Skip to content
Snippets Groups Projects

Find recipients of S/MIME encrypted email

  • Clone with SSH
  • Clone with HTTPS
  • Embed
  • Share
    The snippet can be accessed without any authentication.
    Authored by Heiko Reese

    This requires an S/MIME encrypted email in the on-wire format (no Microsoft MAPI or other proprietary groupware BS). Most MUAs write this when an email is saved as a file.

    Almost all encrypted emails contain a list of serial number for which the email was encrypted. Open a shell on Linux (WSL or Cygwin should work fine for Windows users) with openssl version 3.x installed and do this (substitute enc.eml for the actual filename):

    cat enc.eml | openssl cms -print -cmsout | awk '/recipientInfos:/{p=1} p && /serialNumber:/'

    You should get a list of serial numbers. Log into KIT-CA Search and search for all of them. The list may contain some serials from the chain or from unknown certificates, so don't be alarmed if you can't find all of them.

    Edited
    encrypted_mail_recipient_serials.sh 129 B
    1
    2
    3
    4
    5 
    #!/usr/bin/env bash

set -euo pipefail

cat "$1" | openssl cms -print -cmsout | awk '/recipientInfos:/{p=1} p && /serialNumber:/'
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment

    Help | Imprint | Privacy policy | Accessibility | Contact