g_mime_multipart_signed_verify and protocol mismatch

Subject: g_mime_multipart_signed_verify and protocol mismatch

Date: Mon, 07 Feb 2022 09:35:54 -0400

Cc: notmuch@notmuchmail.org, Alexander Adolf, Daniel Kahn Gillmor

I have a bug report from a notmuch user that notmuch is unable to verify
the signature on a message with the following mime structure

└┬╴multipart/signed 29717 bytes
 ├┬╴multipart/related 18125 bytes
 │├┬╴multipart/alternative 14402 bytes
 ││├─╴text/plain 2766 bytes
 ││└─╴text/html 11223 bytes
 │└─╴image/jpeg [image001.jpg] 3372 bytes
 └─╴application/pkcs7-signature attachment [smime.p7s] 6979 bytes

The problem seems to be that the outer Content-Type declares

Content-Type: multipart/signed;
	protocol="application/x-pkcs7-signature";

while the actual signature part has

Content-Type: application/pkcs7-signature;

gmime quite correctly reports this as a mismatch, but I wonder if it
should be a tolerated mismatch? I saw there is already some attempt in
gmime to alias the two content-types, but I didn't follow the scope of
that aliasing.

Unfortunately I cannot share the message in question, but if needed I
could try to make an artificial test message with the same issue.

All the best,

David


_______________________________________________
notmuch mailing list -- notmuch@notmuchmail.org
To unsubscribe send an email to notmuch-leave@notmuchmail.org

Previous message (by thread): RE: [EXTERNAL] [gmime-devel] g_mime_multipart_signed_verify and protocol mismatch

Thread:

David Bremner—g_mime_multipart_signed_verify and protocol mismatch [inbox, unread]
- Jeffrey Stedfast—RE: [EXTERNAL] [gmime-devel] g_mime_multipart_signed_verify and protocol mismatch [inbox, unread]