-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
encrypted base64-encoded #54
Comments
When sending something to the Mendelson test server, I'm sending these overall headers:
so I don't see an issue here. |
Can you please check, if you're payload MIME part also has that
|
When I use openssl to generate the encrypted file, it automatically adds HTTP headers. E.g.
Note this is not a multi-part message, it is the set of HTTP Headers you see above with the remainder a B64 string. I've tried to send the above message as-is, and tried removing the HTTP headers before sending, but the result is the same - "Malformed Content" on the new SMIMEEnveloped(aPart). The only way I can get the SMIMEEnveloped to accept the payload is to
Note the curl command is always the same. Trying out the same with the mendelson server, the signed+encrypted message that is sent is actually a multipart message, so this is probably where the difference lies. For S/MIME enveloped-data, Openssl generates a self-contained base64 encoded string, mendelson generates a multi-part message. I think this difference is referenced in the RFC 2633, section 3.5. |
I think that AS2 is only about multipart messaging.
See the variations from RFC 4130 section 4.2
So I see no variation without MIME |
OK, the items listed in section 4.2 seem pretty clear. But in practical usage, using the BC SMIMEEnvelopedGenerator along with JceCMSContentEncryptorBuilder to encrypt a MIME message will generate same as what openssl does (example) I see AS2SenderModule.encrypt uses this code. In truth, I haven't tried to use the AS2SenderModule at all (I'm just interested in receiving messages), but I would expect that if the partnership includes an encryption algorithm => AS2Sender encrypts a message (thus using BC SMIMEEnvelopedGenerator). |
The example code you are mentioning does it exactly as it is done in |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
hi, I'm not sure if this is an issue or a misunderstanding on my part.
I've created a signed and encrypted AS/2 request message with openssl (pem files manually extracted from the certs.p12 keystore)
Create signed s/mime message:
openssl smime -sign -in GETMSG.msg -out GETMSG_SIGNED.msg -signer openas2a_private.pem
Encrypt s/mime message
openssl smime -encrypt -in GETMSG_SIGNED.msg -out GETMSG_ENC.msg -des3 openas2b_public.pem
The GETMSG_ENC.msg now contains HTTP headers and signed base64 content - manually remove the headers.
Send with cURL
The result hits a problem in BCCryptoHelper.decrypt(...) , when creating the new SMIMEEnveloped
It seems that the code has passed the base64-encoded content directly into the SMIMEEnveloped method, while it expect the content to already base64-decoded.
Is there an extra HTTP header that I need to provide on the cURL call to ensure the content is decoded before sending to SMIMEEnveloped ?
The text was updated successfully, but these errors were encountered: