Matej Kurpel wrote: > as far as I know, Thunderbird sends encrypted e-mails as an attachment > named "smime.p7m".
Not attachement. The whole body is base64-encoded. Look closely at the message headers. > Can anybody let me briefly know what this file contains? The CMS (formerly PKCS#7) blob. > I know this > from previous e-mail conversation from this mailing list: > > "The sender generates an ephemeral 3-DES key one for each receiver, then > encrypts (wraps) each key using that receivers' RSA public key. In order > to read a message, you have to decrypt (unwrap) the 3-DES key that was > encrypted using your RSA public key. Then, you have to decrypt the > messsage using the 3-DES key you just unwrapped." > > Does that mean the p7m file contains multiple copies of the same > message, each copy encrypted using a different key? No. The PKCS#7 contains a ASN.1 structure called RecipientInfos which contain the symmetric key encrypted for each recipient with its public key together with a reference to the recipient's public key cert used. > Also, it looks like it contains some certificates. It can. > Unfortunately, the > software I am using (ASN.1 Editor) doesn't read the p7m file despite the > fact that it looks as a DER-encoded file at a first glance (even after > removing the zero-byte padding). You should see the RecipientInfos SEQUENCE. Please consult the relevante RFCs for S/MIME and CMS. Ciao, Michael. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
