mail-gpg 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0b78947766a213897b05befac957f4897f431b9a
+  data.tar.gz: 50434795fe71f90c31e792080a2e961ad18424d4
+SHA512:
+  metadata.gz: e4d529af60a76911181bd5be28dbf074e2636f9401bed1634cf277c567d9f8041a63cd5b6b6159be5db82a0cf92f80ec9278d98d46261e9f669f3bdc0eec4e5d
+  data.tar.gz: a40e501cf9b446d6be4c9a1342d4bbed72427f28bb5b41301409959baef215dba9e8a0eb52fd5c275e2f0170a7ac3df968bc571ee13035383985c79310abb89b

data/.gitignore

@@ -0,0 +1,18 @@
+test/gpghome
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in mail-gpg.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Jens Kraemer
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,84 @@
+# Mail::Gpg
+
+This gem adds GPG/MIME encryption capabilities to the [Ruby Mail
+Library](https://github.com/mikel/mail)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'mail-gpg'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install mail-gpg
+
+
+## Usage
+
+### Encrypting / Signing
+Construct your Mail object as usual and hand it to `Mail::Gpg.encrypt` to get
+an encrypted Mail::Message object:
+
+    m = Mail.new do
+      to 'jane@doe.net'
+      from 'john@doe.net'
+      subject 'gpg test'
+      body "encrypt me!"
+      add_file "some_attachment.zip"
+    end
+
+    # encrypt message, no signing
+    Mail::Gpg.encrypt(m).deliver
+
+    # encrypt and sign message with sender's private key, using the given
+    # passphrase to decrypt the key
+    Mail::Gpg.encrypt(m, sign: true, password: 'secret').deliver
+
+    # encrypt and sign message using a different key
+    Mail::Gpg.encrypt(m, sign_as: 'joe@otherdomain.com', password: 'secret').deliver
+
+    # encrypt and sign message and use a callback function to provide the
+    # passphrase.
+    Mail::Gpg.encrypt(m, sign_as: 'joe@otherdomain.com',
+                         passphrase_callback: ->(obj, uid_hint, passphrase_info, prev_was_bad, fd){puts "Enter passphrase for #{passphrase_info}: "; (IO.for_fd(fd, 'w') << readline.chomp).flush }).deliver
+
+Make sure all recipients' public keys are in your local gpg keychain. You may also want to have a look at the [GPGME](https://github.com/ueno/ruby-gpgme) docs and code base for more info on the various options, especially regarding the `passphrase_callback` arguments.
+
+
+### Signing only
+
+This is not implemented yet
+
+
+## Running the tests
+
+    rake
+
+The first run might take a while since it sets up a mock gpg home directory in
+test/gpghome containing two different identities used in the test cases.
+Following test runs will use that directory if it still exists and will
+therefore be substantially faster.
+
+## Todo
+
+* Signing of unencrypted mails
+* Add optional on the fly import of recipients' keys from public key servers based on email address
+* Send encrypted mails to recipients when possible, fall back to unencrypted
+  mail otherwise
+* Ease and document usage with Rails' ActionMailer
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+

data/Rakefile

@@ -0,0 +1,48 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+require 'gpgme'
+
+def setup_gpghome
+  gpghome = File.join File.dirname(__FILE__), 'test', 'gpghome'
+  ENV['GNUPGHOME'] = gpghome
+  unless File.directory? gpghome
+    FileUtils.mkdir_p gpghome
+    GPGME::Ctx.new do |gpg|
+      gpg.generate_key <<-END
+<GnupgKeyParms format="internal">
+  Key-Type: DSA
+  Key-Length: 1024
+  Subkey-Type: ELG-E
+  Subkey-Length: 1024
+  Name-Real: Joe Tester
+  Name-Comment: with stupid passphrase
+  Name-Email: joe@foo.bar
+  Expire-Date: 0
+  Passphrase: abc
+</GnupgKeyParms>
+END
+      gpg.generate_key <<-END
+<GnupgKeyParms format="internal">
+  Key-Type: DSA
+  Key-Length: 1024
+  Subkey-Type: ELG-E
+  Subkey-Length: 1024
+  Name-Real: Jane Doe
+  Name-Comment: with stupid passphrase
+  Name-Email: jane@foo.bar
+  Expire-Date: 0
+  Passphrase: abc
+</GnupgKeyParms>
+END
+    end
+  end
+end
+
+task :default => [:test]
+Rake::TestTask.new(:test) do |test|
+  setup_gpghome
+  test.libs << 'test'
+  test.test_files = FileList['test/**/*_test.rb']
+  test.verbose = true
+end
+

data/lib/hkp.rb

@@ -0,0 +1,33 @@
+require 'open-uri'
+class Hkp
+  def initialize(keyserver = 'http://pool.sks-keyservers.net:11371')
+    @keyserver = keyserver
+  end
+
+  def search(name)
+    [].tap do |results|
+      open("#{@keyserver}/pks/lookup?options=mr&search=#{URI.escape name}") do |f|
+        f.each_line do |l|
+          if l =~ /pub:(\w{8}):/
+            results << $1
+          end
+        end
+      end
+    end
+  end
+
+  def fetch(id)
+    open("#{@keyserver}/pks/lookup?options=mr&op=get&search=0x#{URI.escape id}") do |f|
+      return clean_key f.read
+    end
+
+  end
+
+  private
+  def clean_key(key)
+    if key =~ /(-----BEGIN PGP PUBLIC KEY BLOCK-----.*-----END PGP PUBLIC KEY BLOCK-----)/m
+      return $1
+    end
+  end
+
+end

data/lib/mail-gpg.rb

@@ -0,0 +1 @@
+require 'mail/gpg'

data/lib/mail/gpg.rb

@@ -0,0 +1,46 @@
+require 'mail'
+require 'gpgme'
+
+require 'mail/gpg/version'
+require 'mail/gpg/version_part'
+require 'mail/gpg/encrypted_part'
+
+module Mail
+  module Gpg
+    # options are:
+    # :sign : sign message using the sender's private key
+    # :sign_as : sign using this key (give the corresponding email address)
+    # :passphrase: passphrase for the signing key
+    # :always_trust : send encrypted mail to untrusted receivers, true by default
+    def self.encrypt(cleartext_mail, options = {})
+      receivers = []
+      receivers += cleartext_mail.to if cleartext_mail.to
+      receivers += cleartext_mail.cc if cleartext_mail.cc
+      receivers += cleartext_mail.bcc if cleartext_mail.bcc
+
+      if options[:sign_as]
+        options[:sign] = true
+        options[:signers] = options.delete(:sign_as)
+      elsif options[:sign]
+        options[:signers] = cleartext_mail.from
+      end
+
+      Mail.new do
+        from cleartext_mail.from
+        to cleartext_mail.to
+        cc cleartext_mail.cc
+        bcc cleartext_mail.bcc
+        subject cleartext_mail.subject
+        add_part VersionPart.new
+        add_part EncryptedPart.new(cleartext_mail,
+                                   options.merge({recipients: receivers}))
+        content_type "multipart/encrypted; protocol=\"application/pgp-encrypted\"; boundary=#{boundary}"
+        body.preamble = "This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156)"
+      end
+    end
+
+    def self.decrypt(encrypted_mail, options = {})
+      # TODO :)
+    end
+  end
+end

data/lib/mail/gpg/encrypted_part.rb

@@ -0,0 +1,84 @@
+module Mail
+  module Gpg
+    class EncryptedPart < Mail::Part
+
+      # options are:
+      # :signers : sign using this key (give the corresponding email address)
+      # :passphrase: passphrase for the signing key
+      # :recipients : array of receiver addresses
+      # :always_trust : send encrypted mail to untrusted receivers, true by default
+      def initialize(cleartext_mail, options = {})
+        options = { always_trust: true }.merge options
+        #clear_part = Mail.new
+        #parts.each do |p|
+        #  clear_part.add_part p
+        #end
+
+        encrypted = encrypt(cleartext_mail.encoded, options)
+        super() do
+          body encrypted.to_s
+          content_type 'application/octet-stream; name="encrypted.asc"'
+          content_disposition 'inline; filename="encrypted.asc"'
+          content_description 'OpenPGP encrypted message'
+        end
+      end
+
+      private
+
+      def encrypt(plain, options = {})
+        options = options.merge({armor: true})
+
+        plain_data  = GPGME::Data.new(plain)
+        cipher_data = GPGME::Data.new(options[:output])
+
+        recipient_keys = keys_for_data options[:recipients], options.delete(:keys)
+
+        flags = 0
+        flags |= GPGME::ENCRYPT_ALWAYS_TRUST if options[:always_trust]
+
+        GPGME::Ctx.new(options) do |ctx|
+          begin
+            if options[:sign]
+              if options[:signers]
+                signers = Key.find(:public, options[:signers], :sign)
+                ctx.add_signer(*signers)
+              end
+              ctx.encrypt_sign(recipient_keys, plain_data, cipher_data, flags)
+            else
+              ctx.encrypt(recipient_keys, plain_data, cipher_data, flags)
+            end
+          rescue GPGME::Error::UnusablePublicKey => exc
+            exc.keys = ctx.encrypt_result.invalid_recipients
+            raise exc
+          rescue GPGME::Error::UnusableSecretKey => exc
+            exc.keys = ctx.sign_result.invalid_signers
+            raise exc
+          end
+        end
+
+        cipher_data.seek(0)
+        cipher_data
+      end
+
+      # normalizes the list of recipients' emails, key ids and key data to a
+      # list of Key objects
+      def keys_for_data(emails_or_shas_or_keys, key_data = nil)
+        keys = if key_data
+          emails_or_shas_or_keys.map do |r|
+            # import any given keys
+            k = key_data[r]
+            if k and k =~ /-----BEGIN PGP/
+              GPGME::Key.import k
+              k = nil
+            end
+            GPGME::Key.find(:public, k || r)
+          end.flatten
+        else
+          # key lookup in keychain for all receivers
+          GPGME::Key.find :public, emails_or_shas_or_keys, :encrypt
+        end
+      end
+
+    end
+  end
+end

data/lib/mail/gpg/version.rb

@@ -0,0 +1,5 @@
+module Mail
+  module Gpg
+    VERSION = "0.0.1"
+  end
+end

data/lib/mail/gpg/version_part.rb

@@ -0,0 +1,14 @@
+require 'mail/part'
+
+module Mail
+  module Gpg
+    class VersionPart < Mail::Part
+      def initialize(*args)
+        super
+        body 'Version 1.0'
+        content_type 'application/pgp-encrypted'
+        content_description 'PGP/MIME Versions Identification'
+      end
+    end
+  end
+end

data/mail-gpg.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'mail/gpg/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "mail-gpg"
+  spec.version       = Mail::Gpg::VERSION
+  spec.authors       = ["Jens Kraemer"]
+  spec.email         = ["jk@jkraemer.net"]
+  spec.description   = "GPG/MIME encryption plugin for the Ruby Mail Library\nBecause privacy matters."
+  spec.summary       = %q{GPG/MIME encryption plugin for the Ruby Mail Library}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "mail", "~> 2.5.3"
+  spec.add_dependency "gpgme", "~> 2.0.2"
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "pry-nav"
+  spec.add_development_dependency "shoulda-context"
+end

data/test/gpg_test.rb

@@ -0,0 +1,89 @@
+require 'test_helper'
+
+class GpgTest < Test::Unit::TestCase
+
+  def check_headers(mail, encrypted)
+    assert_equal mail.to, encrypted.to
+    assert_equal mail.cc, encrypted.cc
+    assert_equal mail.bcc, encrypted.bcc
+    assert_equal mail.subject, encrypted.subject
+  end
+
+  def check_mime_structure(mail, encrypted)
+    assert_equal 2, encrypted.parts.size
+    assert_match /Version 1/, encrypted.parts.first.to_s
+  end
+
+  context "gpg installation" do
+    should "have keys for jane and joe" do
+      assert joe = GPGME::Key.find(:public, 'joe@foo.bar').first
+      assert jane = GPGME::Key.find(:public, 'jane@foo.bar').first
+    end
+  end
+
+  context "gpg encrypted" do
+
+    setup do
+      @mail = Mail.new do
+        to 'jane@foo.bar'
+        from 'joe@foo.bar'
+        subject 'test test'
+        body 'encrypt me!'
+      end
+    end
+
+
+    context 'mail with multiple recipients' do
+      setup do
+#        @mail.bcc 'joe@foo.bar'
+        @encrypted = Mail::Gpg.encrypt(@mail)
+      end
+
+      should 'have same recipients and subject' do
+        check_headers @mail, @encrypted
+      end
+
+      should 'have proper gpgmime structure' do
+        check_mime_structure @mail, @encrypted
+      end
+
+      should "encrypt for all recipients" do
+        assert encrypted_body = @encrypted.parts.last.to_s
+      end
+
+    end
+
+    context 'multipart mail' do
+      setup do
+        @mail.add_file 'Rakefile'
+        @encrypted = Mail::Gpg.encrypt(@mail)
+      end
+
+      should 'have same recipients and subject' do
+        check_headers @mail, @encrypted
+      end
+
+      should 'have proper gpgmime structure' do
+        check_mime_structure @mail, @encrypted
+      end
+    end
+
+    context 'simple mail' do
+      setup do
+        @encrypted = Mail::Gpg.encrypt(@mail)
+      end
+
+      should 'have same recipients and subject' do
+        check_headers @mail, @encrypted
+      end
+
+      should 'have proper gpgmime structure' do
+        check_mime_structure @mail, @encrypted
+      end
+
+    end
+
+
+  end
+end
+

data/test/test_helper.rb

@@ -0,0 +1,5 @@
+require 'test/unit'
+require 'shoulda/context'
+require 'mail-gpg'
+require 'pry-nav'
+

metadata

@@ -0,0 +1,147 @@
+--- !ruby/object:Gem::Specification
+name: mail-gpg
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Jens Kraemer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-08-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mail
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.5.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.5.3
+- !ruby/object:Gem::Dependency
+  name: gpgme
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.0.2
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-nav
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: shoulda-context
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  GPG/MIME encryption plugin for the Ruby Mail Library
+  Because privacy matters.
+email:
+- jk@jkraemer.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/hkp.rb
+- lib/mail-gpg.rb
+- lib/mail/gpg.rb
+- lib/mail/gpg/encrypted_part.rb
+- lib/mail/gpg/version.rb
+- lib/mail/gpg/version_part.rb
+- mail-gpg.gemspec
+- test/gpg_test.rb
+- test/test_helper.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: GPG/MIME encryption plugin for the Ruby Mail Library
+test_files:
+- test/gpg_test.rb
+- test/test_helper.rb
+has_rdoc: