Harald Koch <[email protected]> wrote: >> Am 29.10.2020 um 14:12 schrieb Michael Richardson <[email protected]> >>> - "Unable to verify content integrity: Missing data" >>> - "The system is unable to find out the sign algorithm of the inbound message" >> >>> I digged a bit deeper into the ASN1 data („cat signature.base64 | base64 -d | openssl asn1parse -inform DER" ), leading to my assumption that the algorithm provided for signature contained differs: >>> - openSSL indicates „rsaEncryption" >>> - Java indicates „sha512WithRSAEncryption" >> >> The first error you got seems inconsistent with this problem. >> Is is possible that one of you are sending CMS structures with >> out-of-band content?
> Yes, the signed message is contained in a HTTP(S) multipart request
> with more payload and header information, sure. The only different part
> is the signed content, all other content has been manually checked,
> they are exactly the same. May it be possible that the CMS data which
> openSSL generates is much bigger due to unneeded certificate
> information, which makes the Java process stumble over the input?
so, do have detached content then?
And MIME and HTTP is involved? My bet is that you have CRLF/LF issues, which
you might not see unless you look at the raw packets --- after the TLS is
removed, which is a hassle, but there is a way in openssl to get that data
put somewhere, but I can't recall what it is.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] [email protected] http://www.sandelman.ca/ | ruby on rails [
signature.asc
Description: PGP signature
