mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-11-22 02:48:08 +01:00
crypto: handle PKCS#7 envelopedData in _notmuch_crypto_decrypt
In the two places where _notmuch_crypto_decrypt handles multipart/encrypted messages (PGP/MIME), we should also handle PKCS#7 envelopedData (S/MIME). This is insufficient for fully handling S/MIME encrypted data because _notmuch_crypto_decrypt isn't yet actually invoked for envelopedData parts, but that will happen in the following changes. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
2b108728c4
commit
1a34f68a58
1 changed files with 26 additions and 6 deletions
|
@ -55,10 +55,21 @@ _notmuch_crypto_decrypt (bool *attempted,
|
||||||
}
|
}
|
||||||
if (attempted)
|
if (attempted)
|
||||||
*attempted = true;
|
*attempted = true;
|
||||||
|
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
|
||||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
|
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part),
|
||||||
GMIME_DECRYPT_NONE,
|
GMIME_DECRYPT_NONE,
|
||||||
notmuch_message_properties_value (list),
|
notmuch_message_properties_value (list),
|
||||||
decrypt_result, err);
|
decrypt_result, err);
|
||||||
|
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
|
||||||
|
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
|
||||||
|
GMimeSecureMimeType type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
|
||||||
|
if (type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
|
||||||
|
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7,
|
||||||
|
GMIME_DECRYPT_NONE,
|
||||||
|
notmuch_message_properties_value (list),
|
||||||
|
decrypt_result, err);
|
||||||
|
}
|
||||||
|
}
|
||||||
if (ret)
|
if (ret)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -81,8 +92,17 @@ _notmuch_crypto_decrypt (bool *attempted,
|
||||||
GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
|
GMimeDecryptFlags flags = GMIME_DECRYPT_NONE;
|
||||||
if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result)
|
if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result)
|
||||||
flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
|
flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY;
|
||||||
|
if (GMIME_IS_MULTIPART_ENCRYPTED (part)) {
|
||||||
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
|
ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL,
|
||||||
decrypt_result, err);
|
decrypt_result, err);
|
||||||
|
} else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) {
|
||||||
|
GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part);
|
||||||
|
GMimeSecureMimeType p7type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7);
|
||||||
|
if (p7type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
|
||||||
|
ret = g_mime_application_pkcs7_mime_decrypt (pkcs7, flags, NULL,
|
||||||
|
decrypt_result, err);
|
||||||
|
}
|
||||||
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue