Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handling of encrypted PGP/MIME multipart messages #175

Open
nmeum opened this issue May 16, 2020 · 5 comments
Open

Handling of encrypted PGP/MIME multipart messages #175

nmeum opened this issue May 16, 2020 · 5 comments

Comments

@nmeum
Copy link
Contributor

nmeum commented May 16, 2020
edited
Loading

I recently noticed that contrib/mpgp doesn't seem to handle encrypted PGP/MIME multipart messages well. For instance, consider an encrypted PGP/MIME messages which consists of text + attachments (e.g. tarballs). Since mpgp is a filter it does not seem to be possible to extract attachments from such a message (e.g. through mshow -x) or at least, I didn't manage to do so.

In case anybody else is encountering this issue, I wrote myself the following script (mshowpgp) which I use instead of mpgp:

#!/bin/sh
# Decryptes current mblaze PGP/MIME message.
set -e

# See ENVIRONMENT section in mseq(1).
MBLAZE="${MBLAZE:-$HOME/.mblaze}"
MAILCUR="${MAILCUR:-$MBLAZE/cur}"

n=$(mshow -t | awk -F: '
	/: application\/pgp-encrypted/ {supported = 1}
	/: application\/octet-stream/ {if (supported) { print $1; exit }}')

if [ "$n" ]; then
	mshow -n -O "$MAILCUR" "$n" | gpg --decrypt | mshow -n /dev/stdin "$@"
	exit 0
else
	echo "Current mblaze message is not PGP/MIME encrypted" 1>&2
	exit 1
fi

If the current message is PGP/MIME encrypted its attachments can be extracted using mshowpgp -x as usual. The script also illustrates some shortcomings of mshow:

  1. There doesn't seem to be any portable way of reading messages from standard input (iirc /dev/stdin is not specified by POSIX).
  2. If mshow -x or mshow -O is used it does not seem to be possible to use the current message without explicitly specifying its path.

If there is any way to extract attachments with the mpgp filter please let me know.
@leahneukirchen
Copy link
Owner

/dev/stdin is indeed not POSIX, but exist on every system except for AIX it seems. ;)
I can't use - as that is the previous message.

mshow -x . 3 should work fine?

@leahneukirchen
Copy link
Owner

I dunno an easier way to solve your problem.

@nmeum nmeum closed this as completed May 17, 2020
@leahneukirchen
Copy link
Owner

Reopening this. I looked into using filters for mshow -t and -x, but it seems like a waste to run them just because of the exit status.

Perhaps mgpg should just be integrated into mshow directly (and spawn gpg via a pipe).

Patches welcome.

@nmeum
Copy link
Contributor Author

nmeum commented May 23, 2020

Perhaps mgpg should just be integrated into mshow directly (and spawn gpg via a pipe).

I am personally happy with my setup where I decrypt mails using a separate mshowpgp program. If someone implements PGP support in mshow itself, be careful not to run into efail in combination with text/html filters.

@leahneukirchen leahneukirchen mentioned this issue Feb 2, 2021
Open
@xelxebar
Copy link

Late to the party here, but I'm just doing something way dumber here: mgpgshow(){ mraw "$1" | gpg --decrypt | mshow -;}.

That said. It would be nice to also verify the signature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@leahneukirchen @xelxebar @nmeum