|
|
According to RFC 2311 C.1 (https://tools.ietf.org/html/rfc2311#appendix-C.1) following mime-types:
application/x-pkcs7-mime
application/x-pkcs7-signature
application/x-pkcs10
should also be supported. |
|
|
|
The same issue exists for GPG signed+encrypted emails with the following content-type:
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
MessageClass is set to IPM.Note, instead of IPM.Note.SMIME. |
|
|
|
Please attach a patch for what you have found, so that people from inverse can have a look. |
|
|
|
@tfu:
I have no experience in Object C, unfortunately. |
|
|
|
May be
else if ([subtype isEqualToString: @"pkcs7-mime"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME"];
should be replaced with the following:
else if ([subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME"]; |
|
|
|
your sample looks ok - can you compile it and test the problem you described is fixed. i.e. test with your client which sends/use other mime-types then currently supported. |
|
|
|
I could try to do this, but I've never compiled SoGo from source. |
|
|
|
sogo-2.3.8-st41ker.patch (2,538 bytes)
diff -uNr SOGo-2.3.8/ActiveSync/SOGoMailObject+ActiveSync.m SOGo-2.3.8-2/ActiveSync/SOGoMailObject+ActiveSync.m
--- SOGo-2.3.8/ActiveSync/SOGoMailObject+ActiveSync.m 2016-03-05 21:09:27.000000000 +0200
+++ SOGo-2.3.8-2/ActiveSync/SOGoMailObject+ActiveSync.m 2016-03-11 19:27:36.554328063 +0200
@@ -522,7 +522,7 @@
else if ([type isEqualToString: @"multipart"])
*theNativeType = 4;
- if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && theMimeSupport > 0)
+ if (([subtype isEqualToString: @"signed"] || [subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"]) && theMimeSupport > 0)
{
*theNativeType = 4;
isSMIME = YES;
@@ -900,7 +900,7 @@
// MesssageClass and ContentClass
if ([subtype isEqualToString: @"signed"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME.MultipartSigned"];
- else if ([subtype isEqualToString: @"pkcs7-mime"])
+ else if ([subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME"];
else
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note"];
@@ -1024,7 +1024,7 @@
// For s/mime mails type is always 4 if mimeSupport is 1 or 2.
if (preferredBodyType == 2 && nativeBodyType == 1)
[s appendString: @"<Type>1</Type>"];
- else if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && mimeSupport > 0)
+ else if (([subtype isEqualToString: @"signed"] || [subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"]) && mimeSupport > 0)
[s appendString: @"<Type>4</Type>"];
else
[s appendFormat: @"<Type>%d</Type>", preferredBodyType];
diff -uNr SOGo-2.3.8/SoObjects/Mailer/SOGoMailObject.m SOGo-2.3.8-1/SoObjects/Mailer/SOGoMailObject.m
--- SOGo-2.3.8/SoObjects/Mailer/SOGoMailObject.m 2016-03-05 21:09:28.000000000 +0200
+++ SOGo-2.3.8-1/SoObjects/Mailer/SOGoMailObject.m 2016-03-11 19:26:32.017596837 +0200
@@ -851,7 +851,7 @@
// We set the path to 0 in case of a smime mail if not provided.
subtype = [[part objectForKey: @"subtype"] lowercaseString];
- if ([subtype isEqualToString: @"pkcs7-mime"])
+ if ([subtype hasSuffix: @"pkcs7-mime"])
path = @"0";
}
|
|
|
|
I've uploaded working by somehow patch.
Both PGP and SMIME are working for Outlook, BB10, Android 4.x. |
|
|
|
The same problem with PGP signed+encrypted mail sent from Office365 account.
I've lost in the SoGo sources, so I'll just place sample mail headers below.
Content-Type: multipart/mixed;
boundary="_0032016031118073453289815328944"
MIME-Version: 1.0
X-OriginatorOrg: acme.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Mar 2016 18:07:36.1502
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a4eecb42-9843-4214-81da-4483d7e7304f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR17MB0371
--_0032016031118073453289815328944
Content-Type: text/plain; charset="koi8-r"
Content-Transfer-Encoding: quoted-printable
--_0032016031118073453289815328944
Content-Type: application/pgp-encrypted; name="ATT00001"
Content-Description: ATT00001
Content-Disposition: attachment; filename="ATT00001";
creation-date="Fri, 11 Mar 2016 18:07:35 GMT";
modification-date="Fri, 11 Mar 2016 18:07:35 GMT"
Content-ID: <D2AA99F0B98B364D8A15B3B779B6293D@acme.com>
Content-Transfer-Encoding: base64
--_0032016031118073453289815328944
Content-Type: application/octet-stream; name="ATT00002.bin"
Content-Description: ATT00002.bin
Content-Disposition: attachment; filename="ATT00002.bin"; size=1523;
creation-date="Fri, 11 Mar 2016 18:07:35 GMT";
modification-date="Fri, 11 Mar 2016 18:07:35 GMT"
Content-ID: <7DEC469E655E3F438BC6DBE704985D24@acme.com>
Content-Transfer-Encoding: base64
LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQoNCndjQk1BeUNWZ1hDMmZyM29BUWYvV281SG93 |
|
tfu
2016-03-11 21:19
reporter
~0009714
Last edited: 2016-03-11 23:06
|
I don't understand your last update.
btw. why do you think we should return messageclass IPM.Note.SMIME for PGP encrypted emails. |
|
|
|
@tfu:
In my last reply I've provided sample email headers for email that SoGo classified as IPM.Note, since that I can not found where to look in the SoGo sources to fix this.
Your second question could be answered by MS in their AS protocol specs: https://msdn.microsoft.com/en-us/library/ee200767%28v=exchg.80%29.aspx
IPM.Note.SMIME: The message is encrypted and can also be signed.
In my example above email is a MIME email, and it is encrypted, and signed.
There is another type of PGP encryption - inline encryption. These emails should have IPM.Note MessageClass if they are not signed, and should have IPM.Note.SMIME.MultipartSigned if they're PGP signed.
At least, Office365 works exactly as I've proposed here. |
|
|
|
I don't think that PGP encrypted/signed emails can be handled the same way as SMIME signed/encrypted mails. EAS can deal with sMIME mails (there is the validateCert command which is used to verify signed (IPM.Note.SMIME) mails.
IPM.Note.SMIME: The message is encrypted and can also be signed.
IMHO, this is true for SMIME mails but doesn't mean PGP
|
|
|
|
That is correct, but Office365 via AS provides exactly IPM.Note.SMIME for PGP\MIME emails. |
|
|
|
Also, some MUAs (BB10 for example) rely on MessageClass so they're not checking the email body for encrypted content. Just showing secure content as attachments. |
|
|
|
Please share the complete email you used for the test and the AS trace from 365. |
|
|
|
Actually, I've tested it with SoGo and disabling IPM.Note.SMIME and IPM.Note.SMIME.MultipartSigned MessageClass by hand via sources.
The same PGP/SMIME messages was considered as encrypted only when IPM.Note.SMIME MessageClass was sent by SoGo. So, I've decided that if it works via Office365 all the time, then that is the root cause. |
|
|
|
Please send me the raw format of all emails you tested via email with a short description whether it is working or not. (tfu@aon.at) |
|
|
|
Are you speaking about AS debug replies?
The mail messages are the same, just MessageClass in AS replies are different. |
|
|
|
I want to see how the content-type(s) looks like for mails which are ok and not ok. |
|
|
|
I've used single email for tests, nothing changed in it. Please, confirm that you've understood this.
Headers below:
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="===============0901805523=="
MIME-Version: 1.0
X-Client-ID: 57
X-Mailer: BlackBerry Email (10.3.2.2876)
Message-ID: <20160314131511.4886609.69259.57@youritcrowd.com>
Date: Mon, 14 Mar 2016 15:15:11 +0200
Subject: Test
From: Alexander Magliovany <tst@youritcrowd.com>
To: Alexander Magliovany <tst@youritcrowd.com>
--===============0901805523==
Content-Type: application/pgp-encrypted; Version="1"
MIME-Version: 1.0
--===============0901805523==
Content-Type: application/octet-stream
MIME-Version: 1.0
-----BEGIN PGP MESSAGE-----
The only change I've made - changed SoGo ActiveSync sources (aplied patch attached to this ticket), to provide IPM.Note.SMIME in MessageClass. If MessageClass on that email is not IPM.Note.SMIME then MUA shows email as simple email with attachments.
The second question is that this patch is not working with mail sent from Office365 and delivered by SoGo to MUA. Sample email headers were posted here: http://sogo.nu/bugs/view.php?id=3576#c9713
But exactly this email correctly displaed if delivered to MUA by Office365 server via AS. |
|
|
|
sogo-2.3.9-pkcs-pgp.patch (2,538 bytes)
diff -uNr SOGo-2.3.9/ActiveSync/SOGoMailObject+ActiveSync.m SOGo-2.3.9-2/ActiveSync/SOGoMailObject+ActiveSync.m
--- SOGo-2.3.9/ActiveSync/SOGoMailObject+ActiveSync.m 2016-03-16 18:14:43.000000000 +0200
+++ SOGo-2.3.9-2/ActiveSync/SOGoMailObject+ActiveSync.m 2016-03-16 20:56:20.526947500 +0200
@@ -523,7 +523,7 @@
else if ([type isEqualToString: @"multipart"])
*theNativeType = 4;
- if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && theMimeSupport > 0)
+ if (([subtype isEqualToString: @"signed"] || [subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"]) && theMimeSupport > 0)
{
*theNativeType = 4;
isSMIME = YES;
@@ -931,7 +931,7 @@
// MesssageClass and ContentClass
if ([subtype isEqualToString: @"signed"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME.MultipartSigned"];
- else if ([subtype isEqualToString: @"pkcs7-mime"])
+ else if ([subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME"];
else
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note"];
@@ -1096,7 +1096,7 @@
// For s/mime mails type is always 4 if mimeSupport is 1 or 2.
if (preferredBodyType == 2 && nativeBodyType == 1)
[s appendString: @"<Type>1</Type>"];
- else if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && mimeSupport > 0)
+ else if (([subtype isEqualToString: @"signed"] || [subtype hasSuffix: @"pkcs7-mime"] || [subtype hasSuffix: @"encrypted"]) && mimeSupport > 0)
[s appendString: @"<Type>4</Type>"];
else
[s appendFormat: @"<Type>%d</Type>", preferredBodyType];
diff -uNr SOGo-2.3.9/SoObjects/Mailer/SOGoMailObject.m SOGo-2.3.9-2/SoObjects/Mailer/SOGoMailObject.m
--- SOGo-2.3.9/SoObjects/Mailer/SOGoMailObject.m 2016-03-16 18:14:43.000000000 +0200
+++ SOGo-2.3.9-2/SoObjects/Mailer/SOGoMailObject.m 2016-03-16 20:57:30.194659195 +0200
@@ -851,7 +851,7 @@
// We set the path to 0 in case of a smime mail if not provided.
subtype = [[part objectForKey: @"subtype"] lowercaseString];
- if ([subtype isEqualToString: @"pkcs7-mime"])
+ if ([subtype hasSuffix: @"pkcs7-mime"])
path = @"0";
}
|
|
|
|
I've uploaded working patch for SOGo 2.3.9. |
|
|
|
For pgp encrypted mails the messageclass shouldn't be ipm.note.smime. This might be no problem for outlook or bb but prevent wp to show the pgp attachment.
What about mails with Content-Type: multipart/mixed; mentioned in you update from 2016-03-11 14:13? |
|
|
|
Following email pgp encrypted and sent from Office365.
And it displayed as email with attachement in BB10 or Outlook 2013 even with patch provided by me.
Return-Path: <fromemail@accentgold.com>
Delivered-To: toemail@youritcrowd.com
Received: from titan.youritcrowd.com
by titan.youritcrowd.com (Dovecot) with LMTP id hh3MBAjB6Vb7dwAA7FCENw
for <toemail@youritcrowd.com>; Wed, 16 Mar 2016 22:24:40 +0200
Received: from localhost (localhost [127.0.0.1])
by titan.youritcrowd.com (Postfix) with ESMTP id 076DE180B5A
for <toemail@youritcrowd.com>; Wed, 16 Mar 2016 22:24:40 +0200 (EET)
X-Virus-Scanned: amavisd-new at youritcrowd.com
Received: from titan.youritcrowd.com ([127.0.0.1])
by localhost (titan.youritcrowd.com [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id Q-dIUr4eLWe7 for <toemail@youritcrowd.com>;
Wed, 16 Mar 2016 22:24:38 +0200 (EET)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0081.outbound.protection.outlook.com [207.46.100.81])
by titan.youritcrowd.com (Postfix) with ESMTPS id DEF351807CA
for <toemail@youritcrowd.com>; Wed, 16 Mar 2016 22:24:37 +0200 (EET)
Received: from BLUPR17MB0372.namprd17.prod.outlook.com (10.164.17.153) by
BLUPR17MB0371.namprd17.prod.outlook.com (10.164.17.152) with Microsoft SMTP
Server (TLS) id 15.1.434.16; Wed, 16 Mar 2016 20:24:33 +0000
Received: from BLUPR17MB0372.namprd17.prod.outlook.com ([10.164.17.153]) by
BLUPR17MB0372.namprd17.prod.outlook.com ([10.164.17.153]) with mapi id
15.01.0434.019; Wed, 16 Mar 2016 20:24:33 +0000
From: Yuri Nazarenko <fromemail@accentgold.com>
To: =?koi8-r?B?4czFy9PBzsTSIO3Bx8zF18HO2co=?= <toemail@youritcrowd.com>
Subject: Encoded
Thread-Topic: Encoded
Thread-Index: AQHRf8HZt4UmfLHBVkCVvQoB7G9NRg==
Date: Wed, 16 Mar 2016 20:24:32 +0000
Message-ID: <20160316202431.5304405.29862.74@accentgold.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: youritcrowd.com; dkim=none (message not signed)
header.d=none;youritcrowd.com; dmarc=none action=none
header.from=accentgold.com;
x-originating-ip: [109.87.87.48]
x-ms-office365-filtering-correlation-id: 60f07d89-679f-41cd-09d0-08d34dd8fc84
x-microsoft-exchange-diagnostics: 1;BLUPR17MB0371;5:qj9VOMSzObnu5ec1foKBxy9czLCOwEWCIhFT4OsFhmgYeourUwiSP3VZ2ykI9jozp0kJC+rl9SFa7R2mLW6hhC87PS/uq03WlqurIDV4AIgv31wsWxxEOWFqTxNGRMeV3R7YmDaF6Wff7kul5swFFA==;24:COSIbDt3fe/NZCwWVDVf0/WeFr1wl1lW7AgWpYcoemDZ6BeYkexN6C4c4U7a1SPMOTdHgFD+Xzp/eLxlx1PwLvp7257ZjoRB1lf3Y8EM3hU=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR17MB0371;
x-microsoft-antispam-prvs: <BLUPR17MB0371C038E728579957B2C663FB8A0@BLUPR17MB0371.namprd17.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(102415293)(102615271)(6040046)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6041046)(6043046);SRVR:BLUPR17MB0371;BCL:0;PCL:0;RULEID:;SRVR:BLUPR17MB0371;
x-forefront-prvs: 08831F51DC
x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(6009001)(621065002)(103116003)(86362001)(81166005)(5004730100002)(2900100001)(77096005)(50986999)(99936001)(10400500002)(54356999)(99286002)(221733001)(36756003)(106116001)(229853001)(5002640100001)(5008740100001)(87936001)(3280700002)(92566002)(3660700001)(73894003)(3480700003)(1076002)(586003)(450100001)(122556002)(11100500001)(1220700001)(3846002)(102836003)(6116002)(1096002)(2906002)(66066001)(107886002)(110136002);DIR:OUT;SFP:1101;SCL:1;SRVR:BLUPR17MB0371;H:BLUPR17MB0372.namprd17.prod.outlook.com;FPR:;SPF:None;MLV:sfv;LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/mixed;
boundary="_0032016031620243153044052986274accentgoldcom"
MIME-Version: 1.0
X-OriginatorOrg: accentgold.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Mar 2016 20:24:32.9939
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a4eecb42-9843-4214-81da-4483d7e7304f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR17MB0371
--_0032016031620243153044052986274accentgoldcom
Content-Type: text/plain; charset="koi8-r"
Content-Transfer-Encoding: quoted-printable
--_0032016031620243153044052986274accentgoldcom
Content-Type: application/pgp-encrypted; name="ATT00001"
Content-Description: ATT00001
Content-Disposition: attachment; filename="ATT00001";
creation-date="Wed, 16 Mar 2016 20:24:32 GMT";
modification-date="Wed, 16 Mar 2016 20:24:32 GMT"
Content-ID: <15AFD599AC64DA459578993B260C4F58@accentgold.com>
Content-Transfer-Encoding: base64
--_0032016031620243153044052986274accentgoldcom
Content-Type: application/octet-stream; name="ATT00002.bin"
Content-Description: ATT00002.bin
Content-Disposition: attachment; filename="ATT00002.bin"; size=1513;
creation-date="Wed, 16 Mar 2016 20:24:32 GMT";
modification-date="Wed, 16 Mar 2016 20:24:32 GMT"
Content-ID: <4DB30A2A71FBBE41AE8B29887404DE7B@accentgold.com>
Content-Transfer-Encoding: base64
LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQoNCndjQk1BeUNWZ1hDMmZyM29BUWY5RVZNWXBp
RmhVQy85Z1VjSmNWV1RWL3lqKzkvK0JEbDNSNWpoQmVBUW9rYjYNClRxQnNxb2tWTDZzV1ZrczhJ
Nmc0RUxLcG1VUHpMSnE3ckJXd25MRTFla1lJT3JGampwdktoNTdTUEd5UU1pcUgNCmo4MU9lNlQ2
Vm5vU1p5MmxaTzdNeWhQWFBudmVEYVBud2FDZlNiVUpYRnZGUWdnMlc3Q0I0NG9TZTcwdG1IY2kN
Ci9BLzJyYUlRRWFaYWZIckpoSVc2WUk2VFlaZjhXWXR5L2hTL3pOeG55YVU4cTlWaGgzSlZSTDVh
YzV2emVPSkENCk9NdlRPVVJQY1ZDclhIWThoOS9HZWdUUWhmYWt3TE1MUkdFRkVuaVprVTMvUjJZ
Q2pNVjQzL0VvdFIrSzZJU3UNCk0zbEZSOVpGanYwM0pjeStJOWpoTlVDdnUvZnpzbjhWamtZSHVY
c3JJOEhBVEFNN1drWlI5c1A2UUFFSC9SQnANCm12VFptNXZHY0lIOUVnTzF4N0paL1hWS1NmU2xT
UVIxNGZiTFMySmYyM2IyY0ZZakRiNysrMnRVb2xxc1pPTmoNCjhPVkxONlVUaGJDVDdYM3hqV3VB
dHZXNWgranVCdENlUUFKaDZYMnNpeVg4a3pPTHQ1NDhXMGlvVm1FYnV1YmoNCko2VkcwV1RmSm1D
RFBOVEFhb1JJcGJKSVNqL1U3eW05ZTR5ek43c0FkVG50NWNMcXdPWTJEakpKalVaYmtJeHgNCmVN
NS90cGRwMEVLTVNkdHdpVlV0WFpuM0NNY0IwZU01ME9vL3pLMmlYanZqOFcvUzJBSEVHRitFN0Mx
czJWK04NCmd1NFhjQldlM3FEajZlMkIzU2J4aWViZkZCOEFzUVpCZmoxM09yNE5tb3BxaUk4ZHo2
aVVHejBMdmp2N1hQaEwNCmUvV0J5Z1NKK3FiTFA4Y1NYdnZTd1RzQlNXS1c4TmxmeWpZU1U0YU1I
dHBkVWZxU2Q2SE9FTTl5VjJ5dWl6bGQNCjVYaTMzSnFZQmNTQ292b1BOY3RwZ3lsOWlXZGlGNUlI
dmY2Y0pVK3hWMFlidXJib2dSeUp6aWpPd2t0ZnBRbDUNCkM5NlJMZXVNTkI1QkxGbUNUVXYwNHQ0
ZkwyT0FlYUxtaUZLNnpubmpSUndSMDFrVTZncVBodjBoNWdLbDJpMVMNCk1nOUZlSFNzRHU5VTRM
Zm91aXNkR1BJcytKdzlqZlR6Y0hQWWRUOVJKajRQQmhodG1QYWNJcFdNU0dhdVBqaDgNCkpOZ3NM
VTltMUJ6MndFR1k5NFdHMk5RYkpQRHE3YUN5RmllL3E0WjVpcEM5cTNRaEExdEhjL0xmQ0JhR2hY
dVMNCjE1dnI2NGJPUGFyRzhWTjlQSCszZTIzbnVoeitmajNlNmFZYXhLbDljK3pFTURZRThZbXFQ
OTRaZ2I1OHBDVGYNCk0xaTdHeE5FQWpMbVdKd0RYVVJhYVVTSVpXb2x6RHhVNmZadFR3VGJ6alZh
ZGNzcCtUZCtqc2V6eTh4MU5GTnkNCkw3NWpyYU45MlEvVkg1WG1sVGNMbnpNcmlQQjFJeURWdUly
YjBoQm9Ib3NhWHZIdUdEbCtQUHZOVmRTbDdYbUINCmNlcnZjZHVPWk5hbm42RUVPUkRyVk9zRk1r
L0tTcThQL1drK29zdWpsc0dBUHNrZU5qQ1psYkRtTTRsVHBzVHkNCkFvS3NqSE5uZitWcXR4VmlU
cDFobmVVTkpxL05ydGpycGUvT3E1YXIydlpmNGFvVzdWTXNhUUFiN3M4eFBDSVcNCnVyQVcyNEJP
RGNGc3dxZm9Ld2VFZHFTWkQwQzcxOHdsbzA5U1ZrZjdlRkZ1OHluQmZGeDdwbzc4a0NJPQ0KPXd0
TjQNCi0tLS0tRU5EIFBHUCBNRVNTQUdFLS0tLS0NCg==
--_0032016031620243153044052986274accentgoldcom-- |
|
|
|
For pgp encrypted mails the messageclass shouldn't be ipm.note.smime. This might be no problem for outlook or bb but prevent wp to show the pgp attachment.
Could you, please, clarify what is WP? |
|
|
|
wp = windows phone. |
|
|
|
Are you 100% sure? |
|
|
|
about what? |
|
|
|
About WP incompatibility with MessageClass set to IPM.Note.SMIME for PGP encrypted email. |
|
|
|
YES, do you have other experience based on what you have tested? |
|
|
|
No, unfortunately. I've tested only PGP\MIME. With inline PGP everything works with IPM.Note MessageClass.
I've only Andriod and BlackBerry 10 devices. And, obviously, also I've tested patches on the desktop software that supports AS, and it works. |
|
|
|
I think I have a patch which takes care of most situations. I hope that I can finish my tests today evening. What app do you use on Android for pgp mails? |
|
|
|
I think I have a patch which takes care of most situations. I hope that I can finish my tests today evening.
Nice to hear that.
What app do you use on Android for pgp mails?
I've used R2Mail2 for Android.
|
|
|
|
I haven't tried, but can R2Mail2 talk ActiveSync? |
|
|
|
Heh, seems like it is not.
I've used it as simple IMAP client. |
|
|
|
@tfu:
How can I help you any further? |
|
tfu
2016-03-17 20:50
reporter
|
0017-PGP.patch (6,582 bytes)
From 8938f85a0a0f64d93320a4694bce7a893adb89e1 Mon Sep 17 00:00:00 2001
From: root <root@poldi2.hopto.org>
Date: Thu, 17 Mar 2016 20:19:12 +0100
Subject: [PATCH 17/17] PGP
---
ActiveSync/SOGoMailObject+ActiveSync.m | 104 ++++++++++++++++++++++++++++++---
SoObjects/Mailer/SOGoMailObject.m | 2 +-
2 files changed, 97 insertions(+), 9 deletions(-)
diff --git a/ActiveSync/SOGoMailObject+ActiveSync.m b/ActiveSync/SOGoMailObject+ActiveSync.m
index d9d123f..4d65f18 100644
--- a/ActiveSync/SOGoMailObject+ActiveSync.m
+++ b/ActiveSync/SOGoMailObject+ActiveSync.m
@@ -499,6 +499,91 @@ struct GlobalObjectId {
return NO;
}
+
+- (BOOL) _isSigned: (NSDictionary *) thePart
+{
+ NSMutableDictionary *currentPart;
+ NSArray *subparts;
+ NSString *type, *subtype;
+ NSUInteger i;
+
+ type = [[thePart objectForKey: @"type"] lowercaseString];
+ subtype = [[thePart objectForKey: @"subtype"] lowercaseString];
+
+ if ([type isEqualToString: @"multipart"])
+ {
+ if ([subtype isEqualToString: @"signed"])
+ return YES;
+
+ subparts = [thePart objectForKey: @"parts"];
+ for (i = 0; i < [subparts count]; i++)
+ {
+ currentPart = [subparts objectAtIndex: i];
+ if ([self _isSigned: currentPart])
+ return YES;
+ }
+ }
+
+ return NO;
+}
+
+- (BOOL) _isSmimeEncrypted: (NSDictionary *) thePart
+{
+ NSMutableDictionary *currentPart;
+ NSArray *subparts;
+ NSString *type, *subtype;
+ NSUInteger i;
+
+ type = [[thePart objectForKey: @"type"] lowercaseString];
+ subtype = [[thePart objectForKey: @"subtype"] lowercaseString];
+
+ if ([type isEqualToString: @"multipart"])
+ {
+ subparts = [thePart objectForKey: @"parts"];
+ for (i = 0; i < [subparts count]; i++)
+ {
+ currentPart = [subparts objectAtIndex: i];
+ if ([self _isSmimeEncrypted: currentPart])
+ return YES;
+ }
+ }
+ else if ([type isEqualToString: @"application"] && ([subtype isEqualToString: @"pkcs7-mime"] ||
+ [subtype isEqualToString: @"x-pkcs7-mime"]))
+ return YES;
+
+ return NO;
+}
+
+- (BOOL) _isPGP: (NSDictionary *) thePart
+{
+ NSMutableDictionary *currentPart;
+ NSArray *subparts;
+ NSString *type, *subtype, *protocol;
+ NSUInteger i;
+
+ type = [[thePart objectForKey: @"type"] lowercaseString];
+ subtype = [[thePart objectForKey: @"subtype"] lowercaseString];
+ protocol = [[[thePart objectForKey: @"parameterList"] objectForKey: @"protocol"] lowercaseString];
+
+ if ([type isEqualToString: @"multipart"])
+ {
+ if (([protocol isEqualToString: @"application/pgp-signature"] || [protocol isEqualToString: @"application/pgp-encrypted"]))
+ return YES;
+
+ subparts = [thePart objectForKey: @"parts"];
+ for (i = 0; i < [subparts count]; i++)
+ {
+ currentPart = [subparts objectAtIndex: i];
+ if ([self _isPGP: currentPart])
+ return YES;
+ }
+ }
+ else if ([type isEqualToString: @"application"] && [subtype isEqualToString: @"pgp-encrypted"])
+ return YES;
+
+ return NO;
+}
+
//
//
//
@@ -523,7 +608,9 @@ struct GlobalObjectId {
else if ([type isEqualToString: @"multipart"])
*theNativeType = 4;
- if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && theMimeSupport > 0)
+ if (([self _isSigned: [self bodyStructure]] ||
+ [self _isSmimeEncrypted: [self bodyStructure]] ||
+ [self _isPGP: [self bodyStructure]]) && theMimeSupport > 0)
{
*theNativeType = 4;
isSMIME = YES;
@@ -721,15 +808,13 @@ struct GlobalObjectId {
NSData *d, *globalObjId;
NSArray *attachmentKeys;
iCalCalendar *calendar;
- NSString *p, *subtype;
+ NSString *p;
NSMutableString *s;
id value;
int preferredBodyType, mimeSupport, mimeTruncation, nativeBodyType;
uint32_t v;
- subtype = [[[self bodyStructure] valueForKey: @"subtype"] lowercaseString];
-
preferredBodyType = [[context objectForKey: @"BodyPreferenceType"] intValue];
mimeSupport = [[context objectForKey: @"MIMESupport"] intValue];
mimeTruncation = [[context objectForKey: @"MIMETruncation"] intValue];
@@ -929,12 +1014,13 @@ struct GlobalObjectId {
else
{
// MesssageClass and ContentClass
- if ([subtype isEqualToString: @"signed"])
+ if ([self _isSigned: [self bodyStructure]])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME.MultipartSigned"];
- else if ([subtype isEqualToString: @"pkcs7-mime"])
+ else if ([self _isSmimeEncrypted: [self bodyStructure]])
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note.SMIME"];
else
[s appendFormat: @"<MessageClass xmlns=\"Email:\">%@</MessageClass>", @"IPM.Note"];
+
[s appendFormat: @"<ContentClass xmlns=\"Email:\">%@</ContentClass>", @"urn:content-classes:message"];
}
@@ -1096,7 +1182,9 @@ struct GlobalObjectId {
// For s/mime mails type is always 4 if mimeSupport is 1 or 2.
if (preferredBodyType == 2 && nativeBodyType == 1)
[s appendString: @"<Type>1</Type>"];
- else if (([subtype isEqualToString: @"signed"] || [subtype isEqualToString: @"pkcs7-mime"] ) && mimeSupport > 0)
+ else if (([self _isSigned: [self bodyStructure]] ||
+ [self _isSmimeEncrypted: [self bodyStructure]] ||
+ [self _isPGP: [self bodyStructure]]) && mimeSupport > 0)
[s appendString: @"<Type>4</Type>"];
else
[s appendFormat: @"<Type>%d</Type>", preferredBodyType];
@@ -1112,7 +1200,7 @@ struct GlobalObjectId {
// Attachments -namespace 16
attachmentKeys = [self fetchFileAttachmentKeys];
- if ([attachmentKeys count] && !([subtype isEqualToString: @"signed"]))
+ if ([attachmentKeys count] && !([self _isSigned: [self bodyStructure]]))
{
int i;
diff --git a/SoObjects/Mailer/SOGoMailObject.m b/SoObjects/Mailer/SOGoMailObject.m
index dd4ee03..b71b974 100644
--- a/SoObjects/Mailer/SOGoMailObject.m
+++ b/SoObjects/Mailer/SOGoMailObject.m
@@ -851,7 +851,7 @@ static BOOL debugSoParts = NO;
// We set the path to 0 in case of a smime mail if not provided.
subtype = [[part objectForKey: @"subtype"] lowercaseString];
- if ([subtype isEqualToString: @"pkcs7-mime"])
+ if ([subtype isEqualToString: @"pkcs7-mime"] || [subtype isEqualToString: @"x-pkcs7-mime"])
path = @"0";
}
--
2.1.4
|
|
|
|
Can you please test the attached patch (0017-PGP.patch). |
|
|
|
Tested PGP/MIME enc. (and\or)signed, S/MIME enc. (and\or) signed with BB10, Outlook 2013.
Sent\received via BB10, via Office360+BB10, Office365+Outlook. Also, tested all that emails in Thunderbird (just in case).
Everything works as expected, except emails from Office365 read by Thunderbird, seems like it breaks something, but this has nothing commond with current issue.
Since that Outlook 2013 has no support for PGP in AS mailboxes, I was unable to test it. |
|
|
|
tfu's patch pushed: 9621527414f35bd13cfe6acd40781d881ecaf860
thanks for your excellent work! |
|
