Fix OpenPGP payload check

Replace \r\r\n in literal.eml test with \r\n
to make `test_filtermail_no_literal_packets`
actually reach `check_openpgp_payload()`
and make `check_openpgp_payload()` more strict.

CHANGELOG.md

@@ -39,6 +39,9 @@
 - add IMAP capabilities instead of overwriting them
   ([#413](https://github.com/deltachat/chatmail/pull/413))
 
+- fix OpenPGP payload check
+  ([#435](https://github.com/deltachat/chatmail/pull/435))
+
 
 ## 1.4.1 2024-07-31
 

chatmaild/src/chatmaild/filtermail.py

@@ -60,10 +60,11 @@ def check_openpgp_payload(payload: bytes):
         i += body_len
 
         if i == len(payload):
-            if packet_type_id == 18:
+            # Last packet should be
-                # Last packet should be
+            # Symmetrically Encrypted and Integrity Protected Data Packet (SEIPD)
-                # Symmetrically Encrypted and Integrity Protected Data Packet (SEIPD)
+            #
-                return True
+            # This is the only place where this function may return `True`.
+            return packet_type_id == 18
         elif packet_type_id not in [1, 3]:
             # All packets except the last one must be either
             # Public-Key Encrypted Session Key Packet (PKESK)
@@ -71,13 +72,7 @@ def check_openpgp_payload(payload: bytes):
             # Symmetric-Key Encrypted Session Key Packet (SKESK)
             return False
 
-    if i == 0:
+    return False
-        return False
-
-    if i > len(payload):
-        # Payload is truncated.
-        return False
-    return True
 
 
 def check_armored_payload(payload: str):