Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-01 20:36:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add create_broadcast_shared_secret()

Browse Source
This commit is contained in:
Hocuri
2025-07-21 17:34:46 +02:00
parent 8653fdbd8e
commit 3781a35989
2 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/chat.rs
View File

@@ -43,9 +43,9 @@ use crate::smtp::send_msg_to_smtp;
use crate::stock_str;
use crate::sync::{self, Sync::*, SyncData};
use crate::tools::{
IsNoneOrEmpty, SystemTime, buf_compress, create_id, create_outgoing_rfc724_mid,
create_smeared_timestamp, create_smeared_timestamps, get_abs_path, gm2local_offset,
smeared_time, time, truncate_msg_text,
IsNoneOrEmpty, SystemTime, buf_compress, create_broadcast_shared_secret, create_id,
create_outgoing_rfc724_mid, create_smeared_timestamp, create_smeared_timestamps, get_abs_path,
gm2local_offset, smeared_time, time, truncate_msg_text,
};
use crate::webxdc::StatusUpdateSerial;
use crate::{chatlist_events, imap};

19
src/tools.rs
View File

@@ -300,6 +300,25 @@ pub(crate) fn create_id() -> String {
base64::engine::general_purpose::URL_SAFE.encode(arr)
}
/// Generate a shared secret for a broadcast channel, consisting of 64 characters..
///
/// The string generated by this function has 384 bits of entropy
/// and is returned as 64 Base64 characters, each containing 6 bits of entropy.
/// 384 is chosen because it is sufficiently secure
/// (larger than AES-128 keys used for message encryption)
/// and divides both by 8 (byte size) and 6 (number of bits in a single Base64 character).
// TODO ask someone what a good size would be here - also, not sure whether the AES-128 thing is true
pub(crate) fn create_broadcast_shared_secret() -> String {
// ThreadRng implements CryptoRng trait and is supposed to be cryptographically secure.
let mut rng = thread_rng();
// Generate 384 random bits.
let mut arr = [0u8; 48];
rng.fill(&mut arr[..]);
base64::engine::general_purpose::URL_SAFE.encode(arr)
}
/// Returns true if given string is a valid ID.
///
/// All IDs generated with `create_id()` should be considered valid.