From d0375813d86145111e6bc5da07e565157de451e9 Mon Sep 17 00:00:00 2001 From: Not Zed Date: Wed, 5 Nov 2003 00:42:40 +0000 Subject: new (unfinished) api to peek inside smime parts to tell us whats in it. 2003-11-05 Not Zed * camel-smime-context.c (camel_smime_context_describe_part): new (unfinished) api to peek inside smime parts to tell us whats in it. 2003-11-03 Not Zed * camel-gpg-context.c (gpg_encrypt): Make this output the full multipart/encrypted part, not just the encrypted content part. * camel-cipher-context.c (camel_cipher_sign): change to output full mime part, not just a stream. (camel_cipher_canonical_to_stream): utility function to canonicalise a mimepart to a stream. * camel-smime-context.c (sm_encode_cmsmessage): removed. (sm_sign): change interface to output a full mime-part, not just a part of a mime part in multipart/signed mode. svn path=/trunk/; revision=23187 --- camel/camel-smime-context.c | 165 ++++++++++++++++++++++++-------------------- 1 file changed, 90 insertions(+), 75 deletions(-) (limited to 'camel/camel-smime-context.c') diff --git a/camel/camel-smime-context.c b/camel/camel-smime-context.c index 9fad5a1f11..75cbba9e2b 100644 --- a/camel/camel-smime-context.c +++ b/camel/camel-smime-context.c @@ -39,11 +39,14 @@ #include #include +#include + #include #include #include #include +#include #include #include #include @@ -105,6 +108,12 @@ camel_smime_context_set_sign_mode(CamelSMIMEContext *context, camel_smime_sign_t context->priv->sign_mode = type; } +guint32 +camel_smime_context_describe_part(CamelSMIMEContext *context, CamelMimePart *part) +{ + return 0; +} + static const char * sm_hash_to_id(CamelCipherContext *context, CamelCipherHash hash) { @@ -307,13 +316,44 @@ fail: } static int -sm_encode_cmsmessage(CamelSMIMEContext *context, NSSCMSMessage *cmsg, CamelStream *instream, CamelStream *out, CamelException *ex) +sm_sign(CamelCipherContext *context, const char *userid, CamelCipherHash hash, CamelMimePart *ipart, CamelMimePart *opart, CamelException *ex) { + int res = -1; + NSSCMSMessage *cmsg; + CamelStream *ostream, *istream; + SECOidTag sechash; NSSCMSEncoderContext *enc; - CamelStreamMem *mem = NULL; + CamelDataWrapper *dw; + CamelContentType *ct; + + switch (hash) { + case CAMEL_CIPHER_HASH_SHA1: + case CAMEL_CIPHER_HASH_DEFAULT: + default: + sechash = SEC_OID_SHA1; + break; + case CAMEL_CIPHER_HASH_MD5: + sechash = SEC_OID_MD5; + break; + } + + cmsg = sm_signing_cmsmessage((CamelSMIMEContext *)context, userid, sechash, + ((CamelSMIMEContext *)context)->priv->sign_mode == CAMEL_SMIME_SIGN_CLEARSIGN, ex); + if (cmsg == NULL) + return -1; + + ostream = camel_stream_mem_new(); + + /* FIXME: stream this, we stream output at least */ + istream = camel_stream_mem_new(); + if (camel_cipher_canonical_to_stream(ipart, istream) == -1) { + camel_exception_setv(ex, CAMEL_EXCEPTION_SYSTEM, + _("Could not generate signing data: %s"), g_strerror(errno)); + goto fail; + } enc = NSS_CMSEncoder_Start(cmsg, - sm_write_stream, out, /* DER output callback */ + sm_write_stream, ostream, /* DER output callback */ NULL, NULL, /* destination storage */ sm_get_passwd, context, /* password callback */ NULL, NULL, /* decrypt key callback */ @@ -323,13 +363,7 @@ sm_encode_cmsmessage(CamelSMIMEContext *context, NSSCMSMessage *cmsg, CamelStrea goto fail; } - /* Note: see rfc2015 or rfc3156, section 5 */ - - /* FIXME: stream this, we stream output at least */ - mem = (CamelStreamMem *)camel_stream_mem_new(); - camel_stream_write_to_stream(instream, (CamelStream *)mem); - - if (NSS_CMSEncoder_Update(enc, mem->buffer->data, mem->buffer->len) != SECSuccess) { + if (NSS_CMSEncoder_Update(enc, ((CamelStreamMem *)istream)->buffer->data, ((CamelStreamMem *)istream)->buffer->len) != SECSuccess) { NSS_CMSEncoder_Cancel(enc); camel_exception_setv(ex, 1, "Failed to add data to CMS encoder"); goto fail; @@ -340,81 +374,62 @@ sm_encode_cmsmessage(CamelSMIMEContext *context, NSSCMSMessage *cmsg, CamelStrea goto fail; } - camel_object_unref(mem); - - return 0; - -fail: - if (mem) - camel_object_unref(mem); + res = 0; - return -1; -} - -static int -sm_sign(CamelCipherContext *ctx, const char *userid, CamelCipherHash hash, CamelStream *istream, CamelMimePart *sigpart, CamelException *ex) -{ - int res; - NSSCMSMessage *cmsg; - CamelStream *ostream; - SECOidTag sechash; - - switch (hash) { - case CAMEL_CIPHER_HASH_SHA1: - case CAMEL_CIPHER_HASH_DEFAULT: - default: - sechash = SEC_OID_SHA1; - break; - case CAMEL_CIPHER_HASH_MD5: - sechash = SEC_OID_MD5; - break; - } - - cmsg = sm_signing_cmsmessage((CamelSMIMEContext *)ctx, userid, sechash, - ((CamelSMIMEContext *)ctx)->priv->sign_mode == CAMEL_SMIME_SIGN_CLEARSIGN, ex); - if (cmsg == NULL) - return -1; - - ostream = camel_stream_mem_new(); - res = sm_encode_cmsmessage((CamelSMIMEContext *)ctx, cmsg, istream, ostream, ex); - NSS_CMSMessage_Destroy(cmsg); - - if (res == 0) { - CamelDataWrapper *dw; - CamelContentType *ct; + dw = camel_data_wrapper_new(); + camel_stream_reset(ostream); + camel_data_wrapper_construct_from_stream(dw, ostream); + dw->encoding = CAMEL_TRANSFER_ENCODING_BINARY; - dw = camel_data_wrapper_new(); - camel_stream_reset(ostream); - camel_data_wrapper_construct_from_stream(dw, ostream); - dw->encoding = CAMEL_TRANSFER_ENCODING_BINARY; + if (((CamelSMIMEContext *)context)->priv->sign_mode == CAMEL_SMIME_SIGN_CLEARSIGN) { + CamelMultipartSigned *mps; + CamelMimePart *sigpart; - if (((CamelSMIMEContext *)ctx)->priv->sign_mode == CAMEL_SMIME_SIGN_CLEARSIGN) { - ct = camel_content_type_new("application", "x-pkcs7-signature"); - camel_content_type_set_param(ct, "name", "smime.p7s"); - camel_data_wrapper_set_mime_type_field(dw, ct); - camel_content_type_unref(ct); + sigpart = camel_mime_part_new(); + ct = camel_content_type_new("application", "x-pkcs7-signature"); + camel_content_type_set_param(ct, "name", "smime.p7s"); + camel_data_wrapper_set_mime_type_field(dw, ct); + camel_content_type_unref(ct); - camel_mime_part_set_filename(sigpart, "smime.p7s"); - } else { - ct = camel_content_type_new("application", "x-pkcs7-mime"); - camel_content_type_set_param(ct, "name", "smime.p7m"); - camel_content_type_set_param(ct, "smime-type", "signed-data"); - camel_data_wrapper_set_mime_type_field(dw, ct); - camel_content_type_unref(ct); - - camel_mime_part_set_filename(sigpart, "smime.p7m"); - camel_mime_part_set_description(sigpart, "S/MIME Signed Message"); - } + camel_medium_set_content_object((CamelMedium *)sigpart, dw); + camel_mime_part_set_filename(sigpart, "smime.p7s"); camel_mime_part_set_disposition(sigpart, "attachment"); camel_mime_part_set_encoding(sigpart, CAMEL_TRANSFER_ENCODING_BASE64); - camel_medium_set_content_object((CamelMedium *)sigpart, dw); - camel_object_unref(dw); + mps = camel_multipart_signed_new(); + ct = camel_content_type_new("multipart", "signed"); + camel_content_type_set_param(ct, "micalg", camel_cipher_hash_to_id(context, hash)); + camel_content_type_set_param(ct, "protocol", context->sign_protocol); + camel_data_wrapper_set_mime_type_field((CamelDataWrapper *)mps, ct); + camel_content_type_unref(ct); + camel_multipart_set_boundary((CamelMultipart *)mps, NULL); + + mps->signature = sigpart; + mps->contentraw = istream; + camel_stream_reset(istream); + camel_object_ref(istream); + + camel_medium_set_content_object((CamelMedium *)opart, (CamelDataWrapper *)mps); + } else { + ct = camel_content_type_new("application", "x-pkcs7-mime"); + camel_content_type_set_param(ct, "name", "smime.p7m"); + camel_content_type_set_param(ct, "smime-type", "signed-data"); + camel_data_wrapper_set_mime_type_field(dw, ct); + camel_content_type_unref(ct); + + camel_medium_set_content_object((CamelMedium *)opart, dw); + + camel_mime_part_set_filename(opart, "smime.p7m"); + camel_mime_part_set_description(opart, "S/MIME Signed Message"); + camel_mime_part_set_disposition(opart, "attachment"); + camel_mime_part_set_encoding(opart, CAMEL_TRANSFER_ENCODING_BASE64); } - - + + camel_object_unref(dw); +fail: camel_object_unref(ostream); + camel_object_unref(istream); return res; } -- cgit v1.2.3