Can't run GPG through php on linux (works fine through telnet)

Andy Freeman news@symbad.co.uk
Tue May 21 15:33:01 2002


And, finally,
Oh yeah don't forget to chown nobody:nobody or nobody:root the text files
and PHP scripts etc

----- Original Message -----
From: "Andy Freeman" <andy@symbad.co.uk>
To: "GnuPG Users' List" <gnupg-users@gnupg.org>
Sent: Tuesday, May 21, 2002 2:32 PM
Subject: Re: Can't run GPG through php on linux (works fine through telnet)


> Thanks for your help ..
>
> one of our web designers found the answer !
>
> he just followed the process on web monkey
> (http://hotwired.lycos.com/webmonkey/00/20/index3a_page4.html )
>
> Another useful link is
> http://www.alt-php-faq.org/local/65/
>
> This script assumes that :
>
> 1) Your php web user is called "nobody"
> 2) nobody has a home directory of "/home/customers/nobody/"
> 3) this path contains a folder ".gnupg", which in turn contains the
> keyring.gpg
> 4) the path to the gpg exe is /usr/local/bin/gpg
>
> You also need to
> chmod +s /user/local/bin/gpg
>
> I believe that this is all you need to know,
> but since i don't fully understand the process,
> i'm not entirely sure ...
>
>
> <?php
>
> // usage $crypted_data = gnupg_crypt($data_to_encrypt);
> function gnupg_crypt($msg) {
>
> //set the environment variable for GPGPATH
> putenv("GNUPGHOME=/home/customers/nobody/.gnupg");
>
> //generate token for unique filenames
> $tmpToken = md5(uniqid(rand()));
>
> //create vars to hold paths and filenames
> $plainTxt = "/home/customers/nobody/" . "$tmpToken" . "data";
> $crypted = "/home/customers/nobody/" . "$tmpToken" . "pgpdata";
>
> //open file and dump in plaintext contents
> $fp = fopen($plainTxt, "w+");
> fputs($fp, $msg);
> fclose($fp);
>
> //invoke GPG to encrypt file contents
> system("/usr/local/bin/gpg --encrypt -ao $crypted -r 'Key_Name
(Key_Comment)
> <Key_main_addr>' $plainTxt");
>
> //open file and read encrypted contents into var
> $fd = fopen($crypted, "r");
> $output = fread($fd, filesize($crypted));
> fclose($fd);
>
> //delete files!
> unlink($plainTxt);
> unlink($crypted);
>
> return $output;
>
>
> }
>
> ?>
>
> Long live GNU
>
> Andy Freeman
>