[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Fri Nov 25 20:52:18 UTC 2016
The branch master has been updated
via c6d67f09f34d8203c5bad7171ed45ec8771c9764 (commit)
via a5abd438f85737ffa56320b67c5ef5525fc495c3 (commit)
from 5ae5dc96610f0a598dac9d2f267b5c0ddd77b2e4 (commit)
- Log -----------------------------------------------------------------
commit c6d67f09f34d8203c5bad7171ed45ec8771c9764
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Nov 22 22:07:16 2016 +0000
add CMS SHA1 signing test
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit a5abd438f85737ffa56320b67c5ef5525fc495c3
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Tue Nov 22 21:59:21 2016 +0000
Fix ctrl operation for SHA1/MD5SHA1.
This makes S/MIME and CMS signing in MIME format for SHA1 work again.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/m_md5_sha1.c | 7 ++++++-
crypto/evp/m_sha1.c | 7 ++++++-
test/recipes/80-test_cms.t | 8 ++++++++
3 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c
index 1213ff6..2d98886 100644
--- a/crypto/evp/m_md5_sha1.c
+++ b/crypto/evp/m_md5_sha1.c
@@ -52,11 +52,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
unsigned char padtmp[48];
unsigned char md5tmp[MD5_DIGEST_LENGTH];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
+ struct md5_sha1_ctx *mctx;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+ return -2;
+
+ if (ctx == NULL)
return 0;
+ mctx = EVP_MD_CTX_md_data(ctx);
+
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index 4f00956..8f30077 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -36,11 +36,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
unsigned char padtmp[40];
unsigned char sha1tmp[SHA_DIGEST_LENGTH];
- SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
+ SHA_CTX *sha1;
if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+ return -2;
+
+ if (ctx == NULL)
return 0;
+ sha1 = EVP_MD_CTX_md_data(ctx);
+
/* SSLv3 client auth handling: see RFC-6101 5.6.8 */
if (mslen != 48)
return 0;
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 40fcf7c..264c7d6 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -107,6 +107,14 @@ my @smime_pkcs7_tests = (
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
],
+ [ "signed content S/MIME format, RSA key SHA1",
+ [ "-sign", "-in", $smcont, "-md", "sha1",
+ "-certfile", catfile($smdir, "smroot.pem"),
+ "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ],
+ [ "-verify", "-in", "test.cms",
+ "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
+ ],
+
[ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
[ "-sign", "-in", $smcont, "-nodetach",
"-signer", catfile($smdir, "smrsa1.pem"),
More information about the openssl-commits
mailing list