diff options
| author | Hugues Hiegel <root@paranoid> | 2015-04-21 12:49:44 +0200 |
|---|---|---|
| committer | Hugues Hiegel <root@paranoid> | 2015-04-21 12:49:44 +0200 |
| commit | 733f8e8d0ce6217d906d06dc4fb08e36d48ed794 (patch) | |
| tree | cff28366ff63ea6596f8026e1698090bd0b9405c /plugins/enigma/lib/enigma_driver_phpssl.php | |
| parent | ef2e7b3f9d264ec146d4dae257b1e295ab3b462a (diff) | |
| parent | a4ba3df54834ee90fb2c9930669f1229dc80261a (diff) | |
Conflicts:
composer.json-dist
config/defaults.inc.php
plugins
plugins/acl/acl.js
plugins/acl/acl.php
plugins/acl/skins/classic/templates/table.html
plugins/acl/skins/larry/templates/table.html
plugins/enigma/README
plugins/enigma/config.inc.php.dist
plugins/enigma/enigma.js
plugins/enigma/enigma.php
plugins/enigma/lib/enigma_driver.php
plugins/enigma/lib/enigma_driver_gnupg.php
plugins/enigma/lib/enigma_driver_phpssl.php
plugins/enigma/lib/enigma_engine.php
plugins/enigma/lib/enigma_error.php
plugins/enigma/lib/enigma_key.php
plugins/enigma/lib/enigma_signature.php
plugins/enigma/lib/enigma_subkey.php
plugins/enigma/lib/enigma_ui.php
plugins/enigma/lib/enigma_userid.php
plugins/enigma/localization/en_US.inc
plugins/enigma/localization/ja_JP.inc
plugins/enigma/localization/ru_RU.inc
plugins/enigma/skins/classic/enigma.css
plugins/enigma/skins/classic/templates/keys.html
plugins/help/config.inc.php.dist
plugins/help/help.php
plugins/help/localization/en_US.inc
plugins/jqueryui/jqueryui.php
plugins/managesieve/Changelog
plugins/managesieve/composer.json
plugins/managesieve/config.inc.php.dist
plugins/managesieve/lib/Roundcube/rcube_sieve.php
plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
plugins/managesieve/lib/Roundcube/rcube_sieve_vacation.php
plugins/managesieve/localization/en_US.inc
plugins/managesieve/managesieve.js
plugins/managesieve/skins/classic/managesieve.css
plugins/managesieve/skins/larry/managesieve.css
plugins/password/README
plugins/password/config.inc.php.dist
plugins/password/drivers/ldap.php
plugins/password/drivers/poppassd.php
plugins/password/drivers/vpopmaild.php
plugins/vcard_attachments/vcardattach.js
plugins/zipdownload/zipdownload.php
Diffstat (limited to 'plugins/enigma/lib/enigma_driver_phpssl.php')
| -rw-r--r-- | plugins/enigma/lib/enigma_driver_phpssl.php | 230 |
1 files changed, 230 insertions, 0 deletions
diff --git a/plugins/enigma/lib/enigma_driver_phpssl.php b/plugins/enigma/lib/enigma_driver_phpssl.php new file mode 100644 index 000000000..0250893d2 --- /dev/null +++ b/plugins/enigma/lib/enigma_driver_phpssl.php @@ -0,0 +1,230 @@ +<?php +/* + +-------------------------------------------------------------------------+ + | S/MIME driver for the Enigma Plugin | + | | + | Copyright (C) 2010-2015 The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + +-------------------------------------------------------------------------+ + | Author: Aleksander Machniak <alec@alec.pl> | + +-------------------------------------------------------------------------+ +*/ + +class enigma_driver_phpssl extends enigma_driver +{ + private $rc; + private $homedir; + private $user; + + function __construct($user) + { + $rcmail = rcmail::get_instance(); + $this->rc = $rcmail; + $this->user = $user; + } + + /** + * Driver initialization and environment checking. + * Should only return critical errors. + * + * @return mixed NULL on success, enigma_error on failure + */ + function init() + { + $homedir = $this->rc->config->get('enigma_smime_homedir', INSTALL_PATH . '/plugins/enigma/home'); + + if (!$homedir) + return new enigma_error(enigma_error::E_INTERNAL, + "Option 'enigma_smime_homedir' not specified"); + + // check if homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory doesn't exists: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Keys directory isn't writeable: $homedir"); + + $homedir = $homedir . '/' . $this->user; + + // check if user's homedir exists (create it if not) and is readable + if (!file_exists($homedir)) + mkdir($homedir, 0700); + + if (!file_exists($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to create keys directory: $homedir"); + if (!is_writable($homedir)) + return new enigma_error(enigma_error::E_INTERNAL, + "Unable to write to keys directory: $homedir"); + + $this->homedir = $homedir; + + } + + function encrypt($text, $keys) + { + } + + function decrypt($text, $keys = array()) + { + } + + function sign($text, $key, $passwd, $mode = null) + { + } + + function verify($struct, $message) + { + // use common temp dir + $temp_dir = $this->rc->config->get('temp_dir'); + $msg_file = tempnam($temp_dir, 'rcmMsg'); + $cert_file = tempnam($temp_dir, 'rcmCert'); + + $fh = fopen($msg_file, "w"); + if ($struct->mime_id) { + $message->get_part_body($struct->mime_id, false, 0, $fh); + } + else { + $this->rc->storage->get_raw_body($message->uid, $fh); + } + fclose($fh); + + // @TODO: use stored certificates + + // try with certificate verification + $sig = openssl_pkcs7_verify($msg_file, 0, $cert_file); + $validity = true; + + if ($sig !== true) { + // try without certificate verification + $sig = openssl_pkcs7_verify($msg_file, PKCS7_NOVERIFY, $cert_file); + $validity = enigma_error::E_UNVERIFIED; + } + + if ($sig === true) { + $sig = $this->parse_sig_cert($cert_file, $validity); + } + else { + $errorstr = $this->get_openssl_error(); + $sig = new enigma_error(enigma_error::E_INTERNAL, $errorstr); + } + + // remove temp files + @unlink($msg_file); + @unlink($cert_file); + + return $sig; + } + + public function import($content, $isfile=false) + { + } + + public function list_keys($pattern='') + { + } + + public function get_key($keyid) + { + } + + public function gen_key($data) + { + } + + public function delete_key($keyid) + { + } + + public function delete_privkey($keyid) + { + } + + public function delete_pubkey($keyid) + { + } + + /** + * Converts Crypt_GPG_Key object into Enigma's key object + * + * @param Crypt_GPG_Key Key object + * + * @return enigma_key Key object + */ + private function parse_key($key) + { +/* + $ekey = new enigma_key(); + + foreach ($key->getUserIds() as $idx => $user) { + $id = new enigma_userid(); + $id->name = $user->getName(); + $id->comment = $user->getComment(); + $id->email = $user->getEmail(); + $id->valid = $user->isValid(); + $id->revoked = $user->isRevoked(); + + $ekey->users[$idx] = $id; + } + + $ekey->name = trim($ekey->users[0]->name . ' <' . $ekey->users[0]->email . '>'); + + foreach ($key->getSubKeys() as $idx => $subkey) { + $skey = new enigma_subkey(); + $skey->id = $subkey->getId(); + $skey->revoked = $subkey->isRevoked(); + $skey->created = $subkey->getCreationDate(); + $skey->expires = $subkey->getExpirationDate(); + $skey->fingerprint = $subkey->getFingerprint(); + $skey->has_private = $subkey->hasPrivate(); + $skey->can_sign = $subkey->canSign(); + $skey->can_encrypt = $subkey->canEncrypt(); + + $ekey->subkeys[$idx] = $skey; + }; + + $ekey->id = $ekey->subkeys[0]->id; + + return $ekey; +*/ + } + + private function get_openssl_error() + { + $tmp = array(); + while ($errorstr = openssl_error_string()) { + $tmp[] = $errorstr; + } + + return join("\n", array_values($tmp)); + } + + private function parse_sig_cert($file, $validity) + { + $cert = openssl_x509_parse(file_get_contents($file)); + + if (empty($cert) || empty($cert['subject'])) { + $errorstr = $this->get_openssl_error(); + return new enigma_error(enigm_error::E_INTERNAL, $errorstr); + } + + $data = new enigma_signature(); + + $data->id = $cert['hash']; //? + $data->valid = $validity; + $data->fingerprint = $cert['serialNumber']; + $data->created = $cert['validFrom_time_t']; + $data->expires = $cert['validTo_time_t']; + $data->name = $cert['subject']['CN']; +// $data->comment = ''; + $data->email = $cert['subject']['emailAddress']; + + return $data; + } + +} |