PHP :: Bug #50713 :: openssl_pkcs7_verify() may ignore untrusted CAs

Bug #50713

openssl_pkcs7_verify() may ignore untrusted CAs

Submitted:

2010-01-10 11:52 UTC

Modified:

2021-06-01 10:55 UTC

Votes:	5
Avg. Score:	4.4 ± 0.8
Reproduced:	4 of 5 (80.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

dark-tranquillity at yandex dot ru

Assigned:

cmb (profile)

Status:

Closed

Package:

OpenSSL related

PHP Version:

7.4

OS:

Win32

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	dark-tranquillity at yandex dot ru
New email:
PHP Version:		OS:

New/Additional Comment:

[2010-01-10 11:52 UTC] dark-tranquillity at yandex dot ru

Description:
------------
I have a private key & self-signed certificate.
1) create a signature (openssl_pkcs7_sign)

2) verify the signature: function openssl_pkcs7_verify returns TRUE (Verification successful),
   but openssl_error_string() - returns an error message (error:2107C080:PKCS7 routines:PKCS7_get0_signers:signer certificate not found)

3) in the command line are no errors
   openssl smime -sign -nocerts -signer proc.crt -inkey proc.key -in in.txt -out signed.txt
   openssl smime -verify -noverify -nointern -nochain -in signed.txt -certfile proc.crt


Reproduce code:
---------------
<?
    file_put_contents("in.txt", "demo text");

    $certfname='./proc.crt'; 
    $crt      =file_get_contents($certfname);
    $priv_key =file_get_contents('./proc.key');

    if(openssl_pkcs7_sign("in.txt", "signed.txt", $crt, $priv_key, array(), PKCS7_NOCERTS))
    {
       $status=openssl_pkcs7_verify("signed.txt", PKCS7_NOVERIFY|PKCS7_NOINTERN|PKCS7_NOCHAIN, "1.tmp", array(), $certfname);
       while($msg=openssl_error_string()) echo "$msg\n"; 
       echo "status=$status\n";
    }
    else die('failed openssl_pkcs7_sign');
?>


Expected result:
----------------
status=1

Actual result:
--------------
error:2107C080:PKCS7 routines:PKCS7_get0_signers:signer certificate not found
status=1

Patches

Pull Requests

Pull requests:

Fix #50713: openssl_pkcs7_verify() may ignore untrusted CAs (php-src/6927)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-03-14 08:59 UTC] allesbesser at gmail dot com

The problem comes from the $outfilename argument which allows you to have PHP save the certificates used to sign the message.

The PHP source is here:
https://github.com/php/php-src/blob/420c7979d5743a4621b334f569c7ae8686f4f85f/ext/openssl/openssl.c

First, the function does what it should do and calls PKCS7_verify(). This function verifies the signature using the internal and $extracerts by calling:

signers = PKCS7_get0_signers(p7, others, (int)flags);

others are the $extracerts. Now, as you speified $extracerts, you also had to specify $outfilename. Hence, the PHP function makes another function call:

signers = PKCS7_get0_signers(p7, NULL, (int)flags);

this time without the extra certs. Now, as the internal certificates are empty, this function raises an error as there are no certificates.

There are several ways to fix this (apart from ignoring the error when $extracerts is not empty):
- Modify the OpenSSL code so that it does not raise the error when getting certificates
- Change the way PHP gets the certificates so that the error is not raised anymore
- Allow $outfilename to be NULL so that the function is not even called

Personally, I think passing NULL as $outfilename should be accepted in these OpenSSL functions.

[2021-04-29 12:24 UTC] cmb@php.net

-Summary: openssl_pkcs7_verify returns TRUE, but openssl_error_string() returns an error +Summary: openssl_pkcs7_verify() may ignore untrusted CAs -PHP Version: 5.3.1 +PHP Version: 7.4 -Assigned To: +Assigned To: cmb

[2021-04-29 12:24 UTC] cmb@php.net

I haven't been able to reproduce openssl_pkcs7_verify() to return
true in this case, but still, ignoring untrusted CAs appears to be
a bug.

[2021-04-29 12:25 UTC] cmb@php.net

The following pull request has been associated:

Patch Name: Fix #50713: openssl_pkcs7_verify() may ignore untrusted CAs
On GitHub:  https://github.com/php/php-src/pull/6927
Patch:      https://github.com/php/php-src/pull/6927.patch

[2021-06-01 10:55 UTC] cmb@php.net

-Status: Assigned +Status: Suspended

[2021-06-01 10:55 UTC] cmb@php.net

I suspend this ticket while waiting on further feedback on the PR.

[2023-11-17 19:44 UTC] git@php.net

Automatic comment on behalf of bukka
Revision: https://github.com/php/php-src/commit/f90b40416ffa731f19e8a9a9674ea4a8ab43fe5d
Log: Fix #50713: openssl_pkcs7_verify() may ignore untrusted CAs

[2023-11-17 19:44 UTC] git@php.net

-Status: Suspended +Status: Closed

[2023-11-23 03:36 UTC] git@php.net

Automatic comment on behalf of bukka (author) and ramsey (committer)
Revision: https://github.com/php/php-src/commit/55e0748487f99e8bb60b8c4fd4f6e9c3857c8cf3
Log: Fix #50713: openssl_pkcs7_verify() may ignore untrusted CAs

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Jul 16 23:01:33 2025 UTC