On 10.04.2010 13:37, Jean-Marc Desperrier wrote: > On 31/03/2010 17:11, Kaspar Brand wrote: >> That's the code which is used by nsCMSMessage >> (http://mxr.mozilla.org/comm-central/ident?i=nsCMSMessage), and >> therefore also by Seamonkey. > > Are you certain ?
Yes, I'm sure that libmime uses nsCMSMessage for decrypting S/MIME messages (and nsCMSMessage in turn uses libsmime). The path with the code I previously pointed to is definitely hit when Thunderbird or Seamonkey deal with an "enveloped-data" message. > When I checked, I concluded that code reimplements everything on top on > low level pkcs#7 (nss/lib/pkcs7/) and makes no use of nss/lib/smime. Not really true. You won't find any SEC_PKCS7 calls in mailnews/extensions/smime/src (nor in mailnews/mime/src), that code relies on PSM as the glue in between. And PSM (security/manager/ssl/src) only uses SEC_PKCS7 functions in two cases, AFAICT: for crypto.signText and when verifying JAR/XPI signatures. In all other cases it relies on libsmime. Kaspar -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
