silverstripeltd/user-configurable-smime-forms

A module for extending user forms, so that form submissions can be emailed with S/MIME encryption.

0.0.4 2023-03-30 19:59 UTC

This package is auto-updated.

Last update: 2024-04-30 00:45:59 UTC


README

This module provides an extension to Silverstripe Elemental User Forms that allows you to choose whether or not the emails for form submissions should be encrypted and/or digitally signed, for added security.

It uses S/MIME encryption.

Requirements

  • SilverStripe ^4.0
  • SilverStripe Elemental Forms
  • SilverStripe S/Mime

Installation

To start using this module, just add it as a dependency to your project.

composer require silverstripeltd/user-configurable-smime-forms

License

See License

Documentation

When configuring user forms within the CMS you can specify whether the submitted form data is emailed to a list of Recipients.

This module provides an additional option to encrypt the email. This is specifically useful when you are sending emails to known recipients, and requires the recipient's encryption certificate (.crt file). This module adds an admin section (ModelAdmin) for managing and uploading S/MIME certificates for the purpose of encryption and digital signing of emails.

Enable Encryption of Emails

To enable encryption, go to the Configuration tab for your form and check the Enable S/MIME Encryption option. With this option set when a form submission is sent to a recipient the system will check for an uploaded encryption certificate for that user. Note: If one does not yet exist the email will be sent unencrypted with a warning (UNENCRYPTED: CHECK CMS CONFIGURATION) added to the email subject.

Managing S/MIME Certificates

This module adds an S/MIME Certificates ModelAdmin to the CMS left hand menu for managing encryption and signing certificates and by default it is available to administrators with full access rights.

To provide specific CMS groups (e.g., IT administrator users) with the ability to manage these certificates, you can add the Manage S/MIME certificates permission to their permissions group in the Security section of the CMS.

Adding recipient encryption certificates

To add encryption certificates to the CMS:

  • Log into the CMS as an administrator or user/group with the Manage S/MIME certificates permission
  • From the CMS left hand menu select S/MIME Certificates
  • The default view shows a grid view of uploaded encryption certificates.
  • Click on Add Encryption Certificate
  • Enter a valid Email address
  • Upload a valid .crt file to the Encryption Certificate field
  • Click Create

Adding sender certificates for digitally signing emails

This module supports digital signing of emails, which provides further assurance for the recipient of where the email comes from.

To sign an email you need both the .crt and private .key files. To upload these into the CMS:

  • Log into the CMS as an administrator or user/group with the Manage S/MIME certificates permission
  • From the CMS left hand menu select S/MIME Certificates
  • Select the Signing Certificates tab
  • Click on Add Signing Certificate
  • Enter a valid Email address
  • Upload a valid .crt file to the Signing Certificate field
  • Upload a valid .key file to the Signing Key field
  • Enter the passphrase for the .key file (this will not be shown and will be stored in an encrypted format)
  • Click Create

Maintainers

Bugtracker

Bugs are tracked in the issues section of this repository. Before submitting an issue please read over existing issues to ensure yours is unique.

If the issue does look like a new bug:

  • Create a new issue
  • Describe the steps required to reproduce your issue, and the expected outcome. Unit tests, screenshots and screencasts can help here.
  • Describe your environment as detailed as possible: SilverStripe version, Browser, PHP version, Operating System, any installed SilverStripe modules.

Please report security issues to the module maintainers directly. Please don't file security issues in the bugtracker.

Development and contribution

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.