/** * Enable Smime for this message. * The Smime module needs to be installed for this function to work. Otherwise it will return an exception. * The Smime password needs to be set in the $config['smtp_account_smime_password'] parameter in the Group-Office config file otherwise this function will throw an error. * * @throws Exception */ private function _setSmime() { // Check if the smime module is installed if (!\GO::modules()->isInstalled("smime")) { throw new \Exception('Smime module not installed'); } if (empty(\GO::config()->smtp_account_smime_password)) { throw new \Exception('No password for smime set in the Group-Office config file'); } // Check for a certificate for the give email account $cert = \GO\Smime\Model\Certificate::model()->findByPk($this->_account->id); if (!$cert || empty($cert->cert)) { throw new \Exception('No certificate enabled for the given account'); } // If the certificate is found, then get the password and attach the certificate to the message $this->setSignParams($cert->cert, \GO::config()->smtp_account_smime_password); }
public static function beforeSend(\GO\Email\Controller\MessageController $controller, array &$response, \GO\Base\Mail\SmimeMessage $message, \GO\Base\Mail\Mailer $mailer, \GO\Email\Model\Account $account, \GO\Email\Model\Alias $alias, $params) { if (!empty($params['sign_smime'])) { //$password = trim(file_get_contents("/home/mschering/password.txt")); $password = GO::session()->values['smime']['passwords'][$account->id]; $cert = Model\Certificate::model()->findByPk($account->id); $message->setSignParams($cert->cert, $password); } if (!empty($params['encrypt_smime'])) { if (!isset($cert)) { $cert = Model\Certificate::model()->findByPk($account->id); } $password = GO::session()->values['smime']['passwords'][$account->id]; openssl_pkcs12_read($cert->cert, $certs, $password); if (!isset($certs['cert'])) { throw new \Exception("Failed to get your public key for encryption"); } $to = $message->getTo(); $cc = $message->getCc(); $bcc = $message->getBcc(); if (is_array($cc)) { $to = array_merge($to, $cc); } if (is_array($bcc)) { $to = array_merge($to, $bcc); } //lookup all recipients $failed = array(); $publicCerts = array($certs['cert']); foreach ($to as $email => $name) { $pubCert = Model\PublicCertificate::model()->findSingleByAttributes(array('user_id' => GO::user()->id, 'email' => $email)); if (!$pubCert) { $failed[] = $email; } else { $publicCerts[] = $pubCert->cert; } } if (count($failed)) { throw new \Exception(sprintf(GO::t('noPublicCertForEncrypt', 'smime'), implode(', ', $failed))); } $message->setEncryptParams($publicCerts); } }
private function _decryptFile(\GO\Base\Fs\File $srcFile, \GO\Email\Model\Account $account) { $data = $srcFile->getContents(); if (strpos($data, "enveloped-data") || strpos($data, 'Encrypted Message')) { $cert = \GO\Smime\Model\Certificate::model()->findByPk($account->id); $password = \GO::session()->values['smime']['passwords'][$_REQUEST['account_id']]; openssl_pkcs12_read($cert->cert, $certs, $password); $decryptedFile = \GO\Base\Fs\File::tempFile(); $ret = openssl_pkcs7_decrypt($srcFile->path(), $decryptedFile->path(), $certs['cert'], array($certs['pkey'], $password)); if (!$decryptedFile->exists()) { throw new \Exception("Could not decrypt message: " . openssl_error_string()); } $decryptedFile->move($srcFile->parent(), $srcFile->name()); } }