Decryption method for Maildir messages stored by mail_crypt plugin

[Ben Harrison]

I've successfully implemented the mail_crypt plugin on v2.2.27 and it's
working like a champ, but some of our administrative operations require
access to Maildir messages in plaintext.

I've found numerous threads detailing help with mail_crypt setup, but none
of my research has yielded a method of decrypting the stored messages.

Relevant plugin config:

  mail_crypt_curve = prime256v1
  mail_crypt_global_private_key = <pirvkey>
  mail_crypt_global_public_key = <pubkey>
  mail_crypt_save_version = 2

Method I attempted for manual decryption is listed below:

openssl pkeyutl -derive -inkey mailcrypt.key -peerkey mailcrypt.pub -out
shared_secret.bin
openssl enc -aes256 -base64 -k $(base64 shared_secret.bin) -d -in test.enc
-out test.txt

Openssl reports an error reading the input file, but it isn't permissions
related.

I started looking for the encryption/decryption method in the source but
figure it's worth seeing if there's some existing methodology I can employ
here.

Appreciate any feedback. Thanks,

-- 
-- 
--

*Ben Harrison*

*BHarrison.IT*843.492.4870
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180517/4c0107dd/attachment.html>