. * *************************************************************/ // check that data has arrived here via HTTPS if ($_SERVER['HTTPS'] != "on") { die ("Use a secure HTTPS connection to the server. Aborting ..."); } if (! is_file("gpgconfig.php")){ die ("Config file does not exist."); } require_once('gpgconfig.php'); if (! isset($DATADIR)){ $DATADIR = "/none"; $FILESDIR = "/none"; } // use GET only when filename is given if (strtoupper($_SERVER['REQUEST_METHOD']) != "POST") { //check if there is a query string, then abort except if files are to be handled. if (count($_GET) != 0){ if ($INPUT != 'file'){ die ("Always use POST to prevent recording of query strings. Aborting ..."); } else { if (isset($_REQUEST['file'])){ // touch legitimate files only ! if (isset($USERID)) { $FILESDIR = $DATADIR ."/". $USERID; } else { $FILESDIR = $GPGDIR."/data"; } $RELATIVEFILE = checkinput($_REQUEST['file'],"noscript"); $FILE = $FILESDIR ."/". $RELATIVEFILE; $FILE = str_replace('//','/',$FILE); $FILE = str_replace('../','xxx',$FILE); } else { $FILE = "/none"; } } } } else { if (isset($_REQUEST['file'])) { // touch legitimate files only ! if (isset($USERID)) { $FILESDIR = $DATADIR ."/". $USERID; } else { $FILESDIR = $GPGDIR."/data"; } $RELATIVEFILE = checkinput($_REQUEST['file'],"noscript"); $FILE = $FILESDIR ."/". $RELATIVEFILE; $FILE = str_replace('//','/',$FILE); $FILE = str_replace('../','xxx',$FILE); } } if (! isset($RELATIVEFILE)){ $RELATIVEFILE = "/none"; } if (! is_dir($GPGDIR)){ die ("GPG directory $GPGDIR does not exist."); } else { $ERRORFILE = $GPGDIR."/gpgerrors"; } $TEXT = ""; if (isset($_REQUEST[$ENCRYPTIONTEXTAREA])) { $TEXT = $_REQUEST[$ENCRYPTIONTEXTAREA]; // quote newlines and " and ' to preserve them $TEXT = addslashes($TEXT); } if (! isset($KEYSELECTION)){ $KEYSELECTION = "no"; } if (! isset($IFRAMENUMBER)){ $IFRAMENUMBER = 0; } if (! isset($SHOWTEXTAREA)){ $SHOWTEXTAREA = "no"; } if (! isset($REPLACEFILE)){ $REPLACEFILE = "no"; } if (isset($_REQUEST['encryptionkey'])){ $ENCRYPTIONKEY = checkinput($_REQUEST['encryptionkey'], "noscript"); } echo "\n"; echo "
\n"; if (isset($ENCRYPTIONKEY) && isset($TEXT) ) { if (strlen($ENCRYPTIONKEY) > 0) { // perform encryption echo "

Encryption with key:
\"".htmlentities($ENCRYPTIONKEY)."\"

\n"; // get a random filename for plain text file and encrypted result // this is necessary to prevent overwriting by other users $rndhandle = fopen("/dev/urandom","r"); $RND = fread($rndhandle,20); fclose($rndhandle); $PLAINTEXT = $GPGDIR."/".sha1($RND); $FILENAME = $PLAINTEXT.".encrypted"; unix("touch ".$FILENAME); if ($INPUT == 'file'){ // encrypt a file unix("touch ".$PLAINTEXT); unix("chmod 600 ".$PLAINTEXT); unix("cp \"".$FILE."\" ".$PLAINTEXT); $SIZE = unix("wc -c ".$PLAINTEXT." | cut -f1 -d' ' "); echo "encrypting ".$SIZE." bytes ..."; $ENC = " /usr/bin/gpg -a --homedir ".$GPGDIR." --cipher-algo AES --yes --logger-file ".$ERRORFILE." --recipient \"".$ENCRYPTIONKEY."\" --always-trust -o ".$FILENAME." -e ".$PLAINTEXT; echo unix($ENC); // destroy content of the plain text file $SIZE = unix("wc -c ".$PLAINTEXT." | cut -f1 -d' ' "); //echo "\nOverwriting ".$SIZE." bytes plain text data\n"; unix("dd if=/dev/zero of=".$PLAINTEXT." bs=1 count=".$SIZE); unix("sync"); unix("rm ".$PLAINTEXT); } else { echo strlen($TEXT)." bytes plain text given"; $ENC = " /usr/bin/gpg -a --homedir ".$GPGDIR." --cipher-algo AES --yes --logger-file ".$ERRORFILE." --recipient \"".$ENCRYPTIONKEY."\" --always-trust -e > ".$FILENAME; unixpipe($ENC,$TEXT); } $handle = fopen($FILENAME, "r"); $RESULT = fread($handle,20000000); fclose($handle); if ($INPUT != 'file'){ unix("rm ".$FILENAME); } // check if encryption is successful $ERR = strpos($RESULT,'BEGIN PGP MESSAGE'); if (! $ERR === false){ echo "

".strlen($RESULT)." bytes encrypted data

"; if ($INPUT != 'file') { if ($SHOWTEXTAREA == "yes"){ $RESULT = "\n\n"; } echo "
\n"; echo "

\n"; echo "    \n\n"; } else { if ($REPLACEFILE == "yes") { unix("cp ".$FILENAME." \"".$FILE."\""); } else { // leave plaintext file intact unix("cp ".$FILENAME." \"".$FILE.".asc\""); } unix("rm ".$FILENAME); echo "\n"; } echo "

version ".$VERSION." powered by Senderek Web Security

"; } else { echo "

Encryption failed.

"; echo "

\n

\n"; } } else { echo "

Encryption failed. Please select a public key

"; echo "

\n

\n"; } } else { echo "

Encryption

\n"; // select a public key from the keyring if (! isset($ENCRYPTIONKEY)) { if ($KEYSELECTION == "yes") { echo "

Please choose one of the following public keys

\n"; $Keys = unix("/usr/bin/gpg --homedir $GPGDIR --list-keys"); $List = explode ("\n", $Keys); if (count($List) < 2 ) { die ("

No keys available. Aborting ...

"); } echo "
\n"; foreach ($List as $Line){ $KEYID = htmlentities(trim(substr($Line,4))); if ( substr_count($Line, "pub ") == 1){ echo ""; } if ( substr_count($Line, "uid ") == 1){ echo "\n"; } } echo "
".$KEYID."".$KEYID."

\n"; if (isset($FILE)){ echo "

\n"; echo "\n"; } else { echo "\n"; } echo "\n"; echo "\n"; if ($INPUT != "file"){ echo "\n"; echo "\n"; echo "\n"; echo "
Key
\n
"; } else { $FNAME = $FILE; if (isset($DATADIR)) { // strip directory name from filename $FNAME = substr($FNAME,strlen($DATADIR)); } echo "
File".$FNAME."
"; } echo "    \n"; echo "
\n"; echo "
\n"; echo "

version ".$VERSION." powered by Senderek Web Security

"; } else { echo "

No encryption key selected. Encryption impossible.

"; echo "

\n"; } } else { echo "

\n"; } } echo "\n
\n"; ?>