Migrated from: https://gitlab.com/m2crypto/m2crypto/-/issues/329
Created by: commonism (@commonism)
Created at: 2023-03-09T08:42:41.115Z
PKCS7_SIGNED is defined as
SWIG_Python_SetConstant(d, d == md ? public_interface : NULL, "PKCS7_SIGNED",SWIG_From_int((int)(NID_pkcs7_signed)));
https://gitlab.com/m2crypto/m2crypto/-/blob/master/src/SWIG/_m2crypto_wrap.c#L33095
yet is is used as flag for basically PKCS7_verify
return _sender.verify(_p7, _data, flags=M2Crypto.SMIME.PKCS7_SIGNED)
https://gitlab.com/m2crypto/m2crypto/-/blob/master/contrib/smimeplus.py#L93
This is not correct use of PKCS7_verify - valid flags are
PKCS7_NOINTERN PKCS7_TEXT PKCS7_NOVERIFY PKCS7_NOCHAIN PKCS7_NOSIGS
Passing PKCS7_SIGNED, evaluates to |PKCS7_NOSIGS due to
import M2Crypto
bin(M2Crypto.SMIME.PKCS7_NOSIGS)
# '0b100'
M2Crypto.SMIME.PKCS7_SIGNED & M2Crypto.SMIME.PKCS7_NOSIGS
# 4
as well as PKCS7_NOINTERN
for i in a.split():
print(f"{i} {M2Crypto.SMIME.PKCS7_SIGNED & getattr(M2Crypto.SMIME, i)}")
# PKCS7_NOINTERN 16
# PKCS7_TEXT 0
# PKCS7_NOVERIFY 0
# PKCS7_NOCHAIN 0
# PKCS7_NOSIGS 4
As this is example code, been in place for 19 years, it's likely this has found some adoption. Therefore I propose to modify SMIME.verify to check the flags passed are valid flags, assisting in identifying code copied from the examples which does not verify signatures.
On 2023-07-27T12:25:16.896Z, Matěj Cepl wrote:
I have a deep suspicion that files in
contrib/
have really very limited use. If you have any idea how to fix and you could provide a patch (or merge request, it doesn’t matter), then I would apply it gladly.Thank you for noticing it.