/** * Creates a new GPG engine * * Available options are: * * - <kbd>string homedir</kbd> - the directory where the GPG * keyring files are stored. If not * specified, Crypt_GPG uses the * default of <kbd>~/.gnupg</kbd>. * - <kbd>string publicKeyring</kbd> - the file path of the public * keyring. Use this if the public * keyring is not in the homedir, or * if the keyring is in a directory * not writable by the process * invoking GPG (like Apache). Then * you can specify the path to the * keyring with this option * (/foo/bar/pubring.gpg), and specify * a writable directory (like /tmp) * using the <i>homedir</i> option. * - <kbd>string privateKeyring</kbd> - the file path of the private * keyring. Use this if the private * keyring is not in the homedir, or * if the keyring is in a directory * not writable by the process * invoking GPG (like Apache). Then * you can specify the path to the * keyring with this option * (/foo/bar/secring.gpg), and specify * a writable directory (like /tmp) * using the <i>homedir</i> option. * - <kbd>string trustDb</kbd> - the file path of the web-of-trust * database. Use this if the trust * database is not in the homedir, or * if the database is in a directory * not writable by the process * invoking GPG (like Apache). Then * you can specify the path to the * trust database with this option * (/foo/bar/trustdb.gpg), and specify * a writable directory (like /tmp) * using the <i>homedir</i> option. * - <kbd>string binary</kbd> - the location of the GPG binary. If * not specified, the driver attempts * to auto-detect the GPG binary * location using a list of known * default locations for the current * operating system. The option * <kbd>gpgBinary</kbd> is a * deprecated alias for this option. * - <kbd>boolean debug</kbd> - whether or not to use debug mode. * When debug mode is on, all * communication to and from the GPG * subprocess is logged. This can be * useful to diagnose errors when * using Crypt_GPG. * * @param array $options optional. An array of options used to create the * GPG object. All options are optional and are * represented as key-value pairs. * * @throws Crypt_GPG_FileException if the <kbd>homedir</kbd> does not exist * and cannot be created. This can happen if <kbd>homedir</kbd> is * not specified, Crypt_GPG is run as the web user, and the web * user has no home directory. This exception is also thrown if any * of the options <kbd>publicKeyring</kbd>, * <kbd>privateKeyring</kbd> or <kbd>trustDb</kbd> options are * specified but the files do not exist or are are not readable. * This can happen if the user running the Crypt_GPG process (for * example, the Apache user) does not have permission to read the * files. * * @throws PEAR_Exception if the provided <kbd>binary</kbd> is invalid, or * if no <kbd>binary</kbd> is provided and no suitable binary could * be found. */ public function __construct(array $options = array()) { $this->_isDarwin = strncmp(strtoupper(PHP_OS), 'DARWIN', 6) === 0; // populate mbstring overloading cache if not set if (self::$_mbStringOverload === null) { self::$_mbStringOverload = extension_loaded('mbstring') && (ini_get('mbstring.func_overload') & 0x2) === 0x2; } // get homedir if (array_key_exists('homedir', $options)) { $this->_homedir = (string) $options['homedir']; } else { // note: this requires the package OS dep exclude 'windows' $info = posix_getpwuid(posix_getuid()); $this->_homedir = $info['dir'] . '/.gnupg'; } // attempt to create homedir if it does not exist if (!is_dir($this->_homedir)) { if (@mkdir($this->_homedir, 0777, true)) { // Set permissions on homedir. Parent directories are created // with 0777, homedir is set to 0700. chmod($this->_homedir, 0700); } else { throw new Crypt_GPG_FileException('The \'homedir\' "' . $this->_homedir . '" is not readable or does not exist ' . 'and cannot be created. This can happen if \'homedir\' ' . 'is not specified in the Crypt_GPG options, Crypt_GPG is ' . 'run as the web user, and the web user has no home ' . 'directory.', 0, $this->_homedir); } } // get binary if (array_key_exists('binary', $options)) { $this->_binary = (string) $options['binary']; } elseif (array_key_exists('gpgBinary', $options)) { // deprecated alias $this->_binary = (string) $options['gpgBinary']; } else { $this->_binary = $this->_getBinary(); } if ($this->_binary == '' || !is_executable($this->_binary)) { throw new PEAR_Exception('GPG binary not found. If you are sure ' . 'the GPG binary is installed, please specify the location of ' . 'the GPG binary using the \'binary\' driver option.'); } /* * Note: * * Normally, GnuPG expects keyrings to be in the homedir and expects * to be able to write temporary files in the homedir. Sometimes, * keyrings are not in the homedir, or location of the keyrings does * not allow writing temporary files. In this case, the <i>homedir</i> * option by itself is not enough to specify the keyrings because GnuPG * can not write required temporary files. Additional options are * provided so you can specify the location of the keyrings separately * from the homedir. */ // get public keyring if (array_key_exists('publicKeyring', $options)) { $this->_publicKeyring = (string) $options['publicKeyring']; if (!is_readable($this->_publicKeyring)) { throw new Crypt_GPG_FileException('The \'publicKeyring\' "' . $this->_publicKeyring . '" does not exist or is ' . 'not readable. Check the location and ensure the file ' . 'permissions are correct.', 0, $this->_publicKeyring); } } // get private keyring if (array_key_exists('privateKeyring', $options)) { $this->_privateKeyring = (string) $options['privateKeyring']; if (!is_readable($this->_privateKeyring)) { throw new Crypt_GPG_FileException('The \'privateKeyring\' "' . $this->_privateKeyring . '" does not exist or is ' . 'not readable. Check the location and ensure the file ' . 'permissions are correct.', 0, $this->_privateKeyring); } } // get trust database if (array_key_exists('trustDb', $options)) { $this->_trustDb = (string) $options['trustDb']; if (!is_readable($this->_trustDb)) { throw new Crypt_GPG_FileException('The \'trustDb\' "' . $this->_trustDb . '" does not exist or is not readable. ' . 'Check the location and ensure the file permissions are ' . 'correct.', 0, $this->_trustDb); } } if (array_key_exists('debug', $options)) { $this->_debug = (bool) $options['debug']; } }