GPG Mail Encryption from PGP code

RBCoomer

Can anyone offer any tips for tracing a GPG/PHP mail encryption problem?

I have a site that builds an email message containing customet information and CC details. I want to encrypt the message part prior to sending. I have tested GPG by encrypting files on the server, downloading and decrypting without a problem but when trying to adapt this process to email a message only a very short mail is recieved with garbage text. The GPA (V0.4.0) plugin for Outlook reports that the mail is neither signed nor encrypted and indeed it is less than half the size of a plain-text email. The same short text is displayed if the 'encrypted' string is echoed in PHP...

The code I'm using is as follows:-
$encrypted = base64_encode(shell_exec("echo $message | $gpg_path -e -a --always-trust --no-tty -r $mail_recipient 2>&1"));

The path is './usr/bin/gpg'.
The message is between 20 and 40 lines (approx 500 chars).
The mail recipient is myself and the keys etc are valid and encrypt in the shell.

Sorry but I have to use Outlook as this is what the client runs! ;-) I don't believe the problem is here anyway because an 'echo $encrypted' displays the same - about 15 chars!

Any debugging tips would be welcome as I've only been using PHP for about 4 weeks: It's called a baptism of fire!

Regards

R-)

dalecosp

Well, it's been sitting here a while, and as yet you have no responses, so I'll throw out a basic question so you can say "of course, fool" --- but at least the message won't be on page 2 quite so quick:

You are able to successfully perform other shell_exec() commands, right?

RBCoomer

Hi Dalecosp,

Hey a reply :-)

Unfortunately, 'yes' - I have another shell command on another page that works. I have however just tried pushing a dir command into a $dir string and echoed this to the page: result a full list of pages!

Thanks for the reply anyway, it's usually the obvious stuff that you overlook isn't it?

I have since tested GPG by creating another Outlook user and sending encrypted mail between the two - this works OK so for once the problem isn't with Outlook...

Regards,

marky2coats

I might be missing something here, but do you really need to base64_encode the output from gpg as you allready have -a (ascii armoured) output?

Mark

RBCoomer

Thanks Mark, I'd actually moved that bit already in trying to break the code down into sections. Result: the short string of garbage was actually a base-64 encoded error message and once I had that, I then determined that the GPG could not find the keyrings and hence the process was failing! I got the code from a security 'how-to' and I guess belt and braces was the aim of the game there! I have now fixed the path to the keyrings and also left out the additional encoding level as it seems to confuse Outlook somewhat too! I'm assuming that this layer is not essential anyway as the final result looks pretty encoded to me!

Many thanks for the replies folks - hopefully I can one day return the favour. I think the lesson here is a reminder not to assume that 'donated' code will always work but instead take it step by step!

My end result is however encrypted mail from web-server to client just as required - so I'm chuffed! A bit more tidying up and I'm done!

Excellent forum here by the way and I love PHP - it's rekindled my desire to write serious code after a 7+ year break! My programming retired with the rise of GUI languages such as VB but I'll definately be doing more of this! ;-)