On Sat, Jan 21, 2023 at 5:47 AM James Chapman <ja...@uplinkzero.com> wrote: > > New subscriber and CryptoPP user list here. I'm hoping you can assist me and > point me in the right direction. I'm trying to read information from PE file > signing certificates which are typically in PKCS#7 format. I've extracted the > certificate structure OK, but now I'm trying to use CryptoPP to extract > information from the certificates. > > I've used certutil to dump an ASN structure from acrobat.exe (for easy > reference I've placed it at the bottom of this email). > > So far, I've got this: > > CryptoPP::VectorSource vs(certData.certificate, true); > CryptoPP::BERSequenceDecoder p7b(vs); > CryptoPP::BERSequenceDecoder outerObject(p7b, > CryptoPP::OBJECT_IDENTIFIER); > > Anything I try after this throws.
What was the exception? The ASN.1 gear likely does not know about OIDs 1.2.840.113549.1.7.2, 2.16.840.1.101.3.4.2.1, 1.2.840.113549.1.9.16.1.4 and friends. But the exception should tell you the problem. > I presume I need to read the OPTIONAL somehow and then from there process the > SEQUENCE. In fact, I suspect the best approach would be to somehow enumerate > the SEQUENCE sections and then process those individually, but with the tools > available to me in CryptoPP's ASN section I've not been able to work out how > to do that yet :-( > > I'm probably missing something obvious (I should point out that I'm new to > ASN1 too). Any guidance, words of wisdom or even examples would be greatly > appreciated. > Also see https://www.cryptopp.com/wiki/X509Certificate . It is an example of parsing X.509 certificates. Jeff > 0000: 30 82 17 25 ; SEQUENCE (1725 Bytes) > 0004: 06 09 ; OBJECT_ID (9 Bytes) > 0006: | 2a 86 48 86 f7 0d 01 07 02 > | ; 1.2.840.113549.1.7.2 PKCS 7 Signed > 000f: a0 82 17 16 ; OPTIONAL[0] (1716 Bytes) > 0013: 30 82 17 12 ; SEQUENCE (1712 Bytes) > 0017: 02 01 ; INTEGER (1 Bytes) > 0019: | 03 > [...] -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/CAH8yC8k4spB09YPRU4qjB1_JfwOgbYz7T7GtztgLPJwoL8Xa6Q%40mail.gmail.com.
