BerValue - Linux

Overview

BerValue is a versatile command-line tool for extracting and manipulating BER (Basic Encoding Rules) values from DER (Distinguished Encoding Rules) or BER-encoded data. It enables efficient handling of complex data formats commonly found in cryptography, PKI, and network protocols.

Syntax

bervalue [options] [input-file] [output-file]

Options/Flags

• -d, –decode: Decode BER-encoded data into plaintext.
• -e, –encode: Encode plaintext into BER format.
• -p, –print: Pretty-print the BER value in a human-readable format.
• -t, –tag: Specify the BER tag of the value to be extracted.
• -f, –force: Override error checks and continue processing.

Examples

Extract and print a certificate’s subjectAltName:

bervalue -d -t 0x0087 mycert.der

Encode a DNS name into a subjectAltName:

bervalue -e -t 0x0087 dns:example.com

Convert a PEM certificate to BER format:

openssl x509 -in mycert.pem -outform DER | bervalue -e

Common Issues

• Ensure the input data is correctly encoded in BER or DER format.
• Use the -f flag to continue processing if minor errors occur.
• Specify the BER tag accurately using the -t option.

Integration

Combine with OpenSSL:

openssl x509 -nameopt multiline,RFC2253 -in mycert.pem | bervalue -p

Use in scripts:

#!/bin/bash
cert_der_file=$(bervalue -d -t 0x0087 mycert.der)
echo $cert_der_file | openssl x509 -subject -noout

Related Commands

• OpenSSL: For managing certificates and keys.
• ASN1Parser: For parsing and manipulating ASN.1 data.
• DerWalker: For interactive BER/DER data exploration.