[openssl-users] Verifying Authenticode timestamp using openssl apis
Leena Soman
leenanand at yahoo.com
Tue Nov 24 05:17:10 UTC 2015
Hello,
I am trying to verify the timestamp in a file signed using Authenticode.
I have found that this timestamp is in the RFC3161 format.
Using openssl apis, I have parsed the Authenticode signature and reached the oid 1.3.6.1.4.1.311.3.3.1. I have subsequently used the following apis :------------------------------------------------------------------------
ASN1_OBJECT *obj; obj = OBJ_txt2obj("1.3.6.1.4.1.311.3.3.1", 1);
int cmp = -1;
attr = sk_X509_ATTRIBUTE_value(pSkUnauthAttr, 0);
if (0 == (cmp = OBJ_cmp(attr->object, obj)))
{
ASN1_TYPE *asn1_type = NULL;
asn1_type = sk_ASN1_TYPE_value(attr->value.set, 0);
if (V_ASN1_SEQUENCE == asn1_type->type)
{
ptr = asn1_type->value.octet_string->data; ts_pkcs7 = d2i_PKCS7(NULL, &ptr, (int)asn1_type->value.octet_string->length);
------------------------------------------------------------------------Since the sequence following the oid is of type PKCS7_signed_data, I expected d2i_PKCS7 to convert it after which I would be able to reach id-smime-ct-TSTInfo.
But d2i_PKCS7 fails returning NULL. I would appreciate if someone who has done something similar and faced this problem can help me.
I am unable to move forward so any help would be greatly appreciated.Thanks,
Leena.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151124/488f13ac/attachment.html>
More information about the openssl-users
mailing list