OpenSSL将内容类型“Application / EDI”作为文本处理smime消息,并更改换行符 [英] OpenSSL treats smime message with Content-type 'Application/EDI' as text and changes line breaks
问题描述
我收到内容类型为Application / EDI的smime消息。它是非标准MIME类型,内容应该解释为二进制。但OpenSSL在验证签名期间将其视为文本,并将换行符从'\\\
'更改为'\r\\\
'(根据内容类型文本的规范需要)。所以摘要变成错误,验证失败。
I receive smime message with content-type 'Application/EDI'. It is non-standard mime type and content should be interpreted as binary. But OpenSSL during verifying signature treats it as text and changes line breaks from '\n' to '\r\n' (as needed by spec for content-type 'text'). So digest becomes wrong and verification fails.
有什么办法使openssl不会原始消息中的任何东西?参数'-binary'不适用于任何版本(我试过0.9.7,0.9.8,1.0.0)。
Is there any way to make openssl not chaging anything in original message? Argument '-binary' doesn't work on any version (I tried 0.9.7, 0.9.8, 1.0.0).
推荐答案
好的。回答我自己的问题。
我将输入数据分成两个单独的文件,内容和签名删除不必要的元数据。之后,我将mime类型的签名更改为application / pkcs7-mime,并使用此命令验证成功:
openssl.exe smime -verify -inform SMIME -CAfile caCert.pem -certfile cert.pem -in signature .txt -content content.txt
Ok. Answering to my own question. I splitted input data into two separate files with content and signature removing unnecessary metadata. After that I changed mime type of signature to 'application/pkcs7-mime' and verification became successful with this command: openssl.exe smime -verify -inform SMIME -CAfile caCert.pem -certfile cert.pem -in signature.txt -content content.txt
变化与PEM的变化也有效,但签名必须没有Content-xxx标题
Variant with changing -inform to PEM also works, but signature must be without Content-xxx headers
这篇关于OpenSSL将内容类型“Application / EDI”作为文本处理smime消息,并更改换行符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!