Code Monkey home page Code Monkey logo

scrambler-plugin's Introduction

Dovecot encryption plugin

Requirements

  • Ensure GCC and the header files for libcrypto (OpenSSL) and libsodium are installed.

Installation

  • Use make dovecot-install to download and build dovecot 2.2.21 in a sub-directory. It's a local installation and your system wont be affected.

  • Type make all to compile the plugin.

  • Find the plugin at dovecot/target/lib/dovecot/lib18_scrambler_plugin.so.

Configuration

In order to run, the plugin needs the following configuration values (via the dovecot environment).

  • scrambler_plain_password The plain user password. It's used to derive the hashed password to decrypt the private key.

  • scrambler_enabled Can be 1 or 0.

  • scrambler_public_key The public key of the user. Formatted as pem.

  • scrambler_private_key The encrypted private key of the user. Formatted as pem.

  • scrambler_private_key_salt The salt of the hashed password that has been used to encrypt the private key.

  • userdb_scrambler_N The scrypt parameter N used to derive the hashed password that has been used to encrypt
    the private key.

  • userdb_scrambler_r The scrypt parameter r used to derive the hashed password that has been used to encrypt
    the private key.

  • userdb_scrambler_p The scrypt parameter p used to derive the hashed password that has been used to encrypt
    the private key.

  • userdb_scrambler_keylen The length of the hashed password that has been used to encrypt the private key.

Example

TODO config/passwd-generator openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:8192 -aes128 -pass stdin -out [email protected] openssl rsa -outform pem -pubout -in [email protected] openssl rsa -outform pem -aes128 -passout stdin -in [email protected] CREATE TABLE users ( id INTEGER NOT NULL, username VARCHAR(255) NOT NULL, domain VARCHAR(255) NOT NULL, password TEXT, PRIMARY KEY(id) ); CREATE TABLE "keys" ( userid INTEGER, enabled INTEGER NOT NULL, scrypt_N NUMERIC NOT NULL, scrypt_r INTEGER NOT NULL, scrypt_p INTEGER NOT NULL, scrypt_keylen INTEGER NOT NULL, scrypt_salt TEXT NOT NULL, public_key TEXT NOT NULL, private_key TEXT NOT NULL, FOREIGN KEY(userid) REFERENCES users ( id ) )

Migration

The migration of unencrypted mailboxes has to be done by a separate tool and is not part of this project.

Project

Concept, design and realization by Posteo e.K.. The implementation was provided by simia.tech GbR. An security audit has been provided by Cure53.

scrambler-plugin's People

Watchers

James Cloos avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.