[dev] S/Mime signature not validating (Was Fwd: Test)

Michael M Slusarz slusarz at horde.org
Tue Jan 14 07:41:55 UTC 2014


Quoting Michael J Rubinsky <mrubinsk at horde.org>:

> While testing and looking at the code for s/mime support in  
> ActiveSync, I've discovered that the following email, sent from iOS  
> validates fine on the iPhone and in Apple Mail, but Horde says the  
> signer's certificate cannot be verified. It is signed with the same  
> certificate that I sign all my Horde email with - and this verifies  
> fine when the original email is sent from IMP.

This is not an Horde/IMP issue.  It is the PHP pkcs7 code that is  
parsing the signature data.  It's not an issue with MIME  
parsing/EOLs/etc. since the message verifies correctly.  It appears to  
be something wrong with how the signing certificate data is added to  
the signature.

My guess is that the Apple products are either lax when verifying this  
certificate, or ignore the issue (or at least workaround it).  We  
don't have that luxury since we have no access to the internal S/MIME  
parsing code.

michael

___________________________________
Michael Slusarz [slusarz at horde.org]



More information about the dev mailing list