Skip Menu |

This queue is for tickets about the Crypt-SMIME CPAN distribution.

Report information
The Basics
Id: 67612
Status: resolved
Priority: 0/
Queue: Crypt-SMIME
People
Owner: mikage [...] ymir.co.jp
Requestors: fschlich [...] cis.fu-berlin.de
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)
Attachments
smime.p7s

History Show all quoted text
  Wed Apr 20 09:08:24 2011 fschlich [...] cis.fu-berlin.de - Ticket created
Subject: documentation fix: certs must be separate for setPublicKey
I just spent ages trying to find out why my certificate chain wouldn't be included in the signed message such that mailers can fully verify the signature. Turns out that, while 'openssl smime -sign -certfile chain.pem ...' is happy to accept several certificates in the chain.pem file, smime->setPublicKey($crt) is unable to deal with more than one certificate contained in the $crt string (only the first certificate in $crt is used). That is, chain.pem must be split into an array like so: my @chain; my $chainfile = do { local(@ARGV, $/) = "chain.pem"; <> }; push @chain, $1 while ($chainfile =~ /(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)/sg); $smime->setPublicKey(\@chain); If this cannot be accommodated for in Crypt::SMIME, perhaps a note could be added to the documentation of setPublicKey that several certificates have to be added as separate array elements and can neither be added as one long string (only the first would be used) nor through separate calls to setPublicKey (new call erases previously installed certificates)? Thanks, Florian
  Thu Apr 21 01:33:09 2011 mikage [...] ymir.co.jp - Correspondence added
Thank you for pointing out the problem. setPublicKey() should indeed be able to accept many certificates in a single string, so I fixed the code and released Crypt-SMIME 0.10. I'd like you to try it out.
  Thu Apr 21 01:33:10 2011 The RT System itself - Status changed from 'new' to 'open'
  Thu Apr 21 01:33:22 2011 mikage [...] ymir.co.jp - Status changed from 'open' to 'resolved'
  Thu Apr 21 07:59:16 2011 fschlich [...] cis.fu-berlin.de - Correspondence added
Subject: Re: [rt.cpan.org #67612] documentation fix: certs must be separate for setPublicKey
Date: Thu, 21 Apr 2011 13:59:06 +0200
To: SANO Taku via RT <bug-Crypt-SMIME [...] rt.cpan.org>
From: Florian Schlichting <fschlich [...] CIS.FU-Berlin.DE>
Hi, Show quoted text
> Thank you for pointing out the problem. setPublicKey() should > indeed be able to accept many certificates in a single string, so > I fixed the code and released Crypt-SMIME 0.10. I'd like you to > try it out.
I have tested version 0.10 and it works just as I would have expected at the outset. THANK YOU for fixing this at lightning speed! Regards, Florian
Download smime.p7s
application/x-pkcs7-signature 5.4k

Message body not shown because it is not plain text.

  Thu Apr 21 07:59:17 2011 The RT System itself - Status changed from 'resolved' to 'open'
  Thu Apr 21 08:01:40 2011 mikage [...] ymir.co.jp - Ticket deleted
  Thu Apr 21 08:01:43 2011 mikage [...] ymir.co.jp - Status changed from 'deleted' to 'open'
  Thu Apr 21 08:02:34 2011 mikage [...] ymir.co.jp - Taken
  Thu Apr 21 08:02:54 2011 mikage [...] ymir.co.jp - Status changed from 'open' to 'resolved'