RFR: 8252523: Add ASN1 Formatter to work with HexPrinter [v2]
Roger Riggs
rriggs at openjdk.java.net
Sun Sep 20 14:14:51 UTC 2020
> # JDK-8252523: Add ASN.1 Formatter to work with test utility HexPrinter
>
> Debugging functions that utilize ASN.1, DER, and BER encoded streams is
> difficult without test utilities to show the contents.
> The ASN.1 formatter reads a stream and produces annotated output of the
> tags, values, and structures.
> When used with the test library jdk.test.lib.hexdump.HexPrinter the annotations are synchronized
> with the hex formatted output.
>
> Small changes to HexPrinter are included to improve the output readability.
>
>
> Example decoding of a .pem certificate:
> SEQUENCE [910]
> SEQUENCE [630]
> CONTEXT cons 0 [3]
> BYTE 2,
> BYTE 3,
> SEQUENCE [13]
> OBJECT ID [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
> NULL
> SEQUENCE [76]
> SET [11]
> SEQUENCE [9]
> OBJECT ID [3] 2.5.4.6 (CountryName)
> 'IN'
> ...
> SET [16]
> SEQUENCE [14]
> OBJECT ID [3] 2.5.4.3 (CommonName)
> Client1
> SEQUENCE [30]
> UTCTIME [13] '150526221718Z'
> UTCTIME [13] '250523221718Z'
> ...
> SEQUENCE [290]
> SEQUENCE [13]
> OBJECT ID [9] 1.2.840.113549.1.1.1 (RSA)
> NULL
> BIT STRING [271]
> CONTEXT cons 3 [123]
> SEQUENCE [121]
> SEQUENCE [9]
> OBJECT ID [3] 2.5.29.19 (BasicConstraints)
> OCTET STRING [2] <Unprintable>
> SEQUENCE [44]
> OBJECT ID [9] 2.16.840.1.113730.1.13
> OCTET STRING [31] '..OpenSSL Generated Certificate'
> SEQUENCE [29]
> OBJECT ID [3] 2.5.29.14 (SubjectKeyID)
> OCTET STRING [22] <Unprintable>
> SEQUENCE [31]
> OBJECT ID [3] 2.5.29.35 (AuthorityKeyID)
> OCTET STRING [24] <Unprintable>
> SEQUENCE [13]
> OBJECT ID [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
> NULL
> BIT STRING [257]
> When used with the HexPrinter test utility, the formatting of the
> hexadecimal values is selected with the parameters to HexPrinter.
>
> 0000: 30 82 03 8e ; SEQUENCE [910]
> 0004: 30 82 02 76 ; SEQUENCE [630]
> 0008: a0 03 ; CONTEXT cons 0 [3]
> 000a: 02 01 02 ; BYTE 2,
> 000d: 02 01 03 ; BYTE 3,
> 0010: 30 0d ; SEQUENCE [13]
> 0012: 06 09 2a 86 48 86 f7 0d 01 01 0b ; OBJECT ID [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
> 001d: 05 00 ; NULL
> 001f: 30 ; SEQUENCE [76]
> 0020: 4c ;
> 0021: 31 0b ; SET [11]
> 0023: 30 09 ; SEQUENCE [9]
> 0025: 06 03 55 04 06 ; OBJECT ID [3] 2.5.4.6 (CountryName)
> 002a: 13 02 49 4e ; 'IN'
>
> ... ...
>
> 005b: 31 10 ; SET [16]
> 005d: 30 0e ; SEQUENCE [14]
> 005f: 06 ; OBJECT ID [3] 2.5.4.3 (CommonName)
> 0060: 03 55 04 03 ;
> 0064: 0c 07 43 6c 69 65 6e 74 31 ; Client1
> 006d: 30 1e ; SEQUENCE [30]
> 006f: 17 ; UTCTIME [13] '150526221718Z'
> 0070: 0d 31 35 30 35 32 36 32 32 31 37 31 38 5a ;
> 007e: 17 0d ; UTCTIME [13] '250523221718Z'
> 0080: 32 35 30 35 32 33 32 32 31 37 31 38 5a ;
>
> ... ...
>
> 00db: 30 82 01 22 ; SEQUENCE [290]
> 00df: 30 ; SEQUENCE [13]
> 00e0: 0d ;
> 00e1: 06 09 2a 86 48 86 f7 0d 01 01 01 ; OBJECT ID [9] 1.2.840.113549.1.1.1 (RSA)
> 00ec: 05 00 ; NULL
> 00ee: 03 82 ; BIT STRING [271]
> 00f0: 01 0f 00 30 82 01 0a 02 82 01 01 00 d8 70 03 54 ;
>
> ...
>
> 01f0: 0a 2d f5 de 59 3e d9 5e 74 93 d2 45 02 03 01 00 ;
> 0200: 01 ;
> 0201: a3 7b ; CONTEXT cons 3 [123]
> 0203: 30 79 ; SEQUENCE [121]
> 0205: 30 09 ; SEQUENCE [9]
> 0207: 06 03 55 1d 13 ; OBJECT ID [3] 2.5.29.19 (BasicConstraints)
> 020c: 04 02 30 00 ; OCTET STRING [2] <Unprintable>
> 0210: 30 2c ; SEQUENCE [44]
> 0212: 06 09 60 86 48 01 86 f8 42 01 0d ; OBJECT ID [9] 2.16.840.1.113730.1.13
> 021d: 04 1f 16 ; OCTET STRING [31] '..OpenSSL Generated
> Certificate' 0220: 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 74 ;
> 0230: 65 64 20 43 65 72 74 69 66 69 63 61 74 65 ;
> 023e: 30 1d ; SEQUENCE [29]
> 0240: 06 03 55 1d 0e ; OBJECT ID [3] 2.5.29.14 (SubjectKeyID)
> 0245: 04 16 04 14 87 13 66 bc 7a 4d 8e ; OCTET STRING [22] <Unprintable>
> 0250: 98 e7 97 fb cc 56 41 27 c8 5e 4c b2 4d ;
> 025d: 30 1f ; SEQUENCE [31]
> 025f: 06 ; OBJECT ID [3] 2.5.29.35 (AuthorityKeyID)
> 0260: 03 55 1d 23 ;
> 0264: 04 18 30 16 80 14 1f 21 4f db 10 31 ; OCTET STRING [24] <Unprintable>
> 0270: d0 67 83 09 03 d3 cd fc 46 ec cf 1d 8b b4 ;
> 027e: 30 0d ; SEQUENCE [13]
> 0280: 06 09 2a 86 48 86 f7 0d 01 01 0b ; OBJECT ID [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
> 028b: 05 00 ; NULL
> 028d: 03 82 01 ; BIT STRING [257]
> 0290: 01 00 3e 2b 5f 32 aa f0 f7 52 2b ba f3 bb 07 ee ;
>
> ...
>
> 0390: 6d 94 ;
Roger Riggs has updated the pull request incrementally with one additional commit since the last revision:
Small cleanups to javadoc and code
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/268/files
- new: https://git.openjdk.java.net/jdk/pull/268/files/67df141f..915dfe7e
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=268&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=268&range=00-01
Stats: 31 lines in 2 files changed: 12 ins; 5 del; 14 mod
Patch: https://git.openjdk.java.net/jdk/pull/268.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/268/head:pull/268
PR: https://git.openjdk.java.net/jdk/pull/268
More information about the security-dev
mailing list