Whitespace(?) problem and crypto.signText()

Tue, 03 Jan 2012 15:34:54 -0800 

Hi.

First of all, sorry if this is not the right list for this question, but I'm a 
little bit desperate with this, and I don't know a better place for now...

I'm using crypto.signText() to sign the contents of a textarea, and send that 
to the server. There I have to use the signature to build an S/MIME message 
with the original message and the signature (I'm using S/MIME because is the 
only way I've found to verify the signature).

My problem is that I'm only successful validating very simple messages, 
without linebreaks. Each time I introduce a new line, the signature fails. I 
don't know what I could be doing wrong, and I think that the problem is in the 
whitespace or the line break handling, but I can't find any other example on 
the web about how to do this.

I desperately need advice about how to properly handle the data that FireFox 
generates, so any pointers about how to format the original message and the 
S/MIME one for openssl to verify (or any other way to verify on the server the 
signature that signText() generates), are more than welcome.


I'm doing the following for creating the S/MIME message:

        fwrite($f, "Content-Type: multipart/signed;\r\n" .
                " protocol=\"application/x-pkcs7-signature\";\r\n" .
                " micalg=\"sha1\"; " . "boundary=\"Signed Boundary\"\r\n" .
                "\r\n" .
                "--Signed Boundary\r\n" .
                "Content-type: text/plain; charset=\"us-ascii\"\r\n" .
                "\r\n" .
                $data . "\r\n" .
                "--Signed Boundary\r\n" .
                "Content-Type: application/x-pkcs7-signature; 
name=\"smime.p7s\"\r\n" .
                "Content-Transfer-Encoding: base64\r\n" .
                "Content-Disposition: attachment; filename=\"smime.p7s\"\r\n" .
                "Content-Description: S/MIME Cryptographic Signature\r\n" .
                "\r\n" .
                $signature . "\r\n" .
                "\r\n" .
                "--Signed Boundary--");
        fclose($f);


And then I'm doing the following for checking the signature:

$ openssl smime -verify -in /tmp/message.smime -CAfile keys/demoCA/cacert.pem \
-content /tmp/message.txt

Thanks a lot in advance.

-- 
Alex (a.k.a. suy) | GPG ID 0x0B8B0BC2
http://barnacity.net/ | http://disperso.net
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to