Is the structure of this CMS object correct?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 09.02.16 um 16:39 schrieb Erwann Abalea:
> Bonjour Stephan,
>
> ...
>
> PKCS#7 and CMS are pretty much interchangeable.
> Here, your file is strictly not a PKCS#7v1.5, because in this version,
> RecipientInfo wasn?t a CHOICE (see RFC2315 to see PKCS#7v1.5 definitions).
>
> How did you generate this structure? Adobe Acrobat?

The previous structure was generated with Adobe Acrobat XI.

I repeated the experiment with Adobe Acrobat DC, and something was 
changed in the structure of the CMS object, but it still does not look 
correct to me (full dumpasn1 output below).

It is clear to me that there is no problem with OpenSSL here, but I 
would appreciate it if someone with more authority on CMS and ASN.1 than 
me could confirm that the CMS structure is broken and that OpenSSL is 
correct to reject it, thanks.

OpenSSL 1.0.2d produces the following error message when trying to 
decrypt the CMS message:

$ openssl cms -decrypt -in cms-DC-AES256.der -inform DER -out /dev/null 
-inkey atssecp521r1.key -recip atssecp521r1.pem
Error reading S/MIME message
140735215203152:error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1198:
140735215203152:error:0D07803A:asn1 encoding 
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:372:Type=X509_ALGOR
140735215203152:error:0D08303A:asn1 encoding 
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 
error:tasn_dec.c:694:Field=keyEncryptionAlgorithm, 
Type=CMS_KeyTransRecipientInfo
140735215203152:error:0D08303A:asn1 encoding 
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:694:
140735215203152:error:0D07803A:asn1 encoding 
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:336:Field=d.ktri, 
Type=CMS_RecipientInfo
140735215203152:error:0D08303A:asn1 encoding 
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 
error:tasn_dec.c:666:Field=recipientInfos, Type=CMS_EnvelopedData
140735215203152:error:0D08303A:asn1 encoding 
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:694:
140735215203152:error:0D08403A:asn1 encoding 
routines:ASN1_TEMPLATE_EX_D2I:nested asn1 
error:tasn_dec.c:557:Field=d.envelopedData, Type=CMS_ContentInfo

I tried again to map the structure of the CMS object to the definitions 
in RFC 5652 (comments added with a '%'):

1: SEQUENCE {
2:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
                                                    % ContentType
3:   [0] {  % eContent
4:     SEQUENCE {
5:       INTEGER 0 % CMSVersion
           % no OriginatorInfo
6:       SET { % RecipientInfos ::= SET SIZE (1..MAX) OF RecipientInfo
7:         SEQUENCE {
        % SEQUENCE tag should not be present because of implicit tagging?
8:           INTEGER 3
          % version 3 only applicable to KeyAgreeRecipientInfo
9:           [0] {
10:             SEQUENCE {
11:               SEQUENCE {
12:                 OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1)
13:                 OBJECT IDENTIFIER secp521r1 (1 3 132 0 35)
14:                 }

In line 7 I can't find a mapping anymore to RFC 5652. The OpenSSL error 
message indicates that it wants to parse a KeyTransRecipientInfo. In 
line 8 the CMSVersion is "3", but that is not applicable to a 
KeyTransRecipientInfo, only to a KeyAgreeRecipientInfo.

------------- dumpasn1 output for CMS message ---------------
  SEQUENCE {
    OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
    [0] {
      SEQUENCE {
        INTEGER 0
        SET {
          SEQUENCE {
            INTEGER 3
            [0] {
              SEQUENCE {
                SEQUENCE {
                  OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1)
                  OBJECT IDENTIFIER secp521r1 (1 3 132 0 35)
                  }
                BIT STRING
                  04 00 69 68 2B EA A2 DD 50 48 52 D2 D7 FF 40 9A
                  9F 86 8E 43 33 42 D5 A4 DE 4A 41 5A 73 F3 99 19
                  A4 C5 19 DF 4D 4E EF 4E 47 54 A1 5A 74 41 F3 50
                  43 94 92 35 2B 37 28 49 53 A8 1D 6E BA 21 C2 E0
                  B0 A1 F0 01 E0 61 B6 91 29 23 52 BA 39 D5 1D FE
                  DA 08 DF C8 7C 11 76 56 73 13 51 B7 8D 69 45 CC
                  A1 D4 57 50 45 2A 63 93 5C A8 FB D4 F3 8F 46 68
                  38 BC 57 81 FD C6 06 86 43 C3 3B 53 90 28 C8 B1
                          [ Another 5 bytes skipped ]
                }
              }
            [1] {
              OCTET STRING C8 71 12 9C B5 64 24 52
              }
            SEQUENCE {
              OBJECT IDENTIFIER '1 3 132 1 11 3'
              SEQUENCE {
                OBJECT IDENTIFIER aes256-wrap (2 16 840 1 101 3 4 1 45)
                }
              }
            SEQUENCE {
              SEQUENCE {
                SEQUENCE {
                  SEQUENCE {
                    SET {
                      SEQUENCE {
                        OBJECT IDENTIFIER countryName (2 5 4 6)
                        PrintableString 'DE'
                        }
                      }
                    SET {
                      SEQUENCE {
                        OBJECT IDENTIFIER localityName (2 5 4 7)
                        UTF8String 'Munich'
                        }
                      }
                    SET {
                      SEQUENCE {
                        OBJECT IDENTIFIER organizationName (2 5 4 10)
                        UTF8String 'PDFlib GmbH'
                        }
                      }
                    SET {
                      SEQUENCE {
                        OBJECT IDENTIFIER commonName (2 5 4 3)
                        UTF8String 'PDFlib GmbH ATS Demo Intermediate CA'
                        }
                      }
                    }
                  INTEGER 27
                  }
                OCTET STRING
                  63 CE 50 C7 31 8A B9 C8 A3 6A 7B 7C 9D 14 50 33
                  09 7C 5D 3D 7B 34 1B 30
                }
              }
            }
          }
        SEQUENCE {
          OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
          SEQUENCE {
            OBJECT IDENTIFIER aes128-CBC (2 16 840 1 101 3 4 1 2)
            OCTET STRING
              88 9B F1 E8 96 0B A8 4D 9C F1 6F FC E3 7D B8 AC
            }
          [0]
            AB 19 35 70 7F CE 88 17 A0 AD FA A2 55 33 68 FD
            48 9D 26 2E DC 7B A7 96 95 19 FA 1F B8 0C DE E0
          }
        }
      }
    }
------------- dumpasn1 output for CMS message ---------------

-- 
Stephan



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux