new: [internal] 'GnuPG.obscure_subject' option to not send unencrypted subject

2020-04-25 22:53:27 +02:00 · 2020-04-25 22:53:27 +02:00 · c347ffc6db
parent ea4d195e99
commit c347ffc6db
3 changed files with 20 additions and 1 deletions
--- a/app/Config/config.default.php
+++ b/app/Config/config.default.php
@ -48,6 +48,7 @@ $config = array(
 			'password'          => '',
            'bodyonlyencrypted' => false,
            'sign'              => true,
+            'obscure_subject'   => false,
 		),
 	'SMIME'            =>
 		array(
--- a/app/Lib/Tools/SendEmail.php
+++ b/app/Lib/Tools/SendEmail.php
@ -357,6 +357,7 @@ class SendEmail

        $email = $this->create($user, $subject, $body, array(), $replyToUser);

+        $signed = false;
        if (Configure::read('GnuPG.sign')) {
            if (!$this->gpg) {
                throw new SendEmailException("GPG signing is enabled, but GPG is not configured.");
@ -365,13 +366,13 @@ class SendEmail
            try {
                $this->gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
                $this->signByGpg($email);
+                $signed = true;
            } catch (Exception $e) {
                throw new SendEmailException("The message could not be signed.", 0, $e);
            }
        }

        $encrypted = false;
-
        if ($canEncryptGpg) {
            if (!$this->gpg) {
                throw new SendEmailException("GPG encryption is enabled, but GPG is not configured.");
@ -390,6 +391,15 @@ class SendEmail
            try {
                $this->gpg->addEncryptKey($fingerprint);
                $this->encryptByGpg($email);
+
+                if ($signed && Configure::read('GnuPG.obscure_subject')) {
+                    // If message is signed, we can remove subject from unencrypted part of email and replace with '...',
+                    // because subject is also part of signed data. Three dots are used according to
+                    // 'draft-autocrypt-lamps-protected-headers-01' standard. This behaviour must be enabled by
+                    // 'GnuPG.obscure_subject' setting.
+                    $email->subject('...');
+                }
+
                $encrypted = true;
            } catch (Exception $e) {
                throw new SendEmailException("The message could not be encrypted.", 0, $e);
--- a/app/Model/Server.php
+++ b/app/Model/Server.php
@ -1142,6 +1142,14 @@ class Server extends AppModel
                                'errorMessage' => '',
                                'test' => 'testForEmpty',
                                'type' => 'string',
+                        ),
+                        'obscure_subject' => array(
+                                'level' => 2,
+                                'description' => __('When enabled, subject in signed and encrypted e-mails will not send in unencrypted form.'),
+                                'value' => false,
+                                'errorMessage' => '',
+                                'test' => 'testBool',
+                                'type' => 'boolean',
                        )
                ),
                'SMIME' => array(