Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX: Update swiftmailer librairies

Browse Source
This commit is contained in:
kamel
2021-12-07 17:11:34 +01:00
parent bd52613331
commit 1ca199d796
156 changed files with 2370 additions and 1637 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/BodySigner.php
View File

@@ -18,8 +18,6 @@ interface Swift_Signers_BodySigner extends Swift_Signer
/**
* Change the Swift_Signed_Message to apply the singing.
*
* @param Swift_Message $message
*
* @return self
*/
public function signMessage(Swift_Message $message);

78
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/DKIMSigner.php
View File

@@ -66,7 +66,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*
* @var array
*/
protected $ignoredHeaders = array('return-path' => true);
protected $ignoredHeaders = ['return-path' => true];
/**
* Signer identity.
@@ -124,14 +124,14 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*
* @var array
*/
protected $signedHeaders = array();
protected $signedHeaders = [];
/**
* If debugHeaders is set store debugData here.
*
* @var string
* @var string[]
*/
private $debugHeadersData = '';
private $debugHeadersData = [];
/**
* Stores the bodyHash.
@@ -163,7 +163,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
private $bodyCanonLine = '';
private $bound = array();
private $bound = [];
/**
* Constructor.
@@ -190,7 +190,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
public function reset()
{
$this->headerHash = null;
$this->signedHeaders = array();
$this->signedHeaders = [];
$this->bodyHash = null;
$this->bodyHashHandler = null;
$this->bodyCanonIgnoreStart = 2;
@@ -236,10 +236,9 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
/**
* Attach $is to this stream.
*
* The stream acts as an observer, receiving all data that is written.
* All {@link write()} and {@link flushBuffers()} operations will be mirrored.
*
* @param Swift_InputByteStream $is
*/
public function bind(Swift_InputByteStream $is)
{
@@ -251,11 +250,10 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
/**
* Remove an already bound stream.
*
* If $is is not bound, no errors will be raised.
* If the stream currently has any buffered data it will be written to $is
* before unbinding occurs.
*
* @param Swift_InputByteStream $is
*/
public function unbind(Swift_InputByteStream $is)
{
@@ -297,7 +295,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
break;
case 'rsa-sha256':
$this->hashAlgorithm = 'rsa-sha256';
if (!defined('OPENSSL_ALGO_SHA256')) {
if (!\defined('OPENSSL_ALGO_SHA256')) {
throw new Swift_SwiftException('Unable to set sha256 as it is not supported by OpenSSL.');
}
break;
@@ -317,7 +315,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*/
public function setBodyCanon($canon)
{
if ($canon == 'relaxed') {
if ('relaxed' == $canon) {
$this->bodyCanon = 'relaxed';
} else {
$this->bodyCanon = 'simple';
@@ -335,7 +333,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*/
public function setHeaderCanon($canon)
{
if ($canon == 'relaxed') {
if ('relaxed' == $canon) {
$this->headerCanon = 'relaxed';
} else {
$this->headerCanon = 'simple';
@@ -367,10 +365,10 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*/
public function setBodySignedLen($len)
{
if ($len === true) {
if (true === $len) {
$this->showLen = true;
$this->maxLen = PHP_INT_MAX;
} elseif ($len === false) {
} elseif (false === $len) {
$this->showLen = false;
$this->maxLen = PHP_INT_MAX;
} else {
@@ -456,9 +454,9 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
public function getAlteredHeaders()
{
if ($this->debugHeaders) {
return array('DKIM-Signature', 'X-DebugHash');
return ['DKIM-Signature', 'X-DebugHash'];
} else {
return array('DKIM-Signature');
return ['DKIM-Signature'];
}
}
@@ -471,7 +469,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
*/
public function ignoreHeader($header_name)
{
$this->ignoredHeaders[strtolower($header_name)] = true;
$this->ignoredHeaders[strtolower($header_name ?? '')] = true;
return $this;
}
@@ -479,8 +477,6 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
/**
* Set the headers to sign.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return Swift_Signers_DKIMSigner
*/
public function setHeaders(Swift_Mime_SimpleHeaderSet $headers)
@@ -490,11 +486,11 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
$listHeaders = $headers->listAll();
foreach ($listHeaders as $hName) {
// Check if we need to ignore Header
if (!isset($this->ignoredHeaders[strtolower($hName)])) {
if (!isset($this->ignoredHeaders[strtolower($hName ?? '')])) {
if ($headers->has($hName)) {
$tmp = $headers->getAll($hName);
foreach ($tmp as $header) {
if ($header->getFieldBody() != '') {
if ('' != $header->getFieldBody()) {
$this->addHeader($header->toString());
$this->signedHeaders[] = $header->getFieldName();
}
@@ -509,32 +505,30 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
/**
* Add the signature to the given Headers.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return Swift_Signers_DKIMSigner
*/
public function addSignature(Swift_Mime_SimpleHeaderSet $headers)
{
// Prepare the DKIM-Signature
$params = array('v' => '1', 'a' => $this->hashAlgorithm, 'bh' => base64_encode($this->bodyHash), 'd' => $this->domainName, 'h' => implode(': ', $this->signedHeaders), 'i' => $this->signerIdentity, 's' => $this->selector);
if ($this->bodyCanon != 'simple') {
$params = ['v' => '1', 'a' => $this->hashAlgorithm, 'bh' => base64_encode($this->bodyHash ?? ''), 'd' => $this->domainName, 'h' => implode(': ', $this->signedHeaders), 'i' => $this->signerIdentity, 's' => $this->selector];
if ('simple' != $this->bodyCanon) {
$params['c'] = $this->headerCanon.'/'.$this->bodyCanon;
} elseif ($this->headerCanon != 'simple') {
} elseif ('simple' != $this->headerCanon) {
$params['c'] = $this->headerCanon;
}
if ($this->showLen) {
$params['l'] = $this->bodyLen;
}
if ($this->signatureTimestamp === true) {
if (true === $this->signatureTimestamp) {
$params['t'] = time();
if ($this->signatureExpiration !== false) {
if (false !== $this->signatureExpiration) {
$params['x'] = $params['t'] + $this->signatureExpiration;
}
} else {
if ($this->signatureTimestamp !== false) {
if (false !== $this->signatureTimestamp) {
$params['t'] = $this->signatureTimestamp;
}
if ($this->signatureExpiration !== false) {
if (false !== $this->signatureExpiration) {
$params['x'] = $this->signatureExpiration;
}
}
@@ -550,11 +544,11 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
// Add the last DKIM-Signature
$tmp = $headers->getAll('DKIM-Signature');
$this->dkimHeader = end($tmp);
$this->addHeader(trim($this->dkimHeader->toString())."\r\n b=", true);
$this->addHeader(trim($this->dkimHeader->toString() ?? '')."\r\n b=", true);
if ($this->debugHeaders) {
$headers->addTextHeader('X-DebugHash', base64_encode($this->headerHash));
$headers->addTextHeader('X-DebugHash', base64_encode($this->headerHash ?? ''));
}
$this->dkimHeader->setValue($string.' b='.trim(chunk_split(base64_encode($this->getEncryptedHash()), 73, ' ')));
$this->dkimHeader->setValue($string.' b='.trim(chunk_split(base64_encode($this->getEncryptedHash() ?? ''), 73, ' ')));
return $this;
}
@@ -571,6 +565,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
$value = str_replace("\r\n", '', $exploded[1]);
$value = preg_replace("/[ \t][ \t]+/", ' ', $value);
$header = $name.':'.trim($value).($is_sig ? '' : "\r\n");
// no break
case 'simple':
// Nothing to do
}
@@ -579,9 +574,9 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
protected function canonicalizeBody($string)
{
$len = strlen($string);
$len = \strlen($string);
$canon = '';
$method = ($this->bodyCanon == 'relaxed');
$method = ('relaxed' == $this->bodyCanon);
for ($i = 0; $i < $len; ++$i) {
if ($this->bodyCanonIgnoreStart > 0) {
--$this->bodyCanonIgnoreStart;
@@ -592,11 +587,11 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
$this->bodyCanonLastChar = "\r";
break;
case "\n":
if ($this->bodyCanonLastChar == "\r") {
if ("\r" == $this->bodyCanonLastChar) {
if ($method) {
$this->bodyCanonSpace = false;
}
if ($this->bodyCanonLine == '') {
if ('' == $this->bodyCanonLine) {
++$this->bodyCanonEmptyCounter;
} else {
$this->bodyCanonLine = '';
@@ -613,6 +608,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
$this->bodyCanonSpace = true;
break;
}
// no break
default:
if ($this->bodyCanonEmptyCounter > 0) {
$canon .= str_repeat("\r\n", $this->bodyCanonEmptyCounter);
@@ -633,7 +629,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
protected function endOfBody()
{
// Add trailing Line return if last line is non empty
if (strlen($this->bodyCanonLine) > 0) {
if (\strlen($this->bodyCanonLine) > 0) {
$this->addToBodyHash("\r\n");
}
$this->bodyHash = hash_final($this->bodyHashHandler, true);
@@ -641,7 +637,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
private function addToBodyHash($string)
{
$len = strlen($string);
$len = \strlen($string);
if ($len > ($new_len = ($this->maxLen - $this->bodyLen))) {
$string = substr($string, 0, $new_len);
$len = $new_len;
@@ -653,7 +649,7 @@ class Swift_Signers_DKIMSigner implements Swift_Signers_HeaderSigner
private function addToHeaderHash($header)
{
if ($this->debugHeaders) {
$this->debugHeadersData[] = trim($header);
$this->debugHeadersData[] = trim($header ?? '');
}
$this->headerCanonData .= $header;
}

46
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/DomainKeySigner.php
View File

@@ -55,7 +55,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*
* @var array
*/
protected $ignoredHeaders = array();
protected $ignoredHeaders = [];
/**
* Signer identity.
@@ -77,7 +77,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*
* @var array
*/
private $signedHeaders = array();
private $signedHeaders = [];
/**
* Stores the signature header.
@@ -93,8 +93,6 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*/
private $hashHandler;
private $hash;
private $canonData = '';
private $bodyCanonEmptyCounter = 0;
@@ -107,7 +105,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
private $bodyCanonLine = '';
private $bound = array();
private $bound = [];
/**
* Constructor.
@@ -131,7 +129,6 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*/
public function reset()
{
$this->hash = null;
$this->hashHandler = null;
$this->bodyCanonIgnoreStart = 2;
$this->bodyCanonEmptyCounter = 0;
@@ -185,11 +182,10 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
/**
* Attach $is to this stream.
*
* The stream acts as an observer, receiving all data that is written.
* All {@link write()} and {@link flushBuffers()} operations will be mirrored.
*
* @param Swift_InputByteStream $is
*
* @return $this
*/
public function bind(Swift_InputByteStream $is)
@@ -202,12 +198,11 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
/**
* Remove an already bound stream.
*
* If $is is not bound, no errors will be raised.
* If the stream currently has any buffered data it will be written to $is
* before unbinding occurs.
*
* @param Swift_InputByteStream $is
*
* @return $this
*/
public function unbind(Swift_InputByteStream $is)
@@ -262,7 +257,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*/
public function setCanon($canon)
{
if ($canon == 'nofws') {
if ('nofws' == $canon) {
$this->canon = 'nofws';
} else {
$this->canon = 'simple';
@@ -322,10 +317,10 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
public function getAlteredHeaders()
{
if ($this->debugHeaders) {
return array('DomainKey-Signature', 'X-DebugHash');
return ['DomainKey-Signature', 'X-DebugHash'];
}
return array('DomainKey-Signature');
return ['DomainKey-Signature'];
}
/**
@@ -337,7 +332,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
*/
public function ignoreHeader($header_name)
{
$this->ignoredHeaders[strtolower($header_name)] = true;
$this->ignoredHeaders[strtolower($header_name ?? '')] = true;
return $this;
}
@@ -345,8 +340,6 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
/**
* Set the headers to sign.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return $this
*/
public function setHeaders(Swift_Mime_SimpleHeaderSet $headers)
@@ -357,11 +350,11 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
$listHeaders = $headers->listAll();
foreach ($listHeaders as $hName) {
// Check if we need to ignore Header
if (!isset($this->ignoredHeaders[strtolower($hName)])) {
if (!isset($this->ignoredHeaders[strtolower($hName ?? '')])) {
if ($headers->has($hName)) {
$tmp = $headers->getAll($hName);
foreach ($tmp as $header) {
if ($header->getFieldBody() != '') {
if ('' != $header->getFieldBody()) {
$this->addHeader($header->toString());
$this->signedHeaders[] = $header->getFieldName();
}
@@ -377,14 +370,12 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
/**
* Add the signature to the given Headers.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return $this
*/
public function addSignature(Swift_Mime_SimpleHeaderSet $headers)
{
// Prepare the DomainKey-Signature Header
$params = array('a' => $this->hashAlgorithm, 'b' => chunk_split(base64_encode($this->getEncryptedHash()), 73, ' '), 'c' => $this->canon, 'd' => $this->domainName, 'h' => implode(': ', $this->signedHeaders), 'q' => 'dns', 's' => $this->selector);
$params = ['a' => $this->hashAlgorithm, 'b' => chunk_split(base64_encode($this->getEncryptedHash() ?? ''), 73, ' '), 'c' => $this->canon, 'd' => $this->domainName, 'h' => implode(': ', $this->signedHeaders), 'q' => 'dns', 's' => $this->selector];
$string = '';
foreach ($params as $k => $v) {
$string .= $k.'='.$v.'; ';
@@ -407,6 +398,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
$value = str_replace("\r\n", '', $exploded[1]);
$value = preg_replace("/[ \t][ \t]+/", ' ', $value);
$header = $name.':'.trim($value)."\r\n";
// no break
case 'simple':
// Nothing to do
}
@@ -420,9 +412,9 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
protected function canonicalizeBody($string)
{
$len = strlen($string);
$len = \strlen($string);
$canon = '';
$nofws = ($this->canon == 'nofws');
$nofws = ('nofws' == $this->canon);
for ($i = 0; $i < $len; ++$i) {
if ($this->bodyCanonIgnoreStart > 0) {
--$this->bodyCanonIgnoreStart;
@@ -433,11 +425,11 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
$this->bodyCanonLastChar = "\r";
break;
case "\n":
if ($this->bodyCanonLastChar == "\r") {
if ("\r" == $this->bodyCanonLastChar) {
if ($nofws) {
$this->bodyCanonSpace = false;
}
if ($this->bodyCanonLine == '') {
if ('' == $this->bodyCanonLine) {
++$this->bodyCanonEmptyCounter;
} else {
$this->bodyCanonLine = '';
@@ -455,6 +447,7 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
$this->bodyCanonSpace = true;
break;
}
// no break
default:
if ($this->bodyCanonEmptyCounter > 0) {
$canon .= str_repeat("\r\n", $this->bodyCanonEmptyCounter);
@@ -469,10 +462,9 @@ class Swift_Signers_DomainKeySigner implements Swift_Signers_HeaderSigner
protected function endOfBody()
{
if (strlen($this->bodyCanonLine) > 0) {
if (\strlen($this->bodyCanonLine) > 0) {
$this->addToHash("\r\n");
}
$this->hash = hash_final($this->hashHandler, true);
}
private function addToHash($string)

4
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/HeaderSigner.php
View File

@@ -41,8 +41,6 @@ interface Swift_Signers_HeaderSigner extends Swift_Signer, Swift_InputByteStream
/**
* Give the headers already given.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return self
*/
public function setHeaders(Swift_Mime_SimpleHeaderSet $headers);
@@ -50,8 +48,6 @@ interface Swift_Signers_HeaderSigner extends Swift_Signer, Swift_InputByteStream
/**
* Add the header(s) to the headerSet.
*
* @param Swift_Mime_SimpleHeaderSet $headers
*
* @return self
*/
public function addSignature(Swift_Mime_SimpleHeaderSet $headers);

28
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/OpenDKIMSigner.php
View File

@@ -13,6 +13,8 @@
* Takes advantage of pecl extension.
*
* @author Xavier De Cock <xdecock@gmail.com>
*
* @deprecated since SwiftMailer 6.1.0; use Swift_Signers_DKIMSigner instead.
*/
class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
{
@@ -29,7 +31,7 @@ class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
public function __construct($privateKey, $domainName, $selector)
{
if (!extension_loaded('opendkim')) {
if (!\extension_loaded('opendkim')) {
throw new Swift_SwiftException('php-opendkim extension not found');
}
@@ -42,7 +44,7 @@ class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
{
$header = new Swift_Mime_Headers_OpenDKIMHeader('DKIM-Signature');
$headerVal = $this->dkimHandler->getSignatureHeader();
if (!$headerVal) {
if (false === $headerVal || \is_int($headerVal)) {
throw new Swift_SwiftException('OpenDKIM Error: '.$this->dkimHandler->getError());
}
$header->setValue($headerVal);
@@ -53,14 +55,10 @@ class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
public function setHeaders(Swift_Mime_SimpleHeaderSet $headers)
{
$bodyLen = $this->bodyLen;
if (is_bool($bodyLen)) {
$bodyLen = -1;
}
$hash = $this->hashAlgorithm == 'rsa-sha1' ? OpenDKIMSign::ALG_RSASHA1 : OpenDKIMSign::ALG_RSASHA256;
$bodyCanon = $this->bodyCanon == 'simple' ? OpenDKIMSign::CANON_SIMPLE : OpenDKIMSign::CANON_RELAXED;
$headerCanon = $this->headerCanon == 'simple' ? OpenDKIMSign::CANON_SIMPLE : OpenDKIMSign::CANON_RELAXED;
$this->dkimHandler = new OpenDKIMSign($this->privateKey, $this->selector, $this->domainName, $headerCanon, $bodyCanon, $hash, $bodyLen);
$hash = 'rsa-sha1' == $this->hashAlgorithm ? OpenDKIMSign::ALG_RSASHA1 : OpenDKIMSign::ALG_RSASHA256;
$bodyCanon = 'simple' == $this->bodyCanon ? OpenDKIMSign::CANON_SIMPLE : OpenDKIMSign::CANON_RELAXED;
$headerCanon = 'simple' == $this->headerCanon ? OpenDKIMSign::CANON_SIMPLE : OpenDKIMSign::CANON_RELAXED;
$this->dkimHandler = new OpenDKIMSign($this->privateKey, $this->selector, $this->domainName, $headerCanon, $bodyCanon, $hash, -1);
// Hardcode signature Margin for now
$this->dkimHandler->setMargin(78);
@@ -77,11 +75,11 @@ class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
$listHeaders = $headers->listAll();
foreach ($listHeaders as $hName) {
// Check if we need to ignore Header
if (!isset($this->ignoredHeaders[strtolower($hName)])) {
if (!isset($this->ignoredHeaders[strtolower($hName ?? '')])) {
$tmp = $headers->getAll($hName);
if ($headers->has($hName)) {
foreach ($tmp as $header) {
if ($header->getFieldBody() != '') {
if ('' != $header->getFieldBody()) {
$htosign = $header->toString();
$this->dkimHandler->header($htosign);
$this->signedHeaders[] = $header->getFieldName();
@@ -172,13 +170,13 @@ class Swift_Signers_OpenDKIMSigner extends Swift_Signers_DKIMSigner
if (!$this->peclLoaded) {
return parent::canonicalizeBody($string);
}
if (false && $this->dropFirstLF === true) {
if ($string[0] == "\r" && $string[1] == "\n") {
if (true === $this->dropFirstLF) {
if ("\r" == $string[0] && "\n" == $string[1]) {
$string = substr($string, 2);
}
}
$this->dropFirstLF = false;
if (strlen($string)) {
if (\strlen($string)) {
$this->dkimHandler->body($string);
}
}

485
htdocs/includes/swiftmailer/lib/classes/Swift/Signers/SMimeSigner.php
View File

@@ -11,9 +11,9 @@
/**
* MIME Message Signer used to apply S/MIME Signature/Encryption to a message.
*
*
* @author Romain-Geissler
* @author Sebastiaan Stok <s.stok@rollerscapes.net>
* @author Jan Flora <jf@penneo.com>
*/
class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
{
@@ -27,6 +27,7 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
protected $encryptOptions;
protected $encryptCipher;
protected $extraCerts = null;
protected $wrapFullMessage = false;
/**
* @var Swift_StreamFilters_StringReplacementFilterFactory
@@ -65,7 +66,7 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
/**
* Set the certificate location to use for signing.
*
* @see http://www.php.net/manual/en/openssl.pkcs7.flags.php
* @see https://secure.php.net/manual/en/openssl.pkcs7.flags.php
*
* @param string $certificate
* @param string|array $privateKey If the key needs an passphrase use array('file-location', 'passphrase') instead
@@ -79,7 +80,7 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
$this->signCertificate = 'file://'.str_replace('\\', '/', realpath($certificate));
if (null !== $privateKey) {
if (is_array($privateKey)) {
if (\is_array($privateKey)) {
$this->signPrivateKey = $privateKey;
$this->signPrivateKey[0] = 'file://'.str_replace('\\', '/', realpath($privateKey[0]));
} else {
@@ -88,9 +89,7 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
}
$this->signOptions = $signOptions;
if (null !== $extraCerts) {
$this->extraCerts = str_replace('\\', '/', realpath($extraCerts));
}
$this->extraCerts = $extraCerts ? realpath($extraCerts) : null;
return $this;
}
@@ -98,8 +97,8 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
/**
* Set the certificate location to use for encryption.
*
* @see http://www.php.net/manual/en/openssl.pkcs7.flags.php
* @see http://nl3.php.net/manual/en/openssl.ciphers.php
* @see https://secure.php.net/manual/en/openssl.pkcs7.flags.php
* @see https://secure.php.net/manual/en/openssl.ciphers.php
*
* @param string|array $recipientCerts Either an single X.509 certificate, or an assoc array of X.509 certificates.
* @param int $cipher
@@ -108,8 +107,8 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
*/
public function setEncryptCertificate($recipientCerts, $cipher = null)
{
if (is_array($recipientCerts)) {
$this->encryptCert = array();
if (\is_array($recipientCerts)) {
$this->encryptCert = [];
foreach ($recipientCerts as $cert) {
$this->encryptCert[] = 'file://'.str_replace('\\', '/', realpath($cert));
@@ -178,9 +177,27 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
}
/**
* Change the Swift_Message to apply the signing.
* Specify whether to wrap the entire MIME message in the S/MIME message.
*
* @param Swift_Message $message
* According to RFC5751 section 3.1:
* In order to protect outer, non-content-related message header fields
* (for instance, the "Subject", "To", "From", and "Cc" fields), the
* sending client MAY wrap a full MIME message in a message/rfc822
* wrapper in order to apply S/MIME security services to these header
* fields. It is up to the receiving client to decide how to present
* this "inner" header along with the unprotected "outer" header.
*
* @param bool $wrap
*
* @return $this
*/
public function setWrapFullMessage($wrap)
{
$this->wrapFullMessage = $wrap;
}
/**
* Change the Swift_Message to apply the signing.
*
* @return $this
*/
@@ -190,17 +207,13 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
return $this;
}
// Store the message using ByteStream to a file{1}
// Remove all Children
// Sign file{1}, parse the new MIME headers and set them on the primary MimeEntity
// Set the singed-body as the new body (without boundary)
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$this->toSMimeByteStream($messageStream, $message);
$message->setEncoder(Swift_DependencyContainer::getInstance()->lookup('mime.rawcontentencoder'));
$message->setChildren(array());
$this->streamToMime($messageStream, $message);
if ($this->signThenEncrypt) {
$this->smimeSignMessage($message);
$this->smimeEncryptMessage($message);
} else {
$this->smimeEncryptMessage($message);
$this->smimeSignMessage($message);
}
}
/**
@@ -210,102 +223,303 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
*/
public function getAlteredHeaders()
{
return array('Content-Type', 'Content-Transfer-Encoding', 'Content-Disposition');
return ['Content-Type', 'Content-Transfer-Encoding', 'Content-Disposition'];
}
/**
* @param Swift_InputByteStream $inputStream
* @param Swift_Message $mimeEntity
* Sign a Swift message.
*/
protected function toSMimeByteStream(Swift_InputByteStream $inputStream, Swift_Message $message)
protected function smimeSignMessage(Swift_Message $message)
{
$mimeEntity = $this->createMessage($message);
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$mimeEntity->toByteStream($messageStream);
$messageStream->commit();
if (null !== $this->signCertificate && null !== $this->encryptCert) {
$temporaryStream = new Swift_ByteStream_TemporaryFileByteStream();
if ($this->signThenEncrypt) {
$this->messageStreamToSignedByteStream($messageStream, $temporaryStream);
$this->messageStreamToEncryptedByteStream($temporaryStream, $inputStream);
} else {
$this->messageStreamToEncryptedByteStream($messageStream, $temporaryStream);
$this->messageStreamToSignedByteStream($temporaryStream, $inputStream);
}
} elseif ($this->signCertificate !== null) {
$this->messageStreamToSignedByteStream($messageStream, $inputStream);
} else {
$this->messageStreamToEncryptedByteStream($messageStream, $inputStream);
// If we don't have a certificate we can't sign the message
if (null === $this->signCertificate) {
return;
}
}
/**
* @param Swift_Message $message
*
* @return Swift_Message
*/
protected function createMessage(Swift_Message $message)
{
$mimeEntity = new Swift_Message('', $message->getBody(), $message->getContentType(), $message->getCharset());
$mimeEntity->setChildren($message->getChildren());
// Work on a clone of the original message
$signMessage = clone $message;
$signMessage->clearSigners();
$messageHeaders = $mimeEntity->getHeaders();
$messageHeaders->remove('Message-ID');
$messageHeaders->remove('Date');
$messageHeaders->remove('Subject');
$messageHeaders->remove('MIME-Version');
$messageHeaders->remove('To');
$messageHeaders->remove('From');
if ($this->wrapFullMessage) {
// The original message essentially becomes the body of the new
// wrapped message
$signMessage = $this->wrapMimeMessage($signMessage);
} else {
// Only keep header needed to parse the body correctly
$this->clearAllHeaders($signMessage);
$this->copyHeaders(
$message,
$signMessage,
[
'Content-Type',
'Content-Transfer-Encoding',
'Content-Disposition',
]
);
}
return $mimeEntity;
}
/**
* @param Swift_FileStream $outputStream
* @param Swift_InputByteStream $inputStream
*
* @throws Swift_IoException
*/
protected function messageStreamToSignedByteStream(Swift_FileStream $outputStream, Swift_InputByteStream $inputStream)
{
// Copy the cloned message into a temporary file stream
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$signMessage->toByteStream($messageStream);
$messageStream->commit();
$signedMessageStream = new Swift_ByteStream_TemporaryFileByteStream();
$args = array($outputStream->getPath(), $signedMessageStream->getPath(), $this->signCertificate, $this->signPrivateKey, array(), $this->signOptions);
if (null !== $this->extraCerts) {
$args[] = $this->extraCerts;
}
if (!call_user_func_array('openssl_pkcs7_sign', $args)) {
// Sign the message using openssl
if (!openssl_pkcs7_sign(
$messageStream->getPath(),
$signedMessageStream->getPath(),
$this->signCertificate,
$this->signPrivateKey,
[],
$this->signOptions,
$this->extraCerts
)
) {
throw new Swift_IoException(sprintf('Failed to sign S/Mime message. Error: "%s".', openssl_error_string()));
}
$this->copyFromOpenSSLOutput($signedMessageStream, $inputStream);
// Parse the resulting signed message content back into the Swift message
// preserving the original headers
$this->parseSSLOutput($signedMessageStream, $message);
}
/**
* @param Swift_FileStream $outputStream
* @param Swift_InputByteStream $is
*
* @throws Swift_IoException
* Encrypt a Swift message.
*/
protected function messageStreamToEncryptedByteStream(Swift_FileStream $outputStream, Swift_InputByteStream $is)
protected function smimeEncryptMessage(Swift_Message $message)
{
// If we don't have a certificate we can't encrypt the message
if (null === $this->encryptCert) {
return;
}
// Work on a clone of the original message
$encryptMessage = clone $message;
$encryptMessage->clearSigners();
if ($this->wrapFullMessage) {
// The original message essentially becomes the body of the new
// wrapped message
$encryptMessage = $this->wrapMimeMessage($encryptMessage);
} else {
// Only keep header needed to parse the body correctly
$this->clearAllHeaders($encryptMessage);
$this->copyHeaders(
$message,
$encryptMessage,
[
'Content-Type',
'Content-Transfer-Encoding',
'Content-Disposition',
]
);
}
// Convert the message content (including headers) to a string
// and place it in a temporary file
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$encryptMessage->toByteStream($messageStream);
$messageStream->commit();
$encryptedMessageStream = new Swift_ByteStream_TemporaryFileByteStream();
if (!openssl_pkcs7_encrypt($outputStream->getPath(), $encryptedMessageStream->getPath(), $this->encryptCert, array(), 0, $this->encryptCipher)) {
// Encrypt the message
if (!openssl_pkcs7_encrypt(
$messageStream->getPath(),
$encryptedMessageStream->getPath(),
$this->encryptCert,
[],
0,
$this->encryptCipher
)
) {
throw new Swift_IoException(sprintf('Failed to encrypt S/Mime message. Error: "%s".', openssl_error_string()));
}
$this->copyFromOpenSSLOutput($encryptedMessageStream, $is);
// Parse the resulting signed message content back into the Swift message
// preserving the original headers
$this->parseSSLOutput($encryptedMessageStream, $message);
}
/**
* @param Swift_OutputByteStream $fromStream
* @param Swift_InputByteStream $toStream
* Copy named headers from one Swift message to another.
*/
protected function copyHeaders(
Swift_Message $fromMessage,
Swift_Message $toMessage,
array $headers = []
) {
foreach ($headers as $header) {
$this->copyHeader($fromMessage, $toMessage, $header);
}
}
/**
* Copy a single header from one Swift message to another.
*
* @param string $headerName
*/
protected function copyHeader(Swift_Message $fromMessage, Swift_Message $toMessage, $headerName)
{
$header = $fromMessage->getHeaders()->get($headerName);
if (!$header) {
return;
}
$headers = $toMessage->getHeaders();
switch ($header->getFieldType()) {
case Swift_Mime_Header::TYPE_TEXT:
$headers->addTextHeader($header->getFieldName(), $header->getValue());
break;
case Swift_Mime_Header::TYPE_PARAMETERIZED:
$headers->addParameterizedHeader(
$header->getFieldName(),
$header->getValue(),
$header->getParameters()
);
break;
}
}
/**
* Remove all headers from a Swift message.
*/
protected function clearAllHeaders(Swift_Message $message)
{
$headers = $message->getHeaders();
foreach ($headers->listAll() as $header) {
$headers->removeAll($header);
}
}
/**
* Wraps a Swift_Message in a message/rfc822 MIME part.
*
* @return Swift_MimePart
*/
protected function wrapMimeMessage(Swift_Message $message)
{
// Start by copying the original message into a message stream
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$message->toByteStream($messageStream);
$messageStream->commit();
// Create a new MIME part that wraps the original stream
$wrappedMessage = new Swift_MimePart($messageStream, 'message/rfc822');
$wrappedMessage->setEncoder(new Swift_Mime_ContentEncoder_PlainContentEncoder('7bit'));
return $wrappedMessage;
}
protected function parseSSLOutput(Swift_InputByteStream $inputStream, Swift_Message $message)
{
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$this->copyFromOpenSSLOutput($inputStream, $messageStream);
$this->streamToMime($messageStream, $message);
}
/**
* Merges an OutputByteStream from OpenSSL to a Swift_Message.
*/
protected function streamToMime(Swift_OutputByteStream $fromStream, Swift_Message $message)
{
// Parse the stream into headers and body
list($headers, $messageStream) = $this->parseStream($fromStream);
// Get the original message headers
$messageHeaders = $message->getHeaders();
// Let the stream determine the headers describing the body content,
// since the body of the original message is overwritten by the body
// coming from the stream.
// These are all content-* headers.
// Default transfer encoding is 7bit if not set
$encoding = '';
// Remove all existing transfer encoding headers
$messageHeaders->removeAll('Content-Transfer-Encoding');
// See whether the stream sets the transfer encoding
if (isset($headers['content-transfer-encoding'])) {
$encoding = $headers['content-transfer-encoding'];
}
// We use the null content encoder, since the body is already encoded
// according to the transfer encoding specified in the stream
$message->setEncoder(new Swift_Mime_ContentEncoder_NullContentEncoder($encoding));
// Set the disposition, if present
if (isset($headers['content-disposition'])) {
$messageHeaders->addTextHeader('Content-Disposition', $headers['content-disposition']);
}
// Copy over the body from the stream using the content type dictated
// by the stream content
$message->setChildren([]);
$message->setBody($messageStream, $headers['content-type']);
}
/**
* This message will parse the headers of a MIME email byte stream
* and return an array that contains the headers as an associative
* array and the email body as a string.
*
* @return array
*/
protected function parseStream(Swift_OutputByteStream $emailStream)
{
$bufferLength = 78;
$headerData = '';
$headerBodySeparator = "\r\n\r\n";
$emailStream->setReadPointer(0);
// Read out the headers section from the stream to a string
while (false !== ($buffer = $emailStream->read($bufferLength))) {
$headerData .= $buffer;
$headersPosEnd = strpos($headerData, $headerBodySeparator);
// Stop reading if we found the end of the headers
if (false !== $headersPosEnd) {
break;
}
}
// Split the header data into lines
$headerData = trim(substr($headerData, 0, $headersPosEnd));
$headerLines = explode("\r\n", $headerData);
unset($headerData);
$headers = [];
$currentHeaderName = '';
// Transform header lines into an associative array
foreach ($headerLines as $headerLine) {
// Handle headers that span multiple lines
if (false === strpos($headerLine, ':')) {
$headers[$currentHeaderName] .= ' '.trim($headerLine ?? '');
continue;
}
$header = explode(':', $headerLine, 2);
$currentHeaderName = strtolower($header[0] ?? '');
$headers[$currentHeaderName] = trim($header[1] ?? '');
}
// Read the entire email body into a byte stream
$bodyStream = new Swift_ByteStream_TemporaryFileByteStream();
// Skip the header and separator and point to the body
$emailStream->setReadPointer($headersPosEnd + \strlen($headerBodySeparator));
while (false !== ($buffer = $emailStream->read($bufferLength))) {
$bodyStream->write($buffer);
}
$bodyStream->commit();
return [$headers, $bodyStream];
}
protected function copyFromOpenSSLOutput(Swift_OutputByteStream $fromStream, Swift_InputByteStream $toStream)
{
$bufferLength = 4096;
@@ -325,93 +539,4 @@ class Swift_Signers_SMimeSigner implements Swift_Signers_BodySigner
$toStream->commit();
}
/**
* Merges an OutputByteStream to Swift_Message.
*
* @param Swift_OutputByteStream $fromStream
* @param Swift_Message $message
*/
protected function streamToMime(Swift_OutputByteStream $fromStream, Swift_Message $message)
{
$bufferLength = 78;
$headerData = '';
$fromStream->setReadPointer(0);
while (($buffer = $fromStream->read($bufferLength)) !== false) {
$headerData .= $buffer;
if (false !== strpos($buffer, "\r\n\r\n")) {
break;
}
}
$headersPosEnd = strpos($headerData, "\r\n\r\n");
$headerData = trim($headerData);
$headerData = substr($headerData, 0, $headersPosEnd);
$headerLines = explode("\r\n", $headerData);
unset($headerData);
$headers = array();
$currentHeaderName = '';
foreach ($headerLines as $headerLine) {
// Line separated
if (ctype_space($headerLines[0]) || false === strpos($headerLine, ':')) {
$headers[$currentHeaderName] .= ' '.trim($headerLine);
continue;
}
$header = explode(':', $headerLine, 2);
$currentHeaderName = strtolower($header[0]);
$headers[$currentHeaderName] = trim($header[1]);
}
$messageStream = new Swift_ByteStream_TemporaryFileByteStream();
$messageStream->addFilter($this->replacementFactory->createFilter("\r\n", "\n"), 'CRLF to LF');
$messageStream->addFilter($this->replacementFactory->createFilter("\n", "\r\n"), 'LF to CRLF');
$messageHeaders = $message->getHeaders();
// No need to check for 'application/pkcs7-mime', as this is always base64
if ('multipart/signed;' === substr($headers['content-type'], 0, 17)) {
if (!preg_match('/boundary=("[^"]+"|(?:[^\s]+|$))/is', $headers['content-type'], $contentTypeData)) {
throw new Swift_SwiftException('Failed to find Boundary parameter');
}
$boundary = trim($contentTypeData['1'], '"');
// Skip the header and CRLF CRLF
$fromStream->setReadPointer($headersPosEnd + 4);
while (false !== ($buffer = $fromStream->read($bufferLength))) {
$messageStream->write($buffer);
}
$messageStream->commit();
$messageHeaders->remove('Content-Transfer-Encoding');
$message->setContentType($headers['content-type']);
$message->setBoundary($boundary);
$message->setBody($messageStream);
} else {
$fromStream->setReadPointer($headersPosEnd + 4);
if (null === $this->headerFactory) {
$this->headerFactory = Swift_DependencyContainer::getInstance()->lookup('mime.headerfactory');
}
$message->setContentType($headers['content-type']);
$messageHeaders->set($this->headerFactory->createTextHeader('Content-Transfer-Encoding', $headers['content-transfer-encoding']));
$messageHeaders->set($this->headerFactory->createTextHeader('Content-Disposition', $headers['content-disposition']));
while (false !== ($buffer = $fromStream->read($bufferLength))) {
$messageStream->write($buffer);
}
$messageStream->commit();
$message->setBody($messageStream);
}
}
}