search

fullsailor / pkcs7

Implements a subset of PKCS#7/Crytpographic Message Syntax (rfc2315, rfc5652)
MIT License
123 stars 201 forks source link

Detached signature content-type oid does not match actual content-type #24

Closed dawud-tan closed 6 years ago

dawud-tan commented 6 years ago 
// Detach removes content from the signed data struct to make it a detached signature.
// This must be called right before Finish()
func (sd *SignedData) Detach() {
    sd.sd.ContentInfo = contentInfo{ContentType: oidSignedData}
}

Is pkcs7.go's Detach function, do cause mismatch Content-Type according to RFC 3852 Section 11.1?

following is my code line hello.go line 108, it will send a response to my android app that use bouncycastle lib, the lib throws following error new CMSException("content-type attribute value does not match eContentType");, it check this if (!signedContentType.equals(contentType))

the Content-Type of the following openssl smime v3.1 detached signature command line tool: openssl cms -sign -md sha1 -noattr -signer public.crt -inkey public.key -in PO.edifact -out signedPO.edifact, is 1.2.840.113549.1.7.1, while your detached function is 1.2.840.113549.1.7.2

following is the sample of the above hello.go's http response

------=_Part_zBgVxyST
Content-Type: multipart/report; report-type=disposition-notification; 
    boundary="----=_Part_NXmQfJcR"

------=_Part_NXmQfJcR
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

The AS2 message has been received.
------=_Part_NXmQfJcR
Content-Type: message/disposition-notification
Content-Transfer-Encoding: 7bit

Reporting-UA: php AS2 Server
Original-Recipient: rfc822; mendelsontestAS2
Final-Recipient: rfc822; mendelsontestAS2
Original-Message-ID: <github-dawud-tan-RetrofitSmime-30122017110750+0700--380012012302437852@mycompanyAS2_mendelsontestAS2>
Disposition: automatic-action/MDN-sent-automatically; processed
Received-Content-MIC: PAitTZmshnYdaYVQ5aYyf/cEJiE=, sha1

------=_Part_NXmQfJcR--

------=_Part_zBgVxyST
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIIExwYJKoZIhvcNAQcCoIIEuDCCBLQCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0B
BwKgggLUMIIC0DCCAjkCBEOO/fMwDQYJKoZIhvcNAQEFBQAwga4xJjAkBgkqhkiG
9w0BCQEWF3Jvc2V0dGFuZXRAbWVuZGVsc29uLmRlMQswCQYDVQQGEwJERTEPMA0G
A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xIjAgBgNVBAoTGW1lbmRlbHNv
bi1lLWNvbW1lcmNlIEdtYkgxIjAgBgNVBAsTGW1lbmRlbHNvbi1lLWNvbW1lcmNl
IEdtYkgxDTALBgNVBAMTBG1lbmQwHhcNMDUxMjAxMTM0MzE1WhcNMTkwODEwMTM0
MzE1WjCBrjEmMCQGCSqGSIb3DQEJARYXcm9zZXR0YW5ldEBtZW5kZWxzb24uZGUx
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEi
MCAGA1UEChMZbWVuZGVsc29uLWUtY29tbWVyY2UgR21iSDEiMCAGA1UECxMZbWVu
ZGVsc29uLWUtY29tbWVyY2UgR21iSDENMAsGA1UEAxMEbWVuZDCBnzANBgkqhkiG
9w0BAQEFAAOBjQAwgYkCgYEA1QYrk0Zb4MsdAbkzFfLp2mZOg6H1ZpWRpyeMm+1o
zNiqA/zeDPnzgoAEjmDYhpR3BID1XsvOA+pzixH5YbOQFZ0Z+SNVTMxQ0tDLQYsy
lKBneynDr11iOCBxu2wdkFhEZ0NJJRdY3sS95iHOKFqvdlPeyblrMnrBYZW9vcN8
fUECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCucT5rhqerUTOPyUHf1ia8gCknTM1Q
yKUAReS3nmIiYuTsBqxvLQ72jEFCgOTGPyUq/IlnB91mrNcXuo11V6eMFNQ5+RDy
z600XM8R4MXhnp4jtDQeMrQFk/bbbrt/lUeG/rA/eUgn82iATpALtcwzb1EQNxf+
+hbo6AqCZrXBVjGCAb0wggG5AgEBMIG3MIGuMSYwJAYJKoZIhvcNAQkBFhdyb3Nl
dHRhbmV0QG1lbmRlbHNvbi5kZTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxp
bjEPMA0GA1UEBxMGQmVybGluMSIwIAYDVQQKExltZW5kZWxzb24tZS1jb21tZXJj
ZSBHbWJIMSIwIAYDVQQLExltZW5kZWxzb24tZS1jb21tZXJjZSBHbWJIMQ0wCwYD
VQQDEwRtZW5kAgRDjv3zMAcGBSsOAwIaoGEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3
DQEHATAgBgkqhkiG9w0BCQUxExcRMTcxMjMwMTEwNzUyKzA3MDAwIwYJKoZIhvcN
AQkEMRYEFEJE7uZ+32tvKMiJuDT4uaOVYO+tMAsGCSqGSIb3DQEBAQSBgFJA0aXE
LIwP4aslsRk3OjWD6Rrw1oSK4YcxlcVEAal/29TVWAwEKVdlkPOxOhUUipYN7VD1
9aIhZQMXVEd6ar+E8CcTEWnZztPbTlM/rlciqzB88/ZkTgpRqxUeCsnloPhOe3Vo
1rNzqHeHpmsCcyTNq1TvaQGkchjJ3N22UTZB

------=_Part_zBgVxyST--