Skip to content

PKCS#7: support SignedData with absent eContent#10804

Open
Frauschi wants to merge 1 commit into
wolfSSL:masterfrom
Frauschi:pkcs7_no_eContent
Open

PKCS#7: support SignedData with absent eContent#10804
Frauschi wants to merge 1 commit into
wolfSSL:masterfrom
Frauschi:pkcs7_no_eContent

Conversation

@Frauschi

Copy link
Copy Markdown
Contributor

Allow encoding and verifying a CMS SignedData whose encapContentInfo carries no eContent, that is, a signed-attributes-only signature over empty content (RFC 5652 makes eContent OPTIONAL). This is required for SCEP CertRep PENDING and FAILURE messages (RFC 8894 section 3.2.2), which must omit the pkcsPKIEnvelope entirely.

Encode: wc_PKCS7_EncodeSignedData computes the messageDigest over the empty content when detached is set and contentSz is 0, since there is no eContent to drive the normal content-hashing pass.

Verify: PKCS7_VerifySignedData no longer rejects an absent eContent when no external content or hash was supplied. It is processed as a detached signature over empty content, and wc_PKCS7_VerifyContentMessageDigest computes the digest of zero-length content using the parsed digest algorithm. The messageDigest comparison still rejects a stripped non-empty eContent.

Add pkcs7_signed_no_content_test to test the new behaviour.

Allow encoding and verifying a CMS SignedData whose encapContentInfo
carries no eContent, that is, a signed-attributes-only signature over
empty content (RFC 5652 makes eContent OPTIONAL). This is required for
SCEP CertRep PENDING and FAILURE messages (RFC 8894 section 3.2.2),
which must omit the pkcsPKIEnvelope entirely.

Encode: wc_PKCS7_EncodeSignedData computes the messageDigest over the
empty content when detached is set and contentSz is 0, since there is no
eContent to drive the normal content-hashing pass.

Verify: PKCS7_VerifySignedData no longer rejects an absent eContent when
no external content or hash was supplied. It is processed as a detached
signature over empty content, and wc_PKCS7_VerifyContentMessageDigest
computes the digest of zero-length content using the parsed digest
algorithm. The messageDigest comparison still rejects a stripped
non-empty eContent.

Add pkcs7_signed_no_content_test, a round-trip over a CMS SignedData
whose encapContentInfo carries no eContent (a detached signature over
empty content, signed-attributes-only), as produced by SCEP CertRep
PENDING/FAILURE messages. The encode omits the eContent and the verify
accepts it without any caller-supplied content or hash, checking the
messageDigest against the hash of empty content. Run for RSA/SHA-256.
@Frauschi Frauschi self-assigned this Jun 29, 2026
@Frauschi Frauschi marked this pull request as ready for review June 29, 2026 12:35
@github-actions

Copy link
Copy Markdown

retest this please

@github-actions

Copy link
Copy Markdown

@Frauschi Frauschi assigned wolfSSL-Bot and unassigned Frauschi Jun 29, 2026
@Frauschi Frauschi requested review from dgarske and douzzer June 29, 2026 20:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants