[derek@ihtfp.com - Fri Feb 18 09:28:03 2005]:

> Hi,
> [ originally written by Scott J. Tamosunas,
> http://www.mail-archive.com/openssl-.../msg05433.html ]
> I am trying to verify the signature of a PKCS7 object created by
> another PKI
> that used SHA1 as the method of digest and RSA Encryption as the
> method of
> private key encryption. However, if I parse the DER, the following
> shows
> that the sha1withRSAEncryption was used as the
> digestAlgorthimIdentifier:

That's wrong but OpenSSL should tolerate it.

> This gets set into the output bio struct.
> Later in the PKCS7_signatureVerify() function in the location:
> if (EVP_MD_CTX_type(mdc) == md_type)
> break;
> btmp=btmp->next_bio;
> }
> PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST) is set because md_type = 65 and
> mdc->digest.type = 64. 64 is SHA1 so the comparisons to the message
> digests
> fail, when really they should not.

What version of OpenSSL are you using? Since OpenSSL 0.9.7c and later
this is present:

if (EVP_MD_CTX_type(mdc) == md_type)
/* Workaround for some broken clients that put the signature
* OID instead of the digest OID in digest_alg->algorithm
if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)

so the case you are referring to should be handled. If for some reason
you are using a newer version of OpenSSL and still see this issue please
send me the PKCS#7 structure OpenSSL doesn't like and I'll analyse it.


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org