Fixing signing with time. (Need to set the time BEFORE the digest, no…

…t after.)

TEST.sh

@@ -8,7 +8,7 @@ for ka in rsa ec ; do
   bin/sealtool -g --ka "$ka" -D "test/sign-$ka.dns" -k "test/sign-$ka.key" --genpass ''
 
   # iterate over signing formats
-  for sf in 'hex' 'base64' 'date3:hex' 'date3:base64' ; do
+  for sf in 'hex' 'HEX' 'base64' 'date3:hex' 'date3:HEX' 'date3:base64' ; do
     sfname=${sf/:/_}
 
     # Test with local signing
@@ -18,7 +18,7 @@ for ka in rsa ec ; do
     for i in regression/test-unsigned* ; do
       j=${i/regression/test}
       out=${j/-unsigned/-signed-local-$ka-$sfname}
-      bin/sealtool -s -k "test/sign-$ka.key" --ka "$ka" -o "$out" "$i"
+      bin/sealtool -s -k "test/sign-$ka.key" --ka "$ka" --sf "$sf" -C "Sample Copyright" -c "Sample Comment" -o "$out" "$i"
     done
 
     # Verify local signing
@@ -32,7 +32,7 @@ for ka in rsa ec ; do
     for i in regression/test-unsigned* ; do
       j=${i/regression/test}
       out=${j/-unsigned/-signed-remote-$ka-$sfname}
-      bin/sealtool -S --ka "$ka" -o "$out" "$i"
+      bin/sealtool -S --ka "$ka" --sf "$sf" -C "Sample Copyright" -c "Sample Comment" -o "$out" "$i"
     done
 
     # Verify remote signing

src/sign-local.cpp

@@ -200,9 +200,6 @@ sealfield *	SealSignLocal	(sealfield *Args)
   // Keys must be loaded.
   if (!PrivateKey) { SealLoadPrivateKey(Args); }
 
-  // Apply double digest (date:userid:) as needed
-  Args = SealDoubleDigest(Args);
-
   // Set the date string
   memset(datestr,0,30);
   sf = SealGetText(Args,"sf"); // SEAL's 'sf' parameter; signing format (date, hex, whatever)
@@ -248,6 +245,10 @@ sealfield *	SealSignLocal	(sealfield *Args)
     Args = SealSetText(Args,"@sigdate",datestr);
     } // set datestr
 
+  // Apply double digest (date:userid:) as needed
+  // SealDoubleDigest uses @sigdate, so must be done AFTER date!
+  Args = SealDoubleDigest(Args);
+
   // Set the digest algorithm
   digestalg = SealGetText(Args,"da"); // SEAL's 'da' parameter
   if (!strcmp(digestalg,"sha224")) { mdf = EVP_sha224; }