Set the public and private key files and password for S/MIME signing.
/**
* S/MIME Signing tests.
*/
public function testSigning()
{
$this->Mail->Subject .= ': S/MIME signing';
$this->Mail->Body = 'This message is S/MIME signed.';
$this->buildBody();
$dn = ['countryName' => 'UK', 'stateOrProvinceName' => 'Here', 'localityName' => 'There', 'organizationName' => 'PHP', 'organizationalUnitName' => 'PHPMailer', 'commonName' => 'PHPMailer Test', 'emailAddress' => '*****@*****.**'];
$password = '******';
$certfile = 'certfile.txt';
$keyfile = 'keyfile.txt';
//Make a new key pair
$pk = openssl_pkey_new();
//Create a certificate signing request
$csr = openssl_csr_new($dn, $pk);
//Create a self-signed cert
$cert = openssl_csr_sign($csr, null, $pk, 1);
//Save the cert
openssl_x509_export($cert, $certout);
file_put_contents($certfile, $certout);
//Save the key
openssl_pkey_export($pk, $pkeyout, $password);
file_put_contents($keyfile, $pkeyout);
$this->Mail->sign($certfile, $keyfile, $password);
$this->assertTrue($this->Mail->send(), 'S/MIME signing failed');
unlink($certfile);
unlink($keyfile);
}
$mail = new PHPMailer();
//Set who the message is to be sent from
//IMPORTANT: This must match the email address of your certificate.
//Although the certificate will be valid, an error will be thrown since it cannot be verified that the sender and the signer are the same person.
$mail->setFrom('*****@*****.**', 'First Last');
//Set an alternative reply-to address
$mail->addReplyTo('*****@*****.**', 'First Last');
//Set who the message is to be sent to
$mail->addAddress('*****@*****.**', 'John Doe');
//Set the subject line
$mail->Subject = 'PHPMailer mail() test';
//Read an HTML message body from an external file, convert referenced images to embedded,
//Convert HTML into a basic plain-text alternative body
$mail->msgHTML(file_get_contents('contents.html'), dirname(__FILE__));
//Replace the plain text body with one created manually
$mail->AltBody = 'This is a plain-text message body';
//Attach an image file
$mail->addAttachment('images/phpmailer_mini.png');
//Configure message signing (the actual signing does not occur until sending)
$mail->sign('/path/to/cert.crt', '/path/to/cert.key', 'yourSecretPrivateKeyPassword', '/path/to/certchain.pem');
//Send the message, check for errors
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!";
}
/**
* REMARKS:
* If your email client does not support S/MIME it will most likely just show an attachment smime.p7s which is the signature contained in the email.
* Other clients, such as Thunderbird support S/MIME natively and will validate the signature automatically and report the result in some way.
*/
public function sendMail($to, $subject, $message)
{
require 'libs/PHPMailerAutoload.php';
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->isSMTP();
$mail->Host = SMTP_HOST;
$mail->Hostname = SMTP_URL;
$mail->Username = SMTP_USER;
$mail->Password = SMTP_PASS;
$mail->SMTPSecure = SMTP_SECURE;
$mail->Port = SMTP_PORT;
// TCP port to connect to
$mail->isHTML(false);
$mail->Body = $message . "\n\n-- \nhttps://vlv-ilmenau.de\n";
$mail->Subject = $subject;
#$mail->SMTPDebug = 1;
$mail->setFrom(SMTP_USER, 'Mein Vorlesungsverzeichnis Ilmenau');
$mail->addReplyTo('*****@*****.**', 'Webmaster');
$mail->addAddress($to);
$mail->sign(SMTP_SIGN_CERT, SMTP_SIGN_KEY, SMTP_SIGN_KEY_PASS, SMTP_SIGN_CHAIN);
$mail->send();
}
/**
* S/MIME Signing tests using a CA chain cert.
* To test that a generated message is signed correctly, save the message in a file called `signed.eml`
* and use openssl along with the certs generated by this script:
* `openssl smime -verify -in signed.eml -signer certfile.pem -CAfile cacertfile.pem`
* @requires extension openssl
*/
public function testSigningWithCA()
{
$this->Mail->Subject .= ': S/MIME signing with CA';
$this->Mail->Body = 'This message is S/MIME signed with an extra CA cert.';
$this->buildBody();
$certprops = ['countryName' => 'UK', 'stateOrProvinceName' => 'Here', 'localityName' => 'There', 'organizationName' => 'PHP', 'organizationalUnitName' => 'PHPMailer', 'commonName' => 'PHPMailer Test', 'emailAddress' => '*****@*****.**'];
$cacertprops = ['countryName' => 'UK', 'stateOrProvinceName' => 'Here', 'localityName' => 'There', 'organizationName' => 'PHP', 'organizationalUnitName' => 'PHPMailer CA', 'commonName' => 'PHPMailer Test CA', 'emailAddress' => '*****@*****.**'];
$keyconfig = ['digest_alg' => 'sha256', 'private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA];
$password = '******';
$cacertfile = 'cacertfile.pem';
$cakeyfile = 'cakeyfile.pem';
$certfile = 'certfile.pem';
$keyfile = 'keyfile.pem';
//Create a CA cert
//Make a new key pair
$capk = openssl_pkey_new($keyconfig);
//Create a certificate signing request
$csr = openssl_csr_new($cacertprops, $capk);
//Create a self-signed cert
$cert = openssl_csr_sign($csr, null, $capk, 1);
//Save the CA cert
openssl_x509_export($cert, $certout);
file_put_contents($cacertfile, $certout);
//Save the CA key
openssl_pkey_export($capk, $pkeyout, $password);
file_put_contents($cakeyfile, $pkeyout);
//Create a cert signed by our CA
//Make a new key pair
$pk = openssl_pkey_new($keyconfig);
//Create a certificate signing request
$csr = openssl_csr_new($certprops, $pk);
//Create a self-signed cert
$cert = openssl_csr_sign($csr, 'file://' . $cacertfile, $capk, 1);
//Save the cert
openssl_x509_export($cert, $certout);
file_put_contents($certfile, $certout);
//Save the key
openssl_pkey_export($pk, $pkeyout, $password);
file_put_contents($keyfile, $pkeyout);
$this->Mail->sign($certfile, $keyfile, $password, $cacertfile);
$this->assertTrue($this->Mail->send(), 'S/MIME signing with CA failed');
unlink($cacertfile);
unlink($cakeyfile);
unlink($certfile);
unlink($keyfile);
}
