3.0 PROJECT BREAKDOWN
The project can be divided into 2 parts. The first half deals with outgoing messages, and the second half will be on incoming messages. For outgoing messages, the software will encrypt the messages if the recipient is also a registered user. For incoming messages, if sender is a registered user the software will try to decrypt the message and check for authenticity. So far, only the first half have been attempted. Once that is accomplished the second half will not be too difficult as some of the modules will be similar.
3.1 Overview of project modules for outgoing messages
The diagram below illustrates how each outgoing message is to be dealt with:
The next diagram shows the interfacing required between Sendmail, LDAP and PGP. This part of the work have been divided into 3 separate modules and dealt with separately (Refer to Figure 7).
Figure 8: Interfacing for projectThe numbered arrows in the diagram represent the interfacing that needed to be done. The details are stated below:
(1) Sendmail looks up LDAP to check if user is registered.
LDAP software contains functions that can be made within the Sendmail code. Hence, a search of the LDAP directory is done for every recipient within Sendmail before the message is sent out.
This can be accomplished by modifying the function check_compat() in conf.c of Sendmail. This routine is to be supplied during installation and its purpose is to check if the sender and recipient are compatible. This routine is called once for every recipient, and it serves the purpose of this project. Berkeley Database was used with LDAP as recommended. Both software compiled with no error. Test scripts that came together with the LDAP package also ran successfully. Tested out LDAP myself, by following the quick start guide in OpenLDAP web site. Error seems to lie in the ldap_bind function call. Tried a few other instructions, but there always seem to be some kind of error. Suspect that LDAP is not aware of the location or the existence of the database, or something is wrong with the LDAP configuration file.(2) Sendmail calls my program if user is registered.
Mail message is stored in variable QueueDir in Sendmail before being sent out. This information is written to a temporary file together with the sender’s name (e->e_from.q_paddr) and recipient’s public key, which is to be retrieved from the LDAP directory. This temporary file is used as a method of passing arguments to my program.
My program is then executed by using a system call by calling the Java interpreter. It will return the encrypted message back to the queue and Sendmail will send it off as normal.
(3) My program encrypts message using PGP.
A footer is to be added to each message stating the sender’s name, recipient’s name and the sender’s signature. The signature is created using the message that was sent out and the sender’s private key. This is appended to the footer file.
This footer will then be encrypted with the software’s own private key which is common to all the software. This private key will be updated on a regular basis according to some common factor. This encrypted footer will then be attached to the end of each mail message. The message is then encrypted using the recipient’s public key.
The sequence of what the program does to each message is as follows:
1. Create signature using mail message and sender’s private key which is stored in it’s own server.
2. Create footer file. Write information that is to be displayed in each message in this file.
3. Append signature to footer file.
4. Encrypt footer file with software’s private key.
5. Append encrypted footer file to the end of mail message to be sent out.
6. Encrypt the mail message using recipient’s public key and return to the queue.
My program uses PGP on the commandline rather than using the PGP libraries. This is thought to be easier and safer as well. This is because properly tested available PGP libraries for developers are written in C, but my program is in Java, and I could not find any properly tested libraries of PGP in Java.
However, I am unable to execute PGP commands within my Java program. I am currently using the command Runtime.getRuntime().exec() to make a system call, but PGP is not creating the encrypting file. Refer to Appendix to what has been done.