smime

问题 I am using BC to encrypt and sign an SMIME message for use with AS2. The code we have works fine with an absolutely ancient version of bouncy castle, bcmail-1.4:125 . Upgrading to anything newer causes the receiver of the message (not too ancient Cyclone server) to fail to verify the message. (e.g. the earliest v in maven causes this too. These are the versions without API changes (e.g. 1.38). Since we use JDK 1.7 (and 1.8), I've been trying to update this to a newer version of BC, java-mail,

问题 I need to extract the user certificate from a pkcs7 signature file. I can do it via the command line using the following: openssl pkcs7 -in somesign.pks7 -inform PEM -print_certs This will give me the entire certificate chain and I can process the resulting file to extract what I want. Is there any way to do that with the openssl_pkcs7_ commands? I saw that openssl_pkcs7_verify has the $outfilename where the certs would be stored but I don't have the signed message, but it seems the $filename

问题 So, i have this application that creates a zip file with images and stuff and i want to sign it using smime . if i use the terminal command: openssl smime -binary -sign -passin "pass:MYPASS" -signer ./MyCertificate.pem -inkey ./MyKey.pem -in ./manifest.in -out ./signature.out -outform DER Formated: openssl smime -binary -sign -passin "pass:MYPASS" \ -signer ./MyCertificate.pem -inkey ./MyKey.pem \ -in ./manifest.in -out ./signature.out -outform DER the manifest.in is the file witch contains

问题 I'm trying to use an OpenSSL code in my .Net program. Here's the code: openssl pkcs12 -in "My PassKit Cert.p12" -clcerts -nokeys -out certificate.pem openssl pkcs12 -in "My PassKit Cert.p12" -nocerts -out key.pem smime -binary -sign -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER I tried to use .Net OpenSSL, but I absolutely have no idea how to use it, and I couldn't find a good documentation for it. I decided to use .Net to perform the same sign process,

问题 I am working on a larger application which receives email by POP3, IMAP or through import from .msg Files (Exported form Outlook or dragged over from Outlook). Recently I received an email with an attachment "smime.p7m". After further inspection it turned out to be a MIME Message with Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; Among other parts it contains one section Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64

问题 I am working with OpenAS2Server-1.3.3 library. There sending a single document is working fine.. Now I wanted to modify it to send document with attachments, like we do with emails. In this scenario, all the decription work well, but signature verification failed (MIC is not matched) This is how I am tring to send attachments with main doc: Create a MimeMultipart and add two MimeBodyPart into it. (main document and the attachment) Finally wrap the MimeMultipart within a MimeBodyPart (I am not

问题 I am decrypting SMIME.P7M attachments in emails. I currently have the following EnvelopedCms envDate = new EnvelopedCms(new ContentInfo(data)); envDate.Decode(data); RecipientInfoCollection recips = envDate.RecipientInfos; RecipientInfo recipin = recips[0]; X509Certificate2 x509_2 = LoadCertificate2(StoreLocation.CurrentUser, (SubjectIdentifier)recipin.RecipientIdentifier); And the load certificates looks like this public static X509Certificate2 LoadCertificate2(StoreLocation storeLocation,

问题 I am currently trying to adapt a few scripts we use to sign an encrypt/decrypt xml files using OpenSSL and S/MIME using Java and BouncyCastle. The command to sign and encrypt our file: openssl smime -sign -signer Pub1.crt -inkey Priv.key -in foo.xml | openssl smime -encrypt -out foo.xml.smime Pub2.crt Pub1.crt This generates a signed and encrypted smime-file containing our xml file. Currently this happens using a set of shell scripts under linux using the OpenSSL library. In the future we

问题 For an application I'm developing I need to create a signature file before I can upload files. The documentation of it explains how to do this with openssl: First you need to prepare your key: $ openssl pkcs12 -in certificate.pfx -passin pass:xxxxxxxxxx -out pem -clcerts -nokeys $ openssl pkcs12 -in certificate.pfx -passin pass:xxxxxxxxxx -passout pass:xxxxxx -out key After which you can sign any file using the following syntax: $ openssl smime -sign -in inputfile -signer pem -inkey key

问题 I am suppose to develop a SMIME based application in JAVA. These are certain areas where I need more clarification about SMIME en/de-crypttion. I understood how message encryption and decryption in case of a single recipient. If There is only a single recipient A random generated session key used to encrypt message content. Then this random session key will be encrypted using receiver's public key then send SMIME message. The encrypted message will be decrypted using receiver's private key