Security Labels Technical Documentation : Différence entre versions
(Page créée avec « > Documentation > Trustedbird > Security Labels > Technical Documentation This feature is used to add security infor… ») |
|||
Ligne 1 : | Ligne 1 : | ||
+ | {{lang|Security Labels Technical Documentation|Security Labels Technical Documentation/fr}} |
||
> [[Documentation]] > [[Trustedbird]] > [[Security Labels]] > [[Security Labels Technical Documentation|Technical Documentation]] |
> [[Documentation]] > [[Trustedbird]] > [[Security Labels]] > [[Security Labels Technical Documentation|Technical Documentation]] |
||
Version actuelle en date du 2 septembre 2010 à 16:58
> Documentation > Trustedbird > Security Labels > Technical Documentation
This feature is used to add security informations in a message which will be used to handle authorizations and access rights.
Sommaire
Implementation
Specifications
The reference for the implementation of this functionality is the RFC 2634
Architecture
Synthetic presentation of the architecture of the extension
This functionality is in the list of features to be implemented by the Mozilla foundation: http://www.mozilla.org/projects/security/pki/nss/smime/. So, it is integrated to the source code of Thunderbird, without relaying on an extension. Furthermore, this make more simple the addition of this functionality, because we need to update the heart of the product.
The heart of this implementation is to add attributes to the signature of a message. A message with a Security label must be signed. When receiving such a message, theses attributes are decoded in order to handle authorizations and access rights.
GUI files
To send a message with Security label, it is mandatory to sign the message. So, the Security Label is bound to the security layer.
At the GUI level, signing is implemented by a flag signMessage, encapsulated in a nsIMsgSMIMECompFields object. The whole code handling this flag is contained in the JS built-in library msgCompSMIMEOverlay.js.
Then, the object nsIMsgSMIMECompFields is forwarded to the XPCOM layer, that handles the signing. So, this class has been updated to add a flag for the Security label. Furthermore, the GUI has been updated so that the user can choose this Security label.
XPCOM files
Message sending
The implementation is mainly located in the file nsMsgComposeSecure.cpp in the nsMsgComposeSecure class.
This implementation mainly consists in adding attributes in the signature of a message. When sending a message, the built-in Thunderbird API build the following data structure :
The attributes to add are located in the structure NSSCMSSignerInfo and are of type NSSCMSAttribute.
A NSSCMSAttribute structure is defined as:
The attribute to add is a securityLabel, which structure is defined by the RFC 2634.
Message receiving
When receiving a message with a Security label, this structure is decoded.