mail-gpg 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/History.txt +5 -0
  3. data/lib/hkp.rb +15 -2
  4. data/lib/mail/gpg/message_patch.rb +29 -2
  5. data/lib/mail/gpg/version.rb +1 -1
  6. data/test/gpghome/pubring.gpg +0 -0
  7. data/test/gpghome/pubring.gpg~ +0 -0
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 431a878dcca05522a519c9edca6a42e658c9b0c2
4
- data.tar.gz: 18f9aeb942581062f8644e14391520d825829473
3
+ metadata.gz: 4dcf09f797ab779eb55e25010d36f0755f1e9faa
4
+ data.tar.gz: 9fc53e722aceea7fa514a08cd2978679106d44e3
5
5
  SHA512:
6
- metadata.gz: baf5ef3a729d141a0d76d1fe1466a8cbbdc954e373af0c23e58020d64933af087cf3839a1ff6bdc9ccfebaa539aa2af5026b6c543848998912344361718a3163
7
- data.tar.gz: 0052629db9f5c1a595c10d2dbf491be5f9544ae0fdb37b7541437bb2bf4866f559a9f7cd98d235d9cd414494e049905069c7dd730181d9fb749deec277943eaa
6
+ metadata.gz: 836562359cfe50d35a2e7950cdb32fbdbdca566bab08539dbd579b1acaa917d38ce60e5ed2c83820519b92e160a1327aa631143a571231573d417630046bfac9
7
+ data.tar.gz: a80337dde9e52d9a0e00e352f7e664ab3450aa48d5da3a0d2a25945bc9b7770b2a5d282eef1bd491d83b330138f0431c378cf315e43dd90bcc2e9b8011cfd5bd
data/History.txt CHANGED
@@ -1,3 +1,8 @@
1
+ == 0.2.2 2014-09-03
2
+
3
+ * add option to import missing keys for signature verification
4
+ * better Hkp error handling
5
+
1
6
  == 0.2.1 2014-07-23
2
7
 
3
8
  * keep original message id if set
data/lib/hkp.rb CHANGED
@@ -3,8 +3,16 @@ require 'gpgme'
3
3
 
4
4
  # simple HKP client for public key retrieval
5
5
  class Hkp
6
- def initialize(keyserver = nil)
7
- @keyserver = keyserver || lookup_keyserver || 'http://pool.sks-keyservers.net:11371'
6
+ def initialize(options = {})
7
+ if String === options
8
+ options = { keyserver: options }
9
+ end
10
+ @keyserver = options.delete(:keyserver) || lookup_keyserver || 'http://pool.sks-keyservers.net:11371'
11
+ @options = { raise_errors: true }.merge options
12
+ end
13
+
14
+ def raise_errors?
15
+ !!@options[:raise_errors]
8
16
  end
9
17
 
10
18
  # hkp.search 'user@host.com'
@@ -32,6 +40,9 @@ class Hkp
32
40
  open("#{@keyserver}/pks/lookup?options=mr&op=get&search=0x#{URI.escape id}") do |f|
33
41
  return clean_key f.read
34
42
  end
43
+ rescue Exception
44
+ raise $! if raise_errors?
45
+ nil
35
46
  end
36
47
 
37
48
  # fetches key data by id and imports the found key(s) into GPG, returning the full hex fingerprints of the
@@ -41,6 +52,8 @@ class Hkp
41
52
  if key = fetch(id)
42
53
  GPGME::Key.import(key).imports.map(&:fpr)
43
54
  end
55
+ rescue Exception
56
+ raise $! if raise_errors?
44
57
  end
45
58
 
46
59
  private
data/lib/mail/gpg/message_patch.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require 'hkp'
1
2
  require 'mail/gpg/delivery_handler'
2
3
  require 'mail/gpg/verify_result_attribute'
3
4
 
@@ -63,7 +64,13 @@ module Mail
63
64
  # pass verify: true to verify signatures as well. The gpgme verification
64
65
  # result will be available via decrypted_mail.verify_result
65
66
  def decrypt(options = {})
66
- Mail::Gpg.decrypt(self, options)
67
+ import_missing_keys = options[:verify] && options.delete(:import_missing_keys)
68
+ Mail::Gpg.decrypt(self, options).tap do |decrypted|
69
+ if import_missing_keys && !decrypted.signature_valid?
70
+ import_keys_for_signatures! decrypted.signatures
71
+ return Mail::Gpg.decrypt(self, options)
72
+ end
73
+ end
67
74
  end
68
75
 
69
76
  # true if this mail is signed (but not encrypted)
@@ -77,8 +84,28 @@ module Mail
77
84
  # verified = signed_mail.verify()
78
85
  # verified.signature_valid?
79
86
  # signers = mail.signatures.map{|sig| sig.from}
87
+ #
88
+ # use import_missing_keys: true in order to try to fetch and import
89
+ # unknown keys for signature validation
80
90
  def verify(options = {})
81
- Mail::Gpg.verify(self, options)
91
+ import_missing_keys = options.delete(:import_missing_keys)
92
+ Mail::Gpg.verify(self, options).tap do |verified|
93
+ if import_missing_keys && !verified.signature_valid?
94
+ import_keys_for_signatures! verified.signatures
95
+ return Mail::Gpg.verify(self, options)
96
+ end
97
+ end
98
+ end
99
+
100
+ def import_keys_for_signatures!(signatures = [])
101
+ hkp = Hkp.new raise_errors: false
102
+ signatures.each do |sig|
103
+ begin
104
+ sig.key
105
+ rescue EOFError # gpgme throws this for unknown keys :(
106
+ hkp.fetch_and_import sig.fingerprint
107
+ end
108
+ end
82
109
  end
83
110
 
84
111
 
data/lib/mail/gpg/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Mail
2
2
  module Gpg
3
- VERSION = "0.2.1"
3
+ VERSION = "0.2.2"
4
4
  end
5
5
  end
data/test/gpghome/pubring.gpg CHANGED
Binary file
data/test/gpghome/pubring.gpg~ CHANGED
Binary file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mail-gpg
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jens Kraemer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-07-23 00:00:00.000000000 Z
11
+ date: 2014-09-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: mail