[openssl-users] MIME-canonicalization

etc at coderhacks.com etc at coderhacks.com
Wed Mar 14 06:43:05 UTC 2018


I am facing some problems with a SMIME where the content is binary 
encoded AND a linefeed (LF) (0x0a) is used for line-separator.
The CMS_verify failes (CMS 
routines:CMS_SignerInfo_verify_content:verification failure).

It works fine if CRLF (0x0d 0x0a) is line-separator or even if only CR 
is used - but not with LF only.
It is also ok if the content is not in binary but base64 encoded.

I tried with and without CMS_BINARY flag set.

I think it is about the canonicalization of MIME if the content is not 

Is OpenSSL doing this canonicalization (where?).

I think CMS_BINARY should disable it - I tried to change any LF to CRLF 
before the verify but that did not help.

Any ideas?


More information about the openssl-users mailing list