[Patch v4 5/5] test: add broken test for SMIME decryption with notmuch CLI
David Bremner
david at tethera.net
Mon Jan 26 14:59:40 PST 2015
David Bremner <david at tethera.net> writes:
> The test JSON here is not correct, but the larger problem is thatit
> seems like no actual decryption is being done.
I played with this some more, and it seems like Jamie's code (and the
gmime sample code [1] expects the top level part to be
multipart/encrypted. Message-mode on the other hand generates messages
with a single application/x-pkcs7-mime part. According to my reading of
rfc5751 section 3.9, they're both wrong. 'application/pkcs7-mime' is
legit, as is, wait for it, "application/octet-stream" with a file suffix
of "p7m", "p7s", "p7c", or "p7z". So I guess we have to check for
x-pkcs7-mime as well? Apparently this has only been a known problem [2]
for 15 years or so.
[1]: https://github.com/GNOME/gmime/blob/master/tests/test-smime.c
[2]: http://www.imc.org/ietf-smime/mail-archive/msg00726.html
More information about the notmuch
mailing list