[openssl-users] Verifying Authenticode timestamp using openssl apis

Leena Soman leenanand at yahoo.com
Tue Nov 24 05:17:10 UTC 2015

I am trying to verify the timestamp in a file signed using Authenticode.
I have found that this timestamp is in the RFC3161 format.
Using openssl apis, I have parsed the Authenticode signature and reached the oid I have subsequently used the following apis :------------------------------------------------------------------------
ASN1_OBJECT *obj;        obj = OBJ_txt2obj("", 1);
        int cmp = -1;
        attr = sk_X509_ATTRIBUTE_value(pSkUnauthAttr, 0);
        if (0 == (cmp = OBJ_cmp(attr->object, obj)))
            ASN1_TYPE *asn1_type = NULL;
            asn1_type = sk_ASN1_TYPE_value(attr->value.set, 0);
            if (V_ASN1_SEQUENCE == asn1_type->type)
                ptr = asn1_type->value.octet_string->data;                ts_pkcs7 = d2i_PKCS7(NULL, &ptr, (int)asn1_type->value.octet_string->length);
------------------------------------------------------------------------Since the sequence following the oid is of type PKCS7_signed_data, I expected d2i_PKCS7 to convert it after which I would be able to reach id-smime-ct-TSTInfo. 
But d2i_PKCS7 fails returning NULL. I would appreciate if someone who has done something similar and faced this problem can help me. 
I am unable to move forward so any help would be greatly appreciated.Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151124/488f13ac/attachment.html>

More information about the openssl-users mailing list