0

Given the following asn.1 message, how is the sha256 message digest, "8798168E6F7F3118EDE8522B6336DFB56CFDF95DB7063CB7230EF00B4D666D1A", calculated? I realize it is a 32 byte hash of some data. What specific data is used to calculate the hash? This is a tr34 document. Using openssl, I should be able to come up with the same hash as long as I'm using the same chunck of data from the message. 

-----BEGIN TR34_Sample_UBT_KDH PEM File-----
MIIEPAYJKoZIhvcNAQcCoIIELTCCBCkCAQExDTALBglghkgBZQMEAgEwWwYJKoZI
hvcNAQcBoE4ETDBKMEExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxUUjM0IFNhbXBs
ZXMxGzAZBgNVBAMTElRSMzQgU2FtcGxlIENBIEtSRAIFNAAAAAehggHYMIIB1DCB
vQIBATANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVFIz
NCBTYW1wbGVzMRswGQYDVQQDExJUUjM0IFNhbXBsZSBDQSBLREgXDTEwMTEwMjE3
MzMzMFoXDTEwMTIwMjE3MzMzMFowSDAWAgU0AAAACBcNMTAxMTAyMTcyODEzWjAW
AgU0AAAAChcNMTAxMTAyMTczMTQ2WjAWAgU0AAAACxcNMTAxMTAyMTczMzI1WjAN
BgkqhkiG9w0BAQsFAAOCAQEANvBqPIisvPqfjjsIUO7gmpz3tbKRiG5RDTSf5fBc
G9t9nznk6mUIgo8u0+55Y8hYdFJ5XDlGKwYNW5csmnte+JChk8VyJdHIjVbu0dA/
fpp1hw1gTRXgEv/XuFBupLoU57UQGMFtjZ77asXFFWhrE04WsdZ/Hov0PI/JpguW
FK3M6a9pwnqUU9QmNE9rFEUO5YOCFHQeq/f4fxUqkxn62e07SBoRPAM2PSmt0C4w
MTopOvwYe3JSmPsUxdmXlnhaJswZzwfCvJojuPb27hmgB5BPS/Yy3P3n8oJfMS/m
KOPQxxzVC7CO5ATipfARoLWrTyphJ14lAJ2uAGYO/zLWwzGCAdowggHWAgEBMEow
QTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDFRSMzQgU2FtcGxlczEbMBkGA1UEAxMS
VFIzNCBTYW1wbGUgQ0EgS0RIAgU0AAAABjALBglghkgBZQMEAgGgZTAYBgkqhkiG
9w0BCQMxCwYJKoZIhvcNAQcBMBgGCiqGSIb3DQEJGQMxCgQIfeocAIlOJGowLwYJ
KoZIhvcNAQkEMSIEIIeYFo5vfzEY7ehSK2M237Vs/fldtwY8tyMO8AtNZm0aMA0G
CSqGSIb3DQEBAQUABIIBAE80v8n2d8D3kBFwR7HqYM/TMltuf10kfDrB8LYMqLLp
JXOhQctjYBetCTDQ0kK75szZyaapV1cjmowsmfwejK6IrS1qtueiVsjFLmqROECz
QiqSdSZ/iPZ82Brdkwd//jD20n2XYIpdmBUhSL7XD65DPz963KcSYARf9bPkK1wK
FB9ozwsW4YeuT2Rv0QpwCBJEKspvIpKM8D8pJQHT+3cEMGurGVQtvXaG396YuOJs
qg4mLN+92YRSBY61rRrlFxX4ARwtn6a9RuHW8P+dOTYkT9t0msZByYdJrk8V2oyQ
VtM8wqN6incGM24kRrcZvoU5lsEz9brY6Uz/wvC+JB0=
-----END TR34_Sample_UBT_KDH PEM File-----

Here is another form of the message:

3082043C06092A864886F70D010702A082042D30820429020101310D300B0609608648016503040201305B06092A864886F70D010701A04E044C304A3041310B300906035504061302555331153013060355040A130C545233342053616D706C6573311B301906035504031312545233342053616D706C65204341204B524402053400000007A18201D8308201D43081BD020101300D06092A864886F70D01010B05003041310B300906035504061302555331153013060355040A130C545233342053616D706C6573311B301906035504031312545233342053616D706C65204341204B4448170D3130313130323137333333305A170D3130313230323137333333305A3048301602053400000008170D3130313130323137323831335A30160205340000000A170D3130313130323137333134365A30160205340000000B170D3130313130323137333332355A300D06092A864886F70D01010B0500038201010036F06A3C88ACBCFA9F8E3B0850EEE09A9CF7B5B291886E510D349FE5F05C1BDB7D9F39E4EA6508828F2ED3EE7963C8587452795C39462B060D5B972C9A7B5EF890A193C57225D1C88D56EED1D03F7E9A75870D604D15E012FFD7B8506EA4BA14E7B51018C16D8D9EFB6AC5C515686B134E16B1D67F1E8BF43C8FC9A60B9614ADCCE9AF69C27A9453D426344F6B14450EE5838214741EABF7F87F152A9319FAD9ED3B481A113C03363D29ADD02E30313A293AFC187B725298FB14C5D99796785A26CC19CF07C2BC9A23B8F6F6EE19A007904F4BF632DCFDE7F2825F312FE628E3D0C71CD50BB08EE404E2A5F011A0B5AB4F2A61275E25009DAE00660EFF32D6C3318201DA308201D6020101304A3041310B300906035504061302555331153013060355040A130C545233342053616D706C6573311B301906035504031312545233342053616D706C65204341204B444802053400000006300B0609608648016503040201A065301806092A864886F70D010903310B06092A864886F70D0107013018060A2A864886F70D01091903310A04087DEA1C00894E246A302F06092A864886F70D010904312204208798168E6F7F3118EDE8522B6336DFB56CFDF95DB7063CB7230EF00B4D666D1A300D06092A864886F70D0101010500048201004F34BFC9F677C0F790117047B1EA60CFD3325B6E7F5D247C3AC1F0B60CA8B2E92573A141CB636017AD0930D0D242BBE6CCD9C9A6A95757239A8C2C99FC1E8CAE88AD2D6AB6E7A256C8C52E6A913840B3422A9275267F88F67CD81ADD93077FFE30F6D27D97608A5D98152148BED70FAE433F3F7ADCA71260045FF5B3E42B5C0A141F68CF0B16E187AE4F646FD10A700812442ACA6F22928CF03F292501D3FB7704306BAB19542DBD7686DFDE98B8E26CAA0E262CDFBDD98452058EB5AD1AE51715F8011C2D9FA6BD46E1D6F0FF9D3936244FDB749AC641C98749AE4F15DA8C9056D33CC2A37A8A7706336E2446B719BE853996C133F5BAD8E94CFFC2F0BE241D
traviscoder
  • 1

1 Answers1

1

This is a CMS-formerly-PKCS7 SignedData message defined in rfc5652 et pred with signedattrs. The digest you quote, which is the messagedigest element in signedattrs, is as described in 5.4 the digest of the value part of the OCTET STRING eContent in encapContentInfo, as described in 5.2.

Since you didn't show any code to start from, here's just about the absolute minimum:

#include <stdio.h>
#include <openssl/cms.h>
#include <openssl/bio.h>
#include <openssl/asn1.h>

int main (void){
  unsigned char hash[32]; 

  // TEST CODE doesn't check or handle errors; DON'T USE FOR REAL
  BIO *in = BIO_push (BIO_new(BIO_f_base64()), BIO_new_file ("54262612.pem","r"));
  // file's PEM type not understood by PEM_read_PKCS7; rather than fixing
  PKCS7 *outer = d2i_PKCS7_bio (in, NULL); // just bypass it
  // assume signeddata with (nonomitted) content octetstring; should check
  ASN1_OCTET_STRING *cont = outer->d.sign->contents->d.data;

  // assume hash is sha256; should check digestalgs and signerinfo(s)
  EVP_Digest (cont->data, cont->length, hash, NULL, EVP_sha256(), NULL);
  for( int i = 0; i < 32; i++ ) printf ("%02x", hash[i]); putchar ('\n');
  return 0;
}
Community
  • 1
  • 1
dave_thompson_085
  • 34,712
  • 6
  • 50
  • 70
  • Thanks for the response. I should have provided a code sample. C is not my strong language. I will try to get it to compile and test. Here it is in php: $hex = hex2bin($data);$r = strtoupper(hash($v, $hex, false)); I'm looking for the value of $data – traviscoder Jan 19 '19 at 20:15
  • Thanks! The c program worked and calculated the same hash. I was able to see enough of the data to pull it from the original string. Here's the data that was used in the hash: 304A3041310B300906035504061302555331153013060355040A130C545233342053616D706C6573311B301906035504031312545233342053616D706C65204341204B524402053400000007 – traviscoder Jan 20 '19 at 00:04
  • Follow up... can you tell what data was used to generate the signature at the bottom of the message? I have the public key, but I can't seem to get it to validate because I don't know what data was used. – traviscoder Jan 21 '19 at 22:07
  • That's described in 5.4; it's the DER re-encoding of the signedattrs with its 'natural' SET OF tag not the CONTEXT-0 tag in the actual message. BTW if what you wanted was to fully verify the message, you should match digest _and type_ of content to signedattrs, verify signature of signedattrs under the cert, _and validate the cert_, all of which PHP crypto could do for you as long as it's in a file and SMIME format (which is a minor tweak). – dave_thompson_085 Jan 23 '19 at 00:20
  • Correct again. I re-encoded the CONTEXT-0 tag with a 31xx SET OF tag and it validated with the public key right away. I'm reviewing section 5 again.Thanks! – traviscoder Jan 23 '19 at 03:40