Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#5667 Decrypt messages in Thunderbird #5824

Merged
merged 51 commits into from
Sep 11, 2024
Merged

#5667 Decrypt messages in Thunderbird #5824

merged 51 commits into from
Sep 11, 2024

Conversation

sosnovsky
Copy link
Collaborator

This PR added message decryption and its necessary UI improvements on Thunderbird email client.

close #5667

Tests (delete all except exactly one):

  • Difficult to test (cannot find a reliable way to perform tests in a Thunderbird mail environment)

To be filled by reviewers

I have reviewed that this PR... (tick whichever items you personally focused on during this review):

  • addresses the issue it closes (if any)
  • code is readable and understandable
  • is accompanied with tests, or tests are not needed
  • is free of vulnerabilities
  • is documented clearly and usefully, or doesn't need documentation

martgil and others added 30 commits July 24, 2024 16:57
@martgil
wip: refactor
08cc689
@martgil
wip: Register content script for Thunderbird
dd6b230
@martgil
refactor: move Thunderbird event handler and content script registrat…
87dea43 
…ion to an appropriate Class
@martgil
wip: update manifest.json
951f944
@martgil
wip
24e73d0
@martgil
wip
eb5a1b0
@martgil
wip
cd8dbb9
@martgil
wip
c4467b6
@martgil
wip
79c33b7
@martgil
Merge remote-tracking branch 'origin/master' into issue-5667-added-me…
8ad4a5e 
…ssage-decryption-on-thunderbird
@martgil
wip
183dfed
@martgil
added functionality to obtain pgp message from a background script
9e061d4
@martgil
fix openpgp undefined in content-script
8cbe0ea
@martgil
wip
e015143
@martgil
Merge remote-tracking branch 'origin/master' into issue-5667-added-me…
3462ce6 
…ssage-decryption-on-thunderbird
@martgil
Merge branch 'master' into issue-5667-added-message-decryption-on-thu…
8b44889 
…nderbird
@martgil
Add "thunderbird_get_current_user" to BrowserMsg
518d38b
@martgil
Add "thunderbird_msg_decrypt" to BrowserMsg
f3f99ab
@martgil
fix BrowserMsg listener names
1472fd5
@martgil
Merge remote-tracking branch 'origin/master' into issue-5667-added-me…
92b3263 
…ssage-decryption-on-thunderbird
@martgil
wip
9afaf6e
@martgil
wip
abf898b
@martgil
fix missing opgp reference in Thunderbird port
f901bc5
@martgil
Merge branch 'master' into issue-5667-added-message-decryption-on-thu…
ab34c37 
…nderbird
@martgil
Added pgp message decryption
b719396
@martgil
fix failing test
fd54d62
@martgil
run element replacer in heartbeat (runIntervalFunctionsPeriodically)
c19f7f4
@martgil
Improved decrypted message rendering in Thunderbird
8cf725f
@martgil
Add cleartext signed message detection
25df0e6
@martgil
wip
20a8b03
@gitguardian GitGuardian
Copy link

gitguardian bot commented Sep 6, 2024
edited
Loading

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
2422507 Triggered Generic Password f901bc5 extension/chrome/elements/compose.ts View secret
2422507 Triggered Generic Password 1f56012 extension/chrome/elements/compose.ts View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@sosnovsky
Copy link
Collaborator Author

Hi @martgil, I created updated PR with scripts injection based on your initial #5796, seems to work well. Can you please check it too, thanks!

martgil
martgil previously approved these changes Sep 11, 2024
View reviewed changes
Copy link
Collaborator

@martgil martgil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works well. Thanks for your help @sosnovsky for finalizing this PR reaching its completion.

extension/js/service_worker/bg-handlers.ts Outdated
@@ -149,8 +149,10 @@ export class BgHandlers {
};

public static thunderbirdContentScriptRegistration = async () => {
const contentScriptGroups = chrome.runtime.getManifest().content_scripts ?? []; // we know it's in the manifest
const files = contentScriptGroups[0].js?.map(url => url.replace(/moz-extension:\/\/[^/]+\//, './')) ?? [];
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This where dynamic content script injection comes in place. It's actually the best solution that I can't implement - its a great inclusion where we don't actually need to bundle the entire js libs and dependencies.

@martgil martgil marked this pull request as ready for review September 11, 2024 03:58
@martgil
Copy link
Collaborator

martgil commented Sep 11, 2024

Hi @sosnovsky - I think we can merge this one now. thank you!

@sosnovsky
Copy link
Collaborator Author

Hello @martgil, I've added some code simplifications, can you please re-check, thanks!

@sosnovsky sosnovsky enabled auto-merge (squash) September 11, 2024 07:24
martgil
martgil approved these changes Sep 11, 2024
View reviewed changes
Copy link
Collaborator

@martgil martgil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still works well after the code refactor. Thank you!

@sosnovsky sosnovsky merged commit ac59d1f into master Sep 11, 2024
13 checks passed
@sosnovsky sosnovsky deleted the 5667-thunderbird-fix branch September 11, 2024 08:01
@sosnovsky sosnovsky mentioned this pull request Sep 11, 2024
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martgil martgil martgil approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[thunderbird] Recognize encrypted emails and decrypt them
2 participants
@sosnovsky @martgil