php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #26076 openssl_pkcs7_verify should output the verified mail
Submitted: 2003-11-02 02:17 UTC Modified: 2017-10-24 01:41 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: ivan dot dolezal at vsb dot cz Assigned:
Status: Analyzed Package: OpenSSL related
PHP Version: * OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ivan dot dolezal at vsb dot cz
New email:
PHP Version: OS:

 

 [2003-11-02 02:17 UTC] ivan dot dolezal at vsb dot cz
Description:
------------
The openssl_pkcs7_verify is able to verify signed e-mail, but I can't get the verified message out of it to process it further.

As OpenSSL shell does have this functionality: switch "-text" in...

openssl smime -verify -CApath /etc/ssl/certs/ -in signedmessage.txt -text

...outputs the message to STDOUT.

Expected result:
----------------
a new optional parametr called by reference in the function openssl_pkcs7_verify, that would output the message from the e-mail

Actual result:
--------------
Currently there is no (documented) way to get the verified message out of S/MIME. I can verify the message, find out, who signed it (with other functions), but I can't process the message from the mail.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-02 04:52 UTC] wez@php.net
Already have plans to implement this.
 [2010-11-18 23:41 UTC] jani@php.net
-Package: Feature/Change Request +Package: OpenSSL related -Operating System: irrelevant (FreeBSD) +Operating System: * -PHP Version: Irrelevant +PHP Version: *
 [2011-04-24 19:19 UTC] mo at nevali dot net
openssl_pkcs7_verify does nowadays include an optional parameter to output the  
cleartext version of the message to a file — HOWEVER, this parameter cannot be 
used unless the preceding parameters are ALSO used.

This is because although they are optional, there is no default value for the 
$extracerts parameter which can be specified explicitly. The implementation 
checks to see whether the C string (char * extracerts) is NULL or not, which it 
will never be if the parameter is actually specified (even if it's a PHP null 
value, as this will be coerced to the empty string).

This is a slightly awkward problem if you don't actually have any extra 
certificates.
 [2013-12-13 07:42 UTC] wez@php.net
-Status: Assigned +Status: Open
 [2013-12-13 07:43 UTC] wez@php.net
-Status: Assigned +Status: Open -Assigned To: wez +Assigned To:
 [2017-10-24 01:41 UTC] kalle@php.net
-Status: Open +Status: Analyzed
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC