diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.24.5.orig/camel/camel-smime-context.c evolution-data-server-2.24.5/camel/camel-smime-context.c --- evolution-data-server-2.24.5.orig/camel/camel-smime-context.c 2008-09-22 06:53:58.000000000 -0400 +++ evolution-data-server-2.24.5/camel/camel-smime-context.c 2009-03-07 14:52:57.000000000 -0500 @@ -40,6 +40,7 @@ #include <smime.h> #include <pkcs11t.h> #include <pk11func.h> +#include <secoid.h> #include <errno.h> @@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte for (i = 0; i < count; i++) { NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i); SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo); + int which_digest; switch (typetag) { case SEC_OID_PKCS7_SIGNED_DATA: @@ -543,44 +545,49 @@ sm_verify_cmsg(CamelCipherContext *conte goto fail; } - /* need to build digests of the content */ - if (!NSS_CMSSignedData_HasDigests(sigd)) { - if (extstream == NULL) { - camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data")); - goto fail; - } - - if ((poolp = PORT_NewArena(1024)) == NULL) { - camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM)); - goto fail; - } - - digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd); - - digcx = NSS_CMSDigestContext_StartMultiple(digestalgs); - if (digcx == NULL) { - camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests")); - goto fail; - } - - mem = (CamelStreamMem *)camel_stream_mem_new(); - camel_stream_write_to_stream(extstream, (CamelStream *)mem); - NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len); - camel_object_unref(mem); - - if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) { - camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests")); - goto fail; - } - - if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) { - camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests")); - goto fail; - } - PORT_FreeArena(poolp, PR_FALSE); - poolp = NULL; + if (extstream == NULL) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data")); + goto fail; + } + + if ((poolp = PORT_NewArena(1024)) == NULL) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM)); + goto fail; } + + digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd); + + digcx = NSS_CMSDigestContext_StartMultiple(digestalgs); + if (digcx == NULL) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests")); + goto fail; + } + + mem = (CamelStreamMem *)camel_stream_mem_new(); + camel_stream_write_to_stream(extstream, (CamelStream *)mem); + NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len); + camel_object_unref(mem); + + if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests")); + goto fail; + } + + for (which_digest = 0; digests[which_digest] != NULL; which_digest++) { + SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm); + if (digest_alg == NULL) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests")); + goto fail; + } + if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) { + camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests")); + goto fail; + } + } + + PORT_FreeArena(poolp, PR_FALSE); + poolp = NULL; /* import all certificates present */ if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {