You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
roundcubemail/plugins/enigma
Thomas Bruederli 7969981320 Flattened buttons and icons, removed gradients and box shadows 8 years ago
..
home
lib
localization Update localization 8 years ago
skins Flattened buttons and icons, removed gradients and box shadows 8 years ago
tests
README
composer.json
config.inc.php.dist
enigma.js
enigma.php

README

Enigma Plugin for Roundcube

This plugin adds support for viewing and sending of signed and encrypted
messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format.

The plugin uses gpg binary on the server and stores all keys
(including private keys of the users) on the server.
Encryption/decryption is done server-side. So, this plugin
is for users that trust the server.


Implemented features:
---------------------
+ PGP: signatures verification
+ PGP: messages decryption
+ PGP: Sending of encrypted/signed messages
+ PGP: keys management UI (key import, export, delete)
+ PGP: key generation (client- or server-side)
+ Handling of PGP keys attached to incoming messages
+ User preferences to disable plugin features
+ Attaching public keys to email
+ Key server(s) support (search, import)


TODO:
-----
- Handling of big messages with temp files (? - security)
- Key info in contact details page (optional)
- Extended key management:
   - disable,
   - revoke,
   - change expiration date, change passphrase, add photo,
   - manage user IDs
   - export private keys
- Generate revocation certs
- Search filter to see invalid/expired keys
- Key server(s) support (upload, refresh)
- Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status
- Support for multi-server installations (store keys in sql database? probably impossible with GnuPG 2.1)
- Performance improvements:
   - cache decrypted message key id so we can skip decryption if we have no password in session
   - cache (last or successful only?) sig verification status to not verify on every msg preview (optional)
- S/MIME: Certs generation (?)
- S/MIME: Certs management
- S/MIME: signed messages verification
- S/MIME: encrypted messages decryption
- S/MIME: Sending signed/encrypted messages
- S/MIME: Handling of certs attached to incoming messages
- S/MIME: Certificate info in Contacts details page (optional)


KNOWN ISSUES:
-------------
There are some known issues with accepting key passphrases on various
system configurations. This is caused by issues in PinEntry handling.
Make sure that vendor/bin/crypt-gpg-pinentry works from command line.

Possible reasons:
- non-working loader in shebang (#! /usr/bin/env php)
  Make sure it works for the user the php scripts are executed upon
  (i.e. apache, www-date, etc.)
- SELinux setting, try command: setsebool -P httpd_unified 0

Note: pinentry is used with gpg >= 2.0 and <= 2.1.12.
Note: for server use GnuPG developers still recommend version 1.4.