I appreciate the timely response. So it is as I suspected then. PKSC_signatureVerify() is not digesting all of the authenticated attribute value SET, only the messagedigest. Will this be scheduled to be fixed? I believe there is also a bug in the PKCS7_get_octet_string() static function in pk7_doit.c (at least when called from the NID_pkcs7_signed case in PKCS7_dataInit()). The "&& (p7->d.other->type == V_ASN1_OCTET_STRING)" causes PKCS7_get_octet_string() to fail when a content value is anything other than an OCTET STRING or PKCS #7 Data. It could be a SEQUENCE, etc... It just needs to be interpreted as an OCTET STRING.
-Chang On Mon, Aug 15, 2011 at 12:27 PM, Dr. Stephen Henson <st...@openssl.org>wrote: > On Mon, Aug 15, 2011, Chang Lee wrote: > > > Has anyone been able to use PKCS7_verify(...) to verify a SignedData > > signature with authenticated attributes? I've looked through the code > and > > it seems PKCS7_signatureVerify() checks for the existence of > authenticated > > attributes and calls PKCS7_digest_from_attributes() which, along with the > > embedded comment /* mdc is the digest ctx that we want, unless there are > > attributes, > > * in which case the digest is the signed attributes */, gave the > impression > > that it computed the digest of the attributes. Looking at the > > code, PKCS7_digest_from_attributes() just returns the MessageDigest > > attribute. This implementation would be wrong. Is this a bug or do have > I > > stayed up too long looking at this code. > > I'm using 0.9.8r. > > > > The way things work (though the PKCS#7 standard isn't very clear in places) > is > that if you have authenticated attributes the message digest of the content > is > contained in a message digest attribute. The digital signature of the > PKCS#7 > structure is on the encoding of those attributes. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
