chg: dev: Made signing optional for SMIME.

- If no signing key is found / setting is not set, it will just encrypt
2016-04-26 17:47:04 +02:00 · 2016-04-26 17:47:04 +02:00 · f01185c416
parent 8db889ce7e
commit f01185c416
1 changed files with 22 additions and 17 deletions
--- a/app/Model/User.php
+++ b/app/Model/User.php
@ -772,27 +772,32 @@ class User extends AppModel {
 			$fp = fopen($msg, "w");
 			fwrite($fp, $body);
 			fclose($fp);
-			$signed = tempnam($dir, 'SMIME');
 			
-			// sign it
-			if (!is_readable(Configure::read('SMIME.cert_public_sign'))) throw new NotFoundException('SMIME.cert_public_sign - file not found. Expected location based on setting: ' . Configure::read('SMIME.cert_public_sign'));
-			if (!is_readable(Configure::read('SMIME.key_sign'))) throw new NotFoundException('SMIME.cert_public_sign - file not found. Expected location based on setting: ' . Configure::read('SMIME.key_sign'));
-			if (openssl_pkcs7_sign($msg, $signed, 'file://'.Configure::read('SMIME.cert_public_sign'), array('file://'.Configure::read('SMIME.key_sign'), Configure::read('SMIME.password')), array(), PKCS7_TEXT)){
-				$fp = fopen($signed, "r");
-				$bodySigned = fread($fp, filesize($signed));
+			$canSign = true;
+			if (!empty(Configure::read('SMIME.cert_public_sign')) && !is_readable(Configure::read('SMIME.cert_public_sign'))) $canSign = false;
+			if (!empty(Configure::read('SMIME.key_sign')) && !is_readable(Configure::read('SMIME.key_sign'))) $canSign = false;
+			if ($canSign) {
+				$signed = tempnam($dir, 'SMIME');
+				if (openssl_pkcs7_sign($msg, $signed, 'file://'.Configure::read('SMIME.cert_public_sign'), array('file://'.Configure::read('SMIME.key_sign'), Configure::read('SMIME.password')), array(), PKCS7_TEXT)){
+					$fp = fopen($signed, "r");
+					$bodySigned = fread($fp, filesize($signed));
+					fclose($fp);
+					unlink($msg);
+					unlink($signed);
+				} else {
+					unlink($msg);
+					unlink($signed);
+					throw new Exception('Failed while attempting to sign the SMIME message.');
+				}
+				// save message to file
+				$msg_signed = tempnam($dir, 'SMIME');
+				$fp = fopen($msg_signed, "w");
+				fwrite($fp, $bodySigned);
 				fclose($fp);
-				unlink($msg);
-				unlink($signed);
 			} else {
-				unlink($msg);
-				unlink($signed);
-				throw new Exception('Could not sign the SMIME message.');
+				$bodySigned = $body;
+				$msg_signed = $msg;
 			}
-			// save message to file
-			$msg_signed = tempnam($dir, 'SMIME');
-			$fp = fopen($msg_signed, "w");
-			fwrite($fp, $bodySigned);
-			fclose($fp);
 			$msg_signed_encrypted = tempnam($dir, 'SMIME');
 			$headers_smime = array("To" => $user['User']['email'], "From" => Configure::read('MISP.email'), "Subject" => $subject);
 			// encrypt it