OpenPGP key manager, implement revocation and backup of secret keys
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(thunderbird_esr78 fixed, thunderbird79 fixed)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
Attachments
(1 file)
(deleted),
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
wsmwk
:
approval-comm-esr78+
|
Details |
We need to implement revocation for secret keys, and backup for secret keys. I have a patch ready.
The backup dialog must prompt for the password that will protect the backup of the secret key(s). Instead of starting from scratch, I reused an existing dialog from Mozilla/Firefox code: setp12password.xhtml and .js, and have adjusted the strings.
Instead of having a single action for export/backup, there are now two different actions in the menu. This avoids the complex dialog that asks "include secret". The workflow will be clearer now.
Revocation is a simple approach with two prompts, one before, one after. It follows the strings that Enigmail had used, but tweaked for the new reality of our new implementation.
Removed the command "send email to selected keys". This no longer makes sense for our implementation, because no longer support encrypting to specific keys. Our workflow is based on email addresses. Because a selection of keys doesn't give a exact list of email addresses (a key can contain multiple), I think it's best to remove this command for now.
The backup menu command is enabled, if all selected keys are secret keys.
Renamed the menu command to consistently use "key(s)" whenever it works with multiple selected items.
In addition, the patch will do some refactoring:
- .js files that include chrome://openpgp/content/ui/enigmailCommon.js
don't need their own l10n declaration, they can use the one from common - simplify several l10n statements to use formatSync, not await
Note the attached patch is on top of several other pending patches, my current queue is bug 1634561, bug 1650446, bug 1650591, bug 1650738, bug 1637179, bug 1648954
Assignee | ||
Comment 1•4 years ago
|
||
Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/10fb5837e1c4
OpenPGP key manager, implement revocation and backup of secret keys. r=PatrickBrunschwig
Assignee | ||
Comment 3•4 years ago
|
||
Comment on attachment 9162504 [details]
Bug 1651707 - OpenPGP key manager, implement revocation and backup of secret keys. r=PatrickBrunschwig
Important new OpenPGP feature for 78.x
Assignee | ||
Comment 4•4 years ago
|
||
Comment on attachment 9162504 [details]
Bug 1651707 - OpenPGP key manager, implement revocation and backup of secret keys. r=PatrickBrunschwig
OpenPGP - uplift request for consistency of comm-esr78, beta79 and c-c80
Updated•4 years ago
|
Comment 5•4 years ago
|
||
Comment on attachment 9162504 [details]
Bug 1651707 - OpenPGP key manager, implement revocation and backup of secret keys. r=PatrickBrunschwig
Approved for beta
Approved for esr78
Assignee | ||
Comment 6•4 years ago
|
||
https://hg.mozilla.org/releases/comm-esr78/rev/71cfa228d4ef3efa0ab32aaaafeeb3b2f477adc1
https://hg.mozilla.org/releases/comm-beta/rev/f95dfdedfd625f0d0d772eedd6c64fc798e45809
The patch of OpenPGP private keys is not working properly! (TH 78.0.1)
The password requested for the backup is useless, the key is saved in clear text...
It suits me, I prefer a backup without a password.
It would be useful to ask users if they want to save their private keys with a password.
Assignee | ||
Comment 9•4 years ago
|
||
(In reply to Alex from comment #8)
The patch of OpenPGP private keys is not working properly! (TH 78.0.1)
The password requested for the backup is useless, the key is saved in clear text...
I cannot reproduce your report.
If I backup a secret key to a file, and then try to import that file with GnuPG, I get a prompt to enter the password. If I cancel import, or if I enter the incorrect password, then GnuPG does not import a secret key (only a public key).
Can you please explain why you think it is backed up without a password?
The secret key is saved to a backup file that uses ASCII ARMOR encoding, that means it can be viewed with a text editor, and appears to be clear text.
Comment 10•4 years ago
|
||
(In reply to Kai Engert (:KaiE:) from comment #9)
I did what you did!
If I import my key with GnuPG it goes through without a problem.
The key is in the clear!
Look the file :
-----BEGIN PGP PRIVATE KEY BLOCK-----
xcaGBFejS/QBEAC5CveI5FSlp8EeFxNpJTj4DfkpKiV8LQgH396ACspZjhSmVmcqdL6DPW91Na0z
20EnodSFwKHMgv3za1xJsd7fY3CpmjdopcOTr64m5XqJ2m9Mu/Rt0hNPZ793gysz8OwuduyBqCeU
.....................
Comment 11•4 years ago
|
||
Assignee | ||
Comment 12•4 years ago
|
||
(In reply to Alex from comment #10)
-----BEGIN PGP PRIVATE KEY BLOCK-----
xcaGBFejS/QBEAC5CveI5FSlp8EeFxNpJTj4DfkpKiV8LQgH396ACspZjhSmVmcqdL6DPW91Na0z
20EnodSFwKHMgv3za1xJsd7fY3CpmjdopcOTr64m5XqJ2m9Mu/Rt0hNPZ793gysz8OwuduyBqCeU
.....................
This doesn't mean anything.
An encrypted private key file looks similar.
Comment 13•4 years ago
|
||
Okay, I didn't know.
But imports don't require a password...
Assignee | ||
Comment 14•4 years ago
|
||
Mystery was solved in bug 1654703
Assignee | ||
Updated•4 years ago
|
Description
•