mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-12-22 01:14:53 +01:00
crypto: handle PKCS#7 envelopedData in _notmuch_crypto_decrypt
In the two places where _notmuch_crypto_decrypt handles multipart/encrypted messages (PGP/MIME), we should also handle PKCS#7 envelopedData (S/MIME). This is insufficient for fully handling S/MIME encrypted data because _notmuch_crypto_decrypt isn't yet actually invoked for envelopedData parts, but that will happen in the following changes. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
2b108728c4
commit
1a34f68a58
1 changed files with 26 additions and 6 deletions
|
@ -55,10 +55,21 @@ _notmuch_crypto_decrypt (bool *attempted,
|
|||
}
|
||||
if (attempted)
|
||||
*attempted = true;
|
||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
|
||||
GMIME_DECRYPT_NONE,
|
||||
notmuch_message_properties_value (list),
|
||||
decrypt_result, err);
|
||||
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
|
||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
|
||||
GMIME_DECRYPT_NONE,
|
||||
notmuch_message_properties_value (list),
|
||||
decrypt_result, err);
|
||||
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
|
||||
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
|
||||
GMimeSecureMimeType type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
|
||||
if (type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
|
||||
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7,
|
||||
GMIME_DECRYPT_NONE,
|
||||
notmuch_message_properties_value (list),
|
||||
decrypt_result, err);
|
||||
}
|
||||
}
|
||||
if (ret)
|
||||
break;
|
||||
}
|
||||
|
@ -81,8 +92,17 @@ _notmuch_crypto_decrypt (bool *attempted,
|
|||
GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
|
||||
if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result)
|
||||
flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
|
||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
|
||||
decrypt_result, err);
|
||||
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
|
||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
|
||||
decrypt_result, err);
|
||||
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
|
||||
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
|
||||
GMimeSecureMimeType p7type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
|
||||
if (p7type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
|
||||
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7, flags, NULL,
|
||||
decrypt_result, err);
|
||||
}
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue