Problems with attachments in S/MIME encrypted messages from Outlook

[Dave Goldberg <david.goldberg6@verizon.net>]

At work, we recently moved to an all Microsoft email solution (yuck!)
from the corporate IT perspective.  That is, the mail servers are
Exchange but users are expected to use Outlook.  Those of us who use
other mail/calendar clients are on our own, though they did enable
IMAP and iCal so we're not shut out.  S/MIME is used for signing and
encrypting as it was in our previous environment.  Lately I've been
receiving encrypted messages that contain attachments and Gnus is
unable to deal with them.  I get this error when attempting to save or
view the attachment:

Error while decoding: (error Illegal `=' character while decoding base64 22139)

and the resulting file is corrupt.  That last number is not always the
same; it appears to be the position of the illegal character, though
by my count it's off a bit (more on that below).  Since I couldn't
find that error message in any lisp code, I guessed it was built in to
XEmacs.  So I tried loading the base64 stuff from mail-lib but other
than no error being reported, the results were the same - a corrupt
file.

Evolution and Thunderbird have no trouble with these attachments.
Further, if I run openssl by hand to get the message into a textual
format, I can extract the attachment's base64 block and successfully
convert it so this appears to be an error parsing the MIME structure
of the message and somehow embedding the Illegal '=' character into
the base64 stream.  Unfortunately I do not see any obvious way to
debug this inside of XEmacs.  The messages are encrypted and the
initial decryption results in a single base64 encoded block with
headers like this:

    Content-Type: application/x-pkcs7-mime; name=smime.p7m; smime-type=signed-data
    Content-Transfer-Encoding: base64
    Content-Disposition: attachment; filename=smime.p7m

A subsequent run of openssl to verify the signature is required to get
the message into readable form (well, at least that's how I've been
doing it).  In otherwords, I run

openssl smime -decrypt -recip mykeyfile -in message | \
openssl smime -verify -noverify 

to get a MIME structure like this (text removed and attachment
truncated)

    Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_000F_01C5DAF3.7FAD2950"

    This is a multi-part message in MIME format.

    ------=_NextPart_000_000F_01C5DAF3.7FAD2950
    Content-Type: text/plain;
    charset="us-ascii"
    Content-Transfer-Encoding: 7bit



    some text


    ------=_NextPart_000_000F_01C5DAF3.7FAD2950
    Content-Type: application/vnd.ms-excel;
    name="test.xls"
    Content-Transfer-Encoding: base64
    Content-Disposition: attachment;
    filename="test.xls"

    [lots of stuff elided]
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

    ------=_NextPart_000_000F_01C5DAF3.7FAD2950--

Note the = at the end of the last line.  I'm guessing those are the
illegal characters yet they don't seem to cause me any grief when I
process the file manually or, any grief to other clients.  However, I
really don't know whether the message I'm creating from my command
line is the same as that created when Gnus runs openssl since I'm not
certain exactly what command line it runs.  I've attempted to use the
debugger a bit, but I don't know where to break into it and all
attempts have ended up with me spending too much time single stepping,
and then missing the key event when I try to let some functions go.
I'm happy to try to track this down (almost desperate to do so, in
fact :-) but I'm hoping someone can give me some guidance on where to
look.

Thanks,

-- 
Dave Goldberg
david.goldberg6@verizon.net