mail-gpg 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 14ba55d7e077b20728fd06b9439c9c7694bdea53
-  data.tar.gz: 858613b6a0fea4c2c3d4485fa11c735056b0ca58
+  metadata.gz: 5372354dbe32dbf5c05196f257b8172582e5ffcc
+  data.tar.gz: 983703ee19cac1078e36c37bfde1b13906fd0ffa
 SHA512:
-  metadata.gz: ccc8ecdcd585fd538504acb42d024d114008af0e7db5f5751824eda2bb4a6edfe65b0a95c844325ede9315470b2bda1a43937f0822331008e3fd8a2d4efec171
-  data.tar.gz: 0c480fd57cc572c2cc4fa3495b1046513aa14a3052c05645462157052095d7434205b37e556448deec60fa80469b9be29e32cde7da5bc4a587405c9811030cff
+  metadata.gz: aeb9b25b2c04e4c0a71b1eea09631e399a82dbcef6b707b75a4053bca637e66dbdd1d3eabf88673c16a75b8ffd623fabdbdc1e9fe906c10b0ceee4debe452c75
+  data.tar.gz: 241a812c8341db86deae1bf48927e5a1c5e92491c505ab67706a9c3e83768c341207dc4d00dcc434d4fbff29252c6625ea5a55110a91a9d033bfb2a534701de6

data/History.txt

@@ -1,3 +1,8 @@
+== 0.3.1 2017-04-13
+
+* fixes a bug with signature verification that only surfaced in environments
+  where ActiveSupport isn't loaded. Thanks @mashedcode for pointing this out.
+
 == 0.3.0 2016-12-27
 
 * [MIGHT BREAK THINGS] All mail headers will preserved now, if you want to

data/lib/mail/gpg.rb

@@ -116,12 +116,11 @@ module Mail
 
     # decrypts PGP/MIME (RFC 3156, section 4) encrypted mail
     def self.decrypt_pgp_mime(encrypted_mail, options)
-      # MUST containt exactly two body parts
-      if encrypted_mail.parts.length != 2
-        raise EncodingError, "RFC 3136 mandates exactly two body parts, found '#{encrypted_mail.parts.length}'"
+      if encrypted_mail.parts.length < 2
+        raise EncodingError, "RFC 3156 mandates exactly two body parts, found '#{encrypted_mail.parts.length}'"
       end
       if !VersionPart.isVersionPart? encrypted_mail.parts[0]
-        raise EncodingError, "RFC 3136 first part not a valid version part '#{encrypted_mail.parts[0]}'"
+        raise EncodingError, "RFC 3156 first part not a valid version part '#{encrypted_mail.parts[0]}'"
       end
       decrypted = DecryptedPart.new(encrypted_mail.parts[1], options)
       Mail.new(decrypted.raw_source) do
@@ -151,7 +150,7 @@ module Mail
     def self.signature_valid_pgp_mime?(signed_mail, options)
       # MUST contain exactly two body parts
       if signed_mail.parts.length != 2
-        raise EncodingError, "RFC 3136 mandates exactly two body parts, found '#{signed_mail.parts.length}'"
+        raise EncodingError, "RFC 3156 mandates exactly two body parts, found '#{signed_mail.parts.length}'"
       end
       result, verify_result = SignPart.verify_signature(signed_mail.parts[0], signed_mail.parts[1], options)
       signed_mail.verify_result = verify_result

data/lib/mail/gpg/verify_result_attribute.rb

@@ -17,7 +17,7 @@ module Mail
       # checks validity of signatures (true / false)
       def signature_valid?
         sigs = self.signatures
-        sigs.any? && sigs.detect{|s|!s.valid?}.blank?
+        sigs.any? && sigs.all?{|s|s.valid?}
       end
 
       # list of all signatures from verify_result

data/lib/mail/gpg/version.rb

@@ -1,5 +1,5 @@
 module Mail
   module Gpg
-    VERSION = "0.3.0"
+    VERSION = "0.3.1"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mail-gpg
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Jens Kraemer
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-12-27 00:00:00.000000000 Z
+date: 2017-04-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail