From d26e633964837c24ccbd41ec644809cb70fe19ec Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Fri, 29 Mar 2013 20:13:34 +0100 Subject: [PATCH] Regenerate the Date header after signing Previously the difference to the signature timestamp could be used to estimate the passphrase length for the signing key (if the passphrase wasn't cached). --- src/compose.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/src/compose.c b/src/compose.c index 4520069..1cf33ba 100644 --- a/src/compose.c +++ b/src/compose.c @@ -5599,12 +5599,31 @@ static gint compose_write_to_file(Compose *compose, FILE *fp, gint action, gbool } /* sign message if sending */ if (action == COMPOSE_WRITE_FOR_SEND && compose->use_signing && - privacy_system_can_sign(compose->privacy_system)) - if (!privacy_sign(compose->privacy_system, mimemsg, - compose->account, from_addr)) { + privacy_system_can_sign(compose->privacy_system)) { + gchar *date; + gchar *end; + gboolean message_signed; + gboolean date_found; + + date = mimemsg->data.mem + strlen("Date: "); + end = strchr(date, '\n'); + + message_signed = privacy_sign(compose->privacy_system, mimemsg, + compose->account, from_addr); + date_found = !strncmp(mimemsg->data.mem, "Date: ", strlen("Date: ")); + + if (!message_signed || !date_found || end == NULL) { g_free(from_name); g_free(from_addr); return -2; + } + /* + * Regenerate the Date header so the difference to the + * signature timestamp can't be used to estimate the + * passphrase length for the signing key. + */ + get_rfc822_date(date, strlen(date)); + *end = '\n'; } g_free(from_name); g_free(from_addr); -- 1.8.2