diff options
author | Konstantin Shemyak <konstantin@shemyak.com> | 2015-10-25 21:28:37 +0200 |
---|---|---|
committer | Konstantin Shemyak <konstantin@shemyak.com> | 2016-11-28 19:40:30 +0200 |
commit | 7defbbfa7edc87d26f4c3df9793848697882dad8 (patch) | |
tree | 3b55d89c264cddab261fe857a6e5c9bc6ced474e /M2Crypto/SMIME.py | |
parent | 55c673dcb3cc740000bb306b8ceb12713221a615 (diff) | |
download | m2crypto-7defbbfa7edc87d26f4c3df9793848697882dad8.tar.gz |
Add possibility to sign PKCS7 with a non-default digest.
An optional parameter "algo" is added to SMIME.sign().
This is what is done by "-md" option in the command
"openssl smime -sign -md <digest_name> ..."
Diffstat (limited to 'M2Crypto/SMIME.py')
-rw-r--r-- | M2Crypto/SMIME.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/M2Crypto/SMIME.py b/M2Crypto/SMIME.py index 368d8ca..36fb151 100644 --- a/M2Crypto/SMIME.py +++ b/M2Crypto/SMIME.py @@ -226,20 +226,26 @@ class SMIME: raise SMIME_Error(Err.get_error()) return blob - def sign(self, data_bio, flags=0): - # type: (BIO.BIO, int) -> PKCS7 + def sign(self, data_bio, flags=0, algo='sha1'): + # type: (BIO.BIO, int, Optional[str]) -> PKCS7 if not hasattr(self, 'pkey'): raise SMIME_Error('no private key: use load_key()') + + hash = getattr(m2, algo, None) + + if hash is None: + raise SMIME_Error('no such hash algorithm %s' % algo) + if hasattr(self, 'x509_stack'): pkcs7 = m2.pkcs7_sign1(self.x509._ptr(), self.pkey._ptr(), self.x509_stack._ptr(), - data_bio._ptr(), flags) + data_bio._ptr(), hash(), flags) if pkcs7 is None: raise SMIME_Error(Err.get_error()) return PKCS7(pkcs7, 1) else: pkcs7 = m2.pkcs7_sign0(self.x509._ptr(), self.pkey._ptr(), - data_bio._ptr(), flags) + data_bio._ptr(), hash(), flags) if pkcs7 is None: raise SMIME_Error(Err.get_error()) return PKCS7(pkcs7, 1) |