使用PHP发送加密的电子邮件S/MIME [英] Sending Encrypted Email S/MIME with PHP

问题描述

我一直在网上寻找很多东西，但没有找到答案，是否可以使用PHP发送加密的电子邮件S/MIME?如果是，怎么办? (即使用cakephp 2.x)

I have been looking a lot online but I didn't find an answer, is it possible to send encrypted emails S/MIME using PHP? if it is, how? (im using cakephp 2.x)

非常感谢您

推荐答案

我设法使用PHPMailer找到了解决方案，它也适用于常规PHP.它将对电子邮件进行签名和加密，我找不到仅使用PHPMailer进行签名和签名的方法，因此我在class.phpmailer.php中添加了一些代码.在出现加密错误的情况下，仍然需要添加一些错误处理，但是到目前为止效果很好.

I managed to find a solution to this using PHPMailer, It applies to regular PHP as well. It will sign and encrypt the email, I couldn't find a way to do both with PHPMailer (sign and encrypt) only sign so I added some code to class.phpmailer.php. It stills need to add some error handling in case of an encryption error but so far works good.

对于CakePHP 2.x:

for CakePHP 2.x:

下载PHPMailer并将其添加到您的Vendors文件夹(project_name/app/vendor)

Download PHPMailer and add it to your Vendors folder (project_name/app/vendor)

在函数的开头添加以下行:

Add this line at the beginning of your function:

App::import('Vendor','PHPMailer/PHPMailerAutoload');

从这里开始，对于PHP或CakePHP都是相同的:

From here its the same for PHP or CakePHP:

 $mail = new PHPMailer(); 
 $mail->setFrom('from_who@email', 'Intranet');
 //Set who the message is to be sent to 
 $mail->addAddress('to_who@email', 'Ricardo V'); 
 //Set the subject line 
 $mail->Subject = 'PHPMailer signing test';
 //Replace the plain text body with one created manually 
 $mail->Body = "some encrypted text...";
 //Attach an image file 
 $mail->addAttachment('D:/path_to_file/test.pdf'); 
 $mail->sign( 
     'app/webroot/cert/cert.crt', //The location of your certificate file 
     'app/webroot/cert/private.key', //The location of your private key
 file 
     'password', //The password you protected your private key with (not 
    //the Import Password! may be empty but parameter must not be omitted!) 
     'app/webroot/cert/certchain.pem', //the certificate chain.
     '1', //Encrypt the email as well, (1 = encrypt, 0 = dont encrypt)
     'app/webroot/cert/rvarilias.crt'//The location of public certificate 
   //to encrypt the email with.
 ); 
 if (!$mail->send()) { 
     echo "Mailer Error: " . $mail->ErrorInfo; 
 } else { 
     echo "Message sent!"; 
 } 

然后我们需要对class.phpmailer.php进行一些更改

Then we need to make some changes to class.phpmailer.php

将行从2368替换为2390:

replace the lines from 2368 to 2390 with:

$sign = @openssl_pkcs7_sign(
                    $file,
                    $signed,
                    'file://' . realpath($this->sign_cert_file),
                    array('file://' . realpath($this->sign_key_file), 
$this->sign_key_pass),
                    null,
                    PKCS7_DETACHED,
                    $this->sign_extracerts_file
                );
                if ($this->encrypt_file == 1) {
                    $encrypted = tempnam(sys_get_temp_dir(), 'encrypted');
                    $encrypt = @openssl_pkcs7_encrypt(
                    $signed,
                    $encrypted,
                    file_get_contents($this->encrypt_cert_file),
                    null,
                    0,
                    1
                );
                if ($encrypted) {
                    @unlink($file);
                    $body = file_get_contents($encrypted);
                    @unlink($signed);
                    @unlink($encrypted);
                    //The message returned by openssl contains both headers
and body, so need to split them up
                    $parts = explode("\n\n", $body, 2);
                    $this->MIMEHeader .= $parts[0] . $this->LE . $this->LE;
                    $body = $parts[1];
                } else {
                    @unlink($file);
                    @unlink($signed);
                    @unlink($encrypted);
                    throw new phpmailerException($this->lang('signing') .
openssl_error_string());
                }
                } else {

                if ($signed) {
                    @unlink($file);
                    $body = file_get_contents($signed);
                    @unlink($signed);
                    //The message returned by openssl contains both headers
 and body, so need to split them up
                    $parts = explode("\n\n", $body, 2);
                    $this->MIMEHeader .= $parts[0] . $this->LE . $this->LE;
                    $body = $parts[1];
            } else {
                    @unlink($file);
                    @unlink($signed);
                    throw new phpmailerException($this->lang('signing') .  
 openssl_error_string());
            }

                   } 

            }

然后寻找:

public function sign($cert_filename, $key_filename, $key_pass,   
$extracerts_filename = '')
{
    $this->sign_cert_file = $cert_filename;
    $this->sign_key_file = $key_filename;
    $this->sign_key_pass = $key_pass;
    $this->sign_extracerts_file = $extracerts_filename;
}

并将其更改为:

public function sign($cert_filename, $key_filename, $key_pass,
$extracerts_filename = '', $and_encrypt ='0', $encrypt_cert = '')
    {
        $this->sign_cert_file = $cert_filename;
        $this->sign_key_file = $key_filename;
        $this->sign_key_pass = $key_pass;
        $this->sign_extracerts_file = $extracerts_filename;
        $this->encrypt_file = $and_encrypt;
        $this->encrypt_cert_file = $encrypt_cert;
    }

寻找:

protected $sign_extracerts_file = '';

并在其后添加以下行:

protected $encrypt_cert = '';
protected $and_encrypt = '';

通过对phpmailer进行的这些更改，您可以发送已签名的电子邮件或已签名和加密的电子邮件.它也可以与附件一起使用.

With these changes to phpmailer you can send a signed email or a signed and encrypted email. It works with attachments too.

我希望这对某人有帮助.

I hope it is help ful to somebody.

*对于常规php，请不要添加以下行:

*for regular php just don't add the line:

App::import('Vendor','PHPMailer/PHPMailerAutoload');

这篇关于使用PHP发送加密的电子邮件S/MIME的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！