Hi Rob,

Yes, I have tried to list out the keys, and the path is indeed correct. What do you mean when you said that my keyID has to be 8-10 char? cause my ID is definitely less than that, and it's without the <e-mail> as well. I set the ID when I first created my key.

The funny thing is that why is it that i can encrypt using command lines in Linux but i can't do so when using PHP??? Is there any step which i have missed out??? and anyway, is it necessary to extract my public key to my server? Thanks once again.

Maegan.

    11 days later

    Maegan,

    Did you ever get PHP to encrypt with PGP, if so could you share the info with me as I was never able to get it running !

    Thanks,
    Peter

      Peter,

      I haven't got my PHP to run PGP yet. Still facing the same problems, but i'm beginning to think that it's caused by the pgppath that i set.

      Will let you know once i got it running.

      Maegan.

        Maegan,

        I finally have a PHP/PGP script that works, if you want a copy let me know and I'll email to you.

        & thank you everyone for your help !

        Peter

          could you post the solution here? that would be easier than all of us mailing you for the code.

          Thanks...

            Ok,

            Here is the solution. I've been through many PHP/PGP scripts that I could not get to work so I really don't remember where I got this one but believe it is based from a book written by Julie Meloni.

            <?
            $PublicKey="MyKey";

            $sender_name="Peter Sender";
            $sender_email="sender@my_email.com";
            $secret_msg=" Secret message PGP test";

            $time = time();
$msg = "Sender's Full Name:\t$sender_name\n";
  	$msg .= "Sender's E-Mail:\t$sender_email\n";
$msg .= "Secret Message\t$secret_msg\n\n";

//putenv("PGPPATH=/path/to/pgp");
    putenv("PGPPATH=/usr/local/bin/pgp");

// $clear = "/path/to/data";
    $clear = "/home/mydomain/www/temp/";
    $clear .= "$time.data"; 
    // echo "clear: $clear<BR>";

// $crypted = "/path/to/secure/data";
    $crypted = "/home/mydomain/www/temp/";
    $crypted .= "$time.asc";
    //$file="$time.asc";
    //echo "msg: $msg<BR>";

$fp = fopen("$clear", "w+") or die("Couldn't open $clear"); 
fwrite($fp, "$msg"); 
fclose($fp);
    //echo "clear: $clear<BR>";

            // this is for PGP 2.6.2, may be different for other versions
            system("/usr/local/bin/pgp -at $clear $PublicKey -o $crypted >/dev/null 2>&1");

            unlink("$clear"); 


$fd = fopen($crypted, "r")  or die("Couldn't open $crypted");
$mail_cont = fread($fd, filesize($crypted));
fclose($fd);

 // Make sure we have access to the encrypted file, & then copy it 
  chmod("/home/mydomain/www/temp/$time.asc", 0755);
  copy("/home/mydomain/www/temp/$time.asc", "/home/mydomain/www/save/$time.asc");


   unlink("$crypted"); 


$recipient = "test@mydomain.com";
    $sender_email = "me@mydomain.com";
$subject = "Secret Message";

$mailheaders = "From: My Web Site <\"\">\n";
$mailheaders .= "Reply-To: $sender_email\n\n";

@mail("$recipient", "$subject", "$mail_cont", "$mailheaders");


    //for testing
    // echo "<BR>encrypted message:<BR>$mail_cont<BR>";

            ?>

            Peter

              4 days later

              Peter,

              Have you faced any problem that says "Keyring not found" in PHP before? Cause I am currently facing that problem.

              Maegan.

                Maegan,

                I do racall having received the same error when installing a public key but cannot recall what caused it.
                To install a public key:
                pgp -ka keyfile_name pubring.pgp

                If receiving errors when running the script, it is likely that path to pgp (inside the script) is incorrect !
                putenv("PGPPATH=/usr/local/bin/pgp");
                or path to $clear or $crypted are incorrect.

                hope this helps !
                Peter

                  22 days later

                  Hi guys I am trying to do the same thing and have had some success with a script from Julie Meloni http://www.thickbook.com/srccode/phpessentials/php_srccode_ch8-1.phtml

                  There seems to be a small security problem with this script as it puts an unencrypted temporary file on the server for a few moments during encryption.

                  I need to have this all sorted out this week so any ideas will be appreciated.

                  mike.

                    Hi Mike,

                    I agree with you about the 'problem' of writing the clear text file to disk before encrypting.

                    I wrote Julie about that once. Her comment was along the line of it not being there for long before being unlinked and eventually overwritten. That's probably true.

                    But that prompted be to use pipes or popen. You found the thread at http://www.phpbuilder.com/forum/read.php3?num=2&id=115223&loc=0&thread=115223.

                    However, while I could get pipes and popen to work with PGP. I haven't been able to get them working with GPG. So I'm currently writing the clear text to disk for GPG (and then unlinking it).

                    Of course if you are receiving an uploaded file over SSL, it gets written to disk unencrypted and Julie's method is the only one applicable. I have this situation on one of my sites.

                    Rob

                      8 months later

                      Tom Palermo wrote:

                      Thanks for your reply. I've checked out the tutorial at webmonkey. It was very helpful to anyone who hasn't seen it and easy to understand if, like me, you don't have a lot of experience with PHP. Thanks again.

                        Write a Reply...