I try to do a verification of a detached PKCS#7 CMS signature. The verification fails with ASN_PARSE_E (-140). I'm using function wc_PKCS7_VerifySignedData_ex. The reason why it fails is an ASN.1 parsing synchronization error. It happens after the failing attempt to read non-existing signed data (after object 1.2.840.113549.1.7.1) from the signature. Instead on this position the sequence of certificates begins, but wc_PKCS7_VerifySignedData_ex already returned with ASN_PARSE_E. In my opinion, wc_PKCS7_VerifySignedData_ex should be able to handle both situations. Either there is signed data OR an implicit[0] set of certificates.

Please find attached the binary (its SHA256 was used for signing) and the resulting signature.

I used wolfSSL from https://github.com/wolfSSL/wolfssl commit: c57fee136a40f7dcd2c8315a3c6bfe602ca98b8c