fix: detached signature is now used

2024-11-22 05:40:50 +01:00 · 2024-10-09 13:53:15 +02:00 · 2024-10-09 13:53:15 +02:00 · 4700691380
commit 4700691380
parent b4370ded12
3 changed files with 23 additions and 14 deletions
--- a/msg.go
+++ b/msg.go
@ -1004,10 +1004,13 @@ func (m *Msg) createSignaturePart(encoding Encoding, contentType ContentType, ch
 	message := m.sMime.createMessage(encoding, contentType, charSet, body)
 	signaturePart := m.newPart(typeSMimeSigned, WithPartEncoding(EncodingB64), WithSMimeSinging())

-	if err := m.sMime.sign(signaturePart, message); err != nil {
+	signedMessage, err := m.sMime.signMessage(message)
+	if err != nil {
 		return nil, err
 	}

+	signaturePart.SetContent(*signedMessage)
+
 	return signaturePart, nil
 }

--- a/msgwriter.go
+++ b/msgwriter.go
@ -261,7 +261,12 @@ func (mw *msgWriter) writePart(part *Part, charset Charset) {
 	if partCharset.String() == "" {
 		partCharset = charset
 	}
-	contentType := fmt.Sprintf("%s; charset=%s", part.contentType, partCharset)
+
+	contentType := part.contentType.String()
+	if !part.IsSMimeSigned() {
+		contentType = strings.Join([]string{contentType, "; charset=", partCharset.String()}, "")
+	}
+
 	contentTransferEnc := part.encoding.String()
 	if mw.depth == 0 {
 		mw.writeHeader(HeaderContentType, contentType)
--- a/sime.go
+++ b/sime.go
@ -61,33 +61,34 @@ func newSMime(keyPair *tls.Certificate) (*SMime, error) {
 	}, nil
 }

-// sign with the S/MIME method the message of the actual *Part
-func (sm *SMime) sign(signaturePart *Part, message string) error {
+// signMessage signs the message with S/MIME
+func (sm *SMime) signMessage(message string) (*string, error) {
 	lines := parseLines([]byte(message))
 	toBeSigned := lines.bytesFromLines([]byte("\r\n"))

-	tmp, err := pkcs7.NewSignedData(toBeSigned)
-	tmp.SetDigestAlgorithm(pkcs7.OIDDigestAlgorithmSHA256)
+	signedData, err := pkcs7.NewSignedData(toBeSigned)
+	signedData.SetDigestAlgorithm(pkcs7.OIDDigestAlgorithmSHA256)
 	if err != nil {
-		return ErrCouldNotInitialize
+		return nil, ErrCouldNotInitialize
 	}

-	if err = tmp.AddSignerChain(sm.certificate, sm.privateKey, sm.parentCertificates, pkcs7.SignerInfoConfig{}); err != nil {
-		return ErrCouldNotAddSigner
+	if err = signedData.AddSignerChain(sm.certificate, sm.privateKey, sm.parentCertificates, pkcs7.SignerInfoConfig{}); err != nil {
+		return nil, ErrCouldNotAddSigner
 	}

-	signatureDER, err := tmp.Finish()
+	signedData.Detach()
+
+	signatureDER, err := signedData.Finish()
 	if err != nil {
-		return ErrCouldNotFinishSigning
+		return nil, ErrCouldNotFinishSigning
 	}

 	pemMsg, err := encodeToPEM(signatureDER)
 	if err != nil {
-		return ErrCouldNoEncodeToPEM
+		return nil, ErrCouldNoEncodeToPEM
 	}
-	signaturePart.SetContent(*pemMsg)

-	return nil
+	return pemMsg, nil
 }

 // createMessage prepares the message that will be used for the sign method later