refactor(mimeparser): store only one signature fingerprint

Messages are normally not signed with more than one key and in this case we pick an arbitrary signature later anyway.
2026-04-18 05:56:31 +03:00 · 2025-08-16 23:33:38 +00:00
parent 176a89bd03
commit 8070dfcc82
3 changed files with 21 additions and 16 deletions
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -623,17 +623,19 @@ fn encrypted_and_signed(
    mimeparser: &MimeMessage,
    expected_fingerprint: &Fingerprint,
 ) -> bool {
-    if !mimeparser.was_encrypted() {
+    if let Some(signature) = mimeparser.signature.as_ref() {
+        if signature == expected_fingerprint {
+            true
+        } else {
+            warn!(
+                context,
+                "Message does not match expected fingerprint {expected_fingerprint}.",
+            );
+            false
+        }
+    } else {
        warn!(context, "Message not encrypted.",);
        false
-    } else if !mimeparser.signatures.contains(expected_fingerprint) {
-        warn!(
-            context,
-            "Message does not match expected fingerprint {}.", expected_fingerprint,
-        );
-        false
-    } else {
-        true
    }
 }