parse BER and print information about
const unsigned char *ber_in, long
length, int indent, int
const unsigned char *ber_in, long
length, int indent);
parses BER-encoded values and prints information about them to
bio. On function entry, *ber_in
is expected to point to the first identifier octet of an encoded value. At
most length bytes are inspected.
For each value successfully parsed, the following information is printed:
- The index of its first identifier octet relative to ber_in as a decimal number followed by a colon. For the first value parsed and printed, this is "0:".
- The nesting depth as a decimal integer. For the first value parsed and printed, this is "d=0".
- The header length in bytes, including the identifier octets and the length octets, as a decimal integer. For example, for a boolean value, this is "hl=2" because the encoding of a boolean value contains one identifier octet (0x01) and one length octet (also 0x01, because one content octet follows after the header).
- If the value is encoded using the definite form for the length octets, the number encoded in the length octets as a decimal integer. This is the number of content octets that follow. For example, for a boolean value, this is "l=1". If the value is encoded using a length octet indicating the indefinite form, "l=inf" is printed instead.
- If the value is primitive, "prim:" is printed; if it is constructed, "cons:".
- The next field depends on the class of the tag:
- "priv" followed by the decimal tag number in square brackets
- "cont" followed by the decimal tag number in square brackets
- "appl" followed by the decimal tag number in square brackets
- If the tag number is 30 or less, the return value from ASN1_tag2str(3) is printed; otherwise, "<ASN1" followed by the decimal tag number and a closing angle bracket.
For constructed values, the contained values are recursively printed.
Primitive values are processed as follows:
- Its integer value is printed as a decimal number.
- Decoded with d2i_ASN1_INTEGER(3), printed as a hexadecimal number with an even number of digits.
- Decoded with d2i_ASN1_ENUMERATED(3), printed as a hexadecimal number with an even number of digits.
- Decoded with d2i_ASN1_OBJECT(3), printed with i2a_ASN1_OBJECT(3).
- Decoded with
d2i_ASN1_OCTET_STRING(3). If the data consists only of
printable ASCII characters, line feeds, carriage returns and horizontal
tabs, it is printed as an ASCII string.
Otherwise, the dump argument decides the format. If it is zero, a raw hex dump is emitted, consisting of two hexadecimal digits for every data byte. If dump is non-zero, BIO_dump_indent(3) is used. Unless dump is -1, the data is truncated after dump bytes.
- Printed as an ASCII string. The same applies to
- Other tags
- If the dump argument is 0, their data is silently ignored. If dump is non-zero, BIO_dump_indent(3) is used. Unless dump is -1, the data is truncated after dump bytes.
is identical to
ASN1_parse_dump() with 0 passed as
the dump argument.
These functions return 1 for success or 0 for failure.
In particular, they print an error message to bio, abort parsing and printing, and return 0 when parsing or decoding fails, when a recursive call fails, when encountering a value extending beyond length, or when encountering a nesting level in excess of 128. They also abort parsing and printing and return 0 when any printing operation fails.
ASN1_get_object(3), ASN1_item_d2i(3), ASN1_item_new(3), ASN1_STRING_print(3), ASN1_TYPE_new(3)
ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), section 8.1: General rules for encoding
ASN1_parse() first appeared in SSLeay
0.5.1 and has been available since OpenBSD 2.4.
ASN1_parse_dump() first appeared in
OpenSSL 0.9.6 and has been available since OpenBSD
The content of values tagged as
V_ASN1_BMPSTRING is silently ignored and none of it