Unravelling gnupg_keyinfo()'s output
I am trying to write server and client PHP-CLI scripts with gpg-encrypted data using PHP's gnupg_* extensions on Ubuntu-18.04 and PHP-7.2.
After sending the welcome message, the server sends its public key, and sets up its private key as the decrypt key, while the client sets up the public key as the encrypt key.
This involves using gnupg_keyinfo() and extracting the fingerprint from the complex array of info.
The format of the info is unclear (to me at least!).
The server script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = gnupg_init();
$info = gnupg_keyinfo($gpg, "username");
$gpg_fingerprint = $info[0][0]["subkeys"]["fingerprint"];
$reply = gnupg_adddecryptkey(gpg, $gpg_fingerprint, $gpg_passphrase);
and the client script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = $gnupg_init();
$info = gnupg_keyinfo($gpg, $public_key);
$gpg_fingerprint = $info[0]["fingerprint"];
$reply = gnupg_addencryptkey($gpg, $gpg_fingerprint);
Obviously both the "$gpg_fingerprint = " lines are wrong, but what should they be?
If the fingerprint is the only thing that uniquely identifies the key, why isn't it easier to access?
Or is there an easier way to do this?
server encryption php7
add a comment |
I am trying to write server and client PHP-CLI scripts with gpg-encrypted data using PHP's gnupg_* extensions on Ubuntu-18.04 and PHP-7.2.
After sending the welcome message, the server sends its public key, and sets up its private key as the decrypt key, while the client sets up the public key as the encrypt key.
This involves using gnupg_keyinfo() and extracting the fingerprint from the complex array of info.
The format of the info is unclear (to me at least!).
The server script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = gnupg_init();
$info = gnupg_keyinfo($gpg, "username");
$gpg_fingerprint = $info[0][0]["subkeys"]["fingerprint"];
$reply = gnupg_adddecryptkey(gpg, $gpg_fingerprint, $gpg_passphrase);
and the client script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = $gnupg_init();
$info = gnupg_keyinfo($gpg, $public_key);
$gpg_fingerprint = $info[0]["fingerprint"];
$reply = gnupg_addencryptkey($gpg, $gpg_fingerprint);
Obviously both the "$gpg_fingerprint = " lines are wrong, but what should they be?
If the fingerprint is the only thing that uniquely identifies the key, why isn't it easier to access?
Or is there an easier way to do this?
server encryption php7
add a comment |
I am trying to write server and client PHP-CLI scripts with gpg-encrypted data using PHP's gnupg_* extensions on Ubuntu-18.04 and PHP-7.2.
After sending the welcome message, the server sends its public key, and sets up its private key as the decrypt key, while the client sets up the public key as the encrypt key.
This involves using gnupg_keyinfo() and extracting the fingerprint from the complex array of info.
The format of the info is unclear (to me at least!).
The server script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = gnupg_init();
$info = gnupg_keyinfo($gpg, "username");
$gpg_fingerprint = $info[0][0]["subkeys"]["fingerprint"];
$reply = gnupg_adddecryptkey(gpg, $gpg_fingerprint, $gpg_passphrase);
and the client script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = $gnupg_init();
$info = gnupg_keyinfo($gpg, $public_key);
$gpg_fingerprint = $info[0]["fingerprint"];
$reply = gnupg_addencryptkey($gpg, $gpg_fingerprint);
Obviously both the "$gpg_fingerprint = " lines are wrong, but what should they be?
If the fingerprint is the only thing that uniquely identifies the key, why isn't it easier to access?
Or is there an easier way to do this?
server encryption php7
I am trying to write server and client PHP-CLI scripts with gpg-encrypted data using PHP's gnupg_* extensions on Ubuntu-18.04 and PHP-7.2.
After sending the welcome message, the server sends its public key, and sets up its private key as the decrypt key, while the client sets up the public key as the encrypt key.
This involves using gnupg_keyinfo() and extracting the fingerprint from the complex array of info.
The format of the info is unclear (to me at least!).
The server script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = gnupg_init();
$info = gnupg_keyinfo($gpg, "username");
$gpg_fingerprint = $info[0][0]["subkeys"]["fingerprint"];
$reply = gnupg_adddecryptkey(gpg, $gpg_fingerprint, $gpg_passphrase);
and the client script has:
putenv('GNUPGHOME=/home/****/.gnupg');
$gpg = $gnupg_init();
$info = gnupg_keyinfo($gpg, $public_key);
$gpg_fingerprint = $info[0]["fingerprint"];
$reply = gnupg_addencryptkey($gpg, $gpg_fingerprint);
Obviously both the "$gpg_fingerprint = " lines are wrong, but what should they be?
If the fingerprint is the only thing that uniquely identifies the key, why isn't it easier to access?
Or is there an easier way to do this?
server encryption php7
server encryption php7
asked Jan 19 at 4:08
Dave KimbleDave Kimble
69118
69118
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I have found a script which gets fingerprint:
$gpg = gnupg_init();
$infos = gnupg_keyinfo($gpg, $email);
$countkeys = count($infos);
if($countkeys == 0) { print "No keys match $emailn"; exit; }
// choose which key if more than 1
$keychoice = 0;
if($countkeys > 1)
{ print "$email matches $countkeys keysn";
for($i=0; $i<$countkeys; $i++)
{ $name = $infos[$i]['uids'][0]['name'];
$comment = $infos[$i]['uids'][0]['comment'];
$timestamp = $infos[$i]['subkeys'][0]['timestamp'];
$fingerprint = $infos[$i]['subkeys'][0]['fingerprint'];
print "$i: $name, $comment, $timestamp, $fingerprint)."n";
}
loop2:
print "n?: ";
$keychoice = trim(fgets(STDIN));
if(($keychoice < 0) || ($keychoice >= $countkeys)) { print "invalid choicen"; goto loop2; }
}
// get fingerprint
$fingerprint = $infos[$keychoice]['subkeys'][0]['fingerprint'];
print "Fingerprint: $fingerprintn";
Since fingerprint is required for gnupg_addencryptkey() it would seem to be a gnupg design problem that it is buried away in 4-dimensional array.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111041%2funravelling-gnupg-keyinfos-output%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I have found a script which gets fingerprint:
$gpg = gnupg_init();
$infos = gnupg_keyinfo($gpg, $email);
$countkeys = count($infos);
if($countkeys == 0) { print "No keys match $emailn"; exit; }
// choose which key if more than 1
$keychoice = 0;
if($countkeys > 1)
{ print "$email matches $countkeys keysn";
for($i=0; $i<$countkeys; $i++)
{ $name = $infos[$i]['uids'][0]['name'];
$comment = $infos[$i]['uids'][0]['comment'];
$timestamp = $infos[$i]['subkeys'][0]['timestamp'];
$fingerprint = $infos[$i]['subkeys'][0]['fingerprint'];
print "$i: $name, $comment, $timestamp, $fingerprint)."n";
}
loop2:
print "n?: ";
$keychoice = trim(fgets(STDIN));
if(($keychoice < 0) || ($keychoice >= $countkeys)) { print "invalid choicen"; goto loop2; }
}
// get fingerprint
$fingerprint = $infos[$keychoice]['subkeys'][0]['fingerprint'];
print "Fingerprint: $fingerprintn";
Since fingerprint is required for gnupg_addencryptkey() it would seem to be a gnupg design problem that it is buried away in 4-dimensional array.
add a comment |
I have found a script which gets fingerprint:
$gpg = gnupg_init();
$infos = gnupg_keyinfo($gpg, $email);
$countkeys = count($infos);
if($countkeys == 0) { print "No keys match $emailn"; exit; }
// choose which key if more than 1
$keychoice = 0;
if($countkeys > 1)
{ print "$email matches $countkeys keysn";
for($i=0; $i<$countkeys; $i++)
{ $name = $infos[$i]['uids'][0]['name'];
$comment = $infos[$i]['uids'][0]['comment'];
$timestamp = $infos[$i]['subkeys'][0]['timestamp'];
$fingerprint = $infos[$i]['subkeys'][0]['fingerprint'];
print "$i: $name, $comment, $timestamp, $fingerprint)."n";
}
loop2:
print "n?: ";
$keychoice = trim(fgets(STDIN));
if(($keychoice < 0) || ($keychoice >= $countkeys)) { print "invalid choicen"; goto loop2; }
}
// get fingerprint
$fingerprint = $infos[$keychoice]['subkeys'][0]['fingerprint'];
print "Fingerprint: $fingerprintn";
Since fingerprint is required for gnupg_addencryptkey() it would seem to be a gnupg design problem that it is buried away in 4-dimensional array.
add a comment |
I have found a script which gets fingerprint:
$gpg = gnupg_init();
$infos = gnupg_keyinfo($gpg, $email);
$countkeys = count($infos);
if($countkeys == 0) { print "No keys match $emailn"; exit; }
// choose which key if more than 1
$keychoice = 0;
if($countkeys > 1)
{ print "$email matches $countkeys keysn";
for($i=0; $i<$countkeys; $i++)
{ $name = $infos[$i]['uids'][0]['name'];
$comment = $infos[$i]['uids'][0]['comment'];
$timestamp = $infos[$i]['subkeys'][0]['timestamp'];
$fingerprint = $infos[$i]['subkeys'][0]['fingerprint'];
print "$i: $name, $comment, $timestamp, $fingerprint)."n";
}
loop2:
print "n?: ";
$keychoice = trim(fgets(STDIN));
if(($keychoice < 0) || ($keychoice >= $countkeys)) { print "invalid choicen"; goto loop2; }
}
// get fingerprint
$fingerprint = $infos[$keychoice]['subkeys'][0]['fingerprint'];
print "Fingerprint: $fingerprintn";
Since fingerprint is required for gnupg_addencryptkey() it would seem to be a gnupg design problem that it is buried away in 4-dimensional array.
I have found a script which gets fingerprint:
$gpg = gnupg_init();
$infos = gnupg_keyinfo($gpg, $email);
$countkeys = count($infos);
if($countkeys == 0) { print "No keys match $emailn"; exit; }
// choose which key if more than 1
$keychoice = 0;
if($countkeys > 1)
{ print "$email matches $countkeys keysn";
for($i=0; $i<$countkeys; $i++)
{ $name = $infos[$i]['uids'][0]['name'];
$comment = $infos[$i]['uids'][0]['comment'];
$timestamp = $infos[$i]['subkeys'][0]['timestamp'];
$fingerprint = $infos[$i]['subkeys'][0]['fingerprint'];
print "$i: $name, $comment, $timestamp, $fingerprint)."n";
}
loop2:
print "n?: ";
$keychoice = trim(fgets(STDIN));
if(($keychoice < 0) || ($keychoice >= $countkeys)) { print "invalid choicen"; goto loop2; }
}
// get fingerprint
$fingerprint = $infos[$keychoice]['subkeys'][0]['fingerprint'];
print "Fingerprint: $fingerprintn";
Since fingerprint is required for gnupg_addencryptkey() it would seem to be a gnupg design problem that it is buried away in 4-dimensional array.
answered yesterday
Dave KimbleDave Kimble
69118
69118
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111041%2funravelling-gnupg-keyinfos-output%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown