securejoin: do not check the signatures existance twice

Mimeparser.was_encrypted() checks if the message is an Autocrypt encrypted message. It already means the message has a valid signature. This commit documents a few functions to make it clear that signatures stored in Mimeparser must be valid and must always come from encrypted messages. Also one unwrap() is eliminated in encrypted_and_signed(). It is possible to further simplify encrypted_and_signed() by skipping the was_encrypted() check, because the function only returns true if there is a matching signature, but it is helpful for debugging to distinguish between non-Autocrypt messages and messages whose fingerprint does not match.
2026-05-04 13:56:30 +03:00 · 2020-07-13 05:08:42 +03:00
parent 64ab86a1a6
commit 6902250d6b
3 changed files with 29 additions and 16 deletions
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -46,7 +46,14 @@ pub struct MimeMessage {
    pub from: Vec<SingleInfo>,
    pub chat_disposition_notification_to: Option<SingleInfo>,
    pub decrypting_failed: bool,
+
+    /// Set of valid signature fingerprints if a message is an
+    /// Autocrypt encrypted and signed message.
+    ///
+    /// If a message is not encrypted or the signature is not valid,
+    /// this set is empty.
    pub signatures: HashSet<Fingerprint>,
+
    pub gossipped_addr: HashSet<String>,
    pub is_forwarded: bool,
    pub is_system_message: SystemMessage,
@@ -401,6 +408,11 @@ impl MimeMessage {
        }
    }

+    /// Returns true if the message was encrypted as defined in
+    /// Autocrypt standard.
+    ///
+    /// This means the message was both encrypted and signed with a
+    /// valid signature.
    pub fn was_encrypted(&self) -> bool {
        !self.signatures.is_empty()
    }