Last active
March 6, 2021 15:04
-
-
Save kaie/1627df055acd5724e43871442e01942d to your computer and use it in GitHub Desktop.
Extract and verify a PGP/MIME signed message as produced by Thunderbird 78
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If you have received an encrypted and signed email from Thunderbird 78, | |
it contains two nested MIME layers. The outer layer contains encrypted | |
data. If you decrypt it using a tool such as GnuPG, the result is a | |
PGP/MIME signed message. If you want to verify the signature using | |
GnuPG, you must split the MIME message into separate parts, the first | |
message part, and the second signature part. | |
Ideally a tool should be used that fully understands MIME, and which can | |
flexibly react to the format of the message. However, at the time of | |
writing this text, no such tool was known. | |
As a workaround, below is a hack that relies on the specific MIME | |
formatting produced by Thunderbird 78, which looks like this: | |
Content-Type: multipart/signed; micalg=pgp-sha256; | |
protocol="application/pgp-signature"; | |
boundary="TAzMUIQgbKodzb5YcUhmWPnKWT3fxj07W" | |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) | |
--TAzMUIQgbKodzb5YcUhmWPnKWT3fxj07W | |
Content-Type: multipart/mixed; ... | |
--TAzMUIQgbKodzb5YcUhmWPnKWT3fxj07W | |
Content-Type: application/pgp-signature; ... | |
--TAzMUIQgbKodzb5YcUhmWPnKWT3fxj07W-- | |
For this structure, the following series of commands can be used to | |
process an input file named pgp-mime-signed, and extract the message and | |
signature parts to separate files. Then gpg can be used to verify | |
the message. | |
BOUNDARY=`cat pgp-mime-signed|grep boundary | head -1 | sed 's/^[^\"]*\"\([^\"]*\)".*$/\1/'` | |
START=`grep -n -e "--$BOUNDARY" pgp-mime-signed | awk -F':' '{print $1}' | head -1` | |
MIDDLE=`grep -n -e "--$BOUNDARY" pgp-mime-signed | awk -F':' '{print $1}' | head -2 | tail -1` | |
LAST=`grep -n -e "--$BOUNDARY" pgp-mime-signed | awk -F':' '{print $1}' | tail -1` | |
STARTAFTER=`expr $START + 1` | |
MIDDLEAFTER=`expr $MIDDLE + 1` | |
MIDDLEBEFORE=`expr $MIDDLE - 2` | |
LASTBEFORE=`expr $LAST - 2` | |
sed -n "${STARTAFTER},${MIDDLEBEFORE}p;${MIDDLE}q" pgp-mime-signed > message | |
sed -n "${MIDDLEAFTER},${LASTBEFORE}p;${LAST}q" pgp-mime-signed > signature | |
gpg --verify signature message |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment