Trace: ongoing

Lacre - ongoing work

  1. “Great renaming” — our fork is ours, let's reflect it with unifying the names used all over the code (see issue 81).

Reliability improvements

  • Key lifecycle analysis and fixes. I've documented it with graphviz (see doc/key-lifecycle.gv.
  • Database transactions.
  • Another approach at encoding issues — there have been reports on broken encodings from Disroot users.

Research: avoiding message transformation

Python's email module provides a set of parsers for email messages, among them:

  • BytesParser, which just consumes a bytes sequence and produces an EmailMessage, with all of its data and meta-data kept in memory;
  • BytesHeaderParser, which only parses headers and doesn't provide features to access parts of a multi-part message.

The problem with the first approach is that if we choose to encrypt an EmailMessage, its contents is serialised by an appropriate email.generator implementation, instead of producing the original content. This is OK for payloads like text in pure ASCII or Unicode with Latin scripts, but things get tricky when we want to transfer non-Latin scripts (e.g. Japanese, Chinese, or any of the Cyrillic alphabets). (This is mostly caused by different Content-Transfer-Encoding being chosen by email.generator.)

BytesHeaderParser and its string counterpart let us only parse the headers and keep original message body in memory. The drawback is that we can't process multipart messages as sequences of MIME entities, which we need for one of the Lacre's modes of operation. (There are two: PGP/MIME with whole body encrypted and PGP/Inline with each part of multipart message encrypted separately.) We could use BytesHeaderParser with PGP/MIME only, because a multipart message would be impossible to handle in PGP/Inline mode.

Research: avoiding message transformation (part 2)

It turns out that we can avoid some of the transformations:

  • For messages in cleartext, already encrypted and those processed in PGP/MIME mode we could just take original message content (Envelope.original_content) and process it. Thus we'd avoid using email.contentmanager, which is the component responsible for decoding MIME entities.
  • Messages processed in PGP/Inline mode would risk being transformed before encryption.

To achieve that, we'd need to adjust the flow and:

  1. Work with a plain Envelope initially to identify identities and prepare for encryption.
  2. We could use header-only parser mentioned above during delivery planning (lacre.core, function delivery_plan).
  3. Finally, if the message is known to be processed in PGP/Inline mode, we could load each MIME entity's body and process it. (Without ContentManager if possible.)