ChiliProject is abandoned. A rewrite for Redmine is available here
A plugin for ChiliProject to enhance the security of email communication by
- encrypting/decrypting mails with GnuPG
- filtering content of unencrypted mails
developed for C3S - Cultural Commons Collecting Society
- New Issue
- Edit Issue
- mails send to user:
- PGP/MIME
- mails received from user (expected to be UTF-8):
- PGP/MIME
- PGP/Inline (filename extensions for encrypted attachments: '.pgp', '.gpg', '.asc')
- Header
- Project Title
- Issue Author
- Issue Assignee
- Subject
- Project Title
- Issue Type
- Issue Status
- Issue Title
- Body
- Project Title
- Project Description
- Issue Author
- Issue Details
- Issue Notes
- Issue Title
- Issue Attributes
- Updated-By
- Status
- Priority
- gpg (http://www.gnupg.org/download/)
- gpgme (https://github.com/ueno/ruby-gpgme)
- rails < 3
This plugin has been tested with
- GnuPG 1.4.11 / ChiliProject 3.8.0 / Ruby 1.9.3 / Rails 2.3.18 / gpgme 2.0.2
This plugin might essentially be compatible with Redmine, but may need little tweaks.
- Make sure, the user running ChiliProject is able to execute gpg and that it's local keychain has been initialized
e.g. log in as the user running ChiliProject and try$gpg --list-keys - Install gem 'gpgme'
e.g. addgem 'gpgme'to/path/to/chiliroject/Gemfileand execute$bundle update - Place the plugin into
/path/to/chiliproject/vendor/plugins. The name of the plugin's directory should bechiliproject_encrypted_email_notifications. - Restart ChiliProject (e.g. restart apache).
- Log into ChiliProject as admin and create two custom fields (memorize their corresponding IDs):
- "PGP Public Key" (Long text)
- "Enable Mail Encryption" (Boolean)
-
Configure the Plugin (Administration / Plugins : Chiliproject Encrypted Mail Notifications > Configure)
-
Configure Plugin Configuration * Neccessary for encryption
- Custom Field ID of "Enable Mail Encryption"
- Custom Field ID of "PGP Public Key" * Neccessary for decryption
- Emailaddress of Chiliuser
- PGP Private Key for Emailadress of Chiliuser
WARNING: Don't use a private key here, which should never be compromised, as the secret key is written to the database in cleartext. PGP is just used for secure communication, not secure storage of your data, so if your database got hacked, the secret key does not matter anyway - Password for PGP Private Key for Emailadress of Chiliuser * Optional
- Enter a message, which is added to the footer of filtered emails (e.g. instructions for encryption)
-
Configure Global Settings
* Filter emails of (non-)public projects:- project dependend: Filtering is active for (non-)public projects, if module is active for the project
- all: Filtering is active for all (non-)public projects, regardless of module activation
- none: Filtering is inactive for all (non-)public projects, regardless of module activation
* Encrypt emails of (non-)public projects: - project dependend: Encryption is active for (non-)public projects, if module is active for the project and user has enabled mail encryption
- all: Encryption is active for (non-)public projects, regardless of module activation and user setting, if there's a key corresponding to email of user in the local keychain
- none: Encryption is inactive for (non-)public projects, regardless of module activation
-
Configure Available Filters
NOTICE: issue updates by email might rely on header/subject * Header: Applies to both filtered and encrypted mails
* Subject: Applies to both filtered and encrypted mails
* Body: Applies only to filtered mails -
Apply your settings
-
Configure Projects
NOTICE: plugin settings may override module activation
- On 'Administration / Project / Modules', check module "Chiliproject Encrypted Mail Notifications" for module activation, where neccessary
- Log into ChiliProject and update your profile
- "PGP Public Key": Enter your PGP Public Key
Format: ASCII, from "-----BEGIN PGP PUBLIC KEY BLOCK-----" to "-----END PGP PUBLIC KEY BLOCK-----", linebreaks and comments should not matter - Check "Enable Mail Encryption", if you want to use mail encryption
- Save your profile
- Add RegEx for Custom Field "PGP Public Key" to prevent syntax errors
RegEx would be\^s*?-----BEGIN PGP PUBLIC KEY BLOCK-----.*-----END PGP PUBLIC KEY BLOCK-----\s*?$\m, but there seem to be no way to enable multiline mode in Custom Field RegEx - Add more notification mails affected (e.g. Wiki, etc.)
- Integrate the Custom Fields into this plugin
- Add a field "PGP Public Key for Emailadress of Chiliuser" to plugin settings and offer key download to user on profile
- Add option to enforce verification of signature corresponding to user for incoming mails
- Get Emailadress of Chiliuser from field 'Emission email address' in ChiliProject Settings for 'Email notifications'
- Test compatibility with Redmine and adjust code, where neccessary
- Add more languages
- Add tests
- C3S (cultural commons collecting society)
- GPG (reference)
- ActionMailer (reference)
- TMail (reference)
- Base64 (reference)
- GPGME (reference)
- PGP/MIME (RFC)
- Redmine Email Notification Content Filter (plugin)
- PGP Formats (explanation)
- OpenPGP vs. S/MIME (de) (comparison)
- Gem OpenPGP for Ruby > 3 (gem)
This plugin was inspired by the plugin Redmine Email Notification Content Filter
- Author: Alexander Blum
Copyright 2013 Alexander Blum
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.