Opaque-Signed and Encrypted S/MIME Message

An opaque-signed message or encrypted message in the Internet e-mail message format is identified as a MIME message that consists of exactly one MIME entity. The MIME entity usually has the media type "application/pkcs7-mime" or "application/x-pkcs7-mime". Note, however, that it can alternatively have the media type "application/octet-stream" if a file name, identified by the Content-Type header field, as specified in [RFC2045] section 5, or the Content-Disposition header field, as specified in [RFC2183], has the file extension ".p7m". The content of the MIME body is a Cryptographic Message Syntax (CMS) encapsulation of protected message content, together with all necessary cryptographic metadata. For more details about CMS, see [RFC3852]. For the purposes of this algorithm, the content is treated as opaque binary data. Message types specified in [RFC5751] other than opaque-signed messages or encrypted messages are not supported.

An opaque-signed message or an encrypted message in the Internet e-mail message format is mapped to a Message object with the following structure:

  • The message class (PidTagMessageClass property ([MS-OXCMSG] section SHOULD<9>          <10> have a value of "IPM.Note.SMIME".

  • The message body SHOULD NOT be set. Even for an opaque-signed message, for which a decryption key is not required to access message content, the message body SHOULD NOT be promoted to a Message object.

  • Message object properties other than message class or message body SHOULD be set as specified in [MS-OXCMAIL] section 2.2.

  • The Message object SHOULD have a named property with GUID = PS_INTERNET_HEADERS ({00020386-0000-0000-C000-000000000046}) and a string name "Content-Type" that contains the raw ASCII string value of a message MIME entity's Content-Type MIME header field, including any parameters of the header field.

  • The message MUST contain exactly one Attachment object.

    • Attachment content, stored in the PidTagAttachDataBinary property ([MS-OXPROPS] section 2.580), MUST be set as the inner content of a message MIME entity. Any Content-Transfer-Encoding applied to a MIME entity body MUST be removed before storing MIME body content in an Attachment object.

    • Attachment object properties other than content SHOULD be set according to [MS-OXCMAIL] section 2.2, just as they would be if the MIME entity was a normal message attachment. In particular, the PidTagAttachMimeTag property ([MS-OXPROPS] section 2.593) MUST be set to match the media type of a message MIME entity.