Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-16 21:36:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix #1753 In opportunistic chats, a wrongly signed message should be readable eventually

Browse Source
This commit is contained in:
Hocuri
2020-08-02 10:49:45 +02:00
committed by link2xt
parent 6e8808f69b
commit ac232a5dbf
2 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/e2ee.rs
View File

@@ -116,11 +116,13 @@ impl EncryptHelper {
} }
/// Tries to decrypt a message, but only if it is structured as an /// Tries to decrypt a message, but only if it is structured as an
/// Autocrypt message, i.e. encrypted and signed with a valid /// Autocrypt message.
/// signature.
/// ///
/// Returns decrypted body and a set of valid signature fingerprints /// Returns decrypted body and a set of valid signature fingerprints
/// if successful. /// if successful.
///
/// If the message is wrongly signed, this will still return the decrypted
/// message but the HashSet will be empty.
pub async fn try_decrypt( pub async fn try_decrypt(
context: &Context, context: &Context,
mail: &ParsedMail<'_>, mail: &ParsedMail<'_>,
@@ -219,13 +221,6 @@ async fn decrypt_if_autocrypt_message<'a>(
public_keyring_for_validate: Keyring<SignedPublicKey>, public_keyring_for_validate: Keyring<SignedPublicKey>,
ret_valid_signatures: &mut HashSet<Fingerprint>, ret_valid_signatures: &mut HashSet<Fingerprint>,
) -> Result<Option<Vec<u8>>> { ) -> Result<Option<Vec<u8>>> {
// The returned bool is true if we detected an Autocrypt-encrypted
// message and successfully decrypted it. Decryption then modifies the
// passed in mime structure in place. The returned bool is false
// if it was not an Autocrypt message.
//
// Errors are returned for failures related to decryption of AC-messages.
let encrypted_data_part = match get_autocrypt_mime(mail) { let encrypted_data_part = match get_autocrypt_mime(mail) {
Err(_) => { Err(_) => {
// not an autocrypt mime message, abort and ignore // not an autocrypt mime message, abort and ignore
@@ -265,7 +260,9 @@ async fn decrypt_part(
) )
.await?; .await?;
ensure!(!ret_valid_signatures.is_empty(), "no valid signatures"); // If the message was wrongly or not signed, still return the plain text.
// The caller has to check the signatures then.
return Ok(Some(plain)); return Ok(Some(plain));
} }

18
src/mimeparser.rs
View File

@@ -141,10 +141,14 @@ impl MimeMessage {
// Handle any gossip headers if the mail was encrypted. See section // Handle any gossip headers if the mail was encrypted. See section
// "3.6 Key Gossip" of https://autocrypt.org/autocrypt-spec-1.1.0.pdf // "3.6 Key Gossip" of https://autocrypt.org/autocrypt-spec-1.1.0.pdf
let gossip_headers = decrypted_mail.headers.get_all_values("Autocrypt-Gossip"); // but only if the mail was correctly signed:
gossipped_addr = if !signatures.is_empty() {
update_gossip_peerstates(context, message_time, &mail, gossip_headers) let gossip_headers =
.await?; decrypted_mail.headers.get_all_values("Autocrypt-Gossip");
gossipped_addr =
update_gossip_peerstates(context, message_time, &mail, gossip_headers)
.await?;
}
// let known protected headers from the decrypted // let known protected headers from the decrypted
// part override the unencrypted top-level // part override the unencrypted top-level
@@ -200,6 +204,12 @@ impl MimeMessage {
parser.heuristically_parse_ndn(context).await; parser.heuristically_parse_ndn(context).await;
parser.parse_headers(context)?; parser.parse_headers(context)?;
if parser.signatures.is_empty() {
for part in parser.parts.iter_mut() {
part.error = "No valid signature".to_string();
}
}
Ok(parser) Ok(parser)
} }