holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP SMIME support: Use encyption method in mailer object

Browse Source
This commit is contained in:
Hadi Nategh 2017-03-09 17:42:41 +01:00
parent 66315db75a
commit 92395ea834
1 changed files with 40 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
mail/inc/class.mail_compose.inc.php
View File

@ -2961,14 +2961,14 @@ class mail_compose
try { try {
if ($_formData['smime_sign'] == 'on') if ($_formData['smime_sign'] == 'on')
{ {
$smime_part = $this->_encrypt( $smime_success = $this->_encrypt(
'',//TODO $mail,
$_formData['smime_encrypt'] == 'on'? Mail\Smime::TYPE_SIGN_ENCRYPT: Mail\Smime::TYPE_SIGN, $_formData['smime_encrypt'] == 'on'? Mail\Smime::TYPE_SIGN_ENCRYPT: Mail\Smime::TYPE_SIGN,
$_formData['to'], $_formData['to'],
$identity['ident_email'], $identity['ident_email'],
$_formData['smime_passphrase'] $_formData['smime_passphrase']
); );
if ($smime_part['smime_pass_require']) if (!$smime_success)
{ {
$response = Api\Json\Response::get(); $response = Api\Json\Response::get();
$response->call('app.mail.smimePassDialog'); $response->call('app.mail.smimePassDialog');
@ -2977,19 +2977,19 @@ class mail_compose
} }
elseif ($_formData['smime_sign'] == 'off' && $_formData['smime_encrypt'] == 'on') elseif ($_formData['smime_sign'] == 'off' && $_formData['smime_encrypt'] == 'on')
{ {
$smime_part = $this->_encrypt( $smime_success = $this->_encrypt(
'',//TODO $mail,
Mail\Smime::TYPE_ENCRYPT, Mail\Smime::TYPE_ENCRYPT,
$_formData['to'], $_formData['to'],
$identity['ident_email'] $identity['ident_email']
); );
} }
//TODO Set signed or encrypted mime part
} }
catch (Exception $ex) catch (Exception $ex)
{ {
throw new Api\Exception\WrongUserinput($ex->getMessage()); $response = Api\Json\Response::get();
$response->call('egw.message', $ex->getMessage());
return false;
} }
} }
@ -3454,7 +3454,7 @@ class mail_compose
unset($accounts); unset($accounts);
} }
} }
if(is_array($contacts)) { if(is_array($contacts)) {
foreach($contacts as $contact) { foreach($contacts as $contact) {
foreach(array($contact['email'],$contact['email_home']) as $email) { foreach(array($contact['email'],$contact['email_home']) as $email) {
@ -3600,74 +3600,48 @@ class mail_compose
} }
/** /**
* Method to do the encryption on given message * Method to do encryption on given mail object
* *
* @param Horde_Mime_part $message * @param Horde_MIME_Mail $mail
* @param string $type encryption type * @param string $type encryption type
* @param array|string $recipients list of recipients * @param array|string $recipients list of recipients
* @param string $sender email of sender * @param string $sender email of sender
* *
* @return Horde_Mime_Part returns encrypted message * @return boolean returns true if successful and false if passphrase required
* @throws Api\Exception\WrongUserinput if no certificate found * @throws Api\Exception\WrongUserinput if no certificate found
*/ */
protected function _encrypt(Horde_Mime_part $message, $type, $recipients, $sender, $passphrase='') protected function _encrypt($mail, $type, $recipients, $sender, $passphrase='')
{ {
$AB = new addressbook_bo(); $AB = new addressbook_bo();
$smime = new Mail\Smime(); $params = array (
'senderPubKey' => '', // Sender Public key
if (isset($sender) && ($type == Mail\Smime::TYPE_SIGN || $type == Mail\Smime::TYPE_SIGN_ENCRYPT)) 'passphrase' => $passphrase, // passphrase of sender private key
{ 'senderPrivKey' => '', // sender private key
$sender_cert = $AB->get_smime_keys($sender); 'recipientsCerts' => array() // Recipients Certificates
if ($sender_cert)
{
$senderPubKey = $sender_cert[$sender];
}
else
{
throw new Api\Exception\WrongUserinput('no certificate found to sign the messase');
}
$credents = Mail\Credentials::read($this->mail_bo->profileID, Mail\Credentials::SMIME, $GLOBALS['egw_info']['user']['account_id']);
$privkey = $credents['acc_smime_password'];
if (!$smime->verifyPassphrase($privkey, $passphrase))
{
return array('smime_pass_require' => true);
}
}
if (isset($recipients) && ($type == Mail\Smime::TYPE_ENCRYPT || $type == Mail\Smime::TYPE_SIGN_ENCRYPT))
{
$recipients_certs = $AB->get_smime_keys($recipients);
if (!$recipients_certs) throw new Api\Exception\WrongUserinput('no certificate found from the recipients to sign/encrypt the messase');
}
// parameters to pass on for sign mime part
$sign_params = array(
'type' => 'signature',
'pubkey' => $senderPubKey,
'privkey' => $privkey,
'passphrase'=> $passphrase,
'sigtype' => 'detach',
'certs' => ''
); );
// parameters to pass on for encrypt mime part
$encrypt_params = array( try
'type' => 'message',
'pubkey' => $recipients_certs
);
switch ($type)
{ {
case Mail\Smime::TYPE_SIGN: if (isset($sender) && ($type == Mail\Smime::TYPE_SIGN || $type == Mail\Smime::TYPE_SIGN_ENCRYPT))
$message = $smime->signMIMEPart($message, $sign_params); {
break; $sender_cert = $AB->get_smime_keys($sender);
case Mail\Smime::TYPE_ENCRYPT:
$message = $smime->encryptMIMEPart($message, $encrypt_params); $params['senderPubKey'] = $sender_cert[$sender];
break;
case Mail\Smime::TYPE_SIGN_ENCRYPT: $credents = Mail\Credentials::read($this->mail_bo->profileID, Mail\Credentials::SMIME, $GLOBALS['egw_info']['user']['account_id']);
$message = $smime->signAndEncryptMIMEPart($message, $sign_params, $encrypt_params); $params['senderPrivKey'] = $credents['acc_smime_password'];
break; }
if (isset($recipients) && ($type == Mail\Smime::TYPE_ENCRYPT || $type == Mail\Smime::TYPE_SIGN_ENCRYPT))
{
$params['recipientsCerts'] = $AB->get_smime_keys($recipients);
}
return $mail->smimeEncrypt($type, $params);
}
catch(Api\Exception\WrongUserinput $e)
{
throw new $e;
} }
return $message;
} }
} }