Enigma decryption password prompt

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Enigma decryption password prompt

Kyle Francis

I hit a road block and I've kind of been putting off finishing up the SMIME support because of it.  I originally didn't have a password protected private keys for testing purposes, but have now added that.  Prior to that signing and decrypting worked just fine.  Now with the password, I can get Enigma to prompt for the password if it's not cached for signing outgoing (in the compose task) but I'm not able to figure out how to get it to prompt for the password from the inbox task when attempting to decrypt a message.  If the password is cached the message decrypts perfectly. 

I tried looking at how this is handled for PGP encrypted messages but everything I've tried hasn't worked.  Any pointers at all would be appreciated. 

My repo is at https://github.com/guitarmanusa/roundcubemail-1 in the SMIME branch.

Thanks in advance.

Kyle


_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Enigma decryption password prompt

A.L.E.C
On 06/26/2016 01:47 AM, Kyle Francis wrote:
> I hit a road block and I've kind of been putting off finishing up the
> SMIME support because of it.  I originally didn't have a password
> protected private keys for testing purposes, but have now added that.
> Prior to that signing and decrypting worked just fine.  Now with the
> password, I can get Enigma to prompt for the password if it's not cached
> for signing outgoing (in the compose task) but I'm not able to figure
> out how to get it to prompt for the password from the inbox task when
> attempting to decrypt a message.  If the password is cached the message
> decrypts perfectly.

The result of decryption is handled in enigma_ui::status_message()
method
(https://github.com/roundcube/roundcubemail/blob/master/plugins/enigma/lib/enigma_ui.php#L773).

So, we prompt for password when $engine->decryptions array contains
enigma_error object for specified message part. The code of the error
should be enigma_error::BADPASS. In this case it is important which
message part ID you're using.

The same applies for when you reply to an encrypted message. See
enigma_ui::message_compose(). Here we also use $engine->decryptions
property, but here the part ID is irrelevant.

How we set $decryptions property you can see for example in
enigma_engine::parse_plain_encrypted() and
enigma_driver_gnupg::get_error_from_exception().

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer        [http://kolab.org]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl
_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Enigma decryption password prompt

Kyle Francis
On 2016-06-26 09:23, A.L.E.C wrote:

> On 06/26/2016 01:47 AM, Kyle Francis wrote:
>> I hit a road block and I've kind of been putting off finishing up the
>> SMIME support because of it.  I originally didn't have a password
>> protected private keys for testing purposes, but have now added that.
>> Prior to that signing and decrypting worked just fine.  Now with the
>> password, I can get Enigma to prompt for the password if it's not
>> cached
>> for signing outgoing (in the compose task) but I'm not able to figure
>> out how to get it to prompt for the password from the inbox task when
>> attempting to decrypt a message.  If the password is cached the
>> message
>> decrypts perfectly.
>
> The result of decryption is handled in enigma_ui::status_message()
> method
> (https://github.com/roundcube/roundcubemail/blob/master/plugins/enigma/lib/enigma_ui.php#L773).
>
> So, we prompt for password when $engine->decryptions array contains
> enigma_error object for specified message part. The code of the error
> should be enigma_error::BADPASS. In this case it is important which
> message part ID you're using.
>
> The same applies for when you reply to an encrypted message. See
> enigma_ui::message_compose(). Here we also use $engine->decryptions
> property, but here the part ID is irrelevant.
>
> How we set $decryptions property you can see for example in
> enigma_engine::parse_plain_encrypted() and
> enigma_driver_gnupg::get_error_from_exception().

Alec,

Thanks for the guidance.  I was putting the enigma_error::BADPASS into
the $engine->decryptions array, but thanks to your advise I found that
the enigma_ui::find_part_id call in enigma_ui::status_message is not
returning the expected result, since S/MIME messages are formatted
differently than PGP ones.  I'm working on adding some logic to the
enigma_ui::find_part_id function to detect and handle SMIME formatted
messages.  Hopefully that will work out!

-Kyle
_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Enigma decryption password prompt

A.L.E.C
On 06/27/2016 06:42 PM, Kyle Francis wrote:
> I'm working on adding some logic to the
> enigma_ui::find_part_id function to detect and handle SMIME formatted
> messages.  Hopefully that will work out!

Hmm... this is a simple method, I'd say you probably should rather
modify the code that sets $decryptions property.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer        [http://kolab.org]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl
_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Enigma decryption password prompt

Kyle Francis
On 2016-06-27 12:52, A.L.E.C wrote:
> On 06/27/2016 06:42 PM, Kyle Francis wrote:
>> I'm working on adding some logic to the
>> enigma_ui::find_part_id function to detect and handle SMIME formatted
>> messages.  Hopefully that will work out!
>
> Hmm... this is a simple method, I'd say you probably should rather
> modify the code that sets $decryptions property.

Didn't end up needing to modify that function.  It turns out I wasn't
passing all the information needed in my enigma_error from
enigma_driver_phpssl::decrypt.  Also, SMIME encrypted messages are
attachments, vice inline so there was some fudging with that.
_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: Enigma decryption password prompt

A.L.E.C
On 06/28/2016 07:47 AM, Kyle Francis wrote:
> Didn't end up needing to modify that function.  It turns out I wasn't
> passing all the information needed in my enigma_error from
> enigma_driver_phpssl::decrypt.  Also, SMIME encrypted messages are
> attachments, vice inline so there was some fudging with that.

Yup. As you can see in parse_encrypted() and parse_pgp_encrypted()
PGP/MIME also uses an attachment part for encrypted body. I think this
is pretty the same as in S/MIME.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer        [http://kolab.org]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl
_______________________________________________
Roundcube Development discussion mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/dev