Unable to parse Code Signing Certificate for Microsoft

[tehmoon]

Hi!

First off, many thanks for taking the time to do this useful lib!!

For a side project, I was trying to parse certificates inside exe files -- PE format -- to get the expiration date.

I'll skip the details on how to do it, but it turns out it's using PKCS7 format to store the certificate chain, hence the use of this lib.

When I call Parse() with the payload in DER this is what I get:

structure error: tags don't match (4 vs {class:0 tag:16 length:23 isCompound:true}) {optional:false explicit:false application:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} unsignedData @2

I had to patch the library and can make a PR if that's necessary: https://github.com/tehmoon/pkcs7/commit/8f1294642f99e46c11e0069a998d74fd28ad7824

As you can see, I de-serialize using RawValue and passing the underlying bytes. I didn't dig much further so I have no idea what's wrong.

I've attached the pkcs7 data in hex string format: data.hex.txt

Even though the patch works well for me, I thought about opening an issue to contribute a little bit.

[atvaccaro]

Not sure if you're still around, but I still get the same error message with the patch.

[tehmoon]

@atvaccaro yes still around! Could you tell me more about still get the same error message please? If you could share the data that is being parse that would be cool.

[atvaccaro]

Whoops, just went on vacation! I'd been getting the tags don't match error. I ended up just using golang.org/x/crypto/pkcs12 and switching to a PKCS12 file.

[tehmoon]

OK! let me know if you switch back to pkcs7 for some reason :p