From 43497a15c00a993d699759cb010203e3f6564157 Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Wed, 25 Jul 2018 13:38:41 -0500
Subject: [PATCH] Use OpenSSL for CAST5

Mcrypt is deprecated, so use OpenSSL when we can, mcrypt when we can't.
---
 lib/openpgp_crypt_symmetric.php |  5 ++++-
 lib/openpgp_openssl_wrapper.php | 33 ++++++++++++++++++++++++++++++
 tests/phpseclib_suite.php       | 36 ++++++++++++++++++++++++++++++---
 3 files changed, 70 insertions(+), 4 deletions(-)
 create mode 100644 lib/openpgp_openssl_wrapper.php

diff --git a/lib/openpgp_crypt_symmetric.php b/lib/openpgp_crypt_symmetric.php
index ab7804e..997d530 100644
--- a/lib/openpgp_crypt_symmetric.php
+++ b/lib/openpgp_crypt_symmetric.php
@@ -9,6 +9,7 @@ use phpseclib\Crypt\Random;
 require_once dirname(__FILE__).'/openpgp.php';
 @include_once dirname(__FILE__).'/openpgp_crypt_rsa.php';
 @include_once dirname(__FILE__).'/openpgp_mcrypt_wrapper.php';
+@include_once dirname(__FILE__).'/openpgp_openssl_wrapper.php';
 
 class OpenPGP_Crypt_Symmetric {
   public static function encrypt($passphrases_and_keys, $message, $symmetric_algorithm=9) {
@@ -154,7 +155,9 @@ class OpenPGP_Crypt_Symmetric {
         $key_block_bytes = 8;
         break;
       case 3:
-        if(defined('MCRYPT_CAST_128')) {
+        if(class_exists('OpenSSLWrapper')) {
+          $cipher = new OpenSSLWrapper("CAST5-CFB");
+        } else if(defined('MCRYPT_CAST_128')) {
           $cipher = new MCryptWrapper(MCRYPT_CAST_128);
         } else {
           throw new Exception("Unsupported cipher: you must have mcrypt installed to use CAST5");
diff --git a/lib/openpgp_openssl_wrapper.php b/lib/openpgp_openssl_wrapper.php
new file mode 100644
index 0000000..83d5ad6
--- /dev/null
+++ b/lib/openpgp_openssl_wrapper.php
@@ -0,0 +1,33 @@
+<?php
+
+if(function_exists('openssl_encrypt')) {
+  class OpenSSLWrapper {
+    public $cipher, $key, $iv, $key_size, $block_size;
+
+
+    function __construct($cipher) {
+      if($cipher != "CAST5-CFB") throw Exception("OpenSSLWrapper is only used for CAST5 right now");
+
+      $this->cipher = $cipher;
+      $this->key_size = 16;
+      $this->block_size = 8;
+      $this->iv = str_repeat("\0", 8);
+    }
+
+    function setKey($key) {
+      $this->key = $key;
+    }
+
+    function setIV($iv) {
+      $this->iv = $iv;
+    }
+
+    function encrypt($data) {
+      return openssl_encrypt($data, $this->cipher, $this->key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $this->iv);
+    }
+
+    function decrypt($data) {
+      return openssl_decrypt($data, $this->cipher, $this->key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $this->iv);
+    }
+  }
+}
diff --git a/tests/phpseclib_suite.php b/tests/phpseclib_suite.php
index 2517e6e..70b93aa 100644
--- a/tests/phpseclib_suite.php
+++ b/tests/phpseclib_suite.php
@@ -80,7 +80,7 @@ class Decryption extends PHPUnit_Framework_TestCase {
     $this->oneSymmetric("hello", "PGP\n", "symmetric-3des.gpg");
   }
 
-  public function testDecryptCAST5() { // Requires mcrypt
+  public function testDecryptCAST5() { // Requires mcrypt or openssl
     $this->oneSymmetric("hello", "PGP\n", "symmetric-cast5.gpg");
   }
 
@@ -152,13 +152,43 @@ class Decryption extends PHPUnit_Framework_TestCase {
 }
 
 class Encryption extends PHPUnit_Framework_TestCase {
-  public function testEncryptSymmetric() {
+  public function oneSymmetric($algorithm) {
     $data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));
-    $encrypted = OpenPGP_Crypt_Symmetric::encrypt('secret', new OpenPGP_Message(array($data)));
+    $encrypted = OpenPGP_Crypt_Symmetric::encrypt('secret', new OpenPGP_Message(array($data)), $algorithm);
     $decrypted = OpenPGP_Crypt_Symmetric::decryptSymmetric('secret', $encrypted);
     $this->assertEquals($decrypted[0]->data, 'This is text.');
   }
 
+  public function testEncryptSymmetric3DES() {
+    $this->oneSymmetric(2);
+  }
+
+  public function testEncryptSymmetricCAST5() {
+    $this->oneSymmetric(3);
+  }
+
+  public function testEncryptSymmetricBlowfish() {
+    $this->oneSymmetric(4);
+  }
+
+  public function testEncryptSymmetricAES128() {
+    $this->oneSymmetric(7);
+  }
+
+  public function testEncryptSymmetricAES192() {
+    $this->oneSymmetric(8);
+  }
+
+  public function testEncryptSymmetricAES256() {
+    $this->oneSymmetric(9);
+  }
+
+  public function testEncryptSymmetricTwofish() {
+    if(OpenPGP_Crypt_Symmetric::getCipher(10)[0]) {
+      $this->oneSymmetric(10);
+    }
+  }
+
   public function testEncryptAsymmetric() {
     $key = OpenPGP_Message::parse(file_get_contents(dirname(__FILE__) . '/data/helloKey.gpg'));
     $data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));