Can't decrypt signed message stored in encrypted S/MIME message Fri, 10 Apr 2026 00:42:20 +0000 https://bugs.horde.org/ticket/13661 Can't decrypt signed message stored in encrypted S/MIME message I have a message which is properly encoded and which can be I have a message which is properly encoded and which can be decrypted via openssl cms, but wich Horde does not understand. Horde can decrypt the first part: smime.p7m (6 KB) The data in this part has been encrypted via S/MIME. But does not understand the decrypted message: X-pkcs7-mime (4 KB) The data in this part has been encrypted via S/MIME. Could not decrypt S/MIME data. The 2nd part looks like this Content-Type: application/x-pkcs7-mime Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDTALBglghkgBZQMEAgEwgAYJKoZIhvcNAQcB oIAkgASCA4NDb250ZW50LVR5cGU6IG11bHRpcGFydC9hbHRlcm5hdGl2ZTsgYm91 ... DI2fdyAMfp2GSTTIVdpgOeDt6J+32QG0ppzfeOv8EGCvd7r7BO6gqy3XS54m7XNV SGllRWATSg7MKOkAAAAAAAA= I'm attaching that part for testing Mon, 03 Nov 2014 01:40:29 +0000 https://bugs.horde.org/ticket/13661#t86289 Missing attachment Missing attachment Mon, 03 Nov 2014 01:52:58 +0000 https://bugs.horde.org/ticket/13661#t86290 Some additional information. The 2nd part can't be decryp Some additional information. The 2nd part can't be decrypted, because it's a signed message, but Horde treats it as another encrypted message Trying to decrypt it will throw an error 34374513640:error:21072071:PKCS7 routines:PKCS7_decrypt:wrong content type:pk7_smime.c:546: The Smime lib should test the 2nd part using `-cmsout` before using it. cmsout will contain something like this Content-Type: application/pkcs7-mime; smime-type=signed-data; name="smime.p7m" Mon, 03 Nov 2014 03:03:02 +0000 https://bugs.horde.org/ticket/13661#t86292 > I have a message which is properly encoded "properly en > I have a message which is properly encoded "properly encoded" is very questionable. First, it's using the long deprecated MIME type. Second, it does not contain the smime-data parameter. From RFC 5751 [3.2]: Because there are several types of application/pkcs7-mime objects, a sending agent SHOULD do as much as possible to help a receiving agent know about the contents of the object without forcing the receiving agent to decode the ASN.1 for the object. The Content-Type header field of all application/pkcs7-mime objects SHOULD include the optional "smime-type" parameter, as described in the following sections. In other words... that is some garbage input. Tue, 04 Nov 2014 10:47:52 +0000 https://bugs.horde.org/ticket/13661#t86311 >> I have a message which is properly encoded > > "properl >> I have a message which is properly encoded > > "properly encoded" is very questionable. > > First, it's using the long deprecated MIME type. > > Second, it does not contain the smime-data parameter. From RFC 5751 [3.2]: > > Because there are several types of application/pkcs7-mime objects, a > sending agent SHOULD do as much as possible to help a receiving agent > know about the contents of the object without forcing the receiving > agent to decode the ASN.1 for the object. The Content-Type header > field of all application/pkcs7-mime objects SHOULD include the > optional "smime-type" parameter, as described in the following > sections. > > In other words... that is some garbage input. Although I agree with you and it would be nice if all clients were model citizens and followed the latest version of the specs to the letter, the media-type is deprecated, but not illegal afaik, it's like using SHA1 instead of sha-1 for the micalg parameter. RFC 5751 [3.2] is saying SHOULD not MUST Also, RFC 5751 [5.1] contains this Type name: application Subtype Name: pkcs7-mime Required Parameters: NONE Optional Parameters: smime-type/signed-data smime-type/enveloped-data smime-type/compressed-data smime-type/certs-only name I don't know if this encoding only comes from one family of clients of which very few use Horde or if it's a larger problem. Tue, 04 Nov 2014 12:25:55 +0000 https://bugs.horde.org/ticket/13661#t86313 Changes have been made in Git (FRAMEWORK_5_2): commit 3d07c Changes have been made in Git (FRAMEWORK_5_2): commit 3d07c17bd47c33368c939525a13f7a1dacc20b5a Author: Michael M Slusarz <slusarz@horde.org> Date: Tue Dec 30 10:27:50 2014 -0700 [mms] Fix parsing broken S/MIME messages that don't include the smime-type content-type parameter (Request #13661). imp/docs/CHANGES | 2 + imp/lib/Mime/Viewer/Smime.php | 51 +++++++++++++++++++++++++++++++++++----- imp/package.xml | 6 +++++ 3 files changed, 52 insertions(+), 7 deletions(-) http://github.com/horde/horde/commit/3d07c17bd47c33368c939525a13f7a1dacc20b5a Tue, 30 Dec 2014 17:28:11 +0000 https://bugs.horde.org/ticket/13661#t86952 Changes have been made in Git (master): commit 584b744c9d75 Changes have been made in Git (master): commit 584b744c9d759089d37c8a13e1b9bc8f831e3f77 Author: Michael M Slusarz <slusarz@horde.org> Date: Tue Dec 30 10:27:50 2014 -0700 [mms] Fix parsing broken S/MIME messages that don't include the smime-type content-type parameter (Request #13661). Conflicts: imp/docs/CHANGES imp/package.xml imp/docs/CHANGES | 2 + imp/lib/Mime/Viewer/Smime.php | 51 +++++++++++++++++++++++++++++++++++----- imp/package.xml | 5 ++++ 3 files changed, 51 insertions(+), 7 deletions(-) http://github.com/horde/horde/commit/584b744c9d759089d37c8a13e1b9bc8f831e3f77 Tue, 30 Dec 2014 17:29:13 +0000 https://bugs.horde.org/ticket/13661#t86953 IMP 6.2.5. IMP 6.2.5. Tue, 30 Dec 2014 17:29:21 +0000 https://bugs.horde.org/ticket/13661#t86954 > Changes have been made in Git (master): Thanks. I'll ta > Changes have been made in Git (master): Thanks. I'll take a look asap. Tue, 06 Jan 2015 19:52:49 +0000 https://bugs.horde.org/ticket/13661#t87024