Search Results

Search found 13 results on 1 pages for 'smime'.

Page 1/1 | 1 

  • How to OpenSSL decrypt smime.p7m

    - by tntu
    I have received an email that has no content, just a file called smime.p7m attached. I was looking into the OpenSSL and it's smime module but I cannot figure out exactly how. I must be doing something wrong. I extracted the certificate chain form the p7m file. # openssl pkcs7 -inform DER -in smime.p7m -out pkcs7.pem # openssl pkcs7 -in pkcs7.pem -print_certs -out certs.pem Then I tried to decrypt: # openssl smime -decrypt -in smime.p7m -signer certs.pem -out smime.eml No recipient certificate or key specified And also with my server's SSL cert: # openssl smime -decrypt -in smime.p7m -recip server.nopass.key.crt.ca.pem -out smime.eml Error reading S/MIME message 140078540371784:error:0D0D40D1:asn1 encoding routines:SMIME_read_ASN1:no content type:asn_mime.c:447: Can anyone shed some light on what steps I need to take to extract the email?

    Read the article

  • base64-Encoding breaks smime-encrypted emaildata

    - by Streuner
    I'm using Mime::Lite to create and send E-Mails. Now I need to add support for S/Mime-encryption and finally could encrypt my E-Mail (the only Perllib I could install seems broken, so I'm using a systemcall and openssl smime), but when I try to create a mime-object with it, the E-Mail will be broken as soon as I set the Content-Transfer-Encoding to base64. To make it even more curious, it happens only if I set it via $myMessage->attr. If I'm using the constructor -new everything is fine, besides a little warning which I suppress by using MIME::Lite->quiet(1); Is it a bug or my fault? Here are the two ways how I create the mime-object. Setting the Content-Transfer-Encoding via construtor and suppress the warning: MIME::Lite->quiet(1); my $msgEncr = MIME::Lite->new(From =>'[email protected]', To => '[email protected]', Subject => 'SMIME Test', Data => $myEncryptedMessage, 'Content-Transfer-Encoding' => 'base64'); $msgEncr->attr('Content-Disposition' => 'attachment'); $msgEncr->attr('Content-Disposition.filename' => 'smime.p7m'); $msgEncr->attr('Content-Type' => 'application/x-pkcs7-mime'); $msgEncr->attr('Content-Type.smime-type' => 'enveloped-data'); $msgEncr->attr('Content-Type.name' => 'smime.p7m'); $msgEncr->send; MIME::Lite->quiet(0); Setting the Content-Transfer-Encoding via $myMessage->attr which breaks the encrypted Data, but won't cause a warning: my $msgEncr = MIME::Lite->new(From => '[email protected]', To => '[email protected]', Subject => 'SMIME Test', Data => $myEncryptedMessage); $msgEncr->attr('Content-Disposition' => 'attachment'); $msgEncr->attr('Content-Disposition.filename' => 'smime.p7m'); $msgEncr->attr('Content-Type' => 'application/x-pkcs7-mime'); $msgEncr->attr('Content-Type.smime-type' => 'enveloped-data'); $msgEncr->attr('Content-Type.name' => 'smime.p7m'); $msgEncr->attr('Content-Transfer-Encoding' => 'base64'); $msgEncr->send; I just don't get why my message is broken when I'm using the attribute-setter. Thanks in advance for your help! Besides that i'm unable to attach any file to this E-Mail without breaking the encrypted message again.

    Read the article

  • mutt, smime, decrypt with one of two different keys

    - by munin
    This is an odd one. We want to have an encrypted e-mail list. There are a few ways to do this, but in the interim what we've done is created a public/private keypair via openssl for our e-mail list ([email protected]) and then distributed the public/private keypair amongst the list participants (ugh). When someone posts to the list, they encrypt using the lists public key, and everyone has the private key (ugh) so it 'works'. MUAs like Outlook and Thunderbird work with this setup. Mutt has a problem though - it seems to only decrypt a SMIME message with a private key that is specified by your e-mail. So when someone sends an e-mail to the list e-mail, my MUA won't decrypt it. How can I tell Mutt about this second private key?

    Read the article

  • s/mime v3 with M2Crypto

    - by Arye
    Dear list, I would like to send a mail with a s/mime v3 attachment through SMTP. The excellent HOWTO below describes the procedure in detail for s/mime v2. http://sandbox.rulemaker.net/ngps/m2/howto.smime.html I would greatly appreciate any help in doing the same for s/mime v3. Arye.

    Read the article

  • Get signature from a file

    - by Eugen
    I have a php code that gets a signature for a file using such a code shell_exec("openssl smime -binary -sign". " -certfile '".$keyPath."/WWDR.pem'". " -signer '".$keyPath."/passcertificate.pem'". " -inkey '".$keyPath."/passkey.pem'". " -in '".$this->workFolder."/manifest.json'". " -out '".$this->workFolder."/signature'". " -outform DER -passin pass:'$pass'"); I need to have a pure managed C# code that would the same? Any idea how to do this? Thx

    Read the article

  • Secure messaging using Secure MIME is it reliable?

    - by aaronb
    We have an automatic reporting and notification system written in .net that sends emails with plain text. We are having to encrypt the messages that we send our clients. The possible implementation approaches we have: Send messages as S/Mime email with attachments. Plain text email with that just contains a link to a web site that will display the message over https. It seems like S/Mime is a simpler solution, as we won't need to create the web application or secure it. Our concern is our interoperability with our clients email clients and more importantly their email filtering software. Has anyone had success or issues deploying a Secure MIME messaging solution?

    Read the article

  • Secure messaging using Signed MIME is it reliable?

    - by aaronb
    We have an automatic reporting and notification system written in .net that sends emails with plain text. We are having to encrypt the messages that we send our clients. The possible implementation approaches we have: Send messages as S/Mime email with attachments. Plain text email with that just contains a link to a web site that will display the message over https. It seems like S/Mime is a simpler solution, as we won't need to create the web application or secure it. Our concern is our interoperability with our clients email clients and more importantly their email filtering software. Has anyone had success or issues deploying a Signed MIME messaging solution?

    Read the article

  • How to understand the BODYSTRUCTURE information returned by IMAP servers?

    - by Tony
    I'm using python's IMAPClient to retrieve email messages from IMAP server. One of the attributes I retrieve is BODYSTRUCTURE. However, I can't find any documentation on how to interpret the return values. Here's the body structure that IMAP server returns 16:12.679978 < FLAGS (NotJunk $NotJunk \Seen) BODYSTRUCTURE ((("TEXT" "PLAIN" ("CHARSET" "us-ascii") NIL NIL "QUOTED-PRINTABLE" 4888 170 NIL NIL NIL)("TEXT" "HTML" ("CHARSET" "us-ascii") NIL NIL "QUOTED-PRINTABLE" 32407 479 NIL NIL NIL) "ALTERNATIVE" ("BOUNDARY" "Apple-Mail=_3AAA7CD7-3B07-406A-83CB-2C7762C3306E") NIL NIL)("APPLICATION" "PKCS7-SIGNATURE" ("NAME" "smime.p7s") NIL NIL "BASE64" 2414 NIL ("ATTACHMENT" ("FILENAME" "smime.p7s")) NIL) "SIGNED" ("BOUNDARY" "Apple-Mail=_DF4FE6BB-F796-46D7-A593-9723F4315DD2" "MICALG" "sha1" "PROTOCOL" "application/pkcs7-signature") NIL NIL)) Here's the same body structure parsed to python type. "BODYSTRUCTURE": [ [ [ [ "TEXT", "PLAIN", [ "CHARSET", "us-ascii" ], null, null, "QUOTED-PRINTABLE", 4888, 170, null, null, null ], [ "TEXT", "HTML", [ "CHARSET", "us-ascii" ], null, null, "QUOTED-PRINTABLE", 32407, 479, null, null, null ], "ALTERNATIVE", [ "BOUNDARY", "Apple-Mail=_3AAA7CD7-3B07-406A-83CB-2C7762C3306E" ], null, null ], [ "APPLICATION", "PKCS7-SIGNATURE", [ "NAME", "smime.p7s" ], null, null, "BASE64", 2414, null, [ "ATTACHMENT", [ "FILENAME", "smime.p7s" ] ], null ] ], "SIGNED", [ "BOUNDARY", "Apple-Mail=_DF4FE6BB-F796-46D7-A593-9723F4315DD2", "MICALG", "sha1", "PROTOCOL", "application/pkcs7-signature" ], null, null ], The arrays don't seems to be constant length. What each element of the array stand for?

    Read the article

  • New-ManagedContentSettings - not working properly under Exchange 2010

    - by mfinni
    I have a client that is divesting a business unit into a new AD forest, Exchange org, etc. We're using Quest tools to migrate users and mailboxes. However, I have to build the new infrastructure to match the old one. In the old one, we're using Managed Folder Mailbox Policies to limit (or allow) retention. They started with Exchange 2007 and never upgraded to Retention Policies; oh well. So, in the old environment, when you use a 2007 server to define a new Managed Content Setting, you can pick "Email" from the dropdown for MessageClass. This is a display name; the actual MessageClass values are thus: MessageClass : IPM.Note;IPM.Note.AS/400 Move Notification Form v1.0;IPM.Note.Delayed;IPM.Note.Exchange.ActiveSync.Report;IPM.Note.JournalReport.Msg;IPM.Note.JournalReport.Tnef;IPM.Note.Microsoft.Missed.Voice;IPM.Note.Rules.OofTemplate.Microsoft;IPM.Note.Rules.ReplyTemplate.Microsoft;IPM.Note.Secure.Sign;IPM.Note.SMIME;IPM.Note.SMIME.MultipartSigned;IPM.Note.StorageQuotaWarning;IPM.Note.StorageQuotaWarning.Warning;IPM.Notification.Meeting.Forward;IPM.Outlook.Recall;IPM.Recall.Report.Success;IPM.Schedule.Meeting.*;REPORT.IPM.Note.NDR If I take that and try to mangle it into a new cmdlet for Ex2010 in my new environment here's what I get New-ManagedContentSettings -Name "Delete Messages older then 90 days" -FolderName "Entire Mailbox" -RetentionEnabled $True -AgeLimitForRetention 90 -TriggerForRetention WhenDelivered -RetentionAction DeleteAndAllowRecovery -MessageClass "IPM.Note","IPM.Note.AS/400MoveNotificationFormv1.0","IPM.Note.Delayed","IPM.Note.Exchange.ActiveSync.Report","IPM.Note.JournalReport.Msg","IPM.Note.JournalReport.Tnef","IPM.Note.Microsoft.Missed.Voice","IPM.Note.Rules.OofTemplate.Microsoft","IPM.Note.Rules.ReplyTemplate.Microsoft","IPM.Note.Secure.Sign","IPM.Note.SMIME","IPM.Note.SMIME.MultipartSigned","IPM.Note.StorageQuotaWarning","IPM.Note.StorageQuotaWarning.Warning","IPM.Notification.Meeting.Forward","IPM.Outlook.Recall","IPM.Recall.Report.Success","IPM.Schedule.Meeting.*","REPORT.IPM.Note.NDR" -whatif Invoke-Command : Cannot bind parameter 'MessageClass' to the target. Exception setting "MessageClass": "The length of t he property is too long. The maximum length is 255 and the length of the value provided is 518." At C:\Users\MFinnigan.sa\AppData\Roaming\Microsoft\Exchange\RemotePowerShell\pfexcas02.fve.ad.5ssl.com\pfexcas02.fve.ad .5ssl.com.psm1:28204 char:29 + $scriptCmd = { & <<<< $script:InvokeCommand ` + CategoryInfo : WriteError: (:) [New-ManagedContentSettings], ParameterBindingException + FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Exchange.Management.SystemConfigurationTasks.NewManaged ContentSettings So, the config object can store all that mess, but I can't fit it in through the cmdlet to create the object. Lovely. Any ideas?

    Read the article

  • openSSL tutorial not fully working - Can sign but cannot restore original file

    - by djechelon
    I'm writing, and testing, a little tutorial for my groupmates involved in an openSSL homework. We have a bunch of PDF files, I'm the CA and each one should send me a signed PDF for me to be verified. I've told them to do the following (and tried to do it by myself) Request and obtain a certificate (I'll skip this part) Create a MIME message with the PDF file in it makemime -c "text/pdf" -a "Content-Disposition: attachment; filename=”Elaborato.pdf" Elaborato.pdf > Elaborato.pdf.msg Sign with openSSL openssl smime -sign -in Elaborato.pdf.msg -out Elaborato.pdf.p7m -certfile ca.pem -certfile nomegruppo.crt -inkey nomegruppo.key -signer nomegruppo.crt Verify with openssl smime -verify -in Elaborato.pdf.p7m -out Elaborato-verified.msg -CAfile ca.pem -signer nomegruppo.crt Extract attachment with munpack Elaborato-verified.msg View with Acrobat Reader The problem is that even if I get a file that (from its binary content) resembles a PDF file my current Ubuntu PDF viewer doesn't read it. The XXXElaborato.pdf extracted by munpack is a little bit smaller than the original. What's the problem with this procedure? In theory, they should send me the signed S/MIME message and I should be able to read the PDF within it. Why can't I restore the original content of the PDF file?

    Read the article

  • SSL Certifcate Request s2003 DC CA DNS Name not Avaiable.

    - by Beuy
    I am trying to submit a request for an SSL certificate on a Domain Controller in order to enable LDAP SSL, and having no end of problems. I am following the information provided at http://support.microsoft.com/default.aspx?scid=kb;en-us;321051 & http://adldap.sourceforge.net/wiki/doku.php?id=ldap_over_ssl Steps taken so far: Create Servername.inf with the following information ;----------------- request.inf ----------------- [Version] Signature="$Windows NT$ [NewRequest] Subject = "CN=servername.domain.loc" ; replace with the FQDN of the DC KeySpec = 1 KeyLength = 1024 ; Can be 1024, 2048, 4096, 8192, or 16384. ; Larger key sizes are more secure, but have ; a greater impact on performance. Exportable = TRUE MachineKeySet = TRUE SMIME = False PrivateKeyArchive = FALSE UserProtected = FALSE UseExistingKeySet = FALSE ProviderName = "Microsoft RSA SChannel Cryptographic Provider" ProviderType = 12 RequestType = PKCS10 KeyUsage = 0xa0 [EnhancedKeyUsageExtension] OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication ;----------------------------------------------- Create Certificate request by running: certreq -new Servername.inf Servername.req Attempt to submit Certificate request to CA by running: certreq -submit -attrib "CertificateTemplate: DomainController" request.req At which point I get the following error: The DNS name is unavailable and cannot be added to the Subject Alternate Name. 0x8009480f (-2146875377) Trouble shooting steps I have taken so far 1. Modify the Domain Controller Template to supply Subject Name in Request restart Certificate Service, include SAN in Request, same error. 2. Re-installed Certificate Services / IIS / Restarted machine countless times Any help resolving the issue would be greatly appreciated.

    Read the article

1