6.0.0-beta1
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
8/1/25
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#12970] Don't override sticky OPTIONS values with default values.
*
Your Email Address
*
Spam protection
Enter the letters below:
. .. ..__ .__ | || |[__)[ __ |___\__||/\|| [_./
Comment
> I've processed 3 messages using OpenSSL. One sent from Thunderbird, > one from the BB client and one from the iOS client using `openssl > cms`. > > Message from TB can be decrypted properly > Message from iOS can't be decrypted because iOS got confused and used > the wrong certificate to encrypt the message. Not sure what happened, > but I can't test further as the client just crashes as soon as it > receives certificates from Horde. > > Message from BB client can't be decrypted as is > Error reading S/MIME message > 34374513640:error:0D07207B:asn1 encoding > routines:ASN1_get_object:header too long:asn1_lib.c:153: > 34374513640:error:0D0D106E:asn1 encoding > routines:B64_READ_ASN1:decode error:asn_mime.c:193: > 34374513640:error:0D0D40CB:asn1 encoding > routines:SMIME_read_ASN1:asn1 parse error:asn_mime.c:528: > > After analysis, I found that the pkcs7 data is sent in one long line > and that throws off the OpenSSL parser. > If I format the data using a max-length of 72 characters, then > OpenSSL can decrypt the data. > > What's inside is another binary message which starts with > Content-Type: application/x-pkcs7-mime > Content-Transfer-Encoding: base64 > > but this time it's a signed message with a SignedData structure and > lines with fixed width. > > So, my guess is that Horde sends the msg to OpenSSL which can't > handle it as is. That's one half of the problem. > > The other half is figuring out if Horde is doing something which > prevents the BB client from understanding the message it gets or if > the client only understands messages where the data is on one line. > > I couldn't find a spec regarding the maximum amount of characters per > line allowed in pkcs7 data, so I'm guessing that what they're doing > is legal and one reason most clients can read it. > > > > >
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers