~mcepl/m2crypto#329: 
Invalid use of PKCS7_SIGNED contrib/smimeplus.py

Migrated from: https://gitlab.com/m2crypto/m2crypto/-/issues/329
Created by: commonism (@commonism)
Created at: 2023-03-09T08:42:41.115Z

PKCS7_SIGNED is defined as

SWIG_Python_SetConstant(d, d == md ? public_interface : NULL, "PKCS7_SIGNED",SWIG_From_int((int)(NID_pkcs7_signed)));

https://gitlab.com/m2crypto/m2crypto/-/blob/master/src/SWIG/_m2crypto_wrap.c#L33095

yet is is used as flag for basically PKCS7_verify

return _sender.verify(_p7, _data, flags=M2Crypto.SMIME.PKCS7_SIGNED)

https://gitlab.com/m2crypto/m2crypto/-/blob/master/contrib/smimeplus.py#L93

This is not correct use of PKCS7_verify - valid flags are

PKCS7_NOINTERN PKCS7_TEXT PKCS7_NOVERIFY PKCS7_NOCHAIN PKCS7_NOSIGS

Passing PKCS7_SIGNED, evaluates to |PKCS7_NOSIGS due to

import M2Crypto
bin(M2Crypto.SMIME.PKCS7_NOSIGS)
# '0b100'
M2Crypto.SMIME.PKCS7_SIGNED & M2Crypto.SMIME.PKCS7_NOSIGS
# 4

as well as PKCS7_NOINTERN

for i in a.split():
     print(f"{i} {M2Crypto.SMIME.PKCS7_SIGNED & getattr(M2Crypto.SMIME, i)}")

# PKCS7_NOINTERN 16
# PKCS7_TEXT 0
# PKCS7_NOVERIFY 0
# PKCS7_NOCHAIN 0
# PKCS7_NOSIGS 4

As this is example code, been in place for 19 years, it's likely this has found some adoption. Therefore I propose to modify SMIME.verify to check the flags passed are valid flags, assisting in identifying code copied from the examples which does not verify signatures.

Status
REPORTED
Submitter
~mcepl
Assigned to
No-one
Submitted
7 months ago
Updated
7 months ago
Labels
helpneeded smime

~mcepl 7 months ago

On 2023-07-27T12:25:16.896Z, Matěj Cepl wrote:

I have a deep suspicion that files in contrib/ have really very limited use. If you have any idea how to fix and you could provide a patch (or merge request, it doesn’t matter), then I would apply it gladly.

Thank you for noticing it.

Register here or Log in to comment, or comment via email.