Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use whole certificate chain for S/MIME signing/verification #9665

Closed
wants to merge 1 commit into from
Closed

Use whole certificate chain for S/MIME signing/verification #9665

wants to merge 1 commit into from
+291 −4

Conversation

IchbinkeinReh
Copy link
Collaborator

Upload whole certificate chain when uploading a certificate for S/MIME in pkcs12 format. Include whole certificate chain in signed messages. Use whole certificate chain to verify certificates.

Fixes #9190

@ChristophWurst ChristophWurst added bug 3. to review feature:smime For all tasks related to S/MIME labels May 23, 2024
st3iny
st3iny approved these changes May 28, 2024
View reviewed changes
Copy link
Member

@st3iny st3iny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and works. Very nice!

I added some more PHP test for covering the various cases of chains (with intermediate CAs too).

@st3iny st3iny added this to the v3.7.0 milestone May 28, 2024
@st3iny
Copy link
Member

st3iny commented May 28, 2024

/backport to stable3.6

@IchbinkeinReh @st3iny
fix: Upload whole certificate chain when uploading a certificate for …
d2533fd 
…S/MIME in pkcs12 format. Include whole certificate chain in signed messages. Use whole certificate chain to verify certificates.

Fixes nextcloud#9190

Signed-off-by: Patrick Bender <[email protected]>
Signed-off-by: Richard Steinmetz <[email protected]>
@st3iny
Copy link
Member

st3iny commented May 28, 2024
edited
Loading

Continued in #9677

Unfortunately, our Codecov job won't run form forks due to security restrictions in GitHub actions. There is some ongoing discussion to solve this.

I'm very sorry for the inconvenience. Thank you very much for your contribution.

@st3iny st3iny closed this May 28, 2024
@st3iny st3iny removed this from the v3.7.0 milestone May 28, 2024
@st3iny st3iny mentioned this pull request May 28, 2024
Merged
@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 7, 2024

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@st3iny st3iny st3iny approved these changes

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst ChristophWurst is a code owner

Assignees
No one assigned
Labels
4. to release backport-request bug feature:smime For all tasks related to S/MIME feedback-requested
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Nextcloud mail 3.5.0 generates invalid smime signature
3 participants
@IchbinkeinReh @st3iny @ChristophWurst