On 06/26/2016 01:47 AM, Kyle Francis wrote:
I hit a road block and I've kind of been putting off finishing up the SMIME support because of it. I originally didn't have a password protected private keys for testing purposes, but have now added that. Prior to that signing and decrypting worked just fine. Now with the password, I can get Enigma to prompt for the password if it's not cached for signing outgoing (in the compose task) but I'm not able to figure out how to get it to prompt for the password from the inbox task when attempting to decrypt a message. If the password is cached the message decrypts perfectly.
The result of decryption is handled in enigma_ui::status_message() method (https://github.com/roundcube/roundcubemail/blob/master/plugins/enigma/lib/en...).
So, we prompt for password when $engine->decryptions array contains enigma_error object for specified message part. The code of the error should be enigma_error::BADPASS. In this case it is important which message part ID you're using.
The same applies for when you reply to an encrypted message. See enigma_ui::message_compose(). Here we also use $engine->decryptions property, but here the part ID is irrelevant.
How we set $decryptions property you can see for example in enigma_engine::parse_plain_encrypted() and enigma_driver_gnupg::get_error_from_exception().
On 2016-06-26 09:23, A.L.E.C wrote:
On 06/26/2016 01:47 AM, Kyle Francis wrote:
I hit a road block and I've kind of been putting off finishing up the SMIME support because of it. I originally didn't have a password protected private keys for testing purposes, but have now added that. Prior to that signing and decrypting worked just fine. Now with the password, I can get Enigma to prompt for the password if it's not cached for signing outgoing (in the compose task) but I'm not able to figure out how to get it to prompt for the password from the inbox task when attempting to decrypt a message. If the password is cached the message decrypts perfectly.
The result of decryption is handled in enigma_ui::status_message() method (https://github.com/roundcube/roundcubemail/blob/master/plugins/enigma/lib/en...).
So, we prompt for password when $engine->decryptions array contains enigma_error object for specified message part. The code of the error should be enigma_error::BADPASS. In this case it is important which message part ID you're using.
The same applies for when you reply to an encrypted message. See enigma_ui::message_compose(). Here we also use $engine->decryptions property, but here the part ID is irrelevant.
How we set $decryptions property you can see for example in enigma_engine::parse_plain_encrypted() and enigma_driver_gnupg::get_error_from_exception().
Alec,
Thanks for the guidance. I was putting the enigma_error::BADPASS into the $engine->decryptions array, but thanks to your advise I found that the enigma_ui::find_part_id call in enigma_ui::status_message is not returning the expected result, since S/MIME messages are formatted differently than PGP ones. I'm working on adding some logic to the enigma_ui::find_part_id function to detect and handle SMIME formatted messages. Hopefully that will work out!
-Kyle
On 06/27/2016 06:42 PM, Kyle Francis wrote:
I'm working on adding some logic to the enigma_ui::find_part_id function to detect and handle SMIME formatted messages. Hopefully that will work out!
Hmm... this is a simple method, I'd say you probably should rather modify the code that sets $decryptions property.
On 2016-06-27 12:52, A.L.E.C wrote:
On 06/27/2016 06:42 PM, Kyle Francis wrote:
I'm working on adding some logic to the enigma_ui::find_part_id function to detect and handle SMIME formatted messages. Hopefully that will work out!
Hmm... this is a simple method, I'd say you probably should rather modify the code that sets $decryptions property.
Didn't end up needing to modify that function. It turns out I wasn't passing all the information needed in my enigma_error from enigma_driver_phpssl::decrypt. Also, SMIME encrypted messages are attachments, vice inline so there was some fudging with that.
On 06/28/2016 07:47 AM, Kyle Francis wrote:
Didn't end up needing to modify that function. It turns out I wasn't passing all the information needed in my enigma_error from enigma_driver_phpssl::decrypt. Also, SMIME encrypted messages are attachments, vice inline so there was some fudging with that.
Yup. As you can see in parse_encrypted() and parse_pgp_encrypted() PGP/MIME also uses an attachment part for encrypted body. I think this is pretty the same as in S/MIME.
-
A.L.E.C -
Kyle Francis