How do you use the PHP OpenPGP library?

Question

There is a PHP extension port of the gnupg PGP library. However, I'm having a hard time finding examples that explain how to use the library.

How do you properly create keys for application users, and then use them to encrypt/decrypt text using the GnuPG library?

score 15 · Accepted Answer · answered Sep 17 '12 at 18:46

15

See this URL it is very help full to you. Download example and try it.

https://github.com/singpolyma/openpgp-php

Or Try it:-

You can download lib/openpgp.php and lib/openpgp_crypt_rsa.php files in above the URL.

examples/keygen.php

<?php

require dirname(__FILE__).'/../lib/openpgp.php';
require dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';

$rsa = new Crypt_RSA();
$k = $rsa->createKey(512);
$rsa->loadKey($k['privatekey']);

$nkey = new OpenPGP_SecretKeyPacket(array(
   'n' => $rsa->modulus->toBytes(),
   'e' => $rsa->publicExponent->toBytes(),
   'd' => $rsa->exponent->toBytes(),
   'p' => $rsa->primes[1]->toBytes(),
   'q' => $rsa->primes[2]->toBytes(),
   'u' => $rsa->coefficients[2]->toBytes()
));

$uid = new OpenPGP_UserIDPacket('Test <test@example.com>');

$wkey = new OpenPGP_Crypt_RSA($nkey);
$m = $wkey->sign_key_userid(array($nkey, $uid));

print $m->to_bytes();

examples/sign.php

<?php

require dirname(__FILE__).'/../lib/openpgp.php';
require dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';

/* Parse secret key from STDIN, the key must not be password protected */
$wkey = OpenPGP_Message::parse(file_get_contents('php://stdin'));
$wkey = $wkey[0];

/* Create a new literal data packet */
$data = new OpenPGP_LiteralDataPacket('This is text.', array('format' => 'u', 'filename' => 'stuff.txt'));

/* Create a signer from the key */
$sign = new OpenPGP_Crypt_RSA($wkey);

/* The message is the signed data packet */
$m = $sign->sign($data);

/* Output the raw message bytes to STDOUT */
echo $m->to_bytes();

?>

examples/verify.php

<?php

require dirname(__FILE__).'/../lib/openpgp.php';
require dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';

/* Parse public key from STDIN */
$wkey = OpenPGP_Message::parse(file_get_contents('php://stdin'));
$wkey = $wkey[0];

/* Parse signed message from file named "t" */
$m = OpenPGP_Message::parse(file_get_contents('t'));

/* Create a verifier for the key */
$verify = new OpenPGP_Crypt_RSA($wkey);

/* Dump verification information to STDOUT */
var_dump($verify->verify($m));

?>

answered Sep 17 '12 at 18:46

Abid Hussain

7,724
3
35
53

13

Doing encryption with a random PHP library found on the net, which reimplements PGP from scratch, with none of the authors being a cryptographer, and the library apparently a work in progress (half the functions have a single `//TODO` as their body). What could go wrong? – Tgr Aug 01 '15 at 00:34
1

@Tgr "The ultimate ignorance is rejection of something you know nothing about yet refuse to investigate." The only thing that could be dangerous about this is the call to `createKey()`, which comes from https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Crypt/RSA.php#L576, which calls, what was that? OpenSSL. OpenSSL is now a "random PHP library found on the net"? Please do some research before writing comments like these. – Fredrick Brennan Oct 11 '15 at 14:49
@8chan, key generation is actually not the only part of crypto that can contain dangerous mistakes - encryption can too (I would think that obvious). Also, phpseclib (which, unlike openpgp-php, did get some amount of scrutiny, although [not nearly as much as OpenSSL](http://security.stackexchange.com/questions/44581/is-phpseclib-a-secure-and-reliable-alternative-to-openssl)) does it's own key generation if OpenSSL is not available, and reimplements the actualy encryption in pure PHP. And even when you have a safe cryptographic primitive, you can apply it in insecure ways. – Tgr Nov 02 '15 at 01:46
1

I am getting the error. Fatal error: Call to a member function equals() on a non-object in /www/openpgp-php-master/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php on line 2091. Any idea? – Manu Sep 01 '16 at 05:12
1

you can download "phpseclib" lib from composer in your vendor folder. – Abid Hussain Feb 03 '17 at 05:11
How do you use this library if you download it using composer require singpolyma/openpgp-php ? – Hamfri Nov 11 '20 at 20:13
This is such a bad library. Almost none of the source code is properly documented and you have to work everything out for yourself, or rely on couple of similarly useless undocumented examples and hope you don't run into any problems. Also it's unnecessarily overcomplicated. – matronator Oct 08 '21 at 19:59

score 7 · Answer 2 · edited Mar 26 '21 at 13:15

They are very good examples based on PHP extension port has you have requested and we would take a look at some examples

Using GnuPG with PHP -- Full Tutorials

Example

Getting Key Information

putenv('GNUPGHOME=/home/sender/.gnupg');

// create new GnuPG object
$gpg = new gnupg();

// throw exception if error occurs
$gpg->seterrormode(gnupg::ERROR_EXCEPTION); 

// get list of keys containing string 'example'
try {
  $keys = $gpg->keyinfo('example');
  print_r($info);
} catch (Exception $e) {
  echo 'ERROR: ' . $e->getMessage();
}

Encrypt a Simple Mail

// set path to keyring directory
// set path to keyring directory
putenv('GNUPGHOME=/home/sender/.gnupg');

// create new GnuPG object
$gpg = new gnupg();

// throw exception if error occurs
$gpg->seterrormode(gnupg::ERROR_EXCEPTION); 

// recipient's email address
$recipient = 'dgar@example.org';

// plaintext message
$plaintext = 
"Dear Dave,\n
  The answer is 42.\n
John";

// find key matching email address
// encrypt plaintext message
// display and also write to file
try {
  $gpg->addencryptkey($recipient);
  $ciphertext = $gpg->encrypt($plaintext);
  echo '<pre>' . $ciphertext . '</pre>';
  file_put_contents('/tmp/ciphertext.gpg', $ciphertext);
} catch (Exception $e) {
  die('ERROR: ' . $e->getMessage());
}

Decryption The Mail

// set path to keyring directory
putenv('GNUPGHOME=/home/recipient/.gnupg');

// create new GnuPG object
$gpg = new gnupg();

// throw exception if error occurs
$gpg->seterrormode(gnupg::ERROR_EXCEPTION); 

// recipient's email address
$recipient = 'dgar@example.org';

// ciphertext message
$ciphertext = file_get_contents('/tmp/ciphertext.gpg');

// register secret key by providing passphrase
// decrypt ciphertext with secret key
// display plaintext message
try {
  $gpg->adddecryptkey($recipient, 'guessme');
  $plaintext = $gpg->decrypt($ciphertext);
  echo '<pre>' . $plaintext . '</pre>';
} catch (Exception $e) {
  die('ERROR: ' . $e->getMessage());
}

You should also look at the Example

How do you use the PHP OpenPGP library?

2 Answers2

Example

Getting Key Information

Encrypt a Simple Mail

Decryption The Mail

Linked