asn1parse -genconf asn1.cnf -noout -out asn1.der Example config file: asn1=SEQUENCE:seq_sect [seq_sect] field1=BOOL:TRUE field2=EXP:0, UTF8:some random string =head1 BUGS There should be options to change the format of input lines. The output of some Loading doc/openssl.txt +22 −3 Original line number Diff line number Diff line Loading @@ -154,8 +154,22 @@ for example contain data in multiple sections. The correct syntax to use is defined by the extension code itself: check out the certificate policies extension for an example. In addition it is also possible to use the word DER to include arbitrary data in any extension. There are two ways to encode arbitrary extensions. The first way is to use the word ASN1 followed by the extension content using the same syntax as ASN1_generate_nconf(). For example: 1.2.3.4=critical,ASN1:UTF8String:Some random data 1.2.3.4=ASN1:SEQUENCE:seq_sect [seq_sect] field1 = UTF8:field1 field2 = UTF8:field2 It is also possible to use the word DER to include arbitrary data in any extension. 1.2.3.4=critical,DER:01:02:03:04 1.2.3.4=DER:01020304 Loading Loading @@ -336,16 +350,21 @@ Subject Alternative Name. The subject alternative name extension allows various literal values to be included in the configuration file. These include "email" (an email address) "URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a registered ID: OBJECT IDENTIFIER) and IP (and IP address). registered ID: OBJECT IDENTIFIER), IP (and IP address) and otherName. Also the email option include a special 'copy' value. This will automatically include and email addresses contained in the certificate subject name in the extension. otherName can include arbitrary data associated with an OID: the value should be the OID followed by a semicolon and the content in standard ASN1_generate_nconf() format. Examples: subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/ subjectAltName=email:my@other.address,RID:1.2.3.4 subjectAltName=otherName:1.2.3.4;UTF8:some other identifier Issuer Alternative Name. Loading Loading
doc/apps/asn1parse.pod +42 −0 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ B<openssl> B<asn1parse> [B<-i>] [B<-oid filename>] [B<-strparse offset>] [B<-genstr string>] [B<-genconf file>] =head1 DESCRIPTION Loading Loading @@ -67,6 +69,14 @@ file is described in the NOTES section below. parse the contents octets of the ASN.1 object starting at B<offset>. This option can be used multiple times to "drill down" into a nested structure. =item B<-genstr string>, B<-genconf file> generate encoded data based on B<string>, B<file> or both using ASN1_generate_nconf() format. If B<file> only is present then the string is obtained from the default section using the name B<asn1>. The encoded data is passed through the ASN1 parser and printed out as though it came from a file, the contents can thus be examined and written to a file using the B<out> option. =back Loading Loading @@ -121,6 +131,38 @@ by white space. The final column is the rest of the line and is the C<1.2.3.4 shortName A long name> =head1 EXAMPLES Parse a file: openssl asn1parse -in file.pem Parse a DER file: openssl asn1parse -inform DER -in file.der Generate a simple UTF8String: openssl asn1parse -genstr 'UTF8:Hello World' Generate and write out a UTF8String, don't print parsed output: openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der Generate using a config file: openssl asn1parse -genconf asn1.cnf -noout -out asn1.der Example config file: asn1=SEQUENCE:seq_sect [seq_sect] field1=BOOL:TRUE field2=EXP:0, UTF8:some random string =head1 BUGS There should be options to change the format of input lines. The output of some Loading
doc/openssl.txt +22 −3 Original line number Diff line number Diff line Loading @@ -154,8 +154,22 @@ for example contain data in multiple sections. The correct syntax to use is defined by the extension code itself: check out the certificate policies extension for an example. In addition it is also possible to use the word DER to include arbitrary data in any extension. There are two ways to encode arbitrary extensions. The first way is to use the word ASN1 followed by the extension content using the same syntax as ASN1_generate_nconf(). For example: 1.2.3.4=critical,ASN1:UTF8String:Some random data 1.2.3.4=ASN1:SEQUENCE:seq_sect [seq_sect] field1 = UTF8:field1 field2 = UTF8:field2 It is also possible to use the word DER to include arbitrary data in any extension. 1.2.3.4=critical,DER:01:02:03:04 1.2.3.4=DER:01020304 Loading Loading @@ -336,16 +350,21 @@ Subject Alternative Name. The subject alternative name extension allows various literal values to be included in the configuration file. These include "email" (an email address) "URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a registered ID: OBJECT IDENTIFIER) and IP (and IP address). registered ID: OBJECT IDENTIFIER), IP (and IP address) and otherName. Also the email option include a special 'copy' value. This will automatically include and email addresses contained in the certificate subject name in the extension. otherName can include arbitrary data associated with an OID: the value should be the OID followed by a semicolon and the content in standard ASN1_generate_nconf() format. Examples: subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/ subjectAltName=email:my@other.address,RID:1.2.3.4 subjectAltName=otherName:1.2.3.4;UTF8:some other identifier Issuer Alternative Name. Loading
