Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Autocrypt base implementation #505

Conversation

henrique-borba
Copy link
Contributor

@henrique-borba henrique-borba commented Aug 24, 2021

Autocrypt

This PR is a preview and it is not ready for merging.

This PR aims to implement the sending and receiving of public PGP keys through message headers using Autocrypt Level 1 standards.

When enabling the PGP module, the user can choose to include a public key in the message header on the compose page. When receiving a message with Autocrypt headers, the user can choose to import the received key on the message preview page.

Reference: https://autocrypt.org

Screenshot_20210824_143717

Screenshot_20210824_143813

Currently mandatory items implemented according to specification

Peer State Management

The Autocrypt Header

  • The addr attribute is mandatory, and contains the single recipient address this header is valid for. If this address differs from the one in the From header, the entire Autocrypt header MUST be treated as invalid.
  • The keydata attribute is mandatory, and contains the key data for the specified addr recipient address. The value of the keydata attribute is a Base64 representation of the binary OpenPGP “Transferable Public Key”. For ease of parsing, the keydata attribute MUST be the last attribute in this header.

OpenPGP Based key data

  • The keydata sent by an Autocrypt-enabled Level 1 MUA MUST consist of an OpenPGP “Transferable Public Key”
  • These packets MUST be assembled in binary format (not ASCII-armored), and then base64-encoded.
  • A Level 1 MUA MUST be capable of processing and handling Ed25519 public keys for signatures, as well as Cv25519 for encryption.

Header injection in outbound mail

  • This header MUST contain the corresponding public key material (accounts[from-addr].public_key) as the keydata attribute, and from-addr as the addr attribute. The most minimal Level 1 compliant MUA will only include these two attributes. If accounts[from-addr].prefer_encrypt is set to mutual, then the header MUST have a prefer-encrypt attribute with the value mutual.
  • If the From address changes during message composition (e.g., if the user selects a different outbound identity), then the MUA MUST change the Autocrypt header accordingly.
  • The MUA MUST NOT include more than one valid Level 1 Autocrypt header (see Updating Autocrypt Peer State).

Message Encryption

  • An Autocrypt MUA MUST NOT create an Autocrypt Setup Message without explicit user interaction

Solves

@dumblob
Copy link
Member

dumblob commented Aug 24, 2021

Just saw notification about this PR - I'm really glad someone is working on this!

Just one thing from my side - feel free to test this with https://delta.chat/en/ as it's by far the major user of Autocrypt (though they used some extensions of Autocrypt and it's possible they still use some rests of those - but I believe they were all backwards compatible with pure Autocrypt).

@marclaporte marclaporte marked this pull request as draft August 24, 2021 18:28
@henrique-borba
Copy link
Contributor Author

Closed MR in favor of another more up-to-date branch and solution

@marclaporte
Copy link
Member

For the record: #652

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants