enmail 0.1.0 → 0.2.0

data/lib/enmail/adapters/rnp_requirements.rb

@@ -0,0 +1,3 @@
+gem "rnp", *EnMail::DependencyConstraints::RNP
+
+require "rnp"

data/lib/enmail/dependency_constraints.rb

@@ -0,0 +1,9 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+module EnMail
+  module DependencyConstraints
+    GPGME = ["~> 2.0"].freeze
+    RNP = [">= 1.0.1", "< 2"].freeze
+  end
+end

data/lib/enmail/extensions/message_transport_encoding_restrictions.rb

@@ -0,0 +1,20 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+module EnMail
+  module Extensions
+    module MessageTransportEncodingRestrictions
+      def identify_and_set_transfer_encoding
+        if @enmail_rfc18467_encoding_restrictions && !multipart?
+          str = body.raw_source
+          self.content_transfer_encoding = [
+            ::Mail::Encodings::Base64,
+            ::Mail::Encodings::QuotedPrintable,
+          ].min { |a, b| a.cost(str) <=> b.cost(str) }
+        else
+          super
+        end
+      end
+    end
+  end
+end

data/lib/enmail/helpers/message_manipulation.rb

@@ -0,0 +1,73 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+module EnMail
+  module Helpers
+    # A toolbox with common operations for manipulating and reading message
+    # properties, potentially useful for all adapters.
+    module MessageManipulation
+      protected
+
+      # Returns a new +Mail::Part+ with the same content and MIME headers
+      # as the message passed as an argument.
+      #
+      # Although Mail gem provides +Mail::Message#convert_to_multipart+ method,
+      # it works correctly for non-multipart text/plain messages only.  This
+      # method is more robust, and handles messages containing any content type,
+      # be they multipart or not.
+      #
+      # The message passed as an argument is not altered.
+      #
+      # TODO Copy MIME headers (ones which start with "Content-")
+      # TODO Preserve Content-Transfer-Encoding when possible
+      # TODO Set some safe Content-Transfer-Encoding, like quoted-printable
+      def body_to_part(message)
+        part = ::Mail::Part.new
+        part.content_type = message.content_type
+        if message.multipart?
+          message.body.parts.each { |p| part.add_part p.dup }
+        else
+          part.body = message.body.decoded
+        end
+        part
+      end
+
+      # Detects a list of e-mails which should be used to define a list of
+      # recipients of encrypted message.  All is simply taken from the message
+      # +To:+ field.
+      #
+      # @param [Mail::Message] message
+      # @return [Array] an array of e-mails
+      def find_recipients_for(message)
+        message.to_addrs
+      end
+
+      # Detects e-mail which should be used to find a message signer key.
+      # Basically, it is taken from the message +From:+ field, but may be
+      # overwritten by +:signer+ adapter option.
+      #
+      # @param [Mail::Message] message
+      # @return [String] an e-mail
+      def find_signer_for(message)
+        options[:signer] || message.from_addrs.first
+      end
+
+      # Replaces a message body.  Clears all the existing body, be it multipart
+      # or not, and then appends parts passed as an argument.
+      #
+      # @param [Mail::Message] message
+      #   Message which body is expected to be replaced.
+      # @param [String] content_type
+      #   A new content type for message, required, must be kinda multipart.
+      # @param [Array] parts
+      #   List of parts which the new message body is expected to be composed
+      #   from.
+      # @return undefined
+      def rewrite_body(message, content_type:, parts: [])
+        message.body = nil
+        message.content_type = content_type
+        parts.each { |p| message.add_part(p) }
+      end
+    end
+  end
+end

data/lib/enmail/helpers/rfc1847.rb

@@ -0,0 +1,103 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+module EnMail
+  module Helpers
+    # Common interface for building adapters conforming to RFC 1847 "Security
+    # Multiparts for MIME: Multipart/Signed and Multipart/Encrypted".
+    # It provides +sign+ and +encrypt+ public methods.
+    module RFC1847
+      include MessageManipulation
+
+      # Encrypts a message in a +multipart/encrypted+ fashion as defined
+      # in RFC 1847.
+      #
+      # @param [Mail::Message] message
+      #   Message which is expected to be encrypted.
+      def encrypt(message)
+        source_part = body_to_part(message)
+        recipients = find_recipients_for(message)
+        encrypted = encrypt_string(source_part.encoded, recipients).to_s
+        encrypted_part = build_encrypted_part(encrypted)
+        control_part = build_encryption_control_part
+
+        rewrite_body(
+          message,
+          content_type: multipart_encrypted_content_type,
+          parts: [control_part, encrypted_part],
+        )
+      end
+
+      # Signs a message in a +multipart/signed+ fashion as defined in RFC 1847.
+      #
+      # @param [Mail::Message] message
+      #   Message which is expected to be signed.
+      def sign(message)
+        source_part = body_to_part(message)
+        restrict_encoding(source_part)
+        signer = find_signer_for(message)
+        micalg, signature = compute_signature(source_part.encoded, signer)
+        signature_part = build_signature_part(signature)
+
+        rewrite_body(
+          message,
+          content_type: multipart_signed_content_type(micalg: micalg),
+          parts: [source_part, signature_part],
+        )
+      end
+
+      protected
+
+      def restrict_encoding(part)
+        if part.multipart?
+          part.parts.each { |p| restrict_encoding(p) }
+        else
+          ivar = "@enmail_rfc18467_encoding_restrictions"
+          part.instance_variable_set(ivar, true)
+        end
+      end
+
+      # Builds a mail part containing the encrypted message, that is
+      # the 2nd subpart of +multipart/encrypted+ as defined in RFC 1847.
+      def build_encrypted_part(encrypted)
+        part = ::Mail::Part.new
+        part.content_type = encrypted_message_content_type
+        part.body = encrypted
+        part
+      end
+
+      # Builds a mail part containing the control information for encrypted
+      # message, that is the 1st subpart of +multipart/encrypted+ as defined in
+      # RFC 1847.
+      def build_encryption_control_part
+        part = ::Mail::Part.new
+        part.content_type = encryption_protocol
+        part.body = encryption_control_information
+        part
+      end
+
+      # Builds a mail part containing the digital signature, that is
+      # the 2nd subpart of +multipart/signed+ as defined in RFC 1847.
+      def build_signature_part(signature)
+        part = ::Mail::Part.new
+        part.content_type = sign_protocol
+        part.body = signature
+        part
+      end
+
+      def multipart_signed_content_type(protocol: sign_protocol, micalg:)
+        %[multipart/signed; protocol="#{protocol}"; micalg="#{micalg}"]
+      end
+
+      def multipart_encrypted_content_type(protocol: encryption_protocol)
+        %[multipart/encrypted; protocol="#{protocol}"]
+      end
+
+      # The encrypted message must have content type +application/octet-stream+,
+      # as defined in RFC 1847 p. 6.
+      def encrypted_message_content_type
+        "application/octet-stream"
+      end
+    end
+  end
+end

data/lib/enmail/helpers/rfc3156.rb

@@ -0,0 +1,60 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
+module EnMail
+  module Helpers
+    # Common interface for building adapters conforming to RFC 3156 "MIME
+    # Security with OpenPGP", which is an implementation of RFC 1847
+    # "Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted".
+    #
+    # See: https://tools.ietf.org/html/rfc3156
+    module RFC3156
+      include RFC1847
+
+      # The RFC 3156 explicitly allows for signing and encrypting data in
+      # a single OpenPGP message.
+      # See: https://tools.ietf.org/html/rfc3156#section-6.2
+      #
+      # rubocop:disable Metrics/MethodLength
+      def sign_and_encrypt_combined(message)
+        source_part = body_to_part(message)
+        restrict_encoding(source_part)
+        signer = find_signer_for(message)
+        recipients = find_recipients_for(message)
+        encrypted =
+          sign_and_encrypt_string(source_part.encoded, signer, recipients).to_s
+        encrypted_part = build_encrypted_part(encrypted)
+        control_part = build_encryption_control_part
+
+        rewrite_body(
+          message,
+          content_type: multipart_encrypted_content_type,
+          parts: [control_part, encrypted_part],
+        )
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      # The RFC 3156 requires that the message is first signed, then encrypted.
+      # See: https://tools.ietf.org/html/rfc3156#section-6.1
+      def sign_and_encrypt_encapsulated(message)
+        sign(message)
+        encrypt(message)
+      end
+
+      protected
+
+      def sign_protocol
+        "application/pgp-signature"
+      end
+
+      def encryption_protocol
+        "application/pgp-encrypted"
+      end
+
+      # As defined in RFC 3156
+      def encryption_control_information
+        "Version: 1"
+      end
+    end
+  end
+end

data/lib/enmail/version.rb

@@ -1,3 +1,6 @@
+# (c) Copyright 2018 Ribose Inc.
+#
+
 module EnMail
-  VERSION = "0.1.0".freeze
+  VERSION = "0.2.0".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: enmail
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
-- Ronald Tse
+- Ribose Inc.
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-07-03 00:00:00.000000000 Z
+date: 2019-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail
@@ -28,30 +28,96 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.14'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.14'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: gpgme
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.10.3
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '13'
+- !ruby/object:Gem::Dependency
+  name: rnp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -67,50 +133,60 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: rspec-pgp_matchers
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.3
+        version: 0.1.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.10.3
+        version: 0.1.1
 description: Encrypted Email in Ruby
 email:
-- ronald.tse@ribose.com
+- open.source@ribose.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".editorconfig"
 - ".gitignore"
+- ".gitmodules"
 - ".hound.yml"
 - ".rubocop.yml"
 - ".travis.yml"
+- ".yardopts"
 - CODE_OF_CONDUCT.md
 - Gemfile
-- README.md
+- LICENSE.txt
+- README.adoc
 - REQUIREMENTS.md
 - Rakefile
 - bin/console
 - bin/rspec
 - bin/setup
+- ci/install_botan.sh
+- ci/install_json_c.sh
+- ci/install_rnp.sh
+- docs/GPGMEAdapter.adoc
+- docs/RNPAdapter.adoc
 - enmail.gemspec
 - lib/enmail.rb
-- lib/enmail/certificate_finder.rb
-- lib/enmail/config.rb
-- lib/enmail/configuration.rb
-- lib/enmail/enmailable.rb
-- lib/enmail/key.rb
-- lib/enmail/mail_ext/message.rb
+- lib/enmail/adapters/base.rb
+- lib/enmail/adapters/gpgme.rb
+- lib/enmail/adapters/gpgme_requirements.rb
+- lib/enmail/adapters/rnp.rb
+- lib/enmail/adapters/rnp_requirements.rb
+- lib/enmail/dependency_constraints.rb
+- lib/enmail/extensions/message_transport_encoding_restrictions.rb
+- lib/enmail/helpers/message_manipulation.rb
+- lib/enmail/helpers/rfc1847.rb
+- lib/enmail/helpers/rfc3156.rb
 - lib/enmail/version.rb
-- lib/mail/secure/mail_interceptors/pgp.rb
-- lib/mail/secure/models/key.rb
-- lib/mail/secure/pgp_mailable.rb
 homepage: https://github.com/riboseinc/enmail
 licenses:
 - MIT
@@ -130,8 +206,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Encrypted Email in Ruby