The branch master has been updated via c6d67f09f34d8203c5bad7171ed45ec8771c9764 (commit) via a5abd438f85737ffa56320b67c5ef5525fc495c3 (commit) from 5ae5dc96610f0a598dac9d2f267b5c0ddd77b2e4 (commit)
- Log ----------------------------------------------------------------- commit c6d67f09f34d8203c5bad7171ed45ec8771c9764 Author: Dr. Stephen Henson <st...@openssl.org> Date: Tue Nov 22 22:07:16 2016 +0000 add CMS SHA1 signing test Reviewed-by: Rich Salz <rs...@openssl.org> commit a5abd438f85737ffa56320b67c5ef5525fc495c3 Author: Dr. Stephen Henson <st...@openssl.org> Date: Tue Nov 22 21:59:21 2016 +0000 Fix ctrl operation for SHA1/MD5SHA1. This makes S/MIME and CMS signing in MIME format for SHA1 work again. Reviewed-by: Rich Salz <rs...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/evp/m_md5_sha1.c | 7 ++++++- crypto/evp/m_sha1.c | 7 ++++++- test/recipes/80-test_cms.t | 8 ++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c index 1213ff6..2d98886 100644 --- a/crypto/evp/m_md5_sha1.c +++ b/crypto/evp/m_md5_sha1.c @@ -52,11 +52,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) unsigned char padtmp[48]; unsigned char md5tmp[MD5_DIGEST_LENGTH]; unsigned char sha1tmp[SHA_DIGEST_LENGTH]; - struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx); + struct md5_sha1_ctx *mctx; if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) + return -2; + + if (ctx == NULL) return 0; + mctx = EVP_MD_CTX_md_data(ctx); + /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ if (mslen != 48) return 0; diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 4f00956..8f30077 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -36,11 +36,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms) unsigned char padtmp[40]; unsigned char sha1tmp[SHA_DIGEST_LENGTH]; - SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx); + SHA_CTX *sha1; if (cmd != EVP_CTRL_SSL3_MASTER_SECRET) + return -2; + + if (ctx == NULL) return 0; + sha1 = EVP_MD_CTX_md_data(ctx); + /* SSLv3 client auth handling: see RFC-6101 5.6.8 */ if (mslen != 48) return 0; diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 40fcf7c..264c7d6 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -107,6 +107,14 @@ my @smime_pkcs7_tests = ( "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] ], + [ "signed content S/MIME format, RSA key SHA1", + [ "-sign", "-in", $smcont, "-md", "sha1", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", [ "-sign", "-in", $smcont, "-nodetach", "-signer", catfile($smdir, "smrsa1.pem"), _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits