Enigma smime signed messages verification

[duk3luk3]

This is the first step to address #4977.

I made this PR to familiarise myself with the enigma plugin and show a first proof-of-concept.

Description

It does the following things:

• Hooks up SMIME signature verification logic that already mostly existed in enigma
• Allows the server administrator to specify trusted CA files in enigma plugin config
• Introduces new "server-verified" verification level: If trusted CAs are specified in enigma plugin config, full verification trust (Green bar) is reserved for messages signed with a certificate trusted by one of those CAs; messages signed by a certificate trusted by the default CAs are displayed as "server-verified" with a yellow bar.

What it doesn't do:

• No decryption - so also no verification of encrypted messages
• No encryption
• No user CAs / certificates

What I am finding out here is that the php openssl module is severely limited in what it can do. Things I would like to do but seemingly can't using php openssl:

• Use intermediate certificates as trust anchors
• Retrieve the whole certificate chain used to verify a signature

It may be necessary to invoke an openssl executable directly to actually implement all the features users would expect.

How to test

Test basic verification:

• Enable the enigma plugin using the code in this branch
• Open a signed (unencrypted!) S/MIME message
• If the root ca for the signature of that message is in your server's cert store, you should see a green signature verification bar

Test verification of configured CAs:

• Set $config['enigma_smime_ca'] = array('/'); (a directory without certificates)
• The message should now have a yellow signature verification bar
• Set $config['enigma_smime_ca'] = array('/path/to/ca.cert'); referencing the correct root ca
• The message should now have a green bar again

[taalas]

Looks very promising. Looking forward to this being merged.

[alecpl]

Looks good. I'm not sure it should be merged with master. Maybe a separate branch would be better. Or we implement an option that will disable the whole S/MIME functionality by default.

[duk3luk3]

The S/MIME functionality (as it is implemented so far) is completely unobtrusive.

Once I add more UI for it (e.g. Certificate Management and a column to enable/disable S/MIME functions in the main Enigma config panel), the existing config override system can be used to disable S/MIME entirely and it's fine to set it disabled by default.

Is that agreeable?

[renne]

Does it support retrieving S/MIME certificates from DNS according to IETF RFC 8162?

[G00sfraba]

Can you share a screenshot of how this should look?
I've applied the changes from this PR manually on my local copy, but I, can't see this "green bar" you are referring to. Any advice or guidance?

PS, I also tried direct install from the branch, but still with 0 success on any indication for valid s/mime signed email on the UI.

[m-ueberall]

@G00sfraba It looks as follows after I've applied the (corrected) resulting patch against v1.3.9 today:

[tborychowski]

Any update on this? Would love to see that feature :-)

[G00sfraba]

Any update on this? Would love to see that feature :-)

I ended up customising rc_smime.php as I need. have to say that no other changes were needed since then (more than an year ago) so go for it.

[tborychowski]

@G00sfraba, would you have a fork/branch/repo with these changes?
Or could you share them in any way? :-)

[dereks]

Thank you for submitting a Pull Request (PR) to the Roundcube GitHub project.

You are receiving this message because your PR has conflicts which need to be resolved. We are trying to catch up on our backlog of old PRs and get them merged in (where appropriate). Therefor, we request the following:

Step 1. Rebase from the latest Roundcube branch master into your PR.

git fetch upstream
git checkout your_feature_branch_name
git rebase upstream/master
git push -f origin your_feature_branch_name

Step 2. Re-test to make sure your new code still works as expected

Step 3. Comment back here once it has been tested and will merge cleanly.

Once this has been done we will treat it like a new Pull Request and consider it for acceptance.

Apologies for the inconvenience. Thank you for contributing to Roundcube!

[alecpl]

We're using short array syntax now.

[alecpl]

This will be a warning if the option in config is not an array.

[alecpl]

Why would that be an error? Find another way to pass this info, e.g. involving enigma_signature::$partial.

[alecpl]

This is not needed.

[alecpl]

This is conflict that needs to be resolved.

[alecpl]

These new const aren't used/implemented yet. I would remove them.