Read PKCS#7 from ASN1 with PasswordRecipientInfo

StackOverflow https://stackoverflow.com/questions/23252709

  •  08-07-2023
  •  | 
  •  

Question

I am reading a PKCS#15 file (asn1). Eventually I end up having a pkcs#7 structure, which contains a PasswordRecipientInfo (PBKDF2).

I can read the asn1 structure into a Bouncy Castle EnvelopedData. I can read all encryption parameters by hand, and I know the password to decrypt the data.

But how can I convert the EnvelopedData to something like CmsEnvelopedData (which has more functionality). If I feed the asn1 data to CmsEnvelopedData it fails with malformed data etc.

I also use Rebex, but that seems not to support the PasswordRecipientInfo structure (although they do implement the PBKDF2 key generation).

I did do all the decryption by hand, but do not end up with useful data, so I probably do make a mistake with all the 3Des decryption.

This is the example ASN1 stream:

    0:d=0  hl=4 l= 823 cons: SEQUENCE          
    4:d=1  hl=4 l= 815 cons: cont [ 2 ]        
    8:d=2  hl=2 l=   1 prim: INTEGER           :02
   11:d=2  hl=2 l= 105 cons: SET               
   13:d=3  hl=2 l= 103 cons: cont [ 3 ]        
   15:d=4  hl=2 l=   1 prim: INTEGER           :00
   18:d=4  hl=2 l=  27 cons: cont [ 0 ]        
   20:d=5  hl=2 l=   9 prim: OBJECT            :PBKDF2
   31:d=5  hl=2 l=  14 cons: SEQUENCE          
   33:d=6  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:91923125EC5C328F
   43:d=6  hl=2 l=   2 prim: INTEGER           :07D0
   47:d=4  hl=2 l=  35 cons: SEQUENCE          
   49:d=5  hl=2 l=  11 prim: OBJECT            :1.2.840.113549.1.9.16.3.9
   62:d=5  hl=2 l=  20 cons: SEQUENCE          
   64:d=6  hl=2 l=   8 prim: OBJECT            :des-ede3-cbc
   74:d=6  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:9F040621A5AF002B
   84:d=4  hl=2 l=  32 prim: OCTET STRING      [HEX DUMP]:52237B22E48C5D579DBA6FD457DFC47C7C9F244306F3856CE98826C5657E9B60
  118:d=2  hl=4 l= 701 cons: SEQUENCE          
  122:d=3  hl=2 l=   9 prim: OBJECT            :pkcs7-data
  133:d=3  hl=2 l=  20 cons: SEQUENCE          
  135:d=4  hl=2 l=   8 prim: OBJECT            :des-ede3-cbc
  145:d=4  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:4620AEA54621405F
  155:d=3  hl=4 l= 664 prim: cont [ 0 ]        
  823:d=1  hl=2 l=   2 prim: INTEGER           :0100

and some code:

 var ed = EnvelopedData.GetInstance(encodedkey);
Was it helpful?

Solution

Seems some wrapper code is missing from the der-data above:

            var bs = new MemoryStream();
            var constructeddata = new DerSequenceGenerator(bs);
            constructeddata.AddObject(new DerObjectIdentifier("1.2.840.1.113549.1.7.3"));
            constructeddata.AddObject(new DerTaggedObject(true, 0, ed));
            //constructeddata.AddObject(ed.ToAsn1Object());
            constructeddata.Close();

            var derdata = bs.ToArray();


            var cms = new CmsEnvelopedData(derdata);

So what I do is adding a top layer to the data. ed is the EnvelopedData that I was able to import from the der-data.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top