first failing code for certificate verification

Author: nitneuqr

docs/hazmat/primitives/asymmetric/serialization.rst

@@ -1708,6 +1708,12 @@ contain certificates, CRLs, and much more. PKCS7 files commonly have a ``p7b``,
         obtain the signer's certificate by other means (for example from a
         previously signed message).
 
+    .. attribute:: NoVerify
+
+        For S/MIME verification only. Don't verify signers certificate. This is 
+        useful when the signer's certificate is not available or when the signer's
+        certificate is not trusted.
+
 Serialization Formats
 ~~~~~~~~~~~~~~~~~~~~~
 

src/cryptography/hazmat/primitives/serialization/pkcs7.py

@@ -21,6 +21,7 @@
     algorithms,
 )
 from cryptography.utils import _check_byteslike
+from cryptography.x509.verification import PolicyBuilder, Store
 
 load_pem_pkcs7_certificates = rust_pkcs7.load_pem_pkcs7_certificates
 
@@ -51,6 +52,7 @@ class PKCS7Options(utils.Enum):
     NoCapabilities = "Don't embed SMIME capabilities"
     NoAttributes = "Don't embed authenticatedAttributes"
     NoCerts = "Don't embed signer certificate"
+    NoVerify = "Don't verify signers certificate"
 
 
 class PKCS7SignatureBuilder:
@@ -390,6 +392,12 @@ def _smime_signed_decode(data: bytes) -> tuple[bytes | None, bytes]:
         raise ValueError("Not an S/MIME signed message")
 
 
+def _verify_pkcs7_certificates(certificates: list[x509.Certificate]) -> None:
+    builder = PolicyBuilder().store(Store(certificates))
+    verifier = builder.build_client_verifier()
+    verifier.verify(certificates[0], certificates[1:])
+
+
 def _smime_enveloped_encode(data: bytes) -> bytes:
     m = email.message.Message()
     m.add_header("MIME-Version", "1.0")

src/rust/src/pkcs7.rs

@@ -804,7 +804,14 @@ fn verify_der<'p>(
                 data,
             )?;
 
-            // TODO: verify the certificates?
+            // Verify the certificate
+            if !options.contains(types::PKCS7_NO_VERIFY.get(py)?)? {
+                let certificates = pyo3::types::PyList::empty(py);
+                certificates.append(certificate)?;
+                types::VERIFY_PKCS7_CERTIFICATES
+                    .get(py)?
+                    .call1((certificates,))?;
+            }
         }
         _ => {
             return Err(CryptographyError::from(
@@ -834,6 +841,18 @@ fn check_verify_options<'p>(
         }
     }
 
+    // Check if any option is not PKCS7Options::NoVerify
+    let no_verify_option = types::PKCS7_NO_VERIFY.get(py)?;
+    for opt in options.iter() {
+        if !opt.eq(no_verify_option.clone())? {
+            return Err(CryptographyError::from(
+                pyo3::exceptions::PyValueError::new_err(
+                    "Only the following options are supported for verification: NoVerify",
+                ),
+            ));
+        }
+    }
+
     Ok(())
 }
 

src/rust/src/types.rs

@@ -354,6 +354,10 @@ pub static PKCS7_DETACHED_SIGNATURE: LazyPyImport = LazyPyImport::new(
     "cryptography.hazmat.primitives.serialization.pkcs7",
     &["PKCS7Options", "DetachedSignature"],
 );
+pub static PKCS7_NO_VERIFY: LazyPyImport = LazyPyImport::new(
+    "cryptography.hazmat.primitives.serialization.pkcs7",
+    &["PKCS7Options", "NoVerify"],
+);
 
 pub static SMIME_ENVELOPED_ENCODE: LazyPyImport = LazyPyImport::new(
     "cryptography.hazmat.primitives.serialization.pkcs7",
@@ -380,6 +384,11 @@ pub static SMIME_SIGNED_DECODE: LazyPyImport = LazyPyImport::new(
     &["_smime_signed_decode"],
 );
 
+pub static VERIFY_PKCS7_CERTIFICATES: LazyPyImport = LazyPyImport::new(
+    "cryptography.hazmat.primitives.serialization.pkcs7",
+    &["_verify_pkcs7_certificates"],
+);
+
 pub static PKCS12KEYANDCERTIFICATES: LazyPyImport = LazyPyImport::new(
     "cryptography.hazmat.primitives.serialization.pkcs12",
     &["PKCS12KeyAndCertificates"],

tests/hazmat/primitives/test_pkcs7.py

@@ -939,6 +939,21 @@ def test_pkcs7_verify_der_no_content(
         # Verification
         pkcs7.pkcs7_verify_der(signature, None, certificate, [])
 
+    def test_pkcs7_verify_der_no_verify(
+        self, backend, data, certificate, private_key
+    ):
+        # Signature
+        builder = (
+            pkcs7.PKCS7SignatureBuilder()
+            .set_data(data)
+            .add_signer(certificate, private_key, hashes.SHA256())
+        )
+        signature = builder.sign(serialization.Encoding.DER, [])
+
+        # Verification
+        options = [pkcs7.PKCS7Options.NoVerify]
+        pkcs7.pkcs7_verify_der(signature, data, certificate, options)
+
     def test_pkcs7_verify_der_no_data(
         self, backend, data, certificate, private_key
     ):