I need to send an encrypted email with a binary attachment from bash. I've read the RFC, and the openssl docs as well as a couple additional posts here in SF to no avail.
So far the process I understand goes like this:
However what I'm seeing is a bit of garbled text. If anyone can shine some light where I'm messing up, I'd be thankful.
What follows are the nitty gritty details:
1. MIME Message
From: <FROM>
To: <TO>
Subject: <SUBJECT>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="<BOUNDARY>"
--<BOUNDARY>
Content-Type: text/plain; charset=utf-8
<TEXT>
--<BOUNDARY>
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename= "<FILENAME>"
<BASE64_DATA>
--<BOUNDARY>
2. The signing & Encrypting:
SIGNED=$(openssl smime -sign -in mime.txt -signer MyPublic.cer -inkey MyPrivate.key)
ENCRYPTED=$(openssl smime -encrypt -subject "Work damn you" RecipientPublic.cer <<< $SIGNED)
3. The Sending
echo "$ENCRYPTED" | sendmail recipient@hush-hush.com
so... after blood and tears it is done.
Lessons learned:
Content-Type: multipart/alternative; should be Content-Type: multipart/mixed; else the email clients will be confused and show garbage.ENCRYPTED=$(openssl smime -encrypt -subject "Work damn you" RecipientPublic.cer <<< $SIGNED) should really be ENCRYPTED=$(openssl smime -encrypt -subject "Work damn you" RecipientPublic.cer <<< "$SIGNED")