path: root/email-print-mime-structure
diff options
authorDaniel Kahn Gillmor <>2019-11-25 16:45:49 -0500
committerSean Whitton <>2019-11-28 11:09:01 -0700
commit15ed2184e61e40a35e56921aa57a49726f56b5c2 (patch)
treedcbfc5dee613788a87a4b747dad95a66f64dff75 /email-print-mime-structure
parent3c84e68d79ed84f916f1b983168d58e0f360686b (diff)
email-print-mime-structure: decrypt S/MIME parts with OpenSSL
If the user supplies a secret key like the ones found in, then email-print-mime-structure will try to use that for decryption of CMS-encrypted (S/MIME) message parts. Signed-off-by: Daniel Kahn Gillmor <> Acked-by: Sean Whitton <>
Diffstat (limited to 'email-print-mime-structure')
1 files changed, 10 insertions, 2 deletions
diff --git a/email-print-mime-structure b/email-print-mime-structure
index e82d56e..4de0789 100755
--- a/email-print-mime-structure
+++ b/email-print-mime-structure
@@ -83,7 +83,7 @@ class MimePrinter(object):
print(f'{prefix}{z.get_content_type()}{cset}{disposition}{fname} {nbytes:d} bytes')
cryptopayload:Optional[Message] = None
try_pgp_decrypt:bool = self.args.pgpkey or self.args.use_gpg_agent
- try_cms_decrypt:bool = self.args.use_gpg_agent
+ try_cms_decrypt:bool = self.args.cmskey or self.args.use_gpg_agent
if try_pgp_decrypt and \
(parent is not None) and \
@@ -116,6 +116,12 @@ class MimePrinter(object):
if cryptopayload is None and self.args.use_gpg_agent:
cryptopayload = self.pipe_decrypt(ciphertext, ['gpg', '--batch', '--decrypt'])
elif flavor == EncType.SMIME:
+ if self.args.cmskey:
+ for keyname in self.args.cmskey:
+ cmd = ['openssl', 'smime', '-decrypt', '-inform', 'DER', '-inkey', keyname]
+ cryptopayload = self.pipe_decrypt(ciphertext, cmd)
+ if cryptopayload:
+ return cryptopayload
if self.args.use_gpg_agent:
cryptopayload = self.pipe_decrypt(ciphertext, ['gpgsm', '--batch', '--decrypt'])
if cryptopayload is None:
@@ -175,7 +181,9 @@ def main() -> None:
parser:ArgumentParser = ArgumentParser(description='Read RFC2822 MIME message from stdin and emit a tree diagram to stdout.',
epilog="Example: email-print-mime-structure <message.eml")
parser.add_argument('--pgpkey', metavar='KEYFILE', action='append',
- help='OpenPGP Transferable Secret Key for decrypting')
+ help='OpenPGP Transferable Secret Key for decrypting PGP/MIME')
+ parser.add_argument('--cmskey', metavar='KEYFILE', action='append',
+ help='X.509 Private Key for decrypting S/MIME')
parser.add_argument('--use-gpg-agent', action='store_true',
help='Ask local GnuPG installation for decryption')
parser.add_argument('--no-use-gpg-agent', action='store_false',