Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* add Mail::Message#verify that works like decrypt by returning a new Message instance with verification results but without the raw signature data * add tests for inline signed / mime signed, multipart / not mp messages
- Loading branch information
Showing
9 changed files
with
258 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
require 'mail/gpg/verified_part' | ||
|
||
module Mail | ||
module Gpg | ||
class InlineSignedMessage < Mail::Message | ||
|
||
def initialize(signed_mail, options = {}) | ||
if signed_mail.multipart? | ||
super() do | ||
global_verify_result = [] | ||
signed_mail.header.fields.each do |field| | ||
header[field.name] = field.value | ||
end | ||
signed_mail.parts.each do |part| | ||
if Mail::Gpg.signed_inline?(part) | ||
signed_text = part.body.to_s | ||
success, vr = GpgmeHelper.inline_verify(signed_text, options) | ||
p = VerifiedPart.new(part) | ||
if success | ||
p.body self.class.strip_inline_signature signed_text | ||
end | ||
p.verify_result vr | ||
global_verify_result << vr | ||
add_part p | ||
else | ||
add_part part | ||
end | ||
end | ||
verify_result global_verify_result | ||
end # of multipart | ||
else | ||
super() do | ||
signed_mail.header.fields.each do |field| | ||
header[field.name] = field.value | ||
end | ||
signed_text = signed_mail.body.to_s | ||
success, vr = GpgmeHelper.inline_verify(signed_text, options) | ||
if success | ||
body self.class.strip_inline_signature signed_text | ||
else | ||
body signed_text | ||
end | ||
verify_result vr | ||
end | ||
end | ||
end | ||
|
||
END_SIGNED_TEXT = '-----END PGP SIGNED MESSAGE-----' | ||
END_SIGNED_TEXT_RE = /^#{END_SIGNED_TEXT}\s*$/ | ||
INLINE_SIG_RE = Regexp.new('^-----BEGIN PGP SIGNATURE-----\s*$.*^-----END PGP SIGNATURE-----\s*$', Regexp::MULTILINE) | ||
BEGIN_SIG_RE = /^(-----BEGIN PGP SIGNATURE-----)\s*$/ | ||
|
||
|
||
# utility method to remove inline signature and related pgp markers | ||
def self.strip_inline_signature(signed_text) | ||
if signed_text =~ INLINE_SIG_RE | ||
signed_text = signed_text.dup | ||
if signed_text !~ END_SIGNED_TEXT_RE | ||
# insert the 'end of signed text' marker in case it is missing | ||
signed_text = signed_text.gsub BEGIN_SIG_RE, "-----END PGP SIGNED MESSAGE-----\n\\1" | ||
end | ||
signed_text.gsub! INLINE_SIG_RE, '' | ||
signed_text.strip! | ||
end | ||
signed_text | ||
end | ||
|
||
end | ||
end | ||
end | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
require 'mail/gpg/verified_part' | ||
|
||
module Mail | ||
module Gpg | ||
class MimeSignedMessage < Mail::Message | ||
|
||
def initialize(signed_mail, options = {}) | ||
content_part, signature = signed_mail.parts | ||
success, vr = SignPart.verify_signature(content_part, signature, options) | ||
super() do | ||
verify_result vr | ||
signed_mail.header.fields.each do |field| | ||
header[field.name] = field.value | ||
end | ||
content_part.header.fields.each do |field| | ||
header[field.name] = field.value | ||
end | ||
if content_part.multipart? | ||
content_part.parts.each{|part| add_part part} | ||
else | ||
body content_part.body.to_s | ||
end | ||
end | ||
end | ||
end | ||
end | ||
end | ||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,7 @@ | ||
module Mail | ||
module Gpg | ||
module VerifyResultAttribute | ||
|
||
# the result of signature verification, as provided by GPGME | ||
def verify_result(result = nil) | ||
if result | ||
|
@@ -12,6 +13,19 @@ def verify_result(result = nil) | |
def verify_result=(result) | ||
@verify_result = result | ||
end | ||
|
||
# checks validity of signatures (true / false) | ||
def signature_valid? | ||
sigs = self.signatures | ||
sigs.any? && sigs.detect{|s|!s.valid?}.blank? | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
jkraemer
Author
Owner
|
||
end | ||
|
||
# list of all signatures from verify_result | ||
def signatures | ||
[verify_result].flatten.compact.map do |vr| | ||
vr.signatures | ||
end.flatten.compact | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Shouldn't this be
.nil?
instead of.blank?
?