|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #26076 openssl_pkcs7_verify should output the verified mail
Submitted: 2003-11-02 02:17 UTC Modified: 2017-10-24 01:41 UTC
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: ivan dot dolezal at vsb dot cz Assigned:
Status: Analyzed Package: OpenSSL related
PHP Version: * OS: *
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
46 - 45 = ?
Subscribe to this entry?

 [2003-11-02 02:17 UTC] ivan dot dolezal at vsb dot cz
The openssl_pkcs7_verify is able to verify signed e-mail, but I can't get the verified message out of it to process it further.

As OpenSSL shell does have this functionality: switch "-text" in...

openssl smime -verify -CApath /etc/ssl/certs/ -in signedmessage.txt -text

...outputs the message to STDOUT.

Expected result:
a new optional parametr called by reference in the function openssl_pkcs7_verify, that would output the message from the e-mail

Actual result:
Currently there is no (documented) way to get the verified message out of S/MIME. I can verify the message, find out, who signed it (with other functions), but I can't process the message from the mail.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-02 04:52 UTC]
Already have plans to implement this.
 [2010-11-18 23:41 UTC]
-Package: Feature/Change Request +Package: OpenSSL related -Operating System: irrelevant (FreeBSD) +Operating System: * -PHP Version: Irrelevant +PHP Version: *
 [2011-04-24 19:19 UTC] mo at nevali dot net
openssl_pkcs7_verify does nowadays include an optional parameter to output the  
cleartext version of the message to a file — HOWEVER, this parameter cannot be 
used unless the preceding parameters are ALSO used.

This is because although they are optional, there is no default value for the 
$extracerts parameter which can be specified explicitly. The implementation 
checks to see whether the C string (char * extracerts) is NULL or not, which it 
will never be if the parameter is actually specified (even if it's a PHP null 
value, as this will be coerced to the empty string).

This is a slightly awkward problem if you don't actually have any extra 
 [2013-12-13 07:42 UTC]
-Status: Assigned +Status: Open
 [2013-12-13 07:43 UTC]
-Status: Assigned +Status: Open -Assigned To: wez +Assigned To:
 [2017-10-24 01:41 UTC]
-Status: Open +Status: Analyzed
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Tue Oct 15 23:01:26 2019 UTC