------ Исходное сообщение ------ От: "A.L.E.C" alec@alec.pl Кому: dev@lists.roundcube.net Отправлено: 10.01.2016 13:03:12 Тема: Re: [RCD] S/MIME encryption and signing plugin
On 01/09/2016 11:03 AM, Владимир Горпенко wrote:
Soon I will begin work with the Rcube 1.2 version.
As as I understand, in this version essential changes for encryption of mail are made, I would be very grateful to receive recommendations about application of my algorithms in the new RCube version.
Yes. In 1.2 you have all parts needed for encryption already implemented. The Enigma plugin which implements PGP is prepared to provide also S/MIME encryption in the future. So, the best would be to focus on integrating your code with Enigma.
I don't know, whether it is correct to connect both ways of encryption in one plug-in. Solve it you. But I needed to receive the working plug-in in short terms. I am afraid if I built in my development into Enigma, we now just would agree.
Understand me correctly. I do my work and I need encryption of mail. Unfortunately, it appeared that the fastest way to receive it is to write myself. I wrote. Of course, it would be very good that the plugin worked with standard rcube versions. It would be useful also for me and other users.
But to deal with the Enigma as I dealt with some parts of rcube and to build in my development an Enigma are more than that I am able to afford. I very much respect work of those who does plug-ins for general use. But itself I can participate in this process only restrictedly.
I think, 90% of my texts are repeated that you already made for PGP encryption. If it is about sharing experience of transformation of the message from the S/MIME encryption form to decrypted and back, I am ready to make it and to offer code samples. Certainly, the same belongs and to signing of messages.
Also, if the rcube developers accept my changes in the text of the program or will offer similar, smime_crypto can be used by users of version 1.1.3 +. As I see, the line 1.1 continues to be supported and, therefore, changes can be made.
It is to be decided if we want a separate interface to manage certificates or to store/display them on the same list with PGP keys. Anyway, some UI work will be needed.
I think that management of certificates and keys has to be allocated in the separate module or management of certificates and keys has to provide many possible options. Different users can are need different options: storage on the LDAP server, in SQL base or is simple in files. Also management of certificates and keys can be transferred to users or is made the centralized. For example that option which I will do for myself, will be so specific that I won't even offer it to anybody.
But that option which I made now, has to be considered as the simple temporary option allowing to debug the main plug-in rather. Though it isn't excluded that to someone it can be sufficient.
UI, of course, should be done anyway. But at present I am able to do UI insufficiently.
The plugin code assumes certificates and keys can be handled in the same unified way, but I didn't yet try S/MIME much, so some modifications may be needed (to the key, subkey, userid, signature "interfaces").
It is just simple. There are only two types of data - the certificate and a private key. Formats of these data are standard and even not necessarily their nobility.)) There is one problem - safe storage of private keys. It can be solved differently. It is too the reason for allocation of management of certificates and keys in the separate module.
Most important places to take a look:
- enigma_engine and enigma_ui - The engine will need some small changes
- enigma_driver_phpssl - S/MIME driver complete implementation (the is
the only place in enigma classes where openssl functions should be used)
- enigma_mime_message - Mail_mime wrapper where encrypted/signed
messages are created - needed code to build S/MIME messages.
Sorry, Alexander! I think that it isn't enough to study only those places where the new code is directly built in. It is necessary to know the general structure and functioning of an Enigma. And for this purpose it is necessary to study some thousands of lines of a code of which it consists. I can't make it.
I was also so already strongly beaten out from the schedule. Besides, there are many of different tasks in which I have to be engaged.
Best regards Vladimir