Crypt_GPG
[ class tree: Crypt_GPG ] [ index: Crypt_GPG ] [ all elements ]

Class: Crypt_GPG

Source Location: /Crypt_GPG-1.4.0b4/Crypt/GPG.php

Class Overview

Crypt_GPGAbstract
   |
   --Crypt_GPG

A class to use GPG from PHP


Author(s):

Copyright:

  • 2005-2013 silverorange

Variables

Methods


Inherited Variables

Inherited Methods

Class: Crypt_GPGAbstract

Crypt_GPGAbstract::__construct()
Creates a new GPG object
Crypt_GPGAbstract::setEngine()
Sets the I/O engine to use for GnuPG operations
Crypt_GPGAbstract::_getKeys()
Gets the available keys in the keyring

Class Details

[line 92]
A class to use GPG from PHP

This class provides an object oriented interface to GNU Privacy Guard (GPG).

Though GPG can support symmetric-key cryptography, this class is intended only to facilitate public-key cryptography.



[ Top ]


Class Variables

$decryptKeys = array()

[line 252]

Keys used to sign

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => $passphrase
  5.    )
  6.  );


Type:   array


[ Top ]

$encryptKeys = array()

[line 214]

Keys used to encrypt

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => null
  5.    )
  6.  );


Type:   array


[ Top ]

$engine =  null

[line 195]

Engine used to control the GPG subprocess
  • See: Crypt_GPG::setEngine()
  • Access: protected

Type:   Crypt_GPG_Engine
Overrides:   Array


[ Top ]

$signKeys = array()

[line 233]

Keys used to decrypt

The array is of the form:

  1.  array(
  2.    $key_id => array(
  3.      'fingerprint' => $fingerprint,
  4.      'passphrase'  => $passphrase
  5.    )
  6.  );


Type:   array


[ Top ]



Method Detail

addDecryptKey   [line 1206]

Crypt_GPG addDecryptKey( mixed $key, [string $passphrase = null])

Adds a key to use for decryption

Parameters:

mixed   $key     the key to use. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to encrypt.
string   $passphrase     optional. The passphrase of the key required for decryption.

[ Top ]

addEncryptKey   [line 1230]

Crypt_GPG addEncryptKey( mixed $key)

Adds a key to use for encryption

Parameters:

mixed   $key     the key to use. This may be a key identifier, user id user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to encrypt.

[ Top ]

addSignKey   [line 1259]

Crypt_GPG addSignKey( mixed $key, [string $passphrase = null])

Adds a key to use for signing

Parameters:

mixed   $key     the key to use. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey. The key must be able to sign.
string   $passphrase     optional. The passphrase of the key required for signing.

[ Top ]

clearDecryptKeys   [line 1276]

Crypt_GPG clearDecryptKeys( )

Clears all decryption keys

[ Top ]

clearEncryptKeys   [line 1293]

Crypt_GPG clearEncryptKeys( )

Clears all encryption keys

[ Top ]

clearSignKeys   [line 1310]

Crypt_GPG clearSignKeys( )

Clears all signing keys

[ Top ]

decrypt   [line 855]

string decrypt( string $encryptedData)

Decrypts string data

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: the decrypted data.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Access: public

Parameters:

string   $encryptedData     the data to be decrypted.

[ Top ]

decryptAndVerify   [line 936]

array decryptAndVerify( string $encryptedData)

Decrypts and verifies string data

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Access: public

Parameters:

string   $encryptedData     the encrypted, signed data to be decrypted and verified.

[ Top ]

decryptAndVerifyFile   [line 983]

array decryptAndVerifyFile( string $encryptedFile, [string $decryptedFile = null])

Decrypts and verifies a signed, encrypted file

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data. If the decrypted data is written to a file, the 'data' element is null.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $encryptedFile     the name of the signed, encrypted file to to decrypt and verify.
string   $decryptedFile     optional. The name of the file to which the decrypted data should be written. If null or unspecified, the decrypted data is returned in the results array.

[ Top ]

decryptFile   [line 898]

void|string decryptFile( string $encryptedFile, [string $decryptedFile = null])

Decrypts a file

This method assumes the required private key is available in the keyring and throws an exception if the private key is not available. To add a private key to the keyring, use the Crypt_GPG::importKey() or Crypt_GPG::importKeyFile() methods.

  • Return: if the $decryptedFile parameter is null, a string containing the decrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $encryptedFile     the name of the encrypted file data to decrypt.
string   $decryptedFile     optional. The name of the file to which the decrypted data should be written. If null or unspecified, the decrypted data is returned as a string.

[ Top ]

deletePrivateKey   [line 498]

void deletePrivateKey( string $keyId)

Deletes a private key from the keyring

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first private key is deleted.

Calls GPG with the --delete-secret-key command.

  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if a private key with the given $keyId is not found.
  • Access: public

Parameters:

string   $keyId     either the full uid of the private key, the email part of the uid of the private key or the key id of the private key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.

[ Top ]

deletePublicKey   [line 427]

void deletePublicKey( string $keyId)

Deletes a public key from the keyring

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first public key is deleted.

The private key must be deleted first or an exception will be thrown. See Crypt_GPG::deletePrivateKey().

  • Throws: Crypt_GPG_KeyNotFoundException if a public key with the given $keyId is not found.
  • Throws: Crypt_GPG_DeletePrivateKeyException if the specified public key has an associated private key on the keyring. The private key must be deleted first.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId     either the full uid of the public key, the email part of the uid of the public key or the key id of the public key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.

[ Top ]

encrypt   [line 688]

string encrypt( string $data, [boolean $armor = self::ARMOR_ASCII])

Encrypts string data

Data is ASCII armored by default but may optionally be returned as binary.

  • Return: the encrypted data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Access: public

Parameters:

string   $data     the data to be encrypted.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptAndSign   [line 767]

string encryptAndSign( string $data, [boolean $armor = self::ARMOR_ASCII])

Encrypts and signs data

Data is encrypted and signed in a single pass.

NOTE: Until GnuPG version 1.4.10, it was not possible to verify encrypted-signed data without decrypting it at the same time. If you try to use Crypt_GPG::verify() method on encrypted-signed data with earlier GnuPG versions, you will get an error. Please use Crypt_GPG::decryptAndVerify() to verify encrypted-signed data.

  • Return: the encrypted signed data.
  • See: Crypt_GPG::decryptAndVerify()
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Access: public

Parameters:

string   $data     the data to be encrypted and signed.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptAndSignFile   [line 818]

void|string encryptAndSignFile( string $filename, [string $signedFile = null], [boolean $armor = self::ARMOR_ASCII])

Encrypts and signs a file

The file is encrypted and signed in a single pass.

NOTE: Until GnuPG version 1.4.10, it was not possible to verify encrypted-signed files without decrypting them at the same time. If you try to use Crypt_GPG::verify() method on encrypted-signed files with earlier GnuPG versions, you will get an error. Please use Crypt_GPG::decryptAndVerifyFile() to verify encrypted-signed files.

  • Return: if the $signedFile parameter is null, a string containing the encrypted, signed data is returned.
  • See: Crypt_GPG::decryptAndVerifyFile()
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $filename     the name of the file containing the data to be encrypted and signed.
string   $signedFile     optional. The name of the file in which the encrypted, signed data should be stored. If null or unspecified, the encrypted, signed data is returned as a string.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

encryptFile   [line 724]

void|string encryptFile( string $filename, [string $encryptedFile = null], [boolean $armor = self::ARMOR_ASCII])

Encrypts a file

Encrypted data is ASCII armored by default but may optionally be saved as binary.

  • Return: if the $encryptedFile parameter is null, a string containing the encrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $filename     the filename of the file to encrypt.
string   $encryptedFile     optional. The filename of the file in which to store the encrypted data. If null or unspecified, the encrypted data is returned as a string.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

exportPublicKey   [line 360]

string exportPublicKey( string $keyId, [boolean $armor = true])

Exports a public key from the keyring

The exported key remains on the keyring. To delete the public key, use Crypt_GPG::deletePublicKey().

If more than one key fingerprint is available for the specified $keyId (for example, if you use a non-unique uid) only the first public key is exported.

  • Return: the public key data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_KeyNotFoundException if a public key with the given $keyId is not found.
  • Access: public

Parameters:

string   $keyId     either the full uid of the public key, the email part of the uid of the public key or the key id of the public key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true.

[ Top ]

getFingerprint   [line 605]

string getFingerprint( string $keyId, [integer $format = self::FORMAT_NONE])

Gets a key fingerprint from the keyring

If more than one key fingerprint is available (for example, if you use a non-unique user id) only the first key fingerprint is returned.

Calls the GPG --list-keys command with the --with-fingerprint option to retrieve a public key fingerprint.

  • Return: the fingerprint of the key, or null if no fingerprint is found for the given $keyId.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId     either the full user id of the key, the email part of the user id of the key, or the key id of the key. For example, "Test User (example) <test@example.com>", "test@example.com" or a hexadecimal string.
integer   $format     optional. How the fingerprint should be formatted. Use Crypt_GPG::FORMAT_X509 for X.509 certificate format, Crypt_GPG::FORMAT_CANONICAL for the format used by GnuPG output and Crypt_GPG::FORMAT_NONE for no formatting. Defaults to
  1. Crypt_GPG::FORMAT_NONE
.

[ Top ]

getKeys   [line 567]

array getKeys( [string $keyId = ''])

Gets the available keys in the keyring

Calls GPG with the --list-keys command and grabs keys. See the first section of doc/DETAILS in the GPG package for a detailed description of how the GPG command output is parsed.

  • Return: an array of Crypt_GPG_Key objects. If no keys match the specified $keyId an empty array is returned.
  • See: Crypt_GPG_Key
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $keyId     optional. Only keys with that match the specified pattern are returned. The pattern may be part of a user id, a key id or a key fingerprint. If not specified, all keys are returned.

[ Top ]

handleImportKeyStatus   [line 1370]

void handleImportKeyStatus( string $line, &$result)

Handles the status output from GPG for the import operation

This method is responsible for building the result array that is returned from the Crypt_GPG::importKey() method. See doc/DETAILS in the GPG distribution for detailed information on GPG's status output.


Parameters:

string   $line     the status line to handle.
array   &$result     the current result array being processed.

[ Top ]

handleSignStatus   [line 1333]

void handleSignStatus( string $line)

Handles the status output from GPG for the sign operation

This method is responsible for sending the passphrase commands when required by the Crypt_GPG::sign() method. See doc/DETAILS in the GPG distribution for detailed information on GPG's status output.


Parameters:

string   $line     the status line to handle.

[ Top ]

importKey   [line 285]

array importKey( string $data)

Imports a public or private key into the keyring

Keys may be removed from the keyring using Crypt_GPG::deletePublicKey() or Crypt_GPG::deletePrivateKey().

  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Access: public

Parameters:

string   $data     the key data to be imported.

[ Top ]

importKeyFile   [line 324]

array importKeyFile( string $filename)

Imports a public or private key file into the keyring

Keys may be removed from the keyring using Crypt_GPG::deletePublicKey() or Crypt_GPG::deletePrivateKey().

  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys. private keys.
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Throws: Crypt_GPG_FileException if the key file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $filename     the key file to be imported.

[ Top ]

sign   [line 1032]

string sign( string $data, [boolean $mode = self::SIGN_MODE_NORMAL], [boolean $armor = self::ARMOR_ASCII], [boolean $textmode = self::TEXT_RAW])

Signs data

Data may be signed using any one of the three available signing modes:

  • Return: the signed data, or the signature data if a detached signature is requested.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $data     the data to be signed.
boolean   $mode     optional. The data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED. If not specified, defaults to Crypt_GPG::SIGN_MODE_NORMAL.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode     optional. If true, line-breaks in signed data are normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

signFile   [line 1096]

void|string signFile( string $filename, [string $signedFile = null], [boolean $mode = self::SIGN_MODE_NORMAL], [boolean $armor = self::ARMOR_ASCII], [boolean $textmode = self::TEXT_RAW])

Signs a file

The file may be signed using any one of the three available signing modes:

  • Return: if the $signedFile parameter is null, a string containing the signed data (or the signature data if a detached signature is requested) is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: public

Parameters:

string   $filename     the name of the file containing the data to be signed.
string   $signedFile     optional. The name of the file in which the signed data should be stored. If null or unspecified, the signed data is returned as a string.
boolean   $mode     optional. The data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED. If not specified, defaults to Crypt_GPG::SIGN_MODE_NORMAL.
boolean   $armor     optional. If true, ASCII armored data is returned; otherwise, binary data is returned. Defaults to true. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode     optional. If true, line-breaks in signed data are normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

verify   [line 1142]

array verify( string $signedData, [string $signature = ''])

Verifies signed data

The Crypt_GPG::decrypt() method may be used to get the original message if the signed data is not clearsigned and does not use a detached signature.

  • Return: an array of Crypt_GPG_Signature objects for the signed data. For each signature that is valid, the Crypt_GPG_Signature::isValid() will return true.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: public

Parameters:

string   $signedData     the signed data to be verified.
string   $signature     optional. If verifying data signed using a detached signature, this must be the detached signature data. The data that was signed is specified in $signedData.

[ Top ]

verifyFile   [line 1178]

array verifyFile( string $filename, [string $signature = ''])

Verifies a signed file

The Crypt_GPG::decryptFile() method may be used to get the original message if the signed data is not clearsigned and does not use a detached signature.

  • Return: an array of Crypt_GPG_Signature objects for the signed data. For each signature that is valid, the Crypt_GPG_Signature::isValid() will return true.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Throws: Crypt_GPG_FileException if the input file is not readable.
  • Access: public

Parameters:

string   $filename     the signed file to be verified.
string   $signature     optional. If verifying a file signed using a detached signature, this must be the detached signature data. The file that was signed is specified in $filename.

[ Top ]

_addKey   [line 1410]

void _addKey( &$array, boolean $encrypt, boolean $sign, mixed $key, [string $passphrase = null])

Adds a key to one of the internal key arrays

This handles resolving full key objects from the provided $key value.

  • Access: protected

Parameters:

array   &$array     the array to which the key should be added.
boolean   $encrypt     whether or not the key must be able to encrypt.
boolean   $sign     whether or not the key must be able to sign.
mixed   $key     the key to add. This may be a key identifier, user id, fingerprint, Crypt_GPG_Key or Crypt_GPG_SubKey.
string   $passphrase     optional. The passphrase associated with the key.

[ Top ]

_decrypt   [line 1746]

void|string _decrypt( string $data, boolean $isFile, string $outputFile)

Decrypts data
  • Return: if the $outputFile parameter is null, a string containing the decrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data     the data to be decrypted.
boolean   $isFile     whether or not the data is a filename.
string   $outputFile     the name of the file to which the decrypted data should be written. If null, the decrypted data is returned as a string.

[ Top ]

_decryptAndVerify   [line 2276]

array _decryptAndVerify( string $data, boolean $isFile, string $outputFile)

Decrypts and verifies encrypted, signed data
  • Return: two element array. The array has an element 'data' containing the decrypted data and an element 'signatures' containing an array of Crypt_GPG_Signature objects for the signed data. If the decrypted data is written to a file, the 'data' element is null.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_KeyNotFoundException if the private key needed to decrypt the data is not in the user's keyring or it the public key needed for verification is not in the user's keyring.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if specified data does not contain GPG signed, encrypted data.
  • Throws: Crypt_GPG_BadPassphraseException if a required passphrase is incorrect or if a required passphrase is not specified. See Crypt_GPG::addDecryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data     the encrypted signed data to be decrypted and verified.
boolean   $isFile     whether or not the data is a filename.
string   $outputFile     the name of the file to which the decrypted data should be written. If null, the decrypted data is returned in the results array.

[ Top ]

_encrypt   [line 1640]

void|string _encrypt( string $data, boolean $isFile, string $outputFile, boolean $armor)

Encrypts data
  • Return: if the $outputFile parameter is null, a string containing the encrypted data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified. See Crypt_GPG::addEncryptKey().
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: protected

Parameters:

string   $data     the data to encrypt.
boolean   $isFile     whether or not the data is a filename.
string   $outputFile     the filename of the file in which to store the encrypted data. If null, the encrypted data is returned as a string.
boolean   $armor     if true, ASCII armored data is returned; otherwise, binary data is returned.

[ Top ]

_encryptAndSign   [line 2018]

void|string _encryptAndSign( string $data, boolean $isFile, string $outputFile, boolean $armor)

Encrypts and signs data
  • Return: if the $outputFile parameter is null, a string containing the encrypted, signed data is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no encryption key is specified or if no signing key is specified. See Crypt_GPG::addEncryptKey() and Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data     the data to be encrypted and signed.
boolean   $isFile     whether or not the data is a filename.
string   $outputFile     the name of the file in which the encrypted, signed data should be stored. If null, the encrypted, signed data is returned as a string.
boolean   $armor     if true, ASCII armored data is returned; otherwise, binary data is returned.

[ Top ]

_importKey   [line 1543]

array _importKey( string $key, boolean $isFile)

Imports a public or private key into the keyring
  • Return: an associative array containing the following elements:
    • fingerprint - the fingerprint of the imported key,
    • public_imported - the number of public keys imported,
    • public_unchanged - the number of unchanged public keys,
    • private_imported - the number of private keys imported,
    • private_unchanged - the number of unchanged private keys.
  • Throws: Crypt_GPG_NoDataException if the key data is missing or if the data is is not valid key data.
  • Throws: Crypt_GPG_FileException if the key file is not readable.
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Access: protected

Parameters:

string   $key     the key to be imported.
boolean   $isFile     whether or not the input is a filename.

[ Top ]

_setPinEntryEnv   [line 1499]

void _setPinEntryEnv( $keys)

Sets the PINENTRY_USER_DATA environment variable with the currently added keys and passphrases

Keys and pasphrases are stored as an indexed array of associative arrays that is JSON encoded to a flat string.

For GnuPG 2.x this is how passphrases are passed. For GnuPG 1.x the environment variable is set but not used.

  • Access: protected

Parameters:

array   $keys     the internal key array to use.

[ Top ]

_sign   [line 1864]

void|string _sign( string $data, boolean $isFile, string $outputFile, boolean $mode, boolean $armor, boolean $textmode)

Signs data
  • Return: if the $outputFile parameter is null, a string containing the signed data (or the signature data if a detached signature is requested) is returned.
  • Throws: Crypt_GPG_KeyNotFoundException if no signing key is specified. See Crypt_GPG::addSignKey().
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_BadPassphraseException if a specified passphrase is incorrect or if a required passphrase is not specified.
  • Throws: Crypt_GPG_FileException if the output file is not writeable or if the input file is not readable.
  • Access: protected

Parameters:

string   $data     the data to be signed.
boolean   $isFile     whether or not the data is a filename.
string   $outputFile     the name of the file in which the signed data should be stored. If null, the signed data is returned as a string.
boolean   $mode     the data signing mode to use. Should be one of Crypt_GPG::SIGN_MODE_NORMAL, Crypt_GPG::SIGN_MODE_CLEAR or Crypt_GPG::SIGN_MODE_DETACHED.
boolean   $armor     if true, ASCII armored data is returned; otherwise, binary data is returned. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used.
boolean   $textmode     if true, line-breaks in signed data be normalized. Use this option when signing e-mail, or for greater compatibility between systems with different line-break formats. Defaults to false. This has no effect if the mode Crypt_GPG::SIGN_MODE_CLEAR is used as clear-signing always uses textmode.

[ Top ]

_verify   [line 2155]

array _verify( string $data, boolean $isFile, string $signature)

Verifies data
  • Return: an array of Crypt_GPG_Signature objects for the signed data.
  • See: Crypt_GPG_Signature
  • Throws: Crypt_GPG_Exception if an unknown or unexpected error occurs. Use the debug option and file a bug report if these exceptions occur.
  • Throws: Crypt_GPG_NoDataException if the provided data is not signed data.
  • Throws: Crypt_GPG_FileException if the input file is not readable.
  • Access: protected

Parameters:

string   $data     the signed data to be verified.
boolean   $isFile     whether or not the data is a filename.
string   $signature     if verifying a file signed using a detached signature, this must be the detached signature data. Otherwise, specify ''.

[ Top ]


Documentation generated on Wed, 13 Mar 2013 18:30:09 +0000 by phpDocumentor 1.4.3. PEAR Logo Copyright © PHP Group 2004.