This is a discussion on [openssl.org #1011] PKCS7 verifier fails to recognize sha1WithRSAEncryption digestAlgorithm - Openssl ; [email@example.com - Fri Feb 18 09:28:03 2005]: > Hi, > > [ originally written by Scott J. Tamosunas, > http://www.mail-archive.com/openssl-.../msg05433.html ] > > I am trying to verify the signature of a PKCS7 object created by > another PKI > ...
[firstname.lastname@example.org - Fri Feb 18 09:28:03 2005]:
> [ originally written by Scott J. Tamosunas,
> http://www.mail-archive.com/openssl-.../msg05433.html ]
> I am trying to verify the signature of a PKCS7 object created by
> another PKI
> that used SHA1 as the method of digest and RSA Encryption as the
> method of
> private key encryption. However, if I parse the DER, the following
> that the sha1withRSAEncryption was used as the
That's wrong but OpenSSL should tolerate it.
> This gets set into the output bio struct.
> Later in the PKCS7_signatureVerify() function in the location:
> if (EVP_MD_CTX_type(mdc) == md_type)
> The error PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
> PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST) is set because md_type = 65 and
> mdc->digest.type = 64. 64 is SHA1 so the comparisons to the message
> fail, when really they should not.
What version of OpenSSL are you using? Since OpenSSL 0.9.7c and later
this is present:
if (EVP_MD_CTX_type(mdc) == md_type)
/* Workaround for some broken clients that put the signature
* OID instead of the digest OID in digest_alg->algorithm
if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
so the case you are referring to should be handled. If for some reason
you are using a newer version of OpenSSL and still see this issue please
send me the PKCS#7 structure OpenSSL doesn't like and I'll analyse it.
OpenSSL Project http://www.openssl.org
Development Mailing List email@example.com
Automated List Manager firstname.lastname@example.org