function user_key_info($uid)
{
global $db;
// User key info
$query = $db->query("SELECT fid4 FROM mybb_userfields WHERE ufid='{$uid}'");
$userPubkey = $db->fetch_field($query, "fid4");
if ($userPubkey == "") {
return false;
}
// Set up keyring
$keyring = ".trkeys";
putenv("GNUPGHOME={$keyring}");
// Import key
$gpg = new gnupg();
$gpg->seterrormode(gnupg::ERROR_WARNING);
$wkey = $gpg->import($userPubkey);
if (isset($wkey['fingerprint'])) {
$keystatus = "OK";
$key_fingerprint = $wkey['fingerprint'];
} else {
$keystatus = "Brak";
$key_fingerprint = $lanag->na;
}
return ["key" => $userPubkey, "status" => $keystatus, "fingerprint" => $key_fingerprint];
}
public function decrypt($string)
{
$user = new User();
$gpg = new gnupg();
$gpg->adddecryptkey($user->getPrivatekey());
$decryptedString = $gpg->decrypt($string);
return $decryptedString;
}
/**
* @param string $fingerprint
* @throws ConfigurationException
*/
public function __construct($fingerprint)
{
$gpg = new \gnupg();
if (!$gpg->addencryptkey($fingerprint)) {
throw ConfigurationException::failedToAddEncryptKey($fingerprint, $gpg->geterror());
}
if (!$this->addencryptkey($fingerprint)) {
throw ConfigurationException::failedToAddEncryptKey($fingerprint, $this->geterror());
}
$this->ability |= EncryptionAbility::ENCRYPT;
}
public function encryptSecret($public_key)
{
// Set GnuPG homedir to /tmp
putenv("GNUPGHOME=/tmp");
// Create new GnuPG instance
$gpg = new gnupg();
// Import given public key
$key = $gpg->import($public_key);
// Add imported key for encryption
$gpg->addencryptkey($key['fingerprint']);
// Encrypt the secret to a PGP message
$enc = $gpg->encrypt($this->secret);
// Clear the encryption key
$gpg->clearencryptkeys();
// Return the PGP message
return $enc;
}
public function downloadPackageWithValidation(SignatureStruct $signatureStruct)
{
$result = $this->fetchUrl($signatureStruct->getDownloadUrl());
$fileContent = $result->getBody()->getContents();
$sha256 = hash('sha256', $fileContent);
if ($sha256 !== $signatureStruct->getSha256()) {
throw new \Exception("sha256 hash does not match. download has '{$sha256}', storage has '{$signatureStruct->getSha256()}'");
}
$gpg = new \gnupg();
$result = $gpg->verify($fileContent, $signatureStruct->getSignature());
var_dump($result);
if ($result !== false) {
echo "\nResult is not false, so signature seems to be valid\n";
$keyinfo = $gpg->keyinfo($result[0]['fingerprint'])[0];
var_dump($keyinfo['uids'][0]);
if ($keyinfo['disabled'] || $keyinfo['expired'] || $keyinfo['revoked']) {
echo PHP_EOL . 'WARNING';
echo PHP_EOL . '$keyinfo[\'disabled\'] || $keyinfo[\'expired\'] || $keyinfo[\'revoked\']' . PHP_EOL . PHP_EOL;
}
} else {
echo "\n################## ERROR ################\nomething went wrong\n";
}
/*
$process = new Process('gpg --verify --batch -a');
$process->setInput(
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
".
$fileContent.
PHP_EOL.
$signatureStruct->getSignature()
);
$process->run();
$error = $process->getErrorOutput();
$output = $process->getOutput();
echo $error;
echo $output;
*/
}
/**
* Sets the opengpg_publickey for users having a public key
*
* @param ElggObject $item
* @return bool
*/
function elggpg_2012022501($user)
{
// it is necessary to load the gpg library to make sure gpg path is set.
global $MIGRATED;
$MIGRATED += 1;
if ($MIGRATED % 100 == 0) {
error_log(" * elggpg {$user->guid}");
}
elgg_load_library('elggpg');
$user_fp = current(elgg_get_metadata(array('guid' => $user->guid, 'metadata_name' => 'openpgp_publickey')));
$gnupg = new gnupg();
if (!$user_fp && $user->email) {
try {
$info = $gnupg->keyinfo($user->email);
$fingerprint = $info[0]['subkeys'][0]['fingerprint'];
if ($fingerprint) {
create_metadata($user->guid, "openpgp_publickey", $fingerprint, 'text', $user->guid, ACCESS_LOGGEDIN);
}
} catch (Exception $e) {
// no encryption key
}
}
return true;
}
* @subpackage oscour
* @version $Revision:$
* @author SARL OpenXtrem
* @license OXPL
*/
global $m;
CCanDo::checkAdmin();
$module = CValue::get("module");
$file = isset($_FILES['import']) ? $_FILES['import'] : null;
$fingerprint = $keydata = null;
if ($file) {
$keydata = file_get_contents($file['tmp_name']);
if ($module) {
$path = CAppUI::conf("{$module} gnupg_path");
}
$gpg = new gnupg();
if ($module && $path) {
putenv("HOME={$path}");
}
$gpg->seterrormode(gnupg::ERROR_EXCEPTION);
try {
$info = $gpg->import($keydata);
} catch (Exception $e) {
mbTrace($e->getMessage());
}
if (array_key_exists("fingerprint", $info)) {
$fingerprint = $info['fingerprint'];
}
}
// Création du template
$smarty = new CSmartyDP();
/**
* new gnupg object
*
* @return object
*/
function new_gnupg() {
/** @noinspection PhpUndefinedClassInspection */
$gnupg = new gnupg();
putenv('GNUPGHOME='.GNUPGHOME);
if (DEBUG) {
/** @noinspection PhpUndefinedMethodInspection PhpUndefinedConstantInspection */
$gnupg->seterrormode(GNUPG_ERROR_WARNING);
}
return $gnupg;
}
function elggpg_encrypt($body, $user, $force = true)
{
$already_encrypted = strpos($body, "-----BEGIN PGP MESSAGE-----") !== false;
try {
if (!$already_encrypted) {
$gpg = new gnupg();
$gpg->addencryptkey($user->openpgp_publickey);
if ($encrbody = $gpg->encrypt($body)) {
$body = $encrbody;
} elseif ($force) {
return false;
}
}
} catch (Exception $e) {
if ($force) {
return false;
}
}
return $body;
}
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
if ($userPubkey != "" && $userPubkey != "None") {
// GPG login
$rawChallenge = generateString(GPG_CHALLENGE_SIZE);
$_SESSION['LOGIN_ST2_RAW_CHALLENGE'] = $rawChallenge;
$_SESSION['LOGIN_ST2_LOGINDATA'] = serialize($loginhandler);
putenv('GNUPGHOME=/tmp');
// Encrypt challenge using user's public key
$gpg = new gnupg();
// Set error mode to exception
$gpg->seterrormode(gnupg::ERROR_WARNING);
// Import user's pubkey
$gpgImportInfo = $gpg->import($userPubkey);
if ($gpgImportInfo == false || $gpgImportInfo['fingerprint'] == "") {
error($lang->error_invalidgpg);
}
// Add encryption key
$gpgAddKey = $gpg->addencryptkey($gpgImportInfo['fingerprint']);
$encryptedChallenge = $gpg->encrypt($rawChallenge);
$plugins->add_hook("member_do_login_end", "add_gpg_vars");
function add_gpg_vars()
{
global $encryptedChallenge, $rawChallenge, $redirectUrl, $mybb;
$redirectUrl = $mybb->input['url'];
/**
* Dataflow 11
*/
public function exportPresenterData()
{
ini_set('memory_limit', '4000M');
ini_set("max_execution_time", 9000);
$this->out('Exporting Presenter Data');
$this->SystemSetting = ClassRegistry::init('SystemSetting');
$this->Presenter = ClassRegistry::init('Presenter');
$this->PresenterDocuments = ClassRegistry::init('PresenterDocuments');
$this->User = ClassRegistry::init('User');
$this->Address = ClassRegistry::init('Address');
$this->Email = ClassRegistry::init('Email');
$this->Phone = ClassRegistry::init('Phone');
$this->PresenterSite = ClassRegistry::init('PresenterSite');
$this->PresenterType = ClassRegistry::init('PresenterType');
// reads for replicated
$this->Presenter->useDbConfig = "replicated";
$this->User->useDbConfig = "replicated";
$this->Address->useDbConfig = "replicated";
$this->Email->useDbConfig = "replicated";
$this->PresenterDocuments->useDbConfig = "replicated";
$this->PresenterType->useDbConfig = "replicated";
$this->Phone->useDbConfig = "replicated";
$this->PresenterSite->useDbConfig = "replicated";
$db = ConnectionManager::getDataSource('default');
$result = $db->query("Select date_sub(now(), interval 2 second) as timestamp");
$two_seconds_ago = $result[0][0]["timestamp"];
$folder = "dataflow11";
$aes_key = md5(Configure::read('aesKey'));
// get timestamp
$last_time = $this->SystemSetting->getSystemSetting('netsuite_presenter_df', date('Y-m-d H:i:s'));
$last_time_ranks = $this->SystemSetting->getSystemSetting('netsuite_presenter_df', date('Y-m-d H:i:s'));
$this->out('From ' . $last_time . ' To ' . $two_seconds_ago, 1, Shell::VERBOSE);
// check presenter auditdate
$presenters = $this->Presenter->find('list', ['fields' => ['id'], 'conditions' => ['_auditdate >' => $last_time, '_auditdate <=' => $two_seconds_ago, 'presenter_status_id >' => PresenterStatus::PENDING_ERRORS]]);
$this->out('Found ' . count($presenters) . ' Presenters', 1, Shell::VERBOSE);
// check users
$users = $this->User->query("\n\t\t\t\tSELECT p.id\n\t\t\t\tFROM users u\n\t\t\t\tJOIN presenters p on p.user_id = u.id\n\t\t\t\tWHERE u._auditdate > '{$last_time}'\n\t\t\t\t\tAND u._auditdate <= '{$two_seconds_ago}'\n\t\t\t\t\tAND p.presenter_status_id > " . PresenterStatus::PENDING_ERRORS . "\n\t\t\t");
$user_count = 0;
foreach ($users as $key => $value) {
if (!array_key_exists($value['p']['id'], $presenters)) {
$presenters[$value['p']['id']] = $value['p']['id'];
$user_count++;
}
}
unset($users);
$this->out('Added ' . $user_count . ' Users', 1, Shell::VERBOSE);
// check documents
$docs = $this->PresenterDocuments->find('all', ['conditions' => ['date_received >' => $last_time, 'date_received <=' => $two_seconds_ago]]);
$doc_count = 0;
foreach ($docs as $key => $value) {
if (!array_key_exists($value['PresenterDocuments']['presenter_id'], $presenters)) {
$presenters[$value['PresenterDocuments']['presenter_id']] = $value['PresenterDocuments']['presenter_id'];
$doc_count++;
}
}
unset($docs);
$this->out('Added ' . $doc_count . ' Docs', 1, Shell::VERBOSE);
//check address
$addresses = $this->Address->query("\n\t\t\t\tSELECT DISTINCT p.id\n\t\t\t\tFROM addresses a\n\t\t\t\tJOIN users u on a.user_id = u.id\n\t\t\t\tJOIN presenters p on p.user_id = u.id\n\t\t\t\tWHERE a._auditdate > '{$last_time}'\n\t\t\t\t\tAND a._auditdate <= '{$two_seconds_ago}'\n\t\t\t\t\tAND p.presenter_status_id > " . PresenterStatus::PENDING_ERRORS . "\n\t\t\t");
$address_count = 0;
foreach ($addresses as $key => $value) {
if (!array_key_exists($value['p']['id'], $presenters)) {
$presenters[$value['p']['id']] = $value['p']['id'];
$address_count++;
}
}
unset($addresses);
$this->out('Added ' . $address_count . ' Addresses', 1, Shell::VERBOSE);
// check presenter types
$today = new DateTime();
// if ($today->format('d') == 6 && )
$this_month = new DateTime('first day of this month 00:00:00');
$this_yearmonth = $this_month->format('Ym');
$last_month = new DateTime('first day of last month 00:00:00');
$last_yearmonth = $last_month->format('Ym');
// $ranks = $this->PresenterType->getChanges($last_yearmonth, $this_yearmonth);
$this->out('Total ' . count($presenters), 1, Shell::VERBOSE);
// get the data on each presenter matched
$presenter_chunks = array_chunk($presenters, 1000, TRUE);
unset($presenters);
$this->out('Chunked results into ' . count($presenter_chunks) . " chunks", 1, Shell::VERBOSE);
foreach ($presenter_chunks as $index => $chunk) {
$this->out('Processing chunk ' . $index, 1, Shell::VERBOSE);
$results = [];
foreach ($chunk as $presenter) {
$p_data = $this->Presenter->query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tid,\n\t\t\t\t\t\t\tuser_id,\n\t\t\t\t\t\t\tpresenter_sequence_id,\n\t\t\t\t\t\t\tsponsor_id,\n\t\t\t\t\t\t\t IF(government_id IS NOT NULL AND government_id != '',\n\t\t\t\t\t\t\t\tgovernment_id,\n\t\t\t\t\t\t\t\tCAST(AES_DECRYPT(government_id_encrypted, '{$aes_key}')AS CHAR (50))) as government_id,\n\t\t\t\t\t\t\tmarket_id,\n\t\t\t\t\t\t\tconsent_to_agreements,\n\t\t\t\t\t\t\tterminated_date,\n\t\t\t\t\t\t\tpresenter_status_id,\n\t\t\t\t\t\t\tnickname,\n\t\t\t\t\t\t\ttax_exempt,\n\t\t\t\t\t\t\texempt_reasoncode,\n\t\t\t\t\t\t\tdefault_locale\n\t\t\t\t\t\tFROM presenters\n\t\t\t\t\t\t WHERE id = {$presenter};\n\t\t\t\t\t");
$user_id = $p_data[0]['presenters']['user_id'];
$presenter_id = $p_data[0]['presenters']['id'];
$u_data = $this->User->find('first', ['conditions' => ['id' => $user_id], 'fields' => ['first_name', 'last_name', 'date_of_birth']]);
$main_address_data = $this->Address->find('first', ['conditions' => ['user_id' => $user_id, 'address_type_id' => Address::TYPE_MAIN], 'fields' => ['address1', 'address2', 'address3', 'city', 'state_id', 'postal_code', 'country_id', 'address_type_id'], 'order' => 'id DESC']);
$shipping_address_data = $this->Address->find('first', ['conditions' => ['user_id' => $user_id, 'address_type_id' => Address::TYPE_SHIPPING], 'fields' => ['address1', 'address2', 'address3', 'city', 'state_id', 'postal_code', 'country_id', 'address_type_id'], 'order' => 'id DESC']);
$main_email_data = $this->Email->find('first', ['conditions' => ['user_id' => $user_id, 'email_type_id' => EmailType::MAIN], 'fields' => ['email'], 'order' => 'id DESC']);
$royalty_email_data = $this->Email->find('first', ['conditions' => ['user_id' => $user_id, 'email_type_id' => EmailType::ROYALTIES], 'fields' => ['email'], 'order' => 'id DESC']);
$ph_data = $this->Phone->find('first', ['conditions' => ['user_id' => $user_id, 'phone_type_id' => Phone::MAIN], 'fields' => ['phone'], 'order' => 'id DESC']);
$site_data = $this->PresenterSite->find('first', ['conditions' => ['presenter_id' => $presenter_id], 'fields' => ['site_url'], 'order' => 'id DESC']);
$doc_data = $this->PresenterDocuments->find('all', ['conditions' => ['presenter_id' => $presenter_id]]);
foreach ($doc_data as $value) {
$doc_data = [];
$doc_data[] = ['document_id' => $value['PresenterDocuments']['document_id'], 'date_received' => $value['PresenterDocuments']['date_received']];
}
$presenter_type = $this->PresenterType->getRecognizedStatus($presenter_id);
// put it all together
$gpg = new gnupg();
$import = $gpg->import(NETSUITE_PGP_KEY);
$gpg->addencryptkey($import['fingerprint']);
$enc = $gpg->encrypt($p_data[0][0]['government_id']);
$result = ['presenter' => ["id" => (int) $p_data[0]['presenters']['id'], "presenter_sequence_id" => (int) $p_data[0]['presenters']['presenter_sequence_id'], "sponsor_id" => (int) $p_data[0]['presenters']['sponsor_id'], "market_id" => (int) $p_data[0]['presenters']['market_id'], "government_id" => $enc, "consent_to_agreements" => $p_data[0]['presenters']['consent_to_agreements'], "terminated_date" => $p_data[0]['presenters']['terminated_date'], "presenter_status_id" => (int) $p_data[0]['presenters']['presenter_status_id'], "nickname" => $p_data[0]['presenters']['nickname'], "tax_exempt" => $p_data[0]['presenters']['tax_exempt'], "exempt_reasoncode" => $p_data[0]['presenters']['exempt_reasoncode'], "default_locale" => $p_data[0]['presenters']['default_locale'], "presenter_rank" => $presenter_type['name']], 'user' => ['first_name' => $u_data['User']['first_name'], 'last_name' => $u_data['User']['last_name'], 'date_of_birth' => $u_data['User']['date_of_birth']], 'addresses' => [["address1" => $main_address_data['Address']['address1'], "address2" => $main_address_data['Address']['address2'], "address3" => $main_address_data['Address']['address3'], "city" => $main_address_data['Address']['city'], "state" => (int) $main_address_data['Address']['state_id'], "postal_code" => $main_address_data['Address']['postal_code'], "country" => (int) $main_address_data['Address']['country_id'], "address_type_id" => Address::TYPE_MAIN], ["address1" => $shipping_address_data['Address']['address1'], "address2" => $shipping_address_data['Address']['address2'], "address3" => $shipping_address_data['Address']['address3'], "city" => $shipping_address_data['Address']['city'], "state" => (int) $shipping_address_data['Address']['state_id'], "postal_code" => $shipping_address_data['Address']['postal_code'], "country" => (int) $shipping_address_data['Address']['country_id'], "address_type_id" => Address::TYPE_SHIPPING]], 'emails' => [['email_type_id' => EmailType::MAIN, 'email' => $main_email_data['Email']['email']], ['email_type_id' => EmailType::ROYALTIES, 'email' => $royalty_email_data['Email']['email']]], 'phones' => [['phone_type_id' => PhoneType::MAIN, 'phone' => $ph_data['Phone']['phone']]], 'site_url' => $site_data['PresenterSite']['site_url'], 'presenter_documents' => $doc_data];
$results[] = $result;
}
$this->client->putObject(array('Bucket' => AWS_NETSUITE_SENDING_BUCKET, 'Key' => $folder . DS . 'tmp' . DS . $folder . '_' . time() . '.json', 'Body' => json_encode($results)));
$this->out('File uploaded', 1, Shell::VERBOSE);
//break;
}
// update the setting
$this->SystemSetting->getDataSource()->reconnect();
$this->SystemSetting->saveSetting('netsuite_presenter_df', $two_seconds_ago);
$this->out('System Setting updated', 1, Shell::VERBOSE);
}
}
return $randomString;
}
$rawChallenge = generateString(64);
$_SESSION['LOGIN_ST2_RAW_CHALLENGE'] = $rawChallenge;
$_SESSION['LOGIN_ST2_LOGINDATA'] = serialize($loginhandler);
//
$query = $db->simple_select("users", "uid", "username='******'");
$userid = $db->fetch_field($query, "uid");
$query = $db->query("SELECT fid4 FROM mybb_userfields WHERE ufid=1");
$userPubkey = $db->fetch_field($query, "fid4");
if ($userPubkey == "" || $userPubkey == "None") {
error($lang->error_missinggpg);
}
// Encrypt challenge using user's public key
$gpg = new gnupg();
// Import user's pubkey
$gpgImportInfo = $gpg->import($userPubkey);
// Add encryption key
$gpgAddKey = $gpg->addencryptkey($gpgImportInfo['fingerprint']);
$encryptedChallenge = $gpg->encrypt($rawChallenge);
$plugins->add_hook("member_do_login_end", "add_gpg_vars");
function add_gpg_vars()
{
global $encryptedChallenge, $rawChallenge, $redirectUrl, $mybb;
$redirectUrl = $mybb->input['url'];
}
$plugins->run_hooks("member_do_login_end");
// GO TO STEP 2
eval("\$login = \"" . $templates->get("member_login_gpg") . "\";");
output_page($login);
/**
* GnuPG decrypt and verify a message using the recipient private key
* Returns an array in the format: array (0 => $message, 1 => $signatures)
* http://devzone.zend.com/article/3753-Using-GnuPG-with-PHP
* NOTE: GnuPG must be installed and configured with PHP.
* The recipient must be in your private key ring
* @param string $recipient Recipient Indentity (e.g. email address)
* @param string $recipientKey Recipient Secret Key
* @param string $message Message to decrypt
* @return array
*/
public static function _verifyGnuPG($recipient, $recipientKey, $message)
{
// Create new GnuPG object
$gpg = new \gnupg();
// Set error mode
$gpg->seterrormode(\gnupg::ERROR_EXCEPTION);
// Add the recipient decryption key
$gpg->adddecryptkey($recipient, $recipientKey);
// Set decrpyted string
$decrypted = '';
// Set decrypted and verification data
$return[1] = $gpg->decryptverify($message, $decrypted);
// For each signature
foreach ($return[1] as $key => &$signature) {
// Get further user data
$signature['user'] = $gpg->keyinfo($signature['fingerprint']);
}
// Add decrypted data to return array
$return[0] = $decrypted;
// Return decryption data
return $return;
}
public static function isSigned($message)
{
$pattern = "/^-----BEGIN PGP SIGNED MESSAGE-----(.*)-----END PGP SIGNATURE-----\$/s";
if (preg_match($pattern, $message)) {
$gpg = new gnupg();
$plaintext = "";
$info = $gpg->verify($message, false, $plaintext);
return $info ? $plaintext : false;
} else {
return false;
}
}
/**
* @param string $serverEncryptKey
* @param string $serverSignKey
* @throws EncryptionException
*/
private function init($serverEncryptKey = null, $serverSignKey = null)
{
$token = $this->sc->getToken();
if ($token instanceof TokenInterface && $token->getUser() instanceof GnuPGUserInterface) {
$encryptKey = $token->getUser()->getPublicGnuPGKeyFingerprint() ?: $serverEncryptKey;
$signKey = $token->getUser()->getPublicSignGnuPGKeyFingerprint() ?: $serverSignKey;
} else {
$encryptKey = $serverEncryptKey;
$signKey = $serverSignKey;
}
$this->gpg = new \gnupg();
if (!is_null($encryptKey)) {
$this->gpg->addencryptkey($encryptKey);
$this->ability |= EncryptionAbility::ENCRYPT;
}
if (!is_null($signKey)) {
$this->gpg->addsignkey($signKey);
$this->ability |= EncryptionAbility::SIGN;
}
if (EncryptionAbility::NONE === $this->ability) {
throw EncryptionException::missingConfiguration();
}
}
public function encrypt_and_sign_message($recipient_key_id, $plaintext, $signer_key_id, $passphrase)
{
$this->set_env();
try {
$gpg = new gnupg();
// throw exception if error occurs
$gpg->seterrormode(gnupg::ERROR_EXCEPTION);
$gpg->addencryptkey($recipient_key_id);
$gpg->addsignkey($signer_key_id, $passphrase);
$cipher_text = $gpg->encryptsign($plaintext);
$this->restore_env();
return $cipher_text;
} catch (Exception $e) {
// restore the envelope
$this->restore_env();
// re-throw the exception
throw $e;
}
}
<?php
// new class
$gnupg = new gnupg();
// not really needed. Clearsign is default
$gnupg->setsignmode(gnupg::SIG_MODE_CLEAR);
// add key with passphrase 'test' for signing
$gnupg->addsignkey("8660281B6051D071D94B5B230549F9DC851566DC", "test");
// sign
$signed = $gnupg->sign("just a test");
echo $signed;