pyca
diff --git a/‎CHANGELOG.rst
Lines changed: 7 additions & 0 deletions b/‎CHANGELOG.rst
Lines changed: 7 additions & 0 deletions
diff --git a/‎docs/development/test-vectors.rst
Lines changed: 3 additions & 0 deletions b/‎docs/development/test-vectors.rst
Lines changed: 3 additions & 0 deletions
diff --git a/‎docs/hazmat/primitives/asymmetric/serialization.rst
Lines changed: 148 additions & 0 deletions b/‎docs/hazmat/primitives/asymmetric/serialization.rst
Lines changed: 148 additions & 0 deletions
diff --git a/‎src/cryptography/hazmat/bindings/_rust/pkcs7.pyi
Lines changed: 23 additions & 5 deletions b/‎src/cryptography/hazmat/bindings/_rust/pkcs7.pyi
Lines changed: 23 additions & 5 deletions
diff --git a/‎src/cryptography/hazmat/primitives/serialization/pkcs7.py
Lines changed: 34 additions & 0 deletions b/‎src/cryptography/hazmat/primitives/serialization/pkcs7.py
Lines changed: 34 additions & 0 deletions
@@ -35,6 +35,13 @@ Changelog
   :meth:`VerifiedClient.subject <cryptography.x509.verification.VerifiedClient.subjects>`
   property can now be `None` since a custom extension policy may allow certificates 
   without a Subject Alternative Name extension.
+* Added support for PKCS7 decryption & encryption using AES-256 as content algorithm, 
+  in addition to AES-128. 
+* Added basic support for PKCS7 verification (including S/MIME 3.2) via
+  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_verify_der`,
+  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_verify_pem`, and
+  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_verify_smime`.
+
 
 .. _v44-0-1:
 
 
@@ -948,6 +948,9 @@ Custom PKCS7 Test Vectors
 * ``pkcs7/enveloped-no-content.der``- A DER encoded PKCS7 file with
   enveloped data, without encrypted content, with key encrypted under the
   public key of ``x509/custom/ca/rsa_ca.pem``.
+* ``pkcs7/signed-opaque.msg``- A PKCS7 signed message, signed using opaque 
+  signing (``application/pkcs7-mime`` content type), signed under the
+  private key of ``x509/custom/ca/ca.pem``, ``x509/custom/ca/ca_key.pem``.
 
 Custom OpenSSH Test Vectors
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -1267,6 +1267,154 @@ contain certificates, CRLs, and much more. PKCS7 files commonly have a ``p7b``,
         :returns bytes: The signed PKCS7 message.
 
 
+.. function:: pkcs7_verify_der(data, content, certificate, options)
+
+    .. versionadded:: 45.0.0
+
+    .. doctest::
+
+        >>> from cryptography import x509
+        >>> from cryptography.hazmat.primitives import hashes, serialization
+        >>> from cryptography.hazmat.primitives.serialization import pkcs7
+        >>> cert = x509.load_pem_x509_certificate(ca_cert)
+        >>> key = serialization.load_pem_private_key(ca_key, None)
+        >>> signed = pkcs7.PKCS7SignatureBuilder().set_data(
+        ...     b"data to sign"
+        ... ).add_signer(
+        ...     cert, key, hashes.SHA256()
+        ... ).sign(
+        ...     serialization.Encoding.DER, []
+        ... )
+        >>> pkcs7.pkcs7_verify_der(signed, None, cert, [])
+
+    Deserialize and verify a DER-encoded PKCS7 signed message. PKCS7 (or S/MIME) has multiple
+    versions, but this supports a subset of :rfc:`5751`, also known as S/MIME Version 3.2. If the
+    verification succeeds, does not return anything. If the verification fails, raises an exception.
+
+    :param data: The data, encoded in DER format.
+    :type data: bytes
+
+    :param content: if specified, the content to verify against the signed message. If the content
+        is not specified, the function will look for the content in the signed message.
+    :type data: bytes or None
+
+    :param certificate: A :class:`~cryptography.x509.Certificate` to verify against the signed
+        message.
+
+    :param options: A list of
+        :class:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7Options`. For 
+        this operation, no options are supported as of now.
+    
+    :raises ValueError: If the recipient certificate does not match any of the signers in the
+        PKCS7 data.
+    
+    :raises ValueError: If no content is specified and no content is found in the PKCS7 data.
+
+    :raises ValueError: If the PKCS7 data is not of the signed data type.
+
+
+.. function:: pkcs7_verify_pem(data, content, certificate, options)
+
+    .. versionadded:: 45.0.0
+
+    .. doctest::
+
+        >>> from cryptography import x509
+        >>> from cryptography.hazmat.primitives import hashes, serialization
+        >>> from cryptography.hazmat.primitives.serialization import pkcs7
+        >>> cert = x509.load_pem_x509_certificate(ca_cert)
+        >>> key = serialization.load_pem_private_key(ca_key, None)
+        >>> signed = pkcs7.PKCS7SignatureBuilder().set_data(
+        ...     b"data to sign"
+        ... ).add_signer(
+        ...     cert, key, hashes.SHA256()
+        ... ).sign(
+        ...     serialization.Encoding.PEM, []
+        ... )
+        >>> pkcs7.pkcs7_verify_pem(signed, None, cert, [])
+
+    Deserialize and verify a PEM-encoded PKCS7 signed message. PKCS7 (or S/MIME) has multiple
+    versions, but this supports a subset of :rfc:`5751`, also known as S/MIME Version 3.2. If the
+    verification succeeds, does not return anything. If the verification fails, raises an exception.
+
+    :param data: The data, encoded in PEM format.
+    :type data: bytes
+
+    :param content: if specified, the content to verify against the signed message. If the content
+        is not specified, the function will look for the content in the signed message.
+    :type data: bytes or None
+
+    :param certificate: A :class:`~cryptography.x509.Certificate` to verify against the signed
+        message.
+
+    :param options: A list of
+        :class:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7Options`. For 
+        this operation, no options are supported as of now.
+
+    :raises ValueError: If the PEM data does not have the PKCS7 tag.
+    
+    :raises ValueError: If the recipient certificate does not match any of the signers in the
+        PKCS7 data.
+    
+    :raises ValueError: If no content is specified and no content is found in the PKCS7 data.
+
+    :raises ValueError: If the PKCS7 data is not of the signed data type.
+
+
+.. function:: pkcs7_verify_smime(data, content, certificate, options)
+
+    .. versionadded:: 45.0.0
+
+    .. doctest::
+
+        >>> from cryptography import x509
+        >>> from cryptography.hazmat.primitives import hashes, serialization
+        >>> from cryptography.hazmat.primitives.serialization import pkcs7
+        >>> cert = x509.load_pem_x509_certificate(ca_cert)
+        >>> key = serialization.load_pem_private_key(ca_key, None)
+        >>> signed = pkcs7.PKCS7SignatureBuilder().set_data(
+        ...     b"data to sign"
+        ... ).add_signer(
+        ...     cert, key, hashes.SHA256()
+        ... ).sign(
+        ...     serialization.Encoding.SMIME, []
+        ... )
+        >>> pkcs7.pkcs7_verify_smime(signed, None, cert, [])
+
+    Verify a PKCS7 signed message stored in a MIME message, by reading it, extracting the content
+    (if any) and signature, deserializing the signature and verifying it against the content. PKCS7
+    (or S/MIME) has multiple versions, but this supports a subset of :rfc:`5751`, also known as
+    S/MIME Version 3.2. If the verification succeeds, does not return anything. If the verification
+    fails, raises an exception.  
+
+    :param data: The data, encoded in MIME format.
+    :type data: bytes
+
+    :param content: if specified, the content to verify against the signed message. If the content
+        is not specified, the function will look for the content in the MIME message and in the
+        signature.
+    :type data: bytes or None
+
+    :param certificate: A :class:`~cryptography.x509.Certificate` to verify against the signed
+        message.
+
+    :param options: A list of
+        :class:`~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7Options`. For 
+        this operation, no options are supported as of now.
+
+    :raises ValueError: If the MIME message is not a S/MIME signed message: content type is
+        different than ``multipart/signed`` or ``application/pkcs7-mime``.
+    
+    :raises ValueError: If the MIME message is a malformed ``multipart/signed`` S/MIME message: not
+        multipart, or multipart with more than 2 parts (content & signature).
+    
+    :raises ValueError: If the recipient certificate does not match any of the signers in the
+        PKCS7 data.
+    
+    :raises ValueError: If no content is specified and no content is found in the PKCS7 data.
+
+    :raises ValueError: If the PKCS7 data is not of the signed data type.
+
 .. class:: PKCS7EnvelopeBuilder
 
     The PKCS7 envelope builder can create encrypted S/MIME messages,
 
@@ -19,11 +19,6 @@ def encrypt_and_serialize(
     encoding: serialization.Encoding,
     options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
-def sign_and_serialize(
-    builder: pkcs7.PKCS7SignatureBuilder,
-    encoding: serialization.Encoding,
-    options: Iterable[pkcs7.PKCS7Options],
-) -> bytes: ...
 def decrypt_der(
     data: bytes,
     certificate: x509.Certificate,
@@ -42,6 +37,29 @@ def decrypt_smime(
     private_key: rsa.RSAPrivateKey,
     options: Iterable[pkcs7.PKCS7Options],
 ) -> bytes: ...
+def sign_and_serialize(
+    builder: pkcs7.PKCS7SignatureBuilder,
+    encoding: serialization.Encoding,
+    options: Iterable[pkcs7.PKCS7Options],
+) -> bytes: ...
+def verify_der(
+    signature: bytes,
+    content: bytes | None,
+    certificate: x509.Certificate,
+    options: Iterable[pkcs7.PKCS7Options],
+) -> None: ...
+def verify_pem(
+    signature: bytes,
+    content: bytes | None,
+    certificate: x509.Certificate,
+    options: Iterable[pkcs7.PKCS7Options],
+) -> None: ...
+def verify_smime(
+    signature: bytes,
+    content: bytes | None,
+    certificate: x509.Certificate,
+    options: Iterable[pkcs7.PKCS7Options],
+) -> None: ...
 def load_pem_pkcs7_certificates(
     data: bytes,
 ) -> list[x509.Certificate]: ...
 
@@ -186,6 +186,11 @@ def sign(
         return rust_pkcs7.sign_and_serialize(self, encoding, options)
 
 
+pkcs7_verify_der = rust_pkcs7.verify_der
+pkcs7_verify_pem = rust_pkcs7.verify_pem
+pkcs7_verify_smime = rust_pkcs7.verify_smime
+
+
 class PKCS7EnvelopeBuilder:
     def __init__(
         self,
@@ -358,6 +363,35 @@ def _smime_signed_encode(
     return fp.getvalue()
 
 
+def _smime_signed_decode(data: bytes) -> tuple[bytes | None, bytes]:
+    message = email.message_from_bytes(data)
+    content_type = message.get_content_type()
+    if content_type == "multipart/signed":
+        payload = message.get_payload()
+        if not isinstance(payload, list):
+            raise ValueError(
+                "Malformed multipart/signed message: must be multipart"
+            )
+        if not isinstance(payload[0], email.message.Message):
+            raise ValueError(
+                "Malformed multipart/signed message: first part (content) "
+                "must be a MIME message"
+            )
+        if not isinstance(payload[1], email.message.Message):
+            raise ValueError(
+                "Malformed multipart/signed message: second part (signature) "
+                "must be a MIME message"
+            )
+        return (
+            bytes(payload[0].get_payload(decode=True)),
+            bytes(payload[1].get_payload(decode=True)),
+        )
+    elif content_type == "application/pkcs7-mime":
+        return None, bytes(message.get_payload(decode=True))
+    else:
+        raise ValueError("Not an S/MIME signed message")
+
+
 def _smime_enveloped_encode(data: bytes) -> bytes:
     m = email.message.Message()
     m.add_header("MIME-Version", "1.0")