From 35005fa23e0f852b6aa9e5aa837f6fffb30add5f Mon Sep 17 00:00:00 2001
From: William Robinet <william.robinet@conostix.com>
Date: Tue, 1 Oct 2024 17:49:15 +0200
Subject: [PATCH] Add a note about ASN.1 structures edition

---
 crypto-and-stego/certificates.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/crypto-and-stego/certificates.md b/crypto-and-stego/certificates.md
index 32770a521..82a0a6082 100644
--- a/crypto-and-stego/certificates.md
+++ b/crypto-and-stego/certificates.md
@@ -195,6 +195,33 @@ openssl pkcs7 -print_certs -in certificatename.p7b -out certificatename.cer
 openssl pkcs12 -export -in certificatename.cer -inkey privateKey.key -out certificatename.pfx -certfile cacert.cer
 ```
 
+* **ASN.1 (DER/PEM) editing** (works with certificates or almost any other ASN.1 structure):
+  1. Clone [asn1template](https://github.com/wllm-rbnt/asn1template/)
+
+```bash
+git clone https://github.com/wllm-rbnt/asn1template.git
+```
+
+2. Convert DER/PEM to OpenSSL's generation format
+
+```bash
+asn1template/asn1template.pl certificatename.der > certificatename.tpl
+asn1template/asn1template.pl -p certificatename.pem > certificatename.tpl
+```
+
+3. Edit certificatename.tpl according to your requirements
+
+```bash
+vim certificatename.tpl
+```
+
+4. Rebuild the modified certificate
+
+```bash
+openssl asn1parse -genconf certificatename.tpl -out certificatename_new.der
+openssl asn1parse -genconf certificatename.tpl -outform PEM -out certificatename_new.pem
+```
+
 ***
 
 <figure><img src="../.gitbook/assets/image (48).png" alt=""><figcaption></figcaption></figure>