From e6c25565d8ca625a168b140333e27cf6132b05b0 Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Thu, 5 Dec 2019 10:46:20 +0100
Subject: [PATCH] Find S/MIME recipient

---
 .../eu/faircode/email/FragmentMessages.java   | 38 ++++++++++++++++---
 app/src/main/res/values/strings.xml           |  2 +-
 2 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/app/src/main/java/eu/faircode/email/FragmentMessages.java b/app/src/main/java/eu/faircode/email/FragmentMessages.java
index 30dc68a66f..5b0b2ced2a 100644
--- a/app/src/main/java/eu/faircode/email/FragmentMessages.java
+++ b/app/src/main/java/eu/faircode/email/FragmentMessages.java
@@ -112,11 +112,12 @@ import com.sun.mail.util.FolderClosedIOException;
 import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
 import org.bouncycastle.cms.CMSEnvelopedData;
+import org.bouncycastle.cms.CMSException;
 import org.bouncycastle.cms.CMSProcessable;
 import org.bouncycastle.cms.CMSProcessableFile;
 import org.bouncycastle.cms.CMSSignedData;
 import org.bouncycastle.cms.CMSVerifierCertificateNotValidException;
-import org.bouncycastle.cms.KeyTransRecipientInformation;
+import org.bouncycastle.cms.KeyTransRecipientId;
 import org.bouncycastle.cms.RecipientInformation;
 import org.bouncycastle.cms.SignerInformation;
 import org.bouncycastle.cms.SignerInformationStore;
@@ -4407,6 +4408,11 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
                     if (privkey == null)
                         throw new IllegalArgumentException("Private key missing");
 
+                    // Get public key
+                    X509Certificate[] chain = KeyChain.getCertificateChain(context, alias);
+                    if (chain == null || chain.length == 0)
+                        throw new IllegalArgumentException("Public key missing");
+
                     // Get encrypted message
                     File input = null;
                     List<EntityAttachment> attachments = db.attachment().getAttachments(id);
@@ -4427,11 +4433,33 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
                         envelopedData = new CMSEnvelopedData(fis);
                     }
 
-                    // Decrypt message
-                    Collection<RecipientInformation> recipients = envelopedData.getRecipientInfos().getRecipients();
-                    KeyTransRecipientInformation recipientInfo = (KeyTransRecipientInformation) recipients.iterator().next();
+                    // Get recipient info
                     JceKeyTransRecipient recipient = new JceKeyTransEnvelopedRecipient(privkey);
-                    InputStream is = recipientInfo.getContentStream(recipient).getContentStream();
+                    Collection<RecipientInformation> recipients = envelopedData.getRecipientInfos().getRecipients(); // KeyTransRecipientInformation
+
+                    // Find recipient
+                    InputStream is = null;
+                    for (RecipientInformation recipientInfo : recipients) {
+                        KeyTransRecipientId recipientId = (KeyTransRecipientId) recipientInfo.getRID();
+                        if (recipientId.getSerialNumber().equals(chain[0].getSerialNumber()))
+                            try {
+                                is = recipientInfo.getContentStream(recipient).getContentStream();
+                            } catch (CMSException ex) {
+                                Log.w(ex);
+                            }
+                    }
+
+                    // Fallback: try all recipients
+                    if (is == null)
+                        for (RecipientInformation recipientInfo : recipients)
+                            try {
+                                is = recipientInfo.getContentStream(recipient).getContentStream();
+                            } catch (CMSException ex) {
+                                Log.w(ex);
+                            }
+
+                    if (is == null)
+                        throw new IllegalArgumentException(context.getString(R.string.title_invalid_key));
 
                     // Decode message
                     Properties props = MessageHelper.getSessionProperties();
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 80df68d5ac..0c9fd4369b 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -678,7 +678,7 @@
     <string name="title_edit_plain_text">Edit as plain text</string>
     <string name="title_edit_formatted_text">Edit as reformatted text</string>
     <string name="title_select_certificate">Select public key</string>
-    <string name="title_import_certificate">Import public key</string>
+    <string name="title_invalid_key">Invalid private key</string>
     <string name="title_send_plain_text">Plain text only</string>
     <string name="title_send_receipt">Request delivery/read receipt</string>
     <string name="title_send_receipt_remark">Most providers and email clients ignore receipt requests</string>