Verifying Authenticode timestamp using openssl apis

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Matt,Here is an excerpt of openssl asn1parse ------------------------------------------------------------------------------------------------3588:d=5? hl=4 l=4940 cons: cont [ 1 ]
?3592:d=6? hl=4 l=4936 cons: SEQUENCE
?3596:d=7? hl=2 l=? 10 prim: OBJECT??????????? :1.3.6.1.4.1.311.3.3.1
?3608:d=7? hl=4 l=4920 cons: SET
?3612:d=8? hl=4 l=4916 cons: SEQUENCE
?3616:d=9? hl=2 l=?? 9 prim: OBJECT??????????? :pkcs7-signedData
?3627:d=9? hl=4 l=4901 cons: cont [ 0 ]
?3631:d=10 hl=4 l=4897 cons: SEQUENCE
?3635:d=11 hl=2 l=?? 1 prim: INTEGER?????????? :03
?3638:d=11 hl=2 l=? 15 cons: SET
?3640:d=12 hl=2 l=? 13 cons: SEQUENCE
?3642:d=13 hl=2 l=?? 9 prim: OBJECT??????????? :sha256
?3653:d=13 hl=2 l=?? 0 prim: NULL
?3655:d=11 hl=4 l= 316 cons: SEQUENCE
?3659:d=12 hl=2 l=? 11 prim: OBJECT??????????? :id-smime-ct-TSTInfo
?3672:d=12 hl=4 l= 299 cons: cont [ 0 ]
?3676:d=13 hl=4 l= 295 prim: OCTET STRING????? [HEX DUMP]:30820123020101060A2B0601040184590A03013031300D060960864801650304020105000420817580D34E29FAD72349E478B6EA0B6354F926FD5CB8719E230D0672BFC5E9C102065593CB94E2BC181232303135303731303035303331352E37315A3007020101800201F4A081B9A481B63081B3310B3009060355040613025553311330110603550408130A57617368696E67746F6E3110300E060355040713075265646D6F6E64311E301C060355040A13154D6963726F736F667420436F72706F726174696F6E310D300B060355040B13044D4F505231273025060355040B131E6E436970686572204453452045534E3A433046342D333038362D44454638312530230603550403131C4D6963726F736F66742054696D652D5374616D702053657276696365
?3975:d=11 hl=4 l=3792 cons: cont [ 0 ]
?3979:d=12 hl=4 l=1649 cons: SEQUENCE
?3983:d=13 hl=4 l=1113 cons: SEQUENCE
?3987:d=14 hl=2 l=?? 3 cons: cont [ 0 ]
?3989:d=15 hl=2 l=?? 1 prim: INTEGER?????????? :02
?3992:d=14 hl=2 l=? 10 prim: INTEGER?????????? :6109812A000000000002
?4004:d=14 hl=2 l=? 13 cons: SEQUENCE
?4006:d=15 hl=2 l=?? 9 prim: OBJECT??????????? :sha256WithRSAEncryption
?4017:d=15 hl=2 l=?? 0 prim: NULL
?4019:d=14 hl=3 l= 136 cons: SEQUENCE
?4022:d=15 hl=2 l=? 11 cons: SET
?4024:d=16 hl=2 l=?? 9 cons: SEQUENCE
?4026:d=17 hl=2 l=?? 3 prim: OBJECT??????????? :countryName
?4031:d=17 hl=2 l=?? 2 prim: PRINTABLESTRING?? :US-------------------------------------------------------------------------------------------------
Thanks,Leena.
?      From: Matt Caswell <matt at openssl.org>
 To: openssl-users at openssl.org 
 Sent: Tuesday, November 24, 2015 3:00 PM
 Subject: Re: [openssl-users] Verifying Authenticode timestamp using openssl apis
   




On 24/11/15 05:17, Leena Soman wrote:
> Hello,
> I am trying to verify the timestamp in a file signed using Authenticode.
> I have found that this timestamp is in the RFC3161 format.
> Using openssl apis, I have parsed the Authenticode signature and reached
> the oid 1.3.6.1.4.1.311.3.3.1. I have subsequently used the following apis :

Am I right in understanding that you are attempting to use the OpenSSL
ASN.1 APIs to parse an RFC3161 response?

Did you realise that OpenSSL has APIs that support RFC3161 directly? See
opensssl/ts.h as well as the "openssl ts" command line app.

Matt
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151124/81d67a5a/attachment-0001.html>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux