[#6323] False positive SMIME verification
Summary False positive SMIME verification
Queue Horde Framework Packages
Queue Version FRAMEWORK_3
Type Bug
State Resolved
Priority 2. Medium
Owners Horde Developers (at) , selsky (at) columbia (dot) edu
Requester thomas.belot (at) atosorigin (dot) com
Created 2008-02-26 (4710 days ago)
Updated 2008-03-14 (4693 days ago)
Assigned 2008-03-13 (4694 days ago)
Resolved 2008-03-14 (4693 days ago)
Milestone 3.2
Patch No

2008-03-14 13:43:32 Matt Selsky Comment #8
Assigned to Matt Selsky
State ⇒ Resolved
Reply to this comment
Thomas confirmed this as working.  Fixed in HEAD and RC4.
2008-03-13 15:50:29 Chuck Hagenbuch State ⇒ Feedback
2008-03-13 06:00:47 Matt Selsky Comment #7
New Attachment: smime.patch Download
Reply to this comment
Try this patch.  Also, do you have a few sample messages I can use for 
testing?  How did you break the message to get openssl_pkcs7_verify() 
to return -1?
2008-03-06 10:45:45 Jan Schneider Comment #6 Reply to this comment
With both cases I meant -1 which means an error during verification, 
and false which means an invalid cert.
2008-03-06 10:36:30 thomas (dot) belot (at) atosorigin (dot) com Comment #5 Reply to this comment
I ran a few tests on my own, there is no way to differenciate both 
cases (output is not filled).

If you want to raise two different messages, we need to contact PHP's 
openssl team and ask for a third return code
2008-03-06 00:32:11 Jan Schneider Comment #4
Assigned to Horde DevelopersHorde Developers
State ⇒ Assigned
Milestone ⇒ 3.2
Reply to this comment
I suggest that we return two different error messages in those cases.
2008-02-27 12:57:04 thomas (dot) belot (at) atosorigin (dot) com Comment #3 Reply to this comment
Then there is a problem in openssl's function :

I wrote the signature function that caused invalid signature 
production and I had two problem : Invalid signature syntax AND 
invalid signature

When facing both problems the function returs -1 as the invalid 
signature is unparsable ... but still invalid
2008-02-26 21:22:01 Jan Schneider Comment #2
State ⇒ Feedback
Priority ⇒ 2. Medium
Reply to this comment
Why do you consider -1 a valid verification ???
Because, if the signature was really invalid, it would have returned 
false. The commit message that allowed -1 as a valid return, says: 
"openssl_pkcs7_verify returns -1 when the signature is ok but there 
are no certificates to return."
2008-02-26 16:25:34 thomas (dot) belot (at) atosorigin (dot) com Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 3. High
Summary ⇒ False positive SMIME verification
Queue ⇒ Horde Framework Packages
Reply to this comment
In file framework/Crypt/Crypt/smime.php,v line 215

212:/* Try again without verfying the signer's cert */

213:        $result = openssl_pkcs7_verify($input, PKCS7_NOVERIFY, $output);


215:        if (($result === true) || ($result === -1)) {

216:            [Verification OK]

217:        } else {

218:            [Verification KO]

219:        }

Verification is OK if "$result === -1" but "openssl_pkcs7_verify" 
documentation specify that "[openssl_pkcs7_verify] Returns [...] -1 on 

Why do you consider -1 a valid verification ???

In my case, I had malformed smime signature which lead to an 
encouraging message "valid message verification, but unknown issuer"...

Saved Queries