Decrypting files using GnuPG (GPG) via PHP

By: Darrell Brogdon Printer Friendly Format

Decrypting an encrypted file with PHP and GnuPG can be a bit more complex than encrypting, since you are required to provide a GnuPG passphrase. The solution to having to type the passphrase every time the script is run lies in a handy little gpg switch called --passphrase-fd. This switch tells GnuPG to accept the passphrase from a file descriptor, which means that you can echo the passphrase and pipe the output to gpg, as seen in the following example.

<?php 

    $gpg = '/usr/bin/gpg'; 

    $passphrase = 'My secret pass phrase.'; 

    $encrypted_file = 'foo.gpg'; 

    $unencrypted_file = 'foo.txt'; 



    echo shell_exec("echo $passphrase | $gpg --passphrase-fd 0 -o $unencrypted_file -d $encrypted_file"); 

?>

This script tells gpg to accept the passphrase from STDIN (indicated by the 0 following the switch) and decrypt the information into a file named "foo.txt".

As with encrypting information, you can leave off the -oswitch to gpg and let the decrypted data be captured inside a variable.

It should be noted that the -o switch should always come before the -d switch.

Most Viewed Articles (in PHP )

History and origin of PHP

public, protected, and private Properties in PHP

public, protected, and private Methods in PHP

Opening a Remote File in PHP

Reading word by word from a file in PHP

Upload and Download files with FTP in PHP

Warning: session_start(): open .... failed - PHP error

The Object (compound) Type in PHP

Getting Started with PHP

.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Different versions of PHP - History and evolution of PHP