S/MIME encrypted messages containing attachments will not load attachments upon decryption
| Originator: | lukas.pitschl | ||
| Number: | rdar://28737306 | Date Originated: | October 12, 2016 |
| Status: | Duplicate | Resolved: | |
| Product: | macOS | Product Version: | 10.12.1 |
| Classification: | Reproducible: | Always |
Summary:
When a S/MIME encrypted message which contains attachments is opened, the attachments are not properly displayed upon decryption.
When trying to save the attachments to the Desktop they contain gibberish.
It appears as if instead of the body data of the decrypted mime part correlating to the selected attachment to be saved, the body data of the encrypted mime part correlating to the selected attachment is actually saved.
For example:
- Receive a S/MIME encrypted message with one attachment being an image
- Upon decryption the attachment is visible but it's not displayed inline as expected. After saving the attachment, it appears as if the S/MIME encrypted body is saved as content of the attachment instead of the attachment included in the decrypted body.
It appears as if the MCAttachment is not connected to the decrypted mime body but rather to the encrypted mime body which leads Mail.app to access the right mime part but on the wrong mime body.
Steps to Reproduce:
1. Start composing a new message
2. Select a sender and receiver which you have an S/MIME certificate for
3. Insert an image into the message
4. Send the message
5. Open the message and allow Mail.app to decrypt the message
Expected Results:
See the proper inline presentation of the image within the decrypted message.
Actual Results:
See a broken image icon ("question-mark-icon") instead of the inline presentation of the image.
Try to save the image attachment and try to open the image in Preview -> will fail since the saved file contains the encrypted body instead of the image.
Version:
Mail Version 10.0/3226, macOS 10.12 Sierra/16A323
Notes:
from the code it appears the parsedMessage would have to be called on decryptedMimeBody instead of the original mime body.
Configuration:
Occurs on MacBook Air 13", 2Ghz Intel Core i7, 8GB DDR3 Ram
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Attached you will find the sysdiagnose archive. Unfortunately I don't think it will provide much helpful information.
I've also attached a S/MIME certificate for you to test this bug with, as well as an .eml file which includes a encrypted message that contains some text and a test png. From what I've gathered, that bug is "only" visible if one receives this message (it seems to have to be an instance of MFLibraryMessage). The attachment is correctly displayed if you simply open the attached .eml file, so it seems like in that case the MCAttachmentDataSource is correctly set, but when you receive an encrypted S/MIME file, the MCAttachmentDataSource doesn't point to the correct message.
If you can provide me with an email address I could send you the test message to, I'll be happy to do that. It will make it easier for you to debug.
To stress this point again, if you open the attached .eml file after importing the attached p12 file, you will see the attachment correctly. But that's not the use case which is exhibiting this bug. The bug is only visible if you receive an encrypted message via email.