Add support for signing E-Mails and fixed tests.

cms/cms.go

@@ -139,7 +139,7 @@ func (cms *CMS) Decrypt(contentInfo []byte) (plain []byte, err error) {
 }
 
 // Sign signs the data and returns returns DER-encoded ASN.1 ContentInfo.
-func (cms *CMS) Sign(data []byte) (der []byte, err error) {
+func (cms *CMS) Sign(data []byte, detachedSignature ...bool) (der []byte, err error) {
 
 	enci, err := protocol.NewDataEncapsulatedContentInfo(data)
 	if err != nil {
@@ -162,6 +162,10 @@ func (cms *CMS) Sign(data []byte) (der []byte, err error) {
 		}
 	}
 
+	if len(detachedSignature) > 0 && detachedSignature[0] {
+		sd.EncapContentInfo.EContent = nil
+	}
+
 	ci, err := sd.ContentInfo()
 	if err != nil {
 		return

cms/cms_test.go

@@ -104,7 +104,7 @@ func TestSignVerify(t *testing.T) {
 func TestEncryptOpenSSL(t *testing.T) {
 	message := []byte("Hallo Welt!")
 
-	der, err := openssl.Encrypt(message, leaf.Certificate)
+	der, err := openssl.Encrypt(message, leaf.Certificate, "-outform", "DER")
 	if err != nil {
 		t.Error(err)
 	}
@@ -129,7 +129,7 @@ func TestDecryptOpenSSL(t *testing.T) {
 		t.Error(err)
 	}
 
-	plain, err := openssl.Decrypt(ciphertext, leaf.PrivateKey)
+	plain, err := openssl.Decrypt(ciphertext, leaf.PrivateKey, "-inform", "DER")
 	if err != nil {
 		t.Error(err)
 	}
@@ -142,7 +142,7 @@ func TestDecryptOpenSSL(t *testing.T) {
 func TestSignOpenSSL(t *testing.T) {
 	message := []byte("Hallo Welt")
 
-	sig, err := openssl.SignDetached(message, leaf.Certificate, leaf.PrivateKey, intermediate.Certificate)
+	sig, err := openssl.SignDetached(message, leaf.Certificate, leaf.PrivateKey, []*x509.Certificate{intermediate.Certificate}, "-outform", "DER")
 	if err != nil {
 		t.Error(err)
 	}
@@ -176,7 +176,7 @@ func TestVerifyOpenSSL(t *testing.T) {
 		t.Error(err)
 	}
 
-	sig, err := openssl.Verify(der, root.Certificate)
+	sig, err := openssl.Verify(der, root.Certificate, "-inform", "DER")
 	if err != nil {
 		t.Error(err)
 	}