function sign_key_userid($packet, $hash = 'SHA256', $keyid = NULL) { if (is_array($packet)) { $packet = new OpenPGP_Message($packet); } else { if (!is_object($packet)) { $packet = OpenPGP_Message::parse($packet); } } $key = $this->private_key($keyid); if (!$key || !$packet) { return NULL; } // Missing some data if (!$keyid) { $keyid = substr($this->key->fingerprint, -16); } $key->setHash(strtolower($hash)); $sig = NULL; foreach ($packet as $p) { if ($p instanceof OpenPGP_SignaturePacket) { $sig = $p; } } if (!$sig) { $sig = new OpenPGP_SignaturePacket($packet, 'RSA', strtoupper($hash)); $sig->signature_type = 0x13; $sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x1, 0x2)); $sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid); $packet[] = $sig; } $sig->sign_data(array('RSA' => array($hash => function ($data) use($key) { return array($key->sign($data)); }))); return $packet; }
function sign($packet, $hash = 'SHA256', $keyid = NULL) { if (!is_object($packet)) { if ($this->key) { $packet = new OpenPGP_LiteralDataPacket($packet); } else { $packet = OpenPGP_Message::parse($packet); } } if ($packet instanceof OpenPGP_SecretKeyPacket || $packet instanceof Crypt_RSA || $packet instanceof ArrayAccess && $packet[0] instanceof OpenPGP_SecretKeyPacket) { $key = $packet; $message = $this->message; } else { $key = $this->key; $message = $packet; } if (!$key || !$message) { return NULL; } // Missing some data if ($message instanceof OpenPGP_Message) { list($dummy, $message) = $message->signature_and_data(); } if (!$key instanceof Crypt_RSA) { $key = new self($key); if (!$keyid) { $keyid = substr($key->key()->fingerprint, -16, 16); } $key = $key->private_key($keyid); } $key->setHash(strtolower($hash)); $sig = new OpenPGP_SignaturePacket($message, 'RSA', strtoupper($hash)); $sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid); $sig->sign_data(array('RSA' => array($hash => array($key, 'sign')))); return new OpenPGP_Message(array($sig, $message)); }
function __construct($data = NULL) { parent::__construct($data); $this->tag = array_search(substr(substr(get_class($this), 8 + 16), 0, -6), OpenPGP_SignaturePacket::$subpacket_types); }
/** */ public function sign($text, $key, $mode, $opts = array()) { $rsa = new OpenPGP_Crypt_RSA($key->message); $pkey = $rsa->key(); $text = $this->_getMessageOb($text)->packets[0]; switch ($pkey->algorithm) { case 1: case 2: case 3: // RSA $hash = $opts['sign_hash'] ?: 'SHA256'; $result = $rsa->sign($text, $hash); break; case 17: // DSA; use SHA1 by default, since that is what DSA/DSS was // designed for. $hash = $opts['sign_hash'] ?: 'SHA1'; $sig = new OpenPGP_SignaturePacket($text, 'DSA', $hash); $sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket(substr($pkey->fingerprint, -16)); $dsa = new Horde_Pgp_Crypt_DSA($pkey); $sig->sign_data(array('DSA' => array($hash => function ($data) use($dsa, $hash) { return $dsa->sign($data, $hash); }))); $result = new OpenPGP_Message(array($sig, $text)); break; } switch ($mode) { case 'clear': $sm = new Horde_Pgp_Element_SignedMessage(new OpenPGP_Message(array($result[1], $result[0]))); $sm->headers['Hash'] = $hash; return $sm; case 'detach': foreach ($result as $val) { if ($val instanceof OpenPGP_SignaturePacket) { return new Horde_Pgp_Element_Signature(new OpenPGP_Message(array($val))); } } break; case 'message': return new Horde_Pgp_Element_Message($this->_compressMessageOb($result, $opts['compress'])); } }