|
|
c6cc0b |
# HG changeset patch
|
|
|
c6cc0b |
# User Kai Engert <kaie@kuix.de>
|
|
|
c6cc0b |
# Date 1489096275 -3600
|
|
|
c6cc0b |
# Thu Mar 09 22:51:15 2017 +0100
|
|
|
c6cc0b |
# Node ID 848abc2061a45b8387893891e814b80db1e2bd53
|
|
|
c6cc0b |
# Parent 482e9cbb16f13cd22f9ef7b5a73a4e3ea68ecf82
|
|
|
c6cc0b |
Bug 1345106, Don't use SHA1 by default for signatures in the NSS library and in certutil, crlutil and cmsutil, r=rrelyea
|
|
|
c6cc0b |
|
|
|
c6cc0b |
diff --git a/cmd/smimetools/cmsutil.c b/cmd/smimetools/cmsutil.c
|
|
|
c6cc0b |
--- a/cmd/smimetools/cmsutil.c
|
|
|
c6cc0b |
+++ b/cmd/smimetools/cmsutil.c
|
|
|
c6cc0b |
@@ -84,7 +84,7 @@ Usage(char *progName)
|
|
|
c6cc0b |
" where id can be a certificate nickname or email address\n"
|
|
|
c6cc0b |
" -S create a CMS signed data message\n"
|
|
|
c6cc0b |
" -G include a signing time attribute\n"
|
|
|
c6cc0b |
- " -H hash use hash (default:SHA1)\n"
|
|
|
c6cc0b |
+ " -H hash use hash (default:SHA256)\n"
|
|
|
c6cc0b |
" -N nick use certificate named \"nick\" for signing\n"
|
|
|
c6cc0b |
" -P include a SMIMECapabilities attribute\n"
|
|
|
c6cc0b |
" -T do not include content in CMS message\n"
|
|
|
c6cc0b |
@@ -1097,7 +1097,7 @@ main(int argc, char **argv)
|
|
|
c6cc0b |
signOptions.signingTime = PR_FALSE;
|
|
|
c6cc0b |
signOptions.smimeProfile = PR_FALSE;
|
|
|
c6cc0b |
signOptions.encryptionKeyPreferenceNick = NULL;
|
|
|
c6cc0b |
- signOptions.hashAlgTag = SEC_OID_SHA1;
|
|
|
c6cc0b |
+ signOptions.hashAlgTag = SEC_OID_SHA256;
|
|
|
c6cc0b |
envelopeOptions.recipients = NULL;
|
|
|
c6cc0b |
encryptOptions.recipients = NULL;
|
|
|
c6cc0b |
encryptOptions.envmsg = NULL;
|
|
|
c6cc0b |
diff --git a/cmd/smimetools/smime b/cmd/smimetools/smime
|
|
|
c6cc0b |
--- a/cmd/smimetools/smime
|
|
|
c6cc0b |
+++ b/cmd/smimetools/smime
|
|
|
c6cc0b |
@@ -199,8 +199,8 @@ sub signentity($$)
|
|
|
c6cc0b |
# construct a new multipart/signed MIME entity consisting of the original content and
|
|
|
c6cc0b |
# the signature
|
|
|
c6cc0b |
#
|
|
|
c6cc0b |
- # (we assume that cmsutil generates a SHA1 digest)
|
|
|
c6cc0b |
- $out .= "Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha1; boundary=\"${boundary}\"\n";
|
|
|
c6cc0b |
+ # (we assume that cmsutil generates a SHA256 digest)
|
|
|
c6cc0b |
+ $out .= "Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha256; boundary=\"${boundary}\"\n";
|
|
|
c6cc0b |
$out .= "\n"; # end of entity header
|
|
|
c6cc0b |
$out .= "This is a cryptographically signed message in MIME format.\n"; # explanatory comment
|
|
|
c6cc0b |
$out .= "\n--${boundary}\n";
|
|
|
c6cc0b |
diff --git a/lib/cryptohi/secsign.c b/lib/cryptohi/secsign.c
|
|
|
c6cc0b |
--- a/lib/cryptohi/secsign.c
|
|
|
c6cc0b |
+++ b/lib/cryptohi/secsign.c
|
|
|
c6cc0b |
@@ -312,24 +312,25 @@ SEC_DerSignData(PLArenaPool *arena, SECI
|
|
|
c6cc0b |
if (algID == SEC_OID_UNKNOWN) {
|
|
|
c6cc0b |
switch (pk->keyType) {
|
|
|
c6cc0b |
case rsaKey:
|
|
|
c6cc0b |
- algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
|
|
|
c6cc0b |
+ algID = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case dsaKey:
|
|
|
c6cc0b |
/* get Signature length (= q_len*2) and work from there */
|
|
|
c6cc0b |
switch (PK11_SignatureLen(pk)) {
|
|
|
c6cc0b |
+ case 320:
|
|
|
c6cc0b |
+ algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
|
|
c6cc0b |
+ break;
|
|
|
c6cc0b |
case 448:
|
|
|
c6cc0b |
algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case 512:
|
|
|
c6cc0b |
+ default:
|
|
|
c6cc0b |
algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
- default:
|
|
|
c6cc0b |
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
|
|
c6cc0b |
- break;
|
|
|
c6cc0b |
}
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case ecKey:
|
|
|
c6cc0b |
- algID = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
|
|
|
c6cc0b |
+ algID = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
default:
|
|
|
c6cc0b |
PORT_SetError(SEC_ERROR_INVALID_KEY);
|
|
|
c6cc0b |
@@ -468,13 +469,13 @@ SEC_GetSignatureAlgorithmOidTag(KeyType
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case dsaKey:
|
|
|
c6cc0b |
switch (hashAlgTag) {
|
|
|
c6cc0b |
- case SEC_OID_UNKNOWN: /* default for DSA if not specified */
|
|
|
c6cc0b |
case SEC_OID_SHA1:
|
|
|
c6cc0b |
sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case SEC_OID_SHA224:
|
|
|
c6cc0b |
sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
+ case SEC_OID_UNKNOWN: /* default for DSA if not specified */
|
|
|
c6cc0b |
case SEC_OID_SHA256:
|
|
|
c6cc0b |
sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
@@ -484,13 +485,13 @@ SEC_GetSignatureAlgorithmOidTag(KeyType
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case ecKey:
|
|
|
c6cc0b |
switch (hashAlgTag) {
|
|
|
c6cc0b |
- case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
|
|
|
c6cc0b |
case SEC_OID_SHA1:
|
|
|
c6cc0b |
sigTag = SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
case SEC_OID_SHA224:
|
|
|
c6cc0b |
sigTag = SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE;
|
|
|
c6cc0b |
break;
|
|
|
c6cc0b |
+ case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
|
|
|
c6cc0b |
case SEC_OID_SHA256:
|
|
|
c6cc0b |
sigTag = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
|
|
|
c6cc0b |
break;
|