[openssl.org #1011] PKCS7 verifier fails to recognize sha1WithRSAEncryption digestAlgorithm
[firstname.lastname@example.org - Fri Feb 18 09:28:03 2005]:
> [ originally written by Scott J. Tamosunas,
> [url]http://email@example.com/msg05433.html[/url] ]
> I am trying to verify the signature of a PKCS7 object created by
> another PKI
> that used SHA1 as the method of digest and RSA Encryption as the
> method of
> private key encryption. However, if I parse the DER, the following
> that the sha1withRSAEncryption was used as the
That's wrong but OpenSSL should tolerate it.
> This gets set into the output bio struct.
> Later in the PKCS7_signatureVerify() function in the location:
> if (EVP_MD_CTX_type(mdc) == md_type)
> The error PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
> PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST) is set because md_type = 65 and
> mdc->digest.type = 64. 64 is SHA1 so the comparisons to the message
> fail, when really they should not.
What version of OpenSSL are you using? Since OpenSSL 0.9.7c and later
this is present:
if (EVP_MD_CTX_type(mdc) == md_type)
/* Workaround for some broken clients that put the signature
* OID instead of the digest OID in digest_alg->algorithm
if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
so the case you are referring to should be handled. If for some reason
you are using a newer version of OpenSSL and still see this issue please
send me the PKCS#7 structure OpenSSL doesn't like and I'll analyse it.
OpenSSL Project [url]http://www.openssl.org[/url]
Development Mailing List [email]firstname.lastname@example.org[/email]
Automated List Manager [email]email@example.com[/email]