?
Solved

verifying sign using S/MIME signed-data

Posted on 2005-03-10
7
Medium Priority
?
539 Views
Last Modified: 2013-12-18
Hi,all! I need help anybody familiar with S/MIME format. In my current project I must verify e-mail message sign.My signed message  look like:

..............................whole message title........................


------------3B1811451B00BA09
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit

test

................................followed smime.p7s attachment section.........

Sign is verified by MS CryptoAPI function CryptVerifyDetachedMessageSignature.
My question is what is message part signed, any words, what signed message boundaries, is signed message "test",
"

test

", or
"
------------3B1811451B00BA09
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit

test

" ? Any help appreciate.
0
Comment
Question by:Yurij_Jilov
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 31

Expert Comment

by:qwaletee
ID: 13509250
This is using LotusScript?

You would probably want to extra the full message content as a single on-disk file, and run the MS API against it.  You will need to use the DEFINE statement in LotusScript (Definitions) section to create a header for calling the MS functions, and you will have to fiddle with getting the parameters to match variables that you can pass and retrieve properly.

The way to extract the MIME is to use either Notes API calls in a similar way to calling the MS API.  Or, you can use the Notes LotusScript API to extract MIME sections as text variables, and write them to disk.  How you do that will depend on whether your code runs in R6 or R5.
0
 

Author Comment

by:Yurij_Jilov
ID: 13516045
OK! My problem is not to extract MIME content from document ( i am using NSF_HOOKS to intercept  notes client actions to open/update document). I need know what message part was signed by sending mail agent to verify sign. I have whole MIME content and attached smime.p7s file (sign+certificate), on Windows i can use CryptoAPI to verify sign, in particular CryptVerifyDetachedMessageSignature to carry out this service. To use one i need know signed block of MIME. On sending message contained "test" word, but attempting to verify "test" only get result "Invalid signature", apparently signed block contains more info than just "test". I am not assured my question for this forum, just S/MIME word more meets on this forum :-)))))
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 13584520
That's a tough one.  I don't know how a Domino-stored S/MIME message woudl look different than i any other system.  I guess you could send the signed message to an INternet account and a Notes account, and see if there is any difference between your extracted MIEM and the Internet mailbox message source.  If there is no difference, tnen you are oding something wrong.  If there is a difference, and you can see how to reconcile that diofference, you will have solved your problem.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Yurij_Jilov
ID: 13589730
Problem was solved.In my case was signed this block:
//-----------------------------------
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit

test
//------------------------------------------

if must to sign multyple/mixed type block then signed block look like:
//---------------------------------------
Content-Type: multyple/mixed;boundary = "xyz"
...........block content...........................
----xyz--
//---------------------------------------

How I can close question?
0
 

Expert Comment

by:pavankvnaidu
ID: 13760604
I am having problems in verifying the signed mail, I am not what parameter need to send to the method 'CryptVerifyDetachedMessageSignature' can you please explain?
I have one more doubt, if there is an attachment which content we need to send?

do we need to send both message and attachment content as the parameter?
do we need to encode it?

From the mime content, I have smime.p7s file, and I am sending just message with out mime content and I am getting the error 'Hash value not correct'

please explain it.

Thank you.
0
 
LVL 18

Expert Comment

by:marilyng
ID: 16161427
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    PAQ with points refunded

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

marilyng
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 16185298
PAQed with points (100) refunded

DarthMod
Community Support Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
This article covers general Notes 8.5 troubleshooting information including recreating the Notes\Data folder.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question