forge icon indicating copy to clipboard operation
forge copied to clipboard

Published 20 hours ago verified publisher icon digitalbazaar

Extracting information from PKCS#7 signed data

Open NuSkooler opened this issue 9 years ago • 2 comments

I'm using node-forge for a iOS MDM server and am in need to extract and validate (*) PKCS#7 signed data but cannot seem to get anywhere.

(*) it's my understanding -- and from the code -- that verification of PKCS#7 is NYI.

The data in question is DER encoded PKCS#7 mobile configuration (.plist / XML). I'm attempting to get basic information like so:

const p7 = forge.pkcs7.messageFromAsn1(
  forge.asn1.fromDer(
    forge.util.createBuffer(req.payload, 'binary')
  )
);

When I inspect p7.signers, p7.content, etc. they are empty. Inspecting p7.rawCapture.content... shows me the data is present (I can see the XML "message" here), but I'm not sure how I should be accessing it.

Any ideas/tips/etc. appreciated!

BTW, Apple's docs show the following in their sample for this step:

 p7sign = OpenSSL::PKCS7::PKCS7.new(req.body)
 store = OpenSSL::X509::Store.new
 p7sign.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
 signers = p7sign.signers

NuSkooler avatar May 06 '16 22:05 NuSkooler