login about faq
0
1

I try to parse smime send from outlook (opaque signature p7m with certificate inside) but I cannot get the signer certificate

This is the sample code

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
if (![crypt UnlockComponent: @"Anything for 30-day trial"]) {
    return;
}
crypt.CryptAlgorithm = @"pki";
CkoCert *cert = cert =[[CkoCert alloc] init];
[cert LoadFromBinary:cert];
[crypt SetVerifyCert:cert];

NSData *data = [crypt OpaqueVerifyBytes:p7m];
if (!data) {
    return;
}

NSLog(@"LastErrorText =\n%@", crypt.LastErrorText);
CkoCert *cert__ =[crypt GetSignerCert:[NSNumber numberWithInt:0]];
NSLog(@"--%@--", [cert__ ExportCertPem]);

Everything work and this is the log text

LastErrorText =
ChilkatLog:
  OpaqueVerifyBytes:
    DllDate: Oct  2 2014
    ChilkatVersion: 9.5.0.44
    UnlockPrefix: Anything for 30-day trial
    Architecture: Little Endian; 64-bit
    Language: IOS Objective-C
    VerboseLogging: 0
    verifyOpaqueSignature:
      loadPkcs7Der:
        loadPkcs7Xml:
          loadSignedDataXml:
            NumDigestAlgorithmIdentifiers: 1
            AlgorithmIdentifier:
              oid: 2.16.840.1.101.3.4.2.1
            --AlgorithmIdentifier
            This is an opaque signature.
            Recovered original content.
            OriginalContentLen: 742
            numSigners: 1
            SignerInfo:
              signerInfoLoadXml:
                contentType: 1.2.840.113549.1.7.1
                messageDigestHex: 8D65 A460 0900 54A6 8CB7 3ABD F1C0 223F
2EEB 2FF6 BE9C 16BD 68D3 C57F F83E 0B8D
                signingTime: 141119084046Z
              --signerInfoLoadXml
            --SignerInfo
          --loadSignedDataXml
        --loadPkcs7Xml
        extractCertsFromSignedData:
          numCerts: 1
        --extractCertsFromSignedData
      --loadPkcs7Der
      verifyOpaqueSignature:
        verifySignature:
          numSigners: 1
          numDigestAlgorithms: 1
          Computing SHA256 message digest.
          numBytesDigested: 742
          numSigners: 1
          signerDigestAlgOid: 2.16.840.1.101.3.4.2.1
          messageDigestSize: 32
          Signer_0:
            issuerCN: USER B
            serialNum: 01
            digestOid: 2.16.840.1.101.3.4.2.1
            Digest of authenticated attributes DER matches.
          --Signer_0
          Signature verified but skipping verification of certificates.
        --verifySignature
      --verifyOpaqueSignature
    --verifyOpaqueSignature
    Success.
  --OpaqueVerifyBytes
--ChilkatLog

Log 2:
--(null)--

I don't know why I cannot get the signer cert while the software can parse it (show in LastErrorText => issuerCN: USER C serialNum: 01) This is trial version

Please help to get signercert after verify

asked Nov 27 '14 at 22:50

DUNGSI's gravatar image

DUNGSI
114

edited Nov 27 '14 at 23:48

This is wrong smime becasue it is only the content of smime. Please refer http://www.chilkatforum.com/questions/7161/parse-smime-message-problem

(Dec 10 '14 at 00:01) DUNGSI

The only way to help with this problem is for Chilkat to obtain a sample .p7m signed file so that it can be tested directly.

link

answered Dec 01 '14 at 09:24

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

There are all smime files that I create with MS Outlook 2010 https://drive.google.com/a/it-developers.com/file/d/0ByX_yiVYY4CLVjdwdUJfQkEwUE0/view?usp=sharing

(In Outlook, it look like we can get the public certificate if smime.p7m or smime.p7s is include certificate. And surely that we can see the message content event we don't have the public certificate if the smime is not include certificate)

(Dec 01 '14 at 22:30) DUNGSI
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×48
×1

Asked: Nov 27 '14 at 22:50

Seen: 1,162 times

Last updated: Dec 10 '14 at 00:01

powered by OSQA