On Thu, Aug 06, 2009, Thomas Harning Jr. wrote: > The SMIME generation code incorrectly hard-codes the 'micalg=sha1' > parameter. This should be parametrized to use the proper > SMIME-specified algorithm name. > > OpenSSL 0.9.8k > crypto/pkcs7/pk7_mime.c > ~~171-176 in SMIME_write_PKCS7 > bound[32] = 0; > BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); > BIO_printf(bio, "Content-Type: multipart/signed;"); > BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); > BIO_printf(bio, " micalg=sha1; boundary=\"----%s\"%s%s", > bound, mime_eol, mime_eol); > BIO_printf(bio, "This is an S/MIME signed message%s%s", > mime_eol, mime_eol); > OpenSSL 0.9.8 - > crypto/pkcs7/pk7_smime.c > ~~ 173-179 ... same code exactly >
Ah, noted. The CMS code handles things correctly as does the PKCS#7 code in 1.0.0, the changes should be backported though. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
