[RCD] Enigma hybrid decryption

Kyle Francis franck6 at rpi.edu
Tue Aug 30 21:08:12 CEST 2016

On 08/30/2016 01:52 PM, A.L.E.C wrote:
> On 08/30/2016 03:53 PM, Kyle Francis wrote:
>> So I'm mostly finished with the implementation of the hybrid decryption
>> model.  So far I have the following working:
>> enigma.js calls a mailvelope API I added for decrypting session key out
>> of a PGP message
>>    - decrypted session key and PGP message get posted (over https) back
>> to the enigma plugin
>> enigma.php catches posted data and decrypts PGP message with session key
> You post the message body? I thought you'd post only the session-key. We
> can get the body from IMAP, so I wouldn't post it.
I was going to only post the session-key, but I have been unable to find 
how to locate the message after I post the session-key back to 
enigma.php.  I would need the messages UID to pull from IMAP, correct?  
I could post that back with the session-key as that is available in 
enigma.js via rcmail.env.uid
>>    - modified Crypt_GPG to additionally utilize GPG's
>> "--override-session-key"
> This calls for a PR to Crypt_GPG library.
Will do!
>> So I can write the decrypted email to a file on the server, but I'd like
>> to replace the body of the email and reload.  When doing this while
>> decrypting S/MIME it was simple since the replacing occurred before the
>> message was completely loaded and rendered out as html.
>> Is there any way to replace the body (and subsequently parse the body
>> structure) after all the plugin hooks have run?  I tried calling
>> exec_hook for message_part_body, but as far as I can tell I would need
>> to pass the rcube_message object as an argument to do this but I don't
>> have access to it.
> I think it should go through the message parser. So, load the message as
> before with all enigma's hooks parsing the message but where decryption
> is supposed to be executed use the session-key instead of key/password.
> I suppose you'd have to store the session-key in Roundcube session for
> some time, as we normally do with private keys passwords.
How do I 'load the message as before'?  The first time it is loaded is 
by selecting the message from the inbox.  If I post back the session-key 
and message UID, can I go about 're-loading' the message and then have 
access to the plugin hooks and message parser?


More information about the dev mailing list