search

FlowCrypt / flowcrypt-android

FlowCrypt Android App
https://flowcrypt.com
Other
93 stars 11 forks source link

document decryption process #1221

Open tomholub opened 3 years ago

tomholub commented 3 years ago

This is an effort to document desired decryption process across platforms.

inputs: 1) KeyWithPassPhrase[] - a list of OpenPGP keys (SecretKeyRing) and their pass phrases (optional) to use for decryption 2) byte array of data

steps: 1) decide if the message is armored, if so, dearmor it 2) parse the message. If there is error parsing it, or not a valid message, return Err.FORMAT 3) if the message is cleartext signed, only verify signatures (not addressed here) 4) extract list of longids the message is encrypted for 5) find an intersection between these longids and supplied private keys. If no intersection found, throw Err.KEY_MISMATCH. If the message contains a wildcard 0000... longid, then use all keys. 6) within the matched subset, only decrypt the (sub)key packets that are actually going to be used for decryption (an array, typically single one). Throw if a packet cannot be decrypted Err.WRONG_PASS_PHRASE or if we don't have even a single such decrypted packet Err.MISSING_PASS_PHRASE (or have library throw errors and re-categorize them) 7) attempt decryption with these semi-decrypted keys. Observe returned errors and correctly categorize them as Err.NO_MDC, Err.BAD_MDC, Err.KEY_MISMATCH etc. 8) return result (streaming if possible)

Signature verification of plain or encrypted messages is ignored here.

In Kotlin, steps 4-7 would ideally be done by the encryption library.

We also have a caching mechanism on browser extension, where step 6 uses a cache of partially decrypted keys, so that we don't have to keep decrypting the same key as use opens several messages (or a conversation).

IvanPizhenko commented 3 years ago

I think this is what I was missing all this time.

IvanPizhenko commented 3 years ago

I believe in Kotlin we do not have decrypted key cache, unless PGPainless somehow maintains it, but to me that would be surprising.

DenBond7 commented 3 years ago

I believe in Kotlin we do not have decrypted key cache,

Actually, we have a cache (cache in RAM). Due to a lot of reasons.(due to some logic, Node usage and other)

tomholub commented 3 years ago

I believe in Kotlin we do not have decrypted key cache, unless PGPainless somehow maintains it, but to me that would be surprising.

Not yet - that would be for the future

tomholub commented 3 years ago

I believe in Kotlin we do not have decrypted key cache,

Actually, we have a cache (cache in RAM). Due to a lot of reasons.(due to some logic, Node usage and other)

But not for this particular usecase? To be fair, the node code does cache this as described, but the new kotlin code won't (yet).

DenBond7 commented 3 years ago

Sorry, I've missed 'decrypted' word. We just have a cache of encrypted keys and passphrases. So never mind my comment above.

DenBond7 commented 3 years ago

@tomholub Please look at this one and correct me if needed. It relates to encrypted attachments.

edit: It relates to separate encrypted attachments

example

tomholub commented 3 years ago

Looks good :+1:

tomholub commented 3 years ago

For each of the error scenarios, we will have specific error handling and UI options to guide user - but that's for later on.