diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2019-11-25 16:45:48 -0500 |
|---|---|---|
| committer | Sean Whitton <spwhitton@spwhitton.name> | 2019-11-28 11:09:01 -0700 |
| commit | 3c84e68d79ed84f916f1b983168d58e0f360686b (patch) | |
| tree | 89b8a7cd3d883877108b1fc5a40764f75faa0cd2 /email-print-mime-structure | |
| parent | 5aebcfb2df96cc142f1787b18849cea06f898816 (diff) | |
| download | mailscripts-3c84e68d79ed84f916f1b983168d58e0f360686b.tar.gz | |
email-print-mime-structure: decrypt S/MIME parts using gpgsm
Decrypt ciphertext using gpgsm if the user has indicated that it's ok.
This includes a new element in the test suite, which uses secret key
material from https://www.ietf.org/id/draft-dkg-lamps-samples-01.html
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Acked-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'email-print-mime-structure')
| -rwxr-xr-x | email-print-mime-structure | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/email-print-mime-structure b/email-print-mime-structure index d152b34..e82d56e 100755 --- a/email-print-mime-structure +++ b/email-print-mime-structure @@ -83,6 +83,7 @@ class MimePrinter(object): print(f'{prefix}{z.get_content_type()}{cset}{disposition}{fname} {nbytes:d} bytes') cryptopayload:Optional[Message] = None try_pgp_decrypt:bool = self.args.pgpkey or self.args.use_gpg_agent + try_cms_decrypt:bool = self.args.use_gpg_agent if try_pgp_decrypt and \ (parent is not None) and \ @@ -91,6 +92,13 @@ class MimePrinter(object): (num == 2): cryptopayload = self.decrypt_part(z, EncType.PGPMIME) + if try_cms_decrypt and \ + cryptopayload is None and \ + z.get_content_type().lower() == 'application/pkcs7-mime' and \ + str(z.get_param('smime-type')).lower() in ['authenveloped-data', + 'enveloped-data']: + cryptopayload = self.decrypt_part(z, EncType.SMIME) + if cryptopayload is not None: newprefix = prefix[:-3] + ' ' print(f'{newprefix}↧ (decrypts to)') @@ -107,6 +115,9 @@ class MimePrinter(object): cryptopayload = self.pgpy_decrypt(self.args.pgpkey, ciphertext) if cryptopayload is None and self.args.use_gpg_agent: cryptopayload = self.pipe_decrypt(ciphertext, ['gpg', '--batch', '--decrypt']) + elif flavor == EncType.SMIME: + if self.args.use_gpg_agent: + cryptopayload = self.pipe_decrypt(ciphertext, ['gpgsm', '--batch', '--decrypt']) if cryptopayload is None: logging.warning(f'Unable to decrypt') return cryptopayload |