Files
wolfssl/wolfcrypt
Tobias Frauenschläger 11f71108ba PKCS#7: support SignedData with absent eContent
Allow encoding and verifying a CMS SignedData whose encapContentInfo
carries no eContent, that is, a signed-attributes-only signature over
empty content (RFC 5652 makes eContent OPTIONAL). This is required for
SCEP CertRep PENDING and FAILURE messages (RFC 8894 section 3.2.2),
which must omit the pkcsPKIEnvelope entirely.

Encode: wc_PKCS7_EncodeSignedData computes the messageDigest over the
empty content when detached is set and contentSz is 0, since there is no
eContent to drive the normal content-hashing pass.

Verify: PKCS7_VerifySignedData no longer rejects an absent eContent when
no external content or hash was supplied. It is processed as a detached
signature over empty content, and wc_PKCS7_VerifyContentMessageDigest
computes the digest of zero-length content using the parsed digest
algorithm. The messageDigest comparison still rejects a stripped
non-empty eContent.

Add pkcs7_signed_no_content_test, a round-trip over a CMS SignedData
whose encapContentInfo carries no eContent (a detached signature over
empty content, signed-attributes-only), as produced by SCEP CertRep
PENDING/FAILURE messages. The encode omits the eContent and the verify
accepts it without any caller-supplied content or hash, checking the
messageDigest against the hash of empty content. Run for RSA/SHA-256.
2026-07-02 14:17:20 +02:00
..