On 01/12/2016 03:15 PM, Владимир Горпенко wrote:
I fluently saw enigma_driver.php. If I correctly understand, you suggest to make the driver for S/MIME.
I have some questions.
- Processing of the message is entirely made in memory? And if message
is very big? Is ciphered and subscribes not only the text of the message, but also the attached files.
Yes. In case of plain text messages. For messages with mime structure we load one encrypted part at a time. Parsing big plain text messages using temp files is planned for future.
- php openssl works with private keys and certificates. And the driver
receives only keys. Whether it is possible to build in this scheme work with certificates?
Sorry, I don't have enough knowledge about S/MIME yet to provide help here.
- The certificate can be attached to the received message. It can be
kept by the recipient for further use. It can be done in the existing scheme?
We already have handling of attached public keys so you can import them on request, but we probably need to implement use of them for decryption of the same message.
There's currently no option to attach a key to messages being sent.
- The certificate attached to the signed message can be invalid or not
entrusted. For verification of the power of attorney of the certificate the base of the entrusted CA is necessary. It can be realized in the driver?
Well, probably some changes will be needed, but PGP keys can also be entrusted or invalid or expired, etc. Not all is implemented yet.