Application to automate mail-crypt plugin with user keys
Hi everyone,
I run a very small (about 10 users) mailserver setup with the mail-crypt plugin activated and wanted to transition from a global key setup to user keys. Since I couldn't find a satisfying solution to reencrypt mailboxes when users change their password I started writing a script that ended up being a small webservice giving users a simple selfservice portal to change their password.
I consider it pretty much done by now and it's public on github.
Maybe it's useful for somebody else. However its use case is very narrow since I initially wrote this just for myself. It does only support a Postgres user store for instance.
The main reason, however, for this post is me wondering if anybody would bother to give me some feedback. Especially for the following aspects:
I execute doveadm from within my application. The advantage is that I can keep the code very light (~650 lines of code) while at the same time don't have to care about the crypto stuff which I wouldn't dare trying anyways.
The disadvantage of this approach is that I had to write a doveadm wrapper that needs the setuid bit to execute doveadm mailbox commands.
I consider this a bit hacky but a better solution didn't come to my mind.
Another aspect is the password that is being used to encrypt the private key. When creating a new user in the database I generate a unique salt. This salt is prefixed to the user's clear text password and the resulting string is run trough the sha3-512 hash function. The output is the mail_crypt_private_password.
You find the project here: https://github.com/nonce9/pwch
Criticism is welcome.
Benedikt
I would not want to re-encrypt huge mail folders. There should be two passwords: one for the user login, that you can change often, and one for the encryption, that you can leave alone. This is how protonmail does it. -------- Original Message -------- On Aug 7, 2023, 21:34, Benedikt Zumtobel via dovecot wrote:
Hi everyone, I run a very small (about 10 users) mailserver setup with the mail-crypt plugin activated and wanted to transition from a global key setup to user keys. Since I couldn't find a satisfying solution to reencrypt mailboxes when users change their password I started writing a script that ended up being a small webservice giving users a simple selfservice portal to change their password. I consider it pretty much done by now and it's public on github. Maybe it's useful for somebody else. However its use case is very narrow since I initially wrote this just for myself. It does only support a Postgres user store for instance. The main reason, however, for this post is me wondering if anybody would bother to give me some feedback. Especially for the following aspects: I execute doveadm from within my application. The advantage is that I can keep the code very light (~650 lines of code) while at the same time don't have to care about the crypto stuff which I wouldn't dare trying anyways. The disadvantage of this approach is that I had to write a doveadm wrapper that needs the setuid bit to execute doveadm mailbox commands. I consider this a bit hacky but a better solution didn't come to my mind. Another aspect is the password that is being used to encrypt the private key. When creating a new user in the database I generate a unique salt. This salt is prefixed to the user's clear text password and the resulting string is run trough the sha3-512 hash function. The output is the mail_crypt_private_password. You find the project here: https://github.com/nonce9/pwch Criticism is welcome. Benedikt _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
I would not want to re-encrypt huge mail folders. There should be two passwords: one for the user login, that you can change often, and one for the encryption, that you can leave alone. This is how protonmail does it.
Now that you mention it I realize that my wording is actually pretty confusing. At password changes I run the doveadm mailbox cryptokey password command. According to the documentation that would just change the password to the private key while the key itself stays the same. As long as I don't get this wrong, I'm not re-encrypting mailboxes but the private keys used to encrypt them.
Rupert Gallagher wrote:
I would not want to re-encrypt huge mail folders. There should be two passwords: one for the user login, that you can change often, and one for the encryption, that you can leave alone. This is how protonmail does it.
I took the opportunity to check on the server if this is an issue and/or if I'm mistaken. My last post seems to be correct. I performed a password change with my application and can confirm that the public keys (user-key as well as folder-keys) stay the same. It is the private key's password protection only that changes. Thank you for pointing it out! I will clarify what's happening in the project readme and in code comments.
Another note on passwords. I do actually use two passwords. One for user login, the other one for protecting the encryption keys. The last one is being derived from the user login password, like explained in the original message. This is necessary because otherwise admins would have knowledge of the password.
participants (4)
-
Benedikt Zumtobel
-
Benedikt Zumtobel
-
benedikt@zumtobel.dev
-
Rupert Gallagher