Class: ActionMailer::Base
- Inherits:
-
Object
- Object
- ActionMailer::Base
- Defined in:
- lib/actionmailer_x509.rb
Overview
:nodoc:
Direct Known Subclasses
Constant Summary collapse
- @@default_x509_sign =
false
- @@default_x509_sign_cert =
nil
- @@default_x509_sign_key =
nil
- @@default_x509_sign_passphrase =
nil
- @@default_x509_crypt =
false
- @@default_x509_crypt_cert =
nil
- @@default_x509_crypt_cipher =
"des"
- @@default_x509_sign_and_crypt_method =
:smime
Instance Method Summary collapse
-
#initialize_with_sign_and_crypt(method_name, *parameters) ⇒ Object
We replace the initialize methods and run a new method if signing or crypting is required.
-
#x509_smime(mail) ⇒ Object
X509 SMIME signing andor crypting.
Instance Method Details
#initialize_with_sign_and_crypt(method_name, *parameters) ⇒ Object
We replace the initialize methods and run a new method if signing or crypting is required
71 72 73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'lib/actionmailer_x509.rb', line 71 def initialize_with_sign_and_crypt(method_name, *parameters) mail = initialize_without_sign_and_crypt(method_name, *parameters) x509_initvar() # If we need to sign the outgoing mail. if should_sign? or should_crypt? if logger logger.debug("actionmailer_x509: We should sign and\or crypt the mail with #{@x509_sign_and_crypt_method} method.") end __send__("x509_#{@x509_sign_and_crypt_method}", mail) end end |
#x509_smime(mail) ⇒ Object
X509 SMIME signing andor crypting
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 |
# File 'lib/actionmailer_x509.rb', line 88 def x509_smime(mail) if logger logger.debug("actionmailer_x509: X509 SMIME signing with cert #{@x509_cert} and key #{@x509_key}") if should_sign? logger.debug("actionmailer_x509: X509 SMIME crypt with cert #{@x509_cert}") if should_crypt? end # We should set content_id, otherwise Mail will set content_id after signing and will broke sign mail.content_id ||= nil mail.parts.each {|p| p.content_id ||= nil} # We can remove the headers from the older mail we encapsulate. # Leaving allows to have the headers signed too within the encapsulated # email, but MUAs make no use of them... :( # # mail.subject = nil # mail.to = nil # mail.cc = nil # mail.from = nil # mail.date = nil # headers.each { |k, v| mail[k] = nil } # mail['Content-Type'] = 'text/plain' # mail.mime_version = nil # We load certificate and private key if should_sign? sign_cert = OpenSSL::X509::Certificate.new( File::read(@x509_sign_cert) ) sign_prv_key = OpenSSL::PKey::RSA.new( File::read(@x509_sign_key), @x509_sign_passphrase) end if should_crypt? crypt_cert = OpenSSL::X509::Certificate.new( File::read(@x509_crypt_cert) ) cipher = OpenSSL::Cipher.new(@x509_crypt_cipher) end # begin # Sign and crypt the mail # NOTE: the one following line is the slowest part of this code, signing is sloooow p7 = mail.encoded p7 = OpenSSL::PKCS7.sign(sign_cert,sign_prv_key, p7, [], OpenSSL::PKCS7::DETACHED) if should_sign? p7 = OpenSSL::PKCS7.encrypt([crypt_cert], (should_sign? ? OpenSSL::PKCS7::write_smime(p7) : p7), cipher, nil) if should_crypt? smime0 = OpenSSL::PKCS7::write_smime(p7) # Adding the signature part to the older mail newm = Mail.new(smime0) # We need to overwrite the content-type of the mail so MUA notices this is a signed mail # newm.content_type = 'multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; ' newm.delivery_method(mail.delivery_method.class, mail.delivery_method.settings) newm.subject = mail.subject newm.to = mail.to newm.cc = mail.cc newm.from = mail.from newm.mime_version = mail.mime_version newm.date = mail.date # newm.body = "This is an S/MIME signed message\n" # headers.each { |k, v| m[k] = v } # that does nothing in general # NOTE: We can not use this as we need a B64 encoded signature, and no # methods provides it within the Ruby OpenSSL library... :( # # We add the signature # signature = Mail.new # signature.mime_version = '1.0' # signature['Content-Type'] = 'application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"' # signature['Content-Transfer-Encoding'] = 'base64' # signature['Content-Disposition'] = 'attachment; filename="smime.p7m"' # signature.body = p7sign.to_s # newm.parts << signature @_message = newm # rescue Exception => detail # logger.error("Error while SMIME signing and\or crypting the mail : #{detail}") # end ## logger.debug("x509_sign_smime, resulted email\n-------------( test X509 )----------\n#{m.encoded}\n-------------( test X509 )----------") end |