Notes on AS2 MDNs
Jun 18th 2019
The goto help for .NET developers wanting to send or receive AS2 without a third party library is this one
Unfortunately the detail about creating an MDN to return in response to receiving a file is somewhat lacking...
After a bit of toing and froing of deconstructing a real MDN generated by another RSS solution I managed to figure it out.
MDN overview
A signed MDN is a multipart message made up of the following
- Message - multipart/signed
- Part 1 - multipart/report
- Part a - text/plain - a human friendly response
- Part a - message/disposition-notification - the actual response that the sending AS2 server can do something with
- Part 2 - application/pkcs7-signature
- Digital signature of the first part i.e. parts a and b
- Part 1 - multipart/report
Part a
A human friendly string
Content-Type: text/plain
A message of some kind. Something that would make sense to a human e.g. message with id 'blah' sent from 'sender' to 'recipient' has been received and processed successfully
Part b
A collection of data taking the form of HTTP headers
Content-Type: message/disposition-notification
Original-Recipient: rfc822; mendelsontestAS2
Final-Recipient: rfc822; mendelsontestAS2
Original-Message-ID: <AS2_024737Thu>
Disposition: automatic-action/MDN-sent-automatically; processed
Received-Content-MIC: ztIqTMkKwPDxQRhvQajdHfOVx8A=, sha1
- Received-Content-MIC: this is the hash of the original message
- If the original message was signed then only hash the message portion, not the signature
Part 1
Combine part a and part b together!
A common convention is to use "MDNBoundary" as the multipart boundary
--MDNBoundary
Content-Type: text/plain
The incoming message from ThirdPartyCompany to UnitTests with Id <UnitTests-20190605-163049455-lIEj@ThirdPartyCompany_UnitTests> was received successfully. This is not a guarantee that the message has been processed by the receiving translator.
--MDNBoundary
Content-Type: message/disposition-notification
Original-Recipient: rfc822;UnitTests
Final-Recipient: rfc822;UnitTests
Original-Message-ID: <UnitTests-20190605-163049455-lIEj@ThirdPartyCompany_UnitTests>
Disposition: automatic-action/MDN-sent-automatically; processed
--MDNBoundary--
Part 2
Generate a signature for Part 1
This involves hashing the contents of that first part i.e. start at --MDNBoundary and finish at --MDNBoundary--
Remember to include the trailing \r\n
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Transfer-Encoding: base64
MIIFNQYJKoZIhvcNAQcCoIIFJjCCBSICAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA0Yw
ggNCMIICKqADAgECAhAEgxCDCl5FL5NapV+Kxn8gMA0GCSqGSIb3DQEBCwUAMB0xGzAZBgNVBAMT
EkRldmZ1c2lvblVuaXRUZXN0czAgFw0xOTA1MzAwODM4MDVaGA8yMTAyMDkzMDA4NDgwNVowHTEb
MBkGA1UEAxMSRGV2ZnVzaW9uVW5pdFRlc3RzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2lr1pIqvGbQrZpUfP1HsVVt4I9IxKq4mKMJZ3uqMi5IiM/7UzQwiiXhOPQTg8Yn0LZTW+D+
efG0N8zWhWmWz4XWDjo/+cFxZrtKpEdizD1ZPtDQicMX0Zyumt9pcKdw+VDOGbPOTmM/JA1DaB2/
TBh+LTtOpcYp0Z+YVWfT8nC+12FqF6wC3SmE/C/FnpEKEg6L8sv/T4FHxpZZnuJ4I3/bqXKsmaCd
M5dImbcqpRjimoquQutCMi/s5i1hTbGq7Mqpqq1PgLCieYAy5DOKYpYQbkpZdTZBsr4ryS5z5olg
fh6bBLlHHxGWMwLMMx0sn/9q93GOTE8wCkhA3dui5QIDAQABo3wwejAOBgNVHQ8BAf8EBAMCBaAw
CQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUt+AL
fRABCUQtVgPSqpMQJCdYxuswHQYDVR0OBBYEFLfgC30QAQlELVYD0qqTECQnWMbrMA0GCSqGSIb3
DQEBCwUAA4IBAQAz7VST1StdPp0Z6DJIz4NSqJ6pWwvO3SZKv8k6IwVd5ltDA9Aw3eAlgjMCVR+x
CyaB90cqxexVmgas+xvgrf3QpW1/5RlAGQ5MP804Tgm1VO9B/JVn5xgSfNCpivv2n8rApFRAnRM8
ItFBFHaUPu4IeuegPIMQg1AeiHHFQqxQ+1AG3OwTUvHvKCNFhC1+dhAgUPX277tb+5UbSP0FKk7n
huF0Rp+MjbC+FRCyPLAMhBz+HuCUtpT3IEBB33mh3WTq8yViRiq6Ccm5W0ovFL56Dqb4gLwAUwg1
eiauoITdk9qeOyk2dzvzyfbsHjqG+sCYLWVxjoI3HfU/f5/W3lCPMYIBtzCCAbMCAQEwMTAdMRsw
GQYDVQQDExJEZXZmdXNpb25Vbml0VGVzdHMCEASDEIMKXkUvk1qlX4rGfyAwCQYFKw4DAhoFAKBd
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE5MDYwNTE1MzA1MFow
IwYJKoZIhvcNAQkEMRYEFI5sPRPBcHqkVpCvMJexDAcssa2hMA0GCSqGSIb3DQEBAQUABIIBAFGb
cJmSxiPj0BgvSXUswCYUH5rA6eQAVXt8cLdRhAwaGqGpEoa13OQojF5mkU8Kql8q1gXPRlmG71dV
pT1ysgN26CNssOM21MsUMLCQuD2PQ1yJLXERbNw4K9vUwDga3U+H6YpsW4REclxhVUoaJm2EoQ+G
upuicCALP9lc80NtFr2vPYenBr7E2Yv64IqQX0jb8u8OMtkpCnojXtEuRhcUHfxhDjBRq2SJ9cKC
kexKFEm6IgvYWMrdlObSTuXo5zdAp3HJQIpmk8kFwDeECxiCe5o6UCE44PATmzREyYO0CYw3SXNF
qUZ3l86qxJO1V4jGxXto71WdXMxEiUNlPHA=
Message
Join parts 1 and 2 together using another multipart boundary marker
--80edd8a5-c53b-499d-8929-61a027d449d5
Content-Type: multipart/report; report-type=disposition-notification; boundary="MDNBoundary"
Content-Transfer-Encoding: 8bit
--MDNBoundary
Content-Type: text/plain
The incoming message from ThirdPartyCompany to UnitTests with Id <UnitTests-20190605-163049455-lIEj@ThirdPartyCompany_UnitTests> was received successfully. This is not a guarantee that the message has been processed by the receiving translator.
--MDNBoundary
Content-Type: message/disposition-notification
Original-Recipient: rfc822; mendelsontestAS2
Final-Recipient: rfc822; mendelsontestAS2
Original-Message-ID: <AS2_024737Thu>
Disposition: automatic-action/MDN-sent-automatically; processed
Received-Content-MIC: ztIqTMkKwPDxQRhvQajdHfOVx8A=, sha1
--MDNBoundary--
--80edd8a5-c53b-499d-8929-61a027d449d5
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Transfer-Encoding: base64
MIIFNQYJKoZIhvcNAQcCoIIFJjCCBSICAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCA0Yw
ggNCMIICKqADAgECAhAEgxCDCl5FL5NapV+Kxn8gMA0GCSqGSIb3DQEBCwUAMB0xGzAZBgNVBAMT
EkRldmZ1c2lvblVuaXRUZXN0czAgFw0xOTA1MzAwODM4MDVaGA8yMTAyMDkzMDA4NDgwNVowHTEb
MBkGA1UEAxMSRGV2ZnVzaW9uVW5pdFRlc3RzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2lr1pIqvGbQrZpUfP1HsVVt4I9IxKq4mKMJZ3uqMi5IiM/7UzQwiiXhOPQTg8Yn0LZTW+D+
efG0N8zWhWmWz4XWDjo/+cFxZrtKpEdizD1ZPtDQicMX0Zyumt9pcKdw+VDOGbPOTmM/JA1DaB2/
TBh+LTtOpcYp0Z+YVWfT8nC+12FqF6wC3SmE/C/FnpEKEg6L8sv/T4FHxpZZnuJ4I3/bqXKsmaCd
M5dImbcqpRjimoquQutCMi/s5i1hTbGq7Mqpqq1PgLCieYAy5DOKYpYQbkpZdTZBsr4ryS5z5olg
fh6bBLlHHxGWMwLMMx0sn/9q93GOTE8wCkhA3dui5QIDAQABo3wwejAOBgNVHQ8BAf8EBAMCBaAw
CQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUt+AL
fRABCUQtVgPSqpMQJCdYxuswHQYDVR0OBBYEFLfgC30QAQlELVYD0qqTECQnWMbrMA0GCSqGSIb3
DQEBCwUAA4IBAQAz7VST1StdPp0Z6DJIz4NSqJ6pWwvO3SZKv8k6IwVd5ltDA9Aw3eAlgjMCVR+x
CyaB90cqxexVmgas+xvgrf3QpW1/5RlAGQ5MP804Tgm1VO9B/JVn5xgSfNCpivv2n8rApFRAnRM8
ItFBFHaUPu4IeuegPIMQg1AeiHHFQqxQ+1AG3OwTUvHvKCNFhC1+dhAgUPX277tb+5UbSP0FKk7n
huF0Rp+MjbC+FRCyPLAMhBz+HuCUtpT3IEBB33mh3WTq8yViRiq6Ccm5W0ovFL56Dqb4gLwAUwg1
eiauoITdk9qeOyk2dzvzyfbsHjqG+sCYLWVxjoI3HfU/f5/W3lCPMYIBtzCCAbMCAQEwMTAdMRsw
GQYDVQQDExJEZXZmdXNpb25Vbml0VGVzdHMCEASDEIMKXkUvk1qlX4rGfyAwCQYFKw4DAhoFAKBd
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE5MDYwNTE1MzA1MFow
IwYJKoZIhvcNAQkEMRYEFI5sPRPBcHqkVpCvMJexDAcssa2hMA0GCSqGSIb3DQEBAQUABIIBAFGb
cJmSxiPj0BgvSXUswCYUH5rA6eQAVXt8cLdRhAwaGqGpEoa13OQojF5mkU8Kql8q1gXPRlmG71dV
pT1ysgN26CNssOM21MsUMLCQuD2PQ1yJLXERbNw4K9vUwDga3U+H6YpsW4REclxhVUoaJm2EoQ+G
upuicCALP9lc80NtFr2vPYenBr7E2Yv64IqQX0jb8u8OMtkpCnojXtEuRhcUHfxhDjBRq2SJ9cKC
kexKFEm6IgvYWMrdlObSTuXo5zdAp3HJQIpmk8kFwDeECxiCe5o6UCE44PATmzREyYO0CYw3SXNF
qUZ3l86qxJO1V4jGxXto71WdXMxEiUNlPHA=
--80edd8a5-c53b-499d-8929-61a027d449d5--