Broadcast-securejoin is working!!

Author: Hocuri

deltachat-jsonrpc/src/api/types/qr.rs

@@ -45,6 +45,8 @@ pub enum QrObject {
         /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
 
+        authcode: String,
+
         /// The secret shared between all members,
         /// used to symmetrically encrypt&decrypt messages.
         shared_secret: String,
@@ -227,6 +229,7 @@ impl From<Qr> for QrObject {
                 grpid,
                 contact_id,
                 fingerprint,
+                authcode,
                 shared_secret,
             } => {
                 let contact_id = contact_id.to_u32();
@@ -236,6 +239,7 @@ impl From<Qr> for QrObject {
                     grpid,
                     contact_id,
                     fingerprint,
+                    authcode,
                     shared_secret,
                 }
             }

src/chat.rs

@@ -42,9 +42,9 @@ use crate::smtp::send_msg_to_smtp;
 use crate::stock_str;
 use crate::sync::{self, Sync::*, SyncData};
 use crate::tools::{
-    IsNoneOrEmpty, SystemTime, buf_compress, create_broadcast_shared_secret, create_id,
-    create_outgoing_rfc724_mid, create_smeared_timestamp, create_smeared_timestamps, get_abs_path,
-    gm2local_offset, smeared_time, time, truncate_msg_text,
+    IsNoneOrEmpty, SystemTime, buf_compress, create_id, create_outgoing_rfc724_mid,
+    create_smeared_timestamp, create_smeared_timestamps, get_abs_path, gm2local_offset,
+    smeared_time, time, truncate_msg_text,
 };
 use crate::webxdc::StatusUpdateSerial;
 use crate::{chatlist_events, imap};
@@ -1624,6 +1624,18 @@ impl Chat {
         self.typ == Chattype::Mailinglist
     }
 
+    /// Returns true if chat is an outgoing broadcast channel.
+    pub fn is_out_broadcast(&self) -> bool {
+        self.typ == Chattype::OutBroadcast
+    }
+
+    /// Returns true if the chat is a broadcast channel,
+    /// regardless of whether self is on the sending
+    /// or receiving side.
+    pub fn is_any_broadcast(&self) -> bool {
+        matches!(self.typ, Chattype::OutBroadcast | Chattype::InBroadcast)
+    }
+
     /// Returns None if user can send messages to this chat.
     ///
     /// Otherwise returns a reason useful for logging.
@@ -1710,7 +1722,7 @@ impl Chat {
         match self.typ {
             Chattype::Single | Chattype::OutBroadcast | Chattype::Mailinglist => Ok(true),
             Chattype::Group => is_contact_in_chat(context, self.id, ContactId::SELF).await,
-            Chattype::InBroadcast => Ok(false),
+            Chattype::InBroadcast => Ok(true),
         }
     }
 
@@ -2903,13 +2915,18 @@ async fn prepare_send_msg(
         CantSendReason::ProtectionBroken | CantSendReason::ContactRequest => {
             // Allow securejoin messages, they are supposed to repair the verification.
             // If the chat is a contact request, let the user accept it later.
+
             msg.param.get_cmd() == SystemMessage::SecurejoinMessage
         }
         // Allow to send "Member removed" messages so we can leave the group/broadcast.
         // Necessary checks should be made anyway before removing contact
         // from the chat.
-        CantSendReason::NotAMember | CantSendReason::InBroadcast => {
-            msg.param.get_cmd() == SystemMessage::MemberRemovedFromGroup
+        CantSendReason::NotAMember => msg.param.get_cmd() == SystemMessage::MemberRemovedFromGroup,
+        CantSendReason::InBroadcast => {
+            matches!(
+                msg.param.get_cmd(),
+                SystemMessage::MemberRemovedFromGroup | SystemMessage::SecurejoinMessage
+            )
         }
         CantSendReason::MissingKey => msg
             .param
@@ -3685,7 +3702,7 @@ pub async fn create_group_chat(
 /// Returns the created chat's id.
 pub async fn create_broadcast(context: &Context, chat_name: String) -> Result<ChatId> {
     let grpid = create_id();
-    let secret = create_broadcast_shared_secret();
+    let secret = create_id();
     create_broadcast_ex(context, Sync, grpid, chat_name, secret).await
 }
 
@@ -3748,6 +3765,35 @@ pub(crate) async fn create_broadcast_ex(
     Ok(chat_id)
 }
 
+pub(crate) async fn load_broadcast_shared_secret(
+    context: &Context,
+    chat_id: ChatId,
+) -> Result<Option<String>> {
+    Ok(context
+        .sql
+        .query_get_value(
+            "SELECT secret FROM broadcasts_shared_secrets WHERE chat_id=?",
+            (chat_id,),
+        )
+        .await?)
+}
+
+pub(crate) async fn save_broadcast_shared_secret(
+    context: &Context,
+    chat_id: ChatId,
+    shared_secret: &str,
+) -> Result<()> {
+    context
+        .sql
+        .execute(
+            "INSERT INTO broadcasts_shared_secrets (chat_id, secret) VALUES (?, ?)
+                    ON CONFLICT(chat_id) DO UPDATE SET secret=excluded.chat_id",
+            (chat_id, shared_secret),
+        )
+        .await?;
+    Ok(())
+}
+
 /// Set chat contacts in the `chats_contacts` table.
 pub(crate) async fn update_chat_contacts_table(
     context: &Context,

src/chat/chat_tests.rs

@@ -7,6 +7,7 @@ use crate::imex::{ImexMode, has_backup, imex};
 use crate::message::{MessengerMessage, delete_msgs};
 use crate::mimeparser::{self, MimeMessage};
 use crate::receive_imf::receive_imf;
+use crate::securejoin::get_securejoin_qr;
 use crate::test_utils::{
     AVATAR_64x64_BYTES, AVATAR_64x64_DEDUPLICATED, TestContext, TestContextManager,
     TimeShiftFalsePositiveNote, sync,
@@ -2896,11 +2897,13 @@ async fn test_broadcast_channel_protected_listid() -> Result<()> {
     let mut tcm = TestContextManager::new();
     let alice = &tcm.alice().await;
     let bob = &tcm.bob().await;
-    let alice_bob_contact_id = alice.add_or_lookup_contact_id(bob).await;
 
     tcm.section("Create a broadcast channel with Bob, and send a message");
     let alice_chat_id = create_broadcast(alice, "My Channel".to_string()).await?;
-    add_contact_to_chat(alice, alice_chat_id, alice_bob_contact_id).await?;
+
+    let qr = get_securejoin_qr(alice, Some(alice_chat_id)).await.unwrap();
+    tcm.exec_securejoin_qr(bob, alice, &qr).await;
+
     let mut sent = alice.send_text(alice_chat_id, "Hi somebody").await;
 
     assert!(!sent.payload.contains("List-ID"));

src/mimefactory.rs

@@ -13,7 +13,7 @@ use tokio::fs;
 
 use crate::aheader::{Aheader, EncryptPreference};
 use crate::blob::BlobObject;
-use crate::chat::{self, Chat};
+use crate::chat::{self, Chat, load_broadcast_shared_secret};
 use crate::config::Config;
 use crate::constants::ASM_SUBJECT;
 use crate::constants::{Chattype, DC_FROM_HANDSHAKE};
@@ -226,6 +226,9 @@ impl MimeFactory {
 
             // Do not encrypt messages to mailing lists.
             encryption_keys = None;
+        } else if chat.is_out_broadcast() {
+            // Encrypt, but only symmetrically, not with the public keys.
+            encryption_keys = Some(Vec::new());
         } else {
             let email_to_remove = if msg.param.get_cmd() == SystemMessage::MemberRemovedFromGroup {
                 msg.param.get(Param::Arg)
@@ -541,8 +544,10 @@ impl MimeFactory {
             //   messages are auto-sent unlike usual unencrypted messages.
             step == "vg-request-with-auth"
                 || step == "vc-request-with-auth"
+                || step == "vb-request-with-auth"
                 || step == "vg-member-added"
                 || step == "vc-contact-confirm"
+            // TODO possibly add vb-member-added here
         }
     }
 
@@ -1118,21 +1123,15 @@ impl MimeFactory {
             };
 
             let symmetric_key: Option<String> = match &self.loaded {
-                Loaded::Message { chat, .. } if chat.typ == Chattype::OutBroadcast => {
+                Loaded::Message { chat, .. } if chat.is_any_broadcast() => {
                     // If there is no symmetric key yet
                     // (because this is an old broadcast channel,
                     // created before we had symmetric encryption),
                     // we just encrypt asymmetrically.
                     // Symmetric encryption exists since 2025-08;
                     // some time after that, we can think about requiring everyone
                     // to switch to symmetrically-encrypted broadcast lists.
-                    context
-                        .sql
-                        .query_get_value(
-                            "SELECT secret FROM broadcasts_shared_secrets WHERE chat_id=?",
-                            (chat.id,),
-                        )
-                        .await?
+                    load_broadcast_shared_secret(context, chat.id).await?
                 }
                 _ => None,
             };
@@ -1489,7 +1488,10 @@ impl MimeFactory {
                     let param2 = msg.param.get(Param::Arg2).unwrap_or_default();
                     if !param2.is_empty() {
                         headers.push((
-                            if step == "vg-request-with-auth" || step == "vc-request-with-auth" {
+                            if step == "vg-request-with-auth"
+                                || step == "vc-request-with-auth"
+                                || step == "vb-request-with-auth"
+                            {
                                 "Secure-Join-Auth"
                             } else {
                                 "Secure-Join-Invitenumber"

src/qr.rs

@@ -96,6 +96,8 @@ pub enum Qr {
 
         fingerprint: Fingerprint,
 
+        authcode: String,
+
         shared_secret: String,
     },
 
@@ -396,7 +398,7 @@ pub fn format_backup(qr: &Qr) -> Result<String> {
 
 /// scheme: `OPENPGP4FPR:FINGERPRINT#a=ADDR&n=NAME&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=GROUPNAME&x=GROUPID&i=INVITENUMBER&s=AUTH`
-///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=BROADCAST_NAME&x=BROADCAST_ID&b=BROADCAST_SHARED_SECRET`
+///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=BROADCAST_NAME&x=BROADCAST_ID&s=AUTH&b=BROADCAST_SHARED_SECRET`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR`
 async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
     let payload = qr
@@ -474,7 +476,9 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
         None
     };
 
-    if let (Some(addr), Some(invitenumber), Some(authcode)) = (&addr, invitenumber, authcode) {
+    if let (Some(addr), Some(invitenumber), Some(authcode)) =
+        (&addr, invitenumber, authcode.clone())
+    {
         let addr = ContactAddress::new(addr)?;
         let (contact_id, _) = Contact::add_or_lookup_ex(
             context,
@@ -545,8 +549,13 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
                 authcode,
             })
         }
-    } else if let (Some(addr), Some(broadcast_name), Some(grpid), Some(shared_secret)) =
-        (&addr, grpname, grpid, broadcast_shared_secret)
+    } else if let (
+        Some(addr),
+        Some(broadcast_name),
+        Some(grpid),
+        Some(authcode),
+        Some(shared_secret),
+    ) = (&addr, grpname, grpid, authcode, broadcast_shared_secret)
     {
         // This is a broadcast channel invite link.
         // TODO code duplication with the previous block
@@ -567,6 +576,7 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
             grpid,
             contact_id,
             fingerprint,
+            authcode,
             shared_secret,
         })
     } else if let Some(addr) = addr {

src/receive_imf.rs

@@ -43,7 +43,7 @@ use crate::securejoin::{self, handle_securejoin_handshake, observe_securejoin_on
 use crate::simplify;
 use crate::stock_str;
 use crate::sync::Sync::*;
-use crate::tools::{self, buf_compress, create_broadcast_shared_secret, remove_subject_prefix};
+use crate::tools::{self, buf_compress, create_id, remove_subject_prefix};
 use crate::{chatlist_events, ensure_and_debug_assert, ensure_and_debug_assert_eq, location};
 use crate::{contact, imap};
 
@@ -1543,7 +1543,7 @@ async fn do_chat_assignment(
                         } else {
                             let name =
                                 compute_mailinglist_name(mailinglist_header, &listid, mime_parser);
-                            let secret = create_broadcast_shared_secret();
+                            let secret = create_id();
                             chat::create_broadcast_ex(context, Nosync, listid, name, secret).await?
                         },
                     );