Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Accessing S/MIME properties in Outlook files #51

Open
bbottema opened this issue Jan 22, 2022 · 2 comments
Open

Accessing S/MIME properties in Outlook files #51

bbottema opened this issue Jan 22, 2022 · 2 comments

Comments

@bbottema
Copy link
Owner

See bbottema/simple-java-mail#377
Symphily added a commit to Symphily/outlook-message-parser that referenced this issue Feb 2, 2022
@Symphily
issue bbottema#51: align S/MIME header evaluation with rfc5751/3.9
ee7c11e
@Symphily
Copy link

Symphily commented Feb 2, 2022

Hello,

looks to me like this happens because the identification of S/MIME messages via ContentType (in extractSMimeHeader()) is a bit too strict.
Certain ContentTypes will be identified as signed/encrypted but others (also valid ones) are not.

This is being identified correctly, for example:

  • Content-Type: application/pkcs7-mime; name="smime.p7m"; smime-type=enveloped-data

This isn't (should be valid though):

  • Content-Type: application/pkcs7-mime;
  • Content-Type: multipart/signed; protocol="application/pkcs7-signature";

Based on https://datatracker.ietf.org/doc/html/rfc5751#page-32 there are 3 cases we would need to cover. I revised the matches a bit and put all properties not necessary for identification in as optional. Maybe, those cases should use the specified classes for them (OutlookSmimeMultipartSigned / OutlookSmimeApplicationOctetStream / OutlookSmimeApplicationSmime)?

Unfortunately there is another case - sometimes the ContentType is "application/ms-tnef; name="winmail.dat"". Probably a Exchange default in certain versions. When this happens we can still go through all attachments and/or the messageClass to find matches there. Issue #40 has a example email for this.

In addition to all of this identifying S/MIME from msg-properties (in OutlookMessage().setProperty) quite often is not executed because the required properties are not available - not sure why... Maybe it has something to do with the MS-OXMSG protocol version which was used to extract the msg-file with (i.e. Outlook version). I haven't found any good solution for this but the identification by ContentType should always be working as it isn't msg-file specific.

I added a PR with a possible fix so you can take a look.

After doing all of this I ran some emails through simple-java-mail with the changes from above and I encountered two little issues:

  1. When I try to convert a signed plaintext-only email from msg to eml the process fails with a NPE after logging this warning: "SMIMESupport - S/MIME signed content type not recognized, please raise an issue for class java.lang.String"

  2. After converting a signed msg to eml: The email headers are not kept. So clients don't recognise the email as S/MIME any more because the header is now: "{Message-ID=[generated-for-smime-signed-attachment@simple-java-mail]}".

Let me know if I should add issues for those over at simple-java-mail with some more details.

@roy20021
Copy link

roy20021 commented Mar 4, 2024

@bbottema I am facing the same, can you re-evaluate this issue, please?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@roy20021 @bbottema @Symphily