Hi,
I received a PKCS7 message with enveloped data (:pkcs7-envelopedData) and
looking for a way to decrypt the content (PKCS10 CSR) only with the CLI. Is
this possible with openssl? I tried several things with the help of the
asn1parse command but did not find the solution :-(
My message looks like this:
0:d=0 hl=4 l=1837 cons: SEQUENCE
4:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData
15:d=1 hl=4 l=1822 cons: cont [ 0 ]
19:d=2 hl=4 l=1818 cons: SEQUENCE
23:d=3 hl=2 l= 1 prim: INTEGER :01
26:d=3 hl=2 l= 11 cons: SET
28:d=4 hl=2 l= 9 cons: SEQUENCE
30:d=5 hl=2 l= 5 prim: OBJECT :sha1
37:d=5 hl=2 l= 0 prim: NULL
39:d=3 hl=4 l= 874 cons: SEQUENCE
43:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
54:d=4 hl=4 l= 859 cons: cont [ 0 ]
58:d=5 hl=4 l= 855 prim: OCTET STRING [HEX
DUMP]:308006092A864886F70D010703A08030800201003182011530820111020100307A306D310B3009060355040613024445310B30090603550408130242573112301006035504071309537475747467617274310F300D060355040A1306616C746573743112301006035504031309616C746573742043413118301606092A864886F70D0109011609646440616C2E636F6D020900BA26D09581993A43300D06092A864886F70D01010105000481807706AE3BA87B001D34C5B59CA756ED21BE95B406E9AED1D1320F0B2B6B9EB32414A8F4CB15FEE5A2ACA376A0134CCD5
and when I go deeper into the data with openssl asn1parse -in
iphone-pkcs7.pem -strparse 58 -out envelopeddata :
0:d=0 hl=2 l=inf cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-envelopedData
13:d=1 hl=2 l=inf cons: cont [ 0 ]
15:d=2 hl=2 l=inf cons: SEQUENCE
17:d=3 hl=2 l= 1 prim: INTEGER :00
20:d=3 hl=4 l= 277 cons: SET
24:d=4 hl=4 l= 273 cons: SEQUENCE
28:d=5 hl=2 l= 1 prim: INTEGER :00
31:d=5 hl=2 l= 122 cons: SEQUENCE
33:d=6 hl=2 l= 109 cons: SEQUENCE
35:d=7 hl=2 l= 11 cons: SET
37:d=8 hl=2 l= 9 cons: SEQUENCE
39:d=9 hl=2 l= 3 prim: OBJECT :countryName
I can see the evenlopedData.
Thanks
Dirk
