mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-09 06:28:28 +03:00
Simple idea for #1343
This commit is contained in:
parent
c61c3c6ce7
commit
cabc652aa2
9 changed files with 60 additions and 14 deletions
|
|
@ -48,7 +48,10 @@ abstract class Request
|
|||
$this->user_agent = 'SnappyMail/' . APP_VERSION;
|
||||
}
|
||||
|
||||
public function setAuth(int $type, string $user, string $pass) : void
|
||||
public function setAuth(int $type, string $user,
|
||||
#[\SensitiveParameter]
|
||||
string $pass
|
||||
) : void
|
||||
{
|
||||
$this->auth = [
|
||||
'type' => $type,
|
||||
|
|
|
|||
|
|
@ -84,7 +84,10 @@ class GnuPG
|
|||
/**
|
||||
* Add a key for decryption
|
||||
*/
|
||||
public function addDecryptKey(string $fingerprint, string $passphrase) : bool
|
||||
public function addDecryptKey(string $fingerprint,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase
|
||||
) : bool
|
||||
{
|
||||
return $this->handler()->adddecryptkey($fingerprint, $passphrase);
|
||||
}
|
||||
|
|
@ -100,7 +103,10 @@ class GnuPG
|
|||
/**
|
||||
* Add a key for signing
|
||||
*/
|
||||
public function addSignKey(string $fingerprint, ?string $passphrase) : bool
|
||||
public function addSignKey(string $fingerprint,
|
||||
#[\SensitiveParameter]
|
||||
?string $passphrase
|
||||
) : bool
|
||||
{
|
||||
return $this->handler()->addsignkey($fingerprint, $passphrase);
|
||||
}
|
||||
|
|
@ -218,7 +224,10 @@ class GnuPG
|
|||
/**
|
||||
* Exports a key
|
||||
*/
|
||||
public function export(string $fingerprint, string $passphrase = '') /*: string|false*/
|
||||
public function export(string $fingerprint,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase = ''
|
||||
) /*: string|false*/
|
||||
{
|
||||
if ($passphrase) {
|
||||
return $this->getGPG()
|
||||
|
|
@ -265,7 +274,10 @@ class GnuPG
|
|||
/**
|
||||
* Generates a key
|
||||
*/
|
||||
public function generateKey(string $uid, string $passphrase) /*: string|false*/
|
||||
public function generateKey(string $uid,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase
|
||||
) /*: string|false*/
|
||||
{
|
||||
$GPG = $this->getGPG(false);
|
||||
return $GPG ? $GPG->generateKey($uid, $passphrase) : false;
|
||||
|
|
|
|||
|
|
@ -136,7 +136,10 @@ class GPG
|
|||
/**
|
||||
* Add a key for decryption
|
||||
*/
|
||||
public function addDecryptKey(string $fingerprint, string $passphrase) : bool
|
||||
public function addDecryptKey(string $fingerprint,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase
|
||||
) : bool
|
||||
{
|
||||
$this->decryptKeys[$fingerprint] = $passphrase;
|
||||
// $this->decryptKeys[\substr($fingerprint, -16)] = $passphrase;
|
||||
|
|
@ -155,7 +158,10 @@ class GPG
|
|||
/**
|
||||
* Add a key for signing
|
||||
*/
|
||||
public function addSignKey(string $fingerprint, string $passphrase) : bool
|
||||
public function addSignKey(string $fingerprint,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase
|
||||
) : bool
|
||||
{
|
||||
$this->signKeys[$fingerprint] = $passphrase;
|
||||
// $this->signKeys[\substr($fingerprint, -16)] = $passphrase;
|
||||
|
|
@ -419,7 +425,10 @@ class GPG
|
|||
return 0;
|
||||
}
|
||||
|
||||
public function addPassphrase($keyId, $passphrase)
|
||||
public function addPassphrase($keyId,
|
||||
#[\SensitiveParameter]
|
||||
$passphrase
|
||||
)
|
||||
{
|
||||
$this->passphrases[$keyId] = $passphrase;
|
||||
return $this;
|
||||
|
|
|
|||
|
|
@ -14,7 +14,11 @@ class Cram extends \SnappyMail\SASL
|
|||
$this->algo = $algo;
|
||||
}
|
||||
|
||||
public function authenticate(string $authcid, string $passphrase, ?string $challenge = null) : string
|
||||
public function authenticate(string $authcid,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $challenge = null
|
||||
) : string
|
||||
{
|
||||
return $this->encode($authcid . ' ' . \hash_hmac($this->algo, $this->decode($challenge), $passphrase));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,10 @@ class Login extends \SnappyMail\SASL
|
|||
protected
|
||||
$passphrase;
|
||||
|
||||
public function authenticate(string $username, string $passphrase, ?string $challenge = null) : string
|
||||
public function authenticate(string $username,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $challenge = null) : string
|
||||
{
|
||||
// $challenge should be 'VXNlcm5hbWU6', but broken on some systems
|
||||
// See https://github.com/the-djmaze/snappymail/issues/693
|
||||
|
|
|
|||
|
|
@ -9,7 +9,11 @@ namespace SnappyMail\SASL;
|
|||
|
||||
class OAuthBearer extends \SnappyMail\SASL
|
||||
{
|
||||
public function authenticate(string $username, string $passphrase, ?string $authzid = null) : string
|
||||
public function authenticate(string $username,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $authzid = null
|
||||
) : string
|
||||
{
|
||||
return $this->encode("n,a={$username},\x01auth=Bearer {$passphrase}\x01\x01");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,10 @@ namespace SnappyMail\SASL;
|
|||
class Plain extends \SnappyMail\SASL
|
||||
{
|
||||
|
||||
public function authenticate(string $username, string $passphrase, ?string $authzid = null) : string
|
||||
public function authenticate(string $username,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $authzid = null) : string
|
||||
{
|
||||
return $this->encode("{$authzid}\x00{$username}\x00{$passphrase}");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,7 +31,11 @@ class Scram extends \SnappyMail\SASL
|
|||
$this->algo = $algo;
|
||||
}
|
||||
|
||||
public function authenticate(string $authcid, string $passphrase, ?string $authzid = null) : string
|
||||
public function authenticate(string $authcid,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $authzid = null
|
||||
) : string
|
||||
{
|
||||
// SASLprep
|
||||
$authcid = \str_replace(array('=',','), array('=3D','=2C'), $authcid);
|
||||
|
|
|
|||
|
|
@ -9,7 +9,11 @@ namespace SnappyMail\SASL;
|
|||
|
||||
class XOAuth2 extends \SnappyMail\SASL
|
||||
{
|
||||
public function authenticate(string $username, string $passphrase, ?string $authzid = null) : string
|
||||
public function authenticate(string $username,
|
||||
#[\SensitiveParameter]
|
||||
string $passphrase,
|
||||
?string $authzid = null
|
||||
) : string
|
||||
{
|
||||
return $this->encode("user={$username}\x01auth=Bearer {$passphrase}\x01\x01");
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue