Package: mutt Version: 1.5.21-5 Severity: wishlist Hi, I received a S/MIME encrypted message this week and mutt was unable to decrypt a message with the output:
Error reading S/MIME message 4147550360:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 4147550360:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS7_ISSUER_AND_SERIAL 4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:751:Field=issuer_and_serial, Type=PKCS7_RECIP_INFO 4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:711:Field=recipientinfo, Type=PKCS7_ENVELOPE 4147550360:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:751: 4147550360:error:0D08403A:asn1 encoding routines:ASN1_TEMPLATE_EX_D2I:nested asn1 error:tasn_dec.c:579:Field=d.enveloped, Type=PKCS7 After some googling I found the message: http://www.mail-archive.com/openssl-users@openssl.org/msg60596.html with the hint: <cite> Looks like that isn't a PKCS#7 structure but a CMS structure (which is a superset of PKCS#7). Try the cms command in OpenSSL 1.0.0 instead. </cite> I tried the mutt configuration change: diff --git a/Muttrc.d/smime.rc b/Muttrc.d/smime.rc index efb0b6e..8da824c 100644 --- a/Muttrc.d/smime.rc +++ b/Muttrc.d/smime.rc @@ -74,7 +74,7 @@ set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin - #Section C: Incoming messages # Decrypt a message. Output is a MIME entity. -set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c" +set smime_decrypt_command="openssl cms -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c" # Verify a signature of type multipart/signed set smime_verify_command="openssl smime -verify -inform DER -in %s %C -content %f" It was sufficient to decrypt the problematic message. I tried to sent an encrypted message to myself using Mutt and this message was also decrypted correctly. Some farther testing is maybe needed. Best Regards -- Zito -- Package-specific info: Mutt 1.5.21 (2010-09-15) Copyright (C) 1996-2009 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 3.0.0-1-amd64 (x86_64) ncurses: ncurses 5.9.20110404 (compiled with 5.9) libidn: 1.22 (compiled with 1.20) hcache backend: tokyocabinet 1.4.37 Compile options: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE -ISPELL SENDMAIL="/usr/sbin/sendmail" MAILPATH="/var/mail" PKGDATADIR="/usr/share/mutt" SYSCONFDIR="/etc" EXECSHELL="/bin/sh" MIXMASTER="mixmaster" To contact the developers, please mail to <mutt-...@mutt.org>. To report a bug, please visit http://bugs.mutt.org/. misc/am-maintainer-mode features/ifdef features/xtitles features/trash-folder features/purge-message features/imap_fast_trash features/sensible_browser_position features-old/patch-1.5.4.vk.pgp_verbose_mime features/compressed-folders features/compressed-folders.debian debian-specific/Muttrc debian-specific/Md.etc_mailname_gethostbyname.diff debian-specific/use_usr_bin_editor.diff debian-specific/correct_docdir_in_man_page.diff debian-specific/dont_document_not_present_features.diff debian-specific/document_debian_defaults debian-specific/assumed_charset-compat debian-specific/467432-write_bcc.patch debian-specific/566076-build_doc_adjustments.patch misc/define-pgp_getkeys_command.diff misc/gpg.rc-paths misc/smime.rc upstream/531430-imapuser.patch upstream/537818-emptycharset.patch upstream/543467-thread-segfault.patch upstream/542817-smimekeys-tmpdir.patch upstream/548577-gpgme-1.2.patch upstream/553321-ansi-escape-segfault.patch upstream/568295-references.patch upstream/547980-smime_keys-chaining.patch upstream/528233-readonly-open.patch upstream/228671-pipe-mime.patch upstream/383769-score-match.patch upstream/578087-header-strchr.patch upstream/603288-split-fetches.patch upstream/537061-dont-recode-saved-attachments.patch upstream/608706-fix-spelling-errors.patch upstream/620854-pop3-segfault.patch upstream/611412-bts-regexp.patch upstream/624058-gnutls-deprecated-set-priority.patch upstream/624085-gnutls-deprecated-verify-peers.patch upstream/584138-mx_update_context-segfault.patch upstream/619216-gnutls-CN-validation.patch upstream/611410-no-implicit_autoview-for-text-html.patch upstream/path_max mutt.org -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mutt depends on: ii libc6 2.13-18 Embedded GNU C Library: Shared lib ii libcome 1.42~WIP-2011-07-02-1 common error description library ii libgnut 2.12.7-7 GNU TLS library - runtime library ii libgpg- 1.10-0.3 library for common error values an ii libgpgm 1.2.0-1.4 GPGME - GnuPG Made Easy ii libgssa 1.9.1+dfsg-2 MIT Kerberos runtime libraries - k ii libidn1 1.22-3 GNU Libidn library, implementation ii libk5cr 1.9.1+dfsg-2 MIT Kerberos runtime libraries - C ii libkrb5 1.9.1+dfsg-2 MIT Kerberos runtime libraries ii libncur 5.9-1 shared libraries for terminal hand ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-6 Cyrus SASL - authentication abstra ii libtoky 1.4.37-6.1 Tokyo Cabinet Database Libraries [ Versions of packages mutt recommends: ii exim4-d 4.76-2 lightweight Exim MTA (v4) daemon ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-6 Cyrus SASL - pluggable authenticat ii locales 2.13-18 Embedded GNU C Library: National L ii mime-su 3.51-1 MIME files 'mime.types' & 'mailcap Versions of packages mutt suggests: ii aspell 0.60.7~20110707-1 GNU Aspell spell-checker ii ca-certificates 20110502 Common CA certificates ii gnupg 1.4.11-3 GNU privacy guard - a free PGP rep ii ispell 3.3.02-5 International Ispell (an interacti pn mixmaster <none> (no description available) ii openssl 1.0.0d-3 Secure Socket Layer (SSL) binary a ii urlview 0.9-19 Extracts URLs from text Versions of packages mutt is related to: ii mutt 1.5.21-5 text-based mailreader supporting M pn mutt-dbg <none> (no description available) pn mutt-patched <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
