RFR: 8252523: Add ASN1 Formatter to work with HexPrinter [v2]

Roger Riggs rriggs at openjdk.java.net
Sun Sep 20 14:14:51 UTC 2020


> # JDK-8252523: Add ASN.1 Formatter to work with test utility HexPrinter
> 
> Debugging functions that utilize ASN.1, DER, and BER encoded streams is
> difficult without test utilities to show the contents.
> The ASN.1 formatter reads a stream and produces annotated output of the
> tags, values, and structures.
> When used with the test library jdk.test.lib.hexdump.HexPrinter the annotations are synchronized
> with the hex formatted output.
> 
> Small changes to HexPrinter are included to improve the output readability.
> 
> 
> Example decoding of a .pem certificate:
> SEQUENCE [910]
>   SEQUENCE [630]
>     CONTEXT cons 0 [3]
>       BYTE 2,
>     BYTE 3,
>     SEQUENCE [13]
>       OBJECT ID  [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
>       NULL
>     SEQUENCE [76]
>       SET [11]
>         SEQUENCE [9]
>           OBJECT ID  [3] 2.5.4.6 (CountryName)
>           'IN'
>       ...
>       SET [16]
>         SEQUENCE [14]
>           OBJECT ID  [3] 2.5.4.3 (CommonName)
>           Client1
>     SEQUENCE [30]
>       UTCTIME  [13] '150526221718Z'
>       UTCTIME  [13] '250523221718Z'
>     ...
>     SEQUENCE [290]
>       SEQUENCE [13]
>         OBJECT ID  [9] 1.2.840.113549.1.1.1 (RSA)
>         NULL
>       BIT STRING  [271]
>       CONTEXT cons 3 [123]
>         SEQUENCE [121]
>           SEQUENCE [9]
>             OBJECT ID  [3] 2.5.29.19 (BasicConstraints)
>             OCTET STRING  [2] <Unprintable>
>           SEQUENCE [44]
>             OBJECT ID  [9] 2.16.840.1.113730.1.13
>             OCTET STRING  [31] '..OpenSSL Generated Certificate'
>           SEQUENCE [29]
>             OBJECT ID  [3] 2.5.29.14 (SubjectKeyID)
>             OCTET STRING  [22] <Unprintable>
>           SEQUENCE [31]
>             OBJECT ID  [3] 2.5.29.35 (AuthorityKeyID)
>             OCTET STRING  [24] <Unprintable>
>       SEQUENCE [13]
>         OBJECT ID  [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
>         NULL
>       BIT STRING  [257]
> When used with the HexPrinter test utility, the formatting of the
> hexadecimal values is selected with the parameters to HexPrinter.
> 
>     0000: 30 82 03 8e                                     ; SEQUENCE [910]
>     0004:             30 82 02 76                         ;   SEQUENCE [630]
>     0008:                         a0 03                   ;     CONTEXT cons 0 [3]
>     000a:                               02 01 02          ;       BYTE 2,
>     000d:                                        02 01 03 ;     BYTE 3,
>     0010: 30 0d                                           ;     SEQUENCE [13]
>     0012:       06 09 2a 86 48 86 f7 0d 01 01 0b          ;       OBJECT ID  [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
>     001d:                                        05 00    ;       NULL
>     001f:                                              30 ;     SEQUENCE [76]
>     0020: 4c                                              ;
>     0021:    31 0b                                        ;       SET [11]
>     0023:          30 09                                  ;         SEQUENCE [9]
>     0025:                06 03 55 04 06                   ;           OBJECT ID  [3] 2.5.4.6 (CountryName)
>     002a:                               13 02 49 4e       ;           'IN'
>     
>     ...                                                           ...
>     
>     005b:                                  31 10          ;       SET [16]
>     005d:                                        30 0e    ;         SEQUENCE [14]
>     005f:                                              06 ;           OBJECT ID  [3] 2.5.4.3 (CommonName)
>     0060: 03 55 04 03                                     ;
>     0064:             0c 07 43 6c 69 65 6e 74 31          ;           Client1
>     006d:                                        30 1e    ;     SEQUENCE [30]
>     006f:                                              17 ;       UTCTIME  [13] '150526221718Z'
>     0070: 0d 31 35 30 35 32 36 32 32 31 37 31 38 5a       ;
>     007e:                                           17 0d ;       UTCTIME  [13] '250523221718Z'
>     0080: 32 35 30 35 32 33 32 32 31 37 31 38 5a          ;
>     
>     ...                                                         ...
>     
>     00db:                                  30 82 01 22    ;     SEQUENCE [290]
>     00df:                                              30 ;       SEQUENCE [13]
>     00e0: 0d                                              ;
>     00e1:    06 09 2a 86 48 86 f7 0d 01 01 01             ;         OBJECT ID  [9] 1.2.840.113549.1.1.1 (RSA)
>     00ec:                                     05 00       ;         NULL
>     00ee:                                           03 82 ;       BIT STRING  [271]
>     00f0: 01 0f 00 30 82 01 0a 02 82 01 01 00 d8 70 03 54 ;
>     
>     ...
>     
>     01f0: 0a 2d f5 de 59 3e d9 5e 74 93 d2 45 02 03 01 00 ;
>     0200: 01                                              ;
>     0201:    a3 7b                                        ;       CONTEXT cons 3 [123]
>     0203:          30 79                                  ;         SEQUENCE [121]
>     0205:                30 09                            ;           SEQUENCE [9]
>     0207:                      06 03 55 1d 13             ;             OBJECT ID  [3] 2.5.29.19 (BasicConstraints)
>     020c:                                     04 02 30 00 ;             OCTET STRING  [2] <Unprintable>
>     0210: 30 2c                                           ;           SEQUENCE [44]
>     0212:       06 09 60 86 48 01 86 f8 42 01 0d          ;             OBJECT ID  [9] 2.16.840.1.113730.1.13
>     021d:                                        04 1f 16 ;             OCTET STRING  [31] '..OpenSSL Generated
>     Certificate'  0220: 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 74 ;
>     0230: 65 64 20 43 65 72 74 69 66 69 63 61 74 65       ;
>     023e:                                           30 1d ;           SEQUENCE [29]
>     0240: 06 03 55 1d 0e                                  ;             OBJECT ID  [3] 2.5.29.14 (SubjectKeyID)
>     0245:                04 16 04 14 87 13 66 bc 7a 4d 8e ;             OCTET STRING  [22] <Unprintable>
>     0250: 98 e7 97 fb cc 56 41 27 c8 5e 4c b2 4d          ;
>     025d:                                        30 1f    ;           SEQUENCE [31]
>     025f:                                              06 ;             OBJECT ID  [3] 2.5.29.35 (AuthorityKeyID)
>     0260: 03 55 1d 23                                     ;
>     0264:             04 18 30 16 80 14 1f 21 4f db 10 31 ;             OCTET STRING  [24] <Unprintable>
>     0270: d0 67 83 09 03 d3 cd fc 46 ec cf 1d 8b b4       ;
>     027e:                                           30 0d ;       SEQUENCE [13]
>     0280: 06 09 2a 86 48 86 f7 0d 01 01 0b                ;         OBJECT ID  [9] 1.2.840.113549.1.1.11 (SHA256withRSA)
>     028b:                                  05 00          ;         NULL
>     028d:                                        03 82 01 ;       BIT STRING  [257]
>     0290: 01 00 3e 2b 5f 32 aa f0 f7 52 2b ba f3 bb 07 ee ;
>     
>     ...
>     
>     0390: 6d 94                                           ;

Roger Riggs has updated the pull request incrementally with one additional commit since the last revision:

  Small cleanups to javadoc and code

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/268/files
  - new: https://git.openjdk.java.net/jdk/pull/268/files/67df141f..915dfe7e

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=268&range=01
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=268&range=00-01

  Stats: 31 lines in 2 files changed: 12 ins; 5 del; 14 mod
  Patch: https://git.openjdk.java.net/jdk/pull/268.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/268/head:pull/268

PR: https://git.openjdk.java.net/jdk/pull/268



More information about the security-dev mailing list