Closed lolepezy closed 5 years ago
ocheron
commented
5 years ago I added an example with verifySignedData in ea4f5d227896af090d5a61d81d43be5dbf1adf42.
For parsing I'm not ready to expose internals until I know what to do for streaming content. In the meantime it should be possible to add functions to read CMS from raw BER/DER. As workaround you can probably wrap the binary content in a PEM record and use pemToContentInfo.
lolepezy
commented
5 years ago Thank you for the example!
I tried to use something like:
parseCMS :: B.ByteString -> Maybe ContentInfo
parseCMS bs = pemToContentInfo pem
where pem = PEM { pemName = "CMS", pemHeader = [], pemContent = bs}but Crypto.Store.CMS.PEM and , Crypto.Store.PEM are both hidden.
ocheron
commented
5 years ago pemToContentInfo is exposed from module Crypto.Store.CMS.
Data type PEM is available in module Data.PEM from package pem.
lolepezy
commented
5 years ago Thanks! In my case this resulted in something like "Unsupported CMS type" error, which is a completely different issue.
Hi,
I have found your library as an option to implement the https://tools.ietf.org/html/rfc6488 for RPKI objects. What I need is to parse them and verify signatures and cryptostore seems to be a reasonable solution for that. However, I can see that it is only possible to read PEM-formated objects at the moment, while I have raw ASN1 binaries. I tried to use something like this
to get, say,
Maybe ContentInfobut all these functions are in hidden modules.1) So, is there a way to have something like [(ASN1, e)] -> Either Error ContentInfo? 2) Could you point me to some example of signature verification for CMS objects? RFC is not exactly clear about it, so it would be nice to see an example of verifySignedData usage or something of that sort.
Thanks.