无法使用OpenSSL解密AES加密的SMIME消息 [英] Failure to decrypt an AES encrypted SMIME Message with OpenSSL

问题描述

我有两个针对单个收件人的邮件(已加密SMIME).一封邮件使用3DES加密，另一封邮件使用AES 256加密.

I have a two mails (SMIME encrypted) for a single recipient. One mail is encrypted using 3DES, the other one is encrypted using AES 256.

使用C#创建的邮件 EnvelopedCms 类.

The mails where created using C# EnvelopedCms class.

我可以使用成功地解密3DES消息

I can successfully decrypt the 3DES message using

openssl smime -decrypt -in trippledes.eml -inkey keyfile.pem

但是，如果我尝试使用AES加密文件，OpenSSL将输出一些乱码和失败，并带有以下注释:

However, if I try this with the AES encrypted file, OpenSSL outputs some gibberish and Fails with this comment:

Error decrypting PKCS#7 structure 4128:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\crypto\evp\evp_enc.c:539:

雷鸟也无法打开邮件.但是Outlook 2010可以毫无问题地打开邮件.

Thunderbird cannot open the mail either. But Outlook 2010 has no problem opening the message.

解决此问题的最佳方法是什么?我可以打开任何日志记录吗?

What is the best way to troubleshoot the issue? Is there any logging I can turn on?

我已经使用 http://lapo上的ASN.1解码器检查了两封邮件的ASN.1结构. .it/asn1js/.这两条消息对我来说都不错，所以我猜想罪魁祸首在于加密的内容本身.

I've already examined the ASN.1 structure of both mails using the ASN.1 Decoder on http://lapo.it/asn1js/. Both messages look OK to me, so I guess the culprit lies in the encrypted Content itself.

推荐答案

我知道这已经晚了几年，但这可能对其他人有帮助...

I know this is years late, but it might be helpful to others...

几年来，我非常成功，愉快地使用EnvelopedCms，并与许多其他实现交换了消息.今年有人决定要求使用AES时，我发现至少有一个基于Java的系统无法处理我的消息. (他们的错误是无法创建PKCS#7 MIME内容")

I was using the EnvelopedCms very successfully and happily for a few years, exchanging messages with many other implementations. When someone this year decided to require the use of AES, I discovered that at least one Java-based system was failing to work with my messages. (Their error was "Unable to create PKCS #7 MIME content")

我使用ASN信息实用程序来分解发送的内容，发现当内容加密设置为AES时，EnvelopedCms正在将KeyEncryptionAlgorithm强制为RSA-OAEP. (如果内容用其他任何方式加密，则KeyEncryptionAlgorithm只是普通的RSA.)

I used an ASN info utility to break down what I was sending, and discovered that EnvelopedCms was forcing the KeyEncryptionAlgorithm to RSA-OAEP when the content encryption was set to AES. (If the content was encrypted with anything else, the KeyEncryptionAlgorithm was just plain RSA.)

我找不到说明此行为的文档或RFC，并且似乎没有任何方法可以对其进行更改.

I could find no documentation or RFCs explaining this behavior, and there does not appear to be any way to change it.

我对这个问题的解决方案是使用BouncyCastle CmsEnvelopedDataGenerator类.到目前为止，它似乎至少与EnvelopedCms一样有效，并且避免了RSA-OAEP密钥加密问题.几乎是一个替代产品(使用的证书类别除外).

My solution to the problem was to use the BouncyCastle CmsEnvelopedDataGenerator class. So far, it appears to work at least as well as EnvelopedCms, and avoids the RSA-OAEP key encryption issue. Almost a drop-in replacement (other than the certificate class used.)

虽然我找不到任何文件专门说明接收人的Java库无法使用RSA-OAEP算法，但是一旦我消除了它，它们的错误就消失了，消息已成功发送.

While I could not find any documentation that specifically said that my recipient's Java libraries could not use the RSA-OAEP algorithm, once I eliminated it, their error was gone, and messages were successfully sent.

使用BouncyCastle的示例代码:

Example code using BouncyCastle:

private byte[] CmsEncrypt(byte[] message, string contentEncryptionOid, Org.BouncyCastle.X509.X509Certificate recipCertificate)
{
    var cmsGenerator = new CmsEnvelopedDataGenerator();
    var cmsData = new CmsProcessableByteArray(message);

    cmsGenerator.AddKeyTransRecipient(recipCertificate);

    var cmsEnvelope = cmsGenerator.Generate(cmsData, contentEncryptionOid);

    return cmsEnvelope.GetEncoded();
}

这篇关于无法使用OpenSSL解密AES加密的SMIME消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！