Closed
Bug 1473674
Opened 6 years ago
Closed 6 years ago
support XPI pkcs7 signatures with sha256 digest in autograph
Categories
(Cloud Services :: Security, enhancement)
Cloud Services
Security
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: u581815, Assigned: u581815)
References
Details
Attachments
(1 file)
Add a param to options to specify pk7 digest (sha1 or sh384 defaulting to sha1) for /sign/data and /sign/file refs: https://bugzilla.mozilla.org/show_bug.cgi?id=1466683#c19
Comment 1•6 years ago
|
||
Firefox only supports SHA-1 and SHA-256 at the moment (bug 1357815 added 256).
See Also: → 1357815
Summary: support XPI pkcs7 signatures with sha384 digest in autograph → support XPI pkcs7 signatures with sha256 digest in autograph
I started a branch based off the cose branch: https://github.com/mozilla-services/autograph/compare/xpi-cose-signing...xpi-pk7-sha2-digest?expand=1 I need to fix the openssl verification test since it's failing locally and in CI with: Error reading S/MIME message 47879491456352:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: CMS
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•