public static function encrypt($passphrases_and_keys, $message, $symmetric_algorithm = 9)
{
list($cipher, $key_bytes, $key_block_bytes) = self::getCipher($symmetric_algorithm);
if (!$cipher) {
throw new Exception("Unsupported cipher");
}
$prefix = crypt_random_string($key_block_bytes);
$prefix .= substr($prefix, -2);
$key = crypt_random_string($key_bytes);
$cipher->setKey($key);
$to_encrypt = $prefix . $message->to_bytes();
$mdc = new OpenPGP_ModificationDetectionCodePacket(hash('sha1', $to_encrypt . "Ó", true));
$to_encrypt .= $mdc->to_bytes();
$encrypted = array(new OpenPGP_IntegrityProtectedDataPacket($cipher->encrypt($to_encrypt)));
if (!is_array($passphrases_and_keys) && !$passphrases_and_keys instanceof IteratorAggregate) {
$passphrases_and_keys = (array) $passphrases_and_keys;
}
foreach ($passphrases_and_keys as $pass) {
if ($pass instanceof OpenPGP_PublicKeyPacket) {
if (!in_array($pass->algorithm, array(1, 2, 3))) {
throw new Exception("Only RSA keys are supported.");
}
$crypt_rsa = new OpenPGP_Crypt_RSA($pass);
$rsa = $crypt_rsa->public_key();
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$esk = $rsa->encrypt(chr($symmetric_algorithm) . $key . pack('n', self::checksum($key)));
$esk = pack('n', OpenPGP::bitlength($esk)) . $esk;
array_unshift($encrypted, new OpenPGP_AsymmetricSessionKeyPacket($pass->algorithm, $pass->fingerprint(), $esk));
} else {
if (is_string($pass)) {
$s2k = new OpenPGP_S2K(crypt_random_string(10));
$cipher->setKey($s2k->make_key($pass, $key_bytes));
$esk = $cipher->encrypt(chr($symmetric_algorithm) . $key);
array_unshift($encrypted, new OpenPGP_SymmetricSessionKeyPacket($s2k, $esk, $symmetric_algorithm));
}
}
}
return new OpenPGP_Message($encrypted);
}
<?php
require_once dirname(__FILE__) . '/../lib/openpgp.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_rsa.php';
/* Parse secret key from STDIN, the key must not be password protected */
$wkey = OpenPGP_Message::parse(file_get_contents('php://stdin'));
$wkey = $wkey[0];
/* Create a new literal data packet */
$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));
/* Create a signer from the key */
$sign = new OpenPGP_Crypt_RSA($wkey);
/* The message is the signed data packet */
$m = $sign->sign($data);
/* Output the raw message bytes to STDOUT */
echo $m->to_bytes();
<?php
// USAGE: php examples/deASCIIdeCrypt.php secretkey.asc password message.asc
// This will fail if the algo on key or message is not 3DES or AES
require_once dirname(__FILE__) . '/../lib/openpgp.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_rsa.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_symmetric.php';
$keyASCII = file_get_contents($argv[1]);
$msgASCII = file_get_contents($argv[3]);
$keyEncrypted = OpenPGP_Message::parse(OpenPGP::unarmor($keyASCII, 'PGP PRIVATE KEY BLOCK'));
// Try each secret key packet
foreach ($keyEncrypted as $p) {
if (!$p instanceof OpenPGP_SecretKeyPacket) {
continue;
}
$key = OpenPGP_Crypt_Symmetric::decryptSecretKey($argv[2], $p);
$msg = OpenPGP_Message::parse(OpenPGP::unarmor($msgASCII, 'PGP MESSAGE'));
$decryptor = new OpenPGP_Crypt_RSA($key);
$decrypted = $decryptor->decrypt($msg);
var_dump($decrypted);
}
<?php
require_once dirname(__FILE__) . '/../lib/openpgp.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_rsa.php';
$rsa = new Crypt_RSA();
$k = $rsa->createKey(512);
$rsa->loadKey($k['privatekey']);
$nkey = new OpenPGP_SecretKeyPacket(array('n' => $rsa->modulus->toBytes(), 'e' => $rsa->publicExponent->toBytes(), 'd' => $rsa->exponent->toBytes(), 'p' => $rsa->primes[1]->toBytes(), 'q' => $rsa->primes[2]->toBytes(), 'u' => $rsa->coefficients[2]->toBytes()));
$uid = new OpenPGP_UserIDPacket('Test <*****@*****.**>');
$wkey = new OpenPGP_Crypt_RSA($nkey);
$m = $wkey->sign_key_userid(array($nkey, $uid));
// Serialize private key
print $m->to_bytes();
// Serialize public key message
$pubm = clone $m;
$pubm[0] = new OpenPGP_PublicKeyPacket($pubm[0]);
$public_bytes = $pubm->to_bytes();
public function testEncryptAsymmetric()
{
$key = OpenPGP_Message::parse(file_get_contents(dirname(__FILE__) . '/data/helloKey.gpg'));
$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));
$encrypted = OpenPGP_Crypt_Symmetric::encrypt($key, new OpenPGP_Message(array($data)));
$decryptor = new OpenPGP_Crypt_RSA($key);
$decrypted = $decryptor->decrypt($encrypted);
$this->assertEquals($decrypted[0]->data, 'This is text.');
}
<?php
require_once dirname(__FILE__) . '/../lib/openpgp.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_rsa.php';
/* Parse public key from STDIN */
$wkey = OpenPGP_Message::parse(file_get_contents('php://stdin'));
/* Parse signed message from file named "t" */
$m = OpenPGP_Message::parse(file_get_contents('t'));
/* Create a verifier for the key */
$verify = new OpenPGP_Crypt_RSA($wkey);
/* Dump verification information to STDOUT */
var_dump($verify->verify($m));
<?php
require_once dirname(__FILE__) . '/../lib/openpgp.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_rsa.php';
require_once dirname(__FILE__) . '/../lib/openpgp_crypt_symmetric.php';
$key = OpenPGP_Message::parse(file_get_contents(dirname(__FILE__) . '/../tests/data/helloKey.gpg'));
$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));
$encrypted = OpenPGP_Crypt_Symmetric::encrypt($key, new OpenPGP_Message(array($data)));
// Now decrypt it with the same key
$decryptor = new OpenPGP_Crypt_RSA($key);
$decrypted = $decryptor->decrypt($encrypted);
var_dump($decrypted);
/**
*/
public function verify($msg, $key)
{
$verify = new OpenPGP_Crypt_RSA($key->message);
$pkey = $verify->key();
switch ($pkey->algorithm) {
case 1:
case 2:
case 3:
// RSA
return $verify->verify($msg->message);
case 17:
// DSA
$dsa = new Horde_Pgp_Crypt_DSA($pkey);
$verifier = function ($m, $s) use($dsa) {
return $dsa->verify($m, Horde_String::lower($s->hash_algorithm_name()), new Math_BigInteger($s->data[0], 256), new Math_BigInteger($s->data[1], 256));
};
return $msg->message->verified_signatures(array('DSA' => array('MD5' => $verifier, 'SHA1' => $verifier, 'SHA224' => $verifier, 'SHA256' => $verifier, 'SHA384' => $verifier, 'SHA512' => $verifier)));
}
throw new RuntimeException();
}
public function signDocument()
{
$document = new \StdClass();
foreach ($this->resourceData as $term => $value) {
$document->{$term} = $this->normalizeData($value);
}
unset($document->digital_signature);
unset($document->_id);
unset($document->_rev);
unset($document->doc_id);
unset($document->publishing_node);
unset($document->update_timestamp);
unset($document->node_timestamp);
unset($document->create_timestamp);
$bencoder = new \LearningRegistry\Bencode\LearningRegistryBencodeEncoderTrial();
$document = (array) $document;
$bencodedDocument = utf8_encode($bencoder->encode($document));
$hashedDocument = hash('SHA256', $bencodedDocument);
global $loader;
if (!isset($loader)) {
$loader = $this->getLoader();
}
spl_autoload_unregister(array($loader, 'loadClass'));
require_once dirname(__FILE__) . '/../OpenPGP/openpgp.php';
require_once dirname(__FILE__) . '/../OpenPGP/openpgp_crypt_rsa.php';
require_once dirname(__FILE__) . '/../OpenPGP/openpgp_crypt_symmetric.php';
$keyASCII = $this->getKey();
$keyEncrypted = \OpenPGP_Message::parse(\OpenPGP::unarmor($keyASCII, 'PGP PRIVATE KEY BLOCK'));
foreach ($keyEncrypted as $p) {
if (!$p instanceof \OpenPGP_SecretKeyPacket) {
continue;
}
$key = \OpenPGP_Crypt_Symmetric::decryptSecretKey($this->getPassPhrase(), $p);
}
$data = new \OpenPGP_LiteralDataPacket($hashedDocument, array('format' => 'u'));
$sign = new \OpenPGP_Crypt_RSA($key);
$m = $sign->sign($data);
$packets = $m->signatures()[0];
$message = "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n";
$message .= $packets[0]->data . "\n";
$message .= "-----BEGIN PGP SIGNATURE-----\n\n";
$signed_data = str_replace("-----BEGIN -----", "", str_replace("-----END -----", "", \OpenPGP::enarmor($packets[1][0]->to_bytes(), "")));
$signature = str_split(trim($signed_data), 65);
foreach ($signature as $line) {
$message .= $line . "\n";
}
$message .= "-----END PGP SIGNATURE-----\n";
$this->setSigFields(array('signature' => $message, 'key_owner' => $this->getKeyOwner(), 'key_location' => array($this->getPublicKeyPath()), 'signing_method' => "LR-PGP.1.0"));
spl_autoload_register(array($loader, 'loadClass'));
$this->document = $this->createDocument();
}
