feat: verify contacts via Autocrypt-Gossip

This mechanism replaces `Chat-Verified` header. New parameter `_verified=1` in `Autocrypt-Gossip` header marks that the sender has the gossiped key verified. Using `_verified=1` instead of `_verified` because it is less likely to cause troubles with existing Autocrypt header parsers. This is also how https://www.rfc-editor.org/rfc/rfc2045 defines parameter syntax.
2026-04-18 14:06:29 +03:00 · 2025-08-15 22:16:07 +00:00
parent eea848f72b
commit 5b66535134
5 changed files with 159 additions and 99 deletions
--- a/src/tests/verified_chats.rs
+++ b/src/tests/verified_chats.rs
@@ -859,6 +859,44 @@ async fn test_no_reverification() -> Result<()> {
    Ok(())
 }

+/// Tests that if our second device observes
+/// us gossiping a verification,
+/// it is not treated as direct verification.
+///
+/// Direct verifications should only happen
+/// as a result of SecureJoin.
+/// If we see our second device gossiping
+/// a verification of some contact,
+/// it may be indirect verification,
+/// so we should mark the contact as verified,
+/// but with unknown verifier.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_no_direct_verification_via_bcc() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let alice2 = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    mark_as_verified(alice, bob).await;
+
+    let alice_chat_id = alice.create_chat_id(bob).await;
+    let alice_sent_msg = alice.send_text(alice_chat_id, "Hello!").await;
+    alice2.recv_msg(&alice_sent_msg).await;
+
+    // Alice 2 observes Alice 1 gossiping verification for Bob.
+    // Alice 2 does not know if Alice 1 has verified Bob directly though.
+    let alice2_bob_contact = alice2.add_or_lookup_contact(bob).await;
+    assert_eq!(alice2_bob_contact.is_verified(alice2).await?, true);
+
+    // There is some verifier, but it is unknown to Alice's second device.
+    assert_eq!(
+        alice2_bob_contact.get_verifier_id(alice2).await?,
+        Some(None)
+    );
+
+    Ok(())
+}
+
 // ============== Helper Functions ==============

 async fn assert_verified(this: &TestContext, other: &TestContext, protected: ProtectionStatus) {