 |
Submit Your Code | |
 |
SEO Monitor | |
 |
UpTime Monitor | |
 |
PHP Code Contest | |
 |
My Favorite Examples | |
|
My Favorite Articles | |
 |
Update Your Profile | |
|
|
| More Weber Sites | ||
| PHP Code Search | ||
| Web Development Forums | ||
| Learn MySQL Playing Trivia | ||
| PHPBB2 Templates | ||
| Web Development Index | ||
| Web Development Resources | ||
| Web Development Content | ||
| Recommended Links | ||
| PHPClasses | ||
| PHP Editor | ||
| PHP Jobs | ||
| Vision.To Design | ||
| Ajax Tutorials | ||
| PHP Programming Help | ||
| PHP/MySQL Programming | ||
| Webmaster Resources | ||
| Webmaster Forum | ||
| XML meta language | ||
| website builder | ||
| Recommended | ||
| Mobile Dev World | ||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Code | |||||
As a result of the thread on PGP/gpg, somebody asked me to post my script. It's not so much a script as a few lines of code, and hours and hours of playing with gpg to make it work :-) But here it is, with copious notes: // This "script" and its comments apply only // to taking a chunk of text and using a // public key to encrypt it for a private // key to decode. // A private key on a web server that // PHP can get to just isn't private. // If you wanna argue that, take it up with // Werner & co. I'm just parroting what // they said. :-) $data = "Text to encrypt." // Explanation follows... $command = "echo '$data' | /full/path/gpg -a --batch --no-secmem-warning -e -u 'webmaster' -r 'sales'"; /* -u 'webmaster' ==> the "From" user that PHP masquerades as It needs to be the first user you set up in gpg with a private/public key pair gpg doesn't grok the idea of an anonymously publicly encrypted message NOTE: I heard that newer versions of gpg do this okay. -r 'sales' ==> the "To" user for which you keep *ONLY* the public key on your web server The private key matching 'sales's public key should be considered the "Secret Decoder Ring" Under no circumstances should it be on your web server at any time. The other flags are well-explained by 'gpg --help' */ // Store HOME and set it to what gpg needs. // This may not be needed any more... $oldhome = getEnv("HOME"); putenv("HOME=/path/to/the/home/dir/of/webmaster/above/"); // Actually execute the command $result = exec($command, $encrypted, $errorcode); // Restore HOME, silly as it is. putenv("HOME=$oldhome"); if ($errorcode){ echo "Error $errorcode encrypting your data.<BR>\n"; echo "99.999% of the time this boils down to path/permissions.<BR>\n"; exit; } $encrypteddata = implode("\n", $encrypted); References: http://www.gnupg.org http://www.php.net | |||||
| Related Code Examples | |||||
