Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for SMIME for digital signing and encryption of message #1611

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Support for SMIME for digital signing and encryption of message #1611

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ce0eeb7
Support for SMIME for digital signing and encryption of message
Nov 30, 2018
01897c9
Formatting fixes
Nov 30, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
51 changes: 51 additions & 0 deletions src/PHPMailer.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -682,6 +682,20 @@ class PHPMailer
*/
protected $sign_key_pass = '';

/**
* An array of public PEM encoded certificates for each recipient
*
* @var array
*/
protected $encrypt_recipcerts = [];

/**
* Used if body should be S/MIME encrypted
*
* @var bool
*/
protected $encrypt_body = false;

/**
* Whether to throw exceptions for errors.
*
Expand Down Expand Up @@ -2684,6 +2698,30 @@ public function createBody()
@unlink($signed);
throw new Exception($this->lang('signing') . openssl_error_string());
}

if ($this->encrypt_body) {
// Write out the encrypted message
$file = tempnam(sys_get_temp_dir(), 'mail');
if (false === file_put_contents($file, $this->MIMEHeader . static::$LE . static::$LE . $body)) {
throw new phpmailerException($this->lang('encrypting') . ' Could not write temp file');
}
$encrypted = tempnam(sys_get_temp_dir(), 'encrypted');

$encrypt = openssl_pkcs7_encrypt($file, $encrypted, $this->encrypt_recipcerts, []);
if ($encrypt) {
@unlink($file);
$body = file_get_contents($encrypted);
// As with signing, the headers get rewriting after encrypting
$parts = explode("\n\n", $body, 2);
$this->MIMEHeader = $parts[0] . static::$LE . static::$LE;
$body = $parts[1];
@unlink($encrypted);
} else {
@unlink($file);
@unlink($encrypted);
throw new phpmailerException($this->lang('encrypting') . openssl_error_string());
}
}
} catch (Exception $exc) {
$body = '';
if ($this->exceptions) {
Expand Down Expand Up @@ -4157,6 +4195,19 @@ public function sign($cert_filename, $key_filename, $key_pass, $extracerts_filen
$this->sign_extracerts_file = $extracerts_filename;
}

/**
* Set the certificates, keys and passwords to encrypt via S/MIME
*
* @param array $recipcerts Array of certificates used for recipients in PEM format
* @param mixed $recipcert_file
*/
public function add_encryption($recipcert_file)
{
$this->encrypt_body = true;
$cert = file_get_contents($recipcert_file);
array_push($this->encrypt_recipcerts, $cert);
}

/**
* Quoted-Printable-encode a DKIM header.
*
Expand Down