<div class="markdown">
<p dir="auto">On 30 Nov 2013, at 18:48, Scott Blystone wrote:</p>
<blockquote>
<p dir="auto">The release notes of the latest developer build contained the following text:</p>
<p dir="auto">"Revision 3872 (Friday, November 29, 2013)</p>
<p dir="auto">The following can be used to change the hash function used for OpenPGP messages:</p>
<pre><code>defaults write com.freron.MailMate MmOpenPGPHashFunction -string sha256
</code></pre>
<p dir="auto">Do not use this if you do not know what you are doing."</p>
<p dir="auto">What am I missing here? I have many years encryption experience but I do not understand the purpose of this parameter.The digest and hash functions are determined when the actual key itself is generated and not by the mail client!</p>
</blockquote>
<p dir="auto">First, I'm certainly no security expert and I welcome any comments/corrections to the following.</p>
<p dir="auto">For OpenPGP the hash function is not set in stone, but you can set a list of preferred hash functions, e.g., one of my keys has the following list:</p>
<pre><code>Digest: SHA256, SHA1, SHA384, SHA512, SHA224
</code></pre>
<p dir="auto">Unfortunately (embarrassingly) MailMate ignores this setting. It simply enforces the use of SHA1 to make sure that the “Content-Type” of a message shows the correct hash function in the so-called <code>micalg</code> parameter. I have it on my ToDo to improve this. The setting above was a quick fix for a user with a key which could not be used with SHA1 at all.</p>
<p dir="auto">For S/MIME in MailMate, it's kind of worse, and it's partly because I'm not 100% sure how it works for S/MIME certificates. MailMate doesn't (and maybe cannot?) enforce a particular hash function, but MailMate also doesn't try to find out which hash algorithm is used.</p>
<p dir="auto">The <code>micalg</code> parameter is simply set to <code>sha1</code> even if it's not true. It's actually my impression that this parameter is ignored most of the time, but I would of course like it to be correct. So far, I've figured out how to read the “Signature Algorithm” of a certificate and I've found so-called OIDs for various popular hashing functions. (I cannot seem to find any Apple API to do this more easily.) For example,</p>
<ul>
<li>sha1WithRSAEncryption: <a href="http://www.oid-info.com/get/1.2.840.113549.1.1.5">http://www.oid-info.com/get/1.2.840.113549.1.1.5</a></li>
<li>sha256WithRSAEncryption: <a href="http://www.oid-info.com/get/1.2.840.113549.1.1.11">http://www.oid-info.com/get/1.2.840.113549.1.1.11</a></li>
</ul>
<p dir="auto">Documentation is scarce and I'm not sure this is the right way to go. For example, I just tried signing a message with Apple Mail using a certificate with a Signature Algorithm of “SHA-256 with RSA Encryption”, but the <code>micalg</code> parameter was still <code>sha1</code>. Obviously, I need to do more testing to understand this :-)</p>
<p dir="auto">-- <br>
Benny</p>
</div>