Bug 541334 Add recognition of SHA-2 hashes when verifying S/MIME messages with detached signatures (application/pkcs7-signature). r=bienvenu,sr=Standard8
--- a/mailnews/mime/src/mimei.cpp
+++ b/mailnews/mime/src/mimei.cpp
@@ -676,16 +676,25 @@ mime_find_class (const char *content_typ
&& micalg
&& (!PL_strcasecmp(micalg, PARAM_MICALG_MD5) ||
!PL_strcasecmp(micalg, PARAM_MICALG_MD5_2) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_2) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_3) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_4) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_5) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA256) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA256_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA256_3) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA384) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA384_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA384_3) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA512) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA512_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA512_3) ||
!PL_strcasecmp(micalg, PARAM_MICALG_MD2))))
clazz = (MimeObjectClass *)&mimeMultipartSignedCMSClass;
else
clazz = 0;
PR_FREEIF(proto);
PR_FREEIF(micalg);
PR_FREEIF(ct);
}
--- a/mailnews/mime/src/mimemcms.cpp
+++ b/mailnews/mime/src/mimemcms.cpp
@@ -183,16 +183,28 @@ MimeMultCMS_init (MimeObject *obj)
!PL_strcasecmp(micalg, PARAM_MICALG_MD5_2))
hash_type = nsICryptoHash::MD5;
else if (!PL_strcasecmp(micalg, PARAM_MICALG_SHA1) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_2) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_3) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_4) ||
!PL_strcasecmp(micalg, PARAM_MICALG_SHA1_5))
hash_type = nsICryptoHash::SHA1;
+ else if (!PL_strcasecmp(micalg, PARAM_MICALG_SHA256) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA256_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA256_3))
+ hash_type = nsICryptoHash::SHA256;
+ else if (!PL_strcasecmp(micalg, PARAM_MICALG_SHA384) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA384_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA384_3))
+ hash_type = nsICryptoHash::SHA384;
+ else if (!PL_strcasecmp(micalg, PARAM_MICALG_SHA512) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA512_2) ||
+ !PL_strcasecmp(micalg, PARAM_MICALG_SHA512_3))
+ hash_type = nsICryptoHash::SHA512;
else if (!PL_strcasecmp(micalg, PARAM_MICALG_MD2))
hash_type = nsICryptoHash::MD2;
else
hash_type = -1;
PR_Free(micalg);
micalg = 0;
--- a/mailnews/mime/src/mimemcms.h
+++ b/mailnews/mime/src/mimemcms.h
@@ -35,16 +35,29 @@
*
* ***** END LICENSE BLOCK ***** */
#ifndef _MIMEMPKC_H_
#define _MIMEMPKC_H_
#include "mimemsig.h"
+#ifdef MOZILLA_1_9_2_BRANCH
+// On trunk these are defined in nsMimeTypes.h
+#define PARAM_MICALG_SHA256 "sha-256"
+#define PARAM_MICALG_SHA256_2 "sha256"
+#define PARAM_MICALG_SHA256_3 "2.16.840.1.101.3.4.2.1"
+#define PARAM_MICALG_SHA384 "sha-384"
+#define PARAM_MICALG_SHA384_2 "sha384"
+#define PARAM_MICALG_SHA384_3 "2.16.840.1.101.3.4.2.2"
+#define PARAM_MICALG_SHA512 "sha-512"
+#define PARAM_MICALG_SHA512_2 "sha512"
+#define PARAM_MICALG_SHA512_3 "2.16.840.1.101.3.4.2.3"
+#endif
+
class nsICMSMessage;
/* The MimeMultipartSignedCMS class implements a multipart/signed MIME
container with protocol=application/x-CMS-signature, which passes the
signed object through CMS code to verify the signature. See mimemsig.h
for details of the general mechanism on which this is built.
*/
