Enigma: Set micalg parameter to real hash algorithm used for signing

pull/5690/head
Aleksander Machniak 8 years ago
parent f2ab7ec929
commit 9028e77290

@ -131,4 +131,12 @@ abstract class enigma_driver
* @return mixed True on success or enigma_error * @return mixed True on success or enigma_error
*/ */
abstract function delete_key($keyid); abstract function delete_key($keyid);
/**
* Returns a name of the hash algorithm used for the last
* signing operation.
*
* @return string Hash algorithm name e.g. sha1
*/
abstract function signature_algorithm();
} }

@ -23,6 +23,7 @@ class enigma_driver_gnupg extends enigma_driver
protected $gpg; protected $gpg;
protected $homedir; protected $homedir;
protected $user; protected $user;
protected $last_sig_algorithm;
function __construct($user) function __construct($user)
@ -120,7 +121,13 @@ class enigma_driver_gnupg extends enigma_driver
if ($sign_key) { if ($sign_key) {
$this->gpg->addSignKey($sign_key->reference, $sign_key->password); $this->gpg->addSignKey($sign_key->reference, $sign_key->password);
return $this->gpg->encryptAndSign($text, true);
$res = $this->gpg->encryptAndSign($text, true);
$sigInfo = $this->gpg->getLastSignatureInfo();
$this->last_sig_algorithm = $sigInfo->getHashAlgorithmName();
return $res;
} }
return $this->gpg->encrypt($text, true); return $this->gpg->encrypt($text, true);
@ -172,7 +179,13 @@ class enigma_driver_gnupg extends enigma_driver
{ {
try { try {
$this->gpg->addSignKey($key->reference, $key->password); $this->gpg->addSignKey($key->reference, $key->password);
return $this->gpg->sign($text, $mode, CRYPT_GPG::ARMOR_ASCII, true);
$res = $this->gpg->sign($text, $mode, CRYPT_GPG::ARMOR_ASCII, true);
$sigInfo = $this->gpg->getLastSignatureInfo();
$this->last_sig_algorithm = $sigInfo->getHashAlgorithmName();
return $res;
} }
catch (Exception $e) { catch (Exception $e) {
return $this->get_error_from_exception($e); return $this->get_error_from_exception($e);
@ -365,6 +378,17 @@ class enigma_driver_gnupg extends enigma_driver
return $result; return $result;
} }
/**
* Returns a name of the hash algorithm used for the last
* signing operation.
*
* @return string Hash algorithm name e.g. sha1
*/
public function signature_algorithm()
{
return $this->last_sig_algorithm;
}
/** /**
* Private key deletion. * Private key deletion.
*/ */

@ -146,6 +146,16 @@ class enigma_driver_phpssl extends enigma_driver
{ {
} }
/**
* Returns a name of the hash algorithm used for the last
* signing operation.
*
* @return string Hash algorithm name e.g. sha1
*/
public function signature_algorithm()
{
}
/** /**
* Converts Crypt_GPG_Key object into Enigma's key object * Converts Crypt_GPG_Key object into Enigma's key object
* *

@ -216,7 +216,7 @@ class enigma_engine
$message->setParam('text_charset', $text_charset); $message->setParam('text_charset', $text_charset);
} }
else { else {
$mime->addPGPSignature($body); $mime->addPGPSignature($body, $this->pgp_driver->signature_algorithm());
$message = $mime; $message = $mime;
} }
} }

@ -25,6 +25,7 @@ class enigma_mime_message extends Mail_mime
protected $body; protected $body;
protected $signature; protected $signature;
protected $encrypted; protected $encrypted;
protected $micalg;
/** /**
@ -119,10 +120,12 @@ class enigma_mime_message extends Mail_mime
* Register signature attachment * Register signature attachment
* *
* @param string Signature body * @param string Signature body
* @param string Hash algorithm name
*/ */
public function addPGPSignature($body) public function addPGPSignature($body, $algorithm = null)
{ {
$this->signature = $body; $this->signature = $body;
$this->micalg = $algorithm;
// Reset Content-Type to be overwritten with valid boundary // Reset Content-Type to be overwritten with valid boundary
unset($this->headers['Content-Type']); unset($this->headers['Content-Type']);
@ -168,10 +171,14 @@ class enigma_mime_message extends Mail_mime
if ($this->type == self::PGP_SIGNED) { if ($this->type == self::PGP_SIGNED) {
$params = array( $params = array(
'preamble' => "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)", 'preamble' => "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)",
'content_type' => "multipart/signed; micalg=pgp-sha1; protocol=\"application/pgp-signature\"", 'content_type' => "multipart/signed; protocol=\"application/pgp-signature\"",
'eol' => $this->build_params['eol'], 'eol' => $this->build_params['eol'],
); );
if ($this->micalg) {
$params['content_type'] .= "; micalg=pgp-" . $this->micalg;
}
$message = new Mail_mimePart('', $params); $message = new Mail_mimePart('', $params);
if (!empty($this->body)) { if (!empty($this->body)) {
@ -279,9 +286,13 @@ class enigma_mime_message extends Mail_mime
$this->build_params['boundary'] = $boundary; $this->build_params['boundary'] = $boundary;
if ($this->type == self::PGP_SIGNED) { if ($this->type == self::PGP_SIGNED) {
$headers['Content-Type'] = "multipart/signed; micalg=pgp-sha1;$eol" $headers['Content-Type'] = "multipart/signed;$eol"
." protocol=\"application/pgp-signature\";$eol" ." protocol=\"application/pgp-signature\";$eol"
." boundary=\"$boundary\""; ." boundary=\"$boundary\"";
if ($this->micalg) {
$headers['Content-Type'] .= ";{$eol} micalg=pgp-" . $this->micalg;
}
} }
else if ($this->type == self::PGP_ENCRYPTED) { else if ($this->type == self::PGP_ENCRYPTED) {
$headers['Content-Type'] = "multipart/encrypted;$eol" $headers['Content-Type'] = "multipart/encrypted;$eol"

@ -114,8 +114,7 @@ class rcube_imap_generic
$res = fwrite($this->fp, $string); $res = fwrite($this->fp, $string);
if ($res === false) { if ($res === false) {
@fclose($this->fp); $this->closeSocket();
$this->fp = null;
} }
return $res; return $res;

Loading…
Cancel
Save