PageRenderTime 14ms CodeModel.GetById 432ms app.highlight 12ms RepoModel.GetById 1ms app.codeStats 1ms

/program/lib/Crypt/GPG.php

https://github.com/trimbakgopalghare/roundcubemail
PHP | 2386 lines | 926 code | 208 blank | 1252 comment | 125 complexity | b4faf3f1f18fb7703747e099365f2a86 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1<?php
   2
   3/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
   4
   5/**
   6 * Crypt_GPG is a package to use GPG from PHP
   7 *
   8 * This package provides an object oriented interface to GNU Privacy
   9 * Guard (GPG). It requires the GPG executable to be on the system.
  10 *
  11 * Though GPG can support symmetric-key cryptography, this package is intended
  12 * only to facilitate public-key cryptography.
  13 *
  14 * This file contains the main GPG class. The class in this file lets you
  15 * encrypt, decrypt, sign and verify data; import and delete keys; and perform
  16 * other useful GPG tasks.
  17 *
  18 * Example usage:
  19 * <code>
  20 * <?php
  21 * // encrypt some data
  22 * $gpg = new Crypt_GPG();
  23 * $gpg->addEncryptKey($mySecretKeyId);
  24 * $encryptedData = $gpg->encrypt($data);
  25 * ?>
  26 * </code>
  27 *
  28 * PHP version 5
  29 *
  30 * LICENSE:
  31 *
  32 * This library is free software; you can redistribute it and/or modify
  33 * it under the terms of the GNU Lesser General Public License as
  34 * published by the Free Software Foundation; either version 2.1 of the
  35 * License, or (at your option) any later version.
  36 *
  37 * This library is distributed in the hope that it will be useful,
  38 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  39 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  40 * Lesser General Public License for more details.
  41 *
  42 * You should have received a copy of the GNU Lesser General Public
  43 * License along with this library; if not, write to the Free Software
  44 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  45 *
  46 * @category  Encryption
  47 * @package   Crypt_GPG
  48 * @author    Nathan Fredrickson <nathan@silverorange.com>
  49 * @author    Michael Gauthier <mike@silverorange.com>
  50 * @copyright 2005-2013 silverorange
  51 * @license   http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
  52 * @version   CVS: $Id$
  53 * @link      http://pear.php.net/package/Crypt_GPG
  54 * @link      http://pear.php.net/manual/en/package.encryption.crypt-gpg.php
  55 * @link      http://www.gnupg.org/
  56 */
  57
  58/**
  59 * Base class for GPG methods
  60 */
  61require_once 'Crypt/GPGAbstract.php';
  62
  63/**
  64 * Signature handler class
  65 */
  66require_once 'Crypt/GPG/VerifyStatusHandler.php';
  67
  68/**
  69 * Decryption handler class
  70 */
  71require_once 'Crypt/GPG/DecryptStatusHandler.php';
  72
  73// {{{ class Crypt_GPG
  74
  75/**
  76 * A class to use GPG from PHP
  77 *
  78 * This class provides an object oriented interface to GNU Privacy Guard (GPG).
  79 *
  80 * Though GPG can support symmetric-key cryptography, this class is intended
  81 * only to facilitate public-key cryptography.
  82 *
  83 * @category  Encryption
  84 * @package   Crypt_GPG
  85 * @author    Nathan Fredrickson <nathan@silverorange.com>
  86 * @author    Michael Gauthier <mike@silverorange.com>
  87 * @copyright 2005-2013 silverorange
  88 * @license   http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
  89 * @link      http://pear.php.net/package/Crypt_GPG
  90 * @link      http://www.gnupg.org/
  91 */
  92class Crypt_GPG extends Crypt_GPGAbstract
  93{
  94    // {{{ class constants for data signing modes
  95
  96    /**
  97     * Signing mode for normal signing of data. The signed message will not
  98     * be readable without special software.
  99     *
 100     * This is the default signing mode.
 101     *
 102     * @see Crypt_GPG::sign()
 103     * @see Crypt_GPG::signFile()
 104     */
 105    const SIGN_MODE_NORMAL = 1;
 106
 107    /**
 108     * Signing mode for clearsigning data. Clearsigned signatures are ASCII
 109     * armored data and are readable without special software. If the signed
 110     * message is unencrypted, the message will still be readable. The message
 111     * text will be in the original encoding.
 112     *
 113     * @see Crypt_GPG::sign()
 114     * @see Crypt_GPG::signFile()
 115     */
 116    const SIGN_MODE_CLEAR = 2;
 117
 118    /**
 119     * Signing mode for creating a detached signature. When using detached
 120     * signatures, only the signature data is returned. The original message
 121     * text may be distributed separately from the signature data. This is
 122     * useful for miltipart/signed email messages as per
 123     * {@link http://www.ietf.org/rfc/rfc3156.txt RFC 3156}.
 124     *
 125     * @see Crypt_GPG::sign()
 126     * @see Crypt_GPG::signFile()
 127     */
 128    const SIGN_MODE_DETACHED = 3;
 129
 130    // }}}
 131    // {{{ class constants for fingerprint formats
 132
 133    /**
 134     * No formatting is performed.
 135     *
 136     * Example: C3BC615AD9C766E5A85C1F2716D27458B1BBA1C4
 137     *
 138     * @see Crypt_GPG::getFingerprint()
 139     */
 140    const FORMAT_NONE = 1;
 141
 142    /**
 143     * Fingerprint is formatted in the format used by the GnuPG gpg command's
 144     * default output.
 145     *
 146     * Example: C3BC 615A D9C7 66E5 A85C  1F27 16D2 7458 B1BB A1C4
 147     *
 148     * @see Crypt_GPG::getFingerprint()
 149     */
 150    const FORMAT_CANONICAL = 2;
 151
 152    /**
 153     * Fingerprint is formatted in the format used when displaying X.509
 154     * certificates
 155     *
 156     * Example: C3:BC:61:5A:D9:C7:66:E5:A8:5C:1F:27:16:D2:74:58:B1:BB:A1:C4
 157     *
 158     * @see Crypt_GPG::getFingerprint()
 159     */
 160    const FORMAT_X509 = 3;
 161
 162    // }}}
 163    // {{{ class constants for boolean options
 164
 165    /**
 166     * Use to specify ASCII armored mode for returned data
 167     */
 168    const ARMOR_ASCII = true;
 169
 170    /**
 171     * Use to specify binary mode for returned data
 172     */
 173    const ARMOR_BINARY = false;
 174
 175    /**
 176     * Use to specify that line breaks in signed text should be normalized
 177     */
 178    const TEXT_NORMALIZED = true;
 179
 180    /**
 181     * Use to specify that line breaks in signed text should not be normalized
 182     */
 183    const TEXT_RAW = false;
 184
 185    // }}}
 186    // {{{ protected class properties
 187
 188    /**
 189     * Engine used to control the GPG subprocess
 190     *
 191     * @var Crypt_GPG_Engine
 192     *
 193     * @see Crypt_GPG::setEngine()
 194     */
 195    protected $engine = null;
 196
 197    /**
 198     * Keys used to encrypt
 199     *
 200     * The array is of the form:
 201     * <code>
 202     * array(
 203     *   $key_id => array(
 204     *     'fingerprint' => $fingerprint,
 205     *     'passphrase'  => null
 206     *   )
 207     * );
 208     * </code>
 209     *
 210     * @var array
 211     * @see Crypt_GPG::addEncryptKey()
 212     * @see Crypt_GPG::clearEncryptKeys()
 213     */
 214    protected $encryptKeys = array();
 215
 216    /**
 217     * Keys used to decrypt
 218     *
 219     * The array is of the form:
 220     * <code>
 221     * array(
 222     *   $key_id => array(
 223     *     'fingerprint' => $fingerprint,
 224     *     'passphrase'  => $passphrase
 225     *   )
 226     * );
 227     * </code>
 228     *
 229     * @var array
 230     * @see Crypt_GPG::addSignKey()
 231     * @see Crypt_GPG::clearSignKeys()
 232     */
 233    protected $signKeys = array();
 234
 235    /**
 236     * Keys used to sign
 237     *
 238     * The array is of the form:
 239     * <code>
 240     * array(
 241     *   $key_id => array(
 242     *     'fingerprint' => $fingerprint,
 243     *     'passphrase'  => $passphrase
 244     *   )
 245     * );
 246     * </code>
 247     *
 248     * @var array
 249     * @see Crypt_GPG::addDecryptKey()
 250     * @see Crypt_GPG::clearDecryptKeys()
 251     */
 252    protected $decryptKeys = array();
 253
 254    // }}}
 255    // {{{ importKey()
 256
 257    /**
 258     * Imports a public or private key into the keyring
 259     *
 260     * Keys may be removed from the keyring using
 261     * {@link Crypt_GPG::deletePublicKey()} or
 262     * {@link Crypt_GPG::deletePrivateKey()}.
 263     *
 264     * @param string $data the key data to be imported.
 265     *
 266     * @return array an associative array containing the following elements:
 267     *               - <kbd>fingerprint</kbd>       - the fingerprint of the
 268     *                                                imported key,
 269     *               - <kbd>public_imported</kbd>   - the number of public
 270     *                                                keys imported,
 271     *               - <kbd>public_unchanged</kbd>  - the number of unchanged
 272     *                                                public keys,
 273     *               - <kbd>private_imported</kbd>  - the number of private
 274     *                                                keys imported,
 275     *               - <kbd>private_unchanged</kbd> - the number of unchanged
 276     *                                                private keys.
 277     *
 278     * @throws Crypt_GPG_NoDataException if the key data is missing or if the
 279     *         data is is not valid key data.
 280     *
 281     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 282     *         Use the <kbd>debug</kbd> option and file a bug report if these
 283     *         exceptions occur.
 284     */
 285    public function importKey($data)
 286    {
 287        return $this->_importKey($data, false);
 288    }
 289
 290    // }}}
 291    // {{{ importKeyFile()
 292
 293    /**
 294     * Imports a public or private key file into the keyring
 295     *
 296     * Keys may be removed from the keyring using
 297     * {@link Crypt_GPG::deletePublicKey()} or
 298     * {@link Crypt_GPG::deletePrivateKey()}.
 299     *
 300     * @param string $filename the key file to be imported.
 301     *
 302     * @return array an associative array containing the following elements:
 303     *               - <kbd>fingerprint</kbd>       - the fingerprint of the
 304     *                                                imported key,
 305     *               - <kbd>public_imported</kbd>   - the number of public
 306     *                                                keys imported,
 307     *               - <kbd>public_unchanged</kbd>  - the number of unchanged
 308     *                                                public keys,
 309     *               - <kbd>private_imported</kbd>  - the number of private
 310     *                                                keys imported,
 311     *               - <kbd>private_unchanged</kbd> - the number of unchanged
 312     *                                                private keys.
 313     *                                                  private keys.
 314     *
 315     * @throws Crypt_GPG_NoDataException if the key data is missing or if the
 316     *         data is is not valid key data.
 317     *
 318     * @throws Crypt_GPG_FileException if the key file is not readable.
 319     *
 320     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 321     *         Use the <kbd>debug</kbd> option and file a bug report if these
 322     *         exceptions occur.
 323     */
 324    public function importKeyFile($filename)
 325    {
 326        return $this->_importKey($filename, true);
 327    }
 328
 329    // }}}
 330    // {{{ exportPublicKey()
 331
 332    /**
 333     * Exports a public key from the keyring
 334     *
 335     * The exported key remains on the keyring. To delete the public key, use
 336     * {@link Crypt_GPG::deletePublicKey()}.
 337     *
 338     * If more than one key fingerprint is available for the specified
 339     * <kbd>$keyId</kbd> (for example, if you use a non-unique uid) only the
 340     * first public key is exported.
 341     *
 342     * @param string  $keyId either the full uid of the public key, the email
 343     *                       part of the uid of the public key or the key id of
 344     *                       the public key. For example,
 345     *                       "Test User (example) <test@example.com>",
 346     *                       "test@example.com" or a hexadecimal string.
 347     * @param boolean $armor optional. If true, ASCII armored data is returned;
 348     *                       otherwise, binary data is returned. Defaults to
 349     *                       true.
 350     *
 351     * @return string the public key data.
 352     *
 353     * @throws Crypt_GPG_KeyNotFoundException if a public key with the given
 354     *         <kbd>$keyId</kbd> is not found.
 355     *
 356     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 357     *         Use the <kbd>debug</kbd> option and file a bug report if these
 358     *         exceptions occur.
 359     */
 360    public function exportPublicKey($keyId, $armor = true)
 361    {
 362        $fingerprint = $this->getFingerprint($keyId);
 363
 364        if ($fingerprint === null) {
 365            throw new Crypt_GPG_KeyNotFoundException(
 366                'Public key not found: ' . $keyId,
 367                self::ERROR_KEY_NOT_FOUND,
 368                $keyId
 369            );
 370        }
 371
 372        $keyData   = '';
 373        $operation = '--export ' . escapeshellarg($fingerprint);
 374        $arguments = ($armor) ? array('--armor') : array();
 375
 376        $this->engine->reset();
 377        $this->engine->setOutput($keyData);
 378        $this->engine->setOperation($operation, $arguments);
 379        $this->engine->run();
 380
 381        $code = $this->engine->getErrorCode();
 382
 383        if ($code !== self::ERROR_NONE) {
 384            throw new Crypt_GPG_Exception(
 385                'Unknown error exporting public key. Please use the ' .
 386                '\'debug\' option when creating the Crypt_GPG object, and ' .
 387                'file a bug report at ' . self::BUG_URI,
 388                $code
 389            );
 390        }
 391
 392        return $keyData;
 393    }
 394
 395    // }}}
 396    // {{{ deletePublicKey()
 397
 398    /**
 399     * Deletes a public key from the keyring
 400     *
 401     * If more than one key fingerprint is available for the specified
 402     * <kbd>$keyId</kbd> (for example, if you use a non-unique uid) only the
 403     * first public key is deleted.
 404     *
 405     * The private key must be deleted first or an exception will be thrown.
 406     * See {@link Crypt_GPG::deletePrivateKey()}.
 407     *
 408     * @param string $keyId either the full uid of the public key, the email
 409     *                      part of the uid of the public key or the key id of
 410     *                      the public key. For example,
 411     *                      "Test User (example) <test@example.com>",
 412     *                      "test@example.com" or a hexadecimal string.
 413     *
 414     * @return void
 415     *
 416     * @throws Crypt_GPG_KeyNotFoundException if a public key with the given
 417     *         <kbd>$keyId</kbd> is not found.
 418     *
 419     * @throws Crypt_GPG_DeletePrivateKeyException if the specified public key
 420     *         has an associated private key on the keyring. The private key
 421     *         must be deleted first.
 422     *
 423     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 424     *         Use the <kbd>debug</kbd> option and file a bug report if these
 425     *         exceptions occur.
 426     */
 427    public function deletePublicKey($keyId)
 428    {
 429        $fingerprint = $this->getFingerprint($keyId);
 430
 431        if ($fingerprint === null) {
 432            throw new Crypt_GPG_KeyNotFoundException(
 433                'Public key not found: ' . $keyId,
 434                self::ERROR_KEY_NOT_FOUND,
 435                $keyId
 436            );
 437        }
 438
 439        $operation = '--delete-key ' . escapeshellarg($fingerprint);
 440        $arguments = array(
 441            '--batch',
 442            '--yes'
 443        );
 444
 445        $this->engine->reset();
 446        $this->engine->setOperation($operation, $arguments);
 447        $this->engine->run();
 448
 449        $code = $this->engine->getErrorCode();
 450
 451        switch ($code) {
 452        case self::ERROR_NONE:
 453            break;
 454        case self::ERROR_DELETE_PRIVATE_KEY:
 455            throw new Crypt_GPG_DeletePrivateKeyException(
 456                'Private key must be deleted before public key can be ' .
 457                'deleted.',
 458                $code,
 459                $keyId
 460            );
 461        default:
 462            throw new Crypt_GPG_Exception(
 463                'Unknown error deleting public key. Please use the ' .
 464                '\'debug\' option when creating the Crypt_GPG object, and ' .
 465                'file a bug report at ' . self::BUG_URI,
 466                $code
 467            );
 468        }
 469    }
 470
 471    // }}}
 472    // {{{ deletePrivateKey()
 473
 474    /**
 475     * Deletes a private key from the keyring
 476     *
 477     * If more than one key fingerprint is available for the specified
 478     * <kbd>$keyId</kbd> (for example, if you use a non-unique uid) only the
 479     * first private key is deleted.
 480     *
 481     * Calls GPG with the <kbd>--delete-secret-key</kbd> command.
 482     *
 483     * @param string $keyId either the full uid of the private key, the email
 484     *                      part of the uid of the private key or the key id of
 485     *                      the private key. For example,
 486     *                      "Test User (example) <test@example.com>",
 487     *                      "test@example.com" or a hexadecimal string.
 488     *
 489     * @return void
 490     *
 491     * @throws Crypt_GPG_KeyNotFoundException if a private key with the given
 492     *         <kbd>$keyId</kbd> is not found.
 493     *
 494     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 495     *         Use the <kbd>debug</kbd> option and file a bug report if these
 496     *         exceptions occur.
 497     */
 498    public function deletePrivateKey($keyId)
 499    {
 500        $fingerprint = $this->getFingerprint($keyId);
 501
 502        if ($fingerprint === null) {
 503            throw new Crypt_GPG_KeyNotFoundException(
 504                'Private key not found: ' . $keyId,
 505                self::ERROR_KEY_NOT_FOUND,
 506                $keyId
 507            );
 508        }
 509
 510        $operation = '--delete-secret-key ' . escapeshellarg($fingerprint);
 511        $arguments = array(
 512            '--batch',
 513            '--yes'
 514        );
 515
 516        $this->engine->reset();
 517        $this->engine->setOperation($operation, $arguments);
 518        $this->engine->run();
 519
 520        $code = $this->engine->getErrorCode();
 521
 522        switch ($code) {
 523        case self::ERROR_NONE:
 524            break;
 525        case self::ERROR_KEY_NOT_FOUND:
 526            throw new Crypt_GPG_KeyNotFoundException(
 527                'Private key not found: ' . $keyId,
 528                $code,
 529                $keyId
 530            );
 531        default:
 532            throw new Crypt_GPG_Exception(
 533                'Unknown error deleting private key. Please use the ' .
 534                '\'debug\' option when creating the Crypt_GPG object, and ' .
 535                'file a bug report at ' . self::BUG_URI,
 536                $code
 537            );
 538        }
 539    }
 540
 541    // }}}
 542    // {{{ getKeys()
 543
 544    /**
 545     * Gets the available keys in the keyring
 546     *
 547     * Calls GPG with the <kbd>--list-keys</kbd> command and grabs keys. See
 548     * the first section of <b>doc/DETAILS</b> in the
 549     * {@link http://www.gnupg.org/download/ GPG package} for a detailed
 550     * description of how the GPG command output is parsed.
 551     *
 552     * @param string $keyId optional. Only keys with that match the specified
 553     *                      pattern are returned. The pattern may be part of
 554     *                      a user id, a key id or a key fingerprint. If not
 555     *                      specified, all keys are returned.
 556     *
 557     * @return array an array of {@link Crypt_GPG_Key} objects. If no keys
 558     *               match the specified <kbd>$keyId</kbd> an empty array is
 559     *               returned.
 560     *
 561     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 562     *         Use the <kbd>debug</kbd> option and file a bug report if these
 563     *         exceptions occur.
 564     *
 565     * @see Crypt_GPG_Key
 566     */
 567    public function getKeys($keyId = '')
 568    {
 569        return parent::_getKeys($keyId);
 570    }
 571
 572    // }}}
 573    // {{{ getFingerprint()
 574
 575    /**
 576     * Gets a key fingerprint from the keyring
 577     *
 578     * If more than one key fingerprint is available (for example, if you use
 579     * a non-unique user id) only the first key fingerprint is returned.
 580     *
 581     * Calls the GPG <kbd>--list-keys</kbd> command with the
 582     * <kbd>--with-fingerprint</kbd> option to retrieve a public key
 583     * fingerprint.
 584     *
 585     * @param string  $keyId  either the full user id of the key, the email
 586     *                        part of the user id of the key, or the key id of
 587     *                        the key. For example,
 588     *                        "Test User (example) <test@example.com>",
 589     *                        "test@example.com" or a hexadecimal string.
 590     * @param integer $format optional. How the fingerprint should be formatted.
 591     *                        Use {@link Crypt_GPG::FORMAT_X509} for X.509
 592     *                        certificate format,
 593     *                        {@link Crypt_GPG::FORMAT_CANONICAL} for the format
 594     *                        used by GnuPG output and
 595     *                        {@link Crypt_GPG::FORMAT_NONE} for no formatting.
 596     *                        Defaults to <code>Crypt_GPG::FORMAT_NONE</code>.
 597     *
 598     * @return string the fingerprint of the key, or null if no fingerprint
 599     *                is found for the given <kbd>$keyId</kbd>.
 600     *
 601     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 602     *         Use the <kbd>debug</kbd> option and file a bug report if these
 603     *         exceptions occur.
 604     */
 605    public function getFingerprint($keyId, $format = self::FORMAT_NONE)
 606    {
 607        $output    = '';
 608        $operation = '--list-keys ' . escapeshellarg($keyId);
 609        $arguments = array(
 610            '--with-colons',
 611            '--with-fingerprint'
 612        );
 613
 614        $this->engine->reset();
 615        $this->engine->setOutput($output);
 616        $this->engine->setOperation($operation, $arguments);
 617        $this->engine->run();
 618
 619        $code = $this->engine->getErrorCode();
 620
 621        switch ($code) {
 622        case self::ERROR_NONE:
 623        case self::ERROR_KEY_NOT_FOUND:
 624            // ignore not found key errors
 625            break;
 626        default:
 627            throw new Crypt_GPG_Exception(
 628                'Unknown error getting key fingerprint. Please use the ' .
 629                '\'debug\' option when creating the Crypt_GPG object, and ' .
 630                'file a bug report at ' . self::BUG_URI,
 631                $code
 632            );
 633        }
 634
 635        $fingerprint = null;
 636
 637        $lines = explode(PHP_EOL, $output);
 638        foreach ($lines as $line) {
 639            if (substr($line, 0, 3) == 'fpr') {
 640                $lineExp     = explode(':', $line);
 641                $fingerprint = $lineExp[9];
 642
 643                switch ($format) {
 644                case self::FORMAT_CANONICAL:
 645                    $fingerprintExp = str_split($fingerprint, 4);
 646                    $format         = '%s %s %s %s %s  %s %s %s %s %s';
 647                    $fingerprint    = vsprintf($format, $fingerprintExp);
 648                    break;
 649
 650                case self::FORMAT_X509:
 651                    $fingerprintExp = str_split($fingerprint, 2);
 652                    $fingerprint    = implode(':', $fingerprintExp);
 653                    break;
 654                }
 655
 656                break;
 657            }
 658        }
 659
 660        return $fingerprint;
 661    }
 662
 663    // }}}
 664    // {{{ encrypt()
 665
 666    /**
 667     * Encrypts string data
 668     *
 669     * Data is ASCII armored by default but may optionally be returned as
 670     * binary.
 671     *
 672     * @param string  $data  the data to be encrypted.
 673     * @param boolean $armor optional. If true, ASCII armored data is returned;
 674     *                       otherwise, binary data is returned. Defaults to
 675     *                       true.
 676     *
 677     * @return string the encrypted data.
 678     *
 679     * @throws Crypt_GPG_KeyNotFoundException if no encryption key is specified.
 680     *         See {@link Crypt_GPG::addEncryptKey()}.
 681     *
 682     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 683     *         Use the <kbd>debug</kbd> option and file a bug report if these
 684     *         exceptions occur.
 685     *
 686     * @sensitive $data
 687     */
 688    public function encrypt($data, $armor = self::ARMOR_ASCII)
 689    {
 690        return $this->_encrypt($data, false, null, $armor);
 691    }
 692
 693    // }}}
 694    // {{{ encryptFile()
 695
 696    /**
 697     * Encrypts a file
 698     *
 699     * Encrypted data is ASCII armored by default but may optionally be saved
 700     * as binary.
 701     *
 702     * @param string  $filename      the filename of the file to encrypt.
 703     * @param string  $encryptedFile optional. The filename of the file in
 704     *                               which to store the encrypted data. If null
 705     *                               or unspecified, the encrypted data is
 706     *                               returned as a string.
 707     * @param boolean $armor         optional. If true, ASCII armored data is
 708     *                               returned; otherwise, binary data is
 709     *                               returned. Defaults to true.
 710     *
 711     * @return void|string if the <kbd>$encryptedFile</kbd> parameter is null,
 712     *                     a string containing the encrypted data is returned.
 713     *
 714     * @throws Crypt_GPG_KeyNotFoundException if no encryption key is specified.
 715     *         See {@link Crypt_GPG::addEncryptKey()}.
 716     *
 717     * @throws Crypt_GPG_FileException if the output file is not writeable or
 718     *         if the input file is not readable.
 719     *
 720     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 721     *         Use the <kbd>debug</kbd> option and file a bug report if these
 722     *         exceptions occur.
 723     */
 724    public function encryptFile(
 725        $filename,
 726        $encryptedFile = null,
 727        $armor = self::ARMOR_ASCII
 728    ) {
 729        return $this->_encrypt($filename, true, $encryptedFile, $armor);
 730    }
 731
 732    // }}}
 733    // {{{ encryptAndSign()
 734
 735    /**
 736     * Encrypts and signs data
 737     *
 738     * Data is encrypted and signed in a single pass.
 739     *
 740     * NOTE: Until GnuPG version 1.4.10, it was not possible to verify
 741     * encrypted-signed data without decrypting it at the same time. If you try
 742     * to use {@link Crypt_GPG::verify()} method on encrypted-signed data with
 743     * earlier GnuPG versions, you will get an error. Please use
 744     * {@link Crypt_GPG::decryptAndVerify()} to verify encrypted-signed data.
 745     *
 746     * @param string  $data  the data to be encrypted and signed.
 747     * @param boolean $armor optional. If true, ASCII armored data is returned;
 748     *                       otherwise, binary data is returned. Defaults to
 749     *                       true.
 750     *
 751     * @return string the encrypted signed data.
 752     *
 753     * @throws Crypt_GPG_KeyNotFoundException if no encryption key is specified
 754     *         or if no signing key is specified. See
 755     *         {@link Crypt_GPG::addEncryptKey()} and
 756     *         {@link Crypt_GPG::addSignKey()}.
 757     *
 758     * @throws Crypt_GPG_BadPassphraseException if a specified passphrase is
 759     *         incorrect or if a required passphrase is not specified.
 760     *
 761     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 762     *         Use the <kbd>debug</kbd> option and file a bug report if these
 763     *         exceptions occur.
 764     *
 765     * @see Crypt_GPG::decryptAndVerify()
 766     */
 767    public function encryptAndSign($data, $armor = self::ARMOR_ASCII)
 768    {
 769        return $this->_encryptAndSign($data, false, null, $armor);
 770    }
 771
 772    // }}}
 773    // {{{ encryptAndSignFile()
 774
 775    /**
 776     * Encrypts and signs a file
 777     *
 778     * The file is encrypted and signed in a single pass.
 779     *
 780     * NOTE: Until GnuPG version 1.4.10, it was not possible to verify
 781     * encrypted-signed files without decrypting them at the same time. If you
 782     * try to use {@link Crypt_GPG::verify()} method on encrypted-signed files
 783     * with earlier GnuPG versions, you will get an error. Please use
 784     * {@link Crypt_GPG::decryptAndVerifyFile()} to verify encrypted-signed
 785     * files.
 786     *
 787     * @param string  $filename   the name of the file containing the data to
 788     *                            be encrypted and signed.
 789     * @param string  $signedFile optional. The name of the file in which the
 790     *                            encrypted, signed data should be stored. If
 791     *                            null or unspecified, the encrypted, signed
 792     *                            data is returned as a string.
 793     * @param boolean $armor      optional. If true, ASCII armored data is
 794     *                            returned; otherwise, binary data is returned.
 795     *                            Defaults to true.
 796     *
 797     * @return void|string if the <kbd>$signedFile</kbd> parameter is null, a
 798     *                     string containing the encrypted, signed data is
 799     *                     returned.
 800     *
 801     * @throws Crypt_GPG_KeyNotFoundException if no encryption key is specified
 802     *         or if no signing key is specified. See
 803     *         {@link Crypt_GPG::addEncryptKey()} and
 804     *         {@link Crypt_GPG::addSignKey()}.
 805     *
 806     * @throws Crypt_GPG_BadPassphraseException if a specified passphrase is
 807     *         incorrect or if a required passphrase is not specified.
 808     *
 809     * @throws Crypt_GPG_FileException if the output file is not writeable or
 810     *         if the input file is not readable.
 811     *
 812     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 813     *         Use the <kbd>debug</kbd> option and file a bug report if these
 814     *         exceptions occur.
 815     *
 816     * @see Crypt_GPG::decryptAndVerifyFile()
 817     */
 818    public function encryptAndSignFile(
 819        $filename,
 820        $signedFile = null,
 821        $armor = self::ARMOR_ASCII
 822    ) {
 823        return $this->_encryptAndSign($filename, true, $signedFile, $armor);
 824    }
 825
 826    // }}}
 827    // {{{ decrypt()
 828
 829    /**
 830     * Decrypts string data
 831     *
 832     * This method assumes the required private key is available in the keyring
 833     * and throws an exception if the private key is not available. To add a
 834     * private key to the keyring, use the {@link Crypt_GPG::importKey()} or
 835     * {@link Crypt_GPG::importKeyFile()} methods.
 836     *
 837     * @param string $encryptedData the data to be decrypted.
 838     *
 839     * @return string the decrypted data.
 840     *
 841     * @throws Crypt_GPG_KeyNotFoundException if the private key needed to
 842     *         decrypt the data is not in the user's keyring.
 843     *
 844     * @throws Crypt_GPG_NoDataException if specified data does not contain
 845     *         GPG encrypted data.
 846     *
 847     * @throws Crypt_GPG_BadPassphraseException if a required passphrase is
 848     *         incorrect or if a required passphrase is not specified. See
 849     *         {@link Crypt_GPG::addDecryptKey()}.
 850     *
 851     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 852     *         Use the <kbd>debug</kbd> option and file a bug report if these
 853     *         exceptions occur.
 854     */
 855    public function decrypt($encryptedData)
 856    {
 857        return $this->_decrypt($encryptedData, false, null);
 858    }
 859
 860    // }}}
 861    // {{{ decryptFile()
 862
 863    /**
 864     * Decrypts a file
 865     *
 866     * This method assumes the required private key is available in the keyring
 867     * and throws an exception if the private key is not available. To add a
 868     * private key to the keyring, use the {@link Crypt_GPG::importKey()} or
 869     * {@link Crypt_GPG::importKeyFile()} methods.
 870     *
 871     * @param string $encryptedFile the name of the encrypted file data to
 872     *                              decrypt.
 873     * @param string $decryptedFile optional. The name of the file to which the
 874     *                              decrypted data should be written. If null
 875     *                              or unspecified, the decrypted data is
 876     *                              returned as a string.
 877     *
 878     * @return void|string if the <kbd>$decryptedFile</kbd> parameter is null,
 879     *                     a string containing the decrypted data is returned.
 880     *
 881     * @throws Crypt_GPG_KeyNotFoundException if the private key needed to
 882     *         decrypt the data is not in the user's keyring.
 883     *
 884     * @throws Crypt_GPG_NoDataException if specified data does not contain
 885     *         GPG encrypted data.
 886     *
 887     * @throws Crypt_GPG_BadPassphraseException if a required passphrase is
 888     *         incorrect or if a required passphrase is not specified. See
 889     *         {@link Crypt_GPG::addDecryptKey()}.
 890     *
 891     * @throws Crypt_GPG_FileException if the output file is not writeable or
 892     *         if the input file is not readable.
 893     *
 894     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 895     *         Use the <kbd>debug</kbd> option and file a bug report if these
 896     *         exceptions occur.
 897     */
 898    public function decryptFile($encryptedFile, $decryptedFile = null)
 899    {
 900        return $this->_decrypt($encryptedFile, true, $decryptedFile);
 901    }
 902
 903    // }}}
 904    // {{{ decryptAndVerify()
 905
 906    /**
 907     * Decrypts and verifies string data
 908     *
 909     * This method assumes the required private key is available in the keyring
 910     * and throws an exception if the private key is not available. To add a
 911     * private key to the keyring, use the {@link Crypt_GPG::importKey()} or
 912     * {@link Crypt_GPG::importKeyFile()} methods.
 913     *
 914     * @param string $encryptedData the encrypted, signed data to be decrypted
 915     *                              and verified.
 916     *
 917     * @return array two element array. The array has an element 'data'
 918     *               containing the decrypted data and an element
 919     *               'signatures' containing an array of
 920     *               {@link Crypt_GPG_Signature} objects for the signed data.
 921     *
 922     * @throws Crypt_GPG_KeyNotFoundException if the private key needed to
 923     *         decrypt the data is not in the user's keyring.
 924     *
 925     * @throws Crypt_GPG_NoDataException if specified data does not contain
 926     *         GPG encrypted data.
 927     *
 928     * @throws Crypt_GPG_BadPassphraseException if a required passphrase is
 929     *         incorrect or if a required passphrase is not specified. See
 930     *         {@link Crypt_GPG::addDecryptKey()}.
 931     *
 932     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 933     *         Use the <kbd>debug</kbd> option and file a bug report if these
 934     *         exceptions occur.
 935     */
 936    public function decryptAndVerify($encryptedData)
 937    {
 938        return $this->_decryptAndVerify($encryptedData, false, null);
 939    }
 940
 941    // }}}
 942    // {{{ decryptAndVerifyFile()
 943
 944    /**
 945     * Decrypts and verifies a signed, encrypted file
 946     *
 947     * This method assumes the required private key is available in the keyring
 948     * and throws an exception if the private key is not available. To add a
 949     * private key to the keyring, use the {@link Crypt_GPG::importKey()} or
 950     * {@link Crypt_GPG::importKeyFile()} methods.
 951     *
 952     * @param string $encryptedFile the name of the signed, encrypted file to
 953     *                              to decrypt and verify.
 954     * @param string $decryptedFile optional. The name of the file to which the
 955     *                              decrypted data should be written. If null
 956     *                              or unspecified, the decrypted data is
 957     *                              returned in the results array.
 958     *
 959     * @return array two element array. The array has an element 'data'
 960     *               containing the decrypted data and an element
 961     *               'signatures' containing an array of
 962     *               {@link Crypt_GPG_Signature} objects for the signed data.
 963     *               If the decrypted data is written to a file, the 'data'
 964     *               element is null.
 965     *
 966     * @throws Crypt_GPG_KeyNotFoundException if the private key needed to
 967     *         decrypt the data is not in the user's keyring.
 968     *
 969     * @throws Crypt_GPG_NoDataException if specified data does not contain
 970     *         GPG encrypted data.
 971     *
 972     * @throws Crypt_GPG_BadPassphraseException if a required passphrase is
 973     *         incorrect or if a required passphrase is not specified. See
 974     *         {@link Crypt_GPG::addDecryptKey()}.
 975     *
 976     * @throws Crypt_GPG_FileException if the output file is not writeable or
 977     *         if the input file is not readable.
 978     *
 979     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
 980     *         Use the <kbd>debug</kbd> option and file a bug report if these
 981     *         exceptions occur.
 982     */
 983    public function decryptAndVerifyFile($encryptedFile, $decryptedFile = null)
 984    {
 985        return $this->_decryptAndVerify($encryptedFile, true, $decryptedFile);
 986    }
 987
 988    // }}}
 989    // {{{ sign()
 990
 991    /**
 992     * Signs data
 993     *
 994     * Data may be signed using any one of the three available signing modes:
 995     * - {@link Crypt_GPG::SIGN_MODE_NORMAL}
 996     * - {@link Crypt_GPG::SIGN_MODE_CLEAR}
 997     * - {@link Crypt_GPG::SIGN_MODE_DETACHED}
 998     *
 999     * @param string  $data     the data to be signed.
1000     * @param boolean $mode     optional. The data signing mode to use. Should
1001     *                          be one of {@link Crypt_GPG::SIGN_MODE_NORMAL},
1002     *                          {@link Crypt_GPG::SIGN_MODE_CLEAR} or
1003     *                          {@link Crypt_GPG::SIGN_MODE_DETACHED}. If not
1004     *                          specified, defaults to
1005     *                          <kbd>Crypt_GPG::SIGN_MODE_NORMAL</kbd>.
1006     * @param boolean $armor    optional. If true, ASCII armored data is
1007     *                          returned; otherwise, binary data is returned.
1008     *                          Defaults to true. This has no effect if the
1009     *                          mode <kbd>Crypt_GPG::SIGN_MODE_CLEAR</kbd> is
1010     *                          used.
1011     * @param boolean $textmode optional. If true, line-breaks in signed data
1012     *                          are normalized. Use this option when signing
1013     *                          e-mail, or for greater compatibility between
1014     *                          systems with different line-break formats.
1015     *                          Defaults to false. This has no effect if the
1016     *                          mode <kbd>Crypt_GPG::SIGN_MODE_CLEAR</kbd> is
1017     *                          used as clear-signing always uses textmode.
1018     *
1019     * @return string the signed data, or the signature data if a detached
1020     *                signature is requested.
1021     *
1022     * @throws Crypt_GPG_KeyNotFoundException if no signing key is specified.
1023     *         See {@link Crypt_GPG::addSignKey()}.
1024     *
1025     * @throws Crypt_GPG_BadPassphraseException if a specified passphrase is
1026     *         incorrect or if a required passphrase is not specified.
1027     *
1028     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
1029     *         Use the <kbd>debug</kbd> option and file a bug report if these
1030     *         exceptions occur.
1031     */
1032    public function sign(
1033        $data,
1034        $mode = self::SIGN_MODE_NORMAL,
1035        $armor = self::ARMOR_ASCII,
1036        $textmode = self::TEXT_RAW
1037    ) {
1038        return $this->_sign($data, false, null, $mode, $armor, $textmode);
1039    }
1040
1041    // }}}
1042    // {{{ signFile()
1043
1044    /**
1045     * Signs a file
1046     *
1047     * The file may be signed using any one of the three available signing
1048     * modes:
1049     * - {@link Crypt_GPG::SIGN_MODE_NORMAL}
1050     * - {@link Crypt_GPG::SIGN_MODE_CLEAR}
1051     * - {@link Crypt_GPG::SIGN_MODE_DETACHED}
1052     *
1053     * @param string  $filename   the name of the file containing the data to
1054     *                            be signed.
1055     * @param string  $signedFile optional. The name of the file in which the
1056     *                            signed data should be stored. If null or
1057     *                            unspecified, the signed data is returned as a
1058     *                            string.
1059     * @param boolean $mode       optional. The data signing mode to use. Should
1060     *                            be one of {@link Crypt_GPG::SIGN_MODE_NORMAL},
1061     *                            {@link Crypt_GPG::SIGN_MODE_CLEAR} or
1062     *                            {@link Crypt_GPG::SIGN_MODE_DETACHED}. If not
1063     *                            specified, defaults to
1064     *                            <kbd>Crypt_GPG::SIGN_MODE_NORMAL</kbd>.
1065     * @param boolean $armor      optional. If true, ASCII armored data is
1066     *                            returned; otherwise, binary data is returned.
1067     *                            Defaults to true. This has no effect if the
1068     *                            mode <kbd>Crypt_GPG::SIGN_MODE_CLEAR</kbd> is
1069     *                            used.
1070     * @param boolean $textmode   optional. If true, line-breaks in signed data
1071     *                            are normalized. Use this option when signing
1072     *                            e-mail, or for greater compatibility between
1073     *                            systems with different line-break formats.
1074     *                            Defaults to false. This has no effect if the
1075     *                            mode <kbd>Crypt_GPG::SIGN_MODE_CLEAR</kbd> is
1076     *                            used as clear-signing always uses textmode.
1077     *
1078     * @return void|string if the <kbd>$signedFile</kbd> parameter is null, a
1079     *                     string containing the signed data (or the signature
1080     *                     data if a detached signature is requested) is
1081     *                     returned.
1082     *
1083     * @throws Crypt_GPG_KeyNotFoundException if no signing key is specified.
1084     *         See {@link Crypt_GPG::addSignKey()}.
1085     *
1086     * @throws Crypt_GPG_BadPassphraseException if a specified passphrase is
1087     *         incorrect or if a required passphrase is not specified.
1088     *
1089     * @throws Crypt_GPG_FileException if the output file is not writeable or
1090     *         if the input file is not readable.
1091     *
1092     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
1093     *         Use the <kbd>debug</kbd> option and file a bug report if these
1094     *         exceptions occur.
1095     */
1096    public function signFile(
1097        $filename,
1098        $signedFile = null,
1099        $mode = self::SIGN_MODE_NORMAL,
1100        $armor = self::ARMOR_ASCII,
1101        $textmode = self::TEXT_RAW
1102    ) {
1103        return $this->_sign(
1104            $filename,
1105            true,
1106            $signedFile,
1107            $mode,
1108            $armor,
1109            $textmode
1110        );
1111    }
1112
1113    // }}}
1114    // {{{ verify()
1115
1116    /**
1117     * Verifies signed data
1118     *
1119     * The {@link Crypt_GPG::decrypt()} method may be used to get the original
1120     * message if the signed data is not clearsigned and does not use a
1121     * detached signature.
1122     *
1123     * @param string $signedData the signed data to be verified.
1124     * @param string $signature  optional. If verifying data signed using a
1125     *                           detached signature, this must be the detached
1126     *                           signature data. The data that was signed is
1127     *                           specified in <kbd>$signedData</kbd>.
1128     *
1129     * @return array an array of {@link Crypt_GPG_Signature} objects for the
1130     *               signed data. For each signature that is valid, the
1131     *               {@link Crypt_GPG_Signature::isValid()} will return true.
1132     *
1133     * @throws Crypt_GPG_NoDataException if the provided data is not signed
1134     *         data.
1135     *
1136     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
1137     *         Use the <kbd>debug</kbd> option and file a bug report if these
1138     *         exceptions occur.
1139     *
1140     * @see Crypt_GPG_Signature
1141     */
1142    public function verify($signedData, $signature = '')
1143    {
1144        return $this->_verify($signedData, false, $signature);
1145    }
1146
1147    // }}}
1148    // {{{ verifyFile()
1149
1150    /**
1151     * Verifies a signed file
1152     *
1153     * The {@link Crypt_GPG::decryptFile()} method may be used to get the
1154     * original message if the signed data is not clearsigned and does not use
1155     * a detached signature.
1156     *
1157     * @param string $filename  the signed file to be verified.
1158     * @param string $signature optional. If verifying a file signed using a
1159     *                          detached signature, this must be the detached
1160     *                          signature data. The file that was signed is
1161     *                          specified in <kbd>$filename</kbd>.
1162     *
1163     * @return array an array of {@link Crypt_GPG_Signature} objects for the
1164     *               signed data. For each signature that is valid, the
1165     *               {@link Crypt_GPG_Signature::isValid()} will return true.
1166     *
1167     * @throws Crypt_GPG_NoDataException if the provided data is not signed
1168     *         data.
1169     *
1170     * @throws Crypt_GPG_FileException if the input file is not readable.
1171     *
1172     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
1173     *         Use the <kbd>debug</kbd> option and file a bug report if these
1174     *         exceptions occur.
1175     *
1176     * @see Crypt_GPG_Signature
1177     */
1178    public function verifyFile($filename, $signature = '')
1179    {
1180        return $this->_verify($filename, true, $signature);
1181    }
1182
1183    // }}}
1184    // {{{ addDecryptKey()
1185
1186    /**
1187     * Adds a key to use for decryption
1188     *
1189     * @param mixed  $key        the key to use. This may be a key identifier,
1190     *                           user id, fingerprint, {@link Crypt_GPG_Key} or
1191     *                           {@link Crypt_GPG_SubKey}. The key must be able
1192     *                           to encrypt.
1193     * @param string $passphrase optional. The passphrase of the key required
1194     *                           for decryption.
1195     *
1196     * @return Crypt_GPG the current object, for fluent interface.
1197     *
1198     * @see Crypt_GPG::decrypt()
1199     * @see Crypt_GPG::decryptFile()
1200     * @see Crypt_GPG::clearDecryptKeys()
1201     * @see Crypt_GPG::_addKey()
1202     * @see Crypt_GPG_DecryptStatusHandler
1203     *
1204     * @sensitive $passphrase
1205     */
1206    public function addDecryptKey($key, $passphrase = null)
1207    {
1208        $this->_addKey($this->decryptKeys, true, false, $key, $passphrase);
1209        return $this;
1210    }
1211
1212    // }}}
1213    // {{{ addEncryptKey()
1214
1215    /**
1216     * Adds a key to use for encryption
1217     *
1218     * @param mixed $key the key to use. This may be a key identifier, user id
1219     *                   user id, fingerprint, {@link Crypt_GPG_Key} or
1220     *                   {@link Crypt_GPG_SubKey}. The key must be able to
1221     *                   encrypt.
1222     *
1223     * @return Crypt_GPG the current object, for fluent interface.
1224     *
1225     * @see Crypt_GPG::encrypt()
1226     * @see Crypt_GPG::encryptFile()
1227     * @see Crypt_GPG::clearEncryptKeys()
1228     * @see Crypt_GPG::_addKey()
1229     */
1230    public function addEncryptKey($key)
1231    {
1232        $this->_addKey($this->encryptKeys, true, false, $key);
1233        return $this;
1234    }
1235
1236    // }}}
1237    // {{{ addSignKey()
1238
1239    /**
1240     * Adds a key to use for signing
1241     *
1242     * @param mixed  $key        the key to use. This may be a key identifier,
1243     *                           user id, fingerprint, {@link Crypt_GPG_Key} or
1244     *                           {@link Crypt_GPG_SubKey}. The key must be able
1245     *                           to sign.
1246     * @param string $passphrase optional. The passphrase of the key required
1247     *                           for signing.
1248     *
1249     * @return Crypt_GPG the current object, for fluent interface.
1250     *
1251     * @see Crypt_GPG::sign()
1252     * @see Crypt_GPG::signFile()
1253     * @see Crypt_GPG::clearSignKeys()
1254     * @see Crypt_GPG::handleSignStatus()
1255     * @see Crypt_GPG::_addKey()
1256     *
1257     * @sensitive $passphrase
1258     */
1259    public function addSignKey($key, $passphrase = null)
1260    {
1261        $this->_addKey($this->signKeys, false, true, $key, $passphrase);
1262        return $this;
1263    }
1264
1265    // }}}
1266    // {{{ clearDecryptKeys()
1267
1268    /**
1269     * Clears all decryption keys
1270     *
1271     * @return Crypt_GPG the current object, for fluent interface.
1272     *
1273     * @see Crypt_GPG::decrypt()
1274     * @see Crypt_GPG::addDecryptKey()
1275     */
1276    public function clearDecryptKeys()
1277    {
1278        $this->decryptKeys = array();
1279        return $this;
1280    }
1281
1282    // }}}
1283    // {{{ clearEncryptKeys()
1284
1285    /**
1286     * Clears all encryption keys
1287     *
1288     * @return Crypt_GPG the current object, for fluent interface.
1289     *
1290     * @see Crypt_GPG::encrypt()
1291     * @see Crypt_GPG::addEncryptKey()
1292     */
1293    public function clearEncryptKeys()
1294    {
1295        $this->encryptKeys = array();
1296        return $this;
1297    }
1298
1299    // }}}
1300    // {{{ clearSignKeys()
1301
1302    /**
1303     * Clears all signing keys
1304     *
1305     * @return Crypt_GPG the current object, for fluent interface.
1306     *
1307     * @see Crypt_GPG::sign()
1308     * @see Crypt_GPG::addSignKey()
1309     */
1310    public function clearSignKeys()
1311    {
1312        $this->signKeys = array();
1313        return $this;
1314    }
1315
1316    // }}}
1317    // {{{ handleSignStatus()
1318
1319    /**
1320     * Handles the status output from GPG for the sign operation
1321     *
1322     * This method is responsible for sending the passphrase commands when
1323     * required by the {@link Crypt_GPG::sign()} method. See <b>doc/DETAILS</b>
1324     * in the {@link http://www.gnupg.org/download/ GPG distribution} for
1325     * detailed information on GPG's status output.
1326     *
1327     * @param string $line the status line to handle.
1328     *
1329     * @return void
1330     *
1331     * @see Crypt_GPG::sign()
1332     */
1333    public function handleSignStatus($line)
1334    {
1335        $tokens = explode(' ', $line);
1336        switch ($tokens[0]) {
1337        case 'NEED_PASSPHRASE':
1338            $subKeyId = $tokens[1];
1339            if (array_key_exists($subKeyId, $this->signKeys)) {
1340                $passphrase = $this->signKeys[$subKeyId]['passphrase'];
1341                $this->engine->sendCommand($passphrase);
1342            } else {
1343                $this->engine->sendCommand('');
1344            }
1345            break;
1346        }
1347    }
1348
1349    // }}}
1350    // {{{ handleImportKeyStatus()
1351
1352    /**
1353     * Handles the status output from GPG for the import operation
1354     *
1355     * This method is responsible for building the result array that is
1356     * returned from the {@link Crypt_GPG::importKey()} method. See
1357     * <b>doc/DETAILS</b> in the
1358     * {@link http://www.gnupg.org/download/ GPG distribution} for detailed
1359     * information on GPG's status output.
1360     *
1361     * @param string $line    the status line to handle.
1362     * @param array  &$result the current result array being processed.
1363     *
1364     * @return void
1365     *
1366     * @see Crypt_GPG::importKey()
1367     * @see Crypt_GPG::importKeyFile()
1368     * @see Crypt_GPG_Engine::addStatusHandler()
1369     */
1370    public function han…

Large files files are truncated, but you can click here to view the full file