PHP 读取 S/Mime 电子邮件 p7m 附件（Base64？）

发布于 2025-01-08 00:40:22 字数 441 浏览 0 评论 0原文

我们有一个使用 Symantec 的 PGP Universal Web Messenger 的系统。

这意味着电子邮件是使用 pkcs12 证书的 s/mime 加密发送给我的。

我在阅读 PHP 中的消息时遇到了一些问题。

我有所有 imap 代码，但现在如何读取加密的 p7m 附加文件。它只是 Base64 编码和签名吗？

编辑：我有公钥。

这是哑剧信息：-

Content-Type: application/pkcs7-mime; smime-type=enveloped-data;\r\n\tname="Message.p7m"\r\nContent-Transfer-Encoding: BASE64\r\nContent-Disposition: attachment; filename="Message.p7m"

原文

We have a system using Symantec's PGP Universal Web Messenger.

This means that emails are sent to me using s/mime encryption from a pkcs12 cert.

I'm having a bit of trouble reading the messages in PHP.

I have all the imap code but now how do I read the encrypted p7m attached file. Is it just Base64 encoded and signed?

EDIT: I have the public key.

Here is the mime info:-

Content-Type: application/pkcs7-mime; smime-type=enveloped-data;\r\n\tname="Message.p7m"\r\nContent-Transfer-Encoding: BASE64\r\nContent-Disposition: attachment; filename="Message.p7m"

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

依靠 2025-01-15 00:40:22

P7M 文件类型主要与 PKCS #7 MIME 消息< /a>.请参阅 RFC 2311 中的第 3.2 节：

3.2 application/pkcs7-mime 类型

    application/pkcs7-mime 类型用于携带 PKCS #7 对象
    多种类型，包括 EnvelopedData 和signedData。详细信息
    后续章节将介绍如何构建这些实体。这
    部分描述了一般特征
    application/pkcs7-mime 类型。
    
    此 MIME 类型始终携带单个 PKCS #7 对象。 PKCS #7
    对象必须始终是描述该对象的 ASN.1 语法的 BER 编码
    目的。携带的 PKCS #7 对象的 contentInfo 字段始终
    包含一个按照第 3.1 节所述准备的 MIME 实体。
    contentInfo 字段决不能为空。
    
    由于 PKCS #7 对象是二进制数据，因此在大多数情况下采用 base-64 传输
    编码是适当的，特别是与 SMTP 传输一起使用时。
    使用的传输编码取决于传输所通过的传输方式
    对象是要发送的，并且不是 MIME 类型的特征。
    
    请注意，此讨论指的是 PKCS 的传输编码
    \#7 对象或“外部”MIME 实体。它完全不同于，
    并且与以下内容无关，由以下内容保护的 MIME 实体的传输编码
    PKCS #7 对象，“内部”对象，在
    第 3.1 节。
    
    因为有多种类型的 application/pkcs7-mime 对象，
    发送代理应该尽可能地帮助接收代理
    了解对象的内容而不强制接收
    解码对象的 ASN.1 的代理。所有的 MIME 标头
    application/pkcs7-mime 对象应该包含可选的“smime-
    type”参数，如以下各节所述。

这基本上是一个以加密形式发送的安全电子邮件文件。如果一切设置正确，您应该拥有解密文件所需的公钥。如果没有，请下载。

在您的情况下，传输编码是 Base64。首先解码附件（如果您到目前为止还没有这样做），然后处理二进制数据。

The P7M file type is primarily associated with a PKCS #7 MIME Message. See Section 3.2 in RFC 2311:

3.2 The application/pkcs7-mime Type

    The application/pkcs7-mime type is used to carry PKCS #7 objects of
    several types including envelopedData and signedData. The details of
    constructing these entities is described in subsequent sections. This
    section describes the general characteristics of the
    application/pkcs7-mime type.
    
    This MIME type always carries a single PKCS #7 object. The PKCS #7
    object must always be BER encoding of the ASN.1 syntax describing the
    object. The contentInfo field of the carried PKCS #7 object always
    contains a MIME entity that is prepared as described in section 3.1.
    The contentInfo field must never be empty.
    
    Since PKCS #7 objects are binary data, in most cases base-64 transfer
    encoding is appropriate, in particular when used with SMTP transport.
    The transfer encoding used depends on the transport through which the
    object is to be sent, and is not a characteristic of the MIME type.
    
    Note that this discussion refers to the transfer encoding of the PKCS
    \#7 object or "outside" MIME entity. It is completely distinct from,
    and unrelated to, the transfer encoding of the MIME entity secured by
    the PKCS #7 object, the "inside" object, which is described in
    section 3.1.
    
    Because there are several types of application/pkcs7-mime objects, a
    sending agent SHOULD do as much as possible to help a receiving agent
    know about the contents of the object without forcing the receiving
    agent to decode the ASN.1 for the object. The MIME headers of all
    application/pkcs7-mime objects SHOULD include the optional "smime-
    type" parameter, as described in the following sections.

This is basically a secure E-mail file sent in encrypted form. If everything is set up properly you should have a public key necessary to decrypt the file. If not, download it.

In your case the transfer encoding is Base64. Decode the attachment first (if you don't have done this so far) and then process the binary data.

回复收藏 0 原文

~没有更多了~