debian/notmuch
1
0
Fork 0
mirror of https://git.notmuchmail.org/git/notmuch synced 2024-11-21 10:28:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: handle PKCS#7 envelopedData in _notmuch_crypto_decrypt

Browse source 
In the two places where _notmuch_crypto_decrypt handles
multipart/encrypted messages (PGP/MIME), we should also handle PKCS#7
envelopedData (S/MIME).

This is insufficient for fully handling S/MIME encrypted data because
_notmuch_crypto_decrypt isn't yet actually invoked for envelopedData
parts, but that will happen in the following changes.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2020-05-12 18:29:37 -04:00 committed by David Bremner
parent 2b108728c4
commit 1a34f68a58
1 changed files with 26 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
util/crypto.c
View file

@ -55,10 +55,21 @@ _notmuch_crypto_decrypt (bool *attempted,
}
if (attempted)
*attempted = true;
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
GMIME_DECRYPT_NONE,
notmuch_message_properties_value (list),
decrypt_result, err);
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
GMIME_DECRYPT_NONE,
notmuch_message_properties_value (list),
decrypt_result, err);
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
GMimeSecureMimeType type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
if (type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7,
GMIME_DECRYPT_NONE,
notmuch_message_properties_value (list),
decrypt_result, err);
}
}
if (ret)
break;
}
@ -81,8 +92,17 @@ _notmuch_crypto_decrypt (bool *attempted,
GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result)
flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
decrypt_result, err);
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
decrypt_result, err);
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
GMimeSecureMimeType p7type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
if (p7type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7, flags, NULL,
decrypt_result, err);
}
}
return ret;
}