Enigma Plugin for Roundcube This plugin adds support for viewing and sending of signed and encrypted messages in PGP (RFC 2440) and PGP/MIME (RFC 3156) format. The plugin uses gpg binary on the server and stores all keys (including private keys of the users) on the server. Encryption/decryption is done server-side. So, this plugin is for users that trust the server. WARNING! The plugin is in very early state. See below for a list of missing features and known issues. Implemented features: --------------------- + PGP: signatures verification + PGP: messages decryption + PGP: Sending of encrypted/signed messages + PGP: keys management UI (keys import and delete) + Handling of PGP keys attached to incoming messages + User preferences to disable plugin features TODO (must have): ----------------- - Keys export to file - Disable Reply/Forward options when viewing encrypted messages until they are decrypted successfully - Handling of replying/forwarding of encrypted/signed messages - Client-side keys generation (with OpenPGP.js?) TODO (later): ------------- - Handling of big messages with temp files - Server-side keys generation (warning: no-entropy issue, max_execution_time issue) - Key info in contact details page (optional) - Extended key management: - disable, - revoke, - change expiration date, change passphrase, add photo, - manage user IDs - Generate revocation certs - Search filter to see invalid/expired keys - Key server(s) support (search, import, upload, refresh) - Attaching public keys to email - Mark keys as trusted/untrasted, display appropriate message in verify/decrypt status - Change attachment icon on messages list for encrypted messages (like vcard_attachment plugin does) - Support for multi-server installations (store keys in sql database?) - Per-Identity settings (including keys/certs) - Performance improvements: - cache decrypted message key id so we can skip decryption if we have no password in session - cache (last or successful only?) sig verification status to not verify on every msg preview (optional) - S/MIME: Certs generation - S/MIME: Certs management - S/MIME: signed messages verification - S/MIME: encrypted messages decryption - S/MIME: Sending signed/encrypted messages - S/MIME: Handling of certs attached to incoming messages - S/MIME: Certificate info in Contacts details page (optional) Known issues: ------------- 1. There are Crypt_GPG issues when using gnupg >= 2.0 - http://pear.php.net/bugs/bug.php?id=19914 - http://pear.php.net/bugs/bug.php?id=20453 - http://pear.php.net/bugs/bug.php?id=20527