[securemail] Upgrade Composer dependencies to fix PHP8 issue

- Upgrading phpseclib/phpseclib (2.0.4 => 2.0.34)
- Upgrading singpolyma/openpgp-php (0.3.0 => 0.5.0)

securemail/vendor/singpolyma/openpgp-php/examples/README.md

@@ -0,0 +1,22 @@
+OpenPGP.php Examples
+====================
+
+The scripts in this folder show how to use this library to perform various tasks
+such as [generating a new key](keygen.php), [signing a message](sign.php), and
+[verifying a message](verify.php) that has been signed.
+
+To use these examples, make sure [`phpseclib`](http://phpseclib.sourceforge.net/) is available. You can install it
+using [Composer](https://getcomposer.org/):
+
+```sh
+git clone https://github.com/singpolyma/openpgp-php.git # Clone the repository.
+cd openpgp-php
+composer install # Use Composer to install the requirements.
+```
+
+Once Composer has installed the requirements, run the examples using PHP:
+
+```sh
+# Generate a new OpenPGP key; see the `keygen.php` file for parameters.
+php ./examples/keygen.php > mykey.gpg
+```

securemail/vendor/singpolyma/openpgp-php/examples/armorEncryptSignCompress.php

@@ -0,0 +1,21 @@
+<?php
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
+require_once dirname(__FILE__).'/../lib/openpgp.php';
+require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
+
+$recipientPublicKey = OpenPGP_Message::parse(OpenPGP::unarmor(file_get_contents('public.asc'), 'PGP PUBLIC KEY BLOCK'));
+
+$encryptedPrivateKey = OpenPGP_Message::parse(OpenPGP::unarmor(file_get_contents('sekret.asc'), 'PGP PRIVATE KEY BLOCK'));
+$privateKeyPassphrase = 'test';
+$key = OpenPGP_Crypt_Symmetric::decryptSecretKey($privateKeyPassphrase, $encryptedPrivateKey[0]);
+
+$signer = new OpenPGP_Crypt_RSA($key);
+$data = new OpenPGP_LiteralDataPacket("some text\n", ['format' => 'u']);
+$signed = $signer->sign($data);
+
+$compressed = new OpenPGP_CompressedDataPacket($signed);
+$encrypted = OpenPGP_Crypt_Symmetric::encrypt([$recipientPublicKey, $key], new OpenPGP_Message([$compressed]));
+
+echo OpenPGP::enarmor($encrypted->to_bytes(), 'PGP MESSAGE');
+
+

securemail/vendor/singpolyma/openpgp-php/examples/clearsign.php

@@ -1,5 +1,6 @@
 <?php
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 
@@ -27,5 +28,3 @@ echo "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n";
 // trailing whitespace to lines.
 echo preg_replace("/^-/", "- -",  $packets[0]->data)."\n";
 echo OpenPGP::enarmor($packets[1][0]->to_bytes(), "PGP SIGNATURE");
-
-?>

securemail/vendor/singpolyma/openpgp-php/examples/deASCIIdeCrypt.php

@@ -3,6 +3,7 @@
 // USAGE: php examples/deASCIIdeCrypt.php secretkey.asc password message.asc
 // This will fail if the algo on key or message is not 3DES or AES
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_symmetric.php';

securemail/vendor/singpolyma/openpgp-php/examples/encryptDecrypt.php

@@ -1,5 +1,6 @@
 <?php
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_symmetric.php';

securemail/vendor/singpolyma/openpgp-php/examples/keygen.php

@@ -1,5 +1,6 @@
 <?php
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 

securemail/vendor/singpolyma/openpgp-php/examples/keygenEncrypted.php

@@ -0,0 +1,28 @@
+<?php
+
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
+require_once dirname(__FILE__).'/../lib/openpgp.php';
+require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
+require_once dirname(__FILE__).'/../lib/openpgp_crypt_symmetric.php';
+
+$rsa = new \phpseclib\Crypt\RSA();
+$k = $rsa->createKey(512);
+$rsa->loadKey($k['privatekey']);
+
+$nkey = new OpenPGP_SecretKeyPacket(array(
+   'n' => $rsa->modulus->toBytes(),
+   'e' => $rsa->publicExponent->toBytes(),
+   'd' => $rsa->exponent->toBytes(),
+   'p' => $rsa->primes[2]->toBytes(),
+   'q' => $rsa->primes[1]->toBytes(),
+   'u' => $rsa->coefficients[2]->toBytes()
+));
+
+$uid = new OpenPGP_UserIDPacket('Test <test@example.com>');
+
+$wkey = new OpenPGP_Crypt_RSA($nkey);
+$m = $wkey->sign_key_userid(array($nkey, $uid));
+$m[0] = OpenPGP_Crypt_Symmetric::encryptSecretKey("password", $nkey);
+
+// Serialize encrypted private key
+print $m->to_bytes();

securemail/vendor/singpolyma/openpgp-php/examples/keygenSubkeys.php

@@ -0,0 +1,116 @@
+<?php
+
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
+require_once dirname(__FILE__).'/../lib/openpgp.php';
+require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
+
+// Key length: 512, 1024, 2048, 3072, 4096
+$key_length = 512;
+
+// Generate a master signing key
+
+$rsa = new \phpseclib\Crypt\RSA();
+$k = $rsa->createKey($key_length);
+$rsa->loadKey($k['privatekey']);
+
+$nkey = new OpenPGP_SecretKeyPacket(array(
+	'n' => $rsa->modulus->toBytes(),
+	'e' => $rsa->publicExponent->toBytes(),
+	'd' => $rsa->exponent->toBytes(),
+	'p' => $rsa->primes[2]->toBytes(),
+	'q' => $rsa->primes[1]->toBytes(),
+	'u' => $rsa->coefficients[2]->toBytes()
+));
+
+// Start assembling packets for our eventual OpenPGP_Message
+$packets = array($nkey);
+
+$wkey = new OpenPGP_Crypt_RSA($nkey);
+$fingerprint = $wkey->key()->fingerprint;
+$key = $wkey->private_key();
+$key->setHash('sha256');
+$keyid = substr($fingerprint, -16);
+
+// Add multiple UID packets and signatures
+
+$uids = array(
+	new OpenPGP_UserIDPacket('Support', '', 'support@example.com'),
+	new OpenPGP_UserIDPacket('Security', '', 'security@example.com'),
+);
+
+foreach($uids as $uid) {
+	// Append the UID packet
+	$packets[] = $uid;
+	
+	$sig = new OpenPGP_SignaturePacket(new OpenPGP_Message(array($nkey, $uid)), 'RSA', 'SHA256');
+	$sig->signature_type = 0x13;
+	$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x01 | 0x02)); // Certify + sign bits
+	$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid);
+	$m = $wkey->sign_key_userid(array($nkey, $uid, $sig));
+	
+	// Append the UID signature from the master key
+	$packets[] = $m->packets[2];
+}
+
+// Generate an encryption subkey
+
+$rsa_subkey = new \phpseclib\Crypt\RSA();
+$sub_k = $rsa_subkey->createKey($key_length);
+$rsa_subkey->loadKey($sub_k['privatekey']);
+
+$subkey = new OpenPGP_SecretSubkeyPacket(array(
+	'n' => $rsa_subkey->modulus->toBytes(),
+	'e' => $rsa_subkey->publicExponent->toBytes(),
+	'd' => $rsa_subkey->exponent->toBytes(),
+	'p' => $rsa_subkey->primes[2]->toBytes(),
+	'q' => $rsa_subkey->primes[1]->toBytes(),
+	'u' => $rsa_subkey->coefficients[2]->toBytes()
+));
+
+// Append the encryption subkey
+$packets[] = $subkey;
+
+$sub_wkey = new OpenPGP_Crypt_RSA($subkey);
+
+/*
+ * Sign the encryption subkey with the master key
+ *
+ * OpenPGP_SignaturePacket assumes any message starting with an
+ * OpenPGP_PublicKeyPacket is followed by a OpenPGP_UserIDPacket. We need
+ * to pass `null` in the constructor and generate the `->data` ourselves.
+ */
+$sub_sig = new OpenPGP_SignaturePacket(null, 'RSA', 'SHA256');
+$sub_sig->signature_type = 0x18;
+$sub_sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_SignatureCreationTimePacket(time());
+$sub_sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x0C)); // Encrypt bits
+$sub_sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid);
+$sub_sig->data = implode('', $nkey->fingerprint_material()) . implode('', $subkey->fingerprint_material());
+$sub_sig->sign_data(array('RSA' => array('SHA256' => function($data) use($key) {return array($key->sign($data));})));
+
+// Append the subkey signature
+$packets[] = $sub_sig;
+
+// Build the OpenPGP_Message for the secret key from our packets
+$m = new OpenPGP_Message($packets);
+
+// Serialize the private key
+print $m->to_bytes();
+
+// Clone a public key message from the secret key
+$pubm = clone($m);
+
+// Convert the private key packets to public so we only export public data
+// (n+e in RSA)
+foreach($pubm as $idx => $p) {
+	if($p instanceof OpenPGP_SecretSubkeyPacket) {
+		$pubm[$idx] = new OpenPGP_PublicSubkeyPacket($p);
+	} else if($p instanceof OpenPGP_SecretKeyPacket) {
+		$pubm[$idx] = new OpenPGP_PublicKeyPacket($p);
+	}
+}
+
+// Serialize the public key
+$public_bytes = $pubm->to_bytes();
+
+// Note: If using PHP 7.4 CLI, disable deprecated warnings:
+// php -d error_reporting="E_ALL & ~E_DEPRECATED" examples/keygenSubkeys.php > mykey.gpg

securemail/vendor/singpolyma/openpgp-php/examples/sign.php

@@ -1,5 +1,6 @@
 <?php
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 
@@ -18,5 +19,3 @@ $m = $sign->sign($data);
 
 /* Output the raw message bytes to STDOUT */
 echo $m->to_bytes();
-
-?>

securemail/vendor/singpolyma/openpgp-php/examples/verify.php

@@ -1,5 +1,6 @@
 <?php
 
+@include_once dirname(__FILE__).'/../vendor/autoload.php';
 require_once dirname(__FILE__).'/../lib/openpgp.php';
 require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
 
@@ -14,5 +15,3 @@ $verify = new OpenPGP_Crypt_RSA($wkey);
 
 /* Dump verification information to STDOUT */
 var_dump($verify->verify($m));
-
-?>