From c75eb5eb0385cc12aef221d2a19a297ea0f923d2 Mon Sep 17 00:00:00 2001
From: Joshua Ramon Enslin <joshua@museum-digital.de>
Date: Sun, 15 Nov 2020 05:42:31 +0100
Subject: [PATCH] Use PHP's gnupg extension for encrypting mail

---
 src/MDMailerHelper.php | 33 +++++++++++++++++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/src/MDMailerHelper.php b/src/MDMailerHelper.php
index 03943b1..2ca1bf1 100644
--- a/src/MDMailerHelper.php
+++ b/src/MDMailerHelper.php
@@ -12,7 +12,6 @@ use PHPMailer\PHPMailer\Exception;
  * Class containing static functions for an easier handling of mails.
  */
 final class MDMailerHelper {
-
     /**
      * PGP-encrypts a message to a given email address.
      *
@@ -23,9 +22,40 @@ final class MDMailerHelper {
      */
     public static function pgp_encrypt(string $to, string $msg):string {
 
+        $gpg = new gnupg();
+        $gpg->seterrormode(gnupg::ERROR_EXCEPTION);
+
+        if (empty($recipients = $gpg->keyinfo($to))) {
+            throw new \Exception("Cannot retrieve public key of recipient for GPG encryption");
+        }
+
+        foreach ($recipients as $recipient) {
+            $recipient_fingerprint = $recipient["subkeys"][0]["fingerprint"];
+
+            if (empty($recipient = $gpg->addencryptkey($recipient_fingerprint))) {
+                throw new \Exception("Cannot set public key of recipient for GPG encryption");
+            }
+
+        }
+
+        if (($gpg->addsignkey(MD_CONF_EMAIL::PGP_ENC_KEY)) === false) {
+            throw new \Exception("Cannot set private key for GPG encryption");
+        }
+
+        if (($msg = $gpg->encrypt($msg)) === false) {
+            throw new \Exception("Failed to sign and encrypt the message");
+        }
+
+        return $msg;
+
+        /*
+        echo shell_exec("gpg --list-keys 2>&1");
+        echo shell_exec("echo " . escapeshellarg($msg) . " | gpg --always-trust --homedir " . escapeshellarg(MD_CONF_EMAIL::PGP_HOMEDIR) . " --recipient " . escapeshellarg($to) . " --encrypt --armor --local-user " . escapeshellarg(MD_CONF_EMAIL::PGP_ENC_KEY) . " --sign 2>&1");
+        exit;
         $msg = shell_exec("echo " . escapeshellarg($msg) . " | gpg --always-trust --homedir " . escapeshellarg(MD_CONF_EMAIL::PGP_HOMEDIR) . " --recipient " . escapeshellarg($to) . " --encrypt --armor --local-user " . escapeshellarg(MD_CONF_EMAIL::PGP_ENC_KEY) . " --sign");
         if ($msg === null) return "Error encrypting message";
         return $msg;
+         */
 
     }
 
@@ -55,5 +85,4 @@ final class MDMailerHelper {
         return $mail;
 
     }
-
 }