I have a pkcs # 7 file that contains signed data. It successfully checks:
$ openssl smime -verify -in data.p7s -CAfile root-certificate.pem
Verification successful
Signed data
But when I extract the signed part, I don’t see that it is actually the same as the signed part. I mean the following steps:
$ openssl asn1parse -in data.p7s
...
35:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
46:d=4 hl=2 l=inf cons: cont [ 0 ]
48:d=5 hl=2 l=inf cons: OCTET STRING
50:d=6 hl=2 l= 5 prim: OCTET STRING :(my data is here in plaintext)
...
(then the signed block starts:)
2861:d=6 hl=2 l= 9 prim: OBJECT :rsaEncryption
2872:d=6 hl=2 l= 0 prim: NULL
2874:d=5 hl=4 l= 256 prim: OCTET STRING [HEX DUMP]:<signed data is here>
I cut [HEX DUMP]with signed data:
$ dd if=data.p7s of=signed-part.bin bs=1 skip=2878 count=256
Decrypt it using the public key:
$ openssl rsautl -verify -in signed-part.bin -pubin -inkey root-public-key.pem -out verified-data.bin
and look inside the result:
$ openssl asn1parse -inform der -in verified-data.bin
0:d=0 hl=2 l= 33 cons: SEQUENCE
2:d=1 hl=2 l= 9 cons: SEQUENCE
4:d=2 hl=2 l= 5 prim: OBJECT :sha1
11:d=2 hl=2 l= 0 prim: NULL
13:d=1 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:<hash here>
This is [HEX DUMP]not the SHA1 sum of my source data.
I do not understand why the hash is different. Obviously, this is a hash of something other than my original data. Does the hash also cover any "Authenticated Attributes"? If so, how do you know which attributes were hashed and signed?