Re: Extracting a timestamp from a PKCS#7

From: Michel Gallant (neutron_at_istar.ca)
Date: 10/24/05 

Date: Mon, 24 Oct 2005 17:42:14 -0400

Cool!
I believe there is some "Microsoft-isms" in timestamping used in
PE (e.g. executable) signatures ..
(the Authenticode time-stamp is a time-stamp what is validated by a
 TRUSTED time-stamp service .. unlike the usual PKCS#7 Signing Time
attribute)
There used to be a good article on MS site about this type of Authenticode
timestamp signature, but it has vanished .. :-(
In fact, I've had to send a screen-shot version of it to some MS folks that couldn't
retrieve it from their own archives LOL
 - Mitch Gallant
   MVP Security
   www.jensign.com

<smveloso@gmail.com> wrote in message news:1130184470.826939.102750@g44g2000cwa.googlegroups.com...
Hi Michel,

  Thank you very much !

  I checked the function documentation and I think it´s just what I
needed.

  By the way, I did some research on the pkcs standards, and, just in
case someone finds it interesting, the pkcs#9 (rfc 2985 is publicly
available) does describe how the timestamp is encoded.

  Thank you once more,
  Sérgio

Michel Gallant wrote:
> The Crypt_ATTR_BLOB contains the asn encoded UTC time.
> So you will need to CryptDecodeObject(..) with the oid szOID_RSA_signingTime
> See also:
> http://groups.google.com/group/microsoft.public.platformsdk.security/browse_thread/thread/e675726633a4c13b/d5bc97504a810cab
>
> - Mitch Gallant
> MVP Security
>
>
> <smveloso@gmail.com> wrote in message news:1129924858.840418.31480@o13g2000cwo.googlegroups.com...
> Hi,
>
> I am having problems trying to retrieve the timestamp encoded in a
> pkcs#7 digital signature.
>
> I am using MS CryptoAPI and I extract the authenticated attribute
> using the CryptMsgGetParam(...) function. After all processing is done,
> I get a pointer to a CRYPT_ATTR_BLOB structure, which in turn provides
> me with a BYTE* (with the timestamp info).
>
> The problem is how to process this BYTE* to extract the original
> timestamp information... how is it encoded ? Does anyone know where can
> I find this information ?
>
> Thank you,
> Sérgio

Relevant Pages

  • Re: Using CryptSignMessage to insert timestamp into PDF
    ... Since a timestamp service is really a counter-signature on your already ... At least that is how the Authenticode signed PE time-stamping works. ... time server is already ASN1 DER-encoded. ... PDF file was created before this date, ...
    (microsoft.public.platformsdk.security)
  • Programmatically add signature and timestamp to PDF
    ... I am writing an application that outputs PDF files, ... signature and/or timestamp to my PDF files. ... This goes to the /Contents entry of the signature field, ... Now I want to add a timestamp. ...
    (comp.text.pdf)
  • RE: How does timestamping with CAPICOM work?
    ... Timestamp functionality is only available through the Authenticode ... Call CryptMsgOpenToDecode. ... Get the timestamp certificate info by calling CryptGetMsgParam with the ...
    (microsoft.public.platformsdk.security)
  • Re: Authenticode Timestamp Protocol
    ... I want to deploy Authenticode at our site, including the timestamp feature. ... But we cannot use Verisign implementation because of communication gaps. ... If I get the protocol I will implement it so we can use Authenticode. ...
    (microsoft.public.platformsdk.security)
  • Re: Automate signing macros
    ... When you sign a file without applying a timestamp, there's no way for a user ... of the file to know whether you applied the signature before or after the ... certificate expired once the expiry date of the signing certificate has ... signature applied before the signing certificate expired can continue to be ...
    (microsoft.public.dotnet.security)