[Patch v4 5/5] test: add broken test for SMIME decryption with notmuch CLI

David Bremner david at tethera.net
Mon Jan 26 14:59:40 PST 2015


David Bremner <david at tethera.net> writes:

> The test JSON here is not correct, but the larger problem is thatit
> seems like no actual decryption is being done.

I played with this some more, and it seems like Jamie's code (and the
gmime sample code [1] expects the top level part to be
multipart/encrypted.  Message-mode on the other hand generates messages
with a single application/x-pkcs7-mime part.  According to my reading of
rfc5751 section 3.9, they're both wrong. 'application/pkcs7-mime' is
legit, as is, wait for it, "application/octet-stream" with a file suffix
of "p7m", "p7s", "p7c", or "p7z".  So I guess we have to check for
x-pkcs7-mime as well?  Apparently this has only been a known problem [2]
for 15 years or so.

[1]: https://github.com/GNOME/gmime/blob/master/tests/test-smime.c
[2]: http://www.imc.org/ietf-smime/mail-archive/msg00726.html


More information about the notmuch mailing list