GnuPG/PGP Support

[nobody]

This would be a nice feature, altough it could probably
only be implemented on Unix/Linux boxes.

[arlolra]

hello roundcubemail,

is anyone working on this? if not, would you like me to give it a try?

be well,
arlo

[beni]

I want to drop a "vote in" for this.

I think it would be good, to implement a config option to give the path to the gnupg binary.
This way it should be possible to get this to fly even with windows servers.

The only problem i see is, how the users private key can be securely stored.
It should, however, at least be possible to send encrypted mails without security concerns.

[beni]

There is a PEAR proposal for PGP support: ​http://pear.php.net/pepr/pepr-proposal-show.php?id=229

maybe we can work on this, so others may benefit too.

[Natureshadow]

I think that one special aspect would be a great thing.

When I used SquirrelMail? (before I switched to RCMail), I had a hard time keeping GPG keyrings in ~username/.gnupg in sync with what SquirrelMail? used. So it would be nice if RCMail could look for a keyring (as well private as public) in this place on Unix/Linux?, and in C:\Documents And Settings\username\Application Data\.gnupg on Windows.

[the_glu]

For information, I'm working on it :)

[seansan]

glu, moved to 0.1.5

[seansan]

​http://trac.roundcube.net/ticket/1483818

[AlfonsName]

I'd also like vote for it.
@the_glu: thanks for working at this.

I've just checked out 0.2-alpha.
How far has this progressed? Is it targeted for the 0.2 release already?

[codesurgeon]

... and one "vote" from me. :-)

[the_glu]

I some system who works, but I have a lot of things to do ;).

I'm asking me if I should wait for the plugin api before continue my implementation..

Curently the option pane is fully working (key's list, key import, usage of firegpg or gnupg on the server)

[the_glu]

"I some system who works, but I have a lot of things to do ;). "

-> "I have some code who works, but I have a lot of things to do ;). "

[bennibu]

and one vote from me...

@the_glu: I would like to test your code. Mabey you can attach a patch or something?

[darklight]

it seems that there's been no activity on this ticket recently.

as I'd also like to see roundcube supporting GPG/PGP I'd like to help developing this feature.
Unfortunately I'm very new to roundcube's code so I'm pretty lost in it at the moment

maybe someone who is more familiar could help me a bit - for example by writing some dummy helper functions (and moving them to the correct place)
e.g. we need some method for decrypting the message
now it would be really nice (and a big help for me) if someone could write a method called decryptMessage() (or something like this) and just make it return "Sorry, but this mail is encrypted, but RoundCube can't display encrypted mails yet!"

Little note: I'll use php's GnuPG library in my code: ​http://www.php.net/manual/en/function.gnupg-sign.php

Regards,
"darklight"

[the_glu]

I'm waiting for the plugin api to continue my work, that why there are no activity ;)

[darklight]

@the_glu: nice, I didn't know this

Are there any particular features in the plugin API that you are missing?
maybe some others could help contributing this part :)

also do you need any help writing your plugin?

Oh and I have a question to you (the_glu): what php library are you using in your plugin?
maybe we can team up and discuss all possible libraries and choose the best one for roundcube

Regards,
darklight

[the_glu]

Are there any particular features in the plugin API that you are missing?

Yes, the whole plugin API :]

And for the library : I'm the author of FireGPG, so I have my libraries in javascript. It's won't take time to adapt them. And I want to add a gnupg support on both side, server and client (with Firegpg), so it's will be good to have the same library on both sides ;)

Regards,

[adrian]

My vote goes for this feature as well. It would be great to have it in 0.4.

[old-admin]

I would like to add my 2 cents worth for PGP.

We moved from SquirrelMail? to RoundCube a few weeks ago, and think its excellent. However, users are inclined to use Thunderbird/Mozilla? etali, because Enigmail provides the PGP functionality that they use.

Thus I would like to like to express my support for PGP support. Ideally this could include the ability to import keys and maybe even create keys (if the backend is trusted). There is no reliance on Linux because SSH keys can be easily created with putty (putty-gen). Putty is often used by most Windows users to connect with SSH servers. (Cygwin can also be used).

I consider PGP to be a killer feature along with Global IMAP folders and a User administration interface.

[voidzero]

This should be given top priority, imho. There are days like these when I wish I were a programmer.

[alec]

Work in progress ​http://trac.roundcube.net/browser/trunk/plugins/enigma

[mickeyc]

I'd really like to see this built into RoundCube too. Ideally it would be possible to just use my keys from ~/.gnupg/

[rediculum]

Replying to mickeyc:

I'd really like to see this built into RoundCube too. Ideally it would be possible to just use my keys from ~/.gnupg/

Symlink ../plugins/enigma/home/user@localhost -> /home/user/.gnupg and grant webserver's user to access the files and folder.
But this is IMO very dangerous. If there is a leak in the code, an attacker could access ALL your GPG keys. With a dedicated folder like enigma is using in ./home/user@localhost/ you only import and use specific keys.

[mickeyc]

Replying to rediculum:

Symlink ../plugins/enigma/home/user@localhost -> /home/user/.gnupg and grant webserver's user to access the files and folder.
But this is IMO very dangerous. If there is a leak in the code, an attacker could access ALL your GPG keys. With a dedicated folder like enigma is using in ./home/user@localhost/ you only import and use specific keys.

You're right of course. Does enigma store my private key password protected?

[beli.sk]

Replying to rediculum:

Symlink ../plugins/enigma/home/user@localhost -> /home/user/.gnupg and grant webserver's user to access the files and folder.
But this is IMO very dangerous. If there is a leak in the code, an attacker could access ALL your GPG keys. With a dedicated folder like enigma is using in ./home/user@localhost/ you only import and use specific keys.

Hi,
Anyway, giving web server access to users' private keys is a REALLY bad idea. Have you considered using gpg-agent for example?

Beli

[kluner]

I would love GPG/PGP in roundcube.

as for key-storage: why not in a .gpg directory/folder inside IMAP? That eliminates the risk that a leak in the code could allow access to all keys of all users, since roundcube never gains access to IMAP without the user's credentials.

[mejo]

Alec, one of the main roundcube developers, added a preliminary 'enigma' plugin to the roundcube SVN trunk many months ago. Most of the design/UI work and core features seem to be done. In the announcement mail to roundcube-dev (​http://lists.roundcube.net/mail-archive/dev/2010-08/0000106.html) he asked for help because "it's to much work for one person".

If you're interested in a working GnuPG/PGP plugin for roundcube and capable of coding PHP, you might want to check out the plugin at ​https://svn.roundcube.net/trunk/plugins/enigma/ and help with the development.

[rediculum]

The repository has been removed since May 1. Is there another one still in work progress?

[alec]

We're on github now: ​https://github.com/roundcube/roundcubemail/

[qnrq]

They're here...

Please find the following discussion on the mailing list: ​http://lists.roundcube.net/pipermail/dev/2013-January/022123.html

It includes all cool links to the release announcement with a demonstrative video and listed issues to fix before the implementation goes stable.

Much love and many fluffy bunnies,

/qnrq

[rediculum]

Replying to qnrq:

They're here...

Please find the following discussion on the mailing list: ​http://lists.roundcube.net/pipermail/dev/2013-January/022123.html

It includes all cool links to the release announcement with a demonstrative video and listed issues to fix before the implementation goes stable.

Much love and many fluffy bunnies,

/qnrq

Sounds interesting.
I unzipped your plugin in the ./plugins directory and named the folder as the php file. I added the name to the plugins array in main.inc.php but I don't see anything and "About" does not show up your plugin.

[qnrq]

Replying to rediculum:

Replying to qnrq:

They're here...

Please find the following discussion on the mailing list: ​http://lists.roundcube.net/pipermail/dev/2013-January/022123.html

It includes all cool links to the release announcement with a demonstrative video and listed issues to fix before the implementation goes stable.

Much love and many fluffy bunnies,

/qnrq

Sounds interesting.
I unzipped your plugin in the ./plugins directory and named the folder as the php file. I added the name to the plugins array in main.inc.php but I don't see anything and "About" does not show up your plugin.

"openpgpjs" in the plugins array in main.inc.php, plugins/openpgpjs/:

$ ls plugins/openpgpjs
README.md css img js openpgpjs.php

Roundcube 0.8.4? Larry skin? Did you check compose and mail view? That's where the OpenPGP key manager icon resides.

I have no idea what "About" is or why it matters for anything to show there. Please specify.

I'm going to need more information about your environment if you have everything correct. Did you check your JavaScript? error console? What web browser? Roundcube version? Etc. etc. etc. etc.... Please fill me in on the mailing list, I don't want to spam this ticket with support :)