NYCPHP Meetup

NYPHP.org

[nycphp-talk] cookbook: gpg

David Sklar sklar at sklar.com
Mon Aug 11 15:01:52 EDT 2003


>> $encrypted = shell_exec( "echo 'secret stuff'|/usr/bin/gpg
>> --no-secmem-warning --homedir /my/.gnupg -ear
>> recipient at example.com");
>>
>> from the command line or as a wrapped script, it does not require a
>> passphrase in order to encrypt. Since gpg needs the user's secret
>> key in order to encrypt and sign, a copy of that secret key has to
>> live on the server -- is there any way around that?
>
> I think you're on the right track.  Encrypting data for a designated
> user doesn't require a password.  Here's something I in a PHP shell
> script on my office computer to encrypt backups:
>
>    exec('c:/progra~1/gnupg/gpg.exe -e -r usr at addr.com file.');
>
> Such procedures use the public key ring, right?

To encrypt only, yes, you just need the public key of the recipient. To
encrypt and sign, you need the private key of the signer as well.

So if you're just encrypting the credit card data with a public key and
storing it in a place where the corresponding private key isn't, then you
should be protected against someone retrieving the encrypted data and then
decrypting it.

You aren't protected against someone injecting false data that's correctly
encrypted into the system (via a hole in your app). This may not be such a
big concern.

David




More information about the talk mailing list