Hi and thanks again: Completely clear. I found some weird content in the original message which is only a XML in 2 lines. It's not a multipart (not a multipart inside another multipart, but only an XML in UTF-8, which is then signed and finally encrypted, then sent).
The weird content to which I refer is that the original message is not exactly UTF-8. And also, when verifying, the <cr><lf> just after the XML content -and before the boundary- is removed, because that's not part of original content. I will be testing with my trading partner what is exactly the original content but this time sent via email, because I suspect this parter has her UTF-8 file (the very original one), which produces the right MIC, but the encoder of her WebSphere saves it in ISO-8859-1, according the codes shown in certain word which is the name of the othe trading partner. (i.e. DISEÑOS is transformed to DISEÃOS if you see the UTF-8 as ISO-8859-1, but this time I'm reading the content as UTF-8 and I don't see DISEÑOS....) I think we are close to the end of this problem. Greetings jkoehring wrote: > > The mechanism for calculating the MIC for an AS2 message is exactly the > same as that for an AS1 message. The two protocols are practically > identical except that the outermost contents of AS1 messages are > frequently encoded (base64 , quoted-printable, etc) so that they may be > transported safely over SMTP. Otherwise, AS21 and AS2 messages are > "packaged" identically. > <p> > The paragraph you are referring to in section 7.1 of RFC 4130 is referring > to the situation in which the data being transported in an AS2 message is > a multipart. That is, the first part of the multipart/signed is, itself, > another multipart. It is not saying that the MIC should be calculated over > the entire multipart/signed, just the first part of the multipart/signed. > <p> > Another way to look at it is when the original AS2 message is signed, the > MIC for the MDN should be exactly the same as the hash used in the > calculation of the signature for the multipart/signed. > -- View this message in context: http://www.nabble.com/RFC-4130-checksum-in-SHA1-tp18034577p18067119.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
