Crypt_GPG
[ class tree: Crypt_GPG ] [ index: Crypt_GPG ] [ all elements ]

Class: Crypt_GPG

Source Location: /Crypt_GPG-1.6.4/Crypt/GPG.php

Class Overview

Crypt_GPGAbstract
   |
   --Crypt_GPG

A class to use GPG from PHP


Author(s):

Copyright:

  • 2005-2013 silverorange

Variables

Methods


Inherited Variables

Inherited Methods

Class: Crypt_GPGAbstract

Crypt_GPGAbstract::__construct()
Creates a new GPG object
Crypt_GPGAbstract::getVersion()
Returns version of the engine (GnuPG) used for operation.
Crypt_GPGAbstract::setEngine()
Sets the I/O engine to use for GnuPG operations
Crypt_GPGAbstract::setEngineOptions()
Sets per-command additional arguments
Crypt_GPGAbstract::_getKeys()
Gets the available keys in the keyring

Class Details

[line 86]
A class to use GPG from PHP

This class provides an object oriented interface to GNU Privacy Guard (GPG).

Though GPG can support symmetric-key cryptography, this class is intended only to facilitate public-key cryptography.



[ Top ]


Class Variables

$decryptKeys = array()

[line 237]

Keys used to sign

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => $passphrase
  5.    )
  6.  );


Type:   array


[ Top ]

$encryptKeys = array()

[line 199]

Keys used to encrypt

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => null
  5.    )
  6.  );


Type:   array


[ Top ]

$passphrases = array()

[line 251]

Passphrases used on import/export of private keys in GnuPG 2.1

The array is of the form:

  1.  array($key_id => $passphrase);


Type:   array


[ Top ]

$signKeys = array()

[line 218]

Keys used to decrypt

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => $passphrase
  5.    )
  6.  );


Type:   array


[ Top ]



Method Detail

addDecryptKey   [line 1197]

Crypt_GPG addDecryptKey( mixed $key, [string $passphrase = null])

Adds a key to use for decryption

Parameters:

mixed   $key   —  the key to use. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to encrypt.
string   $passphrase   —  optional. The passphrase of the key required for decryption.

[ Top ]

addEncryptKey   [line 1221]

Crypt_GPG addEncryptKey( mixed $key)

Adds a key to use for encryption

Parameters:

mixed   $key   —  the key to use. This may be a key identifier, user id user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to encrypt.

[ Top ]

addPassphrase   [line 1273]

Crypt_GPG addPassphrase( mixed $key, string $passphrase)

Register a private key passphrase for import/export (GnuPG 2.1)

Parameters:

mixed   $key   —  The key to use. This must be a key identifier, or fingerprint.
string   $passphrase   —  The passphrase of the key.

[ Top ]

addSignKey   [line 1249]

Crypt_GPG addSignKey( mixed $key, [string $passphrase = null])

Adds a key to use for signing

Parameters:

mixed   $key   —  the key to use. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to sign.
string   $passphrase   —  optional. The passphrase of the key required for signing.

[ Top ]

clearDecryptKeys   [line 1290]

Crypt_GPG clearDecryptKeys( )

Clears all decryption keys

[ Top ]

clearEncryptKeys   [line 1307]

Crypt_GPG clearEncryptKeys( )

Clears all encryption keys

[ Top ]

clearPassphrases   [line 1342]

Crypt_GPG clearPassphrases( )

Clears all private key passphrases

[ Top ]

clearSignKeys   [line 1324]

Crypt_GPG clearSignKeys( )

Clears all signing keys

[ Top ]

decrypt   [line 831]

string decrypt( string $encryptedData)

Decrypts string data

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: the decrypted data.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Access: public

Parameters:

string   $encryptedData   —  the data to be decrypted.

[ Top ]

decryptAndVerify   [line 917]

array decryptAndVerify( string $encryptedData, [boolean $ignoreVerifyErrors = false])

Decrypts and verifies string data

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data or the public key to verify the signature is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Access: public

Parameters:

string   $encryptedData   —  the encrypted, signed data to be decrypted and verified.
boolean   $ignoreVerifyErrors   —  enables ignoring of signature verification errors caused by missing public key When enabled Crypt_GPG_KeyNotFoundException will not be thrown.

[ Top ]

decryptAndVerifyFile   [line 969]

array decryptAndVerifyFile( string $encryptedFile, [string $decryptedFile = null], [boolean $ignoreVerifyErrors = false])

Decrypts and verifies a signed, encrypted file

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data. If the decrypted data is written to a file, the 'data' element is null.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data or the public key to verify the signature is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $encryptedFile   —  the name of the signed, encrypted file to to decrypt and verify.
string   $decryptedFile   —  optional. The name of the file to which the decrypted data should be written. If null or unspecified, the decrypted data is returned in the results array.
boolean   $ignoreVerifyErrors   —  enables ignoring of signature verification errors caused by missing public key When enabled Crypt_GPG_KeyNotFoundException will not be thrown.

[ Top ]

decryptFile   [line 874]

void|string decryptFile( string $encryptedFile, [string $decryptedFile = null])

Decrypts a file

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: if the $decryptedFile parameter is null, a string containing the decrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $encryptedFile   —  the name of the encrypted file data to decrypt.
string   $decryptedFile   —  optional. The name of the file to which the decrypted data should be written. If null or unspecified, the decrypted data is returned as a string.

[ Top ]

deletePrivateKey   [line 498]

void deletePrivateKey( string $keyId)

Deletes a private key from the keyring

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first private key is deleted.

Calls GPG with the --delete-secret-key command.

  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if a private key with the given $keyId is not found.
  • Access: public

Parameters:

string   $keyId   —  either the full uid of the private key, the email part of the uid of the private key or the key id of the private key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.

[ Top ]

deletePublicKey   [line 448]

void deletePublicKey( string $keyId)

Deletes a public key from the keyring

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first public key is deleted.

The private key must be deleted first or an exception will be thrown. In GnuPG >= 2.1 this limitation does not exist. See Crypt_GPG::deletePrivateKey().

  • Throws: Crypt_GPG_KeyNotFoundException if a public key with the given $keyId is not found.
  • Throws: Crypt_GPG_DeletePrivateKeyException if the specified public key has an associated private key on the keyring. The private key must be deleted first (when using GnuPG < 2.1).
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId   —  either the full uid of the public key, the email part of the uid of the public key or the key id of the public key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.

[ Top ]

encrypt   [line 664]

string encrypt( string $data, [boolean $armor = self::ARMOR_ASCII])

Encrypts string data

Data is ASCII armored by default but may optionally be returned as binary.

  • Return: the encrypted data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Access: public

Parameters:

string   $data   —  the data to be encrypted.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptAndSign   [line 743]

string encryptAndSign( string $data, [boolean $armor = self::ARMOR_ASCII])

Encrypts and signs data

Data is encrypted and signed in a single pass.

NOTE: Until GnuPG version 1.4.10, it was not possible to verify encrypted-signed data without decrypting it at the same time. If you try to use Crypt_GPG::verify() method on encrypted-signed data with earlier GnuPG versions, you will get an error. Please use Crypt_GPG::decryptAndVerify() to verify encrypted-signed data.

  • Return: the encrypted signed data.
  • See: Crypt_GPG::decryptAndVerify()
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Access: public

Parameters:

string   $data   —  the data to be encrypted and signed.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptAndSignFile   [line 794]

void|string encryptAndSignFile( string $filename, [string $signedFile = null], [boolean $armor = self::ARMOR_ASCII])

Encrypts and signs a file

The file is encrypted and signed in a single pass.

NOTE: Until GnuPG version 1.4.10, it was not possible to verify encrypted-signed files without decrypting them at the same time. If you try to use Crypt_GPG::verify() method on encrypted-signed files with earlier GnuPG versions, you will get an error. Please use Crypt_GPG::decryptAndVerifyFile() to verify encrypted-signed files.

  • Return: if the $signedFile parameter is null, a string containing the encrypted, signed data is returned.
  • See: Crypt_GPG::decryptAndVerifyFile()
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $filename   —  the name of the file containing the data to be encrypted and signed.
string   $signedFile   —  optional. The name of the file in which the encrypted, signed data should be stored. If null or unspecified, the encrypted, signed data is returned as a string.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptFile   [line 700]

void|string encryptFile( string $filename, [string $encryptedFile = null], [boolean $armor = self::ARMOR_ASCII])

Encrypts a file

Encrypted data is ASCII armored by default but may optionally be saved as binary.

  • Return: if the $encryptedFile parameter is null, a string containing the encrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $filename   —  the filename of the file to encrypt.
string   $encryptedFile   —  optional. The filename of the file in which to store the encrypted data. If null or unspecified, the encrypted data is returned as a string.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

exportPrivateKey   [line 374]

string exportPrivateKey( string $keyId, [boolean $armor = true])

Exports a private key from the keyring

The exported key remains on the keyring. To delete the key, use Crypt_GPG::deletePrivateKey().

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first private key is exported.

  • Return: the private key data.
  • Throws: Crypt_GPG_KeyNotFoundException if a private key with the given $keyId is not found.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addPassphrase().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId   —  either the full uid of the private key, the email part of the uid of the private key or the key id of the private key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

exportPublicKey   [line 410]

string exportPublicKey( string $keyId, [boolean $armor = true])

Exports a public key from the keyring

The exported key remains on the keyring. To delete the public key, use Crypt_GPG::deletePublicKey().

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first public key is exported.

  • Return: the public key data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if a public key with the given $keyId is not found.
  • Access: public

Parameters:

string   $keyId   —  either the full uid of the public key, the email part of the uid of the public key or the key id of the public key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

getFingerprint   [line 585]

string getFingerprint( string $keyId, [integer $format = self::FORMAT_NONE])

Gets a key fingerprint from the keyring

If more than one key fingerprint is available (for example, if you use a non-unique user id) only the first key fingerprint is returned.

Calls the GPG --list-keys command with the --with-fingerprint option to retrieve a public key fingerprint.

  • Return: the fingerprint of the key, or null if no fingerprint is found for the given $keyId.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId   —  either the full user id of the key, the email part of the user id of the key, or the key id of the key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.
integer   $format   —  optional. How the fingerprint should be formatted. Use Crypt_GPG::FORMAT_X509 for X.509 certificate format, Crypt_GPG::FORMAT_CANONICAL for the format used by GnuPG output and Crypt_GPG::FORMAT_NONE for no formatting. Defaults to
  1. Crypt_GPG::FORMAT_NONE
.

[ Top ]

getKeys   [line 547]

array getKeys( [string $keyId = ''])

Gets the available keys in the keyring

Calls GPG with the --list-keys command and grabs keys. See the first section of doc/DETAILS in the GPG package for a detailed description of how the GPG command output is parsed.

  • Return: an array of Crypt_GPG_Key objects. If no keys match the specified $keyId an empty array is returned.
  • See: Crypt_GPG_Key
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId   —  optional. Only keys with that match the specified pattern are returned. The pattern may be part of a user id, a key id or a key fingerprint. If not specified, all keys are returned.

[ Top ]

getLastSignatureInfo   [line 634]

Crypt_GPG_SignatureCreationInfo getLastSignatureInfo( )

Get information about the last signature that was created.
  • Access: public

[ Top ]

getWarnings   [line 1382]

array getWarnings( )

Get list of GnuPG warnings collected on last operation.
  • Return: List of warning messages
  • Access: public

[ Top ]

hasEncryptKeys   [line 1356]

boolean hasEncryptKeys( )

Tell if there are encryption keys registered
  • Return: True if the data shall be encrypted
  • Access: public

[ Top ]

hasSignKeys   [line 1369]

boolean hasSignKeys( )

Tell if there are signing keys registered
  • Return: True if the data shall be signed
  • Access: public

[ Top ]

importKey   [line 291]

array importKey( string $data)

Imports a public or private key into the keyring

Keys may be removed from the keyring using Crypt_GPG::deletePublicKey() or Crypt_GPG::deletePrivateKey().

  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys.
  • See: Crypt_GPG::clearPassphrases()
  • See: Crypt_GPG::addPassphrase()
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addPassphrase().
  • Access: public

Parameters:

string   $data   —  the key data to be imported.

[ Top ]

importKeyFile   [line 334]

array importKeyFile( string $filename)

Imports a public or private key file into the keyring

Keys may be removed from the keyring using Crypt_GPG::deletePublicKey() or Crypt_GPG::deletePrivateKey().

  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys. private keys.
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the key file is not readable.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addPassphrase().
  • Access: public

Parameters:

string   $filename   —  the key file to be imported.

[ Top ]

sign   [line 1018]

string sign( string $data, [int $mode = self::SIGN_MODE_NORMAL], [boolean $armor = self::ARMOR_ASCII], [boolean $textmode = self::TEXT_RAW])

Signs data

Data may be signed using any one of the three available signing modes:

  • Return: the signed data, or the signature data if a detached signature is requested.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $data   —  the data to be signed.
int   $mode   —  optional. The data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED. If not specified, defaults to Crypt_GPG::SIGN_MODE_NORMAL.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode   —  optional. If true, line-breaks in signed data are normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

signFile   [line 1082]

void|string signFile( string $filename, [string $signedFile = null], [int $mode = self::SIGN_MODE_NORMAL], [boolean $armor = self::ARMOR_ASCII], [boolean $textmode = self::TEXT_RAW])

Signs a file

The file may be signed using any one of the three available signing modes:

  • Return: if the $signedFile parameter is null, a string containing the signed data (or the signature data if a detached signature is requested) is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $filename   —  the name of the file containing the data to be signed.
string   $signedFile   —  optional. The name of the file in which the signed data should be stored. If null or unspecified, the signed data is returned as a string.
int   $mode   —  optional. The data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED. If not specified, defaults to Crypt_GPG::SIGN_MODE_NORMAL.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode   —  optional. If true, line-breaks in signed data are normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

verify   [line 1131]

array verify( string $signedData, [string $signature = ''])

Verifies signed data

The Crypt_GPG::decrypt() method may be used to get the original message if the signed data is not clearsigned and does not use a detached signature.

  • Return: an array of Crypt_GPG_Signature objects for the signed data. For each signature that is valid, the Crypt_GPG_Signature::isValid() will return true.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if the public key needed for signature verification is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Access: public

Parameters:

string   $signedData   —  the signed data to be verified.
string   $signature   —  optional. If verifying data signed using a detached signature, this must be the detached signature data. The data that was signed is specified in $signedData.

[ Top ]

verifyFile   [line 1170]

array verifyFile( string $filename, [string $signature = ''])

Verifies a signed file

The Crypt_GPG::decryptFile() method may be used to get the original message if the signed data is not clearsigned and does not use a detached signature.

  • Return: an array of Crypt_GPG_Signature objects for the signed data. For each signature that is valid, the Crypt_GPG_Signature::isValid() will return true.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_KeyNotFoundException if the public key needed for signature verification is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the input file is not readable.
  • Access: public

Parameters:

string   $filename   —  the signed file to be verified.
string   $signature   —  optional. If verifying a file signed using a detached signature, this must be the detached signature data. The file that was signed is specified in $filename.

[ Top ]

_addKey   [line 1410]

void _addKey( array &$array, boolean $encrypt, boolean $sign, mixed $key, [string $passphrase = null])

Adds a key to one of the internal key arrays

This handles resolving full key objects from the provided $key value.

  • Access: protected

Parameters:

array   &$array   —  the array to which the key should be added.
boolean   $encrypt   —  whether or not the key must be able to encrypt.
boolean   $sign   —  whether or not the key must be able to sign.
mixed   $key   —  the key to add. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey.
string   $passphrase   —  optional. The passphrase associated with the key.

[ Top ]

_decrypt   [line 1685]

void|string _decrypt( string $data, boolean $isFile, string $outputFile)

Decrypts data
  • Return: if the $outputFile parameter is null, a string containing the decrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data   —  the data to be decrypted.
boolean   $isFile   —  whether or not the data is a filename.
string   $outputFile   —  the name of the file to which the decrypted data should be written. If null, the decrypted data is returned as a string.

[ Top ]

_decryptAndVerify   [line 1976]

array _decryptAndVerify( string $data, boolean $isFile, string $outputFile, [boolean $ignoreVerifyErrors = false])

Decrypts and verifies encrypted, signed data
  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data. If the decrypted data is written to a file, the 'data' element is null.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring or if the public key needed for verification is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG signed, encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data   —  the encrypted signed data to be decrypted and verified.
boolean   $isFile   —  whether or not the data is a filename.
string   $outputFile   —  the name of the file to which the decrypted data should be written. If null, the decrypted data is returned in the results array.
boolean   $ignoreVerifyErrors   —  enables ignoring of signature verification errors caused by missing public key. When enabled Crypt_GPG_KeyNotFoundException will not be thrown.

[ Top ]

_encrypt   [line 1626]

void|string _encrypt( string $data, boolean $isFile, string $outputFile, boolean $armor)

Encrypts data
  • Return: if the $outputFile parameter is null, a string containing the encrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: protected

Parameters:

string   $data   —  the data to encrypt.
boolean   $isFile   —  whether or not the data is a filename.
string   $outputFile   —  the filename of the file in which to store the encrypted data. If null, the encrypted data is returned as a string.
boolean   $armor   —  if true, ASCII armored data is returned; otherwise, binary data is returned.

[ Top ]

_encryptAndSign   [line 1833]

void|string _encryptAndSign( string $data, boolean $isFile, string $outputFile, boolean $armor)

Encrypts and signs data
  • Return: if the $outputFile parameter is null, a string containing the encrypted, signed data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data   —  the data to be encrypted and signed.
boolean   $isFile   —  whether or not the data is a filename.
string   $outputFile   —  the name of the file in which the encrypted, signed data should be stored. If null, the encrypted, signed data is returned as a string.
boolean   $armor   —  if true, ASCII armored data is returned; otherwise, binary data is returned.

[ Top ]

_exportKey   [line 1573]

string _exportKey( string $keyId, [boolean $armor = true], [boolean $private = false])

Exports a private or public key from the keyring

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first key is exported.

  • Return: the key data.
  • Throws: Crypt_GPG_KeyNotFoundException if a key with the given $keyId is not found.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addPassphrase().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: protected

Parameters:

string   $keyId   —  either the full uid of the key, the email part of the uid of the key or the key id.
boolean   $armor   —  optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.
boolean   $private   —  return private instead of public key

[ Top ]

_importKey   [line 1517]

array _importKey( string $key, boolean $isFile)

Imports a public or private key into the keyring
  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys.
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the key file is not readable.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addPassphrase().
  • Access: protected

Parameters:

string   $key   —  the key to be imported.
boolean   $isFile   —  whether or not the input is a filename.

[ Top ]

_prepareInput   [line 2014]

void _prepareInput( string $data, [boolean $isFile = false], [boolean $allowEmpty = true])

Prepares command input
  • Throws: Crypt_GPG_FileException if the file is not readable.
  • Throws: Crypt_GPG_NoDataException if the key data is missing.
  • Access: protected

Parameters:

string   $data   —  the input data.
boolean   $isFile   —  whether or not the input is a filename.
boolean   $allowEmpty   —  whether to check if the input is not empty.

[ Top ]

_prepareOutput   [line 2052]

void _prepareOutput( string $outputFile, [boolean $input = null])

Prepares command output
  • Throws: Crypt_GPG_FileException if the file is not writeable.
  • Access: protected

Parameters:

string   $outputFile   —  the name of the file in which the output data should be stored. If null, the output data is returned as a string.
boolean   $input   —  the input resource, in case it would need to be released (closed) on exception.

[ Top ]

_sign   [line 1748]

void|string _sign( string $data, boolean $isFile, string $outputFile, int $mode, boolean $armor, boolean $textmode)

Signs data
  • Return: if the $outputFile parameter is null, a string containing the signed data (or the signature data if a detached signature is requested) is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data   —  the data to be signed.
boolean   $isFile   —  whether or not the data is a filename.
string   $outputFile   —  the name of the file in which the signed data should be stored. If null, the signed data is returned as a string.
int   $mode   —  the data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED.
boolean   $armor   —  if true, ASCII armored data is returned; otherwise, binary data is returned. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode   —  if true, line-breaks in signed data be normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

_verify   [line 1901]

array _verify( string $data, boolean $isFile, string $signature)

Verifies data
  • Return: an array of Crypt_GPG_Signature objects for the signed data.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_KeyNotFoundException if the public key needed for signature verification is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the input file is not readable.
  • Access: protected

Parameters:

string   $data   —  the signed data to be verified.
boolean   $isFile   —  whether or not the data is a filename.
string   $signature   —  if verifying a file signed using a detached signature, this must be the detached signature data. Otherwise, specify ''.

[ Top ]


Documentation generated on Sun, 22 Mar 2020 08:01:07 -0400 by phpDocumentor 1.4.4. PEAR Logo Copyright © PHP Group 2004.