[RCD] S/MIME encryption and signing plugin
vgo at stels.ru
Mon Jan 11 11:10:52 CET 2016
------ Исходное сообщение ------
От: "A.L.E.C" <alec �� alec.pl>
Кому: dev �� lists.roundcube.net
Отправлено: 10.01.2016 13:03:12
Тема: Re: [RCD] S/MIME encryption and signing plugin
>On 01/09/2016 11:03 AM, Владимир Горпенко wrote:
>> Soon I will begin work with the Rcube 1.2 version.
>> As as I understand, in this version essential changes for encryption
>> mail are made, I would be very grateful to receive recommendations
>> application of my algorithms in the new RCube version.
>Yes. In 1.2 you have all parts needed for encryption already
>implemented. The Enigma plugin which implements PGP is prepared to
>provide also S/MIME encryption in the future. So, the best would be to
>focus on integrating your code with Enigma.
I don't know, whether it is correct to connect both ways of encryption
in one plug-in. Solve it you.
But I needed to receive the working plug-in in short terms. I am afraid
if I built in my development into Enigma,
we now just would agree.
Understand me correctly. I do my work and I need encryption of mail.
Unfortunately, it appeared that the fastest way to receive it is to
I wrote. Of course, it would be very good that the plugin worked with
standard rcube versions. It would be useful also for me and other users.
But to deal with the Enigma as I dealt with some parts of rcube and to
build in my development an Enigma are more than that I am able to
I very much respect work of those who does plug-ins for general use. But
itself I can participate in this process only restrictedly.
I think, 90% of my texts are repeated that you already made for PGP
encryption. If it is about sharing experience of transformation of the
message from the S/MIME encryption form to decrypted and back, I am
ready to make it and to offer code samples. Certainly, the same belongs
and to signing of messages.
Also, if the rcube developers accept my changes in the text of the
program or will offer similar, smime_crypto can be used by users of
version 1.1.3 +. As I see, the line 1.1 continues to be supported and,
therefore, changes can be made.
>It is to be decided if we want a separate interface to manage
>certificates or to store/display them on the same list with PGP keys.
>Anyway, some UI work will be needed.
I think that management of certificates and keys has to be allocated in
the separate module or management of certificates and keys has to
provide many possible options. Different users can are need different
options: storage on the LDAP server, in SQL base or is simple in files.
Also management of certificates and keys can be transferred to users or
is made the centralized. For example that option which I will do for
myself, will be so specific that I won't even offer it to anybody.
But that option which I made now, has to be considered as the simple
temporary option allowing to debug the main plug-in rather. Though it
isn't excluded that to someone it can be sufficient.
UI, of course, should be done anyway. But at present I am able to do UI
>The plugin code assumes certificates and keys can be handled in the
>unified way, but I didn't yet try S/MIME much, so some modifications
>be needed (to the key, subkey, userid, signature "interfaces").
It is just simple. There are only two types of data - the certificate
and a private key. Formats of these data are standard and even not
necessarily their nobility.)) There is one problem - safe storage of
private keys. It can be solved differently. It is too the reason for
allocation of management of certificates and keys in the separate
>Most important places to take a look:
>- enigma_engine and enigma_ui - The engine will need some small changes
>- enigma_driver_phpssl - S/MIME driver complete implementation (the is
>the only place in enigma classes where openssl functions should be
>- enigma_mime_message - Mail_mime wrapper where encrypted/signed
>messages are created - needed code to build S/MIME messages.
I think that it isn't enough to study only those places where the new
code is directly built in. It is necessary to know the general structure
and functioning of an Enigma. And for this purpose it is necessary to
study some thousands of lines of a code of which it consists. I can't
I was also so already strongly beaten out from the schedule. Besides,
there are many of different tasks in which I have to be engaged.
More information about the dev