extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

WIP of smime sing and encrypt message

Browse Source
This commit is contained in:
Hadi Nategh 2017-02-03 12:33:49 +01:00
parent 21aa03d7ea
commit ce9a36ddf9
2 changed files with 104 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
api/src/Mail/Smime.php
View File

@ -45,26 +45,47 @@ class Smime extends Horde_Crypt_Smime
'multipart/signed' 'multipart/signed'
); );
/* /**
* SMIME public key regular expresion * SMIME public key regular expression
*/ */
static public $pubkey_regexp = '/-----BEGIN PUBLIC KEY-----.*-----END PUBLIC KEY-----\r?\n/s'; static public $pubkey_regexp = '/-----BEGIN PUBLIC KEY-----.*-----END PUBLIC KEY-----\r?\n/s';
/* /**
* SMIME encrypted private key regular expresion * SMIME encrypted private key regular expresion
*/ */
static public $privkey_encrypted_regexp = '/-----BEGIN ENCRYPTED PRIVATE KEY-----.*-----END ENCRYPTED PRIVATE KEY-----\r?\n/s'; static public $privkey_encrypted_regexp = '/-----BEGIN ENCRYPTED PRIVATE KEY-----.*-----END ENCRYPTED PRIVATE KEY-----\r?\n/s';
/* /**
* SMIME private key regular expresion * SMIME private key regular expression
*/ */
static public $privkey_regexp = '/-----BEGIN PRIVATE KEY-----.*-----END PRIVATE KEY-----\r?\n/s'; static public $privkey_regexp = '/-----BEGIN PRIVATE KEY-----.*-----END PRIVATE KEY-----\r?\n/s';
/* /**
* SMIME certificate regular expresion * SMIME certificate regular expression
*/ */
static public $certificate_regexp = '/-----BEGIN CERTIFICATE-----.*-----END CERTIFICATE-----\r?\n/s'; static public $certificate_regexp = '/-----BEGIN CERTIFICATE-----.*-----END CERTIFICATE-----\r?\n/s';
/**
* Encryption type of sign
*
* @var String;
*/
const TYPE_SIGN = 'smime_sign';
/**
* Encryption type of encrypt
*
* @var string
*/
const TYPE_ENCRYPT = 'smime_encrypt';
/**
* Encryption type of sign and encrypt
*
* @var string
*/
const TYPE_SIGN_ENCRYPT = 'smime_sign_encrypt';
/** /**
* Constructor. * Constructor.
* *

76
mail/inc/class.mail_compose.inc.php
View File

@ -211,6 +211,14 @@ class mail_compose
'group' => ++$group, 'group' => ++$group,
'onExecute' => 'javaScript:app.mail.compose_saveDraft2fm', 'onExecute' => 'javaScript:app.mail.compose_saveDraft2fm',
'hint' => 'Save the drafted message as eml file into VFS' 'hint' => 'Save the drafted message as eml file into VFS'
),
'sign' => array (
'caption' => 'Sign',
'icon' => 'smimeSignature',
'group' => ++$group,
'onExecute' => 'javaScript:app.mail.compose_setToggle',
'checkbox' => true,
'hint' => 'Sign your message with smime certificate'
) )
); );
foreach (self::$priorities as $key => $priority) foreach (self::$priorities as $key => $priority)
@ -2244,6 +2252,7 @@ class mail_compose
//error_log(__METHOD__."(, formDate[filemode]=$_formData[filemode], _autosaving=".array2string($_autosaving).') '.function_backtrace()); //error_log(__METHOD__."(, formDate[filemode]=$_formData[filemode], _autosaving=".array2string($_autosaving).') '.function_backtrace());
$mail_bo = $this->mail_bo; $mail_bo = $this->mail_bo;
$activeMailProfile = Mail\Account::read($this->mail_bo->profileID); $activeMailProfile = Mail\Account::read($this->mail_bo->profileID);
$identity = $_identity['ident_email'] ? $_identity['ident_email'] : $activeMailProfile['ident_email'];
// you need to set the sender, if you work with different identities, since most smtp servers, dont allow // you need to set the sender, if you work with different identities, since most smtp servers, dont allow
// sending in the name of someone else // sending in the name of someone else
@ -3558,4 +3567,71 @@ class mail_compose
$response->error(implode(',',$results['failed'])); $response->error(implode(',',$results['failed']));
} }
} }
/**
* Method to do the encryption on given message
*
* @param Horde_Mime_part $message
* @param string $type encryption type
* @param array|string $recipients list of recipients
* @param string $sender email of sender
*
* @return Horde_Mime_Part returns encrypted message
* @throws Api\Exception\WrongUserinput if no certificate found
*/
function _encrypt(Horde_Mime_part $message, $type, $recipients, $sender)
{
$AB = new addressbook_bo();
if (isset($sender) && ($type == Mail\Smime::TYPE_SIGN || $type == Mail\Smime::TYPE_SIGN_ENCRYPT))
{
$sender_cert = $AB->get_smime_keys($sender);
$smime = new Mail\Smime();
if ($sender_cert)
{
$senderPubKey = $smime->get_publickey($sender_cert[$sender]);
}
else
{
throw new Api\Exception\WrongUserinput('no certificate found to sign the messase');
}
}
if (isset($recipients) && ($type == Mail\Smime::TYPE_ENCRYPT || $type == Mail\Smime::TYPE_SIGN_ENCRYPT))
{
$recipients_certs = $AB->get_smime_keys($recipients);
$recipientsPubKeys = array_Map(array ($smime, 'get_publickey'), $recipients_certs);
if (!$recipients_certs) throw new Api\Exception\WrongUserinput('no certificate found from the recipients to sign/encrypt the messase');
}
// parameters to pass on for sign mime part
$sign_params = array(
'type' => 'signature',
'pubkey' => $senderPubKey,
'prikey' => '',
'passphrase'=> '',
'sigtype' => 'detach',
'certs' => ''
);
// parameters to pass on for encrypt mime part
$encrypt_params = array(
'type' => 'message',
'pubkey' => $recipientsPubKeys
);
switch ($type)
{
case Mail\Smime::TYPE_SIGN:
$message = $smime->signMIMEPart($message, $sign_params);
break;
case Mail\Smime::TYPE_ENCRYPT:
$message = $smime->encryptMIMEPart($message, $encrypt_params);
break;
case Mail\Smime::TYPE_SIGN_ENCRYPT:
$message = $smime->signAndEncryptMIMEPart($message, $sign_params, $encrypt_params);
break;
}
return $message;
}
} }