Skip to content

AF-VCD/Mrs-SMIME

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mimesplit.py
mimesplit.py
 
 
mrs-smime.sh
mrs-smime.sh
 
 

Repository files navigation

Mrs-SMIME

This is a bash script that can be used to manually decrypt email messages with a smartcard on Macs. It is intended for Air Force employees, but may also be usable by other people in government service.

Instructions

In order to utilize this tool, follow the steps in the two sections below:

Getting S/MIME File:

  1. Go to your webmail and find the offending encrypted email that you can't open.
  2. You should see that the email has an attachment called "smime.p7m". This attachment should be visible in the webmail editor when you go to forward the email.
  3. Download that attachment somewhere to your computer. This is the encrypted version of the email you can't open, and includes attachments as well.

Getting and using script:

  1. Download .sh and .py scripts from this github repository, put them in the same folder on your computer
  2. Open a terminal in the folder and run the shell script: bash mrs-smime.sh
    1. You can open a terminal preloaded to the correct folder by right clicking the folder that holds the scripts, opening Services and selecting New Terminal at Folder. ezgif-6-ae4a6035d63a
  3. On the first file selection window, select the "smime.p7m" file you downloaded earlier
  4. On the second file window, choose or create a folder to save the raw decrypted text output
  5. Enter your pin when prompted
  6. Wait for the script to complete

The script produces a few things:

  1. A decrypted.smime file, which is the direct result of decrypting the p7m file.
  2. Two versions of the email body, one as text and one as HTML
  3. All other attachments of the email

Notes on implementation and usage

  • This only works on Mac, not Linux or Windows. In order for this to work, your computer needs to at least be able to access webmail (have correct certificates, etc).
  • For Windows 10 see the related project: Mr-SMIME.
  • My script does not see anything related to your card, like your PIN; that part is handled by native Apple security libraries. The script tells the Mac to decrypt the email, and the Mac figures out that it can't decrypt the email without the PIN, and asks you for it on its own.
  • No information whatsoever is transmitted from this script to anywhere on the internet.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

11 stars

Watchers

7 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages