As a result of the thread on PGP/gpg, somebody asked me to post my script.
It's not so much a script as a few lines of code, and hours and hours of playing with gpg to make it work :-)
But here it is, with copious notes:
// This "script" and its comments apply only
// to taking a chunk of text and using a
// public key to encrypt it for a private
// key to decode.
// A private key on a web server that
// PHP can get to just isn't private.
// If you wanna argue that, take it up with
// Werner & co. I'm just parroting what
// they said. :-)
$data = "Text to encrypt."
// Explanation follows...
$command = "echo '$data' | /full/path/gpg -a --batch --no-secmem-warning -e -u 'webmaster' -r 'sales'";
-u 'webmaster' ==> the "From" user that PHP masquerades as
It needs to be the first user you set up in gpg
with a private/public key pair
gpg doesn't grok the idea of an anonymously publicly
NOTE: I heard that newer versions of gpg do this okay.
-r 'sales' ==> the "To" user for which you keep *ONLY*
the public key on your web server
The private key matching 'sales's public key
should be considered the "Secret Decoder Ring"
Under no circumstances should it be on your
web server at any time.
The other flags are well-explained by 'gpg --help'
// Store HOME and set it to what gpg needs.
// This may not be needed any more...
$oldhome = getEnv("HOME");
// Actually execute the command
$result = exec($command, $encrypted, $errorcode);
// Restore HOME, silly as it is.
echo "Error $errorcode encrypting your data.<BR>\n";
echo "99.999% of the time this boils down to path/permissions.<BR>\n";
$encrypteddata = implode("\n", $encrypted);
|Validation function for LUHNMod10 and variant. Can discriminate credit card numbers of varying lengths. Uses [Double >> Sum-of-Digits] transform.|
Categories : Credit Cards, Authentication, Ecommerce, PHP
|credit card security code|
Categories : PHP, Credit Cards, PHP Classes, Credit Cards
|A set of functions to check the validity of a credit card number.|
Categories : Ecommerce, Credit Cards, PHP
|Credit Card validation routine. Uses MOD 10 to check if credit card number is valid.|
Categories : Ecommerce, Credit Cards, PHP, Complete Programs
|Real-Time Transaction Processing PHP Class. Credit Cards & Checks. Supports system check, address verification, authorization and deposit, deposit, credit, commercial card, electronic check debit, and more.|
Categories : PHP Classes, OpenSSL, Credit Cards, Ecommerce, Verisign Payflow Pro
|an example of the cyberlib payment class|
Categories : PHP, PHP Classes, Ecommerce, Credit Cards
|Credit Card Identification and Validation Class - The credit_card class provides methods for cleaning, validating and identifying the type of credit card numbers.|
Categories : PHP, PHP Classes, Credit Cards, Ecommerce, Algorithms
|After discovering some credit card validation routines didnt work - here is one that I found works with all the numbers I have tried so far|
Categories : Credit Cards, Ecommerce, PHP
|Credit Card Numbers for testing|
Categories : Credit Cards, Ecommerce, Debugging
|ECHO-Perl Module Credit Card, Check and ACH Transaction Processor|
Categories : Perl, Cybercash, Classes and Objects, Ecommerce, Credit Cards
|Validating Credit Card Numbers Without Bank Involvement
Categories : Credit Cards, Ecommerce, Java Script
|ECHOcart - Open Source Shopping Cart|
Categories : PHP, Credit Cards, Ecommerce
|PCAC (pretty cool auction client), auction client server applications|
Categories : PHP, MySQL, Ecommerce
|SQL / PHP based Integrated Authentication|
Categories : PHP, Authentication, Databases, MySQL
|complete, simple, working example of a login screen/system using php functions, cookies, and a mysql database for begginers.|
Categories : Authentication, Complete Programs, PHP, MySQL, Databases