Re: [FWD] outlook sign VS crypto/pkcs7/verify.c ??

Sat, 17 Jul 1999 03:42:08 -0700 

OpenSSL wrote:
> 
> 
> 
>         hello..
>                 i try to use openssl crypto/pkcs7/verify.c to verify whether the
>         signature produced by ms outlook express5 can work with verify.c.
>         Unfortunately, i don't know where the plain text begin and where it end.
>         Can anyone show me the exactly position of the plain text which ms outlook
>         produced the signature.???
> 
>         I attached a sample message delivered by MS Outlook express 5.
>         Thanks .
> 

What you need is the first part of the multipart/signed MIME message in
its entirety, that is including all headers and data *exactly* as it
appears in the message. In your example it would be:

-----------start-------
Content-Type: multipart/alternative;
        boundary="----=_NextPart_001_0006_01BECFA0.2653B690"


------=_NextPart_001_0006_01BECFA0.2653B690
Content-Type: text/plain;
        charset="big5"
Content-Transfer-Encoding: quoted-printable

sign...

------=_NextPart_001_0006_01BECFA0.2653B690
Content-Type: text/html;
        charset="big5"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Dbig5" http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2014.210" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2>sign...</FONT></DIV></BODY></HTML>

------=_NextPart_001_0006_01BECFA0.2653B690--
----------end--------------

However you must also follow the MIME rules: if you have

--Boundary
Hello World
--Boundary--

then the correct output is "Hello World" NOT "Hello World\n".

After you've got this text you need to convert it to "canonical" form.
This is basically DOS EOL format (CR+LF).

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to