Skip to content

AF-VCD/Mr-SMIME

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mr-smime.ps1
mr-smime.ps1
 
 

Repository files navigation

Mr-SMIME

This is a PowerShell script that can be used to manually decrypt email messages with a smartcard on Windows. It is intended for Air Force employees, but may also be usable by other people in government service.

Instructions

In order to utilize this tool, follow the steps in the two sections below:

Getting S/MIME File:

  1. Go to your webmail and find the offending encrypted email that you can't open.
  2. You should see that the email has an attachment called "smime.p7m"
  3. Forward that attachment, plus a copy of it, to your personal email.

instructions

  1. Download that attachment somewhere to your computer. This is the encrypted version of the email you can't open, and includes attachments as well.

Getting and using script:

  1. Download the script from this github repository
  2. Right-click on the script and choose "Run with PowerShell"
  3. On the first file selection window, select the "smime.p7m" file you downloaded earlier
  4. Enter your pin when prompted
  5. On the second file window, choose a location to save the raw decrypted text output, such as DECRYPTED-MESSAGE.txt
  6. Wait for the script to complete

The script produces two items upon completion. The first is a text file, with its name being what you specified in the second file window. This text file contains the raw text output of your email after decryption. You can glean some email message text from this file, but not attachments, because they are further encoded in there.

The second, more useful item is a folder with the same name as the raw text file (i.e. DECRYPTED-MESSAGE/). The folder will be located in the same location as the text file. Inside this folder are text files associated with the email message body, as well as any attachments included with the email.

Notes on implementation and usage

  • This only works on Windows, tested on Windows 10. In order for this to work, your computer needs to at least be able to access webmail (have correct certificates, etc).
  • My script does not see anything related to your card, like your PIN; that part is handled by Windows and/or ActivClient. The script tells Windows to decrypt the email, and Windows figures out that it can't decrypt the email without the PIN, and asks you for it on its own.
  • No information whatsoever is transmitted from this script to anywhere on the internet.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages