RubyGems - mail-gpg - Versions diffs - 0.1.2 → 0.1.3 - Mend

mail-gpg 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/History.txt +19 -1
data/README.md +19 -2
data/lib/mail/gpg.rb +54 -3
data/lib/mail/gpg/gpgme_helper.rb +9 -0
data/lib/mail/gpg/message_patch.rb +7 -0
data/lib/mail/gpg/sign_part.rb +7 -0
data/lib/mail/gpg/version.rb +1 -1
data/test/gpg_test.rb +4 -2
data/test/message_test.rb +17 -2
data/test/sign_part_test.rb +7 -2
metadata +2 -2

data/History.txt CHANGED

@@ -1,6 +1,24 @@
+== 0.1.3 2014-02-17
+* Signature checking implemented, thanks to Morten Andersen
+== 0.1.2 2013-11-19
+* bugfix release
+== 0.1.1 2013-11-14
+* bugfix release
+== 0.1.0 2013-11-06
+* decryption support (thanks to Morten Andersen)
+* sign-only operation (thanks to FewKinG)
+* keyserver url lookup (thanks to FewKinG)
 == 0.0.6 2013-08-28
-* bugfix: onlyu encrypt to specified keys if :keys option is present
+* bugfix: only encrypt to specified keys if :keys option is present
 == 0.0.5 2013-08-28

data/README.md CHANGED

@@ -96,13 +96,15 @@ if mail.encrypted?
 end
 ```
+Set the `:verify` option to `true` when calling `decrypt` to decrypt *and* verify signatures.
 A `GPGME::Error::BadPassphrase` will be raised if the password for the private key is incorrect.
 A `EncodingError` will be raised if the encrypted mails is not encoded correctly as a [RFC 3156](http://www.ietf.org/rfc/rfc3156.txt) message.
 ### Signing only
-Just leave the the `:encrypt` option out or pass `encrypt: false`, i.e.
+Just leave the `:encrypt` option out or pass `encrypt: false`, i.e.
     Mail.new do
@@ -110,6 +112,21 @@ Just leave the the `:encrypt` option out or pass `encrypt: false`, i.e.
       gpg sign: true
     end.deliver
+### Verify signature(s)
+Receive the mail as usual. Check if it is signed using the `signed?` method. Check the signature of the mail with the `signature_valid?` method:
+```ruby
+mail = Mail.first
+if !mail.encrypted? && mail.signed?
+  # do not call signed on encrypted mails. The signature on encrypted mails
+  # must be checked by setting the :verify option when decrypting
+  puts "signature(s) valid: #{mail.signature_valid?}"
+end
+```
+Note that for encrypted mails the signatures can not be checked using these methods. For encrypted mails
+the `:verify` option for the `decrypt` operation must be used instead.
 ### Key import from public key servers
@@ -163,7 +180,7 @@ around with your personal gpg keychain.
 ## Todo
-* signature verification for received mails
+* signature verification for received mails with inline PGP
 * on the fly import of recipients' keys from public key servers based on email address or key id
 * handle encryption errors due to missing keys - maybe return a list of failed
   recipients

data/lib/mail/gpg.rb CHANGED

@@ -47,14 +47,16 @@ module Mail
     def self.sign(cleartext_mail, options = {})
       construct_mail(cleartext_mail, options) do
         options[:sign_as] ||= cleartext_mail.from
-        add_part SignPart.new(cleartext_mail, options)
         add_part Mail::Part.new(cleartext_mail)
+        add_part SignPart.new(cleartext_mail, options)
         content_type "multipart/signed; micalg=pgp-sha1; protocol=\"application/pgp-signature\"; boundary=#{boundary}"
         body.preamble = options[:preamble] || "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)"
       end
     end
+    # options are:
+    # :verify: decrypt and verify
     def self.decrypt(encrypted_mail, options = {})
       if encrypted_mime?(encrypted_mail)
         decrypt_pgp_mime(encrypted_mail, options)
@@ -65,12 +67,33 @@ module Mail
       end
     end
+    def self.signature_valid?(signed_mail, options = {})
+      if signed_mime?(signed_mail)
+        signature_valid_pgp_mime?(signed_mail, options)
+      else
+        raise EncodingError, "Unsupported signature format '#{signed_mail.content_type}'"
+      end
+    end
+    # true if a mail is encrypted
     def self.encrypted?(mail)
       return true if encrypted_mime?(mail)
       return true if encrypted_inline?(mail)
       false
     end
+    # true if a mail is signed.
+    #
+    # throws EncodingError if called on an encrypted mail (so only call this method if encrypted? is false)
+    def self.signed?(mail)
+      return true if signed_mime?(mail)
+      return true if signed_inline?(mail)
+      if encrypted?(mail)
+        raise EncodingError, 'Unable to determine signature on an encrypted mail, use :verify option on decrypt()'
+      end
+      false
+    end
     private
     def self.construct_mail(cleartext_mail, options, &block)
@@ -113,7 +136,16 @@ module Mail
       InlineDecryptedMessage.new(encrypted_mail, options)
     end
-    # check if PGP/MIME (RFC 3156)
+    # check signature for PGP/MIME (RFC 3156, section 5) signed mail
+    def self.signature_valid_pgp_mime?(signed_mail, options)
+      # MUST contain exactly two body parts
+      if signed_mail.parts.length != 2
+        raise EncodingError, "RFC 3136 mandates exactly two body parts, found '#{signed_mail.parts.length}'"
+      end
+      SignPart.signature_valid?(signed_mail.parts[0], signed_mail.parts[1], options)
+    end
+    # check if PGP/MIME encrypted (RFC 3156)
     def self.encrypted_mime?(mail)
       mail.has_content_type? &&
         'multipart/encrypted' == mail.mime_type &&
@@ -121,7 +153,7 @@ module Mail
     end
     # check if inline PGP (i.e. if any parts of the mail includes
-    # the PGP MESSAGE marker
+    # the PGP MESSAGE marker)
     def self.encrypted_inline?(mail)
       return true if mail.body.include?('-----BEGIN PGP MESSAGE-----')
       if mail.multipart?
@@ -134,5 +166,24 @@ module Mail
       end
       false
     end
+    # check if PGP/MIME signed (RFC 3156)
+    def self.signed_mime?(mail)
+      mail.has_content_type? &&
+        'multipart/signed' == mail.mime_type &&
+        'application/pgp-signature' == mail.content_type_parameters[:protocol]
+    end
+    # check if inline PGP (i.e. if any parts of the mail includes
+    # the PGP SIGNED marker)
+    def self.signed_inline?(mail)
+      return true if mail.body.include?('-----BEGIN PGP SIGNED MESSAGE-----')
+      if mail.multipart?
+        mail.parts.each do |part|
+          return true if part.body.include?('-----BEGIN PGP SIGNED MESSAGE-----')
+        end
+      end
+      false
+    end
   end
 end

data/lib/mail/gpg/gpgme_helper.rb CHANGED

@@ -72,6 +72,15 @@ module Mail
         crypto.sign GPGME::Data.new(plain), options
       end
+      def self.sign_verify(plain, signature, options = {})
+        signed = false
+        GPGME::Crypto.new.verify(signature, signed_text: plain) do |sig|
+          return false if !sig.valid? # just one invalid signature leads to false
+          signed = true
+        end
+        return signed
+      end
       private
       # normalizes the list of recipients' emails, key ids and key data to a

data/lib/mail/gpg/message_patch.rb CHANGED

@@ -59,6 +59,13 @@ module Mail
         Mail::Gpg.decrypt(self, options)
       end
+      def signed?
+        Mail::Gpg.signed?(self)
+      end
+      def signature_valid?(options = {})
+        Mail::Gpg.signature_valid?(self, options)
+      end
     end
   end
 end

data/lib/mail/gpg/sign_part.rb CHANGED

@@ -12,6 +12,13 @@ module Mail
         end
       end
+      def self.signature_valid?(plain, signature, options = {})
+        if !(signature.has_content_type? && ('application/pgp-signature' == signature.mime_type))
+          return false
+        end
+        GpgmeHelper.sign_verify(plain.encoded, signature.body.encoded, options)
+      end
     end
   end
 end

data/lib/mail/gpg/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Mail
   module Gpg
-    VERSION = "0.1.2"
+    VERSION = "0.1.3"
   end
 end

data/test/gpg_test.rb CHANGED

@@ -29,15 +29,17 @@ class GpgTest < Test::Unit::TestCase
   end
   def check_signature(mail = @mail, signed = @signed)
+    assert signed.signed?
     assert signature = signed.parts.detect{|p| p.content_type =~ /signature\.asc/}.body.to_s
     GPGME::Crypto.new.verify(signature, signed_text: mail.encoded) do |sig|
       assert true == sig.valid?
     end
+    assert Mail::Gpg.signature_valid?(signed)
   end
   def check_mime_structure_signed(mail = @mail, signed = @signed)
     assert_equal 2, signed.parts.size
-    sign_part, orig_part = signed.parts
+    orig_part, sign_part = signed.parts
     assert_equal 'application/pgp-signature; name=signature.asc', sign_part.content_type
     assert_equal orig_part.content_type, @mail.content_type
@@ -153,7 +155,7 @@ class GpgTest < Test::Unit::TestCase
       end
       should 'have multiple parts in original content' do
-        assert original_part = @signed.parts.last
+        assert original_part = @signed.parts.first
         assert original_part.multipart?
         assert_equal 2, original_part.parts.size
         assert_match /sign me!/, original_part.parts.first.body.to_s

data/test/message_test.rb CHANGED

@@ -52,13 +52,28 @@ class MessageTest < Test::Unit::TestCase
           assert m = @mails.first
           assert_equal 'test', m.subject
           assert !m.encrypted?
+          assert m.signed?
           assert m.multipart?
+          assert m.signature_valid?
           assert sign_part = m.parts.last
-          assert m = Mail::Message.new(m.parts.last)
+          assert m = Mail::Message.new(m.parts.first)
           assert !m.multipart?
-          GPGME::Crypto.new.verify(sign_part.body.to_s, signed_text: @mail.encoded) do |sig|
+          GPGME::Crypto.new.verify(sign_part.body.to_s, signed_text: m.encoded) do |sig|
             assert true == sig.valid?
           end
+          assert_equal 'i am unencrypted', m.body.to_s
+        end
+        should "fail signature on tampered body" do
+          assert_equal 1, @mails.size
+          assert m = @mails.first
+          assert_equal 'test', m.subject
+          assert !m.encrypted?
+          assert m.signed?
+          assert m.multipart?
+          assert m.signature_valid?
+          m.parts.first.body = 'replaced body'
+          assert !m.signature_valid?
         end
       end
     end

data/test/sign_part_test.rb CHANGED

@@ -1,15 +1,20 @@
+require 'test_helper'
 require 'mail/gpg/sign_part'
 class SignPartTest < Test::Unit::TestCase
 	context 'SignPart' do
 		setup do
-			mail = Mail.new do
+			@mail = Mail.new do
 				to 'jane@foo.bar'
 				from 'joe@foo.bar'
 				subject 'test'
 				body 'i am unsigned'
 			end
-			@part = Mail::Gpg::SignPart.new(mail)
+		end
+		should 'roundtrip successfully' do
+			signature_part = Mail::Gpg::SignPart.new(@mail, password: 'abc')
+			assert Mail::Gpg::SignPart.signature_valid?(@mail, signature_part)
 		end
 	end
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mail-gpg
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-11-19 00:00:00.000000000 Z
+date: 2014-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mail