php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #26076 openssl_pkcs7_verify should output the verified mail
Submitted: 2003-11-02 02:17 UTC Modified: 2021-03-05 18:07 UTC
Votes:7
Avg. Score:3.3 ± 0.7
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:2 (66.7%)
From: ivan dot dolezal at vsb dot cz Assigned: cmb (profile)
Status: Closed Package: OpenSSL related
PHP Version: * OS: *
Private report: No CVE-ID: None
 [2003-11-02 02:17 UTC] ivan dot dolezal at vsb dot cz
Description:
------------
The openssl_pkcs7_verify is able to verify signed e-mail, but I can't get the verified message out of it to process it further.

As OpenSSL shell does have this functionality: switch "-text" in...

openssl smime -verify -CApath /etc/ssl/certs/ -in signedmessage.txt -text

...outputs the message to STDOUT.

Expected result:
----------------
a new optional parametr called by reference in the function openssl_pkcs7_verify, that would output the message from the e-mail

Actual result:
--------------
Currently there is no (documented) way to get the verified message out of S/MIME. I can verify the message, find out, who signed it (with other functions), but I can't process the message from the mail.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-02 04:52 UTC] wez@php.net
Already have plans to implement this.
 [2010-11-18 23:41 UTC] jani@php.net
-Package: Feature/Change Request +Package: OpenSSL related -Operating System: irrelevant (FreeBSD) +Operating System: * -PHP Version: Irrelevant +PHP Version: *
 [2011-04-24 19:19 UTC] mo at nevali dot net
openssl_pkcs7_verify does nowadays include an optional parameter to output the  
cleartext version of the message to a file — HOWEVER, this parameter cannot be 
used unless the preceding parameters are ALSO used.

This is because although they are optional, there is no default value for the 
$extracerts parameter which can be specified explicitly. The implementation 
checks to see whether the C string (char * extracerts) is NULL or not, which it 
will never be if the parameter is actually specified (even if it's a PHP null 
value, as this will be coerced to the empty string).

This is a slightly awkward problem if you don't actually have any extra 
certificates.
 [2013-12-13 07:42 UTC] wez@php.net
-Status: Assigned +Status: Open
 [2013-12-13 07:43 UTC] wez@php.net
-Status: Assigned +Status: Open -Assigned To: wez +Assigned To:
 [2017-10-24 01:41 UTC] kalle@php.net
-Status: Open +Status: Analyzed
 [2021-03-05 18:07 UTC] cmb@php.net
-Status: Analyzed +Status: Closed -Assigned To: +Assigned To: cmb
 [2021-03-05 18:07 UTC] cmb@php.net
Indeed, for a very long time there is the $content parameter, and
as of PHP 8.0.0 the prior parameters have usable default values
(besides that you can use named arguments), so I consider this
feature implemented.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 14:01:30 2024 UTC