RubyGems - mr_smime - Versions diffs - 0.1.0 - Mend

mr_smime 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

checksums.yaml +7 -0
data/.gitignore +10 -0
data/.rspec +2 -0
data/.rubocop.yml +2 -0
data/Gemfile +4 -0
data/README.md +84 -0
data/Rakefile +6 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/lib/mr_smime.rb +24 -0
data/lib/mr_smime/certificate.rb +53 -0
data/lib/mr_smime/configuration.rb +9 -0
data/lib/mr_smime/encrypter.rb +36 -0
data/lib/mr_smime/interceptor.rb +33 -0
data/lib/mr_smime/signer.rb +39 -0
data/lib/mr_smime/version.rb +3 -0
data/mr_smime.gemspec +25 -0
metadata +115 -0

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 687e80fee82c8782704981eb2a3889da7a26cf4e
+  data.tar.gz: ec4468a3fcdfe6eda52839db21e9b61ced078e00
+SHA512:
+  metadata.gz: dd5f3d2a00eccc9e1ffdcd3b0ea62836e120df121ea7299aad3efe0de7f39caf363b5ff0e3359e1249a1dab152b649cf922ef08aa85a42e94d566d79496da39d
+  data.tar.gz: 4eb613dfcb1448e47608f4faaecb2bd9c4a98660364d9b4578413f2a9ffc3e79d521e77c4f98aebeb006999af4c4ee26e7442057b72b761d88fc4d0a80f7b806

data/.gitignore ADDED

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+.rubocop-*

data/.rspec ADDED

	@@ -0,0 +1,2 @@
1	+ --format documentation
2	+ --color

data/.rubocop.yml ADDED

	@@ -0,0 +1,2 @@
1	+ inherit_from:
2	+ - https://raw.githubusercontent.com/bluerail/rubocop-config/master/rubocop.yml

data/Gemfile ADDED

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in mr_smime.gemspec
+gemspec

data/README.md ADDED

@@ -0,0 +1,84 @@
+# MrSmime
+Secure/Multipurpose Internet Mail Extensions (S/MIME) support for ActionMailer
+## Installation
+Add this line to your application's Gemfile:
+```ruby
+gem 'mr_smime'
+```
+And then execute:
+    $ bundle
+## Usage
+Setup a certificate-path in your applicaion.rb:
+```ruby
+module MyApp
+  class Application < Rails::Application
+    ...
+    MrSmime.configure do |config|
+      config.certificate_path = Rails.root.join('config', 'certificates')
+    end
+    ...
+  end
+end
+```
+Add certificates for each of your senders (and recipients if you want encryption). We expect a .key and .pem file where
+@ has been replaced by . (e.g. john@example.com results in john.example.com.key and john.example.com.pem)
+That's it!
+## Configuration-options
+| Option           | Default value | Description                                          |
+|------------------|---------------|------------------------------------------------------|
+| certificate_path |               | Pathname to location of certificate-files            |
+| enabled          | true          | Boolean to have Mr Smime actually perform it's magic |
+## TODO
+* Make it easy to save certificates from incoming e-mails (so we can sent encrypted mails back to them)
+* Add options to use keys with passphrases
+* Add options to enable on a per something base
+## Development
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can
+also run `bin/console` for an interactive prompt that will allow you to experiment.
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the
+version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version,
+push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+### Creating self signed certificates
+Create a CA certificate first:
+```
+$ openssl genrsa -out ca.key 4096
+$ openssl req -new -x509 -days 365 -key ca.key -out ca.crt
+```
+Then create a certificate for each of your mail addresses (i'm certain there is a better way to do this):
+```
+$ openssl genrsa -out jane.example.com.key 4096
+$ openssl req -new -key jane.example.com.key -out jane.example.com.csr
+$ openssl x509 -req -days 365 -in jane.example.com.csr -CA ca.crt -CAkey ca.key -set_serial 1 -out jane.example.com.crt -setalias "Self Signed SMIME" -addtrust emailProtection -addreject clientAuth -addreject serverAuth -trustout
+$ openssl pkcs12 -export -in jane.example.com.crt -inkey jane.example.com.key -out jane.example.com.p12
+$ openssl pkcs12 -in jane.example.com.p12 -clcerts -nokeys -out jane.example.com.pem
+```
+## Contributing
+Bug reports and pull requests are welcome on GitHub at https://github.com/bluerail/mr_smime.

data/Rakefile ADDED

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+task default: :spec

data/bin/console ADDED

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+require 'bundler/setup'
+require 'mr_smime'
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require 'pry'
+# Pry.start
+require 'irb'
+IRB.start

data/bin/setup ADDED

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+bundle install
+# Do any other automated setup that you need to do here

data/lib/mr_smime.rb ADDED

@@ -0,0 +1,24 @@
+require 'mail'
+require 'mr_smime/certificate'
+require 'mr_smime/configuration'
+require 'mr_smime/encrypter'
+require 'mr_smime/interceptor'
+require 'mr_smime/signer'
+require 'mr_smime/version'
+module MrSmime
+  class << self
+    attr_accessor :configuration
+  end
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+  def self.configure
+    yield(configuration)
+  end
+end
+Mail.register_interceptor(MrSmime::Interceptor)

data/lib/mr_smime/certificate.rb ADDED

@@ -0,0 +1,53 @@
+require 'openssl'
+module MrSmime
+  class Certificate
+    include OpenSSL
+    def self.find(email)
+      return unless exist?(email)
+      new(email)
+    end
+    def self.exist?(email)
+      new(email).present?
+    end
+    def self.root
+      MrSmime.configuration.certificate_path
+    end
+    def self.filename(email, extension)
+      email.tr('@', '.') + '.' + extension.to_s
+    end
+    def initialize(email)
+      @email = email
+    end
+    def present?
+      File.exist? certificate_path
+    end
+    def certificate
+      X509::Certificate.new(File.read(certificate_path))
+    end
+    def certificate_path
+      filename(:pem)
+    end
+    def private_key
+      PKey::RSA.new(File.read(private_key_path))
+    end
+    def private_key_path
+      filename(:key)
+    end
+    def filename(extension)
+      File.join Certificate.root, Certificate.filename(@email, extension)
+    end
+  end
+end

data/lib/mr_smime/configuration.rb ADDED

@@ -0,0 +1,9 @@
+module MrSmime
+  class Configuration
+    attr_accessor :certificate_path, :enabled
+    def initialize
+      @enabled = true
+    end
+  end
+end

data/lib/mr_smime/encrypter.rb ADDED

@@ -0,0 +1,36 @@
+require 'openssl'
+module MrSmime
+  class Encrypter
+    def initialize(message)
+      @message = message
+    end
+    def encrypted_data(data)
+      return data unless encryptable?
+      OpenSSL::PKCS7.write_smime(
+        OpenSSL::PKCS7.encrypt(
+          recipient_certificates.map(&:certificate),
+          data,
+          cipher
+        )
+      )
+    end
+    def encryptable?
+      Signer.new(@message).signable? &&
+        recipient_certificates.all? { |certificate| !certificate.nil? && certificate.present? }
+    end
+    def cipher
+      @cipher ||= OpenSSL::Cipher.new('AES-128-CBC')
+    end
+    def recipient_certificates
+      @message.to.map do |email_address|
+        Certificate.find(email_address)
+      end
+    end
+  end
+end

data/lib/mr_smime/interceptor.rb ADDED

@@ -0,0 +1,33 @@
+module MrSmime
+  class Interceptor
+    class << self
+      def delivering_email(message)
+        return message unless MrSmime.configuration.enabled
+        encrypted_message = Mail.new(encrypted_data(message, signed_data(message, message.encoded)))
+        overwrite_body(message, encrypted_message)
+        overwrite_headers(message, encrypted_message)
+      end
+      def signed_data(message, data)
+        Signer.new(message).signed_data(data)
+      end
+      def encrypted_data(message, data)
+        Encrypter.new(message).encrypted_data(data)
+      end
+      def overwrite_body(message, encrypted_message)
+        message.body = nil
+        message.body = encrypted_message.body.encoded
+      end
+      def overwrite_headers(message, encrypted_message)
+        message.content_disposition = encrypted_message.content_disposition if encrypted_message.content_disposition
+        message.content_transfer_encoding = encrypted_message.content_transfer_encoding
+        message.content_type = encrypted_message.content_type
+      end
+    end
+  end
+end

data/lib/mr_smime/signer.rb ADDED

@@ -0,0 +1,39 @@
+require 'openssl'
+module MrSmime
+  class Signer
+    def initialize(message)
+      @message = message
+    end
+    def signed_data(data)
+      return data unless signable?
+      OpenSSL::PKCS7.write_smime(
+        OpenSSL::PKCS7.sign(
+          sender_certificate.certificate,
+          sender_certificate.private_key,
+          data,
+          [],
+          OpenSSL::PKCS7::DETACHED
+        )
+      )
+    end
+    def signable?
+      @message.from.length == 1 &&
+        !sender_certificate.nil? &&
+        sender_certificate.present?
+    end
+    def sender_certificate
+      sender_certificates.first
+    end
+    def sender_certificates
+      @message.from.map do |email_address|
+        Certificate.find email_address
+      end
+    end
+  end
+end

data/lib/mr_smime/version.rb ADDED

@@ -0,0 +1,3 @@
+module MrSmime
+  VERSION = '0.1.0'.freeze
+end

data/mr_smime.gemspec ADDED

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'mr_smime/version'
+Gem::Specification.new do |spec|
+  spec.name          = 'mr_smime'
+  spec.version       = MrSmime::VERSION
+  spec.authors       = ['Rene van Lieshout']
+  spec.email         = ['rene@bluerail.nl']
+  spec.summary       = 'Secure/Multipurpose Internet Mail Extensions (S/MIME) support for ActionMailer'
+  spec.homepage      = ''
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+  spec.add_development_dependency 'bundler', '~> 1.11'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_dependency 'mail', '>= 2.1.2' # register_interceptor
+end

metadata ADDED

@@ -0,0 +1,115 @@
+--- !ruby/object:Gem::Specification
+name: mr_smime
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Rene van Lieshout
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2016-09-16 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: mail
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 2.1.2
+description:
+email:
+- rene@bluerail.nl
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .rubocop.yml
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/mr_smime.rb
+- lib/mr_smime/certificate.rb
+- lib/mr_smime/configuration.rb
+- lib/mr_smime/encrypter.rb
+- lib/mr_smime/interceptor.rb
+- lib/mr_smime/signer.rb
+- lib/mr_smime/version.rb
+- mr_smime.gemspec
+homepage: ''
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.0.14.1
+signing_key:
+specification_version: 4
+summary: Secure/Multipurpose Internet Mail Extensions (S/MIME) support for ActionMailer
+test_files: []