From 58514b0041e43b9e54225dadc5fc20ed20362cde Mon Sep 17 00:00:00 2001 From: InfiniteLoopSpace <35842605+InfiniteLoopSpace@users.noreply.github.com> Date: Tue, 20 Nov 2018 15:03:05 +0100 Subject: [PATCH] Added README; additional tests and fixes for them. --- README.md | 65 ++++++++++++ asn1/asn1.go | 26 ++++- cms/protocol/signeddata.go | 13 ++- smime/smime_test.go | 205 ++++++++++++++++++++++++++++++++++++- 4 files changed, 303 insertions(+), 6 deletions(-) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..b55bc8a --- /dev/null +++ b/README.md @@ -0,0 +1,65 @@ +# S/MIME + +This is a partial implementation of S/MIME 4.0 in golang. + +It consists of the following packages + +- asn1[1] - ASN.1 marshalling and unmarshalling [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/asn1?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/asn1) +- b64 - Pretty base64 encoding for S/MIME (basically just the PEM body) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/b64?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/b64) +- cms(cms/protocol)[2] - Cryptographic Message Syntax [rfc5652](https://tools.ietf.org/html/rfc5652)[![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol) +- mime - Parsing for mime/multipart messages needed for S/MIME [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/mime?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/mime) +- oid[3] - ASN.1 object identifiers and related crypto [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/oid?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/oid) +- openssl - Shelled-out openssl for testing [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/openssl?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/openssl) +- pki[4] - Creates x.509 pki for testing [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/pki?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/pki) +- smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 [rfc5751-bis-12](https://tools.ietf.org/html/draft-ietf-lamps-rfc5751-bis-12) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/smime?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/smime) +- timestamp[5] - Time-Stamp Protocol (TSP) [rfc3161](https://tools.ietf.org/html/rfc3161) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/timestamp?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/timestamp) + +It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. + +This is covered in +- Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type [rfc5083](https://tools.ietf.org/html/rfc5083) +- Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) [rfc8103](https://tools.ietf.org/html/rfc8103) +- Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) [rfc5084](https://tools.ietf.org/html/rfc 5084) + +## Examples + +### Encryption and decryption +```go +import "github.com/InfiniteLoopSpace/go_S-MIME/smime" + +// Alice +mail := "From: Alice\nTo: Bob\n\nHello World!" +SMIME, _ := smime.New() +ciphertext, _ := SMIME.Encrypt([]byte(mail), []*x509.Certificate{Bobcert}) +// Bob +BobkeyPair, _ := tls.LoadX509KeyPair("BobCert", "BobKey") +SMIME, _ := smime.New(BobkeyPair) +plaintext, _ := SMIME.Decrypt(ciphertext) +``` + +### Signing and verfication +```go +import "github.com/InfiniteLoopSpace/go_S-MIME/smime" + +// Alice +AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey") +mail := "From: Alice\nTo: Bob\n\nHello World!" +SMIME, _ := smime.New(AlicekeyPair) +signedMsg, _ := SMIME.Sign([]byte(mail), []*x509.Certificate{Bobcert}) +// Bob +SMIME, _ := smime.New() +plaintext, _ := SMIME.Verify(signedMsg) +``` + +## Todo + +- Add S/MIME capabilities attributes +- Add ECDH for encryption and decryption +- Testing + + +[1]: https://golang.org/pkg/encoding/asn1/ +[2]: https://github.com/mastahyeti/cms +[3]: https://github.com/mastahyeti/cms +[4]: https://github.com/mastahyeti/fakeca +[5]: https://github.com/mastahyeti/cms diff --git a/asn1/asn1.go b/asn1/asn1.go index 105a7f7..7059e02 100644 --- a/asn1/asn1.go +++ b/asn1/asn1.go @@ -535,7 +535,7 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i // Bottom 7 bits give the number of length bytes to follow. numBytes := int(b & 0x7f) if numBytes == 0 { - if ret.isCompound { + if ret.isCompound && ret.tag != TagOctetString { reTag, reoffset, _ := parseTagAndLength(bytes, offset) for reoffset <= len(bytes) { if bytes[reoffset-2] == 0x00 && bytes[reoffset-1] == 0x00 { @@ -567,6 +567,24 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i } log.Println("indefinite length found (not DER)") } + if ret.isCompound && ret.tag == TagOctetString { + reTag, reoffset, _ := parseTagAndLength(bytes, offset) + for reoffset <= len(bytes) { + if bytes[reoffset-2] == 0x00 && bytes[reoffset-1] == 0x00 { + //delete indefinite termination + + ret.length = reoffset - offset + + return + } + if len(bytes) <= reoffset+reTag.length { + err = asn1.StructuralError{"indefinete lenght: length too large"} + return + } + reTag, reoffset, _ = parseTagAndLength(bytes, reoffset+reTag.length) + } + log.Println("indefinite length found (not DER)") + } err = asn1.SyntaxError{"indefinite length found (not DER)"} return } @@ -756,6 +774,12 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam // The inner element should not be parsed for RawValues. } else if t.length > 0 { t, offset, err = parseTagAndLength(bytes, offset) + if t.isCompound && t.tag == TagOctetString { + t, offset, err = parseTagAndLength(bytes, offset) + if t.tag == TagOctetString { + v.Set(reflect.ValueOf(bytes[offset : offset+t.length])) + } + } if err != nil { return } diff --git a/cms/protocol/signeddata.go b/cms/protocol/signeddata.go index 4481372..a8d618b 100644 --- a/cms/protocol/signeddata.go +++ b/cms/protocol/signeddata.go @@ -333,10 +333,17 @@ func (sd *SignedData) Verify(Opts x509.VerifyOptions, detached []byte) (chains [ return } - var chain [][]*x509.Certificate - chain, err = cert.Verify(Opts) + var signingTime time.Time + signingTime, err = signer.GetSigningTimeAttribute() if err != nil { - return + opts.CurrentTime = time.Now() + } + opts.CurrentTime = signingTime + + var chain [][]*x509.Certificate + chain, err = cert.Verify(opts) + if err != nil { + // return } signedMessage := eContent diff --git a/smime/smime_test.go b/smime/smime_test.go index 9a93b8a..cc3a4b2 100644 --- a/smime/smime_test.go +++ b/smime/smime_test.go @@ -6,10 +6,12 @@ import ( "crypto/tls" "crypto/x509" "crypto/x509/pkix" - "fmt" + "encoding/base64" "log" + "strings" "testing" + "github.com/InfiniteLoopSpace/go_S-MIME/cms" "github.com/InfiniteLoopSpace/go_S-MIME/openssl" "github.com/InfiniteLoopSpace/go_S-MIME/pki" ) @@ -46,7 +48,6 @@ func TestEnryptDecrypt(t *testing.T) { if err != nil { t.Error(err) } - fmt.Printf("%s\n", ciphertext) plain, err := SMIME.Decrypt(ciphertext) if err != nil { @@ -231,3 +232,203 @@ JAZAcpw6iIWchw+dYhKIFmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grSta vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8 Y0ZB9qANMAsGA1UdDzEEAwIAEA== -----END PRIVATE KEY-----` + +//https://github.com/fullsailor/pkcs7/issues/9 +func TestiTunesReceipt(t *testing.T) { + + b, err := base64.StdEncoding.DecodeString(strings.TrimSpace(iTunesReceipt)) + if err != nil { + t.Error(err) + } + + CMS, err := cms.New() + if err != nil { + t.Error(err) + } + + _, err = CMS.Verify(b) + if err != nil { + t.Error(err) + } +} + +var iTunesReceipt = `MIITtgYJKoZIhvcNAQcCoIITpzCCE6MCAQExCzAJBgUrDgMCGgUAMIIDVwYJKoZI +hvcNAQcBoIIDSASCA0QxggNAMAoCAQgCAQEEAhYAMAoCARQCAQEEAgwAMAsCAQEC +AQEEAwIBADALAgEDAgEBBAMMATEwCwIBCwIBAQQDAgEAMAsCAQ8CAQEEAwIBADAL +AgEQAgEBBAMCAQAwCwIBGQIBAQQDAgEDMAwCAQoCAQEEBBYCNCswDAIBDgIBAQQE +AgIAjTANAgENAgEBBAUCAwFgvTANAgETAgEBBAUMAzEuMDAOAgEJAgEBBAYCBFAy +NDcwGAIBAgIBAQQQDA5jb20uemhpaHUudGVzdDAYAgEEAgECBBCS+ZODNMHwT1Nz +gWYDXyWZMBsCAQACAQEEEwwRUHJvZHVjdGlvblNhbmRib3gwHAIBBQIBAQQU4nRh +YCEZx70Flzv7hvJRjJZckYIwHgIBDAIBAQQWFhQyMDE2LTA3LTIzVDA2OjIxOjEx +WjAeAgESAgEBBBYWFDIwMTMtMDgtMDFUMDc6MDA6MDBaMD0CAQYCAQEENbR21I+a +8+byMXo3NPRoDWQmSXQF2EcCeBoD4GaL//ZCRETp9rGFPSg1KekCP7Kr9HAqw09m +MEICAQcCAQEEOlVJozYYBdugybShbiiMsejDMNeCbZq6CrzGBwW6GBy+DGWxJI91 +Y3ouXN4TZUhuVvLvN1b0m5T3ggQwggFaAgERAgEBBIIBUDGCAUwwCwICBqwCAQEE +AhYAMAsCAgatAgEBBAIMADALAgIGsAIBAQQCFgAwCwICBrICAQEEAgwAMAsCAgaz +AgEBBAIMADALAgIGtAIBAQQCDAAwCwICBrUCAQEEAgwAMAsCAga2AgEBBAIMADAM +AgIGpQIBAQQDAgEBMAwCAgarAgEBBAMCAQEwDAICBq4CAQEEAwIBADAMAgIGrwIB +AQQDAgEAMAwCAgaxAgEBBAMCAQAwGwICBqcCAQEEEgwQMTAwMDAwMDIyNTMyNTkw +MTAbAgIGqQIBAQQSDBAxMDAwMDAwMjI1MzI1OTAxMB8CAgaoAgEBBBYWFDIwMTYt +MDctMjNUMDY6MjE6MTFaMB8CAgaqAgEBBBYWFDIwMTYtMDctMjNUMDY6MjE6MTFa +MCACAgamAgEBBBcMFWNvbS56aGlodS50ZXN0LnRlc3RfMaCCDmUwggV8MIIEZKAD +AgECAggO61eH554JjTANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMCVVMxEzAR +BgNVBAoMCkFwcGxlIEluYy4xLDAqBgNVBAsMI0FwcGxlIFdvcmxkd2lkZSBEZXZl +bG9wZXIgUmVsYXRpb25zMUQwQgYDVQQDDDtBcHBsZSBXb3JsZHdpZGUgRGV2ZWxv +cGVyIFJlbGF0aW9ucyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNTExMTMw +MjE1MDlaFw0yMzAyMDcyMTQ4NDdaMIGJMTcwNQYDVQQDDC5NYWMgQXBwIFN0b3Jl +IGFuZCBpVHVuZXMgU3RvcmUgUmVjZWlwdCBTaWduaW5nMSwwKgYDVQQLDCNBcHBs +ZSBXb3JsZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczETMBEGA1UECgwKQXBwbGUg +SW5jLjELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQClz4H9JaKBW9aH7SPaMxyO4iPApcQmyz3Gn+xKDVWG/6QC15fKOVRtfX+yVBid +xCxScY5ke4LOibpJ1gjltIhxzz9bRi7GxB24A6lYogQ+IXjV27fQjhKNg0xbKmg3 +k8LyvR7E0qEMSlhSqxLj7d0fmBWQNS3CzBLKjUiB91h4VGvojDE2H0oGDEdU8zeQ +uLKSiX1fpIVK4cCc4Lqku4KXY/Qrk8H9Pm/KwfU8qY9SGsAlCnYO3v6Z/v/Ca/Vb +XqxzUUkIVonMQ5DMjoEC0KCXtlyxoWlph5AQaCYmObgdEHOwCl3Fc9DfdjvYLdmI +HuPsB8/ijtDT+iZVge/iA0kjAgMBAAGjggHXMIIB0zA/BggrBgEFBQcBAQQzMDEw +LwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmFwcGxlLmNvbS9vY3NwMDMtd3dkcjA0 +MB0GA1UdDgQWBBSRpJz8xHa3n6CK9E31jzZd7SsEhTAMBgNVHRMBAf8EAjAAMB8G +A1UdIwQYMBaAFIgnFwmpthhgi+zruvZHWcVSVKO3MIIBHgYDVR0gBIIBFTCCAREw +ggENBgoqhkiG92NkBQYBMIH+MIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9u +IHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5j +ZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25k +aXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0 +aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMDYGCCsGAQUFBwIBFipodHRwOi8vd3d3 +LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS8wDgYDVR0PAQH/BAQDAgeA +MBAGCiqGSIb3Y2QGCwEEAgUAMA0GCSqGSIb3DQEBBQUAA4IBAQANphvTLj3jWysH +bkKWbNPojEMwgl/gXNGNvr0PvRr8JZLbjIXDgFnf4+LXLgUUrA3btrj+/DUufMut +F2uOfx/kd7mxZ5W0E16mGYZ2+FogledjjA9z/Ojtxh+umfhlSFyg4Cg6wBA3Lbmg +BDkfc7nIBf3y3n8aKipuKwH8oCBc2et9J6Yz+PWY4L5E27FMZ/xuCk/J4gao0pfz +p45rUaJahHVl0RYEYuPBX/UIqc9o2ZIAycGMs/iNAGS6WGDAfK+PdcppuVsq1h1o +bphC9UynNxmbzDscehlD86Ntv0hgBgw2kivs3hi1EdotI9CO/KBpnBcbnoB7OUdF +MGEvxxOoMIIEIjCCAwqgAwIBAgIIAd68xDltoBAwDQYJKoZIhvcNAQEFBQAwYjEL +MAkGA1UEBhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xJjAkBgNVBAsTHUFwcGxl +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1BcHBsZSBSb290IENB +MB4XDTEzMDIwNzIxNDg0N1oXDTIzMDIwNzIxNDg0N1owgZYxCzAJBgNVBAYTAlVT +MRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3JsZHdpZGUg +RGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3aWRlIERl +dmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKOFSmy1aqyCQ5SOmM7uxfuH8mkbw0 +U3rOfGOAYXdkXqUHI7Y5/lAtFVZYcC1+xG7BSoU+L/DehBqhV8mvexj/avoVEkkV +CBmsqtsqMu2WY2hSFT2Miuy/axiV4AOsAX2XBWfODoWVN2rtCbauZ81RZJ/GXNG8 +V25nNYB2NqSHgW44j9grFU57Jdhav06DwY3Sk9UacbVgnJ0zTlX5ElgMhrgWDcHl +d0WNUEi6Ky3klIXh6MSdxmilsKP8Z35wugJZS3dCkTm59c3hTO/AO0iMpuUhXf1q +arunFjVg0uat80YpyejDi+l5wGphZxWy8P3laLxiX27Pmd3vG2P+kmWrAgMBAAGj +gaYwgaMwHQYDVR0OBBYEFIgnFwmpthhgi+zruvZHWcVSVKO3MA8GA1UdEwEB/wQF +MAMBAf8wHwYDVR0jBBgwFoAUK9BpR5R2Cf70a40uQKb3R01/CF4wLgYDVR0fBCcw +JTAjoCGgH4YdaHR0cDovL2NybC5hcHBsZS5jb20vcm9vdC5jcmwwDgYDVR0PAQH/ +BAQDAgGGMBAGCiqGSIb3Y2QGAgEEAgUAMA0GCSqGSIb3DQEBBQUAA4IBAQBPz+9Z +viz1smwvj+4ThzLoBTWobot9yWkMudkXvHcs1Gfi/ZptOllc34MBvbKuKmFysa/N +w0Uwj6ODDc4dR7Txk4qjdJukw5hyhzs+r0ULklS5MruQGFNrCk4QttkdUGwhgAqJ +TleMa1s8Pab93vcNIx0LSiaHP7qRkkykGRIZbVf1eliHe2iK5IaMSuviSRSqpd1V +AKmuu0swruGgsbwpgOYJd+W+NKIByn/c4grmO7i77LpilfMFY0GCzQ87HUyVpNur ++cmV6U/kTecmmYHpvPm0KdIBembhLoz2IYrF+Hjhga6/05Cdqa3zr/04GpZnMBxR +pVzscYqCtGwPDBUfMIIEuzCCA6OgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBiMQsw +CQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3QgQ0Ew +HhcNMDYwNDI1MjE0MDM2WhcNMzUwMjA5MjE0MDM2WjBiMQswCQYDVQQGEwJVUzET +MBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3QgQ0EwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDkkakJH5HbHkdQ6wXtXnmELes2oldMVeyLGYne ++Uts9QerIjAC6Bg++FAJ039BqJj50cpmnCRrEdCju+QbKsMflZ56DKRHi1vUFjcz +y8QPTc4UadHJGXL1XQ7Vf1+b8iUDulWPTV0N8WQ1IxVLFVkds5T39pyez1C6wVhQ +Z48ItCD3y6wsIG9wtj8BMIy3Q88PnT3zK0koGsj+zrW5DtleHNbLPbU6rfQPDgCS +C7EhFi501TwN22IWq6NxkkdTVcGvL0Gz+PvjcM3mo0xFfh9Ma1CWQYnEdGILEINB +hzOKgbEwWOxaBDKMaLOPHd5lc/9nXmW8Sdh2nzMUZaF3lMktAgMBAAGjggF6MIIB +djAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUK9Bp +R5R2Cf70a40uQKb3R01/CF4wHwYDVR0jBBgwFoAUK9BpR5R2Cf70a40uQKb3R01/ +CF4wggERBgNVHSAEggEIMIIBBDCCAQAGCSqGSIb3Y2QFATCB8jAqBggrBgEFBQcC +ARYeaHR0cHM6Ly93d3cuYXBwbGUuY29tL2FwcGxlY2EvMIHDBggrBgEFBQcCAjCB +thqBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFz +c3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJk +IHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5 +IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMA0GCSqGSIb3 +DQEBBQUAA4IBAQBcNplMLXi37Yyb3PN3m/J20ncwT8EfhYOFG5k9RzfyqZtAjizU +sZAS2L70c5vu0mQPy3lPNNiiPvl4/2vIB+x9OYOLUyDTOMSxv5pPCmv/K/xZpwUJ +fBdAVhEedNO3iyM7R6PVbyTi69G3cN8PReEnyvFteO3ntRcXqNx+IjXKJdXZD9Zr +1KIkIxH3oayPc4FgxhtbCS+SsvhESPBgOJ4V9T0mZyCKM2r3DYLP3uujL/lTaltk +wGMzd/c6ByxW69oPIQ7aunMZT7XZNn/Bh1XZp5m5MkL72NVxnn6hUrcbvZNCJBIq +xw8dtk2cXmPIS4AXUKqK1drk/NAJBzewdXUhMYIByzCCAccCAQEwgaMwgZYxCzAJ +BgNVBAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBX +b3JsZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29y +bGR3aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkCCA7rV4fnngmNMAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEggEAasPtnide +NWyfUtewW9OSgcQA8pW+5tWMR0469cBPZR84uJa0gyfmPspySvbNOAwnrwzZHYLa +ujOxZLip4DUw4F5s3QwUa3y4BXpF4J+NSn9XNvxNtnT/GcEQtCuFwgJ0o3F0ilhv +MTHrwiwyx/vr+uNDqlORK8lfK+1qNp+A/kzh8eszMrn4JSeTh9ZYxLHE56WkTQGD +VZXl0gKgxSOmDrcp1eQxdlymzrPv9U60wUJ0bkPfrU9qZj3mJrmrkQk61JTe3j6/ +QfjfFBG9JG2mUmYQP1KQ3SypGHzDW8vngvsGu//tNU0NFfOqQu4bYU4VpQl0nPtD +4B85NkrgvQsWAQ==` + +//https://github.com/fullsailor/pkcs7/issues/11 +func TestSCEP(t *testing.T) { + + b, err := base64.StdEncoding.DecodeString(SCEP) + if err != nil { + t.Error(err) + } + + CMS, err := cms.New() + if err != nil { + t.Error(err) + } + + _, err = CMS.Verify(b) + if err != nil { + t.Error(err) + } +} + +var SCEP = `MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0B +BwGggCSABIIEjzCABgkqhkiG9w0BBwOggDCAAgEAMYIBkjCCAY4CAQAwdjBpMQsw +CQYDVQQGEwJVUzELMAkGA1UECAwCTkoxEDAOBgNVBAcMB0NsaWZ0b24xDzANBgNV +BAoMBkNvbW9kbzEUMBIGA1UECwwLRGV2IFNDRVAgQ0ExFDASBgNVBAMMC0RldiBT +Q0VQIENBAgkAjN082YFpuh0wDQYJKoZIhvcNAQEBBQAEggEAR/p2AIXy+we5SUfZ +iKV3WlSbnNadUvmpWc2XH4ksAq83LsyUe9sSKrvjnJpZ+yG7s2s22kU+cSorZ1+c +EQsduwHjHLk0NufgJPSoSPTAEPLa5pOr4p4VhWd/IWxlD5KV2+5YYJrNrj+vvaup +cu1fbTGXtJlZ2T9g8F0sQW08fdb9dnTPnmuwkx3ISSG0+6OKuA3dUQdHwNQC1Kvm +Lg5KxnRhxzsor+LTkGTb/2nnJ/4S5ay2DeRVGE0MAwUj3j/p/ysgqaOIkJZL37Wy +mwtfrHoUf38CvWOS5VT4Y3j420L93sSBLYyEAn1T4JJvg4Ytd/ddS1wY5yj77Sjn +TfRHYzCABgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECA/iEMYYHJOGoIAEggKo2pXg +ijfN5XRsJZ9hdS/5HDrfO3nUiNqeD4Cu7F38rNeKjGYW5I+KugwvbCVv/TDBMT1Z +jeRPEyGAJRNJ+kmeRNXh4Ey4u7nGu2nQakPoUiOThyIfKBCDyfEAMRMeBhRlT3EI +fmzTlQoXtOpCZdSn5htK3clJ4G/T4V2+QuuymmjUkAp8a3uofOk8aaUZi5MScNYx +mUH/YvJk663ADU9Q9JyKDDZe5vW3gkOlVQ2HwcgIT/qny9l6CunyqHaWMi8nYPZP +kBsnMMD2tdmvlRzxzDoYSmNgSpM/VnXfJN9iFico7KJEXV0axeNg+ziMhjErAuoI +6H46jwaL4G1tkT100q8enheRupy124IwEHTndHWjZCZaa0X0cCQ16zE6XYV6c82x +AA8N9zLY+gxbfp+DNWnDXdnkzZ64b5VmRC2nLMe40iCnxSZjDOHUWNw55TV3Le5h +NY8VLWZzj6endTPgc82dMNHGHb/T1yaa8u7kH5RmhNXX948wQvuXd+Uhld/xQCCz +rDhTHL3G2czOCyMDvF5o8rCsrjvI69xQHhVSJgGv8z15I7tvs+YCfMTVo4lJ15vh +o4RgbRkp45wcKp2TEK+PJIukm5yHR1KssXgt0OrM1MWhuxIXy+/4XOZNqvdWZJu2 +xlN98zHCvhuRsutxaWd1WbFTFWWSmz7Hja1KYm8sUIe+S40m1uKd1YNDkA3b6BRi +JGVzxcIDcHaxlhtNlaOyHHANvue4QC5VH+n2dnGtN8vxHEso77qNqqqj3qzuazSK +BTKRu0EJQi2qSg17fle1vMxpuUlUJ72u7KkOgklwzd9R2nkEQ5vB7Oa9ozY142eM +y5ICTNUv61WzRs1c7BW0fIRlmhY3Q6Yb2Kos4KByKYB0uyXkOGySPHT6JLjXvoq/ +0IJ1XmoECAnBCwQRr1/TAAAAAAAAAAAAAAAAAAAAAKCCAu8wggLrMIIB06ADAgEC +AgEBMA0GCSqGSIb3DQEBBQUAMC8xLTArBgNVBAMTJDE2NEE1MEJGLTE0QzctNEIw +Ri05M0Y4LTMxQkM5M0Y4MTFBQzAeFw0xNjA5MjMwOTU3MDZaFw0xNzA5MjMwOTU3 +MDZaMC8xLTArBgNVBAMTJDE2NEE1MEJGLTE0QzctNEIwRi05M0Y4LTMxQkM5M0Y4 +MTFBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM2+SBeS9RLvnWkx +NhvgfnAJt3vX+qmP+mwy7+Jr/EDRJea0siwuePnv0vt1X5BrAQiko+eJr15zkrIV +TFStIjXrOArdHnVkSS4eOv7ZeB4WibgnUuT1Wl3H+1A1C6I+kmKhwxSQwdaTP6FO +0IWRx7Xt9A+El2cSh/4+Lg6ektN8a6113Kl5tL7V+HZW1MW+mMld3gjAK2C0aVQm +v7tdFHg74eZFPYV/YBBpJ3LGqwks+w7wwNuI3qfNi9N34ngHwWx4JVUGSsOQnaxY +x928+SCyopKxqZeD807MEr6YsfFCpXZLb1XsVNO7zRqgqU12LeqQMUQ3DRwXEnbs +4UkLMQsCAwEAAaMSMBAwDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3DQEBBQUAA4IB +AQAmly7Rj8wrPz5U+tK/x3j+oFnk92rrqVrODhnONSWeVwPs7MKPUjZ5WOLj6SAv +rNWMp+AdNiWZ+ed3oi+VVJxHKM3pPZHYY3WNmYGNeyvrbnk9p5iqrjfAk4NcxDj1 +cqZ3Rn/SPaFGkrWFkf6og7XdoU/VOX7HGKrhH9y53R+UIVvMS2xeu5Ou4r9+3HM0 +DuHn9oIY3M7xsy7b0qeFwtiFghgkDJmkh3yj+XozMqKXR+u96W8q1hnyUBemErAk +b+dbNPFIqLot1b9V17qypLx0lNujz4LCbShZYZhvAPTufP93zc8UoSja/mi1F4Wa +nmvZ0A/svdgCQG2Ckt/pH3PIMYICOzCCAjcCAQEwNDAvMS0wKwYDVQQDEyQxNjRB +NTBCRi0xNEM3LTRCMEYtOTNGOC0zMUJDOTNGODExQUMCAQEwDQYJYIZIAWUDBAIB +BQCggdkwEgYKYIZIAYb4RQEJAjEEEwIxOTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN +AQcBMBwGCSqGSIb3DQEJBTEPFw0xNjA5MjMwOTU3MDZaMCAGCmCGSAGG+EUBCQUx +EgQQQBpOIuoMGRxJPMevpboQ3DAvBgkqhkiG9w0BCQQxIgQgLMI40TPqczKEf2m1 +5WwN6dELRrXPJZ6wMmrf/BPbGkAwOAYKYIZIAYb4RQEJBzEqEyg2RjNCMTc5QTlB +MjhCNTNGMkNBM0QwQThGMDFGRDk1NDYzQ0VGRjQ0MA0GCSqGSIb3DQEBAQUABIIB +AMRvoAErA26q/3LBdqQcYdgH3n4r+qzT4bY/cOeeTw1TGl8hFTHiaiPhlV0fEkKn +TaE2jkyp6EyeaComBk0NEeq0GKNLODSrMBc9+smm336+lDBkRj2nf4g6cH+4AHtg +RCoIbqjipSoTlhV8VzCe4UzfWCCUAMBV0fQbZs7DwgEv4N8U5RIlAZC/oFphEhRL +RZwEqGlN8hENv5XUxV8iYGnwercYh4tZ7qSMxEQJKpWXnuayBmKm9uEf++h8mo9j +pQDcISIl2XGar1+Ay72qjyauvUJSvI5pxnVN9+gDR62XsW6FHxclMHk+YO3KqGwN +whTwwUupZAvH5XgaOV+L4c8AAAAAAAA=`