We want to make sure we're decrypting the thing that we expect. This
typecheck should keep us honest.
Signed-off-by: Daniel Kahn Gillmor <d...@fifthhorseman.net>
---
email-print-mime-structure | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/email-print-mime-structure b/email-print-mime-structure
index 644efb1..2cbf6ed 100755
--- a/email-print-mime-structure
+++ b/email-print-mime-structure
@@ -76,16 +76,20 @@ class MimePrinter(object):
(parent.get_content_type().lower() == 'multipart/encrypted') and \
(str(parent.get_param('protocol')).lower() ==
'application/pgp-encrypted') and \
(num == 2):
+ cryptopayload:Optional[Message] = None
+ ciphertext:Union[List[Message],str,bytes,None] = z.get_payload()
+ if not isinstance(ciphertext, str):
+ logging.warning('encrypted part was not a leaf mime part
somehow')
+ return
if pgpy is None:
logging.warning(f'Python module pgpy is not available, not
decrypting (try "apt install python3-pgpy")')
else:
- cryptopayload:Optional[Message] = None
keyname:str
for keyname in self.args.pgpkey:
try:
key:pgpy.PGPKey
key, _ = pgpy.PGPKey.from_file(keyname)
- msg:pgpy.PGPMessage =
pgpy.PGPMessage.from_blob(z.get_payload())
+ msg:pgpy.PGPMessage =
pgpy.PGPMessage.from_blob(ciphertext)
msg = key.decrypt(msg)
cryptopayload = email.message_from_bytes(msg.message)
break
--
2.24.0
