Hello! I found out that openssl smime puts micalg: sha1 either message is hashed with sha1 or any other algorithm. It is hardcoded into current snapshot (20050112) of 0.9.8 version (crypto/pkcs7/pk7_mime.c).
RFC 2633 (http://www.ietf.org/rfc/rfc2633.txt) says: _______________________ The micalg parameter allows for one-pass processing when the signature is being verified. The value of the micalg parameter is dependent on the message digest algorithm(s) used in the calculation of the Message Integrity Check. If multiple message digest algorithms are used they MUST be separated by commas per [MIME-SECURE]. The values to be placed in the micalg parameter SHOULD be from the following: Algorithm Value used MD5 md5 SHA-1 sha1 Any other unknown ----------------------- So, is the hard-coded value a bug or a feature? -- SY, Dmitry Belyavsky (ICQ UIN 11116575) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
