fix: Don't treat forged outgoing messages as Autocrypt-encrypted

2026-04-17 21:46:35 +03:00 · 2024-02-10 13:55:51 -03:00
parent f0be7daae9
commit 6cee295a5d
4 changed files with 67 additions and 4 deletions
--- a/src/peerstate.rs
+++ b/src/peerstate.rs
@@ -16,6 +16,7 @@ use crate::message::Message;
 use crate::mimeparser::SystemMessage;
 use crate::sql::Sql;
 use crate::stock_str;
+use crate::tools;

 /// Type of the public key stored inside the peerstate.
 #[derive(Debug)]
@@ -165,6 +166,9 @@ impl Peerstate {

    /// Loads peerstate corresponding to the given address from the database.
    pub async fn from_addr(context: &Context, addr: &str) -> Result<Option<Peerstate>> {
+        if context.is_self_addr(addr).await? {
+            return Ok(Some(Peerstate::get_self_stub(addr)));
+        }
        let query = "SELECT addr, last_seen, last_seen_autocrypt, prefer_encrypted, public_key, \
                     gossip_timestamp, gossip_key, public_key_fingerprint, gossip_key_fingerprint, \
                     verified_key, verified_key_fingerprint, \
@@ -182,6 +186,7 @@ impl Peerstate {
        context: &Context,
        fingerprint: &Fingerprint,
    ) -> Result<Option<Peerstate>> {
+        // NOTE: If it's our key fingerprint, this returns None currently.
        let query = "SELECT addr, last_seen, last_seen_autocrypt, prefer_encrypted, public_key, \
                     gossip_timestamp, gossip_key, public_key_fingerprint, gossip_key_fingerprint, \
                     verified_key, verified_key_fingerprint, \
@@ -206,6 +211,9 @@ impl Peerstate {
        fingerprint: &Fingerprint,
        addr: &str,
    ) -> Result<Option<Peerstate>> {
+        if context.is_self_addr(addr).await? {
+            return Ok(Some(Peerstate::get_self_stub(addr)));
+        }
        let query = "SELECT addr, last_seen, last_seen_autocrypt, prefer_encrypted, public_key, \
                     gossip_timestamp, gossip_key, public_key_fingerprint, gossip_key_fingerprint, \
                     verified_key, verified_key_fingerprint, \
@@ -221,6 +229,34 @@ impl Peerstate {
        Self::from_stmt(context, query, (&fp, &addr, &fp)).await
    }

+    /// Returns peerstate stub for self `addr`.
+    ///
+    /// Needed for [`crate::decrypt::keyring_from_peerstate()`] which returns a keyring of all our
+    /// pubkeys for such a stub so that we can check if a message is signed by us.
+    fn get_self_stub(addr: &str) -> Self {
+        let now = tools::time();
+        // We can have multiple pubkeys, just make the corresponding fields None.
+        Self {
+            addr: addr.to_string(),
+            last_seen: now,
+            last_seen_autocrypt: now,
+            prefer_encrypt: EncryptPreference::Mutual,
+            public_key: None,
+            public_key_fingerprint: None,
+            gossip_key: None,
+            gossip_key_fingerprint: None,
+            gossip_timestamp: 0,
+            verified_key: None,
+            verified_key_fingerprint: None,
+            verifier: None,
+            secondary_verified_key: None,
+            secondary_verified_key_fingerprint: None,
+            secondary_verifier: None,
+            backward_verified_key_id: None,
+            fingerprint_changed: false,
+        }
+    }
+
    async fn from_stmt(
        context: &Context,
        query: &str,