as2 0.5.2 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2cc88a7c3befd19715a142f886fcac0429911b1b2c6d4df8e5c6f6797c6469c2
-  data.tar.gz: ba6943a989242be148d7e39c896f61747b8455888883b60ff179d6bf53e25309
+  metadata.gz: 44bae86d51af027c42242dcc2b746014fc1e5c408bdba4d8fda43373a3b61470
+  data.tar.gz: e7043ac582ceb07fa9527f029ea128015e2f96331c3217758b022e5fe2b64e3a
 SHA512:
-  metadata.gz: 14dc1ecb69d8678db913d9ee2425ae35f3e2e1b9a927a3a573e36e9a704dd4a7ab994d7c98182bf0053f40520040f0001fbc8b1390c82ebd57aa7e5c3495e99c
-  data.tar.gz: e43327ebbeac9bd46a2ccc4e3cd13f6354de46a3507fe01b134ecf33feef6643555c63e2ad2310debf8b3a23ec88c985d869087bf4cce29a2c54d8d06cfa753a
+  metadata.gz: 8f6beade2e29c96b6e0d65297296f26642a4882b3628b7d43aa2169b7b6b3ddea7abb5e791490b20a1ffb260cfbd214db5c9026a9cb61e34b4a9af05fd6f2d49
+  data.tar.gz: 8bac3d37290848e67e01b689872fb6504c3407c23501040f1647f17bc42ae2101669ceb6b331908f170f2242a6acf3d4cbeeafe4ad3cf2c4f24995422e358e13

data/.gitignore

@@ -2,3 +2,4 @@ certs
 .DS_Store
 Gemfile.lock
 pkg
+tmp/inbox/*

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## Unreleased (future 0.6.0)
+
+  * allow verification of signed MDNs which use `Content-Transfer-Encoding: binary`. [#22](https://github.com/alexdean/as2/pull/22)
+  * Improve example server to make it more useful for local testing & development. [#17](https://github.com/alexdean/as2/pull/17)
+  * Support `Content-Tranfer-Encoding: binary`. [#11](https://github.com/alexdean/as2/pull/11)
+  * Server can choose MIC algorithm based on HTTP `Disposition-Notification-Options` header. [#20](https://github.com/alexdean/as2/pull/20)
+
 ## 0.5.1, August 10, 2022
 
   * Any HTTP 2xx status received from a partner should be considered successful. [#12](https://github.com/andjosh/as2/pull/12)

data/README.md

@@ -3,10 +3,11 @@
 This is a proof of concept implementation of AS2 protocol: http://www.ietf.org/rfc/rfc4130.txt.
 
 Tested with the mendelson AS2 implementation from http://as2.mendelson-e-c.com
+and with [OpenAS2](https://github.com/OpenAS2/OpenAs2App).
 
 ## Build Status
 
-[![Test Suite](https://github.com/andjosh/as2/actions/workflows/test.yml/badge.svg)](https://github.com/andjosh/as2/actions/workflows/test.yml)
+[![Test Suite](https://github.com/alexdean/as2/actions/workflows/test.yml/badge.svg)](https://github.com/alexdean/as2/actions/workflows/test.yml)
 
 ## Known Limitations
 
@@ -30,10 +31,7 @@ along.
        will see a MIC verification failure. AS2 RFC specifically prefers sha1 and
        mentions md5. Mendelson AS2 server supports a number of other algorithms.
        (sha256, sha512, etc)
-  2. Payload bodies can have a few different mime types. We expect a type that
-     matches `application/EDI-*`. We're unable to receive content that has any other
-     mime type. https://datatracker.ietf.org/doc/html/rfc1767#section-1
-  3. AS2 partners may agree to use separate certificates for data encryption and data signing.
+  2. AS2 partners may agree to use separate certificates for data encryption and data signing.
      We do not support separate certificates for these purposes.
 
 ## Installation
@@ -78,7 +76,7 @@ You can run a local server with `bundle exec ruby examples/server.rb` and send i
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/as2.
+Bug reports and pull requests are welcome on GitHub at https://github.com/alexdean/as2.
 
 
 ## License

data/as2.gemspec

@@ -32,7 +32,8 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", ">= 1.10"
   spec.add_development_dependency "rake", ">= 10.0"
-  spec.add_development_dependency "thin"
+  spec.add_development_dependency "rackup"
+  spec.add_development_dependency "puma"
   spec.add_development_dependency "minitest"
   spec.add_development_dependency "minitest-focus"
   spec.add_development_dependency "webmock"

data/examples/server.rb

@@ -1,32 +1,104 @@
+# test server receives files & saves them to the local filesystem
+#
+# `bundle exec ruby examples/server.rb`
 require 'as2'
-require 'rack'
+require 'rackup'
+require 'rack/handler/puma'
+require 'pathname'
+require 'fileutils'
+
+this_dir = Pathname.new(File.expand_path('..', __FILE__))
+root_dir = this_dir.join('..')
 
 As2.configure do |conf|
-  conf.name = 'MyServer'
+  conf.name = 'RUBYAS2'
   conf.url = 'http://localhost:3000/as2'
   conf.certificate = 'test/certificates/server.crt'
   conf.pkey = 'test/certificates/server.key'
-  conf.domain = 'mydomain.com'
+  conf.domain = 'localhost'
+
   conf.add_partner do |partner|
-    partner.name = 'MyClient'
+    partner.name = 'MENDELSON'
     partner.url = 'http://localhost:8080/as2/HttpReceiver'
     partner.certificate = 'test/certificates/client.crt'
   end
+
+  conf.add_partner do |partner|
+    partner.name = 'OPENAS2'
+    partner.url = 'http://localhost:4088'
+    partner.certificate = 'test/certificates/client.crt'
+  end
+end
+
+def log(message, transmission_id: nil)
+  puts "#{Time.now.strftime('%F %T')} [#{transmission_id}] #{message}"
 end
 
-handler = As2::Server.new do |filename, body|
-  puts "SUCCESSFUL DOWNLOAD"
-  puts "FILENAME: #{filename}"
-  puts
-  puts body
+# TODO: there are a lot of potential failure cases we're not handling
+# (failed decryption, unsigned message, etc), because this script is intended for
+# local debugging.
+handler = Proc.new do |env|
+  transmission_id = "#{Time.now.strftime('%Y%m%d_%H%M%S_%L')}_#{SecureRandom.hex(6)}"
+  log("start.", transmission_id: transmission_id)
+
+  server_info = As2::Config.server_info
+
+  partner_name = env['HTTP_AS2_FROM']
+  partner = As2::Config.partners[partner_name]
+
+  log("partner:#{partner_name} known_partner?:#{!!partner}", transmission_id: transmission_id)
+  partner_dir = root_dir.join('tmp/inbox/', partner_name)
+  if !File.exist?(partner_dir)
+    FileUtils.mkdir_p(partner_dir)
+  end
+
+  raw_request_body = env['rack.input'].read
+
+  mic_algorithm = As2.choose_mic_algorithm(env['HTTP_DISPOSITION_NOTIFICATION_OPTIONS'])
+  message = As2::Message.new(raw_request_body, server_info.pkey, server_info.certificate,
+              mic_algorithm: mic_algorithm
+            )
+
+  # do this before writing to disk, in case we have to fix content.
+  # @see https://github.com/alexdean/as2/pull/11
+  valid_signature = message.valid_signature?(partner.certificate)
+
+  original_filename = message.attachment.filename
+  extname = File.extname(original_filename)
+  basename = partner_dir.join(File.basename(message.attachment.filename, extname)).to_s
+  encrypted_filename = "#{basename}.pkcs7" # exactly what we got on the wire
+  decrypted_filename = "#{basename}.mime"  # full message, all parts
+  body_filename = "#{basename}#{extname}"  # just the body part, w/o signature
+
+  File.open(encrypted_filename, 'wb') { |f| f.write(raw_request_body) }
+  File.open(decrypted_filename, 'wb') { |f| f.write(message.decrypted_message) }
+  File.open(body_filename, 'wb') { |f| f.write(message.attachment.raw_source) }
+
+  # filenames are absolute paths to each file.
+  # when we print output, nicer to read a path relative to the project's root.
+  prefix_length = root_dir.to_s.length + 1
+  verification_error = message.verification_error
+
+  report = <<~EOF
+  filename:#{original_filename}
+       #{encrypted_filename[prefix_length..]}
+       #{decrypted_filename[prefix_length..]}
+       #{body_filename[prefix_length..]}
+       valid_signature?:#{valid_signature}#{verification_error && " error:'#{verification_error}'"}
+       MIC: '#{message.mic}' (#{message.mic_algorithm})
+  EOF
+  log(report, transmission_id: transmission_id)
+
+  server = As2::Server.new(server_info: server_info, partner: partner)
+  server.send_mdn(env, message.mic, message.mic_algorithm, message.verification_error)
 end
 
 builder = Rack::Builder.new do
-  use Rack::CommonLogger
+  use Rack::ShowExceptions
   map '/as2' do
     run handler
   end
 end
 
-puts "As2 version: #{As2::VERSION}"
-Rack::Handler::Thin.run builder, Port: 3000
+puts "ruby-as2 version: #{As2::VERSION}"
+Rack::Handler::Puma.run builder, Port: 3002, Host: '0.0.0.0'

data/lib/as2/client.rb

@@ -9,7 +9,11 @@ module As2
     #   via a call to #add_partner.
     # @param [As2::Config::ServerInfo,nil] server_info The server info used to identify
     #   this client to the partner. If omitted, the main As2::Config.server_info will be used.
-    def initialize(partner, server_info: nil)
+    # @param [Logger, nil] logger If supplied, some additional information about how
+    #   messages are processed will be written here.
+    def initialize(partner, server_info: nil, logger: nil)
+      @logger = logger || Logger.new('/dev/null')
+
       if partner.is_a?(As2::Config::Partner)
         @partner = partner
       else
@@ -132,22 +136,18 @@ module As2
       response_content = "Content-Type: #{mdn_content_type.to_s.strip}\r\n\r\n#{mdn_body}"
 
       if mdn_content_type.start_with?('multipart/signed')
-        smime = OpenSSL::PKCS7.read_smime(response_content)
-
-        # create mail instance before #verify call.
-        # `smime.data` is emptied if verification fails, which means we wouldn't know disposition & other details.
-        mail = Mail.new(smime.data)
-
-        # based on As2::Message version
-        # TODO: test cases based on valid/invalid responses. (response signed with wrong certificate, etc.)
-        smime.verify [@partner.certificate], OpenSSL::X509::Store.new, nil, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN
-        report[:signature_verification_error] = smime.error_string
+        result = parse_signed_mdn(
+                                   multipart_signed_message: response_content,
+                                   certificate: @partner.certificate
+                                 )
+        mdn_report = result[:mdn_report]
+        report[:signature_verification_error] = result[:signature_verification_error]
       else
         # MDN may be unsigned if an error occurred, like if we sent an unrecognized As2-From header.
-        mail = Mail.new(response_content)
+        mdn_report = Mail.new(response_content)
       end
 
-      mail.parts.each do |part|
+      mdn_report.parts.each do |part|
         if part.content_type.start_with?('text/plain')
           report[:plain_text_body] = part.body.to_s.strip
         elsif part.content_type.start_with?('message/disposition-notification')
@@ -163,8 +163,8 @@ module As2
             end
           end
 
-          report[:disposition] = options['disposition']
-          report[:mid_matched] = original_message_id == options['original-message-id']
+          report[:disposition] = options['disposition'].strip
+          report[:mid_matched] = original_message_id == options['original-message-id'].strip
 
           if options['received-content-mic']
             # do mic calc using the algorithm specified by server.
@@ -182,5 +182,98 @@ module As2
       end
       report
     end
+
+    private
+
+    # extract the MDN body from a multipart/signed wrapper & attempt to verify
+    # the signature
+    #
+    # @param [String] multipart_signed_message The 'outer' MDN body, containing MIME header,
+    #   MDN body (which itself is likely a multi-part object) and a signature.
+    # @param [OpenSSL::X509::Certificate] verify that the MDN body was signed using this certificate
+    # @return [Hash] results of the check
+    #   * :mdn_mime_body [Mail::Message] The 'inner' MDN body, with signature removed
+    #   * :signature_verification_error [String] Any error which resulted when checking the
+    #     signature. If this is empty it means the signature was valid.
+    def parse_signed_mdn(multipart_signed_message:, certificate:)
+      smime = nil
+
+      begin
+        # This will fail if the signature is binary-encoded. In that case
+        # we rescue so we can continue to extract other data from the MDN.
+        # User can decide how to proceed after the signature verification failure.
+        #
+        # > The parser assumes that the PKCS7 structure is always base64 encoded
+        # > and will not handle the case where it is in binary format or uses quoted
+        # > printable format.
+        #
+        # https://www.openssl.org/docs/man3.1/man3/SMIME_read_PKCS7.html
+        #
+        # Likely we can resolve this by building a PKCS7 manually from the MDN
+        # payload, rather than using `read_smime`.
+        #
+        # An aside: manually base64-encoding the binary signature allows the MDN
+        # to be parsed & verified via `read_smime`, so that could also be an option.
+        smime = OpenSSL::PKCS7.read_smime(multipart_signed_message)
+      rescue => e
+        @logger.warn "error checking signature using read_smime. #{e.message}"
+        signature_verification_error = e.message
+      end
+
+      if smime
+        # create mail instance before #verify call.
+        # `smime.data` is emptied if verification fails, which means we wouldn't know disposition & other details.
+        mdn_report = Mail.new(smime.data)
+
+        # based on As2::Message version
+        # TODO: test cases based on valid/invalid responses. (response signed with wrong certificate, etc.)
+        # See notes in As2::Message.verify for reasoning on flag usage
+        smime.verify [certificate], OpenSSL::X509::Store.new, nil, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN
+
+        signature_verification_error = smime.error_string
+      else
+        @logger.info "trying fallback sigature verification."
+        # read_smime will fail on binary-encoded MDNs. in this case, we can attempt
+        # to parse the structure using Mail and do signature verification
+        # slightly differently.
+        #
+        # what follows is the same process applied in As2::Message#valid_signature?.
+        # see notes there for more info on "multipart/signed" MIME messages.
+        #
+        #   1. maybe unify these at some point?
+        #   2. maybe always use this process, and drop initial attempt at
+        #      `OpenSSL::PKCS7.read_smime` above.
+        #
+        # refactoring to allow using As2::Message#valid_signature? here
+        # would also allow us to utilize the line-ending fixup code there
+
+        # this should have 2 parts. the MDN report (parts[0]) and the signature (parts[1])
+        #
+        #  * https://datatracker.ietf.org/doc/html/rfc3851#section-3.4.3
+        #  * see also https://datatracker.ietf.org/doc/html/rfc1847#section-2.1
+        outer_mail = Mail.new(multipart_signed_message)
+
+        mdn_report = outer_mail.parts[0]
+
+        content = mdn_report.raw_source
+        content = content.gsub(/\A\s+/, '')
+
+        signature = outer_mail.parts[1]
+        signature_text = signature.body.to_s
+
+        result = As2::Message.verify(
+                   content: content,
+                   signature_text: signature_text,
+                   certificate: @partner.certificate
+                 )
+
+        signature_verification_error = result[:error]
+      end
+
+      {
+        mdn_report: mdn_report,
+        signature_verification_error: signature_verification_error
+      }
+    end
   end
 end

data/lib/as2/digest_selector.rb

@@ -14,11 +14,17 @@ module As2
       @map.keys
     end
 
+    def self.valid?(code)
+      @map[normalized(code)]
+    end
+
     def self.for_code(code)
-      # we may receive 'sha256', 'sha-256', or 'SHA256'.
-      normalized = code.strip.downcase.gsub(/[^a-z0-9]/, '')
+      @map[normalized(code)] || OpenSSL::Digest::SHA1
+    end
 
-      @map[normalized] || OpenSSL::Digest::SHA1
+    def self.normalized(code)
+      # we may receive 'sha256', 'sha-256', or 'SHA256'.
+      code.to_s.strip.downcase.gsub(/[^a-z0-9]/, '')
     end
   end
 end

data/lib/as2/message.rb

@@ -2,9 +2,10 @@ module As2
   class Message
     attr_reader :verification_error
 
-    # given multiple parts of a message, choose the one most likely to be the actual content we care about
+    # given multiple parts of a message, choose the one most likely to be the
+    # actual content we care about
     #
-    # @param [Array<Mail::Part>]
+    # @param [Mail::PartsList] mail_parts
     # @return [Mail::Part, nil]
     def self.choose_attachment(mail_parts)
       return nil if mail_parts.nil?
@@ -16,6 +17,18 @@ module As2
       candidates[0]
     end
 
+    # return the mail part containing a digital signature
+    #
+    # @param [Mail::PartsList] mail_parts
+    # @return [Mail::Part, nil]
+    def self.choose_signature(mail_parts)
+      return nil if mail_parts.nil?
+
+      mail_parts.find { |part| part.content_type.to_s['pkcs7-signature'] }
+    end
+
+    # calculate the MIC for a given mail part
+    #
     # @param [Mail::Part] attachment
     # @param [String] mic_algorithm
     # @return [String] message integrity check string
@@ -24,50 +37,37 @@ module As2
       digest.base64digest(attachment.raw_source.lstrip)
     end
 
-    def initialize(message, private_key, public_certificate)
-      # TODO: might need to use OpenSSL::PKCS7.read_smime rather than .new sometimes
-      @pkcs7 = OpenSSL::PKCS7.new(message)
-      @private_key = private_key
-      @public_certificate = public_certificate
-      @verification_error = nil
-    end
-
-    def decrypted_message
-      @decrypted_message ||= @pkcs7.decrypt @private_key, @public_certificate
-    end
-
-    def valid_signature?(partner_certificate)
-      content_type = mail.header_fields.find { |h| h.name == 'Content-Type' }.content_type
-      if content_type == "multipart/signed"
-        # for a "multipart/signed" message, we will do 'detatched' signature
-        # verification, where we supply the data to be verified as the 3rd parameter
-        # to OpenSSL::PKCS7#verify. this is in keeping with how this content type
-        # is described in the S/MIME RFC.
-        #
-        # > The multipart/signed MIME type has two parts.  The first part contains
-        # > the MIME entity that is signed; the second part contains the "detached signature"
-        # > CMS SignedData object in which the encapContentInfo eContent field is absent.
-        #
-        # https://datatracker.ietf.org/doc/html/rfc3851#section-3.4.3.1
-
-        # TODO: more robust detection of content vs signature (if they're ever out of order).
-        content = mail.parts[0].raw_source
-        # remove any leading \r\n characters (between headers & body i think).
-        content = content.gsub(/\A\s+/, '')
-
-        signature = OpenSSL::PKCS7.new(mail.parts[1].body.to_s)
+    # Check that the signature is valid.
+    #
+    # This confirms 2 things:
+    #
+    #   1. The `signature_text` is valid for `content`, ie: the `content` has
+    #      not been altered.
+    #   2. The `signature_text` was generated by the party who owns `certificate`,
+    #      ie: The same private key generated `signature_text` and `certificate`.
+    #
+    # @param [String] content
+    # @param [String] signature_text
+    # @param [OpenSSL::X509::Certificate] certificate
+    # @return [Hash]
+    #   * :valid [boolean] was the verification successful or not?
+    #   * :error [String, nil] a verification error message.
+    #                          will be empty when `valid` is true.
+    def self.verify(content:, signature_text:, certificate:)
+      begin
+        signature = OpenSSL::PKCS7.new(signature_text)
 
         # using an empty CA store. see notes on NOVERIFY flag below.
         store = OpenSSL::X509::Store.new
 
-        # notes on verification proces and flags used
+        # notes on verification process and flags used
         #
         # ## NOINTERN
         #
         # > If PKCS7_NOINTERN is set the certificates in the message itself are
         # > not searched when locating the signer's certificate. This means that
         # > all the signers certificates must be in the certs parameter.
-        #
+        # >
         # > One application of PKCS7_NOINTERN is to only accept messages signed
         # > by a small number of certificates. The acceptable certificates would
         # > be passed in the certs parameter. In this case if the signer is not
@@ -89,10 +89,112 @@ module As2
         # CA (in `store`, which is empty). alternately, we could instead remove
         # this flag, and add `partner_certificate` to `store`. but what's the point?
         # we'd only be verifying that `partner_certificate` is connected to `partner_certificate`.
-        output = signature.verify([partner_certificate], store, content, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN)
+        valid = signature.verify([certificate], store, content, OpenSSL::PKCS7::NOVERIFY | OpenSSL::PKCS7::NOINTERN)
 
         # when `signature.verify` fails, signature.error_string will be populated.
-        @verification_error = signature.error_string
+        error = signature.error_string
+      rescue => e
+        valid = false
+        error = "#{e.class}: #{e.message}"
+      end
+
+      {
+        valid: valid,
+        error: error
+      }
+    end
+
+    def initialize(message, private_key, public_certificate, mic_algorithm: nil)
+      # TODO: might need to use OpenSSL::PKCS7.read_smime rather than .new sometimes
+      @pkcs7 = OpenSSL::PKCS7.new(message)
+      @private_key = private_key
+      @public_certificate = public_certificate
+      @verification_error = nil
+
+      @mic_algorithm = mic_algorithm || 'sha256'
+      if !As2::DigestSelector.valid?(@mic_algorithm)
+        raise ArgumentError, "'#{@mic_algorithm}' is not a valid MIC algorithm."
+      end
+    end
+
+    def decrypted_message
+      @decrypted_message ||= @pkcs7.decrypt @private_key, @public_certificate
+    end
+
+    def valid_signature?(partner_certificate)
+      content_type = mail.header_fields.find { |h| h.name == 'Content-Type' }.content_type
+      # TODO: substantial overlap between this code & the fallback/rescue code in
+      # As2::Client#verify_mdn_signature
+      if content_type == "multipart/signed"
+        # for a "multipart/signed" message, we will do 'detatched' signature
+        # verification, where we supply the data to be verified as the 3rd parameter
+        # to OpenSSL::PKCS7#verify. this is in keeping with how this content type
+        # is described in the S/MIME RFC.
+        #
+        # > The multipart/signed MIME type has two parts.  The first part contains
+        # > the MIME entity that is signed; the second part contains the "detached signature"
+        # > CMS SignedData object in which the encapContentInfo eContent field is absent.
+        #
+        # https://datatracker.ietf.org/doc/html/rfc3851#section-3.4.3
+        #
+        # see also https://datatracker.ietf.org/doc/html/rfc1847#section-2.1
+
+        content = attachment.raw_source
+        # remove any leading \r\n characters (between headers & body i think).
+        content = content.gsub(/\A\s+/, '')
+
+        # TODO: why is signature.body.to_s different from signature.body.raw_source?
+        signature_text = signature.body.to_s
+
+        result = self.class.verify(
+                                    content: content,
+                                    signature_text: signature_text,
+                                    certificate: partner_certificate
+                                  )
+
+        output = result[:valid]
+        @verification_error = result[:error]
+
+        # HACK until https://github.com/mikel/mail/pull/1511 is available
+        #
+        # due to a bug in the mail gem (fixed in PR above), when using
+        # 'Content-Transfer-Encoding: binary', the body given by `attachment.raw_source`
+        # will have all "\n" replaced by "\r\n". This causes a signature verification
+        # failure.
+        #
+        # here, we try reversing this behavior (changing "\r\n" in the body back
+        # to "\n") and re-attempt verification.
+        #
+        # this entire block can should removed once the bugfix in mail gem is
+        # released & integrated into as2.
+        #
+        # we don't really know that verification failed due to line-ending mismatch.
+        # it's only a guess.
+        if !output && attachment.content_transfer_encoding == 'binary'
+          # TODO: log when this happens.
+          # include attachment.content_transfer_encoding, the results of the initial verification
+          # and the results of the re-attempted verification
+
+          body_delimiter = "\r\n\r\n"
+          # split on first occurrence of `body_delimiter`
+          # any trailing occurrences of `body_delimiter` are preserved as part of `body`
+          headers, _, body = content.partition(body_delimiter)
+
+          body.gsub!("\r\n", "\n") # cross fingers...
+          content = headers + body_delimiter + body
+
+          retry_output = self.class.verify(
+                                            content: content,
+                                            signature_text: signature_text,
+                                            certificate: partner_certificate
+                                          )
+
+          if retry_output[:valid]
+            @attachment = Mail::Part.new(content)
+            @verification_error = retry_output[:error]
+            output = retry_output[:valid]
+          end
+        end
 
         output
       else
@@ -106,14 +208,27 @@ module As2
     end
 
     def mic_algorithm
-      'sha256'
+      @mic_algorithm
     end
 
     # Return the attached file, use .filename and .body on the return value
+    # This is the content the sender is sending to us.
+    #
+    # @todo maybe rename this to `payload`. 'attachment' sounds very email.
+    # @return [Mail::Part]
     def attachment
-      self.class.choose_attachment(parts)
+      @attachment ||= self.class.choose_attachment(parts)
+    end
+
+    # Return the digital signature which is part of the incoming message.
+    # Will return `nil` for unsigned messages
+    #
+    # @return [Mail::Part]
+    def signature
+      @signature ||= self.class.choose_signature(parts)
     end
 
+    # TODO: deprecate this, or make it private
     def parts
       mail&.parts
     end

data/lib/as2/parser/disposition_notification_options.rb

@@ -0,0 +1,71 @@
+module As2
+  module Parser
+    # parse an AS2 HTTP Content-Disposition-Options header
+    # Structure is described in https://datatracker.ietf.org/doc/html/rfc4130#section-7.3
+    #
+    # don't use this directly. use As2.choose_mic_algorithm instead.
+    #
+    # @api private
+    class DispositionNotificationOptions
+      Result = Struct.new(:value, :attributes, :raw, keyword_init: true) do
+               def [](key)
+                 normalized = As2::Parser::DispositionNotificationOptions.normalize_key(key)
+                 attributes[normalized]
+               end
+
+               def to_s
+                 raw.to_s
+               end
+             end
+
+      def self.normalize_key(raw)
+        raw.to_s.downcase
+      end
+
+      # parse a single header body (without the name)
+      #
+      # @example parse('signed-receipt-protocol=required, pkcs7-signature; signed-receipt-micalg=optional, sha1')
+      # @return [As2::Parser::DispositionNotificationOptions::Result]
+      def self.parse(raw_body)
+        value = nil
+        attributes = {}
+
+        body_parts = raw_body.to_s.split(';').map(&:strip)
+
+        body_parts.each do |part|
+          if part.include?('=')
+            part_key, _, part_value = part.partition('=')
+            part_value = split_part(part_value)
+
+            # force lower-case to make access more reliable
+            part_key = normalize_key(part_key)
+
+            attributes[part_key] = part_value
+          else
+            value = split_part(part)
+          end
+        end
+
+        Result.new(raw: raw_body, value: value, attributes: attributes)
+      end
+
+      private
+
+      # convert CSV to array
+      # remove quotes
+      # single value returned as scalar not array
+      def self.split_part(part)
+        part_value = part.split(',').map do |value|
+                           out = value.strip
+                           # remove quotes
+                           if out[0] == out[-1] && (out[0] == "'" || out[0] == '"')
+                             out = out[1..-2]
+                           end
+                           out
+                         end
+
+        part_value
+      end
+    end
+  end
+end

data/lib/as2/parser.rb

@@ -0,0 +1,11 @@
+module As2
+  # namespace to hold parsers for various HTTP headers & perhaps other kinds of
+  # structured content.
+  #
+  # clients should not use this directly. use the public api exposed in the
+  # top-level `As2` module itself.
+  #
+  # @api private
+  module Parser
+  end
+end

data/lib/as2/version.rb

@@ -1,3 +1,3 @@
 module As2
-  VERSION = "0.5.2"
+  VERSION = "0.6.0"
 end

data/lib/as2.rb

@@ -1,12 +1,14 @@
-require 'openssl'
 require 'mail'
+require 'openssl'
 require 'securerandom'
-require 'as2/config'
-require 'as2/server'
+
 require 'as2/client'
 require 'as2/client/result'
+require 'as2/config'
 require 'as2/digest_selector'
-require "as2/version"
+require 'as2/parser/disposition_notification_options'
+require 'as2/server'
+require 'as2/version'
 
 module As2
   def self.configure(&block)
@@ -20,4 +22,17 @@ module As2
   def self.generate_message_id(server_info)
     "<#{server_info.name}-#{Time.now.strftime('%Y%m%d-%H%M%S')}-#{SecureRandom.uuid}@#{server_info.domain}>"
   end
+
+  # Select which algorithm to use for calculating a MIC, based on preferences
+  # stated by sender & our list of available algorithms.
+  #
+  # @see https://datatracker.ietf.org/doc/html/rfc4130#section-7.3
+  #
+  # @param [String] disposition_notification_options The content of an HTTP
+  #   Disposition-Notification-Options header
+  # @return [String, nil] either an algorithm name, or nil if none is found in given header
+  def self.choose_mic_algorithm(disposition_notification_options)
+    parsed = As2::Parser::DispositionNotificationOptions.parse(disposition_notification_options)
+    Array(parsed['signed-receipt-micalg']).find { |m| As2::DigestSelector.valid?(m) }
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: as2
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.6.0
 platform: ruby
 authors:
 - OfficeLuv
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-09-15 00:00:00.000000000 Z
+date: 2023-04-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail
@@ -68,7 +68,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: thin
+  name: rackup
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: puma
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -166,8 +180,11 @@ files:
 - lib/as2/digest_selector.rb
 - lib/as2/message.rb
 - lib/as2/mime_generator.rb
+- lib/as2/parser.rb
+- lib/as2/parser/disposition_notification_options.rb
 - lib/as2/server.rb
 - lib/as2/version.rb
+- tmp/inbox/.keep
 homepage: https://github.com/alexdean/as2
 licenses:
 - MIT