Skip to content

Feature: End to End Encrypted Message Handling for Ruqola#8

Open
edcedcedcedc wants to merge 70 commits intoRocketChat:gsoc2025from
edcedcedcedc:feature/phase2-init
Open

Feature: End to End Encrypted Message Handling for Ruqola#8
edcedcedcedc wants to merge 70 commits intoRocketChat:gsoc2025from
edcedcedcedc:feature/phase2-init

Conversation

@edcedcedcedc
Copy link

@edcedcedcedc edcedcedcedc commented Jul 17, 2025
edited
Loading

FINAL REPORT, GSOC 2025

Project

Phase 1:
Develop an encryption Test GUI within Ruqola client in ‘tests/encryptiontest’, to prototype and test the E2EE workflow.

TEST GUI within Ruqola

This includes:

  • - Master Key derivation using PBKDF2.
  • - RSA key pair generation for secure key exchange.
  • - Session key generation for symmetric encryption.
  • - Message encryption and decryption using AES.
  • - Encryption test GUI

Phase 2:
Key integration with Rocket.Chat server and cli sandbox testing environment with Ruqola.

This will include:

  • - RSA keypair upload download
    • - Cli entrypoint
      • - Login programmaticaly into Ruqola
  • - Local keystorage and management
  • - Session key management and distribution
  • - Message encryption and decryption via rocket chat server
  • - Basic UI within main Ruqola app.

Current state and progress of phase 2:

Key upload download:

  • - e2ekeytool, cli entrypoint link
  • - update CMakeLists link
  • - remove credentials from .txt, add them to .env and update the func, add some const qualifiers
  • - mv files from apps to tests
  • - implement upload download
  • - autotests

localkeystore and management:

  • - local key storage and management
  • - autotests
    • - create read update delete
  • - Load keys at startup and integrate with the client E2EE pipeline.

Session Key Management and Distribution:

  • - session key accept reject distribute
  • - autotests

Message Encryption and Decryption:

  • - message encryption decryption via rocket chat server
  • - autotests

Bugfixes:

  • - export rsa public key
  • - export rsa encrypted private key

Сhallenges and important things that I have learned during the project:
I learned how to manage stress, respect deadlines, and be reliable. I improved my technical communication, high-level planning, and system design skills, as well as my ability to collaborate effectively. I also developed a stronger security mindset, practiced testing and quality assurance, gained practical C++ experience, and became more confident with open-source workflows.

The main challenges included developing the CLI entry point to enable programmatic login, designing the overall system architecture while keeping the broader context in mind, and ensuring that I always understood the purpose of each step. Another significant challenge was working with C++ itself - a language as verbose as Java but often more cryptic, which required extra care and attention.

Notes:
This PR has been created as part of the Google Summer of Code in the "E2EE message handling for Ruqola" project.

edcedcedcedc added 30 commits May 27, 2025 12:56
@edcedcedcedc
Init commit,'generateRSAkey()' returns a 'keyPair' and log it to console
914195c
@edcedcedcedc
Add decode function for private key
3e67c5e
@edcedcedcedc
Copy 'generateRandomIV()' from a cherry-pick commit from 'init-test...'
6ba694d
@edcedcedcedc
'encodePrivateKey' implimentation without testing
81d0fcd
@edcedcedcedc
Add new UI buttons and rearrange them in 'test ui'
1d21d65
@edcedcedcedc
Display RSA pair within UI and update 'qdebug()'
7c38999
@edcedcedcedc
WIP segmentation error
38c8d6f
@edcedcedcedc
Fix segmentation error, dynamic memory allocation
9b0bff6
@edcedcedcedc
Add const qualifier
b43c189
@edcedcedcedc
Display encoded private key in the UI
8678eaf
@edcedcedcedc
WIP 'decodePrivateKey()' 'decryptAES_CBC()' and other changes
832a6e5
@edcedcedcedc
Fix resize for 'ciphertext' and 'plaintext'
4642f84
@edcedcedcedc
WIP show in debug log that init privat key matches decoded private key
5c9f925
@edcedcedcedc
Fix memory leaks, update UI messages
0193ca4
@edcedcedcedc
Init autotests and brief for rsa pair
61e6df2
@edcedcedcedc
Merge branch 'gsoc2025' into feature-rsa-keypair-generation
c8d6de7
@edcedcedcedc
Fix merge bugs and rename the parameter for 'decodeMasterKey()'
990b7a1
@edcedcedcedc
Fix another merge bugs, add masterKey to param of encode and decode p…
42c83ee 
…rivate key function
@edcedcedcedc
Remove '= nullptr' from QByteArray variables
fbb7c0a
@edcedcedcedc
Implement autotest functions
4946ef0
@edcedcedcedc
Remove 'qDebug()' and comments
053533f
@edcedcedcedc
cherry-pick Init commit,'generateRSAkey()' returns a 'keyPair' and lo…
056cfaa 
…g it to console

914195c
@edcedcedcedc
Generate session key, encrypt and decrypt it
8521574
@edcedcedcedc
Switch '//test' to '//TODO'
2a2fcbc
@edcedcedcedc
Rename Encode/Decode to Encrypt/Decrypt add if stataments to the UI
18145c4
@edcedcedcedc
Show encryption and decryption of the session key in the UI
e481e29
@edcedcedcedc
Some if statements to avoid minor errors in the UI
bab2953
@edcedcedcedc
Add autotests for session key encryption decryption and generation
b4e139c
@edcedcedcedc
Redundancy cleanup in encryp decrypt test for rsa key pair
9030fae
@edcedcedcedc
Add AES_CBC_128 for encryption and decryptions switch previous AES_CB…
ca2e2a4 
…C to AES_CBC_256
@edcedcedcedc edcedcedcedc requested a review from Montel August 14, 2025 11:31
@edcedcedcedc edcedcedcedc changed the title Feature: Phase 2 upload and download key/localkeystore and management Feature: Phase 2, all objectives Aug 14, 2025
Montel
Montel reviewed Aug 14, 2025
View reviewed changes
@edcedcedcedc edcedcedcedc requested a review from Montel August 15, 2025 11:03
@edcedcedcedc edcedcedcedc changed the title Feature: Phase 2, all objectives End to End Encrypted Message Handling for Ruqola Aug 16, 2025
Montel
Montel requested changes Aug 18, 2025
View reviewed changes
Montel
Montel requested changes Aug 19, 2025
View reviewed changes
@edcedcedcedc edcedcedcedc changed the title End to End Encrypted Message Handling for Ruqola feature: End to End Encrypted Message Handling for Ruqola Aug 22, 2025
@edcedcedcedc edcedcedcedc changed the title feature: End to End Encrypted Message Handling for Ruqola Feature: End to End Encrypted Message Handling for Ruqola Aug 22, 2025
@edcedcedcedc edcedcedcedc requested a review from Montel September 29, 2025 18:28
Montel
Montel reviewed Oct 6, 2025
View reviewed changes
src/core/encryption/encryptionutils.cpp
const QString ePrivKeyBase64Url = QString::fromLatin1(encryptedPrivateKey.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals));
jwkObj[QStringLiteral("RSA-EPrivKey")] = ePrivKeyBase64Url;

QJsonDocument doc(jwkObj);
Copy link
Collaborator

@Montel Montel Oct 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

const variable

Montel
Montel requested changes Oct 6, 2025
View reviewed changes
tests/encryptiontest/PLEASEREADME.md

- [Overview](#overview)
- [Features](#features)
- [Installation](#installation)
Copy link
Collaborator

@Montel Montel Oct 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not defined

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Montel Montel Montel requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@edcedcedcedc @Montel