0

I have a Ubuntu server and I have installed GnuPG library and it can be visible when I do phpinfo() also, I tried

if (extension_loaded('gnupg')) {
    echo "GnuPG extension is loaded.<br>";
} else {
    echo "GnuPG extension is not loaded.<br>";
}

and that confirmed the extension is loaded.

I tried to create a public key using the CLI and it was successful. I could even export the key as a file but when tried to create a public key by running the same command in the PHP script it failed.

$command = "gpg --full-gen-key <<EOF
Key-Type: RSA
Key-Length: 2048
Name-Real: AAA Perera
Name-Email: [email protected]
Expire-Date: 0
%no-protection
%commit
EOF";
// Execute the command
exec($command, $output, $return_var);

echo '<pre>';
print_r($output);
echo '</pre>';

The output is just a blank array.

Then I tried to import the exported key via the CLI into the PHP and encrypt a file, but the import failed, I tried many many times and even tried to get COPILOT help to resolve the case but still couldn't import the key, or encrypt the file. Please check the PHP script below and guide me to resolve this issue. Thank you.

putenv("GNUPGHOME=/home/ubuntu/.gnupg");
$gpg = new gnupg();
$gpg->seterrormode(gnupg::ERROR_EXCEPTION);
if(file_exists('xxxx-public-key-test1.asc')){
        echo 'Yes, file exist <br>';
}else{
        echo 'No, file not found <br>';
}
// This out put the file is exist
$keyData =  file_get_contents('xxxxx-public-key-test1.asc');
echo $keyData;
// This out put the key file content
$importResult = $gpg->import($keyData);
$errorInfo = $gpg->geterrorinfo();
print_r($errorInfo);
// This out put below error 
/*
Array ( [generic_message] => [gpgme_code] => 0 [gpgme_source] => Unspecified source [gpgme_message] => Success )
*/
if ($importResult === false) {
    echo "Error importing key: " . $gpg->geterror();
} else {
    echo "Key imported successfully.";
}
// This out put only Error importing key but no actual errors
Improve this question
2
  • 2
    hint: php.net/manual/en/book.gnupg.php Commented Jun 24, 2024 at 10:58
  • 1
    exec() only returns STDOUT and ignores STDERR. You're also not checking the return code which would help indicate what went wrong. I second @MarcinOrlowski's suggestion on using actual GPG library calls rather than exec. But also generally recommend using proc_open() for invoking external programs as it allows for full granular control over all aspects of the execution. Commented Jun 24, 2024 at 23:29

1 Answer 1

Reset to default
0

After trying many things I could find the answer. the actual problem was with these two lines

putenv("GNUPGHOME=/home/ubuntu/.gnupg");

even though I put this path it wasn't accessible by the GnuPG. So, I created a separate folder inside /var/www and gave the ownership to www-data

mkdir /var/www/.gnupg
chown www-data:www-data /var/www/.gnupg

This was mentioned in the PHP document user contributed notes in this page. https://www.php.net/manual/en/function.gnupg-import.php

The other issue was, that I mistakenly identified that the below addencryptkey is the fingerprint, but it is actually the fingerprint but the ID of the fingerprint that I have to put there. The ID can be found using $keys = $gpg->keyinfo('*');

$gpg->addencryptkey('F7490000A0269FD2');

Hope this will be helpful for someone.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.