symfony
diff --git a/‎src/Symfony/Component/Mime/MessageConverter.php
Lines changed: 4 additions & 0 deletions b/‎src/Symfony/Component/Mime/MessageConverter.php
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Mime/RawMessage.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Mime/RawMessage.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Mime/Security/SMime.php
Lines changed: 69 additions & 0 deletions b/‎src/Symfony/Component/Mime/Security/SMime.php
Lines changed: 69 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Mime/Security/SMimeEncrypter.php
Lines changed: 55 additions & 0 deletions b/‎src/Symfony/Component/Mime/Security/SMimeEncrypter.php
Lines changed: 55 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Mime/Security/SMimeSigner.php
Lines changed: 72 additions & 0 deletions b/‎src/Symfony/Component/Mime/Security/SMimeSigner.php
Lines changed: 72 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Mime/Tests/Security/SMimeEncryptorTest.php
Lines changed: 80 additions & 0 deletions b/‎src/Symfony/Component/Mime/Tests/Security/SMimeEncryptorTest.php
Lines changed: 80 additions & 0 deletions
@@ -30,6 +30,10 @@ final class MessageConverter
      */
     public static function toEmail(RawMessage $message): Email
     {
+        if ($message instanceof WrappedMessage) {
+            $message = $message->getOriginalMessage();
+        }
+
         if ($message instanceof Email) {
             return $message;
         }
 
@@ -18,7 +18,7 @@
  */
 class RawMessage implements \Serializable
 {
-    private $message;
+    protected $message;
 
     /**
      * @param iterable|string $message
 
@@ -0,0 +1,69 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Mime\Security;
+
+use Symfony\Component\Filesystem\Filesystem;
+use Symfony\Component\Mime\Exception\RuntimeException;
+
+/**
+ * @author Sebastiaan Stok <s.stok@rollerscapes.net>
+ *
+ * @experimental in 4.3
+ */
+abstract class SMime
+{
+    protected $filesystem;
+
+    protected function normalizeFilePath(string $path): string
+    {
+        if (!file_exists($path)) {
+            throw new RuntimeException(sprintf('File does not exist: %s', $path));
+        }
+
+        return 'file://'.str_replace('\\', '/', realpath($path));
+    }
+
+    protected function generateTmpFilename(): string
+    {
+        if (null === $this->filesystem) {
+            if (!class_exists(Filesystem::class)) {
+                throw new \Exception('In order to use the S/MIME functionality, the symfony/filesystem component must be installed');
+            }
+
+            $this->filesystem = new Filesystem();
+        }
+
+        return $this->filesystem->tempnam(sys_get_temp_dir(), 'smime');
+    }
+
+    protected function iteratorToFile(iterable $iterator, string $bufferFile): void
+    {
+        $f = fopen($bufferFile, 'wb');
+
+        foreach ($iterator as $chunk) {
+            fwrite($f, $chunk);
+        }
+
+        fclose($f);
+    }
+
+    protected function fileToIterator(string $bufferFile): iterable
+    {
+        $stream = fopen($bufferFile, 'rb');
+
+        while (!feof($stream)) {
+            yield fread($stream, 16372);
+        }
+
+        fclose($stream);
+    }
+}
@@ -0,0 +1,55 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Mime\Security;
+
+use Symfony\Component\Mime\Exception\RuntimeException;
+use Symfony\Component\Mime\Message;
+use Symfony\Component\Mime\WrappedMessage;
+
+/**
+ * @author Sebastiaan Stok <s.stok@rollerscapes.net>
+ *
+ * @experimental in 4.3
+ */
+final class SMimeEncrypter extends SMime
+{
+    private $certs;
+    private $cipher;
+
+    /**
+     * @param string|string[] $certificate Either a lone X.509 certificate, or an array of X.509 certificates
+     */
+    public function __construct($certificate, int $cipher = OPENSSL_CIPHER_AES_256_CBC)
+    {
+        if (\is_array($certificate)) {
+            $this->certs = array_map([$this, 'normalizeFilePath'], $certificate);
+        } else {
+            $this->certs = $this->normalizeFilePath($certificate);
+        }
+
+        $this->cipher = $cipher;
+    }
+
+    public function encryptMessage(Message $message): WrappedMessage
+    {
+        $bufferFile = $this->generateTmpFilename();
+        $outputFile = $this->generateTmpFilename();
+
+        $this->iteratorToFile($message->toIterable(), $bufferFile);
+
+        if (!@openssl_pkcs7_encrypt($bufferFile, $outputFile, $this->certs, [], 0, $this->cipher)) {
+            throw new RuntimeException(sprintf('Failed to encrypt S/Mime message. Error: "%s".', openssl_error_string()));
+        }
+
+        return new WrappedMessage($message, $this->fileToIterator($outputFile));
+    }
+}
@@ -0,0 +1,72 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Mime\Security;
+
+use Symfony\Component\Mime\Exception\RuntimeException;
+use Symfony\Component\Mime\Message;
+use Symfony\Component\Mime\WrappedMessage;
+
+/**
+ * @author Sebastiaan Stok <s.stok@rollerscapes.net>
+ *
+ * @experimental in 4.3
+ */
+final class SMimeSigner extends SMime
+{
+    private $signCertificate;
+    private $signPrivateKey;
+    private $signOptions;
+    private $extraCerts;
+
+    /**
+     * @var string|null
+     */
+    private $privateKeyPassphrase;
+
+    /**
+     * @see https://secure.php.net/manual/en/openssl.pkcs7.flags.php
+     *
+     * @param string      $certificate
+     * @param string      $privateKey           A file containing the private key (in PEM format)
+     * @param string|null $privateKeyPassphrase A passphrase of the private key (if any)
+     * @param string      $extraCerts           A file containing intermediate certificates (in PEM format) needed by the signing certificate
+     * @param int         $signOptions          Bitwise operator options for openssl_pkcs7_sign()
+     */
+    public function __construct(string $certificate, string $privateKey, ?string $privateKeyPassphrase = null, ?string $extraCerts = null, int $signOptions = PKCS7_DETACHED)
+    {
+        $this->signCertificate = $this->normalizeFilePath($certificate);
+
+        if (null !== $privateKeyPassphrase) {
+            $this->signPrivateKey = [$this->normalizeFilePath($privateKey), $privateKeyPassphrase];
+        } else {
+            $this->signPrivateKey = $this->normalizeFilePath($privateKey);
+        }
+
+        $this->signOptions = $signOptions;
+        $this->extraCerts = $extraCerts ? realpath($extraCerts) : null;
+        $this->privateKeyPassphrase = $privateKeyPassphrase;
+    }
+
+    public function signMessage(Message $message): WrappedMessage
+    {
+        $bufferFile = $this->generateTmpFilename();
+        $outputFile = $this->generateTmpFilename();
+
+        $this->iteratorToFile($message->toIterable(), $bufferFile);
+
+        if (!@openssl_pkcs7_sign($bufferFile, $outputFile, $this->signCertificate, $this->signPrivateKey, [], $this->signOptions, $this->extraCerts)) {
+            throw new RuntimeException(sprintf('Failed to sign S/Mime message. Error: "%s".', openssl_error_string()));
+        }
+
+        return new WrappedMessage($message, $this->fileToIterator($outputFile));
+    }
+}
@@ -0,0 +1,80 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Mime\Tests\Security;
+
+use Symfony\Component\Mime\Email;
+use Symfony\Component\Mime\Security\SMimeEncrypter;
+use Symfony\Component\Mime\WrappedMessage;
+
+class SMimeEncryptorTest extends SMimeTestCase
+{
+    public function testEncryptMessage()
+    {
+        $message = (new Email())
+            ->date(new \DateTime('2019-04-07 10:36:30', new \DateTimeZone('Europe/Paris')))
+            ->to('fabien@symfony.com')
+            ->subject('Testing')
+            ->from('noreply@example.com')
+            ->text('El Barto was not here');
+
+        $message->getHeaders()->addIdHeader('Message-ID', 'some@id');
+
+        $encrypter = new SMimeEncrypter($this->samplesDir.'encrypt.crt');
+        $signedMessage = $encrypter->encryptMessage($message);
+
+        $this->assertMessageIsEncryptedProperly($signedMessage);
+    }
+
+    public function testEncryptMessageWithMultipleCerts()
+    {
+        $message = (new Email())
+            ->date(new \DateTime('2019-04-07 10:36:30', new \DateTimeZone('Europe/Paris')))
+            ->to('fabien@symfony.com')
+            ->subject('Testing')
+            ->from('noreply@example.com')
+            ->text('El Barto was not here');
+
+        $message2 = (new Email())
+            ->date(new \DateTime('2019-04-07 10:36:30', new \DateTimeZone('Europe/Paris')))
+            ->to('luna@symfony.com')
+            ->subject('Testing')
+            ->from('noreply@example.com')
+            ->text('El Barto was not here');
+
+        $message->getHeaders()->addIdHeader('Message-ID', 'some@id');
+        $message2->getHeaders()->addIdHeader('Message-ID', 'some@id2');
+
+        $encrypter = new SMimeEncrypter(['fabien@symfony.com' => $this->samplesDir.'encrypt.crt', 'luna@symfony.com' => $this->samplesDir.'encrypt2.crt']);
+
+        $this->assertMessageIsEncryptedProperly($encrypter->encryptMessage($message));
+        $this->assertMessageIsEncryptedProperly($encrypter->encryptMessage($message2));
+    }
+
+    private function assertMessageIsEncryptedProperly(WrappedMessage $message): void
+    {
+        $messageFile = $this->normalizeFilePath($this->generateTmpFilename());
+        file_put_contents($messageFile, $message->toString());
+
+        $outputFile = $this->normalizeFilePath($this->generateTmpFilename());
+
+        $this->assertTrue(
+            openssl_pkcs7_decrypt(
+                $messageFile,
+                $outputFile,
+                'file://'.$this->samplesDir.'encrypt.crt',
+                'file://'.$this->samplesDir.'encrypt.key'
+            ),
+            sprintf('Decryption of the message failed. Internal error "%s".', openssl_error_string())
+        );
+        $this->assertEquals($message->getOriginalMessage()->toString(), file_get_contents($outputFile));
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,10 @@ final class MessageConverter`
`30`	`30`	`*/`
`31`	`31`	`public static function toEmail(RawMessage $message): Email`
`32`	`32`	`{`
	`33`	`+ if ($message instanceof WrappedMessage) {`
	`34`	`+ $message = $message->getOriginalMessage();`
	`35`	`+ }`
	`36`	`+`
`33`	`37`	`if ($message instanceof Email) {`
`34`	`38`	`return $message;`
`35`	`39`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@`
`18`	`18`	`*/`
`19`	`19`	`class RawMessage implements \Serializable`
`20`	`20`	`{`
`21`		`- private $message;`
	`21`	`+ protected $message;`
`22`	`22`
`23`	`23`	`/**`
`24`	`24`	`* @param iterable\|string $message`