[imp] S/MIME decryption error

Jan Schneider jan at horde.org
Fri Jan 22 08:56:24 UTC 2016


Please don't top-post.

> On 20-Jan-16 3:30 AM, Jan Schneider wrote:
>>
>> Zitat von D. Milanovic <tuta at mandexin.ca>:
>>
>>> Hello,
>>>
>>> I am unable to successfully decrypt S/MIME signed/encrypted message in
>>> Horde. Sending is OK and message can be read in Thunderbird without
>>> problems. However, error message "Could not decrypt S/MIME data." is
>>> displayed when trying to read same message in Sent folder. Same error is
>>> displayed for all incoming encrypted messages.
>>> All certificates (personal and public) are imported without any errors.
>>>
>>> No error messages in PHP or Horde log.
>>> Horde version is 5.2.11, Imp version 6.2.11
>>
>> openssl_pkcs7_decrypt() which we use internally doesn't return a more
>> detailed error message if decryption failed. It raises a PHP warning
>> with some more information though, so you should see this in your
>> PHP/Horde logs if your error_reporting level is sufficiently high.
>>
Zitat von D. Milanovic <tuta at mandexin.ca>:

> Enabling debug did not help, so I had to dig inside a source around
> openssl_pkcs7_decrypt() function. All keys are OK, however input file
> passed to this function contains only mime data without headers, unlike
> specs http://php.net/manual/en/function.openssl-pkcs7-decrypt.php
>
> "If you want to decrypt a received email, keep in mind that you need the
> full encrypted message including the mime header."
>
> I've verified this by executing simple function from the command line.
> When input file contains full message source, function succeeds, if not
> decrypt will fail.

Cannot reproduce. openssl_pkcs7_decrypt() is fed with the complete  
message including headers here.

-- 
Jan Schneider
The Horde Project
http://www.horde.org/



More information about the imp mailing list