function sign_key_userid($packet, $hash = 'SHA256', $keyid = NULL)
{
if (is_array($packet)) {
$packet = new OpenPGP_Message($packet);
} else {
if (!is_object($packet)) {
$packet = OpenPGP_Message::parse($packet);
}
}
$key = $this->private_key($keyid);
if (!$key || !$packet) {
return NULL;
}
// Missing some data
if (!$keyid) {
$keyid = substr($this->key->fingerprint, -16);
}
$key->setHash(strtolower($hash));
$sig = NULL;
foreach ($packet as $p) {
if ($p instanceof OpenPGP_SignaturePacket) {
$sig = $p;
}
}
if (!$sig) {
$sig = new OpenPGP_SignaturePacket($packet, 'RSA', strtoupper($hash));
$sig->signature_type = 0x13;
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_KeyFlagsPacket(array(0x1, 0x2));
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid);
$packet[] = $sig;
}
$sig->sign_data(array('RSA' => array($hash => function ($data) use($key) {
return array($key->sign($data));
})));
return $packet;
}
function sign($packet, $hash = 'SHA256', $keyid = NULL)
{
if (!is_object($packet)) {
if ($this->key) {
$packet = new OpenPGP_LiteralDataPacket($packet);
} else {
$packet = OpenPGP_Message::parse($packet);
}
}
if ($packet instanceof OpenPGP_SecretKeyPacket || $packet instanceof Crypt_RSA || $packet instanceof ArrayAccess && $packet[0] instanceof OpenPGP_SecretKeyPacket) {
$key = $packet;
$message = $this->message;
} else {
$key = $this->key;
$message = $packet;
}
if (!$key || !$message) {
return NULL;
}
// Missing some data
if ($message instanceof OpenPGP_Message) {
list($dummy, $message) = $message->signature_and_data();
}
if (!$key instanceof Crypt_RSA) {
$key = new self($key);
if (!$keyid) {
$keyid = substr($key->key()->fingerprint, -16, 16);
}
$key = $key->private_key($keyid);
}
$key->setHash(strtolower($hash));
$sig = new OpenPGP_SignaturePacket($message, 'RSA', strtoupper($hash));
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket($keyid);
$sig->sign_data(array('RSA' => array($hash => array($key, 'sign'))));
return new OpenPGP_Message(array($sig, $message));
}
function __construct($data = NULL)
{
parent::__construct($data);
$this->tag = array_search(substr(substr(get_class($this), 8 + 16), 0, -6), OpenPGP_SignaturePacket::$subpacket_types);
}
/**
*/
public function sign($text, $key, $mode, $opts = array())
{
$rsa = new OpenPGP_Crypt_RSA($key->message);
$pkey = $rsa->key();
$text = $this->_getMessageOb($text)->packets[0];
switch ($pkey->algorithm) {
case 1:
case 2:
case 3:
// RSA
$hash = $opts['sign_hash'] ?: 'SHA256';
$result = $rsa->sign($text, $hash);
break;
case 17:
// DSA; use SHA1 by default, since that is what DSA/DSS was
// designed for.
$hash = $opts['sign_hash'] ?: 'SHA1';
$sig = new OpenPGP_SignaturePacket($text, 'DSA', $hash);
$sig->hashed_subpackets[] = new OpenPGP_SignaturePacket_IssuerPacket(substr($pkey->fingerprint, -16));
$dsa = new Horde_Pgp_Crypt_DSA($pkey);
$sig->sign_data(array('DSA' => array($hash => function ($data) use($dsa, $hash) {
return $dsa->sign($data, $hash);
})));
$result = new OpenPGP_Message(array($sig, $text));
break;
}
switch ($mode) {
case 'clear':
$sm = new Horde_Pgp_Element_SignedMessage(new OpenPGP_Message(array($result[1], $result[0])));
$sm->headers['Hash'] = $hash;
return $sm;
case 'detach':
foreach ($result as $val) {
if ($val instanceof OpenPGP_SignaturePacket) {
return new Horde_Pgp_Element_Signature(new OpenPGP_Message(array($val)));
}
}
break;
case 'message':
return new Horde_Pgp_Element_Message($this->_compressMessageOb($result, $opts['compress']));
}
}
