Decode ASN.1 value from custom extension (raw data)

Feb 12, 2015 at 1:05 PM
Gents,

I am using PSPKI 3.0 and am trying to decode a custom extension (example is 1.2.3.4.5.8 as an OID with a string as the payload).

I cannot figure out how to access the decoded data in the payload. For all other known extensions, the .Format() method returns meaningful strings. The string is decoded e.g. by the ASN.1 Editor. Played arount with some classes, e.g. AsnEncodedData but I cannot make it work. E.g. constructing an object and handing over the byte [] does not work either.

I am lost (and no programmer at all :)
Import-Module PSPKI

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2

$cert.Import("C:\temp\test.cer")

$extensions = $cert.Extensions

$customExtension = $extensions[8]

$customExtension.OID
$customExtension.RawData
$customExtension.Format($false)
An exemplary certificate

-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgITXgAAACxJAMui+d5klQAAAAAALDANBgkqhkiG9w0BAQ0F
ADB2MRMwEQYKCZImiZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBs
ZTEUMBIGCgmSJomT8ixkARkWBGdvb2QxMDAuBgNVBAMTJ0V4YW1wbGUgSXNzdWlu
ZyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNTAyMTIxMzIzMThaFw0xNjAy
MDUwODQ0MDdaMG0xCzAJBgNVBAYTAkRFMQ0wCwYDVQQIEwRUZXN0MQ0wCwYDVQQH
EwRUZXN0MQ0wCwYDVQQKEwRUZXNkMQ0wCwYDVQQLEwR0ZVRlMQ0wCwYDVQQDEwRS
ZXN0MRMwEQYJKoZIhvcNAQkBFgRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvv5Pr13e7mJBDKt/7M8Sffv1ZsrJOdL9LB+htwHYSvIVUPaauqhY
gficQZobgyspEmic4M6N6HjNoPN2iFGBcmqr1HE+Wy4/25pzakMxxAVw7VWRGCQn
DpTvfgDZ9N4pE667b6/jFG49nHH0CBNOW2DQmAOwUFJ7QtTQyC5c4zH376BBIhx9
HWjEUNMGXacx6P76A8et6uoLR2JQXBKHDkKeEUBCPsQdPg4uRm6vrxwanniV0nKg
+y4TRVqxB3l23tIuhHXAZynOwScG2UXTpGpY3R6YtXd79rPifwZJB7iFqO7oTSYi
TQaVuucn4x0oSzhXYAx/utWPjuIVDrcsvQIDAQABo4IC3DCCAtgwDgYDVR0PAQH/
BAQDAgWgMD0GCSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCIKgulOEwe9Rg/GbOoGy
9EyBn+o7HYLIvm2DzNI1AgFkAgEDMB0GA1UdDgQWBBQU3qI49gF8xQKsi5w3nScx
2ByKCTAfBgNVHSMEGDAWgBSJOmkIDkS7x2zuoGbzBo4fslONvDCB3QYDVR0fBIHV
MIHSMIHPoIHMoIHJhoHGbGRhcDovLy9DTj1FeGFtcGxlIElzc3VpbmcgQ2VydGlm
aWNhdGlvbiBBdXRob3JpdHksQ049ZGMyLENOPUNEUCxDTj1QdWJsaWMgS2V5IFNl
cnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9ZXhhbXBsZSxE
Qz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNz
PWNSTERpc3RyaWJ1dGlvblBvaW50MIHVBggrBgEFBQcBAQSByDCBxTCBwgYIKwYB
BQUHMAKGgbVsZGFwOi8vL0NOPUV4YW1wbGUgSXNzdWluZyBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eSxDTj1BSUEsQ049UHVibGljIEtleSBTZXJ2aWNlcyxDTj1TZXJ2
aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWV4YW1wbGUsREM9Y29tP2NBQ2VydGlm
aWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MCkG
A1UdJQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDAQYKKwYBBAGCNzYBAjA1BgkrBgEE
AYI3FQoEKDAmMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMAwGCisGAQQBgjc2AQIw
LQYFKgMEBQgEJBYibWZAZXhhbXBsZS5jb207aXRhZG1pbkBleGFtcGxlLmNvbTAN
BgkqhkiG9w0BAQ0FAAOCAQEAAbsU4k2uLoVvlLL63LqRDZlgNDycoBdihY9px/i5
9WHQ7gVcOEke0nm87M2lvbJeGMB8r5ErCVEpoMnZArPEqoVfxUttd1Z/qn36MK2C
U7Wr78uTRwu7ydxyGdq80w5CyPuvx2ppccdeAzOB5+zdLIAMRHZsiB7KBlWcoaMw
CHc3nH13awNKEjT6GnIygYwkCfvhniAnyKFIlucF67b5b3leQ1vgUaQcvZoeHZ29
PTio6b205qIxkA4vvuyH50fvgilU3v+iH/oBdVeBUt5/5B9pC1LxFSI4rncZkO3E
c6a6d7BpPHWxYdDDIBm/n4OBM8rOn4dTHY/1CFgbF/Aqcw==
-----END CERTIFICATE-----
Coordinator
Feb 12, 2015 at 1:24 PM
Neither, AsnEncodedData or any tool will decode unknown extension. Each extension has specific syntax and common extension decoders are implemented in Windows. For custom extension you have to write your own decoder based on extension's ASN module. I suspect that your extension is a simple IA5String, so you can decode this string:
[PKI.ASN.ASN1]::DecodeIA5String($cert.Extensions[8].RawData)
Marked as answer by M_M_F on 2/12/2015 at 6:26 AM
Feb 12, 2015 at 1:27 PM
Hi Camelot,

cannot believe it was this easy :D And yes, it was just an IA5String. Binged like crazy and could not find any info... :)

Thanks a lot, this was exactly what I was looking for.

MMF