X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=util%2Fcrypto.c;h=c09f467b350b5d453e799d5b7941463544b411a0;hp=0bb6f526868103009bcdec25c7872c9bc3e1d167;hb=HEAD;hpb=1979145b91fa85d6952b94db561a46238265d910 diff --git a/util/crypto.c b/util/crypto.c index 0bb6f526..156a6550 100644 --- a/util/crypto.c +++ b/util/crypto.c @@ -34,7 +34,7 @@ GMimeObject * _notmuch_crypto_decrypt (bool *attempted, notmuch_decryption_policy_t decrypt, notmuch_message_t *message, - GMimeMultipartEncrypted *part, + GMimeObject *part, GMimeDecryptResult **decrypt_result, GError **err) { @@ -48,17 +48,30 @@ _notmuch_crypto_decrypt (bool *attempted, notmuch_message_properties_t *list = NULL; for (list = notmuch_message_get_properties (message, "session-key", TRUE); - notmuch_message_properties_valid (list); notmuch_message_properties_move_to_next (list)) { + notmuch_message_properties_valid (list); notmuch_message_properties_move_to_next ( + list)) { if (err && *err) { g_error_free (*err); *err = NULL; } if (attempted) *attempted = true; - ret = g_mime_multipart_encrypted_decrypt (part, - GMIME_DECRYPT_NONE, - notmuch_message_properties_value (list), - decrypt_result, err); + if (GMIME_IS_MULTIPART_ENCRYPTED (part)) { + ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), + GMIME_DECRYPT_NONE, + notmuch_message_properties_value (list), + decrypt_result, err); + } else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) { + GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part); + GMimeSecureMimeType type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7); + if (type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) { + ret = g_mime_application_pkcs7_mime_decrypt (pkcs7, + GMIME_DECRYPT_NONE, + notmuch_message_properties_value ( + list), + decrypt_result, err); + } + } if (ret) break; } @@ -79,10 +92,20 @@ _notmuch_crypto_decrypt (bool *attempted, if (attempted) *attempted = true; GMimeDecryptFlags flags = GMIME_DECRYPT_NONE; + if (decrypt == NOTMUCH_DECRYPT_TRUE && decrypt_result) flags |= GMIME_DECRYPT_EXPORT_SESSION_KEY; - ret = g_mime_multipart_encrypted_decrypt (part, flags, NULL, - decrypt_result, err); + if (GMIME_IS_MULTIPART_ENCRYPTED (part)) { + ret = g_mime_multipart_encrypted_decrypt (GMIME_MULTIPART_ENCRYPTED (part), flags, NULL, + decrypt_result, err); + } else if (GMIME_IS_APPLICATION_PKCS7_MIME (part)) { + GMimeApplicationPkcs7Mime *pkcs7 = GMIME_APPLICATION_PKCS7_MIME (part); + GMimeSecureMimeType p7type = g_mime_application_pkcs7_mime_get_smime_type (pkcs7); + if (p7type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) { + ret = g_mime_application_pkcs7_mime_decrypt (pkcs7, flags, NULL, + decrypt_result, err); + } + } return ret; } @@ -108,7 +131,8 @@ _notmuch_message_crypto_new (void *ctx) } notmuch_status_t -_notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypto, GMimeSignatureList *sigs) +_notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypto, + GMimeSignatureList *sigs) { if (! msg_crypto) return NOTMUCH_STATUS_NULL_POINTER; @@ -137,7 +161,8 @@ _notmuch_message_crypto_potential_sig_list (_notmuch_message_crypto_t *msg_crypt bool -_notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto, GMimeObject *part, GMimeObject *parent, int childnum) +_notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto, GMimeObject *part, + GMimeObject *parent, int childnum) { const char *protected_headers = NULL; const char *forwarded = NULL; @@ -155,7 +180,8 @@ _notmuch_message_crypto_potential_payload (_notmuch_message_crypto_t *msg_crypto * encryption protocol should be "control information" metadata, * not payload. So we skip it. (see * https://tools.ietf.org/html/rfc1847#page-8) */ - if (parent && GMIME_IS_MULTIPART_ENCRYPTED (parent) && childnum == GMIME_MULTIPART_ENCRYPTED_VERSION) { + if (parent && GMIME_IS_MULTIPART_ENCRYPTED (parent) && childnum == + GMIME_MULTIPART_ENCRYPTED_VERSION) { const char *enc_type = g_mime_object_get_content_type_parameter (parent, "protocol"); GMimeContentType *ct = g_mime_object_get_content_type (part); if (ct && enc_type) {