MimeKit: Error when validating signature (message-digest attribute value does not match calculated value)
We are using your great MimeKit to handle AS2 messages in our software. And it’s running smoothly for almost all partners (and we have a lot). But we have an issue with one of them (OpenText/GXS) - we can’t validate their signature on the incoming mime-message.
I have tried a lot of different debugging, but I can’t figure out why we are getting the following error:
"message-digest attribute value does not match calculated value"
My first thoughts was, that they (the external partner OpenText) was doing something wrong, but I then downloaded some Java AS2 software (OpenAS2 https://github.com/phax/as2-lib) and another .NET library (Chilkat) - and both of them can validate the signature of the message.
So I’m stuck here… Hopefully you can tell me, if I’m doing something wrong - or if there is something wrong with the mime-message.
Platform (please complete the following information):
- OS: Windows
- .NET Framework: 4.5+
- MimeKit Version: 2.6
To Reproduce Steps to reproduce the behavior: I have create a small unit-test solution in VS2019, where I show the issue with MimeKit and a test-method showing that it works with Chilkat: UnitTestProject_Mimekit.zip
- Download the zip-file and unpack it
- Restore nuget packages in the solution
- Run the two test-methods in the test-class
Expected behavior I would expect the message to validate, since other frameworks validates the message. And OpenText are quite big, so I think they have a lot of partners where this is not an issue.
Screenshots
Additional context I can see that the mime-message I’m working with from OpenText have a mix of Carriage-Return and Line-Feed. The mime-message contains both the carraige-return and line-feed (as it should), but the actual payload (the body) is using only line-feed (unix style). See the screenshot from notepad++ above. And I can see, that when I use the WriteTo method you provide, it will change the actual content of the body depending on the FormatOptions. I don’t know if this can be causing this issue?
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 18 (11 by maintainers)
Commits related to this issue
- Add the ability to verify only the digital signature Feature enhancement for issue #569 — committed to jstedfast/MimeKit by jstedfast 4 years ago
- Treat the Default encoding the same as Binary in MimePart.WriteTo() May be enough to fix issue #569 — committed to jstedfast/MimeKit by jstedfast 4 years ago
- Improved logic for verifying signatures for MimeParts containing mixed line endings This is a better fix for issue #569 — committed to jstedfast/MimeKit by jstedfast 4 years ago
- Improved logic for verifying signatores for MimeParts with mixed line-endings Modified parser to track NewLineFormat of content and set it on the MimeContent object so that MimePart.WriteTo() can use... — committed to jstedfast/MimeKit by jstedfast 4 years ago
Just published MimeKit 2.7.0 to nuget.org
BTW, thanks a ton for your generous donation. That was quite a surprise and very appreciated 😉