- * @copyright 2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-
-/**
- * CLI user-interface and parser.
- */
-require_once 'Console/CommandLine.php';
-
-// {{{ class Crypt_GPG_PinEntry
-
-/**
- * A command-line dummy pinentry program for use with gpg-agent and Crypt_GPG
- *
- * This pinentry receives passphrases through en environment variable and
- * automatically enters the PIN in response to gpg-agent requests. No user-
- * interaction required.
- *
- * The pinentry can be run independently for testing and debugging with the
- * following syntax:
- *
- *
- * Usage:
- * crypt-gpg-pinentry [options]
- *
- * Options:
- * -l log, --log=log Optional location to log pinentry activity.
- * -v, --verbose Sets verbosity level. Use multiples for more detail
- * (e.g. "-vv").
- * -h, --help show this help message and exit
- * --version show the program version and exit
- *
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @copyright 2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @see Crypt_GPG::getKeys()
- */
-class Crypt_GPG_PinEntry
-{
- // {{{ class constants
-
- /**
- * Verbosity level for showing no output.
- */
- const VERBOSITY_NONE = 0;
-
- /**
- * Verbosity level for showing error output.
- */
- const VERBOSITY_ERRORS = 1;
-
- /**
- * Verbosity level for showing all output, including Assuan protocol
- * messages.
- */
- const VERBOSITY_ALL = 2;
-
- /**
- * Length of buffer for reading lines from the Assuan server.
- *
- * PHP reads 8192 bytes. If this is set to less than 8192, PHP reads 8192
- * and buffers the rest so we might as well just read 8192.
- *
- * Using values other than 8192 also triggers PHP bugs.
- *
- * @see http://bugs.php.net/bug.php?id=35224
- */
- const CHUNK_SIZE = 8192;
-
- // }}}
- // {{{ protected properties
-
- /**
- * File handle for the input stream
- *
- * @var resource
- */
- protected $stdin = null;
-
- /**
- * File handle for the output stream
- *
- * @var resource
- */
- protected $stdout = null;
-
- /**
- * File handle for the log file if a log file is used
- *
- * @var resource
- */
- protected $logFile = null;
-
- /**
- * Whether or not this pinentry is finished and is exiting
- *
- * @var boolean
- */
- protected $moribund = false;
-
- /**
- * Verbosity level
- *
- * One of:
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_NONE},
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_ERRORS}, or
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_ALL}
- *
- * @var integer
- */
- protected $verbosity = self::VERBOSITY_NONE;
-
- /**
- * The command-line interface parser for this pinentry
- *
- * @var Console_CommandLine
- *
- * @see Crypt_GPG_PinEntry::getParser()
- */
- protected $parser = null;
-
- /**
- * PINs to be entered by this pinentry
- *
- * An indexed array of associative arrays in the form:
- *
- * $keyId,
- * 'passphrase' => $passphrase
- * ),
- * ...
- * );
- * ?>
- *
- *
- * This array is parsed from the environment variable
- * PINENTRY_USER_DATA.
- *
- * @var array
- *
- * @see Crypt_GPG_PinEntry::initPinsFromENV()
- */
- protected $pins = array();
-
- /**
- * The PIN currently being requested by the Assuan server
- *
- * If set, this is an associative array in the form:
- *
- * $shortKeyId,
- * 'userId' => $userIdString
- * );
- * ?>
- *
- *
- * @var array|null
- */
- protected $currentPin = null;
-
- // }}}
- // {{{ __invoke()
-
- /**
- * Runs this pinentry
- *
- * @return void
- */
- public function __invoke()
- {
- $this->parser = $this->getCommandLineParser();
-
- try {
- $result = $this->parser->parse();
-
- $this->setVerbosity($result->options['verbose']);
- $this->setLogFilename($result->options['log']);
-
- $this->connect();
- $this->initPinsFromENV();
-
- while (($line = fgets($this->stdin, self::CHUNK_SIZE)) !== false) {
- $this->parseCommand(mb_substr($line, 0, -1, '8bit'));
- if ($this->moribund) {
- break;
- }
- }
-
- $this->disconnect();
-
- } catch (Console_CommandLineException $e) {
- $this->log($e->getMessage() . PHP_EOL, slf::VERBOSITY_ERRORS);
- exit(1);
- } catch (Exception $e) {
- $this->log($e->getMessage() . PHP_EOL, self::VERBOSITY_ERRORS);
- $this->log($e->getTraceAsString() . PHP_EOL, self::VERBOSITY_ERRORS);
- exit(1);
- }
- }
-
- // }}}
- // {{{ setVerbosity()
-
- /**
- * Sets the verbosity of logging for this pinentry
- *
- * Verbosity levels are:
- *
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_NONE} - no logging.
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_ERRORS} - log errors only.
- * - {@link Crypt_GPG_PinEntry::VERBOSITY_ALL} - log everything, including
- * the assuan protocol.
- *
- * @param integer $verbosity the level of verbosity of this pinentry.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- public function setVerbosity($verbosity)
- {
- $this->verbosity = (integer)$verbosity;
- return $this;
- }
-
- // }}}
- // {{{ setLogFilename()
-
- /**
- * Sets the log file location
- *
- * @param string $filename the new log filename to use. If an empty string
- * is used, file-based logging is disabled.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- public function setLogFilename($filename)
- {
- if (is_resource($this->logFile)) {
- fflush($this->logFile);
- fclose($this->logFile);
- $this->logFile = null;
- }
-
- if ($filename != '') {
- if (($this->logFile = fopen($filename, 'w')) === false) {
- $this->log(
- 'Unable to open log file "' . $filename . '" '
- . 'for writing.' . PHP_EOL,
- self::VERBOSITY_ERRORS
- );
- exit(1);
- } else {
- stream_set_write_buffer($this->logFile, 0);
- }
- }
-
- return $this;
- }
-
- // }}}
- // {{{ getUIXML()
-
- /**
- * Gets the CLI user-interface definition for this pinentry
- *
- * Detects whether or not this package is PEAR-installed and appropriately
- * locates the XML UI definition.
- *
- * @return string the location of the CLI user-interface definition XML.
- */
- protected function getUIXML()
- {
- // Find PinEntry config depending on the way how the package is installed
- $ds = DIRECTORY_SEPARATOR;
- $root = __DIR__ . $ds . '..' . $ds . '..' . $ds;
- $paths = array(
- '@data-dir@' . $ds . '@package-name@' . $ds . 'data', // PEAR
- $root . 'data', // Git
- $root . 'data' . $ds . 'Crypt_GPG' . $ds . 'data', // Composer
- );
-
- foreach ($paths as $path) {
- if (file_exists($path . $ds . 'pinentry-cli.xml')) {
- return $path . $ds . 'pinentry-cli.xml';
- }
- }
- }
-
- // }}}
- // {{{ getCommandLineParser()
-
- /**
- * Gets the CLI parser for this pinentry
- *
- * @return Console_CommandLine the CLI parser for this pinentry.
- */
- protected function getCommandLineParser()
- {
- return Console_CommandLine::fromXmlFile($this->getUIXML());
- }
-
- // }}}
- // {{{ log()
-
- /**
- * Logs a message at the specified verbosity level
- *
- * If a log file is used, the message is written to the log. Otherwise,
- * the message is sent to STDERR.
- *
- * @param string $data the message to log.
- * @param integer $level the verbosity level above which the message should
- * be logged.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function log($data, $level)
- {
- if ($this->verbosity >= $level) {
- if (is_resource($this->logFile)) {
- fwrite($this->logFile, $data);
- fflush($this->logFile);
- } else {
- $this->parser->outputter->stderr($data);
- }
- }
-
- return $this;
- }
-
- // }}}
- // {{{ connect()
-
- /**
- * Connects this pinentry to the assuan server
- *
- * Opens I/O streams and sends initial handshake.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function connect()
- {
- // Binary operations will not work on Windows with PHP < 5.2.6.
- $rb = (version_compare(PHP_VERSION, '5.2.6') < 0) ? 'r' : 'rb';
- $wb = (version_compare(PHP_VERSION, '5.2.6') < 0) ? 'w' : 'wb';
-
- $this->stdin = fopen('php://stdin', $rb);
- $this->stdout = fopen('php://stdout', $wb);
-
- if (function_exists('stream_set_read_buffer')) {
- stream_set_read_buffer($this->stdin, 0);
- }
- stream_set_write_buffer($this->stdout, 0);
-
- // initial handshake
- $this->send($this->getOK('Crypt_GPG pinentry ready and waiting'));
-
- return $this;
- }
-
- // }}}
- // {{{ parseCommand()
-
- /**
- * Parses an assuan command and performs the appropriate action
- *
- * Documentation of the assuan commands for pinentry is limited to
- * non-existent. Most of these commands were taken from the C source code
- * to gpg-agent and pinentry.
- *
- * Additional context was provided by using strace -f when calling the
- * gpg-agent.
- *
- * @param string $line the assuan command line to parse
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function parseCommand($line)
- {
- $this->log('<- ' . $line . PHP_EOL, self::VERBOSITY_ALL);
-
- $parts = explode(' ', $line, 2);
-
- $command = $parts[0];
-
- if (count($parts) === 2) {
- $data = $parts[1];
- } else {
- $data = null;
- }
-
- switch ($command) {
- case 'SETDESC':
- return $this->sendSetDescription($data);
-
- case 'MESSAGE':
- return $this->sendMessage();
-
- case 'CONFIRM':
- return $this->sendConfirm();
-
- case 'GETINFO':
- return $this->sendGetInfo($data);
-
- case 'GETPIN':
- return $this->sendGetPin($data);
-
- case 'RESET':
- return $this->sendReset();
-
- case 'BYE':
- return $this->sendBye();
-
- default:
- return $this->sendNotImplementedOK();
- }
- }
-
- // }}}
- // {{{ initPinsFromENV()
-
- /**
- * Initializes the PINs to be entered by this pinentry from the environment
- * variable PINENTRY_USER_DATA
- *
- * The PINs are parsed from a JSON-encoded string.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function initPinsFromENV()
- {
- if (($userData = getenv('PINENTRY_USER_DATA')) !== false) {
- $pins = json_decode($userData, true);
- if ($pins === null) {
- $this->log(
- '-- failed to parse user data' . PHP_EOL,
- self::VERBOSITY_ERRORS
- );
- } else {
- $this->pins = $pins;
- $this->log(
- '-- got user data [not showing passphrases]' . PHP_EOL,
- self::VERBOSITY_ALL
- );
- }
- }
-
- return $this;
- }
-
- // }}}
- // {{{ disconnect()
-
- /**
- * Disconnects this pinentry from the Assuan server
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function disconnect()
- {
- $this->log('-- disconnecting' . PHP_EOL, self::VERBOSITY_ALL);
-
- fflush($this->stdout);
- fclose($this->stdout);
- fclose($this->stdin);
-
- $this->stdin = null;
- $this->stdout = null;
-
- $this->log('-- disconnected' . PHP_EOL, self::VERBOSITY_ALL);
-
- if (is_resource($this->logFile)) {
- fflush($this->logFile);
- fclose($this->logFile);
- $this->logFile = null;
- }
-
- return $this;
- }
-
- // }}}
- // {{{ sendNotImplementedOK()
-
- /**
- * Sends an OK response for a not implemented feature
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendNotImplementedOK()
- {
- return $this->send($this->getOK());
- }
-
- // }}}
- // {{{ sendSetDescription()
-
- /**
- * Parses the currently requested key identifier and user identifier from
- * the description passed to this pinentry
- *
- * @param string $text the raw description sent from gpg-agent.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendSetDescription($text)
- {
- $text = rawurldecode($text);
- $matches = array();
- // TODO: handle user id with quotation marks
- $exp = '/\n"(.+)"\n.*\sID ([A-Z0-9]+),\n/mu';
- if (preg_match($exp, $text, $matches) === 1) {
- $userId = $matches[1];
- $keyId = $matches[2];
-
- if ($this->currentPin === null || $this->currentPin['keyId'] !== $keyId) {
- $this->currentPin = array(
- 'userId' => $userId,
- 'keyId' => $keyId
- );
- $this->log(
- '-- looking for PIN for ' . $keyId . PHP_EOL,
- self::VERBOSITY_ALL
- );
- }
- }
-
- return $this->send($this->getOK());
- }
-
- // }}}
- // {{{ sendConfirm()
-
- /**
- * Tells the assuan server to confirm the operation
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendConfirm()
- {
- return $this->send($this->getOK());
- }
-
- // }}}
- // {{{ sendMessage()
-
- /**
- * Tells the assuan server that any requested pop-up messages were confirmed
- * by pressing the fake 'close' button
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendMessage()
- {
- return $this->sendButtonInfo('close');
- }
-
- // }}}
- // {{{ sendButtonInfo()
-
- /**
- * Sends information about pressed buttons to the assuan server
- *
- * This is used to fake a user-interface for this pinentry.
- *
- * @param string $text the button status to send.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendButtonInfo($text)
- {
- return $this->send('BUTTON_INFO ' . $text . "\n");
- }
-
- // }}}
- // {{{ sendGetPin()
-
- /**
- * Sends the PIN value for the currently requested key
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendGetPin()
- {
- $foundPin = '';
-
- if (is_array($this->currentPin)) {
- $keyIdLength = mb_strlen($this->currentPin['keyId'], '8bit');
-
- // search for the pin
- foreach ($this->pins as $_keyId => $pin) {
- // Warning: GnuPG 2.1 asks 3 times for passphrase if it is invalid
- $keyId = $this->currentPin['keyId'];
- $_keyIdLength = mb_strlen($_keyId, '8bit');
-
- // Get last X characters of key identifier to compare
- // Most GnuPG versions use 8 characters, but recent ones can use 16,
- // We support 8 for backward compatibility
- if ($keyIdLength < $_keyIdLength) {
- $_keyId = mb_substr($_keyId, -$keyIdLength, $keyIdLength, '8bit');
- } else if ($keyIdLength > $_keyIdLength) {
- $keyId = mb_substr($keyId, -$_keyIdLength, $_keyIdLength, '8bit');
- }
-
- if ($_keyId === $keyId) {
- $foundPin = $pin;
- break;
- }
- }
- }
-
- return $this
- ->send($this->getData($foundPin))
- ->send($this->getOK());
- }
-
- // }}}
- // {{{ sendGetInfo()
-
- /**
- * Sends information about this pinentry
- *
- * @param string $data the information requested by the assuan server.
- * Currently only 'pid' is supported. Other requests
- * return no information.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendGetInfo($data)
- {
- $parts = explode(' ', $data, 2);
- $command = reset($parts);
-
- switch ($command) {
- case 'pid':
- return $this->sendGetInfoPID();
- default:
- return $this->send($this->getOK());
- }
-
- return $this;
- }
- // }}}
- // {{{ sendGetInfoPID()
-
- /**
- * Sends the PID of this pinentry to the assuan server
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendGetInfoPID()
- {
- return $this
- ->send($this->getData(getmypid()))
- ->send($this->getOK());
- }
-
- // }}}
- // {{{ sendBye()
-
- /**
- * Flags this pinentry for disconnection and sends an OK response
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendBye()
- {
- $return = $this->send($this->getOK('closing connection'));
- $this->moribund = true;
- return $return;
- }
-
- // }}}
- // {{{ sendReset()
-
- /**
- * Resets this pinentry and sends an OK response
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function sendReset()
- {
- $this->currentPin = null;
- return $this->send($this->getOK());
- }
-
- // }}}
- // {{{ getOK()
-
- /**
- * Gets an OK response to send to the assuan server
- *
- * @param string $data an optional message to include with the OK response.
- *
- * @return string the OK response.
- */
- protected function getOK($data = null)
- {
- $return = 'OK';
-
- if ($data) {
- $return .= ' ' . $data;
- }
-
- return $return . "\n";
- }
-
- // }}}
- // {{{ getData()
-
- /**
- * Gets data ready to send to the assuan server
- *
- * Data is appropriately escaped and long lines are wrapped.
- *
- * @param string $data the data to send to the assuan server.
- *
- * @return string the properly escaped, formatted data.
- *
- * @see http://www.gnupg.org/documentation/manuals/assuan/Server-responses.html
- */
- protected function getData($data)
- {
- // Escape data. Only %, \n and \r need to be escaped but other
- // values are allowed to be escaped. See
- // http://www.gnupg.org/documentation/manuals/assuan/Server-responses.html
- $data = rawurlencode($data);
- $data = $this->getWordWrappedData($data, 'D');
- return $data;
- }
-
- // }}}
- // {{{ getComment()
-
- /**
- * Gets a comment ready to send to the assuan server
- *
- * @param string $data the comment to send to the assuan server.
- *
- * @return string the properly formatted comment.
- *
- * @see http://www.gnupg.org/documentation/manuals/assuan/Server-responses.html
- */
- protected function getComment($data)
- {
- return $this->getWordWrappedData($data, '#');
- }
-
- // }}}
- // {{{ getWordWrappedData()
-
- /**
- * Wraps strings at 1,000 bytes without splitting UTF-8 multibyte
- * characters
- *
- * Each line is prepended with the specified line prefix. Wrapped lines
- * are automatically appended with \ characters.
- *
- * Protocol strings are UTF-8 but maximum line length is 1,000 bytes.
- * mb_strcut() is used so we can limit line length by bytes
- * and not split characters across multiple lines.
- *
- * @param string $data the data to wrap.
- * @param string $prefix a single character to use as the line prefix. For
- * example, 'D' or '#'.
- *
- * @return string the word-wrapped, prefixed string.
- *
- * @see http://www.gnupg.org/documentation/manuals/assuan/Server-responses.html
- */
- protected function getWordWrappedData($data, $prefix)
- {
- $lines = array();
-
- do {
- if (mb_strlen($data, '8bit') > 997) {
- $line = $prefix . ' ' . mb_strcut($data, 0, 996, 'utf-8') . "\\\n";
- $lines[] = $line;
- $lineLength = mb_strlen($line, '8bit') - 1;
- $dataLength = mb_substr($data, '8bit');
- $data = mb_substr(
- $data,
- $lineLength,
- $dataLength - $lineLength,
- '8bit'
- );
- } else {
- $lines[] = $prefix . ' ' . $data . "\n";
- $data = '';
- }
- } while ($data != '');
-
- return implode('', $lines);
- }
-
- // }}}
- // {{{ send()
-
- /**
- * Sends raw data to the assuan server
- *
- * @param string $data the data to send.
- *
- * @return Crypt_GPG_PinEntry the current object, for fluent interface.
- */
- protected function send($data)
- {
- $this->log('-> ' . $data, self::VERBOSITY_ALL);
- fwrite($this->stdout, $data);
- fflush($this->stdout);
- return $this;
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/ProcessControl.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/ProcessControl.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,152 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @copyright 2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-
-// {{{ class Crypt_GPG_ProcessControl
-
-/**
- * A class for monitoring and terminating processes by PID
- *
- * This is used to safely terminate the gpg-agent for GnuPG 2.x. This class
- * is limited in its abilities and can only check if a PID is running and
- * send a PID SIGTERM.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @copyright 2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-class Crypt_GPG_ProcessControl
-{
- // {{{ protected properties
-
- /**
- * The PID (process identifier) being monitored
- *
- * @var integer
- */
- protected $pid;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new process controller from the given PID (process identifier)
- *
- * @param integer $pid the PID (process identifier).
- */
- public function __construct($pid)
- {
- $this->pid = $pid;
- }
-
- // }}}
- // {{{ public function getPid()
-
- /**
- * Gets the PID (process identifier) being controlled
- *
- * @return integer the PID being controlled.
- */
- public function getPid()
- {
- return $this->pid;
- }
-
- // }}}
- // {{{ isRunning()
-
- /**
- * Checks if the process is running
- *
- * If the posix extension is available, posix_getpgid()
- * is used. Otherwise ps is used on UNIX-like systems and
- * tasklist on Windows.
- *
- * @return boolean true if the process is running, false if not.
- */
- public function isRunning()
- {
- $running = false;
-
- if (function_exists('posix_getpgid')) {
- $running = false !== posix_getpgid($this->pid);
- } elseif (PHP_OS === 'WINNT') {
- $command = 'tasklist /fo csv /nh /fi '
- . escapeshellarg('PID eq ' . $this->pid);
-
- $result = exec($command);
- $parts = explode(',', $result);
- $running = (count($parts) > 1 && trim($parts[1], '"') == $this->pid);
- } else {
- $result = exec('ps -p ' . escapeshellarg($this->pid) . ' -o pid=');
- $running = (trim($result) == $this->pid);
- }
-
- return $running;
- }
-
- // }}}
- // {{{ terminate()
-
- /**
- * Ends the process gracefully
- *
- * The signal SIGTERM is sent to the process. The gpg-agent process will
- * end gracefully upon receiving the SIGTERM signal. Upon 3 consecutive
- * SIGTERM signals the gpg-agent will forcefully shut down.
- *
- * If the posix extension is available, posix_kill()
- * is used. Otherwise kill is used on UNIX-like systems and
- * taskkill is used in Windows.
- *
- * @return void
- */
- public function terminate()
- {
- if (function_exists('posix_kill')) {
- posix_kill($this->pid, 15);
- } elseif (PHP_OS === 'WINNT') {
- exec('taskkill /PID ' . escapeshellarg($this->pid));
- } else {
- exec('kill -15 ' . escapeshellarg($this->pid));
- }
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/ProcessHandler.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/ProcessHandler.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,928 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @author Aleksander Machniak
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://www.gnupg.org/
- */
-
-/**
- * GPG exception classes.
- */
-require_once 'Crypt/GPG/Exceptions.php';
-
-/**
- * Signature object class definition
- */
-require_once 'Crypt/GPG/Signature.php';
-
-// {{{ class Crypt_GPG_ProcessHandler
-
-/**
- * Status/Error handler for GPG process pipes.
- *
- * This class is used internally by Crypt_GPG_Engine and does not need to be used
- * directly. See the {@link Crypt_GPG} class for end-user API.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @author Aleksander Machniak
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://www.gnupg.org/
- */
-class Crypt_GPG_ProcessHandler
-{
- // {{{ protected class properties
-
- /**
- * Engine used to control the GPG subprocess
- *
- * @var Crypt_GPG_Engine
- */
- protected $engine;
-
- /**
- * The error code of the current operation
- *
- * @var integer
- */
- protected $errorCode = Crypt_GPG::ERROR_NONE;
-
- /**
- * The number of currently needed passphrases
- *
- * If this is not zero when the GPG command is completed, the error code is
- * set to {@link Crypt_GPG::ERROR_MISSING_PASSPHRASE}.
- *
- * @var integer
- */
- protected $needPassphrase = 0;
-
- /**
- * Some data collected while processing the operation
- * or set for the operation
- *
- * @var array
- * @see self::setData()
- * @see self::getData()
- */
- protected $data = array();
-
- /**
- * The name of the current operation
- *
- * @var string
- * @see self::setOperation()
- */
- protected $operation = null;
-
- /**
- * The value of the argument of current operation
- *
- * @var string
- * @see self::setOperation()
- */
- protected $operationArg = null;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new instance
- *
- * @param Crypt_GPG_Engine $engine Engine object
- */
- public function __construct($engine)
- {
- $this->engine = $engine;
- }
-
- // }}}
- // {{{ setOperation()
-
- /**
- * Sets the operation that is being performed by the engine.
- *
- * @param string $operation The GPG operation to perform.
- *
- * @return void
- */
- public function setOperation($operation)
- {
- $op = null;
- $opArg = null;
-
- // Regexp matching all GPG "operational" arguments
- $regexp = '/--('
- . 'version|import|list-public-keys|list-secret-keys'
- . '|list-keys|delete-key|delete-secret-key|encrypt|sign|clearsign'
- . '|detach-sign|decrypt|verify|export-secret-keys|export|gen-key'
- . ')/';
-
- if (strpos($operation, ' ') === false) {
- $op = trim($operation, '- ');
- } else if (preg_match($regexp, $operation, $matches, PREG_OFFSET_CAPTURE)) {
- $op = trim($matches[0][0], '-');
- $op_len = $matches[0][1] + mb_strlen($op, '8bit') + 3;
- $command = mb_substr($operation, $op_len, null, '8bit');
-
- // we really need the argument if it is a key ID/fingerprint or email
- // address se we can use simplified regexp to "revert escapeshellarg()"
- if (preg_match('/^[\'"]([a-zA-Z0-9:@._-]+)[\'"]/', $command, $matches)) {
- $opArg = $matches[1];
- }
- }
-
- $this->operation = $op;
- $this->operationArg = $opArg;
- }
-
- // }}}
- // {{{ handleStatus()
-
- /**
- * Handles error values in the status output from GPG
- *
- * This method is responsible for setting the
- * {@link self::$errorCode}. See doc/DETAILS in the
- * {@link http://www.gnupg.org/download/ GPG distribution} for detailed
- * information on GPG's status output.
- *
- * @param string $line the status line to handle.
- *
- * @return void
- */
- public function handleStatus($line)
- {
- $tokens = explode(' ', $line);
- switch ($tokens[0]) {
- case 'NODATA':
- $this->errorCode = Crypt_GPG::ERROR_NO_DATA;
- break;
-
- case 'DECRYPTION_OKAY':
- // If the message is encrypted, this is the all-clear signal.
- $this->data['DecryptionOkay'] = true;
- $this->errorCode = Crypt_GPG::ERROR_NONE;
- break;
-
- case 'DELETE_PROBLEM':
- if ($tokens[1] == '1') {
- $this->errorCode = Crypt_GPG::ERROR_KEY_NOT_FOUND;
- break;
- } elseif ($tokens[1] == '2') {
- $this->errorCode = Crypt_GPG::ERROR_DELETE_PRIVATE_KEY;
- break;
- }
- break;
-
- case 'IMPORT_OK':
- $this->data['Import']['fingerprint'] = $tokens[2];
-
- if (empty($this->data['Import']['fingerprints'])) {
- $this->data['Import']['fingerprints'] = array($tokens[2]);
- } else if (!in_array($tokens[2], $this->data['Import']['fingerprints'])) {
- $this->data['Import']['fingerprints'][] = $tokens[2];
- }
-
- break;
-
- case 'IMPORT_RES':
- $this->data['Import']['public_imported'] = intval($tokens[3]);
- $this->data['Import']['public_unchanged'] = intval($tokens[5]);
- $this->data['Import']['private_imported'] = intval($tokens[11]);
- $this->data['Import']['private_unchanged'] = intval($tokens[12]);
- break;
-
- case 'NO_PUBKEY':
- case 'NO_SECKEY':
- $this->data['ErrorKeyId'] = $tokens[1];
-
- if ($this->errorCode != Crypt_GPG::ERROR_MISSING_PASSPHRASE
- && $this->errorCode != Crypt_GPG::ERROR_BAD_PASSPHRASE
- ) {
- $this->errorCode = Crypt_GPG::ERROR_KEY_NOT_FOUND;
- }
-
- // note: this message is also received if there are multiple
- // recipients and a previous key had a correct passphrase.
- $this->data['MissingKeys'][$tokens[1]] = $tokens[1];
-
- // @FIXME: remove missing passphrase registered in ENC_TO handler
- // This is for GnuPG 2.1
- unset($this->data['MissingPassphrases'][$tokens[1]]);
- break;
-
- case 'KEY_CONSIDERED':
- // In GnuPG 2.1.x exporting/importing a secret key requires passphrase
- // However, no NEED_PASSPRASE is returned, https://bugs.gnupg.org/gnupg/issue2667
- // So, handling KEY_CONSIDERED and GET_HIDDEN is needed.
- if (!array_key_exists('KeyConsidered', $this->data)) {
- $this->data['KeyConsidered'] = $tokens[1];
- }
- break;
-
- case 'USERID_HINT':
- // remember the user id for pretty exception messages
- // GnuPG 2.1.15 gives me: "USERID_HINT 0000000000000000 [?]"
- $keyId = $tokens[1];
- if (strcspn($keyId, '0')) {
- $username = implode(' ', array_splice($tokens, 2));
- $this->data['BadPassphrases'][$keyId] = $username;
- }
- break;
-
- case 'ENC_TO':
- // Now we know the message is encrypted. Set flag to check if
- // decryption succeeded.
- $this->data['DecryptionOkay'] = false;
-
- // this is the new key message
- $this->data['CurrentSubKeyId'] = $keyId = $tokens[1];
-
- // For some reason in GnuPG 2.1.11 I get only ENC_TO and no
- // NEED_PASSPHRASE/MISSING_PASSPHRASE/USERID_HINT
- // This is not needed for GnuPG 2.1.15
- if (!empty($_ENV['PINENTRY_USER_DATA'])) {
- $passphrases = json_decode($_ENV['PINENTRY_USER_DATA'], true);
- } else {
- $passphrases = array();
- }
-
- // @TODO: Get user name/email
- $this->data['BadPassphrases'][$keyId] = $keyId;
- if (empty($passphrases) || empty($passphrases[$keyId])) {
- $this->data['MissingPassphrases'][$keyId] = $keyId;
- }
- break;
-
- case 'GOOD_PASSPHRASE':
- // if we got a good passphrase, remove the key from the list of
- // bad passphrases.
- if (isset($this->data['CurrentSubKeyId'])) {
- unset($this->data['BadPassphrases'][$this->data['CurrentSubKeyId']]);
- unset($this->data['MissingPassphrases'][$this->data['CurrentSubKeyId']]);
- }
-
- $this->needPassphrase--;
- break;
-
- case 'BAD_PASSPHRASE':
- $this->errorCode = Crypt_GPG::ERROR_BAD_PASSPHRASE;
- break;
-
- case 'MISSING_PASSPHRASE':
- if (isset($this->data['CurrentSubKeyId'])) {
- $this->data['MissingPassphrases'][$this->data['CurrentSubKeyId']]
- = $this->data['CurrentSubKeyId'];
- }
-
- $this->errorCode = Crypt_GPG::ERROR_MISSING_PASSPHRASE;
- break;
-
- case 'GET_HIDDEN':
- if ($tokens[1] == 'passphrase.enter' && isset($this->data['KeyConsidered'])) {
- $tokens[1] = $this->data['KeyConsidered'];
- } else {
- break;
- }
- // no break
-
- case 'NEED_PASSPHRASE':
- $passphrase = $this->getPin($tokens[1]);
-
- $this->engine->sendCommand($passphrase);
-
- if ($passphrase === '') {
- $this->needPassphrase++;
- }
- break;
-
- case 'SIG_CREATED':
- $this->data['SigCreated'] = $line;
- break;
-
- case 'SIG_ID':
- // note: signature id comes before new signature line and may not
- // exist for some signature types
- $this->data['SignatureId'] = $tokens[1];
- break;
-
- case 'EXPSIG':
- case 'EXPKEYSIG':
- case 'REVKEYSIG':
- case 'BADSIG':
- case 'ERRSIG':
- $this->errorCode = Crypt_GPG::ERROR_BAD_SIGNATURE;
- // no break
- case 'GOODSIG':
- $signature = new Crypt_GPG_Signature();
-
- // if there was a signature id, set it on the new signature
- if (!empty($this->data['SignatureId'])) {
- $signature->setId($this->data['SignatureId']);
- $this->data['SignatureId'] = '';
- }
-
- // Detect whether fingerprint or key id was returned and set
- // signature values appropriately. Key ids are strings of either
- // 16 or 8 hexadecimal characters. Fingerprints are strings of 40
- // hexadecimal characters. The key id is the last 16 characters of
- // the key fingerprint.
- if (mb_strlen($tokens[1], '8bit') > 16) {
- $signature->setKeyFingerprint($tokens[1]);
- $signature->setKeyId(mb_substr($tokens[1], -16, null, '8bit'));
- } else {
- $signature->setKeyId($tokens[1]);
- }
-
- // get user id string
- if ($tokens[0] != 'ERRSIG') {
- $string = implode(' ', array_splice($tokens, 2));
- $string = rawurldecode($string);
-
- $signature->setUserId(Crypt_GPG_UserId::parse($string));
- }
-
- $this->data['Signatures'][] = $signature;
- break;
-
- case 'VALIDSIG':
- if (empty($this->data['Signatures'])) {
- break;
- }
-
- $signature = end($this->data['Signatures']);
-
- $signature->setValid(true);
- $signature->setKeyFingerprint($tokens[1]);
-
- if (strpos($tokens[3], 'T') === false) {
- $signature->setCreationDate($tokens[3]);
- } else {
- $signature->setCreationDate(strtotime($tokens[3]));
- }
-
- if (array_key_exists(4, $tokens)) {
- if (strpos($tokens[4], 'T') === false) {
- $signature->setExpirationDate($tokens[4]);
- } else {
- $signature->setExpirationDate(strtotime($tokens[4]));
- }
- }
-
- break;
-
- case 'KEY_CREATED':
- if (isset($this->data['Handle']) && $tokens[3] == $this->data['Handle']) {
- $this->data['KeyCreated'] = $tokens[2];
- }
- break;
-
- case 'KEY_NOT_CREATED':
- if (isset($this->data['Handle']) && $tokens[1] == $this->data['Handle']) {
- $this->errorCode = Crypt_GPG::ERROR_KEY_NOT_CREATED;
- }
- break;
-
- case 'PROGRESS':
- // todo: at some point, support reporting status async
- break;
-
- // GnuPG 2.1 uses FAILURE and ERROR responses
- case 'FAILURE':
- case 'ERROR':
- $errnum = (int) $tokens[2];
- $source = $errnum >> 24;
- $errcode = $errnum & 0xFFFFFF;
-
- switch ($errcode) {
- case 11: // bad passphrase
- case 87: // bad PIN
- $this->errorCode = Crypt_GPG::ERROR_BAD_PASSPHRASE;
- break;
-
- case 177: // no passphrase
- case 178: // no PIN
- $this->errorCode = Crypt_GPG::ERROR_MISSING_PASSPHRASE;
- break;
-
- case 58:
- $this->errorCode = Crypt_GPG::ERROR_NO_DATA;
- break;
- }
-
- break;
- }
- }
-
- // }}}
- // {{{ handleError()
-
- /**
- * Handles error values in the error output from GPG
- *
- * This method is responsible for setting the
- * {@link Crypt_GPG_Engine::$_errorCode}.
- *
- * @param string $line the error line to handle.
- *
- * @return void
- */
- public function handleError($line)
- {
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- $pattern = '/no valid OpenPGP data found/';
- if (preg_match($pattern, $line) === 1) {
- $this->errorCode = Crypt_GPG::ERROR_NO_DATA;
- }
- }
-
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- $pattern = '/No secret key|secret key not available/';
- if (preg_match($pattern, $line) === 1) {
- $this->errorCode = Crypt_GPG::ERROR_KEY_NOT_FOUND;
- }
- }
-
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- $pattern = '/No public key|public key not found/';
- if (preg_match($pattern, $line) === 1) {
- $this->errorCode = Crypt_GPG::ERROR_KEY_NOT_FOUND;
- }
- }
-
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- $matches = array();
- $pattern = '/can\'t (?:access|open) `(.*?)\'/';
- if (preg_match($pattern, $line, $matches) === 1) {
- $this->data['ErrorFilename'] = $matches[1];
- $this->errorCode = Crypt_GPG::ERROR_FILE_PERMISSIONS;
- }
- }
-
- // GnuPG 2.1: It should return MISSING_PASSPHRASE, but it does not
- // we have to detect it this way. This happens e.g. on private key import
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- $matches = array();
- $pattern = '/key ([0-9A-F]+).* (Bad|No) passphrase/';
- if (preg_match($pattern, $line, $matches) === 1) {
- $keyId = $matches[1];
- // @TODO: Get user name/email
- if (empty($this->data['BadPassphrases'][$keyId])) {
- $this->data['BadPassphrases'][$keyId] = $keyId;
- }
- if ($matches[2] == 'Bad') {
- $this->errorCode = Crypt_GPG::ERROR_BAD_PASSPHRASE;
- } else {
- $this->errorCode = Crypt_GPG::ERROR_MISSING_PASSPHRASE;
- if (empty($this->data['MissingPassphrases'][$keyId])) {
- $this->data['MissingPassphrases'][$keyId] = $keyId;
- }
- }
- }
- }
-
- if ($this->errorCode === Crypt_GPG::ERROR_NONE && $this->operation == 'gen-key') {
- $pattern = '/:([0-9]+): invalid algorithm$/';
- if (preg_match($pattern, $line, $matches) === 1) {
- $this->errorCode = Crypt_GPG::ERROR_BAD_KEY_PARAMS;
- $this->data['LineNumber'] = intval($matches[1]);
- }
- }
- }
-
- // }}}
- // {{{ throwException()
-
- /**
- * On error throws exception
- *
- * @param int $exitcode GPG process exit code
- *
- * @return void
- * @throws Crypt_GPG_Exception
- */
- public function throwException($exitcode = 0)
- {
- if ($exitcode > 0 && $this->errorCode === Crypt_GPG::ERROR_NONE) {
- $this->errorCode = $this->setErrorCode($exitcode);
- }
-
- if ($this->errorCode === Crypt_GPG::ERROR_NONE) {
- return;
- }
-
- $code = $this->errorCode;
- $note = "Please use the 'debug' option when creating the Crypt_GPG " .
- "object, and file a bug report at " . Crypt_GPG::BUG_URI;
-
- switch ($this->operation) {
- case 'version':
- throw new Crypt_GPG_Exception(
- 'Unknown error getting GnuPG version information. ' . $note,
- $code
- );
-
- case 'list-secret-keys':
- case 'list-public-keys':
- case 'list-keys':
- switch ($code) {
- case Crypt_GPG::ERROR_KEY_NOT_FOUND:
- // ignore not found key errors
- break;
-
- case Crypt_GPG::ERROR_FILE_PERMISSIONS:
- if (!empty($this->data['ErrorFilename'])) {
- throw new Crypt_GPG_FileException(
- sprintf(
- 'Error reading GnuPG data file \'%s\'. Check to make ' .
- 'sure it is readable by the current user.',
- $this->data['ErrorFilename']
- ),
- $code,
- $this->data['ErrorFilename']
- );
- }
- throw new Crypt_GPG_FileException(
- 'Error reading GnuPG data file. Check to make sure that ' .
- 'GnuPG data files are readable by the current user.',
- $code
- );
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error getting keys. ' . $note, $code
- );
- }
- break;
-
- case 'delete-key':
- case 'delete-secret-key':
- switch ($code) {
- case Crypt_GPG::ERROR_KEY_NOT_FOUND:
- throw new Crypt_GPG_KeyNotFoundException(
- 'Key not found: ' . $this->operationArg,
- $code,
- $this->operationArg
- );
-
- case Crypt_GPG::ERROR_DELETE_PRIVATE_KEY:
- throw new Crypt_GPG_DeletePrivateKeyException(
- 'Private key must be deleted before public key can be ' .
- 'deleted.',
- $code,
- $this->operationArg
- );
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error deleting key. ' . $note, $code
- );
- }
- break;
-
- case 'import':
- switch ($code) {
- case Crypt_GPG::ERROR_NO_DATA:
- throw new Crypt_GPG_NoDataException(
- 'No valid GPG key data found.', $code
- );
-
- case Crypt_GPG::ERROR_BAD_PASSPHRASE:
- case Crypt_GPG::ERROR_MISSING_PASSPHRASE:
- throw $this->badPassException($code, 'Cannot import private key.');
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error importing GPG key. ' . $note, $code
- );
- }
- break;
-
- case 'export':
- case 'export-secret-keys':
- switch ($code) {
- case Crypt_GPG::ERROR_BAD_PASSPHRASE:
- case Crypt_GPG::ERROR_MISSING_PASSPHRASE:
- throw $this->badPassException($code, 'Cannot export private key.');
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error exporting a key. ' . $note, $code
- );
- }
- break;
-
- case 'encrypt':
- case 'sign':
- case 'clearsign':
- case 'detach-sign':
- switch ($code) {
- case Crypt_GPG::ERROR_KEY_NOT_FOUND:
- throw new Crypt_GPG_KeyNotFoundException(
- 'Cannot sign data. Private key not found. Import the '.
- 'private key before trying to sign data.',
- $code,
- !empty($this->data['ErrorKeyId']) ? $this->data['ErrorKeyId'] : null
- );
-
- case Crypt_GPG::ERROR_BAD_PASSPHRASE:
- throw new Crypt_GPG_BadPassphraseException(
- 'Cannot sign data. Incorrect passphrase provided.', $code
- );
-
- case Crypt_GPG::ERROR_MISSING_PASSPHRASE:
- throw new Crypt_GPG_BadPassphraseException(
- 'Cannot sign data. No passphrase provided.', $code
- );
-
- default:
- throw new Crypt_GPG_Exception(
- "Unknown error {$this->operation}ing data. $note", $code
- );
- }
- break;
-
- case 'verify':
- switch ($code) {
- case Crypt_GPG::ERROR_BAD_SIGNATURE:
- // ignore bad signature errors
- break;
-
- case Crypt_GPG::ERROR_NO_DATA:
- throw new Crypt_GPG_NoDataException(
- 'No valid signature data found.', $code
- );
-
- case Crypt_GPG::ERROR_KEY_NOT_FOUND:
- throw new Crypt_GPG_KeyNotFoundException(
- 'Public key required for data verification not in keyring.',
- $code,
- !empty($this->data['ErrorKeyId']) ? $this->data['ErrorKeyId'] : null
- );
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error validating signature details. ' . $note,
- $code
- );
- }
- break;
-
- case 'decrypt':
- switch ($code) {
- case Crypt_GPG::ERROR_BAD_SIGNATURE:
- // ignore bad signature errors
- break;
-
- case Crypt_GPG::ERROR_KEY_NOT_FOUND:
- if (!empty($this->data['MissingKeys'])) {
- $keyId = reset($this->data['MissingKeys']);
- } else {
- $keyId = '';
- }
-
- throw new Crypt_GPG_KeyNotFoundException(
- 'Cannot decrypt data. No suitable private key is in the ' .
- 'keyring. Import a suitable private key before trying to ' .
- 'decrypt this data.',
- $code,
- $keyId
- );
-
- case Crypt_GPG::ERROR_BAD_PASSPHRASE:
- case Crypt_GPG::ERROR_MISSING_PASSPHRASE:
- throw $this->badPassException($code, 'Cannot decrypt data.');
-
- case Crypt_GPG::ERROR_NO_DATA:
- throw new Crypt_GPG_NoDataException(
- 'Cannot decrypt data. No PGP encrypted data was found in '.
- 'the provided data.',
- $code
- );
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error decrypting data.', $code
- );
- }
- break;
-
- case 'gen-key':
- switch ($code) {
- case Crypt_GPG::ERROR_BAD_KEY_PARAMS:
- throw new Crypt_GPG_InvalidKeyParamsException(
- 'Invalid key algorithm specified.', $code
- );
-
- default:
- throw new Crypt_GPG_Exception(
- 'Unknown error generating key-pair. ' . $note, $code
- );
- }
- }
- }
-
- // }}}
- // {{{ throwException()
-
- /**
- * Check exit code of the GPG operation.
- *
- * @param int $exitcode GPG process exit code
- *
- * @return int Internal error code
- */
- protected function setErrorCode($exitcode)
- {
- if ($this->needPassphrase > 0) {
- return Crypt_GPG::ERROR_MISSING_PASSPHRASE;
- }
-
- if ($this->operation == 'import') {
- return Crypt_GPG::ERROR_NONE;
- }
-
- if ($this->operation == 'decrypt' && !empty($this->data['DecryptionOkay'])) {
- if (!empty($this->data['IgnoreVerifyErrors'])) {
- return Crypt_GPG::ERROR_NONE;
- }
- if (!empty($this->data['MissingKeys'])) {
- return Crypt_GPG::ERROR_KEY_NOT_FOUND;
- }
- }
-
- return Crypt_GPG::ERROR_UNKNOWN;
- }
-
- // }}}
- // {{{ getData()
-
- /**
- * Get data from the last process execution.
- *
- * @param string $name Data element name:
- * - SigCreated: The last SIG_CREATED status.
- * - KeyConsidered: The last KEY_CONSIDERED status identifier.
- * - KeyCreated: The KEY_CREATED status (for specified Handle).
- * - Signatures: Signatures data from verification process.
- * - LineNumber: Number of the gen-key error line.
- * - Import: Result of IMPORT_OK/IMPORT_RES
- *
- * @return mixed
- */
- public function getData($name)
- {
- return isset($this->data[$name]) ? $this->data[$name] : null;
- }
-
- // }}}
- // {{{ setData()
-
- /**
- * Set data for the process execution.
- *
- * @param string $name Data element name:
- * - Handle: The unique key handle used by this handler
- * The key handle is used to track GPG status output
- * for a particular key on --gen-key command before
- * the key has its own identifier.
- * - IgnoreVerifyErrors: Do not throw exceptions
- * when signature verification failes because
- * of a missing public key.
- * @param mixed $value Data element value
- *
- * @return void
- */
- public function setData($name, $value)
- {
- switch ($name) {
- case 'Handle':
- $this->data[$name] = strval($value);
- break;
-
- case 'IgnoreVerifyErrors':
- $this->data[$name] = (bool) $value;
- break;
- }
- }
-
- // }}}
- // {{{ setData()
-
- /**
- * Create Crypt_GPG_BadPassphraseException from operation data.
- *
- * @param int $code Error code
- * @param string $message Error message
- *
- * @return Crypt_GPG_BadPassphraseException
- */
- protected function badPassException($code, $message)
- {
- $badPassphrases = array_diff_key(
- isset($this->data['BadPassphrases']) ? $this->data['BadPassphrases'] : array(),
- isset($this->data['MissingPassphrases']) ? $this->data['MissingPassphrases'] : array()
- );
-
- $missingPassphrases = array_intersect_key(
- isset($this->data['BadPassphrases']) ? $this->data['BadPassphrases'] : array(),
- isset($this->data['MissingPassphrases']) ? $this->data['MissingPassphrases'] : array()
- );
-
- if (count($badPassphrases) > 0) {
- $message .= ' Incorrect passphrase provided for keys: "' .
- implode('", "', $badPassphrases) . '".';
- }
- if (count($missingPassphrases) > 0) {
- $message .= ' No passphrase provided for keys: "' .
- implode('", "', $missingPassphrases) . '".';
- }
-
- return new Crypt_GPG_BadPassphraseException(
- $message,
- $code,
- $badPassphrases,
- $missingPassphrases
- );
- }
-
- // }}}
- // {{{ getPin()
-
- /**
- * Get registered passphrase for specified key.
- *
- * @param string $key Key identifier
- *
- * @return string Passphrase
- */
- protected function getPin($key)
- {
- $passphrase = '';
- $keyIdLength = mb_strlen($key, '8bit');
-
- if ($keyIdLength && !empty($_ENV['PINENTRY_USER_DATA'])) {
- $passphrases = json_decode($_ENV['PINENTRY_USER_DATA'], true);
- foreach ($passphrases as $_keyId => $pass) {
- $keyId = $key;
- $_keyIdLength = mb_strlen($_keyId, '8bit');
-
- // Get last X characters of key identifier to compare
- if ($keyIdLength < $_keyIdLength) {
- $_keyId = mb_substr($_keyId, -$keyIdLength, null, '8bit');
- } else if ($keyIdLength > $_keyIdLength) {
- $keyId = mb_substr($keyId, -$_keyIdLength, null, '8bit');
- }
-
- if ($_keyId === $keyId) {
- $passphrase = $pass;
- break;
- }
- }
- }
-
- return $passphrase;
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/Signature.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/Signature.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,426 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-
-/**
- * User id class definition
- */
-require_once 'Crypt/GPG/UserId.php';
-
-// {{{ class Crypt_GPG_Signature
-
-/**
- * A class for GPG signature information
- *
- * This class is used to store the results of the Crypt_GPG::verify() method.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @see Crypt_GPG::verify()
- */
-class Crypt_GPG_Signature
-{
- // {{{ class properties
-
- /**
- * A base64-encoded string containing a unique id for this signature if
- * this signature has been verified as ok
- *
- * This id is used to prevent replay attacks and is not present for all
- * types of signatures.
- *
- * @var string
- */
- private $_id = '';
-
- /**
- * The fingerprint of the key used to create the signature
- *
- * @var string
- */
- private $_keyFingerprint = '';
-
- /**
- * The id of the key used to create the signature
- *
- * @var string
- */
- private $_keyId = '';
-
- /**
- * The creation date of this signature
- *
- * This is a Unix timestamp.
- *
- * @var integer
- */
- private $_creationDate = 0;
-
- /**
- * The expiration date of the signature
- *
- * This is a Unix timestamp. If this signature does not expire, this will
- * be zero.
- *
- * @var integer
- */
- private $_expirationDate = 0;
-
- /**
- * The user id associated with this signature
- *
- * @var Crypt_GPG_UserId
- */
- private $_userId = null;
-
- /**
- * Whether or not this signature is valid
- *
- * @var boolean
- */
- private $_isValid = false;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new signature
- *
- * Signatures can be initialized from an array of named values. Available
- * names are:
- *
- * - string id - the unique id of this signature.
- * - string fingerprint - the fingerprint of the key used to
- * create the signature. The fingerprint
- * should not contain formatting
- * characters.
- * - string keyId - the id of the key used to create the
- * the signature.
- * - integer creation - the date the signature was created.
- * This is a UNIX timestamp.
- * - integer expiration - the date the signature expired. This
- * is a UNIX timestamp. If the signature
- * does not expire, use 0.
- * - boolean valid - whether or not the signature is valid.
- * - string userId - the user id associated with the
- * signature. This may also be a
- * {@link Crypt_GPG_UserId} object.
- *
- * @param Crypt_GPG_Signature|array $signature optional. Either an existing
- * signature object, which is copied; or an array of initial values.
- */
- public function __construct($signature = null)
- {
- // copy from object
- if ($signature instanceof Crypt_GPG_Signature) {
- $this->_id = $signature->_id;
- $this->_keyFingerprint = $signature->_keyFingerprint;
- $this->_keyId = $signature->_keyId;
- $this->_creationDate = $signature->_creationDate;
- $this->_expirationDate = $signature->_expirationDate;
- $this->_isValid = $signature->_isValid;
-
- if ($signature->_userId instanceof Crypt_GPG_UserId) {
- $this->_userId = clone $signature->_userId;
- }
- }
-
- // initialize from array
- if (is_array($signature)) {
- if (array_key_exists('id', $signature)) {
- $this->setId($signature['id']);
- }
-
- if (array_key_exists('fingerprint', $signature)) {
- $this->setKeyFingerprint($signature['fingerprint']);
- }
-
- if (array_key_exists('keyId', $signature)) {
- $this->setKeyId($signature['keyId']);
- }
-
- if (array_key_exists('creation', $signature)) {
- $this->setCreationDate($signature['creation']);
- }
-
- if (array_key_exists('expiration', $signature)) {
- $this->setExpirationDate($signature['expiration']);
- }
-
- if (array_key_exists('valid', $signature)) {
- $this->setValid($signature['valid']);
- }
-
- if (array_key_exists('userId', $signature)) {
- $userId = new Crypt_GPG_UserId($signature['userId']);
- $this->setUserId($userId);
- }
- }
- }
-
- // }}}
- // {{{ getId()
-
- /**
- * Gets the id of this signature
- *
- * @return string a base64-encoded string containing a unique id for this
- * signature. This id is used to prevent replay attacks and
- * is not present for all types of signatures.
- */
- public function getId()
- {
- return $this->_id;
- }
-
- // }}}
- // {{{ getKeyFingerprint()
-
- /**
- * Gets the fingerprint of the key used to create this signature
- *
- * @return string the fingerprint of the key used to create this signature.
- */
- public function getKeyFingerprint()
- {
- return $this->_keyFingerprint;
- }
-
- // }}}
- // {{{ getKeyId()
-
- /**
- * Gets the id of the key used to create this signature
- *
- * Whereas the fingerprint of the signing key may not always be available
- * (for example if the signature is bad), the id should always be
- * available.
- *
- * @return string the id of the key used to create this signature.
- */
- public function getKeyId()
- {
- return $this->_keyId;
- }
-
- // }}}
- // {{{ getCreationDate()
-
- /**
- * Gets the creation date of this signature
- *
- * @return integer the creation date of this signature. This is a Unix
- * timestamp.
- */
- public function getCreationDate()
- {
- return $this->_creationDate;
- }
-
- // }}}
- // {{{ getExpirationDate()
-
- /**
- * Gets the expiration date of the signature
- *
- * @return integer the expiration date of this signature. This is a Unix
- * timestamp. If this signature does not expire, this will
- * be zero.
- */
- public function getExpirationDate()
- {
- return $this->_expirationDate;
- }
-
- // }}}
- // {{{ getUserId()
-
- /**
- * Gets the user id associated with this signature
- *
- * @return Crypt_GPG_UserId the user id associated with this signature.
- */
- public function getUserId()
- {
- return $this->_userId;
- }
-
- // }}}
- // {{{ isValid()
-
- /**
- * Gets whether or no this signature is valid
- *
- * @return boolean true if this signature is valid and false if it is not.
- */
- public function isValid()
- {
- return $this->_isValid;
- }
-
- // }}}
- // {{{ setId()
-
- /**
- * Sets the id of this signature
- *
- * @param string $id a base64-encoded string containing a unique id for
- * this signature.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- *
- * @see Crypt_GPG_Signature::getId()
- */
- public function setId($id)
- {
- $this->_id = strval($id);
- return $this;
- }
-
- // }}}
- // {{{ setKeyFingerprint()
-
- /**
- * Sets the key fingerprint of this signature
- *
- * @param string $fingerprint the key fingerprint of this signature. This
- * is the fingerprint of the primary key used to
- * create this signature.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setKeyFingerprint($fingerprint)
- {
- $this->_keyFingerprint = strval($fingerprint);
- return $this;
- }
-
- // }}}
- // {{{ setKeyId()
-
- /**
- * Sets the key id of this signature
- *
- * @param string $id the key id of this signature. This is the id of the
- * primary key used to create this signature.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setKeyId($id)
- {
- $this->_keyId = strval($id);
- return $this;
- }
-
- // }}}
- // {{{ setCreationDate()
-
- /**
- * Sets the creation date of this signature
- *
- * @param integer $creationDate the creation date of this signature. This
- * is a Unix timestamp.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setCreationDate($creationDate)
- {
- $this->_creationDate = intval($creationDate);
- return $this;
- }
-
- // }}}
- // {{{ setExpirationDate()
-
- /**
- * Sets the expiration date of this signature
- *
- * @param integer $expirationDate the expiration date of this signature.
- * This is a Unix timestamp. Specify zero if
- * this signature does not expire.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setExpirationDate($expirationDate)
- {
- $this->_expirationDate = intval($expirationDate);
- return $this;
- }
-
- // }}}
- // {{{ setUserId()
-
- /**
- * Sets the user id associated with this signature
- *
- * @param Crypt_GPG_UserId $userId the user id associated with this
- * signature.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setUserId(Crypt_GPG_UserId $userId)
- {
- $this->_userId = $userId;
- return $this;
- }
-
- // }}}
- // {{{ setValid()
-
- /**
- * Sets whether or not this signature is valid
- *
- * @param boolean $isValid true if this signature is valid and false if it
- * is not.
- *
- * @return Crypt_GPG_Signature the current object, for fluent interface.
- */
- public function setValid($isValid)
- {
- $this->_isValid = ($isValid) ? true : false;
- return $this;
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/SignatureCreationInfo.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/SignatureCreationInfo.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,228 +0,0 @@
-
- * @copyright 2015 PEAR
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://pear.php.net/manual/en/package.encryption.crypt-gpg.php
- * @link http://www.gnupg.org/
- */
-
-/**
- * Information about a recently created signature.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Christian Weiske
- * @copyright 2015 PEAR
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://pear.php.net/manual/en/package.encryption.crypt-gpg.php
- * @link http://www.gnupg.org/
- */
-class Crypt_GPG_SignatureCreationInfo
-{
- /**
- * One of the three signature types:
- * - {@link Crypt_GPG::SIGN_MODE_NORMAL}
- * - {@link Crypt_GPG::SIGN_MODE_CLEAR}
- * - {@link Crypt_GPG::SIGN_MODE_DETACHED}
- *
- * @var integer
- */
- protected $mode;
-
- /**
- * Public Key algorithm
- *
- * @var integer
- */
- protected $pkAlgorithm;
-
- /**
- * Algorithm to hash the data
- *
- * @see RFC 2440 / 9.4. Hash Algorithm
- * @var integer
- */
- protected $hashAlgorithm;
-
- /**
- * OpenPGP signature class
- *
- * @var mixed
- */
- protected $class;
-
- /**
- * Unix timestamp when the signature was created
- *
- * @var integer
- */
- protected $timestamp;
-
- /**
- * Key fingerprint
- *
- * @var string
- */
- protected $keyFingerprint;
-
- /**
- * If the line given to the constructor was valid
- *
- * @var boolean
- */
- protected $valid;
-
- /**
- * Names for the hash algorithm IDs.
- *
- * Names taken from RFC 3156, without the leading "pgp-".
- *
- * @see RFC 2440 / 9.4. Hash Algorithm
- * @see RFC 3156 / 5. OpenPGP signed data
- * @var array
- */
- protected static $hashAlgorithmNames = array(
- 1 => 'md5',
- 2 => 'sha1',
- 3 => 'ripemd160',
- 5 => 'md2',
- 6 => 'tiger192',
- 7 => 'haval-5-160',
- 8 => 'sha256',
- 9 => 'sha384',
- 10 => 'sha512',
- 11 => 'sha224',
- );
-
- /**
- * Parse a SIG_CREATED line from gnupg
- *
- * @param string $sigCreatedLine Line beginning with "SIG_CREATED "
- */
- public function __construct($sigCreatedLine = null)
- {
- if ($sigCreatedLine === null) {
- $this->valid = false;
- return;
- }
-
- $parts = explode(' ', $sigCreatedLine);
- if (count($parts) !== 7) {
- $this->valid = false;
- return;
- }
- list(
- $title, $mode, $pkAlgorithm, $hashAlgorithm,
- $class, $timestamp, $keyFingerprint
- ) = $parts;
-
- switch (strtoupper($mode[0])) {
- case 'D':
- $this->mode = Crypt_GPG::SIGN_MODE_DETACHED;
- break;
- case 'C':
- $this->mode = Crypt_GPG::SIGN_MODE_CLEAR;
- break;
- case 'S':
- $this->mode = Crypt_GPG::SIGN_MODE_NORMAL;
- break;
- }
-
- $this->pkAlgorithm = (int) $pkAlgorithm;
- $this->hashAlgorithm = (int) $hashAlgorithm;
- $this->class = $class;
- if (is_numeric($timestamp)) {
- $this->timestamp = (int) $timestamp;
- } else {
- $this->timestamp = strtotime($timestamp);
- }
- $this->keyFingerprint = $keyFingerprint;
- $this->valid = true;
- }
-
- /**
- * Get the signature type
- * - {@link Crypt_GPG::SIGN_MODE_NORMAL}
- * - {@link Crypt_GPG::SIGN_MODE_CLEAR}
- * - {@link Crypt_GPG::SIGN_MODE_DETACHED}
- *
- * @return integer
- */
- public function getMode()
- {
- return $this->mode;
- }
-
- /**
- * Return the public key algorithm used.
- *
- * @return integer
- */
- public function getPkAlgorithm()
- {
- return $this->pkAlgorithm;
- }
-
- /**
- * Return the hash algorithm used to hash the data to sign.
- *
- * @return integer
- */
- public function getHashAlgorithm()
- {
- return $this->hashAlgorithm;
- }
-
- /**
- * Get a name for the used hashing algorithm.
- *
- * @return string|null
- */
- public function getHashAlgorithmName()
- {
- if (!isset(self::$hashAlgorithmNames[$this->hashAlgorithm])) {
- return null;
- }
- return self::$hashAlgorithmNames[$this->hashAlgorithm];
- }
-
- /**
- * Return the timestamp at which the signature was created
- *
- * @return integer
- */
- public function getTimestamp()
- {
- return $this->timestamp;
- }
-
- /**
- * Return the key's fingerprint
- *
- * @return string
- */
- public function getKeyFingerprint()
- {
- return $this->keyFingerprint;
- }
-
- /**
- * Tell if the fingerprint line given to the constructor was valid
- *
- * @return boolean
- */
- public function isValid()
- {
- return $this->valid;
- }
-}
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/SubKey.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/SubKey.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,715 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @author Nathan Fredrickson
- * @copyright 2005-2010 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-
-// {{{ class Crypt_GPG_SubKey
-
-/**
- * A class for GPG sub-key information
- *
- * This class is used to store the results of the {@link Crypt_GPG::getKeys()}
- * method. Sub-key objects are members of a {@link Crypt_GPG_Key} object.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @author Nathan Fredrickson
- * @copyright 2005-2010 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @see Crypt_GPG::getKeys()
- * @see Crypt_GPG_Key::getSubKeys()
- */
-class Crypt_GPG_SubKey
-{
- // {{{ algorithm class constants
-
- /**
- * RSA encryption algorithm.
- */
- const ALGORITHM_RSA = 1;
-
- /**
- * Elgamal encryption algorithm (encryption only).
- */
- const ALGORITHM_ELGAMAL_ENC = 16;
-
- /**
- * DSA encryption algorithm (sometimes called DH, sign only).
- */
- const ALGORITHM_DSA = 17;
-
- /**
- * Elgamal encryption algorithm (signage and encryption - should not be
- * used).
- */
- const ALGORITHM_ELGAMAL_ENC_SGN = 20;
-
- // }}}
- // {{{ usage class constants
-
- /**
- * Key can be used to encrypt
- */
- const USAGE_ENCRYPT = 1;
-
- /**
- * Key can be used to sign
- */
- const USAGE_SIGN = 2;
-
- /**
- * Key can be used to certify other keys
- */
- const USAGE_CERTIFY = 4;
-
- /**
- * Key can be used for authentication
- */
- const USAGE_AUTHENTICATION = 8;
-
- // }}}
- // {{{ class properties
-
- /**
- * The id of this sub-key
- *
- * @var string
- */
- private $_id = '';
-
- /**
- * The algorithm used to create this sub-key
- *
- * The value is one of the Crypt_GPG_SubKey::ALGORITHM_* constants.
- *
- * @var integer
- */
- private $_algorithm = 0;
-
- /**
- * The fingerprint of this sub-key
- *
- * @var string
- */
- private $_fingerprint = '';
-
- /**
- * Length of this sub-key in bits
- *
- * @var integer
- */
- private $_length = 0;
-
- /**
- * Date this sub-key was created
- *
- * This is a Unix timestamp.
- *
- * @var integer
- */
- private $_creationDate = 0;
-
- /**
- * Date this sub-key expires
- *
- * This is a Unix timestamp. If this sub-key does not expire, this will be
- * zero.
- *
- * @var integer
- */
- private $_expirationDate = 0;
-
- /**
- * Contains usage flags of this sub-key
- *
- * @var int
- */
- private $_usage = 0;
-
- /**
- * Whether or not the private key for this sub-key exists in the keyring
- *
- * @var boolean
- */
- private $_hasPrivate = false;
-
- /**
- * Whether or not this sub-key is revoked
- *
- * @var boolean
- */
- private $_isRevoked = false;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new sub-key object
- *
- * Sub-keys can be initialized from an array of named values. Available
- * names are:
- *
- * - string id - the key id of the sub-key.
- * - integer algorithm - the encryption algorithm of the
- * sub-key.
- * - string fingerprint - the fingerprint of the sub-key. The
- * fingerprint should not contain
- * formatting characters.
- * - integer length - the length of the sub-key in bits.
- * - integer creation - the date the sub-key was created.
- * This is a UNIX timestamp.
- * - integer expiration - the date the sub-key expires. This
- * is a UNIX timestamp. If the sub-key
- * does not expire, use 0.
- * - boolean canSign - whether or not the sub-key can be
- * used to sign data.
- * - boolean canEncrypt - whether or not the sub-key can be
- * used to encrypt data.
- * - integer usage - the sub-key usage flags
- * - boolean hasPrivate - whether or not the private key for
- * the sub-key exists in the keyring.
- * - boolean isRevoked - whether or not this sub-key is
- * revoked.
- *
- * @param Crypt_GPG_SubKey|string|array $key optional. Either an existing
- * sub-key object, which is copied; a sub-key string, which is
- * parsed; or an array of initial values.
- */
- public function __construct($key = null)
- {
- // parse from string
- if (is_string($key)) {
- $key = self::parse($key);
- }
-
- // copy from object
- if ($key instanceof Crypt_GPG_SubKey) {
- $this->_id = $key->_id;
- $this->_algorithm = $key->_algorithm;
- $this->_fingerprint = $key->_fingerprint;
- $this->_length = $key->_length;
- $this->_creationDate = $key->_creationDate;
- $this->_expirationDate = $key->_expirationDate;
- $this->_usage = $key->_usage;
- $this->_hasPrivate = $key->_hasPrivate;
- $this->_isRevoked = $key->_isRevoked;
- }
-
- // initialize from array
- if (is_array($key)) {
- if (array_key_exists('id', $key)) {
- $this->setId($key['id']);
- }
-
- if (array_key_exists('algorithm', $key)) {
- $this->setAlgorithm($key['algorithm']);
- }
-
- if (array_key_exists('fingerprint', $key)) {
- $this->setFingerprint($key['fingerprint']);
- }
-
- if (array_key_exists('length', $key)) {
- $this->setLength($key['length']);
- }
-
- if (array_key_exists('creation', $key)) {
- $this->setCreationDate($key['creation']);
- }
-
- if (array_key_exists('expiration', $key)) {
- $this->setExpirationDate($key['expiration']);
- }
-
- if (array_key_exists('usage', $key)) {
- $this->setUsage($key['usage']);
- }
-
- if (array_key_exists('canSign', $key)) {
- $this->setCanSign($key['canSign']);
- }
-
- if (array_key_exists('canEncrypt', $key)) {
- $this->setCanEncrypt($key['canEncrypt']);
- }
-
- if (array_key_exists('hasPrivate', $key)) {
- $this->setHasPrivate($key['hasPrivate']);
- }
-
- if (array_key_exists('isRevoked', $key)) {
- $this->setRevoked($key['isRevoked']);
- }
- }
- }
-
- // }}}
- // {{{ getId()
-
- /**
- * Gets the id of this sub-key
- *
- * @return string the id of this sub-key.
- */
- public function getId()
- {
- return $this->_id;
- }
-
- // }}}
- // {{{ getAlgorithm()
-
- /**
- * Gets the algorithm used by this sub-key
- *
- * The algorithm should be one of the Crypt_GPG_SubKey::ALGORITHM_*
- * constants.
- *
- * @return integer the algorithm used by this sub-key.
- */
- public function getAlgorithm()
- {
- return $this->_algorithm;
- }
-
- // }}}
- // {{{ getCreationDate()
-
- /**
- * Gets the creation date of this sub-key
- *
- * This is a Unix timestamp.
- *
- * @return integer the creation date of this sub-key.
- */
- public function getCreationDate()
- {
- return $this->_creationDate;
- }
-
- // }}}
- // {{{ getExpirationDate()
-
- /**
- * Gets the date this sub-key expires
- *
- * This is a Unix timestamp. If this sub-key does not expire, this will be
- * zero.
- *
- * @return integer the date this sub-key expires.
- */
- public function getExpirationDate()
- {
- return $this->_expirationDate;
- }
-
- // }}}
- // {{{ getFingerprint()
-
- /**
- * Gets the fingerprint of this sub-key
- *
- * @return string the fingerprint of this sub-key.
- */
- public function getFingerprint()
- {
- return $this->_fingerprint;
- }
-
- // }}}
- // {{{ getLength()
-
- /**
- * Gets the length of this sub-key in bits
- *
- * @return integer the length of this sub-key in bits.
- */
- public function getLength()
- {
- return $this->_length;
- }
-
- // }}}
- // {{{ canSign()
-
- /**
- * Gets whether or not this sub-key can sign data
- *
- * @return boolean true if this sub-key can sign data and false if this
- * sub-key can not sign data.
- */
- public function canSign()
- {
- return ($this->_usage & self::USAGE_SIGN) != 0;
- }
-
- // }}}
- // {{{ canEncrypt()
-
- /**
- * Gets whether or not this sub-key can encrypt data
- *
- * @return boolean true if this sub-key can encrypt data and false if this
- * sub-key can not encrypt data.
- */
- public function canEncrypt()
- {
- return ($this->_usage & self::USAGE_ENCRYPT) != 0;
- }
-
- // }}}
- // {{{ usage()
-
- /**
- * Gets usage flags of this sub-key
- *
- * @return int Sum of usage flags
- */
- public function usage()
- {
- return $this->_usage;
- }
-
- // }}}
- // {{{ hasPrivate()
-
- /**
- * Gets whether or not the private key for this sub-key exists in the
- * keyring
- *
- * @return boolean true the private key for this sub-key exists in the
- * keyring and false if it does not.
- */
- public function hasPrivate()
- {
- return $this->_hasPrivate;
- }
-
- // }}}
- // {{{ isRevoked()
-
- /**
- * Gets whether or not this sub-key is revoked
- *
- * @return boolean true if this sub-key is revoked and false if it is not.
- */
- public function isRevoked()
- {
- return $this->_isRevoked;
- }
-
- // }}}
- // {{{ setCreationDate()
-
- /**
- * Sets the creation date of this sub-key
- *
- * The creation date is a Unix timestamp.
- *
- * @param integer $creationDate the creation date of this sub-key.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setCreationDate($creationDate)
- {
- $this->_creationDate = intval($creationDate);
- return $this;
- }
-
- // }}}
- // {{{ setExpirationDate()
-
- /**
- * Sets the expiration date of this sub-key
- *
- * The expiration date is a Unix timestamp. Specify zero if this sub-key
- * does not expire.
- *
- * @param integer $expirationDate the expiration date of this sub-key.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setExpirationDate($expirationDate)
- {
- $this->_expirationDate = intval($expirationDate);
- return $this;
- }
-
- // }}}
- // {{{ setId()
-
- /**
- * Sets the id of this sub-key
- *
- * @param string $id the id of this sub-key.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setId($id)
- {
- $this->_id = strval($id);
- return $this;
- }
-
- // }}}
- // {{{ setAlgorithm()
-
- /**
- * Sets the algorithm used by this sub-key
- *
- * @param integer $algorithm the algorithm used by this sub-key.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setAlgorithm($algorithm)
- {
- $this->_algorithm = intval($algorithm);
- return $this;
- }
-
- // }}}
- // {{{ setFingerprint()
-
- /**
- * Sets the fingerprint of this sub-key
- *
- * @param string $fingerprint the fingerprint of this sub-key.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setFingerprint($fingerprint)
- {
- $this->_fingerprint = strval($fingerprint);
- return $this;
- }
-
- // }}}
- // {{{ setLength()
-
- /**
- * Sets the length of this sub-key in bits
- *
- * @param integer $length the length of this sub-key in bits.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setLength($length)
- {
- $this->_length = intval($length);
- return $this;
- }
-
- // }}}
- // {{{ setCanSign()
-
- /**
- * Sets whether or not this sub-key can sign data
- *
- * @param boolean $canSign true if this sub-key can sign data and false if
- * it can not.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setCanSign($canSign)
- {
- if ($canSign) {
- $this->_usage |= self::USAGE_SIGN;
- } else {
- $this->_usage &= ~self::USAGE_SIGN;
- }
-
- return $this;
- }
-
- // }}}
- // {{{ setCanEncrypt()
-
- /**
- * Sets whether or not this sub-key can encrypt data
- *
- * @param boolean $canEncrypt true if this sub-key can encrypt data and
- * false if it can not.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setCanEncrypt($canEncrypt)
- {
- if ($canEncrypt) {
- $this->_usage |= self::USAGE_ENCRYPT;
- } else {
- $this->_usage &= ~self::USAGE_ENCRYPT;
- }
-
- return $this;
- }
-
- // }}}
- // {{{ setUsage()
-
- /**
- * Sets usage flags of the sub-key
- *
- * @param integer $usage Usage flags
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setUsage($usage)
- {
- $this->_usage = (int) $usage;
- return $this;
- }
-
- // }}}
- // {{{ setHasPrivate()
-
- /**
- * Sets whether of not the private key for this sub-key exists in the
- * keyring
- *
- * @param boolean $hasPrivate true if the private key for this sub-key
- * exists in the keyring and false if it does
- * not.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setHasPrivate($hasPrivate)
- {
- $this->_hasPrivate = ($hasPrivate) ? true : false;
- return $this;
- }
-
- // }}}
- // {{{ setRevoked()
-
- /**
- * Sets whether or not this sub-key is revoked
- *
- * @param boolean $isRevoked whether or not this sub-key is revoked.
- *
- * @return Crypt_GPG_SubKey the current object, for fluent interface.
- */
- public function setRevoked($isRevoked)
- {
- $this->_isRevoked = ($isRevoked) ? true : false;
- return $this;
- }
-
- // }}}
- // {{{ parse()
-
- /**
- * Parses a sub-key object from a sub-key string
- *
- * See doc/DETAILS in the
- * {@link http://www.gnupg.org/download/ GPG distribution} for information
- * on how the sub-key string is parsed.
- *
- * @param string $string the string containing the sub-key.
- *
- * @return Crypt_GPG_SubKey the sub-key object parsed from the string.
- */
- public static function parse($string)
- {
- $tokens = explode(':', $string);
-
- $subKey = new Crypt_GPG_SubKey();
-
- $subKey->setId($tokens[4]);
- $subKey->setLength($tokens[2]);
- $subKey->setAlgorithm($tokens[3]);
- $subKey->setCreationDate(self::_parseDate($tokens[5]));
- $subKey->setExpirationDate(self::_parseDate($tokens[6]));
-
- if ($tokens[1] == 'r') {
- $subKey->setRevoked(true);
- }
-
- $usage = 0;
- $usage_map = array(
- 'a' => self::USAGE_AUTHENTICATION,
- 'c' => self::USAGE_CERTIFY,
- 'e' => self::USAGE_ENCRYPT,
- 's' => self::USAGE_SIGN,
- );
-
- foreach ($usage_map as $key => $flag) {
- if (strpos($tokens[11], $key) !== false) {
- $usage |= $flag;
- }
- }
-
- $subKey->setUsage($usage);
-
- return $subKey;
- }
-
- // }}}
- // {{{ _parseDate()
-
- /**
- * Parses a date string as provided by GPG into a UNIX timestamp
- *
- * @param string $string the date string.
- *
- * @return integer the UNIX timestamp corresponding to the provided date
- * string.
- */
- private static function _parseDate($string)
- {
- if ($string == '') {
- $timestamp = 0;
- } else {
- // all times are in UTC according to GPG documentation
- $timeZone = new DateTimeZone('UTC');
-
- if (strpos($string, 'T') === false) {
- // interpret as UNIX timestamp
- $string = '@' . $string;
- }
-
- $date = new DateTime($string, $timeZone);
-
- // convert to UNIX timestamp
- $timestamp = intval($date->format('U'));
- }
-
- return $timestamp;
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPG/UserId.php
--- a/vendor/pear/crypt_gpg/Crypt/GPG/UserId.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,378 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @copyright 2008-2010 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- */
-
-// {{{ class Crypt_GPG_UserId
-
-/**
- * A class for GPG user id information
- *
- * This class is used to store the results of the {@link Crypt_GPG::getKeys()}
- * method. User id objects are members of a {@link Crypt_GPG_Key} object.
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Michael Gauthier
- * @copyright 2008-2010 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @see Crypt_GPG::getKeys()
- * @see Crypt_GPG_Key::getUserIds()
- */
-class Crypt_GPG_UserId
-{
- // {{{ class properties
-
- /**
- * The name field of this user id
- *
- * @var string
- */
- private $_name = '';
-
- /**
- * The comment field of this user id
- *
- * @var string
- */
- private $_comment = '';
-
- /**
- * The email field of this user id
- *
- * @var string
- */
- private $_email = '';
-
- /**
- * Whether or not this user id is revoked
- *
- * @var boolean
- */
- private $_isRevoked = false;
-
- /**
- * Whether or not this user id is valid
- *
- * @var boolean
- */
- private $_isValid = true;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new user id
- *
- * User ids can be initialized from an array of named values. Available
- * names are:
- *
- * - string name - the name field of the user id.
- * - string comment - the comment field of the user id.
- * - string email - the email field of the user id.
- * - boolean valid - whether or not the user id is valid.
- * - boolean revoked - whether or not the user id is revoked.
- *
- * @param Crypt_GPG_UserId|string|array $userId optional. Either an
- * existing user id object, which is copied; a user id string, which
- * is parsed; or an array of initial values.
- */
- public function __construct($userId = null)
- {
- // parse from string
- if (is_string($userId)) {
- $userId = self::parse($userId);
- }
-
- // copy from object
- if ($userId instanceof Crypt_GPG_UserId) {
- $this->_name = $userId->_name;
- $this->_comment = $userId->_comment;
- $this->_email = $userId->_email;
- $this->_isRevoked = $userId->_isRevoked;
- $this->_isValid = $userId->_isValid;
- }
-
- // initialize from array
- if (is_array($userId)) {
- if (array_key_exists('name', $userId)) {
- $this->setName($userId['name']);
- }
-
- if (array_key_exists('comment', $userId)) {
- $this->setComment($userId['comment']);
- }
-
- if (array_key_exists('email', $userId)) {
- $this->setEmail($userId['email']);
- }
-
- if (array_key_exists('revoked', $userId)) {
- $this->setRevoked($userId['revoked']);
- }
-
- if (array_key_exists('valid', $userId)) {
- $this->setValid($userId['valid']);
- }
- }
- }
-
- // }}}
- // {{{ getName()
-
- /**
- * Gets the name field of this user id
- *
- * @return string the name field of this user id.
- */
- public function getName()
- {
- return $this->_name;
- }
-
- // }}}
- // {{{ getComment()
-
- /**
- * Gets the comments field of this user id
- *
- * @return string the comments field of this user id.
- */
- public function getComment()
- {
- return $this->_comment;
- }
-
- // }}}
- // {{{ getEmail()
-
- /**
- * Gets the email field of this user id
- *
- * @return string the email field of this user id.
- */
- public function getEmail()
- {
- return $this->_email;
- }
-
- // }}}
- // {{{ isRevoked()
-
- /**
- * Gets whether or not this user id is revoked
- *
- * @return boolean true if this user id is revoked and false if it is not.
- */
- public function isRevoked()
- {
- return $this->_isRevoked;
- }
-
- // }}}
- // {{{ isValid()
-
- /**
- * Gets whether or not this user id is valid
- *
- * @return boolean true if this user id is valid and false if it is not.
- */
- public function isValid()
- {
- return $this->_isValid;
- }
-
- // }}}
- // {{{ __toString()
-
- /**
- * Gets a string representation of this user id
- *
- * The string is formatted as:
- * name (comment) .
- *
- * @return string a string representation of this user id.
- */
- public function __toString()
- {
- $components = array();
-
- if (mb_strlen($this->_name, '8bit') > 0) {
- $components[] = $this->_name;
- }
-
- if (mb_strlen($this->_comment, '8bit') > 0) {
- $components[] = '(' . $this->_comment . ')';
- }
-
- if (mb_strlen($this->_email, '8bit') > 0) {
- $components[] = '<' . $this->_email. '>';
- }
-
- return implode(' ', $components);
- }
-
- // }}}
- // {{{ setName()
-
- /**
- * Sets the name field of this user id
- *
- * @param string $name the name field of this user id.
- *
- * @return Crypt_GPG_UserId the current object, for fluent interface.
- */
- public function setName($name)
- {
- $this->_name = strval($name);
- return $this;
- }
-
- // }}}
- // {{{ setComment()
-
- /**
- * Sets the comment field of this user id
- *
- * @param string $comment the comment field of this user id.
- *
- * @return Crypt_GPG_UserId the current object, for fluent interface.
- */
- public function setComment($comment)
- {
- $this->_comment = strval($comment);
- return $this;
- }
-
- // }}}
- // {{{ setEmail()
-
- /**
- * Sets the email field of this user id
- *
- * @param string $email the email field of this user id.
- *
- * @return Crypt_GPG_UserId the current object, for fluent interface.
- */
- public function setEmail($email)
- {
- $this->_email = strval($email);
- return $this;
- }
-
- // }}}
- // {{{ setRevoked()
-
- /**
- * Sets whether or not this user id is revoked
- *
- * @param boolean $isRevoked whether or not this user id is revoked.
- *
- * @return Crypt_GPG_UserId the current object, for fluent interface.
- */
- public function setRevoked($isRevoked)
- {
- $this->_isRevoked = ($isRevoked) ? true : false;
- return $this;
- }
-
- // }}}
- // {{{ setValid()
-
- /**
- * Sets whether or not this user id is valid
- *
- * @param boolean $isValid whether or not this user id is valid.
- *
- * @return Crypt_GPG_UserId the current object, for fluent interface.
- */
- public function setValid($isValid)
- {
- $this->_isValid = ($isValid) ? true : false;
- return $this;
- }
-
- // }}}
- // {{{ parse()
-
- /**
- * Parses a user id object from a user id string
- *
- * A user id string is of the form:
- * name (comment) with the comment
- * and email-address fields being optional.
- *
- * @param string $string the user id string to parse.
- *
- * @return Crypt_GPG_UserId the user id object parsed from the string.
- */
- public static function parse($string)
- {
- $userId = new Crypt_GPG_UserId();
- $name = '';
- $email = '';
- $comment = '';
-
- // get email address from end of string if it exists
- $matches = array();
- if (preg_match('/^(.*?)<([^>]+)>$/', $string, $matches) === 1) {
- $string = trim($matches[1]);
- $email = $matches[2];
- }
-
- // get comment from end of string if it exists
- $matches = array();
- if (preg_match('/^(.+?) \(([^\)]+)\)$/', $string, $matches) === 1) {
- $string = $matches[1];
- $comment = $matches[2];
- }
-
- // there can be an email without a name
- if (!$email && preg_match('/^[\S]+@[\S]+$/', $string, $matches) === 1) {
- $email = $string;
- } else {
- $name = $string;
- }
-
- $userId->setName($name);
- $userId->setComment($comment);
- $userId->setEmail($email);
-
- return $userId;
- }
-
- // }}}
-}
-
-// }}}
-
-?>
diff -r cee7317dd26a -r daefe8ad6705 vendor/pear/crypt_gpg/Crypt/GPGAbstract.php
--- a/vendor/pear/crypt_gpg/Crypt/GPGAbstract.php Wed Oct 08 09:03:29 2025 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,464 +0,0 @@
-
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://pear.php.net/manual/en/package.encryption.crypt-gpg.php
- * @link http://www.gnupg.org/
- */
-
-/**
- * GPG key class
- */
-require_once 'Crypt/GPG/Key.php';
-
-/**
- * GPG sub-key class
- */
-require_once 'Crypt/GPG/SubKey.php';
-
-/**
- * GPG user id class
- */
-require_once 'Crypt/GPG/UserId.php';
-
-/**
- * GPG process and I/O engine class
- */
-require_once 'Crypt/GPG/Engine.php';
-
-// {{{ class Crypt_GPGAbstract
-
-/**
- * Base class for implementing a user of {@link Crypt_GPG_Engine}
- *
- * @category Encryption
- * @package Crypt_GPG
- * @author Nathan Fredrickson
- * @author Michael Gauthier
- * @copyright 2005-2013 silverorange
- * @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
- * @link http://pear.php.net/package/Crypt_GPG
- * @link http://www.gnupg.org/
- */
-abstract class Crypt_GPGAbstract
-{
- // {{{ class error constants
-
- /**
- * Error code returned when there is no error.
- */
- const ERROR_NONE = 0;
-
- /**
- * Error code returned when an unknown or unhandled error occurs.
- */
- const ERROR_UNKNOWN = 1;
-
- /**
- * Error code returned when a bad passphrase is used.
- */
- const ERROR_BAD_PASSPHRASE = 2;
-
- /**
- * Error code returned when a required passphrase is missing.
- */
- const ERROR_MISSING_PASSPHRASE = 3;
-
- /**
- * Error code returned when a key that is already in the keyring is
- * imported.
- */
- const ERROR_DUPLICATE_KEY = 4;
-
- /**
- * Error code returned the required data is missing for an operation.
- *
- * This could be missing key data, missing encrypted data or missing
- * signature data.
- */
- const ERROR_NO_DATA = 5;
-
- /**
- * Error code returned when an unsigned key is used.
- */
- const ERROR_UNSIGNED_KEY = 6;
-
- /**
- * Error code returned when a key that is not self-signed is used.
- */
- const ERROR_NOT_SELF_SIGNED = 7;
-
- /**
- * Error code returned when a public or private key that is not in the
- * keyring is used.
- */
- const ERROR_KEY_NOT_FOUND = 8;
-
- /**
- * Error code returned when an attempt to delete public key having a
- * private key is made.
- */
- const ERROR_DELETE_PRIVATE_KEY = 9;
-
- /**
- * Error code returned when one or more bad signatures are detected.
- */
- const ERROR_BAD_SIGNATURE = 10;
-
- /**
- * Error code returned when there is a problem reading GnuPG data files.
- */
- const ERROR_FILE_PERMISSIONS = 11;
-
- /**
- * Error code returned when a key could not be created.
- */
- const ERROR_KEY_NOT_CREATED = 12;
-
- /**
- * Error code returned when bad key parameters are used during key
- * generation.
- */
- const ERROR_BAD_KEY_PARAMS = 13;
-
- // }}}
- // {{{ other class constants
-
- /**
- * URI at which package bugs may be reported.
- */
- const BUG_URI = 'http://pear.php.net/bugs/report.php?package=Crypt_GPG';
-
- // }}}
- // {{{ protected class properties
-
- /**
- * Engine used to control the GPG subprocess
- *
- * @var Crypt_GPG_Engine
- *
- * @see Crypt_GPGAbstract::setEngine()
- */
- protected $engine = null;
-
- // }}}
- // {{{ __construct()
-
- /**
- * Creates a new GPG object
- *
- * Available options are:
- *
- * - string homedir - the directory where the GPG
- * keyring files are stored. If not
- * specified, Crypt_GPG uses the
- * default of ~/.gnupg.
- * - string publicKeyring - the file path of the public
- * keyring. Use this if the public
- * keyring is not in the homedir, or
- * if the keyring is in a directory
- * not writable by the process
- * invoking GPG (like Apache). Then
- * you can specify the path to the
- * keyring with this option
- * (/foo/bar/pubring.gpg), and specify
- * a writable directory (like /tmp)
- * using the homedir option.
- * - string privateKeyring - the file path of the private
- * keyring. Use this if the private
- * keyring is not in the homedir, or
- * if the keyring is in a directory
- * not writable by the process
- * invoking GPG (like Apache). Then
- * you can specify the path to the
- * keyring with this option
- * (/foo/bar/secring.gpg), and specify
- * a writable directory (like /tmp)
- * using the homedir option.
- * - string trustDb - the file path of the web-of-trust
- * database. Use this if the trust
- * database is not in the homedir, or
- * if the database is in a directory
- * not writable by the process
- * invoking GPG (like Apache). Then
- * you can specify the path to the
- * trust database with this option
- * (/foo/bar/trustdb.gpg), and specify
- * a writable directory (like /tmp)
- * using the homedir option.
- * - string binary - the location of the GPG binary. If
- * not specified, the driver attempts
- * to auto-detect the GPG binary
- * location using a list of known
- * default locations for the current
- * operating system. The option
- * gpgBinary is a
- * deprecated alias for this option.
- * - string agent - the location of the GnuPG agent
- * binary. The gpg-agent is only
- * used for GnuPG 2.x. If not
- * specified, the engine attempts
- * to auto-detect the gpg-agent
- * binary location using a list of
- * know default locations for the
- * current operating system.
- * - string|false gpgconf - the location of the GnuPG conf
- * binary. The gpgconf is only
- * used for GnuPG >= 2.1. If not
- * specified, the engine attempts
- * to auto-detect the location using
- * a list of know default locations.
- * When set to FALSE `gpgconf --kill`
- * will not be executed via destructor.
- * - string digest-algo - Sets the message digest algorithm.
- * - string cipher-algo - Sets the symmetric cipher.
- * - boolean strict - In strict mode clock problems on
- * subkeys and signatures are not ignored
- * (--ignore-time-conflict
- * and --ignore-valid-from options)
- * - mixed debug - whether or not to use debug mode.
- * When debug mode is on, all
- * communication to and from the GPG
- * subprocess is logged. This can be
- * useful to diagnose errors when
- * using Crypt_GPG.
- *
- * @param array $options optional. An array of options used to create the
- * GPG object. All options are optional and are
- * represented as key-value pairs.
- *
- * @throws Crypt_GPG_FileException if the homedir does not exist
- * and cannot be created. This can happen if homedir is
- * not specified, Crypt_GPG is run as the web user, and the web
- * user has no home directory. This exception is also thrown if any
- * of the options publicKeyring,
- * privateKeyring or trustDb options are
- * specified but the files do not exist or are are not readable.
- * This can happen if the user running the Crypt_GPG process (for
- * example, the Apache user) does not have permission to read the
- * files.
- *
- * @throws PEAR_Exception if the provided binary is invalid, or
- * if no binary is provided and no suitable binary could
- * be found.
- *
- * @throws PEAR_Exception if the provided agent is invalid, or
- * if no agent is provided and no suitable gpg-agent
- * cound be found.
- */
- public function __construct(array $options = array())
- {
- $this->setEngine(new Crypt_GPG_Engine($options));
- }
-
- // }}}
- // {{{ setEngine()
-
- /**
- * Sets the I/O engine to use for GnuPG operations
- *
- * Normally this method does not need to be used. It provides a means for
- * dependency injection.
- *
- * @param Crypt_GPG_Engine $engine the engine to use.
- *
- * @return Crypt_GPGAbstract the current object, for fluent interface.
- */
- public function setEngine(Crypt_GPG_Engine $engine)
- {
- $this->engine = $engine;
- return $this;
- }
-
- // }}}
- // {{{ getVersion()
-
- /**
- * Returns version of the engine (GnuPG) used for operation.
- *
- * @return string GnuPG version.
- *
- * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
- * Use the debug option and file a bug report if these
- * exceptions occur.
- */
- public function getVersion()
- {
- return $this->engine->getVersion();
- }
-
- // }}}
- // {{{ _getKeys()
-
- /**
- * Gets the available keys in the keyring
- *
- * Calls GPG with the --list-keys command and grabs keys. See
- * the first section of doc/DETAILS in the
- * {@link http://www.gnupg.org/download/ GPG package} for a detailed
- * description of how the GPG command output is parsed.
- *
- * @param string $keyId optional. Only keys with that match the specified
- * pattern are returned. The pattern may be part of
- * a user id, a key id or a key fingerprint. If not
- * specified, all keys are returned.
- *
- * @return array an array of {@link Crypt_GPG_Key} objects. If no keys
- * match the specified $keyId an empty array is
- * returned.
- *
- * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
- * Use the debug option and file a bug report if these
- * exceptions occur.
- *
- * @see Crypt_GPG_Key
- */
- protected function _getKeys($keyId = '')
- {
- // get private key fingerprints
- if ($keyId == '') {
- $operation = '--list-secret-keys';
- } else {
- $operation = '--utf8-strings --list-secret-keys ' . escapeshellarg($keyId);
- }
-
- // According to The file 'doc/DETAILS' in the GnuPG distribution, using
- // double '--with-fingerprint' also prints the fingerprint for subkeys.
- $arguments = array(
- '--with-colons',
- '--with-fingerprint',
- '--with-fingerprint',
- '--fixed-list-mode'
- );
-
- $output = '';
-
- $this->engine->reset();
- $this->engine->setOutput($output);
- $this->engine->setOperation($operation, $arguments);
- $this->engine->run();
-
- $privateKeyFingerprints = array();
-
- foreach (explode(PHP_EOL, $output) as $line) {
- $lineExp = explode(':', $line);
- if ($lineExp[0] == 'fpr') {
- $privateKeyFingerprints[] = $lineExp[9];
- }
- }
-
- // get public keys
- if ($keyId == '') {
- $operation = '--list-public-keys';
- } else {
- $operation = '--utf8-strings --list-public-keys ' . escapeshellarg($keyId);
- }
-
- $output = '';
-
- $this->engine->reset();
- $this->engine->setOutput($output);
- $this->engine->setOperation($operation, $arguments);
- $this->engine->run();
-
- $keys = array();
- $key = null; // current key
- $subKey = null; // current sub-key
-
- foreach (explode(PHP_EOL, $output) as $line) {
- $lineExp = explode(':', $line);
-
- if ($lineExp[0] == 'pub') {
-
- // new primary key means last key should be added to the array
- if ($key !== null) {
- $keys[] = $key;
- }
-
- $key = new Crypt_GPG_Key();
-
- $subKey = Crypt_GPG_SubKey::parse($line);
- $key->addSubKey($subKey);
-
- } elseif ($lineExp[0] == 'sub') {
-
- $subKey = Crypt_GPG_SubKey::parse($line);
- $key->addSubKey($subKey);
-
- } elseif ($lineExp[0] == 'fpr') {
-
- $fingerprint = $lineExp[9];
-
- // set current sub-key fingerprint
- $subKey->setFingerprint($fingerprint);
-
- // if private key exists, set has private to true
- if (in_array($fingerprint, $privateKeyFingerprints)) {
- $subKey->setHasPrivate(true);
- }
-
- } elseif ($lineExp[0] == 'uid') {
-
- $string = stripcslashes($lineExp[9]); // as per documentation
- $userId = new Crypt_GPG_UserId($string);
-
- if ($lineExp[1] == 'r') {
- $userId->setRevoked(true);
- }
-
- $key->addUserId($userId);
-
- }
- }
-
- // add last key
- if ($key !== null) {
- $keys[] = $key;
- }
-
- return $keys;
- }
-
- // }}}
-}
-
-// }}}
-
-?>