[securemail] Upgrade Composer dependencies to fix PHP8 issue

- Upgrading phpseclib/phpseclib (2.0.4 => 2.0.34)
- Upgrading singpolyma/openpgp-php (0.3.0 => 0.5.0)

securemail/vendor/singpolyma/openpgp-php/lib/openpgp_crypt_symmetric.php

@@ -1,15 +1,15 @@
 <?php
 
-use phpseclib\Crypt\TripleDES as Crypt_TripleDES;
 use phpseclib\Crypt\AES as Crypt_AES;
+use phpseclib\Crypt\Blowfish as Crypt_Blowfish;
+use phpseclib\Crypt\TripleDES as Crypt_TripleDES;
+use phpseclib\Crypt\Twofish as Crypt_Twofish;
 use phpseclib\Crypt\Random;
 
-define('CRYPT_DES_MODE_CFB', Crypt_TripleDES::MODE_CFB);
-define('CRYPT_AES_MODE_CFB', Crypt_AES::MODE_CFB);
-
 require_once dirname(__FILE__).'/openpgp.php';
 @include_once dirname(__FILE__).'/openpgp_crypt_rsa.php';
 @include_once dirname(__FILE__).'/openpgp_mcrypt_wrapper.php';
+@include_once dirname(__FILE__).'/openpgp_openssl_wrapper.php';
 
 class OpenPGP_Crypt_Symmetric {
   public static function encrypt($passphrases_and_keys, $message, $symmetric_algorithm=9) {
@@ -40,7 +40,7 @@ class OpenPGP_Crypt_Symmetric {
         $esk = pack('n', OpenPGP::bitlength($esk)) . $esk;
         array_unshift($encrypted, new OpenPGP_AsymmetricSessionKeyPacket($pass->algorithm, $pass->fingerprint(), $esk));
       } else if(is_string($pass)) {
-        $s2k = new OpenPGP_S2K(Random::string(10));
+        $s2k = new OpenPGP_S2K(Random::string(8));
         $cipher->setKey($s2k->make_key($pass, $key_bytes));
         $esk = $cipher->encrypt(chr($symmetric_algorithm) . $key);
         array_unshift($encrypted, new OpenPGP_SymmetricSessionKeyPacket($s2k, $esk, $symmetric_algorithm));
@@ -62,7 +62,7 @@ class OpenPGP_Crypt_Symmetric {
 
           $padAmount = $key_block_bytes - (strlen($p->encrypted_data) % $key_block_bytes);
           $data = substr($cipher->decrypt($p->encrypted_data . str_repeat("\0", $padAmount)), 0, strlen($p->encrypted_data));
-          $decrypted = self::decryptPacket($epacket, ord($data{0}), substr($data, 1));
+          $decrypted = self::decryptPacket($epacket, ord($data[0]), substr($data, 1));
         } else {
           list($cipher, $key_bytes, $key_block_bytes) = self::getCipher($p->symmetric_algorithm);
           $decrypted = self::decryptPacket($epacket, $p->symmetric_algorithm, $p->s2k->make_key($pass, $key_bytes));
@@ -75,6 +75,31 @@ class OpenPGP_Crypt_Symmetric {
     return NULL; /* If we get here, we failed */
   }
 
+  public static function encryptSecretKey($pass, $packet, $symmetric_algorithm=9) {
+    $packet = clone $packet; // Do not mutate original
+    $packet->s2k_useage = 254;
+    $packet->symmetric_algorithm = $symmetric_algorithm;
+
+    list($cipher, $key_bytes, $key_block_bytes) = self::getCipher($packet->symmetric_algorithm);
+    if(!$cipher) throw new Exception("Unsupported cipher");
+
+    $material = '';
+    foreach(OpenPGP_SecretKeyPacket::$secret_key_fields[$packet->algorithm] as $field) {
+      $f = $packet->key[$field];
+      $material .= pack('n', OpenPGP::bitlength($f)) . $f;
+      unset($packet->key[$field]);
+    }
+    $material .= hash('sha1', $material, true);
+
+    $iv = Random::string($key_block_bytes);
+    if(!$packet->s2k) $packet->s2k = new OpenPGP_S2K(Random::string(8));
+    $cipher->setKey($packet->s2k->make_key($pass, $key_bytes));
+    $cipher->setIV($iv);
+    $packet->encrypted_data = $iv . $cipher->encrypt($material);
+
+    return $packet;
+  }
+
   public static function decryptSecretKey($pass, $packet) {
     $packet = clone $packet; // Do not mutate orinigal
 
@@ -97,6 +122,7 @@ class OpenPGP_Crypt_Symmetric {
       if($chk != $mkChk) return NULL;
     }
 
+    $packet->s2k = NULL;
     $packet->s2k_useage = 0;
     $packet->symmetric_algorithm = 0;
     $packet->encrypted_data = NULL;
@@ -146,29 +172,45 @@ class OpenPGP_Crypt_Symmetric {
   public static function getCipher($algo) {
     $cipher = NULL;
     switch($algo) {
+    case NULL:
+      case 0:
+        throw new Exception("Data is already unencrypted");
       case 2:
-          $cipher = new Crypt_TripleDES(CRYPT_DES_MODE_CFB);
-          $key_bytes = 24;
-          $key_block_bytes = 8;
+        $cipher = new Crypt_TripleDES(Crypt_TripleDES::MODE_CFB);
+        $key_bytes = 24;
+        $key_block_bytes = 8;
         break;
       case 3:
-        if(defined('MCRYPT_CAST_128')) {
+        if(class_exists('OpenSSLWrapper')) {
+          $cipher = new OpenSSLWrapper("CAST5-CFB");
+        } else if(defined('MCRYPT_CAST_128')) {
           $cipher = new MCryptWrapper(MCRYPT_CAST_128);
-        } else {
-          throw new Exception("Unsupported cipher: you must have mcrypt installed to use CAST5");
         }
         break;
+      case 4:
+        $cipher = new Crypt_Blowfish(Crypt_Blowfish::MODE_CFB);
+        $key_bytes = 16;
+        $key_block_bytes = 8;
+        break;
       case 7:
-          $cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
-          $cipher->setKeyLength(128);
+        $cipher = new Crypt_AES(Crypt_AES::MODE_CFB);
+        $cipher->setKeyLength(128);
         break;
       case 8:
-          $cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
-          $cipher->setKeyLength(192);
+        $cipher = new Crypt_AES(Crypt_AES::MODE_CFB);
+        $cipher->setKeyLength(192);
         break;
       case 9:
-          $cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
+        $cipher = new Crypt_AES(Crypt_AES::MODE_CFB);
+        $cipher->setKeyLength(256);
+        break;
+      case 10:
+        $cipher = new Crypt_Twofish(Crypt_Twofish::MODE_CFB);
+        if(method_exists($cipher, 'setKeyLength')) {
           $cipher->setKeyLength(256);
+        } else {
+          $cipher = NULL;
+        }
         break;
     }
     if(!$cipher) return array(NULL, NULL, NULL); // Unsupported cipher
@@ -187,7 +229,7 @@ class OpenPGP_Crypt_Symmetric {
   public static function checksum($s) {
     $mkChk = 0;
     for($i = 0; $i < strlen($s); $i++) {
-      $mkChk = ($mkChk + ord($s{$i})) % 65536;
+      $mkChk = ($mkChk + ord($s[$i])) % 65536;
     }
     return $mkChk;
   }