Hi all The question is the same with the title. i would like to encrypt email before sending, i've tried with jana mail but just want to ask whether we have any support from ivy mail or not?

Reference: How to Send Encrypted Emails Programmatically (from an automated process)

Thanks

asked 08.11.2016 at 03:48

trungdv's gravatar image

trungdv
(suspended)
accept rate: 52%

1

Yet there exists no ivy-core solution to encrypt mails. There is also nothing planned in this area. If you have a working solution you may share it here so that other projects can benefit from it.

(08.11.2016 at 17:18) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

hi ivyteam,

i've tried with the third party library is bouncycastle and java.mails , it's seem to work and i post implementation here

Function to encrypt message:

public MimeMessage encrypt(MimeMessage clearMessage, Session session) {

    MimeMessage encryptedMessage = null;
    try {
        MailcapCommandMap mailcap = (MailcapCommandMap) CommandMap
                .getDefaultCommandMap();

        mailcap.addMailcap("application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature");
        mailcap.addMailcap("application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime");
        mailcap.addMailcap("application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature");
        mailcap.addMailcap("application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime");
        mailcap.addMailcap("multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed");

        CommandMap.setDefaultCommandMap(mailcap);
        /* Add BC */
        Security.addProvider(new BouncyCastleProvider());

        /* Open the keystore */
        KeyStore keystore = KeyStore.getInstance("PKCS12", "BC");
        keystore.load(new FileInputStream(pathP12File),
                p12FilePassword.toCharArray());

        // get key alias
        Enumeration e = keystore.aliases();
        String keyAlias = null;
        //
        while (e.hasMoreElements()) {
            String alias = (String) e.nextElement();

            if (keystore.isKeyEntry(alias)) {
                keyAlias = alias;
            }
        }

        if (keyAlias == null) {
            Ivy.log().error("can't find a private key!");
            return null;
        }

        // end getting key
        Certificate[] chain = keystore.getCertificateChain(keyAlias);

        /* Create the encrypter */
        SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator();
        encrypter
                .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
                        (X509Certificate) chain[0]).setProvider("BC"));

        /* Encrypt the message */
        MimeBodyPart encryptedPart = encrypter.generate(clearMessage,
                new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC)
                        .setProvider("BC").build());

        /*
         * Create a new MimeMessage that contains the encrypted and signed
         * content
         */
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        try {
            encryptedPart.writeTo(out);
        } catch (IOException e1) {
            Ivy.log().error("EncryptMEssage: " + e1.getMessage(), e1);
        }
        encryptedMessage = new MimeMessage(session,
                new ByteArrayInputStream(out.toByteArray()));
        /* Set all original MIME headers in the encrypted message */
        Enumeration headers = clearMessage.getAllHeaderLines();
        while (headers.hasMoreElements()) {
            String headerLine = (String) headers.nextElement();
            if (!Strings.toLowerCase(headerLine).startsWith("content-")) {
                encryptedMessage.addHeaderLine(headerLine);
            }
        }
    } catch (SMIMEException | MessagingException | CMSException
            | IllegalArgumentException | KeyStoreException
            | NoSuchAlgorithmException | CertificateException | IOException
            | NoSuchProviderException ex) {
        Ivy.log().error("encrypt method:" + ex.getMessage());
    }
    return encryptedMessage;
}

And Sendmail method:

                    SignMessageService signMessageService = new SignMessageService();
        EncryptMessageService encryptMessageService = new EncryptMessageService();

        MimeMessage signedMessage = signMessageService.sign(clearMessage,
                session);
        MimeMessage encryptedMessage = encryptMessageService.encrypt(
                signedMessage, session);
        Ivy.log().info("send mail");
        Transport.send(encryptedMessage);
        Ivy.log().info("DONE");

You can get the full sourcecode from this Here (follow the ReadMe.txt to import project) . In that project I implement demo flow with using normal process as well using Signal (experiment)

link
This answer is marked "community wiki".

answered 18.11.2016 at 08:25

trungdv's gravatar image

trungdv
(suspended)
accept rate: 52%

edited 23.11.2016 at 08:40

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958

thanks a lot for sharing! I'll definitively come back to this resource...

(23.11.2016 at 08:41) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image

Another improvement: I saw that you have hardcoded host names and smtp users in your demo. I'd stick to the configuration that is provided by the Axon.ivy Designer preferences or the Engines System Properties. You can easily re-use these configuration by using an internal API

@SuppressWarnings("restriction")
private Session prepareSession() {
    ch.ivyteam.ivy.email.EmailSetupConfiguration emailConfig = 
            ch.ivyteam.ivy.email.EmailSetupProviderUtil.getEmailSenderConfiguration(Ivy.request().getProject());

    Properties props = new Properties();
    props.put("mail.smtp.auth", "true");
    props.put("mail.smtp.starttls.enable", "true");
    props.put("mail.smtp.host", emailConfig.getSmtpServer());
    props.put("mail.smtp.port", emailConfig.getSmtpPort());

    props.put("mail.smtp.connectiontimeout", 2000);

    Session session = Session.getInstance(props,
            new javax.mail.Authenticator() {
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(emailConfig.getSmtpUser(), emailConfig.getSmtpPassword());
                }
            });
    return session;
}
link

answered 18.11.2016 at 09:23

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958
accept rate: 70%

edited 23.11.2016 at 08:40

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×35
×34

Asked: 08.11.2016 at 03:48

Seen: 2,381 times

Last updated: 23.11.2016 at 08:41