Programming Tutorials

Encrypting files using GnuPG (GPG) via PHP

By: Darrell Brogdon Printer Friendly Format    

Quite often your PHP scripts are written to run automatically within the web server without any intervention by you. What kind of life can you expect to lead if you have to enter your GnuPG passphrase every time PHP tries to decrypt a file? But we're getting a little ahead of ourselves. Let's first look at how we can encrypt a file with GnuPG and PHP. 

The following script does just that:

<?php 
$gpg = '/usr/bin/gpg'; 
$recipient = '[email protected]'; 
$secret_file = 'secret_file.txt'; 

echo shell_exec("$gpg -e -r $recipient $secret_file"); 
?> 

After running this script you will find 'secret_file.txt.gpg' in your directory (Again, make sure '[email protected]' is in your public key ring!). This is assuming that GnuPG generated no errors. If it did then they will be echoed to STDOUT. 

From here there are several things you can do. For one, if there are any errors you probably want to look for them within the script instead of just echoing them for the entire world to see. You might also want to email the encrypted file to Mr. Doe using PHP's mail()command.

But what if you want to encrypt raw data not contained in a file? This too is possible by piping the data directly to GnuPG:

<?php 
$gpg = '/usr/bin/gpg'; 
$recipient = '[email protected]'; 
$encrypted_file = 'foo.gpg'; 

shell_exec("echo $argv[1] | $gpg -e -r $recipient -o $encrypted_file"); 
?> 

This script takes the value of $argv[1], the first argument after the script name, and passes it to GnuPG for encrypting. GnuPG, using the -oswitch, writes the encrypted data out to $encrypted_file. Again, you will probably want to check for and deal with any errors generated by GnuPG.

Another option is to leave off the -o $encrypted_filepart and store the encrypted data inside a variable. That way you can use PHP to do with the encrypted data as you please, saving valuable file I/O.

<?php 
$gpg = '/usr/bin/gpg'; 
$recipient = '[email protected]'; 
$encrypted_message = base64_encode(shell_exec("echo $argv[1] | $gpg -e -r $recipient")); 
mail('[email protected]', 
'Your Encrypted Message', 
$enrypted_message); 
?>

If you do this is especially important that you Base-64 encode the data so you can play nice with the email client receiving the encrypted message.





Most Viewed Articles (in PHP )

Latest Articles (in PHP)

Comment on this tutorial

Subscribe to Tutorials

Related Tutorials

Archived Comments

1. Take a look at http://www.php.net/manual/en/ref.gn
View Tutorial          By: Stephanie Daugherty at 2012-06-07 22:05:52

2. Phylliscicky
View Tutorial          By: Phylliscicky at 2017-01-31 02:46:34

© 2019 Java-samples.com

Tutorial Archive: Data Science  Android  AJAX  ASP.net  C  C++  C#  Cocoa  Cloud Computing  EJB  Java  Certification  Interview  iPhone  Javascript  JSF  JSP  Java Beans  J2ME  JDBC  Linux  Mac OS X  MySQL  Perl  PHP  Python  Ruby  SAP  VB.net  EJB  Struts  Trends  WebServices  XML  Office 365  Hibernate

Latest Tutorials on: Data Science  Android  AJAX  ASP.net  C  Cocoa  C++  C#  EJB  Java  Certification  Interview  iPhone  Javascript  JSF  JSP  Java Beans  J2ME  JDBC  Linux  Mac OS X  MySQL  Perl  PHP  Python  Ruby  SAP  VB.net  EJB  Struts  Cloud Computing  WebServices  XML  Office 365  Hibernate