Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-04-27 10:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: temporarily disable OpenPGP recipient anonymization

Browse Source
This commit is contained in:
link2xt
2025-10-31 23:52:00 +00:00
committed by l
parent 9bc2aeebb8
commit 098084b9a7
3 changed files with 45 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/e2ee.rs
View File

@@ -46,6 +46,7 @@ impl EncryptHelper {
keyring: Vec<SignedPublicKey>,
mail_to_encrypt: MimePart<'static>,
compress: bool,
anonymous_recipients: bool,
) -> Result<String> {
let sign_key = load_self_secret_key(context).await?;
@@ -53,7 +54,14 @@ impl EncryptHelper {
let cursor = Cursor::new(&mut raw_message);
mail_to_encrypt.clone().write_part(cursor).ok();
let ctext = pgp::pk_encrypt(raw_message, keyring, Some(sign_key), compress).await?;
let ctext = pgp::pk_encrypt(
raw_message,
keyring,
Some(sign_key),
compress,
anonymous_recipients,
)
.await?;
Ok(ctext)
}

19
src/mimefactory.rs
View File

@@ -1178,11 +1178,28 @@ impl MimeFactory {
let mut encryption_keyring = vec![encrypt_helper.public_key.clone()];
encryption_keyring.extend(encryption_keys.iter().map(|(_addr, key)| (*key).clone()));
// Do not anonymize OpenPGP recipients.
//
// This is disabled to avoid interoperability problems
// with old core versions <1.160.0 that do not support
// receiving messages with wildcard Key IDs:
// <https://github.com/chatmail/core/issues/7378>
//
// The option should be changed to true
// once new core versions are sufficiently deployed.
let anonymous_recipients = false;
// XXX: additional newline is needed
// to pass filtermail at
// <https://github.com/deltachat/chatmail/blob/4d915f9800435bf13057d41af8d708abd34dbfa8/chatmaild/src/chatmaild/filtermail.py#L84-L86>
let encrypted = encrypt_helper
.encrypt(context, encryption_keyring, message, compress)
.encrypt(
context,
encryption_keyring,
message,
compress,
anonymous_recipients,
)
.await?
+ "\n";

22
src/pgp.rs
View File

@@ -166,6 +166,7 @@ pub async fn pk_encrypt(
public_keys_for_encryption: Vec<SignedPublicKey>,
private_key_for_signing: Option<SignedSecretKey>,
compress: bool,
anonymous_recipients: bool,
) -> Result<String> {
Handle::current()
.spawn_blocking(move || {
@@ -178,7 +179,11 @@ pub async fn pk_encrypt(
let msg = MessageBuilder::from_bytes("", plain);
let mut msg = msg.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM);
for pkey in pkeys {
msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
if anonymous_recipients {
msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
} else {
msg.encrypt_to_key(&mut rng, &pkey)?;
}
}
if let Some(ref skey) = private_key_for_signing {
@@ -434,6 +439,7 @@ mod tests {
/// A ciphertext encrypted to Alice & Bob, signed by Alice.
async fn ctext_signed() -> &'static String {
let anonymous_recipients = true;
CTEXT_SIGNED
.get_or_init(|| async {
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
@@ -444,6 +450,7 @@ mod tests {
keyring,
Some(KEYS.alice_secret.clone()),
compress,
anonymous_recipients,
)
.await
.unwrap()
@@ -453,14 +460,21 @@ mod tests {
/// A ciphertext encrypted to Alice & Bob, not signed.
async fn ctext_unsigned() -> &'static String {
let anonymous_recipients = true;
CTEXT_UNSIGNED
.get_or_init(|| async {
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
let compress = true;
pk_encrypt(CLEARTEXT.to_vec(), keyring, None, compress)
.await
.unwrap()
pk_encrypt(
CLEARTEXT.to_vec(),
keyring,
None,
compress,
anonymous_recipients,
)
.await
.unwrap()
})
.await
}