executing gpg on windows via php?

Zag0r

hey,

i'm running php4.3.1 + apache2.045 on winxp (dev bed).

i'm trying to use gpg to encrypt a string

$bar = 'c:/path/to/file.txt';
$foo = `c:/gpg/gpg.exe -ea -r bob < $bar`;

no matter what i do, i never get an output back, yet if i paste the exact command that is being executed into the cmd prompt, it works fine.

i've tried exec(), system(), passthru() etc.
i've tried redirecting the output to a text file

$wtf = `c:/gnupg/gpg.exe -ea -r bob < d:/foo.txt > d:/foo2.txt`;

like so, which again works fine if I execte from the cmd prompt.
but via php, i get a blank text file.
i've also tried using double slashes, etc.
quite literally tried everything i can think of, with a frustrating lack of results.

i would reallly appreciate any help anyone could provide. if there's something glaring obvious i'm doing wrong, i'd love to know.

dalecosp

Well, often this type of problem occurs when the web server doesn't have the same permission on the machine that you do, or the same environment that you do. Which user runs your web server (IOW, who does the web-server software run as?)

I suppose an alternative would be crypt() or md5() or something, but I image you're using gpg for mailing purposes.... 🙁

Zag0r

i've given apache2 (running under a user i created) all the permissions it needs, like i said i still never get anything back :/

dalecosp

Well, it's Windoze...have you tried the slashes going the other way 🙁 ??

gilreilly

Welling & Thomson's book, PHP and MySQL Web Development, 1st or 2d ed, has a chapter with code for encrypting GPG and sending it by email. (You don't need to do the email part.)

In 1st ed. it's chapter 15, the private_mail.php and send_private_mail scripts.

I got it to work in windows 98, under Apache 1.3.27-win32 and php 4.3.0.

They use the system() command:

system ($command, $result);

But for windows you need double backslashes in the paths in $command and $command needs to be on one line, e.g.:

$command = "C:\windows\gpg -a --output $outfile --recipient yourUserId@whatever.com --encrypt $infile";

system ($command, $result);

Also, for the last $fp in their listing, you need to do:

fclose ($fp);

after its last use.

To tell the system where to find the keyring use:

putenv (""GNUPGHOME=C:/gnupg/");

Now, can anyone help me write a script for decrypting a GPG message?

The problem is dealing with the passphrase. None of the references that I've found worked, e.g., using proc_open() with pipes. Some comments in the documentation hint that it can be done but give no details.

misterguru

I am in sort of the same boat:

I have gone as far as having PHP create a .bat file and have tried system() exec() passthru() backticks to execute it.

exec("cmd.exe /c start /separate mybatchcmd.bat");

will hang the browser until the commands in the .bat file are executed.

print start mybatchcmd.bat;

Whatever possibility. I think I have tried them all!

One suggestion was to destroy the session beforehand... I removed it entirely. It still holds the browser until commands are done.

Maybe Apache is holding the session up?

I guess I will load up Pearl or something else to accomplish the ONE task (copying 1 gig CF cards over firewire/usb2 to a directory). Or break out my dusty box of VB and write a separate little application.

gilreilly

Here's code for encrypting and decrypting GPG with PHP on windows 98 under Apache 1.3.27-win32 and php 4.3.0.
$command has to be on one line.
I had some trouble with directory names with spaces in them, but haven't tested that thoroughly.

<? // encrypt.php

putenv ("GNUPGHOME=C:/gnupg/");

$infile = "C:\gnupg\message.txt";
$fp = fopen ($infile, "r");
$text = fread ($fp, filesize ($infile) );
fclose ($fp);

echo "Text: $text"; // to see if it read OK

$command = "C:\windows\gpg -a --output C:\gnupg\encrypted.txt --recipient yourUserID@whatever.com --encrypt $infile";

system ($command, $result);
?>

<? // decrypt.php -- passfile.txt has your passphrase

putenv ("GNUPGHOME=C:/gnupg/");

$command = "C:\windows\gpg -a --output C:\gnupg\decrypted.txt --passphrase-fd 0 --decrypt C:\gnupg\encrypted.txt < C:\gnupg\passfile.txt ";

system ($command, $result);
?>