Can we send Encrypted Emails in ivy?

Question

Hi all The question is the same with the title. i would like to encrypt email before sending, i've tried with jana mail but just want to ask whether we have any support from ivy mail or not?

Reference: How to Send Encrypted Emails Programmatically (from an automated process)

Thanks

Accepted Answer

hi ivyteam,

i've tried with the third party library is bouncycastle and java.mails , it's seem to work and i post implementation here

Function to encrypt message:

public MimeMessage encrypt(MimeMessage clearMessage, Session session) {

    MimeMessage encryptedMessage = null;
    try {
        MailcapCommandMap mailcap = (MailcapCommandMap) CommandMap
                .getDefaultCommandMap();

        mailcap.addMailcap("application/pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_signature");
        mailcap.addMailcap("application/pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.pkcs7_mime");
        mailcap.addMailcap("application/x-pkcs7-signature;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_signature");
        mailcap.addMailcap("application/x-pkcs7-mime;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.x_pkcs7_mime");
        mailcap.addMailcap("multipart/signed;; x-java-content-handler=org.bouncycastle.mail.smime.handlers.multipart_signed");

        CommandMap.setDefaultCommandMap(mailcap);
        /* Add BC */
        Security.addProvider(new BouncyCastleProvider());

        /* Open the keystore */
        KeyStore keystore = KeyStore.getInstance("PKCS12", "BC");
        keystore.load(new FileInputStream(pathP12File),
                p12FilePassword.toCharArray());

        // get key alias
        Enumeration e = keystore.aliases();
        String keyAlias = null;
        //
        while (e.hasMoreElements()) {
            String alias = (String) e.nextElement();

            if (keystore.isKeyEntry(alias)) {
                keyAlias = alias;
            }
        }

        if (keyAlias == null) {
            Ivy.log().error("can't find a private key!");
            return null;
        }

        // end getting key
        Certificate[] chain = keystore.getCertificateChain(keyAlias);

        /* Create the encrypter */
        SMIMEEnvelopedGenerator encrypter = new SMIMEEnvelopedGenerator();
        encrypter
                .addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
                        (X509Certificate) chain[0]).setProvider("BC"));

        /* Encrypt the message */
        MimeBodyPart encryptedPart = encrypter.generate(clearMessage,
                new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC)
                        .setProvider("BC").build());

        /*
         * Create a new MimeMessage that contains the encrypted and signed
         * content
         */
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        try {
            encryptedPart.writeTo(out);
        } catch (IOException e1) {
            Ivy.log().error("EncryptMEssage: " + e1.getMessage(), e1);
        }
        encryptedMessage = new MimeMessage(session,
                new ByteArrayInputStream(out.toByteArray()));
        /* Set all original MIME headers in the encrypted message */
        Enumeration headers = clearMessage.getAllHeaderLines();
        while (headers.hasMoreElements()) {
            String headerLine = (String) headers.nextElement();
            if (!Strings.toLowerCase(headerLine).startsWith("content-")) {
                encryptedMessage.addHeaderLine(headerLine);
            }
        }
    } catch (SMIMEException | MessagingException | CMSException
            | IllegalArgumentException | KeyStoreException
            | NoSuchAlgorithmException | CertificateException | IOException
            | NoSuchProviderException ex) {
        Ivy.log().error("encrypt method:" + ex.getMessage());
    }
    return encryptedMessage;
}

And Sendmail method:

                    SignMessageService signMessageService = new SignMessageService();
        EncryptMessageService encryptMessageService = new EncryptMessageService();

        MimeMessage signedMessage = signMessageService.sign(clearMessage,
                session);
        MimeMessage encryptedMessage = encryptMessageService.encrypt(
                signedMessage, session);
        Ivy.log().info("send mail");
        Transport.send(encryptedMessage);
        Ivy.log().info("DONE");

You can get the full sourcecode from this Here (follow the ReadMe.txt to import project) . In that project I implement demo flow with using normal process as well using Signal (experiment)

Accepted Answer

Another improvement: I saw that you have hardcoded host names and smtp users in your demo. I'd stick to the configuration that is provided by the Axon.ivy Designer preferences or the Engines System Properties. You can easily re-use these configuration by using an internal API

@SuppressWarnings("restriction")
private Session prepareSession() {
    ch.ivyteam.ivy.email.EmailSetupConfiguration emailConfig = 
            ch.ivyteam.ivy.email.EmailSetupProviderUtil.getEmailSenderConfiguration(Ivy.request().getProject());

    Properties props = new Properties();
    props.put("mail.smtp.auth", "true");
    props.put("mail.smtp.starttls.enable", "true");
    props.put("mail.smtp.host", emailConfig.getSmtpServer());
    props.put("mail.smtp.port", emailConfig.getSmtpPort());

    props.put("mail.smtp.connectiontimeout", 2000);

    Session session = Session.getInstance(props,
            new javax.mail.Authenticator() {
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(emailConfig.getSmtpUser(), emailConfig.getSmtpPassword());
                }
            });
    return session;
}

Can we send Encrypted Emails in ivy?

Follow this question

Related questions