summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--plugins/enigma/README2
-rw-r--r--plugins/enigma/config.inc.php.dist10
-rw-r--r--plugins/enigma/enigma.php66
-rw-r--r--plugins/enigma/lib/enigma_engine.php38
-rw-r--r--plugins/enigma/localization/en_US.inc6
5 files changed, 111 insertions, 11 deletions
diff --git a/plugins/enigma/README b/plugins/enigma/README
index fbc7bae2a..0566069ff 100644
--- a/plugins/enigma/README
+++ b/plugins/enigma/README
@@ -19,6 +19,7 @@ Implemented features:
+ PGP: Sending of encrypted/signed messages
+ PGP: keys management UI (keys import and delete)
+ Handling of PGP keys attached to incoming messages
++ User preferences to disable plugin features
TODO (must have):
-----------------
@@ -43,7 +44,6 @@ TODO (later):
- Key server(s) support (search, import, upload, refresh)
- Attaching public keys to email
- Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status
-- User-preferences to disable signature verification, decrypting, encrypting or all enigma features
- Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does)
- Support for multi-server installations (store keys in sql database?)
- Per-Identity settings (including keys/certs)
diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist
index b58ce8bad..832f355b1 100644
--- a/plugins/enigma/config.inc.php.dist
+++ b/plugins/enigma/config.inc.php.dist
@@ -13,8 +13,18 @@ $config['enigma_smime_driver'] = 'phpssl';
// Must be writeable by PHP process
$config['enigma_pgp_homedir'] = null;
+// Enables signatures verification feature.
+$config['enigma_signatures'] = true;
+
+// Enables messages decryption feature.
+$config['enigma_decryption'] = true;
+
// Enable signing all messages by default
$config['enigma_sign_all'] = false;
// Enable encrypting all messages by default
$config['enigma_encrypt_all'] = false;
+
+// Default for how long to store private key passwords (in minutes).
+// When set to 0 passwords will be stored for the whole session.
+$config['enigma_password_time'] = 5;
diff --git a/plugins/enigma/enigma.php b/plugins/enigma/enigma.php
index 10b8048c6..3b9aa0bb9 100644
--- a/plugins/enigma/enigma.php
+++ b/plugins/enigma/enigma.php
@@ -234,6 +234,44 @@ class enigma extends rcube_plugin
$p['blocks']['main']['name'] = $this->gettext('mainoptions');
+ if (!isset($no_override['enigma_signatures'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_signatures';
+ $input = new html_checkbox(array(
+ 'name' => '_enigma_signatures',
+ 'id' => $field_id,
+ 'value' => 1,
+ ));
+
+ $p['blocks']['main']['options']['enigma_signatures'] = array(
+ 'title' => html::label($field_id, $this->gettext('supportsignatures')),
+ 'content' => $input->show(intval($this->rc->config->get('enigma_signatures'))),
+ );
+ }
+
+ if (!isset($no_override['enigma_decryption'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_decryption';
+ $input = new html_checkbox(array(
+ 'name' => '_enigma_decryption',
+ 'id' => $field_id,
+ 'value' => 1,
+ ));
+
+ $p['blocks']['main']['options']['enigma_decryption'] = array(
+ 'title' => html::label($field_id, $this->gettext('supportdecryption')),
+ 'content' => $input->show(intval($this->rc->config->get('enigma_decryption'))),
+ );
+ }
+
if (!isset($no_override['enigma_sign_all'])) {
if (!$p['current']) {
$p['blocks']['main']['content'] = true;
@@ -272,6 +310,27 @@ class enigma extends rcube_plugin
);
}
+ if (!isset($no_override['enigma_password_time'])) {
+ if (!$p['current']) {
+ $p['blocks']['main']['content'] = true;
+ return $p;
+ }
+
+ $field_id = 'rcmfd_enigma_password_time';
+ $select = new html_select(array('name' => '_enigma_password_time', 'id' => $field_id));
+
+ foreach (array(1, 5, 10, 15, 30) as $m) {
+ $label = $this->gettext(array('name' => 'nminutes', 'vars' => array('m' => $m)));
+ $select->add($label, $m);
+ }
+ $select->add($this->gettext('wholesession'), 0);
+
+ $p['blocks']['main']['options']['enigma_password_time'] = array(
+ 'title' => html::label($field_id, $this->gettext('passwordtime')),
+ 'content' => $select->show(intval($this->rc->config->get('enigma_password_time'))),
+ );
+ }
+
return $p;
}
@@ -287,8 +346,11 @@ class enigma extends rcube_plugin
{
if ($p['section'] == 'enigma') {
$p['prefs'] = array(
- 'enigma_sign_all' => intval(rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST)),
- 'enigma_encrypt_all' => intval(rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST)),
+ 'enigma_signatures' => (bool) rcube_utils::get_input_value('_enigma_signatures', rcube_utils::INPUT_POST),
+ 'enigma_decryption' => (bool) rcube_utils::get_input_value('_enigma_decryption', rcube_utils::INPUT_POST),
+ 'enigma_sign_all' => intval(rcube_utils::get_input_value('_enigma_sign_all', rcube_utils::INPUT_POST)),
+ 'enigma_encrypt_all' => intval(rcube_utils::get_input_value('_enigma_encrypt_all', rcube_utils::INPUT_POST)),
+ 'enigma_password_time' => intval(rcube_utils::get_input_value('_enigma_password_time', rcube_utils::INPUT_POST)),
);
}
diff --git a/plugins/enigma/lib/enigma_engine.php b/plugins/enigma/lib/enigma_engine.php
index 6c5ee3cc9..0111d9388 100644
--- a/plugins/enigma/lib/enigma_engine.php
+++ b/plugins/enigma/lib/enigma_engine.php
@@ -26,15 +26,13 @@ class enigma_engine
private $enigma;
private $pgp_driver;
private $smime_driver;
+ private $password_time;
public $decryptions = array();
public $signatures = array();
public $signed_parts = array();
public $encrypted_parts = array();
-
- const PASSWORD_TIME = 120;
-
const SIGN_MODE_BODY = 1;
const SIGN_MODE_SEPARATE = 2;
const SIGN_MODE_MIME = 3;
@@ -51,8 +49,12 @@ class enigma_engine
$this->rc = rcmail::get_instance();
$this->enigma = $enigma;
+ $this->password_time = $this->rc->config->get('enigma_password_time');
+
// this will remove passwords from session after some time
- $this->get_passwords();
+ if ($this->password_time) {
+ $this->get_passwords();
+ }
}
/**
@@ -445,7 +447,9 @@ class enigma_engine
// Verify signature
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
- $sig = $this->pgp_verify($body);
+ if ($this->rc->config->get('enigma_signatures', true)) {
+ $sig = $this->pgp_verify($body);
+ }
}
// @TODO: Handle big bodies using (temp) files
@@ -495,6 +499,10 @@ class enigma_engine
*/
private function parse_pgp_signed(&$p)
{
+ if (!$this->rc->config->get('enigma_signatures', true)) {
+ return;
+ }
+
// Verify signature
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
$this->load_pgp_driver();
@@ -536,6 +544,10 @@ class enigma_engine
{
return; // @TODO
+ if (!$this->rc->config->get('enigma_signatures', true)) {
+ return;
+ }
+
// Verify signature
if ($this->rc->action == 'show' || $this->rc->action == 'preview') {
$this->load_smime_driver();
@@ -568,6 +580,10 @@ class enigma_engine
*/
private function parse_plain_encrypted(&$p, $body)
{
+ if (!$this->rc->config->get('enigma_decryption', true)) {
+ return;
+ }
+
$this->load_pgp_driver();
$part = $p['structure'];
@@ -642,6 +658,10 @@ class enigma_engine
*/
private function parse_pgp_encrypted(&$p)
{
+ if (!$this->rc->config->get('enigma_decryption', true)) {
+ return;
+ }
+
$this->load_pgp_driver();
$struct = $p['structure'];
@@ -682,6 +702,10 @@ class enigma_engine
*/
private function parse_smime_encrypted(&$p)
{
+ if (!$this->rc->config->get('enigma_decryption', true)) {
+ return;
+ }
+
// $this->load_smime_driver();
}
@@ -982,12 +1006,12 @@ class enigma_engine
$config = @unserialize($config);
}
- $threshold = time() - self::PASSWORD_TIME;
+ $threshold = time() - $this->password_time;
$keys = array();
// delete expired passwords
foreach ((array) $config as $key => $value) {
- if ($value[1] < $threshold) {
+ if ($pass_time && $value[1] < $threshold) {
unset($config[$key]);
$modified = true;
}
diff --git a/plugins/enigma/localization/en_US.inc b/plugins/enigma/localization/en_US.inc
index d8e80a871..410a52e56 100644
--- a/plugins/enigma/localization/en_US.inc
+++ b/plugins/enigma/localization/en_US.inc
@@ -18,8 +18,13 @@ $labels['typekeypair'] = 'key pair';
$labels['keyattfound'] = 'This message contains attached PGP key(s).';
$labels['keyattimport'] = 'Import key(s)';
+$labels['supportsignatures'] = 'Enable message signatures verification';
+$labels['supportdecryption'] = 'Enable message decryption';
$labels['signdefault'] = 'Sign all messages by default';
$labels['encryptdefault'] = 'Encrypt all messages by default';
+$labels['passwordtime'] = 'Keep private key passwords for';
+$labels['nminutes'] = '$m minute(s)';
+$labels['wholesession'] = 'the whole session';
$labels['createkeys'] = 'Create a new key pair';
$labels['importkeys'] = 'Import key(s)';
@@ -32,7 +37,6 @@ $labels['keysend'] = 'Send public key in a message';
$labels['keychpass'] = 'Change password';
$labels['encryptionoptions'] = 'Encryption options...';
-$labels['identdefault'] = 'Use settings of selected identity';
$labels['encryptmsg'] = 'Encrypt this message';
$labels['signmsg'] = 'Digitally sign this message';