EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Invalid Signature

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#10693
Posted: 07/29/2009 10:06:56
by Søren Nielsen (Basic support level)
Joined: 07/29/2009
Posts: 3

Hi

Im trying to use your SecureBlackBox v. 6.0.144

When I receive emails which is generated with blackbox I dont have any problems.
Both signed and/or encrypted with or without attachments works fine.

My problem come when I try to read emails sent fr om an Outlook 2007 client (have not tried 2003)
where the user have addet an attachment and signed the message.

If there is no attachment, I dont have any problems, but with attachment I get "Invalid Signature"
when trying to call

Message.MessagePartHandler.Decode(false)


The same error comes when using your sample application SecureMail_VS2005, from the samples directory.
Using only the verify digital signature options, and not choosing any certificate.



Is there something that the outlook user should do when signing or
is this a known issue which have been resolved in a newer release, eg. your 7.1 version.


My setup is :

Outlook 2007 with a client OCES certificate,
(installed the Root certificate in my trusted store on my development machine)

The Outlook user sends an email with a text file as attachment,
and chooses to sign message (no encrypting)

In Exchange Server 2007 the MessageClass is "IPM.Note.SMIME.MultipartSigned"

When I send email with SecureBlackBox, I can only get this MessageClas if I set
TElSimpleSMIMEMessage.SMIMEOptions.SignOnlyClearFormat = True
otherwise I get "IPM.Note.SMIME"
Not sure if this last part is relevant.

/Soren
#10698
Posted: 07/29/2009 15:52:32
by Ken Ivanov (EldoS Corp.)

Thank you for detailed information.

Would you be so kind to send us one of the messages that fail to be processed?
#10762
Posted: 08/10/2009 04:25:21
by Søren Nielsen (Basic support level)
Joined: 07/29/2009
Posts: 3

Hi Ivanov

Sorry for the late answer, have been away.
Tried to send this as an email but got access denied.


[ Download ]
#10764
Posted: 08/10/2009 05:01:43
by Eugene Mayevski (EldoS Corp.)

Any reason to use version 6? It's outdated and you should use version 7.1 for evaluation. If you have a license for version 6, you are welcome to assign the license ticket to your user account on our site (as described in the registration e-mail).


Sincerely yours
Eugene Mayevski
#10765
Posted: 08/10/2009 05:09:07
by Ken Ivanov (EldoS Corp.)

Thank you for the file. The signature contained in the message is really incorrect (Outlook Express shows it as bad too). We will take a deeper look into the issue.
#10767
Posted: 08/10/2009 07:46:40
by Ken Ivanov (EldoS Corp.)

Unfortunately, we were unable to reproduce the issue. We have tried to create a message in the way you described and sign it using Outlook 2007, but the result was successfully validated by both SBB and Outlook itself. So I suppose that the messages are tampered or edited after signing somewhere in your environment.

BTW, does Outlook validate such messages (like the one you've attached before) successfully?
#10818
Posted: 08/19/2009 04:12:20
by Søren Nielsen (Basic support level)
Joined: 07/29/2009
Posts: 3

Hi Ivanov

I finally tracked down the issue.

Turns out its Exchange 2007 that have an issue with signed/encrypted emails with attachments.

You can read more about it here:
[URL=http://support.microsoft.com/kb/949703]Microsoft Knowledgebase[/URL]
#10822
Posted: 08/19/2009 09:32:10
by Ken Ivanov (EldoS Corp.)

Thank you very much for letting us know. We will add a reference to the article you have provided to our knowledge base.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 1585 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!