python_signed_mail/functions/create_encrypted_signed_email.py

# pip install python-smail cryptography asn1crypto ldap
from email.mime.text import MIMEText
from email.utils import formatdate

from smail import sign_and_encrypt_message  # type: ignore

from functions.load_p12_smime import load_p12_smime
from functions.get_certificate_ldap import get_certificate_ldap


def create_encrypted_signed_email(
    recipient_email: str, subject: str, body: str, config_dict: dict
):

    target_certificate = get_certificate_ldap(
        recipient_email=recipient_email, config_dict=config_dict
    )

    if target_certificate is None:
        return None

    private_key, certificate = load_p12_smime(config_dict=config_dict)

    message = MIMEText(body)
    message["Date"] = formatdate(localtime=True)
    message["From"] = config_dict["sender_email"]
    message["To"] = recipient_email
    message["Subject"] = subject

    encrypted_signed_message = sign_and_encrypt_message(
        message,
        key_signer=private_key,
        cert_signer=certificate,
        certs_recipients=[target_certificate],
    )

    return encrypted_signed_message