v1.3.4

Author: tiamo

composer.json

@@ -1,7 +1,7 @@
 {
   "name": "tiamo/phpas2",
   "description": "PHPAS2 is a php-based implementation of the EDIINT AS2 standard",
-  "version": "1.3.3",
+  "version": "1.3.4",
   "authors": [
     {
       "name": "Vladyslav K",

src/CryptoHelper.php

@@ -40,20 +40,20 @@ public static function calculateMIC($payload, $algo = 'sha256', $includeHeaders
      * Sign data which contains mime headers
      *
      * @param string|MimePart $data
-     * @param string $cert
-     * @param string $key
+     * @param string|resource $cert
+     * @param string|resource $privateKey
      * @param array $headers
      * @param array $micAlgo
      * @return MimePart
      * @throws \RuntimeException
      */
-    public static function sign($data, $cert, $key = null, $headers = [], $micAlgo = null)
+    public static function sign($data, $cert, $privateKey = null, $headers = [], $micAlgo = null)
     {
         if ($data instanceof MimePart) {
             $data = self::getTempFilename($data->toString());
         }
         $temp = self::getTempFilename();
-        if (! openssl_pkcs7_sign($data, $temp, $cert, $key, $headers, PKCS7_DETACHED)) {
+        if (! openssl_pkcs7_sign($data, $temp, $cert, $privateKey, $headers, PKCS7_DETACHED)) {
             throw new \RuntimeException(
                 sprintf('Failed to sign S/Mime message. Error: "%s".', openssl_error_string())
             );
@@ -67,6 +67,7 @@ public static function sign($data, $cert, $key = null, $headers = [], $micAlgo =
         if ($micAlgo) {
             $contentType = preg_replace('/micalg=(.+);/i', 'micalg="' . $micAlgo . '";', $contentType);
         }
+
         /** @var MimePart $payload */
         $payload = $payload->withHeader('Content-Type', $contentType);
         foreach ($payload->getParts() as $key => $part) {
@@ -131,9 +132,11 @@ public static function encrypt($data, $cert, $cipher = OPENSSL_CIPHER_3DES)
         if ($data instanceof MimePart) {
             $data = self::getTempFilename((string) $data);
         }
+
         if (is_string($cipher) && defined('OPENSSL_CIPHER_' . strtoupper($cipher))) {
             $cipher = constant('OPENSSL_CIPHER_' . strtoupper($cipher));
         }
+
         $temp = self::getTempFilename();
         if (! openssl_pkcs7_encrypt($data, $temp, (array) $cert, [], PKCS7_BINARY, $cipher)) {
             throw new \RuntimeException(
@@ -156,6 +159,7 @@ public static function decrypt($data, $cert, $key = null)
         if ($data instanceof MimePart) {
             $data = self::getTempFilename((string) $data);
         }
+
         $temp = self::getTempFilename();
         if (! openssl_pkcs7_decrypt($data, $temp, $cert, $key)) {
             throw new \RuntimeException(
@@ -218,8 +222,10 @@ public static function compress($data, $encoding = MimePart::ENCODING_BASE64)
     public static function decompress($data, $encoding = MimePart::ENCODING_BASE64)
     {
         if ($data instanceof MimePart) {
-            // $encoding = $data->getHeaderLine('Content-Transfer-Encoding');
             $encoding = $data->getHeaderLine('Content-Encoding');
+            if (empty($encoding)) {
+                $encoding = $data->getHeaderLine('Content-Transfer-Encoding');
+            }
             $data = $data->getBody();
         }
 

src/Management.php

@@ -10,6 +10,7 @@
 class Management implements LoggerAwareInterface
 {
     const AS2_VERSION = '1.2';
+    const EDIINT_FEATURES = 'CEM'; // multiple-attachments,
     const USER_AGENT = 'PHPAS2';
 
     /**
@@ -48,8 +49,12 @@ public function __construct($options = [])
      * @return MimePart
      * @throws \Exception
      */
-    public function buildMessageFromFile(MessageInterface $message, $filePath, $contentType = null, $encoding = 'binary')
-    {
+    public function buildMessageFromFile(
+        MessageInterface $message,
+        $filePath,
+        $contentType = null,
+        $encoding = 'binary'
+    ) {
         if (! $contentType) {
             $contentType = $message->getReceiver()->getContentType();
         }
@@ -98,8 +103,8 @@ public function buildMessage(MessageInterface $message, $payload)
             'AS2-To' => $receiver->getAs2Id(),
             'Subject' => $receiver->getSubject() ? $receiver->getSubject() : 'AS2 Message',
             'Date' => date('r'),
-            'Recipient-Address' => $receiver->getTargetUrl(),
-            'Ediint-Features' => 'CEM',
+            // 'Recipient-Address' => $receiver->getTargetUrl(),
+            'Ediint-Features' => self::EDIINT_FEATURES,
         ];
 
         if (! ($payload instanceof MimePart)) {
@@ -148,13 +153,15 @@ public function buildMessage(MessageInterface $message, $payload)
         }
 
         //  If MDN is to be requested from the partner, set the appropriate headers
-        if ($receiver->getMdnMode()) {
+        if ($mdnMode = $receiver->getMdnMode()) {
 
-            $as2headers['Disposition-Notification-To'] = $sender->getTargetUrl();
-            $as2headers['Disposition-Notification-Options'] = $receiver->getMdnOptions();
+            $as2headers['Disposition-Notification-To'] = $sender->getEmail();
+            if ($mdnOptions = $receiver->getMdnOptions()) {
+                $as2headers['Disposition-Notification-Options'] = $mdnOptions;
+            }
 
             // PARTNER IS ASYNC MDN
-            if ($receiver->getMdnMode() == PartnerInterface::MDN_MODE_ASYNC) {
+            if ($mdnMode == PartnerInterface::MDN_MODE_ASYNC) {
                 $message->setMdnMode(PartnerInterface::MDN_MODE_ASYNC);
                 $as2headers['Receipt-Delivery-Option'] = $sender->getTargetUrl();
             } else {
@@ -174,7 +181,7 @@ public function buildMessage(MessageInterface $message, $payload)
 
         $message->setHeaders($as2Message->getHeaderLines());
 
-        $this->getLogger()->debug('AS2 message has been built successfully, sending it to the partner');
+        $this->getLogger()->debug('AS2 message has been built successfully');
 
         return $as2Message;
     }
@@ -207,7 +214,7 @@ public function setLogger(LoggerInterface $logger)
      * Takes the message as argument and posts the as2 message to the partner.
      *
      * @param MessageInterface $message
-     * @param MimePart|string $payload
+     * @param MimePart $payload
      * @return \Psr\Http\Message\ResponseInterface|false
      * @throws \GuzzleHttp\Exception\GuzzleException
      */
@@ -223,7 +230,7 @@ public function sendMessage(MessageInterface $message, $payload)
             $options = [
                 'headers' => $payload->getHeaders(),
                 'body' => $payload->getBody(),
-                //                'cert' => '' // TODO: partner https cert ?
+                //  'cert' => '' // TODO: partner https cert ?
             ];
 
             if ($partner->getAuthMethod()) {
@@ -249,6 +256,7 @@ public function sendMessage(MessageInterface $message, $payload)
 
                     $body = $response->getBody()->getContents();
                     $payload = new MimePart($response->getHeaders(), $body);
+                    $response->getBody()->rewind();
 
                     $this->processMdn($message, $payload);
                 }
@@ -330,15 +338,13 @@ public function processMdn(MessageInterface $message, $payload)
                 $this->getLogger()->debug('Found MDN report for message', [$messageId]);
                 try {
                     $bodyPayload = MimePart::fromString($part->getBody());
-
                     if ($bodyPayload->hasHeader('disposition')) {
                         $mdnStatus = $bodyPayload->getParsedHeader('Disposition', 0, 1);
                         if ($mdnStatus == 'processed') {
                             $this->getLogger()->debug('Message has been successfully processed, verifying the MIC if present.');
                             // Compare the MIC of the received message
                             $receivedMic = $bodyPayload->getHeaderLine('Received-Content-MIC');
                             if ($receivedMic && $message->getMic()) {
-
                                 if (Utils::normalizeMic($message->getMic()) != Utils::normalizeMic($receivedMic)) {
                                     throw new \Exception(
                                         sprintf('The Message Integrity Code (MIC) does not match the sent AS2 message (required: %s, returned: %s)',
@@ -372,7 +378,7 @@ public function processMdn(MessageInterface $message, $payload)
      *
      * @param MessageInterface $message
      * @param string $confirmationText
-     * @param string $errorMessage
+     * @param string $errorMessage // TODO: detailedStatus
      * @return MimePart
      * @throws \InvalidArgumentException
      */
@@ -397,36 +403,40 @@ public function buildMdn(MessageInterface $message, $confirmationText = null, $e
 
         // Parse Message Headers
         $messageHeaders = MimePart::fromString($message->getHeaders());
-        $notificationOptions = $messageHeaders->hasHeader('disposition-notification-options');
+        $isSigned = $messageHeaders->hasHeader('disposition-notification-options');
 
         // TODO: parse (signed-receipt-protocol, signed-receipt-micalg)
         // $notificationOptions = Utils::parseHeader($notificationOptions);
 
-        $headers = [
+        // Set up the message headers
+        $mdnHeaders = [
             'Message-ID' => '<' . Utils::generateMessageID($receiver) . '>',
             'Date' => date('r'),
-            'Ediint-Features' => 'CEM', // multiple-attachments, CEM
             'AS2-From' => $receiver->getAs2Id(),
             'AS2-To' => $sender->getAs2Id(),
             'AS2-Version' => self::AS2_VERSION,
             'User-Agent' => self::USER_AGENT,
-            'Connection' => 'close',
+            'Ediint-Features' => self::EDIINT_FEATURES,
+            // 'Connection' => 'close',
         ];
 
-        if (! $notificationOptions) {
+        // TODO: refactory
+        if (! $isSigned) {
             $reportHeaders['Mime-Version'] = '1.0';
-            $reportHeaders += $headers;
+            $reportHeaders += $mdnHeaders;
         }
 
+        // TODO: partner.mdn_confirm_text
         if (empty($confirmationText)) {
-            $confirmationText = 'The AS2 message has been received';
+            $confirmationText = 'Your message was successfully received and processed.';
         }
 
-        // Build the text message with confirmation text and add to report
         $report = new MimePart($reportHeaders);
+
+        // Build the text message with confirmation text and add to report
         $report->addPart(new MimePart([
             'Content-Type' => 'text/plain',
-            'Content-Transfer-Encoding' => '7bit',
+            'Content-Transfer-Encoding' => '7bit', // TODO: check 8bit
         ], $confirmationText));
 
         // Build the MDN message and add to report
@@ -437,20 +447,25 @@ public function buildMdn(MessageInterface $message, $confirmationText = null, $e
             'Original-Message-ID' => '<' . $message->getMessageId() . '>',
             'Disposition' => 'automatic-action/MDN-sent-automatically; processed' . ($errorMessage ? '/error: ' . $errorMessage : ''),
         ];
+
         if ($mic = $message->getMic()) {
             $mdnData['Received-Content-MIC'] = $mic;
         }
+
         $report->addPart(new MimePart([
             'Content-Type' => 'message/disposition-notification',
             'Content-Transfer-Encoding' => '7bit',
         ], Utils::normalizeHeaders($mdnData)));
 
         // If signed MDN is requested by partner then sign the MDN and attach to report
-        if ($notificationOptions) {
+        if ($isSigned) {
             $this->getLogger()->debug('Outbound MDN has been signed.');
-            $x509 = openssl_x509_read($receiver->getCertificate());
-            $key = openssl_get_privatekey($receiver->getPrivateKey(), $receiver->getPrivateKeyPassPhrase());
-            $report = CryptoHelper::sign($report, $x509, $key, $headers);
+            // $x509 = openssl_x509_read($receiver->getCertificate());
+            // $key = openssl_get_privatekey($receiver->getPrivateKey(), $receiver->getPrivateKeyPassPhrase());
+            $report = CryptoHelper::sign($report, $receiver->getCertificate(), [
+                $receiver->getPrivateKey(),
+                $receiver->getPrivateKeyPassPhrase(),
+            ], $mdnHeaders);
         }
 
         $this->getLogger()->debug(sprintf('Outbound MDN created for AS2 message "%s".', $messageId));
@@ -464,6 +479,7 @@ public function buildMdn(MessageInterface $message, $confirmationText = null, $e
             $message->setMdnStatus(MessageInterface::MDN_STATUS_SENT);
         }
 
+        // TODO: before sign ?
         $message->setMdnPayload($report->toString());
 
         return $report;

src/MimePart.php

@@ -39,6 +39,7 @@ class MimePart implements \Psr\Http\Message\MessageInterface
 
     /**
      * MimePart constructor.
+     *
      * @param array $headers
      * @param null $body
      */

src/Server.php

@@ -89,7 +89,10 @@ public function execute(ServerRequestInterface $request = null)
 
             $encoding = $request->getHeaderLine('content-transfer-encoding');
             if (! $encoding) {
-                $encoding = $sender->getContentTransferEncoding();
+                $encoding = $request->getHeaderLine('content-encoding');
+                if (! $encoding) {
+                    $encoding = $sender->getContentTransferEncoding();
+                }
             }
             // Force encode binary data to base64, because openssl_pkcs7 doesn't work with binary data
             if ($encoding != 'base64') {
@@ -114,11 +117,14 @@ public function execute(ServerRequestInterface $request = null)
 
             $micalg = $payload->getParsedHeader('Disposition-Notification-Options', 2, 0);
 
-
             // Check if payload is encrypted and if so decrypt it
             if ($payload->isEncrypted()) {
                 $this->getLogger()->debug('Inbound AS2 message is encrypted.');
-                $payload = CryptoHelper::decrypt($payload, $receiver->getCertificate(), $receiver->getPrivateKey());
+                // TODO: check passKey
+                $payload = CryptoHelper::decrypt($payload, $receiver->getCertificate(), [
+                    $receiver->getPrivateKey(),
+                    $receiver->getPrivateKeyPassPhrase(),
+                ]);
                 $this->getLogger()->debug('The inbound AS2 message data has been decrypted.');
                 $message->setEncrypted();
             }
@@ -186,7 +192,6 @@ public function execute(ServerRequestInterface $request = null)
                 $this->storage->saveMessage($message);
                 $responseBody = 'AS2 ASYNC MDN has been received';
             } else {
-
                 $message->setPayload((string) $payload);
                 $message->setStatus(MessageInterface::STATUS_SUCCESS);
                 // $this->manager->processMessage($message, $payload);
@@ -201,6 +206,7 @@ public function execute(ServerRequestInterface $request = null)
                         $responseHeaders = $mdn->getHeaders();
                         $responseBody = $mdn->getBody();
                     } else {
+                        // TODO: cron, queue, new thread
                         $this->getLogger()->debug(sprintf('Asynchronous MDN sent as answer to message "%s".',
                             $messageId));
                         $this->manager->sendMdn($message);