Sascha Kiefer wrote: > Hi list, > > i'm writing on a programm which verifies and decrypts messages as they > arrive. > It it is fully S/MIME (using M$ Crypto API) and PGP/MIME (GnuPG) > compatible. > The hardest problem i face is to detect inline PGP parts and handling > them correctly: > > * if the charset != us-ascii inside textmails is not always bad since > most MTA's keep the > original charset; so handling the data as binary is often the best > choice!?! > * what about detached signatures of attachments? > * sending a PGP/MIME to this mailing list makes it even worse > (see Topic: "GnuPG Clearsign vs. PGP/MIME Signing" for more details) > * ... > > Do you have some hints?
>From experience, I can tell you that it's not always quite easy. I can tell you what I do in Enigmail. For attachments, I'm looking at the content-type (application/pgp-*) and for the file name extension. If the filename extension is *.asc, *.pgp or *.gpg I try to decrypt the file. I have so far not tried to verify signatures of attachments; I plan to implement this in one of the next releases. Once I'll try to verify signatures of attachments, I'll first look for a similar file name (e.g. without .asc); if not found I'll try to get the original file name from the signature. I don't assume binary or ascii armored files, I simply pipe the whole file to gpg. For the mail body, I'm looking for ---- BEGIN PGP (.*) and if found for ---- END PGP (.*) If both are found, I decrypt or verify according to (.*), or let the user know that a key is available. There are a few pitfalls, like message decoding (base64, quoted-printable). Furthermore, the character set of an encrypted mail body is often set to US-ASCII, even if the content is e.g. UTF-8 HTH -Patrick _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
