OpenBSD manual page server

Manual Page Search Parameters

ASN1_PARSE_DUMP(3) Library Functions Manual ASN1_PARSE_DUMP(3)

ASN1_parse_dump, ASN1_parseparse BER and print information about it

#include <openssl/asn1.h>

int
ASN1_parse_dump(BIO *bio, const unsigned char *ber_in, long length, int indent, int dump);

int
ASN1_parse(BIO *bio, const unsigned char *ber_in, long length, int indent);

() parses BER-encoded values and prints information about them to bio. On function entry, *ber_in is expected to point to the first identifier octet of an encoded value. At most length bytes are inspected.

For each value successfully parsed, the following information is printed:

  1. The index of its first identifier octet relative to ber_in as a decimal number followed by a colon. For the first value parsed and printed, this is "0:".
  2. The nesting depth as a decimal integer. For the first value parsed and printed, this is "d=0".
  3. The header length in bytes, including the identifier octets and the length octets, as a decimal integer. For example, for a boolean value, this is "hl=2" because the encoding of a boolean value contains one identifier octet (0x01) and one length octet (also 0x01, because one content octet follows after the header).
  4. If the value is encoded using the definite form for the length octets, the number encoded in the length octets as a decimal integer. This is the number of content octets that follow. For example, for a boolean value, this is "l=1". If the value is encoded using a length octet indicating the indefinite form, "l=inf" is printed instead.
  5. If the value is primitive, "prim:" is printed; if it is constructed, "cons:".
  6. The next field depends on the class of the tag:
    "priv" followed by the decimal tag number in square brackets
    "cont" followed by the decimal tag number in square brackets
    "appl" followed by the decimal tag number in square brackets
    V_ASN1_UNIVERSAL
    If the tag number is 30 or less, the return value from ASN1_tag2str(3) is printed; otherwise, "<ASN1" followed by the decimal tag number and a closing angle bracket.

For constructed values, the contained values are recursively printed.

Primitive values are processed as follows:

Its integer value is printed as a decimal number.
Decoded with d2i_ASN1_INTEGER(3), printed as a hexadecimal number with an even number of digits.
Decoded with d2i_ASN1_ENUMERATED(3), printed as a hexadecimal number with an even number of digits.
Decoded with d2i_ASN1_OBJECT(3), printed with i2a_ASN1_OBJECT(3).
Decoded with d2i_ASN1_OCTET_STRING(3). If the data consists only of printable ASCII characters, line feeds, carriage returns and horizontal tabs, it is printed as an ASCII string.

Otherwise, the dump argument decides the format. If it is zero, a raw hex dump is emitted, consisting of two hexadecimal digits for every data byte. If dump is non-zero, BIO_dump_indent(3) is used. Unless dump is -1, the data is truncated after dump bytes.

Printed as an ASCII string. The same applies to V_ASN1_IA5STRING, V_ASN1_T61STRING, V_ASN1_NUMERICSTRING, V_ASN1_VISIBLESTRING, V_ASN1_UTF8STRING, V_ASN1_UTCTIME, and V_ASN1_GENERALIZEDTIME.
Other tags
If the dump argument is 0, their data is silently ignored. If dump is non-zero, BIO_dump_indent(3) is used. Unless dump is -1, the data is truncated after dump bytes.

() is identical to ASN1_parse_dump() with 0 passed as the dump argument.

These functions return 1 for success or 0 for failure.

In particular, they print an error message to bio, abort parsing and printing, and return 0 when parsing or decoding fails, when a recursive call fails, when encountering a value extending beyond length, or when encountering a nesting level in excess of 128. They also abort parsing and printing and return 0 when any printing operation fails.

ASN1_get_object(3), ASN1_item_d2i(3), ASN1_item_new(3), ASN1_STRING_print(3), ASN1_TYPE_new(3)

ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), section 8.1: General rules for encoding

ASN1_parse() first appeared in SSLeay 0.5.1 and has been available since OpenBSD 2.4.

ASN1_parse_dump() first appeared in OpenSSL 0.9.6 and has been available since OpenBSD 2.9.

The content of values tagged as V_ASN1_BMPSTRING is silently ignored and none of it is printed.

December 9, 2021 OpenBSD-current