1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.24.5.orig/camel/camel-smime-context.c evolution-data-server-2.24.5/camel/camel-smime-context.c
--- evolution-data-server-2.24.5.orig/camel/camel-smime-context.c 2008-09-22 06:53:58.000000000 -0400
+++ evolution-data-server-2.24.5/camel/camel-smime-context.c 2009-03-07 14:52:57.000000000 -0500
@@ -40,6 +40,7 @@
#include <smime.h>
#include <pkcs11t.h>
#include <pk11func.h>
+#include <secoid.h>
#include <errno.h>
@@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte
for (i = 0; i < count; i++) {
NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
+ int which_digest;
switch (typetag) {
case SEC_OID_PKCS7_SIGNED_DATA:
@@ -543,44 +545,49 @@ sm_verify_cmsg(CamelCipherContext *conte
goto fail;
}
- /* need to build digests of the content */
- if (!NSS_CMSSignedData_HasDigests(sigd)) {
- if (extstream == NULL) {
- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
- goto fail;
- }
-
- if ((poolp = PORT_NewArena(1024)) == NULL) {
- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
- goto fail;
- }
-
- digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
-
- digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
- if (digcx == NULL) {
- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
- goto fail;
- }
-
- mem = (CamelStreamMem *)camel_stream_mem_new();
- camel_stream_write_to_stream(extstream, (CamelStream *)mem);
- NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
- camel_object_unref(mem);
-
- if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
- goto fail;
- }
-
- if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
- goto fail;
- }
- PORT_FreeArena(poolp, PR_FALSE);
- poolp = NULL;
+ if (extstream == NULL) {
+ set_nss_error (ex, _("Digests missing from enveloped data"));
+ goto fail;
+ }
+
+ if ((poolp = PORT_NewArena(1024)) == NULL) {
+ set_nss_error (ex, g_strerror (ENOMEM));
+ goto fail;
}
+
+ digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
+
+ digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
+ if (digcx == NULL) {
+ set_nss_error (ex, _("Cannot calculate digests"));
+ goto fail;
+ }
+
+ mem = (CamelStreamMem *)camel_stream_mem_new();
+ camel_stream_write_to_stream(extstream, (CamelStream *)mem);
+ NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
+ camel_object_unref(mem);
+
+ if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
+ set_nss_error (ex, _("Cannot calculate digests"));
+ goto fail;
+ }
+
+ for (which_digest = 0; digests[which_digest] != NULL; which_digest++) {
+ SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm);
+ if (digest_alg == NULL) {
+ set_nss_error (ex, _("Cannot set message digests"));
+ goto fail;
+ }
+ if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) {
+ set_nss_error (ex, _("Cannot set message digests"));
+ goto fail;
+ }
+ }
+
+ PORT_FreeArena(poolp, PR_FALSE);
+ poolp = NULL;
/* import all certificates present */
if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {
|