aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--camel/ChangeLog16
-rw-r--r--camel/camel-cipher-context.c24
-rw-r--r--camel/camel-cipher-context.h8
-rw-r--r--camel/camel-pgp-context.c16
-rw-r--r--camel/camel-pgp-context.h2
-rw-r--r--camel/camel-pgp-mime.c2
-rw-r--r--camel/camel-smime-context.c34
-rw-r--r--camel/camel-smime-context.h2
-rw-r--r--camel/camel-smime.c30
9 files changed, 95 insertions, 39 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog
index d4a18f865b..c75824811d 100644
--- a/camel/ChangeLog
+++ b/camel/ChangeLog
@@ -1,5 +1,21 @@
2001-05-14 Jeffrey Stedfast <fejj@ximian.com>
+ * camel-smime-context.c: Lots of fixes to get this to almost
+ compile. Still struggling with the fact that CERTCertDBHandle is
+ an "incomplete type". *sigh*.
+
+ * camel-smime.c (camel_smime_part_verify): Updated to pass in a
+ hash argument to camel_smime_verify().
+
+ * camel-pgp-mime.c (camel_pgp_mime_part_verify): Update according
+ to the changes in the context API.
+
+ * camel-pgp-context.c (pgp_verify): Updated to take a
+ CamelCipherHash argument.
+
+ * camel-cipher-context.c (camel_cipher_verify): Now takes a hash
+ argument since the S/MIME code needs this.
+
* Makefile.am: Add camel-smime-context.[c,h] and camel-smime.[c,h]
to the build.
diff --git a/camel/camel-cipher-context.c b/camel/camel-cipher-context.c
index dde023eb10..68ead9d01b 100644
--- a/camel/camel-cipher-context.c
+++ b/camel/camel-cipher-context.c
@@ -51,15 +51,17 @@ struct _CamelCipherContextPrivate {
static int cipher_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
CamelStream *istream, CamelStream *ostream, CamelException *ex);
-static int cipher_clearsign (CamelCipherContext *context, const char *userid, CamelCipherHash hash,
- CamelStream *istream, CamelStream *ostream, CamelException *ex);
-static CamelCipherValidity *cipher_verify (CamelCipherContext *context, CamelStream *istream,
- CamelStream *sigstream, CamelException *ex);
+static int cipher_clearsign (CamelCipherContext *context, const char *userid,
+ CamelCipherHash hash, CamelStream *istream,
+ CamelStream *ostream, CamelException *ex);
+static CamelCipherValidity *cipher_verify (CamelCipherContext *context, CamelCipherHash hash,
+ CamelStream *istream, CamelStream *sigstream,
+ CamelException *ex);
static int cipher_encrypt (CamelCipherContext *context, gboolean sign, const char *userid,
- GPtrArray *recipients, CamelStream *istream, CamelStream *ostream,
- CamelException *ex);
-static int cipher_decrypt (CamelCipherContext *context, CamelStream *istream, CamelStream *ostream,
- CamelException *ex);
+ GPtrArray *recipients, CamelStream *istream,
+ CamelStream *ostream, CamelException *ex);
+static int cipher_decrypt (CamelCipherContext *context, CamelStream *istream,
+ CamelStream *ostream, CamelException *ex);
static CamelObjectClass *parent_class;
@@ -242,7 +244,7 @@ camel_cipher_clearsign (CamelCipherContext *context, const char *userid, CamelCi
static CamelCipherValidity *
-cipher_verify (CamelCipherContext *context, CamelStream *istream,
+cipher_verify (CamelCipherContext *context, CamelCipherHash hash, CamelStream *istream,
CamelStream *sigstream, CamelException *ex)
{
camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM,
@@ -267,7 +269,7 @@ cipher_verify (CamelCipherContext *context, CamelStream *istream,
* execute at all.
**/
CamelCipherValidity *
-camel_cipher_verify (CamelCipherContext *context, CamelStream *istream,
+camel_cipher_verify (CamelCipherContext *context, CamelCipherHash hash, CamelStream *istream,
CamelStream *sigstream, CamelException *ex)
{
CamelCipherValidity *valid;
@@ -276,7 +278,7 @@ camel_cipher_verify (CamelCipherContext *context, CamelStream *istream,
CIPHER_LOCK(context);
- valid = CCC_CLASS (context)->verify (context, istream, sigstream, ex);
+ valid = CCC_CLASS (context)->verify (context, hash, istream, sigstream, ex);
CIPHER_UNLOCK(context);
diff --git a/camel/camel-cipher-context.h b/camel/camel-cipher-context.h
index acc1a88f90..06846e5840 100644
--- a/camel/camel-cipher-context.h
+++ b/camel/camel-cipher-context.h
@@ -64,8 +64,9 @@ typedef struct _CamelCipherContextClass {
int (*clearsign) (CamelCipherContext *context, const char *userid, CamelCipherHash hash,
CamelStream *istream, CamelStream *ostream, CamelException *ex);
- CamelCipherValidity * (*verify) (CamelCipherContext *context, CamelStream *istream,
- CamelStream *sigstream, CamelException *ex);
+ CamelCipherValidity * (*verify) (CamelCipherContext *context, CamelCipherHash hash,
+ CamelStream *istream, CamelStream *sigstream,
+ CamelException *ex);
int (*encrypt) (CamelCipherContext *context, gboolean sign, const char *userid,
GPtrArray *recipients, CamelStream *istream, CamelStream *ostream,
@@ -89,7 +90,8 @@ int camel_cipher_sign (CamelCipherContext *context, const char
int camel_cipher_clearsign (CamelCipherContext *context, const char *userid, CamelCipherHash hash,
CamelStream *istream, CamelStream *ostream, CamelException *ex);
-CamelCipherValidity *camel_cipher_verify (CamelCipherContext *context, CamelStream *istream, CamelStream *sigstream,
+CamelCipherValidity *camel_cipher_verify (CamelCipherContext *context, CamelCipherHash hash,
+ CamelStream *istream, CamelStream *sigstream,
CamelException *ex);
int camel_cipher_encrypt (CamelCipherContext *context, gboolean sign, const char *userid,
diff --git a/camel/camel-pgp-context.c b/camel/camel-pgp-context.c
index c19756a135..a3945a22fe 100644
--- a/camel/camel-pgp-context.c
+++ b/camel/camel-pgp-context.c
@@ -62,15 +62,17 @@ struct _CamelPgpContextPrivate {
static int pgp_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
CamelStream *istream, CamelStream *ostream, CamelException *ex);
-static int pgp_clearsign (CamelCipherContext *context, const char *userid, CamelCipherHash hash,
- CamelStream *istream, CamelStream *ostream, CamelException *ex);
-static CamelCipherValidity *pgp_verify (CamelCipherContext *context, CamelStream *istream,
- CamelStream *sigstream, CamelException *ex);
+static int pgp_clearsign (CamelCipherContext *context, const char *userid,
+ CamelCipherHash hash, CamelStream *istream,
+ CamelStream *ostream, CamelException *ex);
+static CamelCipherValidity *pgp_verify (CamelCipherContext *context, CamelCipherHash hash,
+ CamelStream *istream, CamelStream *sigstream,
+ CamelException *ex);
static int pgp_encrypt (CamelCipherContext *context, gboolean sign, const char *userid,
GPtrArray *recipients, CamelStream *istream, CamelStream *ostream,
CamelException *ex);
-static int pgp_decrypt (CamelCipherContext *context, CamelStream *istream, CamelStream *ostream,
- CamelException *ex);
+static int pgp_decrypt (CamelCipherContext *context, CamelStream *istream,
+ CamelStream *ostream, CamelException *ex);
static CamelCipherContextClass *parent_class;
@@ -845,7 +847,7 @@ swrite (CamelStream *istream)
static CamelCipherValidity *
-pgp_verify (CamelCipherContext *ctx, CamelStream *istream,
+pgp_verify (CamelCipherContext *ctx, CamelCipherHash hash, CamelStream *istream,
CamelStream *sigstream, CamelException *ex)
{
CamelPgpContext *context = CAMEL_PGP_CONTEXT (ctx);
diff --git a/camel/camel-pgp-context.h b/camel/camel-pgp-context.h
index 0f4f705d64..ce234db5b6 100644
--- a/camel/camel-pgp-context.h
+++ b/camel/camel-pgp-context.h
@@ -67,7 +67,7 @@ CamelPgpContext *camel_pgp_context_new (CamelSession *session, CamelPgpType typ
#define camel_pgp_clearsign(c, u, h, i, o, e) camel_cipher_clearsign (CAMEL_CIPHER_CONTEXT (c), u, h, i, o, e)
-#define camel_pgp_verify(c, i, s, e) camel_cipher_verify (CAMEL_CIPHER_CONTEXT (c), i, s, e)
+#define camel_pgp_verify(c, h, i, s, e) camel_cipher_verify (CAMEL_CIPHER_CONTEXT (c), h, i, s, e)
#define camel_pgp_encrypt(c, s, u, r, i, o, e) camel_cipher_encrypt (CAMEL_CIPHER_CONTEXT (c), s, u, r, i, o, e)
diff --git a/camel/camel-pgp-mime.c b/camel/camel-pgp-mime.c
index ba91804579..adbbb08d39 100644
--- a/camel/camel-pgp-mime.c
+++ b/camel/camel-pgp-mime.c
@@ -358,7 +358,7 @@ camel_pgp_mime_part_verify (CamelPgpContext *context, CamelMimePart *mime_part,
camel_stream_reset (sigstream);
/* verify */
- valid = camel_pgp_verify (context, stream, sigstream, ex);
+ valid = camel_pgp_verify (context, CAMEL_CIPHER_HASH_DEFAULT, stream, sigstream, ex);
camel_object_unref (CAMEL_OBJECT (sigstream));
camel_object_unref (CAMEL_OBJECT (stream));
diff --git a/camel/camel-smime-context.c b/camel/camel-smime-context.c
index 76d0064a53..9033e459dc 100644
--- a/camel/camel-smime-context.c
+++ b/camel/camel-smime-context.c
@@ -32,8 +32,12 @@
#include "nss.h"
#include <cert.h>
+#include <certt.h>
+#include <certdb.h>
+#include <keylow.h>
#include <secpkcs7.h>
#include <secmime.h>
+#include <smime.h>
#include <gtk/gtk.h> /* for _() macro */
@@ -49,8 +53,9 @@ static int smime_sign (CamelCipherContext *ctx, const char *use
static int smime_clearsign (CamelCipherContext *context, const char *userid,
CamelCipherHash hash, CamelStream *istream,
CamelStream *ostream, CamelException *ex);
-static CamelCipherValidity *smime_verify (CamelCipherContext *context, CamelStream *istream,
- CamelStream *sigstream, CamelException *ex);
+static CamelCipherValidity *smime_verify (CamelCipherContext *context, CamelCipherHash hash,
+ CamelStream *istream, CamelStream *sigstream,
+ CamelException *ex);
static int smime_encrypt (CamelCipherContext *context, gboolean sign, const char *userid,
GPtrArray *recipients, CamelStream *istream, CamelStream *ostream,
CamelException *ex);
@@ -133,11 +138,11 @@ camel_smime_context_new (CamelSession *session, const char *certdb)
context = CAMEL_SMIME_CONTEXT (camel_object_new (CAMEL_SMIME_CONTEXT_TYPE));
- camel_cipher_construct (CAMEL_CIPHER_CONTEXT (context), session);
+ camel_cipher_context_construct (CAMEL_CIPHER_CONTEXT (context), session);
handle = g_new0 (CERTCertDBHandle, 1);
if (certdb) {
- if (!CERT_OpenCertDBFilename (handle, certdb, FALSE)) {
+ if (!CERT_OpenCertDBFilename (handle, (char *) certdb, FALSE)) {
g_free (handle);
return NULL;
}
@@ -257,7 +262,7 @@ nss_hash_to_sec_oid (HASH_HashType hash)
return SEC_OID_MD2;
case HASH_AlgMD5:
return SEC_OID_MD5;
- case Hash_AlgSHA1:
+ case HASH_AlgSHA1:
return SEC_OID_SHA1;
default:
g_assert_not_reached ();
@@ -268,7 +273,7 @@ nss_hash_to_sec_oid (HASH_HashType hash)
static int
smime_digest (SECItem *data, char *digestdata, unsigned int *len, unsigned int maxlen, HASH_HashType hash)
{
- SECHashObject *hashObj;
+ const SECHashObject *hashObj;
void *hashcx;
hashObj = &SECHashObjects[hash];
@@ -327,7 +332,7 @@ smime_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
camel_object_unref (CAMEL_OBJECT (stream));
- cert = CERT_FindCertByNickname (context->priv->certdb, userid);
+ cert = CERT_FindCertByNickname (context->priv->certdb, (char *) userid);
if (!cert) {
camel_exception_setv (ex, CAMEL_EXCEPTION_SYSTEM,
_("Could not sign: certificate not found for \"%s\"."),
@@ -419,6 +424,7 @@ smime_verify (CamelCipherContext *ctx, CamelCipherHash hash, CamelStream *istrea
SECCertUsage usage;
GByteArray *plaintext;
CamelStream *stream;
+ gboolean isvalid;
/* create our ContentInfo object */
stream = camel_stream_mem_new ();
@@ -460,13 +466,15 @@ smime_verify (CamelCipherContext *ctx, CamelCipherHash hash, CamelStream *istrea
break;
}
- valid->valid = SEC_PKCS7VerifyDetachedSignature (cinfo, usage, &digest,
- digest_type, PR_FALSE);
+ isvalid = SEC_PKCS7VerifyDetachedSignature (cinfo, usage, &digest,
+ digest_type, PR_FALSE);
camel_object_unref (CAMEL_OBJECT (stream));
} else {
- valid->valid = SEC_PKCS7VerifySignature (cinfo, usage, PR_FALSE);
+ isvalid = SEC_PKCS7VerifySignature (cinfo, usage, PR_FALSE);
}
+ camel_cipher_validity_set_valid (valid, isvalid);
+
SEC_PKCS7DestroyContentInfo (cinfo);
/* FIXME: set a meaningful description...in UTF8 */
@@ -487,7 +495,6 @@ smime_encrypt (CamelCipherContext *ctx, gboolean sign, const char *userid, GPtrA
struct _GetPasswdData *data;
CamelStream *stream = NULL;
CERTCertificate *scert;
- SECItem secdata;
GByteArray *buf;
int i = 0;
@@ -497,7 +504,7 @@ smime_encrypt (CamelCipherContext *ctx, gboolean sign, const char *userid, GPtrA
g_return_val_if_fail (istream != NULL, -1);
g_return_val_if_fail (ostream != NULL, -1);
- scert = CERT_FindCertByNickname (context->priv->certdb, userid);
+ scert = CERT_FindCertByNickname (context->priv->certdb, (char *) userid);
if (!scert) {
invalid_userkey = recipients->pdata[i];
goto exception;
@@ -518,7 +525,7 @@ smime_encrypt (CamelCipherContext *ctx, gboolean sign, const char *userid, GPtrA
g_ptr_array_add (certificates, NULL);
data = g_new (struct _GetPasswdData, 1);
- data->session = session;
+ data->session = ctx->session;
data->userid = userid;
data->ex = ex;
@@ -593,7 +600,6 @@ static int
smime_decrypt (CamelCipherContext *ctx, CamelStream *istream,
CamelStream *ostream, CamelException *ex)
{
- CamelSMimeContext *context = CAMEL_SMIME_CONTEXT (ctx);
struct _GetPasswdData *data;
SEC_PKCS7DecoderContext *dcx;
SEC_PKCS7ContentInfo *cinfo;
diff --git a/camel/camel-smime-context.h b/camel/camel-smime-context.h
index a132c3918f..867f09036f 100644
--- a/camel/camel-smime-context.h
+++ b/camel/camel-smime-context.h
@@ -60,7 +60,7 @@ CamelSMimeContext *camel_smime_context_new (CamelSession *session, const char
#define camel_smime_clearsign(c, u, h, i, o, e) camel_cipher_clearsign (CAMEL_CIPHER_CONTEXT (c), u, h, i, o, e)
-#define camel_smime_verify(c, i, s, e) camel_cipher_verify (CAMEL_CIPHER_CONTEXT (c), i, s, e)
+#define camel_smime_verify(c, h, i, s, e) camel_cipher_verify (CAMEL_CIPHER_CONTEXT (c), h, i, s, e)
#define camel_smime_encrypt(c, s, u, r, i, o, e) camel_cipher_encrypt (CAMEL_CIPHER_CONTEXT (c), s, u, r, i, o, e)
diff --git a/camel/camel-smime.c b/camel/camel-smime.c
index 291329fb53..587fcb6057 100644
--- a/camel/camel-smime.c
+++ b/camel/camel-smime.c
@@ -307,6 +307,28 @@ camel_smime_part_sign (CamelSMimeContext *context, CamelMimePart **mime_part, co
camel_object_unref (CAMEL_OBJECT (multipart));
}
+struct {
+ char *name;
+ CamelCipherHash hash;
+} known_hash_types[] = {
+ { "md5", CAMEL_CIPHER_HASH_MD5 },
+ { "rsa-md5", CAMEL_CIPHER_HASH_MD5 },
+ { "sha1", CAMEL_CIPHER_HASH_SHA1 },
+ { "rsa-sha1", CAMEL_CIPHER_HASH_SHA1 },
+ { NULL, CAMEL_CIPHER_HASH_DEFAULT }
+};
+
+static CamelCipherHash
+get_hash_type (const char *string)
+{
+ int i;
+
+ for (i = 0; known_hash_types[i].name; i++)
+ if (!g_strcasecmp (known_hash_types[i].name, string))
+ return known_hash_types[i].hash;
+
+ return CAMEL_CIPHER_HASH_DEFAULT;
+}
/**
* camel_smime_part_verify:
@@ -325,7 +347,10 @@ camel_smime_part_verify (CamelSMimeContext *context, CamelMimePart *mime_part, C
CamelStreamFilter *filtered_stream;
CamelMimeFilter *crlf_filter, *from_filter;
CamelStream *stream, *sigstream;
+ CamelContentType *type;
CamelCipherValidity *valid;
+ CamelCipherHash hash;
+ const char *hash_str;
g_return_val_if_fail (mime_part != NULL, NULL);
g_return_val_if_fail (CAMEL_IS_MIME_PART (mime_part), NULL);
@@ -359,7 +384,10 @@ camel_smime_part_verify (CamelSMimeContext *context, CamelMimePart *mime_part, C
camel_stream_reset (sigstream);
/* verify */
- valid = camel_smime_verify (context, stream, sigstream, ex);
+ type = camel_mime_part_get_content_type (sigpart);
+ hash_str = header_content_type_param (type, "micalg");
+ hash = get_hash_type (hash_str);
+ valid = camel_smime_verify (context, hash, stream, sigstream, ex);
camel_object_unref (CAMEL_OBJECT (sigstream));
camel_object_unref (CAMEL_OBJECT (stream));