SWD Technical Solutions - Atlantic Franchise Swellendam



Home arrow FAQs arrow How can I use PGP with PHP? Make Text BiggerMake Text SmallerReset Text Size
Contact Us - ADSL - Hosting - Domains - Sign up - Live Help

How can I use PGP with PHP?

We would recommend using GnUPG because it can be used for commercial sites without a license.

You will need telnet or SSH access - SSH is more secure. Also a linux machine and a copy of PGP installed on your machine. You will also need to generate a key pair, this consists of a public and private key. The public key is uploaded to the server the private key is kept on your machine. See the PGP help file for more information. GnUPG must be installed, (Check with your server admin) Access the shell as your user then do the following command :-
mkdir .gnupg
chmod 777 .gnupg
gpg --gen-key

use a dummy name and when it gets to the bit where it generates the keys make sure the machine is doing I/O to get the entropy.. ie. telnet in again and do a du / or something - its best to have this ready and just hit enter as you finish the key creation

This creates a dummy key pair, this is not used but is needed.

This takes anything from a few seconds to a few minutes depending on the speed of the server.

as the user, just ftp the ascii public key to the server. This will be called something.asc. Upload it making sure its ASCII not binary (See your FTP software help file)

then type ..

gpg --import file.asc

Then ..

gpg --list-keys

get the name of the new key that was uploaded, this will be something like :-
pub 1024D/FA46F142 2000-11-03 Jonny Bravo

The next part is to set the permissions for the .gnupg directory so the webserver can access the files. Type the following commands :-

cd .gnupg
chmod 666 trustdb.gpg
chmod 604 secring.gpg
chmod 604 random_seed
chmod 644 pubring.gpg
cd ..

Example code is as follows :-

<?
//Set the username to the user on the server
$username "dummy";
$pgp="/usr/local/bin/gpg";
// User that is sending the e-mail (In the from address etc..)
$user="Jonny Bravo < This e-mail address is being protected from spam bots, you need JavaScript enabled to view it >";
//This is the key that was uploaded, i.e. the recipent of the PGP message
$recp="First Last < This e-mail address is being protected from spam bots, you need JavaScript enabled to view it >";
$data="Text that will be encrypted";
$command 'echo "'.$data.'" | '.$pgp.' -a --always-trust --batch --no-secmem-warning -e -u "'.$user.'" -r "'.$recp.'"';
$oldhome getEnv("HOME");
putenv("HOME=/home/$username");
$result exec($command$encrypted$errorcode);
putenv("HOME=$oldhome");
$message implode("\n"$encrypted);
if(ereg("-----BEGIN PGP MESSAGE-----.*-----END PGP MESSAGE-----",$message))
{
        echo "It Worked";
}else
{
        echo "It failed";
}
$subject="Test message";
$header="From: $user";
echo "Message<br>";
echo nl2br($message);
mail($recp,$subject,$message,$header);
?>


Based on original by Kelvin Phillips.

 
Tag it:
Delicious
Furl it!
Spurl
digg
Blinkbits
BlinkList
blogmarks
co.mments
connotea
De.lirio.us
digg
Fark
feedmelinks
LinkaGoGo
Ma.gnolia
Netvouz
NewsVine
RawSugar
Reddit
Shadows
Simpy
Smarking
TailRank
Wists
YahooMyWeb
!
< Prev   Next >
[ Back ]
Joomla Template by Chris Bruce - Fatboys Team