From 668cbaaacbdd765e1ddb9dfaa830d8442bec2603 Mon Sep 17 00:00:00 2001 From: Hadi Nategh Date: Mon, 28 Aug 2017 12:35:21 +0200 Subject: [PATCH] S/MIME: - Store email address associated with certificate into cred_email --- admin/inc/class.admin_mail.inc.php | 71 +++++++++++++++--------------- api/src/Mail/Account.php | 2 +- 2 files changed, 36 insertions(+), 37 deletions(-) diff --git a/admin/inc/class.admin_mail.inc.php b/admin/inc/class.admin_mail.inc.php index ba910b6f17..ec09e706db 100644 --- a/admin/inc/class.admin_mail.inc.php +++ b/admin/inc/class.admin_mail.inc.php @@ -897,8 +897,8 @@ class admin_mail if (!empty($content['acc_smime_password'])) { $AB_bo = new addressbook_bo(); - $smime_cert = $AB_bo->get_smime_keys($content['ident_email']); - $content['smime_cert'] = $smime_cert[$content['ident_email']]; + $smime_cert = $AB_bo->get_smime_keys($content['acc_smime_username']); + $content['smime_cert'] = $smime_cert[$content['acc_smime_username']]; } } catch(Api\Exception\NotFound $e) { @@ -1035,6 +1035,39 @@ class admin_mail $content['notify_account_id'] = $content['called_for'] ? $content['called_for'] : $GLOBALS['egw_info']['user']['account_id']; } + // SMIME SAVE + if (isset($content['smimeKeyUpload']) || $content['smime_cert'] && $content['acc_smime_password']) + { + $smime = new Mail\Smime; + $content['acc_smime_username'] = $smime->getEmailFromKey($content['smime_cert']); + $AB_bo = new addressbook_bo(); + if (($pkcs12 = file_get_contents($content['smimeKeyUpload']['tmp_name'])) && + $content['smimeKeyUpload']['type'] == 'application/x-pkcs12') + { + $cert_info = $smime->extractCertPKCS12($pkcs12, $content['smime_pkcs12_password']); + if (is_array($cert_info)) + { + $content['acc_smime_password'] = $cert_info['pkey']; + $content['smime_cert'] = $cert_info['cert']; + if ($content['smime_cert']) + { + $content['acc_smime_username'] = $smime->getEmailFromKey($content['smime_cert']); + $AB_bo = new addressbook_bo(); + $AB_bo->set_smime_keys(array( + $content['acc_smime_username'] => $content['smime_cert'] + )); + } + } + else + { + $tpl->set_validation_error('smimeKeyUpload', lang('Could not extract private key from given p12 file. Either the p12 file is broken or password is wrong!')); + } + } + elseif ($content['smime_cert'] && $content['acc_smime_password']) + { + $AB_bo->set_smime_keys(array($content['acc_smime_username'] => $content['smime_cert'])); + } + } self::fix_account_id_0($content['account_id'], true); $content = Mail\Account::write($content, $content['called_for'] || !$this->is_admin ? $content['called_for'] : $GLOBALS['egw_info']['user']['account_id']); @@ -1064,40 +1097,6 @@ class admin_mail } $content['accounts'][$content['acc_id']] = Mail\Account::identity_name($content, false); } - if (isset($content['smimeKeyUpload']) - && ($pkcs12 = file_get_contents($content['smimeKeyUpload']['tmp_name']))) - { - $smime = new Mail\Smime; - switch($content['smimeKeyUpload']['type']) - { - case 'application/x-pkcs12': - $cert_info = $smime->extractCertPKCS12($pkcs12, $content['smime_pkcs12_password']); - if (is_array($cert_info)) - { - $content['acc_smime_password'] = $cert_info['pkey']; - if ($cert_info['cert']) - { - $AB_bo = new addressbook_bo(); - $AB_bo->set_smime_keys(array( - $content['ident_email'] => $cert_info['cert'] - )); - } - } - else - { - $tpl->set_validation_error('smimeKeyUpload', lang('Could not extract private key from given p12 file. Either the p12 file is broken or password is wrong!')); - } - break; - case 'application/x-iwork-keynote-sffkey': - $content['acc_smime_password'] = $pkcs12; - break; - } - } - elseif ($content['smime_cert'] && $content['acc_smime_password']) - { - $AB_bo = new addressbook_bo(); - $AB_bo->set_smime_keys(array($content['ident_email'] => $content['smime_cert'])); - } } else { diff --git a/api/src/Mail/Account.php b/api/src/Mail/Account.php index 7a073381b6..ee31f86fab 100644 --- a/api/src/Mail/Account.php +++ b/api/src/Mail/Account.php @@ -1263,7 +1263,7 @@ class Account implements \ArrayAccess //Store or delete smime private key if ($data['acc_smime_password']) { - Credentials::write($data['acc_id'], $data['acc_imap_username'], + Credentials::write($data['acc_id'], $data['acc_smime_username'], $data['acc_smime_password'], Credentials::SMIME, $data['account_id'][0], $data['acc_smime_cred_id']); }