Sampo Kellomaki wrote:
>
> I have a S/MIME application that creates signatures but does not
> include the signing certificate in the message on the presumption that
> receiver already has it (and it is in his, and not mine, interest to
> enforce the signed contract ;-).
>
> This works fine with Netscape (only gripe is that Netscape apparently
> does not accept signatures made with self signed certificate, but
> thats not fatal). But when I try to do it with openssl, it seg faults
> because crypto/pk7_doit.c, around line 626 on OpenSSL-0.9.4-release
> because of NULL pointer as explained in comments:
>
[code deleted]
Yes you are right. This is why the code is "experimental" they are a few
things like that lurking around. It shouldn't do that it should give a
"no certificates" error or something like that.
>
> I presume that the author of this code still had not completed it as
> there is this huge XXXXX comment. Still, I find it illadviced to go
> looking for certs in the message itself. Shouldn't the code go looking
> for the messages in the certificate database (as passed in the
> arguments cert_store and ctx)?
>
Unfortunately this doesn't work for the most common "directory of
symlinks" store because it needs to look up certificates by issuer and
serial number which it can't do.
If the code ends up using the S/MIME v3 structures it will need to look
up by subject key id as well. This has the additional problem that there
isn't even a way to lookup ceritificates by key id at present.
>
> If I use PKCS7_signatureVerify() it works fine (even for self signed
> certs), but obviously I do not have guarantee about validity of the
> certificate itself.
>
Yes thats one reason I split the code into two. You can use
PKCS7_signatureVerify() to just verify the digital signatures. In this
case it is the callers responsibility to find the certificate and check
it is valid.
I think the best solution to the general problem is to allow a set of
callbacks to be passed to the PKCS#7 functions (PKCS7_METHOD and/or
PKCS7_CTX?) that allows certificate lookup, verify and things like
private key lookup to be handled. Defaults would largely keep the
current behaviour.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
