Add pgp keyring management - Githubissues

ddavness / power-mailinabox

A Mail-in-a-Box with extra capabilities and more customizability. Not just for power users!

Creative Commons Zero v1.0 Universal

172 stars 32 forks source link

Add pgp keyring management #5

Closed ddavness closed 4 years ago

ddavness commented 4 years ago

This will allow us to configure a PGP keyring for the daemon to use. Possible use-cases:

Encrypt backups using a public PGP key provided by the user instead of a symmetric secret file
Sign the emails sent to the box administrator (or other server-wide internal email)
Make people's keys publicly available via WKD, if they so choose.
Etc.

ddavness commented 4 years ago

Here's a mockup of the front-end :)

ddavness commented 4 years ago

Currently using gpgme's Python bindings to handle this. Documentation (for easy reference):

https://github.com/gpg/gpgme/tree/master/lang/python/doc/src

ddavness commented 4 years ago

So now we kind of have a problem here: The Mail-in-a-Box daemon runs in an isolated python interpreter, so installing the python3-gpg package will not work here. We kinda have two/three alternatives:

Install the gpg package via the deamon's pip - this is not ideal because we will have to compile the bindings, and as such install build dependencies (the gpgme headers and swig, gcc, etc.), but it's the quickest way to get it to "work"
Try to shove the bindings from the distribution into the virtual environment - how do we do this?
Undo the virtualenv and make the daemon use the same python as everyone else.

ddavness commented 4 years ago

Alright, at this point:

We've got the deamon working(ish)
We can read keys on the ring and produce "essential" information from them
We're now able to display that information in a convenient format

Stuff we still need to do:

[x] Give a way to export the keys;
[x] Give a way to import new keys;
[x] Give a way to delete imported keys;
[ ] ~~Give a way to change the owner-trust level of the keys;~~
[x] Give a way to actually use the keys for something;
[x] Make the daemon auto-renew the key every so often;
[x] Integrate the keyring in the status checks page (warning about keys that expired or are about to)

ddavness commented 4 years ago

Whew we're getting close

ddavness commented 4 years ago

We now have a nice little section in the status checks. This will warn us of expired, about-to-expire, or revoked keys.

ddavness commented 4 years ago

The daemon's key expires 180 days after it's creation, and is regularly renewed (for 180 days), when there are 14 days or less left.

ddavness commented 4 years ago

For this PR, we'll only grab the daemon's key and use it to sign internal mail. Other features will be implemented separately.

ddavness commented 4 years ago

Holding this for a while as I'm currently preparing a fork of the Enigma plugin for Roundcube - which will allow us to verify signatures directly in Roundcube :eyes:

ddavness/roundcube-enigma-plugin-globalkeyring (I might try doing a PR to the main repo one day, but probably not anytime soon)

ddavness commented 4 years ago

Alright, we're not going forward with this path as it's quite a mess (we need to handle three gpg contexts) - we might aswell just implement WKD into enigma.