Merge pull request #323 from fabrixxm/master

securemail: update library and readme
This commit is contained in:
Tobias Diekershoff 2015-11-07 00:12:00 +01:00
commit b0e505b043
5 changed files with 35 additions and 19 deletions

View file

@ -2,10 +2,12 @@ Secure Mail
----------- -----------
Send notification mails to user encrypted with GPG. Send notification mails to user encrypted with GPG.
Each user can enable it and submit his public key under Settings-> Addon Each user can enable it and submit his public key under Settings-> Addon
-> "Secure Mail" Settings. -> "Secure Mail" Settings.
Use 'php-gpg' library, a pure PHP implementation of GPG/PGP, released Use 'php-gpg' library, a pure PHP implementation of GPG/PGP, released
under GPL. See [project repo](https://github.com/jasonhinkle/php-gpg). under GPL. See [project repo](https://github.com/jasonhinkle/php-gpg).
This plugin need Friendica version > 3.3.2 to work. This plugin could have some problems with keys larger than 2048 ([see issue](https://github.com/jasonhinkle/php-gpg/issues/7))
Need Friendica version > 3.3.2 to work.

View file

@ -1,3 +0,0 @@
/.buildpath
/.settings
.DS_Store

View file

@ -35,8 +35,6 @@ class GPG
private function gpg_encrypt($key, $text) { private function gpg_encrypt($key, $text) {
$i = 0; $i = 0;
$i = 0;
$len = strlen($text);
$len = strlen($text); $len = strlen($text);
$iblock = array_fill(0, $this->width, 0); $iblock = array_fill(0, $this->width, 0);
$rblock = array_fill(0, $this->width, 0); $rblock = array_fill(0, $this->width, 0);
@ -82,14 +80,32 @@ class GPG
private function gpg_header($tag, $len) private function gpg_header($tag, $len)
{ {
if ($len > 0xff) $tag += 1; $h = "";
$h = chr($tag); if ($len < 0x100) {
if ($len > 0xff) $h .= chr($len / 0x100); $h .= chr($tag);
$h .= chr($len % 0x100); $h .= chr($len);
} else if ($len < 0x10000) {
$tag+=1;
$h .= chr($tag);
$h .= $this->writeNumber($len, 2);
} else {
$tag+=2;
$h .= chr($tag);
$h .= $this->writeNumber($len, 4);
}
return $h; return $h;
} }
private function writeNumber($n, $bytes)
{
// credits for this function go to OpenPGP.js
$b = '';
for ($i = 0; $i < $bytes; $i++) {
$b .= chr(($n >> (8 * ($bytes - $i - 1))) & 0xff);
}
return $b;
}
private function gpg_session($key_id, $key_type, $session_key, $public_key) private function gpg_session($key_id, $key_type, $session_key, $public_key)
{ {
@ -174,7 +190,7 @@ class GPG
$this->gpg_data($session_key, $plaintext); $this->gpg_data($session_key, $plaintext);
$code = base64_encode($cp); $code = base64_encode($cp);
$code = wordwrap($code, 60, "\n", 1); $code = wordwrap($code, 64, "\n", 1);
return return
"-----BEGIN PGP MESSAGE-----\nVersion: VerySimple PHP-GPG v".$this->version."\n\n" . "-----BEGIN PGP MESSAGE-----\nVersion: VerySimple PHP-GPG v".$this->version."\n\n" .
@ -183,4 +199,4 @@ class GPG
} }
} }
?> ?>

View file

@ -89,7 +89,7 @@ class GPG_Public_Key {
$len = ord($sa[$i++]); $len = ord($sa[$i++]);
if ($len > 191 && $len < 224) $len = (($len - 192) << 8) + ord($sa[$i++]); if ($len > 191 && $len < 224) $len = (($len - 192) << 8) + ord($sa[$i++]);
else if ($len == 255) $len = (ord($sa[$i++]) << 24) + (ord($sa[$i++]) << 16) + (ord($sa[$i++]) << 8) + ord($sa[$i++]); else if ($len == 255) $len = (ord($sa[$i++]) << 24) + (ord($sa[$i++]) << 16) + (ord($sa[$i++]) << 8) + ord($sa[$i++]);
else if ($len > 223 && len < 255) $len = (1 << ($len & 0x1f)); else if ($len > 223 && $len < 255) $len = (1 << ($len & 0x1f));
} else { } else {
$len = $tag & 3; $len = $tag & 3;
$tag = ($tag >> 2) & 15; $tag = ($tag >> 2) & 15;
@ -137,10 +137,11 @@ class GPG_Public_Key {
// echo "POSITION: $delimPos\n"; // echo "POSITION: $delimPos\n";
$pkt = chr(0x99) . chr($delimPos >> 8) . chr($delimPos & 255) . substr($s, $headerPos, $delimPos); // this does not work, tried it with RSA 1024 and RSA 4096 keys generated by GnuPG v2 (2.0.29) on Windows running Apache and PHP 5.6.3
// $pkt = chr(0x99) . chr($delimPos >> 8) . chr($delimPos & 255) . substr($s, $headerPos, $delimPos);
// this is the original signing string which seems to have only worked for key lengths of 1024 or less // this is the original signing string which seems to have only worked for key lengths of 1024 or less
//$pkt = chr(0x99) . chr($len >> 8) . chr($len & 255) . substr($s, $k, $len); $pkt = chr(0x99) . chr($len >> 8) . chr($len & 255) . substr($s, $k, $len); // use this for now
$fp = sha1($pkt); $fp = sha1($pkt);
$this->fp = $fp; $this->fp = $fp;
@ -214,4 +215,4 @@ class GPG_Public_Key {
} }
} }
?> ?>

0
securemail/php-gpg/tests/runtests.sh Normal file → Executable file
View file