as2 0.9.0 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e5d44130a76edfd15f3938df800fd0b82a0a14446ed064844250c33f0ba28c0c
-  data.tar.gz: b2436bd0539cefe5387e08042ba5bf1798282515c17d6c884eda08c7e9abd913
+  metadata.gz: 7a467f304fd7955e9f787078b8bbda6277e111e84e75d2cc02c935d6ccc00916
+  data.tar.gz: b75996e0b5064d1b4133f9ed8db0b9f629cb44746ade335edcd3a2fa04de0edf
 SHA512:
-  metadata.gz: c7ec66eff025813c21849d375933cef2e06c70ae658363ffce640d22ea72be73650908862307380e70da03510765016b99bf60a65f6f56f432d4e3381eab8ee4
-  data.tar.gz: 5f9747317e5675e292ea80f02b01de73a0d14e78c60236970f81a8a68a3cefb0535b2bd9c4d2b6fee7e95399746fd773f40de5481db2975fe2f21c9ce5c7178e
+  metadata.gz: b8b50c0291eed98d9f74333e094bf1a59cf4bedb987592082dddc04118e319dd85121f8434391fb473783320b6388ec836d0fe54901b02b8c3cdf70f95eb93b6
+  data.tar.gz: db4e30dba47bd613b3b9b5e0e47d33951e527a31249af79ce7f2073c66035cc9a3aa3a8ba5a88c0163b4e06eec814d6ac2bf48ee060935cc22ec57762bdd2b10

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+## 0.11.0 September 14, 2023
+
+  * Allow configuration of which encryption cipher to use when sending outbound messages. [#35](https://github.com/alexdean/as2/pull/35)
+
+## 0.10.0 September 13, 2023
+
+support for separate signing & encryption certificates for partners. [#34](https://github.com/alexdean/as2/pull/34)
+
+BREAKING CHANGES:
+
+  * `As2::Config::Partner`
+    * Added `signing_certificate` and `encryption_certificate`
+    * Removed `certificate`.
+    * `certificate=` is still supported, and assigns the same certificate to both.
+  * `As2::Client#parse_signed_mdn`: requires `signing_certificate:` rather than `certificate:`.
+  * `As2::Message.verify`: requires `signing_certificate:` rather than `certificate:`.
+
 ## 0.9.0, August 28, 2023
 
   * Bugfix for quoting AS2-From/AS2-To identifiers

data/lib/as2/client.rb

@@ -8,6 +8,10 @@ module As2
       ['v0', 'v1']
     end
 
+    def self.valid_encryption_ciphers
+      OpenSSL::Cipher.ciphers
+    end
+
     # @param [As2::Config::Partner,String] partner The partner to send a message to.
     #   If a string is given, it should be a partner name which has been registered
     #   via a call to #add_partner.
@@ -45,6 +49,10 @@ module As2
     #   * If content parameter is specified, file_name is only used to tell the
     #     partner the original name of the file.
     #
+    # TODO: refactor to separate "build an outbound message" from "send an outbound message"
+    # main benefit would be allowing the test suite to be more straightforward.
+    # (wouldn't need webmock just to verify what kind of message we built...)
+    #
     # @param [String] file_name
     # @param [String] content
     # @param [String] content_type This is the MIME Content-Type describing the `content` param,
@@ -82,8 +90,11 @@ module As2
                                          file_name: file_name
                                        )
 
-      cipher = OpenSSL::Cipher::AES256.new(:CBC) # default, but we might have to make this configurable
-      encrypted = OpenSSL::PKCS7.encrypt([@partner.certificate], request_body, cipher)
+      encrypted = OpenSSL::PKCS7.encrypt(
+                    [@partner.encryption_certificate],
+                    request_body,
+                    @partner.encryption_cipher_instance
+                  )
 
       # > HTTP can handle binary data and so there is no need to use the
       # > content transfer encodings of MIME
@@ -257,7 +268,7 @@ module As2
       if mdn_content_type.start_with?('multipart/signed')
         result = parse_signed_mdn(
                                    multipart_signed_message: response_content,
-                                   certificate: @partner.certificate
+                                   signing_certificate: @partner.signing_certificate
                                  )
         mdn_report = result[:mdn_report]
         report[:signature_verification_error] = result[:signature_verification_error]
@@ -314,7 +325,7 @@ module As2
     #   * :mdn_mime_body [Mail::Message] The 'inner' MDN body, with signature removed
     #   * :signature_verification_error [String] Any error which resulted when checking the
     #     signature. If this is empty it means the signature was valid.
-    def parse_signed_mdn(multipart_signed_message:, certificate:)
+    def parse_signed_mdn(multipart_signed_message:, signing_certificate:)
       smime = nil
 
       begin
@@ -347,7 +358,7 @@ module As2
         # based on As2::Message version
         # TODO: test cases based on valid/invalid responses. (response signed with wrong certificate, etc.)
         # See notes in As2::Message.verify for reasoning on flag usage
-        smime.verify [certificate], OpenSSL::X509::Store.new, nil, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN
+        smime.verify [signing_certificate], OpenSSL::X509::Store.new, nil, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN
 
         signature_verification_error = smime.error_string
       else
@@ -383,7 +394,7 @@ module As2
         result = As2::Message.verify(
                    content: content,
                    signature_text: signature_text,
-                   certificate: @partner.certificate
+                   signing_certificate: signing_certificate
                  )
 
         signature_verification_error = result[:error]

data/lib/as2/config.rb

@@ -12,7 +12,12 @@ module As2
       end
     end
 
-    class Partner < Struct.new :name, :url, :certificate, :tls_verify_mode, :mdn_format, :outbound_format
+    class Partner < Struct.new :name, :url, :encryption_certificate, :encryption_cipher, :signing_certificate, :tls_verify_mode, :mdn_format, :outbound_format
+      def initialize
+        # set default.
+        self.encryption_cipher = 'aes-256-cbc'
+      end
+
       def url=(url)
         if url.kind_of? String
           self['url'] = URI.parse url
@@ -40,7 +45,30 @@ module As2
       end
 
       def certificate=(certificate)
-        self['certificate'] = As2::Config.build_certificate(certificate)
+        cert = As2::Config.build_certificate(certificate)
+        self['encryption_certificate'] = cert
+        self['signing_certificate'] = cert
+      end
+
+      def encryption_certificate=(certificate)
+        self['encryption_certificate'] = As2::Config.build_certificate(certificate)
+      end
+
+      def encryption_cipher=(cipher)
+        cipher_s = cipher.to_s
+        valid_ciphers = As2::Client.valid_encryption_ciphers
+        if !valid_ciphers.include?(cipher_s)
+          raise ArgumentError, "encryption_cipher '#{cipher_s}' must be one of #{valid_ciphers.inspect}"
+        end
+        self['encryption_cipher'] = cipher_s
+      end
+
+      def encryption_cipher_instance
+        OpenSSL::Cipher.new(encryption_cipher)
+      end
+
+      def signing_certificate=(certificate)
+        self['signing_certificate'] = As2::Config.build_certificate(certificate)
       end
 
       # if set, will be used for SSL transmissions.
@@ -87,14 +115,18 @@ module As2
         unless partner.name
           raise 'Partner name is required'
         end
-        unless partner.certificate
-          raise 'Partner certificate is required'
+        unless partner.signing_certificate
+          raise 'Partner signing certificate is required'
+        end
+        unless partner.encryption_certificate
+          raise 'Partner encryption certificate is required'
         end
         unless partner.url
           raise 'Partner URL is required'
         end
         Config.partners[partner.name] = partner
-        Config.store.add_cert partner.certificate
+        Config.store.add_cert partner.signing_certificate
+        Config.store.add_cert partner.encryption_certificate
       end
     end
 
@@ -123,6 +155,7 @@ module As2
         @partners ||= {}
       end
 
+      # TODO: deprecate this.
       def store
         @store ||= OpenSSL::X509::Store.new
       end

data/lib/as2/message.rb

@@ -53,7 +53,7 @@ module As2
     #   * :valid [boolean] was the verification successful or not?
     #   * :error [String, nil] a verification error message.
     #                          will be empty when `valid` is true.
-    def self.verify(content:, signature_text:, certificate:)
+    def self.verify(content:, signature_text:, signing_certificate:)
       begin
         signature = OpenSSL::PKCS7.new(signature_text)
 
@@ -76,9 +76,9 @@ module As2
         #
         # https://www.openssl.org/docs/manmaster/man3/PKCS7_verify.html
         #
-        # we want this so we can be sure that the `partner_certificate` we supply
+        # we want this so we can be sure that the `signing_certificate` we supply
         # was actually used to sign the message. otherwise we could get a positive
-        # verification even if `partner_certificate` didn't sign the message
+        # verification even if `signing_certificate` didn't sign the message
         # we're checking.
         #
         # ## NOVERIFY
@@ -87,9 +87,9 @@ module As2
         #
         # ie: we won't attempt to connect signer (in the first param) to a root
         # CA (in `store`, which is empty). alternately, we could instead remove
-        # this flag, and add `partner_certificate` to `store`. but what's the point?
-        # we'd only be verifying that `partner_certificate` is connected to `partner_certificate`.
-        valid = signature.verify([certificate], store, content, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN)
+        # this flag, and add `signing_certificate` to `store`. but what's the point?
+        # we'd only be verifying that `signing_certificate` is connected to `signing_certificate`.
+        valid = signature.verify([signing_certificate], store, content, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN)
 
         # when `signature.verify` fails, signature.error_string will be populated.
         error = signature.error_string
@@ -121,7 +121,7 @@ module As2
       @decrypted_message ||= @pkcs7.decrypt @private_key, @public_certificate
     end
 
-    def valid_signature?(partner_certificate)
+    def valid_signature?(partner_signing_certificate)
       content_type = mail.header_fields.find { |h| h.name == 'Content-Type' }.content_type
       # TODO: substantial overlap between this code & the fallback/rescue code in
       # As2::Client#verify_mdn_signature
@@ -149,7 +149,7 @@ module As2
         result = self.class.verify(
                                     content: content,
                                     signature_text: signature_text,
-                                    certificate: partner_certificate
+                                    signing_certificate: partner_signing_certificate
                                   )
 
         output = result[:valid]
@@ -186,7 +186,7 @@ module As2
           retry_output = self.class.verify(
                                             content: content,
                                             signature_text: signature_text,
-                                            certificate: partner_certificate
+                                            signing_certificate: partner_signing_certificate
                                           )
 
           if retry_output[:valid]

data/lib/as2/server.rb

@@ -40,7 +40,7 @@ module As2
       request = Rack::Request.new(env)
       message = Message.new(request.body.read, @server_info.pkey, @server_info.certificate)
 
-      unless message.valid_signature?(partner.certificate)
+      unless message.valid_signature?(partner.signing_certificate)
         if @signature_failure_handler
           @signature_failure_handler.call({
             env: env,
@@ -48,7 +48,7 @@ module As2
             verification_error: message.verification_error
           })
         else
-          raise "Could not verify signature"
+          raise "Could not verify signature. #{message.verification_error}"
         end
       end
 

data/lib/as2/version.rb

@@ -1,3 +1,3 @@
 module As2
-  VERSION = "0.9.0"
+  VERSION = "0.11.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: as2
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.11.0
 platform: ruby
 authors:
 - OfficeLuv
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-08-28 00:00:00.000000000 Z
+date: 2023-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail