S/MIME email encryption/signing using Zend_Mail

Recently I wrote a class for ZF that one can use as a convenient tool for signing and/or encrypting email documents. The tricky thing was that MS Outlook Express did not want to treat it as Signed and Encrypted message unless you add “\n” to the end of the message , that was hard to find and I had to only experiment as there are almost no good sources in the Internet about this problem. The issue is reported here: https://ua.php.net/manual/en/function.op … .php#36038
except that instead of beginning of a message I should have placed it at the end. Here is the example usage of the class:

 
<?php
 
ini_set('include_path',ini_get('include_path').PATH_SEPARATOR.realpath('./'));
 
require_once('Zend/Loader/Autoloader.php');
 
$loader = Zend_Loader_Autoloader::getInstance();
 
$mail = new Zend_Mail();
$text = <<<EOD
<html>
    <body>
        <table>
            <tr>
                <td>Column1</td>
                <td>Column2</td>
            </tr>
            <tr>
                <td>Column1</td>
                <td>Column2</td>
            </tr>
        </table>
    </body>
</html>
EOD;
$mail->setBodyHtml($text);
$mail->setFrom('some@email.com', 'Anyone');
$mail->addTo('some@email.com', 'Anyone');
$mail->setSubject('Test Subject');
$mail->createAttachment(file_get_contents('attachment.zip'),
    Zend_Mime::TYPE_OCTETSTREAM,Zend_Mime::DISPOSITION_ATTACHMENT,
    Zend_Mime::ENCODING_BASE64,'globalsign_pk.pem');
 
$signature = new Zend_Mail_Encryption_SMIME('globalsign_pk.pem','q1w2e3r4t5y6');
$encryption = new Zend_Mail_Encryption_SMIME('globalsign_pk.pem','q1w2e3r4t5y6');
$mail->setSignature($signature);
$mail->setEncryption($encryption);
 
$mail->send();

Tested ok with attachments, html email, in MS Outlook and Mozilla Thunderbird. Attached is the Zend_Mail_Encryption_SMIME class + patches for Zend_Mail and Zend_Mail_Transport_Abstract classes as well as the classes modified.

  • Markus Warg

    It is quite easy to extend the patch to allow multiple encryption recipients. The PHP encryption function already supports multiple recipients, you just need to add Zend_Mail_Encryption_SMIME->addEntryption, modify the encryption attibute in Zend_Mail_Encryption_SMIME into an array and change the way the encryption is started.

  • Patrick Nelson

    See the `wp-pgp-encrypted-emails` module built by `meitar` as well. While PGP is in the name, they also implemented S/MIME encryption. The WP_SMIME::encrypt(…) method contains a more raw implementation that could be useful for others to reference.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.