[horde] Crypt/Smime.php: (wrong) hardcoded header information for diges algorithm

Stephan Lauffer lauffer at ph-freiburg.de
Tue May 2 09:20:24 UTC 2017


Hello Michael,

Zitat von Michael J Rubinsky <mrubinsk at horde.org>:

> Quoting Stephan Lauffer <lauffer at ph-freiburg.de>:
>
>> Hello!
>>
>> In file ../Horde/Crypt/Smime.php we have a hardcoded header  
>> information for the used diges algorithm, see  public function  
>> signMIMEPart($mime_part, $params) about line 247, 248:
>>
>>       // Per RFC 5751 [3.4.3.2], 'sha1' has been deprecated for 'sha-1'.
>>       $smime_part->setContentTypeParameter('micalg', 'sha-1');
>>
>> The problem now is that (our) newer distributions opensuse-42.2  
>> with newer openssl, php5-openssl use sha2 algorithm. So the header  
>> information than is wrong then.
>>
>> We noticed that thunderbird (old stable 45* and brand new beta) has  
>> problems with this wron information. Outlook is ok, openssl checks  
>> are well, too.
>>
>> Cross reference to the mozilla bug:  
>> https://bugzilla.mozilla.org/show_bug.cgi?id=1359327
>
> I've added some code that detects the message digest alg in use.  
> Well, more accurately, it detects if it's SHA-256 and if it's not,  
> it assumes SHA-1. In addition to the change in Horde/Crypt, it will  
> require changes in IMP to pass the path of openssl to the  
> signMIMEPart() method.
>
> https://github.com/horde/horde/commit/76c0d9d3f2af854e8b34e3536af68100332a203c
>
> and
>
> https://github.com/horde/horde/commit/993f494e6c68e13794581aa7f479817ddc648664
>
> or, for IMP in Git master:
>
> https://github.com/horde/horde/commit/fa2dca36da724f55992761b1cbc8d3c505212ce7
>
> Please let me know if this fixes things on your end.

Thank you and sorry for the late reply.

Looks good here, the patch fixes our problem.


-- 
Liebe Gruesse, with best regards
Stephan Lauffer

Pedagogical University Freiburg - Germany
http://www.ph-freiburg.de/zik/
Fon/ Fax: +49 761 682 -559/ -486
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5962 bytes
Desc: S/MIME-Signatur
URL: <https://lists.horde.org/archives/horde/attachments/20170502/a020678c/attachment.bin>


More information about the horde mailing list