-
Notifications
You must be signed in to change notification settings - Fork 29
Design abstract
Zimbra OpenPGP Zimlet is based on the Zimbra Zimlet framework and above all the Zimbra JavaScript API.
- https://wiki.zimbra.com/wiki/Zimlet_Developers_Guide:Introduction
- https://wiki.zimbra.com/wiki/Zimlet_Developers_Guide:Zimbra_JavaScript_API_Reference
- The Zimlet has no server-side components (including jsp's and java extensions)
This method is called whenever a user views an email in Zimbra. In onMsgView this Zimlet determines if the viewed message has PGP contents.
If PGP content is detected it adds DOM elements for displaying results such as an indicator of a good/bad signature and the decrypted message text. Additionally onMsgView calls other methods to deal with PGP content, in most cases the method that follows onMsgView is a dialog for the user to make a decision or to provide a private key for decryption.
This Zimlet asks for the Zimbra client to expose the following headers to support onMsgView.
- Content-Type
- Content-Transfer-Encoding
Zimbra provides a way to make additional links available in the message view to handle attachments, this is not documented in the Zimbra JS API but present in a number of Zimlets that can be found the main git. This Zimlet adds handlers for the following attachment types.
- application/pgp-encrypted (an encrypted attachment)
- application/pgp-keys (a pgp public key)
The OpenPGP.js library takes care of all PGP related operations, see https://github.com/openpgpjs/openpgpjs .
This Zimlet uses native Zimbra MIME parsing to read Inline-PGP, making Inline-PGP very robust in this Zimlet.
- PGP Encrypted messages are read via the REST API
- Clear-signed messages cannot be read via the REST API as they may require decoding, therefore ZmSetting MAX_MESSAGE_SIZE is set to 1MB (for actual users) so we can use the built in ZmMailMsg object to take care of decoding.
Example REST API call URL construction:
"/home/" + AjxStringUtil.urlComponentEncode(appCtxt.getActiveAccount().name) + "/message.txt?fmt=txt"+part+"&id="+ msg.id;
As Zimbra cannot decrypt PGP content, a PGP/MIME message that is decrypted by the Zimlet, still needs MIME parsing. This Zimlet does include the MIME implementation from emailJS.
Please see https://github.com/Zimbra-Community/pgp-zimlet/wiki for the complete feature list.
This Zimlet adds Encrypt and Sign buttons in the Compose Tab, once clicked the ZmComposeController will be put into text/plain mode. And after the users completes the dialog, the contents of the ZmComposeController (aka draft email) will be replaced by its PGP equivalent, and encrypted attachments are added to the draft.
The source code for Zimbra OpenPGP Zimlet contains JSDoc style comments and great care has been taken to provide as much in-code documentation as possible. Although reading through the code will provide a better overview, the JSDoc is available online at http://barrydegraaff.github.io/OpenPGPZimletJSDoc/OpenPGPZimlet.html .