verifying signature-test: no content type #4
Comments
|
This isn't a surprise, but using signpass executable has no problems at all. It comes with the PassKit support materials in the Wallet Developer Guide. Still, it would be nice to write more tests for this library, and unmarshalling the asn1 seems like the first step. By the way, I am using Go 1.6 rc1 right now, but the same error occurs on Go 1.5 and Go 1.4. |
|
For a different approach, I tried unmarshalling (in Go) a signature from one of Apple's sample passes. That didn't work either, but with a different error: Apple is using (CMS) based on RFC 3852 which uses BER. There is a newer RFC 5652 as well. Go's asn1 package only supports the DER subset. golang/go#12267 So while it's possible to encode something Apple will accept, it's not possible to build a full CMS implementation without also reimplementing asn1 to support BER. Not that we necessarily need full CMS. This issue is just about trying to find a way to test this code. |
|
I am able to unmarshal when using https://github.com/st3fan/gocrypto |
Though the code is working for Safari push and Passbook passes, if I asn1.Unmarshal the result in a test, I get an error:
asn1: syntax error: sequence truncated
CFSSL's ParsePKCS7 gives the same error.
If I import "github.com/cloudflare/cfssl/crypto/pkcs7"
I'm not sure if I'm doing this right, but calling openssl to verify the output gives this error:
> /usr/local/opt/openssl/bin/openssl smime -verify -in signature-test Error reading S/MIME message 140735153643600:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type:asn_mime.c:440:The text was updated successfully, but these errors were encountered: