Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.8b and 0.9.9 [xx XXX xxxx] *) Add additional S/MIME capabilities for AES and GOST ciphers if supported. Use correct micalg parameters depending on digest(s) in signed message. [Steve Henson] *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code. [Steve Henson] Loading crypto/pkcs7/pk7_mime.c +80 −1 Original line number Diff line number Diff line Loading @@ -144,6 +144,83 @@ static PKCS7 *B64_read_PKCS7(BIO *bio) return p7; } /* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */ static int pk7_write_micalg(BIO *out, PKCS7 *p7) { STACK_OF(X509_ALGOR) *mdalgs; STACK *mic_sk; int i, have_unknown = 0, ret = 0; mdalgs = p7->d.sign->md_algs; mic_sk = sk_new_null(); if (!mic_sk) goto err; have_unknown = 0; for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) { switch(OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm)) { case NID_sha1: if (!sk_push(mic_sk, "sha1")) goto err; break; case NID_md5: if (!sk_push(mic_sk, "md5")) goto err; break; case NID_sha256: if (!sk_push(mic_sk, "sha-256")) goto err; break; case NID_sha384: if (!sk_push(mic_sk, "sha-384")) goto err; break; case NID_sha512: if (!sk_push(mic_sk, "sha-512")) goto err; break; case NID_id_GostR3411_94: if (!sk_push(mic_sk, "gostr3411-94")) goto err; break; default: if (!have_unknown) { if (!sk_push(mic_sk, "unknown")) goto err; have_unknown = 1; } break; } } for (i = 0; i < sk_num(mic_sk); i++) { BIO_puts(out, sk_value(mic_sk, i)); if (i > 0) BIO_write(out, ",", 1); } ret = 1; err: if (mic_sk) sk_free(mic_sk); return ret; } /* SMIME sender */ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) Loading Loading @@ -174,7 +251,9 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); BIO_printf(bio, "Content-Type: multipart/signed;"); BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s", BIO_puts(bio, " micalg=\""); pk7_write_micalg(bio, p7); BIO_printf(bio, "\"; boundary=\"----%s\"%s%s", bound, mime_eol, mime_eol); BIO_printf(bio, "This is an S/MIME signed message%s%s", mime_eol, mime_eol); Loading Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.8b and 0.9.9 [xx XXX xxxx] *) Add additional S/MIME capabilities for AES and GOST ciphers if supported. Use correct micalg parameters depending on digest(s) in signed message. [Steve Henson] *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code. [Steve Henson] Loading
crypto/pkcs7/pk7_mime.c +80 −1 Original line number Diff line number Diff line Loading @@ -144,6 +144,83 @@ static PKCS7 *B64_read_PKCS7(BIO *bio) return p7; } /* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */ static int pk7_write_micalg(BIO *out, PKCS7 *p7) { STACK_OF(X509_ALGOR) *mdalgs; STACK *mic_sk; int i, have_unknown = 0, ret = 0; mdalgs = p7->d.sign->md_algs; mic_sk = sk_new_null(); if (!mic_sk) goto err; have_unknown = 0; for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) { switch(OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm)) { case NID_sha1: if (!sk_push(mic_sk, "sha1")) goto err; break; case NID_md5: if (!sk_push(mic_sk, "md5")) goto err; break; case NID_sha256: if (!sk_push(mic_sk, "sha-256")) goto err; break; case NID_sha384: if (!sk_push(mic_sk, "sha-384")) goto err; break; case NID_sha512: if (!sk_push(mic_sk, "sha-512")) goto err; break; case NID_id_GostR3411_94: if (!sk_push(mic_sk, "gostr3411-94")) goto err; break; default: if (!have_unknown) { if (!sk_push(mic_sk, "unknown")) goto err; have_unknown = 1; } break; } } for (i = 0; i < sk_num(mic_sk); i++) { BIO_puts(out, sk_value(mic_sk, i)); if (i > 0) BIO_write(out, ",", 1); } ret = 1; err: if (mic_sk) sk_free(mic_sk); return ret; } /* SMIME sender */ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) Loading Loading @@ -174,7 +251,9 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); BIO_printf(bio, "Content-Type: multipart/signed;"); BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s", BIO_puts(bio, " micalg=\""); pk7_write_micalg(bio, p7); BIO_printf(bio, "\"; boundary=\"----%s\"%s%s", bound, mime_eol, mime_eol); BIO_printf(bio, "This is an S/MIME signed message%s%s", mime_eol, mime_eol); Loading
