locked
Manually verify signed mails containing item attachments RRS feed

  • Question

  • I am trying to verify the digital signature of emails created with Outlook 2016.

    A signed email has an attachment named "smime.p7m" that usually contains a valid mime message. The signature is the last part and encoded in base64.
    The file is starting like this:

    MIME-Version: 1.0
    Content-Type: multipart/signed;
    	protocol="application/x-pkcs7-signature";
    	micalg=SHA1;
    	boundary="----=_NextPart_000_00E8_01D38BC6.44D87BE0"

    When i send an email containing an item attachment (a calendar item, another email) together with another file outlook will create a winmail.dat attachment and put that into the smime.p7m file. The wrapping mime message however looks like it is in a kind of binary format?

    0�	*�H��
    ��0�10	+��0�	*�H��
    ��$��Content-Type: multipart/mixed;
    	boundary="----=_NextPart_000_0000_01D38BB7.A3884850"
    X-MS-TNEF-Correlator: 70BDC141AF8BD301
    
    This is a multipart message in MIME format.

    This does not work with the mime parser i use (sun.mail.com).
    If i manually strip the characters up to the Content-Type the mime parser can read the message and extract the winmail.dat attachment, but the signature cannot be parsed, maybe because there are more "wrapping" characters at the end.

    Does anybody know what format Outlook uses for this kind of smime.p7m file?

    Tuesday, January 16, 2018 8:50 AM

All replies

  • Try p7mviewer suggested in here https://www.experts-exchange.com/questions/21563172/How-do-I-open-emails-that-come-to-me-with-a-p7m-extension.html
    Wednesday, January 17, 2018 10:03 AM
  • Thank you for your reply. The p7mviewer can indeed open the signature. Outlook can open the signature as well.

    My issue is that I (or specifically my software) cannot read/verify the signature as the parser cannot read it.

    Tuesday, January 23, 2018 3:43 PM