diff --git a/CHANGELOG.md b/CHANGELOG.md index cddf5c8..bbed987 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,8 @@ -## Unreleased +## 0.6.4 -Released YYYY-MM-DD +Released 2023-10-30 -* No changes yet. +* [#2](https://github.com/tiwilliam/rsmime/pull/2) - Fix `raise_on_expired` to properly raise `CertificateExpiredError` when the token is expired on verify. ## 0.6.3 diff --git a/Cargo.lock b/Cargo.lock index 15877fe..f8aa592 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -281,7 +281,7 @@ dependencies = [ [[package]] name = "rsmime" -version = "0.6.3" +version = "0.6.4" dependencies = [ "openssl", "pyo3", diff --git a/Cargo.toml b/Cargo.toml index d8d76c2..d24c726 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rsmime" -version = "0.6.3" +version = "0.6.4" edition = "2021" [lib] diff --git a/pyproject.toml b/pyproject.toml index 0c82c0e..daf6a15 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "maturin" [project] name = "rsmime" -version = "0.6.3" +version = "0.6.4" description = "Python package for signing and verifying S/MIME messages" classifiers = [ "License :: OSI Approved :: MIT License", diff --git a/src/lib.rs b/src/lib.rs index 4521b22..dd13c95 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -65,16 +65,16 @@ fn validate_expiry(certs: &StackRef) -> Result<(), Error> { fn _verify(message: &[u8], raise_on_expired: bool) -> PyResult> { let certs = Stack::new().unwrap(); let store = X509StoreBuilder::new().unwrap().build(); - - if raise_on_expired { - validate_expiry(certs.as_ref()) - .map_err(|err| CertificateExpiredError::new_err(err.to_string()))?; - } + let mut out: Vec = Vec::new(); let (pkcs7, indata) = Pkcs7::from_smime(message).map_err(|err| VerifyError::new_err(err.to_string()))?; - let mut out: Vec = Vec::new(); + if raise_on_expired { + let signer_certs = pkcs7.signers(certs.as_ref(), Pkcs7Flags::empty()).unwrap(); + validate_expiry(signer_certs.as_ref()) + .map_err(|err| CertificateExpiredError::new_err(err.to_string()))?; + } pkcs7 .verify(