Encrypting files using GnuPG (GPG) via PHP
By: Darrell Brogdon in PHP Tutorials on 2011-01-24
Quite often your PHP scripts are written to run automatically within the web server without any intervention by you. What kind of life can you expect to lead if you have to enter your GnuPG passphrase every time PHP tries to decrypt a file? But we're getting a little ahead of ourselves. Let's first look at how we can encrypt a file with GnuPG and PHP.
The following script does just that:
<?php
$gpg = '/usr/bin/gpg';
$recipient = '[email protected]';
$secret_file = 'secret_file.txt'; echo shell_exec("$gpg -e -r $recipient $secret_file");
?>
After running this script you will find 'secret_file.txt.gpg' in your directory (Again, make sure '[email protected]' is in your public key ring!). This is assuming that GnuPG generated no errors. If it did then they will be echoed to STDOUT.
From here there are several things you can do. For one, if there are any errors you probably want to look for them within the script instead of just echoing them for the entire world to see. You might also want to email the encrypted file to Mr. Doe using PHP's mail()command.
But what if you want to encrypt raw data not contained in a file? This too is possible by piping the data directly to GnuPG:
<?php
$gpg = '/usr/bin/gpg';
$recipient = '[email protected]';
$encrypted_file = 'foo.gpg';
shell_exec("echo $argv[1] | $gpg -e -r $recipient -o $encrypted_file");
?>
This script takes the value of $argv[1], the first argument after the script name, and passes it to GnuPG for encrypting. GnuPG, using the -oswitch, writes the encrypted data out to $encrypted_file. Again, you will probably want to check for and deal with any errors generated by GnuPG.
Another option is to leave off the -o $encrypted_filepart and store the encrypted data inside a variable. That way you can use PHP to do with the encrypted data as you please, saving valuable file I/O.
<?php
$gpg = '/usr/bin/gpg';
$recipient = '[email protected]';
$encrypted_message = base64_encode(shell_exec("echo $argv[1] | $gpg -e -r $recipient"));
mail('[email protected]',
'Your Encrypted Message',
$enrypted_message);
?>
If you do this is especially important that you Base-64 encode the data so you can play nice with the email client receiving the encrypted message.
Add Comment
This policy contains information about your privacy. By posting, you are declaring that you understand this policy:
- Your name, rating, website address, town, country, state and comment will be publicly displayed if entered.
- Aside from the data entered into these form fields, other stored data about your comment will include:
- Your IP address (not displayed)
- The time/date of your submission (displayed)
- Your email address will not be shared. It is collected for only two reasons:
- Administrative purposes, should a need to contact you arise.
- To inform you of new comments, should you subscribe to receive notifications.
- A cookie may be set on your computer. This is used to remember your inputs. It will expire by itself.
This policy is subject to change at any time and without notice.
These terms and conditions contain rules about posting comments. By submitting a comment, you are declaring that you agree with these rules:
- Although the administrator will attempt to moderate comments, it is impossible for every comment to have been moderated at any given time.
- You acknowledge that all comments express the views and opinions of the original author and not those of the administrator.
- You agree not to post any material which is knowingly false, obscene, hateful, threatening, harassing or invasive of a person's privacy.
- The administrator has the right to edit, move or remove any comment for any reason and without notice.
Failure to comply with these rules may result in being banned from submitting further comments.
These terms and conditions are subject to change at any time and without notice.
- Data Science
- Android
- React Native
- AJAX
- ASP.net
- C
- C++
- C#
- Cocoa
- Cloud Computing
- HTML5
- Java
- Javascript
- JSF
- JSP
- J2ME
- Java Beans
- EJB
- JDBC
- Linux
- Mac OS X
- iPhone
- MySQL
- Office 365
- Perl
- PHP
- Python
- Ruby
- VB.net
- Hibernate
- Struts
- SAP
- Trends
- Tech Reviews
- WebServices
- XML
- Certification
- Interview
categories
Related Tutorials
Send push notifications using Expo tokens in PHP
PHP convert string to lower case
A Basic Example using PHP in AWS (Amazon Web Services)
Different versions of PHP - History and evolution of PHP
PHP code to write to a CSV file for Microsoft Applications
PHP code to write to a CSV file from MySQL query
PHP code to import from CSV file to MySQL
Password must include both numeric and alphabetic characters - Magento
Resume or Pause File Uploads in PHP
PHP file upload prompts authentication for anonymous users
PHP file upload with IIS on windows XP/2000 etc
Comments