[PHP-BUG] Bug #62122 [NEW]: openssl_pkcs7_verify with PKCS7_BINARY flag does not work (patch included)

Wed, 23 May 2012 06:06:45 -0700 

From:             
Operating system: Linux
PHP version:      master-Git-2012-05-23 (Git)
Package:          OpenSSL related
Bug Type:         Bug
Bug description:openssl_pkcs7_verify with PKCS7_BINARY flag does not work 
(patch included)

Description:
------------
I found the function openssl_pkcs7_verify not working correctly with the
PKCS7_BINARY flag and an ASN1 encoded input file.

I traced the error message returned by openssl_error_string() and found the
error hidden in ext/openssl/openssl.c.

When using libopenssl and ASN1 input you have to use the d2i_PKCS7_bio
function instead of SMIME_read_PKCS7 because of a known bug in the later
one("The parser assumes that the PKCS7 structure is always base64 encoded
and will not handle the case where it is in binary format or uses quoted
printable format." [from man 3 SMIME_read_PKCS7]).

I changed the code in ext/openssl/openssl.c similar to the one from
openssl-1.0.0/apps/smime.c (the openssl command line tool).

I tested my patch successfully on 



Test script:
---------------
echo(openssl_pkcs7_verify("input", PKCS7_BINARY|PKCS7_NOVERIFY);
echo(openssl_error_string());

with ASN1 encoded "input" file.

Expected result:
----------------
output of: "1" and no error message

(this expected result actually occurs with my patch applied)

Actual result:
--------------
output of "-1error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no
content type"

-- 
Edit bug report at https://bugs.php.net/bug.php?id=62122&edit=1
-- 
Try a snapshot (PHP 5.4):            
https://bugs.php.net/fix.php?id=62122&r=trysnapshot54
Try a snapshot (PHP 5.3):            
https://bugs.php.net/fix.php?id=62122&r=trysnapshot53
Try a snapshot (trunk):              
https://bugs.php.net/fix.php?id=62122&r=trysnapshottrunk
Fixed in SVN:                        
https://bugs.php.net/fix.php?id=62122&r=fixed
Fixed in SVN and need be documented: 
https://bugs.php.net/fix.php?id=62122&r=needdocs
Fixed in release:                    
https://bugs.php.net/fix.php?id=62122&r=alreadyfixed
Need backtrace:                      
https://bugs.php.net/fix.php?id=62122&r=needtrace
Need Reproduce Script:               
https://bugs.php.net/fix.php?id=62122&r=needscript
Try newer version:                   
https://bugs.php.net/fix.php?id=62122&r=oldversion
Not developer issue:                 
https://bugs.php.net/fix.php?id=62122&r=support
Expected behavior:                   
https://bugs.php.net/fix.php?id=62122&r=notwrong
Not enough info:                     
https://bugs.php.net/fix.php?id=62122&r=notenoughinfo
Submitted twice:                     
https://bugs.php.net/fix.php?id=62122&r=submittedtwice
register_globals:                    
https://bugs.php.net/fix.php?id=62122&r=globals
PHP 4 support discontinued:          
https://bugs.php.net/fix.php?id=62122&r=php4
Daylight Savings:                    https://bugs.php.net/fix.php?id=62122&r=dst
IIS Stability:                       
https://bugs.php.net/fix.php?id=62122&r=isapi
Install GNU Sed:                     
https://bugs.php.net/fix.php?id=62122&r=gnused
Floating point limitations:          
https://bugs.php.net/fix.php?id=62122&r=float
No Zend Extensions:                  
https://bugs.php.net/fix.php?id=62122&r=nozend
MySQL Configuration Error:           
https://bugs.php.net/fix.php?id=62122&r=mysqlcfg

Reply via email to