/webclient

Official Angular cross-platform client for the CTemplar secure(End-to-end encrypted) email service.

Primary LanguageHTMLApache License 2.0Apache-2.0

CTemplar

Build Status

Official Angular cross-platform client for the CTemplar secure email service.

Prerequisites

This project was generated with Angular CLI version 1.7.3 and upgraded to 7.3.0.

  • Node (v10.0.0 or higher)
  • Angular CLI 
    npm install -g @angular/cli@7.3.0

Installation

npm install

Usage

Development server

Run ng serve for a dev server. Navigate to http://localhost:4200/. The app will automatically reload if you change any of the source files.

Build

Run ng build to build the project. The build artifacts will be stored in the dist/ directory. Use the -prod flag for a production build.

Running unit tests

Run ng test to execute the unit tests via Karma.

Running end-to-end tests

Run ng e2e to execute the end-to-end tests via Protractor.

Security

CTemplar uses bcrypt.js and OpenPGP.js for hashing and encryption.

Hash Password

CTemplar hashes every password before sending it to server for authentication or sign-up purposes. A unique salt is created from user's Username which is then used to hash the password using bcrypt.hashSync(password, salt) method.

Encryption

CTemplar encrypts and decrypts contents of every email using user's public/private key pair which is generated during sign up process.

  • Public/Private Key pair is generated by openpgp.generateKey method using user's plain password as passphrase. 
    const options = {
  userIds: [{ name: username, email: 'username@ctemplar.com' }],
  numBits: 4096,
  passphrase: password
};
openpgp.generateKey(options);
  • Mail contents are encrypted by openpgp.encrypt method using receiver's Public Key. 
    const options = {
    data: content,
    publicKeys: openpgp.key.readArmored(publicKey).keys
};
openpgp.encrypt(options);
  • Mail contents are decrypted by openpgp.decrypt method using user's Private Key. 
    let decryptedPrivateKey = openpgp.key.readArmored(privateKey).keys[0];
decryptedPrivateKey.decrypt(passphrase);

const options = {
    message: openpgp.message.readArmored(encryptedContent),
    privateKeys: [decryptedPrivateKey]
};
openpgp.decrypt(options);

Transparent build code

We host our build code publicly on github and we also provide the details on how to match checksum of code on github and the one we serve on our website. Find the details of build and how to calculate checksum here : https://github.com/CTemplar/webclient/tree/master/dist

Contribution

This project is still in early phase so bug reports via Issues and Pull Requests are welcome.

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI README.

License

Apache License 2.0