M2Crypto - Extract detached PKCS7 signature from PKCS7 (signature&data)

[Alexander Williams]

I want to break a PKCS7 signature that contains data + signature into separate: raw data & detached PKCS7 signature in python.

I can get the data fro the signature because the verification routine returns it, but how can I get the detached signature ?

def verify_pkcs7(data_bio, signature_bio, cacert_bio, format=X509.FORMAT_PEM):
    sm_obj = SMIME.SMIME()
    st = X509.X509_Store()

    st.add_cert(X509.load_cert_string(cacert_bio))
    sm_obj.set_x509_store(st)


    if format == X509.FORMAT_PEM:
        p7 = SMIME.load_pkcs7_bio(signature_bio)
    else:
        p7 = SMIME.PKCS7(m2.pkcs7_read_bio_der(signature_bio._ptr()), 1)


    sk = p7.get0_signers(X509.X509_Stack())
    sm_obj.set_x509_stack(sk)

    try:
        v = sm_obj.verify(p7, data_bio)
        if v:
            print "Client signature verified."
            with open('file.rar', 'wb') as ff:
                ff.write(v)
    except Exception as e:
        print str(e)
        print "*** INVALID CLIENT MESSAGE SIGNATURE ***"
My wild guess is that it one of these functions.. I base my assumption on the fact that M2Crypto is a wrapper over OpenSSL.