#!/var/tiggerisp/tmp/php-5.1.6/sapi/cli/php
<?PHP

  // {{{ mailParseHeaders
  function mailParseHeaders ($Header) {
    $Headers_in = split ("\n", $Header);
    $Headers = array ();
    $Last = null;
    
    foreach ($Headers_in as $buf) {
      $p = strpos ($buf, ":");   if ($p  < 1) $p  = strlen ($buf);
      $ps = strpos ($buf, " ");  if ($ps < 1) $ps = strlen ($buf);
      $pt = strpos ($buf, "\t"); if ($pt < 1) $pt = strlen ($buf);
      
      if ($p < min ($ps, $pt)) {
        if (!isset ($Headers [strtolower (substr ($buf, 0, $p))])) $Headers [strtolower (substr ($buf, 0, $p))] = array ();
        
        $Headers [$Last = strtolower (substr ($buf, 0, $p))][] = trim (substr ($buf , $p + 1));
        $Headers ["__Name_Map"][$Last] = substr ($buf, 0, $p);
      } elseif ($Last !== null)
        $Headers [$Last][count ($Headers [$Last]) - 1] .= "\n" . rtrim ($buf);
    }
    
    return $Headers;
  }
  // }}}
  
    function logErr ($msg) {
    print $msg . "\n";
  }
  
  function parseAndEncrypt ($GnuPG, $Headers, $Content) {
    // Determine content-type
    $Type = "text/plain";
    $TypeExtra = "";
    
    if (isset ($Headers ["content-type"]))
      foreach ($Headers ["content-type"] as $Type);
    
    if (($p = strpos ($Type, ";")) > 0) {
      $TypeExtra = trim (substr ($Type, $p + 1));
      $Type = substr ($Type, 0, $p);
    }
    
    // Handle body of mail
    switch ($Type) {
      // Do not handle this types
      case "application/pgp-encrypted":
        break;
      
      case "multipart/mixed":
        // Generate Boundary for this mail
        $PGP_Boundary = "--twencmail-" . md5 ($Content);
        
        // Switch to amored output
        $GnuPG->setArmor (1);
        
        // Rewrite the content-type
        $Content = "This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156)\n" .
                   "--" . $PGP_Boundary . "\n" .
                   "Content-Type: application/pgp-encrypted\n" .
                   "Content-Description: PGP/MIME version identification\n\n" .
                   "Version: 1\n\n" .
                   "--" . $PGP_Boundary . "\n" .
                   "Content-Type: application/octet-stream; name=\"encrypted.asc\"\n" .
                   "Content-Description: OpenPGP encrypted message\n" .
                   "Content-Disposition: inline; filename=\"encrypted.asc\"\n\n" .
                   
                   $GnuPG->encrypt ("Content-Type: " . $Type . ($TypeExtra != "" ? "; " . $TypeExtra : "") . "\n\n" .
                                    $Content) . "\n" .
                   
                   "--" . $PGP_Boundary . "--\n";
        
        // Rewrite the content-type
        $Type = "multipart/encrypted";
        $TypeExtra = "\n\tprotocol=\"application/pgp-encrypted\"; boundary=\"" . $PGP_Boundary . "\"";
        
        break;
      
      default:
        logErr ("Unknown Type $Type");
      case "text/plain":
        if (strpos ($Content, "-----BEGIN PGP MESSAGE-----") < 1) {
          $GnuPG->setArmor (1);
          $Content = $GnuPG->encrypt ($Content);
        }
    }
    
    // Write new content-type back
    $Headers ["content-type"] = array (
      $Type . ($TypeExtra != "" ? ";" . $TypeExtra : "")
    );
    
    $Headers ["x-tiggerswelt-service"] = array ("mailboxGPG v0.1");
    
    // Regenerate E-Mail
    $Output = "";
    
    foreach ($Headers as $Name=>$Header) {
      if ($Name == "__Name_Map") continue;
      if (isset ($Headers ["__Name_Map"][$Name])) $Name = $Headers ["__Name_Map"][$Name];
      
      foreach ($Header as $Line)
        $Output .= $Name . ": " . $Line . "\n";
    }
    
    $Output .= "\n" . $Content . "\n";
    
    // Do the return
    return $Output;
  }
  
  if (!class_exists ("GnuPG")) die ("No GnuPG-Support in this PHP-Version\n");
  
  // Set Environment
  putenv("GNUPGHOME=" . dirname(__FILE__));
  error_reporting (E_ALL);
  
  // Initialise GnuPG
  $GnuPG =& new GnuPG ();
  $GnuPG->setErrorMode(GnuPG::ERROR_WARNING);
  
  // Import initial GnuPG-Data
  if ($f = @fopen ($fn = "key.asc", "r")) {
    $GnuPG->import (fread ($f, filesize ($fn)));
    fclose ($f);
  }
  
  // Read input
  if (($argv [1] != "") && is_file ($argv [1]))
    $f = fopen ($argv [1], "r");
  else
    $f = fopen ("php://stdin", "r");
  
  if (!is_resource ($f)) die ("No input-stream selected\n");
  
  $buf = "";
  
  while (!feof ($f))
    $buf .= fgets ($f);
  
  fclose ($f);
  
  // Parse input
  if (($p = strpos ($buf, "\n\n")) < 1) die ("Invalid format");
  
  $Header = substr ($buf, 0, $p);
  $Body   = substr ($buf, $p + 2);
  
  $Headers = mailParseHeaders ($Header);

  
  // Find suitable keys
  if (!is_array ($info = $GnuPG->keyInfo ("tigger@tiggerswelt.net")))
    die ("No suitable key for encryption found");
  
  foreach ($info as $key) {
    $Fingerprint = "";
    
    foreach ($key ["subkeys"] as $subkey)
      if (isset ($subkey ["fingerprint"])) {
        $Fingerprint = $subkey ["fingerprint"];
        break;
      }
      
    if ($Fingerprint == "") continue;
    
    foreach ($key ["subkeys"] as $subkey)
      if ($subkey ["can_encrypt"] == 1) {
        $GnuPG->addEncryptKey ($Fingerprint);
        break (2);
      }
  }
    
  // Encrypt and output
  print parseAndEncrypt ($GnuPG, $Headers, $Body);

?>