Hi all, Any thoughts on this? Unfortunately I still haven't figured this one out yet. I'm not sure if I'm misinterpreting the specification, misusing Bouncy Castle, some combination of the above, or something else entirely.
I'm not sure how common "application/pkcs7-mime; smime-type=certs-only" is and I haven't figured out how to get Thunderbird to send that type of message, so all I can go by is my understanding of what the specification is talking about, which to me, is unfortunately a little vague and confusing. Thanks, Jeff On Sat, Nov 2, 2013 at 10:47 PM, Jeff Stedfast <[email protected]> wrote: > Hey all, > > It's taken me longer than I had hoped to implement S/MIME in MimeKit using > Bouncy Castle, but I'm getting there... > > I'm presently stuck on importing and exporting certificates from a > "certs-only" message. > > rfc2633 says this about generating a certs-only application/pkcs7-mime > part: > > 3.6 Creating a Certificates-only Message >> >> The certificates only message or MIME entity is used to transport >> certificates, such as in response to a registration request. This >> format can also be used to convey CRLs. >> >> Step 1. The certificates are made available to the CMS generating >> process which creates a CMS object of type signedData. The signedData >> encapContentInfo eContent field MUST be absent and signerInfos field >> MUST be empty. >> >> Step 2. The CMS signedData object is enclosed in an >> application/pkcs7-mime MIME entity >> >> The smime-type parameter for a certs-only message is "certs-only". >> The file extension for this type of message is ".p7c". >> >> > As far as I understand it, I need to use a CmsSignedDataGenerator like > this: > > var cms = new CmsSignedDataGenerator (); > cms.AddCertificates (certificates); > > var signedData = cms.Generate (new CmsProcessableByteArray (new byte[0])); > var rawData = signedData.GetEncoded (); > > I can then stuff that raw data into an application/pkcs7-mime; > smime-type=certs-only mime part. > > Assuming that is correct, I've got the following code to parse that raw > data: > > var parser = new CmsSignedDataParser (rawData); > var certs = parser.GetCertificates ("Collection"); > var store = parser.GetSignerInfos (); > > foreach (SignerInformation signerInfo in store.GetSigners ()) { > var matches = certs.GetMatches (signerInfo.SignerID); > > foreach (X509Certificate certificate in matches) { > certificates.Add (certificate); > } > } > > The problem I'm running into is that I'm hitting the following exception > in the CmsSignedDataParser constructor: > > Org.BouncyCastle.Cms.CmsException: no digests could be created for message. > at Org.BouncyCastle.Cms.CmsSignedDataParser..ctor(CmsTypedStream > signedContent, Stream sigData) in > C:\Users\jeff\Documents\Projects\bc-csharp\crypto\src\cms\CMSSignedDataParser.cs:line > 176 > at Org.BouncyCastle.Cms.CmsSignedDataParser..ctor(Stream sigData) in > C:\Users\jeff\Documents\Projects\bc-csharp\crypto\src\cms\CMSSignedDataParser.cs:line > 92 > at Org.BouncyCastle.Cms.CmsSignedDataParser..ctor(Byte[] sigBlock) in > C:\Users\jeff\Documents\Projects\bc-csharp\crypto\src\cms\CMSSignedDataParser.cs:line > 76 > at UnitTests.DummySecureMimeContext.ImportKeys(Byte[] rawData) in > c:\Users\jeff\Documents\Projects\MimeKit\UnitTests\DummySecureMimeContext.cs:line > 174 > at MimeKit.Cryptography.ApplicationPkcs7Mime.Import(CryptographyContext > ctx) in > c:\Users\jeff\Documents\Projects\MimeKit\MimeKit\Cryptography\ApplicationPkcs7Mime.cs:line > 214 > at UnitTests.SecureMimeTests.TestSecureMimeImportExport() in > c:\Users\jeff\Documents\Projects\MimeKit\UnitTests\SecureMimeTests.cs:line > 247 > > > Any ideas? > > Thanks for any help you guys can offer me, > > Jeff > >
