banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
bnet/additions
master
release-1.4
release-1.3
release-1.2
release-1.1
dev/push
release-1.0
dev-fontawesome
dev-zenmode
release-0.9
release-0.8
release-0.7
release-0.6
release-2020-06-30-13-12
1.3.13
1.4.6
1.3.12
1.4.5
1.4.4
1.3.11
1.2.10
1.4.3
1.4.2
1.4.1
1.4.0
1.4-rc2
1.3.10
1.3.9
1.4-rc1
1.3.8
1.4-beta
1.3.7
1.2.9
1.1.12
1.1.11
1.2.8
1.3.6
1.3.5
1.3.4
1.3.3
1.2.7
1.1.10
1.0.12
1.3.2
1.2.6
1.3.1
1.3.0
1.0.11
1.1.9
1.2.5
1.3-rc
1.0.10
1.1.8
1.2.4
1.3-beta
1.1.7
1.2.3
1.1.6
1.2.2
1.2.1
1.2.0
1.0.9
1.1.5
1.2-rc
1.1.2
1.0.6
v0.9.5
v0.8.7
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
0.7.4
v0.7.4
0.8.6
v0.8.6
0.9-rc2
v0.9-rc2
v0.9-rc
v0.8.5
v0.9-beta
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.7.3
v0.8.0
v0.8-rc
v0.7.2
v0.8-beta
v0.7.1
v0.7
v0.7-beta2
v0.7-beta1
v0.6
v0.6-rc
v0.6-beta
v0.5.4
v0.5.4@5065
v0.5.4@5062
v0.5.3
v0.5.3@4832
v0.5.2
v0.5.2@4679
v0.5.1
v0.5.1@4518
v0.5
v0.5@4408
v0.5-rc
v0.5-rc@4349
v0.5-beta
v0.5-beta@4347
v0.4.2
v0.4.2@4050
v0.4.1
v0.4.1@4045
v0.4-beta
v0.4-beta@3548
v0.3.1
v0.3.1@3081
v0.3-stable
v0.3-stable@2921
v0.3-rc1
v0.3-beta
v0.3-beta@2799
v0.2.2
v0.2.2@2495
v0.2.1
v0.2.1@2348
v0.2.2@2481
v0.2-stable
v0.2-stable@2204
v0.2-beta
v0.2-beta@1878
v0.2-beta@1877
v0.2-alpha
v0.2-alpha@1499
v0.1.1
v0.1.1@1258
v0.1-stable
v0.1-stable@1183
v0.1-rc2
v0.1-rc2@900
v0.1-rc1
v0.1-rc1@582
v0.1-beta2
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.7
1.0.8
1.1-beta
1.1-rc
1.1.0
1.1.1
1.1.3
1.1.4
1.2-beta
v1.0-beta
v1.0-rc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '70c7df8faa'
${ noResults }
roundcubemail/program/lib/Crypt/GPG/DecryptStatusHandler.php

337 lines
9.9 KiB
PHP
Raw Blame History

<?php
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
/**
* Crypt_GPG is a package to use GPG from PHP
*
* This file contains an object that handles GPG's status output for the
* decrypt operation.
*
* PHP version 5
*
* LICENSE:
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of the
* License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* @category Encryption
* @package Crypt_GPG
* @author Michael Gauthier <mike@silverorange.com>
* @copyright 2008-2009 silverorange
* @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
* @version CVS: $Id: DecryptStatusHandler.php 302814 2010-08-26 15:43:07Z gauthierm $
* @link http://pear.php.net/package/Crypt_GPG
* @link http://www.gnupg.org/
*/
/**
* Crypt_GPG base class
*/
require_once 'Crypt/GPG.php';
/**
* GPG exception classes
*/
require_once 'Crypt/GPG/Exceptions.php';
/**
* Status line handler for the decrypt operation
*
* This class is used internally by Crypt_GPG and does not need be used
* directly. See the {@link Crypt_GPG} class for end-user API.
*
* This class is responsible for sending the passphrase commands when required
* by the {@link Crypt_GPG::decrypt()} method. See <b>doc/DETAILS</b> in the
* {@link http://www.gnupg.org/download/ GPG distribution} for detailed
* information on GPG's status output for the decrypt operation.
*
* This class is also responsible for parsing error status and throwing a
* meaningful exception in the event that decryption fails.
*
* @category Encryption
* @package Crypt_GPG
* @author Michael Gauthier <mike@silverorange.com>
* @copyright 2008 silverorange
* @license http://www.gnu.org/copyleft/lesser.html LGPL License 2.1
* @link http://pear.php.net/package/Crypt_GPG
* @link http://www.gnupg.org/
*/
class Crypt_GPG_DecryptStatusHandler
{
// {{{ protected properties
/**
* Keys used to decrypt
*
* The array is of the form:
* <code>
* array(
* $key_id => array(
* 'fingerprint' => $fingerprint,
* 'passphrase' => $passphrase
* )
* );
* </code>
*
* @var array
*/
protected $keys = array();
/**
* Engine used to which passphrases are passed
*
* @var Crypt_GPG_Engine
*/
protected $engine = null;
/**
* The id of the current sub-key used for decryption
*
* @var string
*/
protected $currentSubKey = '';
/**
* Whether or not decryption succeeded
*
* If the message is only signed (compressed) and not encrypted, this is
* always true. If the message is encrypted, this flag is set to false
* until we know the decryption succeeded.
*
* @var boolean
*/
protected $decryptionOkay = true;
/**
* Whether or not there was no data for decryption
*
* @var boolean
*/
protected $noData = false;
/**
* Keys for which the passhprase is missing
*
* This contains primary user ids indexed by sub-key id and is used to
* create helpful exception messages.
*
* @var array
*/
protected $missingPassphrases = array();
/**
* Keys for which the passhprase is incorrect
*
* This contains primary user ids indexed by sub-key id and is used to
* create helpful exception messages.
*
* @var array
*/
protected $badPassphrases = array();
/**
* Keys that can be used to decrypt the data but are missing from the
* keychain
*
* This is an array with both the key and value being the sub-key id of
* the missing keys.
*
* @var array
*/
protected $missingKeys = array();
// }}}
// {{{ __construct()
/**
* Creates a new decryption status handler
*
* @param Crypt_GPG_Engine $engine the GPG engine to which passphrases are
* passed.
* @param array $keys the decryption keys to use.
*/
public function __construct(Crypt_GPG_Engine $engine, array $keys)
{
$this->engine = $engine;
$this->keys = $keys;
}
// }}}
// {{{ handle()
/**
* Handles a status line
*
* @param string $line the status line to handle.
*
* @return void
*/
public function handle($line)
{
$tokens = explode(' ', $line);
switch ($tokens[0]) {
case 'ENC_TO':
// Now we know the message is encrypted. Set flag to check if
// decryption succeeded.
$this->decryptionOkay = false;
// this is the new key message
$this->currentSubKeyId = $tokens[1];
break;
case 'NEED_PASSPHRASE':
// send passphrase to the GPG engine
$subKeyId = $tokens[1];
if (array_key_exists($subKeyId, $this->keys)) {
$passphrase = $this->keys[$subKeyId]['passphrase'];
$this->engine->sendCommand($passphrase);
} else {
$this->engine->sendCommand('');
}
break;
case 'USERID_HINT':
// remember the user id for pretty exception messages
$this->badPassphrases[$tokens[1]]
= implode(' ', array_splice($tokens, 2));
break;
case 'GOOD_PASSPHRASE':
// if we got a good passphrase, remove the key from the list of
// bad passphrases.
unset($this->badPassphrases[$this->currentSubKeyId]);
break;
case 'MISSING_PASSPHRASE':
$this->missingPassphrases[$this->currentSubKeyId]
= $this->currentSubKeyId;
break;
case 'NO_SECKEY':
// note: this message is also received if there are multiple
// recipients and a previous key had a correct passphrase.
$this->missingKeys[$tokens[1]] = $tokens[1];
break;
case 'NODATA':
$this->noData = true;
break;
case 'DECRYPTION_OKAY':
// If the message is encrypted, this is the all-clear signal.
$this->decryptionOkay = true;
break;
}
}
// }}}
// {{{ throwException()
/**
* Takes the final status of the decrypt operation and throws an
* appropriate exception
*
* If decryption was successful, no exception is thrown.
*
* @return void
*
* @throws Crypt_GPG_KeyNotFoundException if the private key needed to
* decrypt the data is not in the user's keyring.
*
* @throws Crypt_GPG_NoDataException if specified data does not contain
* GPG encrypted data.
*
* @throws Crypt_GPG_BadPassphraseException if a required passphrase is
* incorrect or if a required passphrase is not specified. See
* {@link Crypt_GPG::addDecryptKey()}.
*
* @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
* Use the <i>debug</i> option and file a bug report if these
* exceptions occur.
*/
public function throwException()
{
$code = Crypt_GPG::ERROR_NONE;
if (!$this->decryptionOkay) {
if (count($this->badPassphrases) > 0) {
$code = Crypt_GPG::ERROR_BAD_PASSPHRASE;
} elseif (count($this->missingKeys) > 0) {
$code = Crypt_GPG::ERROR_KEY_NOT_FOUND;
} else {
$code = Crypt_GPG::ERROR_UNKNOWN;
}
} elseif ($this->noData) {
$code = Crypt_GPG::ERROR_NO_DATA;
}
switch ($code) {
case Crypt_GPG::ERROR_NONE:
break;
case Crypt_GPG::ERROR_KEY_NOT_FOUND:
if (count($this->missingKeys) > 0) {
$keyId = reset($this->missingKeys);
} else {
$keyId = '';
}
throw new Crypt_GPG_KeyNotFoundException(
'Cannot decrypt data. No suitable private key is in the ' .
'keyring. Import a suitable private key before trying to ' .
'decrypt this data.', $code, $keyId);
case Crypt_GPG::ERROR_BAD_PASSPHRASE:
$badPassphrases = array_diff_key(
$this->badPassphrases,
$this->missingPassphrases
);
$missingPassphrases = array_intersect_key(
$this->badPassphrases,
$this->missingPassphrases
);
$message = 'Cannot decrypt data.';
if (count($badPassphrases) > 0) {
$message = ' Incorrect passphrase provided for keys: "' .
implode('", "', $badPassphrases) . '".';
}
if (count($missingPassphrases) > 0) {
$message = ' No passphrase provided for keys: "' .
implode('", "', $badPassphrases) . '".';
}
throw new Crypt_GPG_BadPassphraseException($message, $code,
$badPassphrases, $missingPassphrases);
case Crypt_GPG::ERROR_NO_DATA:
throw new Crypt_GPG_NoDataException(
'Cannot decrypt data. No PGP encrypted data was found in '.
'the provided data.', $code);
default:
throw new Crypt_GPG_Exception(
'Unknown error decrypting data.', $code);
}
}
// }}}
}
?>
Reference in New Issue View Git Blame Copy Permalink