/**
* @group delete-private
*/
public function testDeletePrivateKey()
{
$keyId = '*****@*****.**';
$this->gpg->deletePrivateKey($keyId);
$expectedKeys = array();
// {{{ first-keypair@example.com
$key = new Crypt_GPG_Key();
$expectedKeys[] = $key;
$userId = new Crypt_GPG_UserId();
$userId->setName('First Keypair Test Key');
$userId->setComment('do not encrypt important data with this key');
$userId->setEmail('*****@*****.**');
$key->addUserId($userId);
$subKey = new Crypt_GPG_SubKey();
$subKey->setId('C097D9EC94C06363');
$subKey->setAlgorithm(Crypt_GPG_SubKey::ALGORITHM_DSA);
$subKey->setFingerprint('8D2299D9C5C211128B32BBB0C097D9EC94C06363');
$subKey->setLength(1024);
$subKey->setCreationDate(1221785805);
$subKey->setExpirationDate(0);
$subKey->setCanSign(true);
$subKey->setCanEncrypt(false);
$subKey->setHasPrivate(false);
$key->addSubKey($subKey);
$subKey = new Crypt_GPG_SubKey();
$subKey->setId('9F93F9116728EF12');
$subKey->setAlgorithm(Crypt_GPG_SubKey::ALGORITHM_ELGAMAL_ENC);
$subKey->setFingerprint('C9C65B3BBF040E40D0EA27B79F93F9116728EF12');
$subKey->setLength(2048);
$subKey->setCreationDate(1221785821);
$subKey->setExpirationDate(0);
$subKey->setCanSign(false);
$subKey->setCanEncrypt(true);
$subKey->setHasPrivate(false);
$key->addSubKey($subKey);
// }}}
$keys = $this->gpg->getKeys($keyId);
$this->assertEquals($expectedKeys, $keys);
}
/**
* Parses a sub-key object from a sub-key string
*
* See <b>doc/DETAILS</b> in the
* {@link http://www.gnupg.org/download/ GPG distribution} for information
* on how the sub-key string is parsed.
*
* @param string $string the string containing the sub-key.
*
* @return Crypt_GPG_SubKey the sub-key object parsed from the string.
*/
public static function parse($string)
{
$tokens = explode(':', $string);
$subKey = new Crypt_GPG_SubKey();
$subKey->setId($tokens[4]);
$subKey->setLength($tokens[2]);
$subKey->setAlgorithm($tokens[3]);
$subKey->setCreationDate(self::_parseDate($tokens[5]));
$subKey->setExpirationDate(self::_parseDate($tokens[6]));
if ($tokens[1] == 'r') {
$subKey->setRevoked(true);
}
if (strpos($tokens[11], 's') !== false) {
$subKey->setCanSign(true);
}
if (strpos($tokens[11], 'e') !== false) {
$subKey->setCanEncrypt(true);
}
return $subKey;
}
/**
* @group generate-key
*/
public function testGenerateKeyWithExpirationDate()
{
if (!$this->config['enable-key-generation']) {
$this->markTestSkipped('Key generation tests are disabled. To run key generation ' . 'tests, enable them in the test configuration. See the ' . 'configuration in \'config.php.dist\' for an exampe.');
}
// {{{ generate-test@example.com
$expectedKey = new Crypt_GPG_Key();
$userId = new Crypt_GPG_UserId();
$userId->setName('Test Keypair');
$userId->setEmail('*****@*****.**');
$expectedKey->addUserId($userId);
$subKey = new Crypt_GPG_SubKey();
$subKey->setAlgorithm(Crypt_GPG_SubKey::ALGORITHM_DSA);
$subKey->setLength(1024);
$subKey->setExpirationDate(1999998000);
// truncated to day
$subKey->setCanSign(true);
$subKey->setCanEncrypt(false);
$subKey->setHasPrivate(true);
$expectedKey->addSubKey($subKey);
$subKey = new Crypt_GPG_SubKey();
$subKey->setAlgorithm(Crypt_GPG_SubKey::ALGORITHM_ELGAMAL_ENC);
$subKey->setLength(2048);
$subKey->setExpirationDate(1999998000);
// truncated to day
$subKey->setCanSign(false);
$subKey->setCanEncrypt(true);
$subKey->setHasPrivate(true);
$expectedKey->addSubKey($subKey);
// }}}
$key = $this->generator->setExpirationDate(2000000000)->generateKey(new Crypt_GPG_UserId('Test Keypair <*****@*****.**>'));
$this->assertKeyEquals($expectedKey, $key);
}
/**
* Gets the available keys in the keyring
*
* Calls GPG with the <kbd>--list-keys</kbd> command and grabs keys. See
* the first section of <b>doc/DETAILS</b> in the
* {@link http://www.gnupg.org/download/ GPG package} for a detailed
* description of how the GPG command output is parsed.
*
* @param string $keyId optional. Only keys with that match the specified
* pattern are returned. The pattern may be part of
* a user id, a key id or a key fingerprint. If not
* specified, all keys are returned.
*
* @return array an array of {@link Crypt_GPG_Key} objects. If no keys
* match the specified <kbd>$keyId</kbd> an empty array is
* returned.
*
* @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
* Use the <kbd>debug</kbd> option and file a bug report if these
* exceptions occur.
*
* @see Crypt_GPG_Key
*/
public function getKeys($keyId = '')
{
// get private key fingerprints
if ($keyId == '') {
$operation = '--list-secret-keys';
} else {
$operation = '--list-secret-keys ' . escapeshellarg($keyId);
}
// According to The file 'doc/DETAILS' in the GnuPG distribution, using
// double '--with-fingerprint' also prints the fingerprint for subkeys.
$arguments = array('--with-colons', '--with-fingerprint', '--with-fingerprint', '--fixed-list-mode');
$output = '';
$this->engine->reset();
$this->engine->setOutput($output);
$this->engine->setOperation($operation, $arguments);
$this->engine->run();
$code = $this->engine->getErrorCode();
switch ($code) {
case Crypt_GPG::ERROR_NONE:
case Crypt_GPG::ERROR_KEY_NOT_FOUND:
// ignore not found key errors
break;
case Crypt_GPG::ERROR_FILE_PERMISSIONS:
$filename = $this->engine->getErrorFilename();
if ($filename) {
throw new Crypt_GPG_FileException(sprintf('Error reading GnuPG data file \'%s\'. Check to make ' . 'sure it is readable by the current user.', $filename), $code, $filename);
}
throw new Crypt_GPG_FileException('Error reading GnuPG data file. Check to make GnuPG data ' . 'files are readable by the current user.', $code);
default:
throw new Crypt_GPG_Exception('Unknown error getting keys. Please use the \'debug\' option ' . 'when creating the Crypt_GPG object, and file a bug report ' . 'at ' . self::BUG_URI, $code);
}
$privateKeyFingerprints = array();
$lines = explode(PHP_EOL, $output);
foreach ($lines as $line) {
$lineExp = explode(':', $line);
if ($lineExp[0] == 'fpr') {
$privateKeyFingerprints[] = $lineExp[9];
}
}
// get public keys
if ($keyId == '') {
$operation = '--list-public-keys';
} else {
$operation = '--list-public-keys ' . escapeshellarg($keyId);
}
$output = '';
$this->engine->reset();
$this->engine->setOutput($output);
$this->engine->setOperation($operation, $arguments);
$this->engine->run();
$code = $this->engine->getErrorCode();
switch ($code) {
case Crypt_GPG::ERROR_NONE:
case Crypt_GPG::ERROR_KEY_NOT_FOUND:
// ignore not found key errors
break;
case Crypt_GPG::ERROR_FILE_PERMISSIONS:
$filename = $this->engine->getErrorFilename();
if ($filename) {
throw new Crypt_GPG_FileException(sprintf('Error reading GnuPG data file \'%s\'. Check to make ' . 'sure it is readable by the current user.', $filename), $code, $filename);
}
throw new Crypt_GPG_FileException('Error reading GnuPG data file. Check to make GnuPG data ' . 'files are readable by the current user.', $code);
default:
throw new Crypt_GPG_Exception('Unknown error getting keys. Please use the \'debug\' option ' . 'when creating the Crypt_GPG object, and file a bug report ' . 'at ' . self::BUG_URI, $code);
}
$keys = array();
$key = null;
// current key
$subKey = null;
// current sub-key
$lines = explode(PHP_EOL, $output);
foreach ($lines as $line) {
$lineExp = explode(':', $line);
if ($lineExp[0] == 'pub') {
// new primary key means last key should be added to the array
if ($key !== null) {
$keys[] = $key;
}
$key = new Crypt_GPG_Key();
$subKey = Crypt_GPG_SubKey::parse($line);
$key->addSubKey($subKey);
} elseif ($lineExp[0] == 'sub') {
$subKey = Crypt_GPG_SubKey::parse($line);
$key->addSubKey($subKey);
} elseif ($lineExp[0] == 'fpr') {
$fingerprint = $lineExp[9];
// set current sub-key fingerprint
$subKey->setFingerprint($fingerprint);
// if private key exists, set has private to true
if (in_array($fingerprint, $privateKeyFingerprints)) {
$subKey->setHasPrivate(true);
}
} elseif ($lineExp[0] == 'uid') {
$string = stripcslashes($lineExp[9]);
// as per documentation
$userId = new Crypt_GPG_UserId($string);
if ($lineExp[1] == 'r') {
$userId->setRevoked(true);
}
$key->addUserId($userId);
}
}
// add last key
if ($key !== null) {
$keys[] = $key;
}
return $keys;
}
/**
* Gets the available keys in the keyring
*
* Calls GPG with the <kbd>--list-keys</kbd> command and grabs keys. See
* the first section of <b>doc/DETAILS</b> in the
* {@link http://www.gnupg.org/download/ GPG package} for a detailed
* description of how the GPG command output is parsed.
*
* @param string $keyId optional. Only keys with that match the specified
* pattern are returned. The pattern may be part of
* a user id, a key id or a key fingerprint. If not
* specified, all keys are returned.
*
* @return array an array of {@link Crypt_GPG_Key} objects. If no keys
* match the specified <kbd>$keyId</kbd> an empty array is
* returned.
*
* @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
* Use the <kbd>debug</kbd> option and file a bug report if these
* exceptions occur.
*
* @see Crypt_GPG_Key
*/
protected function _getKeys($keyId = '')
{
// get private key fingerprints
if ($keyId == '') {
$operation = '--list-secret-keys';
} else {
$operation = '--utf8-strings --list-secret-keys ' . escapeshellarg($keyId);
}
// According to The file 'doc/DETAILS' in the GnuPG distribution, using
// double '--with-fingerprint' also prints the fingerprint for subkeys.
$arguments = array('--with-colons', '--with-fingerprint', '--with-fingerprint', '--fixed-list-mode');
$output = '';
$this->engine->reset();
$this->engine->setOutput($output);
$this->engine->setOperation($operation, $arguments);
$this->engine->run();
$privateKeyFingerprints = array();
foreach (explode(PHP_EOL, $output) as $line) {
$lineExp = explode(':', $line);
if ($lineExp[0] == 'fpr') {
$privateKeyFingerprints[] = $lineExp[9];
}
}
// get public keys
if ($keyId == '') {
$operation = '--list-public-keys';
} else {
$operation = '--utf8-strings --list-public-keys ' . escapeshellarg($keyId);
}
$output = '';
$this->engine->reset();
$this->engine->setOutput($output);
$this->engine->setOperation($operation, $arguments);
$this->engine->run();
$keys = array();
$key = null;
// current key
$subKey = null;
// current sub-key
foreach (explode(PHP_EOL, $output) as $line) {
$lineExp = explode(':', $line);
if ($lineExp[0] == 'pub') {
// new primary key means last key should be added to the array
if ($key !== null) {
$keys[] = $key;
}
$key = new Crypt_GPG_Key();
$subKey = Crypt_GPG_SubKey::parse($line);
$key->addSubKey($subKey);
} elseif ($lineExp[0] == 'sub') {
$subKey = Crypt_GPG_SubKey::parse($line);
$key->addSubKey($subKey);
} elseif ($lineExp[0] == 'fpr') {
$fingerprint = $lineExp[9];
// set current sub-key fingerprint
$subKey->setFingerprint($fingerprint);
// if private key exists, set has private to true
if (in_array($fingerprint, $privateKeyFingerprints)) {
$subKey->setHasPrivate(true);
}
} elseif ($lineExp[0] == 'uid') {
$string = stripcslashes($lineExp[9]);
// as per documentation
$userId = new Crypt_GPG_UserId($string);
if ($lineExp[1] == 'r') {
$userId->setRevoked(true);
}
$key->addUserId($userId);
}
}
// add last key
if ($key !== null) {
$keys[] = $key;
}
return $keys;
}
/**
* Parses a sub-key object from a sub-key string
*
* See <b>doc/DETAILS</b> in the
* {@link http://www.gnupg.org/download/ GPG distribution} for information
* on how the sub-key string is parsed.
*
* @param string $string the string containing the sub-key.
*
* @return Crypt_GPG_SubKey the sub-key object parsed from the string.
*/
public static function parse($string)
{
$tokens = explode(':', $string);
$subKey = new Crypt_GPG_SubKey();
$subKey->setId($tokens[4]);
$subKey->setLength($tokens[2]);
$subKey->setAlgorithm($tokens[3]);
$subKey->setCreationDate(self::_parseDate($tokens[5]));
$subKey->setExpirationDate(self::_parseDate($tokens[6]));
if ($tokens[1] == 'r') {
$subKey->setRevoked(true);
}
$usage = 0;
$usage_map = array('a' => self::USAGE_AUTHENTICATION, 'c' => self::USAGE_CERTIFY, 'e' => self::USAGE_ENCRYPT, 's' => self::USAGE_SIGN);
foreach ($usage_map as $key => $flag) {
if (strpos($tokens[11], $key) !== false) {
$usage |= $flag;
}
}
$subKey->setUsage($usage);
return $subKey;
}
/**
* @group fluent
*/
public function testFluentInterface()
{
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setId('8C37DBD2A01B7976');
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setId() method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setAlgorithm(Crypt_GPG_SubKey::ALGORITHM_DSA);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setAlgorithm() method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setFingerprint('8D2299D9C5C211128B32BBB0C097D9EC94C06363');
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setFingerprint() ' . 'method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setLength(2048);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setLength() method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setCreationDate(1234567890);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setCreationDate() ' . 'method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setExpirationDate(1234567890);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setExpirationDate() ' . 'method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setCanSign(true);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setCanSign() method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setCanEncrypt(true);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setCanEncrypt() ' . 'method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setHasPrivate(true);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setHasPrivate() ' . 'method.');
$subKey = new Crypt_GPG_SubKey();
$returnedSubKey = $subKey->setRevoked(true);
$this->assertEquals($subKey, $returnedSubKey, 'Failed asserting fluent interface works for setRevoked() method.');
}
