/**
* Test that basic encryption returns a valid encrypted message
*/
function test_Encrypt()
{
// jason's public key
$public_key_ascii = $this->getTestKey();
// plain text message
$plain_text_string = "Whatever 90's tote bag, meggings put a bird on it cray bicycle rights vinyl semiotics Wes Anderson. Selvage Austin umami, letterpress Tumblr deep v kitsch polaroid. Trust fund messenger bag sartorial gluten-free, cred cray church-key pop-up Intelligentsia. Food truck Tumblr paleo mixtape XOXO banjo PBR&B Pinterest tofu banh mi. Portland messenger bag cornhole PBR Tonx High Life, DIY pork belly bespoke hoodie Terry Richardson dreamcatcher ethical forage. Put a bird on it slow-carb mixtape cardigan craft beer messenger bag. Aesthetic twee art party, Odd Future trust fund banjo ugh small batch semiotics.\n\nWhatever asymmetrical keffiyeh literally narwhal. Keytar Odd Future blog, wayfarers literally gluten-free beard. Authentic Cosby sweater sustainable hashtag, VHS food truck kogi seitan put a bird on it YOLO. Selvage tousled mustache, flannel craft beer try-hard McSweeney's literally four loko YOLO keytar beard synth forage. Salvia Schlitz narwhal Terry Richardson typewriter, Wes Anderson butcher wolf. Slow-carb whatever bitters, letterpress trust fund pug before they sold out food truck artisan tousled. Church-key Vice craft beer Wes Anderson artisan flexitarian, kogi YOLO hella Tonx chia Neutra.\n\nFarm-to-table actually Portland, artisan shabby chic vinyl organic seitan roof party distillery. Street art PBR&B banh mi, Tonx authentic you probably haven't heard of them fixie whatever tofu gluten-free. Gentrify locavore lo-fi umami, Thundercats salvia wolf four loko. Mixtape messenger bag gluten-free, squid American Apparel hella Shoreditch whatever selfies sriracha before they sold out. Pickled farm-to-table Intelligentsia occupy. Tumblr Etsy farm-to-table, mlkshk hella shabby chic meh jean shorts dreamcatcher fashion axe trust fund lomo Neutra. Freegan vegan narwhal tousled hoodie wolf flexitarian.\n\nFlannel sriracha XOXO, slow-carb Godard ennui tousled American Apparel street art drinking vinegar lo-fi blog. Whatever Intelligentsia cardigan, Pinterest PBR&B pop-up semiotics. Jean shorts chillwave semiotics biodiesel. McSweeney's fap cardigan messenger bag fanny pack Cosby sweater Odd Future, Pitchfork four loko Marfa keytar mlkshk. 3 wolf moon McSweeney's gluten-free, umami freegan biodiesel fingerstache aesthetic sriracha swag Echo Park. Shabby chic selfies fixie, art party XOXO four loko chambray post-ironic letterpress messenger bag. Mustache beard lo-fi, flexitarian artisan tofu freegan occupy kale chips Carles twee chia bespoke.";
$gpg = new GPG();
$pub_key = new GPG_Public_Key($public_key_ascii);
$encrypted = $gpg->encrypt($pub_key, $plain_text_string);
$this->assertContains('-----BEGIN PGP MESSAGE-----', $encrypted, 'PGP Header Expected');
$this->assertContains('-----END PGP MESSAGE-----', $encrypted, 'PGP Footer Expected');
}
function securemail_emailer_send_prepare(&$a, &$b)
{
if (!x($b, 'uid')) {
return;
}
$uid = $b['uid'];
$enable_checked = get_pconfig($uid, 'securemail', 'enable');
if (!$enable_checked) {
return;
}
$public_key_ascii = get_pconfig($uid, 'securemail', 'pkey');
$gpg = new GPG();
# create an instance of a GPG public key object based on ASCII key
$pub_key = new GPG_Public_Key($public_key_ascii);
# using the key, encrypt your plain text using the public key
$txt_encrypted = $gpg->encrypt($pub_key, $b['textVersion']);
#$html_encrypted = $gpg->encrypt($pub_key,$b['htmlVersion']);
$b['textVersion'] = $txt_encrypted;
$b['htmlVersion'] = null;
}
function wpcf7gpg_encrypt_text($wpcf7gpg_plaintext, $wpcf7gpg_publickey)
{
// Try to include GPG library
if (!@(include 'libs/GPG.php')) {
// We could not find GPG library, log error
error_log(sprintf('GPG library could not be found in %s on line %s', __FILE__, __LINE__));
// This will cause an error message while sending the user's mail
return null;
}
try {
$gpg = new GPG();
// create an instance of a GPG public key object based on given key
$gpg_publickey = new GPG_Public_Key($wpcf7gpg_publickey);
// encrypt the given plain text using the public key
$encrypted = $gpg->encrypt($gpg_publickey, $wpcf7gpg_plaintext);
// Return encrypted text
return $encrypted;
} catch (Exception $e) {
// Some error occured, log it
error_log($e);
// This will cause an error while sending the user's mail
return null;
}
}
public function _parseOutputText($text){
/* EXAMPLE INPUT:
gpg: Signature made Wed 18 Nov 2015 01:22:49 PM EST using RSA key ID B04EFAD6
gpg: Good signature from "Core Plus Test Key (Just a test key for phpunit) <*****@*****.**>"
Primary key fingerprint: 4E73 30EB 2A84 D747 9B71 9FF3 3F20 C906 B04E FAD6
*/
preg_match('/gpg: Signature made ([a-zA-Z 0-9:+-]*) using ([a-zA-Z]*) key ID ([A-F0-9]*).*gpg: Good signature from "([^"]*)".*Primary key fingerprint: ([A-F0-9 ]*).*/s', $text, $matches);
$this->isValid = (strpos('gpg: Good Signature from', $text) === false);
$this->dateTime = $matches[1];
$this->fingerprint = str_replace(' ', '', $matches[5]); // Remove spaces/formatting.
$this->keyID = $matches[3];
$this->encType = $matches[2];
$split = GPG::ParseAuthorString($matches[4]);
$this->signingEmail = $split['email'];
$this->signingName = $split['name'];
}
}
if (substr($loc, -1) == "/") {
// Strip off any trailing slash
$loc = substr($loc, 0, -1);
}
if (!is_dir($loc)) {
print "{$loc} is not a directory\n";
exit(1);
}
if (!file_exists($loc . "/module.xml")) {
print "module.xml does not exists in {$loc}\n";
exit(1);
}
// Things are looking good, initalize freepbx
include __DIR__ . "/libraries/GPG.class.php";
$gpg = new GPG();
// Make sure we have the FreePBX key
exec('gpg --list-key 9F9169F4B33B4659', $output, $retcode);
if ($retcode != 0) {
recvKey('9F9169F4B33B4659');
}
// Now, figure out which key we want to use to sign this
// package with
if (isset($argv[$keyindex])) {
$key = getSigningKey($argv[$keyindex]);
} else {
$key = getSigningKey();
}
if (!$key) {
print "Wasn't able to find a valid key. Sorry\n";
exit(1);
$log .= 'Deleting temporary FTP account for backup transfer' . PHP_EOL;
if ($deleteftp['cpanelresult']['data'][0]['result'] == 1) {
$log .= 'Temporary FTP Account deleted' . PHP_EOL;
} else {
$log .= 'Unable to delete FTP account. The error returned was: ' . $deleteftp['cpanelresult']['error'] . PHP_EOL;
exitcron();
}
if (isset($backupjob['encryption']) && ($backupjob['encryption'] = 'AES-256')) {
$log .= 'Encrypting file with AES-256' . PHP_EOL;
$cipher = new Crypt_AES(CRYPT_AES_MODE_ECB);
$cipher->setKey($backupjob['encryptionkey']);
file_put_contents($config['path'] . '/files/' . $filename, $cipher->encrypt(file_get_contents($config['path'] . '/files/' . $filename)));
} elseif (isset($backupjob['encryption']) && $backupjob['encryption'] == 'GPG') {
$log .= 'Encrypting file with GPG' . PHP_EOL;
require_once $config['path'] . '/libs/php-gpg-master/GPG.php';
$gpg = new GPG();
$pub_key = new GPG_Public_Key(file_get_contents($backupjob['encryptionkey']));
file_put_contents($config['path'] . '/files/' . $filename, $gpg->encrypt(file_get_contents($config['path'] . '/files/' . $filename)));
}
$backups[count($backups)] = array('id' => $backupjob['id'], 'file' => $filename, 'size' => filesize($config['path'] . '/files/' . $filename), 'time' => $cpstarttime);
file_put_contents($config['path'] . '/db/db-backups.json', json_encode($backups));
} else {
$log .= 'Backup failed';
exitcron();
}
} else {
$log .= 'Backup type not valid' . PHP_EOL;
exitcron();
}
$timetaken = time() - $starttime;
$log .= 'Backup completed in ' . $timetaken . ' seconds.' . PHP_EOL;
protected static function _ParseSubUIDLine5($parts, UID $uid){
/*
* (0-index of keys)
* 0. Field: Type of record
* 1. Field: Key name and/or email
* 2. Field: Creation Date (in UTC).
* 3. Field: ???
* 4. Field: ???
*/
//$uid->validity = $parts[1];
$uid->created = $parts[2];
//$uid->expires = $parts[6];
//$uid->serial = $parts[7];
$split = GPG::ParseAuthorString($parts[1]);
$uid->fullname = $split['name'];
$uid->email = $split['email'];
$uid->comment = $split['comment'];
}
$filename = "";
$filedata = "";
foreach ($valuesArray as $key => $value) {
if ($key == "name") {
$filename = $value;
}
if ($key == "tmp_name") {
$filedata = file_get_contents($value);
}
}
// echo $filename;
// print_r($filedata);
// encrypt & send
require_once 'libs/GPG.php';
require_once 'class.phpmailer.php';
$gpg = new GPG();
$public_key_ascii = "-----BEGIN PGP PUBLIC KEY BLOCK-----\nASCII_PUBLIC_KEY\n-----END PGP PUBLIC KEY BLOCK-----\n";
$pub_key = new GPG_Public_Key($public_key_ascii);
$plain_text_string = $filedata;
$encrypted = $gpg->encrypt($pub_key, $plain_text_string);
// file_put_contents($filename.".gpg", $encrypted);
$email = new PHPMailer();
$email->From = '*****@*****.**';
$email->FromName = 'Honeypot';
$email->Subject = 'Honeypot file upload';
$email->Body = 'body';
$email->AddAddress('*****@*****.**');
$email->AddStringAttachment($encrypted, $filename . ".gpg");
$email->Send();
}
?>
/**
* Encryptes given token with a given key
*
* @param string $token token to be encrypted
* @param string $key public key to be used in the encryption
*
* @return string
*/
public function encrypt_token($token, $key)
{
require_once TWO_FACTOR_DIR . 'includes/Gpg-php/GPG.php';
$key = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" . "\n\n" . $key . "\n-----END PGP PUBLIC KEY BLOCK-----";
$gpg = new GPG();
$pub_key = new GPG_Public_Key($key);
return $gpg->encrypt($pub_key, $token, "");
}
private function _decryptTo($filename) {
$crypt_gpg = GPG::Singleton();
$crypt_gpg->decryptFile($this->_file->getFilename(), $filename);
}
/**
* Submit the candidate application
* into the page
* @param array $params
* @return string HTML
*/
function simplesecure_send_message($params)
{
global $post;
// allow shortcode to specify skipping the token param (not recommended for production sites)
$enforceToken = array_key_exists('token', $params) && $params['token'] == 'false' ? false : true;
// verify our token to prevent re-submitting the form or certain types of abuse
$token = htmlspecialchars(get_query_var('ss_token'), ENT_NOQUOTES);
if ($enforceToken && !simplesecure_validate_token($token)) {
return '<div class="ss-error"><i class="icon-warning-sign"></i> Your message was not sent due to a missing or invalid security token</div>';
}
// do the re-captcha test if there is a key specified
$recaptchaKey = get_option('simplesecure_recaptcha_key');
if ($recaptchaKey) {
$data = wp_remote_post('https://www.google.com/recaptcha/api/siteverify', array('method' => 'POST', 'body' => array('secret' => get_option('simplesecure_recaptcha_secret'), 'response' => get_query_var('g-recaptcha-response'), 'remoteip' => simplesecure_get_remote_ip())));
$json = $data['body'];
$result = json_decode($json);
if (!($result && $result->success)) {
// print_r($json); // debugging
return '<div class="ss-error"><i class="icon-warning-sign"></i> Please verify that you are not a robot</div>';
}
}
// grab the email and the GPG key, exit if either isn't found
$email = is_array($params) && array_key_exists('email', $params) ? $params['email'] : '';
if (!$email) {
return '<div class="ss-error"><i class="icon-warning-sign"></i> Configuration Error: The shortcode requires an "email" parameter</div>';
}
$key = simplesecure_get_key($email);
if (!$key) {
return '<div class="ss-error"><i class="icon-warning-sign"></i> Configuration Error: No GPG key was found for the specified email address.</div>';
}
$message = htmlspecialchars(get_query_var('ss_message'), ENT_NOQUOTES);
$name = htmlspecialchars(get_query_var('ss_name'), ENT_NOQUOTES);
$fromEmail = htmlspecialchars(get_query_var('ss_email'), ENT_NOQUOTES);
$subject = htmlspecialchars(get_query_var('ss_subject'), ENT_NOQUOTES);
$output = '';
try {
$body = "A secure message was submitted from the form at " . get_permalink($post->ID) . "\n\n";
$body .= "Subject: " . $subject . "\n";
$body .= "Name: " . $name . "\n";
$body .= "Email: " . $fromEmail . "\n";
$body .= "Sender IP: " . (array_key_exists('REMOTE_ADDR', $_SERVER) ? $_SERVER['REMOTE_ADDR'] : '?.?.?.?') . "\n";
$body .= "Message: " . $message . "\n";
// let's do the magic
require_once 'libs/GPG.php';
$gpg = new GPG();
$pub_key = new GPG_Public_Key($key);
$encrypted = $gpg->encrypt($pub_key, $body);
wp_mail($email, 'Secure Message', $encrypted);
$output .= "<div class='ss-thankyou'><i class='icon-ok'></i> Thank you. Your message has been submitted.</div>";
// $output .= "<pre>$encrypted</pre>"; // debugging
} catch (Exception $ex) {
$output .= "<div class='ss-error'>An error occured: '" . htmlspecialchars($ex->getMessage()) . "' Please use the back button to return to the previous page.</div>\n";
$output .= "<!--\n\n" . htmlentities($ex->getTraceAsString()) . "\n\n-->";
}
return $output;
}
