Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-20 07:16:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

comments/naming: Make sure that I consistently use shared_secret

Browse Source
This commit is contained in:
Hocuri
2025-08-08 16:27:33 +02:00
parent 792c05fc3e
commit 90d4856a1c
6 changed files with 24 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
benches/benchmark_decrypting.rs
View File

@@ -115,7 +115,7 @@ fn criterion_benchmark(c: &mut Criterion) {
.map(|_| create_broadcast_shared_secret_pub()) .map(|_| create_broadcast_shared_secret_pub())
.collect(); .collect();
// "secret" is the symmetric secret that was used to encrypt text_symmetrically_encrypted.eml: // "secret" is the shared secret that was used to encrypt text_symmetrically_encrypted.eml:
secrets[NUM_SECRETS / 2] = "secret".to_string(); secrets[NUM_SECRETS / 2] = "secret".to_string();
let context = rt.block_on(async { let context = rt.block_on(async {

2
src/chat.rs
View File

@@ -2947,7 +2947,7 @@ async fn prepare_send_msg(
msg.param msg.param
.get_bool(Param::ForcePlaintext) .get_bool(Param::ForcePlaintext)
.unwrap_or_default() .unwrap_or_default()
// V2 securejoin messages are symmetrically encrypted, no need for the public key: // V2 securejoin messages are symmetrically encrypted, no need for the public key:
|| msg.securejoin_step() == Some("vb-request-v2") || msg.securejoin_step() == Some("vb-request-v2")
} }
_ => false, _ => false,

7
src/decrypt.rs
View File

@@ -10,11 +10,8 @@ use crate::pgp;
/// Tries to decrypt a message, but only if it is structured as an Autocrypt message. /// Tries to decrypt a message, but only if it is structured as an Autocrypt message.
/// ///
/// If successful and the message is encrypted, returns a tuple of: /// If successful and the message is encrypted,
/// /// returns the decrypted and decompressed message.
/// - The decrypted and decompressed message
/// - If the message was symmetrically encrypted:
/// The index in `shared_secrets` of the secret used to decrypt the message.
pub fn try_decrypt<'a>( pub fn try_decrypt<'a>(
mail: &'a ParsedMail<'a>, mail: &'a ParsedMail<'a>,
private_keyring: &'a [SignedSecretKey], private_keyring: &'a [SignedSecretKey],

11
src/mimefactory.rs
View File

@@ -1180,7 +1180,7 @@ impl MimeFactory {
Loaded::Mdn { .. } => true, Loaded::Mdn { .. } => true,
}; };
let symmetric_key: Option<String> = match &self.loaded { let shared_secret: Option<String> = match &self.loaded {
Loaded::Message { msg, .. } if should_encrypt_with_auth_token(msg) => { Loaded::Message { msg, .. } if should_encrypt_with_auth_token(msg) => {
// TODO rather than setting Arg2, bob.rs could set a param `Param::SharedSecretForEncryption` or similar // TODO rather than setting Arg2, bob.rs could set a param `Param::SharedSecretForEncryption` or similar
msg.param.get(Param::Arg2).map(|s| s.to_string()) msg.param.get(Param::Arg2).map(|s| s.to_string())
@@ -1188,7 +1188,7 @@ impl MimeFactory {
Loaded::Message { chat, msg } Loaded::Message { chat, msg }
if should_encrypt_with_broadcast_secret(msg, chat) => if should_encrypt_with_broadcast_secret(msg, chat) =>
{ {
// If there is no symmetric key yet // If there is no shared secret yet
// (because this is an old broadcast channel, // (because this is an old broadcast channel,
// created before we had symmetric encryption), // created before we had symmetric encryption),
// we just encrypt asymmetrically. // we just encrypt asymmetrically.
@@ -1200,11 +1200,10 @@ impl MimeFactory {
_ => None, _ => None,
}; };
let encrypted = if let Some(symmetric_key) = symmetric_key { let encrypted = if let Some(shared_secret) = shared_secret {
info!(context, "Symmetrically encrypting for broadcast channel."); info!(context, "Encrypting symmetrically.");
info!(context, "secret: {symmetric_key}"); // TODO
encrypt_helper encrypt_helper
.encrypt_for_broadcast(context, &symmetric_key, message, compress) .encrypt_for_broadcast(context, &shared_secret, message, compress)
.await? .await?
} else { } else {
// Asymmetric encryption // Asymmetric encryption

24
src/pgp.rs
View File

@@ -238,10 +238,7 @@ pub fn pk_calc_signature(
/// shared secrets used for symmetric encryption /// shared secrets used for symmetric encryption
/// are passed in `shared_secrets`. /// are passed in `shared_secrets`.
/// ///
/// Returns a tuple of: /// Returns the decrypted and decompressed message.
/// - The decrypted and decompressed message
/// - If the message was symmetrically encrypted:
/// The index in `shared_secrets` of the secret used to decrypt the message.
pub fn decrypt( pub fn decrypt(
ctext: Vec<u8>, ctext: Vec<u8>,
private_keys_for_decryption: &[SignedSecretKey], private_keys_for_decryption: &[SignedSecretKey],
@@ -253,7 +250,13 @@ pub fn decrypt(
let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect(); let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect();
let empty_pw = Password::empty(); let empty_pw = Password::empty();
// TODO it may degrade performance that we always try out all passwords here // We always try out all passwords here, which is not great for performance.
// But benchmarking (see `benchmark_decrypting.rs`)
// showed that the performance penalty is acceptable.
// We could include a short (~2 character) identifier of the secret
// in
// (or just include the first 2 characters of the secret in clear-text)
// in order to
let message_password: Vec<Password> = shared_secrets let message_password: Vec<Password> = shared_secrets
.iter() .iter()
.map(|p| Password::from(p.as_str())) .map(|p| Password::from(p.as_str()))
@@ -322,7 +325,7 @@ pub async fn symm_encrypt(passphrase: &str, plain: Vec<u8>) -> Result<String> {
tokio::task::spawn_blocking(move || { tokio::task::spawn_blocking(move || {
let mut rng = thread_rng(); let mut rng = thread_rng();
let s2k = StringToKey::new_default(&mut rng); let s2k = StringToKey::new_default(&mut rng);
let builder: MessageBuilder<'_> = MessageBuilder::from_bytes("", plain); let builder = MessageBuilder::from_bytes("", plain);
let mut builder = builder.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM); let mut builder = builder.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM);
builder.encrypt_with_password(s2k, &passphrase)?; builder.encrypt_with_password(s2k, &passphrase)?;
@@ -333,14 +336,15 @@ pub async fn symm_encrypt(passphrase: &str, plain: Vec<u8>) -> Result<String> {
.await? .await?
} }
/// Symmetric encryption. /// Symmetrically encrypt the message to be sent into a broadcast channel.
/// `shared secret` is the secret that will be used for symmetric encryption.
pub async fn encrypt_for_broadcast( pub async fn encrypt_for_broadcast(
plain: Vec<u8>, plain: Vec<u8>,
passphrase: &str, shared_secret: &str,
private_key_for_signing: SignedSecretKey, private_key_for_signing: SignedSecretKey,
compress: bool, compress: bool,
) -> Result<String> { ) -> Result<String> {
let passphrase = Password::from(passphrase.to_string()); let shared_secret = Password::from(shared_secret.to_string());
tokio::task::spawn_blocking(move || { tokio::task::spawn_blocking(move || {
let msg = MessageBuilder::from_bytes("", plain); let msg = MessageBuilder::from_bytes("", plain);
@@ -357,7 +361,7 @@ pub async fn encrypt_for_broadcast(
AeadAlgorithm::Ocb, AeadAlgorithm::Ocb,
ChunkSize::C8KiB, ChunkSize::C8KiB,
); );
msg.encrypt_with_password(&mut rng, s2k, &passphrase)?; msg.encrypt_with_password(&mut rng, s2k, &shared_secret)?;
msg.sign(&*private_key_for_signing, Password::empty(), HASH_ALGORITHM); msg.sign(&*private_key_for_signing, Password::empty(), HASH_ALGORITHM);
if compress { if compress {

1
src/securejoin/bob.rs
View File

@@ -71,6 +71,7 @@ pub(super) async fn start_protocol(context: &Context, invite: QrInvite) -> Resul
let mut msg = Message { let mut msg = Message {
viewtype: Viewtype::Text, viewtype: Viewtype::Text,
// TODO I may want to make this generic also for group/contacts
text: "Secure-Join: vb-request-v2".to_string(), text: "Secure-Join: vb-request-v2".to_string(),
hidden: true, hidden: true,
..Default::default() ..Default::default()