feat: temporarily disable OpenPGP recipient anonymization

Author: link2xt

src/e2ee.rs

@@ -46,14 +46,22 @@ impl EncryptHelper {
         keyring: Vec<SignedPublicKey>,
         mail_to_encrypt: MimePart<'static>,
         compress: bool,
+        anonymous_recipients: bool,
     ) -> Result<String> {
         let sign_key = load_self_secret_key(context).await?;
 
         let mut raw_message = Vec::new();
         let cursor = Cursor::new(&mut raw_message);
         mail_to_encrypt.clone().write_part(cursor).ok();
 
-        let ctext = pgp::pk_encrypt(raw_message, keyring, Some(sign_key), compress).await?;
+        let ctext = pgp::pk_encrypt(
+            raw_message,
+            keyring,
+            Some(sign_key),
+            compress,
+            anonymous_recipients,
+        )
+        .await?;
 
         Ok(ctext)
     }

src/mimefactory.rs

@@ -1178,11 +1178,28 @@ impl MimeFactory {
             let mut encryption_keyring = vec![encrypt_helper.public_key.clone()];
             encryption_keyring.extend(encryption_keys.iter().map(|(_addr, key)| (*key).clone()));
 
+            // Do not anonymize OpenPGP recipients.
+            //
+            // This is disabled to avoid interoperability problems
+            // with old core versions <1.160.0 that do not support
+            // receiving messages with wildcard Key IDs:
+            // <https://github.com/chatmail/core/issues/7378>
+            //
+            // The option should be changed to true
+            // once new core versions are sufficiently deployed.
+            let anonymous_recipients = false;
+
             // XXX: additional newline is needed
             // to pass filtermail at
             // <https://github.com/deltachat/chatmail/blob/4d915f9800435bf13057d41af8d708abd34dbfa8/chatmaild/src/chatmaild/filtermail.py#L84-L86>
             let encrypted = encrypt_helper
-                .encrypt(context, encryption_keyring, message, compress)
+                .encrypt(
+                    context,
+                    encryption_keyring,
+                    message,
+                    compress,
+                    anonymous_recipients,
+                )
                 .await?
                 + "\n";
 

src/pgp.rs

@@ -166,6 +166,7 @@ pub async fn pk_encrypt(
     public_keys_for_encryption: Vec<SignedPublicKey>,
     private_key_for_signing: Option<SignedSecretKey>,
     compress: bool,
+    anonymous_recipients: bool,
 ) -> Result<String> {
     Handle::current()
         .spawn_blocking(move || {
@@ -178,7 +179,11 @@ pub async fn pk_encrypt(
             let msg = MessageBuilder::from_bytes("", plain);
             let mut msg = msg.seipd_v1(&mut rng, SYMMETRIC_KEY_ALGORITHM);
             for pkey in pkeys {
-                msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
+                if anonymous_recipients {
+                    msg.encrypt_to_key_anonymous(&mut rng, &pkey)?;
+                } else {
+                    msg.encrypt_to_key(&mut rng, &pkey)?;
+                }
             }
 
             if let Some(ref skey) = private_key_for_signing {
@@ -434,6 +439,7 @@ mod tests {
 
     /// A ciphertext encrypted to Alice & Bob, signed by Alice.
     async fn ctext_signed() -> &'static String {
+        let anonymous_recipients = true;
         CTEXT_SIGNED
             .get_or_init(|| async {
                 let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
@@ -444,6 +450,7 @@ mod tests {
                     keyring,
                     Some(KEYS.alice_secret.clone()),
                     compress,
+                    anonymous_recipients,
                 )
                 .await
                 .unwrap()
@@ -453,14 +460,21 @@ mod tests {
 
     /// A ciphertext encrypted to Alice & Bob, not signed.
     async fn ctext_unsigned() -> &'static String {
+        let anonymous_recipients = true;
         CTEXT_UNSIGNED
             .get_or_init(|| async {
                 let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
                 let compress = true;
 
-                pk_encrypt(CLEARTEXT.to_vec(), keyring, None, compress)
-                    .await
-                    .unwrap()
+                pk_encrypt(
+                    CLEARTEXT.to_vec(),
+                    keyring,
+                    None,
+                    compress,
+                    anonymous_recipients,
+                )
+                .await
+                .unwrap()
             })
             .await
     }