Adds a revoking key to a private key
array
addRevoker
(string $privatekey, string $revokingkey, string $passphrase)
-
string
$privatekey: containing fingerprint or key id of the private key for which to set a revoker
-
string
$revokingkey: containing fingerprint or key id of the key to use as revoker
-
string
$passphrase: containing the passphrase to the secret key
Adds a subkey pair to a main keypair
array
addSubKey
(string $privatekey, string $passphrase, [ $algo = 3], integer $keysize, $expiredate, integer $type, string $valid)
-
string
$privatekey: containing fingerprint or key id of the private key for which to add a subkey
-
string
$passphrase: containing the passphrase to the secret key
-
integer
$type: containing what type of key to create (default of (3) ElGamal (encrypt only))
-
integer
$keysize: containing size of key to create
-
string
$valid: containing length of time the key is valid, # of days or 1y for 1 year
-
$algo
-
$expiredate
Adds a directory to the end of the list of directories used when attempting to find a writeable temp directory
void
addTempDir
(string $newTempDir)
-
string
$newTempDir: containing path to gnupg home directory
Adds a UID to a key
array
addUID
(string $fpr, string $passphrase, string $uidname, string $uidemail, string $comment)
-
string
$fpr: containing fingerprint or key id of the private key for which to add a uid
-
string
$passphrase: containing passphrase to the secret key
-
string
$uidname: containing the name associated with this uid
-
string
$uidemail: containing the email address associated with this uid
-
string
$comment: containing a comment or extra information about the uid
Changes the passphrase on a secret key
array
changePassphrase
(string $keyfpr, string $passphrase, string $newpassphrase)
-
string
$keyfpr: containing fingerprint of the secret key to changne
-
string
$passphrase: containing the current passphrase to the secret key
-
string
$newpassphrase: containing the new passphrase to the secret key
Clears last error
void
clearError
()
Writes a save command to the GPG command file descriptor
Used during key edit actions
void
confirmSave
()
This function does the decryption.
This is the workhorse of decryption
array
decrypt
(string $body, string $passphrase, [optional $filename = ''], [ $outfile = ''])
-
string
$body: Body String to decrypt
-
string
$passphrase: Passphrase to pass to gpg
-
optional
$filename: string $filename Filename to decrypt binary file
-
$outfile
This function deletes a key from the keyring in the homedir It will not remove the key from the keys list, so a refreshkeys is need to reflect the new status of the keyring
array
deleteKey
(string $fpr, [string $type = "all"])
Deletes a subkey pair from a main keypair
array
deleteSubKey
(string $fpr, integer $subkeyno)
-
string
$fpr: containing fingerprint or key id of the private key from which to delete a subkey
-
integer
$subkeyno: containing the offset of subkey to delete (1 is the first);
Deletes a UID from a key
array
deleteUID
(string $fpr, string $uidnos)
-
string
$fpr: containing fingerprint or key id of the key with the uid to delete
-
string
$uidnos: containing the uid number to delete
This function does the encryption This is the workhorse of the encryption side of the plugin
Add code here to use user preferences to modify the gpg command line
array
encrypt
(string $body, $send_to_list, [optional $sign = false], [optional $passphrase = false], [optional $filename = ''], [ $signingkeyfpr = false], array $send_to)
-
string
$body: Body text string
-
array
$send_to: containing recipient list
-
optional
$sign: boolean $sign (true/false) do we want to sign the message/file
-
optional
$passphrase: string $passphrase passphrase string needed for signing functions
-
optional
$filename: string $filename if we are going to encrypt a file
-
$send_to_list
-
$signingkeyfpr
Main function for execute commands with gpg All calls to gpg should be made using this function
void
execute_gpg
(string $options, [string $data = false], [bool $addHomeDir = true], [ $addSystemRing = true])
-
string
$options: containing parameters to pass to gpg
-
string
$data: containing data to pass to gpg
-
bool
$addHomeDir: specifies if the home directory should be appended to the command. True by default
-
$addSystemRing
Sets the expiration on a primary key
array
expireKey
(string $fpr, string $passphrase, string $expiration)
-
string
$fpr: containing fingerprint or key id of the primary key to set expiration date on
-
string
$passphrase: containing passphrase for the secret key
-
string
$expiration: containing string of either # for days or #w for weeks or #y for years
Sets the expiration on a secondary key
array
expireSubKey
(string $fpr, string $subkey, string $passphrase, string $expiration)
-
string
$fpr: containing fingerprint or key id of the primary key to set expiration date on
-
string
$subkey: containing index of subkey to expire
-
string
$passphrase: containing passphrase for the secret key
-
string
$expiration: containing string of either # for days or #w for weeks or #y for years
void
fetchKeys
( $search, [ $ring = 'public'])
This function generates a keypair
Keys created with the option set below are PGP compatible Key-Type: DSA Key-Length: 1024 Subkey-Type: ELG-E Preferences: S2 S7 S3 H2 H3 Z2 Z1 (don't forget to put in the other options needed for actual key creation)
array
generateKey
( $name, string $email, string $passphrase, [optional $comment = ''], [optional $keylength = 1024], [optional $expiredate = 0], [ $algo = 1], [ $prefs = false], string $real_name)
-
string
$real_name: Full Name for the uid
-
string
$email: Email address to be oput in the uid
-
string
$passphrase: Passphrase to protect te secret key
-
optional
$comment: string $comment Comment to be appended to the default comment
-
optional
$keylength: integer $keylength Length of key to generate
-
optional
$expiredate: date $expiredate when should this key expire?
-
$name
-
$algo
-
$prefs
Generates new key without bidi execution functions
unknown
generateKey_nopipes
(unknown_type $name, unknown_type $email, unknown_type $passphrase, unknown_type $comment, [unknown_type $keylength = 1024], [unknown_type $expiredate = 0], [unknown_type $prefs = false])
-
unknown_type
$name
-
unknown_type
$email
-
unknown_type
$passphrase
-
unknown_type
$comment
-
unknown_type
$keylength
-
unknown_type
$expiredate
-
unknown_type
$prefs
Returns code of last error
error
getErrorCode
()
Returns description of most recent error
string
getErrorDescription
()
Exports a key defined by $fpr to ASCII Armored text.
array
getExportText
(string $fpr)
Retreives a key from the keyring
GnuPGKey
getKey
(string $keyid)
-
string
$keyid: containing fingerprint or key id of the key to retrieve
Retreives a fingerprint based on a key id
string
getKeyIndexFromFingerprint
(string $fingerprint)
-
string
$fingerprint: containing fingerprint or key id of the key to retrieve
Returns the map of keys, chunked in to chunks of size <= $len
array
getKeyMap_chunked
(integer $len)
Retreives keys from gpg if no keys have been loaded
Does not force a refresh of the key information
void
getKeys
([string $fpr = false])
Imports keys from a file into the keyring.
Sets the keys in the keyring to the newly imported/updated keys
array
importKey_file
(string $fname)
-
string
$fname: containing the path to the file to import
Imports a key from ascii-armored keyblock text
array
importKey_server
( $keystring, string $keyserver, string $keytext)
-
string
$keytext: containing the id of the key to look up
-
string
$keyserver: containing the url of the keyserver (i.e. hkp://pgp.mit.edu:11371)
-
$keystring
Imports a key from ascii-armored keyblock text
array
importKey_text
(string $keystring)
-
string
$keystring: text containing the ascii-armored key information
Runs commands to increase entropy for gpg
definitely needs to be made more robust, currently lists filesystem
void
increaseEntropy
()
Check to see if last action returned an error
bool
isError
()
lists the encryption keys used for encrypted data
array
list_encrypt_keys
(string $data)
-
string
$data: containing encrypted data to find keys for
Creates an array of keys on the keyring, making use of the arrayKey function
Each key creates an array of data, indexed by fieldname This function is used for keyring sorting and viewing
array
makearrayKeys
()
Returns the total number of keys in the object, as determined by options passed to fetchKeys().
array
numKeys
()
Parse a line from GnuPG's status file descriptor and act on it
void
parseStatusLine
(string $line)
-
string
$line: containing status output from GnuPG
This will parse the string that gpg returns for info, warnings, errors and return them in arrays. This function also returns any other output seperately
array
parse_output
(string $gpg_output)
-
string
$gpg_output: text output from gpg
Reads and loops on the status pipe from gpg
Contains the main loop for interaction with gpg with pipes
void
readStatus
(void 0)
Main function for retreiving key and signature information from gpg Parses output from gpg and creates the array of GnuPGKey objects in $this->keys
void
refreshKeys
([string $search = ''], [string $ring = 'all'])
-
string
$search: containing string to limit keys shown, default '' to load all keys
-
string
$ring: containing the name of the keyring to search, default 'all' for public
Searches for key in keyserver
Output format: array[keyid][time] = integer (pub: line 5th column), unix timestamp [uids] = indexed array with GnuPGuid objects (all uid: lines till next pub:) if keyid is empty, uid: lines were printed before pub: line
array
searchKey_server
(string $search_string, string $keyserver)
-
string
$search_string
-
string
$keyserver: Server URL. With protocol, fqdn and port. If protocol is not set, function defaults to hkp://
Sets error
void
setError
(string $code, string $description)
-
string
$code: of error
-
string
$description: containing error description
set the GnuPG home directory
void
setHomeDir
(string $newHomeDir)
-
string
$newHomeDir: containing path to gnupg home directory
Sets the passphrase for a secret key identified by its fingerprint or key id
void
setKeyPassphrase
(string $fingerprint, string $passphrase)
-
string
$fingerprint: containing fingerprint or key id of the secret key
-
string
$passphrase: containing passphrase for the secret key
This function generates a keypair
FIXME: really?
@array
setKeyPrefs
(string $fpr, [string $prefs = false], string $passphrase)
-
string
$fpr: containing fingerprint of key to change preferences on
-
string
$prefs: containing space seperated list of parameters, defaults to S2 S7 S3 H2 H3 Z2 Z1
-
string
$passphrase: containing passphrase to decrypt and change key with
Sets the uid number specified as the primary UID
array
setPrimaryUID
(string $keyfpr, integer $uid, string $passphrase)
-
string
$keyfpr
-
integer
$uid
-
string
$passphrase
set the temporary directory (for very temporary output of files, which are securely overwritten)
void
setTempDir
(string $newTempDir)
-
string
$newTempDir: containing path to gnupg home directory
Clearsigns and ascii-armors passed data with a secret key
array
sign
([string $data = false], [string $signingKey = false], [ $passphrase = ''], [ $type = 'clear'])
-
string
$data: containing information to sign
-
string
$signingKey: containing fingerprint of key to use for signing
-
$passphrase
-
$type
Clearsigns and ascii-armors a signature on an external file
array
signFile
([string $filename = false], [string $passphrase = false], [string $signingKey = false])
-
string
$filename: containing path of file to sign
-
string
$passphrase: containing passphrase to secret key
-
string
$signingKey: containing fingerprint of key to use for signing
Adds a signature to a public key
The key is signed by the default secret key if no secret key is specified By default the signature is exportable and revocable
array
signKey
(string $signedKeyfpr, [string $signingKeyfpr = false], [string $passphrase = false], [bool $exportsig = true], [bool $revokable = true], [ $uids = ''])
-
string
$signedKeyfpr: containing fingerprint of the key to sign
-
string
$signingKeyfpr: containing fingerprint of secret key to use for signing
-
string
$passphrase: containing the passphrase to the secret key
-
bool
$exportsig: flags the signature exportable, true by default
-
bool
$revokable: flags the signature revocable, true by default
-
$uids
Adds a signature to a specific or multiple uids on a public key The key is signed by the default secret key if no secret key is specified By default the signature is exportable and revocable
array
signUID
(string $signedKeyfpr, [string $uids = ''], [string $signingKeyfpr = false], [string $passphrase = false], [bool $exportsig = true], [bool $revokable = true])
-
string
$signedKeyfpr: containing fingerprint of the key to sign
-
string
$uids: containing space seperated list of uids
-
string
$signingKeyfpr: containing fingerprint of secret key to use for signing
-
string
$passphrase: containing the passphrase to the secret key
-
bool
$exportsig: flags the signature exportable, true by default
-
bool
$revokable: flags the signature revocable, true by default
Sorts the keys in order of key data name $dataName (e.g. "email_addr", "date", etc) if $asc is true, sorts in ascending order.
array
sortKeys
(string $dataName, boolean $asc)
-
string
$dataName
-
boolean
$asc: value either '<' or '>'
This function will update the gpg trustdb for the current user including a scan of the system keyring if enabled
array
update_trustdb
()
Uploads a public key to a keyserver
array
uploadKey
(string $fpr, string $keyserver)
-
string
$fpr: containing fingerprint or keyid to upload
-
string
$keyserver: containing name of server to upload to
Verifies an inline signature (clear-text signature)
array
verify
(string $data, [string $type = 'clear'])
-
string
$data: Signed data
-
string
$type: 'clear' for clear text or 'notclear' for encrypted data
Verifies detached signature
boolean
verifyDetachedSignature
([string $data = false], string $signature)
-
string
$data: Verified data
-
string
$signature: Signature
Verifies file's signature
array
verifyFileSignature
(string $filename, string $signature)
-
string
$filename: Verified file
-
string
$signature: Signature
Verifies a passphrase for a secret key The default key is used if no secret key is specified
void
verifyPassphrase
(string $passphrase, [string $keyfpr = false], array $return)
-
string
$passphrase: containing passphrase to verify
-
string
$keyfpr: containing fingerprint of secret key
-
array
$return: containing $return['verified'] equal to 'true' if passphrase is verified or 'false' if not
Writes a confirmation level for signature uid verification query Used during keys signing. Defaults to 0 (Not specified)
void
writeCheckLevel
([int $checkLevel = 0])
-
int
$checkLevel: indicating level of confirmation
Writes the new passphrase to the passphrase file descriptor, twice.
void
writeNewPassword
(void 0)
Writes a confirmation to the GPG command file descriptor
Used to confirm choices during interaction with the status pipe
void
writeOkay
()
Writes a password to the passphrase file descriptor
By default writes the passphrase set in the object ($this->passphrase) If not available, writes the passphrase for the fingerprint specified or the passphrase to the default key if no fingerprint if specified
void
writePassword
([string $fingerprint = false])
-
string
$fingerprint: containing fingerprint of the key with the passphrase