This is my first attempt ever at magic(5) voodoo:
0 byte 0x30
>0x01 byte 0x80
>>0x02 string \x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x07\x02 Indefinite
length pkcs7-signedData
!:mime application/pkcs7
>>0x02 string \x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x07\x03 Indefinite
length pkcs7-envelopedData
!:mime application/pkcs7
>0x03 search/10 \x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x07\x02 Definite
length pkcs7-signedData
!:mime application/pkcs7
>0x03 search/10 \x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x07\x03 Definite
length pkcs7-envelopedData
!:mime application/pkcs7
I'm pretty sure it's ugly, suboptimal, and whatever. It WORKSFORME, on
an indefinite length signature as well as the corresponding definite one
recreated by OpenSSL.
I haven't contempted the idea of parsing ASN.1/BER in magic(5) parlance.
--
Erwann ABALEA
Le 06/11/2014 17:24, Jan Hejl a écrit :
Hello,
i found that the file command detects S/MIME attachment (smime.p7s)
within a signed email as an application/octet-stream insted of
application/pkcs7. Author of the file tool tells that it's impossible
to detect application/pkcs7. Does anybody knows why?
Thank you
Jan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org