Tenemos esto como el mensaje cifrado PKCS # 7. Nos gustaría abrir esto para su revisión y análisis aquí, para que la gente haga agujeros. Esta muestra se genera a través de certificados de prueba y claves. La preocupación no es sobre la información del certificado, sino que el cifrado y las firmas están bien. No espero descifrar el cifrado (!), Solo estoy asegurando que no se filtren datos de la privacidad y autenticidad del mensaje envuelto.
En otras palabras, ¿qué información puede extraer del mensaje a continuación?
Pongo el formato PEM sin formato del mensaje, así como la salida openssl asn1parse -in test.pem -i
.
-----BEGIN PKCS7-----
MIIHqwYJKoZIhvcNAQcDoIIHnDCCB5gCAQAxggGfMIIBmwIBADCBgjB9MQswCQYDVQQGEwJVUzEL
MAkGA1UECAwCQ0ExFDASBgNVBAcMC0xvcyBBbmdlbGVzMRowGAYDVQQKDBFUZXN0IE9yZ2FuaXph
dGlvbjELMAkGA1UECwwCSFExIjAgBgNVBAMMGVRlc3QgT3JnYW5pemF0aW9uIFJvb3QgQ0ECAQIw
DQYJKoZIhvcNAQEHMAAEggEAVJHGSFRzZUg/FW0RSZKx4nKblLvMHYrLgBY7CcNn3SY7mPvZ/SLL
wzI65BCfe4aI0HfkYndplwYRpywG7sUDOYS+dmTJAGcA0vZ3Su6kdbE1YrWEJT80sSo4wtHwzbkL
oe3W+t2xglO1WcMattZK17cU0QhbdJMFTS9qXeBOpM8n+o6a35nPv2pzkRZJWRQq2zz3z0/XBEW9
pan7JDnDN9lgaTh1efP62omhhwI6v9gpCTmn40xHM+BMinJGC3ILY86A/WtEqdRWUGYkk755qnM3
rr6xxFQ7k/Ev8tVu554y5zUDPz2CRZ6Mcx2oPFkscrk7tWZROQGCVeuU3OWk1zCCBe4GCSqGSIb3
DQEHATAdBglghkgBZQMEASoEEGpTesn+FCVb/+8/iMd58qGAggXApgaWdRHIwLjvgUYDgE3JHEbE
JMVwrw7/kh9aELPPKpnxWksp/GdivBsIy+gsYC1tRpvyorqofF31mt3TVP4TH4lisojVESyVIRz/
7KBZDctMdy9P2rQuA2WXdMiC8CNiASXDGPpBm1JBmLrKUoU/xthMCigCWtITb8mTkHtLZfforfcv
SrTRV4wIG9XHb/IjyEomSfjC4kkWiBogUMFwClZ3vlMFIR0IKCdyUC1wiId2rHreprlSDvy/5hY9
ZhcidNhkhX8nZ3SX3UED1so03ObHtQoFlQVqwAXHWXERQT65SWA3ESnLpxk+UTi/8mkAbFvbqB6q
928hz/N/1TKODf/Xvs3VWzDHbZbJQGVGSm5inSjT9giJuoAQ07YhvddaTVqTsqLgkRh6E4OGMjke
c8VH7OP3dIJx+QWfCVM7uWwtUZEZY3w237EUrtk8snHqr6jqE43OqU2mFisA4bbNqCh+61ytU06T
jid8yXphz37S7RIvOTRH9xZ7a4y+My9nb0RJvK5TMahCrVppulsZBnAs0mAcPrrGar921tLpCNWy
WoYCro9uSwd2fupnaYHaySVOTLicttLNH93aSdIIUfiVoGLyUTHyHig1fy63Vg8TTV0RJpCYokkg
Raz5K0/Rx5mBmpcdZRFKlBzLUVvDU7SI1N7nLanL8kG6dk9MmdPD2JOTYspFBVtxlUhQKXY/PUd3
MrA9mImqN1Ate3lI4WTeM28cCtxqWCrg5fWB7pSp/NytH2cfb5O5g6eIsczvnaHFr5oTpdc3LOQG
2LoXo8FdblUEV7ek2wKW18/BEStVmmLWupKyvBnje7xQphfDtr0DKwsfsbcy34WTjrWk0E501LKU
a/Q/1XQo5YxyABKcsSMZiwPxBTgjkGZJMGRX2KqNgt9EYKhh5gnCWSyic3Q1bRb1xUDtDAsx+PMm
H4yX7dqUSwEBNs+CxkMKSlodYqOqy/V8f8taYsDh5fmJBbNXq1EdyjdbG87xYieMEzh/kGxKh9q9
WPu+tVEUjDixoPIfJjOeolRnfBOqiHnMQWKOW27AhFyr3zre2xOvn5OO89Y/+62qkDxiy0/wKPTZ
B4Y1mZKN79BlEipC+FHTO8LpUWzrqMhxRQRhtTwtcWEuLTkMZROKwiVOopz66oDw3BRZfdv2uLG8
QogQtdh+/yiu8iL0zhMyx09R29GWX4BDS+cx6GXz9sUal8zx9lvFpklNEqKuBmU5VNmVlB93Vsoz
kk+AZ4xQkiboJNT2Trs+dg7LqAV6LV/5BbVQHD0pzVXuSukoLuWDIiygK0J+j93JJqPuY5ViJDRe
CXIKgLeWTx4fQos51VnsuaJi4sOgbxXPw3dAp935XmdXFQozFvSXZLLCjpJ248oW40uNFDpnaD4k
5DOpOtYq+YzZqJKjlsWVjLgjoAf8FLcp4iBRmEFhOdHDv3241rdA1RyIEaik9mIGisldz+mPeNXq
RoMhvAU5EvTCUiTgzXA1NyywNi0uBY7UHHUUnIcHWKROh1xPg25FcraUCU1txhpT2Gb7YcxaYi59
Og5V/4x4ewLwaxm6W2PTgnTxW740IsT4iJQXxn3UggxDHcjgU3XxfQxwh0Un5tnVBl2uH4lNyfCr
vvN4tFib3/Os/7JdOe0R/4dJIkFjuVgNIMWAL5XiuhxyaJCNTTurTYu1nzQBrjmBowO+bnfmefSR
6Xv9HtrRqC4irk+W9I9PIjZvwKvhknOO627w5okP7pGaj8DDE5Y0NaBBhA0C+4k3eK9s0+6mBt8Q
SIMyzPPsGEyQcOOPNnQOTjSdkZcab4q8InIOmXq91hE4n9u5qEOpfsxPG8+16dm9FVxqPf7d0XyT
xVzIescFdBtwaY0OjcONaDEwoO+tpHP03iLKRXgEvwPwM/SeSt66jCWuvk6VGgNM2na3ExeFVBCg
W4OWocR1egyG2ClhRoZPa+6HPsJAnlq+JxcBm0E=
-----END PKCS7-----
Salida de análisis OpenSSL ASN1:
0:d=0 hl=4 l=1963 cons: SEQUENCE
4:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-envelopedData
15:d=1 hl=4 l=1948 cons: cont [ 0 ]
19:d=2 hl=4 l=1944 cons: SEQUENCE
23:d=3 hl=2 l= 1 prim: INTEGER :00
26:d=3 hl=4 l= 415 cons: SET
30:d=4 hl=4 l= 411 cons: SEQUENCE
34:d=5 hl=2 l= 1 prim: INTEGER :00
37:d=5 hl=3 l= 130 cons: SEQUENCE
40:d=6 hl=2 l= 125 cons: SEQUENCE
42:d=7 hl=2 l= 11 cons: SET
44:d=8 hl=2 l= 9 cons: SEQUENCE
46:d=9 hl=2 l= 3 prim: OBJECT :countryName
51:d=9 hl=2 l= 2 prim: PRINTABLESTRING :US
55:d=7 hl=2 l= 11 cons: SET
57:d=8 hl=2 l= 9 cons: SEQUENCE
59:d=9 hl=2 l= 3 prim: OBJECT :stateOrProvinceName
64:d=9 hl=2 l= 2 prim: UTF8STRING :CA
68:d=7 hl=2 l= 20 cons: SET
70:d=8 hl=2 l= 18 cons: SEQUENCE
72:d=9 hl=2 l= 3 prim: OBJECT :localityName
77:d=9 hl=2 l= 11 prim: UTF8STRING :Los Angeles
90:d=7 hl=2 l= 26 cons: SET
92:d=8 hl=2 l= 24 cons: SEQUENCE
94:d=9 hl=2 l= 3 prim: OBJECT :organizationName
99:d=9 hl=2 l= 17 prim: UTF8STRING :Test Organization
118:d=7 hl=2 l= 11 cons: SET
120:d=8 hl=2 l= 9 cons: SEQUENCE
122:d=9 hl=2 l= 3 prim: OBJECT :organizationalUnitName
127:d=9 hl=2 l= 2 prim: UTF8STRING :HQ
131:d=7 hl=2 l= 34 cons: SET
133:d=8 hl=2 l= 32 cons: SEQUENCE
135:d=9 hl=2 l= 3 prim: OBJECT :commonName
140:d=9 hl=2 l= 25 prim: UTF8STRING :Test Organization Root CA
167:d=6 hl=2 l= 1 prim: INTEGER :02
170:d=5 hl=2 l= 13 cons: SEQUENCE
172:d=6 hl=2 l= 9 prim: OBJECT :rsaesOaep
183:d=6 hl=2 l= 0 cons: SEQUENCE
185:d=5 hl=4 l= 256 prim: OCTET STRING [HEX DUMP]:5491C648547365483F156D114992B1E2729B94BBCC1D8ACB80163B09C367DD263B98FBD9FD22CBC3323AE4109F7B8688D077E4627769970611A72C06EEC5033984BE7664C9006700D2F6774AEEA475B13562B584253F34B12A38C2D1F0CDB90BA1EDD6FADDB18253B559C31AB6D64AD7B714D1085B7493054D2F6A5DE04EA4CF27FA8E9ADF99CFBF6A7391164959142ADB3CF7CF4FD70445BDA5A9FB2439C337D96069387579F3FADA89A187023ABFD8290939A7E34C4733E04C8A72460B720B63CE80FD6B44A9D45650662493BE79AA7337AEBEB1C4543B93F12FF2D56EE79E32E735033F3D82459E8C731DA83C592C72B93BB5665139018255EB94DCE5A4D7
445:d=3 hl=4 l=1518 cons: SEQUENCE
449:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
460:d=4 hl=2 l= 29 cons: SEQUENCE
462:d=5 hl=2 l= 9 prim: OBJECT :aes-256-cbc
473:d=5 hl=2 l= 16 prim: OCTET STRING [HEX DUMP]:6A537AC9FE14255BFFEF3F88C779F2A1
491:d=4 hl=4 l=1472 prim: cont [ 0 ]