smime: Pass PKCS#7 envelopedData to node_decrypt_and_verify

This change means we can support "notmuch show --decrypt=true" for S/MIME encrypted messages, resolving several outstanding broken tests, including all the remaining S/MIME protected header examples. We do not yet handle indexing the cleartext of S/MIME encrypted messages, though. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2020-05-12 18:29:38 -0400
committer: David Bremner <david@tethera.net> 2020-05-22 22:11:51 -0300
commit: cb88b51fe55fcb01235747d4b94072fa6efd501c (patch)
tree: 28aa38afdbcefc82013e0ad7ea106547b13a18dd /mime-node.c
parent: 1a34f68a584c2731d33cd5d2a4ee4e6d7faf6a83 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/mime-node.c b/mime-node.c
index c2ee858d..f552e03a 100644
--- a/mime-node.c
+++ b/mime-node.c
@@ -390,6 +390,12 @@ _mime_node_set_up_part (mime_node_t *node, GMimeObject *part, int numchild)
 	 * to just unwrap (instead of verifying), but
 	 * https://github.com/jstedfast/gmime/issues/67 */
 	node_verify (node, part);
+    } else if (GMIME_IS_APPLICATION_PKCS7_MIME (part) &&
+	       GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA == g_mime_application_pkcs7_mime_get_smime_type (GMIME_APPLICATION_PKCS7_MIME (part)) &&
+	       (node->ctx->crypto->decrypt != NOTMUCH_DECRYPT_FALSE)) {
+	node_decrypt_and_verify (node, part);
+	if (node->unwrapped_child && node->nchildren == 0)
+	    node->nchildren = 1;
     } else {
 	if (_notmuch_message_crypto_potential_payload (node->ctx->msg_crypto, part, node->parent ? node->parent->part : NULL, numchild) &&
 	    node->ctx->msg_crypto->decryption_status == NOTMUCH_MESSAGE_DECRYPTED_FULL) {
author	Daniel Kahn Gillmor <dkg@fifthhorseman.net>	2020-05-12 18:29:38 -0400
committer	David Bremner <david@tethera.net>	2020-05-22 22:11:51 -0300
commit	cb88b51fe55fcb01235747d4b94072fa6efd501c (patch)
tree	28aa38afdbcefc82013e0ad7ea106547b13a18dd /mime-node.c
parent	1a34f68a584c2731d33cd5d2a4ee4e6d7faf6a83 (diff)