[#6323] False positive SMIME verification
Summary False positive SMIME verification
Queue Horde Framework Packages
Queue Version FRAMEWORK_3
Type Bug
State Resolved
Priority 2. Medium
Owners Matt Selsky <selsky (at) columbia (dot) edu>, Horde Developers
Requester thomas (dot) belot (at) atosorigin (dot) com
Created 02/26/2008 (73 days ago)
Due
Updated 03/14/2008 (56 days ago)
Assigned 03/13/2008 (57 days ago)
Resolved 03/14/2008 (56 days ago)
Attachments smime.patch Download
Milestone 3.2
Patch

History
03/14/2008 Matt Selsky Comment #8
State ⇒ Resolved
Assigned to Matt Selsky		 Reply to this comment
Thomas confirmed this as working.  Fixed in HEAD and RC4.
03/13/2008 Chuck Hagenbuch State ⇒ Feedback
 
03/13/2008 Matt Selsky Comment #7
New Attachment: smime.patch Download		 Reply to this comment
Try this patch.  Also, do you have a few sample messages I can use for testing?  How did you break the message to get openssl_pkcs7_verify() to return -1?
03/06/2008 Jan Schneider Comment #6 Reply to this comment
With both cases I meant -1 which means an error during verification, and false which means an invalid cert.
03/06/2008 thomas (dot) belot (at) atosorigin (dot) com Comment #5 Reply to this comment
I ran a few tests on my own, there is no way to differenciate both cases (output is not filled).
If you want to raise two different messages, we need to contact PHP's openssl team and ask for a third return code
03/05/2008 Jan Schneider Comment #4
Milestone ⇒ 3.2
State ⇒ Assigned
Assigned to Horde DevelopersHorde Developers		 Reply to this comment
I suggest that we return two different error messages in those cases.
02/27/2008 thomas (dot) belot (at) atosorigin (dot) com Comment #3 Reply to this comment
Then there is a problem in openssl's function :
I wrote the signature function that caused invalid signature production and I had two problem : Invalid signature syntax AND invalid signature
When facing both problems the function returs -1 as the invalid signature is unparsable ... but still invalid
02/26/2008 Jan Schneider Comment #2
Priority ⇒ 2. Medium
State ⇒ Feedback		 Reply to this comment
> Why do you consider -1 a valid verification ???

Because, if the signature was really invalid, it would have returned false. The commit message that allowed -1 as a valid return, says: "openssl_pkcs7_verify returns -1 when the signature is ok but there are no certificates to return."
02/26/2008 thomas (dot) belot (at) atosorigin (dot) com Comment #1
Queue ⇒ Horde Framework Packages
Summary ⇒ False positive SMIME verification
Type ⇒ Bug
Priority ⇒ 3. High
State ⇒ Unconfirmed		 Reply to this comment
In file framework/Crypt/Crypt/smime.php,v 1.49.2.14 line 215
212:/* Try again without verfying the signer's cert */
213:        $result = openssl_pkcs7_verify($input, PKCS7_NOVERIFY, $output);
214:
215:        if (($result === true) || ($result === -1)) {
216:            [Verification OK]
217:        } else {
218:            [Verification KO]
219:        }

Verification is OK if "$result === -1" but "openssl_pkcs7_verify" documentation specify that "[openssl_pkcs7_verify] Returns [...] -1 on error."
Why do you consider -1 a valid verification ???

In my case, I had malformed smime signature which lead to an encouraging message "valid message verification, but unknown issuer"...