action_mailer_x509 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +15 -0
- data/.travis.yml +7 -0
- data/BSD-LICENSE +24 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +72 -0
- data/README.rdoc +233 -0
- data/Rakefile +7 -0
- data/actionmailer_x509.gemspec +19 -0
- data/certs/ca.crt +35 -0
- data/certs/ca.key +54 -0
- data/certs/cert-name.p12 +0 -0
- data/certs/cert.crt +31 -0
- data/certs/cert.key +54 -0
- data/init.rb +3 -0
- data/lib/action_mailer_x509.rb +36 -0
- data/lib/action_mailer_x509/configuration.rb +170 -0
- data/lib/action_mailer_x509/railtie.rb +9 -0
- data/lib/action_mailer_x509/x509.rb +81 -0
- data/lib/generators/action_mailer_x509/install_generator.rb +12 -0
- data/lib/generators/action_mailer_x509/templates/x509_settings.rb +47 -0
- data/lib/models/notifier.rb +12 -0
- data/lib/overrides/action_mailer/base.rb +46 -0
- data/lib/overrides/mail/message.rb +110 -0
- data/lib/tasks/action_mailer_x509.rake +184 -0
- data/lib/views/notifier/fufu.erb +3 -0
- data/spec/ops_spec.rb +129 -0
- data/spec/spec_helper.rb +55 -0
- metadata +120 -0
data/certs/cert-name.p12
ADDED
Binary file
|
data/certs/cert.crt
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFRjCCAy4CCQCRPEJyfcZw0TANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJV
|
3
|
+
QTETMBEGA1UECAwKU29tZS1TdGF0ZTEPMA0GA1UECgwGRmFjZUlUMQswCQYDVQQD
|
4
|
+
DAJKQjEjMCEGCSqGSIb3DQEJARYUamV5Ym95MTk4NUBnbWFpbC5jb20wHhcNMTMw
|
5
|
+
ODAxMDcwMzI2WhcNMTQwODAxMDcwMzI2WjBlMQswCQYDVQQGEwJVQTETMBEGA1UE
|
6
|
+
CAwKU29tZS1TdGF0ZTEPMA0GA1UECgwGRmFjZUlUMQswCQYDVQQDDAJKQjEjMCEG
|
7
|
+
CSqGSIb3DQEJARYUamV5Ym95MTk4NUBnbWFpbC5jb20wggIiMA0GCSqGSIb3DQEB
|
8
|
+
AQUAA4ICDwAwggIKAoICAQDPahdhMu4dNmuLs7od7Uoheqsb9mftZmyY8mgQyVjs
|
9
|
+
qCVTfIP4+s1YypDdJDMHvS3EhF7LRNYmngI4o/ZEkc5R+mMjGM6OteBg8q2Oko77
|
10
|
+
V+zQGo2mn+AcBEkqyQC81YBEy4RxC4J3gnbUCYLlzj/A6U7bNiINebq//Fx3/HrC
|
11
|
+
JeI6VoYpUUm9a9u7LFNs3Pjk+sledTSGiTmxt9sIyrOixaVqnlx2KIKctMKLUkKd
|
12
|
+
2gyvVMYsmQZ6iumnklhh3/u7KQZKKYxGXzvniGVXPk8GGVBtKrUK1rGiLTsrX20J
|
13
|
+
mJYts2HH9MU7NrNLGqyrRNPjGI4r60BSeV/DGyK+Aoks1pYSpYOn4PAxuOuVGmla
|
14
|
+
quFIErKyW78yrPARM9uTpaJfDu9Pmg8wrwXm1O5V8QOCdgi0371PM4N3ko4Mlydz
|
15
|
+
zrWkSAf+xa0MHGT3BjXPXfTWqnfuWXAYiZM/dqlOoY8X6DWFkbjiG8v+Ujp7o9PA
|
16
|
+
xGHhIM/PiZdGAlEhSaalCG2MdOal3krWby56SXOmL4mNLlgVNOLBzb3ZD6foLGTq
|
17
|
+
OuxVLAabV3jSAozooJnhBSGibTerT+Pfrg6JDH5S5y3R7SaQrI/bjyrymankgBTr
|
18
|
+
1VpzicPE3fp+r2m56iuAsXV74TJjtG8JB+IEFnqQsSCd0zSRPnhq4aKluijlcOEY
|
19
|
+
PwIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQBUSVKFw/alKkSesrupcCTvG37oi4Mj
|
20
|
+
+pz0mUrc/zQZk/lFA2sXygTE0z5/qXgFvTmM18h9s80JovsaHxN3Zf+8WZ0TlQSu
|
21
|
+
IXNwsl3/HryrIdB6oRK61agK8ysrSVBOOKPZS5/GnPNE3YILAiRSkWpVtsXnwOWu
|
22
|
+
30ykO9l2dvK/tAcNBQWvhRbhRNXavjPsi/DSNa5WaVuijAaixv3LaqhWCmA5v2Ty
|
23
|
+
FUsTdU63Zd3G4sTaRCQphpODlYvTqPlLKmsT9LOsgCEECxKlOPsjOP+SmBMy2tal
|
24
|
+
4zrelvMnNdDS2dbGb7mIvFkMzgo7CoOzv4y3ug1wKby6CinHgGXwbV85NJ9/vf7q
|
25
|
+
uPLKL0LAIy0KRwbE0Hz9bMov4GOd9w8woWEElbbG6j5PlTg+qeOV/drQO4N3O03F
|
26
|
+
A//z9iDKO7V0dDQLqffqkU3yRCCkimCRQbphAVa0OfAtjQJesQUMR0HO6b5Of8W5
|
27
|
+
5QxEcFVfuKtsvRfO4/McetoK55ipnOFXRf77yfx4g9+ynVFkmHJNscL0/uNi0UR9
|
28
|
+
mUye2Eb+y+iPlHhWqkxTZZYQ1cCodo0BHyBJndYLdVVcpnwtXqlo5qksDSQmPOsV
|
29
|
+
vvF/nioEhy08/a0zO9qtTQGX42UpkNANSrKnonWnnWLn7mDCw2SP9Sll3tYB2KqN
|
30
|
+
JhyB/sSC3iIDgQ==
|
31
|
+
-----END CERTIFICATE-----
|
data/certs/cert.key
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: DES-EDE3-CBC,6FD7F1FD57E45D6F
|
4
|
+
|
5
|
+
2thmp9dtxSyi7Iu/dk0khMk53Ktmt4DKwmf57FeLNfG/Tp6poYM6k9rY9IDvU8Z2
|
6
|
+
7tFdKjgMPu4bKlfcO/ouC6oBIuV6iGmf6rl4mK4WGPFQeicr58HFcmAhGFDK0Pwd
|
7
|
+
N1UiecgKw0AzZDQa/a1E0YOik3s673XNvJSyQozRU1yFXPoz3SfDoAPeyk1CqF3F
|
8
|
+
mfIVwD5hTfH+qZfPcF+aM0AfX1pb6NPdjoWbagpya/qNl1MbfW6pQSkJ3eWifnbJ
|
9
|
+
K4WmRE1+2eU6B/u80qQ9mVd4IDrLw0PkxKgqXVITRk+DweQWB7MWRLDG44so5vQ8
|
10
|
+
GLvzoH0UR6K1qhKWQVtVBzrIWnnWNRl04CveuRWXlgfybfbcKhWqzTejbYAnL2Sv
|
11
|
+
w5bnGUTDE4ZC9FMGV0/75eNg0O+uSYzBQDTbeQKFXqa4J9POLiDksZU6Q6cHgrAC
|
12
|
+
pPG1iYivnq7kDLVy7tVVrxND0dwJtS9sIJlFwL2JA1S0/kshgT5oIKsQ1pmC+i3+
|
13
|
+
HG91id42te91RijucuEURy75Y4OZlNlYBtB3Iui94Sw/OdfI00bu27dQcv2IpqbB
|
14
|
+
eMOWPbQ1vFw6jglpn7y9mlT3jU+Jw86tO9/YJuRMB0/sZ7ANtCaXmuMbqviBYE+o
|
15
|
+
G1+w1FVngHa0sC7jXwYWNHQrF2I481lq4s6PE02idvwtcpuqY1bf+m+LLqQyp/Wr
|
16
|
+
xVTIlA9fSItCXZjt0mnJmzYjDQLBkdfVNxpaWVoFBLAXD84yaD9q0gucAXQxpf7z
|
17
|
+
Fq6MGxb80SOvW5P+E6LIoKalb6rAihNxhWlwrva3z2KpXmbMPMG7yq6SRH2ejpmb
|
18
|
+
swms961RKqKeebfJFaPxrubxQYTbKjsLx8PAdRrXTxCRdDmJ6WKfe0ZdnClefAvO
|
19
|
+
7j8SBr6jrYHD48Aa/Zefdwnn5Sz4/MlK2los8k3gQti3azx0wLFVCGOJ8Q6I4bvf
|
20
|
+
qPmAreqXFtOIsax9QancdQPo12hInznJEcmm2JmGIkHmR/FOet5YF/u1lCXwgzKx
|
21
|
+
ATP/V3bgQZSnIJ29biJvJmyNVUYpOOR5BvgNYQN/2Pwgme3waCuMDu9TJboqzamb
|
22
|
+
qItd5bCOWmly5sSLnCAtDTR5ra/ENBmxGoUKOcPNY0CMDAN7DsBbN4M07ytVBQH6
|
23
|
+
T5vq87flnWsOqqYICNS8v6JHVVY13Zwk9ZEq/UugjXHzrroPFwupKQTZA1US6zFF
|
24
|
+
frCDZqFcsuZIVazsQ0stQQXL5svf5uo5mKEvIIStGgNK0w1qgw0af4gs6bzJW88j
|
25
|
+
gjMBdeBE/Bo2xiX4cb8RJqu0DkTyyqdUHYkxcP1RQPRhQJP8JhY0eVK7Mx5evcod
|
26
|
+
7KcApLCnVHEjmx3u9wc2mazsmJv/HlSJ9pzx24JMKjnRJRmZoFEieNdGiBiQGWr+
|
27
|
+
SaHx+9M664c4ilaxToixsGLjWBXIBDQFJ2FOcKZNWta1d0+M1NFLRUtQK+5o5uM5
|
28
|
+
2IfetA5zPnrsZpXmyrVSLRJNn3MmnH3/qBHjOYeA2OsdbxDOrbHsKf+2W4OhFTm4
|
29
|
+
UuiyHo1vhccvp+5+bu0IEt7KZ/pf1CCoO7i8/uhvkDNAwP98jffay9Thyfh+fzqL
|
30
|
+
3NqfiT/i4INTMqSE/0EQnJ4C6yIux4lh9N6di9Lafdbpvgx5kWtXQtIUebQt9n9Z
|
31
|
+
iiXl1P9TDnGmkjUiGxkPlgFxdguzxylqsgtKsVALoPtcoviF9XqatKzZjQLxJ4xN
|
32
|
+
4/iXlLywYfU/2NtdlInnFh/pN6J09m/r+8oJasbp7hwcoDAM0uK+ktkpk0DP7/r6
|
33
|
+
z6i9de4qhfLO8kVtCzkfEhxR/aVkc4o1hfNYkodbZeTNGMmvjQeO/8RGg1cha2ds
|
34
|
+
lxLbUXCCwAH4gEoa3vI3chk8DDvVlKsiVnqn9k3mLXW9VjWwdx0y1NJTJmnpXGFf
|
35
|
+
4PKCPfbBeDBqGsxVhEtGCZXVTAG161FT76zo6nVhe+WiSXeW2yzER/PFoNDOPiww
|
36
|
+
wMcO/Cj5qq/R3/OXJPtHfJPIbBkfp1ZiWHV8yISjg87tp9mlT4FHm0cxecJ/EKqA
|
37
|
+
t3SIzmnkdTRazfXKX8+xlHekatAL0bgkgVOQnL9J+DwRBiW4HF4tZakgPAeumFqw
|
38
|
+
6PIMBNVCMcmJKvhQoB6exCZaNQVSKwbPqgSa9Jh+qZg8dgOM/uc1yscElaxGhngB
|
39
|
+
HC4HpVUzVhiiGtY2eEBTreDW+1jsWbcjiNDKnVol5apY7BaWyRUDr4w5nQOPJOid
|
40
|
+
tYlHev5QD1y6Z4QTvYm+iLdc7g8Dv9IWnXSWY3pKPr4sXYGV3GkbRGiMN+plzZS3
|
41
|
+
CXUqW7TVXm1vmkWTplO22PgRFFDBwIuIsCYhLrAjV8f5ofD24QEeQyMRU0jmromA
|
42
|
+
QtK953j7cyzekCfoRPnghvBT8f0Zia2S3JciAN/aey/Hvqtr6imWUFuk1eibjwIk
|
43
|
+
xGtQrqmOJEfxAxvRvVl2D7ettcaqsnpbITb5Ix7LAE2KnvAETCnxGyhmCCJgyhX7
|
44
|
+
fK72NV1SsMaG/hRec5yk8ueO3ayTahTPYWiq1VLA8ImA1ue8vkcpqYHXxxMfmWbH
|
45
|
+
SSwG5UBYc9xSGJPyUqJSu2cVeyKhAugH0Id9Bs2CAvt/WHwH7GQ0nzNi+ArBCbFc
|
46
|
+
22nUTA7aSELuZtRHGpn6JrGP8XtRgqbNktpK+GJj7V/H9rEaXvXXtdLm8Mbm44k2
|
47
|
+
zLLNNT3XGFYEa5wwIyv1lRuVXZsgmKSv3tYD/aeaCx+KjinQi56vPho0tgoXAiCU
|
48
|
+
/jdU+/RkY1BSRH6Z0qUd7Z/BYFCwIaEyOKAECisVpahadP+QVIQF0dzzvbhu1qU1
|
49
|
+
Ra/gsUyYdsgce7TK5EWYsEpeJXCUH3KRCJE2CLzOo+mcXlmRNo61EFC0+frgNzSf
|
50
|
+
qOKEvf5ToI2JY9wDJ7j14lpGWt8CLZe3UGgWrWtBWB354MHF19/4iLQUfy6RBw6T
|
51
|
+
EVw6vnyD+PjH9TB++DTiY5RktEyt4a8qmBHUD01+JtWi3VtKzIK3aQ2gYMkUfltm
|
52
|
+
QgPq9yHwHcAc5fs3gg13IJHy+gG+W8AsysvAWKTmOCfA5lZyiLsqa+1Ub5s4TsDF
|
53
|
+
ucA0/fPszsVV/PnJO4k/tBBfWP9ow39gbenuoddpZWjQyXAdpZa6C7QMfQugH/bR
|
54
|
+
-----END RSA PRIVATE KEY-----
|
data/init.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'action_mailer_x509/railtie' if defined?(Rails)
|
2
|
+
require 'action_mailer_x509/x509'
|
3
|
+
require 'action_mailer_x509/configuration'
|
4
|
+
require 'openssl'
|
5
|
+
require 'overrides/action_mailer/base'
|
6
|
+
require 'overrides/mail/message'
|
7
|
+
|
8
|
+
module ActionMailerX509
|
9
|
+
mattr_reader :configurations
|
10
|
+
|
11
|
+
mattr_accessor :default_configuration
|
12
|
+
|
13
|
+
mattr_accessor :default_certs_path
|
14
|
+
|
15
|
+
class << self
|
16
|
+
def settings
|
17
|
+
yield self
|
18
|
+
end
|
19
|
+
|
20
|
+
def configurations
|
21
|
+
@configurations ||= {}
|
22
|
+
end
|
23
|
+
|
24
|
+
def add_configuration(name, params = {})
|
25
|
+
configurations[name.to_sym] = Configuration.new(params)
|
26
|
+
end
|
27
|
+
|
28
|
+
def get_configuration(name)
|
29
|
+
configurations[(name || ActionMailerX509.default_configuration).to_sym]
|
30
|
+
end
|
31
|
+
|
32
|
+
def default_certs_path=(path)
|
33
|
+
@@default_certs_path = Pathname.new(path)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,170 @@
|
|
1
|
+
class Configuration
|
2
|
+
ATTRS = { 'C' => :country,
|
3
|
+
'ST' => :state,
|
4
|
+
'L' => :location,
|
5
|
+
'O' => :organization,
|
6
|
+
'OU' => :organizational_unit,
|
7
|
+
'CN' => :common_name,
|
8
|
+
'emailAddress' => :email}
|
9
|
+
|
10
|
+
def initialize(params = {})
|
11
|
+
params.symbolize_keys!
|
12
|
+
params.each_pair { |k, v| self.send("#{k}=".to_sym, v) }
|
13
|
+
end
|
14
|
+
|
15
|
+
class_attribute :sign_enable
|
16
|
+
self.sign_enable = false
|
17
|
+
|
18
|
+
class_attribute :crypt_enable
|
19
|
+
self.crypt_enable = false
|
20
|
+
|
21
|
+
class_attribute :crypt_cipher
|
22
|
+
self.crypt_cipher = 'des'
|
23
|
+
|
24
|
+
class_attribute :certs_path
|
25
|
+
|
26
|
+
class_attribute :sign_cert
|
27
|
+
class_attribute :sign_key
|
28
|
+
class_attribute :sign_passphrase
|
29
|
+
class_attribute :crypt_cert
|
30
|
+
class_attribute :crypt_key
|
31
|
+
class_attribute :crypt_passphrase
|
32
|
+
|
33
|
+
class_attribute :sign_cert_p12
|
34
|
+
class_attribute :crypt_cert_p12
|
35
|
+
|
36
|
+
def sign_require?
|
37
|
+
sign_enable == true
|
38
|
+
end
|
39
|
+
|
40
|
+
def crypt_require?
|
41
|
+
crypt_enable == true
|
42
|
+
end
|
43
|
+
|
44
|
+
def certs_path
|
45
|
+
@certs_path || ActionMailerX509.default_certs_path
|
46
|
+
end
|
47
|
+
|
48
|
+
def certs_path=(path)
|
49
|
+
@certs_path = Pathname.new(path)
|
50
|
+
end
|
51
|
+
|
52
|
+
def sign_cert
|
53
|
+
certs_path.join(@sign_cert)
|
54
|
+
end
|
55
|
+
|
56
|
+
def sign_cert_p12
|
57
|
+
certs_path.join(@sign_cert_p12)
|
58
|
+
end
|
59
|
+
|
60
|
+
def sign_key
|
61
|
+
certs_path.join(@sign_key)
|
62
|
+
end
|
63
|
+
|
64
|
+
def crypt_cert
|
65
|
+
certs_path.join(@crypt_cert)
|
66
|
+
end
|
67
|
+
|
68
|
+
def crypt_cert_p12
|
69
|
+
certs_path.join(@crypt_cert_p12)
|
70
|
+
end
|
71
|
+
|
72
|
+
def crypt_key
|
73
|
+
certs_path.join(@crypt_key)
|
74
|
+
end
|
75
|
+
|
76
|
+
def get_crypter
|
77
|
+
ActionMailerX509::X509.new(crypt_configuration)
|
78
|
+
end
|
79
|
+
|
80
|
+
def get_signer
|
81
|
+
ActionMailerX509::X509.new(sign_configuration)
|
82
|
+
end
|
83
|
+
|
84
|
+
def get_certificate_info
|
85
|
+
if valid?
|
86
|
+
if sign_require? || crypt_require?
|
87
|
+
worker = sign_require? ? get_signer : get_crypter
|
88
|
+
|
89
|
+
subject_attrs = worker.certificate.subject.to_a
|
90
|
+
subject_attrs = subject_attrs.each_with_object({}) do |attr, obj|
|
91
|
+
obj.update(ATTRS[attr.first] => attr[1])
|
92
|
+
end
|
93
|
+
|
94
|
+
{
|
95
|
+
from: worker.certificate.not_before,
|
96
|
+
to: worker.certificate.not_after,
|
97
|
+
}.reverse_merge!(subject_attrs)
|
98
|
+
end || {}
|
99
|
+
end || {}
|
100
|
+
end
|
101
|
+
|
102
|
+
def valid?
|
103
|
+
validate_sign && validate_crypt
|
104
|
+
end
|
105
|
+
|
106
|
+
protected
|
107
|
+
def validate_sign
|
108
|
+
if sign_require?
|
109
|
+
begin
|
110
|
+
get_signer.sign('test')
|
111
|
+
rescue
|
112
|
+
return false
|
113
|
+
end
|
114
|
+
end
|
115
|
+
true
|
116
|
+
end
|
117
|
+
|
118
|
+
def validate_crypt
|
119
|
+
if crypt_require?
|
120
|
+
begin
|
121
|
+
get_crypter.encode('test')
|
122
|
+
rescue
|
123
|
+
return false
|
124
|
+
end
|
125
|
+
end
|
126
|
+
true
|
127
|
+
end
|
128
|
+
|
129
|
+
def key=(key)
|
130
|
+
self.crypt_key = key
|
131
|
+
self.sign_key = key
|
132
|
+
end
|
133
|
+
|
134
|
+
def cert=(cert)
|
135
|
+
self.crypt_cert = cert
|
136
|
+
self.sign_cert = cert
|
137
|
+
end
|
138
|
+
|
139
|
+
def cert_p12=(cert)
|
140
|
+
self.crypt_cert_p12 = cert
|
141
|
+
self.sign_cert_p12 = cert
|
142
|
+
end
|
143
|
+
|
144
|
+
def passphrase=(pass)
|
145
|
+
self.crypt_passphrase = pass
|
146
|
+
self.sign_passphrase = pass
|
147
|
+
end
|
148
|
+
|
149
|
+
private
|
150
|
+
def sign_configuration
|
151
|
+
conf = {
|
152
|
+
pass_phrase: sign_passphrase
|
153
|
+
}
|
154
|
+
|
155
|
+
conf.merge!(certificate_p12: sign_cert_p12) if @sign_cert_p12
|
156
|
+
conf.merge!(certificate: sign_cert, rsa_key: sign_key) unless @sign_cert_p12
|
157
|
+
conf
|
158
|
+
end
|
159
|
+
|
160
|
+
def crypt_configuration
|
161
|
+
conf = {
|
162
|
+
cipher_type_str: crypt_cipher,
|
163
|
+
pass_phrase: crypt_passphrase
|
164
|
+
}
|
165
|
+
|
166
|
+
conf.merge!(certificate_p12: crypt_cert_p12) if @crypt_cert_p12
|
167
|
+
conf.merge!(certificate: crypt_cert, rsa_key: crypt_key) unless @crypt_cert_p12
|
168
|
+
conf
|
169
|
+
end
|
170
|
+
end
|
@@ -0,0 +1,81 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
|
3
|
+
class DecodeError < Exception; end
|
4
|
+
class VerificationError < Exception; end
|
5
|
+
|
6
|
+
module ActionMailerX509
|
7
|
+
class X509
|
8
|
+
attr_accessor :certificate, :cipher, :rsa_key, :certificate_store
|
9
|
+
|
10
|
+
# pass_phrase
|
11
|
+
# cipher_type_str
|
12
|
+
# certificate and rsa_key or certificate_p12
|
13
|
+
def initialize(attrs = {})
|
14
|
+
attrs.symbolize_keys!
|
15
|
+
|
16
|
+
attrs.reverse_merge!(pass_phrase: '', cipher_type_str: 'des')
|
17
|
+
if attrs[:certificate_p12]
|
18
|
+
p12 = OpenSSL::PKCS12.new(prepare_value(attrs[:certificate_p12]), attrs[:pass_phrase])
|
19
|
+
@certificate = p12.certificate
|
20
|
+
@rsa_key = p12.key
|
21
|
+
elsif attrs[:certificate] and attrs[:rsa_key]
|
22
|
+
@certificate = OpenSSL::X509::Certificate.new(prepare_value(attrs[:certificate]))
|
23
|
+
@rsa_key = OpenSSL::PKey::RSA.new(prepare_value(attrs[:rsa_key]), attrs[:pass_phrase])
|
24
|
+
else
|
25
|
+
raise Exception.new('Wrong configuration')
|
26
|
+
end
|
27
|
+
|
28
|
+
@cipher = OpenSSL::Cipher.new(attrs[:cipher_type_str])
|
29
|
+
|
30
|
+
@certificate_store = OpenSSL::X509::Store.new
|
31
|
+
@certificate_store.add_cert(certificate)
|
32
|
+
end
|
33
|
+
|
34
|
+
def encode(text)
|
35
|
+
write OpenSSL::PKCS7.encrypt([certificate], text, cipher)
|
36
|
+
#OpenSSL::PKCS7.encrypt([certificate], text, cipher, OpenSSL::PKCS7::BINARY)
|
37
|
+
end
|
38
|
+
|
39
|
+
def decode(encrypted_text)
|
40
|
+
pkcs7 = read(encrypted_text)
|
41
|
+
pkcs7.decrypt(@rsa_key, certificate)
|
42
|
+
rescue => e
|
43
|
+
raise DecodeError.new(e.message)
|
44
|
+
end
|
45
|
+
|
46
|
+
def sign(text)
|
47
|
+
write OpenSSL::PKCS7.sign(certificate, rsa_key, text, [], OpenSSL::PKCS7::DETACHED)
|
48
|
+
#OpenSSL::PKCS7.sign(certificate, rsa_key, text, [], OpenSSL::PKCS7::BINARY)
|
49
|
+
end
|
50
|
+
|
51
|
+
def verify(text)
|
52
|
+
result = read(text).verify(nil, @certificate_store, nil, nil)
|
53
|
+
#read(text).verify(nil, @certificate_store, nil, OpenSSL::PKCS7::NOVERIFY)
|
54
|
+
result ? read(text).data : raise(VerificationError.new('Wrong args'))
|
55
|
+
rescue => e
|
56
|
+
raise VerificationError.new(e.message)
|
57
|
+
end
|
58
|
+
|
59
|
+
protected
|
60
|
+
def write(pcks7)
|
61
|
+
OpenSSL::PKCS7::write_smime pcks7
|
62
|
+
end
|
63
|
+
|
64
|
+
def read(text)
|
65
|
+
OpenSSL::PKCS7.read_smime(text) rescue OpenSSL::PKCS7.new(text)
|
66
|
+
end
|
67
|
+
|
68
|
+
private
|
69
|
+
def prepare_value(attr)
|
70
|
+
case attr.class.name
|
71
|
+
when 'String'
|
72
|
+
attr
|
73
|
+
when 'Pathname'
|
74
|
+
File::read(attr)
|
75
|
+
when 'File'
|
76
|
+
attr.read
|
77
|
+
else raise Exception.new('Wrong param type')
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module ActionMailerX509
|
2
|
+
module Generators
|
3
|
+
class InstallGenerator < Rails::Generators::Base
|
4
|
+
source_root File.expand_path('../', __FILE__)
|
5
|
+
|
6
|
+
desc 'Copy settings'
|
7
|
+
def copy_initializer
|
8
|
+
template 'templates/x509_settings.rb', 'config/initializers/x509_settings.rb'
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
ActionMailerX509.settings do |config|
|
2
|
+
|
3
|
+
#Set collection of configurations for future use
|
4
|
+
#config.add_configuration :demo,
|
5
|
+
# {
|
6
|
+
# sign_enable: false,
|
7
|
+
# crypt_enable: true,
|
8
|
+
# sign_cert: 'cert.crt',
|
9
|
+
# sign_key: 'cert.key',
|
10
|
+
# sign_passphrase: 'demo',
|
11
|
+
# crypt_cert: 'other_cert.crt',
|
12
|
+
# crypt_key: 'other_cert.key',
|
13
|
+
# crypt_passphrase: 'demo',
|
14
|
+
# certs_path: Rails.root.join('certs')
|
15
|
+
# }
|
16
|
+
#
|
17
|
+
#config.add_configuration :hisp,
|
18
|
+
# {
|
19
|
+
# sign_enable: true,
|
20
|
+
# crypt_enable: true,
|
21
|
+
# sign_cert: 'ca.crt',
|
22
|
+
# sign_key: 'ca.key',
|
23
|
+
# sign_passphrase: 'hisp',
|
24
|
+
# crypt_cert: 'capa.crt',
|
25
|
+
# crypt_key: 'capa.key',
|
26
|
+
# crypt_passphrase: 'hisp',
|
27
|
+
# certs_path: Rails.root.join('certs')
|
28
|
+
# }
|
29
|
+
#
|
30
|
+
#config.add_configuration :common,
|
31
|
+
# {
|
32
|
+
# sign_enable: true,
|
33
|
+
# crypt_enable: true,
|
34
|
+
# cert: 'ca.crt',
|
35
|
+
# key: 'ca.key',
|
36
|
+
# passphrase: 'hisp'
|
37
|
+
# crypt_passphrase: 'hisp',
|
38
|
+
# certs_path: Rails.root.join('certs')
|
39
|
+
# }
|
40
|
+
#
|
41
|
+
|
42
|
+
# You may set configuration which will be use by default
|
43
|
+
#config.default_configuration = :hisp
|
44
|
+
|
45
|
+
#Also you may set default certs path and not set certs_path in configs
|
46
|
+
#config.default_certs_path = Rails.root.join('certs')
|
47
|
+
end
|