See https://wordpress.org/support/topic/accept-also-smime-keys/

OS: SUSE Enterprise Linux 11 SP 3
PHP: 5.3.x
WordPress: 4.4.2
Plugin Version: 0.4.0

I get this error in the logs:

PHP Parse error: syntax error, unexpected '[' in /srv/www/htdocs/wp-content/plugins/wp-pgp-encrypted-emails/class-wp-openpgp.php on line 70

The following error message is logged after saving settings:

PHP message: PHP Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /myhome/wp-includes/functions.php on line 3743, referer: https://mysite.com/wp-admin/options-general.php?page=wp-pgp-encrypted-emails

What is more, the email sent is neither encrypted nor signed even though I have entered the public key for the admin address and have generated the key pair from within the plugin.

It would be nice if an admin can assign (or auto-generate) a keypair to the plugin (or site) itself, thus allowing the site to sign its outgoing messages in addition to encrypting them to a given user's public key.

This will require switching libraries to one that supports signing (perhaps singpolyma/openpgp-php).

This will require implementing RFC 3156.

See also singpolyma/openpgp-php#21.

/via https://wordpress.org/support/topic/encrypt-e-mail-attachments?replies=1

I think the plugin's CSS should not be enqueued for the front-end. Please see:

Correct me if I'm wrong, otherwise I'll submit a PR to remove this. Thanks.

Perhaps a openpgp_encrypt_content action hook that wraps OpenPGP_Crypt_Symmetric::encrypt() so other plugins can safely call these methods through familiar WordPress APIs?

/via #3

If the admin address belongs to a registered user and the user only puts their public key in their user profile, the plugin won't find it - it will check the admin setting and skip the user check.

Hi,
I use your plugin without problem with an OpenPGP RSA 4096bits key. But i just try to migrate to a new OpenPGP ECC key (X25519 type), and with this public key set in plugin setting for admin, my outgoing mails are not encrypted anymore.
Do you have any information about that ?
Thanks

I'd be interested in an admin option what would require encryption. If a user or the admin doesn't have suitable credentials, rather than their receiving unencrypted emails, the emails would not be sent.

"Integration" is a strong term here, but this is to follow the Formidable issues I have been having.

Here is the error:

PHP Warning: trim() expects parameter 1 to be string, array given in /srv/www/htdocs/wp-includes/class-wp-user.php on line 201, referer: http://blogs.mlc-wels.edu/bits-to-bytes/test-page/

This was shown using Formidable 2.0.x, WP-PGP-Encrypted-Emails 0.3.0, and WordPress 4.4.2 on SLES 11 SP3.

I highly recommend https://github.com/singpolyma/openpgp-php as there are many security related issues in php-gpg (ECB mode for example instead of CBC).

See https://wordpress.org/support/topic/doesnt-work-with-mailvelope-in-firefox

Not sure if this will be widely used, and ignoring for a moment the obvious security hole in the scheme, it might be fun to let blog commenters tick a box ("Private comment" or something) that will trigger, upon receipt of the comment, the plugin to encrypt the comment content to the public key of the post author, if available. In fact the "Private comment" checkbox should only exist of the post author has a public key in their profile.

No, this will not solve the issue where the plaintext is still transmitted and received by the server, but that's why this is a "silly idea." It would, however, give users the ability to leave a comment in a way that is not visible to the other readers of the post. Why not write the author an email? Maybe the author's email is not known to the reader. shrug

It's a silly idea, but easy to implement and could be a fun flourish for nerds and/or a way to expose non-technical people to seeing a raw PGP message block on the Web a bit more often.

See https://wordpress.org/support/topic/not-working-fully-with-woocommerce/

Two options come to mind:

• Using /dev/shm/$some_path if the plugin is running in a GNU/Linux environment with a mounted tmpfs as the S/MIME $infile. This would not be portable to, for example, Windows-based servers. We could auto-detect our environment and simply perform the optimization if possible, falling back to the existing implementation if it is not.
• Using php://memory or php://temp streams and manually constructing the PKCS#7 formatted S/MIME message from strings instead of using openssl_pkcs7_encrypt(), since that function requires file paths. This would be more work but will also be more portable across operating systems.

Beginning in PHP 8.0, openssl_* functions return or expect an object of class OpenSSLCertificate rather than resource of type OpenSSL X.509. The S/MIME support class does not as yet adhere to the new contract, and specifically only checks the resource type.

The end result is that valid, present S/MIME certificates are erroneously thought to be either invalid or not present when running with PHP 8.0.

I will submit a PR shortly to fix this, since it's a simple addition to the validation check in class-wp-smime.php.

Via https://wordpress.org/support/topic/accept-also-smime-keys/page/2/#post-9174319:

It should be possible to upload the private key of the blogs admin e-mail so that e-mails can be sign when being sent out.

Possibly, see openssl_pkcs7_sign().

I noticed that the generated keypairs are always for the wordpress user at the host's domain, E.g. [email protected]

If the sender address for WordPress is changed using another plug-in, this plug-in's generated keypair does not use the new address, the keypair is always generated using 'wordpress@'. It would be nice to be able to use a different sender address other than wordpress@ like mailer@ or no-reply@ etc.

The plug-in's interface does not display what email ID has been encoded into the keypair. It was found by uploading the public key into a keyserver or examination with GnuPG.

Enhancements:

1. Display the email ID of the sender used that is encoded in the keypair
2. Lookup the current sender address before generating the keypair
3. Enable changing the WordPress sender email address for the system

After trying to encrypt text I get:
"Encryption of the text is not possible. Cannot read property 'toHex' of null" error.

All I'm doing here is trying to send my public key to another email user that may or may not be using mailvelope.

This could be a WordPress 5.8.3 issue or an incompatibility with 'Ultimate Member' plug-in.
I looked at the code last night and saw a whitelist for Woo Commerce, does Ultimate Member need to be whitelisted too?

There is no 'Email Encryption' section in user profile pages. Only the Admin account has it.

Admin's profile

User (Subscriber role) profile

See https://wordpress.org/support/topic/compatibility-with-ninja-forms

Hi!

I read on Reddit that you made it possible to encrypt outgoing emails with Protonmail. Great stuff!

I'm running a webshop with Woocommerce and I want to encrypt all my outgoing messages. Right now I use WP-SMTP as Protonmail doesn't support SMTP for Wordpress, so I was wondering if this plugin will make it happen, and if so, how?

My end goal here is to send encrypted order confirmations to my users and at the same time send them my public key in the order email so that they are able to decrypt the message. Would that be possible?

WP PGP Encrypted Emails works great out of the box without a lot of configuration for almost all form plugins I've tested. The only one which doesn't encrypt mails is WS Form. My guess is that the code from WS Form is loaded after this plugin (because the plugins are loaded in alphabetical order) and therefore the encryption process won't work.

I know that you can set priorities for WP filters and hooks and tested a bit with the code on a staging site but was unable to make it work. Is anyone familiar with increasing the priority for this plugin?

The curly braces in three files:

vendor/singpolyma/openpgp-php/lib/openpgp_crypt_symmetric.php (lines 125, 612, 628, 771, 1055 and more)
vendor/singpolyma/openpgp-php/lib/openpgp.php (line 218 and more)
vendor/singpolyma/openpgp-php/lib/openpgp_crypt_rsa.php (lines 65, 190 and more)

broke this plugin and produced a fatal PHP error (saying "Array and string offset access syntax with curly braces is no longer supported") on my site running PHP 7.4, breaking the site as well.

I went through and changed the in the files on my install and the plugin worked, but the lines mentioned above are not an exhaustive list. I don't know how common this error is, but thought I should bring it to your attention.

See https://wordpress.org/support/topic/disable-comment-encryption-option/

First of all thanks for this very cool plugin.
I noticed messages are PGP/Inline signed and encrypted. It would be nice if it would be possible to have PGP/Mime encrypted/signed mails instead.
At the moment the plugin is treating all emails as plaintext mails. Therefore html mails will be signed html sourcecode. With PGP/Mime it is also possible to send encrypted html mails.

We've installed your plugin, and everything is ok, we upload the private and public PGP keys, etc.,
but in some occasions (I think that when emails are sent to known people, because we've set that
option as is), appears an error message:

Fatal error: Uncaught Error: Call to a member function setHash() on null in /var/.................../wp-content/plugins/wp-pgp-encrypted-emails/vendor/openpgp-php/openpgp_crypt_rsa.php:126 Stack trace: #0 /var/.................../wp-content/plugins/wp-pgpencrypted-emails/includes/class-wp-openphp.php(70): OpenPGP_Crypt_RSA->sign(Object(OpenPGP_LiteralDataPacket)) #1 /var/.................../ etc, see attached file.

Any idea? :)

Via https://wordpress.org/support/topic/accept-also-smime-keys/page/2/#post-9174319:

I have tested the “Email Subscribers & Newsletters” and is giving me a error when sending “Newsletters”.

Fatal error: Uncaught exception ‘Error’ with message ‘Length must be greater than 0’ in /www/blog/wp-includes/random_compat/random_bytes_dev_urandom.php:93 Stack trace: #0 /www/blog/wp-content/plugins/wp-pgp-encrypted-emails/includes/class-wp-smime.php(139): random_bytes(0) #1 [internal function]: WP_SMIME::encrypt(‘<strong style=”…’, ‘From: “Admin” <…’, Resource id #297) #2 /www/blog/wp-includes/class-wp-hook.php(298): call_user_func_array(Array, Array) #3 /www/blog/wp-includes/plugin.php(203): WP_Hook->apply_filters(‘<strong style=”…’, Array) #4 /www/blog/wp-content/plugins/wp-pgp-encrypted-emails/wp-pgp-encrypted-emails.php(1340): apply_filters(‘smime_encrypt’, ‘<strong style=”…’, ‘From: “Admin” <…’, Resource id #297) #5 /www/blog/wp-content/plugins/ in /www/blog/wp-includes/random_compat/random_bytes_dev_urandom.php on line 93

The e-mail to the webmaster e-mail is send encrypted, the e-mail to the user without S/MIME key is send properly, the e-mail send to the user with S/MIME key set up is not sent.

The same happens when publishing a normal article of the wordpress… and I really mean, I do a normal article on wordpress, but when I publish it to the web site I received the error bellow:

Fatal error: Uncaught exception ‘Error’ with message ‘Length must be greater than 0’ in /www/blog/wp-includes/random_compat/random_bytes_dev_urandom.php:93 Stack trace: #0 /www/blog/wp-content/plugins/wp-pgp-encrypted-emails/includes/class-wp-smime.php(139): random_bytes(0) #1 [internal function]: WP_SMIME::encrypt(‘Hello Carina,<b…’, ‘From: “Admin” <…’, Resource id #295) #2 /www/blog/wp-includes/class-wp-hook.php(298): call_user_func_array(Array, Array) #3 /www/blog/wp-includes/plugin.php(203): WP_Hook->apply_filters(‘Hello Carina,<b…’, Array) #4 /www/blog/wp-content/plugins/wp-pgp-encrypted-emails/wp-pgp-encrypted-emails.php(1340): apply_filters(‘smime_encrypt’, ‘Hello Carina,<b…’, ‘From: “Admin” <…’, Resource id #295) #5 /www/blog/wp-content/plugins/ in /www/blog/wp-includes/random_compat/random_bytes_dev_urandom.php on line 93

“Hello Carina” is probably referring in this case of the user with S/MIME set up on its account.
The other e-mails are sent correctly (encrypted to the admin e-mail, and to the none set up S/MIME user).

And yes the article is published correctly on the web site.

This happens if “Email Subscribers & Newsletters” is active… without it the e-mail notifications can’t be send of course. Disabling the “WP PGP Encrypted Emails” makes it work properly without errors.

First, I apologize if I lack the technical detailed knowledge on the programming or PKI side to fully describe what is happening.

The public certificate generated by the plugin can be imported into into some GPG Keychains (e.g. Mailvelope, Protonmail), and appears to be failing on the userID check. The error is similar to what is outlined here: mailvelope/mailvelope#713

But appears to be related to the certificate versus the keychain, as the issue also happens with Protonmail. My theory is the checksums are being printed incorrectly when the plugin generates the public key. GPG Keyrings that skip/ignore this conflict and focus on other checks import it fine, but any that include checking of the two-bit checksum run into an issue.

It gets out of my league at this point so I'm not sure if it is even possible to find out what is causing an invalid checksum to appear in the public key and correct that so the key can be imported into a wider variety of keychains (or if it's even 100% the problem).

Hi,

I needed access to other users' pgp keys in their user profiles.

I modified lines 151 and 152 to enable that as follows:

add_action( 'plugins_loaded', function(){
    if( current_user_can('manage_options') ){
        add_action( 'edit_user_profile', array( __CLASS__, 'renderProfile' ) );
        add_action( 'edit_user_profile_update', array( __CLASS__, 'saveProfile' ) );
    }else{
        add_action( 'show_user_profile', array( __CLASS__, 'renderProfile' ) );
        add_action( 'personal_options_update', array( __CLASS__, 'saveProfile' ) );
    }
});

This would be useful in a future update I'm sure.

Wordpress Version: 5.9.3
Plugin Version: 0.8.0
PHP: 7.4

Configuration:

• Created fresh keypair on client computer and added the pubkey in the "Admin Email PGP Public Key" and to the admin user profile.
• Created signing keypair in plugin settings
• Basic Contact Form 7 form is set up to send everything to the site admin.

Expected results:

• Admin E-Mail should receive a signed and encrypted E-Mail

Actual results:

• E-Mail arrives only signed but not encrypted

Research:

• Here another user in comments at the bottom claims it didn't work for them either in 2019 (no further details though)
• The plugin version on wordpress.org seems to be still on main branch from May 2021 and i personally can't tell if the develop has changed anything to address this issue but i will try to do some more testing.

See item 2 from this list: https://wordpress.org/support/topic/feature-request-add-default-pgp-encryption-key-gpg-key-manager

Original report:
https://wordpress.org/support/topic/multi-language-email-mail-body-encoding-are-wrong-on-outlook/

Issue:

When send a encrypted mixed language to Outlook, the body failed to apply the correct encoding. The encoding type used is SMIME.

Platform:

Tested on Windows 10's Outlook and Outlook for Mac 16.15.

Steps to reproduce:

1. Add some non-english text to the test message body text from plugin. This is my test message "你好 Allô! This is a test message".
2. Add SMIME to the user and click "Send me a test mail".
3. Check the mail in Outlook, the non-english text are not display. Attached with the screenshot and raw source.
   
   Notice the weird character in front of English text:
   
   
   The expected result:
   
   
   Here is the raw mail source:
   raw source.txt

Supporting Information:

1. If send an mixed language mail directly from client to client, eg Mac Mail to Outlook, the encoding do displayed correctly. Enclosed with the client to client mail's raw source.
   raw source - client to client mail.txt

2. If the mail is unencrypted, Outlook do display correct encoding.

3. If change the charset via wp_mail_charset filter, only encrypted mail subject reflected the changed charset, mail body do not show any changes at all.
   
   Notice that the body encoding still the same although I have change the charset:
   
   
   This is the changed charset:
   
   
   The raw source for charset changed email:
   raw source - charset changed.txt

4. If I added utf8_decode to the mail body in the sendTestEmail function, the "ô" in Allô do displayed correctly in Outlook, but the Chinese character get converted into question mark.
   
   Notice that the "ô" in Allô is displayed correctly:
   

I'm not exactly sure if this is a bug or desired behavior.
I'd like to be able to send encrypted emails to different addresses than those saved for a specific WordPress account. e.g. I use Contact Form 7 and would like to send all emails from a specific form to an email address reserved for this purpose - e.g. [email protected]. This address would be different from the admin or any user email.
Previously I assumed that this is already possible, and that the admin settings are a default for all outgoing emails if not specifically configured for a user.
I think it's a valid use case especially when using forms, so I already made the necessary changes for my installation, but I'd like to submit a PR if this fine with you.

Facebook does this. We should, too.

Weird issue, but seems like a solid bug report: https://wordpress.org/support/topic/ascii-armor-strings-compatibility-issue-with-openkeychain?replies=2#post-8212698

@DanielRuf, can you think of any reason why this would be a dangerous change to make? I can't and am thinking of rolling it into the next release to improve compatibility.

See https://wordpress.org/support/topic/encrypt-e-mail-attachments?replies=12#post-8112451