Pass phrase in memory. Creat an encrypted message

[DenBond7]

as a part of #372

[DenBond7]

We have to discuss the current issue. The best place to ask a user the missing passphrase is a screen where we create a message. I see the following logic:

1. Create an encrypted message
2. Select recipients
3. Click on the "Send" button
4. Check if the primary key(will be discussed later) has a passphrase.
5. If 4. == yes - use the same logic as we use for the FIX button(the message details screen). We can ask for the missed passphrases of the right keys. When a user will provide at least one missed passphrase -> Send the message.
6. if 4. == no - Send the message. All as before.

@tomholub Please let me ask you a few questions

1. If a user has a single key - there are no cases. Just check the single passphrase.

2. What about a case when we have 2+ private keys? For now, we have a logic where we choose the first founded key and use it for encryption(and signing). I see the following ways:

   • We can select the first founded key that has a provided passphrase. (simpler, don't need to do additional changes in the code)
   • We should have a thing like "primary(active, main) key". A user should mark some key as a primary that will be used for encryption(and signing). In that case, before sending a message we can check if the primary key has a provided passphrase.

[tomholub]

we should continue to use the same logic as before due choosing our own keys for signing (or encryption for outgoing messages). if there is more than one that matches the situation after we already applied this logic. i would then simply continue using the first key available that matches the criteria, as before. if it has pass phrase, then use without asking. if it doesnt, then ask pass phrase for that one key. when sending, i would not use availability of pass phrase as a criteria when choosing key used for signing. similarly we dont use pass phrase as a criteria for choosing our own public key when sending messages. ideally our own public key and private key used when sending messages shoud be the same key pair.

…

On Friday, June 11, 2021, Den ***@***.***> wrote: We have to discuss the current issue. The best place to ask a user the missing passphrase is a screen where we create a message. I see the following logic: 1. Create an encrypted message 2. Select recipients 3. Click on the "Send" button 4. Check if the primary key(will be discussed later) has a passphrase. 5. If 4. == yes - use the same logic as we use for the FIX button(the message details screen). We can ask for the missed passphrases of the right keys. When a user will provide at least one missed passphrase -> Send the message. 6. if 4. == no - Send the message. All as before. @tomholub <https://github.com/tomholub> Please let me ask you a few questions 1. If a user has a single key - there are no cases. Just check the single passphrase. 2. What about a case when we have 2+ private keys? For now, we have a logic where we choose the first founded key and use it for encryption(and signing). I see the following ways: - We can select the first founded key that has a provided passphrase. (simpler, don't need to do additional changes in the code) - We should have a thing like "primary(active, main) key". A user should mark some key as a primary that will be used for encryption(and signing). In that case, before sending a message we can check if the primary key has a provided passphrase. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#1252 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABQDZENLDOL2MV4JGIQEPB3TSGVCXANCNFSM45RQMKRA> .

-- -- Tom James Holub <http://holub.me/>