hey again,
On 29/07/2009 Thomas Bruederli wrote:
> We would certainly appreciate a plugin-based solution for PGP support. Due
> lack of time we didn't start to code one ourselves but you'll get any
> support you need. I think some more plugin-hooks are required to make this
> work since encrypted message parts are currently just ignored.
after reading parts of roundcube code (especially rcube_message.php)
several times and thinking about the possibilities to implement a crypt
plugin here are my current ideas:
i guess it will be very hard to implement a plugin that adds full
support for encrypted and signed messages to roundcube. the reason is,
that rcube_message.php already does a lot of message/mime parsing, and
i doubt that there's _one_ best place in parse_structure() where
potentially encrypted and/or signed message could be given to the
plugin via hook. that's due to the reason that messages with encrypted
and/or signed parts could have any possible structure, with or without
mime parts, with or without attachments and so on.
so from what i see now, the plugin would have to parse messages the
following way:
func parse_mime(mime_part):
if (Content-Type == multipart/mixed):
foreach($mime_parts as $part):
parse_mime(mime_part)
else if (Content-Type == multipart/encrypted):
decrypt_mime(mime_part_2)
else if (Content-Type == multipart/signed):
verify_mime(mime_part_1, mime_part_2)
else if (Content-Disposition contains 'attachment'):
if (Content-Type contains 'pgp'):
parse_mime_attachment(mime_part)
func parse_attachment(mime_part):
if (Content-Transfer-Encoding == 'base64'):
attachment = convert_from_base64(mime_part)
else if (Content-Transfer-Encoding == 'quoted-printable'):
attachment= convert_from_QP(mime_part)
decrypt(attachment)
func parse_inline(msg):
if (msg contains 'BEGIN PGP MESSAGE'):
crypt_msg = grep_inline_crypt_msg(msg)
decrypt_inline(crypt_msg)
if (msg contains 'BEGIN PGP SIGNED MESSAGE'):
signed_msg = grep_inline_signed_msg(msg)
verify_inline(signed_msg)
if (mime_message):
parse_mime(msg)
else:
parse_inline(msg)
as you can see a lot of this parsing is already implemented in roundcube
[rcube_message.php / parse_structure()]. thus we either would have to
reinvent the wheel in the crypt plugin, or add lots of additional hooks.
as both are not clean solutions, i see two solutions:
(1) redesign the whole message parsing code from roundcube
or
(2) implement the missing parsing code to detect and isolate encrypted
and/or signed messages/attachments, regardless whether they're inline or
mime, and only give the pure encrypted/signed text/attachment/whatever
to the plugin.
i would highly appreciate comments on that thoughts :-)
greetings,
jonas
--- 8< --- detachments --- 8< ---
The following attachments have been detached and are available for viewing.
http://detached.gigo.com/rc/q9/h3g6iWvS/signature.asc
Only click these links if you trust the sender, as well as this message.
--- 8< --- detachments --- 8< ---
_______________________________________________
List info: http://lists.roundcube.net/dev/
