-
Notifications
You must be signed in to change notification settings - Fork 1k
Algorithms: cryptographic
This page is based on reading code from commit 8013563 dated 2018-05-04 and tests performed with it. It is known to be incomplete and there may errors or omissions!
No icon: No key or gpg key trust unknown
Hover and click Find Encryption Keys to pop up a box with available keys.
Padlock, closed, green: key available.
Hover and click Show Encryption Keysto pop up a box with available keys.
Available keys are displayed with name, email address, fingerprint and one to five stars indicating trust level (five stars - green, four stars - blue, two stars - yellow).
Keys on the keychain are marked This key is on your key chain.
Keys not on the keychain, received as email attachments, are presented with an Import Key button.
A displayed key can be selected by clicking on it.
Plaintext/ciphertext:
Padlock, closed, green: Ciphertext will be sent.
Padlock, open, yellow: Missing keys for at least one recipient. Plaintext will be sent.
Padlock, open, grey: Plaintext will be sent.
User can toggle by clicking on icon if needed keys are available.
Unsigned/signed:
Hashmarks, grey: Message will not be signed.
Checkmark, green: Message will be signed.
User can toggle by clicking on icon if sender key is available.
Plaintext/ciphertext:
No icon: Message was received as plaintext.
Padlock, closed, green + ENCRYPTED: Message was received as ciphertext.
Unsigned/signed:
No icon: Message will not be signed.
Checkmark, blue + UNVERIFIED: Message was signed, signature was good, key not trusted.
Checkmark, green + VERIFIED: Message was signed, signature was good, key is trusted.
The cryptographic status of a message is indicated by tags which are stored in the Metadata Index.
The following tags are used to indicate the signature status of a message:
mp_sig-none
mp_sig-mixed-error
mp_sig-error
mp_sig-mixed-unknown
mp_sig-unknown
mp_sig-mixed-changed
mp_sig-changed
mp_sig-mixed-unsigned
mp_sig-unsigned
mp_sig-mixed-expired
mp_sig-expired
mp_sig-mixed-revoked
mp_sig-revoked
mp_sig-mixed-unverified
mp_sig-unverified
mp_sig-mixed-signed
mp_sig-signed
mp_sig-mixed-verified
mp_sig-verified
mp_sig-mixed-invalid
mp_sig-invalid
The following tags are used to indicate the encryption status of a message:
mp_enc-none
mp_enc-mixed-error
mp_enc-error
mp_enc-mixed-decrypted
mp_enc-decrypted
mp_enc-mixed-missingkey
mp_enc-missingkey
mp_enc-mixed-lockedkey
mp_enc-lockedkey
The signature and encryption status tag names are the same as the possible STATUSES listed in classes mailpile.crypto.state.SignatureInfo and ... .EncryptionInfo respectively.
A message can contain a hierarchy of MIME and OpenPGP structures. The parts of the structures at any level in the heirarchy can be encrypted and/or signed. Consequently the cryptographic status of a message can be complex. The various tags listed above attempt to summarize this complex status in a useful way.
The crypto status attributes of a MIME part signatureinfo and encryptioninfo are initially set by the methods of mailpile.crypto.gpgi.py. They are modified, based on the crypto status of child and parent MIME parts, by the bubble_up() and mix_bubbles() methods of mailpile.crypto.state.SignatureInfo and ... .EncryptionInfo which are called from classes mailpile.mailutils.emails.ParseMessage, ... .EMail, mailpile.crypto.mime.UnwrapMimeCrypto, and ... .UnwrapPlainTextCrypto. They are accessed, e.g. to set Metadata Index tags, via mailpile.plugins.cryptostate.meta_kw_extractor().