Developers of Sympa

[Serge Aumont <address@concealed>]

Hi Aigars

Aigars Mahinovs wrote:
> Hello,
>
> I'd like to find out how hard would it be to add GPG support alongside
> S/MIME to Sympa. I've looked at te code and quickly drafted
> replacements for smime_* functions in tools.pl, but I am not quite
> sure what to do next. This uses Mail::GPG library extensively. The
> implementation is not fully complete - it does not gather keys from
> incoming messages (should ask keyserver for unknown keys) nor has
> support for separate keys per list (setting GPG homedir to list dir
> should work fine). I am looking to deploy this at FFII.org to fight
> software patents and would appreciate all help in getting this working
> :)
>   
That's a great job.  A full support of GPG suppose

   * the authentication method 'pgp' to be added in scenrio so a signed
     message could be trusted without email challenge. scenario.pm is
     nearly ready for that (it should be checked). The subroutine
     Commands.pm::get_auth_method should be updated to be able to
     return 'pgp'.
   * The objet Message should carry the pgp encryption  and/or
     signature. You should check Message.pm for that
   * Then you should check every part of code where one of the
     following subroutine is used : smime_decrypt smime_encrypt
     smime_sign_check smime_sign and apply gpg_decrypt gpg_encrypt
     gpg_sign_check gpg_sign .
   * last but very important, the documentation must be updated.

I don't think it is too difficult.  If you want to do it, we could 
create a SVN branch for that and give you full access to this branch. 
Than we could give you some more precise support. Let us known.

Serge


> sub gpg_sign {
>     my $in_msg = shift;
>     my $list = shift;
>
>     do_log('debug2', 'tools::gpg_sign (%s,%s)',$in_msg,$list);
>
>     my $mg = Mail::GPG->new (
>         no_strict_7bit_encoding => 1,
>         );
>
>     my $signed_msg = $mg->mime_sign (
>         entity => $in_msg,
>         );
>
>     return $signed_msg;
> }
>
> sub gpg_sign_check {
>     my $message = shift;
>
>     my $sender = $message->{'sender'};
>     my $file = $message->{'filename'};
>
>     do_log('debug2', 'tools::gpg_sign_check (message, %s, %s )',
> $sender, $file);
>
>     my $mg = Mail::GPG->new (
>         no_strict_7bit_encoding => 1,
>         );
>
>     my $result = $mg->verify (
>         entity => $message,
>     );
>
>     return $result->get_sign_ok;
> }
>
> sub gpg_encrypt {
>     my $msg = shift; # Mail::Entity, not just the text
>     my $email = shift ; # recipient
>     my $list = shift ;
>
>     &do_log('debug2', 'tools::gpg_encrypt( %s, %s )', $email, $list);
>
>     my $mg = Mail::GPG->new (
>         no_strict_7bit_encoding => 1,
>         );
>
>     my encrypted_msg = $mg->mime_encrypt (
>         entity => $msg,
>         recipients => [ $email ],
>     );
> }
>
> sub gpg_decrypt {
>     my $msg = shift;
>     my $list = shift ; ## the recipient of the msg
>
>     &do_log('debug2', 'tools::gpg_decrypt message msg from
> %s,%s',$msg->head->get('from'),$list->{'name'});
>
>     my $mg = Mail::GPG->new (
>         no_strict_7bit_encoding => 1,
>         );
>
>     my ($decrypted_entity, $result) = $mg->decrypt (
>         entity     => $entity,
>     );
>
>     unless ($result->get_enc_ok) {
>         do_log('notice', 'Unable to decrypt GPG message : %i',
> $result->$gpg_exit_code);
>         return undef;
>     }
>
>     return $decrypted_entity;
> )
>
>