When selecting SHA-1 in the partner configuration page under MDN Settings in the pyas2 admin, it does not seem that is what the partner is recognizing as the used hash algorithm. For some reason they are recognizing it as SHA-256. Please see the screenshot below and take notice of the last row that is highlighted.
If you look at some of the other rows above, you can see that others have submitted signatures that are recognized as SHA-1.
I think the issue might be in the header. Mendelson interprets the pyas2 sent header as:
as2-version = 1.2
content-length = 3853
disposition-notification-to = no-reply@pyas2.com
accept = */*
recipient-address = http://testas2.mendelson-e-c.com:8080/as2/HttpReceiver
ediint-features = CEM
message-id = <20150629010101.1725.34375@Q6-EDI>
mime-version = 1.0
content-type = application/pkcs7-mime; smime-type="enveloped-data"; name="smime.p7m"
as2-from = mycompanyAS2
disposition-notification-options = signed-receipt-protocol=required, pkcs7-signature; signed-receipt-micalg=optional, sha1
content-transfer-encoding = base64
subject = EDI Message sent using pyas2
accept-encoding = gzip, deflate, compress
content-disposition = attachment; filename="smime.p7m"
as2-to = mendelsontestAS2
host = testas2.mendelson-e-c.com:8080
user-agent = PYAS2, A pythonic AS2 server
date = Sun, 28 Jun 2015 20:01:01 -0500
other senders where SHA-1 is identified are interpreted as:
I am still trying to go through the RFC specs for S/MIME, but if anything jumps out at you as to what would cause the sender to misinterpret the hash algorithm used, then please let me know.
Here is also a senders RAW decrypted message as interpreted by Mendelson:
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="boundaryoJtiAg=="
--boundaryoJtiAg==
Content-Type: application/edi-x12
Content-Transfer-Encoding: binary
Content-Disposition: Attachment; filename="rfc1767.edi"
test
EDI
data
--boundaryoJtiAg==
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Transfer-Encoding: base64
~~A bunch of garbage text~~
--boundaryoJtiAg==--
Hello,
This may be related to Issue #6.
I am again continuing to test with Mendelson's provided test server. The details for this free service can be found here:
http://as2.mendelson-e-c.com/
When selecting
SHA-1
in the partner configuration page underMDN Settings
in the pyas2 admin, it does not seem that is what the partner is recognizing as the used hash algorithm. For some reason they are recognizing it asSHA-256
. Please see the screenshot below and take notice of the last row that is highlighted.If you look at some of the other rows above, you can see that others have submitted signatures that are recognized as
SHA-1
.I think the issue might be in the header. Mendelson interprets the pyas2 sent header as:
other senders where
SHA-1
is identified are interpreted as:and another:
I am still trying to go through the RFC specs for S/MIME, but if anything jumps out at you as to what would cause the sender to misinterpret the hash algorithm used, then please let me know.
Here is also a senders RAW decrypted message as interpreted by Mendelson:
Here is the pyas2 RAW decrypted message:
Again, any thoughts on this would be much appreciated.
Thanks!!