search

PeculiarVentures / PKI.js

PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
http://pkijs.org
Other
1.3k stars 204 forks source link

Apparent schema violation when attempting to parse P7B files. #269

Closed xomilders closed 4 years ago

xomilders commented 4 years ago

I am attempting to read P7B files and am running into an issue where the schema comparison fails. I am new to PKI, so perhaps I am overlooking something. I started with the simple P7B example code by trying to parse the resultant BASE64 encoded output. Below is my attempt, which ends up with the error message:

"Uncaught Error: Object's schema was not verified against input data for ContentInfo"

It fails this test in compareSchema: if(inputSchema.idBlock.tagNumber !== inputData.idBlock.tagNumber) Thank you for your help, and for this project! 

var p7b64=`-----BEGIN CMS-----
MIIIfQYJKoZIhvcNAQcCoIIIbjCCCGoCAQExADALBgkqhkiG9w0BBwGggghSMIIC
wjCCAaygAwIBAgIBATALBgkqhkiG9w0BAQUwHjEcMAkGA1UEBhMCUlUwDwYDVQQD
HggAVABlAHMAdDAeFw0xMzAxMDEwNTAwMDBaFw0xNjAxMDEwNTAwMDBaMB4xHDAJ
BgNVBAYTAlJVMA8GA1UEAx4IAFQAZQBzAHQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuu+j+s76aEDCOTHE0niGgm2nw01yU0vAnbdsWPzwglcNb3WZQ
bmq0joMQH22YNniyHXJTmFThp8+uWCSRdDeH9VJwIloe/CTzKFg6i2nwi6jn8Ygf
GZJq9imjU1rnfSP2VZMMKdJ+bDlLSOum7QPKtI2LooTUhfCpEh7FN8qEM6XbBHay
NJy6jzWIpI6dlgbIvLmR2jpXjdHfkGzGmAJRg8eOEYmfsBlsADwS5RtfS6rwTN9Q
X/SfsuZvPeUmNTJq+GI0PQ/JHBjghoVtSfqNq17fvr3M/9+9gULAy7JP69MJwe3B
Fc44sNDhYFOuCMV0QwgyESDNRPSK0JZUs5ztAgMBAAGjDzANMAsGA1UdDwQEAwIA
AjALBgkqhkiG9w0BAQUDggEBAACeGmkYNgkfRXakuRN+8PRXqlNrVyFYbO3Pw40n
mnWc/U1oZVzVob0hSEo8DunvFGAusc+qGPBkd/HKopZN24ZBI27DQIBqeoFjLRHd
/ziGfUewmFisTcG3Xh2Kh/FeGXH/jRjF8Adr/HYN/9zvjJoED99+yLFnsxGFjLWi
L9i2/M+5SiZwxIZL0n6jcR7H5oMLB8iex4ZWzUw+GjCgctzU2ivr9VCqCuEjZz4H
lZRDJTku5+OYMpO0ZUpy4BaNp7KqIdfyKYJt0ElEQrT+qku6vfCaOFZwdJC6TOEW
NlU8jmF+HpowoTmLrTIGJjopQuKbr0bUDHf4OueU6U+PgMswggLCMIIBrKADAgEC
AgEBMAsGCSqGSIb3DQEBBTAeMRwwCQYDVQQGEwJSVTAPBgNVBAMeCABUAGUAcwB0
MB4XDTEzMDEwMTA1MDAwMFoXDTE2MDEwMTA1MDAwMFowHjEcMAkGA1UEBhMCUlUw
DwYDVQQDHggAVABlAHMAdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK676P6zvpoQMI5McTSeIaCbafDTXJTS8Cdt2xY/PCCVw1vdZlBuarSOgxAfbZg2
eLIdclOYVOGnz65YJJF0N4f1UnAiWh78JPMoWDqLafCLqOfxiB8Zkmr2KaNTWud9
I/ZVkwwp0n5sOUtI66btA8q0jYuihNSF8KkSHsU3yoQzpdsEdrI0nLqPNYikjp2W
Bsi8uZHaOleN0d+QbMaYAlGDx44RiZ+wGWwAPBLlG19LqvBM31Bf9J+y5m895SY1
Mmr4YjQ9D8kcGOCGhW1J+o2rXt++vcz/372BQsDLsk/r0wnB7cEVzjiw0OFgU64I
xXRDCDIRIM1E9IrQllSznO0CAwEAAaMPMA0wCwYDVR0PBAQDAgACMAsGCSqGSIb3
DQEBBQOCAQEAAJ4aaRg2CR9FdqS5E37w9FeqU2tXIVhs7c/DjSeadZz9TWhlXNWh
vSFISjwO6e8UYC6xz6oY8GR38cqilk3bhkEjbsNAgGp6gWMtEd3/OIZ9R7CYWKxN
wbdeHYqH8V4Zcf+NGMXwB2v8dg3/3O+MmgQP337IsWezEYWMtaIv2Lb8z7lKJnDE
hkvSfqNxHsfmgwsHyJ7HhlbNTD4aMKBy3NTaK+v1UKoK4SNnPgeVlEMlOS7n45gy
k7RlSnLgFo2nsqoh1/Ipgm3QSURCtP6qS7q98Jo4VnB0kLpM4RY2VTyOYX4emjCh
OYutMgYmOilC4puvRtQMd/g655TpT4+AyzCCAsIwggGsoAMCAQICAQEwCwYJKoZI
hvcNAQEFMB4xHDAJBgNVBAYTAlJVMA8GA1UEAx4IAFQAZQBzAHQwHhcNMTMwMTAx
MDUwMDAwWhcNMTYwMTAxMDUwMDAwWjAeMRwwCQYDVQQGEwJSVTAPBgNVBAMeCABU
AGUAcwB0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrvo/rO+mhAw
jkxxNJ4hoJtp8NNclNLwJ23bFj88IJXDW91mUG5qtI6DEB9tmDZ4sh1yU5hU4afP
rlgkkXQ3h/VScCJaHvwk8yhYOotp8Iuo5/GIHxmSavYpo1Na530j9lWTDCnSfmw5
S0jrpu0DyrSNi6KE1IXwqRIexTfKhDOl2wR2sjScuo81iKSOnZYGyLy5kdo6V43R
35BsxpgCUYPHjhGJn7AZbAA8EuUbX0uq8EzfUF/0n7Lmbz3lJjUyavhiND0PyRwY
4IaFbUn6jate3769zP/fvYFCwMuyT+vTCcHtwRXOOLDQ4WBTrgjFdEMIMhEgzUT0
itCWVLOc7QIDAQABow8wDTALBgNVHQ8EBAMCAAIwCwYJKoZIhvcNAQEFA4IBAQAA
nhppGDYJH0V2pLkTfvD0V6pTa1chWGztz8ONJ5p1nP1NaGVc1aG9IUhKPA7p7xRg
LrHPqhjwZHfxyqKWTduGQSNuw0CAanqBYy0R3f84hn1HsJhYrE3Bt14diofxXhlx
/40YxfAHa/x2Df/c74yaBA/ffsixZ7MRhYy1oi/YtvzPuUomcMSGS9J+o3Eex+aD
CwfInseGVs1MPhowoHLc1Nor6/VQqgrhI2c+B5WUQyU5LufjmDKTtGVKcuAWjaey
qiHX8imCbdBJREK0/qpLur3wmjhWcHSQukzhFjZVPI5hfh6aMKE5i60yBiY6KULi
m69G1Ax3+DrnlOlPj4DLMQA=
-----END CMS-----`;
const cmsSignedBuffer = stringToArrayBuffer(fromBase64(p7b64));
var asn1 = asn1js.fromBER(cmsSignedBuffer);
var cmsContentSimpl = new ContentInfo({ schema: asn1.result });
var certSimpl = new SignedData({ schema: cmsContentSimpl.content });
rmhrisk commented 4 years ago

Have you looked at the CMS example?

https://pkijs.org/examples/CMSSigned_complex_example.html https://github.com/PeculiarVentures/PKI.js/blob/master/examples/CMSSignedComplexExample/es6.js#L626

image

YuryStrozhevsky commented 4 years ago

@xomilders You need to remove -----BEGIN CMS----- and -----END CMS----- before BASE-64 decoding. This is an example on how to do it.

xomilders commented 4 years ago

Thank you so much! I love PKIJS and you guys rock!

Best,

Seth

From: Yury Strozhevsky notifications@github.com Sent: Wednesday, May 6, 2020 10:47 PM To: PeculiarVentures/PKI.js PKI.js@noreply.github.com Cc: Seth Milder Seth.Milder@exostar.com; Mention mention@noreply.github.com Subject: [EXTERNAL] Re: [PeculiarVentures/PKI.js] Apparent schema violation when attempting to parse P7B files. (#269)

[EXTERNAL] This message was sent from outside of the company. Please do not click links or open attachments unless you recognize the source of this email and know the content is safe [EXTERNAL]

@xomildershttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_xomilders&d=DwMCaQ&c=yxs-RFWkWn8KB3WfNxyKm4KwWvDQl23UirZECW_SfJE&r=xA2pJtoA2nsGkro7-NB4soIrar8IC41dO3tGxJdXrvE&m=K_RC7u0SxToTB3HV7VPraW6HfTa-582oKhrBl75ggYc&s=zPnBESgJQ-3ytaWMWTqNiHYmL7CWALV8yP1Zk7ZWCwk&e= You need to remove -----BEGIN CMS----- and -----END CMS----- before BASE-64 decoding. This is an examplehttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PeculiarVentures_PKI.js_blob_master_examples_PKCS10ComplexExample_es6.js-23L199&d=DwMCaQ&c=yxs-RFWkWn8KB3WfNxyKm4KwWvDQl23UirZECW_SfJE&r=xA2pJtoA2nsGkro7-NB4soIrar8IC41dO3tGxJdXrvE&m=K_RC7u0SxToTB3HV7VPraW6HfTa-582oKhrBl75ggYc&s=-Moo0yMjjncnSHFRX7rDr2-QYb7YgoJtnFppAmfFoVw&e= on how to do it.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PeculiarVentures_PKI.js_issues_269-23issuecomment-2D624997311&d=DwMCaQ&c=yxs-RFWkWn8KB3WfNxyKm4KwWvDQl23UirZECW_SfJE&r=xA2pJtoA2nsGkro7-NB4soIrar8IC41dO3tGxJdXrvE&m=K_RC7u0SxToTB3HV7VPraW6HfTa-582oKhrBl75ggYc&s=BAs30rtktLgTmZtMW24Y30tswGj4ydi72KCJN4XmvFE&e=, or unsubscribehttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_APPHDZ4K2R6SEIDBTFVF2ADRQIOJVANCNFSM4M2VRY2Q&d=DwMCaQ&c=yxs-RFWkWn8KB3WfNxyKm4KwWvDQl23UirZECW_SfJE&r=xA2pJtoA2nsGkro7-NB4soIrar8IC41dO3tGxJdXrvE&m=K_RC7u0SxToTB3HV7VPraW6HfTa-582oKhrBl75ggYc&s=EpbnPzqdBM6bomCMvwKo7KOZVYBp7X5SKyEBr3XzbGA&e=.