From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 plugins/enigma/lib/enigma_key.php |   45 ++++++++++++++++++++++++++++++++-------------
 1 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/plugins/enigma/lib/enigma_key.php b/plugins/enigma/lib/enigma_key.php
index 66670c5..976cb45 100644
--- a/plugins/enigma/lib/enigma_key.php
+++ b/plugins/enigma/lib/enigma_key.php
@@ -1,20 +1,14 @@
 <?php
-/*
+
+/**
  +-------------------------------------------------------------------------+
  | Key class for the Enigma Plugin                                         |
  |                                                                         |
- | This program is free software; you can redistribute it and/or modify    |
- | it under the terms of the GNU General Public License version 2          |
- | as published by the Free Software Foundation.                           |
+ | Copyright (C) 2010-2015 The Roundcube Dev Team                          |
  |                                                                         |
- | This program is distributed in the hope that it will be useful,         |
- | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
- | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
- | GNU General Public License for more details.                            |
- |                                                                         |
- | You should have received a copy of the GNU General Public License along |
- | with this program; if not, write to the Free Software Foundation, Inc., |
- | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.             |
+ | Licensed under the GNU General Public License version 3 or              |
+ | any later version with exceptions for skins & plugins.                  |
+ | See the README file for a full license statement.                       |
  |                                                                         |
  +-------------------------------------------------------------------------+
  | Author: Aleksander Machniak <alec@alec.pl>                              |
@@ -31,6 +25,12 @@
     const TYPE_UNKNOWN = 0;
     const TYPE_KEYPAIR = 1;
     const TYPE_PUBLIC  = 2;
+
+    const CAN_ENCRYPT      = 1;
+    const CAN_SIGN         = 2;
+    const CAN_CERTIFY      = 4;
+    const CAN_AUTHENTICATE = 8;
+
 
     /**
      * Keys list sorting callback for usort()
@@ -92,6 +92,26 @@
     }
 
     /**
+     * Get key ID by user email
+     */
+    function find_subkey($email, $mode)
+    {
+        $now = time();
+
+        foreach ($this->users as $user) {
+            if ($user->email === $email && $user->valid && !$user->revoked) {
+                foreach ($this->subkeys as $subkey) {
+                    if (!$subkey->revoked && (!$subkey->expires || $subkey->expires > $now)) {
+                        if ($subkey->usage & $mode) {
+                            return $subkey;
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    /**
      * Converts long ID or Fingerprint to short ID
      * Crypt_GPG uses internal, but e.g. Thunderbird's Enigmail displays short ID
      *
@@ -128,5 +148,4 @@
 
         return $result;
     }
-
 }

--
Gitblit v1.9.1