【问题标题】:PHP Reading a S/Mime email p7m attachment (Base64?)PHP 读取 S/Mime 电子邮件 p7m 附件(Base64?)
【发布时间】:2012-03-13 20:32:18
【问题描述】:

我们有一个使用 Symantec 的 PGP Universal Web Messenger 的系统。

这意味着电子邮件是使用来自 pkcs12 证书的 s/mime 加密发送给我的。

我在阅读 PHP 中的消息时遇到了一些问题。

我有所有的 imap 代码,但现在我如何读取加密的 p7m 附件。它只是 Base64 编码和签名吗?

编辑:我有公钥。

这是 mime 信息:-

Content-Type: application/pkcs7-mime; smime-type=enveloped-data;\r\n\tname="Message.p7m"\r\nContent-Transfer-Encoding: BASE64\r\nContent-Disposition: attachment; filename="Message.p7m"

【问题讨论】:

    标签: php mime pkcs#7 smime


    【解决方案1】:

    P7M 文件类型主要与PKCS #7 MIME Message 相关联。见Section 3.2 in RFC 2311:

    3.2 The application/pkcs7-mime Type
    
        The application/pkcs7-mime type is used to carry PKCS #7 objects of
        several types including envelopedData and signedData. The details of
        constructing these entities is described in subsequent sections. This
        section describes the general characteristics of the
        application/pkcs7-mime type.
        
        This MIME type always carries a single PKCS #7 object. The PKCS #7
        object must always be BER encoding of the ASN.1 syntax describing the
        object. The contentInfo field of the carried PKCS #7 object always
        contains a MIME entity that is prepared as described in section 3.1.
        The contentInfo field must never be empty.
        
        Since PKCS #7 objects are binary data, in most cases base-64 transfer
        encoding is appropriate, in particular when used with SMTP transport.
        The transfer encoding used depends on the transport through which the
        object is to be sent, and is not a characteristic of the MIME type.
        
        Note that this discussion refers to the transfer encoding of the PKCS
        \#7 object or "outside" MIME entity. It is completely distinct from,
        and unrelated to, the transfer encoding of the MIME entity secured by
        the PKCS #7 object, the "inside" object, which is described in
        section 3.1.
        
        Because there are several types of application/pkcs7-mime objects, a
        sending agent SHOULD do as much as possible to help a receiving agent
        know about the contents of the object without forcing the receiving
        agent to decode the ASN.1 for the object. The MIME headers of all
        application/pkcs7-mime objects SHOULD include the optional "smime-
        type" parameter, as described in the following sections.
    

    这基本上是以加密形式发送的安全电子邮件文件。如果一切设置正确,您应该拥有解密文件所需的公钥。如果没有,请下载。

    在您的情况下,传输编码是 Base64。首先解码附件(如果您到目前为止还没有这样做),然后处理二进制数据。

    【讨论】:

    • 我有公钥。如何处理二进制解码数据?我应该按什么顺序做这些?
    • 如果您点击上面 RFC 的链接,您可以看到它是如何创建的。您只需要反转该过程。你可以在那里找到一个深入的描述,我可以创造出更好的描述。
    • 好的,整理好了。我们不需要解码 base64 附件。只要您的证书/密钥都设置正确,PHP openssl 函数只会输出解密的消息。
    猜你喜欢
    • 2014-08-30
    • 2012-02-18
    • 1970-01-01
    • 2010-10-30
    • 2017-08-07
    • 1970-01-01
    • 2011-04-23
    • 2015-05-28
    • 2013-07-22
    相关资源
    最近更新 更多