php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #26076 openssl_pkcs7_verify should output the verified mail
Submitted: 2003-11-02 02:17 UTC Modified: 2021-03-05 18:07 UTC
Votes:7
Avg. Score:3.3 ± 0.7
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:2 (66.7%)
From: ivan dot dolezal at vsb dot cz Assigned: cmb (profile)
Status: Closed Package: OpenSSL related
PHP Version: * OS: *
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ivan dot dolezal at vsb dot cz
New email:
PHP Version: OS:

 

 [2003-11-02 02:17 UTC] ivan dot dolezal at vsb dot cz
Description:
------------
The openssl_pkcs7_verify is able to verify signed e-mail, but I can't get the verified message out of it to process it further.

As OpenSSL shell does have this functionality: switch "-text" in...

openssl smime -verify -CApath /etc/ssl/certs/ -in signedmessage.txt -text

...outputs the message to STDOUT.

Expected result:
----------------
a new optional parametr called by reference in the function openssl_pkcs7_verify, that would output the message from the e-mail

Actual result:
--------------
Currently there is no (documented) way to get the verified message out of S/MIME. I can verify the message, find out, who signed it (with other functions), but I can't process the message from the mail.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-02 04:52 UTC] wez@php.net
Already have plans to implement this.
 [2010-11-18 23:41 UTC] jani@php.net
-Package: Feature/Change Request +Package: OpenSSL related -Operating System: irrelevant (FreeBSD) +Operating System: * -PHP Version: Irrelevant +PHP Version: *
 [2011-04-24 19:19 UTC] mo at nevali dot net
openssl_pkcs7_verify does nowadays include an optional parameter to output the  
cleartext version of the message to a file — HOWEVER, this parameter cannot be 
used unless the preceding parameters are ALSO used.

This is because although they are optional, there is no default value for the 
$extracerts parameter which can be specified explicitly. The implementation 
checks to see whether the C string (char * extracerts) is NULL or not, which it 
will never be if the parameter is actually specified (even if it's a PHP null 
value, as this will be coerced to the empty string).

This is a slightly awkward problem if you don't actually have any extra 
certificates.
 [2013-12-13 07:42 UTC] wez@php.net
-Status: Assigned +Status: Open
 [2013-12-13 07:43 UTC] wez@php.net
-Status: Assigned +Status: Open -Assigned To: wez +Assigned To:
 [2017-10-24 01:41 UTC] kalle@php.net
-Status: Open +Status: Analyzed
 [2021-03-05 18:07 UTC] cmb@php.net
-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: cmb
 [2021-03-05 18:07 UTC] cmb@php.net
Indeed, for a very long time there is the $content parameter, and
as of PHP 8.0.0 the prior parameters have usable default values
(besides that you can use named arguments), so I consider this
feature implemented.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 01:01:30 2024 UTC