Encryption

on this page thoughts about the development of an encryption plugin will be shared.

quick brainstorming (jonas): see ​RoundCube-Dev Thread for discussion on the mailinglist.

• add some abstraction layer to support several implementations of gnupg key management
  • possible drivers:
    • server side key storage (either use gnupg binary or the php pecl gnupg library)
    • client side key storage (using FireGPG)
    • maybe even other encryption systems, i.e. s/mime
• list of essential functions:
  • encrypt(text, keys): encrypt text for public keys
  • decrypt(text): decrypt text with appropriate private key
  • sign(text, privatekey): sign text with private key
  • verify(text): verify
  • import_key(text): import keys
• list of additional useful functions:
  • export_key(key): export public key
  • export_priv_key(key): export private key
  • signandencrypt(text, keys, privatekey): sign with private key and encrypt for public keys
  • del_key(key): delete public key
  • del_priv_key(privatekey): delete private key
  • edit_priv_key(privatekey): edit private key
  • list_keys(): list all public keys
  • list_priv_keys(): list all private keys
  • gen_priv_key(): generate new private key
  • get_key(email/keyid): get a new public key
• for mail layer:
  • decrypt inline encrypted mails
  • decrypt openpgp/mime encrypted mails
  • verify inline signed mails
  • verify opengpg/mime signed mails
  • encrypt and/or sign outgoing mails with opengpg/mime standard
  • encrypt and/or sign outgoing mails inline
  • We need to handle attachements too !

• storage interface(?): Interface to keys implemented by drivers
  • encrypt(text,keys)
  • decrypt(text, passphrase_callback)
  • sign(text,keys,passphrase_callback)
  • verify(text)

• for server side storage:
  • create gnupg home directories with pubring.gpg and secring.gpg for every single user
  • pass $GNUGPGHOME to gnupg/gpgme library according to roundcube user
  • requirement to give read+write access to webserver user to all gnupg home directories
  • maybe maintain a mysql database with all keys, fingerprints etc to detect manipulated key data in the keyrings.
  • public keys retrieval - ldap, keyserver lookup, database

• additional useful user settings/options:
  • default private key to sign mails
  • default public key to encrypt mails for in addition to recipient keys (i.e. own key)
  • default (sign y/n; encrypt y/n) for new mails
  • default for replies to signed and/or encrypted mails
  • default for replies to unsigned and unencrypted mails

• additional useful global settings/options:
  • backend plugin(s)
  • ldap servers and query method
  • keyservers
  • default public key to encrypt mails for in addition to recipient keys (i.e. escrow)

• To check
  • We need a mime parser and a mime generator to works with OpenPGP/Mime. Is roundcube's class usable for that ?

• Ressources
  • Parameters for GnuPG: Here is how FireGPG works: ​http://svn.getfiregpg.org/filedetails.php?repname=FireGPG&path=%2Fcontent%2FCore%2Fcgpgaccess.js
  • Inline and mime detector: ​http://svn.getfiregpg.org/filedetails.php?repname=FireGPG&path=%2Fcontent%2FMime%2Fdecoder.js
  • FireGPG's source: ​http://svn.getfiregpg.org/listing.php?repname=FireGPG
  • Enigmail's source: ​http://www.mozilla-enigmail.org/download/source/enigmail-0.96.0.tar.gz
  • OpenPGP/Mime RFC: ​http://www.mhonarc.org/~ehood/MIME/rfc3156.txt

please extend this design draft with your thoughts ...