我从银行技术团队收到了.pem,.cer,.p12个文件以及相关的passPhrase。
我应该签署一个这样的字符串:
8ad281ad-1fdf-4ef9-a308-31388b617c3c-b6767a8a-dbc7-4be0-86ff-d27b47ed0df3
生成有效的签名数据,如下所示:
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIHnQYJKoZIhvcNAQ...cQfLnkhnZGwg7d
我已尝试使用openssl这样的命令:
openssl smime -sign -nosigs -in msg.txt -out out.txt -passin pass:SOMEPASS -signer certificate.pem
但它不像我上面提到的那样产生。
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----1F579F2DD2078A7D3BE2F25D30C33EFC"
This is an S/MIME signed message
------1F579F2DD2078A7D3BE2F25D30C33EFC
8ad281ad-1fdf-4ef9-a308-31388b617c3c-b6767a8a-dbc7-4be0-86ff-d27b47ed0df3
------1F579F2DD2078A7D3BE2F25D30C33EFC
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIHUAYJKoZIhvcNAQc...Nwr/k3x
EkGgGg==
------1F579F2DD2078A7D3BE2F25D30C33EFC--
还试过这个:
openssl smime -encrypt -nosigs -in msg.txt -out out.txt -passin pass:SOMEPASS certificate.pem
我收到的标题明显不同smime-type:
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIBewYJKoZIhvc...
我已经尝试了几个NodeJs程序包在纯节点上执行此操作,但由于我对此字段了解不多,因此无法获得结果。
我从银行收到的PHP示例代码得到了结果,这里是示例:
openssl_pkcs7_sign(realpath("msg.txt"), realpath("signed.txt"), "file://C:/myCert/certificate.pem",
array("file://C:/myCert/certificate.pem", "SOMEPASS"),
array(),PKCS7_NOSIGS
);