Add a config option to sign all messages with Autocrypt header (#3986)

Although it does a little for security, it will help to protect from unwanted server-side modifications and bugs. And now we have a time to test "multipart/signed" messages compatibility with other MUAs.
2026-04-27 02:16:29 +03:00 · 2023-02-18 23:08:10 -03:00
parent 89696582ad
commit d1923d68a5
5 changed files with 154 additions and 2 deletions
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -262,6 +262,20 @@ pub async fn pk_encrypt(
        .await?
 }

+/// Signs `plain` text using `private_key_for_signing`.
+pub fn pk_calc_signature(
+    plain: &[u8],
+    private_key_for_signing: &SignedSecretKey,
+) -> Result<String> {
+    let msg = Message::new_literal_bytes("", plain).sign(
+        private_key_for_signing,
+        || "".into(),
+        Default::default(),
+    )?;
+    let signature = msg.into_signature().to_armored_string(None)?;
+    Ok(signature)
+}
+
 /// Decrypts the message with keys from the private key keyring.
 ///
 /// Receiver private keys are provided in