[commits] Horde branch master updated. 900790ecbb506e850e5e6f03823ad293dc2d370d

Michael J. Rubinsky mrubinsk at horde.org
Thu Apr 27 04:53:57 UTC 2017 

The branch "master" has been updated.
The following is a summary of the commits.

from: 076b00cfe4db6a0fa44b8b1b7d07e96996ab1b33

76c0d9d Set the micalg header parameter correctly when using SHA-256.
fa2dca3 Pass the openssl path too.
900790e BFN

Summary: http://github.com/horde/horde/compare/076b00cfe4db6a0fa44b8b1b7d07e96996ab1b33...900790ecbb506e850e5e6f03823ad293dc2d370d

-----------------------------------------------------------------------

commit 76c0d9d3f2af854e8b34e3536af68100332a203c
Author: Michael J Rubinsky <mrubinsk at horde.org>
Date:   Thu Apr 27 00:42:20 2017 -0400

    Set the micalg header parameter correctly when using SHA-256.
    
    This took me the better part of a day to research and figure out,
    so would appreciate a second pair of eyes and/or some testing.
    
    New-ish versions of openssl use SHA-256 as the message digest alg.
    when smime signing while other versions use SHA-1. This causes some
    clients to reject the signature, which I believe to  be the correct
    behavior.
    
    PHP's openssl_pkcs7_* methods don't allow setting or reading the md
    method so we are left with either parsing the entire DER binary
    stream using something like phpseclib and pulling out the digest
    method, forgoing the openssl_* methods and call the openssl executable's
    smime tool to directly to do the signature, or we can use openssl executable's
    asn1parse command  and search for a known string indicating SHA-256 is being used.
    
    The first option is overkill, the second option would defeat the
    purpose of having the more efficient openssl_* methods and would
    require writing out a copy of the private key to temporary storage, so
    I went with the third option.

 framework/Crypt/lib/Horde/Crypt/Smime.php | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

http://github.com/horde/horde/commit/76c0d9d3f2af854e8b34e3536af68100332a203c

-----------------------------------------------------------------------

commit fa2dca36da724f55992761b1cbc8d3c505212ce7
Author: Michael J Rubinsky <mrubinsk at horde.org>
Date:   Thu Apr 27 00:51:52 2017 -0400

    Pass the openssl path too.

 imp/lib/Smime.php | 8 ++++++++
 1 file changed, 8 insertions(+)

http://github.com/horde/horde/commit/fa2dca36da724f55992761b1cbc8d3c505212ce7

-----------------------------------------------------------------------

commit 900790ecbb506e850e5e6f03823ad293dc2d370d
Author: Michael J Rubinsky <mrubinsk at horde.org>
Date:   Thu Apr 27 00:52:59 2017 -0400

    BFN

 framework/Crypt/package.xml | 2 ++
 1 file changed, 2 insertions(+)

http://github.com/horde/horde/commit/900790ecbb506e850e5e6f03823ad293dc2d370d

More information about the commits mailing list