diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2002-11-13 13:18:14 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2002-11-13 13:18:14 +0000 |
commit | 04f0a6ba3952e17e758fcdbb80510d1ff9744365 (patch) | |
tree | 7b4d4eb6ef68e3052a7a714a2e5e6ab4586570e9 /doc | |
parent | eb43641dd37824f2fc3db1b3920fe1e4245136ec (diff) | |
download | openssl-new-04f0a6ba3952e17e758fcdbb80510d1ff9744365.tar.gz |
Update docs
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/asn1parse.pod | 42 | ||||
-rw-r--r-- | doc/openssl.txt | 25 |
2 files changed, 64 insertions, 3 deletions
diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod index e76e9813ab..e3462aabf1 100644 --- a/doc/apps/asn1parse.pod +++ b/doc/apps/asn1parse.pod @@ -16,6 +16,8 @@ B<openssl> B<asn1parse> [B<-i>] [B<-oid filename>] [B<-strparse offset>] +[B<-genstr string>] +[B<-genconf file>] =head1 DESCRIPTION @@ -67,6 +69,14 @@ file is described in the NOTES section below. parse the contents octets of the ASN.1 object starting at B<offset>. This option can be used multiple times to "drill down" into a nested structure. +=item B<-genstr string>, B<-genconf file> + +generate encoded data based on B<string>, B<file> or both using +ASN1_generate_nconf() format. If B<file> only is present then the string +is obtained from the default section using the name B<asn1>. The encoded +data is passed through the ASN1 parser and printed out as though it came +from a file, the contents can thus be examined and written to a file +using the B<out> option. =back @@ -121,6 +131,38 @@ by white space. The final column is the rest of the line and is the C<1.2.3.4 shortName A long name> +=head1 EXAMPLES + +Parse a file: + + openssl asn1parse -in file.pem + +Parse a DER file: + + openssl asn1parse -inform DER -in file.der + +Generate a simple UTF8String: + + openssl asn1parse -genstr 'UTF8:Hello World' + +Generate and write out a UTF8String, don't print parsed output: + + openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der + +Generate using a config file: + + openssl asn1parse -genconf asn1.cnf -noout -out asn1.der + +Example config file: + + asn1=SEQUENCE:seq_sect + + [seq_sect] + + field1=BOOL:TRUE + field2=EXP:0, UTF8:some random string + + =head1 BUGS There should be options to change the format of input lines. The output of some diff --git a/doc/openssl.txt b/doc/openssl.txt index 432a17b66c..37730b2cbd 100644 --- a/doc/openssl.txt +++ b/doc/openssl.txt @@ -154,8 +154,22 @@ for example contain data in multiple sections. The correct syntax to use is defined by the extension code itself: check out the certificate policies extension for an example. -In addition it is also possible to use the word DER to include arbitrary -data in any extension. +There are two ways to encode arbitrary extensions. + +The first way is to use the word ASN1 followed by the extension content +using the same syntax as ASN1_generate_nconf(). For example: + +1.2.3.4=critical,ASN1:UTF8String:Some random data + +1.2.3.4=ASN1:SEQUENCE:seq_sect + +[seq_sect] + +field1 = UTF8:field1 +field2 = UTF8:field2 + +It is also possible to use the word DER to include arbitrary data in any +extension. 1.2.3.4=critical,DER:01:02:03:04 1.2.3.4=DER:01020304 @@ -336,16 +350,21 @@ Subject Alternative Name. The subject alternative name extension allows various literal values to be included in the configuration file. These include "email" (an email address) "URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a -registered ID: OBJECT IDENTIFIER) and IP (and IP address). +registered ID: OBJECT IDENTIFIER), IP (and IP address) and otherName. Also the email option include a special 'copy' value. This will automatically include and email addresses contained in the certificate subject name in the extension. +otherName can include arbitrary data associated with an OID: the value +should be the OID followed by a semicolon and the content in standard +ASN1_generate_nconf() format. + Examples: subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/ subjectAltName=email:my@other.address,RID:1.2.3.4 +subjectAltName=otherName:1.2.3.4;UTF8:some other identifier Issuer Alternative Name. |