[imp] S/MIME decryption error

D. Milanovic tuta at mandexin.ca
Fri Jan 22 17:16:14 UTC 2016


On 22-Jan-16 3:56 AM, Jan Schneider wrote:
> Please don't top-post.
> 
>> On 20-Jan-16 3:30 AM, Jan Schneider wrote:
>>>
>>> Zitat von D. Milanovic <tuta at mandexin.ca>:
>>>
>>>> Hello,
>>>>
>>>> I am unable to successfully decrypt S/MIME signed/encrypted message in
>>>> Horde. Sending is OK and message can be read in Thunderbird without
>>>> problems. However, error message "Could not decrypt S/MIME data." is
>>>> displayed when trying to read same message in Sent folder. Same
>>>> error is
>>>> displayed for all incoming encrypted messages.
>>>> All certificates (personal and public) are imported without any errors.
>>>>
>>>> No error messages in PHP or Horde log.
>>>> Horde version is 5.2.11, Imp version 6.2.11
>>>
>>> openssl_pkcs7_decrypt() which we use internally doesn't return a more
>>> detailed error message if decryption failed. It raises a PHP warning
>>> with some more information though, so you should see this in your
>>> PHP/Horde logs if your error_reporting level is sufficiently high.
>>>
> Zitat von D. Milanovic <tuta at mandexin.ca>:
> 
>> Enabling debug did not help, so I had to dig inside a source around
>> openssl_pkcs7_decrypt() function. All keys are OK, however input file
>> passed to this function contains only mime data without headers, unlike
>> specs http://php.net/manual/en/function.openssl-pkcs7-decrypt.php
>>
>> "If you want to decrypt a received email, keep in mind that you need the
>> full encrypted message including the mime header."
>>
>> I've verified this by executing simple function from the command line.
>> When input file contains full message source, function succeeds, if not
>> decrypt will fail.
> 
> Cannot reproduce. openssl_pkcs7_decrypt() is fed with the complete
> message including headers here.
> 

It is really strange. Workaround for me is to append this on the top,
and it works fine.

        $headers = file_get_contents("./headers.txt");
        if(!strrpos($text, "pkcs7-mime"))
            file_put_contents($input, $headers . $text);
        else
            file_put_contents($input, $text);



"headers.txt"

Content-Type: application/pkcs7-mime; smime-type=enveloped-data
Content-Description: S/MIME Encrypted Message
MIME-Version: 1.0
Content-Disposition: inline
Content-Transfer-Encoding: base64
Status: RO
X-Status:
X-Keywords:
X-UID: 6




More information about the imp mailing list