Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.5.6
Bug #27009 Apple Mail multipart/signed
Submitted: 2021-01-27 03:05 UTC
From: dlopez Assigned:
Status: Open Package: Mail_mimeDecode (version SVN)
PHP Version: 7.3.19 OS: Debian Linux
Roadmaps: (Not assigned)    
Subscription  


 [2021-01-27 03:05 UTC] dlopez (Daniel Lopez)
Description: ------------ I came across an email in the wild composed on Apple Mail (2.3608.120.23.2.4) whose Content-Type is multipart/signed and then within that is multipart/alternative with text/plain and multipart/mixed subparts (and the mixed part contains text/html and inline attachments). Headers with simplified boundaries (for easier reading) are at bottom. When I use mimeDecode->decode() the returned msg_body is the entire raw part within it; that is, there's no recursion on all the subparts. This appears to be reported in bug#21215 as well, but it appears unresolved. Looking at line 324 of mimeDecode.php, I see that multipart/signed is handled separately from the other multipart cases below it, such that subparts are not decoded. If I comment out that block it then gets caught by line 335 and thus handled like other multipart emails as expected. Since I'm unfamiliar with signed email standards, I'm unsure why the block starting at line 324 is needed at all. If sig_hdr and sig_body are special values to help signature verification against a raw msg_body, then maybe those should just be special return values added just for multipart/signed without affecting the rest of the expected multipart processing. In that case there would be an if(strtolower($content_type['value'])=='multipart/signed'){} around line 349 to add the sig_hdr and sig_body parameters. ----- Content-Type: multipart/signed; boundary="Apple-Mail=_111"; protocol="application/pkcs7-signature"; micalg=sha-256 ... X-Mailer: Apple Mail (2.3608.120.23.2.4) ... --Apple-Mail=_111 Content-Type: multipart/alternative; boundary="Apple-Mail=_D67DA570- BD52-4A36-BBAD-76FAC2A72FF5" --Apple-Mail=_222 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii ... --Apple-Mail=_222 Content-Type: multipart/mixed; boundary="Apple-Mail=_56032FB6-5676- 46B2-B9FB-34581A21F699" --Apple-Mail=_333 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii ... --Apple-Mail=_333 Content-Disposition: inline; filename=Example.pdf Content-Type: application/pdf; x-unix-mode=0644; name="Example.pdf" Content-Transfer-Encoding: base64 --Apple-Mail=_333 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii ... --Apple-Mail=_333-- --Apple-Mail=_222-- --Apple-Mail=_111 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64

Comments

 [2021-01-27 15:07 UTC] dlopez (Daniel Lopez)
Something like this might work too, to include sig_hdr, sig_body, and msg_bodyraw without affecting the rest of the multipart processing: 324 case 'multipart/signed': // PGP 325 $sigparts = $this->_boundarySplit($body, $content_type['other']['boundary'], true); 326 $return->parts['msg_bodyraw'] = $sigparts[0]; 327 list($sig_hdr, $sig_body) = $this->_splitBodyHeader($sigparts[1]); 328 $return->parts['sig_hdr'] = $sig_header; 329 $return->parts['sig_body'] = $sig_body; 330 // break; // allow flow-through to case block below
 [2021-01-27 16:21 UTC] dlopez (Daniel Lopez)
Should be: 328 $return->parts['sig_hdr'] = $sig_hdr;