Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-22 16:26:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

securejoin: do not check the signatures existance twice

Browse Source 
Mimeparser.was_encrypted() checks if the message is an Autocrypt encrypted
message. It already means the message has a valid signature.

This commit documents a few functions to make it clear that signatures
stored in Mimeparser must be valid and must always come from encrypted
messages.

Also one unwrap() is eliminated in encrypted_and_signed(). It is possible
to further simplify encrypted_and_signed() by skipping the was_encrypted()
check, because the function only returns true if there is a matching
signature, but it is helpful for debugging to distinguish between
non-Autocrypt messages and messages whose fingerprint does not match.
This commit is contained in:
Alexander Krotov
2020-07-13 05:08:42 +03:00
committed by holger krekel
parent 64ab86a1a6
commit 6902250d6b
3 changed files with 29 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/e2ee.rs
View File

@@ -115,6 +115,12 @@ impl EncryptHelper {
} }
} }
/// Tries to decrypt a message, but only if it is structured as an
/// Autocrypt message, i.e. encrypted and signed with a valid
/// signature.
///
/// Returns decrypted body and a set of valid signature fingerprints
/// if successful.
pub async fn try_decrypt( pub async fn try_decrypt(
context: &Context, context: &Context,
mail: &ParsedMail<'_>, mail: &ParsedMail<'_>,

12
src/mimeparser.rs
View File

@@ -46,7 +46,14 @@ pub struct MimeMessage {
pub from: Vec<SingleInfo>, pub from: Vec<SingleInfo>,
pub chat_disposition_notification_to: Option<SingleInfo>, pub chat_disposition_notification_to: Option<SingleInfo>,
pub decrypting_failed: bool, pub decrypting_failed: bool,
/// Set of valid signature fingerprints if a message is an
/// Autocrypt encrypted and signed message.
///
/// If a message is not encrypted or the signature is not valid,
/// this set is empty.
pub signatures: HashSet<Fingerprint>, pub signatures: HashSet<Fingerprint>,
pub gossipped_addr: HashSet<String>, pub gossipped_addr: HashSet<String>,
pub is_forwarded: bool, pub is_forwarded: bool,
pub is_system_message: SystemMessage, pub is_system_message: SystemMessage,
@@ -401,6 +408,11 @@ impl MimeMessage {
} }
} }
/// Returns true if the message was encrypted as defined in
/// Autocrypt standard.
///
/// This means the message was both encrypted and signed with a
/// valid signature.
pub fn was_encrypted(&self) -> bool { pub fn was_encrypted(&self) -> bool {
!self.signatures.is_empty() !self.signatures.is_empty()
} }

27
src/securejoin.rs
View File

@@ -1008,24 +1008,19 @@ fn encrypted_and_signed(
if !mimeparser.was_encrypted() { if !mimeparser.was_encrypted() {
warn!(context, "Message not encrypted.",); warn!(context, "Message not encrypted.",);
false false
} else if mimeparser.signatures.is_empty() { } else if let Some(expected_fingerprint) = expected_fingerprint {
warn!(context, "Message not signed.",); if !mimeparser.signatures.contains(expected_fingerprint) {
false warn!(
} else if expected_fingerprint.is_none() { context,
"Message does not match expected fingerprint {}.", expected_fingerprint,
);
false
} else {
true
}
} else {
warn!(context, "Fingerprint for comparison missing."); warn!(context, "Fingerprint for comparison missing.");
false false
} else if !mimeparser
.signatures
.contains(expected_fingerprint.unwrap())
{
warn!(
context,
"Message does not match expected fingerprint {}.",
expected_fingerprint.unwrap(),
);
false
} else {
true
} }
} }