PHP :: Request #26076 :: openssl_pkcs7_verify should output the verified mail

openssl_pkcs7_verify should output the verified mail

Submitted:

2003-11-02 02:17 UTC

Modified:

2021-03-05 18:07 UTC

Votes:	7
Avg. Score:	3.3 ± 0.7
Reproduced:	3 of 3 (100.0%)
Same Version:	2 (66.7%)
Same OS:	2 (66.7%)

From:

ivan dot dolezal at vsb dot cz

Assigned:

cmb (profile)

Status:

Closed

Package:

OpenSSL related

PHP Version:

OS:

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	ivan dot dolezal at vsb dot cz
New email:
PHP Version:		OS:

New/Additional Comment:

[2003-11-02 02:17 UTC] ivan dot dolezal at vsb dot cz

Description:
------------
The openssl_pkcs7_verify is able to verify signed e-mail, but I can't get the verified message out of it to process it further.

As OpenSSL shell does have this functionality: switch "-text" in...

openssl smime -verify -CApath /etc/ssl/certs/ -in signedmessage.txt -text

...outputs the message to STDOUT.

Expected result:
----------------
a new optional parametr called by reference in the function openssl_pkcs7_verify, that would output the message from the e-mail

Actual result:
--------------
Currently there is no (documented) way to get the verified message out of S/MIME. I can verify the message, find out, who signed it (with other functions), but I can't process the message from the mail.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-11-02 04:52 UTC] wez@php.net

Already have plans to implement this.

[2010-11-18 23:41 UTC] jani@php.net

-Package: Feature/Change Request +Package: OpenSSL related -Operating System: irrelevant (FreeBSD) +Operating System: * -PHP Version: Irrelevant +PHP Version: *

[2011-04-24 19:19 UTC] mo at nevali dot net

openssl_pkcs7_verify does nowadays include an optional parameter to output the  
cleartext version of the message to a file — HOWEVER, this parameter cannot be 
used unless the preceding parameters are ALSO used.

This is because although they are optional, there is no default value for the 
$extracerts parameter which can be specified explicitly. The implementation 
checks to see whether the C string (char * extracerts) is NULL or not, which it 
will never be if the parameter is actually specified (even if it's a PHP null 
value, as this will be coerced to the empty string).

This is a slightly awkward problem if you don't actually have any extra 
certificates.

[2013-12-13 07:42 UTC] wez@php.net

-Status: Assigned +Status: Open

[2013-12-13 07:43 UTC] wez@php.net

-Status: Assigned +Status: Open -Assigned To: wez +Assigned To:

[2017-10-24 01:41 UTC] kalle@php.net

-Status: Open +Status: Analyzed

[2021-03-05 18:07 UTC] cmb@php.net

-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: cmb

[2021-03-05 18:07 UTC] cmb@php.net

Indeed, for a very long time there is the $content parameter, and
as of PHP 8.0.0 the prior parameters have usable default values
(besides that you can use named arguments), so I consider this
feature implemented.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Oct 31 11:00:01 2025 UTC