search

OxalisCommunity / oxalis

Oxalis - PEPPOL Access Point open source implementation - Core component
Other
133 stars 92 forks source link

A.3. Signed, Encrypted Message Requesting a Signed, (A)synchronous Receipt #287

Closed LaurensN closed 7 years ago

LaurensN commented 7 years ago

Hi,

Does oxalis support Signed Encrypted AS2 messages ?

https://www.ietf.org/rfc/rfc4130.txt :

 Encryption, signature
      -RFC2616/2045
        -RFC3851 (application/pkcs7-mime)
          -RFC1847 (multipart/signed)(encrypted)
            -RFC1767/RFC3023  (application/EDIxxxx or /xml)(encrypted)
            -RFC3851 (application/pkcs7-signature)(encrypted)

example:

A.3.  Signed, Encrypted Message Requesting a Signed, Asynchronous
      Receipt

   Message-ID: <#as2_company#01#a4260as2_companyout#>
   Date: Thu, 19 Dec 2002 15:04:18 GMT
   From: me@example.com
   Subject: Async MDN request
   Mime-Version: 1.0
   Content-Type: application/pkcs7-mime;
     smime-type=enveloped-data; name=smime.p7m
   Content-Transfer-Encoding: binary
   Content-Disposition: attachment; filename=smime.p7m
   Recipient-Address: 10.240.1.2//
   Disposition-Notification-To:
     http://10.240.1.2:8201/exchange/as2_company
   Disposition-Notification-Options: signed-receipt-protocol=optional,
    pkcs7-signature; signed-receipt-micalg=optional,sha1
   Receipt-Delivery-Option:
     http://10.240.1.2:8201/exchange/as2_company
   AS2-From: as2_company
   AS2-To: "AS2 Test"
   AS2-Version: 1.1
   Host: 10.240.1.2:8101
   Connection: close
   Content-Length: 3428

     [omitted binary encrypted data]

When sending an encrypted AS2 message to an AS2 receiver, I receive the following error:

The message sent to AS2 System id APP_1000000302 on Sun, 09 Apr 2017 20:59:44 +0200 with subject AS2 MDN as you requested has been received.\r\nIt has been processed \r\nThe warning/error message is :\r\nERROR: Unable to get content of message.Missing start boundary\r\n\r\n\r\n------=_Part_260_1960739616.1491764384708\r\nContent-Type: message/disposition-notification\r\nContent-Transfer-Encoding: 7bit\r\n\r\nReporting-UA: Oxalis\r\nDisposition: automatic-action/MDN-sent-automatically; processed/ERROR: Unable to get content of message.Missing start boundary\r\n

The multipart/signed messages (with the boundary declaration) resides in the application/x-pkcs7 envelope. It seems like the message isn't decrypted on the receiver oxalis, and oxalis can't find the start boundary.

Error messages with other Content-Type variations:

The warning/error message is :\r\nERROR: Unable to retrieve content type from MimeMessage. MimeMessage is not multipart/signed, it is : application/x-pkcs7-mime\r\n\r\n\r\n
The warning/error message is :\r\nERROR: Unable to retrieve content type from MimeMessage. MimeMessage is not multipart/signed, it is : application/pkcs7-mime\r\n\r\n\r\n
klakegg commented 7 years ago

From our README:

The Oxalis system is an enhancement of the PEPPOL Sample Implementation and can be used used as a complete standalone PEPPOL solution or as an API component from your own code.

Oxalis does not support features not required by OpenPEPPOL.

LaurensN commented 7 years ago

@klakegg Thanks for the reply.