smime: Identify encrypted S/MIME parts during indexing
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Tue, 12 May 2020 22:29:32 +0000 (18:29 -0400)
committerDavid Bremner <david@tethera.net>
Sat, 23 May 2020 01:10:55 +0000 (22:10 -0300)
We don't handle them correctly yet, but we can at least mark them as
being encrypted.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
lib/index.cc
test/T355-smime.sh

index bbf13dc5e9127d3ae2fca1aae39b987523de4e68..f029b334be407bafa820bab04f01294642208fe9 100644 (file)
@@ -654,6 +654,10 @@ _index_pkcs7_part (notmuch_message_t *message,
                notmuch_message_add_property (message, "index.repaired", "skip-protected-headers-legacy-display");
        }
        _index_mime_part (message, indexopts, toindex, msg_crypto);
+    } else if (p7type == GMIME_SECURE_MIME_TYPE_ENVELOPED_DATA) {
+       _notmuch_message_add_term (message, "tag", "encrypted");
+       if (notmuch_indexopts_get_decrypt_policy (indexopts) != NOTMUCH_DECRYPT_FALSE)
+           _notmuch_database_log (notmuch, "Cannot decrypt PKCS#7 envelopedData (S/MIME encrypted messages)\n");
     } else {
        _notmuch_database_log (notmuch, "Cannot currently handle PKCS#7 smime-type '%s'\n",
                               g_mime_object_get_content_type_parameter (part, "smime-type"));
index a7eecedfed2a61b19bb30514bed09d710142bb12..7c28282a4c1a95737edf73ac4a8dbf8cfa2b063d 100755 (executable)
@@ -98,7 +98,6 @@ test_json_nodes <<<"$output" \
                 'crypto_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Notmuch Test Suite"'
 
 test_begin_subtest "encrypted+signed message is known to be encrypted, but signature is unknown"
-test_subtest_known_broken
 output=$(notmuch search subject:"test encrypted message 001")
 test_expect_equal "$output" "thread:0000000000000002   2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox)"