GnuPG Website: http://www.gnupg.org/
This class has been developed with, and is only guaranteed to work with,
Version 1.21 or above of GnuPG.
/**
* Returns the first matching key ID for an email address from a public
* keyserver.
*
* @param string $address The email address of the PGP key.
*
* @return string The PGP key ID.
* @throws Horde_Crypt_Exception
*/
public function getKeyId($address)
{
$pubkey = null;
/* Connect to the public keyserver. */
$url = $this->_createUrl('/pks/lookup', array('op' => 'index', 'options' => 'mr', 'search' => $address));
try {
$output = $this->_http->get($url)->getBody();
} catch (Horde_Http_Exception $e) {
throw new Horde_Crypt_Exception($e);
}
if (strpos($output, '-----BEGIN PGP PUBLIC KEY BLOCK') !== false) {
$pubkey = $output;
} elseif (strpos($output, 'pub:') !== false) {
$output = explode("\n", $output);
$keyids = $keyuids = array();
$curid = null;
foreach ($output as $line) {
if (substr($line, 0, 4) == 'pub:') {
$line = explode(':', $line);
/* Ignore invalid lines and expired keys. */
if (count($line) != 7 || !empty($line[5]) && $line[5] <= time()) {
continue;
}
$curid = $line[4];
$keyids[$curid] = $line[1];
} elseif (!is_null($curid) && substr($line, 0, 4) == 'uid:') {
preg_match("/<([^>]+)>/", $line, $matches);
$keyuids[$curid][] = $matches[1];
}
}
/* Remove keys without a matching UID. */
foreach ($keyuids as $id => $uids) {
$match = false;
foreach ($uids as $uid) {
if ($uid == $address) {
$match = true;
break;
}
}
if (!$match) {
unset($keyids[$id]);
}
}
/* Sort by timestamp to use the newest key. */
if (count($keyids)) {
ksort($keyids);
$pubkey = $this->get(array_pop($keyids));
}
}
if ($pubkey) {
$sig = $this->_pgp->pgpPacketSignature($pubkey, $address);
if (!empty($sig['keyid']) && (empty($sig['public_key']['expires']) || $sig['public_key']['expires'] > time())) {
return substr($this->_pgp->getKeyIDString($sig['keyid']), 2);
}
}
throw new Horde_Crypt_Exception(Horde_Crypt_Translation::t("Could not obtain public key from the keyserver."));
}
/**
* Returns information on a PGP data block.
*
* @param string $pgpdata The PGP data block.
*
* @return array An array with information on the PGP data block. If an
* element is not present in the data block, it will
* likewise not be set in the array.
* <pre>
* Array Format:
* -------------
* [public_key]/[secret_key] => Array
* (
* [created] => Key creation - UNIX timestamp
* [expires] => Key expiration - UNIX timestamp (0 = never expires)
* [size] => Size of the key in bits
* )
*
* [keyid] => Key ID of the PGP data (if available)
* 16-bit hex value
*
* [signature] => Array (
* [id{n}/'_SIGNATURE'] => Array (
* [name] => Full Name
* [comment] => Comment
* [email] => E-mail Address
* [keyid] => 16-bit hex value
* [created] => Signature creation - UNIX timestamp
* [expires] => Signature expiration - UNIX timestamp
* [micalg] => The hash used to create the signature
* [sig_{hex}] => Array [details of a sig verifying the ID] (
* [created] => Signature creation - UNIX timestamp
* [expires] => Signature expiration - UNIX timestamp
* [keyid] => 16-bit hex value
* [micalg] => The hash used to create the signature
* )
* )
* )
* </pre>
*
* Each user ID will be stored in the array 'signature' and have data
* associated with it, including an array for information on each
* signature that has signed that UID. Signatures not associated with a
* UID (e.g. revocation signatures and sub keys) will be stored under the
* special keyword '_SIGNATURE'.
*/
public function pgpPacketInformation($pgpdata)
{
return $this->_pgp->pgpPacketInformation($pgpdata);
}
/**
* Generate a Horde_Mime_Part object, in accordance with RFC 2015/3156,
* that contains the user's public key.
*
* @return Horde_Mime_Part See Horde_Crypt_Pgp::publicKeyMimePart().
*/
public function publicKeyMimePart($key = null)
{
return parent::publicKeyMimePart($this->getPersonalPublicKey());
}
/**
* Returns only information on the first ID that matches the email address
* input.
*
* @param string $pgpdata The PGP data block.
* @param string $email An e-mail address.
*
* @return array An array with information on the PGP data block. If an
* element is not present in the data block, it will
* likewise not be set in the array. Array elements:
* - comment: Comment
* - created: Signature creation (UNIX timestamp)
* - email: E-mail Address
* - key_created: Key creation (UNIX timestamp)
* - key_expires: Key expiration (UNIX timestamp; 0 = never expires)
* - key_size: Size of the key in bits
* - key_type: The key type (public_key or secret_key)
* - keyid: 16-bit hex value
* - micalg: The hash used to create the signature
* - name: Full Name
*/
public function pgpPacketSignature($pgpdata, $email)
{
return $this->_pgp->pgpPacketSignature($pgpdata, $email);
}
