From 78de88380ab32bd2865ba677704dfa24dbbe3d09 Mon Sep 17 00:00:00 2001 From: Jeremy Evans Date: Sat, 11 Nov 2023 16:36:39 -0800 Subject: [PATCH] Raise ArgumentError for PKCS7 without signed data in PKCS7.read_smime --- ext/openssl/ossl_pkcs7.c | 12 ++++++++++++ test/openssl/test_pkcs7.rb | 10 ++++++++++ 2 files changed, 22 insertions(+) diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index ca37def88..09db06c07 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -159,6 +159,7 @@ ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg) BIO *in, *out; PKCS7 *pkcs7; VALUE ret, data; + int i; ret = NewPKCS7(cPKCS7); in = ossl_obj2bio(&arg); @@ -166,6 +167,17 @@ ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg) pkcs7 = SMIME_read_PKCS7(in, &out); BIO_free(in); if(!pkcs7) ossl_raise(ePKCS7Error, NULL); + + i = OBJ_obj2nid(pkcs7->type); + switch(i){ + case NID_pkcs7_signed: + case NID_pkcs7_signedAndEnveloped: + if (!pkcs7->d.sign) + ossl_raise(rb_eArgError, "No signed data in PKCS7"); + default: + ; /* nothing */ + } + data = out ? ossl_membio2str(out) : Qnil; SetPKCS7(ret, pkcs7); ossl_pkcs7_set_data(ret, data); diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb index fa15bdbca..3e2756495 100644 --- a/test/openssl/test_pkcs7.rb +++ b/test/openssl/test_pkcs7.rb @@ -158,6 +158,16 @@ def test_enveloped def test_empty_signed_data_ruby_bug_19974 data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n" assert_raise(ArgumentError) { OpenSSL::PKCS7.new(data) } + + data = <