static int smime_handler(struct mailprivacy * privacy, mailmessage * msg, struct mailmime * mime, struct mailmime ** result) { int r; struct mailmime * alternative_mime; alternative_mime = NULL; switch (mime->mm_type) { case MAILMIME_MULTIPLE: r = MAIL_ERROR_INVAL; if (smime_is_signed(mime)) r = smime_verify(privacy, msg, mime, &alternative_mime); if (r != MAIL_NO_ERROR) return r; * result = alternative_mime; return MAIL_NO_ERROR; case MAILMIME_SINGLE: r = MAIL_ERROR_INVAL; if (smime_is_encrypted(mime)) r = smime_decrypt(privacy, msg, mime, &alternative_mime); else if (smime_is_signed(mime)) r = smime_verify(privacy, msg, mime, &alternative_mime); if (r != MAIL_NO_ERROR) return r; * result = alternative_mime; return MAIL_NO_ERROR; } return MAIL_ERROR_INVAL; }
static struct message * getsig(struct message *m, int n, NSSCMSMessage **msg) { struct message *x; char *ct, *pt, *boundary = NULL, *cte; char *buf = NULL; size_t bufsize = 0, buflen, count, boundlen = -1; int part; FILE *fp; NSSCMSDecoderContext *decctx; struct str in, out; char *to, *cc; int inhdr, binary; int detached = 1; loop: if ((ct = hfield("content-type", m)) == NULL) goto not; if (strncmp(ct, "application/x-pkcs7-mime", 24) == 0 || strncmp(ct, "application/pkcs7-mime", 22) == 0) { to = hfield("to", m); cc = hfield("cc", m); if ((x = smime_decrypt(m, to, cc, 1)) == NULL) return NULL; if (x != (struct message *)-1) { m = x; goto loop; } detached = 0; } else if (strncmp(ct, "multipart/signed", 16) || (pt = mime_getparam("protocol", ct)) == NULL || strcmp(pt, "application/x-pkcs7-signature") && strcmp(pt, "application/pkcs7-signature") || (boundary = mime_getboundary(ct)) == NULL) { not: fprintf(stderr, "Message %d is not an S/MIME signed message.\n", n); return NULL; } else boundlen = strlen(boundary); if ((decctx = NSS_CMSDecoder_Start(NULL, NULL, NULL, password_cb, "Pass phrase:", NULL, NULL)) == NULL) { fprintf(stderr, "Cannot start decoder.\n"); return NULL; } if ((fp = setinput(&mb, m, NEED_BODY)) == NULL) { return NULL; } count = m->m_size; part = 0; inhdr = 1; binary = 0; while (fgetline(&buf, &bufsize, &count, &buflen, fp, 0) != NULL) { if (detached && boundary && buflen >= boundlen + 1 && strncmp(buf, boundary, boundlen) == 0) { if (buf[boundlen] == '\n') { part++; inhdr = 1; binary = 0; if (part >= 3) { fprintf(stderr, "Message %d has too " "many parts.\n", n); free(buf); return NULL; } continue; } if (buf[boundlen] == '-' && buf[boundlen+1] == '-' && buf[boundlen+2] == '\n') break; } else if (buf[0] == '\n') { inhdr = 0; continue; } if ((!detached || part == 2) && inhdr == 0) { if (binary) NSS_CMSDecoder_Update(decctx, buf, buflen); else { in.s = buf; in.l = buflen; mime_fromb64_b(&in, &out, 0, fp); NSS_CMSDecoder_Update(decctx, out.s, out.l); free(out.s); } } if (buflen == 1 && buf[0] == '\n') inhdr = 0; if (inhdr && (cte = thisfield(buf, "content-transfer-encoding")) != NULL && ascncasecmp(cte, "binary", 7) == 0) binary = 1; } free(buf); if ((*msg = NSS_CMSDecoder_Finish(decctx)) == NULL) { fprintf(stderr, "Failed to decode signature for message %d.\n", n); return NULL; } return m; }