mirror of
https://github.com/chatmail/core.git
synced 2026-05-08 17:36:29 +03:00
feat: temporarily disable OpenPGP recipient anonymization
This commit is contained in:
link2xt
10
src/e2ee.rs
10
src/e2ee.rs
@@ -46,6 +46,7 @@ impl EncryptHelper {
|
|||||||
keyring: Vec<SignedPublicKey>,
|
keyring: Vec<SignedPublicKey>,
|
||||||
mail_to_encrypt: MimePart<'static>,
|
mail_to_encrypt: MimePart<'static>,
|
||||||
compress: bool,
|
compress: bool,
|
||||||
|
anonymous_recipients: bool,
|
||||||
) -> Result<String> {
|
) -> Result<String> {
|
||||||
let sign_key = load_self_secret_key(context).await?;
|
let sign_key = load_self_secret_key(context).await?;
|
||||||
|
|
||||||
@@ -53,7 +54,14 @@ impl EncryptHelper {
|
|||||||
let cursor = Cursor::new(&mut raw_message);
|
let cursor = Cursor::new(&mut raw_message);
|
||||||
mail_to_encrypt.clone().write_part(cursor).ok();
|
mail_to_encrypt.clone().write_part(cursor).ok();
|
||||||
|
|
||||||
let ctext = pgp::pk_encrypt(raw_message, keyring, Some(sign_key), compress).await?;
|
let ctext = pgp::pk_encrypt(
|
||||||
|
raw_message,
|
||||||
|
keyring,
|
||||||
|
Some(sign_key),
|
||||||
|
compress,
|
||||||
|
anonymous_recipients,
|
||||||
|
)
|
||||||
|
.await?;
|
||||||
|
|
||||||
Ok(ctext)
|
Ok(ctext)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1178,11 +1178,28 @@ impl MimeFactory {
|
|||||||
let mut encryption_keyring = vec![encrypt_helper.public_key.clone()];
|
let mut encryption_keyring = vec![encrypt_helper.public_key.clone()];
|
||||||
encryption_keyring.extend(encryption_keys.iter().map(|(_addr, key)| (*key).clone()));
|
encryption_keyring.extend(encryption_keys.iter().map(|(_addr, key)| (*key).clone()));
|
||||||
|
|
||||||
|
// Do not anonymize OpenPGP recipients.
|
||||||
|
//
|
||||||
|
// This is disabled to avoid interoperability problems
|
||||||
|
// with old core versions <1.160.0 that do not support
|
||||||
|
// receiving messages with wildcard Key IDs:
|
||||||
|
// <https://github.com/chatmail/core/issues/7378>
|
||||||
|
//
|
||||||
|
// The option should be changed to true
|
||||||
|
// once new core versions are sufficiently deployed.
|
||||||
|
let anonymous_recipients = false;
|
||||||
|
|
||||||
// XXX: additional newline is needed
|
// XXX: additional newline is needed
|
||||||
// to pass filtermail at
|
// to pass filtermail at
|
||||||
// <https://github.com/deltachat/chatmail/blob/4d915f9800435bf13057d41af8d708abd34dbfa8/chatmaild/src/chatmaild/filtermail.py#L84-L86>
|
// <https://github.com/deltachat/chatmail/blob/4d915f9800435bf13057d41af8d708abd34dbfa8/chatmaild/src/chatmaild/filtermail.py#L84-L86>
|
||||||
let encrypted = encrypt_helper
|
let encrypted = encrypt_helper
|
||||||
.encrypt(context, encryption_keyring, message, compress)
|
.encrypt(
|
||||||
|
context,
|
||||||
|
encryption_keyring,
|
||||||
|
message,
|
||||||
|
compress,
|
||||||
|
anonymous_recipients,
|
||||||
|
)
|
||||||
.await?
|
.await?
|
||||||
+ "\n";
|
+ "\n";
|
||||||
|
|
||||||
|
|||||||
16
src/pgp.rs
16
src/pgp.rs
@@ -166,6 +166,7 @@ pub async fn pk_encrypt(
|
|||||||
public_keys_for_encryption: Vec<SignedPublicKey>,
|
public_keys_for_encryption: Vec<SignedPublicKey>,
|
||||||
private_key_for_signing: Option<SignedSecretKey>,
|
private_key_for_signing: Option<SignedSecretKey>,
|
||||||
compress: bool,
|
compress: bool,
|
||||||
|
anonymous_recipients: bool,
|
||||||
) -> Result<String> {
|
) -> Result<String> {
|
||||||
Handle::current()
|
Handle::current()
|
||||||
.spawn_blocking(move || {
|
.spawn_blocking(move || {
|
||||||
@@ -178,7 +179,11 @@ pub async fn pk_encrypt(
|
|||||||
let msg = MessageBuilder::from_bytes("", plain);
|
let msg = MessageBuilder::from_bytes("", plain);
|
||||||
let mut msg = msg.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM);
|
let mut msg = msg.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM);
|
||||||
for pkey in pkeys {
|
for pkey in pkeys {
|
||||||
|
if anonymous_recipients {
|
||||||
msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
|
msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
|
||||||
|
} else {
|
||||||
|
msg.encrypt_to_key(&mut rng, &pkey)?;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if let Some(ref skey) = private_key_for_signing {
|
if let Some(ref skey) = private_key_for_signing {
|
||||||
@@ -434,6 +439,7 @@ mod tests {
|
|||||||
|
|
||||||
/// A ciphertext encrypted to Alice & Bob, signed by Alice.
|
/// A ciphertext encrypted to Alice & Bob, signed by Alice.
|
||||||
async fn ctext_signed() -> &'static String {
|
async fn ctext_signed() -> &'static String {
|
||||||
|
let anonymous_recipients = true;
|
||||||
CTEXT_SIGNED
|
CTEXT_SIGNED
|
||||||
.get_or_init(|| async {
|
.get_or_init(|| async {
|
||||||
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
|
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
|
||||||
@@ -444,6 +450,7 @@ mod tests {
|
|||||||
keyring,
|
keyring,
|
||||||
Some(KEYS.alice_secret.clone()),
|
Some(KEYS.alice_secret.clone()),
|
||||||
compress,
|
compress,
|
||||||
|
anonymous_recipients,
|
||||||
)
|
)
|
||||||
.await
|
.await
|
||||||
.unwrap()
|
.unwrap()
|
||||||
@@ -453,12 +460,19 @@ mod tests {
|
|||||||
|
|
||||||
/// A ciphertext encrypted to Alice & Bob, not signed.
|
/// A ciphertext encrypted to Alice & Bob, not signed.
|
||||||
async fn ctext_unsigned() -> &'static String {
|
async fn ctext_unsigned() -> &'static String {
|
||||||
|
let anonymous_recipients = true;
|
||||||
CTEXT_UNSIGNED
|
CTEXT_UNSIGNED
|
||||||
.get_or_init(|| async {
|
.get_or_init(|| async {
|
||||||
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
|
let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
|
||||||
let compress = true;
|
let compress = true;
|
||||||
|
|
||||||
pk_encrypt(CLEARTEXT.to_vec(), keyring, None, compress)
|
pk_encrypt(
|
||||||
|
CLEARTEXT.to_vec(),
|
||||||
|
keyring,
|
||||||
|
None,
|
||||||
|
compress,
|
||||||
|
anonymous_recipients,
|
||||||
|
)
|
||||||
.await
|
.await
|
||||||
.unwrap()
|
.unwrap()
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user