Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
6006111bbc | ||
|
|
2561004fcd | ||
|
cea5b176fc | ||
|
|
a61fb279c3 | ||
|
|
7538c62edd | ||
|
|
741fec24a6 | ||
|
|
4531815ef2 | ||
|
|
46ec5079e8 | ||
|
|
02fbcbf7e6 | ||
|
|
6d9ed34224 | ||
|
|
de41f143e6 | ||
|
|
859efcbee3 | ||
|
|
15baf1db70 | ||
|
a87e6ac0c9 | ||
|
|
08ae2c57d1 | ||
|
|
cefaef242d | ||
|
|
6340379ffe | ||
|
|
bcc9c920a0 | ||
|
|
57ab2811c4 | ||
|
b260774147 | ||
|
|
a1fe3a6e58 | ||
|
ff4bd67e6b | ||
|
|
d37e91efda |
20
.travis.yml
20
.travis.yml
@@ -1,6 +1,18 @@
|
||||
language: php
|
||||
php:
|
||||
- "5.4"
|
||||
- "5.3"
|
||||
before_script:
|
||||
- composer install --prefer-source --dev
|
||||
- 5.3
|
||||
- 5.4
|
||||
- 5.5
|
||||
- 5.6
|
||||
- 7.0
|
||||
- hhvm
|
||||
# - nightly
|
||||
|
||||
env:
|
||||
- PHPSECLIB="2.0.0"
|
||||
- PHPSECLIB="2.0.1"
|
||||
- PHPSECLIB="2.0.2"
|
||||
- PHPSECLIB="2.0.3"
|
||||
- PHPSECLIB="2.0.4"
|
||||
|
||||
before_script: 'sed -i "s/\"phpseclib\/phpseclib\": \"[^\"]*/\"phpseclib\/phpseclib\": \"$PHPSECLIB/" composer.json && composer install --prefer-source --dev'
|
||||
|
||||
@@ -30,7 +30,8 @@ Users
|
||||
|
||||
OpenPGP.php is currently being used in the following projects:
|
||||
|
||||
* <http://drupal.org/project/openpgp>
|
||||
* <https://drupal.org/project/openpgp>
|
||||
* <https://wordpress.org/plugins/wp-pgp-encrypted-emails/>
|
||||
|
||||
Download
|
||||
--------
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
}
|
||||
],
|
||||
"require": {
|
||||
"phpseclib/phpseclib": "~0.3"
|
||||
"phpseclib/phpseclib": ">=2.0.0 <=2.0.4"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "~4.0"
|
||||
|
||||
@@ -7,8 +7,11 @@ require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
|
||||
$wkey = OpenPGP_Message::parse(file_get_contents('php://stdin'));
|
||||
$wkey = $wkey[0];
|
||||
|
||||
$string = "This\nis\na\ntest.";
|
||||
|
||||
/* Create a new literal data packet */
|
||||
$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));
|
||||
$data = new OpenPGP_LiteralDataPacket($string, array('format' => 'u', 'filename' => 'stuff.txt'));
|
||||
$data->normalize(true); // Clearsign-style normalization of the LiteralDataPacket
|
||||
|
||||
/* Create a signer from the key */
|
||||
$sign = new OpenPGP_Crypt_RSA($wkey);
|
||||
@@ -19,6 +22,9 @@ $m = $sign->sign($data);
|
||||
/* Generate clearsigned data */
|
||||
$packets = $m->signatures()[0];
|
||||
echo "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n";
|
||||
// Output normalised data. You could convert line endings here
|
||||
// without breaking the signature, but do not add any
|
||||
// trailing whitespace to lines.
|
||||
echo preg_replace("/^-/", "- -", $packets[0]->data)."\n";
|
||||
echo OpenPGP::enarmor($packets[1][0]->to_bytes(), "PGP SIGNATURE");
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
require_once dirname(__FILE__).'/../lib/openpgp.php';
|
||||
require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
|
||||
|
||||
$rsa = new Crypt_RSA();
|
||||
$rsa = new \phpseclib\Crypt\RSA();
|
||||
$k = $rsa->createKey(512);
|
||||
$rsa->loadKey($k['privatekey']);
|
||||
|
||||
@@ -11,8 +11,8 @@ $nkey = new OpenPGP_SecretKeyPacket(array(
|
||||
'n' => $rsa->modulus->toBytes(),
|
||||
'e' => $rsa->publicExponent->toBytes(),
|
||||
'd' => $rsa->exponent->toBytes(),
|
||||
'p' => $rsa->primes[1]->toBytes(),
|
||||
'q' => $rsa->primes[2]->toBytes(),
|
||||
'p' => $rsa->primes[2]->toBytes(),
|
||||
'q' => $rsa->primes[1]->toBytes(),
|
||||
'u' => $rsa->coefficients[2]->toBytes()
|
||||
));
|
||||
|
||||
@@ -21,4 +21,11 @@ $uid = new OpenPGP_UserIDPacket('Test <test@example.com>');
|
||||
$wkey = new OpenPGP_Crypt_RSA($nkey);
|
||||
$m = $wkey->sign_key_userid(array($nkey, $uid));
|
||||
|
||||
// Serialize private key
|
||||
print $m->to_bytes();
|
||||
|
||||
// Serialize public key message
|
||||
$pubm = clone($m);
|
||||
$pubm[0] = new OpenPGP_PublicKeyPacket($pubm[0]);
|
||||
|
||||
$public_bytes = $pubm->to_bytes();
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
* (RFC 4880).
|
||||
*
|
||||
* @package OpenPGP
|
||||
* @version 0.0.1
|
||||
* @version 0.3.0
|
||||
* @author Arto Bendiken <arto.bendiken@gmail.com>
|
||||
* @author Stephen Paul Weber <singpolyma@singpolyma.net>
|
||||
* @see http://github.com/bendiken/openpgp-php
|
||||
@@ -1327,15 +1327,32 @@ class OpenPGP_PublicKeyPacket extends OpenPGP_Packet {
|
||||
|
||||
function __construct($key=array(), $algorithm='RSA', $timestamp=NULL, $version=4) {
|
||||
parent::__construct();
|
||||
$this->key = $key;
|
||||
if(is_string($this->algorithm = $algorithm)) {
|
||||
$this->algorithm = array_search($this->algorithm, self::$algorithms);
|
||||
}
|
||||
$this->timestamp = $timestamp ? $timestamp : time();
|
||||
$this->version = $version;
|
||||
|
||||
if(count($this->key) > 0) {
|
||||
$this->key_id = substr($this->fingerprint(), -8);
|
||||
if($key instanceof OpenPGP_PublicKeyPacket) {
|
||||
$this->algorithm = $key->algorithm;
|
||||
$this->key = array();
|
||||
|
||||
// Restrict to only the fields we need
|
||||
foreach (self::$key_fields[$this->algorithm] as $field) {
|
||||
$this->key[$field] = $key->key[$field];
|
||||
}
|
||||
|
||||
$this->key_id = $key->key_id;
|
||||
$this->fingerprint = $key->fingerprint;
|
||||
$this->timestamp = $key->timestamp;
|
||||
$this->version = $key->version;
|
||||
$this->v3_days_of_validity = $key->v3_days_of_validity;
|
||||
} else {
|
||||
$this->key = $key;
|
||||
if(is_string($this->algorithm = $algorithm)) {
|
||||
$this->algorithm = array_search($this->algorithm, self::$algorithms);
|
||||
}
|
||||
$this->timestamp = $timestamp ? $timestamp : time();
|
||||
$this->version = $version;
|
||||
|
||||
if(count($this->key) > 0) {
|
||||
$this->key_id = substr($this->fingerprint(), -8);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1685,10 +1702,19 @@ class OpenPGP_LiteralDataPacket extends OpenPGP_Packet {
|
||||
$this->timestamp = isset($opt['timestamp']) ? $opt['timestamp'] : time();
|
||||
}
|
||||
|
||||
function normalize() {
|
||||
function normalize($clearsign=false) {
|
||||
if($clearsign && ($this->format != 'u' && $this->format != 't')) {
|
||||
$this->format = 'u'; // Clearsign must be text
|
||||
}
|
||||
|
||||
if($this->format == 'u' || $this->format == 't') { // Normalize line endings
|
||||
$this->data = str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", $this->data)));
|
||||
}
|
||||
|
||||
if($clearsign) {
|
||||
// When clearsigning, do not sign over trailing whitespace
|
||||
$this->data = preg_replace('/\s+\r/', "\r", $this->data);
|
||||
}
|
||||
}
|
||||
|
||||
function read() {
|
||||
|
||||
@@ -7,7 +7,11 @@
|
||||
*/
|
||||
|
||||
// From http://phpseclib.sourceforge.net/
|
||||
require_once 'Crypt/RSA.php';
|
||||
use phpseclib\Crypt\RSA as Crypt_RSA;
|
||||
use phpseclib\Math\BigInteger as Math_BigInteger;
|
||||
|
||||
define('CRYPT_RSA_ENCRYPTION_PKCS1', Crypt_RSA::ENCRYPTION_PKCS1);
|
||||
define('CRYPT_RSA_SIGNATURE_PKCS1', Crypt_RSA::SIGNATURE_PKCS1);
|
||||
|
||||
require_once dirname(__FILE__).'/openpgp.php';
|
||||
@include_once dirname(__FILE__).'/openpgp_crypt_symmetric.php'; /* For encrypt/decrypt */
|
||||
@@ -150,7 +154,7 @@ class OpenPGP_Crypt_RSA {
|
||||
if(!$sig) {
|
||||
$sig = new OpenPGP_SignaturePacket($packet, 'RSA', strtoupper($hash));
|
||||
$sig->signature_type = 0x13;
|
||||
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x01, 0x02));
|
||||
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x01 | 0x02));
|
||||
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid);
|
||||
$packet[] = $sig;
|
||||
}
|
||||
@@ -241,8 +245,18 @@ class OpenPGP_Crypt_RSA {
|
||||
$rsa = self::crypt_rsa_key($mod, $exp);
|
||||
|
||||
if($private) {
|
||||
if($packet->key['p'] && $packet->key['q']) $rsa->primes = array($packet->key['p'], $packet->key['q']);
|
||||
if($packet->key['u']) $rsa->coefficients = array($packet->key['u']);
|
||||
/**
|
||||
* @see https://github.com/phpseclib/phpseclib/issues/1113
|
||||
* Primes and coefficients now use BigIntegers.
|
||||
**/
|
||||
//set the primes
|
||||
if($packet->key['p'] && $packet->key['q'])
|
||||
$rsa->primes = array(
|
||||
1 => new Math_BigInteger($packet->key['p'], 256),
|
||||
2 => new Math_BigInteger($packet->key['q'], 256)
|
||||
);
|
||||
// set the coefficients
|
||||
if($packet->key['u']) $rsa->coefficients = array(2 => new Math_BigInteger($packet->key['u'], 256));
|
||||
}
|
||||
|
||||
return $rsa;
|
||||
|
||||
@@ -1,20 +1,24 @@
|
||||
<?php
|
||||
|
||||
use phpseclib\Crypt\TripleDES as Crypt_TripleDES;
|
||||
use phpseclib\Crypt\AES as Crypt_AES;
|
||||
use phpseclib\Crypt\Random;
|
||||
|
||||
define('CRYPT_DES_MODE_CFB', Crypt_TripleDES::MODE_CFB);
|
||||
define('CRYPT_AES_MODE_CFB', Crypt_AES::MODE_CFB);
|
||||
|
||||
require_once dirname(__FILE__).'/openpgp.php';
|
||||
@include_once dirname(__FILE__).'/openpgp_crypt_rsa.php';
|
||||
@include_once dirname(__FILE__).'/openpgp_mcrypt_wrapper.php';
|
||||
@include_once 'Crypt/AES.php';
|
||||
@include_once 'Crypt/TripleDES.php';
|
||||
require_once 'Crypt/Random.php'; // part of phpseclib is absolutely required
|
||||
|
||||
class OpenPGP_Crypt_Symmetric {
|
||||
public static function encrypt($passphrases_and_keys, $message, $symmetric_algorithm=9) {
|
||||
list($cipher, $key_bytes, $key_block_bytes) = self::getCipher($symmetric_algorithm);
|
||||
if(!$cipher) throw new Exception("Unsupported cipher");
|
||||
$prefix = crypt_random_string($key_block_bytes);
|
||||
$prefix = Random::string($key_block_bytes);
|
||||
$prefix .= substr($prefix, -2);
|
||||
|
||||
$key = crypt_random_string($key_bytes);
|
||||
$key = Random::string($key_bytes);
|
||||
$cipher->setKey($key);
|
||||
|
||||
$to_encrypt = $prefix . $message->to_bytes();
|
||||
@@ -36,7 +40,7 @@ class OpenPGP_Crypt_Symmetric {
|
||||
$esk = pack('n', OpenPGP::bitlength($esk)) . $esk;
|
||||
array_unshift($encrypted, new OpenPGP_AsymmetricSessionKeyPacket($pass->algorithm, $pass->fingerprint(), $esk));
|
||||
} else if(is_string($pass)) {
|
||||
$s2k = new OpenPGP_S2K(crypt_random_string(10));
|
||||
$s2k = new OpenPGP_S2K(Random::string(10));
|
||||
$cipher->setKey($s2k->make_key($pass, $key_bytes));
|
||||
$esk = $cipher->encrypt(chr($symmetric_algorithm) . $key);
|
||||
array_unshift($encrypted, new OpenPGP_SymmetricSessionKeyPacket($s2k, $esk, $symmetric_algorithm));
|
||||
@@ -143,38 +147,32 @@ class OpenPGP_Crypt_Symmetric {
|
||||
$cipher = NULL;
|
||||
switch($algo) {
|
||||
case 2:
|
||||
if(class_exists('Crypt_TripleDES')) {
|
||||
$cipher = new Crypt_TripleDES(CRYPT_DES_MODE_CFB);
|
||||
$key_bytes = 24;
|
||||
$key_block_bytes = 8;
|
||||
}
|
||||
break;
|
||||
case 3:
|
||||
if(defined('MCRYPT_CAST_128')) {
|
||||
$cipher = new MCryptWrapper(MCRYPT_CAST_128);
|
||||
} else {
|
||||
throw new Exception("Unsupported cipher: you must have mcrypt installed to use CAST5");
|
||||
}
|
||||
break;
|
||||
case 7:
|
||||
if(class_exists('Crypt_AES')) {
|
||||
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
|
||||
$cipher->setKeyLength(128);
|
||||
}
|
||||
break;
|
||||
case 8:
|
||||
if(class_exists('Crypt_AES')) {
|
||||
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
|
||||
$cipher->setKeyLength(192);
|
||||
}
|
||||
break;
|
||||
case 9:
|
||||
if(class_exists('Crypt_AES')) {
|
||||
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
|
||||
$cipher->setKeyLength(256);
|
||||
}
|
||||
break;
|
||||
}
|
||||
if(!$cipher) return array(NULL, NULL, NULL); // Unsupported cipher
|
||||
if(!isset($key_bytes)) $key_bytes = $cipher->key_size;
|
||||
if(!isset($key_bytes)) $key_bytes = isset($cipher->key_size)?$cipher->key_size:$cipher->key_length;
|
||||
if(!isset($key_block_bytes)) $key_block_bytes = $cipher->block_size;
|
||||
return array($cipher, $key_bytes, $key_block_bytes);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user