How to get algorithm field from signed PE PKCS#7 block

Question

I've got PKCS#7 content extracted from PE file.

The first part before the certificate chain (goes from the beginning up to the cert: label), contains info about the file integrity.

In particular, the hash that matches the file hash and the algorithm that use to generate this hash (worth FA0FE65F973A5709DC04EE18ABEF353EBEFEA669 and sha1 correspondingly on the example listed below).

I'm using openssl and I'd like to extract the hash algorithm type from the X509 format. I tried something like printing md_algs struct from debugger, and hopefully find the field algorithm worth 1.3.14.3.2.26 but that's what I saw..

p *(Pkcs7->d.sign->md_algs)
(stack_st_X509_ALGOR) $6 = {
  stack = {
     num = 1
     data = 0x00000001024457f0
     sorted = 0
     num_alloc = 4
     comp = 0x0000000000000000
  }
}

Where can I see the algorithm field ?

P.s. here's the relevant part of the pkcs7 struct :

PKCS7: 
   type: pkcs7-signedData (1.2.840.113549.1.7.2)
   d.sign: 
     version: 1
     md_algs:
       algorithm: sha1 (1.3.14.3.2.26)
       parameter: NULL
     contents: 
       type: undefined (1.3.6.1.4.1.311.2.1.4)
     d.other: SEQUENCE:
        0:d=0  hl=2 l=  60 cons: SEQUENCE          
        2:d=1  hl=2 l=  23 cons:  SEQUENCE          
        4:d=2  hl=2 l=  10 prim:   OBJECT            :1.3.6.1.4.1.311.2.1.15
       16:d=2  hl=2 l=   9 cons:   SEQUENCE          
       18:d=3  hl=2 l=   1 prim:    BIT STRING        
       21:d=3  hl=2 l=   4 cons:    cont [ 0 ]        
       23:d=4  hl=2 l=   2 cons:     cont [ 2 ]        
       25:d=5  hl=2 l=   0 prim:      cont [ 0 ]        
       27:d=1  hl=2 l=  33 cons:  SEQUENCE          
       29:d=2  hl=2 l=   9 cons:   SEQUENCE          
       31:d=3  hl=2 l=   5 prim:    OBJECT            :sha1
       38:d=3  hl=2 l=   0 prim:    NULL              
       40:d=2  hl=2 l=  20 prim:   OCTET STRING      [HEX DUMP]:FA0FE65F973A5709DC04EE18ABEF353EBEFEA669
     cert:
      cert_info: 
      ...

thanks

Answer 1

Defined in pkcs7.h, the md_algs attribute that you are inspecting is a stack of X509_ALGOR instances:

typedef struct pkcs7_signed_st {
    ASN1_INTEGER *version;      /* version 1 */
    STACK_OF(X509_ALGOR) *md_algs; /* md used */
    STACK_OF(X509) *cert;       /* [ 0 ] */
    STACK_OF(X509_CRL) *crl;    /* [ 1 ] */
    STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
    struct pkcs7_st *contents;
} PKCS7_SIGNED;

It can be safely accessed via the OpenSSL Stack API, for example using the function sk_X509_ALGOR_value() to inspect its element(s).

X509_ALGOR itself is defined in x509.h:

struct X509_algor_st {
    ASN1_OBJECT *algorithm;
    ASN1_TYPE *parameter;
} /* X509_ALGOR */ ;

The information you are looking for is stored in the property algorithm, which you can inspect using, for example, OBJ_obj2txt().

Tying it together, to get a textual representation of the first algorithm in the stack, you could do something like this:

char tbuf[20];
X509_ALGOR *algor = sk_X509_ALGOR_value(Pkcs7->d.sign->md_algs, 0);
int res = OBJ_obj2txt(tbuf, sizeof tbuf, algor->algorithm, 0);

After that, tbuf should contain a value like "sha1" and res contains the length of that string. For programmatic purposes, a function like OBJ_obj2nid() is probably more useful.

---

The debugger did not give you this information because the data field in the stack element is not strongly typed. You would have to cast it yourself to indicate that it is an array of pointers to X509_ALGOR structs. The OpenSSL Stack API provides you a set of macros that do the casting for you and access the array that way. And then, the ASN1_OBJECT that you end up with is hard to inspect or interpret in the debugger since it is just a bunch of bytes representing an object id in ASN.1 format.