ïž¹0Œsr·a%•ˆ¦ï‰Ò¢6[h÷é@	îÛV.Ù;Ï«¾†ôÃœðIÅ¡xôšªFgï=);xï²É,7[<Œ¤z=C‘85) .zæ²†-F¸›/úýzfS·ŽÆM›Ö*ÞãWÊÌÎÅ¹ò(Ìôn¨½^Þ¹nø„mlFIñ»“1<Ø¦©99Á1ÈÃ •€Æ—@¿50…Ÿ3»à¤ÆÂ$n%r4æ6y×	 DC×~‘¥;‘Ðpª.›ñW!}¡O†8‹é™ÝVÖsÒ˜|Ä„o²0”v&ät™©¡ Ïh	!êû$PÓ•òvÌWÞ«ÍÈºJ–3ƒÛ]bVAÄæ.Ï¤†þïž*	çR±c¼—‹k‹Š5ÐVïb “U6n`ÑuÝýOQ½ âcä'¸¡}V·[Á[«1º­c57¡ªf²˜ „É– ³!ó)°UÔ—I:c’–¿¦ìú=MþH:Ÿb+*b,hF'èÁ™ŽòI$ñé^U=Žm0e{6ÖÆFk$åË%J¡ÃF®óß–¢»Wïç^ÔUL½v³GÍõ…Š@V}Ÿ.óE£xLë¸ú¦ÄsåŠ†•è·}@*Gnì ÿ¸ÿ¼Ø®F ;7ÊëÓÊ*2®Ä’ã³pêb‰¯êö_z–Ä†{%Ü„‡÷nìó‘JÈ/ìŒ´å¼ÅY"ñrBÌ:“ÂõÚí@±ƒ“£\b.ü¨Î#z„ëf4B1”*ÂáýG·9¢Pž½G
VŒ˜ë„æqB±-[ªø°Å',^’½â=DxÛýM>Sjwå²·Q½'ö…²lâ¡=Ô$3Þù‚’[K$³Ïòt|b¢]ñ¶Û´õÒ’ÑÉ\ÌxÎ†4IØjKÂIÂD"EñYÃi¯8™Ìcz¨u¥âÎú!š·ùIŠK 
xm,`z-•’¢ÚØŽ Ý.-ðFpŒËÝ×|àt•¦i²‘Hùvžb…Úk˜N0<&Ä?(HûL³¾!s´9Ä®
Ú¥#@ïÔk~ß\zÐœwsf½ótEPÊØÓí?¬¤ªji*»Ð½£Æ	’üHBÄqåBHÝók—ËŽ´eP‚÷¹·8 ÕÍºT^Ë%¥ý>¼p½9}†þ±€7v<½+ýÎ\¼™Ýsô¾ÊÌ¹Ú1è¬	¥1Íc»_›õÉÖGÀL¾ùtšõöuRæôŽÛ•õMÞ’U†Ê4½¸L+£aD_ü™º›@.]˜P÷øznù´Íšî»dï`r~ÁžDš†›¬ôÚý?0“ùÉy‚	±žSŠ_R¢`a©L1¤°˜J6)æï¯4i›ƒIìÎ·…J$(Gt<{;°6¢äâ½uÿFŽYñÎ*P­ÕUr_>àêHwÕ|‚KBà	_¢ú{¯qWµ,§AÚ_ï¹*KXÅÃVô‹"`ò´«¾#[wï}ø¼ Z/] †xGÕMqÉÂ©:†é~=¢õHè†ñã§ž”1\è`UuÜ@ÙÚT„nÎ\ÚzI›”r"à€xÔ&Ád”õv\§±œÊ+ŠÎAUöóvi¤)ô„Ú«5´À%2%¥âJÆM{»h½µ‡ü×²C¥ª&Ð}!&œÿÖ´	)Ö–¢11°eüx/÷s%–WcÈ‡›‚ÃsÕ!Î–eö&ÕlñËˆŒD¸ÞŒåStG§{˜¸Oß.¿Ùc½w33¿J‚Æ>¤{©“ÝQöNéþz
‚ÖV€½»éÝ˜á)YôÉAç~a[hIW"Vç…Ñ„º€•’5¹×è·GKÄƒÚ®	Øªé;!b[wtŠÛ=detË‚ÅC ôk‚þvØ$ÃÄ7PHÎ6`ºv5›*vžlBtrR¢Š¿]–Ú¡P,Oä~^<~ÞÙ€äVÂ&Þç-rB‰V&ÙòËPÎjânÝE36¹¯‚‹I9•/Î4†ÛË0‰kkur¥²mâ¶<	ä[â?fY>=E¯NÜ%y®Új`aØÉ’¹‘kL¨ê{@«™eµ¦E, ‰®êHDÅ^È8¥Á…ßÜ+3}ÂX÷­Œ8ÃÜf„N´Îì½ÛÜ4À˜ð}Þj<u¸ë‚¸3Å«-=£db¢qßôó
éÁÇ¬´ãŽU.Ñ¬¯—Ûþ¸p£…mÑúä-b
ŽâŒôáQ–F@ùmrêµ*¬¹êh¸2ùG©sö¶KPvÔ|¸„ yãŽU.Ñ¬¯—Ûþ¸p£…³¨œ6/ÎÜâ4Ä›?Ó¶’ÙB$ôf­¿¼¸Uš~àš‡ÑjëÖÎ­ÀÛŸ?ñÄ—(ß±Xd{ØqºŠ¦”YeŸ!½Áç\sûƒ¥hhÝ¾…;zWëÛw‘|ŠYÃÕ÷¹iß³”¨„~úâ"m&Î¸÷âq÷ü¡@6ÊÕ!Kƒ^s¼ÁNOÁ[” ßË£ôìä2\ | SÖG¬7S.!1A~Ì	êg)åê®9Yïãu·\&/	ZmfrA 7‡G}~‹Ä*Š®<-dÜˆ;kü­zò¢Bêèõ¶¨{†;åÀÈ'YÝ¨³‡vËº¨*·ïË>š²`«gØzqÑˆ³YökÚÔÊS`á$æJÖ7AóÍ-)fÌM]qºù¿ JZNv¶6~öü¡z ©‘7õò•öFlÅV#MæŸúâîŽ7ÛC¶f¥¦“z´ê“+Qµ=ìª&4¦ G®¤ûãÔdN~*ÌÜ¯¤;Ah»CL>j¢ëÌ®ü™_M%‚×ñÍæp®4N+ ÔÒ ©•ÖÃèv vt®Ðx%°ûûmæÙU[·îHU}$ÙØ6\z“SÍ@äñ¶ì„ß‘ãÿœÚŒ `Ôí¢³¾èE@+9O@“±Ô#Ð¤¾fÚ³ñ¬´0¿Á«‰x˜Sì0ñü]Ø ÓBØfê£	:OÊV9Z5È
ŠŸ3Š-“NŸ¦aÛ(H´ªâvªŽ†—NNv„éCzo¾Ñ˜Gôb8&#~7Ç3†žBî…ð!vÊ×S®õq“ ³àì¸Í­NÂ¥¢Œ¯{xøÖ²`$Í3î|¤L+"}±)KŸónwÈíDJæÃ–9uZz/œ"]F~0ênà.½"3Wµ¨.¤£Ú¢dhW*i-cç¶å4ÔSÅêtW¬~TÇx:Z@(¤Uï,rw±/íodÝ³«¦Ú"­žs<žÅ/ç4Í?¬xxÇ^&ŒF>ó/åbAKÊô8`‹G¤œÖûÝA7ñ¹´îqLL5ÒDadÍUÝÀ’…!·¤[™6”øgªrð<Ö¢œEX¯e(<z½?F¤2
<JWœö1±mLbF‹1JÛÕä[ÚÞ›Ú˜ þlÇŽÖÞÆ;«¼°¢üþ·†Ö±¦…wgÆ×_3Ù‘Ë°dè[¾Ð{SN³ÿ·»Æøú»|¢LŠˆ«ï3Ì9ùìÉ~³‚@>Ãß¶¥Žd`ëƒ‘òÅ$E˜9w%{ÛC?’€ìé‹.oK-Õq‹|ö¤Ybì‰-ƒ sà7GAäqÄ\¯€àÀ0qÃÑdª/ŸîÏ¨°ŠÚœÅêàõœA Üò‚ï"Pü™´	Ÿ¤¨¹xgªØJ7¹«•ÁÆ‚txk’×ír·HR|odÝ³«¦Ú"­žs<žÅ/ºa6AÌg×åµ›¼=>YsËÏr[ +Ë@ÇÂã'{Êµ+Ô
-›9Dø¹¢K0ÿ£!Þd—¾p@ÂÆœœ³àÔt÷!k<¥™æä=õ”¶—b)÷"Œ@:±KR"â-ýeø€j©0Žðlsû.ºv¨ÞQ3íY³ñ2 pÊ“OáQ@$ã*vìR	ùyÿ-™&ø™’Ã .F;‹ÎöTunviËC“Ì*=×Ö¿južðÀŽ5ÒFgX„›ñäÄ’¤‰ÑYCëˆùÇgú9w–qK@[=¡hÞîÍÛ}`X~h3€vOðþ­6HÈ¨«…ßž:f‚“ñ.ñyþ§ .ØaÊ¢‹xlÆRéÚ“î“°(Q’4õQS‘6{-Ë,XôÄè#õÖgÀAj€·ÙÆÛ©G\0aŽÁ©è†„3{šnNˆÏ0]©çìñìÄ2ò.!79Mts	œßÎ™½*/Ð*Œ#$‚ÎþÏ±de³']bfSŒÜ)ä2íŒF­ÁnzFs	"õ²êEÖo6)pAöÃê—èf[&l‰=¯/,¤1¾yäNaò­Ë¹l©4Ö,¤*b@b¨DOZˆªWŠÑ“ajYÈ64JÚked{ûŽÅÏ‡…|¿ïàÀ›€4J?ÏP$q¯UZþ-Ïá»pµ¬ ¯w'ßèˆ›bÒ#å÷£ï4"R„ßy5‚‘ZÙº•úÔu¿˜XLpåÝ
IÄž°ã÷õ(ö¿†MY9^T
i Ëõûrkÿ9Îk]ÕÃ2%M&‰qP¿“3ˆ°f­2ÌFÆzr­âl+ô_0qÃÑdª/ŸîÏ¨°ŠÚØØÀ7]êZ±Å¦”ü´*!›g0Ðb[Ð‚¤·c^ÓŸnƒÔ¸ÿÊ‰È¸saé\<»©)Ðl/ÃõIõÍ<ºn“Ž¬ ØÌ9ÔCÝgèWœö1±mLbF‹1JÛÍQ)›gBÙ6µUý›Ûø)ŸO–¯:gÊõ«C!K)ä2íŒF­ÁnzFs	"õ²êEÖo6)pAöÃê—·|ˆ5»EÃy˜äW„U=_þ7sZ4&á5Kó0hëÛë&bñÇ‡§±{žëôæUdl6Ÿkç”Í1ãÈ3„`!ô£ììåàxIý'ó@ØÔu—7Õ@'Õ[îç¡K´@àìzÂnuofe&¯gç³Dxî]né“"$ 4°Â#Íé½ÄªiôÊxÊ3öYà—eÒòTW­Y–dð\†7xÓNILx¬Õ‘,Þæ­ô“^ú[†ú†@@ó^JvêÞ’ö"l§cyO,bÿØ,2Eàs7LÑ†$ ÿ§|ŠˆãîobOotðÎ©¥Ôs ?¢ÜvŒšŠ]m9gÇ‡$q¯UZþ-Ïá»pµ¬ ¯w'ßèˆ›bÒ#å÷£ï4Õ‹ñ–•€Ø‹9Š° ž—i¶œÝÆÛT%ÍZgqÄhiºÅ|¼«qv¯|YAl‰D#Œ@b¨DOZˆªWŠÑ“ajY$¥ž¥
ÌÐ
ŠþöøÚåÎýp´â;vë~õ0j=×Ö¿južðÀŽ5ÒFgX„›ñäÄ’¤‰ÑYCëˆùÇü; ˜öûe×<®
jp^pÝ6ãÅ+Á«!…h|u$ ‘ñ2 pÊ“OáQ@$ã*vãsBÒãàMF„mÆ™²a˜VÊÄ"¾ÓÅÐvIž&    /**
     * Error code returned when bad key parameters are used during key
     * generation.
     */
    const ERROR_BAD_KEY_PARAMS = 13;

    /**
     * URI at which package bugs may be reported.
     */
    const BUG_URI = 'http://pear.php.net/bugs/report.php?package=Crypt_GPG';

    /**
     * Engine used to control the GPG subprocess
     *
     * @var Crypt_GPG_Engine
     *
     * @see Crypt_GPGAbstract::setEngine()
     */
    protected $engine = null;

    /**
     * Creates a new GPG object
     *
     * Available options are:
     *
     * - <kbd>string homedir</kbd> - the directory where the GPG keyring files are
     *                      stored. If not specified, Crypt_GPG uses the default
     *                      of <kbd>~/.gnupg</kbd>.
     * - <kbd>string publicKeyring</kbd> - the file path of the public keyring.
     *                      Use this if the public keyring is not in the homedir,
     *                      or if the keyring is in a directory not writable
     *                      by the process invoking GPG (like Apache). Then you
     *                      can specify the path to the keyring with this option
     *                      (/foo/bar/pubring.gpg), and specify a writable directory
     *                      (like /tmp) using the <i>homedir</i> option.
     * - <kbd>string privateKeyring</kbd> - the file path of the private keyring.
     *                      Use this if the private keyring is not in the homedir,
     *                      or if the keyring is in a directory not writable
     *                      by the process invoking GPG (like Apache). Then
     *                      you can specify the path to the keyring with this option
     *                      (/foo/bar/secring.gpg), and specify a writable directory
     *                      (like /tmp) using the <i>homedir</i> option.
     * - <kbd>string trustDb</kbd> - the file path of the web-of-trust database.
     *                      Use this if the trust database is not in the homedir, or
     *                      if the database is in a directory not writable
     *                      by the process invoking GPG (like Apache). Then you can
     *                      specify the path to the trust database with this option
     *                      (/foo/bar/trustdb.gpg), and specify a writable directory
     *                      (like /tmp) using the <i>homedir</i> option.
     * - <kbd>string binary</kbd> - the location of the GPG binary.
     *                      If not specified, the driver attempts to auto-detect
     *                      the GPG binary location using a list of known default
     *                      locations for the current operating system. The option
     *                      <kbd>gpgBinary</kbd> is a deprecated alias.
     * - <kbd>string agent</kbd> - the location of the GnuPG agent binary.
     *                      The gpg-agent is only used for GnuPG 2.x. If not
     *                      specified, the engine attempts to auto-detect
     *                      the gpg-agent binary location using a list of
     *                      know default locations for the current operating system.
     * - <kbd>string|false gpgconf</kbd> - the location of the GnuPG conf binary.
     *                      The gpgconf is only used for GnuPG >= 2.1. If not
     *                      specified, the engine attempts to auto-detect
     *                      the location using a list of know default locations.
     *                      When set to FALSE `gpgconf --kill` will not be executed
     *                      via destructor.
     * - <kbd>string digest-algo</kbd> - Sets the message digest algorithm.
     * - <kbd>string cipher-algo</kbd> - Sets the symmetric cipher.
     * - <kbd>string compress-algo</kbd> - Sets the compression algorithm.
     * - <kbd>boolean strict</kbd> - In strict mode clock problems on subkeys
     *                      and signatures are not ignored (--ignore-time-conflict
     *                      and --ignore-valid-from options).
     * - <kbd>mixed debug</kbd> - whether or not to use debug mode.
     *                      When debug mode is on, all communication to and from
     *                      the GPG subprocess is logged. This can be useful to
     *                      diagnose errors when using Crypt_GPG.
     * - <kbd>array options</kbd> - additional per-command options to the GPG
     *                      command. Key of the array is a command (e.g.
     *                      gen-key, import, sign, encrypt, list-keys).
     *                      Value is a string containing command line arguments to be
     *                      added to the related command. For example:
     *                      array('sign' => '--emit-version').
     *
     * @param array $options optional. An array of options used to create the
     *                       GPG object. All options are optional and are
     *                       represented as key-value pairs.
     *
     * @throws Crypt_GPG_FileException if the <kbd>homedir</kbd> does not exist
     *         and cannot be created. This can happen if <kbd>homedir</kbd> is
     *         not specified, Crypt_GPG is run as the web user, and the web
     *         user has no home directory. This exception is also thrown if any
     *         of the options <kbd>publicKeyring</kbd>,
     *         <kbd>privateKeyring</kbd> or <kbd>trustDb</kbd> options are
     *         specified but the files do not exist or are are not readable.
     *         This can happen if the user running the Crypt_GPG process (for
     *         example, the Apache user) does not have permission to read the
     *         files.
     *
     * @throws PEAR_Exception if the provided <kbd>binary</kbd> is invalid, or
     *         if no <kbd>binary</kbd> is provided and no suitable binary could
     *         be found.
     *
     * @throws PEAR_Exception if the provided <kbd>agent</kbd> is invalid, or
     *         if no <kbd>agent</kbd> is provided and no suitable gpg-agent
     *         could be found.
     */
    public function __construct(array $options = array())
    {
        $this->setEngine(new Crypt_GPG_Engine($options));
    }

    /**
     * Sets the I/O engine to use for GnuPG operations
     *
     * Normally this method does not need to be used. It provides a means for
     * dependency injection.
     *
     * @param Crypt_GPG_Engine $engine the engine to use.
     *
     * @return Crypt_GPGAbstract the current object, for fluent interface.
     */
    public function setEngine(Crypt_GPG_Engine $engine)
    {
        $this->engine = $engine;
        return $this;
    }

    /**
     * Sets per-command additional arguments
     *
     * @param array $options Additional per-command options for GPG command.
     *                       Note: This will unset options set previously.
     *                       Key of the array is a command (e.g.
     *                       gen-key, import, sign, encrypt, list-keys).
     *                       Value is a string containing command line arguments to be
     *                       added to the related command. For example:
     *                       array('sign' => '--emit-version').
     *
     * @return Crypt_GPGAbstract the current object, for fluent interface.
     */
    public function setEngineOptions(array $options)
    {
        $this->engine->setOptions($options);
        return $this;
    }

    /**
     * Returns version of the engine (GnuPG) used for operation.
     *
     * @return string GnuPG version.
     *
     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
     *         Use the <kbd>debug</kbd> option and file a bug report if these
     *         exceptions occur.
     */
    public function getVersion()
    {
        return $this->engine->getVersion();
    }

    /**
     * Gets the available keys in the keyring
     *
     * Calls GPG with the <kbd>--list-keys</kbd> command and grabs keys. See
     * the first section of <b>doc/DETAILS</b> in the
     * {@link http://www.gnupg.org/download/ GPG package} for a detailed
     * description of how the GPG command output is parsed.
     *
     * @param string $keyId optional. Only keys with that match the specified
     *                      pattern are returned. The pattern may be part of
     *                      a user id, a key id or a key fingerprint. If not
     *                      specified, all keys are returned.
     *
     * @return array an array of {@link Crypt_GPG_Key} objects. If no keys
     *               match the specified <kbd>$keyId</kbd> an empty array is
     *               returned.
     *
     * @throws Crypt_GPG_Exception if an unknown or unexpected error occurs.
     *         Use the <kbd>debug</kbd> option and file a bug report if these
     *         exceptions occur.
     *
     * @see Crypt_GPG_Key
     */
    protected function _getKeys($keyId = '')
    {
        // get private key fingerprints
        if ($keyId == '') {
            $operation = '--list-secret-keys';
        } else {
            $operation = '--utf8-strings --list-secret-keys -- ' . escapeshellarg($keyId);
        }

        // According to The file 'doc/DETAILS' in the GnuPG distribution, using
        // double '--with-fingerprint' also prints the fingerprint for subkeys.
        $arguments = array(
            '--with-colons',
            '--with-fingerprint',
            '--with-fingerprint',
            '--fixed-list-mode'
        );

        $output = '';

        $this->engine->reset();
        $this->engine->setOutput($output);
        $this->engine->setOperation($operation, $arguments);
        $this->engine->run();

        $privateKeyFingerprints = array();

        foreach (explode(PHP_EOL, $output) as $line) {
            $lineExp = explode(':', $line);
            if ($lineExp[0] == 'fpr') {
                $privateKeyFingerprints[] = $lineExp[9];
            }
        }

        // get public keys
        if ($keyId == '') {
            $operation = '--list-public-keys';
        } else {
            $operation = '--utf8-strings --list-public-keys -- ' . escapeshellarg($keyId);
        }

        $output = '';

        $this->engine->reset();
        $this->engine->setOutput($output);
        $this->engine->setOperation($operation, $arguments);
        $this->engine->run();

        $keys   = array();
        $key    = null; // current key
        $subKey = null; // current sub-key

        foreach (explode(PHP_EOL, $output) as $line) {
            $lineExp = explode(':', $line);

            if ($lineExp[0] == 'pub') {

                // new primary key means last key should be added to the array
                if ($key !== null) {
                    $keys[] = $key;
                }

                $key = new Crypt_GPG_Key();

                $subKey = Crypt_GPG_SubKey::parse($line);
                $key->addSubKey($subKey);

            } elseif ($lineExp[0] == 'sub') {

                $subKey = Crypt_GPG_SubKey::parse($line);
                $key->addSubKey($subKey);

            } elseif ($lineExp[0] == 'fpr') {

                $fingerprint = $lineExp[9];

                // set current sub-key fingerprint
                $subKey->setFingerprint($fingerprint);

                // if private key exists, set has private to true
                if (in_array($fingerprint, $privateKeyFingerprints)) {
                    $subKey->setHasPrivate(true);
                }

            } elseif ($lineExp[0] == 'uid') {

                $string = stripcslashes($lineExp[9]); // as per documentation
                $userId = new Crypt_GPG_UserId($string);

                if ($lineExp[1] == 'r') {
                    $userId->setRevoked(true);
                }

                $key->addUserId($userId);

            }
        }

        // add last key
        if ($key !== null) {
            $keys[] = $key;
        }

        return $keys;
    }
}