Autocrypt support in Kontact

Autocrypt support is now in Kontact! This has been several weeks of work. Autocrypt makes it easier for you to use encrypted messages, as is handles key transfer for you automatically.

There are several parts involved in supporting Autocrypt. First, Autocrypt uses Protected Headers, implemented already. Within Autocrypt I found some issues and fixed them. Than I began implementing the receiving of Autocrypt messages. The key concept of Autocrypt is to always send the public key within each email, so the receivers are always able to answer encrypted. The first step was extraction of the key and saving it to disk. Because Autocrypt sends keys unverified at the moment, I decided to not import the Autocrypt keys into the users' keyrings, but keep them separately in json files under ~/.local/share/autocrypt.

After having all data of processed mails stored. I started to implement the sending part of Autocrypt. While implementing I learned that GnuPG does not like to handle two different keyrings anymore. I solved this by creating a temporary keyrings with all keys needed to encrypt a mail. This is certainly not perfect but works for now. There is room for improvement, of course. But as I needed to touch the code of KeyResolver I found out that contact preferences have been disabled for around 2 years, because back then Akonadi locked sometimes during search queries. I think this is not a problem anymore, so I will enable it again pim/messagelib!35. Hopefully with the feedback will ensure that it now just works, or we'll receive more informative failure reports that help to fix the issue.

For testing I used a mail address with an underscore and could reproduce #370385, and then made a journey into akonadi-search. It took a while before I understand the issue, because mail addresses in From or To header can be found correctly. In the end I found a fix: pim/akonadi-search!5. It would be helpful got get feedback from people who know Xapian to improve this code, because for me it feels like poking around in the dark.

Back from the journey, I needed to add Autocrypt support into identities, so you can now enable Autocrypt on an identity basis. I think the complete part is ready for enthusiasts to enable it. This as an experimental feature for now, and you need to enable it in the configuration file by hand. So if you ride the master branch you can enable it by setting Autocrypt = true for each identity in ~/.config/emailidentities. At the moment I cannot tell if this will be stable enough to show users the Autocrypt checkbox in the next release 21.04.

What is working so far?

  • Syncing Autocrypt storage while reading mails
  • sending mails to users that only have Autocrypt keys
  • Adding your key to the Autocrypt header and adding a Gossip header if needed

I tried to implement it in a way that will not break existing workflows. If there is at least one valid key of an user in your keyring, this will be preferred and Autocrypt does not kicks in. A valid key is a key that is neither expired, nor revoked nor disabled and suitable for encryption. Only if no valid key is found, a valid key is searched within Autocrypt storage. This ensures that existing encrypted communication is as safe as before.

What is missing?

  • Creating and processing Setup messages
  • A way to transfer your private key material between your devices
  • Detecting if an Autocrypt key is available while writing the mail. Currently the recipient is displayed as if no encryption would be possible
  • You need to request encryption explicitly
  • No support for prefer-encrypt preferences
  • signatures of mails cannot be verified against an Autocrypt key

I hope you enjoy Autocrypt support in Kontact. The next steps are to finish the missing parts and refactor the crypto support in Kontact. This work I do is supported by funding from nlnet to improve mail encryption.