Encrypt files using PGP in PHP?
Question 1: About PGP
- PGP (Pretty Good Privacy) is a product and trademark of Symantec Corporation (they bought it some years ago).
- OpenPGP is the standard used by PGP.
- GnuPG (Gnu Privacy Guard) is a free and open source implementation of PGP.
So what you want to do is encrypt to an OpenPGP key. Which implementation of OpenPGP your client uses to decrypt the data is not important for you. With PHP, commonly GnuPG is used and there are interfaces built-in.
Question 2: Using GnuPG in PHP
Use the GnuPG interface, which is an extension that can be installed for PHP.
At first, import the key, where $keydata
is the ASCII armored public key:
<?php
$gpg = new gnupg();
$info = $gpg -> import($keydata);
print_r($info);
?>
Then use this key to encrypt the data, this time using the client's key's fingerprint:
<?php
$gpg = new gnupg();
$gpg -> addencryptkey("8660281B6051D071D94B5B230549F9DC851566DC");
$enc = $gpg -> encrypt("just a test");
echo $enc;
?>
If you want to encrypt files, read and pass them to encrypt()
. Be sure to use at least long key IDs (eg. DEADBEEFDEADBEEF
), better fingerprints (as in the example) when referencing keys; and never use short key IDs (DEADBEEF
), as those are vulnerable to collision attacks.
The is a more comprehensive example for doing both added by a user in the PHP manual.
How do I encrypt a file with gnupg and php?
Refering to the PHP-manpages (https://www.php.net/manual/en/function.gnupg-setarmor.php) the default output is a text file with base64 encoded data:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.22 (GNU/Linux)
hQMOAx1dL4VEMtgUEAv/cOuJDBZ8FIYk7kqsh2vOvW2WRUvOUi54xm1LPGxLPiMS
...
Using the gnupg-setarmor function you can set the output to a binary output:
gnupg_setarmor($res,0);
Here is the complete code:
<?php
// init
$res = gnupg_init();
// # add this line
gnupg_setarmor($res,0); // deactivate default armored output
gnupg_addencryptkey($res,"8660281B6051D071D94B5B230549F9DC851566DC");
$enc = gnupg_encrypt($res, "just a test");
echo $enc;
?>
PGP Encryption - PHP openssl
OpenSSL does not support OpenPGP, formats and protocols are different. Together with PHP, the most reasonable way to go is interfacing GnuPG using PHP's GnuPG module, I provided an example in the question Encrypt files using PGP in PHP?. Accessing GnuPG directly might be possible if you can execute arbitrary applications from PHP, but this will very likely be restricted (and is considerably more dangerous regarding exploitability).
If you're asked to send OpenPGP encrypted messages but have no access to GnuPG and this module, find another hosting company providing GnuPG, ask your current provider to do so or setup your own web server.
Related Topics
How to Iterate Over Non-English File Names in PHP
Http Options Request on Azure Websites Fails Due to Cors
How to Send Email with Attachment Using PHP
How to Upload and Parse a CSV File in PHP
Scaling a Chat App - Short Polling VS. Long Polling (Ajax, PHP)
PHP Conditionals, Brackets Needed
Relative Path Not Working in Cron PHP Script
PHP Daylight Saving Time Detection
Remove Xml Version Tag When a Xml Is Created in PHP
How to Echo Out Table Rows from the Db (Php)
Avoiding Form Resubmit in PHP When Pressing F5
Passing JavaScript Variable to PHP Using Ajax
Trying to Get Laravel 5 Email to Work
Having Problems While Try to Install Oauth with Pecl in Mamp on MAC Os Lion
How to Get the Unicode Value of a Character or Vise Versa with PHP