/**
* Enable Smime for this message.
* The Smime module needs to be installed for this function to work. Otherwise it will return an exception.
* The Smime password needs to be set in the $config['smtp_account_smime_password'] parameter in the Group-Office config file otherwise this function will throw an error.
*
* @throws Exception
*/
private function _setSmime()
{
// Check if the smime module is installed
if (!\GO::modules()->isInstalled("smime")) {
throw new \Exception('Smime module not installed');
}
if (empty(\GO::config()->smtp_account_smime_password)) {
throw new \Exception('No password for smime set in the Group-Office config file');
}
// Check for a certificate for the give email account
$cert = \GO\Smime\Model\Certificate::model()->findByPk($this->_account->id);
if (!$cert || empty($cert->cert)) {
throw new \Exception('No certificate enabled for the given account');
}
// If the certificate is found, then get the password and attach the certificate to the message
$this->setSignParams($cert->cert, \GO::config()->smtp_account_smime_password);
}
public static function beforeSend(\GO\Email\Controller\MessageController $controller, array &$response, \GO\Base\Mail\SmimeMessage $message, \GO\Base\Mail\Mailer $mailer, \GO\Email\Model\Account $account, \GO\Email\Model\Alias $alias, $params)
{
if (!empty($params['sign_smime'])) {
//$password = trim(file_get_contents("/home/mschering/password.txt"));
$password = GO::session()->values['smime']['passwords'][$account->id];
$cert = Model\Certificate::model()->findByPk($account->id);
$message->setSignParams($cert->cert, $password);
}
if (!empty($params['encrypt_smime'])) {
if (!isset($cert)) {
$cert = Model\Certificate::model()->findByPk($account->id);
}
$password = GO::session()->values['smime']['passwords'][$account->id];
openssl_pkcs12_read($cert->cert, $certs, $password);
if (!isset($certs['cert'])) {
throw new \Exception("Failed to get your public key for encryption");
}
$to = $message->getTo();
$cc = $message->getCc();
$bcc = $message->getBcc();
if (is_array($cc)) {
$to = array_merge($to, $cc);
}
if (is_array($bcc)) {
$to = array_merge($to, $bcc);
}
//lookup all recipients
$failed = array();
$publicCerts = array($certs['cert']);
foreach ($to as $email => $name) {
$pubCert = Model\PublicCertificate::model()->findSingleByAttributes(array('user_id' => GO::user()->id, 'email' => $email));
if (!$pubCert) {
$failed[] = $email;
} else {
$publicCerts[] = $pubCert->cert;
}
}
if (count($failed)) {
throw new \Exception(sprintf(GO::t('noPublicCertForEncrypt', 'smime'), implode(', ', $failed)));
}
$message->setEncryptParams($publicCerts);
}
}
private function _decryptFile(\GO\Base\Fs\File $srcFile, \GO\Email\Model\Account $account)
{
$data = $srcFile->getContents();
if (strpos($data, "enveloped-data") || strpos($data, 'Encrypted Message')) {
$cert = \GO\Smime\Model\Certificate::model()->findByPk($account->id);
$password = \GO::session()->values['smime']['passwords'][$_REQUEST['account_id']];
openssl_pkcs12_read($cert->cert, $certs, $password);
$decryptedFile = \GO\Base\Fs\File::tempFile();
$ret = openssl_pkcs7_decrypt($srcFile->path(), $decryptedFile->path(), $certs['cert'], array($certs['pkey'], $password));
if (!$decryptedFile->exists()) {
throw new \Exception("Could not decrypt message: " . openssl_error_string());
}
$decryptedFile->move($srcFile->parent(), $srcFile->name());
}
}
