[dev] S/Mime signature not validating (Was Fwd: Test)
Michael M Slusarz
slusarz at horde.org
Tue Jan 14 06:28:23 UTC 2014
Quoting Michael J Rubinsky <mrubinsk at horde.org>:
> Quoting Michael J Rubinsky <mrubinsk at horde.org>:
>
>> ..and here's one that was sent via Android, validation succeeds in
>> Apple Mail and on iOS, but not in IMP.
>
> These look wonky to me:
>
> Content-Type: application/pkcs7-signature; name=smime.p7s;
> smime-type=signed-data
>
> From what I understand, if a SignedData (smime-type=signed-data) is
> being used, the extension should be .p7m, and not .p7s
That shouldn't matter.
> and:
>
> Content-Type: multipart/signed;
> boundary=Apple-Mail-D291D2D6-8189-45BA-8AD6-DFDE86B68312; micalg=sha1;
> protocol="application/pkcs7-signature"
>
> shouldn't the micalg value be sha-1, and not sha1?
Don't think that should matter either. (And I want to say that sha1
and sha-1 are equivalent.)
My wild guess looking at the source and not looking at our code is
that the PHP smime (actually the pkcs* methods) simply don't accept
binary data. They might only accept base64 encoded data. Those
messages are both sent using binary CTE ... which if I remember
correctly wasn't formally supported until one of the point upgrades of
S/MIME.
michael
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the dev
mailing list