{"id":2213,"date":"2004-08-03T17:25:40","date_gmt":"2004-08-03T17:25:40","guid":{"rendered":"http:\/\/www.soulhuntre.com\/items\/date\/2004\/08\/03\/php-pgp-gpg-and-you\/"},"modified":"2004-08-03T17:25:40","modified_gmt":"2004-08-03T17:25:40","slug":"php-pgp-gpg-and-you","status":"publish","type":"post","link":"http:\/\/legacyiamsenseiken.local\/2004\/08\/03\/php-pgp-gpg-and-you\/","title":{"rendered":"PHP, PGP, GPG and you…"},"content":{"rendered":"

Ah, encryption. I recently had to use GPG<\/a>\/PGP<\/a> to encrypt some data to store in a database with PHP<\/a>. On the way to doing that I wound up doing a small proof of concept page. The code is shown below.<\/p>\n

In essence, the steps are:<\/p>\n

    \n
  1. Pull the clear text from the form at $_POST[‘plain’]\n
  2. Encrypt the data into $encrypted_message\n
  3. Put the encrypted data back into $_POST[‘crypted’]<\/li>\n<\/ol>\n

    I am storing the data back into the POST array so I can process it later with some code that is expecting to deal with data already in the form. That simply simulates that the encrypted data was POST’ed.<\/p>\n

    The form below also displayed the encrypted output. Be aware that there may be some errors in the HTML as I had to edit it down from the live client code for posting here and I haven’t tested it too heavily. Also note that it will display an encrypted text even on first run, it is simply encrypting nothing but by the nature of PGP<\/a>\/GPG<\/a> it looks like something \ud83d\ude42<\/p>\n

    This code was adapted from several examples around the net, in particular the PHP manual pages for proc_open<\/a>.<\/p>\n

    <\/p>\n

    <?php
        $gpg = ‘\/usr\/bin\/gpg’;
        $switches = ‘ –always-trust -a –batch –no-tty’;
        $recipient =     ‘some@pgp_user.com<\/a>‘;
        $command = “$gpg $switches -e -r $recipient”;<\/p>\n

        \/\/ take in the plain text data
        $message = $_POST[‘plain’];<\/p>\n

        $descriptorspec = array(
            0 => array(“pipe”, “r”), \/\/ stdin is a pipe that the child will read from
            1 => array(“pipe”, “w”), \/\/ stdout is a pipe that the child will write to
            2 => array(“file”, “\/tmp\/error-output.txt”, “a”) \/\/ stderr is a file to write to
        );<\/p>\n

        putenv(“GNUPGHOME=\/var\/www\/.gnupg”);
        $process = proc_open($command, $descriptorspec, $pipes);
        if (is_resource($process)) {
            \/\/ $pipes now looks like this:
            \/\/ 0 => writeable handle connected to child stdin
            \/\/ 1 => readable handle connected to child stdout
            \/\/ Any error output will be appended to \/tmp\/error-output.txt<\/p>\n

            fwrite($pipes[0], $message);
            fclose($pipes[0]);<\/p>\n

            while (!feof($pipes[1])) {
                $encrypted_message .= fgets($pipes[1], 1024);
            }
            fclose($pipes[1]);<\/p>\n

            \/\/ It is important that you close any pipes before calling
            \/\/ proc_close in order to avoid a deadlock
            $return_value = proc_close($process);
        }<\/p>\n

        $_POST[‘crypted’] = $encrypted_message;
    ?><\/p>\n

    <!DOCTYPE HTML PUBLIC “-\/\/W3C\/\/DTD HTML 4.01 Transitional\/\/EN”  “http:\/\/www.w3.org\/TR\/html4\/loose.dtd”>
    <html>
    <head>
    <meta http-equiv=”Content-Type” content=”text\/html; charset=iso-8859-1″>
    <title>GPG Proof of concept page.<\/title>
    <\/head><\/p>\n

    <body>
        <form name=”form1″ method=”POST” action=”gpg.php”>
        <p>Plaintext Data:<\/p>
        <p>
        <textarea name=”plain” cols=”80″ rows=”15″ id=”plain”><?php echo $_POST[‘plain’]; ?><\/textarea>
        <\/p>
        <p>
        <input type=”submit” name=”Submit” value=”Encrypt”>
        <\/p>
        <p>Encrypted Data (will always appear, even if blank input): <\/p>
        <p>
        <textarea name=”crypted_display” cols=”80″ rows=”15″ id=”crypted_display”><?php echo $_POST[‘crypted’]; ?><\/textarea>
        <\/p>
        <input name=”crypted” type=”hidden” id=”crypted”>
        <\/form>
    <\/body>
    <\/html><\/p>\n","protected":false},"excerpt":{"rendered":"

    Ah, encryption. I recently had to use GPG\/PGP to encrypt some data to store in a database with PHP. On the way to doing that I wound up doing a small proof of concept page. The code is shown below. In essence, the steps are: Pull the clear text from the form at $_POST[‘plain’] Encrypt […]<\/p>\n","protected":false},"author":3,"featured_media":56223,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"aside","meta":{"footnotes":""},"categories":[278],"tags":[],"_links":{"self":[{"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/posts\/2213"}],"collection":[{"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/comments?post=2213"}],"version-history":[{"count":0,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/posts\/2213\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/media\/56223"}],"wp:attachment":[{"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/media?parent=2213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/categories?post=2213"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/legacyiamsenseiken.local\/wp-json\/wp\/v2\/tags?post=2213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}