robin.thoni
/
docker-roundcube-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
2 Branches
Tree: v1.4.0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.4.0'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.3.6/vendor/pear/crypt_gpg/Crypt/GPG/KeyGenerator.php

KeyGenerator.php 25KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683 
  1. <?php

  2. 

  3. /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */

  4. 

  5. /**

  6.  * Crypt_GPG is a package to use GPG from PHP

  7.  *

  8.  * This file contains an object that handles GnuPG key generation.

  9.  *

  10.  * PHP version 5

  11.  *

  12.  * LICENSE:

  13.  *

  14.  * This library is free software; you can redistribute it and/or modify

  15.  * it under the terms of the GNU Lesser General Public License as

  16.  * published by the Free Software Foundation; either version 2.1 of the

  17.  * License, or (at your option) any later version.

  18.  *

  19.  * This library is distributed in the hope that it will be useful,

  20.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  21.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

  22.  * Lesser General Public License for more details.

  23.  *

  24.  * You should have received a copy of the GNU Lesser General Public

  25.  * License along with this library; if not, see

  26.  * <http://www.gnu.org/licenses/>

  27.  *

  28.  * @category  Encryption

  29.  * @package   Crypt_GPG

  30.  * @author    Michael Gauthier <mike@silverorange.com>

  31.  * @copyright 2011-2013 silverorange

  32.  * @license   http://www.gnu.org/copyleft/lesser.html LGPL License 2.1

  33.  * @link      http://pear.php.net/package/Crypt_GPG

  34.  * @link      http://www.gnupg.org/

  35.  */

  36. 

  37. /**

  38.  * Base class for GPG methods

  39.  */

  40. require_once 'Crypt/GPGAbstract.php';

  41. 

  42. // {{{ class Crypt_GPG_KeyGenerator

  43. 

  44. /**

  45.  * GnuPG key generator

  46.  *

  47.  * This class provides an object oriented interface for generating keys with

  48.  * the GNU Privacy Guard (GPG).

  49.  *

  50.  * Secure key generation requires true random numbers, and as such can be slow.

  51.  * If the operating system runs out of entropy, key generation will block until

  52.  * more entropy is available.

  53.  *

  54.  * If quick key generation is important, a hardware entropy generator, or an

  55.  * entropy gathering daemon may be installed. For example, administrators of

  56.  * Debian systems may want to install the 'randomsound' package.

  57.  *

  58.  * This class uses the experimental automated key generation support available

  59.  * in GnuPG. See <b>doc/DETAILS</b> in the

  60.  * {@link http://www.gnupg.org/download/ GPG distribution} for detailed

  61.  * information on the key generation format.

  62.  *

  63.  * @category  Encryption

  64.  * @package   Crypt_GPG

  65.  * @author    Nathan Fredrickson <nathan@silverorange.com>

  66.  * @author    Michael Gauthier <mike@silverorange.com>

  67.  * @copyright 2005-2013 silverorange

  68.  * @license   http://www.gnu.org/copyleft/lesser.html LGPL License 2.1

  69.  * @link      http://pear.php.net/package/Crypt_GPG

  70.  * @link      http://www.gnupg.org/

  71.  */

  72. class Crypt_GPG_KeyGenerator extends Crypt_GPGAbstract

  73. {

  74.     // {{{ protected properties

  75. 

  76.     /**

  77.      * The expiration date of generated keys

  78.      *

  79.      * @var integer

  80.      *

  81.      * @see Crypt_GPG_KeyGenerator::setExpirationDate()

  82.      */

  83.     protected $expirationDate = 0;

  84. 

  85.     /**

  86.      * The passphrase of generated keys

  87.      *

  88.      * @var string

  89.      *

  90.      * @see Crypt_GPG_KeyGenerator::setPassphrase()

  91.      */

  92.     protected $passphrase = '';

  93. 

  94.     /**

  95.      * The algorithm for generated primary keys

  96.      *

  97.      * @var integer

  98.      *

  99.      * @see Crypt_GPG_KeyGenerator::setKeyParams()

  100.      */

  101.     protected $keyAlgorithm = Crypt_GPG_SubKey::ALGORITHM_DSA;

  102. 

  103.     /**

  104.      * The size of generated primary keys

  105.      *

  106.      * @var integer

  107.      *

  108.      * @see Crypt_GPG_KeyGenerator::setKeyParams()

  109.      */

  110.     protected $keySize = 1024;

  111. 

  112.     /**

  113.      * The usages of generated primary keys

  114.      *

  115.      * This is a bitwise combination of the usage constants in

  116.      * {@link Crypt_GPG_SubKey}.

  117.      *

  118.      * @var integer

  119.      *

  120.      * @see Crypt_GPG_KeyGenerator::setKeyParams()

  121.      */

  122.     protected $keyUsage = 6; // USAGE_SIGN | USAGE_CERTIFY

  123. 

  124.     /**

  125.      * The algorithm for generated sub-keys

  126.      *

  127.      * @var integer

  128.      *

  129.      * @see Crypt_GPG_KeyGenerator::setSubKeyParams()

  130.      */

  131.     protected $subKeyAlgorithm = Crypt_GPG_SubKey::ALGORITHM_ELGAMAL_ENC;

  132. 

  133.     /**

  134.      * The size of generated sub-keys

  135.      *

  136.      * @var integer

  137.      *

  138.      * @see Crypt_GPG_KeyGenerator::setSubKeyParams()

  139.      */

  140.     protected $subKeySize = 2048;

  141. 

  142.     /**

  143.      * The usages of generated sub-keys

  144.      *

  145.      * This is a bitwise combination of the usage constants in

  146.      * {@link Crypt_GPG_SubKey}.

  147.      *

  148.      * @var integer

  149.      *

  150.      * @see Crypt_GPG_KeyGenerator::setSubKeyParams()

  151.      */

  152.     protected $subKeyUsage = Crypt_GPG_SubKey::USAGE_ENCRYPT;

  153. 

  154.     // }}}

  155.     // {{{ __construct()

  156. 

  157.     /**

  158.      * Creates a new GnuPG key generator

  159.      *

  160.      * Available options are:

  161.      *

  162.      * - <kbd>string  homedir</kbd>        - the directory where the GPG

  163.      *                                       keyring files are stored. If not

  164.      *                                       specified, Crypt_GPG uses the

  165.      *                                       default of <kbd>~/.gnupg</kbd>.

  166.      * - <kbd>string  publicKeyring</kbd>  - the file path of the public

  167.      *                                       keyring. Use this if the public

  168.      *                                       keyring is not in the homedir, or

  169.      *                                       if the keyring is in a directory

  170.      *                                       not writable by the process

  171.      *                                       invoking GPG (like Apache). Then

  172.      *                                       you can specify the path to the

  173.      *                                       keyring with this option

  174.      *                                       (/foo/bar/pubring.gpg), and specify

  175.      *                                       a writable directory (like /tmp)

  176.      *                                       using the <i>homedir</i> option.

  177.      * - <kbd>string  privateKeyring</kbd> - the file path of the private

  178.      *                                       keyring. Use this if the private

  179.      *                                       keyring is not in the homedir, or

  180.      *                                       if the keyring is in a directory

  181.      *                                       not writable by the process

  182.      *                                       invoking GPG (like Apache). Then

  183.      *                                       you can specify the path to the

  184.      *                                       keyring with this option

  185.      *                                       (/foo/bar/secring.gpg), and specify

  186.      *                                       a writable directory (like /tmp)

  187.      *                                       using the <i>homedir</i> option.

  188.      * - <kbd>string  trustDb</kbd>        - the file path of the web-of-trust

  189.      *                                       database. Use this if the trust

  190.      *                                       database is not in the homedir, or

  191.      *                                       if the database is in a directory

  192.      *                                       not writable by the process

  193.      *                                       invoking GPG (like Apache). Then

  194.      *                                       you can specify the path to the

  195.      *                                       trust database with this option

  196.      *                                       (/foo/bar/trustdb.gpg), and specify

  197.      *                                       a writable directory (like /tmp)

  198.      *                                       using the <i>homedir</i> option.

  199.      * - <kbd>string  binary</kbd>         - the location of the GPG binary. If

  200.      *                                       not specified, the driver attempts

  201.      *                                       to auto-detect the GPG binary

  202.      *                                       location using a list of known

  203.      *                                       default locations for the current

  204.      *                                       operating system. The option

  205.      *                                       <kbd>gpgBinary</kbd> is a

  206.      *                                       deprecated alias for this option.

  207.      * - <kbd>string  agent</kbd>          - the location of the GnuPG agent

  208.      *                                       binary. The gpg-agent is only

  209.      *                                       used for GnuPG 2.x. If not

  210.      *                                       specified, the engine attempts

  211.      *                                       to auto-detect the gpg-agent

  212.      *                                       binary location using a list of

  213.      *                                       know default locations for the

  214.      *                                       current operating system.

  215.      * - <kbd>mixed debug</kbd>            - whether or not to use debug mode.

  216.      *                                       When debug mode is on, all

  217.      *                                       communication to and from the GPG

  218.      *                                       subprocess is logged. This can be

  219.      *

  220.      * @param array $options optional. An array of options used to create the

  221.      *                       GPG object. All options are optional and are

  222.      *                       represented as key-value pairs.

  223.      *

  224.      * @throws Crypt_GPG_FileException if the <kbd>homedir</kbd> does not exist

  225.      *         and cannot be created. This can happen if <kbd>homedir</kbd> is

  226.      *         not specified, Crypt_GPG is run as the web user, and the web

  227.      *         user has no home directory. This exception is also thrown if any

  228.      *         of the options <kbd>publicKeyring</kbd>,

  229.      *         <kbd>privateKeyring</kbd> or <kbd>trustDb</kbd> options are

  230.      *         specified but the files do not exist or are are not readable.

  231.      *         This can happen if the user running the Crypt_GPG process (for

  232.      *         example, the Apache user) does not have permission to read the

  233.      *         files.

  234.      *

  235.      * @throws PEAR_Exception if the provided <kbd>binary</kbd> is invalid, or

  236.      *         if no <kbd>binary</kbd> is provided and no suitable binary could

  237.      *         be found.

  238.      *

  239.      * @throws PEAR_Exception if the provided <kbd>agent</kbd> is invalid, or

  240.      *         if no <kbd>agent</kbd> is provided and no suitable gpg-agent

  241.      *         cound be found.

  242.      */

  243.     public function __construct(array $options = array())

  244.     {

  245.         parent::__construct($options);

  246.     }

  247. 

  248.     // }}}

  249.     // {{{ setExpirationDate()

  250. 

  251.     /**

  252.      * Sets the expiration date of generated keys

  253.      *

  254.      * @param string|integer $date either a string that may be parsed by

  255.      *                             PHP's strtotime() function, or an integer

  256.      *                             timestamp representing the number of seconds

  257.      *                             since the UNIX epoch. This date must be at

  258.      *                             least one date in the future. Keys that

  259.      *                             expire in the past may not be generated. Use

  260.      *                             an expiration date of 0 for keys that do not

  261.      *                             expire.

  262.      *

  263.      * @throws InvalidArgumentException if the date is not a valid format, or

  264.      *                                  if the date is not at least one day in

  265.      *                                  the future, or if the date is greater

  266.      *                                  than 2038-01-19T03:14:07.

  267.      *

  268.      * @return Crypt_GPG_KeyGenerator the current object, for fluent interface.

  269.      */

  270.     public function setExpirationDate($date)

  271.     {

  272.         if (is_int($date) || ctype_digit(strval($date))) {

  273.             $expirationDate = intval($date);

  274.         } else {

  275.             $expirationDate = strtotime($date);

  276.         }

  277. 

  278.         if ($expirationDate === false) {

  279.             throw new InvalidArgumentException(

  280.                 sprintf(

  281.                     'Invalid expiration date format: "%s". Please use a ' .

  282.                     'format compatible with PHP\'s strtotime().',

  283.                     $date

  284.                 )

  285.             );

  286.         }

  287. 

  288.         if ($expirationDate !== 0 && $expirationDate < time() + 86400) {

  289.             throw new InvalidArgumentException(

  290.                 'Expiration date must be at least a day in the future.'

  291.             );

  292.         }

  293. 

  294.         // GnuPG suffers from the 2038 bug

  295.         if ($expirationDate > 2147483647) {

  296.             throw new InvalidArgumentException(

  297.                 'Expiration date must not be greater than 2038-01-19T03:14:07.'

  298.             );

  299.         }

  300. 

  301.         $this->expirationDate = $expirationDate;

  302. 

  303.         return $this;

  304.     }

  305. 

  306.     // }}}

  307.     // {{{ setPassphrase()

  308. 

  309.     /**

  310.      * Sets the passphrase of generated keys

  311.      *

  312.      * @param string $passphrase the passphrase to use for generated keys. Use

  313.      *                           null or an empty string for no passphrase.

  314.      *

  315.      * @return Crypt_GPG_KeyGenerator the current object, for fluent interface.

  316.      */

  317.     public function setPassphrase($passphrase)

  318.     {

  319.         $this->passphrase = strval($passphrase);

  320.         return $this;

  321.     }

  322. 

  323.     // }}}

  324.     // {{{ setKeyParams()

  325. 

  326.     /**

  327.      * Sets the parameters for the primary key of generated key-pairs

  328.      *

  329.      * @param integer $algorithm the algorithm used by the key. This should be

  330.      *                           one of the Crypt_GPG_SubKey::ALGORITHM_*

  331.      *                           constants.

  332.      * @param integer $size      optional. The size of the key. Different

  333.      *                           algorithms have different size requirements.

  334.      *                           If not specified, the default size for the

  335.      *                           specified algorithm will be used. If an

  336.      *                           invalid key size is used, GnuPG will do its

  337.      *                           best to round it to a valid size.

  338.      * @param integer $usage     optional. A bitwise combination of key usages.

  339.      *                           If not specified, the primary key will be used

  340.      *                           only to sign and certify. This is the default

  341.      *                           behavior of GnuPG in interactive mode. Use

  342.      *                           the Crypt_GPG_SubKey::USAGE_* constants here.

  343.      *                           The primary key may be used to certify even

  344.      *                           if the certify usage is not specified.

  345.      *

  346.      * @return Crypt_GPG_KeyGenerator the current object, for fluent interface.

  347.      */

  348.     public function setKeyParams($algorithm, $size = 0, $usage = 0)

  349.     {

  350.         $algorithm = intval($algorithm);

  351. 

  352.         if ($algorithm === Crypt_GPG_SubKey::ALGORITHM_ELGAMAL_ENC) {

  353.             throw new Crypt_GPG_InvalidKeyParamsException(

  354.                 'Primary key algorithm must be capable of signing. The ' .

  355.                 'Elgamal algorithm can only encrypt.',

  356.                 0,

  357.                 $algorithm,

  358.                 $size,

  359.                 $usage

  360.             );

  361.         }

  362. 

  363.         if ($size != 0) {

  364.             $size = intval($size);

  365.         }

  366. 

  367.         if ($usage != 0) {

  368.             $usage = intval($usage);

  369.         }

  370. 

  371.         $usageEncrypt = Crypt_GPG_SubKey::USAGE_ENCRYPT;

  372. 

  373.         if ($algorithm === Crypt_GPG_SubKey::ALGORITHM_DSA

  374.             && ($usage & $usageEncrypt) === $usageEncrypt

  375.         ) {

  376.             throw new Crypt_GPG_InvalidKeyParamsException(

  377.                 'The DSA algorithm is not capable of encrypting. Please ' .

  378.                 'specify a different algorithm or do not include encryption ' .

  379.                 'as a usage for the primary key.',

  380.                 0,

  381.                 $algorithm,

  382.                 $size,

  383.                 $usage

  384.             );

  385.         }

  386. 

  387.         $this->keyAlgorithm = $algorithm;

  388. 

  389.         if ($size != 0) {

  390.             $this->keySize = $size;

  391.         }

  392. 

  393.         if ($usage != 0) {

  394.             $this->keyUsage = $usage;

  395.         }

  396. 

  397.         return $this;

  398.     }

  399. 

  400.     // }}}

  401.     // {{{ setSubKeyParams()

  402. 

  403.     /**

  404.      * Sets the parameters for the sub-key of generated key-pairs

  405.      *

  406.      * @param integer $algorithm the algorithm used by the key. This should be

  407.      *                           one of the Crypt_GPG_SubKey::ALGORITHM_*

  408.      *                           constants.

  409.      * @param integer $size      optional. The size of the key. Different

  410.      *                           algorithms have different size requirements.

  411.      *                           If not specified, the default size for the

  412.      *                           specified algorithm will be used. If an

  413.      *                           invalid key size is used, GnuPG will do its

  414.      *                           best to round it to a valid size.

  415.      * @param integer $usage     optional. A bitwise combination of key usages.

  416.      *                           If not specified, the sub-key will be used

  417.      *                           only to encrypt. This is the default behavior

  418.      *                           of GnuPG in interactive mode. Use the

  419.      *                           Crypt_GPG_SubKey::USAGE_* constants here.

  420.      *

  421.      * @return Crypt_GPG_KeyGenerator the current object, for fluent interface.

  422.      */

  423.     public function setSubKeyParams($algorithm, $size = '', $usage = 0)

  424.     {

  425.         $algorithm = intval($algorithm);

  426. 

  427.         if ($size != 0) {

  428.             $size = intval($size);

  429.         }

  430. 

  431.         if ($usage != 0) {

  432.             $usage = intval($usage);

  433.         }

  434. 

  435.         $usageSign = Crypt_GPG_SubKey::USAGE_SIGN;

  436. 

  437.         if ($algorithm === Crypt_GPG_SubKey::ALGORITHM_ELGAMAL_ENC

  438.             && ($usage & $usageSign) === $usageSign

  439.         ) {

  440.             throw new Crypt_GPG_InvalidKeyParamsException(

  441.                 'The Elgamal algorithm is not capable of signing. Please ' .

  442.                 'specify a different algorithm or do not include signing ' .

  443.                 'as a usage for the sub-key.',

  444.                 0,

  445.                 $algorithm,

  446.                 $size,

  447.                 $usage

  448.             );

  449.         }

  450. 

  451.         $usageEncrypt = Crypt_GPG_SubKey::USAGE_ENCRYPT;

  452. 

  453.         if ($algorithm === Crypt_GPG_SubKey::ALGORITHM_DSA

  454.             && ($usage & $usageEncrypt) === $usageEncrypt

  455.         ) {

  456.             throw new Crypt_GPG_InvalidKeyParamsException(

  457.                 'The DSA algorithm is not capable of encrypting. Please ' .

  458.                 'specify a different algorithm or do not include encryption ' .

  459.                 'as a usage for the sub-key.',

  460.                 0,

  461.                 $algorithm,

  462.                 $size,

  463.                 $usage

  464.             );

  465.         }

  466. 

  467.         $this->subKeyAlgorithm = $algorithm;

  468. 

  469.         if ($size != 0) {

  470.             $this->subKeySize = $size;

  471.         }

  472. 

  473.         if ($usage != 0) {

  474.             $this->subKeyUsage = $usage;

  475.         }

  476. 

  477.         return $this;

  478.     }

  479. 

  480.     // }}}

  481.     // {{{ generateKey()

  482. 

  483.     /**

  484.      * Generates a new key-pair in the current keyring

  485.      *

  486.      * Secure key generation requires true random numbers, and as such can be

  487.      * solw. If the operating system runs out of entropy, key generation will

  488.      * block until more entropy is available.

  489.      *

  490.      * If quick key generation is important, a hardware entropy generator, or

  491.      * an entropy gathering daemon may be installed. For example,

  492.      * administrators of Debian systems may want to install the 'randomsound'

  493.      * package.

  494.      *

  495.      * @param string|Crypt_GPG_UserId $name    either a {@link Crypt_GPG_UserId}

  496.      *                                         object, or a string containing

  497.      *                                         the name of the user id.

  498.      * @param string                  $email   optional. If <i>$name</i> is

  499.      *                                         specified as a string, this is

  500.      *                                         the email address of the user id.

  501.      * @param string                  $comment optional. If <i>$name</i> is

  502.      *                                         specified as a string, this is

  503.      *                                         the comment of the user id.

  504.      *

  505.      * @return Crypt_GPG_Key the newly generated key.

  506.      *

  507.      * @throws Crypt_GPG_KeyNotCreatedException if the key parameters are

  508.      *         incorrect, if an unknown error occurs during key generation, or

  509.      *         if the newly generated key is not found in the keyring.

  510.      *

  511.      * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.

  512.      *         Use the <kbd>debug</kbd> option and file a bug report if these

  513.      *         exceptions occur.

  514.      */

  515.     public function generateKey($name, $email = '', $comment = '')

  516.     {

  517.         $handle = uniqid('key', true);

  518. 

  519.         $userId = $this->getUserId($name, $email, $comment);

  520. 

  521.         $keyParams = array(

  522.             'Key-Type'      => $this->keyAlgorithm,

  523.             'Key-Length'    => $this->keySize,

  524.             'Key-Usage'     => $this->getUsage($this->keyUsage),

  525.             'Subkey-Type'   => $this->subKeyAlgorithm,

  526.             'Subkey-Length' => $this->subKeySize,

  527.             'Subkey-Usage'  => $this->getUsage($this->subKeyUsage),

  528.             'Name-Real'     => $userId->getName(),

  529.             'Handle'        => $handle,

  530.         );

  531. 

  532.         if ($this->expirationDate != 0) {

  533.             // GnuPG only accepts granularity of days

  534.             $expirationDate = date('Y-m-d', $this->expirationDate);

  535.             $keyParams['Expire-Date'] = $expirationDate;

  536.         }

  537. 

  538.         if (strlen($this->passphrase)) {

  539.             $keyParams['Passphrase'] = $this->passphrase;

  540.         }

  541. 

  542.         if ($userId->getEmail() != '') {

  543.             $keyParams['Name-Email'] = $userId->getEmail();

  544.         }

  545. 

  546.         if ($userId->getComment() != '') {

  547.             $keyParams['Name-Comment'] = $userId->getComment();

  548.         }

  549. 

  550.         $keyParamsFormatted = array();

  551.         foreach ($keyParams as $name => $value) {

  552.             $keyParamsFormatted[] = $name . ': ' . $value;

  553.         }

  554. 

  555.         // This is required in GnuPG 2.1

  556.         if (!strlen($this->passphrase)) {

  557.             $keyParamsFormatted[] = '%no-protection';

  558.         }

  559. 

  560.         $input = implode("\n", $keyParamsFormatted) . "\n%commit\n";

  561. 

  562.         $this->engine->reset();

  563.         $this->engine->setProcessData('Handle', $handle);

  564.         $this->engine->setInput($input);

  565.         $this->engine->setOutput($output);

  566.         $this->engine->setOperation('--gen-key', array('--batch'));

  567. 

  568.         try {

  569.             $this->engine->run();

  570.         } catch (Crypt_GPG_InvalidKeyParamsException $e) {

  571.             switch ($this->engine->getProcessData('LineNumber')) {

  572.             case 1:

  573.                 throw new Crypt_GPG_InvalidKeyParamsException(

  574.                     'Invalid primary key algorithm specified.',

  575.                     0,

  576.                     $this->keyAlgorithm,

  577.                     $this->keySize,

  578.                     $this->keyUsage

  579.                 );

  580.             case 4:

  581.                 throw new Crypt_GPG_InvalidKeyParamsException(

  582.                     'Invalid sub-key algorithm specified.',

  583.                     0,

  584.                     $this->subKeyAlgorithm,

  585.                     $this->subKeySize,

  586.                     $this->subKeyUsage

  587.                 );

  588.             default:

  589.                 throw $e;

  590.             }

  591.         }

  592. 

  593.         $fingerprint = $this->engine->getProcessData('KeyCreated');

  594.         $keys        = $this->_getKeys($fingerprint);

  595. 

  596.         if (count($keys) === 0) {

  597.             throw new Crypt_GPG_KeyNotCreatedException(

  598.                 sprintf(

  599.                     'Newly created key "%s" not found in keyring.',

  600.                     $fingerprint

  601.                 )

  602.             );

  603.         }

  604. 

  605.         return $keys[0];

  606.     }

  607. 

  608.     // }}}

  609.     // {{{ getUsage()

  610. 

  611.     /**

  612.      * Builds a GnuPG key usage string suitable for key generation

  613.      *

  614.      * See <b>doc/DETAILS</b> in the

  615.      * {@link http://www.gnupg.org/download/ GPG distribution} for detailed

  616.      * information on the key usage format.

  617.      *

  618.      * @param integer $usage a bitwise combination of the key usages. This is

  619.      *                       a combination of the Crypt_GPG_SubKey::USAGE_*

  620.      *                       constants.

  621.      *

  622.      * @return string the key usage string.

  623.      */

  624.     protected function getUsage($usage)

  625.     {

  626.         $map = array(

  627.             Crypt_GPG_SubKey::USAGE_ENCRYPT        => 'encrypt',

  628.             Crypt_GPG_SubKey::USAGE_SIGN           => 'sign',

  629.             Crypt_GPG_SubKey::USAGE_CERTIFY        => 'cert',

  630.             Crypt_GPG_SubKey::USAGE_AUTHENTICATION => 'auth',

  631.         );

  632. 

  633.         // cert is always used for primary keys and does not need to be

  634.         // specified

  635.         $usage &= ~Crypt_GPG_SubKey::USAGE_CERTIFY;

  636. 

  637.         $usageArray = array();

  638. 

  639.         foreach ($map as $key => $value) {

  640.             if (($usage & $key) === $key) {

  641.                 $usageArray[] = $value;

  642.             }

  643.         }

  644. 

  645.         return implode(',', $usageArray);

  646.     }

  647. 

  648.     // }}}

  649.     // {{{ getUserId()

  650. 

  651.     /**

  652.      * Gets a user id object from parameters

  653.      *

  654.      * @param string|Crypt_GPG_UserId $name    either a {@link Crypt_GPG_UserId}

  655.      *                                         object, or a string containing

  656.      *                                         the name of the user id.

  657.      * @param string                  $email   optional. If <i>$name</i> is

  658.      *                                         specified as a string, this is

  659.      *                                         the email address of the user id.

  660.      * @param string                  $comment optional. If <i>$name</i> is

  661.      *                                         specified as a string, this is

  662.      *                                         the comment of the user id.

  663.      *

  664.      * @return Crypt_GPG_UserId a user id object for the specified parameters.

  665.      */

  666.     protected function getUserId($name, $email = '', $comment = '')

  667.     {

  668.         if ($name instanceof Crypt_GPG_UserId) {

  669.             $userId = $name;

  670.         } else {

  671.             $userId = new Crypt_GPG_UserId();

  672.             $userId->setName($name)->setEmail($email)->setComment($comment);

  673.         }

  674. 

  675.         return $userId;

  676.     }

  677. 

  678.     // }}}

  679. }

  680. 

  681. // }}}

  682. 

  683. ?>