问题
I'm working on an MDM NodeJS server for iOS. On the Apple docs, the following ruby code is given :
p7sign = OpenSSL::PKCS7::PKCS7.new(req.body)
store = OpenSSL::X509::Store.new
p7sign.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
signers = p7sign.signers
What would be the equivalent in NodeJS?
The idea is to access p7sign.data that contains an xml plist.
Is this possible using either crypto or an external node lib (ursa, etc)?
回答1:
A good option would be to use child_process to invoke openssl directly. I do that to validate iOS .mobileprovision files.
$ openssl smime -verify -in FILE -inform der
The openssl command needs to be the apple-provided (not from ports or homebrew) so that it can find signing certificates and CA's in the keychain.
I haven't tried this myself, but the node-forge library contains an implementation of many cryptographic algorithms.
https://npmjs.org/package/node-forge#pkcs7
来源:https://stackoverflow.com/questions/12956995/pkcs7-data-payload-unpacking-with-nodejs