securemail: update library and readme

diff --git a/securemail/README.md b/securemail/README.md
index 2f24c53cc8a7d240f7ba18acfa777ae7606cc18e..72a5b6527de4559f98759e567db7ba4ecb543877 100644 (file)
--- a/securemail/README.md
+++ b/securemail/README.md
@@ -2,10 +2,12 @@ Secure Mail
 -----------
 
 Send notification mails to user encrypted with GPG.
-Each user can enable it and submit his public key under Settings-> Addon 
+Each user can enable it and submit his public key under Settings-> Addon
 -> "Secure Mail" Settings.
 
-Use 'php-gpg' library, a pure PHP implementation of GPG/PGP, released 
+Use 'php-gpg' library, a pure PHP implementation of GPG/PGP, released
 under GPL. See [project repo](https://github.com/jasonhinkle/php-gpg).
 
-This plugin need Friendica version > 3.3.2 to work.
+This plugin could have some problems with keys larger than 2048 ([see issue](https://github.com/jasonhinkle/php-gpg/issues/7))
+
+Need Friendica version > 3.3.2 to work.

diff --git a/securemail/php-gpg/.gitignore b/securemail/php-gpg/.gitignore
deleted file mode 100644 (file)
index 0bd34b3..0000000
--- a/securemail/php-gpg/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-/.buildpath
-/.settings
-.DS_Store
\ No newline at end of file

diff --git a/securemail/php-gpg/libs/GPG.php b/securemail/php-gpg/libs/GPG.php
index 053a54beab256bd81006aed71cd52b9a737be5df..e111ccabdc2d53972c790d2474c416a260e879f8 100644 (file)
--- a/securemail/php-gpg/libs/GPG.php
+++ b/securemail/php-gpg/libs/GPG.php
@@ -35,8 +35,6 @@ class GPG
        private function gpg_encrypt($key, $text) {\r
 \r
                $i = 0;\r
-               $i = 0;\r
-               $len = strlen($text);\r
                $len = strlen($text);\r
                $iblock = array_fill(0, $this->width, 0);\r
                $rblock = array_fill(0, $this->width, 0);\r
@@ -82,14 +80,32 @@ class GPG
 \r
        private function gpg_header($tag, $len)\r
        {\r
-               if ($len > 0xff) $tag += 1;\r
-               $h = chr($tag);\r
-               if ($len > 0xff) $h .= chr($len / 0x100);\r
-               $h .= chr($len % 0x100);\r
-\r
+               $h = "";\r
+               if ($len < 0x100) {\r
+                 $h .= chr($tag);\r
+                 $h .= chr($len);\r
+               } else if ($len < 0x10000) {\r
+                 $tag+=1;\r
+                 $h .= chr($tag);\r
+                 $h .= $this->writeNumber($len, 2);\r
+               } else {\r
+                 $tag+=2;\r
+                 $h .= chr($tag);\r
+                 $h .= $this->writeNumber($len, 4);\r
+               }\r
                return $h;\r
        }\r
 \r
+       private function writeNumber($n, $bytes)\r
+       {\r
+               // credits for this function go to OpenPGP.js\r
+               $b = '';\r
+               for ($i = 0; $i < $bytes; $i++) {\r
+                 $b .= chr(($n >> (8 * ($bytes - $i - 1))) & 0xff);\r
+               }\r
+               return $b;\r
+       }\r
+\r
        private function gpg_session($key_id, $key_type, $session_key, $public_key)\r
        { \r
 \r
@@ -174,7 +190,7 @@ class GPG
                        $this->gpg_data($session_key, $plaintext);\r
 \r
                $code = base64_encode($cp);\r
-               $code = wordwrap($code, 60, "\n", 1);\r
+               $code = wordwrap($code, 64, "\n", 1);\r
 \r
                return\r
                        "-----BEGIN PGP MESSAGE-----\nVersion: VerySimple PHP-GPG v".$this->version."\n\n" .\r
@@ -183,4 +199,4 @@ class GPG
        }\r
 }\r
 \r
-?>
\ No newline at end of file
+?>\r

diff --git a/securemail/php-gpg/libs/GPG/Public_Key.php b/securemail/php-gpg/libs/GPG/Public_Key.php
index 7b813079c751a7d4ad42f1087cb57b29f2cb5401..b46118d5832ebae2bf775d2938f2adaa6de36081 100644 (file)
--- a/securemail/php-gpg/libs/GPG/Public_Key.php
+++ b/securemail/php-gpg/libs/GPG/Public_Key.php
@@ -89,7 +89,7 @@ class GPG_Public_Key {
                                $len = ord($sa[$i++]);\r
                                if ($len > 191 && $len < 224) $len = (($len - 192) << 8) + ord($sa[$i++]);\r
                                else if ($len == 255) $len = (ord($sa[$i++]) << 24) + (ord($sa[$i++]) << 16) + (ord($sa[$i++]) << 8) + ord($sa[$i++]);\r
-                                       else if ($len > 223 && len < 255) $len = (1 << ($len & 0x1f));\r
+                                       else if ($len > 223 && $len < 255) $len = (1 << ($len & 0x1f));\r
                        } else {\r
                                $len = $tag & 3;\r
                                $tag = ($tag >> 2) & 15;\r
@@ -137,10 +137,11 @@ class GPG_Public_Key {
                                                \r
                                                // echo "POSITION: $delimPos\n";\r
                                                \r
-                                               $pkt = chr(0x99) . chr($delimPos >> 8) . chr($delimPos & 255) . substr($s, $headerPos, $delimPos);\r
+                                               // this does not work, tried it with RSA 1024 and RSA 4096 keys generated by GnuPG v2 (2.0.29) on Windows running Apache and PHP 5.6.3\r
+                                               // $pkt = chr(0x99) . chr($delimPos >> 8) . chr($delimPos & 255) . substr($s, $headerPos, $delimPos);\r
                                                \r
                                                // this is the original signing string which seems to have only worked for key lengths of 1024 or less\r
-                                               //$pkt = chr(0x99) . chr($len >> 8) . chr($len & 255) . substr($s, $k, $len);\r
+                                               $pkt = chr(0x99) . chr($len >> 8) . chr($len & 255) . substr($s, $k, $len); // use this for now\r
                                                \r
                                                $fp = sha1($pkt);\r
                                                $this->fp = $fp;\r
@@ -214,4 +215,4 @@ class GPG_Public_Key {
        }\r
 }\r
 \r
-?>
\ No newline at end of file
+?>\r

diff --git a/securemail/php-gpg/tests/runtests.sh b/securemail/php-gpg/tests/runtests.sh
old mode 100644 (file)
new mode 100755 (executable)