PKCS#7: support SignedData with absent eContent#10804
Open
Frauschi wants to merge 1 commit into
Open
Conversation
Allow encoding and verifying a CMS SignedData whose encapContentInfo carries no eContent, that is, a signed-attributes-only signature over empty content (RFC 5652 makes eContent OPTIONAL). This is required for SCEP CertRep PENDING and FAILURE messages (RFC 8894 section 3.2.2), which must omit the pkcsPKIEnvelope entirely. Encode: wc_PKCS7_EncodeSignedData computes the messageDigest over the empty content when detached is set and contentSz is 0, since there is no eContent to drive the normal content-hashing pass. Verify: PKCS7_VerifySignedData no longer rejects an absent eContent when no external content or hash was supplied. It is processed as a detached signature over empty content, and wc_PKCS7_VerifyContentMessageDigest computes the digest of zero-length content using the parsed digest algorithm. The messageDigest comparison still rejects a stripped non-empty eContent. Add pkcs7_signed_no_content_test, a round-trip over a CMS SignedData whose encapContentInfo carries no eContent (a detached signature over empty content, signed-attributes-only), as produced by SCEP CertRep PENDING/FAILURE messages. The encode omits the eContent and the verify accepts it without any caller-supplied content or hash, checking the messageDigest against the hash of empty content. Run for RSA/SHA-256.
|
retest this please |
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Allow encoding and verifying a CMS
SignedDatawhoseencapContentInfocarries noeContent, that is, a signed-attributes-only signature over empty content (RFC 5652 makeseContentOPTIONAL). This is required for SCEP CertRepPENDINGandFAILUREmessages (RFC 8894 section 3.2.2), which must omit thepkcsPKIEnvelopeentirely.Encode:
wc_PKCS7_EncodeSignedDatacomputes themessageDigestover the empty content whendetachedis set andcontentSzis 0, since there is noeContentto drive the normal content-hashing pass.Verify:
PKCS7_VerifySignedDatano longer rejects an absenteContentwhen no external content or hash was supplied. It is processed as a detached signature over empty content, andwc_PKCS7_VerifyContentMessageDigestcomputes the digest of zero-length content using the parsed digest algorithm. ThemessageDigestcomparison still rejects a stripped non-emptyeContent.Add pkcs7_signed_no_content_test to test the new behaviour.