setEncryptCertificate() public method

Set the certificate location to use for encryption.
public setEncryptCertificate ( string | array $recipientCerts, integer $cipher = null ) : Swift_Signers_SMimeSigner
$recipientCerts string | array Either an single X.509 certificate, or an assoc array of X.509 certificates.
$cipher integer
return Swift_Signers_SMimeSigner
Ejemplo n.º 1
0
    public function testSignThenEncryptedMessage()
    {
        $message = Swift_SignedMessage::newInstance('Wonderful Subject')->setFrom(array('*****@*****.**' => 'John Doe'))->setTo(array('*****@*****.**', '*****@*****.**' => 'A name'))->setBody('Here is the message itself');
        $signer = new Swift_Signers_SMimeSigner();
        $signer->setSignCertificate($this->samplesDir . 'smime/sign.crt', $this->samplesDir . 'smime/sign.key');
        $signer->setEncryptCertificate($this->samplesDir . 'smime/encrypt.crt');
        $message->attachSigner($signer);
        $messageStream = new Swift_ByteStream_TemporaryFileByteStream();
        $message->toByteStream($messageStream);
        $messageStream->commit();
        $entityString = $messageStream->getContent();
        $headers = self::getHeadersOfMessage($entityString);
        if (!preg_match('#^application/(x\\-)?pkcs7-mime; smime-type=enveloped\\-data;#', $headers['content-type'])) {
            $this->fail('Content-type does not match.');
            return false;
        }
        $expectedBody = '(?:^[a-zA-Z0-9\\/\\r\\n+]*={0,2})';
        $decryptedMessageStream = new Swift_ByteStream_TemporaryFileByteStream();
        if (!openssl_pkcs7_decrypt($messageStream->getPath(), $decryptedMessageStream->getPath(), 'file://' . $this->samplesDir . 'smime/encrypt.crt', array('file://' . $this->samplesDir . 'smime/encrypt.key', 'swift'))) {
            $this->fail(sprintf('Decrypt of the message failed. Internal error "%s".', openssl_error_string()));
        }
        $entityString = $decryptedMessageStream->getContent();
        $headers = self::getHeadersOfMessage($entityString);
        if (!($boundary = $this->getBoundary($headers['content-type']))) {
            return false;
        }
        $expectedBody = <<<OEL
This is an S/MIME signed message

--{$boundary}
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Here is the message itself
--{$boundary}
Content-Type: application/(x\\-)?pkcs7-signature; name="smime\\.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime\\.p7s"

(?:^[a-zA-Z0-9\\/\\r\\n+]*={0,2})

--{$boundary}--
OEL;
        if (!$this->assertValidVerify($expectedBody, $decryptedMessageStream)) {
            return false;
        }
        unset($decryptedMessageStream, $messageStream);
    }
Ejemplo n.º 2
0
    public function testEncryptThenSignMessage()
    {
        $message = (new Swift_Message('Wonderful Subject'))->setFrom(array('*****@*****.**' => 'John Doe'))->setTo(array('*****@*****.**', '*****@*****.**' => 'A name'))->setBody('Here is the message itself');
        $originalMessage = $this->cleanMessage($message->toString());
        $signer = new Swift_Signers_SMimeSigner();
        $signer->setSignCertificate($this->samplesDir . 'smime/sign.crt', $this->samplesDir . 'smime/sign.key');
        $signer->setEncryptCertificate($this->samplesDir . 'smime/encrypt.crt');
        $signer->setSignThenEncrypt(false);
        $message->attachSigner($signer);
        $messageStream = $this->newFilteredStream();
        $message->toByteStream($messageStream);
        $messageStream->commit();
        $entityString = $messageStream->getContent();
        $headers = self::getHeadersOfMessage($entityString);
        if (!($boundary = $this->getBoundary($headers['content-type']))) {
            return false;
        }
        $expectedBody = <<<OEL
This is an S/MIME signed message

--{$boundary}
(?P<encrypted_message>MIME-Version: 1\\.0
Content-Disposition: attachment; filename="smime\\.p7m"
Content-Type: application/(x\\-)?pkcs7-mime; smime-type=enveloped-data; name="smime\\.p7m"
Content-Transfer-Encoding: base64

(?:^[a-zA-Z0-9\\/\\r\\n+]*={0,2})


)--{$boundary}
Content-Type: application/(x\\-)?pkcs7-signature; name="smime\\.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime\\.p7s"

(?:^[a-zA-Z0-9\\/\\r\\n+]*={0,2})

--{$boundary}--
OEL;
        if (!$this->assertValidVerify($expectedBody, $messageStream)) {
            return false;
        }
        $expectedBody = str_replace("\n", "\r\n", $expectedBody);
        if (!preg_match('%' . $expectedBody . '*%m', $entityString, $entities)) {
            $this->fail('Failed regex match.');
            return false;
        }
        $messageStreamClean = new Swift_ByteStream_TemporaryFileByteStream();
        $messageStreamClean->write($entities['encrypted_message']);
        $decryptedMessageStream = new Swift_ByteStream_TemporaryFileByteStream();
        if (!openssl_pkcs7_decrypt($messageStreamClean->getPath(), $decryptedMessageStream->getPath(), 'file://' . $this->samplesDir . 'smime/encrypt.crt', array('file://' . $this->samplesDir . 'smime/encrypt.key', 'swift'))) {
            $this->fail(sprintf('Decrypt of the message failed. Internal error "%s".', openssl_error_string()));
        }
        $this->assertEquals($originalMessage, $decryptedMessageStream->getContent());
        unset($messageStreamClean, $messageStream, $decryptedMessageStream);
    }