BerValue - Linux
Overview
BerValue is a versatile command-line tool for extracting and manipulating BER (Basic Encoding Rules) values from DER (Distinguished Encoding Rules) or BER-encoded data. It enables efficient handling of complex data formats commonly found in cryptography, PKI, and network protocols.
Syntax
bervalue [options] [input-file] [output-file]
Options/Flags
- -d, –decode: Decode BER-encoded data into plaintext.
- -e, –encode: Encode plaintext into BER format.
- -p, –print: Pretty-print the BER value in a human-readable format.
- -t, –tag: Specify the BER tag of the value to be extracted.
- -f, –force: Override error checks and continue processing.
Examples
Extract and print a certificate’s subjectAltName:
bervalue -d -t 0x0087 mycert.der
Encode a DNS name into a subjectAltName:
bervalue -e -t 0x0087 dns:example.com
Convert a PEM certificate to BER format:
openssl x509 -in mycert.pem -outform DER | bervalue -e
Common Issues
- Ensure the input data is correctly encoded in BER or DER format.
- Use the
-f
flag to continue processing if minor errors occur. - Specify the BER tag accurately using the
-t
option.
Integration
Combine with OpenSSL:
openssl x509 -nameopt multiline,RFC2253 -in mycert.pem | bervalue -p
Use in scripts:
#!/bin/bash
cert_der_file=$(bervalue -d -t 0x0087 mycert.der)
echo $cert_der_file | openssl x509 -subject -noout
Related Commands
- OpenSSL: For managing certificates and keys.
- ASN1Parser: For parsing and manipulating ASN.1 data.
- DerWalker: For interactive BER/DER data exploration.