[gmime-devel] g_mime_multipart_signed_verify and protocol mismatch

From: David Bremner <david tethera net>
To: gmime-devel-list gnome org
Cc: notmuch notmuchmail org, Alexander Adolf <alexander adolf condition-alpha com>, Daniel Kahn Gillmor <dkg debian org>
Subject: [gmime-devel] g_mime_multipart_signed_verify and protocol mismatch
Date: Mon, 07 Feb 2022 09:35:54 -0400


I have a bug report from a notmuch user that notmuch is unable to verify
the signature on a message with the following mime structure

└┬╴multipart/signed 29717 bytes
 ├┬╴multipart/related 18125 bytes
 │├┬╴multipart/alternative 14402 bytes
 ││├─╴text/plain 2766 bytes
 ││└─╴text/html 11223 bytes
 │└─╴image/jpeg [image001.jpg] 3372 bytes
 └─╴application/pkcs7-signature attachment [smime.p7s] 6979 bytes

The problem seems to be that the outer Content-Type declares

Content-Type: multipart/signed;
        protocol="application/x-pkcs7-signature";

while the actual signature part has

Content-Type: application/pkcs7-signature;

gmime quite correctly reports this as a mismatch, but I wonder if it
should be a tolerated mismatch? I saw there is already some attempt in
gmime to alias the two content-types, but I didn't follow the scope of
that aliasing.

Unfortunately I cannot share the message in question, but if needed I
could try to make an artificial test message with the same issue.

All the best,

David

Follow-Ups:
- Re: [gmime-devel] [EXTERNAL] g_mime_multipart_signed_verify and protocol mismatch
  - From: Jeffrey Stedfast

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]