使用PGP / MIME签署多部分邮件 [英] Sign a multipart mail using PGP/MIME

问题描述

我正在尝试使用PHP中的PGP签名邮件。我可以使边界和标题正常工作，但是邮件签名无效（如Thunderbirds Enigmail所述）。

I'm trying to sign a mail using PGP in php. I could bring the boundaries and headers to work correctly but the mail signature isn't valid (as Thunderbirds Enigmail states).

我的问题是什么部分是签名和在执行此操作时要注意什么。

My question here is what part is to sign and what is to take attention to while doing it.

生成的邮件的来源看起来像这样（文本和签名由占位符替换，以便于阅读）：

At the moment the source of the generated mail looks like this (Text and signature replaced by placeholders to keep it easy to read):

Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_1b5364229a82b654fad7cf2aa969f02e"
MIME-Version: 1.0

This is a message in Mime Format.  If you see this, your mail reader does not support this format.

--=_1b5364229a82b654fad7cf2aa969f02e
Content-Type: multipart/alternative;
  boundary="=_53ba9ef8c471e6c8d72f215feaad8033"
Content-Transfer-Encoding: 7bit


--=_53ba9ef8c471e6c8d72f215feaad8033
&Content-Type: text/plain; charset=UTF-8
&Content-Transfer-Encoding: quoted-printable
&
&PLAIN TEXT CONTENT ENCODED IN QUOTED PRINTABLE
& 
&--=_53ba9ef8c471e6c8d72f215feaad8033
&Content-Type: text/html; charset=UTF-8
&Content-Transfer-Encoding: quoted-printable
& 
&HTML CONTENT ENCODED IN QUOTED PRINTABLE

--=_53ba9ef8c471e6c8d72f215feaad8033--

--=_1b5364229a82b654fad7cf2aa969f02e
Content-Type: application/pgp-signature; name="signature.asc"
Content-Disposition: attachment; filename="signature.asc"
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

PGP SIGNATURE HERE
-----END PGP SIGNATURE-----

--=_1b5364229a82b654fad7cf2aa969f02e--

目前，以&用于生成签名。换行符只是新行（PHP_EOL）。

Currently the lines starting with a & are used to generate the signature. Line breaks are just new lines (PHP_EOL).

我尝试遵循RFC2015，但这似乎不适用于多部分/备用conent。

I tried following RFC2015 but this seems not to apply for multipart/alternative conent.

请帮助我，这样我就可以完成了。

Please help me out here so I can get this finished.

推荐答案

我发现自己...

首先，我需要将所有换行符转换为CRLF，如RFC状态。然后我需要考虑整个multipart / alternative包含它的标题作为消息签署。所以应该是：

First of all I needed to convert all line breaks to CRLF like the RFCs state. Then I needed to think of the whole multipart/alternative inclusive its headers as the message to sign. So it should have been:

Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_1b5364229a82b654fad7cf2aa969f02e"
MIME-Version: 1.0

This is a message in Mime Format.  If you see this, your mail reader does not support this format.

--=_1b5364229a82b654fad7cf2aa969f02e
&Content-Type: multipart/alternative;
&  boundary="=_53ba9ef8c471e6c8d72f215feaad8033"
&Content-Transfer-Encoding: 7bit
&
&
&--=_53ba9ef8c471e6c8d72f215feaad8033
&Content-Type: text/plain; charset=UTF-8
&Content-Transfer-Encoding: quoted-printable
&
&PLAIN TEXT CONTENT ENCODED IN QUOTED PRINTABLE
& 
&--=_53ba9ef8c471e6c8d72f215feaad8033
&Content-Type: text/html; charset=UTF-8
&Content-Transfer-Encoding: quoted-printable
& 
&HTML CONTENT ENCODED IN QUOTED PRINTABLE
& 
&--=_53ba9ef8c471e6c8d72f215feaad8033--

--=_1b5364229a82b654fad7cf2aa969f02e
Content-Type: application/pgp-signature; name="signature.asc"
Content-Disposition: attachment; filename="signature.asc"
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

PGP SIGNATURE HERE
-----END PGP SIGNATURE-----

--=_1b5364229a82b654fad7cf2aa969f02e--

是要签署的。

这篇关于使用PGP / MIME签署多部分邮件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！