Page MenuHome GnuPG

Kleopatra: MIME viewer support
Open, WishlistPublic

Description

One idea from me when I created the Notepad was to have support for PGP/MIME. At least for simple encrypted messages and only top level parsing like we do in GpgOL. So no subtrees. Basically it should show text from multipart/mixed, alternative, related and the attachments.

The use case I have in mind is that you have a webmailer or any MUA without PGP/MIME support. Then you get the pgp_encrypted_message.asc shown as an attachment. This attachment is linked to Kleopatra so you can open it with Kleopatra. Kleo will decrypt it but the user then has a mime structure that cannot be easily parsed / attachments extracted etc. Kleopatra could detect that and parse the message. We could use KDE Frameworks for that if we can avoid an akonadi dependency. Afaik the objecttreeparser is in messagelib and very closely related to KMail. So we can't really extract that.

I wonder if the Notepad would be the best place for this. As this will most likely occur after decrypting a file a standalone dialog might be better. The notepad mostly makes sense if we would want to also create MIME Messages but I do not think that this is really a big usecase.

Event Timeline

aheinecke triaged this task as Wishlist priority.Fri, Sep 9, 2:30 PM
aheinecke created this task.

Instead of using KDE for MIME parsing, and as I would also only do simple parsing we could use the mimeparser from gpgol. This also has the advantage that we do not open new attack surfaces as we already have that code in use. The mimedataprovider can already be compiled on Linux and used with a FILE, I did this to allow fuzzing for it. And the API implements the GpgME::DataProvider interface https://dev.gnupg.org/source/gpgol/browse/master/src/mimedataprovider.h and then just offers simple functions to access the parsed content.

So maybe this is something for me to work on :)

Wouldn't it make more sense to pass the decrypted text back (wrapped into a minimal rfc2822 message) to a MUA if it turns out to be another MIME tree with attachments and what not? After all, parsing and showing MIME trees is what MUAs are really good at and many MUAs should be able to open an .eml file.

That would make sense on a Linux desktop. But my main use case for this is Windows. I have the feeling that more Linux users have a decent MUA.
If we had a MUA with good MIME Support then we would not need this feature at all. If a user has Outlook for example that could be used with GpgOL but not everyone has that. I know that some users decrypt such messages already with Kleopatra and then open the Output in Thunderbird. But again, if they had Thunderbird, they could use that with included PGP/MIME support.
Windows 10 has a default Mail app, but if you open a file with that it does not show it but asks you to configure an account.