[dev] [commits] Horde branch master updated. 900790ecbb506e850e5e6f03823ad293dc2d370d

Jan Schneider jan at horde.org
Thu Apr 27 22:29:27 UTC 2017 

Zitat von Michael J. Rubinsky <mrubinsk at horde.org>:

> The branch "master" has been updated.
> The following is a summary of the commits.
>
> from: 076b00cfe4db6a0fa44b8b1b7d07e96996ab1b33
>
> 76c0d9d Set the micalg header parameter correctly when using SHA-256.
> fa2dca3 Pass the openssl path too.
> 900790e BFN
>
> Summary:  
> http://github.com/horde/horde/compare/076b00cfe4db6a0fa44b8b1b7d07e96996ab1b33...900790ecbb506e850e5e6f03823ad293dc2d370d
>
> -----------------------------------------------------------------------
>
> commit 76c0d9d3f2af854e8b34e3536af68100332a203c
> Author: Michael J Rubinsky <mrubinsk at horde.org>
> Date:   Thu Apr 27 00:42:20 2017 -0400
>
>     Set the micalg header parameter correctly when using SHA-256.
>
>     This took me the better part of a day to research and figure out,
>     so would appreciate a second pair of eyes and/or some testing.
>
>     New-ish versions of openssl use SHA-256 as the message digest alg.
>     when smime signing while other versions use SHA-1. This causes some
>     clients to reject the signature, which I believe to  be the correct
>     behavior.
>
>     PHP's openssl_pkcs7_* methods don't allow setting or reading the md
>     method so we are left with either parsing the entire DER binary
>     stream using something like phpseclib and pulling out the digest
>     method, forgoing the openssl_* methods and call the openssl executable's
>     smime tool to directly to do the signature, or we can use  
> openssl executable's
>     asn1parse command  and search for a known string indicating  
> SHA-256 is being used.
>
>     The first option is overkill, the second option would defeat the
>     purpose of having the more efficient openssl_* methods and would
>     require writing out a copy of the private key to temporary storage, so
>     I went with the third option.
>
>  framework/Crypt/lib/Horde/Crypt/Smime.php | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
>
> http://github.com/horde/horde/commit/76c0d9d3f2af854e8b34e3536af68100332a203c
>
> -----------------------------------------------------------------------

According to the OpenSSL documentation at the latest stable version  
(https://www.openssl.org/docs/man1.1.0/crypto/PKCS7_sign.html) but  
also at the current master version  
(https://www.openssl.org/docs/manmaster/man3/PKCS7_sign.html) is says:

"If a signer is specified it will use the default digest for the  
signing algorithm. This is SHA1 for both RSA and DSA keys."

The source tells a different story though:
https://github.com/openssl/openssl/blob/6f0ac0e2f27d9240516edb9a23b7863e7ad02898/crypto/dsa/dsa_ameth.c#L499

And this is the commit that changed the behavior:
https://github.com/openssl/openssl/commit/44e0c2bae4bfd87d770480902618dbccde84fd81

If we could find out what the default digest method for the used  
public keys is, we can use that. I would prefer a solution without  
using the openssl binary, because we are actually trying to get rid of  
it: https://github.com/horde/horde/pull/218



-- 
Jan Schneider
The Horde Project
https://www.horde.org/

More information about the dev mailing list