Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Encrypt files using PGP in PHP?

I want to use PGP encryption to encrypt a CSV files, I am generating through a PHP script and then send that file to client via email. Client will give me the encryption key, which I need to use for encryption files.

I Googled about PGP and found it is Pretty Good Privacy, also I found OpenPGP http://www.openpgp.org/ and GnuPG http://www.gnupg.org/ What are these two types of PGP? and which one should I use?

Also how to encrypt a files using PGP in PHP with the key that my client will provide?

I have heard this term first time, can anyone please help in understanding this and implementing this in PHP.

like image 233
djmzfKnm Avatar asked Apr 12 '13 11:04

djmzfKnm


People also ask

Can PHP be used to encrypt data?

PHP encryption is important to the privacy and safety of your data. In practical terms, PHP encryption uses algorithms (sometimes called hashing algorithms) to translate the “clear” data into encrypted text that requires very specific decryption processes to “decode” the data back to the clean version.


1 Answers

Question 1: About PGP

  • PGP (Pretty Good Privacy) is a product and trademark of Symantec Corporation (they bought it some years ago).
  • OpenPGP is the standard used by PGP.
  • GnuPG (Gnu Privacy Guard) is a free and open source implementation of PGP.

So what you want to do is encrypt to an OpenPGP key. Which implementation of OpenPGP your client uses to decrypt the data is not important for you. With PHP, commonly GnuPG is used and there are interfaces built-in.

Question 2: Using GnuPG in PHP

Use the GnuPG interface, which is an extension that can be installed for PHP.

At first, import the key, where $keydata is the ASCII armored public key:

<?php $gpg = new gnupg(); $info = $gpg -> import($keydata); print_r($info); ?> 

Then use this key to encrypt the data, this time using the client's key's fingerprint:

<?php   $gpg = new gnupg();   $gpg -> addencryptkey("8660281B6051D071D94B5B230549F9DC851566DC");   $enc = $gpg -> encrypt("just a test");   echo $enc; ?> 

If you want to encrypt files, read and pass them to encrypt(). Be sure to use at least long key IDs (eg. DEADBEEFDEADBEEF), better fingerprints (as in the example) when referencing keys; and never use short key IDs (DEADBEEF), as those are vulnerable to collision attacks.


The is a more comprehensive example for doing both added by a user in the PHP manual.

like image 179
Jens Erat Avatar answered Oct 15 '22 20:10

Jens Erat